Print this page
9842 man page typos and spelling
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/man/man4/warn.conf.4.man.txt
+++ new/usr/src/man/man4/warn.conf.4.man.txt
1 1 WARN.CONF(4) File Formats and Configurations WARN.CONF(4)
2 2
3 3
4 4
5 5 NAME
6 6 warn.conf - Kerberos warning configuration file
7 7
8 8 SYNOPSIS
9 9 /etc/krb5/warn.conf
10 10
11 11
12 12 DESCRIPTION
13 13 The warn.conf file contains configuration information specifying how
14 14 users will be warned by the ktkt_warnd daemon about ticket expiration.
15 15 In addition, this file can be used to auto-renew the user's Ticket-
16 16 Granting Ticket (TGT) instead of warning the user. Credential
17 17 expiration warnings and auto-renew results are sent, by means of
18 18 syslog, to auth.notice.
19 19
20 20
21 21 Each Kerberos client host must have a warn.conf file in order for users
22 22 on that host to get Kerberos warnings from the client. Entries in the
23 23 warn.conf file must have the following format:
24 24
25 25 principal [renew[:opt1,...optN]] syslog|terminal time
26 26
27 27
28 28
29 29 or:
30 30
31 31 principal [renew[:opt1,...optN]] mail time [email address]
32 32
33 33
34 34 principal
35 35 Specifies the principal name to be warned. The
36 36 asterisk (*) wildcard can be used to specify groups of
37 37 principals.
38 38
39 39
40 40 renew
41 41 Automatically renew the credentials (TGT) until
42 42 renewable lifetime expires. This is equivalent to the
43 43 user running kinit -R.
44 44
45 45 The renew options include:
46 46
47 47 log-success
48 48 Log the result of the renew attempt on
49 49 success using the specified method
50 50 (syslog|terminal|mail).
51 51
52 52
53 53 log-failure
|
↓ open down ↓ |
53 lines elided |
↑ open up ↑ |
54 54 Log the result of the renew attempt on
55 55 failure using the specified method
56 56 (syslog|terminal|mail). Some renew
57 57 failure conditions are: TGT renewable
58 58 lifetime has expired, the KDCs are
59 59 unavailable, or the cred cache file has
60 60 been removed.
61 61
62 62
63 63 log
64 - Same as specifing both log-success and
64 + Same as specifying both log-success and
65 65 log-failure.
66 66
67 67
68 68 Note -
69 69
70 70 If no log options are given, no logging is done.
71 71
72 72
73 73 syslog
74 74 Sends the warnings to the system's syslog. Depending
75 75 on the /etc/syslog.conf file, syslog entries are
76 76 written to the /var/adm/messages file and/or displayed
77 77 on the terminal.
78 78
79 79
80 80 terminal
81 81 Sends the warnings to display on the terminal.
82 82
83 83
84 84 mail
85 85 Sends the warnings as email to the address specified
86 86 by email_address.
87 87
88 88
89 89 time
90 90 Specifies how much time before the TGT expires when a
91 91 warning should be sent. The default time value is
92 92 seconds, but you can specify h (hours) and m (minutes)
93 93 after the number to specify other time values.
94 94
95 95
96 96 email_address
97 97 Specifies the email address at which to send the
98 98 warnings. This field must be specified only with the
99 99 mail field.
100 100
101 101
102 102 EXAMPLES
103 103 Example 1 Specifying Warnings
104 104
105 105
106 106 The following warn.conf entry
107 107
108 108
109 109 * syslog 5m
110 110
111 111
112 112
113 113
114 114 specifies that warnings will be sent to the syslog five minutes before
115 115 the expiration of the TGT for all principals. The form of the message
116 116 is:
117 117
118 118
119 119 jdb@ACME.COM: your kerberos credentials expire in 5 minutes
120 120
121 121
122 122
123 123 Example 2 Specifying Renewal
124 124
125 125
126 126 The following warn.conf entry:
127 127
128 128
129 129 * renew:log terminal 30m
130 130
131 131
132 132
133 133 ...specifies that renew results will be sent to the user's terminal 30
134 134 minutes before the expiration of the TGT for all principals. The form
135 135 of the message (on renew success) is:
136 136
137 137
138 138 myname@ACME.COM: your kerberos credentials have been renewed
139 139
140 140
141 141 FILES
142 142 /usr/lib/krb5/ktkt_warnd
143 143 Kerberos warning daemon
144 144
145 145
146 146 ATTRIBUTES
147 147 See attributes(5) for descriptions of the following attributes:
148 148
149 149
150 150
151 151
152 152 +--------------------+-----------------+
153 153 | ATTRIBUTE TYPE | ATTRIBUTE VALUE |
154 154 +--------------------+-----------------+
155 155 |Interface Stability | Evolving |
156 156 +--------------------+-----------------+
157 157
158 158 SEE ALSO
159 159 kinit(1), kdestroy(1), ktkt_warnd(1M), syslog.conf(4), utmpx(4),
160 160 attributes(5), kerberos(5), pam_krb5(5)
161 161
162 162 NOTES
163 163 The auto-renew of the TGT is attempted only if the user is logged-in,
164 164 as determined by examining utmpx(4).
165 165
166 166
167 167
168 168 March 30, 2005 WARN.CONF(4)
|
↓ open down ↓ |
94 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX