git://git.whamcloud.com - fs/lustre-release.git/commit

author	Sebastien Buisson <sbuisson@ddn.com>
	Fri, 9 Feb 2024 15:42:40 +0000 (16:42 +0100)
committer	Andreas Dilger <adilger@whamcloud.com>
	Sat, 27 Apr 2024 22:28:39 +0000 (22:28 +0000)
commit	7407d82ec5983bfe4fe8c74d9eb0f88d550696f9
tree	f64e50351c0352aa782b70ac4225d4e9e0c0ca11	tree \| snapshot
parent	b43cd5fea3ea8eebf15e1429762b6ca97ab46228	commit \| diff

LU-17518 gss: do not trust supp groups from client with krb

Thanks to Kerberos, Lustre does not have to trust clients anymore,
but relies on keytabs and tickets, cryptographically validated, to
recognize clients and users.
RPC provided supplementary groups should not be trusted, but checked
thanks to identity upcall and the trusted UID from the ticket.

Add sanity-krb5 test_9 to exercise this.

Lustre-change: https://review.whamcloud.com/53987
Lustre-commit: b09f56c208c6c34375d098f66075688f329b7c76

Test-Parameters: kerberos=true testlist=sanity-krb5 serverdistro=el8.8
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: I4113ef654492e76fcd377b2c0cc74e484b27850b
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: Aurelien Degremont <adegremont@nvidia.com>
Reviewed-on: https://review.whamcloud.com/c/ex/lustre-release/+/54801
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>

lustre/include/lustre_idmap.h		diff \| blob \| history
lustre/mdt/mdt_lib.c		diff \| blob \| history
lustre/obdclass/idmap.c		diff \| blob \| history
lustre/tests/sanity-krb5.sh		diff \| blob \| history