From ppomes@Qualcomm.com Wed Sep 10 11:29:53 1997
Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id LAA24255 for <bugs@RT-11.MIT.EDU>; Wed, 10 Sep 1997 11:29:53 -0400
Received: from zelkova.qualcomm.com by MIT.EDU with SMTP
id AA23095; Wed, 10 Sep 97 11:29:50 EDT
Received: (from ppomes@localhost)
by zelkova.qualcomm.com (8.8.5/8.8.5) id IAA08069;
Wed, 10 Sep 1997 08:29:48 -0700 (PDT)
Message-Id: <199709101529.IAA08069@zelkova.qualcomm.com>
Date: Wed, 10 Sep 1997 08:29:48 -0700 (PDT)
From: ppomes@Qualcomm.com
Reply-To: ppomes@Qualcomm.com
To: krb5-bugs@MIT.EDU
Subject: confusing ACL file explanation in kadmind(8)
X-Send-Pr-Version: 3.99
6455 Lusk Blvd
San Diego, CA 92121-2779
Architecture: sun4
be "... Lines containing ACL
entries have the format of principal whitespace operation-
mask [whitespace operation-target]"
There should be an empty line following "format of" to put the
syntax definition on a line by itself. Following the statement
that ordering is important, the 3 elements of the line are defined
in the order of
principle
operation-target
operation-mask
(the last two are interchanged from their presentation in the syntax
line)
*** kadmind.M 1997/09/10 15:23:30 1.1
--- kadmind.M 1997/09/10 15:26:49
***************
*** 118,123 ****
--- 118,124 ----
which contain ACL entries. Comment lines start with the sharp sign
(\fB\&#\fP) and continue until the end of the line. Lines containing ACL
entries have the format of
+ .PP
.B principal
.I whitespace
.B operation-mask
***************
*** 132,143 ****
the asterisk (
.B *
) character.
- .IP operation-target
- [Optional] may specify a partially or fully qualified Kerberos version 5
- principal name. Each component of the name may be wildcarded using the
- asterisk (
- .B *
- ) character.
.IP operation-mask
Specifies what operations may or may not be peformed by a principal
matching a particular entry. This is a string of one or more of the
--- 133,138 ----
***************
*** 179,184 ****
--- 174,186 ----
Same as
.BR x .
.RE
+ .IP operation-target
+ [Optional] may specify a partially or fully qualified Kerberos version 5
+ principal name. Each component of the name may be wildcarded using the
+ asterisk (
+ .B *
+ ) character.
+ .PP
Some examples of valid entries here are:
.TP
.I user/instance@realm adm
Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id LAA24255 for <bugs@RT-11.MIT.EDU>; Wed, 10 Sep 1997 11:29:53 -0400
Received: from zelkova.qualcomm.com by MIT.EDU with SMTP
id AA23095; Wed, 10 Sep 97 11:29:50 EDT
Received: (from ppomes@localhost)
by zelkova.qualcomm.com (8.8.5/8.8.5) id IAA08069;
Wed, 10 Sep 1997 08:29:48 -0700 (PDT)
Message-Id: <199709101529.IAA08069@zelkova.qualcomm.com>
Date: Wed, 10 Sep 1997 08:29:48 -0700 (PDT)
From: ppomes@Qualcomm.com
Reply-To: ppomes@Qualcomm.com
To: krb5-bugs@MIT.EDU
Subject: confusing ACL file explanation in kadmind(8)
X-Send-Pr-Version: 3.99
Show quoted text
>Number: 468
>Category: krb5-doc
>Synopsis: The kadmind(8) ACL file explanation is confusing
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: krb5-unassigned
>State: open
>Class: doc-bug
>Submitter-Id: unknown
>Arrival-Date: Wed Sep 10 11:30:01 EDT 1997
>Last-Modified:
>Originator: Paul Pomes
>Organization:
QUALCOMM, Inc.>Category: krb5-doc
>Synopsis: The kadmind(8) ACL file explanation is confusing
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: krb5-unassigned
>State: open
>Class: doc-bug
>Submitter-Id: unknown
>Arrival-Date: Wed Sep 10 11:30:01 EDT 1997
>Last-Modified:
>Originator: Paul Pomes
>Organization:
6455 Lusk Blvd
San Diego, CA 92121-2779
Show quoted text
>Release: 1.0pl1
>Environment:
System: SunOS zelkova 5.5.1 Generic_103640-04 sun4m sparc SUNW,SPARCstation-20>Environment:
Architecture: sun4
Show quoted text
>Description:
The man page for kadmind(8) states the format of the ACL file tobe "... Lines containing ACL
entries have the format of principal whitespace operation-
mask [whitespace operation-target]"
There should be an empty line following "format of" to put the
syntax definition on a line by itself. Following the statement
that ordering is important, the 3 elements of the line are defined
in the order of
principle
operation-target
operation-mask
(the last two are interchanged from their presentation in the syntax
line)
Show quoted text
>How-To-Repeat:
Execute the command: "man kadmind"Show quoted text
>Fix:
Apply the patch below:*** kadmind.M 1997/09/10 15:23:30 1.1
--- kadmind.M 1997/09/10 15:26:49
***************
*** 118,123 ****
--- 118,124 ----
which contain ACL entries. Comment lines start with the sharp sign
(\fB\&#\fP) and continue until the end of the line. Lines containing ACL
entries have the format of
+ .PP
.B principal
.I whitespace
.B operation-mask
***************
*** 132,143 ****
the asterisk (
.B *
) character.
- .IP operation-target
- [Optional] may specify a partially or fully qualified Kerberos version 5
- principal name. Each component of the name may be wildcarded using the
- asterisk (
- .B *
- ) character.
.IP operation-mask
Specifies what operations may or may not be peformed by a principal
matching a particular entry. This is a string of one or more of the
--- 133,138 ----
***************
*** 179,184 ****
--- 174,186 ----
Same as
.BR x .
.RE
+ .IP operation-target
+ [Optional] may specify a partially or fully qualified Kerberos version 5
+ principal name. Each component of the name may be wildcarded using the
+ asterisk (
+ .B *
+ ) character.
+ .PP
Some examples of valid entries here are:
.TP
.I user/instance@realm adm
Show quoted text
>Audit-Trail:
>Unformatted:
>Unformatted: