NAME

       dtrealms - Displays defaults defined for DNSSEC-Tools

SYNOPSIS

         dtrealms [options] <realm-file>

DESCRIPTION

       dtrealms manages multiple distinct DNSSEC-Tools rollover environments running simultaneously.  Each
       rollover environment, called a realm, is defined in a realms file.  dtrealms uses this file to determine
       how the rollover environment must be initialized such that it can run independently of the other rollover
       environments on a particular system.  This is useful for such things as managing very large collections
       of zones, segregating customer zones, and software tests.

       The realms file may be created with realminit.  Currently, the distinct environment for each realm must
       be created manually.  It is hoped that a tool will soon be available to assist with creating each realm's
       environment.

       dtrealms isn't necessary for running multiple realms.  However, it does make it easier to manage multiple
       realms running consecutively.

REALM SETUP

       A realm is primarily defined by its entry in a realms file.  Four fields in particular describe where the
       realm's files are located and how it runs.  These are the realm's configuration directory, state
       directory, realm directory, and rollrec file.  These directories are used to set the DT_STATEDIR and
       DT_SYSCONFDIR environment variables, and the rollrec file defines which zones are managed by the realm's
       rollover manager.

       https://www.dnssec-tools.org/wiki/index.php/Rollover_Realms:_Multiple,_Simultaneous,_Independent_Rollover_Environments
       has more information on creating realms.

       configdir
           The  configdir  field  of  the  realms file contains the name of the realm's configuration directory.
           This file gives command paths and configuration values for running  the  DNSSEC-Tools.   The  DNSSEC-
           Tools  modules  expects  this  directory  hierarchy  to  contain  a  dnssec-tools subdirectory, and a
           dnssec-tools.conf file within that subdirectory.  The path fields in the configuration file point  to
           various  things,  such  as  commands and key archives.  It is recommended that these paths only point
           within the configdir hierarchy, other than for system utilities.

           The DT_SYSCONFDIR environment variable is set to the configdir field.  This  will  tell  the  DNSSEC-
           Tools programs and modules where to find their required data.

       statedir
           The  statedir  field  of  the  realms  file  contains  the name of the realm's state directory.  This
           directory contains such files as the rollrec lock file and the rollerd communications socket.   If  a
           realm  definition  does not contain a statedir field, then that realm will use the configdir field as
           its statedir field.

           The DT_STATEDIR environment variable is set to the statedir field.  This will tell  the  DNSSEC-Tools
           programs and modules where to find these files.

       realmdir
           The realmdir field of the realms file contains the name of the directory in which the realm executes.
           This is where the realm's zone, key, and other files are located.

       rollrec
           The  rollrec field of the realms file is the name of the file that controls zone rollover.  This file
           points to the various keyrec files that define the locations of the zone files and  their  associated
           key  files.  A realm's rollrec file can locate these files anywhere on the system, but it is strongly
           recommended that they all remain within the realm's realmdir hierarchy.

       While the DNSSEC-Tools programs will work fine if a realm's configuration, state, and  realm  directories
       are  actually one directory, it is recommended that at the least the realmdir files be separated from the
       configdir and statedir files.

       It is further recommended that the files for the various realms be segregated from each other.

OPTIONS

       The following options are handled by dtrealms.

       -directory
           Directory in which dtrealms will be executed.  Any relative paths given in realms configuration files
           will use this directory as their base.

       -display
           Start the grandvizier display program to give a graphical indication of realm status.

       -foreground
           Run dtrealms in the foreground instead of as a daemon.

       -logfile
           Logging file to use.

       -loglevel
           Logging level to use when writing to the log file.  See rolllog(3) for more details.

       -logtz
           Time zone to use with the log file.  This must be either "gmt" or "local".

       -Version
           Displays the version information for dtrealms and the DNSSEC-Tools package.

       -help
           Displays a help message and exits.

WARNING

       This is an early prototype.  Consider it to be beta quality.

COPYRIGHT

       Copyright 2011-2014 SPARTA, Inc.  All rights reserved.  See the COPYING file included  with  the  DNSSEC-
       Tools package for details.

AUTHOR

       Wayne Morrison, tewok@tislabs.com

SEE ALSO

       grandvizier(8), lsrealm(8), realminit(8), realmset(8)

       Net::DNS::SEC::Tools::realm.pm(3),                                  Net::DNS::SEC::Tools::realmmgr.pm(3),
       Net::DNS::SEC::Tools::rolllog.pm(3)

perl v5.22.1                                       2016-01-22                                       DTREALMS(1p)