diff options
Diffstat (limited to 'contrib/bind9/bin/rndc/rndc-confgen.html')
-rw-r--r-- | contrib/bind9/bin/rndc/rndc-confgen.html | 538 |
1 files changed, 538 insertions, 0 deletions
diff --git a/contrib/bind9/bin/rndc/rndc-confgen.html b/contrib/bind9/bin/rndc/rndc-confgen.html new file mode 100644 index 000000000000..7292be2f99dc --- /dev/null +++ b/contrib/bind9/bin/rndc/rndc-confgen.html @@ -0,0 +1,538 @@ +<!-- + - Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2001-2003 Internet Software Consortium. + - + - Permission to use, copy, modify, and distribute this software for any + - purpose with or without fee is hereby granted, provided that the above + - copyright notice and this permission notice appear in all copies. + - + - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + - PERFORMANCE OF THIS SOFTWARE. +--> + +<!-- $Id: rndc-confgen.html,v 1.3.2.5.2.4 2004/08/22 23:39:00 marka Exp $ --> + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> +<HTML +><HEAD +><TITLE +>rndc-confgen</TITLE +><META +NAME="GENERATOR" +CONTENT="Modular DocBook HTML Stylesheet Version 1.7"></HEAD +><BODY +CLASS="REFENTRY" +BGCOLOR="#FFFFFF" +TEXT="#000000" +LINK="#0000FF" +VLINK="#840084" +ALINK="#0000FF" +><H1 +><A +NAME="AEN1" +></A +><SPAN +CLASS="APPLICATION" +>rndc-confgen</SPAN +></H1 +><DIV +CLASS="REFNAMEDIV" +><A +NAME="AEN9" +></A +><H2 +>Name</H2 +><SPAN +CLASS="APPLICATION" +>rndc-confgen</SPAN +> -- rndc key generation tool</DIV +><DIV +CLASS="REFSYNOPSISDIV" +><A +NAME="AEN13" +></A +><H2 +>Synopsis</H2 +><P +><B +CLASS="COMMAND" +>rndc-confgen</B +> [<VAR +CLASS="OPTION" +>-a</VAR +>] [<VAR +CLASS="OPTION" +>-b <VAR +CLASS="REPLACEABLE" +>keysize</VAR +></VAR +>] [<VAR +CLASS="OPTION" +>-c <VAR +CLASS="REPLACEABLE" +>keyfile</VAR +></VAR +>] [<VAR +CLASS="OPTION" +>-h</VAR +>] [<VAR +CLASS="OPTION" +>-k <VAR +CLASS="REPLACEABLE" +>keyname</VAR +></VAR +>] [<VAR +CLASS="OPTION" +>-p <VAR +CLASS="REPLACEABLE" +>port</VAR +></VAR +>] [<VAR +CLASS="OPTION" +>-r <VAR +CLASS="REPLACEABLE" +>randomfile</VAR +></VAR +>] [<VAR +CLASS="OPTION" +>-s <VAR +CLASS="REPLACEABLE" +>address</VAR +></VAR +>] [<VAR +CLASS="OPTION" +>-t <VAR +CLASS="REPLACEABLE" +>chrootdir</VAR +></VAR +>] [<VAR +CLASS="OPTION" +>-u <VAR +CLASS="REPLACEABLE" +>user</VAR +></VAR +>]</P +></DIV +><DIV +CLASS="REFSECT1" +><A +NAME="AEN44" +></A +><H2 +>DESCRIPTION</H2 +><P +> <B +CLASS="COMMAND" +>rndc-confgen</B +> generates configuration files + for <B +CLASS="COMMAND" +>rndc</B +>. It can be used as a + convenient alternative to writing the + <TT +CLASS="FILENAME" +>rndc.conf</TT +> file + and the corresponding <B +CLASS="COMMAND" +>controls</B +> + and <B +CLASS="COMMAND" +>key</B +> + statements in <TT +CLASS="FILENAME" +>named.conf</TT +> by hand. + Alternatively, it can be run with the <B +CLASS="COMMAND" +>-a</B +> + option to set up a <TT +CLASS="FILENAME" +>rndc.key</TT +> file and + avoid the need for a <TT +CLASS="FILENAME" +>rndc.conf</TT +> file + and a <B +CLASS="COMMAND" +>controls</B +> statement altogether. + </P +></DIV +><DIV +CLASS="REFSECT1" +><A +NAME="AEN57" +></A +><H2 +>OPTIONS</H2 +><P +></P +><DIV +CLASS="VARIABLELIST" +><DL +><DT +>-a</DT +><DD +><P +> Do automatic <B +CLASS="COMMAND" +>rndc</B +> configuration. + This creates a file <TT +CLASS="FILENAME" +>rndc.key</TT +> + in <TT +CLASS="FILENAME" +>/etc</TT +> (or whatever + <VAR +CLASS="VARNAME" +>sysconfdir</VAR +> + was specified as when <ACRONYM +CLASS="ACRONYM" +>BIND</ACRONYM +> was built) + that is read by both <B +CLASS="COMMAND" +>rndc</B +> + and <B +CLASS="COMMAND" +>named</B +> on startup. The + <TT +CLASS="FILENAME" +>rndc.key</TT +> file defines a default + command channel and authentication key allowing + <B +CLASS="COMMAND" +>rndc</B +> to communicate with + <B +CLASS="COMMAND" +>named</B +> on the local host + with no further configuration. + </P +><P +> Running <B +CLASS="COMMAND" +>rndc-confgen -a</B +> allows + BIND 9 and <B +CLASS="COMMAND" +>rndc</B +> to be used as drop-in + replacements for BIND 8 and <B +CLASS="COMMAND" +>ndc</B +>, + with no changes to the existing BIND 8 + <TT +CLASS="FILENAME" +>named.conf</TT +> file. + </P +><P +> If a more elaborate configuration than that + generated by <B +CLASS="COMMAND" +>rndc-confgen -a</B +> + is required, for example if rndc is to be used remotely, + you should run <B +CLASS="COMMAND" +>rndc-confgen</B +> without the + <B +CLASS="COMMAND" +>-a</B +> option and set up a + <TT +CLASS="FILENAME" +>rndc.conf</TT +> and + <TT +CLASS="FILENAME" +>named.conf</TT +> + as directed. + </P +></DD +><DT +>-b <VAR +CLASS="REPLACEABLE" +>keysize</VAR +></DT +><DD +><P +> Specifies the size of the authentication key in bits. + Must be between 1 and 512 bits; the default is 128. + </P +></DD +><DT +>-c <VAR +CLASS="REPLACEABLE" +>keyfile</VAR +></DT +><DD +><P +> Used with the <B +CLASS="COMMAND" +>-a</B +> option to specify + an alternate location for <TT +CLASS="FILENAME" +>rndc.key</TT +>. + </P +></DD +><DT +>-h</DT +><DD +><P +> Prints a short summary of the options and arguments to + <B +CLASS="COMMAND" +>rndc-confgen</B +>. + </P +></DD +><DT +>-k <VAR +CLASS="REPLACEABLE" +>keyname</VAR +></DT +><DD +><P +> Specifies the key name of the rndc authentication key. + This must be a valid domain name. + The default is <CODE +CLASS="CONSTANT" +>rndc-key</CODE +>. + </P +></DD +><DT +>-p <VAR +CLASS="REPLACEABLE" +>port</VAR +></DT +><DD +><P +> Specifies the command channel port where <B +CLASS="COMMAND" +>named</B +> + listens for connections from <B +CLASS="COMMAND" +>rndc</B +>. + The default is 953. + </P +></DD +><DT +>-r <VAR +CLASS="REPLACEABLE" +>randomfile</VAR +></DT +><DD +><P +> Specifies a source of random data for generating the + authorization. If the operating + system does not provide a <TT +CLASS="FILENAME" +>/dev/random</TT +> + or equivalent device, the default source of randomness + is keyboard input. <TT +CLASS="FILENAME" +>randomdev</TT +> specifies + the name of a character device or file containing random + data to be used instead of the default. The special value + <TT +CLASS="FILENAME" +>keyboard</TT +> indicates that keyboard + input should be used. + </P +></DD +><DT +>-s <VAR +CLASS="REPLACEABLE" +>address</VAR +></DT +><DD +><P +> Specifies the IP address where <B +CLASS="COMMAND" +>named</B +> + listens for command channel connections from + <B +CLASS="COMMAND" +>rndc</B +>. The default is the loopback + address 127.0.0.1. + </P +></DD +><DT +>-t <VAR +CLASS="REPLACEABLE" +>chrootdir</VAR +></DT +><DD +><P +> Used with the <B +CLASS="COMMAND" +>-a</B +> option to specify + a directory where <B +CLASS="COMMAND" +>named</B +> will run + chrooted. An additional copy of the <TT +CLASS="FILENAME" +>rndc.key</TT +> + will be written relative to this directory so that + it will be found by the chrooted <B +CLASS="COMMAND" +>named</B +>. + </P +></DD +><DT +>-u <VAR +CLASS="REPLACEABLE" +>user</VAR +></DT +><DD +><P +> Used with the <B +CLASS="COMMAND" +>-a</B +> option to set the owner + of the <TT +CLASS="FILENAME" +>rndc.key</TT +> file generated. If + <B +CLASS="COMMAND" +>-t</B +> is also specified only the file in + the chroot area has its owner changed. + </P +></DD +></DL +></DIV +></DIV +><DIV +CLASS="REFSECT1" +><A +NAME="AEN147" +></A +><H2 +>EXAMPLES</H2 +><P +> To allow <B +CLASS="COMMAND" +>rndc</B +> to be used with + no manual configuration, run + </P +><P +> <KBD +CLASS="USERINPUT" +>rndc-confgen -a</KBD +> + </P +><P +> To print a sample <TT +CLASS="FILENAME" +>rndc.conf</TT +> file and + corresponding <B +CLASS="COMMAND" +>controls</B +> and <B +CLASS="COMMAND" +>key</B +> + statements to be manually inserted into <TT +CLASS="FILENAME" +>named.conf</TT +>, + run + </P +><P +> <KBD +CLASS="USERINPUT" +>rndc-confgen</KBD +> + </P +></DIV +><DIV +CLASS="REFSECT1" +><A +NAME="AEN160" +></A +><H2 +>SEE ALSO</H2 +><P +> <SPAN +CLASS="CITEREFENTRY" +><SPAN +CLASS="REFENTRYTITLE" +>rndc</SPAN +>(8)</SPAN +>, + <SPAN +CLASS="CITEREFENTRY" +><SPAN +CLASS="REFENTRYTITLE" +>rndc.conf</SPAN +>(5)</SPAN +>, + <SPAN +CLASS="CITEREFENTRY" +><SPAN +CLASS="REFENTRYTITLE" +>named</SPAN +>(8)</SPAN +>, + <I +CLASS="CITETITLE" +>BIND 9 Administrator Reference Manual</I +>. + </P +></DIV +><DIV +CLASS="REFSECT1" +><A +NAME="AEN173" +></A +><H2 +>AUTHOR</H2 +><P +> Internet Systems Consortium + </P +></DIV +></BODY +></HTML +> |