Mercurial > repos > rliterman > csp2

diff CSP2/CSP2_env/env-d9b9114564458d9d-741b3de822f2aaca6c6caa4325c4afce/share/man/man5/k5identity.5 @ 68:5028fdace37b

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
planemo upload commit 2e9511a184a1ca667c7be0c6321a36dc4e3d116d
author jpayne
date Tue, 18 Mar 2025 16:23:26 -0400
parents
children
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/CSP2/CSP2_env/env-d9b9114564458d9d-741b3de822f2aaca6c6caa4325c4afce/share/man/man5/k5identity.5	Tue Mar 18 16:23:26 2025 -0400
@@ -0,0 +1,103 @@
+.\" Man page generated from reStructuredText.
+.
+.TH "K5IDENTITY" "5" " " "1.20.1" "MIT Kerberos"
+.SH NAME
+k5identity \- Kerberos V5 client principal selection rules
+.
+.nr rst2man-indent-level 0
+.
+.de1 rstReportMargin
+\\$1 \\n[an-margin]
+level \\n[rst2man-indent-level]
+level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
+-
+\\n[rst2man-indent0]
+\\n[rst2man-indent1]
+\\n[rst2man-indent2]
+..
+.de1 INDENT
+.\" .rstReportMargin pre:
+. RS \\$1
+. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
+. nr rst2man-indent-level +1
+.\" .rstReportMargin post:
+..
+.de UNINDENT
+. RE
+.\" indent \\n[an-margin]
+.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.nr rst2man-indent-level -1
+.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
+..
+.SH DESCRIPTION
+.sp
+The .k5identity file, which resides in a user\(aqs home directory,
+contains a list of rules for selecting a client principals based on
+the server being accessed.  These rules are used to choose a
+credential cache within the cache collection when possible.
+.sp
+Blank lines and lines beginning with \fB#\fP are ignored.  Each line has
+the form:
+.INDENT 0.0
+.INDENT 3.5
+\fIprincipal\fP \fIfield\fP=\fIvalue\fP ...
+.UNINDENT
+.UNINDENT
+.sp
+If the server principal meets all of the field constraints, then
+principal is chosen as the client principal.  The following fields are
+recognized:
+.INDENT 0.0
+.TP
+\fBrealm\fP
+If the realm of the server principal is known, it is matched
+against \fIvalue\fP, which may be a pattern using shell wildcards.
+For host\-based server principals, the realm will generally only be
+known if there is a domain_realm section in
+krb5.conf(5) with a mapping for the hostname.
+.TP
+\fBservice\fP
+If the server principal is a host\-based principal, its service
+component is matched against \fIvalue\fP, which may be a pattern using
+shell wildcards.
+.TP
+\fBhost\fP
+If the server principal is a host\-based principal, its hostname
+component is converted to lower case and matched against \fIvalue\fP,
+which may be a pattern using shell wildcards.
+.sp
+If the server principal matches the constraints of multiple lines
+in the .k5identity file, the principal from the first matching
+line is used.  If no line matches, credentials will be selected
+some other way, such as the realm heuristic or the current primary
+cache.
+.UNINDENT
+.SH EXAMPLE
+.sp
+The following example .k5identity file selects the client principal
+\fBalice@KRBTEST.COM\fP if the server principal is within that realm,
+the principal \fBalice/root@EXAMPLE.COM\fP if the server host is within
+a servers subdomain, and the principal \fBalice/mail@EXAMPLE.COM\fP when
+accessing the IMAP service on \fBmail.example.com\fP:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+alice@KRBTEST.COM       realm=KRBTEST.COM
+alice/root@EXAMPLE.COM  host=*.servers.example.com
+alice/mail@EXAMPLE.COM  host=mail.example.com service=imap
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SH SEE ALSO
+.sp
+kerberos(1), krb5.conf(5)
+.SH AUTHOR
+MIT
+.SH COPYRIGHT
+1985-2022, MIT
+.\" Generated by docutils manpage writer.
+.