Commit d060d866 authored by Automatic Updater's avatar Automatic Updater
Browse files

regen

parent abe20c2c
......@@ -12,7 +12,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: named.conf.5,v 1.39 2009/10/11 01:14:48 tbox Exp $
.\" $Id: named.conf.5,v 1.40 2009/10/16 04:20:32 tbox Exp $
.\"
.hy 0
.ad l
......@@ -102,6 +102,15 @@ trusted\-keys {
};
.fi
.RE
.SH "MANAGED\-KEYS"
.sp
.RS 4
.nf
managed\-keys {
\fIdomain_name\fR \fBinitial\-key\fR \fIflags\fR \fIprotocol\fR \fIalgorithm\fR \fIkey\fR; ...
};
.fi
.RE
.SH "CONTROLS"
.sp
.RS 4
......@@ -244,6 +253,7 @@ options {
dnssec\-enable \fIboolean\fR;
dnssec\-validation \fIboolean\fR;
dnssec\-lookaside \fIstring\fR trust\-anchor \fIstring\fR;
dnssec\-lookaside ( \fIauto\fR | \fIdomain\fR trust\-anchor \fIdomain\fR );
dnssec\-must\-be\-secure \fIstring\fR \fIboolean\fR;
dnssec\-accept\-expired \fIboolean\fR;
empty\-server \fIstring\fR;
......@@ -300,10 +310,17 @@ options {
use\-alt\-transfer\-source \fIboolean\fR;
zone\-statistics \fIboolean\fR;
key\-directory \fIquoted_string\fR;
auto\-dnssec \fBallow\fR|\fBmaintain\fR|\fBcreate\fR|\fBoff\fR;
try\-tcp\-refresh \fIboolean\fR;
zero\-no\-soa\-ttl \fIboolean\fR;
zero\-no\-soa\-ttl\-cache \fIboolean\fR;
secure\-to\-insecure \fIboolean\fR;
deny\-answer\-addresses {
\fIaddress_match_list\fR
} [ except\-from { \fInamelist\fR } ];
deny\-answer\-aliases {
\fInamelist\fR
} [ except\-from { \fInamelist\fR } ];
nsec3\-test\-zone \fIboolean\fR; // testing only
allow\-v6\-synthesis { \fIaddress_match_element\fR; ... }; // obsolete
deallocate\-on\-exit \fIboolean\fR; // obsolete
......@@ -339,7 +356,8 @@ view \fIstring\fR \fIoptional_class\fR {
...
};
trusted\-keys {
\fIstring\fR \fIinteger\fR \fIinteger\fR \fIinteger\fR \fIquoted_string\fR; ...
\fIstring\fR \fIinteger\fR \fIinteger\fR \fIinteger\fR \fIquoted_string\fR;
[...]
};
allow\-recursion { \fIaddress_match_element\fR; ... };
allow\-recursion\-on { \fIaddress_match_element\fR; ... };
......@@ -486,13 +504,14 @@ zone \fIstring\fR \fIoptional_class\fR {
allow\-transfer { \fIaddress_match_element\fR; ... };
allow\-update { \fIaddress_match_element\fR; ... };
allow\-update\-forwarding { \fIaddress_match_element\fR; ... };
update\-policy {
( grant | deny ) \fIstring\fR
update\-policy \fIlocal\fR | \fI {
( grant | deny ) \fR\fI\fIstring\fR\fR\fI
( name | subdomain | wildcard | self | selfsub | selfwild |
krb5\-self | ms\-self | krb5\-subdomain | ms\-subdomain |
tcp\-self | 6to4\-self ) \fIstring\fR
\fIrrtypelist\fR; ...
};
tcp\-self | zonesub | 6to4\-self ) \fR\fI\fIstring\fR\fR\fI
\fR\fI\fIrrtypelist\fR\fR\fI;
\fR\fI[...]\fR\fI
}\fR;
update\-check\-ksk \fIboolean\fR;
dnskey\-ksk\-only \fIboolean\fR;
masterfile\-format ( text | raw );
......
......@@ -13,7 +13,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: named.conf.html,v 1.48 2009/10/11 01:14:48 tbox Exp $ -->
<!-- $Id: named.conf.html,v 1.49 2009/10/16 04:20:32 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
......@@ -105,7 +105,15 @@ trusted-keys
</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543548"></a><h2>CONTROLS</h2>
<a name="id2543548"></a><h2>MANAGED-KEYS</h2>
<div class="literallayout"><p><br>
managed-keys{<br>
<em class="replaceable"><code>domain_name</code></em><code class="constant">initial-key</code><em class="replaceable"><code>flags</code></em><em class="replaceable"><code>protocol</code></em><em class="replaceable"><code>algorithm</code></em><em class="replaceable"><code>key</code></em>;...<br>
};<br>
</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543577"></a><h2>CONTROLS</h2>
<div class="literallayout"><p><br>
controls{<br>
inet(<em class="replaceable"><code>ipv4_address</code></em>|<em class="replaceable"><code>ipv6_address</code></em>|*)<br>
......@@ -117,7 +125,7 @@ controls
</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543584"></a><h2>LOGGING</h2>
<a name="id2543612"></a><h2>LOGGING</h2>
<div class="literallayout"><p><br>
logging{<br>
channel<em class="replaceable"><code>string</code></em>{<br>
......@@ -135,7 +143,7 @@ logging
</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543622"></a><h2>LWRES</h2>
<a name="id2543651"></a><h2>LWRES</h2>
<div class="literallayout"><p><br>
lwres{<br>
listen-on[<span class="optional">port<em class="replaceable"><code>integer</code></em></span>]{<br>
......@@ -148,7 +156,7 @@ lwres
</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2543664"></a><h2>OPTIONS</h2>
<a name="id2543692"></a><h2>OPTIONS</h2>
<div class="literallayout"><p><br>
options{<br>
avoid-v4-udp-ports{<em class="replaceable"><code>port</code></em>;...};<br>
......@@ -242,6 +250,7 @@ options
dnssec-enable<em class="replaceable"><code>boolean</code></em>;<br>
dnssec-validation<em class="replaceable"><code>boolean</code></em>;<br>
dnssec-lookaside<em class="replaceable"><code>string</code></em>trust-anchor<em class="replaceable"><code>string</code></em>;<br>
dnssec-lookaside(<em class="replaceable"><code>auto</code></em>|<em class="replaceable"><code>domain</code></em>trust-anchor<em class="replaceable"><code>domain</code></em>);<br>
dnssec-must-be-secure<em class="replaceable"><code>string</code></em><em class="replaceable"><code>boolean</code></em>;<br>
dnssec-accept-expired<em class="replaceable"><code>boolean</code></em>;<br>
<br>
......@@ -308,10 +317,17 @@ options
<br>
zone-statistics<em class="replaceable"><code>boolean</code></em>;<br>
key-directory<em class="replaceable"><code>quoted_string</code></em>;<br>
auto-dnssec<code class="constant">allow</code>|<code class="constant">maintain</code>|<code class="constant">create</code>|<code class="constant">off</code>;<br>
try-tcp-refresh<em class="replaceable"><code>boolean</code></em>;<br>
zero-no-soa-ttl<em class="replaceable"><code>boolean</code></em>;<br>
zero-no-soa-ttl-cache<em class="replaceable"><code>boolean</code></em>;<br>
secure-to-insecure<em class="replaceable"><code>boolean</code></em>;<br>
deny-answer-addresses{<br>
<em class="replaceable"><code>address_match_list</code></em><br>
}[<span class="optional">except-from{<em class="replaceable"><code>namelist</code></em>}</span>];<br>
deny-answer-aliases{<br>
<em class="replaceable"><code>namelist</code></em><br>
}[<span class="optional">except-from{<em class="replaceable"><code>namelist</code></em>}</span>];<br>
<br>
nsec3-test-zone<em class="replaceable"><code>boolean</code></em>;//testingonly<br>
<br>
......@@ -331,7 +347,7 @@ options
</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2544461"></a><h2>VIEW</h2>
<a name="id2544532"></a><h2>VIEW</h2>
<div class="literallayout"><p><br>
view<em class="replaceable"><code>string</code></em><em class="replaceable"><code>optional_class</code></em>{<br>
match-clients{<em class="replaceable"><code>address_match_element</code></em>;...};<br>
......@@ -352,7 +368,8 @@ view
};<br>
<br>
trusted-keys{<br>
<em class="replaceable"><code>string</code></em><em class="replaceable"><code>integer</code></em><em class="replaceable"><code>integer</code></em><em class="replaceable"><code>integer</code></em><em class="replaceable"><code>quoted_string</code></em>;...<br>
<em class="replaceable"><code>string</code></em><em class="replaceable"><code>integer</code></em><em class="replaceable"><code>integer</code></em><em class="replaceable"><code>integer</code></em><em class="replaceable"><code>quoted_string</code></em>;<br>
[<span class="optional">...</span>]<br>
};<br>
<br>
allow-recursion{<em class="replaceable"><code>address_match_element</code></em>;...};<br>
......@@ -481,7 +498,7 @@ view
</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2545129"></a><h2>ZONE</h2>
<a name="id2545203"></a><h2>ZONE</h2>
<div class="literallayout"><p><br>
zone<em class="replaceable"><code>string</code></em><em class="replaceable"><code>optional_class</code></em>{<br>
type(master|slave|stub|hint|<br>
......@@ -512,13 +529,14 @@ zone
allow-transfer{<em class="replaceable"><code>address_match_element</code></em>;...};<br>
allow-update{<em class="replaceable"><code>address_match_element</code></em>;...};<br>
allow-update-forwarding{<em class="replaceable"><code>address_match_element</code></em>;...};<br>
update-policy{<br>
update-policy<em class="replaceable"><code>local</code></em>|<em class="replaceable"><code>{<br>
(grant|deny)<em class="replaceable"><code>string</code></em><br>
(name|subdomain|wildcard|self|selfsub|selfwild|<br>
krb5-self|ms-self|krb5-subdomain|ms-subdomain|<br>
tcp-self|6to4-self)<em class="replaceable"><code>string</code></em><br>
<em class="replaceable"><code>rrtypelist</code></em>;...<br>
};<br>
tcp-self|zonesub|6to4-self)<em class="replaceable"><code>string</code></em><br>
<em class="replaceable"><code>rrtypelist</code></em>;<br>
[<span class="optional">...</span>]<br>
}</code></em>;<br>
update-check-ksk<em class="replaceable"><code>boolean</code></em>;<br>
dnskey-ksk-only<em class="replaceable"><code>boolean</code></em>;<br>
<br>
......@@ -575,12 +593,12 @@ zone
</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2545432"></a><h2>FILES</h2>
<a name="id2545514"></a><h2>FILES</h2>
<p><code class="filename">/etc/named.conf</code>
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2545444"></a><h2>SEE ALSO</h2>
<a name="id2545526"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">named-checkconf</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>,
......
......@@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: nsupdate.1,v 1.10 2009/08/27 01:14:39 tbox Exp $
.\" $Id: nsupdate.1,v 1.11 2009/10/16 04:20:32 tbox Exp $
.\"
.hy 0
.ad l
......@@ -37,7 +37,7 @@ nsupdate \- Dynamic DNS update utility
.SH "DESCRIPTION"
.PP
\fBnsupdate\fR
is used to submit Dynamic DNS Update requests as defined in RFC2136 to a name server. This allows resource records to be added or removed from a zone without manually editing the zone file. A single update request can contain requests to add or remove more than one resource record.
is used to submit Dynamic DNS Update requests as defined in RFC 2136 to a name server. This allows resource records to be added or removed from a zone without manually editing the zone file. A single update request can contain requests to add or remove more than one resource record.
.PP
Zones that are under dynamic control via
\fBnsupdate\fR
......@@ -64,7 +64,7 @@ The
\fB\-L\fR
option with an integer argument of zero or higher sets the logging debug level. If zero, logging is disabled.
.PP
Transaction signatures can be used to authenticate the Dynamic DNS updates. These use the TSIG resource record type described in RFC2845 or the SIG(0) record described in RFC3535 and RFC2931 or GSS\-TSIG as described in RFC3645. TSIG relies on a shared secret that should only be known to
Transaction signatures can be used to authenticate the Dynamic DNS updates. These use the TSIG resource record type described in RFC 2845 or the SIG(0) record described in RFC 2535 and RFC 2931 or GSS\-TSIG as described in RFC 3645. TSIG relies on a shared secret that should only be known to
\fBnsupdate\fR
and the name server. Currently, the only supported encryption algorithm for TSIG is HMAC\-MD5, which is defined in RFC 2104. Once other algorithms are defined for TSIG, applications will need to ensure they select the appropriate algorithm as well as the key when authenticating each other. For instance, suitable
\fBkey\fR
......@@ -75,7 +75,13 @@ statements would be added to
so that the name server can associate the appropriate secret key and algorithm with the IP address of the client application that will be using TSIG authentication. SIG(0) uses public key cryptography. To use a SIG(0) key, the public key must be stored in a KEY record in a zone served by the name server.
\fBnsupdate\fR
does not read
\fI/etc/named.conf\fR. GSS\-TSIG uses Kerberos credentials.
\fI/etc/named.conf\fR.
.PP
GSS\-TSIG uses Kerberos credentials. Standard GSS\-TSIG mode is switched on with the
\fB\-g\fR
flag. A non\-standards\-compliant variant of GSS\-TSIG used by Windows 2000 can be switched on with the
\fB\-o\fR
flag.
.PP
\fBnsupdate\fR
uses the
......@@ -367,7 +373,7 @@ with IP address 172.16.1.1 is added. The newly\-added record has a 1 day TTL (86
.sp
.PP
The prerequisite condition gets the name server to check that there are no resource records of any type for
\fBnickname.example.com\fR. If there are, the update request fails. If this name does not exist, a CNAME for it is added. This ensures that when the CNAME is added, it cannot conflict with the long\-standing rule in RFC1034 that a name must not exist as any other record type if it exists as a CNAME. (The rule has been updated for DNSSEC in RFC2535 to allow CNAMEs to have RRSIG, DNSKEY and NSEC records.)
\fBnickname.example.com\fR. If there are, the update request fails. If this name does not exist, a CNAME for it is added. This ensures that when the CNAME is added, it cannot conflict with the long\-standing rule in RFC 1034 that a name must not exist as any other record type if it exists as a CNAME. (The rule has been updated for DNSSEC in RFC 2535 to allow CNAMEs to have RRSIG, DNSKEY and NSEC records.)
.SH "FILES"
.PP
\fB/etc/resolv.conf\fR
......@@ -393,13 +399,13 @@ base\-64 encoding of HMAC\-MD5 key created by
.RE
.SH "SEE ALSO"
.PP
\fBRFC2136\fR(),
\fBRFC3007\fR(),
\fBRFC2104\fR(),
\fBRFC2845\fR(),
\fBRFC1034\fR(),
\fBRFC2535\fR(),
\fBRFC2931\fR(),
RFC 2136,
RFC 3007,
RFC 2104,
RFC 2845,
RFC 1034,
RFC 2535,
RFC 2931,
\fBnamed\fR(8),
\fBddns\-confgen\fR(8),
\fBdnssec\-keygen\fR(8).
......
......@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: nsupdate.html,v 1.47 2009/08/27 01:14:39 tbox Exp $ -->
<!-- $Id: nsupdate.html,v 1.48 2009/10/16 04:20:32 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
......@@ -34,7 +34,7 @@
<div class="refsect1" lang="en">
<a name="id2543453"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">nsupdate</strong></span>
is used to submit Dynamic DNS Update requests as defined in RFC2136
is used to submit Dynamic DNS Update requests as defined in RFC 2136
to a name server.
This allows resource records to be added or removed from a zone
without manually editing the zone file.
......@@ -76,8 +76,8 @@
<p>
Transaction signatures can be used to authenticate the Dynamic
DNS updates. These use the TSIG resource record type described
in RFC2845 or the SIG(0) record described in RFC3535 and
RFC2931 or GSS-TSIG as described in RFC3645. TSIG relies on
in RFC 2845 or the SIG(0) record described in RFC 2535 and
RFC 2931 or GSS-TSIG as described in RFC 3645. TSIG relies on
a shared secret that should only be known to
<span><strong class="command">nsupdate</strong></span> and the name server. Currently,
the only supported encryption algorithm for TSIG is HMAC-MD5,
......@@ -94,7 +94,12 @@
record in a zone served by the name server.
<span><strong class="command">nsupdate</strong></span> does not read
<code class="filename">/etc/named.conf</code>.
GSS-TSIG uses Kerberos credentials.
</p>
<p>
GSS-TSIG uses Kerberos credentials. Standard GSS-TSIG mode
is switched on with the <code class="option">-g</code> flag. A
non-standards-compliant variant of GSS-TSIG used by Windows
2000 can be switched on with the <code class="option">-o</code> flag.
</p>
<p><span><strong class="command">nsupdate</strong></span>
uses the <code class="option">-y</code> or <code class="option">-k</code> option
......@@ -187,7 +192,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2543777"></a><h2>INPUT FORMAT</h2>
<a name="id2543785"></a><h2>INPUT FORMAT</h2>
<p><span><strong class="command">nsupdate</strong></span>
reads input from
<em class="parameter"><code>filename</code></em>
......@@ -451,7 +456,7 @@
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544617"></a><h2>EXAMPLES</h2>
<a name="id2544626"></a><h2>EXAMPLES</h2>
<p>
The examples below show how
<span><strong class="command">nsupdate</strong></span>
......@@ -498,14 +503,14 @@
If there are, the update request fails.
If this name does not exist, a CNAME for it is added.
This ensures that when the CNAME is added, it cannot conflict with the
long-standing rule in RFC1034 that a name must not exist as any other
long-standing rule in RFC 1034 that a name must not exist as any other
record type if it exists as a CNAME.
(The rule has been updated for DNSSEC in RFC2535 to allow CNAMEs to have
(The rule has been updated for DNSSEC in RFC 2535 to allow CNAMEs to have
RRSIG, DNSKEY and NSEC records.)
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2544661"></a><h2>FILES</h2>
<a name="id2544669"></a><h2>FILES</h2>
<div class="variablelist"><dl>
<dt><span class="term"><code class="constant">/etc/resolv.conf</code></span></dt>
<dd><p>
......@@ -528,21 +533,22 @@
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2544744"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">RFC2136</span></span>,
<span class="citerefentry"><span class="refentrytitle">RFC3007</span></span>,
<span class="citerefentry"><span class="refentrytitle">RFC2104</span></span>,
<span class="citerefentry"><span class="refentrytitle">RFC2845</span></span>,
<span class="citerefentry"><span class="refentrytitle">RFC1034</span></span>,
<span class="citerefentry"><span class="refentrytitle">RFC2535</span></span>,
<span class="citerefentry"><span class="refentrytitle">RFC2931</span></span>,
<a name="id2544753"></a><h2>SEE ALSO</h2>
<p>
<em class="citetitle">RFC 2136</em>,
<em class="citetitle">RFC 3007</em>,
<em class="citetitle">RFC 2104</em>,
<em class="citetitle">RFC 2845</em>,
<em class="citetitle">RFC 1034</em>,
<em class="citetitle">RFC 2535</em>,
<em class="citetitle">RFC 2931</em>,
<span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">ddns-confgen</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2542161"></a><h2>BUGS</h2>
<a name="id2542148"></a><h2>BUGS</h2>
<p>
The TSIG key is redundantly stored in two separate files.
This is a consequence of nsupdate using the DST library
......
This diff is collapsed.
......@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: Bv9ARM.ch07.html,v 1.210 2009/10/15 01:15:23 tbox Exp $ -->
<!-- $Id: Bv9ARM.ch07.html,v 1.211 2009/10/16 04:20:33 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
......@@ -46,10 +46,10 @@
<p><b>Table of Contents</b></p>
<dl>
<dt><span class="sect1"><a href="Bv9ARM.ch07.html#Access_Control_Lists">Access Control Lists</a></span></dt>
<dt><span class="sect1"><a href="Bv9ARM.ch07.html#id2600717"><span><strong class="command">Chroot</strong></span> and <span><strong class="command">Setuid</strong></span></a></span></dt>
<dt><span class="sect1"><a href="Bv9ARM.ch07.html#id2600830"><span><strong class="command">Chroot</strong></span> and <span><strong class="command">Setuid</strong></span></a></span></dt>
<dd><dl>
<dt><span class="sect2"><a href="Bv9ARM.ch07.html#id2600798">The <span><strong class="command">chroot</strong></span> Environment</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch07.html#id2600858">Using the <span><strong class="command">setuid</strong></span> Function</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch07.html#id2600912">The <span><strong class="command">chroot</strong></span> Environment</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch07.html#id2600971">Using the <span><strong class="command">setuid</strong></span> Function</a></span></dt>
</dl></dd>
<dt><span class="sect1"><a href="Bv9ARM.ch07.html#dynamic_update_security">Dynamic Update Security</a></span></dt>
</dl>
......@@ -122,7 +122,7 @@ zone "example.com" {
</div>
<div class="sect1" lang="en">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="id2600717"></a><span><strong class="command">Chroot</strong></span> and <span><strong class="command">Setuid</strong></span>
<a name="id2600830"></a><span><strong class="command">Chroot</strong></span> and <span><strong class="command">Setuid</strong></span>
</h2></div></div></div>
<p>
On UNIX servers, it is possible to run <acronym class="acronym">BIND</acronym>
......@@ -148,7 +148,7 @@ zone "example.com" {
</p>
<div class="sect2" lang="en">
<div class="titlepage"><div><div><h3 class="title">
<a name="id2600798"></a>The <span><strong class="command">chroot</strong></span> Environment</h3></div></div></div>
<a name="id2600912"></a>The <span><strong class="command">chroot</strong></span> Environment</h3></div></div></div>
<p>
In order for a <span><strong class="command">chroot</strong></span> environment
to
......@@ -176,7 +176,7 @@ zone "example.com" {
</div>
<div class="sect2" lang="en">
<div class="titlepage"><div><div><h3 class="title">
<a name="id2600858"></a>Using the <span><strong class="command">setuid</strong></span> Function</h3></div></div></div>
<a name="id2600971"></a>Using the <span><strong class="command">setuid</strong></span> Function</h3></div></div></div>
<p>
Prior to running the <span><strong class="command">named</strong></span> daemon,
use
......
......@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: Bv9ARM.ch08.html,v 1.209 2009/10/15 01:15:16 tbox Exp $ -->
<!-- $Id: Bv9ARM.ch08.html,v 1.210 2009/10/16 04:20:33 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
......@@ -45,18 +45,18 @@
<div class="toc">
<p><b>Table of Contents</b></p>
<dl>
<dt><span class="sect1"><a href="Bv9ARM.ch08.html#id2600938">Common Problems</a></span></dt>
<dd><dl><dt><span class="sect2"><a href="Bv9ARM.ch08.html#id2600944">It's not working; how can I figure out what's wrong?</a></span></dt></dl></dd>
<dt><span class="sect1"><a href="Bv9ARM.ch08.html#id2600955">Incrementing and Changing the Serial Number</a></span></dt>
<dt><span class="sect1"><a href="Bv9ARM.ch08.html#id2601041">Where Can I Get Help?</a></span></dt>
<dt><span class="sect1"><a href="Bv9ARM.ch08.html#id2601120">Common Problems</a></span></dt>
<dd><dl><dt><span class="sect2"><a href="Bv9ARM.ch08.html#id2601125">It's not working; how can I figure out what's wrong?</a></span></dt></dl></dd>
<dt><span class="sect1"><a href="Bv9ARM.ch08.html#id2601137">Incrementing and Changing the Serial Number</a></span></dt>
<dt><span class="sect1"><a href="Bv9ARM.ch08.html#id2601154">Where Can I Get Help?</a></span></dt>
</dl>
</div>
<div class="sect1" lang="en">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="id2600938"></a>Common Problems</h2></div></div></div>
<a name="id2601120"></a>Common Problems</h2></div></div></div>
<div class="sect2" lang="en">
<div class="titlepage"><div><div><h3 class="title">
<a name="id2600944"></a>It's not working; how can I figure out what's wrong?</h3></div></div></div>
<a name="id2601125"></a>It's not working; how can I figure out what's wrong?</h3></div></div></div>
<p>
The best solution to solving installation and
configuration issues is to take preventative measures by setting
......@@ -68,7 +68,7 @@
</div>
<div class="sect1" lang="en">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="id2600955"></a>Incrementing and Changing the Serial Number</h2></div></div></div>
<a name="id2601137"></a>Incrementing and Changing the Serial Number</h2></div></div></div>
<p>
Zone serial numbers are just numbers &#8212; they aren't
date related. A lot of people set them to a number that
......@@ -95,7 +95,7 @@
</div>
<div class="sect1" lang="en">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="id2601041"></a>Where Can I Get Help?</h2></div></div></div>
<a name="id2601154"></a>Where Can I Get Help?</h2></div></div></div>
<p>
The Internet Systems Consortium
(<acronym class="acronym">ISC</acronym>) offers a wide range
......
This diff is collapsed.
......@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: Bv9ARM.html,v 1.228 2009/10/15 01:15:16 tbox Exp $ -->
<!-- $Id: Bv9ARM.html,v 1.229 2009/10/16 04:20:32 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
......@@ -157,28 +157,28 @@
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#server_statement_definition_and_usage"><span><strong class="command">server</strong></span> Statement Definition and
Usage</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#statschannels"><span><strong class="command">statistics-channels</strong></span> Statement Grammar</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2587716"><span><strong class="command">statistics-channels</strong></span> Statement Definition and
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2587829"><span><strong class="command">statistics-channels</strong></span> Statement Definition and
Usage</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2587870"><span><strong class="command">trusted-keys</strong></span> Statement Grammar</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2587922"><span><strong class="command">trusted-keys</strong></span> Statement Definition
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2587984"><span><strong class="command">trusted-keys</strong></span> Statement Grammar</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2588035"><span><strong class="command">trusted-keys</strong></span> Statement Definition
and Usage</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2587969"><span><strong class="command">managed-keys</strong></span> Statement Grammar</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2588088"><span><strong class="command">managed-keys</strong></span> Statement Definition
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2588082"><span><strong class="command">managed-keys</strong></span> Statement Grammar</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2588133"><span><strong class="command">managed-keys</strong></span> Statement Definition
and Usage</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#view_statement_grammar"><span><strong class="command">view</strong></span> Statement Grammar</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2588376"><span><strong class="command">view</strong></span> Statement Definition and Usage</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2588489"><span><strong class="command">view</strong></span> Statement Definition and Usage</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#zone_statement_grammar"><span><strong class="command">zone</strong></span>
Statement Grammar</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2589949"><span><strong class="command">zone</strong></span> Statement Definition and Usage</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2590199"><span><strong class="command">zone</strong></span> Statement Definition and Usage</a></span></dt>
</dl></dd>
<dt><span class="sect1"><a href="Bv9ARM.ch06.html#id2592820">Zone File</a></span></dt>
<dt><span class="sect1"><a href="Bv9ARM.ch06.html#id2592933">Zone File</a></span></dt>
<dd><dl>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#types_of_resource_records_and_when_to_use_them">Types of Resource Records and When to Use Them</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2594914">Discussion of MX Records</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2595027">Discussion of MX Records</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#Setting_TTLs">Setting TTLs</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2595597">Inverse Mapping in IPv4</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2595793">Other Zone File Directives</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2596066"><acronym class="acronym">BIND</acronym> Master File Extension: the <span><strong class="command">$GENERATE</strong></span> Directive</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2595710">Inverse Mapping in IPv4</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2595906">Other Zone File Directives</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2596179"><acronym class="acronym">BIND</acronym> Master File Extension: the <span><strong class="command">$GENERATE</strong></span> Directive</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch06.html#zonefile_format">Additional File Formats</a></span></dt>
</dl></dd>
<dt><span class="sect1"><a href="Bv9ARM.ch06.html#statistics">BIND9 Statistics</a></span></dt>
......@@ -187,31 +187,31 @@
<dt><span class="chapter"><a href="Bv9ARM.ch07.html">7. <acronym class="acronym">BIND</acronym> 9 Security Considerations</a></span></dt>
<dd><dl>
<dt><span class="sect1"><a href="Bv9ARM.ch07.html#Access_Control_Lists">Access Control Lists</a></span></dt>
<dt><span class="sect1"><a href="Bv9ARM.ch07.html#id2600717"><span><strong class="command">Chroot</strong></span> and <span><strong class="command">Setuid</strong></span></a></span></dt>
<dt><span class="sect1"><a href="Bv9ARM.ch07.html#id2600830"><span><strong class="command">Chroot</strong></span> and <span><strong class="command">Setuid</strong></span></a></span></dt>
<dd><dl>
<dt><span class="sect2"><a href="Bv9ARM.ch07.html#id2600798">The <span><strong class="command">chroot</strong></span> Environment</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch07.html#id2600858">Using the <span><strong class="command">setuid</strong></span> Function</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch07.html#id2600912">The <span><strong class="command">chroot</strong></span> Environment</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch07.html#id2600971">Using the <span><strong class="command">setuid</strong></span> Function</a></span></dt>
</dl></dd>
<dt><span class="sect1"><a href="Bv9ARM.ch07.html#dynamic_update_security">Dynamic Update Security</a></span></dt>
</dl></dd>
<dt><span class="chapter"><a href="Bv9ARM.ch08.html">8. Troubleshooting</a></span></dt>
<dd><dl>
<dt><span class="sect1"><a href="Bv9ARM.ch08.html#id2600938">Common Problems</a></span></dt>
<dd><dl><dt><span class="sect2"><a href="Bv9ARM.ch08.html#id2600944">It's not working; how can I figure out what's wrong?</a></span></dt></dl></dd>
<dt><span class="sect1"><a href="Bv9ARM.ch08.html#id2600955">Incrementing and Changing the Serial Number</a></span></dt>
<dt><span class="sect1"><a href="Bv9ARM.ch08.html#id2601041">Where Can I Get Help?</a></span></dt>
<dt><span class="sect1"><a href="Bv9ARM.ch08.html#id2601120">Common Problems</a></span></dt>
<dd><dl><dt><span class="sect2"><a href="Bv9ARM.ch08.html#id2601125">It's not working; how can I figure out what's wrong?</a></span></dt></dl></dd>
<dt><span class="sect1"><a href="Bv9ARM.ch08.html#id2601137">Incrementing and Changing the Serial Number</a></span></dt>
<dt><span class="sect1"><a href="Bv9ARM.ch08.html#id2601154">Where Can I Get Help?</a></span></dt>
</dl></dd>
<dt><span class="appendix"><a href="Bv9ARM.ch09.html">A. Appendices</a></span></dt>
<dd><dl>
<dt><span class="sect1"><a href="Bv9ARM.ch09.html#id2601102">Acknowledgments</a></span></dt>
<dt><span class="sect1"><a href="Bv9ARM.ch09.html#id2601216">Acknowledgments</a></span></dt>
<dd><dl><dt><span class="sect2"><a href="Bv9ARM.ch09.html#historical_dns_information">A Brief History of the <acronym class="acronym">DNS</acronym> and <acronym class="acronym">BIND</acronym></a></span></dt></dl></dd>
<dt><span class="sect1"><a href="Bv9ARM.ch09.html#id2601274">General <acronym class="acronym">DNS</acronym> Reference Information</a></span></dt>
<dt><span class="sect1"><a href="Bv9ARM.ch09.html#id2601524">General <acronym class="acronym">DNS</acronym> Reference Information</a></span></dt>
<dd><dl><dt><span class="sect2"><a href="Bv9ARM.ch09.html#ipv6addresses">IPv6 addresses (AAAA)</a></span></dt></dl></dd>
<dt><span class="sect1"><a href="Bv9ARM.ch09.html#bibliography">Bibliography (and Suggested Reading)</a></span></dt>
<dd><dl>
<dt><span class="sect2"><a href="Bv9ARM.ch09.html#rfcs">Request for Comments (RFCs)</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch09.html#internet_drafts">Internet Drafts</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2604622">Other Documents About <acronym class="acronym">BIND</acronym></a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2604804">Other Documents About <acronym class="acronym">BIND</acronym></a></span></dt>
</dl></dd>
</dl></dd>
<dt><span class="reference"><a href="Bv9ARM.ch10.html">I. Manual pages</a></span></dt>
......
This diff is collapsed.
......@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: man.ddns-confgen.html,v 1.28 2009/10/15 01:15:16 tbox Exp $ -->
<!-- $Id: man.ddns-confgen.html,v 1.29 2009/10/16 04:20:32 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
......@@ -48,7 +48,7 @@
<div class="cmdsynopsis"><p><code class="command">ddns-confgen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [ -s <em class="replaceable"><code>name</code></em> | -z <em class="replaceable"><code>zone</code></em> ] [<code class="option">-q</code>] [name]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2637747"></a><h2>DESCRIPTION</h2>
<a name="id2636823"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">ddns-confgen</strong></span>
generates a key for use by <span><strong class="command">nsupdate</strong></span>
and <span><strong class=<