svn rev #25067: trunk/src/config-files/

ghudson@MIT.EDU ghudson at MIT.EDU
Tue Aug 2 16:59:19 EDT 2011


http://src.mit.edu/fisheye/changelog/krb5/?cs=25067
Commit By: ghudson
Log Message:
Document some variables in the right section.

database_name, disable_last_success, and disable_lockout should be
under dbmodules, not dbdefaults.


Changed Files:
U   trunk/src/config-files/krb5.conf.M
Modified: trunk/src/config-files/krb5.conf.M
===================================================================
--- trunk/src/config-files/krb5.conf.M	2011-08-01 20:09:44 UTC (rev 25066)
+++ trunk/src/config-files/krb5.conf.M	2011-08-02 20:59:19 UTC (rev 25067)
@@ -646,23 +646,6 @@
 This relation indicates the name of the configuration section under dbmodules
 for database specific parameters used by the loadable database library.
 
-.IP database_name
-This DB2-specific tag indicates the location of the database in the
-filesystem.
-
-.IP disable_last_success
-If set to true, suppresses KDC updates to the "Last successful
-authentication" field of principal entries requiring
-preauthentication.  Setting this flag may improve performance.
-(Principal entries which do not require preauthentication never update
-the "Last successful authentication" field.)
-
-.IP disable_lockout
-If set to true, suppresses KDC updates to the "Last failed
-authentication" and "Failed password attempts" fields of principal
-entries requiring preauthentication.  Setting this flag may improve
-performance, but also disables account lockout.
-
 .IP ldap_kerberos_container_dn 
 This LDAP specific tag indicates the DN of the container object where the realm
 objects will be located. This value is used if no object DN is mentioned in the
@@ -704,10 +687,27 @@
 .PP
 For each section, the following tags may be specified in the subsection:
 
+.IP database_name
+This DB2-specific tag indicates the location of the database in the
+filesystem.
+
 .IP db_library
 This tag indicates the name of the loadable database library.
 The value should be db2 for db2 database and kldap for LDAP database.
 
+.IP disable_last_success
+If set to true, suppresses KDC updates to the "Last successful
+authentication" field of principal entries requiring
+preauthentication.  Setting this flag may improve performance.
+(Principal entries which do not require preauthentication never update
+the "Last successful authentication" field.)
+
+.IP disable_lockout
+If set to true, suppresses KDC updates to the "Last failed
+authentication" and "Failed password attempts" fields of principal
+entries requiring preauthentication.  Setting this flag may improve
+performance, but also disables account lockout.
+
 .IP ldap_kerberos_container_dn 
 This LDAP specific tag indicates the DN of the container object where the realm
 objects will be located.




More information about the cvs-krb5 mailing list