(when the DIR type is supported by the system's Kerberos
library). In case of FILE a credential cache in the form of
/tmp/krb5cc_UID will be created - in case of DIR you NEED
- to specify a directory. UID is replaced with the numeric
- user id. The UID directory is being created. The path up to
- the directory should already exist. Check the details of the
- Kerberos implmentation.</para>
+ to specify a directory which must exist, the UID directory
+ will be created in the specified directory.
+ In all cases UID is replaced with the numeric user id.
+ Check the details of the Kerberos implementation.</para>
<para>When using the KEYRING type, the supported mechanism is
<quote>KEYRING:persistent:UID</quote>, which uses the Linux
kernel keyring to store credentials on a per-UID basis.
- The KEYRING has its limitations. As it is secure kernel memory,
- for example bulk sorage of credentils is for not possible.</para>
+ KEYRING has limitations. For example, it is secure kernel memory,
+ so bulk storage of credentials is not possible.</para>
- <para>When using th KCM type, the supported mechanism is
+ <para>When using the KCM type, the supported mechanism is
<quote>KCM:UID</quote>, which uses a Kerberos credential
- manaager to store credentials on a per-UID basis similar to
+ manager to store credentials on a per-UID basis similar to
KEYRING. This is the recommended choice on latest Linux
- distributions, offering a Kerberos Credential Manager. If not
- we suggest to use KEYRING as those are the most secure and
+ distributions that offer a Kerberos Credential Manager. If not,
+ we suggest to use KEYRING, as those are the most secure and
predictable method.</para>
<para>It is also possible to define custom filepaths and use the "%u"
git.samba.org / samba.git / commitdiff