NAME
verify_krb5_conf
- checks krb5.conf for obvious errors
SYNOPSIS
verify_krb5_conf
[config-file]
DESCRIPTION
verify_krb5_conf
reads the configuration file
krb5.conf,
or the file given on the command line,
and parses it, thereby verifying that the syntax is not correctly wrong.
If the file is syntactically correct,
verify_krb5_conf
tries to verify that the contents of the file is of relevant nature.
ENVIRONMENT
KRB5_CONFIG
points to the configuration file to read.
FILES
/etc/krb5.conf-
Kerberos 5 configuration file
DIAGNOSTICS
Possible output from
verify_krb5_conf
include:
- : failed to parse as size/time/number/boolean
-
Usually means that is misspelled, or that it contains
weird characters. The parsing done by
verify_krb5_conf
is more strict than the one performed by libkrb5, so strings that
work in real life might be reported as bad.
- : host not found ()
-
Means that is supposed to point to a host, but it can't be
recognised as one.
- : unknown or wrong type
-
Means that is either a string when it should be a list, vice
versa, or just that
verify_krb5_conf
is confused.
- : unknown entry
-
Means that is not known by
verify_krb5_conf.
SEE ALSO
krb5.conf(5)
BUGS
Since each application can put almost anything in the config file,
it's hard to come up with a watertight verification process. Most of
the default settings are sanity checked, but this does not mean that
every problem is discovered, or that everything that is reported as a
possible problem actually is one. This tool should thus be used with
some care.
It should warn about obsolete data, or bad practice, but currently
doesn't.