trusty (3) Net::DNS::SEC::Tools::realm.3pm.gz
NAME
Realm - Realm-related data used by DNSSEC-Tools programs.
DESCRIPTION
The DNSSEC-Tools dtrealms command manages a group of distinct rollover environments running on a single
host. These distinct rollover environments are called realms. dtrealms uses a realm file to properly
create and manage each of its realms.
A realms file is organized in sets of realm records. Each realm record describes the execution
environment of a single rollover instance. A realm consists of a set of keyword/value entries.
The DNSSEC-Tools realm.pm module manipulates the contents of a realm file. Module interfaces exist for
looking up realm records, creating new records, and modifying existing records.
Comment lines and blank lines are ignored by the DNSSEC-Tools programs. Comment lines start with either
a '#' character or a ';' character.
A realm's name may consist of alphabetic characters, numbers, and several special characters. The
special characters are the minus sign, the plus sign, the underscore, the comma, the period, the colon,
the forward-slash, the space, and the tab. This name is an identifier.
The values in a realm's entries may consist of alphabetic characters, numbers, and several special
characters. The special characters are the minus sign, the plus sign, the underscore, the comma, the
period, the colon, the forward-slash, the space, and the tab.
REALM FIELDS
The fields in a realm record are:
* administrator
This is the email address for the realm's administrative user.
* args
The user-specified arguments for the rollover manager. This is not a required field.
* configdir
This field contains the name of the directory in which dtrealms will find the realm's configuration
information. This directory must contain a subdirectory named dnssec-tools, and the realm's
configuration file will be stored there. This is a required field.
* display
This boolean field indicates whether or not the realm should be displayed by the grandvizier program.
This is an optional field.
* hoard
This field contains the pathname to a collection of files used to build a realm. This field is only used
by the buildrealms program.
* manager
This field contains the name of the rollover manager program for the realm. If this is not defined, then
rollerd will be used.
* realmdir
This field contains the name of the directory in which dtrealms will execute the realm's rollover
manager. This is a required field.
* rollrec
The realm's rollrec file. This file will be used by the rollover manager to control the rollover
environment.
* state
This field contains the realm's state. It must be either "active" or "inactive".
* statedir
This field contains the name of the directory in which rollerd and other DNSSEC-Tools programs will find
the realm's state information. If this is not specified, the configdir directory will be used.
* user
This field contains the name of the user that the realm will be executed as. This is an optional field.
This is not yet implemented in dtrealms.
EXAMPLES
The following are examples of realms:
realm "example"
state "active"
configdir "/realms/configs/example"
statedir "/realms/states/example"
realmdir "/realms/realms/example"
rollrec "demo-example.rollrec"
administrator "zonefolks@example.com"
display "1"
manager "rollerd"
args "-sleep 600 -loglevel phase -logfile log.example"
user "zonemgr"
realm "testing"
state "inactive"
configdir "/realms/configs/testing"
realmdir "/realms/realms/testing"
rollrec "demo-testing.rollrec"
display "1"
manager "rollerd-tester"
args "-sleep 60 -loglevel tmi -logfile log.testing"
COPYRIGHT
Copyright 2012-2013 SPARTA, Inc. All rights reserved. See the COPYING file included with the DNSSEC-
Tools package for details.
AUTHOR
Wayne Morrison, tewok@tislabs.com
SEE ALSO
buildrealms(8), dtrealms(8), grandvizier(8), lsrealm(8), realmchk(8), realminit(8)
Net::DNS::SEC::Tools::keyrec(3), Net::DNS::SEC::Tools::rollrec(3)
keyrec(5)