[Review Request] Kerberose 5 patch. Version two!
tillman at seekingfire.com
Thu Sep 4 19:04:33 UTC 2003
On Thu, Sep 04, 2003 at 01:17:53PM -0400, Tom Rhodes wrote:
> On Thu, 4 Sep 2003 11:44:44 -0600
> Tillman Hodgson <tillman at seekingfire.com> wrote:
> > I promise to learn SGML (and not attempt to preach LaTeX ;-) ) sometime
> > soon *grin*.
> I like LaTeX, I think. :P
> > > Well, I have an idea on how to do this. Something like:
If I could submit documentation in LaTeX I'd become a prolific writer ;-)
> Well, I removed insist. Actually, I came up with this:
> <para>For large networks with a properly configured
> <acronym>BIND</acronym> <acronym>DNS</acronym> server, the
> above example could be trimmed to:</para>
> default_realm = example.org</programlisting>
> <para>With the following lines being appended to the
> <hostid role="fqdn">exmple.org</hostid> zonefile:</para>
> <programlisting>_kerberos._udp IN SRV 01 00 88 kerberos.example.org.
> _kerberos._tcp IN SRV 01 00 88 kerberos.example.org.
> _kpasswd._udp IN SRV 01 00 464 kerberos.example.org.
> _kerberos-adm._tcp IN SRV 01 00 749 kerberos.example.org.
> _kerberos IN TXT EXAMPLE.ORG.</programlisting></note>
> This gives us a sentence which reads as "it could be done this way,
> but you are not required to do so."
I like it. It even says how to do if you want to do it that way.
> > Changing the permissions on /tmp for all workstations might be a
> > contentious recommendation. Most Kerberos applications will take an
> > environment variable to tell them to look elsewhere for the ticket,
> > though this isn't truly standardized and still doesnt' solve the "root
> > user problem".
> > I'm not sure that this is a problem that documentation can solve :-)
> Then I'll ignore the change I was going to make and just leave the
> paragraph as it was. Thanks!!
No problem :-)
The /tmp issue affects lots of different software. I'd like to see some
good documentation on the issues and some /standardized/ solutions to
them developed. That's something that would make a great USENIX paper if
anybody has ideas on how to tackle it :-)
To enjoy the flavor of life, take big bites. Moderation is for monks.
- Robert Heinlein
More information about the freebsd-doc