blob: c971d5684b68dc8e2279ad2d68936a8ced7906c7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
.. _mitK5defaults:
MIT Kerberos defaults
=====================
General defaults
----------------
========================== ============================= ====================
Description Default Environment
========================== ============================= ====================
Keytab file ``FILE:``\ |keytab| **KRB5_KTNAME**
Client keytab file ``FILE:``\ |ckeytab| **KRB5_CLIENT_KTNAME**
Kerberos config file |krb5conf|\ ``:``\ **KRB5_CONFIG**
|sysconfdir|\ ``/krb5.conf``
KDC config file |kdcdir|\ ``/kdc.conf`` **KRB5_KDC_PROFILE**
KDC database path (DB2) |kdcdir|\ ``/principal``
Master key stash file |kdcdir|\ ``/.k5.``\ *realm*
Admin server ACL file |kdcdir|\ ``/kadm5.acl``
Plugin base directory |libdir|\ ``/krb5/plugins``
Replay cache directory ``/var/tmp`` **KRB5RCACHEDIR**
Master key default enctype |defmkey|
Supported enc/salt types |defkeysalts|
Permitted enctypes |defetypes|
KDC default port 88
Second KDC default port 750
Admin server port 749
Password change port 464
========================== ============================= ====================
Slave KDC propagation defaults
------------------------------
This table shows defaults used by the :ref:`kprop(8)` and
:ref:`kpropd(8)` programs.
========================== ============================== ===========
Description Default Environment
========================== ============================== ===========
kprop database dump file |kdcdir|\ ``/slave_datatrans``
kpropd temporary dump file |kdcdir|\ ``/from_master``
kdb5_util location |sbindir|\ ``/kdb5_util``
kprop location |sbindir|\ ``/kprop``
kpropd ACL file |kdcdir|\ ``/kpropd.acl``
kprop port 754 KPROP_PORT
========================== ============================== ===========
.. _paths:
Default paths for Unix-like systems
-----------------------------------
On Unix-like systems, some paths used by MIT krb5 depend on parameters
chosen at build time. For a custom build, these paths default to
subdirectories of ``/usr/local``. When MIT krb5 is integrated into an
operating system, the paths are generally chosen to match the
operating system's filesystem layout.
========================== ============= =========================== ===========================
Description Symbolic name Custom build path Typical OS path
========================== ============= =========================== ===========================
User programs BINDIR ``/usr/local/bin`` ``/usr/bin``
Libraries and plugins LIBDIR ``/usr/local/lib`` ``/usr/lib``
Parent of KDC state dir LOCALSTATEDIR ``/usr/local/var`` ``/var``
Administrative programs SBINDIR ``/usr/local/sbin`` ``/usr/sbin``
Alternate krb5.conf dir SYSCONFDIR ``/usr/local/etc`` ``/etc``
Default ccache name DEFCCNAME ``/tmp/krb5cc_%{UID}`` ``/tmp/krb5cc_%{UID}``
Default keytab name DEFKTNAME ``/etc/krb5.keytab`` ``/etc/krb5.keytab``
Default client keytab name DEFCKTNAME ``/etc/krb5.client-keytab`` ``/etc/krb5.client-keytab``
========================== ============= =========================== ===========================
|
