Nancy L. Gilman's changes for Beta 4

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@3775 dc483132-0cff-0310-8789-dd5450dbe970

6 files changed, 98 insertions, 18 deletions

diff --git a/src/admin/convert/kdb5_convert.M b/src/admin/convert/kdb5_convert.M
index 28b4aabf5d..22a32e4734 100644
--- a/src/admin/convert/kdb5_convert.M
+++ b/src/admin/convert/kdb5_convert.M
@@ -32,11 +32,27 @@ kdb5_convert \- convert a v4 Kerberos principal database to a v5 database
 .B \-d
 .I v5dbname
 ] [
+.B \-k
+.I keytype
+] [
+.B \-M
+.I mkeyname
+] [
+.B \-e
+.I enctype
+] [
+.B \-n
+]
 .B \-D
 .I v4dbname
+.br
+.B kdb5_convert
+[
+.B \-r
+.I realm
 ] [
-.B \-f
-.I v4dumpfile
+.B \-d
+.I v5dbname
 ] [
 .B \-k
 .I keytype
@@ -48,7 +64,9 @@ kdb5_convert \- convert a v4 Kerberos principal database to a v5 database
 .I enctype
 ] [
 .B \-n
-]
+] 
+.B \-f
+.I v4dumpfile
 .br
 .SH DESCRIPTION
 .I kdb5_convert
@@ -104,7 +122,7 @@ The
 .B \-M
 .I mkeyname
 option specifies the principal name for the master key in the database;
-the default is KRB5_KDB_M_NAME (usually "K/M" in the KDC's realm).
+the default is KRB5_KDB_M_NAME (usually "K/M" in the local realm).
 .PP
 The
 .B \-e
@@ -117,7 +135,7 @@ keytype.
 The
 .B \-n
 option specifies that the master key for the v4 database should be
-entered manually rather than fetched from the normal v4 master key file.
+entered manually rather than fetched from the normal v5 master key file.
 The
 .B \-K
 option specifies that the master key for the v5 (new) database should
@@ -130,9 +148,10 @@ to the new database or ignored.
 .SH SEE ALSO
 krb5(3), krb5kdc(8)
 .SH BUGS
-Doesn't have flexibility about expiration times.  Probably doesn't
-handle any v4 inter-realm keys.
+Doesn't have flexibility about expiration times. 
 .sp
 When the underlying databases are built on the old DBM (not NDBM), the
+.B \-D
+option is not allowed, i.e. the
 conversion must be done from a dump file rather than from a DBM
 database, due to restrictions in the old DBM implementation.
diff --git a/src/admin/create/kdb5_create.M b/src/admin/create/kdb5_create.M
index ac01d787f6..109e2e07b0 100644
--- a/src/admin/create/kdb5_create.M
+++ b/src/admin/create/kdb5_create.M
@@ -44,7 +44,7 @@ kdb5_create \- create a new Kerberos V5 principal database
 .br
 .SH DESCRIPTION
 .I kdb5_create
-is used to create a Kerberos version 5 principal database.
+is used to create an empty Kerberos version 5 principal database.
 The user is prompted for the master password, which will be used to
 generate an encryption key under which all entries are stored (in order
 to provide some security against database theft).
diff --git a/src/admin/destroy/kdb5_destroy.M b/src/admin/destroy/kdb5_destroy.M
index cea13cde7d..28c3f2f4a1 100644
--- a/src/admin/destroy/kdb5_destroy.M
+++ b/src/admin/destroy/kdb5_destroy.M
@@ -32,7 +32,8 @@ kdb5_destroy \- destroy a Kerberos principal database
 .br
 .SH DESCRIPTION
 .I kdb5_destroy
-destroys a Kerberos principal database.
+destroys a Kerberos principal database, i.e. all of the data is
+overwritten and then the file is removed.
 The user is prompted to confirm deletion of the database.
 .PP
 The
diff --git a/src/admin/edit/kdb5_edit.M b/src/admin/edit/kdb5_edit.M
index b9298767c8..ce9a19ac9f 100644
--- a/src/admin/edit/kdb5_edit.M
+++ b/src/admin/edit/kdb5_edit.M
@@ -50,8 +50,7 @@ allows an administrator to add, delete, and edit entries in a Kerberos
 version 5 principal database.
 After the master key is verified, the administrator is placed into a
 shell-like command loop, from which he may issue commands to modify the
-database.  '?' lists the commands available; 'exit' or 'quit' exits the
-program.
+database.  
 .PP
 The
 .B \-r
@@ -91,7 +90,66 @@ The
 .B \-m
 option specifies that the master database password should be fetched
 from the keyboard rather than from a file on disk.
+.SH AVAILABLE COMMANDS
+
+The following is a list of commands and their aliases that the system
+administrator may use to manipulate the database:
+
+.IP add_new_key,ank
+Add new entry to Kerberos database (prompting for password)
+
+.IP change_pwd_key,cpw      
+Change key of an entry in the Kerberos database (prompting for password)
+
+.IP add_rnd_key,ark         
+Add new entry to Kerberos database, using a random key
+
+.IP change_rnd_key,crk      
+Change key of an entry in the Kerberos database (select a new random key)
+
+.IP add_v4_key,av4k         
+Add new entry to Kerberos database (using V4 string-to-key)
+
+.IP change_v4_key,cv4k     
+Change key of an entry in the Kerberos database (using V4 string-to-key)
+
+.IP delete_entry,delent,del
+Delete an entry from the database
+
+.IP extract_srvtab,xst,ex_st
+Extract service key table
+
+.IP extract_v4_srvtab,xst4  
+Extract service key table
+
+.IP list_db,ldb             
+List database entries
+
+.IP dump_db,ddb             
+Dump database entries to a file
+
+.IP load_db,lddb            
+Load database entries from a file
+
+.IP set_dbname,sdbn         
+Change database name
+
+.IP enter_master_key,emk    
+Enter the master key for a database
+
+.IP change_working_directory,cwd,cd
+Change working directory
+
+.IP print_working_direcotry,pwd
+Print working directory
+
+.IP list_requests,lr,?     
+List available requests.
+
+.IP quit,exit,q            
+Exit program.
+
 .SH SEE ALSO
 krb5(3), krb5kdc(8), ss(3)
 .SH BUGS
-This man page needs to document the ss commands.
+This routine must be run interactively.  There is no command-line interface.
diff --git a/src/admin/stash/kdb5_stash.M b/src/admin/stash/kdb5_stash.M
index 292d488687..06d02cc812 100644
--- a/src/admin/stash/kdb5_stash.M
+++ b/src/admin/stash/kdb5_stash.M
@@ -50,7 +50,6 @@ kdb5_stash \- store a principal database master key on disk
 stores a Kerberos principal database master key in a file;
 this key may subsequently be used for unattended re-start of a Kerberos
 V5 KDC.
-create a Kerberos version 5 principal database.
 The user is prompted for the master password, which will be verified
 against the database, and then stored in a file.
 .PP
diff --git a/src/slave/kprop.M b/src/slave/kprop.M
index af8e3d7e6d..23170b8d92 100644
--- a/src/slave/kprop.M
+++ b/src/slave/kprop.M
@@ -38,13 +38,16 @@ kprop \- propagate a Kerberos V5 principal database to a slave server
 .br
 .SH DESCRIPTION
 .I kprop
-is used to propagate a Kerberos version 5 principal database from the
+is used to propagate a Kerberos V5 database dump file from the
 master Kerberos server to a slave Kerberos server, which is specfieid
 by
-.I slave_host
-.  This is done by
-transmitting the dumped database file to the slave server over an
-encrypted, secure channel.
+.I slave_host.  
+This is done by transmitting the dumped database file to the slave
+server over an encrypted, secure channel.  The dump file must be
+created by kdb5_edit, and is normally KPROP_DEFAULT_FILE
+(/krb5/slave_datatrans).  The location of the file can be overriden by
+the -f option.
+
 .PP
 The
 .B \-r