EnglishFrenchSpanish

OnWorks favicon

buildrealmsp - Online in the Cloud

Run buildrealmsp in OnWorks free hosting provider over Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

This is the command buildrealmsp that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

PROGRAM:

NAME


buildrealms - assist in building a DNSSEC-Tools realms environment

SYNOPSIS


buildrealms [options] <realmsfile> <command> <command-args>

DESCRIPTION


buildrealms helps in setting up a realms environment for use by dtrealms. buildrealms
creates the required file hierarchies for each realm, it moves a realm's files to their
appropriate place in the hierarchy, and it updates several files for the final
destination.

The realm hierarchies are built in a staging area, which will hold the files for all the
realms. These are rollrec files, keyrec files, key files, configuration files, log files,
and anything else needed for by DNSSEC-Tools to manage key rollover. After buildrealms
creates these files, the user should check the files to ensure that they are correct. The
files and directories in the staging then must be manually moved to the final directory.
It is from this directory that dtrealms will manage the various realms. If the final
directory isn't specified (via an option), then the directory in which buildrealms was
executed will be the final directory.

buildrealms uses a realms file to control how it builds the realms environment. This
realm entries in this file have a hoard field, which is only used by buildrealms. For
each realm, this field's value is a directory which holds the files needed by that
particular realm. After building that realm, buildrealms removes the hoard entry from
that realm record. After all the realms have been built, a copy of this realms file is
moved into the staging area.

There are two operations buildrealms currently provides. These operations are in support
of creating and maintaining a DNSSEC-Tools realms environment. This documentation
describes the operations individually.

Realms Environment Creation
The create command builds the whole realms environment. The realm file hierarchies are
built in the staging area. After buildrealms creates these files, the user should check
the files to ensure that they are correct. The files and directories in the staging then
must be manually moved to the final directory. If the final directory isn't specified
(via an option), then the directory in which buildrealms was executed will be the final
directory.

buildrealms takes the following actions when given the create command:

· A file hierarchy is created for each realm.

· A DNSSEC-Tools configuration file is put in each realm's hierarchy. If the -config
option is given, then the specified configuration file will be copied to each realm.
If it isn't given, then each realm's hoard will be searched for a file whose name ends
with .conf. The first such file found will be used for that realm only. If such a
file is not found, then the system-wide DNSSEC-Tools configuration file will be used
for that realm.

· The realm's rollrec, keyrec, zone, and key files are moved into the hierarchy. The
rollrec file is named in the realms file. The keyrec and signed zone files are listed
in the rollrec file. The unsigned zone files and key files are listed in the keyrec
file.

· A key archive is created for each realm's existing, expired keys. The key archive is
placed in the realm's state directory in the staging area. Archived keys, as listed
in the keyrec files, are moved to this key archive.

· Paths in several files are adjusted for the new hierarchy and the realm's final
destination. These paths include archived keys in the realm's keyrec files, the key
archive and rollerd log files in the realm's DNSSEC-Tools configuration file, and key
directories in the keyrec files.

Realms Hierarchy Creation
The trees command builds the basic directory hierarchy for each realm in the staging area.
However, no other files or directories are copied or moved in to the staging area..

The following directories are created for each realm:

· configuration directory - This holds the dnssec-tools directory.

· dnssec-tools directory - This will hold the DNSSEC-Tools configuration file.

· state directory - This will hold the realm's state information, including the key
archive.

· realm directory - This will hold the realm's rollrec file, the keyrec files, the zone
files (signed and unsigned), and the key files.

PREPARING FOR EXECUTION


In preparing a realms file and the realm hoards for buildrealms, there are several things
that should be kept in mind.

· Use relative paths for the rollrec file and three directories in the realms file.

· All a realm's files should be stored in its hoard. They do not have to be in a
particular place in the directory, as long as the rollrec and keyrec files are
accurate.

· At the end of the creation process, the realms file will be copied into the top level
of the staging area.

· After specific files (e.g., rollrecs, keyrecs, etc.) are moved into a realm's part of
the staging area, the remaining files in the hoard will be moved into the realm's
realmdir part of the staging area. The hierarchical organization of the remaining
hoard files will be preserved.

· The contents of a keyrec's archive directory in the realm's hoard, as defined by the
archivedir field, will be moved to <statedir>/key-archive in the staging area.

· The configuration file for a realm will be put in <configdir>/dnssec-tools/<conffile>
in the staging area. The actual name of the configuration file (given here as
<conffile>) will depend on how the configuration file is found. If the system-wide
DNSSEC-Tools file is used, then the name will be dnssec-tools.conf. If the -config
option is used, then the name used with the option will be used. If a .conf file is
found in the realm's hoard, then the full filename will be used.

WARNINGS


root is not allowed to run buildrealms. Some of the actions taken by buildrealms can be
devastating if a misconfigured (or maliciously constructed) realm file is used to control
construction.

buildrealms is not clairvoyant. It does the best it can, but it is a general tool. The
resulting realms should be checked to ensure they are set up as desired. In particular,
you should check the realm file rollrec files, keyrec files, and configuration file.

No reverse functionality has been implemented, so once run, the files are modified, moved,
and copied. It might not be a bad idea to back up your files prior to running
buildrealms, just in case...

COMMANDS


create
The create command builds the whole realms environment. buildrealms takes the
following actions when given this command:

trees
The trees command builds the basic directory hierarchy for each realm. The following
directories are created for each realm:

OPTIONS


-actions
Display the file actions taken by buildrealms. This includes directory creations,
file copies, and file moves. If used in conjunction with the -nobuild option,
buildrealms will not perform the actions, but will display the actions that would
otherwise have been taken.

-clear
This flag indicates that buildrealms should delete the current staging area and its
contents prior to building the realms.

-config conffile
conffile is the DNSSEC-Tools configuration file to copy for each realm.

-directory target
target is the target directory for the realms to be built by buildrealms. The new
realms will not be moved to this directory, but the realms' files will reflect the use
of this directory. If this option is not specified, the current directory will be
used.

If -directory and -stagedir use the same directory, then the realms environment will
be build in the final directory.

-nobuild
This option tells buildrealms to go through the motions of building the new realms,
but not to actually build anything. If this is used in conjunctions with the -actions
option, buildrealms will show the actions that would have been taken.

-stagedir directory
This directory in which the new realms hierarchy is built. The default staging area
is ./staging-buildrealms if this option is not specified.

If -directory and -stagedir use the same directory, then the realms environment will
be build in the final directory.

-quiet
buildrealms is prevented from printing any non-error output. This option and the
-verbose option are mutually exclusive.

-verbose
buildrealms prints a lot of information about what it is doing. This option and the
-quiet option are mutually exclusive.

-Version
Displays the version number.

-help
Displays a help message.

EXAMPLES


The following examples may help clarify the use of buildrealms. In each example, the
following realms file will be used.

realm "example"
state "active"
configdir "configs/example"
statedir "states/example"
realmdir "r-example"
rollrec "demo-example.rollrec"
administrator "[email protected]"
display "1"
manager "rollerd"
args "-loglevel phase -logfile log.example"
hoard "r-example"

realm "test"
state "active"
realmdir "r-test"
configdir "configs/test"
statedir "states/test"
rollrec "demo-test.rollrec"
manager "rollerd"
args "-loglevel tmi -logfile log.test"
display "1"
hoard "r-test"

CREATE EXAMPLE
Each realm record contains a hoard field that buildrealms will use to find that realm's
files. After running buildrealms demo.realm create with the realms file above, the
following directories will be created:

staging-buildrealms/
staging-buildrealms/configs/
staging-buildrealms/configs/example/
staging-buildrealms/configs/example/dnssec-tools/
staging-buildrealms/configs/test/
staging-buildrealms/configs/test/dnssec-tools/

staging-buildrealms/r-example/
staging-buildrealms/r-example/dnssec-tools/
staging-buildrealms/r-test/
staging-buildrealms/r-test/dnssec-tools/

staging-buildrealms/states/
staging-buildrealms/states/example/
staging-buildrealms/states/example/key-archive/
staging-buildrealms/states/test/
staging-buildrealms/states/test/key-archive/

The following files will be moved into the staging area. In the interests of brevity this
is only a subset of files moved to the staging area; most of the key files have not been
included:

staging-buildrealms/demo.realm

staging-buildrealms/configs/example/dnssec-tools/dnssec-tools.conf
staging-buildrealms/configs/test/dnssec-tools/dnssec-tools.conf

staging-buildrealms/r-example/demo-example.rollrec
staging-buildrealms/r-example/demo.com
staging-buildrealms/r-example/demo.com.signed
staging-buildrealms/r-example/dsset-demo.com.
staging-buildrealms/r-example/dsset-example.com.
staging-buildrealms/r-example/dsset-test.com.
staging-buildrealms/r-example/example.com
staging-buildrealms/r-example/example.com.signed
staging-buildrealms/r-example/Kdemo.com.+005+16933.key
staging-buildrealms/r-example/Kdemo.com.+005+16933.private
staging-buildrealms/r-example/test.com
staging-buildrealms/r-example/test.com.signed

staging-buildrealms/r-test/demo-test.rollrec
staging-buildrealms/r-test/dev.com
staging-buildrealms/r-test/dev.com.signed
staging-buildrealms/r-test/dsset-dev.com.
staging-buildrealms/r-test/dsset-test.com.
staging-buildrealms/r-test/Ktest.com.+005+34236.key
staging-buildrealms/r-test/Ktest.com.+005+34236.private
staging-buildrealms/r-test/test.com
staging-buildrealms/r-test/test.com.signed

TREES EXAMPLE
After running buildrealms demo.realm trees with the realms file above, the following
directories will be created:

staging-buildrealms/
staging-buildrealms/configs/
staging-buildrealms/configs/example/
staging-buildrealms/configs/example/dnssec-tools/
staging-buildrealms/configs/test/
staging-buildrealms/configs/test/dnssec-tools/

staging-buildrealms/r-example/
staging-buildrealms/r-test/

staging-buildrealms/states/
staging-buildrealms/states/example/
staging-buildrealms/states/test/

No additional files or directories are created by this command.

COPYRIGHT


Copyright 2012-2014 SPARTA, Inc. All rights reserved.

Use buildrealmsp online using onworks.net services


Free Servers & Workstations

Download Windows & Linux apps

Linux commands

  • 1
    a2crd
    a2crd
    a2crd - attempts the conversion of
    lyrics file into chordii input ...
    Run a2crd
  • 2
    a2j
    a2j
    a2j - Wrapper script to simulate
    a2jmidid's non-DBUS behaviour though
    a2jmidid actually being in DBUS mode ...
    Run a2j
  • 3
    cowpoke
    cowpoke
    cowpoke - Build a Debian source package
    in a remote cowbuilder instance ...
    Run cowpoke
  • 4
    cp
    cp
    cp - copy files and directories ...
    Run cp
  • 5
    gbnlreg
    gbnlreg
    gbnlreg - Non linear regression ...
    Run gbnlreg
  • 6
    gbonds
    gbonds
    gbonds - U.S. savings bond inventory
    program for GNOME ...
    Run gbonds
  • More »

Ad