VERIFY_KRB5_CONF(8) UNIX System Manager's Manual VERIFY_KRB5_CONF(8) NNAAMMEE vveerriiffyy__kkrrbb55__ccoonnff - checks krb5.conf for obvious errors SSYYNNOOPPSSIISS vveerriiffyy__kkrrbb55__ccoonnff _[_c_o_n_f_i_g_-_f_i_l_e_] DDEESSCCRRIIPPTTIIOONN vveerriiffyy__kkrrbb55__ccoonnff reads the configuration file _k_r_b_5_._c_o_n_f, or the file giv- en on the command line, and parses it, thereby verifying that the syntax is not correctly wrong. If the file is syntactically correct, vveerriiffyy__kkrrbb55__ccoonnff tries to verify that the contents of the file is of relevant nature. DDIIAAGGNNOOSSTTIICCSS Possible output from vveerriiffyy__kkrrbb55__ccoonnff include: : failed to parse as size/time/number/boolean Usually means that is misspelled, or that it contains weird characters. The parsing done by vveerriiffyy__kkrrbb55__ccoonnff is more strict than the one performed by libkrb5, and so strings that work in real life, might be reported as bad. : host not found () Means that is supposed to point to a host, but it can't be recognised as one. : unknown or wrong type Means that is either is a string when it should be a list, vice versa, or just that vveerriiffyy__kkrrbb55__ccoonnff is confused. : unknown entry Means that is not known by . EENNVVIIRROONNMMEENNTT KRB5_CONFIG points to the configuration file to read. FFIILLEESS /etc/krb5.conf Kerberos 5 configuration file SSEEEE AALLSSOO krb5.conf(5) BBUUGGSS Since each application can put almost anything in the config file, it's hard to come up with a water tight verification process. Most of the de- fault settings are sanity checked, but this does not mean that every problem is discovered, or that everything that is reported as a possible problem actually is one. This tool should thus be used with some care. It should warn about obsolete data, or bad practice, but currently doesn't. HEIMDAL August 30, 2001 1