X-Eoptenantattributedmessage: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b:0
Thread-Topic: ccselect_k5identity needs a global config file
X-Auto-Response-Suppress: DR, OOF, AutoReply
Precedence: list
Message-ID: <B26B6D6E-6C3A-4D10-A8E4-078FA35C5212@rutgers.edu>
X-Originating-Ip: [2620:0:d60:ac1a:343b:7db4:5b5d:fc60]
X-Beenthere: krb5-bugs-incoming@mailman.mit.edu
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(5600148)(710020)(711020)(4605104)(8001031)(1416053)(1124261)(71702078)(7193020); SRVR:SN6PR0102MB3424; 
Thread-Index: AQHVQlDtiaSu7bMa80SH6bLywA1EAA==
X-Forefront-Antispam-Report: CIP:40.107.70.109; IPV:NLI; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10019020)(4636009)(136003)(396003)(42606007)(376002)(39860400002)(346002)(2980300002)(189003)(199004)(8156004)(4744005)(6862004)(6486002)(7736002)(7636002)(305945005)(6436002)(786003)(316002)(8676002)(16003)(6512007)(6116002)(246002)(5640700003)(5660300002)(70586007)(68406010)(86362001)(2171002)(99286004)(47776003)(498600001)(26005)(102836004)(88552002)(336012)(50466002)(23676004)(6506007)(356004)(126002)(476003)(2501003)(63350400001)(436003)(2486003)(63370400001)(2616005)(486006)(25786009)(14454004)(2906002)(2351001)(36756003)(75432002)(33656002)(14444005); DIR:OUT; SFP:1102; SCL:1; SRVR:SN6PR0102MB3424; H:NAM04-SN1-obe.outbound.protection.outlook.com; FPR:; SPF:TempError; LANG:en; PTR:mail-eopbgr700109.outbound.protection.outlook.com; MX:1; A:1;
Arc-Seal: i=3; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=pass; b=KeFbIe5bIoqLuKIA7u3vgJ8W6ofJuvGQbUeIzxS6bQgG/+aHC8XGDGioH4FlgynJg0LMPA/aqflZcFCXQ9bxMO6AdylOWtskoUtYXEPL66nAUr6mllZ40C/ZUsHOn/n8j1hOL4PcgfuXVSaZupEKPExBzjVgcRWKlNqjZfpbk8Md4q25+ag+kGxNGFTNfCR0XB5iW/a2+BikNPzYQGHCIb57CdhOTGJlGfykMZFiyOehgqCAlnan3LO0RwFtdKzqpz3Q1llziwZidkS5+OuzH8rMWtRuWT75hptF6h8kJwX0NwTtxJKChuBE/J7GSfJlHQ5avR23OiG2ceT0vMxcJg==
Arc-Seal: i=2; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=pass; b=jgS3bB4q+3T3IK3QAjpNBY624tm/YzclJZajBF0xo3QZbsht+dSW987gSmO+07JKXGySIGGcfWZCxzDQcA1zfU56EI8fpIzfOH3DPbvm/6POEJ0yr67UwLV5bNKWssW3IvoGLu9H7xdX/wyoTGRCQHGEWD5Am5S4nF8+yMBpHnPSJ2LeuMjZEvgr4vV8irhhuE09k+OeCXSD6LiR+wZ2/9j+rGCD/aywI1iPAAULZrupELaAPw58GCfUdNVIrCqRr93TF/mVpNjX/duCK0DNw0BYCvgopl0OgpGj/ya1S/gOoWON97sm8SaIHnpDAfYNLReUJpfUpKBbMGHgNNiS8w==
Arc-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hfRI2LkKxP648zobLSKL0O7EXl45sKrgpnUdjux+B6ZYA+pv4PA8mNVoTldzthJWM1gboQHsWcCuOhufFnaeT4nfK2QuUlCAs3GGmAojVONPEgXpWe1YMIa1x43lxmufwDTCp0PQ3e/m+6QVrm/EmTpvYKeVUsYeJ9EfnHAyvPggYTkP5vN0iaEBbew/3JgLeDgJXjibS6JUSkmjQhyBPDePK9gnFC+1hsD+3gZruSm9LhDarpU99s9z59eKAnMkpE1X6aMOZrGwPS4TjXTZxI5AATFdHrUAk+4PluIjXpfvfgru4yvXSIqeQxPAeCc6FPkdMDydkKQ0ilihj0/2Fw==
X-MS-Exchange-Crosstenant-ID: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
Date: Wed, 24 Jul 2019 18:52:23 +0000
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10019020)(4636009)(366004)(396003)(376002)(346002)(39860400002)(136003)(189003)(199004)(186003)(2501003)(76116006)(66946007)(66476007)(64756008)(5660300002)(36756003)(68736007)(2351001)(6916009)(66556008)(102836004)(66446008)(71190400001)(33656002)(6506007)(2171002)(91956017)(71200400001)(5640700003)(88552002)(81156014)(81166006)(2906002)(4744005)(6512007)(14444005)(6116002)(25786009)(2616005)(478600001)(486006)(99286004)(6486002)(14454004)(53936002)(86362001)(6436002)(75432002)(8936002)(316002)(8676002)(476003)(256004)(7736002)(786003)(305945005)(46003); DIR:OUT; SFP:1102; SCL:1; SRVR:BN6PR1401MB2035; H:BN6PR1401MB2099.namprd14.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; 
Subject: ccselect_k5identity needs a global config file
X-MS-Exchange-Crosstenant-Network-Message-ID: b3ff6389-99d9-4e7e-6831-08d71068112c
X-Mailman-Version: 2.1.6
MIME-Version: 1.0
X-MS-Exchange-Senderadcheck: 2
Sender: krb5-bugs-incoming-bounces@PCH.mit.edu
X-MS-Exchange-Crosstenant-Originalarrivaltime: 24 Jul 2019 18:52:24.5429 (UTC)
X-MS-Exchange-Transport-Crosstenantheaderspromoted: CO1NAM03FT044.eop-NAM03.prod.protection.outlook.com
X-Mailman-Approved-At: Wed, 24 Jul 2019 15:04:09 -0400
Content-ID: <8C39075B30343940849FC7E2513A0B68@namprd14.prod.outlook.com>
X-Microsoft-Antispam-Message-Info: kg69EuTIg5HhvR1AblMGRexDWIFYTPm3EAfP3CEDMqeL0Q60TwENrtmv/2xQzDnXFL10OPP9wlPvnNf8Ctx4ixgBs4T8Oifb8i0GpJGuKGCfPDdMizEOSNJ9ozbnsOfXOBFK2lfOdgV2YySC59W/G9IHUYf+p/Czp/7WEQ/33iBAbYsNKBUzZWpnStLu5kNJ6fYGuZLyvA8aM4zo5Lbm9qiujiCzJ2mLOQEbCEYTgYBFCxU/KICHaLShxnjJx+jhepYr4SzRnTjKBf3+s83DTKH/VtJASxLN71sDIV+ev6GFhn+fc/OSeUcnxzWkIeXnxucm+MHZs5nzBdh6WR5goZaYKa32Fmk0HrG1qKybmE0v90ryNBihRyzc3RnuxUAPnWQSpbZaQqRHdiNZWFiq7Kb1QtPikHg1eYnyGN+u91z+531zBr2ax4y338rSj61mgh8czl71VKRmt5CdF7bXH7BUQkxcT311I/gOt4rxtfJxrPjXAB8edkMIXyDt637H
X-MS-Office365-Filtering-Correlation-ID-PRVS: dec06701-7b60-45ec-7be3-08d710681068
X-Microsoft-Antispam-Message-Info-Original: N+JfQGP02DFBX2CYAOoICZ7sS1effHif7He/hel81P9zsq0/QyLgP/NbMSiI3EQDn3kuYIBeu6XBAjR0s8eZNGRo9+FO+YexMf7X1ZhbVEZ0CG3wvF8Ay8DwSbR63RBrqJIC68qaCYJUj4OCI9fEE1/bhYixQrU+VJdxMbzgMuUwwB6peUSWwkMr9O+puXkNKudsEWlnADxjJZra0toaYKCzPG0XcYqa0ypYlw4Hlq+lJUBk+H8lS+/F4AhXOs3A2/uwqePPfFFb1VaUEEe0U5wOsWoDX5fO9AKyuiabEOtr/dS3iaddvNv4/eOQca13MyAbor+ho6dB2Qwljjd93polPZmz/Ttg6aHZPZRlZBtJwvnbOjZh5AWqiOK54E5kmMMl1fWz+/kPiqHTFJXWawAHNDt1DkuU/cjICpbDCIM=
X-MS-Exchange-Transport-Crosstenantheadersstripped: CO1NAM03FT044.eop-NAM03.prod.protection.outlook.com
X-Microsoft-Antispam-Untrusted: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:BN6PR1401MB2035; 
Dkim-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mitprod.onmicrosoft.com; s=selector1-mitprod-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=I1xKVnAvSFes3fQ1QJnr17GXSIfPB+YvO+bparBxCKA=; b=YJF8svPFn4uZo7ezuKfqvxHucZNv83u0oXoKZ5Eb52AElbQPsQy5Zxa5+w6otgUvsEQ543hzHEycC3witTEIhcpJWOrHRGitvITLd0egZgBokhsS5ZMyRmwemvNZty5UzEQ/u1Vjb+dQSJUxslu7phOEI9c/KyKMtqlmV09k9EU=
Dkim-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rutgers.edu; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=I1xKVnAvSFes3fQ1QJnr17GXSIfPB+YvO+bparBxCKA=; b=fD76xaIvNWPhNo33mJcry1nyAzDoESLkmUH2f0t6UMCr2bL3Pjv/xrmk9lJm+F84u9ZkJppa2fH1ZX0A1B/P78+ZQw1n6XrWIfzy0dlPNJax4jaae63f7u3igVnhjcqegJ4qwX6nDsvVil6/fhX4wTOU3et86VbW8u+KzjnMMlk=
X-MS-Exchange-Crosstenant-Fromentityheader: Internet
Errors-To: krb5-bugs-incoming-bounces@PCH.mit.edu
X-Forefront-PRVS: 0108A997B2
X-Forefront-PRVS: 0108A997B2
To: "krb5-bugs@mit.edu" <krb5-bugs@mit.edu>
Authentication-Results: spf=temperror (sender IP is 40.107.70.109) smtp.mailfrom=rutgers.edu; mit.edu; dkim=pass (signature was verified) header.d=rutgers.edu;mit.edu; dmarc=temperror action=none header.from=rutgers.edu;compauth=pass reason=111
X-Microsoft-Antispam-PRVS: <SN6PR0102MB3424B1355422AE5F920378F6AAC60@SN6PR0102MB3424.prod.exchangelabs.com>
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=hedrick@rutgers.edu; 
X-Eopattributedmessage: 0
Received: from PCH.mit.edu (PCH.MIT.EDU [18.7.21.50]) by krbdev.mit.edu (Postfix) with ESMTPS id E559848BAD; Wed, 24 Jul 2019 15:04:10 -0400 (EDT)
Received: from PCH.MIT.EDU (localhost.localdomain [127.0.0.1]) by PCH.mit.edu (8.14.7/8.12.8) with ESMTP id x6OJ4A3J021191; Wed, 24 Jul 2019 15:04:10 -0400
Received: from outgoing-exchange-1.mit.edu (OUTGOING-EXCHANGE-1.MIT.EDU [18.9.28.15]) by PCH.mit.edu (8.14.7/8.12.8) with ESMTP id x6OIr6QB018780 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for <krb5-bugs-incoming@PCH.mit.edu>; Wed, 24 Jul 2019 14:53:06 -0400
Received: from w92exedge4.exchange.mit.edu (W92EXEDGE4.EXCHANGE.MIT.EDU [18.7.73.16]) by outgoing-exchange-1.mit.edu (8.14.7/8.12.4) with ESMTP id x6OIrGfD029130 for <krb5-bugs-incoming@mailman.mit.edu>; Wed, 24 Jul 2019 14:53:16 -0400
Received: from oc11expo16.exchange.mit.edu (18.9.4.47) by w92exedge4.exchange.mit.edu (18.7.73.16) with Microsoft SMTP Server (TLS) id 15.0.1293.2; Wed, 24 Jul 2019 14:51:51 -0400
Received: from oc11exhyb7.exchange.mit.edu (18.9.1.112) by oc11expo16.exchange.mit.edu (18.9.4.47) with Microsoft SMTP Server (TLS) id 15.0.1365.1; Wed, 24 Jul 2019 14:52:28 -0400
Received: from NAM03-DM3-obe.outbound.protection.outlook.com (104.47.41.54) by oc11exhyb7.exchange.mit.edu (18.9.1.112) with Microsoft SMTP Server (TLS) id 15.0.1395.4 via Frontend Transport; Wed, 24 Jul 2019 14:52:28 -0400
Received: from CY4PR0101CA0015.prod.exchangelabs.com (2603:10b6:910:3c::28) by SN6PR0102MB3424.prod.exchangelabs.com (2603:10b6:805:3::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2094.12; Wed, 24 Jul 2019 18:52:26 +0000
Received: from CO1NAM03FT044.eop-NAM03.prod.protection.outlook.com (2a01:111:f400:7e48::208) by CY4PR0101CA0015.outlook.office365.com (2603:10b6:910:3c::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2094.16 via Frontend Transport; Wed, 24 Jul 2019 18:52:26 +0000
Received: from NAM04-SN1-obe.outbound.protection.outlook.com (40.107.70.109) by CO1NAM03FT044.mail.protection.outlook.com (10.152.81.108) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2115.10 via Frontend Transport; Wed, 24 Jul 2019 18:52:24 +0000
Received: from BN6PR1401MB2099.namprd14.prod.outlook.com (10.174.114.144) by BN6PR1401MB2035.namprd14.prod.outlook.com (10.174.239.9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2094.16; Wed, 24 Jul 2019 18:52:23 +0000
Received: from BN6PR1401MB2099.namprd14.prod.outlook.com ([fe80::2897:875b:4f75:fbdc]) by BN6PR1401MB2099.namprd14.prod.outlook.com ([fe80::2897:875b:4f75:fbdc%2]) with mapi id 15.20.2094.013; Wed, 24 Jul 2019 18:52:23 +0000
X-MS-Oob-TLC-Oobclassifiers: OLM:8882;OLM:8882;
Arc-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;  s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=I1xKVnAvSFes3fQ1QJnr17GXSIfPB+YvO+bparBxCKA=; b=CgiKDmKexztnq605jdG66SOjblwlC+fFb/qUxqq9RfFBH9FYzuCYV3C44UxgbL+Rw7QHN6zPCwsy8tAXnMQvBlYGjlowy5UtPSmANSaXFLvYqNwh8GT6swxaoxkf2nrT/2w9U3cOzSgQfv8fJll6MeHo3Ir8nc1yI2QRdzpF7JPzcgffCCLkxNT6Ngo3kGuOwbWCz8J2IzaVBFeiX5Ta7wNjjloSWNBkZMopGolSsC26NoAn6i8BvDzI4pLHzwUcIE/KZ6XIYx3KL3OgHZtJ2O+G9oCYLmYztLjkDR4+Bqf2zJnvbvh9fV1RAbzdUYok62XyrIViSwWrKGPDQA9OIQ==
Arc-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;  s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=I1xKVnAvSFes3fQ1QJnr17GXSIfPB+YvO+bparBxCKA=; b=mTe6aHnL3Tc6eYFbgXsZBiK0bjnj1xQdZRy6KWhskp2RhjdC3N1suwiE7voQm2jIwFeNwUrW1NPIekKdGa4VVOCaeZililgCG3KEAZv8zqE91nCsePBioWG+bfOHbPaNRGWBBcPMFBhtDESvKLR/lfITZaHCkyphRH8dtYCmt430P0213lnrkYvCu6lBKqx6J2xxSxYE67QQqKxdcUyTLVfgil2l8MYV692MHiTc/LqPPFnssKmZvSPr6iprl1R24WFiJxQN7KTANkGzy9etQXlX8nae6/qRI+tvvigNyy2+8dSBfo+ciNSheiKgP7x/5vSlt8JHkEyy3uTHsxDYKw==
Arc-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;  s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=I1xKVnAvSFes3fQ1QJnr17GXSIfPB+YvO+bparBxCKA=; b=JyxPJUo3Kxu//2XFHtL4BP0U+30G647Pe+aguiIT/SHQAE/8Kv0Elf5fq0zXHaOg8hS4blnIjdLGv/UBw+/nyL634EesMCtIS6Ewq4DZZR5jddzX2wiJLZTrPs9vaiJJY4bjr9HwquTqdyGiVjBNmrpkCJEEIYa0KZgUJHFcrJujUSFLeOKQTs/Df/+GT405luCOMW1HSb6GLwz2pZsnqi3/g5Y7aANaC8PZCvnFF2TyUDT0BdagHpuA1diyaH6MOpBfiYzDhtDV5frwZI46omm9VreyRdOv2qurjxR4Bczxzb48GacbtroVhbNYlwbEySX3FEhQCiYVJpXvPwny7w==
Arc-Authentication-Results: i=3; mx.microsoft.com 1;spf=temperror (sender ip is 40.107.70.109) smtp.rcpttodomain=mit.edu smtp.mailfrom=rutgers.edu;dmarc=temperror action=none header.from=rutgers.edu;dkim=pass (signature was verified) header.d=rutgers.edu;arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=rutgers.edu] dkim=[1,1,header.d=rutgers.edu] dmarc=[1,1,header.from=rutgers.edu])
Arc-Authentication-Results: i=2; mx.microsoft.com 1;spf=temperror (sender ip is 40.107.70.109) smtp.rcpttodomain=mit.edu smtp.mailfrom=rutgers.edu;dmarc=temperror action=none header.from=rutgers.edu;dkim=pass (signature was verified) header.d=rutgers.edu;arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=rutgers.edu] dkim=[1,1,header.d=rutgers.edu] dmarc=[1,1,header.from=rutgers.edu])
Arc-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=rutgers.edu;dmarc=pass action=none header.from=rutgers.edu;dkim=pass header.d=rutgers.edu;arc=none
Content-Transfer-Encoding: 8bit
X-RT-Incoming-Encryption: Not encrypted
X-MS-Publictraffictype: Email
X-MS-Tnef-Correlator: 
Content-Language: en-US
X-MS-Office365-Filtering-Correlation-ID: b3ff6389-99d9-4e7e-6831-08d71068112c
From: "Charles Hedrick" <hedrick@rutgers.edu>
Accept-Language: en-US
X-Originatororg: mitprod.onmicrosoft.com
X-MS-Traffictypediagnostic: BN6PR1401MB2035:|SN6PR0102MB3424:
X-LD-Processed: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b,ExtAddr
X-MS-Has-Attach: 
content-type: text/plain; charset="utf-8"
From krb5-bugs-incoming-bounces@PCH.mit.edu  Wed Jul 24 15:04:11 2019
X-MS-Exchange-Transport-Crosstenantheadersstamped: BN6PR1401MB2035
X-MS-Exchange-Transport-Crosstenantheadersstamped: SN6PR0102MB3424
Received-SPF: TempError (protection.outlook.com: error in processing during lookup of rutgers.edu: DNS Timeout)
Received-SPF: None (protection.outlook.com: rutgers.edu does not designate permitted sender hosts)
X-Original-X-MS-Exchange-Atpmessageproperties: SA
X-MIME-Autoconverted: from base64 to 8bit by PCH.mit.edu id x6OIr6QB018780
Return-Path: <krb5-bugs-incoming-bounces@PCH.mit.edu>
X-RT-Original-Encoding: utf-8
X-RT-Interface: Email
Content-Length: 922

Submitter-Id: hedrick 
Originator: Charles Hedrick 
Organization: Rutgers University 
Confidential :no 
Synopsis: ccselect_k5identity needs a way to work with rpc.gssd 
Severity: non-critical 
Priority: medium 
Category: krb5-libs
Class: change-request
Release: 1.14
Environment: Centos 7 
System: Centos 7 
Machine: VM 
Description: Currently when trying to access an NFS-mounted directory, the currently selected principal is used. This is often wrong, e.g. if the user is working with an administrative principal. I’d prefer to change the default, but others seem to disagree. I tried to set it in .k5identity, but roc.gssd uses /.k5idenity, not the users, to avoid circularity when the home directory uses Kerberized NFS. I’d like ccselect_k5identity to use /etc/k5identity if there’s no entry in the user’s own file. We’d need at least %{username} to work, based on the euid.
How-To-Repeat: N/A
Fix: N/A