Various man page updates and consistency tweaks. (#84)

Author: ximon18

doc/manual/source/man/dnst-key2ds.rst

@@ -14,6 +14,13 @@ Description
 The following file will be created for each key: ``K<name>+<alg>+<id>.ds``. The
 base name ``K<name>+<alg>+<id>`` will be printed to stdout.
 
+Arguments
+---------
+
+.. option:: <KEYFILE>
+
+      ``<KEYFILE>`` must be a file containing one or more RFC 4034 ``DNSKEY``
+      resource records in presentation format.
 
 Options
 -------

doc/manual/source/man/dnst-keygen.rst

@@ -28,12 +28,20 @@ The following files will be created:
 
 Upon completion, ``K<name>+<alg>+<tag>`` will be printed.
 
+Arguments
+---------
+
+.. option:: <DOMAIN NAME>
+
+      The owner name of the apex of the zone which the generated key is
+      intended to sign.
+
 Options
 -------
 
 .. option:: -a <NUMBER OR MNEMONIC>
 
-      Use the given signing algorithm.
+      Use the given signing algorithm. Mandatory.
 
       Possible values are:
 

doc/manual/source/man/dnst-notify.rst

@@ -9,19 +9,32 @@ Synopsis
 Description
 -----------
 
-**dnst notify** sends a NOTIFY message to the specified name servers. A name
-server can be specified as a domain name or IP address.
+**dnst notify** sends a NOTIFY message to the specified name servers.
 
 This tells them that an updated zone is available at the primaries. It can
 perform TSIG signatures, and it can add a SOA serial number of the updated
 zone. If a server already has that serial number it will disregard the message.
 
+Arguments
+---------
+
+.. option:: <SERVERS>...
+
+      One or more name servers to which NOTIFY messages will be sent, by
+      default on port 53.
+
+      Each name server can be specified as a domain name or IP address.
+
 Options
 -------
 
 .. option:: -z <ZONE>
 
-      The zone to send the NOTIFY for.
+      The zone to send the NOTIFY for. Mandatory.
+
+.. option:: -I <ADDRESS>
+
+      Source IP to send the message from.
 
 .. option:: -I <ADDRESS>
 

doc/manual/source/man/dnst-nsec3-hash.rst

@@ -11,6 +11,13 @@ Description
 
 **dnst nsec3-hash** prints the NSEC3 hash of a given domain name.
 
+Arguments
+---------
+
+.. option:: <DOMAIN NAME>
+
+      The domain name to generate an NSEC3 hash for.
+
 Options
 -------
 

doc/manual/source/man/dnst-signzone.rst

@@ -4,13 +4,15 @@ dnst signzone
 Synopsis
 --------
 
-:program:`dnst signzone` ``[OPTIONS]`` ``<ZONEFILE>`` ``<KEY>...``
+:program:`dnst signzone` ``[OPTIONS]`` ``-o <ORIGIN>`` ``<ZONEFILE>`` ``<KEY>...``
 
 Description
 -----------
 
 **dnst signzone** signs the zonefile with the given key(s).
 
+Signing a zone adds DNS Security Extensions (DNSSEC)  resource records 
+
 Keys must be specified by their base name (usually ``K<name>+<alg>+<id>``),
 i.e. WITHOUT the ``.private`` or ``.key`` extension. Both ``.private`` and
 ``.key`` files are required.
@@ -51,7 +53,7 @@ Options
 
 .. option:: -o <DOMAIN>
 
-      Set the origin for the zone. Mandatory.
+      Use this owner name as the apex of the zone. Mandatory.
 
 .. option:: -u
 

doc/manual/source/man/dnst-update.rst

@@ -10,36 +10,43 @@ Synopsis
 Description
 -----------
 
-**dnst update** sends a dynamic update packet to update an IP (or delete all
-existing IPs) for a domain name.
+**dnst update** sends an RFC 2136 Dynamic Update message to the name servers
+for a zone to update an IP address (or delete all existing IP addresses) for a
+domain name.
+
+The message to be sent can be optionally authenticated using a given TSIG key.
 
 Arguments
 ---------
 
 .. option:: <DOMAIN NAME>
 
-      The domain name to update the IP address of
+      The domain name to update the IP address of.
 
 .. option:: <ZONE>
 
-      The zone to send the update to (if omitted, derived from SOA record)
+      The zone to send the update to (if omitted, derived from SOA record).
 
 .. option:: <IP>
 
-      The IP to update the domain with (``none`` to remove any existing IPs)
+      The IP address to update the domain with (``none`` to remove any
+      existing IP addresses)
 
 .. option:: <TSIG KEY NAME>
 
-      TSIG key name
+      TSIG key name.
 
 .. option:: <TSIG ALGORITHM>
 
-      TSIG algorithm (e.g. "hmac-sha256")
+      TSIG algorithm (e.g. "hmac-sha256").
 
 .. option:: <TSIG KEY DATA>
 
       Base64 encoded TSIG key data.
 
+Options:
+--------
+
 .. option:: -h, --help
 
       Print the help text (short summary with ``-h``, long help with

doc/manual/source/man/ldns-key2ds.rst

@@ -18,7 +18,6 @@ It prints out the basename for this file (``K<name>+<alg>+<id>``).
 By default, it takes a pick of algorithm similar to the key algorithm,
 SHA1 for RSASHA1, and so on.
 
-
 Options
 -------
 

doc/manual/source/man/ldns-keygen.rst

@@ -9,17 +9,13 @@ Synopsis
 Description
 -----------
 
-**ldns-keygen** is used to generate a private/public keypair. When run, it will
-create 3 files; a ``.key`` file with the public DNSKEY, a ``.private`` file
-with the private keydata and a ``.ds`` file with the DS record of the DNSKEY
-record.
+**ldns-keygen** is used to generate a private/public keypair.
 
-.. **ldns-keygen** can also be used to create symmetric keys (for TSIG) by
-.. selecting the appropriate algorithm: hmac-md5.sig-alg.reg.int, hmac-sha1,
-.. hmac-sha224, hmac-sha256, hmac-sha384 or hmac-sha512. In that case no DS record
-.. will be created and no .ds file.
+When run, it will create 3 files; a ``.key`` file with the public DNSKEY, a
+``.private`` file with the private keydata and a ``.ds`` file with the DS
+record of the DNSKEY record.
 
-ldns-keygen prints the basename for the key files: ``K<name>+<alg>+<id>``
+**ldns-keygen** prints the basename for the key files: ``K<name>+<alg>+<id>``
 
 Options
 -------
@@ -31,6 +27,9 @@ Options
       versions and other software), the list gives names from the RFC. Also the
       plain algorithm number is accepted.
 
+      Note: Unlike the original LDNS, this implementation does not support
+      creation of symmetric keys (for TSIG).
+
 .. option:: -b <BITS>
 
       Use this many bits for the key length.

doc/manual/source/man/ldns-notify.rst

@@ -57,4 +57,3 @@ Options
 .. option:: -v
 
       Print the version and exit.
-

doc/manual/source/man/ldns-signzone.rst

@@ -47,7 +47,7 @@ Arguments
       Note: Unlike the original LDNS:
         - Public keys corresponding to ``.private`` key MUST be supplied,
           either as DNSKEY RRs in the given zone or as ``.key`` files. This
-          Implementation is not able to generate missing public keys.
+          implementation is not able to generate missing public keys.
         - Supported DNSKEY algorithms are the ones supported by the
           domain crate. Supported algorithms include RSASHA256,
           ECDSAP256SHA256, and ED25519 but exclude RSHASHA1 and
@@ -113,13 +113,15 @@ Options
 
 .. option:: -o <DOMAIN>
 
-      Use this as the origin for the zone (only necessary for zonefiles with
-      relative names and no $ORIGIN).
+      Use this owner name as the apex of the zone.
+      
+      If not specified the owner name of the first SOA record will be used as
+      the apex of the zone.
 
 .. option:: -u
 
       Set the SOA serial in the resulting zonefile to the given number of
-      seconds since Jan 1st 1970.
+      seconds since January 1st 1970.
 
 .. option:: -u