Provided by: yadifa_2.6.7-1_amd64 bug

NAME

       yadifa - utility for controlling yadifad(8)

SYNOPSIS

       yadifa  module  [--config|-c  configfile] [--server|-s host] [@host ] [--port|-p port] [-K
       key-name] [--version|-V] [-h] [--verbose|-v] [-t] command [[-q] zone]

DESCRIPTION

       yadifa controls the operation of yadifad with its  control  module  (ctrl),  part  of  the
       YADIFA distribution from EURid vzw/asbl. The latest version of YADIFA can be found on:
                                     http://www.yadifa.eu/download

       yadifa  communicates with a name server over a TCP connection.  Messages are authenticated
       using a TSIG signature. The key is a secret shared between client and server.  The key can
       be  defined  using  a  <key> section both in the client and the server.  Additionally, the
       client accepts a full definition as a command line option.  Note that using authentication
       is mandatory when using the control module.

       For details about the key, see the manual or the TSIG section below.

MODULES

       *      ctrl command Controls yadifad.

SIMPLE USAGE

       For controlling yadifad a command can be:

   NORMAL USE CASE
       yadifa ctrl @server -t command -q argument

   FRIENDLIER USE CASE
       yadifa ctrl @server command argument

       ctrl Module used for controlling yadifad

       server  Is  the IP address of the name server to control. If no "server" argument is given
       yadifa.rc will be checked.

       command Is the command to be invoked

       argument Depending the command this can be e.g. a domain name.

   EXAMPLE
       yadifa ctrl @127.0.0.1 freeze somedomain.eu

OPTIONS

       [--config|-c configfile]
               Another config file will be used.

       [--server|-s host] | [ @host ]
               Host is the remote server to operate.

              e.g.:

              yadifa --server 192.0.2.1

              yadifa @192.0.2.1

              By default the DNS port is used. A port can be specified along with the IP address:

              e.g.:

              yadifa --server "192.0.2.1 port 5353"

              yadifa @"192.0.2.1 port 5353"

       [--port|-p port]
               Changes the DNS port. (default: 53)

       [-K key-name]
               Name of the key to be used for the controller. It needs to have been defined using
              a <key> section. (default: 'ctrl-key')

       [-y hmac-algorithm:key-name:base64-key]
               Definition of the key to be used for the controller.

              hmac-algorithm
                      Optional,  can  be:  hmac-md5,  hmac-sha1, hmac-sha224, hmac-256, hmac-384,
                     hmac-512. (default: hmac-md5)

              key-name
                      is the fqdn of the key.

              base64-key
                      is a base64 encoding of the key bytes.

              e.g.:

              -y hmac-sha1:our-shared-secret:ThisIsASecretShared=

              -y our-shared-secret:ThisIsASecretShared=

       [--verbose|-v]
               Verbose output.

       [--version|-V]
               Show version information.

       [--help|-h]
               Show a help text

COMMANDS

       [-t] cfgreload
               Reload the settings from the configuration file on disk.

       [-t] freeze [-q] zone
               Disables dynamic updates to a zone.

       [-t] freezeall [-q] zone
               Disables dynamic updates to every zone currently loaded.

       [-t] loglevel level
               Sets the log level to the given value (0-15), 6 = INFO, 15 = ALL.

       [-t] logreopen
               Close all log files and reopens them.

       [-t] notify
               Sends notifies to slaves of these zones.

       [-t] querylog [enable|disable]
               Sets the log for queries on or off (default: enable).

       [-t] reload [-q] zone
               Triggers the loading of the zone file(s) if the serial number is incremented.

       [-t] shutdown
               Shuts down the server.

       [-t] sync [-q] [zone] [clean]
               Write the zone to disk and optionally cleans up the journal.

       [-t] thaw [-q] [zone]
               Enables dynamic updates to a zone.

       [-t] thawall
               Enables dynamic updates to every zone.

       [-t] unfreeze [-q] [zone]
               Enables dynamic updates to a zone.

       [-t] unfreezeall
               Enables dynamic updates to every zone.

       [-t] zonecfgreload
              [-q zone]
               Reload the zone information in the configuration file and reload the zone  file(s)
              with increased serial number.

TSIG KEYS

       TSIG keys are used for authentication of messages.
       Their use is mandatory in the controller module.

       Several digest algorithms are supported for the TSIG key:

              *      hmac-md5

              *      hmac-sha1

              *      hmac-sha224

              *      hmac-sha256

              *      hmac-sha384

              *      hmac-sha512

       Several  methods  can  be  used  to  generate the base64-encoded sequence of bytes for the
       secret:

       *      %openssl rand -base64 32

       *      %dd if=/dev/random count=1 bs=32 2>/dev/null|base64

       *      %dd if=/dev/urandom count=1 bs=32 2>/dev/null|base64

       e.g.:

       #!/bin/sh
       # TSIG key generation example
       # can a
       key_algorithm="hmac-sha256"
       key_name="secretkey"
       key_secret=$(openssl rand -base64 32)
       if [ ! "x$1" == "x" ]
       then
            key_name="$1"
       fi

       echo "# Encoded for the yadifa command-line: -y $key_algorithm:$key_name:$key_secret"
       echo
       echo "<key>"
       echo "algorithm $key_algorithm"
       echo "name $key_name"
       echo "secret $key_secret"
       echo "</key>"

FILES

       yadifa
               The name server remote client.

       ${SYSCONFDIR}/yadifa.conf
               default yadifa configuration file.

       ${HOME}/.yadifa.rc
               default rcfile.

       yadifa.conf.5
               Configuration man page for yadifa.

       yadifa.rc.5
               Configuration man page for yadifa.

       yadifa.8
               This man page.

SEE ALSO

       yadifa.conf(5) yadifa.rc(5) yadifad(8)

REQUIREMENTS

       OpenSSL
              yadifad requires OpenSSL version 1.1.1 or later.

CHANGES

       Please check the ChangeLog file from the sources code.

VERSION

       Version: 2.6.7 of 2024-07-19.

MAILINGLIST

       There is a mailinglist for questions relating to any program in the yadifa package:

       *      yadifa-users@mailinglists.yadifa.eu
              for submitting questions/answers.

       *      http://www.yadifa.eu/mailing-list-users
              for subscription requests.

       If you would like to stay  informed  about  new  versions  and  official  patches  send  a
       subscription request to via:

       *      http://www.yadifa.eu/mailing-list-announcements

       (this is a read-only list).

LICENSE AND COPYRIGHT

       Copyright
              (C)2011-2023, EURid
              B-1831 Diegem, Belgium
              info@yadifa.eu

AUTHORS

       Gery Van Emelen
       Email: Gery.VanEmelen@EURid.eu
       Eric Diaz Fernandez
       Email: Eric.DiazFernandez@EURid.eu

       WWW: http://www.EURid.eu