diff --git a/bin/dnssec/dnssec-keyfromlabel.8 b/bin/dnssec/dnssec-keyfromlabel.8
index 62e261df8e..21a73f270c 100644
--- a/bin/dnssec/dnssec-keyfromlabel.8
+++ b/bin/dnssec/dnssec-keyfromlabel.8
@@ -12,7 +12,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: dnssec-keyfromlabel.8,v 1.10 2009/09/08 01:14:42 tbox Exp $
+.\" $Id: dnssec-keyfromlabel.8,v 1.11 2009/09/15 01:14:41 tbox Exp $
.\"
.hy 0
.ad l
@@ -32,7 +32,7 @@
dnssec\-keyfromlabel \- DNSSEC key generation tool
.SH "SYNOPSIS"
.HP 20
-\fBdnssec\-keyfromlabel\fR {\-a\ \fIalgorithm\fR} {\-l\ \fIlabel\fR} [\fB\-A\ \fR\fB\fIdate/offset\fR\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-D\ \fR\fB\fIdate/offset\fR\fR] [\fB\-f\ \fR\fB\fIflag\fR\fR] [\fB\-k\fR] [\fB\-K\ \fR\fB\fIdirectory\fR\fR] [\fB\-n\ \fR\fB\fInametype\fR\fR] [\fB\-P\ \fR\fB\fIdate/offset\fR\fR] [\fB\-p\ \fR\fB\fIprotocol\fR\fR] [\fB\-R\ \fR\fB\fIdate/offset\fR\fR] [\fB\-t\ \fR\fB\fItype\fR\fR] [\fB\-U\ \fR\fB\fIdate/offset\fR\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] {name}
+\fBdnssec\-keyfromlabel\fR {\-a\ \fIalgorithm\fR} {\-l\ \fIlabel\fR} [\fB\-A\ \fR\fB\fIdate/offset\fR\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-D\ \fR\fB\fIdate/offset\fR\fR] [\fB\-f\ \fR\fB\fIflag\fR\fR] [\fB\-G\fR] [\fB\-I\ \fR\fB\fIdate/offset\fR\fR] [\fB\-k\fR] [\fB\-K\ \fR\fB\fIdirectory\fR\fR] [\fB\-n\ \fR\fB\fInametype\fR\fR] [\fB\-P\ \fR\fB\fIdate/offset\fR\fR] [\fB\-p\ \fR\fB\fIprotocol\fR\fR] [\fB\-R\ \fR\fB\fIdate/offset\fR\fR] [\fB\-t\ \fR\fB\fItype\fR\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] {name}
.SH "DESCRIPTION"
.PP
\fBdnssec\-keyfromlabel\fR
@@ -85,6 +85,11 @@ Indicates that the DNS record containing the key should have the specified class
Set the specified flag in the flag field of the KEY/DNSKEY record. The only recognized flags are KSK (Key Signing Key) and REVOKE.
.RE
.PP
+\-G
+.RS 4
+Generate a key, but do not publish it or sign with it. This option is incompatible with \-P and \-A.
+.RE
+.PP
\-h
.RS 4
Prints a short summary of the options and arguments to
@@ -123,12 +128,12 @@ Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS. If the argument
.PP
\-P \fIdate/offset\fR
.RS 4
-Sets the date on which a key is to be published to the zone. After that date, the key will be included in the zone but will not be used to sign it.
+Sets the date on which a key is to be published to the zone. After that date, the key will be included in the zone but will not be used to sign it. If not set, and if the \-G option has not been used, the default is "now".
.RE
.PP
\-A \fIdate/offset\fR
.RS 4
-Sets the date on which the key is to be activated. After that date, the key will be included and the zone and used to sign it.
+Sets the date on which the key is to be activated. After that date, the key will be included and the zone and used to sign it. If not set, and if the \-G option has not been used, the default is "now".
.RE
.PP
\-R \fIdate/offset\fR
@@ -138,12 +143,12 @@ Sets the date on which the key is to be revoked. After that date, the key will b
.PP
\-U \fIdate/offset\fR
.RS 4
-Sets the date on which the key is to be unpublished. After that date, the key will no longer be included in the zone, but it may remain in the key repository.
+Sets the date on which the key is to be retired. After that date, the key will still be included in the zone, but it will not be used to sign it.
.RE
.PP
\-D \fIdate/offset\fR
.RS 4
-Sets the date on which the key is to be deleted. After that date, the key can be removed from the key repository. NOTE: Keys are not currently deleted automatically; this field is included for informational purposes and for future development.
+Sets the date on which the key is to be deleted. After that date, the key will no longer be included in the zone. (It may remain in the key repository, however.)
.RE
.SH "GENERATED KEY FILES"
.PP
diff --git a/bin/dnssec/dnssec-keyfromlabel.html b/bin/dnssec/dnssec-keyfromlabel.html
index 2764a5a1de..5c91d6e5c1 100644
--- a/bin/dnssec/dnssec-keyfromlabel.html
+++ b/bin/dnssec/dnssec-keyfromlabel.html
@@ -13,7 +13,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-
+
@@ -28,10 +28,10 @@
Synopsis
-
dnssec-keyfromlabel {-a algorithm} {-l label} [-A date/offset] [-c class] [-D date/offset] [-f flag] [-k] [-K directory] [-n nametype] [-P date/offset] [-p protocol] [-R date/offset] [-t type] [-U date/offset] [-v level] {name}
+
dnssec-keyfromlabel {-a algorithm} {-l label} [-A date/offset] [-c class] [-D date/offset] [-f flag] [-G] [-I date/offset] [-k] [-K directory] [-n nametype] [-P date/offset] [-p protocol] [-R date/offset] [-t type] [-v level] {name}
-
DESCRIPTION
+
DESCRIPTION
dnssec-keyfromlabel
gets keys with the given label from a crypto hardware and builds
key files for DNSSEC (Secure DNS), as defined in RFC 2535
@@ -44,7 +44,7 @@
-
OPTIONS
+
OPTIONS
- -a
algorithm
-
@@ -96,6 +96,11 @@
Set the specified flag in the flag field of the KEY/DNSKEY record.
The only recognized flags are KSK (Key Signing Key) and REVOKE.
+- -G
+
+ Generate a key, but do not publish it or sign with it. This
+ option is incompatible with -P and -A.
+
- -h
Prints a short summary of the options and arguments to
@@ -130,7 +135,7 @@
-
TIMING OPTIONS
+
TIMING OPTIONS
Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS.
If the argument begins with a '+' or '-', it is interpreted as
@@ -146,13 +151,15 @@
Sets the date on which a key is to be published to the zone.
After that date, the key will be included in the zone but will
- not be used to sign it.
+ not be used to sign it. If not set, and if the -G option has
+ not been used, the default is "now".
-A date/offset
Sets the date on which the key is to be activated. After that
date, the key will be included and the zone and used to sign
- it.
+ it. If not set, and if the -G option has not been used, the
+ default is "now".
-R date/offset
@@ -162,22 +169,20 @@
-U date/offset
- Sets the date on which the key is to be unpublished. After that
- date, the key will no longer be included in the zone, but it
- may remain in the key repository.
+ Sets the date on which the key is to be retired. After that
+ date, the key will still be included in the zone, but it
+ will not be used to sign it.
-D date/offset
Sets the date on which the key is to be deleted. After that
- date, the key can be removed from the key repository.
- NOTE: Keys are not currently deleted automatically; this field
- is included for informational purposes and for future
- development.
+ date, the key will no longer be included in the zone. (It
+ may remain in the key repository, however.)
-
GENERATED KEY FILES
+
GENERATED KEY FILES
When dnssec-keyfromlabel completes
successfully,
@@ -216,7 +221,7 @@
-
SEE ALSO
+
SEE ALSO
dnssec-keygen(8),
dnssec-signzone(8),
BIND 9 Administrator Reference Manual,
@@ -226,7 +231,7 @@
-
AUTHOR
+
AUTHOR
Internet Systems Consortium
Synopsis
-
dnssec-keygen [-a algorithm] [-b keysize] [-n nametype] [-3] [-A date/offset] [-C] [-c class] [-D date/offset] [-e] [-f flag] [-g generator] [-h] [-K directory] [-k] [-P date/offset] [-p protocol] [-R date/offset] [-r randomdev] [-s strength] [-t type] [-U date/offset] [-v level] [-z] {name}
+
dnssec-keygen [-a algorithm] [-b keysize] [-n nametype] [-3] [-A date/offset] [-C] [-c class] [-D date/offset] [-e] [-f flag] [-G] [-g generator] [-h] [-I date/offset] [-K directory] [-k] [-P date/offset] [-p protocol] [-R date/offset] [-r randomdev] [-s strength] [-t type] [-v level] [-z] {name}
-
DESCRIPTION
+
DESCRIPTION
dnssec-keygen
generates keys for DNSSEC (Secure DNS), as defined in RFC 2535
and RFC 4034. It can also generate keys for use with
@@ -46,7 +46,7 @@
-
OPTIONS
+
OPTIONS
- -a
algorithm
-
@@ -134,6 +134,11 @@
Set the specified flag in the flag field of the KEY/DNSKEY record.
The only recognized flags are KSK (Key Signing Key) and REVOKE.
+- -G
+
+ Generate a key, but do not publish it or sign with it. This
+ option is incompatible with -P and -A.
+
- -g
generator
If generating a Diffie Hellman key, use this generator.
@@ -208,7 +213,7 @@
-
TIMING OPTIONS
+
TIMING OPTIONS
Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS.
If the argument begins with a '+' or '-', it is interpreted as
@@ -224,13 +229,15 @@
Sets the date on which a key is to be published to the zone.
After that date, the key will be included in the zone but will
- not be used to sign it.
+ not be used to sign it. If not set, and if the -G option has
+ not been used, the default is "now".
-A date/offset
Sets the date on which the key is to be activated. After that
date, the key will be included and the zone and used to sign
- it.
+ it. If not set, and if the -G option has not been used, the
+ default is "now".
-R date/offset
@@ -238,24 +245,22 @@
date, the key will be flagged as revoked. It will be included
in the zone and will be used to sign it.
-
-U date/offset
+
-I date/offset
- Sets the date on which the key is to be unpublished. After that
- date, the key will no longer be included in the zone, but it
- may remain in the key repository.
+ Sets the date on which the key is to be retired. After that
+ date, the key will still be included in the zone, but it
+ will not be used to sign it.
-D date/offset
Sets the date on which the key is to be deleted. After that
- date, the key can be removed from the key repository.
- NOTE: Keys are not currently deleted automatically; this field
- is included for informational purposes and for future
- development.
+ date, the key will no longer be included in the zone. (It
+ may remain in the key repository, however.)
-
GENERATED KEYS
+
GENERATED KEYS
When dnssec-keygen completes
successfully,
@@ -301,7 +306,7 @@
-
EXAMPLE
+
EXAMPLE
To generate a 768-bit DSA key for the domain
example.com, the following command would be
@@ -322,7 +327,7 @@
-
SEE ALSO
+
SEE ALSO
dnssec-signzone(8),
BIND 9 Administrator Reference Manual,
RFC 2539,
@@ -331,7 +336,7 @@
-
AUTHOR
+
AUTHOR
Internet Systems Consortium
Synopsis
-
dnssec-settime [-fr] [-K directory] [-P date/offset] [-A date/offset] [-R date/offset] [-U date/offset] [-D date/offset] [-h] [-v level] {keyfile}
+
dnssec-settime [-f] [-K directory] [-P date/offset] [-A date/offset] [-R date/offset] [-I date/offset] [-D date/offset] [-h] [-v level] {keyfile}
DESCRIPTION
dnssec-settime
reads a DNSSEC private key file and sets the key timing metadata
as specified by the -P, -A,
- -R, -U, and -D
+ -R, -I, and -D
options. The metadata can then be used by
dnssec-signzone or other signing software to
determine when a key is to be published, whether it should be
@@ -113,19 +113,17 @@
date, the key will be flagged as revoked. It will be included
in the zone and will be used to sign it.
-
-U date/offset
+
-I date/offset
- Sets the date on which the key is to be unpublished. After that
- date, the key will no longer be included in the zone, but it
- may remain in the key repository.
+ Sets the date on which the key is to be retired. After that
+ date, the key will still be included in the zone, but it
+ will not be used to sign it.
-D date/offset
Sets the date on which the key is to be deleted. After that
- date, the key can be removed from the key repository.
- NOTE: Keys are not currently deleted automatically; this field
- is included for informational purposes and for future
- development.
+ date, the key will no longer be included in the zone. (It
+ may remain in the key repository, however.)
diff --git a/doc/arm/man.ddns-confgen.html b/doc/arm/man.ddns-confgen.html
index f25b277dc9..98df9d0446 100644
--- a/doc/arm/man.ddns-confgen.html
+++ b/doc/arm/man.ddns-confgen.html
@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-
+
@@ -48,7 +48,7 @@
ddns-confgen [-a algorithm] [-h] [-k keyname] [-r randomfile] [-s name | -z zone] [-q] [name]
-
DESCRIPTION
+
DESCRIPTION
ddns-confgen
generates a key for use by nsupdate
and named. It simplifies configuration
@@ -75,7 +75,7 @@
-
OPTIONS
+
OPTIONS
- -a
algorithm
@@ -142,7 +142,7 @@
-
SEE ALSO
+
SEE ALSO
nsupdate(1),
named.conf(5),
named(8),
@@ -150,7 +150,7 @@
-
AUTHOR
+
AUTHOR
Internet Systems Consortium
Synopsis
-
dnssec-keyfromlabel {-a algorithm} {-l label} [-A date/offset] [-c class] [-D date/offset] [-f flag] [-k] [-K directory] [-n nametype] [-P date/offset] [-p protocol] [-R date/offset] [-t type] [-U date/offset] [-v level] {name}
+
dnssec-keyfromlabel {-a algorithm} {-l label} [-A date/offset] [-c class] [-D date/offset] [-f flag] [-G] [-I date/offset] [-k] [-K directory] [-n nametype] [-P date/offset] [-p protocol] [-R date/offset] [-t type] [-v level] {name}
-
DESCRIPTION
+
DESCRIPTION
dnssec-keyfromlabel
gets keys with the given label from a crypto hardware and builds
key files for DNSSEC (Secure DNS), as defined in RFC 2535
@@ -63,7 +63,7 @@
-
OPTIONS
+
OPTIONS
- -a
algorithm
-
@@ -115,6 +115,11 @@
Set the specified flag in the flag field of the KEY/DNSKEY record.
The only recognized flags are KSK (Key Signing Key) and REVOKE.
+- -G
+
+ Generate a key, but do not publish it or sign with it. This
+ option is incompatible with -P and -A.
+
- -h
Prints a short summary of the options and arguments to
@@ -149,7 +154,7 @@
-
TIMING OPTIONS
+
TIMING OPTIONS
Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS.
If the argument begins with a '+' or '-', it is interpreted as
@@ -165,13 +170,15 @@
Sets the date on which a key is to be published to the zone.
After that date, the key will be included in the zone but will
- not be used to sign it.
+ not be used to sign it. If not set, and if the -G option has
+ not been used, the default is "now".
-A date/offset
Sets the date on which the key is to be activated. After that
date, the key will be included and the zone and used to sign
- it.
+ it. If not set, and if the -G option has not been used, the
+ default is "now".
-R date/offset
@@ -181,22 +188,20 @@
-U date/offset
- Sets the date on which the key is to be unpublished. After that
- date, the key will no longer be included in the zone, but it
- may remain in the key repository.
+ Sets the date on which the key is to be retired. After that
+ date, the key will still be included in the zone, but it
+ will not be used to sign it.
-D date/offset
Sets the date on which the key is to be deleted. After that
- date, the key can be removed from the key repository.
- NOTE: Keys are not currently deleted automatically; this field
- is included for informational purposes and for future
- development.
+ date, the key will no longer be included in the zone. (It
+ may remain in the key repository, however.)
-
GENERATED KEY FILES
+
GENERATED KEY FILES
When dnssec-keyfromlabel completes
successfully,
@@ -235,7 +240,7 @@
-
SEE ALSO
+
SEE ALSO
dnssec-keygen(8),
dnssec-signzone(8),
BIND 9 Administrator Reference Manual,
@@ -245,7 +250,7 @@
-
AUTHOR
+
AUTHOR
Internet Systems Consortium
Synopsis
-
dnssec-keygen [-a algorithm] [-b keysize] [-n nametype] [-3] [-A date/offset] [-C] [-c class] [-D date/offset] [-e] [-f flag] [-g generator] [-h] [-K directory] [-k] [-P date/offset] [-p protocol] [-R date/offset] [-r randomdev] [-s strength] [-t type] [-U date/offset] [-v level] [-z] {name}
+
dnssec-keygen [-a algorithm] [-b keysize] [-n nametype] [-3] [-A date/offset] [-C] [-c class] [-D date/offset] [-e] [-f flag] [-G] [-g generator] [-h] [-I date/offset] [-K directory] [-k] [-P date/offset] [-p protocol] [-R date/offset] [-r randomdev] [-s strength] [-t type] [-v level] [-z] {name}
-
DESCRIPTION
+
DESCRIPTION
dnssec-keygen
generates keys for DNSSEC (Secure DNS), as defined in RFC 2535
and RFC 4034. It can also generate keys for use with
@@ -64,7 +64,7 @@
-
OPTIONS
+
OPTIONS
- -a
algorithm
-
@@ -152,6 +152,11 @@
Set the specified flag in the flag field of the KEY/DNSKEY record.
The only recognized flags are KSK (Key Signing Key) and REVOKE.
+- -G
+
+ Generate a key, but do not publish it or sign with it. This
+ option is incompatible with -P and -A.
+
- -g
generator
If generating a Diffie Hellman key, use this generator.
@@ -226,7 +231,7 @@
-
TIMING OPTIONS
+
TIMING OPTIONS
Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS.
If the argument begins with a '+' or '-', it is interpreted as
@@ -242,13 +247,15 @@
Sets the date on which a key is to be published to the zone.
After that date, the key will be included in the zone but will
- not be used to sign it.
+ not be used to sign it. If not set, and if the -G option has
+ not been used, the default is "now".
-A date/offset
Sets the date on which the key is to be activated. After that
date, the key will be included and the zone and used to sign
- it.
+ it. If not set, and if the -G option has not been used, the
+ default is "now".
-R date/offset
@@ -256,24 +263,22 @@
date, the key will be flagged as revoked. It will be included
in the zone and will be used to sign it.
-
-U date/offset
+
-I date/offset
- Sets the date on which the key is to be unpublished. After that
- date, the key will no longer be included in the zone, but it
- may remain in the key repository.
+ Sets the date on which the key is to be retired. After that
+ date, the key will still be included in the zone, but it
+ will not be used to sign it.
-D date/offset
Sets the date on which the key is to be deleted. After that
- date, the key can be removed from the key repository.
- NOTE: Keys are not currently deleted automatically; this field
- is included for informational purposes and for future
- development.
+ date, the key will no longer be included in the zone. (It
+ may remain in the key repository, however.)
-
GENERATED KEYS
+
GENERATED KEYS
When dnssec-keygen completes
successfully,
@@ -319,7 +324,7 @@
-
EXAMPLE
+
EXAMPLE
To generate a 768-bit DSA key for the domain
example.com, the following command would be
@@ -340,7 +345,7 @@
-
SEE ALSO
+
SEE ALSO
dnssec-signzone(8),
BIND 9 Administrator Reference Manual,
RFC 2539,
@@ -349,7 +354,7 @@
-
AUTHOR
+
AUTHOR
Internet Systems Consortium
dnssec-revoke [-hr] [-v level] [-K directory] [-f] {keyfile}
-
DESCRIPTION
+
DESCRIPTION
dnssec-revoke
reads a DNSSEC key file, sets the REVOKED bit on the key as defined
in RFC 5011, and creates a new pair of key files containing the
@@ -58,7 +58,7 @@
-
SEE ALSO
+
SEE ALSO
dnssec-keygen(8),
BIND 9 Administrator Reference Manual,
RFC 5011.
-
AUTHOR
+
AUTHOR
Internet Systems Consortium
Synopsis
-
dnssec-settime [-fr] [-K directory] [-P date/offset] [-A date/offset] [-R date/offset] [-U date/offset] [-D date/offset] [-h] [-v level] {keyfile}
+
dnssec-settime [-f] [-K directory] [-P date/offset] [-A date/offset] [-R date/offset] [-I date/offset] [-D date/offset] [-h] [-v level] {keyfile}
-
DESCRIPTION
+
DESCRIPTION
dnssec-settime
reads a DNSSEC private key file and sets the key timing metadata
as specified by the -P, -A,
- -R, -U, and -D
+ -R, -I, and -D
options. The metadata can then be used by
dnssec-signzone or other signing software to
determine when a key is to be published, whether it should be
@@ -75,7 +75,7 @@
-
TIMING OPTIONS
+
TIMING OPTIONS
Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS.
If the argument begins with a '+' or '-', it is interpreted as
@@ -131,24 +131,22 @@
date, the key will be flagged as revoked. It will be included
in the zone and will be used to sign it.
-
-U date/offset
+
-I date/offset
- Sets the date on which the key is to be unpublished. After that
- date, the key will no longer be included in the zone, but it
- may remain in the key repository.
+ Sets the date on which the key is to be retired. After that
+ date, the key will still be included in the zone, but it
+ will not be used to sign it.
-D date/offset
Sets the date on which the key is to be deleted. After that
- date, the key can be removed from the key repository.
- NOTE: Keys are not currently deleted automatically; this field
- is included for informational purposes and for future
- development.
+ date, the key will no longer be included in the zone. (It
+ may remain in the key repository, however.)
-
PRINTING OPTIONS
+
PRINTING OPTIONS
dnssec-settime can also be used to print the
timing metadata associated with a key.
@@ -174,7 +172,7 @@
-
SEE ALSO
+
SEE ALSO
dnssec-keygen(8),
dnssec-signzone(8),
BIND 9 Administrator Reference Manual,
@@ -182,7 +180,7 @@
-
AUTHOR
+
AUTHOR
Internet Systems Consortium
dnssec-signzone [-a] [-c class] [-d directory] [-e end-time] [-f output-file] [-g] [-h] [-K directory] [-k key] [-l domain] [-i interval] [-I input-format] [-j jitter] [-N soa-serial-format] [-o origin] [-O output-format] [-p] [-P] [-r randomdev] [-S] [-s start-time] [-T ttl] [-t] [-v level] [-z] [-3 salt] [-H iterations] [-A] {zonefile} [key...]
-
DESCRIPTION
+
DESCRIPTION
dnssec-signzone
signs a zone. It generates
NSEC and RRSIG records and produces a signed version of the
@@ -61,7 +61,7 @@
-
EXAMPLE
+
EXAMPLE
The following command signs the example.com
zone with the DSA key generated by dnssec-keygen
@@ -391,14 +391,14 @@ db.example.com.signed
%
-
SEE ALSO
+
SEE ALSO
dnssec-keygen(8),
BIND 9 Administrator Reference Manual,
RFC 4033.
-
AUTHOR
+
AUTHOR
Internet Systems Consortium
named-checkconf [-h] [-v] [-j] [-t directory] {filename} [-p] [-z]
-
DESCRIPTION
+
DESCRIPTION
named-checkconf
checks the syntax, but not the semantics, of a named
configuration file.
-
RETURN VALUES
+
RETURN VALUES
named-checkconf
returns an exit status of 1 if
errors were detected and 0 otherwise.
-
SEE ALSO
+
SEE ALSO
named(8),
named-checkzone(8),
BIND 9 Administrator Reference Manual.
-
AUTHOR
+
AUTHOR
Internet Systems Consortium
named-compilezone [-d] [-j] [-q] [-v] [-c class] [-C mode] [-f format] [-F format] [-i mode] [-k mode] [-m mode] [-n mode] [-o filename] [-s style] [-t directory] [-w directory] [-D] [-W mode] {zonename} {filename}
-
DESCRIPTION
+
DESCRIPTION
named-checkzone
checks the syntax and integrity of a zone file. It performs the
same checks as named does when loading a
@@ -71,7 +71,7 @@
-
RETURN VALUES
+
RETURN VALUES
named-checkzone
returns an exit status of 1 if
errors were detected and 0 otherwise.
-
SEE ALSO
+
SEE ALSO
named(8),
named-checkconf(8),
RFC 1035,
@@ -272,7 +272,7 @@
-
AUTHOR
+
AUTHOR
Internet Systems Consortium
named [-4] [-6] [-c config-file] [-d debug-level] [-f] [-g] [-m flag] [-n #cpus] [-p port] [-s] [-S #max-socks] [-t directory] [-u user] [-v] [-V] [-x cache-file]
-
DESCRIPTION
+
DESCRIPTION
named
is a Domain Name System (DNS) server,
part of the BIND 9 distribution from ISC. For more
@@ -65,7 +65,7 @@
-
SIGNALS
+
SIGNALS
In routine operation, signals should not be used to control
the nameserver; rndc should be used
@@ -259,7 +259,7 @@
-
CONFIGURATION
+
CONFIGURATION
The named configuration file is too complex
to describe in detail here. A complete description is provided
@@ -276,7 +276,7 @@
-
FILES
+
FILES
/etc/named.conf
@@ -289,7 +289,7 @@
-
SEE ALSO
+
SEE ALSO
RFC 1033,
RFC 1034,
RFC 1035,
@@ -302,7 +302,7 @@
-
AUTHOR
+
AUTHOR
Internet Systems Consortium
nsupdate [-d] [-D] [[-g] | [-o] | [-l] | [-y [hmac:]keyname:secret] | [-k keyfile]] [-t timeout] [-u udptimeout] [-r udpretries] [-R randomdev] [-v] [filename]
-
DESCRIPTION
+
DESCRIPTION
nsupdate
is used to submit Dynamic DNS Update requests as defined in RFC2136
to a name server.
@@ -205,7 +205,7 @@
-
INPUT FORMAT
+
INPUT FORMAT
nsupdate
reads input from
filename
@@ -469,7 +469,7 @@
-
EXAMPLES
+
EXAMPLES
The examples below show how
nsupdate
@@ -523,7 +523,7 @@
-
FILES
+
FILES
/etc/resolv.conf
@@ -546,7 +546,7 @@
-
SEE ALSO
+
SEE ALSO
RFC2136,
RFC3007,
RFC2104,
@@ -560,7 +560,7 @@
-
BUGS
+
BUGS
The TSIG key is redundantly stored in two separate files.
This is a consequence of nsupdate using the DST library
diff --git a/doc/arm/man.rndc-confgen.html b/doc/arm/man.rndc-confgen.html
index 6f33554ffb..11c394d911 100644
--- a/doc/arm/man.rndc-confgen.html
+++ b/doc/arm/man.rndc-confgen.html
@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-
+
@@ -50,7 +50,7 @@
rndc-confgen [-a] [-b keysize] [-c keyfile] [-h] [-k keyname] [-p port] [-r randomfile] [-s address] [-t chrootdir] [-u user]
-
DESCRIPTION
+
DESCRIPTION
rndc-confgen
generates configuration files
for rndc. It can be used as a
@@ -66,7 +66,7 @@
-
EXAMPLES
+
EXAMPLES
To allow rndc to be used with
no manual configuration, run
@@ -190,7 +190,7 @@
-
SEE ALSO
+
SEE ALSO
rndc(8),
rndc.conf(5),
named(8),
@@ -198,7 +198,7 @@
-
AUTHOR
+
AUTHOR
Internet Systems Consortium
-
DESCRIPTION
+
DESCRIPTION
rndc.conf is the configuration file
for rndc, the BIND 9 name server control
utility. This file has a similar structure and syntax to
@@ -135,7 +135,7 @@
-
EXAMPLE
+
EXAMPLE
options {
default-server localhost;
@@ -209,7 +209,7 @@
-
NAME SERVER CONFIGURATION
+
NAME SERVER CONFIGURATION
The name server must be configured to accept rndc connections and
to recognize the key specified in the rndc.conf
@@ -219,7 +219,7 @@
-
SEE ALSO
+
SEE ALSO
rndc(8),
rndc-confgen(8),
mmencode(1),
@@ -227,7 +227,7 @@
-
AUTHOR
+
AUTHOR
Internet Systems Consortium
rndc [-b source-address] [-c config-file] [-k key-file] [-s server] [-p port] [-V] [-y key_id] {command}
-
DESCRIPTION
+
DESCRIPTION
rndc
controls the operation of a name
server. It supersedes the ndc utility
@@ -79,7 +79,7 @@
-
OPTIONS
+
OPTIONS
- -b
source-address
@@ -151,7 +151,7 @@
-
LIMITATIONS
+
LIMITATIONS
rndc
does not yet support all the commands of
the BIND 8 ndc utility.
@@ -165,7 +165,7 @@
-
SEE ALSO
+
SEE ALSO
rndc.conf(5),
rndc-confgen(8),
named(8),
@@ -175,7 +175,7 @@
-
AUTHOR
+
AUTHOR
Internet Systems Consortium