1CLEANKRF(1) User Contributed Perl Documentation CLEANKRF(1)
2
3
4
6 cleankrf - Clean a DNSSEC-Tools keyrec files of old data
7
9 cleankrf [options] <keyrec-files>
10
12 cleankrf cleans old data out of a set of DNSSEC-Tools keyrec files.
13 The old data are orphaned signing sets, orphaned keys, and obsolete
14 keys.
15
16 Orphaned signing sets are set keyrecs unreferenced by a zone keyrec.
17
18 Orphaned keys are KSK key keyrecs unreferenced by a zone keyrec and ZSK
19 key keyrecs unreferenced by any set keyrecs.
20
21 Obsolete keys are ZSK key keyrecs with a keyrec_type of zskobs.
22
23 cleankrf's exit code is the count of orphaned and obsolete keyrecs
24 found.
25
27 -count
28 Display a final count of old keyrecs found in the keyrec files.
29 This option allows the count to be displayed even if the -quiet
30 option is given.
31
32 -list
33 The key keyrecs are checked for old keyrecs, but they are not
34 removed from the keyrec file. The names of the old keyrecs are
35 displayed.
36
37 -rm Delete the key files, both .key and .private, from orphaned and
38 expired keyrecs.
39
40 -quiet
41 Display no output.
42
43 -verbose
44 Display output about referenced keys and unreferenced keys.
45
46 -help
47 Display a usage message.
48
50 Copyright 2004-2007 SPARTA, Inc. All rights reserved. See the COPYING
51 file included with the DNSSEC-Tools package for details.
52
54 Wayne Morrison, tewok@users.sourceforge.net
55
57 fixkrf(8), lskrf(8), zonesigner(8)
58
59 Net::DNS::SEC::Tools::keyrec.pm(3)
60
61 file-keyrec.pm(5)
62
63
64
65perl v5.8.8 2007-09-14 CLEANKRF(1)