Add sample kerberosIV configuration files

5 files changed, 49 insertions, 0 deletions

diff --git a/etc/Makefile b/etc/Makefile
index 52aeea22ca6..03295f224ed 100644
--- a/etc/Makefile
+++ b/etc/Makefile
@@ -56,6 +56,15 @@ distribution: distrib-dirs
 		rm -f ${DESTDIR}/.cshrc ${DESTDIR}/.profile; \
 		ln ${DESTDIR}/root/.cshrc ${DESTDIR}/.cshrc; \
 		ln ${DESTDIR}/root/.profile ${DESTDIR}/.profile)
+	(cd kerberosIV; \
+		install -c -o root -g wheel -m 644 README \
+		    ${DESTDIR}/etc/kerberosIV; \
+		install -c -o root -g wheel -m 644 krb.conf \
+		    ${DESTDIR}/etc/kerberosIV; \
+		install -c -o root -g wheel -m 644 krb.equiv \
+		    ${DESTDIR}/etc/kerberosIV; \
+		install -c -o root -g wheel -m 444 krb.realms \
+		    ${DESTDIR}/etc/kerberosIV)
 	(cd mtree; \
 		install -c -o root -g wheel -m 600 special \
 		    ${DESTDIR}/etc/mtree; \
diff --git a/etc/kerberosIV/README b/etc/kerberosIV/README
new file mode 100644
index 00000000000..d314aa221bd
--- /dev/null
+++ b/etc/kerberosIV/README
@@ -0,0 +1,36 @@
+#	from @(#)README	8.1 (Berkeley) 6/9/93
+#	$Id: README,v 1.1 1995/12/16 21:12:08 tholo Exp $
+
+Notes about the contents of the /etc/kerberosIV directory:
+
+The file master_key contains a copy of the master key under which the
+entire Kerberos database is encrypted.  Disclosing this key would be bad
+news.  The reason it is stored in the filesystem is because the following
+programs need to inspect or modify the kereros database, and so the key
+must be available for them, (or else it would have to be typed in by
+hand):
+		- kerberos (the server itself)
+		- registerd (for new user registration)
+		- kpasswdd (for changing passwords)
+
+The srvtab file contains the encryption keys for each service on the local
+host.  Any host offering network services would have a key here, although
+many such files can be used.
+
+The principal.* files comprise the Kerberos database itself, and contain
+keys for all principles, and should not be world-readable.
+
+The kerberos.conf file contains the configuration for this machine:
+	- which realm I'm in
+	- which servers I should talk to for this realm
+
+The kerberos.realms file contains the name of Kerberos servers for
+various (sub)domains.
+
+Kerberos log information it placed in /var/log/kerberos.log
+(see rc.local to change it)
+
+The register_keys directory contains a set of files (all of which begin
+with "."), each of which contains a des key used for registering new users
+with the system.  It is used only by the "registerd" program, and only on
+a Kerberos server host.
diff --git a/etc/kerberosIV/krb.conf b/etc/kerberosIV/krb.conf
new file mode 100644
index 00000000000..1a1de44e4d4
--- /dev/null
+++ b/etc/kerberosIV/krb.conf
@@ -0,0 +1,2 @@
+MY.DOMAIN
+MY.DOMAIN	me.my.domain admin server
diff --git a/etc/kerberosIV/krb.equiv b/etc/kerberosIV/krb.equiv
new file mode 100644
index 00000000000..86e833053af
--- /dev/null
+++ b/etc/kerberosIV/krb.equiv
@@ -0,0 +1 @@
+#1.2.3.4	4.3.2.1
diff --git a/etc/kerberosIV/krb.realms b/etc/kerberosIV/krb.realms
new file mode 100644
index 00000000000..fdb1e885370
--- /dev/null
+++ b/etc/kerberosIV/krb.realms
@@ -0,0 +1 @@
+.my.domain	MY.DOMAIN