1*7f2fe78bSCy Schubert.. _mitK5defaults: 2*7f2fe78bSCy Schubert 3*7f2fe78bSCy SchubertMIT Kerberos defaults 4*7f2fe78bSCy Schubert===================== 5*7f2fe78bSCy Schubert 6*7f2fe78bSCy SchubertGeneral defaults 7*7f2fe78bSCy Schubert---------------- 8*7f2fe78bSCy Schubert 9*7f2fe78bSCy Schubert========================================== ============================= ==================== 10*7f2fe78bSCy SchubertDescription Default Environment 11*7f2fe78bSCy Schubert========================================== ============================= ==================== 12*7f2fe78bSCy Schubert:ref:`keytab_definition` file |keytab| **KRB5_KTNAME** 13*7f2fe78bSCy SchubertClient :ref:`keytab_definition` file |ckeytab| **KRB5_CLIENT_KTNAME** 14*7f2fe78bSCy SchubertKerberos config file :ref:`krb5.conf(5)` |krb5conf|\ ``:``\ **KRB5_CONFIG** 15*7f2fe78bSCy Schubert |sysconfdir|\ ``/krb5.conf`` 16*7f2fe78bSCy SchubertKDC config file :ref:`kdc.conf(5)` |kdcdir|\ ``/kdc.conf`` **KRB5_KDC_PROFILE** 17*7f2fe78bSCy SchubertGSS mechanism config file |sysconfdir|\ ``/gss/mech`` **GSS_MECH_CONFIG** 18*7f2fe78bSCy SchubertKDC database path (DB2) |kdcdir|\ ``/principal`` 19*7f2fe78bSCy SchubertMaster key :ref:`stash_definition` |kdcdir|\ ``/.k5.``\ *realm* 20*7f2fe78bSCy SchubertAdmin server ACL file :ref:`kadm5.acl(5)` |kdcdir|\ ``/kadm5.acl`` 21*7f2fe78bSCy SchubertOTP socket directory |kdcrundir| 22*7f2fe78bSCy SchubertPlugin base directory |libdir|\ ``/krb5/plugins`` 23*7f2fe78bSCy Schubert:ref:`rcache_definition` directory ``/var/tmp`` **KRB5RCACHEDIR** 24*7f2fe78bSCy SchubertMaster key default enctype |defmkey| 25*7f2fe78bSCy SchubertDefault :ref:`keysalt list<Keysalt_lists>` |defkeysalts| 26*7f2fe78bSCy SchubertPermitted enctypes |defetypes| 27*7f2fe78bSCy SchubertKDC default port 88 28*7f2fe78bSCy SchubertAdmin server port 749 29*7f2fe78bSCy SchubertPassword change port 464 30*7f2fe78bSCy Schubert========================================== ============================= ==================== 31*7f2fe78bSCy Schubert 32*7f2fe78bSCy Schubert 33*7f2fe78bSCy SchubertReplica KDC propagation defaults 34*7f2fe78bSCy Schubert-------------------------------- 35*7f2fe78bSCy Schubert 36*7f2fe78bSCy SchubertThis table shows defaults used by the :ref:`kprop(8)` and 37*7f2fe78bSCy Schubert:ref:`kpropd(8)` programs. 38*7f2fe78bSCy Schubert 39*7f2fe78bSCy Schubert========================== ================================ =========== 40*7f2fe78bSCy SchubertDescription Default Environment 41*7f2fe78bSCy Schubert========================== ================================ =========== 42*7f2fe78bSCy Schubertkprop database dump file |kdcdir|\ ``/replica_datatrans`` 43*7f2fe78bSCy Schubertkpropd temporary dump file |kdcdir|\ ``/from_master`` 44*7f2fe78bSCy Schubertkdb5_util location |sbindir|\ ``/kdb5_util`` 45*7f2fe78bSCy Schubertkprop location |sbindir|\ ``/kprop`` 46*7f2fe78bSCy Schubertkpropd ACL file |kdcdir|\ ``/kpropd.acl`` 47*7f2fe78bSCy Schubertkprop port 754 KPROP_PORT 48*7f2fe78bSCy Schubert========================== ================================ =========== 49*7f2fe78bSCy Schubert 50*7f2fe78bSCy Schubert 51*7f2fe78bSCy Schubert.. _paths: 52*7f2fe78bSCy Schubert 53*7f2fe78bSCy SchubertDefault paths for Unix-like systems 54*7f2fe78bSCy Schubert----------------------------------- 55*7f2fe78bSCy Schubert 56*7f2fe78bSCy SchubertOn Unix-like systems, some paths used by MIT krb5 depend on parameters 57*7f2fe78bSCy Schubertchosen at build time. For a custom build, these paths default to 58*7f2fe78bSCy Schubertsubdirectories of ``/usr/local``. When MIT krb5 is integrated into an 59*7f2fe78bSCy Schubertoperating system, the paths are generally chosen to match the 60*7f2fe78bSCy Schubertoperating system's filesystem layout. 61*7f2fe78bSCy Schubert 62*7f2fe78bSCy Schubert========================== ============== =========================== =========================== 63*7f2fe78bSCy SchubertDescription Symbolic name Custom build path Typical OS path 64*7f2fe78bSCy Schubert========================== ============== =========================== =========================== 65*7f2fe78bSCy SchubertUser programs BINDIR ``/usr/local/bin`` ``/usr/bin`` 66*7f2fe78bSCy SchubertLibraries and plugins LIBDIR ``/usr/local/lib`` ``/usr/lib`` 67*7f2fe78bSCy SchubertParent of KDC state dir LOCALSTATEDIR ``/usr/local/var`` ``/var`` 68*7f2fe78bSCy SchubertParent of KDC runtime dir RUNSTATEDIR ``/usr/local/var/run`` ``/run`` 69*7f2fe78bSCy SchubertAdministrative programs SBINDIR ``/usr/local/sbin`` ``/usr/sbin`` 70*7f2fe78bSCy SchubertAlternate krb5.conf dir SYSCONFDIR ``/usr/local/etc`` ``/etc`` 71*7f2fe78bSCy SchubertDefault ccache name DEFCCNAME ``FILE:/tmp/krb5cc_%{uid}`` ``FILE:/tmp/krb5cc_%{uid}`` 72*7f2fe78bSCy SchubertDefault keytab name DEFKTNAME ``FILE:/etc/krb5.keytab`` ``FILE:/etc/krb5.keytab`` 73*7f2fe78bSCy SchubertDefault PKCS11 module PKCS11_MODNAME ``opensc-pkcs11.so`` ``opensc-pkcs11.so`` 74*7f2fe78bSCy Schubert========================== ============== =========================== =========================== 75*7f2fe78bSCy Schubert 76*7f2fe78bSCy SchubertThe default client keytab name (DEFCKTNAME) typically defaults to 77*7f2fe78bSCy Schubert``FILE:/usr/local/var/krb5/user/%{euid}/client.keytab`` for a custom 78*7f2fe78bSCy Schubertbuild. A native build will typically use a path which will vary 79*7f2fe78bSCy Schubertaccording to the operating system's layout of ``/var``. 80