On Fri, 2012-02-24 at 22:59 +0100, Marco Pizzoli wrote:
> Hi guys,
> please confirm that this is a bug in the documentation:
> http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/kerberos.html#about-keytabs
> --------------------
> 12.1.2. About Protecting Keytabs
> To protect keytab files, reset the permissions and ownership to
> restrict access to the files to only the keytab owner. : For example,
> set the owner of the Apache keytab (/etc/httpd/conf/ipa.keytab) to
> httpd and the mode to 0600. 
> --------------------
> It should be the "apache" user, isn't it?
> I only checked on a RHEL6 system that the httpd user is "apache", but
> I have not checked with a RHEL6-&-FreeIPA system.

Yes it's a bug, the user is 'apache'.


Simo Sorce * Red Hat, Inc * New York

Freeipa-users mailing list

Reply via email to