diff -urbB heimdal-0.7/configure.ac heimdal-0.7.org/configure.ac --- heimdal-0.7/configure.ac 2005-06-16 18:29:14.000000000 +0200 +++ heimdal-0.7.org/configure.ac 2005-07-03 18:58:54.158074120 +0200 @@ -16,7 +16,7 @@ AC_PREFIX_DEFAULT(/usr/heimdal) test "$sysconfdir" = '${prefix}/etc' && sysconfdir='/etc' -test "$localstatedir" = '${prefix}/var' && localstatedir='/var/heimdal' +test "$localstatedir" = '${prefix}/var' && localstatedir='/var/lib' AC_CANONICAL_HOST CANONICAL_HOST=$host --- heimdal-1.1/doc/setup.texi.orig 2008-01-24 14:11:44.000000000 +0100 +++ heimdal-1.1/doc/setup.texi 2008-03-09 19:11:01.901155461 +0100 @@ -111,13 +111,13 @@ Make sure the directory has restrictive permissions. @example -# mkdir /var/heimdal +# mkdir /var/lib/heimdal @end example The keys of all the principals are stored in the database. If you choose to, these can be encrypted with a master key. You do not have to remember this key (or password), but just to enter it once and it will -be stored in a file (@file{/var/heimdal/m-key}). If you want to have a +be stored in a file (@file{/var/lib/heimdal/m-key}). If you want to have a master key, run @samp{kstash} to create this master key: @example @@ -354,14 +354,14 @@ one below to your @file{/etc/inetd.conf}. @example -kerberos-adm stream tcp nowait root /usr/heimdal/libexec/kadmind kadmind +kerberos-adm stream tcp nowait root /usr/sbin/kadmind kadmind @end example You might need to add @samp{kerberos-adm} to your @file{/etc/services} as @samp{749/tcp}. Access to the administration server is controlled by an ACL file, -(default @file{/var/heimdal/kadmind.acl}.) The file has the following +(default @file{/var/lib/heimdal/kadmind.acl}.) The file has the following syntax: @smallexample principal [priv1,priv2,...] [glob-pattern] @@ -525,7 +525,7 @@ @example slave# ktutil get -p foo/admin hprop/`hostname` -slave# mkdir /var/heimdal +slave# mkdir /var/lib/heimdal slave# hpropd @end example @@ -577,7 +577,7 @@ The program that runs on the master is @command{ipropd-master} and all clients run @command{ipropd-slave}. -Create the file @file{/var/heimdal/slaves} on the master containing all +Create the file @file{/var/lib/heimdal/slaves} on the master containing all the slaves that the database should be propagated to. Each line contains the full name of the principal (for example @samp{iprop/hemligare.foo.se@@FOO.SE}). @@ -593,25 +593,25 @@ @example -master# /usr/heimdal/sbin/ktutil get iprop/`hostname` +master# /usr/sbin/ktutil get iprop/`hostname` @end example @example -slave# /usr/heimdal/sbin/ktutil get iprop/`hostname` +slave# /usr/sbin/ktutil get iprop/`hostname` @end example The next step is to start the @command{ipropd-master} process on the master server. The @command{ipropd-master} listens on the UNIX domain socket -@file{/var/heimdal/signal} to know when changes have been made to the +@file{/var/lib/heimdal/signal} to know when changes have been made to the database so they can be propagated to the slaves. There is also a safety feature of testing the version number regularly (every 30 seconds) to see if it has been modified by some means that do not raise this signal. Then, start @command{ipropd-slave} on all the slaves: @example -master# /usr/heimdal/libexec/ipropd-master & -slave# /usr/heimdal/libexec/ipropd-slave master & +master# /usr/sbin/ipropd-master & +slave# /usr/sbin/ipropd-slave master & @end example To manage the iprop log file you should use the @command{iprop-log} @@ -1291,7 +1291,7 @@ Note that the file name is space sensitive. @example -# cat /var/heimdal/pki-mapping +# cat /var/lib/heimdal/pki-mapping # comments starts with # lha@@EXAMPLE.ORG:C=SE,O=Stockholm universitet,CN=Love,UID=lha lha@@EXAMPLE.ORG:CN=Love,UID=lha diff -urbB heimdal-0.7/kadmin/kadmind.8 heimdal-0.7.org/kadmin/kadmind.8 --- heimdal-0.7/kadmin/kadmind.8 2005-06-16 18:27:56.000000000 +0200 +++ heimdal-0.7.org/kadmin/kadmind.8 2005-07-03 18:58:54.160073816 +0200 @@ -85,7 +85,7 @@ Principals are always allowed to change their own password and list their own principal. Apart from that, doing any operation requires permission explicitly added in the ACL file -.Pa /var/heimdal/kadmind.acl . +.Pa /var/lib/heimdal/kadmind.acl . The format of this file is: .Bd -ragged .Va principal @@ -155,7 +155,7 @@ .El .\".Sh ENVIRONMENT .Sh FILES -.Pa /var/heimdal/kadmind.acl +.Pa /var/lib/heimdal/kadmind.acl .Sh EXAMPLES This will cause .Nm diff -urbB heimdal-0.7/kdc/kdc.8 heimdal-0.7.org/kdc/kdc.8 --- heimdal-0.7/kdc/kdc.8 2005-06-16 18:27:58.000000000 +0200 +++ heimdal-0.7.org/kdc/kdc.8 2005-07-03 18:58:54.161073664 +0200 @@ -77,7 +77,7 @@ .Fl -config-file= Ns Ar file .Xc Specifies the location of the config file, the default is -.Pa /var/heimdal/kdc.conf . +.Pa /var/lib/heimdal/kdc.conf . This is the only value that can't be specified in the config file. .It Xo .Fl p , diff -urbB heimdal-0.7/lib/krb5/krb5.conf.5 heimdal-0.7.org/lib/krb5/krb5.conf.5 --- heimdal-0.7/lib/krb5/krb5.conf.5 2005-06-16 18:28:09.000000000 +0200 +++ heimdal-0.7.org/lib/krb5/krb5.conf.5 2005-07-03 18:58:54.162073512 +0200 @@ -490,7 +490,7 @@ default_domain = foo.se } [logging] - kdc = FILE:/var/heimdal/kdc.log + kdc = FILE:/var/lib/heimdal/kdc.log kdc = SYSLOG:INFO default = SYSLOG:INFO:USER .Ed diff -urbB heimdal-0.7/lib/krb5/krb5.conf.cat5 heimdal-0.7.org/lib/krb5/krb5.conf.cat5 --- heimdal-0.7/lib/krb5/krb5.conf.cat5 2005-06-16 18:33:58.000000000 +0200 +++ heimdal-0.7.org/lib/krb5/krb5.conf.cat5 2005-07-03 18:58:54.163073360 +0200 @@ -503,7 +503,7 @@ default_domain = foo.se } [logging] - kdc = FILE:/var/heimdal/kdc.log + kdc = FILE:/var/lib/heimdal/kdc.log kdc = SYSLOG:INFO default = SYSLOG:INFO:USER