diff options
author | Greg Hudson <ghudson@mit.edu> | 2014-06-12 14:34:26 -0400 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2014-07-02 10:11:00 -0400 |
commit | 4bd50f73c80a86852ec0879abdf52202be40892b (patch) | |
tree | ca55bd2e07162d7aedbac397a9b915ac201aca04 /doc/admin/admin_commands | |
parent | 81e503c09ad9aef4a0afc6bf66a0269cde2151f3 (diff) | |
download | krb5-4bd50f73c80a86852ec0879abdf52202be40892b.tar.gz krb5-4bd50f73c80a86852ec0879abdf52202be40892b.tar.xz krb5-4bd50f73c80a86852ec0879abdf52202be40892b.zip |
Remove indent workaround in man page RST sources
docutils 0.10 properly adds indentation to example blocks in man
pages, so we do not need to force an extra indentation level. Get rid
of the workaround wherever we use it.
ticket: 7954 (new)
target_version: 1.12.2
tags: pullup
Diffstat (limited to 'doc/admin/admin_commands')
-rw-r--r-- | doc/admin/admin_commands/kadmin_local.rst | 44 | ||||
-rw-r--r-- | doc/admin/admin_commands/kdb5_ldap_util.rst | 44 | ||||
-rw-r--r-- | doc/admin/admin_commands/kpropd.rst | 4 | ||||
-rw-r--r-- | doc/admin/admin_commands/kproplog.rst | 4 | ||||
-rw-r--r-- | doc/admin/admin_commands/krb5kdc.rst | 4 | ||||
-rw-r--r-- | doc/admin/admin_commands/sserver.rst | 36 |
6 files changed, 35 insertions, 101 deletions
diff --git a/doc/admin/admin_commands/kadmin_local.rst b/doc/admin/admin_commands/kadmin_local.rst index 1a4c896eb..e7e2d5a9c 100644 --- a/doc/admin/admin_commands/kadmin_local.rst +++ b/doc/admin/admin_commands/kadmin_local.rst @@ -350,9 +350,7 @@ Options: - *dn* and *containerdn* should be within the subtrees or principal container configured in the realm. -Example: - - :: +Example:: kadmin: addprinc jennifer WARNING: no policy specified for "jennifer@ATHENA.MIT.EDU"; @@ -457,9 +455,7 @@ The following options are available: Keeps the existing keys in the database. This flag is usually not necessary except perhaps for ``krbtgt`` principals. -Example: - - :: +Example:: kadmin: cpw systest Enter password for principal systest@BLEEP.COM: @@ -501,9 +497,7 @@ running the the program to be the same as the one being listed. Alias: **getprinc** -Examples: - - :: +Examples:: kadmin: getprinc tlyu/admin Principal: tlyu/admin@BLEEP.COM @@ -549,9 +543,7 @@ This command requires the **list** privilege. Alias: **listprincs**, **get_principals**, **get_princs** -Example: - - :: +Example:: kadmin: listprincs test* test3@SECURE-TEST.OV.COM @@ -604,9 +596,7 @@ This command requires the **modify** privilege. Alias: **setstr** -Example: - - :: +Example:: set_string host/foo.mit.edu session_enctypes aes128-cts set_string user@FOO.COM otp [{"type":"hotp","username":"custom"}] @@ -697,9 +687,7 @@ The following options are available: with commas (',') only. To clear the allowed key/salt policy use a value of '-'. -Example: - - :: +Example:: kadmin: add_policy -maxlife "2 days" -minlength 5 guests kadmin: @@ -737,9 +725,7 @@ This command requires the **delete** privilege. Alias: **delpol** -Example: - - :: +Example:: kadmin: del_policy guests Are you sure you want to delete the policy "guests"? @@ -763,9 +749,7 @@ This command requires the **inquire** privilege. Alias: getpol -Examples: - - :: +Examples:: kadmin: get_policy admin Policy: admin @@ -803,9 +787,7 @@ This command requires the **list** privilege. Aliases: **listpols**, **get_policies**, **getpols**. -Examples: - - :: +Examples:: kadmin: listpols test-pol @@ -859,9 +841,7 @@ An entry for each of the principal's unique encryption types is added, ignoring multiple keys with the same encryption type but different salt types. -Example: - - :: +Example:: kadmin: ktadd -k /tmp/foo-new-keytab host/foo.mit.edu Entry for principal host/foo.mit.edu@ATHENA.MIT.EDU with kvno 3, @@ -896,9 +876,7 @@ The options are: **-q** Display less verbose information. -Example: - - :: +Example:: kadmin: ktremove kadmin/admin all Entry for principal kadmin/admin with kvno 3 removed from keytab diff --git a/doc/admin/admin_commands/kdb5_ldap_util.rst b/doc/admin/admin_commands/kdb5_ldap_util.rst index e5c037db4..4516e048e 100644 --- a/doc/admin/admin_commands/kdb5_ldap_util.rst +++ b/doc/admin/admin_commands/kdb5_ldap_util.rst @@ -122,9 +122,7 @@ Creates realm in directory. Options: documented in the description of the **add_principal** command in :ref:`kadmin(1)`. -Example: - - :: +Example:: kdb5_ldap_util -D cn=admin,o=org -H ldaps://ldap-server1.mit.edu create -subtrees o=org -sscope SUB -r ATHENA.MIT.EDU @@ -183,9 +181,7 @@ Modifies the attributes of a realm. Options: documented in the description of the **add_principal** command in :ref:`kadmin(1)`. -Example: - - :: +Example:: shell% kdb5_ldap_util -D cn=admin,o=org -H ldaps://ldap-server1.mit.edu modify +requires_preauth -r @@ -207,9 +203,7 @@ Displays the attributes of a realm. Options: **-r** *realm* Specifies the Kerberos realm of the database. -Example: - - :: +Example:: kdb5_ldap_util -D cn=admin,o=org -H ldaps://ldap-server1.mit.edu view -r ATHENA.MIT.EDU @@ -239,9 +233,7 @@ Destroys an existing realm. Options: **-r** *realm* Specifies the Kerberos realm of the database. -Example: - - :: +Example:: shell% kdb5_ldap_util -D cn=admin,o=org -H ldaps://ldap-server1.mit.edu destroy -r ATHENA.MIT.EDU @@ -262,9 +254,7 @@ list Lists the name of realms. -Example: - - :: +Example:: shell% kdb5_ldap_util -D cn=admin,o=org -H ldaps://ldap-server1.mit.edu list @@ -297,9 +287,7 @@ to the LDAP server. Options: Specifies Distinguished Name (DN) of the service object whose password is to be stored in file. -Example: - - :: +Example:: kdb5_ldap_util stashsrvpw -f /home/andrew/conf_keyfile cn=service-kdc,o=org @@ -342,9 +330,7 @@ Creates a ticket policy in the directory. Options: *policy_name* Specifies the name of the ticket policy. -Example: - - :: +Example:: kdb5_ldap_util -D cn=admin,o=org -H ldaps://ldap-server1.mit.edu create_policy -r ATHENA.MIT.EDU -maxtktlife "1 day" @@ -369,9 +355,7 @@ modify_policy Modifies the attributes of a ticket policy. Options are same as for **create_policy**. -Example: - - :: +Example:: kdb5_ldap_util -D cn=admin,o=org -H ldaps://ldap-server1.mit.edu modify_policy -r ATHENA.MIT.EDU @@ -395,9 +379,7 @@ Displays the attributes of a ticket policy. Options: *policy_name* Specifies the name of the ticket policy. -Example: - - :: +Example:: kdb5_ldap_util -D cn=admin,o=org -H ldaps://ldap-server1.mit.edu view_policy -r ATHENA.MIT.EDU tktpolicy @@ -431,9 +413,7 @@ Destroys an existing ticket policy. Options: *policy_name* Specifies the name of the ticket policy. -Example: - - :: +Example:: kdb5_ldap_util -D cn=admin,o=org -H ldaps://ldap-server1.mit.edu destroy_policy -r ATHENA.MIT.EDU tktpolicy @@ -458,9 +438,7 @@ realm. Options: **-r** *realm* Specifies the Kerberos realm of the database. -Example: - - :: +Example:: kdb5_ldap_util -D cn=admin,o=org -H ldaps://ldap-server1.mit.edu list_policy -r ATHENA.MIT.EDU diff --git a/doc/admin/admin_commands/kpropd.rst b/doc/admin/admin_commands/kpropd.rst index 43b6db762..465d4f52e 100644 --- a/doc/admin/admin_commands/kpropd.rst +++ b/doc/admin/admin_commands/kpropd.rst @@ -34,9 +34,7 @@ file, the slave Kerberos server will have an up-to-date KDC database. Where incremental propagation is not used, kpropd is commonly invoked out of inetd(8) as a nowait service. This is done by adding a line to -the ``/etc/inetd.conf`` file which looks like this: - - :: +the ``/etc/inetd.conf`` file which looks like this:: kprop stream tcp nowait root /usr/local/sbin/kpropd kpropd diff --git a/doc/admin/admin_commands/kproplog.rst b/doc/admin/admin_commands/kproplog.rst index c7a0ea417..ed906398d 100644 --- a/doc/admin/admin_commands/kproplog.rst +++ b/doc/admin/admin_commands/kproplog.rst @@ -53,9 +53,7 @@ OPTIONS **-v** Display individual attributes per update. An example of the - output generated for one entry: - - :: + output generated for one entry:: Update Entry Update serial # : 4 diff --git a/doc/admin/admin_commands/krb5kdc.rst b/doc/admin/admin_commands/krb5kdc.rst index 89919f568..711159b68 100644 --- a/doc/admin/admin_commands/krb5kdc.rst +++ b/doc/admin/admin_commands/krb5kdc.rst @@ -94,9 +94,7 @@ The realms are listed on the command line. Per-realm options that can be specified on the command line pertain for each realm that follows it and are superseded by subsequent definitions of the same option. -For example: - - :: +For example:: krb5kdc -p 2001 -r REALM1 -p 2002 -r REALM2 -r REALM3 diff --git a/doc/admin/admin_commands/sserver.rst b/doc/admin/admin_commands/sserver.rst index 61826dfaf..b4e464466 100644 --- a/doc/admin/admin_commands/sserver.rst +++ b/doc/admin/admin_commands/sserver.rst @@ -30,17 +30,13 @@ installed as |keytab|. The **-S** option allows for a different keytab than the default. sserver is normally invoked out of inetd(8), using a line in -``/etc/inetd.conf`` that looks like this: - - :: +``/etc/inetd.conf`` that looks like this:: sample stream tcp nowait root /usr/local/sbin/sserver sserver Since ``sample`` is normally not a port defined in ``/etc/services``, you will usually have to add a line to ``/etc/services`` which looks -like this: - - :: +like this:: sample 13135/tcp @@ -52,9 +48,7 @@ connecting to, be sure that both hosts have an entry in /etc/services for the sample tcp port, and that the same port number is in both files. -When you run sclient you should see something like this: - - :: +When you run sclient you should see something like this:: sendauth succeeded, reply is: reply len 32, contents: @@ -64,49 +58,39 @@ When you run sclient you should see something like this: COMMON ERROR MESSAGES --------------------- -1) kinit returns the error: - - :: +1) kinit returns the error:: kinit: Client not found in Kerberos database while getting - initial credentials + initial credentials This means that you didn't create an entry for your username in the Kerberos database. -2) sclient returns the error: - - :: +2) sclient returns the error:: unknown service sample/tcp; check /etc/services This means that you don't have an entry in /etc/services for the sample tcp port. -3) sclient returns the error: - - :: +3) sclient returns the error:: connect: Connection refused This probably means you didn't edit /etc/inetd.conf correctly, or you didn't restart inetd after editing inetd.conf. -4) sclient returns the error: - - :: +4) sclient returns the error:: sclient: Server not found in Kerberos database while using - sendauth + sendauth This means that the ``sample/hostname@LOCAL.REALM`` service was not defined in the Kerberos database; it should be created using :ref:`kadmin(1)`, and a keytab file needs to be generated to make the key for that service principal available for sclient. -5) sclient returns the error: - - :: +5) sclient returns the error:: sendauth rejected, error reply is: "No such file or directory" |