GSS Masquerade

[Benjamin Coddington]

What follows is a simple implementation of uid masquerading to allow a 
user to acquire and use gss credentials on behalf of another user.

This is useful for hosting environments (kerberos/ldap) allowing apache 
to acquire kerberos tickets and then access NFS mounts as the 
authenticated user.

I'm posting this here (as opposed to nfs at vger.kernel.org) because I 
don't expect this to be included in the kernel, and I know that some 
folks here are looking for a similar simple solution.

There are changes to auth_gss:  An "nfsid" keytype is created to pass 
the desired uid to auth_gss -- using the simple key->payload.value.  A 
sysctl interface is created to control which users are allowed to 
masquerade as another user.

There is a change to gssd_proc to retry context creation as a 
masquerading user(s) if a first attempt fails.  This is necessary to 
overcome ccache file permissions.

Included is an example implementation with mod_auth_kerb.  Ccache naming 
and key instantiation must be done before accessing the filesystem, and 
afterwards the nfsid key must be removed to protect against re-use.

~B

-- 
Benjamin Coddington
Systems Architecture and Administration
Enterprise Technology Services
University of Vermont