Fredrik, I'm working on this in conjunction with Linux nfs-utils changes. As it turns out, actually storing the ccache in the kernel keyring is not *the* answer for NFS. It is helpful when process- or thread-level credentials are needed for NFS access.
The essential thing the keyring will hold is a pointer to *the* credentials to be used when creating the gss context. The actual creds, for Kerberos, may live in a FILE: or KEYRING: credentials cache. I'm working now on library routines to set/get the credentials to be used. The keyring ccache code is basically complete, with a few details to work out. Contact me off-list (or on the linux-nfs list) for more details. K.C. On 5/1/06, Fredrik Tolf <[EMAIL PROTECTED]> wrote: > Hi list! > > I've been googling around a bit on this subject, not being able to find > anything weighty. Are there current plans on implementing a ccache > utilizing the key retention feature of the Linux kernel? Such a thing > would really help, particularly for NFS with Kerberos RPCSEC. > > If there is such work going on, can anyone give a pointer to any > information on it? If not, I should give it a try myself. > > Fredrik Tolf > > > ________________________________________________ > Kerberos mailing list [email protected] > https://mailman.mit.edu/mailman/listinfo/kerberos ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
