Print this page
12743 man page spelling mistakes

@@ -1,21 +1,19 @@
 '\" te
 .\" Copyright (c) 2009 Sun Microsystems, Inc. All Rights Reserved.
 .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License").  You may not use this file except in compliance with the License.
 .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or  See the License for the specific language governing permissions and limitations under the License.
 .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE.  If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
-.TH KRB5.CONF 4 "Nov 26, 2017"
+.TH KRB5.CONF 4 "May 16, 2020"
 krb5.conf \- Kerberos configuration file
 The \fBkrb5.conf\fR file contains Kerberos configuration information, including
 the locations of \fBKDC\fRs and administration daemons for the Kerberos realms
 of interest, defaults for the current realm and for Kerberos applications, and
 mappings of host names onto Kerberos realms. This file must reside on all
 Kerberos clients.

@@ -139,11 +137,10 @@
 For a Key Distribution Center (\fBKDC\fR), can contain the location of the
 \fBkdc.conf\fR file.
 .SS "The \fB[libdefaults]\fR Section"
 The \fB[libdefaults]\fR section can contain any of the following relations:
 .ne 2

@@ -344,11 +341,11 @@
 .sp .6
 .RS 4n
 Indicates whether DNS SRV records need to be used to locate the KDCs and the
 other servers for a realm, if they have not already been listed in the
 \fB[realms]\fR section. This option makes the machine vulnerable to a certain
-type of DoS attack if somone spoofs the DNS records and does a redirect to
+type of DoS attack if someone spoofs the DNS records and does a redirect to
 another server. This is, however, no worse than a DoS, since the bogus KDC is
 unable to decode anything sent (excepting the initial ticket request, which has
 no encrypted data). Also, anything the fake KDC sends out isl not trusted
 without verification (the local machine is unaware of the secret key to be
 used). If \fBdns_lookup_kdc\fR is not specified but \fBdns_fallback\fR is, then

@@ -405,11 +402,10 @@
 to set it on a per-realm basis, or it can be in the \fB[libdefaults]\fR section
 to make it a network-wide setting for all realms.
 .SS "The \fB[appdefaults]\fR Section"
 This section contains subsections for Kerberos V5 applications, where
 \fIrelation-subsection\fR is the name of an application. Each subsection
 contains relations that define the default behaviors for that application.

@@ -587,11 +583,10 @@
 The application defaults specified here are overridden by those specified in
 the \fB[realms]\fR section.
 .SS "The \fB[realms]\fR Section"
 This section contains subsections for Kerberos realms, where
 \fIrelation-subsection\fR is the name of a realm. Each subsection contains
 relations that define the properties for that particular realm. The following
 relations can be specified in each \fB[realms]\fR subsection:

@@ -867,11 +862,10 @@
 Notice that \fBkpasswd_server\fR and \fBkpasswd_protocol\fR are realm-specific
 parameters. Most often, you need to specify them only when using a
 non-Solaris-based Kerberos server. Otherwise, the change request is sent over
 \fBRPCSEC_GSS\fR to the Solaris Kerberos administration server.
 .SS "The \fB[domain_realm]\fR Section"
 This section provides a translation from a domain name or hostname to a
 Kerberos realm name. The \fIrelation\fR can be a host name, or a domain name,
 where domain names are indicated by a period (`\fB\&.\fR') prefix.
 \fIrelation-value\fR is the Kerberos realm name for that particular host or
 domain. Host names and domain names should be in lower case.

@@ -900,11 +894,10 @@
 \fBATHENA.MIT.EDU\fR realm, and all hosts in the \\fR domain maps by
 default into the \fBFUBAR.ORG\fR realm. The entries for the hosts \\fR
 and \\fR. Without these entries, these hosts would be mapped into
 the Kerberos realms \fBEDU\fR and \fBORG\fR, respectively.
 .SS "The \fB[logging]\fR Section"
 This section indicates how Kerberos programs are to perform logging. There are
 two types of relations for this section: relations to specify how to log and a
 relation to specify how to rotate \fBkdc\fR log files.

@@ -1109,11 +1102,10 @@
 .in -2
 .SS "The \fB[capaths]\fR Section"
 In order to perform direct (non-hierarchical) cross-realm authentication, a
 database is needed to construct the authentication paths between the realms.
 This section defines that database.

@@ -1213,11 +1205,10 @@
 In the above examples, the ordering is not important, except when the same
 relation is used more than once. The client uses this to determine the path.
 (It is not important to the server, since the transited field is not sorted.)
 .SS "PKINIT-specific Options"
 The following are \fBpkinit-specific\fR options. These values can be specified
 in \fB[libdefaults]\fR as global defaults, or within a realm-specific
 subsection of \fB[libdefaults]\fR, or can be specified as realm-specific values
 in the \fB[realms]\fR section. A realm-specific value overrides, does not add
 to, a generic \fB[libdefaults]\fR specification.

@@ -1644,11 +1635,10 @@
 example, \fBENV:X509_PROXY\fR, where environment variable \fBX509_PROXY\fR has
 been set to \fBFILE:/tmp/my_proxy.pem\fR.
 .SS "The \fB[dbmodules]\fR Section"
 This section consists of relations that provide configuration information for
 plug-in modules. In particular, the relations describe the configuration for
 LDAP KDB plug-in. Use of the \fBdb2\fR KDB plug-in is the default behavior and
 that this section does not need to be filled out in that case.

@@ -1759,11 +1749,10 @@
 .RS 4n
 Port number for SSL connection with directory server. The default is \fB389\fR.
 \fBExample 1 \fRSample File
 The following is an example of a generic \fBkrb5.conf\fR file:

@@ -1838,11 +1827,10 @@
 .RS 4n
 \fBKDC\fR logging file
 See \fBattributes\fR(5) for descriptions of the following attributes:

@@ -1857,16 +1845,14 @@
 All of the keywords are Committed, except for the \fBPKINIT\fR keywords, which
 are Volatile.
 \fBkinit\fR(1), \fBrcp\fR(1), \fBrdist\fR(1), \fBrlogin\fR(1), \fBrsh\fR(1),
 \fBtelnet\fR(1), \fBsyslog\fR(3C), \fBattributes\fR(5), \fBkerberos\fR(5),
 If the \fBkrb5.conf\fR file is not formatted properly, the \fBtelnet\fR command
 fails. However, the \fBdtlogin\fR and \fBlogin\fR commands still succeed, even
 if the \fBkrb5.conf\fR file is specified as required for the commands. If this
 occurs, the following error message is displayed: