dpward / rpms / sssd

Forked from rpms/sssd 3 years ago
Clone
Source Code
GIT

Blame SOURCES/0088-MAN-Clarify-the-new-krb5_use_fast-IPA-default.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s
  1.   b0333597cd050e257584476ed01caea9e6e90813
  2.   SOURCES
  3.   0088-MAN-Clarify-the-new-krb5_use_fast-IPA-default.patch
Blob History Raw
2fc102 
From 4d5cbad45245016747aa34f2271f2fe5214cf34a Mon Sep 17 00:00:00 2001
2fc102 
From: Jakub Hrozek <jhrozek@redhat.com>
2fc102 
Date: Mon, 17 Feb 2014 17:30:52 +0100
2fc102 
Subject: [PATCH 88/88] MAN: Clarify the new krb5_use_fast IPA default
2fc102
2fc102 
---
2fc102 
 src/man/sssd-ipa.5.xml  | 34 ++++++++++++++++++++++++++++++++++
2fc102 
 src/man/sssd-krb5.5.xml |  2 +-
2fc102 
 2 files changed, 35 insertions(+), 1 deletion(-)
2fc102
2fc102 
diff --git a/src/man/sssd-ipa.5.xml b/src/man/sssd-ipa.5.xml
2fc102 
index 28ac252abbeb508d62ca1a94f2440afc6b5b5c88..7ab59dc20cc43c7ed86c0e1a988a30813b9fe673 100644
2fc102 
--- a/src/man/sssd-ipa.5.xml
2fc102 
+++ b/src/man/sssd-ipa.5.xml
2fc102 
@@ -399,6 +399,40 @@
2fc102 
                 </varlistentry>
2fc102
2fc102 
                 <varlistentry>
2fc102 
+                    <term>krb5_use_fast (string)</term>
2fc102 
+                    <listitem>
2fc102 
+                        <para>
2fc102 
+                            Enables flexible authentication secure tunneling
2fc102 
+                            (FAST) for Kerberos pre-authentication. The
2fc102 
+                            following options are supported:
2fc102 
+                        </para>
2fc102 
+                        <para>
2fc102 
+                            <emphasis>never</emphasis> use FAST.
2fc102 
+                        </para>
2fc102 
+                        <para>
2fc102 
+                            <emphasis>try</emphasis> to use FAST. If the server
2fc102 
+                            does not support FAST, continue the
2fc102 
+                            authentication without it. This is
2fc102 
+                            equivalent to not setting this option at all.
2fc102 
+                        </para>
2fc102 
+                        <para>
2fc102 
+                            <emphasis>demand</emphasis> to use FAST. The
2fc102 
+                            authentication fails if the server does not
2fc102 
+                            require fast.
2fc102 
+                        </para>
2fc102 
+                        <para>
2fc102 
+                            Default: try
2fc102 
+                        </para>
2fc102 
+                        <para>
2fc102 
+                            NOTE: SSSD supports FAST only with
2fc102 
+                            MIT Kerberos version 1.8 and later. If SSSD is used
2fc102 
+                            with an older version of MIT Kerberos, using this
2fc102 
+                            option is a configuration error.
2fc102 
+                        </para>
2fc102 
+                    </listitem>
2fc102 
+                </varlistentry>
2fc102 
+
2fc102 
+                <varlistentry>
2fc102 
                     <term>ipa_hbac_refresh (integer)</term>
2fc102 
                     <listitem>
2fc102 
                         <para>
2fc102 
diff --git a/src/man/sssd-krb5.5.xml b/src/man/sssd-krb5.5.xml
2fc102 
index 384d506616408c3f45f5b85621a8101ef4faa3e8..602c07e9c2e2b9c231c596d50be94b7d220c3257 100644
2fc102 
--- a/src/man/sssd-krb5.5.xml
2fc102 
+++ b/src/man/sssd-krb5.5.xml
2fc102 
@@ -502,7 +502,7 @@
2fc102 
                         </para>
2fc102
2fc102 
                         <para>
2fc102 
-                            Default: false (AD provide: true)
2fc102 
+                            Default: false (AD provider: true)
2fc102 
                         </para>
2fc102 
                     </listitem>
2fc102 
                 </varlistentry>
2fc102 
--
2fc102 
1.8.5.3
2fc102

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation