|kdcdir|\ ``/principal``.
**default_principal_expiration**
- (Absolute time string.) Specifies the default expiration date of
+ (:ref:`abstime` string.) Specifies the default expiration date of
principals created in this realm. The default value is 0, which
means no expiration date.
values, see :ref:`Encryption_and_salt_types`.
**max_life**
- (Delta time string.) Specifies the maximum time period for which
- a ticket may be valid in this realm. The default value is 24
- hours.
+ (:ref:`duration` string.) Specifies the maximum time period for
+ which a ticket may be valid in this realm. The default value is
+ 24 hours.
**max_renewable_life**
- (Delta time string.) Specifies the maximum time period during
- which a valid ticket may be renewed in this realm. The default
- value is 0.
+ (:ref:`duration` string.) Specifies the maximum time period
+ during which a valid ticket may be renewed in this realm.
+ The default value is 0.
**no_host_referral**
(Whitespace- or comma-separated list.) Lists services to block
set. The default is not to search domain components.
**renew_lifetime**
- Sets the default renewable lifetime for initial ticket requests.
- The default value is 0.
+ (:ref:`duration` string.) Sets the default renewable lifetime
+ for initial ticket requests. The default value is 0.
**safe_checksum_type**
An integer which specifies the type of checksum to use for the
configuration option for the possible values and their meanings.
**ticket_lifetime**
- Sets the default lifetime for initial ticket requests. The
- default value is 1 day.
+ (:ref:`duration` string.) Sets the default lifetime for initial
+ ticket requests. The default value is 1 day.
**udp_preference_limit**
When sending a message to the KDC, the library will try using TCP
.. _datetime:
-Supported date and time formats.
-================================
+Supported date and time formats
+===============================
.. _duration:
-Duration ("deltat")
--------------------
+Time duration
+-------------
This format is used to express a time duration in the Kerberos
configuration files and user commands. The allowed formats are:
+------------------------+----------------------+ |
| dd-month-yyyy:hh:mm:ss | 31-Dec-2014:23:59:00 | |
+------------------------+----------------------+--------------+
- | hh:mm:ss | 20:30:00 | 8 o'clock in |
+ | hh:mm:ss | 20:00:00 | 8 o'clock in |
+------------------------+----------------------+ the evening |
- | hhmmss | 203000 | |
+ | hhmmss | 200000 | |
+------------------------+----------------------+--------------+
(See :ref:`abbreviation`.)
display verbose output.
**-l** *lifetime*
- requests a ticket with the lifetime *lifetime*. The valid formats
- for *lifetime* are:
-
- ::
-
- h:m:s
- NdNhNmNs
-
- where
-
- ::
-
- s seconds
- m minutes
- h hours
- d days
- N number
+ (:ref:`duration` string.) Requests a ticket with the lifetime
+ *lifetime*.
For example, ``kinit -l 5:30`` or ``kinit -l 5h30m``.
will not override the configured maximum ticket lifetime.
**-s** *start_time*
- requests a postdated ticket. Postdated tickets are issued with the
- **invalid** flag set, and need to be resubmitted to the KDC for
- validation before use.
+ (:ref:`duration` string.) Requests a postdated ticket. Postdated
+ tickets are issued with the **invalid** flag set, and need to be
+ resubmitted to the KDC for validation before use.
*start_time* specifies the duration of the delay before the ticket
- can become valid using the same time format as the **-l** option.
+ can become valid.
**-r** *renewable_life*
- requests renewable tickets, with a total lifetime of
- *renewable_life*. The duration is in the same format as the
- **-l** option.
+ (:ref:`duration` string.) Requests renewable tickets, with a total
+ lifetime of *renewable_life*.
**-f**
requests forwardable tickets.
when getting a ticket granting ticket from the Kerberos server.
**-l** *lifetime*
- specifies the lifetime to be requested for the ticket; if this
- option is not specified, the default ticket lifetime (12 hours)
- is used instead. The valid formats for *lifetime* are:
-
- ::
-
- h:m:s
- NdNhNmNs
-
- where
-
- ::
-
- s seconds
- m minutes
- h hours
- d days
- N number
+ (:ref:`duration` string.) Specifies the lifetime to be requested
+ for the ticket; if this option is not specified, the default ticket
+ lifetime (12 hours) is used instead.
**-r** *time*
- specifies that the **renewable** option should be requested for
- the ticket, and specifies the desired total lifetime of the
- ticket using the same time format as the **-l** option.
+ (:ref:`duration` string.) Specifies that the **renewable** option
+ should be requested for the ticket, and specifies the desired
+ total lifetime of the ticket.
**-p**
specifies that the **proxiable** option should be requested for
projects / thirdparty / krb5.git / commitdiff
