NAMED-CHECKCONF(1) BIND 9 NAMED-CHECKCONF(1)
NAME
named-checkconf - named configuration file syntax checking tool
SYNOPSIS
named-checkconf [-achjklvz] [-p [-x ]] [-t directory] {filename}
DESCRIPTION
named-checkconf checks the syntax, but not the semantics, of a named
configuration file. The file, along with all files included by it, is
parsed and checked for syntax errors. If no file is specified,
/etc/bind/named.conf is read by default.
Note: files that named reads in separate parser contexts, such as
rndc.conf or rndc.key, are not automatically read by named-checkconf.
Configuration errors in these files may cause named to fail to run, even
if named-checkconf was successful. However, named-checkconf can be run
on these files explicitly.
OPTIONS
-a Don't check the dnssec-policy's DNSSEC key algorithms against
those supported by the crypto provider. This is useful when
checking a named.conf intended to be run on another machine with
possibly a different set of supported DNSSEC key algorithms.
-h This option prints the usage summary and exits.
-j When loading a zonefile, this option instructs named to read the
journal if it exists.
-k Check the dnssec-policy's DNSSEC keys against the key files in
the key-directory. This is useful when checking a named.conf to
ensure a DNSSEC policy matches the existing keys.
-l This option lists all the configured zones. Each line of output
contains the zone name, class (e.g. IN), view, and type (e.g.
primary or secondary).
-c This option specifies that only the "core" configuration should
be checked. This suppresses the loading of plugin modules, and
causes all parameters to plugin statements to be ignored.
-i This option ignores warnings on deprecated options.
-p This option prints out the named.conf and included files in
canonical form if no errors were detected. See also the -x op-
tion.
-t directory
This option instructs named to chroot to directory, so that in-
clude directives in the configuration file are processed as if
run by a similarly chrooted named.
-v This option prints the version of the named-checkconf program and
exits.
-x When printing the configuration files in canonical form, this op-
tion obscures shared secrets by replacing them with strings of
question marks (?). This allows the contents of named.conf and
related files to be shared - for example, when submitting bug re-
ports - without compromising private data. This option cannot be
used without -p.
-z This option performs a test load of all zones of type primary
found in named.conf.
filename
This indicates the name of the configuration file to be checked.
If not specified, it defaults to /etc/bind/named.conf.
RETURN VALUES
named-checkconf returns an exit status of 1 if errors were detected and
0 otherwise.
SEE ALSO
named(8), named-checkzone(8), BIND 9 Administrator Reference Manual.
AUTHOR
Internet Systems Consortium
COPYRIGHT
2025, Internet Systems Consortium
9.20.15-1~deb13u1-Debian 2025-10-18 NAMED-CHECKCONF(1)
Generated by dwww version 1.16 on Tue Dec 16 05:56:33 CET 2025.