Package: krb5
Version: N/A
Severity: normal
Tags: patch
Dear Debian maintainer,
On Tuesday, May 22, 2007, I notified you of the beginning of a review process
concerning debconf templates for krb5.
The debian-l10n-english contributors have now reviewed these templates,
and the proposed changes are attached to this bug report.
Please review the suggested changes are suggested, and if you have any
objections, let me know in the next 3 days.
Please try to avoid uploading krb5 with these changes right now.
The second phase of this process will begin on Tuesday, June 12, 2007, when I
will
coordinate updates to translations of debconf templates.
The existing translators will be notified of the changes: they will
receive an updated PO file for their language.
Simultaneously, a general call for new translations will be sent to
the debian-i18n mailing list.
Both these calls for translations will request updates to be sent as
individual bug reports. That will probably trigger a lot of bug
reports against your package, but these should be easier to deal with.
The call for translation updates and new translations will run until
Sunday, June 24, 2007. Please avoid uploading a package with fixed or changed
debconf templates and/or translation updates in the meantime. Of
course, other changes are safe.
On Monday, June 25, 2007, I will contact you again and will send a final patch
summarizing all the updates (changes to debconf templates,
updates to debconf translations and new debconf translations).
Again, thanks for your attention and cooperation.
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1,
'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.21-1-686 (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
---
/home/bubulle/travail/debian/rewrite/LCFC/krb5/krb5.old/debian/krb5-admin-server.templates
2007-05-20 10:50:24.309583226 +0200
+++
/home/bubulle/travail/debian/rewrite/LCFC/krb5/krb5/debian/krb5-admin-server.templates
2007-06-09 20:34:19.358336727 +0200
@@ -1,22 +1,31 @@
+# These templates have been reviewed by the debian-l10n-english
+# team
+#
+# If modifications/additions/rewording are needed, please ask
+# for an advice to [EMAIL PROTECTED]
+#
+# Even minor modifications require translation updates and such
+# changes should be coordinated with translators and reviewers.
+
Template: krb5-admin-server/newrealm
Type: note
_Description: Setting up a Kerberos Realm
- This package contains the administrative tools necessary to run on the
- Kerberos master server. However, installing this package does not
- automatically set up a Kerberos realm. Doing so requires entering
- passwords and as such is not well-suited for package installation. To
- create the realm, run the krb5_newrealm command. You may also wish to read
- /usr/share/doc/krb5-kdc/README.KDC and the administration guide found in
- the krb5-doc package.
+ This package contains the administrative tools required to run the
+ Kerberos master server.
+ .
+ However, installing this package does not automatically set up a
+ Kerberos realm. This can be done later by running the 'krb5_newrealm'
+ command.
.
- Don't forget to set up DNS information so your clients can find your KDC
- and admin servers. Doing so is documented in the administration guide.
+ Please also read the /usr/share/doc/krb5-kdc/README.KDC file
+ and the administration guide found in the krb5-doc package.
Template: krb5-admin-server/kadmind
Type: boolean
Default: true
_Description: Run the Kerberos5 administration daemon (kadmind)?
Kadmind serves requests to add/modify/remove principals in the
- Kerberos database. It also must be running for the kpasswd program
- to be used to change passwords. Normally, this daemon runs on the
- master KDC.
+ Kerberos database.
+ .
+ It is required by the kpasswd program, used to change passwords.
+ With standard setups, this daemon should run on the master KDC.
---
/home/bubulle/travail/debian/rewrite/LCFC/krb5/krb5.old/debian/krb5-kdc.templates
2007-05-20 10:50:24.257582594 +0200
+++
/home/bubulle/travail/debian/rewrite/LCFC/krb5/krb5/debian/krb5-kdc.templates
2007-06-09 20:34:21.358236039 +0200
@@ -1,34 +1,49 @@
+# These templates have been reviewed by the debian-l10n-english
+# team
+#
+# If modifications/additions/rewording are needed, please ask
+# for an advice to [EMAIL PROTECTED]
+#
+# Even minor modifications require translation updates and such
+# changes should be coordinated with translators and reviewers.
+
Template: krb5-kdc/debconf
Type: boolean
Default: true
-_Description: Create Kerberos KDC Configuration with debconf?
- Many sites will wish to have this script automatically create Kerberos KDC
- configuration files in /etc/krb5kdc. By default an example template will
- be copied into this directory with local parameters filled in. Some sites
- who already have infrastructure to manage their own Kerberos configuration
- will wish to disable any automatic configuration changes.
+_Description: Create the Kerberos KDC configuration automatically?
+ The Kerberos Domain Controller (KDC) configuration files, in
+ /etc/krb5kdc, may be created automatically.
+ .
+ By default, an example template will be copied into this directory
+ with local parameters filled in.
+ .
+ Administrators who already have infrastructure to manage their
+ Kerberos configuration may wish to disable these automatic
+ configuration changes.
Template: krb5-kdc/krb4-mode
Type: select
-_Choices: disable, full, nopreauth, none
+__Choices: disable, full, nopreauth, none
Default: none
_Description: Kerberos4 compatibility mode to use:
- By default, Kerberos4 requests are allowed from principals that do not
- require preauthentication. This allows Kerberos4 services to exist while
- requiring most users to use Kerberos5 clients to get their initial
- tickets. These tickets can then be converted to Kerberos4 tickets.
- Alternatively, the mode can be set to full, allowing Kerberos4 to get
- initial tickets even when preauthentication would normally be required, or
- to disable, which will disable all Kerberos4 support.
+ By default, Kerberos4 requests are allowed from principals that do
+ not require preauthentication ('nopreauth'). This allows Kerberos4
+ services to exist while requiring most users to use Kerberos5 clients
+ to get their initial tickets. These tickets can then be converted to
+ Kerberos4 tickets.
+ .
+ Alternatively, the mode can be set to 'full', allowing Kerberos4 to
+ get initial tickets even when preauthentication would normally be
+ required, or to 'disable', which will disable all Kerberos4 support.
Template: krb5-kdc/run-krb524
Type: boolean
-_Description: Run a krb524d?
+_Description: Run a Kerberos5 to Kerberos4 ticket conversion daemon?
Krb524d is a daemon that converts Kerberos5 tickets into Kerberos4 tickets
- for the krb524init program. If you have Kerberos4 enabled at all, then
- you probably want to run this program. Especially when Kerberos4
- compatibility is set to nopreauth, krb524d is important if you have any
- Kerberos4 services.
+ for the krb524init program.
+ .
+ It is recommended to use that daemon if Kerberos4 is enabled,
+ especially when Kerberos4 compatibility is set to 'nopreauth'.
Template: krb5-kdc/purge_data_too
Type: boolean
@@ -36,6 +51,7 @@
_Description: Should the data be purged as well as the package files?
By default, purging this package will not delete the KDC database in
/var/lib/krb5kdc/principal since this database cannot be recovered once
- it is deleted. If you wish to delete your KDC database when this package
- is purged, knowing that purging this package will then mean deleting all
- of the user accounts and passwords in the KDC, enable this option.
+ it is deleted.
+ .
+ Choose this option if you wish to delete the KDC database when this package
+ is purged, deleting all of the user accounts and passwords in the KDC.
--- /home/bubulle/travail/debian/rewrite/LCFC/krb5/krb5.old/debian/control
2007-05-20 10:50:24.293583031 +0200
+++ /home/bubulle/travail/debian/rewrite/LCFC/krb5/krb5/debian/control
2007-06-06 08:28:48.413435372 +0200
@@ -14,9 +14,9 @@
Architecture: any
Description: MIT Kerberos administration runtime libraries
Kerberos is a system for authenticating users and services on a network.
- Kerberos is a trusted third-party service. That means that there is a
- third party (the kerberos server) that is trusted by all the entities on
- the network (users and services, usually called "principals").
+ Kerberos is a trusted third-party service. That means that there is a
+ third party (the Kerberos server) that is trusted by all the entities on
+ the network (users and services, usually called 'principals').
.
This is the MIT reference implementation of Kerberos5.
.
@@ -31,9 +31,9 @@
Conflicts: openafs-krb5 (<< 1.3-10), ssh-krb5 (<< 3.8.1p1-10),
libauthen-krb5-perl (<< 1.4-5), libapache-mod-auth-kerb (<= 4.996-5.0-rc6-2),
libapache2-mod-auth-kerb (<= 4.996-5.0-rc6-2)
Description: MIT Kerberos runtime libraries
Kerberos is a system for authenticating users and services on a network.
- Kerberos is a trusted third-party service. That means that there is a
- third party (the kerberos server) that is trusted by all the entities on
- the network (users and services, usually called "principals").
+ Kerberos is a trusted third-party service. That means that there is a
+ third party (the Kerberos server) that is trusted by all the entities on
+ the network (users and services, usually called 'principals').
.
This is the MIT reference implementation of Kerberos5.
.
@@ -47,9 +47,9 @@
Conflicts: heimdal-clients, kerberos4kth-user, suidmanager (<< 0.50),
kerberos4kth-services
Description: Basic programs to authenticate using MIT Kerberos
Kerberos is a system for authenticating users and services on a network.
- Kerberos is a trusted third-party service. That means that there is a
- third party (the kerberos server) that is trusted by all the entities on
- the network (users and services, usually called "principals").
+ Kerberos is a trusted third-party service. That means that there is a
+ third party (the Kerberos server) that is trusted by all the entities on
+ the network (users and services, usually called 'principals').
.
This is the MIT reference implementation of Kerberos5.
.
@@ -66,9 +66,9 @@
Provides: telnet-client
Description: Secure replacements for ftp, telnet and rsh using MIT Kerberos
Kerberos is a system for authenticating users and services on a network.
- Kerberos is a trusted third-party service. That means that there is a
- third party (the kerberos server) that is trusted by all the entities on
- the network (users and services, usually called "principals").
+ Kerberos is a trusted third-party service. That means that there is a
+ third party (the Kerberos server) that is trusted by all the entities on
+ the network (users and services, usually called 'principals').
.
This is the MIT reference implementation of Kerberos5.
.
@@ -82,9 +82,9 @@
Provides: rsh-server
Description: Secure replacements for rshd and rlogind using MIT Kerberos
Kerberos is a system for authenticating users and services on a network.
- Kerberos is a trusted third-party service. That means that there is a
- third party (the kerberos server) that is trusted by all the entities on
- the network (users and services, usually called "principals").
+ Kerberos is a trusted third-party service. That means that there is a
+ third party (the Kerberos server) that is trusted by all the entities on
+ the network (users and services, usually called 'principals').
.
This is the MIT reference implementation of Kerberos5.
.
@@ -99,8 +99,8 @@
Provides: ftp-server
Description: Secure FTP server supporting MIT Kerberos
Kerberos is a system for authenticating users and services on a network.
- Kerberos is a trusted third-party service. That means that there is a
- third party (the kerberos server) that is trusted by all the entities on
+ Kerberos is a trusted third-party service. That means that there is a
+ third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos5.
@@ -116,8 +116,8 @@
Priority: extra
Description: Secure telnet server supporting MIT Kerberos
Kerberos is a system for authenticating users and services on a network.
- Kerberos is a trusted third-party service. That means that there is a
- third party (the kerberos server) that is trusted by all the entities on
+ Kerberos is a trusted third-party service. That means that there is a
+ third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos5.
@@ -133,15 +133,15 @@
Conflicts: kerberos4kth-kdc
Description: MIT Kerberos key server (KDC)
Kerberos is a system for authenticating users and services on a network.
- Kerberos is a trusted third-party service. That means that there is a
- third party (the kerberos server) that is trusted by all the entities on
+ Kerberos is a trusted third-party service. That means that there is a
+ third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos5.
.
- This package contains the Kerberos key server (KDC). The KDC manages all
+ This package contains the Kerberos key server (KDC). The KDC manages all
authentication credentials for a Kerberos realm, holds the master keys
- for the realm, and responds to authentication requests. This package
+ for the realm, and responds to authentication requests. This package
should be installed on both master and slave KDCs.
Package: krb5-admin-server
@@ -150,17 +150,17 @@
Depends: ${shlibs:Depends}, ${misc:Depends}, libkrb53 (= ${Source-Version}),
krb5-kdc, lsb-base (>= 3.0-6)
Description: MIT Kerberos master server (kadmind)
Kerberos is a system for authenticating users and services on a network.
- Kerberos is a trusted third-party service. That means that there is a
- third party (the kerberos server) that is trusted by all the entities on
+ Kerberos is a trusted third-party service. That means that there is a
+ third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos5.
.
This package contains the Kerberos master server (kadmind), which handles
account creations and deletions, password changes, and other
- administrative commands via the Kerberos admin protocol. It also
+ administrative commands via the Kerberos admin protocol. It also
contains the command used by the master KDC to propagate its database to
- slave KDCs. This package is generally only used on the master KDC for a
+ slave KDCs. This package is generally only used on the master KDC for a
Kerberos realm.
Package: libkrb5-dev
@@ -172,8 +172,8 @@
Suggests: krb5-doc
Description: Headers and development libraries for MIT Kerberos
Kerberos is a system for authenticating users and services on a network.
- Kerberos is a trusted third-party service. That means that there is a
- third party (the kerberos server) that is trusted by all the entities on
+ Kerberos is a trusted third-party service. That means that there is a
+ third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos5.
@@ -188,14 +188,14 @@
Section: libdevel
Description: Debugging files for MIT Kerberos
Kerberos is a system for authenticating users and services on a network.
- Kerberos is a trusted third-party service. That means that there is a
- third party (the kerberos server) that is trusted by all the entities on
+ Kerberos is a trusted third-party service. That means that there is a
+ third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos5.
.
This package contains the debugging information for the MIT Kerberos
- libraries. Install this package if you need to trace problems inside the
+ libraries. Install this package if you need to trace problems inside the
MIT Kerberos libraries with a debugger.
Package: krb5-doc
@@ -206,8 +206,8 @@
Section: doc
Description: Documentation for MIT Kerberos
Kerberos is a system for authenticating users and services on a network.
- Kerberos is a trusted third-party service. That means that there is a
- third party (the kerberos server) that is trusted by all the entities on
+ Kerberos is a trusted third-party service. That means that there is a
+ third party (the Kerberos server) that is trusted by all the entities on
the network (users and services, usually called "principals").
.
This is the MIT reference implementation of Kerberos5.
