netbsd-bugs: bin/3784: no manpages for kprop/kpropd

Subject: bin/3784: no manpages for kprop/kpropd
To: None <gnats-bugs@gnats.netbsd.org>
From: None <jason@logical.thought.net>
List: netbsd-bugs
Date: 06/24/1997 16:56:55
>Number:         3784
>Category:       bin
>Synopsis:       no manpages for kprop/kpropd
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    bin-bug-people (Utility Bug People)
>State:          open
>Class:          doc-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Jun 24 10:05:02 1997
>Last-Modified:
>Originator:     Jason Wright
>Organization:
>Release:        -current 24 Jun 1997
>Environment:
	
System: NetBSD logical 1.2E NetBSD 1.2E (LOGICAL) #18: Fri Jun 6 11:14:57 EDT 1997 jason@logical:/usr/src/sys/arch/pmax/compile/LOGICAL pmax


>Description:
  kprop/kpropd have no manpages
>How-To-Repeat:
  man kprop
  man kpropd
>Fix:

I've enclosed manpages that I threw together from the reading the source and
reading other manpages (Ultrix) found on the web.  They may not be perfect,
but they should provide a starting point.

---begin kprop.8---
.\"
.\"
.\"
.TH KPROP 8 "Kerberos Version 4.0" "MIT Project Athena"
.SH NAME
kprop \- network utility for Kerberos database propagation
.SH SYNOPSIS
.B kadmin database slaves_file [-force] [-safe | -clear] [-realm realm]
.SH DESCRIPTION
The
.I kprop
daemon runs on a Kerberos master and propagates the Kerberos
database to the Kerberos slaves, where it is received by the waiting kpropd
daemon.

The first parameter, 
.IR database ,
is the name of the file out of which data is
extracted.  This file is not the db-formatted Kerberos database,
.IR /etc/kerberosIV/principal.db .
See the
.I db(3)
reference page for more
information.  The database is a file created by the
.B kdb_util slave dump
command.  It is an ASCII representation of the Kerberos database.

The second parameter that must be supplied is 
.IR slaves_file ,
the name of the
file on the Kerberos master that lists the Kerberos slaves to which kprop
propagates the Kerberos master database.  The slaves file contains one
line for each host running a secondary server consisting on just the hostname
of the machine.

The Kerberos utility first determines whether the ASCII Kerberos database,
database, was correctly dumped by
.BR kdb_util .
It accomplishes this by
determining if database is older than the
.B database.dump.ok
file created by
.I kdb_util
during the slave dump operation.  If it is older, the dump did not
succeed or is not yet finished.  If the dump did not complete successfully
or has not yet completed, the master database is not transferred to any
Kerberos slave.  Otherwise,
.I kprop
determines, for each slave server listed
in the slaves file, whether or not the database has changed since the last
successful transfer to the slave.  It determines this for slave server
.I cactus
by comparing the modification time of the
.I cactus-last-prop
file, which is stored in the same directory as the slaves file,
with the modification time of database. If the
.I /etc/cactus-last-prop
file
is newer, then the database, need not be transferred to
.IR cactus .
Finally,
.I kprop
propagates the database to those servers which need a new
copy of the database and updates the modification time of the
.I /etc/server-last-prop
file for these slave servers.
.PP
If the
.B \-safe
option is specified, the data sent over the network is guaranteed to be
authenticated at the destination and protected against modifications
in transit.  That is, kprop and kpropd, which are Kerberos princi-
pals, become Kerberos-authenticated to each other and send messages
formatted by krb_mk_safe.
.PP
If the
.B \-clear
option is specified, all of the data will be sent in cleartext (unencrypted).
This switch is useful when first setting up the Kerberos environment.
.PP
If the
.B \-realm
option is specified, its argument is used as the current realm name rather
than the default specified in
.B krb.conf(5)
file.
.PP
If the
.B \-force
option is specified,
.B kprop
is forced to propagate the Kerberos database to the slaves, even if there are
no recent changes to the database.  Without the force flag, the Kerberos
database is not propagated if the database file has not changed since the last
successful transfer.
.SH BUGS
This utility does not support the transfer of encrypted data.

The
.B -clear
and
.B -safe
options are not implemented.

.SH "SEE ALSO"
kerberos(1), kpropd(8)
.br
``A Subsystem Utilities Package for UNIX'' by Ken Raeburn
---end kprop.8---
---begin kpropd.8---
.\"
.\"
.\"
.TH KPROPD 8 "Kerberos Version 4.0" "MIT Project Athena"
.SH NAME
kpropd \- network utility for Kerberos database propagation
.SH SYNOPSIS
.B kpropd [-r realm] [-s srvtab] [-d database_file] [-l logfile] [-p kdb_util_path] output_file
.SH DESCRIPTION
This daemon runs on a Kerberos slave and waits to receive the
Kerberos database propagated from a
.I kprop
process on a Kerberos master.
The first parameter,
.BR output_file ,
that you must supply to the daemon is the name of a text file in which
data will be placed when it comes over the network.

This utility executes the
.I kdb_util
utility, which loads the database
from the file specified in
.BR output_file ,
puts it in
.I db(3)
format, and copies it into the Kerberos database in the directory
.IR /etc/kerberosIV .
.SH OPTIONS
.TP 7
.B \-r
Specifies the reciever realm for which data is accepted;
.I /etc/krb.conf
specifies the default.
.TP
.B \-s
Specifies the service table file from which to read the password
of the daemon, because a password cannot be entered manually when
running as a daemon.  The default is:
.IR /etc/kerberosIV/srvtab .
.TP
.B \-d
Specifies the primary Kerberos database file of a
Kerberos slave.
This file receives a new or updated
database propagated from the Kerberos master.
The default is the database in the directory
.IR /etc/kerberosIV ,
The file is:
.IR principal.db .
.TP
.B \-l
Specifies the name of the log file to be used.  The default is:
.IR /var/log/kpropd.log .
.TP
.B \-p
Specificies the full path (with directory and command) to the program
.IR kdb_util .
The default is just:
.I kdb_util
which relies on the PATH environment variable to be searched to find it.
.TP
.B \-P
Synonym for
.BR \-p .
.SH BUGS
This utility does not support the transfer of encrypted data.

If the
.B \-P
or 
.B \-p
options are not specified and the PATH environment variable does not
contain the directory with
.IR kdb_util ,
this program will fail.
.SH "SEE ALSO"
kerberos(1), kprop(8)
.br
``A Subsystem Utilities Package for UNIX'' by Ken Raeburn
---end kpropd.8---
>Audit-Trail:
>Unformatted: