[Freeipa-devel] [PATCH] 0051 Allow CustodiaClient to be used by arbitrary principals

[Simo Sorce]

On Sat, 2016-04-09 at 00:23 +1000, Fraser Tweedale wrote:
> -        name = gssapi.Name('host@%s' % (self.client,),
> 
> -                           gssapi.NameType.hostbased_service)

If you remove this then on a serve that has nfs keys in the keytab you
may end up acquiring the wrong credentials.
You need to pass down what credentials you want to use to initialize the
cred store, we canot rely on ordering in the system keytab case.

Simo.