Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

reformatted model with config-model-edit

--HG--
extra : convert_revision : svn%3Aec020cd8-820c-41dc-a724-4838206f7038/trunk%401109
  • Loading branch information...
commit 3aa52d222a1e64254a10b0fc6d9f76cd5c7a789e 1 parent 23d1bb9
Dominique Dumont authored
Showing with 897 additions and 1,407 deletions.
  1. +99 −126 lib/Config/Model/models/Krb5.pl
  2. +28 −52 lib/Config/Model/models/Krb5/AppDefaults.pl
  3. +21 −47 lib/Config/Model/models/Krb5/AppDefaults/Option.pl
  4. +17 −42 lib/Config/Model/models/Krb5/AppDefaults/SecondLevelSubSection.pl
  5. +28 −52 lib/Config/Model/models/Krb5/AppDefaults/SubSection.pl
  6. +18 −43 lib/Config/Model/models/Krb5/CAPaths.pl
  7. +17 −43 lib/Config/Model/models/Krb5/CAPaths/Realm.pl
  8. +19 −43 lib/Config/Model/models/Krb5/CAPaths/Realm/Path.pl
  9. +57 −81 lib/Config/Model/models/Krb5/DBDefaults.pl
  10. +18 −43 lib/Config/Model/models/Krb5/DBModules.pl
  11. +56 −80 lib/Config/Model/models/Krb5/DBModules/ConfigSection.pl
  12. +17 −45 lib/Config/Model/models/Krb5/DomainRealm.pl
  13. +190 −217 lib/Config/Model/models/Krb5/LibDefaults.pl
  14. +37 −63 lib/Config/Model/models/Krb5/Logging.pl
  15. +58 −60 lib/Config/Model/models/Krb5/Logging/LoggingConfig.pl
  16. +5 −32 lib/Config/Model/models/Krb5/Logging/LoggingConfig/Console.pl
  17. +13 −39 lib/Config/Model/models/Krb5/Logging/LoggingConfig/Device.pl
  18. +19 −45 lib/Config/Model/models/Krb5/Logging/LoggingConfig/File.pl
  19. +5 −32 lib/Config/Model/models/Krb5/Logging/LoggingConfig/StdErr.pl
  20. +52 −51 lib/Config/Model/models/Krb5/Logging/LoggingConfig/Syslog.pl
  21. +49 −77 lib/Config/Model/models/Krb5/Login.pl
  22. +74 −94 lib/Config/Model/models/Krb5/Realms.pl
225 lib/Config/Model/models/Krb5.pl
View
@@ -1,127 +1,100 @@
-# $Author:$
-# $Date: $
-# $Name: $
-# $Revision: $
-
-# Copyright (c) 2008 Peter Knowles
-#
-# This file is part of Config::Model::Krb5.
-#
-# Config::Model::Krb5 is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# Config::Model::Krb5 is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser Public License for more details.
-#
-# You should have received a copy of the GNU Lesser Public License
-# along with Config-Model; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-
-# This model was created from krb5.conf(5) man page.
-
-# Top level class feature krb5.conf sections
-
[
- {
- name => "Krb5",
-
- read_config => [ { class => 'Config::Model::Krb5', function => 'krb5_read', syntax => 'custom' } ],
-
- # config file location is now inherited from a model generated at build time
- #inherit => 'Krb5::ConfigDir',
-
- write_config => [ { class => 'Config::Model::Krb5', function => 'krb5_write', syntax => 'custom' } ],
-
- 'read_config_dir' => '/etc',
- 'write_config_dir' => '/etc',
-
- 'element' => [
- 'libdefaults',
- {
- type => 'node',
- config_class_name => 'Krb5::LibDefaults',
- description => 'Contains various default values used by the Kerberos V5 library.',
- },
-
- 'login',
- {
- type => 'node',
- config_class_name => 'Krb5::Login',
- description => 'Contains default values used by the Kerberos V5 login program, login.krb5(8).',
- 'experience' => 'advanced',
- },
- 'appdefaults' => {
- type => 'node',
- config_class_name => 'Krb5::AppDefaults',
- 'experience' => 'advanced',
- },
-
- 'realms' => {
- 'cargo' => {
- type => 'node',
- config_class_name => 'Krb5::Realms',
- },
- 'experience' => 'beginner',
- 'type' => 'hash',
- 'index_type' => 'string',
- 'description' => 'Contains subsections keyed by Kerberos realm names which describe where to find the Kerberos servers for a particular realm, and other realm-specific information.',
- },
-
- 'domain_realm',
- {
- 'cargo' => {
- 'type' => 'leaf',
- 'value_type' => 'uniline',
- },
- 'experience' => 'beginner',
- 'type' => 'hash',
- 'index_type' => 'string',
- 'description' => 'A mapping between a hostname or a domain name (where domain names are indicated by a prefix of a period (' . ') character) and a Kerberos realm.',
- },
-
- 'logging' => {
- type => 'node',
- config_class_name => 'Krb5::Logging',
- 'description' => 'Contains relations which determine how Kerberos entities are to perform their logging.',
- 'experience' => 'advanced',
- },
-
- 'capaths' => {
- 'cargo' => {
- 'type' => 'node',
- 'config_class_name' => 'Krb5::CAPaths::Realm'
- },
- 'experience' => 'advanced',
- 'type' => 'hash',
- 'index_type' => 'string',
- 'description' => 'Realm participating in cross-realm authentication.'
- },
-
- 'dbdefaults',
- {
- type => 'node',
- config_class_name => 'Krb5::DBDefaults',
- description => 'Contains default values for database specific parameters.',
- 'experience' => 'advanced',
- },
- 'dbmodules' => {
- 'experience' => 'advanced',
- 'cargo' => {
- 'type' => 'node',
- 'config_class_name' => 'Krb5::DBModules::ConfigSection'
- },
- 'experience' => 'advanced',
- 'type' => 'hash',
- 'index_type' => 'string',
- 'description' => 'Configuration section for database specific parameters that can be referred to by a realm.'
- },
-
- ],
-
- },
-];
-
+ {
+ 'class_description' => 'Copyright (c) 2008 Peter Knowles\\nReleased under LGPLv2+',
+ 'read_config' => [
+ {
+ 'function' => 'krb5_read',
+ 'backend' => 'custom',
+ 'class' => 'Config::Model::Krb5',
+ 'config_dir' => '/etc'
+ }
+ ],
+ 'name' => 'Krb5',
+ 'write_config' => [
+ {
+ 'function' => 'krb5_write',
+ 'backend' => 'custom',
+ 'class' => 'Config::Model::Krb5',
+ 'config_dir' => '/etc'
+ }
+ ],
+ 'element' => [
+ 'libdefaults',
+ {
+ 'type' => 'node',
+ 'description' => 'Contains various default values used by the Kerberos V5 library.',
+ 'config_class_name' => 'Krb5::LibDefaults'
+ },
+ 'login',
+ {
+ 'experience' => 'advanced',
+ 'type' => 'node',
+ 'description' => 'Contains default values used by the Kerberos V5 login program, login.krb5(8).',
+ 'config_class_name' => 'Krb5::Login'
+ },
+ 'appdefaults',
+ {
+ 'experience' => 'advanced',
+ 'type' => 'node',
+ 'config_class_name' => 'Krb5::AppDefaults'
+ },
+ 'realms',
+ {
+ 'cargo' => {
+ 'type' => 'node',
+ 'config_class_name' => 'Krb5::Realms'
+ },
+ 'type' => 'hash',
+ 'description' => 'Contains subsections keyed by Kerberos realm names which describe where to find the Kerberos servers for a particular realm, and other realm-specific information.',
+ 'index_type' => 'string'
+ },
+ 'domain_realm',
+ {
+ 'cargo' => {
+ 'value_type' => 'uniline',
+ 'type' => 'leaf'
+ },
+ 'type' => 'hash',
+ 'description' => 'A mapping between a hostname or a domain name (where domain names are indicated by a prefix of a period () character) and a Kerberos realm.',
+ 'index_type' => 'string'
+ },
+ 'logging',
+ {
+ 'experience' => 'advanced',
+ 'type' => 'node',
+ 'description' => 'Contains relations which determine how Kerberos entities are to perform their logging.',
+ 'config_class_name' => 'Krb5::Logging'
+ },
+ 'capaths',
+ {
+ 'cargo' => {
+ 'type' => 'node',
+ 'config_class_name' => 'Krb5::CAPaths::Realm'
+ },
+ 'experience' => 'advanced',
+ 'type' => 'hash',
+ 'description' => 'Realm participating in cross-realm authentication.',
+ 'index_type' => 'string'
+ },
+ 'dbdefaults',
+ {
+ 'experience' => 'advanced',
+ 'type' => 'node',
+ 'description' => 'Contains default values for database specific parameters.',
+ 'config_class_name' => 'Krb5::DBDefaults'
+ },
+ 'dbmodules',
+ {
+ 'cargo' => {
+ 'type' => 'node',
+ 'config_class_name' => 'Krb5::DBModules::ConfigSection'
+ },
+ 'experience' => 'advanced',
+ 'type' => 'hash',
+ 'description' => 'Configuration section for database specific parameters that can be referred to by a realm.',
+ 'index_type' => 'string'
+ }
+ ]
+ }
+ ]
+;
80 lib/Config/Model/models/Krb5/AppDefaults.pl
View
@@ -1,53 +1,29 @@
-# $Author:$
-# $Date: $
-# $Name: $
-# $Revision: $
-
-# Copyright (c) 2008 Peter Knowles
-#
-# This file is part of Config::Model::Krb5.
-#
-# Config::Model::Krb5 is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# Config::Model::Krb5 is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser Public License for more details.
-#
-# You should have received a copy of the GNU Lesser Public License
-# along with Config-Model; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-
-# This model was created from krb5.conf(5) man page.
-
[
- [
- name => "Krb5::AppDefaults",
-
- 'element' => [
- 'subsection' => {
- 'cargo' => {
- 'type' => 'node',
- 'config_class_name' => 'Krb5::AppDefaults::SubSection'
- },
- 'experience' => 'advanced',
- 'type' => 'hash',
- 'index_type' => 'string',
- 'description' => 'Kerberos V5 application or realm.',
- },
- 'option' => {
- 'cargo' => {
- 'type' => 'node',
- 'config_class_name' => 'Krb5::AppDefaults::Option'
- },
- 'experience' => 'advanced',
- 'type' => 'list',
- 'description' => 'Option that is used by some Kerberos V5 application[s].',
- },
- ],
- ],
-];
-
+ {
+ 'name' => 'Krb5::AppDefaults',
+ 'element' => [
+ 'subsection',
+ {
+ 'cargo' => {
+ 'type' => 'node',
+ 'config_class_name' => 'Krb5::AppDefaults::SubSection'
+ },
+ 'experience' => 'advanced',
+ 'type' => 'hash',
+ 'description' => 'Kerberos V5 application or realm.',
+ 'index_type' => 'string'
+ },
+ 'option',
+ {
+ 'cargo' => {
+ 'type' => 'node',
+ 'config_class_name' => 'Krb5::AppDefaults::Option'
+ },
+ 'experience' => 'advanced',
+ 'type' => 'list',
+ 'description' => 'Option that is used by some Kerberos V5 application[s].'
+ }
+ ]
+ }
+ ]
+;
68 lib/Config/Model/models/Krb5/AppDefaults/Option.pl
View
@@ -1,48 +1,22 @@
-# $Author:$
-# $Date: $
-# $Name: $
-# $Revision: $
-
-# Copyright (c) 2008 Peter Knowles
-#
-# This file is part of Config::Model::Krb5.
-#
-# Config::Model::Krb5 is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# Config::Model::Krb5 is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser Public License for more details.
-#
-# You should have received a copy of the GNU Lesser Public License
-# along with Config-Model; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-
-# This model was created from krb5.conf(5) man page.
-
[
- [
- name => "Krb5::AppDefaults::Option",
-
- 'element' => [
- 'name' => {
- type => 'leaf',
- value_type => 'uniline',
- description => 'Tagname of option.',
- 'experience' => 'advanced',
- },
-
- 'value' => {
- type => 'leaf',
- value_type => 'uniline',
- description => 'Value of option.',
- 'experience' => 'advanced',
- },
-
- ],
- ],
-];
-
+ {
+ 'name' => 'Krb5::AppDefaults::Option',
+ 'element' => [
+ 'name',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'Tagname of option.'
+ },
+ 'value',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'Value of option.'
+ }
+ ]
+ }
+ ]
+;
59 lib/Config/Model/models/Krb5/AppDefaults/SecondLevelSubSection.pl
View
@@ -1,43 +1,18 @@
-# $Author:$
-# $Date: $
-# $Name: $
-# $Revision: $
-
-# Copyright (c) 2008 Peter Knowles
-#
-# This file is part of Config::Model::Krb5.
-#
-# Config::Model::Krb5 is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# Config::Model::Krb5 is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser Public License for more details.
-#
-# You should have received a copy of the GNU Lesser Public License
-# along with Config-Model; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-
-# This model was created from krb5.conf(5) man page.
-
[
- [
- name => "Krb5::AppDefaults::SecondLevelSubSection",
-
- 'element' => [
- 'option' => {
- 'cargo' => {
- 'type' => 'node',
- 'config_class_name' => 'Krb5::AppDefaults::Option'
- },
- 'experience' => 'advanced',
- 'type' => 'list',
- 'description' => 'Option that is used by some Kerberos V5 application[s].',
- },
- ],
- ],
-];
-
+ {
+ 'name' => 'Krb5::AppDefaults::SecondLevelSubSection',
+ 'element' => [
+ 'option',
+ {
+ 'cargo' => {
+ 'type' => 'node',
+ 'config_class_name' => 'Krb5::AppDefaults::Option'
+ },
+ 'experience' => 'advanced',
+ 'type' => 'list',
+ 'description' => 'Option that is used by some Kerberos V5 application[s].'
+ }
+ ]
+ }
+ ]
+;
80 lib/Config/Model/models/Krb5/AppDefaults/SubSection.pl
View
@@ -1,53 +1,29 @@
-# $Author:$
-# $Date: $
-# $Name: $
-# $Revision: $
-
-# Copyright (c) 2008 Peter Knowles
-#
-# This file is part of Config::Model::Krb5.
-#
-# Config::Model::Krb5 is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# Config::Model::Krb5 is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser Public License for more details.
-#
-# You should have received a copy of the GNU Lesser Public License
-# along with Config-Model; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-
-# This model was created from krb5.conf(5) man page.
-
[
- [
- name => "Krb5::AppDefaults::SubSection",
-
- 'element' => [
- 'subsection' => {
- 'cargo' => {
- 'type' => 'node',
- 'config_class_name' => 'Krb5::AppDefaults::SecondLevelSubSection'
- },
- 'experience' => 'advanced',
- 'type' => 'hash',
- 'index_type' => 'string',
- 'description' => 'Kerberos V5 application or realm.',
- },
- 'option' => {
- 'cargo' => {
- 'type' => 'node',
- 'config_class_name' => 'Krb5::AppDefaults::Option'
- },
- 'experience' => 'advanced',
- 'type' => 'list',
- 'description' => 'Option that is used by some Kerberos V5 application[s].',
- },
- ],
- ],
-];
-
+ {
+ 'name' => 'Krb5::AppDefaults::SubSection',
+ 'element' => [
+ 'subsection',
+ {
+ 'cargo' => {
+ 'type' => 'node',
+ 'config_class_name' => 'Krb5::AppDefaults::SecondLevelSubSection'
+ },
+ 'experience' => 'advanced',
+ 'type' => 'hash',
+ 'description' => 'Kerberos V5 application or realm.',
+ 'index_type' => 'string'
+ },
+ 'option',
+ {
+ 'cargo' => {
+ 'type' => 'node',
+ 'config_class_name' => 'Krb5::AppDefaults::Option'
+ },
+ 'experience' => 'advanced',
+ 'type' => 'list',
+ 'description' => 'Option that is used by some Kerberos V5 application[s].'
+ }
+ ]
+ }
+ ]
+;
61 lib/Config/Model/models/Krb5/CAPaths.pl
View
@@ -1,44 +1,19 @@
-# $Author:$
-# $Date: $
-# $Name: $
-# $Revision: $
-
-# Copyright (c) 2008 Peter Knowles
-#
-# This file is part of Config::Model::Krb5.
-#
-# Config::Model::Krb5 is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# Config::Model::Krb5 is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser Public License for more details.
-#
-# You should have received a copy of the GNU Lesser Public License
-# along with Config-Model; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-
-# This model was created from krb5.conf(5) man page.
-
[
- [
- name => "Krb5::CAPaths",
-
- 'element' => [
- 'realms' => {
- 'cargo' => {
- 'type' => 'node',
- 'config_class_name' => 'Krb5::CAPaths::Realm'
- },
- 'experience' => 'advanced',
- 'type' => 'hash',
- 'index_type' => 'string',
- 'description' => 'Realm participating in cross-realm authentication.'
- },
- ],
- ],
-];
-
+ {
+ 'name' => 'Krb5::CAPaths',
+ 'element' => [
+ 'realms',
+ {
+ 'cargo' => {
+ 'type' => 'node',
+ 'config_class_name' => 'Krb5::CAPaths::Realm'
+ },
+ 'experience' => 'advanced',
+ 'type' => 'hash',
+ 'description' => 'Realm participating in cross-realm authentication.',
+ 'index_type' => 'string'
+ }
+ ]
+ }
+ ]
+;
60 lib/Config/Model/models/Krb5/CAPaths/Realm.pl
View
@@ -1,44 +1,18 @@
-# $Author:$
-# $Date: $
-# $Name: $
-# $Revision: $
-
-# Copyright (c) 2008 Peter Knowles
-#
-# This file is part of Config::Model::Krb5.
-#
-# Config::Model::Krb5 is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# Config::Model::Krb5 is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser Public License for more details.
-#
-# You should have received a copy of the GNU Lesser Public License
-# along with Config-Model; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-
-# This model was created from krb5.conf(5) man page.
-
[
- [
- name => "Krb5::CAPaths::Realm",
-
- 'element' => [
- 'paths' => {
- 'cargo' => {
- 'type' => 'node',
- 'config_class_name' => 'Krb5::CAPaths::Realm::Path'
- },
- 'experience' => 'advanced',
- 'type' => 'list',
- 'description' => 'Intermediate realm which may participate in the cross-realm authentication.'
- },
-
- ],
- ],
-];
-
+ {
+ 'name' => 'Krb5::CAPaths::Realm',
+ 'element' => [
+ 'paths',
+ {
+ 'cargo' => {
+ 'type' => 'node',
+ 'config_class_name' => 'Krb5::CAPaths::Realm::Path'
+ },
+ 'experience' => 'advanced',
+ 'type' => 'list',
+ 'description' => 'Intermediate realm which may participate in the cross-realm authentication.'
+ }
+ ]
+ }
+ ]
+;
62 lib/Config/Model/models/Krb5/CAPaths/Realm/Path.pl
View
@@ -1,44 +1,20 @@
-# $Author:$
-# $Date: $
-# $Name: $
-# $Revision: $
-
-# Copyright (c) 2008 Peter Knowles
-#
-# This file is part of Config::Model::Krb5.
-#
-# Config::Model::Krb5 is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# Config::Model::Krb5 is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser Public License for more details.
-#
-# You should have received a copy of the GNU Lesser Public License
-# along with Config-Model; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-
-# This model was created from krb5.conf(5) man page.
-
[
- [
- name => "Krb5::CAPaths::Realm::Path",
-
- 'element' => [
- 'realm' => {
- 'type' => 'leaf',
- 'value_type' => 'uniline',
- 'description' => 'Realm name.',
- },
- 'intermediate' => {
- 'type' => 'leaf',
- 'value_type' => 'uniline',
- 'description' => 'Intermediate realm which may participate in the cross-realm authentication.',
- },
- ],
- ],
-];
-
+ {
+ 'name' => 'Krb5::CAPaths::Realm::Path',
+ 'element' => [
+ 'realm',
+ {
+ 'value_type' => 'uniline',
+ 'type' => 'leaf',
+ 'description' => 'Realm name.'
+ },
+ 'intermediate',
+ {
+ 'value_type' => 'uniline',
+ 'type' => 'leaf',
+ 'description' => 'Intermediate realm which may participate in the cross-realm authentication.'
+ }
+ ]
+ }
+ ]
+;
138 lib/Config/Model/models/Krb5/DBDefaults.pl
View
@@ -1,82 +1,58 @@
-# $Author:$
-# $Date: $
-# $Name: $
-# $Revision: $
-
-# Copyright (c) 2008 Peter Knowles
-#
-# This file is part of Config::Model::Krb5.
-#
-# Config::Model::Krb5 is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# Config::Model::Krb5 is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser Public License for more details.
-#
-# You should have received a copy of the GNU Lesser Public License
-# along with Config-Model; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-
-# This model was created from krb5.conf(5) man page.
-
[
- [
- name => "Krb5::DBDefaults",
-
- 'element' => [
- 'database_module' => {
- type => 'leaf',
- value_type => 'uniline',
- description => 'This relation indicates the name of the configuration section under dbmodules for database specific parameters used by the loadable database library.',
- 'experience' => 'advanced',
- },
-
- 'ldap_kerberos_container_dn' => {
- type => 'leaf',
- value_type => 'uniline',
- description => 'This LDAP specific tag indicates the DN of the container object where the realm objects will be located. This value is used if no object DN is mentioned in the configuration section under dbmodules.',
- 'experience' => 'advanced',
- },
-
- 'ldap_kdc_dn' => {
- type => 'leaf',
- value_type => 'uniline',
- description => 'This LDAP specific tag indicates the default bind DN for the KDC server. The KDC server does a login to the directory as this object. This value is used if no object DN is mentioned in the configuration section under dbmodules.',
- 'experience' => 'advanced',
- },
- 'ldap_kadmind_dn' => {
- type => 'leaf',
- value_type => 'uniline',
- description => 'This LDAP specific tag indicates the default bind DN for the Administration server. The Administration server does a login to the directory as this object. This value is used if no object DN is mentioned in the configuration section under dbmodules.',
- 'experience' => 'advanced',
- },
-
- 'ldap_service_password_file' => {
- type => 'leaf',
- value_type => 'uniline',
- description => 'This LDAP specific tag indicates the file containing the stashed passwords for the objects used for starting the Kerberos servers. This value is used if no service password file is mentioned in the configuration section under dbmodules.',
- 'experience' => 'advanced',
- },
-
- 'ldap_servers' => {
- type => 'leaf',
- value_type => 'uniline',
- description => 'This LDAP specific tag indicates the list of LDAP servers. The list of LDAP servers is whitespace-separated. The LDAP server is specified by a LDAP URI. This value is used if no LDAP servers are mentioned in the configuration section under dbmodules.',
- 'experience' => 'advanced',
- },
- 'ldap_conns_per_server' => {
- type => 'leaf',
- value_type => 'integer',
- default => '5',
- description => 'This LDAP specific tag indicates the number of connections to be maintained per LDAP server. This value is used if the number of connections per LDAP server are not mentioned in the configuration section under dbmodules. The default value is 5.',
- 'experience' => 'advanced',
- },
-
- ],
- ],
-];
-
+ {
+ 'name' => 'Krb5::DBDefaults',
+ 'element' => [
+ 'database_module',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'This relation indicates the name of the configuration section under dbmodules for database specific parameters used by the loadable database library.'
+ },
+ 'ldap_kerberos_container_dn',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'This LDAP specific tag indicates the DN of the container object where the realm objects will be located. This value is used if no object DN is mentioned in the configuration section under dbmodules.'
+ },
+ 'ldap_kdc_dn',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'This LDAP specific tag indicates the default bind DN for the KDC server. The KDC server does a login to the directory as this object. This value is used if no object DN is mentioned in the configuration section under dbmodules.'
+ },
+ 'ldap_kadmind_dn',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'This LDAP specific tag indicates the default bind DN for the Administration server. The Administration server does a login to the directory as this object. This value is used if no object DN is mentioned in the configuration section under dbmodules.'
+ },
+ 'ldap_service_password_file',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'This LDAP specific tag indicates the file containing the stashed passwords for the objects used for starting the Kerberos servers. This value is used if no service password file is mentioned in the configuration section under dbmodules.'
+ },
+ 'ldap_servers',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'This LDAP specific tag indicates the list of LDAP servers. The list of LDAP servers is whitespace-separated. The LDAP server is specified by a LDAP URI. This value is used if no LDAP servers are mentioned in the configuration section under dbmodules.'
+ },
+ 'ldap_conns_per_server',
+ {
+ 'value_type' => 'integer',
+ 'experience' => 'advanced',
+ 'default' => '5',
+ 'type' => 'leaf',
+ 'description' => 'This LDAP specific tag indicates the number of connections to be maintained per LDAP server. This value is used if the number of connections per LDAP server are not mentioned in the configuration section under dbmodules. The default value is 5.'
+ }
+ ]
+ }
+ ]
+;
61 lib/Config/Model/models/Krb5/DBModules.pl
View
@@ -1,44 +1,19 @@
-# $Author:$
-# $Date: $
-# $Name: $
-# $Revision: $
-
-# Copyright (c) 2008 Peter Knowles
-#
-# This file is part of Config::Model::Krb5.
-#
-# Config::Model::Krb5 is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# Config::Model::Krb5 is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser Public License for more details.
-#
-# You should have received a copy of the GNU Lesser Public License
-# along with Config-Model; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-
-# This model was created from krb5.conf(5) man page.
-
[
- [
- name => "Krb5::DBModules",
-
- 'element' => [
- 'configurations' => {
- 'cargo' => {
- 'type' => 'node',
- 'config_class_name' => 'Krb5::DBModules::ConfigSection'
- },
- 'experience' => 'advanced',
- 'type' => 'hash',
- 'index_type' => 'string',
- 'description' => 'Configuration section for database specific parameters that can be referred to by a realm.'
- },
- ],
- ],
-];
-
+ {
+ 'name' => 'Krb5::DBModules',
+ 'element' => [
+ 'configurations',
+ {
+ 'cargo' => {
+ 'type' => 'node',
+ 'config_class_name' => 'Krb5::DBModules::ConfigSection'
+ },
+ 'experience' => 'advanced',
+ 'type' => 'hash',
+ 'description' => 'Configuration section for database specific parameters that can be referred to by a realm.',
+ 'index_type' => 'string'
+ }
+ ]
+ }
+ ]
+;
136 lib/Config/Model/models/Krb5/DBModules/ConfigSection.pl
View
@@ -1,81 +1,57 @@
-# $Author:$
-# $Date: $
-# $Name: $
-# $Revision: $
-
-# Copyright (c) 2008 Peter Knowles
-#
-# This file is part of Config::Model::Krb5.
-#
-# Config::Model::Krb5 is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# Config::Model::Krb5 is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser Public License for more details.
-#
-# You should have received a copy of the GNU Lesser Public License
-# along with Config-Model; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-
-# This model was created from krb5.conf(5) man page.
-
[
- [
- name => "Krb5::DBModules::ConfigSection",
-
- 'element' => [
- 'db_library' => {
- type => 'leaf',
- value_type => 'uniline',
- description => 'This tag indicates the name of the loadable database library. The value should be db2 for db2 database and kldap for LDAP database.',
- 'experience' => 'advanced',
- },
-
- 'ldap_kerberos_container_dn' => {
- type => 'leaf',
- value_type => 'uniline',
- description => 'This LDAP specific tag indicates the DN of the container object where the realm objects will be located.',
- 'experience' => 'advanced',
- },
-
- 'ldap_kdc_dn' => {
- type => 'leaf',
- value_type => 'uniline',
- description => 'This LDAP specific tag indicates the bind DN for the KDC server. The KDC does a login to the directory as this object.',
- 'experience' => 'advanced',
- },
- 'ldap_kadmind_dn' => {
- type => 'leaf',
- value_type => 'uniline',
- description => 'This LDAP specific tag indicates the bind DN for the Administration server. The Administration server does a login to the directory as this object.',
- 'experience' => 'advanced',
- },
-
- 'ldap_service_password_file' => {
- type => 'leaf',
- value_type => 'uniline',
- description => 'This LDAP specific tag indicates the file containing the stashed passwords for the objects used for starting the Kerberos servers.',
- 'experience' => 'advanced',
- },
-
- 'ldap_servers' => {
- type => 'leaf',
- value_type => 'uniline',
- description => 'This LDAP specific tag indicates the list of LDAP servers. The list of LDAP servers is whitespace-separated. The LDAP server is specified by a LDAP URI.',
- 'experience' => 'advanced',
- },
- 'ldap_conns_per_server' => {
- type => 'leaf',
- value_type => 'integer',
- description => 'This LDAP specific tag indicates the number of connections to be maintained per LDAP server.',
- 'experience' => 'advanced',
- },
-
- ],
- ],
-];
-
+ {
+ 'name' => 'Krb5::DBModules::ConfigSection',
+ 'element' => [
+ 'db_library',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'This tag indicates the name of the loadable database library. The value should be db2 for db2 database and kldap for LDAP database.'
+ },
+ 'ldap_kerberos_container_dn',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'This LDAP specific tag indicates the DN of the container object where the realm objects will be located.'
+ },
+ 'ldap_kdc_dn',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'This LDAP specific tag indicates the bind DN for the KDC server. The KDC does a login to the directory as this object.'
+ },
+ 'ldap_kadmind_dn',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'This LDAP specific tag indicates the bind DN for the Administration server. The Administration server does a login to the directory as this object.'
+ },
+ 'ldap_service_password_file',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'This LDAP specific tag indicates the file containing the stashed passwords for the objects used for starting the Kerberos servers.'
+ },
+ 'ldap_servers',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'This LDAP specific tag indicates the list of LDAP servers. The list of LDAP servers is whitespace-separated. The LDAP server is specified by a LDAP URI.'
+ },
+ 'ldap_conns_per_server',
+ {
+ 'value_type' => 'integer',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'This LDAP specific tag indicates the number of connections to be maintained per LDAP server.'
+ }
+ ]
+ }
+ ]
+;
62 lib/Config/Model/models/Krb5/DomainRealm.pl
View
@@ -1,46 +1,18 @@
-# $Author:$
-# $Date: $
-# $Name: $
-# $Revision: $
-
-# Copyright (c) 2008 Peter Knowles
-#
-# This file is part of Config::Model::Krb5.
-#
-# Config::Model::Krb5 is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# Config::Model::Krb5 is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser Public License for more details.
-#
-# You should have received a copy of the GNU Lesser Public License
-# along with Config-Model; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-
-# This model was created from krb5.conf(5) man page.
-
-# Top level class feature krb5.conf sections
-
[
- [
- name => "Krb5::DomainRealm",
-
- 'element' => [
- 'domains' => {
- 'cargo' => {
- 'type' => 'leaf',
- 'value_type' => 'uniline',
- },
- 'experience' => 'beginner',
- 'type' => 'hash',
- 'index_type' => 'string',
- 'description' => 'A mapping between a hostname or a domain name (where domain names are indicated by a prefix of a period (' . ') character) and a Kerberos realm.',
- },
- ],
- ],
-];
-
+ {
+ 'name' => 'Krb5::DomainRealm',
+ 'element' => [
+ 'domains',
+ {
+ 'cargo' => {
+ 'value_type' => 'uniline',
+ 'type' => 'leaf'
+ },
+ 'type' => 'hash',
+ 'description' => 'A mapping between a hostname or a domain name (where domain names are indicated by a prefix of a period () character) and a Kerberos realm.',
+ 'index_type' => 'string'
+ }
+ ]
+ }
+ ]
+;
407 lib/Config/Model/models/Krb5/LibDefaults.pl
View
@@ -1,218 +1,191 @@
-# $Author:$
-# $Date: $
-# $Name: $
-# $Revision: $
-
-# Copyright (c) 2008 Peter Knowles
-#
-# This file is part of Config::Model::Krb5.
-#
-# Config::Model::Krb5 is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# Config::Model::Krb5 is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser Public License for more details.
-#
-# You should have received a copy of the GNU Lesser Public License
-# along with Config-Model; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-
-# This model was created from krb5.conf(5) man page.
-
[
- [
- name => "Krb5::LibDefaults",
-
- 'element' => [
- 'default_keytab_name' => {
- type => 'leaf',
- value_type => 'uniline',
- 'experience' => 'advanced',
- 'description' => 'This relation specifies the default keytab name to be used by application severs such as telnetd and rlogind. The default is "/etc/krb5.keytab". This formerly defaulted to "/etc/v5srvtab", but was changed to the current value.',
- },
-
- 'default_realm' => {
- type => 'leaf',
- value_type => 'uniline',
- 'experience' => 'beginner',
- 'description' => 'This relation identifies the default realm to be used in a client host\'s Kerberos activity.',
- },
-
- 'default_tgs_enctypes' => {
- type => 'leaf',
- value_type => 'uniline',
- 'experience' => 'advanced',
- 'description' => 'This relation identifies the supported list of session key encryption types that should be returned by the KDC. The list may be delimited with commas or whitespace.',
- },
-
- 'default_tkt_enctypes' => {
- type => 'leaf',
- value_type => 'uniline',
- 'experience' => 'advanced',
- 'description' => 'This relation identifies the supported list of session key encryption types that should be requested by the client, in the same format.',
- },
-
- 'permitted_enctypes' => {
- type => 'leaf',
- value_type => 'uniline',
- 'experience' => 'advanced',
- 'description' => 'This relation identifies the permitted list of session key encryption types.',
- },
-
- 'clockskew' => {
- type => 'leaf',
- value_type => 'integer',
- min => '0',
- default => '300',
- 'experience' => 'advanced',
- 'description' => 'This relation sets the maximum allowable amount of clockskew in seconds that the library will tolerate before assuming that a Kerberos message is invalid. The default value is 300 seconds, or five minutes.',
- },
-
- 'kdc_timesync' => {
- type => 'leaf',
- value_type => 'integer',
- 'experience' => 'advanced',
- 'description' => 'If the value of this relation is non-zero (the default), the library will compute the difference between the system clock and the time returned by the KDC and in order to correct for an inaccurate system clock. This corrective factor is only used by the Kerberos library.',
- },
-
- 'kdc_req_checksum_type' => {
- type => 'leaf',
- value_type => 'uniline',
- 'experience' => 'advanced',
- 'description' => 'For compatability with DCE security servers which do not support the default CKSUMTYPE_RSA_MD5 used by this version of Kerberos. Use a value of 2 to use the CKSUMTYPE_RSA_MD4 instead. This applies to DCE 1.1 and earlier.',
- },
-
- 'ap_req_checksum_type' => {
- type => 'leaf',
- value_type => 'integer',
- 'experience' => 'advanced',
- 'description' => 'This allows you to set the checksum type used in the authenticator of KRB_AP_REQ messages. The default value for this type is CKSUMTYPE_RSA_MD5. For compatibility with applications linked against DCE version 1.1 or earlier Kerberos libraries, use a value of 2 to use the CKSUMTYPE_RSA_MD4 instead.',
- },
-
- 'safe_checksum_type' => {
- type => 'leaf',
- value_type => 'integer',
- 'experience' => 'advanced',
- 'description' => 'This allows you to set the preferred keyed-checksum type for use in KRB_SAFE messages. The default value for this type is CKSUMTYPE_RSA_MD5_DES. For compatibility with applications linked against DCE version 1.1 or earlier Kerberos libraries, use a value of 3 to use the CKSUMTYPE_RSA_MD4_DES instead. This field is ignored when its value is incompatible with the session key type.',
- },
-
- 'preferred_preauth_types' => {
- type => 'leaf',
- value_type => 'uniline',
- default => '17, 16, 15, 14',
- 'experience' => 'advanced',
- 'description' => 'This allows you to set the preferred preauthentication types which the client will attempt before others which may be advertised by a KDC. The default value for this setting is "17, 16, 15, 14", which forces libkrb5 to attempt to use PKINIT if it is supported.',
- },
-
- 'ccache_type' => {
- type => 'leaf',
- value_type => 'integer',
- 'experience' => 'advanced',
- 'description' => 'User this parameter on systems which are DCE clients, to specify the type of cache to be created by kinit, or when forwarded tickets are received. DCE and Kerberos can share the cache, but some versions of DCE do not support the default cache as created by this version of Kerberos. Use a value of 1 on DCE 1.0.3a systems, and a value of 2 on DCE 1.1 systems.',
- },
-
- 'krb4_srvtab' => {
- type => 'leaf',
- value_type => 'uniline',
- 'experience' => 'advanced',
- 'description' => 'Specifies the location of the Kerberos V4 srvtab file. Default is "/etc/srvtab".',
- },
-
- 'krb4_config' => {
- type => 'leaf',
- value_type => 'uniline',
- 'experience' => 'advanced',
- 'description' => 'Specifies the location of the Kerberos V4 configuration file. Default is "/etc/krb.conf".',
- },
-
- 'krb4_realms' => {
- type => 'leaf',
- value_type => 'uniline',
- 'experience' => 'advanced',
- 'description' => 'Specifies the location of the Kerberos V4 domain/realm translation file. Default is "/etc/krb.realms".',
- },
-
- 'dns_lookup_kdc' => {
- type => 'leaf',
- value_type => 'boolean',
- 'experience' => 'advanced',
- 'description' => 'Indicate whether DNS SRV records shoud be used to locate the KDCs and other servers for a realm, if they are not listed in the information for the realm. The default is to use these records.',
- },
-
- 'dns_lookup_realm' => {
- type => 'leaf',
- value_type => 'boolean',
- 'experience' => 'advanced',
- 'description' => 'Indicate whether DNS TXT records should be used to determine the Kerberos realm of a host. The default is not to use these records.',
- },
-
- 'dns_fallback' => {
- type => 'leaf',
- value_type => 'boolean',
- 'experience' => 'advanced',
- 'description' => 'General flag controlling the use of DNS for Kerberos information. If both of the preceding options are specified, this option has no effect.',
- },
-
- 'extra_addresses' => {
- type => 'leaf',
- value_type => 'uniline',
- 'experience' => 'advanced',
- 'description' => 'This allows a computer to use multiple local addresses, in order to allow Kerberos to work in a network that uses NATs. The addresses should be in a comma-separated list.',
- },
-
- 'udp_preference_limit' => {
- type => 'leaf',
- value_type => 'uniline',
- 'experience' => 'advanced',
- 'description' => 'When sending a message to the KDC, the library will try using TCP before UDP if the size of the message is above "udp_preference_limit". If the message is smaller than "udp_preference_limit", then UDP will be tried before TCP. Regardless of the size, both protocols will be tried if the first attempt fails.',
- },
-
- 'verify_ap_req_nofail' => {
- type => 'leaf',
- value_type => 'boolean',
- default => '0',
- 'experience' => 'advanced',
- 'description' => 'If this flag is set, then an attempt to get initial credentials will fail if the client machine does not have a keytab. The default for the flag is false.',
- },
-
- 'renew_lifetime' => {
- type => 'leaf',
- value_type => 'integer',
- min => '0',
- default => '0',
- 'experience' => 'advanced',
- 'description' => 'The value of this tag is the default renewable lifetime for initial tickets. The default value for the tag is 0.',
- },
-
- 'noaddresses' => {
- type => 'leaf',
- value_type => 'boolean',
- default => '1',
- 'experience' => 'advanced',
- 'description' => 'Setting this flag causes the initial Kerberos ticket to be addressless. The default for the flag is true.',
- },
-
- 'forwardable' => {
- type => 'leaf',
- value_type => 'boolean',
- default => '0',
- 'experience' => 'advanced',
- 'description' => 'If this flag is set, initial tickets by default will be forwardable. The default value for this flag is false.',
- },
-
- 'proxiable' => {
- type => 'leaf',
- value_type => 'boolean',
- default => '0',
- 'experience' => 'advanced',
- 'description' => 'If this flag is set, initial tickets by default will be proxiable. The default value for this flag is false.',
- },
-
- ],
-
- ],
-];
+ {
+ 'name' => 'Krb5::LibDefaults',
+ 'element' => [
+ 'default_keytab_name',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'This relation specifies the default keytab name to be used by application severs such as telnetd and rlogind. The default is "/etc/krb5.keytab". This formerly defaulted to "/etc/v5srvtab", but was changed to the current value.'
+ },
+ 'default_realm',
+ {
+ 'value_type' => 'uniline',
+ 'type' => 'leaf',
+ 'description' => 'This relation identifies the default realm to be used in a client host\'s Kerberos activity.'
+ },
+ 'default_tgs_enctypes',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'This relation identifies the supported list of session key encryption types that should be returned by the KDC. The list may be delimited with commas or whitespace.'
+ },
+ 'default_tkt_enctypes',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'This relation identifies the supported list of session key encryption types that should be requested by the client, in the same format.'
+ },
+ 'permitted_enctypes',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'This relation identifies the permitted list of session key encryption types.'
+ },
+ 'clockskew',
+ {
+ 'value_type' => 'integer',
+ 'min' => '0',
+ 'experience' => 'advanced',
+ 'default' => '300',
+ 'type' => 'leaf',
+ 'description' => 'This relation sets the maximum allowable amount of clockskew in seconds that the library will tolerate before assuming that a Kerberos message is invalid. The default value is 300 seconds, or five minutes.'
+ },
+ 'kdc_timesync',
+ {
+ 'value_type' => 'integer',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'If the value of this relation is non-zero (the default), the library will compute the difference between the system clock and the time returned by the KDC and in order to correct for an inaccurate system clock. This corrective factor is only used by the Kerberos library.'
+ },
+ 'kdc_req_checksum_type',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'For compatability with DCE security servers which do not support the default CKSUMTYPE_RSA_MD5 used by this version of Kerberos. Use a value of 2 to use the CKSUMTYPE_RSA_MD4 instead. This applies to DCE 1.1 and earlier.'
+ },
+ 'ap_req_checksum_type',
+ {
+ 'value_type' => 'integer',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'This allows you to set the checksum type used in the authenticator of KRB_AP_REQ messages. The default value for this type is CKSUMTYPE_RSA_MD5. For compatibility with applications linked against DCE version 1.1 or earlier Kerberos libraries, use a value of 2 to use the CKSUMTYPE_RSA_MD4 instead.'
+ },
+ 'safe_checksum_type',
+ {
+ 'value_type' => 'integer',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'This allows you to set the preferred keyed-checksum type for use in KRB_SAFE messages. The default value for this type is CKSUMTYPE_RSA_MD5_DES. For compatibility with applications linked against DCE version 1.1 or earlier Kerberos libraries, use a value of 3 to use the CKSUMTYPE_RSA_MD4_DES instead. This field is ignored when its value is incompatible with the session key type.'
+ },
+ 'preferred_preauth_types',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'default' => '17, 16, 15, 14',
+ 'type' => 'leaf',
+ 'description' => 'This allows you to set the preferred preauthentication types which the client will attempt before others which may be advertised by a KDC. The default value for this setting is "17, 16, 15, 14", which forces libkrb5 to attempt to use PKINIT if it is supported.'
+ },
+ 'ccache_type',
+ {
+ 'value_type' => 'integer',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'User this parameter on systems which are DCE clients, to specify the type of cache to be created by kinit, or when forwarded tickets are received. DCE and Kerberos can share the cache, but some versions of DCE do not support the default cache as created by this version of Kerberos. Use a value of 1 on DCE 1.0.3a systems, and a value of 2 on DCE 1.1 systems.'
+ },
+ 'krb4_srvtab',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'Specifies the location of the Kerberos V4 srvtab file. Default is "/etc/srvtab".'
+ },
+ 'krb4_config',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'Specifies the location of the Kerberos V4 configuration file. Default is "/etc/krb.conf".'
+ },
+ 'krb4_realms',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'Specifies the location of the Kerberos V4 domain/realm translation file. Default is "/etc/krb.realms".'
+ },
+ 'dns_lookup_kdc',
+ {
+ 'value_type' => 'boolean',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'Indicate whether DNS SRV records shoud be used to locate the KDCs and other servers for a realm, if they are not listed in the information for the realm. The default is to use these records.'
+ },
+ 'dns_lookup_realm',
+ {
+ 'value_type' => 'boolean',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'Indicate whether DNS TXT records should be used to determine the Kerberos realm of a host. The default is not to use these records.'
+ },
+ 'dns_fallback',
+ {
+ 'value_type' => 'boolean',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'General flag controlling the use of DNS for Kerberos information. If both of the preceding options are specified, this option has no effect.'
+ },
+ 'extra_addresses',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'This allows a computer to use multiple local addresses, in order to allow Kerberos to work in a network that uses NATs. The addresses should be in a comma-separated list.'
+ },
+ 'udp_preference_limit',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'When sending a message to the KDC, the library will try using TCP before UDP if the size of the message is above "udp_preference_limit". If the message is smaller than "udp_preference_limit", then UDP will be tried before TCP. Regardless of the size, both protocols will be tried if the first attempt fails.'
+ },
+ 'verify_ap_req_nofail',
+ {
+ 'value_type' => 'boolean',
+ 'experience' => 'advanced',
+ 'default' => '0',
+ 'type' => 'leaf',
+ 'description' => 'If this flag is set, then an attempt to get initial credentials will fail if the client machine does not have a keytab. The default for the flag is false.'
+ },
+ 'renew_lifetime',
+ {
+ 'value_type' => 'integer',
+ 'min' => '0',
+ 'experience' => 'advanced',
+ 'default' => '0',
+ 'type' => 'leaf',
+ 'description' => 'The value of this tag is the default renewable lifetime for initial tickets. The default value for the tag is 0.'
+ },
+ 'noaddresses',
+ {
+ 'value_type' => 'boolean',
+ 'experience' => 'advanced',
+ 'default' => '1',
+ 'type' => 'leaf',
+ 'description' => 'Setting this flag causes the initial Kerberos ticket to be addressless. The default for the flag is true.'
+ },
+ 'forwardable',
+ {
+ 'value_type' => 'boolean',
+ 'experience' => 'advanced',
+ 'default' => '0',
+ 'type' => 'leaf',
+ 'description' => 'If this flag is set, initial tickets by default will be forwardable. The default value for this flag is false.'
+ },
+ 'proxiable',
+ {
+ 'value_type' => 'boolean',
+ 'experience' => 'advanced',
+ 'default' => '0',
+ 'type' => 'leaf',
+ 'description' => 'If this flag is set, initial tickets by default will be proxiable. The default value for this flag is false.'
+ }
+ ]
+ }
+ ]
+;
100 lib/Config/Model/models/Krb5/Logging.pl
View
@@ -1,64 +1,38 @@
-# $Author:$
-# $Date: $
-# $Name: $
-# $Revision: $
-
-# Copyright (c) 2008 Peter Knowles
-#
-# This file is part of Config::Model::Krb5.
-#
-# Config::Model::Krb5 is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# Config::Model::Krb5 is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser Public License for more details.
-#
-# You should have received a copy of the GNU Lesser Public License
-# along with Config-Model; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-
-# This model was created from krb5.conf(5) man page.
-
[
- [
- name => "Krb5::Logging",
-
- 'element' => [
- 'kdc' => {
- 'cargo' => {
- type => 'node',
- config_class_name => 'Krb5::Logging::LoggingConfig',
- },
- 'experience' => 'advanced',
- 'type' => 'list',
- 'description' => 'Specifies how the KDC is to perform its logging.',
- },
-
- 'admin_server' => {
- 'cargo' => {
- type => 'node',
- config_class_name => 'Krb5::Logging::LoggingConfig',
- },
- 'experience' => 'advanced',
- 'type' => 'list',
- 'description' => 'Specifies how the administrative server is to perform its logging.',
- },
-
- 'default' => {
- 'cargo' => {
- type => 'node',
- config_class_name => 'Krb5::Logging::LoggingConfig',
- },
- 'experience' => 'advanced',
- 'type' => 'list',
- 'description' => 'Specifies how to perform logging in the absence of explicit specifications otherwise.',
- },
-
- ],
- ],
-];
-
+ {
+ 'name' => 'Krb5::Logging',
+ 'element' => [
+ 'kdc',
+ {
+ 'cargo' => {
+ 'type' => 'node',
+ 'config_class_name' => 'Krb5::Logging::LoggingConfig'
+ },
+ 'experience' => 'advanced',
+ 'type' => 'list',
+ 'description' => 'Specifies how the KDC is to perform its logging.'
+ },
+ 'admin_server',
+ {
+ 'cargo' => {
+ 'type' => 'node',
+ 'config_class_name' => 'Krb5::Logging::LoggingConfig'
+ },
+ 'experience' => 'advanced',
+ 'type' => 'list',
+ 'description' => 'Specifies how the administrative server is to perform its logging.'
+ },
+ 'default',
+ {
+ 'cargo' => {
+ 'type' => 'node',
+ 'config_class_name' => 'Krb5::Logging::LoggingConfig'
+ },
+ 'experience' => 'advanced',
+ 'type' => 'list',
+ 'description' => 'Specifies how to perform logging in the absence of explicit specifications otherwise.'
+ }
+ ]
+ }
+ ]
+;
118 lib/Config/Model/models/Krb5/Logging/LoggingConfig.pl
View
@@ -1,61 +1,59 @@
-# $Author:$
-# $Date: $
-# $Name: $
-# $Revision: $
-
-# Copyright (c) 2008 Peter Knowles
-#
-# This file is part of Config::Model::Krb5.
-#
-# Config::Model::Krb5 is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# Config::Model::Krb5 is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser Public License for more details.
-#
-# You should have received a copy of the GNU Lesser Public License
-# along with Config-Model; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-
-# This model was created from krb5.conf(5) man page.
-
[
- [
- name => "Krb5::Logging::LoggingConfig",
-
- 'element' => [
- 'logging_type' => {
- 'value_type' => 'enum',
- 'help' => {
- 'FILE' => 'This value causes the entity\'s logging messages to go to the specified file',
- 'STDERR' => 'This value causes the entity\'s logging messages to go to its standard error stream.',
- 'CONSOLE' => 'This value causes the entity\'s logging messages to go to the console, if the system supports it.',
- 'DEVICE' => 'This causes the entity\'s logging messages to go to the specified device.',
- 'SYSLOG' => 'This causes the entity\'s logging messages to go to the system log.',
- },
- 'experience' => 'advanced',
- 'type' => 'leaf',
- 'description' => 'Specifies whether remote hosts are allowed to connect to ports forwarded for the client. By default, sshd(8) binds remote port forwardings to the loopback address. This prevents other remote hosts from connecting to forwarded ports. GatewayPorts can be used to specify that sshd should allow remote port forwardings to bind to non-loopback addresses, thus allowing other hosts to connect.',
- 'choice' => [ 'FILE', 'STDERR', 'CONSOLE', 'DEVICE', 'SYSLOG', ]
- },
-
- 'logging_config' => {
- type => 'warped_node',
- 'experience' => 'advanced',
- follow => '- logging_type',
- 'rules' => {
- 'FILE' => { config_class_name => 'Krb5::Logging::LoggingConfig::File' },
- 'STDERR' => { config_class_name => 'Krb5::Logging::LoggingConfig::StdErr' },
- 'CONSOLE' => { config_class_name => 'Krb5::Logging::LoggingConfig::Console' },
- 'DEVICE' => { config_class_name => 'Krb5::Logging::LoggingConfig::Device' },
- 'SYSLOG' => { config_class_name => 'Krb5::Logging::LoggingConfig::Syslog' },
- }
- },
- ],
- ],
-];
-
+ {
+ 'name' => 'Krb5::Logging::LoggingConfig',
+ 'element' => [
+ 'logging_type',
+ {
+ 'value_type' => 'enum',
+ 'help' => {
+ 'FILE' => 'This value causes the entity\'s logging messages to go to the specified file',
+ 'STDERR' => 'This value causes the entity\'s logging messages to go to its standard error stream.',
+ 'CONSOLE' => 'This value causes the entity\'s logging messages to go to the console, if the system supports it.',
+ 'DEVICE' => 'This causes the entity\'s logging messages to go to the specified device.',
+ 'SYSLOG' => 'This causes the entity\'s logging messages to go to the system log.'
+ },
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'Specifies whether remote hosts are allowed to connect to ports forwarded for the client. By default, sshd(8) binds remote port forwardings to the loopback address. This prevents other remote hosts from connecting to forwarded ports. GatewayPorts can be used to specify that sshd should allow remote port forwardings to bind to non-loopback addresses, thus allowing other hosts to connect.',
+ 'choice' => [
+ 'FILE',
+ 'STDERR',
+ 'CONSOLE',
+ 'DEVICE',
+ 'SYSLOG'
+ ]
+ },
+ 'logging_config',
+ {
+ 'follow' => {
+ 'f1' => '- logging_type'
+ },
+ 'experience' => 'advanced',
+ 'type' => 'warped_node',
+ 'rules' => [
+ '$f1 eq \'FILE\'',
+ {
+ 'config_class_name' => 'Krb5::Logging::LoggingConfig::File'
+ },
+ '$f1 eq \'STDERR\'',
+ {
+ 'config_class_name' => 'Krb5::Logging::LoggingConfig::StdErr'
+ },
+ '$f1 eq \'CONSOLE\'',
+ {
+ 'config_class_name' => 'Krb5::Logging::LoggingConfig::Console'
+ },
+ '$f1 eq \'DEVICE\'',
+ {
+ 'config_class_name' => 'Krb5::Logging::LoggingConfig::Device'
+ },
+ '$f1 eq \'SYSLOG\'',
+ {
+ 'config_class_name' => 'Krb5::Logging::LoggingConfig::Syslog'
+ }
+ ]
+ }
+ ]
+ }
+ ]
+;
37 lib/Config/Model/models/Krb5/Logging/LoggingConfig/Console.pl
View
@@ -1,33 +1,6 @@
-# $Author:$
-# $Date: $
-# $Name: $
-# $Revision: $
-
-# Copyright (c) 2008 Peter Knowles
-#
-# This file is part of Config::Model::Krb5.
-#
-# Config::Model::Krb5 is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# Config::Model::Krb5 is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser Public License for more details.
-#
-# You should have received a copy of the GNU Lesser Public License
-# along with Config-Model; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-
-# This model was created from krb5.conf(5) man page.
-
[
- [
- name => "Krb5::Logging::LoggingConfig::Console",
-
- 'element' => [],
- ],
-];
-
+ {
+ 'name' => 'Krb5::Logging::LoggingConfig::Console'
+ }
+ ]
+;
52 lib/Config/Model/models/Krb5/Logging/LoggingConfig/Device.pl
View
@@ -1,40 +1,14 @@
-# $Author:$
-# $Date: $
-# $Name: $
-# $Revision: $
-
-# Copyright (c) 2008 Peter Knowles
-#
-# This file is part of Config::Model::Krb5.
-#
-# Config::Model::Krb5 is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# Config::Model::Krb5 is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser Public License for more details.
-#
-# You should have received a copy of the GNU Lesser Public License
-# along with Config-Model; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-
-# This model was created from krb5.conf(5) man page.
-
[
- [
- name => "Krb5::Logging::LoggingConfig::Device",
-
- 'element' => [
- 'devicename' => {
- 'type' => 'leaf',
- 'value_type' => 'uniline',
- 'description' => 'Device to receive logging ',
- },
-
- ],
- ],
-];
-
+ {
+ 'name' => 'Krb5::Logging::LoggingConfig::Device',
+ 'element' => [
+ 'devicename',
+ {
+ 'value_type' => 'uniline',
+ 'type' => 'leaf',
+ 'description' => 'Device to receive logging '
+ }
+ ]
+ }
+ ]
+;
64 lib/Config/Model/models/Krb5/Logging/LoggingConfig/File.pl
View
@@ -1,46 +1,20 @@
-# $Author:$
-# $Date: $
-# $Name: $
-# $Revision: $
-
-# Copyright (c) 2008 Peter Knowles
-#
-# This file is part of Config::Model::Krb5.
-#
-# Config::Model::Krb5 is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# Config::Model::Krb5 is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser Public License for more details.
-#
-# You should have received a copy of the GNU Lesser Public License
-# along with Config-Model; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-
-# This model was created from krb5.conf(5) man page.
-
[
- [
- name => "Krb5::Logging::LoggingConfig::File",
-
- 'element' => [
- 'append' => {
- 'type' => 'leaf',
- 'value_type' => 'boolean',
- 'description' => 'Append to log file.',
- },
-
- 'filename' => {
- 'type' => 'leaf',
- 'value_type' => 'uniline',
- 'description' => 'Filename for logging messages.',
- },
-
- ],
- ],
-];
-
+ {
+ 'name' => 'Krb5::Logging::LoggingConfig::File',
+ 'element' => [
+ 'append',
+ {
+ 'value_type' => 'boolean',
+ 'type' => 'leaf',
+ 'description' => 'Append to log file.'
+ },
+ 'filename',
+ {
+ 'value_type' => 'uniline',
+ 'type' => 'leaf',
+ 'description' => 'Filename for logging messages.'
+ }
+ ]
+ }
+ ]
+;
37 lib/Config/Model/models/Krb5/Logging/LoggingConfig/StdErr.pl
View
@@ -1,33 +1,6 @@
-# $Author:$
-# $Date: $
-# $Name: $
-# $Revision: $
-
-# Copyright (c) 2008 Peter Knowles
-#
-# This file is part of Config::Model::Krb5.
-#
-# Config::Model::Krb5 is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# Config::Model::Krb5 is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser Public License for more details.
-#
-# You should have received a copy of the GNU Lesser Public License
-# along with Config-Model; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-
-# This model was created from krb5.conf(5) man page.
-
[
- [
- name => "Krb5::Logging::LoggingConfig::StdErr",
-
- 'element' => [],
- ],
-];
-
+ {
+ 'name' => 'Krb5::Logging::LoggingConfig::StdErr'
+ }
+ ]
+;
103 lib/Config/Model/models/Krb5/Logging/LoggingConfig/Syslog.pl
View
@@ -1,52 +1,53 @@
-# $Author:$
-# $Date: $
-# $Name: $
-# $Revision: $
-
-# Copyright (c) 2008 Peter Knowles
-#
-# This file is part of Config::Model::Krb5.
-#
-# Config::Model::Krb5 is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# Config::Model::Krb5 is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser Public License for more details.
-#
-# You should have received a copy of the GNU Lesser Public License
-# along with Config-Model; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-
-# This model was created from krb5.conf(5) man page.
-
[
- [
- name => "Krb5::Logging::LoggingConfig::Syslog",
-
- 'element' => [
- 'severity' => {
- 'value_type' => 'enum',
- 'experience' => 'advanced',
- 'type' => 'leaf',
- 'default' => 'ERR',
- 'description' => 'Specifies the default severity of system log messages.',
- 'choice' => [ 'EMERG', 'ALERT', 'CRIT', 'ERR', 'WARNING', 'NOTICE', 'INFO', 'DEBUG', ]
- },
-
- 'facility' => {
- 'value_type' => 'enum',
- 'experience' => 'advanced',
- 'type' => 'leaf',
- 'default' => 'AUTH',
- 'description' => 'Specifies the facility under which the messages are logged.',
- 'choice' => [ 'KERN', 'USER', 'MAIL', 'DAEMON', 'AUTH', 'LPR', 'NEWS', 'UUCP', 'CRON', 'LOCAL0', 'LOCAL1', 'LOCAL2', 'LOCAL3', 'LOCAL4', 'LOCAL5', 'LOCAL6', 'LOCAL7', ]
- },
-
- ],
- ],
-];
-
+ {
+ 'name' => 'Krb5::Logging::LoggingConfig::Syslog',
+ 'element' => [
+ 'severity',
+ {
+ 'value_type' => 'enum',
+ 'experience' => 'advanced',
+ 'default' => 'ERR',
+ 'type' => 'leaf',
+ 'description' => 'Specifies the default severity of system log messages.',
+ 'choice' => [
+ 'EMERG',
+ 'ALERT',
+ 'CRIT',
+ 'ERR',
+ 'WARNING',
+ 'NOTICE',
+ 'INFO',
+ 'DEBUG'
+ ]
+ },
+ 'facility',
+ {
+ 'value_type' => 'enum',
+ 'experience' => 'advanced',
+ 'default' => 'AUTH',
+ 'type' => 'leaf',
+ 'description' => 'Specifies the facility under which the messages are logged.',
+ 'choice' => [
+ 'KERN',
+ 'USER',
+ 'MAIL',
+ 'DAEMON',
+ 'AUTH',
+ 'LPR',
+ 'NEWS',
+ 'UUCP',
+ 'CRON',
+ 'LOCAL0',
+ 'LOCAL1',
+ 'LOCAL2',
+ 'LOCAL3',
+ 'LOCAL4',
+ 'LOCAL5',
+ 'LOCAL6',
+ 'LOCAL7'
+ ]
+ }
+ ]
+ }
+ ]
+;
126 lib/Config/Model/models/Krb5/Login.pl
View
@@ -1,78 +1,50 @@
-# $Author:$
-# $Date: $
-# $Name: $
-# $Revision: $
-
-# Copyright (c) 2008 Peter Knowles
-#
-# This file is part of Config::Model::Krb5.
-#
-# Config::Model::Krb5 is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# Config::Model::Krb5 is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser Public License for more details.
-#
-# You should have received a copy of the GNU Lesser Public License
-# along with Config-Model; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-
-# This model was created from krb5.conf(5) man page.
-
-# Top level class feature krb5.conf sections
-
[
- [
- name => "Krb5::Login",
-
- 'element' => [
- 'krb5_get_tickets' => {
- type => 'leaf',
- value_type => 'uniline',
- description => 'Use password to get V5 tickets. Default value true.',
- 'experience' => 'advanced',
- },
-
- 'krb4_get_tickets' => {
- type => 'leaf',
- value_type => 'uniline',
- description => 'Use password to get V4 tickets. Default value false.',
- 'experience' => 'advanced',
- },
-
- 'krb4_convert' => {
- type => 'leaf',
- value_type => 'uniline',
- description => 'Use Kerberos conversion daemon to get V4 tickets. Default value false. If false, and krb4_get_tickets is true, then login will get the V5 tickets directly using the Kerberos V4 protocol directly. This does not currently work with non MIT-V4 salt types (such as the AFS3 salt type.) Note that if configuration parameter is true, and the krb524d is not running, login will hang for approximately a minute under Solaris, due to a Solaris socket emulation bug.',
- 'experience' => 'advanced',
- },
-
- 'krb_run_aklog' => {
- type => 'leaf',
- value_type => 'uniline',
- description => 'Attempt to run aklog. Default value false.',
- 'experience' => 'advanced',
- },
-
- 'aklog_path' => {
- type => 'leaf',
- value_type => 'uniline',
- description => 'Where to find it [not yet implemented.] Default value \$(prefix)/bin/aklog.',
- 'experience' => 'advanced',
- },
-
- 'accept_passwd' => {
- type => 'leaf',
- value_type => 'uniline',
- description => 'Don\'t accept plaintext passwords [not yet implemented]. Default value false.',
- 'experience' => 'advanced',
- },
-
- ],
- ],
-];
-
+ {
+ 'name' => 'Krb5::Login',
+ 'element' => [
+ 'krb5_get_tickets',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'Use password to get V5 tickets. Default value true.'
+ },
+ 'krb4_get_tickets',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'Use password to get V4 tickets. Default value false.'
+ },
+ 'krb4_convert',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'Use Kerberos conversion daemon to get V4 tickets. Default value false. If false, and krb4_get_tickets is true, then login will get the V5 tickets directly using the Kerberos V4 protocol directly. This does not currently work with non MIT-V4 salt types (such as the AFS3 salt type.) Note that if configuration parameter is true, and the krb524d is not running, login will hang for approximately a minute under Solaris, due to a Solaris socket emulation bug.'
+ },
+ 'krb_run_aklog',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'Attempt to run aklog. Default value false.'
+ },
+ 'aklog_path',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'Where to find it [not yet implemented.] Default value \\$(prefix)/bin/aklog.'
+ },
+ 'accept_passwd',
+ {
+ 'value_type' => 'uniline',
+ 'experience' => 'advanced',
+ 'type' => 'leaf',
+ 'description' => 'Don\'t accept plaintext passwords [not yet implemented]. Default value false.'
+ }
+ ]
+ }
+ ]
+;
168 lib/Config/Model/models/Krb5/Realms.pl
View
@@ -1,95 +1,75 @@
-#
-# Config::Model::Krb5 is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser Public License as
-# published by the Free Software Foundation; either version 2.1 of
-# the License, or (at your option) any later version.
-#
-# Config::Model::Krb5 is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser Public License for more details.
-#
-# You should have received a copy of the GNU Lesser Public License
-# along with Config-Model; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-
-# This model was created from krb5.conf(5) man page.
-
[
- [
- name => "Krb5::Realms",
-
- 'element' => [
- 'kdc' => {
- 'cargo' => {
- 'type' => 'leaf',
- 'value_type' => 'uniline',
- },
- 'experience' => 'beginner',
- 'type' => 'list',
- 'description' => 'The value of this relation is the name of a host running a KDC for that realm. An optional port number (preceded by a colon) may be appended to the hostname. This tag should generally be used only if the realm administrator has not made the information available through DNS.',
- },
-
- 'admin_server' => {
- 'cargo' => {
- 'type' => 'leaf',
- 'value_type' => 'uniline',
- },
- 'experience' => 'beginner',
- 'type' => 'list',
- 'description' => 'This relation identifies the host where the administration server is running. Typically this is the Master Kerberos server.',
- },
-
- 'database_module' => {
- 'type' => 'leaf',
- 'value_type' => 'uniline',
- 'experience' => 'advanced',
- 'description' => 'This relation indicates the name of the configuration section under dbmodules for database specific parameters used by the loadable database library.',
- },
- 'default_domain' => {
- 'type' => 'leaf',
- 'value_type' => 'uniline',