Provided by: dnssec-tools_2.0-1_all 
NAME
realminit - Create new realm records for a DNSSEC-Tools realms file.
SYNOPSIS
realminit [options] <realm1> ... <realmN>
DESCRIPTION
realminit creates new realm entries for a realms file. dtrealms manages multiple distinct
DNSSEC-Tools rollover environments running simultaneously. Each rollover environment,
called a realm, is defined in a realms file. dtrealms uses this file to determine how to
run the rollover environment. This is useful for such things as managing very large
collections of zones, segregating customer zones, and software tests.
The newly generated realm entries are written to standard output, unless the -out option
is specified.
A realms file contains a number of entries, one for each managed realm. A realm entry has
this format:
realm "example"
state "active"
configdir "/usr/realms/configs/example"
statedir "/usr/realms/states/example"
realmsdir "/usr/realms/realms-files/example"
rollrec "example.rrf"
administrator "bob@cat.example.com"
display "1"
manager "rollerd"
args "-display -loglevel phase"
Multiple realm entries may be created with a single execution of realminit. Except for
the entry's name field, the entries will be exactly the same unless the '=' metacharacter
is used in the command-line options. If the values of the configdir, statedir, realmdir,
rollrec, administrator, args, or user options contain an '=', then it will be replaced
with the realm's name when building the entry. See the EXAMPLES section for examples of
how options are used by realminit.
OPTIONS
realminit may be given the following options:
-active
This indicates that dtrealms should start the realm when dtrealms starts. realms are
active by default.
-administrator
This is the email address for the realm's administrator.
-args
This is a set of command-line arguments passed to the realm's rollover manager when
the realm is started.
-configdir
This is the realm's configuration directory. This will contain such files as the
DNSSEC-Tools configuration file for that realm.
-display
This indicates if the realm should be included in grandvizier output.
-inactive
This indicates that dtrealms should not start the realm when dtrealms starts.
-manager
This is the rollover manager for the realm. rollerd is the default rollover manager,
but other managers may be used.
-out output-file
The new realm entries will be appended to output-file. The file will be created if it
does not exist.
If this option is not given, the new rollrec entries will be written to standard
output.
-realmdir
This is the realm's data directory. This directory is expected to contain the rollrec
file, zone files, keyrec files, and key files for the zones in that realm.
-rollrec
This is the path to the realm's rollrec file. This is used to control rollover
actions for the realm. If it is not an absolute path, it will be assumed to be
relative to the realmdir field.
-statedir
This is the realm's state directory. This will contain such files as that realm's
rollrec lock file and the rollerd communications socket. If the statedir is not
defined for a realm, then the realm's configdir is used for that value.
-user
This is the user that the realm is executed as. (This is not yet implemented in
dtrealms.)
-help
Display a usage message.
-Version
Display version information for realminit and DNSSEC-Tools.
EXAMPLES
The following options should make clear how realminit deals with options and the new
realms. Example 1 will show the complete new realm record. For the sake of brevity, the
remaining examples will only show the fields relevant to that example. Further examples
will also use short-hand forms of the option names.
Example 1. One realm, with -statedir
This example shows the realm generated by giving realminit a single realm.
$ realminit -active -configdir /realms/confs/example -statedir /realms/states/example -realmdir /realms/realms/example -rollrec example.rrf -admin bob@cat.example.com -args "-loglevel phase -logfile logger" example
realm "example"
state "active"
configdir "/realms/confs/example"
statedir "/realms/states/example"
realmdir "/realms/realms/example"
rollrec "example.rrf"
administrator "bob@cat.example.com"
display "1"
manager "rollerd"
args "-loglevel phase -logfile logger"
Example 2. One realm, without -statedir
This example shows the realm generated by giving realminit a single realm.
$ realminit -active -configdir /realms/confs/example -realmdir /realms/realms/example -rollrec example.rrf -admin bob@cat.example.com -args "-loglevel phase -logfile logger" example
realm "example"
state "active"
configdir "/realms/confs/example"
statedir "/realms/confs/example"
...
Example 3. Two realms, without metacharacters
This example shows the realms generated by giving realminit two realms, without using the
special "=" metacharacter.
$ realminit -configdir /realms/confs/example -statedir /realms/states/example -realmdir /realms/realms/example -rollrec example.rrf -admin bob@cat.example.com example test
realm "example"
configdir "/realms/confs/example"
statedir "/realms/states/example"
realmdir "/realms/realms/example"
rollrec "example.rrf"
administrator "bob@cat.example.com"
...
realm "test"
configdir "/realms/confs/example"
statedir "/realms/states/example"
realmdir "/realms/realms/example"
rollrec "example.rrf"
administrator "bob@cat.example.com"
...
Example 4. Two realms, with metacharacters
This example shows the realms generated by giving realminit two realms, and that uses the
special "=" metacharacter.
$ realminit -configdir /realms/confs/= -statedir /realms/states/= -realmdir /realms/realms/= -rollrec =.rrf -admin bob@cat.=.com example test
realm "example"
configdir "/realms/confs/example"
statedir "/realms/states/example"
realmdir "/realms/realms/example"
rollrec "example.rrf"
administrator "bob@cat.example.com"
...
realm "test"
configdir "/realms/confs/test"
statedir "/realms/states/test"
realmdir "/realms/realms/test"
rollrec "test.rrf"
administrator "bob@cat.test.com"
...
COPYRIGHT
Copyright 2012-2013 SPARTA, Inc. All rights reserved. See the COPYING file included with
the DNSSEC-Tools package for details.
AUTHOR
Wayne Morrison, tewok@tislabs.com
SEE ALSO
lsrealm(1), dtrealms(8), realmchk(8)
Net::DNS::SEC::Tools::realm.pm(3),
file-realmrec.pm(5)