1VERIFY_KRB5_CONF(8)       BSD System Manager's Manual      VERIFY_KRB5_CONF(8)
2

NAME

4     verify_krb5_conf — checks krb5.conf for obvious errors
5

SYNOPSIS

7     verify_krb5_conf [config-file]
8

DESCRIPTION

10     verify_krb5_conf reads the configuration file krb5.conf, or the file
11     given on the command line, parses it, checking verifying that the syntax
12     is not correctly wrong.
13
14     If the file is syntactically correct, verify_krb5_conf tries to verify
15     that the contents of the file is of relevant nature.
16

ENVIRONMENT

18     KRB5_CONFIG points to the configuration file to read.
19

FILES

21     /etc/krb5.conf  Kerberos 5 configuration file
22

DIAGNOSTICS

24     Possible output from verify_krb5_conf include:
25
26     <path>: failed to parse <something> as size/time/number/boolean
27             Usually means that <something> is misspelled, or that it contains
28             weird characters. The parsing done by verify_krb5_conf is more
29             strict than the one performed by libkrb5, so strings that work in
30             real life might be reported as bad.
31
32     <path>: host not found (<hostname>)
33             Means that <path> is supposed to point to a host, but it can't be
34             recognised as one.
35
36     <path>: unknown or wrong type
37             Means that <path> is either a string when it should be a list,
38             vice versa, or just that verify_krb5_conf is confused.
39
40     <path>: unknown entry
41             Means that <string> is not known by verify_krb5_conf.
42

SEE ALSO

44     krb5.conf(5)
45

BUGS

47     Since each application can put almost anything in the config file, it's
48     hard to come up with a watertight verification process. Most of the
49     default settings are sanity checked, but this does not mean that every
50     problem is discovered, or that everything that is reported as a possible
51     problem actually is one. This tool should thus be used with some care.
52
53     It should warn about obsolete data, or bad practice, but currently
54     doesn't.
55
56HEIMDAL                        December 8, 2004                        HEIMDAL
Impressum