Rechercher une page de manuel
rollchk
Langue: en
Version: 2010-06-30 (fedora - 01/12/10)
Section: 1 (Commandes utilisateur)
NAME
rollchk - Check a DNSSEC-Tools rollrec file for problems and inconsistencies.SYNOPSIS
rollchk [-roll | -skip] [-count] [-quiet] [-verbose] [-help] rollrec-file
DESCRIPTION
This script checks the rollrec file specified by rollrec-file for problems and inconsistencies.Recognized problems include:
- *
- non-existent rollrec file
The specified rollrec file does not exist.
- *
- no zones defined
No zones are defined in the specified rollrec file.
- *
- invalid KSK rollover phase
A zone has an invalid KSK rollover phase. These phases may be 0, 1, 2, 3, 4, 5, 6, or 7; any other value is invalid.
- *
- mismatch in KSK timestamp data
A zone's KSK roll-seconds timestamp does not translate into the date stored in its roll-date string.
- *
- invalid ZSK rollover phase
A zone has an invalid ZSK rollover phase. These phases may be 0, 1, 2, 3, or 4; any other value is invalid.
- *
- mismatch in ZSK timestamp data
A zone's ZSK roll-seconds timestamp does not translate into the date stored in its roll-date string.
- *
- contemporaneous KSK and ZSK rollovers
A zone has a KSK rollover occurring at the same time as a ZSK rollover. A zone may only have one rollover phase be non-zero at a time.
- *
- in rollover without a phasestart
A zone is currently in rollover, but its rollrec record does not have a phasestart field.
- *
- empty administrator
A zone has an empty administrator field. This field must contain a non-empty data value. The value itself is not parsed for accuracy.
- *
- non-existent directory
Several checks are made for a zone's directory. If the zone has a directory specified, the directory must exist and it must be an actual directory.
- *
- invalid display flag
A zone has an invalid display flag. This flag may be 0 or 1; any other value is invalid.
- *
- non-positive maxttl
The maximum TTL value must be greater than zero.
- *
- zone file checks
Several checks are made for a zone's zone file. The zone file must exist, it must be a regular file, and it must not be of zero length.
If the file is not an absolute path and the file's rollrec has a directory entry, then the directory is prepended to the filename prior to performing any checks.
- *
- keyrec file checks
Several checks are made for a zone's keyrec file. The keyrec file must exist, it must be a regular file, and it must not be of zero length.
If the file is not an absolute path and the file's rollrec has a directory entry, then the directory is prepended to the filename prior to performing any checks.
- *
- zonename checks
Several checks are made for zonename. The zonename must maatch the SOA name in the zone file, and the zonename's keyrec record in its keyrec file must be a zone record.
- *
- empty zsargs
A zone has an empty zonesigner-arguments field. If this field exists, it must contain a non-empty data value. The value itself is not parsed for accuracy.
OPTIONS
- -roll
- Only display rollrecs that are active (``roll'') records. This option is mutually exclusive of the -skip option.
- -skip
- Only display rollrecs that are inactive (``skip'') records. This option is mutually exclusive of the -roll option.
- -count
- Display a final count of errors.
- -quiet
- Do not display messages. This option supersedes the setting of the -verbose option.
- -verbose
- Display many messages. This option is subordinate to the -quiet option.
- -Version
- Displays the version information for rollchk and the DNSSEC-Tools package.
- -help
- Display a usage message.
COPYRIGHT
Copyright 2006-2010 SPARTA, Inc. All rights reserved. See the COPYING file included with the DNSSEC-Tools package for details.AUTHOR
Wayne Morrison, tewok@users.sourceforge.netSEE ALSO
lsroll(8), rollerd(8), rollinit(8)Net::DNS::SEC::Tools::rollrec.pm(3)
file-rollrec(5), keyrec(8)
Contenus ©2006-2024 Benjamin Poulain
Design ©2006-2024 Maxime Vantorre