Initial revision

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@2084 dc483132-0cff-0310-8789-dd5450dbe970

2 files changed, 107 insertions, 0 deletions

diff --git a/src/config-files/krb.conf.M b/src/config-files/krb.conf.M
new file mode 100644
index 000000000..ace57a2d4
--- /dev/null
+++ b/src/config-files/krb.conf.M
@@ -0,0 +1,47 @@
+.\" $Source$
+.\" $Author$
+.\" $Id$
+.\" Copyright 1989,1991 by the Massachusetts Institute of Technology.
+.\"
+.\" For copying and distribution information,
+.\" please see the file <krb5/copyright.h>.
+.\"
+.TH KRB.CONF 5 "Kerberos Version 5.0" "MIT Project Athena"
+.SH NAME
+krb.conf \- Kerberos configuration file
+.SH DESCRIPTION
+.I krb.conf
+contains configuration information describing the Kerberos realm and the
+Kerberos key distribution center (KDC) servers for known realms.
+.PP
+.I krb.conf
+contains two sections.  The first section consists of only the first
+line in the file.  This line identifies the default realm to be used in
+a client host's Kerberos activity.
+.PP
+The second section consists of the remainder of the file.  Each
+subsequent line maps a realm name to a host running a KDC for that
+realm.  The first token on the line is the realm name, and the second is
+the hostname of a host running a KDC for that realm.  The words "admin
+server" following the hostname indicate that the host also provides an
+administrative database server.  For example, this file:
+.sp
+.nf
+.in +1i
+FOO.MIT.EDU
+ATHENA.MIT.EDU kerberos-1.mit.edu admin server
+ATHENA.MIT.EDU kerberos-2.mit.edu
+FOO.MIT.EDU bar-kerberos.mit.edu
+LCS.MIT.EDU kerberos.lcs.mit.edu admin server
+.in -1i
+.fi
+.sp
+configures the local host to run in the FOO.MIT.EDU realm by default,
+identifies kerberos-1.mit.edu and kerberos-2.mit.edu as KDC's for the
+ATHENA.MIT.EDU realm, bar-kerberos.mit.edu as a KDC for the FOO.MIT.EDU
+realm, and kerberos.lcs.mit.edu as a KDC for the LCS.MIT.EDU.
+In addition, kerberos.lcs.mit.edu provides an administrative server for
+the LCS realm, and kerberos-1.mit.edu provides such a server for the
+Athena realm.
+.SH SEE ALSO
+krb.realms(5)
diff --git a/src/config-files/krb.realms.M b/src/config-files/krb.realms.M
new file mode 100644
index 000000000..2074050d7
--- /dev/null
+++ b/src/config-files/krb.realms.M
@@ -0,0 +1,60 @@
+.\" $Source$
+.\" $Author$
+.\" $Id$
+.\" Copyright 1989,1991 by the Massachusetts Institute of Technology.
+.\"
+.\" For copying and distribution information,
+.\" please see the file <krb5/copyright.h>.
+.\"
+.TH KRB.REALMS 5 "Kerberos Version 5.0" "MIT Project Athena"
+.SH NAME
+krb.realms \- host to Kerberos realm translation file
+.SH DESCRIPTION
+.I krb.realms
+provides a translation from a hostname to the Kerberos realm name for
+the services provided by that host.
+.PP
+Each line of the translation file is in one of the following forms
+(domain_name should be of the form .XXX.YYY, e.g. .LCS.MIT.EDU):
+.nf
+.in +5n
+host_name kerberos_realm
+domain_name kerberos_realm
+.in -5n
+.fi
+If a hostname exactly matches the 
+.I host_name
+field in a line of the first
+form, the corresponding realm is the realm of the host.
+If a hostname does not match any 
+.I host_name
+in the file, but its
+domain exactly matches the 
+.I domain_name
+field in a line of the second
+form, the corresponding realm is the realm of the host.
+.PP
+If no translation entry applies, the host's realm is considered to be
+the hostname's domain portion converted to upper case.
+For example, the following file:
+.sp
+.nf
+.in +1i
+ .MIT.EDU ATHENA.MIT.EDU
+ .MIT.EDU. ATHENA.MIT.EDU
+ MIT.EDU ATHENA.MIT.EDU
+ DODO.MIT.EDU SMS_TEST.MIT.EDU
+ .UCSC.EDU CATS.UCSC.EDU
+ .UCSC.EDU. CATS.UCSC.EDU
+.in -1i
+.fi
+.sp
+maps dodo.mit.edu into the SMS_TEST.MIT.EDU realm, all other hosts in
+the MIT.EDU domain to the ATHENA.MIT.EDU realm, and all hosts in the
+UCSC.EDU domain into the CATS.UCSC.EDU realm.  [The trailing dot is to
+ensure that anchored domain names are properly matched.]
+ucbvax.berkeley.edu would be mapped by the default rules to the
+BERKELEY.EDU realm, while sage.lcs.mit.edu would be mapped to the
+LCS.MIT.EDU realm.
+.SH SEE ALSO
+krb.conf(5)