cifs.upcall \- Userspace upcall helper for Common Internet File System (CIFS)
.SH "SYNOPSIS"
.HP \w'\ 'u
-cifs\&.upcall [\-\-trust\-dns|\-t] [\-\-version|\-v] [\-\-legacy\-uid|\-l] [--krb5conf=/path/to/krb5.conf|-k /path/to/...] {keyid}
+cifs\&.upcall [\-\-trust\-dns|\-t] [\-\-version|\-v] [\-\-legacy\-uid|\-l] [--krb5conf=/path/to/krb5.conf|-k /path/to/krb5.conf] [--keytab=/path/to/keytab|-K /path/to/keytab] {keyid}
.SH "DESCRIPTION"
.PP
This tool is part of the cifs-utils suite\&.
krb5.conf file that cifs.upcall will use.
.RE
.PP
+\--keytab=/path/to/keytab|-K /path/to/keytab
+.RS 4
+This option allows administrators to specify a keytab file to be used. When a user has no credential cache already established, cifs.upcall will attempt to use this keytab to acquire them. The default is the system-wide keytab /etc/krb5.keytab.
+.RE
+.PP
\-\-trust\-dns|\-t
.RS 4
With krb5 upcalls, the name used as the host portion of the service principal defaults to the hostname portion of the UNC\&. This option allows the upcall program to reverse resolve the network address of the server in order to get the hostname\&.
static void usage(void)
{
- fprintf(stderr, "Usage: %s [-k /path/to/krb5.conf] [-t] [-v] [-l] key_serial\n", prog);
+ fprintf(stderr, "Usage: %s [ -K /path/to/keytab] [-k /path/to/krb5.conf] [-t] [-v] [-l] key_serial\n", prog);
}
const struct option long_options[] = {
{"krb5conf", 1, NULL, 'k'},
{"legacy-uid", 0, NULL, 'l'},
{"trust-dns", 0, NULL, 't'},
+ {"keytab", 1, NULL, 'K'},
{"version", 0, NULL, 'v'},
{NULL, 0, NULL, 0}
};
openlog(prog, 0, LOG_DAEMON);
- while ((c = getopt_long(argc, argv, "ck:ltv", long_options, NULL)) != -1) {
+ while ((c = getopt_long(argc, argv, "ck:K:ltv", long_options, NULL)) != -1) {
switch (c) {
case 'c':
/* legacy option -- skip it */
goto out;
}
break;
+ case 'K':
+ keytab_name = optarg;
+ break;
case 'l':
legacy_uid++;
break;
git.samba.org / cifs-utils.git / commitdiff