Commit f1d437b7 authored by Daniel Salzman's avatar Daniel Salzman

knotc: some documentation improvements

parent e5a52bff
......@@ -123,12 +123,25 @@ directory.
.TP
\fBzone\-sign\fP [\fIzone\fP\&...]
Trigger a DNSSEC re\-sign of the zone. Existing signatures will be dropped.
This command is valid for zones with automatic DNSSEC signing.
This command is valid for zones with DNSSEC signing enabled.
.TP
\fBzone\-key\-rollover\fP \fIzone\fP \fIkey_type\fP
On the specified zone with automatic DNSSEC signing and key management,
even when the key has a lifetime to go, publish new key and immediately
start the key rollover. Key type can be \fBksk\fP (also for CSK) or \fBzsk\fP\&.
Trigger immediate key rollover. Publish new key and start a key rollover,
even when the key has a lifetime to go. Key type can be \fBksk\fP (also for CSK)
or \fBzsk\fP\&. This command is valid for zones with DNSSEC signing and automatic
key management enabled.
.TP
\fBzone\-ksk\-submitted\fP \fIzone\fP\&...
Use when the zone\(aqs KSK rollover is in submittion phase. By calling this command
the user confirms manually that the parent zone contains DS record for the new
KSK in submission phase and the old KSK can be retired.
.TP
\fBzone\-freeze\fP [\fIzone\fP\&...]
Temporarily postpone zone\-changing events (load, refresh, update, flush, and
DNSSEC signing).
.TP
\fBzone\-thaw\fP [\fIzone\fP\&...]
Dismiss zone freeze.
.TP
\fBzone\-read\fP \fIzone\fP [\fIowner\fP [\fItype\fP]]
Get zone data that are currently being presented.
......@@ -166,18 +179,6 @@ be purged in this case).
Show zone statistics counter(s). To print also counters with value 0, use
force option.
.TP
\fBzone\-freeze\fP [\fIzone\fP\&...]
Temporarily postpone zone\-changing events (load, refresh, update, flush, and
DNSSEC signing).
.TP
\fBzone\-thaw\fP [\fIzone\fP\&...]
Dismiss zone freeze.
.TP
\fBzone\-ksk\-submitted\fP \fIzone\fP
Use when the zone\(aqs KSK rollover is in submittion phase. By calling this command
the user confirms manually that the parent zone contains DS record for the new
KSK in submission phase and the old KSK can be retired.
.TP
\fBconf\-init\fP
Initialize the configuration database. (*)
.TP
......
......@@ -100,12 +100,25 @@ Actions
**zone-sign** [*zone*...]
Trigger a DNSSEC re-sign of the zone. Existing signatures will be dropped.
This command is valid for zones with automatic DNSSEC signing.
This command is valid for zones with DNSSEC signing enabled.
**zone-key-rollover** *zone* *key_type*
On the specified zone with automatic DNSSEC signing and key management,
even when the key has a lifetime to go, publish new key and immediately
start the key rollover. Key type can be **ksk** (also for CSK) or **zsk**.
Trigger immediate key rollover. Publish new key and start a key rollover,
even when the key has a lifetime to go. Key type can be **ksk** (also for CSK)
or **zsk**. This command is valid for zones with DNSSEC signing and automatic
key management enabled.
**zone-ksk-submitted** *zone*...
Use when the zone's KSK rollover is in submittion phase. By calling this command
the user confirms manually that the parent zone contains DS record for the new
KSK in submission phase and the old KSK can be retired.
**zone-freeze** [*zone*...]
Temporarily postpone zone-changing events (load, refresh, update, flush, and
DNSSEC signing).
**zone-thaw** [*zone*...]
Dismiss zone freeze.
**zone-read** *zone* [*owner* [*type*]]
Get zone data that are currently being presented.
......@@ -143,18 +156,6 @@ Actions
Show zone statistics counter(s). To print also counters with value 0, use
force option.
**zone-freeze** [*zone*...]
Temporarily postpone zone-changing events (load, refresh, update, flush, and
DNSSEC signing).
**zone-thaw** [*zone*...]
Dismiss zone freeze.
**zone-ksk-submitted** *zone*
Use when the zone's KSK rollover is in submittion phase. By calling this command
the user confirms manually that the parent zone contains DS record for the new
KSK in submission phase and the old KSK can be retired.
**conf-init**
Initialize the configuration database. (*)
......
......@@ -1096,7 +1096,7 @@ const cmd_desc_t cmd_table[] = {
{ CMD_ZONE_FLUSH, cmd_zone_filter_ctl, CTL_ZONE_FLUSH, CMD_FOPT_ZONE },
{ CMD_ZONE_SIGN, cmd_zone_ctl, CTL_ZONE_SIGN, CMD_FOPT_ZONE },
{ CMD_ZONE_KEY_ROLL, cmd_zone_key_roll_ctl, CTL_ZONE_KEY_ROLL, CMD_FREQ_ZONE },
{ CMD_ZONE_KSK_SBM, cmd_zone_ctl, CTL_ZONE_KSK_SBM, CMD_FREQ_ZONE },
{ CMD_ZONE_KSK_SBM, cmd_zone_ctl, CTL_ZONE_KSK_SBM, CMD_FREQ_ZONE | CMD_FOPT_ZONE },
{ CMD_ZONE_FREEZE, cmd_zone_ctl, CTL_ZONE_FREEZE, CMD_FOPT_ZONE },
{ CMD_ZONE_THAW, cmd_zone_ctl, CTL_ZONE_THAW, CMD_FOPT_ZONE },
......@@ -1143,8 +1143,8 @@ static const cmd_help_t cmd_help_table[] = {
{ CMD_ZONE_RETRANSFER, "[<zone>...]", "Force slave zone retransfer (no serial check)." },
{ CMD_ZONE_FLUSH, "[<zone>...] [<filter>...]", "Flush zone journal into the zone file." },
{ CMD_ZONE_SIGN, "[<zone>...]", "Re-sign the automatically signed zone." },
{ CMD_ZONE_KEY_ROLL, "<zone> <keytype>", "Trigger an immediate key rollover on a zone with automatic key management." },
{ CMD_ZONE_KSK_SBM, "<zone>", "\b\b\bWhen KSK submission, confirm parent's DS presence manually." },
{ CMD_ZONE_KEY_ROLL, "<zone> <keytype>", "Trigger immediate key rollover." },
{ CMD_ZONE_KSK_SBM, "<zone>...", "When KSK submission, confirm parent's DS presence." },
{ CMD_ZONE_FREEZE, "[<zone>...]", "Temporarily postpone automatic zone-changing events." },
{ CMD_ZONE_THAW, "[<zone>...]", "Dismiss zone freeze." },
{ "", "", "" },
......@@ -1181,7 +1181,7 @@ void print_commands(void)
printf("\nActions:\n");
for (const cmd_help_t *cmd = cmd_help_table; cmd->name != NULL; cmd++) {
printf(" %-15s %-38s %s\n", cmd->name, cmd->params, cmd->desc);
printf(" %-18s %-38s %s\n", cmd->name, cmd->params, cmd->desc);
}
printf("\n"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment