From: David VaĊĦek Date: Fri, 13 Aug 2021 21:45:10 +0000 (+0200) Subject: doc/knotc: mention the necessary directory permissions for zone-flush, zone-backup... X-Git-Tag: v3.1.2~51 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a0b8a502820d0e2392215cb78cef55e57d86d009;p=thirdparty%2Fknot-dns.git doc/knotc: mention the necessary directory permissions for zone-flush, zone-backup, and zone-restore --- diff --git a/doc/man/knotc.8in b/doc/man/knotc.8in index 0a5d4cac6c..116085115d 100644 --- a/doc/man/knotc.8in +++ b/doc/man/knotc.8in @@ -128,7 +128,8 @@ offline. (#) \fBzone\-flush\fP [\fIzone\fP\&...] [\fB+outdir\fP \fIdirectory\fP] Trigger a zone journal flush to the configured zone file. If an output directory is specified, the current zone is immediately dumped (in the -blocking mode) to a zone file in the specified directory. (#) +blocking mode) to a zone file in the specified directory. See +\fI\%Notes\fP below about the directory permissions. (#) .TP \fBzone\-backup\fP [\fIzone\fP\&...] \fB+backupdir\fP \fIdirectory\fP [\fIfilter\fP\&...] Trigger a zone data and metadata backup to a specified directory. @@ -141,13 +142,15 @@ or omitted from the backup. By default, filters \fB+zonefile\fP, \fB+timers\fP, \fB+kaspdb\fP, \fB+catalog\fP, and \fB+nojournal\fP are set. Setting a filter for an item doesn\(aqt change default settings for other items. If zone flushing is disabled, original zone file is backed up instead of writing out zone -contents to a file. (#) +contents to a file. See \fI\%Notes\fP below about the directory +permissions. (#) .TP \fBzone\-restore\fP [\fIzone\fP\&...] \fB+backupdir\fP \fIdirectory\fP [\fIfilter\fP\&...] Trigger a zone data and metadata restore from a specified backup directory. Optional filters are equivalent to the same filters of \fBzone\-backup\fP\&. Restore from backups created by Knot DNS releases prior to 3.1 is possible -with the force option. (#) +with the force option. See \fI\%Notes\fP below about the directory +permissions. (#) .TP \fBzone\-sign\fP [\fIzone\fP\&...] Trigger a DNSSEC re\-sign of the zone. Existing signatures will be dropped. @@ -259,7 +262,7 @@ Set the item data in the transaction. \fBconf\-unset\fP [\fIitem\fP] [\fIdata\fP\&...] Unset the item data in the transaction. .UNINDENT -.SS Note +.SS Notes .sp Empty or \fB\-\-\fP \fIzone\fP parameter means all zones or all zones with a transaction. .sp @@ -285,6 +288,11 @@ The \fIOK\fP response to triggering commands means that the command has been suc sent to the server. To verify if the operation succeeded, it\(aqs necessary to check the server log. .UNINDENT +.sp +Actions \fBzone\-flush\fP, \fBzone\-backup\fP, and \fBzone\-restore\fP are carried out by +the \fIknotd\fP process. The directory specified must be accessible to the user account +that \fIknotd\fP runs under and if the directory already exists, its permissions must be +appropriate for that user account. .SS Interactive mode .sp The utility provides interactive mode with basic line editing functionality, diff --git a/doc/man_knotc.rst b/doc/man_knotc.rst index e992f2aba7..f362c239ba 100644 --- a/doc/man_knotc.rst +++ b/doc/man_knotc.rst @@ -105,7 +105,8 @@ Actions **zone-flush** [*zone*...] [**+outdir** *directory*] Trigger a zone journal flush to the configured zone file. If an output directory is specified, the current zone is immediately dumped (in the - blocking mode) to a zone file in the specified directory. (#) + blocking mode) to a zone file in the specified directory. See + :ref:`Notes` below about the directory permissions. (#) **zone-backup** [*zone*...] **+backupdir** *directory* [*filter*...] Trigger a zone data and metadata backup to a specified directory. @@ -118,13 +119,15 @@ Actions **+kaspdb**, **+catalog**, and **+nojournal** are set. Setting a filter for an item doesn't change default settings for other items. If zone flushing is disabled, original zone file is backed up instead of writing out zone - contents to a file. (#) + contents to a file. See :ref:`Notes` below about the directory + permissions. (#) **zone-restore** [*zone*...] **+backupdir** *directory* [*filter*...] Trigger a zone data and metadata restore from a specified backup directory. Optional filters are equivalent to the same filters of **zone-backup**. Restore from backups created by Knot DNS releases prior to 3.1 is possible - with the force option. (#) + with the force option. See :ref:`Notes` below about the directory + permissions. (#) **zone-sign** [*zone*...] Trigger a DNSSEC re-sign of the zone. Existing signatures will be dropped. @@ -236,8 +239,10 @@ Actions **conf-unset** [*item*] [*data*...] Unset the item data in the transaction. -Note -.... +.. _notes: + +Notes +..... Empty or **--** *zone* parameter means all zones or all zones with a transaction. @@ -262,6 +267,11 @@ Responses returned by *knotc* commands depend on the mode: sent to the server. To verify if the operation succeeded, it's necessary to check the server log. +Actions **zone-flush**, **zone-backup**, and **zone-restore** are carried out by +the `knotd` process. The directory specified must be accessible to the user account +that `knotd` runs under and if the directory already exists, its permissions must be +appropriate for that user account. + Interactive mode ................