svn rev #25793: trunk/ doc/rst_source/ src/man/

ghudson@MIT.EDU ghudson at MIT.EDU
Wed Mar 28 17:10:49 EDT 2012


http://src.mit.edu/fisheye/changelog/krb5/?cs=25793
Commit By: ghudson
Log Message:
Edit defaults page in documentation

Eliminate unused values and OS-specific stuff.  Reformat tables.  Add
a path substitution for sysconfdir to be used in the default config
file path.


Changed Files:
U   trunk/doc/rst_source/conf.py
U   trunk/doc/rst_source/mitK5defaults.rst
U   trunk/src/man/Makefile.in
Modified: trunk/doc/rst_source/conf.py
===================================================================
--- trunk/doc/rst_source/conf.py	2012-03-28 02:03:45 UTC (rev 25792)
+++ trunk/doc/rst_source/conf.py	2012-03-28 21:10:49 UTC (rev 25793)
@@ -213,17 +213,20 @@
     sbindir = '@SBINDIR@'
     libdir = '@LIBDIR@'
     localstatedir = '@LOCALSTATEDIR@'
+    sysconfdir = '@SYSCONFDIR@'
 else:
     bindir = '/usr/local/bin'
     sbindir = '/usr/local/sbin'
     libdir = '/usr/local/lib'
     localstatedir = '/usr/local/var'
+    sysconfdir = '/usr/local/etc'
 
 rst_epilog = '\n'
 rst_epilog += '.. |bindir| replace:: ``%s``\n' % bindir
 rst_epilog += '.. |sbindir| replace:: ``%s``\n' % sbindir
 rst_epilog += '.. |libdir| replace:: ``%s``\n' % libdir
 rst_epilog += '.. |kdcdir| replace:: ``%s/krb5kdc``\n' % localstatedir
+rst_epilog += '.. |sysconfdir| replace:: ``%s``\n' % sysconfdir
 rst_epilog += '''
 .. |keytab| replace:: ``/etc/krb5.keytab``
 .. |krb5conf| replace:: ``/etc/krb5.conf``

Modified: trunk/doc/rst_source/mitK5defaults.rst
===================================================================
--- trunk/doc/rst_source/mitK5defaults.rst	2012-03-28 02:03:45 UTC (rev 25792)
+++ trunk/doc/rst_source/mitK5defaults.rst	2012-03-28 21:10:49 UTC (rev 25793)
@@ -3,100 +3,64 @@
 MIT Kerberos defaults
 =====================
 
-The list of the site- and OS- dependent configuration
------------------------------------------------------
+General defaults
+----------------
 
- ================================================== ============================================== =====================================
-            \                                          Default                                                   Environment
- ================================================== ============================================== =====================================
- Keytab file                                        FILE\:/etc/krb5.keytab                           KRB5_KTNAME
- Path to Kerberos configuration file                /etc/krb5.conf:SYSCONFDIR/krb5.conf              KRB5_CONFIG
- KDC configuration file                             LOCALSTATEDIR/krb5kdc/kdc.conf                   KRB5_KDC_PROFILE
- The location of the default database               LOCALSTATEDIR/krb5kdc/principal
- Master key stash file location and prefix          LOCALSTATEDIR/krb5kdc/.k5.
-                                                    (e.g., /usr/local/var/krb5kdc/.k5.YOURREALM)
- Admin Access Control List (ACL) file               LOCALSTATEDIR/krb5kdc/krb5_adm.acl
- Admin ACL file used by old admin server            LOCALSTATEDIR/krb5kdc/kadm_old.acl
- Kerberos database library path                     MODULEDIR/kdb
- Base directory where plugins are located           LIBDIR/krb5/plugins
- Master key default enctype                         ENCTYPE_AES256_CTS_HMAC_SHA1_96
- The name of the replay cache used by KDC           dfl:krb5kdc_rcache                              KRB5RCACHETYPE, KRB5RCACHENAME
- KDC portname used for /etc/services or equiv.      "kerberos"
- KDC secondary portname for backward compatibility  "kerberos-sec"
- KDC default port                                   88
- KDC default port for authentication                750
- Admin change password port                         464
- KDC UDP default portlist                           "88,750"
- ================================================== ============================================== =====================================
+==========================  =============================  ====================
+Description                 Default                        Environment
+==========================  =============================  ====================
+Keytab file                 ``FILE:``\ |keytab|            **KRB5_KTNAME**
+Kerberos config file        |krb5conf|\ ``:``\             **KRB5_CONFIG**
+                            |sysconfdir|\ ``/krb5.conf``
+KDC config file             |kdcdir|\ ``/kdc.conf``        **KRB5_KDC_PROFILE**
+KDC database path (DB2)     |kdcdir|\ ``/principal``
+Master key stash file       |kdcdir|\ ``/.k5.``\ *realm*
+Admin server ACL file       |kdcdir|\ ``/kadm5.acl``
+Plugin base directory       |libdir|\ ``/krb5/plugins``
+Replay cache directory      ``/var/tmp``                   **KRB5RCACHEDIR**
+Master key default enctype  |defmkey|
+Supported enc/salt types    |defkeysalts|
+Permitted enctypes          |defetypes|
+KDC default port            88
+Second KDC default port     750
+Admin server port           749
+Password change port        464
+==========================  =============================  ====================
 
 
-MAC OS specific
----------------
+Slave KDC propagation defaults
+------------------------------
 
- ============================================================ ================================
- Path to Kerberos config file                                   ~/Library/Preferences/edu.mit.Kerberos:/etc/krb5.conf:SYSCONFDIR/krb5.conf
- Base directory where krb5 plugins are located                  /System/Library/KerberosPlugins/KerberosFrameworkPlugins
- Base directory where Kerberos databadse plugins are located    /System/Library/KerberosPlugins/KerberosDatabasePlugins
- Base directory where authorization data plugins are located    /System/Library/KerberosPlugins/KerberosAuthDataPlugins
- ============================================================ ================================
+This table shows defaults used by the :ref:`kprop(8)` and
+:ref:`kpropd(8)` programs.
 
+==========================  ==============================  ===========
+Description                 Default                         Environment
+==========================  ==============================  ===========
+kprop database dump file    |kdcdir|\ ``/slave_datatrans``
+kpropd temporary dump file  |kdcdir|\ ``/from_master``
+kdb5_util location          |sbindir|\ ``/kdb5_util``
+kprop location              |sbindir|\ ``/kprop``
+kpropd ACL file             |kdcdir|\ ``/kpropd.acl``
+kprop port                  754                             KPROP_PORT
+==========================  ==============================  ===========
 
-Windows specific
-----------------
 
- ======================================= ====================================================
- Kerberos config file name                krb5.ini
- Keytab file name                         FILE\:%s\\krb5kt (for example, C:\\WINDOWS\\krb5kt)
- ======================================= ====================================================
-
-
-Defaults for the KADM5 admin system
+Default paths for Unix-like systems
 -----------------------------------
 
- ====================================================================== ====================================== ==============================
-  \                                                                          Default                               Environment
- ====================================================================== ====================================== ==============================
- Admin keytab file                                                       LOCALSTATEDIR/krb5kdc/kadm5.keytab      KRB5_KTNAME
- Admin ACL file that defines access rights to the Kerberos database      LOCALSTATEDIR/krb5kdc/kadm5.acl
- Admin server default port                                               749
- Default supported enctype/salttype matrix                               aes256-cts-hmac-sha1-96:normal
-                                                                         aes128-cts-hmac-sha1-96:normal
-                                                                         des3-cbc-sha1:normal
-                                                                         arcfour-hmac-md5:normal
- Max datagram size                                                       4096
- Directory to store replay caches                                        KRB5RCTMPDIR                            KRB5RCACHEDIR
- Kerberized login program                                                SBINDIR/login.krb5
- Kerberized remote login program                                         BINDIR/rlogin
- ====================================================================== ====================================== ==============================
+On Unix-like systems, some paths used by MIT krb5 depend on parameters
+chosen at build time.  For a custom build, these paths default to
+subdirectories of ``/usr/local``.  When MIT krb5 is integrated into an
+operating system, the paths are generally chosen to match the
+operating system's filesystem layout.
 
-
-krb5 *slave* support
---------------------
-
- ============================================================ ======================================= ===============================
-  \                                                                          Default                               Environment
- ============================================================ ======================================= ===============================
- kprop  database dump file                                     LOCALSTATEDIR/krb5kdc/slave_datatrans
- kpropd temporary database file                                LOCALSTATEDIR/krb5kdc/from_master
- Location of the utility used to load the principal database   SBINDIR/kdb5_util
- kpropd default kprop                                          SBINDIR/kprop
- kpropd principal database location                            LOCALSTATEDIR/krb5kdc/principal
- kpropd ACL file                                               LOCALSTATEDIR/krb5kdc/kpropd.acl
- kprop port                                                    754                                       KPROP_PORT
- ============================================================ ======================================= ===============================
-
-
-Site- and system-wide initialization for the code compiled on Linux or Solaris
-------------------------------------------------------------------------------
-
- ===================== ============================== =================
- BINDIR                /usr/local/bin/
- KRB5RCTMPDIR          /var/tmp
- LIBDIR                /usr/local/lib/                 krb5 library directory
- LOCALSTATEDIR         /usr/local/var/
- MODULEDIR             /usr/local/lib/krb5/plugins/    krb5 static plugins directory
- SBINDIR               /usr/local/sbin/
- SYSCONFDIR            /usr/local/etc/
- ===================== ============================== =================
-
-
+=======================  ===============  ===================  ===============
+Description	         Symbolic name    Custom build path    Typical OS path
+=======================  ===============  ===================  ===============
+User programs	         BINDIR           ``/usr/local/bin``   ``/usr/bin``
+Libraries and plugins    LIBDIR           ``/usr/local/lib``   ``/usr/lib``
+Parent of KDC state dir  LOCALSTATEDIR    ``/usr/local/var``   ``/var``
+Administrative programs  SBINDIR          ``/usr/local/sbin``  ``/usr/sbin``
+Alternate krb5.conf dir  SYSCONFDIR       ``/usr/local/etc``   ``/etc``
+=======================  ===============  ===================  ===============

Modified: trunk/src/man/Makefile.in
===================================================================
--- trunk/src/man/Makefile.in	2012-03-28 02:03:45 UTC (rev 25792)
+++ trunk/src/man/Makefile.in	2012-03-28 21:10:49 UTC (rev 25793)
@@ -5,6 +5,7 @@
 GROFF=@GROFF@
 GROFF_MAN=$(GROFF) -mtty-char -Tascii -mandoc -c
 localstatedir=@localstatedir@
+sysconfdir=@sysconfdir@
 
 MANSUBS=k5identity.sub k5login.sub k5srvutil.sub kadmin.sub kadmind.sub \
 	kdb5_ldap_util.sub kdb5_util.sub kdc.conf.sub kdestroy.sub kinit.sub \
@@ -33,7 +34,8 @@
 	sed -e 's|@BINDIR@|$(CLIENT_BINDIR)|g' \
 	    -e 's|@SBINDIR@|$(SERVER_BINDIR)|g' \
 	    -e 's|@LIBDIR@|$(KRB5_LIBDIR)|g' \
-	    -e 's|@LOCALSTATEDIR@|$(localstatedir)|g' $? > $@
+	    -e 's|@LOCALSTATEDIR@|$(localstatedir)|g' \
+	    -e 's|@SYSCONFDIR@|$(sysconfdir)|g' $? > $@
 
 all:: $(MANSUBS)
 



More information about the cvs-krb5 mailing list