Provided by: dnssec-tools_2.2-2_all bug

NAME
       dtrealms - Displays defaults defined for DNSSEC-Tools


SYNOPSIS
         dtrealms [options] <realm-file>


DESCRIPTION
       dtrealms manages multiple distinct DNSSEC-Tools rollover environments running
       simultaneously.  Each rollover environment, called a realm, is defined in a realms file.
       dtrealms uses this file to determine how the rollover environment must be initialized such
       that it can run independently of the other rollover environments on a particular system.
       This is useful for such things as managing very large collections of zones, segregating
       customer zones, and software tests.

       The realms file may be created with realminit.  Currently, the distinct environment for
       each realm must be created manually.  It is hoped that a tool will soon be available to
       assist with creating each realm's environment.

       dtrealms isn't necessary for running multiple realms.  However, it does make it easier to
       manage multiple realms running consecutively.


REALM SETUP
       A realm is primarily defined by its entry in a realms file.  Four fields in particular
       describe where the realm's files are located and how it runs.  These are the realm's
       configuration directory, state directory, realm directory, and rollrec file.  These
       directories are used to set the DT_STATEDIR and DT_SYSCONFDIR environment variables, and
       the rollrec file defines which zones are managed by the realm's rollover manager.

       https://www.dnssec-tools.org/wiki/index.php/Rollover_Realms:_Multiple,_Simultaneous,_Independent_Rollover_Environments
       has more information on creating realms.

       configdir
           The configdir field of the realms file contains the name of the realm's configuration
           directory.  This file gives command paths and configuration values for running the
           DNSSEC-Tools.  The DNSSEC-Tools modules expects this directory hierarchy to contain a
           dnssec-tools subdirectory, and a dnssec-tools.conf file within that subdirectory.  The
           path fields in the configuration file point to various things, such as commands and
           key archives.  It is recommended that these paths only point within the configdir
           hierarchy, other than for system utilities.

           The DT_SYSCONFDIR environment variable is set to the configdir field.  This will tell
           the DNSSEC-Tools programs and modules where to find their required data.

       statedir
           The statedir field of the realms file contains the name of the realm's state
           directory.  This directory contains such files as the rollrec lock file and the
           rollerd communications socket.  If a realm definition does not contain a statedir
           field, then that realm will use the configdir field as its statedir field.

           The DT_STATEDIR environment variable is set to the statedir field.  This will tell the
           DNSSEC-Tools programs and modules where to find these files.

       realmdir
           The realmdir field of the realms file contains the name of the directory in which the
           realm executes.  This is where the realm's zone, key, and other files are located.

       rollrec
           The rollrec field of the realms file is the name of the file that controls zone
           rollover.  This file points to the various keyrec files that define the locations of
           the zone files and their associated key files.  A realm's rollrec file can locate
           these files anywhere on the system, but it is strongly recommended that they all
           remain within the realm's realmdir hierarchy.

       While the DNSSEC-Tools programs will work fine if a realm's configuration, state, and
       realm directories are actually one directory, it is recommended that at the least the
       realmdir files be separated from the configdir and statedir files.

       It is further recommended that the files for the various realms be segregated from each
       other.


OPTIONS
       The following options are handled by dtrealms.

       -directory
           Directory in which dtrealms will be executed.  Any relative paths given in realms
           configuration files will use this directory as their base.

       -display
           Start the grandvizier display program to give a graphical indication of realm status.

       -foreground
           Run dtrealms in the foreground instead of as a daemon.

       -logfile
           Logging file to use.

       -loglevel
           Logging level to use when writing to the log file.  See rolllog(3) for more details.

       -logtz
           Time zone to use with the log file.  This must be either "gmt" or "local".

       -Version
           Displays the version information for dtrealms and the DNSSEC-Tools package.

       -help
           Displays a help message and exits.


WARNING
       This is an early prototype.  Consider it to be beta quality.


COPYRIGHT
       Copyright 2011-2014 SPARTA, Inc.  All rights reserved.  See the COPYING file included with
       the DNSSEC-Tools package for details.


AUTHOR
       Wayne Morrison, tewok@tislabs.com


SEE ALSO
       grandvizier(8), lsrealm(8), realminit(8), realmset(8)

       Net::DNS::SEC::Tools::realm.pm(3), Net::DNS::SEC::Tools::realmmgr.pm(3),
       Net::DNS::SEC::Tools::rolllog.pm(3)