krb5 commit: Clarify domain_realm documentation

[Greg Hudson]

https://github.com/krb5/krb5/commit/fcdaede53ba4c828b6bec48e54621cf6ce0e145a
commit fcdaede53ba4c828b6bec48e54621cf6ce0e145a
Author: Greg Hudson <ghudson at mit.edu>
Date:   Mon Jan 25 13:41:24 2021 -0500

    Clarify domain_realm documentation
    
    The [domain_realm] section provides a mapping from hostnames to realm
    names, but the individual mappings apply to domains (including
    subdomains) or subdomains, not to hostnames.  Reported by Ulf Bremer.
    
    ticket: 8981

 doc/admin/conf_files/krb5_conf.rst |   13 +++++--------
 1 files changed, 5 insertions(+), 8 deletions(-)

diff --git a/doc/admin/conf_files/krb5_conf.rst b/doc/admin/conf_files/krb5_conf.rst
index cb17a84..08e0fc8 100644
--- a/doc/admin/conf_files/krb5_conf.rst
+++ b/doc/admin/conf_files/krb5_conf.rst
@@ -546,15 +546,12 @@ following tags may be specified in the realm's subsection:
 [domain_realm]
 ~~~~~~~~~~~~~~
 
-The [domain_realm] section provides a translation from a domain name
-or hostname to a Kerberos realm name.  The tag name can be a host name
-or domain name, where domain names are indicated by a prefix of a
-period (``.``).  The value of the relation is the Kerberos realm name
-for that particular host or domain.  A host name relation implicitly
-provides the corresponding domain name relation, unless an explicit domain
-name relation is provided.  The Kerberos realm may be
+The [domain_realm] section provides a translation from hostnames to
+Kerberos realms.  Each tag is a domain name, providing the mapping for
+that domain and all subdomains.  If the tag begins with a period
+(``.``) then it applies only to subdomains.  The Kerberos realm may be
 identified either in the realms_ section or using DNS SRV records.
-Host names and domain names should be in lower case.  For example::
+Tag names should be in lower case.  For example::
 
     [domain_realm]
         crash.mit.edu = TEST.ATHENA.MIT.EDU