autotrust(8)
NAME
autotrust - automated updates of DNSSEC trust anchors.
SYNOPSIS
autotrust [-c configfile] [-d] [-h] [-v verbosity]
DESCRIPTION
autotrust is a standalone application that automatically updates DNSSEC
trust anchors. These can be used for DNSSEC aware resolvers like
Unbound or BIND9. It is compliant with RFC 5011, with the exception of
query intervals and retry times. In order to follow these time recommendations, autotrust should run as a daemon. It is to be called from
the commandline once in a while, or from a cron job.
OPTIONS
All the configurations need to be set in the configuration file. For
more information, see the autotrust.conf.sample.
- -c configfile
- Use this configfile.
- -d Run as daemon.
- -h Print help information and exit.
- -v verbosity
- Specify a verbosity level. Setting it to zero will produce no output. Default verbosity level is 1. If verbosity is given in the configfile, the commandline value will be overrided.
FILES
- /etc/autotrust/autotrust.conf
- default configuration file.
- /var/lib/autotrust/autotrust.state default file to store trust anchor state.
DIAGNOSTICS
autotrust will log all notifications and problems to the specified logfile. If no logfile was specified, output is directed to stderr. If autotrust is not daemonized, it will perform a single active refresh and will return zero code if the refresh was successfull, 1 otherwise.
AUTHORS
autotrust was written by NLnet Labs.
BUGS
- Bugreports can be send to autotrust-users@nlnetlabs.nl. See TODO for
more information.