krb5 commit: Correct kadm5.acl back-reference documentation
Greg Hudson
ghudson at MIT.EDU
Fri Nov 22 12:00:28 EST 2013
https://github.com/krb5/krb5/commit/39bac22ed7f5ff583e92d082b34f0c5a2a3cad4c
commit 39bac22ed7f5ff583e92d082b34f0c5a2a3cad4c
Author: Greg Hudson <ghudson at mit.edu>
Date: Thu Nov 21 16:22:48 2013 -0500
Correct kadm5.acl back-reference documentation
In kadm5.acl, *N in the target principal name refers to the Nth
wildcard in the acting principal pattern, not the Nth component.
ticket: 7774 (new)
target_version: 1.12
tags: pullup
doc/admin/conf_files/kadm5_acl.rst | 7 ++++---
1 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/doc/admin/conf_files/kadm5_acl.rst b/doc/admin/conf_files/kadm5_acl.rst
index ffebe90..b03aacc 100644
--- a/doc/admin/conf_files/kadm5_acl.rst
+++ b/doc/admin/conf_files/kadm5_acl.rst
@@ -66,7 +66,8 @@ ignored. Lines containing ACL entries have the format:
character.
*target_principal* can also include back-references to *principal*,
- in which ``*number`` matches the component number in *principal*.
+ in which ``*number`` matches the corresponding wildcard in
+ *principal*.
*restrictions*
(Optional) A string of flags. Allowed restrictions are:
@@ -121,8 +122,8 @@ instance ``root`` (matches line 3).
(line 4) Any ``root`` principal in ``ATHENA.MIT.EDU`` can inquire, list,
or change the password of their null instance, but not any other
-null instance. (Here, "\*1" denotes a back-reference to the first
-component of the actor principal.)
+null instance. (Here, ``*1`` denotes a back-reference to the
+component matching the first wildcard in the actor principal.)
(line 5) Any principal in the realm ``ATHENA.MIT.EDU`` (except for
``joeadmin at ATHENA.MIT.EDU``, as mentioned above) has inquire
More information about the cvs-krb5
mailing list