|
version 1.1.1.4, 2013/07/22 10:46:12
|
version 1.1.1.5, 2013/10/14 07:56:34
|
|
Line 16
|
Line 16
|
| .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
| .\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| .\" |
.\" |
| .TH "SUDOERS.LDAP" "8" "April 25, 2013" "Sudo @PACKAGE_VERSION@" "OpenBSD System Manager's Manual" | .TH "SUDOERS.LDAP" "8" "August 30, 2013" "Sudo @PACKAGE_VERSION@" "OpenBSD System Manager's Manual" |
| .nh |
.nh |
| .if n .ad l |
.if n .ad l |
| .SH "NAME" |
.SH "NAME" |
|
Line 513 are honored.
|
Line 513 are honored.
|
| Configuration options are listed below in upper case but are parsed |
Configuration options are listed below in upper case but are parsed |
| in a case-independent manner. |
in a case-independent manner. |
| .PP |
.PP |
| |
The pound sign |
| |
(`#') |
| |
is used to indicate a comment. |
| |
Both the comment character and any text after it, up to the end of |
| |
the line, are ignored. |
| Long lines can be continued with a backslash |
Long lines can be continued with a backslash |
| (`\e') |
(`\e') |
| as the last character on the line. |
as the last character on the line. |
|
Line 822 Netscape-derived:
|
Line 827 Netscape-derived:
|
| \fRtls_key /var/ldap/key3.db\fR |
\fRtls_key /var/ldap/key3.db\fR |
| .TP 6n |
.TP 6n |
| Tivoli Directory Server: |
Tivoli Directory Server: |
| \fRtls_cert /usr/ldap/ldapkey.kdb\fR | \fRtls_key /usr/ldap/ldapkey.kdb\fR |
| .PD 0 |
.PD 0 |
| .PP |
.PP |
| .PD |
.PD |
|
Line 837 The
|
Line 842 The
|
| \fBTLS_KEYPW\fR |
\fBTLS_KEYPW\fR |
| contains the password used to decrypt the key database on clients |
contains the password used to decrypt the key database on clients |
| using the Tivoli Directory Server LDAP library. |
using the Tivoli Directory Server LDAP library. |
| |
This should be a simple string without quotes. |
| |
The password may not include the comment character |
| |
(`#') |
| |
and escaping of special characters with a backslash |
| |
(`\e') |
| |
is not supported. |
| |
If this option is used, |
| |
\fI@ldap_conf@\fR |
| |
must not be world-readable to avoid exposing the password. |
| |
Alternately, a |
| |
\fIstash file\fR |
| |
can be used to store the password in encrypted form (see below). |
| |
.sp |
| If no |
If no |
| \fBTLS_KEYPW\fR |
\fBTLS_KEYPW\fR |
| is specified, a |
is specified, a |
|
Line 856 The default
|
Line 874 The default
|
| \fRldapkey.kdb\fR |
\fRldapkey.kdb\fR |
| that ships with Tivoli Directory Server is encrypted with the password |
that ships with Tivoli Directory Server is encrypted with the password |
| \fRssl_password\fR. |
\fRssl_password\fR. |
| |
The |
| |
\fIgsk8capicmd\fR |
| |
utility can be used to manage the key database and create a |
| |
\fIstash file\fR. |
| This option is only supported by the Tivoli LDAP libraries. |
This option is only supported by the Tivoli LDAP libraries. |
| .PD |
.PD |
| .TP 6n |
.TP 6n |
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to sudoers.ldap.man.in CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / doc