.SH SYNOPSIS
.B kadmind5
[
-.B \-i
+.B \-m
+] [
+.B \-n
] [
.B \-a
aclfile
] [
.B \-M
mkeyname
+] [
+.B \-T
+keytab
]
.SH DESCRIPTION
.I kadmind5
.IP \-k
.B mkeytype
specifies the master key type.
-.IP \-i
-Indicates that the master key name is to be entered interactively.
+.IP \-m
+Indicates that the master key name is to be entered manually.
.IP \-e
.B enctype
specifies the encryption type which is to be used.
+.IP \-T
+.B keytab
+specifies the name of the service key table.
.PP
.B ACL flag
.IP \-a
.IP \-D
Enables certain debugging features and messages selected by
.B debugmask.
+.IP \-n
+Specifies that the daemon is not to operate in the background.
.PP
.SH ACL FILE
.IP principal
may specify a partially or fully qualified Kerberos version 5
principal name. Each component of the name may be wildcarded using
-the asterick (
+the asterisk (
.B *
) character.
.IP operation-mask
.I i
[Dis]allows inquiries to the database.
.TP i
+.I e
+[Dis]allows extraction of service key entries.
+.TP i
.I p
Short for
.I adm.
.TP i
.I x or *
Short for
-.I admcoi.
+.I admcoie.
.PP
Some examples of valid entries here are:
.TP 2i
else's password or change his/her own.
.TP 2i
.I * o
-A catchall entry. The
+The catchall entry. The
.B operation-mask
applies to all principals and indicates that they may change their own
-passwords.
+passwords. This entry is the default entry.
.SH FILES
.TP 2i
projects / krb5.git / commitdiff