NAME¶
realmctl - Send commands to the DNSSEC-Tools realms daemon
SYNOPSIS¶
realmctl [options]
DESCRIPTION¶
The
realmctl command sends commands to
dtrealms, the DNSSEC-Tools
realms daemon. In most cases,
dtrealms will send a response to
realmctl.
realmctl will print a success or failure message, as
appropriate. Only one option may be specified on a command line.
OPTIONS¶
The following options are handled by
realmctl.
- -allstart
- Starts all suspended realms.
- -allstop
- Stops all running realms.
- -cmd -- realm cmd args
- -command -- realm cmd args
- Sends a command to the specified realm. The command given
as cmd will be sent to the rollerd running in realm
realm.
The double-dash given above is critical for proper argument parsing of the
command line.
All command-line arguments, as args above, following the realm name
and command name will be sent as the command.
Whatever output the command gives will be returned to realmctl, which
will then print that output. The command's return code will be appended to
the command's output. No attempt will be made to analyze the output for
success or failure.
For example, this command will tell the realm giant-isp to stop
rollover of zone bob.example.com:
$ realmctl -command -- giant-isp rollctl -skipzone bob.example.com
Warning: This is an inherently dangerous command. When choosing a
user under which the realm and rollover commands will be executed, be
aware that this problem exists. realmctl may be modified in
the future to restrict the commands that may be executed with this
option.
- -display
- Starts the realms status GUI.
- -halt [now]
- Cleanly halts dtrealms execution.
- -logfile logfile
- Sets the dtrealms log file to logfile. This
must be a valid logging file, meaning that if logfile already
exists, it must be a regular file. The only exceptions to this are if
logfile is /dev/stdout or /dev/tty.
- -loglevel loglevel
- Sets the dtrealms logging level to loglevel.
This must be one of the valid logging levels defined in
realmmgr.pm (3).
If a logging level is not specified, then the list of valid levels will be
printed and realmctl will exit. The list is given in both text and
numeric forms.
- -logtz logtz
- Sets the dtrealms logging timezone to
loglevel. This must be either gmt (for Greenwich Mean Time
or local (for the host's local time.)
- -nodisplay
- Stops the realms status GUI.
- -realmstatus
- Gets the current status of all the realms from
dtrealms. For each realm, the name, execution status, and zone
counts are printed. The zone counts are, in order, the number of zones in
normal state, the number of zones in ZSK rollover, the number of zones in
KSK rollover, and the number of zones waiting in KSK phase 6. The zone
counts are determined by sending the realm's rollover manager an
information request. Therefore, if the zone is inactive, the zone counts
are not included.
Example:
dev active normal: 18 ZSK: 3 KSK: 1 KSK phase 6: 0
test-r inactive
money active normal: 10 ZSK: 0 KSK: 0 KSK phase 6: 1
- -shutdown
- Synonym for -halt.
- -startrealm realm
- Starts the suspended realm named by realm. Multiple
realms can be specified on the command line. For instance, this command
will send the startrealm command to dtrealms for three
realms.
$ realmctl -startrealm testing production customers
- -status
- Has dtrealms write several of its operational
parameters to its log file. The parameters are also reported to
realmctl, which prints them to the screen.
- -stoprealm realm
- Stops the realm named by realm. Multiple realms can
be specified on the command line. For instance, this command will send the
stoprealm command to dtrealms for two realms.
$ realmctl -stoprealm big-isp-3 misc-customers
- -Version
- Displays the version information for realmctl and
the DNSSEC-Tools package.
- -quiet
- Prevents output from being given. Both error and non-error
output is stopped.
- -help
- Displays a usage message.
EXIT CODES¶
realmctl may give the following exit codes:
- 0 - Successful execution
- 1 - Error sending the command to dtrealms.
- 2 - Missing realm argument.
- 3 - Too many command options specified.
- 4 - Missing argument for -cmd or
-command.
- 5 - No option specified.
- 200 - dtrealms is not running.
- 201 - Configuration file checks failed.
COPYRIGHT¶
Copyright 2012 SPARTA, Inc. All rights reserved. See the COPYING file included
with the DNSSEC-Tools package for details.
AUTHOR¶
Wayne Morrison, tewok@tislabs.com
SEE ALSO¶
Net::DNS::SEC::Tools::realmmgr.pm(3),
Net::DNS::SEC::Tools::realm.pm (3)
dtrealms(8),
rollctl(8)
rollerd(8)