.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.36.
.TH ODS-AUDITOR "1" "January 2010" "ods-auditor 1.0.0rc3" "OpenDNSSEC"
.SH NAME
ods-auditor \- auditor component of OpenDNSSEC
.SH SYNOPSIS
.B ods-auditor
[\fIoptions\fR]
.SH DESCRIPTION
\fBods-auditor\fP is a module which provides auditing capabilities to
OpenDNSSEC.

Once an unsigned zone has been signed, this module is used to check
that the signing process has run successfully. It checks that no data
has been lost (or non-DNSSEC data added), and that all the DNSSEC
records are correct.  It used the OpenDNSSEC standard logging (defined
in /etc/opendnssec/conf.xml).

The Auditor takes the signed and unsigned zones and compares them.  It
first parses both files, and creates transient files which are then
sorted into canonical order. These files are then processed by the
Auditor. If processing an NSEC3-signed file, the Auditor will create
additional temporary files, which are processed after the main
auditing run.
.SS "Specific options:"
.TP
\fB\-c\fR, \fB\-\-conf\fR [PATH_TO_CONF_FILE]
Path to OpenDNSSEC configuration file

(defaults to /etc/opendnssec/conf.xml)
.TP
\fB\-k\fR, \fB\-\-kasp\fR [PATH_TO_KASP_FILE]
Path to KASP policy file

(defaults to the path given in the configuration file)
.TP
\fB\-z\fR, \fB\-\-zone\fR [ZONE_NAME]
Single zone to audit

(defaults to audit all zones)
.TP
\fB\-s\fR,\fB\-\-signed\fR [PATH_TO_SIGNED_FILE]
If a single zone is specified, then this option may override
the specified signed file with another. This is for use by
the signer.

(defaults to the path given in the zone list)
.TP
\fB\-v\fR, \fB\-\-version\fR
Display version information
.SS "Common options:"
.TP
\fB\-h\fR, \-?, \fB\-\-help\fR
Show this message