1 files changed, 15 insertions, 41 deletions

diff --git a/doc/admin/conf_files/krb5_conf.rst b/doc/admin/conf_files/krb5_conf.rst
index 008ca4ce8..5930cf328 100644
--- a/doc/admin/conf_files/krb5_conf.rst
+++ b/doc/admin/conf_files/krb5_conf.rst
@@ -17,14 +17,11 @@ Structure
 
 The krb5.conf file is set up in the style of a Windows INI file.
 Sections are headed by the section name, in square brackets.  Each
-section may contain zero or more relations, of the form:
-
- ::
+section may contain zero or more relations, of the form::
 
     foo = bar
 
-or
- ::
+or::
 
     fubar = {
         foo = bar
@@ -36,8 +33,7 @@ value for the tag.  This means that neither the remainder of this
 configuration file nor any other configuration file will be checked
 for any other values for this tag.
 
-For example, if you have the following lines:
- ::
+For example, if you have the following lines::
 
     foo = bar*
     foo = baz
@@ -45,9 +41,7 @@ For example, if you have the following lines:
 then the second value of ``foo`` (``baz``) would never be read.
 
 The krb5.conf file can include other files using either of the
-following directives at the beginning of a line:
-
- ::
+following directives at the beginning of a line::
 
     include FILENAME
     includedir DIRNAME
@@ -62,9 +56,7 @@ file must begin with a section header.
 The krb5.conf file can specify that configuration should be obtained
 from a loadable module, rather than the file itself, using the
 following directive at the beginning of a line before any section
-headers:
-
- ::
+headers::
 
     module MODULEPATH:RESIDUAL
 
@@ -398,8 +390,7 @@ following tags may be specified in the realm's subsection:
         default realm, this rule is not applicable and the conversion
         will fail.
 
-    For example:
-     ::
+    For example::
 
         [realms]
             ATHENA.MIT.EDU = {
@@ -505,9 +496,7 @@ for that particular host or domain.  A host name relation implicitly
 provides the corresponding domain name relation, unless an explicit domain
 name relation is provided.  The Kerberos realm may be
 identified either in the realms_ section or using DNS SRV records.
-Host names and domain names should be in lower case.  For example:
-
- ::
+Host names and domain names should be in lower case.  For example::
 
     [domain_realm]
         crash.mit.edu = TEST.ATHENA.MIT.EDU
@@ -563,9 +552,7 @@ For example, ``ANL.GOV``, ``PNL.GOV``, and ``NERSC.GOV`` all wish to
 use the ``ES.NET`` realm as an intermediate realm.  ANL has a sub
 realm of ``TEST.ANL.GOV`` which will authenticate with ``NERSC.GOV``
 but not ``PNL.GOV``.  The [capaths] section for ``ANL.GOV`` systems
-would look like this:
-
- ::
+would look like this::
 
     [capaths]
         ANL.GOV = {
@@ -588,9 +575,7 @@ would look like this:
         }
 
 The [capaths] section of the configuration file used on ``NERSC.GOV``
-systems would look like this:
-
- ::
+systems would look like this::
 
     [capaths]
         NERSC.GOV = {
@@ -628,8 +613,7 @@ Each tag in the [appdefaults] section names a Kerberos V5 application
 or an option that is used by some Kerberos V5 application[s].  The
 value of the tag defines the default behaviors for that application.
 
-For example:
- ::
+For example::
 
     [appdefaults]
         telnet = {
@@ -851,27 +835,21 @@ PKINIT options
           A realm-specific value overrides, not adds to, a generic
           [libdefaults] specification.  The search order is:
 
-1. realm-specific subsection of [libdefaults]:
-
-    ::
+1. realm-specific subsection of [libdefaults]::
 
        [libdefaults]
            EXAMPLE.COM = {
                pkinit_anchors = FILE:/usr/local/example.com.crt
            }
 
-2. realm-specific value in the [realms] section,
-
-    ::
+2. realm-specific value in the [realms] section::
 
        [realms]
            OTHERREALM.ORG = {
                pkinit_anchors = FILE:/usr/local/otherrealm.org.crt
            }
 
-3. generic value in the [libdefaults] section.
-
-    ::
+3. generic value in the [libdefaults] section::
 
        [libdefaults]
            pkinit_anchors = DIR:/usr/local/generic_trusted_cas/
@@ -1004,9 +982,7 @@ PKINIT krb5.conf options
         * digitalSignature
         * keyEncipherment
 
-    Examples:
-
-     ::
+    Examples::
 
         pkinit_cert_match = ||<SUBJECT>.*DoE.*<SAN>.*@EXAMPLE.COM
         pkinit_cert_match = &&<EKU>msScLogin,clientAuth<ISSUER>.*DoE.*
@@ -1115,9 +1091,7 @@ Valid parameters are:
 Sample krb5.conf file
 ---------------------
 
-Here is an example of a generic krb5.conf file:
-
- ::
+Here is an example of a generic krb5.conf file::
 
     [libdefaults]
         default_realm = ATHENA.MIT.EDU