verify_krb5_conf - checks krb5.conf for obvious errors
verify_krb5_conf reads the configuration file krb5.conf, or
the file given
on the command line, and parses it, thereby verifying
that the syntax
If the file is syntactically correct, verify_krb5_conf tries
that the contents of the file is of relevant nature.
Possible output from verify_krb5_conf include:
<path>: failed to parse <something> as size/time/number/boolean
Usually means that <something> is misspelled, or
that it contains
weird characters. The parsing done by
verify_krb5_conf is more
strict than the one performed by libkrb5, so strings
that work in
real life might be reported as bad.
<path>: host not found (<hostname>)
Means that <path> is supposed to point to a host,
but it can't be
recognised as one.
<path>: unknown or wrong type
Means that <path> is either a string when it should
be a list,
vice versa, or just that verify_krb5_conf is confused.
<path>: unknown entry
Means that <string> is unknown to verify_krb5_conf.
KRB5_CONFIG points to the configuration file to read.
/etc/krb5.conf Kerberos 5 configuration file
Since each application can put almost anything in the config
hard to come up with a watertight verification process. Most
of the default
settings are sanity checked, but this does not mean
problem is discovered, or that everything that is reported
as a possible
problem actually is one. This tool should thus be used with
It should warn about obsolete data, or bad practice, but
HEIMDAL August 30, 2001
[ Back ]