[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Additions to krb5.conf man page
Password quality information. Also, verify_krb5_conf doesn't know about
all the password quality options:
verify_krb5_conf: /password_quality/min_classes: unknown or wrong type
verify_krb5_conf: /password_quality/min_length: unknown or wrong type
----------------------------------------------------------------------
| Jim Hranicky, Senior SysAdmin UF/CISE Department |
| E314D CSE Building Phone (352) 392-1499 |
| jfh@cise.ufl.edu http://www.cise.ufl.edu/~jfh |
----------------------------------------------------------------------
--- lib/krb5/krb5.conf.5.orig Wed Jun 22 16:44:15 2005
+++ lib/krb5/krb5.conf.5 Wed Jun 22 17:02:17 2005
@@ -426,7 +426,7 @@
is the dn that will be appended to the principal when creating entries.
Default value is the search dn.
.El
-.It Li [kadmin]
+.It Li [kadmin] *******
.Bl -tag -width "xxx" -offset indent
.It Li require-preauth = Va BOOL
If pre-authentication is required to talk to the kadmin server.
@@ -462,7 +462,24 @@
.Pp
and is only left for backwards compatibility.
.El
+.It Li [password-quality]
+.Bl -tag -width "xxx" -offset indent
+.It Li check_library = Va library-name
+Library name that contains the password check_function
+.It Li check_function = Va function-name
+Function name for checking passwords in check_library
+.It Li policy_libraries = Va library1 ... libraryN
+List of libraries that can do password policy checks
+.It Li policies = Va policy1 ... policyN
+List of policy names to apply to the password. Builtin policies are
+minimum-length, character-class (upper,lower, digits, others), external-check
+ (an external program that reads from stdin
+ principal: princ_name
+ new-password: newpass
+ end
+ )
.El
+.El
.Sh ENVIRONMENT
.Ev KRB5_CONFIG
points to the configuration file to read.