diff options
Diffstat (limited to 'client/wallet-rekey.1')
| -rw-r--r-- | client/wallet-rekey.1 | 44 |
1 files changed, 26 insertions, 18 deletions
diff --git a/client/wallet-rekey.1 b/client/wallet-rekey.1 index 10bc7fa..cd26421 100644 --- a/client/wallet-rekey.1 +++ b/client/wallet-rekey.1 @@ -1,4 +1,4 @@ -.\" Automatically generated by Pod::Man 2.25 (Pod::Simple 3.26) +.\" Automatically generated by Pod::Man 2.27 (Pod::Simple 3.28) .\" .\" Standard preamble: .\" ======================================================================== @@ -38,6 +38,8 @@ . ds PI \(*p . ds L" `` . ds R" '' +. ds C` +. ds C' 'br\} .\" .\" Escape single quotes in literal strings from groff's Unicode transform. @@ -48,17 +50,24 @@ .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. -.ie \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" +.\" +.\" Avoid warning from groff about undefined register 'F'. +.de IX .. -. nr % 0 -. rr F -.\} -.el \{\ -. de IX +.nr rF 0 +.if \n(.g .if rF .nr rF 1 +.if (\n(rF:(\n(.g==0)) \{ +. if \nF \{ +. de IX +. tm Index:\\$1\t\\n%\t"\\$2" .. +. if !\nF==2 \{ +. nr % 0 +. nr F 2 +. \} +. \} .\} +.rr rF .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. @@ -124,7 +133,7 @@ .\" ======================================================================== .\" .IX Title "WALLET-REKEY 1" -.TH WALLET-REKEY 1 "2013-03-27" "1.0" "wallet" +.TH WALLET-REKEY 1 "2014-07-16" "1.1" "wallet" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -145,11 +154,8 @@ from the local default realm, requests new wallet keytab objects for each principal (removing the realm when naming the keytab), and merges the new keys into the keytab. .PP -If an error occurs before any new keys were downloaded, \fBwallet-rekey\fR -aborts. If some new keys were successfully downloaded, \fBwallet-rekey\fR -warns about errors but continues to rekey all principals that it can. In -this case, a copy of the existing keytab prior to the rekeying is saved in -a file named by appending \f(CW\*(C`.old\*(C'\fR to the file name. +If an error occurs, \fBwallet-rekey\fR continues to rekey all principals that +it can, producing error messages for those that it cannot rekey. .PP If no keytab file name is given on the command line, \fBwallet-rekey\fR attempts to rekey \fI/etc/krb5.keytab\fR, the system default keytab file. @@ -171,8 +177,10 @@ or: \& ktutil \-k <keytab> purge .Ve .PP -for Heimdal. This functionality will eventually be provided by -\&\fBwallet-rekey\fR directly. +for Heimdal. The Heimdal command can be run by any user with access to +the keytab, but the \s-1MIT\s0 Kerberos command unfortunately has to be run by a +someone with direct \fBkadmin\fR access. This functionality will eventually +be provided by \fBwallet-rekey\fR directly. .SH "OPTIONS" .IX Header "OPTIONS" .IP "\fB\-c\fR \fIcommand\fR" 4 @@ -259,7 +267,7 @@ version of the wallet code on the server. The \fB\-c\fR command-line option overrides this setting. .SH "AUTHOR" .IX Header "AUTHOR" -Russ Allbery <rra@stanford.edu> +Russ Allbery <eagle@eyrie.org> .SH "COPYRIGHT AND LICENSE" .IX Header "COPYRIGHT AND LICENSE" Copyright 2010, 2013 The Board of Trustees of the Leland Stanford Junior |