* kdb5_util.M: added documentation for some options.

        * kvno.M: added documentation of the "-q" and "-h" options.
        * kadmin.M: corrected documenation of "-k/-t" options.
        Added documentation for some other options.  Updated the lists
        of aliases for commands, some command options, and some of
        the sample output.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14671 dc483132-0cff-0310-8789-dd5450dbe970

6 files changed, 81 insertions, 11 deletions

diff --git a/src/clients/kvno/ChangeLog b/src/clients/kvno/ChangeLog
index ab9081b..e87a80b 100644
--- a/src/clients/kvno/ChangeLog
+++ b/src/clients/kvno/ChangeLog
@@ -1,3 +1,7 @@
+2002-07-29  Jen Selby   <jenselby@mit.edu>
+
+	* kvno.M: added documentation of the "-q" and "-h" options.
+
 2002-07-27  Ken Raeburn  <raeburn@mit.edu>
 
 	* kvno.c: Include stdlib.h.
diff --git a/src/clients/kvno/kvno.M b/src/clients/kvno/kvno.M
index e9f7942..e7c99f7 100644
--- a/src/clients/kvno/kvno.M
+++ b/src/clients/kvno/kvno.M
@@ -28,7 +28,8 @@
 .SH NAME
 kvno \- print key version numbers of Kerberos principals
 .SH SYNOPSIS
-\fBklist\fP [\fB\-e etype\fP] \fBservice1\fP \fBservice2\fP \fB...\fP
+\fBkvno\fP [\fB\-q\fP] [\fB\-h\fP] [\fB\-4\fP] [\fB\-e etype\fP] 
+\fBservice1\fP \fBservice2\fP \fB...\fP
 .br
 .SH DESCRIPTION
 .I Kvno
@@ -41,6 +42,12 @@ specifies the enctype which will be requested for the session key of
 all the services named on the command line.  This is useful in certain
 backward compatibility situations.
 .TP
+.B \-q
+suppress printing
+.TP
+.B \-h
+prints a usage statement and exits
+.TP
 .B \-4
 specifies that Kerberos version 4 tickets should be acquired and
 described.  This option is only available if Kerberos 4 support was
diff --git a/src/kadmin/cli/ChangeLog b/src/kadmin/cli/ChangeLog
index c35bf26..9c1ae1d 100644
--- a/src/kadmin/cli/ChangeLog
+++ b/src/kadmin/cli/ChangeLog
@@ -1,3 +1,10 @@
+2002-07-29  Jen Selby <jenselby@mit.edu>
+
+	* kadmin.M: corrected documenation of "-k/-t" options.
+	Added documentation for some other options.  Updated the lists
+	of aliases for commands, some command options, and some of
+	the sample output.
+
 2002-06-06  Tom Yu  <tlyu@mit.edu>
 
 	* kadmin.M: Remove references to "rename_principal".
diff --git a/src/kadmin/cli/kadmin.M b/src/kadmin/cli/kadmin.M
index 08e02e5..1d5fb70 100644
--- a/src/kadmin/cli/kadmin.M
+++ b/src/kadmin/cli/kadmin.M
@@ -83,11 +83,19 @@ principal name of the default ccache, the value of the
 environment variable, or the username as obtained with getpwuid, in
 order of preference.
 .TP
-\fB\-k\fP \fIkeytab\fP
+\fB\-k\fP
+Use a keytab to decrypt the KDC response instead of prompting for a
+password on the TTY.  In this case, the default principal will be
+host/\fIhostname\fP.  If there is not a keytab specified with the
+.B\-t
+option, then the default keytab will be used.
+.TP
+\fB\-t\fP \fIkeytab\fP
 Use
 .I keytab
-to decrypt the KDC response instead of prompting for a password on the
-TTY.  In this case, the default principal will be host/\fIhostname\fP.
+to decrypt the KDC response.  This can only be used with the
+.B \-k
+option.
 .TP
 \fB\-c\fP \fIcredentials_cache\fP
 Use
@@ -118,6 +126,21 @@ directly to
 which will perform
 .I query
 and then exit.  This can be useful for writing scripts.
+.TP
+\fB\-d\fP \fIdbname\fP
+Specifies the name of the Kerberos database.
+.TP
+\fB\-s\fP \fIadmin_server[:port]\fP
+Specifies the admin server which kadmin should contact.
+.TP
+\fB\-m\fP
+Do not authenticate using a keytab.  This option will cause kadmin
+to prompt for the master database password.
+.TP
+\fB\-e\fP \fIenc:salt_list\fP
+Sets the list of encryption types and salt types to be used for any new
+keys created.
+
 .SH DATE FORMAT 
 Various commands in kadmin can take a variety of date formats,
 specifying durations or absolute times.  Examples of valid formats are:
@@ -458,7 +481,7 @@ privilege, or that the principal that is running the the program to be
 the same as the one being listed.  With the
 .B \-terse
 option, outputs fields as quoted tab-separated strings.  Alias
-.BR listprincs .
+.BR getprinc .
 .sp
 .nf
 .RS
@@ -503,7 +526,9 @@ an "@" character followed by the local realm is appended to the
 expression.  Requires the
 .I list
 priviledge.  Alias
-.BR listprincs .
+.BR listprincs ,
+.BR get_principals ,
+.BR get_princs .
 .nf
 .RS
 .TP
@@ -548,7 +573,7 @@ KADM5_DUP (policy already exists)
 .fi
 .RE
 .TP
-\fBdelete_policy\fP \fIpolicy\fB
+\fBdelete_policy [\-force]\fP \fIpolicy\fB
 deletes the named policy.  Prompts for confirmation before deletion.
 The command will fail if the policy is in use by any principals.
 Requires the
@@ -563,7 +588,6 @@ EXAMPLE:
 kadmin: del_policy guests
 Are you sure you want to delete the policy "guests"?
 (yes/no): yes
-Policy "guests" deleted.
 kadmin:
 .TP
 ERRORS:
@@ -628,7 +652,9 @@ are printed.  If no expression is provided, all existing policy names
 are printed.  Requires the
 .I list
 priviledge.  Alias
-.BR listpols .
+.BR listpols ,
+.BR get_policies ,
+.BR getpols .
 .sp
 .nf
 .RS
diff --git a/src/kadmin/dbutil/ChangeLog b/src/kadmin/dbutil/ChangeLog
index 550d91a..fc369c8 100644
--- a/src/kadmin/dbutil/ChangeLog
+++ b/src/kadmin/dbutil/ChangeLog
@@ -1,3 +1,7 @@
+2002-07-29  Jen Selby  <jenselby@mit.edu>
+
+	* kdb5_util.M: added documentation for some options.
+
 2002-07-15  Ezra Peisach  <epeisach@bu.edu>
 
 	* dump.c (dump_ov_princ): Remove variable set but unused.
diff --git a/src/kadmin/dbutil/kdb5_util.M b/src/kadmin/dbutil/kdb5_util.M
index c6f126b..8a6c00a 100644
--- a/src/kadmin/dbutil/kdb5_util.M
+++ b/src/kadmin/dbutil/kdb5_util.M
@@ -61,6 +61,12 @@ that given in
 .B \-m
 specifies that the master database password should be read from the TTY
 rather than fetched from a file on disk.
+.TP
+\fB\-sf\fP \fIstash_file\fP
+specifies the stash file of the master database password.
+.TP
+\fB\-P\fP \fIpassword\fP
+specifies the master database password.  This option is not recommended.
 .SH COMMANDS
 .TP
 \fBcreate\fP [\fB\-s\fP]
@@ -112,7 +118,7 @@ causes the name of each principal and policy to be printed as it is
 dumped.
 .RE
 .TP
-\fBload\fP [\fB\-old\fP] [\fB\-b6\fP] [\fB\-ov\fP]
+\fBload\fP [\fB\-old\fP] [\fB\-b6\fP] [\fB\-b7\fP] [\fB\-ov\fP] [\fB\-hash\fP]
 [\fB\-verbose\fP] [\fB\-update\fP] \fIfilename dbname\fP [\fIadmin_dbname\fP]
 .br
 Loads a database dump from the named file into the named database.
@@ -148,6 +154,12 @@ format.  Must be used with the
 .B \-update
 option.
 .TP
+.B \-hash
+requires the database to be stored as a hash.  If this option is not
+specified, the database will be stored as a binary tree.  This option
+is not recommended, as databases stored in hash format are known to
+corrupt data and lose principals.
+.TP
 .B \-verbose
 causes the name of each principal and policy to be printed as it is
 dumped.
@@ -171,7 +183,9 @@ if not specified.
 Dumps the current database into the Kerberos 4 database dump format.
 The \-S option specifies the short lifetime algorithm.
 .TP
-\fBload_v4\fP [\fB\-S\fP] [\fB\-t\fP] [\fB-n\fP] [\fB\-K\fP] [\fB\-s\ \fIstashfile\fP] \fIinputfile\fP
+\fBload_v4\fP [\fB\-T\fP] [\fB\-v\fP] [\fB\-h\fP] [\fB\-S\fP]
+[\fB\-t\fP] [\fB-n\fP] [\fB\-K\fP] [\fB\-s\ \fIstashfile\fP]
+\fIinputfile\fP
 Loads a Kerberos 4 database dump file.  Options:
 .RS
 .TP
@@ -198,6 +212,11 @@ the keys to the current database.
 .TP
 .B \-S
 Uses the short lifetime algorithm for conversion.
+.TP
+.B \-h
+Stores the database as a hash instead of a binary tree.  This option is
+not recommended, as databases stored in hash format are known to
+corrupt data and lose principals.
 .PP
 Note: if the Kerberos 4 database had a default expiration date of 12/31/1999
 or 12/31/2009 (the compiled in defaults for older or newer Kerberos
@@ -210,5 +229,8 @@ record; Version 5 stores a seperate modification time and last
 password change time.  In practice, Version 4 "modifications" were
 always password changes.  \fIload_v4\fP copies the value into both
 fields.
+.TP
+\fBark\fP
+Adds a random key.
 .SH SEE ALSO
 kadmin(8)