TrustMan - manage keys used as trust anchors
TrustMan [options]
TrustMan runs by default as a daemon to verify if keys stored locally in configuration files like named.conf still match the same keys as fetched from the zone where they are defined. If mismatches are detected, the daemon notifies the contact person defined in the config file or on the command line by mail.
This script can also be run in the foreground (-f) to run this same check once manually.
This script can also be used to set up configuration data in the file dnssec-tools.conf for later use by the daemon, making fewer command line arguments necessary. Configuration data is stored in dnssec-tools.conf. The current version requires you to edit dnssec-tools.conf by hand and supply values for the contact person email address (tacontact) and the SMTP server (tasmtpserver). Also edit the location of named.conf and dnsval.conf in that file if necessary.
Run in the foreground
Create a configure file for TrustMan from the command line options given.
Output file for configuration
A dnsval.conf file to read
A named.conf file to read
The domain to check (supersedes configuration file)
The number of seconds to sleep between checks. Default is 3600 (one hour)
Mail address for the contact person to whom reports should be sent
Log messages to stdout.
Log messages to syslog.
SMTP server TrustMan should use to send reports
Send report when there are no errors.
Verbose.
Copyright 2006 SPARTA, Inc. All rights reserved. See the COPYING file included with the DNSSEC-Tools package for details.