Commit 561a29af authored by Mark Andrews's avatar Mark Andrews
Browse files

minor man page updated from Jeremy [RT #16859]

parent ab874d16
......@@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: named-checkconf.docbook,v 1.15 2007/01/29 23:57:22 marka Exp $ -->
<!-- $Id: named-checkconf.docbook,v 1.16 2007/05/09 01:32:08 marka Exp $ -->
<refentry id="man.named-checkconf">
<refentryinfo>
<date>June 14, 2000</date>
......@@ -77,7 +77,7 @@
<term>-t <replaceable class="parameter">directory</replaceable></term>
<listitem>
<para>
chroot to <filename>directory</filename> so that
Chroot to <filename>directory</filename> so that
include
directives in the configuration file are processed as if
run by a similarly chrooted named.
......@@ -99,8 +99,8 @@
<term>-z</term>
<listitem>
<para>
Perform a check load the master zonefiles found in
<filename>named.conf</filename>.
Perform a test load of all master zones found in
<filename>named.conf</filename>.
</para>
</listitem>
</varlistentry>
......
......@@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: named-checkzone.docbook,v 1.29 2007/01/29 23:57:22 marka Exp $ -->
<!-- $Id: named-checkzone.docbook,v 1.30 2007/05/09 01:32:08 marka Exp $ -->
<refentry id="man.named-checkzone">
<refentryinfo>
<date>June 13, 2000</date>
......@@ -177,7 +177,7 @@
<term>-i <replaceable class="parameter">mode</replaceable></term>
<listitem>
<para>
Perform post load zone integrity checks. Possible modes are
Perform post-load zone integrity checks. Possible modes are
<command>"full"</command> (default),
<command>"full-sibling"</command>,
<command>"local"</command>,
......@@ -199,7 +199,7 @@
<para>
Mode <command>"full"</command> checks that delegation NS
records refer to A or AAAA record (both in-zone and out-of-zone
hostnames). It also checks that glue addresses records
hostnames). It also checks that glue address records
in the zone match those advertised by the child.
Mode <command>"local"</command> only checks NS records which
refer to in-zone hostnames or that some required glue exists,
......@@ -342,7 +342,7 @@
<term>-t <replaceable class="parameter">directory</replaceable></term>
<listitem>
<para>
chroot to <filename>directory</filename> so that
Chroot to <filename>directory</filename> so that
include
directives in the configuration file are processed as if
run by a similarly chrooted named.
......
......@@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: dig.docbook,v 1.34 2007/01/29 23:57:22 marka Exp $ -->
<!-- $Id: dig.docbook,v 1.35 2007/05/09 01:32:08 marka Exp $ -->
<refentry id="man.dig">
<refentryinfo>
......@@ -104,7 +104,7 @@
arguments, it also has a batch mode of operation for reading lookup
requests from a file. A brief summary of its command-line arguments
and options is printed when the <option>-h</option> option is given.
Unlike earlier versions, the BIND9 implementation of
Unlike earlier versions, the BIND 9 implementation of
<command>dig</command> allows multiple lookups to be issued
from the
command line.
......@@ -225,7 +225,7 @@
in batch mode by reading a list of lookup requests to process from the
file <parameter>filename</parameter>. The file contains a
number of
queries, one per line. Each entry in the file should be organised in
queries, one per line. Each entry in the file should be organized in
the same way they would be presented as queries to
<command>dig</command> using the command-line interface.
</para>
......@@ -251,7 +251,7 @@
The <option>-t</option> option sets the query type to
<parameter>type</parameter>. It can be any valid query type
which is
supported in BIND9. The default query type "A", unless the
supported in BIND 9. The default query type "A", unless the
<option>-x</option> option is supplied to indicate a reverse lookup.
A zone transfer can be requested by specifying a type of AXFR. When
an incremental zone transfer (IXFR) is required,
......@@ -263,12 +263,12 @@
<para>
The <option>-q</option> option sets the query name to
<parameter>name</parameter>. This useful do distingish the
<parameter>name</parameter>. This useful do distinguish the
<parameter>name</parameter> from other arguments.
</para>
<para>
Reverse lookups - mapping addresses to names - are simplified by the
Reverse lookups &mdash; mapping addresses to names &mdash; are simplified by the
<option>-x</option> option. <parameter>addr</parameter> is
an IPv4
address in dotted-decimal notation, or a colon-delimited IPv6 address.
......@@ -343,7 +343,7 @@
<listitem>
<para>
Use [do not use] TCP when querying name servers. The default
behaviour is to use UDP unless an AXFR or IXFR query is
behavior is to use UDP unless an AXFR or IXFR query is
requested, in
which case a TCP connection is used.
</para>
......@@ -588,7 +588,7 @@
This query option toggles the printing of statistics: when the
query
was made, the size of the reply and so on. The default
behaviour is
behavior is
to print the query statistics.
</para>
</listitem>
......@@ -662,8 +662,8 @@
<para>
Sets the timeout for a query to
<parameter>T</parameter> seconds. The default time
out is 5 seconds.
<parameter>T</parameter> seconds. The default
timeout is 5 seconds.
An attempt to set <parameter>T</parameter> to less
than 1 will result
in a query timeout of 1 second being applied.
......@@ -763,7 +763,7 @@
default is
to not try the next server which is the reverse of normal stub
resolver
behaviour.
behavior.
</para>
</listitem>
</varlistentry>
......@@ -822,7 +822,7 @@
<term><option>+[no]topdown</option></term>
<listitem>
<para>
When chasing DNSSEC signature chains perform a top down
When chasing DNSSEC signature chains perform a top-down
validation.
Requires dig be compiled with -DDIG_SIGCHASE.
</para>
......
......@@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: host.docbook,v 1.14 2007/01/29 23:57:22 marka Exp $ -->
<!-- $Id: host.docbook,v 1.15 2007/05/09 01:32:08 marka Exp $ -->
<refentry id="man.host">
<refentryinfo>
......@@ -173,7 +173,7 @@
attempt to resolve <parameter>name</parameter>. The
<option>-r</option> option enables <command>host</command>
to mimic
the behaviour of a name server by making non-recursive queries and
the behavior of a name server by making non-recursive queries and
expecting to receive answers to those queries that are usually
referrals to other name servers.
</para>
......@@ -194,7 +194,7 @@
<para>
The <option>-t</option> option is used to select the query type.
<parameter>type</parameter> can be any recognised query
<parameter>type</parameter> can be any recognized query
type: CNAME,
NS, SOA, SIG, KEY, AXFR, etc. When no query type is specified,
<command>host</command> automatically selects an appropriate
......@@ -227,7 +227,7 @@
The <option>-s</option> option tells <command>host</command>
<emphasis>not</emphasis> to send the query to the next nameserver
if any server responds with a SERVFAIL response, which is the
reverse of normal stub resolver behaviour.
reverse of normal stub resolver behavior.
</para>
<para>
......
......@@ -17,7 +17,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: nslookup.docbook,v 1.13 2007/01/29 23:57:22 marka Exp $ -->
<!-- $Id: nslookup.docbook,v 1.14 2007/05/09 01:32:08 marka Exp $ -->
<!--
- Copyright (c) 1985, 1989
- The Regents of the University of California. All rights reserved.
......@@ -314,9 +314,8 @@ nslookup -query=hinfo -timeout=10
<replaceable><optional>no</optional></replaceable>debug</constant></term>
<listitem>
<para>
Turn debugging mode on. A lot more information is
printed about the packet sent to the server and the
resulting answer.
Turn on or off the display of the full response packet and
any intermediate response packets when searching.
</para>
<para>
(Default = nodebug; abbreviation = <optional>no</optional>deb)
......@@ -329,9 +328,8 @@ nslookup -query=hinfo -timeout=10
<replaceable><optional>no</optional></replaceable>d2</constant></term>
<listitem>
<para>
Turn debugging mode on. A lot more information is
printed about the packet sent to the server and the
resulting answer.
Turn debugging mode on or off. This displays more about
about what nslookup is doing.
</para>
<para>
(Default = nod2)
......
......@@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: dnssec-keygen.docbook,v 1.16 2007/01/29 23:57:22 marka Exp $ -->
<!-- $Id: dnssec-keygen.docbook,v 1.17 2007/05/09 01:32:08 marka Exp $ -->
<refentry id="man.dnssec-keygen">
<refentryinfo>
<date>June 30, 2000</date>
......@@ -76,7 +76,7 @@
<title>DESCRIPTION</title>
<para><command>dnssec-keygen</command>
generates keys for DNSSEC (Secure DNS), as defined in RFC 2535
and RFC &lt;TBA\&gt;. It can also generate keys for use with
and RFC 4034. It can also generate keys for use with
TSIG (Transaction Signatures), as defined in RFC 2845.
</para>
</refsect1>
......@@ -286,7 +286,7 @@
</listitem>
</itemizedlist>
<para><command>dnssec-keygen</command>
creates two file, with names based
creates two files, with names based
on the printed string. <filename>Knnnn.+aaa+iiiii.key</filename>
contains the public key, and
<filename>Knnnn.+aaa+iiiii.private</filename> contains the
......@@ -300,14 +300,14 @@
statement).
</para>
<para>
The <filename>.private</filename> file contains algorithm
specific
The <filename>.private</filename> file contains
algorithm-specific
fields. For obvious security reasons, this file does not have
general read permission.
</para>
<para>
Both <filename>.key</filename> and <filename>.private</filename>
files are generated for symmetric encryption algorithm such as
files are generated for symmetric encryption algorithms such as
HMAC-MD5, even though the public and private key are equivalent.
</para>
</refsect1>
......@@ -330,7 +330,7 @@
In this example, <command>dnssec-keygen</command> creates
the files <filename>Kexample.com.+003+26160.key</filename>
and
<filename>Kexample.com.+003+26160.private</filename>
<filename>Kexample.com.+003+26160.private</filename>.
</para>
</refsect1>
......
......@@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: dnssec-signzone.docbook,v 1.25 2007/01/29 23:57:22 marka Exp $ -->
<!-- $Id: dnssec-signzone.docbook,v 1.26 2007/05/09 01:32:08 marka Exp $ -->
<refentry id="man.dnssec-signzone">
<refentryinfo>
<date>June 30, 2000</date>
......@@ -193,7 +193,7 @@
The name of the output file containing the signed zone. The
default is to append <filename>.signed</filename> to
the
input file.
input filename.
</para>
</listitem>
</varlistentry>
......@@ -212,7 +212,7 @@
<term>-i <replaceable class="parameter">interval</replaceable></term>
<listitem>
<para>
When a previously signed zone is passed as input, records
When a previously-signed zone is passed as input, records
may be resigned. The <option>interval</option> option
specifies the cycle interval as an offset from the current
time (in seconds). If a RRSIG record expires after the
......@@ -256,8 +256,8 @@
When signing a zone with a fixed signature lifetime, all
RRSIG records issued at the time of signing expires
simultaneously. If the zone is incrementally signed, i.e.
a previously signed zone is passed as input to the signer,
all expired signatures has to be regenerated at about the
a previously-signed zone is passed as input to the signer,
all expired signatures have to be regenerated at about the
same time. The <option>jitter</option> option specifies a
jitter window that will be used to randomize the signature
expire time, thus spreading incremental signature
......@@ -411,9 +411,11 @@
<term>key</term>
<listitem>
<para>
The keys used to sign the zone. If no keys are specified, the
default all zone keys that have private key files in the
current directory.
Specify which keys should be used to sign the zone. If
no keys are specified, then the zone will be examined
for DNSKEY records at the zone apex. If these are found and
there are matching private keys, in the current directory,
then these will be used for signing.
</para>
</listitem>
</varlistentry>
......@@ -425,27 +427,30 @@
<title>EXAMPLE</title>
<para>
The following command signs the <userinput>example.com</userinput>
zone with the DSA key generated in the <command>dnssec-keygen</command>
man page. The zone's keys must be in the zone. If there are
<filename>keyset</filename> files associated with child
zones,
they must be in the current directory.
<userinput>example.com</userinput>, the following command would be
issued:
</para>
<para><userinput>dnssec-signzone -o example.com db.example.com
Kexample.com.+003+26160</userinput>
</para>
<para>
The command would print a string of the form:
zone with the DSA key generated by <command>dnssec-keygen</command>
(Kexample.com.+003+17247). The zone's keys must be in the master
file (<filename>db.example.com</filename>). This invocation looks
for <filename>keyset</filename> files, in the current directory,
so that DS records can be generated from them (<command>-g</command>).
</para>
<programlisting>% dnssec-signzone -g -o example.com db.example.com \
Kexample.com.+003+17247
db.example.com.signed
%</programlisting>
<para>
In this example, <command>dnssec-signzone</command> creates
In the above example, <command>dnssec-signzone</command> creates
the file <filename>db.example.com.signed</filename>. This
file
should be referenced in a zone statement in a
file should be referenced in a zone statement in a
<filename>named.conf</filename> file.
</para>
<para>
This example re-signs a previously signed zone with default parameters.
The private keys are assumed to be in the current directory.
</para>
<programlisting>% cp db.example.com.signed db.example.com
% dnssec-signzone -o example.com db.example.com
db.example.com.signed
%</programlisting>
</refsect1>
<refsect1>
......
......@@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: lwresd.docbook,v 1.12 2007/01/29 23:57:22 marka Exp $ -->
<!-- $Id: lwresd.docbook,v 1.13 2007/05/09 01:32:08 marka Exp $ -->
<refentry>
<refentryinfo>
<date>June 30, 2000</date>
......@@ -207,7 +207,7 @@
<varlistentry>
<term>-t <replaceable class="parameter">directory</replaceable></term>
<listitem>
<para><function>chroot()</function>
<para>Chroot
to <replaceable class="parameter">directory</replaceable> after
processing the command line arguments, but before
reading the configuration file.
......@@ -217,7 +217,7 @@
This option should be used in conjunction with the
<option>-u</option> option, as chrooting a process
running as root doesn't enhance security on most
systems; the way <function>chroot()</function> is
systems; the way <function>chroot(2)</function> is
defined allows a process with root privileges to
escape a chroot jail.
</para>
......@@ -228,7 +228,7 @@
<varlistentry>
<term>-u <replaceable class="parameter">user</replaceable></term>
<listitem>
<para><function>setuid()</function>
<para>Setuid
to <replaceable class="parameter">user</replaceable> after completing
privileged operations, such as creating sockets that
listen on privileged ports.
......
......@@ -17,7 +17,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: named.conf.docbook,v 1.28 2007/03/29 06:36:29 marka Exp $ -->
<!-- $Id: named.conf.docbook,v 1.29 2007/05/09 01:32:08 marka Exp $ -->
<refentry>
<refentryinfo>
<date>Aug 13, 2004</date>
......@@ -596,9 +596,7 @@ zone <replaceable>string</replaceable> <replaceable>optional_class</replaceable>
<citerefentry>
<refentrytitle>rndc</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>BIND 9 Administrator Reference Manual</refentrytitle>
</citerefentry>.
<citetitle>BIND 9 Administrator Reference Manual</citetitle>.
</para>
</refsect1>
......
......@@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: named.docbook,v 1.15 2007/01/29 23:57:22 marka Exp $ -->
<!-- $Id: named.docbook,v 1.16 2007/05/09 01:32:08 marka Exp $ -->
<refentry id="man.named">
<refentryinfo>
<date>June 30, 2000</date>
......@@ -200,7 +200,7 @@
<varlistentry>
<term>-t <replaceable class="parameter">directory</replaceable></term>
<listitem>
<para><function>chroot()</function>
<para>Chroot
to <replaceable class="parameter">directory</replaceable> after
processing the command line arguments, but before
reading the configuration file.
......@@ -210,7 +210,7 @@
This option should be used in conjunction with the
<option>-u</option> option, as chrooting a process
running as root doesn't enhance security on most
systems; the way <function>chroot()</function> is
systems; the way <function>chroot(2)</function> is
defined allows a process with root privileges to
escape a chroot jail.
</para>
......@@ -221,7 +221,7 @@
<varlistentry>
<term>-u <replaceable class="parameter">user</replaceable></term>
<listitem>
<para><function>setuid()</function>
<para>Setuid
to <replaceable class="parameter">user</replaceable> after completing
privileged operations, such as creating sockets that
listen on privileged ports.
......@@ -230,7 +230,7 @@
<para>
On Linux, <command>named</command> uses the kernel's
capability mechanism to drop all root privileges
except the ability to <function>bind()</function> to
except the ability to <function>bind(2)</function> to
a
privileged port and set process resource limits.
Unfortunately, this means that the <option>-u</option>
......@@ -238,7 +238,7 @@
run
on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or
later, since previous kernels did not allow privileges
to be retained after <function>setuid()</function>.
to be retained after <function>setuid(2)</function>.
</para>
</note>
</listitem>
......
......@@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: nsupdate.docbook,v 1.26 2007/01/29 23:57:22 marka Exp $ -->
<!-- $Id: nsupdate.docbook,v 1.27 2007/05/09 01:32:08 marka Exp $ -->
<refentry>
<refentryinfo>
<date>Jun 30, 2000</date>
......@@ -112,7 +112,7 @@
Once other algorithms are defined for TSIG, applications will need to
ensure they select the appropriate algorithm as well as the key when
authenticating each other.
For instance suitable
For instance, suitable
<type>key</type>
and
<type>server</type>
......@@ -170,7 +170,7 @@
This may be preferable when a batch of update requests is made.
</para>
<para>
The <option>-t</option> option sets the maximum time a update request
The <option>-t</option> option sets the maximum time an update request
can
take before it is aborted. The default is 300 seconds. Zero can be
used
......@@ -179,14 +179,14 @@
<para>
The <option>-u</option> option sets the UDP retry interval. The default
is
3 seconds. If zero the interval will be computed from the timeout
3 seconds. If zero, the interval will be computed from the timeout
interval
and number of UDP retries.
</para>
<para>
The <option>-r</option> option sets the number of UDP retries. The
default is
3. If zero only one update request will be made.
3. If zero, only one update request will be made.
</para>
</refsect1>
......@@ -297,7 +297,7 @@
<listitem>
<para>
Specify the default class.
If no <parameter>class</parameter> is specified the
If no <parameter>class</parameter> is specified, the
default class is
<parameter>IN</parameter>.
</para>
......@@ -312,7 +312,7 @@
</term>
<listitem>
<para>
Specifies that all updates are to be TSIG signed using the
Specifies that all updates are to be TSIG-signed using the
<parameter>keyname</parameter> <parameter>keysecret</parameter> pair.
The <command>key</command> command
overrides any key specified on the command line via
......@@ -543,10 +543,10 @@
Any A records for
<type>oldhost.example.com</type>
are deleted.
and an A record for
And an A record for
<type>newhost.example.com</type>
it IP address 172.16.1.1 is added.
The newly-added record has a 1 day TTL (86400 seconds)
with IP address 172.16.1.1 is added.
The newly-added record has a 1 day TTL (86400 seconds).
<programlisting>
# nsupdate
&gt; prereq nxdomain nickname.example.com
......
......@@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: rndc.conf.docbook,v 1.14 2007/01/29 23:57:22 marka Exp $ -->
<!-- $Id: rndc.conf.docbook,v 1.15 2007/05/09 01:32:09 marka Exp $ -->
<refentry id="man.rndc.conf">
<refentryinfo>
<date>June 30, 2000</date>
......@@ -175,7 +175,7 @@
key testkey {
algorithm hmac-md5;
secret "R3HI8P6BKw9ZwXwN3VZKuQ==";
}
};
</programlisting>
</para>
......@@ -202,7 +202,7 @@
A complete <filename>rndc.conf</filename> file, including
the
randomly generated key, will be written to the standard
output. Commented out <option>key</option> and
output. Commented-out <option>key</option> and
<option>controls</option> statements for
<filename>named.conf</filename> are also printed.
</para>
......
......@@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: rndc.docbook,v 1.16 2007/01/29 23:57:22 marka Exp $ -->
<!-- $Id: rndc.docbook,v 1.17 2007/05/09 01:32:09 marka Exp $ -->
<refentry id="man.rndc">
<refentryinfo>
<date>June 30, 2000</date>
......@@ -230,7 +230,7 @@
</citerefentry>,
<citerefentry>
<refentrytitle>named.conf</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>
</citerefentry>,
<citerefentry>
<refentrytitle>ndc</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment