regenerated docs

33682c92 · Andreas Gustafsson · f4909f01 · 33682c92 · 33682c92 · 33682c92
Commit 33682c92 authored Aug 09, 2001 by Andreas Gustafsson
10 changed files
--- a/bin/rndc/rndc.8
+++ b/bin/rndc/rndc.8
@@ -19,7 +19,7 @@
 rndc \- name server control utility
 .SH SYNOPSIS
 .sp
-\fBrndc\fR [ \fB-c \fIconfig-file\fB\fR ]  [ \fB-s \fIserver\fB\fR ]  [ \fB-p \fIport\fB\fR ]  [ \fB-V\fR ]  [ \fB-y \fIkey_id\fB\fR ]  \fBcommand\fR
+\fBrndc\fR [ \fB-c \fIconfig-file\fB\fR ]  [ \fB-k \fIkey-file\fB\fR ]  [ \fB-s \fIserver\fB\fR ]  [ \fB-p \fIport\fB\fR ]  [ \fB-V\fR ]  [ \fB-y \fIkey_id\fB\fR ]  \fBcommand\fR
 .SH "DESCRIPTION"
 .PP
 \fBrndc\fR controls the operation of a name
@@ -51,6 +51,14 @@ Use \fIconfig-file\fR
 as the configuration file instead of the default,
 \fI/etc/rndc.conf\fR.
 .TP
+\fB-k \fIkey-file\fB\fR
+Use \fIkey-file\fR
+as the key file instead of the default,
+\fI/etc/rndc.key\fR. The key in
+\fI/etc/rndc.key\fR will be used to authenticate
+commands sent to the server if the \fIconfig-file\fR
+does not exist.
+.TP
 \fB-s \fIserver\fB\fR
 \fIserver\fR is
 the name or address of the server which matches a

--- a/bin/rndc/rndc.html
+++ b/bin/rndc/rndc.html
@@ -69,6 +69,14 @@ CLASS="REPLACEABLE"
 ></TT
 >] [<TT
 CLASS="OPTION"
+>-k <TT
+CLASS="REPLACEABLE"
+><I
+>key-file</I
+></TT
+></TT
+>] [<TT
+CLASS="OPTION"
 >-s <TT
 CLASS="REPLACEABLE"
 ><I
@@ -99,7 +107,7 @@ CLASS="REPLACEABLE"
 ><DIV
 CLASS="REFSECT1"
 ><A
-NAME="AEN31"
+NAME="AEN34"
 ></A
 ><H2
 >DESCRIPTION</H2
@@ -154,7 +162,7 @@ CLASS="COMMAND"
 ><DIV
 CLASS="REFSECT1"
 ><A
-NAME="AEN43"
+NAME="AEN46"
 ></A
 ><H2
 >OPTIONS</H2
@@ -186,6 +194,39 @@ CLASS="FILENAME"
 	  </P
 ></DD
 ><DT
+>-k <TT
+CLASS="REPLACEABLE"
+><I
+>key-file</I
+></TT
+></DT
+><DD
+><P
+>	      Use <TT
+CLASS="REPLACEABLE"
+><I
+>key-file</I
+></TT
+>
+	      as the key file instead of the default,
+	      <TT
+CLASS="FILENAME"
+>/etc/rndc.key</TT
+>.  The key in
+	      <TT
+CLASS="FILENAME"
+>/etc/rndc.key</TT
+> will be used to authenticate
+	      commands sent to the server if the <TT
+CLASS="REPLACEABLE"
+><I
+>config-file</I
+></TT
+>
+	      does not exist.
+	  </P
+></DD
+><DT
 >-s <TT
 CLASS="REPLACEABLE"
 ><I
@@ -297,7 +338,7 @@ CLASS="COMMAND"
 ><DIV
 CLASS="REFSECT1"
 ><A
-NAME="AEN82"
+NAME="AEN94"
 ></A
 ><H2
 >LIMITATIONS</H2
@@ -325,7 +366,7 @@ CLASS="OPTION"
 ><DIV
 CLASS="REFSECT1"
 ><A
-NAME="AEN90"
+NAME="AEN102"
 ></A
 ><H2
 >SEE ALSO</H2
@@ -367,7 +408,7 @@ CLASS="CITETITLE"
 ><DIV
 CLASS="REFSECT1"
 ><A
-NAME="AEN106"
+NAME="AEN118"
 ></A
 ><H2
 >AUTHOR</H2

--- a/doc/arm/Bv9ARM.ch03.html
+++ b/doc/arm/Bv9ARM.ch03.html
@@ -1133,11 +1133,11 @@ CLASS="command"
 > will also look in
 <TT
 CLASS="filename"
->/var/run/named.key</TT
-> (or wherever
+>/etc/rndc.key</TT
+> (or whatever
 <TT
 CLASS="varname"
->localstatedir</TT
+>sysconfdir</TT
 > was defined when
 the <SPAN
 CLASS="acronym"
@@ -1145,11 +1145,11 @@ CLASS="acronym"
 > build was configured).
 The <TT
 CLASS="filename"
->named.key</TT
+>rndc.key</TT
 > file is generated by
-<B
+running <B
 CLASS="command"
->named</B
+>rndc-confgen -a</B
 > as described in
 <A
 HREF="Bv9ARM.ch06.html#controls_statement_definition_and_usage"
@@ -1329,7 +1329,7 @@ following controls statements:</P
 ><PRE
 CLASS="programlisting"
 >&#13;controls {
-                inet 127.0.0.1 allow { localhost; } keys { rndc_key; };
+        inet 127.0.0.1 allow { localhost; } keys { rndc_key; };
 };
 </PRE
 ><P
@@ -1338,6 +1338,37 @@ CLASS="programlisting"
 CLASS="literal"
 >rndc_key</TT
 >.</P
+><P
+>Running the <B
+CLASS="command"
+>rndc-confgen</B
+> program will
+conveniently create a <TT
+CLASS="filename"
+>rndc.conf</TT
+>
+file for you, and also display the
+corresponding <B
+CLASS="command"
+>controls</B
+> statement that you need to
+add to <TT
+CLASS="filename"
+>named.conf</TT
+>.  Alternatively,
+you can run <B
+CLASS="command"
+>rndc-confgen -a</B
+> to set up
+a <TT
+CLASS="filename"
+>rndc.key</TT
+> file and not modify 
+<TT
+CLASS="filename"
+>named.conf</TT
+> at all.
+</P
 ></DD
 ></DL
 ></DIV
@@ -1348,7 +1379,7 @@ CLASS="sect2"
 ><H2
 CLASS="sect2"
 ><A
-NAME="AEN650"
+NAME="AEN658"
 >3.4.2. Signals</A
 ></H2
 ><P
@@ -1361,7 +1392,7 @@ CLASS="command"
 ><DIV
 CLASS="informaltable"
 ><A
-NAME="AEN654"
+NAME="AEN662"
 ></A
 ><P
 ></P

--- a/doc/arm/Bv9ARM.ch04.html
+++ b/doc/arm/Bv9ARM.ch04.html
@@ -88,7 +88,7 @@ HREF="Bv9ARM.ch04.html#incremental_zone_transfers"
 ></DT
 ><DT
 >4.3. <A
-HREF="Bv9ARM.ch04.html#AEN714"
+HREF="Bv9ARM.ch04.html#AEN722"
 >Split DNS</A
 ></DT
 ><DT
@@ -98,12 +98,12 @@ HREF="Bv9ARM.ch04.html#tsig"
 ></DT
 ><DT
 >4.5. <A
-HREF="Bv9ARM.ch04.html#AEN874"
+HREF="Bv9ARM.ch04.html#AEN882"
 >TKEY</A
 ></DT
 ><DT
 >4.6. <A
-HREF="Bv9ARM.ch04.html#AEN889"
+HREF="Bv9ARM.ch04.html#AEN897"
 >SIG(0)</A
 ></DT
 ><DT
@@ -113,7 +113,7 @@ HREF="Bv9ARM.ch04.html#DNSSEC"
 ></DT
 ><DT
 >4.8. <A
-HREF="Bv9ARM.ch04.html#AEN974"
+HREF="Bv9ARM.ch04.html#AEN982"
 >IPv6 Support in <SPAN
 CLASS="acronym"
 >BIND</SPAN
@@ -274,7 +274,7 @@ CLASS="sect1"
 ><H1
 CLASS="sect1"
 ><A
-NAME="AEN714"
+NAME="AEN722"
 >4.3. Split DNS</A
 ></H1
 ><P
@@ -672,7 +672,7 @@ CLASS="sect2"
 ><H2
 CLASS="sect2"
 ><A
-NAME="AEN805"
+NAME="AEN813"
 >4.4.1. Generate Shared Keys for Each Pair of Hosts</A
 ></H2
 ><P
@@ -690,7 +690,7 @@ CLASS="sect3"
 ><H3
 CLASS="sect3"
 ><A
-NAME="AEN810"
+NAME="AEN818"
 >4.4.1.1. Automatic Generation</A
 ></H3
 ><P
@@ -732,7 +732,7 @@ CLASS="sect3"
 ><H3
 CLASS="sect3"
 ><A
-NAME="AEN821"
+NAME="AEN829"
 >4.4.1.2. Manual Generation</A
 ></H3
 ><P
@@ -753,7 +753,7 @@ CLASS="sect2"
 ><H2
 CLASS="sect2"
 ><A
-NAME="AEN826"
+NAME="AEN834"
 >4.4.2. Copying the Shared Secret to Both Machines</A
 ></H2
 ><P
@@ -765,7 +765,7 @@ CLASS="sect2"
 ><H2
 CLASS="sect2"
 ><A
-NAME="AEN829"
+NAME="AEN837"
 >4.4.3. Informing the Servers of the Key's Existence</A
 ></H2
 ><P
@@ -813,7 +813,7 @@ CLASS="sect2"
 ><H2
 CLASS="sect2"
 ><A
-NAME="AEN841"
+NAME="AEN849"
 >4.4.4. Instructing the Server to Use the Key</A
 ></H2
 ><P
@@ -873,7 +873,7 @@ CLASS="sect2"
 ><H2
 CLASS="sect2"
 ><A
-NAME="AEN857"
+NAME="AEN865"
 >4.4.5. TSIG Key Based Access Control</A
 ></H2
 ><P
@@ -919,7 +919,7 @@ CLASS="sect2"
 ><H2
 CLASS="sect2"
 ><A
-NAME="AEN870"
+NAME="AEN878"
 >4.4.6. Errors</A
 ></H2
 ><P
@@ -948,7 +948,7 @@ CLASS="sect1"
 ><H1
 CLASS="sect1"
 ><A
-NAME="AEN874"
+NAME="AEN882"
 >4.5. TKEY</A
 ></H1
 ><P
@@ -1014,7 +1014,7 @@ CLASS="sect1"
 ><H1
 CLASS="sect1"
 ><A
-NAME="AEN889"
+NAME="AEN897"
 >4.6. SIG(0)</A
 ></H1
 ><P
@@ -1086,7 +1086,7 @@ CLASS="sect2"
 ><H2
 CLASS="sect2"
 ><A
-NAME="AEN906"
+NAME="AEN914"
 >4.7.1. Generating Keys</A
 ></H2
 ><P
@@ -1165,7 +1165,7 @@ CLASS="sect2"
 ><H2
 CLASS="sect2"
 ><A
-NAME="AEN926"
+NAME="AEN934"
 >4.7.2. Creating a Keyset</A
 ></H2
 ><P
@@ -1218,7 +1218,7 @@ CLASS="sect2"
 ><H2
 CLASS="sect2"
 ><A
-NAME="AEN938"
+NAME="AEN946"
 >4.7.3. Signing the Child's Keyset</A
 ></H2
 ><P
@@ -1268,7 +1268,7 @@ CLASS="sect2"
 ><H2
 CLASS="sect2"
 ><A
-NAME="AEN951"
+NAME="AEN959"
 >4.7.4. Signing the Zone</A
 ></H2
 ><P
@@ -1330,7 +1330,7 @@ CLASS="sect2"
 ><H2
 CLASS="sect2"
 ><A
-NAME="AEN967"
+NAME="AEN975"
 >4.7.5. Configuring Servers</A
 ></H2
 ><P
@@ -1358,7 +1358,7 @@ CLASS="sect1"
 ><H1
 CLASS="sect1"
 ><A
-NAME="AEN974"
+NAME="AEN982"
 >4.8. IPv6 Support in <SPAN
 CLASS="acronym"
 >BIND</SPAN
@@ -1418,7 +1418,7 @@ CLASS="sect2"
 ><H2
 CLASS="sect2"
 ><A
-NAME="AEN990"
+NAME="AEN998"
 >4.8.1. Address Lookups Using AAAA Records</A
 ></H2
 ><P
@@ -1440,7 +1440,7 @@ CLASS="sect2"
 ><H2
 CLASS="sect2"
 ><A
-NAME="AEN995"
+NAME="AEN1003"
 >4.8.2. Address Lookups Using A6 Records</A
 ></H2
 ><P
@@ -1460,7 +1460,7 @@ CLASS="sect3"
 ><H3
 CLASS="sect3"
 ><A
-NAME="AEN999"
+NAME="AEN1007"
 >4.8.2.1. A6 Chains</A
 ></H3
 ><P
@@ -1506,7 +1506,7 @@ CLASS="sect3"
 ><H3
 CLASS="sect3"
 ><A
-NAME="AEN1010"
+NAME="AEN1018"
 >4.8.2.2. A6 Records for DNS Servers</A
 ></H3
 ><P
@@ -1536,7 +1536,7 @@ CLASS="sect2"
 ><H2
 CLASS="sect2"
 ><A
-NAME="AEN1016"
+NAME="AEN1024"
 >4.8.3. Address to Name Lookups Using Nibble Format</A
 ></H2
 ><P
@@ -1567,7 +1567,7 @@ CLASS="sect2"
 ><H2
 CLASS="sect2"
 ><A
-NAME="AEN1023"
+NAME="AEN1031"
 >4.8.4. Address to Name Lookups Using Bitstring Format</A
 ></H2
 ><P
@@ -1594,7 +1594,7 @@ CLASS="sect2"
 ><H2
 CLASS="sect2"
 ><A
-NAME="AEN1030"
+NAME="AEN1038"
 >4.8.5. Using DNAME for Delegation of IPv6 Reverse Addresses</A
 ></H2
 ><P

--- a/doc/arm/Bv9ARM.ch05.html
+++ b/doc/arm/Bv9ARM.ch05.html
@@ -81,7 +81,7 @@ CLASS="TOC"
 ></DT
 ><DT
 >5.1. <A
-HREF="Bv9ARM.ch05.html#AEN1050"
+HREF="Bv9ARM.ch05.html#AEN1058"
 >The Lightweight Resolver Library</A
 ></DT
 ><DT
@@ -96,7 +96,7 @@ CLASS="sect1"
 ><H1
 CLASS="sect1"
 ><A
-NAME="AEN1050"
+NAME="AEN1058"
 >5.1. The Lightweight Resolver Library</A
 ></H1
 ><P

--- a/doc/arm/Bv9ARM.ch06.html
+++ b/doc/arm/Bv9ARM.ch06.html
@@ -91,7 +91,7 @@ HREF="Bv9ARM.ch06.html#Configuration_File_Grammar"
 ></DT
 ><DT
 >6.3. <A
-HREF="Bv9ARM.ch06.html#AEN3490"
+HREF="Bv9ARM.ch06.html#AEN3499"
 >Zone File</A
 ></DT
 ></DL
@@ -145,7 +145,7 @@ file documentation:</P
 ><DIV
 CLASS="informaltable"
 ><A
-NAME="AEN1092"
+NAME="AEN1100"
 ></A
 ><P
 ></P
@@ -740,7 +740,7 @@ CLASS="sect3"
 ><H3
 CLASS="sect3"
 ><A
-NAME="AEN1255"
+NAME="AEN1263"
 >6.1.1.1. Syntax</A
 ></H3
 ><PRE
@@ -771,7 +771,7 @@ CLASS="sect3"
 ><H3
 CLASS="sect3"
 ><A
-NAME="AEN1263"
+NAME="AEN1271"
 >6.1.1.2. Definition and Usage</A
 ></H3
 ><P
@@ -882,7 +882,7 @@ CLASS="sect2"
 ><H2
 CLASS="sect2"
 ><A
-NAME="AEN1292"
+NAME="AEN1300"
 >6.1.2. Comment Syntax</A
 ></H2
 ><P
@@ -901,7 +901,7 @@ CLASS="sect3"
 ><H3
 CLASS="sect3"
 ><A
-NAME="AEN1297"
+NAME="AEN1305"
 >6.1.2.1. Syntax</A
 ></H3
 ><P
@@ -933,7 +933,7 @@ CLASS="sect3"
 ><H3
 CLASS="sect3"
 ><A
-NAME="AEN1306"
+NAME="AEN1314"
 >6.1.2.2. Definition and Usage</A
 ></H3
 ><P
@@ -1043,7 +1043,7 @@ CLASS="acronym"
 ><DIV
 CLASS="informaltable"
 ><A
-NAME="AEN1330"
+NAME="AEN1338"
 ></A
 ><P
 ></P
@@ -1271,7 +1271,7 @@ CLASS="sect2"
 ><H2
 CLASS="sect2"
 ><A
-NAME="AEN1399"
+NAME="AEN1407"
 >6.2.1. <B
 CLASS="command"
 >acl</B
@@ -1318,7 +1318,7 @@ CLASS="command"
 ><DIV
 CLASS="informaltable"
 ><A
-NAME="AEN1412"
+NAME="AEN1420"
 ></A
 ><P
 ></P
@@ -1416,7 +1416,7 @@ CLASS="sect2"
 ><H2
 CLASS="sect2"
 ><A
-NAME="AEN1441"
+NAME="AEN1449"
 >6.2.3. <B
 CLASS="command"
 >controls</B
@@ -1539,76 +1539,59 @@ HREF="Bv9ARM.ch03.html#admin_tools"
      must be signed by one of its specified keys to
      be honored.</P
 ><P
->The <B
+>&#13;If no <B
+CLASS="command"
+>controls</B
+> statement is present,
+<B
+CLASS="command"
+>named</B
+> will set up a default
+control channel listening on the loopback address 127.0.0.1
+and its IPv6 counterpart ::1.
+
+In this case, and also when the <B
+CLASS="command"
+>controls</B
+> statement
+is present but does not have a <B
 CLASS="command"
 >keys</B
-> clause is not strictly required.
-      If it is not present, then a random key will be generated automatically
-      and placed in a file named <TT
+> clause,
+<B
+CLASS="command"
+>named</B
+> will attempt to load the command channel key
+from the file <TT
 CLASS="filename"
->named.key</TT
->, which is
-      usually in <TT
+>rndc.key</TT
+> in
+<TT
 CLASS="filename"
->/var/run</TT
-> but will be wherever
-      <TT
+>/etc</TT
+> (or whatever <TT
 CLASS="varname"
->localstatedir</TT
-> was specified as when
-      <SPAN
+>sysconfdir</TT
+>
+was specified as when <SPAN
 CLASS="acronym"
 >BIND</SPAN
-> was built.  <TT
-CLASS="filename"
->named.key</TT
->
-      contains a complete <TT
-CLASS="filename"
->rndc.conf</TT
->-compatible
-      configuration and is used by <B
-CLASS="command"
->rndc</B
-> when it
-      cannot find its primary configuration file.</P
-><P
->Similarly, <TT
-CLASS="filename"
->named.key</TT
-> is generated when
-      no <B
-CLASS="command"
->controls</B
-> statement is present at all.  In
-      that situation it will configure a control channel to run on
-      127.0.0.1.</P
-><P
->There are two ways to disable the creation of
-      <TT
+> was built).
+To create a <TT
 CLASS="filename"
->named.key</TT
->.  One is to ensure that all of your
-      <B
-CLASS="command"
->inet</B
-> control channels have a <B
-CLASS="command"
->keys</B
->
-      clause.  The other is to have a <B
-CLASS="command"
->controls</B
-> statement
-      with no <B
-CLASS="command"
->inet</B
-> phrases it all.  The latter will
-      prevent the creation of any control channel.</P
+>rndc.key</TT
+> file, run
+<TT
+CLASS="userinput"
+><B
+>rndc-confgen -a</B
+></TT
+>.
+</P
 ><P
 >The <TT
 CLASS="filename"
->named.key</TT
+>rndc.key</TT
 > feature was created to
      ease the transition of systems from <SPAN
 CLASS="acronym"
@@ -1618,8 +1601,38 @@ CLASS="acronym"
      and thus did not have a <B
 CLASS="command"
 >keys</B
-> clause.  Since
-      it is only intended to allow the backward-compatible usage of
+> clause.