Ubuntu Manpages

Net::DNS::SEC::Tools::defaults

DNSSEC-Tools default values.

  use Net::DNS::SEC::Tools::defaults;
  %defs = dnssec_tools_alldefaults();
  $defalg = dnssec_tools_default("algorithm");
  $cz_path = dnssec_tools_default("zonecheck");
  $ksklife = dnssec_tools_default("ksklife");
  @default_names = dnssec_tools_defnames();

This module maintains a set of default values used by DNSSEC-Tools programs. This allows these defaults to be centralized in a single place and prevents them from being spread around multiple programs.

This interface returns a copy of all the DNSSEC-Tools defaults in a hash table.
This interface returns the value of a DNSSEC-Tools default. The interface is passed default, which is the name of a default to look up. The value of this default is returned to the caller.
This interface returns the names of all the DNSSEC-Tools defaults. No default values are returned, but the default names returned by dnssec_tools_defnames() may then be passed to dnssec_tools_default().

The following are the defaults defined for DNSSEC-Tools.

This default holds the default email address for the DNSSEC-Tools administrator.
This default holds the default directory in which keys will be archived.
This default holds the default encryption algorithm.
This default holds the default zone life, in seconds.
This default indicates whether or not zonesigner should display an entropy message.
This default holds the path to the key-generation program.
This default hold a set of options for the key-generation program.
This default holds the default number of KSK keys to generate for a zone.
This default holds the default length of a KSK key.
This default holds the default lifespan of a KSK key. This is only used for determining when to rollover the KSK key. Keys otherwise have no concept of a lifespan. This is measured in seconds.
This default is the maximum lifespan of a key.
This default is the minimum lifespan of a key.
This default is the timezone to be used in log-message timestamps.
The mail server that will be contacted by dt_adminmail(). This is passed to Mail::Send.
The type of mailer that will be contacted by dt_adminmail(). This is passed to Mail::Mailer (by way of Mail::Send.) Any values recognized by Mail::Mailer may be used here.
These defaults hold the default phase commands to be executed by rollerd for each phase of KSK rollover. The default keyword indicates that the normal phase processing should be performed. Multiple commands may be given, but they must be separated by bangs. The default keyword may be combined with other commands.
These defaults hold the default phase commands to be executed by rollerd when a zone is not in a rollover state. The default keyword indicates that the normal phase processing should be performed. Multiple commands may be given, but they must be separated by bangs. The default keyword may be combined with other commands.
These defaults hold the default phase commands to be executed by rollerd for each phase of ZSK rollover. The default keyword indicates that the normal phase processing should be performed. Multiple commands may be given, but they must be separated by bangs. The default keyword may be combined with other commands.
This default holds the default random number generator device.
This default holds the default revocation period of a KSK key. This is the minimum period of time a revoked KSK is required to remain in the signing set so that it is properly observed by resolvers. This is measured in seconds.
This default is the default path of the BIND rndc program.
This default is flag indicates if rollerd should have the DNS daemon reload its zones.
This default is the path to rollerd's log file.
This default is the default logging level for rollerd.
This default holds the default sleep time used by the rollerd rollover daemon.
This default indicates whether or not keys should be deleted when they are no longer in use.
This is merely a placeholder for the contact information. There is no useful default value for this.
This default specifies the path of the dnsval configuration file.
This default specifies the path of the named configuration file.
This default specifies the path to the DNS resolv.conf file.
This default holds the default value for how long the daemon should sleep.
This default specifies the name of the SMTP server.
This default specifies the location of trustman's temporary directory.
This default indicates whether or not the DNSSEC-Tools GUI should be used for option entry.
This default holds the maximum number of consecutive errors a particular zone may have before it is changed to be a skip zone.
This default holds the path to the zone-verification program.
This default hold a set of options for the zone-verification program.

This default is set to "-i local". This value has been found to greatly improve the amount of time it takes named-checkzone to run.

This default specifies the parser that will be used to parse zone files. The default value is to use the Net::DNS::ZoneFile module.
This default holds the path to the zone-signing program.
This default hold a set of options for the zone-signing program.
This default holds the default number of ZSK keys to generate for a zone.
This default holds the default length of the ZSK key.
This default holds the default lifespan of the ZSK key. This is only used for determining when to rollover the ZSK key. Keys otherwise have no concept of a lifespan. This is measured in seconds.

The following are the defaults holding the paths to the DNSSEC-Tools programs.

This default holds the path to the DNSSEC-Tools blinkenlights program.
This default holds the path to the DNSSEC-Tools cleanarch program.
This default holds the path to the DNSSEC-Tools cleankrf program.
This default holds the path to the DNSSEC-Tools dtconf program.
This default holds the path to the DNSSEC-Tools dtconfchk program.
This default holds the path to the DNSSEC-Tools dtdefs program.
This default holds the path to the DNSSEC-Tools dtinitconf program.
This default holds the path to the DNSSEC-Tools expchk program.
This default holds the path to the DNSSEC-Tools fixkrf program.
This default holds the path to the DNSSEC-Tools genkrf program.
This default holds the path to the DNSSEC-Tools getdnskeys program.
This default holds the path to the DNSSEC-Tools keyarch program.
This default holds the path to the DNSSEC-Tools krfcheck program.
This default holds the path to the DNSSEC-Tools lskrf program.
This default holds the path to the DNSSEC-Tools lsroll program.
This default holds the path to the DNSSEC-Tools rollchk program.
This default holds the path to the DNSSEC-Tools rollctl program.
This default holds the path to the DNSSEC-Tools rollerd program.
This default holds the path to the DNSSEC-Tools rollinit program.
This default holds the path to the DNSSEC-Tools rolllog program.
This default holds the path to the DNSSEC-Tools rollrec-editor program.
This default holds the path to the DNSSEC-Tools rollset program.
This default holds the path to the DNSSEC-Tools signset-editor program.
This default holds the path to the DNSSEC-Tools tachk program.
This default holds the path to the DNSSEC-Tools timetrans program.
This default holds the path to the DNSSEC-Tools trustman program.
This default holds the path to the DNSSEC-Tools zonesigner program.

Copyright 2006-2014 SPARTA, Inc. All rights reserved. See the COPYING file included with the DNSSEC-Tools package for details.

Wayne Morrison, tewok@tislabs.com