From: Tom Yu Date: Tue, 23 Mar 2010 01:58:22 +0000 (+0000) Subject: pull up r23820 from trunk X-Git-Tag: krb5-1.8.1-beta1~6 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=d397a8f694d82e02ab3ceb571ec99d34ae37602c;p=krb5.git pull up r23820 from trunk ------------------------------------------------------------------------ r23820 | ghudson | 2010-03-19 09:17:05 -0700 (Fri, 19 Mar 2010) | 7 lines ticket: 6680 target_version: 1.8.1 tags: pullup Document the ticket_lifetime libdefaults setting (which was added in r16656, #2656). Based on a patch from nalin@redhat.com. ticket: 6680 version_fixed: 1.8.1 status: resolved git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23827 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/doc/admin.texinfo b/doc/admin.texinfo index 5e80af3b4..1ec468518 100644 --- a/doc/admin.texinfo +++ b/doc/admin.texinfo @@ -516,13 +516,6 @@ DCE do not support the default cache as created by this version of Kerberos. Use a value of 1 on DCE 1.0.3a systems, and a value of 2 on DCE 1.1 systems. The default value is @value{DefaultCcacheType}. -@ignore -@itemx tkt_lifetime -The default lifetime of a ticket. The default is -@value{DefaultTktLifetime}. This is currently not supported by the -code. -@end ignore - @itemx dns_lookup_kdc Indicate whether DNS SRV records should be used to locate the KDCs and other servers for a realm, if they are not listed in the information for @@ -583,6 +576,11 @@ If this flag is set, then an attempt to get initial credentials will fail if the client machine does not have a keytab. The default for the flag is @value{DefaultVerifyApReqNofail}. +@itemx ticket_lifetime +The value of this tag is the default lifetime for +initial tickets. The default value for the tag is +@value{DefaultTktLifetime}. + @itemx renew_lifetime The value of this tag is the default renewable lifetime for initial tickets. The default value for the tag is diff --git a/src/config-files/krb5.conf.M b/src/config-files/krb5.conf.M index 9778e8178..412156bdf 100644 --- a/src/config-files/krb5.conf.M +++ b/src/config-files/krb5.conf.M @@ -220,6 +220,10 @@ If this flag is set, then an attempt to get initial credentials will fail if the client machine does not have a keytab. The default for the flag is false. +.IP ticket_lifetime +The value of this tag is the default lifetime for initial tickets. The +default value for the tag is 1 day (1d). + .IP renew_lifetime The value of this tag is the default renewable lifetime for initial tickets. The default value for the tag is 0.