1*ae771770SStanislav Sedov.\" Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan 2c19800e8SDoug Rabson.\" (Royal Institute of Technology, Stockholm, Sweden). 3c19800e8SDoug Rabson.\" All rights reserved. 45e9cd1aeSAssar Westerlund.\" 5c19800e8SDoug Rabson.\" Redistribution and use in source and binary forms, with or without 6c19800e8SDoug Rabson.\" modification, are permitted provided that the following conditions 7c19800e8SDoug Rabson.\" are met: 8c19800e8SDoug Rabson.\" 9c19800e8SDoug Rabson.\" 1. Redistributions of source code must retain the above copyright 10c19800e8SDoug Rabson.\" notice, this list of conditions and the following disclaimer. 11c19800e8SDoug Rabson.\" 12c19800e8SDoug Rabson.\" 2. Redistributions in binary form must reproduce the above copyright 13c19800e8SDoug Rabson.\" notice, this list of conditions and the following disclaimer in the 14c19800e8SDoug Rabson.\" documentation and/or other materials provided with the distribution. 15c19800e8SDoug Rabson.\" 16c19800e8SDoug Rabson.\" 3. Neither the name of the Institute nor the names of its contributors 17c19800e8SDoug Rabson.\" may be used to endorse or promote products derived from this software 18c19800e8SDoug Rabson.\" without specific prior written permission. 19c19800e8SDoug Rabson.\" 20c19800e8SDoug Rabson.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 21c19800e8SDoug Rabson.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22c19800e8SDoug Rabson.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23c19800e8SDoug Rabson.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 24c19800e8SDoug Rabson.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25c19800e8SDoug Rabson.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26c19800e8SDoug Rabson.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27c19800e8SDoug Rabson.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28c19800e8SDoug Rabson.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29c19800e8SDoug Rabson.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30c19800e8SDoug Rabson.\" SUCH DAMAGE. 31c19800e8SDoug Rabson.\" 32*ae771770SStanislav Sedov.\" $Id$ 33c19800e8SDoug Rabson.\" 34c19800e8SDoug Rabson.Dd December 8, 2004 355e9cd1aeSAssar Westerlund.Dt VERIFY_KRB5_CONF 8 365e9cd1aeSAssar Westerlund.Os HEIMDAL 375e9cd1aeSAssar Westerlund.Sh NAME 385e9cd1aeSAssar Westerlund.Nm verify_krb5_conf 394137ff4cSJacques Vidrine.Nd checks krb5.conf for obvious errors 405e9cd1aeSAssar Westerlund.Sh SYNOPSIS 415e9cd1aeSAssar Westerlund.Nm 425e9cd1aeSAssar Westerlund.Ar [config-file] 435e9cd1aeSAssar Westerlund.Sh DESCRIPTION 445e9cd1aeSAssar Westerlund.Nm 455e9cd1aeSAssar Westerlundreads the configuration file 465e9cd1aeSAssar Westerlund.Pa krb5.conf , 475e9cd1aeSAssar Westerlundor the file given on the command line, 48*ae771770SStanislav Sedovparses it, checking verifying that the syntax is not correctly wrong. 494137ff4cSJacques Vidrine.Pp 504137ff4cSJacques VidrineIf the file is syntactically correct, 514137ff4cSJacques Vidrine.Nm 524137ff4cSJacques Vidrinetries to verify that the contents of the file is of relevant nature. 535e9cd1aeSAssar Westerlund.Sh ENVIRONMENT 545e9cd1aeSAssar Westerlund.Ev KRB5_CONFIG 555e9cd1aeSAssar Westerlundpoints to the configuration file to read. 565e9cd1aeSAssar Westerlund.Sh FILES 574137ff4cSJacques Vidrine.Bl -tag -width /etc/krb5.conf -compact 584137ff4cSJacques Vidrine.It Pa /etc/krb5.conf 594137ff4cSJacques VidrineKerberos 5 configuration file 604137ff4cSJacques Vidrine.El 61c19800e8SDoug Rabson.Sh DIAGNOSTICS 62c19800e8SDoug RabsonPossible output from 63c19800e8SDoug Rabson.Nm 64c19800e8SDoug Rabsoninclude: 65c19800e8SDoug Rabson.Bl -tag -width "FpathF" 66c19800e8SDoug Rabson.It "<path>: failed to parse <something> as size/time/number/boolean" 67c19800e8SDoug RabsonUsually means that <something> is misspelled, or that it contains 68c19800e8SDoug Rabsonweird characters. The parsing done by 69c19800e8SDoug Rabson.Nm 70c19800e8SDoug Rabsonis more strict than the one performed by libkrb5, so strings that 71c19800e8SDoug Rabsonwork in real life might be reported as bad. 72c19800e8SDoug Rabson.It "<path>: host not found (<hostname>)" 73c19800e8SDoug RabsonMeans that <path> is supposed to point to a host, but it can't be 74c19800e8SDoug Rabsonrecognised as one. 75c19800e8SDoug Rabson.It <path>: unknown or wrong type 76c19800e8SDoug RabsonMeans that <path> is either a string when it should be a list, vice 77c19800e8SDoug Rabsonversa, or just that 78c19800e8SDoug Rabson.Nm 79c19800e8SDoug Rabsonis confused. 80c19800e8SDoug Rabson.It <path>: unknown entry 81c19800e8SDoug RabsonMeans that <string> is not known by 82*ae771770SStanislav Sedov.Nm . 83c19800e8SDoug Rabson.El 845e9cd1aeSAssar Westerlund.Sh SEE ALSO 855e9cd1aeSAssar Westerlund.Xr krb5.conf 5 865e9cd1aeSAssar Westerlund.Sh BUGS 874137ff4cSJacques VidrineSince each application can put almost anything in the config file, 884137ff4cSJacques Vidrineit's hard to come up with a watertight verification process. Most of 894137ff4cSJacques Vidrinethe default settings are sanity checked, but this does not mean that 904137ff4cSJacques Vidrineevery problem is discovered, or that everything that is reported as a 914137ff4cSJacques Vidrinepossible problem actually is one. This tool should thus be used with 924137ff4cSJacques Vidrinesome care. 934137ff4cSJacques Vidrine.Pp 944137ff4cSJacques VidrineIt should warn about obsolete data, or bad practice, but currently 954137ff4cSJacques Vidrinedoesn't. 96