diff --git a/bin/check/named-checkzone.rst b/bin/check/named-checkzone.rst index db8d7ab1df..95c6c7434e 100644 --- a/bin/check/named-checkzone.rst +++ b/bin/check/named-checkzone.rst @@ -21,8 +21,6 @@ .. highlight: console -.. _man_named-checkzone: - named-checkzone, named-compilezone - zone file validity checking or converting tool ----------------------------------------------------------------------------------- diff --git a/doc/arm/manpages.rst b/doc/arm/manpages.rst index 01f610beb4..1c913f52a5 100644 --- a/doc/arm/manpages.rst +++ b/doc/arm/manpages.rst @@ -30,6 +30,7 @@ Manual Pages .. include:: ../../bin/dig/host.rst .. include:: ../../bin/tools/mdig.rst .. include:: ../../bin/check/named-checkconf.rst +.. _man_named-checkzone_named-compilezone: .. include:: ../../bin/check/named-checkzone.rst .. include:: ../../bin/tools/named-journalprint.rst .. include:: ../../bin/tools/named-nzd2nzf.rst diff --git a/doc/man/Makefile.am b/doc/man/Makefile.am index 19c776ad09..28ebb59079 100644 --- a/doc/man/Makefile.am +++ b/doc/man/Makefile.am @@ -23,6 +23,7 @@ MANPAGES_RST = \ mdig.rst \ named-checkconf.rst \ named-checkzone.rst \ + named-compilezone.rst \ named-journalprint.rst \ named-nzd2nzf.rst \ named-rrchecker.rst \ @@ -80,7 +81,6 @@ man_MANS = \ ddns-confgen.8 \ delv.1 \ dig.1 \ - dnstap-read.1 \ host.1 \ mdig.1 \ named-rrchecker.1 \ @@ -101,14 +101,24 @@ man_MANS = \ filter-a.8 \ named-checkconf.1 \ named-checkzone.1 \ + named-compilezone.1 \ named-journalprint.1 \ - named-nzd2nzf.1 \ named.8 \ nsec3hash.1 \ rndc-confgen.8 \ rndc.8 \ tsig-keygen.8 +if HAVE_DNSTAP +man_MANS += \ + dnstap-read.1 +endif HAVE_DNSTAP + +if HAVE_LMDB +man_MANS += \ + named-nzd2nzf.1 +endif HAVE_LMDB + if HAVE_PKCS11 man_MANS += \ pkcs11-destroy.1 \ diff --git a/doc/man/conf.py b/doc/man/conf.py index 659c7d16ec..4def0b08c0 100644 --- a/doc/man/conf.py +++ b/doc/man/conf.py @@ -79,6 +79,7 @@ man_pages = [ ('mdig', 'mdig', 'DNS pipelined lookup utility', author, 1), ('named-checkconf', 'named-checkconf', 'named configuration file syntax checking tool', author, 1), ('named-checkzone', 'named-checkzone', 'zone file validity checking or converting tool', author, 1), + ('named-compilezone', 'named-compilezone', 'zone file validity checking or converting tool', author, 1), ('named-journalprint', 'named-journalprint', 'print zone journal in human-readable form', author, 1), ('named-nzd2nzf', 'named-nzd2nzf', 'convert an NZD database to NZF text format', author, 1), ('named-rrchecker', 'named-rrchecker', 'syntax checker for individual DNS resource records', author, 1), diff --git a/doc/man/named-compilezone.1in b/doc/man/named-compilezone.1in new file mode 100644 index 0000000000..8ac29f999f --- /dev/null +++ b/doc/man/named-compilezone.1in @@ -0,0 +1,218 @@ +.\" Man page generated from reStructuredText. +. +.TH "NAMED-COMPILEZONE" "1" "@RELEASE_DATE@" "@PACKAGE_VERSION@" "BIND 9" +.SH NAME +named-compilezone \- zone file validity checking or converting tool +. +.nr rst2man-indent-level 0 +. +.de1 rstReportMargin +\\$1 \\n[an-margin] +level \\n[rst2man-indent-level] +level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] +- +\\n[rst2man-indent0] +\\n[rst2man-indent1] +\\n[rst2man-indent2] +.. +.de1 INDENT +.\" .rstReportMargin pre: +. RS \\$1 +. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin] +. nr rst2man-indent-level +1 +.\" .rstReportMargin post: +.. +.de UNINDENT +. RE +.\" indent \\n[an-margin] +.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]] +.nr rst2man-indent-level -1 +.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] +.in \\n[rst2man-indent\\n[rst2man-indent-level]]u +.. +.SH SYNOPSIS +.sp +\fBnamed\-checkzone\fP [\fB\-d\fP] [\fB\-h\fP] [\fB\-j\fP] [\fB\-q\fP] [\fB\-v\fP] [\fB\-c\fP class] [\fB\-f\fP format] [\fB\-F\fP format] [\fB\-J\fP filename] [\fB\-i\fP mode] [\fB\-k\fP mode] [\fB\-m\fP mode] [\fB\-M\fP mode] [\fB\-n\fP mode] [\fB\-l\fP ttl] [\fB\-L\fP serial] [\fB\-o\fP filename] [\fB\-r\fP mode] [\fB\-s\fP style] [\fB\-S\fP mode] [\fB\-t\fP directory] [\fB\-T\fP mode] [\fB\-w\fP directory] [\fB\-D\fP] [\fB\-W\fP mode] {zonename} {filename} +.sp +\fBnamed\-compilezone\fP [\fB\-d\fP] [\fB\-j\fP] [\fB\-q\fP] [\fB\-v\fP] [\fB\-c\fP class] [\fB\-C\fP mode] [\fB\-f\fP format] [\fB\-F\fP format] [\fB\-J\fP filename] [\fB\-i\fP mode] [\fB\-k\fP mode] [\fB\-m\fP mode] [\fB\-n\fP mode] [\fB\-l\fP ttl] [\fB\-L\fP serial] [\fB\-r\fP mode] [\fB\-s\fP style] [\fB\-t\fP directory] [\fB\-T\fP mode] [\fB\-w\fP directory] [\fB\-D\fP] [\fB\-W\fP mode] {\fB\-o\fP filename} {zonename} {filename} +.SH DESCRIPTION +.sp +\fBnamed\-checkzone\fP checks the syntax and integrity of a zone file. It +performs the same checks as \fBnamed\fP does when loading a zone. This +makes \fBnamed\-checkzone\fP useful for checking zone files before +configuring them into a name server. +.sp +\fBnamed\-compilezone\fP is similar to \fBnamed\-checkzone\fP, but it always +dumps the zone contents to a specified file in a specified format. +It also applies stricter check levels by default, since the +dump output is used as an actual zone file loaded by \fBnamed\fP\&. +When manually specified otherwise, the check levels must at least be as +strict as those specified in the \fBnamed\fP configuration file. +.SH OPTIONS +.INDENT 0.0 +.TP +.B \fB\-d\fP +This option enables debugging. +.TP +.B \fB\-h\fP +This option prints the usage summary and exits. +.TP +.B \fB\-q\fP +This option sets quiet mode, which only sets an exit code to indicate +successful or failed completion. +.TP +.B \fB\-v\fP +This option prints the version of the \fBnamed\-checkzone\fP program and exits. +.TP +.B \fB\-j\fP +When loading a zone file, this option tells \fBnamed\fP to read the journal if it exists. The journal +file name is assumed to be the zone file name with the +string \fB\&.jnl\fP appended. +.TP +.B \fB\-J filename\fP +When loading the zone file, this option tells \fBnamed\fP to read the journal from the given file, if +it exists. This implies \fB\-j\fP\&. +.TP +.B \fB\-c class\fP +This option specifies the class of the zone. If not specified, \fBIN\fP is assumed. +.TP +.B \fB\-i mode\fP +This option performs post\-load zone integrity checks. Possible modes are +\fBfull\fP (the default), \fBfull\-sibling\fP, \fBlocal\fP, +\fBlocal\-sibling\fP, and \fBnone\fP\&. +.sp +Mode \fBfull\fP checks that MX records refer to A or AAAA records +(both in\-zone and out\-of\-zone hostnames). Mode \fBlocal\fP only +checks MX records which refer to in\-zone hostnames. +.sp +Mode \fBfull\fP checks that SRV records refer to A or AAAA records +(both in\-zone and out\-of\-zone hostnames). Mode \fBlocal\fP only +checks SRV records which refer to in\-zone hostnames. +.sp +Mode \fBfull\fP checks that delegation NS records refer to A or AAAA +records (both in\-zone and out\-of\-zone hostnames). It also checks that +glue address records in the zone match those advertised by the child. +Mode \fBlocal\fP only checks NS records which refer to in\-zone +hostnames or verifies that some required glue exists, i.e., when the +name server is in a child zone. +.sp +Modes \fBfull\-sibling\fP and \fBlocal\-sibling\fP disable sibling glue +checks, but are otherwise the same as \fBfull\fP and \fBlocal\fP, +respectively. +.sp +Mode \fBnone\fP disables the checks. +.TP +.B \fB\-f format\fP +This option specifies the format of the zone file. Possible formats are \fBtext\fP +(the default), \fBraw\fP, and \fBmap\fP\&. +.TP +.B \fB\-F format\fP +This option specifies the format of the output file specified. For +\fBnamed\-checkzone\fP, this does not have any effect unless it dumps +the zone contents. +.sp +Possible formats are \fBtext\fP (the default), which is the standard +textual representation of the zone, and \fBmap\fP, \fBraw\fP, and +\fBraw=N\fP, which store the zone in a binary format for rapid +loading by \fBnamed\fP\&. \fBraw=N\fP specifies the format version of the +raw zone file: if \fBN\fP is 0, the raw file can be read by any version of +\fBnamed\fP; if N is 1, the file can only be read by release 9.9.0 or +higher. The default is 1. +.TP +.B \fB\-k mode\fP +This option performs \fBcheck\-names\fP checks with the specified failure mode. +Possible modes are \fBfail\fP (the default for \fBnamed\-compilezone\fP), +\fBwarn\fP (the default for \fBnamed\-checkzone\fP), and \fBignore\fP\&. +.TP +.B \fB\-l ttl\fP +This option sets a maximum permissible TTL for the input file. Any record with a +TTL higher than this value causes the zone to be rejected. This +is similar to using the \fBmax\-zone\-ttl\fP option in \fBnamed.conf\fP\&. +.TP +.B \fB\-L serial\fP +When compiling a zone to \fBraw\fP or \fBmap\fP format, this option sets the "source +serial" value in the header to the specified serial number. This is +expected to be used primarily for testing purposes. +.TP +.B \fB\-m mode\fP +This option specifies whether MX records should be checked to see if they are +addresses. Possible modes are \fBfail\fP, \fBwarn\fP (the default), and +\fBignore\fP\&. +.TP +.B \fB\-M mode\fP +This option checks whether a MX record refers to a CNAME. Possible modes are +\fBfail\fP, \fBwarn\fP (the default), and \fBignore\fP\&. +.TP +.B \fB\-n mode\fP +This option specifies whether NS records should be checked to see if they are +addresses. Possible modes are \fBfail\fP (the default for +\fBnamed\-compilezone\fP), \fBwarn\fP (the default for \fBnamed\-checkzone\fP), +and \fBignore\fP\&. +.TP +.B \fB\-o filename\fP +This option writes the zone output to \fBfilename\fP\&. If \fBfilename\fP is \fB\-\fP, then +the zone output is written to standard output. This is mandatory for \fBnamed\-compilezone\fP\&. +.TP +.B \fB\-r mode\fP +This option checks for records that are treated as different by DNSSEC but are +semantically equal in plain DNS. Possible modes are \fBfail\fP, +\fBwarn\fP (the default), and \fBignore\fP\&. +.TP +.B \fB\-s style\fP +This option specifies the style of the dumped zone file. Possible styles are +\fBfull\fP (the default) and \fBrelative\fP\&. The \fBfull\fP format is most +suitable for processing automatically by a separate script. +The relative format is more human\-readable and is thus +suitable for editing by hand. For \fBnamed\-checkzone\fP, this does not +have any effect unless it dumps the zone contents. It also does not +have any meaning if the output format is not text. +.TP +.B \fB\-S mode\fP +This option checks whether an SRV record refers to a CNAME. Possible modes are +\fBfail\fP, \fBwarn\fP (the default), and \fBignore\fP\&. +.TP +.B \fB\-t directory\fP +This option tells \fBnamed\fP to chroot to \fBdirectory\fP, so that \fBinclude\fP directives in the +configuration file are processed as if run by a similarly chrooted +\fBnamed\fP\&. +.TP +.B \fB\-T mode\fP +This option checks whether Sender Policy Framework (SPF) records exist and issues a +warning if an SPF\-formatted TXT record is not also present. Possible +modes are \fBwarn\fP (the default) and \fBignore\fP\&. +.TP +.B \fB\-w directory\fP +This option instructs \fBnamed\fP to chdir to \fBdirectory\fP, so that relative filenames in master file +\fB$INCLUDE\fP directives work. This is similar to the directory clause in +\fBnamed.conf\fP\&. +.TP +.B \fB\-D\fP +This option dumps the zone file in canonical format. This is always enabled for +\fBnamed\-compilezone\fP\&. +.TP +.B \fB\-W mode\fP +This option specifies whether to check for non\-terminal wildcards. Non\-terminal +wildcards are almost always the result of a failure to understand the +wildcard matching algorithm (\fI\%RFC 1034\fP). Possible modes are \fBwarn\fP +(the default) and \fBignore\fP\&. +.TP +.B \fBzonename\fP +This indicates the domain name of the zone being checked. +.TP +.B \fBfilename\fP +This is the name of the zone file. +.UNINDENT +.SH RETURN VALUES +.sp +\fBnamed\-checkzone\fP returns an exit status of 1 if errors were detected +and 0 otherwise. +.SH SEE ALSO +.sp +\fBnamed(8)\fP, \fBnamed\-checkconf(8)\fP, \fI\%RFC 1035\fP, BIND 9 Administrator Reference +Manual. +.SH AUTHOR +Internet Systems Consortium +.SH COPYRIGHT +2021, Internet Systems Consortium +.\" Generated by docutils manpage writer. +. diff --git a/doc/man/named-compilezone.rst b/doc/man/named-compilezone.rst new file mode 100644 index 0000000000..a62206cb98 --- /dev/null +++ b/doc/man/named-compilezone.rst @@ -0,0 +1,13 @@ +.. + Copyright (C) Internet Systems Consortium, Inc. ("ISC") + + This Source Code Form is subject to the terms of the Mozilla Public + License, v. 2.0. If a copy of the MPL was not distributed with this + file, you can obtain one at https://mozilla.org/MPL/2.0/. + + See the COPYRIGHT file distributed with this work for additional + information regarding copyright ownership. + +:orphan: + +.. include:: ../../bin/check/named-checkzone.rst \ No newline at end of file diff --git a/util/copyrights b/util/copyrights index b129b212dc..097161ddad 100644 --- a/util/copyrights +++ b/util/copyrights @@ -1252,6 +1252,7 @@ ./doc/man/mdig.rst RST 2020,2021 ./doc/man/named-checkconf.rst RST 2020,2021 ./doc/man/named-checkzone.rst RST 2020,2021 +./doc/man/named-compilezone.rst RST 2021 ./doc/man/named-journalprint.rst RST 2020,2021 ./doc/man/named-nzd2nzf.rst RST 2020,2021 ./doc/man/named-rrchecker.rst RST 2020,2021