- write the man page

- make the config directory changeable

2 files changed, 62 insertions, 1 deletions

diff --git a/src/credmonger.8.in b/src/credmonger.8.in
new file mode 100644
index 0000000..ba499ff
--- /dev/null
+++ b/src/credmonger.8.in
@@ -0,0 +1,57 @@
+.TH credmonger 8 2009-04-02 "" ""
+
+.SH NAME
+credmonger \- maintain Kerberos credential caches for other processes
+
+.SH SYNOPSIS
+credmonger [-c \fIconfigdir\fP] [-n] [-p \fIpidfile\fP]
+
+.SH DESCRIPTION
+The \fIcredmonger\fP daemon creates and refreshes Kerberos credential cache
+files on behalf of other processes and users, which are typically daemons
+which need to authenticate to other services using Kerberos.
+
+.SH ARGUMENTS
+.IP -c configdir
+Changes the directory in which \fIcredmonger\fP searches for its configuration
+from the default (\fI@myconfigdir@\fP) to the specified value.
+.IP -n
+Tells \fIcredmonger\fP to not fork and become a background process.  When
+running in the foreground, \fIcredmonger\fP will print diagnostic information
+to \fIstderr\fP.
+.IP -p pidfile
+When running as a background process, \fIcredmonger\fP will log its process ID
+to the named file.
+
+.SH CONFIGURATION
+The \fIcredmonger\fP daemon searches its configuration directory for
+files.  Each file is expected to contain one or lines, each containing a
+colon-separated list of relevant settings.
+
+The first field contains the name or UID of the user for whom the credential
+cache should be maintained.
+
+The second field contains the path of the keytab which contains the keys which
+can be used to obtain credentials.
+
+The third field contains the user's principal name.  The principal name need
+not contain a realm component if it is the default realm.  If the principal
+name ends with a "/" character, the local host name will be appended.
+
+The fourth field contains the path to the file credential cache in which the
+credentials will be stored.  If the name ends with XXXXXX, then a unique file
+name will be generated using mkstemp(3).  The file is removed when the daemon
+exits.
+
+.SH EXAMPLE
+
+Make sure that the root user has credentials for the local system's
+\fIhost\fP service in \fI/tmp/krb5cc_0\fP.
+
+  root:/etc/krb5.keytab:host/:/tmp/krb5cc_0
+
+.SH SEE ALSO
+kinit(\fB1\fP)
+
+.SH BUGS
+How did you get this program?
diff --git a/src/credmonger.c b/src/credmonger.c
index df9d2ac..05ca150 100644
--- a/src/credmonger.c
+++ b/src/credmonger.c
@@ -15,7 +15,6 @@
 
 #include <krb5.h>
 
-#define CONFIG_DIR "/etc/credmonger.d"
 #define FCC_PREFIX "FILE:"
 #define DEFAULT_RETRY_TIME 300
 
@@ -539,7 +538,12 @@ main(int argc, char **argv)
 		case 'p':
 			pidfile = optarg;
 			break;
+		case 'h':
 		default:
+			printf("Usage: %s [-c configdir] [-n] [-p pidfile]\n",
+			       strchr(argv[0], '/') ?
+			       strrchr(argv[0], '/') + 1 : argv[0]);
+			_exit(1);
 			break;
 		}
 	}