oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Document HDB backends

Browse Source
This commit is contained in:
Nicolas Williams
2015-06-01 20:12:37 -05:00
parent 16275048b8
commit 7eb9b46f5b
5 changed files with 29 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
doc/Makefile.am
View File

@@ -55,6 +55,7 @@ wind.dxy: wind.din Makefile
mv wind.dxy.tmp wind.dxy mv wind.dxy.tmp wind.dxy
texi_subst = sed -e 's,[@]dbdir[@],$(localstatedir),g' \ texi_subst = sed -e 's,[@]dbdir[@],$(localstatedir),g' \
-e 's,[@]dbtype[@],$(db_type),g' \
-e 's,[@]PACKAGE_VERSION[@],$(PACKAGE_VERSION),g' -e 's,[@]PACKAGE_VERSION[@],$(PACKAGE_VERSION),g'
vars.texi: vars.tin Makefile vars.texi: vars.tin Makefile

1
doc/NTMakefile
View File

@@ -57,6 +57,7 @@ hx509_TEXINFOS = \
{}.tin{$(OBJ)}.texi: {}.tin{$(OBJ)}.texi:
$(SED) -e "s,[@]dbdir[@],x,g" \ $(SED) -e "s,[@]dbdir[@],x,g" \
-e "s,[@]db_type[@],$(db_type),g" < $** > $@ \
-e "s,[@]PACKAGE_VERSION[@],$(VER_PACKAGE_VERSION),g" < $** > $@ -e "s,[@]PACKAGE_VERSION[@],$(VER_PACKAGE_VERSION),g" < $** > $@
MAKEINFOFLAGS = --css-include=$(SRCDIR)/heimdal.css MAKEINFOFLAGS = --css-include=$(SRCDIR)/heimdal.css

22
doc/setup.texi
View File

@@ -123,8 +123,30 @@ Make sure the directory has restrictive permissions.
@example @example
# mkdir /var/heimdal # mkdir /var/heimdal
# chmod og-rwx /var/heimdal
@end example @end example
Heimdal supports various database backends: lmdb (LMDB), db3 (Berkeley
DB 3.x, 4.x, or 5.x), db1 (Berkeley DB 2.x), sqlite (SQLite3), and ldap
(LDAP). The default is @value{dbtype}, and is selected at build time
from one of lmdb, db3, or db1.
These defaults can be overriden in the 'database' key in the @samp{kdc}
section of the configuration.
@example
[kdc]
database = @{
dbname = lmdb:/path/to/db-file
realm = REALM
acl_file = /path/to/kadmind.acl
mkey_file = /path/to/mkey
log_file = /path/to/iprop-log-file
@}
@end example
To use LDAP, see @xref{Using LDAP to store the database}.
The keys of all the principals are stored in the database. If you The keys of all the principals are stored in the database. If you
choose to, these can be encrypted with a master key. You do not have to choose to, these can be encrypted with a master key. You do not have to
remember this key (or password), but just to enter it once and it will remember this key (or password), but just to enter it once and it will

1
doc/vars.tin
View File

@@ -4,4 +4,5 @@
@c @c
@set dbdir @dbdir@ @set dbdir @dbdir@
@set dbtype @dbtype@
@set PACKAGE_VERSION @PACKAGE_VERSION@ @set PACKAGE_VERSION @PACKAGE_VERSION@

6
lib/krb5/krb5.conf.5
View File

@@ -551,8 +551,10 @@ manual page for a list of defined destinations.
.Bl -tag -width "xxx" -offset indent .Bl -tag -width "xxx" -offset indent
.It Li database Li = { .It Li database Li = {
.Bl -tag -width "xxx" -offset indent .Bl -tag -width "xxx" -offset indent
.It Li dbname Li = Va DATABASENAME .It Li dbname Li = Va [DATBASETYPE:]DATABASENAME
Use this database for this realm. Use this database for this realm. The
.Va DATABASETYPE
should be one of 'lmdb', 'db3', 'db1', 'db', 'sqlite', or 'ldap'.
See the info documetation how to configure different database backends. See the info documetation how to configure different database backends.
.It Li realm Li = Va REALM .It Li realm Li = Va REALM
Specifies the realm that will be stored in this database. Specifies the realm that will be stored in this database.