bin/named/named.docbook

<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
               "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
               [<!ENTITY mdash "&#8212;">]>
<!--
 - Copyright (C) 2004-2009  Internet Systems Consortium, Inc. ("ISC")
 - Copyright (C) 2000, 2001, 2003  Internet Software Consortium.
 -
 - Permission to use, copy, modify, and/or distribute this software for any
 - purpose with or without fee is hereby granted, provided that the above
 - copyright notice and this permission notice appear in all copies.
 -
 - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
 - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
 - AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
 - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
 - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
 - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 - PERFORMANCE OF THIS SOFTWARE.
-->

<!-- $Id: named.docbook,v 1.1.1.1 2013-01-30 01:44:56 laffer1 Exp $ -->
<refentry id="man.named">
  <refentryinfo>
    <date>May 21, 2009</date>
  </refentryinfo>

  <refmeta>
    <refentrytitle><application>named</application></refentrytitle>
    <manvolnum>8</manvolnum>
    <refmiscinfo>BIND9</refmiscinfo>
  </refmeta>

  <refnamediv>
    <refname><application>named</application></refname>
    <refpurpose>Internet domain name server</refpurpose>
  </refnamediv>

  <docinfo>
    <copyright>
      <year>2004</year>
      <year>2005</year>
      <year>2006</year>
      <year>2007</year>
      <year>2008</year>
      <year>2009</year>
      <holder>Internet Systems Consortium, Inc. ("ISC")</holder>
    </copyright>
    <copyright>
      <year>2000</year>
      <year>2001</year>
      <year>2003</year>
      <holder>Internet Software Consortium.</holder>
    </copyright>
  </docinfo>

  <refsynopsisdiv>
    <cmdsynopsis>
      <command>named</command>
      <arg><option>-4</option></arg>
      <arg><option>-6</option></arg>
      <arg><option>-c <replaceable class="parameter">config-file</replaceable></option></arg>
      <arg><option>-d <replaceable class="parameter">debug-level</replaceable></option></arg>
      <arg><option>-E <replaceable class="parameter">engine-name</replaceable></option></arg>
      <arg><option>-f</option></arg>
      <arg><option>-g</option></arg>
      <arg><option>-m <replaceable class="parameter">flag</replaceable></option></arg>
      <arg><option>-n <replaceable class="parameter">#cpus</replaceable></option></arg>
      <arg><option>-p <replaceable class="parameter">port</replaceable></option></arg>
      <arg><option>-s</option></arg>
      <arg><option>-S <replaceable class="parameter">#max-socks</replaceable></option></arg>
      <arg><option>-t <replaceable class="parameter">directory</replaceable></option></arg>
      <arg><option>-u <replaceable class="parameter">user</replaceable></option></arg>
      <arg><option>-v</option></arg>
      <arg><option>-V</option></arg>
      <arg><option>-x <replaceable class="parameter">cache-file</replaceable></option></arg>
    </cmdsynopsis>
  </refsynopsisdiv>

  <refsect1>
    <title>DESCRIPTION</title>
    <para><command>named</command>
      is a Domain Name System (DNS) server,
      part of the BIND 9 distribution from ISC.  For more
      information on the DNS, see RFCs 1033, 1034, and 1035.
    </para>
    <para>
      When invoked without arguments, <command>named</command>
      will
      read the default configuration file
      <filename>/etc/named.conf</filename>, read any initial
      data, and listen for queries.
    </para>
  </refsect1>

  <refsect1>
    <title>OPTIONS</title>

    <variablelist>
      <varlistentry>
        <term>-4</term>
        <listitem>
          <para>
            Use IPv4 only even if the host machine is capable of IPv6.
            <option>-4</option> and <option>-6</option> are mutually
            exclusive.
          </para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term>-6</term>
        <listitem>
          <para>
            Use IPv6 only even if the host machine is capable of IPv4.
            <option>-4</option> and <option>-6</option> are mutually
            exclusive.
          </para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term>-c <replaceable class="parameter">config-file</replaceable></term>
        <listitem>
          <para>
            Use <replaceable class="parameter">config-file</replaceable> as the
            configuration file instead of the default,
            <filename>/etc/named.conf</filename>.  To
            ensure that reloading the configuration file continues
            to work after the server has changed its working
            directory due to to a possible
            <option>directory</option> option in the configuration
            file, <replaceable class="parameter">config-file</replaceable> should be
            an absolute pathname.
          </para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term>-d <replaceable class="parameter">debug-level</replaceable></term>
        <listitem>
          <para>
            Set the daemon's debug level to <replaceable class="parameter">debug-level</replaceable>.
            Debugging traces from <command>named</command> become
            more verbose as the debug level increases.
          </para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term>-E <replaceable class="parameter">engine-name</replaceable></term>
        <listitem>
          <para>
            Use a crypto hardware (OpenSSL engine) for the crypto operations
            it supports, for instance re-signing with private keys from
            a secure key store. When compiled with PKCS#11 support
            <replaceable class="parameter">engine-name</replaceable>
            defaults to pkcs11, the empty name resets it to no engine.
          </para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term>-f</term>
        <listitem>
          <para>
            Run the server in the foreground (i.e. do not daemonize).
          </para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term>-g</term>
        <listitem>
          <para>
            Run the server in the foreground and force all logging
            to <filename>stderr</filename>.
          </para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term>-m <replaceable class="parameter">flag</replaceable></term>
        <listitem>
          <para>
            Turn on memory usage debugging flags.  Possible flags are
            <replaceable class="parameter">usage</replaceable>,
            <replaceable class="parameter">trace</replaceable>,
            <replaceable class="parameter">record</replaceable>,
            <replaceable class="parameter">size</replaceable>, and
            <replaceable class="parameter">mctx</replaceable>.
            These correspond to the ISC_MEM_DEBUGXXXX flags described in
            <filename>&lt;isc/mem.h&gt;</filename>.
          </para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term>-n <replaceable class="parameter">#cpus</replaceable></term>
        <listitem>
          <para>
            Create <replaceable class="parameter">#cpus</replaceable> worker threads
            to take advantage of multiple CPUs.  If not specified,
            <command>named</command> will try to determine the
            number of CPUs present and create one thread per CPU.
            If it is unable to determine the number of CPUs, a
            single worker thread will be created.
          </para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term>-p <replaceable class="parameter">port</replaceable></term>
        <listitem>
          <para>
            Listen for queries on port <replaceable class="parameter">port</replaceable>.  If not
            specified, the default is port 53.
          </para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term>-s</term>
        <listitem>
          <para>
            Write memory usage statistics to <filename>stdout</filename> on exit.
          </para>
          <note>
            <para>
              This option is mainly of interest to BIND 9 developers
              and may be removed or changed in a future release.
            </para>
          </note>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term>-S <replaceable class="parameter">#max-socks</replaceable></term>
        <listitem>
          <para>
            Allow <command>named</command> to use up to
            <replaceable class="parameter">#max-socks</replaceable> sockets.
          </para>
          <warning>
            <para>
              This option should be unnecessary for the vast majority
              of users.
              The use of this option could even be harmful because the
              specified value may exceed the limitation of the
              underlying system API.
              It is therefore set only when the default configuration
              causes exhaustion of file descriptors and the
              operational environment is known to support the
              specified number of sockets.
              Note also that the actual maximum number is normally a little
              fewer than the specified value because
              <command>named</command> reserves some file descriptors
              for its internal use.
            </para>
          </warning>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term>-t <replaceable class="parameter">directory</replaceable></term>
        <listitem>
          <para>Chroot
            to <replaceable class="parameter">directory</replaceable> after
            processing the command line arguments, but before
            reading the configuration file.
          </para>
          <warning>
            <para>
              This option should be used in conjunction with the
              <option>-u</option> option, as chrooting a process
              running as root doesn't enhance security on most
              systems; the way <function>chroot(2)</function> is
              defined allows a process with root privileges to
              escape a chroot jail.
            </para>
          </warning>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term>-u <replaceable class="parameter">user</replaceable></term>
        <listitem>
          <para>Setuid
            to <replaceable class="parameter">user</replaceable> after completing
            privileged operations, such as creating sockets that
            listen on privileged ports.
          </para>
          <note>
            <para>
              On Linux, <command>named</command> uses the kernel's
                        capability mechanism to drop all root privileges
              except the ability to <function>bind(2)</function> to
              a
              privileged port and set process resource limits.
              Unfortunately, this means that the <option>-u</option>
              option only works when <command>named</command> is
              run
              on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or
              later, since previous kernels did not allow privileges
              to be retained after <function>setuid(2)</function>.
            </para>
          </note>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term>-v</term>
        <listitem>
          <para>
            Report the version number and exit.
          </para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term>-V</term>
        <listitem>
          <para>
            Report the version number and build options, and exit.
          </para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term>-x <replaceable class="parameter">cache-file</replaceable></term>
        <listitem>
          <para>
            Load data from <replaceable class="parameter">cache-file</replaceable> into the
            cache of the default view.
          </para>
          <warning>
            <para>
              This option must not be used.  It is only of interest
              to BIND 9 developers and may be removed or changed in a
              future release.
            </para>
          </warning>
        </listitem>
      </varlistentry>

    </variablelist>

  </refsect1>

  <refsect1>
    <title>SIGNALS</title>
    <para>
      In routine operation, signals should not be used to control
      the nameserver; <command>rndc</command> should be used
      instead.
    </para>

    <variablelist>

      <varlistentry>
        <term>SIGHUP</term>
        <listitem>
          <para>
            Force a reload of the server.
          </para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term>SIGINT, SIGTERM</term>
        <listitem>
          <para>
            Shut down the server.
          </para>
        </listitem>
      </varlistentry>

    </variablelist>

    <para>
      The result of sending any other signals to the server is undefined.
    </para>

  </refsect1>

  <refsect1>
    <title>CONFIGURATION</title>
    <para>
      The <command>named</command> configuration file is too complex
      to describe in detail here.  A complete description is provided
      in the
      <citetitle>BIND 9 Administrator Reference Manual</citetitle>.
    </para>

    <para>
      <command>named</command> inherits the <function>umask</function>
      (file creation mode mask) from the parent process. If files
      created by <command>named</command>, such as journal files,
      need to have custom permissions, the <function>umask</function>
      should be set explicitly in the script used to start the
      <command>named</command> process.
    </para>

  </refsect1>

  <refsect1>
    <title>FILES</title>

    <variablelist>

      <varlistentry>
        <term><filename>/etc/named.conf</filename></term>
        <listitem>
          <para>
            The default configuration file.
          </para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term><filename>/var/run/named/named.pid</filename></term>
        <listitem>
          <para>
            The default process-id file.
          </para>
        </listitem>
      </varlistentry>

    </variablelist>

  </refsect1>

  <refsect1>
    <title>SEE ALSO</title>
    <para><citetitle>RFC 1033</citetitle>,
      <citetitle>RFC 1034</citetitle>,
      <citetitle>RFC 1035</citetitle>,
      <citerefentry>
        <refentrytitle>named-checkconf</refentrytitle>
        <manvolnum>8</manvolnum>
      </citerefentry>,
      <citerefentry>
        <refentrytitle>named-checkzone</refentrytitle>
        <manvolnum>8</manvolnum>
      </citerefentry>,
      <citerefentry>
        <refentrytitle>rndc</refentrytitle>
        <manvolnum>8</manvolnum>
      </citerefentry>,
      <citerefentry>
        <refentrytitle>lwresd</refentrytitle>
        <manvolnum>8</manvolnum>
      </citerefentry>,
      <citerefentry>
        <refentrytitle>named.conf</refentrytitle>
        <manvolnum>5</manvolnum>
      </citerefentry>,
      <citetitle>BIND 9 Administrator Reference Manual</citetitle>.
    </para>
  </refsect1>

  <refsect1>
    <title>AUTHOR</title>
    <para><corpauthor>Internet Systems Consortium</corpauthor>
    </para>
  </refsect1>

</refentry><!--
 - Local variables:
 - mode: sgml
 - End:
-->
Revision:	6600
Committed:	Wed Jan 15 00:56:49 2014 UTC (10 years, 3 months ago) by laffer1
File size:	15587 byte(s)
Log Message:	security update
#	Content
1	<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
2	"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
3	[<!ENTITY mdash "—">]>
4	<!--
5	- Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC")
6	- Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
7	-
8	- Permission to use, copy, modify, and/or distribute this software for any
9	- purpose with or without fee is hereby granted, provided that the above
10	- copyright notice and this permission notice appear in all copies.
11	-
12	- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
13	- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
14	- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
15	- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
16	- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
17	- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
18	- PERFORMANCE OF THIS SOFTWARE.
19	-->
20
21	<!-- $Id: named.docbook,v 1.1.1.1 2013-01-30 01:44:56 laffer1 Exp $ -->
22	<refentry id="man.named">
23	<refentryinfo>
24	<date>May 21, 2009</date>
25	</refentryinfo>
26
27	<refmeta>
28	<refentrytitle><application>named</application></refentrytitle>
29	<manvolnum>8</manvolnum>
30	<refmiscinfo>BIND9</refmiscinfo>
31	</refmeta>
32
33	<refnamediv>
34	<refname><application>named</application></refname>
35	<refpurpose>Internet domain name server</refpurpose>
36	</refnamediv>
37
38	<docinfo>
39	<copyright>
40	<year>2004</year>
41	<year>2005</year>
42	<year>2006</year>
43	<year>2007</year>
44	<year>2008</year>
45	<year>2009</year>
46	<holder>Internet Systems Consortium, Inc. ("ISC")</holder>
47	</copyright>
48	<copyright>
49	<year>2000</year>
50	<year>2001</year>
51	<year>2003</year>
52	<holder>Internet Software Consortium.</holder>
53	</copyright>
54	</docinfo>
55
56	<refsynopsisdiv>
57	<cmdsynopsis>
58	<command>named</command>
59	<arg><option>-4</option></arg>
60	<arg><option>-6</option></arg>
61	<arg><option>-c <replaceable class="parameter">config-file</replaceable></option></arg>
62	<arg><option>-d <replaceable class="parameter">debug-level</replaceable></option></arg>
63	<arg><option>-E <replaceable class="parameter">engine-name</replaceable></option></arg>
64	<arg><option>-f</option></arg>
65	<arg><option>-g</option></arg>
66	<arg><option>-m <replaceable class="parameter">flag</replaceable></option></arg>
67	<arg><option>-n <replaceable class="parameter">#cpus</replaceable></option></arg>
68	<arg><option>-p <replaceable class="parameter">port</replaceable></option></arg>
69	<arg><option>-s</option></arg>
70	<arg><option>-S <replaceable class="parameter">#max-socks</replaceable></option></arg>
71	<arg><option>-t <replaceable class="parameter">directory</replaceable></option></arg>
72	<arg><option>-u <replaceable class="parameter">user</replaceable></option></arg>
73	<arg><option>-v</option></arg>
74	<arg><option>-V</option></arg>
75	<arg><option>-x <replaceable class="parameter">cache-file</replaceable></option></arg>
76	</cmdsynopsis>
77	</refsynopsisdiv>
78
79	<refsect1>
80	<title>DESCRIPTION</title>
81	<para><command>named</command>
82	is a Domain Name System (DNS) server,
83	part of the BIND 9 distribution from ISC. For more
84	information on the DNS, see RFCs 1033, 1034, and 1035.
85	</para>
86	<para>
87	When invoked without arguments, <command>named</command>
88	will
89	read the default configuration file
90	<filename>/etc/named.conf</filename>, read any initial
91	data, and listen for queries.
92	</para>
93	</refsect1>
94
95	<refsect1>
96	<title>OPTIONS</title>
97
98	<variablelist>
99	<varlistentry>
100	<term>-4</term>
101	<listitem>
102	<para>
103	Use IPv4 only even if the host machine is capable of IPv6.
104	<option>-4</option> and <option>-6</option> are mutually
105	exclusive.
106	</para>
107	</listitem>
108	</varlistentry>
109
110	<varlistentry>
111	<term>-6</term>
112	<listitem>
113	<para>
114	Use IPv6 only even if the host machine is capable of IPv4.
115	<option>-4</option> and <option>-6</option> are mutually
116	exclusive.
117	</para>
118	</listitem>
119	</varlistentry>
120
121	<varlistentry>
122	<term>-c <replaceable class="parameter">config-file</replaceable></term>
123	<listitem>
124	<para>
125	Use <replaceable class="parameter">config-file</replaceable> as the
126	configuration file instead of the default,
127	<filename>/etc/named.conf</filename>. To
128	ensure that reloading the configuration file continues
129	to work after the server has changed its working
130	directory due to to a possible
131	<option>directory</option> option in the configuration
132	file, <replaceable class="parameter">config-file</replaceable> should be
133	an absolute pathname.
134	</para>
135	</listitem>
136	</varlistentry>
137
138	<varlistentry>
139	<term>-d <replaceable class="parameter">debug-level</replaceable></term>
140	<listitem>
141	<para>
142	Set the daemon's debug level to <replaceable class="parameter">debug-level</replaceable>.
143	Debugging traces from <command>named</command> become
144	more verbose as the debug level increases.
145	</para>
146	</listitem>
147	</varlistentry>
148
149	<varlistentry>
150	<term>-E <replaceable class="parameter">engine-name</replaceable></term>
151	<listitem>
152	<para>
153	Use a crypto hardware (OpenSSL engine) for the crypto operations
154	it supports, for instance re-signing with private keys from
155	a secure key store. When compiled with PKCS#11 support
156	<replaceable class="parameter">engine-name</replaceable>
157	defaults to pkcs11, the empty name resets it to no engine.
158	</para>
159	</listitem>
160	</varlistentry>
161
162	<varlistentry>
163	<term>-f</term>
164	<listitem>
165	<para>
166	Run the server in the foreground (i.e. do not daemonize).
167	</para>
168	</listitem>
169	</varlistentry>
170
171	<varlistentry>
172	<term>-g</term>
173	<listitem>
174	<para>
175	Run the server in the foreground and force all logging
176	to <filename>stderr</filename>.
177	</para>
178	</listitem>
179	</varlistentry>
180
181	<varlistentry>
182	<term>-m <replaceable class="parameter">flag</replaceable></term>
183	<listitem>
184	<para>
185	Turn on memory usage debugging flags. Possible flags are
186	<replaceable class="parameter">usage</replaceable>,
187	<replaceable class="parameter">trace</replaceable>,
188	<replaceable class="parameter">record</replaceable>,
189	<replaceable class="parameter">size</replaceable>, and
190	<replaceable class="parameter">mctx</replaceable>.
191	These correspond to the ISC_MEM_DEBUGXXXX flags described in
192	<filename><isc/mem.h></filename>.
193	</para>
194	</listitem>
195	</varlistentry>
196
197	<varlistentry>
198	<term>-n <replaceable class="parameter">#cpus</replaceable></term>
199	<listitem>
200	<para>
201	Create <replaceable class="parameter">#cpus</replaceable> worker threads
202	to take advantage of multiple CPUs. If not specified,
203	<command>named</command> will try to determine the
204	number of CPUs present and create one thread per CPU.
205	If it is unable to determine the number of CPUs, a
206	single worker thread will be created.
207	</para>
208	</listitem>
209	</varlistentry>
210
211	<varlistentry>
212	<term>-p <replaceable class="parameter">port</replaceable></term>
213	<listitem>
214	<para>
215	Listen for queries on port <replaceable class="parameter">port</replaceable>. If not
216	specified, the default is port 53.
217	</para>
218	</listitem>
219	</varlistentry>
220
221	<varlistentry>
222	<term>-s</term>
223	<listitem>
224	<para>
225	Write memory usage statistics to <filename>stdout</filename> on exit.
226	</para>
227	<note>
228	<para>
229	This option is mainly of interest to BIND 9 developers
230	and may be removed or changed in a future release.
231	</para>
232	</note>
233	</listitem>
234	</varlistentry>
235
236	<varlistentry>
237	<term>-S <replaceable class="parameter">#max-socks</replaceable></term>
238	<listitem>
239	<para>
240	Allow <command>named</command> to use up to
241	<replaceable class="parameter">#max-socks</replaceable> sockets.
242	</para>
243	<warning>
244	<para>
245	This option should be unnecessary for the vast majority
246	of users.
247	The use of this option could even be harmful because the
248	specified value may exceed the limitation of the
249	underlying system API.
250	It is therefore set only when the default configuration
251	causes exhaustion of file descriptors and the
252	operational environment is known to support the
253	specified number of sockets.
254	Note also that the actual maximum number is normally a little
255	fewer than the specified value because
256	<command>named</command> reserves some file descriptors
257	for its internal use.
258	</para>
259	</warning>
260	</listitem>
261	</varlistentry>
262
263	<varlistentry>
264	<term>-t <replaceable class="parameter">directory</replaceable></term>
265	<listitem>
266	<para>Chroot
267	to <replaceable class="parameter">directory</replaceable> after
268	processing the command line arguments, but before
269	reading the configuration file.
270	</para>
271	<warning>
272	<para>
273	This option should be used in conjunction with the
274	<option>-u</option> option, as chrooting a process
275	running as root doesn't enhance security on most
276	systems; the way <function>chroot(2)</function> is
277	defined allows a process with root privileges to
278	escape a chroot jail.
279	</para>
280	</warning>
281	</listitem>
282	</varlistentry>
283
284	<varlistentry>
285	<term>-u <replaceable class="parameter">user</replaceable></term>
286	<listitem>
287	<para>Setuid
288	to <replaceable class="parameter">user</replaceable> after completing
289	privileged operations, such as creating sockets that
290	listen on privileged ports.
291	</para>
292	<note>
293	<para>
294	On Linux, <command>named</command> uses the kernel's
295	capability mechanism to drop all root privileges
296	except the ability to <function>bind(2)</function> to
297	a
298	privileged port and set process resource limits.
299	Unfortunately, this means that the <option>-u</option>
300	option only works when <command>named</command> is
301	run
302	on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or
303	later, since previous kernels did not allow privileges
304	to be retained after <function>setuid(2)</function>.
305	</para>
306	</note>
307	</listitem>
308	</varlistentry>
309
310	<varlistentry>
311	<term>-v</term>
312	<listitem>
313	<para>
314	Report the version number and exit.
315	</para>
316	</listitem>
317	</varlistentry>
318
319	<varlistentry>
320	<term>-V</term>
321	<listitem>
322	<para>
323	Report the version number and build options, and exit.
324	</para>
325	</listitem>
326	</varlistentry>
327
328	<varlistentry>
329	<term>-x <replaceable class="parameter">cache-file</replaceable></term>
330	<listitem>
331	<para>
332	Load data from <replaceable class="parameter">cache-file</replaceable> into the
333	cache of the default view.
334	</para>
335	<warning>
336	<para>
337	This option must not be used. It is only of interest
338	to BIND 9 developers and may be removed or changed in a
339	future release.
340	</para>
341	</warning>
342	</listitem>
343	</varlistentry>
344
345	</variablelist>
346
347	</refsect1>
348
349	<refsect1>
350	<title>SIGNALS</title>
351	<para>
352	In routine operation, signals should not be used to control
353	the nameserver; <command>rndc</command> should be used
354	instead.
355	</para>
356
357	<variablelist>
358
359	<varlistentry>
360	<term>SIGHUP</term>
361	<listitem>
362	<para>
363	Force a reload of the server.
364	</para>
365	</listitem>
366	</varlistentry>
367
368	<varlistentry>
369	<term>SIGINT, SIGTERM</term>
370	<listitem>
371	<para>
372	Shut down the server.
373	</para>
374	</listitem>
375	</varlistentry>
376
377	</variablelist>
378
379	<para>
380	The result of sending any other signals to the server is undefined.
381	</para>
382
383	</refsect1>
384
385	<refsect1>
386	<title>CONFIGURATION</title>
387	<para>
388	The <command>named</command> configuration file is too complex
389	to describe in detail here. A complete description is provided
390	in the
391	<citetitle>BIND 9 Administrator Reference Manual</citetitle>.
392	</para>
393
394	<para>
395	<command>named</command> inherits the <function>umask</function>
396	(file creation mode mask) from the parent process. If files
397	created by <command>named</command>, such as journal files,
398	need to have custom permissions, the <function>umask</function>
399	should be set explicitly in the script used to start the
400	<command>named</command> process.
401	</para>
402
403	</refsect1>
404
405	<refsect1>
406	<title>FILES</title>
407
408	<variablelist>
409
410	<varlistentry>
411	<term><filename>/etc/named.conf</filename></term>
412	<listitem>
413	<para>
414	The default configuration file.
415	</para>
416	</listitem>
417	</varlistentry>
418
419	<varlistentry>
420	<term><filename>/var/run/named/named.pid</filename></term>
421	<listitem>
422	<para>
423	The default process-id file.
424	</para>
425	</listitem>
426	</varlistentry>
427
428	</variablelist>
429
430	</refsect1>
431
432	<refsect1>
433	<title>SEE ALSO</title>
434	<para><citetitle>RFC 1033</citetitle>,
435	<citetitle>RFC 1034</citetitle>,
436	<citetitle>RFC 1035</citetitle>,
437	<citerefentry>
438	<refentrytitle>named-checkconf</refentrytitle>
439	<manvolnum>8</manvolnum>
440	</citerefentry>,
441	<citerefentry>
442	<refentrytitle>named-checkzone</refentrytitle>
443	<manvolnum>8</manvolnum>
444	</citerefentry>,
445	<citerefentry>
446	<refentrytitle>rndc</refentrytitle>
447	<manvolnum>8</manvolnum>
448	</citerefentry>,
449	<citerefentry>
450	<refentrytitle>lwresd</refentrytitle>
451	<manvolnum>8</manvolnum>
452	</citerefentry>,
453	<citerefentry>
454	<refentrytitle>named.conf</refentrytitle>
455	<manvolnum>5</manvolnum>
456	</citerefentry>,
457	<citetitle>BIND 9 Administrator Reference Manual</citetitle>.
458	</para>
459	</refsect1>
460
461	<refsect1>
462	<title>AUTHOR</title>
463	<para><corpauthor>Internet Systems Consortium</corpauthor>
464	</para>
465	</refsect1>
466
467	</refentry><!--
468	- Local variables:
469	- mode: sgml
470	- End:
471	-->