Edit defaults page in documentation

Eliminate unused values and OS-specific stuff.  Reformat tables.  Add
a path substitution for sysconfdir to be used in the default config
file path.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25793 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/doc/rst_source/conf.py b/doc/rst_source/conf.py
index c423e08e5527af4e5457583ef5e5298ddd8b33b2..8381fb4772c43097ee56837d80f903ae8472bf71 100644 (file)
--- a/doc/rst_source/conf.py
+++ b/doc/rst_source/conf.py
@@ -213,17 +213,20 @@ if 'mansubs' in tags:
     sbindir = '@SBINDIR@'
     libdir = '@LIBDIR@'
     localstatedir = '@LOCALSTATEDIR@'
     sbindir = '@SBINDIR@'
     libdir = '@LIBDIR@'
     localstatedir = '@LOCALSTATEDIR@'

+    sysconfdir = '@SYSCONFDIR@'

 else:
     bindir = '/usr/local/bin'
     sbindir = '/usr/local/sbin'
     libdir = '/usr/local/lib'
     localstatedir = '/usr/local/var'
 else:
     bindir = '/usr/local/bin'
     sbindir = '/usr/local/sbin'
     libdir = '/usr/local/lib'
     localstatedir = '/usr/local/var'

+    sysconfdir = '/usr/local/etc'

 
 rst_epilog = '\n'
 rst_epilog += '.. |bindir| replace:: ``%s``\n' % bindir
 rst_epilog += '.. |sbindir| replace:: ``%s``\n' % sbindir
 rst_epilog += '.. |libdir| replace:: ``%s``\n' % libdir
 rst_epilog += '.. |kdcdir| replace:: ``%s/krb5kdc``\n' % localstatedir
 
 rst_epilog = '\n'
 rst_epilog += '.. |bindir| replace:: ``%s``\n' % bindir
 rst_epilog += '.. |sbindir| replace:: ``%s``\n' % sbindir
 rst_epilog += '.. |libdir| replace:: ``%s``\n' % libdir
 rst_epilog += '.. |kdcdir| replace:: ``%s/krb5kdc``\n' % localstatedir

+rst_epilog += '.. |sysconfdir| replace:: ``%s``\n' % sysconfdir

 rst_epilog += '''
 .. |keytab| replace:: ``/etc/krb5.keytab``
 .. |krb5conf| replace:: ``/etc/krb5.conf``
 rst_epilog += '''
 .. |keytab| replace:: ``/etc/krb5.keytab``
 .. |krb5conf| replace:: ``/etc/krb5.conf``

diff --git a/doc/rst_source/mitK5defaults.rst b/doc/rst_source/mitK5defaults.rst
index db6e067e0680110ed516191e85f6ea00decb0fed..18c1abb19db7e6b3a121ffbed78299e831969b7e 100644 (file)
--- a/doc/rst_source/mitK5defaults.rst
+++ b/doc/rst_source/mitK5defaults.rst
@@ -3,100 +3,64 @@
 MIT Kerberos defaults
 =====================
 
 MIT Kerberos defaults
 =====================
 

-The list of the site- and OS- dependent configuration
------------------------------------------------------
-
- ================================================== ============================================== =====================================
-            \                                          Default                                                   Environment
- ================================================== ============================================== =====================================
- Keytab file                                        FILE\:/etc/krb5.keytab                           KRB5_KTNAME
- Path to Kerberos configuration file                /etc/krb5.conf:SYSCONFDIR/krb5.conf              KRB5_CONFIG
- KDC configuration file                             LOCALSTATEDIR/krb5kdc/kdc.conf                   KRB5_KDC_PROFILE
- The location of the default database               LOCALSTATEDIR/krb5kdc/principal
- Master key stash file location and prefix          LOCALSTATEDIR/krb5kdc/.k5.
-                                                    (e.g., /usr/local/var/krb5kdc/.k5.YOURREALM)
- Admin Access Control List (ACL) file               LOCALSTATEDIR/krb5kdc/krb5_adm.acl
- Admin ACL file used by old admin server            LOCALSTATEDIR/krb5kdc/kadm_old.acl
- Kerberos database library path                     MODULEDIR/kdb
- Base directory where plugins are located           LIBDIR/krb5/plugins
- Master key default enctype                         ENCTYPE_AES256_CTS_HMAC_SHA1_96
- The name of the replay cache used by KDC           dfl:krb5kdc_rcache                              KRB5RCACHETYPE, KRB5RCACHENAME
- KDC portname used for /etc/services or equiv.      "kerberos"
- KDC secondary portname for backward compatibility  "kerberos-sec"
- KDC default port                                   88
- KDC default port for authentication                750
- Admin change password port                         464
- KDC UDP default portlist                           "88,750"
- ================================================== ============================================== =====================================
-
-
-MAC OS specific
----------------
-
- ============================================================ ================================
- Path to Kerberos config file                                   ~/Library/Preferences/edu.mit.Kerberos:/etc/krb5.conf:SYSCONFDIR/krb5.conf
- Base directory where krb5 plugins are located                  /System/Library/KerberosPlugins/KerberosFrameworkPlugins
- Base directory where Kerberos databadse plugins are located    /System/Library/KerberosPlugins/KerberosDatabasePlugins
- Base directory where authorization data plugins are located    /System/Library/KerberosPlugins/KerberosAuthDataPlugins
- ============================================================ ================================
-
-
-Windows specific
+General defaults

 ----------------
 
 ----------------
 

- ======================================= ====================================================
- Kerberos config file name                krb5.ini
- Keytab file name                         FILE\:%s\\krb5kt (for example, C:\\WINDOWS\\krb5kt)
- ======================================= ====================================================
-
-
-Defaults for the KADM5 admin system
+==========================  =============================  ====================
+Description                 Default                        Environment
+==========================  =============================  ====================
+Keytab file                 ``FILE:``\ |keytab|            **KRB5_KTNAME**
+Kerberos config file        |krb5conf|\ ``:``\             **KRB5_CONFIG**
+                            |sysconfdir|\ ``/krb5.conf``
+KDC config file             |kdcdir|\ ``/kdc.conf``        **KRB5_KDC_PROFILE**
+KDC database path (DB2)     |kdcdir|\ ``/principal``
+Master key stash file       |kdcdir|\ ``/.k5.``\ *realm*
+Admin server ACL file       |kdcdir|\ ``/kadm5.acl``
+Plugin base directory       |libdir|\ ``/krb5/plugins``
+Replay cache directory      ``/var/tmp``                   **KRB5RCACHEDIR**
+Master key default enctype  |defmkey|
+Supported enc/salt types    |defkeysalts|
+Permitted enctypes          |defetypes|
+KDC default port            88
+Second KDC default port     750
+Admin server port           749
+Password change port        464
+==========================  =============================  ====================
+
+
+Slave KDC propagation defaults
+------------------------------
+
+This table shows defaults used by the :ref:`kprop(8)` and
+:ref:`kpropd(8)` programs.
+
+==========================  ==============================  ===========
+Description                 Default                         Environment
+==========================  ==============================  ===========
+kprop database dump file    |kdcdir|\ ``/slave_datatrans``
+kpropd temporary dump file  |kdcdir|\ ``/from_master``
+kdb5_util location          |sbindir|\ ``/kdb5_util``
+kprop location              |sbindir|\ ``/kprop``
+kpropd ACL file             |kdcdir|\ ``/kpropd.acl``
+kprop port                  754                             KPROP_PORT
+==========================  ==============================  ===========
+
+
+Default paths for Unix-like systems

 -----------------------------------
 
 -----------------------------------
 

- ====================================================================== ====================================== ==============================
-  \                                                                          Default                               Environment
- ====================================================================== ====================================== ==============================
- Admin keytab file                                                       LOCALSTATEDIR/krb5kdc/kadm5.keytab      KRB5_KTNAME
- Admin ACL file that defines access rights to the Kerberos database      LOCALSTATEDIR/krb5kdc/kadm5.acl
- Admin server default port                                               749
- Default supported enctype/salttype matrix                               aes256-cts-hmac-sha1-96:normal
-                                                                         aes128-cts-hmac-sha1-96:normal
-                                                                         des3-cbc-sha1:normal
-                                                                         arcfour-hmac-md5:normal
- Max datagram size                                                       4096
- Directory to store replay caches                                        KRB5RCTMPDIR                            KRB5RCACHEDIR
- Kerberized login program                                                SBINDIR/login.krb5
- Kerberized remote login program                                         BINDIR/rlogin
- ====================================================================== ====================================== ==============================
-
-
-krb5 *slave* support
---------------------
-
- ============================================================ ======================================= ===============================
-  \                                                                          Default                               Environment
- ============================================================ ======================================= ===============================
- kprop  database dump file                                     LOCALSTATEDIR/krb5kdc/slave_datatrans
- kpropd temporary database file                                LOCALSTATEDIR/krb5kdc/from_master
- Location of the utility used to load the principal database   SBINDIR/kdb5_util
- kpropd default kprop                                          SBINDIR/kprop
- kpropd principal database location                            LOCALSTATEDIR/krb5kdc/principal
- kpropd ACL file                                               LOCALSTATEDIR/krb5kdc/kpropd.acl
- kprop port                                                    754                                       KPROP_PORT
- ============================================================ ======================================= ===============================
-
-
-Site- and system-wide initialization for the code compiled on Linux or Solaris
-------------------------------------------------------------------------------
-
- ===================== ============================== =================
- BINDIR                /usr/local/bin/
- KRB5RCTMPDIR          /var/tmp
- LIBDIR                /usr/local/lib/                 krb5 library directory
- LOCALSTATEDIR         /usr/local/var/
- MODULEDIR             /usr/local/lib/krb5/plugins/    krb5 static plugins directory
- SBINDIR               /usr/local/sbin/
- SYSCONFDIR            /usr/local/etc/
- ===================== ============================== =================
-
-
+On Unix-like systems, some paths used by MIT krb5 depend on parameters
+chosen at build time.  For a custom build, these paths default to
+subdirectories of ``/usr/local``.  When MIT krb5 is integrated into an
+operating system, the paths are generally chosen to match the
+operating system's filesystem layout.
+
+=======================  ===============  ===================  ===============
+Description             Symbolic name    Custom build path    Typical OS path
+=======================  ===============  ===================  ===============
+User programs           BINDIR           ``/usr/local/bin``   ``/usr/bin``
+Libraries and plugins    LIBDIR           ``/usr/local/lib``   ``/usr/lib``
+Parent of KDC state dir  LOCALSTATEDIR    ``/usr/local/var``   ``/var``
+Administrative programs  SBINDIR          ``/usr/local/sbin``  ``/usr/sbin``
+Alternate krb5.conf dir  SYSCONFDIR       ``/usr/local/etc``   ``/etc``
+=======================  ===============  ===================  ===============

diff --git a/src/man/Makefile.in b/src/man/Makefile.in
index c9c58850c19e058c8bc0067df6a2c6eb60ac27ce..b6f38c9b8aeddab3e7d1d0c6710f4ceb07b65596 100644 (file)
--- a/src/man/Makefile.in
+++ b/src/man/Makefile.in
@@ -5,6 +5,7 @@ SPHINX_BUILD=sphinx-build
 GROFF=@GROFF@
 GROFF_MAN=$(GROFF) -mtty-char -Tascii -mandoc -c
 localstatedir=@localstatedir@
 GROFF=@GROFF@
 GROFF_MAN=$(GROFF) -mtty-char -Tascii -mandoc -c
 localstatedir=@localstatedir@

+sysconfdir=@sysconfdir@

 
 MANSUBS=k5identity.sub k5login.sub k5srvutil.sub kadmin.sub kadmind.sub \
        kdb5_ldap_util.sub kdb5_util.sub kdc.conf.sub kdestroy.sub kinit.sub \
 
 MANSUBS=k5identity.sub k5login.sub k5srvutil.sub kadmin.sub kadmind.sub \
        kdb5_ldap_util.sub kdb5_util.sub kdc.conf.sub kdestroy.sub kinit.sub \


@@ -33,7 +34,8 @@ rstman:
        sed -e 's|@BINDIR@|$(CLIENT_BINDIR)|g' \
            -e 's|@SBINDIR@|$(SERVER_BINDIR)|g' \
            -e 's|@LIBDIR@|$(KRB5_LIBDIR)|g' \
        sed -e 's|@BINDIR@|$(CLIENT_BINDIR)|g' \
            -e 's|@SBINDIR@|$(SERVER_BINDIR)|g' \
            -e 's|@LIBDIR@|$(KRB5_LIBDIR)|g' \

-           -e 's|@LOCALSTATEDIR@|$(localstatedir)|g' $? > $@
+           -e 's|@LOCALSTATEDIR@|$(localstatedir)|g' \
+           -e 's|@SYSCONFDIR@|$(sysconfdir)|g' $? > $@

 
 all:: $(MANSUBS)
 
 
 all:: $(MANSUBS)