"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
[<!ENTITY mdash "—">]>
<!--
- - Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC")
+ - Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
-
- Permission to use, copy, modify, and/or distribute this software for any
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: named.docbook,v 1.23 2008/11/06 05:30:24 marka Exp $ -->
+<!-- $Id: named.docbook,v 1.26 2009/10/05 17:30:49 fdupont Exp $ -->
<refentry id="man.named">
<refentryinfo>
- <date>June 30, 2000</date>
+ <date>May 21, 2009</date>
</refentryinfo>
<refmeta>
<year>2006</year>
<year>2007</year>
<year>2008</year>
+ <year>2009</year>
<holder>Internet Systems Consortium, Inc. ("ISC")</holder>
</copyright>
<copyright>
<arg><option>-6</option></arg>
<arg><option>-c <replaceable class="parameter">config-file</replaceable></option></arg>
<arg><option>-d <replaceable class="parameter">debug-level</replaceable></option></arg>
+ <arg><option>-E <replaceable class="parameter">engine-name</replaceable></option></arg>
<arg><option>-f</option></arg>
<arg><option>-g</option></arg>
<arg><option>-m <replaceable class="parameter">flag</replaceable></option></arg>
</para>
</listitem>
</varlistentry>
+
<varlistentry>
<term>-c <replaceable class="parameter">config-file</replaceable></term>
<listitem>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>-E <replaceable class="parameter">engine-name</replaceable></term>
+ <listitem>
+ <para>
+ Use a crypto hardware (OpenSSL engine) for the crypto operations
+ it supports, for instance re-signing with private keys from
+ a secure key store. When compiled with PKCS#11 support
+ <replaceable class="parameter">engine-name</replaceable>
+ defaults to pkcs11, the empty name resets it to no engine.
+ </para>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term>-f</term>
<listitem>
in the
<citetitle>BIND 9 Administrator Reference Manual</citetitle>.
</para>
+
+ <para>
+ <command>named</command> inherits the <function>umask</function>
+ (file creation mode mask) from the parent process. If files
+ created by <command>named</command>, such as journal files,
+ need to have custom permissions, the <function>umask</function>
+ should be set explicitly in the script used to start the
+ <command>named</command> process.
+ </para>
+
</refsect1>
<refsect1>