Skip to content

Add knotc freeze/thaw/edit

  • knotc freeze <zone> would freeze domain so it will refuse all non-manual updates (XFR, DDNS, auto-DNSSEC-signing).

  • knotc thaw <zone> will do opposite

  • knotc edit <zone> will:

    1. freeze
    2. launch $EDITOR
    3. syntax check
    4. update
    5. thaw

It should also protect the zonefile from modification (000?) on the disk, copy the zone contents to the temporary file and edit it there, so the updates to the zonefile are atomic.

As an option, it could strip the auto-DNSSEC records from the zone, so the user will just see the plain zone.