From owner-freebsd-doc@FreeBSD.ORG Fri Oct 22 19:04:15 2004 Return-Path: Delivered-To: freebsd-doc@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9351516A4CE for ; Fri, 22 Oct 2004 19:04:15 +0000 (GMT) Received: from mail.seekingfire.com (coyote.seekingfire.com [24.72.10.212]) by mx1.FreeBSD.org (Postfix) with ESMTP id EFBA943D48 for ; Fri, 22 Oct 2004 19:04:13 +0000 (GMT) (envelope-from tillman@seekingfire.com) Received: by mail.seekingfire.com (Postfix, from userid 500) id 707B6DF; Fri, 22 Oct 2004 13:04:13 -0600 (CST) Date: Fri, 22 Oct 2004 13:04:13 -0600 From: Tillman Hodgson To: doc@freebsd.org Message-ID: <20041022190413.GD53845@seekingfire.com> References: <20041022130456.GA88051@mrtall.compsoc.man.ac.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20041022130456.GA88051@mrtall.compsoc.man.ac.uk> X-Habeas-SWE-1: winter into spring X-Habeas-SWE-2: brightly anticipated X-Habeas-SWE-3: like Habeas SWE (tm) X-Habeas-SWE-4: Copyright 2002 Habeas (tm) X-Habeas-SWE-5: Sender Warranted Email (SWE) (tm). The sender of this X-Habeas-SWE-6: email in exchange for a license for this Habeas X-Habeas-SWE-7: warrant mark warrants that this is a Habeas Compliant X-Habeas-SWE-8: Message (HCM) and not spam. Please report use of this X-Habeas-SWE-9: mark in spam to . X-GPG-Key-ID: 828AFC7B X-GPG-Fingerprint: 5584 14BA C9EB 1524 0E68 F543 0F0A 7FBC 828A FC7B X-GPG-Key: http://www.seekingfire.com/gpg_key.asc X-Urban-Legend: There is lots of hidden information in headers User-Agent: Mutt/1.5.6i Subject: Re: Chapter 14, Security, Kerberos V (admin_server). X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Oct 2004 19:04:15 -0000 On Fri, Oct 22, 2004 at 02:04:56PM +0100, Lewis Thompson wrote: > Hi, > > I just got bitten by not having admin_server in my krb5.conf file. Oh, hey, another Kerberos user. Hi! > This is not mentioned at all in the handbook and is surprisingly hard > to track down (maybe I was looking at the wrong logs ;). An addition > explaining what admin_server does would be very welcome. I've been thinking about updating that section recently. I haven't been keeping it up-to-date with the rcNG changes and so forth, made especially difficult because my KDC is MIT and not the base Heimdal and so my /etc/rc.conf issues are different than default. I'd also like to provide more rc.conf info in general, PAM info, more security info, disconnecteed network scenario info, sample setups, stuff like that ... > If you guys are all busy now I am willing to provide a line or two > myself. Just let me know. ... not that should stop you. First man to the post and all that *grin*. A docbook and "process" mentor (best way to work on the doc private privately, etc) would be great ... I'd like to contribute more to the handbook (and other guides), but my brain has LaTeX stamped onto it and so I could use a hand ;-) I have some older public documents generated for various user group presentations and technical college classes I've taught up at http://www.seekingfire.com/documents/, if anyone is interested in taking a peek. I love writing, I love FreeBSD, and I'd love to contribute more. I'm short of copious spare time and docbook knowledge. I've read the stuff at http://www.freebsd.org/docproj/index.html before, but that's not the same as seeing how other people who do this daily go about it -- they've already worn the sharp edges off. On a different topic, a minor pet peeve: try a `man -a ftpd` on a Kerberized (with MIT) system some day. There's three ftpds, each with slightly different options available (`-a otp` is notable) ... and it's *not* easy to distinguish which man page corresponds to which ftpd. Gah. This has been me too many times to count. Any suggestions on a clean way to handle situations like this? -T -- I think it only makes sense to seek out and identify structures of authority, hierarchy, and domination in every aspect of life, and to challenge them; unless a justification for them can be given, they are illegitimate, and should be dismantled, to increase the scope of human freedom. -- Noam Chomsky (Red and Black Revolution, 1996)