1.\" $Id: verify_krb5_conf.8,v 1.7 2002/08/20 17:07:28 joda Exp $ 2.\" 3.Dd August 30, 2001 4.Dt VERIFY_KRB5_CONF 8 5.Os HEIMDAL 6.Sh NAME 7.Nm verify_krb5_conf 8.Nd checks krb5.conf for obvious errors 9.Sh SYNOPSIS 10.Nm 11.Ar [config-file] 12.Sh DESCRIPTION 13.Nm 14reads the configuration file 15.Pa krb5.conf , 16or the file given on the command line, 17and parses it, thereby verifying that the syntax is not correctly wrong. 18.Pp 19If the file is syntactically correct, 20.Nm 21tries to verify that the contents of the file is of relevant nature. 22.Sh DIAGNOSTICS 23Possible output from 24.Nm 25include: 26.Bl -tag -width "<path>" 27.It "<path>: failed to parse <something> as size/time/number/boolean" 28Usually means that <something> is misspelled, or that it contains 29weird characters. The parsing done by 30.Nm 31is more strict than the one performed by libkrb5, and so strings that 32work in real life, might be reported as bad. 33.It "<path>: host not found (<hostname>)" 34Means that <path> is supposed to point to a host, but it can't be 35recognised as one. 36.It <path>: unknown or wrong type 37Means that <path> is either is a string when it should be a list, vice 38versa, or just that 39.Nm 40is confused. 41.It <path>: unknown entry 42Means that <string> is not known by 43.Nm "" . 44.El 45.Sh ENVIRONMENT 46.Ev KRB5_CONFIG 47points to the configuration file to read. 48.Sh FILES 49.Bl -tag -width /etc/krb5.conf -compact 50.It Pa /etc/krb5.conf 51Kerberos 5 configuration file 52.El 53.Sh SEE ALSO 54.Xr krb5.conf 5 55.Sh BUGS 56Since each application can put almost anything in the config file, 57it's hard to come up with a water tight verification process. Most of 58the default settings are sanity checked, but this does not mean that 59every problem is discovered, or that everything that is reported as a 60possible problem actually is one. This tool should thus be used with 61some care. 62.Pp 63It should warn about obsolete data, or bad practice, but currently 64doesn't. 65