How to Create a Credential Table
The gsscred credential table is used by an NFS server to map SEAM principals to a UID. In order for NFS clients to be able to mount file systems from an NFS server using Kerberos authentication, this table must be created or made available.
-
Become superuser on the appropriate server.
Which server you run this command from and under what ID you run the command depends on the back-end mechanism that has been selected to support the gsscred table. For all mechanisms except xfn_nisplus, you must become root.
If Your Back-end Mechanism Is ...
Then ....
files
Run on the NFS server.
xfn
Select host based on the default xfn file setting.
xfn_files
Run on the NFS server.
xfn_nis
Run on the NIS master.
xfn_nisplus
Run anywhere as long as the permissions to change the NIS+ data are in place.
-
(Optional) If /var/fn does not exist and you want to use one of the xfn options, create an initial XFN database.
# fnselect files # fncreate -t org -o org//
-
Create the credential table using gsscred.
The command gathers information from all of the sources listed with the passwd entry in /etc/nsswitch.conf. You might need to temporarily remove the files entry, if you do not want the local password entries included in the credential table. See the gsscred(1M) man page for more information.
# gsscred -m kerberos_v5 -a
- © 2010, Oracle Corporation and/or its affiliates