1.. Copyright (C) Internet Systems Consortium, Inc. ("ISC") 2.. 3.. SPDX-License-Identifier: MPL-2.0 4.. 5.. This Source Code Form is subject to the terms of the Mozilla Public 6.. License, v. 2.0. If a copy of the MPL was not distributed with this 7.. file, you can obtain one at https://mozilla.org/MPL/2.0/. 8.. 9.. See the COPYRIGHT file distributed with this work for additional 10.. information regarding copyright ownership. 11 12.. highlight: console 13 14.. iscman:: named-checkconf 15.. program:: named-checkconf 16.. _man_named-checkconf: 17 18named-checkconf - named configuration file syntax checking tool 19--------------------------------------------------------------- 20 21Synopsis 22~~~~~~~~ 23 24:program:`named-checkconf` [**-achjlvz**] [**-p** [**-x** ]] [**-t** directory] {filename} 25 26Description 27~~~~~~~~~~~ 28 29:program:`named-checkconf` checks the syntax, but not the semantics, of a 30:iscman:`named` configuration file. The file, along with all files included by it, is parsed and checked for syntax 31errors. If no file is specified, 32|named_conf| is read by default. 33 34Note: files that :iscman:`named` reads in separate parser contexts, such as 35``rndc.conf`` or ``rndc.key``, are not automatically read by 36:program:`named-checkconf`. Configuration errors in these files may cause 37:iscman:`named` to fail to run, even if :program:`named-checkconf` was 38successful. However, :program:`named-checkconf` can be run on these files 39explicitly. 40 41Options 42~~~~~~~ 43 44.. option:: -a 45 46 Don't check the `dnssec-policy`'s DNSSEC key algorithms against 47 those supported by the crypto provider. This is useful when checking 48 a `named.conf` intended to be run on another machine with possibly a 49 different set of supported DNSSEC key algorithms. 50 51.. option:: -h 52 53 This option prints the usage summary and exits. 54 55.. option:: -j 56 57 When loading a zonefile, this option instructs :iscman:`named` to read the journal if it exists. 58 59.. option:: -l 60 61 This option lists all the configured zones. Each line of output contains the zone 62 name, class (e.g. IN), view, and type (e.g. primary or secondary). 63 64.. option:: -c 65 66 This option specifies that only the "core" configuration should be checked. This suppresses the loading of 67 plugin modules, and causes all parameters to ``plugin`` statements to 68 be ignored. 69 70.. option:: -i 71 72 This option ignores warnings on deprecated options. 73 74.. option:: -p 75 76 This option prints out the :iscman:`named.conf` and included files in canonical form if 77 no errors were detected. See also the :option:`-x` option. 78 79.. option:: -t directory 80 81 This option instructs :iscman:`named` to chroot to ``directory``, so that ``include`` directives in the 82 configuration file are processed as if run by a similarly chrooted 83 :iscman:`named`. 84 85.. option:: -v 86 87 This option prints the version of the :program:`named-checkconf` program and exits. 88 89.. option:: -x 90 91 When printing the configuration files in canonical form, this option obscures 92 shared secrets by replacing them with strings of question marks 93 (``?``). This allows the contents of :iscman:`named.conf` and related files 94 to be shared - for example, when submitting bug reports - 95 without compromising private data. This option cannot be used without 96 :option:`-p`. 97 98.. option:: -z 99 100 This option performs a test load of all zones of type ``primary`` found in :iscman:`named.conf`. 101 102.. option:: filename 103 104 This indicates the name of the configuration file to be checked. If not specified, 105 it defaults to |named_conf|. 106 107Return Values 108~~~~~~~~~~~~~ 109 110:program:`named-checkconf` returns an exit status of 1 if errors were detected 111and 0 otherwise. 112 113See Also 114~~~~~~~~ 115 116:iscman:`named(8) <named>`, :iscman:`named-checkzone(8) <named-checkzone>`, BIND 9 Administrator Reference Manual. 117