aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--qemu-doc.texi6
1 files changed, 3 insertions, 3 deletions
diff --git a/qemu-doc.texi b/qemu-doc.texi
index 6201932590..8efc943b04 100644
--- a/qemu-doc.texi
+++ b/qemu-doc.texi
@@ -638,7 +638,7 @@ and SASL party. For x509 certs, the ACL check is made against the
certificate's distinguished name. This is something that looks like
@code{C=GB,O=ACME,L=Boston,CN=bob}. For SASL party, the ACL check is
made against the username, which depending on the SASL plugin, may
-include a realm component, eg @code{bob} or @code{bob\@EXAMPLE.COM}.
+include a realm component, eg @code{bob} or @code{bob@@EXAMPLE.COM}.
When the @option{acl} flag is set, the initial access list will be
empty, with a @code{deny} policy. Thus no one will be allowed to
use the VNC server until the ACLs have been loaded. This can be
@@ -1423,14 +1423,14 @@ always @code{deny}
@item acl allow <aclname> <match> [<index>]
add a match to the access control list, allowing access. The match will
normally be an exact username or x509 distinguished name, but can
-optionally include wildcard globs. eg @code{*\@EXAMPLE.COM} to allow
+optionally include wildcard globs. eg @code{*@@EXAMPLE.COM} to allow
all users in the @code{EXAMPLE.COM} kerberos realm. The match will
normally be appended to the end of the ACL, but can be inserted
earlier in the list if the optional @code{index} parameter is supplied.
@item acl deny <aclname> <match> [<index>]
add a match to the access control list, denying access. The match will
normally be an exact username or x509 distinguished name, but can
-optionally include wildcard globs. eg @code{*\@EXAMPLE.COM} to allow
+optionally include wildcard globs. eg @code{*@@EXAMPLE.COM} to allow
all users in the @code{EXAMPLE.COM} kerberos realm. The match will
normally be appended to the end of the ACL, but can be inserted
earlier in the list if the optional @code{index} parameter is supplied.