On Tue, Jan 19, 2010 at 05:28:01PM -0600, Mike Gerdts wrote: > I'm trying to untangle how credentials are mapped when NFSv4 is used, > but things aren't making sense. I think that this is because kinit(1) > doesn't purge old entries from the RPC GSS cache.
That's right. kdestroy does, and kinit does not purge the kernel RPCSEC_GSS security context cache. Therefore you need to kdestroy before kinit'ing as a different user. Yes, I too would call that a bug. > Does kinit.c need a call to krpc_sys(KRPC_REVAUTH, ...) like > kdestroy.c has? I'd say so. Nico --
