git://git.whamcloud.com - fs/lustre-release.git/commit

author	Sebastien Buisson <sbuisson@ddn.com>
	Fri, 9 Feb 2024 15:42:40 +0000 (16:42 +0100)
committer	Oleg Drokin <green@whamcloud.com>
	Mon, 15 Apr 2024 16:52:03 +0000 (16:52 +0000)
commit	b09f56c208c6c34375d098f66075688f329b7c76
tree	3040f5082512101b2da57ba5bc1883f5571f09f9	tree \| snapshot
parent	10a04e323b4b6cd92d0e72f9fe1327f7fb3052d4	commit \| diff

LU-17518 gss: do not trust supp groups from client with krb

Thanks to Kerberos, Lustre does not have to trust clients anymore,
but relies on keytabs and tickets, cryptographically validated, to
recognize clients and users.
RPC provided supplementary groups should not be trusted, but checked
thanks to identity upcall and the trusted UID from the ticket.

Add sanity-krb5 test_9 to exercise this.

Test-Parameters: kerberos=true testlist=sanity-krb5
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: I4113ef654492e76fcd377b2c0cc74e484b27850b
Reviewed-on: https://review.whamcloud.com/c/fs/lustre-release/+/53987
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: Aurelien Degremont <adegremont@nvidia.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>

lustre/include/lustre_idmap.h		diff \| blob \| history
lustre/mdt/mdt_lib.c		diff \| blob \| history
lustre/obdclass/idmap.c		diff \| blob \| history
lustre/tests/sanity-krb5.sh		diff \| blob \| history