External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-12-22 13:45:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs: fix typo when using Kerberos principals

Browse Source 
Kerberos uses 'primary' or 'key' files (principals), not 'abstract
ideal' or 'rule' files (principles).  Reported by Jason Meinzer.

Reflow a paragraph to fit in 80 columns in the process.

* docs/auth.html.in: Fix spelling.
This commit is contained in:
Eric Blake 2013-04-09 16:39:19 -06:00
parent d7468b7d47
commit cdb1c3b6e2
1 changed files with 10 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
docs/auth.html.in
View File

@ -253,13 +253,15 @@ Plugin "gssapiv2" [loaded], API version: 4
features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION|NEED_SERVER_FQDN
</pre>
<p>
Next it is necessary for the administrator of the Kerberos realm to issue a principle
for the libvirt server. There needs to be one principle per host running the libvirt
daemon. The principle should be named <code>libvirt/full.hostname@KERBEROS.REALM</code>.
This is typically done by running the <code>kadmin.local</code> command on the Kerberos
server, though some Kerberos servers have alternate ways of setting up service principles.
Once created, the principle should be exported to a keytab, copied to the host running
the libvirt daemon and placed in <code>/etc/libvirt/krb5.tab</code>
Next it is necessary for the administrator of the Kerberos realm to
issue a principal for the libvirt server. There needs to be one
principal per host running the libvirt daemon. The principal should be
named <code>libvirt/full.hostname@KERBEROS.REALM</code>. This is
typically done by running the <code>kadmin.local</code> command on the
Kerberos server, though some Kerberos servers have alternate ways of
setting up service principals. Once created, the principal should be
exported to a keytab, copied to the host running the libvirt daemon
and placed in <code>/etc/libvirt/krb5.tab</code>
</p>
<pre>
# kadmin.local
@ -281,7 +283,7 @@ kadmin.local: quit
</pre>
<p>
Any client application wishing to connect to a Kerberos enabled libvirt server
merely needs to run <code>kinit</code> to gain a user principle. This may well
merely needs to run <code>kinit</code> to gain a user principal. This may well
be done automatically when a user logs into a desktop session, if PAM is setup
to authenticate against Kerberos.
</p>