From: Yu Watanabe Date: Wed, 18 Apr 2018 18:25:25 +0000 (+0900) Subject: man: create man page for resolvectl X-Git-Tag: v239~386^2~1 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=b69f810c8a2ece4e44c1b1898e237bb671b36a21;p=thirdparty%2Fsystemd.git man: create man page for resolvectl --- diff --git a/man/systemd-resolve.xml b/man/resolvectl.xml similarity index 60% rename from man/systemd-resolve.xml rename to man/resolvectl.xml index 21d2901203e..96b3e8dad31 100644 --- a/man/systemd-resolve.xml +++ b/man/resolvectl.xml @@ -10,11 +10,11 @@ Copyright 2016 Lennart Poettering --> - - systemd-resolve + resolvectl systemd @@ -28,118 +28,29 @@ - systemd-resolve + resolvectl 1 - systemd-resolve + resolvectl resolvconf Resolve domain names, IPV4 and IPv6 addresses, DNS resource records, and services; introspect and reconfigure the DNS resolver - systemd-resolve + resolvectl OPTIONS - HOSTNAME + COMMAND + NAME - - - systemd-resolve - OPTIONS - ADDRESS - - - - systemd-resolve - OPTIONS - --type=TYPE - DOMAIN - - - - systemd-resolve - OPTIONS - --service - NAME - TYPE DOMAIN - - - - systemd-resolve - OPTIONS - --openpgp - USER@DOMAIN - - - - systemd-resolve - OPTIONS - --tlsa - DOMAIN:PORT - - - - systemd-resolve - OPTIONS - --statistics - - - - systemd-resolve - OPTIONS - --reset-statistics - - - - systemd-resolve - OPTIONS - --flush-caches - - - - systemd-resolve - OPTIONS - --reset-server-features - - - - systemd-resolve - OPTIONS - --status - - - - systemd-resolve - OPTIONS - --set-dns=SERVER --set-domain=DOMAIN --set-llmnr=MODE --set-mdns=MODE --set-dnssec=MODE --set-nta=DOMAIN - - - - systemd-resolve - OPTIONS - --revert - - - - resolvconf - OPTIONS - -a INTERFACE < FILE - - - - resolvconf - OPTIONS - -d INTERFACE - - Description - systemd-resolve may be used to resolve domain names, IPv4 and IPv6 addresses, DNS resource + resolvectl may be used to resolve domain names, IPv4 and IPv6 addresses, DNS resource records and services with the systemd-resolved.service8 resolver service. By default, the specified list of parameters will be resolved as hostnames, retrieving their IPv4 @@ -151,36 +62,6 @@ authenticated. All data for which local DNSSEC validation succeeds is considered authenticated. Moreover all data originating from local, trusted sources is also reported authenticated, including resolution of the local host name, the localhost host name or all data from /etc/hosts. - - The switch may be used to specify a DNS resource record type (A, AAAA, SOA, MX, …) in - order to request a specific DNS resource record, instead of the address or reverse address lookups. - The special value help may be used to list known values. - - The switch may be used to resolve SRV and DNS-SD services (see below). In this mode, between one and three - arguments are required. If three parameters are passed the first is assumed to be the DNS-SD service name, the - second the SRV service type, and the third the domain to search in. In this case a full DNS-SD style SRV and TXT - lookup is executed. If only two parameters are specified, the first is assumed to be the SRV service type, and the - second the domain to look in. In this case no TXT RR is requested. Finally, if only one parameter is specified, it - is assumed to be a domain name, that is already prefixed with an SRV type, and an SRV lookup is done (no - TXT). - - The switch may be used to query PGP keys stored as - OPENPGPKEY resource records. - When this option is specified one or more e-mail address must be specified. - - The switch maybe be used to query TLS public - keys stored as - TLSA resource records. - When this option is specified one or more domain names must be specified. - - The switch may be used to show resolver statistics, including information about - the number of successful and failed DNSSEC validations. - - The may be used to reset various statistics counters maintained the - resolver, including those shown in the output. This operation requires root - privileges. @@ -239,13 +120,6 @@ - - - - Enables service resolution. This enables DNS-SD and simple SRV service resolution, depending - on the specified list of parameters (see above). - - BOOL @@ -260,28 +134,6 @@ the TXT service metadata record is resolved as well. - - - - Enables OPENPGPKEY resource record resolution (see above). Specified e-mail - addresses are converted to the corresponding DNS domain name, and any OPENPGPKEY keys are - printed. - - - - - - Enables TLSA resource record resolution (see above). - A query will be performed for each of the specified names prefixed with - the port and family - (_port._family.domain). - The port number may be specified after a colon - (:), otherwise 443 will be used - by default. The family may be specified as an argument after - , otherwise tcp will be - used. - - BOOL @@ -315,21 +167,75 @@ query response are shown. Otherwise, this output is suppressed. + + + + + + + + Commands + + + + + + Resolve domain names, IPv4 and IPv6 addresses. + + + + + + Resolve DNS-SD and + SRV services, depending on the specified list of parameters. + If three parameters are passed the first is assumed to be the DNS-SD service name, the second the SRV service type, + and the third the domain to search in. In this case a full DNS-SD style SRV and TXT lookup is executed. If only two + parameters are specified, the first is assumed to be the SRV service type, and the second the domain to look in. In + this case no TXT RR is requested. Finally, if only one parameter is specified, it is assumed to be a domain name, + that is already prefixed with an SRV type, and an SRV lookup is done (no TXT). + + + + + + Query PGP keys stored as OPENPGPKEY + resource records. Specified e-mail addresses are converted to the corresponding DNS domain name, and any + OPENPGPKEY keys are printed. + + - + - If specified general resolver statistics are shown, including information whether DNSSEC is + Query TLS public keys stored as TLSA + resource records. A query will be performed for each of the specified names prefixed with the port and family + (_port._family.domain). + The port number may be specified after a colon (:), otherwise 443 will be used + by default. The family may be specified as the first argument, otherwise tcp will be used. + + + + + + Shows the global and per-link DNS settings in currently in effect. If no command is specified, + this is the implied default. + + + + + + Shows general resolver statistics, including information whether DNSSEC is enabled and available, as well as resolution and validation statistics. - + - Resets the statistics counters shown in to zero. + Resets the statistics counters shown in to zero. + This operation requires root privileges. - + Flushes all DNS resource record caches the service maintains locally. This is mostly equivalent to sending the SIGUSR2 to the systemd-resolved @@ -337,7 +243,7 @@ - + Flushes all feature level information the resolver learnt about specific servers, and ensures that the server feature probing logic is started from the beginning with the next look-up request. This is @@ -346,68 +252,52 @@ - - - Shows the global and per-link DNS settings in currently in effect. - - - - - - - - - - - Set per-interface DNS configuration. These switches may be used to configure various DNS + + + + + + + + Get/set per-interface DNS configuration. These commands may be used to configure various DNS settings for network interfaces that aren't managed by systemd-networkd.service8. (These commands will fail when used on interfaces that are managed by systemd-networkd, please - configure their DNS settings directly inside the .network files instead.) These switches + configure their DNS settings directly inside the .network files instead.) These commands may be used to inform systemd-resolved about per-interface DNS configuration determined - through external means. Multiple of these switches may be passed on a single invocation of - systemd-resolve in order to set multiple configuration options at once. If any of these - switches is used, it must be combined with to indicate the network interface the - new DNS configuration belongs to. The option expects an IPv4 or IPv6 address - specification of a DNS server to use, and may be used multiple times to define multiple servers for the same - interface. The option expects a valid DNS domain, possibly prefixed with - ~, and configures a per-interface search or route-only domain. It may be used multiple times - to configure multiple such domains. The , and - options may be used to configure the per-interface LLMNR, MulticastDNS and - DNSSEC settings. Finally, may be used to configure additional per-interface DNSSEC - NTA domains and may also be used multiple times. For details about these settings, their possible values and - their effect, see the corresponding options in + through external means. The command expects IPv4 or IPv6 address specifications of DNS + servers to use. The command expects valid DNS domains, possibly prefixed with + ~, and configures a per-interface search or route-only domain. The , + and commands may be used to configure the per-interface LLMNR, + MulticastDNS and DNSSEC settings. Finally, command may be used to configure additional + per-interface DNSSEC NTA domains. For details about these settings, their possible values and their effect, + see the corresponding options in systemd.network5. - - - Revert the per-interface DNS configuration. This option must be combined with - to indicate the network interface the DNS configuration shall be reverted on. If - the DNS configuration is reverted all per-interface DNS setting are reset to their defaults, undoing all - effects of , , , - , , . Note that when a - network interface disappears all configuration is lost automatically, an explicit reverting is not necessary in - that case. + + + Revert the per-interface DNS configuration. If the DNS configuration is reverted all + per-interface DNS setting are reset to their defaults, undoing all effects of , + , , , , + . Note that when a network interface disappears all configuration is lost automatically, + an explicit reverting is not necessary in that case. - - - Compatibility with <citerefentry><refentrytitle>resolvconf</refentrytitle><manvolnum>8</manvolnum></citerefentry> - systemd-resolve is a multi-call binary. When invoked as resolvconf - (generally achieved by means of a symbolic link of this name to the systemd-resolve binary) it + resolvectl is a multi-call binary. When invoked as resolvconf + (generally achieved by means of a symbolic link of this name to the resolvectl binary) it is run in a limited resolvconf8 compatibility mode. It accepts mostly the same arguments and pushes all data into systemd-resolved.service8, - similar to how and operate. Note that + similar to how and commands operate. Note that systemd-resolved.service is the only supported backend, which is different from other implementations of this command. Note that not all operations supported by other implementations are supported natively. Specifically: @@ -420,15 +310,14 @@ resolv.conf5 compatible DNS configuration data from its standard input. Relevant fields are nameserver and domain/search. This command is mostly identical to invoking - systemd-resolve with a combination of and - . + resolvectl with a combination of and + commands. Unregisters per-interface DNS configuration data with systemd-resolved. This - command is mostly identical to invoking systemd-resolve with - . + command is mostly identical to invoking resolvectl revert. @@ -481,7 +370,7 @@ Retrieve the addresses of the <literal>www.0pointer.net</literal> domain - $ systemd-resolve www.0pointer.net + $ resolvectl www.0pointer.net www.0pointer.net: 2a01:238:43ed:c300:10c3:bcf3:3266:da74 85.214.157.71 @@ -493,7 +382,7 @@ www.0pointer.net: 2a01:238:43ed:c300:10c3:bcf3:3266:da74 Retrieve the domain of the <literal>85.214.157.71</literal> IP address - $ systemd-resolve 85.214.157.71 + $ resolvectl 85.214.157.71 85.214.157.71: gardel.0pointer.net -- Information acquired via protocol DNS in 1.2997s. @@ -504,7 +393,7 @@ www.0pointer.net: 2a01:238:43ed:c300:10c3:bcf3:3266:da74 Retrieve the MX record of the <literal>yahoo.com</literal> domain - $ systemd-resolve -t MX yahoo.com --legend=no + $ resolvectl -t MX yahoo.com --legend=no yahoo.com. IN MX 1 mta7.am0.yahoodns.net yahoo.com. IN MX 1 mta6.am0.yahoodns.net yahoo.com. IN MX 1 mta5.am0.yahoodns.net @@ -514,7 +403,7 @@ yahoo.com. IN MX 1 mta5.am0.yahoodns.net Resolve an SRV service - $ systemd-resolve --service _xmpp-server._tcp gmail.com + $ resolvectl service _xmpp-server._tcp gmail.com _xmpp-server._tcp/gmail.com: alt1.xmpp-server.l.google.com:5269 [priority=20, weight=0] 173.194.210.125 alt4.xmpp-server.l.google.com:5269 [priority=20, weight=0] @@ -526,7 +415,7 @@ _xmpp-server._tcp/gmail.com: alt1.xmpp-server.l.google.com:5269 [priority=20, we Retrieve a PGP key - $ systemd-resolve --openpgp zbyszek@fedoraproject.org + $ resolvectl openpgp zbyszek@fedoraproject.org d08ee310438ca124a6149ea5cc21b6313b390dce485576eff96f8722._openpgpkey.fedoraproject.org. IN OPENPGPKEY mQINBFBHPMsBEACeInGYJCb+7TurKfb6wGyTottCDtiSJB310i37/6ZYoeIay/5soJjlMyf MFQ9T2XNT/0LM6gTa0MpC1st9LnzYTMsT6tzRly1D1UbVI6xw0g0vE5y2Cjk3xUwAynCsSs @@ -535,10 +424,10 @@ d08ee310438ca124a6149ea5cc21b6313b390dce485576eff96f8722._openpgpkey.fedoraproje - Retrieve a TLS key (<literal>=tcp</literal> and + <title>Retrieve a TLS key (<literal>tcp</literal> and <literal>:443</literal> could be skipped) - $ systemd-resolve --tlsa=tcp fedoraproject.org:443 + $ resolvectl tlsa tcp fedoraproject.org:443 _443._tcp.fedoraproject.org IN TLSA 0 0 1 19400be5b7a31fb733917700789d2f0a2471c0c9d506c0e504c06c16d7cb17c0 -- Cert. usage: CA constraint -- Selector: Full Certificate diff --git a/man/rules/meson.build b/man/rules/meson.build index 9b57f10cc0a..b0919b9d441 100644 --- a/man/rules/meson.build +++ b/man/rules/meson.build @@ -43,6 +43,7 @@ manpages = [ ['nss-systemd', '8', ['libnss_systemd.so.2'], 'ENABLE_NSS_SYSTEMD'], ['os-release', '5', [], ''], ['pam_systemd', '8', [], 'HAVE_PAM'], + ['resolvectl', '1', ['resolvconf'], 'ENABLE_RESOLVE'], ['resolved.conf', '5', ['resolved.conf.d'], 'ENABLE_RESOLVE'], ['runlevel', '8', [], 'ENABLE_UTMP'], ['sd-boot', '7', [], 'ENABLE_EFI'], @@ -614,7 +615,6 @@ manpages = [ 'ENABLE_RANDOMSEED'], ['systemd-rc-local-generator', '8', [], ''], ['systemd-remount-fs.service', '8', ['systemd-remount-fs'], ''], - ['systemd-resolve', '1', ['resolvconf'], 'ENABLE_RESOLVE'], ['systemd-resolved.service', '8', ['systemd-resolved'], 'ENABLE_RESOLVE'], ['systemd-rfkill.service', '8', diff --git a/man/systemd-resolved.service.xml b/man/systemd-resolved.service.xml index fcc39a554eb..9ca1133fedd 100644 --- a/man/systemd-resolved.service.xml +++ b/man/systemd-resolved.service.xml @@ -216,7 +216,7 @@ systemd-resolved will flush all caches it maintains. Note that it should normally not be necessary to request this explicitly – except for debugging purposes – as systemd-resolved flushes the caches automatically anyway any time the host's network configuration changes. Sending this signal - to systemd-resolved is equivalent to the systemd-resolve --flush-caches + to systemd-resolved is equivalent to the resolvectl --flush-caches command, however the latter is recommended since it operates in a synchronous way. @@ -230,7 +230,7 @@ should normally not be necessary to request this explicitly – except for debugging purposes – as systemd-resolved automatically forgets learnt information any time the DNS server configuration changes. Sending this signal to systemd-resolved is equivalent to the - systemd-resolve --reset-server-features command, however the latter is recommended since it + resolvectl --reset-server-features command, however the latter is recommended since it operates in a synchronous way. @@ -244,7 +244,7 @@ resolved.conf5, dnssec-trust-anchors.d5, nss-resolve8, - systemd-resolve1, + resolvectl1, resolv.conf5, hosts5, systemd.network5, diff --git a/man/systemd.dnssd.xml b/man/systemd.dnssd.xml index 12ab78c3951..ae439f0886d 100644 --- a/man/systemd.dnssd.xml +++ b/man/systemd.dnssd.xml @@ -201,10 +201,10 @@ TxtText=path=/stats/index.html t=temperature_sensor This makes the http server running on the host discoverable in the local network given MulticastDNS is enabled on the network interface. - Now the utility systemd-resolve should be able to resolve the + Now the utility resolvectl should be able to resolve the service to the host's name: - $ systemd-resolve --service meteo._http._tcp.local + $ resolvectl service meteo._http._tcp.local meteo._http._tcp.local: meteo.local:80 [priority=0, weight=0] 169.254.208.106%senp0s21f0u2u4 fe80::213:3bff:fe49:8aa%senp0s21f0u2u4 @@ -238,7 +238,8 @@ meteo._http._tcp.local: meteo.local:80 [priority=0, weight=0] See Also systemd1, - systemd-resolved.service8 + systemd-resolved.service8, + resolvectl1