Provided by: heimdal-clients_7.8.git20221117.28daf24+dfsg-8ubuntu1_amd64 bug

NAME

     verify_krb5_conf — checks krb5.conf for obvious errors

SYNOPSIS

     verify_krb5_conf [config-file]

DESCRIPTION

     verify_krb5_conf reads the configuration file krb5.conf, or the file given on the command
     line, parses it, checking verifying that the syntax is not correctly wrong.

     If the file is syntactically correct, verify_krb5_conf tries to verify that the contents of
     the file is of relevant nature.

ENVIRONMENT

     KRB5_CONFIG points to the configuration file to read.

FILES

     /etc/krb5.conf  Kerberos 5 configuration file

DIAGNOSTICS

     Possible output from verify_krb5_conf include:

     <path>: failed to parse <something> as size/time/number/boolean
             Usually means that <something> is misspelled, or that it contains weird characters.
             The parsing done by verify_krb5_conf is more strict than the one performed by
             libkrb5, so strings that work in real life might be reported as bad.

     <path>: host not found (<hostname>)
             Means that <path> is supposed to point to a host, but it can't be recognised as one.

     <path>: unknown or wrong type
             Means that <path> is either a string when it should be a list, vice versa, or just
             that verify_krb5_conf is confused.

     <path>: unknown entry
             Means that <string> is not known by verify_krb5_conf.

SEE ALSO

     krb5.conf(5)

BUGS

     Since each application can put almost anything in the config file, it's hard to come up with
     a watertight verification process. Most of the default settings are sanity checked, but this
     does not mean that every problem is discovered, or that everything that is reported as a
     possible problem actually is one. This tool should thus be used with some care.

     It should warn about obsolete data, or bad practice, but currently doesn't.