969eaf7df8ac651946f76b6631ff5db568c11ef6Tinderbox User

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<refentry xmlns:db="http://docbook.org/ns/docbook" version="5.0" xml:id="man.rndc-confgen">

f4ee48be3994797a8332b86c101db4d7b54799ceTinderbox User <info>

a2c370ca12bb0360ff7e969474ead3f788c65fffTinderbox User <date>2013-03-14</date>

8de3f14f1c300c3e1ed99084cc03485b42c92bf1Tinderbox User </info>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <refentryinfo>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <corpname>ISC</corpname>

b886b04d8d2b085cbf3e1bf4442dee87f43ba5e4Tinderbox User <corpauthor>Internet Systems Consortium, Inc.</corpauthor>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews </refentryinfo>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <refmeta>

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <refentrytitle><application>rndc-confgen</application></refentrytitle>

b91d11bfcc30b96f2c80f3a76d12e3dcc8597a68Mark Andrews <manvolnum>8</manvolnum>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <refmiscinfo>BIND9</refmiscinfo>

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews </refmeta>

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <refnamediv>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <refname><application>rndc-confgen</application></refname>

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <refpurpose>rndc key generation tool</refpurpose>

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User </refnamediv>

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User <docinfo>

e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews <copyright>

30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt <year>2001</year>

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews <year>2003</year>

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User <year>2004</year>

efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews <year>2005</year>

e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews <year>2007</year>

30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt <year>2009</year>

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews <year>2013</year>

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User <year>2014</year>

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews <year>2015</year>

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User <year>2016</year>

e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews <holder>Internet Systems Consortium, Inc. ("ISC")</holder>

30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt </copyright>

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews </docinfo>

015055b6e23f5c08f6a5b34726f90b62597e9e45Tinderbox User

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <refsynopsisdiv>

aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt <cmdsynopsis sepchar=" ">

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <command>rndc-confgen</command>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <arg choice="opt" rep="norepeat"><option>-a</option></arg>

aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt <arg choice="opt" rep="norepeat"><option>-A <replaceable class="parameter">algorithm</replaceable></option></arg>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <arg choice="opt" rep="norepeat"><option>-b <replaceable class="parameter">keysize</replaceable></option></arg>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <arg choice="opt" rep="norepeat"><option>-c <replaceable class="parameter">keyfile</replaceable></option></arg>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <arg choice="opt" rep="norepeat"><option>-h</option></arg>

aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt <arg choice="opt" rep="norepeat"><option>-k <replaceable class="parameter">keyname</replaceable></option></arg>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <arg choice="opt" rep="norepeat"><option>-p <replaceable class="parameter">port</replaceable></option></arg>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <arg choice="opt" rep="norepeat"><option>-r <replaceable class="parameter">randomfile</replaceable></option></arg>

aa9c561961e9d877946ebaa8795fa2be054ab7bfEvan Hunt <arg choice="opt" rep="norepeat"><option>-s <replaceable class="parameter">address</replaceable></option></arg>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <arg choice="opt" rep="norepeat"><option>-t <replaceable class="parameter">chrootdir</replaceable></option></arg>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <arg choice="opt" rep="norepeat"><option>-u <replaceable class="parameter">user</replaceable></option></arg>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews </cmdsynopsis>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews </refsynopsisdiv>

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews

cdfc81e048bd34c1d628380247bda6b80a89e20eAutomatic Updater <refsection><info><title>DESCRIPTION</title></info>

e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews

30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt <para><command>rndc-confgen</command>

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews generates configuration files

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews for <command>rndc</command>. It can be used as a

9513a2a6670951f5cf5477fcfec9f933fcaff628Automatic Updater convenient alternative to writing the

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews <filename>rndc.conf</filename> file

e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews and the corresponding <command>controls</command>

30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt and <command>key</command>

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews statements in <filename>named.conf</filename> by hand.

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews Alternatively, it can be run with the <command>-a</command>

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews option to set up a <filename>rndc.key</filename> file and

eabc9c3c07cd956d3c436bd7614cb162dabdda76Mark Andrews avoid the need for a <filename>rndc.conf</filename> file

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews and a <command>controls</command> statement altogether.

e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews </para>

30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews </refsection>

015055b6e23f5c08f6a5b34726f90b62597e9e45Tinderbox User

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <refsection><info><title>OPTIONS</title></info>

fec6e13f2d1e69fe1c2b8fac36f732f124cf5398Mark Andrews

b91d11bfcc30b96f2c80f3a76d12e3dcc8597a68Mark Andrews

b91d11bfcc30b96f2c80f3a76d12e3dcc8597a68Mark Andrews <variablelist>

fec6e13f2d1e69fe1c2b8fac36f732f124cf5398Mark Andrews <varlistentry>

2ae159b376dac23870d8005563c585acf85a4b5aEvan Hunt <term>-a</term>

2ae159b376dac23870d8005563c585acf85a4b5aEvan Hunt <listitem>

2ae159b376dac23870d8005563c585acf85a4b5aEvan Hunt <para>

e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews Do automatic <command>rndc</command> configuration.

30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt This creates a file <filename>rndc.key</filename>

2ae159b376dac23870d8005563c585acf85a4b5aEvan Hunt in <filename>/etc</filename> (or whatever

7cc0a5d21ef046bfd630c4769943d896a7d7472cTinderbox User <varname>sysconfdir</varname>

e76dfff967cfbe00f4d1540434832e4499a9cd83Tinderbox User was specified as when <acronym>BIND</acronym> was

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews built)

549c517e2ecad52bb1d32f08920e29d4e8cda71eTinderbox User that is read by both <command>rndc</command>

549c517e2ecad52bb1d32f08920e29d4e8cda71eTinderbox User and <command>named</command> on startup. The

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <filename>rndc.key</filename> file defines a default

549c517e2ecad52bb1d32f08920e29d4e8cda71eTinderbox User command channel and authentication key allowing

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <command>rndc</command> to communicate with

8f4e6ea383aa9a953c0adb5be6c4d8dc8dbd5c4aWitold Krecicki <command>named</command> on the local host

3bd8b5a8fb126e45c67ff53b68183c889cc27918Tinderbox User with no further configuration.

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews </para>

b91d11bfcc30b96f2c80f3a76d12e3dcc8597a68Mark Andrews <para>

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews Running <command>rndc-confgen -a</command> allows

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews BIND 9 and <command>rndc</command> to be used as

aef6cf0f147a5014d4891c9689b9f463399e16e7Tinderbox User drop-in

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews replacements for BIND 8 and <command>ndc</command>,

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User with no changes to the existing BIND 8

91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson <filename>named.conf</filename> file.

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User </para>

e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews <para>

30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt If a more elaborate configuration than that

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews generated by <command>rndc-confgen -a</command>

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User is required, for example if rndc is to be used remotely,

efb0e886f18894a1d2489f1ad74ad14b579e11c7Mark Andrews you should run <command>rndc-confgen</command> without

e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews the

30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt <command>-a</command> option and set up a

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews <filename>rndc.conf</filename> and

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User <filename>named.conf</filename>

91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson as directed.

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User </para>

e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews </listitem>

30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt </varlistentry>

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User <varlistentry>

91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson <term>-A <replaceable class="parameter">algorithm</replaceable></term>

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User <listitem>

e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews <para>

30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt Specifies the algorithm to use for the TSIG key. Available

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,

28a5dd720187fddb16055a0f64b63a7b66f29f64Mark Andrews hmac-sha384 and hmac-sha512. The default is hmac-md5 or

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews if MD5 was disabled hmac-sha256.

78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews </para>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews </listitem>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews </varlistentry>

78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews

fec6e13f2d1e69fe1c2b8fac36f732f124cf5398Mark Andrews <varlistentry>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <term>-b <replaceable class="parameter">keysize</replaceable></term>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <listitem>

fec6e13f2d1e69fe1c2b8fac36f732f124cf5398Mark Andrews <para>

2a31bd531072824ef252c18303859d6af7451b00Francis Dupont Specifies the size of the authentication key in bits.

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews Must be between 1 and 512 bits; the default is the

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews hash size.

2a31bd531072824ef252c18303859d6af7451b00Francis Dupont </para>

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews </listitem>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews </varlistentry>

8f4e6ea383aa9a953c0adb5be6c4d8dc8dbd5c4aWitold Krecicki

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <varlistentry>

78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews <term>-c <replaceable class="parameter">keyfile</replaceable></term>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <listitem>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <para>

78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews Used with the <command>-a</command> option to specify

78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews an alternate location for <filename>rndc.key</filename>.

7f9e2fff07b9c17e0d7a0ea7abc9304ce9d01b61Tinderbox User </para>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews </listitem>

78f3ed4bc2fcd3d270bfd599804f3b27a1db4d91Mark Andrews </varlistentry>

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews

549c517e2ecad52bb1d32f08920e29d4e8cda71eTinderbox User <varlistentry>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <term>-h</term>

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <listitem>

fec6e13f2d1e69fe1c2b8fac36f732f124cf5398Mark Andrews <para>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews Prints a short summary of the options and arguments to

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <command>rndc-confgen</command>.

01a5c5503482fb3ba52088bf0178a7213273bf96Mark Andrews </para>

361967ea970ea8f0ef8875e769505ecdac74bfb0Tinderbox User </listitem>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews </varlistentry>

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User

cdfc81e048bd34c1d628380247bda6b80a89e20eAutomatic Updater <varlistentry>

e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews <term>-k <replaceable class="parameter">keyname</replaceable></term>

30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt <listitem>

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews <para>

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User Specifies the key name of the rndc authentication key.

fe80a4909bf62b602feaf246866e9d29f7654194Automatic Updater This must be a valid domain name.

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User The default is <constant>rndc-key</constant>.

e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews </para>

30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt </listitem>

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews </varlistentry>

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User

fa0326cc2cf428f67575b6ba3b97b528a31b0010Tinderbox User <varlistentry>

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User <term>-p <replaceable class="parameter">port</replaceable></term>

e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews <listitem>

30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt <para>

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews Specifies the command channel port where <command>named</command>

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User listens for connections from <command>rndc</command>.

fe80a4909bf62b602feaf246866e9d29f7654194Automatic Updater The default is 953.

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User </para>

e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews </listitem>

30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt </varlistentry>

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User <varlistentry>

91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson <term>-r <replaceable class="parameter">randomfile</replaceable></term>

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User <listitem>

e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews <para>

30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt Specifies a source of random data for generating the

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews authorization. If the operating

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User system does not provide a <filename>/dev/random</filename>

dd65eb1efb40b1c47d57963192bfc54873b219beAutomatic Updater or equivalent device, the default source of randomness

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User is keyboard input. <filename>randomdev</filename>

e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews specifies

30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt the name of a character device or file containing random

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews data to be used instead of the default. The special value

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User <filename>keyboard</filename> indicates that keyboard

133e6d43fa82e80d3798be4de00f4540f485ec6cAutomatic Updater input should be used.

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User </para>

e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews </listitem>

30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt </varlistentry>

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User <varlistentry>

91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson <term>-s <replaceable class="parameter">address</replaceable></term>

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User <listitem>

e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews <para>

30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt Specifies the IP address where <command>named</command>

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews listens for command channel connections from

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User <command>rndc</command>. The default is the loopback

5f7586ddbd3edd11272cdd30ed613d936129328bTinderbox User address 127.0.0.1.

9ecb5d33470ebfb3719a1b8d56bcefdf4b27f7b2Tinderbox User </para>

e813f036c8251b6d9d2a72fa84f80c2c9d2795afMark Andrews </listitem>

30370d905e9be3be7d9b947fd432bacecbb13bb9Evan Hunt </varlistentry>

0eb371ca0dab50ae3462e98794a6126198c52f4bMark Andrews

015055b6e23f5c08f6a5b34726f90b62597e9e45Tinderbox User <varlistentry>

361967ea970ea8f0ef8875e769505ecdac74bfb0Tinderbox User <term>-t <replaceable class="parameter">chrootdir</replaceable></term>

5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox User <listitem>

5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox User <para>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews Used with the <command>-a</command> option to specify

5affecff6e148a8e124d03f5dbac0da11e30dcc5Tinderbox User a directory where <command>named</command> will run

34d1f3b65324f8fcf358fa2f47891441d4b1d2f0Tinderbox User chrooted. An additional copy of the <filename>rndc.key</filename>

1fce11b1d3f2d461d261156b8cdc64ab864f06a9Tinderbox User will be written relative to this directory so that

fab54780409846f7c71f6026d665f18c77c649efTinderbox User it will be found by the chrooted <command>named</command>.

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews </para>

361967ea970ea8f0ef8875e769505ecdac74bfb0Tinderbox User </listitem>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews </varlistentry>

015055b6e23f5c08f6a5b34726f90b62597e9e45Tinderbox User

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <varlistentry>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <term>-u <replaceable class="parameter">user</replaceable></term>

689fb19ba11ed40363cbc031d0396befdb409b89Tinderbox User <listitem>

6c2a76b3e2ccd32c35814b6e0f54da00190749d7Evan Hunt <para>

8927a982bde7e4b665966b55f0fa57c5cf21b9d8Mark Andrews Used with the <command>-a</command> option to set the

361967ea970ea8f0ef8875e769505ecdac74bfb0Tinderbox User owner

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews of the <filename>rndc.key</filename> file generated.

361967ea970ea8f0ef8875e769505ecdac74bfb0Tinderbox User If

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <command>-t</command> is also specified only the file

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews in

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews the chroot area has its owner changed.

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews </para>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews </listitem>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews </varlistentry>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews </variablelist>

361967ea970ea8f0ef8875e769505ecdac74bfb0Tinderbox User </refsection>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <refsection><info><title>EXAMPLES</title></info>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <para>

cdf1c3d486ec082ef6c92297d22d54a67cca0c90Tinderbox User To allow <command>rndc</command> to be used with

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews no manual configuration, run

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews </para>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <para><userinput>rndc-confgen -a</userinput>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews </para>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <para>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews To print a sample <filename>rndc.conf</filename> file and

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews corresponding <command>controls</command> and <command>key</command>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews statements to be manually inserted into <filename>named.conf</filename>,

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews run

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews </para>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <para><userinput>rndc-confgen</userinput>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews </para>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews </refsection>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <refsection><info><title>SEE ALSO</title></info>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <para><citerefentry>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <refentrytitle>rndc</refentrytitle><manvolnum>8</manvolnum>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews </citerefentry>,

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <citerefentry>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <refentrytitle>rndc.conf</refentrytitle><manvolnum>5</manvolnum>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews </citerefentry>,

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <citerefentry>

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews <refentrytitle>named</refentrytitle><manvolnum>8</manvolnum>

a2c370ca12bb0360ff7e969474ead3f788c65fffTinderbox User </citerefentry>,

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <citetitle>BIND 9 Administrator Reference Manual</citetitle>.

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews </para>

7d638dd31ecb633aaefca994b60b70c58b5def03Tinderbox User </refsection>

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews

0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews</refentry>

c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews