svn commit: r435448 - head/security/krb5-114/files
Cy Schubert
cy at FreeBSD.org
Sun Mar 5 03:29:51 UTC 2017
Author: cy
Date: Sun Mar 5 03:29:50 2017
New Revision: 435448
URL: https://svnweb.freebsd.org/changeset/ports/435448
Log:
Revert the rename of README.FreeBSD to README.FreeBSD.in. This is
part of a possible future change to this port that was accidentally
not removed prior to committing r435447.
Added:
head/security/krb5-114/files/README.FreeBSD
- copied unchanged from r435447, head/security/krb5-114/files/README.FreeBSD.in
Deleted:
head/security/krb5-114/files/README.FreeBSD.in
Copied: head/security/krb5-114/files/README.FreeBSD (from r435447, head/security/krb5-114/files/README.FreeBSD.in)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/krb5-114/files/README.FreeBSD Sun Mar 5 03:29:50 2017 (r435448, copy of r435447, head/security/krb5-114/files/README.FreeBSD.in)
@@ -0,0 +1,32 @@
+The MIT KRB5 port provides its own login program at
+${PREFIX}/sbin/login.krb5. However, login.krb5 does not make use of
+the FreeBSD login.conf and login.access files that provide a means of
+setting up and controlling sessions under FreeBSD. To overcome this,
+the MIT KRB5 port uses the FreeBSD /usr/bin/login program to provide
+interactive login password authentication instead of the login.krb5
+program provided by MIT KRB5. The FreeBSD /usr/bin/login program does
+not have support for Kerberos V password authentication,
+e.g. authentication at the console. The pam_krb5 port must be used to
+provide Kerberos V password authentication.
+
+For more information about pam_krb5, please see pam(8) and pam_krb5(8).
+
+If you wish to use login.krb5 that is provided by the MIT KRB5 port,
+the arguments "-L ${PREFIX}/sbin/login.krb5" must be
+specified as arguments to klogind and KRB5 telnetd, e.g.
+
+klogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -L ${PREFIX}/sbin/login.krb5
+eklogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -e -L ${PREFIX}/sbin/login.krb5
+telnet stream tcp nowait root ${PREFIX}/sbin/telnetd telnetd -a none -L ${PREFIX}/sbin/login.krb5
+
+Additionally, if you wish to use the MIT KRB5 provided login.krb5 instead
+of the FreeBSD provided /usr/bin/login for local tty logins,
+"lo=${PREFIX}/sbin/login.krb5" must be specified in /etc/gettytab, e.g.,
+
+default:\
+ :cb:ce:ck:lc:fd#1000:im=\r\n%s/%m (%h) (%t)\r\n\r\n:sp#1200:\
+ :if=/etc/issue:\
+ :lo=${PREFIX}/sbin/login.krb5:
+
+It is recommended that the FreeBSD /usr/bin/login be used with the
+pam_krb5 port instead of the MIT KRB5 provided login.krb5.
More information about the svn-ports-all
mailing list