Skip Menu |
 

Subject: Documentation Error: allow_renewable flag in system admin guide
The current text of the allow_renewable policy flag reads:

{-|+}allow_renewable
The “-allow_renewable” option prohibits this principal from
obtaining renewable tickets. “+allow_renewable” clears this flag. In
effect, “-allow_renewable” sets the KRB5_KDB_DISALLOW_RENEWABLE flag on
the principal in the database.


This text is incomplete. When -allow_renewable is applied to a service
principal, this flag prevents service tickets from being issued for that
service that are renewable.