summaryrefslogtreecommitdiff
path: root/man/knotc.8.in
blob: f845c96ca5b840d38584c2ed6e196436befbd9b9 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
.TH knotc "8" "September 2012" "CZ.NIC Labs" "Knot DNS, version @VERSION@"
.SH NAME
.B knotc
\- Knot DNS control utility
.SH SYNOPSIS
.B knotc
[\fIparameters\fR] \fI<action>\fR [\fIaction_args\fR]
.SH DESCRIPTION
.SS "Parameters:"
.HP
\fB\-c\fR [file], \fB\-\-config\fR=\fI[file]\fR Select configuration file.
.TP
\fB\-s\fR [server]\fR Remote UNIX socket/IP address (default @rundir@/knot.sock)
.TP
\fB\-p\fR [port]\fR Remote server port (only for IP).
.TP
\fB\-y\fR [hmac:]name:key]\fR Use key_id for specified on the command line.
.TP
\fB\-k\fR [file]\fR Use key file (as in config section 'keys').
f.e. echo "knotc-key hmac-md5 Wg==" > knotc.key
If you omit algorithm, hmac-md5 will be used as default.
.TP
\fB\-f\fR, \fB\-\-force\fR
Force operation \- override some checks.
.TP
\fB\-v\fR, \fB\-\-verbose\fR
Verbose mode \- additional runtime information.
.TP
\fB\-V\fR, \fB\-\-version\fR
Print knot server version.
.TP
\fB\-w\fR, \fB\-\-wait\fR
Wait for the server to finish start/stop operations.
.TP
\fB\-i\fR, \fB\-\-interactive\fR
Interactive mode (do not daemonize).
.TP
\fB\-h\fR, \fB\-\-help\fR
Print help and usage.
.SS "Actions:"
.TP
start
Start knot server daemon (no\-op if running).
.TP
stop
Stop knot server daemon (no\-op if not running).
.TP
restart
Stops and then starts knot server daemon.
.TP
reload
Reload knot configuration and zones.
.TP
flush
Flush journal and update zone files.
.TP
status
Check if server is running.
.TP
zonestatus
Show status of configured zones.
.TP
refresh
Refresh slave zones (all if not specified).
.TP
checkconf
Check server configuration.
.TP
checkzone
Check zones before compiling (accepts specific zones, f.e. 'knotc checkzone example1.com example2.com').
.TP
memstats
Estimate memory consumption for zone files. Useful mainly for big zones.
.SS "EXAMPLES"
.TP
.B Setup a keyfile for remote control
.TP
1. Generate keys
dnssec-keygen -a hmac-md5 -b 256 -n HOST knotc-key
.TP
2. Extract secret in base64 format and create keyfile
echo "knotc-key hmac-md5 <secret>" > knotc.key

Make sure the key can be read/written only by owner for
security reasons.
.TP

.B Reload server remotely
knotc -s 127.0.0.1 -k knotc.key reload
.SH "SEE ALSO"
The full documentation for
.B Knot
is maintained as a Texinfo manual.  If the
.B info
and
.B Knot
programs are properly installed at your site, the command
.IP
.B info Knot
.PP
should give you access to the complete manual.