rrnnddcc--ccoonnffggeenn generates configuration files for rrnnddcc. It can be used as a convenient alternative to writing the _r_n_d_c_._c_o_n_f file and the corresponding ccoonnttrroollss and kkeeyy statements in _n_a_m_e_d_._c_o_n_f by hand. Alternatively, it can be run with the --aa option to set up a _r_n_d_c_._k_e_y file and avoid the need for a _r_n_d_c_._c_o_n_f file and a ccoonnttrroollss statement altogether.
-a
Do automatic
rrnnddcc
configuration. This creates a file
_r_n_d_c_._k_e_y
in
_/_e_t_c
(or whatever
_s_y_s_c_o_n_f_d_i_r
was specified as when
BIND
was built) that is read by both
rrnnddcc
and
nnaammeedd
on startup. The
_r_n_d_c_._k_e_y
file defines a default command channel and authentication key allowing
rrnnddcc
to communicate with
nnaammeedd
on the local host with no further configuration.
Running
rrnnddcc--ccoonnffggeenn --aa
allows BIND 9 and
rrnnddcc
to be used as drop-in replacements for BIND 8 and
nnddcc, with no changes to the existing BIND 8
_n_a_m_e_d_._c_o_n_f
file.
If a more elaborate configuration than that generated by
rrnnddcc--ccoonnffggeenn --aa
is required, for example if rndc is to be used remotely, you should run
rrnnddcc--ccoonnffggeenn
without the
--aa
option and set up a
_r_n_d_c_._c_o_n_f
and
_n_a_m_e_d_._c_o_n_f
as directed.
-b _k_e_y_s_i_z_e Specifies the size of the authentication key in bits. Must be between 1 and 512 bits; the default is 128.
-c _k_e_y_f_i_l_e Used with the --aa option to specify an alternate location for _r_n_d_c_._k_e_y.
-h Prints a short summary of the options and arguments to rrnnddcc--ccoonnffggeenn.
-k _k_e_y_n_a_m_e Specifies the key name of the rndc authentication key. This must be a valid domain name. The default is rrnnddcc--kkeeyy.
-p _p_o_r_t Specifies the command channel port where nnaammeedd listens for connections from rrnnddcc. The default is 953.
-r _r_a_n_d_o_m_f_i_l_e Specifies a source of random data for generating the authorization. If the operating system does not provide a _/_d_e_v_/_r_a_n_d_o_m or equivalent device, the default source of randomness is keyboard input. _r_a_n_d_o_m_d_e_v specifies the name of a character device or file containing random data to be used instead of the default. The special value _k_e_y_b_o_a_r_d indicates that keyboard input should be used.
-s _a_d_d_r_e_s_s Specifies the IP address where nnaammeedd listens for command channel connections from rrnnddcc. The default is the loopback address 127.0.0.1.
-t _c_h_r_o_o_t_d_i_r Used with the --aa option to specify a directory where nnaammeedd will run chrooted. An additional copy of the _r_n_d_c_._k_e_y will be written relative to this directory so that it will be found by the chrooted nnaammeedd.
-u _u_s_e_r Used with the --aa option to set the owner of the _r_n_d_c_._k_e_y file generated. If --tt is also specified only the file in the chroot area has its owner changed.
To allow rrnnddcc to be used with no manual configuration, run
rrnnddcc--ccoonnffggeenn --aa
To print a sample _r_n_d_c_._c_o_n_f file and corresponding ccoonnttrroollss and kkeeyy statements to be manually inserted into _n_a_m_e_d_._c_o_n_f, run
rrnnddcc--ccoonnffggeenn
rrnnddcc(8), rrnnddcc..ccoonnff(5), nnaammeedd(8), BIND 9 Administrator Reference Manual.
Internet Systems Consortium