cvs commit: BLFS/BOOK/postlfs/security/mitkrb mitkrb-config.xml mitkrb-desc.xml mitkrb-exp.xml mitkrb-intro.xml

larry at linuxfromscratch.org larry at linuxfromscratch.org
Thu May 6 07:42:45 PDT 2004


larry       04/05/06 08:42:45

  Modified:    BOOK/postlfs/security/mitkrb mitkrb-config.xml
                        mitkrb-desc.xml mitkrb-exp.xml mitkrb-intro.xml
  Log:
  review modifications to MIT kerberos
  
  Revision  Changes    Path
  1.2       +15 -2     BLFS/BOOK/postlfs/security/mitkrb/mitkrb-config.xml
  
  Index: mitkrb-config.xml
  ===================================================================
  RCS file: /home/cvsroot/BLFS/BOOK/postlfs/security/mitkrb/mitkrb-config.xml,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- mitkrb-config.xml	6 May 2004 03:01:04 -0000	1.1
  +++ mitkrb-config.xml	6 May 2004 14:42:45 -0000	1.2
  @@ -1,5 +1,5 @@
   <sect2>
  -<title>Configuring Heimdal</title>
  +<title>Configuring <application><acronym>MIT</acronym> krb5</application></title>
   
   <sect3><title>Config files</title>
   <para><filename>/etc/krb5.conf</filename> and
  @@ -252,8 +252,21 @@
   
   <para>
   The kerberized programs will connect to non kerberized daemons, warning
  -you that authentication is not encrypted.</para>
  +you that authentication is not encrypted.</para></sect4>
   
  +
  +<sect4><title>Using Kerberized Server Programs</title>
  +
  +<para>Using kerberized server programs (<command>telnetd</command>,
  +<command>kpropd</command>, 
  +<command>klogind</command> and <command>kshd</command>) requires two additional configuration steps.
  +First the <filename>/etc/services</filename> file must be updated to
  +include  eklogin and krb5_prop. Second, the
  +<filename>inetd.conf</filename> or <filename>xinetd.conf</filename> must
  +be modified for each server that will be activated, usually replacing
  +the server from <application>inetutils</application>.</para></sect4>
  +
  +<sect4><title>Additional Information</title>
   <para>
   For additional information consult <ulink
   url="http://web.mit.edu/kerberos/www/krb5-1.3/#documentation">Documentation
  
  
  
  1.2       +15 -16    BLFS/BOOK/postlfs/security/mitkrb/mitkrb-desc.xml
  
  Index: mitkrb-desc.xml
  ===================================================================
  RCS file: /home/cvsroot/BLFS/BOOK/postlfs/security/mitkrb/mitkrb-desc.xml,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- mitkrb-desc.xml	6 May 2004 03:01:04 -0000	1.1
  +++ mitkrb-desc.xml	6 May 2004 14:42:45 -0000	1.2
  @@ -16,10 +16,8 @@
   <command>kdestroy</command>,
   <command>kinit</command>,
   <command>klist</command>,
  -<command>klogin</command>,
   <command>klogind</command>,
   <command>kpasswd</command>,
  -<command>kpasswdd</command>,
   <command>kprop</command>,
   <command>kpropd</command>,
   <command>krb5-send-pr</command>,
  @@ -64,10 +62,12 @@
   <sect2><title>Description</title>
   
   <sect3><title>compile_et</title>
  -<para><command>compile_et</command></para></sect3>
  +<para><command>compile_et</command> converts the table listing
  +error-code names into a <application>C</application> source file.</para></sect3>
   
   <sect3><title>k5srvutil</title>
  -<para><command>k5srvutil</command> </para></sect3>
  +<para><command>k5srvutil</command> is a host keytable manipulation
  +utility.</para></sect3>
   
   <sect3><title>kadmin</title>
   <para><command>kadmin</command> is an utility used to make modifications
  @@ -91,26 +91,21 @@
   tickets.</para></sect3>
   
   <sect3><title>kdb5_util</title>
  -<para><command>kdb5_util</command> </para></sect3>
  +<para><command>kdb5_util</command> is the <acronym>KDC</acronym>
  +database utility.</para></sect3>
   
   <sect3><title>klist</title>
   <para><command>klist</command> reads and displays the current tickets in
   the credential cache.</para></sect3>
   
  -<sect3><title>klogin</title>
  -<para><command>klogin</command></para></sect3>
  -
   <sect3><title>klogind</title>
  -<para><command>klogind</command></para></sect3>
  +<para><command>klogind</command> is the server that responds to rlogin
  +requests.</para></sect3>
   
   <sect3><title>kpasswd</title>
   <para><command>kpasswd</command> is a program for changing Kerberos 5
   passwords.</para></sect3>
   
  -<sect3><title>kpasswdd</title>
  -<para><command>kpasswdd</command> is a Kerberos 5 password changing
  -server.</para></sect3>
  -
   <sect3><title>kprop</title>
   <para><command>kprop</command> takes a principal database in a specified
   format and converts it into a stream of Heimdal database
  @@ -125,15 +120,19 @@
   <para><command>krb5-config</command> gives information on how to link
   programs against libraries.</para></sect3>
   
  -<sect3><title>kshd</title>
  -<para><command>kshd</command> </para></sect3>
  +<sect3><title>ksu</title>
  +<para><command>ksu</command> is the super user program using Kerberos
  +protocol. Requires a properly configured
  +<filename>/etc/shells</filename> and <filename>~/.k5login</filename>
  +containing principals authorized to become super users.</para></sect3>
   
   <sect3><title>ktutil</title>
   <para><command>ktutil</command> is a program for managing Kerberos
   keytabs.</para></sect3>
   
   <sect3><title>kvno</title>
  -<para><command>kvno</command> </para></sect3>
  +<para><command>kvno</command> prints keyversion numbers of Kerberos
  +principals.</para></sect3>
   
   
   </sect2>
  
  
  
  1.3       +2 -3      BLFS/BOOK/postlfs/security/mitkrb/mitkrb-exp.xml
  
  Index: mitkrb-exp.xml
  ===================================================================
  RCS file: /home/cvsroot/BLFS/BOOK/postlfs/security/mitkrb/mitkrb-exp.xml,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- mitkrb-exp.xml	6 May 2004 03:49:42 -0000	1.2
  +++ mitkrb-exp.xml	6 May 2004 14:42:45 -0000	1.3
  @@ -22,8 +22,7 @@
   ln -sf ../../lib/libk5crypto.so /usr/lib
   ln -sf ../../lib/libcom_err.so /usr/lib</command></screen>
   The <command>login</command> and <command>ksu</command> programs
  -are linked against these libraries. We move these libraries to <filename
  -class="directory">/lib</filename> to allow logins without mounting <filename
  -class="directory">/usr</filename>.</para>
  +are linked against these libraries, therefore we move these libraries to 
  +<filename class="directory">/lib</filename> to allow logins without mounting <filename class="directory">/usr</filename>.</para>
   
   </sect2>
  
  
  
  1.2       +5 -5      BLFS/BOOK/postlfs/security/mitkrb/mitkrb-intro.xml
  
  Index: mitkrb-intro.xml
  ===================================================================
  RCS file: /home/cvsroot/BLFS/BOOK/postlfs/security/mitkrb/mitkrb-intro.xml,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- mitkrb-intro.xml	6 May 2004 03:01:04 -0000	1.1
  +++ mitkrb-intro.xml	6 May 2004 14:42:45 -0000	1.2
  @@ -1,5 +1,5 @@
   <sect2>
  -<title>Introduction to <application>MIT krb5</application></title>
  +<title>Introduction to <application><acronym>MIT</acronym> krb5</application></title>
   
   <para>
   <application>MIT krb5</application> is a free implementation of Kerberos
  @@ -17,12 +17,12 @@
   <listitem><para>Estimated build time: &mitkrb-time;</para></listitem></itemizedlist>
   </sect3>
   
  -<sect3><title><application>MIT krb5</application> dependencies</title>
  +<sect3><title><application><acronym>MIT</acronym> krb5</application> dependencies</title>
   <sect4><title>Optional</title>
   <para>
  -<xref linkend="Linux_PAM"/>,
  -<xref linkend="openldap"/> and
  -<ulink url="http://www.pdc.kth.se/kth-krb/">krb4</ulink>
  +<xref linkend="xinetd"/> (services servers only), 
  +<xref linkend="Linux_PAM"/> (for xdm based logins) and
  +<xref linkend="openldap"/> (alternative for krb5kdc password database)
   </para>
   
   <note><para>
  
  
  



More information about the blfs-book mailing list