From: Ben Kaduk Date: Mon, 20 May 2013 17:04:32 +0000 (-0400) Subject: Clarify that kdc.conf and krb5.conf are merged X-Git-Tag: krb5-1.12-alpha1~158 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e818d27a372d021bc6025e7bce867ed06a8fc1ad;p=thirdparty%2Fkrb5.git Clarify that kdc.conf and krb5.conf are merged These two files are merged into the profile for KDC applications --- diff --git a/doc/admin/conf_files/index.rst b/doc/admin/conf_files/index.rst index 078a173049..a04836ac74 100644 --- a/doc/admin/conf_files/index.rst +++ b/doc/admin/conf_files/index.rst @@ -1,6 +1,17 @@ Configuration Files =================== +Kerberos uses configuration files to allow administrators to specify +settings on a per-machine basis. :ref:`krb5.conf(5)` applies to all +applications using the Kerboros library, on clients and servers. +For KDC-specific applications, additional settings can be specified in +:ref:`kdc.conf(5)`; the two files are merged into a configuration profile +used by applications accessing the KDC database directly. :ref:`kadm5.acl(5)` +is also only used on the KDC, it controls permissions for modifying the +KDC database. + +Contents +-------- .. toctree:: :maxdepth: 1 diff --git a/doc/admin/conf_files/kdc_conf.rst b/doc/admin/conf_files/kdc_conf.rst index 79599eebb6..7bad0119ea 100644 --- a/doc/admin/conf_files/kdc_conf.rst +++ b/doc/admin/conf_files/kdc_conf.rst @@ -6,7 +6,9 @@ kdc.conf The kdc.conf file supplements :ref:`krb5.conf(5)` for programs which are typically only used on a KDC, such as the :ref:`krb5kdc(8)` and :ref:`kadmind(8)` daemons and the :ref:`kdb5_util(8)` program. -Relations documented here may also be specified in krb5.conf. +Relations documented here may also be specified in krb5.conf; for the +KDC programs mentioned, krb5.conf and kdc.conf will be merged into a +single configuration profile. Normally, the kdc.conf file is found in the KDC state directory, |kdcdir|. You can override the default location by setting the