From 590166f948527220a875ec6cf644fd0e9281fc5e Mon Sep 17 00:00:00 2001
From: Tom Rhodes <trhodes@FreeBSD.org>
Date: Tue, 10 Oct 2006 02:43:40 +0000
Subject: [PATCH] In cases of MIT kerberos, the rc.conf values will be
 different along with binary locations; note this.

PR:		100764
---
 en_US.ISO8859-1/books/handbook/security/chapter.sgml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/en_US.ISO8859-1/books/handbook/security/chapter.sgml b/en_US.ISO8859-1/books/handbook/security/chapter.sgml
index 12069c2485..7b1d96d569 100644
--- a/en_US.ISO8859-1/books/handbook/security/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/security/chapter.sgml
@@ -2675,6 +2675,18 @@ jdoe@example.org</screen>
 	  for authentication so that it can properly change ownership for
 	  the forwarded credentials.</para></note>
 
+	<para>The <filename>rc.conf</filename> must also be modified
+	  to contain the following configuration:</para>
+
+	<programlisting>kerberos5_server="/usr/local/sbin/krb5kdc"
+kadmind5_server="/usr/local/sbin/kadmind"
+kerberos5_server_enable="YES"
+kadmind5_server_enable="YES"</programlisting>
+
+	<para>This is done because the applications for
+	  <acronym>MIT</acronym> kerberos installs binaries in the
+	  <filename role="directory">/usr/local</filename>
+	  hierarchy.</para>
       </sect2>
 
       <sect2>