doc: improve answer in FAQ for error 501 Not authorised

author Miroslav Lichvar <mlichvar@redhat.com>

Tue, 12 Apr 2016 10:27:31 +0000 (12:27 +0200)

committer Miroslav Lichvar <mlichvar@redhat.com>

Tue, 12 Apr 2016 10:43:10 +0000 (12:43 +0200)
author Miroslav Lichvar <mlichvar@redhat.com>
Tue, 12 Apr 2016 10:27:31 +0000 (12:27 +0200)
committer Miroslav Lichvar <mlichvar@redhat.com>
Tue, 12 Apr 2016 10:43:10 +0000 (12:43 +0200)
diff --git a/doc/faq.adoc b/doc/faq.adoc

index 9a4b721caaecfb2e79dc6f51d514461065f840c9..d8d775afbb8ba1e98540266b8b759f9781830231 100644 (file)
--- a/doc/faq.adoc
+++ b/doc/faq.adoc
@@ -271,8 +271,14 @@ Perhaps you have a firewall set up in a way that blocks packets on port
  === I keep getting the error +501 Not authorised+
  
  Since version 2.2, the +password+ command doesn't do anything and +chronyc+
-needs to run under the root or chrony user, which are allowed to access the
-Unix domain command socket.
+needs to run locally under the root or _chrony_ user, which are allowed to
+access the +chronyd+'s Unix domain command socket.
+
+With older versions, you need to authenticate with the +password+ command or
+use the +-a+ option to authenticate automatically.  The configuration file
+needs to specify a file which contains keys (+keyfile+ directive) and which key
+in the key file should be used for +chronyc+ authentication (+commandkey+
+directive).
  
  === Is the +chronyc+ / +chronyd+ protocol documented anywhere?
author	Miroslav Lichvar <mlichvar@redhat.com>
	Tue, 12 Apr 2016 10:27:31 +0000 (12:27 +0200)
committer	Miroslav Lichvar <mlichvar@redhat.com>
	Tue, 12 Apr 2016 10:43:10 +0000 (12:43 +0200)