version 1.1.1.4, 2013/07/22 10:46:12
|
version 1.1.1.5, 2013/10/14 07:56:34
|
Line 16
|
Line 16
|
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
.\" |
.\" |
.TH "SUDOERS.LDAP" "8" "April 25, 2013" "Sudo @PACKAGE_VERSION@" "OpenBSD System Manager's Manual" | .TH "SUDOERS.LDAP" "8" "August 30, 2013" "Sudo @PACKAGE_VERSION@" "OpenBSD System Manager's Manual" |
.nh |
.nh |
.if n .ad l |
.if n .ad l |
.SH "NAME" |
.SH "NAME" |
Line 513 are honored.
|
Line 513 are honored.
|
Configuration options are listed below in upper case but are parsed |
Configuration options are listed below in upper case but are parsed |
in a case-independent manner. |
in a case-independent manner. |
.PP |
.PP |
|
The pound sign |
|
(`#') |
|
is used to indicate a comment. |
|
Both the comment character and any text after it, up to the end of |
|
the line, are ignored. |
Long lines can be continued with a backslash |
Long lines can be continued with a backslash |
(`\e') |
(`\e') |
as the last character on the line. |
as the last character on the line. |
Line 822 Netscape-derived:
|
Line 827 Netscape-derived:
|
\fRtls_key /var/ldap/key3.db\fR |
\fRtls_key /var/ldap/key3.db\fR |
.TP 6n |
.TP 6n |
Tivoli Directory Server: |
Tivoli Directory Server: |
\fRtls_cert /usr/ldap/ldapkey.kdb\fR | \fRtls_key /usr/ldap/ldapkey.kdb\fR |
.PD 0 |
.PD 0 |
.PP |
.PP |
.PD |
.PD |
Line 837 The
|
Line 842 The
|
\fBTLS_KEYPW\fR |
\fBTLS_KEYPW\fR |
contains the password used to decrypt the key database on clients |
contains the password used to decrypt the key database on clients |
using the Tivoli Directory Server LDAP library. |
using the Tivoli Directory Server LDAP library. |
|
This should be a simple string without quotes. |
|
The password may not include the comment character |
|
(`#') |
|
and escaping of special characters with a backslash |
|
(`\e') |
|
is not supported. |
|
If this option is used, |
|
\fI@ldap_conf@\fR |
|
must not be world-readable to avoid exposing the password. |
|
Alternately, a |
|
\fIstash file\fR |
|
can be used to store the password in encrypted form (see below). |
|
.sp |
If no |
If no |
\fBTLS_KEYPW\fR |
\fBTLS_KEYPW\fR |
is specified, a |
is specified, a |
Line 856 The default
|
Line 874 The default
|
\fRldapkey.kdb\fR |
\fRldapkey.kdb\fR |
that ships with Tivoli Directory Server is encrypted with the password |
that ships with Tivoli Directory Server is encrypted with the password |
\fRssl_password\fR. |
\fRssl_password\fR. |
|
The |
|
\fIgsk8capicmd\fR |
|
utility can be used to manage the key database and create a |
|
\fIstash file\fR. |
This option is only supported by the Tivoli LDAP libraries. |
This option is only supported by the Tivoli LDAP libraries. |
.PD |
.PD |
.TP 6n |
.TP 6n |