From 9983d95ccca697a543e9b2286d48d48596ef8b8d Mon Sep 17 00:00:00 2001 From: Jeff Bigler Date: Thu, 29 Aug 1996 20:35:03 +0000 Subject: [PATCH] man page rewrite from Cygnus git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9007 dc483132-0cff-0310-8789-dd5450dbe970 --- src/clients/kdestroy/kdestroy.M | 72 +++++++++------ src/clients/klist/klist.M | 150 +++++++++++++++++--------------- 2 files changed, 124 insertions(+), 98 deletions(-) diff --git a/src/clients/kdestroy/kdestroy.M b/src/clients/kdestroy/kdestroy.M index 90f18a154..8dbd07872 100644 --- a/src/clients/kdestroy/kdestroy.M +++ b/src/clients/kdestroy/kdestroy.M @@ -17,44 +17,62 @@ .\" permission. M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. -.\" -.\" -.TH KDESTROY 1 "Kerberos Version 5.0" "MIT Project Athena" +.\" " +.so man1/header.doc +.TH KDESTROY 1 \*h .SH NAME kdestroy \- destroy Kerberos tickets .SH SYNOPSIS .B kdestroy -[ -.B \-c -.I cachename -] +[\fB\-q\fP] [\fB\-c\fP \fIcache_name] +.br .SH DESCRIPTION The .I kdestroy -utility destroys the user's active -Kerberos authorization tickets by writing zeros to the specified -credentials cache that contains them. If the credentials cache is not -specified, the default credentials cache is destroyed. +utility destroys the user's active Kerberos authorization tickets by +writing zeros to the specified credentials cache that contains them. If +the credentials cache is not specified, the default credentials cache is +destroyed. +.SH OPTIONS +.TP +.B \-q +Run quietly. Normally +.B kdestroy +beeps if it fails to destroy the user's tickets. The +.B \-q +flag suppresses this behavior. +.TP +\fB\-c\fP \fIcache_name\fP +use +.I cache_name +as the credentials (ticket) cache name and location; if this option is +not used, the default cache name and location are used. +.sp +The default credentials cache may vary between systems. If the +.SM KRB5CCNAME +environment variable is set, its value is used to name the default +ticket cache. .PP -In the Athena workstation environment, the -.I login -or -.I Xlogin -program automatically destroys your tickets when you -end a workstation session. -If your site does not provide a similar ticket-destroying mechanism, -you can place the +Most installations recommend that you place the .I kdestroy command in your .I .logout -file so that your tickets are destroyed automatically -when you logout. -.PP +file, so that your tickets are destroyed automatically when you log out. +.SH ENVIRONMENT +.B Kdestroy +uses the following environment variable: +.TP "\w'.SM KRB5CCNAME\ \ 'u" +.SM KRB5CCNAME +Location of the credentials (ticket) cache. +.SH FILES +.TP "\w'/tmp/krb5cc_[uid]\ \ 'u" +/tmp/krb5cc_[uid] +default credentials cache ([uid] is the decimal UID of the user). .SH SEE ALSO -kerberos(1), kinit(1), klist(1) +kinit(1), klist(1) .SH BUGS .PP -Only the tickets in the user's current ticket file are destroyed. -Separate ticket files are used to hold root instance and password -changing tickets. These files should probably be destroyed too, or -all of a user's tickets kept in a single ticket file. +Only the tickets in the specified credentials cache are destroyed. +Separate ticket caches are used to hold root instance and password +changing tickets. These should probably be destroyed too, or all of a +user's tickets kept in a single credentials cache. diff --git a/src/clients/klist/klist.M b/src/clients/klist/klist.M index 9cbacabfd..acc110224 100644 --- a/src/clients/klist/klist.M +++ b/src/clients/klist/klist.M @@ -17,92 +17,100 @@ .\" permission. M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. -.\" -.\" -.TH KLIST 1 "Kerberos Version 5.0" "MIT Project Athena" +.\" " +.so man1/header.doc +.TH KLIST 1 \*h .SH NAME klist \- list cached Kerberos tickets .SH SYNOPSIS -.B klist -[ -.B \-c -] [ -.B \-f -] [ -.B \-e -] [ -.B \-s -] [ -.I cachename -] - -.B klist \-k -[ -.B \-t -] [ -.B \-K -] [ -.I keytabname -] - +\fBklist\fP [\fB\-e\fP] [[\fB\-c\fP] [\fB\-f\fP] [\fB\-s\fP] +[\fIcache_name\fP]] [\fB\-k\fP [\fB\-t\fP] [\fB\-K\fP] +[\fIkeytab_name\fP]] .br .SH DESCRIPTION -.I klist -will list the primary principal and Kerberos tickets held -in a credentials cache if the +.I Klist +lists the Kerberos principal and Kerberos tickets held in a credentials +cache, or the keys held in a +.B keytab +file. +.SH OPTIONS +.TP +.B \-e +displays the encryption types of the session key and the ticket for each +credential in the credential cache, or each key in the keytab file. +.TP .B \-c -option is used, or in the keytab files if the -.B \-k -option is used. By default, the +List tickets held in a credentials cache. This is the default if +neither .B \-c -option is assumed if neither option is specified on the command line. -.PP -The +nor +.B \-k +is specified. +.TP .B \-f -option causes -.I klist -to display the flags present in the credentials. -The abbreviations below will be printed: +shows the flags present in the credentials, using the following +abbreviations: +.sp .nf .in +.5i -F Forwardable -f Forwarded -P Proxiable -p Proxy -D May-post\fBD\fPate -d Post\fBD\fPated -R Renewable -I Initial +F \fBF\fPorwardable +f \fBf\fPorwarded +P \fBP\fProxiable +p \fBp\fProxy +D post\fBD\fPateable +d post\fBd\fPated +R \fBR\fPenewable +I \fBI\fPnitial +i \fBi\fPnvalid .in -.5i .fi -.PP -The -.B \-e -option causes -.I klist -to display the encryption types of the sesison key and the ticket -for each credential. -.PP -The +.TP +.B \-s +causes +.B klist +to run silently (produce no output), but to still set the exit status +according to whether it finds the credentials cache. The exit status is +`0' if +.B klist +finds a credentials cache, and `1' if it does not. +.TP +\fB\-k\fP +List keys held in a +.B keytab +file. +.TP .B \-t -option causes -.I klist -to display the time entry timestamps for each keytab entry. -.PP -The +display the time entry timestamps for each keytab entry in the keytab +file. +.TP .B \-K -option causes -.I klist -to display the value of the encryption key in each keytab entry. +display the value of the encryption key in each keytab entry in the +keytab file. .PP If -.I cachename -is not specified, klist will display the credentials in the default -credentials cache. The -.IR kinit (1) -manual page specifies how the default credentials cache is selected. -Similarly, if -.I keytabname -is not specified, the default keytab file shall be used. +.I cache_name +or +.I keytab_name +is not specified, klist will display the credentials in the default +credentials cache or keytab file as appropriate. If the +.B KRB5CCNAME +environment variable is set, its value is used to name the default +ticket cache. +.SH ENVIRONMENT +.B Klist +uses the following environment variable: +.TP "\w'.SM KRB5CCNAME\ \ 'u" +.SM KRB5CCNAME +Location of the credentials (ticket) cache. +.SH FILES +.TP "\w'/tmp/krb5cc_[uid]\ \ 'u" +/tmp/krb5cc_[uid] +default location of the credentials cache ([uid] is the decimal UID of +the user). +.TP +/etc/v5srvtab +default location of the +.B keytab +file. .SH SEE ALSO kinit(1), kdestroy(1), krb5(3) -- 2.26.2