krb5 commit [krb5-1.12]: Document correct flag names for kadm5.acl
Tom Yu
tlyu at mit.edu
Tue May 12 15:46:06 EDT 2015
https://github.com/krb5/krb5/commit/07105895985e4c55a7bbf2bfc8fd23d5b8c95b95
commit 07105895985e4c55a7bbf2bfc8fd23d5b8c95b95
Author: Greg Hudson <ghudson at mit.edu>
Date: Fri Mar 13 12:45:27 2015 -0400
Document correct flag names for kadm5.acl
kadm5.acl entries can include restrictions which can force flag values
on or off. These flag values are parsed with krb5_string_to_flags(),
which means the flag names are the ones for default_principal_flags,
not the ones for kadmin addprinc/modprinc.
(cherry picked from commit ef21069070c1eb2ab1ade1d1406f5cd3920c83a9)
(cherry picked from commit 185114aa35508e46c90354d8ddea76f65fe556d8)
ticket: 8184 (new)
version_fixed: 1.12.4
status: resolved
doc/admin/conf_files/kadm5_acl.rst | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/doc/admin/conf_files/kadm5_acl.rst b/doc/admin/conf_files/kadm5_acl.rst
index cd41864..0160d70 100644
--- a/doc/admin/conf_files/kadm5_acl.rst
+++ b/doc/admin/conf_files/kadm5_acl.rst
@@ -72,8 +72,8 @@ ignored. Lines containing ACL entries have the format::
{+\|-}\ *flagname*
flag is forced to the indicated value. The permissible flags
- are the same as the + and - flags for the kadmin
- :ref:`add_principal` and :ref:`modify_principal` commands.
+ are the same as those for the **default_principal_flags**
+ variable in :ref:`kdc.conf(5)`.
*-clearpolicy*
policy is forced to be empty.
More information about the cvs-krb5
mailing list