NAME¶
Realm - Realm-related data used by DNSSEC-Tools programs.
DESCRIPTION¶
The DNSSEC-Tools
dtrealms command manages a group of distinct rollover
environments running on a single host. These distinct rollover environments
are called
realms.
dtrealms uses a
realm file to properly
create and manage each of its realms.
A
realms file is organized in sets of
realm records. Each
realm record describes the execution environment of a single rollover
instance. A
realm consists of a set of keyword/value entries.
The DNSSEC-Tools
realm.pm module manipulates the contents of a
realm file. Module interfaces exist for looking up
realm
records, creating new records, and modifying existing records.
Comment lines and blank lines are ignored by the DNSSEC-Tools programs. Comment
lines start with either a '#' character or a ';' character.
A
realm's name may consist of alphabetic characters, numbers, and several
special characters. The special characters are the minus sign, the plus sign,
the underscore, the comma, the period, the colon, the forward-slash, the
space, and the tab. This name is an identifier.
The values in a
realm's entries may consist of alphabetic characters,
numbers, and several special characters. The special characters are the minus
sign, the plus sign, the underscore, the comma, the period, the colon, the
forward-slash, the space, and the tab.
REALM FIELDS¶
The fields in a
realm record are:
* administrator
This is the email address for the realm's administrative user.
* args
The user-specified arguments for the rollover manager. This is not a required
field.
* configdir
This field contains the name of the directory in which
dtrealms will find
the realm's configuration information. This directory must contain a
subdirectory named
dnssec-tools, and the realm's configuration file
will be stored there. This is a required field.
* display
This boolean field indicates whether or not the realm should be displayed by the
grandvizier program. This is an optional field.
* hoard
This field contains the pathname to a collection of files used to build a realm.
This field is
only used by the
buildrealms program.
* manager
This field contains the name of the rollover manager program for the realm. If
this is not defined, then
rollerd will be used.
* realmdir
This field contains the name of the directory in which
dtrealms will
execute the realm's rollover manager. This is a required field.
* rollrec
The realm's
rollrec file. This file will be used by the rollover manager
to control the rollover environment.
* state
This field contains the realm's state. It must be either "active" or
"inactive".
* statedir
This field contains the name of the directory in which
rollerd and other
DNSSEC-Tools programs will find the realm's state information. If this is not
specified, the
configdir directory will be used.
* user
This field contains the name of the user that the realm will be executed as.
This is an optional field.
This is not yet implemented in
dtrealms .
EXAMPLES¶
The following are examples of
realms:
realm "example"
state "active"
configdir "/realms/configs/example"
statedir "/realms/states/example"
realmdir "/realms/realms/example"
rollrec "demo-example.rollrec"
administrator "zonefolks@example.com"
display "1"
manager "rollerd"
args "-sleep 600 -loglevel phase -logfile log.example"
user "zonemgr"
realm "testing"
state "inactive"
configdir "/realms/configs/testing"
realmdir "/realms/realms/testing"
rollrec "demo-testing.rollrec"
display "1"
manager "rollerd-tester"
args "-sleep 60 -loglevel tmi -logfile log.testing"
COPYRIGHT¶
Copyright 2012 SPARTA, Inc. All rights reserved. See the COPYING file included
with the DNSSEC-Tools package for details.
AUTHOR¶
Wayne Morrison, tewok@tislabs.com
SEE ALSO¶
buildrealms(8),
dtrealms(8),
grandvizier(8),
lsrealm(8),
realmchk(8),
realminit(8)
Net::DNS::SEC::Tools::keyrec(3),
Net::DNS::SEC::Tools::rollrec (3)
keyrec(5)