doc/arm/man.named.html

	man.named.html revision 8ec3c085233cedb22b05da36e2773c8f357a7e45
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<!--
11e9368a226272085c337e9e74b79808c16fbdbaTinderbox User - Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC")
75c0816e8295e180f4bc7f10db3d0d880383bc1cMark Andrews - Copyright (C) 2000-2003 Internet Software Consortium.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein -
4a14ce5ba00ab7bc55c99ffdcf59c7a4ab902721Automatic Updater - Permission to use, copy, modify, and/or distribute this software for any
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - purpose with or without fee is hereby granted, provided that the above
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - copyright notice and this permission notice appear in all copies.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein -
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - PERFORMANCE OF THIS SOFTWARE.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein-->
ea94d370123a5892f6c47a97f21d1b28d44bb168Tinderbox User<!-- $Id: man.named.html,v 1.139 2009/10/06 01:14:41 tbox Exp $ -->
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<html>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<head>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<title>named</title>
e21a2904f02a03fa06b6db04d348f65fe9c67b2bMark Andrews<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="prev" href="man.named-checkzone.html" title="named-checkzone">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="next" href="man.nsupdate.html" title="nsupdate">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</head>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="navheader">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<table width="100%" summary="Navigation header">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr><th colspan="3" align="center"><span class="application">named</span></th></tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="left">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a accesskey="p" href="man.named-checkzone.html">Prev</a>�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<th width="60%" align="center">Manual pages</th>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="right">�<a accesskey="n" href="man.nsupdate.html">Next</a>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</table>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<hr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refentry" lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="man.named"></a><div class="titlepage"></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refnamediv">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<h2>Name</h2>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span class="application">named</span> &#8212; Internet domain name server</p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refsynopsisdiv">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<h2>Synopsis</h2>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="cmdsynopsis"><p><code class="command">named</code>  [<code class="option">-4</code>] [<code class="option">-6</code>] [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-d <em class="replaceable"><code>debug-level</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine-name</code></em></code>] [<code class="option">-f</code>] [<code class="option">-g</code>] [<code class="option">-m <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-n <em class="replaceable"><code>#cpus</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-s</code>] [<code class="option">-S <em class="replaceable"><code>#max-socks</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>] [<code class="option">-v</code>] [<code class="option">-V</code>] [<code class="option">-x <em class="replaceable"><code>cache-file</code></em></code>]</p></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
11e9368a226272085c337e9e74b79808c16fbdbaTinderbox User<div class="refsect1" lang="en">
11e9368a226272085c337e9e74b79808c16fbdbaTinderbox User<a name="id2612820"></a><h2>DESCRIPTION</h2>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span><strong class="command">named</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      is a Domain Name System (DNS) server,
11e9368a226272085c337e9e74b79808c16fbdbaTinderbox User      part of the BIND 9 distribution from ISC.  For more
11e9368a226272085c337e9e74b79808c16fbdbaTinderbox User      information on the DNS, see RFCs 1033, 1034, and 1035.
11e9368a226272085c337e9e74b79808c16fbdbaTinderbox User    </p>
11e9368a226272085c337e9e74b79808c16fbdbaTinderbox User<p>
11e9368a226272085c337e9e74b79808c16fbdbaTinderbox User      When invoked without arguments, <span><strong class="command">named</strong></span>
11e9368a226272085c337e9e74b79808c16fbdbaTinderbox User      will
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      read the default configuration file
11e9368a226272085c337e9e74b79808c16fbdbaTinderbox User      <code class="filename">/etc/named.conf</code>, read any initial
11e9368a226272085c337e9e74b79808c16fbdbaTinderbox User      data, and listen for queries.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
11e9368a226272085c337e9e74b79808c16fbdbaTinderbox User<div class="refsect1" lang="en">
11e9368a226272085c337e9e74b79808c16fbdbaTinderbox User<a name="id2612851"></a><h2>OPTIONS</h2>
11e9368a226272085c337e9e74b79808c16fbdbaTinderbox User<div class="variablelist"><dl>
44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater<dt><span class="term">-4</span></dt>
6f64d4ab8e68f9b2333bcbfc755396d29a4a9d7cAutomatic Updater<dd><p>
6f64d4ab8e68f9b2333bcbfc755396d29a4a9d7cAutomatic Updater            Use IPv4 only even if the host machine is capable of IPv6.
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User            <code class="option">-4</code> and <code class="option">-6</code> are mutually
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User            exclusive.
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User          </p></dd>
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User<dt><span class="term">-6</span></dt>
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User<dd><p>
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User            Use IPv6 only even if the host machine is capable of IPv4.
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User            <code class="option">-4</code> and <code class="option">-6</code> are mutually
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User            exclusive.
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User          </p></dd>
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User<dt><span class="term">-c <em class="replaceable"><code>config-file</code></em></span></dt>
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User<dd><p>
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User            Use <em class="replaceable"><code>config-file</code></em> as the
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User            configuration file instead of the default,
6f64d4ab8e68f9b2333bcbfc755396d29a4a9d7cAutomatic Updater            <code class="filename">/etc/named.conf</code>.  To
44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater            ensure that reloading the configuration file continues
44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater            to work after the server has changed its working
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User            directory due to to a possible
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User            <code class="option">directory</code> option in the configuration
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User            file, <em class="replaceable"><code>config-file</code></em> should be
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User            an absolute pathname.
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User          </p></dd>
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User<dt><span class="term">-d <em class="replaceable"><code>debug-level</code></em></span></dt>
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User<dd><p>
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User            Set the daemon's debug level to <em class="replaceable"><code>debug-level</code></em>.
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User            Debugging traces from <span><strong class="command">named</strong></span> become
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User            more verbose as the debug level increases.
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User          </p></dd>
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User<dt><span class="term">-E <em class="replaceable"><code>engine-name</code></em></span></dt>
44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater<dd><p>
bcf15a19ae0efa72a22cdfb50666a3c6ce39eb9fTinderbox User            Use a crypto hardware (OpenSSL engine) for the crypto operations
44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater            it supports, for instance re-signing with private keys from
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User            a secure key store. When compiled with PKCS#11 support
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User            <em class="replaceable"><code>engine-name</code></em>
bcf15a19ae0efa72a22cdfb50666a3c6ce39eb9fTinderbox User            defaults to pkcs11, the empty name resets it to no engine.
11e9368a226272085c337e9e74b79808c16fbdbaTinderbox User          </p></dd>
bcf15a19ae0efa72a22cdfb50666a3c6ce39eb9fTinderbox User<dt><span class="term">-f</span></dt>
11e9368a226272085c337e9e74b79808c16fbdbaTinderbox User<dd><p>
11e9368a226272085c337e9e74b79808c16fbdbaTinderbox User            Run the server in the foreground (i.e. do not daemonize).
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-g</span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            Run the server in the foreground and force all logging
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            to <code class="filename">stderr</code>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-m <em class="replaceable"><code>flag</code></em></span></dt>
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews<dd><p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        Turn on memory usage debugging flags.  Possible flags are
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews        <em class="replaceable"><code>usage</code></em>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        <em class="replaceable"><code>trace</code></em>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        <em class="replaceable"><code>record</code></em>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        <em class="replaceable"><code>size</code></em>, and
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        <em class="replaceable"><code>mctx</code></em>.
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews        These correspond to the ISC_MEM_DEBUGXXXX flags described in
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        <code class="filename">&lt;isc/mem.h&gt;</code>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-n <em class="replaceable"><code>#cpus</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            Create <em class="replaceable"><code>#cpus</code></em> worker threads
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            to take advantage of multiple CPUs.  If not specified,
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews            <span><strong class="command">named</strong></span> will try to determine the
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews            number of CPUs present and create one thread per CPU.
58d9e9169e7ab4355a0b0bfc13bc616bc5247dfeAutomatic Updater            If it is unable to determine the number of CPUs, a
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews            single worker thread will be created.
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews          </p></dd>
58d9e9169e7ab4355a0b0bfc13bc616bc5247dfeAutomatic Updater<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<dd><p>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews            Listen for queries on port <em class="replaceable"><code>port</code></em>.  If not
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            specified, the default is port 53.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-s</span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            Write memory usage statistics to <code class="filename">stdout</code> on exit.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<h3 class="title">Note</h3>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              This option is mainly of interest to BIND 9 developers
acb72d5e2c83b597332e3eb0c7d59e1142f1adfdMark Andrews              and may be removed or changed in a future release.
3cddb2c552ee6582e8db0849c28747f6b6ca57feAutomatic Updater            </p>
3cddb2c552ee6582e8db0849c28747f6b6ca57feAutomatic Updater</div>
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater</dd>
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater<dt><span class="term">-S <em class="replaceable"><code>#max-socks</code></em></span></dt>
3cddb2c552ee6582e8db0849c28747f6b6ca57feAutomatic Updater<dd>
3cddb2c552ee6582e8db0849c28747f6b6ca57feAutomatic Updater<p>
3cddb2c552ee6582e8db0849c28747f6b6ca57feAutomatic Updater        Allow <span><strong class="command">named</strong></span> to use up to
ca67ebfe9eef0b8f04179f7e511a19e0337a5422Automatic Updater        <em class="replaceable"><code>#max-socks</code></em> sockets.
3cddb2c552ee6582e8db0849c28747f6b6ca57feAutomatic Updater      </p>
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater<div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;">
852ccdd42a71550c974111b49415204ffeca6573Automatic Updater<h3 class="title">Warning</h3>
66f25f2ceeb589e67efe7af2413baaa3426b0042Automatic Updater<p>
66f25f2ceeb589e67efe7af2413baaa3426b0042Automatic Updater              This option should be unnecessary for the vast majority
66f25f2ceeb589e67efe7af2413baaa3426b0042Automatic Updater              of users.
66f25f2ceeb589e67efe7af2413baaa3426b0042Automatic Updater          The use of this option could even be harmful because the
66f25f2ceeb589e67efe7af2413baaa3426b0042Automatic Updater              specified value may exceed the limitation of the
66f25f2ceeb589e67efe7af2413baaa3426b0042Automatic Updater              underlying system API.
66f25f2ceeb589e67efe7af2413baaa3426b0042Automatic Updater          It is therefore set only when the default configuration
66f25f2ceeb589e67efe7af2413baaa3426b0042Automatic Updater              causes exhaustion of file descriptors and the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              operational environment is known to support the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              specified number of sockets.
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater          Note also that the actual maximum number is normally a little
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater              fewer than the specified value because
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater          <span><strong class="command">named</strong></span> reserves some file descriptors
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater          for its internal use.
38417cbfb1a328c20b5b723b8584a02c57f88897Automatic Updater            </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>Chroot
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein        to <em class="replaceable"><code>directory</code></em> after
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            processing the command line arguments, but before
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            reading the configuration file.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<h3 class="title">Warning</h3>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              This option should be used in conjunction with the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              <code class="option">-u</code> option, as chrooting a process
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              running as root doesn't enhance security on most
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              systems; the way <code class="function">chroot(2)</code> is
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              defined allows a process with root privileges to
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              escape a chroot jail.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dd>
3a5fe5abf08f16b8d31ab8ee9a788063110ef000Automatic Updater<dt><span class="term">-u <em class="replaceable"><code>user</code></em></span></dt>
3a5fe5abf08f16b8d31ab8ee9a788063110ef000Automatic Updater<dd>
3a5fe5abf08f16b8d31ab8ee9a788063110ef000Automatic Updater<p>Setuid
3a5fe5abf08f16b8d31ab8ee9a788063110ef000Automatic Updater        to <em class="replaceable"><code>user</code></em> after completing
3a5fe5abf08f16b8d31ab8ee9a788063110ef000Automatic Updater            privileged operations, such as creating sockets that
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            listen on privileged ports.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<h3 class="title">Note</h3>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              On Linux, <span><strong class="command">named</strong></span> uses the kernel's
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein                    capability mechanism to drop all root privileges
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              except the ability to <code class="function">bind(2)</code> to
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              privileged port and set process resource limits.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              Unfortunately, this means that the <code class="option">-u</code>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              option only works when <span><strong class="command">named</strong></span> is
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              run
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              later, since previous kernels did not allow privileges
b05bdb520d83f7ecaad708fe305268c3420be01dMark Andrews              to be retained after <code class="function">setuid(2)</code>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-v</span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User            Report the version number and exit.
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User          </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-V</span></dt>
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User<dd><p>
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User            Report the version number and build options, and exit.
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User          </p></dd>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<dt><span class="term">-x <em class="replaceable"><code>cache-file</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User            Load data from <em class="replaceable"><code>cache-file</code></em> into the
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User            cache of the default view.
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User          </p>
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User<div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;">
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User<h3 class="title">Warning</h3>
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User<p>
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User              This option must not be used.  It is only of interest
794b79e6bbc3f5db1ea6ae154d739b9f1ef1a375Tinderbox User              to BIND 9 developers and may be removed or changed in a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein              future release.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dl></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refsect1" lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id2627058"></a><h2>SIGNALS</h2>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User      In routine operation, signals should not be used to control
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      the nameserver; <span><strong class="command">rndc</strong></span> should be used
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      instead.
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="variablelist"><dl>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">SIGHUP</span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            Force a reload of the server.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">SIGINT, SIGTERM</span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            Shut down the server.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dl></div>
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      The result of sending any other signals to the server is undefined.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refsect1" lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id2668341"></a><h2>CONFIGURATION</h2>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      The <span><strong class="command">named</strong></span> configuration file is too complex
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      to describe in detail here.  A complete description is provided
11e9368a226272085c337e9e74b79808c16fbdbaTinderbox User      in the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<p>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews      <span><strong class="command">named</strong></span> inherits the <code class="function">umask</code>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews      (file creation mode mask) from the parent process. If files
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      created by <span><strong class="command">named</strong></span>, such as journal files,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      need to have custom permissions, the <code class="function">umask</code>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      should be set explicitly in the script used to start the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <span><strong class="command">named</strong></span> process.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refsect1" lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id2668390"></a><h2>FILES</h2>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="variablelist"><dl>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<dt><span class="term"><code class="filename">/etc/named.conf</code></span></dt>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<dd><p>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews            The default configuration file.
a1b05dea35aa30b152a47115e18bbe679d3fcf19Mark Andrews          </p></dd>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<dt><span class="term"><code class="filename">/var/run/named/named.pid</code></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            The default process-id file.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dl></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refsect1" lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id2668434"></a><h2>SEE ALSO</h2>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><em class="citetitle">RFC 1033</em>,
bea931e17b7567f09107f93ab7e25c7f00abeb9cMark Andrews      <em class="citetitle">RFC 1034</em>,
bea931e17b7567f09107f93ab7e25c7f00abeb9cMark Andrews      <em class="citetitle">RFC 1035</em>,
11e9368a226272085c337e9e74b79808c16fbdbaTinderbox User      <span class="citerefentry"><span class="refentrytitle">named-checkconf</span>(8)</span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <span class="citerefentry"><span class="refentrytitle">named-checkzone</span>(8)</span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <span class="citerefentry"><span class="refentrytitle">lwresd</span>(8)</span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refsect1" lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id2668504"></a><h2>AUTHOR</h2>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span class="corpauthor">Internet Systems Consortium</span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="navfooter">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<hr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<table width="100%" summary="Navigation footer">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="left">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a accesskey="p" href="man.named-checkzone.html">Prev</a>�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="right">�<a accesskey="n" href="man.nsupdate.html">Next</a>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="left" valign="top">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<span class="application">named-checkzone</span>�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="right" valign="top">�<span class="application">nsupdate</span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</td>
2cc6eb92f9443695bc32fa6eed372d983d261a35Automatic Updater</tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</table>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</body>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</html>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein