]>
Commit | Line | Data |
---|---|---|
3afcb6f0 JR |
1 | diff -urbB heimdal-0.7/configure.ac heimdal-0.7.org/configure.ac |
2 | --- heimdal-0.7/configure.ac 2005-06-16 18:29:14.000000000 +0200 | |
3 | +++ heimdal-0.7.org/configure.ac 2005-07-03 18:58:54.158074120 +0200 | |
9987dc73 | 4 | @@ -16,7 +16,7 @@ |
ed59b63e | 5 | AC_PREFIX_DEFAULT(/usr/heimdal) |
6 | ||
7 | test "$sysconfdir" = '${prefix}/etc' && sysconfdir='/etc' | |
8 | -test "$localstatedir" = '${prefix}/var' && localstatedir='/var/heimdal' | |
9 | +test "$localstatedir" = '${prefix}/var' && localstatedir='/var/lib' | |
10 | ||
11 | AC_CANONICAL_HOST | |
12 | CANONICAL_HOST=$host | |
c4156a90 JB |
13 | --- heimdal-1.1/doc/setup.texi.orig 2008-01-24 14:11:44.000000000 +0100 |
14 | +++ heimdal-1.1/doc/setup.texi 2008-03-09 19:11:01.901155461 +0100 | |
15 | @@ -111,13 +111,13 @@ | |
9987dc73 | 16 | Make sure the directory has restrictive permissions. |
a5e68d8e JB |
17 | |
18 | @example | |
19 | -# mkdir /var/heimdal | |
20 | +# mkdir /var/lib/heimdal | |
21 | @end example | |
ed59b63e | 22 | |
23 | The keys of all the principals are stored in the database. If you | |
24 | choose to, these can be encrypted with a master key. You do not have to | |
25 | remember this key (or password), but just to enter it once and it will | |
26 | -be stored in a file (@file{/var/heimdal/m-key}). If you want to have a | |
27 | +be stored in a file (@file{/var/lib/heimdal/m-key}). If you want to have a | |
28 | master key, run @samp{kstash} to create this master key: | |
29 | ||
30 | @example | |
c4156a90 | 31 | @@ -354,14 +354,14 @@ |
a5e68d8e JB |
32 | one below to your @file{/etc/inetd.conf}. |
33 | ||
34 | @example | |
35 | -kerberos-adm stream tcp nowait root /usr/heimdal/libexec/kadmind kadmind | |
36 | +kerberos-adm stream tcp nowait root /usr/sbin/kadmind kadmind | |
37 | @end example | |
38 | ||
39 | You might need to add @samp{kerberos-adm} to your @file{/etc/services} | |
9987dc73 | 40 | as @samp{749/tcp}. |
ed59b63e | 41 | |
31515e7d JR |
42 | Access to the administration server is controlled by an ACL file, |
43 | -(default @file{/var/heimdal/kadmind.acl}.) The file has the following | |
44 | +(default @file{/var/lib/heimdal/kadmind.acl}.) The file has the following | |
45 | syntax: | |
ed59b63e | 46 | @smallexample |
47 | principal [priv1,priv2,...] [glob-pattern] | |
c4156a90 | 48 | @@ -525,7 +525,7 @@ |
a5e68d8e JB |
49 | |
50 | @example | |
51 | slave# ktutil get -p foo/admin hprop/`hostname` | |
52 | -slave# mkdir /var/heimdal | |
53 | +slave# mkdir /var/lib/heimdal | |
54 | slave# hpropd | |
55 | @end example | |
56 | ||
c4156a90 | 57 | @@ -577,7 +577,7 @@ |
9987dc73 AM |
58 | The program that runs on the master is @command{ipropd-master} and all |
59 | clients run @command{ipropd-slave}. | |
ed59b63e | 60 | |
61 | -Create the file @file{/var/heimdal/slaves} on the master containing all | |
62 | +Create the file @file{/var/lib/heimdal/slaves} on the master containing all | |
63 | the slaves that the database should be propagated to. Each line contains | |
64 | the full name of the principal (for example | |
65 | @samp{iprop/hemligare.foo.se@@FOO.SE}). | |
df17db34 | 66 | @@ -593,25 +593,25 @@ |
a5e68d8e JB |
67 | |
68 | ||
69 | @example | |
70 | -master# /usr/heimdal/sbin/ktutil get iprop/`hostname` | |
71 | +master# /usr/sbin/ktutil get iprop/`hostname` | |
72 | @end example | |
ed59b63e | 73 | |
df17db34 JR |
74 | @example |
75 | -slave# /usr/heimdal/sbin/ktutil get iprop/`hostname` | |
76 | +slave# /usr/sbin/ktutil get iprop/`hostname` | |
77 | @end example | |
78 | ||
79 | ||
9987dc73 AM |
80 | The next step is to start the @command{ipropd-master} process on the master |
81 | server. The @command{ipropd-master} listens on the UNIX domain socket | |
ed59b63e | 82 | -@file{/var/heimdal/signal} to know when changes have been made to the |
83 | +@file{/var/lib/heimdal/signal} to know when changes have been made to the | |
84 | database so they can be propagated to the slaves. There is also a | |
85 | safety feature of testing the version number regularly (every 30 | |
86 | seconds) to see if it has been modified by some means that do not raise | |
9987dc73 | 87 | this signal. Then, start @command{ipropd-slave} on all the slaves: |
a5e68d8e JB |
88 | |
89 | @example | |
90 | -master# /usr/heimdal/libexec/ipropd-master & | |
91 | -slave# /usr/heimdal/libexec/ipropd-slave master & | |
92 | +master# /usr/sbin/ipropd-master & | |
93 | +slave# /usr/sbin/ipropd-slave master & | |
94 | @end example | |
95 | ||
c4156a90 JB |
96 | To manage the iprop log file you should use the @command{iprop-log} |
97 | @@ -1291,7 +1291,7 @@ | |
98 | Note that the file name is space sensitive. | |
99 | ||
100 | @example | |
101 | -# cat /var/heimdal/pki-mapping | |
102 | +# cat /var/lib/heimdal/pki-mapping | |
103 | # comments starts with # | |
104 | lha@@EXAMPLE.ORG:C=SE,O=Stockholm universitet,CN=Love,UID=lha | |
105 | lha@@EXAMPLE.ORG:CN=Love,UID=lha | |
9987dc73 AM |
106 | diff -urbB heimdal-0.7/kadmin/kadmind.8 heimdal-0.7.org/kadmin/kadmind.8 |
107 | --- heimdal-0.7/kadmin/kadmind.8 2005-06-16 18:27:56.000000000 +0200 | |
108 | +++ heimdal-0.7.org/kadmin/kadmind.8 2005-07-03 18:58:54.160073816 +0200 | |
109 | @@ -85,7 +85,7 @@ | |
ed59b63e | 110 | Principals are always allowed to change their own password and list |
111 | their own principal. Apart from that, doing any operation requires | |
112 | permission explicitly added in the ACL file | |
113 | -.Pa /var/heimdal/kadmind.acl . | |
114 | +.Pa /var/lib/heimdal/kadmind.acl . | |
115 | The format of this file is: | |
116 | .Bd -ragged | |
117 | .Va principal | |
9987dc73 | 118 | @@ -155,7 +155,7 @@ |
ed59b63e | 119 | .El |
120 | .\".Sh ENVIRONMENT | |
121 | .Sh FILES | |
122 | -.Pa /var/heimdal/kadmind.acl | |
123 | +.Pa /var/lib/heimdal/kadmind.acl | |
124 | .Sh EXAMPLES | |
125 | This will cause | |
126 | .Nm | |
9987dc73 AM |
127 | diff -urbB heimdal-0.7/kdc/kdc.8 heimdal-0.7.org/kdc/kdc.8 |
128 | --- heimdal-0.7/kdc/kdc.8 2005-06-16 18:27:58.000000000 +0200 | |
129 | +++ heimdal-0.7.org/kdc/kdc.8 2005-07-03 18:58:54.161073664 +0200 | |
130 | @@ -77,7 +77,7 @@ | |
ed59b63e | 131 | .Fl -config-file= Ns Ar file |
132 | .Xc | |
133 | Specifies the location of the config file, the default is | |
134 | -.Pa /var/heimdal/kdc.conf . | |
135 | +.Pa /var/lib/heimdal/kdc.conf . | |
136 | This is the only value that can't be specified in the config file. | |
137 | .It Xo | |
138 | .Fl p , | |
9987dc73 AM |
139 | diff -urbB heimdal-0.7/lib/krb5/krb5.conf.5 heimdal-0.7.org/lib/krb5/krb5.conf.5 |
140 | --- heimdal-0.7/lib/krb5/krb5.conf.5 2005-06-16 18:28:09.000000000 +0200 | |
141 | +++ heimdal-0.7.org/lib/krb5/krb5.conf.5 2005-07-03 18:58:54.162073512 +0200 | |
142 | @@ -490,7 +490,7 @@ | |
ed59b63e | 143 | default_domain = foo.se |
144 | } | |
145 | [logging] | |
146 | - kdc = FILE:/var/heimdal/kdc.log | |
147 | + kdc = FILE:/var/lib/heimdal/kdc.log | |
148 | kdc = SYSLOG:INFO | |
149 | default = SYSLOG:INFO:USER | |
150 | .Ed | |
9987dc73 AM |
151 | diff -urbB heimdal-0.7/lib/krb5/krb5.conf.cat5 heimdal-0.7.org/lib/krb5/krb5.conf.cat5 |
152 | --- heimdal-0.7/lib/krb5/krb5.conf.cat5 2005-06-16 18:33:58.000000000 +0200 | |
153 | +++ heimdal-0.7.org/lib/krb5/krb5.conf.cat5 2005-07-03 18:58:54.163073360 +0200 | |
154 | @@ -503,7 +503,7 @@ | |
ed59b63e | 155 | default_domain = foo.se |
156 | } | |
157 | [logging] | |
158 | - kdc = FILE:/var/heimdal/kdc.log | |
159 | + kdc = FILE:/var/lib/heimdal/kdc.log | |
160 | kdc = SYSLOG:INFO | |
161 | default = SYSLOG:INFO:USER | |
162 |