Add special user-proxy mode

gssapi / gssproxy

A proxy for GSSAPI | Docs at https://github.com/gssapi/gssproxy/tree/main/docs

Other

44 stars 29 forks source link

Add special user-proxy mode #46

Closed simo5 closed 2 years ago

simo5 commented 2 years ago

This mode is to be used in a user session where what we want to proxy is other applications run by the same user in a container or flatpak. This allows those application to use the user's creedntials w/o having to bind mount and expose the user TGT. The configuration is fixed and simplified, and the user proxy is allowed to be itself intercepted by the system proxy if desired.

fixes #45

simo5 commented 2 years ago

May need to add a configure option to interpose by default so that the interposer within a container is enabled by default and does not require setting the GSS_USE_PROXY env var, but will still respect an explicit no setting to avoid looping

simo5 commented 2 years ago

Manually tests with a modified flatpak that bind mounts the correct directories. Works including socket activation. Merging, will handle any issues as followups