[krbdev.mit.edu #7412] Documentation__kdc.conf vs man kdc.conf, etc
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Tue Oct 16 10:44:49 EDT 2012
In any recent Kerberos release, the KDC and related programs (kadmind,
kdb5_util, etc.) merge the contents of krb5.conf and kdc.conf, while
other programs (kinit, klist, etc.) read only krb5.conf. Any profile
sections can appear in either file, or in both.
During the past year, we've been reorganizing the documentation of
krb5.conf and kdc.conf to put KDC-related relations in the kdc.conf
documentation and general-purpose relations in the other. The man pages
in the forthcoming 1.11 release should reflect what's currently on the
web.
The [login] section is only used by the krb5-aware login program, which
has been unbundled from the krb5 package into the krb5-appl package. So
we don't document it any more.
We do not have a particular recommendation for whether KDC-related
plugin module registrations appear in kdc.conf or krb5.conf. The
[plugins] section is documented in krb5.conf because it is relevant to
all Kerberos programs and not just KDC-related programs.
More information about the krb5-bugs
mailing list