remove Ns before comma (from Thomas Klausner)

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11175 ec53bebd-3082-4978-b11e-865c3cabbd6b

appl/ftp/ftpd/ftpd.8

@@ -139,7 +139,7 @@ revert to the old behavior.
 .It Fl v
 Verbose mode.
 .It Xo
-.Fl B Ns ,
+.Fl B ,
 .Fl -builtin-ls
 .Xc
 use built-in ls to list files

appl/kf/kfd.8

@@ -35,7 +35,7 @@ port to listen to
 .It Fl i , -inetd
 not started from inetd
 .It Xo
-.Fl R Ar regpag Ns ,
+.Fl R Ar regpag ,
 .Fl -regpag= Ns Ar regpag
 .Xc
 path to regpag binary

appl/popper/popper.8

@@ -22,7 +22,7 @@ POP3 server
 serves mail via the Post Office Protocol.  Supported options include:
 .Bl -tag -width Ds
 .It Xo
-.Fl a Ar none Ns \*(Ba Ns otp Ns ,
+.Fl a Ar none Ns \*(Ba Ns otp ,
 .Fl -auth-mode= Ns Ar none Ns \*(Ba Ns otp
 .Xc
 tells
@@ -36,37 +36,37 @@ Kerberos authentication.
 .Xc
 logs the addresses of all clients to the specified file
 .It Xo
-.Fl d Ns ,
+.Fl d ,
 .Fl -debug
 .Xc
 enables more verbose log messages
 .It Xo
-.Fl i Ns ,
+.Fl i ,
 .Fl -interactive
 .Xc
 when not started by inetd, this flag tells
 .Nm
 that it has to create a socket by itself
 .It Xo
-.Fl k Ns ,
+.Fl k ,
 .Fl -kerberos
 .Xc
 tells
 .Nm
 to use the Kerberos for authentication.
 .It Xo
-.Fl p Ar port Ns ,
+.Fl p Ar port ,
 .Fl -port= Ns Ar port
 .Xc
 port to listen to, in combination with
 .Fl i
 .It Xo
-.Fl t Ar file Ns ,
+.Fl t Ar file ,
 .Fl -trace-file= Ns Ar file
 .Xc
 trace all command to file
 .It Xo
-.Fl T Ar seconds Ns ,
+.Fl T Ar seconds ,
 .Fl -timeout= Ns Ar seconds
 .Xc
 set timeout to something other than the default of 120 seconds

appl/push/push.8

@@ -51,22 +51,22 @@ environment variable.
 Supported options:
 .Bl -tag -width Ds
 .It Xo
-.Fl 4 Ns ,
+.Fl 4 ,
 .Fl -krb4
 .Xc
 use Kerberos 4 (if compiled with support for Kerberos 4)
 .It Xo
-.Fl 5 Ns ,
+.Fl 5 ,
 .Fl -krb5
 .Xc
 use Kerberos 5 (if compiled with support for Kerberos 5)
 .It Xo
-.Fl f Ns ,
+.Fl f ,
 .Fl -fork
 .Xc
 fork before starting to delete messages
 .It Xo
-.Fl l Ns ,
+.Fl l ,
 .Fl -leave
 .Xc
 don't delete fetched mail
@@ -75,7 +75,7 @@ don't delete fetched mail
 .Xc
 behave like from.
 .It Xo
-.Fl c Ns ,
+.Fl c ,
 .Fl -count
 .Xc
 first print how many messages and bytes there are.
@@ -84,7 +84,7 @@ first print how many messages and bytes there are.
 .Xc
 a list of comma-separated headers that should get printed.
 .It Xo
-.Fl p Ar port-spec Ns ,
+.Fl p Ar port-spec ,
 .Fl -port Ns = Ns Ar port-spec
 .Xc
 use this port instead of the default

appl/rsh/rsh.1

@@ -30,7 +30,7 @@ output and error of the remote command to its own.
 Valid options are:
 .Bl -tag -width Ds
 .It Xo
-.Fl 4 Ns ,
+.Fl 4 ,
 .Fl -krb4
 .Xc
 The 
@@ -39,7 +39,7 @@ option requests Kerberos 4 authentication. Normally all supported
 authentication mechanisms will be tried, but in some cases more
 explicit control is desired.
 .It Xo
-.Fl 5 Ns ,
+.Fl 5 ,
 .Fl -krb5
 .Xc
 The 
@@ -48,7 +48,7 @@ option requests Kerberos 5 authentication. This is analogous to the
 .Fl 4
 option.
 .It Xo
-.Fl K Ns ,
+.Fl K ,
 .Fl -broken
 .Xc
 The 
@@ -57,7 +57,7 @@ option turns off all Kerberos authentication. The long name implies
 that this is more or less totally unsecure. The security in this mode
 relies on reserved ports, which is not very secure.
 .It Xo
-.Fl n Ns ,
+.Fl n ,
 .Fl -no-input
 .Xc
 The 
@@ -68,13 +68,13 @@ device (see the
 .Sx BUGS
 section of this manual page).
 .It Xo
-.Fl e Ns ,
+.Fl e ,
 .Fl -no-stderr
 .Xc
 Don't use a separate socket for the stderr stream. This can be
 necessary if rsh-ing through a NAT bridge.
 .It Xo
-.Fl x Ns ,
+.Fl x ,
 .Fl -encrypt
 .Xc
 The
@@ -94,7 +94,7 @@ Kerberos 5, by setting the
 option in
 .Xr krb5.conf 5 .
 .It Xo
-.Fl f Ns ,
+.Fl f ,
 .Fl -forward
 .Xc
 Forward Kerberos 5 credentials to the remote host. Also controlled by 
@@ -107,7 +107,7 @@ in
 The opposite of 
 .Fl f .
 .It Xo
-.Fl F Ns ,
+.Fl F ,
 .Fl -forwardable
 .Xc
 Make the forwarded credentials re-forwardable. Also controlled by 
@@ -115,20 +115,20 @@ Make the forwarded credentials re-forwardable. Also controlled by
 in 
 .Xr krb5.conf 5 .
 .It Xo
-.Fl u Ns ,
+.Fl u ,
 .Fl -unique
 .Xc
 Make sure the remote credentials cache is unique, that is, don't reuse
 any existing cache. Mutually exclusive to
 .Fl U .
 .It Xo
-.Fl U Pa string Ns ,
+.Fl U Pa string ,
 .Fl -tkfile= Ns Pa string
 .Xc
 Name of the remote credentials cache. Mutually exclusive to
 .Fl u .
 .It Xo
-.Fl p Ar number-or-service Ns ,
+.Fl p Ar number-or-service ,
 .Fl -port= Ns Ar number-or-service
 .Xc
 Connect to this port instead of the default (which is 514 when using
@@ -137,7 +137,7 @@ Kerberos 4, and 545 for encrytpted Kerberos 4; subject of course to
 the contents of
 .Pa /etc/services ) .
 .It Xo
-.Fl l Ar string Ns ,
+.Fl l Ar string ,
 .Fl -user= Ns Ar string
 .Xc
 By default the remote username is the same as the local. The

appl/rsh/rshd.8

@@ -22,14 +22,14 @@ program. It provides an authenticated remote command execution
 service.  Supported options are:
 .Bl -tag -width Ds
 .It Xo
-.Fl n Ns ,
+.Fl n ,
 .Fl -no-keepalive
 .Xc
 Disables keep-alive messages. Keep-alives are packets sent a certain
 interval to make sure that the client is still there, even when it
 doesn't send any data.
 .It Xo
-.Fl k Ns ,
+.Fl k ,
 .Fl -kerberos
 .Xc
 Assume that clients connecting to this server will use some form of
@@ -39,21 +39,21 @@ section for a sample
 .Xr inetd.conf 5 
 configuration.
 .It Xo
-.Fl x Ns ,
+.Fl x ,
 .Fl -encrypt
 .Xc
 For Kerberos 4 this means that the connections are encrypted. Kerberos
 5 will negotiate encryption inline. This option implies
 .Fl k .
 .\".It Xo
-.\".Fl l Ns ,
+.\".Fl l ,
 .\".Fl -no-rhosts
 .\".Xc
 .\"When using old port-based authentication, the user's
 .\".Pa .rhosts
 .\"files are normally checked. This options disables this.
 .It Xo
-.Fl v Ns ,
+.Fl v ,
 .Fl -vacuous
 .Xc
 If the connecting client does not use any Kerberised authentication,
@@ -71,7 +71,7 @@ call, so all tokens will be put in the default (uid-based) PAG, making
 it possible to share tokens between sessions. This is only useful in
 peculiar environments, such as some batch systems.
 .It Xo
-.Fl i Ns ,
+.Fl i ,
 .Fl -no-inetd
 .Xc
 The 
@@ -82,7 +82,7 @@ to create a socket, instead of assuming that its stdin came from
 .Xr inetd 8 .
 This is mostly useful for debugging.
 .It Xo
-.Fl p Ar port Ns ,
+.Fl p Ar port ,
 .Fl -port= Ns Ar port
 .Xc
 Port to use with 

kadmin/kadmin.8

@@ -52,42 +52,42 @@ option).
 Supported options:
 .Bl -tag -width Ds
 .It Xo
-.Fl p Ar string Ns ,
+.Fl p Ar string ,
 .Fl -principal= Ns Ar string
 .Xc
 principal to authenticate as
 .It Xo
-.Fl K Ar string Ns ,
+.Fl K Ar string ,
 .Fl -keytab= Ns Ar string
 .Xc
 keytab for authentication pricipal
 .It Xo
-.Fl c Ar file Ns ,
+.Fl c Ar file ,
 .Fl -config-file= Ns Ar file
 .Xc
 location of config file
 .It Xo
-.Fl k Ar file Ns ,
+.Fl k Ar file ,
 .Fl -key-file= Ns Ar file
 .Xc
 location of master key file
 .It Xo
-.Fl r Ar realm Ns ,
+.Fl r Ar realm ,
 .Fl -realm= Ns Ar realm
 .Xc
 realm to use
 .It Xo
-.Fl a Ar host Ns ,
+.Fl a Ar host ,
 .Fl -admin-server= Ns Ar host
 .Xc
 server to contact
 .It Xo
-.Fl s Ar port number Ns ,
+.Fl s Ar port number ,
 .Fl -server-port= Ns Ar port number
 .Xc
 port to use
 .It Xo
-.Fl l Ns ,
+.Fl l ,
 .Fl -local
 .Xc
 local admin mode

kadmin/kadmind.8

@@ -89,12 +89,12 @@ glob-style pattern.
 Supported options:
 .Bl -tag -width Ds
 .It Xo
-.Fl c Ar file Ns ,
+.Fl c Ar file ,
 .Fl -config-file= Ns Ar file
 .Xc
 location of config file
 .It Xo
-.Fl k Ar file Ns ,
+.Fl k Ar file ,
 .Fl -key-file= Ns Ar file
 .Xc
 location of master key file
@@ -103,17 +103,17 @@ location of master key file
 .Xc
 what keytab to use
 .It Xo
-.Fl r Ar realm Ns ,
+.Fl r Ar realm ,
 .Fl -realm= Ns Ar realm
 .Xc
 realm to use
 .It Xo
-.Fl d Ns ,
+.Fl d ,
 .Fl -debug
 .Xc
 enable debugging
 .It Xo
-.Fl p Ar port Ns ,
+.Fl p Ar port ,
 .Fl -ports= Ns Ar port
 .Xc
 ports to listen to. By default, if run as a daemon, it listen to ports

kdc/hprop.8

@@ -58,12 +58,12 @@ specified on the command by opening a TCP connection to port 754
 Supported options:
 .Bl -tag -width Ds
 .It Xo
-.Fl m Ar file Ns ,
+.Fl m Ar file ,
 .Fl -master-key= Ns Pa file
 .Xc
 Where to find the master key to encrypt or decrypt keys with.
 .It Xo
-.Fl d Ar file Ns ,
+.Fl d Ar file ,
 .Fl -database= Ns Pa file
 .Xc
 The database to be propagated.
@@ -85,7 +85,7 @@ a Kerberos 4 dump file
 an AFS kaserver database
 .El
 .It Xo
-.Fl k Ar keytab Ns ,
+.Fl k Ar keytab ,
 .Fl -keytab= Ns Ar keytab
 .Xc
 The keytab to use for fetching the key to be used for authenticating
@@ -94,24 +94,24 @@ to the propagation daemon(s). The key
 is used from this keytab.  The default is to fetch the key from the
 KDC database.
 .It Xo
-.Fl R Ar string Ns ,
+.Fl R Ar string ,
 .Fl -v5-realm= Ns Ar string
 .Xc
 Local realm override.
 .It Xo
-.Fl D Ns ,
+.Fl D ,
 .Fl -decrypt
 .Xc
 The encryption keys in the database can either be in clear, or
 encrypted with a master key. This option transmits the database with
 unencrypted keys.
 .It Xo
-.Fl E Ns ,
+.Fl E ,
 .Fl -encrypt
 .Xc
 This option transmits the database with encrypted keys.
 .It Xo
-.Fl n Ns ,
+.Fl n ,
 .Fl -stdout
 .Xc
 Dump the database on stdout, in a format that can be fed to hpropd.
@@ -122,28 +122,28 @@ The following options are only valid if
 is compiled with support for Kerberos 4 (kaserver).
 .Bl -tag -width Ds
 .It Xo
-.Fl r Ar string Ns ,
+.Fl r Ar string ,
 .Fl -v4-realm= Ns Ar string
 .Xc
 v4 realm to use
 .It Xo
-.Fl c Ar cell Ns ,
+.Fl c Ar cell ,
 .Fl -cell= Ns Ar cell
 .Xc
 The AFS cell name, used if reading a kaserver database.
 .It Xo
-.Fl S Ns ,
+.Fl S ,
 .Fl -kaspecials
 .Xc
 Also dump the principals marked as special in the kaserver database.
 .It Xo
-.Fl 4 Ns ,
+.Fl 4 ,
 .Fl -v4-db
 .Xc
 Deprecated, identical to 
 .Sq --source=krb4-db .
 .It Xo
-.Fl K Ns ,
+.Fl K ,
 .Fl -ka-db
 .Xc
 Deprecated, identical to 

kdc/hpropd.8

@@ -41,12 +41,12 @@ are accepted.
 Options supported:
 .Bl -tag -width Ds
 .It Xo
-.Fl d Ar file Ns ,
+.Fl d Ar file ,
 .Fl -database= Ns Ar file
 .Xc
 database
 .It Xo
-.Fl n Ns ,
+.Fl n ,
 .Fl -stdin
 .Xc
 read from stdin
@@ -55,17 +55,17 @@ read from stdin
 .Xc
 print dump to stdout
 .It Xo
-.Fl i Ns ,
+.Fl i ,
 .Fl -no-inetd
 .Xc
 Not started from inetd
 .It Xo
-.Fl k Ar keytab Ns ,
+.Fl k Ar keytab ,
 .Fl -keytab= Ns Ar keytab
 .Xc
 keytab to use for authentication
 .It Xo
-.Fl 4 Ns ,
+.Fl 4 ,
 .Fl -v4dump
 .Xc
 create v4 type DB

kdc/kdc.8

@@ -57,12 +57,12 @@ flexible way of handling this.
 Gives an upper limit on the size of the requests that the kdc is
 willing to handle.
 .It Xo
-.Fl H Ns ,
+.Fl H ,
 .Fl -enable-http
 .Xc
 Makes the kdc listen on port 80 and handle requests encapsulated in HTTP.
 .It Xo
-.Fl K Ns ,
+.Fl K ,
 .Fl -no-kaserver
 .Xc
 Disables kaserver emulation (in case it's compiled in).
@@ -76,7 +76,7 @@ explicitly specified. The default is whatever is returned by
 This option is only availabe if the KDC has been compiled with version
 4 support.
 .It Xo
-.Fl P Ar string Ns ,
+.Fl P Ar string ,
 .Fl -ports= Ns Ar string
 .Xc
 Specifies the set of ports the KDC should listen on.  It is given as a

kdc/kstash.8

@@ -28,12 +28,12 @@ used by the KDC.
 Supported options:
 .Bl -tag -width Ds
 .It Xo
-.Fl e Ar string Ns ,
+.Fl e Ar string ,
 .Fl -enctype= Ns Ar string
 .Xc
 the encryption type to use, defaults to DES3-CBC-SHA1
 .It Xo
-.Fl k Ar file Ns ,
+.Fl k Ar file ,
 .Fl -key-file= Ns Ar file
 .Xc
 the name of the master key file

kdc/string2key.8

@@ -35,37 +35,37 @@ This is useful when you want to handle the raw key instead of the password.
 Supported options:
 .Bl -tag -width Ds
 .It Xo
-.Fl 5 Ns ,
+.Fl 5 ,
 .Fl -version5
 .Xc
 Output Kerberos v5 string-to-key
 .It Xo
-.Fl 4 Ns ,
+.Fl 4 ,
 .Fl -version4
 .Xc
 Output Kerberos v4 string-to-key
 .It Xo
-.Fl a Ns ,
+.Fl a ,
 .Fl -afs
 .Xc
 Output AFS string-to-key
 .It Xo
-.Fl c Ar cell Ns ,
+.Fl c Ar cell ,
 .Fl -cell= Ns Ar cell
 .Xc
 AFS cell to use
 .It Xo
-.Fl w Ar password Ns ,
+.Fl w Ar password ,
 .Fl -password= Ns Ar password
 .Xc
 Password to use
 .It Xo
-.Fl p Ar principal Ns ,
+.Fl p Ar principal ,
 .Fl -principal= Ns Ar principal
 .Xc
 Kerberos v5 principal to use
 .It Xo
-.Fl k Ar string Ns ,
+.Fl k Ar string ,
 .Fl -keytype= Ns Ar string
 .Xc
 Keytype

kpasswd/kpasswdd.8

@@ -56,17 +56,17 @@ is the new password. Note that the password (in
 .Fa password->data )
 is not zero terminated.
 .It Xo
-.Fl k Ar kspec Ns ,
+.Fl k Ar kspec ,
 .Fl -keytab= Ns Ar kspec
 .Xc
 keytab to get authentication key from
 .It Xo
-.Fl r Ar realm Ns ,
+.Fl r Ar realm ,
 .Fl -realm= Ns Ar realm
 .Xc
 default realm
 .It Xo
-.Fl p Ar string Ns ,
+.Fl p Ar string ,
 .Fl -port= Ns Ar string
 .Xc
 port to listen on (default service kpasswd - 464).

kuser/kgetcred.1

@@ -25,7 +25,7 @@ ticket or of a special type.
 Supported options:
 .Bl -tag -width Ds
 .It Xo
-.Fl e Ar enctype Ns ,
+.Fl e Ar enctype ,
 .Fl -enctype= Ns Ar enctype
 .Xc
 encryption type to use

kuser/kinit.1

@@ -80,12 +80,12 @@ Supported options:
 The credentials cache to put the acquired ticket in, if other than
 default.
 .It Xo
-.Fl f Ns ,
+.Fl f ,
 .Fl -forwardable
 .Xc
 Get ticket that can be forwarded to another host.
 .It Xo
-.Fl t Ar keytabname Ns ,
+.Fl t Ar keytabname ,
 .Fl -keytab= Ns Ar keytabname
 .Xc
 Don't ask for a password, but instead get the key from the specified
@@ -98,12 +98,12 @@ Specifies the lifetime of the ticket. The argument can either be in
 seconds, or a more human readable string like
 .Sq 1h .
 .It Xo
-.Fl p Ns ,
+.Fl p ,
 .Fl -proxiable
 .Xc
 Request tickets with the proxiable flag set.
 .It Xo
-.Fl R Ns ,
+.Fl R ,
 .Fl -renew
 .Xc
 Try to renew ticket. The ticket must have the
@@ -114,17 +114,17 @@ The same as
 .Fl -renewable-life ,
 with an infinite time.
 .It Xo
-.Fl r Ar time Ns ,
+.Fl r Ar time ,
 .Fl -renewable-life= Ns Ar time
 .Xc
 The max renewable ticket life.
 .It Xo
-.Fl S Ar principal Ns ,
+.Fl S Ar principal ,
 .Fl -server= Ns Ar principal
 .Xc
 Get a ticket for a service other than krbtgt/LOCAL.REALM.
 .It Xo
-.Fl s Ar time Ns ,
+.Fl s Ar time ,
 .Fl -start-time= Ns Ar time
 .Xc
 Obtain a ticket that starts to be valid
@@ -133,7 +133,7 @@ Obtain a ticket that starts to be valid
 .Sq 1h )
 seconds into the future.
 .It Xo
-.Fl k Ns ,
+.Fl k ,
 .Fl -use-keytab
 .Xc
 The same as
@@ -141,7 +141,7 @@ The same as
 but with the default keytab name (normally
 .Ar FILE:/etc/krb5.keytab ) .
 .It Xo
-.Fl v Ns ,
+.Fl v ,
 .Fl -validate
 .Xc
 Try to validate an invalid ticket.
@@ -183,14 +183,14 @@ The following options are only available if
 has been compiled with support for Kerberos 4. 
 .Bl -tag -width Ds
 .It Xo
-.Fl 4 Ns ,
+.Fl 4 ,
 .Fl -524init
 .Xc
 Try to convert the obtained Kerberos 5 krbtgt to a version 4
 compatible ticket. It will store this ticket in the default Kerberos 4
 ticket file.
 .It Xo
-.Fl 9 Ns ,
+.Fl 9 ,
 .Fl -524convert
 .Xc
 only convert ticket to version 4

kuser/klist.1

@@ -28,29 +28,29 @@ known as the ticket file).
 Options supported:
 .Bl -tag -width Ds
 .It Xo
-.Fl c Ar cache Ns ,
+.Fl c Ar cache ,
 .Fl -cache= Ns Ar cache
 .Xc
 credentials cache to list
 .It Xo
-.Fl s Ns ,
+.Fl s ,
-.Fl t Ns ,
+.Fl t ,
 .Fl -test
 .Xc
 Test for there being an active and valid TGT for the local realm of
 the user in the credential cache.
 .It Xo
-.Fl 4 Ns ,
+.Fl 4 ,
 .Fl -v4
 .Xc
 display v4 tickets
 .It Xo
-.Fl T Ns ,
+.Fl T ,
 .Fl -tokens
 .Xc
 display AFS tokens
 .It Xo
-.Fl 5 Ns ,
+.Fl 5 ,
 .Fl -v5
 .Xc
 display v5 cred cache (this is the default)
@@ -86,7 +86,7 @@ This information is also output with the
 .Fl -verbose
 option, but in a more verbose way.
 .It Xo
-.Fl v Ns ,
+.Fl v ,
 .Fl -verbose
 .Xc
 Verbose output. Include all possible information: