ktcheck(1) User Commands ktcheck(1)NAMEktcheck - verify and download command file and transcripts
SYNOPSISktcheck [-CIinrV] [ -q | -v ] [ -D path ] [ -e event ] [ -c checksum ]
[ -K command-file ] [ -h host ] [ -p port ] [ -P ca-pem-directory ] [
-w auth-level ] [ -x ca-pem-file ] [ -y cert-pem-file ] [ -z private-
key-file ] [ -Z compression-level ]
DESCRIPTIONktcheck verifies a client's command file with the radmind server host.
The command file is downloaded from host if it is missing or has the
wrong size. With the -c option, checksums are also used to verify
files.
Reading the command file line-by-line, ktcheck verifies each command
file and transcript listed, downloading it from host if it is missing
or out of date. ktcheck ignors blank lines and comments ( lines start‐
ing with '#' ). Included command files are read are verified using the
same method.
Each special file listed in the command file is converted into a tran‐
script line in special.T with information provided by host. See rad‐
mind(8) for details of the STAT command.
If checksuming is turned on, the special transcript is verified using
the checksum and file size. If either are wrong, the special tran‐
script is updated. If checksuming is turned off, the special tran‐
script is always updated.
Files updated by ktcheck must be regular files and the user must have
access to modify them.
When run with the -n option, ktcheck verifies but never downloads the
command files or transcripts. A temporary special.T is created for
verification and is removed on exit.
OPTIONS-C clean _RADMIND_DIR/client.
-c checksum enables checksuming.
-D path specifies the radmind working directory, by default
/var/radmind.
-e event the event type to report. This is limited to a sin‐
gle word, containing no white space. By default this
is "ktcheck".
-I case-insensitive special.T, case-insensitive clean-
up.
-i force output line buffering.
-h host specifies the radmind server, by default radmind.
-K command specifies a command file, by default /var/rad‐
mind/client/command.K.
-n no files modified.
-p port specifies a port, by default 6222.
-P ca-pem-directory
specifies a directory that contains certificates to
be used when verifying the server. Certificates
must be in PEM format and the directory must have
been processed with the openssl c_rehash utility.
-q suppress all messages.
-r use random seed file $RANDFILE if that environment
variable is set, $HOME/.rnd otherwise. See
RAND_load_file(3o).
-V displays the version of ktcheck, a list of sup‐
ported checksumming algorithms in descending order
of preference and then exits.
-v displays communication with the radmind server.
-w auth-level TLS authorization level, by default 0. 0 = no TLS,
1 = server verification, 2 = server and client veri‐
fication.
-x ca-pem-file Certificate authority's public certificate, by
default /var/radmind/cert/ca.pem. The default is
not used when -P is specified.
-y cert-pem-file Client's public certificate, by default /var/rad‐
mind/cert/cert.pem.
-z private-key-file
Client's private key, by default /var/rad‐
mind/cert/cert.pem.
-Z compression-level
Compress all outbound data. compression-level can
be between 0 and 9: 1 gives best speed, 9 gives best
compression, 0 gives no compression at all (the
input data is simply copied a block at a time).
FILES
/var/radmind/client/command.K
name of the default command file.
special.T name of the special transcript.
EXIT STATUS
The following exit values are returned:
0 No differences were found.
1 Differences were found.
>1 An error occurred.
SEE ALSOfsdiff(1), lapply(1), lcksum(1), lcreate(1), lfdiff(1), lmerge(1),
lsort(1), twhich(1), radmind(8), RAND_load_file(3o).
RSUG December 12, 2010 ktcheck(1)
