Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/crypto/krb5/src/kadmin/cli/k5srvutil.sh
34907 views
1
#!/bin/sh

2


3
# list_princs keytab

4
# returns a list of principals in the keytab

5
# sorted and uniquified

6
list_princs() {

7
    klist -k $keytab | awk '(NR > 3) {print $2}' | sort | uniq

8
}

9


10
set_command() {

11
    if [ x$command != x ] ; then

12
	cmd_error Only one command can be specified

13
	usage

14
	exit 1

15
    fi

16
    command=$1

17
}

18


19
#interactive_prompt prompt princ

20
# If in interactive mode  return  true if the principal  should be acted on

21
# otherwise return true all the time

22
interactive_prompt() {

23
    if [ $interactive = 0 ] ; then

24
	return 0

25
    fi

26
    printf "%s for %s? [yn]" "$1" "$2"

27
    read ans

28
    case $ans in

29
    n*|N*)

30
	return 1

31
	;;

32
    esac

33
    return 0

34
    }

35
    

36
cmd_error() {

37
    echo $@ 2>&1

38
    }

39


40
usage() {

41
    echo "Usage: $0 [-i] [-f file] [-e keysalts] list|change|delete|delold"

42
}

43


44


45


46
change_key() {

47
    princs=`list_princs `

48
    for princ in $princs; do

49
	if interactive_prompt "Change key " $princ; then

50
	    kadmin -k -t $keytab -p $princ -q \

51
		"ktadd -k $keytab $keysalts $princ"

52
	fi

53
    done

54
    }

55


56
delete_old_keys() {

57
    princs=`list_princs `

58
    for princ in $princs; do

59
	if interactive_prompt "Delete old keys " $princ; then

60
	    kadmin -k -t $keytab -p $princ -q "ktrem -k $keytab $princ old"

61
	fi

62
    done

63
    }

64


65
delete_keys() {

66
    interactive=1

67
    princs=`list_princs `

68
    for princ in $princs; do

69
	if interactive_prompt "Delete all keys " $princ; then

70
	    kadmin -p $princ -k -t $keytab -q "ktrem -k $keytab $princ all"

71
	fi

72
    done

73
    }

74


75


76
keytab=/etc/krb5.keytab

77
interactive=0

78
keysalts=""

79


80
while [ $# -gt 0 ] ; do

81
    opt=$1

82
    shift

83
        case $opt in

84
	"-f")

85
	keytab=$1

86
	shift

87
	;;

88
	"-i")

89
	interactive=1

90
	;;

91
	"-e")

92
	keysalts="$keysalts -e \"$1\""

93
	shift

94
	;;

95
	change|delold|delete|list)

96
	set_command $opt

97
	;;

98
	*)

99
	cmd_error Illegal option: $opt

100
	usage

101
	exit 1

102
	;;

103
	esac

104
done

105
	

106


107
case $command in

108
    change)

109
    change_key

110
    ;;

111
    delold)

112
    delete_old_keys

113
    ;;

114
    delete)

115
    delete_keys

116
    ;;

117
    list)

118
    klist -k $keytab

119
    ;;

120
    *)

121
        usage

122
	;;

123
    esac

124


125