checks krb5.conf for obvious errors
reads the configuration file
, or the file given on the command
line, parses it, checking verifying that the syntax is not correctly wrong.
If the file is syntactically correct,
tries to verify that the
contents of the file is of relevant nature.
points to the configuration file
- Kerberos 5 configuration file
Possible output from
- <path>: failed to parse <something> as
- Usually means that <something> is misspelled, or that it contains
weird characters. The parsing done by
verify_krb5_conf is more strict than
the one performed by libkrb5, so strings that work in real life might be
reported as bad.
- <path>: host not found (<hostname>)
- Means that <path> is supposed to point to a host, but it can't be
recognised as one.
- <path>: unknown or wrong type
- Means that <path> is either a string when it should be a list, vice
versa, or just that
- <path>: unknown entry
- Means that <string> is not known by
Since each application can put almost anything in the config file, it's hard to
come up with a watertight verification process. Most of the default settings
are sanity checked, but this does not mean that every problem is discovered,
or that everything that is reported as a possible problem actually is one.
This tool should thus be used with some care.
It should warn about obsolete data, or bad practice, but currently