diff options
| author | Ben Kaduk <kaduk@mit.edu> | 2012-10-15 14:39:15 -0400 |
|---|---|---|
| committer | Ben Kaduk <kaduk@mit.edu> | 2012-10-15 19:20:44 -0400 |
| commit | e95f9f6875f4cbcae60fe96696eb83a6972bbf26 (patch) | |
| tree | a56a1baa43cb89187aaba76ab1eb8836511effed /doc/mitK5defaults.rst | |
| parent | ee26c4bbf4fc271ebf76d50a23ca27ef74220404 (diff) | |
| download | krb5-e95f9f6875f4cbcae60fe96696eb83a6972bbf26.tar.gz krb5-e95f9f6875f4cbcae60fe96696eb83a6972bbf26.tar.xz krb5-e95f9f6875f4cbcae60fe96696eb83a6972bbf26.zip | |
Massive reST content rename
All of rst_source/ is now just in doc/.
The krb_ prefix is stripped from the document sub-directories.
rst_tools are now just tools.
The section headers of kadmind, krb5kdc, and sserver match as conflict markers.
bigredbutton: whitespace
ticket: 7409
Diffstat (limited to 'doc/mitK5defaults.rst')
| -rw-r--r-- | doc/mitK5defaults.rst | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/doc/mitK5defaults.rst b/doc/mitK5defaults.rst new file mode 100644 index 0000000000..84b9df8810 --- /dev/null +++ b/doc/mitK5defaults.rst @@ -0,0 +1,76 @@ +.. _mitK5defaults: + +MIT Kerberos defaults +===================== + +General defaults +---------------- + +========================================== ============================= ==================== +Description Default Environment +========================================== ============================= ==================== +:ref:`keytab_definition` file |keytab| **KRB5_KTNAME** +Client :ref:`keytab_definition` file |ckeytab| **KRB5_CLIENT_KTNAME** +Kerberos config file :ref:`krb5.conf(5)` |krb5conf|\ ``:``\ **KRB5_CONFIG** + |sysconfdir|\ ``/krb5.conf`` +KDC config file :ref:`kdc.conf(5)` |kdcdir|\ ``/kdc.conf`` **KRB5_KDC_PROFILE** +KDC database path (DB2) |kdcdir|\ ``/principal`` +Master key :ref:`stash_definition` |kdcdir|\ ``/.k5.``\ *realm* +Admin server ACL file :ref:`kadm5.acl(5)` |kdcdir|\ ``/kadm5.acl`` +Plugin base directory |libdir|\ ``/krb5/plugins`` +:ref:`rcache_definition` directory ``/var/tmp`` **KRB5RCACHEDIR** +Master key default enctype |defmkey| +Supported :ref:`Encryption_and_salt_types` |defkeysalts| +Permitted enctypes |defetypes| +KDC default port 88 +Second KDC default port 750 +Admin server port 749 +Password change port 464 +========================================== ============================= ==================== + + +Slave KDC propagation defaults +------------------------------ + +This table shows defaults used by the :ref:`kprop(8)` and +:ref:`kpropd(8)` programs. + +========================== ============================== =========== +Description Default Environment +========================== ============================== =========== +kprop database dump file |kdcdir|\ ``/slave_datatrans`` +kpropd temporary dump file |kdcdir|\ ``/from_master`` +kdb5_util location |sbindir|\ ``/kdb5_util`` +kprop location |sbindir|\ ``/kprop`` +kpropd ACL file |kdcdir|\ ``/kpropd.acl`` +kprop port 754 KPROP_PORT +========================== ============================== =========== + + +.. _paths: + +Default paths for Unix-like systems +----------------------------------- + +On Unix-like systems, some paths used by MIT krb5 depend on parameters +chosen at build time. For a custom build, these paths default to +subdirectories of ``/usr/local``. When MIT krb5 is integrated into an +operating system, the paths are generally chosen to match the +operating system's filesystem layout. + +========================== ============= =========================== =========================== +Description Symbolic name Custom build path Typical OS path +========================== ============= =========================== =========================== +User programs BINDIR ``/usr/local/bin`` ``/usr/bin`` +Libraries and plugins LIBDIR ``/usr/local/lib`` ``/usr/lib`` +Parent of KDC state dir LOCALSTATEDIR ``/usr/local/var`` ``/var`` +Administrative programs SBINDIR ``/usr/local/sbin`` ``/usr/sbin`` +Alternate krb5.conf dir SYSCONFDIR ``/usr/local/etc`` ``/etc`` +Default ccache name DEFCCNAME ``FILE:/tmp/krb5cc_%{uid}`` ``FILE:/tmp/krb5cc_%{uid}`` +Default keytab name DEFKTNAME ``FILE:/etc/krb5.keytab`` ``FILE:/etc/krb5.keytab`` +========================== ============= =========================== =========================== + +The default client keytab name (DEFCKTNAME) typically defaults to +``FILE:/usr/local/var/krb5/user/%{euid}/client.keytab`` for a custom +build. A native build will typically use a path which will vary +according to the operating system's layout of ``/var``. |