Add man pages for fakeka and k524init

Ticket: 3013
Version_Reported: 1.3.6

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18109 dc483132-0cff-0310-8789-dd5450dbe970

2 files changed, 112 insertions, 0 deletions

diff --git a/src/kdc/Makefile.in b/src/kdc/Makefile.in
index 08a8612ba2..5ea5ea3922 100644
--- a/src/kdc/Makefile.in
+++ b/src/kdc/Makefile.in
@@ -82,6 +82,7 @@ install::
 	f=$(FAKEKA); \
 	if test -n "$$f" ; then \
 		$(INSTALL_PROGRAM) $$f ${DESTDIR}$(SERVER_BINDIR)/$$f; \
+		$(INSTALL_DATA) $(srcdir)/fakeka.M ${DESTDIR}$(SERVER_MANDIR)/fakeka.8; \
 	fi
 
 clean::
diff --git a/src/kdc/fakeka.M b/src/kdc/fakeka.M
new file mode 100644
index 0000000000..80ea0153aa
--- /dev/null
+++ b/src/kdc/fakeka.M
@@ -0,0 +1,111 @@
+.\" kdc/fakeka.M
+.\"
+.\" Copyright 2005 by the Massachusetts Institute of Technology.
+.\"
+.\" Export of this software from the United States of America may
+.\"   require a specific license from the United States Government.
+.\"   It is the responsibility of any person or organization contemplating
+.\"   export to obtain such a license before exporting.
+.\"
+.\" WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+.\" distribute this software and its documentation for any purpose and
+.\" without fee is hereby granted, provided that the above copyright
+.\" notice appear in all copies and that both that copyright notice and
+.\" this permission notice appear in supporting documentation, and that
+.\" the name of M.I.T. not be used in advertising or publicity pertaining
+.\" to distribution of the software without specific, written prior
+.\" permission.  Furthermore if you modify this software you must label
+.\" your software as modified software and not distribute it in such a
+.\" fashion that it might be confused with the original M.I.T. software.
+.\" M.I.T. makes no representations about the suitability of
+.\" this software for any purpose.  It is provided "as is" without express
+.\" or implied warranty.
+.\" "
+.TH FAKEKA 8
+.SH NAME
+fakeka \- Fake kaserver for AFS clients
+.SH SYNOPSIS
+\fBfakeka\fP [\fB\-dm\fP] [\fB\-c\fP \fIcell\fP] [\fB\-f\fP \fIforwarder\fP]
+[\fB\-l\fP \fBfacility\fP] [\fB\-p\fP \fBport\fP] [\fB\-r\fP \fIrealm\fP]
+.br
+.SH DESCRIPTION
+.I fakeka
+is a fake kaserver that speaks just enough of the AFS RX protocol to make
+klog work.  It is used in conjunction with a Kerberos V5 KDC to support
+existing AFS clients, and is usually used with ka-forwarder.
+.I fakeka
+must run on the same host as your Kerberos V5 KDC, since it needs access
+to the KDC database.  ka-forwarder should run on each of your AFS database
+servers, pointing to your Kerberos V5 KDCs.
+.I fakeka
+should then be running on each of the KDCs, with the AFS database servers
+listed as arguments to the
+.B -f
+option.
+.PP
+Note that principals you wish to use
+.I fakeka
+with must have either a V4-style key (des:v4) or an AFS-style key
+(des:afs3).  V5 enctypes won't work.
+.SH OPTIONS
+.TP
+\fB\-c\fP \fIcell\fP
+The AFS cell for which
+.I fakeka
+will be handling requests.  If not given, this defaults to the same as the
+Kerberos V5 realm (see
+.B \-r
+below).
+.TP
+.B \-d
+Enables debugging.  When this flag is given,
+.I fakeka
+will run in the foreground and print debugging information to standard
+error.  Overrides
+.BR \-m .
+.TP
+\fB\-f\fP \fIforwarder\fP
+Allows forwarded requests from
+.IR forwarder ,
+which is generally an AFS database server running ka-forwarder.  This
+option can be given multiple times (up to 10).  Each system running
+ka-forwarder should be specified with the
+.B \-f
+flag or forwarded requests from that host will not be answered.  (The
+forwarders append their own address to the packet.
+.TP
+\fB\-l\fP \fIfacility\fP
+Log actions via syslog with the given
+.I facility
+rather than the default of LOG_DAEMON.
+.I facility
+must be one of KERN, USER, MAIL, DAEMON, AUTH, LPR, NEWS, UUCP, CRON,
+LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, or LOCAL7.  This
+option is case-sensitive.  Not all of these facilities may be available,
+depending on what pre-defined syslog facilities your system provides.
+.TP
+.B \-m
+Fork and background when starting.  You will usually always want to give
+this flag.
+.TP
+\fB\-p\fP \fIport\fP
+Listen on the specified port rather than the default of 7004 (which is
+what klog expects).
+.I port
+may be a number or a service name from
+.IR /etc/services .
+.TP
+\fB\-r\fP \fIrealm\fP
+The Kerberos V5 realm to which the requests are being translated.  The
+default is the local default realm.
+.SH EXAMPLES
+Handle requests for a local cell whose name matches the local realm,
+accepting forwarded queries from afs1.example.com and afs2.example.com:
+.IP "" 4
+fakeka -m -f afs1.example.com -f afs2.example.com
+.PP
+If the cell name doesn't match the realm name,
+.B \-c
+would need to be added, specifying the cell name.
+.SH SEE ALSO
+ka-forwarder(8)