1178825Sdfr/*
2233294Sstas * Copyright (c) 2004 - 2007 Kungliga Tekniska H��gskolan
3178825Sdfr * (Royal Institute of Technology, Stockholm, Sweden). 
4178825Sdfr * All rights reserved. 
5178825Sdfr *
6178825Sdfr * Redistribution and use in source and binary forms, with or without 
7178825Sdfr * modification, are permitted provided that the following conditions 
8178825Sdfr * are met: 
9178825Sdfr *
10178825Sdfr * 1. Redistributions of source code must retain the above copyright 
11178825Sdfr *    notice, this list of conditions and the following disclaimer. 
12178825Sdfr *
13178825Sdfr * 2. Redistributions in binary form must reproduce the above copyright 
14178825Sdfr *    notice, this list of conditions and the following disclaimer in the 
15178825Sdfr *    documentation and/or other materials provided with the distribution. 
16178825Sdfr *
17178825Sdfr * 3. Neither the name of the Institute nor the names of its contributors 
18178825Sdfr *    may be used to endorse or promote products derived from this software 
19178825Sdfr *    without specific prior written permission. 
20178825Sdfr *
21178825Sdfr * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
22178825Sdfr * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
23178825Sdfr * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
24178825Sdfr * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
25178825Sdfr * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
26178825Sdfr * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
27178825Sdfr * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
28178825Sdfr * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
29178825Sdfr * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
30178825Sdfr * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
31178825Sdfr * SUCH DAMAGE. 
32178825Sdfr */
33233294Sstas/* $Id$ */
34178825Sdfr
35178825Sdfrcommand = {
36178825Sdfr	name = "stash"
37178825Sdfr	name = "kstash"
38178825Sdfr	option = {
39178825Sdfr		long = "enctype"
40178825Sdfr		short = "e"
41178825Sdfr		type = "string"
42178825Sdfr		help = "encryption type"
43178825Sdfr		default = "des3-cbc-sha1"
44178825Sdfr	}
45178825Sdfr	option = {
46178825Sdfr		long = "key-file"
47178825Sdfr		short = "k"
48178825Sdfr		type = "string"
49178825Sdfr		argument = "file"
50178825Sdfr		help = "master key file"
51178825Sdfr	}
52178825Sdfr	option = {
53178825Sdfr		long = "convert-file"
54178825Sdfr		type = "flag"
55178825Sdfr		help = "just convert keyfile to new format"
56178825Sdfr	}
57178825Sdfr	option = {
58233294Sstas		long = "random-password"
59233294Sstas		type = "flag"
60233294Sstas		help = "use a random password (and print the password to stdout)"
61233294Sstas	}
62233294Sstas	option = {
63178825Sdfr		long = "master-key-fd"
64178825Sdfr		type = "integer"
65178825Sdfr		argument = "fd"
66178825Sdfr		help = "filedescriptor to read passphrase from"
67178825Sdfr		default = "-1"
68178825Sdfr	}
69178825Sdfr	help = "Writes the Kerberos master key to a file used by the KDC. \nLocal (-l) mode only."
70178825Sdfr}
71178825Sdfrcommand = {
72178825Sdfr	name = "dump"
73178825Sdfr	option = {
74178825Sdfr		long = "decrypt"
75178825Sdfr		short = "d"
76178825Sdfr		type = "flag"
77178825Sdfr		help = "decrypt keys"
78178825Sdfr	}
79178825Sdfr	argument = "[dump-file]"
80178825Sdfr	min_args = "0"
81178825Sdfr	max_args = "1"
82178825Sdfr	help = "Dumps the database in a human readable format to the specified file, \nor the standard out. Local (-l) mode only."
83178825Sdfr}
84178825Sdfr
85178825Sdfrcommand = {
86178825Sdfr	name = "init"
87178825Sdfr	option = {
88178825Sdfr		long = "realm-max-ticket-life"
89178825Sdfr		type = "string"
90178825Sdfr		help = "realm max ticket lifetime"
91178825Sdfr	}
92178825Sdfr	option = {
93178825Sdfr		long = "realm-max-renewable-life"
94178825Sdfr		type = "string"
95178825Sdfr		help = "realm max renewable lifetime"
96178825Sdfr	}
97233294Sstas	option = {
98233294Sstas		long = "bare"
99233294Sstas		type = "flag"
100233294Sstas		help = "only create krbtgt for realm"
101233294Sstas	}
102178825Sdfr	argument = "realm..."
103178825Sdfr	min_args = "1"
104178825Sdfr	help = "Initializes the default principals for a realm. Creates the database\nif necessary. Local (-l) mode only."
105178825Sdfr}
106178825Sdfrcommand = {
107178825Sdfr	name = "load"
108178825Sdfr	argument = "file"
109178825Sdfr	min_args = "1"
110178825Sdfr	max_args = "1"
111178825Sdfr	help = "Loads a previously dumped file. Local (-l) mode only."
112178825Sdfr}
113178825Sdfrcommand = {
114178825Sdfr	name = "merge"
115178825Sdfr	argument = "file"
116178825Sdfr	min_args = "1"
117178825Sdfr	max_args = "1"
118178825Sdfr	help = "Merges the contents of a dump file into the database. Local (-l) mode only."
119178825Sdfr}
120178825Sdfrcommand = {
121178825Sdfr	name = "add"
122178825Sdfr	name = "ank"
123178825Sdfr	name = "add_new_key"
124178825Sdfr	function = "add_new_key"
125178825Sdfr	option = {
126178825Sdfr		long = "random-key"
127178825Sdfr		short = "r"
128178825Sdfr		type = "flag"
129178825Sdfr		help = "set random key"
130178825Sdfr	}
131178825Sdfr	option = {
132178825Sdfr		long = "random-password"
133178825Sdfr		type = "flag"
134178825Sdfr		help = "set random password"
135178825Sdfr	}
136178825Sdfr	option = {
137178825Sdfr		long = "password"
138178825Sdfr		short = "p"
139178825Sdfr		type = "string"
140178825Sdfr		help = "principal's password"
141178825Sdfr	}
142178825Sdfr	option = {
143178825Sdfr		long = "key"
144178825Sdfr		type = "string"
145178825Sdfr		help = "DES-key in hex"
146178825Sdfr	}
147178825Sdfr	option = {
148178825Sdfr		long = "max-ticket-life"
149178825Sdfr		type = "string"
150178825Sdfr		argument ="lifetime"
151178825Sdfr		help = "max ticket lifetime"
152178825Sdfr	}
153178825Sdfr	option = {
154178825Sdfr		long = "max-renewable-life"
155178825Sdfr		type = "string"
156178825Sdfr		argument = "lifetime"
157178825Sdfr		help = "max renewable life"
158178825Sdfr	}
159178825Sdfr	option = {
160178825Sdfr		long = "attributes"
161178825Sdfr		type = "string"
162178825Sdfr		argument = "attributes"
163178825Sdfr		help = "principal attributes"
164178825Sdfr	}
165178825Sdfr	option = {
166178825Sdfr		long = "expiration-time"
167178825Sdfr		type = "string"
168178825Sdfr		argument = "time"
169178825Sdfr		help = "principal expiration time"
170178825Sdfr	}
171178825Sdfr	option = {
172178825Sdfr		long = "pw-expiration-time"
173178825Sdfr		type = "string"
174178825Sdfr		argument = "time"
175178825Sdfr		help = "password expiration time"
176178825Sdfr	}
177178825Sdfr	option = {
178178825Sdfr		long = "use-defaults"
179178825Sdfr		type = "flag"
180178825Sdfr		help = "use default values"
181178825Sdfr	}
182178825Sdfr	argument = "principal..."
183178825Sdfr	min_args = "1"
184178825Sdfr	help = "Adds a principal to the database."
185178825Sdfr}
186178825Sdfrcommand = {
187178825Sdfr	name = "passwd"
188178825Sdfr	name = "cpw"
189178825Sdfr	name = "change_password"
190178825Sdfr	function = "cpw_entry"
191178825Sdfr	option = {
192178825Sdfr		long = "random-key"
193178825Sdfr		short = "r"
194178825Sdfr		type = "flag"
195178825Sdfr		help = "set random key"
196178825Sdfr	}
197178825Sdfr	option = {
198178825Sdfr		long = "random-password"
199178825Sdfr		type = "flag"
200178825Sdfr		help = "set random password"
201178825Sdfr	}
202178825Sdfr	option = {
203178825Sdfr		long = "password"
204178825Sdfr		short = "p"
205178825Sdfr		type = "string"
206178825Sdfr		help = "princial's password"
207178825Sdfr	}
208178825Sdfr	option = {
209178825Sdfr		long = "key"
210178825Sdfr		type = "string"
211178825Sdfr		help = "DES key in hex"
212178825Sdfr	}
213178825Sdfr	argument = "principal..."
214178825Sdfr	min_args = "1"
215178825Sdfr	help = "Changes the password of one or more principals matching the expressions."
216178825Sdfr}
217178825Sdfrcommand = {
218178825Sdfr	name = "delete"
219178825Sdfr	name = "del"
220178825Sdfr	name = "del_entry"
221178825Sdfr	function = "del_entry"
222178825Sdfr	argument = "principal..."
223178825Sdfr	min_args = "1"
224178825Sdfr	help = "Deletes all principals matching the expressions."
225178825Sdfr}
226178825Sdfrcommand = {
227178825Sdfr	name = "del_enctype"
228178825Sdfr	argument = "principal enctype..."
229178825Sdfr	min_args = "2"
230178825Sdfr	help = "Delete all the mentioned enctypes for principal."
231178825Sdfr}
232178825Sdfrcommand = {
233178825Sdfr	name = "add_enctype"
234178825Sdfr	option = {
235178825Sdfr		long = "random-key"
236178825Sdfr		short = "r"
237178825Sdfr		type = "flag"
238178825Sdfr		help = "set random key"
239178825Sdfr	}
240178825Sdfr	argument = "principal enctype..."
241178825Sdfr	min_args = "2"
242178825Sdfr	help = "Add new enctypes for principal."
243178825Sdfr}
244178825Sdfrcommand = {
245178825Sdfr	name = "ext_keytab"
246178825Sdfr	option = {
247178825Sdfr		long = "keytab"
248178825Sdfr		short = "k"
249178825Sdfr		type = "string"
250178825Sdfr		help = "keytab to use"
251178825Sdfr	}
252178825Sdfr	argument = "principal..."
253178825Sdfr	min_args = "1"
254178825Sdfr	help = "Extracts the keys of all principals matching the expressions, and stores them in a keytab." 
255178825Sdfr}
256178825Sdfrcommand = {
257178825Sdfr	name = "get"
258178825Sdfr	name = "get_entry"
259178825Sdfr	function = "get_entry"
260178825Sdfr	/* XXX sync options with "list" */
261178825Sdfr	option = {
262178825Sdfr		long = "long"
263178825Sdfr		short = "l"
264178825Sdfr		type = "flag"
265178825Sdfr		help = "long format"
266178825Sdfr		default = "-1"
267178825Sdfr	}
268178825Sdfr	option = {
269178825Sdfr		long = "short"
270178825Sdfr		short = "s"
271178825Sdfr		type = "flag"
272178825Sdfr		help = "short format"
273178825Sdfr	}
274178825Sdfr	option = {
275178825Sdfr		long = "terse"
276178825Sdfr		short = "t"
277178825Sdfr		type = "flag"
278178825Sdfr		help = "terse format"
279178825Sdfr	}
280178825Sdfr	option = {
281178825Sdfr		long = "column-info"
282178825Sdfr		short = "o"
283178825Sdfr		type = "string"
284178825Sdfr		help = "columns to print for short output"
285178825Sdfr	}
286178825Sdfr	argument = "principal..."
287178825Sdfr	min_args = "1"
288178825Sdfr	help = "Shows information about principals matching the expressions."
289178825Sdfr}
290178825Sdfrcommand = {
291178825Sdfr	name = "rename"
292178825Sdfr	function = "rename_entry"
293178825Sdfr	argument = "from to"
294178825Sdfr	min_args = "2"
295178825Sdfr	max_args = "2"
296178825Sdfr	help = "Renames a principal."
297178825Sdfr}
298178825Sdfrcommand = {
299178825Sdfr	name = "modify"
300178825Sdfr	function = "mod_entry"
301178825Sdfr	option = {
302178825Sdfr		long = "max-ticket-life"
303178825Sdfr		type = "string"
304178825Sdfr		argument ="lifetime"
305178825Sdfr		help = "max ticket lifetime"
306178825Sdfr	}
307178825Sdfr	option = {
308178825Sdfr		long = "max-renewable-life"
309178825Sdfr		type = "string"
310178825Sdfr		argument = "lifetime"
311178825Sdfr		help = "max renewable life"
312178825Sdfr	}
313178825Sdfr	option = {
314178825Sdfr		long = "attributes"
315178825Sdfr		short = "a"
316178825Sdfr		type = "string"
317178825Sdfr		argument = "attributes"
318178825Sdfr		help = "principal attributes"
319178825Sdfr	}
320178825Sdfr	option = {
321178825Sdfr		long = "expiration-time"
322178825Sdfr		type = "string"
323178825Sdfr		argument = "time"
324178825Sdfr		help = "principal expiration time"
325178825Sdfr	}
326178825Sdfr	option = {
327178825Sdfr		long = "pw-expiration-time"
328178825Sdfr		type = "string"
329178825Sdfr		argument = "time"
330178825Sdfr		help = "password expiration time"
331178825Sdfr	}
332178825Sdfr	option = {
333178825Sdfr		long = "kvno"
334178825Sdfr		type = "integer"
335178825Sdfr		help = "key version number"
336178825Sdfr		default = "-1"
337178825Sdfr	}
338178825Sdfr	option = {
339178825Sdfr		long = "constrained-delegation"
340178825Sdfr		type = "strings"
341178825Sdfr		argument = "principal"
342178825Sdfr		help = "allowed target principals"
343178825Sdfr	}
344178825Sdfr	option = {
345178825Sdfr		long = "alias"
346178825Sdfr		type = "strings"
347178825Sdfr		argument = "principal"
348178825Sdfr		help = "aliases"
349178825Sdfr	}
350178825Sdfr	option = {
351178825Sdfr		long = "pkinit-acl"
352178825Sdfr		type = "strings"
353178825Sdfr		argument = "subject dn"
354178825Sdfr		help = "aliases"
355178825Sdfr	}
356178825Sdfr	argument = "principal"
357178825Sdfr	min_args = "1"
358178825Sdfr	max_args = "1"
359178825Sdfr	help = "Modifies some attributes of the specified principal."
360178825Sdfr}
361178825Sdfrcommand = {
362178825Sdfr	name = "privileges"
363178825Sdfr	name = "privs"
364178825Sdfr	function = "get_privs"
365178825Sdfr	help = "Shows which operations you are allowed to perform."
366178825Sdfr}
367178825Sdfrcommand = {
368178825Sdfr	name = "list"
369178825Sdfr	function = "list_princs"
370178825Sdfr	/* XXX sync options with "get" */
371178825Sdfr	option = {
372178825Sdfr		long = "long"
373178825Sdfr		short = "l"
374178825Sdfr		type = "flag"
375178825Sdfr		help = "long format"
376178825Sdfr	}
377178825Sdfr	option = {
378178825Sdfr		long = "short"
379178825Sdfr		short = "s"
380178825Sdfr		type = "flag"
381178825Sdfr		help = "short format"
382178825Sdfr	}
383178825Sdfr	option = {
384178825Sdfr		long = "terse"
385178825Sdfr		short = "t"
386178825Sdfr		type = "flag"
387178825Sdfr		help = "terse format"
388178825Sdfr		default = "-1"
389178825Sdfr	}
390178825Sdfr	option = {
391178825Sdfr		long = "column-info"
392178825Sdfr		short = "o"
393178825Sdfr		type = "string"
394178825Sdfr		help = "columns to print for short output"
395178825Sdfr	}
396178825Sdfr	argument = "principal..."
397178825Sdfr	min_args = "1"
398178825Sdfr	help = "Lists principals in a terse format. Equivalent to \"get -t\"." 
399178825Sdfr}
400178825Sdfrcommand = {
401178825Sdfr	name = "verify-password-quality"
402178825Sdfr	name = "pwq"
403178825Sdfr	function = "password_quality"
404178825Sdfr	argument = "principal password"
405178825Sdfr	min_args = "2"
406178825Sdfr	max_args = "2"
407178825Sdfr	help = "Try run the password quality function locally (not doing RPC out to server)."
408178825Sdfr}
409178825Sdfrcommand = {
410178825Sdfr	name = "check"
411178825Sdfr	function = "check"
412178825Sdfr	argument = "[realm]"
413178825Sdfr	min_args = "0"
414178825Sdfr	max_args = "1"
415178825Sdfr	help = "Check the realm (if not given, the default realm) for configuration errors."
416178825Sdfr}
417178825Sdfrcommand = {
418178825Sdfr	name = "help"
419178825Sdfr	name = "?"
420178825Sdfr	argument = "[command]"
421178825Sdfr	min_args = "0"
422178825Sdfr	max_args = "1"
423178825Sdfr	help = "Help! I need somebody."
424178825Sdfr}
425178825Sdfrcommand = {
426178825Sdfr	name = "exit"
427178825Sdfr	name = "quit"
428178825Sdfr	function = "exit_kadmin"
429178825Sdfr	help = "Quits."
430178825Sdfr}
431