document some more
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8779 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
@@ -1,8 +1,3 @@
|
|||||||
.\" Things to fix:
|
|
||||||
.\" * correct section, and operating system
|
|
||||||
.\" * remove Op from mandatory flags
|
|
||||||
.\" * use better macros for arguments (like .Pa for files)
|
|
||||||
.\"
|
|
||||||
.Dd June 7, 2000
|
.Dd June 7, 2000
|
||||||
.Dt KADMIND 8
|
.Dt KADMIND 8
|
||||||
.Os HEIMDAL
|
.Os HEIMDAL
|
||||||
@@ -24,26 +19,31 @@ server for administrative access to kerberos database
|
|||||||
.Xc
|
.Xc
|
||||||
.Op Fl d | Fl -debug
|
.Op Fl d | Fl -debug
|
||||||
.Oo Fl p Ar port \*(Ba Xo
|
.Oo Fl p Ar port \*(Ba Xo
|
||||||
.Fl -debug-port= Ns Ar port Oc
|
.Fl -ports= Ns Ar port Oc
|
||||||
.Xc
|
.Xc
|
||||||
.Sh DESCRIPTION
|
.Sh DESCRIPTION
|
||||||
.Nm
|
.Nm
|
||||||
listens for requests for changes to the Kerberos database and performs
|
listens for requests for changes to the Kerberos database and performs
|
||||||
these, subject to permissions. By default, it assumes it has been
|
these, subject to permissions. When starting, if stdin is a socket it assumes that it has been started by
|
||||||
started by
|
.Xr inetd 8 ,
|
||||||
.Nm inetd ,
|
otherwise it behaves as a daemon, forking processes for each new
|
||||||
except when started with
|
connection. The
|
||||||
.Fl -debug .
|
.Fl -debug
|
||||||
If built with krb4 support, it implements both the heimdal v5
|
option causes
|
||||||
administrative protocol and the v4 protocol. Password changes via the
|
.Nm
|
||||||
v4 protocol are also performed by the
|
to accept exactly one connection, which is useful for debugging.
|
||||||
.Nm ,
|
|
||||||
but the changes performed with v5
|
If built with krb4 support, it implements both the Heimdal Kerberos 5
|
||||||
.Nm kpasswd
|
administrative protocol and the Kerberos 4 protocol. Password changes
|
||||||
requests are processed by
|
via the Kerberos 4 protocol are also performed by
|
||||||
.Nm kpasswdd .
|
.Nm kadmind ,
|
||||||
|
but the
|
||||||
|
.Xr kpasswdd 8
|
||||||
|
daemon is responsible for the Kerberos 5 password changing protocol
|
||||||
|
(used by
|
||||||
|
.Xr kpasswd 1 ).
|
||||||
.Pp
|
.Pp
|
||||||
This daemon should of course also be run on the master and not on any
|
This daemon should only be run on ther master server, and not on any
|
||||||
slaves.
|
slaves.
|
||||||
.Pp
|
.Pp
|
||||||
Principals are always allowed to change their own password and list
|
Principals are always allowed to change their own password and list
|
||||||
@@ -107,14 +107,24 @@ realm to use
|
|||||||
enable debugging
|
enable debugging
|
||||||
.It Xo
|
.It Xo
|
||||||
.Fl p Ar port Ns ,
|
.Fl p Ar port Ns ,
|
||||||
.Fl -debug-port= Ns Ar port
|
.Fl -ports= Ns Ar port
|
||||||
.Xc
|
.Xc
|
||||||
port to use with debug
|
ports to listen to. By default, if run as a daemon, it listen to ports
|
||||||
|
749, and 751 (if built with Kerberos 4 support), but you can add any
|
||||||
|
number of ports with this option. The port string is a whitespace
|
||||||
|
separated list of port specifications, with the special string
|
||||||
|
.Dq +
|
||||||
|
representing the default set of ports.
|
||||||
.El
|
.El
|
||||||
.\".Sh ENVIRONMENT
|
.\".Sh ENVIRONMENT
|
||||||
.Sh FILES
|
.Sh FILES
|
||||||
.Pa /var/heimdal/kadmind.acl
|
.Pa /var/heimdal/kadmind.acl
|
||||||
.\".Sh EXAMPLES
|
.Sh EXAMPLES
|
||||||
|
This will cause kadmind to listen to port 4711 in addition to any
|
||||||
|
compiled in defaults:
|
||||||
|
.Bd -literal -offset indent
|
||||||
|
# kadmind --ports="+ 4711" &
|
||||||
|
.Ed
|
||||||
.\".Sh DIAGNOSTICS
|
.\".Sh DIAGNOSTICS
|
||||||
.Sh SEE ALSO
|
.Sh SEE ALSO
|
||||||
.Xr kdc 8 ,
|
.Xr kdc 8 ,
|
||||||
|
|||||||
Reference in New Issue
Block a user