Update manpages

src/man/k5identity.man

@@ -1,3 +1,5 @@
+.\" Man page generated from reStructuredText.
+.
 .TH "K5IDENTITY" "5" " " "1.11.5" "MIT Kerberos"
 .SH NAME
 k5identity \- Kerberos V5 client principal selection rules
@@ -28,8 +30,6 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
 .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
 .in \\n[rst2man-indent\\n[rst2man-indent-level]]u
 ..
-.\" Man page generated from reStructuredText.
-.
 .SH DESCRIPTION
 .sp
 The .k5identity file, which resides in a user\(aqs home directory,
@@ -98,6 +98,6 @@ kerberos(1), \fIkrb5.conf(5)\fP
 .SH AUTHOR
 MIT
 .SH COPYRIGHT
-1985-2014, MIT
+1985-2015, MIT
 .\" Generated by docutils manpage writer.
 .

src/man/k5login.man

@@ -1,3 +1,5 @@
+.\" Man page generated from reStructuredText.
+.
 .TH "K5LOGIN" "5" " " "1.11.5" "MIT Kerberos"
 .SH NAME
 k5login \- Kerberos V5 acl file for host access
@@ -28,8 +30,6 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
 .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
 .in \\n[rst2man-indent\\n[rst2man-indent-level]]u
 ..
-.\" Man page generated from reStructuredText.
-.
 .SH DESCRIPTION
 .sp
 The .k5login file, which resides in a user\(aqs home directory, contains
@@ -41,7 +41,7 @@ administrators remote root access to the host via Kerberos.
 .SH EXAMPLES
 .sp
 Suppose the user \fBalice\fP had a .k5login file in her home directory
-containing the following line:
+containing just the following line:
 .INDENT 0.0
 .INDENT 3.5
 .sp
@@ -55,7 +55,12 @@ bob@FOOBAR.ORG
 .sp
 This would allow \fBbob\fP to use Kerberos network applications, such as
 ssh(1), to access \fBalice\fP\(aqs account, using \fBbob\fP\(aqs Kerberos
-tickets.
+tickets.  In a default configuration (with \fBk5login_authoritative\fP set
+to true in \fIkrb5.conf(5)\fP), this .k5login file would not let
+\fBalice\fP use those network applications to access her account, since
+she is not listed!  With no .k5login file, or with \fBk5login_authoritative\fP
+set to false, a default rule would permit the principal \fBalice\fP in the
+machine\(aqs default realm to access the \fBalice\fP account.
 .sp
 Let us further suppose that \fBalice\fP is a system administrator.
 Alice and the other system administrators would have their principals
@@ -86,6 +91,6 @@ kerberos(1)
 .SH AUTHOR
 MIT
 .SH COPYRIGHT
-1985-2014, MIT
+1985-2015, MIT
 .\" Generated by docutils manpage writer.
 .

src/man/k5srvutil.man

@@ -1,3 +1,5 @@
+.\" Man page generated from reStructuredText.
+.
 .TH "K5SRVUTIL" "1" " " "1.11.5" "MIT Kerberos"
 .SH NAME
 k5srvutil \- host key table (keytab) manipulation utility
@@ -28,8 +30,6 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
 .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
 .in \\n[rst2man-indent\\n[rst2man-indent-level]]u
 ..
-.\" Man page generated from reStructuredText.
-.
 .SH SYNOPSIS
 .sp
 \fBk5srvutil\fP \fIoperation\fP
@@ -81,6 +81,6 @@ place.
 .SH AUTHOR
 MIT
 .SH COPYRIGHT
-1985-2014, MIT
+1985-2015, MIT
 .\" Generated by docutils manpage writer.
 .

src/man/kadm5.acl.man

@@ -1,3 +1,5 @@
+.\" Man page generated from reStructuredText.
+.
 .TH "KADM5.ACL" "5" " " "1.11.5" "MIT Kerberos"
 .SH NAME
 kadm5.acl \- Kerberos ACL file
@@ -28,8 +30,6 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
 .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
 .in \\n[rst2man-indent\\n[rst2man-indent-level]]u
 ..
-.\" Man page generated from reStructuredText.
-.
 .SH DESCRIPTION
 .sp
 The Kerberos \fIkadmind(8)\fP daemon uses an Access Control List
@@ -39,7 +39,7 @@ which principals can operate on which other principals.
 .sp
 The default location of the Kerberos ACL file is
 \fB@LOCALSTATEDIR@\fP\fB/krb5kdc\fP\fB/kadm5.acl\fP  unless this is overridden by the \fIacl_file\fP
-variable in \fIkdc.conf(5)\fP.
+variable in \fIkdc.conf(5)\fP\&.
 .SH SYNTAX
 .sp
 Empty lines and lines starting with the sharp sign (\fB#\fP) are
@@ -54,10 +54,14 @@ principal  permissions  [target_principal  [restrictions] ]
 .fi
 .UNINDENT
 .UNINDENT
-.IP Note
+.sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
 Line order in the ACL file is important.  The first matching entry
 will control access for an actor principal on a target principal.
-.RE
+.UNINDENT
+.UNINDENT
 .INDENT 0.0
 .TP
 .B \fIprincipal\fP
@@ -148,7 +152,7 @@ character.
 .sp
 \fItarget_principal\fP can also include back\-references to \fIprincipal\fP,
 in which \fB*number\fP matches the corresponding wildcard in
-\fIprincipal\fP.
+\fIprincipal\fP\&.
 .TP
 .B \fIrestrictions\fP
 (Optional) A string of flags. Allowed restrictions are:
@@ -165,7 +169,7 @@ are the same as the + and \- flags for the kadmin
 policy is forced to be empty.
 .TP
 .B \fI\-policy pol\fP
-policy is forced to be \fIpol\fP.
+policy is forced to be \fIpol\fP\&.
 .TP
 .B \-{\fIexpire, pwexpire, maxlife, maxrenewlife\fP} \fItime\fP
 (\fIgetdate\fP string) associated value will be forced to
@@ -177,13 +181,17 @@ MIN(\fItime\fP, requested value).
 The above flags act as restrictions on any add or modify operation
 which is allowed due to that ACL line.
 .UNINDENT
-.IP Warning
+.sp
+\fBWARNING:\fP
+.INDENT 0.0
+.INDENT 3.5
 If the kadmind ACL file is modified, the kadmind daemon needs to be
 restarted for changes to take effect.
-.RE
+.UNINDENT
+.UNINDENT
 .SH EXAMPLE
 .sp
-Here is an example of a kadm5.acl file.
+Here is an example of a kadm5.acl file:
 .INDENT 0.0
 .INDENT 3.5
 .sp
@@ -230,6 +238,6 @@ longer than 9 hours.
 .SH AUTHOR
 MIT
 .SH COPYRIGHT
-1985-2014, MIT
+1985-2015, MIT
 .\" Generated by docutils manpage writer.
 .