diff options
53 files changed, 277 insertions, 242 deletions
diff --git a/eBones/acl/acl_check.3 b/eBones/acl/acl_check.3 index c142506..2e5129c 100644 --- a/eBones/acl/acl_check.3 +++ b/eBones/acl/acl_check.3 @@ -1,5 +1,5 @@ .\" from: acl_check.3,v 4.1 89/01/23 11:06:54 jtkohl Exp $ -.\" $Id: acl_check.3,v 1.2 1994/07/19 19:27:17 g89r4222 Exp $ +.\" $Id: acl_check.3,v 1.1.1.1 1994/09/30 14:50:05 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -16,7 +16,7 @@ acl_delete, acl_initialize \- Access control list routines cc <files> \-lacl \-lkrb .PP .ft B -#include <krb.h> +#include <kerberosIV/krb.h> .PP .ft B acl_canonicalize_principal(principal, buf) @@ -98,7 +98,7 @@ must contain enough space to store a principal, given the limits on the sizes of name, instance, and realm specified as ANAME_SZ, INST_SZ, and REALM_SZ, respectively, in -.IR /usr/include/krb.h . +.IR /usr/include/kerberosIV/krb.h . .PP .I acl_check returns nonzero if diff --git a/eBones/ext_srvtab/ext_srvtab.8 b/eBones/ext_srvtab/ext_srvtab.8 index af980a9..565c3a3 100644 --- a/eBones/ext_srvtab/ext_srvtab.8 +++ b/eBones/ext_srvtab/ext_srvtab.8 @@ -1,5 +1,5 @@ .\" from: ext_srvtab.8,v 4.2 89/07/18 16:53:18 jtkohl Exp $ -.\" $Id: ext_srvtab.8,v 1.2 1994/07/19 19:27:20 g89r4222 Exp $ +.\" $Id: ext_srvtab.8,v 1.1.1.1 1994/09/30 14:50:05 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -50,14 +50,13 @@ match the given realm rather than the local realm. The master key string entered was incorrect. .SH FILES .TP 20n -.IR hostname -new-srvtab -Service key file generated for -.I hostname +/etc/kerberosIV/principal.db +DBM file containing database .TP -/kerberos/principal.pag, /kerberos/principal.dir -DBM files containing database +/etc/kerberosIV/principal.ok +Semaphore indicating that the DBM database is not being modified. .TP -/.k +/etc/kerberosIV/master_key Master key cache file. .SH SEE ALSO read_service_key(3), krb_get_phost(3) diff --git a/eBones/kadmind/kadmind.8 b/eBones/kadmind/kadmind.8 index 59075ee..1eb10d7 100644 --- a/eBones/kadmind/kadmind.8 +++ b/eBones/kadmind/kadmind.8 @@ -1,5 +1,5 @@ .\" from: kadmind.8,v 4.1 89/07/25 17:28:33 jtkohl Exp $ -.\" $Id: kadmind.8,v 1.2 1994/07/19 19:27:25 g89r4222 Exp $ +.\" $Id: kadmind.8,v 1.1.1.1 1994/09/30 14:50:06 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -95,19 +95,19 @@ in the database. A principal is always granted authorization to change its own password. .SH FILES .TP 20n -/kerberos/admin_server.syslog +/var/log/kadmind.syslog Default log file. .TP -/kerberos -Default access control list directory. +/etc/kerberosIV/admin_acl.{add,get,mod} +Access control list files .TP -admin_acl.{add,get,mod} -Access control list files (within the directory) +/etc/kerberosIV/principal.db +DBM file containing database .TP -/kerberos/principal.pag, /kerberos/principal.dir -Default DBM files containing database +/etc/kerberosIV/principal.ok +Semaphore indicating that the DBM database is not being modified. .TP -/.k +/etc/kerberosIV/master_key Master key cache file. .SH "SEE ALSO" kerberos(1), kpasswd(1), kadmin(8), acl_check(3) diff --git a/eBones/kdb_destroy/kdb_destroy.8 b/eBones/kdb_destroy/kdb_destroy.8 index 93db466..2e57876 100644 --- a/eBones/kdb_destroy/kdb_destroy.8 +++ b/eBones/kdb_destroy/kdb_destroy.8 @@ -1,5 +1,5 @@ .\" from: kdb_destroy.8,v 4.1 89/01/23 11:08:02 jtkohl Exp $ -.\" $Id: kdb_destroy.8,v 1.2 1994/07/19 19:27:26 g89r4222 Exp $ +.\" $Id: kdb_destroy.8,v 1.1.1.1 1994/09/30 14:50:06 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -27,7 +27,10 @@ access permission error). The user aborted the deletion. .SH FILES .TP 20n -/kerberos/principal.pag, /kerberos/principal.dir -DBM files containing database +/etc/kerberosIV/principal.db +DBM file containing database +.TP +/etc/kerberosIV/principal.ok +Semaphore indicating that the DBM database is not being modified. .SH SEE ALSO kdb_init(8) diff --git a/eBones/kdb_edit/kdb_edit.8 b/eBones/kdb_edit/kdb_edit.8 index 1cfd6ed..b2630c5 100644 --- a/eBones/kdb_edit/kdb_edit.8 +++ b/eBones/kdb_edit/kdb_edit.8 @@ -1,5 +1,5 @@ .\" from: kdb_edit.8,v 4.1 89/01/23 11:08:55 jtkohl Exp $ -.\" $Id: kdb_edit.8,v 1.2 1994/07/19 19:27:27 g89r4222 Exp $ +.\" $Id: kdb_edit.8,v 1.1.1.1 1994/09/30 14:50:06 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -48,8 +48,11 @@ printed. The master key string entered was incorrect. .SH FILES .TP 20n -/kerberos/principal.pag, /kerberos/principal.dir -DBM files containing database +/etc/kerberosIV/principal.db +DBM file containing database .TP -/.k +/etc/kerberosIV/principal.ok +Semaphore indicating that the DBM database is not being modified. +.TP +/etc/kerberosIV/master_key Master key cache file. diff --git a/eBones/kdb_init/kdb_init.8 b/eBones/kdb_init/kdb_init.8 index 54537ad..d884d00 100644 --- a/eBones/kdb_init/kdb_init.8 +++ b/eBones/kdb_init/kdb_init.8 @@ -1,5 +1,5 @@ .\" from: kdb_init.8,v 4.1 89/01/23 11:09:02 jtkohl Exp $ -.\" $Id: kdb_init.8,v 1.2 1994/07/19 19:27:29 g89r4222 Exp $ +.\" $Id: kdb_init.8,v 1.1.1.1 1994/09/30 14:50:06 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -21,21 +21,25 @@ If the optional .I realm argument is not present, .I kdb_init -prompts for a realm name (defaulting to the definition in /usr/include/krb.h). +prompts for a realm name (defaulting to the definition in +/usr/include/kerberosIV/krb.h). After determining the realm to be created, it prompts for a master key password. The master key password is used to encrypt every encryption key stored in the database. .SH DIAGNOSTICS .TP 20n -"/kerberos/principal: File exists" +"/etc/kerberosIV/principal: File exists" An attempt was made to create a database on a machine which already had an existing database. .SH FILES .TP 20n -/kerberos/principal.pag, /kerberos/principal.dir -DBM files containing database +/etc/kerberosIV/principal.db +DBM file containing database .TP -/usr/include/krb.h +/etc/kerberosIV/principal.ok +Semaphore indicating that the DBM database is not being modified. +.TP +/usr/include/kerberosIV/krb.h Include file defining default realm .SH SEE ALSO kdb_destroy(8) diff --git a/eBones/kdb_util/kdb_util.8 b/eBones/kdb_util/kdb_util.8 index 30a3b9f..4183ef3 100644 --- a/eBones/kdb_util/kdb_util.8 +++ b/eBones/kdb_util/kdb_util.8 @@ -1,5 +1,5 @@ .\" from: kdb_util.8,v 4.1 89/01/23 11:09:11 jtkohl Exp $ -.\" $Id: kdb_util.8,v 1.2 1994/07/19 19:27:30 g89r4222 Exp $ +.\" $Id: kdb_util.8,v 1.1.1.1 1994/09/30 14:50:06 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -56,9 +56,9 @@ is encrypted using the new format (encrypted directly with master key). The master key string entered was incorrect. .SH FILES .TP 20n -/kerberos/principal.pag, /kerberos/principal.dir -DBM files containing database +/etc/kerberosIV/principal.db +DBM file containing database .TP -.IR filename .ok +.IR filename .dump_ok semaphore file created by .IR slave_dump. diff --git a/eBones/klist/klist.1 b/eBones/klist/klist.1 index a66e668..af7e31a 100644 --- a/eBones/klist/klist.1 +++ b/eBones/klist/klist.1 @@ -1,5 +1,5 @@ .\" from: klist.1,v 4.8 89/01/24 14:35:09 jtkohl Exp $ -.\" $Id: klist.1,v 1.2 1994/07/19 19:27:38 g89r4222 Exp $ +.\" $Id: klist.1,v 1.1.1.1 1994/09/30 14:50:06 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -65,16 +65,16 @@ keys contained therein are printed. If no file is specified with a .B \-file option, the default is -.IR /etc/srvtab . +.IR /etc/kerberosIV/srvtab . .SH FILES .TP 2i -/etc/krb.conf +/etc/kerberosIV/krb.conf to get the name of the local realm .TP /tmp/tkt[uid] as the default ticket file ([uid] is the decimal UID of the user). .TP -/etc/srvtab +/etc/kerberosIV/srvtab as the default service key file .SH SEE ALSO .PP diff --git a/eBones/krb/krb.3 b/eBones/krb/krb.3 index 208f034..98a720b 100644 --- a/eBones/krb/krb.3 +++ b/eBones/krb/krb.3 @@ -1,6 +1,6 @@ -.\" $Source: /usr/src/kerberosIV/man/RCS/krb.3,v $ -.\" $Author: bostic $ -.\" $Header: /usr/src/kerberosIV/man/RCS/krb.3,v 4.11 1994/04/19 14:16:56 bostic Exp $ +.\" $Source: /home/ncvs/src/eBones/man/krb.3,v $ +.\" $Author: rgrimes $ +.\" $Header: /home/ncvs/src/eBones/man/krb.3,v 1.1.1.1 1994/05/27 05:12:09 rgrimes Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -133,7 +133,7 @@ to the calling procedure. It is up to the application to get the authenticator to the service where it will be read by .I krb_rd_req. -Unless an attacker possesses the session key contained in the ticket, it +Unless an attacker posesses the session key contained in the ticket, it will be unable to modify the authenticator. Thus, the checksum can be used to verify the authenticity of the other data that will pass through a connection. @@ -171,15 +171,15 @@ particular problem encountered. See for the list of error codes. .PP If the last argument is the null string (""), krb_rd_req will use the -file /etc/srvtab to find its keys. If the last argument is NULL, it -will assume that the key has been set by +file /etc/kerberosIV/srvtab to find its keys. If the last argument is +NULL, it will assume that the key has been set by .I krb_set_key and will not bother looking further. .PP .I krb_kntoln converts a Kerberos name to a local name. It takes a structure of type AUTH_DAT and uses the name and instance to look in the database -/etc/aname to find the corresponding local name. The local name is +/etc/kerberosIV/aname to find the corresponding local name. The local name is returned and can be used by an application to change uids, directories, or other parameters. It is not an integral part of Kerberos, but is instead provided to support the use of Kerberos in existing utilities. diff --git a/eBones/krb/krb_realmofhost.3 b/eBones/krb/krb_realmofhost.3 index f284069..63aa1eb 100644 --- a/eBones/krb/krb_realmofhost.3 +++ b/eBones/krb/krb_realmofhost.3 @@ -1,5 +1,5 @@ .\" from: krb_realmofhost.3,v 4.1 89/01/23 11:10:47 jtkohl Exp $ -.\" $Id: krb_realmofhost.3,v 1.2 1994/07/19 19:27:46 g89r4222 Exp $ +.\" $Id: krb_realmofhost.3,v 1.1.1.1 1994/09/30 14:50:07 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -13,8 +13,8 @@ krb_get_lrealm \- additional Kerberos utility routines .nf .nj .ft B -#include <krb.h> -#include <des.h> +#include <kerberosIV/krb.h> +#include <kerberosIV/des.h> #include <netinet/in.h> .PP .ft B @@ -48,7 +48,7 @@ int n; returns the Kerberos realm of the host .IR host , as determined by the translation table -.IR /etc/krb.realms . +.IR /etc/kerberosIV/krb.realms . .I host should be the fully-qualified domain-style primary host name of the host in question. In order to prevent certain security attacks, this routine @@ -96,7 +96,7 @@ with the hostname of the host running a Kerberos key distribution center (KDC) for realm .IR realm , -as specified in the configuration file (\fI/etc/krb.conf\fR). +as specified in the configuration file (\fI/etc/kerberosIV/krb.conf\fR). The configuration file is described by .IR krb.conf (5). If the host is successfully filled in, the routine @@ -119,7 +119,7 @@ with the hostname of the host running a Kerberos KDC database administration server for realm .IR realm , -as specified in the configuration file (\fI/etc/krb.conf\fR). +as specified in the configuration file (\fI/etc/kerberosIV/krb.conf\fR). If the file cannot be opened or is malformed, or there are fewer than .I n hosts running a Kerberos KDC database administration server, @@ -145,10 +145,10 @@ should be at least REALM_SZ (from kerberos(3), krb.conf(5), krb.realms(5) .SH FILES .TP 20n -/etc/krb.realms +/etc/kerberosIV/krb.realms translation file for host-to-realm mapping. .TP -/etc/krb.conf +/etc/kerberosIV/krb.conf local realm-name and realm/server configuration file. .SH BUGS The current convention for instance names is too limited; the full diff --git a/eBones/krb/krb_sendauth.3 b/eBones/krb/krb_sendauth.3 index f5e95b7..a749bb5 100644 --- a/eBones/krb/krb_sendauth.3 +++ b/eBones/krb/krb_sendauth.3 @@ -1,5 +1,5 @@ .\" from: krb_sendauth.3,v 4.1 89/01/23 11:10:58 jtkohl Exp $ -.\" $Id: krb_sendauth.3,v 1.2 1994/07/19 19:27:47 g89r4222 Exp $ +.\" $Id: krb_sendauth.3,v 1.1.1.1 1994/09/30 14:50:07 csgr Exp $ .\" Copyright 1988 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -13,8 +13,8 @@ Kerberos routines for sending authentication via network stream sockets .nf .nj .ft B -#include <krb.h> -#include <des.h> +#include <kerberosIV/krb.h> +#include <kerberosIV/des.h> #include <netinet/in.h> .PP .fi @@ -295,7 +295,7 @@ function. If you set this argument to "", .I krb_rd_req looks for the service key in the file -.IR /etc/srvtab. +.IR /etc/kerberosIV/srvtab. If the client and server are performing mutual authenication, the @@ -345,4 +345,4 @@ John T. Kohl, MIT Project Athena .SH RESTRICTIONS Copyright 1988, Massachusetts Instititute of Technology. For copying and distribution information, -please see the file <mit-copyright.h>. +please see the file <Copyright.h>. diff --git a/eBones/krb/krb_set_tkt_string.3 b/eBones/krb/krb_set_tkt_string.3 index c9f3dcf..73b5e5d 100644 --- a/eBones/krb/krb_set_tkt_string.3 +++ b/eBones/krb/krb_set_tkt_string.3 @@ -1,5 +1,5 @@ .\" from: krb_set_tkt_string.3,v 4.1 89/01/23 11:11:09 jtkohl Exp $ -.\" $Id: krb_set_tkt_string.3,v 1.2 1994/07/19 19:27:49 g89r4222 Exp $ +.\" $Id: krb_set_tkt_string.3,v 1.1.1.1 1994/09/30 14:50:07 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -12,7 +12,7 @@ krb_set_tkt_string \- set Kerberos ticket cache file name .nf .nj .ft B -#include <krb.h> +#include <kerberosIV/krb.h> .PP .ft B void krb_set_tkt_string(filename) diff --git a/eBones/krb/kuserok.3 b/eBones/krb/kuserok.3 index 36968ba..c7581a6 100644 --- a/eBones/krb/kuserok.3 +++ b/eBones/krb/kuserok.3 @@ -1,5 +1,5 @@ .\" from: kuserok.3,v 4.1 89/01/23 11:11:49 jtkohl Exp $ -.\" $Id: kuserok.3,v 1.2 1994/07/19 19:27:58 g89r4222 Exp $ +.\" $Id: kuserok.3,v 1.1.1.1 1994/09/30 14:50:07 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -12,7 +12,7 @@ kuserok \- Kerberos version of ruserok .nf .nj .ft B -#include <krb.h> +#include <kerberosIV/krb.h> .PP .ft B kuserok(kdata, localuser) diff --git a/eBones/krb/tf_util.3 b/eBones/krb/tf_util.3 index 3a9bc94..ee6e436 100644 --- a/eBones/krb/tf_util.3 +++ b/eBones/krb/tf_util.3 @@ -1,5 +1,5 @@ .\" from: tf_util.3,v 4.2 89/04/25 17:17:11 jtkohl Exp $ -.\" $Id: tf_util.3,v 1.2 1994/07/19 19:28:05 g89r4222 Exp $ +.\" $Id: tf_util.3,v 1.1.1.1 1994/09/30 14:50:08 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -13,7 +13,7 @@ tf_init, tf_get_pname, tf_get_pinst, tf_get_cred, tf_close \ .nf .nj .ft B -#include <krb.h> +#include <kerberosIV/krb.h> .PP .ft B extern char *krb_err_txt[]; diff --git a/eBones/ksrvtgt/ksrvtgt.1 b/eBones/ksrvtgt/ksrvtgt.1 index 25fd939..129c745 100644 --- a/eBones/ksrvtgt/ksrvtgt.1 +++ b/eBones/ksrvtgt/ksrvtgt.1 @@ -1,5 +1,5 @@ .\" from: ksrvtgt.1,v 4.1 89/01/24 14:36:28 jtkohl Exp $ -.\" $Id: ksrvtgt.1,v 1.2 1994/07/19 19:27:52 g89r4222 Exp $ +.\" $Id: ksrvtgt.1,v 1.1.1.1 1994/09/30 14:50:07 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -25,7 +25,7 @@ is not supplied on the command line), decrypts the response using the service key found in .I srvtab (or in -.B /etc/srvtab +.B /etc/kerberosIV/srvtab if .I srvtab is not specified on the command line), and stores the ticket in the @@ -39,13 +39,13 @@ problems, the most common of which is the inability to read the service key file. .SH FILES .TP 2i -/etc/krb.conf +/etc/kerberosIV/krb.conf to get the name of the local realm. .TP /tmp/tkt[uid] The default ticket file. .TP -/etc/srvtab +/etc/kerberosIV/srvtab The default service key file. .SH SEE ALSO kerberos(1), kinit(1), kdestroy(1) diff --git a/eBones/kstash/kstash.8 b/eBones/kstash/kstash.8 index d83379a..ac8c57b 100644 --- a/eBones/kstash/kstash.8 +++ b/eBones/kstash/kstash.8 @@ -1,5 +1,5 @@ .\" from: kstash.8,v 4.1 89/01/23 11:11:39 jtkohl Exp $ -.\" $Id: kstash.8,v 1.2 1994/07/19 19:27:55 g89r4222 Exp $ +.\" $Id: kstash.8,v 1.1.1.1 1994/09/30 14:50:07 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -34,8 +34,11 @@ system call returned an error while was attempting to write the key to the file. .SH FILES .TP 20n -/kerberos/principal.pag, /kerberos/principal.dir -DBM files containing database +/etc/kerberosIV/principal.db +DBM file containing database .TP -/.k +/etc/kerberosIV/principal.ok +Semaphore indicating that the DBM database is not being modified. +.TP +/etc/kerberosIV/master_key Master key cache file. diff --git a/eBones/lib/libacl/acl_check.3 b/eBones/lib/libacl/acl_check.3 index c142506..2e5129c 100644 --- a/eBones/lib/libacl/acl_check.3 +++ b/eBones/lib/libacl/acl_check.3 @@ -1,5 +1,5 @@ .\" from: acl_check.3,v 4.1 89/01/23 11:06:54 jtkohl Exp $ -.\" $Id: acl_check.3,v 1.2 1994/07/19 19:27:17 g89r4222 Exp $ +.\" $Id: acl_check.3,v 1.1.1.1 1994/09/30 14:50:05 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -16,7 +16,7 @@ acl_delete, acl_initialize \- Access control list routines cc <files> \-lacl \-lkrb .PP .ft B -#include <krb.h> +#include <kerberosIV/krb.h> .PP .ft B acl_canonicalize_principal(principal, buf) @@ -98,7 +98,7 @@ must contain enough space to store a principal, given the limits on the sizes of name, instance, and realm specified as ANAME_SZ, INST_SZ, and REALM_SZ, respectively, in -.IR /usr/include/krb.h . +.IR /usr/include/kerberosIV/krb.h . .PP .I acl_check returns nonzero if diff --git a/eBones/lib/libkrb/krb.3 b/eBones/lib/libkrb/krb.3 index 208f034..98a720b 100644 --- a/eBones/lib/libkrb/krb.3 +++ b/eBones/lib/libkrb/krb.3 @@ -1,6 +1,6 @@ -.\" $Source: /usr/src/kerberosIV/man/RCS/krb.3,v $ -.\" $Author: bostic $ -.\" $Header: /usr/src/kerberosIV/man/RCS/krb.3,v 4.11 1994/04/19 14:16:56 bostic Exp $ +.\" $Source: /home/ncvs/src/eBones/man/krb.3,v $ +.\" $Author: rgrimes $ +.\" $Header: /home/ncvs/src/eBones/man/krb.3,v 1.1.1.1 1994/05/27 05:12:09 rgrimes Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -133,7 +133,7 @@ to the calling procedure. It is up to the application to get the authenticator to the service where it will be read by .I krb_rd_req. -Unless an attacker possesses the session key contained in the ticket, it +Unless an attacker posesses the session key contained in the ticket, it will be unable to modify the authenticator. Thus, the checksum can be used to verify the authenticity of the other data that will pass through a connection. @@ -171,15 +171,15 @@ particular problem encountered. See for the list of error codes. .PP If the last argument is the null string (""), krb_rd_req will use the -file /etc/srvtab to find its keys. If the last argument is NULL, it -will assume that the key has been set by +file /etc/kerberosIV/srvtab to find its keys. If the last argument is +NULL, it will assume that the key has been set by .I krb_set_key and will not bother looking further. .PP .I krb_kntoln converts a Kerberos name to a local name. It takes a structure of type AUTH_DAT and uses the name and instance to look in the database -/etc/aname to find the corresponding local name. The local name is +/etc/kerberosIV/aname to find the corresponding local name. The local name is returned and can be used by an application to change uids, directories, or other parameters. It is not an integral part of Kerberos, but is instead provided to support the use of Kerberos in existing utilities. diff --git a/eBones/lib/libkrb/krb_realmofhost.3 b/eBones/lib/libkrb/krb_realmofhost.3 index f284069..63aa1eb 100644 --- a/eBones/lib/libkrb/krb_realmofhost.3 +++ b/eBones/lib/libkrb/krb_realmofhost.3 @@ -1,5 +1,5 @@ .\" from: krb_realmofhost.3,v 4.1 89/01/23 11:10:47 jtkohl Exp $ -.\" $Id: krb_realmofhost.3,v 1.2 1994/07/19 19:27:46 g89r4222 Exp $ +.\" $Id: krb_realmofhost.3,v 1.1.1.1 1994/09/30 14:50:07 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -13,8 +13,8 @@ krb_get_lrealm \- additional Kerberos utility routines .nf .nj .ft B -#include <krb.h> -#include <des.h> +#include <kerberosIV/krb.h> +#include <kerberosIV/des.h> #include <netinet/in.h> .PP .ft B @@ -48,7 +48,7 @@ int n; returns the Kerberos realm of the host .IR host , as determined by the translation table -.IR /etc/krb.realms . +.IR /etc/kerberosIV/krb.realms . .I host should be the fully-qualified domain-style primary host name of the host in question. In order to prevent certain security attacks, this routine @@ -96,7 +96,7 @@ with the hostname of the host running a Kerberos key distribution center (KDC) for realm .IR realm , -as specified in the configuration file (\fI/etc/krb.conf\fR). +as specified in the configuration file (\fI/etc/kerberosIV/krb.conf\fR). The configuration file is described by .IR krb.conf (5). If the host is successfully filled in, the routine @@ -119,7 +119,7 @@ with the hostname of the host running a Kerberos KDC database administration server for realm .IR realm , -as specified in the configuration file (\fI/etc/krb.conf\fR). +as specified in the configuration file (\fI/etc/kerberosIV/krb.conf\fR). If the file cannot be opened or is malformed, or there are fewer than .I n hosts running a Kerberos KDC database administration server, @@ -145,10 +145,10 @@ should be at least REALM_SZ (from kerberos(3), krb.conf(5), krb.realms(5) .SH FILES .TP 20n -/etc/krb.realms +/etc/kerberosIV/krb.realms translation file for host-to-realm mapping. .TP -/etc/krb.conf +/etc/kerberosIV/krb.conf local realm-name and realm/server configuration file. .SH BUGS The current convention for instance names is too limited; the full diff --git a/eBones/lib/libkrb/krb_sendauth.3 b/eBones/lib/libkrb/krb_sendauth.3 index f5e95b7..a749bb5 100644 --- a/eBones/lib/libkrb/krb_sendauth.3 +++ b/eBones/lib/libkrb/krb_sendauth.3 @@ -1,5 +1,5 @@ .\" from: krb_sendauth.3,v 4.1 89/01/23 11:10:58 jtkohl Exp $ -.\" $Id: krb_sendauth.3,v 1.2 1994/07/19 19:27:47 g89r4222 Exp $ +.\" $Id: krb_sendauth.3,v 1.1.1.1 1994/09/30 14:50:07 csgr Exp $ .\" Copyright 1988 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -13,8 +13,8 @@ Kerberos routines for sending authentication via network stream sockets .nf .nj .ft B -#include <krb.h> -#include <des.h> +#include <kerberosIV/krb.h> +#include <kerberosIV/des.h> #include <netinet/in.h> .PP .fi @@ -295,7 +295,7 @@ function. If you set this argument to "", .I krb_rd_req looks for the service key in the file -.IR /etc/srvtab. +.IR /etc/kerberosIV/srvtab. If the client and server are performing mutual authenication, the @@ -345,4 +345,4 @@ John T. Kohl, MIT Project Athena .SH RESTRICTIONS Copyright 1988, Massachusetts Instititute of Technology. For copying and distribution information, -please see the file <mit-copyright.h>. +please see the file <Copyright.h>. diff --git a/eBones/lib/libkrb/krb_set_tkt_string.3 b/eBones/lib/libkrb/krb_set_tkt_string.3 index c9f3dcf..73b5e5d 100644 --- a/eBones/lib/libkrb/krb_set_tkt_string.3 +++ b/eBones/lib/libkrb/krb_set_tkt_string.3 @@ -1,5 +1,5 @@ .\" from: krb_set_tkt_string.3,v 4.1 89/01/23 11:11:09 jtkohl Exp $ -.\" $Id: krb_set_tkt_string.3,v 1.2 1994/07/19 19:27:49 g89r4222 Exp $ +.\" $Id: krb_set_tkt_string.3,v 1.1.1.1 1994/09/30 14:50:07 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -12,7 +12,7 @@ krb_set_tkt_string \- set Kerberos ticket cache file name .nf .nj .ft B -#include <krb.h> +#include <kerberosIV/krb.h> .PP .ft B void krb_set_tkt_string(filename) diff --git a/eBones/lib/libkrb/kuserok.3 b/eBones/lib/libkrb/kuserok.3 index 36968ba..c7581a6 100644 --- a/eBones/lib/libkrb/kuserok.3 +++ b/eBones/lib/libkrb/kuserok.3 @@ -1,5 +1,5 @@ .\" from: kuserok.3,v 4.1 89/01/23 11:11:49 jtkohl Exp $ -.\" $Id: kuserok.3,v 1.2 1994/07/19 19:27:58 g89r4222 Exp $ +.\" $Id: kuserok.3,v 1.1.1.1 1994/09/30 14:50:07 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -12,7 +12,7 @@ kuserok \- Kerberos version of ruserok .nf .nj .ft B -#include <krb.h> +#include <kerberosIV/krb.h> .PP .ft B kuserok(kdata, localuser) diff --git a/eBones/lib/libkrb/tf_util.3 b/eBones/lib/libkrb/tf_util.3 index 3a9bc94..ee6e436 100644 --- a/eBones/lib/libkrb/tf_util.3 +++ b/eBones/lib/libkrb/tf_util.3 @@ -1,5 +1,5 @@ .\" from: tf_util.3,v 4.2 89/04/25 17:17:11 jtkohl Exp $ -.\" $Id: tf_util.3,v 1.2 1994/07/19 19:28:05 g89r4222 Exp $ +.\" $Id: tf_util.3,v 1.1.1.1 1994/09/30 14:50:08 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -13,7 +13,7 @@ tf_init, tf_get_pname, tf_get_pinst, tf_get_cred, tf_close \ .nf .nj .ft B -#include <krb.h> +#include <kerberosIV/krb.h> .PP .ft B extern char *krb_err_txt[]; diff --git a/eBones/man/Makefile b/eBones/man/Makefile index 0c520f0..849a430 100644 --- a/eBones/man/Makefile +++ b/eBones/man/Makefile @@ -1,10 +1,9 @@ # from: @(#)Makefile 5.4 (Berkeley) 7/25/90 -# $Id: Makefile,v 1.2 1994/11/20 23:41:23 wollman Exp $ +# $Id: Makefile,v 1.3 1995/01/20 01:26:53 wollman Exp $ -MAN1= kdestroy.1 kerberos.1 kinit.1 klist.1 ksrvtgt.1 \ - kpasswd.1 +MAN1= kdestroy.1 kerberos.1 kinit.1 klist.1 ksrvtgt.1 MAN3= acl_check.3 des_crypt.3 krb.3 krb_realmofhost.3 krb_sendauth.3 \ - krb_set_tkt_string.3 kuserok.3 tf_util.3 kerberos.3 + krb_set_tkt_string.3 kuserok.3 tf_util.3 MAN5= krb.conf.5 krb.realms.5 MAN8= ext_srvtab.8 kdb_destroy.8 kdb_edit.8 kdb_init.8 kdb_util.8 kstash.8 \ kadmin.8 kadmind.8 diff --git a/eBones/man/acl_check.3 b/eBones/man/acl_check.3 index c142506..2e5129c 100644 --- a/eBones/man/acl_check.3 +++ b/eBones/man/acl_check.3 @@ -1,5 +1,5 @@ .\" from: acl_check.3,v 4.1 89/01/23 11:06:54 jtkohl Exp $ -.\" $Id: acl_check.3,v 1.2 1994/07/19 19:27:17 g89r4222 Exp $ +.\" $Id: acl_check.3,v 1.1.1.1 1994/09/30 14:50:05 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -16,7 +16,7 @@ acl_delete, acl_initialize \- Access control list routines cc <files> \-lacl \-lkrb .PP .ft B -#include <krb.h> +#include <kerberosIV/krb.h> .PP .ft B acl_canonicalize_principal(principal, buf) @@ -98,7 +98,7 @@ must contain enough space to store a principal, given the limits on the sizes of name, instance, and realm specified as ANAME_SZ, INST_SZ, and REALM_SZ, respectively, in -.IR /usr/include/krb.h . +.IR /usr/include/kerberosIV/krb.h . .PP .I acl_check returns nonzero if diff --git a/eBones/man/des_crypt.3 b/eBones/man/des_crypt.3 index 0be8342..2d91b6d 100644 --- a/eBones/man/des_crypt.3 +++ b/eBones/man/des_crypt.3 @@ -1,5 +1,5 @@ .\" from: des_crypt.3,v 4.3 89/01/23 17:08:59 steiner Exp $ -.\" $Id: des_crypt.3,v 1.2 1994/07/19 19:27:19 g89r4222 Exp $ +.\" $Id: des_crypt.3,v 1.1.1.1 1994/09/30 14:50:05 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -14,7 +14,7 @@ des_quad_cksum, \- (new) DES encryption .nf .nj .ft B -#include <des.h> +#include <kerberosIV/des.h> .PP .ft B .B int des_read_password(key,prompt,verify) @@ -361,7 +361,7 @@ the computed checksum are written into the output. .PP .PP .SH FILES -/usr/include/des.h +/usr/include/kerberosIV/des.h .br /usr/lib/libdes.a .SH "SEE ALSO" diff --git a/eBones/man/ext_srvtab.8 b/eBones/man/ext_srvtab.8 index af980a9..565c3a3 100644 --- a/eBones/man/ext_srvtab.8 +++ b/eBones/man/ext_srvtab.8 @@ -1,5 +1,5 @@ .\" from: ext_srvtab.8,v 4.2 89/07/18 16:53:18 jtkohl Exp $ -.\" $Id: ext_srvtab.8,v 1.2 1994/07/19 19:27:20 g89r4222 Exp $ +.\" $Id: ext_srvtab.8,v 1.1.1.1 1994/09/30 14:50:05 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -50,14 +50,13 @@ match the given realm rather than the local realm. The master key string entered was incorrect. .SH FILES .TP 20n -.IR hostname -new-srvtab -Service key file generated for -.I hostname +/etc/kerberosIV/principal.db +DBM file containing database .TP -/kerberos/principal.pag, /kerberos/principal.dir -DBM files containing database +/etc/kerberosIV/principal.ok +Semaphore indicating that the DBM database is not being modified. .TP -/.k +/etc/kerberosIV/master_key Master key cache file. .SH SEE ALSO read_service_key(3), krb_get_phost(3) diff --git a/eBones/man/kadmind.8 b/eBones/man/kadmind.8 index 59075ee..1eb10d7 100644 --- a/eBones/man/kadmind.8 +++ b/eBones/man/kadmind.8 @@ -1,5 +1,5 @@ .\" from: kadmind.8,v 4.1 89/07/25 17:28:33 jtkohl Exp $ -.\" $Id: kadmind.8,v 1.2 1994/07/19 19:27:25 g89r4222 Exp $ +.\" $Id: kadmind.8,v 1.1.1.1 1994/09/30 14:50:06 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -95,19 +95,19 @@ in the database. A principal is always granted authorization to change its own password. .SH FILES .TP 20n -/kerberos/admin_server.syslog +/var/log/kadmind.syslog Default log file. .TP -/kerberos -Default access control list directory. +/etc/kerberosIV/admin_acl.{add,get,mod} +Access control list files .TP -admin_acl.{add,get,mod} -Access control list files (within the directory) +/etc/kerberosIV/principal.db +DBM file containing database .TP -/kerberos/principal.pag, /kerberos/principal.dir -Default DBM files containing database +/etc/kerberosIV/principal.ok +Semaphore indicating that the DBM database is not being modified. .TP -/.k +/etc/kerberosIV/master_key Master key cache file. .SH "SEE ALSO" kerberos(1), kpasswd(1), kadmin(8), acl_check(3) diff --git a/eBones/man/kdb_destroy.8 b/eBones/man/kdb_destroy.8 index 93db466..2e57876 100644 --- a/eBones/man/kdb_destroy.8 +++ b/eBones/man/kdb_destroy.8 @@ -1,5 +1,5 @@ .\" from: kdb_destroy.8,v 4.1 89/01/23 11:08:02 jtkohl Exp $ -.\" $Id: kdb_destroy.8,v 1.2 1994/07/19 19:27:26 g89r4222 Exp $ +.\" $Id: kdb_destroy.8,v 1.1.1.1 1994/09/30 14:50:06 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -27,7 +27,10 @@ access permission error). The user aborted the deletion. .SH FILES .TP 20n -/kerberos/principal.pag, /kerberos/principal.dir -DBM files containing database +/etc/kerberosIV/principal.db +DBM file containing database +.TP +/etc/kerberosIV/principal.ok +Semaphore indicating that the DBM database is not being modified. .SH SEE ALSO kdb_init(8) diff --git a/eBones/man/kdb_edit.8 b/eBones/man/kdb_edit.8 index 1cfd6ed..b2630c5 100644 --- a/eBones/man/kdb_edit.8 +++ b/eBones/man/kdb_edit.8 @@ -1,5 +1,5 @@ .\" from: kdb_edit.8,v 4.1 89/01/23 11:08:55 jtkohl Exp $ -.\" $Id: kdb_edit.8,v 1.2 1994/07/19 19:27:27 g89r4222 Exp $ +.\" $Id: kdb_edit.8,v 1.1.1.1 1994/09/30 14:50:06 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -48,8 +48,11 @@ printed. The master key string entered was incorrect. .SH FILES .TP 20n -/kerberos/principal.pag, /kerberos/principal.dir -DBM files containing database +/etc/kerberosIV/principal.db +DBM file containing database .TP -/.k +/etc/kerberosIV/principal.ok +Semaphore indicating that the DBM database is not being modified. +.TP +/etc/kerberosIV/master_key Master key cache file. diff --git a/eBones/man/kdb_init.8 b/eBones/man/kdb_init.8 index 54537ad..d884d00 100644 --- a/eBones/man/kdb_init.8 +++ b/eBones/man/kdb_init.8 @@ -1,5 +1,5 @@ .\" from: kdb_init.8,v 4.1 89/01/23 11:09:02 jtkohl Exp $ -.\" $Id: kdb_init.8,v 1.2 1994/07/19 19:27:29 g89r4222 Exp $ +.\" $Id: kdb_init.8,v 1.1.1.1 1994/09/30 14:50:06 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -21,21 +21,25 @@ If the optional .I realm argument is not present, .I kdb_init -prompts for a realm name (defaulting to the definition in /usr/include/krb.h). +prompts for a realm name (defaulting to the definition in +/usr/include/kerberosIV/krb.h). After determining the realm to be created, it prompts for a master key password. The master key password is used to encrypt every encryption key stored in the database. .SH DIAGNOSTICS .TP 20n -"/kerberos/principal: File exists" +"/etc/kerberosIV/principal: File exists" An attempt was made to create a database on a machine which already had an existing database. .SH FILES .TP 20n -/kerberos/principal.pag, /kerberos/principal.dir -DBM files containing database +/etc/kerberosIV/principal.db +DBM file containing database .TP -/usr/include/krb.h +/etc/kerberosIV/principal.ok +Semaphore indicating that the DBM database is not being modified. +.TP +/usr/include/kerberosIV/krb.h Include file defining default realm .SH SEE ALSO kdb_destroy(8) diff --git a/eBones/man/kdb_util.8 b/eBones/man/kdb_util.8 index 30a3b9f..4183ef3 100644 --- a/eBones/man/kdb_util.8 +++ b/eBones/man/kdb_util.8 @@ -1,5 +1,5 @@ .\" from: kdb_util.8,v 4.1 89/01/23 11:09:11 jtkohl Exp $ -.\" $Id: kdb_util.8,v 1.2 1994/07/19 19:27:30 g89r4222 Exp $ +.\" $Id: kdb_util.8,v 1.1.1.1 1994/09/30 14:50:06 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -56,9 +56,9 @@ is encrypted using the new format (encrypted directly with master key). The master key string entered was incorrect. .SH FILES .TP 20n -/kerberos/principal.pag, /kerberos/principal.dir -DBM files containing database +/etc/kerberosIV/principal.db +DBM file containing database .TP -.IR filename .ok +.IR filename .dump_ok semaphore file created by .IR slave_dump. diff --git a/eBones/man/klist.1 b/eBones/man/klist.1 index a66e668..af7e31a 100644 --- a/eBones/man/klist.1 +++ b/eBones/man/klist.1 @@ -1,5 +1,5 @@ .\" from: klist.1,v 4.8 89/01/24 14:35:09 jtkohl Exp $ -.\" $Id: klist.1,v 1.2 1994/07/19 19:27:38 g89r4222 Exp $ +.\" $Id: klist.1,v 1.1.1.1 1994/09/30 14:50:06 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -65,16 +65,16 @@ keys contained therein are printed. If no file is specified with a .B \-file option, the default is -.IR /etc/srvtab . +.IR /etc/kerberosIV/srvtab . .SH FILES .TP 2i -/etc/krb.conf +/etc/kerberosIV/krb.conf to get the name of the local realm .TP /tmp/tkt[uid] as the default ticket file ([uid] is the decimal UID of the user). .TP -/etc/srvtab +/etc/kerberosIV/srvtab as the default service key file .SH SEE ALSO .PP diff --git a/eBones/man/krb.3 b/eBones/man/krb.3 index 208f034..98a720b 100644 --- a/eBones/man/krb.3 +++ b/eBones/man/krb.3 @@ -1,6 +1,6 @@ -.\" $Source: /usr/src/kerberosIV/man/RCS/krb.3,v $ -.\" $Author: bostic $ -.\" $Header: /usr/src/kerberosIV/man/RCS/krb.3,v 4.11 1994/04/19 14:16:56 bostic Exp $ +.\" $Source: /home/ncvs/src/eBones/man/krb.3,v $ +.\" $Author: rgrimes $ +.\" $Header: /home/ncvs/src/eBones/man/krb.3,v 1.1.1.1 1994/05/27 05:12:09 rgrimes Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -133,7 +133,7 @@ to the calling procedure. It is up to the application to get the authenticator to the service where it will be read by .I krb_rd_req. -Unless an attacker possesses the session key contained in the ticket, it +Unless an attacker posesses the session key contained in the ticket, it will be unable to modify the authenticator. Thus, the checksum can be used to verify the authenticity of the other data that will pass through a connection. @@ -171,15 +171,15 @@ particular problem encountered. See for the list of error codes. .PP If the last argument is the null string (""), krb_rd_req will use the -file /etc/srvtab to find its keys. If the last argument is NULL, it -will assume that the key has been set by +file /etc/kerberosIV/srvtab to find its keys. If the last argument is +NULL, it will assume that the key has been set by .I krb_set_key and will not bother looking further. .PP .I krb_kntoln converts a Kerberos name to a local name. It takes a structure of type AUTH_DAT and uses the name and instance to look in the database -/etc/aname to find the corresponding local name. The local name is +/etc/kerberosIV/aname to find the corresponding local name. The local name is returned and can be used by an application to change uids, directories, or other parameters. It is not an integral part of Kerberos, but is instead provided to support the use of Kerberos in existing utilities. diff --git a/eBones/man/krb.conf.5 b/eBones/man/krb.conf.5 index ac977bb..4a87007 100644 --- a/eBones/man/krb.conf.5 +++ b/eBones/man/krb.conf.5 @@ -1,5 +1,5 @@ .\" from: krb.conf.5,v 4.1 89/01/23 11:10:34 jtkohl Exp $ -.\" $Id: krb.conf.5,v 1.2 1994/07/19 19:27:43 g89r4222 Exp $ +.\" $Id: krb.conf.5,v 1.1.1.1 1994/09/30 14:50:07 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -7,7 +7,7 @@ .\" .TH KRB.CONF 5 "Kerberos Version 4.0" "MIT Project Athena" .SH NAME -/etc/krb.conf \- Kerberos configuration file +/etc/kerberosIV/krb.conf \- Kerberos configuration file .SH DESCRIPTION .I krb.conf contains configuration information describing the Kerberos realm and the diff --git a/eBones/man/krb.realms.5 b/eBones/man/krb.realms.5 index 90226a9..877477f 100644 --- a/eBones/man/krb.realms.5 +++ b/eBones/man/krb.realms.5 @@ -1,5 +1,5 @@ .\" from: krb.realms.5,v 4.1 89/01/23 11:10:41 jtkohl Exp $ -.\" $Id: krb.realms.5,v 1.2 1994/07/19 19:27:45 g89r4222 Exp $ +.\" $Id: krb.realms.5,v 1.1.1.1 1994/09/30 14:50:07 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -7,7 +7,7 @@ .\" .TH KRB.REALMS 5 "Kerberos Version 4.0" "MIT Project Athena" .SH NAME -/etc/krb.realms \- host to Kerberos realm translation file +/etc/kerberosIV/krb.realms \- host to Kerberos realm translation file .SH DESCRIPTION .I krb.realms provides a translation from a hostname to the Kerberos realm name for diff --git a/eBones/man/krb_realmofhost.3 b/eBones/man/krb_realmofhost.3 index f284069..63aa1eb 100644 --- a/eBones/man/krb_realmofhost.3 +++ b/eBones/man/krb_realmofhost.3 @@ -1,5 +1,5 @@ .\" from: krb_realmofhost.3,v 4.1 89/01/23 11:10:47 jtkohl Exp $ -.\" $Id: krb_realmofhost.3,v 1.2 1994/07/19 19:27:46 g89r4222 Exp $ +.\" $Id: krb_realmofhost.3,v 1.1.1.1 1994/09/30 14:50:07 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -13,8 +13,8 @@ krb_get_lrealm \- additional Kerberos utility routines .nf .nj .ft B -#include <krb.h> -#include <des.h> +#include <kerberosIV/krb.h> +#include <kerberosIV/des.h> #include <netinet/in.h> .PP .ft B @@ -48,7 +48,7 @@ int n; returns the Kerberos realm of the host .IR host , as determined by the translation table -.IR /etc/krb.realms . +.IR /etc/kerberosIV/krb.realms . .I host should be the fully-qualified domain-style primary host name of the host in question. In order to prevent certain security attacks, this routine @@ -96,7 +96,7 @@ with the hostname of the host running a Kerberos key distribution center (KDC) for realm .IR realm , -as specified in the configuration file (\fI/etc/krb.conf\fR). +as specified in the configuration file (\fI/etc/kerberosIV/krb.conf\fR). The configuration file is described by .IR krb.conf (5). If the host is successfully filled in, the routine @@ -119,7 +119,7 @@ with the hostname of the host running a Kerberos KDC database administration server for realm .IR realm , -as specified in the configuration file (\fI/etc/krb.conf\fR). +as specified in the configuration file (\fI/etc/kerberosIV/krb.conf\fR). If the file cannot be opened or is malformed, or there are fewer than .I n hosts running a Kerberos KDC database administration server, @@ -145,10 +145,10 @@ should be at least REALM_SZ (from kerberos(3), krb.conf(5), krb.realms(5) .SH FILES .TP 20n -/etc/krb.realms +/etc/kerberosIV/krb.realms translation file for host-to-realm mapping. .TP -/etc/krb.conf +/etc/kerberosIV/krb.conf local realm-name and realm/server configuration file. .SH BUGS The current convention for instance names is too limited; the full diff --git a/eBones/man/krb_sendauth.3 b/eBones/man/krb_sendauth.3 index f5e95b7..a749bb5 100644 --- a/eBones/man/krb_sendauth.3 +++ b/eBones/man/krb_sendauth.3 @@ -1,5 +1,5 @@ .\" from: krb_sendauth.3,v 4.1 89/01/23 11:10:58 jtkohl Exp $ -.\" $Id: krb_sendauth.3,v 1.2 1994/07/19 19:27:47 g89r4222 Exp $ +.\" $Id: krb_sendauth.3,v 1.1.1.1 1994/09/30 14:50:07 csgr Exp $ .\" Copyright 1988 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -13,8 +13,8 @@ Kerberos routines for sending authentication via network stream sockets .nf .nj .ft B -#include <krb.h> -#include <des.h> +#include <kerberosIV/krb.h> +#include <kerberosIV/des.h> #include <netinet/in.h> .PP .fi @@ -295,7 +295,7 @@ function. If you set this argument to "", .I krb_rd_req looks for the service key in the file -.IR /etc/srvtab. +.IR /etc/kerberosIV/srvtab. If the client and server are performing mutual authenication, the @@ -345,4 +345,4 @@ John T. Kohl, MIT Project Athena .SH RESTRICTIONS Copyright 1988, Massachusetts Instititute of Technology. For copying and distribution information, -please see the file <mit-copyright.h>. +please see the file <Copyright.h>. diff --git a/eBones/man/krb_set_tkt_string.3 b/eBones/man/krb_set_tkt_string.3 index c9f3dcf..73b5e5d 100644 --- a/eBones/man/krb_set_tkt_string.3 +++ b/eBones/man/krb_set_tkt_string.3 @@ -1,5 +1,5 @@ .\" from: krb_set_tkt_string.3,v 4.1 89/01/23 11:11:09 jtkohl Exp $ -.\" $Id: krb_set_tkt_string.3,v 1.2 1994/07/19 19:27:49 g89r4222 Exp $ +.\" $Id: krb_set_tkt_string.3,v 1.1.1.1 1994/09/30 14:50:07 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -12,7 +12,7 @@ krb_set_tkt_string \- set Kerberos ticket cache file name .nf .nj .ft B -#include <krb.h> +#include <kerberosIV/krb.h> .PP .ft B void krb_set_tkt_string(filename) diff --git a/eBones/man/ksrvtgt.1 b/eBones/man/ksrvtgt.1 index 25fd939..129c745 100644 --- a/eBones/man/ksrvtgt.1 +++ b/eBones/man/ksrvtgt.1 @@ -1,5 +1,5 @@ .\" from: ksrvtgt.1,v 4.1 89/01/24 14:36:28 jtkohl Exp $ -.\" $Id: ksrvtgt.1,v 1.2 1994/07/19 19:27:52 g89r4222 Exp $ +.\" $Id: ksrvtgt.1,v 1.1.1.1 1994/09/30 14:50:07 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -25,7 +25,7 @@ is not supplied on the command line), decrypts the response using the service key found in .I srvtab (or in -.B /etc/srvtab +.B /etc/kerberosIV/srvtab if .I srvtab is not specified on the command line), and stores the ticket in the @@ -39,13 +39,13 @@ problems, the most common of which is the inability to read the service key file. .SH FILES .TP 2i -/etc/krb.conf +/etc/kerberosIV/krb.conf to get the name of the local realm. .TP /tmp/tkt[uid] The default ticket file. .TP -/etc/srvtab +/etc/kerberosIV/srvtab The default service key file. .SH SEE ALSO kerberos(1), kinit(1), kdestroy(1) diff --git a/eBones/man/kstash.8 b/eBones/man/kstash.8 index d83379a..ac8c57b 100644 --- a/eBones/man/kstash.8 +++ b/eBones/man/kstash.8 @@ -1,5 +1,5 @@ .\" from: kstash.8,v 4.1 89/01/23 11:11:39 jtkohl Exp $ -.\" $Id: kstash.8,v 1.2 1994/07/19 19:27:55 g89r4222 Exp $ +.\" $Id: kstash.8,v 1.1.1.1 1994/09/30 14:50:07 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -34,8 +34,11 @@ system call returned an error while was attempting to write the key to the file. .SH FILES .TP 20n -/kerberos/principal.pag, /kerberos/principal.dir -DBM files containing database +/etc/kerberosIV/principal.db +DBM file containing database .TP -/.k +/etc/kerberosIV/principal.ok +Semaphore indicating that the DBM database is not being modified. +.TP +/etc/kerberosIV/master_key Master key cache file. diff --git a/eBones/man/kuserok.3 b/eBones/man/kuserok.3 index 36968ba..c7581a6 100644 --- a/eBones/man/kuserok.3 +++ b/eBones/man/kuserok.3 @@ -1,5 +1,5 @@ .\" from: kuserok.3,v 4.1 89/01/23 11:11:49 jtkohl Exp $ -.\" $Id: kuserok.3,v 1.2 1994/07/19 19:27:58 g89r4222 Exp $ +.\" $Id: kuserok.3,v 1.1.1.1 1994/09/30 14:50:07 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -12,7 +12,7 @@ kuserok \- Kerberos version of ruserok .nf .nj .ft B -#include <krb.h> +#include <kerberosIV/krb.h> .PP .ft B kuserok(kdata, localuser) diff --git a/eBones/man/tf_util.3 b/eBones/man/tf_util.3 index 3a9bc94..ee6e436 100644 --- a/eBones/man/tf_util.3 +++ b/eBones/man/tf_util.3 @@ -1,5 +1,5 @@ .\" from: tf_util.3,v 4.2 89/04/25 17:17:11 jtkohl Exp $ -.\" $Id: tf_util.3,v 1.2 1994/07/19 19:28:05 g89r4222 Exp $ +.\" $Id: tf_util.3,v 1.1.1.1 1994/09/30 14:50:08 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -13,7 +13,7 @@ tf_init, tf_get_pname, tf_get_pinst, tf_get_cred, tf_close \ .nf .nj .ft B -#include <krb.h> +#include <kerberosIV/krb.h> .PP .ft B extern char *krb_err_txt[]; diff --git a/eBones/usr.bin/klist/klist.1 b/eBones/usr.bin/klist/klist.1 index a66e668..af7e31a 100644 --- a/eBones/usr.bin/klist/klist.1 +++ b/eBones/usr.bin/klist/klist.1 @@ -1,5 +1,5 @@ .\" from: klist.1,v 4.8 89/01/24 14:35:09 jtkohl Exp $ -.\" $Id: klist.1,v 1.2 1994/07/19 19:27:38 g89r4222 Exp $ +.\" $Id: klist.1,v 1.1.1.1 1994/09/30 14:50:06 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -65,16 +65,16 @@ keys contained therein are printed. If no file is specified with a .B \-file option, the default is -.IR /etc/srvtab . +.IR /etc/kerberosIV/srvtab . .SH FILES .TP 2i -/etc/krb.conf +/etc/kerberosIV/krb.conf to get the name of the local realm .TP /tmp/tkt[uid] as the default ticket file ([uid] is the decimal UID of the user). .TP -/etc/srvtab +/etc/kerberosIV/srvtab as the default service key file .SH SEE ALSO .PP diff --git a/eBones/usr.bin/ksrvtgt/ksrvtgt.1 b/eBones/usr.bin/ksrvtgt/ksrvtgt.1 index 25fd939..129c745 100644 --- a/eBones/usr.bin/ksrvtgt/ksrvtgt.1 +++ b/eBones/usr.bin/ksrvtgt/ksrvtgt.1 @@ -1,5 +1,5 @@ .\" from: ksrvtgt.1,v 4.1 89/01/24 14:36:28 jtkohl Exp $ -.\" $Id: ksrvtgt.1,v 1.2 1994/07/19 19:27:52 g89r4222 Exp $ +.\" $Id: ksrvtgt.1,v 1.1.1.1 1994/09/30 14:50:07 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -25,7 +25,7 @@ is not supplied on the command line), decrypts the response using the service key found in .I srvtab (or in -.B /etc/srvtab +.B /etc/kerberosIV/srvtab if .I srvtab is not specified on the command line), and stores the ticket in the @@ -39,13 +39,13 @@ problems, the most common of which is the inability to read the service key file. .SH FILES .TP 2i -/etc/krb.conf +/etc/kerberosIV/krb.conf to get the name of the local realm. .TP /tmp/tkt[uid] The default ticket file. .TP -/etc/srvtab +/etc/kerberosIV/srvtab The default service key file. .SH SEE ALSO kerberos(1), kinit(1), kdestroy(1) diff --git a/eBones/usr.sbin/ext_srvtab/ext_srvtab.8 b/eBones/usr.sbin/ext_srvtab/ext_srvtab.8 index af980a9..565c3a3 100644 --- a/eBones/usr.sbin/ext_srvtab/ext_srvtab.8 +++ b/eBones/usr.sbin/ext_srvtab/ext_srvtab.8 @@ -1,5 +1,5 @@ .\" from: ext_srvtab.8,v 4.2 89/07/18 16:53:18 jtkohl Exp $ -.\" $Id: ext_srvtab.8,v 1.2 1994/07/19 19:27:20 g89r4222 Exp $ +.\" $Id: ext_srvtab.8,v 1.1.1.1 1994/09/30 14:50:05 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -50,14 +50,13 @@ match the given realm rather than the local realm. The master key string entered was incorrect. .SH FILES .TP 20n -.IR hostname -new-srvtab -Service key file generated for -.I hostname +/etc/kerberosIV/principal.db +DBM file containing database .TP -/kerberos/principal.pag, /kerberos/principal.dir -DBM files containing database +/etc/kerberosIV/principal.ok +Semaphore indicating that the DBM database is not being modified. .TP -/.k +/etc/kerberosIV/master_key Master key cache file. .SH SEE ALSO read_service_key(3), krb_get_phost(3) diff --git a/eBones/usr.sbin/kadmin/kadmind.8 b/eBones/usr.sbin/kadmin/kadmind.8 index 59075ee..1eb10d7 100644 --- a/eBones/usr.sbin/kadmin/kadmind.8 +++ b/eBones/usr.sbin/kadmin/kadmind.8 @@ -1,5 +1,5 @@ .\" from: kadmind.8,v 4.1 89/07/25 17:28:33 jtkohl Exp $ -.\" $Id: kadmind.8,v 1.2 1994/07/19 19:27:25 g89r4222 Exp $ +.\" $Id: kadmind.8,v 1.1.1.1 1994/09/30 14:50:06 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -95,19 +95,19 @@ in the database. A principal is always granted authorization to change its own password. .SH FILES .TP 20n -/kerberos/admin_server.syslog +/var/log/kadmind.syslog Default log file. .TP -/kerberos -Default access control list directory. +/etc/kerberosIV/admin_acl.{add,get,mod} +Access control list files .TP -admin_acl.{add,get,mod} -Access control list files (within the directory) +/etc/kerberosIV/principal.db +DBM file containing database .TP -/kerberos/principal.pag, /kerberos/principal.dir -Default DBM files containing database +/etc/kerberosIV/principal.ok +Semaphore indicating that the DBM database is not being modified. .TP -/.k +/etc/kerberosIV/master_key Master key cache file. .SH "SEE ALSO" kerberos(1), kpasswd(1), kadmin(8), acl_check(3) diff --git a/eBones/usr.sbin/kadmind/kadmind.8 b/eBones/usr.sbin/kadmind/kadmind.8 index 59075ee..1eb10d7 100644 --- a/eBones/usr.sbin/kadmind/kadmind.8 +++ b/eBones/usr.sbin/kadmind/kadmind.8 @@ -1,5 +1,5 @@ .\" from: kadmind.8,v 4.1 89/07/25 17:28:33 jtkohl Exp $ -.\" $Id: kadmind.8,v 1.2 1994/07/19 19:27:25 g89r4222 Exp $ +.\" $Id: kadmind.8,v 1.1.1.1 1994/09/30 14:50:06 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -95,19 +95,19 @@ in the database. A principal is always granted authorization to change its own password. .SH FILES .TP 20n -/kerberos/admin_server.syslog +/var/log/kadmind.syslog Default log file. .TP -/kerberos -Default access control list directory. +/etc/kerberosIV/admin_acl.{add,get,mod} +Access control list files .TP -admin_acl.{add,get,mod} -Access control list files (within the directory) +/etc/kerberosIV/principal.db +DBM file containing database .TP -/kerberos/principal.pag, /kerberos/principal.dir -Default DBM files containing database +/etc/kerberosIV/principal.ok +Semaphore indicating that the DBM database is not being modified. .TP -/.k +/etc/kerberosIV/master_key Master key cache file. .SH "SEE ALSO" kerberos(1), kpasswd(1), kadmin(8), acl_check(3) diff --git a/eBones/usr.sbin/kdb_destroy/kdb_destroy.8 b/eBones/usr.sbin/kdb_destroy/kdb_destroy.8 index 93db466..2e57876 100644 --- a/eBones/usr.sbin/kdb_destroy/kdb_destroy.8 +++ b/eBones/usr.sbin/kdb_destroy/kdb_destroy.8 @@ -1,5 +1,5 @@ .\" from: kdb_destroy.8,v 4.1 89/01/23 11:08:02 jtkohl Exp $ -.\" $Id: kdb_destroy.8,v 1.2 1994/07/19 19:27:26 g89r4222 Exp $ +.\" $Id: kdb_destroy.8,v 1.1.1.1 1994/09/30 14:50:06 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -27,7 +27,10 @@ access permission error). The user aborted the deletion. .SH FILES .TP 20n -/kerberos/principal.pag, /kerberos/principal.dir -DBM files containing database +/etc/kerberosIV/principal.db +DBM file containing database +.TP +/etc/kerberosIV/principal.ok +Semaphore indicating that the DBM database is not being modified. .SH SEE ALSO kdb_init(8) diff --git a/eBones/usr.sbin/kdb_edit/kdb_edit.8 b/eBones/usr.sbin/kdb_edit/kdb_edit.8 index 1cfd6ed..b2630c5 100644 --- a/eBones/usr.sbin/kdb_edit/kdb_edit.8 +++ b/eBones/usr.sbin/kdb_edit/kdb_edit.8 @@ -1,5 +1,5 @@ .\" from: kdb_edit.8,v 4.1 89/01/23 11:08:55 jtkohl Exp $ -.\" $Id: kdb_edit.8,v 1.2 1994/07/19 19:27:27 g89r4222 Exp $ +.\" $Id: kdb_edit.8,v 1.1.1.1 1994/09/30 14:50:06 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -48,8 +48,11 @@ printed. The master key string entered was incorrect. .SH FILES .TP 20n -/kerberos/principal.pag, /kerberos/principal.dir -DBM files containing database +/etc/kerberosIV/principal.db +DBM file containing database .TP -/.k +/etc/kerberosIV/principal.ok +Semaphore indicating that the DBM database is not being modified. +.TP +/etc/kerberosIV/master_key Master key cache file. diff --git a/eBones/usr.sbin/kdb_init/kdb_init.8 b/eBones/usr.sbin/kdb_init/kdb_init.8 index 54537ad..d884d00 100644 --- a/eBones/usr.sbin/kdb_init/kdb_init.8 +++ b/eBones/usr.sbin/kdb_init/kdb_init.8 @@ -1,5 +1,5 @@ .\" from: kdb_init.8,v 4.1 89/01/23 11:09:02 jtkohl Exp $ -.\" $Id: kdb_init.8,v 1.2 1994/07/19 19:27:29 g89r4222 Exp $ +.\" $Id: kdb_init.8,v 1.1.1.1 1994/09/30 14:50:06 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -21,21 +21,25 @@ If the optional .I realm argument is not present, .I kdb_init -prompts for a realm name (defaulting to the definition in /usr/include/krb.h). +prompts for a realm name (defaulting to the definition in +/usr/include/kerberosIV/krb.h). After determining the realm to be created, it prompts for a master key password. The master key password is used to encrypt every encryption key stored in the database. .SH DIAGNOSTICS .TP 20n -"/kerberos/principal: File exists" +"/etc/kerberosIV/principal: File exists" An attempt was made to create a database on a machine which already had an existing database. .SH FILES .TP 20n -/kerberos/principal.pag, /kerberos/principal.dir -DBM files containing database +/etc/kerberosIV/principal.db +DBM file containing database .TP -/usr/include/krb.h +/etc/kerberosIV/principal.ok +Semaphore indicating that the DBM database is not being modified. +.TP +/usr/include/kerberosIV/krb.h Include file defining default realm .SH SEE ALSO kdb_destroy(8) diff --git a/eBones/usr.sbin/kdb_util/kdb_util.8 b/eBones/usr.sbin/kdb_util/kdb_util.8 index 30a3b9f..4183ef3 100644 --- a/eBones/usr.sbin/kdb_util/kdb_util.8 +++ b/eBones/usr.sbin/kdb_util/kdb_util.8 @@ -1,5 +1,5 @@ .\" from: kdb_util.8,v 4.1 89/01/23 11:09:11 jtkohl Exp $ -.\" $Id: kdb_util.8,v 1.2 1994/07/19 19:27:30 g89r4222 Exp $ +.\" $Id: kdb_util.8,v 1.1.1.1 1994/09/30 14:50:06 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -56,9 +56,9 @@ is encrypted using the new format (encrypted directly with master key). The master key string entered was incorrect. .SH FILES .TP 20n -/kerberos/principal.pag, /kerberos/principal.dir -DBM files containing database +/etc/kerberosIV/principal.db +DBM file containing database .TP -.IR filename .ok +.IR filename .dump_ok semaphore file created by .IR slave_dump. diff --git a/eBones/usr.sbin/kstash/kstash.8 b/eBones/usr.sbin/kstash/kstash.8 index d83379a..ac8c57b 100644 --- a/eBones/usr.sbin/kstash/kstash.8 +++ b/eBones/usr.sbin/kstash/kstash.8 @@ -1,5 +1,5 @@ .\" from: kstash.8,v 4.1 89/01/23 11:11:39 jtkohl Exp $ -.\" $Id: kstash.8,v 1.2 1994/07/19 19:27:55 g89r4222 Exp $ +.\" $Id: kstash.8,v 1.1.1.1 1994/09/30 14:50:07 csgr Exp $ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -34,8 +34,11 @@ system call returned an error while was attempting to write the key to the file. .SH FILES .TP 20n -/kerberos/principal.pag, /kerberos/principal.dir -DBM files containing database +/etc/kerberosIV/principal.db +DBM file containing database .TP -/.k +/etc/kerberosIV/principal.ok +Semaphore indicating that the DBM database is not being modified. +.TP +/etc/kerberosIV/master_key Master key cache file. |