Comment # 5 on bug 956558 from boo35 boo35

(In reply to Neil Brown from comment #4)
> 1/ rpc-svcgssd.service shouldn't try do start unless you have the file
>    /etc/krb5.keytab.
>    This is due to the line "ConditionPathExists=/etc/krb5.keytab" in 
>      /usr/lib/systemd/system/rpc-svcgssd.service
>    Do you have the file?

Yes

> Do you want to have it?

Yes, as I have other occassional, non-RPC-related uses for kerberos.

> Can you remove it?

In theory, certainly; in practice, however ...

> What then happens?

... Breaks other kerberos usage

We already have config options

 grep -i gss /etc/sysconfig/nfs | grep -v ^#
  NFS_SECURITY_GSS="no"
  SVCGSSD_OPTIONS=""
  GSSD_OPTIONS=""
  NFS_GSSD_AVOID_DNS="no"

if NFS_SECURITY_GSS == no, that should be the sufficient source to disable.

Why is 

  ConditionPathExists=/etc/krb5.keytab

uses in lieu of that config option to make that decision?