svn rev #25793: trunk/ doc/rst_source/ src/man/
ghudson@MIT.EDU
ghudson at MIT.EDU
Wed Mar 28 17:10:49 EDT 2012
http://src.mit.edu/fisheye/changelog/krb5/?cs=25793
Commit By: ghudson
Log Message:
Edit defaults page in documentation
Eliminate unused values and OS-specific stuff. Reformat tables. Add
a path substitution for sysconfdir to be used in the default config
file path.
Changed Files:
U trunk/doc/rst_source/conf.py
U trunk/doc/rst_source/mitK5defaults.rst
U trunk/src/man/Makefile.in
Modified: trunk/doc/rst_source/conf.py
===================================================================
--- trunk/doc/rst_source/conf.py 2012-03-28 02:03:45 UTC (rev 25792)
+++ trunk/doc/rst_source/conf.py 2012-03-28 21:10:49 UTC (rev 25793)
@@ -213,17 +213,20 @@
sbindir = '@SBINDIR@'
libdir = '@LIBDIR@'
localstatedir = '@LOCALSTATEDIR@'
+ sysconfdir = '@SYSCONFDIR@'
else:
bindir = '/usr/local/bin'
sbindir = '/usr/local/sbin'
libdir = '/usr/local/lib'
localstatedir = '/usr/local/var'
+ sysconfdir = '/usr/local/etc'
rst_epilog = '\n'
rst_epilog += '.. |bindir| replace:: ``%s``\n' % bindir
rst_epilog += '.. |sbindir| replace:: ``%s``\n' % sbindir
rst_epilog += '.. |libdir| replace:: ``%s``\n' % libdir
rst_epilog += '.. |kdcdir| replace:: ``%s/krb5kdc``\n' % localstatedir
+rst_epilog += '.. |sysconfdir| replace:: ``%s``\n' % sysconfdir
rst_epilog += '''
.. |keytab| replace:: ``/etc/krb5.keytab``
.. |krb5conf| replace:: ``/etc/krb5.conf``
Modified: trunk/doc/rst_source/mitK5defaults.rst
===================================================================
--- trunk/doc/rst_source/mitK5defaults.rst 2012-03-28 02:03:45 UTC (rev 25792)
+++ trunk/doc/rst_source/mitK5defaults.rst 2012-03-28 21:10:49 UTC (rev 25793)
@@ -3,100 +3,64 @@
MIT Kerberos defaults
=====================
-The list of the site- and OS- dependent configuration
------------------------------------------------------
+General defaults
+----------------
- ================================================== ============================================== =====================================
- \ Default Environment
- ================================================== ============================================== =====================================
- Keytab file FILE\:/etc/krb5.keytab KRB5_KTNAME
- Path to Kerberos configuration file /etc/krb5.conf:SYSCONFDIR/krb5.conf KRB5_CONFIG
- KDC configuration file LOCALSTATEDIR/krb5kdc/kdc.conf KRB5_KDC_PROFILE
- The location of the default database LOCALSTATEDIR/krb5kdc/principal
- Master key stash file location and prefix LOCALSTATEDIR/krb5kdc/.k5.
- (e.g., /usr/local/var/krb5kdc/.k5.YOURREALM)
- Admin Access Control List (ACL) file LOCALSTATEDIR/krb5kdc/krb5_adm.acl
- Admin ACL file used by old admin server LOCALSTATEDIR/krb5kdc/kadm_old.acl
- Kerberos database library path MODULEDIR/kdb
- Base directory where plugins are located LIBDIR/krb5/plugins
- Master key default enctype ENCTYPE_AES256_CTS_HMAC_SHA1_96
- The name of the replay cache used by KDC dfl:krb5kdc_rcache KRB5RCACHETYPE, KRB5RCACHENAME
- KDC portname used for /etc/services or equiv. "kerberos"
- KDC secondary portname for backward compatibility "kerberos-sec"
- KDC default port 88
- KDC default port for authentication 750
- Admin change password port 464
- KDC UDP default portlist "88,750"
- ================================================== ============================================== =====================================
+========================== ============================= ====================
+Description Default Environment
+========================== ============================= ====================
+Keytab file ``FILE:``\ |keytab| **KRB5_KTNAME**
+Kerberos config file |krb5conf|\ ``:``\ **KRB5_CONFIG**
+ |sysconfdir|\ ``/krb5.conf``
+KDC config file |kdcdir|\ ``/kdc.conf`` **KRB5_KDC_PROFILE**
+KDC database path (DB2) |kdcdir|\ ``/principal``
+Master key stash file |kdcdir|\ ``/.k5.``\ *realm*
+Admin server ACL file |kdcdir|\ ``/kadm5.acl``
+Plugin base directory |libdir|\ ``/krb5/plugins``
+Replay cache directory ``/var/tmp`` **KRB5RCACHEDIR**
+Master key default enctype |defmkey|
+Supported enc/salt types |defkeysalts|
+Permitted enctypes |defetypes|
+KDC default port 88
+Second KDC default port 750
+Admin server port 749
+Password change port 464
+========================== ============================= ====================
-MAC OS specific
----------------
+Slave KDC propagation defaults
+------------------------------
- ============================================================ ================================
- Path to Kerberos config file ~/Library/Preferences/edu.mit.Kerberos:/etc/krb5.conf:SYSCONFDIR/krb5.conf
- Base directory where krb5 plugins are located /System/Library/KerberosPlugins/KerberosFrameworkPlugins
- Base directory where Kerberos databadse plugins are located /System/Library/KerberosPlugins/KerberosDatabasePlugins
- Base directory where authorization data plugins are located /System/Library/KerberosPlugins/KerberosAuthDataPlugins
- ============================================================ ================================
+This table shows defaults used by the :ref:`kprop(8)` and
+:ref:`kpropd(8)` programs.
+========================== ============================== ===========
+Description Default Environment
+========================== ============================== ===========
+kprop database dump file |kdcdir|\ ``/slave_datatrans``
+kpropd temporary dump file |kdcdir|\ ``/from_master``
+kdb5_util location |sbindir|\ ``/kdb5_util``
+kprop location |sbindir|\ ``/kprop``
+kpropd ACL file |kdcdir|\ ``/kpropd.acl``
+kprop port 754 KPROP_PORT
+========================== ============================== ===========
-Windows specific
-----------------
- ======================================= ====================================================
- Kerberos config file name krb5.ini
- Keytab file name FILE\:%s\\krb5kt (for example, C:\\WINDOWS\\krb5kt)
- ======================================= ====================================================
-
-
-Defaults for the KADM5 admin system
+Default paths for Unix-like systems
-----------------------------------
- ====================================================================== ====================================== ==============================
- \ Default Environment
- ====================================================================== ====================================== ==============================
- Admin keytab file LOCALSTATEDIR/krb5kdc/kadm5.keytab KRB5_KTNAME
- Admin ACL file that defines access rights to the Kerberos database LOCALSTATEDIR/krb5kdc/kadm5.acl
- Admin server default port 749
- Default supported enctype/salttype matrix aes256-cts-hmac-sha1-96:normal
- aes128-cts-hmac-sha1-96:normal
- des3-cbc-sha1:normal
- arcfour-hmac-md5:normal
- Max datagram size 4096
- Directory to store replay caches KRB5RCTMPDIR KRB5RCACHEDIR
- Kerberized login program SBINDIR/login.krb5
- Kerberized remote login program BINDIR/rlogin
- ====================================================================== ====================================== ==============================
+On Unix-like systems, some paths used by MIT krb5 depend on parameters
+chosen at build time. For a custom build, these paths default to
+subdirectories of ``/usr/local``. When MIT krb5 is integrated into an
+operating system, the paths are generally chosen to match the
+operating system's filesystem layout.
-
-krb5 *slave* support
---------------------
-
- ============================================================ ======================================= ===============================
- \ Default Environment
- ============================================================ ======================================= ===============================
- kprop database dump file LOCALSTATEDIR/krb5kdc/slave_datatrans
- kpropd temporary database file LOCALSTATEDIR/krb5kdc/from_master
- Location of the utility used to load the principal database SBINDIR/kdb5_util
- kpropd default kprop SBINDIR/kprop
- kpropd principal database location LOCALSTATEDIR/krb5kdc/principal
- kpropd ACL file LOCALSTATEDIR/krb5kdc/kpropd.acl
- kprop port 754 KPROP_PORT
- ============================================================ ======================================= ===============================
-
-
-Site- and system-wide initialization for the code compiled on Linux or Solaris
-------------------------------------------------------------------------------
-
- ===================== ============================== =================
- BINDIR /usr/local/bin/
- KRB5RCTMPDIR /var/tmp
- LIBDIR /usr/local/lib/ krb5 library directory
- LOCALSTATEDIR /usr/local/var/
- MODULEDIR /usr/local/lib/krb5/plugins/ krb5 static plugins directory
- SBINDIR /usr/local/sbin/
- SYSCONFDIR /usr/local/etc/
- ===================== ============================== =================
-
-
+======================= =============== =================== ===============
+Description Symbolic name Custom build path Typical OS path
+======================= =============== =================== ===============
+User programs BINDIR ``/usr/local/bin`` ``/usr/bin``
+Libraries and plugins LIBDIR ``/usr/local/lib`` ``/usr/lib``
+Parent of KDC state dir LOCALSTATEDIR ``/usr/local/var`` ``/var``
+Administrative programs SBINDIR ``/usr/local/sbin`` ``/usr/sbin``
+Alternate krb5.conf dir SYSCONFDIR ``/usr/local/etc`` ``/etc``
+======================= =============== =================== ===============
Modified: trunk/src/man/Makefile.in
===================================================================
--- trunk/src/man/Makefile.in 2012-03-28 02:03:45 UTC (rev 25792)
+++ trunk/src/man/Makefile.in 2012-03-28 21:10:49 UTC (rev 25793)
@@ -5,6 +5,7 @@
GROFF=@GROFF@
GROFF_MAN=$(GROFF) -mtty-char -Tascii -mandoc -c
localstatedir=@localstatedir@
+sysconfdir=@sysconfdir@
MANSUBS=k5identity.sub k5login.sub k5srvutil.sub kadmin.sub kadmind.sub \
kdb5_ldap_util.sub kdb5_util.sub kdc.conf.sub kdestroy.sub kinit.sub \
@@ -33,7 +34,8 @@
sed -e 's|@BINDIR@|$(CLIENT_BINDIR)|g' \
-e 's|@SBINDIR@|$(SERVER_BINDIR)|g' \
-e 's|@LIBDIR@|$(KRB5_LIBDIR)|g' \
- -e 's|@LOCALSTATEDIR@|$(localstatedir)|g' $? > $@
+ -e 's|@LOCALSTATEDIR@|$(localstatedir)|g' \
+ -e 's|@SYSCONFDIR@|$(sysconfdir)|g' $? > $@
all:: $(MANSUBS)
More information about the cvs-krb5
mailing list