From b10beb347238b153af8aa544fb276485b34e970e Mon Sep 17 00:00:00 2001 From: Russ Allbery Date: Sat, 5 Jan 2008 00:01:54 +0000 Subject: The wallet client can now get the server, port, principal, and remctl type from krb5.conf as well as from compile-time defaults and command-line options. --- client/wallet.pod | 67 +++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 63 insertions(+), 4 deletions(-) (limited to 'client/wallet.pod') diff --git a/client/wallet.pod b/client/wallet.pod index 8991123..c216cb7 100644 --- a/client/wallet.pod +++ b/client/wallet.pod @@ -62,7 +62,8 @@ protocol to talk to the wallet server. The command prefix (remctl type) to use. Normally this is an internal implementation detail and the default (C) should be fine. It may sometimes be useful to use a different prefix for testing a different -version of the wallet code on the server. +version of the wallet code on the server. This option can also be set in +F; see L below. =item B<-f> I @@ -76,6 +77,7 @@ will be destroyed. The service principal of the wallet server. The default is to use the C principal for the wallet server. The principal chosen must match one of the keys in the keytab used by B on the wallet server. +This option can also be set in F; see L below. =item B<-h> @@ -85,7 +87,8 @@ commands are ignored. =item B<-p> I The port to connect to on the wallet server. The default is the default -remctl port. +remctl port. This option can also be set in F; see +L below. =item B<-S> I @@ -100,8 +103,9 @@ L. =item B<-s> I -The wallet server to connect to. The default is a hard-coded server value -determined at configure time when compiling the wallet client. +The wallet server to connect to. The default may be set when compiling +the wallet client. If it isn't, either B<-s> must be given or the server +must be set in F. See L below. =item B<-v> @@ -352,6 +356,61 @@ correctly. =back +=head1 CONFIGURATION + +B can optionally be configured in the system F. It +will read the default F file for the Kerberos libraries with +which it was compiled. To set an option, put the option in the +[appdefaults] section. B will look for options either at the top +level of the [appdefaults] section or in a subsection named C, +inside or outside of a section for the realm. For example, the following +fragment of a F file would set the default port to 4373 and the +default server to C. It would also set the principal +to C only if the local default realm is +EXAMPLE.NET: + + [appdefaults] + wallet_port = 4373 + wallet = { + wallet_server = wallet.example.org + EXAMPLE.NET = { + wallet_principal = wallet/example.org@EXAMPLE.NET + } + } + +The supported options are: + +=over 4 + +=item wallet_principal + +The service principal of the wallet server. The default is to use the +C principal for the wallet server. The principal chosen must match +one of the keys in the keytab used by B on the wallet server. +The B<-k> command-line option overrides this setting. + +=item wallet_port + +The port to connect to on the wallet server. The default is the default +remctl port. The B<-p> command-line option overrides this setting. + +=item wallet_server + +The wallet server to connect to. The B<-s> command-line option overrides +this setting. The default may be set when compiling the wallet client. +If it isn't, either B<-s> must be given or this parameter must be present +in in F. + +=item wallet_type + +The command prefix (remctl type) to use. Normally this is an internal +implementation detail and the default (C) should be fine. It may +sometimes be useful to use a different prefix for testing a different +version of the wallet code on the server. The B<-c> command-line option +overrides this setting. + +=back + =head1 SEE ALSO krb5.conf(5), remctl(1), remctld(8) -- cgit v1.2.3