File: realm.pod

package info (click to toggle)
dnssec-tools 1.13-1
  • links: PTS, VCS
  • area: main
  • in suites: wheezy
  • size: 16,064 kB
  • sloc: perl: 44,399; ansic: 31,547; cpp: 21,306; sh: 15,813; xml: 2,113; makefile: 1,390; pascal: 836; python: 290; csh: 11
file content (157 lines) | stat: -rw-r--r-- 4,730 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
 
#
# Copyright 2012 SPARTA, Inc.  All rights reserved.  See the COPYING
# file distributed with this software for details
#
# DNSSEC Tools
#
#	Realm file format.
#

1;

#############################################################################

=pod

=head1 NAME

B<Realm> - Realm-related data used by DNSSEC-Tools programs.

=head1 DESCRIPTION

The DNSSEC-Tools B<dtrealms> command manages a group of distinct rollover
environments running on a single host.  These distinct rollover environments
are called I<realms>.  B<dtrealms> uses a I<realm> file to properly create
and manage each of its realms.

A I<realms> file is organized in sets of I<realm> records.  Each I<realm>
record describes the execution environment of a single rollover instance.
A I<realm> consists of a set of keyword/value entries.

The DNSSEC-Tools B<realm.pm> module manipulates the contents of a I<realm>
file.  Module interfaces exist for looking up I<realm> records, creating new
records, and modifying existing records.

Comment lines and blank lines are ignored by the DNSSEC-Tools programs.
Comment lines start with either a '#' character or a ';' character.

A I<realm>'s name may consist of alphabetic characters, numbers, and several
special characters.  The special characters are the minus sign, the plus sign,
the underscore, the comma, the period, the colon, the forward-slash, the
space, and the tab.  This name is an identifier.

The values in a I<realm>'s entries may consist of alphabetic characters,
numbers, and several special characters.  The special characters are the
minus sign, the plus sign, the underscore, the comma, the period, the
colon, the forward-slash, the space, and the tab.

=head1 REALM FIELDS

The fields in a I<realm> record are:

 * administrator

This is the email address for the realm's administrative user.

 * args

The user-specified arguments for the rollover manager.  This is not a
required field.

 * configdir

This field contains the name of the directory in which B<dtrealms> will
find the realm's configuration information.  This directory must contain
a subdirectory named B<dnssec-tools>, and the realm's configuration file
will be stored there.  This is a required field.

 * display

This boolean field indicates whether or not the realm should be displayed
by the B<grandvizier> program.  This is an optional field.

 * hoard

This field contains the pathname to a collection of files used to build a
realm.  This field is B<only> used by the B<buildrealms> program.

 * manager

This field contains the name of the rollover manager program for the realm.
If this is not defined, then B<rollerd> will be used.

 * realmdir

This field contains the name of the directory in which B<dtrealms> will
execute the realm's rollover manager.  This is a required field.

 * rollrec

The realm's B<rollrec> file.  This file will be used by the rollover manager
to control the rollover environment.

 * state

This field contains the realm's state.  It must be either "active" or
"inactive".

 * statedir

This field contains the name of the directory in which B<rollerd> and other
DNSSEC-Tools programs will find the realm's state information.  If this is
not specified, the B<configdir> directory will be used.

 * user

This field contains the name of the user that the realm will be executed as.
This is an optional field.  I<This is not yet implemented in B<dtrealms>.>

=head1 EXAMPLES

The following are examples of I<realm>s:

    realm "example"
            state           "active"
            configdir	    "/realms/configs/example"
            statedir	    "/realms/states/example"
            realmdir	    "/realms/realms/example"
            rollrec         "demo-example.rollrec"
            administrator   "zonefolks@example.com"
            display         "1"
            manager         "rollerd"
            args            "-sleep 600 -loglevel phase -logfile log.example"
            user            "zonemgr"

    realm "testing"
            state           "inactive"
            configdir	    "/realms/configs/testing"
            realmdir	    "/realms/realms/testing"
            rollrec         "demo-testing.rollrec"
            display         "1"
            manager         "rollerd-tester"
            args            "-sleep 60 -loglevel tmi -logfile log.testing"

=head1 COPYRIGHT

Copyright 2012 SPARTA, Inc.  All rights reserved.
See the COPYING file included with the DNSSEC-Tools package for details.

=head1 AUTHOR

Wayne Morrison, tewok@tislabs.com

=head1 SEE ALSO

B<buildrealms(8)>,
B<dtrealms(8)>,
B<grandvizier(8)>,
B<lsrealm(8)>,
B<realmchk(8)>,
B<realminit(8)>

B<Net::DNS::SEC::Tools::keyrec(3)>,
B<Net::DNS::SEC::Tools::rollrec(3)>

B<keyrec(5)>

=cut