1.\" Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan 2.\" (Royal Institute of Technology, Stockholm, Sweden). 3.\" All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 12.\" 2. Redistributions in binary form must reproduce the above copyright 13.\" notice, this list of conditions and the following disclaimer in the 14.\" documentation and/or other materials provided with the distribution. 15.\" 16.\" 3. Neither the name of the Institute nor the names of its contributors 17.\" may be used to endorse or promote products derived from this software 18.\" without specific prior written permission. 19.\" 20.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 21.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 24.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30.\" SUCH DAMAGE. 31.\" 32.\" $Id$ 33.\" 34.Dd December 8, 2004 35.Dt VERIFY_KRB5_CONF 8 36.Os HEIMDAL 37.Sh NAME 38.Nm verify_krb5_conf 39.Nd checks krb5.conf for obvious errors 40.Sh SYNOPSIS 41.Nm 42.Ar [config-file] 43.Sh DESCRIPTION 44.Nm 45reads the configuration file 46.Pa krb5.conf , 47or the file given on the command line, 48parses it, checking verifying that the syntax is not correctly wrong. 49.Pp 50If the file is syntactically correct, 51.Nm 52tries to verify that the contents of the file is of relevant nature. 53.Sh ENVIRONMENT 54.Ev KRB5_CONFIG 55points to the configuration file to read. 56.Sh FILES 57.Bl -tag -width /etc/krb5.conf -compact 58.It Pa /etc/krb5.conf 59Kerberos 5 configuration file 60.El 61.Sh DIAGNOSTICS 62Possible output from 63.Nm 64include: 65.Bl -tag -width "FpathF" 66.It "<path>: failed to parse <something> as size/time/number/boolean" 67Usually means that <something> is misspelled, or that it contains 68weird characters. The parsing done by 69.Nm 70is more strict than the one performed by libkrb5, so strings that 71work in real life might be reported as bad. 72.It "<path>: host not found (<hostname>)" 73Means that <path> is supposed to point to a host, but it can't be 74recognised as one. 75.It <path>: unknown or wrong type 76Means that <path> is either a string when it should be a list, vice 77versa, or just that 78.Nm 79is confused. 80.It <path>: unknown entry 81Means that <string> is not known by 82.Nm . 83.El 84.Sh SEE ALSO 85.Xr krb5.conf 5 86.Sh BUGS 87Since each application can put almost anything in the config file, 88it's hard to come up with a watertight verification process. Most of 89the default settings are sanity checked, but this does not mean that 90every problem is discovered, or that everything that is reported as a 91possible problem actually is one. This tool should thus be used with 92some care. 93.Pp 94It should warn about obsolete data, or bad practice, but currently 95doesn't. 96