Provided by: opendnssec-auditor_1.3.4-1ubuntu1_all bug


       ods-auditor - auditor component of OpenDNSSEC


       ods-auditor [options]


       ods-auditor is a module which provides auditing capabilities to OpenDNSSEC.

       Once  an  unsigned  zone  has  been  signed, this module is used to check that the signing
       process has run successfully. It checks that no data has been  lost  (or  non-DNSSEC  data
       added),  and  that  all  the  DNSSEC records are correct.  It used the OpenDNSSEC standard
       logging (defined in /etc/opendnssec/conf.xml).

       The Auditor takes the signed and unsigned zones and compares them.  It first  parses  both
       files, and creates transient files which are then sorted into canonical order. These files
       are then processed by the Auditor. If processing an NSEC3-signed file,  the  Auditor  will
       create additional temporary files, which are processed after the main auditing run.

   Specific options:
       -c, --conf [PATH_TO_CONF_FILE]
              Path to OpenDNSSEC configuration file

              (defaults to /etc/opendnssec/conf.xml)

       -k, --kasp [PATH_TO_KASP_FILE]
              Path to KASP policy file

              (defaults to the path given in the configuration file)

       -z, --zone [ZONE_NAME]
              Single zone to audit

              (defaults to audit all zones)

       -s,--signed [PATH_TO_SIGNED_FILE]
              If  a  single zone is specified, then this option may override the specified signed
              file with another. This is for use by the signer.

              (defaults to the path given in the zone list)

       -v, --version
              Display version information

   Common options:
       -h, -?, --help
              Show this message