From owner-freebsd-fs@freebsd.org  Sun Jan  7 06:28:12 2018
Return-Path: <owner-freebsd-fs@freebsd.org>
Delivered-To: freebsd-fs@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id B784EE6CF1B
 for <freebsd-fs@mailman.ysv.freebsd.org>; Sun,  7 Jan 2018 06:28:12 +0000 (UTC)
 (envelope-from wollman@hergotha.csail.mit.edu)
Received: from hergotha.csail.mit.edu
 (wollman-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:ccb::2])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 7CB78793A2
 for <freebsd-fs@freebsd.org>; Sun,  7 Jan 2018 06:28:12 +0000 (UTC)
 (envelope-from wollman@hergotha.csail.mit.edu)
Received: from hergotha.csail.mit.edu (localhost [127.0.0.1])
 by hergotha.csail.mit.edu (8.15.2/8.15.2) with ESMTP id w076SACn049021
 for <freebsd-fs@freebsd.org>; Sun, 7 Jan 2018 01:28:10 -0500 (EST)
 (envelope-from wollman@hergotha.csail.mit.edu)
Received: (from wollman@localhost)
 by hergotha.csail.mit.edu (8.15.2/8.14.4/Submit) id w076SAW0049020;
 Sun, 7 Jan 2018 01:28:10 -0500 (EST) (envelope-from wollman)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <23121.48634.348216.421634@hergotha.csail.mit.edu>
Date: Sun, 7 Jan 2018 01:28:10 -0500
From: Garrett Wollman <wollman@bimajority.org>
To: freebsd-fs@freebsd.org
Subject: Anyone managed to build a static gssd?
X-Mailer: VM 8.2.0b under 25.3.1 (amd64-portbld-freebsd10.3)
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.6.2
 (hergotha.csail.mit.edu [127.0.0.1]); Sun, 07 Jan 2018 01:28:10 -0500 (EST)
X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED,
 HEADER_FROM_DIFFERENT_DOMAINS autolearn=disabled version=3.4.1
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on
 hergotha.csail.mit.edu
X-BeenThere: freebsd-fs@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: Filesystems <freebsd-fs.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-fs>,
 <mailto:freebsd-fs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-fs/>
List-Post: <mailto:freebsd-fs@freebsd.org>
List-Help: <mailto:freebsd-fs-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-fs>,
 <mailto:freebsd-fs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Jan 2018 06:28:12 -0000

I'm interesting in experimenting with GSSAPI security for NFS mounts,
but we run MIT Kerberos, not Heimdal.  AIUI, the kernel code has to
have the same data structures as the userland code in gssd, which
implies that gssd has to be built against Heimdal libraries, not MIT.
Has anyone managed to build a gssd executable that is linked
statically against all the Heimdal libraries?  I attempted to do this
(in a chroot initialized with stock 11.1) but ended up with something
that still tries to dlopen libgssapi.so.10, which obviously isn't
going to work.

-GAWollman