services.kerberos_server.settings.realms.<name>.acl.*.access
The changes the principal is allowed to make.
The "all" permission does not imply the "get-keys" permission. This is consistent with the behavior of both MIT Kerberos and Heimdal.
Value "all" is allowed as a list member only if it appears alone or accompanied by "get-keys". Any other combination involving "all" will raise an exception.
- Type
(list of (one of "all", "add", "cpw", "delete", "get-keys", "get", "list", "modify")) or string convertible to it- Default
"all"- Declared
- <nixpkgs/nixos/modules/services/system/kerberos/default.nix>