svn rev #22208: trunk/src/kadmin/dbutil/
wfiveash@MIT.EDU
wfiveash at MIT.EDU
Mon Apr 13 18:15:07 EDT 2009
http://src.mit.edu/fisheye/changelog/krb5/?cs=22208
Commit By: wfiveash
Log Message:
Ticket: 6459
Subject: Update kdb5_util man page with missing purge_mkeys command
Version_Reported: 1.7
Target_Version: 1.7
Tags: pullup
While previously updating the kdb5_util command man page to include
documentation on new subcommands added as a result of the Master Key
Migration project I missed the purge_mkeys command. I've added that
with this commit.
Changed Files:
U trunk/src/kadmin/dbutil/kdb5_util.M
Modified: trunk/src/kadmin/dbutil/kdb5_util.M
===================================================================
--- trunk/src/kadmin/dbutil/kdb5_util.M 2009-04-13 20:26:35 UTC (rev 22207)
+++ trunk/src/kadmin/dbutil/kdb5_util.M 2009-04-13 22:15:05 UTC (rev 22208)
@@ -236,6 +236,18 @@
\fBlist_mkeys\fP
List all master keys from most recent to earliest in K/M principal. The output will show the KVNO, enctype and salt for each mkey similar to kadmin getprinc output. A * following an mkey denotes the currently active master key.
.TP
+\fBpurge_mkeys\fP [\fB-f\fP] [\fB-n\fP] [\fB-v\fP]
+Delete master keys from the K/M principal that are not used to protect any principals. This command can be used to remove old master keys from a K/M principal once all principal keys are protected by a newer master key.
+.TP
+.B \-f
+does not prompt user.
+.TP
+.B \-n
+do a dry run, shows master keys that would be purged, does not actually purge any keys.
+.TP
+.B \-v
+verbose output.
+.TP
\fBupdate_princ_encryption\fP [\fB\-f\fP] [\fB\-n\fP] [\fB\-v\fP] [\fBprinc\-pattern\fP]
Update all principal records (or only those matching the
.B princ\-pattern
More information about the cvs-krb5
mailing list