1YADIFA(8)                           YADIFA                           YADIFA(8)
2
3
4

NAME

6       YADIFA is an utility for controlling YADIFAD
7

SYNOPSIS

9       yadifa  module  [--config|-c  configfile]  [--server|-s  host] [@host ]
10       [--port|-p port] [-K key-name] [--version|-V] [-h] [--verbose|-v]  [-t]
11       command [[-q] zone]
12

DESCRIPTION

14       yadifa  controls  the  operation  of  yadifad  with  its control module
15       (ctrl), part of the YADIFA distribution from EURid vzw/asbl. The latest
16       version of YADIFA can be found on:
17                            http://www.yadifa.eu/download
18
19
20       yadifa communicates with a name server over a TCP connection.  Messages
21       are authenticated using a TSIG signature. The key is  a  secret  shared
22       between  client  and server.  The key can be defined using a <key> sec‐
23       tion both in the client and the server.  Additionally, the  client  ac‐
24       cepts  a full definition as a command line option.  Note that using au‐
25       thentication is mandatory when using the control module.
26
27       For details about the key, see the manual or the TSIG section below.
28

MODULES

30       *      ctrl command Controls yadifad.
31

SIMPLE USAGE

33       For controlling yadifad a command can be:
34
35   NORMAL USE CASE
36       yadifa ctrl @server -t command -q argument
37
38   FRIENDLIER USE CASE
39       yadifa ctrl @server command argument
40
41       ctrl Module used for controlling yadifad
42
43       server Is the IP address of the name server to control. If no  "server"
44       argument is given yadifa.rc will be checked.
45
46       command Is the command to be invoked
47
48       argument Depending the command this can be e.g. a domain name.
49
50   EXAMPLE
51       yadifa ctrl @127.0.0.1 freeze somedomain.eu
52

OPTIONS

54       [--config|-c configfile]
55               Another config file will be used.
56
57       [--server|-s host] | [ @host ]
58               Host is the remote server to operate.
59
60              e.g.:
61
62
63              yadifa --server 192.0.2.1
64
65              yadifa @192.0.2.1
66
67              By  default  the DNS port is used. A port can be specified along
68              with the IP address:
69
70              e.g.:
71
72
73              yadifa --server "192.0.2.1 port 5353"
74
75              yadifa @"192.0.2.1 port 5353"
76
77       [--port|-p port]
78               Changes the DNS port. (default: 53)
79
80       [-K key-name]
81               Name of the key to be used for the controller. It needs to have
82              been defined using a <key> section. (default: 'ctrl-key')
83
84       [-y hmac-algorithm:key-name:base64-key]
85               Definition of the key to be used for the controller.
86
87              hmac-algorithm
88                      Optional,  can  be:  hmac-md5,  hmac-sha1,  hmac-sha224,
89                     hmac-256, hmac-384, hmac-512. (default: hmac-md5)
90
91              key-name
92                      is the fqdn of the key.
93
94              base64-key
95                      is a base64 encoding of the key bytes.
96
97              e.g.:
98
99
100              -y hmac-sha1:our-shared-secret:ThisIsASecretShared=
101
102              -y our-shared-secret:ThisIsASecretShared=
103
104       [--verbose|-v]
105               Verbose output.
106
107       [--version|-V]
108               Show version information.
109
110       [--help|-h]
111               Show a help text
112

COMMANDS

114       [-t] cfgreload
115               Reload the settings from the configuration file on disk.
116
117       [-t] freeze [-q] zone
118               Disables dynamic updates to a zone.
119
120       [-t] freezeall [-q] zone
121               Disables dynamic updates to every zone currently loaded.
122
123       [-t] loglevel level
124               Sets the log level to the given value (0-15), 6 =  INFO,  15  =
125              ALL.
126
127       [-t] logreopen
128               Close all log files and reopens them.
129
130       [-t] notify
131               Sends notifies to slaves of these zones.
132
133       [-t] querylog [enable|disable]
134               Sets the log for queries on or off (default: enable).
135
136       [-t] reload [-q] zone
137               Triggers  the  loading of the zone file(s) if the serial number
138              is incremented.
139
140       [-t] shutdown
141               Shuts down the server.
142
143       [-t] sync [-q] [zone] [clean]
144               Write the zone to disk and optionally cleans up the journal.
145
146       [-t] thaw [-q] [zone]
147               Enables dynamic updates to a zone.
148
149       [-t] thawall
150               Enables dynamic updates to every zone.
151
152       [-t] unfreeze [-q] [zone]
153               Enables dynamic updates to a zone.
154
155       [-t] unfreezeall
156               Enables dynamic updates to every zone.
157
158       [-t] zonecfgreload
159              [-q zone]
160               Reload the zone  information  in  the  configuration  file  and
161              reload the zone file(s) with increased serial number.
162

TSIG KEYS

164       TSIG keys are used for authentication of messages.
165       Their use is mandatory in the controller module.
166
167       Several digest algorithms are supported for the TSIG key:
168
169              *      hmac-md5
170
171              *      hmac-sha1
172
173              *      hmac-sha224
174
175              *      hmac-sha256
176
177              *      hmac-sha384
178
179              *      hmac-sha512
180
181       Several  methods can be used to generate the base64-encoded sequence of
182       bytes for the secret:
183
184       *      %openssl rand -base64 32
185
186       *      %dd if=/dev/random count=1 bs=32 2>/dev/null|base64
187
188       *      %dd if=/dev/urandom count=1 bs=32 2>/dev/null|base64
189
190       e.g.:
191
192       #!/bin/sh
193       # TSIG key generation example
194       # can a
195       key_algorithm="hmac-sha256"
196       key_name="secretkey"
197       key_secret=$(openssl rand -base64 32)
198       if [ ! "x$1" == "x" ]
199       then
200            key_name="$1"
201       fi
202
203       echo "# Encoded for the yadifa command-line: -y $key_algorithm:$key_name:$key_secret"
204       echo
205       echo "<key>"
206       echo "algorithm $key_algorithm"
207       echo "name $key_name"
208       echo "secret $key_secret"
209       echo "</key>"
210
211

FILES

213       yadifa
214               The name server remote client.
215
216       ${SYSCONFDIR}/yadifa.conf
217               default yadifa configuration file.
218
219       ${HOME}/.yadifa.rc
220               default rcfile.
221
222       yadifa.conf.5
223               Configuration man page for yadifa.
224
225       yadifa.rc.5
226               Configuration man page for yadifa.
227
228       yadifa.8
229               This man page.
230

SEE ALSO

232       yadifa.conf(5) yadifa.rc(5) yadifad(8)
233

REQUIREMENTS

235       OpenSSL
236              yadifad requires OpenSSL version 1.1.1 or later.
237

CHANGES

239       Please check the ChangeLog file from the sources code.
240

VERSION

242       Version: 2.6.4 of 2023-03-01.
243

MAILINGLIST

245       There is a mailinglist for questions relating to  any  program  in  the
246       yadifa package:
247
248       *      yadifa-users@mailinglists.yadifa.eu
249              for submitting questions/answers.
250
251       *      http://www.yadifa.eu/mailing-list-users
252              for subscription requests.
253
254       If  you  would  like  to  stay informed about new versions and official
255       patches send a subscription request to via:
256
257       *      http://www.yadifa.eu/mailing-list-announcements
258
259       (this is a read-only list).
260
262       Copyright
263              (C)2011-2023, EURid
264              B-1831 Diegem, Belgium
265              info@yadifa.eu
266

AUTHORS

268       Gery Van Emelen
269       Email: Gery.VanEmelen@EURid.eu
270       Eric Diaz Fernandez
271       Email: Eric.DiazFernandez@EURid.eu
272
273       WWW: http://www.EURid.eu
274
275YADIFA                            2023-03-01                         YADIFA(8)
Impressum