Benjamin Kaduk wrote: > Hi Rick, > > > Thanks for all this -- it's good stuff to have. > > > On Sat, Dec 22, 2012 at 6:34 PM, Rick Macklem < rmack...@freebsd.org > > wrote: > > > Author: rmacklem > Date: Sat Dec 22 23:34:28 2012 > New Revision: 244605 > URL: http://svnweb.freebsd.org/changeset/base/244605 > > Log: > Document the new gssd daemon options added by r244604. > This is a content change. > > MFC after: 2 weeks > > Modified: > head/usr.sbin/gssd/gssd.8 > > Modified: head/usr.sbin/gssd/gssd.8 > ============================================================================== > --- head/usr.sbin/gssd/gssd.8 Sat Dec 22 23:21:17 2012 (r244604) > +++ head/usr.sbin/gssd/gssd.8 Sat Dec 22 23:34:28 2012 (r244605) > @@ -46,6 +49,29 @@ Run in debug mode. > In this mode, > .Nm > will not fork when it starts. > +.It Fl s Ar dir-list > +Look for an appropriate credential cache file in this list of > directories. > +The list should be full pathnames from root, separated by ':' > characters. > +Usually this list will simply be "/tmp". > +Without this option, the > +.Nm > +daemon assumes that the credential cache file is called > /tmp/krb5cc_<uid>, > +where <uid> is the effective uid for the RPC caller. > +.It Fl c Ar file-substring > +Set a file-substring for the credential cache file names. > +Only files with this substring embedded in their names will be > +selected as candidates when the > +.Fl s > +has been specified. > > > > This grammar seems a bit fishy ("when the -s has been specified"); > "when -s has been specified" or > "when a search directory has been specified with -s" would probably be > better. > Sure.
> > +If not specified, it defaults to "krb5cc_". > +.It Fl r Ar preferred-realm > +Set a preferred Kerberos realm for the search of the directory list > for > > > > "Directory list" sounds like there are multiple directories involved, > perhaps > "directory listing" is better? > It can be a list, for example: "/tmp:/var/tmp". Personally, I thought having a list was overkill, but during the email discussion with the people that reported the problem, it was felt that a list might be needed (and the Linux gssd does take a list of directories). However, it probably isn't clear that the preferred realm applies to the principal names in the credential cache file entries being examined. > > +a credentials cache file. > +When set, files with TGT credentials for this realm will be selected > over > +other credential files. > +This option is only meaningful when the > +.Fl s > +option has been specified. > > > > There is something of a movement among the doc types to remove > "redundant" words, > making this "when -s has been specified", but others (some quite > senior) do not approve > of this "useless churn". Might not be worth changing now, but for new > content, something > to consider. > > > Let me know if I should make the patch. > Sure, if you'd like to. Otherwise, I'll try and come up with a fixup. Thanks for pointing this out, rick > > -Ben Kaduk _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"