--- bind-9.18.28/doc/man/named.8in.orig	2024-07-08 17:22:50.522668771 +0200
+++ bind-9.18.28/doc/man/named.8in	2024-07-31 22:01:07.556991781 +0200
@@ -236,13 +236,11 @@
 \fBNOTE:\fP
 .INDENT 0.0
 .INDENT 3.5
-On Linux, \fBnamed\fP uses the kernel\(aqs capability mechanism to drop
-all root privileges except the ability to \fBbind\fP to a
-privileged port and set process resource limits. Unfortunately,
-this means that the \fI\%\-u\fP option only works when \fBnamed\fP is run
-on kernel 2.2.18 or later, or kernel 2.3.99\-pre3 or later, since
-previous kernels did not allow privileges to be retained after
-\fBsetuid\fP\&.
+On illumos-based distributions, including OpenIndiana, \fBnamed\fP
+uses the kernel\(aqs capability mechanism to drop
+all root privileges.
+The method script adds the privileges to \fBbind\fP to a privileged port.
+Basic privileges are still retained after \fBsetuid\fP\&.
 .UNINDENT
 .UNINDENT
 .INDENT 0.0
@@ -264,6 +262,100 @@
 Use of this option overrides the \fBlock\-file\fP option in
 \X'tty: link #std-iscman-named.conf'\fI\%named.conf\fP\X'tty: link'\&. If set to \fBnone\fP, the lock file check is disabled.
 .UNINDENT
+.SH AUTOMATIC SERVICE MANAGEMENT (SMF)
+.sp
+The \fBDNS\fP service is managed by the service management facility, \fBsmf\fP(7), under the service identifier:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+svc:/network/dns/server:default
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.LP
+Administrative actions on this service, such as enabling, disabling, or requesting restart, can be performed using \fBsvcadm\fP(8). The service's status can
+be queried using the \fBsvcs\fP(1) command.
+.LP
+\fBDNS\fP on illumos is managed via the service management facility described in
+\fBsmf\fP(7). There are several options controlled by services properties which
+can be set by the system administrator. The available options can be listed by
+executing the following command:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+svccfg -s svc:/network/dns/server:default listprop options
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Each of these properties can be set using this command:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+svccfg -s  svc:/network/dns/server:default setprop \fIpropname\fP = \fIvalue\fP
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+The available options and their meanings are as follows:
+.TP
+.BR options/server
+A string that specifies an alternative server command.  If
+not specified the default /usr/sbin/named is used.
+.TP
+.BR options/configuration_file
+A string that specifies an alternative
+configuration file to be used. The property is similar
+to named(8) command line option '-c <string>.
+.TP
+.BR options/ip_interfaces
+A string that specifies which IP transport BIND will
+transmit on. Possible values are 'IPv4' or 'IPv6'. Any
+other setting assumes 'all', the default.
+Equivalent to command line option '-4' or '-6'.
+.TP
+.BR options/listen_on_port
+An integer that specifies the default UDP and TCP port
+which will be used to listen for DNS requests.
+If not specified, the server listens on port 53.
+Equivalent to command line option '-p <integer>'.
+.TP
+.BR options/debug_level
+An integer that specifies the default debug level.  The
+default is 0; no debugging. The higher the number the
+more verbose debug information becomes.
+Equivalent to command line option '-d <integer>'.
+.TP
+.BR options/threads
+An integer that specifies the number of cpu worker threads to
+create.  The default of 0 causes named to try to
+determine the number of CPUs present and create one
+thread per CPU.
+Equivalent to command line option '-n <integer>'.
+.TP
+.BR options/chroot_dir
+Change the root directory using chroot(2)
+to pathname after processing the command line
+arguments, but before reading the configuration file.
+The working directory must be below chroot_dir.
+This option should be used in conjunction with the user option.
+Equivalent to command line option '-t <pathname>'.
+.TP
+.BR options/user
+Change to user after completing privileged operations, such as
+creating sockets that listen on privileged ports.
+The default user is 'named'.
+The working directory must be writable by this user.
+Equivalent to command line option '-u user'.
 .SH SIGNALS
 .sp
 In routine operation, signals should not be used to control the