diff options
| author | Todd C. Miller <Todd.Miller@courtesan.com> | 2009-06-11 20:29:12 +0000 |
|---|---|---|
| committer | Todd C. Miller <Todd.Miller@courtesan.com> | 2009-06-11 20:29:12 +0000 |
| commit | eeea10cb7b30fee639ab93b9bf267e9352fb2dd7 (patch) | |
| tree | 1aa7f5bc39725ca0719257650934e7a6ed4aaa9f /sudoers.ldap.man.in | |
| parent | 09e68caf4d573506f1339e143d823a8072bf4785 (diff) | |
| download | sudo-eeea10cb7b30fee639ab93b9bf267e9352fb2dd7.tar.gz | |
regen
Diffstat (limited to 'sudoers.ldap.man.in')
| -rw-r--r-- | sudoers.ldap.man.in | 24 |
1 files changed, 16 insertions, 8 deletions
diff --git a/sudoers.ldap.man.in b/sudoers.ldap.man.in index b5d0c7d2e..4b22d79b8 100644 --- a/sudoers.ldap.man.in +++ b/sudoers.ldap.man.in @@ -1,4 +1,4 @@ -.\" Copyright (c) 2003-2008 +.\" Copyright (c) 2003-2009 .\" Todd C. Miller <Todd.Miller@courtesan.com> .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -149,7 +149,7 @@ .\" ======================================================================== .\" .IX Title "SUDOERS.LDAP @mansectform@" -.TH SUDOERS.LDAP @mansectform@ "March 11, 2009" "1.7.1" "MAINTENANCE COMMANDS" +.TH SUDOERS.LDAP @mansectform@ "June 11, 2009" "1.7.2" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -716,12 +716,20 @@ determines sudoers source order on \s-1AIX\s0 \& #tls_cert /etc/certs/client_cert.pem \& #tls_key /etc/certs/client_key.pem \& # -\& # For SunONE or iPlanet LDAP, the file specified by tls_cert may -\& # contain CA certs and/or the client\*(Aqs cert. If the client\*(Aqs -\& # cert is included, tls_key should be specified as well. -\& # For backward compatibility, sslpath may be used in place of tls_cert. -\& #tls_cert /var/ldap/cert7.db -\& #tls_key /var/ldap/key3.db +\& # For SunONE or iPlanet LDAP, tls_cert and tls_key may specify either +\& # a directory, in which case the files in the directory must have the +\& # default names (e.g. cert8.db and key4.db), or the path to the cert +\& # and key files themselves. However, a bug in version 5.0 of the LDAP +\& # SDK will prevent specific file names from working. For this reason +\& # it is suggested that tls_cert and tls_key be set to a directory, +\& # not a file name. +\& # +\& # The certificate database specified by tls_cert may contain CA certs +\& # and/or the client\*(Aqs cert. If the client\*(Aqs cert is included, tls_key +\& # should be specified as well. +\& # For backward compatibility, "sslpath" may be used in place of tls_cert. +\& #tls_cert /var/ldap +\& #tls_key /var/ldap \& # \& # If using SASL authentication for LDAP (OpenSSL) \& # use_sasl yes |