diff --git a/bin/named/.cvsignore b/bin/named/.cvsignore
index e26e091b56..6b7b0aa1f9 100644
--- a/bin/named/.cvsignore
+++ b/bin/named/.cvsignore
@@ -3,5 +3,4 @@ Makefile
*.la
*.lo
named
-named.8
lwresd
diff --git a/bin/named/Makefile.in b/bin/named/Makefile.in
index 2dc3046a97..ad054ca5eb 100644
--- a/bin/named/Makefile.in
+++ b/bin/named/Makefile.in
@@ -13,7 +13,7 @@
# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-# $Id: Makefile.in,v 1.71 2001/03/27 00:44:30 bwelling Exp $
+# $Id: Makefile.in,v 1.72 2001/03/27 17:54:33 halley Exp $
srcdir = @srcdir@
VPATH = @srcdir@
@@ -83,6 +83,10 @@ SRCS = aclconf.c client.c config.c control.c controlconf.c interfacemgr.c \
MANPAGES = named.8 lwresd.8
+HTMLPAGES = named.html lwresd.html
+
+MANOBJS = ${MANPAGES} ${HTMLPAGES}
+
@BIND9_MAKE_RULES@
main.@O@: main.c
@@ -102,6 +106,11 @@ lwresd: named
rm -f lwresd
@LN@ named lwresd
+man:: ${MANOBJS}
+
+manclean::
+ rm -f ${MANOBJS}
+
clean distclean::
rm -f ${TARGETS}
diff --git a/bin/named/lwresd.8 b/bin/named/lwresd.8
index be3855657c..8a94aee580 100644
--- a/bin/named/lwresd.8
+++ b/bin/named/lwresd.8
@@ -12,157 +12,125 @@
.\" FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
-.\" $Id: lwresd.8,v 1.10 2001/01/09 21:47:12 bwelling Exp $
-
-.Dd Jun 30, 2000
-.Dt LWRESD 8
-.Os BIND9 9
-.ds vT BIND 9 Programmer's Manual
-.Sh NAME
-.Nm lwresd
-.Nd lightweight resolver daemon
-.Sh SYNOPSIS
-.Nm lwresd
-.Op Fl C Ar config-file
-.Op Fl d Ar debuglevel
-.Op Fl f g s
-.Op Fl i Ar pid-file
-.Op Fl n Ar #cpus
-.Op Fl P Ar listen-port#
-.Op Fl p Ar port#
-.Op Fl t Ar directory
-.Op Fl u Ar user-id
-.Op Fl v
-.Sh DESCRIPTION
-.Nm lwresd
-is the daemon providing name lookup services to clients that use
-the BIND 9 lightweight resolver library.
-It is essentially a stripped-down, caching-only name server that
-answers queries using the BIND 9 lightweight resolver protocol
-rather than the DNS protocol.
-.Pp
-.Nm lwresd
-listens for resolver queries on a UDP port on the IPv4 loopback
-interface, 127.0.0.1.
-This means that
-.Nm lwresd
-can only be used by processes running on the local machine.
-By default UDP port number 921 is used for lightweight resolver
-requests and responses.
-.Pp
-Incoming lightweight resolver requests are decoded by
-.Nm lwresd
-which then resolves them using the DNS protocol.
-When the DNS lookup completes,
-.Nm lwresd
-encodes the answers from the name servers in the lightweight
-resolver format and returns them to the client that made the original
-request.
-.Pp
-If
-.Pa /etc/resolv.conf
-contains any
-.Sy nameserver
-entries,
-.Nm lwresd
-sends recursive DNS queries to those servers. This
-is similar to the use of forwarders in a chaching name
-server. If no
-.Sy nameserver
-entries are present, or if forwarding fails,
-.Nm lwresd
-resolves the queries autonomously starting at the
-root name servers, using a compiled-in list of root
-servers hints.
-.Pp
-The options to
-.Nm lwresd
-are as follows:
-.Bl -tag -width Ds
-.It Fl C
-use
-.Ar config-file
-as the configuration file instead of the default,
-.Pa /etc/resolv.conf .
-.It Fl d
-set the daemon's debug level to
-.Ar debuglevel .
-Debugging traces from
-.Nm lwresd
-become more verbose as the debug level increases.
-.It Fl f
-run
-.Nm lwresd
-in the foreground.
-.It Fl g
-run
-.Nm lwresd
-in the foreground and force all logging to
-.Dv stderr .
-.It Fl i
-write the daemon's process id to
-.Ar pid-file
-instead of the default pathname.
-.It Fl n
-create
-.Ar #cpus
-worker threads to take advantage of multiple CPUs.
-If no option is given,
-.Nm lwresd
-will try to determine the number of CPUs present and create
-one thread per CPU. If
-.Nm lwresd
-is unable to determine the number of CPUs, a single worker thread
-is created.
-.It Fl P
-listen for lightweight resolver queries on the loopback interface
-using UDP port
-.Ar port#
-instead of the default port number, 921.
-.It Fl p
-send DNS lookups to port number
-.Ar listen-port#
-when querying name servers.
-This provides a way of testing the lightweight resolver daemon with a
-name server that listens for queries on a non-standard port number.
-.It Fl s
-write memory usage statistics to
-.Dv stdout
-on exit.
-This option is only of interest to BIND 9 developers and may be
-removed or changed in a future release.
-.It Fl t
-tells
-.Nm lwresd
-to chroot() to
-.Ar directory
-immediately after reading its configuration file.
-.It Fl u
-run
-.Nm lwresd
-as
-.Ar user-id ,
-which is a user name or numeric id that must be present in the
-password file.
-The lightweight resolver daemon will change its user-id after it has
-carried out any privileged operations, such as writing the process-id
-file or binding a socket to a privileged port (typically any port
-less than 1024).
-.It Fl v
-report the version number and exit.
-.El
-.Sh FILES
-.Bl -tag -width /var/run/lwresd.pid -compact
-.It Pa /etc/resolv.conf
-default configuration file
-.It Pa /var/run/lwresd.pid
-default process-id file
-.El
-.Sh SEE ALSO
-.Xr named 8 ,
-.Xr lwres 3 .
-.Sh NOTES
-.Nm lwresd
-is a daemon for lightweight resolvers, not a lightweight daemon
-for resolvers.
+.TH "LWRESD" "8" "June 30, 2000" "BIND9" ""
+.SH NAME
+lwresd \- lightweight resolver daemon
+.SH SYNOPSIS
+.sp
+\fBlwresd\fR [ \fB-C \fIconfig-file\fB\fR ] [ \fB-d \fIdebug-level\fB\fR ] [ \fB-f\fR ] [ \fB-g\fR ] [ \fB-i \fIpid-file\fB\fR ] [ \fB-n \fI#cpus\fB\fR ] [ \fB-P \fIport\fB\fR ] [ \fB-p \fIport\fB\fR ] [ \fB-s\fR ] [ \fB-t \fIdirectory\fB\fR ] [ \fB-u \fIuser\fB\fR ] [ \fB-v\fR ]
+.SH "DESCRIPTION"
+.PP
+\fBlwresd\fR is the daemon providing name lookup
+services to clients that use the BIND 9 lightweight resolver
+library. It is essentially a stripped-down, caching-only name
+server that answers queries using the BIND 9 lightweight
+resolver protocol rather than the DNS protocol.
+.PP
+\fBlwresd\fR listens for resolver queries on a
+UDP port on the IPv4 loopback interface, 127.0.0.1. This
+means that \fBlwresd\fR can only be used by
+processes running on the local machine. By default UDP port
+number 921 is used for lightweight resolver requests and
+responses.
+.PP
+Incoming lightweight resolver requests are decoded by the
+server which then resolves them using the DNS protocol. When
+the DNS lookup completes, \fBlwresd\fR encodes
+the answers in the lightweight resolver format and returns
+them to the client that made the request.
+.PP
+If \fI/etc/resolv.conf\fR contains any
+\fBnameserver\fR entries, \fBlwresd\fR
+sends recursive DNS queries to those servers. This is similar
+to the use of forwarders in a caching name server. If no
+\fBnameserver\fR entries are present, or if
+forwarding fails, \fBlwresd\fR resolves the
+queries autonomously starting at the root name servers, using
+a built-in list of root server hints.
+.SH "OPTIONS"
+.TP
+\fB-C \fIconfig-file\fB\fR
+Use \fIconfig-file\fR as the
+configuration file instead of the default,
+\fI/etc/resolv.conf\fR.
+.TP
+\fB-d \fIdebug-level\fB\fR
+Set the daemon's debug level to \fIdebug-level\fR.
+Debugging traces from \fBlwresd\fR become
+more verbose as the debug level increases.
+.TP
+\fB-f\fR
+Run the server in the foreground (i.e. do not daemonize).
+.TP
+\fB-g\fR
+Run the server in the foreground and force all logging
+to \fIstderr\fR.
+.TP
+\fB-n \fI#cpus\fB\fR
+Create \fI#cpus\fR worker threads
+to take advantage of multiple CPUs. If not specified,
+\fBlwresd\fR will try to determine the
+number of CPUs present and create one thread per CPU.
+If it is unable to determine the number of CPUs, a
+single worker thread will be created.
+.TP
+\fB-P \fIport\fB\fR
+Listen for lightweight resolver queries on port
+\fIport\fR. If
+not specified, the default is port 921.
+.TP
+\fB-p \fIport\fB\fR
+Send DNS lookups to port \fIport\fR. If not
+specified, the default is port 53. This provides a
+way of testing the lightweight resolver daemon with a
+name server that listens for queries on a non-standard
+port number.
+.TP
+\fB-s\fR
+Write memory usage statistics to \fIstdout\fR on exit.
+.sp
+.RS
+.B "Note:"
+This option is mainly of interest to BIND 9 developers
+and may be removed or changed in a future release.
+.RE
+.sp
+.TP
+\fB-t \fIdirectory\fB\fR
+\fBchroot()\fR to \fIdirectory\fR after
+processing the command line arguments, but before
+reading the configuration file.
+.sp
+.RS
+.B "Warning:"
+This option should be used in conjunction with the
+\fB-u\fR option, as chrooting a process
+running as root doesn't enhance security on most
+systems; the way \fBchroot()\fR is
+defined allows a process with root privileges to
+escape a chroot jail.
+.RE
+.sp
+.TP
+\fB-u \fIuser\fB\fR
+\fBsetuid()\fR to \fIuser\fR after completing
+privileged operations, such as creating sockets that
+listen on privileged ports.
+.TP
+\fB-v\fR
+Report the version number and exit.
+.SH "FILES"
+.TP
+\fB\fI/etc/resolv.conf\fB\fR
+The default configuration file.
+.TP
+\fB\fI/var/run/lwresd.pid\fB\fR
+The default process-id file.
+.SH "SEE ALSO"
+.PP
+\fBnamed\fR(8),
+\fBlwres\fR(3),
+\fBresolver\fR(5).
+.SH "AUTHOR"
+.PP
+Internet Software Consortium
diff --git a/bin/named/lwresd.docbook b/bin/named/lwresd.docbook
new file mode 100644
index 0000000000..64ad90bbca
--- /dev/null
+++ b/bin/named/lwresd.docbook
@@ -0,0 +1,299 @@
+
+
+
+
+
+ June 30, 2000
+
+
+
+ lwresd
+ 8
+ BIND9
+
+
+
+ lwresd
+ lightweight resolver daemon
+
+
+
+
+ lwresd
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ DESCRIPTION
+
+ lwresd is the daemon providing name lookup
+ services to clients that use the BIND 9 lightweight resolver
+ library. It is essentially a stripped-down, caching-only name
+ server that answers queries using the BIND 9 lightweight
+ resolver protocol rather than the DNS protocol.
+
+
+ lwresd listens for resolver queries on a
+ UDP port on the IPv4 loopback interface, 127.0.0.1. This
+ means that lwresd can only be used by
+ processes running on the local machine. By default UDP port
+ number 921 is used for lightweight resolver requests and
+ responses.
+
+
+ Incoming lightweight resolver requests are decoded by the
+ server which then resolves them using the DNS protocol. When
+ the DNS lookup completes, lwresd encodes
+ the answers in the lightweight resolver format and returns
+ them to the client that made the request.
+
+
+ If /etc/resolv.conf contains any
+ entries, lwresd
+ sends recursive DNS queries to those servers. This is similar
+ to the use of forwarders in a caching name server. If no
+ entries are present, or if
+ forwarding fails, lwresd resolves the
+ queries autonomously starting at the root name servers, using
+ a built-in list of root server hints.
+
+
+
+
+ OPTIONS
+
+
+
+ -C config-file
+
+
+ Use config-file as the
+ configuration file instead of the default,
+ /etc/resolv.conf.
+
+
+
+
+
+ -d debug-level
+
+
+ Set the daemon's debug level to debug-level.
+ Debugging traces from lwresd become
+ more verbose as the debug level increases.
+
+
+
+
+
+ -f
+
+
+ Run the server in the foreground (i.e. do not daemonize).
+
+
+
+
+
+ -g
+
+
+ Run the server in the foreground and force all logging
+ to stderr.
+
+
+
+
+
+ -n #cpus
+
+
+ Create #cpus worker threads
+ to take advantage of multiple CPUs. If not specified,
+ lwresd will try to determine the
+ number of CPUs present and create one thread per CPU.
+ If it is unable to determine the number of CPUs, a
+ single worker thread will be created.
+
+
+
+
+
+ -P port
+
+
+ Listen for lightweight resolver queries on port
+ port. If
+ not specified, the default is port 921.
+
+
+
+
+
+ -p port
+
+
+ Send DNS lookups to port port. If not
+ specified, the default is port 53. This provides a
+ way of testing the lightweight resolver daemon with a
+ name server that listens for queries on a non-standard
+ port number.
+
+
+
+
+
+ -s
+
+
+ Write memory usage statistics to stdout on exit.
+
+
+
+ This option is mainly of interest to BIND 9 developers
+ and may be removed or changed in a future release.
+
+
+
+
+
+
+ -t directory
+
+
+ chroot() to directory after
+ processing the command line arguments, but before
+ reading the configuration file.
+
+
+
+ This option should be used in conjunction with the
+ option, as chrooting a process
+ running as root doesn't enhance security on most
+ systems; the way chroot() is
+ defined allows a process with root privileges to
+ escape a chroot jail.
+
+
+
+
+
+
+ -u user
+
+
+ setuid() to user after completing
+ privileged operations, such as creating sockets that
+ listen on privileged ports.
+
+
+
+
+
+ -v
+
+
+ Report the version number and exit.
+
+
+
+
+
+
+
+
+
+ FILES
+
+
+
+
+ /etc/resolv.conf
+
+
+ The default configuration file.
+
+
+
+
+
+ /var/run/lwresd.pid
+
+
+ The default process-id file.
+
+
+
+
+
+
+
+
+
+ SEE ALSO
+
+
+ named
+ 8
+ ,
+
+ lwres
+ 3
+ ,
+
+ resolver
+ 5
+ .
+
+
+
+
+ AUTHOR
+
+ Internet Software Consortium
+
+
+
+
+
+
+
diff --git a/bin/named/lwresd.html b/bin/named/lwresd.html
new file mode 100644
index 0000000000..0b1f608fb5
--- /dev/null
+++ b/bin/named/lwresd.html
@@ -0,0 +1,537 @@
+
+lwresd
lwresd is the daemon providing name lookup
+ services to clients that use the BIND 9 lightweight resolver
+ library. It is essentially a stripped-down, caching-only name
+ server that answers queries using the BIND 9 lightweight
+ resolver protocol rather than the DNS protocol.
+
lwresd listens for resolver queries on a
+ UDP port on the IPv4 loopback interface, 127.0.0.1. This
+ means that lwresd can only be used by
+ processes running on the local machine. By default UDP port
+ number 921 is used for lightweight resolver requests and
+ responses.
+
Incoming lightweight resolver requests are decoded by the
+ server which then resolves them using the DNS protocol. When
+ the DNS lookup completes, lwresd encodes
+ the answers in the lightweight resolver format and returns
+ them to the client that made the request.
+
If /etc/resolv.conf contains any
+ nameserver entries, lwresd
+ sends recursive DNS queries to those servers. This is similar
+ to the use of forwarders in a caching name server. If no
+ nameserver entries are present, or if
+ forwarding fails, lwresd resolves the
+ queries autonomously starting at the root name servers, using
+ a built-in list of root server hints.
+
OPTIONS
-C config-file
Use config-file as the
+ configuration file instead of the default,
+ /etc/resolv.conf.
+
-d debug-level
Set the daemon's debug level to debug-level.
+ Debugging traces from lwresd become
+ more verbose as the debug level increases.
+
-f
Run the server in the foreground (i.e. do not daemonize).
+
-g
Run the server in the foreground and force all logging
+ to stderr.
+
-n #cpus
Create #cpus worker threads
+ to take advantage of multiple CPUs. If not specified,
+ lwresd will try to determine the
+ number of CPUs present and create one thread per CPU.
+ If it is unable to determine the number of CPUs, a
+ single worker thread will be created.
+
-P port
Listen for lightweight resolver queries on port
+ port. If
+ not specified, the default is port 921.
+
-p port
Send DNS lookups to port port. If not
+ specified, the default is port 53. This provides a
+ way of testing the lightweight resolver daemon with a
+ name server that listens for queries on a non-standard
+ port number.
+
-s
Write memory usage statistics to stdout on exit.
+
Note: This option is mainly of interest to BIND 9 developers
+ and may be removed or changed in a future release.
+
-t directory
chroot() to directory after
+ processing the command line arguments, but before
+ reading the configuration file.
+
Warning
This option should be used in conjunction with the
+ -u option, as chrooting a process
+ running as root doesn't enhance security on most
+ systems; the way chroot() is
+ defined allows a process with root privileges to
+ escape a chroot jail.
+
-u user
setuid() to user after completing
+ privileged operations, such as creating sockets that
+ listen on privileged ports.
+
-v
Report the version number and exit.
+
FILES
/etc/resolv.conf
The default configuration file.
+
/var/run/lwresd.pid
The default process-id file.
+
SEE ALSO
named(8),
+ lwres(3),
+ resolver(5).
+
AUTHOR
Internet Software Consortium
+
\ No newline at end of file
diff --git a/bin/named/named.8 b/bin/named/named.8
new file mode 100644
index 0000000000..dd56578c5c
--- /dev/null
+++ b/bin/named/named.8
@@ -0,0 +1,164 @@
+.\" Copyright (C) 2000, 2001 Internet Software Consortium.
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
+.\" DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
+.\" INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
+.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
+.\" FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.TH "NAMED" "8" "June 30, 2000" "BIND9" ""
+.SH NAME
+named \- Internet domain name server
+.SH SYNOPSIS
+.sp
+\fBnamed\fR [ \fB-c \fIconfig-file\fB\fR ] [ \fB-d \fIdebug-level\fB\fR ] [ \fB-f\fR ] [ \fB-g\fR ] [ \fB-n \fI#cpus\fB\fR ] [ \fB-p \fIport\fB\fR ] [ \fB-s\fR ] [ \fB-t \fIdirectory\fB\fR ] [ \fB-u \fIuser\fB\fR ] [ \fB-v\fR ] [ \fB-x \fIcache-file\fB\fR ]
+.SH "DESCRIPTION"
+.PP
+\fBnamed\fR is a Domain Name System (DNS) server,
+part of the BIND 9 distribution from ISC. For more
+information on the DNS, see RFCs 1033, 1034, and 1035.
+.PP
+When invoked without arguments, \fBnamed\fR will
+read the default configuration file
+\fI/etc/named.conf\fR, read any initial
+data, and listen for queries.
+.SH "OPTIONS"
+.TP
+\fB-c \fIconfig-file\fB\fR
+Use \fIconfig-file\fR as the
+configuration file instead of the default,
+\fI/etc/named.conf\fR. To
+ensure that reloading the configuration file continues
+to work after the server has changed its working
+directory due to to a possible
+\fBdirectory\fR option in the configuration
+file, \fIconfig-file\fR should be
+an absolute pathname.
+.TP
+\fB-d \fIdebug-level\fB\fR
+Set the daemon's debug level to \fIdebug-level\fR.
+Debugging traces from \fBnamed\fR become
+more verbose as the debug level increases.
+.TP
+\fB-f\fR
+Run the server in the foreground (i.e. do not daemonize).
+.TP
+\fB-g\fR
+Run the server in the foreground and force all logging
+to \fIstderr\fR.
+.TP
+\fB-n \fI#cpus\fB\fR
+Create \fI#cpus\fR worker threads
+to take advantage of multiple CPUs. If not specified,
+\fBnamed\fR will try to determine the
+number of CPUs present and create one thread per CPU.
+If it is unable to determine the number of CPUs, a
+single worker thread will be created.
+.TP
+\fB-p \fIport\fB\fR
+Listen for queries on port \fIport\fR. If not
+specified, the default is port 53.
+.TP
+\fB-s\fR
+Write memory usage statistics to \fIstdout\fR on exit.
+.sp
+.RS
+.B "Note:"
+This option is mainly of interest to BIND 9 developers
+and may be removed or changed in a future release.
+.RE
+.sp
+.TP
+\fB-t \fIdirectory\fB\fR
+\fBchroot()\fR to \fIdirectory\fR after
+processing the command line arguments, but before
+reading the configuration file.
+.sp
+.RS
+.B "Warning:"
+This option should be used in conjunction with the
+\fB-u\fR option, as chrooting a process
+running as root doesn't enhance security on most
+systems; the way \fBchroot()\fR is
+defined allows a process with root privileges to
+escape a chroot jail.
+.RE
+.sp
+.TP
+\fB-u \fIuser\fB\fR
+\fBsetuid()\fR to \fIuser\fR after completing
+privileged operations, such as creating sockets that
+listen on privileged ports.
+.sp
+.RS
+.B "Note:"
+On Linux, \fBnamed\fR uses the kernel's
+capability mechanism to drop all root privileges
+except the ability to \fBbind()\fR to a
+privileged port and set process resource limits.
+Unfortunately, this means that the \fB-u\fR
+option only works when \fBnamed\fR is run
+on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or
+later, since previous kernels did not allow privileges
+to be retained after \fBsetuid()\fR.
+.RE
+.sp
+.TP
+\fB-v\fR
+Report the version number and exit.
+.TP
+\fB-x \fIcache-file\fB\fR
+Load data from \fIcache-file\fR into the
+cache of the default view.
+.sp
+.RS
+.B "Warning:"
+This option must not be used. It is only of interest
+to BIND 9 developers and may be removed or changed in a
+future release.
+.RE
+.sp
+.SH "SIGNALS"
+.PP
+In routine operation, signals should not be used to control
+the nameserver; \fBrndc\fR should be used
+instead.
+.TP
+\fBSIGHUP\fR
+Force a reload of the server.
+.TP
+\fBSIGINT, SIGTERM\fR
+Shut down the server.
+.PP
+The result of sending any other signals to the server is undefined.
+.PP
+.SH "CONFIGURATION"
+.PP
+The \fBnamed\fR configuration file is too complex
+to describe in detail here. A complete description is
+provided in the \fIBIND 9 Administrator Reference
+Manual\fR.
+.SH "FILES"
+.TP
+\fB\fI/etc/named.conf\fB\fR
+The default configuration file.
+.TP
+\fB\fI/var/run/named.pid\fB\fR
+The default process-id file.
+.SH "SEE ALSO"
+.PP
+\fIRFC 1033\fR,
+\fIRFC 1034\fR,
+\fIRFC 1035\fR,
+\fBrndc\fR(8),
+\fBlwresd\fR(8),
+\fIBIND 9 Administrator Reference Manual\fR.
+.SH "AUTHOR"
+.PP
+Internet Software Consortium
diff --git a/bin/named/named.8.in b/bin/named/named.8.in
deleted file mode 100644
index 2c1a5e3e79..0000000000
--- a/bin/named/named.8.in
+++ /dev/null
@@ -1,173 +0,0 @@
-.\" Copyright (C) 2000, 2001 Internet Software Consortium.
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
-.\" DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-.\" INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
-.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
-.\" FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
-.\" $Id: named.8.in,v 1.1 2001/02/12 04:50:47 marka Exp $
-
-.Dd Jun 30, 2000
-.Dt NAMED 8
-.Os BIND9 9
-.ds vT BIND9 Programmer's Manual
-.Sh NAME
-.Nm named
-.Nd Internet domain name server
-.Sh SYNOPSIS
-.Nm named
-.Op Fl c Ar config-file
-.Op Fl d Ar debuglevel
-.Op Fl f g s
-.Op Fl n Ar #cpus
-.Op Fl p Ar port#
-.Op Fl t Ar directory
-.Op Fl u Ar user-id
-.Op Fl v
-.Op Fl x Ar cache-file
-.Sh DESCRIPTION
-.Nm named
-is a Domain Name System (DNS) server, part of the BIND 9 distribution
-from ISC. For more information on the DNS, see RFCs 1033, 1034, and 1035.
-.Pp
-When invoked without arguments,
-.Nm named
-will read the default configuration file
-.Pa @sysconfdir@/named.conf ,
-read any initial data, and listen for queries.
-.Pp
-The options to
-.Nm named
-are as follows:
-.Bl -tag -width Ds
-.It Fl c
-use
-.Ar config-file
-as the configuration file instead of the default,
-.Pa @sysconfdir@/named.conf .
-To ensure that reloading the configuration file continues to
-work after the server has changed its working directory
-due to to a possible
-.Dv directory
-option in the configuration file,
-.Ar config-file
-should be an absolute pathname.
-.It Fl d
-set the daemon's debug level to
-.Ar debuglevel .
-Debugging traces from
-.Nm named
-become more verbose as the debug level increases.
-.It Fl f
-run
-.Nm named
-in the foreground.
-.It Fl g
-run
-.Nm named
-in the foreground and force all logging to
-.Dv stderr .
-.It Fl n
-create
-.Ar #cpus
-worker threads to take advantage of multiple CPUs.
-If no option is given,
-.Nm named
-will try to determine the number of CPUs present and create
-one thread per CPU. If
-.Nm named
-is unable to determine the number of CPUs, a single worker thread
-is created.
-.It Fl p
-listen for queries on port
-.Ar port#
-instead of the default port number, 53.
-.It Fl s
-write memory usage statistics to
-.Dv stdout
-on exit.
-This option is mainly of interest
-to BIND9 developers and may be removed or changed in a future release.
-.It Fl t
-tells
-.Nm named
-to chroot() to
-.Ar directory
-as soon as it is finshed processing command line arguments,
-before reading its configuration file.
-This should be used in conjunction with the
-.Fl u
-option, as chrooting a process running as root doesn't
-enhance security on most systems - the way chroot() is defined
-allows a process with root privileges to escape the chroot jail.
-.It Fl u
-run
-.Nm named
-as UID
-.Ar user-id .
-.Nm named
-will change its UID after it has
-carried out any privileged operations, such as
-creating sockets that listen on privileged ports.
-.Pp
-On Linux,
-.Nm named
-uses the kernel's capability mechanism to drop
-all root privileges except the ability to bind() to a privileged
-port. Unfortunately, this means that the "-u" option only works
-when
-.Nm named
-is run on 2.3.99-pre3 or later kernel, since previous
-kernels did not allow privileges to be retained after setuid().
-.It Fl v
-report the version number and exit.
-.It Fl x
-load data from
-.Ar cache-file .
-into the cache of the default view.
-This option must not be used.
-It is only of interest
-to BIND9 developers and may be removed or changed in a future release.
-.El
-.Sh SIGNALS
-In routine operation, signals should not be used to \*qcontrol\*q the
-name server.
-.Nm rndc
-should be used instead.
-Sending the name server a
-.Dv SIGHUP
-signal forces a reload of the server.
-A
-.Dv SIGINT
-or
-.Dv SIGTERM
-signal can be used to gracefully shut down the server.
-Sending any other signals to the name server
-will have an undefined outcome.
-.\".Sh CONFIGURATION FILE FORMAT
-.\".Nm named 's
-.\"configuration file is too complex to describe in detail here.
-.\"A complete description is provided in the BIND9 Administrator
-.\"Reference Manual.
-.Sh FILES
-.Bl -tag -width /var/run/named.pid -compact
-.It Pa @sysconfdir@/named.conf
-default configuration file
-.It Pa /var/run/named.pid
-default process-id file
-.El
-.Sh SEE ALSO
-.Xr RFC1033 ,
-.Xr RFC1034 ,
-.Xr RFC1035 ,
-.Xr rndc 8 ,
-.Xr lwresd 8 ,
-BIND9 Administrator Reference Manual, June 2000.
diff --git a/bin/named/named.docbook b/bin/named/named.docbook
new file mode 100644
index 0000000000..d151ac052e
--- /dev/null
+++ b/bin/named/named.docbook
@@ -0,0 +1,347 @@
+
+
+
+
+
+ June 30, 2000
+
+
+
+ named
+ 8
+ BIND9
+
+
+
+ named
+ Internet domain name server
+
+
+
+
+ named
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ DESCRIPTION
+
+ named is a Domain Name System (DNS) server,
+ part of the BIND 9 distribution from ISC. For more
+ information on the DNS, see RFCs 1033, 1034, and 1035.
+
+
+ When invoked without arguments, named will
+ read the default configuration file
+ /etc/named.conf, read any initial
+ data, and listen for queries.
+
+
+
+
+ OPTIONS
+
+
+
+ -c config-file
+
+
+ Use config-file as the
+ configuration file instead of the default,
+ /etc/named.conf. To
+ ensure that reloading the configuration file continues
+ to work after the server has changed its working
+ directory due to to a possible
+ option in the configuration
+ file, config-file should be
+ an absolute pathname.
+
+
+
+
+
+ -d debug-level
+
+
+ Set the daemon's debug level to debug-level.
+ Debugging traces from named become
+ more verbose as the debug level increases.
+
+
+
+
+
+ -f
+
+
+ Run the server in the foreground (i.e. do not daemonize).
+
+
+
+
+
+ -g
+
+
+ Run the server in the foreground and force all logging
+ to stderr.
+
+
+
+
+
+ -n #cpus
+
+
+ Create #cpus worker threads
+ to take advantage of multiple CPUs. If not specified,
+ named will try to determine the
+ number of CPUs present and create one thread per CPU.
+ If it is unable to determine the number of CPUs, a
+ single worker thread will be created.
+
+
+
+
+
+ -p port
+
+
+ Listen for queries on port port. If not
+ specified, the default is port 53.
+
+
+
+
+
+ -s
+
+
+ Write memory usage statistics to stdout on exit.
+
+
+
+ This option is mainly of interest to BIND 9 developers
+ and may be removed or changed in a future release.
+
+
+
+
+
+
+ -t directory
+
+
+ chroot() to directory after
+ processing the command line arguments, but before
+ reading the configuration file.
+
+
+
+ This option should be used in conjunction with the
+ option, as chrooting a process
+ running as root doesn't enhance security on most
+ systems; the way chroot() is
+ defined allows a process with root privileges to
+ escape a chroot jail.
+
+
+
+
+
+
+ -u user
+
+
+ setuid() to user after completing
+ privileged operations, such as creating sockets that
+ listen on privileged ports.
+
+
+
+ On Linux, named uses the kernel's
+ capability mechanism to drop all root privileges
+ except the ability to bind() to a
+ privileged port and set process resource limits.
+ Unfortunately, this means that the
+ option only works when named is run
+ on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or
+ later, since previous kernels did not allow privileges
+ to be retained after setuid().
+
+
+
+
+
+
+ -v
+
+
+ Report the version number and exit.
+
+
+
+
+
+ -x cache-file
+
+
+ Load data from cache-file into the
+ cache of the default view.
+
+
+
+ This option must not be used. It is only of interest
+ to BIND 9 developers and may be removed or changed in a
+ future release.
+
+
+
+
+
+
+
+
+
+
+ SIGNALS
+
+ In routine operation, signals should not be used to control
+ the nameserver; rndc should be used
+ instead.
+
+
+
+
+
+ SIGHUP
+
+
+ Force a reload of the server.
+
+
+
+
+
+ SIGINT, SIGTERM
+
+
+ Shut down the server.
+
+
+
+
+
+
+
+ The result of sending any other signals to the server is undefined.
+
+
+
+
+
+ CONFIGURATION
+
+ The named configuration file is too complex
+ to describe in detail here. A complete description is
+ provided in the BIND 9 Administrator Reference
+ Manual.
+
+
+
+
+ FILES
+
+
+
+
+ /etc/named.conf
+
+
+ The default configuration file.
+
+
+
+
+
+ /var/run/named.pid
+
+
+ The default process-id file.
+
+
+
+
+
+
+
+
+
+ SEE ALSO
+
+ RFC 1033,
+ RFC 1034,
+ RFC 1035,
+
+ rndc
+ 8
+ ,
+
+ lwresd
+ 8
+ ,
+ BIND 9 Administrator Reference Manual.
+
+
+
+
+ AUTHOR
+
+ Internet Software Consortium
+
+
+
+
+
+
+
diff --git a/bin/named/named.html b/bin/named/named.html
new file mode 100644
index 0000000000..0ea7e4dc18
--- /dev/null
+++ b/bin/named/named.html
@@ -0,0 +1,630 @@
+
+named
named is a Domain Name System (DNS) server,
+ part of the BIND 9 distribution from ISC. For more
+ information on the DNS, see RFCs 1033, 1034, and 1035.
+
When invoked without arguments, named will
+ read the default configuration file
+ /etc/named.conf, read any initial
+ data, and listen for queries.
+
OPTIONS
-c config-file
Use config-file as the
+ configuration file instead of the default,
+ /etc/named.conf. To
+ ensure that reloading the configuration file continues
+ to work after the server has changed its working
+ directory due to to a possible
+ directory option in the configuration
+ file, config-file should be
+ an absolute pathname.
+
-d debug-level
Set the daemon's debug level to debug-level.
+ Debugging traces from named become
+ more verbose as the debug level increases.
+
-f
Run the server in the foreground (i.e. do not daemonize).
+
-g
Run the server in the foreground and force all logging
+ to stderr.
+
-n #cpus
Create #cpus worker threads
+ to take advantage of multiple CPUs. If not specified,
+ named will try to determine the
+ number of CPUs present and create one thread per CPU.
+ If it is unable to determine the number of CPUs, a
+ single worker thread will be created.
+
-p port
Listen for queries on port port. If not
+ specified, the default is port 53.
+
-s
Write memory usage statistics to stdout on exit.
+
Note: This option is mainly of interest to BIND 9 developers
+ and may be removed or changed in a future release.
+
-t directory
chroot() to directory after
+ processing the command line arguments, but before
+ reading the configuration file.
+
Warning
This option should be used in conjunction with the
+ -u option, as chrooting a process
+ running as root doesn't enhance security on most
+ systems; the way chroot() is
+ defined allows a process with root privileges to
+ escape a chroot jail.
+
-u user
setuid() to user after completing
+ privileged operations, such as creating sockets that
+ listen on privileged ports.
+
Note: On Linux, named uses the kernel's
+ capability mechanism to drop all root privileges
+ except the ability to bind() to a
+ privileged port and set process resource limits.
+ Unfortunately, this means that the -u
+ option only works when named is run
+ on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or
+ later, since previous kernels did not allow privileges
+ to be retained after setuid().
+
-v
Report the version number and exit.
+
-x cache-file
Load data from cache-file into the
+ cache of the default view.
+
Warning
This option must not be used. It is only of interest
+ to BIND 9 developers and may be removed or changed in a
+ future release.
+
SIGNALS
In routine operation, signals should not be used to control
+ the nameserver; rndc should be used
+ instead.
+
SIGHUP
Force a reload of the server.
+
SIGINT, SIGTERM
Shut down the server.
+
The result of sending any other signals to the server is undefined.
+
CONFIGURATION
The named configuration file is too complex
+ to describe in detail here. A complete description is
+ provided in the BIND 9 Administrator Reference
+ Manual.
+