Rechercher une page de manuel
rollchk.1p
Langue: en
Version: 2008-07-23 (debian - 07/07/09)
Section: 1 (Commandes utilisateur)
NAME
rollchk - Check a DNSSEC-Tools rollrec file for problems and inconsistencies.SYNOPSIS
rollchk [-roll | -skip] [-count] [-quiet] [-verbose] [-help] rollrec-file
DESCRIPTION
This script checks the rollrec file specified by rollrec-file for problems and inconsistencies.Recognized problems include:
- •
- non-existent rollrec file
The specified rollrec file does not exist.
- •
- no zones defined
No zones are defined in the specified rollrec file.
- •
- invalid KSK rollover phase
A zone has an invalid KSK rollover phase. These phases may be 0, 1, 2, 3, 4, 5, 6, or 7; any other value is invalid.
- •
- mismatch in KSK timestamp data
A zone's KSK roll-seconds timestamp does not translate into the date stored in its roll-date string.
- •
- invalid ZSK rollover phase
A zone has an invalid ZSK rollover phase. These phases may be 0, 1, 2, 3, or 4; any other value is invalid.
- •
- mismatch in ZSK timestamp data
A zone's ZSK roll-seconds timestamp does not translate into the date stored in its roll-date string.
- •
- contemporaneous KSK and ZSK rollovers
A zone has a KSK rollover occurring at the same time as a ZSK rollover. A zone may only have one rollover phase be non-zero at a time.
- •
- in rollover without a phasestart
A zone is currently in rollover, but its rollrec record does not have a phasestart field.
- •
- empty administrator
A zone has an empty administrator field. This field must contain an email address.
- •
- non-existent directory
Several checks are made for a zone's directory. If the zone has a directory specified, the directory must exist and it must be an actual directory.
- •
- invalid display flag
A zone has an invalid display flag. This flag may be 0 or 1; any other value is invalid.
- •
- non-positive maxttl
The maximum TTL value must be greater than zero.
- •
- zone file checks
Several checks are made for a zone's zone file. The zone file must exist, it must be a regular file, and it must not be of zero length.
- •
- keyrec file checks
Several checks are made for a zone's keyrec file. The keyrec file must exist, it must be a regular file, and it must not be of zero length.
OPTIONS
- -roll
- Only display rollrecs that are active (``roll'') records. This option is mutually exclusive of the -skip option.
- -skip
- Only display rollrecs that are inactive (``skip'') records. This option is mutually exclusive of the -roll option.
- -count
- Display a final count of errors.
- -quiet
- Do not display messages. This option supersedes the setting of the -v option.
- -verbose
- Display many messages. This option is subordinate to the -q option.
- -help
- Display a usage message.
COPYRIGHT
Copyright 2006-2008 SPARTA, Inc. All rights reserved. See the COPYING file included with the DNSSEC-Tools package for details.AUTHOR
Wayne Morrison, tewok@users.sourceforge.netSEE ALSO
lsroll(8), rollerd(8), rollinit(8)Net::DNS::SEC::Tools::rollrec.pm(3)
file-rollrec(5)
Contenus ©2006-2024 Benjamin Poulain
Design ©2006-2024 Maxime Vantorre