ktcheck

Langue: en

Version: 112065 (mandriva - 01/05/08)

Section: 1 (Commandes utilisateur)

NAME

ktcheck - verify and download command file and transcripts

SYNOPSIS

ktcheck [-CinrV] [ -q | -v ] [ -D path ] [ -c checksum ] [ -K command-file ] [ -h host ] [ -p port ] [ -P ca-pem-directory ] [ -w auth-level ] [ -x ca-pem-file ] [ -y cert-pem-file ] [ -z private-key-file ] [ -Z compression-level ]

DESCRIPTION

ktcheck verifies a client's command file with the radmind server host. The command file is downloaded from host if it is missing or has the wrong size. With the -c option, checksums are also used to verify files.

Reading the command file line-by-line, ktcheck verifies each command file and transcript listed, downloading it from host if it is missing or out of date. ktcheck ignors blank lines and comments ( lines starting with '#' ). Included command files are read are verified using the same method.

Each special file listed in the command file is converted into a transcript line in special.T with information provided by host. See radmind(8) for details of the STAT command.

If checksuming is turned on, the special transcript is verified using the checksum and file size. If either are wrong, the special transcript is updated. If checksuming is turned off, the special transcript is always updated.

Files updated by ktcheck must be regular files and the user must have access to modify them.

When run with the -n option, ktcheck verifies but never downloads the command files or transcripts. A temporary special.T is created for verification and is removed on exit.

OPTIONS

-C
clean _RADMIND_DIR/client.
-c checksum
enables checksuming.
-D path
specifies the radmind working directory, by default /var/lib/radmind.
-i
force output line buffering.
-h host
specifies the radmind server, by default localhost.
-K command
specifies a command file, by default /var/lib/radmind/client/command.K.
-n
no files modified.
-p port
specifies a port, by default 6222.
-P ca-pem-directory
specifies a directory that contains certificates to be used when verifying the server. Certificates must be in PEM format and the directory must have been processed with the openssl c_rehash utility.
-q
suppress all messages.
-r
use random seed file $RANDFILE if that environment variable is set, $HOME/.rnd otherwise. See RAND_load_file(3o).
-V
displays the version of ktcheck, a list of supported checksumming algorithms in descending order of preference and then exits.
-v
displays communication with the radmind server.
-w auth-level
TLS authorization level, by default 0. 0 = no TLS, 1 = server verification, 2 = server and client verification.
-x ca-pem-file
Certificate authority's public certificate, by default /etc/pki/radmind/ca.pem. The default is not used when -P is specified.
-y cert-pem-file
Client's public certificate, by default /etc/pki/radmind/cert.pem.
-z private-key-file
Client's private key, by default /etc/pki/radmind/cert.pem.
-Z compression-level
Compress all outbound data. compression-level can be between 0 and 9: 1 gives best speed, 9 gives best compression, 0 gives no compression at all (the input data is simply copied a block at a time).

FILES

/var/lib/radmind/client/command.K
name of the default command file.
special.T
name of the special transcript.

EXIT STATUS

The following exit values are returned:
0
No differences were found.
1
Differences were found.
>1
An error occurred.

SEE ALSO

fsdiff(1), lapply(1), lcksum(1), lcreate(1), lfdiff(1), lmerge(1), lsort(1), twhich(1), radmind(8), RAND_load_file(3o).