[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Sample kdc.conf

Brian May <bam@snoopy.apana.org.au> writes:

> I also noticed some errors:
> * Man page refers to enforce-transited-policy and the source code refers
>   to it, but the return value is not assigned to anything:
>         krb5_config_get_bool_default(context, NULL, TRUE, "kdc",
>              "enforce-transited-policy", NULL);
> * I have a suspicion enforce-transited-policy has been replaced with
>   transited-policy but transited-policy is not documented.

Yes, this is what happen, I forgot to pull up the manpage from current.

> * man page says default value of check-ticket-addresses is false,
>   but my reading of the source code suggests it is true.

thanks, fixed.

> * database = { ... } doesn't seem to be documented anywhere.

And I think I'll leave it a that since it will change soon. I'll rather
write documentation for something that is usable, [kdc]database={} isn't.

> * Same for logging,

As the kdc.8 hits, its documented in krb5_openlog.

>  key-file


> detach, 

fixed in current.

> default_keys, and use_v4_salt.

See krb5.conf


PGP signature