diff options
author | Tom Yu <tlyu@mit.edu> | 2003-05-27 23:22:11 +0000 |
---|---|---|
committer | Tom Yu <tlyu@mit.edu> | 2003-05-27 23:22:11 +0000 |
commit | 42e168f5cda56e5fb1807565a085e902fc985898 (patch) | |
tree | 7c8097bb2ad8d04ca66de44934cbd5d1985f5f1b /doc | |
parent | 78383ca6991bdd4b45c0c9f75514eba8bed4ea4d (diff) | |
download | krb5-42e168f5cda56e5fb1807565a085e902fc985898.zip krb5-42e168f5cda56e5fb1807565a085e902fc985898.tar.gz krb5-42e168f5cda56e5fb1807565a085e902fc985898.tar.bz2 |
pullup from trunk
ticket: 1372
version_fixed: 1.3
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-3@15511 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'doc')
-rw-r--r-- | doc/ChangeLog | 6 | ||||
-rw-r--r-- | doc/admin.texinfo | 6 | ||||
-rw-r--r-- | doc/install.texinfo | 25 |
3 files changed, 22 insertions, 15 deletions
diff --git a/doc/ChangeLog b/doc/ChangeLog index b407834..3b25fd4 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,5 +1,11 @@ 2003-05-27 Tom Yu <tlyu@mit.edu> + * admin.texinfo (realms (kdc.conf)): Update to reflect that + kadm5.keytab is only used by legacy admin daemons. + + * install.texinfo (Create a kadmind Keytab (optional)): Update to + reflect that kadm5.keytab is only used by legacy admin daemons. + * build.texinfo (HPUX): Make HPUX compiler flags simpler. 2003-05-23 Ken Raeburn <raeburn@mit.edu> diff --git a/doc/admin.texinfo b/doc/admin.texinfo index 468d633..314ad13 100644 --- a/doc/admin.texinfo +++ b/doc/admin.texinfo @@ -1116,9 +1116,9 @@ uses to determine which principals are allowed which permissions on the database. The default is @code{@value{DefaultAclFile}}. @itemx admin_keytab -(String.) Location of the keytab file that kadmin uses to authenticate -to the database. The default is -@code{@value{DefaultAdminKeytab}}. +(String.) Location of the keytab file that the legacy administration +daemons @code{kadmind4} and @code{v5passwdd} use to authenticate to +the database. The default is @code{@value{DefaultAdminKeytab}}. @itemx database_name (String.) Location of the Kerberos database for this realm. The diff --git a/doc/install.texinfo b/doc/install.texinfo index c9f2df6..f406fdc 100644 --- a/doc/install.texinfo +++ b/doc/install.texinfo @@ -374,7 +374,7 @@ first few steps must be done on the master KDC. * Create the Database:: * Add Administrators to the Acl File:: * Add Administrators to the Kerberos Database:: -* Create a kadmind Keytab:: +* Create a kadmind Keytab (optional):: * Start the Kerberos Daemons:: @end menu @@ -516,7 +516,7 @@ filename should match the value you have set for ``acl_file'' in your @include kadm5acl.texinfo -@node Add Administrators to the Kerberos Database, Create a kadmind Keytab, Add Administrators to the Acl File, Install the Master KDC +@node Add Administrators to the Kerberos Database, Create a kadmind Keytab (optional), Add Administrators to the Acl File, Install the Master KDC @subsubsection Add Administrators to the Kerberos Database Next you need to add administrative principals to the Kerberos database. @@ -551,17 +551,18 @@ kadmin.local:} -@node Create a kadmind Keytab, Start the Kerberos Daemons, Add Administrators to the Kerberos Database, Install the Master KDC -@subsubsection Create a kadmind Keytab +@node Create a kadmind Keytab (optional), Start the Kerberos Daemons, Add Administrators to the Kerberos Database, Install the Master KDC +@subsubsection Create a kadmind Keytab (optional) -The kadmind keytab is the key that kadmind will use to decrypt -administrators' Kerberos tickets to determine whether or not it should -give them access to the database. You need to create the kadmin keytab -with entries for the principals @code{kadmin/admin} and +The kadmind keytab is the key that the legacy admininstration daemons +@code{kadmind4} and @code{v5passwdd} will use to decrypt +administrators' or clients' Kerberos tickets to determine whether or +not they should have access to the database. You need to create the +kadmin keytab with entries for the principals @code{kadmin/admin} and @code{kadmin/changepw}. (These principals are placed in the Kerberos database automatically when you create it.) To create the kadmin -keytab, run @code{kadmin.local} and use the @code{ktadd} command, as in -the following example. (The line beginning with @result{} is a +keytab, run @code{kadmin.local} and use the @code{ktadd} command, as +in the following example. (The line beginning with @result{} is a continuation of the previous line.): @smallexample @@ -593,7 +594,7 @@ The filename you use must be the one specified in your @code{kdc.conf} file. @need 2000 -@node Start the Kerberos Daemons, , Create a kadmind Keytab, Install the Master KDC +@node Start the Kerberos Daemons, , Create a kadmind Keytab (optional), Install the Master KDC @subsubsection Start the Kerberos Daemons on the Master KDC At this point, you are ready to start the Kerberos daemons on the Master @@ -973,7 +974,7 @@ On the @emph{new} master KDC: @enumerate @item -Create a database keytab. (@xref{Create a kadmind Keytab}.) +Create a database keytab. (@xref{Create a kadmind Keytab (optional)}.) @item Start the @code{kadmind} daemon. (@xref{Start the Kerberos Daemons}.) |