1ROLLCHK(1)            User Contributed Perl Documentation           ROLLCHK(1)
2
3
4

NAME

6       rollchk - Check a DNSSEC-Tools rollrec file for problems and inconsis‐
7       tencies.
8

SYNOPSIS

10         rollchk [-roll ⎪ -skip] [-count] [-quiet] [-verbose] [-help] rollrec-file
11

DESCRIPTION

13       This script checks the rollrec file specified by rollrec-file for prob‐
14       lems and inconsistencies.
15
16       Recognized problems include:
17
18       * non-existent rollrec file
19           The specified rollrec file does not exist.
20
21       * no zones defined
22           No zones are defined in the specified rollrec file.
23
24       * invalid KSK rollover phase
25           A zone has an invalid KSK rollover phase.  These phases may be 0,
26           1, 2, 3, 4, 5, 6, or 7; any other value is invalid.
27
28       * mismatch in KSK timestamp data
29           A zone's KSK roll-seconds timestamp does not translate into the
30           date stored in its roll-date string.
31
32       * invalid ZSK rollover phase
33           A zone has an invalid ZSK rollover phase.  These phases may be 0,
34           1, 2, 3, or 4; any other value is invalid.
35
36       * mismatch in ZSK timestamp data
37           A zone's ZSK roll-seconds timestamp does not translate into the
38           date stored in its roll-date string.
39
40       * contemporaneous KSK and ZSK rollovers
41           A zone has a KSK rollover occurring at the same time as a ZSK
42           rollover.  A zone may only have one rollover phase be non-zero at a
43           time.
44
45       * in rollover without a phasestart
46           A zone is currently in rollover, but its rollrec record does not
47           have a phasestart field.
48
49       * empty administrator
50           A zone has an empty administrator field.  This field must contain
51           an email address.
52
53       * non-existent directory
54           Several checks are made for a zone's directory.  If the zone has a
55           directory specified, the directory must exist and it must be an
56           actual directory.
57
58       * invalid display flag
59           A zone has an invalid display flag.  This flag may be 0 or 1; any
60           other value is invalid.
61
62       * non-positive maxttl
63           The maximum TTL value must be greater than zero.
64
65       * zone file checks
66           Several checks are made for a zone's zone file.  The zone file must
67           exist, it must be a regular file, and it must not be of zero
68           length.
69
70       * keyrec file checks
71           Several checks are made for a zone's keyrec file.  The keyrec file
72           must exist, it must be a regular file, and it must not be of zero
73           length.
74

OPTIONS

76       -roll
77           Only display rollrecs that are active ("roll") records.  This
78           option is mutually exclusive of the -skip option.
79
80       -skip
81           Only display rollrecs that are inactive ("skip") records.  This
82           option is mutually exclusive of the -roll option.
83
84       -count
85           Display a final count of errors.
86
87       -quiet
88           Do not display messages.  This option supersedes the setting of the
89           -v option.
90
91       -verbose
92           Display many messages.  This option is subordinate to the -q
93           option.
94
95       -help
96           Display a usage message.
97

COPYRIGHT

99       Copyright 2006-2007 SPARTA, Inc.  All rights reserved.  See the COPYING
100       file included with the DNSSEC-Tools package for details.
101

AUTHOR

103       Wayne Morrison, tewok@users.sourceforge.net
104

SEE ALSO

106       lsroll(8), rollerd(8), rollinit(8)
107
108       Net::DNS::SEC::Tools::rollrec.pm(3)
109
110       file-rollrec(5)
111
112
113
114perl v5.8.8                       2007-09-14                        ROLLCHK(1)