From: Automatic Updater Date: Tue, 8 Sep 2009 01:14:42 +0000 (+0000) Subject: regen X-Git-Tag: v9.7.0a3^2~22 X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=c7d32c0b0ff4c01f0d4479af3410d3c06044d48a;p=thirdparty%2Fbind9.git regen --- diff --git a/bin/dnssec/dnssec-keyfromlabel.8 b/bin/dnssec/dnssec-keyfromlabel.8 index 10c46edbe59..62e261df8ea 100644 --- a/bin/dnssec/dnssec-keyfromlabel.8 +++ b/bin/dnssec/dnssec-keyfromlabel.8 @@ -12,7 +12,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: dnssec-keyfromlabel.8,v 1.9 2009/07/20 01:13:18 tbox Exp $ +.\" $Id: dnssec-keyfromlabel.8,v 1.10 2009/09/08 01:14:42 tbox Exp $ .\" .hy 0 .ad l @@ -32,18 +32,22 @@ dnssec\-keyfromlabel \- DNSSEC key generation tool .SH "SYNOPSIS" .HP 20 -\fBdnssec\-keyfromlabel\fR {\-a\ \fIalgorithm\fR} {\-l\ \fIlabel\fR} [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-f\ \fR\fB\fIflag\fR\fR] [\fB\-k\fR] [\fB\-K\ \fR\fB\fIdirectory\fR\fR] [\fB\-n\ \fR\fB\fInametype\fR\fR] [\fB\-p\ \fR\fB\fIprotocol\fR\fR] [\fB\-t\ \fR\fB\fItype\fR\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] {name} +\fBdnssec\-keyfromlabel\fR {\-a\ \fIalgorithm\fR} {\-l\ \fIlabel\fR} [\fB\-A\ \fR\fB\fIdate/offset\fR\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-D\ \fR\fB\fIdate/offset\fR\fR] [\fB\-f\ \fR\fB\fIflag\fR\fR] [\fB\-k\fR] [\fB\-K\ \fR\fB\fIdirectory\fR\fR] [\fB\-n\ \fR\fB\fInametype\fR\fR] [\fB\-P\ \fR\fB\fIdate/offset\fR\fR] [\fB\-p\ \fR\fB\fIprotocol\fR\fR] [\fB\-R\ \fR\fB\fIdate/offset\fR\fR] [\fB\-t\ \fR\fB\fItype\fR\fR] [\fB\-U\ \fR\fB\fIdate/offset\fR\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] {name} .SH "DESCRIPTION" .PP \fBdnssec\-keyfromlabel\fR gets keys with the given label from a crypto hardware and builds key files for DNSSEC (Secure DNS), as defined in RFC 2535 and RFC 4034. +.PP +The +\fBname\fR +of the key is specified on the command line. This must match the name of the zone for which the key is being generated. .SH "OPTIONS" .PP \-a \fIalgorithm\fR .RS 4 Selects the cryptographic algorithm. The value of \fBalgorithm\fR -must be one of RSAMD5 (RSA) or RSASHA1, DSA, NSEC3RSASHA1, NSEC3DSA or DH (Diffie Hellman). These values are case insensitive. +must be one of RSAMD5 (RSA), RSASHA1, DSA, NSEC3RSASHA1, NSEC3DSA or DH (Diffie Hellman). These values are case insensitive. .sp Note 1: that for DNSSEC, RSASHA1 is a mandatory to implement algorithm, and DSA is recommended. .sp @@ -62,6 +66,15 @@ Specifies the owner type of the key. The value of must either be ZONE (for a DNSSEC zone key (KEY/DNSKEY)), HOST or ENTITY (for a key associated with a host (KEY)), USER (for a key associated with a user(KEY)) or OTHER (DNSKEY). These values are case insensitive. .RE .PP +\-C +.RS 4 +Compatibility mode: generates an old\-style key, without any metadata. By default, +\fBdnssec\-keyfromlabel\fR +will include the key's creation date in the metadata stored with the private key, and other dates may be set there as well (publication date, activation date, etc). Keys that include this data may be incompatible with older versions of BIND; the +\fB\-C\fR +option suppresses them. +.RE +.PP \-c \fIclass\fR .RS 4 Indicates that the DNS record containing the key should have the specified class. If not specified, class IN is used. @@ -69,13 +82,13 @@ Indicates that the DNS record containing the key should have the specified class .PP \-f \fIflag\fR .RS 4 -Set the specified flag in the flag field of the KEY/DNSKEY record. The only recognized flag is KSK (Key Signing Key) DNSKEY. +Set the specified flag in the flag field of the KEY/DNSKEY record. The only recognized flags are KSK (Key Signing Key) and REVOKE. .RE .PP \-h .RS 4 Prints a short summary of the options and arguments to -\fBdnssec\-keygen\fR. +\fBdnssec\-keyfromlabel\fR. .RE .PP \-K \fIdirectory\fR @@ -90,7 +103,7 @@ Generate KEY records rather than DNSKEY records. .PP \-p \fIprotocol\fR .RS 4 -Sets the protocol value for the generated key. The protocol is a number between 0 and 255. The default is 3 (DNSSEC). Other possible values for this argument are listed in RFC 2535 and its successors. +Sets the protocol value for the key. The protocol is a number between 0 and 255. The default is 3 (DNSSEC). Other possible values for this argument are listed in RFC 2535 and its successors. .RE .PP \-t \fItype\fR @@ -104,6 +117,34 @@ must be one of AUTHCONF, NOAUTHCONF, NOAUTH, or NOCONF. The default is AUTHCONF. .RS 4 Sets the debugging level. .RE +.SH "TIMING OPTIONS" +.PP +Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS. If the argument begins with a '+' or '\-', it is interpreted as an offset from the present time. For convenience, if such an offset is followed by one of the suffixes 'y', 'mo', 'w', 'd', 'h', or 'mi', then the offset is computed in years (defined as 365 24\-hour days, ignoring leap years), months (defined as 30 24\-hour days), weeks, days, hours, or minutes, respectively. Without a suffix, the offset is computed in seconds. +.PP +\-P \fIdate/offset\fR +.RS 4 +Sets the date on which a key is to be published to the zone. After that date, the key will be included in the zone but will not be used to sign it. +.RE +.PP +\-A \fIdate/offset\fR +.RS 4 +Sets the date on which the key is to be activated. After that date, the key will be included and the zone and used to sign it. +.RE +.PP +\-R \fIdate/offset\fR +.RS 4 +Sets the date on which the key is to be revoked. After that date, the key will be flagged as revoked. It will be included in the zone and will be used to sign it. +.RE +.PP +\-U \fIdate/offset\fR +.RS 4 +Sets the date on which the key is to be unpublished. After that date, the key will no longer be included in the zone, but it may remain in the key repository. +.RE +.PP +\-D \fIdate/offset\fR +.RS 4 +Sets the date on which the key is to be deleted. After that date, the key can be removed from the key repository. NOTE: Keys are not currently deleted automatically; this field is included for informational purposes and for future development. +.RE .SH "GENERATED KEY FILES" .PP When @@ -137,7 +178,7 @@ file contains a DNS KEY record that can be inserted into a zone file (directly o .PP The \fI.private\fR -file contains algorithm specific fields. For obvious security reasons, this file does not have general read permission. +file contains algorithm\-specific fields. For obvious security reasons, this file does not have general read permission. .SH "SEE ALSO" .PP \fBdnssec\-keygen\fR(8), diff --git a/bin/dnssec/dnssec-keyfromlabel.html b/bin/dnssec/dnssec-keyfromlabel.html index c081c2e0120..2764a5a1dea 100644 --- a/bin/dnssec/dnssec-keyfromlabel.html +++ b/bin/dnssec/dnssec-keyfromlabel.html @@ -13,7 +13,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -28,25 +28,30 @@

Synopsis

-

dnssec-keyfromlabel {-a algorithm} {-l label} [-c class] [-f flag] [-k] [-K directory] [-n nametype] [-p protocol] [-t type] [-v level] {name}

+

dnssec-keyfromlabel {-a algorithm} {-l label} [-A date/offset] [-c class] [-D date/offset] [-f flag] [-k] [-K directory] [-n nametype] [-P date/offset] [-p protocol] [-R date/offset] [-t type] [-U date/offset] [-v level] {name}

-

DESCRIPTION

+

DESCRIPTION

dnssec-keyfromlabel gets keys with the given label from a crypto hardware and builds key files for DNSSEC (Secure DNS), as defined in RFC 2535 and RFC 4034.

+

+ The name of the key is specified on the command + line. This must match the name of the zone for which the key is + being generated. +

-

OPTIONS

+

OPTIONS

-a algorithm

Selects the cryptographic algorithm. The value of - algorithm must be one of RSAMD5 (RSA) - or RSASHA1, DSA, NSEC3RSASHA1, NSEC3DSA or DH (Diffie Hellman). + algorithm must be one of RSAMD5 (RSA), + RSASHA1, DSA, NSEC3RSASHA1, NSEC3DSA or DH (Diffie Hellman). These values are case insensitive.

@@ -69,8 +74,17 @@ zone key (KEY/DNSKEY)), HOST or ENTITY (for a key associated with a host (KEY)), USER (for a key associated with a user(KEY)) or OTHER (DNSKEY). - These values are - case insensitive. + These values are case insensitive. +

+
-C
+

+ Compatibility mode: generates an old-style key, without + any metadata. By default, dnssec-keyfromlabel + will include the key's creation date in the metadata stored + with the private key, and other dates may be set there as well + (publication date, activation date, etc). Keys that include + this data may be incompatible with older versions of BIND; the + -C option suppresses them.

-c class

@@ -80,12 +94,12 @@

-f flag

Set the specified flag in the flag field of the KEY/DNSKEY record. - The only recognized flag is KSK (Key Signing Key) DNSKEY. + The only recognized flags are KSK (Key Signing Key) and REVOKE.

-h

Prints a short summary of the options and arguments to - dnssec-keygen. + dnssec-keyfromlabel.

-K directory

@@ -97,7 +111,7 @@

-p protocol

- Sets the protocol value for the generated key. The protocol + Sets the protocol value for the key. The protocol is a number between 0 and 255. The default is 3 (DNSSEC). Other possible values for this argument are listed in RFC 2535 and its successors. @@ -116,7 +130,54 @@

-

GENERATED KEY FILES

+

TIMING OPTIONS

+

+ Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS. + If the argument begins with a '+' or '-', it is interpreted as + an offset from the present time. For convenience, if such an offset + is followed by one of the suffixes 'y', 'mo', 'w', 'd', 'h', or 'mi', + then the offset is computed in years (defined as 365 24-hour days, + ignoring leap years), months (defined as 30 24-hour days), weeks, + days, hours, or minutes, respectively. Without a suffix, the offset + is computed in seconds. +

+
+
-P date/offset
+

+ Sets the date on which a key is to be published to the zone. + After that date, the key will be included in the zone but will + not be used to sign it. +

+
-A date/offset
+

+ Sets the date on which the key is to be activated. After that + date, the key will be included and the zone and used to sign + it. +

+
-R date/offset
+

+ Sets the date on which the key is to be revoked. After that + date, the key will be flagged as revoked. It will be included + in the zone and will be used to sign it. +

+
-U date/offset
+

+ Sets the date on which the key is to be unpublished. After that + date, the key will no longer be included in the zone, but it + may remain in the key repository. +

+
-D date/offset
+

+ Sets the date on which the key is to be deleted. After that + date, the key can be removed from the key repository. + NOTE: Keys are not currently deleted automatically; this field + is included for informational purposes and for future + development. +

+
+
+
+

GENERATED KEY FILES

When dnssec-keyfromlabel completes successfully, @@ -128,8 +189,7 @@

  • nnnn is the key name.

  • aaa is the numeric representation - of the - algorithm. + of the algorithm.

  • iiiii is the key identifier (or footprint). @@ -140,8 +200,7 @@ on the printed string. Knnnn.+aaa+iiiii.key contains the public key, and Knnnn.+aaa+iiiii.private contains the - private - key. + private key.

    The .key file contains a DNS KEY record @@ -150,14 +209,14 @@ statement).

    - The .private file contains algorithm - specific + The .private file contains + algorithm-specific fields. For obvious security reasons, this file does not have general read permission.

    • -

    SEE ALSO

    +

    SEE ALSO

    dnssec-keygen(8), dnssec-signzone(8), BIND 9 Administrator Reference Manual, @@ -167,7 +226,7 @@

    -

    AUTHOR

    +

    AUTHOR

    Internet Systems Consortium

    diff --git a/doc/arm/man.ddns-confgen.html b/doc/arm/man.ddns-confgen.html index c333ded46f7..f25b277dc94 100644 --- a/doc/arm/man.ddns-confgen.html +++ b/doc/arm/man.ddns-confgen.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -48,7 +48,7 @@

    ddns-confgen [-a algorithm] [-h] [-k keyname] [-r randomfile] [-s name | -z zone] [-q] [name]

    -

    DESCRIPTION

    +

    DESCRIPTION

    ddns-confgen generates a key for use by nsupdate and named. It simplifies configuration @@ -75,7 +75,7 @@

    -

    OPTIONS

    +

    OPTIONS

    -a algorithm

    @@ -142,7 +142,7 @@

    -

    SEE ALSO

    +

    SEE ALSO

    nsupdate(1), named.conf(5), named(8), @@ -150,7 +150,7 @@

    -

    AUTHOR

    +

    AUTHOR

    Internet Systems Consortium

    diff --git a/doc/arm/man.dnssec-keyfromlabel.html b/doc/arm/man.dnssec-keyfromlabel.html index 0fe11c6e9fe..d177445b162 100644 --- a/doc/arm/man.dnssec-keyfromlabel.html +++ b/doc/arm/man.dnssec-keyfromlabel.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -47,25 +47,30 @@

    Synopsis

    -

    dnssec-keyfromlabel {-a algorithm} {-l label} [-c class] [-f flag] [-k] [-K directory] [-n nametype] [-p protocol] [-t type] [-v level] {name}

    +

    dnssec-keyfromlabel {-a algorithm} {-l label} [-A date/offset] [-c class] [-D date/offset] [-f flag] [-k] [-K directory] [-n nametype] [-P date/offset] [-p protocol] [-R date/offset] [-t type] [-U date/offset] [-v level] {name}

    -

    DESCRIPTION

    +

    DESCRIPTION

    dnssec-keyfromlabel gets keys with the given label from a crypto hardware and builds key files for DNSSEC (Secure DNS), as defined in RFC 2535 and RFC 4034.

    +

    + The name of the key is specified on the command + line. This must match the name of the zone for which the key is + being generated. +

    -

    OPTIONS

    +

    OPTIONS

    -a algorithm

    Selects the cryptographic algorithm. The value of - algorithm must be one of RSAMD5 (RSA) - or RSASHA1, DSA, NSEC3RSASHA1, NSEC3DSA or DH (Diffie Hellman). + algorithm must be one of RSAMD5 (RSA), + RSASHA1, DSA, NSEC3RSASHA1, NSEC3DSA or DH (Diffie Hellman). These values are case insensitive.

    @@ -88,8 +93,17 @@ zone key (KEY/DNSKEY)), HOST or ENTITY (for a key associated with a host (KEY)), USER (for a key associated with a user(KEY)) or OTHER (DNSKEY). - These values are - case insensitive. + These values are case insensitive. +

    +
    -C
    +

    + Compatibility mode: generates an old-style key, without + any metadata. By default, dnssec-keyfromlabel + will include the key's creation date in the metadata stored + with the private key, and other dates may be set there as well + (publication date, activation date, etc). Keys that include + this data may be incompatible with older versions of BIND; the + -C option suppresses them.

    -c class

    @@ -99,12 +113,12 @@

    -f flag

    Set the specified flag in the flag field of the KEY/DNSKEY record. - The only recognized flag is KSK (Key Signing Key) DNSKEY. + The only recognized flags are KSK (Key Signing Key) and REVOKE.

    -h

    Prints a short summary of the options and arguments to - dnssec-keygen. + dnssec-keyfromlabel.

    -K directory

    @@ -116,7 +130,7 @@

    -p protocol

    - Sets the protocol value for the generated key. The protocol + Sets the protocol value for the key. The protocol is a number between 0 and 255. The default is 3 (DNSSEC). Other possible values for this argument are listed in RFC 2535 and its successors. @@ -135,7 +149,54 @@

    -

    GENERATED KEY FILES

    +

    TIMING OPTIONS

    +

    + Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS. + If the argument begins with a '+' or '-', it is interpreted as + an offset from the present time. For convenience, if such an offset + is followed by one of the suffixes 'y', 'mo', 'w', 'd', 'h', or 'mi', + then the offset is computed in years (defined as 365 24-hour days, + ignoring leap years), months (defined as 30 24-hour days), weeks, + days, hours, or minutes, respectively. Without a suffix, the offset + is computed in seconds. +

    +
    +
    -P date/offset
    +

    + Sets the date on which a key is to be published to the zone. + After that date, the key will be included in the zone but will + not be used to sign it. +

    +
    -A date/offset
    +

    + Sets the date on which the key is to be activated. After that + date, the key will be included and the zone and used to sign + it. +

    +
    -R date/offset
    +

    + Sets the date on which the key is to be revoked. After that + date, the key will be flagged as revoked. It will be included + in the zone and will be used to sign it. +

    +
    -U date/offset
    +

    + Sets the date on which the key is to be unpublished. After that + date, the key will no longer be included in the zone, but it + may remain in the key repository. +

    +
    -D date/offset
    +

    + Sets the date on which the key is to be deleted. After that + date, the key can be removed from the key repository. + NOTE: Keys are not currently deleted automatically; this field + is included for informational purposes and for future + development. +

    +
    +
    +
    +

    GENERATED KEY FILES

    When dnssec-keyfromlabel completes successfully, @@ -147,8 +208,7 @@

  • nnnn is the key name.

  • aaa is the numeric representation - of the - algorithm. + of the algorithm.

  • iiiii is the key identifier (or footprint). @@ -159,8 +219,7 @@ on the printed string. Knnnn.+aaa+iiiii.key contains the public key, and Knnnn.+aaa+iiiii.private contains the - private - key. + private key.

    The .key file contains a DNS KEY record @@ -169,14 +228,14 @@ statement).

    - The .private file contains algorithm - specific + The .private file contains + algorithm-specific fields. For obvious security reasons, this file does not have general read permission.

    • -

    SEE ALSO

    +

    SEE ALSO

    dnssec-keygen(8), dnssec-signzone(8), BIND 9 Administrator Reference Manual, @@ -186,7 +245,7 @@

    -

    AUTHOR

    +

    AUTHOR

    Internet Systems Consortium

    diff --git a/doc/arm/man.dnssec-keygen.html b/doc/arm/man.dnssec-keygen.html index 76c1fb62e01..fefeaa7825a 100644 --- a/doc/arm/man.dnssec-keygen.html +++ b/doc/arm/man.dnssec-keygen.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -50,7 +50,7 @@

    dnssec-keygen [-a algorithm] [-b keysize] [-n nametype] [-3] [-A date/offset] [-C] [-c class] [-D date/offset] [-e] [-f flag] [-g generator] [-h] [-K directory] [-k] [-P date/offset] [-p protocol] [-R date/offset] [-r randomdev] [-s strength] [-t type] [-U date/offset] [-v level] [-z] {name}

    -

    DESCRIPTION

    +

    DESCRIPTION

    dnssec-keygen generates keys for DNSSEC (Secure DNS), as defined in RFC 2535 and RFC 4034. It can also generate keys for use with @@ -64,7 +64,7 @@

    -

    OPTIONS

    +

    OPTIONS

    -a algorithm
    @@ -226,7 +226,7 @@
    -

    TIMING OPTIONS

    +

    TIMING OPTIONS

    Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS. If the argument begins with a '+' or '-', it is interpreted as @@ -273,7 +273,7 @@

    -

    GENERATED KEYS

    +

    GENERATED KEYS

    When dnssec-keygen completes successfully, @@ -319,7 +319,7 @@

    -

    EXAMPLE

    +

    EXAMPLE

    To generate a 768-bit DSA key for the domain example.com, the following command would be @@ -340,7 +340,7 @@

    -

    SEE ALSO

    +

    SEE ALSO

    dnssec-signzone(8), BIND 9 Administrator Reference Manual, RFC 2539, @@ -349,7 +349,7 @@

    -

    AUTHOR

    +

    AUTHOR

    Internet Systems Consortium

    diff --git a/doc/arm/man.dnssec-revoke.html b/doc/arm/man.dnssec-revoke.html index 9396e59333a..4020c1a0c9d 100644 --- a/doc/arm/man.dnssec-revoke.html +++ b/doc/arm/man.dnssec-revoke.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -50,7 +50,7 @@

    dnssec-revoke [-hr] [-v level] [-K directory] [-f] {keyfile}

    -

    DESCRIPTION

    +

    DESCRIPTION

    dnssec-revoke reads a DNSSEC key file, sets the REVOKED bit on the key as defined in RFC 5011, and creates a new pair of key files containing the @@ -58,7 +58,7 @@

    -

    OPTIONS

    +

    OPTIONS

    -h

    @@ -86,14 +86,14 @@

    -

    SEE ALSO

    +

    SEE ALSO

    dnssec-keygen(8), BIND 9 Administrator Reference Manual, RFC 5011.

    -

    AUTHOR

    +

    AUTHOR

    Internet Systems Consortium

    diff --git a/doc/arm/man.dnssec-settime.html b/doc/arm/man.dnssec-settime.html index 6146b93b375..c02f1d8efd3 100644 --- a/doc/arm/man.dnssec-settime.html +++ b/doc/arm/man.dnssec-settime.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -50,7 +50,7 @@

    dnssec-settime [-fr] [-K directory] [-P date/offset] [-A date/offset] [-R date/offset] [-U date/offset] [-D date/offset] [-h] [-v level] {keyfile}

    -

    DESCRIPTION

    +

    DESCRIPTION

    dnssec-settime reads a DNSSEC private key file and sets the key timing metadata as specified by the -P, -A, @@ -75,7 +75,7 @@

    -

    OPTIONS

    +

    OPTIONS

    -f

    @@ -101,7 +101,7 @@

    -

    TIMING OPTIONS

    +

    TIMING OPTIONS

    Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS. If the argument begins with a '+' or '-', it is interpreted as @@ -148,7 +148,7 @@

    -

    PRINTING OPTIONS

    +

    PRINTING OPTIONS

    dnssec-settime can also be used to print the timing metadata associated with a key. @@ -174,7 +174,7 @@

    -

    SEE ALSO

    +

    SEE ALSO

    dnssec-keygen(8), dnssec-signzone(8), BIND 9 Administrator Reference Manual, @@ -182,7 +182,7 @@

    -

    AUTHOR

    +

    AUTHOR

    Internet Systems Consortium

    diff --git a/doc/arm/man.dnssec-signzone.html b/doc/arm/man.dnssec-signzone.html index b4706285a64..3e52b6a58a1 100644 --- a/doc/arm/man.dnssec-signzone.html +++ b/doc/arm/man.dnssec-signzone.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -50,7 +50,7 @@

    dnssec-signzone [-a] [-c class] [-d directory] [-e end-time] [-f output-file] [-g] [-h] [-K directory] [-k key] [-l domain] [-i interval] [-I input-format] [-j jitter] [-N soa-serial-format] [-o origin] [-O output-format] [-p] [-P] [-r randomdev] [-S] [-s start-time] [-T ttl] [-t] [-v level] [-z] [-3 salt] [-H iterations] [-A] {zonefile} [key...]

    -

    DESCRIPTION

    +

    DESCRIPTION

    dnssec-signzone signs a zone. It generates NSEC and RRSIG records and produces a signed version of the @@ -61,7 +61,7 @@

    -

    OPTIONS

    +

    OPTIONS

    -a

    @@ -362,7 +362,7 @@

    -

    EXAMPLE

    +

    EXAMPLE

    The following command signs the example.com zone with the DSA key generated by dnssec-keygen @@ -391,14 +391,14 @@ db.example.com.signed %

    -

    SEE ALSO

    +

    SEE ALSO

    dnssec-keygen(8), BIND 9 Administrator Reference Manual, RFC 4033.

    -

    AUTHOR

    +

    AUTHOR

    Internet Systems Consortium

    diff --git a/doc/arm/man.named-checkconf.html b/doc/arm/man.named-checkconf.html index a0de1afb8c7..3f166f03d08 100644 --- a/doc/arm/man.named-checkconf.html +++ b/doc/arm/man.named-checkconf.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -50,14 +50,14 @@

    named-checkconf [-h] [-v] [-j] [-t directory] {filename} [-p] [-z]

    -

    DESCRIPTION

    +

    DESCRIPTION

    named-checkconf checks the syntax, but not the semantics, of a named configuration file.

    -

    OPTIONS

    +

    OPTIONS

    -h

    @@ -96,21 +96,21 @@

    -

    RETURN VALUES

    +

    RETURN VALUES

    named-checkconf returns an exit status of 1 if errors were detected and 0 otherwise.

    -

    SEE ALSO

    +

    SEE ALSO

    named(8), named-checkzone(8), BIND 9 Administrator Reference Manual.

    -

    AUTHOR

    +

    AUTHOR

    Internet Systems Consortium

    diff --git a/doc/arm/man.named-checkzone.html b/doc/arm/man.named-checkzone.html index 38346d3b68d..e9a0fe97370 100644 --- a/doc/arm/man.named-checkzone.html +++ b/doc/arm/man.named-checkzone.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -51,7 +51,7 @@

    named-compilezone [-d] [-j] [-q] [-v] [-c class] [-C mode] [-f format] [-F format] [-i mode] [-k mode] [-m mode] [-n mode] [-o filename] [-s style] [-t directory] [-w directory] [-D] [-W mode] {zonename} {filename}

    -

    DESCRIPTION

    +

    DESCRIPTION

    named-checkzone checks the syntax and integrity of a zone file. It performs the same checks as named does when loading a @@ -71,7 +71,7 @@

    -

    OPTIONS

    +

    OPTIONS

    -d

    @@ -257,14 +257,14 @@

    -

    RETURN VALUES

    +

    RETURN VALUES

    named-checkzone returns an exit status of 1 if errors were detected and 0 otherwise.

    -

    SEE ALSO

    +

    SEE ALSO

    named(8), named-checkconf(8), RFC 1035, @@ -272,7 +272,7 @@

    -

    AUTHOR

    +

    AUTHOR

    Internet Systems Consortium

    diff --git a/doc/arm/man.named.html b/doc/arm/man.named.html index 829da5d0bc0..57a0af06b39 100644 --- a/doc/arm/man.named.html +++ b/doc/arm/man.named.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -50,7 +50,7 @@

    named [-4] [-6] [-c config-file] [-d debug-level] [-f] [-g] [-m flag] [-n #cpus] [-p port] [-s] [-S #max-socks] [-t directory] [-u user] [-v] [-V] [-x cache-file]

    -

    DESCRIPTION

    +

    DESCRIPTION

    named is a Domain Name System (DNS) server, part of the BIND 9 distribution from ISC. For more @@ -65,7 +65,7 @@

    -

    OPTIONS

    +

    OPTIONS

    -4

    @@ -238,7 +238,7 @@

    -

    SIGNALS

    +

    SIGNALS

    In routine operation, signals should not be used to control the nameserver; rndc should be used @@ -259,7 +259,7 @@

    -

    CONFIGURATION

    +

    CONFIGURATION

    The named configuration file is too complex to describe in detail here. A complete description is provided @@ -276,7 +276,7 @@

    -

    FILES

    +

    FILES

    /etc/named.conf

    @@ -289,7 +289,7 @@

    -

    SEE ALSO

    +

    SEE ALSO

    RFC 1033, RFC 1034, RFC 1035, @@ -302,7 +302,7 @@

    -

    AUTHOR

    +

    AUTHOR

    Internet Systems Consortium

    diff --git a/doc/arm/man.nsupdate.html b/doc/arm/man.nsupdate.html index 1a901314b4c..5eb0685191d 100644 --- a/doc/arm/man.nsupdate.html +++ b/doc/arm/man.nsupdate.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -50,7 +50,7 @@

    nsupdate [-d] [-D] [[-g] | [-o] | [-l] | [-y [hmac:]keyname:secret] | [-k keyfile]] [-t timeout] [-u udptimeout] [-r udpretries] [-R randomdev] [-v] [filename]

    -

    DESCRIPTION

    +

    DESCRIPTION

    nsupdate is used to submit Dynamic DNS Update requests as defined in RFC2136 to a name server. @@ -205,7 +205,7 @@

    -

    INPUT FORMAT

    +

    INPUT FORMAT

    nsupdate reads input from filename @@ -469,7 +469,7 @@

    -

    EXAMPLES

    +

    EXAMPLES

    The examples below show how nsupdate @@ -523,7 +523,7 @@

    -

    FILES

    +

    FILES

    /etc/resolv.conf

    @@ -546,7 +546,7 @@

    -

    SEE ALSO

    +

    SEE ALSO

    RFC2136, RFC3007, RFC2104, @@ -560,7 +560,7 @@

    -

    BUGS

    +

    BUGS

    The TSIG key is redundantly stored in two separate files. This is a consequence of nsupdate using the DST library diff --git a/doc/arm/man.rndc-confgen.html b/doc/arm/man.rndc-confgen.html index c5fa62420a6..6f33554ffbb 100644 --- a/doc/arm/man.rndc-confgen.html +++ b/doc/arm/man.rndc-confgen.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -50,7 +50,7 @@

    rndc-confgen [-a] [-b keysize] [-c keyfile] [-h] [-k keyname] [-p port] [-r randomfile] [-s address] [-t chrootdir] [-u user]

    -

    DESCRIPTION

    +

    DESCRIPTION

    rndc-confgen generates configuration files for rndc. It can be used as a @@ -66,7 +66,7 @@

    -

    OPTIONS

    +

    OPTIONS

    -a
    @@ -173,7 +173,7 @@
    -

    EXAMPLES

    +

    EXAMPLES

    To allow rndc to be used with no manual configuration, run @@ -190,7 +190,7 @@

    -

    SEE ALSO

    +

    SEE ALSO

    rndc(8), rndc.conf(5), named(8), @@ -198,7 +198,7 @@

    -

    AUTHOR

    +

    AUTHOR

    Internet Systems Consortium

    diff --git a/doc/arm/man.rndc.conf.html b/doc/arm/man.rndc.conf.html index 4958631a85d..b940710f95b 100644 --- a/doc/arm/man.rndc.conf.html +++ b/doc/arm/man.rndc.conf.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -50,7 +50,7 @@

    rndc.conf

    -

    DESCRIPTION

    +

    DESCRIPTION

    rndc.conf is the configuration file for rndc, the BIND 9 name server control utility. This file has a similar structure and syntax to @@ -135,7 +135,7 @@

    -

    EXAMPLE

    +

    EXAMPLE

           options {
         default-server  localhost;
@@ -209,7 +209,7 @@
    -

    NAME SERVER CONFIGURATION

    +

    NAME SERVER CONFIGURATION

    The name server must be configured to accept rndc connections and to recognize the key specified in the rndc.conf @@ -219,7 +219,7 @@

    -

    SEE ALSO

    +

    SEE ALSO

    rndc(8), rndc-confgen(8), mmencode(1), @@ -227,7 +227,7 @@

    -

    AUTHOR

    +

    AUTHOR

    Internet Systems Consortium

    diff --git a/doc/arm/man.rndc.html b/doc/arm/man.rndc.html index db62de4fefb..a4537a92827 100644 --- a/doc/arm/man.rndc.html +++ b/doc/arm/man.rndc.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -50,7 +50,7 @@

    rndc [-b source-address] [-c config-file] [-k key-file] [-s server] [-p port] [-V] [-y key_id] {command}

    -

    DESCRIPTION

    +

    DESCRIPTION

    rndc controls the operation of a name server. It supersedes the ndc utility @@ -79,7 +79,7 @@

    -

    OPTIONS

    +

    OPTIONS

    -b source-address

    @@ -151,7 +151,7 @@

    -

    LIMITATIONS

    +

    LIMITATIONS

    rndc does not yet support all the commands of the BIND 8 ndc utility. @@ -165,7 +165,7 @@

    -

    SEE ALSO

    +

    SEE ALSO

    rndc.conf(5), rndc-confgen(8), named(8), @@ -175,7 +175,7 @@

    -

    AUTHOR

    +

    AUTHOR

    Internet Systems Consortium