man: Update nfs(5) and rpc.gssd(8) discussion of keytab needs

Because of the <anyname> wildcard feature in rpc.gssd, it's possible
for a customer to deploy the same keytab on many of her NFSv4 clients
to reduce the overhead of keytab distribution.

However, the practice of sharing the same service principal amongst
NFSv4 clients brings with it some hazards. Add documentation of those
exposures in our man pages.

The rpc.gssd(8) changes:
- Remove some needless redundancy
- Clarify the definition of "machine credentials"
- Update the use of <anyname> to explicitly not recommend sharing
service principals

The nfs(5) changes add two things:
- A brief discussion of the primary security exposure of sharing
service principals
- A mention of the nfs4.nfs_unique_id module parameter

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>

0 files changed, 0 insertions, 0 deletions