Date: Thu, 4 Sep 2003 13:04:28 -0600 From: Tillman Hodgson <tillman@seekingfire.com> To: FreeBSD-doc@FreeBSD.org Subject: Re: [Review Request] Kerberose 5 patch. Version two! Message-ID: <20030904130428.W21559@seekingfire.com> In-Reply-To: <20030904131753.4e16c97c.trhodes@FreeBSD.org>; from trhodes@FreeBSD.org on Thu, Sep 04, 2003 at 01:17:53PM -0400 References: <20030903163616.04ac91aa.trhodes@FreeBSD.org> <20030904152353.GH25063@submonkey.net> <20030904111531.S21559@seekingfire.com> <20030904124922.009c69c1.trhodes@FreeBSD.org> <20030904114444.U21559@seekingfire.com> <20030904131753.4e16c97c.trhodes@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Sep 04, 2003 at 01:17:53PM -0400, Tom Rhodes wrote: > On Thu, 4 Sep 2003 11:44:44 -0600 > Tillman Hodgson <tillman@seekingfire.com> wrote: > > I promise to learn SGML (and not attempt to preach LaTeX ;-) ) sometime > > soon *grin*. > > I like LaTeX, I think. :P > > > Well, I have an idea on how to do this. Something like: If I could submit documentation in LaTeX I'd become a prolific writer ;-) > Well, I removed insist. Actually, I came up with this: > > <note> > <para>For large networks with a properly configured > <acronym>BIND</acronym> <acronym>DNS</acronym> server, the > above example could be trimmed to:</para> > > <programlisting>[libdefaults] > default_realm = example.org</programlisting> > > <para>With the following lines being appended to the > <hostid role="fqdn">exmple.org</hostid> zonefile:</para> Spelling: example.org > <programlisting>_kerberos._udp IN SRV 01 00 88 kerberos.example.org. > _kerberos._tcp IN SRV 01 00 88 kerberos.example.org. > _kpasswd._udp IN SRV 01 00 464 kerberos.example.org. > _kerberos-adm._tcp IN SRV 01 00 749 kerberos.example.org. > _kerberos IN TXT EXAMPLE.ORG.</programlisting></note> > > This gives us a sentence which reads as "it could be done this way, > but you are not required to do so." I like it. It even says how to do if you want to do it that way. > > Changing the permissions on /tmp for all workstations might be a > > contentious recommendation. Most Kerberos applications will take an > > environment variable to tell them to look elsewhere for the ticket, > > though this isn't truly standardized and still doesnt' solve the "root > > user problem". > > > > I'm not sure that this is a problem that documentation can solve :-) > > Then I'll ignore the change I was going to make and just leave the > paragraph as it was. Thanks!! No problem :-) The /tmp issue affects lots of different software. I'd like to see some good documentation on the issues and some /standardized/ solutions to them developed. That's something that would make a great USENIX paper if anybody has ideas on how to tackle it :-) -T -- To enjoy the flavor of life, take big bites. Moderation is for monks. - Robert Heinlein
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030904130428.W21559>