[sugj-tech:8111] [チェック依頼] pam_winbind.8 の訳

[User Ribbon]

4.12.0 で一部分が大幅に差し替えとなりました。
その部分なのですが、うまく訳せないところがあります。
最後の、 AS it is で始まる部分がうまく訳せません。

KEYRING には固有の制限がある。カーネルメモリはセキュアなので、
たとえば、資格情報のバルクストレージは不可能である。

だと違うような気がするのですが。

                <varlistentry>
                <term>krb5_ccache_type=[type]</term>
                <listitem><para>

                When pam_winbind is configured to try kerberos authentication
                by enabling the <parameter>krb5_auth</parameter> option, it can
                store the retrieved Ticket Granting Ticket (TGT) in a
                credential cache. The type of credential cache can be
                controlled with this option.  The supported values are:
                <parameter>KCM</parameter> or <parameter>KEYRING</parameter>
                (when supported by the system's Kerberos library and
                operating system),
                <parameter>FILE</parameter> and <parameter>DIR</parameter>
                (when the DIR type is supported by the system's Kerberos
                library). In case of FILE a credential cache in the form of
                /tmp/krb5cc_UID will be created -  in case of DIR you NEED
                to specify a directory. UID is replaced with the numeric
                user id. The UID directory is being created. The path up to
                the directory should already exist. Check the details of the
                Kerberos implmentation.</para>

                <para>When using the KEYRING type, the supported mechanism is
                <quote>KEYRING:persistent:UID</quote>, which uses the Linux
                kernel keyring to store credentials on a per-UID basis.
                The KEYRING has its limitations. As it is secure kernel memory,
                for example bulk sorage of credentils is for not possible.</para>
		
//ribon