summaryrefslogtreecommitdiffstats
path: root/src/kadmin/cli
diff options
context:
space:
mode:
authorAlex Dehnert <adehnert@mit.edu>2013-03-08 23:48:33 -0500
committerGreg Hudson <ghudson@mit.edu>2013-03-11 14:34:17 -0400
commit4b7517731a0bf1026ff5a9a6eb1cc16b52f6debb (patch)
tree4285c2f1ee344f1f886e3503696c316976ddf197 /src/kadmin/cli
parentec217570e20d4702be2830235bad56184d47b1d2 (diff)
downloadkrb5-4b7517731a0bf1026ff5a9a6eb1cc16b52f6debb.tar.gz
krb5-4b7517731a0bf1026ff5a9a6eb1cc16b52f6debb.tar.xz
krb5-4b7517731a0bf1026ff5a9a6eb1cc16b52f6debb.zip
Add support for k5srvutil -e keysalts
k5srvutil is a little more convenient to use for rolling keys than kadmin is. When migrating off 1DES, though, it may be desirable to explicitly specify the desired keysalts. This adds an option, -e, to k5srvutil to specify desired keysalts. [ghudson@mit.edu: style fix; make whitespace in keysalt list work] ticket: 7589 (new)
Diffstat (limited to 'src/kadmin/cli')
-rwxr-xr-xsrc/kadmin/cli/k5srvutil.sh10
1 files changed, 8 insertions, 2 deletions
diff --git a/src/kadmin/cli/k5srvutil.sh b/src/kadmin/cli/k5srvutil.sh
index e1284e6af4..050fa8776f 100755
--- a/src/kadmin/cli/k5srvutil.sh
+++ b/src/kadmin/cli/k5srvutil.sh
@@ -38,7 +38,7 @@ cmd_error() {
}
usage() {
- echo "Usage: $0 [-i] [-f file] list|change|delete|delold"
+ echo "Usage: $0 [-i] [-f file] [-e keysalts] list|change|delete|delold"
}
@@ -47,7 +47,8 @@ change_key() {
princs=`list_princs `
for princ in $princs; do
if interactive_prompt "Change key " $princ; then
- kadmin -k -t $keytab -p $princ -q "ktadd -k $keytab $princ"
+ kadmin -k -t $keytab -p $princ -q \
+ "ktadd -k $keytab $keysalts $princ"
fi
done
}
@@ -74,6 +75,7 @@ delete_keys() {
keytab=/etc/krb5.keytab
interactive=0
+keysalts=""
while [ $# -gt 0 ] ; do
opt=$1
@@ -86,6 +88,10 @@ while [ $# -gt 0 ] ; do
"-i")
interactive=1
;;
+ "-e")
+ keysalts="$keysalts -e \"$1\""
+ shift
+ ;;
change|delold|delete|list)
set_command $opt
;;