upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-28 04:34:54 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

convert man pages to docbook

Browse source
This commit is contained in:
Bob Halley 2001-03-27 17:54:37 +00:00
parent 3d447d2592
commit 6ea1b817e3
9 changed files with 2109 additions and 329 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
bin/named/.cvsignore
View file

@ -3,5 +3,4 @@ Makefile
*.la
*.lo
named
named.8
lwresd

11
bin/named/Makefile.in
View file

@ -13,7 +13,7 @@
# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
# $Id: Makefile.in,v 1.71 2001/03/27 00:44:30 bwelling Exp $
# $Id: Makefile.in,v 1.72 2001/03/27 17:54:33 halley Exp $
srcdir = @srcdir@
VPATH = @srcdir@
@ -83,6 +83,10 @@ SRCS = aclconf.c client.c config.c control.c controlconf.c interfacemgr.c \
MANPAGES = named.8 lwresd.8
HTMLPAGES = named.html lwresd.html
MANOBJS = ${MANPAGES} ${HTMLPAGES}
@BIND9_MAKE_RULES@
main.@O@: main.c
@ -102,6 +106,11 @@ lwresd: named
rm -f lwresd
@LN@ named lwresd
man:: ${MANOBJS}
manclean::
rm -f ${MANOBJS}
clean distclean::
rm -f ${TARGETS}

276
bin/named/lwresd.8
View file

@ -12,157 +12,125 @@
.\" FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\" $Id: lwresd.8,v 1.10 2001/01/09 21:47:12 bwelling Exp $
.Dd Jun 30, 2000
.Dt LWRESD 8
.Os BIND9 9
.ds vT BIND 9 Programmer's Manual
.Sh NAME
.Nm lwresd
.Nd lightweight resolver daemon
.Sh SYNOPSIS
.Nm lwresd
.Op Fl C Ar config-file
.Op Fl d Ar debuglevel
.Op Fl f g s
.Op Fl i Ar pid-file
.Op Fl n Ar #cpus
.Op Fl P Ar listen-port#
.Op Fl p Ar port#
.Op Fl t Ar directory
.Op Fl u Ar user-id
.Op Fl v
.Sh DESCRIPTION
.Nm lwresd
is the daemon providing name lookup services to clients that use
the BIND 9 lightweight resolver library.
It is essentially a stripped-down, caching-only name server that
answers queries using the BIND 9 lightweight resolver protocol
rather than the DNS protocol.
.Pp
.Nm lwresd
listens for resolver queries on a UDP port on the IPv4 loopback
interface, 127.0.0.1.
This means that
.Nm lwresd
can only be used by processes running on the local machine.
By default UDP port number 921 is used for lightweight resolver
requests and responses.
.Pp
Incoming lightweight resolver requests are decoded by
.Nm lwresd
which then resolves them using the DNS protocol.
When the DNS lookup completes,
.Nm lwresd
encodes the answers from the name servers in the lightweight
resolver format and returns them to the client that made the original
request.
.Pp
If
.Pa /etc/resolv.conf
contains any
.Sy nameserver
entries,
.Nm lwresd
sends recursive DNS queries to those servers. This
is similar to the use of forwarders in a chaching name
server. If no
.Sy nameserver
entries are present, or if forwarding fails,
.Nm lwresd
resolves the queries autonomously starting at the
root name servers, using a compiled-in list of root
servers hints.
.Pp
The options to
.Nm lwresd
are as follows:
.Bl -tag -width Ds
.It Fl C
use
.Ar config-file
as the configuration file instead of the default,
.Pa /etc/resolv.conf .
.It Fl d
set the daemon's debug level to
.Ar debuglevel .
Debugging traces from
.Nm lwresd
become more verbose as the debug level increases.
.It Fl f
run
.Nm lwresd
in the foreground.
.It Fl g
run
.Nm lwresd
in the foreground and force all logging to
.Dv stderr .
.It Fl i
write the daemon's process id to
.Ar pid-file
instead of the default pathname.
.It Fl n
create
.Ar #cpus
worker threads to take advantage of multiple CPUs.
If no option is given,
.Nm lwresd
will try to determine the number of CPUs present and create
one thread per CPU. If
.Nm lwresd
is unable to determine the number of CPUs, a single worker thread
is created.
.It Fl P
listen for lightweight resolver queries on the loopback interface
using UDP port
.Ar port#
instead of the default port number, 921.
.It Fl p
send DNS lookups to port number
.Ar listen-port#
when querying name servers.
This provides a way of testing the lightweight resolver daemon with a
name server that listens for queries on a non-standard port number.
.It Fl s
write memory usage statistics to
.Dv stdout
on exit.
This option is only of interest to BIND 9 developers and may be
removed or changed in a future release.
.It Fl t
tells
.Nm lwresd
to chroot() to
.Ar directory
immediately after reading its configuration file.
.It Fl u
run
.Nm lwresd
as
.Ar user-id ,
which is a user name or numeric id that must be present in the
password file.
The lightweight resolver daemon will change its user-id after it has
carried out any privileged operations, such as writing the process-id
file or binding a socket to a privileged port (typically any port
less than 1024).
.It Fl v
report the version number and exit.
.El
.Sh FILES
.Bl -tag -width /var/run/lwresd.pid -compact
.It Pa /etc/resolv.conf
default configuration file
.It Pa /var/run/lwresd.pid
default process-id file
.El
.Sh SEE ALSO
.Xr named 8 ,
.Xr lwres 3 .
.Sh NOTES
.Nm lwresd
is a daemon for lightweight resolvers, not a lightweight daemon
for resolvers.
.TH "LWRESD" "8" "June 30, 2000" "BIND9" ""
.SH NAME
lwresd \- lightweight resolver daemon
.SH SYNOPSIS
.sp
\fBlwresd\fR [ \fB-C \fIconfig-file\fB\fR ] [ \fB-d \fIdebug-level\fB\fR ] [ \fB-f\fR ] [ \fB-g\fR ] [ \fB-i \fIpid-file\fB\fR ] [ \fB-n \fI#cpus\fB\fR ] [ \fB-P \fIport\fB\fR ] [ \fB-p \fIport\fB\fR ] [ \fB-s\fR ] [ \fB-t \fIdirectory\fB\fR ] [ \fB-u \fIuser\fB\fR ] [ \fB-v\fR ]
.SH "DESCRIPTION"
.PP
\fBlwresd\fR is the daemon providing name lookup
services to clients that use the BIND 9 lightweight resolver
library. It is essentially a stripped-down, caching-only name
server that answers queries using the BIND 9 lightweight
resolver protocol rather than the DNS protocol.
.PP
\fBlwresd\fR listens for resolver queries on a
UDP port on the IPv4 loopback interface, 127.0.0.1. This
means that \fBlwresd\fR can only be used by
processes running on the local machine. By default UDP port
number 921 is used for lightweight resolver requests and
responses.
.PP
Incoming lightweight resolver requests are decoded by the
server which then resolves them using the DNS protocol. When
the DNS lookup completes, \fBlwresd\fR encodes
the answers in the lightweight resolver format and returns
them to the client that made the request.
.PP
If \fI/etc/resolv.conf\fR contains any
\fBnameserver\fR entries, \fBlwresd\fR
sends recursive DNS queries to those servers. This is similar
to the use of forwarders in a caching name server. If no
\fBnameserver\fR entries are present, or if
forwarding fails, \fBlwresd\fR resolves the
queries autonomously starting at the root name servers, using
a built-in list of root server hints.
.SH "OPTIONS"
.TP
\fB-C \fIconfig-file\fB\fR
Use \fIconfig-file\fR as the
configuration file instead of the default,
\fI/etc/resolv.conf\fR.
.TP
\fB-d \fIdebug-level\fB\fR
Set the daemon's debug level to \fIdebug-level\fR.
Debugging traces from \fBlwresd\fR become
more verbose as the debug level increases.
.TP
\fB-f\fR
Run the server in the foreground (i.e. do not daemonize).
.TP
\fB-g\fR
Run the server in the foreground and force all logging
to \fIstderr\fR.
.TP
\fB-n \fI#cpus\fB\fR
Create \fI#cpus\fR worker threads
to take advantage of multiple CPUs. If not specified,
\fBlwresd\fR will try to determine the
number of CPUs present and create one thread per CPU.
If it is unable to determine the number of CPUs, a
single worker thread will be created.
.TP
\fB-P \fIport\fB\fR
Listen for lightweight resolver queries on port
\fIport\fR. If
not specified, the default is port 921.
.TP
\fB-p \fIport\fB\fR
Send DNS lookups to port \fIport\fR. If not
specified, the default is port 53. This provides a
way of testing the lightweight resolver daemon with a
name server that listens for queries on a non-standard
port number.
.TP
\fB-s\fR
Write memory usage statistics to \fIstdout\fR on exit.
.sp
.RS
.B "Note:"
This option is mainly of interest to BIND 9 developers
and may be removed or changed in a future release.
.RE
.sp
.TP
\fB-t \fIdirectory\fB\fR
\fBchroot()\fR to \fIdirectory\fR after
processing the command line arguments, but before
reading the configuration file.
.sp
.RS
.B "Warning:"
This option should be used in conjunction with the
\fB-u\fR option, as chrooting a process
running as root doesn't enhance security on most
systems; the way \fBchroot()\fR is
defined allows a process with root privileges to
escape a chroot jail.
.RE
.sp
.TP
\fB-u \fIuser\fB\fR
\fBsetuid()\fR to \fIuser\fR after completing
privileged operations, such as creating sockets that
listen on privileged ports.
.TP
\fB-v\fR
Report the version number and exit.
.SH "FILES"
.TP
\fB\fI/etc/resolv.conf\fB\fR
The default configuration file.
.TP
\fB\fI/var/run/lwresd.pid\fB\fR
The default process-id file.
.SH "SEE ALSO"
.PP
\fBnamed\fR(8),
\fBlwres\fR(3),
\fBresolver\fR(5).
.SH "AUTHOR"
.PP
Internet Software Consortium

299
bin/named/lwresd.docbook Normal file
View file

@ -0,0 +1,299 @@
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN">
<!--
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
- THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
- $Id: lwresd.docbook,v 1.1 2001/03/27 17:54:35 halley Exp $
-->
<refentry>
<refentryinfo>
<date>June 30, 2000</date>
</refentryinfo>
<refmeta>
<refentrytitle><application>lwresd</application></refentrytitle>
<manvolnum>8</manvolnum>
<refmiscinfo>BIND9</refmiscinfo>
</refmeta>
<refnamediv>
<refname><application>lwresd</application></refname>
<refpurpose>lightweight resolver daemon</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>lwresd</command>
<arg><option>-C <replaceable class="parameter">config-file</replaceable></option></arg>
<arg><option>-d <replaceable class="parameter">debug-level</replaceable></option></arg>
<arg><option>-f</option></arg>
<arg><option>-g</option></arg>
<arg><option>-i <replaceable class="parameter">pid-file</replaceable></option></arg>
<arg><option>-n <replaceable class="parameter">#cpus</replaceable></option></arg>
<arg><option>-P <replaceable class="parameter">port</replaceable></option></arg>
<arg><option>-p <replaceable class="parameter">port</replaceable></option></arg>
<arg><option>-s</option></arg>
<arg><option>-t <replaceable class="parameter">directory</replaceable></option></arg>
<arg><option>-u <replaceable class="parameter">user</replaceable></option></arg>
<arg><option>-v</option></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1>
<title>DESCRIPTION</title>
<para>
<command>lwresd</command> is the daemon providing name lookup
services to clients that use the BIND 9 lightweight resolver
library. It is essentially a stripped-down, caching-only name
server that answers queries using the BIND 9 lightweight
resolver protocol rather than the DNS protocol.
</para>
<para>
<command>lwresd</command> listens for resolver queries on a
UDP port on the IPv4 loopback interface, 127.0.0.1. This
means that <command>lwresd</command> can only be used by
processes running on the local machine. By default UDP port
number 921 is used for lightweight resolver requests and
responses.
</para>
<para>
Incoming lightweight resolver requests are decoded by the
server which then resolves them using the DNS protocol. When
the DNS lookup completes, <command>lwresd</command> encodes
the answers in the lightweight resolver format and returns
them to the client that made the request.
</para>
<para>
If <filename>/etc/resolv.conf</filename> contains any
<option>nameserver</option> entries, <command>lwresd</command>
sends recursive DNS queries to those servers. This is similar
to the use of forwarders in a caching name server. If no
<option>nameserver</option> entries are present, or if
forwarding fails, <command>lwresd</command> resolves the
queries autonomously starting at the root name servers, using
a built-in list of root server hints.
</para>
</refsect1>
<refsect1>
<title>OPTIONS</title>
<variablelist>
<varlistentry>
<term>-C <replaceable class="parameter">config-file</replaceable></term>
<listitem>
<para>
Use <replaceable
class="parameter">config-file</replaceable> as the
configuration file instead of the default,
<filename>/etc/resolv.conf</filename>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-d <replaceable class="parameter">debug-level</replaceable></term>
<listitem>
<para>
Set the daemon's debug level to <replaceable
class="parameter">debug-level</replaceable>.
Debugging traces from <command>lwresd</command> become
more verbose as the debug level increases.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-f</term>
<listitem>
<para>
Run the server in the foreground (i.e. do not daemonize).
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-g</term>
<listitem>
<para>
Run the server in the foreground and force all logging
to <filename>stderr</filename>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-n <replaceable class="parameter">#cpus</replaceable></term>
<listitem>
<para>
Create <replaceable
class="parameter">#cpus</replaceable> worker threads
to take advantage of multiple CPUs. If not specified,
<command>lwresd</command> will try to determine the
number of CPUs present and create one thread per CPU.
If it is unable to determine the number of CPUs, a
single worker thread will be created.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-P <replaceable class="parameter">port</replaceable></term>
<listitem>
<para>
Listen for lightweight resolver queries on port
<replaceable class="parameter">port</replaceable>. If
not specified, the default is port 921.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-p <replaceable class="parameter">port</replaceable></term>
<listitem>
<para>
Send DNS lookups to port <replaceable
class="parameter">port</replaceable>. If not
specified, the default is port 53. This provides a
way of testing the lightweight resolver daemon with a
name server that listens for queries on a non-standard
port number.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-s</term>
<listitem>
<para>
Write memory usage statistics to <filename>stdout</filename> on exit.
</para>
<note>
<para>
This option is mainly of interest to BIND 9 developers
and may be removed or changed in a future release.
</para>
</note>
</listitem>
</varlistentry>
<varlistentry>
<term>-t <replaceable class="parameter">directory</replaceable></term>
<listitem>
<para>
<function>chroot()</function> to <replaceable
class="parameter">directory</replaceable> after
processing the command line arguments, but before
reading the configuration file.
</para>
<warning>
<para>
This option should be used in conjunction with the
<option>-u</option> option, as chrooting a process
running as root doesn't enhance security on most
systems; the way <function>chroot()</function> is
defined allows a process with root privileges to
escape a chroot jail.
</para>
</warning>
</listitem>
</varlistentry>
<varlistentry>
<term>-u <replaceable class="parameter">user</replaceable></term>
<listitem>
<para>
<function>setuid()</function> to <replaceable
class="parameter">user</replaceable> after completing
privileged operations, such as creating sockets that
listen on privileged ports.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-v</term>
<listitem>
<para>
Report the version number and exit.
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/resolv.conf</filename></term>
<listitem>
<para>
The default configuration file.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><filename>/var/run/lwresd.pid</filename></term>
<listitem>
<para>
The default process-id file.
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>named</refentrytitle>
<manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>lwres</refentrytitle>
<manvolnum>3</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>resolver</refentrytitle>
<manvolnum>5</manvolnum>
</citerefentry>.
</para>
</refsect1>
<refsect1>
<title>AUTHOR</title>
<para>
<corpauthor>Internet Software Consortium</corpauthor>
</para>
</refsect1>
</refentry>
<!--
- Local variables:
- mode: sgml
- End:
-->

537
bin/named/lwresd.html Normal file
View file

@ -0,0 +1,537 @@
<!--
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
- THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-->
<HTML
><HEAD
><TITLE
>lwresd</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.63
"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
><SPAN
CLASS="APPLICATION"
>lwresd</SPAN
></A
></H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN9"
></A
><H2
>Name</H2
><SPAN
CLASS="APPLICATION"
>lwresd</SPAN
>&nbsp;--&nbsp;lightweight resolver daemon</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN13"
></A
><H2
>Synopsis</H2
><P
><B
CLASS="COMMAND"
>lwresd</B
> [<TT
CLASS="OPTION"
>-C <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-d <TT
CLASS="REPLACEABLE"
><I
>debug-level</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-f</TT
>] [<TT
CLASS="OPTION"
>-g</TT
>] [<TT
CLASS="OPTION"
>-i <TT
CLASS="REPLACEABLE"
><I
>pid-file</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-n <TT
CLASS="REPLACEABLE"
><I
>#cpus</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-P <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-p <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-s</TT
>] [<TT
CLASS="OPTION"
>-t <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-u <TT
CLASS="REPLACEABLE"
><I
>user</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-v</TT
>]</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN48"
></A
><H2
>DESCRIPTION</H2
><P
> <B
CLASS="COMMAND"
>lwresd</B
> is the daemon providing name lookup
services to clients that use the BIND 9 lightweight resolver
library. It is essentially a stripped-down, caching-only name
server that answers queries using the BIND 9 lightweight
resolver protocol rather than the DNS protocol.
</P
><P
> <B
CLASS="COMMAND"
>lwresd</B
> listens for resolver queries on a
UDP port on the IPv4 loopback interface, 127.0.0.1. This
means that <B
CLASS="COMMAND"
>lwresd</B
> can only be used by
processes running on the local machine. By default UDP port
number 921 is used for lightweight resolver requests and
responses.
</P
><P
> Incoming lightweight resolver requests are decoded by the
server which then resolves them using the DNS protocol. When
the DNS lookup completes, <B
CLASS="COMMAND"
>lwresd</B
> encodes
the answers in the lightweight resolver format and returns
them to the client that made the request.
</P
><P
> If <TT
CLASS="FILENAME"
>/etc/resolv.conf</TT
> contains any
<TT
CLASS="OPTION"
>nameserver</TT
> entries, <B
CLASS="COMMAND"
>lwresd</B
>
sends recursive DNS queries to those servers. This is similar
to the use of forwarders in a caching name server. If no
<TT
CLASS="OPTION"
>nameserver</TT
> entries are present, or if
forwarding fails, <B
CLASS="COMMAND"
>lwresd</B
> resolves the
queries autonomously starting at the root name servers, using
a built-in list of root server hints.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN63"
></A
><H2
>OPTIONS</H2
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
>-C <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
></DT
><DD
><P
> Use <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
> as the
configuration file instead of the default,
<TT
CLASS="FILENAME"
>/etc/resolv.conf</TT
>.
</P
></DD
><DT
>-d <TT
CLASS="REPLACEABLE"
><I
>debug-level</I
></TT
></DT
><DD
><P
> Set the daemon's debug level to <TT
CLASS="REPLACEABLE"
><I
>debug-level</I
></TT
>.
Debugging traces from <B
CLASS="COMMAND"
>lwresd</B
> become
more verbose as the debug level increases.
</P
></DD
><DT
>-f</DT
><DD
><P
> Run the server in the foreground (i.e. do not daemonize).
</P
></DD
><DT
>-g</DT
><DD
><P
> Run the server in the foreground and force all logging
to <TT
CLASS="FILENAME"
>stderr</TT
>.
</P
></DD
><DT
>-n <TT
CLASS="REPLACEABLE"
><I
>#cpus</I
></TT
></DT
><DD
><P
> Create <TT
CLASS="REPLACEABLE"
><I
>#cpus</I
></TT
> worker threads
to take advantage of multiple CPUs. If not specified,
<B
CLASS="COMMAND"
>lwresd</B
> will try to determine the
number of CPUs present and create one thread per CPU.
If it is unable to determine the number of CPUs, a
single worker thread will be created.
</P
></DD
><DT
>-P <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
></DT
><DD
><P
> Listen for lightweight resolver queries on port
<TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
>. If
not specified, the default is port 921.
</P
></DD
><DT
>-p <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
></DT
><DD
><P
> Send DNS lookups to port <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
>. If not
specified, the default is port 53. This provides a
way of testing the lightweight resolver daemon with a
name server that listens for queries on a non-standard
port number.
</P
></DD
><DT
>-s</DT
><DD
><P
> Write memory usage statistics to <TT
CLASS="FILENAME"
>stdout</TT
> on exit.
</P
><DIV
CLASS="NOTE"
><BLOCKQUOTE
CLASS="NOTE"
><P
><B
>Note: </B
> This option is mainly of interest to BIND 9 developers
and may be removed or changed in a future release.
</P
></BLOCKQUOTE
></DIV
></DD
><DT
>-t <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
></DT
><DD
><P
> <TT
CLASS="FUNCTION"
>chroot()</TT
> to <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
> after
processing the command line arguments, but before
reading the configuration file.
</P
><DIV
CLASS="WARNING"
><P
></P
><TABLE
CLASS="WARNING"
BORDER="1"
WIDTH="90%"
><TR
><TD
ALIGN="CENTER"
><B
>Warning</B
></TD
></TR
><TR
><TD
ALIGN="LEFT"
><P
> This option should be used in conjunction with the
<TT
CLASS="OPTION"
>-u</TT
> option, as chrooting a process
running as root doesn't enhance security on most
systems; the way <TT
CLASS="FUNCTION"
>chroot()</TT
> is
defined allows a process with root privileges to
escape a chroot jail.
</P
></TD
></TR
></TABLE
></DIV
></DD
><DT
>-u <TT
CLASS="REPLACEABLE"
><I
>user</I
></TT
></DT
><DD
><P
> <TT
CLASS="FUNCTION"
>setuid()</TT
> to <TT
CLASS="REPLACEABLE"
><I
>user</I
></TT
> after completing
privileged operations, such as creating sockets that
listen on privileged ports.
</P
></DD
><DT
>-v</DT
><DD
><P
> Report the version number and exit.
</P
></DD
></DL
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN137"
></A
><H2
>FILES</H2
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
><TT
CLASS="FILENAME"
>/etc/resolv.conf</TT
></DT
><DD
><P
> The default configuration file.
</P
></DD
><DT
><TT
CLASS="FILENAME"
>/var/run/lwresd.pid</TT
></DT
><DD
><P
> The default process-id file.
</P
></DD
></DL
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN150"
></A
><H2
>SEE ALSO</H2
><P
> <SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>named</SPAN
>(8)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres</SPAN
>(3)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>resolver</SPAN
>(5)</SPAN
>.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN162"
></A
><H2
>AUTHOR</H2
><P
> Internet Software Consortium
</P
></DIV
></BODY
></HTML
>

164
bin/named/named.8 Normal file
View file

@ -0,0 +1,164 @@
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
.\" DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
.\" INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
.\" FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.TH "NAMED" "8" "June 30, 2000" "BIND9" ""
.SH NAME
named \- Internet domain name server
.SH SYNOPSIS
.sp
\fBnamed\fR [ \fB-c \fIconfig-file\fB\fR ] [ \fB-d \fIdebug-level\fB\fR ] [ \fB-f\fR ] [ \fB-g\fR ] [ \fB-n \fI#cpus\fB\fR ] [ \fB-p \fIport\fB\fR ] [ \fB-s\fR ] [ \fB-t \fIdirectory\fB\fR ] [ \fB-u \fIuser\fB\fR ] [ \fB-v\fR ] [ \fB-x \fIcache-file\fB\fR ]
.SH "DESCRIPTION"
.PP
\fBnamed\fR is a Domain Name System (DNS) server,
part of the BIND 9 distribution from ISC. For more
information on the DNS, see RFCs 1033, 1034, and 1035.
.PP
When invoked without arguments, \fBnamed\fR will
read the default configuration file
\fI/etc/named.conf\fR, read any initial
data, and listen for queries.
.SH "OPTIONS"
.TP
\fB-c \fIconfig-file\fB\fR
Use \fIconfig-file\fR as the
configuration file instead of the default,
\fI/etc/named.conf\fR. To
ensure that reloading the configuration file continues
to work after the server has changed its working
directory due to to a possible
\fBdirectory\fR option in the configuration
file, \fIconfig-file\fR should be
an absolute pathname.
.TP
\fB-d \fIdebug-level\fB\fR
Set the daemon's debug level to \fIdebug-level\fR.
Debugging traces from \fBnamed\fR become
more verbose as the debug level increases.
.TP
\fB-f\fR
Run the server in the foreground (i.e. do not daemonize).
.TP
\fB-g\fR
Run the server in the foreground and force all logging
to \fIstderr\fR.
.TP
\fB-n \fI#cpus\fB\fR
Create \fI#cpus\fR worker threads
to take advantage of multiple CPUs. If not specified,
\fBnamed\fR will try to determine the
number of CPUs present and create one thread per CPU.
If it is unable to determine the number of CPUs, a
single worker thread will be created.
.TP
\fB-p \fIport\fB\fR
Listen for queries on port \fIport\fR. If not
specified, the default is port 53.
.TP
\fB-s\fR
Write memory usage statistics to \fIstdout\fR on exit.
.sp
.RS
.B "Note:"
This option is mainly of interest to BIND 9 developers
and may be removed or changed in a future release.
.RE
.sp
.TP
\fB-t \fIdirectory\fB\fR
\fBchroot()\fR to \fIdirectory\fR after
processing the command line arguments, but before
reading the configuration file.
.sp
.RS
.B "Warning:"
This option should be used in conjunction with the
\fB-u\fR option, as chrooting a process
running as root doesn't enhance security on most
systems; the way \fBchroot()\fR is
defined allows a process with root privileges to
escape a chroot jail.
.RE
.sp
.TP
\fB-u \fIuser\fB\fR
\fBsetuid()\fR to \fIuser\fR after completing
privileged operations, such as creating sockets that
listen on privileged ports.
.sp
.RS
.B "Note:"
On Linux, \fBnamed\fR uses the kernel's
capability mechanism to drop all root privileges
except the ability to \fBbind()\fR to a
privileged port and set process resource limits.
Unfortunately, this means that the \fB-u\fR
option only works when \fBnamed\fR is run
on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or
later, since previous kernels did not allow privileges
to be retained after \fBsetuid()\fR.
.RE
.sp
.TP
\fB-v\fR
Report the version number and exit.
.TP
\fB-x \fIcache-file\fB\fR
Load data from \fIcache-file\fR into the
cache of the default view.
.sp
.RS
.B "Warning:"
This option must not be used. It is only of interest
to BIND 9 developers and may be removed or changed in a
future release.
.RE
.sp
.SH "SIGNALS"
.PP
In routine operation, signals should not be used to control
the nameserver; \fBrndc\fR should be used
instead.
.TP
\fBSIGHUP\fR
Force a reload of the server.
.TP
\fBSIGINT, SIGTERM\fR
Shut down the server.
.PP
The result of sending any other signals to the server is undefined.
.PP
.SH "CONFIGURATION"
.PP
The \fBnamed\fR configuration file is too complex
to describe in detail here. A complete description is
provided in the \fIBIND 9 Administrator Reference
Manual\fR.
.SH "FILES"
.TP
\fB\fI/etc/named.conf\fB\fR
The default configuration file.
.TP
\fB\fI/var/run/named.pid\fB\fR
The default process-id file.
.SH "SEE ALSO"
.PP
\fIRFC 1033\fR,
\fIRFC 1034\fR,
\fIRFC 1035\fR,
\fBrndc\fR(8),
\fBlwresd\fR(8),
\fIBIND 9 Administrator Reference Manual\fR.
.SH "AUTHOR"
.PP
Internet Software Consortium

173
bin/named/named.8.in
View file

@ -1,173 +0,0 @@
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
.\" DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
.\" INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
.\" FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\" $Id: named.8.in,v 1.1 2001/02/12 04:50:47 marka Exp $
.Dd Jun 30, 2000
.Dt NAMED 8
.Os BIND9 9
.ds vT BIND9 Programmer's Manual
.Sh NAME
.Nm named
.Nd Internet domain name server
.Sh SYNOPSIS
.Nm named
.Op Fl c Ar config-file
.Op Fl d Ar debuglevel
.Op Fl f g s
.Op Fl n Ar #cpus
.Op Fl p Ar port#
.Op Fl t Ar directory
.Op Fl u Ar user-id
.Op Fl v
.Op Fl x Ar cache-file
.Sh DESCRIPTION
.Nm named
is a Domain Name System (DNS) server, part of the BIND 9 distribution
from ISC. For more information on the DNS, see RFCs 1033, 1034, and 1035.
.Pp
When invoked without arguments,
.Nm named
will read the default configuration file
.Pa @sysconfdir@/named.conf ,
read any initial data, and listen for queries.
.Pp
The options to
.Nm named
are as follows:
.Bl -tag -width Ds
.It Fl c
use
.Ar config-file
as the configuration file instead of the default,
.Pa @sysconfdir@/named.conf .
To ensure that reloading the configuration file continues to
work after the server has changed its working directory
due to to a possible
.Dv directory
option in the configuration file,
.Ar config-file
should be an absolute pathname.
.It Fl d
set the daemon's debug level to
.Ar debuglevel .
Debugging traces from
.Nm named
become more verbose as the debug level increases.
.It Fl f
run
.Nm named
in the foreground.
.It Fl g
run
.Nm named
in the foreground and force all logging to
.Dv stderr .
.It Fl n
create
.Ar #cpus
worker threads to take advantage of multiple CPUs.
If no option is given,
.Nm named
will try to determine the number of CPUs present and create
one thread per CPU. If
.Nm named
is unable to determine the number of CPUs, a single worker thread
is created.
.It Fl p
listen for queries on port
.Ar port#
instead of the default port number, 53.
.It Fl s
write memory usage statistics to
.Dv stdout
on exit.
This option is mainly of interest
to BIND9 developers and may be removed or changed in a future release.
.It Fl t
tells
.Nm named
to chroot() to
.Ar directory
as soon as it is finshed processing command line arguments,
before reading its configuration file.
This should be used in conjunction with the
.Fl u
option, as chrooting a process running as root doesn't
enhance security on most systems - the way chroot() is defined
allows a process with root privileges to escape the chroot jail.
.It Fl u
run
.Nm named
as UID
.Ar user-id .
.Nm named
will change its UID after it has
carried out any privileged operations, such as
creating sockets that listen on privileged ports.
.Pp
On Linux,
.Nm named
uses the kernel's capability mechanism to drop
all root privileges except the ability to bind() to a privileged
port. Unfortunately, this means that the "-u" option only works
when
.Nm named
is run on 2.3.99-pre3 or later kernel, since previous
kernels did not allow privileges to be retained after setuid().
.It Fl v
report the version number and exit.
.It Fl x
load data from
.Ar cache-file .
into the cache of the default view.
This option must not be used.
It is only of interest
to BIND9 developers and may be removed or changed in a future release.
.El
.Sh SIGNALS
In routine operation, signals should not be used to \*qcontrol\*q the
name server.
.Nm rndc
should be used instead.
Sending the name server a
.Dv SIGHUP
signal forces a reload of the server.
A
.Dv SIGINT
or
.Dv SIGTERM
signal can be used to gracefully shut down the server.
Sending any other signals to the name server
will have an undefined outcome.
.\".Sh CONFIGURATION FILE FORMAT
.\".Nm named 's
.\"configuration file is too complex to describe in detail here.
.\"A complete description is provided in the BIND9 Administrator
.\"Reference Manual.
.Sh FILES
.Bl -tag -width /var/run/named.pid -compact
.It Pa @sysconfdir@/named.conf
default configuration file
.It Pa /var/run/named.pid
default process-id file
.El
.Sh SEE ALSO
.Xr RFC1033 ,
.Xr RFC1034 ,
.Xr RFC1035 ,
.Xr rndc 8 ,
.Xr lwresd 8 ,
BIND9 Administrator Reference Manual, June 2000.

347
bin/named/named.docbook Normal file
View file

@ -0,0 +1,347 @@
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN">
<!--
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
- THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
- $Id: named.docbook,v 1.1 2001/03/27 17:54:37 halley Exp $
-->
<refentry>
<refentryinfo>
<date>June 30, 2000</date>
</refentryinfo>
<refmeta>
<refentrytitle><application>named</application></refentrytitle>
<manvolnum>8</manvolnum>
<refmiscinfo>BIND9</refmiscinfo>
</refmeta>
<refnamediv>
<refname><application>named</application></refname>
<refpurpose>Internet domain name server</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>named</command>
<arg><option>-c <replaceable class="parameter">config-file</replaceable></option></arg>
<arg><option>-d <replaceable class="parameter">debug-level</replaceable></option></arg>
<arg><option>-f</option></arg>
<arg><option>-g</option></arg>
<arg><option>-n <replaceable class="parameter">#cpus</replaceable></option></arg>
<arg><option>-p <replaceable class="parameter">port</replaceable></option></arg>
<arg><option>-s</option></arg>
<arg><option>-t <replaceable class="parameter">directory</replaceable></option></arg>
<arg><option>-u <replaceable class="parameter">user</replaceable></option></arg>
<arg><option>-v</option></arg>
<arg><option>-x <replaceable class="parameter">cache-file</replaceable></option></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1>
<title>DESCRIPTION</title>
<para>
<command>named</command> is a Domain Name System (DNS) server,
part of the BIND 9 distribution from ISC. For more
information on the DNS, see RFCs 1033, 1034, and 1035.
</para>
<para>
When invoked without arguments, <command>named</command> will
read the default configuration file
<filename>/etc/named.conf</filename>, read any initial
data, and listen for queries.
</para>
</refsect1>
<refsect1>
<title>OPTIONS</title>
<variablelist>
<varlistentry>
<term>-c <replaceable class="parameter">config-file</replaceable></term>
<listitem>
<para>
Use <replaceable
class="parameter">config-file</replaceable> as the
configuration file instead of the default,
<filename>/etc/named.conf</filename>. To
ensure that reloading the configuration file continues
to work after the server has changed its working
directory due to to a possible
<option>directory</option> option in the configuration
file, <replaceable
class="parameter">config-file</replaceable> should be
an absolute pathname.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-d <replaceable class="parameter">debug-level</replaceable></term>
<listitem>
<para>
Set the daemon's debug level to <replaceable
class="parameter">debug-level</replaceable>.
Debugging traces from <command>named</command> become
more verbose as the debug level increases.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-f</term>
<listitem>
<para>
Run the server in the foreground (i.e. do not daemonize).
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-g</term>
<listitem>
<para>
Run the server in the foreground and force all logging
to <filename>stderr</filename>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-n <replaceable class="parameter">#cpus</replaceable></term>
<listitem>
<para>
Create <replaceable
class="parameter">#cpus</replaceable> worker threads
to take advantage of multiple CPUs. If not specified,
<command>named</command> will try to determine the
number of CPUs present and create one thread per CPU.
If it is unable to determine the number of CPUs, a
single worker thread will be created.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-p <replaceable class="parameter">port</replaceable></term>
<listitem>
<para>
Listen for queries on port <replaceable
class="parameter">port</replaceable>. If not
specified, the default is port 53.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-s</term>
<listitem>
<para>
Write memory usage statistics to <filename>stdout</filename> on exit.
</para>
<note>
<para>
This option is mainly of interest to BIND 9 developers
and may be removed or changed in a future release.
</para>
</note>
</listitem>
</varlistentry>
<varlistentry>
<term>-t <replaceable class="parameter">directory</replaceable></term>
<listitem>
<para>
<function>chroot()</function> to <replaceable
class="parameter">directory</replaceable> after
processing the command line arguments, but before
reading the configuration file.
</para>
<warning>
<para>
This option should be used in conjunction with the
<option>-u</option> option, as chrooting a process
running as root doesn't enhance security on most
systems; the way <function>chroot()</function> is
defined allows a process with root privileges to
escape a chroot jail.
</para>
</warning>
</listitem>
</varlistentry>
<varlistentry>
<term>-u <replaceable class="parameter">user</replaceable></term>
<listitem>
<para>
<function>setuid()</function> to <replaceable
class="parameter">user</replaceable> after completing
privileged operations, such as creating sockets that
listen on privileged ports.
</para>
<note>
<para>
On Linux, <command>named</command> uses the kernel's
capability mechanism to drop all root privileges
except the ability to <function>bind()</function> to a
privileged port and set process resource limits.
Unfortunately, this means that the <option>-u</option>
option only works when <command>named</command> is run
on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or
later, since previous kernels did not allow privileges
to be retained after <function>setuid()</function>.
</para>
</note>
</listitem>
</varlistentry>
<varlistentry>
<term>-v</term>
<listitem>
<para>
Report the version number and exit.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-x <replaceable class="parameter">cache-file</replaceable></term>
<listitem>
<para>
Load data from <replaceable
class="parameter">cache-file</replaceable> into the
cache of the default view.
</para>
<warning>
<para>
This option must not be used. It is only of interest
to BIND 9 developers and may be removed or changed in a
future release.
</para>
</warning>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>SIGNALS</title>
<para>
In routine operation, signals should not be used to control
the nameserver; <command>rndc</command> should be used
instead.
</para>
<variablelist>
<varlistentry>
<term>SIGHUP</term>
<listitem>
<para>
Force a reload of the server.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>SIGINT, SIGTERM</term>
<listitem>
<para>
Shut down the server.
</para>
</listitem>
</varlistentry>
</variablelist>
<para>
The result of sending any other signals to the server is undefined.
</para>
</refsect1>
<refsect1>
<title>CONFIGURATION</title>
<para>
The <command>named</command> configuration file is too complex
to describe in detail here. A complete description is
provided in the <citetitle>BIND 9 Administrator Reference
Manual</citetitle>.
</para>
</refsect1>
<refsect1>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/named.conf</filename></term>
<listitem>
<para>
The default configuration file.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><filename>/var/run/named.pid</filename></term>
<listitem>
<para>
The default process-id file.
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>SEE ALSO</title>
<para>
<citetitle>RFC 1033</citetitle>,
<citetitle>RFC 1034</citetitle>,
<citetitle>RFC 1035</citetitle>,
<citerefentry>
<refentrytitle>rndc</refentrytitle>
<manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>lwresd</refentrytitle>
<manvolnum>8</manvolnum>
</citerefentry>,
<citetitle>BIND 9 Administrator Reference Manual</citetitle>.
</para>
</refsect1>
<refsect1>
<title>AUTHOR</title>
<para>
<corpauthor>Internet Software Consortium</corpauthor>
</para>
</refsect1>
</refentry>
<!--
- Local variables:
- mode: sgml
- End:
-->

630
bin/named/named.html Normal file
View file

@ -0,0 +1,630 @@
<!--
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
- THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-->
<HTML
><HEAD
><TITLE
>named</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.63
"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
><SPAN
CLASS="APPLICATION"
>named</SPAN
></A
></H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN9"
></A
><H2
>Name</H2
><SPAN
CLASS="APPLICATION"
>named</SPAN
>&nbsp;--&nbsp;Internet domain name server</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN13"
></A
><H2
>Synopsis</H2
><P
><B
CLASS="COMMAND"
>named</B
> [<TT
CLASS="OPTION"
>-c <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-d <TT
CLASS="REPLACEABLE"
><I
>debug-level</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-f</TT
>] [<TT
CLASS="OPTION"
>-g</TT
>] [<TT
CLASS="OPTION"
>-n <TT
CLASS="REPLACEABLE"
><I
>#cpus</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-p <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-s</TT
>] [<TT
CLASS="OPTION"
>-t <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-u <TT
CLASS="REPLACEABLE"
><I
>user</I
></TT
></TT
>] [<TT
CLASS="OPTION"
>-v</TT
>] [<TT
CLASS="OPTION"
>-x <TT
CLASS="REPLACEABLE"
><I
>cache-file</I
></TT
></TT
>]</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN45"
></A
><H2
>DESCRIPTION</H2
><P
> <B
CLASS="COMMAND"
>named</B
> is a Domain Name System (DNS) server,
part of the BIND 9 distribution from ISC. For more
information on the DNS, see RFCs 1033, 1034, and 1035.
</P
><P
> When invoked without arguments, <B
CLASS="COMMAND"
>named</B
> will
read the default configuration file
<TT
CLASS="FILENAME"
>/etc/named.conf</TT
>, read any initial
data, and listen for queries.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN52"
></A
><H2
>OPTIONS</H2
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
>-c <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
></DT
><DD
><P
> Use <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
> as the
configuration file instead of the default,
<TT
CLASS="FILENAME"
>/etc/named.conf</TT
>. To
ensure that reloading the configuration file continues
to work after the server has changed its working
directory due to to a possible
<TT
CLASS="OPTION"
>directory</TT
> option in the configuration
file, <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
> should be
an absolute pathname.
</P
></DD
><DT
>-d <TT
CLASS="REPLACEABLE"
><I
>debug-level</I
></TT
></DT
><DD
><P
> Set the daemon's debug level to <TT
CLASS="REPLACEABLE"
><I
>debug-level</I
></TT
>.
Debugging traces from <B
CLASS="COMMAND"
>named</B
> become
more verbose as the debug level increases.
</P
></DD
><DT
>-f</DT
><DD
><P
> Run the server in the foreground (i.e. do not daemonize).
</P
></DD
><DT
>-g</DT
><DD
><P
> Run the server in the foreground and force all logging
to <TT
CLASS="FILENAME"
>stderr</TT
>.
</P
></DD
><DT
>-n <TT
CLASS="REPLACEABLE"
><I
>#cpus</I
></TT
></DT
><DD
><P
> Create <TT
CLASS="REPLACEABLE"
><I
>#cpus</I
></TT
> worker threads
to take advantage of multiple CPUs. If not specified,
<B
CLASS="COMMAND"
>named</B
> will try to determine the
number of CPUs present and create one thread per CPU.
If it is unable to determine the number of CPUs, a
single worker thread will be created.
</P
></DD
><DT
>-p <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
></DT
><DD
><P
> Listen for queries on port <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
>. If not
specified, the default is port 53.
</P
></DD
><DT
>-s</DT
><DD
><P
> Write memory usage statistics to <TT
CLASS="FILENAME"
>stdout</TT
> on exit.
</P
><DIV
CLASS="NOTE"
><BLOCKQUOTE
CLASS="NOTE"
><P
><B
>Note: </B
> This option is mainly of interest to BIND 9 developers
and may be removed or changed in a future release.
</P
></BLOCKQUOTE
></DIV
></DD
><DT
>-t <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
></DT
><DD
><P
> <TT
CLASS="FUNCTION"
>chroot()</TT
> to <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
> after
processing the command line arguments, but before
reading the configuration file.
</P
><DIV
CLASS="WARNING"
><P
></P
><TABLE
CLASS="WARNING"
BORDER="1"
WIDTH="90%"
><TR
><TD
ALIGN="CENTER"
><B
>Warning</B
></TD
></TR
><TR
><TD
ALIGN="LEFT"
><P
> This option should be used in conjunction with the
<TT
CLASS="OPTION"
>-u</TT
> option, as chrooting a process
running as root doesn't enhance security on most
systems; the way <TT
CLASS="FUNCTION"
>chroot()</TT
> is
defined allows a process with root privileges to
escape a chroot jail.
</P
></TD
></TR
></TABLE
></DIV
></DD
><DT
>-u <TT
CLASS="REPLACEABLE"
><I
>user</I
></TT
></DT
><DD
><P
> <TT
CLASS="FUNCTION"
>setuid()</TT
> to <TT
CLASS="REPLACEABLE"
><I
>user</I
></TT
> after completing
privileged operations, such as creating sockets that
listen on privileged ports.
</P
><DIV
CLASS="NOTE"
><BLOCKQUOTE
CLASS="NOTE"
><P
><B
>Note: </B
> On Linux, <B
CLASS="COMMAND"
>named</B
> uses the kernel's
capability mechanism to drop all root privileges
except the ability to <TT
CLASS="FUNCTION"
>bind()</TT
> to a
privileged port and set process resource limits.
Unfortunately, this means that the <TT
CLASS="OPTION"
>-u</TT
>
option only works when <B
CLASS="COMMAND"
>named</B
> is run
on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or
later, since previous kernels did not allow privileges
to be retained after <TT
CLASS="FUNCTION"
>setuid()</TT
>.
</P
></BLOCKQUOTE
></DIV
></DD
><DT
>-v</DT
><DD
><P
> Report the version number and exit.
</P
></DD
><DT
>-x <TT
CLASS="REPLACEABLE"
><I
>cache-file</I
></TT
></DT
><DD
><P
> Load data from <TT
CLASS="REPLACEABLE"
><I
>cache-file</I
></TT
> into the
cache of the default view.
</P
><DIV
CLASS="WARNING"
><P
></P
><TABLE
CLASS="WARNING"
BORDER="1"
WIDTH="90%"
><TR
><TD
ALIGN="CENTER"
><B
>Warning</B
></TD
></TR
><TR
><TD
ALIGN="LEFT"
><P
> This option must not be used. It is only of interest
to BIND 9 developers and may be removed or changed in a
future release.
</P
></TD
></TR
></TABLE
></DIV
></DD
></DL
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN137"
></A
><H2
>SIGNALS</H2
><P
> In routine operation, signals should not be used to control
the nameserver; <B
CLASS="COMMAND"
>rndc</B
> should be used
instead.
</P
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
>SIGHUP</DT
><DD
><P
> Force a reload of the server.
</P
></DD
><DT
>SIGINT, SIGTERM</DT
><DD
><P
> Shut down the server.
</P
></DD
></DL
></DIV
><P
> The result of sending any other signals to the server is undefined.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN151"
></A
><H2
>CONFIGURATION</H2
><P
> The <B
CLASS="COMMAND"
>named</B
> configuration file is too complex
to describe in detail here. A complete description is
provided in the <I
CLASS="CITETITLE"
>BIND 9 Administrator Reference
Manual</I
>.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN156"
></A
><H2
>FILES</H2
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
><TT
CLASS="FILENAME"
>/etc/named.conf</TT
></DT
><DD
><P
> The default configuration file.
</P
></DD
><DT
><TT
CLASS="FILENAME"
>/var/run/named.pid</TT
></DT
><DD
><P
> The default process-id file.
</P
></DD
></DL
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN169"
></A
><H2
>SEE ALSO</H2
><P
> <I
CLASS="CITETITLE"
>RFC 1033</I
>,
<I
CLASS="CITETITLE"
>RFC 1034</I
>,
<I
CLASS="CITETITLE"
>RFC 1035</I
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>rndc</SPAN
>(8)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwresd</SPAN
>(8)</SPAN
>,
<I
CLASS="CITETITLE"
>BIND 9 Administrator Reference Manual</I
>.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN182"
></A
><H2
>AUTHOR</H2
><P
> Internet Software Consortium
</P
></DIV
></BODY
></HTML
>