What | Removed | Added |
---|---|---|
Flags | needinfo?(neilb@suse.com) |
(In reply to Neil Brown from comment #4) > 1/ rpc-svcgssd.service shouldn't try do start unless you have the file > /etc/krb5.keytab. > This is due to the line "ConditionPathExists=/etc/krb5.keytab" in > /usr/lib/systemd/system/rpc-svcgssd.service > Do you have the file? Yes > Do you want to have it? Yes, as I have other occassional, non-RPC-related uses for kerberos. > Can you remove it? In theory, certainly; in practice, however ... > What then happens? ... Breaks other kerberos usage We already have config options grep -i gss /etc/sysconfig/nfs | grep -v ^# NFS_SECURITY_GSS="no" SVCGSSD_OPTIONS="" GSSD_OPTIONS="" NFS_GSSD_AVOID_DNS="no" if NFS_SECURITY_GSS == no, that should be the sufficient source to disable. Why is ConditionPathExists=/etc/krb5.keytab uses in lieu of that config option to make that decision?