This file is indexed.

/usr/bin/k5srvutil is in krb5-user 1.10+dfsg~beta1-2.

This file is owned by root:root, with mode 0o755.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
#!/bin/sh

# list_princs keytab
# returns a list of principals in the keytab
# sorted and uniquified
list_princs() {
    klist -k $keytab | awk '(NR > 3) {print $2}' | sort | uniq
}

set_command() {
    if [ x$command != x ] ; then
	cmd_error Only one command can be specified
	usage
	exit 1
    fi
    command=$1
}

#interactive_prompt prompt princ
# If in interactive mode  return  true if the principal  should be acted on
# otherwise return true all the time
interactive_prompt() {
    if [ $interactive = 0 ] ; then
	return 0
    fi
    printf "%s for %s? [yn]" "$1" "$2"
    read ans
    case $ans in
    n*|N*)
	return 1
	;;
    esac
    return 0
    }
    
cmd_error() {
    echo $@ 2>&1
    }

usage() {
    echo "Usage: $0 [-i] [-f file] list|change|delete|delold"
}



change_key() {
    princs=`list_princs `
    for princ in $princs; do
	if interactive_prompt "Change key " $princ; then
	    kadmin -k -t $keytab -p $princ -q "ktadd -k $keytab $princ"
	fi
    done
    }

delete_old_keys() {
    princs=`list_princs `
    for princ in $princs; do
	if interactive_prompt "Delete old keys " $princ; then
	    kadmin -k -t $keytab -p $princ -q "ktrem -k $keytab $princ old"
	fi
    done
    }

delete_keys() {
    interactive=1
    princs=`list_princs `
    for princ in $princs; do
	if interactive_prompt "Delete all keys " $princ; then
	    kadmin -p $princ -k -t $keytab -q "ktrem -k $keytab $princ all"
	fi
    done
    }


keytab=/etc/krb5.keytab
interactive=0

while [ $# -gt 0 ] ; do
    opt=$1
    shift
        case $opt in
	"-f")
	keytab=$1
	shift
	;;
	"-i")
	interactive=1
	;;
	change|delold|delete|list)
	set_command $opt
	;;
	*)
	cmd_error Illegal option: $opt
	usage
	exit 1
	;;
	esac
done
	

case $command in
    change)
    change_key
    ;;
    delold)
    delete_old_keys
    ;;
    delete)
    delete_keys
    ;;
    list)
    klist -k $keytab
    ;;
    *)
        usage
	;;
    esac