cleankrf

Langue: en

Version: 2007-05-21 (mandriva - 01/05/08)

Section: 1 (Commandes utilisateur)

NAME

cleankrf - Clean a DNSSEC-Tools keyrec files of old data.

SYNOPSIS

   cleankrf [options] <keyrec-files>
 
 

DESCRIPTION

cleankrf cleans old data out of a set of DNSSEC-Tools keyrec files. The old data are orphaned signing sets, orphaned keys, and obsolete keys.

Orphaned signing sets are set keyrecs unreferenced by a zone keyrec.

Orphaned keys are KSK key keyrecs unreferenced by a zone keyrec and ZSK key keyrecs unreferenced by any set keyrecs.

Obsolete keys are ZSK key keyrecs with a keyrec_type of zskobs.

cleankrf's exit code is the count of orphaned and obsolete keyrecs found.

OPTIONS

-count
Display a final count of old keyrecs found in the keyrec files. This option allows the count to be displayed even if the -quiet option is given.
-list
The key keyrecs are checked for old keyrecs, but they are not removed from the keyrec file. The names of the old keyrecs are displayed.
-rm
Delete the key files, both .key and .private, from orphaned and expired keyrecs.
-quiet
Display no output.
-verbose
Display output about referenced keys and unreferenced keys.
-help
Display a usage message.
Copyright 2004-2007 SPARTA, Inc. All rights reserved. See the COPYING file included with the DNSSEC-Tools package for details.

AUTHOR

Wayne Morrison, tewok@users.sourceforge.net

SEE ALSO

fixkrf(8), lskrf(8), zonesigner(8)

Net::DNS::SEC::Tools::keyrec.pm(3)

file-keyrec.pm(5)