diff options
author | Greg Hudson <ghudson@mit.edu> | 2021-01-25 13:41:24 -0500 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2021-01-27 18:33:36 -0500 |
commit | fcdaede53ba4c828b6bec48e54621cf6ce0e145a (patch) | |
tree | bdcefb1d69bc2da6605d8a6b03f0bf87d0dce219 /doc | |
parent | 18ea3bd2fca55b789b7de9c663624bc11d348fa6 (diff) | |
download | krb5-fcdaede53ba4c828b6bec48e54621cf6ce0e145a.zip krb5-fcdaede53ba4c828b6bec48e54621cf6ce0e145a.tar.gz krb5-fcdaede53ba4c828b6bec48e54621cf6ce0e145a.tar.bz2 |
Clarify domain_realm documentation
The [domain_realm] section provides a mapping from hostnames to realm
names, but the individual mappings apply to domains (including
subdomains) or subdomains, not to hostnames. Reported by Ulf Bremer.
ticket: 8981
Diffstat (limited to 'doc')
-rw-r--r-- | doc/admin/conf_files/krb5_conf.rst | 13 |
1 files changed, 5 insertions, 8 deletions
diff --git a/doc/admin/conf_files/krb5_conf.rst b/doc/admin/conf_files/krb5_conf.rst index cb17a84..08e0fc8 100644 --- a/doc/admin/conf_files/krb5_conf.rst +++ b/doc/admin/conf_files/krb5_conf.rst @@ -546,15 +546,12 @@ following tags may be specified in the realm's subsection: [domain_realm] ~~~~~~~~~~~~~~ -The [domain_realm] section provides a translation from a domain name -or hostname to a Kerberos realm name. The tag name can be a host name -or domain name, where domain names are indicated by a prefix of a -period (``.``). The value of the relation is the Kerberos realm name -for that particular host or domain. A host name relation implicitly -provides the corresponding domain name relation, unless an explicit domain -name relation is provided. The Kerberos realm may be +The [domain_realm] section provides a translation from hostnames to +Kerberos realms. Each tag is a domain name, providing the mapping for +that domain and all subdomains. If the tag begins with a period +(``.``) then it applies only to subdomains. The Kerberos realm may be identified either in the realms_ section or using DNS SRV records. -Host names and domain names should be in lower case. For example:: +Tag names should be in lower case. For example:: [domain_realm] crash.mit.edu = TEST.ATHENA.MIT.EDU |