realminit - Man Page

Create new realm records for a DNSSEC-Tools realms file.

Synopsis

  realminit [options] <realm1> ... <realmN>

Description

realminit creates new realm entries for a realms file.  dtrealms manages multiple distinct DNSSEC-Tools rollover environments running simultaneously.  Each rollover environment, called a realm, is defined in a realms file.  dtrealms uses this file to determine how to run the rollover environment.  This is useful for such things as managing very large collections of zones, segregating customer zones, and software tests.

The newly generated realm entries are written to standard output, unless the -out option is specified.

A realms file contains a number of entries, one for each managed realm. A realm entry has this format:

    realm "example"
        state          "active"
        configdir      "/usr/realms/configs/example"
        statedir       "/usr/realms/states/example"
        realmsdir      "/usr/realms/realms-files/example"
        rollrec        "example.rrf"
        administrator  "bob@cat.example.com"
        display        "1"
        manager        "rollerd"
        args           "-display -loglevel phase"

Multiple realm entries may be created with a single execution of realminit.  Except for the entry's name field, the entries will be exactly the same unless the '=' metacharacter is used in the command-line options.  If the values of the configdir, statedir, realmdir, rollrec, administrator, args, or user options contain an '=', then it will be replaced with the realm's name when building the entry.  See the Examples section for examples of how options are used by realminit.

Options

realminit may be given the following options:

-active

This indicates that dtrealms should start the realm when dtrealms starts.  realms are active by default.

-administrator

This is the email address for the realm's administrator.

-args

This is a set of command-line arguments passed to the realm's rollover manager when the realm is started.

-configdir

This is the realm's configuration directory.  This will contain such files as the DNSSEC-Tools configuration file for that realm.

-display

This indicates if the realm should be included in grandvizier output.

-inactive

This indicates that dtrealms should not start the realm when dtrealms starts.

-manager

This is the rollover manager for the realm.  rollerd is the default rollover manager, but other managers may be used.

-out output-file

The new realm entries will be appended to output-file. The file will be created if it does not exist.

If this option is not given, the new rollrec entries will be written to standard output.

-realmdir

This is the realm's data directory.  This directory is expected to contain the rollrec file, zone files, keyrec files, and key files for the zones in that realm.

-rollrec

This is the path to the realm's rollrec file.  This is used to control rollover actions for the realm.  If it is not an absolute path, it will be assumed to be relative to the realmdir field.

-statedir

This is the realm's state directory.  This will contain such files as that realm's rollrec lock file and the rollerd communications socket.  If the statedir is not defined for a realm, then the realm's configdir is used for that value.

-user

This is the user that the realm is executed as. (This is not yet implemented in dtrealms.)

-help

Display a usage message.

-Version

Display version information for realminit and DNSSEC-Tools.

Examples

The following options should make clear how realminit deals with options and the new realms.  Example 1 will show the complete new realm record. For the sake of brevity, the remaining examples will only show the fields relevant to that example.  Further examples will also use short-hand forms of the option names.

Example 1.  One realm, with -statedir

This example shows the realm generated by giving realminit a single realm.

    $ realminit -active -configdir /realms/confs/example -statedir /realms/states/example -realmdir /realms/realms/example -rollrec example.rrf -admin bob@cat.example.com -args "-loglevel phase -logfile logger" example

    realm       "example"
        state           "active"
        configdir       "/realms/confs/example"
        statedir        "/realms/states/example"
        realmdir        "/realms/realms/example"
        rollrec         "example.rrf"
        administrator   "bob@cat.example.com"
        display         "1"
        manager         "rollerd"
        args            "-loglevel phase -logfile logger"

Example 2.  One realm, without -statedir

This example shows the realm generated by giving realminit a single realm.

    $ realminit -active -configdir /realms/confs/example -realmdir /realms/realms/example -rollrec example.rrf -admin bob@cat.example.com -args "-loglevel phase -logfile logger" example

    realm       "example"
        state           "active"
        configdir       "/realms/confs/example"
        statedir        "/realms/confs/example"
        ...

Example 3.  Two realms, without metacharacters

This example shows the realms generated by giving realminit two realms, without using the special "=" metacharacter.

    $ realminit -configdir /realms/confs/example -statedir /realms/states/example -realmdir /realms/realms/example -rollrec example.rrf -admin bob@cat.example.com example test

    realm       "example"
        configdir       "/realms/confs/example"
        statedir        "/realms/states/example"
        realmdir        "/realms/realms/example"
        rollrec         "example.rrf"
        administrator   "bob@cat.example.com"
        ...

    realm       "test"
        configdir       "/realms/confs/example"
        statedir        "/realms/states/example"
        realmdir        "/realms/realms/example"
        rollrec         "example.rrf"
        administrator   "bob@cat.example.com"
        ...

Example 4.  Two realms, with metacharacters

This example shows the realms generated by giving realminit two realms, and that uses the special "=" metacharacter.

    $ realminit -configdir /realms/confs/= -statedir /realms/states/= -realmdir /realms/realms/= -rollrec =.rrf -admin bob@cat.=.com example test

    realm       "example"
        configdir       "/realms/confs/example"
        statedir        "/realms/states/example"
        realmdir        "/realms/realms/example"
        rollrec         "example.rrf"
        administrator   "bob@cat.example.com"
        ...

    realm       "test"
        configdir       "/realms/confs/test"
        statedir        "/realms/states/test"
        realmdir        "/realms/realms/test"
        rollrec         "test.rrf"
        administrator   "bob@cat.test.com"
        ...

Author

Wayne Morrison, tewok@tislabs.com

See Also

lsrealm(1), dtrealms(8), realmchk(8)

Net::DNS::SEC::Tools::realm.pm(3),

file-realmrec.pm(5)

Info

2024-11-05 perl v5.40.0 User Contributed Perl Documentation