diff options
| author | Barry Jaspan <bjaspan@mit.edu> | 1996-06-06 21:55:07 +0000 |
|---|---|---|
| committer | Barry Jaspan <bjaspan@mit.edu> | 1996-06-06 21:55:07 +0000 |
| commit | db87b2457bcdf93103cd158ce9cfa83573ce3a1f (patch) | |
| tree | ebfeb1a5f20717f0d5101bcbdd1cb3ff56e8bd69 /doc/kadm5 | |
| parent | 7873d6d09b9e7d82c891f475d0aea080548e9ca9 (diff) | |
| download | krb5-db87b2457bcdf93103cd158ce9cfa83573ce3a1f.tar.gz krb5-db87b2457bcdf93103cd158ce9cfa83573ce3a1f.tar.xz krb5-db87b2457bcdf93103cd158ce9cfa83573ce3a1f.zip | |
add mkey_from_kbd, update create/modify masks
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8274 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'doc/kadm5')
| -rw-r--r-- | doc/kadm5/api-funcspec.tex | 24 |
1 files changed, 17 insertions, 7 deletions
diff --git a/doc/kadm5/api-funcspec.tex b/doc/kadm5/api-funcspec.tex index 0910c394d..dbfcfe5e9 100644 --- a/doc/kadm5/api-funcspec.tex +++ b/doc/kadm5/api-funcspec.tex @@ -452,6 +452,7 @@ typedef struct _kadm5_config_params { char *admin_keytab; /* server library (database) fields */ + int mkey_from_kbd; char *stash_file; char *mkey_name; krb5_enctype enctype; @@ -524,6 +525,11 @@ The keytab file containing the kadmin/admin and kadmin/changepw entries for the server to use. The default is the value of the KRB5_KTNAME environment variable, if defined. +\item[mkey_from_keyboard] No variable. MKEY_FROM_KEYBOARD. Server. +If non-zero, prompt for the master password via the tty instead of +using the stash file. If this mask bit is not set, or is set and the +value is zero, the stash file is used. + \item[stash_file] Variable: key_stash_file. STASH_FILE. Server. The file name containing the master key stash file. No default; libkdb will work with a NULL value. @@ -659,11 +665,11 @@ AUX_ATTRIBUTES & 0x000400 & aux_attributes & F & F \\ POLICY & 0x000800 & policy & O, none & O \\ POLICY_CLR & 0x001000 & policy & F & O \\ MAX_RLIFE & 0x002000 & max_renewable_life & O, K/M value & O \\ -LAST_SUCCESS & 0x004000 & last_success & F & O \\ -LAST_FAILED & 0x008000 & last_failed & F & O \\ +LAST_SUCCESS & 0x004000 & last_success & F & F \\ +LAST_FAILED & 0x008000 & last_failed & F & F \\ FAIL_AUTH_COUNT & 0x010000 & fail_auth_count & F & O \\ KEY_DATA & 0x020000 & n_key_data, key_data & F & F \\ -TL_DATA & 0x040000 & n_tl_data, tl_data & F & F +TL_DATA & 0x040000 & n_tl_data, tl_data & O, 0, NULL & O \end{tabular} \caption{Mask bits for creating, retrieving, and modifying principals.} \label{tab:princ-bits} @@ -1073,10 +1079,14 @@ to the realm. In KADM5_API_VERSION_2, the values in params_in are merged with the default values. If an illegal mask value is specified, KADM5_BAD_SERVER_PARAMS is returned. -\item Initializes direct access to the KDC database. If pass (or -keytab) is NULL or an empty string, reads the master password from -/.k5.REALM-NAME (created by kstash). Otherwise, the non-NULL password -is ignored and the user is prompted for it via the tty. +\item Initializes direct access to the KDC database. In +KADM5_API_VERISON_1, if pass (or keytab) is NULL or an empty string, +reads the master password from the stash file; otherwise, the non-NULL +password is ignored and the user is prompted for it via the tty. In +KADM5_API_VERSION_2, if the MKEY_FROM_KEYBOARD parameter mask is set +and the value is non-zero, reads the master keyboard from the user via +the tty; otherwise, the master key is read from the stash file. It is +illegal to call kadm5_init_with_skey with this parameter mask set. \item Initializes the dictionary (if present) for dictionary checks. |