NAME¶
lsroll - List the rollrecs in a DNSSEC-Tools rollrec file
SYNOPSIS¶
lsroll [options] <rollrec-files>
DESCRIPTION¶
This script lists the contents of the specified
rollrec files. All
rollrec files are loaded before the output is displayed. If any
rollrecs have duplicated names, whether within one file or across
multiple files, the later
rollrec will be the one whose data are
displayed.
The output displayed for each zone in a
rollrec file depends on the
selected records, the selected attributes, and the selected output format.
Each option in these option groups is described in detail in the next section.
The three base output formats, along with the default
-skip format, are
described here.
The
-terse option indicates that a minimal amount of output is desired;
the
-long option indicates that a great deal of output is desired. The
record-selection and attribute-selection options may be used in conjunction
with
-terse to display exactly the set of
rollrec fields needed.
The default output format is that used when neither
-terse nor
-long is given, and is a middle ground between terse and long output.
If the
-skip option is given, then the default output format is a little
more restricted than the normal default. Some
rollrec fields don't make
sense in the context of a skip records, and so are given as "---".
These fields are the KSK rollover phase, the ZSK rollover phase, the TTL
value, and the phase start.
The table below shows the fields displayed for each output format.
rollrec field default terse long skip
------------- ------- ----- ---- ----
rollrec name yes yes yes yes
rollrec type no no yes no
zonename no no yes yes
zone file yes no yes yes
zonegroup no no yes no
keyrec file yes no yes yes
KSK phase yes no yes no
ZSK phase yes no yes no
administrator no no yes no
directory no no yes no
logging level no no yes no
TTL value no no yes no
display flag no no yes no
phase start no no yes no
last KSK rollover no no yes no
last ZSK rollover no no yes no
zonesigner arguments no no yes no
The
rollrec name field is often the same as its zonename, but this is not
necessarily the case. The
rollrec name can contain spaces, while the
zonename can't. For this reason,
lsroll displays the
rollrec
name in quotes, even if the name contains no spaces. This is intended to allow
for easier parsing by other programs.
OPTIONS¶
There are three types of options recognized by
lsroll: record-selection
options, attribute-selection options, and output-format options. Each type is
described in the subsections below.
Record-selection Options¶
These options select the records that will be displayed by
lsroll. By
default, all records will be displayed; selecting one or the other of these
options will restrict the records shown.
In order to simplify the
lsroll code and keep it easily understandable,
these options are mutually exclusive.
- -roll
- List all "roll" records in the rollrec
file.
- -skip
- List all "skip" records in the rollrec
file.
Attribute-selection Options¶
These options select the attributes of the records that will be displayed by
lsroll.
- -type
- Include each rollrec record's type in the output.
The type will be either "roll" or "skip".
- -zonename
- The record's zonename is included in the output. The
zonename is distinct from the record's rollrec name, which is
always included in the output. While these two fields are often the same,
they need not be. In split-zone zones, the rollrec names must be
different, while the zonename field is the same.
- -zonefile
- The record's zonefile is included in the output. This field
is part of the default output.
- -zg
- The record's zonegroup is included in the output, enclosed
in double quotes. If a rollrec does not contain a zonegroup, then
the value "" is given.
- -keyrec
- The record's keyrec file is included in the output.
This field is part of the default output.
- -kskphase
- The record's KSK rollover phase are included in the output.
If this option is given with the -zskphase option, then the output
will follow the format described for the -phases option. This field
is part of the default output.
- -zskphase
- The record's ZSK rollover phase are included in the output.
If this option is given with the -kskphase option, then the output
will follow the format described for the -phases option. This field
is part of the default output.
- -phases
- The record's KSK and ZSK rollover phases are included in
the output. The listing is given with the KSK phase first, followed by the
ZSK phase.
Examples of output from this option are:
KSK phase ZSK phase output
0 0 0/0
3 0 3/0
0 5 0/5
- -admin
- The record's administrator value is included in the output.
If an administrator value is not included in a rollrec, then the
value "(defadmin)" will be given.
- -directory
- The name of the directory that holds the zone's files is
included in the output. If a zone directory is not included in a
rollrec, then the value "(defdir)" will be given.
- -loglevel
- The rollerd logging level for this zone. This value
may be given in the rollrec file in either the textual or numeric
form. The textual form of the logging level will be displayed, not the
numeric. If a logging level value is not included in a rollrec,
then the value "(deflog)" will be given. If an undefined logging
level value is included in a rollrec, then the value
"(unknownlog)" will be given.
- -ttl
- The record's TTL value is included in the output.
- -display
- The record's display flag, used by blinkenlights, is
included in the output.
- -phstart
- The record's rollover phase is included in the output. If
no rollover has yet been performed for this zone, an empty date is
given.
- -lastksk
- The record's last KSK rollover date is included in the
output. If no KSK rollover has yet been performed for this zone, an empty
date is given.
- -lastzsk
- The record's last ZSK rollover date is included in the
output. If no ZSK rollover has yet been performed for this zone, an empty
date is given.
- -zsargs
- The record's user-defined zonesigner arguments are
included in the output. If no arguments have been set for this zone, then
the value "(none)" is given.
- -zonegroup
- The zonegroups defined in the rollrec are listed,
enclosed in double quotes. All other rollrec fields are ignored. If
the -long option is specified, then each zonegroup name will be
accompanied by the number of rollrec entries in that
zonegroup.
These options select the type of output that will be given by
lsroll.
- -count
- Only a count of matching keyrecs in the rollrec file
is given.
- -headers
- Display explanatory column headers.
- -terse
- Terse output is given. Only the record name and any other
fields specifically selected are included in the output.
- -long
- Long output is given. All record fields are included.
- -help
- Display a usage message.
- -Version
- Displays the version information for lsroll and the
DNSSEC-Tools package.
COPYRIGHT¶
Copyright 2005-2012 SPARTA, Inc. All rights reserved. See the COPYING file
included with the DNSSEC-Tools package for details.
AUTHOR¶
Wayne Morrison, tewok@tislabs.com
SEE ALSO¶
blinkenlights(8),
rollchk(8),
rollinit(8),
rollerd(8)
Net::DNS::SEC::Tools::rollrec.pm(3)
file-rollrec(5)