VERIFY_KRB5_CONF(8) OpenBSD System Manager's Manual VERIFY_KRB5_CONF(8)
verify_krb5_conf - checks krb5.conf for obvious errors
verify_krb5_conf reads the configuration file krb5.conf, or the file giv-
en on the command line, and parses it, thereby verifying that the syntax
If the file is syntactically correct, verify_krb5_conf tries to verify
that the contents of the file is of relevant nature.
Possible output from verify_krb5_conf include:
<path>: failed to parse <something> as size/time/number/boolean
Usually means that <something> is misspelled, or that it contains
weird characters. The parsing done by verify_krb5_conf is more
strict than the one performed by libkrb5, so strings that work in
real life might be reported as bad.
<path>: host not found (<hostname>)
Means that <path> is supposed to point to a host, but it can't be
recognised as one.
<path>: unknown or wrong type
Means that <path> is either a string when it should be a list,
vice versa, or just that verify_krb5_conf is confused.
<path>: unknown entry
Means that <string> is unknown to verify_krb5_conf.
KRB5_CONFIG points to the configuration file to read.
/etc/krb5.conf Kerberos 5 configuration file
Since each application can put almost anything in the config file, it's
hard to come up with a watertight verification process. Most of the de-
fault settings are sanity checked, but this does not mean that every
problem is discovered, or that everything that is reported as a possible
problem actually is one. This tool should thus be used with some care.
It should warn about obsolete data, or bad practice, but currently
HEIMDAL August 30, 2001 1