source-git / krb5

Clone
Source Code
GIT

Blame src/kadmin/cli/k5srvutil.sh

c8 c8s master
  1.   fd8b6017209ca57f4265b0fbdec3143524e4cd5a
  2.   src
  3.   kadmin
  4.   cli
  5.   k5srvutil.sh
Blob History Raw
Packit fd8b60 
#!/bin/sh
Packit fd8b60
Packit fd8b60 
# list_princs keytab
Packit fd8b60 
# returns a list of principals in the keytab
Packit fd8b60 
# sorted and uniquified
Packit fd8b60 
list_princs() {
Packit fd8b60 
    klist -k $keytab | awk '(NR > 3) {print $2}' | sort | uniq
Packit fd8b60 
}
Packit fd8b60
Packit fd8b60 
set_command() {
Packit fd8b60 
    if [ x$command != x ] ; then
Packit fd8b60 
	cmd_error Only one command can be specified
Packit fd8b60 
	usage
Packit fd8b60 
	exit 1
Packit fd8b60 
    fi
Packit fd8b60 
    command=$1
Packit fd8b60 
}
Packit fd8b60
Packit fd8b60 
#interactive_prompt prompt princ
Packit fd8b60 
# If in interactive mode  return  true if the principal  should be acted on
Packit fd8b60 
# otherwise return true all the time
Packit fd8b60 
interactive_prompt() {
Packit fd8b60 
    if [ $interactive = 0 ] ; then
Packit fd8b60 
	return 0
Packit fd8b60 
    fi
Packit fd8b60 
    printf "%s for %s? [yn]" "$1" "$2"
Packit fd8b60 
    read ans
Packit fd8b60 
    case $ans in
Packit fd8b60 
    n*|N*)
Packit fd8b60 
	return 1
Packit fd8b60 
	;;
Packit fd8b60 
    esac
Packit fd8b60 
    return 0
Packit fd8b60 
    }
Packit fd8b60
Packit fd8b60 
cmd_error() {
Packit fd8b60 
    echo $@ 2>&1
Packit fd8b60 
    }
Packit fd8b60
Packit fd8b60 
usage() {
Packit fd8b60 
    echo "Usage: $0 [-i] [-f file] [-e keysalts] list|change|delete|delold"
Packit fd8b60 
}
Packit fd8b60
Packit fd8b60
Packit fd8b60
Packit fd8b60 
change_key() {
Packit fd8b60 
    princs=`list_princs `
Packit fd8b60 
    for princ in $princs; do
Packit fd8b60 
	if interactive_prompt "Change key " $princ; then
Packit fd8b60 
	    kadmin -k -t $keytab -p $princ -q \
Packit fd8b60 
		"ktadd -k $keytab $keysalts $princ"
Packit fd8b60 
	fi
Packit fd8b60 
    done
Packit fd8b60 
    }
Packit fd8b60
Packit fd8b60 
delete_old_keys() {
Packit fd8b60 
    princs=`list_princs `
Packit fd8b60 
    for princ in $princs; do
Packit fd8b60 
	if interactive_prompt "Delete old keys " $princ; then
Packit fd8b60 
	    kadmin -k -t $keytab -p $princ -q "ktrem -k $keytab $princ old"
Packit fd8b60 
	fi
Packit fd8b60 
    done
Packit fd8b60 
    }
Packit fd8b60
Packit fd8b60 
delete_keys() {
Packit fd8b60 
    interactive=1
Packit fd8b60 
    princs=`list_princs `
Packit fd8b60 
    for princ in $princs; do
Packit fd8b60 
	if interactive_prompt "Delete all keys " $princ; then
Packit fd8b60 
	    kadmin -p $princ -k -t $keytab -q "ktrem -k $keytab $princ all"
Packit fd8b60 
	fi
Packit fd8b60 
    done
Packit fd8b60 
    }
Packit fd8b60
Packit fd8b60
Packit fd8b60 
keytab=/etc/krb5.keytab
Packit fd8b60 
interactive=0
Packit fd8b60 
keysalts=""
Packit fd8b60
Packit fd8b60 
while [ $# -gt 0 ] ; do
Packit fd8b60 
    opt=$1
Packit fd8b60 
    shift
Packit fd8b60 
        case $opt in
Packit fd8b60 
	"-f")
Packit fd8b60 
	keytab=$1
Packit fd8b60 
	shift
Packit fd8b60 
	;;
Packit fd8b60 
	"-i")
Packit fd8b60 
	interactive=1
Packit fd8b60 
	;;
Packit fd8b60 
	"-e")
Packit fd8b60 
	keysalts="$keysalts -e \"$1\""
Packit fd8b60 
	shift
Packit fd8b60 
	;;
Packit fd8b60 
	change|delold|delete|list)
Packit fd8b60 
	set_command $opt
Packit fd8b60 
	;;
Packit fd8b60 
	*)
Packit fd8b60 
	cmd_error Illegal option: $opt
Packit fd8b60 
	usage
Packit fd8b60 
	exit 1
Packit fd8b60 
	;;
Packit fd8b60 
	esac
Packit fd8b60 
done
Packit fd8b60
Packit fd8b60
Packit fd8b60 
case $command in
Packit fd8b60 
    change)
Packit fd8b60 
    change_key
Packit fd8b60 
    ;;
Packit fd8b60 
    delold)
Packit fd8b60 
    delete_old_keys
Packit fd8b60 
    ;;
Packit fd8b60 
    delete)
Packit fd8b60 
    delete_keys
Packit fd8b60 
    ;;
Packit fd8b60 
    list)
Packit fd8b60 
    klist -k $keytab
Packit fd8b60 
    ;;
Packit fd8b60 
    *)
Packit fd8b60 
        usage
Packit fd8b60 
	;;
Packit fd8b60 
    esac

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation