- move the default acl_file, dict_file, and admin_keytab settings to the

    part of the default/example kdc.conf where they'll actually have an
    effect (#236417)

2 files changed, 8 insertions, 3 deletions

diff --git a/kdc.conf b/kdc.conf
index ce43458..67e4735 100644
--- a/kdc.conf
+++ b/kdc.conf
@@ -1,10 +1,10 @@
 [kdcdefaults]
- acl_file = /var/kerberos/krb5kdc/kadm5.acl
- dict_file = /usr/share/dict/words
- admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
  v4_mode = nopreauth
 
 [realms]
+ acl_file = /var/kerberos/krb5kdc/kadm5.acl
+ dict_file = /usr/share/dict/words
+ admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
  EXAMPLE.COM = {
   #master_key_type = des3-hmac-sha1
   supported_enctypes = des3-hmac-sha1:normal arcfour-hmac:normal des-hmac-sha1:normal des-cbc-md5:normal des-cbc-crc:normal des-cbc-crc:v4 des-cbc-crc:afs3
diff --git a/krb5.spec b/krb5.spec
index c5eb6c0..da49e9b 100644
--- a/krb5.spec
+++ b/krb5.spec
@@ -193,6 +193,11 @@ installed on systems which are meant provide these services.
 %endif
 
 %changelog
+* Fri Apr 13 2007 Nalin Dahyabhai <nalin@redhat.com>
+- move the default acl_file, dict_file, and admin_keytab settings to
+  the part of the default/example kdc.conf where they'll actually have
+  an effect (#236417)
+
 * Tue Apr  3 2007 Nalin Dahyabhai <nalin@redhat.com> 1.6-3
 - add patch to correct unauthorized access via krb5-aware telnet
   daemon (#229782, CVE-2007-0956)