git://git.whamcloud.com - fs/lustre-release.git/commit

author	Sebastien Buisson <sbuisson@ddn.com>
	Tue, 3 Dec 2024 11:10:26 +0000 (12:10 +0100)
committer	Oleg Drokin <green@whamcloud.com>
	Mon, 16 Dec 2024 08:19:38 +0000 (08:19 +0000)
commit	6791fbc530ad64d5764882f4c866ee2a42a3f1fc
tree	e8f17a2b4eb83dbba6228dc51fe5b6e050bac131	tree \| snapshot
parent	68dd4f2ba984d42356e0bfb9948223509d8407ca	commit \| diff

LU-18497 gss: carry out creds prepare as user

Instead of forking a child process that switches to user identity to
get the credentials cache name, just carry out the whole credentials
preparation as the user, and switch back to original uid/gid in order
to proceed to ioctls, eliminating the need to map memory between
processes.

Test-Parameters: trivial
Test-Parameters: testgroup=review-dne-selinux-ssk-part-1
Test-Parameters: testgroup=review-dne-selinux-ssk-part-2
Test-Parameters: kerberos=true testlist=sanity-krb5
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: I7807263d71cd3fc8a9934cc4c4da8b497b845e6f
Reviewed-on: https://review.whamcloud.com/c/fs/lustre-release/+/57192
Reviewed-by: Aurelien Degremont <adegremont@nvidia.com>
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>

lustre/utils/gss/lgss_keyring.c		diff \| blob \| history
lustre/utils/gss/lgss_krb5_utils.c		diff \| blob \| history
lustre/utils/gss/lgss_utils.c		diff \| blob \| history