NAME
verify_krb5_conf
- checks krb5.conf for obvious errors
SYNOPSIS
verify_krb5_conf
[config-file]
DESCRIPTION
verify_krb5_conf
reads the configuration file
krb5.conf
,
or the file given on the command line,
and parses it, thereby verifying that the syntax is not correctly wrong.
If the file is syntactically correct,
verify_krb5_conf
tries to verify that the contents of the file is of relevant nature.
ENVIRONMENT
KRB5_CONFIG
points to the configuration file to read.
FILES
/etc/krb5.conf
-
Kerberos 5 configuration file
DIAGNOSTICS
Possible output from
verify_krb5_conf
include:
- : failed to parse as size/time/number/boolean
-
Usually means that is misspelled, or that it contains
weird characters. The parsing done by
verify_krb5_conf
is more strict than the one performed by libkrb5, so strings that
work in real life might be reported as bad.
- : host not found ()
-
Means that is supposed to point to a host, but it can't be
recognised as one.
- : unknown or wrong type
-
Means that is either a string when it should be a list, vice
versa, or just that
verify_krb5_conf
is confused.
- : unknown entry
-
Means that is not known by
verify_krb5_conf.
SEE ALSO
krb5.conf(5)
BUGS
Since each application can put almost anything in the config file,
it's hard to come up with a watertight verification process. Most of
the default settings are sanity checked, but this does not mean that
every problem is discovered, or that everything that is reported as a
possible problem actually is one. This tool should thus be used with
some care.
It should warn about obsolete data, or bad practice, but currently
doesn't.