kadmin: Add disallow-client attribute
This is useful for services that need not be clients. For example, an untrusted service that need only accept authentication from clients, but not initiate authentication to other services.
This commit is contained in:
Nicolas Williams
@@ -336,10 +336,14 @@ Possible attributes are:
|
||||
.Li new-princ ,
|
||||
.Li support-desmd5 ,
|
||||
.Li pwchange-service ,
|
||||
.Li disallow-client ,
|
||||
.Li disallow-svr ,
|
||||
.Li requires-pw-change ,
|
||||
.Li requires-hw-auth ,
|
||||
.Li requires-pre-auth ,
|
||||
.Li allow-digest ,
|
||||
.Li trusted-for-delegation ,
|
||||
.Li ok-as-delegate ,
|
||||
.Li disallow-all-tix ,
|
||||
.Li disallow-dup-skey ,
|
||||
.Li disallow-proxiable ,
|
||||
|
||||
@@ -54,6 +54,7 @@ struct units kdb_attrs[] = {
|
||||
{ "new-princ", KRB5_KDB_NEW_PRINC },
|
||||
{ "support-desmd5", KRB5_KDB_SUPPORT_DESMD5 },
|
||||
{ "pwchange-service", KRB5_KDB_PWCHANGE_SERVICE },
|
||||
{ "disallow-client", KRB5_KDB_DISALLOW_CLIENT },
|
||||
{ "disallow-svr", KRB5_KDB_DISALLOW_SVR },
|
||||
{ "requires-pw-change", KRB5_KDB_REQUIRES_PWCHANGE },
|
||||
{ "requires-hw-auth", KRB5_KDB_REQUIRES_HW_AUTH },
|
||||
|
||||
Reference in New Issue
Block a user