Manual Pages for UNIX Darwin command on man kpropd
MyWebUniversity

Manual Pages for UNIX Darwin command on man kpropd

KPROPD(8) KPROPD(8)





NAME
       kpropd - Kerberos V5 slave KDC update server



SYNOPSIS
       kkpprrooppdd  [  -rr realm ] [ -ff slavedumpfile ] [ -FF principaldatabase ] [

       -pp kdb5utilprog ] [ -dd ] [ -SS ] [ -PP port ]



DESCRIPTION
       kpropd is the server which accepts connections from the  kprop(8)  pro-

       gram.   kpropd accepts the dumped KDC database and places it in a file,

       and then runs kdb5util(8) to load the dumped database into the  active
       database which is used by krb5kdc(8).  Thus, the master Kerberos server
       can use kprop(8) to propagate its database to the slave slavers.   Upon
       a  successful  download  of  the  KDC database file, the slave Kerberos

       server will have an up-to-date KDC database.



       Normally, kpropd is invoked out of inetd(8).  This is done by adding  a

       line to the inetd.conf file which looks like this:


       kprop     stream    tcp  nowait    root /usr/sbin/kpropd    kpropd



       However,  kpropd  can also run as a standalone deamon, if the -SS option

       is turned on.  This is done for debugging purposes, or if for some rea-

       son  the  system  administrator  just  doesn't  want  to  run it out of
       inetd(8).

OOPPTTIIOONNSS

       -rr realm

              specifies the realm of the master server; by default  the  realm
              returned by krb5defaultlocalrealm(3) is used.


       -ff file

              specifies  the filename where the dumped principal database file
              is to  be  stored;  by  default  the  dumped  database  file  is
              KPROPDDEFAULTFILE (normally /var/db/krb5kdc/frommaster).


       -pp     allows the user to specify the pathname to the kdb5util(8) pro-

              gram; by default the pathname used  is  KPROPDDEFAULTKDB5UTIL
              (normally /usr/sbin/kdb5util).


       -SS     turn  on  standalone  mode.   Normally, kpropd is invoked out of

              inetd(8) so it expects a network connection to be passed  to  it

              from  inetd (8).  If the -SS option is specified, kpropd will put

              itself into the background, and  wait  for  connections  to  the
              KPROPSERVICE port (normally krb5prop).


       -dd     turn on debug mode.  In this mode, if the -SS option is selected,

              kpropd will not detach itself from the current job  and  run  in

              the  background.   Instead,  it  will  run in the foreground and
              print out debugging messages during the database propagation.


       -PP     allow for an alternate port number for kpropd to listen on. This

              is only useful if the program is run in standalone mode.


       -aa     allows  the user to specify the path to the file; by default the

              path       used       is        KPROPDACLFILE        (normally

              /var/db/krb5kdc/kpropd.acl).


FILES
       kpropd.acl  Access   file   for   kkpprrooppdd;   the   default  location  is

                   KPROPDACLFILE   (normally    /var/db/krb5kdc/kpropd.acl).

                   Each  entry  is  a  line containing the principal of a host
                   from which the local machine will allow  Kerberos  database
                   propagation via kprop.


SEE ALSO
       kprop(8), kdb5util(8), krb5kdc(8), inetd(8)



                                                                     KPROPD(8)



Contact us      |      About us      |      Term of use      |       Copyright © 2000-2019 MyWebUniversity.com ™