DEVEL15-rxkad-v5-dot-check-20080122

[openafs.git] / doc / man-pages / pod8 / volserver.pod

diff --git a/doc/man-pages/pod8/volserver.pod b/doc/man-pages/pod8/volserver.pod
index 559ad5b..0fe4885 100644 (file)
--- a/doc/man-pages/pod8/volserver.pod
+++ b/doc/man-pages/pod8/volserver.pod
@@ -9,7 +9,8 @@ volserver - Initializes the Volume Server component of the fs process
 
 B<volserver> [B<-log>] S<<< [B<-p> <I<number of processes>>] >>>
     S<<< [B<-udpsize> <I<size of socket buffer in bytes>>] >>>
-    [B<-enable_peer_stats>] [B<-enable_process_stats>] [B<-help>]
+    [B<-enable_peer_stats>] [B<-enable_process_stats>] 
+    [B<-allow-dotted-principal>] [B<-help>]
 
 =for html
 </div>
@@ -77,6 +78,15 @@ GetStatus, and so on) sent or received, aggregated over all connections to
 other machines. To display or otherwise access the records, use the Rx
 Monitoring API.
 
+=item B<-allow-dotted-principal>
+
+By default, the RXKAD security layer will disallow access by Kerberos
+principals with a dot in the first component of their name. This is to avoid
+the confusion where principals user/admin and user.admin are both mapped to the
+user.admin PTS entry. Sites whose Kerberos realms don't have these collisions 
+between principal names may disable this check by starting the server
+with this option.
+
 =item B<-help>
 
 Prints the online help for this command. All other valid options are