diff options
author | Will Fiveash <will.fiveash@oracle.com> | 2009-04-13 22:15:05 +0000 |
---|---|---|
committer | Will Fiveash <will.fiveash@oracle.com> | 2009-04-13 22:15:05 +0000 |
commit | 14773f87a3119ecf45d5d7945b21b50e0271ef62 (patch) | |
tree | f38eda45868a827dc8546f814cb9c209a66443be /src/kadmin | |
parent | e934ce4fddd394bf3207139688a8dc9b969df2e7 (diff) | |
download | krb5-14773f87a3119ecf45d5d7945b21b50e0271ef62.zip krb5-14773f87a3119ecf45d5d7945b21b50e0271ef62.tar.gz krb5-14773f87a3119ecf45d5d7945b21b50e0271ef62.tar.bz2 |
Update kdb5_util man page with missing purge_mkeys command
While previously updating the kdb5_util command man page to include
documentation on new subcommands added as a result of the Master Key
Migration project I missed the purge_mkeys command. I've added that
with this commit.
Ticket: 6459
Version_Reported: 1.7
Target_Version: 1.7
Tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22208 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kadmin')
-rw-r--r-- | src/kadmin/dbutil/kdb5_util.M | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/src/kadmin/dbutil/kdb5_util.M b/src/kadmin/dbutil/kdb5_util.M index 1883ce2..f566781 100644 --- a/src/kadmin/dbutil/kdb5_util.M +++ b/src/kadmin/dbutil/kdb5_util.M @@ -236,6 +236,18 @@ argument is that specified in the Time Formats section of the kadmin man page. \fBlist_mkeys\fP List all master keys from most recent to earliest in K/M principal. The output will show the KVNO, enctype and salt for each mkey similar to kadmin getprinc output. A * following an mkey denotes the currently active master key. .TP +\fBpurge_mkeys\fP [\fB-f\fP] [\fB-n\fP] [\fB-v\fP] +Delete master keys from the K/M principal that are not used to protect any principals. This command can be used to remove old master keys from a K/M principal once all principal keys are protected by a newer master key. +.TP +.B \-f +does not prompt user. +.TP +.B \-n +do a dry run, shows master keys that would be purged, does not actually purge any keys. +.TP +.B \-v +verbose output. +.TP \fBupdate_princ_encryption\fP [\fB\-f\fP] [\fB\-n\fP] [\fB\-v\fP] [\fBprinc\-pattern\fP] Update all principal records (or only those matching the .B princ\-pattern |