ctys-dnsutil

June, 2010

NAME

ctys-dnsutil - supports display and validation of DNS data

SYNTAX

ctys-dnsutil


   [-c]
   [-C]
   [-d <debug-level>]
   [-h]
   [-H <help-options>]
   [-i]
   [-l <USER>]
   [-n]
   [--reverse <runtime states> 
         =
         [(REVERSE|R|-),]
         PING|SSH
         [,PM|VM]
       ]
   [-V]
   [-X]
   [<dns-server-list>]

DESCRIPTION

ctys-dnsutil supports the display of data which is mainly based on the data requested from DNS by usage of "host -l <server>" call. The only current application of this utility is to generate lists as input for additional processing or display. Extended queries are supported by 'ctys-vhost' utility (Address-Resolution) . It has to be recognised, that not all machines might be handled by a reachable DNS server. This is particularly true for VMs located within host-only-networks performing on isolated networks by means of routing.

One important application is the usage of this tool for the LIST action of plugins from PMs. The output list will be used as initial data set for actual available active PMs. Additional constraints related to actual runtime-state for members of raw-list will be applied for various tools and several post-analysis. The most basic checks are based on ping and ssh access checks, but the type of the machine - PM or VM - and the hierarchy could be evaluated by several approaches.

For an initial definition and assignment of a managed PM the "ctys-genpmconf" utility has to be executed. The generated data from the directory /etc/ctys.d/pm.conf is used as an final proof, that the polled TCP/IP-address is related to a PM. A VM is defined as a contained VM characterised by it's configuration file, which is in the case of current supported VMs an ASC-II file with specific syntax.

OPTIONS

ctys-dnsutil

-c: Uses "ctys-vhost" for PM/VM evaluation instead of polling the real instance. The basic implicit access checks for ping and ssh are still performed.
The databases for ctys-vhost has to be prepared, thus not usable for initial scan to generate that databases of course.

-C: Basically the same as "-c", but here no implicit dynamic checks are performed at all. The only dynamic evaluated data is the query of the DNS server.

-d <debug-level>: Same as ctys.

-h: Print help, refer to "-H" for additional information.

-H <help-option>: The extended help option is based on system interfaces for display of manpages, PDF and HTML documents. This comprises the man pages and installed manuals. For additional help refer to the documents or type ctys -H help.

-i <quad-dotted-IP>: Show numerical TCP/IP-Address. This is supported in combination with "-n" option only without "-X" option.

-l <USER>: Remote user to be used for network logins.
DEFAULT=CTYS_NETACCOUNT(DEFAULT->USER)

-n: Show TCP/IP-Address as name. This is supported in combination with "-i" option only without "-X" option.

--reverse <runtime states>

Restricts a set of multiple results with additional constrains for output.

Only the possible targets which are operable or actually operational are listed. This includes the actual running VM with it's hosting PM, and in addition all other operational machines, where the current VM is available too. This case is the most common for NFS based exec-pools, where a single VM could be accessed remotely by a number of PMs. This particularly offers the advantage of copyless-migration of online and offline VMs.

<runtime states>=[(REVERSE|R|-),]PING|SSH[,PM|VM]

REVERSE|R|- This reverses the resulting set, thus the "not matching" states only will be shown.
PING[:<packetcnt>[%<timeout>]] A RUNNING session is simply "ping-ed".
Resulting statement of operational mode may result on applied security policies, but not exclusively on the state of the running OS's IP-stack.
SSH A RUNNING session is additionally checked for SSH-connect by a dummy-interconnect.
On some nodes the timeout my take some time, so be patient when such a node is in the DNS query.
This option might be really senseful, once SSO is established and probably a common net-access-user with limited permissions for probing-only is configured.
"ssh" is the only and one state, which is an almost viable confirmation for the ability of establishing ctys connections.
PM Checks whether machine is a PM. Therefore first SSH-check is activated and performed, and on the remaining set of accessible machines the PM-check is performed.
PM accessibility is defined as the accessibility of the running OS on PM and the presence of the file "/etc/ctys.d/pm.conf".
VM Checks whether machine is a VM. Therefore first SSH-check is activated and performed, and on the remaining set of accessible machines the VM-check is performed.
VM accessibility is defined as the accessibility of the running OS on VM and the presence of the file "/etc/ctys.d/vm.conf".

-V: See ctys, version output.

-X: See ctys, terse for machine output.

ARGUMENTS

<dns-server-list>: Any DNS server to be used in "host" call.

EXIT-VALUES

0: OK:: Result is valid.
1: NOK:: Erroneous parameters.
2: NOK:: Missing an environment element like files or databases.

AUTHOR

Written and maintained by Arno-Can Uestuensoez:

Maintenance:	<<acue_sf1 (a) sourceforge net>>
Homepage:	<https://arnocan.wordpress.com>
Sourceforge.net:	<http://sourceforge.net/projects/ctys>
Project moved from Berlios.de to OSDN.net:	<https://osdn.net/projects/ctys>
Commercial:	<https://arnocan.wordpress.com>

COPYRIGHT

For BASE package following licenses apply,

for software see GPL3 for license conditions,
for documents see GFDL-1.3 with invariant sections for license conditions,

This document is part of the DOC package,

for documents and contents from DOC package see
'Creative-Common-Licence-3.0 - Attrib: Non-Commercial, Non-Deriv'

with optional extensions for license conditions.

For additional information refer to enclosed Releasenotes and License files.