Go to main content

man pages section 8: System Administration Commands

Exit Print View

Updated: Wednesday, July 27, 2022
 
 

gssd(8)

Name

gssd - generates and validates GSS-API tokens for kernel RPC

Synopsis

/usr/lib/gss/gssd

Description

gssd is the user mode daemon that operates between the kernel RPC and the Generic Security Service Application Program Interface (GSS-API) to generate and validate GSS-API security tokens. In addition, gssd maps the GSS-API principal names to the local user and group ids. By default, all groups that the requested user belongs to will be included in the grouplist credential.

The SMF service svc:/network/rcp/gss:default is enabled by default.

SMF Properties

config/ccache_patterns

List of additional credential cache patterns to search. See the PARAMETER EXPANSION section of krb5.conf(5).

Exit Status

The following exit values are returned:

0

Successful completion.

> 0

An error occurred.

Attributes

See attributes(7) for descriptions of the following attributes:

ATTRIBUTE TYPE
ATTRIBUTE VALUE
Availability
system/library/security/gss
Interface Stability
Committed

See Also

kill(1), pkill(1), svcs(1), gsscred.conf(5), resolv.conf(5), attributes(7), smf(7), gsscred(8), svcadm(8)

RFC 2078

Notes

When it receives a SIGHUP signal, gssd rereads the gsscred.conf(5) options.

When one of the mechanisms being used is Kerberos, then the gssd process must be restarted after adding or changing the resolv.conf(5) file.

The gssd service is managed by the service management facility, smf(7), under the service identifier: svc:/network/rpc/gss:default

Administrative actions on this service, such as enabling, disabling, or requesting restart, can be performed using svcadm(8). The service's status can be queried using the svcs(1) command.