Index: src/kdc/krb5kdc.M =================================================================== --- src/kdc/krb5kdc.M (revision 25289) +++ src/kdc/krb5kdc.M (working copy) @@ -168,7 +168,7 @@ The KDC may service requests for multiple realms (maximum 32 realms). The realms are listed on the command line. Per-realm options that can be specified on the command line pertain for each realm that follows it and are -superceded by subsequent definitions of the same option. For example, +superseded by subsequent definitions of the same option. For example, .PP .B krb5kdc .B \-p Index: src/clients/ksu/ksu.M =================================================================== --- src/clients/ksu/ksu.M (revision 25289) +++ src/clients/ksu/ksu.M (working copy) @@ -21,7 +21,7 @@ .\" direct, indirect, or consequential damages with respect to any .\" claim by the user or distributor of the ksu software. .\" -.\" KSU was writen by: Ari Medvinsky, ari@isi.edu +.\" KSU was written by: Ari Medvinsky, ari@isi.edu .\" " .TH KSU 1 .SH NAME @@ -442,7 +442,7 @@ password. The password is then used to get a ticket granting ticket from the Kerberos server. The danger of configuring ksu with this macro is -if the source user is loged in remotely and does not +if the source user is logged in remotely and does not have a secure channel, the password may get exposed. .TP 10 \fIPRINC_LOOK_AHEAD\fP Index: src/clients/kvno/kvno.M =================================================================== --- src/clients/kvno/kvno.M (revision 25289) +++ src/clients/kvno/kvno.M (working copy) @@ -20,7 +20,7 @@ .\" .\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR .\" IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED -.\" WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. +.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. .\" .\" clients/kvnol/kvno.M .\" " Index: src/tests/create/kdb5_mkdums.M =================================================================== --- src/tests/create/kdb5_mkdums.M (revision 25289) +++ src/tests/create/kdb5_mkdums.M (working copy) @@ -87,7 +87,7 @@ The .B \-r .I realm -option specifies the realm in which the entreis should be created; +option specifies the realm in which the entries should be created; by default the realm returned by .IR krb5_default_local_realm (3) is used. Index: src/kadmin/dbutil/kdb5_util.M =================================================================== --- src/kadmin/dbutil/kdb5_util.M (revision 25289) +++ src/kadmin/dbutil/kdb5_util.M (working copy) @@ -147,12 +147,12 @@ .TP .B \-rev dumps in reverse order. This may recover principals that do not dump -normally, in cases where database corruption has occured. +normally, in cases where database corruption has occurred. .TP .B \-recurse causes the dump to walk the database recursively (btree only). This may recover principals that do not dump normally, in cases where -database corruption has occured. In cases of such corruption, this +database corruption has occurred. In cases of such corruption, this option will probably retrieve more principals than the \fB\-rev\fP option will. .RE Index: src/kadmin/server/kadmind.M =================================================================== --- src/kadmin/server/kadmind.M (revision 25289) +++ src/kadmin/server/kadmind.M (working copy) @@ -9,7 +9,7 @@ .SH DESCRIPTION This command starts the KADM5 administration server. If the database is db2, the administration server runs on the master Kerberos server, which stores the KDC -prinicpal database and the KADM5 policy database. If the database is LDAP, +principal database and the KADM5 policy database. If the database is LDAP, the administration server and the KDC server need not run on the same machine. .B Kadmind accepts remote requests to administer the information in these @@ -25,10 +25,10 @@ for it to work: .TP "\w'kdc.conf\ \ 'u" kdc.conf -The KDC configuration file contains configuration informatin for the KDC +The KDC configuration file contains configuration information for the KDC and the KADM5 system. .B Kadmind -understands a number of variable settings in this file, some of whch are +understands a number of variable settings in this file, some of which are mandatory and some of which are optional. See the CONFIGURATION VALUES section below. .TP @@ -192,7 +192,7 @@ .B * ) character. .IP operation-mask -Specifies what operations may or may not be peformed by a principal +Specifies what operations may or may not be performed by a principal matching a particular entry. This is a string of one or more of the following list of characters or their upper-case counterparts. If the character is upper-case, then the operation is disallowed. If the Index: src/kadmin/cli/kadmin.M =================================================================== --- src/kadmin/cli/kadmin.M (revision 25289) +++ src/kadmin/cli/kadmin.M (working copy) @@ -1,7 +1,7 @@ .TH KADMIN 1 .SH NAME kadmin \- Kerberos V5 database administration program -.SH SYNOPSYS +.SH SYNOPSIS .TP .B kadmin .ad l @@ -286,7 +286,7 @@ maximum renewable life of tickets for the principal .TP \fB\-kvno\fP \fIkvno\fP -explicity set the key version number. +explicitly set the key version number. .TP \fB\-policy\fP \fIpolicy\fP policy used by this principal. If no policy is supplied, then if the @@ -495,7 +495,7 @@ kadmin: .TP ERRORS: -KADM5_AUTH_DELETE (reequires "delete" privilege) +KADM5_AUTH_DELETE (requires "delete" privilege) KADM5_UNK_PRINC (principal does not exist) .RE .fi @@ -655,7 +655,7 @@ an "@" character followed by the local realm is appended to the expression. Requires the .I list -priviledge. Alias +privilege. Alias .BR listprincs , .BR get_principals , .BR get_princs . @@ -823,7 +823,7 @@ are printed. If no expression is provided, all existing policy names are printed. Requires the .I list -priviledge. Alias +privilege. Alias .BR listpols , .BR get_policies , .BR getpols . @@ -913,7 +913,7 @@ parsed as an integer, and all entries whose kvno match that integer are removed. If the .B \-k -argument is not specifeid, the default keytab +argument is not specified, the default keytab .I /etc/krb5.keytab is used. If the .B \-q @@ -967,7 +967,7 @@ .SH HISTORY The .B kadmin -prorgam was originally written by Tom Yu at MIT, as an interface to the +program was originally written by Tom Yu at MIT, as an interface to the OpenVision Kerberos administration program. .SH SEE ALSO .IR kerberos (1), Index: src/config-files/kdc.conf.M =================================================================== --- src/config-files/kdc.conf.M (revision 25289) +++ src/config-files/kdc.conf.M (working copy) @@ -235,7 +235,7 @@ .IP max_life This .B delta time string -specifes the maximum time period that a ticket may be valid for in +specifies the maximum time period that a ticket may be valid for in this realm. .IP max_renewable_life @@ -259,7 +259,7 @@ .IP iprop_slave_poll This .B delta time string -specfies how often the slave KDC polls for new updates from the +specifies how often the slave KDC polls for new updates from the master. Default is "2m" (that is, two minutes). .IP supported_enctypes Index: src/config-files/krb5.conf.M =================================================================== --- src/config-files/krb5.conf.M (revision 25289) +++ src/config-files/krb5.conf.M (working copy) @@ -123,7 +123,7 @@ .IP [dbmodules] Contains database specific parameters used by the database library. -.ip [plugins] +.IP [plugins] Contains plugin module registration and filtering parameters. .PP Each of these sections will be covered in more details in the following @@ -230,7 +230,7 @@ DCE 1.1 systems. .IP dns_lookup_kdc -Indicate whether DNS SRV records shoud be used to locate the KDCs and +Indicate whether DNS SRV records should be used to locate the KDCs and other servers for a realm, if they are not listed in the information for the realm. The default is to use these records. @@ -541,7 +541,7 @@ Cross-realm authentication is typically organized hierarchically. This hierarchy is based on the name of the realm, which thus imposes restrictions on the choice of realm names, and on who may participate in -a cross-realm authentication. A non hierarchical orgization may be used, +a cross-realm authentication. A non hierarchical organization may be used, but requires a database to construct the authentication paths between the realms. This section defines that database. .PP @@ -623,11 +623,11 @@ .sp In the above examples, the ordering is not important, except when the same subtag name is used more then once. The client will use this to -determing the path. (It is not important to the server, since the +determine the path. (It is not important to the server, since the transited field is not sorted.) .PP If this section is not present, or if the client or server cannot find a -client/server path, then normal hierarchical orginization is assumed. +client/server path, then normal hierarchical organization is assumed. .PP This feature is not currently supported by DCE. DCE security servers can be used with Kerberized clients and servers, but versions prior to DCE Index: src/slave/kprop.M =================================================================== --- src/slave/kprop.M (revision 25289) +++ src/slave/kprop.M (working copy) @@ -34,7 +34,7 @@ .SH DESCRIPTION .I kprop is used to propagate a Kerberos V5 database dump file from the master -Kerberos server to a slave Kerberos server, which is specfied by +Kerberos server to a slave Kerberos server, which is specified by .IR slave_host . This is done by transmitting the dumped database file to the slave server over an encrypted, secure channel. The dump file must be created