krb5 commit [krb5-1.11]: Correct kadm5.acl back-reference documentation

[Tom Yu]

https://github.com/krb5/krb5/commit/654e8996df2dc2300115ff133827d7ba756de953
commit 654e8996df2dc2300115ff133827d7ba756de953
Author: Greg Hudson <ghudson at mit.edu>
Date:   Thu Nov 21 16:22:48 2013 -0500

    Correct kadm5.acl back-reference documentation
    
    In kadm5.acl, *N in the target principal name refers to the Nth
    wildcard in the acting principal pattern, not the Nth component.
    
    (cherry picked from commit 39bac22ed7f5ff583e92d082b34f0c5a2a3cad4c)
    
    ticket: 7780 (new)
    version_fixed: 1.11.5
    status: resolved

 doc/admin/conf_files/kadm5_acl.rst |    7 ++++---
 1 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/doc/admin/conf_files/kadm5_acl.rst b/doc/admin/conf_files/kadm5_acl.rst
index ffebe90..b03aacc 100644
--- a/doc/admin/conf_files/kadm5_acl.rst
+++ b/doc/admin/conf_files/kadm5_acl.rst
@@ -66,7 +66,8 @@ ignored.  Lines containing ACL entries have the format:
     character.
 
     *target_principal* can also include back-references to *principal*,
-    in which ``*number`` matches the component number in *principal*.
+    in which ``*number`` matches the corresponding wildcard in
+    *principal*.
 
 *restrictions*
     (Optional) A string of flags. Allowed restrictions are:
@@ -121,8 +122,8 @@ instance ``root`` (matches line 3).
 
 (line 4) Any ``root`` principal in ``ATHENA.MIT.EDU`` can inquire, list,
 or change the password of their null instance, but not any other
-null instance.  (Here, "\*1" denotes a back-reference to the first
-component of the actor principal.)
+null instance.  (Here, ``*1`` denotes a back-reference to the
+component matching the first wildcard in the actor principal.)
 
 (line 5) Any principal in the realm ``ATHENA.MIT.EDU`` (except for
 ``joeadmin at ATHENA.MIT.EDU``, as mentioned above) has inquire