-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathsybil.toml
45 lines (41 loc) · 1.23 KB
/
sybil.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
########## Client configuration ##########
server_addrs = []
[policy]
# Force ticket delegation when not explicitly allowed by KDC policy
force_delegate = false
########## Server configuration ##########
[ticket]
# Specify the encryption type used when forging new tickets
cipher = "aes256-sha1"
# Specify the flags used when forging new tickets
flags = "FR"
# Specify the lifetime used when forging new tickets
lifetime = "10h"
# Specify the renewable lifetime used when forging new tickets
renewable_lifetime = "7d"
# Specify the minimum lifetime required when looking up tickets
minimum_lifetime = "5m"
# Use fully qualified usernames when forging tickets
fully_qualified_user = false
# Generate a cross-realm ticket instead of a regular one
cross_realm = false
[[acl]]
# Allow requests based on specific principal name regexp
principal = ""
# Allow requests based on specific user name regexp
user = ""
# Allow requests based on specific group membership regexp
group = ""
# Allow requests based on specific host network cidr
hosts = []
[acl.permissions]
# Permission to kinit
kinit = false
# Permission to list
list = false
# Permission to fetch
fetch = false
# Permission to store
store = false
# Permission to masquerade as any user
masquerade = false