[Review Request] Kerberose 5 patch. Version two!

Tillman Hodgson tillman at seekingfire.com
Thu Sep 4 19:04:33 UTC 2003 

On Thu, Sep 04, 2003 at 01:17:53PM -0400, Tom Rhodes wrote:
> On Thu, 4 Sep 2003 11:44:44 -0600
> Tillman Hodgson <tillman at seekingfire.com> wrote:
> > I promise to learn SGML (and not attempt to preach LaTeX ;-) ) sometime
> > soon *grin*.
> 
> I like LaTeX, I think.  :P
> > > Well, I have an idea on how to do this.  Something like:

If I could submit documentation in LaTeX I'd become a prolific writer ;-)

> Well, I removed insist.  Actually, I came up with this:
> 
>       <note>
> 	<para>For large networks with a properly configured
> 	  <acronym>BIND</acronym> <acronym>DNS</acronym> server, the
> 	  above example could be trimmed to:</para>
> 
> 	<programlisting>[libdefaults]
>       default_realm = example.org</programlisting>
> 
> 	<para>With the following lines being appended to the
> 	  <hostid role="fqdn">exmple.org</hostid> zonefile:</para>

Spelling: example.org

> 	<programlisting>_kerberos._udp      IN  SRV     01 00 88 kerberos.example.org.
> _kerberos._tcp      IN  SRV     01 00 88 kerberos.example.org.
> _kpasswd._udp       IN  SRV     01 00 464 kerberos.example.org.
> _kerberos-adm._tcp  IN  SRV     01 00 749 kerberos.example.org.
> _kerberos           IN  TXT     EXAMPLE.ORG.</programlisting></note>
> 
> This gives us a sentence which reads as "it could be done this way,
> but you are not required to do so."

I like it. It even says how to do if you want to do it that way.

> > Changing the permissions on /tmp for all workstations might be a
> > contentious recommendation. Most Kerberos applications will take an
> > environment variable to tell them to look elsewhere for the ticket,
> > though this isn't truly standardized and still doesnt' solve the "root
> > user problem".
> > 
> > I'm not sure that this is a problem that documentation can solve :-)
> 
> Then I'll ignore the change I was going to make and just leave the
> paragraph as it was.  Thanks!!

No problem :-)

The /tmp issue affects lots of different software. I'd like to see some
good documentation on the issues and some /standardized/ solutions to
them developed. That's something that would make a great USENIX paper if
anybody has ideas on how to tackle it :-)

-T


-- 
To enjoy the flavor of life, take big bites. Moderation is for monks.
	- Robert Heinlein

More information about the freebsd-doc mailing list