Date: Fri, 22 Oct 2004 13:04:13 -0600 From: Tillman Hodgson <tillman@seekingfire.com> To: doc@freebsd.org Subject: Re: Chapter 14, Security, Kerberos V (admin_server). Message-ID: <20041022190413.GD53845@seekingfire.com> In-Reply-To: <20041022130456.GA88051@mrtall.compsoc.man.ac.uk> References: <20041022130456.GA88051@mrtall.compsoc.man.ac.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Oct 22, 2004 at 02:04:56PM +0100, Lewis Thompson wrote: > Hi, > > I just got bitten by not having admin_server in my krb5.conf file. Oh, hey, another Kerberos user. Hi! > This is not mentioned at all in the handbook and is surprisingly hard > to track down (maybe I was looking at the wrong logs ;). An addition > explaining what admin_server does would be very welcome. I've been thinking about updating that section recently. I haven't been keeping it up-to-date with the rcNG changes and so forth, made especially difficult because my KDC is MIT and not the base Heimdal and so my /etc/rc.conf issues are different than default. I'd also like to provide more rc.conf info in general, PAM info, more security info, disconnecteed network scenario info, sample setups, stuff like that ... > If you guys are all busy now I am willing to provide a line or two > myself. Just let me know. ... not that should stop you. First man to the post and all that *grin*. A docbook and "process" mentor (best way to work on the doc private privately, etc) would be great ... I'd like to contribute more to the handbook (and other guides), but my brain has LaTeX stamped onto it and so I could use a hand ;-) I have some older public documents generated for various user group presentations and technical college classes I've taught up at http://www.seekingfire.com/documents/, if anyone is interested in taking a peek. I love writing, I love FreeBSD, and I'd love to contribute more. I'm short of copious spare time and docbook knowledge. I've read the stuff at http://www.freebsd.org/docproj/index.html before, but that's not the same as seeing how other people who do this daily go about it -- they've already worn the sharp edges off. On a different topic, a minor pet peeve: try a `man -a ftpd` on a Kerberized (with MIT) system some day. There's three ftpds, each with slightly different options available (`-a otp` is notable) ... and it's *not* easy to distinguish which man page corresponds to which ftpd. Gah. This has been me too many times to count. Any suggestions on a clean way to handle situations like this? -T -- I think it only makes sense to seek out and identify structures of authority, hierarchy, and domination in every aspect of life, and to challenge them; unless a justification for them can be given, they are illegitimate, and should be dismantled, to increase the scope of human freedom. -- Noam Chomsky (Red and Black Revolution, 1996)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041022190413.GD53845>