VERI verify_krb5_conf - checks krb5.conf for obvious errors
verify_krb5_conf [config-file]
verify_krb5_conf reads the configuration file krb5.conf, or
the file given
on the command line, and parses it, thereby verifying
that the syntax
is correct.
If the file is syntactically correct, verify_krb5_conf tries
to verify
that the contents of the file is of relevant nature.
Possible output from verify_krb5_conf include:
<path>: failed to parse <something> as size/time/number/boolean
Usually means that <something> is misspelled, or
that it contains
weird characters. The parsing done by
verify_krb5_conf is more
strict than the one performed by libkrb5, so strings
that work in
real life might be reported as bad.
<path>: host not found (<hostname>)
Means that <path> is supposed to point to a host,
but it can't be
recognised as one.
<path>: unknown or wrong type
Means that <path> is either a string when it should
be a list,
vice versa, or just that verify_krb5_conf is confused.
<path>: unknown entry
Means that <string> is unknown to verify_krb5_conf.
KRB5_CONFIG points to the configuration file to read.
/etc/krb5.conf Kerberos 5 configuration file
krb5.conf(5)
Since each application can put almost anything in the config
file, it's
hard to come up with a watertight verification process. Most
of the default
settings are sanity checked, but this does not mean
that every
problem is discovered, or that everything that is reported
as a possible
problem actually is one. This tool should thus be used with
some care.
It should warn about obsolete data, or bad practice, but
currently
doesn't.
HEIMDAL August 30, 2001
[ Back ] | 