kprop(8krb)kprop(8krb)Namekprop - Kerberos utility
Syntax
/var/dss/kerberos/bin/kprop database slaves_file [ -force ] [ -safe |
clear ]
[-realm realm_name]
Description
The daemon runs on a Kerberos master and propagates the Kerberos data‐
base to the Kerberos slaves, where it is received by the waiting dae‐
mon.
The first parameter, database, is the name of the file out of which
data is extracted. This file is not the Kerberos database, See the
reference page for more information. The database is a file created by
the command. It is an ASCII representation of the Kerberos database
(see the reference page for
The second parameter that must be supplied is slaves_file, the name of
the file on the Kerberos master that lists the Kerberos slaves to which
propagates the Kerberos master database. The is created in format.
The Kerberos utility first determines whether the ASCII Kerberos data‐
base, database, was correctly dumped by It accomplishes this by deter‐
mining if database is older than the file created by during the opera‐
tion. If it is older, the dump did not succeed or is not yet finished.
If the dump did not complete successfully or has not yet completed, the
master database is not transferred to any Kerberos slave. Otherwise,
determines, for each slave server listed in the whether or not the
database has changed since the last successful transfer to the slave.
It determines this for slave server by comparing the modification time
of the file with the modification time of database. If the file is
newer, then the database, database, need not be transferred to Finally,
propagates the database to those servers which need a new copy of the
database and updates the modification time of the file for these slave
servers.
Options-safe Specifies that the data sent over the network is guaranteed to
be authenticated at the destination and protected against modi‐
fications in transit. That is, and which are Kerberos princi‐
pals, become Kerberos-authenticated to each other and send mes‐
sages formatted by For more information about refer to the on-
line reference page,
-clear Specifies that all data should be sent in cleartext (unen‐
crypted). This switch is useful when first setting up the Ker‐
beros environment.
-realm Specifies the realm name that you are in. If this option is not
used, the realm_name is given in the file. (See the reference
page for more information.)
-force Forces the on the Kerberos master to propagate the Kerberos
database to the Kerberos slaves, even if there are no recent
changes to the database. Without the force flag, the Kerberos
database is not propagated if the database file has not changed
since the last successful transfer.
Restrictions
The Kerberos utility does not support the transfer of encrypted data.
Files
See Also
kpropd(8krb), krb.conf(5krb),
kdb_util(8krb), krb_slaves(5krb),
krb_dbase(8krb)kprop(8krb)