regen from named.docbook

1 files changed, 78 insertions, 173 deletions

diff --git a/usr.sbin/bind/bin/named/named.8 b/usr.sbin/bind/bin/named/named.8
index d0020600e40..af302ba53ce 100644
--- a/usr.sbin/bind/bin/named/named.8
+++ b/usr.sbin/bind/bin/named/named.8
@@ -13,224 +13,129 @@
 .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 .\" PERFORMANCE OF THIS SOFTWARE.
 .\"
-.\" $ISC: named.8,v 1.20.18.15 2007/06/20 02:26:58 marka Exp $
+.\" $Id: named.8,v 1.9 2007/12/09 20:36:23 jakob Exp $
 .\"
 .hy 0
 .ad l
-.\"     Title: named
-.\"    Author: 
-.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/>
-.\"      Date: June 30, 2000
-.\"    Manual: BIND9
-.\"    Source: BIND9
-.\"
-.TH "NAMED" "8" "June 30, 2000" "BIND9" "BIND9"
-.\" disable hyphenation
-.nh
-.\" disable justification (adjust text to left margin only)
-.ad l
-.SH "NAME"
+.\"Generated by db2man.xsl. Don't modify this, modify the source.
+.de Sh \" Subsection
+.br
+.if t .Sp
+.ne 5
+.PP
+\fB\\$1\fR
+.PP
+..
+.de Sp \" Vertical space (when we can't use .PP)
+.if t .sp .5v
+.if n .sp
+..
+.de Ip \" List item
+.br
+.ie \\n(.$>=3 .ne \\$3
+.el .ne 3
+.IP "\\$1" \\$2
+..
+.TH "NAMED" 8 "June 30, 2000" "" ""
+.SH NAME
 named \- Internet domain name server
 .SH "SYNOPSIS"
 .HP 6
-\fBnamed\fR [\fB\-4\fR] [\fB\-6\fR] [\fB\-c\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-d\ \fR\fB\fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-m\ \fR\fB\fIflag\fR\fR] [\fB\-n\ \fR\fB\fI#cpus\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR] [\fB\-v\fR] [\fB\-x\ \fR\fB\fIcache\-file\fR\fR]
+\fBnamed\fR [\fB\-4\fR] [\fB\-6\fR] [\fB\-c\ \fIconfig\-file\fR\fR] [\fB\-d\ \fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-i\ \fIpid\-file\fR\fR] [\fB\-m\ \fIflag\fR\fR] [\fB\-n\ \fI#cpus\fR\fR] [\fB\-p\ \fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fIdirectory\fR\fR] [\fB\-u\ \fIuser\fR\fR] [\fB\-v\fR] [\fB\-x\ \fIcache\-file\fR\fR]
 .SH "DESCRIPTION"
 .PP
-\fBnamed\fR
-is a Domain Name System (DNS) server, part of the BIND 9 distribution from ISC. For more information on the DNS, see RFCs 1033, 1034, and 1035.
+\fBnamed\fR is a Domain Name System (DNS) server, part of the BIND 9 distribution from ISC\&. For more information on the DNS, see RFCs 1033, 1034, and 1035\&.
 .PP
-When invoked without arguments,
-\fBnamed\fR
-will read the default configuration file
-\fI/etc/named.conf\fR, read any initial data, and listen for queries.
+When invoked without arguments, \fBnamed\fR will fork into two processes for privilege separation, \fBchroot(2)\fR to \fB/var/named\fR, read the default configuration file \fI/var/named/etc/named\&.conf\fR, read any initial data, and listen for queries\&. The privileged process will communicate with the child and \fBbind(2)\fR to privileged ports on its behalf\&. See CAVEATS section below\&.
 .SH "OPTIONS"
-.PP
+.TP
 \-4
-.RS 4
-Use IPv4 only even if the host machine is capable of IPv6.
-\fB\-4\fR
-and
-\fB\-6\fR
-are mutually exclusive.
-.RE
-.PP
+Use IPv4 only even if the host machine is capable of IPv6\&. \fB\-4\fR and \fB\-6\fR are mutually exclusive\&.
+.TP
 \-6
-.RS 4
-Use IPv6 only even if the host machine is capable of IPv4.
-\fB\-4\fR
-and
-\fB\-6\fR
-are mutually exclusive.
-.RE
-.PP
+Use IPv6 only even if the host machine is capable of IPv4\&. \fB\-4\fR and \fB\-6\fR are mutually exclusive\&.
+.TP
 \-c \fIconfig\-file\fR
-.RS 4
-Use
-\fIconfig\-file\fR
-as the configuration file instead of the default,
-\fI/etc/named.conf\fR. To ensure that reloading the configuration file continues to work after the server has changed its working directory due to to a possible
-\fBdirectory\fR
-option in the configuration file,
-\fIconfig\-file\fR
-should be an absolute pathname.
-.RE
-.PP
+Use \fIconfig\-file\fR as the configuration file instead of the default, \fI/etc/named\&.conf\fR\&. To ensure that reloading the configuration file continues to work after the server has changed its working directory due to to a possible \fBdirectory\fR option in the configuration file, \fIconfig\-file\fR should be an absolute pathname\&.
+.TP
 \-d \fIdebug\-level\fR
-.RS 4
-Set the daemon's debug level to
-\fIdebug\-level\fR. Debugging traces from
-\fBnamed\fR
-become more verbose as the debug level increases.
-.RE
-.PP
+Set the daemon's debug level to \fIdebug\-level\fR\&. Debugging traces from \fBnamed\fR become more verbose as the debug level increases\&.
+.TP
 \-f
-.RS 4
-Run the server in the foreground (i.e. do not daemonize).
-.RE
-.PP
+Run the server in the foreground (i\&.e\&. do not daemonize)\&.
+.TP
 \-g
-.RS 4
-Run the server in the foreground and force all logging to
-\fIstderr\fR.
-.RE
-.PP
+Run the server in the foreground and force all logging to \fIstderr\fR\&.
+.TP
 \-m \fIflag\fR
-.RS 4
-Turn on memory usage debugging flags. Possible flags are
-\fIusage\fR,
-\fItrace\fR,
-\fIrecord\fR,
-\fIsize\fR, and
-\fImctx\fR. These correspond to the ISC_MEM_DEBUGXXXX flags described in
-\fI<isc/mem.h>\fR.
-.RE
-.PP
+Turn on memory usage debugging flags\&. Possible flags are \fIusage\fR, \fItrace\fR, \fIrecord\fR, \fIsize\fR, and \fImctx\fR\&. These correspond to the ISC_MEM_DEBUGXXXX flags described in \fI<isc/mem\&.h>\fR\&.
+.TP
+\-i \fIpid\-file\fR
+Specifies the file taht contains the process ID of \fBnamed\fR\&. The default is \fI/var/run/named\&.pid\fR\&.
+.TP
 \-n \fI#cpus\fR
-.RS 4
-Create
-\fI#cpus\fR
-worker threads to take advantage of multiple CPUs. If not specified,
-\fBnamed\fR
-will try to determine the number of CPUs present and create one thread per CPU. If it is unable to determine the number of CPUs, a single worker thread will be created.
-.RE
-.PP
+Create \fI#cpus\fR worker threads to take advantage of multiple CPUs\&. If not specified, \fBnamed\fR will try to determine the number of CPUs present and create one thread per CPU\&. If it is unable to determine the number of CPUs, a single worker thread will be created\&.
+.TP
 \-p \fIport\fR
-.RS 4
-Listen for queries on port
-\fIport\fR. If not specified, the default is port 53.
-.RE
-.PP
+Listen for queries on port \fIport\fR\&. If not specified, the default is port 53\&.
+.TP
 \-s
-.RS 4
-Write memory usage statistics to
-\fIstdout\fR
-on exit.
+Write memory usage statistics to \fIstdout\fR on exit\&.
 .RS
 .B "Note:"
-This option is mainly of interest to BIND 9 developers and may be removed or changed in a future release.
-.RE
+This option is mainly of interest to BIND 9 developers and may be removed or changed in a future release\&.
 .RE
-.PP
+.TP
 \-t \fIdirectory\fR
-.RS 4
-Chroot to
-\fIdirectory\fR
-after processing the command line arguments, but before reading the configuration file.
+Chroot to \fIdirectory\fR after processing the command line arguments, but before reading the configuration file\&.
 .RS
 .B "Warning:"
-This option should be used in conjunction with the
-\fB\-u\fR
-option, as chrooting a process running as root doesn't enhance security on most systems; the way
-\fBchroot(2)\fR
-is defined allows a process with root privileges to escape a chroot jail.
-.RE
+This option should be used in conjunction with the \fB\-u\fR option, as chrooting a process running as root doesn't enhance security on most systems; the way \fBchroot(2)\fR is defined allows a process with root privileges to escape a chroot jail\&.
 .RE
-.PP
+.TP
 \-u \fIuser\fR
-.RS 4
-Setuid to
-\fIuser\fR
-after completing privileged operations, such as creating sockets that listen on privileged ports.
+Setuid to \fIuser\fR after completing privileged operations, such as creating sockets that listen on privileged ports\&.
 .RS
 .B "Note:"
-On Linux,
-\fBnamed\fR
-uses the kernel's capability mechanism to drop all root privileges except the ability to
-\fBbind(2)\fR
-to a privileged port and set process resource limits. Unfortunately, this means that the
-\fB\-u\fR
-option only works when
-\fBnamed\fR
-is run on kernel 2.2.18 or later, or kernel 2.3.99\-pre3 or later, since previous kernels did not allow privileges to be retained after
-\fBsetuid(2)\fR.
+On Linux, \fBnamed\fR uses the kernel's capability mechanism to drop all root privileges except the ability to \fBbind(2)\fR to a privileged port and set process resource limits\&. Unfortunately, this means that the \fB\-u\fR option only works when \fBnamed\fR is run on kernel 2\&.2\&.18 or later, or kernel 2\&.3\&.99\-pre3 or later, since previous kernels did not allow privileges to be retained after \fBsetuid(2)\fR\&.
 .RE
-.RE
-.PP
+.TP
 \-v
-.RS 4
-Report the version number and exit.
-.RE
-.PP
+Report the version number and exit\&.
+.TP
 \-x \fIcache\-file\fR
-.RS 4
-Load data from
-\fIcache\-file\fR
-into the cache of the default view.
+Load data from \fIcache\-file\fR into the cache of the default view\&.
 .RS
 .B "Warning:"
-This option must not be used. It is only of interest to BIND 9 developers and may be removed or changed in a future release.
-.RE
+This option must not be used\&. It is only of interest to BIND 9 developers and may be removed or changed in a future release\&.
 .RE
 .SH "SIGNALS"
 .PP
-In routine operation, signals should not be used to control the nameserver;
-\fBrndc\fR
-should be used instead.
-.PP
+In routine operation, signals should not be used to control the nameserver; \fBrndc\fR should be used instead\&.
+.TP
 SIGHUP
-.RS 4
-Force a reload of the server.
-.RE
-.PP
+Force a reload of the server\&.
+.TP
 SIGINT, SIGTERM
-.RS 4
-Shut down the server.
-.RE
+Shut down the server\&.
 .PP
-The result of sending any other signals to the server is undefined.
+The result of sending any other signals to the server is undefined\&.
 .SH "CONFIGURATION"
 .PP
-The
-\fBnamed\fR
-configuration file is too complex to describe in detail here. A complete description is provided in the
-BIND 9 Administrator Reference Manual.
-.SH "FILES"
+The \fBnamed\fR configuration file is too complex to describe in detail here\&. A complete description is provided in the BIND 9 Administrator Reference Manual\&.
+.SH "CAVEATS"
 .PP
-\fI/etc/named.conf\fR
-.RS 4
-The default configuration file.
-.RE
-.PP
-\fI/var/run/named.pid\fR
-.RS 4
-The default process\-id file.
-.RE
+ \fBnamed\fR runs privilege separated for binding the privileged ports after an interface or address change\&. The privileged process will only allow \fBnamed\fR to \fBbind(2)\fR to default ports\&. Make sure you use unprivileged (>1024) ports if you change any of the default ports in \fBnamed\fR's configuration or on the command\-line\&.
+.SH "FILES"
+.TP
+\fI/etc/named\&.conf\fR
+The default configuration file\&.
+.TP
+\fI/var/run/named\&.pid\fR
+The default process\-id file\&.
 .SH "SEE ALSO"
 .PP
-RFC 1033,
-RFC 1034,
-RFC 1035,
-\fBnamed\-checkconf\fR(8),
-\fBnamed\-checkzone\fR(8),
-\fBrndc\fR(8),
-\fBlwresd\fR(8),
-\fBnamed.conf\fR(5),
-BIND 9 Administrator Reference Manual.
+RFC 1033, RFC 1034, RFC 1035, \fBnamed\-checkconf\fR(8), \fBnamed\-checkzone\fR(8), \fBrndc\fR(8), \fBlwresd\fR(8), \fBnamed\&.conf\fR(5), BIND 9 Administrator Reference Manual\&.
 .SH "AUTHOR"
 .PP
-Internet Systems Consortium
-.SH "COPYRIGHT"
-Copyright \(co 2004\-2007 Internet Systems Consortium, Inc. ("ISC")
-.br
-Copyright \(co 2000, 2001, 2003 Internet Software Consortium.
-.br
+Internet Systems Consortium