diff options
| author | Greg Hudson <ghudson@mit.edu> | 2013-11-21 16:22:48 -0500 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2013-11-21 16:24:30 -0500 |
| commit | 39bac22ed7f5ff583e92d082b34f0c5a2a3cad4c (patch) | |
| tree | a16b9d102eb1b888f256fdc23b6a4b2fb7072b60 /doc | |
| parent | 119281156097a9da659ce5a7c06f0d517994781c (diff) | |
| download | krb5-39bac22ed7f5ff583e92d082b34f0c5a2a3cad4c.tar.gz krb5-39bac22ed7f5ff583e92d082b34f0c5a2a3cad4c.tar.xz krb5-39bac22ed7f5ff583e92d082b34f0c5a2a3cad4c.zip | |
Correct kadm5.acl back-reference documentation
In kadm5.acl, *N in the target principal name refers to the Nth
wildcard in the acting principal pattern, not the Nth component.
ticket: 7774 (new)
target_version: 1.12
tags: pullup
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/admin/conf_files/kadm5_acl.rst | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/doc/admin/conf_files/kadm5_acl.rst b/doc/admin/conf_files/kadm5_acl.rst index ffebe90bb7..b03aacce2a 100644 --- a/doc/admin/conf_files/kadm5_acl.rst +++ b/doc/admin/conf_files/kadm5_acl.rst @@ -66,7 +66,8 @@ ignored. Lines containing ACL entries have the format: character. *target_principal* can also include back-references to *principal*, - in which ``*number`` matches the component number in *principal*. + in which ``*number`` matches the corresponding wildcard in + *principal*. *restrictions* (Optional) A string of flags. Allowed restrictions are: @@ -121,8 +122,8 @@ instance ``root`` (matches line 3). (line 4) Any ``root`` principal in ``ATHENA.MIT.EDU`` can inquire, list, or change the password of their null instance, but not any other -null instance. (Here, "\*1" denotes a back-reference to the first -component of the actor principal.) +null instance. (Here, ``*1`` denotes a back-reference to the +component matching the first wildcard in the actor principal.) (line 5) Any principal in the realm ``ATHENA.MIT.EDU`` (except for ``joeadmin@ATHENA.MIT.EDU``, as mentioned above) has inquire |