request-key vs pipefs
Kevin Coffman
kwc at citi.umich.edu
Fri Jan 18 09:41:54 EST 2008
On Jan 18, 2008 8:26 AM, Benjamin Coddington
<Benjamin.Coddington at uvm.edu> wrote:
> Trond Myklebust wrote:
> > So how does it access that tgt? As far as I understand, the
> > 'authorisation key' which permits it to access the keyring is destroyed
> > upon the call to 'complete_request_key()'. There is no provision for
> > allowing "gss-util" access to the key which holds the tgt information
> > without an authorisation key.
> >
> > Trond
>
> Why can't the tgt information be included with the context while
> "gss-util" still holds the authorization key? Both the context and tgt
> info are returned..
I would assume there is a good chance that if the context has expired,
it is because the service ticket expired. The service ticket is
usually (not always) limited to the TGT's lifetime. So if we need a
new context, we'll probably need a new or refreshed TGT.
K.C.
More information about the NFSv4
mailing list