Regenerate checked-in man pages

Pick up changes to kadmin.rst and krb5_conf.rst adding cross-references for account lockout and detailing parameter expansion for keytab and credentials cache names in krb5.conf (cherry picked from commit 26481ee) ticket: 7494 version_fixed: 1.11 status: resolved
krb5 · Dec 12, 2012 · 335bcae · 335bcae
1 parent c54a33b
commit 335bcae
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 7 deletions.
diff --git a/src/man/kadmin.man b/src/man/kadmin.man
@@ -628,23 +628,34 @@ numbers, punctuation, and whitespace/unprintable characters.
 .B \fB\-history\fP \fInumber\fP
 Sets the number of past keys kept for a principal.  This option is
 not supported with the LDAP KDC database module.
+.UNINDENT
+.INDENT 0.0
 .TP
 .B \fB\-maxfailure\fP \fImaxnumber\fP
-Sets the maximum number of authentication failures before the
-principal is locked.  Authentication failures are only tracked for
-principals which require preauthentication.
+Sets the number of authentication failures before the principal is
+locked.  Authentication failures are only tracked for principals
+which require preauthentication.  The counter of failed attempts
+resets to 0 after a successful attempt to authenticate.  A
+\fImaxnumber\fP value of 0 (the default) disables lockout.
+.UNINDENT
+.INDENT 0.0
 .TP
 .B \fB\-failurecountinterval\fP \fIfailuretime\fP
 (\fIgetdate\fP string) Sets the allowable time between
 authentication failures.  If an authentication failure happens
 after \fIfailuretime\fP has elapsed since the previous failure,
-the number of authentication failures is reset to 1.
+the number of authentication failures is reset to 1.  A
+\fIfailuretime\fP value of 0 (the default) means forever.
+.UNINDENT
+.INDENT 0.0
 .TP
 .B \fB\-lockoutduration\fP \fIlockouttime\fP
 (\fIgetdate\fP string) Sets the duration for which the principal
 is locked from authenticating if too many authentication failures
 occur without the specified failure count interval elapsing.
-A duration of 0 means forever.
+A duration of 0 (the default) means the principal remains locked
+out until it is administratively unlocked with \fBmodprinc
+\-unlock\fP.
 .TP
 .B \fB\-allowedkeysalts\fP
 Specifies the key/salt tuples supported for long\-term keys when

diff --git a/src/man/krb5.conf.man b/src/man/krb5.conf.man
@@ -1146,8 +1146,9 @@ The default is false.
 .UNINDENT
 .SH PARAMETER EXPANSION
 .sp
-Several variables, such as \fBdefault_keytab_name\fP, allow parameters
-to be expanded.  Valid parameters are:
+Starting with release 1.11, several variables, such as
+\fBdefault_keytab_name\fP, allow parameters to be expanded.
+Valid parameters are:
 .INDENT 0.0
 .INDENT 3.5
 .TS