What were you trying to do that didn't work?

Was setting up auth_to_local rules to map nfs/<fqdn> and host/<fqdn> principals to the local root user.  Ended up taking out gssproxy.

Please provide the package NVR for which bug is seen:

gssproxy-0.8.4-6.el9.x86_64

How reproducible:

always

Steps to reproduce

1. Set up a KDC (I've had this happen with both IPA as well as a plain old MIT KDC), an NFS client, and an NFS server.  Add nfs principals for both machines, create keytabs, etc.
2. Add the following auth_to_local rules to the NFS server's krb5.conf:

    auth_to_local = RULE:[2:$1;$2](^nfs;.*$)s/^.*$/root/g
    auth_to_local = RULE:[2:$1;$2](^host;.*$)s/^.*$/root/g
    auth_to_local = DEFAULT

1. Try to mount from the NFS client.

Expected results

The client should be able to mount, and the root user on the client should be able to read and write files on the exported fs.

Actual results

gssproxy's memory usage skyrockets until it is killed by the OOM killer.

ltrace shows the last call made by gssproxy was to gss_localname(), so this could be a krb5-libs issue.  I'll attach the ltrace.

Also, note that if I remove the 'g' flag (which is unnecessary in this case) from those rules, then everything works fine.  I figured I'd report it anyway.