gssd - generates and validates GSS-API tokens for kernel RPC
/usr/lib/gss/gssd
gssd is the user mode daemon that operates between the kernel RPC and the Generic Security Service Application Program Interface (GSS-API) to generate and validate GSS-API security tokens. In addition, gssd maps the GSS-API principal names to the local user and group ids. By default, all groups that the requested user belongs to will be included in the grouplist credential.
The SMF service svc:/network/rcp/gss:default is enabled by default.
List of additional credential cache patterns to search. See the PARAMETER EXPANSION section of krb5.conf(5).
The following exit values are returned:
Successful completion.
An error occurred.
See attributes(7) for descriptions of the following attributes:
|
kill(1), pkill(1), svcs(1), gsscred.conf(5), resolv.conf(5), attributes(7), smf(7), gsscred(8), svcadm(8)
RFC 2078
When it receives a SIGHUP signal, gssd rereads the gsscred.conf(5) options.
When one of the mechanisms being used is Kerberos, then the gssd process must be restarted after adding or changing the resolv.conf(5) file.
The gssd service is managed by the service management facility, smf(7), under the service identifier: svc:/network/rpc/gss:default
Administrative actions on this service, such as enabling, disabling, or requesting restart, can be performed using svcadm(8). The service's status can be queried using the svcs(1) command.