mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-09-04 08:35:31 +00:00
Code Issues Releases Wiki Activity

added rndc-confgen man page

Browse Source
This commit is contained in:
Andreas Gustafsson
2001-08-28 17:29:35 +00:00
parent 28fc90e6c8
commit 259b1b8c03
4 changed files with 966 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
bin/rndc/Makefile.in
View File

@@ -13,7 +13,7 @@
# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION # NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. # WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
# $Id: Makefile.in,v 1.31 2001/08/03 22:03:10 gson Exp $ # $Id: Makefile.in,v 1.32 2001/08/28 17:29:34 gson Exp $
srcdir = @srcdir@ srcdir = @srcdir@
VPATH = @srcdir@ VPATH = @srcdir@
@@ -49,9 +49,9 @@ SUBDIRS = unix
TARGETS = rndc rndc-confgen TARGETS = rndc rndc-confgen
MANPAGES = rndc.8 rndc.conf.5 MANPAGES = rndc.8 rndc-confgen.8 rndc.conf.5
HTMLPAGES = rndc.html rndc.conf.html HTMLPAGES = rndc.html rndc-confgen.html rndc.conf.html
MANOBJS = ${MANPAGES} ${HTMLPAGES} MANOBJS = ${MANPAGES} ${HTMLPAGES}

134
bin/rndc/rndc-confgen.8 Normal file
View File

@@ -0,0 +1,134 @@
.\"
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
.\" DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
.\" INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
.\" FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.TH "RNDC-CONFGEN" "8" "Aug 27, 2001" "BIND9" ""
.SH NAME
rndc-confgen \- rndc key generation tool
.SH SYNOPSIS
.sp
\fBrndc-confgen\fR [ \fB-a\fR ] [ \fB-b \fIkeysize\fB\fR ] [ \fB-c \fIkeyfile\fB\fR ] [ \fB-h\fR ] [ \fB-k \fIkeyname\fB\fR ] [ \fB-p \fIport\fB\fR ] [ \fB-r \fIrandomfile\fB\fR ] [ \fB-s \fIaddress\fB\fR ] [ \fB-t \fIchrootdir\fB\fR ] [ \fB-u \fIuser\fB\fR ]
.SH "DESCRIPTION"
.PP
\fBrndc-confgen\fR generates configuration files
for \fBrndc\fR. It can be used as a
convenient alternative to writing the
\fIrndc.conf\fR file
and the corresponding \fBcontrols\fR
and \fBkey\fR
statements in \fInamed.conf\fR by hand.
Alternatively, it can be run with the \fB-a\fR
option to set up a \fIrndc.key\fR file and
avoid the need for a \fIrndc.conf\fR file
and a \fBcontrols\fR statement altogether.
.SH "OPTIONS"
.TP
\fB-a\fR
Do automatic \fBrndc\fR configuration.
This creates a file \fIrndc.key\fR
in \fI/etc\fR (or whatever
sysconfdir
was specified as when BIND was built)
that is read by both \fBrndc\fR
and \fBnamed\fR on startup. The
\fIrndc.key\fR file defines a default
command channel and authentication key allowing
\fBrndc\fR to communicate with
\fBnamed\fR with no further configuration.
Running \fBrndc-confgen -a\fR allows
BIND 9 and \fBrndc\fR to be used as drop-in
replacements for BIND 8 and \fBndc\fR,
with no changes to the existing BIND 8
\fInamed.conf\fR file.
.TP
\fB-b \fIkeysize\fB\fR
Specifies the size of the authentication key in bits.
Must be between 1 and 512 bits; the default is 128.
.TP
\fB-c \fIkeyfile\fB\fR
Used with the \fB-a\fR option to specify
an alternate location for \fIrndc.key\fR.
.TP
\fB-h\fR
Prints a short summary of the options and arguments to
\fBrndc-confgen\fR.
.TP
\fB-k \fIkeyname\fB\fR
Specifies the key name of the rndc authentication key.
This must be a valid domain name.
The default is rndc-key.
.TP
\fB-p \fIport\fB\fR
Specifies the command channel port where \fBnamed\fR
listens for connections from \fBrndc\fR.
The default is 953.
.TP
\fB-r \fIrandomfile\fB\fR
Specifies a source of random data for generating the
authoriazation. If the operating
system does not provide a \fI/dev/random\fR
or equivalent device, the default source of randomness
is keyboard input. \fIrandomdev\fR specifies
the name of a character device or file containing random
data to be used instead of the default. The special value
\fIkeyboard\fR indicates that keyboard
input should be used.
.TP
\fB-p \fIprotocol\fB\fR
Sets the protocol value for the generated key. The protocol
is a number between 0 and 255. The default is 2 (email) for
keys of type USER and 3 (DNSSEC) for all other key types.
Other possible values for this argument are listed in
RFC 2535 and its successors.
.TP
\fB-s \fIaddress\fB\fR
Specifies the IP address where \fBnamed\fR
listens for command channel connections from
\fBrndc\fR. The default is the loopback
address 127.0.0.1.
.TP
\fB-t \fIchrootdir\fB\fR
Used with the \fB-a\fR option to specify
a directory where \fBnamed\fR will run
chrooted. An additional copy of the \fIrndc.key\fR
will be written relative to this directory so that
it will be found by the chrooted \fBnamed\fR.
.TP
\fB-u \fIuser\fB\fR
Used with the \fB-a\fR option to set the owner
of the \fIrndc.key\fR file generated.
.SH "EXAMPLES"
.PP
To allow \fBrndc\fR to be used with
no manual configuration, run
.PP
\fBrndc-confgen -a\fR
.PP
To print a sample \fIrndc.conf\fR file and
corresponding \fBcontrols\fR and \fBkey\fR
statements to be manually inserted into \fInamed.conf\fR,
run
.PP
\fBrndc-confgen\fR
.SH "SEE ALSO"
.PP
\fBrndc\fR(8),
\fBrndc.conf\fR(5),
\fBnamed\fR(8),
\fIBIND 9 Administrator Reference Manual\fR.
.SH "AUTHOR"
.PP
Internet Software Consortium

273
bin/rndc/rndc-confgen.docbook Normal file
View File

@@ -0,0 +1,273 @@
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN">
<!--
- Copyright (C) 2001 Internet Software Consortium.
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
- THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: rndc-confgen.docbook,v 1.1 2001/08/28 17:29:35 gson Exp $ -->
<refentry>
<refentryinfo>
<date>Aug 27, 2001</date>
</refentryinfo>
<refmeta>
<refentrytitle><application>rndc-confgen</application></refentrytitle>
<manvolnum>8</manvolnum>
<refmiscinfo>BIND9</refmiscinfo>
</refmeta>
<refnamediv>
<refname><application>rndc-confgen</application></refname>
<refpurpose>rndc key generation tool</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>rndc-confgen</command>
<arg><option>-a</option></arg>
<arg><option>-b <replaceable class="parameter">keysize</replaceable></option></arg>
<arg><option>-c <replaceable class="parameter">keyfile</replaceable></option></arg>
<arg><option>-h</option></arg>
<arg><option>-k <replaceable class="parameter">keyname</replaceable></option></arg>
<arg><option>-p <replaceable class="parameter">port</replaceable></option></arg>
<arg><option>-r <replaceable class="parameter">randomfile</replaceable></option></arg>
<arg><option>-s <replaceable class="parameter">address</replaceable></option></arg>
<arg><option>-t <replaceable class="parameter">chrootdir</replaceable></option></arg>
<arg><option>-u <replaceable class="parameter">user</replaceable></option></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1>
<title>DESCRIPTION</title>
<para>
<command>rndc-confgen</command> generates configuration files
for <command>rndc</command>. It can be used as a
convenient alternative to writing the
<filename>rndc.conf</filename> file
and the corresponding <command>controls</command>
and <command>key</command>
statements in <filename>named.conf</filename> by hand.
Alternatively, it can be run with the <command>-a</command>
option to set up a <filename>rndc.key</filename> file and
avoid the need for a <filename>rndc.conf</filename> file
and a <command>controls</command> statement altogether.
</para>
</refsect1>
<refsect1>
<title>OPTIONS</title>
<variablelist>
<varlistentry>
<term>-a</term>
<listitem>
<para>
Do automatic <command>rndc</command> configuration.
This creates a file <filename>rndc.key</filename>
in <filename>/etc</filename> (or whatever
<varname>sysconfdir</varname>
was specified as when <acronym>BIND</acronym> was built)
that is read by both <command>rndc</command>
and <command>named</command> on startup. The
<filename>rndc.key</filename> file defines a default
command channel and authentication key allowing
<command>rndc</command> to communicate with
<command>named</command> with no further configuration.
</para>
<para>
Running <command>rndc-confgen -a</command> allows
BIND 9 and <command>rndc</command> to be used as drop-in
replacements for BIND 8 and <command>ndc</command>,
with no changes to the existing BIND 8
<filename>named.conf</filename> file.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-b <replaceable class="parameter">keysize</replaceable></term>
<listitem>
<para>
Specifies the size of the authentication key in bits.
Must be between 1 and 512 bits; the default is 128.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-c <replaceable class="parameter">keyfile</replaceable></term>
<listitem>
<para>
Used with the <command>-a</command> option to specify
an alternate location for <filename>rndc.key</filename>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-h</term>
<listitem>
<para>
Prints a short summary of the options and arguments to
<command>rndc-confgen</command>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-k <replaceable class="parameter">keyname</replaceable></term>
<listitem>
<para>
Specifies the key name of the rndc authentication key.
This must be a valid domain name.
The default is <constant>rndc-key</constant>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-p <replaceable class="parameter">port</replaceable></term>
<listitem>
<para>
Specifies the command channel port where <command>named</command>
listens for connections from <command>rndc</command>.
The default is 953.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-r <replaceable class="parameter">randomfile</replaceable></term>
<listitem>
<para>
Specifies a source of random data for generating the
authoriazation. If the operating
system does not provide a <filename>/dev/random</filename>
or equivalent device, the default source of randomness
is keyboard input. <filename>randomdev</filename> specifies
the name of a character device or file containing random
data to be used instead of the default. The special value
<filename>keyboard</filename> indicates that keyboard
input should be used.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-p <replaceable class="parameter">protocol</replaceable></term>
<listitem>
<para>
Sets the protocol value for the generated key. The protocol
is a number between 0 and 255. The default is 2 (email) for
keys of type USER and 3 (DNSSEC) for all other key types.
Other possible values for this argument are listed in
RFC 2535 and its successors.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-s <replaceable class="parameter">address</replaceable></term>
<listitem>
<para>
Specifies the IP address where <command>named</command>
listens for command channel connections from
<command>rndc</command>. The default is the loopback
address 127.0.0.1.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-t <replaceable class="parameter">chrootdir</replaceable></term>
<listitem>
<para>
Used with the <command>-a</command> option to specify
a directory where <command>named</command> will run
chrooted. An additional copy of the <filename>rndc.key</filename>
will be written relative to this directory so that
it will be found by the chrooted <command>named</command>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-u <replaceable class="parameter">user</replaceable></term>
<listitem>
<para>
Used with the <command>-a</command> option to set the owner
of the <filename>rndc.key</filename> file generated.
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>EXAMPLES</title>
<para>
To allow <command>rndc</command> to be used with
no manual configuration, run
</para>
<para>
<userinput>rndc-confgen -a</userinput>
</para>
<para>
To print a sample <filename>rndc.conf</filename> file and
corresponding <command>controls</command> and <command>key</command>
statements to be manually inserted into <filename>named.conf</filename>,
run
</para>
<para>
<userinput>rndc-confgen</userinput>
</para>
</refsect1>
<refsect1>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>rndc</refentrytitle>
<manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>rndc.conf</refentrytitle>
<manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>named</refentrytitle>
<manvolnum>8</manvolnum>
</citerefentry>,
<citetitle>BIND 9 Administrator Reference Manual</citetitle>.
</para>
</refsect1>
<refsect1>
<title>AUTHOR</title>
<para>
<corpauthor>Internet Software Consortium</corpauthor>
</para>
</refsect1>
</refentry>
<!--
- Local variables:
- mode: sgml
- End:
-->

556
bin/rndc/rndc-confgen.html Normal file
View File

@@ -0,0 +1,556 @@
<!--
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
- THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-->
<HTML
><HEAD
><TITLE
>rndc-confgen</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.61
"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
><SPAN
CLASS="APPLICATION"
>rndc-confgen</SPAN
></A
></H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN9"
></A
><H2
>Name</H2
><SPAN
CLASS="APPLICATION"
>rndc-confgen</SPAN
>&nbsp;--&nbsp;rndc key generation tool</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN13"
></A
><H2
>Synopsis</H2
><P
><B
CLASS="COMMAND"
>rndc-confgen</B
> [<TT
CLASS="OPTION"
>-a</TT
>] [<TT
CLASS="OPTION"
>-b <TT
CLASS="REPLACEABLE"
><I
>keysize</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-c <TT
CLASS="REPLACEABLE"
><I
>keyfile</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-h</TT
>] [<TT
CLASS="OPTION"
>-k <TT
CLASS="REPLACEABLE"
><I
>keyname</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-p <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-r <TT
CLASS="REPLACEABLE"
><I
>randomfile</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-s <TT
CLASS="REPLACEABLE"
><I
>address</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-t <TT
CLASS="REPLACEABLE"
><I
>chrootdir</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-u <TT
CLASS="REPLACEABLE"
><I
>user</I
></TT
></TT
>]</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN44"
></A
><H2
>DESCRIPTION</H2
><P
> <B
CLASS="COMMAND"
>rndc-confgen</B
> generates configuration files
for <B
CLASS="COMMAND"
>rndc</B
>. It can be used as a
convenient alternative to writing the
<TT
CLASS="FILENAME"
>rndc.conf</TT
> file
and the corresponding <B
CLASS="COMMAND"
>controls</B
>
and <B
CLASS="COMMAND"
>key</B
>
statements in <TT
CLASS="FILENAME"
>named.conf</TT
> by hand.
Alternatively, it can be run with the <B
CLASS="COMMAND"
>-a</B
>
option to set up a <TT
CLASS="FILENAME"
>rndc.key</TT
> file and
avoid the need for a <TT
CLASS="FILENAME"
>rndc.conf</TT
> file
and a <B
CLASS="COMMAND"
>controls</B
> statement altogether.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN57"
></A
><H2
>OPTIONS</H2
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
>-a</DT
><DD
><P
> Do automatic <B
CLASS="COMMAND"
>rndc</B
> configuration.
This creates a file <TT
CLASS="FILENAME"
>rndc.key</TT
>
in <TT
CLASS="FILENAME"
>/etc</TT
> (or whatever
<TT
CLASS="VARNAME"
>sysconfdir</TT
>
was specified as when <SPAN
CLASS="ACRONYM"
>BIND</SPAN
> was built)
that is read by both <B
CLASS="COMMAND"
>rndc</B
>
and <B
CLASS="COMMAND"
>named</B
> on startup. The
<TT
CLASS="FILENAME"
>rndc.key</TT
> file defines a default
command channel and authentication key allowing
<B
CLASS="COMMAND"
>rndc</B
> to communicate with
<B
CLASS="COMMAND"
>named</B
> with no further configuration.
</P
><P
> Running <B
CLASS="COMMAND"
>rndc-confgen -a</B
> allows
BIND 9 and <B
CLASS="COMMAND"
>rndc</B
> to be used as drop-in
replacements for BIND 8 and <B
CLASS="COMMAND"
>ndc</B
>,
with no changes to the existing BIND 8
<TT
CLASS="FILENAME"
>named.conf</TT
> file.
</P
></DD
><DT
>-b <TT
CLASS="REPLACEABLE"
><I
>keysize</I
></TT
></DT
><DD
><P
> Specifies the size of the authentication key in bits.
Must be between 1 and 512 bits; the default is 128.
</P
></DD
><DT
>-c <TT
CLASS="REPLACEABLE"
><I
>keyfile</I
></TT
></DT
><DD
><P
> Used with the <B
CLASS="COMMAND"
>-a</B
> option to specify
an alternate location for <TT
CLASS="FILENAME"
>rndc.key</TT
>.
</P
></DD
><DT
>-h</DT
><DD
><P
> Prints a short summary of the options and arguments to
<B
CLASS="COMMAND"
>rndc-confgen</B
>.
</P
></DD
><DT
>-k <TT
CLASS="REPLACEABLE"
><I
>keyname</I
></TT
></DT
><DD
><P
> Specifies the key name of the rndc authentication key.
This must be a valid domain name.
The default is <TT
CLASS="CONSTANT"
>rndc-key</TT
>.
</P
></DD
><DT
>-p <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
></DT
><DD
><P
> Specifies the command channel port where <B
CLASS="COMMAND"
>named</B
>
listens for connections from <B
CLASS="COMMAND"
>rndc</B
>.
The default is 953.
</P
></DD
><DT
>-r <TT
CLASS="REPLACEABLE"
><I
>randomfile</I
></TT
></DT
><DD
><P
> Specifies a source of random data for generating the
authoriazation. If the operating
system does not provide a <TT
CLASS="FILENAME"
>/dev/random</TT
>
or equivalent device, the default source of randomness
is keyboard input. <TT
CLASS="FILENAME"
>randomdev</TT
> specifies
the name of a character device or file containing random
data to be used instead of the default. The special value
<TT
CLASS="FILENAME"
>keyboard</TT
> indicates that keyboard
input should be used.
</P
></DD
><DT
>-p <TT
CLASS="REPLACEABLE"
><I
>protocol</I
></TT
></DT
><DD
><P
> Sets the protocol value for the generated key. The protocol
is a number between 0 and 255. The default is 2 (email) for
keys of type USER and 3 (DNSSEC) for all other key types.
Other possible values for this argument are listed in
RFC 2535 and its successors.
</P
></DD
><DT
>-s <TT
CLASS="REPLACEABLE"
><I
>address</I
></TT
></DT
><DD
><P
> Specifies the IP address where <B
CLASS="COMMAND"
>named</B
>
listens for command channel connections from
<B
CLASS="COMMAND"
>rndc</B
>. The default is the loopback
address 127.0.0.1.
</P
></DD
><DT
>-t <TT
CLASS="REPLACEABLE"
><I
>chrootdir</I
></TT
></DT
><DD
><P
> Used with the <B
CLASS="COMMAND"
>-a</B
> option to specify
a directory where <B
CLASS="COMMAND"
>named</B
> will run
chrooted. An additional copy of the <TT
CLASS="FILENAME"
>rndc.key</TT
>
will be written relative to this directory so that
it will be found by the chrooted <B
CLASS="COMMAND"
>named</B
>.
</P
></DD
><DT
>-u <TT
CLASS="REPLACEABLE"
><I
>user</I
></TT
></DT
><DD
><P
> Used with the <B
CLASS="COMMAND"
>-a</B
> option to set the owner
of the <TT
CLASS="FILENAME"
>rndc.key</TT
> file generated.
</P
></DD
></DL
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN145"
></A
><H2
>EXAMPLES</H2
><P
> To allow <B
CLASS="COMMAND"
>rndc</B
> to be used with
no manual configuration, run
</P
><P
> <TT
CLASS="USERINPUT"
><B
>rndc-confgen -a</B
></TT
>
</P
><P
> To print a sample <TT
CLASS="FILENAME"
>rndc.conf</TT
> file and
corresponding <B
CLASS="COMMAND"
>controls</B
> and <B
CLASS="COMMAND"
>key</B
>
statements to be manually inserted into <TT
CLASS="FILENAME"
>named.conf</TT
>,
run
</P
><P
> <TT
CLASS="USERINPUT"
><B
>rndc-confgen</B
></TT
>
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN158"
></A
><H2
>SEE ALSO</H2
><P
> <SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>rndc</SPAN
>(8)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>rndc.conf</SPAN
>(5)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>named</SPAN
>(8)</SPAN
>,
<I
CLASS="CITETITLE"
>BIND 9 Administrator Reference Manual</I
>.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN171"
></A
><H2
>AUTHOR</H2
><P
> Internet Software Consortium
</P
></DIV
></BODY
></HTML
>