From a7da2d4993781cdbdad1eb6db7d628d713b48b95 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20=C5=A0pa=C4=8Dek?= Date: Fri, 17 Jun 2022 14:27:16 +0200 Subject: [PATCH] Change statement->argument terminology for control channel control { inet ... allow keys read-only }; are not actual statements but in fact arguments of a statement. Remove .. namedconf:statement:: syntax to avoid collisions with other statements of the same name. (cherry picked from commit caf2675ef820b6bc25e52612e0f82c1e80591ea2) --- doc/arm/reference.rst | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst index 458e3fe4b4..7cf2a8be21 100644 --- a/doc/arm/reference.rst +++ b/doc/arm/reference.rst @@ -484,24 +484,22 @@ and retrieve non-DNS results from a name server. The ability to issue commands over the control channel is restricted by the ``allow`` and ``keys`` clauses. - .. namedconf:statement:: allow - + ``allow`` Connections to the control channel are permitted based on the ``address_match_list``. This is for simple IP address-based filtering only; any ``key_id`` elements of the ``address_match_list`` are ignored. -.. namedconf:statement:: keys + ``keys`` + The primary authorization mechanism of the command channel is the + ``key_list``, which contains a list of ``key_id``s. Each ``key_id`` in + the ``key_list`` is authorized to execute commands over the control + channel. See :ref:`admin_tools` for information about + configuring keys in :iscman:`rndc`. - The primary authorization mechanism of the command channel is the - ``key_list``, which contains a list of ``key_id`` s. Each ``key_id`` in - the ``key_list`` is authorized to execute commands over the control - channel. See :ref:`admin_tools` for information about - configuring keys in :iscman:`rndc`. -.. namedconf:statement:: read-only - - If the ``read-only`` clause is enabled, the control channel is limited +``read-only`` + If the ``read-only`` argument is ``on``, the control channel is limited to the following set of read-only commands: ``nta -dump``, ``null``, ``status``, ``showzone``, ``testgen``, and ``zonestatus``. By default, ``read-only`` is not enabled and the control channel allows read-write