Layer: services

Module: kerberos

Interfaces Templates

Description:

This policy supports:

Servers:

kadmind

krb5kdc

Clients:

kinit

kdestroy

klist

ksu (incomplete)

Interfaces:

kerberos_524_connect(
	
		domain
		
	)

Summary

Connect to krb524 service

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

kerberos_admin(
	
		domain
		
			,
		
		role
		
			,
		
		terminal
		
	)

Summary

All of the rules required to administrate an kerberos environment

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No
role	The role to be allowed to manage the kerberos domain.	No
terminal	The type of the user terminal.	No

kerberos_domtrans_kpropd(
	
		domain
		
	)

Summary

Execute a domain transition to run kpropd.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed to transition.	No

kerberos_dontaudit_write_config(
	
		domain
		
	)

Summary

Do not audit attempts to write the kerberos configuration file (/etc/krb5.conf).

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

kerberos_etc_filetrans_keytab(
	
		domain
		
	)

Summary

Create keytab file in /etc

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

kerberos_manage_host_rcache(
	
		domain
		
	)

Summary

Read the kerberos kdc configuration file (/etc/krb5kdc.conf).

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

kerberos_read_config(
	
		domain
		
	)

Summary

Read the kerberos configuration file (/etc/krb5.conf).

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

kerberos_read_home_content(
	
		domain
		
	)

Summary

read kerberos homedir content (.k5login)

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

kerberos_read_kdc_config(
	
		domain
		
	)

Summary

Read the kerberos kdc configuration file (/etc/krb5kdc.conf).

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

kerberos_read_keytab(
	
		domain
		
	)

Summary

Read the kerberos key table.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

kerberos_rw_config(
	
		domain
		
	)

Summary

Read and write the kerberos configuration file (/etc/krb5.conf).

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

kerberos_use(
	
		domain
		
	)

Summary

Use kerberos services

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

Return

Templates:

kerberos_keytab_template(
	
		prefix
		
			,
		
		domain
		
	)

Summary

Create a derived type for kerberos keytab

Parameters

Parameter:	Description:	Optional:
prefix	The prefix to be used for deriving type names.	No
domain	Domain allowed access.	No

Return