| blob | a85eb5c5715bc427ff075526fd3b44187cd95e98 |
1 /*
2 * Copyright (c) 2004-2022 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33 /* $Id$ */
35 command = {
36 name = "add"
37 option = {
38 long = "principal"
39 short = "p"
40 type = "string"
41 help = "principal to add"
42 argument = "principal"
43 default = ""
44 }
45 option = {
46 long = "kvno"
47 short = "V"
48 type = "integer"
49 help = "key version number"
50 default = "-1"
51 }
52 option = {
53 long = "enctype"
54 short = "e"
55 type = "string"
56 argument = "enctype"
57 help = "encryption type(s)"
58 }
59 option = {
60 long = "password"
61 short = "w"
62 type = "string"
63 help = "password for key"
64 }
65 option = {
66 long = "salt"
67 short = "s"
68 type = "-flag"
69 help = "use unsalted keys"
70 default = "1"
71 }
72 option = {
73 long = "random"
74 short = "r"
75 type = "flag"
76 help = "generate random key"
77 }
78 option = {
79 long = "keepold"
80 type = "flag"
81 help = "keep old keys/password needed to decrypt extant tickets (default)"
82 }
83 option = {
84 long = "keepallold"
85 type = "flag"
86 help = "keep all old keys/password"
87 }
88 option = {
89 long = "pruneall"
90 type = "flag"
91 help = "delete all old keys"
92 }
93 option = {
94 long = "hex"
95 short = "H"
96 type = "flag"
97 help = "password is a hexadecimal string"
98 }
99 function = "kt_add"
100 help = "Adds a key to a keytab."
101 max_args = "0"
102 }
103 command = {
104 name = "change"
105 option = {
106 long = "realm"
107 short = "r"
108 type = "string"
109 argument = "realm"
110 help = "realm to use"
111 }
112 option = {
113 long = "enctype"
114 short = "e"
115 type = "string"
116 argument = "enctype"
117 help = "encryption type(s)"
118 }
119 option = {
120 long = "keepold"
121 type = "flag"
122 help = "keep old keys/password needed to decrypt extant tickets (default)"
123 }
124 option = {
125 long = "keepallold"
126 type = "flag"
127 help = "keep all old keys/password"
128 }
129 option = {
130 long = "pruneall"
131 type = "flag"
132 help = "delete all old keys"
133 }
134 option = {
135 long = "admin-server"
136 short = "a"
137 type = "string"
138 argument = "host"
139 help = "server to contact"
140 }
141 option = {
142 long = "server-port"
143 short = "s"
144 type = "integer"
145 argument = "port number"
146 help = "port number on server"
147 }
148 function = "kt_change"
149 argument = "[principal...]"
150 help = "Change keys for specified principals (default all)."
151 }
152 command = {
153 name = "copy"
154 name = "merge"
155 function = "kt_copy"
156 option = {
157 long = "copy-duplicates"
158 type = "flag"
159 help = "copy entries for the same principal and kvno, but different keys"
160 }
161 argument = "source destination"
162 min_args = "2"
163 max_args = "2"
164 help = "Merges one keytab into another."
165 }
166 command = {
167 name = "get"
168 option = {
169 long = "principal"
170 short = "p"
171 type = "string"
172 help = "admin principal"
173 argument = "principal"
174 }
175 option = {
176 long = "create"
177 type = "-flag"
178 help = "do not create the principal"
179 }
180 option = {
181 long = "change-keys"
182 type = "-flag"
183 help = "do not change the principal's keys"
184 }
185 option = {
186 long = "enctypes"
187 short = "e"
188 type = "strings"
189 help = "encryption types to use"
190 argument = "enctype"
191 }
192 option = {
193 long = "keepold"
194 type = "flag"
195 help = "keep old keys/password needed to decrypt extant tickets (default)"
196 }
197 option = {
198 long = "keepallold"
199 type = "flag"
200 help = "keep all old keys/password"
201 }
202 option = {
203 long = "pruneall"
204 type = "flag"
205 help = "delete all old keys"
206 }
207 option = {
208 long = "realm"
209 short = "r"
210 type = "string"
211 argument = "realm"
212 help = "realm to use"
213 }
214 option = {
215 long = "admin-server"
216 short = "a"
217 type = "string"
218 argument = "host"
219 help = "server to contact"
220 }
221 option = {
222 long = "server-port"
223 short = "s"
224 type = "integer"
225 argument = "port number"
226 help = "port number on server"
227 }
228 function = "kt_get"
229 min_args = "1"
230 argument = "principal..."
231 help = "Change keys for specified principals, and add them to the keytab."
232 }
233 command = {
234 name = "import"
235 function = "kt_import"
236 help = "Imports a keytab from JSON output of ktutil list --json --keys."
237 min_args = "0"
238 max_args = "1"
239 argument = "JSON-FILE"
240 }
241 command = {
242 name = "list"
243 option = {
244 long = "keys"
245 type = "flag"
246 help = "show key values"
247 }
248 option = {
249 long = "timestamp"
250 type = "flag"
251 help = "show timestamps"
252 }
253 option = {
254 long = "json"
255 type = "flag"
256 help = "output JSON representation"
257 }
258 max_args = "0"
259 function = "kt_list"
260 help = "Show contents of keytab."
261 }
262 command = {
263 name = "purge"
264 option = {
265 long = "age"
266 type = "string"
267 help = "age to retiere"
268 default = "1 week";
269 argument = "time"
270 }
271 max_args = "0"
272 function = "kt_purge"
273 help = "Remove superceded keys from keytab."
274 }
275 command = {
276 name = "remove"
277 name = "delete"
278 option = {
279 long = "principal"
280 short = "p"
281 type = "string"
282 help = "principal to remove"
283 argument = "principal"
284 }
285 option = {
286 long = "kvno"
287 short = "V"
288 type = "integer"
289 help = "key version to remove"
290 argument = "kvno"
291 default = "0"
292 }
293 option = {
294 long = "enctype"
295 short = "e"
296 type = "string"
297 help = "enctype to remove"
298 argument = "enctype"
299 }
300 max_args = "0"
301 function = "kt_remove"
302 help = "Remove keys from keytab."
303 }
304 command = {
305 name = "rename"
306 function = "kt_rename"
307 argument = "from to"
308 min_args = "2"
309 max_args = "2"
310 help = "Renames an entry in the keytab."
311 option = {
312 long = "delete"
313 type = "-flag"
314 help = "don't delete orignal entry"
315 }
316 }
317 command = {
318 name = "destroy"
319 function = "kt_destroy"
320 max_args = "0"
321 help = "Destroy (remove) the keytab."
322 }
323 command = {
324 name = "help"
325 argument = "command"
326 max_args = "1"
327 function = "help"
328 }