horok/knot
1
0
Fork 0
Code Activity
knot/doc/man/kzonesign.1
Daniel Baumann 70063ca008
Adding upstream version 3.4.6. 
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
2025-06-21 13:47:52 +02:00

96 lines
2.8 KiB
Groff
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

.\" Man page generated from reStructuredText.
.
.
.nr rst2man-indent-level 0
.
.de1 rstReportMargin
\\$1 \\n[an-margin]
level \\n[rst2man-indent-level]
level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
-
\\n[rst2man-indent0]
\\n[rst2man-indent1]
\\n[rst2man-indent2]
..
.de1 INDENT
.\" .rstReportMargin pre:
. RS \\$1
. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
. nr rst2man-indent-level +1
.\" .rstReportMargin post:
..
.de UNINDENT
. RE
.\" indent \\n[an-margin]
.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
.nr rst2man-indent-level -1
.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
..
.TH "KZONESIGN" "1" "2025-04-10" "3.4.6" "Knot DNS"
.SH NAME
kzonesign \- DNSSEC signing utility
.SH SYNOPSIS
.sp
\fBkzonesign\fP [\fIconfig_option\fP] [\fIoptions\fP] \fIzone_name\fP
.SH DESCRIPTION
.sp
This utility reads the zone\(aqs zone file, signs the zone according to given
configuration, and writes the signed zone file back. An alternative mode
is DNSSEC validation of the given zone. The signing or validation
can run in parallel if enabled in the configuration (see policy.signing\-threads
and zone.adjust\-threads).
.SS Parameters
.INDENT 0.0
.TP
.B \fIzone_name\fP
A name of the zone to be signed.
.UNINDENT
.SS Config options
.INDENT 0.0
.TP
\fB\-c\fP, \fB\-\-config\fP \fIfile\fP
Use a textual configuration file (default is \fB/usr/local/etc/knot/knot.conf\fP).
.TP
\fB\-C\fP, \fB\-\-confdb\fP \fIdirectory\fP
Use a binary configuration database directory (default is \fB/usr/local/var/lib/knot/confdb\fP).
The default configuration database, if exists, has a preference to the default
configuration file.
.UNINDENT
.SS Options
.INDENT 0.0
.TP
\fB\-o\fP, \fB\-\-outdir\fP \fIdir_name\fP
Write the output zone file to the specified directory instead of the configured one.
.TP
\fB\-r\fP, \fB\-\-rollover\fP
Allow key roll\-overs and NSEC3 re\-salt. In order to finish possible KSK submission,
set the KSK\(aqs \fBactive\fP timestamp to now (\fB+0\fP) using \fI\%keymgr\fP\&.
.TP
\fB\-v\fP, \fB\-\-verify\fP
Instead of (re\-)signing the zone, just verify that the zone is correctly signed.
.TP
\fB\-t\fP, \fB\-\-time\fP \fItimestamp\fP
Sign/verify the zone (and roll the keys if necessary) as if it was at the time
specified by timestamp.
.TP
\fB\-h\fP, \fB\-\-help\fP
Print the program help.
.TP
\fB\-V\fP, \fB\-\-version\fP
Print the program version. The option \fB\-VV\fP makes the program
print the compile time configuration summary.
.UNINDENT
.SH EXIT VALUES
.sp
Exit status of 0 means successful operation. Any other exit status indicates
an error.
.SH SEE ALSO
.sp
\fBknot.conf(5)\fP, \fBkeymgr(8)\fP\&.
.SH AUTHOR
CZ.NIC Labs <https://www.knot-dns.cz>
.SH COPYRIGHT
Copyright 20102025, CZ.NIC, z.s.p.o.
.\" Generated by docutils manpage writer.
.
View git blame Copy permalink