Donutsd is the daemonized version of donuts. It provides the same functionality, but will run in the background and notify (usually by email) an administrator whenever changes are detected in the zone file. This includes noticing when a zone is about to expire (i.e. when RRSIG records in the signed zone file are about to expire).
Getting started with donutsd
The zones to check can be configured on the command line, e.g.:
> donutsd -v /var/named/example.com.signed example.com email@example.com running donuts on /var/named/example.com.signed/example.com running: donuts /var/named/example.com.signed example.com > /tmp/donutsd/example.com.new 2>&1 comparing results from last run output changed; mailing firstname.lastname@example.org about /var/named/example.com.signed running: tail -1 /tmp/donutsd/example.com.new >> /tmp/donutsd/donuts.summary.new /tmp/donutsd/example.com.new => /tmp/donutsd/example.com /tmp/donutsd/donuts.summary.new => /tmp/donutsd/donuts.summary sleeping for 86400 <ctr-c> >
An administrator will receive an email similar to the following(the zone file in this example has an RR type that donuts does not recognize).
From: email@example.com Subject: donuts output for zone: example.com To: firstname.lastname@example.org Date: Mon, 25 Feb 2008 16:43:35 -0800 (PST) The donuts dns zone-file syntax checker was run on the "example.com" and there were resulting errors or errors that have changed since the last run. The results of this run of donuts can be found below: You will not receive another message until the output from donuts has changed. ---------------------------------------------------------------------- /var/named/example.com.signed:44 unrecognized type WARNING: failed to read /var/named/example.com.signed for an unknown reason unrecognized type, line 44
For single or several zones, the command line is an okay way to configure donutsd, but zone information can also be configured from a file. The simplest file is a text file that contains the same zone info as the command line but on separate lines:
> cat donutsd-zones.txt db.zonefile1.com zone1.com email@example.com db.zonefile2.com zone2.com firstname.lastname@example.org,email@example.com >
and run by:
> donutsd -i /etc/named/donutsd-zones.txt & >
For even greater control, an XML formatted file can be used. See the Manual page for more details.