Layer: contrib

Module: kerberos

Tunables Interfaces Templates

Description:

MIT Kerberos admin and KDC.


Tunables:

allow_kerberos
Default value

false

Description

Determine whether kerberos is supported.

Return

Interfaces:

kerberos_admin( domain , role )
Summary

All of the rules required to administrate an kerberos environment.

Parameters
Parameter:Description:
domain

Domain allowed access.

role

Role allowed access.

kerberos_connect_524( domain )
Summary

Connect to krb524 service.

Parameters
Parameter:Description:
domain

Domain allowed access.

kerberos_domtrans_kpropd( domain )
Summary

Execute a domain transition to run kpropd.

Parameters
Parameter:Description:
domain

Domain allowed to transition.

kerberos_dontaudit_write_config( domain )
Summary

Do not audit attempts to write kerberos configuration files.

Parameters
Parameter:Description:
domain

Domain to not audit.

kerberos_etc_filetrans_keytab( domain , object_class , name )
Summary

Create specified objects in generic etc directories with the kerberos keytab file type.

Parameters
Parameter:Description:
domain

Domain allowed access.

object_class

Class of the object being created.

name

The name of the object being created.

kerberos_exec_kadmind( domain )
Summary

Execute kadmind in the caller domain.

Parameters
Parameter:Description:
domain

Domain allowed access.

kerberos_home_filetrans_krb5_home( domain , object_class , name )
Summary

Create objects in user home directories with the krb5 home type.

Parameters
Parameter:Description:
domain

Domain allowed access.

object_class

Class of the object being created.

name

The name of the object being created.

kerberos_manage_host_rcache( domain )
Summary

Create, read, write, and delete kerberos host rcache files.

Parameters
Parameter:Description:
domain

Domain allowed access.

kerberos_manage_keytab_files( domain )
Summary

Create, read, write, and delete kerberos key table files.

Parameters
Parameter:Description:
domain

Domain allowed access.

kerberos_manage_krb5_home_files( domain )
Summary

Create, read, write, and delete kerberos home files.

Parameters
Parameter:Description:
domain

Domain allowed access.

kerberos_read_config( domain )
Summary

Read kerberos configuration files.

Parameters
Parameter:Description:
domain

Domain allowed access.

kerberos_read_kdc_config( domain )
Summary

Read kerberos kdc configuration files.

Parameters
Parameter:Description:
domain

Domain allowed access.

kerberos_read_keytab( domain )
Summary

Read kerberos key table files.

Parameters
Parameter:Description:
domain

Domain allowed access.

kerberos_relabel_krb5_home_files( domain )
Summary

Relabel kerberos home files.

Parameters
Parameter:Description:
domain

Domain allowed access.

kerberos_rw_config( domain )
Summary

Read and write kerberos configuration files.

Parameters
Parameter:Description:
domain

Domain allowed access.

kerberos_rw_keytab( domain )
Summary

Read and write kerberos key table files.

Parameters
Parameter:Description:
domain

Domain allowed access.

kerberos_tmp_filetrans_host_rcache( domain , object_class , name )
Summary

Create objects in generic temporary directories with the kerberos host rcache type.

Parameters
Parameter:Description:
domain

Domain allowed to transition.

object_class

Class of the object being created.

name

The name of the object being created.

kerberos_use( domain )
Summary

Support kerberos services.

Parameters
Parameter:Description:
domain

Domain allowed access.

Return

Templates:

kerberos_keytab_template( prefix , domain )
Summary

Create a derived type for kerberos keytab files.

Parameters
Parameter:Description:
prefix

The prefix to be used for deriving type names.

domain

Domain allowed access.

kerberos_role( role , domain )
Summary

Role access for kerberos.

Parameters
Parameter:Description:
role

Role allowed access.

domain

User domain for the role.

Return