From owner-svn-src-head@FreeBSD.ORG Tue Jul 9 01:41:22 2013 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 25C03C4F; Tue, 9 Jul 2013 01:41:22 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) by mx1.freebsd.org (Postfix) with ESMTP id 167A81BA4; Tue, 9 Jul 2013 01:41:22 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id r691fLbX092827; Tue, 9 Jul 2013 01:41:21 GMT (envelope-from rmacklem@svn.freebsd.org) Received: (from rmacklem@localhost) by svn.freebsd.org (8.14.7/8.14.5/Submit) id r691VaIA090189; Tue, 9 Jul 2013 01:31:36 GMT (envelope-from rmacklem@svn.freebsd.org) Message-Id: <201307090131.r691VaIA090189@svn.freebsd.org> From: Rick Macklem Date: Tue, 9 Jul 2013 01:31:36 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r253051 - head/sbin/mount_nfs X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Jul 2013 01:41:22 -0000 Author: rmacklem Date: Tue Jul 9 01:31:36 2013 New Revision: 253051 URL: http://svnweb.freebsd.org/changeset/base/253051 Log: Document the "gssname" and "allgssname" mount options added by the host-based initiator credential patches. This is a content change. Modified: head/sbin/mount_nfs/mount_nfs.8 Modified: head/sbin/mount_nfs/mount_nfs.8 ============================================================================== --- head/sbin/mount_nfs/mount_nfs.8 Tue Jul 9 01:31:04 2013 (r253050) +++ head/sbin/mount_nfs/mount_nfs.8 Tue Jul 9 01:31:36 2013 (r253051) @@ -28,7 +28,7 @@ .\" @(#)mount_nfs.8 8.3 (Berkeley) 3/29/95 .\" $FreeBSD$ .\" -.Dd December 9, 2012 +.Dd July 8, 2013 .Dt MOUNT_NFS 8 .Os .Sh NAME @@ -118,6 +118,13 @@ for regular files, and 30 -> 60 seconds The algorithm to calculate the timeout is based on the age of the file. The older the file, the longer the cache is considered valid, subject to the limits above. +.It Cm allgssname +This option can be used along with +.Fl o Cm gssname +to specify that all operations should use the host-based initiator +credential. +This may be used for clients that run system daemons that need to +access files on the NFSv4 mounted volume. .It Cm bg If an initial attempt to contact the server fails, fork off a child to keep trying the mount in the background. @@ -138,6 +145,23 @@ short. .It Cm fg Same as not specifying .Cm bg . +.It Cm gssname Ns = Ns Aq Ar service-principal-name +This option can be used with the KerberosV security flavors for NFSv4 mounts +to specify the +.Dq "service-principal-name" +of a host-based entry in the default +keytab file that is used for system operations. +It allows the mount to be performed by +.Dq "root" +and avoids problems with +cached credentials for the system operations expiring. +The +.Dq "service-prinicpal-name" +should be specified without instance or domain and is typically +.Dq "host" , +.Dq "nfs" +or +.Dq "root" . .It Cm hard Same as not specifying .Cm soft .