svn rev #25457: trunk/doc/rst_source/ krb_admins/ krb_admins/install_kdc/

Tue Nov 8 10:16:29 EST 2011

http://src.mit.edu/fisheye/changelog/krb5/?cs=25457
Commit By: tsitkova
Log Message:
Added Environment Variables document.
 



Changed Files:
A   trunk/doc/rst_source/krb_admins/env_variables.rst
U   trunk/doc/rst_source/krb_admins/index.rst
U   trunk/doc/rst_source/krb_admins/install_kdc/kdc_prop_slave.rst
U   trunk/doc/rst_source/mitK5defaults.rst
U   trunk/doc/rst_source/mitK5features.rst
Added: trunk/doc/rst_source/krb_admins/env_variables.rst
===================================================================

--- trunk/doc/rst_source/krb_admins/env_variables.rst	                        (rev 0)
+++ trunk/doc/rst_source/krb_admins/env_variables.rst	2011-11-08 15:16:29 UTC (rev 25457)
@@ -0,0 +1,56 @@
+Environment variables
+==========================
+
+The following environment variables can be used during runtime:
+
+
+**KRB5_CONFIG** 
+           Main Kerberos configuration file.
+           (See :ref:`mitK5defaults` for the default name)
+
+**KRB5_KDC_PROFILE** 
+           KDC configuration file.
+           (See :ref:`mitK5defaults` for the default name)
+
+**KRB5_KTNAME** 
+           Default *keytab* file name.  
+           (See :ref:`mitK5defaults` for the default name)
+
+**KRB5CCNAME** 
+           Default name for the credentials cache file.
+
+**KRB5RCACHETYPE**
+           Default replay cache type. Defaults to "dfl".
+
+           E.g. *KRB5RCACHETYPE="none"*
+
+**KRB5RCACHENAME** 
+           Default replay cache name. 
+           (See :ref:`mitK5defaults` for the default name)
+
+**KRB5RCACHEDIR** 
+           Default replay cache directory.
+           (See :ref:`mitK5defaults` for the default location)
+
+**KPROP_PORT**                     
+           *kprop* port to use. Defaults to 754.
+
+**KRB5_TRACE** 
+           Debugging and tracing. (Introduced in release 1.9)
+
+           E.g. *KRB5_TRACE=/dev/stdout kinit*
+
+           This environment variable overrides the tracing behavior 
+           set by the application using either of the following API:
+
+               -  :c:func:`krb5_set_trace_callback()` or
+               -  :c:func:`krb5_set_trace_filename()`
+
+------------------
+
+Feedback
+
+
+Please, provide your feedback on this document at krb5-bugs at mit.edu?subject=Documentation___env
+
+

Modified: trunk/doc/rst_source/krb_admins/index.rst
===================================================================
--- trunk/doc/rst_source/krb_admins/index.rst	2011-11-07 22:51:36 UTC (rev 25456)
+++ trunk/doc/rst_source/krb_admins/index.rst	2011-11-08 15:16:29 UTC (rev 25457)
@@ -23,6 +23,8 @@
    :maxdepth: 1
 
    admin_commands/index.rst
+   ../mitK5defaults.rst
+   env_variables.rst
    troubleshoot.rst
    advanced/index.rst
    various_envs.rst

Modified: trunk/doc/rst_source/krb_admins/install_kdc/kdc_prop_slave.rst
===================================================================
--- trunk/doc/rst_source/krb_admins/install_kdc/kdc_prop_slave.rst	2011-11-07 22:51:36 UTC (rev 25456)
+++ trunk/doc/rst_source/krb_admins/install_kdc/kdc_prop_slave.rst	2011-11-08 15:16:29 UTC (rev 25457)
@@ -15,6 +15,7 @@
 
 Just in case you need an additional confirmation of the successful propagation, 
 do the following on the slave:
+
     - make sure that only this slave's *kdc* is listed in the *krb5.conf* file, then
     - start *krb5kdc* on the slave server and
     - run "kinit  admin/admin\@ATHENA.MIT.EDU" which should succeed once the correct password 

Modified: trunk/doc/rst_source/mitK5defaults.rst
===================================================================
--- trunk/doc/rst_source/mitK5defaults.rst	2011-11-07 22:51:36 UTC (rev 25456)
+++ trunk/doc/rst_source/mitK5defaults.rst	2011-11-08 15:16:29 UTC (rev 25457)
@@ -8,25 +8,28 @@
 -------------------------------------------------------
 
 
- ================================================== ================================
- Keytab file                                        FILE\:/etc/krb5.keytab
- Path to Kerberos configuration file                /etc/krb5.conf:SYSCONFDIR/krb5.conf
- KDC configuration file                             LOCALSTATEDIR/krb5kdc/kdc.conf
+ ================================================== ============================================== =====================================
+            \                                          Default                                                   Environment
+ ================================================== ============================================== =====================================
+ Keytab file                                        FILE\:/etc/krb5.keytab                           KRB5_KTNAME
+ Path to Kerberos configuration file                /etc/krb5.conf:SYSCONFDIR/krb5.conf              KRB5_CONFIG
+ KDC configuration file                             LOCALSTATEDIR/krb5kdc/kdc.conf                   KRB5_KDC_PROFILE
  The location of the default database               LOCALSTATEDIR/krb5kdc/principal
- Master key stash file location and prefix          LOCALSTATEDIR/krb5kdc/.k5.  (for example, /usr/local/var/krb5kdc/.k5.YOURREALM)
+ Master key stash file location and prefix          LOCALSTATEDIR/krb5kdc/.k5. 
+                                                    (e.g., /usr/local/var/krb5kdc/.k5.YOURREALM)
  Admin Access Control List (ACL) file               LOCALSTATEDIR/krb5kdc/krb5_adm.acl
  Admin ACL file used by old admin server            LOCALSTATEDIR/krb5kdc/kadm_old.acl
  Kerberos database library path                     MODULEDIR/kdb
  Base directory where plugins are located           LIBDIR/krb5/plugins
  Master key default enctype                         ENCTYPE_AES256_CTS_HMAC_SHA1_96
- The name of the rcache used by KDC                 dfl:krb5kdc_rcache
+ The name of the replay cache used by KDC           dfl:krb5kdc_rcache                              KRB5RCACHETYPE, KRB5RCACHENAME
  KDC portname used for /etc/services or equiv.      "kerberos" 
  KDC secondary portname for backward compatibility  "kerberos-sec"
  KDC default port                                   88
  KDC default port for authentication                750
  Admin change password port                         464
  KDC UDP default portlist                           "88,750"
- ================================================== ================================
+ ================================================== ============================================== =====================================
 
 
 MAC OS specific
@@ -52,29 +55,37 @@
 Defaults for the KADM5 admin system
 ---------------------------------------
 
- ====================================================================== ================================
- Admin keytab file                                                       LOCALSTATEDIR/krb5kdc/kadm5.keytab
+ ====================================================================== ====================================== ==============================
+  \                                                                          Default                               Environment
+ ====================================================================== ====================================== ==============================
+ Admin keytab file                                                       LOCALSTATEDIR/krb5kdc/kadm5.keytab      KRB5_KTNAME
  Admin ACL file that defines access rights to the Kerberos database      LOCALSTATEDIR/krb5kdc/kadm5.acl
  Admin server default port                                               749 
- Default supported enctype/salttype matrix                               aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha1-96:normal des3-cbc-sha1:normal arcfour-hmac-md5:normal
+ Default supported enctype/salttype matrix                               aes256-cts-hmac-sha1-96:normal 
+                                                                         aes128-cts-hmac-sha1-96:normal 
+                                                                         des3-cbc-sha1:normal 
+                                                                         arcfour-hmac-md5:normal
  Max datagram size                                                       4096
- Directory to store replay caches                                        KRB5RCTMPDIR
+ Directory to store replay caches                                        KRB5RCTMPDIR                            KRB5RCACHEDIR
  Kerberized login program                                                SBINDIR/login.krb5
  Kerberized remote login program                                         BINDIR/rlogin
- ====================================================================== ================================
+ ====================================================================== ====================================== ==============================
 
 
 krb5 *slave* support
 -----------------------------
 
- ============================================================ ================================
+ ============================================================ ======================================= ===============================
+  \                                                                          Default                               Environment
+ ============================================================ ======================================= ===============================
  kprop  database dump file                                     LOCALSTATEDIR/krb5kdc/slave_datatrans
  kpropd temporary database file                                LOCALSTATEDIR/krb5kdc/from_master
  Location of the utility used to load the principal database   SBINDIR/kdb5_util
  kpropd default kprop                                          SBINDIR/kprop
  kpropd principal database location                            LOCALSTATEDIR/krb5kdc/principal
  kpropd ACL file                                               LOCALSTATEDIR/krb5kdc/kpropd.acl
- ============================================================ ================================
+ kprop port                                                    754                                       KPROP_PORT
+ ============================================================ ======================================= ===============================
 
 
 Site- and system-wide initialization for the code compiled on Linux or Solaris

Modified: trunk/doc/rst_source/mitK5features.rst
===================================================================
--- trunk/doc/rst_source/mitK5features.rst	2011-11-07 22:51:36 UTC (rev 25456)
+++ trunk/doc/rst_source/mitK5features.rst	2011-11-08 15:16:29 UTC (rev 25457)
@@ -13,8 +13,8 @@
 
 
    ====================================================== ======================================= =============================================================================
-    Latest stable  version                                 1.9.1                  
-    Supported versions                                     1.7.2, 1.8.4, 1.9.1    
+    Latest stable  version                                 1.9.2                  
+    Supported versions                                     1.7.3, 1.8.5, 1.9.2
     Release cycle                                          9 - 12 months          
     Supported platforms/OS distributions                   Solaris               
                                                                - SPARC             
@@ -41,7 +41,6 @@
     GSS-API extensions for storing delegated credentials   1.8+                                     :rfc:`5588`
 
     License                                                :ref:`mitK5license`
-    Defaults                                               :ref:`mitK5defaults`
    ====================================================== ======================================= =============================================================================
 
 


