oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

update manpage

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13633 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
2004-03-24 13:33:36 +00:00
parent 9f29a211ec
commit 2d503ef2c4
1 changed files with 100 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

175
kadmin/kadmin.8
View File

@@ -1,4 +1,4 @@
.\" Copyright (c) 2000 - 2003 Kungliga Tekniska H<>gskolan .\" Copyright (c) 2000 - 2004 Kungliga Tekniska H<>gskolan
.\" (Royal Institute of Technology, Stockholm, Sweden). .\" (Royal Institute of Technology, Stockholm, Sweden).
.\" All rights reserved. .\" All rights reserved.
.\" .\"
@@ -31,7 +31,7 @@
.\" .\"
.\" $Id$ .\" $Id$
.\" .\"
.Dd September 10, 2000 .Dd March 24, 2004
.Dt KADMIN 8 .Dt KADMIN 8
.Os HEIMDAL .Os HEIMDAL
.Sh NAME .Sh NAME
@@ -128,7 +128,16 @@ If no
.Ar command .Ar command
is given on the command line, is given on the command line,
.Nm .Nm
will prompt for commands to process. Commands include: will prompt for commands to process. Some of the commands which take a
principal as argument
.Ns ( Nm delete ,
.Nm ext_keytab ,
.Nm get ,
.Nm modify ,
and
.Nm passwd )
will accept a glob style wildcard, and perform the operation on all
matching principals. Commands include:
.\" not using a list here, since groff apparently gets confused .\" not using a list here, since groff apparently gets confused
.\" with nested Xo/Xc .\" with nested Xo/Xc
.Bd -ragged -offset indent .Bd -ragged -offset indent
@@ -148,7 +157,63 @@ will prompt for commands to process. Commands include:
.Ar principal... .Ar principal...
.Pp .Pp
.Bd -ragged -offset indent .Bd -ragged -offset indent
creates a new principal Adds a new principal to the database. The options not passed on the
command line will be promped for.
.Ed
.Pp
.Nm delete
.Ar principal...
.Pp
.Bd -ragged -offset indent
Removes a principal.
.Ed
.Pp
.Nm del_enctype
.Ar principal enctypes...
.Pp
.Bd -ragged -offset indent
Removes some enctypes from a principal. This can be useful the service
belonging to the principal is known to not handle certain enctypes.
.Ed
.Pp
.Nm ext_keytab
.Oo Fl k Ar string \*(Ba Xo
.Fl -keytab= Ns Ar string
.Xc
.Oc
.Ar principal...
.Pp
.Bd -ragged -offset indent
Creates a keytab with the keys of the specified principals.
.Ed
.Pp
.Nm get
.Op Fl l | Fl -long
.Op Fl s | Fl -short
.Op Fl t | Fl -terse
.Ar principal...
.Pp
.Bd -ragged -offset indent
Lists the matching principals, long format gives more information, and
terse just prints the names.
.Ed
.Pp
.Nm modify
.Oo Fl a Ar attributes \*(Ba Xo
.Fl -attributes= Ns Ar attributes
.Xc
.Oc
.Op Fl -max-ticket-life= Ns Ar lifetime
.Op Fl -max-renewable-life= Ns Ar lifetime
.Op Fl -expiration-time= Ns Ar time
.Op Fl -pw-expiration-time= Ns Ar time
.Op Fl -kvno= Ns Ar number
.Ar principal...
.Pp
.Bd -ragged -offset indent
Modifies certain attributes of a principal. If run without command
line options, you will be prompted. With command line options, it will
only change the ones specified.
.Ed .Ed
.Pp .Pp
.Nm passwd .Nm passwd
@@ -162,68 +227,7 @@ creates a new principal
.Ar principal... .Ar principal...
.Pp .Pp
.Bd -ragged -offset indent .Bd -ragged -offset indent
changes the password of an existing principal Changes the password of an existing principal.
.Ed
.Pp
.Nm delete
.Ar principal...
.Pp
.Bd -ragged -offset indent
removes a principal
.Ed
.Pp
.Nm del_enctype
.Ar principal enctypes...
.Pp
.Bd -ragged -offset indent
removes some enctypes from a principal. This can be useful the service
belonging to the principal is known to not handle certain enctypes
.Ed
.Pp
.Nm ext_keytab
.Oo Fl k Ar string \*(Ba Xo
.Fl -keytab= Ns Ar string
.Xc
.Oc
.Ar principal...
.Pp
.Bd -ragged -offset indent
creates a keytab with the keys of the specified principals
.Ed
.Pp
.Nm get
.Op Fl l | Fl -long
.Op Fl s | Fl -short
.Op Fl t | Fl -terse
.Ar expression...
.Pp
.Bd -ragged -offset indent
lists the principals that match the expressions (which are shell glob
like), long format gives more information, and terse just prints the
names
.Ed
.Pp
.Nm rename
.Ar from to
.Pp
.Bd -ragged -offset indent
renames a principal
.Ed
.Pp
.Nm modify
.Oo Fl a Ar attributes \*(Ba Xo
.Fl -attributes= Ns Ar attributes
.Xc
.Oc
.Op Fl -max-ticket-life= Ns Ar lifetime
.Op Fl -max-renewable-life= Ns Ar lifetime
.Op Fl -expiration-time= Ns Ar time
.Op Fl -pw-expiration-time= Ns Ar time
.Op Fl -kvno= Ns Ar number
.Ar principal
.Pp
.Bd -ragged -offset indent
modifies certain attributes of a principal
.Ed .Ed
.Pp .Pp
.Nm password-quality .Nm password-quality
@@ -232,7 +236,7 @@ modifies certain attributes of a principal
.Pp .Pp
.Bd -ragged -offset indent .Bd -ragged -offset indent
Run the password quality check function locally. Run the password quality check function locally.
You can run this on the host the is configured to run the kadmind You can run this on the host that is configured to run the kadmind
process to verify that your configuration file is correct. process to verify that your configuration file is correct.
The verification is done locally, if kadmin is is run in remote mode, The verification is done locally, if kadmin is is run in remote mode,
no rpc call is done to the server. no rpc call is done to the server.
@@ -241,7 +245,24 @@ no rpc call is done to the server.
.Nm privileges .Nm privileges
.Pp .Pp
.Bd -ragged -offset indent .Bd -ragged -offset indent
lists the operations you are allowed to perform Lists the operations you are allowed to perform. These include
.Li add ,
.Li change-password ,
.Li delete ,
.Li get ,
.Li list ,
and
.Li modify .
.Ed
.Pp
.Nm rename
.Ar from to
.Pp
.Bd -ragged -offset indent
Renames a principal. This is normally transparent, but since keys are
salted with the principal name, they will have a non-standard salt,
and clients which are unable to cope with this will fail. Kerberos 4
suffers from this.
.Ed .Ed
.Pp .Pp
.Ed .Ed
@@ -253,9 +274,12 @@ When running in local mode, the following commands can also be used:
.Op Ar dump-file .Op Ar dump-file
.Pp .Pp
.Bd -ragged -offset indent .Bd -ragged -offset indent
writes the database in Writes the database in
.Dq human readable .Dq human readable
form to the specified file, or standard out form to the specified file, or standard out. If the database is
encrypted, the dump will also have encrypted keys, unless
.Fl -decrypt
is used.
.Ed .Ed
.Pp .Pp
.Nm init .Nm init
@@ -264,24 +288,25 @@ form to the specified file, or standard out
.Ar realm .Ar realm
.Pp .Pp
.Bd -ragged -offset indent .Bd -ragged -offset indent
initializes the Kerberos database with entries for a new realm. It's Initializes the Kerberos database with entries for a new realm. It's
possible to have more than one realm served by one server possible to have more than one realm served by one server.
.Ed .Ed
.Pp .Pp
.Nm load .Nm load
.Ar file .Ar file
.Pp .Pp
.Bd -ragged -offset indent .Bd -ragged -offset indent
reads a previously dumped database, and re-creates that database from scratch Reads a previously dumped database, and re-creates that database from
scratch.
.Ed .Ed
.Pp .Pp
.Nm merge .Nm merge
.Ar file .Ar file
.Pp .Pp
.Bd -ragged -offset indent .Bd -ragged -offset indent
similar to Similar to
.Nm load .Nm load
but just modifies the database with the entries in the dump file but just modifies the database with the entries in the dump file.
.Ed .Ed
.Pp .Pp
.Ed .Ed