New upstream version 1.4.0

author: Ondřej Surý <ondrej@sury.org> 2014-01-06 10:48:17 +0100
committer: Ondřej Surý <ondrej@sury.org> 2014-01-06 10:48:17 +0100
commit: 5fd83cabfd04cfcf82905029a278c341d2aadb2b (patch)
tree: 7635e6fe801d8a7288bcb7f631fd82bb6e838a03 /man
parent: 3a0c81652b9ca314b2c116993006c32ec669ec0f (diff)
download: knot-5fd83cabfd04cfcf82905029a278c341d2aadb2b.tar.gz
14 files changed, 389 insertions, 206 deletions
diff --git a/man/Makefile.am b/man/Makefile.am
index a6f4010..8b9d5cb 100644
--- a/man/Makefile.am
+++ b/man/Makefile.am
@@ -1,2 +1,2 @@
-MANPAGES = knot.conf.5 knotc.8 knotd.8 kdig.1 khost.1 knsupdate.1
+MANPAGES = knot.conf.5 knotc.8 knotd.8 kdig.1 khost.1 knsupdate.1 knsec3hash.1
 dist_man_MANS = $(MANPAGES)
diff --git a/man/Makefile.in b/man/Makefile.in
index 2c669cd..061eb01 100644
--- a/man/Makefile.in
+++ b/man/Makefile.in
@@ -54,7 +54,8 @@ subdir = man
 DIST_COMMON = $(dist_man_MANS) $(srcdir)/Makefile.am \
 	$(srcdir)/Makefile.in $(srcdir)/kdig.1.in $(srcdir)/khost.1.in \
 	$(srcdir)/knot.conf.5.in $(srcdir)/knotc.8.in \
-	$(srcdir)/knotd.8.in $(srcdir)/knsupdate.1.in
+	$(srcdir)/knotd.8.in $(srcdir)/knsec3hash.1.in \
+	$(srcdir)/knsupdate.1.in
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
 am__aclocal_m4_deps = $(top_srcdir)/m4/ax_check_compile_flag.m4 \
 	$(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \
@@ -66,7 +67,7 @@ am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/src/config.h
 CONFIG_CLEAN_FILES = khost.1 knotc.8 knotd.8 kdig.1 knsupdate.1 \
-	knot.conf.5
+	knot.conf.5 knsec3hash.1
 CONFIG_CLEAN_VPATH_FILES =
 AM_V_GEN = $(am__v_GEN_@AM_V@)
 am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
@@ -250,7 +251,7 @@ target_alias = @target_alias@
 top_build_prefix = @top_build_prefix@
 top_builddir = @top_builddir@
 top_srcdir = @top_srcdir@
-MANPAGES = knot.conf.5 knotc.8 knotd.8 kdig.1 khost.1 knsupdate.1
+MANPAGES = knot.conf.5 knotc.8 knotd.8 kdig.1 khost.1 knsupdate.1 knsec3hash.1
 dist_man_MANS = $(MANPAGES)
 all: all-am
 
@@ -297,6 +298,8 @@ knsupdate.1: $(top_builddir)/config.status $(srcdir)/knsupdate.1.in
 	cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
 knot.conf.5: $(top_builddir)/config.status $(srcdir)/knot.conf.5.in
 	cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
+knsec3hash.1: $(top_builddir)/config.status $(srcdir)/knsec3hash.1.in
+	cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
 
 mostlyclean-libtool:
 	-rm -f *.lo
diff --git a/man/kdig.1 b/man/kdig.1
index 0ae86a1..5fdd414 100644
--- a/man/kdig.1
+++ b/man/kdig.1
@@ -1,4 +1,4 @@
-.TH "kdig" "1" "13 December 2013" "CZ.NIC Labs" "Knot DNS, version 1.3.4"
+.TH "kdig" "1" "6 January 2014" "CZ.NIC Labs" "Knot DNS, version 1.4.0"
 .SH NAME
 .TP 5
 .B kdig
@@ -24,8 +24,8 @@ Is a domain name that is to be looked up.
 .TP
 .I server
 Is a domain name or an IPv4 or IPv6 address of the nameserver to send a query to.
-The address can be specified using [address]:port notation. If no server is specified,
-the servers from \fB/etc/resolv.conf\fR are used.
+An additional port can be specified using address:port ([address]:port for IPv6 address)
+or address#port notation. If no server is specified, the servers from \fB/etc/resolv.conf\fR are used.
 .TP
 If no arguments are provided, \fBkdig\fR sends \fINS\fR query for the root zone.
 .SH OPTIONS
@@ -99,9 +99,6 @@ Set RD flag.
 .BR + [ no ] recurse
 .RB "Same as " + [ no ] rdflag
 .TP
-.BR + [ no ] rec
-.RB "Same as " + [ no ] rdflag
-.TP
 .BR + [ no ] raflag
 Set RA flag.
 .TP
@@ -126,7 +123,7 @@ Show query packet.
 .BR + [ no ] header
 Show packet header.
 .TP
-.BR + [ no ] edns
+.BR + [ no ] opt
 Show EDNS pseudosection.
 .TP
 .BR + [ no ] question
@@ -144,22 +141,12 @@ Show additional section.
 .BR + [ no ] stats
 Show trailing packet statistics.
 .TP
-.BR + [ no ] cl
+.BR + [ no ] class
 Show DNS class.
 .TP
 .BR + [ no ] ttl
 Show TTL value.
 .TP
-.BI +time= T
-Set wait for reply interval in seconds (default is 5 seconds).
-This timeout applies to each query try.
-.TP
-.BI +retry= N
-Set number (>=0) of UDP retries (default is 2). This doesn't apply to AXFR/IXFR.
-.TP
-.BI +bufsize= B
-Set EDNS buffer size in bytes (default is 512 bytes).
-.TP
 .BR + [ no ] tcp
 Use TCP protocol (default is UDP for standard query and TCP for AXFR/IXFR).
 .TP
@@ -171,32 +158,43 @@ Don't use TCP automatically if truncated reply is received.
 .TP
 .BR + [ no ] nsid
 Request nameserver identifier (NSID).
+.TP
+.BR + [ no ] edns= N
+Use EDNS version (default is 0).
+.TP
+.BR +noidn
+Disable IDN transformation to ASCII and vice versa.
+IDNA2003 support depends on libidn availability during project building!
+.TP
+.BI +time= T
+Set wait for reply interval in seconds (default is 5 seconds).
+This timeout applies to each query try.
+.TP
+.BI +retry= N
+Set number (>=0) of UDP retries (default is 2). This doesn't apply to AXFR/IXFR.
+.TP
+.BI +bufsize= B
+Set EDNS buffer size in bytes (default is 512 bytes).
 .SH NOTE
 Options \fB\-k\fR and \fB\-y\fR cannot be used mutually.
 .SS Missing features with regard to ISC dig
 Options \fB\-f\fR and \fB\-m\fR and query options:
-.br
+.BR
 .BR +split=\fIW\fR ,\  +tries=\fIT\fR ,\  +ndots=\fID\fR ,
-.br
+.BR
 .BR +domain=\fIsomename\fR , +trusted\-key=\fI####\fR ,
-.br
+.BR
 .BR + [ no ] vc ,\  + [ no ] search ,\  + [ no ] showsearch ,
-.br
+.BR
 .BR + [ no ] defname ,\  + [ no ] aaonly ,\  + [ no ] cmd ,
-.br
+.BR
 .BR + [ no ] identify ,\  + [ no ] comments ,\  + [ no ] rrcomments ,
-.br
+.BR
 .BR + [ no ] onesoa ,\  + [ no ] besteffort ,\  + [ no ] sigchase ,
-.br
+.BR
 .BR + [ no ] topdown ,\  + [ no ] nssearch ,\  + [ no ] trace.
 .TP
 Per-user file configuration via ${HOME}/.digrc.
-.SS Differences with regard to ISC dig
-Optional port specification has a form of [address]:port instead of address#port.
-.TP
-.BR + [ no ] ttl " instead of " + [ no ] ttlid
-.TP
-Trailing information is formatted slightly different.
 .SH EXAMPLES
 .B Example 1. Get A record for example.com:
 .TP
@@ -206,7 +204,7 @@ Trailing information is formatted slightly different.
 .TP
 # kdig example.com \-t AXFR @192.0.2.1
 .TP
-.B Example 3. Send one A query for example.com from 192.0.2.1 and one reverse \
+.B Example 3. Get A record for example.com from 192.0.2.1 and reverse \
 lookup for address 2001:DB8::1 from 192.0.2.2. Both using TCP protocol:
 .TP
 # kdig +tcp example.com \-t A @192.0.2.1 \-x 2001:DB8::1 @192.0.2.2
diff --git a/man/kdig.1.in b/man/kdig.1.in
index 4679abf..69a19e8 100644
--- a/man/kdig.1.in
+++ b/man/kdig.1.in
@@ -24,8 +24,8 @@ Is a domain name that is to be looked up.
 .TP
 .I server
 Is a domain name or an IPv4 or IPv6 address of the nameserver to send a query to.
-The address can be specified using [address]:port notation. If no server is specified,
-the servers from \fB/etc/resolv.conf\fR are used.
+An additional port can be specified using address:port ([address]:port for IPv6 address)
+or address#port notation. If no server is specified, the servers from \fB/etc/resolv.conf\fR are used.
 .TP
 If no arguments are provided, \fBkdig\fR sends \fINS\fR query for the root zone.
 .SH OPTIONS
@@ -99,9 +99,6 @@ Set RD flag.
 .BR + [ no ] recurse
 .RB "Same as " + [ no ] rdflag
 .TP
-.BR + [ no ] rec
-.RB "Same as " + [ no ] rdflag
-.TP
 .BR + [ no ] raflag
 Set RA flag.
 .TP
@@ -126,7 +123,7 @@ Show query packet.
 .BR + [ no ] header
 Show packet header.
 .TP
-.BR + [ no ] edns
+.BR + [ no ] opt
 Show EDNS pseudosection.
 .TP
 .BR + [ no ] question
@@ -144,22 +141,12 @@ Show additional section.
 .BR + [ no ] stats
 Show trailing packet statistics.
 .TP
-.BR + [ no ] cl
+.BR + [ no ] class
 Show DNS class.
 .TP
 .BR + [ no ] ttl
 Show TTL value.
 .TP
-.BI +time= T
-Set wait for reply interval in seconds (default is 5 seconds).
-This timeout applies to each query try.
-.TP
-.BI +retry= N
-Set number (>=0) of UDP retries (default is 2). This doesn't apply to AXFR/IXFR.
-.TP
-.BI +bufsize= B
-Set EDNS buffer size in bytes (default is 512 bytes).
-.TP
 .BR + [ no ] tcp
 Use TCP protocol (default is UDP for standard query and TCP for AXFR/IXFR).
 .TP
@@ -171,32 +158,43 @@ Don't use TCP automatically if truncated reply is received.
 .TP
 .BR + [ no ] nsid
 Request nameserver identifier (NSID).
+.TP
+.BR + [ no ] edns= N
+Use EDNS version (default is 0).
+.TP
+.BR +noidn
+Disable IDN transformation to ASCII and vice versa.
+IDNA2003 support depends on libidn availability during project building!
+.TP
+.BI +time= T
+Set wait for reply interval in seconds (default is 5 seconds).
+This timeout applies to each query try.
+.TP
+.BI +retry= N
+Set number (>=0) of UDP retries (default is 2). This doesn't apply to AXFR/IXFR.
+.TP
+.BI +bufsize= B
+Set EDNS buffer size in bytes (default is 512 bytes).
 .SH NOTE
 Options \fB\-k\fR and \fB\-y\fR cannot be used mutually.
 .SS Missing features with regard to ISC dig
 Options \fB\-f\fR and \fB\-m\fR and query options:
-.br
+.BR
 .BR +split=\fIW\fR ,\  +tries=\fIT\fR ,\  +ndots=\fID\fR ,
-.br
+.BR
 .BR +domain=\fIsomename\fR , +trusted\-key=\fI####\fR ,
-.br
+.BR
 .BR + [ no ] vc ,\  + [ no ] search ,\  + [ no ] showsearch ,
-.br
+.BR
 .BR + [ no ] defname ,\  + [ no ] aaonly ,\  + [ no ] cmd ,
-.br
+.BR
 .BR + [ no ] identify ,\  + [ no ] comments ,\  + [ no ] rrcomments ,
-.br
+.BR
 .BR + [ no ] onesoa ,\  + [ no ] besteffort ,\  + [ no ] sigchase ,
-.br
+.BR
 .BR + [ no ] topdown ,\  + [ no ] nssearch ,\  + [ no ] trace.
 .TP
 Per-user file configuration via ${HOME}/.digrc.
-.SS Differences with regard to ISC dig
-Optional port specification has a form of [address]:port instead of address#port.
-.TP
-.BR + [ no ] ttl " instead of " + [ no ] ttlid
-.TP
-Trailing information is formatted slightly different.
 .SH EXAMPLES
 .B Example 1. Get A record for example.com:
 .TP
@@ -206,7 +204,7 @@ Trailing information is formatted slightly different.
 .TP
 # kdig example.com \-t AXFR @192.0.2.1
 .TP
-.B Example 3. Send one A query for example.com from 192.0.2.1 and one reverse \
+.B Example 3. Get A record for example.com from 192.0.2.1 and reverse \
 lookup for address 2001:DB8::1 from 192.0.2.2. Both using TCP protocol:
 .TP
 # kdig +tcp example.com \-t A @192.0.2.1 \-x 2001:DB8::1 @192.0.2.2
diff --git a/man/khost.1 b/man/khost.1
index 95e9ff5..6701ab0 100644
--- a/man/khost.1
+++ b/man/khost.1
@@ -1,4 +1,4 @@
-.TH "khost" "1" "13 December 2013" "CZ.NIC Labs" "Knot DNS, version 1.3.4"
+.TH "khost" "1" "6 January 2014" "CZ.NIC Labs" "Knot DNS, version 1.4.0"
 .SH NAME
 .TP 6
 .B khost
diff --git a/man/knot.conf.5 b/man/knot.conf.5
index 4f06059..736ada4 100644
--- a/man/knot.conf.5
+++ b/man/knot.conf.5
@@ -1,4 +1,4 @@
-.TH "knot.conf" "5" "13 December 2013" "CZ.NIC Labs" "Knot DNS, version 1.3.4"
+.TH "knot.conf" "5" "6 January 2014" "CZ.NIC Labs" "Knot DNS, version 1.4.0"
 .SH "NAME"
 .LP
 .B knot.conf
@@ -38,10 +38,6 @@ serves as an example of the configuration for knotc(8) and knotd(8).
   # Or on|off. When 'on', FQDN hostname will be used as default.
   nsid off;
 
-  # This is a default directory to place slave zone files, journals etc.
-  # default: ${localstatedir}/lib/knot, configured with --with-storage
-  storage "/var/lib/knot";
-
   # Directory for storing run-time data
   # e.g. PID file and control sockets
   # default: ${localstatedir}/run/knot, configured with --with-rundir
@@ -102,7 +98,8 @@ serves as an example of the configuration for knotc(8) and knotd(8).
   rate-limit-slip 1;
 
   # Maximum EDNS0 UDP payload size
-  # max-udp-payload 4096;
+  # Default value: 4096
+  max-udp-payload 4096;
  }
 
  # Includes can be placed anywhere at any level in the configuration file. The
@@ -216,7 +213,11 @@ serves as an example of the configuration for knotc(8) and knotd(8).
   # Shared options for all listed zones
   #
 
-  # Build differences from zone file changes. EXPERIMENTAL feature.
+  # This is a default directory to place slave zone files, journals etc.
+  # default: ${localstatedir}/lib/knot, configured with --with-storage
+  storage "/var/lib/knot";
+
+  # Build differences from zone file changes
   # Possible values: on|off
   # Default value: off
   ixfr-from-differences off;
@@ -255,10 +256,38 @@ serves as an example of the configuration for knotc(8) and knotd(8).
   # f.e. 1k, 100M, 2G
   ixfr-fslimit 1G;
 
+  # Enable DNSSEC online signing (technical preview)
+  # Possible values: on | off;
+  # Default value: off
+  dnssec-enable off;
+
+  # Location of DNSSEC signing keys (relative to storage directory).
+  # Default value: not set
+  dnssec-keydir "keys";
+
+  # Validity period for DNSSEC signatures
+  # Possible values: <10801..INT_MAX> (seconds)
+  # Default value: 30d (30 days or 2592000 seconds)
+  # It is also possible to suffix with unit size [s/m/h/d]
+  # f.e. 1s = 1 day, 1m = 1 minute, 1h = 1 hour, 1d = 1 day
+  # The lower limit is because the server will trigger resign when any of the
+  # signatures expires in 7200 seconds or less and it was chosen as a 
+  # reasonable value with regard to signing overhead.
+  signature-lifetime 30d;
+  
+  # Serial policy after DDNS and automatic DNSSEC signing.
+  # Possible values: increment | unixtime
+  # Default value: increment
+  serial-policy increment;
+
   # Zone entry
   #
   # Format: <zone-name> { file "<path-to-zone-file>"; }
   example.com {  # <zone-name> is the DNS name of the zone (zone root)
+    # Zone specific storage directory (relative to storage in zones section).
+    # default: inherited from zones section
+    storage "example.com";
+
     # <path-to-zone-file> may be either absolute or relative, in which case
     #   it is considered relative to the current directory from which the server
     #   was started.
@@ -296,6 +325,37 @@ serves as an example of the configuration for knotc(8) and knotd(8).
     # f.e. 1s = 1 second, 1m = 1 minute, 1h = 1 hour, 1d = 1 day
     zonefile-sync 1h;
 
+    # File size limit for IXFR journal
+    # Possible values: <1..INT_MAX>
+    # Default value: N/A (infinite)
+    # It is also possible to suffix with unit size [k/M/G]
+    # f.e. 1k, 100M, 2G
+    ixfr-fslimit 1G;
+
+    # Location of DNSSEC signing keys (relative to storage directory in zone).
+    # Default value: inherited from zones section
+    dnssec-keydir "keys";
+
+    # Enable DNSSEC online signing (technical preview)
+    # Possible values: on | off;
+    # Default value: inherited from zones section
+    dnssec-enable off;
+
+    # Validity period for DNSSEC signatures
+    # Possible values: <10801..INT_MAX> (seconds)
+    # Default value: 30d (30 days or 2592000 seconds)
+    # It is also possible to suffix with unit size [s/m/h/d]
+    # f.e. 1s = 1 day, 1m = 1 minute, 1h = 1 hour, 1d = 1 day
+    # The lower limit is because the server will trigger resign when any of the
+    # signatures expires in 7200 seconds or less and it was chosen as a
+    # reasonable value with regard to signing overhead.
+    signature-lifetime 30d;
+
+    # Serial policy after DDNS and automatic DNSSEC signing.
+    # Possible values: increment | unixtime
+    # Default value: increment
+    serial-policy increment;
+
     # XFR master server
     xfr-in server0;
 
diff --git a/man/knot.conf.5.in b/man/knot.conf.5.in
index 8988746..69f7ec4 100644
--- a/man/knot.conf.5.in
+++ b/man/knot.conf.5.in
@@ -38,10 +38,6 @@ serves as an example of the configuration for knotc(8) and knotd(8).
   # Or on|off. When 'on', FQDN hostname will be used as default.
   nsid off;
 
-  # This is a default directory to place slave zone files, journals etc.
-  # default: ${localstatedir}/lib/knot, configured with --with-storage
-  storage "/var/lib/knot";
-
   # Directory for storing run-time data
   # e.g. PID file and control sockets
   # default: ${localstatedir}/run/knot, configured with --with-rundir
@@ -102,7 +98,8 @@ serves as an example of the configuration for knotc(8) and knotd(8).
   rate-limit-slip 1;
 
   # Maximum EDNS0 UDP payload size
-  # max-udp-payload 4096;
+  # Default value: 4096
+  max-udp-payload 4096;
  }
 
  # Includes can be placed anywhere at any level in the configuration file. The
@@ -216,7 +213,11 @@ serves as an example of the configuration for knotc(8) and knotd(8).
   # Shared options for all listed zones
   #
 
-  # Build differences from zone file changes. EXPERIMENTAL feature.
+  # This is a default directory to place slave zone files, journals etc.
+  # default: ${localstatedir}/lib/knot, configured with --with-storage
+  storage "/var/lib/knot";
+
+  # Build differences from zone file changes
   # Possible values: on|off
   # Default value: off
   ixfr-from-differences off;
@@ -255,10 +256,38 @@ serves as an example of the configuration for knotc(8) and knotd(8).
   # f.e. 1k, 100M, 2G
   ixfr-fslimit 1G;
 
+  # Enable DNSSEC online signing (technical preview)
+  # Possible values: on | off;
+  # Default value: off
+  dnssec-enable off;
+
+  # Location of DNSSEC signing keys (relative to storage directory).
+  # Default value: not set
+  dnssec-keydir "keys";
+
+  # Validity period for DNSSEC signatures
+  # Possible values: <10801..INT_MAX> (seconds)
+  # Default value: 30d (30 days or 2592000 seconds)
+  # It is also possible to suffix with unit size [s/m/h/d]
+  # f.e. 1s = 1 day, 1m = 1 minute, 1h = 1 hour, 1d = 1 day
+  # The lower limit is because the server will trigger resign when any of the
+  # signatures expires in 7200 seconds or less and it was chosen as a 
+  # reasonable value with regard to signing overhead.
+  signature-lifetime 30d;
+  
+  # Serial policy after DDNS and automatic DNSSEC signing.
+  # Possible values: increment | unixtime
+  # Default value: increment
+  serial-policy increment;
+
   # Zone entry
   #
   # Format: <zone-name> { file "<path-to-zone-file>"; }
   example.com {  # <zone-name> is the DNS name of the zone (zone root)
+    # Zone specific storage directory (relative to storage in zones section).
+    # default: inherited from zones section
+    storage "example.com";
+
     # <path-to-zone-file> may be either absolute or relative, in which case
     #   it is considered relative to the current directory from which the server
     #   was started.
@@ -296,6 +325,37 @@ serves as an example of the configuration for knotc(8) and knotd(8).
     # f.e. 1s = 1 second, 1m = 1 minute, 1h = 1 hour, 1d = 1 day
     zonefile-sync 1h;
 
+    # File size limit for IXFR journal
+    # Possible values: <1..INT_MAX>
+    # Default value: N/A (infinite)
+    # It is also possible to suffix with unit size [k/M/G]
+    # f.e. 1k, 100M, 2G
+    ixfr-fslimit 1G;
+
+    # Location of DNSSEC signing keys (relative to storage directory in zone).
+    # Default value: inherited from zones section
+    dnssec-keydir "keys";
+
+    # Enable DNSSEC online signing (technical preview)
+    # Possible values: on | off;
+    # Default value: inherited from zones section
+    dnssec-enable off;
+
+    # Validity period for DNSSEC signatures
+    # Possible values: <10801..INT_MAX> (seconds)
+    # Default value: 30d (30 days or 2592000 seconds)
+    # It is also possible to suffix with unit size [s/m/h/d]
+    # f.e. 1s = 1 day, 1m = 1 minute, 1h = 1 hour, 1d = 1 day
+    # The lower limit is because the server will trigger resign when any of the
+    # signatures expires in 7200 seconds or less and it was chosen as a
+    # reasonable value with regard to signing overhead.
+    signature-lifetime 30d;
+
+    # Serial policy after DDNS and automatic DNSSEC signing.
+    # Possible values: increment | unixtime
+    # Default value: increment
+    serial-policy increment;
+
     # XFR master server
     xfr-in server0;
 
diff --git a/man/knotc.8 b/man/knotc.8
index a4dae1d..1b89de8 100644
--- a/man/knotc.8
+++ b/man/knotc.8
@@ -1,24 +1,27 @@
-.TH knotc "8" "13 December 2013" "CZ.NIC Labs" "Knot DNS, version 1.3.4"
+.TH knotc "8" "6 January 2014" "CZ.NIC Labs" "Knot DNS, version 1.4.0"
 .SH NAME
 .B knotc
 \- Knot DNS control utility
 .SH SYNOPSIS
 .B knotc
-[\fIparameters\fR] \fI<action>\fR [\fIaction_args\fR]
+[\fIparameters\fR] \fIaction\fR [\fIaction_args\fR]
 .SH DESCRIPTION
 .SS "Parameters:"
-.HP
-\fB\-c\fR [file], \fB\-\-config\fR=\fI[file]\fR Select configuration file.
 .TP
-\fB\-s\fR [server]\fR Remote UNIX socket/IP address (default /run/knot/knot.sock)
+\fB\-c\fR, \fB\-\-config\fR \fIfile\fR
+Select configuration file.
 .TP
-\fB\-p\fR [port]\fR Remote server port (only for IP).
+\fB\-s\fR \fIserver\fR
+Remote UNIX socket/IP address (default /run/knot/knot.sock).
 .TP
-\fB\-y\fR [hmac:]name:key]\fR Use key_id for specified on the command line.
+\fB\-p\fR \fIport\fR
+Remote server port (only for IP).
 .TP
-\fB\-k\fR [file]\fR Use key file (as in config section 'keys').
-f.e. echo "knotc\-key hmac\-md5 Wg==" > knotc.key
-If you omit algorithm, hmac\-md5 will be used as default.
+\fB\-y\fR [\fIhmac\fR:]\fIname\fR:\fIkey\fR
+Use key specified on the command line (default algorithm is hmac\-md5).
+.TP
+\fB\-k\fR \fIfile\fR
+Use key file (as in config section 'keys').
 .TP
 \fB\-f\fR, \fB\-\-force\fR
 Force operation \- override some checks.
@@ -27,7 +30,7 @@ Force operation \- override some checks.
 Verbose mode \- additional runtime information.
 .TP
 \fB\-V\fR, \fB\-\-version\fR
-Print knot server version.
+Print version of the server.
 .TP
 \fB\-i\fR, \fB\-\-interactive\fR
 Interactive mode (do not daemonize).
@@ -36,57 +39,53 @@ Interactive mode (do not daemonize).
 Print help and usage.
 .SS "Actions:"
 .TP
-stop
-Stop knot server daemon (no\-op if not running).
+\fBstop\fR
+Stop server (no\-op if not running).
 .TP
-reload
-Reload knot configuration and zones.
+\fBreload\fR
+Reload configuration and changed zones.
 .TP
-flush
+\fBflush\fR
 Flush journal and update zone files.
 .TP
-status
+\fBstatus\fR
 Check if server is running.
 .TP
-zonestatus
+\fBzonestatus\fR
 Show status of configured zones.
 .TP
-refresh
+\fBrefresh\fR [\fIzone\fR]...
 Refresh slave zones (all if not specified).
 .TP
-checkconf
-Check server configuration.
+\fBcheckconf\fR
+Check current server configuration.
 .TP
-checkzone
-Check zones before compiling (accepts specific zones, f.e. 'knotc checkzone example1.com example2.com').
+\fBcheckzone\fR [\fIzone\fR]...
+Check zone (all if not specified).
 .TP
-memstats
-Estimate memory consumption for zone files. Useful mainly for big zones.
-.SS "EXAMPLES"
+\fBmemstats\fR [\fIzone\fR]...
+Estimate memory consumption for zone (all if not specified).
+.SH EXAMPLES
 .TP
 .B Setup a keyfile for remote control
 .TP
-1. Generate keys
-dnssec\-keygen \-a hmac\-md5 \-b 256 \-n HOST knotc\-key
+1. Generate key:
+.TP
+# dnssec\-keygen \-a hmac\-md5 \-b 256 \-n HOST knotc\-key
+.TP
+2. Extract secret in base64 format and create keyfile:
 .TP
-2. Extract secret in base64 format and create keyfile
-echo "knotc\-key hmac\-md5 <secret>" > knotc.key
-
-Make sure the key can be read/written only by owner for
-security reasons.
+# echo "knotc\-key hmac\-md5 <secret>" > knotc.key
+.TP
+Make sure the key can be read/written only by the owner for security reasons.
 .TP
-
 .B Reload server remotely
-knotc \-s 127.0.0.1 \-k knotc.key reload
+.TP
+# knotc \-s 127.0.0.1 \-k knotc.key reload
 .SH "SEE ALSO"
-The full documentation for
-.B Knot
-is maintained as a Texinfo manual.  If the
-.B info
-and
-.B Knot
-programs are properly installed at your site, the command
-.IP
-.B info Knot
-.PP
-should give you access to the complete manual.
+.BR knotd (8)
+.SH NOTE
+The full documentation for \fBKnot DNS\fR is maintained
+as a Texinfo manual. If the \fBinfo\fR program is properly
+installed at your site, the \fBinfo\ Knot\fR command should
+give you an access to the complete manual.
diff --git a/man/knotc.8.in b/man/knotc.8.in
index 9717358..6b76c36 100644
--- a/man/knotc.8.in
+++ b/man/knotc.8.in
@@ -4,21 +4,24 @@
 \- Knot DNS control utility
 .SH SYNOPSIS
 .B knotc
-[\fIparameters\fR] \fI<action>\fR [\fIaction_args\fR]
+[\fIparameters\fR] \fIaction\fR [\fIaction_args\fR]
 .SH DESCRIPTION
 .SS "Parameters:"
-.HP
-\fB\-c\fR [file], \fB\-\-config\fR=\fI[file]\fR Select configuration file.
 .TP
-\fB\-s\fR [server]\fR Remote UNIX socket/IP address (default @run_dir@/knot.sock)
+\fB\-c\fR, \fB\-\-config\fR \fIfile\fR
+Select configuration file.
 .TP
-\fB\-p\fR [port]\fR Remote server port (only for IP).
+\fB\-s\fR \fIserver\fR
+Remote UNIX socket/IP address (default @run_dir@/knot.sock).
 .TP
-\fB\-y\fR [hmac:]name:key]\fR Use key_id for specified on the command line.
+\fB\-p\fR \fIport\fR
+Remote server port (only for IP).
 .TP
-\fB\-k\fR [file]\fR Use key file (as in config section 'keys').
-f.e. echo "knotc\-key hmac\-md5 Wg==" > knotc.key
-If you omit algorithm, hmac\-md5 will be used as default.
+\fB\-y\fR [\fIhmac\fR:]\fIname\fR:\fIkey\fR
+Use key specified on the command line (default algorithm is hmac\-md5).
+.TP
+\fB\-k\fR \fIfile\fR
+Use key file (as in config section 'keys').
 .TP
 \fB\-f\fR, \fB\-\-force\fR
 Force operation \- override some checks.
@@ -27,7 +30,7 @@ Force operation \- override some checks.
 Verbose mode \- additional runtime information.
 .TP
 \fB\-V\fR, \fB\-\-version\fR
-Print knot server version.
+Print version of the server.
 .TP
 \fB\-i\fR, \fB\-\-interactive\fR
 Interactive mode (do not daemonize).
@@ -36,57 +39,53 @@ Interactive mode (do not daemonize).
 Print help and usage.
 .SS "Actions:"
 .TP
-stop
-Stop knot server daemon (no\-op if not running).
+\fBstop\fR
+Stop server (no\-op if not running).
 .TP
-reload
-Reload knot configuration and zones.
+\fBreload\fR
+Reload configuration and changed zones.
 .TP
-flush
+\fBflush\fR
 Flush journal and update zone files.
 .TP
-status
+\fBstatus\fR
 Check if server is running.
 .TP
-zonestatus
+\fBzonestatus\fR
 Show status of configured zones.
 .TP
-refresh
+\fBrefresh\fR [\fIzone\fR]...
 Refresh slave zones (all if not specified).
 .TP
-checkconf
-Check server configuration.
+\fBcheckconf\fR
+Check current server configuration.
 .TP
-checkzone
-Check zones before compiling (accepts specific zones, f.e. 'knotc checkzone example1.com example2.com').
+\fBcheckzone\fR [\fIzone\fR]...
+Check zone (all if not specified).
 .TP
-memstats
-Estimate memory consumption for zone files. Useful mainly for big zones.
-.SS "EXAMPLES"
+\fBmemstats\fR [\fIzone\fR]...
+Estimate memory consumption for zone (all if not specified).
+.SH EXAMPLES
 .TP
 .B Setup a keyfile for remote control
 .TP
-1. Generate keys
-dnssec\-keygen \-a hmac\-md5 \-b 256 \-n HOST knotc\-key
+1. Generate key:
+.TP
+# dnssec\-keygen \-a hmac\-md5 \-b 256 \-n HOST knotc\-key
+.TP
+2. Extract secret in base64 format and create keyfile:
 .TP
-2. Extract secret in base64 format and create keyfile
-echo "knotc\-key hmac\-md5 <secret>" > knotc.key
-
-Make sure the key can be read/written only by owner for
-security reasons.
+# echo "knotc\-key hmac\-md5 <secret>" > knotc.key
+.TP
+Make sure the key can be read/written only by the owner for security reasons.
 .TP
-
 .B Reload server remotely
-knotc \-s 127.0.0.1 \-k knotc.key reload
+.TP
+# knotc \-s 127.0.0.1 \-k knotc.key reload
 .SH "SEE ALSO"
-The full documentation for
-.B Knot
-is maintained as a Texinfo manual.  If the
-.B info
-and
-.B Knot
-programs are properly installed at your site, the command
-.IP
-.B info Knot
-.PP
-should give you access to the complete manual.
+.BR knotd (8)
+.SH NOTE
+The full documentation for \fBKnot DNS\fR is maintained
+as a Texinfo manual. If the \fBinfo\fR program is properly
+installed at your site, the \fBinfo\ Knot\fR command should
+give you an access to the complete manual.
diff --git a/man/knotd.8 b/man/knotd.8
index 6d7fa65..2cf3749 100644
--- a/man/knotd.8
+++ b/man/knotd.8
@@ -1,17 +1,18 @@
-.TH "knotd" "8" "13 December 2013" "CZ.NIC Labs" "Knot DNS, version 1.3.4"
+.TH "knotd" "8" "6 January 2014" "CZ.NIC Labs" "Knot DNS, version 1.4.0"
 .SH NAME
 .B knotd
-\- Knot DNS daemon
+\- Knot DNS server daemon
 .SH SYNOPSIS
 .B knotd
 [\fIparameters\fR]
 .SH DESCRIPTION
 .SS "Parameters:"
-.HP
-\fB\-c\fR, \fB\-\-config\fR [file] Select configuration file.
 .TP
-\fB\-d\fR, \fB\-\-daemonize\fR
-Run server as a daemon.
+\fB\-c\fR, \fB\-\-config\fR \fIfile\fR
+Select configuration file.
+.TP
+\fB\-d\fR, \fB\-\-daemonize\fR=[\fIdir\fR]
+Run server as a daemon. Working directory may be set.
 .TP
 \fB\-v\fR, \fB\-\-verbose\fR
 Verbose mode \- additional runtime information.
@@ -22,14 +23,9 @@ Print version of the server.
 \fB\-h\fR, \fB\-\-help\fR
 Print help and usage.
 .SH "SEE ALSO"
-The full documentation for
-.B Knot
-is maintained as a Texinfo manual.  If the
-.B info
-and
-.B Knot
-programs are properly installed at your site, the command
-.IP
-.B info Knot
-.PP
-should give you access to the complete manual.
+.BR knotc (8)
+.SH NOTE
+The full documentation for \fBKnot DNS\fR is maintained
+as a Texinfo manual. If the \fBinfo\fR program is properly
+installed at your site, the \fBinfo\ Knot\fR command should
+give you an access to the complete manual.
diff --git a/man/knotd.8.in b/man/knotd.8.in
index d587315..b158c6e 100644
--- a/man/knotd.8.in
+++ b/man/knotd.8.in
@@ -1,17 +1,18 @@
 .TH "knotd" "8" "@RELEASE_DATE@" "CZ.NIC Labs" "Knot DNS, version @VERSION@"
 .SH NAME
 .B knotd
-\- Knot DNS daemon
+\- Knot DNS server daemon
 .SH SYNOPSIS
 .B knotd
 [\fIparameters\fR]
 .SH DESCRIPTION
 .SS "Parameters:"
-.HP
-\fB\-c\fR, \fB\-\-config\fR [file] Select configuration file.
 .TP
-\fB\-d\fR, \fB\-\-daemonize\fR
-Run server as a daemon.
+\fB\-c\fR, \fB\-\-config\fR \fIfile\fR
+Select configuration file.
+.TP
+\fB\-d\fR, \fB\-\-daemonize\fR=[\fIdir\fR]
+Run server as a daemon. Working directory may be set.
 .TP
 \fB\-v\fR, \fB\-\-verbose\fR
 Verbose mode \- additional runtime information.
@@ -22,14 +23,9 @@ Print version of the server.
 \fB\-h\fR, \fB\-\-help\fR
 Print help and usage.
 .SH "SEE ALSO"
-The full documentation for
-.B Knot
-is maintained as a Texinfo manual.  If the
-.B info
-and
-.B Knot
-programs are properly installed at your site, the command
-.IP
-.B info Knot
-.PP
-should give you access to the complete manual.
+.BR knotc (8)
+.SH NOTE
+The full documentation for \fBKnot DNS\fR is maintained
+as a Texinfo manual. If the \fBinfo\fR program is properly
+installed at your site, the \fBinfo\ Knot\fR command should
+give you an access to the complete manual.
diff --git a/man/knsec3hash.1 b/man/knsec3hash.1
new file mode 100644
index 0000000..dcbe1c6
--- /dev/null
+++ b/man/knsec3hash.1
@@ -0,0 +1,37 @@
+.TH "knsec3hash" "8" "June 2013" "CZ.NIC Labs" "Knot DNS, version 1.4.0"
+.SH NAME
+.B knsec3hash
+\- Simple utility to compute NSEC3 hash (libknot equivalent of ISC nsec3hash)
+.SH SYNOPSIS
+.B knsec3hash
+{\fIsalt\fR} {\fIalgorithm\fR} {\fIiterations\fR} {\fIdomain-name\fR}
+.SH DESCRIPTION
+This utility generates NSEC3 hash for a given domain name and parameters of
+NSEC3 hash.
+.SH ARGUMENTS
+.TP
+\fIsalt\fR
+Specifies binary salt encoded as a hexadecimal string.
+.TP
+\fIalgorithm\fR
+Specifies hashing algorithm number. Currently the only supported algorithm is
+SHA-1 (number 1).
+.TP
+\fIiterations\fR
+Specifies the number of additional iterations of the hashing algorithm.
+.TP
+\fIdomain-name\fR
+Specifies the domain name to be hashed.
+.SH SEE ALSO
+RFC 5155 - DNS Security (DNSSEC) Hashed Authenticated Denial of Existence.
+.SH EXAMPLE
+$ knsec3hash c01dcafe 1 10 knot-dns.cz
+.br
+7PTVGE7QV67EM61ROS9238P5RAKR2DM7 (salt=c01dcafe, hash=1, iterations=10)
+.SH AUTHOR
+Jan Vcelak (\fBhttp://knot-dns.cz\fR)
+.TP
+Please send any bugs or comments to \fBknot-dns@labs.nic.cz\fR
+.SH SEE ALSO
+.BI knotc\fR(8),
+.BI knotd\fR(8).
diff --git a/man/knsec3hash.1.in b/man/knsec3hash.1.in
new file mode 100644
index 0000000..e3d7a88
--- /dev/null
+++ b/man/knsec3hash.1.in
@@ -0,0 +1,37 @@
+.TH "knsec3hash" "8" "June 2013" "CZ.NIC Labs" "Knot DNS, version @VERSION@"
+.SH NAME
+.B knsec3hash
+\- Simple utility to compute NSEC3 hash (libknot equivalent of ISC nsec3hash)
+.SH SYNOPSIS
+.B knsec3hash
+{\fIsalt\fR} {\fIalgorithm\fR} {\fIiterations\fR} {\fIdomain-name\fR}
+.SH DESCRIPTION
+This utility generates NSEC3 hash for a given domain name and parameters of
+NSEC3 hash.
+.SH ARGUMENTS
+.TP
+\fIsalt\fR
+Specifies binary salt encoded as a hexadecimal string.
+.TP
+\fIalgorithm\fR
+Specifies hashing algorithm number. Currently the only supported algorithm is
+SHA-1 (number 1).
+.TP
+\fIiterations\fR
+Specifies the number of additional iterations of the hashing algorithm.
+.TP
+\fIdomain-name\fR
+Specifies the domain name to be hashed.
+.SH SEE ALSO
+RFC 5155 - DNS Security (DNSSEC) Hashed Authenticated Denial of Existence.
+.SH EXAMPLE
+$ knsec3hash c01dcafe 1 10 knot-dns.cz
+.br
+7PTVGE7QV67EM61ROS9238P5RAKR2DM7 (salt=c01dcafe, hash=1, iterations=10)
+.SH AUTHOR
+Jan Vcelak (\fBhttp://knot-dns.cz\fR)
+.TP
+Please send any bugs or comments to \fBknot-dns@labs.nic.cz\fR
+.SH SEE ALSO
+.BI knotc\fR(8),
+.BI knotd\fR(8).
diff --git a/man/knsupdate.1 b/man/knsupdate.1
index 75c8d03..7fba4d8 100644
--- a/man/knsupdate.1
+++ b/man/knsupdate.1
@@ -1,4 +1,4 @@
-.TH "knsupdate" "1" "13 December 2013" "CZ.NIC Labs" "Knot DNS, version 1.3.4"
+.TH "knsupdate" "1" "6 January 2014" "CZ.NIC Labs" "Knot DNS, version 1.4.0"
 .SH NAME
 .TP 10
 .B knsupdate
author	Ondřej Surý <ondrej@sury.org>	2014-01-06 10:48:17 +0100
committer	Ondřej Surý <ondrej@sury.org>	2014-01-06 10:48:17 +0100
commit	5fd83cabfd04cfcf82905029a278c341d2aadb2b (patch)
tree	7635e6fe801d8a7288bcb7f631fd82bb6e838a03 /man
parent	3a0c81652b9ca314b2c116993006c32ec669ec0f (diff)
download	knot-5fd83cabfd04cfcf82905029a278c341d2aadb2b.tar.gz