[Freeipa-users] ipa.keytab - Maybe found bug in documentation
Simo Sorce
simo at redhat.com
Fri Feb 24 22:09:50 UTC 2012
On Fri, 2012-02-24 at 22:59 +0100, Marco Pizzoli wrote:
> Hi guys,
> please confirm that this is a bug in the documentation:
>
> http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/kerberos.html#about-keytabs
> --------------------
>
> 12.1.2. About Protecting Keytabs
> To protect keytab files, reset the permissions and ownership to
> restrict access to the files to only the keytab owner. : For example,
> set the owner of the Apache keytab (/etc/httpd/conf/ipa.keytab) to
> httpd and the mode to 0600.
> --------------------
>
> It should be the "apache" user, isn't it?
> I only checked on a RHEL6 system that the httpd user is "apache", but
> I have not checked with a RHEL6-&-FreeIPA system.
Yes it's a bug, the user is 'apache'.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-users
mailing list