Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Update database by importing contents of kasp.xml,  zonelist.xml or the repository list from conf.xml into a database (or all three). In each case For zonelist and conf the update replaces the existing contents of the database (but note the keys are not updated by any of these commands). This means For kasp the update replaces or adds to the existing content, but does not delete any policies. The command 'ods-ksmutil' policy purge can be used to remove polices with no zones associated with them. 

Note that 'update kasp' is equivalent to 'import policy' and 'update zonelist' is equivalent to 'import zonelist'.

...

Export a policy from the database in kasp.xml format. 

Options

Code Block
--policy <policy> | --all         aka -p / -a

...

Update the database with the contents of kasp.xml; identical to "update kasp".

Command: policy list

...

 (Note this does not delete any policies. The command 'ods-ksmutil

...

List policies available.' policy purge can be used to remove polices with no zones associated with them.)

Command:

...

policy list

Code Block
ods-ksmutil keypolicy list

List information about keys in zonepolicies available.Options

Command: policy purge (experimental)

Code Block
[ods--verbose]
--zone <zone> | --all        ksmutil policy purge

Delete all policies and associated keys if there are no zones currently using the policy. This command should be used with caution and it is recommended to backup your database before using it.

Command: key list

Code Block
ods-ksmutil key list

List information about keys in zone.

Options

Code Block
Pre 1.4.4:
[--verbose]
--zone <zone> | --all             aka -z / -a
(will appear soon
1.4.4 and later:
[--keystate <state>verbose]              aka -e [--keytype <type>]                aka -tv
[--dszone <zone>]                          aka  aka -d-z
[--keystate <state>| --all]    )
          aka -e / -a
[--keytype <type>]                       aka -t

By default:

  • keys for all zones are listed when using  'ods-ksmutil key list' 
  • the 'ods-ksmutil key list' command does not list keys in the GENERATE or DEAD state. 

In 1.4.4 the command was extended to support filters on key state and key type.

  • The --all option now results in a listing of keys in all key states, including GENERATE and DEAD

Command: key export

Code Block
ods-ksmutil key export

...