Section: User Contributed Perl Documentation (3)
Net::DNS::SEC::Tools::conf - DNSSEC-Tools configuration routines.
use Net::DNS::SEC::Tools::conf; %dtconf = parseconfig(); %dtconf = parseconfig("localzone.keyrec"); cmdcheck(\%options_hashref); $prefixdir = getprefixdir(); $confdir = getconfdir(); $conffile = getconffile(); $statedir = getlocalstatedir(); erraction(ERR_MSG); err("unable to open keyrec file",1);
The routines in this module perform configuration operations. Some routinesaccess the DNSSEC-Tools configuration file, while others validate theexecution environment.
The DNSSEC tools have a configuration file for commonly used values. Thesevalues are the defaults for a variety of things, such as encryption algorithmand encryption key length. The Net::DNS::SEC::Tools::conf module providesmethods for accessing the configuration data in this file.
dnssec-tools.conf is the filename for the DNSSEC tools configuration file.The full path depends on how DNSSEC-Tools was configured; see the DIRECTORIESsection for the complete path. The paths required by conf.pm are set atDNSSEC-Tools configuration time.
The DNSSEC tools configuration file consists of a set of configuration valueentries, with only one entry per line. Each entry has the ``keyword value''format. During parsing, the line is broken into tokens, with tokens beingseparated by spaces and tabs. The first token in a line is taken to be thekeyword. All other tokens in that line are concatenated into a single string,with a space separating each token. The untokenized string is added to a hashtable, with the keyword as the value's key.
Comments may be included by prefacing them with the '#' or ';' commentcharacters. These comments can encompass an entire line or may follow aconfiguration entry. If a comment shares a line with an entry, valuetokenization stops just prior to the comment character.
An example configuration file follows:
# Sample configuration entries. algorithm rsasha1 # Encryption algorithm. ksk_length 1024 ; KSK key length.
Another aspect of DNSSEC-Tools configuration is the error action used by theDNSSEC-Tools Perl modules. The action dictates whether an error conditionwill only give an error return, print an error message to STDERR, or print anerror message and exit. The erraction() and err() interfaces are usedfor these operations.
- This routine reads and parses the system's DNSSEC tools configuration file.The parsed contents are put into a hash table, which is returned to the caller.
- This routine reads and parses a caller-specified DNSSEC tools configurationfile. The parsed contents are put into a hash table, which is returned tothe caller. The routine quietly returns if the configuration file does notexist.
- This routine ensures that the needed commands are available andexecutable. If any of the commands either don't exist or aren't executable,then an error message will be given and the process will exit. If all iswell, everything will proceed quietly onwards.
The commands keys currently checked are zonecheck, keygen, andzonesign. The pathnames for these commands are found in the given optionshash referenced by %options_hashref. If the hash doesn't contain an entryfor one of those commands, it is not checked.
- This routine returns the name of the DNSSEC-Tools configuration directory.
- This routine returns the name of the DNSSEC-Tools configuration file.
- This routine returns the name of the DNSSEC-Tools prefix directory.
- This routine returns the name of the local state directory.
- This routine returns the name of the local state directory just likegetlocalstatedir() but also creates the path if it doesn't exist and ifthe File::Path module is loadable (should be true on all modern perl).
If the optional SUFFIX is passed in, it's expected to be asub-directory to create. It is appended to the return value as well.
- This interface sets the error action for DNSSEC-Tools Perl modules.The valid actions are:
ERR_SILENT Do not print an error message, do not exit. ERR_MSG Print an error message, do not exit. ERR_EXIT Print an error message, exit.
ERR_SILENT is the default action.
The previously set error action is returned.
- err(error message,exit_code
- The err() interface is used by the DNSSEC-Tools Perl modules to reportan error and exit, depending on the error action.
The first argument is an error message to print --- if the error action allowserror messages to be printed.
The second argument is an exit code --- if the error action requires that theprocess exit.
The default directories for this installation are:
prefix : /usr sysconf : /etc localstatedir : /var DNSSEC-Tools configuration file: /etc/dnssec-tools
These can be overridden using the following environmental variables:
prefix : DT_PREFIX sysconf : DT_SYSCONFDIR localstatedir : DT_STATEDIR
Copyright 2004-2009 SPARTA
, Inc. All rights reserved.See the COPYING
file included with the DNSSEC-Tools package for details.
Wayne Morrison, tewokAATTusers.sourceforge.net
- SEE ALSO
This document was created byman2html,using the manual pages.