diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-09-12 04:45:07 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-09-12 04:45:07 +0000 |
commit | 0335817ced71e8355806ea0445aa3b105a22364c (patch) | |
tree | dffe735f2668a4728d8567feaf7ccb2d73076bac /doc/man/kzonesign.1 | |
parent | Adding upstream version 3.3.9. (diff) | |
download | knot-upstream/3.4.0.tar.xz knot-upstream/3.4.0.zip |
Adding upstream version 3.4.0.upstream/3.4.0upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'doc/man/kzonesign.1')
-rw-r--r-- | doc/man/kzonesign.1 | 96 |
1 files changed, 96 insertions, 0 deletions
diff --git a/doc/man/kzonesign.1 b/doc/man/kzonesign.1 new file mode 100644 index 0000000..558c95b --- /dev/null +++ b/doc/man/kzonesign.1 @@ -0,0 +1,96 @@ +.\" Man page generated from reStructuredText. +. +. +.nr rst2man-indent-level 0 +. +.de1 rstReportMargin +\\$1 \\n[an-margin] +level \\n[rst2man-indent-level] +level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] +- +\\n[rst2man-indent0] +\\n[rst2man-indent1] +\\n[rst2man-indent2] +.. +.de1 INDENT +.\" .rstReportMargin pre: +. RS \\$1 +. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin] +. nr rst2man-indent-level +1 +.\" .rstReportMargin post: +.. +.de UNINDENT +. RE +.\" indent \\n[an-margin] +.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]] +.nr rst2man-indent-level -1 +.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] +.in \\n[rst2man-indent\\n[rst2man-indent-level]]u +.. +.TH "KZONESIGN" "1" "2024-09-02" "3.4.0" "Knot DNS" +.SH NAME +kzonesign \- DNSSEC signing utility +.SH SYNOPSIS +.sp +\fBkzonesign\fP [\fIconfig_option\fP] [\fIoptions\fP] \fIzone_name\fP +.SH DESCRIPTION +.sp +This utility reads the zone\(aqs zone file, signs the zone according to given +configuration, and writes the signed zone file back. An alternative mode +is DNSSEC validation of the given zone. The signing or validation +can run in parallel if enabled in the configuration (see policy.signing\-threads +and zone.adjust\-threads). +.SS Parameters +.INDENT 0.0 +.TP +.B \fIzone_name\fP +A name of the zone to be signed. +.UNINDENT +.SS Config options +.INDENT 0.0 +.TP +\fB\-c\fP, \fB\-\-config\fP \fIfile\fP +Use a textual configuration file (default is \fB/usr/local/etc/knot/knot.conf\fP). +.TP +\fB\-C\fP, \fB\-\-confdb\fP \fIdirectory\fP +Use a binary configuration database directory (default is \fB/usr/local/var/lib/knot/confdb\fP). +The default configuration database, if exists, has a preference to the default +configuration file. +.UNINDENT +.SS Options +.INDENT 0.0 +.TP +\fB\-o\fP, \fB\-\-outdir\fP \fIdir_name\fP +Write the output zone file to the specified directory instead of the configured one. +.TP +\fB\-r\fP, \fB\-\-rollover\fP +Allow key roll\-overs and NSEC3 re\-salt. In order to finish possible KSK submission, +set the KSK\(aqs \fBactive\fP timestamp to now (\fB+0\fP) using \fI\%keymgr\fP\&. +.TP +\fB\-v\fP, \fB\-\-verify\fP +Instead of (re\-)signing the zone, just verify that the zone is correctly signed. +.TP +\fB\-t\fP, \fB\-\-time\fP \fItimestamp\fP +Sign/verify the zone (and roll the keys if necessary) as if it was at the time +specified by timestamp. +.TP +\fB\-h\fP, \fB\-\-help\fP +Print the program help. +.TP +\fB\-V\fP, \fB\-\-version\fP +Print the program version. The option \fB\-VV\fP makes the program +print the compile time configuration summary. +.UNINDENT +.SH EXIT VALUES +.sp +Exit status of 0 means successful operation. Any other exit status indicates +an error. +.SH SEE ALSO +.sp +\fBknot.conf(5)\fP, \fBkeymgr(8)\fP\&. +.SH AUTHOR +CZ.NIC Labs <https://www.knot-dns.cz> +.SH COPYRIGHT +Copyright 2010–2024, CZ.NIC, z.s.p.o. +.\" Generated by docutils manpage writer. +. |