Unix‎ > ‎Solaris‎ > ‎Solaris man pages‎ > ‎1m‎ > ‎

kpropd


NAME
     kpropd - Kerberos propagation daemon for slave KDCs

SYNOPSIS
     /usr/lib/krb5/kpropd [-d] [-f temp_dbfile] [-F dbfile]
         [-p kdb_util] [-P port_number] [-r realm]
         [-s srv_tabfile] [-S] [-a acl_file]


DESCRIPTION
     The kpropd command runs on the slave KDC server. It  listens
     for  update  requests  made by kprop(1M) from the master KDC
     and periodically requests incremental updates from the  mas-
     ter KDC.


     When the slave receives a kprop  request  from  the  master,
     kpropd copies principal data to a temporary text file. Next,
     kpropd invokes kdb5_util(1M) (unless  a  different  database
     utility  is selected) to load the text file in database for-
     mat.


     When the slave periodically  requests  incremental  updates,
     kpropd  update its principal.ulog file with any updates from
     the master. kproplog(1M) can be used to view  a  summary  of
     the update entry log on the slave KDC.


     kpropd is not configured for incremental  database  propaga-
     tion  by  default.  These  settings  can  be  changed in the
     kdc.conf(4) file:

     sunw_dbprop_enable = [true | false]

         Enables or disables  incremental  database  propagation.
         Default is false.


     sunw_dbprop_slave_poll = N[s, m, h]

         Specifies how often the slave KDC polls for any  updates
         that the master might have. Default is 2m (two minutes).



     The kiprop/<hostname>@<REALM> principal must  exist  in  the
     slave's  keytab  file  to  enable the master to authenticate
     incremental propagation requests from  the  slave.  In  this
     syntax,  <hostname> is the slave KDC's host name and <REALM>
     is the realm in which the slave KDC resides.

OPTIONS
     The following options are supported:

     -d

         Enable debug mode. Default is debug mode disabled.


     -f temp_dbfile

         The location of the slave's temporary principal database
         file. Default is /var/krb5/from_master.


     -F dbfile

         The location of the  slave's  principal  database  file.
         Default is /var/krb5/principal.


     -p kdb_util

         The location of the Kerberos database utility  used  for
         loading      principal     databases.     Default     is
         /usr/sbin/kdb5_util.


     -P port_number

         Specifies the port number on which kpropd  will  listen.
         Default is 754 (service name: krb5_prop).


     -r realm

         Specifies from which Kerberos realm kpropd will  receive
         information.      Default      is      specified      in
         /etc/krb5/krb5.conf.


     -s srv_tabfile

         The location of the service table file used to authenti-
         cate the kpropd daemon.


     -S

         Run the daemon in standalone  mode,  instead  of  having
         inetd  listen  for  requests.  Default is non-standalone
         mode.

     -a acl_file

         The location of the kpropd's access control list to ver-
         ify  if  this server can run the kpropd daemon. The file
         contains a  list  of  principal  name(s)  that  will  be
         receiving updates. Default is /etc/krb5/kpropd.acl.


FILES
     /var/krb5/principal

         Kerberos principal database.


     /var/krb5/principal.ulog

         The update log file.


     /etc/krb5/kdc.conf

         KDC configuration information.


     /etc/krb5/kpropd.acl

         List of principals of all  the  KDCs;  resides  on  each
         slave KDC.


     /var/krb5/from_master

         Temporary file used by kpropd before loading this to the
         principal database.


ATTRIBUTES
     See attributes(5) for descriptions of the  following  attri-
     butes:









     ____________________________________________________________
    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
    |_____________________________|_____________________________|
    | Availability                | SUNWkdcu                    |
    |_____________________________|_____________________________|
    | Interface Stability         | Evolving                    |
    |_____________________________|_____________________________|


SEE ALSO
     kdb5_util(1M),   kprop(1M),    kproplog(1M),    kdc.conf(4),
     krb5.conf(4), attributes(5), kerberos(5)










Man pages from Solaris 10 Update 8. See docs.sun.com and www.oracle.com for further documentation and Solaris information.
Comments