170 lines
6.7 KiB
Diff
170 lines
6.7 KiB
Diff
--- origsrc/heimdal-1.5.2/doc/Makefile.am 2012-01-10 15:53:51.000000000 -0600
|
||
+++ src/heimdal-1.5.2/doc/Makefile.am 2012-03-22 21:30:20.267722400 -0500
|
||
@@ -49,7 +49,7 @@ wind.dxy: wind.din Makefile
|
||
chmod +x wind.dxy.tmp
|
||
mv wind.dxy.tmp wind.dxy
|
||
|
||
-texi_subst = sed -e 's,[@]dbdir[@],$(localstatedir),g' \
|
||
+texi_subst = sed -e 's,[@]dbdir[@],$(DIR_hdbdir),g' \
|
||
-e 's,[@]PACKAGE_VERSION[@],$(PACKAGE_VERSION),g'
|
||
|
||
vars.texi: vars.tin Makefile
|
||
--- origsrc/heimdal-1.5.2/doc/setup.texi 2012-01-10 15:53:51.000000000 -0600
|
||
+++ src/heimdal-1.5.2/doc/setup.texi 2012-03-22 21:23:43.958054800 -0500
|
||
@@ -122,13 +122,13 @@ The database library will look for the d
|
||
Make sure the directory has restrictive permissions.
|
||
|
||
@example
|
||
-# mkdir /var/heimdal
|
||
+# mkdir /var/lib/heimdal
|
||
@end example
|
||
|
||
The keys of all the principals are stored in the database. If you
|
||
choose to, these can be encrypted with a master key. You do not have to
|
||
remember this key (or password), but just to enter it once and it will
|
||
-be stored in a file (@file{/var/heimdal/m-key}). If you want to have a
|
||
+be stored in a file (@file{/var/lib/heimdal/m-key}). If you want to have a
|
||
master key, run @samp{kstash} to create this master key:
|
||
|
||
@example
|
||
@@ -320,7 +320,7 @@ You might need to add @samp{kerberos-adm
|
||
as @samp{749/tcp}.
|
||
|
||
Access to the administration server is controlled by an ACL file,
|
||
-(default @file{/var/heimdal/kadmind.acl}.) The file has the following
|
||
+(default @file{/var/lib/heimdal/kadmind.acl}.) The file has the following
|
||
syntax:
|
||
@smallexample
|
||
principal [priv1,priv2,...] [glob-pattern]
|
||
@@ -496,7 +496,7 @@ for the database) and a keytab with the
|
||
|
||
@example
|
||
slave# ktutil get -p foo/admin hprop/`hostname`
|
||
-slave# mkdir /var/heimdal
|
||
+slave# mkdir /var/lib/heimdal
|
||
slave# hpropd
|
||
@end example
|
||
|
||
@@ -556,7 +556,7 @@ checked after 30 seconds of no event.
|
||
The program that runs on the master is @command{ipropd-master} and all
|
||
clients run @command{ipropd-slave}.
|
||
|
||
-Create the file @file{/var/heimdal/slaves} on the master containing all
|
||
+Create the file @file{/var/lib/heimdal/slaves} on the master containing all
|
||
the slaves that the database should be propagated to. Each line contains
|
||
the full name of the principal (for example
|
||
@samp{iprop/hemligare.foo.se@@FOO.SE}).
|
||
@@ -582,7 +582,7 @@ slave# /usr/heimdal/sbin/ktutil get ipro
|
||
|
||
The next step is to start the @command{ipropd-master} process on the master
|
||
server. The @command{ipropd-master} listens on the UNIX domain socket
|
||
-@file{/var/heimdal/signal} to know when changes have been made to the
|
||
+@file{/var/lib/heimdal/signal} to know when changes have been made to the
|
||
database so they can be propagated to the slaves. There is also a
|
||
safety feature of testing the version number regularly (every 30
|
||
seconds) to see if it has been modified by some means that do not raise
|
||
@@ -1471,7 +1471,7 @@ TODO: Write about the KDC.
|
||
Note that the file name is space sensitive.
|
||
|
||
@example
|
||
-# cat /var/heimdal/pki-mapping
|
||
+# cat /var/lib/heimdal/pki-mapping
|
||
# comments starts with #
|
||
lha@@EXAMPLE.ORG:C=SE,O=Stockholm universitet,CN=Love,UID=lha
|
||
lha@@EXAMPLE.ORG:CN=Love,UID=lha
|
||
--- origsrc/heimdal-1.5.2/kadmin/kadmind.8 2012-01-10 15:53:51.000000000 -0600
|
||
+++ src/heimdal-1.5.2/kadmin/kadmind.8 2012-03-22 21:23:54.685668400 -0500
|
||
@@ -84,7 +84,7 @@ slaves.
|
||
Principals are always allowed to change their own password and list
|
||
their own principal. Apart from that, doing any operation requires
|
||
permission explicitly added in the ACL file
|
||
-.Pa /var/heimdal/kadmind.acl .
|
||
+.Pa /var/lib/heimdal/kadmind.acl .
|
||
The format of this file is:
|
||
.Bd -ragged
|
||
.Va principal
|
||
@@ -137,7 +137,7 @@ representing the default port.
|
||
.El
|
||
.\".Sh ENVIRONMENT
|
||
.Sh FILES
|
||
-.Pa /var/heimdal/kadmind.acl
|
||
+.Pa /var/lib/heimdal/kadmind.acl
|
||
.Sh EXAMPLES
|
||
This will cause
|
||
.Nm
|
||
--- origsrc/heimdal-1.5.2/kdc/kdc.8 2012-01-10 15:53:51.000000000 -0600
|
||
+++ src/heimdal-1.5.2/kdc/kdc.8 2012-03-22 21:23:59.507944200 -0500
|
||
@@ -73,7 +73,7 @@ Options supported:
|
||
.Bl -tag -width Ds
|
||
.It Fl c Ar file , Fl Fl config-file= Ns Ar file
|
||
Specifies the location of the config file, the default is
|
||
-.Pa /var/heimdal/kdc.conf .
|
||
+.Pa /var/lib/heimdal/kdc.conf .
|
||
This is the only value that can't be specified in the config file.
|
||
.It Fl p , Fl Fl no-require-preauth
|
||
Turn off the requirement for pre-autentication in the initial AS-REQ
|
||
--- origsrc/heimdal-1.5.2/kdc/kstash.8 2012-01-10 15:53:51.000000000 -0600
|
||
+++ src/heimdal-1.5.2/kdc/kstash.8 2012-03-22 21:26:43.308313000 -0500
|
||
@@ -77,7 +77,7 @@ passphrase will be read from the termina
|
||
.El
|
||
.\".Sh ENVIRONMENT
|
||
.Sh FILES
|
||
-.Pa /var/heimdal/m-key
|
||
+.Pa /var/lib/heimdal/m-key
|
||
is the default keyfile if no other keyfile is specified.
|
||
The format of a Heimdal master key is the same as a keytab, so
|
||
.Nm ktutil
|
||
--- origsrc/heimdal-1.5.2/lib/kadm5/check-cracklib.pl 2012-01-10 15:53:51.000000000 -0600
|
||
+++ src/heimdal-1.5.2/lib/kadm5/check-cracklib.pl 2012-03-22 21:26:54.897975900 -0500
|
||
@@ -37,7 +37,7 @@ use Digest::MD5;
|
||
|
||
# NEED TO CHANGE THESE TO MATCH YOUR SYSTEM
|
||
my $database = '/usr/lib/cracklib_dict';
|
||
-my $historydb = '/var/heimdal/historydb';
|
||
+my $historydb = '/var/lib/heimdal/historydb';
|
||
# NEED TO CHANGE THESE TO MATCH YOUR SYSTEM
|
||
|
||
# seconds password reuse allowed (to catch retries from clients)
|
||
--- origsrc/heimdal-1.5.2/lib/kadm5/iprop.8 2012-01-10 15:53:51.000000000 -0600
|
||
+++ src/heimdal-1.5.2/lib/kadm5/iprop.8 2012-03-22 21:27:00.637304200 -0500
|
||
@@ -91,7 +91,7 @@ running
|
||
The slaves are specified by the contents of the
|
||
.Pa slaves
|
||
file in the KDC's database directory, e.g.\&
|
||
-.Pa /var/heimdal/slaves .
|
||
+.Pa /var/lib/heimdal/slaves .
|
||
This has principals one per-line of the form
|
||
.Dl iprop/ Ns Ar slave Ns @ Ns Ar REALM
|
||
where
|
||
@@ -132,7 +132,7 @@ service principal on the local host.
|
||
There is a keep-alive feature logged in the master's
|
||
.Pa slave-stats
|
||
file (e.g.\&
|
||
-.Pa /var/heimdal/slave-stats ) .
|
||
+.Pa /var/lib/heimdal/slave-stats ) .
|
||
.Pp
|
||
Supported options for
|
||
.Nm ipropd-master :
|
||
--- origsrc/heimdal-1.5.2/lib/krb5/krb5.conf.5 2012-01-10 15:53:51.000000000 -0600
|
||
+++ src/heimdal-1.5.2/lib/krb5/krb5.conf.5 2012-03-22 21:27:04.914548800 -0500
|
||
@@ -549,7 +549,7 @@ configuration file for Kerberos 5.
|
||
default_domain = foo.se
|
||
}
|
||
[logging]
|
||
- kdc = FILE:/var/heimdal/kdc.log
|
||
+ kdc = FILE:/var/lib/heimdal/kdc.log
|
||
kdc = SYSLOG:INFO
|
||
default = SYSLOG:INFO:USER
|
||
.Ed
|
||
--- origsrc/heimdal-1.5.2/lib/krb5/krb5.conf.cat5 2012-01-11 07:07:20.000000000 -0600
|
||
+++ src/heimdal-1.5.2/lib/krb5/krb5.conf.cat5 2012-03-22 21:27:11.788942000 -0500
|
||
@@ -580,7 +580,7 @@ EEXXAAMMPPLLEESS
|
||
default_domain = foo.se
|
||
}
|
||
[logging]
|
||
- kdc = FILE:/var/heimdal/kdc.log
|
||
+ kdc = FILE:/var/lib/heimdal/kdc.log
|
||
kdc = SYSLOG:INFO
|
||
default = SYSLOG:INFO:USER
|
||
|