summaryrefslogtreecommitdiffstats
path: root/doc/man/kzonesign.1
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-09-12 04:45:07 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-09-12 04:45:07 +0000
commit0335817ced71e8355806ea0445aa3b105a22364c (patch)
treedffe735f2668a4728d8567feaf7ccb2d73076bac /doc/man/kzonesign.1
parentAdding upstream version 3.3.9. (diff)
downloadknot-upstream/3.4.0.tar.xz
knot-upstream/3.4.0.zip
Adding upstream version 3.4.0.upstream/3.4.0upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'doc/man/kzonesign.1')
-rw-r--r--doc/man/kzonesign.196
1 files changed, 96 insertions, 0 deletions
diff --git a/doc/man/kzonesign.1 b/doc/man/kzonesign.1
new file mode 100644
index 0000000..558c95b
--- /dev/null
+++ b/doc/man/kzonesign.1
@@ -0,0 +1,96 @@
+.\" Man page generated from reStructuredText.
+.
+.
+.nr rst2man-indent-level 0
+.
+.de1 rstReportMargin
+\\$1 \\n[an-margin]
+level \\n[rst2man-indent-level]
+level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
+-
+\\n[rst2man-indent0]
+\\n[rst2man-indent1]
+\\n[rst2man-indent2]
+..
+.de1 INDENT
+.\" .rstReportMargin pre:
+. RS \\$1
+. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
+. nr rst2man-indent-level +1
+.\" .rstReportMargin post:
+..
+.de UNINDENT
+. RE
+.\" indent \\n[an-margin]
+.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.nr rst2man-indent-level -1
+.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
+..
+.TH "KZONESIGN" "1" "2024-09-02" "3.4.0" "Knot DNS"
+.SH NAME
+kzonesign \- DNSSEC signing utility
+.SH SYNOPSIS
+.sp
+\fBkzonesign\fP [\fIconfig_option\fP] [\fIoptions\fP] \fIzone_name\fP
+.SH DESCRIPTION
+.sp
+This utility reads the zone\(aqs zone file, signs the zone according to given
+configuration, and writes the signed zone file back. An alternative mode
+is DNSSEC validation of the given zone. The signing or validation
+can run in parallel if enabled in the configuration (see policy.signing\-threads
+and zone.adjust\-threads).
+.SS Parameters
+.INDENT 0.0
+.TP
+.B \fIzone_name\fP
+A name of the zone to be signed.
+.UNINDENT
+.SS Config options
+.INDENT 0.0
+.TP
+\fB\-c\fP, \fB\-\-config\fP \fIfile\fP
+Use a textual configuration file (default is \fB/usr/local/etc/knot/knot.conf\fP).
+.TP
+\fB\-C\fP, \fB\-\-confdb\fP \fIdirectory\fP
+Use a binary configuration database directory (default is \fB/usr/local/var/lib/knot/confdb\fP).
+The default configuration database, if exists, has a preference to the default
+configuration file.
+.UNINDENT
+.SS Options
+.INDENT 0.0
+.TP
+\fB\-o\fP, \fB\-\-outdir\fP \fIdir_name\fP
+Write the output zone file to the specified directory instead of the configured one.
+.TP
+\fB\-r\fP, \fB\-\-rollover\fP
+Allow key roll\-overs and NSEC3 re\-salt. In order to finish possible KSK submission,
+set the KSK\(aqs \fBactive\fP timestamp to now (\fB+0\fP) using \fI\%keymgr\fP\&.
+.TP
+\fB\-v\fP, \fB\-\-verify\fP
+Instead of (re\-)signing the zone, just verify that the zone is correctly signed.
+.TP
+\fB\-t\fP, \fB\-\-time\fP \fItimestamp\fP
+Sign/verify the zone (and roll the keys if necessary) as if it was at the time
+specified by timestamp.
+.TP
+\fB\-h\fP, \fB\-\-help\fP
+Print the program help.
+.TP
+\fB\-V\fP, \fB\-\-version\fP
+Print the program version. The option \fB\-VV\fP makes the program
+print the compile time configuration summary.
+.UNINDENT
+.SH EXIT VALUES
+.sp
+Exit status of 0 means successful operation. Any other exit status indicates
+an error.
+.SH SEE ALSO
+.sp
+\fBknot.conf(5)\fP, \fBkeymgr(8)\fP\&.
+.SH AUTHOR
+CZ.NIC Labs <https://www.knot-dns.cz>
+.SH COPYRIGHT
+Copyright 2010–2024, CZ.NIC, z.s.p.o.
+.\" Generated by docutils manpage writer.
+.