437564 – ipa-getkeytab man page is out-of-date

Bug 437564 - ipa-getkeytab man page is out-of-date

Summary: ipa-getkeytab man page is out-of-date

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	freeIPA
Classification:	Retired
Component:	ipa-client
Sub Component:
Version:	1.0
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Simo Sorce
QA Contact:	Chandrasekar Kannan
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	429034
TreeView+	depends on / blocked

Reported:	2008-03-14 21:47 UTC by Rob Crittenden
Modified:	2015-01-04 23:31 UTC (History)
CC List:	1 user (show)
Fixed In Version:	freeipa-2.0.0-1.fc15
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2012-03-27 07:14:47 UTC
Embargoed:

Attachments	(Terms of Use)
permitted enctypes (3.83 KB, patch) 2008-04-08 22:11 UTC, Simo Sorce	no flags	Details \| Diff
View All

Description Rob Crittenden 2008-03-14 21:47:28 UTC

Description of problem:

The utility itself reports the following usage:

Usage: ipa-getkeytab [-s|--server Server Name]
        [-p|--principal Kerberos Service Principal Name]
        [-k|--keytab Keytab File Name]
        [-e|--enctypes Comma separated encription types list]

The man page shows:

ipa-getkeytab [-a] principal-name file-name

And aren't arguments within a [] optional? -s, -p and -k are all required. Is
this just a problem with popt?

Comment 1 Simo Sorce 2008-03-17 13:34:36 UTC

I already have a patch in the pipe for this.
Will set as MODIFIED when pushed.

Comment 2 Chandrasekar Kannan 2008-04-05 00:22:01 UTC

hm. I would like to see the list of encryption types atleast mentioned
as an example or tell the user a way to get that info.

re-opening...

Comment 3 Chandrasekar Kannan 2008-04-07 18:15:27 UTC

update the man page with a method of how to obtain the list of supported enc types

Comment 4 Simo Sorce 2008-04-08 22:11:41 UTC

Created attachment 301722 [details]
permitted enctypes

Comment 5 Yi Zhang 2008-05-22 19:06:29 UTC

The option: "--permitted-enctypes" is not in man page, can this be added into
the man page?

[btw, the option is working. We just need the man page to be updated. My test as
below:
server64[05/22/24 11:10] ipa-getkeytab --permitted-enctypes
Supported encryption types:
AES-256 CTS mode with 96-bit SHA-1 HMAC
AES-128 CTS mode with 96-bit SHA-1 HMAC
Triple DES cbc mode with HMAC/sha1
ArcFour with HMAC/md5
DES cbc mode with CRC-32
DES cbc mode with RSA-MD5
DES cbc mode with RSA-MD4

======================================================
server64[05/22/24 11:11] man ipa-getkeytab
ipa-getkeytab(1)                                              ipa-getkeytab(1)

NAME
       ipa-getkeytab - Get a keytab for a kerberos principal

SYNOPSIS
       ipa-getkeytab <-s ipaserver> <-p principal-name> <-k keytab-file> [-e
encryption-types] [-q]

Comment 6 Yi Zhang 2008-05-22 21:39:36 UTC

Simo's reply regarding the enctypes list

The list is dependent on the platfrom you run the tool on (we compile it
only for linux atm anyway).
The list is retrieve from the kerberos configuration and if no action is
taken retiurns the default set of supported types by the currently
installed kerberos libraries.

Simo.

but the bug sill valid at this point due to we still don't have the correct msg
in man page for --permitted-nctypes option

Comment 7 Yi Zhang 2008-05-22 21:54:32 UTC

bug closed, as the "--permitted-enctypes" is under "-e" option

QA Verified on May 22, 2008 (Yi)

Build used: May 22, 2008 (x64)

Note You need to log in before you can comment on or make changes to this bug.