diff options
author | Ben Kaduk <kaduk@mit.edu> | 2012-10-16 16:03:10 -0400 |
---|---|---|
committer | Ben Kaduk <kaduk@mit.edu> | 2012-10-16 17:08:08 -0400 |
commit | 0bb69fbcc306a3bf28370ac57d7e79120ccc7ce1 (patch) | |
tree | b726fc059a2775fb966667d17ee3e04c412da712 /src/slave | |
parent | 0f81e372a2830c9170f6e08dfa956841d0ebdfb1 (diff) | |
download | krb5-0bb69fbcc306a3bf28370ac57d7e79120ccc7ce1.zip krb5-0bb69fbcc306a3bf28370ac57d7e79120ccc7ce1.tar.gz krb5-0bb69fbcc306a3bf28370ac57d7e79120ccc7ce1.tar.bz2 |
Remove nroff man pages
We generate man pages from RST sources now; they are checked into
the tree in src/man/.
The gen-manpages directory is no longer needed.
Diffstat (limited to 'src/slave')
-rw-r--r-- | src/slave/kprop.M | 67 | ||||
-rw-r--r-- | src/slave/kpropd.M | 162 | ||||
-rw-r--r-- | src/slave/kproplog.M | 96 |
3 files changed, 0 insertions, 325 deletions
diff --git a/src/slave/kprop.M b/src/slave/kprop.M deleted file mode 100644 index cb4ae56..0000000 --- a/src/slave/kprop.M +++ /dev/null @@ -1,67 +0,0 @@ -.\" slave/kprop.M -.\" -.\" Copyright 1992 by the Massachusetts Institute of Technology. -.\" -.\" Export of this software from the United States of America may -.\" require a specific license from the United States Government. -.\" It is the responsibility of any person or organization contemplating -.\" export to obtain such a license before exporting. -.\" -.\" WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -.\" distribute this software and its documentation for any purpose and -.\" without fee is hereby granted, provided that the above copyright -.\" notice appear in all copies and that both that copyright notice and -.\" this permission notice appear in supporting documentation, and that -.\" the name of M.I.T. not be used in advertising or publicity pertaining -.\" to distribution of the software without specific, written prior -.\" permission. Furthermore if you modify this software you must label -.\" your software as modified software and not distribute it in such a -.\" fashion that it might be confused with the original M.I.T. software. -.\" M.I.T. makes no representations about the suitability of -.\" this software for any purpose. It is provided "as is" without express -.\" or implied warranty. -.\" -.\" -.TH KPROP 8 -.SH NAME -kprop \- propagate a Kerberos V5 principal database to a slave server -.SH SYNOPSIS -.B kprop -[\fB\-r\fP \fIrealm\fP] [\fB\-f\fP \fIfile\fP] [\fB\-d\fP] [\fB\-P\fP -\fIport\fP] [\fB\-s\fP \fIkeytab\fP] -.I slave_host -.br -.SH DESCRIPTION -.I kprop -is used to propagate a Kerberos V5 database dump file from the master -Kerberos server to a slave Kerberos server, which is specified by -.IR slave_host . -This is done by transmitting the dumped database file to the slave -server over an encrypted, secure channel. The dump file must be created -by kdb5_util, and is normally KPROP_DEFAULT_FILE -(/usr/local/var/krb5kdc/slave_datatrans). -.SH OPTIONS -.TP -\fB\-r\fP \fIrealm\fP -specifies the realm of the master server; by default the realm returned -by -.IR krb5_default_local_realm (3) -is used. -.TP -\fB\-f\fP \fIfile\fP -specifies the filename where the dumped principal database file is to be -found; by default the dumped database file is KPROP_DEFAULT_FILE -(normally /usr/local/var/krb5kdc/slave_datatrans). -.TP -\fB\-P\fP \fIport\fP -specifies the port to use to contact the -.I kpropd -server on the remote host. -.TP -.B \-d -prints debugging information. -.TP -\fB\-s\fP \fIkeytab\fP -specifies the location of the keytab file. -.SH SEE ALSO -kpropd(8), kdb5_util(8), krb5kdc(8) diff --git a/src/slave/kpropd.M b/src/slave/kpropd.M deleted file mode 100644 index f3283c4..0000000 --- a/src/slave/kpropd.M +++ /dev/null @@ -1,162 +0,0 @@ -.\" slave/kpropd.M -.\" -.\" Copyright 1992, 2008 by the Massachusetts Institute of Technology. -.\" -.\" Export of this software from the United States of America may -.\" require a specific license from the United States Government. -.\" It is the responsibility of any person or organization contemplating -.\" export to obtain such a license before exporting. -.\" -.\" WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -.\" distribute this software and its documentation for any purpose and -.\" without fee is hereby granted, provided that the above copyright -.\" notice appear in all copies and that both that copyright notice and -.\" this permission notice appear in supporting documentation, and that -.\" the name of M.I.T. not be used in advertising or publicity pertaining -.\" to distribution of the software without specific, written prior -.\" permission. Furthermore if you modify this software you must label -.\" your software as modified software and not distribute it in such a -.\" fashion that it might be confused with the original M.I.T. software. -.\" M.I.T. makes no representations about the suitability of -.\" this software for any purpose. It is provided "as is" without express -.\" or implied warranty. -.\" -.\" -.TH KPROPD 8 -.SH NAME -kpropd \- Kerberos V5 slave KDC update server -.SH SYNOPSIS -.B kpropd -[ -.B \-r -.I realm -] [ -.B \-f -.I slave_dumpfile -] [ -.B \-F -.I principal_database -] [ -.B \-p -.I kdb5_util_prog -] [ -.B \-d -] [ -.B \-S -] [ -.B \-P -.I port -] -.br -.SH DESCRIPTION -The -.I kpropd -command runs on the slave KDC server. It listens for update requests -made by the -.IR kprop (8) -program, and periodically requests incremental updates from the -master KDC. - -When the slave receives a kprop request from the master, -.I kpropd -accepts the dumped KDC database and places it in a file, and then runs -.IR kdb5_util (8) -to load the dumped database into the active database which is used by -.IR krb5kdc (8). -Thus, the master Kerberos server can use -.IR kprop (8) -to propagate its database to the slave slavers. Upon a successful download -of the KDC database file, the slave Kerberos server will have an -up-to-date KDC database. -.PP -Normally, kpropd is invoked out of -.I inetd(8). -This is done by adding a line to the inetd.conf file which looks like -this: - -kprop stream tcp nowait root /usr/local/sbin/kpropd kpropd - -However, kpropd can also run as a standalone daemon, if the -.B \-S -option is turned on. This is done for debugging purposes, or if for -some reason the system administrator just doesn't want to run it out of -.IR inetd (8). - -When the slave periodically requests incremental updates, -.I kpropd -updates its -.I principal.ulog -file with any updates from the master. -.IR kproplog (8) -can be used to view a summary of the update entry log on the slave -KDC. Incremental propagation is not enabled by default; it can be -enabled using the -.I iprop_enable -and -.I iprop_slave_poll -settings in -.IR kdc.conf (5). -The principal "kiprop/slavehostname@REALM" (where "slavehostname" is -the name of the slave KDC host, and "REALM" is the name of the -Kerberos realm) must be present in the slave's keytab file. - -.SH OPTIONS -.TP -\fB\-r\fP \fIrealm\fP -specifies the realm of the master server; by default the realm returned -by -.IR krb5_default_local_realm (3) -is used. -.TP -\fB\-f\fP \fIfile\fP -specifies the filename where the dumped principal database file is to be -stored; by default the dumped database file is KPROPD_DEFAULT_FILE -(normally /usr/local/var/krb5kdc/from_master). -.TP -.B \-p -allows the user to specify the pathname to the -.IR kdb5_util (8) -program; by default the pathname used is KPROPD_DEFAULT_KDB5_UTIL -(normally /usr/local/sbin/kdb5_util). -.TP -.B \-S -turn on standalone mode. Normally, kpropd is invoked out of -.IR inetd (8) -so it expects a network connection to be passed to it from -.I inetd (8). -If the -.B \-S -option is specified, kpropd will put itself into the background, and -wait for connections to the KPROP_SERVICE port (normally krb5_prop). -.TP -.B \-d -turn on debug mode. In this mode, if the -.B \-S -option is selected, -.I kpropd -will not detach itself from the current job and run in the background. -Instead, it will run in the foreground and print out debugging messages -during the database propagation. -.TP -.B \-P -allow for an alternate port number for -.I kpropd -to listen on. This is only useful if the program is run in standalone -mode. -.TP -.B \-a -allows the user to specify the path to the -kpropd.acl -file; by default the path used is KPROPD_ACL_FILE -(normally /usr/local/var/krb5kdc/kpropd.acl). -.SH FILES -.TP "\w'kpropd.acl\ \ 'u" -kpropd.acl -Access file for -.BR kpropd ; -the default location is KPROPD_ACL_FILE (normally -/usr/local/var/krb5kdc/kpropd.acl). -Each entry is a line containing the principal of a host from which the -local machine will allow Kerberos database propagation via kprop. -.SH SEE ALSO -kprop(8), kdb5_util(8), krb5kdc(8), inetd(8) diff --git a/src/slave/kproplog.M b/src/slave/kproplog.M deleted file mode 100644 index b7081a9..0000000 --- a/src/slave/kproplog.M +++ /dev/null @@ -1,96 +0,0 @@ -.\" slave/kprop.M -.\" -.\" Copyright 2008 by the Massachusetts Institute of Technology. -.\" -.\" Export of this software from the United States of America may -.\" require a specific license from the United States Government. -.\" It is the responsibility of any person or organization contemplating -.\" export to obtain such a license before exporting. -.\" -.\" WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -.\" distribute this software and its documentation for any purpose and -.\" without fee is hereby granted, provided that the above copyright -.\" notice appear in all copies and that both that copyright notice and -.\" this permission notice appear in supporting documentation, and that -.\" the name of M.I.T. not be used in advertising or publicity pertaining -.\" to distribution of the software without specific, written prior -.\" permission. Furthermore if you modify this software you must label -.\" your software as modified software and not distribute it in such a -.\" fashion that it might be confused with the original M.I.T. software. -.\" M.I.T. makes no representations about the suitability of -.\" this software for any purpose. It is provided "as is" without express -.\" or implied warranty. -.\" -.\" -.\" Copyright (c) 2003, Sun Microsystems, Inc. All Rights Reserved -.\" -.TH KPROPLOG 1 -.SH NAME -kproplog \- display the contents of the Kerberos principal update log -.SH SYNOPSIS -.B kproplog -[\fB\-h\fP] [\fB\-e\fP \fInum\fP] -.br -.SH DESCRIPTION -The -.I kproplog -command displays the contents of the Kerberos principal update log to -standard output. It can be used to keep track of the incremental -updates to the principal database, when enabled. The update log -file contains the update log maintained by the -.I kadmind -process on the master KDC server and the kpropd process on the slave -KDC servers. When updates occur, they are logged to this -file. Subsequently any KDC slave configured for incremental updates -will request the current data from the master KDC and update their -.I principal.ulog -file with any updates returned. - -The -.I kproplog -command can only be run on a KDC server by someone with privileges -comparable to the superuser. It will display update entries for that -server only. - -If no options are specified, the summary of the update log is -displayed. If invoked on the master, all of the update entries are -also displayed. When invoked on a slave KDC server, only a summary of -the updates are displayed, which includes the serial number of the -last update received and the associated time stamp of the last update. - -.SH OPTIONS -.TP -\fB\-h\fP -Display a summary of the update log. This information includes the -database version number, state of the database, the number of updates -in the log, the time stamp of the first and last update, and the -version number of the first and last update entry. -.TP -\fB\-e\fP \fInum\fP -Display the last -.I num -update entries in the log. This is useful when debugging -synchronization between KDC servers. -.TP -\fB\-v\fP -Display individual attributes per update. -An example of the output generated for one entry: -.nf - Update Entry - Update serial # : 4 - Update operation : Add - Update principal : test@EXAMPLE.COM - Update size : 424 - Update committed : True - Update time stamp : Fri Feb 20 23:37:42 2004 - Attributes changed : 6 - Principal - Key data - Password last changed - Modifying principal - Modification time - TL data -.fi - -.SH SEE ALSO -kpropd(8) |