diff options
Diffstat (limited to 'doc/html/admin/conf_files/kadm5_acl.html')
| -rw-r--r-- | doc/html/admin/conf_files/kadm5_acl.html | 38 |
1 files changed, 16 insertions, 22 deletions
diff --git a/doc/html/admin/conf_files/kadm5_acl.html b/doc/html/admin/conf_files/kadm5_acl.html index 611864b3c535..17e628141aa1 100644 --- a/doc/html/admin/conf_files/kadm5_acl.html +++ b/doc/html/admin/conf_files/kadm5_acl.html @@ -1,19 +1,17 @@ - <!DOCTYPE html> -<html> +<html lang="en" data-content_root="../../"> <head> <meta charset="utf-8" /> - <meta name="viewport" content="width=device-width, initial-scale=1.0" /><meta name="generator" content="Docutils 0.17.1: http://docutils.sourceforge.net/" /> + <meta name="viewport" content="width=device-width, initial-scale=1.0" /><meta name="viewport" content="width=device-width, initial-scale=1" /> <title>kadm5.acl — MIT Kerberos Documentation</title> - <link rel="stylesheet" type="text/css" href="../../_static/pygments.css" /> - <link rel="stylesheet" type="text/css" href="../../_static/agogo.css" /> - <link rel="stylesheet" type="text/css" href="../../_static/kerb.css" /> - <script data-url_root="../../" id="documentation_options" src="../../_static/documentation_options.js"></script> - <script src="../../_static/jquery.js"></script> - <script src="../../_static/underscore.js"></script> - <script src="../../_static/doctools.js"></script> + <link rel="stylesheet" type="text/css" href="../../_static/pygments.css?v=fa44fd50" /> + <link rel="stylesheet" type="text/css" href="../../_static/agogo.css?v=879f3c71" /> + <link rel="stylesheet" type="text/css" href="../../_static/kerb.css?v=6a0b3979" /> + <script src="../../_static/documentation_options.js?v=236fef3b"></script> + <script src="../../_static/doctools.js?v=888ff710"></script> + <script src="../../_static/sphinx_highlight.js?v=dc90522c"></script> <link rel="author" title="About these documents" href="../../about.html" /> <link rel="index" title="Index" href="../../genindex.html" /> <link rel="search" title="Search" href="../../search.html" /> @@ -53,9 +51,9 @@ <div class="body" role="main"> <section id="kadm5-acl"> -<span id="kadm5-acl-5"></span><h1>kadm5.acl<a class="headerlink" href="#kadm5-acl" title="Permalink to this headline">¶</a></h1> +<span id="kadm5-acl-5"></span><h1>kadm5.acl<a class="headerlink" href="#kadm5-acl" title="Link to this heading">¶</a></h1> <section id="description"> -<h2>DESCRIPTION<a class="headerlink" href="#description" title="Permalink to this headline">¶</a></h2> +<h2>DESCRIPTION<a class="headerlink" href="#description" title="Link to this heading">¶</a></h2> <p>The Kerberos <a class="reference internal" href="../admin_commands/kadmind.html#kadmind-8"><span class="std std-ref">kadmind</span></a> daemon uses an Access Control List (ACL) file to manage access rights to the Kerberos database. For operations that affect principals, the ACL file also controls @@ -65,7 +63,7 @@ which principals can operate on which other principals.</p> variable in <a class="reference internal" href="kdc_conf.html#kdc-conf-5"><span class="std std-ref">kdc.conf</span></a>.</p> </section> <section id="syntax"> -<h2>SYNTAX<a class="headerlink" href="#syntax" title="Permalink to this headline">¶</a></h2> +<h2>SYNTAX<a class="headerlink" href="#syntax" title="Link to this heading">¶</a></h2> <p>Empty lines and lines starting with the sharp sign (<code class="docutils literal notranslate"><span class="pre">#</span></code>) are ignored. Lines containing ACL entries have the format:</p> <div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">principal</span> <span class="n">permissions</span> <span class="p">[</span><span class="n">target_principal</span> <span class="p">[</span><span class="n">restrictions</span><span class="p">]</span> <span class="p">]</span> @@ -89,10 +87,6 @@ counterparts. If the character is <em>upper-case</em>, then the operation is disallowed. If the character is <em>lower-case</em>, then the operation is permitted.</p> <table class="docutils align-default"> -<colgroup> -<col style="width: 2%" /> -<col style="width: 98%" /> -</colgroup> <tbody> <tr class="row-odd"><td><p>a</p></td> <td><p>[Dis]allows the addition of principals or policies</p></td> @@ -178,7 +172,7 @@ restarted for changes to take effect.</p> </div> </section> <section id="example"> -<h2>EXAMPLE<a class="headerlink" href="#example" title="Permalink to this headline">¶</a></h2> +<h2>EXAMPLE<a class="headerlink" href="#example" title="Link to this heading">¶</a></h2> <p>Here is an example of a kadm5.acl file:</p> <div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="o">*/</span><span class="n">admin</span><span class="nd">@ATHENA</span><span class="o">.</span><span class="n">MIT</span><span class="o">.</span><span class="n">EDU</span> <span class="o">*</span> <span class="c1"># line 1</span> <span class="n">joeadmin</span><span class="nd">@ATHENA</span><span class="o">.</span><span class="n">MIT</span><span class="o">.</span><span class="n">EDU</span> <span class="n">ADMCIL</span> <span class="c1"># line 2</span> @@ -213,7 +207,7 @@ any principal that it creates or modifies will not be able to get postdateable tickets or tickets with a life of longer than 9 hours.</p> </section> <section id="module-behavior"> -<h2>MODULE BEHAVIOR<a class="headerlink" href="#module-behavior" title="Permalink to this headline">¶</a></h2> +<h2>MODULE BEHAVIOR<a class="headerlink" href="#module-behavior" title="Link to this heading">¶</a></h2> <p>The ACL file can coexist with other authorization modules in release 1.16 and later, as configured in the <a class="reference internal" href="krb5_conf.html#kadm5-auth"><span class="std std-ref">kadm5_auth interface</span></a> section of <a class="reference internal" href="krb5_conf.html#krb5-conf-5"><span class="std std-ref">krb5.conf</span></a>. The ACL file will positively authorize @@ -224,7 +218,7 @@ operations in addition to those authorized by the ACL file.</p> <a class="reference internal" href="kdc_conf.html#kdc-conf-5"><span class="std std-ref">kdc.conf</span></a> to the empty string with <code class="docutils literal notranslate"><span class="pre">acl_file</span> <span class="pre">=</span> <span class="pre">""</span></code>.</p> </section> <section id="see-also"> -<h2>SEE ALSO<a class="headerlink" href="#see-also" title="Permalink to this headline">¶</a></h2> +<h2>SEE ALSO<a class="headerlink" href="#see-also" title="Link to this heading">¶</a></h2> <p><a class="reference internal" href="kdc_conf.html#kdc-conf-5"><span class="std std-ref">kdc.conf</span></a>, <a class="reference internal" href="../admin_commands/kadmind.html#kadmind-8"><span class="std std-ref">kadmind</span></a></p> </section> </section> @@ -313,8 +307,8 @@ operations in addition to those authorized by the ACL file.</p> <div class="footer-wrapper"> <div class="footer" > - <div class="right" ><i>Release: 1.21.3</i><br /> - © <a href="../../copyright.html">Copyright</a> 1985-2024, MIT. + <div class="right" ><i>Release: 1.22-final</i><br /> + © <a href="../../copyright.html">Copyright</a> 1985-2025, MIT. </div> <div class="left"> |