diff options
author | Russ Allbery <rra@stanford.edu> | 2006-06-12 17:19:19 +0000 |
---|---|---|
committer | Russ Allbery <rra@stanford.edu> | 2006-06-12 17:19:19 +0000 |
commit | 8135961bad19836b76a39ac794ba4860f8e93484 (patch) | |
tree | e55cab27dff153740aa20cbc029f2251222e3179 /src/kdc | |
parent | 38e6d18b6a6a08f50d9158e0865fa3f31828bdf2 (diff) | |
download | krb5-8135961bad19836b76a39ac794ba4860f8e93484.tar.gz krb5-8135961bad19836b76a39ac794ba4860f8e93484.tar.xz krb5-8135961bad19836b76a39ac794ba4860f8e93484.zip |
Add man pages for fakeka and k524init
Ticket: 3013
Version_Reported: 1.3.6
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18109 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kdc')
-rw-r--r-- | src/kdc/Makefile.in | 1 | ||||
-rw-r--r-- | src/kdc/fakeka.M | 111 |
2 files changed, 112 insertions, 0 deletions
diff --git a/src/kdc/Makefile.in b/src/kdc/Makefile.in index 08a8612ba2..5ea5ea3922 100644 --- a/src/kdc/Makefile.in +++ b/src/kdc/Makefile.in @@ -82,6 +82,7 @@ install:: f=$(FAKEKA); \ if test -n "$$f" ; then \ $(INSTALL_PROGRAM) $$f ${DESTDIR}$(SERVER_BINDIR)/$$f; \ + $(INSTALL_DATA) $(srcdir)/fakeka.M ${DESTDIR}$(SERVER_MANDIR)/fakeka.8; \ fi clean:: diff --git a/src/kdc/fakeka.M b/src/kdc/fakeka.M new file mode 100644 index 0000000000..80ea0153aa --- /dev/null +++ b/src/kdc/fakeka.M @@ -0,0 +1,111 @@ +.\" kdc/fakeka.M +.\" +.\" Copyright 2005 by the Massachusetts Institute of Technology. +.\" +.\" Export of this software from the United States of America may +.\" require a specific license from the United States Government. +.\" It is the responsibility of any person or organization contemplating +.\" export to obtain such a license before exporting. +.\" +.\" WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +.\" distribute this software and its documentation for any purpose and +.\" without fee is hereby granted, provided that the above copyright +.\" notice appear in all copies and that both that copyright notice and +.\" this permission notice appear in supporting documentation, and that +.\" the name of M.I.T. not be used in advertising or publicity pertaining +.\" to distribution of the software without specific, written prior +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of +.\" this software for any purpose. It is provided "as is" without express +.\" or implied warranty. +.\" " +.TH FAKEKA 8 +.SH NAME +fakeka \- Fake kaserver for AFS clients +.SH SYNOPSIS +\fBfakeka\fP [\fB\-dm\fP] [\fB\-c\fP \fIcell\fP] [\fB\-f\fP \fIforwarder\fP] +[\fB\-l\fP \fBfacility\fP] [\fB\-p\fP \fBport\fP] [\fB\-r\fP \fIrealm\fP] +.br +.SH DESCRIPTION +.I fakeka +is a fake kaserver that speaks just enough of the AFS RX protocol to make +klog work. It is used in conjunction with a Kerberos V5 KDC to support +existing AFS clients, and is usually used with ka-forwarder. +.I fakeka +must run on the same host as your Kerberos V5 KDC, since it needs access +to the KDC database. ka-forwarder should run on each of your AFS database +servers, pointing to your Kerberos V5 KDCs. +.I fakeka +should then be running on each of the KDCs, with the AFS database servers +listed as arguments to the +.B -f +option. +.PP +Note that principals you wish to use +.I fakeka +with must have either a V4-style key (des:v4) or an AFS-style key +(des:afs3). V5 enctypes won't work. +.SH OPTIONS +.TP +\fB\-c\fP \fIcell\fP +The AFS cell for which +.I fakeka +will be handling requests. If not given, this defaults to the same as the +Kerberos V5 realm (see +.B \-r +below). +.TP +.B \-d +Enables debugging. When this flag is given, +.I fakeka +will run in the foreground and print debugging information to standard +error. Overrides +.BR \-m . +.TP +\fB\-f\fP \fIforwarder\fP +Allows forwarded requests from +.IR forwarder , +which is generally an AFS database server running ka-forwarder. This +option can be given multiple times (up to 10). Each system running +ka-forwarder should be specified with the +.B \-f +flag or forwarded requests from that host will not be answered. (The +forwarders append their own address to the packet. +.TP +\fB\-l\fP \fIfacility\fP +Log actions via syslog with the given +.I facility +rather than the default of LOG_DAEMON. +.I facility +must be one of KERN, USER, MAIL, DAEMON, AUTH, LPR, NEWS, UUCP, CRON, +LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, or LOCAL7. This +option is case-sensitive. Not all of these facilities may be available, +depending on what pre-defined syslog facilities your system provides. +.TP +.B \-m +Fork and background when starting. You will usually always want to give +this flag. +.TP +\fB\-p\fP \fIport\fP +Listen on the specified port rather than the default of 7004 (which is +what klog expects). +.I port +may be a number or a service name from +.IR /etc/services . +.TP +\fB\-r\fP \fIrealm\fP +The Kerberos V5 realm to which the requests are being translated. The +default is the local default realm. +.SH EXAMPLES +Handle requests for a local cell whose name matches the local realm, +accepting forwarded queries from afs1.example.com and afs2.example.com: +.IP "" 4 +fakeka -m -f afs1.example.com -f afs2.example.com +.PP +If the cell name doesn't match the realm name, +.B \-c +would need to be added, specifying the cell name. +.SH SEE ALSO +ka-forwarder(8) |