From owner-svn-doc-all@FreeBSD.ORG Sun Feb 23 00:32:01 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 86AC1708; Sun, 23 Feb 2014 00:32:01 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 730781CA2; Sun, 23 Feb 2014 00:32:01 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1N0W162031781; Sun, 23 Feb 2014 00:32:01 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1N0W11F031780; Sun, 23 Feb 2014 00:32:01 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201402230032.s1N0W11F031780@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sun, 23 Feb 2014 00:32:01 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44032 - head/ja_JP.eucJP/htdocs/docs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 23 Feb 2014 00:32:01 -0000 Author: ryusuke Date: Sun Feb 23 00:32:00 2014 New Revision: 44032 URL: http://svnweb.freebsd.org/changeset/doc/44032 Log: - Merge the following from the English version: r42070 -> r44031 head/ja_JP.eucJP/htdocs/docs/books.xml Modified: head/ja_JP.eucJP/htdocs/docs/books.xml Modified: head/ja_JP.eucJP/htdocs/docs/books.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/docs/books.xml Sat Feb 22 19:43:29 2014 (r44031) +++ head/ja_JP.eucJP/htdocs/docs/books.xml Sun Feb 23 00:32:00 2014 (r44032) @@ -1,6 +1,6 @@ @@ -9,7 +9,7 @@ ]> - + @@ -281,12 +281,6 @@ FreeBSD プロジェクトに障害報告を書いて提出する 効果的な方法について述べた記事です。

-

PXE booting - FreeBSD (pxe) (英語版のみ)
- FreeBSD を使って Intel PXE サーバを構築し、 - PXE サーバからブートする - FreeBSD クライアントを設定するための文書です。

-

Practical rc.d scripting in BSD (rc-scripting) (英語版のみ)
新しい rc.d スクリプトの書き方、およびすでに書かれたスクリプトを理解するためのガイドです。

From owner-svn-doc-all@FreeBSD.ORG Sun Feb 23 01:11:45 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 83599F76; Sun, 23 Feb 2014 01:11:45 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 659891104; Sun, 23 Feb 2014 01:11:45 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1N1BjMe047912; Sun, 23 Feb 2014 01:11:45 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1N1BjHr047911; Sun, 23 Feb 2014 01:11:45 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201402230111.s1N1BjHr047911@svn.freebsd.org> From: Warren Block Date: Sun, 23 Feb 2014 01:11:45 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44033 - head/en_US.ISO8859-1/htdocs/docs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 23 Feb 2014 01:11:45 -0000 Author: wblock Date: Sun Feb 23 01:11:45 2014 New Revision: 44033 URL: http://svnweb.freebsd.org/changeset/doc/44033 Log: Whitespace-only cleanup, translators please ignore. Modified: head/en_US.ISO8859-1/htdocs/docs/books.xml Modified: head/en_US.ISO8859-1/htdocs/docs/books.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/docs/books.xml Sun Feb 23 00:32:00 2014 (r44032) +++ head/en_US.ISO8859-1/htdocs/docs/books.xml Sun Feb 23 01:11:45 2014 (r44033) @@ -8,331 +8,330 @@ ]> - - &title; + + &title; - $FreeBSD$ - + $FreeBSD$ + - + -

On this site

- -

All the documentation on this site can be downloaded in a variety of - different formats (HTML, Postscript, PDF, and more) and compression - schemes (BZip2, Zip) from the FreeBSD FTP site.

- -

Archived copies of the &os; documentation (articles, - books, and textinfo manuals) are also available online at - http://docs.FreeBSD.org/doc/.

- -

This documentation is provided and maintained by the FreeBSD Documentation Project, and we are - always looking for people to contribute new documentation and maintain - existing documentation.

- -

Books

- -

A project - model for the FreeBSD project (dev-model)
- A formal study of the organization of the FreeBSD project.

- -

The FreeBSD FAQ - (faq)
- Frequently Asked Questions, and answers, covering all - aspects of FreeBSD.

- -

The FreeBSD Handbook - (handbook)
- A constantly evolving, comprehensive resource for FreeBSD - users.

- -

The - FreeBSD Developers' Handbook (developers-handbook)
- For people who want to develop software for FreeBSD (and not - just people who are developing FreeBSD itself).

- -

The - FreeBSD Architecture Handbook (arch-handbook)
- For FreeBSD system developers. This book covers the - architectural details of many important FreeBSD kernel - subsystems.

- -

The Porter's - Handbook (porters-handbook)
- Essential reading if you plan on providing a port of a third - party piece of software.

- -

The PMake Tutorial - (pmake)
- A tutorial for the make utility. This book is essential - reading for anyone who wants to understand all the details of using - make of reading and writing makefiles.

- -

Chapter 2 - of "The Design and Implementation of the 4.4BSD Operating - System" (design-44bsd)
- Donated by Addison-Wesley, provides a design overview of 4.4BSD, - from which FreeBSD was originally derived.

- -

The FreeBSD - Documentation Project Primer for New Contributors - (fdp-primer)
- Everything you need to know in order to start contributing to the - FreeBSD Documentation Project.

- -

Articles

- - - -

Why you should use - a BSD style license for your Open Source Project (bsdl-gpl)
- Describes the benefits of releasing code under a BSD - license.

- -

Building - Products with FreeBSD (building-products)
- How FreeBSD can help you build a better product.

- -

Argentina.com : A Case Study (casestudy-argentina.com)
- How FreeBSD helped a large ISP in Latin America.

- -

The - Committer's Guide (committers-guide)
- Introductory information for FreeBSD committers.

- -

Installing - and using Compiz Fusion (compiz-fusion)
- How to install and use the Compiz Fusion composite window - manager under FreeBSD.

- -

Console - Server Tutorial (console-server)
- How to setup a FreeBSD based console server with a cheap - multi-port serial card.

- -

Contributing - to FreeBSD (contributing)
- How to contribute to the FreeBSD Project.

- -

- Contributing to the FreeBSD Ports Collection - (contributing-ports)
- How to help maintain the FreeBSD Ports Collection.

- -

The - List of FreeBSD Contributors (contributors)
- A list of organizations and individuals who have helped - enhance FreeBSD.

- -

CUPS on &os; - (cups)
- How to setup CUPS with &os;.

- -

Using - newer version of GCC and binutils with the &os; Ports - Collection (custom-gcc)
- How to use newer versions of the GCC compilers and - binutils from the &os; ports tree. Custom GCC - are also discussed.

- -

Setting up a - CVS repository - The FreeBSD way (cvs-freebsd)
- How to set up a CVS repository that uses the same CVSROOT - infrastructure as the FreeBSD project.

- -

Explaining - BSD (explaining-bsd)
- An answer to the question ``What is BSD?''

- -

FreeBSD - From Scratch (fbsd-from-scratch)
- How to automatically compile, install and configure a system from - scratch (i.e. to an empty file system), including your favorite - ports.

- -

Filtering - Bridges (filtering-bridges)
- Configuring firewalls and filtering on FreeBSD hosts acting as - bridges rather than routers.

- -

Fonts and - FreeBSD (fonts)
- A description of the various font technologies in FreeBSD, and - how to use them with different programs.

- -

How - to get the best results from the FreeBSD-questions mailing list - (freebsd-questions)
- Tips and tricks to help you maximize the chances of getting - useful information from the -questions mailing list.

- -

Build - Your Own FreeBSD Update Server - (freebsd-update-server)
- Using a FreeBSD Update server allows a system - administrator to perform fast updates for a number of - machines from a local mirror.

- -

Writing - a GEOM Class (geom-class)
- A guide to GEOM internals, and writing your own class.

- -

Implementing - UFS journaling on a desktop PC (gjournal-desktop)
- A guide to create UFS partitions configured with journaling - for desktop use.

- -

Mirroring FreeBSD - (hubs) -
The all in one guide for mirroring the FreeBSD website, - CVSup servers, FTP servers, and more.

- -

Independent - Verification of IPsec Functionality in FreeBSD - (ipsec-must)
- A method for experimentally verifying IPsec - functionality.

- -

FreeBSD on Laptops - (laptop)
- Information about running FreeBSD on a laptop.

- -

LDAP Authentication - (ldap-auth)
- A practical guide about setting up an LDAP server on - &os; and how to use it for authenticating users.

- -

FreeBSD: An Open Source Alternative to Linux - (linux-comparison)
- A white paper explaining the differences between Linux - and FreeBSD.

- -

Linux emulation in &os; - (linux-emulation)
- A technical description about the internals of the Linux - emulation layer in &os;.

- -

&os; Quickstart Guide for Linux Users - (linux-users)
- An introductionary guide for the users that came from Linux.

- -

Frequently - Asked Questions About The FreeBSD Mailing Lists - (mailing-list-faq)
- How to best use the mailing lists, such as how to help - avoid frequently-repeated discussions.

- -

An MH Primer - (mh)
- An introduction to using the MH mail reader on - FreeBSD.

- -

Introduction - to NanoBSD (nanobsd)
- Information about the NanoBSD tools, which can be used to - create FreeBSD system images for embedded applications, - suitable for use on a Compact Flash card (or other mass - storage medium).

- -

FreeBSD - First Steps (new-users)
- For people coming to FreeBSD and &unix; for the first - time.

- -

Perforce - in FreeBSD Development (p4-primer)
- A guide to the Perforce version control system. It also - describes how to manage experimental projects with the - FreeBSD Perforce server.

- -

Pluggable - Authentication Modules (pam)
- A guide to the PAM system and modules under - FreeBSD.

- -

- Port Mentor Guidelines (port-mentor-guidelines)
- Guidelines for new and/or potential port mentors and - mentees.

- -

Package - building procedures (portbuild)
- Describes the approach used by the FreeBSD port - manager team to regularly build ports into packages. - It describes the portbuild cluster, as well as the tools - needed to do incremental, experimental, and official release - package builds.

- -

FreeBSD - Problem Report Handling Guidelines (pr-guidelines)
- Recommended practices for handling FreeBSD problem - reports.

- -

Writing - FreeBSD Problem Reports (problem-reports)
- How to best formulate and submit a problem report to the - FreeBSD Project.

- -

Practical - rc.d scripting in BSD (rc-scripting)
- A guide to writing new rc.d scripts and understanding those - already written.

- -

FreeBSD as - a greylist mail server (relaydelay)
- Implementing a greylist mail server on FreeBSD - using Sendmail, MySQL, Perl and the relaydelay - software. This is an excellent method to use in the - fight against spam.

- -

FreeBSD - Release Engineering (releng)
- Describes the approach used by the FreeBSD release - engineering team to make production quality releases of the - FreeBSD Operating System. It describes the tools available - for those interested in producing customized FreeBSD releases - for corporate rollouts or commercial productization.

- -

FreeBSD - Release Engineering for Third Party Packages - (releng-packages)
- Describes the approach used by the FreeBSD - ports management team to produce a high quality package set - suitable for official FreeBSD release media. This document is - a work in progress, but eventually it will cover the process - used to build a clean package set on the FreeBSD.org "Ports - Cluster", how to configure any other set of machines as a - ports cluster, how to split up the packages for the release - media, and how to verify that a package set is - consistent.

- -

Remote - Installation of the &os; Operating System without a - Remote Console (remote-install)
- Describes the remote installation of the &os; operating - system when the console of the remote system is - unavailable.

- -

Serial - and UART devices (serial-uart)
- Detailed information about the use of serial ports on FreeBSD, - including several multi-port serial cards.

- -

FreeBSD - and Solid State Devices (solid-state)
- The use of solid state disk devices in FreeBSD.

- -

Design - elements of the FreeBSD VM system (vm-design)
- An easy to follow description of the design of the FreeBSD - virtual memory system.

+

On this site

+ +

All the documentation on this site can be downloaded in a + variety of different formats (HTML, Postscript, PDF, and more) + and compression schemes (BZip2, Zip) from the FreeBSD FTP + site.

+ +

Archived copies of the &os; documentation (articles, books, and + textinfo manuals) are also available online at http://docs.FreeBSD.org/doc/.

+ +

This documentation is provided and maintained by the + FreeBSD + Documentation Project, and we are always looking for + people to contribute new documentation and maintain existing + documentation.

+ +

Books

+ +

A project model for + the FreeBSD project (dev-model)
+ A formal study of the organization of the FreeBSD project.

+ +

The FreeBSD FAQ + (faq)
+ Frequently Asked Questions, and answers, covering all aspects of + FreeBSD.

+ +

The FreeBSD + Handbook (handbook)
+ A constantly evolving, comprehensive resource for FreeBSD + users.

+ +

The + FreeBSD Developers' Handbook (developers-handbook)
+ + For people who want to develop software for FreeBSD (and not + just people who are developing FreeBSD itself).

+ +

The FreeBSD + Architecture Handbook (arch-handbook)
+ For FreeBSD system developers. This book covers the + architectural details of many important FreeBSD kernel + subsystems.

+ +

The Porter's + Handbook (porters-handbook)
+ Essential reading if you plan on providing a port of a third + party piece of software.

+ +

The PMake Tutorial + (pmake)
+ A tutorial for the make utility. This book is + essential reading for anyone who wants to understand all the + details of using make of reading and writing + makefiles.

+ +

Chapter 2 + of "The Design and Implementation of the 4.4BSD Operating + System" (design-44bsd)
+ Donated by Addison-Wesley, provides a design overview of 4.4BSD, + from which FreeBSD was originally derived.

+ +

The FreeBSD + Documentation Project Primer for New Contributors + (fdp-primer)
+ Everything you need to know in order to start contributing to + the FreeBSD Documentation Project.

+ +

Articles

+ + + +

Why you should use + a BSD style license for your Open Source Project + (bsdl-gpl)
+ Describes the benefits of releasing code under a BSD + license.

+ +

Building + Products with FreeBSD (building-products)
+ How FreeBSD can help you build a better product.

+ +

Argentina.com: + A Case Study (casestudy-argentina.com)
+ How FreeBSD helped a large ISP in Latin America.

+ +

The + Committer's Guide (committers-guide)
+ Introductory information for FreeBSD committers.

+ +

Installing + and using Compiz Fusion (compiz-fusion)
+ How to install and use the Compiz Fusion composite window + manager under FreeBSD.

+ +

Console + Server Tutorial (console-server)
+ How to setup a FreeBSD based console server with a cheap + multi-port serial card.

+ +

Contributing + to FreeBSD (contributing)
+ How to contribute to the FreeBSD Project.

+ +

Contributing + to the FreeBSD Ports Collection (contributing-ports)
+ How to help maintain the FreeBSD Ports Collection.

+ +

The List of + FreeBSD Contributors (contributors)
+ A list of organizations and individuals who have helped enhance + FreeBSD.

+ +

CUPS on &os; + (cups)
+ How to setup CUPS with &os;.

+ +

Using newer + version of GCC and binutils with the &os; Ports Collection + (custom-gcc)
+ How to use newer versions of the GCC compilers and binutils from + the &os; ports tree. Custom GCC are also discussed.

+ +

Setting up a + CVS repository - The FreeBSD way (cvs-freebsd)
+ How to set up a CVS repository that uses the same CVSROOT + infrastructure as the FreeBSD project.

+ +

Explaining + BSD (explaining-bsd)
+ An answer to the question ``What is BSD?''

+ +

FreeBSD + From Scratch (fbsd-from-scratch)
+ How to automatically compile, install and configure a system + from scratch (i.e. to an empty file system), including your + favorite ports.

+ +

Filtering + Bridges (filtering-bridges)
+ Configuring firewalls and filtering on FreeBSD hosts acting as + bridges rather than routers.

+ +

Fonts and FreeBSD + (fonts)
+ A description of the various font technologies in FreeBSD, and + how to use them with different programs.

+ + +

How to + get the best results from the FreeBSD-questions mailing + list (freebsd-questions)
+ Tips and tricks to help you maximize the chances of getting + useful information from the -questions mailing list.

+ +

Build + Your Own FreeBSD Update Server + (freebsd-update-server)
+ Using a FreeBSD Update server allows a system administrator to + perform fast updates for a number of machines from a local + mirror.

+ +

Writing a GEOM + Class (geom-class)
+ A guide to GEOM internals, and writing your own class.

+ +

Implementing + UFS journaling on a desktop PC (gjournal-desktop)
+ A guide to create UFS partitions configured with journaling for + desktop use.

+ +

Mirroring FreeBSD + (hubs)
+ The all in one guide for mirroring the FreeBSD website, CVSup + servers, FTP servers, and more.

+ +

Independent + Verification of IPsec Functionality in FreeBSD + (ipsec-must)
+ A method for experimentally verifying IPsec functionality.

+ +

FreeBSD on + Laptops (laptop)
+ Information about running FreeBSD on a laptop.

+ +

LDAP + Authentication (ldap-auth)
+ A practical guide about setting up an LDAP server on &os; and + how to use it for authenticating users.

+ +

FreeBSD: + An Open Source Alternative to Linux + (linux-comparison)
+ A white paper explaining the differences between Linux and + FreeBSD.

+ +

Linux + emulation in &os; (linux-emulation)
+ A technical description about the internals of the Linux + emulation layer in &os;.

+ +

&os; Quickstart + Guide for Linux Users (linux-users)
+ An introductionary guide for the users that came from Linux.

+ +

Frequently + Asked Questions About The FreeBSD Mailing Lists + (mailing-list-faq)
+ How to best use the mailing lists, such as how to help avoid + frequently-repeated discussions.

+ +

An MH Primer + (mh)
+ An introduction to using the MH mail reader on FreeBSD.

+ +

Introduction to + NanoBSD (nanobsd)
+ Information about the NanoBSD tools, which can be used to create + FreeBSD system images for embedded applications, suitable for + use on a Compact Flash card (or other mass storage medium).

+ +

FreeBSD First + Steps (new-users)
+ For people coming to FreeBSD and &unix; for the first time.

+ +

Perforce in + FreeBSD Development (p4-primer)
+ A guide to the Perforce version control system. It also + describes how to manage experimental projects with the FreeBSD + Perforce server.

+ +

Pluggable + Authentication Modules (pam)
+ A guide to the PAM system and modules under FreeBSD.

+ +

Port + Mentor Guidelines (port-mentor-guidelines)
+ Guidelines for new and/or potential port mentors and + mentees.

+ +

Package building + procedures (portbuild)
+ Describes the approach used by the FreeBSD port manager team to + regularly build ports into packages. It describes the portbuild + cluster, as well as the tools needed to do incremental, + experimental, and official release package builds.

+ +

FreeBSD + Problem Report Handling Guidelines (pr-guidelines)
+ Recommended practices for handling FreeBSD problem reports.

+ +

Writing + FreeBSD Problem Reports (problem-reports)
+ How to best formulate and submit a problem report to the FreeBSD + Project.

+ +

Practical rc.d + scripting in BSD (rc-scripting)
+ A guide to writing new rc.d scripts and understanding those + already written.

+ +

FreeBSD as a + greylist mail server (relaydelay)
+ Implementing a greylist mail server on FreeBSD using Sendmail, + MySQL, Perl and the relaydelay software. This is an excellent + method to use in the fight against spam.

+ +

FreeBSD Release + Engineering (releng)
+ Describes the approach used by the FreeBSD release engineering + team to make production quality releases of the FreeBSD + Operating System. It describes the tools available for those + interested in producing customized FreeBSD releases for + corporate rollouts or commercial productization.

+ +

FreeBSD + Release Engineering for Third Party Packages + (releng-packages)
+ Describes the approach used by the FreeBSD ports management team + to produce a high quality package set suitable for official + FreeBSD release media. This document is a work in progress, but + eventually it will cover the process used to build a clean + package set on the FreeBSD.org "Ports Cluster", how to configure + any other set of machines as a ports cluster, how to split up + the packages for the release media, and how to verify that a + package set is consistent.

+ +

Remote + Installation of the &os; Operating System without a + Remote Console (remote-install)
+ Describes the remote installation of the &os; operating system + when the console of the remote system is unavailable.

+ +

Serial and UART + devices (serial-uart)
+ Detailed information about the use of serial ports on FreeBSD, + including several multi-port serial cards.

+ +

FreeBSD and + Solid State Devices (solid-state)
+ The use of solid state disk devices in FreeBSD.

+ +

Design elements + of the FreeBSD VM system (vm-design)
+ An easy to follow description of the design of the FreeBSD + virtual memory system.

On other web sites

-

Various independent efforts have also produced a great deal of useful - information about FreeBSD.

+

Various independent efforts have also produced a great deal of + useful information about FreeBSD.

Articles

@@ -340,41 +339,42 @@

  • Niels Jorgensen has authored an academic study on the dynamics of the FreeBSD development process: - ``Putting it All in the Trunk, Incremental Software - Development in the FreeBSD Open Source Project'' - [Information Systems Journal (2001) 11, 321-336].

    + href="http://www.ruc.dk/~nielsj/research/publications/freebsd.pdf">``Putting + it All in the Trunk, Incremental Software Development in + the FreeBSD Open Source Project'' [Information Systems + Journal (2001) 11, 321-336].

  • -

    Kirk McKusick, one - of the original architects of BSD at U.C. Berkeley, teaches two 4.4BSD Kernel - Internals courses using FreeBSD. For those unable to attend - the courses in person, a video tape series is also now - available.

    +

    Kirk McKusick, + one of the original architects of BSD at U.C. Berkeley, + teaches two + 4.4BSD Kernel + Internals courses using FreeBSD. For those unable to + attend the courses in person, a video tape series is also + now available.

  • -

    FreeBSD How-To's for - the Lazy and Hopeless is another somewhat more light-hearted - attempt to provide more readable "how-to" style information on - setting up and configuring FreeBSD.

    +

    FreeBSD + How-To's for the Lazy and Hopeless is another somewhat + more light-hearted attempt to provide more readable "how-to" + style information on setting up and configuring FreeBSD.

  • The - Linux+FreeBSD mini-HOWTO describes how to use - Linux and FreeBSD on the same system. It introduces FreeBSD and - discusses how the two operating systems can cooperate, e.g. by - sharing swap space.

    + Linux+FreeBSD mini-HOWTO describes how to use Linux + and FreeBSD on the same system. It introduces FreeBSD and + discusses how the two operating systems can cooperate, e.g. + by sharing swap space.

  • -

    Getting started with AMD on - FreeBSD

    +

    Getting started with + AMD on FreeBSD

    • - + -->
  • -

    Writing an ISA device driver. This document has been - imported into The FreeBSD - Architecture Handbook.

    +

    Writing an ISA device driver. This document has + been imported into + The FreeBSD + Architecture Handbook.

  • -

    FreeBSD Assembly Language Programming Tutorial. This - document has been imported into The FreeBSD - Developer's Handbook.

    +

    FreeBSD Assembly Language Programming Tutorial. + This document has been imported into + The + FreeBSD Developer's Handbook.

  • -

    Profiling +

    Profiling and Debugging the FreeBSD Kernel

  • -

    Debugging +

    Debugging Buffer Overruns in the FreeBSD Kernel

    • @@ -415,22 +417,19 @@
  • -

    The - SMP support page contains information on the SMP support - in FreeBSD 4.X and earlier.

    +

    The + SMP support page contains information on the SMP + support in FreeBSD 4.X and earlier.

  • -

    Appendix A from the college textbook - Operating Systems Concepts by Silberschatz, Galvin and - Gagne has been made available online in - PDF format. - The appendix is dedicated to FreeBSD and offers a good - introduction to FreeBSD's internals.

    +

    Appendix A from the college textbook + Operating Systems Concepts by Silberschatz, Galvin + and Gagne has been made available online in PDF + format. The appendix is dedicated to FreeBSD and + offers a good introduction to FreeBSD's internals.

    • - - - - - + + From owner-svn-doc-all@FreeBSD.ORG Sun Feb 23 04:51:32 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EFBB5448; Sun, 23 Feb 2014 04:51:31 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id CB9C91714; Sun, 23 Feb 2014 04:51:31 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1N4pV9V036726; Sun, 23 Feb 2014 04:51:31 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1N4pVTl036724; Sun, 23 Feb 2014 04:51:31 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201402230451.s1N4pVTl036724@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sun, 23 Feb 2014 04:51:31 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44034 - in head/ja_JP.eucJP/books/handbook: cutting-edge ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 23 Feb 2014 04:51:32 -0000 Author: ryusuke Date: Sun Feb 23 04:51:31 2014 New Revision: 44034 URL: http://svnweb.freebsd.org/changeset/doc/44034 Log: - Merge the following from the English version: r43769 -> r43773 head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml - Comment out the link to updating-upgrading-portsnap. head/ja_JP.eucJP/books/handbook/ports/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml head/ja_JP.eucJP/books/handbook/ports/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Sun Feb 23 01:11:45 2014 (r44033) +++ head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Sun Feb 23 04:51:31 2014 (r44034) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43769 + Original revision: r43773 $FreeBSD$ --> - システムと Ports Collection - のアップデートに用いるユーティリティについて - - - freebsd-update, Subversion もしくは CTM @@ -719,109 +714,6 @@ before running "/usr/sbin/freebsd-update - - - Portsnap: Ports Collection アップデートツール - - - - - Tom - Rhodes - - 寄稿: - - - - - - - Colin - Percival - - ベースとなったノートの提供: - - - - - - アップデートとアップグレード - - - Portsnap - アップデートとアップグレード - - - &os; のベースシステムには、 - Ports Collection をアップデートする &man.portsnap.8; があります。 - このユーティリティは、&os; のサイトに接続し、セキュリティキーを検証し、 - Ports Collection の最新版をダウンロードします。 - セキュリティキーは、 - ダウンロードしたすべてのファイルの検証に用いられます。 - 最新の Ports Collection ファイルをダウンロードするには、 - 以下のコマンドを実行してください。 - - &prompt.root; portsnap fetch -Looking up portsnap.FreeBSD.org mirrors... 9 mirrors found. -Fetching snapshot tag from geodns-1.portsnap.freebsd.org... done. -Fetching snapshot metadata... done. -Updating from Tue May 22 02:12:15 CEST 2012 to Wed May 23 16:28:31 CEST 2012. -Fetching 3 metadata patches.. done. -Applying metadata patches... done. -Fetching 3 metadata files... done. -Fetching 90 patches.....10....20....30....40....50....60....70....80....90. done. -Applying patches... done. -Fetching 133 new ports or files... done. - - この例では、&man.portsnap.8; - が現在の ports に対するパッチを見つけ、検証したことを示しています。 - また、ユーティリティは以前に実行していることも示しています。 - もし初めて実行したのであれば、Ports Collection のダウンロードのみが行われます。 - - &man.portsnap.8; が fetch に成功すると、 - 検証を通った Ports Collection と、 - それに続くパッチがローカルシステムに存在します。 - はじめて portsnap を実行した時には、 - extract を使って、 - ダウンロードしたファイルをインストールしてください。 - - &prompt.root; portsnap extract -/usr/ports/.cvsignore -/usr/ports/CHANGES -/usr/ports/COPYRIGHT -/usr/ports/GIDs -/usr/ports/KNOBS -/usr/ports/LEGAL -/usr/ports/MOVED -/usr/ports/Makefile -/usr/ports/Mk/bsd.apache.mk -/usr/ports/Mk/bsd.autotools.mk -/usr/ports/Mk/bsd.cmake.mk -... - - すでにインストールされている Ports Collection - をアップデートするには、 - portsnap update を使ってください。 - - &prompt.root; portsnap update - - これでアップデートプロセスは完了しました。 - 更新された Ports Collection を使って、 - アプリケーションをインストールしたり、 - アップグレードできます。 - - fetch を使う場合には、 - extract および update - を連続して行うことができます。 - - &prompt.root; portsnap fetch update - - このコマンドにより最新の - Ports Collection がダウンロードされ、 - /usr/ports - 以下にあるローカルの Ports Collection がアップデートされます。 - - ドキュメントのアップデート Modified: head/ja_JP.eucJP/books/handbook/ports/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/ports/chapter.xml Sun Feb 23 01:11:45 2014 (r44033) +++ head/ja_JP.eucJP/books/handbook/ports/chapter.xml Sun Feb 23 04:51:31 2014 (r44034) @@ -1213,11 +1213,11 @@ Deinstalling ca_root_nss-3.13.5... done< - Portsnap の詳細と、 + From owner-svn-doc-all@FreeBSD.ORG Sun Feb 23 12:18:17 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 96DE7618; Sun, 23 Feb 2014 12:18:17 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8113916C7; Sun, 23 Feb 2014 12:18:17 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1NCIH4L013044; Sun, 23 Feb 2014 12:18:17 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1NCIHkP013043; Sun, 23 Feb 2014 12:18:17 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201402231218.s1NCIHkP013043@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sun, 23 Feb 2014 12:18:17 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44035 - head/ja_JP.eucJP/htdocs/docs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 23 Feb 2014 12:18:17 -0000 Author: ryusuke Date: Sun Feb 23 12:18:17 2014 New Revision: 44035 URL: http://svnweb.freebsd.org/changeset/doc/44035 Log: - Merge the following from the English version: r44031 -> r44033 head/ja_JP.eucJP/htdocs/docs/books.xml Modified: head/ja_JP.eucJP/htdocs/docs/books.xml Modified: head/ja_JP.eucJP/htdocs/docs/books.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/docs/books.xml Sun Feb 23 04:51:31 2014 (r44034) +++ head/ja_JP.eucJP/htdocs/docs/books.xml Sun Feb 23 12:18:17 2014 (r44035) @@ -9,325 +9,319 @@ ]> - + - - &title; + + &title; - $FreeBSD$ - + $FreeBSD$ + - + -

    このサイトでは

    - -

    このサイトのすべての文書は、さまざまなフォーマット - (HTML, Postscript, PDF など) や圧縮形式 (BZip2, Zip) で - FreeBSD FTP サイト - からダウンロードできます。

    - -

    &os; の文書 (articles, books および textinfo マニュアル) - のアーカイブは、 - http://docs.FreeBSD.org/doc/ - からオンラインで入手できます。

    - -

    これらの文書は FreeBSD - ドキュメンテーションプロジェクト が提供、維持管理しています。 - また、私たちは新しい文書を寄贈したり、 - 既存の文書を維持管理してくれる人を常に募集しています。

    - -

    Books

    - -

    A project - model for the FreeBSD project (dev-model) - (英語版のみ)
    - FreeBSD プロジェクトという組織の公式的な考察。

    - -

    FreeBSD FAQ - (faq)
    - FreeBSD 全般を網羅した、よくある質問とそれに対する回答。

    - -

    FreeBSD - ハンドブック (handbook)
    - 今もなお成長を続けている、FreeBSD - ユーザのための包括的な資料です。

    - -

    The - FreeBSD Developer's Handbook (developers-handbook) - (英語版のみ)
    - FreeBSD 用のソフトウェアを開発したい人 (FreeBSD - そのものを開発している人だけではありません) - 向けの内容です。

    - -

    The - FreeBSD Architecture Handbook (arch-handbook) - (英語版のみ)
    - FreeBSD システムの開発者向けの books です。FreeBSD - の重要なカーネルサブシステムのアーキテクチャが詳細に述べられています。

    - -

    FreeBSD - port 作成者のためのハンドブック (porters-handbook)
    - サードパーティ製ソフトウェアの port を作成することを考えているのなら、 - まずこれを読みましょう。

    - -

    The PMake Tutorial - (pmake) (英語版のみ)
    - make ユーティリティのチュートリアルです。 - Makefile を読み書きして make - を使う詳細を理解したいなら、まずこれを読みましょう。

    - -

    "4.4BSD - オペレーティングシステムの設計と実装" 第 2 章 - (design-44bsd)
    - FreeBSD が派生した大元である、4.4BSD の設計の概要です。 - Addison-Wesley から寄贈されました。

    - -

    - 新しい貢献者のための - FreeBSD ドキュメンテーションプロジェクト入門 - (fdp-primer) (英語版のみ)
    - FreeBSD ドキュメンテーションプロジェクトに貢献し始めるのに必要な知識のすべてが詰まっています。

    - -

    Articles

    - - - -

    Why you should use - a BSD style license for your Open Source Project - (bsdl-gpl) (英語版のみ)
    - BSD ライセンスでコードを公開する利点について説明しています。

    - -

    Building - Products with FreeBSD (building-products) (英語版のみ)
    - FreeBSD が優れた製品の構築にどのように役立つかについて説明しています。

    - -

    Argentina.com : A Case Study - (casestudy-argentina.com) (英語版のみ)
    - FreeBSD がどのようにラテンアメリカの大規模 ISP - の役に立ったか。

    - -

    The - Committer's Guide (committers-guide) (英語版のみ)
    - FreeBSD committers のための入門書です。

    - -

    Installing - and using Compiz Fusion (compiz-fusion) (英語版のみ)
    - Compiz Fusion コンポジットウィンドウマネージャを FreeBSD - にインストールして利用する方法の紹介です。

    - -

    Console - Server Tutorial (console-server) (英語版のみ)
    - 廉価なマルチポートシリアルカードを使って - FreeBSD ベースのコンソールサーバを構築する方法です。

    - -

    FreeBSD - への貢献 (contributing)
    - FreeBSD プロジェクトへ貢献するための方法の紹介です。

    - -

    - Contributing to the FreeBSD Ports Collection - (contributing-ports) (英語版のみ)
    - FreeBSD Ports Collection の維持管理を手伝う方法の紹介です。

    - -

    FreeBSD - への貢献者一覧 (contributors)
    - FreeBSD をより良いものにするのを助けてくれた組織、 - 個人の一覧です。

    - -

    CUPS on &os; - (cups) (英語版のみ)
    - &os; に CUPS を設定する方法の紹介です。

    - -

    Using - newer version of GCC and binutils with the &os; Ports - Collection (custom-gcc) (英語版のみ)
    - &os; ports ツリーに用意されている新しいバージョンの - GCC コンパイラおよび bunutils の使い方の紹介です。 - GCC のカスタマイズについても説明しています。

    - -

    Setting up a - CVS repository - The FreeBSD way - (cvs-freebsd) (英語版のみ)
    - FreeBSD プロジェクトと同じ CVSROOT 機構を使って - CVS リポジトリをセットアップします。

    - -

    Explaining - BSD (explaining-bsd) (英語版のみ)
    - ``BSD とはなにか?'' という質問に対する答えです。

    - -

    FreeBSD - をゼロから設定する (fbsd-from-scratch)
    - 好みの ports を含め、ゼロから - (つまり空のファイルシステムに対して) システムのコンパイル、 - インストールそして設定を自動的に行う方法です。

    - -

    Filtering - Bridges (filtering-bridges) (英語版のみ)
    - ルータではなくブリッジとして動作する FreeBSD - ホストでファイヤウォールとパケットフィルタを設定する方法です。

    - -

    フォントと - FreeBSD (fonts)
    - FreeBSD におけるさまざまなフォント技術の説明と、 - プログラムからそれを使う方法を解説しています。

    - -

    How - to get the best results from the FreeBSD-questions mailing list - (freebsd-questions) (英語版のみ)
    - -questions メーリングリストから有用な情報を得るためには - どうすればいいのか、というヒントです。

    - -

    Build - Your Own FreeBSD Update Server - (freebsd-update-server) (英語版のみ)
    - FreeBSD アップデートサーバを作成すると、 - システム管理者はローカルミラーを利用して、 - たくさんのコンピュータのアップデート作業を短縮できます。

    - -

    Writing - a GEOM Class (geom-class) (英語版のみ)
    - GEOM の内部、およびクラスの書き方についてのガイドです。

    - -

    Implementing - UFS journaling on a desktop PC - (gjournal-desktop) (英語版のみ)
    - デスクトップ用途の PC に、ジャーナリング機能を追加した - UFS パーティションを作成する方法についてのガイドです。

    - -

    Mirroring FreeBSD - (hubs) (英語版のみ)
    - FreeBSD のウェブサイト、CVSup サーバ、FTP - サーバなどのミラーサーバの作り方をまとめて紹介します。

    - -

    - FreeBSD の IPsec 機能を独立検証するには - (ipsec-must)
    - IPsec 機能の確認試験方法を説明します。

    - -

    FreeBSD on Laptops - (laptop) (英語版のみ)
    - ラップトップで FreeBSD を動かすための情報を紹介しています。

    - -

    LDAP Authentication - (ldap-auth) (英語版のみ)
    - &os; を LDAP サーバに設定する実践的なガイド、 - および、どのようにユーザを認証するかの説明です。

    - -

    FreeBSD: An Open Source Alternative to Linux - (linux-comparison) (英語版のみ)
    - Linux と FreeBSD の違いを説明したホワイトペーパです。

    - -

    Linux emulation in &os; - (linux-emulation) (英語版のみ)
    - &os; の Linux 互換機能の内部に関する技術的な説明です。

    - -

    &os; Quickstart Guide for Linux Users - (linux-users) (英語版のみ)
    - Linux から移行してきたユーザ向けの導入ガイドです。

    - -

    Frequently - Asked Questions About The FreeBSD Mailing Lists - (mailing-list-faq) (英語版のみ)
    - しばしば繰り返される議論をどう避けるかといった、 - メーリングリストをうまく使う方法です。

    - -

    An MH Primer - (mh) (英語版のみ)
    - FreeBSD で MH メールリーダを使うための入門書です。

    - -

    Introduction - to NanoBSD (nanobsd) (英語版のみ)
    - NanoBSD の入門書です。NanoBSD は - FreeBSD システムのイメージ作成ツールで、 - 組み込みアプリケーションに用いることができます。 - コンパクトフラッシュカード (または、他の大容量の記憶媒体) - に適しています。

    - -

    FreeBSD - First Steps (new-users) (英語版のみ)
    - 初めて FreeBSD や &unix; に触れる人たちのための記事です。

    - -

    Perforce - in FreeBSD Development (p4-primer) (英語版のみ)
    - Perfoce バージョン管理システムの入門書です。 - 実験的な位置づけにあるプロジェクトを - FreeBSD Perfoece サーバで開発する方法についても説明しています。

    - -

    Pluggable - Authentication Modules (pam) (英語版のみ)
    - FreeBSD における PAM システムとモジュールについての入門書です。

    - -

    - Port Mentor Guidelines (port-mentor-guidelines) - (英語版のみ)
    - 新しく port のメンターやメンティーになられる方、もしくは、 - なる可能性のある方のためのガイドラインです。

    - -

    Package - building procedures (portbuild) (英語版のみ)
    - FreeBSD port 管理チームが定期的に ports から packages - を構築している方法を説明します。内容は、port 構築クラスタや、 - 漸進的、実験的および公式リリースのための - package 構築を行うのに必要なツールについてです。

    - -

    FreeBSD - Problem Report Handling Guidelines (pr-guidelines) - (英語版のみ)
    - FreeBSD の障害報告を処理する推奨方法を述べた記事です。

    - -

    FreeBSD - 障害報告の書き方 (problem-reports)
    - FreeBSD プロジェクトに障害報告を書いて提出する - 効果的な方法について述べた記事です。

    - -

    Practical - rc.d scripting in BSD (rc-scripting) (英語版のみ)
    - 新しい rc.d スクリプトの書き方、およびすでに書かれたスクリプトを理解するためのガイドです。

    - -

    FreeBSD as - a greylist mail server (relaydelay) (英語版のみ)
    - FreeBSD で Sendmail, MySQL, Perl と relaydelay - ソフトウェアを使って greylist メールサーバを実装します。 - これは、spam 対抗策として優れた方法です。

    - -

    FreeBSD - リリースエンジニアリング (releng) (英語版のみ)
    - FreeBSD リリースエンジニアリングチームが、FreeBSD - オペレーティングシステムの製品品質のリリースを作成するためにとっている方法を説明しています。 - 社内向けや商用としてカスタマイズされた FreeBSD - リリースを作成することに興味のある人のためのツールなどについても説明しています。

    - -

    FreeBSD - Release Engineering for Third Party Packages - (releng-packages) (英語版のみ)
    - FreeBSD ports management team が、FreeBSD - の公式リリースメディア用の高品質のパッケージセットを作成するために用いている手法を解説しています。 - この文書はまだ完成しているわけではありませんが、 - 将来的には FreeBSD.org の Ports クラスタ (Ports Cluster) - におけるパッケージセットの構築に使われている手法や、他のマシンを - ports クラスタとしてセットアップする方法、 - リリースメディアのためにパッケージを分割する方法、 - パッケージセットの一貫性を検証する方法などをとりあげる予定です。

    - -

    Remote - Installation of the &os; Operating System without a - Remote Console (remote-install) (英語版のみ)
    - コンソールを利用できない環境において、リモートシステムに - &os; オペレーティングシステムをインストールする方法についての説明です。

    - -

    Serial - and UART devices (serial-uart) (英語版のみ)
    - FreeBSD でシリアルポートを使う際の詳しい情報です。 - マルチポートシリアルカードに関する情報も含んでいます。

    - -

    FreeBSD - and Solid State Devices (solid-state) (英語版のみ)
    - FreeBSD における半導体ディスクの利用についての記事です。

    - -

    Design - elements of the FreeBSD VM system (vm-design) (英語版のみ)
    - FreeBSD の仮想メモリシステムの設計についてのわかりやすい解説です。

    +

    このサイトでは

    + +

    このサイトのすべての文書は、さまざまなフォーマット + (HTML, Postscript, PDF など) や圧縮形式 (BZip2, Zip) で + FreeBSD FTP サイト + からダウンロードできます。

    + +

    &os; の文書 (articles, books および textinfo マニュアル) + のアーカイブは、http://docs.FreeBSD.org/doc/ + からオンラインで入手できます。

    + +

    これらの文書は + FreeBSD + ドキュメンテーションプロジェクト が提供、維持管理しています。 + また、私たちは新しい文書を寄贈したり、 + 既存の文書を維持管理してくれる人を常に募集しています。

    + +

    Books

    + +

    A project model for + the FreeBSD project (dev-model) (英語版のみ)
    + FreeBSD プロジェクトという組織の公式的な考察。

    + +

    FreeBSD FAQ + (faq)
    + FreeBSD 全般を網羅した、よくある質問とそれに対する回答。

    + +

    FreeBSD + ハンドブック (handbook)
    + 今もなお成長を続けている、FreeBSD + ユーザのための包括的な資料です。

    + +

    The + FreeBSD Developer's Handbook (developers-handbook) + (英語版のみ)
    + FreeBSD 用のソフトウェアを開発したい人 (FreeBSD + そのものを開発している人だけではありません) 向けの内容です。

    + +

    The FreeBSD + Architecture Handbook (arch-handbook) (英語版のみ)
    + FreeBSD システムの開発者向けの books です。FreeBSD + の重要なカーネルサブシステムのアーキテクチャが詳細に述べられています。

    + +

    FreeBSD + port 作成者のためのハンドブック (porters-handbook)
    + サードパーティ製ソフトウェアの port を作成することを考えているのなら、 + まずこれを読みましょう。

    + +

    The PMake Tutorial + (pmake) (英語版のみ)
    + make ユーティリティのチュートリアルです。 + Makefile を読み書きして make + を使う詳細を理解したいなら、まずこれを読みましょう。

    + +

    "4.4BSD + オペレーティングシステムの設計と実装" 第 2 章 (design-44bsd)
    + FreeBSD が派生した大元である、4.4BSD の設計の概要です。 + Addison-Wesley から寄贈されました。

    + +

    新しい貢献者のための + FreeBSD ドキュメンテーションプロジェクト入門 + (fdp-primer) (英語版のみ)
    FreeBSD + ドキュメンテーションプロジェクトに貢献し始めるのに必要な知識のすべてが詰まっています。

    + +

    Articles

    + + + +

    Why you should use + a BSD style license for your Open Source Project + (bsdl-gpl) (英語版のみ)
    + BSD ライセンスでコードを公開する利点について説明しています。

    + +

    Building + Products with FreeBSD (building-products) (英語版のみ)
    + FreeBSD が優れた製品の構築にどのように役立つかについて説明しています。

    + +

    Argentina.com: + A Case Study (casestudy-argentina.com) (英語版のみ)
    + FreeBSD がどのようにラテンアメリカの大規模 ISP の役に立ったか。

    + +

    The + Committer's Guide (committers-guide) (英語版のみ)
    + FreeBSD committers のための入門書です。

    + +

    Installing + and using Compiz Fusion (compiz-fusion) (英語版のみ)
    + Compiz Fusion コンポジットウィンドウマネージャを FreeBSD + にインストールして利用する方法の紹介です。

    + +

    Console + Server Tutorial (console-server) (英語版のみ)
    + 廉価なマルチポートシリアルカードを使って + FreeBSD ベースのコンソールサーバを構築する方法です。

    + +

    FreeBSD + への貢献 (contributing)
    + FreeBSD プロジェクトへ貢献するための方法の紹介です。

    + +

    + Contributing to the FreeBSD Ports Collection + (contributing-ports) (英語版のみ)
    + FreeBSD Ports Collection の維持管理を手伝う方法の紹介です。

    + +

    FreeBSD + への貢献者一覧 (contributors)
    + FreeBSD をより良いものにするのを助けてくれた組織、個人の一覧です。

    + +

    CUPS on &os; + (cups) (英語版のみ)
    + &os; に CUPS を設定する方法の紹介です。

    + +

    Using newer + version of GCC and binutils with the &os; Ports Collection + (custom-gcc) (英語版のみ)
    + &os; ports ツリーに用意されている新しいバージョンの + GCC コンパイラおよび bunutils の使い方の紹介です。 + GCC のカスタマイズについても説明しています。

    + +

    Setting up a + CVS repository - The FreeBSD way + (cvs-freebsd) (英語版のみ)
    + FreeBSD プロジェクトと同じ CVSROOT 機構を使って + CVS リポジトリをセットアップします。

    + +

    Explaining + BSD (explaining-bsd) (英語版のみ)
    + ``BSD とはなにか?'' という質問に対する答えです。

    + +

    FreeBSD + をゼロから設定する (fbsd-from-scratch)
    + 好みの ports を含め、ゼロから + (つまり空のファイルシステムに対して) システムのコンパイル、 + インストールそして設定を自動的に行う方法です。

    + +

    Filtering + Bridges (filtering-bridges) (英語版のみ)
    + ルータではなくブリッジとして動作する FreeBSD + ホストでファイヤウォールとパケットフィルタを設定する方法です。

    + +

    フォントと FreeBSD + (fonts)
    + FreeBSD におけるさまざまなフォント技術の説明と、 + プログラムからそれを使う方法を解説しています。

    + +

    How to + get the best results from the FreeBSD-questions mailing + list (freebsd-questions) (英語版のみ)
    + -questions メーリングリストから有用な情報を得るためには + どうすればいいのか、というヒントです。

    + +

    Build + Your Own FreeBSD Update Server + (freebsd-update-server) (英語版のみ)
    + FreeBSD アップデートサーバを作成すると、 + システム管理者はローカルミラーを利用して、 + たくさんのコンピュータのアップデート作業を短縮できます。

    + +

    Writing a GEOM + Class (geom-class) (英語版のみ)
    + GEOM の内部、およびクラスの書き方についてのガイドです。

    + +

    Implementing + UFS journaling on a desktop PC + (gjournal-desktop) (英語版のみ)
    + デスクトップ用途の PC に、ジャーナリング機能を追加した + UFS パーティションを作成する方法についてのガイドです。

    + +

    Mirroring FreeBSD + (hubs) (英語版のみ)
    + FreeBSD のウェブサイト、CVSup サーバ、FTP + サーバなどのミラーサーバの作り方をまとめて紹介します。

    + +

    FreeBSD + の IPsec 機能を独立検証するには + (ipsec-must)
    + IPsec 機能の確認試験方法を説明します。

    + +

    FreeBSD on + Laptops (laptop) (英語版のみ)
    + ラップトップで FreeBSD を動かすための情報を紹介しています。

    + +

    LDAP + Authentication (ldap-auth) (英語版のみ)
    + &os; を LDAP サーバに設定する実践的なガイド、 + および、どのようにユーザを認証するかの説明です。

    + +

    FreeBSD: + An Open Source Alternative to Linux + (linux-comparison) (英語版のみ)
    + Linux と FreeBSD の違いを説明したホワイトペーパです。

    + +

    Linux + emulation in &os; (linux-emulation) (英語版のみ)
    + &os; の Linux 互換機能の内部に関する技術的な説明です。

    + +

    &os; Quickstart + Guide for Linux Users (linux-users) (英語版のみ)
    + Linux から移行してきたユーザ向けの導入ガイドです。

    + +

    Frequently + Asked Questions About The FreeBSD Mailing Lists + (mailing-list-faq) (英語版のみ)
    + しばしば繰り返される議論をどう避けるかといった、 + メーリングリストをうまく使う方法です。

    + +

    An MH Primer + (mh) (英語版のみ)
    + FreeBSD で MH メールリーダを使うための入門書です。

    + +

    Introduction to + NanoBSD (nanobsd) (英語版のみ)
    + NanoBSD の入門書です。NanoBSD は FreeBSD システムのイメージ作成ツールで、 + 組み込みアプリケーションに用いることができます。 + コンパクトフラッシュカード (または、他の大容量の記憶媒体) + に適しています。

    + +

    FreeBSD First + Steps (new-users) (英語版のみ)
    + 初めて FreeBSD や &unix; に触れる人たちのための記事です。

    + +

    Perforce in + FreeBSD Development (p4-primer) (英語版のみ)
    + Perfoce バージョン管理システムの入門書です。 + 実験的な位置づけにあるプロジェクトを + FreeBSD Perfoece サーバで開発する方法についても説明しています。

    + +

    Pluggable + Authentication Modules (pam) (英語版のみ)
    + FreeBSD における PAM システムとモジュールについての入門書です。

    + +

    Port + Mentor Guidelines (port-mentor-guidelines) (英語版のみ)
    + 新しく port のメンターやメンティーになられる方、もしくは、 + なる可能性のある方のためのガイドラインです。

    + +

    Package building + procedures (portbuild) (英語版のみ)
    + FreeBSD port 管理チームが定期的に ports から packages + を構築している方法を説明します。内容は、port 構築クラスタや、 + 漸進的、実験的および公式リリースのための + package 構築を行うのに必要なツールについてです。

    + +

    FreeBSD + Problem Report Handling Guidelines (pr-guidelines) + (英語版のみ)
    + FreeBSD の障害報告を処理する推奨方法を述べた記事です。

    + +

    FreeBSD + 障害報告の書き方 (problem-reports)
    FreeBSD + プロジェクトに障害報告を書いて提出する効果的な方法について述べた記事です。

    + +

    Practical rc.d + scripting in BSD (rc-scripting) (英語版のみ)
    + 新しい rc.d スクリプトの書き方、 + およびすでに書かれたスクリプトを理解するためのガイドです。

    + +

    FreeBSD as a + greylist mail server (relaydelay) (英語版のみ)
    + FreeBSD で Sendmail, MySQL, Perl と relaydelay + ソフトウェアを使って greylist メールサーバを実装します。 + これは、spam 対抗策として優れた方法です。

    + +

    FreeBSD + リリースエンジニアリング (releng) (英語版のみ)
    + FreeBSD リリースエンジニアリングチームが、FreeBSD + オペレーティングシステムの製品品質のリリースを作成するためにとっている方法を説明しています。 + 社内向けや商用としてカスタマイズされた FreeBSD + リリースを作成することに興味のある人のためのツールなどについても説明しています。

    + +

    FreeBSD + Release Engineering for Third Party Packages + (releng-packages) (英語版のみ)
    + FreeBSD ports management team が、FreeBSD + の公式リリースメディア用の高品質のパッケージセットを作成するために用いている手法を解説しています。 + この文書はまだ完成しているわけではありませんが、 + 将来的には FreeBSD.org の Ports クラスタ (Ports Cluster) + におけるパッケージセットの構築に使われている手法や、他のマシンを + ports クラスタとしてセットアップする方法、 + リリースメディアのためにパッケージを分割する方法、 + パッケージセットの一貫性を検証する方法などをとりあげる予定です。

    + +

    Remote + Installation of the &os; Operating System without a + Remote Console (remote-install) (英語版のみ)
    + コンソールを利用できない環境において、リモートシステムに &os; + オペレーティングシステムをインストールする方法についての説明です。

    + +

    Serial and UART + devices (serial-uart) (英語版のみ)
    + FreeBSD でシリアルポートを使う際の詳しい情報です。 + マルチポートシリアルカードに関する情報も含んでいます。

    + +

    FreeBSD and + Solid State Devices (solid-state) (英語版のみ)
    + FreeBSD における半導体ディスクの利用についての記事です。

    + +

    Design elements + of the FreeBSD VM system (vm-design) (英語版のみ)
    + FreeBSD の仮想メモリシステムの設計についてのわかりやすい解説です。

    他のウェブサイト

    @@ -340,32 +334,31 @@

  • Niels Jorgensen は FreeBSD 開発プロセスのダイナミクスに対する研究論文 - ``Putting it All in the Trunk, Incremental Software - Development in the FreeBSD Open Source Project'' - [Information Systems Journal (2001) 11, 321-336] - を書きました。

    + href="http://www.ruc.dk/~nielsj/research/publications/freebsd.pdf">``Putting + it All in the Trunk, Incremental Software Development in + the FreeBSD Open Source Project'' [Information Systems + Journal (2001) 11, 321-336] を書きました。

  • U.C. Berkeley で BSD のアーキテクトの一人であった Kirk McKusick は、FreeBSD を使った 二つの - 4.4BSD Kernel Internals - コースを教えています。 + 4.4BSD Kernel + Internals コースを教えています。 このコースに参加することができない人たちのために、 ビデオテープのシリーズも用意されています。

  • -

    FreeBSD How-To's for - the Lazy and Hopeless は、FreeBSD を導入し、 +

    FreeBSD + How-To's for the Lazy and Hopeless は、FreeBSD を導入し、 設定することについての、もうひとつの気楽に読むことのできる "how-to" 風の文書です。

  • -

    +

    The Linux+FreeBSD mini-HOWTO は同じシステムで Linux と FreeBSD を使う方法を解説しています。 これは FreeBSD を紹介して、 二つのオペレーティングシステムがどのように協調できるか @@ -376,64 +369,62 @@

    FreeBSD で AMD を使ってみよう

    • - + -->
  • -

    Writing an ISA device driver。 - この文書は +

    Writing an ISA device driver。この文書は The FreeBSD - Architecture Handbook に統合されました。

    + Architecture Handbook に統合されました。

  • FreeBSD Assembly Language Programming Tutorial。 - この文書は - - 開発者のためのハンドブックに統合されました。

    + この文書は 開発者のためのハンドブック + に統合されました。

  • -

    Profiling +

    Profiling and Debugging the FreeBSD Kernel

  • -

    Debugging +

    Debugging Buffer Overruns in the FreeBSD Kernel

  • FreeBSD 4.1 - における分割 DNS の設定

    + における分割 DNS の設定

  • SMP - サポートページ では、FreeBSD 4.X 以前の + サポートページ では、FreeBSD 4.X 以前の SMP 対応について説明されています。

  • -

    大学向け教科書の、Silberschatz, Galvin, Gagne 共著 " - - Operating Systems Concepts" の付録 A がオンラインで、 - PDF +

    大学向け教科書の、Silberschatz, Galvin, Gagne 共著 " + Operating Systems Concepts" の付録 A がオンラインで、PDF 形式で入手できるようになりました。この付録は FreeBSD について書かれたもので、 FreeBSD の内部構造に関する入門文書として優れています。

    • - - - - - + + From owner-svn-doc-all@FreeBSD.ORG Sun Feb 23 12:37:33 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1CE95707; Sun, 23 Feb 2014 12:37:33 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id ED9C2185D; Sun, 23 Feb 2014 12:37:32 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1NCbWEK022072; Sun, 23 Feb 2014 12:37:32 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1NCbW1K022071; Sun, 23 Feb 2014 12:37:32 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201402231237.s1NCbW1K022071@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sun, 23 Feb 2014 12:37:32 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44036 - head/ja_JP.eucJP/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 23 Feb 2014 12:37:33 -0000 Author: ryusuke Date: Sun Feb 23 12:37:32 2014 New Revision: 44036 URL: http://svnweb.freebsd.org/changeset/doc/44036 Log: - Merge the following from the English version: r43773 -> r43778 head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Sun Feb 23 12:18:17 2014 (r44035) +++ head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Sun Feb 23 12:37:32 2014 (r44036) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43773 + Original revision: r43778 $FreeBSD$ --> -STABLE &os; には二つの開発ブランチがあります。 - それは &os.current; と &os.stable; です。 - この章ではそれぞれについて説明し、 - どのようにしてシステムの対応するツリーを最新の状態に保つかについて説明します。 + それは &os.current; と &os.stable; です。 + + この節ではそれぞれについて説明し、 + どのようにしてシステムの対応するブランチを最新の状態に保つかについて説明します。 まずは &os.current;、次に &os.stable; について説明します。 訳: &a.hanai;、1996 年 11 月 6 日 - 最新の &os; を追いかける + &os.current; を使う &os.current; とは &os; の開発の 最前線 です。 &os.current; のユーザは高い技術力を持つことが要求され、 @@ -1167,9 +1168,6 @@ before running "/usr/sbin/freebsd-update もし &os; を使い始めたばかりなら、 これを運用することについて十分検討を重ねた方が良いでしょう。 - - &os.current; ってなに? - &os.current; は &os; の最新のソースコードです。 中には現在開発途上のソフトウェア、 実験的な変更、あるいは過渡的な機能などが含まれています。 @@ -1181,10 +1179,6 @@ before running "/usr/sbin/freebsd-update &os.current; が不幸をもたらすか、 それとも非常に素晴らしい機能をもたらすかは、 まさにソースコードを同期した瞬間によるのです! - - - - 誰が &os.current; を必要としてるの? &os.current; は、 次の 3 つの重要なグループを対象としています。 @@ -1214,11 +1208,9 @@ before running "/usr/sbin/freebsd-update 時々コメントやコードを寄稿してくれます。         - - - &os.current; - に期待しては<emphasis>いけない</emphasis>ことは? + &os.current; + に期待してはいけないことは? @@ -1238,10 +1230,6 @@ before running "/usr/sbin/freebsd-update 公式のサポート はありません。 - - - - &os.current; を使う @@ -1345,18 +1333,13 @@ before running "/usr/sbin/freebsd-update コードを伴う提案はもっとも歓迎されるものです! - - 安定版の &os; を使う + &os.stable; を使う 訳: &a.jp.iwasaki; - - &os.stable; ってなに? - -STABLE - &os.stable; とは定期的に公開されるリリースを作成するための開発ブランチです。 このブランチに加えられる変更は原則として、 事前に &os.current; で試験ずみであるという特徴があります。 @@ -1366,10 +1349,6 @@ before running "/usr/sbin/freebsd-update どんな場合にも使えるものであるとは限らないということです。 このブランチはもう一つの開発の流れというだけであって、 エンドユーザ向けのものではありません。 - - - - 誰が &os.stable; を必要としているの? FreeBSD の開発プロセスに興味があったり、 それに対する貢献を考えていて、特にそれが次回の @@ -1406,10 +1385,6 @@ before running "/usr/sbin/freebsd-update もし試験をする資源的な余裕がない場合は、 リリース間のバイナリアップデート機能を利用して、 最新の FreeBSD リリースを使うことを推奨します。 - - - - &os.stable; を使う -STABLE @@ -1511,7 +1486,6 @@ before running "/usr/sbin/freebsd-update ときどき必要となる既存システムからの新システムの構築手順についての最新情報を得てください。 - From owner-svn-doc-all@FreeBSD.ORG Sun Feb 23 16:11:37 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 545CAF04; Sun, 23 Feb 2014 16:11:37 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 3CD411B2C; Sun, 23 Feb 2014 16:11:37 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1NGBbZb012488; Sun, 23 Feb 2014 16:11:37 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1NGBbd5012487; Sun, 23 Feb 2014 16:11:37 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201402231611.s1NGBbd5012487@svn.freebsd.org> From: Dru Lavigne Date: Sun, 23 Feb 2014 16:11:37 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44037 - head/en_US.ISO8859-1/books/handbook/firewalls X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 23 Feb 2014 16:11:37 -0000 Author: dru Date: Sun Feb 23 16:11:36 2014 New Revision: 44037 URL: http://svnweb.freebsd.org/changeset/doc/44037 Log: Initial shuffle to improve flow of IPF NAT section. Next commit will review actual content. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Sun Feb 23 12:37:32 2014 (r44036) +++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Sun Feb 23 16:11:36 2014 (r44037) @@ -226,6 +226,40 @@ advanced matching abilities capable of defending against the flood of different attack methods employed by attackers. + NAT stands for Network + Address Translation. + NAT function enables the private LAN behind + the firewall to share a single ISP-assigned IP address, even + if that address is dynamically assigned. NAT allows each + computer in the LAN to have Internet access, without + having to pay the ISP for multiple Internet accounts or IP + addresses. + + NAT will automatically translate the + private LAN IP address for each system on the LAN to the + single public IP address as packets exit the firewall bound + for the public Internet. It also performs the reverse + translation for returning packets. + + According to RFC 1918, the following IP address ranges are + reserved for private networks which will never be routed + directly to the public Internet, and therefore are available + for use with NAT: + + + + 10.0.0.0/8. + + + + 172.16.0.0/12. + + + + 192.168.0.0/16. + + + When working with the firewall rules, be very careful. Some configurations can @@ -2158,117 +2192,6 @@ pass in quick on dc0 proto tcp from any block in log first quick on dc0 all - - Building the Rule Script with Symbolic - Substitution - - Some experienced IPF users create a file containing the - rules and code them in a manner compatible with running them - as a script with symbolic substitution. The major benefit - of doing this is that only the value associated with the - symbolic name needs to be changed, and when the script is - run all the rules containing the symbolic name will have the - value substituted in the rules. Being a script, symbolic - substitution can be used to code frequently used values and - substitute them in multiple rules. This can be seen in the - following example. - - The script syntax used here is compatible with the - &man.sh.1;, &man.csh.1;, and &man.tcsh.1; shells. - - Symbolic substitution fields are prefixed with a - $. - - Symbolic fields do not have the $ prefix. - - The value to populate the symbolic field must be enclosed - between double quotes ("). - - Start the rule file with something like this: - - ############# Start of IPF rules script ######################## - -oif="dc0" # name of the outbound interface -odns="192.0.2.11" # ISP's DNS server IP address -myip="192.0.2.7" # my static IP address from ISP -ks="keep state" -fks="flags S keep state" - -# You can choose between building /etc/ipf.rules file -# from this script or running this script "as is". -# -# Uncomment only one line and comment out another. -# -# 1) This can be used for building /etc/ipf.rules: -#cat > /etc/ipf.rules << EOF -# -# 2) This can be used to run script "as is": -/sbin/ipf -Fa -f - << EOF - -# Allow out access to my ISP's Domain name server. -pass out quick on $oif proto tcp from any to $odns port = 53 $fks -pass out quick on $oif proto udp from any to $odns port = 53 $ks - -# Allow out non-secure standard www function -pass out quick on $oif proto tcp from $myip to any port = 80 $fks - -# Allow out secure www function https over TLS SSL -pass out quick on $oif proto tcp from $myip to any port = 443 $fks -EOF -################## End of IPF rules script ######################## - - The rules are not important in this example as it instead - focuses on how the symbolic substitution fields are populated. - If this example was in a file named - /etc/ipf.rules.script, these rules could - be reloaded by running: - - &prompt.root; sh /etc/ipf.rules.script - - There is one problem with using a rules file with embedded - symbolics: IPF does not understand symbolic substitution, and - cannot read such scripts directly. - - This script can be used in one of two ways: - - - - Uncomment the line that begins with - cat, and comment out the line that - begins with /sbin/ipf. Place - ipfilter_enable="YES" into - /etc/rc.conf, and run the script - once after each modification to create or update - /etc/ipf.rules. - - - - Disable IPFILTER in the - system startup scripts by adding - ipfilter_enable="NO"to - /etc/rc.conf. - - Then, add a script like the following to - /usr/local/etc/rc.d/. The script - should have an obvious name like - ipf.loadrules.sh, where the - .sh extension is mandatory. - - #!/bin/sh -sh /etc/ipf.rules.script - - The permissions on this script file must be read, - write, execute for owner - root: - - &prompt.root; chmod 700 /usr/local/etc/rc.d/ipf.loadrules.sh - - - - Now, when the system boots, the IPF rules will be - loaded. - - Configuring <acronym>NAT</acronym> @@ -2286,144 +2209,57 @@ sh /etc/ipf.rules.scriptNAT - NAT stands for Network - Address Translation. The IPF - NAT function enables the private LAN behind - the firewall to share a single ISP-assigned IP address, even - if that address is dynamically assigned. NAT allows each - computer in the LAN to have Internet access, without - having to pay the ISP for multiple Internet accounts or IP - addresses. - - In IPF, when a packet arrives at the firewall from the LAN - with a public destination, it passes through the outbound - filter rules. NAT gets its turn at the - packet and applies its rules top down, where the first - matching rule wins. NAT tests each of its - rules against the packet's interface name and source IP - address. When a packet's interface name matches a - NAT rule, the packet's source IP address in - the private LAN is checked to see if it falls within the IP - address range specified to the left of the arrow symbol on the - NAT rule. On a match, the packet has its - source IP address rewritten with the public IP address - obtained by the 0/32 keyword. - NAT posts an entry in its internal - NAT table so when the packet returns from - the public Internet it can be mapped back to its original - private IP address and then passed to the filter rules for - processing. - - NAT will automatically translate the - private LAN IP address for each system on the LAN to the - single public IP address as packets exit the firewall bound - for the public Internet. It also performs the reverse - translation for returning packets. - - According to RFC 1918, the following IP address ranges are - reserved for private networks which will never be routed - directly to the public Internet, and therefore are available - for use with NAT: - - - - 10.0.0.0/8. - - - - 172.16.0.0/12. - - - - 192.168.0.0/16. - - - ipnat - To enable IPNAT, add these statements - to /etc/rc.conf. - - To enable the machine to route traffic between - interfaces: - - gateway_enable="YES" - - To start IPNAT automatically each - time: - - ipnat_enable="YES" - - To specify where to load the IPNAT - rules from: - - ipnat_rules="/etc/ipnat.rules" - - NAT rules are loaded using - ipnat. Typically, the - NAT rules are stored in - /etc/ipnat.rules. See &man.ipnat.8; for - details. - - When the file containing the NAT rules - is edited after NAT has been started, run - ipnat with to delete - the internal in use NAT rules and flush the - contents of the translation table of all active - entries. - - To reload the NAT rules, issue a - command like this: - - &prompt.root; ipnat -CF -f - /etc/ipnat.rules - - To display some NAT statistics, use - this command: - - &prompt.root; ipnat -s - - To list the NAT table's current - mappings, use this command: - - &prompt.root; ipnat -l - - To turn verbose mode on and display information relating - to rule processing and active rules/table entries: - - &prompt.root; ipnat -v + To enable NAT, add these statements + to /etc/rc.conf and specify the name of + the file containing the NAT rules: + + gateway_enable="YES" +ipnat_enable="YES" +ipnat_rules="/etc/ipnat.rules" NAT rules are flexible and can accomplish many different things to fit the needs of - commercial and home users. - - The rule syntax presented here has been simplified to - what is most commonly used in a non-commercial environment. + commercial and home users. The rule syntax presented here has been simplified to + demonstrate common usage. For a complete rule syntax description, refer to &man.ipnat.5;. The syntax for a NAT rule looks like - this: + this, where map starts the rule and + IF should be replaced with the + name of the external + interface: map IF LAN_IP_RANGE -> PUBLIC_ADDRESS - The keyword map starts the rule. - - Replace IF with the external - interface. - The LAN_IP_RANGE is used by the internal clients use for IP Addressing. Usually, this is something like 192.168.1.0/24. - - The PUBLIC_ADDRESS can either + class="ipaddress">192.168.1.0/24. The PUBLIC_ADDRESS can either be the static external IP address or the special keyword 0/32 which uses the IP address assigned to IF. - - <acronym>NAT</acronym> for a Large LAN + In IPF, when a packet arrives at the firewall from the LAN + with a public destination, it passes through the outbound + filter rules. NAT gets its turn at the + packet and applies its rules top down, where the first + matching rule wins. NAT tests each of its + rules against the packet's interface name and source IP + address. When a packet's interface name matches a + NAT rule, the packet's source IP address in + the private LAN is checked to see if it falls within the IP + address range specified to the left of the arrow symbol on the + NAT rule. On a match, the packet has its + source IP address rewritten with the public IP address + obtained by the 0/32 keyword. + NAT posts an entry in its internal + NAT table so when the packet returns from + the public Internet it can be mapped back to its original + private IP address and then passed to the filter rules for + processing. For networks that have large numbers of systems on the LAN or networks with more than a single LAN, the process of @@ -2476,16 +2312,12 @@ sh /etc/ipf.rules.scriptor using CIDR notation: map dc0 192.168.1.0/24 -> 204.134.75.0/24 - - - - Port Redirection A common practice is to have a web server, email server, database server, and DNS server each segregated to a different system on the LAN. In this case, the traffic from these servers still has to undergo NAT, - but there has to be some way to direct the inbound traffic + but port redirection is also needed to direct the inbound traffic to the correct server. For example, a web server operating on LAN address 10.0.10.25 and using a @@ -2504,10 +2336,6 @@ sh /etc/ipf.rules.script rdr dc0 20.20.20.5/32 port 53 -> 10.0.10.33 port 53 udp - - - - FTP and <acronym>NAT</acronym> FTP has two modes: active mode and passive mode. The difference is in how the data channel is acquired. Passive @@ -2564,7 +2392,145 @@ pass out quick on rl0 proto tcp from any # Active mode let data channel in from FTP server pass in quick on rl0 proto tcp from any to any port = 20 flags S keep state - + + When the file containing the NAT rules + is edited after NAT has been started, run + ipnat with to delete + the internal in use NAT rules and flush the + contents of the translation table of all active + entries. + + To reload the NAT rules, issue a + command like this: + + &prompt.root; ipnat -CF -f + /etc/ipnat.rules + + To display some NAT statistics, use + this command: + + &prompt.root; ipnat -s + + To list the NAT table's current + mappings, use this command: + + &prompt.root; ipnat -l + + To turn verbose mode on and display information relating + to rule processing and active rules/table entries: + + &prompt.root; ipnat -v + + + + Building the Rule Script with Symbolic + Substitution + + Some experienced IPF users create a file containing the + rules and code them in a manner compatible with running them + as a script with symbolic substitution. The major benefit + of doing this is that only the value associated with the + symbolic name needs to be changed, and when the script is + run all the rules containing the symbolic name will have the + value substituted in the rules. Being a script, symbolic + substitution can be used to code frequently used values and + substitute them in multiple rules. This can be seen in the + following example. + + The script syntax used here is compatible with the + &man.sh.1;, &man.csh.1;, and &man.tcsh.1; shells. + + Symbolic substitution fields are prefixed with a + $. + + Symbolic fields do not have the $ prefix. + + The value to populate the symbolic field must be enclosed + between double quotes ("). + + Start the rule file with something like this: + + ############# Start of IPF rules script ######################## + +oif="dc0" # name of the outbound interface +odns="192.0.2.11" # ISP's DNS server IP address +myip="192.0.2.7" # my static IP address from ISP +ks="keep state" +fks="flags S keep state" + +# You can choose between building /etc/ipf.rules file +# from this script or running this script "as is". +# +# Uncomment only one line and comment out another. +# +# 1) This can be used for building /etc/ipf.rules: +#cat > /etc/ipf.rules << EOF +# +# 2) This can be used to run script "as is": +/sbin/ipf -Fa -f - << EOF + +# Allow out access to my ISP's Domain name server. +pass out quick on $oif proto tcp from any to $odns port = 53 $fks +pass out quick on $oif proto udp from any to $odns port = 53 $ks + +# Allow out non-secure standard www function +pass out quick on $oif proto tcp from $myip to any port = 80 $fks + +# Allow out secure www function https over TLS SSL +pass out quick on $oif proto tcp from $myip to any port = 443 $fks +EOF +################## End of IPF rules script ######################## + + The rules are not important in this example as it instead + focuses on how the symbolic substitution fields are populated. + If this example was in a file named + /etc/ipf.rules.script, these rules could + be reloaded by running: + + &prompt.root; sh /etc/ipf.rules.script + + There is one problem with using a rules file with embedded + symbolics: IPF does not understand symbolic substitution, and + cannot read such scripts directly. + + This script can be used in one of two ways: + + + + Uncomment the line that begins with + cat, and comment out the line that + begins with /sbin/ipf. Place + ipfilter_enable="YES" into + /etc/rc.conf, and run the script + once after each modification to create or update + /etc/ipf.rules. + + + + Disable IPFILTER in the + system startup scripts by adding + ipfilter_enable="NO"to + /etc/rc.conf. + + Then, add a script like the following to + /usr/local/etc/rc.d/. The script + should have an obvious name like + ipf.loadrules.sh, where the + .sh extension is mandatory. + + #!/bin/sh +sh /etc/ipf.rules.script + + The permissions on this script file must be read, + write, execute for owner + root: + + &prompt.root; chmod 700 /usr/local/etc/rc.d/ipf.loadrules.sh + + + + Now, when the system boots, the IPF rules will be + loaded. From owner-svn-doc-all@FreeBSD.ORG Sun Feb 23 20:18:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CBF4E188; Sun, 23 Feb 2014 20:18:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 9C30A11A4; Sun, 23 Feb 2014 20:18:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1NKIuOW010270; Sun, 23 Feb 2014 20:18:56 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1NKIuLj010269; Sun, 23 Feb 2014 20:18:56 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201402232018.s1NKIuLj010269@svn.freebsd.org> From: Dru Lavigne Date: Sun, 23 Feb 2014 20:18:56 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44038 - head/en_US.ISO8859-1/books/handbook/firewalls X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 23 Feb 2014 20:18:57 -0000 Author: dru Date: Sun Feb 23 20:18:56 2014 New Revision: 44038 URL: http://svnweb.freebsd.org/changeset/doc/44038 Log: Editorial pass through first 1/2 of IPF NAT section. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Sun Feb 23 16:11:36 2014 (r44037) +++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Sun Feb 23 20:18:56 2014 (r44038) @@ -178,6 +178,13 @@ Check out this link for port numbers used by Trojans http://www.sans.org/security-resources/idfaq/oddports.php. + FTP has two modes: active mode and passive mode. The + difference is in how the data channel is acquired. Passive + mode is more secure as the data channel is acquired by the + ordinal ftp session requester. For a good explanation of + FTP and the different modes, see http://www.slacksite.com/other/ftp.html. + A firewall ruleset can be either exclusive or inclusive. An exclusive firewall allows all traffic through except for the @@ -2220,167 +2227,143 @@ ipnat_enable="YES" ipnat_rules="/etc/ipnat.rules" NAT rules are flexible and can - accomplish many different things to fit the needs of + accomplish many different things to fit the needs of both commercial and home users. The rule syntax presented here has been simplified to demonstrate common usage. For a complete rule syntax description, refer to &man.ipnat.5;. - The syntax for a NAT rule looks like - this, where map starts the rule and + The basic syntax for a NAT rule is as + follows, where map starts the rule and IF should be replaced with the name of the external interface: map IF LAN_IP_RANGE -> PUBLIC_ADDRESS - The LAN_IP_RANGE is used by the - internal clients use for IP Addressing. Usually, this is - something like The LAN_IP_RANGE is the range + of IP addresses used by + internal clients. Usually, it is a private address range + such as 192.168.1.0/24. The PUBLIC_ADDRESS can either - be the static external IP address or the special keyword - 0/32 which uses the IP address assigned to + be the static external IP address or the keyword + 0/32 which represents the IP address assigned to IF. - In IPF, when a packet arrives at the firewall from the LAN - with a public destination, it passes through the outbound - filter rules. NAT gets its turn at the - packet and applies its rules top down, where the first - matching rule wins. NAT tests each of its - rules against the packet's interface name and source IP + In IPF, when a packet arrives + at the firewall from the LAN + with a public destination, it first passes through the outbound + rules of the firewall ruleset. Then, the packet is passed to the NAT ruleset + which is read from the top down, where the first + matching rule wins. IPF tests each + NAT rule against the packet's interface name and source IP address. When a packet's interface name matches a - NAT rule, the packet's source IP address in - the private LAN is checked to see if it falls within the IP - address range specified to the left of the arrow symbol on the - NAT rule. On a match, the packet has its - source IP address rewritten with the public IP address - obtained by the 0/32 keyword. - NAT posts an entry in its internal - NAT table so when the packet returns from - the public Internet it can be mapped back to its original - private IP address and then passed to the filter rules for - processing. - - For networks that have large numbers of systems on the - LAN or networks with more than a single LAN, the process of - funneling all those private IP addresses into a single - public IP address becomes a resource problem that may cause - problems with the same port numbers being used many times - across many connections, causing collisions. This section - describes two ways to relieve this resource problem. + NAT rule, the packet's source IP address in + the private LAN is checked to see if it falls within the IP + address range specified in LAN_IP_RANGE. + On a match, the packet has its + source IP address rewritten with the public IP address + specified by PUBLIC_ADDRESS. + IPF posts an entry in its internal + NAT table so that when the packet returns from + the Internet, it can be mapped back to its original + private IP address before being passed to the firewall rules for + further processing. + + For networks that have large numbers of internal systems + or multiple subnets, the process of + funneling every private IP address into a single + public IP address becomes a resource problem. Two methods + are available to relieve this issue. - The first method is to assign ports to use. A normal - NAT rule would look like: - - map dc0 192.168.1.0/24 -> 0/32 - - In the above rule, the packet's source port is unchanged - as the packet passes through IPNAT. By + The first method is to assign a range of ports to use + as source ports. By adding the portmap keyword, - IPNAT can be directed to only use - source ports in the specified range. For example, the - following rule will tell IPNAT to modify - the source port to be within the range shown: + NAT can be directed to only use + source ports in the specified range: map dc0 192.168.1.0/24 -> 0/32 portmap tcp/udp 20000:60000 - Additionally, the auto keyword tells - IPNAT to determine which ports are + Alternately, use the auto keyword which tells + NAT to determine the ports that are available for use: map dc0 192.168.1.0/24 -> 0/32 portmap tcp/udp auto The second method is to use a pool of public addresses. - In very large LANs there comes a point where there are - just too many LAN addresses to fit into a single public - address. If a block of public IP addresses is available, - these addresses can be used as a pool, and - IPNAT may pick one of the public IP - addresses as packet addresses are mapped on their way + This is useful when there are + too many LAN addresses to fit into a single public + address and a block of public IP addresses is available. + These public addresses can be used as a pool from which + NAT selects an IP address + as a packet's address is mapped on its way out. - For example, instead of mapping all packets through a - single public IP address: - - map dc0 192.168.1.0/24 -> 204.134.75.1 - - A range of public IP addresses can be specified either - with a netmask: - - map dc0 192.168.1.0/24 -> 204.134.75.0/255.255.255.0 - - or using CIDR notation: - - map dc0 192.168.1.0/24 -> 204.134.75.0/24 - - A common practice is to have a web server, email server, - database server, and DNS server each segregated to a - different system on the LAN. In this case, the traffic from + The range of public IP addresses can + be specified + using a netmask or CIDR notation. These + two rules are equivalent: + + map dc0 192.168.1.0/24 -> 204.134.75.0/255.255.255.0 +map dc0 192.168.1.0/24 -> 204.134.75.0/24 + + A common practice is to have a publically accessible web server or mail server + segregated to an internal + network segment. The traffic from these servers still has to undergo NAT, - but port redirection is also needed to direct the inbound traffic - to the correct server. For example, a web server operating - on LAN address 10.0.10.25 and using a - single public IP address of 20.20.20.5, would use this + but port redirection is needed to direct inbound traffic + to the correct server. For example, to map a web server using + the internal address 10.0.10.25 to its + public IP address of 20.20.20.5, use this rule: rdr dc0 20.20.20.5/32 port 80 -> 10.0.10.25 port 80 - or: + If it is the only web server, this rule would also work + as it redirects all external HTTP + requests to 10.0.10.25: rdr dc0 0.0.0.0/0 port 80 -> 10.0.10.25 port 80 - For a LAN DNS server on a private address of - 10.0.10.33 that - needs to receive public DNS requests: - - rdr dc0 20.20.20.5/32 port 53 -> 10.0.10.33 port 53 udp - - FTP has two modes: active mode and passive mode. The - difference is in how the data channel is acquired. Passive - mode is more secure as the data channel is acquired by the - ordinal ftp session requester. For a good explanation of - FTP and the different modes, see http://www.slacksite.com/other/ftp.html. - - IPNAT has a built in FTP proxy option - which can be specified on the NAT map - rule. It can monitor all outbound packet traffic for FTP - active or passive start session requests and dynamically - create temporary filter rules containing the port number - being used by the data channel. This eliminates the - security risk FTP normally exposes the firewall to as it no - longer needs to open large ranges of high order ports for - FTP connections. + IPF has a built in + FTP proxy + which can be used with NAT. + It monitors all outbound traffic for active or passive FTP + connection requests and dynamically + creates temporary filter rules containing the port number + used by the FTP data channel. This eliminates the + need to open large ranges of high order ports for + FTP connections. This rule will handle all the traffic for the internal LAN: map dc0 10.0.10.0/29 -> 0/32 proxy port 21 ftp/tcp - This rule handles the FTP traffic from the + This rule handles the FTP traffic from the gateway: map dc0 0.0.0.0/0 -> 0/32 proxy port 21 ftp/tcp - This rule handles all non-FTP traffic from the internal + This rule handles all non-FTP traffic from the internal LAN: map dc0 10.0.10.0/29 -> 0/32 - The FTP map rules go before the + The FTP map rules go before the NAT rule so that when a packet matches an - FTP rule, the FTP proxy creates temporary filter rules to - let the FTP session packets pass and undergo - NAT. All LAN packets that are not FTP - will not match the FTP rules but will undergo + FTP rule, the FTP proxy creates temporary filter rules to + let the FTP session packets pass and undergo + NAT. All LAN packets that are not FTP + will not match the FTP rules but will undergo NAT if they match the third rule. - Only one filter rule is needed for FTP if the - NAT FTP proxy is used. + Only one filter rule is needed for FTP if the + NAT FTP proxy is used. - Without the FTP proxy, the following three rules will be + Without the FTP proxy, the following three rules will be needed: # Allow out LAN PC client FTP to public Internet From owner-svn-doc-all@FreeBSD.ORG Mon Feb 24 04:16:59 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 93E3240B; Mon, 24 Feb 2014 04:16:59 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 7CB9B1C88; Mon, 24 Feb 2014 04:16:59 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1O4GxGM005802; Mon, 24 Feb 2014 04:16:59 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1O4Gx6k005801; Mon, 24 Feb 2014 04:16:59 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201402240416.s1O4Gx6k005801@svn.freebsd.org> From: Dru Lavigne Date: Mon, 24 Feb 2014 04:16:59 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44039 - head/en_US.ISO8859-1/books/handbook/firewalls X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Feb 2014 04:16:59 -0000 Author: dru Date: Mon Feb 24 04:16:59 2014 New Revision: 44039 URL: http://svnweb.freebsd.org/changeset/doc/44039 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Sun Feb 23 20:18:56 2014 (r44038) +++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Mon Feb 24 04:16:59 2014 (r44039) @@ -179,11 +179,11 @@ xlink:href="http://www.sans.org/security-resources/idfaq/oddports.php">http://www.sans.org/security-resources/idfaq/oddports.php. FTP has two modes: active mode and passive mode. The - difference is in how the data channel is acquired. Passive - mode is more secure as the data channel is acquired by the - ordinal ftp session requester. For a good explanation of - FTP and the different modes, see http://www.slacksite.com/other/ftp.html. + difference is in how the data channel is acquired. Passive + mode is more secure as the data channel is acquired by the + ordinal ftp session requester. For a good explanation of FTP + and the different modes, see http://www.slacksite.com/other/ftp.html. A firewall ruleset can be either exclusive or inclusive. An @@ -234,38 +234,37 @@ flood of different attack methods employed by attackers. NAT stands for Network - Address Translation. - NAT function enables the private LAN behind - the firewall to share a single ISP-assigned IP address, even - if that address is dynamically assigned. NAT allows each - computer in the LAN to have Internet access, without - having to pay the ISP for multiple Internet accounts or IP - addresses. - - NAT will automatically translate the - private LAN IP address for each system on the LAN to the - single public IP address as packets exit the firewall bound - for the public Internet. It also performs the reverse - translation for returning packets. - - According to RFC 1918, the following IP address ranges are - reserved for private networks which will never be routed - directly to the public Internet, and therefore are available - for use with NAT: - - - - 10.0.0.0/8. - - - - 172.16.0.0/12. - - - - 192.168.0.0/16. - - + Address Translation. NAT + function enables the private LAN behind the firewall to share a + single ISP-assigned IP address, even if that address is + dynamically assigned. NAT allows each computer in the LAN to + have Internet access, without having to pay the ISP for multiple + Internet accounts or IP addresses. + + NAT will automatically translate the + private LAN IP address for each system on the LAN to the + single public IP address as packets exit the firewall bound for + the public Internet. It also performs the reverse translation + for returning packets. + + According to RFC 1918, the following IP address ranges are + reserved for private networks which will never be routed + directly to the public Internet, and therefore are available + for use with NAT: + + + + 10.0.0.0/8. + + + + 172.16.0.0/12. + + + + 192.168.0.0/16. + + When working with the firewall rules, be very @@ -2228,145 +2227,146 @@ ipnat_rules="/etc/ipnat.rules"NAT rules are flexible and can accomplish many different things to fit the needs of both - commercial and home users. The rule syntax presented here has been simplified to - demonstrate common usage. - For a complete rule syntax description, refer to - &man.ipnat.5;. + commercial and home users. The rule syntax presented here has + been simplified to demonstrate common usage. For a complete + rule syntax description, refer to &man.ipnat.5;. The basic syntax for a NAT rule is as - follows, where map starts the rule and + follows, where map starts the rule and IF should be replaced with the - name of the external - interface: + name of the external interface: map IF LAN_IP_RANGE -> PUBLIC_ADDRESS The LAN_IP_RANGE is the range - of IP addresses used by - internal clients. Usually, it is a private address range - such as 192.168.1.0/24. The PUBLIC_ADDRESS can either - be the static external IP address or the keyword - 0/32 which represents the IP address assigned to + of IP addresses used by internal clients. + Usually, it is a private address range such as 192.168.1.0/24. The + PUBLIC_ADDRESS can either be the + static external IP address or the keyword + 0/32 which represents the + IP address assigned to IF. In IPF, when a packet arrives - at the firewall from the LAN - with a public destination, it first passes through the outbound - rules of the firewall ruleset. Then, the packet is passed to the NAT ruleset - which is read from the top down, where the first - matching rule wins. IPF tests each - NAT rule against the packet's interface name and source IP - address. When a packet's interface name matches a - NAT rule, the packet's source IP address in - the private LAN is checked to see if it falls within the IP - address range specified in LAN_IP_RANGE. - On a match, the packet has its - source IP address rewritten with the public IP address - specified by PUBLIC_ADDRESS. + at the firewall from the LAN with a public + destination, it first passes through the outbound rules of the + firewall ruleset. Then, the packet is passed to the + NAT ruleset which is read from the top + down, where the first matching rule wins. + IPF tests each + NAT rule against the packet's interface + name and source IP address. When a + packet's interface name matches a NAT rule, + the packet's source IP address in the + private LAN is checked to see if it falls + within the IP address range specified in + LAN_IP_RANGE. On a match, the + packet has its source IP address rewritten + with the public IP address specified by + PUBLIC_ADDRESS. IPF posts an entry in its internal - NAT table so that when the packet returns from - the Internet, it can be mapped back to its original - private IP address before being passed to the firewall rules for - further processing. - - For networks that have large numbers of internal systems - or multiple subnets, the process of - funneling every private IP address into a single - public IP address becomes a resource problem. Two methods - are available to relieve this issue. - - The first method is to assign a range of ports to use - as source ports. By - adding the portmap keyword, - NAT can be directed to only use - source ports in the specified range: - - map dc0 192.168.1.0/24 -> 0/32 portmap tcp/udp 20000:60000 - - Alternately, use the auto keyword which tells - NAT to determine the ports that are - available for use: - - map dc0 192.168.1.0/24 -> 0/32 portmap tcp/udp auto - - The second method is to use a pool of public addresses. - This is useful when there are - too many LAN addresses to fit into a single public - address and a block of public IP addresses is available. - These public addresses can be used as a pool from which - NAT selects an IP address - as a packet's address is mapped on its way - out. - - The range of public IP addresses can - be specified - using a netmask or CIDR notation. These - two rules are equivalent: + NAT table so that when the packet returns + from the Internet, it can be mapped back to its original + private IP address before being passed to + the firewall rules for further processing. + + For networks that have large numbers of internal systems + or multiple subnets, the process of funneling every private + IP address into a single public + IP address becomes a resource problem. + Two methods are available to relieve this issue. + + The first method is to assign a range of ports to use as + source ports. By adding the portmap + keyword, NAT can be directed to only use + source ports in the specified range: + + map dc0 192.168.1.0/24 -> 0/32 portmap tcp/udp 20000:60000 + + Alternately, use the auto keyword + which tells NAT to determine the ports + that are available for use: + + map dc0 192.168.1.0/24 -> 0/32 portmap tcp/udp auto + + The second method is to use a pool of public addresses. + This is useful when there are too many + LAN addresses to fit into a single public + address and a block of public IP addresses + is available. These public addresses can be used as a pool + from which NAT selects an + IP address as a packet's address is + mapped on its way out. + + The range of public IP addresses can + be specified using a netmask or CIDR + notation. These two rules are equivalent: - map dc0 192.168.1.0/24 -> 204.134.75.0/255.255.255.0 + map dc0 192.168.1.0/24 -> 204.134.75.0/255.255.255.0 map dc0 192.168.1.0/24 -> 204.134.75.0/24 - A common practice is to have a publically accessible web server or mail server - segregated to an internal - network segment. The traffic from - these servers still has to undergo NAT, - but port redirection is needed to direct inbound traffic - to the correct server. For example, to map a web server using - the internal address 10.0.10.25 to its - public IP address of 20.20.20.5, use this - rule: + A common practice is to have a publically accessible web + server or mail server segregated to an internal network + segment. The traffic from these servers still has to undergo + NAT, but port redirection is needed to + direct inbound traffic to the correct server. For example, to + map a web server using the internal address 10.0.10.25 to its public + IP address of 20.20.20.5, use this + rule: + + rdr dc0 20.20.20.5/32 port 80 -> 10.0.10.25 port 80 + + If it is the only web server, this rule would also work as + it redirects all external HTTP requests to + 10.0.10.25: + + rdr dc0 0.0.0.0/0 port 80 -> 10.0.10.25 port 80 + + IPF has a built in + FTP proxy which can be used with + NAT. It monitors all outbound traffic for + active or passive FTP connection requests + and dynamically creates temporary filter rules containing the + port number used by the FTP data channel. + This eliminates the need to open large ranges of high order + ports for FTP connections. + + This rule will handle all the traffic for the internal + LAN: + + map dc0 10.0.10.0/29 -> 0/32 proxy port 21 ftp/tcp + + This rule handles the FTP traffic from + the gateway: + + map dc0 0.0.0.0/0 -> 0/32 proxy port 21 ftp/tcp + + This rule handles all non-FTP traffic + from the internal LAN: + + map dc0 10.0.10.0/29 -> 0/32 + + The FTP map rules go + before the NAT rule so that when a packet + matches an FTP rule, the + FTP proxy creates temporary filter rules to + let the FTP session packets pass and + undergo NAT. All LAN packets that are not + FTP will not match the + FTP rules but will undergo + NAT if they match the third rule. + + Only one filter rule is needed for FTP + if the NAT FTP proxy is + used. - rdr dc0 20.20.20.5/32 port 80 -> 10.0.10.25 port 80 - - If it is the only web server, this rule would also work - as it redirects all external HTTP - requests to 10.0.10.25: - - rdr dc0 0.0.0.0/0 port 80 -> 10.0.10.25 port 80 - - IPF has a built in - FTP proxy - which can be used with NAT. - It monitors all outbound traffic for active or passive FTP - connection requests and dynamically - creates temporary filter rules containing the port number - used by the FTP data channel. This eliminates the - need to open large ranges of high order ports for - FTP connections. - - This rule will handle all the traffic for the internal - LAN: - - map dc0 10.0.10.0/29 -> 0/32 proxy port 21 ftp/tcp - - This rule handles the FTP traffic from the - gateway: - - map dc0 0.0.0.0/0 -> 0/32 proxy port 21 ftp/tcp - - This rule handles all non-FTP traffic from the internal - LAN: - - map dc0 10.0.10.0/29 -> 0/32 - - The FTP map rules go before the - NAT rule so that when a packet matches an - FTP rule, the FTP proxy creates temporary filter rules to - let the FTP session packets pass and undergo - NAT. All LAN packets that are not FTP - will not match the FTP rules but will undergo - NAT if they match the third rule. - - Only one filter rule is needed for FTP if the - NAT FTP proxy is used. - - Without the FTP proxy, the following three rules will be - needed: + Without the FTP proxy, the following + three rules will be needed: - # Allow out LAN PC client FTP to public Internet + # Allow out LAN PC client FTP to public Internet # Active and passive modes pass out quick on rl0 proto tcp from any to any port = 21 flags S keep state From owner-svn-doc-all@FreeBSD.ORG Mon Feb 24 06:18:16 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B72CDB79; Mon, 24 Feb 2014 06:18:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id A27B11727; Mon, 24 Feb 2014 06:18:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1O6IGod053739; Mon, 24 Feb 2014 06:18:16 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1O6IGbe053738; Mon, 24 Feb 2014 06:18:16 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201402240618.s1O6IGbe053738@svn.freebsd.org> From: Glen Barber Date: Mon, 24 Feb 2014 06:18:16 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44040 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Feb 2014 06:18:16 -0000 Author: gjb Date: Mon Feb 24 06:18:16 2014 New Revision: 44040 URL: http://svnweb.freebsd.org/changeset/doc/44040 Log: Consistently add the trailing '/' after /pub/FreeBSD Sponsored by: The FreeBSD Foundation Modified: head/share/xml/mirrors.xml Modified: head/share/xml/mirrors.xml ============================================================================== --- head/share/xml/mirrors.xml Mon Feb 24 04:16:59 2014 (r44039) +++ head/share/xml/mirrors.xml Mon Feb 24 06:18:16 2014 (r44040) @@ -1041,8 +1041,8 @@ ftp6.se.FreeBSD.org - ftp://ftp6.se.FreeBSD.org/pub/FreeBSD - http://ftp6.se.FreeBSD.org/pub/FreeBSD + ftp://ftp6.se.FreeBSD.org/pub/FreeBSD/ + http://ftp6.se.FreeBSD.org/pub/FreeBSD/ From owner-svn-doc-all@FreeBSD.ORG Mon Feb 24 12:06:50 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 342FD7BC; Mon, 24 Feb 2014 12:06:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 208FB1CCD; Mon, 24 Feb 2014 12:06:50 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1OC6njv095266; Mon, 24 Feb 2014 12:06:49 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1OC6n4m095265; Mon, 24 Feb 2014 12:06:49 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201402241206.s1OC6n4m095265@svn.freebsd.org> From: Remko Lodder Date: Mon, 24 Feb 2014 12:06:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44041 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Feb 2014 12:06:50 -0000 Author: remko Date: Mon Feb 24 12:06:49 2014 New Revision: 44041 URL: http://svnweb.freebsd.org/changeset/doc/44041 Log: Add ftp6.ua.freebsd.org as a mirror, it seems to service ftp/http and rsync. cvsup didn't reply and is actually not being pushed anymore as a public servers from our (FreeBSD) end so I didn't list it as such. PR: 175861 Modified: head/share/xml/mirrors.xml Modified: head/share/xml/mirrors.xml ============================================================================== --- head/share/xml/mirrors.xml Mon Feb 24 06:18:16 2014 (r44040) +++ head/share/xml/mirrors.xml Mon Feb 24 12:06:49 2014 (r44041) @@ -1229,6 +1229,13 @@ + ftp6.ua.FreeBSD.org + ftp://ftp6.ua.FreeBSD.org/pub/FreeBSD/ + http://ftp6.ua.FreeBSD.org/pub/FreeBSD + rsync://ftp6.ua.FreeBSD.org/FreeBSD/> + + + ftp7.ua.FreeBSD.org ftp://ftp7.ua.FreeBSD.org/pub/FreeBSD/ From owner-svn-doc-all@FreeBSD.ORG Mon Feb 24 15:55:32 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D309884A; Mon, 24 Feb 2014 15:55:32 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id BE83F1690; Mon, 24 Feb 2014 15:55:32 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1OFtWhr090621; Mon, 24 Feb 2014 15:55:32 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1OFtWwp090619; Mon, 24 Feb 2014 15:55:32 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201402241555.s1OFtWwp090619@svn.freebsd.org> From: Glen Barber Date: Mon, 24 Feb 2014 15:55:32 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44042 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Feb 2014 15:55:32 -0000 Author: gjb Date: Mon Feb 24 15:55:32 2014 New Revision: 44042 URL: http://svnweb.freebsd.org/changeset/doc/44042 Log: Remove nonexistent ftp4.fr.FreeBSD.org. Sponsored by: The FreeBSD Foundation Modified: head/share/xml/mirrors.xml Modified: head/share/xml/mirrors.xml ============================================================================== --- head/share/xml/mirrors.xml Mon Feb 24 12:06:49 2014 (r44041) +++ head/share/xml/mirrors.xml Mon Feb 24 15:55:32 2014 (r44042) @@ -398,16 +398,6 @@ - ftp4.fr.FreeBSD.org - ftp://ftp4.fr.FreeBSD.org/pub/FreeBSD/ - ftp://ftp4.fr.FreeBSD.org/pub/FreeBSD/ - http://ftp4.fr.FreeBSD.org/pub/FreeBSD/ - http://ftp4.fr.FreeBSD.org/pub/FreeBSD/ - rsync://ftp4.fr.FreeBSD.org/FreeBSD/ - rsync://ftp4.fr.FreeBSD.org/FreeBSD/ - - - ftp5.fr.FreeBSD.org ftp://ftp5.fr.FreeBSD.org/pub/FreeBSD/ From owner-svn-doc-all@FreeBSD.ORG Mon Feb 24 15:57:59 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BAEA1AFB; Mon, 24 Feb 2014 15:57:59 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id A71BA16BE; Mon, 24 Feb 2014 15:57:59 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1OFvxBx090969; Mon, 24 Feb 2014 15:57:59 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1OFvxUM090968; Mon, 24 Feb 2014 15:57:59 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201402241557.s1OFvxUM090968@svn.freebsd.org> From: Glen Barber Date: Mon, 24 Feb 2014 15:57:59 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44043 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Feb 2014 15:57:59 -0000 Author: gjb Date: Mon Feb 24 15:57:59 2014 New Revision: 44043 URL: http://svnweb.freebsd.org/changeset/doc/44043 Log: ftp2.pl does not respond on ftp port, only http. Sponsored by: The FreeBSD Foundation Modified: head/share/xml/mirrors.xml Modified: head/share/xml/mirrors.xml ============================================================================== --- head/share/xml/mirrors.xml Mon Feb 24 15:55:32 2014 (r44042) +++ head/share/xml/mirrors.xml Mon Feb 24 15:57:59 2014 (r44043) @@ -787,8 +787,6 @@ ftp2.pl.FreeBSD.org - ftp://ftp2.pl.FreeBSD.org/pub/FreeBSD/ - ftp://ftp2.pl.FreeBSD.org/pub/FreeBSD/ http://ftp2.pl.FreeBSD.org/pub/FreeBSD/ http://ftp2.pl.FreeBSD.org/pub/FreeBSD/ From owner-svn-doc-all@FreeBSD.ORG Mon Feb 24 16:09:52 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D5100F92; Mon, 24 Feb 2014 16:09:52 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C138617B6; Mon, 24 Feb 2014 16:09:52 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1OG9qNu095231; Mon, 24 Feb 2014 16:09:52 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1OG9q3F095230; Mon, 24 Feb 2014 16:09:52 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201402241609.s1OG9q3F095230@svn.freebsd.org> From: Glen Barber Date: Mon, 24 Feb 2014 16:09:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44044 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Feb 2014 16:09:52 -0000 Author: gjb Date: Mon Feb 24 16:09:52 2014 New Revision: 44044 URL: http://svnweb.freebsd.org/changeset/doc/44044 Log: ftp9.tw.FreeBSD.org stopped mirroring in 2010. Sponsored by: The FreeBSD Foundation Modified: head/share/xml/mirrors.xml Modified: head/share/xml/mirrors.xml ============================================================================== --- head/share/xml/mirrors.xml Mon Feb 24 15:57:59 2014 (r44043) +++ head/share/xml/mirrors.xml Mon Feb 24 16:09:52 2014 (r44044) @@ -1142,11 +1142,6 @@ - ftp9.tw.FreeBSD.org - ftp://ftp9.tw.FreeBSD.org/pub/FreeBSD/ - - - ftp10.tw.FreeBSD.org ftp://ftp10.tw.FreeBSD.org/pub/FreeBSD/ From owner-svn-doc-all@FreeBSD.ORG Mon Feb 24 16:12:15 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 00B5780; Mon, 24 Feb 2014 16:12:14 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id E0F101845; Mon, 24 Feb 2014 16:12:14 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1OGCEvt098352; Mon, 24 Feb 2014 16:12:14 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1OGCEMY098351; Mon, 24 Feb 2014 16:12:14 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201402241612.s1OGCEMY098351@svn.freebsd.org> From: Glen Barber Date: Mon, 24 Feb 2014 16:12:14 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44045 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Feb 2014 16:12:15 -0000 Author: gjb Date: Mon Feb 24 16:12:14 2014 New Revision: 44045 URL: http://svnweb.freebsd.org/changeset/doc/44045 Log: ftp3.tw.FreeBSD.org is out of sync since 2008. Sponsored by: The FreeBSD Foundation Modified: head/share/xml/mirrors.xml Modified: head/share/xml/mirrors.xml ============================================================================== --- head/share/xml/mirrors.xml Mon Feb 24 16:09:52 2014 (r44044) +++ head/share/xml/mirrors.xml Mon Feb 24 16:12:14 2014 (r44045) @@ -1110,11 +1110,6 @@ - ftp3.tw.FreeBSD.org - ftp://ftp3.tw.FreeBSD.org/pub/FreeBSD/ - - - ftp4.tw.FreeBSD.org ftp://ftp4.tw.FreeBSD.org/pub/FreeBSD/ From owner-svn-doc-all@FreeBSD.ORG Mon Feb 24 16:30:44 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A97317F7; Mon, 24 Feb 2014 16:30:44 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 9131219A1; Mon, 24 Feb 2014 16:30:44 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1OGUik1005722; Mon, 24 Feb 2014 16:30:44 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1OGUiUI005721; Mon, 24 Feb 2014 16:30:44 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201402241630.s1OGUiUI005721@svn.freebsd.org> From: Glen Barber Date: Mon, 24 Feb 2014 16:30:44 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44046 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Feb 2014 16:30:44 -0000 Author: gjb Date: Mon Feb 24 16:30:44 2014 New Revision: 44046 URL: http://svnweb.freebsd.org/changeset/doc/44046 Log: Remove ftp.sk and ftp2.sk. ftp.sk requires authentication, and ftp2.sk /pub/FreeBSD directory is empty. While here, remove cvsup server entry. Sponsored by: The FreeBSD Foundation Modified: head/share/xml/mirrors.xml Modified: head/share/xml/mirrors.xml ============================================================================== --- head/share/xml/mirrors.xml Mon Feb 24 16:12:14 2014 (r44045) +++ head/share/xml/mirrors.xml Mon Feb 24 16:30:44 2014 (r44046) @@ -873,36 +873,6 @@ ftpadmin@isu.net.sa - - Slovak Republic - - www.sk.FreeBSD.org - http://www.sk.FreeBSD.org/ - - - - ftp.sk.FreeBSD.org - ftp://ftp.sk.FreeBSD.org/pub/FreeBSD/ - ftp://ftp.sk.FreeBSD.org/pub/FreeBSD/ - http://ftp.sk.FreeBSD.org/pub/FreeBSD/ - http://ftp.sk.FreeBSD.org/pub/FreeBSD/ - - - - ftp2.sk.FreeBSD.org - ftp://ftp2.sk.FreeBSD.org/pub/FreeBSD/ - ftp://ftp2.sk.FreeBSD.org/pub/FreeBSD/ - http://ftp2.sk.FreeBSD.org/pub/FreeBSD/ - http://ftp2.sk.FreeBSD.org/pub/FreeBSD/ - - - - cvsup.sk.FreeBSD.org - - - hostmaster@sk.FreeBSD.org - - Slovenia From owner-svn-doc-all@FreeBSD.ORG Mon Feb 24 16:36:14 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 69112B3C; Mon, 24 Feb 2014 16:36:14 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 54A601A68; Mon, 24 Feb 2014 16:36:14 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1OGaE2q006822; Mon, 24 Feb 2014 16:36:14 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1OGaEE2006820; Mon, 24 Feb 2014 16:36:14 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201402241636.s1OGaEE2006820@svn.freebsd.org> From: Glen Barber Date: Mon, 24 Feb 2014 16:36:14 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44047 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Feb 2014 16:36:14 -0000 Author: gjb Date: Mon Feb 24 16:36:13 2014 New Revision: 44047 URL: http://svnweb.freebsd.org/changeset/doc/44047 Log: Remove ftp10.tw, no longer mirroring FreeBSD. Sponsored by: The FreeBSD Foundation Modified: head/share/xml/mirrors.xml Modified: head/share/xml/mirrors.xml ============================================================================== --- head/share/xml/mirrors.xml Mon Feb 24 16:30:44 2014 (r44046) +++ head/share/xml/mirrors.xml Mon Feb 24 16:36:13 2014 (r44047) @@ -1107,11 +1107,6 @@ - ftp10.tw.FreeBSD.org - ftp://ftp10.tw.FreeBSD.org/pub/FreeBSD/ - - - ftp11.tw.FreeBSD.org ftp://ftp11.tw.FreeBSD.org/pub/FreeBSD/ http://ftp11.tw.FreeBSD.org/FreeBSD/ From owner-svn-doc-all@FreeBSD.ORG Mon Feb 24 18:27:01 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A581BD04; Mon, 24 Feb 2014 18:27:01 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 92186165D; Mon, 24 Feb 2014 18:27:01 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1OIR1XN051214; Mon, 24 Feb 2014 18:27:01 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1OIR1vN051213; Mon, 24 Feb 2014 18:27:01 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201402241827.s1OIR1vN051213@svn.freebsd.org> From: Glen Barber Date: Mon, 24 Feb 2014 18:27:01 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44048 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Feb 2014 18:27:01 -0000 Author: gjb Date: Mon Feb 24 18:27:01 2014 New Revision: 44048 URL: http://svnweb.freebsd.org/changeset/doc/44048 Log: Remove ftp6.de, almost 6 years out of sync. Sponsored by: The FreeBSD Foundation Modified: head/share/xml/mirrors.xml Modified: head/share/xml/mirrors.xml ============================================================================== --- head/share/xml/mirrors.xml Mon Feb 24 16:36:13 2014 (r44047) +++ head/share/xml/mirrors.xml Mon Feb 24 18:27:01 2014 (r44048) @@ -473,12 +473,7 @@ ftp5.de.FreeBSD.org ftp://ftp5.de.FreeBSD.org/pub/FreeBSD/ - + ftp7.de.FreeBSD.org ftp://ftp7.de.FreeBSD.org/pub/FreeBSD/ From owner-svn-doc-all@FreeBSD.ORG Mon Feb 24 20:06:14 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 21B40D1C; Mon, 24 Feb 2014 20:06:14 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 0D5C01188; Mon, 24 Feb 2014 20:06:14 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1OK6Dho090837; Mon, 24 Feb 2014 20:06:13 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1OK6Dgw090836; Mon, 24 Feb 2014 20:06:13 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201402242006.s1OK6Dgw090836@svn.freebsd.org> From: Warren Block Date: Mon, 24 Feb 2014 20:06:13 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44049 - head/share/misc X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Feb 2014 20:06:14 -0000 Author: wblock Date: Mon Feb 24 20:06:13 2014 New Revision: 44049 URL: http://svnweb.freebsd.org/changeset/doc/44049 Log: Improve XHTML table of contents readability by reducing vertical spacing and using slightly larger fonts for headings. PR: docs/186858 Submitted by: Allan Jude Modified: head/share/misc/docbook.css Modified: head/share/misc/docbook.css ============================================================================== --- head/share/misc/docbook.css Mon Feb 24 18:27:01 2014 (r44048) +++ head/share/misc/docbook.css Mon Feb 24 20:06:13 2014 (r44049) @@ -120,19 +120,26 @@ body div { } dl { - margin: .8em 0; + margin: .4em 0 0 0; line-height: 1.2; } dt { font-weight: bold; - margin-top: 1em; + margin: 0.4em 0 0 0; +} + +div.abstract div.abstract-title, +div.toc div.toc-title, +div.list-of-figures div.toc-title, +div.list-of-tables div.toc-title, +div.list-of-examples div.toc-title { + font-size: 115%; } div.calloutlist dt { float: left; - width: 1em; -} + width: 1em;} div.calloutlist dd { clear: right; From owner-svn-doc-all@FreeBSD.ORG Tue Feb 25 12:09:07 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 69D3017B; Tue, 25 Feb 2014 12:09:07 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 55258119A; Tue, 25 Feb 2014 12:09:07 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1PC97ui088095; Tue, 25 Feb 2014 12:09:07 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1PC97pX088094; Tue, 25 Feb 2014 12:09:07 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201402251209.s1PC97pX088094@svn.freebsd.org> From: Ryusuke SUZUKI Date: Tue, 25 Feb 2014 12:09:07 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44050 - head/ja_JP.eucJP/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Tue, 25 Feb 2014 12:54:04 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Feb 2014 12:09:07 -0000 Author: ryusuke Date: Tue Feb 25 12:09:06 2014 New Revision: 44050 URL: http://svnweb.freebsd.org/changeset/doc/44050 Log: - Merge the following from the English version: r43778 -> r43780 head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Mon Feb 24 20:06:13 2014 (r44049) +++ head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Tue Feb 25 12:09:06 2014 (r44050) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43778 + Original revision: r43780 $FreeBSD$ --> &os; には二つの開発ブランチがあります。 それは &os.current; と &os.stable; です。 - この節ではそれぞれについて説明し、 - どのようにしてシステムの対応するブランチを最新の状態に保つかについて説明します。 - まずは &os.current;、次に &os.stable; について説明します。 + この節ではそれぞれのブランチと対象としている読者についての説明と、 + どのようにしてシステムの対応するブランチを最新の状態に保つかについて説明します。 訳: &a.hanai;、1996 年 11 月 6 日 &os.current; を使う - &os.current; とは &os; の開発の 最前線 です。 - &os.current; のユーザは高い技術力を持つことが要求され、 - 自分のシステムが抱える困難な問題を自力で解決できなければなりません。 - もし &os; を使い始めたばかりなら、 - これを運用することについて十分検討を重ねた方が良いでしょう。 + &os.current; とは &os; の開発の 最前線 なので、 + &os.current; のユーザは高い技術力を持つことが要求されます。 + そこまでの技術力を持っていないが、 + 開発ブランチを追いかけたいと考えているユーザは、 + かわりに &os.stable; を追いかけると良いでしょう。 - &os.current; は &os; の最新のソースコードです。 + &os.current; は &os; の最新のソースコードであり、 中には現在開発途上のソフトウェア、 実験的な変更、あるいは過渡的な機能などが含まれています。 また、この中に入っている機能がすべて、 次の公式リリースに入るとは限りません。&os.current; をソースからほぼ毎日コンパイルしている人はたくさんいますが、 - 時期によってはコンパイルさえできない状態になっていることもあります。 + 短い期間ではコンパイルさえできない状態になっている時期もあります。 これらの問題は可能な限り迅速に解決されますが、 &os.current; が不幸をもたらすか、 - それとも非常に素晴らしい機能をもたらすかは、 + それとも新しい機能をもたらすかは、 まさにソースコードを同期した瞬間によるのです! &os.current; は、 @@ -1186,51 +1185,41 @@ before running "/usr/sbin/freebsd-update ソースツリーのある部分に関して活発に作業している - &os; コミュニティのメンバ。 - 彼らにとっては 最新のもの にしておくのが - 絶対に必要なことなのです。 - + &os; コミュニティのメンバ。 + 活発にテストしている &os; コミュニティのメンバ。 - 彼らは、&os.current; - が 健全である ことを可能な限り保証するために、 - 種々の問題を解決するのに時間を惜しまない人々です。 - これらのテスターは、さまざまな変更に関する提案や - &os; の大まかな方向付けを行ないたいと思っている - 人々でもあり、それを実装するためのパッチを提示します。 + 彼らは、種々の問題を解決するのに時間を惜しまない人々であり、 + さまざまな変更に関する提案や + &os; の大まかな方向付けを行ないたいと思っている人々でもあり、 + パッチも提出します。 - 単に、さまざまな事に目を向け、 - 参考のために最新のソースを使いたいと思っている人々。 - これらの人々はまた、 - 時々コメントやコードを寄稿してくれます。 + さまざまな事に目を向け、 + 参考のために最新のソースを使いたいと思っていたり、 + 時々コメントやコードを寄稿したいと考えているユーザ。 - &os.current; - に期待してはいけないことは? - - - - 次のリリースの前に、最も早く新しい機能を入手すること。 - リリース前の機能は十分にテストされていないため、 - バグを含んでいく可能性が大いにあります。 - - - - バグを修正するための素早い方法。 - いかなるコミットは、 - 元からあるバグを修正するのと同じく、 - 新しいバグを生み出すおそれがあります。 - - - - 公式のサポート はありません。 - - + &os.current; は、次のリリースの前に、 + 最も早く新しい機能を入手する手段として、 + 期待してはいけません。 + リリース前の機能は十分にテストされていないため、 + バグを含んでいる可能性が大いにあるためです。 + また、バグを修正するための素早い方法でもありません。 + いかなるコミットは、元からあるバグを修正するのと同じく、 + 新しいバグを生み出すおそれがあります。 + &os.current; には 公式のサポート はありません。 + + + -CURRENT + using + + &os.current;: を追いかけるには + &a.current.name; と &a.svn-src-head.name;-CURRENT使用 メーリングリスト @@ -1254,60 +1243,31 @@ before running "/usr/sbin/freebsd-update - &os; ミラーサイト - からソースの入手するには、以下のようないくつかの方法があります。 - - - - svn - - Subversion - - - -CURRENT - Subversion - を使った同期 - - を使って、 - 希望する開発ブランチ、 - もしくはリリースブランチをチェックアウトしてください。 - この方法は、開発中の &os; リポジトリへのアクセスを提供しており、 - 推奨されています。 + &os.current; のソースを同期する。 + 特に svn を使って Subversion ミラーサイト のひとつの head ブランチから - -CURRENT コードをチェックアウトしてください。 - リポジトリサイズの観点から、 - 希望するサブツリーのみをチェックアウトすることが推奨されます。 + -CURRENT コードをチェックアウトしてください。 - - CTM - - -CURRENT - CTM を使った同期 - を用いる。 - 接続料が高額だったり、email でのアクセスしかできないような、 - あまり良質でない TCP/IP 接続の場合には、 - CTM - を利用すると良いでしょう。ただし、 - Subversion - ほどには信頼はできません。 - そのため、インターネットに接続しているシステムであれば、 - Subversion + インターネットの接続がとても遅かったり、 + 制限がある場合には、 + CTM + を利用すると良いでしょう。 + ただし、svn + ほどには信頼はできないので、 + svn を利用されることを推奨します。 - - - もし、ソースを眺めるだけでなく、 - 走らせるために入手するのであれば、 - 一部だけ選ぶのではなく、&os.current; - の全体を手に入れてください。 - ソースのさまざまな部分が他の部分の更新に依存しており、 - 一部のみをコンパイルしようとすると、 - ほぼ間違いなく問題が起きます。 + リポジトリのサイズが大きいため、興味のある部分や、 + パッチを当てる部分のソースのみを同期するユーザもいます。 + しかしながら、 + ソースからオペレーティングシステムをコンパイルしようと思っているユーザは、 + 一部分だけではなく、&os.current; の すべて + をダウンロードする必要があります。 &os.current; @@ -1330,7 +1290,7 @@ before running "/usr/sbin/freebsd-update アクティブになってください! &os.current; のユーザには、 拡張やバグ潰しに関して提案することが勧められています。 - コードを伴う提案はもっとも歓迎されるものです! + コードを伴う提案はいつでも歓迎されます! From owner-svn-doc-all@FreeBSD.ORG Tue Feb 25 15:57:18 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 406C5738; Tue, 25 Feb 2014 15:57:18 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 1ECED18A1; Tue, 25 Feb 2014 15:57:18 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1PFvHDj084747; Tue, 25 Feb 2014 15:57:17 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1PFvHjb084746; Tue, 25 Feb 2014 15:57:17 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201402251557.s1PFvHjb084746@svn.freebsd.org> From: Dru Lavigne Date: Tue, 25 Feb 2014 15:57:17 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44051 - head/en_US.ISO8859-1/books/handbook/firewalls X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Feb 2014 15:57:18 -0000 Author: dru Date: Tue Feb 25 15:57:17 2014 New Revision: 44051 URL: http://svnweb.freebsd.org/changeset/doc/44051 Log: Finish editorial pass through IPF NAT. Comment out symbolic substitution section for now. It is confusing as written and may no longer be needed with IPF's new syntax. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Tue Feb 25 12:09:06 2014 (r44050) +++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Tue Feb 25 15:57:17 2014 (r44051) @@ -2334,20 +2334,17 @@ map dc0 192.168.1.0/24 -> 204.134.75. This eliminates the need to open large ranges of high order ports for FTP connections. - This rule will handle all the traffic for the internal - LAN: - - map dc0 10.0.10.0/29 -> 0/32 proxy port 21 ftp/tcp - - This rule handles the FTP traffic from - the gateway: - - map dc0 0.0.0.0/0 -> 0/32 proxy port 21 ftp/tcp - - This rule handles all non-FTP traffic - from the internal LAN: - - map dc0 10.0.10.0/29 -> 0/32 + In this example, the first rule calls the proxy for + outbound FTP traffic from the internal + LAN. The second rule passes the + FTP traffic from the firewall to the + Internet, and the third rule handles all + non-FTP traffic from the internal + LAN: + + map dc0 10.0.10.0/29 -> 0/32 proxy port 21 ftp/tcp +map dc0 0.0.0.0/0 -> 0/32 proxy port 21 ftp/tcp +map dc0 10.0.10.0/29 -> 0/32 The FTP map rules go before the NAT rule so that when a packet @@ -2359,12 +2356,9 @@ map dc0 192.168.1.0/24 -> 204.134.75. FTP rules but will undergo NAT if they match the third rule. - Only one filter rule is needed for FTP - if the NAT FTP proxy is - used. - Without the FTP proxy, the following - three rules will be needed: + firewall rules would instead be needed. Note that without the proxy, + all ports above 1024 need to be allowed: # Allow out LAN PC client FTP to public Internet # Active and passive modes @@ -2376,35 +2370,32 @@ pass out quick on rl0 proto tcp from any # Active mode let data channel in from FTP server pass in quick on rl0 proto tcp from any to any port = 20 flags S keep state - When the file containing the NAT rules - is edited after NAT has been started, run + Whenever the file containing the NAT rules + is edited, run ipnat with to delete - the internal in use NAT rules and flush the - contents of the translation table of all active - entries. - - To reload the NAT rules, issue a - command like this: + the current NAT rules and flush the + contents of the dynamic translation table. Include + and specify the name + of the NAT ruleset to load: - &prompt.root; ipnat -CF -f - /etc/ipnat.rules + &prompt.root; ipnat -CF -f /etc/ipnat.rules - To display some NAT statistics, use - this command: + To display the NAT statistics: &prompt.root; ipnat -s To list the NAT table's current - mappings, use this command: + mappings: &prompt.root; ipnat -l To turn verbose mode on and display information relating - to rule processing and active rules/table entries: + to rule processing and active rules and table entries: &prompt.root; ipnat -v - + IPFSTAT From owner-svn-doc-all@FreeBSD.ORG Tue Feb 25 17:30:27 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2A26D84B; Tue, 25 Feb 2014 17:30:27 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 1488B1276; Tue, 25 Feb 2014 17:30:27 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1PHUQuf023123; Tue, 25 Feb 2014 17:30:26 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1PHUQXQ023122; Tue, 25 Feb 2014 17:30:26 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201402251730.s1PHUQXQ023122@svn.freebsd.org> From: Dru Lavigne Date: Tue, 25 Feb 2014 17:30:26 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44052 - head/en_US.ISO8859-1/books/handbook/firewalls X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Feb 2014 17:30:27 -0000 Author: dru Date: Tue Feb 25 17:30:26 2014 New Revision: 44052 URL: http://svnweb.freebsd.org/changeset/doc/44052 Log: Finish initial editorial review of IPF chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Tue Feb 25 15:57:17 2014 (r44051) +++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Tue Feb 25 17:30:26 2014 (r44052) @@ -2508,7 +2508,7 @@ sh /etc/ipf.rules.script --> - IPFSTAT + Viewing <application>IPF</application> Statistics ipfstat @@ -2518,16 +2518,16 @@ sh /etc/ipf.rules.scriptstatistics - The default behavior of &man.ipfstat.8; is to retrieve - and display the totals of the accumulated statistics gathered - by applying the rules against packets going in and out of the - firewall since it was last started, or since the last time the - accumulators were reset to zero using ipf + IPF includes &man.ipfstat.8; + which can be used to retrieve + and display statistics which are gathered + as packets match rules as they go through the + firewall. Statistics are accumulated since the firewall was + last started or since the last time they + were reset to zero using ipf -Z. - Refer to &man.ipfstat.8; for details. - - The default &man.ipfstat.8; output will look something + The default ipfstat output looks like this: input packets: blocked 99286 passed 1255609 nomatch 14686 counted 0 @@ -2540,58 +2540,47 @@ sh /etc/ipf.rules.scriptTCP RSTs sent: 0 + ICMP replies: 0 TCP RSTs sent: 0 Result cache hits(in): 1215208 (out): 1098963 IN Pullups succeeded: 2 failed: 0 OUT Pullups succeeded: 0 failed: 0 Fastroute successes: 0 failures: 0 - TCP cksum fails(in): 0 (out): 0 + TCP cksum fails(in): 0 (out): 0 Packet log flags set: (0) - When supplied with either for inbound + Several options are available. When supplied with either for inbound or for outbound, the command will retrieve and display the appropriate list of filter rules currently - installed and in use by the kernel. - - ipfstat -in displays the inbound - internal rules table with rule numbers. - - ipfstat -on displays the outbound - internal rules table with rule numbers. - - The output will look something like this: + installed and in use by the kernel. To also see the rule + numbers, include . For example, + ipfstat -on displays the outbound + rules table with rule numbers: @1 pass out on xl0 from any to any @2 block out on dc0 from any to any @3 pass out quick on dc0 proto tcp/udp from any to any keep state - ipfstat -ih displays the inbound - internal rules table, prefixing each rule with a count of how - many times the rule was matched. - - ipfstat -oh displays the outbound - internal rules table, prefixing each rule with a count of how - many times the rule was matched. - - The output will look something like this: + Include to + prefix each rule with a count of how + many times the rule was matched. For example, + ipfstat -oh displays the outbound + internal rules table, prefixing each rule with its usage count: 2451423 pass out on xl0 from any to any 354727 block out on dc0 from any to any 430918 pass out quick on dc0 proto tcp/udp from any to any keep state - One of the most important options of - ipfstat is which - displays the state table in a way similar to how &man.top.1; - shows the &os; running process table. When a firewall is - under attack, this function provides the ability to identify + To display the state table in a format similar to &man.top.1;, use + ipfstat -t. When the firewall is + under attack, this option provides the ability to identify and see the attacking packets. The optional sub-flags give - the ability to select the destination or source IP, port, or + the ability to select the destination or source IP, port, or protocol to be monitored in real time. Refer to &man.ipfstat.8; for details. - IPMON + <application>IPF</application> Logging ipmon @@ -2601,17 +2590,16 @@ sh /etc/ipf.rules.scriptlogging - In order for ipmon to work properly, - the kernel option IPFILTER_LOG must be - turned on. This command has two different modes. Native mode - is the default mode when the command is used without - . - - Daemon mode provides a continuous system log file so that - logging of past events may be reviewed. &os; has a built in - facility to automatically rotate system logs. This is why - outputting the log information to &man.syslogd.8; is better - than the default of outputting to a regular file. The default + IPF provides + ipmon, which can be used to write the firewall's logging + information in a human readable format. It requires that + options IPFILTER_LOG be first added + to a custom kernel using the instructions in . + + This command is typically run in + daemon mode in order to provide a continuous system log file so that + logging of past events may be reviewed. Since &os; has a built in + &man.syslogd.8; facility to automatically rotate system logs, the default rc.conf ipmon_flags statement uses : @@ -2623,48 +2611,38 @@ sh /etc/ipf.rules.scriptLogging provides the ability to review, after the fact, information such as which packets were dropped, what addresses - they came from and where they were going. These can all - provide a significant edge in tracking down attackers. + they came from, and where they were going. This information + is useful in tracking down attackers. - Even with the logging facility enabled, IPF will not - generate any rule logging by default. The firewall + Once the logging facility is enabled in + rc.conf and started with service + ipmon start, IPF will only + log the rules which contain the log keyword. The firewall administrator decides which rules in the ruleset should be - logged and adds the log keyword to those rules. Normally, - only deny rules are logged. - - It is customary to include a default deny - everything rule with the log keyword included as the + logged and normally + only deny rules are logged. It is customary to include the + log keyword in the last rule in the ruleset. This makes it possible to see all the packets that did not match any of the rules in the ruleset. - &man.syslogd.8; uses its own method for segregation of log - data. It uses groupings called facility and - level. By default, IPMON in - mode uses local0 as - the facility name. The following levels can be + By default, ipmon -Ds mode uses + local0 as + the logging facility. The following logging levels can be used to further segregate the logged data: LOG_INFO - packets logged using the "log" keyword as the action rather than pass or block. LOG_NOTICE - packets logged which are also passed LOG_WARNING - packets logged which are also blocked -LOG_ERR - packets which have been logged and which can be considered short +LOG_ERR - packets which have been logged and which can be considered short due to an incomplete header - - - In order to setup IPFILTER to + In order to setup IPF to log all data to /var/log/ipfilter.log, first create the empty file: &prompt.root; touch /var/log/ipfilter.log - &man.syslogd.8; is controlled by definition statements in - /etc/syslog.conf. This file offers - considerable flexibility in how - syslog will deal with system - messages issued by software applications like IPF. - - To write all logged messages to the specified file, + Then, to write all logged messages to the specified file, add the following statement to /etc/syslog.conf: @@ -2674,7 +2652,7 @@ LOG_ERR - packets which have been logged to read the modified /etc/syslog.conf, run service syslogd reload. - Do not forget to change + Do not forget to edit /etc/newsyslog.conf to rotate the new log file. @@ -2702,23 +2680,12 @@ LOG_ERR - packets which have been logged The group and rule number of the rule in the format @0:17. - - These can be viewed with - ipfstat -in. - - The action: p for passed, b for blocked, S for a short packet, n did not match any - rules, and L for a log rule. The order - of precedence in showing flags is: S, - p, b, - n, L. A capital - P or B means that - the packet has been logged due to a global logging - setting, not a particular rule. + rules, and L for a log rule. @@ -2746,10 +2713,10 @@ LOG_ERR - packets which have been logged letters corresponding to any flags that were set. Refer to &man.ipf.5; for a list of letters and their flags. - If the packet is an ICMP packet, there will be two fields - at the end: the first always being ICMP and - the next being the ICMP message and sub-message type, - separated by a slash. For example: ICMP 3/3 for a port + If the packet is an ICMP packet, there will be two fields + at the end: the first always being icmp and + the next being the ICMP message and sub-message type, + separated by a slash. For example: icmp 3/3 for a port unreachable message. From owner-svn-doc-all@FreeBSD.ORG Tue Feb 25 17:38:33 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 81464F2D; Tue, 25 Feb 2014 17:38:33 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 687BF130F; Tue, 25 Feb 2014 17:38:33 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1PHcXIJ026970; Tue, 25 Feb 2014 17:38:33 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1PHcXZR026969; Tue, 25 Feb 2014 17:38:33 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201402251738.s1PHcXZR026969@svn.freebsd.org> From: Dru Lavigne Date: Tue, 25 Feb 2014 17:38:33 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44053 - head/en_US.ISO8859-1/books/handbook/firewalls X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Feb 2014 17:38:33 -0000 Author: dru Date: Tue Feb 25 17:38:33 2014 New Revision: 44053 URL: http://svnweb.freebsd.org/changeset/doc/44053 Log: Move the IPF chapter after the IPFW chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Tue Feb 25 17:30:26 2014 (r44052) +++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Tue Feb 25 17:38:33 2014 (r44053) @@ -79,9 +79,8 @@ &os; has three firewalls built into the base system: PF, - IPFILTER, also known as - IPF, and - IPFW. + IPFW, and IPFILTER, also known as + IPF. &os; also provides two traffic shapers for controlling bandwidth usage: &man.altq.4; and &man.dummynet.4;. ALTQ has @@ -117,12 +116,12 @@ How to use and configure the - IPFILTER firewall. + IPFW firewall. How to use and configure the - IPFW firewall. + IPFILTER firewall. @@ -1585,2294 +1584,2294 @@ block drop out quick on $ext_if from any - - IPFILTER (IPF) + + IPFW firewall - IPFILTER + IPFW - IPFILTER, also known as - IPF, is a cross-platform, open source - firewall which has been ported to several operating systems, - including &os;, NetBSD, OpenBSD, and &solaris;. - - IPFILTER is a kernel-side - firewall and NAT mechanism that can be - controlled and monitored by userland programs. Firewall rules - can be set or deleted using ipf, - NAT rules can be set or deleted using - ipnat, run-time statistics for the - kernel parts of IPFILTER can be - printed using ipfstat, and - ipmon can be used to log - IPFILTER actions to the system log - files. - - IPF was originally written using - a rule processing logic of the last matching rule - wins and only used stateless rules. Since then, - IPF has been enhanced to include the - quick and keep state - options. - - For a detailed explanation of the legacy rules processing - method, refer to http://coombs.anu.edu.au/~avalon/ip-filter.html. + IPFW is a stateful firewall written for + &os; which also provides a traffic shaper, packet scheduler, + and in-kernel NAT. - The IPF FAQ is at http://www.phildev.net/ipf/index.html. - A searchable archive of the IPFilter mailing list is available - at http://marc.info/?l=ipfilter. + &os; provides a sample ruleset in + /etc/rc.firewall. The sample ruleset + define several firewall types for common scenarios to assist + novice users in generating an appropriate ruleset. + &man.ipfw.8; provides a powerful syntax which advanced users can + use to craft customized rulesets that meet the security + requirements of a given environment. - This section of the Handbook focuses on - IPF as it pertains to FreeBSD. It - provides examples of rules that contain the - quick and keep state - options. + IPFW is composed of several components: the kernel firewall + filter rule processor and its integrated packet accounting + facility, the logging facility, the + divert rule which triggers + NAT, the dummynet traffic shaper facilities, + the fwd rule forward facility, the bridge + facility, and the ipstealth facility. IPFW supports both IPv4 + and IPv6. - - Enabling <application>IPF</application> + + Enabling IPFW - IPFILTER + IPFW enabling - IPF is included in the basic - &os; install as a kernel loadable module, meaning that a - custom kernel is not needed in order to enable - IPF. + IPFW is included in the basic &os; install as a run time + loadable module. The system will dynamically load the kernel + module when rc.conf contains the + statement firewall_enable="YES". After + rebooting the system, the following white highlighted message + is displayed on the screen as part of the boot process: + + ipfw2 initialized, divert disabled, rule-based forwarding disabled, default to deny, logging disabled + + The loadable module includes logging ability. To enable + logging and set the verbose logging limit, add these + statements to + /etc/sysctl.conf before rebooting: + + net.inet.ip.fw.verbose=1 +net.inet.ip.fw.verbose_limit=5 + + + + Kernel Options kernel options - IPFILTER + IPFIREWALL kernel options - IPFILTER_LOG + IPFIREWALL_VERBOSE kernel options - IPFILTER_DEFAULT_BLOCK + IPFIREWALL_VERBOSE_LIMIT - IPFILTER + IPFW kernel options - For users who prefer to statically compile - IPF support into a custom kernel, - refer to the instructions in . - The following kernel options are available: - - options IPFILTER -options IPFILTER_LOG -options IPFILTER_LOOKUP -options IPFILTER_DEFAULT_BLOCK - - where options IPFILTER enables support - for IPFILTER, - options IPFILTER_LOG enables - IPF logging using the - ipl packet logging pseudo-device for - every rule that has the log keyword, - IPFILTER_LOOKUP enables - IP pools in order to speed up - IP lookups, and options - IPFILTER_DEFAULT_BLOCK changes the default - behavior so that any packet not matching a firewall - pass rule gets blocked. - - To configure the system to enable - IPF at boot time, add the following - entries to /etc/rc.conf. These entries - will also enable logging and default pass - all. To change the default policy to - block all without compiling a custom - kernel, remember to add a block all rule at - the end of the ruleset. - - ipfilter_enable="YES" # Start ipf firewall -ipfilter_rules="/etc/ipf.rules" # loads rules definition text file -ipmon_enable="YES" # Start IP monitor log -ipmon_flags="-Ds" # D = start as daemon - # s = log to syslog - # v = log tcp window, ack, seq - # n = map IP & port to names + For those users who wish to statically compile kernel + IPFW support, the following options are available for the + custom kernel configuration file: - If NAT functionality is needed, also - add these lines: + options IPFIREWALL - gateway_enable="YES" # Enable as LAN gateway -ipnat_enable="YES" # Start ipnat function -ipnat_rules="/etc/ipnat.rules" # rules definition file for ipnat + This option enables IPFW as part of the kernel. - Then, to start IPF now: + options IPFIREWALL_VERBOSE - &prompt.root; service ipfilter start + This option enables logging of packets that pass through + IPFW and have the log keyword specified in + the ruleset. - To load the firewall rules, specify the name of the - ruleset file using ipf. The following - command can be used to replace the currently running firewall - rules: + options IPFIREWALL_VERBOSE_LIMIT=5 - &prompt.root; ipf -Fa -f /etc/ipf.rules + This option limits the number of packets logged through + &man.syslogd.8;, on a per-entry basis. This option may be + used in hostile environments, when firewall activity logging + is desired. This will close a possible denial of service + attack via syslog flooding. - where flushes all the internal rules - tables and specifies the file containing - the rules to load. + + kernel options - This provides the ability to make changes to a custom - ruleset and update the running firewall with a fresh copy of - the rules without having to reboot the system. This method is - convenient for testing new rules as the procedure can be - executed as many times as needed. + IPFIREWALL_DEFAULT_TO_ACCEPT + - Refer to &man.ipf.8; for details on the other flags - available with this command. - + options IPFIREWALL_DEFAULT_TO_ACCEPT - - <application>IPF</application> Rule Syntax + This option allows everything to pass through the firewall + by default, which is a good idea when the firewall is being + set up for the first time. - IPFILTER + kernel options - rule syntax + IPDIVERT - This section describes the IPF - rule syntax used to create stateful rules. When creating - rules, keep in mind that unless the quick - keyword appears in a rule, every rule is read in order, with - the last matching rule being the one - that is applied. This means that even if the first rule to - match a packet is a pass, if there is a - later matching rule that is a block, the - packet will be dropped. Sample rulesets can be found in - /usr/share/examples/ipfilter. + options IPDIVERT - When creating rules, a # character is - used to mark the start of a comment and may appear at the end - of a rule, to explain that rule's function, or on its own - line. Any blank lines are ignored. + This option enables the use of NAT + functionality. - The keywords which are used in rules must be written in a - specific order, from left to right. Some keywords are - mandatory while others are optional. Some keywords have - sub-options which may be keywords themselves and also include - more sub-options. The keyword order is as follows, where the - words shown in uppercase represent a variable and the words - shown in lowercase must precede the variable that follows - it: + + The firewall will block all incoming and outgoing + packets if either the + IPFIREWALL_DEFAULT_TO_ACCEPT kernel + option or a rule to explicitly allow these connections is + missing. + + - ACTION DIRECTION OPTIONS proto PROTO_TYPE - from SRC_ADDR SRC_PORT to DST_ADDR DST_PORT - TCP_FLAG|ICMP_TYPE keep state STATE + + <filename>/etc/rc.conf</filename> Options - This section describes each of these keywords and their - options. It is not an exhaustive list of every possible - option. Refer to &man.ipf.5; for a complete description of - the rule syntax that can be used when creating - IPF rules and examples for using - each keyword. + Enables the firewall: - - - ACTION - - The action keyword indicates what to do with the - packet if it matches that rule. Every rule - must have an action. The - following actions are recognized: + firewall_enable="YES" - block: drops the packet. + To select one of the default firewall types provided by + &os;, select one by reading + /etc/rc.firewall and specify it in + the following: - pass: allows the packet. + firewall_type="open" - log: generates a log - record. + Available values for this setting are: - count: counts the number of - packets and bytes which can provide an indication of - how often a rule is used. + + + open: passes all traffic. + + + client: protects only this + machine. + + + simple: protects the whole + network. + + + closed: entirely disables IP + traffic except for the loopback interface. + + + UNKNOWN: disables the loading of + firewall rules. + + + filename: + absolute path of the file containing the firewall + rules. + + - auth: queues the packet for - further processing by another program. + Two methods are available for loading custom + ipfw rules. One is to set the + firewall_type variable to the absolute + path of the file which contains the firewall rules. - call: provides access to - functions built into IPF that - allow more complex actions. + The other method is to set the + firewall_script variable to the absolute + path of an executable script that includes + ipfw commands. A ruleset script that + blocks all incoming and outgoing traffic would look like + this: - decapsulate: removes any headers - in order to process the contents of the packet. - - + #!/bin/sh - - DIRECTION - - Next, each rule must explicitly state the direction - of traffic using one of these keywords: +ipfw -q flush - in: the rule is applied against - an inbound packet. +ipfw add deny in +ipfw add deny out - out: the rule is applied against - an outbound packet. + + If firewall_type is set to either + client or simple, + modify the default rules found in + /etc/rc.firewall to fit the + configuration of the system. The examples used in this + section assume that the firewall_script + is set to /etc/ipfw.rules. + - all: the rule applies to either - direction. + Enable logging: - If the system has multiple interfaces, the interface - can be specified along with the direction. An example - would be in on fxp0. - - + firewall_logging="YES" - - OPTIONS - - Options are optional. However, if multiple options - are specified, they must be used in the order shown - here. + + firewall_logging sets the + net.inet.ip.fw.verbose sysctl + variable to the value of 1. There is no + rc.conf variable to set log + limitations, but the desired value can be set using + sysctl or by adding the following + variable and desired value to + /etc/sysctl.conf: - log: when performing the - specified ACTION, the contents of the packet's headers - will be written to the &man.ipl.4; packet log - pseudo-device. + net.inet.ip.fw.verbose_limit=5 + - quick: if a packet matches this - rule, the ACTION specified by the rule occurs and no - further processing of any following rules will occur for - this packet. + If the machine is acting as a gateway providing + NAT using &man.natd.8;, + refer to for information + regarding the required /etc/rc.conf + options. + - on: must be followed by the - interface name as displayed by &man.ifconfig.8;. The - rule will only match if the packet is going through the - specified interface in the specified direction. + + The IPFW Command - When using the - log keyword, the following qualifiers - may be used in this order: + ipfw - body: indicates that the first - 128 bytes of the packet contents will be logged after - the headers. + ipfw can be used to make manual, + single rule additions or deletions to the active firewall + while it is running. The problem with using this method is + that all the changes are lost when the system reboots. It is + recommended to instead write all the rules in a file and to + use that file to load the rules at boot time and to replace + the currently running firewall rules whenever that file + changes. - first: if the - log keyword is being used in - conjunction with a keep state option, - this option is recommended so that only the triggering - packet is logged and not every packet which matches the - stateful connection. + ipfw is a useful way to display the + running firewall rules to the console screen. The IPFW + accounting facility dynamically creates a counter for each + rule that counts each packet that matches the rule. During + the process of testing a rule, listing the rule with its + counter is one way to determine if the rule is + functioning as expected. - Additional options are available to specify error - return messages. Refer to &man.ipf.5; for more - details. + To list all the running rules in sequence: - - + &prompt.root; ipfw list - - PROTO_TYPE - - The protocol type is optional. However, it is - mandatory if the rule needs to specify a SRC_PORT or - a DST_PORT as it defines the type of protocol. When - specifying the type of protocol, use the - proto keyword followed by either a - protocol number or name from - /etc/protocols. - Example protocol names include tcp, - udp, or icmp. If - PROTO_TYPE is specified but no SRC_PORT or DST_PORT is - specified, all port numbers for that protocol will match - that rule. - - + To list all the running rules with a time stamp of when + the last time the rule was matched: - - SRC_ADDR - - The from keyword is mandatory and - is followed by a keyword which represents the source of - the packet. The source can be a hostname, an - IP address followed by the - CIDR mask, an address pool, or the - keyword all. Refer to &man.ipf.5; - for examples. + &prompt.root; ipfw -t list - There is no way to match ranges of - IP addresses which do not express - themselves easily using the dotted numeric form / - mask-length notation. The - net-mgmt/ipcalc package or port may - be used to ease the calculation of the - CIDR mask. Additional information is - available at the utility's web page: http://jodies.de/ipcalc. - - + The next example lists accounting information and the + packet count for matched rules along with the rules + themselves. The first column is the rule number, followed by + the number of matched packets and bytes, followed by the rule + itself. - - SRC_PORT - - The port number of the source is optional. However, - if it is used, it requires PROTO_TYPE to be first - defined in the rule. The port number must also be - preceded by the proto keyword. + &prompt.root; ipfw -a list - A number of different comparison operators are - supported: = (equal to), - != (not equal to), - < (less than), - > (greater than), - <= (less than or equal to), and - >= (greater than or equal - to). + To list dynamic rules in addition to static rules: - To specify port ranges, place the two port numbers - between <> (less than and - greater than ), >< (greater - than and less than ), or : (greater - than or equal to and less than or equal to). - - + &prompt.root; ipfw -d list - - DST_ADDR - - The to keyword is mandatory and - is followed by a keyword which represents the - destination of the packet. Similar to SRC_ADDR, it can - be a hostname, an IP address - followed by the CIDR mask, an address - pool, or the keyword all. - - + To also show the expired dynamic rules: - - DST_PORT - - Similar to SRC_PORT, the port number of the - destination is optional. However, if it is used, it - requires PROTO_TYPE to be first defined in the rule. - The port number must also be preceded by the - proto keyword. - - + &prompt.root; ipfw -d -e list - - TCP_FLAG|ICMP_TYPE - - If tcp is specifed as the - PROTO_TYPE, flags can be specified as letters, where - each letter represents one of the possible - TCP flags used to determine the state - of a connection. Possible values are: - S (SYN), - A (ACK), - P (PSH), - F (FIN), - U (URG), - R (RST), - C (CWN), and - E (ECN). - - If icmp is specifed as the - PROTO_TYPE, the ICMP type to match - can be specified. Refer to &man.ipf.5; for the - allowable types. - - + To zero the counters: - - STATE - - If a pass rule contains - keep state, - IPF will add an entry to its - dynamic state table and allow subsequent packets that - match the connection. - IPF can track state for - TCP, UDP, and - ICMP sessions. Any packet that - IPF can be certain is part of - an active session, even if it is a different protocol, - will be allowed. + &prompt.root; ipfw zero - In IPF, packets destined - to go out through the interface connected to the public - Internet are first checked against the dynamic state - table. If the packet matches the next expected packet - comprising an active session conversation, it exits the - firewall and the state of the session conversation flow - is updated in the dynamic state table. Packets that do - not belong to an already active session are checked - against the outbound ruleset. Packets coming in from - the interface connected to the public Internet are first - checked against the dynamic state table. If the packet - matches the next expected packet comprising an active - session, it exits the firewall and the state of the - session conversation flow is updated in the dynamic - state table. Packets that do not belong to an already - active session are checked against the inbound - ruleset. + To zero the counters for just the rule with number + NUM: - Several keywords can be added after - keep state. If used, these keywords - set various options that control stateful filtering, - such as setting connection limits or connection age. - Refer to &man.ipf.5; for the list of available options - and their descriptions. - - - + &prompt.root; ipfw zero NUM - - Example Ruleset + + IPFW Rulesets - This section demonstrates how to create an example ruleset - which only allows services matching - pass rules and blocks all others. + + IPFW - &os; uses the loopback interface - (lo0) and the IP - address 127.0.0.1 - for internal communication. The firewall ruleset must contain - rules to allow free movement of these internally used - packets: + rule processing order + - # no restrictions on loopback interface -pass in quick on lo0 all -pass out quick on lo0 all + When a packet enters the IPFW firewall, + it is compared against the first rule in the ruleset and + progresses one rule at a time, moving from top to bottom of + the set in ascending rule number sequence order. When the + packet matches the selection parameters of a rule, the rule's + action field value is executed and the search of the ruleset + terminates for that packet. This is referred to as + first match wins. If the packet does not match + any of the rules, it gets caught by the mandatory IPFW default + rule, number 65535, which denies all packets and silently + discards them. However, if the packet matches a rule that + contains the count, + skipto, or tee keywords, + the search continues. Refer to &man.ipfw.8; for details on + how these keywords affect rule processing. - The public interface connected to the Internet is used to - authorize and control access of all outbound and inbound - connections. If one or more interfaces are cabled to private - networks, those internal interfaces may require rules to allow - packets originating from the LAN to flow - between the internal networks or to the interface attached to - the Internet. The ruleset should be organized into three - major sections: any trusted internal interfaces, outbound - connections through the public interface, and inbound - connections through the public interface. + The examples in this section create an inclusive type + firewall ruleset containing the stateful keep + state, limit, + in, out and + via options. For a complete rule syntax + description, refer to &man.ipfw.8;. - These two rules allow all traffic to pass through a - trusted LAN interface named - xl0: + + Be careful when working with firewall rules, as it is + easy to lock out even the administrator. + - # no restrictions on inside LAN interface for private network -pass out quick on xl0 all -pass in quick on xl0 all + + Rule Syntax - The rules for the public interface's outbound and inbound - sections should have the most frequently matched rules placed - before less commonly matched rules, with the last rule in the - section blocking and logging all packets for that interface - and direction. + + IPFW - This set of rules defines the outbound section of the - public interface named dc0. These rules - keep state and identify the specific services that internal - systems are authorized for public Internet access. All the - rules use quick and specify the - appropriate port numbers and, where applicable, destination - addresses. + rule syntax + - # interface facing Internet (outbound) -# Matches session start requests originating from or behind the -# firewall, destined for the Internet. + This section describes the keywords which comprise an + IPFW rule. Keywords must be written in + the following order. # is used to mark + the start of a comment and may appear at the end of a rule + line or on its own line. Blank lines are ignored. -# Allow outbound access to public DNS servers. -# Replace x.x.x. with address listed in /etc/resolv.conf. -# Repeat for each DNS server. -pass out quick on dc0 proto tcp from any to x.x.x. port = 53 flags S keep state -pass out quick on dc0 proto udp from any to xxx port = 53 keep state + CMD RULE_NUMBER ACTION LOGGING SELECTION + STATEFUL -# Allow access to ISP's specified DHCP server for cable or DSL networks. -# Use the first rule, then check log for the IP address of DHCP server. -# Then, uncomment the second rule, replace z.z.z.z with the IP address, -# and comment out the first rule -pass out log quick on dc0 proto udp from any to any port = 67 keep state -#pass out quick on dc0 proto udp from any to z.z.z.z port = 67 keep state + + CMD -# Allow HTTP and HTTPS -pass out quick on dc0 proto tcp from any to any port = 80 flags S keep state -pass out quick on dc0 proto tcp from any to any port = 443 flags S keep state + Each new rule has to be prefixed with + add to add the rule to the internal + table. + -# Allow email -pass out quick on dc0 proto tcp from any to any port = 110 flags S keep state -pass out quick on dc0 proto tcp from any to any port = 25 flags S keep state + + RULE_NUMBER -# Allow NTP -pass out quick on dc0 proto tcp from any to any port = 37 flags S keep state + Each rule is associated with a rule_number in the + range of 1 to + 65535. + -# Allow FTP -pass out quick on dc0 proto tcp from any to any port = 21 flags S keep state + + ACTION -# Allow SSH -pass out quick on dc0 proto tcp from any to any port = 22 flags S keep state + A rule can be associated with one of the following + actions. The specified action will be executed when the + packet matches the selection criterion of the rule. -# Allow ping -pass out quick on dc0 proto icmp from any to any icmp-type 8 keep state + allow | accept | pass | + permit -# Block and log everything else -block out log first quick on dc0 all + These keywords are equivalent as they allow packets + that match the rule to exit the firewall rule processing. + The search terminates at this rule. - This example of the rules in the inbound section of the - public interface blocks all undesirable packets first. This - reduces the number of packets that are logged by the last - rule. + check-state - # interface facing Internet (inbound) -# Block all inbound traffic from non-routable or reserved address spaces -block in quick on dc0 from 192.168.0.0/16 to any #RFC 1918 private IP -block in quick on dc0 from 172.16.0.0/12 to any #RFC 1918 private IP -block in quick on dc0 from 10.0.0.0/8 to any #RFC 1918 private IP -block in quick on dc0 from 127.0.0.0/8 to any #loopback -block in quick on dc0 from 0.0.0.0/8 to any #loopback -block in quick on dc0 from 169.254.0.0/16 to any #DHCP auto-config -block in quick on dc0 from 192.0.2.0/24 to any #reserved for docs -block in quick on dc0 from 204.152.64.0/23 to any #Sun cluster interconnect -block in quick on dc0 from 224.0.0.0/3 to any #Class D & E multicast + Checks the packet against the dynamic rules table. + If a match is found, execute the action associated with + the rule which generated this dynamic rule, otherwise + move to the next rule. A check-state + rule does not have selection criterion. If no + check-state rule is present in the + ruleset, the dynamic rules table is checked at the first + keep-state or limit + rule. -# Block fragments and too short tcp packets -block in quick on dc0 all with frags -block in quick on dc0 proto tcp all with short + deny | drop -# block source routed packets -block in quick on dc0 all with opt lsrr -block in quick on dc0 all with opt ssrr + Both words mean the same thing, which is to discard + packets that match this rule. The search + terminates. + -# Block OS fingerprint attempts and log first occurrence -block in log first quick on dc0 proto tcp from any to any flags FUP + + Logging -# Block anything with special options -block in quick on dc0 all with ipopts + When a packet matches a rule with the + log keyword, a message will be logged + to &man.syslogd.8; with a facility name of + SECURITY. Logging only occurs if the + number of packets logged for that particular rule does not + exceed the logamount parameter. If no + logamount is specified, the limit is + taken from the sysctl value of + net.inet.ip.fw.verbose_limit. In both + cases, a value of zero removes the logging limit. Once + the limit is reached, logging can be re-enabled by + clearing the logging counter or the packet counter for + that rule, using ipfw reset log. -# Block public pings and ident -block in quick on dc0 proto icmp all icmp-type 8 -block in quick on dc0 proto tcp from any to any port = 113 + + Logging is done after all other packet matching + conditions have been met, and before performing the + final action on the packet. The administrator decides + which rules to enable logging on. + + -# Block incoming Netbios services -block in log first quick on dc0 proto tcp/udp from any to any port = 137 -block in log first quick on dc0 proto tcp/udp from any to any port = 138 -block in log first quick on dc0 proto tcp/udp from any to any port = 139 -block in log first quick on dc0 proto tcp/udp from any to any port = 81 + + Selection - Any time there are logged messages on a rule with - the log first option, run - ipfstat -hio to evaluate how many times the - rule has been matched. A large number of matches may indicate - that the system is under attack. + The keywords described in this section are used to + describe attributes of the packet to be checked when + determining whether rules match the packet or not. + The following general-purpose attributes are provided for + matching, and must be used in this order: - The rest of the rules in the inbound section define which - connections are allowed to be initiated from the Internet. - The last rule denies all connections which were not explicitly - allowed by previous rules in this section. + udp | tcp | icmp - # Allow traffic in from ISP's DHCP server. Replace z.z.z.z with -# the same IP address used in the outbound section. -pass in quick on dc0 proto udp from z.z.z.z to any port = 68 keep state + Any other protocol names found in + /etc/protocols can be used. The + value specified is the protocol to be matched against. + This is a mandatory keyword. -# Allow public connections to specified internal web server -pass in quick on dc0 proto tcp from any to x.x.x.x port = 80 flags S keep state + from src to dst -# Block and log only first occurrence of all remaining traffic. -block in log first quick on dc0 all - + The from and to + keywords are used to match against IP addresses. Rules + must specify both source and + destination parameters. any is a + special keyword that matches any IP address. + me is a special keyword that matches + any IP address configured on an interface in the &os; + system to represent the PC the firewall is running on. + Example usage includes from me to any, + from any to me, + from 0.0.0.0/0 to any, + from any to 0.0.0.0/0, + from 0.0.0.0 to any, + from any to 0.0.0.0, + and from me to 0.0.0.0. IP addresses + are specified in dotted IP address format followed by the + mask in CIDR notation, or as a single host in dotted IP + address format. This keyword is a mandatory requirement. + The net-mgmt/ipcalc port may be used to + assist the mask calculation. - - Configuring <acronym>NAT</acronym> + port number - NAT + For protocols which support port numbers, such as + TCP and UDP, it + is mandatory to include the port number of the service + that will be matched. Service names from + /etc/services may be used instead + of numeric port values. - - IP masquerading + in | out - NAT - *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Tue Feb 25 17:59:16 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E64AA64E; Tue, 25 Feb 2014 17:59:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C3DD6152B; Tue, 25 Feb 2014 17:59:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1PHxGko034902; Tue, 25 Feb 2014 17:59:16 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1PHxGbF034901; Tue, 25 Feb 2014 17:59:16 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201402251759.s1PHxGbF034901@svn.freebsd.org> From: Dru Lavigne Date: Tue, 25 Feb 2014 17:59:16 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44054 - head/en_US.ISO8859-1/books/handbook/firewalls X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Feb 2014 17:59:17 -0000 Author: dru Date: Tue Feb 25 17:59:16 2014 New Revision: 44054 URL: http://svnweb.freebsd.org/changeset/doc/44054 Log: Initial prep work for IPFW section so that it starts to match layout of other firewall sections. Many more commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Tue Feb 25 17:38:33 2014 (r44053) +++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Tue Feb 25 17:59:16 2014 (r44054) @@ -1639,10 +1639,6 @@ block drop out quick on $ext_if from any net.inet.ip.fw.verbose=1 net.inet.ip.fw.verbose_limit=5 - - - - Kernel Options kernel options @@ -1720,12 +1716,8 @@ net.inet.ip.fw.verbose_limit=5 - - - <filename>/etc/rc.conf</filename> Options - - Enables the firewall: + The following /etc/rc.conf option enables the firewall: firewall_enable="YES" @@ -1876,7 +1868,7 @@ ipfw add deny out - IPFW Rulesets + IPFW Rule Syntax IPFW @@ -1907,14 +1899,6 @@ ipfw add deny out via options. For a complete rule syntax description, refer to &man.ipfw.8;. - - Be careful when working with firewall rules, as it is - easy to lock out even the administrator. - - - - Rule Syntax - IPFW @@ -1930,25 +1914,28 @@ ipfw add deny out CMD RULE_NUMBER ACTION LOGGING SELECTION STATEFUL - - CMD - + + + CMD + Each new rule has to be prefixed with add to add the rule to the internal table. - - - - RULE_NUMBER + + + + RULE_NUMBER + Each rule is associated with a rule_number in the range of 1 to 65535. - - - - ACTION + + + + ACTION + A rule can be associated with one of the following actions. The specified action will be executed when the packet matches the selection criterion of the rule. @@ -1977,11 +1964,12 @@ ipfw add deny out Both words mean the same thing, which is to discard packets that match this rule. The search terminates. - - - - Logging + + + + Logging + When a packet matches a rule with the log keyword, a message will be logged to &man.syslogd.8; with a facility name of @@ -2002,11 +1990,12 @@ ipfw add deny out final action on the packet. The administrator decides which rules to enable logging on. - - - - Selection + + + + Selection + The keywords described in this section are used to describe attributes of the packet to be checked when determining whether rules match the packet or not. @@ -2087,18 +2076,12 @@ ipfw add deny out specified. limit and keep-state can not be used on the same rule as they provide the same stateful function. - - - - - Stateful Rule Option - - - IPFW - - stateful filtering - + + + + Stateful Rule Option + The check-state option is used to identify where in the IPFW ruleset the packet is to be tested against the dynamic rules facility. On a match, the @@ -2119,7 +2102,9 @@ ipfw add deny out combination occurred. If this count is greater than the value specified by limit, the packet is discarded. - + + + Logging Firewall Messages From owner-svn-doc-all@FreeBSD.ORG Tue Feb 25 18:57:41 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 02F29EE2; Tue, 25 Feb 2014 18:57:41 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C82831C04; Tue, 25 Feb 2014 18:57:40 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1PIveOf059587; Tue, 25 Feb 2014 18:57:40 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1PIvexO059586; Tue, 25 Feb 2014 18:57:40 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201402251857.s1PIvexO059586@svn.freebsd.org> From: Dru Lavigne Date: Tue, 25 Feb 2014 18:57:40 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44055 - head/en_US.ISO8859-1/books/handbook/firewalls X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Feb 2014 18:57:41 -0000 Author: dru Date: Tue Feb 25 18:57:40 2014 New Revision: 44055 URL: http://svnweb.freebsd.org/changeset/doc/44055 Log: Start editorial review. To be continued tomorrow. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Tue Feb 25 17:59:16 2014 (r44054) +++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Tue Feb 25 18:57:40 2014 (r44055) @@ -1585,7 +1585,7 @@ block drop out quick on $ext_if from any - IPFW + <application>IPFW</application> firewall @@ -1593,52 +1593,39 @@ block drop out quick on $ext_if from any IPFW - IPFW is a stateful firewall written for - &os; which also provides a traffic shaper, packet scheduler, - and in-kernel NAT. + IPFW is a stateful firewall written for + &os; which supports both IPv4 + and IPv6. It is comprised of several components: the kernel firewall + filter rule processor and its integrated packet accounting + facility, the logging facility, + NAT, the &man.dummynet.4; traffic shaper, + a forward facility, a bridge + facility, and an ipstealth facility. &os; provides a sample ruleset in - /etc/rc.firewall. The sample ruleset - define several firewall types for common scenarios to assist + /etc/rc.firewall which + defines several firewall types for common scenarios to assist novice users in generating an appropriate ruleset. - &man.ipfw.8; provides a powerful syntax which advanced users can + IPFW provides a powerful syntax which advanced users can use to craft customized rulesets that meet the security requirements of a given environment. - - IPFW is composed of several components: the kernel firewall - filter rule processor and its integrated packet accounting - facility, the logging facility, the - divert rule which triggers - NAT, the dummynet traffic shaper facilities, - the fwd rule forward facility, the bridge - facility, and the ipstealth facility. IPFW supports both IPv4 - and IPv6. + + This section describes how to enable + IPFW, provides an overview of its + rule syntax, and demonstrates several rulesets for common + configuration scenarios. - Enabling IPFW + Enabling <application>IPFW</application> - IPFW + IPFW enabling - IPFW is included in the basic &os; install as a run time - loadable module. The system will dynamically load the kernel - module when rc.conf contains the - statement firewall_enable="YES". After - rebooting the system, the following white highlighted message - is displayed on the screen as part of the boot process: - - ipfw2 initialized, divert disabled, rule-based forwarding disabled, default to deny, logging disabled - - The loadable module includes logging ability. To enable - logging and set the verbose logging limit, add these - statements to - /etc/sysctl.conf before rebooting: - - net.inet.ip.fw.verbose=1 -net.inet.ip.fw.verbose_limit=5 + IPFW is included in the basic &os; install as a kernel + loadable module, meaning that a custom kernel is not needed in order to enable IPFW. kernel options @@ -1659,76 +1646,35 @@ net.inet.ip.fw.verbose_limit=5 - IPFW + IPFW kernel options - For those users who wish to statically compile kernel - IPFW support, the following options are available for the + For those users who wish to statically compile + IPFW support into a custom kernel, + refer to the instructions in . + The following options are available for the custom kernel configuration file: - options IPFIREWALL - - This option enables IPFW as part of the kernel. - - options IPFIREWALL_VERBOSE - - This option enables logging of packets that pass through - IPFW and have the log keyword specified in - the ruleset. - - options IPFIREWALL_VERBOSE_LIMIT=5 - - This option limits the number of packets logged through - &man.syslogd.8;, on a per-entry basis. This option may be - used in hostile environments, when firewall activity logging - is desired. This will close a possible denial of service - attack via syslog flooding. - - - kernel options - - IPFIREWALL_DEFAULT_TO_ACCEPT - - - options IPFIREWALL_DEFAULT_TO_ACCEPT + options IPFIREWALL # enables IPFW +options IPFIREWALL_VERBOSE # enables logging for rules with log keyword +options IPFIREWALL_VERBOSE_LIMIT=5 # limits number of logged packets per-entry +options IPFIREWALL_DEFAULT_TO_ACCEPT # sets default policy to pass what is not explicitly denied +options IPDIVERT # enables NAT - This option allows everything to pass through the firewall - by default, which is a good idea when the firewall is being - set up for the first time. - - - kernel options - - IPDIVERT - - - options IPDIVERT - - This option enables the use of NAT - functionality. - - - The firewall will block all incoming and outgoing - packets if either the - IPFIREWALL_DEFAULT_TO_ACCEPT kernel - option or a rule to explicitly allow these connections is - missing. - - - The following /etc/rc.conf option enables the firewall: + To configure the system to enable + IPFW at boot time, add the + following entry to /etc/rc.conf: firewall_enable="YES" - To select one of the default firewall types provided by - &os;, select one by reading - /etc/rc.firewall and specify it in - the following: + To use one of the default firewall types provided by + &os;, add another line which specifies the type: firewall_type="open" - Available values for this setting are: + The available values for this setting are: @@ -1747,27 +1693,27 @@ net.inet.ip.fw.verbose_limit=5 + workstation: protects only this + machine using stateful rules. + + UNKNOWN: disables the loading of firewall rules. filename: - absolute path of the file containing the firewall + full path of the file containing the firewall rules. - Two methods are available for loading custom - ipfw rules. One is to set the - firewall_type variable to the absolute - path of the file which contains the firewall rules. - - The other method is to set the + To instead load a custom ruleset, either + set the filename value of + firewall_type or set the firewall_script variable to the absolute path of an executable script that includes - ipfw commands. A ruleset script that - blocks all incoming and outgoing traffic would look like - this: + IPFW commands. This example script + blocks all incoming and outgoing traffic: #!/bin/sh @@ -1811,7 +1757,7 @@ ipfw add deny out - The IPFW Command + The <application>IPFW</application> Command ipfw @@ -1825,7 +1771,7 @@ ipfw add deny out changes. ipfw is a useful way to display the - running firewall rules to the console screen. The IPFW + running firewall rules to the console screen. The IPFW accounting facility dynamically creates a counter for each rule that counts each packet that matches the rule. During the process of testing a rule, listing the rule with its @@ -1868,10 +1814,10 @@ ipfw add deny out - IPFW Rule Syntax + <application>IPFW</application> Rule Syntax - IPFW + IPFW rule processing order @@ -1884,7 +1830,7 @@ ipfw add deny out action field value is executed and the search of the ruleset terminates for that packet. This is referred to as first match wins. If the packet does not match - any of the rules, it gets caught by the mandatory IPFW default + any of the rules, it gets caught by the mandatory IPFW default rule, number 65535, which denies all packets and silently discards them. However, if the packet matches a rule that contains the count, @@ -1900,13 +1846,13 @@ ipfw add deny out description, refer to &man.ipfw.8;. - IPFW + IPFW rule syntax This section describes the keywords which comprise an - IPFW rule. Keywords must be written in + IPFW rule. Keywords must be written in the following order. # is used to mark the start of a comment and may appear at the end of a rule line or on its own line. Blank lines are ignored. @@ -2083,7 +2029,7 @@ ipfw add deny out Stateful Rule Option The check-state option is used to - identify where in the IPFW ruleset the packet is to be + identify where in the IPFW ruleset the packet is to be tested against the dynamic rules facility. On a match, the packet exits the firewall to continue on its way and a new rule is dynamically created for the next anticipated packet @@ -2094,7 +2040,7 @@ ipfw add deny out The dynamic rules facility is vulnerable to resource depletion from a SYN-flood attack which would open a huge number of dynamic rules. To counter this type of attack - with IPFW, use limit. + with IPFW, use limit. This keyword limits the number of simultaneous sessions by checking that rule's source or destinations fields and using the packet's IP address in a search of the open dynamic @@ -2110,12 +2056,12 @@ ipfw add deny out Logging Firewall Messages - IPFW + IPFW logging - Even with the logging facility enabled, IPFW will not + Even with the logging facility enabled, IPFW will not generate any rule logging on its own. The firewall administrator decides which rules in the ruleset will be logged, and adds the log keyword to those @@ -2156,7 +2102,7 @@ ipfw add deny out Building a Rule Script - Most experienced IPFW users create a file containing + Most experienced IPFW users create a file containing the rules and code them in a manner compatible with running them as a script. The major benefit of doing this is the firewall rules can be refreshed in mass without the need @@ -2416,17 +2362,17 @@ pif="dc0" # public interface name of NAT - and IPFW + and IPFW There are some additional configuration statements that need to be enabled to activate the NAT - function of IPFW. For a customized kernel, the kernel + function of IPFW. For a customized kernel, the kernel configuration file needs option IPDIVERT added to the other IPFIREWALL options. - In addition to the normal IPFW options in + In addition to the normal IPFW options in /etc/rc.conf, the following are needed: From owner-svn-doc-all@FreeBSD.ORG Tue Feb 25 19:00:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2CE21CB; Tue, 25 Feb 2014 19:00:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 184E91C2C; Tue, 25 Feb 2014 19:00:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1PJ0ZI6063007; Tue, 25 Feb 2014 19:00:35 GMT (envelope-from blackend@svn.freebsd.org) Received: (from blackend@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1PJ0Z6a063006; Tue, 25 Feb 2014 19:00:35 GMT (envelope-from blackend@svn.freebsd.org) Message-Id: <201402251900.s1PJ0Z6a063006@svn.freebsd.org> From: Marc Fonvieille Date: Tue, 25 Feb 2014 19:00:35 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44056 - head/fr_FR.ISO8859-1/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Feb 2014 19:00:36 -0000 Author: blackend Date: Tue Feb 25 19:00:35 2014 New Revision: 44056 URL: http://svnweb.freebsd.org/changeset/doc/44056 Log: Fix translation of release dates. PR: www/182877 Submitted by: malt Modified: head/fr_FR.ISO8859-1/share/xml/l10n.ent Modified: head/fr_FR.ISO8859-1/share/xml/l10n.ent ============================================================================== --- head/fr_FR.ISO8859-1/share/xml/l10n.ent Tue Feb 25 18:57:40 2014 (r44055) +++ head/fr_FR.ISO8859-1/share/xml/l10n.ent Tue Feb 25 19:00:35 2014 (r44056) @@ -11,8 +11,8 @@ - - + + From owner-svn-doc-all@FreeBSD.ORG Tue Feb 25 19:40:14 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5DC2C277; Tue, 25 Feb 2014 19:40:14 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 47A0310FE; Tue, 25 Feb 2014 19:40:14 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1PJeE8w078961; Tue, 25 Feb 2014 19:40:14 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1PJeE0u078960; Tue, 25 Feb 2014 19:40:14 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201402251940.s1PJeE0u078960@svn.freebsd.org> From: Dru Lavigne Date: Tue, 25 Feb 2014 19:40:14 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44057 - head/en_US.ISO8859-1/books/handbook/firewalls X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Feb 2014 19:40:14 -0000 Author: dru Date: Tue Feb 25 19:40:13 2014 New Revision: 44057 URL: http://svnweb.freebsd.org/changeset/doc/44057 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Tue Feb 25 19:00:35 2014 (r44056) +++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Tue Feb 25 19:40:13 2014 (r44057) @@ -78,12 +78,11 @@ &os; has three firewalls built into the base system: - PF, - IPFW, and IPFILTER, also known as - IPF. - &os; also provides two traffic shapers for controlling bandwidth - usage: &man.altq.4; and &man.dummynet.4;. - ALTQ has + PF, IPFW, + and IPFILTER, also known as + IPF. &os; also provides two traffic + shapers for controlling bandwidth usage: &man.altq.4; and + &man.dummynet.4;. ALTQ has traditionally been closely tied with PF and dummynet with @@ -1593,23 +1592,23 @@ block drop out quick on $ext_if from any IPFW - IPFW is a stateful firewall written for - &os; which supports both IPv4 - and IPv6. It is comprised of several components: the kernel firewall - filter rule processor and its integrated packet accounting - facility, the logging facility, - NAT, the &man.dummynet.4; traffic shaper, - a forward facility, a bridge - facility, and an ipstealth facility. + IPFW is a stateful firewall + written for &os; which supports both IPv4 and + IPv6. It is comprised of several components: + the kernel firewall filter rule processor and its integrated + packet accounting facility, the logging facility, + NAT, the &man.dummynet.4; traffic shaper, a + forward facility, a bridge facility, and an ipstealth + facility. &os; provides a sample ruleset in - /etc/rc.firewall which - defines several firewall types for common scenarios to assist - novice users in generating an appropriate ruleset. - IPFW provides a powerful syntax which advanced users can - use to craft customized rulesets that meet the security - requirements of a given environment. - + /etc/rc.firewall which defines several + firewall types for common scenarios to assist novice users in + generating an appropriate ruleset. + IPFW provides a powerful syntax which + advanced users can use to craft customized rulesets that meet + the security requirements of a given environment. + This section describes how to enable IPFW, provides an overview of its rule syntax, and demonstrates several rulesets for common @@ -1624,8 +1623,10 @@ block drop out quick on $ext_if from any enabling - IPFW is included in the basic &os; install as a kernel - loadable module, meaning that a custom kernel is not needed in order to enable IPFW. + IPFW is included in the basic + &os; install as a kernel loadable module, meaning that a + custom kernel is not needed in order to enable + IPFW. kernel options @@ -1669,8 +1670,8 @@ options IPDIVERT # enables NATfirewall_enable="YES" - To use one of the default firewall types provided by - &os;, add another line which specifies the type: + To use one of the default firewall types provided by &os;, + add another line which specifies the type: firewall_type="open" @@ -1701,19 +1702,18 @@ options IPDIVERT # enables NAT - filename: - full path of the file containing the firewall - rules. + filename: full path of the file + containing the firewall rules. - To instead load a custom ruleset, either - set the filename value of + To instead load a custom ruleset, either set the + filename value of firewall_type or set the firewall_script variable to the absolute path of an executable script that includes - IPFW commands. This example script - blocks all incoming and outgoing traffic: + IPFW commands. This example script blocks + all incoming and outgoing traffic: #!/bin/sh @@ -1750,10 +1750,9 @@ ipfw add deny out If the machine is acting as a gateway providing - NAT using &man.natd.8;, - refer to for information - regarding the required /etc/rc.conf - options. + NAT using &man.natd.8;, refer to for information regarding the + required /etc/rc.conf options. @@ -1771,12 +1770,12 @@ ipfw add deny out changes. ipfw is a useful way to display the - running firewall rules to the console screen. The IPFW - accounting facility dynamically creates a counter for each - rule that counts each packet that matches the rule. During - the process of testing a rule, listing the rule with its - counter is one way to determine if the rule is - functioning as expected. + running firewall rules to the console screen. The + IPFW accounting facility + dynamically creates a counter for each rule that counts each + packet that matches the rule. During the process of testing a + rule, listing the rule with its counter is one way to + determine if the rule is functioning as expected. To list all the running rules in sequence: @@ -1830,13 +1829,14 @@ ipfw add deny out action field value is executed and the search of the ruleset terminates for that packet. This is referred to as first match wins. If the packet does not match - any of the rules, it gets caught by the mandatory IPFW default - rule, number 65535, which denies all packets and silently - discards them. However, if the packet matches a rule that - contains the count, - skipto, or tee keywords, - the search continues. Refer to &man.ipfw.8; for details on - how these keywords affect rule processing. + any of the rules, it gets caught by the mandatory + IPFW default rule, number 65535, + which denies all packets and silently discards them. However, + if the packet matches a rule that contains the + count, skipto, or + tee keywords, the search continues. Refer + to &man.ipfw.8; for details on how these keywords affect rule + processing. The examples in this section create an inclusive type firewall ruleset containing the stateful keep @@ -1845,212 +1845,219 @@ ipfw add deny out via options. For a complete rule syntax description, refer to &man.ipfw.8;. - - IPFW + + IPFW - rule syntax - + rule syntax + - This section describes the keywords which comprise an - IPFW rule. Keywords must be written in - the following order. # is used to mark - the start of a comment and may appear at the end of a rule - line or on its own line. Blank lines are ignored. + This section describes the keywords which comprise an + IPFW rule. Keywords must be + written in the following order. # is used + to mark the start of a comment and may appear at the end of a + rule line or on its own line. Blank lines are ignored. - CMD RULE_NUMBER ACTION LOGGING SELECTION - STATEFUL + CMD RULE_NUMBER ACTION LOGGING SELECTION + STATEFUL - - + + CMD - Each new rule has to be prefixed with - add to add the rule to the internal - table. - - + Each new rule has to be prefixed with + add to add the rule to the + internal table. + + RULE_NUMBER - Each rule is associated with a rule_number in the - range of 1 to - 65535. - - + Each rule is associated with a rule_number in the + range of 1 to + 65535. + + ACTION - A rule can be associated with one of the following - actions. The specified action will be executed when the - packet matches the selection criterion of the rule. - - allow | accept | pass | - permit - - These keywords are equivalent as they allow packets - that match the rule to exit the firewall rule processing. - The search terminates at this rule. - - check-state - - Checks the packet against the dynamic rules table. - If a match is found, execute the action associated with - the rule which generated this dynamic rule, otherwise - move to the next rule. A check-state - rule does not have selection criterion. If no - check-state rule is present in the - ruleset, the dynamic rules table is checked at the first - keep-state or limit - rule. - - deny | drop - - Both words mean the same thing, which is to discard - packets that match this rule. The search - terminates. - - + A rule can be associated with one of the following + actions. The specified action will be executed when the + packet matches the selection criterion of the + rule. + + allow | accept | pass | + permit + + These keywords are equivalent as they allow packets + that match the rule to exit the firewall rule + processing. The search terminates at this rule. + + check-state + + Checks the packet against the dynamic rules table. + If a match is found, execute the action associated with + the rule which generated this dynamic rule, otherwise + move to the next rule. A check-state + rule does not have selection criterion. If no + check-state rule is present in the + ruleset, the dynamic rules table is checked at the first + keep-state or + limit rule. + + deny | drop + + Both words mean the same thing, which is to discard + packets that match this rule. The search + terminates. + + Logging - When a packet matches a rule with the - log keyword, a message will be logged - to &man.syslogd.8; with a facility name of - SECURITY. Logging only occurs if the - number of packets logged for that particular rule does not - exceed the logamount parameter. If no - logamount is specified, the limit is - taken from the sysctl value of - net.inet.ip.fw.verbose_limit. In both - cases, a value of zero removes the logging limit. Once - the limit is reached, logging can be re-enabled by - clearing the logging counter or the packet counter for - that rule, using ipfw reset log. - - - Logging is done after all other packet matching - conditions have been met, and before performing the - final action on the packet. The administrator decides - which rules to enable logging on. - - - + When a packet matches a rule with the + log keyword, a message will be logged + to &man.syslogd.8; with a facility name of + SECURITY. Logging only occurs if the + number of packets logged for that particular rule does + not exceed the logamount parameter. + If no logamount is specified, the + limit is taken from the sysctl value + of net.inet.ip.fw.verbose_limit. In + both cases, a value of zero removes the logging limit. + Once the limit is reached, logging can be re-enabled by + clearing the logging counter or the packet counter for + that rule, using ipfw reset + log. + + + Logging is done after all other packet matching + conditions have been met, and before performing the + final action on the packet. The administrator decides + which rules to enable logging on. + + + Selection - The keywords described in this section are used to - describe attributes of the packet to be checked when - determining whether rules match the packet or not. - The following general-purpose attributes are provided for - matching, and must be used in this order: - - udp | tcp | icmp - - Any other protocol names found in - /etc/protocols can be used. The - value specified is the protocol to be matched against. - This is a mandatory keyword. - - from src to dst - - The from and to - keywords are used to match against IP addresses. Rules - must specify both source and - destination parameters. any is a - special keyword that matches any IP address. - me is a special keyword that matches - any IP address configured on an interface in the &os; - system to represent the PC the firewall is running on. - Example usage includes from me to any, - from any to me, - from 0.0.0.0/0 to any, - from any to 0.0.0.0/0, - from 0.0.0.0 to any, - from any to 0.0.0.0, - and from me to 0.0.0.0. IP addresses - are specified in dotted IP address format followed by the - mask in CIDR notation, or as a single host in dotted IP - address format. This keyword is a mandatory requirement. - The net-mgmt/ipcalc port may be used to - assist the mask calculation. - - port number - - For protocols which support port numbers, such as - TCP and UDP, it - is mandatory to include the port number of the service - that will be matched. Service names from - /etc/services may be used instead - of numeric port values. - - in | out - - Matches incoming or outgoing packets. It is mandatory - that one or the other is included as part of the rule - matching criterion. - - via IF - - Matches packets going through the interface specified - by device name. The via keyword causes - the interface to always be checked as part of the match - process. - - setup - - This mandatory keyword identifies the session start - request for TCP packets. - - keep-state - - This is a mandatory keyword. Upon a match, the - firewall will create a dynamic rule, whose default - behavior is to match bidirectional traffic between source - and destination IP/port using the same protocol. - - limit {src-addr | src-port | dst-addr | - dst-port} - - The firewall will only allow - N connections with the same - set of parameters as specified in the rule. One or more - of source and destination addresses and ports can be - specified. limit and - keep-state can not be used on the same - rule as they provide the same stateful function. - - + The keywords described in this section are used to + describe attributes of the packet to be checked when + determining whether rules match the packet or not. The + following general-purpose attributes are provided for + matching, and must be used in this order: + + udp | tcp | icmp + + Any other protocol names found in + /etc/protocols can be used. The + value specified is the protocol to be matched against. + This is a mandatory keyword. + + from src to dst + + The from and + to keywords are used to match against + IP addresses. Rules must specify + both source and destination + parameters. any is a special keyword + that matches any IP address. me is a + special keyword that matches any IP address configured + on an interface in the &os; system to represent the PC + the firewall is running on. Example usage includes + from me to any, + from any to me, + from 0.0.0.0/0 to any, + from any to 0.0.0.0/0, + from 0.0.0.0 to any, + from any to 0.0.0.0, and + from me to 0.0.0.0. IP addresses + are specified in dotted IP address format followed by + the mask in CIDR notation, or as a single host in dotted + IP address format. This keyword is a mandatory + requirement. The net-mgmt/ipcalc + port may be used to assist the mask calculation. + + port number + + For protocols which support port numbers, such as + TCP and UDP, it is + mandatory to include the port number of the service + that will be matched. Service names from + /etc/services may be used instead + of numeric port values. + + in | out + + Matches incoming or outgoing packets. It is + mandatory that one or the other is included as part of + the rule matching criterion. + + via IF + + Matches packets going through the interface + specified by device name. The via + keyword causes the interface to always be checked as + part of the match process. + + setup + + This mandatory keyword identifies the session start + request for TCP packets. + + keep-state + + This is a mandatory keyword. Upon a match, the + firewall will create a dynamic rule, whose default + behavior is to match bidirectional traffic between + source and destination IP/port using the same + protocol. + + limit {src-addr | src-port | dst-addr | + dst-port} + + The firewall will only allow + N connections with the same + set of parameters as specified in the rule. One or more + of source and destination addresses and ports can be + specified. limit and + keep-state can not be used on the + same rule as they provide the same stateful + function. + + - - Stateful Rule Option - - The check-state option is used to - identify where in the IPFW ruleset the packet is to be - tested against the dynamic rules facility. On a match, the - packet exits the firewall to continue on its way and a new - rule is dynamically created for the next anticipated packet - being exchanged during this session. On a no match, the - packet advances to the next rule in the ruleset for - testing. - - The dynamic rules facility is vulnerable to resource - depletion from a SYN-flood attack which would open a huge - number of dynamic rules. To counter this type of attack - with IPFW, use limit. - This keyword limits the number of simultaneous sessions by - checking that rule's source or destinations fields and using - the packet's IP address in a search of the open dynamic - rules, counting the number of times this rule and IP address - combination occurred. If this count is greater than the - value specified by limit, the packet is - discarded. - - - + + Stateful Rule Option + + The check-state option is used to + identify where in the IPFW + ruleset the packet is to be tested against the dynamic + rules facility. On a match, the packet exits the + firewall to continue on its way and a new rule is + dynamically created for the next anticipated packet + being exchanged during this session. On a no match, the + packet advances to the next rule in the ruleset for + testing. + + The dynamic rules facility is vulnerable to resource + depletion from a SYN-flood attack which would open a + huge number of dynamic rules. To counter this type of + attack with IPFW, use + limit. This keyword limits the + number of simultaneous sessions by checking that rule's + source or destinations fields and using the packet's IP + address in a search of the open dynamic rules, counting + the number of times this rule and IP address + combination occurred. If this count is greater than the + value specified by limit, the packet + is discarded. + + + Logging Firewall Messages @@ -2061,16 +2068,17 @@ ipfw add deny out logging - Even with the logging facility enabled, IPFW will not - generate any rule logging on its own. The firewall - administrator decides which rules in the ruleset will be - logged, and adds the log keyword to those - rules. Normally only deny rules are logged. It is - customary to duplicate the ipfw default deny - everything rule with the log - keyword included as the last rule in the ruleset. This - way, it is possible to see all the packets that did not - match any of the rules in the ruleset. + Even with the logging facility enabled, + IPFW will not generate any rule + logging on its own. The firewall administrator decides + which rules in the ruleset will be logged, and adds the + log keyword to those rules. Normally + only deny rules are logged. It is customary to duplicate + the ipfw default deny everything rule with + the log keyword included as the last rule + in the ruleset. This way, it is possible to see all the + packets that did not match any of the rules in the + ruleset. Logging is a two edged sword. If one is not careful, an over abundance of log data or a DoS attack can fill the @@ -2102,15 +2110,15 @@ ipfw add deny out Building a Rule Script - Most experienced IPFW users create a file containing - the rules and code them in a manner compatible with running - them as a script. The major benefit of doing this is the - firewall rules can be refreshed in mass without the need - of rebooting the system to activate them. This method is - convenient in testing new rules as the procedure can - be executed as many times as needed. Being a script, - symbolic substitution can be used for frequently used - values to be substituted into multiple rules. + Most experienced IPFW users + create a file containing the rules and code them in a manner + compatible with running them as a script. The major benefit + of doing this is the firewall rules can be refreshed in mass + without the need of rebooting the system to activate them. + This method is convenient in testing new rules as the + procedure can be executed as many times as needed. Being a + script, symbolic substitution can be used for frequently + used values to be substituted into multiple rules. This example script is compatible with the syntax used by the &man.sh.1;, &man.csh.1;, and &man.tcsh.1; shells. @@ -2367,12 +2375,13 @@ pif="dc0" # public interface name of There are some additional configuration statements that need to be enabled to activate the NAT - function of IPFW. For a customized kernel, the kernel - configuration file needs + function of IPFW. For a + customized kernel, the kernel configuration file needs option IPDIVERT added to the other IPFIREWALL options. - In addition to the normal IPFW options in + In addition to the normal + IPFW options in /etc/rc.conf, the following are needed: @@ -2380,10 +2389,9 @@ pif="dc0" # public interface name of natd_interface="rl0" # interface name of public Internet NIC natd_flags="-dynamic -m" # -m = preserve port numbers if possible - Utilizing stateful rules with a - divert natd rule complicates the ruleset - logic. The positioning of the - check-state, and + Utilizing stateful rules with a divert + natd rule complicates the ruleset logic. The + positioning of the check-state, and divert natd rules in the ruleset is critical and a new action type is used, called skipto. When using @@ -3442,8 +3450,9 @@ map dc0 10.0.10.0/29 -> 0/32NAT if they match the third rule. Without the FTP proxy, the following - firewall rules would instead be needed. Note that without the proxy, - all ports above 1024 need to be allowed: + firewall rules would instead be needed. Note that without the + proxy, all ports above 1024 need to be + allowed: # Allow out LAN PC client FTP to public Internet # Active and passive modes @@ -3455,13 +3464,13 @@ pass out quick on rl0 proto tcp from any # Active mode let data channel in from FTP server pass in quick on rl0 proto tcp from any to any port = 20 flags S keep state - Whenever the file containing the NAT rules - is edited, run - ipnat with to delete - the current NAT rules and flush the - contents of the dynamic translation table. Include - and specify the name - of the NAT ruleset to load: + Whenever the file containing the NAT + rules is edited, run ipnat with + to delete the current + NAT rules and flush the contents of the + dynamic translation table. Include and + specify the name of the NAT ruleset to + load: &prompt.root; ipnat -CF -f /etc/ipnat.rules @@ -3633,35 +3642,35 @@ sh /etc/ipf.rules.script - Several options are available. When supplied with either for inbound - or for outbound, the command will retrieve - and display the appropriate list of filter rules currently - installed and in use by the kernel. To also see the rule - numbers, include . For example, - ipfstat -on displays the outbound - rules table with rule numbers: + Several options are available. When supplied with either + for inbound or for + outbound, the command will retrieve and display the + appropriate list of filter rules currently installed and in + use by the kernel. To also see the rule numbers, include + . For example, ipfstat + -on displays the outbound rules table with rule + numbers: @1 pass out on xl0 from any to any @2 block out on dc0 from any to any @3 pass out quick on dc0 proto tcp/udp from any to any keep state - Include to - prefix each rule with a count of how - many times the rule was matched. For example, - ipfstat -oh displays the outbound - internal rules table, prefixing each rule with its usage count: + Include to prefix each rule with a + count of how many times the rule was matched. For example, + ipfstat -oh displays the outbound internal + rules table, prefixing each rule with its usage count: 2451423 pass out on xl0 from any to any 354727 block out on dc0 from any to any 430918 pass out quick on dc0 proto tcp/udp from any to any keep state - To display the state table in a format similar to &man.top.1;, use - ipfstat -t. When the firewall is - under attack, this option provides the ability to identify - and see the attacking packets. The optional sub-flags give - the ability to select the destination or source IP, port, or - protocol to be monitored in real time. Refer to - &man.ipfstat.8; for details. + To display the state table in a format similar to + &man.top.1;, use ipfstat -t. When the + firewall is under attack, this option provides the ability to + identify and see the attacking packets. The optional + sub-flags give the ability to select the destination or source + IP, port, or protocol to be monitored in + real time. Refer to &man.ipfstat.8; for details. @@ -3676,16 +3685,17 @@ sh /etc/ipf.rules.script IPF provides - ipmon, which can be used to write the firewall's logging - information in a human readable format. It requires that - options IPFILTER_LOG be first added - to a custom kernel using the instructions in . - - This command is typically run in - daemon mode in order to provide a continuous system log file so that - logging of past events may be reviewed. Since &os; has a built in - &man.syslogd.8; facility to automatically rotate system logs, the default - rc.conf + ipmon, which can be used to write the + firewall's logging information in a human readable format. It + requires that options IPFILTER_LOG be first + added to a custom kernel using the instructions in . + + This command is typically run in daemon mode in order to + provide a continuous system log file so that logging of past + events may be reviewed. Since &os; has a built in + &man.syslogd.8; facility to automatically rotate system logs, + the default rc.conf ipmon_flags statement uses : @@ -3701,20 +3711,19 @@ sh /etc/ipf.rules.scriptOnce the logging facility is enabled in rc.conf and started with service - ipmon start, IPF will only - log the rules which contain the log keyword. The firewall - administrator decides which rules in the ruleset should be - logged and normally - only deny rules are logged. It is customary to include the - log keyword in the - last rule in the ruleset. This makes it possible to see all - the packets that did not match any of the rules in the - ruleset. + ipmon start, IPF will + only log the rules which contain the log + keyword. The firewall administrator decides which rules in + the ruleset should be logged and normally only deny rules are + logged. It is customary to include the + log keyword in the last rule in the + ruleset. This makes it possible to see all the packets that + did not match any of the rules in the ruleset. By default, ipmon -Ds mode uses - local0 as - the logging facility. The following logging levels can be - used to further segregate the logged data: + local0 as the logging facility. The + following logging levels can be used to further segregate the + logged data: LOG_INFO - packets logged using the "log" keyword as the action rather than pass or block. LOG_NOTICE - packets logged which are also passed @@ -3798,11 +3807,13 @@ LOG_ERR - packets which have been logged letters corresponding to any flags that were set. Refer to &man.ipf.5; for a list of letters and their flags. - If the packet is an ICMP packet, there will be two fields - at the end: the first always being icmp and - the next being the ICMP message and sub-message type, - separated by a slash. For example: icmp 3/3 for a port - unreachable message. + If the packet is an ICMP packet, there + will be two fields at the end: the first always being + icmp and the next being the + ICMP message and sub-message type, + separated by a slash. For example: + icmp 3/3 for a port unreachable + message. -     + From owner-svn-doc-all@FreeBSD.ORG Tue Feb 25 19:40:48 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 72D892D6; Tue, 25 Feb 2014 19:40:48 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 5E1251102; Tue, 25 Feb 2014 19:40:48 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1PJemwM079366; Tue, 25 Feb 2014 19:40:48 GMT (envelope-from pluknet@svn.freebsd.org) Received: (from pluknet@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1PJemV0079365; Tue, 25 Feb 2014 19:40:48 GMT (envelope-from pluknet@svn.freebsd.org) Message-Id: <201402251940.s1PJemV0079365@svn.freebsd.org> From: Sergey Kandaurov Date: Tue, 25 Feb 2014 19:40:48 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44058 - head/ru_RU.KOI8-R/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Feb 2014 19:40:48 -0000 Author: pluknet Date: Tue Feb 25 19:40:47 2014 New Revision: 44058 URL: http://svnweb.freebsd.org/changeset/doc/44058 Log: Update translation of release dates. Modified: head/ru_RU.KOI8-R/share/xml/l10n.ent Modified: head/ru_RU.KOI8-R/share/xml/l10n.ent ============================================================================== --- head/ru_RU.KOI8-R/share/xml/l10n.ent Tue Feb 25 19:40:13 2014 (r44057) +++ head/ru_RU.KOI8-R/share/xml/l10n.ent Tue Feb 25 19:40:47 2014 (r44058) @@ -25,7 +25,7 @@ - + @@ -41,7 +41,7 @@ - + @@ -53,7 +53,7 @@ - + From owner-svn-doc-all@FreeBSD.ORG Tue Feb 25 20:03:50 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3FAC48EE; Tue, 25 Feb 2014 20:03:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 2B974130F; Tue, 25 Feb 2014 20:03:50 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1PK3oeu090510; Tue, 25 Feb 2014 20:03:50 GMT (envelope-from pluknet@svn.freebsd.org) Received: (from pluknet@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1PK3oq3090509; Tue, 25 Feb 2014 20:03:50 GMT (envelope-from pluknet@svn.freebsd.org) Message-Id: <201402252003.s1PK3oq3090509@svn.freebsd.org> From: Sergey Kandaurov Date: Tue, 25 Feb 2014 20:03:50 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44059 - head/en_US.ISO8859-1/htdocs/releases X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Feb 2014 20:03:50 -0000 Author: pluknet Date: Tue Feb 25 20:03:49 2014 New Revision: 44059 URL: http://svnweb.freebsd.org/changeset/doc/44059 Log: Fix typo. Modified: head/en_US.ISO8859-1/htdocs/releases/index.xml Modified: head/en_US.ISO8859-1/htdocs/releases/index.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/index.xml Tue Feb 25 19:40:47 2014 (r44058) +++ head/en_US.ISO8859-1/htdocs/releases/index.xml Tue Feb 25 20:03:49 2014 (r44059) @@ -31,7 +31,7 @@

    Currently Supported Releases

    -

    Complete information about the release date, the classifcation +

    Complete information about the release date, the classification type, and the estimated End-Of-Life (EOL) for currently supported releases can be found on the Supported Releases From owner-svn-doc-all@FreeBSD.ORG Tue Feb 25 22:01:30 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D41CD9ED; Tue, 25 Feb 2014 22:01:30 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id BBEAC10C5; Tue, 25 Feb 2014 22:01:30 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1PM1UYm038472; Tue, 25 Feb 2014 22:01:30 GMT (envelope-from pluknet@svn.freebsd.org) Received: (from pluknet@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1PM1UMG038471; Tue, 25 Feb 2014 22:01:30 GMT (envelope-from pluknet@svn.freebsd.org) Message-Id: <201402252201.s1PM1UMG038471@svn.freebsd.org> From: Sergey Kandaurov Date: Tue, 25 Feb 2014 22:01:30 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44060 - head/ru_RU.KOI8-R/htdocs/releases X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Tue, 25 Feb 2014 22:51:14 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Feb 2014 22:01:30 -0000 Author: pluknet Date: Tue Feb 25 22:01:30 2014 New Revision: 44060 URL: http://svnweb.freebsd.org/changeset/doc/44060 Log: MFen: r38209 -> r43583 releases/index.xml / except r41543 Modified: head/ru_RU.KOI8-R/htdocs/releases/index.xml Modified: head/ru_RU.KOI8-R/htdocs/releases/index.xml ============================================================================== --- head/ru_RU.KOI8-R/htdocs/releases/index.xml Tue Feb 25 20:03:49 2014 (r44059) +++ head/ru_RU.KOI8-R/htdocs/releases/index.xml Tue Feb 25 22:01:30 2014 (r44060) @@ -7,108 +7,178 @@ - + &title; $FreeBSD$ - + + 鯏棉旛 FreeBSD - 鯏棉旛 FreeBSD - -

    塹泰 變阻詫不慯 啻踊揺 嘛砥浜 力從嘖冤 FreeBSD, 佻單塢堙 - 嘖卅良淤 靉嗅田良 - 力從嘖妬.

    +

    鯏棉旛 FreeBSD 佻漬惣津妄脊嗔 料 "侑歪嬲塢徇拇 凖棉旛" + "嘖倉拇 侑歪嬲塢徇拇 凖棉旛". 霤叟拱 塢 盲渟 徨吐 佻槌歪不 + 通 佻蒙斛彖堙姪, 怖斈蛭 力忸 從斃嵶腕塢; 徭碗亙 塢 通 + 佻蒙斛彖堙姪, 崚盟摂蛭 侑苗賭嵒彖墮嗔 堆姪 墨林賭彖塢徇亙 + 嘖卅堙派 和力很杜頻.

    + +

    鯏棉旛 堊勃 佻漬惣津妄脊嗔 佻 通不徒慘腕塢 佻陳賭嵋 脇秒賭詫 + 瀕届厖礎貧領亙 妥斛仭嗄腕塢 料 "力厖遡慘拇" "卅營敏杜隣".

    + +

    譱別 掴釦妖淋礎鰭 通 冒崢惑 凖棉攸 掴嘖孃隣 通 侑腕溶墟 + 届厖壮 HTML 料 嘖卅良壇 + 掴釦妖淋礎鰭 凖棉攸.

    + + +

    屠斈錨 佻陳賭嵒彖斗拇 凖棉旛

    + +

    靉摸叢 瀕届厖礎頻 佻 珍堊 忸範珍, 塢侖 嵒珍斗詫 徠斗杜 + 嵒變 通 佻陳賭嵒彖斗挌 料嘖湾歸 徠斗 凖棉斛 料範追墫 + 卅敖徒 靉陳賭嵒彖斗拇 + 凖棉旛 料 嘖卅良壇 + 蚓届厖礎貧領叢 + 妥斛仭嗄腕墮 FreeBSD.

    -

    屠斈品 凖棉

    +

    靉嗅田良 凖棉旛

    -

    鯏棉 &rel.current; (&rel.current.date;) - - 疥藁 : - 蚓届厖礎頻 凖棉敕 : - 鼠都防 佻 孑堊力徊 : - 蚓届厖礎頻 和 双仭卅堽亙 嗜徑途塢溶嘖 : - Readme : - 蚌侑宋姪良 掴佻摸杜頻 - -

    - -

    鯏棉 &rel2.current; (&rel2.current.date;) - - 疥藁 : - 蚓届厖礎頻 凖棉敕 : - 蚓届厖礎頻 和 双仭卅堽亙 嗜徑途塢溶嘖 : - Readme : - 蚌侑宋姪良 掴佻摸杜頻 - -

    - -

    鯏棉 &rel3.current; (&rel3.current.date;) - - 疥藁 : - 蚓届厖礎頻 凖棉敕 : - 蚓届厖礎頻 和 双仭卅堽亙 嗜徑途塢溶嘖 : - Readme : - 蚌侑宋姪良 掴佻摸杜頻 - -

    - -

    簣嘖孃隣 堊勃 佻嗅田良 嗄榻柤壅 冨 彭塹 - FreeBSD-STABLE - FreeBSD-CURRENT. - 靉漬和料 瀕届厖礎頻 料範追墫 料 嘖卅良淤 靉盲淌良 FreeBSD.

    - - -

    靉陳賭嵒彖斗拇 凖棉旛

    - -

    屠斈電 料變挿杜錨 嵒珍斗賄 徠斗 嵒變 通 佻陳賭嵒彖斗挌 料嘖湾歸 - 徠斗 凖棉斛 料範佃墫 料 嘖卅良壇 - 蚓届厖礎貧領叢 - 妥斛仭嗄腕墮 FreeBSD.

    +

    靤歪嬲塢徇拇 凖棉旛

    +

    鯏棉 &rel.current; (&rel.current.date;) + + 疥藁 : + 蚓届厖礎頻 凖棉敕 : + 鼠党僧頻 佻 孑堊力徊 : + 蚓届厖礎頻 和 双仭卅堽亙 + 嗜徑途塢溶嘖 : + Readme : + 蚌侑宋姪良 掴佻摸杜頻 +

    + +

    黌倉拇 侑歪嬲塢徇拇 凖棉旛

    +

    鯏棉 &rel2.current; (&rel2.current.date;) + + 疥藁 : + 蚓届厖礎頻 凖棉敕 : + 鼠党僧頻 佻 孑堊力徊 : + 蚓届厖礎頻 和 双仭卅堽亙 + 嗜徑途塢溶嘖 : + Readme : + 蚌侑宋姪良 掴佻摸杜頻 +

    + +

    鯏棉 &rel3.current; (&rel3.current.date;) + + 疥藁 : + 蚓届厖礎頻 凖棉敕 : + 鼠党僧頻 佻 孑堊力徊 : + 蚓届厖礎頻 和 双仭卅堽亙 + 嗜徑途塢溶嘖 : + Readme : + 蚌侑宋姪良 掴佻摸杜頻 +

    瞠蔦殄 凖棉旛

    -

    輾 侑歪鰐嵒 侑田盟覗墮 彖 力忸 凖棉旛 冒 冨 彭塰 - FreeBSD-STABLE, 堊 - FreeBSD-CURRENT, 冒 徂津 嗄榻柤塹 通 卅斷疎壘彬, 堊 和掵隣 - 佻摸挌 凖棉斛.

    - -

    簗 佻盲淌良 堆姪 佻摸亙 瀕届厖礎鰭 侑話途單 佻椎塹徊 凖棉斛, - 堊勃 通 佻盲淌良 佻摸惑 卅嗤瓶僧頻 忸侖嗚 怠蔦殄 凖棉斛, 佻崛盲篇堊, - 佻單塢堙 卅敖徒 靉椎塹徊 凖棉斛 - 料 Web-啻編.

    - -

    譱別 掴釦妖淋礎鰭 凖棉攸 通 FreeBSD-STABLE FreeBSD-CURRENT - 掴嘖孃隣 通 侑腕溶墟 届厖壮 HTML 料 嘖卅良壇 蚓届厖礎鰭 凖棉攸. 塢 徳別 - 佚夘歪扶途防 和力很兩墫, 良 墟爽狙墫 冨妖療良 嗜嘖湾良 - 卅堆 料 FreeBSD.

    +

    簗 佻盲淌良 卅嗤瓶僧頻 忸侖嗚 怠蔦殄 凖棉斛, 堊勃 堆姪 + 佻摸亙 瀕届厖礎鰭 侑話途單 蛭 佻椎塹徊, 佻崛盲篇堊, 佻單塢堙 + 嘖卅良稚 靉椎塹徊 凖棉斛.

    + +

    簣嘖孃隣 堊勃 佻嗅田良 嗄榻柤壅 冨 彭塹 FreeBSD-STABLE + FreeBSD-CURRENT. + 靉漬和料 瀕届厖礎頻 料範追墫 料 嘖卅良淤 靉盲淌良 FreeBSD.

    - -

    靤枳拇 凖棉旛

    + +

    靤田拂斈錨 凖棉旛 佻陳賭嵋亙

    + + +

    靤田拂斈錨 凖棉旛, 掴嘖蒜柯 亘藁涸良 嘔亘 嵒變

    + +

    靉摸叢 瓶塹夘淌嗚叢 瀕届厖礎頻 佻 珍堊 忸範珍, 塢侖 + 榮禿穆夫力葉 徠斗杜 嵒變 通 榑蛭 凖棉斛 料範追墫 卅敖徒 + 酖佻陳賭嵒彖斗拇 + 凖棉旛 料 嘖卅良壇 蚓届厖礎貧領叢 + 妥斛仭嗄腕墮 FreeBSD.

    + +
      +
    • 9.0 (駑彖曼 2012) + + 疥藁: + 蚓届厖礎頻 + 凖棉敕: + 鼠党僧頻 + 佻 孑堊力徊 : + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: + Readme: + 蚌侑宋姪良 + 掴佻摸杜頻 + +
      • + +
    • 8.2 (翕徠遡 2011) + + 疥藁: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: + Readme: + 蚌侑宋姪良 + 掴佻摸杜頻 + +
      • +
    • 8.1 (蘋蒙 2010) 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 - 嗜徑途塢溶嘖: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: Readme: 蚌侑宋姪良 掴佻摸杜頻 @@ -118,21 +188,36 @@
    • 8.0 (醢兮曼 2009) 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 - 嗜徑途塢溶嘖: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: Readme: 蚌侑宋姪良 掴佻摸杜頻
      • +
    • 7.4 (翕徠遡 2011) + + 疥藁: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: + Readme: + 蚌侑宋姪良 + 掴佻摸杜頻 + +
      • +
    • 7.3 (軈參 2010) 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 - 嗜徑途塢溶嘖: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: Readme: 蚌侑宋姪良 掴佻摸杜頻 @@ -142,9 +227,10 @@
    • 7.2 (軈 2009) 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 - 嗜徑途塢溶嘖: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: Readme: 蚌侑宋姪良 掴佻摸杜頻 @@ -154,9 +240,10 @@
    • 7.1 (駑彖曼 2009) 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 - 嗜徑途塢溶嘖: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: Readme: 蚌侑宋姪良 掴佻摸杜頻 @@ -166,9 +253,10 @@
    • 7.0 (翕徠遡 2008) 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 - 嗜徑途塢溶嘖: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: Readme: 蚌侑宋姪良 掴佻摸杜頻 @@ -178,11 +266,12 @@
    • 6.4 (醢兮曼 2008) 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 - 嗜徑途塢溶嘖: - 鼠党僧頻 佻 - 孑堊力徊: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: + 鼠党僧頻 + 佻 孑堊力徊: Readme: 蚌侑宋姪良 掴佻摸杜頻 @@ -192,11 +281,12 @@
    • 6.3 (駑彖曼 2008) 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 - 嗜徑途塢溶嘖: - 鼠党僧頻 佻 - 孑堊力徊: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: + 鼠党僧頻 + 佻 孑堊力徊: Readme: 蚌侑宋姪良 掴佻摸杜頻 @@ -206,11 +296,12 @@
    • 6.2 (駑彖曼 2007) 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 - 嗜徑途塢溶嘖: - 鼠党僧頻 佻 - 孑堊力徊: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: + 鼠党僧頻 + 佻 孑堊力徊: Readme: 蚌侑宋姪良 掴佻摸杜頻 @@ -220,406 +311,495 @@
    • 6.1 (軈 2006) 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 - 嗜徑途塢溶嘖: - 鼠党僧頻 佻 - 孑堊力徊: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: + 鼠党僧頻 + 佻 孑堊力徊: Readme: 蚌侑宋姪良 掴佻摸杜頻
      • -
    • 6.0 (醢兮曼 2005) - - 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 - 嗜徑途塢溶嘖: - 鼠党僧頻 佻 - 孑堊力徊: - Readme: - 蚌侑宋姪良 - 掴佻摸杜頻: - -
      • - -
    • 5.5 (軈 2006) - - 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 - 嗜徑途塢溶嘖: - 鼠党僧頻 佻 - 孑堊力徊: - Readme: - 蚌侑宋姪良 - 掴佻摸杜頻: - -
      • - -
    • 5.4 (軈 2005) - - 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 - 嗜徑途塢溶嘖: - 鼠党僧頻 佻 - 孑堊力徊: - Readme: - 蚌侑宋姪良 - 掴佻摸杜頻: - 鰌墨從柘墸 佻 - 和力很杜廟 - -
      • - -
    • 5.3 (醢兮曼 2004) - - 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 - 嗜徑途塢溶嘖: - 鼠党僧頻 佻 - 孑堊力徊: - Readme: - 蚌侑宋姪良 - 掴佻摸杜頻: - 鰌墨從柘墸 佻 - 和力很杜廟 - -
      • - -
    • 5.2.1 (翕徠遡 2004) - - 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 - 嗜徑途塢溶嘖: - 鼠都防 佻 孑堊力徊: - Readme: - 蚌侑宋姪良 - 掴佻摸杜頻: - 鰌墨從柘墸 通 - 料淺料摂蛭 - -
      • - -
    • 5.2 (駑彖曼 2004) - - 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 - 嗜徑途塢溶嘖: - 鼠都防 佻 孑堊力徊: - Readme: - 蚌侑宋姪良 - 掴佻摸杜頻: - 鰌墨從柘墸 通 - 料淺料摂蛭 - -
      • - -
    • 5.1 (蘋輪 2003) - - 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 - 嗜徑途塢溶嘖: - 鼠都防 佻 孑堊力徊: - Readme: - 蚌侑宋姪良 - 掴佻摸杜頻: - 鰌墨從柘墸 通 - 料淺料摂蛭 - -
      • - -
    • 5.0 (駑彖曼 2003) - - 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 嗜徑途塢溶嘖: - 鼠都防 佻 孑堊力徊: - Readme: - 蚌侑宋姪良 掴佻摸杜頻: - 鰌墨從柘墸 通 料淺料摂蛭 - -
      • - -
    • 4.11 (駑彖曼 2004) - - 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 嗜徑途塢溶嘖: - 鼠都防 佻 孑堊力徊: - Readme: - 蚌侑宋姪良 掴佻摸杜頻 - -
      • - -
    • 4.10 (軈 2004) - - 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 嗜徑途塢溶嘖: - 鼠都防 佻 孑堊力徊: - Readme: - 蚌侑宋姪良 掴佻摸杜頻 - -
      • - -
    • 4.9 (鑠墹岱 2003) - - 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 嗜徑途塢溶嘖: - 鼠都防 佻 孑堊力徊: - Readme: - 蚌侑宋姪良 掴佻摸杜頻 - -
      • - -
    • 4.8 (痂凖蒙 2003) - - 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 嗜徑途塢溶嘖: - 鼠都防 佻 孑堊力徊: - Readme: - 蚌侑宋姪良 掴佻摸杜頻 - -
      • - -
    • 4.7 (鑠墹岱 2002) - - 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 嗜徑途塢溶嘖: - 鼠都防 佻 孑堊力徊: - Readme: - 蚌侑宋姪良 掴佻摸杜頻 - -
      • - -
    • 4.6.2 (疱杯嘖 2002) - - 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 嗜徑途塢溶嘖: - Readme: - 蚌侑宋姪良 掴佻摸杜頻 - -
      • - -
    • 4.6 (蘋輪 2002) - - 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 嗜徑途塢溶嘖: - 鼠都防 佻 孑堊力徊: - 蚌侑宋姪良 掴佻摸杜頻 - -
      • - -
    • 4.5 (駑彖曼 2002) - - 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 嗜徑途塢溶嘖: - 蚌侑宋姪良 掴佻摸杜頻 - -
      • - -
    • 4.4 (鹽淋兮曼 2001) - - 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚓届厖礎頻 和 双仭卅堽亙 嗜徑途塢溶嘖 : - 蚌侑宋姪良 掴佻摸杜頻 - -
      • - -
    • 4.3 (痂凖蒙 2001) - - 疥藁: - 蚓届厖礎頻 凖棉敕: - 蚌侑宋姪良 掴佻摸杜頻 - -
      • - -
    • 4.2 (醢兮曼 2000) - - 疥藁 : - 蚓届厖礎頻 凖棉敕 : - 蚌侑宋姪良 掴佻摸杜頻 - -
      • - -
    • 4.1.1 (鹽淋兮曼 2000) - - 疥藁 : - 蚓届厖礎頻 凖棉敕 : - 蚌侑宋姪良 掴佻摸杜頻 - -
      • - -
    • 4.1 (蘋蒙 2000) - - 疥藁 : - 蚓届厖礎頻 凖棉敕 : - 蚌侑宋姪良 掴佻摸杜頻 - -
      • - -
    • 4.0 (軈參 2000) - - 疥藁 : - 蚓届厖礎頻 凖棉敕 : - 蚌侑宋姪良 掴佻摸杜頻 - -
      • - -
    • 3.5 (蘋輪 2000) - - 疥藁 : - 蚓届厖礎頻 凖棉敕 : - 蚌侑宋姪良 掴佻摸杜頻 - -
      • - -
    • 3.4 (篥冒岱 1999) - - 疥藁 : - 蚓届厖礎頻 凖棉敕 : - 蚌侑宋姪良 掴佻摸杜頻 - -
      • - -
    • 3.3 (鹽淋兮曼 1999) - - 疥藁 : - 蚓届厖礎頻 凖棉敕 : - 蚌侑宋姪良 掴佻摸杜頻 - -
      • +
    • 6.0 (醢兮曼 2005) + + 疥藁: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: + 鼠党僧頻 + 佻 孑堊力徊: + Readme: + 蚌侑宋姪良 + 掴佻摸杜頻: + +
      • + +
    • 5.5 (軈 2006) + + 疥藁: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: + 鼠党僧頻 + 佻 孑堊力徊: + Readme: + 蚌侑宋姪良 + 掴佻摸杜頻: + +
      • + +
    • 5.4 (軈 2005) + + 疥藁: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: + 鼠党僧頻 + 佻 孑堊力徊: + Readme: + 蚌侑宋姪良 + 掴佻摸杜頻: + 鰌墨從柘墸 + 佻 和力很杜廟 + +
      • + +
    • 5.3 (醢兮曼 2004) + + 疥藁: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: + 鼠党僧頻 + 佻 孑堊力徊: + Readme: + 蚌侑宋姪良 + 掴佻摸杜頻: + 鰌墨從柘墸 + 佻 和力很杜廟 + +
      • + +
    • 5.2.1 (翕徠遡 2004) + + 疥藁: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: + 鼠都防 + 佻 孑堊力徊: + Readme: + 蚌侑宋姪良 + 掴佻摸杜頻: + 鰌墨從柘墸 + 通 料淺料摂蛭 + +
      • + +
    • 5.2 (駑彖曼 2004) + + 疥藁: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: + 鼠都防 + 佻 孑堊力徊: + Readme: + 蚌侑宋姪良 + 掴佻摸杜頻: + 鰌墨從柘墸 + 通 料淺料摂蛭 + +
      • + +
    • 5.1 (蘋輪 2003) + + 疥藁: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: + 鼠都防 + 佻 孑堊力徊: + Readme: + 蚌侑宋姪良 + 掴佻摸杜頻: + 鰌墨從柘墸 + 通 料淺料摂蛭 + +
      • + +
    • 5.0 (駑彖曼 2003) + + 疥藁: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: + 鼠都防 + 佻 孑堊力徊: + Readme: + 蚌侑宋姪良 + 掴佻摸杜頻: + 鰌墨從柘墸 + 通 料淺料摂蛭 + +
      • + +
    • 4.11 (駑彖曼 2004) + + 疥藁: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: + 鼠都防 + 佻 孑堊力徊: + Readme: + 蚌侑宋姪良 + 掴佻摸杜頻 + +
      • + +
    • 4.10 (軈 2004) + + 疥藁: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: + 鼠都防 + 佻 孑堊力徊: + Readme: + 蚌侑宋姪良 + 掴佻摸杜頻 + +
      • + +
    • 4.9 (鑠墹岱 2003) + + 疥藁: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: + 鼠都防 + 佻 孑堊力徊: + Readme: + 蚌侑宋姪良 + 掴佻摸杜頻 + +
      • + +
    • 4.8 (痂凖蒙 2003) + + 疥藁: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: + 鼠都防 + 佻 孑堊力徊: + Readme: + 蚌侑宋姪良 + 掴佻摸杜頻 + +
      • + +
    • 4.7 (鑠墹岱 2002) + + 疥藁: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: + 鼠都防 + 佻 孑堊力徊: + Readme: + 蚌侑宋姪良 + 掴佻摸杜頻 + +
      • + +
    • 4.6.2 (疱杯嘖 2002) + + 疥藁: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: + Readme: + 蚌侑宋姪良 + 掴佻摸杜頻 + +
      • + +
    • 4.6 (蘋輪 2002) + + 疥藁: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: + 鼠都防 + 佻 孑堊力徊: + 蚌侑宋姪良 + 掴佻摸杜頻 + +
      • + +
    • 4.5 (駑彖曼 2002) + + 疥藁: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖: + 蚌侑宋姪良 + 掴佻摸杜頻 + +
      • + +
    • 4.4 (鹽淋兮曼 2001) + + 疥藁: + 蚓届厖礎頻 + 凖棉敕: + 蚓届厖礎頻 + 和 双仭卅堽亙 嗜徑途塢溶嘖 : + 蚌侑宋姪良 + 掴佻摸杜頻 + +
      • + +
    • 4.3 (痂凖蒙 2001) + + 疥藁: + 蚓届厖礎頻 + 凖棉敕: + 蚌侑宋姪良 + 掴佻摸杜頻 + +
      • + +
    • 4.2 (醢兮曼 2000) + + 疥藁 : + 蚓届厖礎頻 + 凖棉敕 : + 蚌侑宋姪良 + 掴佻摸杜頻 + +
      • -
    • 3.2 (軈 1999) +
    • 4.1.1 (鹽淋兮曼 2000) + + 疥藁 : + 蚓届厖礎頻 + 凖棉敕 : + 蚌侑宋姪良 + 掴佻摸杜頻 + +
      • + +
    • 4.1 (蘋蒙 2000) + + 疥藁 : + 蚓届厖礎頻 + 凖棉敕 : + 蚌侑宋姪良 + 掴佻摸杜頻 + +
      • + +
    • 4.0 (軈參 2000) + + 疥藁 : + 蚓届厖礎頻 + 凖棉敕 : + 蚌侑宋姪良 + 掴佻摸杜頻 + +
      • *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Wed Feb 26 01:08:17 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8A6D8246; Wed, 26 Feb 2014 01:08:17 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 741BA111A; Wed, 26 Feb 2014 01:08:17 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1Q18HTv014668; Wed, 26 Feb 2014 01:08:17 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1Q18H5m014667; Wed, 26 Feb 2014 01:08:17 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201402260108.s1Q18H5m014667@svn.freebsd.org> From: Warren Block Date: Wed, 26 Feb 2014 01:08:17 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44061 - head/en_US.ISO8859-1/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Feb 2014 01:08:17 -0000 Author: wblock Date: Wed Feb 26 01:08:16 2014 New Revision: 44061 URL: http://svnweb.freebsd.org/changeset/doc/44061 Log: Correct "svn" to Subversion when talking about the application, add tags around protocol entries like svn, http, https, add markup to some acronyms. Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Tue Feb 25 22:01:30 2014 (r44060) +++ head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Wed Feb 26 01:08:16 2014 (r44061) @@ -621,9 +621,9 @@ Comment out for now until these can be v xlink:href="http://svnweb.FreeBSD.org/">http://svnweb.FreeBSD.org/. - The &os; svn mirror network is still in its early days, + The &os; Subversion mirror network is still in its early days, and will likely change. Do not count on this list of mirrors - being static. In particular, the SSL certificates of the + being static. In particular, the SSL certificates of the servers will likely change at some point. @@ -641,7 +641,7 @@ Comment out for now until these can be v Location - SSL fingerprint + SSL Fingerprint @@ -650,10 +650,10 @@ Comment out for now until these can be v svn0.us-west.FreeBSD.org - svn, http, + svn, http, https + xlink:href="https://svn0.us-west.FreeBSD.org/">https USA, California @@ -665,10 +665,10 @@ Comment out for now until these can be v svn0.us-east.FreeBSD.org - svn, http, + svn, http, https, + xlink:href="https://svn0.us-east.FreeBSD.org/">https, rsync USA, New Jersey @@ -681,10 +681,10 @@ Comment out for now until these can be v svn0.eu.FreeBSD.org - svn, http, + svn, http, https, + xlink:href="https://svn0.eu.FreeBSD.org/">https, rsync Europe, UK @@ -728,10 +728,10 @@ Certificate information: the user will not be asked to verify the fingerprint again until the certificate expires. - If HTTPS cannot be used due to firewall - or other problems, SVN is the next choice, + If https cannot be used due to firewall + or other problems, svn is the next choice, with slightly faster transfers. When neither can be used, use - HTTP. + HTTP. From owner-svn-doc-all@FreeBSD.ORG Wed Feb 26 01:18:04 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0D5A2680; Wed, 26 Feb 2014 01:18:04 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id E009F11D3; Wed, 26 Feb 2014 01:18:03 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1Q1I3XA018995; Wed, 26 Feb 2014 01:18:03 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1Q1I3IG018994; Wed, 26 Feb 2014 01:18:03 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201402260118.s1Q1I3IG018994@svn.freebsd.org> From: Warren Block Date: Wed, 26 Feb 2014 01:18:03 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44062 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Feb 2014 01:18:04 -0000 Author: wblock Date: Wed Feb 26 01:18:03 2014 New Revision: 44062 URL: http://svnweb.freebsd.org/changeset/doc/44062 Log: Replace markup with inside the growing disks section. Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Feb 26 01:08:16 2014 (r44061) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Feb 26 01:18:03 2014 (r44062) @@ -295,7 +295,7 @@ List the partitions on the disk to see the current configuration: - &prompt.root; gpart show ada0 + &prompt.root; gpart show ada0 => 34 83886013 ada0 GPT (48G) [CORRUPT] 34 128 1 freebsd-boot (64k) 162 79691648 2 freebsd-ufs (38G) @@ -312,7 +312,7 @@ partition table with gpart: - &prompt.root; gpart recover ada0 + &prompt.root; gpart recover ada0 ada0 recovered @@ -320,7 +320,7 @@ ada0 recovered use by a new partition, or an existing partition can be expanded: - &prompt.root; gpart show ada0 + &prompt.root; gpart show ada0 => 34 102399933 ada0 GPT (48G) 34 128 1 freebsd-boot (64k) 162 79691648 2 freebsd-ufs (38G) @@ -334,10 +334,10 @@ ada0 recovered unmounted, deleted, and then recreated after resizing other partitions. - &prompt.root; swapoff /dev/ada0p3 -&prompt.root; gpart delete -i 3 ada0 + &prompt.root; swapoff /dev/ada0p3 +&prompt.root; gpart delete -i 3 ada0 ada0p3 deleted -&prompt.root; gpart show ada0 +&prompt.root; gpart show ada0 => 34 102399933 ada0 GPT (48G) 34 128 1 freebsd-boot (64k) 162 79691648 2 freebsd-ufs (38G) @@ -352,7 +352,7 @@ ada0p3 deleted system can be resized after disabling GEOM safety features: - &prompt.root; sysctl kern.geom.debugflags=16 + &prompt.root; sysctl kern.geom.debugflags=16 Resize the partition, leaving room to recreate a swap @@ -360,9 +360,9 @@ ada0p3 deleted the partition. The file system in the partition will be expanded in a separate step. - &prompt.root; gpart resize -i 2 -a 4k -s 47G ada0 + &prompt.root; gpart resize -i 2 -a 4k -s 47G ada0 ada0p2 resized -&prompt.root; gpart show ada0 +&prompt.root; gpart show ada0 => 34 102399933 ada0 GPT (48G) 34 128 1 freebsd-boot (64k) 162 98566144 2 freebsd-ufs (47G) @@ -370,14 +370,14 @@ ada0p2 resized Recreate the swap partition: - &prompt.root; gpart add -t freebsd-swap -a 4k ada0 + &prompt.root; gpart add -t freebsd-swap -a 4k ada0 ada0p3 added -&prompt.root; gpart show ada0 +&prompt.root; gpart show ada0 => 34 102399933 ada0 GPT (48G) 34 128 1 freebsd-boot (64k) 162 98566144 2 freebsd-ufs (47G) 98566306 3833661 3 freebsd-swap (1.8G) -&prompt.root; swapon /dev/ada0p3 +&prompt.root; swapon /dev/ada0p3 Grow the UFS file system to use the new capacity of the resized partition: @@ -388,7 +388,7 @@ ada0p3 added versions, the file system must not be mounted. - &prompt.root; growfs /dev/ada0p2 + &prompt.root; growfs /dev/ada0p2 Device is mounted read-write; resizing will result in temporary write suspension for /. It's strongly recommended to make a backup before growing the file system. OK to grow file system on /dev/ada0p2, mounted on /, from 38GB to 47GB? [Yes/No] Yes From owner-svn-doc-all@FreeBSD.ORG Wed Feb 26 01:36:00 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 56B3D283; Wed, 26 Feb 2014 01:36:00 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 42257146A; Wed, 26 Feb 2014 01:36:00 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1Q1a0hL026702; Wed, 26 Feb 2014 01:36:00 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1Q1a0W3026701; Wed, 26 Feb 2014 01:36:00 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201402260136.s1Q1a0W3026701@svn.freebsd.org> From: Warren Block Date: Wed, 26 Feb 2014 01:36:00 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44063 - head/en_US.ISO8859-1/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Feb 2014 01:36:00 -0000 Author: wblock Date: Wed Feb 26 01:35:59 2014 New Revision: 44063 URL: http://svnweb.freebsd.org/changeset/doc/44063 Log: Fix reference to "http" as a lowercase literal to be consistent with the previous sentence. Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Wed Feb 26 01:18:03 2014 (r44062) +++ head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Wed Feb 26 01:35:59 2014 (r44063) @@ -731,7 +731,7 @@ Certificate information: If https cannot be used due to firewall or other problems, svn is the next choice, with slightly faster transfers. When neither can be used, use - HTTP. + http. From owner-svn-doc-all@FreeBSD.ORG Wed Feb 26 03:19:37 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6F79848B; Wed, 26 Feb 2014 03:19:37 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 50ED312BE; Wed, 26 Feb 2014 03:19:37 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1Q3JbWm069107; Wed, 26 Feb 2014 03:19:37 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1Q3JbmO069106; Wed, 26 Feb 2014 03:19:37 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201402260319.s1Q3JbmO069106@svn.freebsd.org> From: Warren Block Date: Wed, 26 Feb 2014 03:19:37 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44065 - head/en_US.ISO8859-1/books/fdp-primer/xml-primer X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Feb 2014 03:19:37 -0000 Author: wblock Date: Wed Feb 26 03:19:36 2014 New Revision: 44065 URL: http://svnweb.freebsd.org/changeset/doc/44065 Log: Restore tags lost after DocBook 5 conversion. Modified: head/en_US.ISO8859-1/books/fdp-primer/xml-primer/chapter.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/xml-primer/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/xml-primer/chapter.xml Wed Feb 26 02:33:59 2014 (r44064) +++ head/en_US.ISO8859-1/books/fdp-primer/xml-primer/chapter.xml Wed Feb 26 03:19:36 2014 (r44065) @@ -312,7 +312,7 @@ An element's attributes are written inside the start tag for that element, and take the form - attribute-name="attribute-value". + attribute-name="attribute-value". In XHTML, the p element has an attribute called @@ -615,9 +615,9 @@ example.xml:5: element head: validity er superset) of XML. Otherwise, this string will either look like - -//Owner + -//Owner or - +//Owner + +//Owner (notice the only difference is the leading + or -). @@ -898,7 +898,7 @@ example.xml:5: element head: validity er To include the text of a general entity in the document, include - &entity-name; + &entity-name; in the text. For example, consider a general entity called current.version which expands to the current version number of a product. To use it in the @@ -962,7 +962,7 @@ example.xml:5: element head: validity er Parameter entity definitons are similar to those for general entities. However, parameter entries are included with - %entity-name;. + %entity-name;. The definition also includes the % between the ENTITY keyword and the name of the entity. @@ -1226,7 +1226,7 @@ example.xml:5: element head: validity er Load example.html into the web browser and confirm that the - paran.xml + paran.xml files have been included in example.html. @@ -1287,7 +1287,7 @@ example.xml:5: element head: validity er Load example.html into the web browser and confirm that the - paran.xml + paran.xml files have been included in example.html. From owner-svn-doc-all@FreeBSD.ORG Wed Feb 26 03:26:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9532980D; Wed, 26 Feb 2014 03:26:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 6816A1346; Wed, 26 Feb 2014 03:26:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1Q3QAb0072762; Wed, 26 Feb 2014 03:26:10 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1Q3QAM4072761; Wed, 26 Feb 2014 03:26:10 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201402260326.s1Q3QAM4072761@svn.freebsd.org> From: Warren Block Date: Wed, 26 Feb 2014 03:26:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44067 - head/en_US.ISO8859-1/books/fdp-primer/structure X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Feb 2014 03:26:10 -0000 Author: wblock Date: Wed Feb 26 03:26:09 2014 New Revision: 44067 URL: http://svnweb.freebsd.org/changeset/doc/44067 Log: Restore tags lost in the DocBook5 conversion. Modified: head/en_US.ISO8859-1/books/fdp-primer/structure/chapter.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/structure/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/structure/chapter.xml Wed Feb 26 03:21:15 2014 (r44066) +++ head/en_US.ISO8859-1/books/fdp-primer/structure/chapter.xml Wed Feb 26 03:26:09 2014 (r44067) @@ -94,7 +94,8 @@ - lang.encoding + lang.encoding One directory exists for each available translation and encoding of the documentation, for example @@ -114,7 +115,7 @@ The - <filename>lang.encoding/</filename> + <filename><replaceable>lang</replaceable>.<replaceable>encoding</replaceable>/</filename> Directories These directories contain the documents themselves. The @@ -158,7 +159,7 @@ man For translations of the system manual pages. This - directory will contain one or more mann + directory will contain one or more mann directories, corresponding to the sections that have been translated. @@ -166,7 +167,7 @@ - Not every lang.encoding + Not every lang.encoding directory will have all of these subdirectories. It depends on how much translation has been accomplished by that translation team. @@ -236,7 +237,7 @@ - <filename>directory/chapter.xml</filename> + <filename role="directory"><replaceable>directory</replaceable>/chapter.xml</filename> Each chapter in the Handbook is stored in a file called chapter.xml in a separate From owner-svn-doc-all@FreeBSD.ORG Wed Feb 26 03:21:16 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7F58756C; Wed, 26 Feb 2014 03:21:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 6C47412C6; Wed, 26 Feb 2014 03:21:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1Q3LGMG071044; Wed, 26 Feb 2014 03:21:16 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1Q3LGVA071043; Wed, 26 Feb 2014 03:21:16 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201402260321.s1Q3LGVA071043@svn.freebsd.org> From: Warren Block Date: Wed, 26 Feb 2014 03:21:16 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44066 - head/en_US.ISO8859-1/books/fdp-primer/editor-config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Feb 2014 03:21:16 -0000 Author: wblock Date: Wed Feb 26 03:21:15 2014 New Revision: 44066 URL: http://svnweb.freebsd.org/changeset/doc/44066 Log: Restore tags lost after DocBook 5 conversion. Modified: head/en_US.ISO8859-1/books/fdp-primer/editor-config/chapter.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/editor-config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/editor-config/chapter.xml Wed Feb 26 03:19:36 2014 (r44065) +++ head/en_US.ISO8859-1/books/fdp-primer/editor-config/chapter.xml Wed Feb 26 03:21:15 2014 (r44066) @@ -117,7 +117,7 @@ color ,yellow "^(.{71})|(TAB.{63})|(TAB{ Specify additional helpful options when running the editor: - &prompt.user; nano -AKipwz -r 70 -T8 chapter.xml + &prompt.user; nano -AKipwz -r 70 -T8 chapter.xml Users of &man.csh.1; can define an alias in ~/.cshrc to automate these @@ -128,7 +128,7 @@ color ,yellow "^(.{71})|(TAB.{63})|(TAB{ After the alias is defined, the options will be added automatically: - &prompt.user; nano chapter.xml + &prompt.user; nano chapter.xml From owner-svn-doc-all@FreeBSD.ORG Wed Feb 26 03:50:59 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 50F64382; Wed, 26 Feb 2014 03:50:59 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 323F51516; Wed, 26 Feb 2014 03:50:59 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1Q3oxgW082121; Wed, 26 Feb 2014 03:50:59 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1Q3owtx082115; Wed, 26 Feb 2014 03:50:58 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201402260350.s1Q3owtx082115@svn.freebsd.org> From: Warren Block Date: Wed, 26 Feb 2014 03:50:58 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44069 - in head/en_US.ISO8859-1/books/fdp-primer: docbook-markup examples overview the-website translations X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Feb 2014 03:50:59 -0000 Author: wblock Date: Wed Feb 26 03:50:57 2014 New Revision: 44069 URL: http://svnweb.freebsd.org/changeset/doc/44069 Log: Restore tags lost during the DocBook5 conversion. Modified: head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml head/en_US.ISO8859-1/books/fdp-primer/examples/appendix.xml head/en_US.ISO8859-1/books/fdp-primer/overview/chapter.xml head/en_US.ISO8859-1/books/fdp-primer/the-website/chapter.xml head/en_US.ISO8859-1/books/fdp-primer/translations/chapter.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Wed Feb 26 03:27:51 2014 (r44068) +++ head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Wed Feb 26 03:50:57 2014 (r44069) @@ -196,7 +196,7 @@ - &man.command.sectionnumber; + &man.command.sectionnumber; link to command manual page in section @@ -232,7 +232,7 @@ - &a.listname; + &a.listname; link to listname Entities are defined for all the - &url.books.bookname; + &url.books.bookname; relative path to bookname Entities are defined for all the - &url.articles.articlename; + &url.articles.articlename; relative path to articlename Entities are defined for all the general entities have been created to make this easier. Each entity takes the form - &man.manual-page.manual-section;. + &man.manual-page.manual-section;. The file that contains these entities is in doc/share/xml/man-refs.ent, and can be @@ -1497,7 +1497,7 @@ This is the file called 'foo2' When referring to the same command multiple times in close proximity, it is preferred to use the - &man.command.section; + &man.command.section; notation to markup the first reference and use command to markup subsequent references. This makes the generated output, especially @@ -1549,7 +1549,7 @@ This is the file called 'foo2' Notice how the - &man.command.section; + &man.command.section; notation is easier to follow. @@ -1980,7 +1980,7 @@ This is the file called 'foo2' Appearance: The - maxusers n + maxusers n line in the kernel configuration file determines the size of many system tables, and is a rough guide to how many simultaneous logins the system will support. Modified: head/en_US.ISO8859-1/books/fdp-primer/examples/appendix.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/examples/appendix.xml Wed Feb 26 03:27:51 2014 (r44068) +++ head/en_US.ISO8859-1/books/fdp-primer/examples/appendix.xml Wed Feb 26 03:50:57 2014 (r44069) @@ -171,7 +171,7 @@ -c /usr/local/share/xml/docbook/catalog \ -c /usr/local/share/xml/jade/catalog \ -d /usr/local/share/xml/docbook/dsssl/modular/html/docbook.dsl \ - -t sgml file.xml > file.html + -t sgml file.xml > file.html @@ -226,7 +226,7 @@ -c /usr/local/share/xml/docbook/catalog \ -c /usr/local/share/xml/jade/catalog \ -d /usr/local/share/xml/docbook/dsssl/modular/html/docbook.dsl \ - -t sgml file.xml + -t sgml file.xml @@ -283,7 +283,7 @@ -c /usr/local/share/xml/docbook/catalog \ -c /usr/local/share/xml/jade/catalog \ -d /usr/local/share/xml/docbook/dsssl/modular/print/docbook.dsl \ - -t tex file.xml + -t tex file.xml @@ -319,7 +319,7 @@ run through tex, specifying the &jadetex macro package. - &prompt.user; tex "&jadetex" file.tex + &prompt.user; tex "&jadetex" file.tex tex commands must be run at least three times. The first run @@ -341,12 +341,12 @@ necessary. The output from this stage will be - file.dvi. + file.dvi. Finally, run dvips to convert the .dvi file to &postscript;. - &prompt.user; dvips -o file.ps file.dvi + &prompt.user; dvips -o file.ps file.dvi @@ -361,12 +361,12 @@ However, use the &pdfjadetex macro package instead. - &prompt.user; pdftex "&pdfjadetex" file.tex + &prompt.user; pdftex "&pdfjadetex" file.tex Again, run this command three times. This will generate - file.pdf, + file.pdf, which does not need to be processed any further. Modified: head/en_US.ISO8859-1/books/fdp-primer/overview/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/overview/chapter.xml Wed Feb 26 03:27:51 2014 (r44068) +++ head/en_US.ISO8859-1/books/fdp-primer/overview/chapter.xml Wed Feb 26 03:50:57 2014 (r44069) @@ -156,7 +156,7 @@ ~/doc (see ). - &prompt.user; svn checkout https://svn0.us-west.FreeBSD.org/doc/head ~/doc + &prompt.user; svn checkout https://svn0.us-west.FreeBSD.org/doc/head ~/doc @@ -184,7 +184,7 @@ Update the local working copy: - &prompt.user; svn up ~/doc + &prompt.user; svn up ~/doc @@ -224,7 +224,7 @@ diff file: &prompt.user; cd /usr/doc -&prompt.user; svn diff > bsdinstall.diff.txt +&prompt.user; svn diff > bsdinstall.diff.txt Give the diff file a descriptive name. In the example above, changes have been made to the Modified: head/en_US.ISO8859-1/books/fdp-primer/the-website/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/the-website/chapter.xml Wed Feb 26 03:27:51 2014 (r44068) +++ head/en_US.ISO8859-1/books/fdp-primer/the-website/chapter.xml Wed Feb 26 03:50:57 2014 (r44069) @@ -38,7 +38,7 @@ Having obtained the documentation and web site source files, the web site can be built. In this example, the build directory - is ~/doc + is ~/doc and all the required files are already in place. The web site is built from the @@ -76,7 +76,7 @@ jru in their home directory, /usr/home/jru/doc. &prompt.root; cd /home/jru/doc/en_US.ISO8859-1/htdocs -&prompt.root; env DESTDIR=/usr/local/www make install +&prompt.root; env DESTDIR=/usr/local/www make install The install process will not delete any old or outdated files that existed previously in the same directory. If a new @@ -84,7 +84,7 @@ will find and delete all files that have not been updated in three days. - &prompt.root; find /usr/local/www -ctime 3 -delete + &prompt.root; find /usr/local/www -ctime 3 -delete @@ -129,7 +129,7 @@ If set, build or install only for the languages - specified by this variable inside the ~/doc + specified by this variable inside the ~/doc directory. All other languages except English will be ignored. E.g.: Modified: head/en_US.ISO8859-1/books/fdp-primer/translations/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/translations/chapter.xml Wed Feb 26 03:27:51 2014 (r44068) +++ head/en_US.ISO8859-1/books/fdp-primer/translations/chapter.xml Wed Feb 26 03:50:57 2014 (r44069) @@ -135,7 +135,7 @@ copy of the FreeBSD Subversion repository (at least the documentation part). This can be done by running: - &prompt.user; svn checkout https://svn0.us-east.FreeBSD.org/doc/head/ head + &prompt.user; svn checkout https://svn0.us-east.FreeBSD.org/doc/head/ head svn0.us-east.FreeBSD.org is a public SVN server. @@ -158,7 +158,7 @@ en_US.ISO8859-1/books/fdp-primer/book.xml, run: - &prompt.user; svn diff -r33733:33734 en_US.ISO8859-1/books/fdp-primer/book.xml + &prompt.user; svn diff -r33733:33734 en_US.ISO8859-1/books/fdp-primer/book.xml @@ -284,7 +284,7 @@ sv_SE.ISO8859-1 is the name of the translation, in - lang.encoding + lang.encoding form. Note the two Makefiles, which will be used to build the documentation. @@ -465,7 +465,7 @@ Your translated documents should include their own $FreeBSD$ line, and change the FreeBSD Documentation Project line to - The FreeBSD language + The FreeBSD language Documentation Project. In addition, you should add a third line which indicates From owner-svn-doc-all@FreeBSD.ORG Wed Feb 26 02:34:00 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A0425C9D; Wed, 26 Feb 2014 02:34:00 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 7F1891DDA; Wed, 26 Feb 2014 02:34:00 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1Q2Y06o051017; Wed, 26 Feb 2014 02:34:00 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1Q2Y0gS051016; Wed, 26 Feb 2014 02:34:00 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201402260234.s1Q2Y0gS051016@svn.freebsd.org> From: Warren Block Date: Wed, 26 Feb 2014 02:34:00 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44064 - head/en_US.ISO8859-1/books/fdp-primer/working-copy X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Feb 2014 02:34:00 -0000 Author: wblock Date: Wed Feb 26 02:33:59 2014 New Revision: 44064 URL: http://svnweb.freebsd.org/changeset/doc/44064 Log: Restore tags lost in the DocBook 5 conversion. Modified: head/en_US.ISO8859-1/books/fdp-primer/working-copy/chapter.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/working-copy/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/working-copy/chapter.xml Wed Feb 26 01:35:59 2014 (r44063) +++ head/en_US.ISO8859-1/books/fdp-primer/working-copy/chapter.xml Wed Feb 26 02:33:59 2014 (r44064) @@ -98,12 +98,12 @@ copy of the latest version (head) of the main documentation tree: - &prompt.user; svn checkout https://svn0.us-west.FreeBSD.org/doc/head ~/doc + &prompt.user; svn checkout https://svn0.us-west.FreeBSD.org/doc/head ~/doc A checkout of the source code to work on manual pages is very similar: - &prompt.user; svn checkout https://svn0.us-west.FreeBSD.org/base/head ~/src + &prompt.user; svn checkout https://svn0.us-west.FreeBSD.org/base/head ~/src @@ -118,7 +118,7 @@ svn update on the directory containing the local working copy: - &prompt.user; svn update ~/doc + &prompt.user; svn update ~/doc Get in the protective habit of using svn update before editing document files. @@ -152,8 +152,8 @@ by redirecting the output of svn diff into a file: - &prompt.user; cd ~/doc -&prompt.user; svn diff > doc-fix-spelling.diff + &prompt.user; cd ~/doc +&prompt.user; svn diff > doc-fix-spelling.diff Give the file a meaningful name that identifies the contents. The example above is for spelling fixes to the whole @@ -172,8 +172,8 @@ be submitted yet, provide a list of only the files that are to be included: - &prompt.user; cd ~/doc -&prompt.user; svn diff disks/chapter.xml printers/chapter.xml > disks-printers.diff + &prompt.user; cd ~/doc +&prompt.user; svn diff disks/chapter.xml printers/chapter.xml > disks-printers.diff From owner-svn-doc-all@FreeBSD.ORG Wed Feb 26 03:27:52 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7E1AC913; Wed, 26 Feb 2014 03:27:52 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 6B14A1352; Wed, 26 Feb 2014 03:27:52 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1Q3Rqm8072957; Wed, 26 Feb 2014 03:27:52 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1Q3Rq9T072956; Wed, 26 Feb 2014 03:27:52 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201402260327.s1Q3Rq9T072956@svn.freebsd.org> From: Warren Block Date: Wed, 26 Feb 2014 03:27:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44068 - head/en_US.ISO8859-1/books/fdp-primer/doc-build X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Feb 2014 03:27:52 -0000 Author: wblock Date: Wed Feb 26 03:27:51 2014 New Revision: 44068 URL: http://svnweb.freebsd.org/changeset/doc/44068 Log: Restore tags lost in the DocBook5 conversion. Modified: head/en_US.ISO8859-1/books/fdp-primer/doc-build/chapter.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/doc-build/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/doc-build/chapter.xml Wed Feb 26 03:26:09 2014 (r44067) +++ head/en_US.ISO8859-1/books/fdp-primer/doc-build/chapter.xml Wed Feb 26 03:27:51 2014 (r44068) @@ -92,7 +92,7 @@ Make includes are the glue that perform the document production, and are usually of the form - doc.xxx.mk. + doc.xxx.mk. @@ -338,9 +338,9 @@ PRI_LANG?= en_US.ISO8859-1 Targets and Macros Dependencies are described by - target: - dependency1 dependency2 - ... tuples, where to build + target: + dependency1 dependency2 + ... tuples, where to build target, the given dependencies must be built first. From owner-svn-doc-all@FreeBSD.ORG Wed Feb 26 05:41:30 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B5A8FB98; Wed, 26 Feb 2014 05:41:30 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 9FEE61CE1; Wed, 26 Feb 2014 05:41:30 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1Q5fU1n029738; Wed, 26 Feb 2014 05:41:30 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1Q5fUtd029737; Wed, 26 Feb 2014 05:41:30 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201402260541.s1Q5fUtd029737@svn.freebsd.org> From: Warren Block Date: Wed, 26 Feb 2014 05:41:30 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44073 - head/en_US.ISO8859-1/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Feb 2014 05:41:30 -0000 Author: wblock Date: Wed Feb 26 05:41:30 2014 New Revision: 44073 URL: http://svnweb.freebsd.org/changeset/doc/44073 Log: Remove Using CVSup and CVS Tags sections from the Handbook. Thanks, CVS, it was a long road. Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Wed Feb 26 04:16:27 2014 (r44072) +++ head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Wed Feb 26 05:41:30 2014 (r44073) @@ -734,1720 +734,6 @@ Certificate information: http. - - Using CVSup (Deprecated) - - - Introduction - - - CVS and cvsup have been deprecated by - the &os; Project. Subversion - should be used instead. - - - CVSup is a software package for - distributing and updating source trees from a master CVS - repository on a remote server host. The &os; sources are - maintained in a CVS repository on a central development - machine in California. With CVSup, - &os; users can easily keep their own source trees up to - date. - - CVSup uses the so-called - pull model of updating. Under the pull - model, each client asks the server for updates, if and when - they are wanted. The server waits passively for update - requests from its clients. Thus all updates are instigated by - the client. The server never sends unsolicited updates. - Users must either run the CVSup - client manually to get an update, or they must set up a - cron job to run it automatically on a - regular basis. - - The term CVSup, capitalized - just so, refers to the entire software package. Its main - components are the client cvsup which runs - on each user's machine, and the server - cvsupd which runs at each of the &os; - mirror sites. - - - The csup utility is a rewrite - of the CVSup software in C. Its - biggest advantage is, that it is faster and does not depend - on the Modula-3 language, thus you do not need to install it - as a requirement. Moreover you can use it out-of-the-box, - since it is included in the base system. If you decided to - use csup, just skip the steps on - the installation of CVSup and - substitute the references of - CVSup with - csup while following the - remainder of this article. - - - - - Installation - - The easiest way to install - CVSup is to use the precompiled - net/cvsup package from the &os; packages collection. If you - prefer to build CVSup from source, - you can use the net/cvsup port instead. - But be forewarned: the net/cvsup port - depends on the Modula-3 system, which takes a substantial - amount of time and disk space to download and build. - - - If you are going to be using - CVSup on a machine which will not - have &xorg; installed, such as a - server, be sure to use the port which does not include the - CVSup GUI, - net/cvsup-without-gui. - - - - - CVSup Configuration - - CVSup's operation is controlled - by a configuration file called the - supfile. There are some sample - supfiles in the directory /usr/share/examples/cvsup/. - - The information in a supfile answers - the following questions for - CVSup: - - - - Which files do you - want to receive? - - - - Which versions of - them do you want? - - - - Where do you want - to get them from? - - - - Where do you want to - put them on your own machine? - - - - Where do you want - to put your status files? - - - - In the following sections, we will construct a typical - supfile by answering each of these - questions in turn. First, we describe the overall structure - of a supfile. - - A supfile is a text file. Comments - begin with # and extend to the end of the - line. Lines that are blank and lines that contain only - comments are ignored. - - Each remaining line describes a set of files that the user - wishes to receive. The line begins with the name of a - collection, a logical grouping of files defined - by the server. The name of the collection tells the server - which files you want. After the collection name come zero or - more fields, separated by white space. These fields answer - the questions listed above. There are two types of fields: - flag fields and value fields. A flag field consists of a - keyword standing alone, e.g., delete or - compress. A value field also begins with a - keyword, but the keyword is followed without intervening white - space by = and a second word. For example, - release=cvs is a value field. - - A supfile typically specifies more - than one collection to receive. One way to structure a - supfile is to specify all of the relevant - fields explicitly for each collection. However, that tends to - make the supfile lines quite long, and it - is inconvenient because most fields are the same for all of - the collections in a supfile. - CVSup provides a defaulting - mechanism to avoid these problems. Lines beginning with the - special pseudo-collection name *default can - be used to set flags and values which will be used as defaults - for the subsequent collections in the - supfile. A default value can be - overridden for an individual collection, by specifying a - different value with the collection itself. Defaults can also - be changed or augmented in mid-supfile by additional - *default lines. - - With this background, we will now proceed to construct a - supfile for receiving and updating the - main source tree of - &os;-CURRENT. - - - - Which files do - you want to receive? - - The files available via - CVSup are organized into named - groups called collections. The collections - that are available are described in the - following section. In - this example, we wish to receive the entire main source - tree for the &os; system. There is a single large - collection src-all which will give us - all of that. As a first step toward constructing our - supfile, we simply list the - collections, one per line (in this case, only one - line): - - src-all - - - - Which version(s) - of them do you want? - - With CVSup, you can receive - virtually any version of the sources that ever existed. - That is possible because the - cvsupd server works directly - from the CVS repository, which contains all of the - versions. You specify which one of them you want using - the tag= and - value fields. - - - Be very careful to specify any - tag= fields correctly. Some tags are - valid only for certain collections of files. If you - specify an incorrect or misspelled tag, - CVSup will delete files which - you probably do not want deleted. In particular, use - only tag=. for - the ports-* collections. - - - The tag= field names a symbolic tag - in the repository. There are two kinds of tags, revision - tags and branch tags. A revision tag refers to a specific - revision. Its meaning stays the same from day to day. A - branch tag, on the other hand, refers to the latest - revision on a given line of development, at any given - time. Because a branch tag does not refer to a specific - revision, it may mean something different tomorrow than it - means today. - - contains branch tags that - users might be interested in. When specifying a tag in - CVSup's configuration file, it - must be preceded with tag= - (RELENG_8 will become - tag=RELENG_8). - Keep in mind that only the tag=. is - relevant for the Ports Collection. - - - Be very careful to type the tag name exactly as - shown. CVSup cannot - distinguish between valid and invalid tags. If you - misspell the tag, CVSup will - behave as though you had specified a valid tag which - happens to refer to no files at all. It will delete - your existing sources in that case. - - - When you specify a branch tag, you normally receive - the latest versions of the files on that line of - development. If you wish to receive some past version, - you can do so by specifying a date with the - value field. The &man.cvsup.1; - manual page explains how to do that. - - For our example, we wish to receive &os;-CURRENT. We - add this line at the beginning of our - supfile: - - *default tag=. - - There is an important special case that comes into - play if you specify neither a tag= - field nor a date= field. In that case, - you receive the actual RCS files directly from the - server's CVS repository, rather than receiving a - particular version. Developers generally prefer this mode - of operation. By maintaining a copy of the repository - itself on their systems, they gain the ability to browse - the revision histories and examine past versions of files. - This gain is achieved at a large cost in terms of disk - space, however. - - - - Where do you want - to get them from? - - We use the host= field to tell - cvsup where to obtain its updates. Any - of the CVSup mirror sites will - do, though you should try to select one that is close to - you in cyberspace. In this example we will use a - fictional &os; distribution site, cvsup99.FreeBSD.org: - - *default host=cvsup99.FreeBSD.org - - You will need to change the host to one that actually - exists before running CVSup. - On any particular run of cvsup, you can - override the host setting on the command line, with - . - - - - Where do you want - to put them on your own machine? - - The prefix= field tells - cvsup where to put the files it - receives. In this example, we will put the source files - directly into our main source tree, - /usr/src. The - src directory is already implicit in - the collections we have chosen to receive, so this is the - correct specification: - - *default prefix=/usr - - - - Where should - cvsup maintain its status files? - - The CVSup client maintains - certain status files in what is called the - base directory. These files help - CVSup to work more efficiently, - by keeping track of which updates you have already - received. We will use the standard base directory, - /var/db: - - *default base=/var/db - - If your base directory does not already exist, now - would be a good time to create it. The - cvsup client will refuse to run if the - base directory does not exist. - - - - Miscellaneous supfile - settings: - - There is one more line of boiler plate that normally - needs to be present in the - supfile: - - *default release=cvs delete use-rel-suffix compress - - release=cvs indicates that the - server should get its information out of the main &os; CVS - repository. This is virtually always the case, but there - are other possibilities which are beyond the scope of this - discussion. - - delete gives - CVSup permission to delete - files. You should always specify this, so that - CVSup can keep your source tree - fully up-to-date. CVSup is - careful to delete only those files for which it is - responsible. Any extra files you happen to have will be - left strictly alone. - - use-rel-suffix is ... arcane. If - you really want to know about it, see the &man.cvsup.1; - manual page. Otherwise, just specify it and do not worry - about it. - - compress enables the use of - gzip-style compression on the communication channel. If - your network link is T1 speed or faster, you probably - should not use compression. Otherwise, it helps - substantially. - - - - Putting it all together: - - Here is the entire supfile for - our example: - - *default tag=. -*default host=cvsup99.FreeBSD.org -*default prefix=/usr -*default base=/var/db -*default release=cvs delete use-rel-suffix compress - -src-all - - - - - The <filename>refuse</filename> File - - As mentioned above, CVSup - uses a pull method. Basically, this - means that you connect to the - CVSup server, and it says, - Here is what you can download from me..., and - your client responds - OK, I will take this, this, this, and this. - In the default configuration, the - CVSup client will take every file - associated with the collection and tag you chose in the - configuration file. In order to download a partial tree, - use the refuse file. - - The refuse file tells - CVSup that it should not take - every single file from a collection; in other words, it - tells the client to refuse certain - files from the server. The refuse file - can be found (or, if you do not yet have one, should be - placed) in - base/sup/. - base is defined in your - supfile; our defined - base is - /var/db, which means that by default - the refuse file is - /var/db/sup/refuse. - - The refuse file has a very simple - format; it simply contains the names of files or directories - that you do not wish to download. For example: - - bin/ -usr.bin/ - - Users who are on - slow links or pay by the minute for their Internet - connection will be able to save time as they will - no longer need to download files that they will never use. - For more information on refuse files - and other neat features of CVSup, - please view its manual page. - - - - - Running <application>CVSup</application> - - You are now ready to try an update. The command line for - doing this is quite simple: - - &prompt.root; cvsup supfile - - where - supfile is of - course the name of the supfile you have - just created. Assuming you are running under X11, - cvsup will display a GUI window with some - buttons to do the usual things. Press the - go button, and watch it run. - - Since you are updating your actual - /usr/src tree in this example, you will - need to run the program as root so that - cvsup has the permissions it needs to - update your files. Having just created your configuration - file, and having never used this program before, that might - understandably make you nervous. There is an easy way to do a - trial run without touching your precious files. Just create - an empty directory somewhere convenient, and name it as an - extra argument on the command line: - - &prompt.root; mkdir /var/tmp/dest -&prompt.root; cvsup supfile /var/tmp/dest - - The directory you specify will be used as the destination - directory for all file updates. - CVSup will examine your usual files - in /usr/src, but it will not modify or - delete any of them. Any file updates will instead land in - /var/tmp/dest/usr/src. - CVSup will also leave its base - directory status files untouched when run this way. The new - versions of those files will be written into the specified - directory. As long as you have read access to - /usr/src, you do not even need to be - root to perform this - kind of trial run. - - If you are not running X11 or if you just do not like - GUIs, you should add a couple of options to the command line - when you run cvsup: - - &prompt.root; cvsup -g -L 2 supfile - - The tells - CVSup not to use its GUI. This is - automatic if you are not running X11, but otherwise you have - to specify it. - - The tells - CVSup to print out the - details of all the file updates it is doing. There are three - levels of verbosity, from to - . The default is 0, which means total - silence except for error messages. - - There are plenty of other options available. For a brief - list of them, type cvsup -H. For more - detailed descriptions, see the manual page. - - Once you are satisfied with the way updates are working, - you can arrange for regular runs of - CVSup using &man.cron.8;. - Obviously, you should not let CVSup - use its GUI when running it from &man.cron.8;. - - - - <application>CVSup</application> File Collections - - The file collections available via - CVSup are organized hierarchically. - There are a few large collections, and they are divided into - smaller sub-collections. Receiving a large collection is - equivalent to receiving each of its sub-collections. The - hierarchical relationships among collections are reflected by - the use of indentation in the list below. - - The most commonly used collection is - src-all. - - - - cvs-all release=cvs - - - The main &os; CVS repository, including the - cryptography code. - - - - distrib release=cvs - - - Files related to the distribution and - mirroring of &os;. - - - - - - projects-all release=cvs - - - - Sources for the &os; projects - repository. - - - - - src-all release=cvs - - - The main &os; sources, including the - cryptography code. - - - - src-base - release=cvs - - - Miscellaneous files at the top of - /usr/src. - - - - - src-bin - release=cvs - - - User utilities that may be needed in - single-user mode - (/usr/src/bin). - - - - - src-cddl - release=cvs - - - Utilities and libraries covered by the - CDDL license - (/usr/src/cddl). - - - - - src-contrib - release=cvs - - - Utilities and libraries from outside the - &os; project, used relatively unmodified - (/usr/src/contrib). - - - - - - src-crypto release=cvs - - - - Cryptography utilities and libraries - from outside the &os; project, used - relatively unmodified - - (/usr/src/crypto). - - - - - - src-eBones release=cvs - - - - Kerberos and DES - (/usr/src/eBones). Not - used in current releases of &os;. - - - - - src-etc - release=cvs - - - System configuration files - (/usr/src/etc). - - - - - src-games - release=cvs - - - Games - (/usr/src/games). - - - - - src-gnu - release=cvs - - - Utilities covered by the GNU Public - License - (/usr/src/gnu). - - - - - src-include - release=cvs - - - Header files - (/usr/src/include). - - - - - src-kerberos5 - release=cvs - - - Kerberos5 security package - (/usr/src/kerberos5). - - - - - src-kerberosIV - release=cvs - - - KerberosIV security package - (/usr/src/kerberosIV). - - - - - src-lib - release=cvs - - - Libraries - (/usr/src/lib). - - - - - src-libexec - release=cvs - - - System programs normally executed by - other programs - (/usr/src/libexec). - - - - - src-release - release=cvs - - - Files required to produce a &os; - release - (/usr/src/release). - - - - - src-rescue - release=cvs - - - Statically linked programs for emergency - recovery; see &man.rescue.8; - (/usr/src/rescue). - - - - - - src-sbin release=cvs - - - - System utilities for single-user mode - (/usr/src/sbin). - - - - - src-secure - release=cvs - - - Cryptographic libraries and commands - (/usr/src/secure). - - - - - src-share - release=cvs - - - Files that can be shared across multiple - systems - (/usr/src/share). - - - - - src-sys - release=cvs - - - The kernel - (/usr/src/sys). - - - - - src-sys-crypto - release=cvs - - - Kernel cryptography code - (/usr/src/sys/crypto). - - - - - src-tools - release=cvs - - - Various tools for the maintenance of - &os; - (/usr/src/tools). - - - - - src-usrbin - release=cvs - - - User utilities - (/usr/src/usr.bin). - - - - - src-usrsbin - release=cvs - - - System utilities - (/usr/src/usr.sbin). - - - - - - - - - - - distrib release=self - - - The CVSup server's own - configuration files. Used by - CVSup mirror sites. - - - - - gnats release=current - - - The GNATS bug-tracking database. - - - - - mail-archive release=current - - - &os; mailing list archive. - - - - - - - For More Information - - For the CVSup FAQ and other - information about CVSup, see - The - CVSup Home Page. - - Most &os;-related discussion of - CVSup takes place on the - &a.hackers;. New versions of the software are announced - there, as well as on the &a.announce;. - - For questions or bug reports about - CVSup take a look at the - - CVSup FAQ. - - - - CVSup Sites - - CVSup servers for &os; are - running at the following sites: - - &chap.mirrors.cvsup.index.inc; - - &chap.mirrors.lastmod.inc; - - &chap.mirrors.cvsup.inc; - - - - - - CVS Tags - - - CVS has been deprecated by the project, and its use is not - recommended. Subversion should be - used instead. - - - When obtaining or updating sources using - cvs or - CVSup, a revision tag must be - specified. A revision tag refers to either a particular line of - &os; development, or a specific point in time. The first type - are called branch tags, and the second type are - called release tags. - - - Branch Tags - - All of these, with the exception of - HEAD (which is always a valid tag), only - apply to the src/ tree. The - ports/, doc/, and - www/ trees are not branched. - - - - HEAD - - - Symbolic name for the main line, or &os;-CURRENT. - Also the default when no revision is specified. - - In CVSup, this tag is - represented by a . (not punctuation, - but a literal . character). - - - In CVS, this is the default when no revision tag - is specified. It is usually not - a good idea to checkout or update to CURRENT sources - on a STABLE machine, unless that is your - intent. - - - - - - RELENG_9 - - - The line of development for &os;-9.X, also known - as &os; 9-STABLE - - - - - RELENG_9_1 - - - The release branch for &os;-9.1, used only for - security advisories and other critical fixes. - - - - - RELENG_9_0 - - - The release branch for &os;-9.0, used only for - security advisories and other critical fixes. - - - - - RELENG_8 - - - The line of development for &os;-8.X, also known - as &os; 8-STABLE - - - - - RELENG_8_3 - - - The release branch for &os;-8.3, used only for - security advisories and other critical fixes. - - - - - RELENG_8_2 - - - The release branch for &os;-8.2, used only for - security advisories and other critical fixes. - - - - - RELENG_8_1 - - - The release branch for &os;-8.1, used only for - security advisories and other critical fixes. - - - - - RELENG_8_0 - - - The release branch for &os;-8.0, used only for - security advisories and other critical fixes. - - - *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Wed Feb 26 07:09:18 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DE5BF543; Wed, 26 Feb 2014 07:09:18 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id CB8BD13D4; Wed, 26 Feb 2014 07:09:18 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1Q79I2H064297; Wed, 26 Feb 2014 07:09:18 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1Q79I3E064296; Wed, 26 Feb 2014 07:09:18 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201402260709.s1Q79I3E064296@svn.freebsd.org> From: Warren Block Date: Wed, 26 Feb 2014 07:09:18 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44074 - head/en_US.ISO8859-1/books/porters-handbook/porting-dads X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Feb 2014 07:09:18 -0000 Author: wblock Date: Wed Feb 26 07:09:18 2014 New Revision: 44074 URL: http://svnweb.freebsd.org/changeset/doc/44074 Log: Link to the section ID rather than the title ID. Modified: head/en_US.ISO8859-1/books/porters-handbook/porting-dads/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/porting-dads/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/porting-dads/chapter.xml Wed Feb 26 05:41:30 2014 (r44073) +++ head/en_US.ISO8859-1/books/porters-handbook/porting-dads/chapter.xml Wed Feb 26 07:09:18 2014 (r44074) @@ -37,7 +37,7 @@ installing ports from a CDROM for an example of building ports from a read-only tree). If you need to modify one of the pkg-* files, do so by - redefining a variable, + redefining a variable, not by writing over it. From owner-svn-doc-all@FreeBSD.ORG Wed Feb 26 16:22:52 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B1A143BC; Wed, 26 Feb 2014 16:22:52 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8F39B1B1F; Wed, 26 Feb 2014 16:22:52 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1QGMqA5090567; Wed, 26 Feb 2014 16:22:52 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1QGMqq7090566; Wed, 26 Feb 2014 16:22:52 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201402261622.s1QGMqq7090566@svn.freebsd.org> From: Ryusuke SUZUKI Date: Wed, 26 Feb 2014 16:22:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44075 - head/ja_JP.eucJP/books/handbook/preface X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Feb 2014 16:22:52 -0000 Author: ryusuke Date: Wed Feb 26 16:22:52 2014 New Revision: 44075 URL: http://svnweb.freebsd.org/changeset/doc/44075 Log: - Merge the following from the English version: r29932 -> r33266 head/ja_JP.eucJP/books/handbook/preface/preface.xml Modified: head/ja_JP.eucJP/books/handbook/preface/preface.xml Modified: head/ja_JP.eucJP/books/handbook/preface/preface.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/preface/preface.xml Wed Feb 26 07:09:18 2014 (r44074) +++ head/ja_JP.eucJP/books/handbook/preface/preface.xml Wed Feb 26 16:22:52 2014 (r44075) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r29932 + Original revision: r33266 $FreeBSD$ --> @@ -383,7 +383,21 @@ RAID レベルの設定方法について説明しています。 ---> + + , File Systems Support + + &sun; の Z ファイルシステムのような、 + ネイティブではないファイルシステムの &os; + における対応について検討します。 + + + + , Virtualization + + 仮想化が何を提供するか、&os; + でどのように使うことができるかについて説明しています。 + + --> , 地域化 @@ -391,6 +405,16 @@ システムとアプリケーション両方のレベルの地域化を扱っています。 + @@ -403,6 +427,15 @@ その方法の概要をまとめています。 + , シリアル通信 From owner-svn-doc-all@FreeBSD.ORG Wed Feb 26 17:05:29 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2D518D49; Wed, 26 Feb 2014 17:05:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 171921096; Wed, 26 Feb 2014 17:05:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1QH5S9n006879; Wed, 26 Feb 2014 17:05:28 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1QH5SsX006878; Wed, 26 Feb 2014 17:05:28 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201402261705.s1QH5SsX006878@svn.freebsd.org> From: Dru Lavigne Date: Wed, 26 Feb 2014 17:05:28 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44076 - head/en_US.ISO8859-1/books/handbook/firewalls X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Feb 2014 17:05:29 -0000 Author: dru Date: Wed Feb 26 17:05:28 2014 New Revision: 44076 URL: http://svnweb.freebsd.org/changeset/doc/44076 Log: Initial pass through enabling IPFW. Shuffle IPFW command to later in the chapter, might get shuffled again. Begin prep work for syntax section. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Wed Feb 26 16:22:52 2014 (r44075) +++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Wed Feb 26 17:05:28 2014 (r44076) @@ -1675,7 +1675,7 @@ options IPDIVERT # enables NATfirewall_type="open" - The available values for this setting are: + The available types are: @@ -1702,114 +1702,48 @@ options IPDIVERT # enables NAT - filename: full path of the file - containing the firewall rules. + filename: full path of the file + containing the firewall ruleset. - To instead load a custom ruleset, either set the - filename value of - firewall_type or set the - firewall_script variable to the absolute - path of an executable script that includes - IPFW commands. This example script blocks - all incoming and outgoing traffic: - - #!/bin/sh - -ipfw -q flush - -ipfw add deny in -ipfw add deny out - - - If firewall_type is set to either + If firewall_type is set to either client or simple, modify the default rules found in /etc/rc.firewall to fit the - configuration of the system. The examples used in this - section assume that the firewall_script - is set to /etc/ipfw.rules. - - - Enable logging: - - firewall_logging="YES" + configuration of the system. - - firewall_logging sets the - net.inet.ip.fw.verbose sysctl - variable to the value of 1. There is no - rc.conf variable to set log - limitations, but the desired value can be set using - sysctl or by adding the following - variable and desired value to - /etc/sysctl.conf: - - net.inet.ip.fw.verbose_limit=5 - - - If the machine is acting as a gateway providing - NAT using &man.natd.8;, refer to for information regarding the - required /etc/rc.conf options. - + Note that the + filename type is used to load a custom ruleset. - - The <application>IPFW</application> Command - - ipfw - - ipfw can be used to make manual, - single rule additions or deletions to the active firewall - while it is running. The problem with using this method is - that all the changes are lost when the system reboots. It is - recommended to instead write all the rules in a file and to - use that file to load the rules at boot time and to replace - the currently running firewall rules whenever that file - changes. - - ipfw is a useful way to display the - running firewall rules to the console screen. The - IPFW accounting facility - dynamically creates a counter for each rule that counts each - packet that matches the rule. During the process of testing a - rule, listing the rule with its counter is one way to - determine if the rule is functioning as expected. - - To list all the running rules in sequence: - - &prompt.root; ipfw list - - To list all the running rules with a time stamp of when - the last time the rule was matched: - - &prompt.root; ipfw -t list - - The next example lists accounting information and the - packet count for matched rules along with the rules - themselves. The first column is the rule number, followed by - the number of matched packets and bytes, followed by the rule - itself. - - &prompt.root; ipfw -a list - - To list dynamic rules in addition to static rules: - - &prompt.root; ipfw -d list + An alternate way to load a custom ruleset is to set the + firewall_script variable to the absolute + path of an executable script that includes + IPFW commands. The examples used in this + section assume that the firewall_script + is set to /etc/ipfw.rules: - To also show the expired dynamic rules: + firewall_script="/etc/ipfw.rules" - &prompt.root; ipfw -d -e list + To enable logging, include this line: - To zero the counters: - - &prompt.root; ipfw zero + firewall_logging="YES" - To zero the counters for just the rule with number - NUM: + There is no + /etc/rc.conf variable to set logging + limits. To limit the number of times a rule is logged + per connection attempt, specify the number using this line + in + /etc/sysctl.conf: - &prompt.root; ipfw zero NUM + net.inet.ip.fw.verbose_limit=5 + + After saving the needed edits, start the firewall. To + enable logging limits now, also set the + sysctl value specified above: + + &prompt.root; service ipfw start +&prompt.root; sysctl net.inet.ip.fw.verbose_limit=5 @@ -1821,16 +1755,16 @@ ipfw add deny out rule processing order - When a packet enters the IPFW firewall, + When a packet enters the IPFW firewall, it is compared against the first rule in the ruleset and progresses one rule at a time, moving from top to bottom of the set in ascending rule number sequence order. When the packet matches the selection parameters of a rule, the rule's - action field value is executed and the search of the ruleset + action is executed and the search of the ruleset terminates for that packet. This is referred to as first match wins. If the packet does not match any of the rules, it gets caught by the mandatory - IPFW default rule, number 65535, + IPFW default rule number 65535, which denies all packets and silently discards them. However, if the packet matches a rule that contains the count, skipto, or @@ -1838,11 +1772,8 @@ ipfw add deny out to &man.ipfw.8; for details on how these keywords affect rule processing. - The examples in this section create an inclusive type - firewall ruleset containing the stateful keep - state, limit, - in, out and - via options. For a complete rule syntax + This section provides an overview of the rule syntax for creating + stateful rules. For a complete rule syntax description, refer to &man.ipfw.8;. @@ -1851,11 +1782,11 @@ ipfw add deny out rule syntax - This section describes the keywords which comprise an - IPFW rule. Keywords must be - written in the following order. # is used + When creating an + IPFW rule, keywords must be + written in the following order. The # symbol is used to mark the start of a comment and may appear at the end of a - rule line or on its own line. Blank lines are ignored. + rule or on its own line. Blank lines are ignored. CMD RULE_NUMBER ACTION LOGGING SELECTION STATEFUL @@ -1915,7 +1846,7 @@ ipfw add deny out - Logging + LOGGING When a packet matches a rule with the log keyword, a message will be logged @@ -1942,7 +1873,7 @@ ipfw add deny out - Selection + SELECTION The keywords described in this section are used to describe attributes of the packet to be checked when @@ -2031,7 +1962,7 @@ ipfw add deny out - Stateful Rule Option + STATEFUL The check-state option is used to identify where in the IPFW @@ -2058,6 +1989,63 @@ ipfw add deny out + + + + The <application>IPFW</application> Command + + ipfw + + ipfw can be used to make manual, + single rule additions or deletions to the active firewall + while it is running. The problem with using this method is + that all the changes are lost when the system reboots. It is + recommended to instead write all the rules in a file and to + use that file to load the rules at boot time and to replace + the currently running firewall rules whenever that file + changes. + + ipfw is a useful way to display the + running firewall rules to the console screen. The + IPFW accounting facility + dynamically creates a counter for each rule that counts each + packet that matches the rule. During the process of testing a + rule, listing the rule with its counter is one way to + determine if the rule is functioning as expected. + + To list all the running rules in sequence: + + &prompt.root; ipfw list + + To list all the running rules with a time stamp of when + the last time the rule was matched: + + &prompt.root; ipfw -t list + + The next example lists accounting information and the + packet count for matched rules along with the rules + themselves. The first column is the rule number, followed by + the number of matched packets and bytes, followed by the rule + itself. + + &prompt.root; ipfw -a list + + To list dynamic rules in addition to static rules: + + &prompt.root; ipfw -d list + + To also show the expired dynamic rules: + + &prompt.root; ipfw -d -e list + + To zero the counters: + + &prompt.root; ipfw zero + + To zero the counters for just the rule with number + NUM: + + &prompt.root; ipfw zero NUM Logging Firewall Messages From owner-svn-doc-all@FreeBSD.ORG Wed Feb 26 20:32:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 50046BE1; Wed, 26 Feb 2014 20:32:12 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 37CCD18CE; Wed, 26 Feb 2014 20:32:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1QKWCDk089827; Wed, 26 Feb 2014 20:32:12 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1QKWCZg089826; Wed, 26 Feb 2014 20:32:12 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201402262032.s1QKWCZg089826@svn.freebsd.org> From: Dru Lavigne Date: Wed, 26 Feb 2014 20:32:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44077 - head/en_US.ISO8859-1/books/handbook/firewalls X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Feb 2014 20:32:12 -0000 Author: dru Date: Wed Feb 26 20:32:11 2014 New Revision: 44077 URL: http://svnweb.freebsd.org/changeset/doc/44077 Log: Modernize the IPFW Rule Syntax section. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Wed Feb 26 17:05:28 2014 (r44076) +++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Wed Feb 26 20:32:11 2014 (r44077) @@ -1757,8 +1757,8 @@ options IPDIVERT # enables NATWhen a packet enters the IPFW firewall, it is compared against the first rule in the ruleset and - progresses one rule at a time, moving from top to bottom of - the set in ascending rule number sequence order. When the + progresses one rule at a time, moving from top to bottom in + sequence. When the packet matches the selection parameters of a rule, the rule's action is executed and the search of the ruleset terminates for that packet. This is referred to as @@ -1772,10 +1772,6 @@ options IPDIVERT # enables NAT - This section provides an overview of the rule syntax for creating - stateful rules. For a complete rule syntax - description, refer to &man.ipfw.8;. - IPFW @@ -1784,33 +1780,58 @@ options IPDIVERT # enables NATWhen creating an IPFW rule, keywords must be - written in the following order. The # symbol is used + written in the following order. Some keywords are mandatory + while other keywords are optional. The words shown in uppercase + represent a variable and the words shown in lowercase must + precede the variable that follows it. The # symbol is used to mark the start of a comment and may appear at the end of a rule or on its own line. Blank lines are ignored. - CMD RULE_NUMBER ACTION LOGGING SELECTION - STATEFUL + CMD RULE_NUMBER set SET_NUMBER ACTION log + LOG_AMOUNT PROTO from SRC SRC_PORT to DST DST_PORT + OPTIONS + + This section provides an overview of these keywords and + their options. It is not an exhaustive list of every possible + option. Refer to &man.ipfw.8; for a complete description of + the rule syntax that can be used when creating + IPFW rules. CMD - Each new rule has to be prefixed with - add to add the rule to the - internal table. + Every rule must start with + ipfw add. RULE_NUMBER - Each rule is associated with a rule_number in the + Each rule is associated with a number in the range of 1 to - 65535. + 65534. The number is used to + indicate the order of rule processing. Multiple rules can have the same + number, in which case they are checked according to + the order in which they have been added. + SET_NUMBER + + Each rule is associated with a set number in the + range of 0 to + 31. Sets can be individually + disabled or enabled, making it possible to quickly add + or delete a set of rules. If a SET_NUMBER is not + specified, the rule will be added to set 0. + + + + + ACTION A rule can be associated with one of the following @@ -1819,15 +1840,10 @@ options IPDIVERT # enables NAT allow | accept | pass | - permit - - These keywords are equivalent as they allow packets - that match the rule to exit the firewall rule - processing. The search terminates at this rule. - - check-state + permit: these keywords are equivalent and allow packets + that match the rule. - Checks the packet against the dynamic rules table. + check-state: checks the packet against the dynamic state table. If a match is found, execute the action associated with the rule which generated this dynamic rule, otherwise move to the next rule. A check-state @@ -1837,27 +1853,31 @@ options IPDIVERT # enables NATkeep-state or limit rule. - deny | drop - - Both words mean the same thing, which is to discard - packets that match this rule. The search - terminates. + count: updates counters for + all packets that match rule. The search continues with + the next rule. + + deny | drop: either word discards + packets that match this rule. + + Additional actions are available. Refer to + &man.ipfw.8; for details. - LOGGING + LOG_AMOUNT When a packet matches a rule with the log keyword, a message will be logged to &man.syslogd.8; with a facility name of SECURITY. Logging only occurs if the number of packets logged for that particular rule does - not exceed the logamount parameter. - If no logamount is specified, the - limit is taken from the sysctl value - of net.inet.ip.fw.verbose_limit. In - both cases, a value of zero removes the logging limit. + not exceed the optional specified LOG_AMOUNT. + If no LOG_AMOUNT is specified, the + limit is taken from the value + of net.inet.ip.fw.verbose_limit. A + value of zero removes the logging limit. Once the limit is reached, logging can be re-enabled by clearing the logging counter or the packet counter for that rule, using ipfw reset @@ -1873,119 +1893,95 @@ options IPDIVERT # enables NAT - SELECTION + PROTO - The keywords described in this section are used to - describe attributes of the packet to be checked when - determining whether rules match the packet or not. The - following general-purpose attributes are provided for - matching, and must be used in this order: - - udp | tcp | icmp - - Any other protocol names found in - /etc/protocols can be used. The - value specified is the protocol to be matched against. - This is a mandatory keyword. - - from src to dst - - The from and - to keywords are used to match against - IP addresses. Rules must specify - both source and destination - parameters. any is a special keyword - that matches any IP address. me is a - special keyword that matches any IP address configured - on an interface in the &os; system to represent the PC - the firewall is running on. Example usage includes - from me to any, - from any to me, - from 0.0.0.0/0 to any, - from any to 0.0.0.0/0, - from 0.0.0.0 to any, - from any to 0.0.0.0, and - from me to 0.0.0.0. IP addresses - are specified in dotted IP address format followed by - the mask in CIDR notation, or as a single host in dotted - IP address format. This keyword is a mandatory - requirement. The net-mgmt/ipcalc - port may be used to assist the mask calculation. - - port number - - For protocols which support port numbers, such as - TCP and UDP, it is - mandatory to include the port number of the service - that will be matched. Service names from - /etc/services may be used instead - of numeric port values. - - in | out - - Matches incoming or outgoing packets. It is - mandatory that one or the other is included as part of - the rule matching criterion. - - via IF - - Matches packets going through the interface - specified by device name. The via - keyword causes the interface to always be checked as - part of the match process. - - setup - - This mandatory keyword identifies the session start - request for TCP packets. - - keep-state - - This is a mandatory keyword. Upon a match, the - firewall will create a dynamic rule, whose default - behavior is to match bidirectional traffic between - source and destination IP/port using the same - protocol. + This optional value can be used to specify any + protocol name or number found in + /etc/protocols. + + + + + SRC + + The from + keyword must be followed by the source address or a + keyword that represents the source address. An address + can be represented by the any, + me (any address configured on an + interface on this system), + me6, (any IPv6 + address configured on an interface on this system), or + table followed by the number of a + lookup table which contains a list of addresses. When + specifying an IP address, it can be + optionally followed by its CIDR mask + or subnet mask. For example, 1.2.3.4/25 or + 1.2.3.4:255.255.255.128. + + + + + SRC_PORT + + An optional source port can be specified using the + port number or name from + /etc/services. + + - limit {src-addr | src-port | dst-addr | - dst-port} + + DST + + The to keyword must be followed + by the destination address or a + keyword that represents the destination address. The + same keywords and addresses described in the SRC section + can be used to describe the destination. + + - The firewall will only allow - N connections with the same - set of parameters as specified in the rule. One or more - of source and destination addresses and ports can be - specified. limit and - keep-state can not be used on the - same rule as they provide the same stateful - function. + + DST_PORT + + An optional destination port can be specified using + the port number or name from + /etc/services. - STATEFUL + OPTIONS - The check-state option is used to - identify where in the IPFW - ruleset the packet is to be tested against the dynamic - rules facility. On a match, the packet exits the - firewall to continue on its way and a new rule is - dynamically created for the next anticipated packet - being exchanged during this session. On a no match, the - packet advances to the next rule in the ruleset for - testing. + Several keywords can follow the source and + destination. As the name suggests, OPTIONS are + optional. Commonly used options include + in or + out, which specify the direction of + packet flow, icmptypes followed by + the type of ICMP message, and + keep-state. + + When a keep-state rule is matched, the + firewall will create a dynamic rule which + matches bidirectional traffic between the + source and destination addresses and ports using the same + protocol. The dynamic rules facility is vulnerable to resource depletion from a SYN-flood attack which would open a huge number of dynamic rules. To counter this type of attack with IPFW, use - limit. This keyword limits the - number of simultaneous sessions by checking that rule's - source or destinations fields and using the packet's IP - address in a search of the open dynamic rules, counting - the number of times this rule and IP address + limit. This option limits the + number of simultaneous sessions by checking the open dynamic rules, counting + the number of times this rule and IP address combination occurred. If this count is greater than the value specified by limit, the packet is discarded. + + Dozens of OPTIONS are available. Refer to + &man.ipfw.8; for a description of each available + option. From owner-svn-doc-all@FreeBSD.ORG Wed Feb 26 21:27:53 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C0CAE385; Wed, 26 Feb 2014 21:27:53 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 6F2291DA8; Wed, 26 Feb 2014 21:27:53 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1QLRrKV010962; Wed, 26 Feb 2014 21:27:53 GMT (envelope-from rodrigc@svn.freebsd.org) Received: (from rodrigc@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1QLRr2P010961; Wed, 26 Feb 2014 21:27:53 GMT (envelope-from rodrigc@svn.freebsd.org) Message-Id: <201402262127.s1QLRr2P010961@svn.freebsd.org> From: Craig Rodrigues Date: Wed, 26 Feb 2014 21:27:53 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44078 - head/en_US.ISO8859-1/articles/committers-guide X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Feb 2014 21:27:54 -0000 Author: rodrigc (src committer) Date: Wed Feb 26 21:27:52 2014 New Revision: 44078 URL: http://svnweb.freebsd.org/changeset/doc/44078 Log: Add note for setting Kerberos password. Learned from: peter Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/committers-guide/article.xml Wed Feb 26 20:32:11 2014 (r44077) +++ head/en_US.ISO8859-1/articles/committers-guide/article.xml Wed Feb 26 21:27:52 2014 (r44078) @@ -305,6 +305,23 @@ You need a Passphrase to protect your se + + Kerberos and LDAP web password for &os; cluster + Some of the services in the &os; cluster require a Kerberos password. + In the &os; cluster, LDAP is proxying to Kerberos, so this also serves as + the LDAP web password. + To reset your Kerberos password in the &os; cluster using a random password + generator: + + &prompt.user; ssh kpasswd.freebsd.org + + Alternatively, you can set your Kerberos password manually by logging into + freefall.FreeBSD.org and + running: + &prompt.user; kpasswd + + + Commit Bit Types From owner-svn-doc-all@FreeBSD.ORG Wed Feb 26 21:53:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 93F79C1F; Wed, 26 Feb 2014 21:53:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 7ED91110A; Wed, 26 Feb 2014 21:53:13 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1QLrD6o023204; Wed, 26 Feb 2014 21:53:13 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1QLrDEX023203; Wed, 26 Feb 2014 21:53:13 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201402262153.s1QLrDEX023203@svn.freebsd.org> From: Dru Lavigne Date: Wed, 26 Feb 2014 21:53:13 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44079 - head/en_US.ISO8859-1/books/handbook/firewalls X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Feb 2014 21:53:13 -0000 Author: dru Date: Wed Feb 26 21:53:13 2014 New Revision: 44079 URL: http://svnweb.freebsd.org/changeset/doc/44079 Log: Move Example Ruleset to under Rule Syntax. Cleanup the Example Ruleset. At some point, the ping rules and the incoming HTTP/SSH rules should be tightened. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Wed Feb 26 21:27:52 2014 (r44078) +++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Wed Feb 26 21:53:13 2014 (r44079) @@ -1987,6 +1987,140 @@ options IPDIVERT # enables NAT + + Example Ruleset + + This section demonstrates how to create an example + stateful firewall ruleset script named + /etc/ipfw.rules. In this example, all + connection rules use in or + out to clarify the direction. They also + use via + interface-name to specify + the interface the packet is traveling over. + + The firewall script begins by indicating that it is a + Bourne shell script and flushes any existing rules. It then + creates the cmd variable so that + ipfw add does not have to be typed at the + beginning of every rule. It also defines the + pif variable which represents the name of + the interface that is attached to the Internet. + + #!/bin/sh +# Flush out the list before we begin. +ipfw -q -f flush + +# Set rules command prefix +cmd="ipfw -q add" +pif="dc0" # interface name of NIC attached to Internet + + The first two rules allow all traffic on the trusted + internal interface and on the loopback interface: + + # Change xl0 to LAN NIC interface name +$cmd 00005 allow all from any to any via xl0 + +# No restrictions on Loopback Interface +$cmd 00010 allow all from any to any via lo0 + + The next rule allows the packet through if it matches + an existing entry in the dynamic rules table: + + $cmd 00015 check-state + + The next set of rules defines which stateful connections + internal systems can create to hosts on the Internet: + + # Allow access to public DNS +# Replace x.x.x.x with the IP address of a public DNS server +# and repeat for each DNS server in /etc/resolv.conf +$cmd 00110 allow tcp from any to x.x.x.x 53 out via $pif setup keep-state +$cmd 00111 allow udp from any to x.x.x.x 53 out via $pif keep-state + +# Allow access to ISP's DHCP server for cable/DSL configurations. +# Use the first rule and check log for IP address. +# Then, uncomment the second rule, input the IP address, and delete the first rule +$cmd 00120 allow log udp from any to any 67 out via $pif keep-state +#$cmd 00120 allow udp from any to x.x.x.x 67 out via $pif keep-state + +# Allow outbound HTTP and HTTPS connections +$cmd 00200 allow tcp from any to any 80 out via $pif setup keep-state +$cmd 00220 allow tcp from any to any 443 out via $pif setup keep-state + +# Allow outbound email connections +$cmd 00230 allow tcp from any to any 25 out via $pif setup keep-state +$cmd 00231 allow tcp from any to any 110 out via $pif setup keep-state + +# Allow outbound ping +$cmd 00250 allow icmp from any to any out via $pif keep-state + +# Allow outbound NTP +$cmd 00260 allow tcp from any to any 37 out via $pif setup keep-state + +# Allow outbound SSH +$cmd 00280 allow tcp from any to any 22 out via $pif setup keep-state + +# deny and log all other outbound connections +$cmd 00299 deny log all from any to any out via $pif + + The next set of rules controls connections from + Internet hosts to the internal network. It starts by + denying packets typically associated with attacks and then + explicitly allows specific types of connections. All the + authorized services that originate from the Internet use + limit to prevent flooding. + + # Deny all inbound traffic from non-routable reserved address spaces +$cmd 00300 deny all from 192.168.0.0/16 to any in via $pif #RFC 1918 private IP +$cmd 00301 deny all from 172.16.0.0/12 to any in via $pif #RFC 1918 private IP +$cmd 00302 deny all from 10.0.0.0/8 to any in via $pif #RFC 1918 private IP +$cmd 00303 deny all from 127.0.0.0/8 to any in via $pif #loopback +$cmd 00304 deny all from 0.0.0.0/8 to any in via $pif #loopback +$cmd 00305 deny all from 169.254.0.0/16 to any in via $pif #DHCP auto-config +$cmd 00306 deny all from 192.0.2.0/24 to any in via $pif #reserved for docs +$cmd 00307 deny all from 204.152.64.0/23 to any in via $pif #Sun cluster interconnect +$cmd 00308 deny all from 224.0.0.0/3 to any in via $pif #Class D & E multicast + +# Deny public pings +$cmd 00310 deny icmp from any to any in via $pif + +# Deny ident +$cmd 00315 deny tcp from any to any 113 in via $pif + +# Deny all Netbios services. +$cmd 00320 deny tcp from any to any 137 in via $pif +$cmd 00321 deny tcp from any to any 138 in via $pif +$cmd 00322 deny tcp from any to any 139 in via $pif +$cmd 00323 deny tcp from any to any 81 in via $pif + +# Deny fragments +$cmd 00330 deny all from any to any frag in via $pif + +# Deny ACK packets that did not match the dynamic rule table +$cmd 00332 deny tcp from any to any established in via $pif + +# Allow traffic from ISP's DHCP server. +# Replace x.x.x.x with the same IP address used in rule 00120. +#$cmd 00360 allow udp from any to x.x.x.x 67 in via $pif keep-state + +# Allow HTTP connections to internal web server +$cmd 00400 allow tcp from any to me 80 in via $pif setup limit src-addr 2 + +# Allow inbound SSH connections +$cmd 00410 allow tcp from any to me 22 in via $pif setup limit src-addr 2 + +# Reject and log all other incoming connections +$cmd 00499 deny log all from any to any in via $pif + + The last rule logs all packets that do not match any of + the rules in the + ruleset: + + # Everything else is denied and logged +$cmd 00999 deny log all from any to any + + The <application>IPFW</application> Command @@ -2155,199 +2289,6 @@ ks="keep-state" # just too lazy t - An Example Stateful Ruleset - - The following sample ruleset is a complete inclusive - type ruleset. Comment out any - pass rules for services that are not - required. To avoid logging undesired messages, add a - deny rule in the inbound section. - Change the dc0 in every rule to the - device name of the interface that connects the system to the - Internet. - - There is a noticeable pattern in the usage of these - rules. - - - - All statements that are a request to start a session - to the Internet use - keep-state. - - - - All the authorized services that originate from - the Internet use limit to prevent - flooding. - - - - All rules use in or - out to clarify direction. - - - - All rules use via - interface-name to specify - the interface the packet is traveling over. - - - - The following rules go into - /etc/ipfw.rules: - - ################ Start of IPFW rules file ############################### -# Flush out the list before we begin. -ipfw -q -f flush - -# Set rules command prefix -cmd="ipfw -q add" -pif="dc0" # public interface name of NIC - # facing the public Internet - -################################################################# -# No restrictions on Inside LAN Interface for private network -# Not needed unless you have LAN. -# Change xl0 to your LAN NIC interface name -################################################################# -#$cmd 00005 allow all from any to any via xl0 - -################################################################# -# No restrictions on Loopback Interface -################################################################# -$cmd 00010 allow all from any to any via lo0 - -################################################################# -# Allow the packet through if it has previous been added to the -# the "dynamic" rules table by a allow keep-state statement. -################################################################# -$cmd 00015 check-state - -################################################################# -# Interface facing Public Internet (Outbound Section) -# Interrogate session start requests originating from behind the -# firewall on the private network or from this gateway server -# destined for the public Internet. -################################################################# - -# Allow out access to my ISP's Domain name server. -# x.x.x.x must be the IP address of your ISP.s DNS -# Dup these lines if your ISP has more than one DNS server -# Get the IP addresses from /etc/resolv.conf file -$cmd 00110 allow tcp from any to x.x.x.x 53 out via $pif setup keep-state -$cmd 00111 allow udp from any to x.x.x.x 53 out via $pif keep-state - -# Allow out access to my ISP's DHCP server for cable/DSL configurations. -# This rule is not needed for .user ppp. connection to the public Internet. -# so you can delete this whole group. -# Use the following rule and check log for IP address. -# Then put IP address in commented out rule & delete first rule -$cmd 00120 allow log udp from any to any 67 out via $pif keep-state -#$cmd 00120 allow udp from any to x.x.x.x 67 out via $pif keep-state - -# Allow out non-secure standard www function -$cmd 00200 allow tcp from any to any 80 out via $pif setup keep-state - -# Allow out secure www function https over TLS SSL -$cmd 00220 allow tcp from any to any 443 out via $pif setup keep-state - -# Allow out send & get email function -$cmd 00230 allow tcp from any to any 25 out via $pif setup keep-state -$cmd 00231 allow tcp from any to any 110 out via $pif setup keep-state - -# Allow out FBSD (make install & CVSUP) functions -# Basically give user root "GOD" privileges. -$cmd 00240 allow tcp from me to any out via $pif setup keep-state uid root - -# Allow out ping -$cmd 00250 allow icmp from any to any out via $pif keep-state - -# Allow out Time -$cmd 00260 allow tcp from any to any 37 out via $pif setup keep-state - -# Allow out nntp news (i.e., news groups) -$cmd 00270 allow tcp from any to any 119 out via $pif setup keep-state - -# Allow out secure FTP, Telnet, and SCP -# This function is using SSH (secure shell) -$cmd 00280 allow tcp from any to any 22 out via $pif setup keep-state - -# Allow out whois -$cmd 00290 allow tcp from any to any 43 out via $pif setup keep-state - -# deny and log everything else that.s trying to get out. -# This rule enforces the block all by default logic. -$cmd 00299 deny log all from any to any out via $pif - -################################################################# -# Interface facing Public Internet (Inbound Section) -# Check packets originating from the public Internet -# destined for this gateway server or the private network. -################################################################# - -# Deny all inbound traffic from non-routable reserved address spaces -$cmd 00300 deny all from 192.168.0.0/16 to any in via $pif #RFC 1918 private IP -$cmd 00301 deny all from 172.16.0.0/12 to any in via $pif #RFC 1918 private IP -$cmd 00302 deny all from 10.0.0.0/8 to any in via $pif #RFC 1918 private IP -$cmd 00303 deny all from 127.0.0.0/8 to any in via $pif #loopback -$cmd 00304 deny all from 0.0.0.0/8 to any in via $pif #loopback -$cmd 00305 deny all from 169.254.0.0/16 to any in via $pif #DHCP auto-config -$cmd 00306 deny all from 192.0.2.0/24 to any in via $pif #reserved for docs -$cmd 00307 deny all from 204.152.64.0/23 to any in via $pif #Sun cluster interconnect -$cmd 00308 deny all from 224.0.0.0/3 to any in via $pif #Class D & E multicast - -# Deny public pings -$cmd 00310 deny icmp from any to any in via $pif - -# Deny ident -$cmd 00315 deny tcp from any to any 113 in via $pif - -# Deny all Netbios service. 137=name, 138=datagram, 139=session -# Netbios is MS/Windows sharing services. -# Block MS/Windows hosts2 name server requests 81 -$cmd 00320 deny tcp from any to any 137 in via $pif -$cmd 00321 deny tcp from any to any 138 in via $pif -$cmd 00322 deny tcp from any to any 139 in via $pif -$cmd 00323 deny tcp from any to any 81 in via $pif - -# Deny any late arriving packets -$cmd 00330 deny all from any to any frag in via $pif - -# Deny ACK packets that did not match the dynamic rule table -$cmd 00332 deny tcp from any to any established in via $pif - -# Allow traffic in from ISP's DHCP server. This rule must contain -# the IP address of your ISP.s DHCP server as it.s the only -# authorized source to send this packet type. -# Only necessary for cable or DSL configurations. -# This rule is not needed for .user ppp. type connection to -# the public Internet. This is the same IP address you captured -# and used in the outbound section. -#$cmd 00360 allow udp from any to x.x.x.x 67 in via $pif keep-state - -# Allow in standard www function because I have apache server -$cmd 00400 allow tcp from any to me 80 in via $pif setup limit src-addr 2 - -# Allow in secure FTP, Telnet, and SCP from public Internet -$cmd 00410 allow tcp from any to me 22 in via $pif setup limit src-addr 2 - -# Allow in non-secure Telnet session from public Internet -# labeled non-secure because ID & PW are passed over public -# Internet as clear text. -# Delete this sample group if you do not have telnet server enabled. -$cmd 00420 allow tcp from any to me 23 in via $pif setup limit src-addr 2 - -# Reject & Log all incoming connections from the outside -$cmd 00499 deny log all from any to any in via $pif - -# Everything else is denied by default -# deny and log all packets that fell through to see what they are -$cmd 00999 deny log all from any to any -################ End of IPFW rules file ############################### - - - An Example <acronym>NAT</acronym> and Stateful Ruleset From owner-svn-doc-all@FreeBSD.ORG Wed Feb 26 22:19:05 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 955D670C; Wed, 26 Feb 2014 22:19:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 709C912DA; Wed, 26 Feb 2014 22:19:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1QMJ5Qa033820; Wed, 26 Feb 2014 22:19:05 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1QMJ53n033818; Wed, 26 Feb 2014 22:19:05 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201402262219.s1QMJ53n033818@svn.freebsd.org> From: Dru Lavigne Date: Wed, 26 Feb 2014 22:19:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44080 - in head/en_US.ISO8859-1/books/handbook: advanced-networking firewalls X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Feb 2014 22:19:05 -0000 Author: dru Date: Wed Feb 26 22:19:04 2014 New Revision: 44080 URL: http://svnweb.freebsd.org/changeset/doc/44080 Log: Prep work for merging Advanced Networking NAT section into IPFW Configuring NAT section. Move Configuring NAT to after Example Ruleset. Next commit will start to merge the deleted content into the NAT section. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed Feb 26 21:53:13 2014 (r44079) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed Feb 26 22:19:04 2014 (r44080) @@ -48,10 +48,6 @@ - How to set up network address translation. - - - How to set up IPv6 on a &os; machine. @@ -4740,386 +4736,6 @@ Received 264951 bytes in 0.1 seconds - - - Network Address Translation - - - - - Chern - Lee - - Contributed by - - - - - - Overview - - - &man.natd.8; - - - &os;'s Network Address Translation - (NAT) daemon, &man.natd.8;, accepts - incoming raw IP packets, changes the - source to the local machine, and injects these packets back - into the outgoing IP packet stream. The - source IP address and port are changed - such that when data is received back, it is able to determine - the original location of the data and forward it back to its - original requester. - - - Internet connection sharing - - - NAT - - - The most common use of NAT is to - perform what is commonly known as Internet Connection - Sharing. - - - - Setup - - Due to the diminishing IP address - space in IPv4 and the increased number of - users on high-speed consumer lines such as cable or - DSL, people are increasingly in need of - an Internet Connection Sharing solution. The ability to - connect several computers online through one connection and - IP address makes &man.natd.8; a reasonable - choice. - - Most commonly, a user has a machine connected to a cable - or DSL line with one IP - address and wishes to use this one connected computer to - provide Internet access to several more over a - LAN. - - To do this, the &os; machine connected to the Internet - must act as a gateway. This gateway machine must have two - NICs: one connects to the Internet router - and the other connects to a LAN. All the - machines on the LAN are connected through - a hub or switch. - - - There are many ways to get a LAN - connected to the Internet through a &os; gateway. This - example will only cover a gateway with at least two - NICs. - - - - - - - - - _______ __________ ________ - | | | | | | - | Hub |-----| Client B |-----| Router |----- Internet - |_______| |__________| |________| - | - ____|_____ -| | -| Client A | -|__________| - - - - Network Layout - - - - A setup like this is commonly used to share an Internet - connection. One of the LAN machines is - connected to the Internet and the rest of the machines access - the Internet through that gateway - machine. - - - - Boot Loader Configuration - - - boot loader - configuration - - - The kernel features for &man.natd.8; are not enabled in - the GENERIC kernel, but they can be - loaded at boot time by adding a couple of options to - /boot/loader.conf: - - ipfw_load="YES" -ipdivert_load="YES" - - Additionally, the - net.inet.ip.fw.default_to_accept tunable - option should be set to 1: - - net.inet.ip.fw.default_to_accept="1" - - - It is a good idea to set this option during the first - attempts to setup a firewall and NAT - gateway. This sets the default policy of &man.ipfw.8; to - be more permissive than the default deny ip from - any to any, making it slightly more difficult - to get locked out of the system right after a reboot. - - - - - Kernel Configuration - - - kernel - configuration - - - When modules are not an option or if it is preferable to - build all the required features into a custom kernel, the - following options must be in the custom kernel configuration - file: - - options IPFIREWALL -options IPDIVERT - - Additionally, the following may also be suitable: - - options IPFIREWALL_DEFAULT_TO_ACCEPT -options IPFIREWALL_VERBOSE - - - - System Startup Configuration - - To enable firewall and NAT support at - boot time, the following must be in - /etc/rc.conf: - - gateway_enable="YES" -firewall_enable="YES" -firewall_type="OPEN" -natd_enable="YES" -natd_interface="fxp0" -natd_flags="" - - - - Sets up the machine to act as a gateway. Running - sysctl net.inet.ip.forwarding=1 would - have the same effect. - - - - Enables the firewall rules in - /etc/rc.firewall at boot. - - - - This specifies a predefined firewall ruleset that - allows anything in. See - /etc/rc.firewall for additional - types. - - - - Indicates which interface to forward packets through. - This is the interface that is connected to the - Internet. - - - - Any additional configuration options passed to - &man.natd.8; on boot. - - - - These - /etc/rc.conf options will run - natd -interface fxp0 at boot. This can - also be run manually after boot. - - - It is also possible to use a configuration file for - &man.natd.8; when there are too many options to pass. In - this case, the configuration file must be defined by adding - the following line to - /etc/rc.conf: - - natd_flags="-f /etc/natd.conf" - - A list of configuration options, one per line, can be - added to /etc/natd.conf. For - example: - - redirect_port tcp 192.168.0.2:6667 6667 -redirect_port tcp 192.168.0.3:80 80 - - For more information about this configuration file, - consult &man.natd.8;. - - - Each machine and interface behind the - LAN should be assigned - IP addresses in the private network space, - as defined by RFC - 1918, and have a default gateway of the - &man.natd.8; machine's internal IP - address. - - For example, client A and - B behind the LAN - have IP addresses of 192.168.0.2 and 192.168.0.3, while the - &man.natd.8; machine's LAN interface has an - IP address of 192.168.0.1. The default - gateway of clients A and - B must be set to that of the - &man.natd.8; machine, 192.168.0.1. The - &man.natd.8; machine's external Internet interface does not - require any special modification for &man.natd.8; to - work. - - - - Port Redirection - - The drawback with &man.natd.8; is that the - LAN clients are not accessible from the - Internet. Clients on the LAN can make - outgoing connections to the world but cannot receive incoming - ones. This presents a problem if trying to run Internet - services on one of the LAN client machines. - A simple way around this is to redirect selected Internet - ports on the &man.natd.8; machine to a LAN - client. - - For example, an IRC server runs on - client A and a web server runs on - client B. For this to work properly, - connections received on ports 6667 (IRC) - and 80 (HTTP) must be redirected to the - respective machines. - - The syntax for is as - follows: - - -redirect_port proto targetIP:targetPORT[-targetPORT] - [aliasIP:]aliasPORT[-aliasPORT] - [remoteIP[:remotePORT[-remotePORT]]] - - In the above example, the argument should be: - - -redirect_port tcp 192.168.0.2:6667 6667 - -redirect_port tcp 192.168.0.3:80 80 - - This redirects the proper TCP ports - to the LAN client machines. - - Port ranges over individual ports can be indicated with - . For example, - tcp 192.168.0.2:2000-3000 2000-3000 - would redirect all connections received on ports 2000 to 3000 - to ports 2000 to 3000 on client - A. - - These options can be used when directly running - &man.natd.8;, placed within the - natd_flags="" option in - /etc/rc.conf, or passed via a - configuration file. - - For further configuration options, consult - &man.natd.8; - - - - Address Redirection - - - address redirection - - - Address redirection is useful if more than one - IP address is available. Each - LAN client can be assigned its own - external IP address by &man.natd.8;, - which will then rewrite outgoing packets from the - LAN clients with the proper external - IP address and redirects all traffic - incoming on that particular IP address - back to the specific LAN client. This is - also known as static NAT. For example, - if IP addresses 128.1.1.1, 128.1.1.2, and 128.1.1.3 are available, - 128.1.1.1 can be - used as the &man.natd.8; machine's external - IP address, while 128.1.1.2 and 128.1.1.3 are forwarded back - to LAN clients A - and B. - - The syntax is as - follows: - - -redirect_address localIP publicIP - - - - - - - localIP - The internal IP address of - the LAN client. - - - - publicIP - The external IP address - corresponding to the LAN - client. - - - - - - In the example, this argument would read: - - -redirect_address 192.168.0.2 128.1.1.2 --redirect_address 192.168.0.3 128.1.1.3 - - Like , these arguments are - placed within the natd_flags="" option - of /etc/rc.conf, or passed via a - configuration file. With address redirection, there is no - need for port redirection since all data received on a - particular IP address is redirected. - - The external IP addresses on the - &man.natd.8; machine must be active and aliased to the - external interface. Refer to &man.rc.conf.5; for - details. - - - <acronym>IPv6</acronym> Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Wed Feb 26 21:53:13 2014 (r44079) +++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Wed Feb 26 22:19:04 2014 (r44080) @@ -2120,177 +2120,9 @@ pif="dc0" # interface name of NIC at # Everything else is denied and logged $cmd 00999 deny log all from any to any - - - The <application>IPFW</application> Command - - ipfw - - ipfw can be used to make manual, - single rule additions or deletions to the active firewall - while it is running. The problem with using this method is - that all the changes are lost when the system reboots. It is - recommended to instead write all the rules in a file and to - use that file to load the rules at boot time and to replace - the currently running firewall rules whenever that file - changes. - - ipfw is a useful way to display the - running firewall rules to the console screen. The - IPFW accounting facility - dynamically creates a counter for each rule that counts each - packet that matches the rule. During the process of testing a - rule, listing the rule with its counter is one way to - determine if the rule is functioning as expected. - - To list all the running rules in sequence: - - &prompt.root; ipfw list - - To list all the running rules with a time stamp of when - the last time the rule was matched: - - &prompt.root; ipfw -t list - - The next example lists accounting information and the - packet count for matched rules along with the rules - themselves. The first column is the rule number, followed by - the number of matched packets and bytes, followed by the rule - itself. - - &prompt.root; ipfw -a list - - To list dynamic rules in addition to static rules: - - &prompt.root; ipfw -d list - To also show the expired dynamic rules: - - &prompt.root; ipfw -d -e list - - To zero the counters: - - &prompt.root; ipfw zero - - To zero the counters for just the rule with number - NUM: - - &prompt.root; ipfw zero NUM - - - Logging Firewall Messages - - - IPFW - - logging - - - Even with the logging facility enabled, - IPFW will not generate any rule - logging on its own. The firewall administrator decides - which rules in the ruleset will be logged, and adds the - log keyword to those rules. Normally - only deny rules are logged. It is customary to duplicate - the ipfw default deny everything rule with - the log keyword included as the last rule - in the ruleset. This way, it is possible to see all the - packets that did not match any of the rules in the - ruleset. - - Logging is a two edged sword. If one is not careful, - an over abundance of log data or a DoS attack can fill the - disk with log files. Log messages are not only written to - syslogd, but also are displayed - on the root console screen and soon become annoying. - - The IPFIREWALL_VERBOSE_LIMIT=5 - kernel option limits the number of consecutive messages - sent to &man.syslogd.8;, concerning the packet matching of a - given rule. When this option is enabled in the kernel, the - number of consecutive messages concerning a particular rule - is capped at the number specified. There is nothing to be - gained from 200 identical log messages. With this option - set to five, - five consecutive messages concerning a particular rule - would be logged to syslogd and - the remainder identical consecutive messages would be - counted and posted to syslogd - with a phrase like the following: - - last message repeated 45 times - - All logged packets messages are written by default to - /var/log/security, which is - defined in /etc/syslog.conf. - - - - Building a Rule Script - - Most experienced IPFW users - create a file containing the rules and code them in a manner - compatible with running them as a script. The major benefit - of doing this is the firewall rules can be refreshed in mass - without the need of rebooting the system to activate them. - This method is convenient in testing new rules as the - procedure can be executed as many times as needed. Being a - script, symbolic substitution can be used for frequently - used values to be substituted into multiple rules. - - This example script is compatible with the syntax used - by the &man.sh.1;, &man.csh.1;, and &man.tcsh.1; shells. - Symbolic substitution fields are prefixed with a dollar sign - ($). Symbolic fields do not have the $ - prefix. The value to populate the symbolic field must be - enclosed in double quotes (""). - - Start the rules file like this: - - ############### start of example ipfw rules script ############# -# -ipfw -q -f flush # Delete all rules -# Set defaults -oif="tun0" # out interface -odns="192.0.2.11" # ISP's DNS server IP address -cmd="ipfw -q add " # build rule prefix -ks="keep-state" # just too lazy to key this each time -$cmd 00500 check-state -$cmd 00502 deny all from any to any frag -$cmd 00501 deny tcp from any to any established -$cmd 00600 allow tcp from any to any 80 out via $oif setup $ks -$cmd 00610 allow tcp from any to $odns 53 out via $oif setup $ks -$cmd 00611 allow udp from any to $odns 53 out via $oif $ks -################### End of example ipfw rules script ############ - - The rules are not important as the focus of this example - is how the symbolic substitution fields are - populated. - - If the above example was in - /etc/ipfw.rules, the rules could be - reloaded by the following command: - - &prompt.root; sh /etc/ipfw.rules - - /etc/ipfw.rules can be located - anywhere and the file can have any name. - - The same thing could be accomplished by running these - commands by hand: - - &prompt.root; ipfw -q -f flush -&prompt.root; ipfw -q add check-state -&prompt.root; ipfw -q add deny all from any to any frag -&prompt.root; ipfw -q add deny tcp from any to any established -&prompt.root; ipfw -q add allow tcp from any to any 80 out via tun0 setup keep-state -&prompt.root; ipfw -q add allow tcp from any to 192.0.2.11 53 out via tun0 setup keep-state -&prompt.root; ipfw -q add 00611 allow udp from any to 192.0.2.11 53 out via tun0 keep-state - - - - An Example <acronym>NAT</acronym> and Stateful - Ruleset + + Configuring <acronym>NAT</acronym> NAT @@ -2599,6 +2431,173 @@ pif="rl0" # public interface name of # deny and log all packets that fell through to see what they are $cmd 999 deny log all from any to any ################ End of IPFW rules file ############################### + + + + The <application>IPFW</application> Command + + ipfw + + ipfw can be used to make manual, + single rule additions or deletions to the active firewall + while it is running. The problem with using this method is + that all the changes are lost when the system reboots. It is + recommended to instead write all the rules in a file and to + use that file to load the rules at boot time and to replace + the currently running firewall rules whenever that file + changes. + + ipfw is a useful way to display the + running firewall rules to the console screen. The + IPFW accounting facility + dynamically creates a counter for each rule that counts each + packet that matches the rule. During the process of testing a + rule, listing the rule with its counter is one way to + determine if the rule is functioning as expected. + + To list all the running rules in sequence: + + &prompt.root; ipfw list + + To list all the running rules with a time stamp of when + the last time the rule was matched: + + &prompt.root; ipfw -t list + + The next example lists accounting information and the + packet count for matched rules along with the rules + themselves. The first column is the rule number, followed by + the number of matched packets and bytes, followed by the rule + itself. + + &prompt.root; ipfw -a list + + To list dynamic rules in addition to static rules: + + &prompt.root; ipfw -d list + + To also show the expired dynamic rules: + + &prompt.root; ipfw -d -e list + + To zero the counters: + + &prompt.root; ipfw zero + + To zero the counters for just the rule with number + NUM: + + &prompt.root; ipfw zero NUM + + + Logging Firewall Messages + + + IPFW + + logging + + + Even with the logging facility enabled, + IPFW will not generate any rule + logging on its own. The firewall administrator decides + which rules in the ruleset will be logged, and adds the + log keyword to those rules. Normally + only deny rules are logged. It is customary to duplicate + the ipfw default deny everything rule with + the log keyword included as the last rule + in the ruleset. This way, it is possible to see all the + packets that did not match any of the rules in the + ruleset. + + Logging is a two edged sword. If one is not careful, + an over abundance of log data or a DoS attack can fill the + disk with log files. Log messages are not only written to + syslogd, but also are displayed + on the root console screen and soon become annoying. + + The IPFIREWALL_VERBOSE_LIMIT=5 + kernel option limits the number of consecutive messages + sent to &man.syslogd.8;, concerning the packet matching of a + given rule. When this option is enabled in the kernel, the + number of consecutive messages concerning a particular rule + is capped at the number specified. There is nothing to be + gained from 200 identical log messages. With this option + set to five, + five consecutive messages concerning a particular rule + would be logged to syslogd and + the remainder identical consecutive messages would be + counted and posted to syslogd + with a phrase like the following: + + last message repeated 45 times + + All logged packets messages are written by default to + /var/log/security, which is + defined in /etc/syslog.conf. + + + + Building a Rule Script + + Most experienced IPFW users + create a file containing the rules and code them in a manner + compatible with running them as a script. The major benefit + of doing this is the firewall rules can be refreshed in mass + without the need of rebooting the system to activate them. + This method is convenient in testing new rules as the + procedure can be executed as many times as needed. Being a + script, symbolic substitution can be used for frequently + used values to be substituted into multiple rules. + + This example script is compatible with the syntax used + by the &man.sh.1;, &man.csh.1;, and &man.tcsh.1; shells. + Symbolic substitution fields are prefixed with a dollar sign + ($). Symbolic fields do not have the $ + prefix. The value to populate the symbolic field must be + enclosed in double quotes (""). + + Start the rules file like this: + + ############### start of example ipfw rules script ############# +# +ipfw -q -f flush # Delete all rules +# Set defaults +oif="tun0" # out interface +odns="192.0.2.11" # ISP's DNS server IP address +cmd="ipfw -q add " # build rule prefix +ks="keep-state" # just too lazy to key this each time +$cmd 00500 check-state +$cmd 00502 deny all from any to any frag +$cmd 00501 deny tcp from any to any established +$cmd 00600 allow tcp from any to any 80 out via $oif setup $ks +$cmd 00610 allow tcp from any to $odns 53 out via $oif setup $ks +$cmd 00611 allow udp from any to $odns 53 out via $oif $ks +################### End of example ipfw rules script ############ + + The rules are not important as the focus of this example + is how the symbolic substitution fields are + populated. + + If the above example was in + /etc/ipfw.rules, the rules could be + reloaded by the following command: + + &prompt.root; sh /etc/ipfw.rules + + /etc/ipfw.rules can be located + anywhere and the file can have any name. + + The same thing could be accomplished by running these + commands by hand: + + &prompt.root; ipfw -q -f flush +&prompt.root; ipfw -q add check-state +&prompt.root; ipfw -q add deny all from any to any frag +&prompt.root; ipfw -q add deny tcp from any to any established +&prompt.root; ipfw -q add allow tcp from any to any 80 out via tun0 setup keep-state +&prompt.root; ipfw -q add allow tcp from any to 192.0.2.11 53 out via tun0 setup keep-state +&prompt.root; ipfw -q add 00611 allow udp from any to 192.0.2.11 53 out via tun0 keep-state From owner-svn-doc-all@FreeBSD.ORG Wed Feb 26 23:03:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CCD0841F; Wed, 26 Feb 2014 23:03:12 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id AD46116F0; Wed, 26 Feb 2014 23:03:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1QN3CcG054705; Wed, 26 Feb 2014 23:03:12 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1QN3CW6054704; Wed, 26 Feb 2014 23:03:12 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201402262303.s1QN3CW6054704@svn.freebsd.org> From: Dru Lavigne Date: Wed, 26 Feb 2014 23:03:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44081 - head/en_US.ISO8859-1/books/handbook/firewalls X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Feb 2014 23:03:12 -0000 Author: dru Date: Wed Feb 26 23:03:12 2014 New Revision: 44081 URL: http://svnweb.freebsd.org/changeset/doc/44081 Log: Initial merge of IPFW NAT content. Tomorrow's commits will review the technical content. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Wed Feb 26 22:19:04 2014 (r44080) +++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Wed Feb 26 23:03:12 2014 (r44081) @@ -1999,6 +1999,18 @@ options IPDIVERT # enables NATinterface-name to specify the interface the packet is traveling over. + + When first creating or testing a firewall ruleset, + consider temporarily setting this tunable: + + net.inet.ip.fw.default_to_accept="1" + + This sets the default policy of &man.ipfw.8; to + be more permissive than the default deny ip from + any to any, making it slightly more difficult + to get locked out of the system right after a reboot. + + The firewall script begins by indicating that it is a Bourne shell script and flushes any existing rules. It then creates the cmd variable so that @@ -2122,31 +2134,86 @@ pif="dc0" # interface name of NIC at + Configuring <acronym>NAT</acronym> + + + + Chern + Lee + + Contributed by + + + NAT and IPFW - There are some additional configuration statements that - need to be enabled to activate the NAT - function of IPFW. For a - customized kernel, the kernel configuration file needs - option IPDIVERT added to the other + &os;'s built-in + NAT daemon, &man.natd.8;, works in + conjunction with IPFW to provide + network address translation. This can be used to provide an + Internet Connection Sharing solution so that + several internal computers can connect to the Internet using + IP address. + + To do this, the &os; machine connected to the Internet + must act as a gateway. This gateway machine must have two + NICs: one connects to the Internet router + and the other connects to a LAN. All the + machines on the LAN are connected through + a hub or switch. + + Each machine and interface behind the + LAN should be assigned + IP addresses in the private network space, + as defined by RFC + 1918, and have a default gateway of the + &man.natd.8; machine's internal IP + address. + + Some additional configuration is + needed in order to activate the NAT + function of IPFW. If the system + has a custom kernel, the kernel configuration file needs to + include option IPDIVERT with the other IPFIREWALL options. - In addition to the normal - IPFW options in - /etc/rc.conf, the following are - needed: - - natd_enable="YES" # Enable NATD function -natd_interface="rl0" # interface name of public Internet NIC + To enable firewall and NAT support at + boot time, the following must be in + /etc/rc.conf: + + gateway_enable="YES" # enables the gateway function +natd_enable="YES" # enables the NAT function +natd_interface="rl0" # specify interface name of NIC attached to Internet natd_flags="-dynamic -m" # -m = preserve port numbers if possible - Utilizing stateful rules with a divert + + It is also possible to use a configuration file for + &man.natd.8; when there are too many options to pass. In + this case, the configuration file must be defined by adding + the following line to + /etc/rc.conf: + + natd_flags="-f /etc/natd.conf" + + A list of configuration options, one per line, can be + added to /etc/natd.conf. For + example: + + redirect_port tcp 192.168.0.2:6667 6667 +redirect_port tcp 192.168.0.3:80 80 + + For more information about this configuration file, + consult &man.natd.8;. + + + Utilizing stateful rules with a divert natd rule complicates the ruleset logic. The positioning of the check-state, and divert natd rules in the ruleset is @@ -2431,7 +2498,131 @@ pif="rl0" # public interface name of # deny and log all packets that fell through to see what they are $cmd 999 deny log all from any to any ################ End of IPFW rules file ############################### - + + + Port Redirection + + The drawback with &man.natd.8; is that the + LAN clients are not accessible from the + Internet. Clients on the LAN can make + outgoing connections to the world but cannot receive incoming + ones. This presents a problem if trying to run Internet + services on one of the LAN client machines. + A simple way around this is to redirect selected Internet + ports on the &man.natd.8; machine to a LAN + client. + + For example, an IRC server runs on + client A and a web server runs on + client B. For this to work properly, + connections received on ports 6667 (IRC) + and 80 (HTTP) must be redirected to the + respective machines. + + The syntax for is as + follows: + + -redirect_port proto targetIP:targetPORT[-targetPORT] + [aliasIP:]aliasPORT[-aliasPORT] + [remoteIP[:remotePORT[-remotePORT]]] + + In the above example, the argument should be: + + -redirect_port tcp 192.168.0.2:6667 6667 + -redirect_port tcp 192.168.0.3:80 80 + + This redirects the proper TCP ports + to the LAN client machines. + + Port ranges over individual ports can be indicated with + . For example, + tcp 192.168.0.2:2000-3000 2000-3000 + would redirect all connections received on ports 2000 to 3000 + to ports 2000 to 3000 on client + A. + + These options can be used when directly running + &man.natd.8;, placed within the + natd_flags="" option in + /etc/rc.conf, or passed via a + configuration file. + + For further configuration options, consult + &man.natd.8; + + + + Address Redirection + + + address redirection + + + Address redirection is useful if more than one + IP address is available. Each + LAN client can be assigned its own + external IP address by &man.natd.8;, + which will then rewrite outgoing packets from the + LAN clients with the proper external + IP address and redirects all traffic + incoming on that particular IP address + back to the specific LAN client. This is + also known as static NAT. For example, + if IP addresses 128.1.1.1, 128.1.1.2, and 128.1.1.3 are available, + 128.1.1.1 can be + used as the &man.natd.8; machine's external + IP address, while 128.1.1.2 and 128.1.1.3 are forwarded back + to LAN clients A + and B. + + The syntax is as + follows: + + -redirect_address localIP publicIP + + + + + + + localIP + The internal IP address of + the LAN client. + + + + publicIP + The external IP address + corresponding to the LAN + client. + + + + + + In the example, this argument would read: + + -redirect_address 192.168.0.2 128.1.1.2 +-redirect_address 192.168.0.3 128.1.1.3 + + Like , these arguments are + placed within the natd_flags="" option + of /etc/rc.conf, or passed via a + configuration file. With address redirection, there is no + need for port redirection since all data received on a + particular IP address is redirected. + + The external IP addresses on the + &man.natd.8; machine must be active and aliased to the + external interface. Refer to &man.rc.conf.5; for + details. + + The <application>IPFW</application> Command From owner-svn-doc-all@FreeBSD.ORG Wed Feb 26 23:14:37 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 54869731; Wed, 26 Feb 2014 23:14:37 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 3F29E17C1; Wed, 26 Feb 2014 23:14:37 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1QNEbKO059158; Wed, 26 Feb 2014 23:14:37 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1QNEbP6059157; Wed, 26 Feb 2014 23:14:37 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201402262314.s1QNEbP6059157@svn.freebsd.org> From: Warren Block Date: Wed, 26 Feb 2014 23:14:37 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44082 - head/en_US.ISO8859-1/books/fdp-primer/editor-config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Feb 2014 23:14:37 -0000 Author: wblock Date: Wed Feb 26 23:14:36 2014 New Revision: 44082 URL: http://svnweb.freebsd.org/changeset/doc/44082 Log: Fix .nanorc config. Submitted by: jgh Modified: head/en_US.ISO8859-1/books/fdp-primer/editor-config/chapter.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/editor-config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/editor-config/chapter.xml Wed Feb 26 23:03:12 2014 (r44081) +++ head/en_US.ISO8859-1/books/fdp-primer/editor-config/chapter.xml Wed Feb 26 23:14:36 2014 (r44082) @@ -94,7 +94,8 @@ augroup END Add these lines to the new ~/.nanorc. - # trailing whitespace + syntax "xml" "\.([jrs]html?|xml|xslt?)$" +# trailing whitespace color ,blue "[[:space:]]+$" # multiples of eight spaces at the start a line # (after zero or more tabs) should be a tab From owner-svn-doc-all@FreeBSD.ORG Wed Feb 26 23:44:34 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5232DD74; Wed, 26 Feb 2014 23:44:34 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 39D901A42; Wed, 26 Feb 2014 23:44:34 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1QNiYVP071932; Wed, 26 Feb 2014 23:44:34 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1QNiYqI071931; Wed, 26 Feb 2014 23:44:34 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201402262344.s1QNiYqI071931@svn.freebsd.org> From: Dru Lavigne Date: Wed, 26 Feb 2014 23:44:34 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44083 - head/en_US.ISO8859-1/books/handbook/firewalls X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Feb 2014 23:44:34 -0000 Author: dru Date: Wed Feb 26 23:44:33 2014 New Revision: 44083 URL: http://svnweb.freebsd.org/changeset/doc/44083 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Wed Feb 26 23:14:36 2014 (r44082) +++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Wed Feb 26 23:44:33 2014 (r44083) @@ -1708,40 +1708,39 @@ options IPDIVERT # enables NAT If firewall_type is set to either - client or simple, - modify the default rules found in - /etc/rc.firewall to fit the - configuration of the system. + client or simple, + modify the default rules found in + /etc/rc.firewall to fit the + configuration of the system. - Note that the - filename type is used to load a custom ruleset. + Note that the filename type is used to + load a custom ruleset. An alternate way to load a custom ruleset is to set the firewall_script variable to the absolute - path of an executable script that includes - IPFW commands. The examples used in this - section assume that the firewall_script - is set to /etc/ipfw.rules: + path of an executable script that + includes IPFW commands. The + examples used in this section assume that the + firewall_script is set to + /etc/ipfw.rules: - firewall_script="/etc/ipfw.rules" + firewall_script="/etc/ipfw.rules" To enable logging, include this line: firewall_logging="YES" - There is no - /etc/rc.conf variable to set logging - limits. To limit the number of times a rule is logged - per connection attempt, specify the number using this line - in - /etc/sysctl.conf: + There is no /etc/rc.conf variable to + set logging limits. To limit the number of times a rule is + logged per connection attempt, specify the number using this + line in /etc/sysctl.conf: net.inet.ip.fw.verbose_limit=5 - + After saving the needed edits, start the firewall. To enable logging limits now, also set the sysctl value specified above: - + &prompt.root; service ipfw start &prompt.root; sysctl net.inet.ip.fw.verbose_limit=5 @@ -1755,13 +1754,12 @@ options IPDIVERT # enables NATrule processing order - When a packet enters the IPFW firewall, - it is compared against the first rule in the ruleset and - progresses one rule at a time, moving from top to bottom in - sequence. When the - packet matches the selection parameters of a rule, the rule's - action is executed and the search of the ruleset - terminates for that packet. This is referred to as + When a packet enters the IPFW + firewall, it is compared against the first rule in the ruleset + and progresses one rule at a time, moving from top to bottom + in sequence. When the packet matches the selection parameters + of a rule, the rule's action is executed and the search of the + ruleset terminates for that packet. This is referred to as first match wins. If the packet does not match any of the rules, it gets caught by the mandatory IPFW default rule number 65535, @@ -1781,19 +1779,20 @@ options IPDIVERT # enables NATWhen creating an IPFW rule, keywords must be written in the following order. Some keywords are mandatory - while other keywords are optional. The words shown in uppercase - represent a variable and the words shown in lowercase must - precede the variable that follows it. The # symbol is used - to mark the start of a comment and may appear at the end of a - rule or on its own line. Blank lines are ignored. + while other keywords are optional. The words shown in + uppercase represent a variable and the words shown in + lowercase must precede the variable that follows it. The + # symbol is used to mark the start of a + comment and may appear at the end of a rule or on its own + line. Blank lines are ignored. CMD RULE_NUMBER set SET_NUMBER ACTION log - LOG_AMOUNT PROTO from SRC SRC_PORT to DST DST_PORT + LOG_AMOUNT PROTO from SRC SRC_PORT to DST DST_PORT OPTIONS This section provides an overview of these keywords and - their options. It is not an exhaustive list of every possible - option. Refer to &man.ipfw.8; for a complete description of + their options. It is not an exhaustive list of every possible + option. Refer to &man.ipfw.8; for a complete description of the rule syntax that can be used when creating IPFW rules. @@ -1812,9 +1811,10 @@ options IPDIVERT # enables NATEach rule is associated with a number in the range of 1 to 65534. The number is used to - indicate the order of rule processing. Multiple rules can have the same - number, in which case they are checked according to - the order in which they have been added. + indicate the order of rule processing. Multiple rules + can have the same number, in which case they are checked + according to the order in which they have been + added. @@ -1822,13 +1822,12 @@ options IPDIVERT # enables NATSET_NUMBER Each rule is associated with a set number in the - range of 0 to - 31. Sets can be individually - disabled or enabled, making it possible to quickly add - or delete a set of rules. If a SET_NUMBER is not - specified, the rule will be added to set 0. - - + range of 0 to 31. + Sets can be individually disabled or enabled, making it + possible to quickly add or delete a set of rules. If a + SET_NUMBER is not specified, the rule will be added to + set 0. + @@ -1840,14 +1839,15 @@ options IPDIVERT # enables NAT allow | accept | pass | - permit: these keywords are equivalent and allow packets - that match the rule. + permit: these keywords are equivalent and + allow packets that match the rule. - check-state: checks the packet against the dynamic state table. - If a match is found, execute the action associated with - the rule which generated this dynamic rule, otherwise - move to the next rule. A check-state - rule does not have selection criterion. If no + check-state: checks the + packet against the dynamic state table. If a match is + found, execute the action associated with the rule which + generated this dynamic rule, otherwise move to the next + rule. A check-state rule does not + have selection criterion. If no check-state rule is present in the ruleset, the dynamic rules table is checked at the first keep-state or @@ -1857,9 +1857,9 @@ options IPDIVERT # enables NAT - deny | drop: either word discards - packets that match this rule. - + deny | drop: either word + discards packets that match this rule. + Additional actions are available. Refer to &man.ipfw.8; for details. @@ -1873,15 +1873,14 @@ options IPDIVERT # enables NATSECURITY. Logging only occurs if the number of packets logged for that particular rule does - not exceed the optional specified LOG_AMOUNT. - If no LOG_AMOUNT is specified, the - limit is taken from the value - of net.inet.ip.fw.verbose_limit. A - value of zero removes the logging limit. - Once the limit is reached, logging can be re-enabled by - clearing the logging counter or the packet counter for - that rule, using ipfw reset - log. + not exceed the optional specified LOG_AMOUNT. If no + LOG_AMOUNT is specified, the limit is taken from the + value of + net.inet.ip.fw.verbose_limit. A + value of zero removes the logging limit. Once the limit + is reached, logging can be re-enabled by clearing the + logging counter or the packet counter for that rule, + using ipfw reset log. Logging is done after all other packet matching @@ -1898,25 +1897,25 @@ options IPDIVERT # enables NATThis optional value can be used to specify any protocol name or number found in /etc/protocols. - - + + SRC - The from - keyword must be followed by the source address or a - keyword that represents the source address. An address - can be represented by the any, - me (any address configured on an - interface on this system), + The from keyword must be followed + by the source address or a keyword that represents the + source address. An address can be represented by the + any, me (any + address configured on an interface on this system), me6, (any IPv6 address configured on an interface on this system), or table followed by the number of a lookup table which contains a list of addresses. When specifying an IP address, it can be optionally followed by its CIDR mask - or subnet mask. For example, 1.2.3.4/25 or + or subnet mask. For example, + 1.2.3.4/25 or 1.2.3.4:255.255.255.128. @@ -1934,10 +1933,10 @@ options IPDIVERT # enables NATDST The to keyword must be followed - by the destination address or a - keyword that represents the destination address. The - same keywords and addresses described in the SRC section - can be used to describe the destination. + by the destination address or a keyword that represents + the destination address. The same keywords and + addresses described in the SRC section can be used to + describe the destination. @@ -1956,28 +1955,29 @@ options IPDIVERT # enables NATSeveral keywords can follow the source and destination. As the name suggests, OPTIONS are optional. Commonly used options include - in or - out, which specify the direction of - packet flow, icmptypes followed by - the type of ICMP message, and + in or out, which + specify the direction of packet flow, + icmptypes followed by the type of + ICMP message, and keep-state. - When a keep-state rule is matched, the - firewall will create a dynamic rule which - matches bidirectional traffic between the - source and destination addresses and ports using the same + When a keep-state rule is + matched, the firewall will create a dynamic rule which + matches bidirectional traffic between the source and + destination addresses and ports using the same protocol. The dynamic rules facility is vulnerable to resource depletion from a SYN-flood attack which would open a huge number of dynamic rules. To counter this type of attack with IPFW, use - limit. This option limits the - number of simultaneous sessions by checking the open dynamic rules, counting - the number of times this rule and IP address - combination occurred. If this count is greater than the - value specified by limit, the packet - is discarded. + limit. This option limits the number + of simultaneous sessions by checking the open dynamic + rules, counting the number of times this rule and + IP address combination occurred. If + this count is greater than the value specified by + limit, the packet is + discarded. Dozens of OPTIONS are available. Refer to &man.ipfw.8; for a description of each available @@ -1988,38 +1988,38 @@ options IPDIVERT # enables NAT - Example Ruleset + Example Ruleset - This section demonstrates how to create an example - stateful firewall ruleset script named - /etc/ipfw.rules. In this example, all - connection rules use in or - out to clarify the direction. They also - use via - interface-name to specify - the interface the packet is traveling over. - - - When first creating or testing a firewall ruleset, - consider temporarily setting this tunable: - - net.inet.ip.fw.default_to_accept="1" - - This sets the default policy of &man.ipfw.8; to - be more permissive than the default deny ip from - any to any, making it slightly more difficult - to get locked out of the system right after a reboot. + This section demonstrates how to create an example + stateful firewall ruleset script named + /etc/ipfw.rules. In this example, all + connection rules use in or + out to clarify the direction. They also + use via + interface-name to specify + the interface the packet is traveling over. + + + When first creating or testing a firewall ruleset, + consider temporarily setting this tunable: + + net.inet.ip.fw.default_to_accept="1" + + This sets the default policy of &man.ipfw.8; to be more + permissive than the default deny ip from any to + any, making it slightly more difficult to get + locked out of the system right after a reboot. - The firewall script begins by indicating that it is a - Bourne shell script and flushes any existing rules. It then - creates the cmd variable so that - ipfw add does not have to be typed at the - beginning of every rule. It also defines the - pif variable which represents the name of - the interface that is attached to the Internet. + The firewall script begins by indicating that it is a + Bourne shell script and flushes any existing rules. It then + creates the cmd variable so that + ipfw add does not have to be typed at the + beginning of every rule. It also defines the + pif variable which represents the name of + the interface that is attached to the Internet. - #!/bin/sh + #!/bin/sh # Flush out the list before we begin. ipfw -q -f flush @@ -2027,24 +2027,24 @@ ipfw -q -f flush cmd="ipfw -q add" pif="dc0" # interface name of NIC attached to Internet - The first two rules allow all traffic on the trusted - internal interface and on the loopback interface: + The first two rules allow all traffic on the trusted + internal interface and on the loopback interface: - # Change xl0 to LAN NIC interface name + # Change xl0 to LAN NIC interface name $cmd 00005 allow all from any to any via xl0 # No restrictions on Loopback Interface $cmd 00010 allow all from any to any via lo0 - The next rule allows the packet through if it matches - an existing entry in the dynamic rules table: + The next rule allows the packet through if it matches an + existing entry in the dynamic rules table: - $cmd 00015 check-state + $cmd 00015 check-state - The next set of rules defines which stateful connections - internal systems can create to hosts on the Internet: + The next set of rules defines which stateful connections + internal systems can create to hosts on the Internet: - # Allow access to public DNS + # Allow access to public DNS # Replace x.x.x.x with the IP address of a public DNS server # and repeat for each DNS server in /etc/resolv.conf $cmd 00110 allow tcp from any to x.x.x.x 53 out via $pif setup keep-state @@ -2076,14 +2076,14 @@ pif="dc0" # interface name of NIC at # deny and log all other outbound connections $cmd 00299 deny log all from any to any out via $pif - The next set of rules controls connections from - Internet hosts to the internal network. It starts by - denying packets typically associated with attacks and then - explicitly allows specific types of connections. All the - authorized services that originate from the Internet use - limit to prevent flooding. + The next set of rules controls connections from Internet + hosts to the internal network. It starts by denying packets + typically associated with attacks and then explicitly allows + specific types of connections. All the authorized services + that originate from the Internet use limit + to prevent flooding. - # Deny all inbound traffic from non-routable reserved address spaces + # Deny all inbound traffic from non-routable reserved address spaces $cmd 00300 deny all from 192.168.0.0/16 to any in via $pif #RFC 1918 private IP $cmd 00301 deny all from 172.16.0.0/12 to any in via $pif #RFC 1918 private IP $cmd 00302 deny all from 10.0.0.0/8 to any in via $pif #RFC 1918 private IP @@ -2125,50 +2125,49 @@ pif="dc0" # interface name of NIC at # Reject and log all other incoming connections $cmd 00499 deny log all from any to any in via $pif - The last rule logs all packets that do not match any of - the rules in the - ruleset: + The last rule logs all packets that do not match any of + the rules in the ruleset: - # Everything else is denied and logged + # Everything else is denied and logged $cmd 00999 deny log all from any to any - + - - + + Configuring <acronym>NAT</acronym> - - - Chern - Lee - - Contributed by - - - - - NAT + + + Chern + Lee + + Contributed by + + + + + NAT - and IPFW - + and IPFW + - &os;'s built-in - NAT daemon, &man.natd.8;, works in - conjunction with IPFW to provide - network address translation. This can be used to provide an - Internet Connection Sharing solution so that - several internal computers can connect to the Internet using - IP address. + &os;'s built-in NAT daemon, + &man.natd.8;, works in conjunction with + IPFW to provide network address + translation. This can be used to provide an Internet + Connection Sharing solution so that several internal computers + can connect to the Internet using IP + address. - To do this, the &os; machine connected to the Internet + To do this, the &os; machine connected to the Internet must act as a gateway. This gateway machine must have two NICs: one connects to the Internet router and the other connects to a LAN. All the machines on the LAN are connected through a hub or switch. - Each machine and interface behind the + Each machine and interface behind the LAN should be assigned IP addresses in the private network space, as defined by IP address. - Some additional configuration is - needed in order to activate the NAT - function of IPFW. If the system - has a custom kernel, the kernel configuration file needs to - include option IPDIVERT with the other - IPFIREWALL options. - - To enable firewall and NAT support at - boot time, the following must be in - /etc/rc.conf: + Some additional configuration is needed in order to + activate the NAT function of + IPFW. If the system has a custom + kernel, the kernel configuration file needs to include + option IPDIVERT with the other + IPFIREWALL options. + + To enable firewall and NAT support at + boot time, the following must be in + /etc/rc.conf: - gateway_enable="YES" # enables the gateway function + gateway_enable="YES" # enables the gateway function natd_enable="YES" # enables the NAT function natd_interface="rl0" # specify interface name of NIC attached to Internet natd_flags="-dynamic -m" # -m = preserve port numbers if possible @@ -2213,87 +2212,87 @@ redirect_port tcp 192.168.0.3:80 80 - Utilizing stateful rules with a divert - natd rule complicates the ruleset logic. The - positioning of the check-state, and - divert natd rules in the ruleset is - critical and a new action type is used, called - skipto. When using - skipto, it is mandatory that each rule is - numbered, so that the skipto rule knows - which rule to jump to. - - The following is an uncommented example of a ruleset - which explains the sequence of the packet flow. - - The processing flow starts with the first rule from the - top of the ruleset and progresses one rule at a time until - the end is reached or the packet matches and the packet is - released out of the firewall. Take note of the location of - rule numbers 100 101, 450, 500, and 510. These rules - control the translation of the outbound and inbound packets - so that their entries in the dynamic keep-state table always - register the private LAN IP address. All the allow and deny - rules specify the direction of the packet and the interface. - All start outbound session requests will - skipto rule 500 to undergo NAT. - - Consider a web browser which initializes a new HTTP - session over port 80. When the first outbound packet enters - the firewall, it does not match rule 100 because it is - headed out rather than in. It passes rule 101 because this - is the first packet, and it has not been posted to the - dynamic keep-state table yet. The packet finally matches - rule 125 as it is outbound through the NIC facing the - Internet and has a source IP address as a private LAN IP - address. On matching this rule, two actions take place. - keep-state adds this rule to the dynamic - keep-state rules table and the specified action is executed - and posted as part of the info in the dynamic table. In - this case, the action is skipto rule 500. - Rule 500 NATs the packet IP address and - sends it out to the Internet. This packet makes its way to - the destination web server, where a response packet is - generated and sent back. This new packet enters the top of - the ruleset. It matches rule 100 and has it destination IP - address mapped back to the corresponding LAN IP address. It - then is processed by the check-state - rule, is found in the table as an existing session, and is - released to the LAN. It goes to the LAN system that sent it - and a new packet is sent requesting another segment of the - data from the remote server. This time it matches the - check-state rule, its outbound entry is - found, and the associated action, - skipto 500, is executed. The packet - jumps to rule 500, gets NATed, and is - released to the Internet. - - On the inbound side, everything coming in that is part - of an existing session is automatically handled by the - check-state rule and the properly placed - divert natd rules. The ruleset only has - to deny bad packets and allow only authorized services. - Consider a web server running on the firewall where web - requests from the Internet should have access to the local - web site. An inbound start request packet will match rule - 100 and its IP address will be mapped to the LAN IP address - of the firewall. The packet is then matched against all the - nasty things that need to be checked and finally matches - rule 425 where two actions occur. The packet rule is posted - to the dynamic keep-state table but this time, any new - session requests originating from that source IP address are - limited to 2. This defends against DoS attacks against the - service running on the specified port number. The action is - allow, so the packet is released to the - LAN. The packet generated as a response is recognized by the - check-state as belonging to an existing - session. It is then sent to rule 500 for - NATing and released to the outbound - interface. + Utilizing stateful rules with a divert + natd rule complicates the ruleset logic. The + positioning of the check-state, and + divert natd rules in the ruleset is + critical and a new action type is used, called + skipto. When using + skipto, it is mandatory that each rule is + numbered, so that the skipto rule knows + which rule to jump to. + + The following is an uncommented example of a ruleset + which explains the sequence of the packet flow. + + The processing flow starts with the first rule from the + top of the ruleset and progresses one rule at a time until + the end is reached or the packet matches and the packet is + released out of the firewall. Take note of the location of + rule numbers 100 101, 450, 500, and 510. These rules + control the translation of the outbound and inbound packets + so that their entries in the dynamic keep-state table always + register the private LAN IP address. All the allow and deny + rules specify the direction of the packet and the interface. + All start outbound session requests will + skipto rule 500 to undergo NAT. + + Consider a web browser which initializes a new HTTP + session over port 80. When the first outbound packet enters + the firewall, it does not match rule 100 because it is + headed out rather than in. It passes rule 101 because this + is the first packet, and it has not been posted to the + dynamic keep-state table yet. The packet finally matches + rule 125 as it is outbound through the NIC facing the + Internet and has a source IP address as a private LAN IP + address. On matching this rule, two actions take place. + keep-state adds this rule to the dynamic + keep-state rules table and the specified action is executed + and posted as part of the info in the dynamic table. In + this case, the action is skipto rule 500. + Rule 500 NATs the packet IP address and + sends it out to the Internet. This packet makes its way to + the destination web server, where a response packet is + generated and sent back. This new packet enters the top of + the ruleset. It matches rule 100 and has it destination IP + address mapped back to the corresponding LAN IP address. It + then is processed by the check-state + rule, is found in the table as an existing session, and is + released to the LAN. It goes to the LAN system that sent it + and a new packet is sent requesting another segment of the + data from the remote server. This time it matches the + check-state rule, its outbound entry is + found, and the associated action, + skipto 500, is executed. The packet + jumps to rule 500, gets NATed, and is + released to the Internet. + + On the inbound side, everything coming in that is part of + an existing session is automatically handled by the + check-state rule and the properly placed + divert natd rules. The ruleset only has + to deny bad packets and allow only authorized services. + Consider a web server running on the firewall where web + requests from the Internet should have access to the local + web site. An inbound start request packet will match rule + 100 and its IP address will be mapped to the LAN IP address + of the firewall. The packet is then matched against all the + nasty things that need to be checked and finally matches + rule 425 where two actions occur. The packet rule is posted + to the dynamic keep-state table but this time, any new + session requests originating from that source IP address are + limited to 2. This defends against DoS attacks against the + service running on the specified port number. The action is + allow, so the packet is released to the + LAN. The packet generated as a response is recognized by the + check-state as belonging to an existing + session. It is then sent to rule 500 for + NATing and released to the outbound + interface. - Example Ruleset #1: + Example Ruleset #1: - #!/bin/sh + #!/bin/sh cmd="ipfw -q add" skip="skipto 500" pif=rl0 @@ -2340,13 +2339,13 @@ ipfw -q -f flush ######################## end of rules ################## - The next example is functionally equivalent, but uses - descriptive comments to help the inexperienced IPFW rule - writer to better understand what the rules are doing. + The next example is functionally equivalent, but uses + descriptive comments to help the inexperienced IPFW rule + writer to better understand what the rules are doing. - Example Ruleset #2: + Example Ruleset #2: - #!/bin/sh + #!/bin/sh ################ Start of IPFW rules file ############################### # Flush out the list before we begin. ipfw -q -f flush @@ -2499,130 +2498,132 @@ pif="rl0" # public interface name of $cmd 999 deny log all from any to any ################ End of IPFW rules file ############################### - - Port Redirection + + Port Redirection - The drawback with &man.natd.8; is that the - LAN clients are not accessible from the - Internet. Clients on the LAN can make - outgoing connections to the world but cannot receive incoming - ones. This presents a problem if trying to run Internet - services on one of the LAN client machines. - A simple way around this is to redirect selected Internet - ports on the &man.natd.8; machine to a LAN - client. - - For example, an IRC server runs on - client A and a web server runs on - client B. For this to work properly, - connections received on ports 6667 (IRC) - and 80 (HTTP) must be redirected to the - respective machines. + The drawback with &man.natd.8; is that the + LAN clients are not accessible from the + Internet. Clients on the LAN can make + outgoing connections to the world but cannot receive + incoming ones. This presents a problem if trying to run + Internet services on one of the LAN + client machines. A simple way around this is to redirect + selected Internet ports on the &man.natd.8; machine to a + LAN client. + + For example, an IRC server runs on + client A and a web server runs on + client B. For this to work + properly, connections received on ports 6667 + (IRC) and 80 (HTTP) + must be redirected to the respective machines. - The syntax for is as - follows: + The syntax for is as + follows: - -redirect_port proto targetIP:targetPORT[-targetPORT] + -redirect_port proto targetIP:targetPORT[-targetPORT] [aliasIP:]aliasPORT[-aliasPORT] [remoteIP[:remotePORT[-remotePORT]]] - In the above example, the argument should be: + In the above example, the argument should be: - -redirect_port tcp 192.168.0.2:6667 6667 + -redirect_port tcp 192.168.0.2:6667 6667 -redirect_port tcp 192.168.0.3:80 80 - This redirects the proper TCP ports - to the LAN client machines. + This redirects the proper TCP ports + to the LAN client machines. - Port ranges over individual ports can be indicated with - . For example, - tcp 192.168.0.2:2000-3000 2000-3000 - would redirect all connections received on ports 2000 to 3000 - to ports 2000 to 3000 on client - A. - - These options can be used when directly running - &man.natd.8;, placed within the - natd_flags="" option in - /etc/rc.conf, or passed via a - configuration file. - - For further configuration options, consult - &man.natd.8; - + Port ranges over individual ports can be indicated with + . For example, + tcp 192.168.0.2:2000-3000 + 2000-3000 would redirect all connections + received on ports 2000 to 3000 to ports 2000 to 3000 on + client A. + + These options can be used when directly running + &man.natd.8;, placed within the + natd_flags="" option in + /etc/rc.conf, or passed via a + configuration file. - - Address Redirection + For further configuration options, consult + &man.natd.8; + - - address redirection - + + Address Redirection - Address redirection is useful if more than one - IP address is available. Each - LAN client can be assigned its own - external IP address by &man.natd.8;, - which will then rewrite outgoing packets from the - LAN clients with the proper external - IP address and redirects all traffic - incoming on that particular IP address - back to the specific LAN client. This is - also known as static NAT. For example, - if IP addresses 128.1.1.1, 128.1.1.2, and 128.1.1.3 are available, - 128.1.1.1 can be - used as the &man.natd.8; machine's external - IP address, while 128.1.1.2 and 128.1.1.3 are forwarded back - to LAN clients A - and B. - - The syntax is as - follows: - - -redirect_address localIP publicIP - - - - - - - localIP - The internal IP address of - the LAN client. - - - - publicIP - The external IP address - corresponding to the LAN - client. - - - - + + address redirection + - In the example, this argument would read: + Address redirection is useful if more than one + IP address is available. Each + LAN client can be assigned its own + external IP address by &man.natd.8;, + which will then rewrite outgoing packets from the + LAN clients with the proper external + IP address and redirects all traffic + incoming on that particular IP address + back to the specific LAN client. This is + also known as static NAT. For example, + if IP addresses 128.1.1.1, 128.1.1.2, and 128.1.1.3 are available, + 128.1.1.1 can be + used as the &man.natd.8; machine's external + IP address, while 128.1.1.2 and 128.1.1.3 are forwarded + back to LAN clients + A and + B. + + The syntax is as + follows: + + -redirect_address localIP publicIP + + + + + + + localIP + The internal IP address of + the LAN client. + + + + publicIP + The external IP address + corresponding to the LAN + client. + + + + - -redirect_address 192.168.0.2 128.1.1.2 + In the example, this argument would read: + + -redirect_address 192.168.0.2 128.1.1.2 -redirect_address 192.168.0.3 128.1.1.3 - Like , these arguments are - placed within the natd_flags="" option - of /etc/rc.conf, or passed via a - configuration file. With address redirection, there is no - need for port redirection since all data received on a - particular IP address is redirected. - - The external IP addresses on the - &man.natd.8; machine must be active and aliased to the - external interface. Refer to &man.rc.conf.5; for - details. - - + Like , these arguments + are placed within the natd_flags="" + option of /etc/rc.conf, or passed via a + configuration file. With address redirection, there is no + need for port redirection since all data received on a + particular IP address is + redirected. + + The external IP addresses on the + &man.natd.8; machine must be active and aliased to the + external interface. Refer to &man.rc.conf.5; for + details. + + The <application>IPFW</application> Command From owner-svn-doc-all@FreeBSD.ORG Thu Feb 27 16:40:11 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9F57EE20; Thu, 27 Feb 2014 16:40:11 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8BCC119C5; Thu, 27 Feb 2014 16:40:11 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1RGeBi7053135; Thu, 27 Feb 2014 16:40:11 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1RGeBGd053134; Thu, 27 Feb 2014 16:40:11 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201402271640.s1RGeBGd053134@svn.freebsd.org> From: Mathieu Arnold Date: Thu, 27 Feb 2014 16:40:11 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44085 - head/en_US.ISO8859-1/books/porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Feb 2014 16:40:11 -0000 Author: mat (ports committer) Date: Thu Feb 27 16:40:11 2014 New Revision: 44085 URL: http://svnweb.freebsd.org/changeset/doc/44085 Log: Document the new %%NO_OPT%% plist sub. Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Wed Feb 26 23:49:37 2014 (r44084) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Thu Feb 27 16:40:11 2014 (r44085) @@ -3645,9 +3645,9 @@ OPTIONS_SUB= yes .include <bsd.port.options.mk> .if ${PORT_OPTIONS:MOPT1} -PLIST_SUB+= OPT1="" +PLIST_SUB+= OPT1="" NO_OPT1="@comment " .else -PLIST_SUB+= OPT1="@comment " +PLIST_SUB+= OPT1="@comment " NO_OPT1="" .endif If X_CONFIGURE_ENABLE is set then From owner-svn-doc-all@FreeBSD.ORG Thu Feb 27 16:55:09 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A37C458F; Thu, 27 Feb 2014 16:55:09 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8FD471B6C; Thu, 27 Feb 2014 16:55:09 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1RGt9iC061071; Thu, 27 Feb 2014 16:55:09 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1RGt9me061070; Thu, 27 Feb 2014 16:55:09 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201402271655.s1RGt9me061070@svn.freebsd.org> From: Dru Lavigne Date: Thu, 27 Feb 2014 16:55:09 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44086 - head/en_US.ISO8859-1/books/handbook/firewalls X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Feb 2014 16:55:09 -0000 Author: dru Date: Thu Feb 27 16:55:09 2014 New Revision: 44086 URL: http://svnweb.freebsd.org/changeset/doc/44086 Log: Fix some grammos. Submitted by: bjk Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Thu Feb 27 16:40:11 2014 (r44085) +++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Thu Feb 27 16:55:09 2014 (r44086) @@ -1808,11 +1808,11 @@ options IPDIVERT # enables NAT RULE_NUMBER - Each rule is associated with a number in the - range of 1 to + Each rule is associated with a number from + 1 to 65534. The number is used to indicate the order of rule processing. Multiple rules - can have the same number, in which case they are checked + can have the same number, in which case they are applied according to the order in which they have been added. @@ -1821,8 +1821,8 @@ options IPDIVERT # enables NAT SET_NUMBER - Each rule is associated with a set number in the - range of 0 to 31. + Each rule is associated with a set number from + 0 to 31. Sets can be individually disabled or enabled, making it possible to quickly add or delete a set of rules. If a SET_NUMBER is not specified, the rule will be added to @@ -1854,11 +1854,11 @@ options IPDIVERT # enables NATlimit rule. count: updates counters for - all packets that match rule. The search continues with + all packets that match the rule. The search continues with the next rule. deny | drop: either word - discards packets that match this rule. + silently discards packets that match this rule. Additional actions are available. Refer to &man.ipfw.8; for details. @@ -1873,7 +1873,7 @@ options IPDIVERT # enables NATSECURITY. Logging only occurs if the number of packets logged for that particular rule does - not exceed the optional specified LOG_AMOUNT. If no + not exceed a specified LOG_AMOUNT. If no LOG_AMOUNT is specified, the limit is taken from the value of net.inet.ip.fw.verbose_limit. A @@ -1905,7 +1905,7 @@ options IPDIVERT # enables NAT The from keyword must be followed by the source address or a keyword that represents the - source address. An address can be represented by the + source address. An address can be represented by any, me (any address configured on an interface on this system), me6, (any IPv6 From owner-svn-doc-all@FreeBSD.ORG Thu Feb 27 16:56:08 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 29BEE6BB; Thu, 27 Feb 2014 16:56:08 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 160391B99; Thu, 27 Feb 2014 16:56:08 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1RGu79h061261; Thu, 27 Feb 2014 16:56:07 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1RGu7ts061260; Thu, 27 Feb 2014 16:56:07 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201402271656.s1RGu7ts061260@svn.freebsd.org> From: Dru Lavigne Date: Thu, 27 Feb 2014 16:56:07 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44087 - head/en_US.ISO8859-1/books/handbook/firewalls X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Feb 2014 16:56:08 -0000 Author: dru Date: Thu Feb 27 16:56:07 2014 New Revision: 44087 URL: http://svnweb.freebsd.org/changeset/doc/44087 Log: Remove extra space. Translators can ignore. Submitted by: bjk Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Thu Feb 27 16:55:09 2014 (r44086) +++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Thu Feb 27 16:56:07 2014 (r44087) @@ -1792,7 +1792,7 @@ options IPDIVERT # enables NATThis section provides an overview of these keywords and their options. It is not an exhaustive list of every possible - option. Refer to &man.ipfw.8; for a complete description of + option. Refer to &man.ipfw.8; for a complete description of the rule syntax that can be used when creating IPFW rules. From owner-svn-doc-all@FreeBSD.ORG Thu Feb 27 18:05:03 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BBFE43A9; Thu, 27 Feb 2014 18:05:03 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id A79A313A7; Thu, 27 Feb 2014 18:05:03 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1RI53Qt092762; Thu, 27 Feb 2014 18:05:03 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1RI53uQ092761; Thu, 27 Feb 2014 18:05:03 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201402271805.s1RI53uQ092761@svn.freebsd.org> From: Dru Lavigne Date: Thu, 27 Feb 2014 18:05:03 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44088 - head/en_US.ISO8859-1/books/handbook/firewalls X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Feb 2014 18:05:03 -0000 Author: dru Date: Thu Feb 27 18:05:03 2014 New Revision: 44088 URL: http://svnweb.freebsd.org/changeset/doc/44088 Log: Start to clarify the NAT ruleset by comparing it to the previous example. The next commit will finish describing the rule modifications and what to watch out for so that NAT works. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Thu Feb 27 16:56:07 2014 (r44087) +++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Thu Feb 27 18:05:03 2014 (r44088) @@ -2039,7 +2039,7 @@ pif="dc0" # interface name of NIC at The next rule allows the packet through if it matches an existing entry in the dynamic rules table: - $cmd 00015 check-state + $cmd 00101 check-state The next set of rules defines which stateful connections internal systems can create to hosts on the Internet: @@ -2157,52 +2157,45 @@ pif="dc0" # interface name of NIC at IPFW to provide network address translation. This can be used to provide an Internet Connection Sharing solution so that several internal computers - can connect to the Internet using IP + can connect to the Internet using a single IP address. To do this, the &os; machine connected to the Internet - must act as a gateway. This gateway machine must have two - NICs: one connects to the Internet router - and the other connects to a LAN. All the - machines on the LAN are connected through - a hub or switch. - - Each machine and interface behind the - LAN should be assigned - IP addresses in the private network space, + must act as a gateway. This system must have two + NICs, where one is connected to the Internet + and the other is connected to the internal LAN. All the + machines connected to the LAN should be assigned + an IP addresses in the private network space, as defined by RFC - 1918, and have a default gateway of the - &man.natd.8; machine's internal IP + 1918, and have their default gateway set to the + &man.natd.8; system's internal IP address. Some additional configuration is needed in order to activate the NAT function of IPFW. If the system has a custom kernel, the kernel configuration file needs to include - option IPDIVERT with the other + option IPDIVERT along with the other IPFIREWALL options. - To enable firewall and NAT support at + To enable NAT support at boot time, the following must be in /etc/rc.conf: - gateway_enable="YES" # enables the gateway function -natd_enable="YES" # enables the NAT function -natd_interface="rl0" # specify interface name of NIC attached to Internet -natd_flags="-dynamic -m" # -m = preserve port numbers if possible + gateway_enable="YES" # enables the gateway +natd_enable="YES" # enables NAT +natd_interface="rl0" # specify interface name of NIC attached to Internet +natd_flags="-dynamic -m" # -m = preserve port numbers; additional options are listed in &man.natd.8; - It is also possible to use a configuration file for - &man.natd.8; when there are too many options to pass. In - this case, the configuration file must be defined by adding - the following line to - /etc/rc.conf: + It is also possible to specify a configuration file which + contains the options to pass to &man.natd.8;: natd_flags="-f /etc/natd.conf" - A list of configuration options, one per line, can be - added to /etc/natd.conf. For + The specified file must contain a list of configuration + options, one per line. For example: redirect_port tcp 192.168.0.2:6667 6667 @@ -2212,18 +2205,50 @@ redirect_port tcp 192.168.0.3:80 80 - Utilizing stateful rules with a divert - natd rule complicates the ruleset logic. The - positioning of the check-state, and - divert natd rules in the ruleset is - critical and a new action type is used, called - skipto. When using - skipto, it is mandatory that each rule is - numbered, so that the skipto rule knows + Next, add the NAT rules to the firewall + ruleset. When the rulest contains stateful rules, the + positioning of the NAT rules is + critical and the skipto action is used. + The + skipto action requires a rule number + so that it knows which rule to jump to. - The following is an uncommented example of a ruleset - which explains the sequence of the packet flow. + The following example builds upon the firewall ruleset + shown in the previous section. It adds some additional + entries and modifies some existing rules in order to configure + the firewall for NAT. It starts by + adding some additional variables which represent the rule + number to skip to, the keep-state option, + and a list of TCP ports which will be + used to reduce the number of rules: + + #!/bin/sh +cmd="ipfw -q add" +skip="skipto 500" +pif=rl0 +ks="keep-state" +good_tcpo="22,25,37,43,53,80,443,110,119" + +ipfw -q -f flush + + The NAT rule is inserted + after the two rules which allow all + traffic on the trusted internal interface and on the loopback + interface and before the + check-state rule. It is important that the + rule number selected for the NAT rule, in + this example 100, is higher than the first + two rules and lower than the check-state + rule: + + $cmd 005 allow all from any to any via xl0 # exclude LAN traffic +$cmd 010 allow all from any to any via lo0 # exclude loopback traffic + +# NAT any inbound packets +$cmd 100 divert natd ip from any to any in via $pif +# Allow the packet through if it has an existing entry in the dynamic rules table +$cmd 101 check-state The processing flow starts with the first rule from the top of the ruleset and progresses one rule at a time until @@ -2290,24 +2315,7 @@ redirect_port tcp 192.168.0.3:80 80NATing and released to the outbound interface. - Example Ruleset #1: - - #!/bin/sh -cmd="ipfw -q add" -skip="skipto 500" -pif=rl0 -ks="keep-state" -good_tcpo="22,25,37,43,53,80,443,110,119" - -ipfw -q -f flush - -$cmd 002 allow all from any to any via xl0 # exclude LAN traffic -$cmd 003 allow all from any to any via lo0 # exclude loopback traffic - -$cmd 100 divert natd ip from any to any in via $pif -$cmd 101 check-state - -# Authorized outbound packets +# Authorized outbound packets $cmd 120 $skip udp from any to xx.168.240.2 53 out via $pif $ks $cmd 121 $skip udp from any to xx.168.240.5 53 out via $pif $ks $cmd 125 $skip tcp from any to any $good_tcpo out via $pif setup $ks @@ -2335,168 +2343,7 @@ ipfw -q -f flush # This is skipto location for outbound stateful rules $cmd 500 divert natd ip from any to any out via $pif -$cmd 510 allow ip from any to any - -######################## end of rules ################## - - The next example is functionally equivalent, but uses - descriptive comments to help the inexperienced IPFW rule - writer to better understand what the rules are doing. - - Example Ruleset #2: - - #!/bin/sh -################ Start of IPFW rules file ############################### -# Flush out the list before we begin. -ipfw -q -f flush - -# Set rules command prefix -cmd="ipfw -q add" -skip="skipto 800" -pif="rl0" # public interface name of NIC - # facing the public Internet - -################################################################# -# No restrictions on Inside LAN Interface for private network -# Change xl0 to your LAN NIC interface name -################################################################# -$cmd 005 allow all from any to any via xl0 - -################################################################# -# No restrictions on Loopback Interface -################################################################# -$cmd 010 allow all from any to any via lo0 - -################################################################# -# check if packet is inbound and nat address if it is -################################################################# -$cmd 014 divert natd ip from any to any in via $pif - -################################################################# -# Allow the packet through if it has previous been added to the -# the "dynamic" rules table by a allow keep-state statement. -################################################################# -$cmd 015 check-state - -################################################################# -# Interface facing Public Internet (Outbound Section) -# Check session start requests originating from behind the -# firewall on the private network or from this gateway server -# destined for the public Internet. -################################################################# - -# Allow out access to my ISP's Domain name server. -# x.x.x.x must be the IP address of your ISP's DNS -# Dup these lines if your ISP has more than one DNS server -# Get the IP addresses from /etc/resolv.conf file -$cmd 020 $skip tcp from any to x.x.x.x 53 out via $pif setup keep-state - - -# Allow out access to my ISP's DHCP server for cable/DSL configurations. -$cmd 030 $skip udp from any to x.x.x.x 67 out via $pif keep-state - -# Allow out non-secure standard www function -$cmd 040 $skip tcp from any to any 80 out via $pif setup keep-state - -# Allow out secure www function https over TLS SSL -$cmd 050 $skip tcp from any to any 443 out via $pif setup keep-state - -# Allow out send & get email function -$cmd 060 $skip tcp from any to any 25 out via $pif setup keep-state -$cmd 061 $skip tcp from any to any 110 out via $pif setup keep-state - -# Allow out FreeBSD (make install & CVSUP) functions -# Basically give user root "GOD" privileges. -$cmd 070 $skip tcp from me to any out via $pif setup keep-state uid root - -# Allow out ping -$cmd 080 $skip icmp from any to any out via $pif keep-state - -# Allow out Time -$cmd 090 $skip tcp from any to any 37 out via $pif setup keep-state - -# Allow out nntp news (i.e., news groups) -$cmd 100 $skip tcp from any to any 119 out via $pif setup keep-state - -# Allow out secure FTP, Telnet, and SCP -# This function is using SSH (secure shell) -$cmd 110 $skip tcp from any to any 22 out via $pif setup keep-state - -# Allow out whois -$cmd 120 $skip tcp from any to any 43 out via $pif setup keep-state - -# Allow ntp time server -$cmd 130 $skip udp from any to any 123 out via $pif keep-state - -################################################################# -# Interface facing Public Internet (Inbound Section) -# Check packets originating from the public Internet -# destined for this gateway server or the private network. -################################################################# - -# Deny all inbound traffic from non-routable reserved address spaces -$cmd 300 deny all from 192.168.0.0/16 to any in via $pif #RFC 1918 private IP -$cmd 301 deny all from 172.16.0.0/12 to any in via $pif #RFC 1918 private IP -$cmd 302 deny all from 10.0.0.0/8 to any in via $pif #RFC 1918 private IP -$cmd 303 deny all from 127.0.0.0/8 to any in via $pif #loopback -$cmd 304 deny all from 0.0.0.0/8 to any in via $pif #loopback -$cmd 305 deny all from 169.254.0.0/16 to any in via $pif #DHCP auto-config -$cmd 306 deny all from 192.0.2.0/24 to any in via $pif #reserved for docs -$cmd 307 deny all from 204.152.64.0/23 to any in via $pif #Sun cluster -$cmd 308 deny all from 224.0.0.0/3 to any in via $pif #Class D & E multicast - -# Deny ident -$cmd 315 deny tcp from any to any 113 in via $pif - -# Deny all Netbios service. 137=name, 138=datagram, 139=session -# Netbios is MS/Windows sharing services. -# Block MS/Windows hosts2 name server requests 81 -$cmd 320 deny tcp from any to any 137 in via $pif -$cmd 321 deny tcp from any to any 138 in via $pif -$cmd 322 deny tcp from any to any 139 in via $pif -$cmd 323 deny tcp from any to any 81 in via $pif - -# Deny any late arriving packets -$cmd 330 deny all from any to any frag in via $pif - -# Deny ACK packets that did not match the dynamic rule table -$cmd 332 deny tcp from any to any established in via $pif - -# Allow traffic in from ISP's DHCP server. This rule must contain -# the IP address of your ISP's DHCP server as it is the only -# authorized source to send this packet type. -# Only necessary for cable or DSL configurations. -# This rule is not needed for 'user ppp' type connection to -# the public Internet. This is the same IP address you captured -# and used in the outbound section. -$cmd 360 allow udp from x.x.x.x to any 68 in via $pif keep-state - -# Allow in standard www function because I have Apache server -$cmd 370 allow tcp from any to me 80 in via $pif setup limit src-addr 2 - -# Allow in secure FTP, Telnet, and SCP from public Internet -$cmd 380 allow tcp from any to me 22 in via $pif setup limit src-addr 2 - -# Allow in non-secure Telnet session from public Internet -# labeled non-secure because ID & PW are passed over public -# Internet as clear text. -# Delete this sample group if you do not have telnet server enabled. -$cmd 390 allow tcp from any to me 23 in via $pif setup limit src-addr 2 - -# Reject & Log all unauthorized incoming connections from the public Internet -$cmd 400 deny log all from any to any in via $pif - -# Reject & Log all unauthorized out going connections to the public Internet -$cmd 450 deny log all from any to any out via $pif - -# This is skipto location for outbound stateful rules -$cmd 800 divert natd ip from any to any out via $pif -$cmd 801 allow ip from any to any - -# Everything else is denied by default -# deny and log all packets that fell through to see what they are -$cmd 999 deny log all from any to any -################ End of IPFW rules file ############################### +$cmd 510 allow ip from any to any Port Redirection From owner-svn-doc-all@FreeBSD.ORG Thu Feb 27 18:32:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6DA1AD56; Thu, 27 Feb 2014 18:32:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 4E6B716D2; Thu, 27 Feb 2014 18:32:13 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1RIWDh7006319; Thu, 27 Feb 2014 18:32:13 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1RIWDDL006318; Thu, 27 Feb 2014 18:32:13 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201402271832.s1RIWDDL006318@svn.freebsd.org> From: Mathieu Arnold Date: Thu, 27 Feb 2014 18:32:13 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44089 - head/en_US.ISO8859-1/books/porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Feb 2014 18:32:13 -0000 Author: mat (ports committer) Date: Thu Feb 27 18:32:12 2014 New Revision: 44089 URL: http://svnweb.freebsd.org/changeset/doc/44089 Log: Split up the Options Helpers section into subsections. Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Thu Feb 27 18:05:03 2014 (r44088) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Thu Feb 27 18:32:12 2014 (r44089) @@ -3630,6 +3630,9 @@ CONFIGURE_ARGS+= --disable-foo There are some macros to help simplify conditional values which differ based on the options set. + + OPTIONS_SUB + If OPTIONS_SUB is set to yes then each of the options added to OPTIONS_DEFINE will be added to @@ -3649,6 +3652,10 @@ PLIST_SUB+= OPT1="" NO_OPT1="@comment " .else PLIST_SUB+= OPT1="@comment " NO_OPT1="" .endif + + + + X_CONFIGURE_ENABLE If X_CONFIGURE_ENABLE is set then --enable-${X_CONFIGURE_ENABLE} or @@ -3670,6 +3677,10 @@ CONFIGURE_ARGS+= --enable-test .else CONFIGURE_ARGS+= --disable-test .endif + + + + X_CONFIGURE_WITH If X_CONFIGURE_WITH is set then --with-${X_CONFIGURE_WITH} or @@ -3691,6 +3702,10 @@ CONFIGURE_ARGS+= --with-test .else CONFIGURE_ARGS+= --without-test .endif + + + + X_CONFIGURE_ON If X_CONFIGURE_ON is set then its value will be appended to CONFIGURE_ARGS @@ -3709,6 +3724,10 @@ OPT1_CONFIGURE_ON= --add-test + + + + X_CONFIGURE_OFF If X_CONFIGURE_OFF is set then its value will be appended to CONFIGURE_ARGS @@ -3727,6 +3746,10 @@ OPT1_CONFIGURE_OFF= --no-test + + + + X_CMAKE_ON If X_CMAKE_ON is set then its value will be appended to CMAKE_ARGS depending on @@ -3745,6 +3768,10 @@ OPT1_CMAKE_ON= -DTEST:BOOL=true + + + + X_CMAKE_OFF If X_CMAKE_OFF is set then its value will be appended to CMAKE_ARGS depending on @@ -3763,6 +3790,10 @@ OPT1_CMAKE_OFF= -DTEST:BOOL=false + + + + Generic Variables Replacement For any of the following variables: @@ -3840,6 +3871,9 @@ CMAKE_ARGS+= -DTEST:BOOL=false + + X_ABOVEVARIABLE + If X_ABOVEVARIABLE is defined then its value will be appended to ABOVEVARIABLE depending on the status of @@ -3859,6 +3893,10 @@ OPT1_CFLAGS= -DTEST USES+= gmake CFLAGS+= -DTEST .endif + + + + X_ABOVEVARIABLE_OFF If X_ABOVEVARIABLE_OFF is set then a flag ABOVEVARIABLE will be automatically @@ -3878,6 +3916,12 @@ OPT1_USES_OFF=gmake USES+= gmake .endif + + + + + Dependencies + For any of the following dependency type: @@ -3910,6 +3954,9 @@ USES+= gmake + + X_ABOVEVARIABLE + If X_ABOVEVARIABLE is defined then its value will be appended to ABOVEVARIABLE depending on the status @@ -3928,6 +3975,11 @@ OPT1_LIB_DEPENDS= liba.so:${PORTSDIR}/de LIB_DEPENDS+= liba.so:${PORTSDIR}/devel/a .endif + + + + X_ABOVEVARIABLE_OFF + If X_ABOVEVARIABLE_OFF is set then a dependency of type ABOVEVARIABLE will be added when option X is not selected. For @@ -3945,6 +3997,8 @@ OPT1_LIB_DEPENDS_OFF= liba.so:${PORTSDIR . if ! ${PORT_OPTIONS:MOPT1} LIB_DEPENDS+= liba.so:${PORTSDIR}/devel/a .endif + + From owner-svn-doc-all@FreeBSD.ORG Thu Feb 27 18:33:41 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 358E8E80; Thu, 27 Feb 2014 18:33:41 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 1601D16E8; Thu, 27 Feb 2014 18:33:41 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1RIXe8m006594; Thu, 27 Feb 2014 18:33:40 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1RIXeXr006593; Thu, 27 Feb 2014 18:33:40 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201402271833.s1RIXeXr006593@svn.freebsd.org> From: Mathieu Arnold Date: Thu, 27 Feb 2014 18:33:40 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44090 - head/en_US.ISO8859-1/books/porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Feb 2014 18:33:41 -0000 Author: mat (ports committer) Date: Thu Feb 27 18:33:40 2014 New Revision: 44090 URL: http://svnweb.freebsd.org/changeset/doc/44090 Log: Move the Dependencies section before the Generic Variables one. Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Thu Feb 27 18:32:12 2014 (r44089) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Thu Feb 27 18:33:40 2014 (r44090) @@ -3793,6 +3793,87 @@ CMAKE_ARGS+= -DTEST:BOOL=false + Dependencies + + For any of the following dependency type: + + + + PKG_DEPENDS + + + + EXTRACT_DEPENDS + + + + PATCH_DEPENDS + + + + FETCH_DEPENDS + + + + BUILD_DEPENDS + + + + LIB_DEPENDS + + + + RUN_DEPENDS + + + + + X_ABOVEVARIABLE + + If X_ABOVEVARIABLE is defined then + its value will be appended to + ABOVEVARIABLE depending on the status + of the option X, for example: + + OPTIONS_DEFINE= OPT1 +OPT1_LIB_DEPENDS= liba.so:${PORTSDIR}/devel/a + + is equivalent to: + + OPTIONS_DEFINE= OPT1 + +.include <bsd.port.options.mk> + +.if ${PORT_OPTIONS:MOPT1} +LIB_DEPENDS+= liba.so:${PORTSDIR}/devel/a +.endif + + + + + X_ABOVEVARIABLE_OFF + + If X_ABOVEVARIABLE_OFF is set then a + dependency of type ABOVEVARIABLE will be + added when option X is not selected. For + example: + + OPTIONS_DEFINE= OPT1 +OPT1_LIB_DEPENDS_OFF= liba.so:${PORTSDIR}/devel/a + + is equivalent to: + + OPTIONS_DEFINE= OPT1 + +.include <bsd.port.options.mk> + +. if ! ${PORT_OPTIONS:MOPT1} +LIB_DEPENDS+= liba.so:${PORTSDIR}/devel/a +.endif + + + + Generic Variables Replacement For any of the following variables: @@ -3918,87 +3999,6 @@ USES+= gmake - - - Dependencies - - For any of the following dependency type: - - - - PKG_DEPENDS - - - - EXTRACT_DEPENDS - - - - PATCH_DEPENDS - - - - FETCH_DEPENDS - - - - BUILD_DEPENDS - - - - LIB_DEPENDS - - - - RUN_DEPENDS - - - - - X_ABOVEVARIABLE - - If X_ABOVEVARIABLE is defined then - its value will be appended to - ABOVEVARIABLE depending on the status - of the option X, for example: - - OPTIONS_DEFINE= OPT1 -OPT1_LIB_DEPENDS= liba.so:${PORTSDIR}/devel/a - - is equivalent to: - - OPTIONS_DEFINE= OPT1 - -.include <bsd.port.options.mk> - -.if ${PORT_OPTIONS:MOPT1} -LIB_DEPENDS+= liba.so:${PORTSDIR}/devel/a -.endif - - - - - X_ABOVEVARIABLE_OFF - - If X_ABOVEVARIABLE_OFF is set then a - dependency of type ABOVEVARIABLE will be - added when option X is not selected. For - example: - - OPTIONS_DEFINE= OPT1 -OPT1_LIB_DEPENDS_OFF= liba.so:${PORTSDIR}/devel/a - - is equivalent to: - - OPTIONS_DEFINE= OPT1 - -.include <bsd.port.options.mk> - -. if ! ${PORT_OPTIONS:MOPT1} -LIB_DEPENDS+= liba.so:${PORTSDIR}/devel/a -.endif - - From owner-svn-doc-all@FreeBSD.ORG Thu Feb 27 18:40:43 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4C072FB2; Thu, 27 Feb 2014 18:40:43 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 37C721790; Thu, 27 Feb 2014 18:40:43 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1RIehnq008465; Thu, 27 Feb 2014 18:40:43 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1RIehqm008464; Thu, 27 Feb 2014 18:40:43 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201402271840.s1RIehqm008464@svn.freebsd.org> From: Mathieu Arnold Date: Thu, 27 Feb 2014 18:40:43 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44091 - head/en_US.ISO8859-1/books/porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Feb 2014 18:40:43 -0000 Author: mat (ports committer) Date: Thu Feb 27 18:40:42 2014 New Revision: 44091 URL: http://svnweb.freebsd.org/changeset/doc/44091 Log: Fix white space from previous two commits. Translators can ignore. Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Thu Feb 27 18:33:40 2014 (r44090) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Thu Feb 27 18:40:42 2014 (r44091) @@ -3633,17 +3633,17 @@ CONFIGURE_ARGS+= --disable-foo OPTIONS_SUB - If OPTIONS_SUB is set to - yes then each of the options added to - OPTIONS_DEFINE will be added to - PLIST_SUB, for example: + If OPTIONS_SUB is set to + yes then each of the options added to + OPTIONS_DEFINE will be added to + PLIST_SUB, for example: - OPTIONS_DEFINE= OPT1 + OPTIONS_DEFINE= OPT1 OPTIONS_SUB= yes - is equivalent to: + is equivalent to: - OPTIONS_DEFINE= OPT1 + OPTIONS_DEFINE= OPT1 .include <bsd.port.options.mk> @@ -3657,18 +3657,18 @@ PLIST_SUB+= OPT1="@comment " NO_OPT1="" X_CONFIGURE_ENABLE - If X_CONFIGURE_ENABLE is set then - --enable-${X_CONFIGURE_ENABLE} or - --disable-${X_CONFIGURE_ENABLE} will be - added to CONFIGURE_ARGS depending on the - value of the optionX, for example: + If X_CONFIGURE_ENABLE is set then + --enable-${X_CONFIGURE_ENABLE} or + --disable-${X_CONFIGURE_ENABLE} will be + added to CONFIGURE_ARGS depending on the + value of the optionX, for example: - OPTIONS_DEFINE= OPT1 + OPTIONS_DEFINE= OPT1 OPT1_CONFIGURE_ENABLE= test - is equivalent to: + is equivalent to: - OPTIONS_DEFINE= OPT1 + OPTIONS_DEFINE= OPT1 .include <bsd.port.options.mk> @@ -3682,18 +3682,19 @@ CONFIGURE_ARGS+= --disable-test X_CONFIGURE_WITH - If X_CONFIGURE_WITH is set then - --with-${X_CONFIGURE_WITH} or - --without-${X_CONFIGURE_WITH} will be added - to CONFIGURE_ARGS depending on the status - of the option X, for example: + If X_CONFIGURE_WITH is set then + --with-${X_CONFIGURE_WITH} or + --without-${X_CONFIGURE_WITH} will be + added to CONFIGURE_ARGS depending on the + status of the option X, for + example: - OPTIONS_DEFINE= OPT1 + OPTIONS_DEFINE= OPT1 OPT1_CONFIGURE_WITH= test - is equivalent to: + is equivalent to: - OPTIONS_DEFINE= OPT1 + OPTIONS_DEFINE= OPT1 .include <bsd.port.options.mk> @@ -3707,17 +3708,17 @@ CONFIGURE_ARGS+= --without-test X_CONFIGURE_ON - If X_CONFIGURE_ON is set then its - value will be appended to CONFIGURE_ARGS - depending on the status of the option X, - for example: + If X_CONFIGURE_ON is set then its + value will be appended to CONFIGURE_ARGS + depending on the status of the option X, + for example: - OPTIONS_DEFINE= OPT1 + OPTIONS_DEFINE= OPT1 OPT1_CONFIGURE_ON= --add-test - is equivalent to: + is equivalent to: - OPTIONS_DEFINE= OPT1 + OPTIONS_DEFINE= OPT1 .include <bsd.port.options.mk> @@ -3729,17 +3730,17 @@ CONFIGURE_ARGS+= --add-test X_CONFIGURE_OFF - If X_CONFIGURE_OFF is set then its - value will be appended to CONFIGURE_ARGS - depending on the status of the option X, - for example: + If X_CONFIGURE_OFF is set then its + value will be appended to CONFIGURE_ARGS + depending on the status of the option X, + for example: - OPTIONS_DEFINE= OPT1 + OPTIONS_DEFINE= OPT1 OPT1_CONFIGURE_OFF= --no-test - is equivalent to: + is equivalent to: - OPTIONS_DEFINE= OPT1 + OPTIONS_DEFINE= OPT1 .include <bsd.port.options.mk> @@ -3751,17 +3752,17 @@ CONFIGURE_ARGS+= --no-test X_CMAKE_ON - If X_CMAKE_ON is set then its value - will be appended to CMAKE_ARGS depending on - the status of the option X, for - example: + If X_CMAKE_ON is set then its value + will be appended to CMAKE_ARGS depending + on the status of the option X, for + example: - OPTIONS_DEFINE= OPT1 + OPTIONS_DEFINE= OPT1 OPT1_CMAKE_ON= -DTEST:BOOL=true - is equivalent to: + is equivalent to: - OPTIONS_DEFINE= OPT1 + OPTIONS_DEFINE= OPT1 .include <bsd.port.options.mk> @@ -3773,17 +3774,17 @@ CMAKE_ARGS+= -DTEST:BOOL=true X_CMAKE_OFF - If X_CMAKE_OFF is set then its value - will be appended to CMAKE_ARGS depending on - the status of the option X, for - example: + If X_CMAKE_OFF is set then its value + will be appended to CMAKE_ARGS depending + on the status of the option X, for + example: - OPTIONS_DEFINE= OPT1 + OPTIONS_DEFINE= OPT1 OPT1_CMAKE_OFF= -DTEST:BOOL=false - is equivalent to: + is equivalent to: - OPTIONS_DEFINE= OPT1 + OPTIONS_DEFINE= OPT1 .include <bsd.port.options.mk> @@ -3795,52 +3796,52 @@ CMAKE_ARGS+= -DTEST:BOOL=false Dependencies - For any of the following dependency type: - - - - PKG_DEPENDS - - - - EXTRACT_DEPENDS - - - - PATCH_DEPENDS - - - - FETCH_DEPENDS - - - - BUILD_DEPENDS - - - - LIB_DEPENDS - + For any of the following dependency type: - - RUN_DEPENDS - - + + + PKG_DEPENDS + + + + EXTRACT_DEPENDS + + + + PATCH_DEPENDS + + + + FETCH_DEPENDS + + + + BUILD_DEPENDS + + + + LIB_DEPENDS + + + + RUN_DEPENDS + + - - X_ABOVEVARIABLE + + X_ABOVEVARIABLE - If X_ABOVEVARIABLE is defined then - its value will be appended to - ABOVEVARIABLE depending on the status - of the option X, for example: + If X_ABOVEVARIABLE is defined then + its value will be appended to + ABOVEVARIABLE depending on the status + of the option X, for example: - OPTIONS_DEFINE= OPT1 + OPTIONS_DEFINE= OPT1 OPT1_LIB_DEPENDS= liba.so:${PORTSDIR}/devel/a - is equivalent to: + is equivalent to: - OPTIONS_DEFINE= OPT1 + OPTIONS_DEFINE= OPT1 .include <bsd.port.options.mk> @@ -3853,17 +3854,17 @@ LIB_DEPENDS+= liba.so:${PORTSDIR}/devel/ X_ABOVEVARIABLE_OFF - If X_ABOVEVARIABLE_OFF is set then a - dependency of type ABOVEVARIABLE will be - added when option X is not selected. For - example: + If X_ABOVEVARIABLE_OFF is set then + a dependency of type ABOVEVARIABLE will + be added when option X is not selected. + For example: - OPTIONS_DEFINE= OPT1 + OPTIONS_DEFINE= OPT1 OPT1_LIB_DEPENDS_OFF= liba.so:${PORTSDIR}/devel/a - is equivalent to: + is equivalent to: - OPTIONS_DEFINE= OPT1 + OPTIONS_DEFINE= OPT1 .include <bsd.port.options.mk> @@ -3876,97 +3877,97 @@ LIB_DEPENDS+= liba.so:${PORTSDIR}/devel/ Generic Variables Replacement - For any of the following variables: + For any of the following variables: - - - ALL_TARGET - - - - CATEGORIES - - - - CFLAGS - - - - CPPFLAGS - - - - CXXFLAGS - - - - CONFIGURE_ENV - - - - DISTFILES - - - - EXTRA_PATCHES - - - - INSTALL_TARGET - - - - LDFLAGS - - - - MAKE_ARGS - - - - MAKE_ENV - - - - PATCH_SITES - - - - PATCHFILES - - - - PLIST_FILES - - - - PLIST_DIRS - - - - PLIST_DIRSTRY - - - - USES - - + + + ALL_TARGET + + + + CATEGORIES + + + + CFLAGS + + + + CPPFLAGS + + + + CXXFLAGS + + + + CONFIGURE_ENV + + + + DISTFILES + + + + EXTRA_PATCHES + + + + INSTALL_TARGET + + + + LDFLAGS + + + + MAKE_ARGS + + + + MAKE_ENV + + + + PATCH_SITES + + + + PATCHFILES + + + + PLIST_FILES + + + + PLIST_DIRS + + + + PLIST_DIRSTRY + + + + USES + + X_ABOVEVARIABLE - If X_ABOVEVARIABLE is defined then - its value will be appended to - ABOVEVARIABLE depending on the status of - the option X, for example: + If X_ABOVEVARIABLE is defined then + its value will be appended to + ABOVEVARIABLE depending on the status + of the option X, for example: - OPTIONS_DEFINE= OPT1 + OPTIONS_DEFINE= OPT1 OPT1_USES= gmake OPT1_CFLAGS= -DTEST - is equivalent to: + is equivalent to: - OPTIONS_DEFINE= OPT1 + OPTIONS_DEFINE= OPT1 .include <bsd.port.options.mk> @@ -3979,17 +3980,17 @@ CFLAGS+= -DTEST X_ABOVEVARIABLE_OFF - If X_ABOVEVARIABLE_OFF is set then a - flag ABOVEVARIABLE will be automatically - set when option X is not selected. For - example: + If X_ABOVEVARIABLE_OFF is set then + a flag ABOVEVARIABLE will be + automatically set when option X is not + selected. For example: - OPTIONS_DEFINE= OPT1 + OPTIONS_DEFINE= OPT1 OPT1_USES_OFF=gmake - is equivalent to: + is equivalent to: - OPTIONS_DEFINE= OPT1 + OPTIONS_DEFINE= OPT1 .include <bsd.port.options.mk> From owner-svn-doc-all@FreeBSD.ORG Fri Feb 28 19:20:49 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4CAB2539; Fri, 28 Feb 2014 19:20:49 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 2F4F91CA9; Fri, 28 Feb 2014 19:20:49 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1SJKm0d040323; Fri, 28 Feb 2014 19:20:48 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1SJKm6B040322; Fri, 28 Feb 2014 19:20:48 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201402281920.s1SJKm6B040322@svn.freebsd.org> From: Glen Barber Date: Fri, 28 Feb 2014 19:20:48 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44092 - head/en_US.ISO8859-1/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Feb 2014 19:20:49 -0000 Author: gjb Date: Fri Feb 28 19:20:48 2014 New Revision: 44092 URL: http://svnweb.freebsd.org/changeset/doc/44092 Log: Add a redirection page for Google Summer of Code. Sponsored by: The FreeBSD Foundation Added: head/en_US.ISO8859-1/htdocs/gsoc.html (contents, props changed) Added: head/en_US.ISO8859-1/htdocs/gsoc.html ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/en_US.ISO8859-1/htdocs/gsoc.html Fri Feb 28 19:20:48 2014 (r44092) @@ -0,0 +1,278 @@ + + + + + Google Summer of Code + + + + + + + +
      +
      + Skip site navigation (1) + Skip section navigation (2) + +
      + +

      Site Navigation

      + +
      +
      +
      +
      +

      Section Navigation

      + +
      +
      +

      Google Summer of Code

      + +

      Click here if + not automatically redirected in 5 seconds.

      + +
      +
      +
      + +
      +
      + + From owner-svn-doc-all@FreeBSD.ORG Fri Feb 28 19:26:52 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5D075A5C; Fri, 28 Feb 2014 19:26:52 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 492FF1D76; Fri, 28 Feb 2014 19:26:52 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1SJQqSW043522; Fri, 28 Feb 2014 19:26:52 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1SJQqMJ043521; Fri, 28 Feb 2014 19:26:52 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201402281926.s1SJQqMJ043521@svn.freebsd.org> From: Glen Barber Date: Fri, 28 Feb 2014 19:26:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44093 - head/en_US.ISO8859-1/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Feb 2014 19:26:52 -0000 Author: gjb Date: Fri Feb 28 19:26:51 2014 New Revision: 44093 URL: http://svnweb.freebsd.org/changeset/doc/44093 Log: Connect gsoc.html to the build. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/Makefile Modified: head/en_US.ISO8859-1/htdocs/Makefile ============================================================================== --- head/en_US.ISO8859-1/htdocs/Makefile Fri Feb 28 19:20:48 2014 (r44092) +++ head/en_US.ISO8859-1/htdocs/Makefile Fri Feb 28 19:26:51 2014 (r44093) @@ -43,6 +43,7 @@ DEPENDSET.community=usergroups events DATA= favicon.ico DATA+= freebsd.css DATA+= google6bb24ed0b804d5e9.html +DATA+= gsoc.html DATA+= index.css DATA+= robots.txt From owner-svn-doc-all@FreeBSD.ORG Fri Feb 28 19:39:53 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3C12AFE7; Fri, 28 Feb 2014 19:39:53 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 282931F8E; Fri, 28 Feb 2014 19:39:53 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1SJdrwD047969; Fri, 28 Feb 2014 19:39:53 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1SJdqwr047968; Fri, 28 Feb 2014 19:39:53 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201402281939.s1SJdqwr047968@svn.freebsd.org> From: Glen Barber Date: Fri, 28 Feb 2014 19:39:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44094 - head/en_US.ISO8859-1/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Feb 2014 19:39:53 -0000 Author: gjb Date: Fri Feb 28 19:39:52 2014 New Revision: 44094 URL: http://svnweb.freebsd.org/changeset/doc/44094 Log: Shorten redirect time. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/gsoc.html Modified: head/en_US.ISO8859-1/htdocs/gsoc.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/gsoc.html Fri Feb 28 19:26:51 2014 (r44093) +++ head/en_US.ISO8859-1/htdocs/gsoc.html Fri Feb 28 19:39:52 2014 (r44094) @@ -263,7 +263,7 @@

      Click here if - not automatically redirected in 5 seconds.

      + not automatically redirected in 1 second.


      From owner-svn-doc-all@FreeBSD.ORG Fri Feb 28 19:40:24 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 57713CC; Fri, 28 Feb 2014 19:40:24 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 43ED71FF8; Fri, 28 Feb 2014 19:40:24 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1SJeOia048128; Fri, 28 Feb 2014 19:40:24 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1SJeOhH048127; Fri, 28 Feb 2014 19:40:24 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201402281940.s1SJeOhH048127@svn.freebsd.org> From: Glen Barber Date: Fri, 28 Feb 2014 19:40:24 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44095 - head/en_US.ISO8859-1/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Feb 2014 19:40:24 -0000 Author: gjb Date: Fri Feb 28 19:40:23 2014 New Revision: 44095 URL: http://svnweb.freebsd.org/changeset/doc/44095 Log: *Actually* shorten redirect time. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/gsoc.html Modified: head/en_US.ISO8859-1/htdocs/gsoc.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/gsoc.html Fri Feb 28 19:39:52 2014 (r44094) +++ head/en_US.ISO8859-1/htdocs/gsoc.html Fri Feb 28 19:40:23 2014 (r44095) @@ -7,7 +7,7 @@ - +
      From owner-svn-doc-all@FreeBSD.ORG Fri Feb 28 23:59:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CEDF25B7; Fri, 28 Feb 2014 23:59:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id BAF621767; Fri, 28 Feb 2014 23:59:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s1SNxgoi051851; Fri, 28 Feb 2014 23:59:42 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s1SNxgRE051850; Fri, 28 Feb 2014 23:59:42 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201402282359.s1SNxgRE051850@svn.freebsd.org> From: Xin LI Date: Fri, 28 Feb 2014 23:59:42 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44096 - head/en_US.ISO8859-1/books/porters-handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Feb 2014 23:59:42 -0000 Author: delphij Date: Fri Feb 28 23:59:42 2014 New Revision: 44096 URL: http://svnweb.freebsd.org/changeset/doc/44096 Log: Document __FreeBSD_version 1100010. Modified: head/en_US.ISO8859-1/books/porters-handbook/versions.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/versions.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/versions.xml Fri Feb 28 19:40:23 2014 (r44095) +++ head/en_US.ISO8859-1/books/porters-handbook/versions.xml Fri Feb 28 23:59:42 2014 (r44096) @@ -4985,3 +4985,10 @@ it was never committed: 11.0-CURRENT after upgrade of llvm/clang to 3.4 release (rev 261991). + + + 1100010 + February 28, 2014 + 11.0-CURRENT after upgrade of ncurses to 5.9 release + (rev 262629). + From owner-svn-doc-all@FreeBSD.ORG Sat Mar 1 13:11:54 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3C8F2D43; Sat, 1 Mar 2014 13:11:54 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 284BF14AB; Sat, 1 Mar 2014 13:11:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s21DBsoA073106; Sat, 1 Mar 2014 13:11:54 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s21DBsF2073105; Sat, 1 Mar 2014 13:11:54 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201403011311.s21DBsF2073105@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sat, 1 Mar 2014 13:11:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44097 - head/ja_JP.eucJP/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 Mar 2014 13:11:54 -0000 Author: ryusuke Date: Sat Mar 1 13:11:53 2014 New Revision: 44097 URL: http://svnweb.freebsd.org/changeset/doc/44097 Log: - Merge the following from the English version: r43780 -> r43781 head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Fri Feb 28 23:59:42 2014 (r44096) +++ head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Sat Mar 1 13:11:53 2014 (r44097) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43780 + Original revision: r43781 $FreeBSD$ --> using - &os.current;: を追いかけるには + &os.current; を追いかけるには &a.current.name; と &a.svn-src-head.name;-CURRENT使用 メーリングリスト に加わってください。 さまざまな人がシステムの現在の状態について述べているコメントを見たり、 - システムを正常に保つための重要な情報を見逃さないために、 + &os.current; の現在の状態に関する重要な情報を見逃さないために、 必須の ことです。 &a.svn-src-head.name; メーリングリストでは、 @@ -1238,6 +1238,7 @@ before running "/usr/sbin/freebsd-update &a.mailman.lists.link; をたどって参加したいメーリングリストをクリックし、 手順の説明にしたがってください。 + &os.current; だけでなく、 ソースツリー全体の変更点を追いかけるのであれば、 &a.svn-src-all.name; メーリングリストを購読してください。 @@ -1277,10 +1278,10 @@ before running "/usr/sbin/freebsd-update コンパイル する前に /usr/src/Makefile - を注意深く読んでください。 - アップグレードの処理の一部として、最初に - 新しいカーネルをインストールし - て、world を再構築 してください。&a.current; と + を注意深く読み、 + "world" の + 再構築 に書かれている手順に従ってください。 + &a.current; と /usr/src/UPDATING を読めば、 次のリリースへ向けて移ってゆくに当たって、 ときどき必要となる既存システムからの新システムの構築手順についての最新情報が得られるでしょう。 @@ -1301,50 +1302,36 @@ before running "/usr/sbin/freebsd-update 訳: &a.jp.iwasaki; &os.stable; とは定期的に公開されるリリースを作成するための開発ブランチです。 - このブランチに加えられる変更は原則として、 - 事前に &os.current; で試験ずみであるという特徴があります。 + このブランチに加えられる変更は &os.current; よりゆっくりで、 + 原則として、事前に &os.current; + で試験ずみであるという特徴があります。 ただそうであっても、 - これは開発用ブランチの一つであるということに注意してください。 - つまり、ある時点における &os.stable; のソースが - どんな場合にも使えるものであるとは限らないということです。 + これは開発用ブランチの一つであり、 + ある時点における &os.stable; + のソースがどんな場合にも使えるものであるとは限りません。 このブランチはもう一つの開発の流れというだけであって、 - エンドユーザ向けのものではありません。 + エンドユーザ向けのものではありません。 + もし試験をする資源的な余裕がない場合は、代わりに最新の + &os; リリースを使ってください。 - FreeBSD の開発プロセスに興味があったり、 + &os; の開発プロセスに興味があったり、 それに対する貢献を考えていて、特にそれが次回の - ポイント リリースに関係するものであるなら + &os; のリリースに関係するものであるなら &os.stable; を追うことを考えると良いでしょう。 - セキュリティ上の修正は &os.stable; ブランチに対して行なわれますが、 - そのために &os.stable; を追う必要はありません。 - すべての &os; セキュリティ勧告には - EOL に達していないすべてのリリースに対する問題点の修正方法が説明されています。 - - - 現時点での古いリリースの FreeBSD - のセキュリティポリシーの全説明を知るには、http://www.FreeBSD.org/ja/security/ - を参照してください。 - - &os.stable; ブランチはいつもコンパイルができ、 安定に動作すべきですが、 それが保証されているというわけではありません。 - また、コードは &os.stable; に加えられる前に - &os.current; で開発されるのですが、&os.stable; のユーザは - &os.current; よりも多いため、&os.current; + &os.stable; のユーザは &os.current; よりも多いため、&os.current; で発見されなかったバグが &os.stable; で発見され、 - ときどきそれが問題となることがあるのは避けることができません。 - - このような理由から、盲目的に &os.stable; - を追いかけるべきではありません。 - 特に、最初に開発環境もしくはテスト環境でコードを十分に試験せずに、 + ときどきそれが問題となることがあるのは避けることができません。 + このような理由から、盲目的に &os.stable; + を追いかけるべきではありません。 + 特に、開発環境もしくはテスト環境でコードを十分に試験せずに、 プロダクション品質が要求されるサーバを &os.stable; - にアップグレードしてはいけません。 + にアップグレードしてはいけません - もし試験をする資源的な余裕がない場合は、 - リリース間のバイナリアップデート機能を利用して、 - 最新の FreeBSD リリースを使うことを推奨します。 + &os.stable; を追いかけるには -STABLE @@ -1377,71 +1364,45 @@ before running "/usr/sbin/freebsd-update - 毎月公開されている &os.stable; - からビルドされたスナップショットの新しいシステムをインストールするには、 - 詳細について、新しい &os.stable; システムをインストールするには、 + ミラーサイト から最近の + &os.stable; リリースをインストールするか、 + 毎月公開されている &os.stable; + からビルドされたスナップショットを使ってください。 + スナップショットの詳細については、スナップショット - をご覧ください。 - もしくは、ミラーサイトから最近の - &os.stable; リリースをインストールし、下記の説明に従って最新の - &os.stable; のソースコードに更新することもできます。 - - 既に &os; の以前のリリースが動いているシステムを - &os; ミラーサイト - からアップグレードするには、 - 以下のようないくつかの方法があります。 + をご覧ください。 - - - svn + 既に &os; が動いているシステムを + &os.stable; にアップグレードするには、 + svn Subversion を使って、 - 希望する開発ブランチ、 - もしくはリリースブランチをチェックアウしてください。 - この方法は、開発中の &os; リポジトリへのアクセスを提供しており、 - 推奨されています。 - ブランチ名については、現在の開発のヘッドブランチは - head、および リリースエンジニアリングのページ - の特定のブランチでは - stable/9 - - -STABLE - Subversion - を使った同期 - 、または - releng/9.2 となります。 - Subversion - を使ってベースシステムをチェックアウトする際の - URL のプレフィックスは、Subversion ミラーサイト + 希望する開発ブランチのソースをチェックアウしてください。 + stable/9 といったブランチ名は、 + リリースエンジニアリングのページ で説明されています。 - リポジトリサイズの観点から、 - 希望するサブツリーのみをチェックアウトすることが推奨されます。 - - - - インターネットへの接続に高速な回線を利用できないのであれば、 - CTM + インターネットへの接続に信頼できる回線を利用できないのであれば、 + CTM -STABLE CTM を使って同期する - を検討してみましょう。 + を使ってください。 - - - - &os.stable; + + &os.stable; をコンパイルしたり &os.stable; へとアップグレード + -STABLE 構築、コンパイル - をコンパイルする前に、 - /usr/src/Makefile をよく読んでください。 - アップグレードの処理の一部として最初に - 新しいカーネルをインストールして、 - world を再構築 してください。&a.stable; と - /usr/src/UPDATING を読んで、 + + する前に、 + /usr/src/Makefile を注意深く読み、 + "world" の + 再構築 に書かれている手順に従ってください。 + &a.stable; と /usr/src/UPDATING を読んで、 次のリリースへ向けて移ってゆくに当たって、 ときどき必要となる既存システムからの新システムの構築手順についての最新情報を得てください。 From owner-svn-doc-all@FreeBSD.ORG Sat Mar 1 15:10:51 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 27A27381; Sat, 1 Mar 2014 15:10:51 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 1325212C8; Sat, 1 Mar 2014 15:10:51 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s21FApKj018874; Sat, 1 Mar 2014 15:10:51 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s21FAp8F018873; Sat, 1 Mar 2014 15:10:51 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201403011510.s21FAp8F018873@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sat, 1 Mar 2014 15:10:51 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44098 - head/ja_JP.eucJP/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 Mar 2014 15:10:51 -0000 Author: ryusuke Date: Sat Mar 1 15:10:50 2014 New Revision: 44098 URL: http://svnweb.freebsd.org/changeset/doc/44098 Log: - Merge the following from the English version: r43781 -> r43782 head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Sat Mar 1 13:11:53 2014 (r44097) +++ head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Sat Mar 1 15:10:50 2014 (r44098) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43781 + Original revision: r43782 $FreeBSD$ --> - &os.current; は &os; の最新のソースコードであり、 - 中には現在開発途上のソフトウェア、 - 実験的な変更、あるいは過渡的な機能などが含まれています。 - また、この中に入っている機能がすべて、 - 次の公式リリースに入るとは限りません。&os.current; - をソースからほぼ毎日コンパイルしている人はたくさんいますが、 - 短い期間ではコンパイルさえできない状態になっている時期もあります。 - これらの問題は可能な限り迅速に解決されますが、 - &os.current; が不幸をもたらすか、 - それとも新しい機能をもたらすかは、 - まさにソースコードを同期した瞬間によるのです! - - &os.current; は、 - 次の 3 つの重要なグループを対象としています。 - - - - ソースツリーのある部分に関して活発に作業している - &os; コミュニティのメンバ。 - + &os.current; は &os; の最新のソースコードであり、 + 中には現在開発途上のソフトウェア、 + 実験的な変更、あるいは過渡的な機能などが含まれています。 + また、この中に入っている機能がすべて、 + 次の公式リリースに入るとは限りません。&os.current; + をソースからほぼ毎日コンパイルしている人はたくさんいますが、 + 短い期間ではコンパイルさえできない状態になっている時期もあります。 + これらの問題は可能な限り迅速に解決されますが、 + &os.current; が不幸をもたらすか、 + それとも新しい機能をもたらすかは、 + まさにソースコードを同期した瞬間によるのです! + + &os.current; は、 + 次の 3 つの重要なグループを対象としています。 + - 活発にテストしている &os; コミュニティのメンバ。 - 彼らは、種々の問題を解決するのに時間を惜しまない人々であり、 - さまざまな変更に関する提案や - &os; の大まかな方向付けを行ないたいと思っている人々でもあり、 - パッチも提出します。 + ソースツリーのある部分に関して活発に作業している + &os; コミュニティのメンバ。 - さまざまな事に目を向け、 - 参考のために最新のソースを使いたいと思っていたり、 - 時々コメントやコードを寄稿したいと考えているユーザ。 - - + 活発にテストしている &os; コミュニティのメンバ。 + 彼らは、種々の問題を解決するのに時間を惜しまない人々であり、 + さまざまな変更に関する提案や + &os; の大まかな方向付けを行ないたいと思っている人々でもあり、 + パッチも提出します。 + + + + さまざまな事に目を向け、 + 参考のために最新のソースを使いたいと思っていたり、 + 時々コメントやコードを寄稿したいと考えているユーザ。 + + &os.current; は、次のリリースの前に、 最も早く新しい機能を入手する手段として、 @@ -1213,87 +1213,86 @@ before running "/usr/sbin/freebsd-update 新しいバグを生み出すおそれがあります。 &os.current; には 公式のサポート はありません。 - - -CURRENT - using - + + -CURRENT + using + - &os.current; を追いかけるには + &os.current; を追いかけるには - - - &a.current.name; と &a.svn-src-head.name;-CURRENT使用 メーリングリスト - に加わってください。 - さまざまな人がシステムの現在の状態について述べているコメントを見たり、 - &os.current; の現在の状態に関する重要な情報を見逃さないために、 - 必須の ことです。 - - &a.svn-src-head.name; メーリングリストでは、 - それぞれの変更についての - commit ログが記録されています。 - また、それに関して起こり得る副作用の情報を得ることができますので、 - 参加する価値のあるメーリングリストです。 - - これらのメーリングリストに入るには、 - &a.mailman.lists.link; - をたどって参加したいメーリングリストをクリックし、 - 手順の説明にしたがってください。 - &os.current; だけでなく、 - ソースツリー全体の変更点を追いかけるのであれば、 - &a.svn-src-all.name; メーリングリストを購読してください。 - - - - &os.current; のソースを同期する。 - 特に svn を使って - Subversion ミラーサイト - のひとつの head ブランチから - -CURRENT コードをチェックアウトしてください。 - - - - インターネットの接続がとても遅かったり、 - 制限がある場合には、 - CTM - を利用すると良いでしょう。 - ただし、svn - ほどには信頼はできないので、 - svn - を利用されることを推奨します。 - - - - リポジトリのサイズが大きいため、興味のある部分や、 - パッチを当てる部分のソースのみを同期するユーザもいます。 - しかしながら、 - ソースからオペレーティングシステムをコンパイルしようと思っているユーザは、 - 一部分だけではなく、&os.current; の すべて - をダウンロードする必要があります。 - - - &os.current; - をコンパイル - - -CURRENT - コンパイル - する前に - /usr/src/Makefile - を注意深く読み、 - "world" の - 再構築 に書かれている手順に従ってください。 - &a.current; と - /usr/src/UPDATING を読めば、 - 次のリリースへ向けて移ってゆくに当たって、 - ときどき必要となる既存システムからの新システムの構築手順についての最新情報が得られるでしょう。 - - - - アクティブになってください! - &os.current; のユーザには、 - 拡張やバグ潰しに関して提案することが勧められています。 - コードを伴う提案はいつでも歓迎されます! - - + + + &a.current.name; と &a.svn-src-head.name; + + -CURRENT + 使用 + + メーリングリストに加わってください。 + さまざまな人がシステムの現在の状態について述べているコメントを見たり、 + &os.current; の現在の状態に関する重要な情報を見逃さないために、 + 必須の ことです。 + + &a.svn-src-head.name; メーリングリストでは、 + それぞれの変更についての commit ログが記録されています。 + また、それに関して起こり得る副作用の情報を得ることができますので、 + 参加する価値のあるメーリングリストです。 + + これらのメーリングリストに入るには、 + &a.mailman.lists.link; + をたどって参加したいメーリングリストをクリックし、 + 手順の説明にしたがってください。 + &os.current; だけでなく、 + ソースツリー全体の変更点を追いかけるのであれば、 + &a.svn-src-all.name; メーリングリストを購読してください。 + + + + &os.current; のソースを同期する。 + 特に svn を使って + Subversion ミラーサイト + のひとつの head ブランチから + -CURRENT コードをチェックアウトしてください。 + + + + インターネットの接続がとても遅かったり、 + 制限がある場合には、 + CTM + を利用すると良いでしょう。 + ただし、svn + ほどには信頼はできないので、 + svn + を利用されることを推奨します。 + + + + リポジトリのサイズが大きいため、興味のある部分や、 + パッチを当てる部分のソースのみを同期するユーザもいます。 + しかしながら、 + ソースからオペレーティングシステムをコンパイルしようと思っているユーザは、 + 一部分だけではなく、&os.current; の すべて + をダウンロードする必要があります。 + + &os.current; をコンパイル + + -CURRENT + コンパイル + する前に + /usr/src/Makefile を注意深く読み、 + "world" の再構築 + に書かれている手順に従ってください。 + &a.current; と /usr/src/UPDATING を読めば、 + 次のリリースへ向けて移ってゆくに当たって、 + ときどき必要となる既存システムからの新システムの構築手順についての最新情報が得られるでしょう。 + + + + アクティブになってください! + &os.current; のユーザには、 + 拡張やバグ潰しに関して提案することが勧められています。 + コードを伴う提案はいつでも歓迎されます! + + @@ -1301,112 +1300,107 @@ before running "/usr/sbin/freebsd-update 訳: &a.jp.iwasaki; - &os.stable; とは定期的に公開されるリリースを作成するための開発ブランチです。 - このブランチに加えられる変更は &os.current; よりゆっくりで、 - 原則として、事前に &os.current; - で試験ずみであるという特徴があります。 - ただそうであっても、 - これは開発用ブランチの一つであり、 - ある時点における &os.stable; - のソースがどんな場合にも使えるものであるとは限りません。 - このブランチはもう一つの開発の流れというだけであって、 - エンドユーザ向けのものではありません。 - もし試験をする資源的な余裕がない場合は、代わりに最新の - &os; リリースを使ってください。 - - &os; の開発プロセスに興味があったり、 - それに対する貢献を考えていて、特にそれが次回の - &os; のリリースに関係するものであるなら - &os.stable; を追うことを考えると良いでしょう。 - - &os.stable; ブランチはいつもコンパイルができ、 - 安定に動作すべきですが、 - それが保証されているというわけではありません。 - &os.stable; のユーザは &os.current; よりも多いため、&os.current; - で発見されなかったバグが &os.stable; で発見され、 - ときどきそれが問題となることがあるのは避けることができません。 - このような理由から、盲目的に &os.stable; - を追いかけるべきではありません。 - 特に、開発環境もしくはテスト環境でコードを十分に試験せずに、 - プロダクション品質が要求されるサーバを &os.stable; - にアップグレードしてはいけません + &os.stable; + とは定期的に公開されるリリースを作成するための開発ブランチです。 + このブランチに加えられる変更は &os.current; よりゆっくりで、 + 原則として、事前に &os.current; で試験ずみであるという特徴があります。 + ただそうであっても、 + これは開発用ブランチの一つであり、ある時点における &os.stable; + のソースがどんな場合にも使えるものであるとは限りません。 + このブランチはもう一つの開発の流れというだけであって、 + エンドユーザ向けのものではありません。 + もし試験をする資源的な余裕がない場合は、代わりに最新の + &os; リリースを使ってください。 + + &os; の開発プロセスに興味があったり、 + それに対する貢献を考えていて、特にそれが次回の + &os; のリリースに関係するものであるなら + &os.stable; を追うことを考えると良いでしょう。 + + &os.stable; ブランチはいつもコンパイルができ、 + 安定に動作すべきですが、 + それが保証されているというわけではありません。 + &os.stable; のユーザは &os.current; よりも多いため、&os.current; + で発見されなかったバグが &os.stable; で発見され、 + ときどきそれが問題となることがあるのは避けることができません。 + このような理由から、盲目的に &os.stable; + を追いかけるべきではありません。 + 特に、開発環境もしくはテスト環境でコードを十分に試験せずに、 + プロダクション品質が要求されるサーバを &os.stable; + にアップグレードしてはいけません - &os.stable; を追いかけるには + &os.stable; を追いかけるには - - -STABLE - 利用する - + + -STABLE + 利用する + - - - &os.stable; の構築に関連する事柄や、 - その他の注意すべき点 に関する情報を得るために、 - &a.stable.name; メーリングリストに加わってください。 - また開発者は議論の余地がある修正や変更を考えている場合に、 - このメーリングリストで公表し、 - 提案された変更に関して問題が生じるかどうかを返答する機会をユーザに与えます。 - - 追いかけているブランチに関連する - svn メーリングリストに参加してください。 - たとえば、9-STABLE ブランチを追いかけているユーザは - &a.svn-src-stable-9.name; メーリングリストに参加してください。 - このリストでは、 - 変更がなされるごとに作成される commit log やそれに伴う - 起こりうる副作用についての情報が記録されています。 - - これらのメーリングリストに入るには、 - &a.mailman.lists.link; - をたどって参加したいメーリングリストをクリックし、 - 手順の説明にしたがってください。 - ソースツリー全体の変更点を追いかけるには、 - &a.svn-src-all.name; メーリングリストを購読してください。 - - - - 新しい &os.stable; システムをインストールするには、 - ミラーサイト から最近の - &os.stable; リリースをインストールするか、 - 毎月公開されている &os.stable; - からビルドされたスナップショットを使ってください。 - スナップショットの詳細については、スナップショット - をご覧ください。 - - 既に &os; が動いているシステムを - &os.stable; にアップグレードするには、 - svn - - Subversion - を使って、 - 希望する開発ブランチのソースをチェックアウしてください。 - stable/9 といったブランチ名は、 - リリースエンジニアリングのページ - で説明されています。 - インターネットへの接続に信頼できる回線を利用できないのであれば、 - CTM - - -STABLE - CTM を使って同期する - - を使ってください。 - + + + &os.stable; の構築に関連する事柄や、 + その他の注意すべき点 に関する情報を得るために、 + &a.stable.name; メーリングリストに加わってください。 + また開発者は議論の余地がある修正や変更を考えている場合に、 + このメーリングリストで公表し、 + 提案された変更に関して問題が生じるかどうかを返答する機会をユーザに与えます。 + + 追いかけているブランチに関連する + svn メーリングリストに参加してください。 + たとえば、9-STABLE ブランチを追いかけているユーザは + &a.svn-src-stable-9.name; メーリングリストに参加してください。 + このリストでは、変更がなされるごとに作成される commit log + やそれに伴う起こりうる副作用についての情報が記録されています。 + + これらのメーリングリストに入るには、&a.mailman.lists.link; + をたどって参加したいメーリングリストをクリックし、 + 手順の説明にしたがってください。 + ソースツリー全体の変更点を追いかけるには、 + &a.svn-src-all.name; メーリングリストを購読してください。 + - - &os.stable; をコンパイルしたり &os.stable; へとアップグレード + + 新しい &os.stable; システムをインストールするには、 + ミラーサイト から最近の + &os.stable; リリースをインストールするか、 + 毎月公開されている &os.stable; + からビルドされたスナップショットを使ってください。 + スナップショットの詳細については、スナップショット + をご覧ください。 + + 既に &os; が動いているシステムを + &os.stable; にアップグレードするには、 + svn - -STABLE - 構築、コンパイル - - する前に、 - /usr/src/Makefile を注意深く読み、 - "world" の - 再構築 に書かれている手順に従ってください。 - &a.stable; と /usr/src/UPDATING を読んで、 - 次のリリースへ向けて移ってゆくに当たって、 - ときどき必要となる既存システムからの新システムの構築手順についての最新情報を得てください。 - - + Subversion + を使って、 + 希望する開発ブランチのソースをチェックアウしてください。 + stable/9 といったブランチ名は、 + リリースエンジニアリングのページ + で説明されています。 + インターネットへの接続に信頼できる回線を利用できないのであれば、 + CTM + + -STABLE + CTM を使って同期する + を使ってください。 + + + + &os.stable; をコンパイルしたり &os.stable; へとアップグレード + + -STABLE + 構築、コンパイル + する前に、 + /usr/src/Makefile を注意深く読み、 + "world" の再構築 + に書かれている手順に従ってください。 + &a.stable; と /usr/src/UPDATING を読んで、 + 次のリリースへ向けて移ってゆくに当たって、 + ときどき必要となる既存システムからの新システムの構築手順についての最新情報を得てください。 + + From owner-svn-doc-all@FreeBSD.ORG Sun Mar 2 05:49:22 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 926DF759; Sun, 2 Mar 2014 05:49:22 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 6311D1D4C; Sun, 2 Mar 2014 05:49:22 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s225nM6W078777; Sun, 2 Mar 2014 05:49:22 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s225nMVS078776; Sun, 2 Mar 2014 05:49:22 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403020549.s225nMVS078776@svn.freebsd.org> From: Glen Barber Date: Sun, 2 Mar 2014 05:49:22 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-svnadmin@freebsd.org Subject: svn commit: r44099 - svnadmin/conf X-SVN-Group: doc-svnadmin MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Mar 2014 05:49:22 -0000 Author: gjb Date: Sun Mar 2 05:49:21 2014 New Revision: 44099 URL: http://svnweb.freebsd.org/changeset/doc/44099 Log: Take chinsan commit bit in for safekeeping. Submitted by: grimreaper Approved by: doceng (implicit) Sponsored by: The FreeBSD Foundation Modified: svnadmin/conf/access Modified: svnadmin/conf/access ============================================================================== --- svnadmin/conf/access Sat Mar 1 15:10:50 2014 (r44098) +++ svnadmin/conf/access Sun Mar 2 05:49:21 2014 (r44099) @@ -24,7 +24,6 @@ blackend bland brd brueffer -chinsan crees danger delphij From owner-svn-doc-all@FreeBSD.ORG Sun Mar 2 05:49:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2AA0D797; Sun, 2 Mar 2014 05:49:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id F17E61D4F; Sun, 2 Mar 2014 05:49:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s225nsYe078856; Sun, 2 Mar 2014 05:49:54 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s225nsoA078855; Sun, 2 Mar 2014 05:49:54 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403020549.s225nsoA078855@svn.freebsd.org> From: Glen Barber Date: Sun, 2 Mar 2014 05:49:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-svnadmin@freebsd.org Subject: svn commit: r44100 - svnadmin/conf X-SVN-Group: doc-svnadmin MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Mar 2014 05:49:55 -0000 Author: gjb Date: Sun Mar 2 05:49:54 2014 New Revision: 44100 URL: http://svnweb.freebsd.org/changeset/doc/44100 Log: Take ru doc commit bit in for safekeeping. Submitted by: grimreaper Approved by: doceng (implicit) Modified: svnadmin/conf/access Modified: svnadmin/conf/access ============================================================================== --- svnadmin/conf/access Sun Mar 2 05:49:21 2014 (r44099) +++ svnadmin/conf/access Sun Mar 2 05:49:54 2014 (r44100) @@ -60,7 +60,6 @@ pgj pluknet remko rene -ru rwatson bb+lists.freebsd.cvs-committers@cyrus.watson.org ryusuke simon From owner-svn-doc-all@FreeBSD.ORG Sun Mar 2 11:38:28 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4FB8887C; Sun, 2 Mar 2014 11:38:28 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 3CA8116B6; Sun, 2 Mar 2014 11:38:28 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s22BcRf2095004; Sun, 2 Mar 2014 11:38:28 GMT (envelope-from brueffer@svn.freebsd.org) Received: (from brueffer@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s22BcRT4095002; Sun, 2 Mar 2014 11:38:27 GMT (envelope-from brueffer@svn.freebsd.org) Message-Id: <201403021138.s22BcRT4095002@svn.freebsd.org> From: Christian Brueffer Date: Sun, 2 Mar 2014 11:38:27 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44101 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Mar 2014 11:38:28 -0000 Author: brueffer Date: Sun Mar 2 11:38:27 2014 New Revision: 44101 URL: http://svnweb.freebsd.org/changeset/doc/44101 Log: Add bhyvecon 2014. Prompted by: BSDNow epsiode 26 Modified: head/share/xml/events2014.xml Modified: head/share/xml/events2014.xml ============================================================================== --- head/share/xml/events2014.xml Sun Mar 2 05:49:54 2014 (r44100) +++ head/share/xml/events2014.xml Sun Mar 2 11:38:27 2014 (r44101) @@ -38,6 +38,29 @@ *BSD User Group. + + bhyvecon 2014 + http://bhyvecon.org/ + + 2014 + 3 + 12 + + + 2014 + 3 + 12 + + + Japan + Tokyo + SAKURA Internet Research Center + + See the bhyve hypervisor in action and ask a core bhyve + developer your technical questions. + + + AsiaBSDCon 2014 http://2014.asiabsdcon.org/ From owner-svn-doc-all@FreeBSD.ORG Sun Mar 2 19:01:38 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AFA14811; Sun, 2 Mar 2014 19:01:38 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 9B2341CEA; Sun, 2 Mar 2014 19:01:38 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s22J1cRR019283; Sun, 2 Mar 2014 19:01:38 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s22J1cm0019282; Sun, 2 Mar 2014 19:01:38 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403021901.s22J1cm0019282@svn.freebsd.org> From: Glen Barber Date: Sun, 2 Mar 2014 19:01:38 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44102 - head/en_US.ISO8859-1/htdocs/gnome X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Mar 2014 19:01:38 -0000 Author: gjb Date: Sun Mar 2 19:01:38 2014 New Revision: 44102 URL: http://svnweb.freebsd.org/changeset/doc/44102 Log: Use the GNOME image instead of a potentially offensive image. Submitted by: TJ (tj mrsk.me) Modified: head/en_US.ISO8859-1/htdocs/gnome/contact.xml Modified: head/en_US.ISO8859-1/htdocs/gnome/contact.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/gnome/contact.xml Sun Mar 2 11:38:27 2014 (r44101) +++ head/en_US.ISO8859-1/htdocs/gnome/contact.xml Sun Mar 2 19:01:38 2014 (r44102) @@ -45,12 +45,12 @@ IRC (FreeNode): bland - bland + bland - avl + avl Alexander Logvinov From owner-svn-doc-all@FreeBSD.ORG Sun Mar 2 19:09:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5410DCEB; Sun, 2 Mar 2014 19:09:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 3E0851DA9; Sun, 2 Mar 2014 19:09:13 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s22J9D1x020223; Sun, 2 Mar 2014 19:09:13 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s22J9DWj020222; Sun, 2 Mar 2014 19:09:13 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403021909.s22J9DWj020222@svn.freebsd.org> From: Glen Barber Date: Sun, 2 Mar 2014 19:09:13 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44103 - head/en_US.ISO8859-1/htdocs/gnome/images X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Mar 2014 19:09:13 -0000 Author: gjb Date: Sun Mar 2 19:09:12 2014 New Revision: 44103 URL: http://svnweb.freebsd.org/changeset/doc/44103 Log: Stop installing hippobutt image, and prepare for its removal. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/gnome/images/Makefile Modified: head/en_US.ISO8859-1/htdocs/gnome/images/Makefile ============================================================================== --- head/en_US.ISO8859-1/htdocs/gnome/images/Makefile Sun Mar 2 19:01:38 2014 (r44102) +++ head/en_US.ISO8859-1/htdocs/gnome/images/Makefile Sun Mar 2 19:09:12 2014 (r44103) @@ -30,7 +30,6 @@ DATA+= gnome.png DATA+= adamw.jpg DATA+= ahze.jpg #DATA+= bland.jpg -DATA+= hippobutt.jpg DATA+= kwm.jpg DATA+= marcus.jpg DATA+= mezz.jpg From owner-svn-doc-all@FreeBSD.ORG Sun Mar 2 19:11:54 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 810BFE66; Sun, 2 Mar 2014 19:11:54 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 538151E33; Sun, 2 Mar 2014 19:11:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s22JBsiu023573; Sun, 2 Mar 2014 19:11:54 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s22JBsc9023572; Sun, 2 Mar 2014 19:11:54 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403021911.s22JBsc9023572@svn.freebsd.org> From: Glen Barber Date: Sun, 2 Mar 2014 19:11:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44104 - head/en_US.ISO8859-1/htdocs/gnome/images X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Mar 2014 19:11:54 -0000 Author: gjb Date: Sun Mar 2 19:11:53 2014 New Revision: 44104 URL: http://svnweb.freebsd.org/changeset/doc/44104 Log: Remove offensive image. Sponsored by: The FreeBSD Foundation Deleted: head/en_US.ISO8859-1/htdocs/gnome/images/hippobutt.jpg From owner-svn-doc-all@FreeBSD.ORG Mon Mar 3 09:35:03 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DEF27F46; Mon, 3 Mar 2014 09:35:03 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id CCBE7F01; Mon, 3 Mar 2014 09:35:03 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s239Z3ta030861; Mon, 3 Mar 2014 09:35:03 GMT (envelope-from gahr@svn.freebsd.org) Received: (from gahr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s239Z3xF030860; Mon, 3 Mar 2014 09:35:03 GMT (envelope-from gahr@svn.freebsd.org) Message-Id: <201403030935.s239Z3xF030860@svn.freebsd.org> From: Pietro Cerutti Date: Mon, 3 Mar 2014 09:35:03 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44105 - head/en_US.ISO8859-1/htdocs/donations X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Mar 2014 09:35:03 -0000 Author: gahr (ports committer) Date: Mon Mar 3 09:35:03 2014 New Revision: 44105 URL: http://svnweb.freebsd.org/changeset/doc/44105 Log: - Document the donation of a Sunfire v490 from Ben Medina to culot@ Modified: head/en_US.ISO8859-1/htdocs/donations/donors.xml Modified: head/en_US.ISO8859-1/htdocs/donations/donors.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/donations/donors.xml Sun Mar 2 19:11:53 2014 (r44104) +++ head/en_US.ISO8859-1/htdocs/donations/donors.xml Mon Mar 3 09:35:03 2014 (r44105) @@ -2971,6 +2971,13 @@ danfe received + + + Ben Medina <b.medinaclavijo@ventejuy.es> + Sunfire v490 + culot + received + From owner-svn-doc-all@FreeBSD.ORG Mon Mar 3 12:20:41 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 84B8FEC7; Mon, 3 Mar 2014 12:20:41 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 582F91A4; Mon, 3 Mar 2014 12:20:41 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s23CKfZe097169; Mon, 3 Mar 2014 12:20:41 GMT (envelope-from brueffer@svn.freebsd.org) Received: (from brueffer@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s23CKfL1097168; Mon, 3 Mar 2014 12:20:41 GMT (envelope-from brueffer@svn.freebsd.org) Message-Id: <201403031220.s23CKfL1097168@svn.freebsd.org> From: Christian Brueffer Date: Mon, 3 Mar 2014 12:20:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44106 - head/en_US.ISO8859-1/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Mar 2014 12:20:41 -0000 Author: brueffer Date: Mon Mar 3 12:20:40 2014 New Revision: 44106 URL: http://svnweb.freebsd.org/changeset/doc/44106 Log: Update release notes links to 10/9-STABLE instead of 9/8-STABLE. Modified: head/en_US.ISO8859-1/htdocs/relnotes.xml Modified: head/en_US.ISO8859-1/htdocs/relnotes.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/relnotes.xml Mon Mar 3 09:35:03 2014 (r44105) +++ head/en_US.ISO8859-1/htdocs/relnotes.xml Mon Mar 3 12:20:40 2014 (r44106) @@ -76,28 +76,28 @@
    • Errata
    -

    FreeBSD 9-STABLE Release Documentation

    +

    FreeBSD 10-STABLE Release Documentation

    -

    FreeBSD 8-STABLE Release Documentation

    +

    FreeBSD 9-STABLE Release Documentation

    Other Sites

    From owner-svn-doc-all@FreeBSD.ORG Mon Mar 3 13:40:20 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E844A35B; Mon, 3 Mar 2014 13:40:20 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id D10D1ABB; Mon, 3 Mar 2014 13:40:20 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s23DeKGN029493; Mon, 3 Mar 2014 13:40:20 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s23DeKDx029492; Mon, 3 Mar 2014 13:40:20 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403031340.s23DeKDx029492@svn.freebsd.org> From: Glen Barber Date: Mon, 3 Mar 2014 13:40:20 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44107 - head/en_US.ISO8859-1/htdocs/releases/10.0R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Mar 2014 13:40:21 -0000 Author: gjb Date: Mon Mar 3 13:40:20 2014 New Revision: 44107 URL: http://svnweb.freebsd.org/changeset/doc/44107 Log: Fix two missing links. Submitted by: brueffer Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/10.0R/installation.html Modified: head/en_US.ISO8859-1/htdocs/releases/10.0R/installation.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/10.0R/installation.html Mon Mar 3 12:20:40 2014 (r44106) +++ head/en_US.ISO8859-1/htdocs/releases/10.0R/installation.html Mon Mar 3 13:40:20 2014 (r44107) @@ -1,5 +1,5 @@ -FreeBSD 10.0-RELEASE Installation Instructions

    FreeBSD 10.0-RELEASE Installation Instructions

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation Project

    FreeBSD is a registered trademark of +FreeBSD 10.0-RELEASE Installation Instructions

    FreeBSD 10.0-RELEASE Installation Instructions

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation Project

    FreeBSD is a registered trademark of the FreeBSD Foundation.

    Intel, Celeron, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United @@ -22,12 +22,12 @@ screenshots.

    2.Upgrading FreeBSD

    If you are upgrading from a previous release of FreeBSD, please read upgrading section in the Release Notes for notable - incompatibilities carefully.

    2.1.Upgrading from Source

    The procedure for doing a source code based update is + incompatibilities carefully.

    2.1.Upgrading from Source

    The procedure for doing a source code based update is described in - and - .

    For SVN use the releng/10.0 branch + Synchronizing Source and + Rebuilding world.

    For SVN use the releng/10.0 branch which will be where any upcoming Security Advisories or Errata - Notices will be applied.

    2.2.Upgrading Using FreeBSD Update

    The freebsd-update(8) utility supports binary + Notices will be applied.

    2.2.Upgrading Using FreeBSD Update

    The freebsd-update(8) utility supports binary upgrades of i386 and amd64 systems running earlier FreeBSD releases. Systems running 7.[34]-RELEASE, From owner-svn-doc-all@FreeBSD.ORG Mon Mar 3 15:11:20 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 52FF51FB; Mon, 3 Mar 2014 15:11:20 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 256892D4; Mon, 3 Mar 2014 15:11:20 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s23FBKnE069677; Mon, 3 Mar 2014 15:11:20 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s23FBKEB069676; Mon, 3 Mar 2014 15:11:20 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201403031511.s23FBKEB069676@svn.freebsd.org> From: Ryusuke SUZUKI Date: Mon, 3 Mar 2014 15:11:19 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44108 - head/ja_JP.eucJP/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Mar 2014 15:11:20 -0000 Author: ryusuke Date: Mon Mar 3 15:11:19 2014 New Revision: 44108 URL: http://svnweb.freebsd.org/changeset/doc/44108 Log: - Merge the following from the English version: r42004 -> r44106 head/ja_JP.eucJP/htdocs/relnotes.xml Modified: head/ja_JP.eucJP/htdocs/relnotes.xml Modified: head/ja_JP.eucJP/htdocs/relnotes.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/relnotes.xml Mon Mar 3 13:40:20 2014 (r44107) +++ head/ja_JP.eucJP/htdocs/relnotes.xml Mon Mar 3 15:11:19 2014 (r44108) @@ -1,10 +1,10 @@ ]> - + @@ -79,28 +79,28 @@

  • Errata (正誤表)
    • -

    FreeBSD 9-STABLE リリース文書

    +

    FreeBSD 10-STABLE リリース文書

    -

    FreeBSD 8-STABLE リリース文書

    +

    FreeBSD 9-STABLE リリース文書

    他のサイト

    From owner-svn-doc-all@FreeBSD.ORG Mon Mar 3 16:16:58 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id ACC5B367; Mon, 3 Mar 2014 16:16:58 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 989D6AA7; Mon, 3 Mar 2014 16:16:58 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s23GGwgn095880; Mon, 3 Mar 2014 16:16:58 GMT (envelope-from gabor@svn.freebsd.org) Received: (from gabor@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s23GGwPA095878; Mon, 3 Mar 2014 16:16:58 GMT (envelope-from gabor@svn.freebsd.org) Message-Id: <201403031616.s23GGwPA095878@svn.freebsd.org> From: Gabor Kovesdan Date: Mon, 3 Mar 2014 16:16:58 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44109 - in head/share: misc xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Mar 2014 16:16:58 -0000 Author: gabor Date: Mon Mar 3 16:16:57 2014 New Revision: 44109 URL: http://svnweb.freebsd.org/changeset/doc/44109 Log: - Add line number indicators to programlisting and screen in the HTML version. This makes linewrap indicators unnecessary since the line numbers suggest where the line is wrapped. No objection from: doc Modified: head/share/misc/docbook.css head/share/xml/freebsd-xhtml-common.xsl Modified: head/share/misc/docbook.css ============================================================================== --- head/share/misc/docbook.css Mon Mar 3 15:11:19 2014 (r44108) +++ head/share/misc/docbook.css Mon Mar 3 16:16:57 2014 (r44109) @@ -265,26 +265,47 @@ html { text-decoration: underline; } -pre.screen { - white-space: pre; - overflow: auto; +.screen { + white-space: pre-wrap; font-family: monospace; padding: 1ex; background-color: #edc; - border: 1px solid #ccc; + border-style: solid; + border-color: #EEB985; + border-width: 0 0 0 24px; border-radius: 6px; line-height: 1.1; + counter-reset: code; } -pre.programlisting { - white-space: pre; - overflow: auto; +.programlisting { + white-space: pre-wrap; font-family: monospace; padding: 1ex; background-color: #eee; - border: 1px solid #ccc; + border-style: solid; + border-color: #BABABA; + border-width: 0 0 0 24px; border-radius: 6px; line-height: 1.1; + counter-reset: code; +} + +span.verbatim { + counter-increment: code; + display: block; + padding: 0 13px 0 29px; + position: relative; + margin: 0 -8px 0 -24px; + overflow: hidden; +} + +span.verbatim:before { + width: 24px; + text-align: right; + content: counter(code) " "; + position: absolute; + left: -10px; } @media screen { /* hide from IE3 */ @@ -378,7 +399,7 @@ pre.programlisting { font-weight: bold; } -pre.screen strong { +.screen strong { font-weight: normal; } Modified: head/share/xml/freebsd-xhtml-common.xsl ============================================================================== --- head/share/xml/freebsd-xhtml-common.xsl Mon Mar 3 15:11:19 2014 (r44108) +++ head/share/xml/freebsd-xhtml-common.xsl Mon Mar 3 16:16:57 2014 (r44109) @@ -7,6 +7,7 @@ version='1.0' xmlns:str="http://exslt.org/strings" xmlns:db="http://docbook.org/ns/docbook" + xmlns="http://www.w3.org/1999/xhtml" exclude-result-prefixes="db" extension-element-prefixes="str"> @@ -31,6 +32,7 @@ + @@ -292,4 +294,43 @@
    + + + + + + + + + + + + + + + + + + + + div + pre + + + + + + + + + + + + + + + + + From owner-svn-doc-all@FreeBSD.ORG Mon Mar 3 16:44:02 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2E4F4567; Mon, 3 Mar 2014 16:44:02 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 1B776D65; Mon, 3 Mar 2014 16:44:02 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s23Gi101008266; Mon, 3 Mar 2014 16:44:01 GMT (envelope-from jkois@svn.freebsd.org) Received: (from jkois@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s23Gi1fq008265; Mon, 3 Mar 2014 16:44:01 GMT (envelope-from jkois@svn.freebsd.org) Message-Id: <201403031644.s23Gi1fq008265@svn.freebsd.org> From: Johann Kois Date: Mon, 3 Mar 2014 16:44:01 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44110 - head/es_ES.ISO8859-1/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Mar 2014 16:44:02 -0000 Author: jkois Date: Mon Mar 3 16:44:01 2014 New Revision: 44110 URL: http://svnweb.freebsd.org/changeset/doc/44110 Log: PR: www/159291 As remko@ assign this to me: Implement a quick-and-dirty solution to fix a broken link on the Spanish version of the website and link to the Spanish send-pr.html. The Spanish version of the website has not seen an update since 2010 therefore most changes since then are either not available or are broken. The send-pr web form is still working though. Tested with PR www/187222. Modified: head/es_ES.ISO8859-1/htdocs/index.xsl Modified: head/es_ES.ISO8859-1/htdocs/index.xsl ============================================================================== --- head/es_ES.ISO8859-1/htdocs/index.xsl Mon Mar 3 16:16:57 2014 (r44109) +++ head/es_ES.ISO8859-1/htdocs/index.xsl Mon Mar 3 16:44:01 2014 (r44110) @@ -150,7 +150,7 @@ Listas de distribucin
  • - Reporte un Fallo + Reporte un Fallo
  • FAQ From owner-svn-doc-all@FreeBSD.ORG Mon Mar 3 18:49:52 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EA10A388; Mon, 3 Mar 2014 18:49:52 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id D5A0FCBB; Mon, 3 Mar 2014 18:49:52 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s23InqlA063116; Mon, 3 Mar 2014 18:49:52 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s23InqsP063115; Mon, 3 Mar 2014 18:49:52 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201403031849.s23InqsP063115@svn.freebsd.org> From: Mathieu Arnold Date: Mon, 3 Mar 2014 18:49:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44111 - head/en_US.ISO8859-1/books/porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Mar 2014 18:49:53 -0000 Author: mat (ports committer) Date: Mon Mar 3 18:49:52 2014 New Revision: 44111 URL: http://svnweb.freebsd.org/changeset/doc/44111 Log: Include the latest additions to the options helpers. Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Mon Mar 3 16:44:01 2014 (r44110) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Mon Mar 3 18:49:52 2014 (r44111) @@ -3905,6 +3905,18 @@ LIB_DEPENDS+= liba.so:${PORTSDIR}/devel/ + CONFLICTS + + + + CONFLICTS_BUILD + + + + CONFLICTS_INSTALL + + + DISTFILES From owner-svn-doc-all@FreeBSD.ORG Tue Mar 4 01:43:32 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DF4F442F; Tue, 4 Mar 2014 01:43:32 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id B1D7AD5B; Tue, 4 Mar 2014 01:43:32 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s241hW7N036050; Tue, 4 Mar 2014 01:43:32 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s241hWZc036048; Tue, 4 Mar 2014 01:43:32 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403040143.s241hWZc036048@svn.freebsd.org> From: Glen Barber Date: Tue, 4 Mar 2014 01:43:32 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44112 - in head/en_US.ISO8859-1/htdocs: . internal X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Mar 2014 01:43:32 -0000 Author: gjb Date: Tue Mar 4 01:43:32 2014 New Revision: 44112 URL: http://svnweb.freebsd.org/changeset/doc/44112 Log: Update the doceng@ team charter to include doceng@ is responsible for appointing and overseeing webmaster@. Reviewed by: doceng (original version) Approved by: core Modified: head/en_US.ISO8859-1/htdocs/administration.xml head/en_US.ISO8859-1/htdocs/internal/doceng.xml Modified: head/en_US.ISO8859-1/htdocs/administration.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/administration.xml Mon Mar 3 18:49:52 2014 (r44111) +++ head/en_US.ISO8859-1/htdocs/administration.xml Tue Mar 4 01:43:32 2014 (r44112) @@ -472,7 +472,8 @@

    Webmaster Team <webmaster@FreeBSD.org>

    -

    The FreeBSD Webmaster Team is responsible for keeping the main FreeBSD web +

    The FreeBSD Webmaster Team is appointed by &os; Documentation Engineering Team, + and responsible for keeping the main FreeBSD web sites up and running. This means web server configuration, CGI scripts, fulltext and mailing list search. Anything web related, technical stuff belongs to the scope of the Webmaster Team, excluding bugs in the Modified: head/en_US.ISO8859-1/htdocs/internal/doceng.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/internal/doceng.xml Mon Mar 3 18:49:52 2014 (r44111) +++ head/en_US.ISO8859-1/htdocs/internal/doceng.xml Tue Mar 4 01:43:32 2014 (r44112) @@ -53,6 +53,10 @@ committer) changes that introduce broken links, cause the Web site build to break, or otherwise degrade the accessibility of the FreeBSD Web site and documentation.

    • + +
  • To appoint and oversee a &os; Webmaster Team that carries out + daily maintenance of the Project web servers in collaboration + with other teams.

    • It is specifically noted here that doceng@ is not a conflict From owner-svn-doc-all@FreeBSD.ORG Tue Mar 4 12:57:52 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B919C521; Tue, 4 Mar 2014 12:57:52 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id A5401FF4; Tue, 4 Mar 2014 12:57:52 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s24CvqaO006979; Tue, 4 Mar 2014 12:57:52 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s24CvqwM006978; Tue, 4 Mar 2014 12:57:52 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403041257.s24CvqwM006978@svn.freebsd.org> From: Warren Block Date: Tue, 4 Mar 2014 12:57:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44113 - head/en_US.ISO8859-1/books/fdp-primer/docbook-markup X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Mar 2014 12:57:52 -0000 Author: wblock Date: Tue Mar 4 12:57:52 2014 New Revision: 44113 URL: http://svnweb.freebsd.org/changeset/doc/44113 Log: Fix the example usage of an article link. Modified: head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Tue Mar 4 01:43:32 2014 (r44112) +++ head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Tue Mar 4 12:57:52 2014 (r44113) @@ -273,7 +273,7 @@ &url.articles.committers-guide; &url.articles.committers-guide; Usage: A link to the <link - xlink:href="&url.articles.committers-guide;"Committer's + xlink:href="&url.articles.committers-guide;">Committer's Guide</link> article. From owner-svn-doc-all@FreeBSD.ORG Tue Mar 4 15:54:27 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3DBF194D; Tue, 4 Mar 2014 15:54:27 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 2A6966BE; Tue, 4 Mar 2014 15:54:27 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s24FsR8r080043; Tue, 4 Mar 2014 15:54:27 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s24FsRHB080042; Tue, 4 Mar 2014 15:54:27 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403041554.s24FsRHB080042@svn.freebsd.org> From: Glen Barber Date: Tue, 4 Mar 2014 15:54:27 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44114 - head/en_US.ISO8859-1/htdocs/internal X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Mar 2014 15:54:27 -0000 Author: gjb Date: Tue Mar 4 15:54:26 2014 New Revision: 44114 URL: http://svnweb.freebsd.org/changeset/doc/44114 Log: The machines.html page is far from a complete list, so reword its reference to indicate that it is a list of general-access machines instead. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/internal/about.xml Modified: head/en_US.ISO8859-1/htdocs/internal/about.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/internal/about.xml Tue Mar 4 12:57:52 2014 (r44113) +++ head/en_US.ISO8859-1/htdocs/internal/about.xml Tue Mar 4 15:54:26 2014 (r44114) @@ -33,7 +33,7 @@ href="../donations/donors.html">contributors to the FreeBSD project.

    -

    A complete list of all host names in the FreeBSD.org domain +

    A list of general-access machines in the FreeBSD.org domain is available at the The FreeBSD.org Network page.

    From owner-svn-doc-all@FreeBSD.ORG Tue Mar 4 16:02:41 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E59D5B8E; Tue, 4 Mar 2014 16:02:41 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id D23CE7CB; Tue, 4 Mar 2014 16:02:41 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s24G2fWK084036; Tue, 4 Mar 2014 16:02:41 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s24G2fcY084035; Tue, 4 Mar 2014 16:02:41 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403041602.s24G2fcY084035@svn.freebsd.org> From: Glen Barber Date: Tue, 4 Mar 2014 16:02:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44115 - head/en_US.ISO8859-1/htdocs/internal X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Mar 2014 16:02:42 -0000 Author: gjb Date: Tue Mar 4 16:02:41 2014 New Revision: 44115 URL: http://svnweb.freebsd.org/changeset/doc/44115 Log: Mention Bytemark, ISC, NYI as hardware/network providers. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/internal/about.xml Modified: head/en_US.ISO8859-1/htdocs/internal/about.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/internal/about.xml Tue Mar 4 15:54:26 2014 (r44114) +++ head/en_US.ISO8859-1/htdocs/internal/about.xml Tue Mar 4 16:02:41 2014 (r44115) @@ -29,6 +29,9 @@ Naturally, these systems all run FreeBSD. The hardware and network connection have been generously provided by BSDi, Bytemark Hosting, Internet Systems Consortium, New York Internet, Yahoo!, and other contributors to the FreeBSD project.

    From owner-svn-doc-all@FreeBSD.ORG Tue Mar 4 17:02:37 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5F122E62; Tue, 4 Mar 2014 17:02:37 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 2D11FD4C; Tue, 4 Mar 2014 17:02:37 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s24H2bYm008695; Tue, 4 Mar 2014 17:02:37 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s24H2bWS008694; Tue, 4 Mar 2014 17:02:37 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403041702.s24H2bWS008694@svn.freebsd.org> From: Glen Barber Date: Tue, 4 Mar 2014 17:02:36 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44116 - head/en_US.ISO8859-1/htdocs/internal X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Mar 2014 17:02:37 -0000 Author: gjb Date: Tue Mar 4 17:02:36 2014 New Revision: 44116 URL: http://svnweb.freebsd.org/changeset/doc/44116 Log: Dereference ipv6gw. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/internal/machines.xml Modified: head/en_US.ISO8859-1/htdocs/internal/machines.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/internal/machines.xml Tue Mar 4 16:02:41 2014 (r44115) +++ head/en_US.ISO8859-1/htdocs/internal/machines.xml Tue Mar 4 17:02:36 2014 (r44116) @@ -144,11 +144,6 @@ this file.

    -ipv6gw -IPv6 tunnel router (peer is at ISC). - - - mx1 Inbound Mail services. From owner-svn-doc-all@FreeBSD.ORG Tue Mar 4 19:18:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 44A3B6E2; Tue, 4 Mar 2014 19:18:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 25099C56; Tue, 4 Mar 2014 19:18:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s24JIAaB065850; Tue, 4 Mar 2014 19:18:10 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s24JI9Fl065849; Tue, 4 Mar 2014 19:18:09 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201403041918.s24JI9Fl065849@svn.freebsd.org> From: Gabor Pali Date: Tue, 4 Mar 2014 19:18:09 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44117 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Mar 2014 19:18:10 -0000 Author: pgj Date: Tue Mar 4 19:18:09 2014 New Revision: 44117 URL: http://svnweb.freebsd.org/changeset/doc/44117 Log: - Update documentation on how to prepare the quarterly status reports Modified: head/en_US.ISO8859-1/htdocs/news/status/README Modified: head/en_US.ISO8859-1/htdocs/news/status/README ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/README Tue Mar 4 17:02:36 2014 (r44116) +++ head/en_US.ISO8859-1/htdocs/news/status/README Tue Mar 4 19:18:09 2014 (r44117) @@ -11,17 +11,25 @@ Compiling status reports - best practice writing. Make sure to keep them up to date with regard to categories to pick from and place them prominently in the CFR - otherwise people submit plain text reports and you have to format them yourself. + - Reporting howto is at: http://www.freebsd.org/news/status/howto.html. + It contains a great deal of useful hints for the submitters on how + to write good reports. But it also helps to forward all the completed + reports to developers for reference, and point to the latest report + in the CFR. 2) In the past we usually had to extend the deadline by a week in order to get everybody to report. Starting early with kind reminders seems to - help ;) + help ;) Ideally, reminders should be sent at least one month before the + deadline. But it is worthwhile the keep sending reminders two weeks + before the deadline and on the day of the deadline. 3) The following groups should be definitely approached for a report on their recent activities: - core@, portmgr@, doceng@, secteam@, re@, postmaster@, clusteradm@, devsummit@ (team reports). - FreeBSD Foundation (emaste@), participants of Foundation-sponsored - projects. + projects, deb@ (Deb Goodkin) can also do a report for the Foundation + itself. - Various conference organizers, depending on the season: - BSDCan (info@bsdcan.org) May (April-June) - EuroBSDcon (foundation@eurobsdcon.org) Sept-Oct (October-December) @@ -35,10 +43,19 @@ Compiling status reports - best practice if at all possible. 4) Building the report: - - Accumulate the received reports in a single .xml file and use tidy(1) to - get them well-formatted. Usually s without a description are missing - the closing "/>" which is the cause for most of the errors you will - encounter. Sometimes other closing tags are missing. + - Fold the reports into a work-in-progress draft as they are coming in (see + point 5) for putting the report together). Commit the result and hook the + draft into the build, so you can (almost) immediately provide the + submitters a preview of their entries. This is also a good excuse to do + a acknowledgement on the receipt. + - While the report draft is kept updated, other doc-committers (wblock, + pluknet, and bjk, for example) may review the individual entries and + propose fixes. + - As mentioned above, the received reports should be in a single .xml file, + where tidy(1) may be used to get them well-formatted. Usually s + without a description are missing the closing "/>" which is the cause for + most of the errors you will encounter. Sometimes other closing tags are + missing. - Invoking tidy with the following options seems to cause the fewest problems: tidy -xml -i -wrap 74 -latin1 -preserve - Some special characters still break with that - noticed when sos@ @@ -54,13 +71,8 @@ Compiling status reports - best practice
  • some item

    • Some more blabla ... - - Review and commit the reports immediately as they are coming in. Hook the - resulting XML to the build for the first time but do not link to it from - anywhere. This gives time for other committers to review and suggest - minor changes. -5) After a couple of iterations of the above, wrap the whole thing in a - report template: +5) Wrapping the whole thing in a report template: - Categories are subject to change obviously. They come out in the order + - Categories are subject to change obviously. They come out in the order as stated in the report. After another round of tidy(1) try to balance the categories. Put things where they belong best, retire categories that don't fill up, etc. Adding it to your local build and looking at the html helps. Make sure you have an up-to-date doc tree. + - theraven may be poked for composing a nice introduction for the reports. + But should be usually the last step in the process; a good introduction + can be only written once the report is considered finished. + 6) Sending it out: - - Explicitly mail all the submitters (in BCC:) with the link pointing to - the HTML version of the prepared report so they could check their - entries before publication. It is wise to set an exact deadline for - this, in order to avoid late comments. - After a few days, collate and commit the changes. Also update the next due date in status.xml and link to the new report. - Add a news entry to head/share/xml/news.xml. Template: @@ -167,8 +179,8 @@ Report//EN" - Extract a text version with the command lynx -dump -nolist report.html > report.txt and prettify it. - - Send out To: hackers, CC: current, stable. New email to: announce@. - This needs to be approved, so find someone who can do that before you - start. + - Send out To: hackers, CC: current, stable, BCC: developers. New email + to: announce@. This last one needs to be approved, so find someone + (mail postmaster) who can do that before you start. 7) Repeat. From owner-svn-doc-all@FreeBSD.ORG Tue Mar 4 19:25:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2F7379D8; Tue, 4 Mar 2014 19:25:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 1D470D36; Tue, 4 Mar 2014 19:25:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s24JPMko069536; Tue, 4 Mar 2014 19:25:22 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s24JPMGA069535; Tue, 4 Mar 2014 19:25:22 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201403041925.s24JPMGA069535@svn.freebsd.org> From: Gabor Pali Date: Tue, 4 Mar 2014 19:25:22 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44118 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Mar 2014 19:25:23 -0000 Author: pgj Date: Tue Mar 4 19:25:22 2014 New Revision: 44118 URL: http://svnweb.freebsd.org/changeset/doc/44118 Log: - Include a paragraph on project sponsors in the quarterly status reports Modified: head/en_US.ISO8859-1/htdocs/news/status/howto.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/howto.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/howto.xml Tue Mar 4 19:18:09 2014 (r44117) +++ head/en_US.ISO8859-1/htdocs/news/status/howto.xml Tue Mar 4 19:25:22 2014 (r44118) @@ -84,6 +84,18 @@ Yoyodyne's range Frobnicator of network be ready for wider use, for testing, for deployment in production, and so on)?

    +

    Sponsorship

    + +

    Do not forget about your sponsors.

    + +

    If you or your project has received sponsorship, a scholarship from + somebody or you have been already working as a contractor or an + employee for a company, please include it. Sponsors always + certainly appreciate if you thank them for their funding, but it is + also beneficial for them to show that they are actively supporting + the Project this way. Last, but not least, this helps &os; to learn + more about its important consumers.

    +

    Open Items

    If help is needed, make this explicit!

    From owner-svn-doc-all@FreeBSD.ORG Tue Mar 4 19:52:53 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7D2F17E4; Tue, 4 Mar 2014 19:52:53 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 50161FEC; Tue, 4 Mar 2014 19:52:53 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s24JqruS081729; Tue, 4 Mar 2014 19:52:53 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s24JqrhM081728; Tue, 4 Mar 2014 19:52:53 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201403041952.s24JqrhM081728@svn.freebsd.org> From: Gabor Pali Date: Tue, 4 Mar 2014 19:52:53 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44119 - head/en_US.ISO8859-1/htdocs/cgi X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Mar 2014 19:52:53 -0000 Author: pgj Date: Tue Mar 4 19:52:52 2014 New Revision: 44119 URL: http://svnweb.freebsd.org/changeset/doc/44119 Log: - Attempt to implement support for the sponsor tag in the quarterly status report generator Assisted by: gjb Modified: head/en_US.ISO8859-1/htdocs/cgi/monthly.cgi Modified: head/en_US.ISO8859-1/htdocs/cgi/monthly.cgi ============================================================================== --- head/en_US.ISO8859-1/htdocs/cgi/monthly.cgi Tue Mar 4 19:25:22 2014 (r44118) +++ head/en_US.ISO8859-1/htdocs/cgi/monthly.cgi Tue Mar 4 19:52:52 2014 (r44119) @@ -11,6 +11,7 @@ my $debug = param("debug") || ""; my $NumDevelopers = 3; my $NumLinks = 4; +my $NumSponsors = 2; my $NumTasks = 5; my @messages; @@ -118,6 +119,16 @@ if ($Submit) } } + my @sponsors; + foreach my $Num (1..$NumSponsors) + { + my $sponsor = param("Sponsor$Num") || ""; + push(@hidden, hidden("Sponsor$Num")); + + next unless $sponsor; + push(@sponsors, xml(2, "sponsor", "", xmltext(3, $sponsor))); + } + my @tasks; foreach my $Num (1..$NumTasks) { @@ -149,6 +160,8 @@ if ($Submit) xml(1, "body", xml(2, "p", "", xmltext(3, @info))), "\n", + @sponsors, + "\n", xml(1, "help", "", @tasks), ); my $contents = join('', @contents); @@ -180,6 +193,13 @@ foreach my $Num (1..$NumLinks) td(textfield(-name => "Desc$Num", -size => 20)))); } +my @SponsorTable; +foreach my $Num (1..$NumSponsors) +{ + push(@SponsorTable, + TR(td(textarea(-name => "Sponsor$Num", -rows => 1, -cols => 60)))); +} + my @TaskTable; foreach my $Num (1..$NumTasks) { @@ -227,6 +247,13 @@ print -rows => 7, -cols => 60)), + h3("Sponsors (optional):"), + blockquote(table({"BORDER" => 0, + "COLS" => 1, + "NOSAVE" => 1}, + TR(td("Name")), + @SponsorTable)), + h3("Open tasks (optional):"), blockquote(table({"BORDER" => 0, "COLS" => 5, From owner-svn-doc-all@FreeBSD.ORG Tue Mar 4 20:10:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C1862F23; Tue, 4 Mar 2014 20:10:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id AD40E236; Tue, 4 Mar 2014 20:10:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s24KAtKY088794; Tue, 4 Mar 2014 20:10:55 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s24KAtZi088793; Tue, 4 Mar 2014 20:10:55 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403042010.s24KAtZi088793@svn.freebsd.org> From: Dru Lavigne Date: Tue, 4 Mar 2014 20:10:55 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44120 - head/en_US.ISO8859-1/books/handbook/firewalls X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Mar 2014 20:10:55 -0000 Author: dru Date: Tue Mar 4 20:10:55 2014 New Revision: 44120 URL: http://svnweb.freebsd.org/changeset/doc/44120 Log: Section on IPFW NAT now reads better. Unfortunately, it is outdated as of 7.x. Will need to review EXAMPLES in ipfw(8) and address PR121952. Will hold off rest of commits to this chapter until someone gets a chance to do so. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Tue Mar 4 19:52:52 2014 (r44119) +++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Tue Mar 4 20:10:55 2014 (r44120) @@ -2163,12 +2163,12 @@ pif="dc0" # interface name of NIC at To do this, the &os; machine connected to the Internet must act as a gateway. This system must have two NICs, where one is connected to the Internet - and the other is connected to the internal LAN. All the - machines connected to the LAN should be assigned - an IP addresses in the private network space, + and the other is connected to the internal LAN. Each + machine connected to the LAN should be assigned + an IP address in the private network space, as defined by RFC - 1918, and have their default gateway set to the + 1918, and have the default gateway set to the &man.natd.8; system's internal IP address. @@ -2177,7 +2177,7 @@ pif="dc0" # interface name of NIC at IPFW. If the system has a custom kernel, the kernel configuration file needs to include option IPDIVERT along with the other - IPFIREWALL options. + IPFIREWALL options described in . To enable NAT support at boot time, the following must be in @@ -2224,127 +2224,100 @@ redirect_port tcp 192.168.0.3:80 80 #!/bin/sh +ipfw -q -f flush cmd="ipfw -q add" skip="skipto 500" -pif=rl0 +pif=dc0 ks="keep-state" -good_tcpo="22,25,37,43,53,80,443,110,119" +good_tcpo="22,25,37,53,80,443,110" -ipfw -q -f flush - - The NAT rule is inserted + The inbound NAT rule is inserted after the two rules which allow all traffic on the trusted internal interface and on the loopback interface and before the check-state rule. It is important that the - rule number selected for the NAT rule, in + rule number selected for this NAT rule, in this example 100, is higher than the first two rules and lower than the check-state rule: $cmd 005 allow all from any to any via xl0 # exclude LAN traffic $cmd 010 allow all from any to any via lo0 # exclude loopback traffic - -# NAT any inbound packets -$cmd 100 divert natd ip from any to any in via $pif +$cmd 100 divert natd ip from any to any in via $pif # NAT any inbound packets # Allow the packet through if it has an existing entry in the dynamic rules table $cmd 101 check-state - The processing flow starts with the first rule from the - top of the ruleset and progresses one rule at a time until - the end is reached or the packet matches and the packet is - released out of the firewall. Take note of the location of - rule numbers 100 101, 450, 500, and 510. These rules - control the translation of the outbound and inbound packets - so that their entries in the dynamic keep-state table always - register the private LAN IP address. All the allow and deny - rules specify the direction of the packet and the interface. - All start outbound session requests will - skipto rule 500 to undergo NAT. + The outbound rules are modified to replace the + allow action with the + $skip variable, indicating that rule + processing will continue at rule 500. The + seven tcp rules have been replaced by rule + 125 as the + $good_tcpo variable contains the + seven allowed outbound ports. + + # Authorized outbound packets +$cmd 120 $skip udp from any to x.x.x.x 53 out via $pif $ks +$cmd 121 $skip udp from any to x.x.x.x 67 out via $pif $ks +$cmd 125 $skip tcp from any to any $good_tcpo out via $pif setup $ks +$cmd 130 $skip icmp from any to any out via $pif $ks - Consider a web browser which initializes a new HTTP + The inbound rules remain the same, except for the very + last rule which removes the via $pif in + order to catch both inbound and outbound rules. The + NAT rule must follow this last outbound + rule, must have a higher number than that last rule, and the + rule number must be referenced by the + skipto action. In this ruleset, + rule number 500 diverts all + packets which match the outbound rules to &man.natd.8; for + NAT processing. The next rule allows any + packet which has undergone NAT processing + to pass. + + $cmd 499 deny log all from any to any +$cmd 500 divert natd ip from any to any out via $pif # skipto location for outbound stateful rules +$cmd 510 allow ip from any to any + + In this example, rules 100, + 101, 125, + 500, and 510 + control the address translation of the outbound and inbound packets + so that the entries in the dynamic state table always + register the private LAN + IP address. + + Consider an internal web browser which initializes a new outbound HTTP session over port 80. When the first outbound packet enters - the firewall, it does not match rule 100 because it is - headed out rather than in. It passes rule 101 because this - is the first packet, and it has not been posted to the - dynamic keep-state table yet. The packet finally matches - rule 125 as it is outbound through the NIC facing the - Internet and has a source IP address as a private LAN IP - address. On matching this rule, two actions take place. - keep-state adds this rule to the dynamic - keep-state rules table and the specified action is executed - and posted as part of the info in the dynamic table. In - this case, the action is skipto rule 500. - Rule 500 NATs the packet IP address and - sends it out to the Internet. This packet makes its way to + the firewall, it does not match rule 100 because it is + headed out rather than in. It passes rule 101 because this + is the first packet and it has not been posted to the + dynamic state table yet. The packet finally matches + rule 125 as it is outbound on an allowed port + and has a source IP address from the internal LAN. + On matching this rule, two actions take place. + First, the keep-state action adds an entry to the dynamic + state table and the specified action, skipto rule 500, is executed. + Next, the packet undergoes NAT and + is sent out to the Internet. This packet makes its way to the destination web server, where a response packet is generated and sent back. This new packet enters the top of - the ruleset. It matches rule 100 and has it destination IP - address mapped back to the corresponding LAN IP address. It + the ruleset. It matches rule 100 and has it destination IP + address mapped back to the original internal address. It then is processed by the check-state rule, is found in the table as an existing session, and is - released to the LAN. It goes to the LAN system that sent it - and a new packet is sent requesting another segment of the - data from the remote server. This time it matches the - check-state rule, its outbound entry is - found, and the associated action, - skipto 500, is executed. The packet - jumps to rule 500, gets NATed, and is - released to the Internet. - - On the inbound side, everything coming in that is part of - an existing session is automatically handled by the - check-state rule and the properly placed - divert natd rules. The ruleset only has + released to the LAN. + + On the inbound side, the ruleset has to deny bad packets and allow only authorized services. - Consider a web server running on the firewall where web - requests from the Internet should have access to the local - web site. An inbound start request packet will match rule - 100 and its IP address will be mapped to the LAN IP address - of the firewall. The packet is then matched against all the - nasty things that need to be checked and finally matches - rule 425 where two actions occur. The packet rule is posted - to the dynamic keep-state table but this time, any new - session requests originating from that source IP address are - limited to 2. This defends against DoS attacks against the - service running on the specified port number. The action is - allow, so the packet is released to the - LAN. The packet generated as a response is recognized by the - check-state as belonging to an existing - session. It is then sent to rule 500 for - NATing and released to the outbound + A packet which matches an inbound rule + is posted + to the dynamic state table and the packet is released to the + LAN. The packet generated as a response is recognized by the + check-state rule as belonging to an existing + session. It is then sent to rule 500 to undergo + NAT before being released to the outbound interface. - -# Authorized outbound packets -$cmd 120 $skip udp from any to xx.168.240.2 53 out via $pif $ks -$cmd 121 $skip udp from any to xx.168.240.5 53 out via $pif $ks -$cmd 125 $skip tcp from any to any $good_tcpo out via $pif setup $ks -$cmd 130 $skip icmp from any to any out via $pif $ks -$cmd 135 $skip udp from any to any 123 out via $pif $ks - - -# Deny all inbound traffic from non-routable reserved address spaces -$cmd 300 deny all from 192.168.0.0/16 to any in via $pif #RFC 1918 private IP -$cmd 301 deny all from 172.16.0.0/12 to any in via $pif #RFC 1918 private IP -$cmd 302 deny all from 10.0.0.0/8 to any in via $pif #RFC 1918 private IP -$cmd 303 deny all from 127.0.0.0/8 to any in via $pif #loopback -$cmd 304 deny all from 0.0.0.0/8 to any in via $pif #loopback -$cmd 305 deny all from 169.254.0.0/16 to any in via $pif #DHCP auto-config -$cmd 306 deny all from 192.0.2.0/24 to any in via $pif #reserved for docs -$cmd 307 deny all from 204.152.64.0/23 to any in via $pif #Sun cluster -$cmd 308 deny all from 224.0.0.0/3 to any in via $pif #Class D & E multicast - -# Authorized inbound packets -$cmd 400 allow udp from xx.70.207.54 to any 68 in $ks -$cmd 420 allow tcp from any to me 80 in via $pif setup limit src-addr 1 - - -$cmd 450 deny log ip from any to any - -# This is skipto location for outbound stateful rules -$cmd 500 divert natd ip from any to any out via $pif -$cmd 510 allow ip from any to any - Port Redirection From owner-svn-doc-all@FreeBSD.ORG Tue Mar 4 20:28:29 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DBEBD7C7; Tue, 4 Mar 2014 20:28:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C909E645; Tue, 4 Mar 2014 20:28:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s24KSTbE095212; Tue, 4 Mar 2014 20:28:29 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s24KSTmi095211; Tue, 4 Mar 2014 20:28:29 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201403042028.s24KSTmi095211@svn.freebsd.org> From: Gabor Pali Date: Tue, 4 Mar 2014 20:28:29 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44121 - head/en_US.ISO8859-1/htdocs/cgi X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Mar 2014 20:28:29 -0000 Author: pgj Date: Tue Mar 4 20:28:29 2014 New Revision: 44121 URL: http://svnweb.freebsd.org/changeset/doc/44121 Log: - Improve formatting when generating sponsor entries Modified: head/en_US.ISO8859-1/htdocs/cgi/monthly.cgi Modified: head/en_US.ISO8859-1/htdocs/cgi/monthly.cgi ============================================================================== --- head/en_US.ISO8859-1/htdocs/cgi/monthly.cgi Tue Mar 4 20:10:55 2014 (r44120) +++ head/en_US.ISO8859-1/htdocs/cgi/monthly.cgi Tue Mar 4 20:28:29 2014 (r44121) @@ -126,7 +126,12 @@ if ($Submit) push(@hidden, hidden("Sponsor$Num")); next unless $sponsor; - push(@sponsors, xml(2, "sponsor", "", xmltext(3, $sponsor))); + push(@sponsors, xml(1, "sponsor", "", xmltext(2, $sponsor))); + } + + if (@sponsors) + { + push(@sponsors, "\n"); } my @tasks; @@ -161,7 +166,6 @@ if ($Submit) xml(2, "p", "", xmltext(3, @info))), "\n", @sponsors, - "\n", xml(1, "help", "", @tasks), ); my $contents = join('', @contents); From owner-svn-doc-all@FreeBSD.ORG Tue Mar 4 20:54:37 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9463A533; Tue, 4 Mar 2014 20:54:37 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 802959A6; Tue, 4 Mar 2014 20:54:37 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s24KsbME007369; Tue, 4 Mar 2014 20:54:37 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s24Ksbrt007368; Tue, 4 Mar 2014 20:54:37 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403042054.s24Ksbrt007368@svn.freebsd.org> From: Dru Lavigne Date: Tue, 4 Mar 2014 20:54:37 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44122 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Mar 2014 20:54:37 -0000 Author: dru Date: Tue Mar 4 20:54:36 2014 New Revision: 44122 URL: http://svnweb.freebsd.org/changeset/doc/44122 Log: Initial prep work to merge Diskless Booting and PXE chapters as much of their content overlaps. The next few commits will merge the content into a readable flow. Sponsored by: iXsystems. Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Tue Mar 4 20:28:29 2014 (r44121) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Tue Mar 4 20:54:36 2014 (r44122) @@ -37,14 +37,7 @@ - How to set up network booting on a diskless - machine. - - - - How to set up network PXE booting - with an - NFS root file system. + How to set up network PXE booting. @@ -3833,7 +3826,7 @@ ifconfig_lagg0="laggp - Diskless Operation + Diskless Operation with <acronym>PXE</acronym> @@ -4005,9 +3998,6 @@ ifconfig_lagg0="laggp - Setup Instructions - - Configuration Using <application>ISC DHCP</application> @@ -4101,10 +4091,11 @@ subnet 192.168.4.0 netmask 255.255.255.0 same as the TFTP one. - + - - Booting with <acronym>PXE</acronym> + + Configuring the <acronym>TFTP</acronym> and + <acronym>NFS</acronym> Servers By default, &man.pxeboot.8; loads the kernel via NFS. It can be compiled to use @@ -4124,11 +4115,6 @@ subnet 192.168.4.0 netmask 255.255.255.0 select the Boot from network option in the BIOS setup or type a function key during system initialization. - - - - Configuring the <acronym>TFTP</acronym> and - <acronym>NFS</acronym> Servers TFTP @@ -4213,10 +4199,10 @@ subnet 192.168.4.0 netmask 255.255.255.0 &prompt.root; service mountd restart - + - - Building a Diskless Kernel + + Preparing the Root File System diskless operation @@ -4252,10 +4238,6 @@ options BOOTP_NFSROOT # NFS mount r , and copy it to the place specified in /usr/local/etc/dhcpd.conf. - - - - Preparing the Root File System root file system @@ -4267,11 +4249,8 @@ options BOOTP_NFSROOT # NFS mount r root-path in /usr/local/etc/dhcpd.conf. - - Using <command>make world</command> to Populate - Root - - This method is quick and will install a complete + Using make world to populate + root is quick and will install a complete virgin system, not just the root file system, into DESTDIR. Execute the following script: @@ -4288,18 +4267,14 @@ cd /usr/src/etc; make distribution/etc/fstab placed into DESTDIR according to the system's requirements. - - + - + Configuring Swap If needed, a swap file located on the server can be accessed via NFS. - - <acronym>NFS</acronym> Swap - The kernel does not support enabling NFS swap at boot time. Swap must be enabled by the startup scripts, by mounting a writable @@ -4312,30 +4287,21 @@ cd /usr/src/etc; make distribution/etc/rc.conf: swapfile=/path/to/swapfile - - + - + Miscellaneous Issues - - Running with a Read-only - <filename>/usr</filename> - diskless operation /usr read-only If the diskless workstation is configured to run - &xorg;, adjust the + &xorg; and is running with a read-only /usr, adjust the XDM configuration file as it puts the error log on /usr by default. - - - - Using a Non-&os; Server When the server for the root file system is not running &os;, create the root file system on a &os; @@ -4349,12 +4315,9 @@ cd /usr/src/etc; make distribution - - - - + PXE Booting with an <acronym>NFS</acronym> Root File System @@ -4398,6 +4361,7 @@ cd /usr/src/etc; make distribution for more information about the &os; booting process. + Setting Up the &man.chroot.8; Environment for the From owner-svn-doc-all@FreeBSD.ORG Tue Mar 4 22:40:58 2014 Return-Path: <owner-svn-doc-all@FreeBSD.ORG> Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4A96FAB4; Tue, 4 Mar 2014 22:40:58 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 3569467F; Tue, 4 Mar 2014 22:40:58 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s24MewtA051546; Tue, 4 Mar 2014 22:40:58 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s24MewvZ051545; Tue, 4 Mar 2014 22:40:58 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403042240.s24MewvZ051545@svn.freebsd.org> From: Dru Lavigne <dru@FreeBSD.org> Date: Tue, 4 Mar 2014 22:40:58 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44123 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" <svn-doc-all.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/svn-doc-all/> List-Post: <mailto:svn-doc-all@freebsd.org> List-Help: <mailto:svn-doc-all-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=subscribe> X-List-Received-Date: Tue, 04 Mar 2014 22:40:58 -0000 Author: dru Date: Tue Mar 4 22:40:57 2014 New Revision: 44123 URL: http://svnweb.freebsd.org/changeset/doc/44123 Log: Start to merge content. Many more commits needed to get this into a logical flow. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Tue Mar 4 20:54:36 2014 (r44122) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Tue Mar 4 22:40:57 2014 (r44123) @@ -3862,24 +3862,34 @@ ifconfig_<literal>lagg0</literal>="laggp is relatively easy to set up because all the necessary elements are readily available:</para> + <itemizedlist> + <listitem> <para>The &intel; Preboot eXecution Environment (<acronym>PXE</acronym>) can be used to load the kernel over the network. It provides a form of smart boot <acronym>ROM</acronym> built into some networking cards or motherboards. See &man.pxeboot.8; for more details.</para> + </listitem> + <listitem> <para>A sample script (<filename>/usr/share/examples/diskless/clone_root</filename>) eases the creation and maintenance of the workstation's root file system on the server. The script will probably require a little customization.</para> + </listitem> + <listitem> <para>Standard system startup files exist in <filename>/etc</filename> to detect and support a diskless system startup.</para> + </listitem> + <listitem> <para>Swapping, if needed, can be done either to an <acronym>NFS</acronym> file or to a local disk.</para> + </listitem> +</itemizedlist> <para>There are many ways to set up diskless workstations. Many elements are involved, and most can be customized to suit local @@ -3893,12 +3903,16 @@ ifconfig_<literal>lagg0</literal>="laggp <para>The diskless workstations use a shared, read-only <filename>/</filename> and <filename>/usr</filename>.</para> + </listitem> + <listitem> <para>The root file system is a copy of a standard &os; root, with some configuration files overridden by ones specific to diskless operation or, possibly, to the workstation they belong to.</para> + </listitem> + <listitem> <para>The parts of the root which have to be writable are overlaid with &man.md.4; file systems. Any changes will be lost when the system reboots.</para> @@ -3914,28 +3928,8 @@ ifconfig_<literal>lagg0</literal>="laggp <sect2> <title>Background Information - Setting up diskless workstations is both relatively - straightforward and prone to errors. These are sometimes - difficult to diagnose for a number of reasons. For - example: - - - - Compile time options may determine different behaviors - at runtime. - - - - Error messages are often cryptic or totally - absent. - - - - In this context, having some knowledge of the background - mechanisms involved is useful to solve the problems that may - arise. - - Several operations need to be performed for a successful + When setting up diskless workstations, several operations + need to be performed for a successful bootstrap: @@ -3950,9 +3944,7 @@ ifconfig_lagg0="laggp configure a system to use only BOOTP and &man.bootpd.8; is included in the base &os; system. - - DHCP has a number of advantages over BOOTP such as nicer configuration files and support for PXE. This @@ -3964,16 +3956,13 @@ ifconfig_lagg0="laggp - The machine needs to transfer one or several programs - to local memory. Either TFTP or - NFS are used. The choice between - TFTP and NFS is a - compile time option in several places. A common source of - error is to specify filenames for the wrong protocol. - TFTP typically transfers all files from - a single directory on the server and expects filenames - relative to this directory. NFS needs - absolute file paths. + The machine needs to boot the loader using + TFTP. + + + + The root filesystem needs to be loaded using + NFS. @@ -3997,15 +3986,21 @@ ifconfig_lagg0="laggp Refer to &man.diskless.8; for more information. - - Configuration Using <application>ISC - DHCP</application> + + Configuring the <application>ISC + DHCP</application> Server DHCP diskless operation + PXE requires a TFTP + and a DHCP server to be set up. The + DHCP server does not need to be the same + machine as the TFTP server, but it needs + to be accessible in the network. + The ISC DHCP server can answer both BOOTP and DHCP requests. @@ -4013,56 +4008,62 @@ ifconfig_lagg0="laggp ISC DHCP is not part of the base system. Install the net/isc-dhcp42-server port or - package. + package, following the instructions documented at . Make sure that + /etc/rc.conf and + /usr/local/etc/dhcpd.conf are + correctly configured.. Once ISC DHCP is installed, edit its configuration file, - /usr/local/etc/dhcpd.conf. Here - follows a commented example for PXE host - corbieres: - - default-lease-time 600; -max-lease-time 7200; -authoritative; - -option domain-name "example.com"; -option domain-name-servers 192.168.4.1; -option routers 192.168.4.1; - -subnet 192.168.4.0 netmask 255.255.255.0 { - use-host-decl-names on; - option subnet-mask 255.255.255.0; - option broadcast-address 192.168.4.255; - - host corbieres { - hardware ethernet 00:02:b3:27:62:df; - fixed-address corbieres.example.com; - next-server 192.168.4.4; - filename "pxeboot"; - option root-path "192.168.4.4:/data/misc/diskless"; - } + /usr/local/etc/dhcpd.conf. Configure + the next-server, + filename, and + option root-path settings to specify + the TFTP server IP + address, the path to /boot/pxeboot + in TFTP, and the path to the + NFS root file system. Here is a sample + dhcpd.conf setup: + + subnet 192.168.0.0 netmask 255.255.255.0 { + range 192.168.0.2 192.168.0.3 ; + option subnet-mask 255.255.255.0 ; + option routers 192.168.0.1 ; + option broadcast-address 192.168.0.255 ; + option domain-name-servers 192.168.35.35, 192.168.35.36 ; + option domain-name "example.com"; + + # IP address of TFTP server + next-server 192.168.0.1 ; + + # path of boot loader obtained + # via tftp + filename "FreeBSD/install/boot/pxeboot" ; + + # pxeboot boot loader will try to NFS mount this directory for root FS + option root-path "192.168.0.1:/b/tftpboot/FreeBSD/install/" ; + } - - + - The next-server directive designates the TFTP or NFS server to use for loading &man.loader.8; or the kernel file. The default is to use the same host as the DHCP server. - - The filename directive defines the file that PXE will load for the next execution step. It must be specified according @@ -4078,9 +4079,7 @@ subnet 192.168.4.0 netmask 255.255.255.0 GENERIC kernel, it is possible to use PXE to boot from a remote CD-ROM. - - The root-path option defines the path to the root file system, in usual NFS notation. When using @@ -4089,27 +4088,40 @@ subnet 192.168.4.0 netmask 255.255.255.0 BOOTP kernel option is not enabled. The NFS server will then be the same as the TFTP one. - - - Configuring the <acronym>TFTP</acronym> and - <acronym>NFS</acronym> Servers + Configuring the + <acronym>NFS</acronym> Server - By default, &man.pxeboot.8; loads the kernel via - NFS. It can be compiled to use - TFTP instead by specifying the - LOADER_TFTP_SUPPORT option in - /etc/make.conf. See the comments in - /usr/share/examples/etc/make.conf for - instructions. - - There are two other make.conf - options which may be useful for setting up a serial console - diskless machine: - BOOT_PXELDR_PROBE_KEYBOARD, and - BOOT_PXELDR_ALWAYS_SERIAL. + Enable + NFS and export the appropriate file + system on the NFS server. + + Add this line to + /etc/rc.conf: + + nfs_server_enable="YES" + + Export the file system where the diskless root + directory is located by adding the following to + /etc/exports. Adjust the + mount point and replace + corbieres with the names of the diskless + workstations: + + /data/misc -alldirs -ro margaux corbieres + + Tell &man.mountd.8; to reread its configuration + file. If NFS is enabled in + /etc/rc.conf, it is recommended + to reboot instead. + + &prompt.root; service mountd restart + + + + Configuring the <acronym>TFTP</acronym> Server To use PXE when the machine starts, select the Boot from network option in @@ -4125,9 +4137,7 @@ subnet 192.168.4.0 netmask 255.255.255.0 diskless operation - If PXE is configured to use - TFTP, enable &man.tftpd.8; on the file - server: + To enable &man.tftpd.8;, perform the following steps: @@ -4166,40 +4176,7 @@ subnet 192.168.4.0 netmask 255.255.255.0 anywhere on the server. Make sure that the location is set in both /etc/inetd.conf and /usr/local/etc/dhcpd.conf. - - Enable - NFS and export the appropriate file - system on the NFS server. - - - - Add this line to - /etc/rc.conf: - - nfs_server_enable="YES" - - - - Export the file system where the diskless root - directory is located by adding the following to - /etc/exports. Adjust the - mount point and replace - corbieres with the names of the diskless - workstations: - - /data/misc -alldirs -ro margaux corbieres - - - - Tell &man.mountd.8; to reread its configuration - file. If NFS is enabled in - /etc/rc.conf, it is recommended - to reboot instead. - - &prompt.root; service mountd restart - - - + Preparing the Root File System @@ -4520,59 +4497,6 @@ myhost.example.com:/b/tftpboot/FreeBSD/i them. - - Setting up the <acronym>DHCP</acronym> Server - - PXE requires a TFTP - and a DHCP server to be set up. The - DHCP server does not need to be the same - machine as the TFTP server, but it needs - to be accessible in the network. - - - - Install the DHCP server by - following the instructions documented at . Make sure that - /etc/rc.conf and - /usr/local/etc/dhcpd.conf are - correctly configured. - - - - In /usr/local/etc/dhcpd.conf, - configure the next-server, - filename, and - option root-path settings to specify - the TFTP server IP - address, the path to /boot/pxeboot - in TFTP, and the path to the - NFS root file system. Here is a sample - dhcpd.conf setup: - - subnet 192.168.0.0 netmask 255.255.255.0 { - range 192.168.0.2 192.168.0.3 ; - option subnet-mask 255.255.255.0 ; - option routers 192.168.0.1 ; - option broadcast-address 192.168.0.255 ; - option domain-name-servers 192.168.35.35, 192.168.35.36 ; - option domain-name "example.com"; - - # IP address of TFTP server - next-server 192.168.0.1 ; - - # path of boot loader obtained - # via tftp - filename "FreeBSD/install/boot/pxeboot" ; - - # pxeboot boot loader will try to NFS mount this directory for root FS - option root-path "192.168.0.1:/b/tftpboot/FreeBSD/install/" ; - -} - - - - Configuring the <acronym>PXE</acronym> Client and Debugging Connection Problems From owner-svn-doc-all@FreeBSD.ORG Tue Mar 4 22:45:38 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A25FABB4; Tue, 4 Mar 2014 22:45:38 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8237F76F; Tue, 4 Mar 2014 22:45:38 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s24Mjc1O052484; Tue, 4 Mar 2014 22:45:38 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s24MjbkH052480; Tue, 4 Mar 2014 22:45:37 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403042245.s24MjbkH052480@svn.freebsd.org> From: Glen Barber Date: Tue, 4 Mar 2014 22:45:37 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44124 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Mar 2014 22:45:38 -0000 Author: gjb Date: Tue Mar 4 22:45:37 2014 New Revision: 44124 URL: http://svnweb.freebsd.org/changeset/doc/44124 Log: Add the schedule for 9.3-RELEASE. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Added: head/en_US.ISO8859-1/htdocs/releases/9.3R/ head/en_US.ISO8859-1/htdocs/releases/9.3R/Makefile - copied, changed from r44122, head/en_US.ISO8859-1/htdocs/releases/9.2R/Makefile head/en_US.ISO8859-1/htdocs/releases/9.3R/docbook.css - copied unchanged from r44122, head/en_US.ISO8859-1/htdocs/releases/9.2R/docbook.css head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml - copied, changed from r44122, head/en_US.ISO8859-1/htdocs/releases/9.2R/schedule.xml Copied and modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/Makefile (from r44122, head/en_US.ISO8859-1/htdocs/releases/9.2R/Makefile) ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.2R/Makefile Tue Mar 4 20:54:36 2014 (r44122, copy source) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/Makefile Tue Mar 4 22:45:37 2014 (r44124) @@ -7,14 +7,8 @@ .include "../Makefile.inc" .endif -DOCS= announce.xml \ - relnotes.xml \ - schedule.xml +DOCS= schedule.xml -DATA= docbook.css \ - errata.html \ - hardware.html \ - installation.html \ - readme.html +DATA= docbook.css .include "${DOC_PREFIX}/share/mk/web.site.mk" Copied: head/en_US.ISO8859-1/htdocs/releases/9.3R/docbook.css (from r44122, head/en_US.ISO8859-1/htdocs/releases/9.2R/docbook.css) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/docbook.css Tue Mar 4 22:45:37 2014 (r44124, copy of r44122, head/en_US.ISO8859-1/htdocs/releases/9.2R/docbook.css) @@ -0,0 +1,208 @@ +/* + * Copyright (c) 2001, 2003, 2010 The FreeBSD Documentation Project + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +BODY ADDRESS { + line-height: 1.3; + margin: .6em 0; +} + +BODY BLOCKQUOTE { + margin-top: .75em; + line-height: 1.5; + margin-bottom: .75em; +} + +HTML BODY { + margin: 1em 8% 1em 10%; + line-height: 1.2; +} + +.LEGALNOTICE { + font-size: small; + font-variant: small-caps; +} + +BODY DIV { + margin: 0; +} + +DL { + margin: .8em 0; + line-height: 1.2; +} + +BODY FORM { + margin: .6em 0; +} + +H1, H2, H3, H4, H5, H6, +DIV.EXAMPLE P B, +.QUESTION, +DIV.TABLE P B, +DIV.PROCEDURE P B { + color: #990000; +} + +BODY H1, BODY H2, BODY H3, BODY H4, BODY H5, BODY H6 { + line-height: 1.3; + margin-left: 0; +} + +BODY H1, BODY H2 { + margin: .8em 0 0 -4%; +} + +BODY H3, BODY H4 { + margin: .8em 0 0 -3%; +} + +BODY H5 { + margin: .8em 0 0 -2%; +} + +BODY H6 { + margin: .8em 0 0 -1%; +} + +BODY HR { + margin: .6em; + border-width: 0 0 1px 0; + border-style: solid; + border-color: #cecece; +} + +BODY IMG.NAVHEADER { + margin: 0 0 0 -4%; +} + +OL { + margin: 0 0 0 5%; + line-height: 1.2; +} + +BODY PRE { + margin: .75em 0; + line-height: 1.0; + font-family: monospace; +} + +BODY TD, BODY TH { + line-height: 1.2; +} + +UL, BODY DIR, BODY MENU { + margin: 0 0 0 5%; + line-height: 1.2; +} + +HTML { + margin: 0; + padding: 0; +} + +BODY P B.APPLICATION { + color: #000000; +} + +.FILENAME { + color: #007a00; +} + +.GUIMENU, .GUIMENUITEM, .GUISUBMENU, +.GUILABEL, .INTERFACE, +.SHORTCUT, .SHORTCUT .KEYCAP { + font-weight: bold; +} + +.GUIBUTTON { + background-color: #CFCFCF; + padding: 2px; +} + +.ACCEL { + background-color: #F0F0F0; + text-decoration: underline; +} + +.SCREEN { + padding: 1ex; +} + +.PROGRAMLISTING { + padding: 1ex; + background-color: #eee; + border: 1px solid #ccc; +} + +@media screen { /* hide from IE3 */ + a[href]:hover { background: #ffa } +} + +BLOCKQUOTE.NOTE { + color: #222; + background: #eee; + border: 1px solid #ccc; + padding: 0.4em 0.4em; + width: 85%; +} + +BLOCKQUOTE.TIP { + color: #004F00; + background: #d8ecd6; + border: 1px solid green; + padding: 0.2em 2em; + width: 85%; +} + +BLOCKQUOTE.IMPORTANT { + font-style:italic; + border: 1px solid #a00; + border-left: 12px solid #c00; + padding: 0.1em 1em; +} + +BLOCKQUOTE.WARNING { + color: #9F1313; + background: #f8e8e8; + border: 1px solid #e59595; + padding: 0.2em 2em; + width: 85%; +} + +.EXAMPLE { + background: #fefde6; + border: 1px solid #f1bb16; + margin: 1em 0; + padding: 0.2em 2em; + width: 90%; +} + +.INFORMALTABLE TABLE.CALSTABLE TR TD { + padding-left: 1em; + padding-right: 1em; +} Copied and modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml (from r44122, head/en_US.ISO8859-1/htdocs/releases/9.2R/schedule.xml) ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.2R/schedule.xml Tue Mar 4 20:54:36 2014 (r44122, copy source) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Tue Mar 4 22:45:37 2014 (r44124) @@ -2,9 +2,9 @@ - + - + ]> @@ -44,23 +44,23 @@ Initial release schedule announcement - - 23 June 2013 + 4 March 2014 Release Engineers send announcement email to developers with a rough schedule. Release schedule reminder - 1 July 2013 - 4 July 2013 + 4 April 2014 + - Release Engineers send reminder announcement e-mail to developers with updated schedule. Code slush begins - 6 July 2013 - 6 July 2013 + 9 May 2014 + - Release Engineers announce that all further commits to the &local.branch.stable; branch will not require explicit approval, however new features should be avoided. @@ -68,8 +68,8 @@ Code freeze begins - 12 July 2013 - 12 July 2013 + 23 May 2014 + - Release Engineers announce that all further commits to the &local.branch.stable; branch will require explicit approval. Certain blanket approvals will be granted for narrow areas of @@ -78,74 +78,65 @@ BETA1 builds begin - 19 July 2013 - 19 July 2013 + 30 May 2014 + - First beta test snapshot. BETA2 builds begin - 26 July 2013 - 26 July 2013 + 6 June 2014 + - Second beta test snapshot. &local.branch.releng; branch - 1 August 2013 - 3 August 2013 + 20 June 2014 + - Subversion branch created; future release engineering proceeds on this branch. RC1 builds begin - 2 August 2013 - 3 August 2013 + 20 June 2014 + - First release candidate. RC2 builds begin - 9 August 2013 - 15 August 2013 + 27 June 2014 + - Second release candidate. RC3 builds begin - 16 August 2013 - 24 August 2013 + 4 July 2014 + - Third release candidate. - RC4 builds begin - 31 August 2013 - 11 September 2013 - Fourth release candidate. - - - RELEASE builds begin - 23 August 2013
    - 6 September 2013 - 26 September 2013 - 9.2-RELEASE built. + 11 July 2014 + - + &local.rel;-RELEASE built. RELEASE announcement - 31 August 2013
    - 14 September 2013 - 30 September 2013 - 9.2-RELEASE press release. + 16 July 2014 + - + &local.rel;-RELEASE press release. Turn over to the secteam - - 15 October 2013 + - &local.branch.releng; branch is handed over to the FreeBSD Security Officer Team in one or two weeks after the announcement. @@ -154,14 +145,14 @@

    Additional Information

      From owner-svn-doc-all@FreeBSD.ORG Tue Mar 4 22:46:08 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 85475C18; Tue, 4 Mar 2014 22:46:08 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 71976774; Tue, 4 Mar 2014 22:46:08 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s24Mk8Fb052585; Tue, 4 Mar 2014 22:46:08 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s24Mk8wa052584; Tue, 4 Mar 2014 22:46:08 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403042246.s24Mk8wa052584@svn.freebsd.org> From: Glen Barber Date: Tue, 4 Mar 2014 22:46:08 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44125 - head/en_US.ISO8859-1/htdocs/releases X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Mar 2014 22:46:08 -0000 Author: gjb Date: Tue Mar 4 22:46:07 2014 New Revision: 44125 URL: http://svnweb.freebsd.org/changeset/doc/44125 Log: Connect 9.3R to the build. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/Makefile Modified: head/en_US.ISO8859-1/htdocs/releases/Makefile ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/Makefile Tue Mar 4 22:45:37 2014 (r44124) +++ head/en_US.ISO8859-1/htdocs/releases/Makefile Tue Mar 4 22:46:07 2014 (r44125) @@ -17,7 +17,7 @@ SUBDIR+= 5.0R 5.1R 5.2R 5.2.1R 5.3R 5.4R SUBDIR+= 6.0R 6.1R 6.2R 6.3R 6.4R SUBDIR+= 7.0R 7.1R 7.2R 7.3R 7.4R SUBDIR+= 8.0R 8.1R 8.2R 8.3R 8.4R -SUBDIR+= 9.0R 9.1R 9.2R +SUBDIR+= 9.0R 9.1R 9.2R 9.3R SUBDIR+= 10.0R .if defined(NEW_BUILD) From owner-svn-doc-all@FreeBSD.ORG Wed Mar 5 02:29:00 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 55058D46; Wed, 5 Mar 2014 02:29:00 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 42A0EE64; Wed, 5 Mar 2014 02:29:00 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s252T0Pb044875; Wed, 5 Mar 2014 02:29:00 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s252T0OD044874; Wed, 5 Mar 2014 02:29:00 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403050229.s252T0OD044874@svn.freebsd.org> From: Warren Block Date: Wed, 5 Mar 2014 02:29:00 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44126 - head/share/misc X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Mar 2014 02:29:00 -0000 Author: wblock Date: Wed Mar 5 02:28:59 2014 New Revision: 44126 URL: http://svnweb.freebsd.org/changeset/doc/44126 Log: Remove line-height settings for lines in screen and programlisting elements which were hiding underlines in text. Submitted by: James Riggs Modified: head/share/misc/docbook.css Modified: head/share/misc/docbook.css ============================================================================== --- head/share/misc/docbook.css Tue Mar 4 22:46:07 2014 (r44125) +++ head/share/misc/docbook.css Wed Mar 5 02:28:59 2014 (r44126) @@ -274,7 +274,6 @@ html { border-color: #EEB985; border-width: 0 0 0 24px; border-radius: 6px; - line-height: 1.1; counter-reset: code; } @@ -287,7 +286,6 @@ html { border-color: #BABABA; border-width: 0 0 0 24px; border-radius: 6px; - line-height: 1.1; counter-reset: code; } From owner-svn-doc-all@FreeBSD.ORG Wed Mar 5 09:20:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2C46D3B7; Wed, 5 Mar 2014 09:20:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id F3BF6EF1; Wed, 5 Mar 2014 09:20:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s259KsBl011361; Wed, 5 Mar 2014 09:20:54 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s259KsMI011358; Wed, 5 Mar 2014 09:20:54 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201403050920.s259KsMI011358@svn.freebsd.org> From: Ryusuke SUZUKI Date: Wed, 5 Mar 2014 09:20:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44127 - head/ja_JP.eucJP/htdocs/internal X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Mar 2014 09:20:55 -0000 Author: ryusuke Date: Wed Mar 5 09:20:54 2014 New Revision: 44127 URL: http://svnweb.freebsd.org/changeset/doc/44127 Log: - Merge the following from the English version: r43462 -> r44116 head/ja_JP.eucJP/htdocs/internal/machines.xml Modified: head/ja_JP.eucJP/htdocs/internal/about.xml head/ja_JP.eucJP/htdocs/internal/machines.xml Modified: head/ja_JP.eucJP/htdocs/internal/about.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/internal/about.xml Wed Mar 5 02:28:59 2014 (r44126) +++ head/ja_JP.eucJP/htdocs/internal/about.xml Wed Mar 5 09:20:54 2014 (r44127) @@ -1,11 +1,11 @@ ]> - + @@ -31,12 +31,15 @@

      もちろんこれらのシステムでは FreeBSD が動作しています。 このハードウェアとネットワークコネクションは、 - BSDi, - Yahoo! や他の + BSDi, Bytemark Hosting, Internet Systems Consortium, New York Internet, Yahoo! や他の コントリビュータ からの FreeBSD プロジェクトへの多大な寄付によるものです。

      -

      FreeBSD.org ドメインにある全ホスト名の完全なリストは、 +

      一般的にアクセス可能な FreeBSD.org ドメインのコンピュータの一覧は、 FreeBSD.org ネットワーク のページにあります。

      Modified: head/ja_JP.eucJP/htdocs/internal/machines.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/internal/machines.xml Wed Mar 5 02:28:59 2014 (r44126) +++ head/ja_JP.eucJP/htdocs/internal/machines.xml Wed Mar 5 09:20:54 2014 (r44127) @@ -4,7 +4,7 @@ ]> - + @@ -144,11 +144,6 @@ -ipv6gw -IPv6 トンネルルータ (peer は ISC) - - - mx1 到着メール配送メールサーバ From owner-svn-doc-all@FreeBSD.ORG Wed Mar 5 14:23:31 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 77986F61; Wed, 5 Mar 2014 14:23:31 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 62ECBE3C; Wed, 5 Mar 2014 14:23:31 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s25ENVVi037807; Wed, 5 Mar 2014 14:23:31 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s25ENVoa037806; Wed, 5 Mar 2014 14:23:31 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403051423.s25ENVoa037806@svn.freebsd.org> From: Warren Block Date: Wed, 5 Mar 2014 14:23:31 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44128 - head/en_US.ISO8859-1/books/handbook/audit X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Mar 2014 14:23:31 -0000 Author: wblock Date: Wed Mar 5 14:23:30 2014 New Revision: 44128 URL: http://svnweb.freebsd.org/changeset/doc/44128 Log: Remove extraneous word. PR: docs/187279 Submitted by: Vladimir Romanov Modified: head/en_US.ISO8859-1/books/handbook/audit/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/audit/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/audit/chapter.xml Wed Mar 5 09:20:54 2014 (r44127) +++ head/en_US.ISO8859-1/books/handbook/audit/chapter.xml Wed Mar 5 14:23:30 2014 (r44128) @@ -589,7 +589,7 @@ trailer,133 This audit represents a successful execve call, in which the command finger doug has been run. The arguments - token contains both the processed command line presented by + token contains the processed command line presented by the shell to the kernel. The path token holds the path to the executable as looked up by the kernel. The attribute token describes the binary, From owner-svn-doc-all@FreeBSD.ORG Wed Mar 5 15:23:52 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5BB08534; Wed, 5 Mar 2014 15:23:52 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 2CE28803; Wed, 5 Mar 2014 15:23:52 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s25FNqUs061666; Wed, 5 Mar 2014 15:23:52 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s25FNqRh061665; Wed, 5 Mar 2014 15:23:52 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201403051523.s25FNqRh061665@svn.freebsd.org> From: Mathieu Arnold Date: Wed, 5 Mar 2014 15:23:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44129 - head/en_US.ISO8859-1/books/porters-handbook/slow-porting X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Mar 2014 15:23:52 -0000 Author: mat (ports committer) Date: Wed Mar 5 15:23:51 2014 New Revision: 44129 URL: http://svnweb.freebsd.org/changeset/doc/44129 Log: Update the slow-porting chapter. Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/slow-porting/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/slow-porting/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/slow-porting/chapter.xml Wed Mar 5 14:23:30 2014 (r44128) +++ head/en_US.ISO8859-1/books/porters-handbook/slow-porting/chapter.xml Wed Mar 5 15:23:51 2014 (r44129) @@ -100,9 +100,18 @@ + The package target is run. + This creates a package using the files from the temporary + directory created during the + stage target and the port's + pkg-plist. + + + The install target is run. - This copies the files listed in the port's pkg-plist to the - host system. + This install the package created during the + package target into the host + system. @@ -255,133 +264,153 @@ &prompt.user; cp file file.orig - Patches are saved into files named - patch-* where * - indicates the pathname of the file that is patched, such as - patch-Imakefile or - patch-src-config.h. - - After the file has been modified, &man.diff.1; is used to - record the differences between the original and the modified - version. causes &man.diff.1; to produce - unified diffs, the preferred form. - - &prompt.user; diff -u file.orig file > patch-pathname-file - - When generating patches for new, added files, - is added to tell &man.diff.1; to treat the - non-existent original file as if it existed but was - empty: - - &prompt.user; diff -u -N newfile.orig newfile > patch-pathname-newfile - - Patch files are stored in PATCHDIR - (usually files/, from - where they will be automatically applied. All patches must be - relative to WRKSRC (generally the directory - the port's tarball unpacks itself into, that being where the - build is done). To make fixes and upgrades easier, avoid having - more than one patch fix the same file (that is, - patch-file and - patch-file2 both changing - WRKSRC/foobar.c). Note that if the path of - a patched file contains an underscore (_) - character, the patch needs to have two underscores instead in - its name. For example, to patch a file named - src/freeglut_joystick.c, the corresponding - patch should be named - patch-src-freeglut__joystick.c. - - Please only use characters - [-+._a-zA-Z0-9] for naming patches. Do not - use any other characters besides them. Do not name patches like - patch-aa or patch-ab, - always mention the path and file name in patch names. - - There is an alternate, easier method for creating patches to - existing files. The first steps are the same, make a copy of - the unmodified file with an .orig - extension, then make modifications. Then use - make makepatch to write updated patch files - to the files directory of the port. - - Do not put RCS strings in patches. - Subversion will mangle them when we - put the files into the ports tree, and when we check them out - again, they will come out different and the patch will fail. - RCS strings are surrounded by dollar - ($) signs, and typically start with - $Id or - $RCS. - - Using the recurse () option to - &man.diff.1; to generate patches is fine, but please look at the - resulting patches to make sure there is no unnecessary junk in - there. In particular, diffs between two backup files, - Makefiles when the port uses - Imake or GNU configure, - etc., are unnecessary and should be deleted. If it was - necessary to edit configure.in and run - autoconf to regenerate - configure, do not take the diffs of - configure (it often grows to a few thousand - lines!). Instead, define - USE_AUTOTOOLS=autoconf:261 and take the diffs - of configure.in. - - Try to minimize the amount of non-functional whitespace - changes in patches. It is common in the Open Source world for - projects to share large amounts of a code base, but obey - different style and indenting rules. When taking a working - piece of functionality from one project to fix similar areas in - another, please be careful: the resulting line patch may be full - of non-functional changes. It not only increases the size of - the Subversion repository but makes - it hard to find out what exactly caused the problem and what was - changed at all. - - If a file must be deleted, do it in the - post-extract target rather than as - part of the patch. - - Simple replacements can be performed directly from the port - Makefile using the in-place mode of - &man.sed.1;. This is useful when changes use the value of a - variable: + + Automatic Patch Generation + + When all the files have been modified, use make + makepatch from the port directory to write updated + patch files to the files directory of the + port. + + + + + Manual Patch Generation + + Patches are saved into files named + patch-* where + * indicates the pathname of the + file that is patched, such as + patch-Imakefile or + patch-src-config.h. + + After the file has been modified, &man.diff.1; is used to + record the differences between the original and the modified + version. causes &man.diff.1; to produce + unified diffs, the preferred form. + + &prompt.user; diff -u file.orig file > patch-pathname-file + + When generating patches for new, added files, + is added to tell &man.diff.1; to treat the + non-existent original file as if it existed but was + empty: + + &prompt.user; diff -u -N newfile.orig newfile > patch-pathname-newfile + + Patch files are stored in PATCHDIR + (usually files/, from + where they will be automatically applied. All patches must be + relative to WRKSRC (generally the directory + the port's tarball unpacks itself into, that being where the + build is done). To make fixes and upgrades easier, avoid + having more than one patch fix the same file (that is, + patch-file and + patch-file2 both changing + WRKSRC/foobar.c). Note that in the path + of a patched file the / are to be replaced + with two underscores __. For example, to + patch a file named + src/freeglut_joystick.c, the + corresponding patch should be named + patch-src__freeglut_joystick.c. + + Please only use characters + [-+._a-zA-Z0-9] for naming patches. Do not + use any other characters besides them. Do not name patches + like patch-aa or + patch-ab, always mention the path and + file name in patch names. + + Do not put RCS strings in patches. + Subversion will mangle them when we + put the files into the ports tree, and when we check them out + again, they will come out different and the patch will fail. + RCS strings are surrounded by dollar + ($) signs, and typically start with + $Id or + $RCS. + + Using the recurse () option to + &man.diff.1; to generate patches is fine, but please look at + the resulting patches to make sure there is no unnecessary + junk in there. In particular, diffs between two backup files, + Makefiles when the port uses + Imake or GNU configure, + etc., are unnecessary and should be deleted. If it was + necessary to edit configure.in and run + autoconf to regenerate + configure, do not take the diffs of + configure (it often grows to a few thousand + lines!). Instead, define + USE_AUTOTOOLS=autoconf:261 and take the + diffs of configure.in. + + + + + General Rules for Patching + + Try to minimize the amount of non-functional whitespace + changes in patches. It is common in the Open Source world for + projects to share large amounts of a code base, but obey + different style and indenting rules. When taking a working + piece of functionality from one project to fix similar areas + in another, please be careful: the resulting line patch may be + full of non-functional changes. It not only increases the + size of the Subversion repository + but makes it hard to find out what exactly caused the problem + and what was changed at all. + + If a file must be deleted, do it in the + post-extract target rather than as + part of the patch. + + + + + Simple Automatic Replacements + + Simple replacements can be performed directly from the + port Makefile using the in-place mode of + &man.sed.1;. This is useful when changes use the value of a + variable: - post-patch: + post-patch: @${REINPLACE_CMD} -e 's|for Linux|for FreeBSD|g' ${WRKSRC}/README - Quite often, software being ported uses the CR/LF convention - in source files. This may cause problems with further patching, - compiler warnings, or script execution (like - /bin/sh^M not found.) To quickly convert all - files from CR/LF to just LF, add this entry to the port - Makefile: + Quite often, software being ported uses the CR/LF + convention in source files. This may cause problems with + further patching, compiler warnings, or script execution (like + /bin/sh^M not found.) To quickly convert + all files from CR/LF to just LF, add this entry to the port + Makefile: - USES= dos2unix + USES= dos2unix - A list of specific files to convert can be given: + A list of specific files to convert can be given: - USES= dos2unix + USES= dos2unix DOS2UNIX_FILES= util.c util.h - Use DOS2UNIX_REGEX to convert a group of - files across subdirectories. Its argument is a - &man.find.1;-compatible regular expression. More on the format - is in &man.re.format.7;. This option is useful for converting - all files of a given extension. For example, convert all source - code files, leaving binary files intact: + Use DOS2UNIX_REGEX to convert a group + of files across subdirectories. Its argument is a + &man.find.1;-compatible regular expression. More on the + format is in &man.re.format.7;. This option is useful for + converting all files of a given extension. For example, + convert all source code files, leaving binary files + intact: - USES= dos2unix + USES= dos2unix DOS2UNIX_REGEX= .*\.([ch]|cpp) - A similar option is DOS2UNIX_GLOB, which - invokes find for each element listed in - it. + A similar option is DOS2UNIX_GLOB, + which invokes find for each element listed + in it. - USES= dos2unix + USES= dos2unix DOS2UNIX_GLOB= *.c *.cpp *.h + From owner-svn-doc-all@FreeBSD.ORG Wed Mar 5 15:50:09 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AE369D31; Wed, 5 Mar 2014 15:50:09 +0000 (UTC) Received: from prod2.absolight.net (mx3.absolight.net [IPv6:2a01:678:2:100::25]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 6BD91A29; Wed, 5 Mar 2014 15:50:09 +0000 (UTC) Received: from prod2.absolight.net (localhost [127.0.0.1]) by prod2.absolight.net (Postfix) with ESMTP id DD7EFBDC56; Wed, 5 Mar 2014 16:50:07 +0100 (CET) Received: from gw.in.absolight.net (gw-ecl.in.absolight.net [79.143.241.69]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "gw.in.absolight.net", Issuer "CA Cert Signing Authority" (not verified)) by prod2.absolight.net (Postfix) with ESMTPSA id BC712BDC5A; Wed, 5 Mar 2014 16:50:07 +0100 (CET) Received: from ogg.in.absolight.net (ogg.in.absolight.net [79.143.241.239]) by gw.in.absolight.net (Postfix) with ESMTP id E7ADB6127; Wed, 5 Mar 2014 16:50:06 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by ogg.in.absolight.net (Postfix) with ESMTP id 84A5B69D458C; Wed, 5 Mar 2014 16:50:06 +0100 (CET) Date: Wed, 05 Mar 2014 16:50:06 +0100 From: Mathieu Arnold To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: Re: svn commit: r44129 - head/en_US.ISO8859-1/books/porters-handbook/slow-porting Message-ID: In-Reply-To: <201403051523.s25FNqRh061665@svn.freebsd.org> References: <201403051523.s25FNqRh061665@svn.freebsd.org> X-Mailer: Mulberry/4.0.8 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Mar 2014 15:50:09 -0000 +--On 5 mars 2014 15:23:52 +0000 Mathieu Arnold wrote: | Author: mat (ports committer) | Date: Wed Mar 5 15:23:51 2014 | New Revision: 44129 | URL: http://svnweb.freebsd.org/changeset/doc/44129 | | Log: | Update the slow-porting chapter. Ah, I'm really sorry, I meant for it to be a two parter, quite a few of it is whitespace change, I splitted the sect1 about patching into four sect2. -- Mathieu Arnold From owner-svn-doc-all@FreeBSD.ORG Wed Mar 5 15:30:24 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C192A706; Wed, 5 Mar 2014 15:30:24 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id AC370854; Wed, 5 Mar 2014 15:30:24 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s25FUOjr062441; Wed, 5 Mar 2014 15:30:24 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s25FUOSn062440; Wed, 5 Mar 2014 15:30:24 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201403051530.s25FUOSn062440@svn.freebsd.org> From: Remko Lodder Date: Wed, 5 Mar 2014 15:30:24 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44130 - translations/nl_NL.ISO8859-1/books/handbook/basics X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Wed, 05 Mar 2014 16:13:11 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Mar 2014 15:30:24 -0000 Author: remko Date: Wed Mar 5 15:30:24 2014 New Revision: 44130 URL: http://svnweb.freebsd.org/changeset/doc/44130 Log: Import my latest work for the last two days. Do note that this is not complete and thus will not build. Facilitated by: Snow B.V. Modified: translations/nl_NL.ISO8859-1/books/handbook/basics/chapter.xml Modified: translations/nl_NL.ISO8859-1/books/handbook/basics/chapter.xml ============================================================================== --- translations/nl_NL.ISO8859-1/books/handbook/basics/chapter.xml Wed Mar 5 15:23:51 2014 (r44129) +++ translations/nl_NL.ISO8859-1/books/handbook/basics/chapter.xml Wed Mar 5 15:30:24 2014 (r44130) @@ -500,6 +500,826 @@ console none + + Wijzigingstijd wachtwoord + + + Standaard vervallen wachtwoorden niet. Dit kan + wel ingesteld worden per gebruiker, waardoor een of + meerdere gebruikers na het verlopen van een vooraf + bepaalde tijd, de gebruiker wordt gedwongen om het + wachtwoord te veranderen. + + + + + Account vervaldatum + + + Standaard laat &os; geen accounts na verloop van + tijd vervallen. Wanneer er accounts gemaakt worden + welke een korte levensduur kennen zoals een student + op een school, kan de vervaldatum worden ingesteld met + &man.pw.8;. Nadat de vervaldatum verstreken is kan er + niet meer worden ingelogd maar blijven de directories + en bestanden onder het account beschikbaar. + + + + + Volledige naam van de gebruiker + + + De gebruikersnaam identificeert de gebruiker uniek + binnen &os;, maar dit is niet per definitie ook de + daadwerkelijke volledige naam van de gebruiker. Net + als bij commentaar kan deze informatie spaties, + hoofdletters en meer dan 8 karakters bevatten. + + + + + Home directory + + + De home directory is het volledige pad naar een + directory op het systeem. Dit is het startpunt van + een gebruiker wanneer deze aanlogt. Een standaard + conventie is dat deze geplaatst worden in + /home/gebruikersnaam of in + /usr/home/gebruikersnaam. Elke + gebruiker bewaard zijn eigen bestanden en directories + in de eigen home directory. + + + + + Shell van de gebruiker + + + De shell levert de standaard werkomgeving op voor + een gebruiker wanneer deze interactie heeft met het + systeem. Er zijn veel verschillende soorten shells en + ervaren gebruikers hebben allen hun eigen voorkeuren + welke terug kunnen komen in de account + instellingen. + + + + + + + Het superuser account + + + accounts + superuser (root) + + + Het superuser account, vaak genoemd + root, wordt + gebruikt om het systeem te managen zonder limitatie + van privileges. Om deze reden wordt het dagelijks gebruik + van dit account zoals het versturen en ophalen van e-mail, + algemeen gebruik van het systeem en programmeren + afgeraden. + + De superuser, in tegenstellig tot andere accounts, kan + opereren zonder limitaties en bij misbruik van dit account + kan dat leiden tot spectaculaire problemen. + Gebruikeraccounts zijn niet in staat om het systeem per + ongeluk stuk te maken, dus het wordt aangeraden om in te + loggen als gewone gebruiker en alleen superuser te worden + als dat nodig is. + + Controleer alle op te voeren commando's als de superuser + dubbel of zelfs driedubbel, omdat een extra spatie of + ontbrekend karakter kan leiden tot permanente + databeschadigingen. + + Er zijn een aantal manieren om superuser privileges te + verkrijgen. Ondanks dat men in zou kunnen loggen als + root wordt dit + sterk afgeraden. + + In plaats daarvan kan &man.su.1; gebruikt worden om + superuser te worden. Als - gebruikt + wordt als argument voor dit commando zal de gebruiker ook + de superuser omgeving geladen krijgen. De gebruiker die dit + commando wilt gebruiken moet in de + wheel groep + vermeld staan anders zal dit commando falen. De + gebruiker moet ook op de hoogte zijn van het wachtwoord + voor het root + account. + + In dit voorbeeld wordt de gebruiker alleen superuser + zodat make install gestart kan worden, + omdat deze stap superuser rechten nodig heeft. Zodra het + commando uitgevoerd is typt de gebruiker + exit om het superuser account te + verlaten en terug te keren naar de reguliere privileges + behorende bij het gebruikers account. + + + Installeren van een programma als superuser + + &prompt.user; configure +&prompt.user; make +&prompt.user; su - +Password: +&prompt.root; make install +&prompt.root; exit +&prompt.user; + + + Het ingebouwde &man.su.1; framework werkt prima voor + een enkel systeem of kleine netwerken met een systeem + beheerder. Een alternatief is het installeren van de + security/sudo package of port. Deze + software kan activiteiten logging doen en stelt de + administrator in staat om te configureren welke gebruikers + welke commando's kunnen starten als de superuser. + + + + + Accounts beheren + + + accounts + aanpassen + + + &os; levert een variateit aan verschillende commando's + waarmee gebruikeraccounts beheerd kunnen worden. De meest + voorkomende commando's worden samengevat in: + gevolgd door een + aantal voorbeelden voor het gebruik hiervan. Zie de + handleiding van elk commando voor meer details en + gebruikersvoorbeelden. + + + Tools om gebruikeraccounts te beheren + + + + + + + + Commando + Samenvatting + + + + + &man.adduser.8; + De aangeraden CLI tool om nieuwe gebruikers + toe te voegen. + + + + &man.rmuser.8; + De aangeraden CLI tool om gebruikers te + verwijderen. + + + + &man.chpass.1; + Een flexibele tool om de gebruikersdatabase + aan te passen. + + + + &man.passwd.1; + De aangeraden CLI tool om gebruikers wachtwoorden + aan te passen. + + + + &man.pw.8; + Een krachtige en flexibele tool om alle aspecten + van een gebruikersaccount aan te passen. + + + +
      + + + <command>adduser</command> + + + accounts + toevoegen + + + + adduser + + + + /usr/share/skel + + + + skeleton directory + + + De aangeraden applicatie om nieuwe gebruikers toe te + voegen is &man.adduser.8;. Wanneer er een nieuwe gebruiker + wordt toegevoegd, past deze applicatie automatisch + /etc/passwd en + /etc/group aan. De applicatie maakt + ook meteen de home directorie aan voor de nieuwe gebruiker, + kopieert de standaard configuratie bestanden uit + /usr/share/skel en kan optioneel de + nieuwe gebruiker een email sturen met daarin een welkomst + boodschap. Deze applicatie moet gestart worden als de + superuser. + + De &man.adduser.8; applicatie is interactief en loopt + door een aantal stappen heen om een nieuw account aan te + kunnen maken. Zoals te zien is in + moet ofwel de + gegevens worden opgevoerd, of op Enter + worden gedrukt om de standaard waarden te accepteren, + welke getoond wordt in vierkante haken. In dit voorbeeld + wordt de gebruiker uitgenodigd voor de + wheel groep, + welke de gebruiker in staat stelt om superuser te worden + door middel van &man.su.1;. Zodra dit afgerond is zal + de applicatie vragen of er nog een nieuwe gebruiker + aangemaakt moet worden of dat het programma gestopt kan + worden. + + + Het toevoegen van een gebruiker op &os; + + &prompt.root; adduser +Username: jru +Full name: J. Random User +Uid (Leave empty for default): +Login group [jru]: +Login group is jru. Invite jru into other groups? []: wheel +Login class [default]: +Shell (sh csh tcsh zsh nologin) [sh]: zsh +Home directory [/home/jru]: +Home directory permissions (Leave empty for default): +Use password-based authentication? [yes]: +Use an empty password? (yes/no) [no]: +Use a random password? (yes/no) [no]: +Enter password: +Enter password again: +Lock out the account after creation? [no]: +Username : jru +Password : **** +Full Name : J. Random User +Uid : 1001 +Class : +Groups : jru wheel +Home : /home/jru +Shell : /usr/local/bin/zsh +Locked : no +OK? (yes/no): yes +adduser: INFO: Successfully added (jru) to the user database. +Add another user? (yes/no): no +Goodbye! +&prompt.root; + + + + Omdat het wachtwoord niet getoond wordt tijdens + het invoeren is het aangeraden om deze zorgvuldig op + te voeren tijdens het aanmaken van het gebruikers + account. + + + + + <command>rmuser</command + + + rmuser + + + + accounts + verwijderen + + + Om een gebruiker geheel van het systeem te verwijderen + moet de applicatie &man.rmuser.8; worden gestart als de + superuser. Dit commando voert de volgende stappen + uit: + + + + Verwijderd de &man.crontab.1; van de gebruiker, mits + deze bestaat. + + + + Verwijderd alle &man.at.1; opdrachten die toebehoren + aan de gebruiker. + + + + Stopt alle processen die eigendom zijn van de + gebruiker. + + + + Verwijdert de gebruiker uit het lokale wachtwoord + database bestand. + + + + Verwijderd de home directorie van de gebruiker, mits + deze eigendom is van de gebruiker. + + + + Verwijderd de binnengekomen emails van de gebruiker + uit /var/mail. + + + + Verwijderd alle bestanden van de gebruiker uit de + tijdelijke bestandsopslag directories zoals + /tmp. + + + + Als laatste wordt de gebruikersnaam verwijderd uit + alle groepen waarin de gebruikersnaam voorkomt. Dit + gebeurd in het /etc/group bestand. + Als de groep daarmee leeg raakt en dezelfde naam heeft + als de gebruikersnaam wordt deze verwijderd. Dit vult + de per gebruiker unieke groepen aan vanuit + &man.adduser.8; + + + + &man.rmuser.8; kan niet worden gebruikt om het superuser + account te verwijderen, omdat dat nagenoeg altijd tot + gigantische problemen zal leiden. + + Standaard wordt de interactieve modus gebruikt zoals te + zien is in het volgende voorbeeld: + + + Interactief accounts verwijderen met + <command>rmuser</command> + + &prompt.root; rmuser jru +Matching password entry: +jru:*:1001:1001::0:0:J. Random User:/home/jru:/usr/local/bin/zsh +Is this the entry you wish to remove? y +Remove user's home directory (/home/jru)? y +Removing user (jru): mailspool home passwd. +&prompt.root; + + + + + <command>chpass</command> + + + chpass + + + Elke gebruiker kan gebruik maken van de applicatie + &man.chpass.1; om de standaard shell en persoonlijke + informatie die gekoppeld is aan het account aan te + passen. De superuser kan deze applicatie gebruiken om + additionele account informatie aan te passen voor + elke gebruiker. + + Als de applicatie opgestart wordt zonder argumenten, + naast een eventuele gebruikersnaam zal &man.chpass.1; een + editor tonen met daarin de gebruikers informatie. Zodra + de gebruiker de editor afsluit zal de nieuwe informatie + worden opgeslagen in de gebruikers database. + + + De applicatie zal bij het afsluiten vragen om het + wachtwoord van de gebruiker, tenzij de applicatie gestart + was als de superuser. + + + In heeft + de superuser het volgende getypt: + chpass jru en bekijkt nu de velden die + aangepast kunnen worden voor deze gebruiker. Als + jru dit commando + start zullen alleen de laatste zes velden worden getoond en + beschikbaar voor bewerken, dit wordt getoond in + . + + + Gebruik maken van &man.chpass.1; als de + superuser + + #Changing user database information for jru. +Login: jru +Password: * +Uid [#]: 1001 +Gid [# or name]: 1001 +Change [month day year]: +Expire [month day year]: +Class: +Home directory: /home/jru +Shell: /usr/local/bin/zsh +Full Name: J. Random User +Office Location: +Office Phone: +Home Phone: +Other information: + + + + Gebruik maken van &man.chpass.1; als gewone + gebruiker + + #Changing user database information for jru. +Shell: /usr/local/bin/zsh +Full Name: J. Random User +Office Location: +Office Phone: +Home Phone: +Other information: + + + + &man.chfn.1; en &man.chsh.1; zijn links naar + naar &man.chpass.1; net als &man.ypchpass.1;, + &man.ypchfn.1; en &man.ypchsh.1;. Omdat + NIS ondersteuning impliciet + is, is het specificeren van yp + voor het command niet nodig. Hoe NIS geconfigureerd + moet worden wordt uitgelegd in + . + + + + + <command>passwd</command> + + + passwd + + + + accounts + wachtwoord wijzigen + + + Elke gebruiker kan gemakkelijk zijn wachtwoord + wijzigen door middel van &man.passwd.1;. Om te + voorkomen dat er per ongeluk of ongeauthoriseerde + wijzigingen plaatsvinden zal dit commando eerst + vragen om het huidige wachtwoord van de gebruiker + voor er een nieuw wachtwoord ingesteld kan worden: + + + Wijzigen van het wachtwoord + + &prompt.user; passwd +Changing local password for jru. +Old password: +New password: +Retype new password: +passwd: updating the database... +passwd: done + + + De superuser kan het wachtwoord van elke gebruiker + instellen door de gebruikersnaam te specificeren met het + startenv an &man.passwd.1;. Wanneer deze applicatie wordt + gestart als de superuser zal er niet + worden gevraagd om het huidige wachtwoord. Dit geeft de + mogelijkheid om het wachtwoord te veranderen als de + gebruiker het wachtwoord niet meer weet. + + + Het wijzigen van het wachtwoord van een andere + gebruiker door de superuser + + &prompt.root; passwd jru +Changing local password for jru. +New password: +Retype new password: +passwd: updating the database... +passwd: done + + + + Net als met &man.chpasswd.1;, is &man.yppasswd.1; + een link naar &man.passwd.1;, dus NIS + werkt met beide commando's. + + + + + <command>pw</command> + + + pw + + + &man.pw.8; is een CLI applicatie om gebruikers + en groepen aan te maken, te verwijderen, aan te passen + en te tonen. De applicatie fungeert als een front end + voor de systeem gebruikers en groepen bestanden. + &man.pw.8; heeft een erg krachtige set van command line + opties die het uitermate geschikt maken voor gebruik in + shell scripts, echter nieuwe gebruikers kunnen deze + applicatie lastiger vinden dan de andere commando's welke + gepresenteerd zijn in deze sectie. + +       + + + Gebruikers limiteren + + + gebruikers limiteren + + + + accounts + limiteren + + + &os; levert een administrator een aantal manieren om + de hoeveelheid systeem bronnen te limiteren voor individueel + gebruik. Deze limitaties worden besproken in twee delen: + disk quotas en andere bron limitaties. + + + quotas + + + + gebruikers limiteren + quotas + + + + disk quotas + + + Disk quotas limiteren de hoeveelheid disk ruimte welke + beschikbaar is voor gebruikers en leveren een snelle manier + om dit gebruik te controleren zonder dat dit elke keer + berekend moet worden. Quotas worden behandeld in + . + + De andere bron limitaties bevatten manieren om de + hoeveelheid CPU, memory en andere bronnen die een gebruiker + mag verbruiken. Deze worden gedefinieerd door middel van de + login klassen en hieronder behandeld. + + + /etc/login.conf + + + Login klassen worden gedefinieerd in + /etc/login.conf en in detail beschreven + in &man.login.conf.5;. Elk gebruikers account wordt + toegewezen aan een login klasse, default + wordt standaard gebruikt. Elke login klasse heeft een set + van login mogelijkheden geassocieerd. Een login mogelijkheid + is een name=value paar waar + name een welbekende identificatie + is en value een willekeurige string + welke zoals benodigd wordt verwerkt naar aanleiding van de + name. Het opzetten van login + klasses en mogelijkheden is vrij recht-toe recht-aan en + beschreven in &man.login.conf.5;. + + + &os; leest meestal niet direct het + /etc/login.conf bestand maar in plaats + daarvan de /etc/login.conf.db + database welke snellere opzoek mogelijkheden biedt. Zodra + het /etc/login.conf bestand wordt + bewerkt moet het /etc/login.conf.db + bestand worden bijgewerkt door middel van het volgende + commando: + + &prompt.root; cap_mkdb /etc/login.conf + + + Bron limitaties verschillen van de standaard login + mogelijkheden op twee manieren. Als eerste is er voor elke + limitatie een soft en een harde limiet. Een soft limiet kan + worden ingesteld door de gebruiker of een applicatie, maar kan + niet hoger worden ingesteld dan de harde limiet. De harde + limitatie kan verlaagd worden door een gebruiker, maar kan + alleen verhoogd worden door de superuser. Als tweede is + het zo dat bron limitaties gelden per proces voor een + specifieke gebruiker en niet voor de gebruiker in zijn + geheel. Deze verschillen zijn aanwezig door de verschillende + manieren van het gebruik van limitaties, dit is geen + implementatie beperking van het login mogelijkheden + framework., + + Hieronder staan de meest voorkomende bron limitaties. De + rest van de limitaties tezamen met andere login mogelijkheden + kunnen worden teruggevonden in &man.login.conf.5;. + + + + coredumpsize + + + De limitatie over de groote van een coredump bestand + + coredumpsize + + gegenereerd door een programmais ondergeschikt aan andere + limitaties + + gebruikers limiteren + coredumpsize + + over de disk ruimte, zoals filesize + of disk quotas. Deze limiet wordt vaak als een minder + zware methode om de disk consumptie te controleren. + Omdat gebruikers niet zelf een coredump genereren en + deze meestal niet verwijderen, kan deze instelling + voorkomen dat de disk ruimte voor de gebruiker op is + als er een grote applicatie gestart wordt en deze + crashed. + + + + + + cputime + + De maximale hoeveelheid CPU + + cputime + + + + gebruikers limiteren + cputime + + tijd een proces van een gebruiker mag consumeren. + Processen die dit overtreden worden door de kernel + gestopt. + + + Dit is een limitatie op de CPU + tijd die geconsumeerd wordt, + niet als percentage van de CPU zoals getoond in + sommige velden van &man.top.1; en &man.ps.1;. + + + + + + + filesize + + De maximale grootte van een bestand welke + + filesize + + + + gebruikers limiteren + filesize + + eigendom is van de gebruiker. In tegenstelling tot + disk quotas, geldt + deze limiet per individueel bestand en niet voor alle + bestanden welke eigendom zijn van een gebruiker. + + + + + + maxproc + + De maximale hoeveelheid processen + + maxproc + + + + gebruikers limiteren + maxproc + + welke een gebruiker kan hebben draaien. Dit is + inclusief voor en achtergrond processen. Dit + limiet mag niet groter zijn dan de systeem limiet + gespecificeerd door de kern.maxproc + &man.sysctl.8;. Als deze limiet te klein is kan dat + de productiviteit van de gebruiker beperken omdat het + vaak zo is dat een gebruiker meermalen is ingelogd of + door uitvoer door middel van pipelines. Sommige + processen zoals het compileren van een groot programma + kunnen veel processen opstarten. + + + + + memorylocked + + + De maximale hoeveelheid geheugen + + memorylocked + + + + gebruikers limiteren + memorylocked + + dat een proces kan vragen om in het hoofdgeheugen + gelocked te worden door gebruik te maken van + &man.mlock.2;. Sommige systeem kritische programma's + zoals &man.amd.8;, locken zichzelf in het geheugen + zodat als de machine begint te swappen, ze niet + meehelpen aan het stuk maken van de disk. + + + + + memoryuse + + + De maximale hoeveelheid geheugen + + memoryuse + + + + gebruikers limiteren + memoryuse + + dat een proces mag consumeren op elk willekeurig moment. + Dit bevat zowel het standaard geheugen als het gebruik + van swap. Dit is geen vangnet voor het allesomvattend + beperken van het geheugen, maar het is een goed + begin. + + + + + openfiles + + + De maximale hoeveelheid bestanden welke een proces + geopend kan hebben + + openfiles + + + + gebruikers limiteren + openfiles + . + In &os; worden bestanden gebruikt om sockets en IPC + kanalen te beschrijven, deze waarde mag dus niet te laag + worden ingesteld. De systeem-wijde limitatie hiervoor + wordt gedefinieerd door de + kern.maxfiles &man.sysctl.8;. + + + + + sbsize + + + De maximale hoeveelheid netwerk geheugen ofwel + mbufs + + sbsize + + + + gebruikers limiteren + sbsize + + die een gebruiker mag verbruiken. Dit kan in zijn + algemeenheid gebruikt worden om de hoeveeheid + netwerk communicatie te limiteren. + + + + + stacksize + XXXX RL: 1247 + + +       From owner-svn-doc-all@FreeBSD.ORG Wed Mar 5 16:29:38 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 10B50A9C; Wed, 5 Mar 2014 16:29:38 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id F00E4DF7; Wed, 5 Mar 2014 16:29:37 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s25GTbJR086642; Wed, 5 Mar 2014 16:29:37 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s25GTb8T086641; Wed, 5 Mar 2014 16:29:37 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403051629.s25GTb8T086641@svn.freebsd.org> From: Dru Lavigne Date: Wed, 5 Mar 2014 16:29:37 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44131 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Mar 2014 16:29:38 -0000 Author: dru Date: Wed Mar 5 16:29:37 2014 New Revision: 44131 URL: http://svnweb.freebsd.org/changeset/doc/44131 Log: Last merge shuffle in prep for technical review. Next few commits will clarify the info and check the order in which it is presented. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed Mar 5 15:30:24 2014 (r44130) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed Mar 5 16:29:37 2014 (r44131) @@ -3891,6 +3891,11 @@ ifconfig_lagg0="laggp + To use PXE when the machine starts, + select the Boot from network option in + the BIOS setup or type a function key + during system initialization. + There are many ways to set up diskless workstations. Many elements are involved, and most can be customized to suit local taste. The following will describe variations on the setup of a @@ -3983,9 +3988,200 @@ ifconfig_lagg0="laggp + Place tftpboot + anywhere on the server. Make sure that the location is + set in both /etc/inetd.conf and + /usr/local/etc/dhcpd.conf. + Refer to &man.diskless.8; for more information. + + + Setting Up the &man.chroot.8; Environment for the + <acronym>NFS</acronym> Root File System + + + + + Craig + Rodrigues + + +
      rodrigc@FreeBSD.org
      +       + Written by +       +       +       + + The &intel; Preboot eXecution Environment + (PXE) allows booting the operating system + over the network. PXE support is usually + provided in the BIOS where it can be enabled + in the BIOS settings which enable booting + from the network. A fully functioning + PXE setup also requires properly configured + DHCP and TFTP + servers. + + When the host computer boots, it receives information over + DHCP about where to obtain the initial boot + loader via TFTP. After the host computer + receives this information, it downloads the boot loader via + TFTP and then executes the boot loader. + This is documented in section 2.2.1 of the Preboot + Execution Environment (PXE) + Specification. In &os;, the boot loader retrieved + during the PXE process is + /boot/pxeboot. After + /boot/pxeboot executes, the &os; kernel is + loaded and the rest of the &os; bootup sequence proceeds. + Refer to for more information about the + &os; booting process. + + + + Choose a directory which will have a &os; + installation which will be NFS + mountable. For example, a directory such as + /b/tftpboot/FreeBSD/install can be + used. + + &prompt.root; export NFSROOTDIR=/b/tftpboot/FreeBSD/install +&prompt.root; mkdir -p ${NFSROOTDIR} + + + + Enable the NFS server by adding this line to + /etc/rc.conf + + nfs_server_enable="YES" + + + + + Export the diskless root directory via NFS by + adding the following to + /etc/exports: + + /b -ro -alldirs + + + + Restart the NFS server: + + &prompt.root; service nfsd restart + + + + Enable &man.inetd.8; by adding the following line to + /etc/rc.conf: + + inetd_enable="YES" + + + + Add the following line to + /etc/inetd.conf: + + tftp dgram udp wait root /usr/libexec/tftpd tftpd -l -s /b/tftpboot + + + Some + PXE versions require the + TCP version of + TFTP. In this case, add a second + line, replacing dgram udp with + stream tcp. + + + + + + Restart &man.inetd.8;: + + &prompt.root; service inetd restart + + + + Rebuild the &os; kernel and userland (): + + &prompt.root; cd /usr/src +&prompt.root; make buildworld +&prompt.root; make buildkernel + + + + Install &os; into the directory mounted over + NFS: + + &prompt.root; make installworld DESTDIR=${NFSROOTDIR} +&prompt.root; make installkernel DESTDIR=${NFSROOTDIR} +&prompt.root; make distribution DESTDIR=${NFSROOTDIR} + + + + Test that the TFTP server works + and can download the boot loader which will be obtained + via PXE: + + &prompt.root; tftp localhost +tftp> get FreeBSD/install/boot/pxeboot +Received 264951 bytes in 0.1 seconds + + + + Edit ${NFSROOTDIR}/etc/fstab and + create an entry to mount the root file system over + NFS: + + # Device Mountpoint FSType Options Dump Pass +myhost.example.com:/b/tftpboot/FreeBSD/install / nfs ro 0 0 + + Replace myhost.example.com + with the hostname or IP address of the + NFS server. In this example, the root + file system is mounted read-only in order to prevent + NFS clients from potentially deleting + the contents of the root file system. + + + + Set the root password in the &man.chroot.8; + environment: + + &prompt.root; chroot ${NFSROOTDIR} +&prompt.root; passwd + + This sets the root password for client machines which + are PXE booting. + + + + Enable &man.ssh.1; root logins for client machines + which are PXE booting by editing + ${NFSROOTDIR}/etc/ssh/sshd_config + and enabling PermitRootLogin. This + option is documented in &man.sshd.config.5;. + + + + Perform other customizations of the &man.chroot.8; + environment in ${NFSROOTDIR}. These customizations could + include things like adding packages with &man.pkg.add.1;, + editing the password file with &man.vipw.8;, or editing + &man.amd.conf.5; maps for automounting. For + example: + + &prompt.root; chroot ${NFSROOTDIR} +&prompt.root; pkg_add -r bash + + +       + Configuring the <application>ISC DHCP</application> Server @@ -4091,94 +4287,6 @@ ifconfig_lagg0="laggp - Configuring the - <acronym>NFS</acronym> Server - - Enable - NFS and export the appropriate file - system on the NFS server. - - Add this line to - /etc/rc.conf: - - nfs_server_enable="YES" - - Export the file system where the diskless root - directory is located by adding the following to - /etc/exports. Adjust the - mount point and replace - corbieres with the names of the diskless - workstations: - - /data/misc -alldirs -ro margaux corbieres - - Tell &man.mountd.8; to reread its configuration - file. If NFS is enabled in - /etc/rc.conf, it is recommended - to reboot instead. - - &prompt.root; service mountd restart - - - - Configuring the <acronym>TFTP</acronym> Server - - To use PXE when the machine starts, - select the Boot from network option in - the BIOS setup or type a function key - during system initialization. - - - TFTP - diskless operation - - - NFS - diskless operation - - - To enable &man.tftpd.8;, perform the following steps: - - - - Create a directory from which &man.tftpd.8; will - serve the files, such as - /tftpboot. - - - - Add this line to - /etc/inetd.conf: - - tftp dgram udp wait root /usr/libexec/tftpd tftpd -l -s /tftpboot - - - Some - PXE versions require the - TCP version of - TFTP. In this case, add a second - line, replacing dgram udp with - stream tcp. - - - - - Tell &man.inetd.8; to reread its configuration file. - Add to - /etc/rc.conf in order for this - command to execute correctly: - - &prompt.root; service inetd restart - - - - Place tftpboot - anywhere on the server. Make sure that the location is - set in both /etc/inetd.conf and - /usr/local/etc/dhcpd.conf. - - - Preparing the Root File System @@ -4294,183 +4402,6 @@ cd /usr/src/etc; make distribution - - - PXE Booting with an <acronym>NFS</acronym> Root File - System - - - - - Craig - Rodrigues - - -
      rodrigc@FreeBSD.org
      -       - Written by -       -       -       - - The &intel; Preboot eXecution Environment - (PXE) allows booting the operating system - over the network. PXE support is usually - provided in the BIOS where it can be enabled - in the BIOS settings which enable booting - from the network. A fully functioning - PXE setup also requires properly configured - DHCP and TFTP - servers. - - When the host computer boots, it receives information over - DHCP about where to obtain the initial boot - loader via TFTP. After the host computer - receives this information, it downloads the boot loader via - TFTP and then executes the boot loader. - This is documented in section 2.2.1 of the Preboot - Execution Environment (PXE) - Specification. In &os;, the boot loader retrieved - during the PXE process is - /boot/pxeboot. After - /boot/pxeboot executes, the &os; kernel is - loaded and the rest of the &os; bootup sequence proceeds. - Refer to for more information about the - &os; booting process. -       - - - Setting Up the &man.chroot.8; Environment for the - <acronym>NFS</acronym> Root File System - - - - Choose a directory which will have a &os; - installation which will be NFS - mountable. For example, a directory such as - /b/tftpboot/FreeBSD/install can be - used. - - &prompt.root; export NFSROOTDIR=/b/tftpboot/FreeBSD/install -&prompt.root; mkdir -p ${NFSROOTDIR} - - - - Enable the NFS server by following - the instructions in . - - - - Export the directory via NFS by - adding the following to - /etc/exports: - - /b -ro -alldirs - - - - Restart the NFS server: - - &prompt.root; service nfsd restart - - - - Enable &man.inetd.8; by following the steps outlined - in . - - - - Add the following line to - /etc/inetd.conf: - - tftp dgram udp wait root /usr/libexec/tftpd tftpd -l -s /b/tftpboot - - - - Restart &man.inetd.8;: - - &prompt.root; service inetd restart - - - - Rebuild the &os; kernel and userland (): - - &prompt.root; cd /usr/src -&prompt.root; make buildworld -&prompt.root; make buildkernel - - - - Install &os; into the directory mounted over - NFS: - - &prompt.root; make installworld DESTDIR=${NFSROOTDIR} -&prompt.root; make installkernel DESTDIR=${NFSROOTDIR} -&prompt.root; make distribution DESTDIR=${NFSROOTDIR} - - - - Test that the TFTP server works - and can download the boot loader which will be obtained - via PXE: - - &prompt.root; tftp localhost -tftp> get FreeBSD/install/boot/pxeboot -Received 264951 bytes in 0.1 seconds - - - - Edit ${NFSROOTDIR}/etc/fstab and - create an entry to mount the root file system over - NFS: - - # Device Mountpoint FSType Options Dump Pass -myhost.example.com:/b/tftpboot/FreeBSD/install / nfs ro 0 0 - - Replace myhost.example.com - with the hostname or IP address of the - NFS server. In this example, the root - file system is mounted read-only in order to prevent - NFS clients from potentially deleting - the contents of the root file system. - - - - Set the root password in the &man.chroot.8; - environment: - - &prompt.root; chroot ${NFSROOTDIR} -&prompt.root; passwd - - This sets the root password for client machines which - are PXE booting. - - - - Enable &man.ssh.1; root logins for client machines - which are PXE booting by editing - ${NFSROOTDIR}/etc/ssh/sshd_config - and enabling PermitRootLogin. This - option is documented in &man.sshd.config.5;. - - - - Perform other customizations of the &man.chroot.8; - environment in ${NFSROOTDIR}. These customizations could - include things like adding packages with &man.pkg.add.1;, - editing the password file with &man.vipw.8;, or editing - &man.amd.conf.5; maps for automounting. For - example: - - &prompt.root; chroot ${NFSROOTDIR} -&prompt.root; pkg_add -r bash - - - - Configuring Memory File Systems Used by <filename>/etc/rc.initdiskless</filename> From owner-svn-doc-all@FreeBSD.ORG Wed Mar 5 17:26:02 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C7874D2B; Wed, 5 Mar 2014 17:26:02 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id A77F73B0; Wed, 5 Mar 2014 17:26:02 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s25HQ2O0010891; Wed, 5 Mar 2014 17:26:02 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s25HQ2nJ010890; Wed, 5 Mar 2014 17:26:02 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403051726.s25HQ2nJ010890@svn.freebsd.org> From: Dru Lavigne Date: Wed, 5 Mar 2014 17:26:02 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44132 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Mar 2014 17:26:02 -0000 Author: dru Date: Wed Mar 5 17:26:02 2014 New Revision: 44132 URL: http://svnweb.freebsd.org/changeset/doc/44132 Log: Clarify introduction. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed Mar 5 16:29:37 2014 (r44131) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed Mar 5 17:26:02 2014 (r44132) @@ -3855,146 +3855,62 @@ ifconfig_lagg0="laggp diskless operation - A &os; machine can boot over the network and operate - without a local disk, using file systems mounted from an - NFS server. No system modification is - necessary, beyond standard configuration files. Such a system - is relatively easy to set up because all the necessary elements - are readily available: - - - The &intel; Preboot eXecution Environment - (PXE) can be used to load the kernel over - the network. It provides a form of smart boot - ROM built into some networking cards or - motherboards. See &man.pxeboot.8; for more details. - - - - A sample script - (/usr/share/examples/diskless/clone_root) - eases the creation and maintenance of the workstation's root - file system on the server. The script will probably require - a little customization. - - - - Standard system startup files exist in - /etc to detect and support a diskless - system startup. - - - - Swapping, if needed, can be done either to an - NFS file or to a local disk. - - - - To use PXE when the machine starts, - select the Boot from network option in - the BIOS setup or type a function key - during system initialization. - - There are many ways to set up diskless workstations. Many - elements are involved, and most can be customized to suit local - taste. The following will describe variations on the setup of a - complete system, emphasizing simplicity and compatibility with - the standard &os; startup scripts. The system described has - the following characteristics: - - - - The diskless workstations use a shared, read-only - / and - /usr. - - - - The root file system is a copy of a standard &os; root, - with some configuration files overridden by ones specific to - diskless operation or, possibly, to the workstation they - belong to. - - - - The parts of the root which have to be writable are - overlaid with &man.md.4; file systems. Any changes will be - lost when the system reboots. - - - - - As described, this system is insecure. It should live in - a protected area of a network and be untrusted by other - hosts. - - - - Background Information + (PXE) allows an operating system to boot + over the network. For example, a &os; system can boot over the network and operate + without a local disk, using file systems mounted from an + NFS server. PXE support is usually + available in the BIOS. To use + PXE when the machine starts, + select the Boot from network option in + the BIOS setup or type a function key + during system initialization.       - When setting up diskless workstations, several operations - need to be performed for a successful - bootstrap: + In order to provide the files needed for an operating system + to boot over the network, a + PXE setup also requires properly configured + DHCP, TFTP, and NFS + servers, where: - The machine needs to obtain initial parameters such as - its IP address, executable filename, - server name, and root path. This is done using the - DHCP or BOOTP - protocols. DHCP is a compatible - extension of BOOTP, and uses the same - port numbers and basic packet format. It is possible to - configure a system to use only BOOTP - and &man.bootpd.8; is included in the base &os; - system. - - DHCP has a number of advantages - over BOOTP such as nicer configuration - files and support for PXE. This - section describes mainly a DHCP - configuration, with equivalent examples using - &man.bootpd.8; when possible. The sample configuration - uses ISC DHCP which is - available in the Ports Collection. - + Initial parameters, such as an + IP address, executable boot filename and location, + server name, and root path are obtained from the + DHCP server. + - The machine needs to boot the loader using + The operating system loader file is booted using TFTP. - The root filesystem needs to be loaded using + The file systems are loaded using NFS. - - - The possible intermediate bootstrap programs and the - kernel need to be initialized and executed. - PXE loads &man.pxeboot.8;, which is - a modified version of the &os; third stage loader, - &man.loader.8;. The third stage loader will obtain most - parameters necessary to system startup and leave them - in the kernel environment before transferring control. - It is possible to use a GENERIC - kernel in this case. - - - - Finally, the machine needs to access its file systems - using NFS. - - Place tftpboot - anywhere on the server. Make sure that the location is - set in both /etc/inetd.conf and - /usr/local/etc/dhcpd.conf. + When a computer PXE boots, it receives information over + DHCP about where to obtain the initial boot + loader file. After the host computer + receives this information, it downloads the boot loader via + TFTP and then executes the boot loader. + In &os;, the boot loader file is + /boot/pxeboot. After + /boot/pxeboot executes, the &os; kernel is + loaded and the rest of the &os; bootup sequence proceeds, as described in + . - Refer to &man.diskless.8; for more information. - + This section describes how to configure these services + on a &os; system so that other systems can + PXE boot into &os;. Refer to &man.diskless.8; for more information. + + + As described, the system providing these services is insecure. It should live in + a protected area of a network and be untrusted by other + hosts. + @@ -4015,32 +3931,6 @@ ifconfig_lagg0="laggp - The &intel; Preboot eXecution Environment - (PXE) allows booting the operating system - over the network. PXE support is usually - provided in the BIOS where it can be enabled - in the BIOS settings which enable booting - from the network. A fully functioning - PXE setup also requires properly configured - DHCP and TFTP - servers. - - When the host computer boots, it receives information over - DHCP about where to obtain the initial boot - loader via TFTP. After the host computer - receives this information, it downloads the boot loader via - TFTP and then executes the boot loader. - This is documented in section 2.2.1 of the Preboot - Execution Environment (PXE) - Specification. In &os;, the boot loader retrieved - during the PXE process is - /boot/pxeboot. After - /boot/pxeboot executes, the &os; kernel is - loaded and the rest of the &os; bootup sequence proceeds. - Refer to for more information about the - &os; booting process. - Choose a directory which will have a &os; @@ -4051,6 +3941,11 @@ ifconfig_lagg0="laggp &prompt.root; export NFSROOTDIR=/b/tftpboot/FreeBSD/install &prompt.root; mkdir -p ${NFSROOTDIR} + + Place tftpboot + anywhere on the server. Make sure that the location is + set in both /etc/inetd.conf and + /usr/local/etc/dhcpd.conf. From owner-svn-doc-all@FreeBSD.ORG Wed Mar 5 18:10:33 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 652F1AAE; Wed, 5 Mar 2014 18:10:33 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id F3305A8E; Wed, 5 Mar 2014 18:10:32 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s25IAWjs028447; Wed, 5 Mar 2014 18:10:32 GMT (envelope-from gabor@svn.freebsd.org) Received: (from gabor@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s25IAWmI028446; Wed, 5 Mar 2014 18:10:32 GMT (envelope-from gabor@svn.freebsd.org) Message-Id: <201403051810.s25IAWmI028446@svn.freebsd.org> From: Gabor Kovesdan Date: Wed, 5 Mar 2014 18:10:32 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44133 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Mar 2014 18:10:33 -0000 Author: gabor Date: Wed Mar 5 18:10:32 2014 New Revision: 44133 URL: http://svnweb.freebsd.org/changeset/doc/44133 Log: - Rewrite text wrapping for HTML line numbering so that empty lines are not lost Reported by: wblock Modified: head/share/xml/freebsd-xhtml-common.xsl Modified: head/share/xml/freebsd-xhtml-common.xsl ============================================================================== --- head/share/xml/freebsd-xhtml-common.xsl Wed Mar 5 17:26:02 2014 (r44132) +++ head/share/xml/freebsd-xhtml-common.xsl Wed Mar 5 18:10:32 2014 (r44133) @@ -298,9 +298,27 @@ - - - + + + + + + + + + + + + + + + + + + + + + Configuring the <acronym>PXE</acronym> Client and From owner-svn-doc-all@FreeBSD.ORG Wed Mar 5 18:57:16 2014 Return-Path: <owner-svn-doc-all@FreeBSD.ORG> Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 576D6251; Wed, 5 Mar 2014 18:57:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 37899E8A; Wed, 5 Mar 2014 18:57:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s25IvGDS048985; Wed, 5 Mar 2014 18:57:16 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s25IvGeB048984; Wed, 5 Mar 2014 18:57:16 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403051857.s25IvGeB048984@svn.freebsd.org> From: Dru Lavigne <dru@FreeBSD.org> Date: Wed, 5 Mar 2014 18:57:16 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44135 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" <svn-doc-all.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/svn-doc-all/> List-Post: <mailto:svn-doc-all@freebsd.org> List-Help: <mailto:svn-doc-all-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=subscribe> X-List-Received-Date: Wed, 05 Mar 2014 18:57:16 -0000 Author: dru Date: Wed Mar 5 18:57:15 2014 New Revision: 44135 URL: http://svnweb.freebsd.org/changeset/doc/44135 Log: Editorial pass through Configuring DHCP section. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed Mar 5 18:27:36 2014 (r44134) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed Mar 5 18:57:15 2014 (r44135) @@ -4098,36 +4098,23 @@ Received 264951 bytes in 0.1 seconds</sc <secondary>diskless operation</secondary> </indexterm> - <para><acronym>PXE</acronym> requires a <acronym>TFTP</acronym> - and a <acronym>DHCP</acronym> server to be set up. The + <para>The <acronym>DHCP</acronym> server does not need to be the same - machine as the <acronym>TFTP</acronym> server, but it needs + machine as the <acronym>TFTP</acronym> and <acronym>NFS</acronym> server, but it needs to be accessible in the network.</para> - <para>The <application>ISC DHCP</application> server can - answer both <acronym>BOOTP</acronym> and - <acronym>DHCP</acronym> requests.</para> - - <para><application>ISC DHCP</application> is not part of the - base system. Install the + <para><acronym>DHCP</acronym> is not part of the &os; + base system but can be installed using the <package>net/isc-dhcp42-server</package> port or - package, following the instructions documented at <xref - linkend="network-dhcp-server"/>. Make sure that - <filename>/etc/rc.conf</filename> and - <filename>/usr/local/etc/dhcpd.conf</filename> are - correctly configured..</para> + package.</para> - <para>Once <application>ISC DHCP</application> is installed, - edit its configuration file, + <para>Once installed, + edit the configuration file, <filename>/usr/local/etc/dhcpd.conf</filename>. Configure the <literal>next-server</literal>, <literal>filename</literal>, and - <literal>option root-path</literal> settings to specify - the <acronym>TFTP</acronym> server <acronym>IP</acronym> - address, the path to <filename>/boot/pxeboot</filename> - in <acronym>TFTP</acronym>, and the path to the - <acronym>NFS</acronym> root file system. Here is a sample - <filename>dhcpd.conf</filename> setup:</para> + <literal>root-path</literal> settings as seen in this + example:</para> <programlisting>subnet 192.168.0.0 netmask 255.255.255.0 { range 192.168.0.2 192.168.0.3 ; @@ -4138,14 +4125,13 @@ Received 264951 bytes in 0.1 seconds</sc option domain-name "example.com"; # IP address of TFTP server - next-server 192.168.0.1 ; + next-server <replaceable>192.168.0.1</replaceable> ; - # path of boot loader obtained - # via tftp - filename "FreeBSD/install/boot/pxeboot" ; + # path of boot loader obtained via tftp + filename "<replaceable>FreeBSD/install/boot/pxeboot</replaceable>" ; # pxeboot boot loader will try to NFS mount this directory for root FS - option root-path "192.168.0.1:/b/tftpboot/FreeBSD/install/" ; + option root-path "<replaceable>192.168.0.1:/b/tftpboot/FreeBSD/install/</replaceable>" ; }</programlisting> @@ -4160,37 +4146,29 @@ Received 264951 bytes in 0.1 seconds</sc inside the <literal>host</literal> declarations.</para> --> - <para>The <literal>next-server</literal> directive - designates the <acronym>TFTP</acronym> or - <acronym>NFS</acronym> server to use for loading - &man.loader.8; or the kernel file. The default is to - use the same host as the <acronym>DHCP</acronym> + <para>The <literal>next-server</literal> directive is used + to specify the <acronym>IP</acronym> address of the + <acronym>TFTP</acronym> server.</para> <para>The <literal>filename</literal> directive defines - the file that <acronym>PXE</acronym> will load for the - next execution step. It must be specified according - to the transfer method used. - <acronym>PXE</acronym> uses <acronym>TFTP</acronym>, - which is why a relative filename is used here. Also, - <acronym>PXE</acronym> loads - <filename>pxeboot</filename>, not the kernel. There are - other interesting possibilities, like loading - <filename>pxeboot</filename> from a &os; CD-ROM - <filename>/boot</filename> directory. - Since &man.pxeboot.8; can load a - <filename>GENERIC</filename> kernel, it is possible to - use <acronym>PXE</acronym> to boot from a remote - CD-ROM.</para> + the path to <filename>/boot/pxeboot</filename>. A + relative filename is used, meaning that + <filename>/b/tftpboot</filename> is not included in the + path.</para> <para>The <literal>root-path</literal> option defines - the path to the root file system, in usual - <acronym>NFS</acronym> notation. When using - <acronym>PXE</acronym>, it is possible to leave off the - host's <acronym>IP</acronym> address as long as the - <acronym>BOOTP</acronym> kernel option is not enabled. - The <acronym>NFS</acronym> server will then be the - same as the <acronym>TFTP</acronym> one.</para> + the path to the <acronym>NFS</acronym> root file system.</para> + + <para>Once the edits are saved, enable + <acronym>NFS</acronym> at boot time by adding the + following line to <filename>/etc/rc.conf</filename>:</para> + + <programlisting>dhcpd_enable="YES"</programlisting> + + <para>Then, start the <acronym>DHCP</acronym> service:</para> + + <screen>&prompt.root; <userinput>service isc-dhcpd start</userinput></screen> </sect2> <!-- Are these sections still needed? From owner-svn-doc-all@FreeBSD.ORG Wed Mar 5 19:27:43 2014 Return-Path: <owner-svn-doc-all@FreeBSD.ORG> Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7758BEB5; Wed, 5 Mar 2014 19:27:43 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 642D9247; Wed, 5 Mar 2014 19:27:43 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s25JRhZX061564; Wed, 5 Mar 2014 19:27:43 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s25JRh3B061563; Wed, 5 Mar 2014 19:27:43 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403051927.s25JRh3B061563@svn.freebsd.org> From: Dru Lavigne <dru@FreeBSD.org> Date: Wed, 5 Mar 2014 19:27:43 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44136 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" <svn-doc-all.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/svn-doc-all/> List-Post: <mailto:svn-doc-all@freebsd.org> List-Help: <mailto:svn-doc-all-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=subscribe> X-List-Received-Date: Wed, 05 Mar 2014 19:27:43 -0000 Author: dru Date: Wed Mar 5 19:27:42 2014 New Revision: 44136 URL: http://svnweb.freebsd.org/changeset/doc/44136 Log: Finish editorial review of this chapter. Next commit will close PR62412. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed Mar 5 18:57:15 2014 (r44135) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed Mar 5 19:27:42 2014 (r44136) @@ -4290,29 +4290,27 @@ cd /usr/src/etc; make distribution</prog --> <sect2> - <title>Configuring the <acronym>PXE</acronym> Client and - Debugging Connection Problems + Debugging <acronym>PXE</acronym> Problems + Once all of the services are configured and started, + PXE clients should be able to + automatically load &os; over the network. If a particular + client is unable to connect, + when that client machine boots up, enter the + BIOS configuration menu and confirm + that it is set to boot from the network. + + This section describes some troubleshooting tips + for isolating the source of the configuration problem should no + clients be able to PXE boot. + - When the client machine boots up, enter the - BIOS configuration menu. Configure the - BIOS to boot from the network. If all - previous configuration steps are correct, everything - should "just work". - - - Use the net/wireshark package or port to debug the network traffic involved during the - PXE booting process, as illustrated - in the diagram below. In , an example - configuration is shown where the DHCP, - TFTP, and NFS - servers are on the same machine. However, these - servers can be on separate machines. + PXE booting process, which is illustrated + in the diagram below.
      <acronym>PXE</acronym> Booting Process with @@ -4373,8 +4371,7 @@ cd /usr/src/etc; make distribution</prog </step> <step> - <para>Make sure that the <filename>pxeboot</filename> file - can be retrieved by <acronym>TFTP</acronym>. On the + <para>On the <acronym>TFTP</acronym> server, read <filename>/var/log/xferlog</filename> to ensure that the <filename>pxeboot</filename> file is being retrieved from @@ -4397,21 +4394,6 @@ Received 264951 bytes in 0.1 seconds</sc <screen>&prompt.root; <userinput>mount -t nfs 192.168.0.1:/b/tftpboot/FreeBSD/install /mnt</userinput></screen> </step> - - <step> - <para>Read the code in - <filename>src/sys/boot/i386/libi386/pxe.c</filename> to - understand how the <filename>pxeboot</filename> loader - sets variables like <literal>boot.nfsroot.server</literal> - and <literal>boot.nfsroot.path</literal>. These variables - are then used in the <acronym>NFS</acronym> diskless root - mount code in - <filename>src/sys/nfsclient/nfs_diskless.c</filename>.</para> - </step> - - <step> - <para>Read &man.pxeboot.8; and &man.loader.8;.</para> - </step> </procedure> </sect2> </sect1> From owner-svn-doc-all@FreeBSD.ORG Wed Mar 5 19:33:39 2014 Return-Path: <owner-svn-doc-all@FreeBSD.ORG> Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A65413C3; Wed, 5 Mar 2014 19:33:39 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 935B42F0; Wed, 5 Mar 2014 19:33:39 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s25JXd2r065271; Wed, 5 Mar 2014 19:33:39 GMT (envelope-from dim@svn.freebsd.org) Received: (from dim@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s25JXdSh065270; Wed, 5 Mar 2014 19:33:39 GMT (envelope-from dim@svn.freebsd.org) Message-Id: <201403051933.s25JXdSh065270@svn.freebsd.org> From: Dimitry Andric <dim@FreeBSD.org> Date: Wed, 5 Mar 2014 19:33:39 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44137 - head/en_US.ISO8859-1/books/porters-handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" <svn-doc-all.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/svn-doc-all/> List-Post: <mailto:svn-doc-all@freebsd.org> List-Help: <mailto:svn-doc-all-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=subscribe> X-List-Received-Date: Wed, 05 Mar 2014 19:33:39 -0000 Author: dim (src committer) Date: Wed Mar 5 19:33:39 2014 New Revision: 44137 URL: http://svnweb.freebsd.org/changeset/doc/44137 Log: Document __FreeBSD_version values 902507 and 1000703. Modified: head/en_US.ISO8859-1/books/porters-handbook/versions.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/versions.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/versions.xml Wed Mar 5 19:27:42 2014 (r44136) +++ head/en_US.ISO8859-1/books/porters-handbook/versions.xml Wed Mar 5 19:33:39 2014 (r44137) @@ -4347,6 +4347,13 @@ it was never committed: </row> <row> + <entry>902507</entry> + <entry>March 5, 2014</entry> + <entry>9-STABLE after upgrade of libc++ to 3.4 release + (rev <revnumber>262801</revnumber>).</entry> +</row> + +<row> <entry>1000000</entry> <entry>September 26, 2011</entry> <entry>10.0-CURRENT.</entry> @@ -4914,6 +4921,13 @@ it was never committed: </row> <row> + <entry>1000703</entry> + <entry>March 5, 2014</entry> + <entry>10-STABLE after upgrade of libc++ to 3.4 release + (rev <revnumber>262801</revnumber>).</entry> +</row> + +<row> <entry>1100000</entry> <entry>October 10, 2013</entry> <entry>11.0-CURRENT From owner-svn-doc-all@FreeBSD.ORG Wed Mar 5 20:11:16 2014 Return-Path: <owner-svn-doc-all@FreeBSD.ORG> Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BB94F614; Wed, 5 Mar 2014 20:11:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id A68EC913; Wed, 5 Mar 2014 20:11:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s25KBGTU081019; Wed, 5 Mar 2014 20:11:16 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s25KBGSW081018; Wed, 5 Mar 2014 20:11:16 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403052011.s25KBGSW081018@svn.freebsd.org> From: Dru Lavigne <dru@FreeBSD.org> Date: Wed, 5 Mar 2014 20:11:16 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44138 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" <svn-doc-all.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/svn-doc-all/> List-Post: <mailto:svn-doc-all@freebsd.org> List-Help: <mailto:svn-doc-all-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=subscribe> X-List-Received-Date: Wed, 05 Mar 2014 20:11:16 -0000 Author: dru Date: Wed Mar 5 20:11:16 2014 New Revision: 44138 URL: http://svnweb.freebsd.org/changeset/doc/44138 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed Mar 5 19:33:39 2014 (r44137) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed Mar 5 20:11:16 2014 (r44138) @@ -37,7 +37,8 @@ </listitem> <listitem> - <para>How to set up network <acronym>PXE</acronym> booting.</para> + <para>How to set up network <acronym>PXE</acronym> + booting.</para> </listitem> <listitem> @@ -3856,60 +3857,61 @@ ifconfig_<literal>lagg0</literal>="laggp </indexterm> <para>The &intel; Preboot eXecution Environment - (<acronym>PXE</acronym>) allows an operating system to boot - over the network. For example, a &os; system can boot over the network and operate - without a local disk, using file systems mounted from an - <acronym>NFS</acronym> server. <acronym>PXE</acronym> support is usually - available in the <acronym>BIOS</acronym>. To use - <acronym>PXE</acronym> when the machine starts, - select the <literal>Boot from network</literal> option in - the <acronym>BIOS</acronym> setup or type a function key - during system initialization.</para> + (<acronym>PXE</acronym>) allows an operating system to boot over + the network. For example, a &os; system can boot over the + network and operate without a local disk, using file systems + mounted from an <acronym>NFS</acronym> server. + <acronym>PXE</acronym> support is usually available in the + <acronym>BIOS</acronym>. To use <acronym>PXE</acronym> when the + machine starts, select the <literal>Boot from network</literal> + option in the <acronym>BIOS</acronym> setup or type a function + key during system initialization.</para> <para>In order to provide the files needed for an operating system - to boot over the network, a - <acronym>PXE</acronym> setup also requires properly configured - <acronym>DHCP</acronym>, <acronym>TFTP</acronym>, and <acronym>NFS</acronym> - servers, where:</para> + to boot over the network, a <acronym>PXE</acronym> setup also + requires properly configured <acronym>DHCP</acronym>, + <acronym>TFTP</acronym>, and <acronym>NFS</acronym> servers, + where:</para> - <itemizedlist> - <listitem> - <para>Initial parameters, such as an - <acronym>IP</acronym> address, executable boot filename and location, - server name, and root path are obtained from the - <acronym>DHCP</acronym> server.</para> - </listitem> + <itemizedlist> + <listitem> + <para>Initial parameters, such as an <acronym>IP</acronym> + address, executable boot filename and location, server name, + and root path are obtained from the + <acronym>DHCP</acronym> server.</para> + </listitem> - <listitem> - <para>The operating system loader file is booted using - <acronym>TFTP</acronym>.</para> - </listitem> + <listitem> + <para>The operating system loader file is booted using + <acronym>TFTP</acronym>.</para> + </listitem> - <listitem> - <para>The file systems are loaded using - <acronym>NFS</acronym>.</para> - </listitem> - </itemizedlist> + <listitem> + <para>The file systems are loaded using + <acronym>NFS</acronym>.</para> + </listitem> + </itemizedlist> - <para>When a computer <acronym>PXE</acronym> boots, it receives information over - <acronym>DHCP</acronym> about where to obtain the initial boot - loader file. After the host computer - receives this information, it downloads the boot loader via - <acronym>TFTP</acronym> and then executes the boot loader. - In &os;, the boot loader file is + <para>When a computer <acronym>PXE</acronym> boots, it receives + information over <acronym>DHCP</acronym> about where to obtain + the initial boot loader file. After the host computer receives + this information, it downloads the boot loader via + <acronym>TFTP</acronym> and then executes the boot loader. In + &os;, the boot loader file is <filename>/boot/pxeboot</filename>. After <filename>/boot/pxeboot</filename> executes, the &os; kernel is - loaded and the rest of the &os; bootup sequence proceeds, as described in - <xref linkend="boot"/>.</para> + loaded and the rest of the &os; bootup sequence proceeds, as + described in <xref linkend="boot"/>.</para> - <para>This section describes how to configure these services - on a &os; system so that other systems can - <acronym>PXE</acronym> boot into &os;. Refer to &man.diskless.8; for more information.</para> - - <caution> - <para>As described, the system providing these services is insecure. It should live in - a protected area of a network and be untrusted by other - hosts.</para> + <para>This section describes how to configure these services on a + &os; system so that other systems can <acronym>PXE</acronym> + boot into &os;. Refer to &man.diskless.8; for more + information.</para> + + <caution> + <para>As described, the system providing these services is + insecure. It should live in a protected area of a network and + be untrusted by other hosts.</para> </caution> <sect2 xml:id="network-pxe-nfs"> @@ -3930,35 +3932,37 @@ ifconfig_<literal>lagg0</literal>="laggp </authorgroup> </info> - <para>The steps shown in this section configure the built-in - <acronym>NFS</acronym> and <acronym>TFTP</acronym> servers. The - next section demonstrates how to install and configure the - <acronym>DHCP</acronym> server. In this example, the - directory which will contain the files used by <acronym>PXE</acronym> users is - <filename>/b/tftpboot/FreeBSD/install</filename>. It is - important that this directory exists and that the same directory - name is set in both <filename>/etc/inetd.conf</filename> and - <filename>/usr/local/etc/dhcpd.conf</filename>.</para> + <para>The steps shown in this section configure the built-in + <acronym>NFS</acronym> and <acronym>TFTP</acronym> servers. + The next section demonstrates how to install and configure the + <acronym>DHCP</acronym> server. In this example, the + directory which will contain the files used by + <acronym>PXE</acronym> users is + <filename>/b/tftpboot/FreeBSD/install</filename>. It is + important that this directory exists and that the same + directory name is set in both + <filename>/etc/inetd.conf</filename> and + <filename>/usr/local/etc/dhcpd.conf</filename>.</para> <procedure> <step> - <para>Create the root directory which will contain a &os; installation - to be <acronym>NFS</acronym> mounted:</para> + <para>Create the root directory which will contain a &os; + installation to be <acronym>NFS</acronym> mounted:</para> <screen>&prompt.root; <userinput>export NFSROOTDIR=/b/tftpboot/FreeBSD/install</userinput> &prompt.root; <userinput>mkdir -p ${NFSROOTDIR}</userinput></screen> </step> <step> - <para>Enable the <acronym>NFS</acronym> server by adding this line to - <filename>/etc/rc.conf</filename>:</para> - + <para>Enable the <acronym>NFS</acronym> server by adding + this line to <filename>/etc/rc.conf</filename>:</para> + <programlisting>nfs_server_enable="YES"</programlisting> </step> <step> - <para>Export the diskless root directory via <acronym>NFS</acronym> by - adding the following to + <para>Export the diskless root directory via + <acronym>NFS</acronym> by adding the following to <filename>/etc/exports</filename>:</para> <programlisting>/b -ro -alldirs</programlisting> @@ -3984,14 +3988,13 @@ ifconfig_<literal>lagg0</literal>="laggp <programlisting>tftp dgram udp wait root /usr/libexec/tftpd tftpd -l -s /b/tftpboot</programlisting> - <note> - <para>Some - <acronym>PXE</acronym> versions require the - <acronym>TCP</acronym> version of - <acronym>TFTP</acronym>. In this case, uncomment the second - <literal>tftp</literal> line which contains - <literal>stream tcp</literal>.</para> - </note> + <note> + <para>Some <acronym>PXE</acronym> versions require the + <acronym>TCP</acronym> version of + <acronym>TFTP</acronym>. In this case, uncomment the + second <literal>tftp</literal> line which contains + <literal>stream tcp</literal>.</para> + </note> </step> <step> @@ -4002,7 +4005,8 @@ ifconfig_<literal>lagg0</literal>="laggp <step> <para>Rebuild the &os; kernel and userland (refer to <xref - linkend="makeworld"/> for more detailed instructions):</para> + linkend="makeworld"/> for more detailed + instructions):</para> <screen>&prompt.root; <userinput>cd /usr/src</userinput> &prompt.root; <userinput>make buildworld</userinput> @@ -4019,9 +4023,9 @@ ifconfig_<literal>lagg0</literal>="laggp </step> <step> - <para>Test that the <acronym>TFTP</acronym> server works - and can download the boot loader which will be obtained - via <acronym>PXE</acronym>:</para> + <para>Test that the <acronym>TFTP</acronym> server works and + can download the boot loader which will be obtained via + <acronym>PXE</acronym>:</para> <screen>&prompt.root; <userinput>tftp localhost</userinput> tftp> <userinput>get FreeBSD/install/boot/pxeboot</userinput> @@ -4046,26 +4050,28 @@ Received 264951 bytes in 0.1 seconds</sc <step> <para>Set the root password in the <acronym>PXE</acronym> - environment for client machines which - are <acronym>PXE</acronym> booting :</para> + environment for client machines which are + <acronym>PXE</acronym> booting :</para> <screen>&prompt.root; <userinput>chroot ${NFSROOTDIR}</userinput> &prompt.root; <userinput>passwd</userinput></screen> </step> <step> - <para>If needed, enable &man.ssh.1; root logins for client machines - which are <acronym>PXE</acronym> booting by editing - <filename>${NFSROOTDIR}/etc/ssh/sshd_config</filename> - and enabling <literal>PermitRootLogin</literal>. This - option is documented in &man.sshd.config.5;.</para> + <para>If needed, enable &man.ssh.1; root logins for client + machines which are <acronym>PXE</acronym> booting by + editing + <filename>${NFSROOTDIR}/etc/ssh/sshd_config</filename> and + enabling <literal>PermitRootLogin</literal>. This option + is documented in &man.sshd.config.5;.</para> </step> <step> - <para>Perform any other needed customizations of the <acronym>PXE</acronym> - environment in <filename>${NFSROOTDIR}</filename>. These customizations could - include things like installing packages or - editing the password file with &man.vipw.8;.</para> + <para>Perform any other needed customizations of the + <acronym>PXE</acronym> environment in + <filename>${NFSROOTDIR}</filename>. These customizations + could include things like installing packages or editing + the password file with &man.vipw.8;.</para> </step> </procedure> @@ -4091,32 +4097,31 @@ Received 264951 bytes in 0.1 seconds</sc </sect2> <sect2 xml:id="network-pxe-setting-up-dhcp"> - <title>Configuring the <acronym>DHCP</acronym> Server + Configuring the <acronym>DHCP</acronym> Server - - DHCP - diskless operation - + + DHCP + diskless operation + - The - DHCP server does not need to be the same - machine as the TFTP and NFS server, but it needs - to be accessible in the network. - - DHCP is not part of the &os; - base system but can be installed using the - net/isc-dhcp42-server port or - package. - - Once installed, - edit the configuration file, - /usr/local/etc/dhcpd.conf. Configure - the next-server, - filename, and - root-path settings as seen in this - example: + The DHCP server does not need to be the + same machine as the TFTP and + NFS server, but it needs to be accessible + in the network. + + DHCP is not part of the &os; base + system but can be installed using the + net/isc-dhcp42-server port or + package. + + Once installed, edit the configuration file, + /usr/local/etc/dhcpd.conf. Configure + the next-server, + filename, and + root-path settings as seen in this + example: - subnet 192.168.0.0 netmask 255.255.255.0 { + subnet 192.168.0.0 netmask 255.255.255.0 { range 192.168.0.2 192.168.0.3 ; option subnet-mask 255.255.255.0 ; option routers 192.168.0.1 ; @@ -4146,30 +4151,28 @@ Received 264951 bytes in 0.1 secondshost declarations. --> - The next-server directive is used - to specify the IP address of the - TFTP - server. - - The filename directive defines - the path to /boot/pxeboot. A - relative filename is used, meaning that - /b/tftpboot is not included in the - path. - - The root-path option defines - the path to the NFS root file system. - - Once the edits are saved, enable - NFS at boot time by adding the - following line to /etc/rc.conf: - - dhcpd_enable="YES" - - Then, start the DHCP service: - - &prompt.root; service isc-dhcpd start - + The next-server directive is used to + specify the IP address of the + TFTP server. + + The filename directive defines the path + to /boot/pxeboot. A relative filename is + used, meaning that /b/tftpboot is not + included in the path. + + The root-path option defines the path + to the NFS root file system. + + Once the edits are saved, enable NFS at + boot time by adding the following line to + /etc/rc.conf: + + dhcpd_enable="YES" + + Then, start the DHCP service: + + &prompt.root; service isc-dhcpd start + dual homed hosts @@ -440,10 +463,6 @@ host2.example.com link#1 UC For this machine to forward packets between the two interfaces, &os; must be configured as a router, as demonstrated in the next section. - - - - Building a Router router @@ -482,26 +501,6 @@ host2.example.com link#1 UC sophisticated routing protocols is available with the net/zebra package or port. - - - - - Setting Up Static Routes - - - - - Al - Hoang - - Contributed by - - - - - - - Manual Configuration Consider the following network: @@ -575,7 +574,6 @@ default 10.0.0.1 UG on the 192.168.2.0/24 network. - Persistent Configuration From owner-svn-doc-all@FreeBSD.ORG Wed Mar 5 22:34:27 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4E5C8589; Wed, 5 Mar 2014 22:34:27 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 2E459861; Wed, 5 Mar 2014 22:34:27 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s25MYRm7040288; Wed, 5 Mar 2014 22:34:27 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s25MYRaD040287; Wed, 5 Mar 2014 22:34:27 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403052234.s25MYRaD040287@svn.freebsd.org> From: Dru Lavigne Date: Wed, 5 Mar 2014 22:34:27 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44142 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Mar 2014 22:34:27 -0000 Author: dru Date: Wed Mar 5 22:34:26 2014 New Revision: 44142 URL: http://svnweb.freebsd.org/changeset/doc/44142 Log: Editorial pass through Routing Basics. Add name to table. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed Mar 5 21:39:21 2014 (r44141) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed Mar 5 22:34:26 2014 (r44142) @@ -132,7 +132,7 @@ Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire -default outside-gw UGSc 37 418 em0 +default outside-gw UGS 37 418 em0 localhost localhost UH 0 181 lo0 test0 0:e0:b5:36:cf:4f UHLW 5 63288 re0 77 10.20.30.255 link#1 UHLW 1 2421 @@ -148,33 +148,37 @@ host2.example.com link#1 UC default - The first line specifies the + The first route in this table specifies the default route. When the local system needs to make a connection to a remote host, it checks the routing table to determine if a - known path exists. If the remote host falls into a subnet - that it knows how to reach, the system checks to see if it - can connect using that interface. - - If all known paths fail, the system has one last option: - the default route. This route is a special - type of gateway route (usually the only one present in the - system), and is always marked with a c in - the flags field. For hosts on a local area network, this - gateway is set to the system which has a direct connection to - the Internet. + known path exists. If the remote host matches an entry in the + table, the system checks to see if it + can connect using the interface specified in that entry. + + If the destination does not match an entry, or if all known + paths fail, the system uses the entry for the + default route. For hosts on a local area network, the + Gateway field in the default route is set + to the system which has a direct connection to + the Internet. When reading this entry, verify that the + Flags column indicates that the gateway is + usable (UG). + The default route for a machine which itself is + functioning as the gateway to the outside world will be the + gateway machine at the Internet Service Provider + (ISP). localhost - The second line is the localhost route. - The interface (Netif column) that this - routing table specifies to use for - localhost is lo0, - also known as the loopback device. This says to keep all - traffic for this destination internal, rather than sending it + The second route is the localhost route. + The interface specified in the Netif column + for localhost is lo0, + also known as the loopback device. This indicates that all + traffic for this destination should be internal, rather than sending it out over the network. @@ -201,8 +205,8 @@ host2.example.com link#1 UC subnet - &os; will add subnet routes for the local subnet. - 10.20.30.255 is the + &os; will automatically add subnet routes for the local subnet. + In this example, 10.20.30.255 is the broadcast address for the subnet 10.20.30 and example.com is the domain @@ -231,7 +235,7 @@ host2.example.com link#1 UC => symbol after the lo0 interface says that an alias has been set in addition to the loopback address. Such routes only - show up on the host that supports the alias; all other hosts + show up on the host that supports the alias and all other hosts on the local network will have a link#1 line for such routes. @@ -248,177 +252,80 @@ host2.example.com link#1 UC Various attributes of each route can be seen in - the Flags column. Below is a short table - of some of these flags and their meanings: + the Flags column. + summarizes some of these flags and their meanings: + + + Commonly Seen Routing Table Flags - - - + + + Command + Purpose + + U - Up: The route is active. + The route is active (up). H - Host: The route destination is a single + The route destination is a single host. G - Gateway: Send anything for this destination on to - this remote system, which will figure out from there + Send anything for this destination on to + this gateway, which will figure out from there where to send it. S - Static: This route was configured manually, not - automatically generated by the system. + This route was statically configured. C - Clone: Generates a new route based upon this + Clones a new route based upon this route for machines to connect to. This type of route is normally used for local networks. W - WasCloned: Indicated a route that was + The route was auto-configured based upon a local area network - (Clone) route. + (clone) route. L - Link: Route involves references to Ethernet + Route involves references to Ethernet (link) hardware. - - - The default route for a machine which itself is - functioning as the gateway to the outside world, will be the - gateway machine at the Internet Service Provider - (ISP). - - This example is a common configuration for a default - route: - - - - - - - - -[Local2] <--ether--> [Local1] <--PPP--> [ISP-Serv] <--ether--> [T1-GW] - - - - The hosts Local1 and - Local2 are on the local network. - Local1 is connected to an - ISP using a - PPP connection. This - PPP server is connected through a local - area network to another gateway computer through an external - interface to the ISP. - - The default routes for each machine will be: - - - - - - Host - Default Gateway - Interface - - - - - - Local2 - Local1 - Ethernet - - - - Local1 - T1-GW - PPP - - - - - - A common question is Why is - T1-GW configured as the default - gateway for Local1, rather than the - ISP server it is connected - to?. - - Since the PPP interface is using an - address on the ISP's local network for the - local side of the connection, routes for any other machines on - the ISP's local network will be - automatically generated. The system already knows how to - reach the T1-GW machine, so there is - no need for the intermediate step of sending traffic to the - ISP's server. - - It is common to use the address X.X.X.1 as the gateway - address for the local network. So, if the local class C - address space is 10.20.30 and the - ISP is using 10.9.9, the default routes - would be: - - - - - - Host - Default Route - - - - - Local2 (10.20.30.2) - Local1 (10.20.30.1) - - - - Local1 (10.20.30.1, 10.9.9.30) - T1-GW (10.9.9.1) - - - - +
      - The default route can be easily defined in - /etc/rc.conf. In this example, on - Local2, add the following line to - /etc/rc.conf: + On a &os; system, the default route can defined in + /etc/rc.conf by specifying the + IP address of the default gateway: defaultrouter="10.20.30.1" - It is also possible to add the route directly using - &man.route.8;: + It is also possible to manually add the route using + route: &prompt.root; route add default 10.20.30.1 - For more information on manual manipulation of network + Note that manually added routes will not survive a reboot. + For more information on manual manipulation of network routing tables, refer to &man.route.8;.       From owner-svn-doc-all@FreeBSD.ORG Thu Mar 6 02:08:28 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 036346DD; Thu, 6 Mar 2014 02:08:28 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id E3B2BBDF; Thu, 6 Mar 2014 02:08:27 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2628RqQ026166; Thu, 6 Mar 2014 02:08:27 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2628R65026165; Thu, 6 Mar 2014 02:08:27 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403060208.s2628R65026165@svn.freebsd.org> From: Dru Lavigne Date: Thu, 6 Mar 2014 02:08:27 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44143 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Mar 2014 02:08:28 -0000 Author: dru Date: Thu Mar 6 02:08:27 2014 New Revision: 44143 URL: http://svnweb.freebsd.org/changeset/doc/44143 Log: Finish editorial pass through Routing chapter. The section on Multicast needs more content and a working example. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed Mar 5 22:34:26 2014 (r44142) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Mar 6 02:08:27 2014 (r44143) @@ -349,44 +349,30 @@ host2.example.com link#1 UC dual homed hosts       - A dual-homed system is a host which resides on two - different networks. - - The dual-homed machine might have two Ethernet cards, each - having an address on a separate subnet. Alternately, the - machine can have one Ethernet card and uses &man.ifconfig.8; - aliasing. The former is used if two physically separate - Ethernet networks are in use and the latter if there is one - physical network segment, but two logically separate - subnets. - - Either way, routing tables are set up so that each subnet - knows that this machine is the defined gateway (inbound route) - to the other subnet. This configuration, with the machine - acting as a router between the two subnets, is often used - to implement packet filtering or firewall security in - either or both directions. - - For this machine to forward packets between the two - interfaces, &os; must be configured as a router, as - demonstrated in the next section. + A &os; system can be configured as the default gateway, or + router, for a network if it is a dual-homed system. A + dual-homed system is a host which resides on at least two + different networks. Typically, each network is connected to a separate + network interface, though IP aliasing can + be used to bind multiple addresses, each on a different + subnet, to one physical interface. router - A network router is a system that forwards packets from - one interface to another. Internet standards and good + In order for the system to forward packets between + interfaces, &os; must be configured as a router. Internet standards and good engineering practice prevent the &os; Project from enabling - this by default in &os;. This feature can be enabled by - changing the following variable to YES in - &man.rc.conf.5;: + this feature by default, but it can be configured to start at boot + by adding this line to + /etc/rc.conf: gateway_enable="YES" # Set to YES if this host will be a gateway - This option will set the &man.sysctl.8; variable + To enable routing now, set the &man.sysctl.8; variable net.inet.ip.forwarding to - 1. To stop routing, reset this to + 1. To stop routing, reset this variable to 0. @@ -399,15 +385,24 @@ host2.example.com link#1 UC OSPF - The new router will need routes to know where to send the - traffic. If the network is simple enough, static routes can - be used. &os; comes with the standard BSD routing daemon - &man.routed.8;, which speaks RIP versions - 1 and 2, and IRDP. Support for - BGPv4, OSPFv2, and other - sophisticated routing protocols is available with the + The routing table of a router needs additional routes so + it knows how to reach other networks. Routes can be either + added manually using + static routes or routes can be automatically learned using a routing protocol. + Static routes are appropriate for small networks and this + section describes how to add a static routing entry for a + small network. + + + For large networks, static routes quickly become + unscalable. &os; comes with the standard BSD routing daemon + &man.routed.8;, which provides the routing protocols RIP, versions + 1 and 2, and IRDP. Support for the + BGP and OSPF + routing protocols can be installed using the net/zebra package or port. + Consider the following network: @@ -449,12 +444,12 @@ host2.example.com link#1 UC class="ipaddress">10.0.0.1 which allows it to connect with the outside world. RouterB is already configured - properly as it uses 192.168.1.1 as the + to use 192.168.1.1 as its default gateway. - The routing table on RouterA - looks something like this: + Before adding any static routes, the routing table on RouterA + looks like this: &prompt.user; netstat -nr Routing tables @@ -467,45 +462,33 @@ default 10.0.0.1 UG 192.168.1.0/24 link#2 UC 0 0 xl1 With the current routing table, - RouterA cannot reach Internal Net - 2 as it does not have a route for 192.168.2.0/24. The - following command adds the Internal Net 2 network to + RouterA + does not have a route to the 192.168.2.0/24 network. The + following command adds the Internal Net 2 network to RouterA's routing table using 192.168.1.2 as the next hop: &prompt.root; route add -net 192.168.2.0/24 192.168.1.2 - Now RouterA can reach any hosts + Now, RouterA can reach any host on the 192.168.2.0/24 - network. - - - Persistent Configuration - - The above example configures a static route on a - running system. However, the routing information will not - persist if the &os; system reboots. Persistent static - routes can be entered in + network. However, the routing information will not + persist if the &os; system reboots. If a static route needs + to be persistent, add it to /etc/rc.conf: - # Add Internal Net 2 as a static route + # Add Internal Net 2 as a persistent static route static_routes="internalnet2" route_internalnet2="-net 192.168.2.0/24 192.168.1.2" The static_routes configuration variable is a list of strings separated by a space, where - each string references a route name. This example only - has one string in static_routes, - internalnet2. The variable + each string references a route name. The variable route_internalnet2 - contains all of the configuration parameters to - &man.route.8;. This example is equivalent to the - command: - - &prompt.root; route add -net 192.168.2.0/24 192.168.1.2 + contains the static route for that route name. Using more than one string in static_routes creates multiple static @@ -518,11 +501,10 @@ route_internalnet2="-net 192.168.2.0/24 static_routes="net1 net2" route_net1="-net 192.168.0.0/24 192.168.0.1" route_net2="-net 192.168.1.0/24 192.168.1.1" - - - Routing Propagation + + Troubleshooting When an address space is assigned to a network, the service provider configures their routing tables so that all @@ -537,38 +519,32 @@ route_net2="-net 192.168.1.0/24 192.168. backbone machine has a copy of a master set of tables, which direct traffic for a particular network to a specific backbone carrier, and from there down the chain of service - providers until it reaches your network. + providers until it reaches a particular network. It is the task of the service provider to advertise to the backbone sites that they are the point of connection, and thus the path inward, for a site. This is known as route propagation. - - - - Troubleshooting &man.traceroute.8; - Sometimes, there is a problem with routing propagation + Sometimes, there is a problem with route propagation and some sites are unable to connect. Perhaps the most useful command for trying to figure out where routing is - breaking down is &man.traceroute.8;. It is useful when - &man.ping.8; fails. + breaking down is traceroute. It is useful when + ping fails. - When using &man.traceroute.8;, include the name of the + When using traceroute, include the address of the remote host to connect to. The output will show the gateway hosts along the path of the attempt, eventually either reaching the target host, or terminating because of a lack of - connection. - - For more information, refer to &man.traceroute.8;. + connection. For more information, refer to &man.traceroute.8;. - Multicast Routing + Multicast Considerations multicast routing @@ -580,26 +556,29 @@ route_net2="-net 192.168.1.0/24 192.168. &os; natively supports both multicast applications and multicast routing. Multicast applications do not require any - special configuration of &os;; as applications will generally - run out of the box. Multicast routing requires that support + special configuration in order to + run on &os;. Support for multicast routing requires that the + following option be compiled into a custom kernel: options MROUTING - The multicast routing daemon, &man.mrouted.8;, must be - configured to set up tunnels and DVMRP via - /etc/mrouted.conf. More details on - multicast configuration may be found in - &man.mrouted.8;. + The multicast routing daemon, + mrouted can be installed + using the net/mrouted package or port. + This daemon implements + the DVMRP multicast routing protocol and is + configured by editing /usr/local/etc/mrouted.conf + in order to set up the tunnels and DVMRP. + The installation of mrouted also installs + map-mbone and + mrinfo, as well as their associated + man pages. Refer to these for configuration examples. - The &man.mrouted.8; multicast routing daemon implements - the DVMRP multicast routing protocol, - which has largely been replaced by &man.pim.4; in many - multicast installations. &man.mrouted.8; and the related - &man.map-mbone.8; and &man.mrinfo.8; utilities are available - in the &os; Ports Collection as - net/mrouted. + DVMRP has largely been replaced by the + PIM protocol in many + multicast installations. Refer to &man.pim.4; for more information. From owner-svn-doc-all@FreeBSD.ORG Thu Mar 6 02:34:18 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 716E6CEC; Thu, 6 Mar 2014 02:34:18 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 5D3F4E09; Thu, 6 Mar 2014 02:34:18 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s262YIM2037626; Thu, 6 Mar 2014 02:34:18 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s262YI1a037625; Thu, 6 Mar 2014 02:34:18 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403060234.s262YI1a037625@svn.freebsd.org> From: Dru Lavigne Date: Thu, 6 Mar 2014 02:34:18 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44144 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Mar 2014 02:34:18 -0000 Author: dru Date: Thu Mar 6 02:34:17 2014 New Revision: 44144 URL: http://svnweb.freebsd.org/changeset/doc/44144 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Mar 6 02:08:27 2014 (r44143) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Mar 6 02:34:17 2014 (r44144) @@ -104,20 +104,19 @@ Routing is the mechanism that allows - a system to find the network path to another system. - A route is a - defined pair of addresses which represent the destination and a + a system to find the network path to another system. A + route is a defined pair of addresses + which represent the destination and a gateway. The route indicates that when trying - to get to the specified destination, send the packets - through the specified gateway. There are three - types of destinations: individual hosts, subnets, and - default. The default route is - used if no other routes apply. There are also three - types of gateways: individual hosts, interfaces, also called - links, and Ethernet hardware + to get to the specified destination, send the packets through + the specified gateway. There are three types of destinations: + individual hosts, subnets, and default. The + default route is used if no other routes apply. + There are also three types of gateways: individual hosts, + interfaces, also called links, and Ethernet hardware (MAC) addresses. Known routes are stored in a routing table. - + This section provides an overview of routing basics. It then demonstrates how to configure a &os; system as a router and offers some troubleshooting tips. @@ -125,7 +124,8 @@ Routing Basics - To view the routing table of a &os; system, use &man.netstat.1;: + To view the routing table of a &os; system, use + &man.netstat.1;: &prompt.user; netstat -r Routing tables @@ -148,111 +148,120 @@ host2.example.com link#1 UC default - The first route in this table specifies the default - route. When the local system needs to make a connection to a - remote host, it checks the routing table to determine if a - known path exists. If the remote host matches an entry in the - table, the system checks to see if it - can connect using the interface specified in that entry. - - If the destination does not match an entry, or if all known - paths fail, the system uses the entry for the - default route. For hosts on a local area network, the - Gateway field in the default route is set - to the system which has a direct connection to - the Internet. When reading this entry, verify that the - Flags column indicates that the gateway is - usable (UG). - - The default route for a machine which itself is - functioning as the gateway to the outside world will be the - gateway machine at the Internet Service Provider - (ISP). - - - - - localhost - - The second route is the localhost route. - The interface specified in the Netif column - for localhost is lo0, - also known as the loopback device. This indicates that all - traffic for this destination should be internal, rather than sending it - out over the network. - - + The first route in this table specifies the + default route. When the local system + needs to make a connection to a remote host, it checks + the routing table to determine if a known path exists. + If the remote host matches an entry in the table, the + system checks to see if it can connect using the + interface specified in that entry. + + If the destination does not match an entry, or if + all known paths fail, the system uses the entry for the + default route. For hosts on a local area network, the + Gateway field in the default route is + set to the system which has a direct connection to the + Internet. When reading this entry, verify that the + Flags column indicates that the + gateway is usable (UG). + + The default route for a machine which itself is + functioning as the gateway to the outside world will be + the gateway machine at the Internet Service Provider + (ISP). + + - - MAC address - - The addresses beginning with 0:e0: are MAC - addresses. &os; will automatically identify any hosts, - test0 in the example, on the local - Ethernet and add a route for that host over the Ethernet - interface, re0. This type of route has a - timeout, seen in the Expire column, which - is used if the host does not respond in a specific amount of - time. When this happens, the route to this host will be - automatically deleted. These hosts are identified using the - Routing Information Protocol (RIP), which - calculates routes to local hosts based upon a shortest path - determination. - - + + localhost + + The second route is the localhost + route. The interface specified in the + Netif column for + localhost is + lo0, also known as the loopback + device. This indicates that all traffic for this + destination should be internal, rather than sending it + out over the network. + + - - subnet - - &os; will automatically add subnet routes for the local subnet. - In this example, 10.20.30.255 is the - broadcast address for the subnet 10.20.30 and example.com is the domain - name associated with that subnet. The designation - link#1 refers to the first Ethernet card in - the machine. - - Local network hosts and local subnets have their routes - automatically configured by a daemon called &man.routed.8;. - If it is not running, only routes which are statically defined - by the administrator will exist. - - + + MAC address + + The addresses beginning with 0:e0: are + MAC addresses. &os; will + automatically identify any hosts, + test0 in the example, on the + local Ethernet and add a route for that host over the + Ethernet interface, re0. This type + of route has a timeout, seen in the + Expire column, which is used if the + host does not respond in a specific amount of time. + When this happens, the route to this host will be + automatically deleted. These hosts are identified using + the Routing Information Protocol + (RIP), which calculates routes to + local hosts based upon a shortest path + determination. + + - - host - - The host1 line refers to the host - by its Ethernet address. Since it is the sending host, &os; - knows to use the loopback interface - (lo0) rather than the Ethernet - interface. + + subnet + + &os; will automatically add subnet routes for the + local subnet. In this example, 10.20.30.255 is the + broadcast address for the subnet 10.20.30 and + example.com is the + domain name associated with that subnet. The + designation link#1 refers to the + first Ethernet card in the machine. + + Local network hosts and local subnets have their + routes automatically configured by a daemon called + &man.routed.8;. If it is not running, only routes which + are statically defined by the administrator will + exist. + + - The two host2 lines represent aliases - which were created using &man.ifconfig.8;. The - => symbol after the - lo0 interface says that an alias has been - set in addition to the loopback address. Such routes only - show up on the host that supports the alias and all other hosts - on the local network will have a - link#1 line for such routes. - - + + host + + The host1 line refers to the host + by its Ethernet address. Since it is the sending host, + &os; knows to use the loopback interface + (lo0) rather than the Ethernet + interface. + + The two host2 lines represent + aliases which were created using &man.ifconfig.8;. The + => symbol after the + lo0 interface says that an alias + has been set in addition to the loopback address. Such + routes only show up on the host that supports the alias + and all other hosts on the local network will have a + link#1 line for such routes. + + - - 224 - - The final line (destination subnet 224) deals with - multicasting. - - - + + 224 + + The final line (destination subnet 224) deals with + multicasting. + + + - Various attributes of each route can be seen in - the Flags column. + Various attributes of each route can be seen in the + Flags column. summarizes some of these flags and their meanings: @@ -274,15 +283,14 @@ host2.example.com link#1 UC H - The route destination is a single - host. + The route destination is a single host. G - Send anything for this destination on to - this gateway, which will figure out from there - where to send it. + Send anything for this destination on to this + gateway, which will figure out from there where to + send it. @@ -292,16 +300,15 @@ host2.example.com link#1 UC C - Clones a new route based upon this - route for machines to connect to. This type of route - is normally used for local networks. + Clones a new route based upon this route for + machines to connect to. This type of route is + normally used for local networks. W - The route was - auto-configured based upon a local area network - (clone) route. + The route was auto-configured based upon a local + area network (clone) route. @@ -326,7 +333,7 @@ host2.example.com link#1 UC Note that manually added routes will not survive a reboot. For more information on manual manipulation of network - routing tables, refer to &man.route.8;. + routing tables, refer to &man.route.8;. @@ -352,20 +359,20 @@ host2.example.com link#1 UC A &os; system can be configured as the default gateway, or router, for a network if it is a dual-homed system. A dual-homed system is a host which resides on at least two - different networks. Typically, each network is connected to a separate - network interface, though IP aliasing can - be used to bind multiple addresses, each on a different - subnet, to one physical interface. + different networks. Typically, each network is connected to a + separate network interface, though IP + aliasing can be used to bind multiple addresses, each on a + different subnet, to one physical interface. router In order for the system to forward packets between - interfaces, &os; must be configured as a router. Internet standards and good - engineering practice prevent the &os; Project from enabling - this feature by default, but it can be configured to start at boot - by adding this line to + interfaces, &os; must be configured as a router. Internet + standards and good engineering practice prevent the &os; + Project from enabling this feature by default, but it can be + configured to start at boot by adding this line to /etc/rc.conf: gateway_enable="YES" # Set to YES if this host will be a gateway @@ -387,31 +394,30 @@ host2.example.com link#1 UC The routing table of a router needs additional routes so it knows how to reach other networks. Routes can be either - added manually using - static routes or routes can be automatically learned using a routing protocol. - Static routes are appropriate for small networks and this - section describes how to add a static routing entry for a - small network. + added manually using static routes or routes can be + automatically learned using a routing protocol. Static routes + are appropriate for small networks and this section describes + how to add a static routing entry for a small network. - + For large networks, static routes quickly become - unscalable. &os; comes with the standard BSD routing daemon - &man.routed.8;, which provides the routing protocols RIP, versions - 1 and 2, and IRDP. Support for the - BGP and OSPF - routing protocols can be installed using the - net/zebra package or - port. + unscalable. &os; comes with the standard + BSD routing daemon &man.routed.8;, which + provides the routing protocols RIP, + versions 1 and 2, and IRDP. Support for + the BGP and OSPF + routing protocols can be installed using the + net/zebra package or port. - Consider the following network: + Consider the following network: - - - - + + + + - + INTERNET | (10.0.0.1/24) Default Router to Internet @@ -435,23 +441,22 @@ host2.example.com link#1 UC | 192.168.2.1/24 | Internal Net 2 - - + + - In this scenario, RouterA is a - &os; machine that is acting as a router to the rest of the - Internet. It has a default route set to 10.0.0.1 which allows it to - connect with the outside world. - RouterB is already configured - to use 192.168.1.1 as its default - gateway. + In this scenario, RouterA is a + &os; machine that is acting as a router to the rest of the + Internet. It has a default route set to 10.0.0.1 which allows it to + connect with the outside world. + RouterB is already configured to use + 192.168.1.1 as its + default gateway. - Before adding any static routes, the routing table on RouterA - looks like this: + Before adding any static routes, the routing table on + RouterA looks like this: - &prompt.user; netstat -nr + &prompt.user; netstat -nr Routing tables Internet: @@ -461,56 +466,55 @@ default 10.0.0.1 UG 10.0.0.0/24 link#1 UC 0 0 xl0 192.168.1.0/24 link#2 UC 0 0 xl1 - With the current routing table, - RouterA - does not have a route to the 192.168.2.0/24 network. The - following command adds the Internal Net 2 network to - RouterA's routing table using - 192.168.1.2 as - the next hop: - - &prompt.root; route add -net 192.168.2.0/24 192.168.1.2 - - Now, RouterA can reach any host - on the 192.168.2.0/24 - network. However, the routing information will not - persist if the &os; system reboots. If a static route needs - to be persistent, add it to - /etc/rc.conf: + With the current routing table, + RouterA does not have a route to the + 192.168.2.0/24 + network. The following command adds the Internal Net + 2 network to RouterA's + routing table using 192.168.1.2 as the next + hop: + + &prompt.root; route add -net 192.168.2.0/24 192.168.1.2 + + Now, RouterA can reach any host + on the 192.168.2.0/24 network. + However, the routing information will not persist if the &os; + system reboots. If a static route needs to be persistent, add + it to /etc/rc.conf: - # Add Internal Net 2 as a persistent static route + # Add Internal Net 2 as a persistent static route static_routes="internalnet2" route_internalnet2="-net 192.168.2.0/24 192.168.1.2" - The static_routes configuration - variable is a list of strings separated by a space, where - each string references a route name. The variable - route_internalnet2 - contains the static route for that route name. - - Using more than one string in - static_routes creates multiple static - routes. The following shows an example of adding static - routes for the 192.168.0.0/24 and - 192.168.1.0/24 - networks: + The static_routes configuration + variable is a list of strings separated by a space, where + each string references a route name. The variable + route_internalnet2 contains the static + route for that route name. + + Using more than one string in + static_routes creates multiple static + routes. The following shows an example of adding static + routes for the 192.168.0.0/24 and + 192.168.1.0/24 + networks: - static_routes="net1 net2" + static_routes="net1 net2" route_net1="-net 192.168.0.0/24 192.168.0.1" route_net2="-net 192.168.1.0/24 192.168.1.1" - + Troubleshooting When an address space is assigned to a network, the service provider configures their routing tables so that all - traffic for the network will be sent to the link for the - site. But how do external sites know to send their packets - to the network's ISP? + traffic for the network will be sent to the link for the site. + But how do external sites know to send their packets to the + network's ISP? There is a system that keeps track of all assigned address spaces and defines their point of connection to the @@ -530,17 +534,18 @@ route_net2="-net 192.168.1.0/24 192.168. &man.traceroute.8; - Sometimes, there is a problem with route propagation - and some sites are unable to connect. Perhaps the most - useful command for trying to figure out where routing is - breaking down is traceroute. It is useful when + Sometimes, there is a problem with route propagation and + some sites are unable to connect. Perhaps the most useful + command for trying to figure out where routing is breaking + down is traceroute. It is useful when ping fails. - When using traceroute, include the address of the - remote host to connect to. The output will show the gateway - hosts along the path of the attempt, eventually either - reaching the target host, or terminating because of a lack of - connection. For more information, refer to &man.traceroute.8;. + When using traceroute, include the + address of the remote host to connect to. The output will + show the gateway hosts along the path of the attempt, + eventually either reaching the target host, or terminating + because of a lack of connection. For more information, refer + to &man.traceroute.8;. @@ -556,29 +561,29 @@ route_net2="-net 192.168.1.0/24 192.168. &os; natively supports both multicast applications and multicast routing. Multicast applications do not require any - special configuration in order to - run on &os;. Support for multicast routing requires that the - following option - be compiled into a custom kernel: + special configuration in order to run on &os;. Support for + multicast routing requires that the following option be + compiled into a custom kernel: options MROUTING The multicast routing daemon, - mrouted can be installed - using the net/mrouted package or port. - This daemon implements - the DVMRP multicast routing protocol and is - configured by editing /usr/local/etc/mrouted.conf - in order to set up the tunnels and DVMRP. - The installation of mrouted also installs - map-mbone and + mrouted can be installed using the + net/mrouted package or port. This daemon + implements the DVMRP multicast routing + protocol and is configured by editing + /usr/local/etc/mrouted.conf in order to + set up the tunnels and DVMRP. The + installation of mrouted also + installs map-mbone and mrinfo, as well as their associated man pages. Refer to these for configuration examples. - DVMRP has largely been replaced by the - PIM protocol in many - multicast installations. Refer to &man.pim.4; for more information. + DVMRP has largely been replaced by + the PIM protocol in many multicast + installations. Refer to &man.pim.4; for more + information. From owner-svn-doc-all@FreeBSD.ORG Thu Mar 6 13:41:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CEAC2A71; Thu, 6 Mar 2014 13:41:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id BB0E63BB; Thu, 6 Mar 2014 13:41:13 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s26DfDHs013066; Thu, 6 Mar 2014 13:41:13 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s26DfD21013065; Thu, 6 Mar 2014 13:41:13 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201403061341.s26DfD21013065@svn.freebsd.org> From: Ryusuke SUZUKI Date: Thu, 6 Mar 2014 13:41:13 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44145 - head/ja_JP.eucJP/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Thu, 06 Mar 2014 14:35:13 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Mar 2014 13:41:14 -0000 Author: ryusuke Date: Thu Mar 6 13:41:13 2014 New Revision: 44145 URL: http://svnweb.freebsd.org/changeset/doc/44145 Log: - Merge the following from the English version: r43782 -> r43794 head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Thu Mar 6 02:34:17 2014 (r44144) +++ head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Thu Mar 6 13:41:13 2014 (r44145) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43782 + Original revision: r43794 $FreeBSD$ --> &os.stable;、&os.current; などの &os; のどれか特定のバージョンについて、 ローカルのソースツリーを同期させたら、 - そのソースツリーを使ってシステムを再構築できます。 + そのソースツリーを使ってシステムを再構築できます。 + このプロセスは world の再構築と呼ばれます。 - - バックアップの作成 + world を再構築するに、 + 以下を行ってください。 + + + world の構築前に行う作業 - システムを再構築する前に、 + + 重要なデータを他のシステムやリムーバブルメディアにバックアップし、 + きちんとバックアップが作成されていることを確認したら、 + 起動可能なインストールメディアを用意してください。 + システムを再構築する前に、 バックアップを作成することの重要性は、 いくら強調してもし過ぎると言うことはありません。 - システム全体の再構築とは難しい作業ではありませんが、 + システム全体の再構築は難しい作業ではありませんが、 どんなに注意していたとしても、 ソースツリーそのものに手違いがあった時には、 システムが起動しなくなってしまう状態になることがあるのです。 - - - まず、バックアップがきちんと作成されていることを確認して、 - 起動可能インストールメディアを用意してください。 多分、それを使うことはないと思いますが、 - あとで後悔することのないよう、念のため用意しておきましょう。 - - - - メーリングリストに参加する + あとで後悔することのないよう、念のため用意しておきましょう! + + メーリングリスト - - もともと、&os.stable; と &os.current; のコードブランチは、 - 開発中のものです。 - &os; の作業に貢献してくださっている人達も人間ですから、 - 時にはミスをすることだってあるでしょう。 - - - そのような間違いは、 - 単に警告を示す見慣れない診断メッセージをシステムが表示するような、 - まったく害のないものであることもあれば、システムを起動できなくしたり、 - ファイルシステムを破壊してしまうような、 - 恐ろしい結果を招くものかも知れません。 - - 問題が生じた場合、 - 問題の詳細と、どのようなシステムが影響を受けるかについて書かれた - 注意 (heads up) - の記事が適切なメーリングリストに投稿されます。 - そして、その問題が解決されると、 + 追いかけているブランチに応じて、 + &a.stable.name; もしくは &a.current.name; + の最近のエントリを調べて、 + 既知の問題や影響を受けるシステムを確認してください。 + 既知の問題が同期しているバージョンのコードに影響する場合は、 + その問題が解決されたことを報告する 問題解決 (all clear) - のアナウンス記事が同様に投稿されます。 - - &os.stable; や &os.current; ブランチを追随しているユーザで、 - &a.stable; や &a.current; を読まないというのは、 - 自ら災難を招くようなものです。 - - 訳注: - これらのメーリングリストは英語でやりとりされているため、 - 日本語での投稿は歓迎されません。英語でのやりとりができない人は、 - FreeBSD 友の会 - の運営しているメーリングリストをあたってみるのがいいでしょう。 - - + のアナウンスが投稿されるまで待ってから、 + ソースを同期して、ローカルのソースに必要な修正を入れてください。 + + + + buildworld 前の必要なステップとして、 + 同期しているバージョンのソースの + /usr/src/UPDATING を読んでください。 + このファイルには潜在的な問題や特定のコマンドを実行する順などの重要な情報が含まれています。 + 大きなアップグレードでは、 + installworld の前に特定のファイルの名前を変更したり、削除するといった、 + 特別なステップが追加で必要となることがあります。 + ファイルの最後には、 + 現在推奨されているアップグレードの手順が詳しく正確に説明されています。 + もし、UPDATING に書かれている手順が、 + この節に書かれているものと矛盾していたら、 + UPDATING の手順を採用してください。 + + <command>make world</command> は使わないこと @@ -1558,11 +1554,8 @@ before running "/usr/sbin/freebsd-update システムを更新する正式な方法 - システムを更新する前に、 - /usr/src/UPDATING を読んでください。 - このファイルには、用意したソースコードで buildworld - を行う前に必要な手順が書かれています。 - その後、以下の手順を踏んでください。 + 上で述べた作業を行ったら、 + 以下の手順を踏んでシステムをアップデートしてください。 この節で説明するアップデートのプロセスは、古いコンパイラ、 古いカーネル、古い world、そして古いコンフィグレーションファイルからなる、 @@ -1751,13 +1744,6 @@ before running "/usr/sbin/freebsd-update メジャーリリースをまたいだアップデートでは、 この方法を用いないと、何らかの問題にぶつかるでしょう。 - 大きなアップグレードにおいては、 - installworld の前に特定のファイルの名前の変更や削除するといった、 - 特別な追加のステップが必要となることがあります。 - /usr/src/UPDATING を注意深く読んでください。 - 特にファイルの最後には、 - 現在推奨されているアップグレードの手順が詳しく正確に説明されています。 - この手続きは、 開発者たちがある種のミスマッチを完全に避けるために、長い年月をかけて進化してきました。 願わくば、この現在の手順が長い間安定してほしいものです。 @@ -1816,23 +1802,6 @@ before running "/usr/sbin/freebsd-update - <filename>/usr/src/UPDATING</filename> を読む - - アップデートする前に、 - /usr/src/UPDATING を読んでください。 - このファイルには潜在的な問題や - 特定のコマンドの順などの重要な情報が含まれています。 - UPDATING がこの節に書かれているものと矛盾している時は - UPDATING を優先してください。 - - - UPDATING を読むということは、 - 適切なメーリングリストを購読する代わりにはなりません。 - 二つの要求は相補的なもので排他的なものではないのです。 - - - - <filename>/etc/make.conf</filename> の確認 @@ -1990,12 +1959,9 @@ before running "/usr/sbin/freebsd-update &prompt.root; rm -rf * - + ベースシステムの再構築 - - 出力メッセージの保存 - 実行される &man.make.1; からの出力は、ファイルに保存すると良いでしょう。 もし、何か障害が発生した場合、エラーメッセージのコピーを &os; メーリングリストに投稿してください。 @@ -2018,10 +1984,6 @@ Script done, … 出力の保存には、/var/tmproot のホームディレクトリが適しています。 - - - - ベースシステムの構築 /usr/src にて、 次のように実行してください。 @@ -2144,10 +2106,6 @@ Script done, … もし、複数の CPU を備えたマシンで SMP 設定が行なわれたカーネルを 利用しているなら、6 から 10 の間の値を設定し、速度がどれくらい 向上するか確認してみてください。 - - - - システムの構築にかかる時間 world の再構築 @@ -2159,7 +2117,6 @@ Script done, … トリックや近道を使わずに普通に構築した場合、&os.stable; の構築には 1, 2 時間しかかからないでしょう。 &os.current; の構築は、もう少し時間がかかります。 - From owner-svn-doc-all@FreeBSD.ORG Thu Mar 6 14:39:49 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BF5B071C; Thu, 6 Mar 2014 14:39:49 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id ACB7CCB4; Thu, 6 Mar 2014 14:39:49 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s26EdnvC037850; Thu, 6 Mar 2014 14:39:49 GMT (envelope-from dbn@svn.freebsd.org) Received: (from dbn@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s26EdnpP037849; Thu, 6 Mar 2014 14:39:49 GMT (envelope-from dbn@svn.freebsd.org) Message-Id: <201403061439.s26EdnpP037849@svn.freebsd.org> From: David Naylor Date: Thu, 6 Mar 2014 14:39:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44146 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Mar 2014 14:39:49 -0000 Author: dbn (ports committer) Date: Thu Mar 6 14:39:49 2014 New Revision: 44146 URL: http://svnweb.freebsd.org/changeset/doc/44146 Log: Update my (dbn) key to 4096/RSA, signed by old key. Modified: head/share/pgpkeys/dbn.key Modified: head/share/pgpkeys/dbn.key ============================================================================== --- head/share/pgpkeys/dbn.key Thu Mar 6 13:41:13 2014 (r44145) +++ head/share/pgpkeys/dbn.key Thu Mar 6 14:39:49 2014 (r44146) @@ -1,55 +1,104 @@ -uid David Naylor -sub 4096g/77FA885C 2008-04-09 +pub 4096R/35C84A0DEC1D97CD 2014-03-06 [expires: 2019-03-05] + Key fingerprint = A372 D3E1 D587 2D99 A5FF F243 35C8 4A0D EC1D 97CD +uid David Naylor (Private) +sub 4096R/AD63FA8DD6B2DA55 2014-03-06 [expires: 2015-03-06] + Key fingerprint = 948E C511 A27F 0302 E799 B53A AD63 FA8D D6B2 DA55 +sub 4096R/88D62359F19D95D0 2014-03-06 [expires: 2015-03-06] + Key fingerprint = A198 8E3A 1A14 66C7 ADE2 13F2 88D6 2359 F19D 95D0 + ]]> From owner-svn-doc-all@FreeBSD.ORG Thu Mar 6 15:02:02 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4CED52FE; Thu, 6 Mar 2014 15:02:02 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 3A633F3F; Thu, 6 Mar 2014 15:02:02 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s26F22KB049382; Thu, 6 Mar 2014 15:02:02 GMT (envelope-from madpilot@svn.freebsd.org) Received: (from madpilot@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s26F22Ni049381; Thu, 6 Mar 2014 15:02:02 GMT (envelope-from madpilot@svn.freebsd.org) Message-Id: <201403061502.s26F22Ni049381@svn.freebsd.org> From: Guido Falsi Date: Thu, 6 Mar 2014 15:02:02 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44147 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Mar 2014 15:02:02 -0000 Author: madpilot (ports committer) Date: Thu Mar 6 15:02:01 2014 New Revision: 44147 URL: http://svnweb.freebsd.org/changeset/doc/44147 Log: Update my key. Modified: head/share/pgpkeys/madpilot.key Modified: head/share/pgpkeys/madpilot.key ============================================================================== --- head/share/pgpkeys/madpilot.key Thu Mar 6 14:39:49 2014 (r44146) +++ head/share/pgpkeys/madpilot.key Thu Mar 6 15:02:01 2014 (r44147) @@ -1,13 +1,16 @@ -uid Guido Falsi -sub 2048R/1F9772C5 2012-04-12 +uid Guido Falsi +uid Guido Falsi +uid Guido Falsi +uid Guido Falsi +sub 4096R/CB95603DDCCDB1C8 2014-02-28 + ]]> From owner-svn-doc-all@FreeBSD.ORG Thu Mar 6 15:03:59 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CAE5F864; Thu, 6 Mar 2014 15:03:59 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id A732CF70; Thu, 6 Mar 2014 15:03:59 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s26F3xh4050016; Thu, 6 Mar 2014 15:03:59 GMT (envelope-from dbn@svn.freebsd.org) Received: (from dbn@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s26F3xdO050015; Thu, 6 Mar 2014 15:03:59 GMT (envelope-from dbn@svn.freebsd.org) Message-Id: <201403061503.s26F3xdO050015@svn.freebsd.org> From: David Naylor Date: Thu, 6 Mar 2014 15:03:59 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44148 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Mar 2014 15:03:59 -0000 Author: dbn (ports committer) Date: Thu Mar 6 15:03:59 2014 New Revision: 44148 URL: http://svnweb.freebsd.org/changeset/doc/44148 Log: Add my "dbn@freebsd.net" UID to my public key. Modified: head/share/pgpkeys/dbn.key Modified: head/share/pgpkeys/dbn.key ============================================================================== --- head/share/pgpkeys/dbn.key Thu Mar 6 15:02:01 2014 (r44147) +++ head/share/pgpkeys/dbn.key Thu Mar 6 15:03:59 2014 (r44148) @@ -6,6 +6,7 @@ sh addkey.sh dbn 35C84A0DEC1D97CD ; pub 4096R/35C84A0DEC1D97CD 2014-03-06 [expires: 2019-03-05] Key fingerprint = A372 D3E1 D587 2D99 A5FF F243 35C8 4A0D EC1D 97CD uid David Naylor (Private) +uid David Naylor (FreeBSD) sub 4096R/AD63FA8DD6B2DA55 2014-03-06 [expires: 2015-03-06] Key fingerprint = 948E C511 A27F 0302 E799 B53A AD63 FA8D D6B2 DA55 sub 4096R/88D62359F19D95D0 2014-03-06 [expires: 2015-03-06] @@ -39,66 +40,93 @@ FNmY6oD1JE/E8zF97V7Zt2mu3tMG0L94aPUeXuTs DUiTSkh87YRGf6zJYeHkBNLBBIsHKTm8GWy+HZtEmMvDnyi6/i3HPmljAIXBG/Mb ztdJ9G0NpQY13QU4khEz+iCvKLWvPTfQajTXwOfcBcN5RGyXKH/DFckxrEqMmdfy wJ//+H8bmkCiU/s8Gn8sXXMr9A7BjcQroPsqZSB7Gub6UU09D8SRLhXPWci1K7ee -W67QiEYEEBEKAAYFAlMYhiEACgkQUaaFgP9pFrLqswCdFsKtE+ezHp39/A9G7+vQ -3eLxQQIAnjkLoCfMDoLHQT19sxxv5orEB1R0uQINBFMYheUBEADNsSWJxzBaNQi6 -PNjFBGJstcsjxtlQCCWaMeK1/5oIJXtnaEeK09wS0OOJ7Tqap6jvuwVjJYKHx2vL -kWQ6Pb3rXseAv+ZqMTw+Ls9dQBXXNNfezLUw7p+qte8WDi+CTT7/otHpRTzpvo5K -HV96NY2E49WFIJZgSAvI+fEB85w8E/JDoDMbKA2qiO7J3HB4TSf7cAKFs8/iDmC3 -Gu1ObH1nlL3cWbygUvy2302xVOzBzLqNB+nwtwhSRyjHh77dzAlrl6gwR4X2A6fk -7JefN+/nWoh1+D7Kzx/Zqwd8fx+mYtR5b5Gz9waJvKunAB+UsgFHKHPROdPIeT2N -dqZBx6waocz71EUCY7dIWPXu/XyTrT/vKjDBW4yMhh7FdpIdOXc8ORnbAXbRop3n -ZXWs9QSZim2PYe73GZiRzFM7U1+wQdsYkqYk/DuQ3pAT7avgYVkZb72bK3CLg9Ri -1u0eOAnKdvrB1VrPdGTy+LmXWora5NRmH54uThfgKHLK3GkyuCpUgjUxMBfY9+RE -gmHZCiPd6xPRRsoNftHNqwu+uiSjyoiAJYdYE+DZ57PNUTAEn8NBDfnrI8oPkrik -xxBLT/rzkKPVYhR2tF1UkDdrYenKnSPgmJc7yfC8J19wiDymfLi2wI3XpxgY8iQx -yAu6+5h9A5FpJxjm47FcYavAUOnK8QARAQABiQSkBBgBCgAPBQJTGIXlAhsCBQkB -4TOAAokJEDXISg3sHZfNwb0gBBkBCgBmBQJTGIXlXxSAAAAAAC4AKGlzc3Vlci1m -cHJAbm90YXRpb25zLm9wZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ5NDhFQzUxMUEy -N0YwMzAyRTc5OUI1M0FBRDYzRkE4REQ2QjJEQTU1AAoJEK1j+o3WstpVbTcP/3Tj -yQeJY0FbDvdCOZWaEywKh8KmjY6i/H4ipD6Y8bOJBZktWDAh9tYUheg6VXXAp9rB -nyynPIQxDRNJDn6PKuNr98qVhqY34FY6La/05KrflObCiKx4eU6KQSG3m+CawQIL -nM5LRZi7XRsSiG2r1HWO7DTq1ZN46P3QGVgeIeBO/f1iBvVcr7EGb+mRS+nU9/1Z -OVJwt9PIBZsPRhG2Ex0jov/In1kTGtIMXeBbBDdNi8vOcBuXpXIJ2HFkg+q6OkmI -ojMZhHnXgds9n2CpmlfUas4kDLubHq0SOT9874spin9RcaGzcf5a+yX/GT1lUgCJ -DLJ/SUig3NjE+9MoyJGM6bk1XDtUXSPdkk4FwwdKG2HDvmndYfaKBGu3ZSsLBbkK -l4stnxuE0tOC2m0ai6+HJfp9PUOelU2kLSmjx/J6dZkPTR8E4APthGtA1nrTrQ08 -I4sGjxe5/2yPvlyTeHcoFkb0/yvkHln/3WIABQOJC92wDWZPkPrnXVynRT2pYafu -RmwUV/ML84weTmRBbhd5OTi+75Ko8ZhuWwp7iBDGVF93sJVZX1brHVLxCunMN9Gh -89nIAy3wwnesfRO98Hp0m1uWoy1ZMnfp0m8RAmY464JReyQAMSpWbfYgt5o1w+lt -8MJqj+pWJeCtynMaVAIruYHR3QHA1ZIaLvAZlxnZOqMQAKv1NkafZldk/ecJAWnR -3GEcrJgpjIaAtZbg7uI1FZqw31Lsg7pabL8iXb0Bdl5pchEP/3VDJVA+7vGeedO1 -xn0N1Wqyp1zRaSBnRMPrPXcu4+TFSjojlu9Mc2zhZNLfadRwP0KCML1ufQmcdrRx -zl+yt1g/A1aS4Y1V1RVCBYybXMxNA07f9fYWf/d8QmjJu6Ifm5yVbWqH/nUu7tll -d8CMyP5ANNOXZtnoI445jIA2jnqHrjUYv/9ftpejzAT+auTTWzNie+5+msuwh+kK -qoS1R+Pzv/Nfm8zuYSBozwU2slKwo62Dqv0Wo/rq6iH9gkbFxbQFjsO3Hs/8INuI -XWDpwd9ifiiMX2EeXGNt1nD47I8duIVopJE3XuvsZoc+NjLuTi2tti4vXDOT+QMA -YIRKQJTWp720zLHH0zRqK8zIFENnBbHCIys3SeeIt/MaYUiTfR3pKpf8f1487r/F -7+KFwgasMuQlgzAo9xQx3oCnCP74706T7gFbNyHlBUTJiE4icDYx0AQ4CUOsG4m4 -TEow/OWL7P9ZFC0SnA3qowng64ETgtI1uB2KYCbSXMCM5c/CFu8tKWnh2r10paH1 -4CoAFHlHHYfM8G44UdWLZ7r1JEiJ95T6NTUdYoJojk1mCea7Xvgz36/RWhfwS0mT -XcPcI3FzCzmBcqKaHRytcWgAuQINBFMYhggBEAC+/9JWUsGsh7rgtm3gClvL2hF1 -Q8AO0pQ8M1R/RYpECNCQQoApakmGE0/H1R3kh8SfIGLshmpSJNe3Ju+9RFVIUFaG -DF3BIMliKSyMTzudUqzzWWA9Hs5EEtWqwlaeHIJJwCpg4Zb4+LLnB1LrRQ1pBpct -jaU6eTPY6plszurNxVbcSg2ylVobaySGwBIYiOHBdNVo+dgKmkxNdqG63dNVXV2y -zl/a5Lfq1i6C4lJ2AhHFbI+f8iqEPPgWvcVGkwYDQLxTDOTFV1zEwVIa/pW65TUu -E1AbFxN0nwM8syXxaTXpS/ibPBWyPLWF9WnJzntFaDXj2rbKWkojgKmdL0ok/xGZ -IY46QhY8kv+tn17JbCeSH+CI4ov0b4ciYAb+N/CgcI3Ky97Sr/HPGxnWYzF/7sB7 -Tf8KZ9mTm0vMpxzQ4eOmaWEuPUp6w+hkUwmRxc9BNrrvWYIxwugLPhCvFJU+rFAp -xzfCGBjgGVOoCt6GKU2VIdftYWdX97lmA7cfY8NDfo5utOCYv0Z1+TqayIqeAmY+ -CKCLTfnFJNkN5W2zB9f72lJLP7m3LfHqBS/t+pqL3NNLHFwbbz9lQQwOeqI+i4w4 -FEUiqp+VhJmvvYSp75e1QnNL0j+hOK725MHfJcPsXfIBTqRV+PiaelqqVXROUo/d -MMwn2SNiSR1d1nm73wARAQABiQIlBBgBCgAPBQJTGIYIAhsMBQkB4TOAAAoJEDXI -Sg3sHZfNYCcP/A9imQkd3BDdYRsVZDV13CTIg2NQEbHXyJWk1qp6ycKu7eYkMm6K -Y/BgXg6dR91Ys1S29K5T6qfFl+KVjYjwGdJUAuT61K8Aop/ag0M/T1k2OJokLOxd -pFX6gi/Vhdhen0sUWBXVB9MRGcMLXQiZlikdRRG+8iwuGKaJu2LXCD1ZUr7P4S6F -RuhymLZiSPnigdhfciEtSuKx9vCzi+UDq0XheJTd6mG5lTh2hm0S5YCslHoroWR0 -JTl3KANsqvCfi2RBb6uCe6GkXY5xx8B+weGrNDN5jWGBCKH3IUsBtgAU1MlBggzk -pwzweN63clHhNIjgJdsqgGLVmaVUoGDDZQrIEiQ/rv4hzvDR7nVKEMspC9Ix1+R4 -MzsHcDe5upmGxOwjsVC/qQrl3dpUtZEnhycYoGSicQFTgEFxbQwVJzXvVJF8ntyu -+wJLAZq71V7ZORwLVIZObVJgkrBn5Ga8yCuzdqBgBXfhRa+SDFsxX/NpIWpePNPQ -1qG6OoW9ehyr/JF9fkK4OOcSBFL4BEtf2nqlzVdBCG6myfX37CGTDz/JO6XLrb+g -a1YmT1wY5acrZ3NuCgx0EGTTW5Brheki/qP/D+SXmTMZnjdK1lll7iTh8CpZSuxB -N269l2TGuyVMoocVKrGiPzKvb+IB96zjAuV7DLvXdwSoTY/zzF9T/ZFr -=1G8l +W67QiQJABBMBCgAqAhsDBQkJZgGABQsJCAcDBRUKCQgLBRYDAgEAAh4BAheABQJT +GIt6AhkBAAoJEDXISg3sHZfNPzkP/ieBtbl/f/VYcCvtQeujrtokCGTBIV0xMRp7 +2mFP3p9vqEVEfrQQgNWpAuLuLteA5Qw6HLaV6BhD8ZwTI/9WCv43+qKUsECIbzy8 +tZ6bh/m/e+udx7AisnZNB1ZwMyDF+X81AQiisLefry43M7NLyOZTyg8Lmn3MyFQF +BsrHm7yqxDIM9ffVWwuoIZcTrKJq624htGPER9BUto49HE2sdJhnk9j5Vgmbvpg6 +RA7Ryv6xJa59NkmFKbkqxXnYQrMKwz8vPtZSQjC8bahNiaRx9CmG1to9XtqSyGi/ +YgiR2xsJE5M1KvQsPQd2CRWIPZ9CX/qMiiDYzvndoLmDtuLkKRFYpQPkfgsoTXPy +LALdrJkVJ3Pl/EE9K7fmBBcB8LJlQYZaFpRcU2ObcmfVwF72FrhL9bM+LewbLMcO +/FKcLn26jY92+dWNPfLXgVjcJDs5RiDwlTotJE6wVH4y12fMB3XO/QcMXGxfJP4z +dCcykqhdVRlZPQbVe66dVSCgxpDNpYq7l+IPWtN3+zMrJwIqI+jSPqIVO9zxgGjN +oW7G+nmzJTEbLxbXamWAPCqeL/hLkOIMQzNtI8ui/xs8Tembqq8AvZ0oawqWi8e8 +XmAypyHDZFpxX5/6miCLdBBwLm5Wp3vSl0707VPNecjxkAgRpFtmVMJUyar8FhQi +0gJ/UAw5iEYEEBEKAAYFAlMYhiEACgkQUaaFgP9pFrLqswCdFsKtE+ezHp39/A9G +7+vQ3eLxQQIAnjkLoCfMDoLHQT19sxxv5orEB1R0tChEYXZpZCBOYXlsb3IgKEZy +ZWVCU0QpIDxkYm5AZnJlZWJzZC5vcmc+iQI9BBMBCgAnBQJTGIo+AhsDBQkJZgGA +BQsJCAcDBRUKCQgLBRYDAgEAAh4BAheAAAoJEDXISg3sHZfN/5wQAJwJXDuPeJCY +YuGmT+RldK2b782Sy9YgRmscMeYqLGRBH8IXN666zMQvl3hS+DAdELVnYn7sFp03 +WXl+PR47VaHlfZw8zJC4AX1OOn5Zu8qfbLuqydP+n7gQX0jpKZNfw1Sg1QKdDdR9 +Wyhng+0TRr6n0XQyCsW94IU7SHuIoBRgA5UhSIwUTycD1xH1s4PnoilW2k31Uu15 +f6Adp31z1kDToOhk8vq6nec1ZXdiiTsjOZMzUj4BZJF09+/0id+C+rRN3TE4mDSt +TJwnwtyvIS6GmokaspbfVQhUlWRjCii7boyVkA6FAQtphD3nNc+IfQJ9n9JpyDen +x+pL7u6UallHdZOJrfzEXsONkE4egLoXXccD8YI8EFEYBYj/JNteufLIC8oAYcyF +8uoLBVX6lujSLe0UMfs0QujKcCu53m3W7nor7YEkKcVGUArM0WBHGvs9Hyt4emnJ +5o9GsF9pcd7jkjK8JKUrbgwslCAmdbFLiotcqClp1ADMmrBtdaTrn59qrgO8nBWC +DB7aE2QKuwt+ROs5E1h0hb9n8UI07Hc44o74Wg0fzJgQtf9lDx0VQ6ci+gXYWAgo +BS4ksbr51vxStQq1Qx/SLwNr2tsP/XEgzAivISJS6X4BXPrKaRHNse4wzqzG3SYf +FOoiRwf22mDzgqYZ+q/NxzPs8DGBVOE8iEYEEBEKAAYFAlMYjO4ACgkQUaaFgP9p +FrK3nwCfT9jA+3QjmcXEbgrknNM5qohwvgQAmwXxNv5a+DpQrS0HMcVPOhLpvN1a +uQINBFMYheUBEADNsSWJxzBaNQi6PNjFBGJstcsjxtlQCCWaMeK1/5oIJXtnaEeK +09wS0OOJ7Tqap6jvuwVjJYKHx2vLkWQ6Pb3rXseAv+ZqMTw+Ls9dQBXXNNfezLUw +7p+qte8WDi+CTT7/otHpRTzpvo5KHV96NY2E49WFIJZgSAvI+fEB85w8E/JDoDMb +KA2qiO7J3HB4TSf7cAKFs8/iDmC3Gu1ObH1nlL3cWbygUvy2302xVOzBzLqNB+nw +twhSRyjHh77dzAlrl6gwR4X2A6fk7JefN+/nWoh1+D7Kzx/Zqwd8fx+mYtR5b5Gz +9waJvKunAB+UsgFHKHPROdPIeT2NdqZBx6waocz71EUCY7dIWPXu/XyTrT/vKjDB +W4yMhh7FdpIdOXc8ORnbAXbRop3nZXWs9QSZim2PYe73GZiRzFM7U1+wQdsYkqYk +/DuQ3pAT7avgYVkZb72bK3CLg9Ri1u0eOAnKdvrB1VrPdGTy+LmXWora5NRmH54u +ThfgKHLK3GkyuCpUgjUxMBfY9+REgmHZCiPd6xPRRsoNftHNqwu+uiSjyoiAJYdY +E+DZ57PNUTAEn8NBDfnrI8oPkrikxxBLT/rzkKPVYhR2tF1UkDdrYenKnSPgmJc7 +yfC8J19wiDymfLi2wI3XpxgY8iQxyAu6+5h9A5FpJxjm47FcYavAUOnK8QARAQAB +iQSkBBgBCgAPBQJTGIXlAhsCBQkB4TOAAokJEDXISg3sHZfNwb0gBBkBCgBmBQJT +GIXlXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9wZW5wZ3AuZmlmdGho +b3JzZW1hbi5uZXQ5NDhFQzUxMUEyN0YwMzAyRTc5OUI1M0FBRDYzRkE4REQ2QjJE +QTU1AAoJEK1j+o3WstpVbTcP/3TjyQeJY0FbDvdCOZWaEywKh8KmjY6i/H4ipD6Y +8bOJBZktWDAh9tYUheg6VXXAp9rBnyynPIQxDRNJDn6PKuNr98qVhqY34FY6La/0 +5KrflObCiKx4eU6KQSG3m+CawQILnM5LRZi7XRsSiG2r1HWO7DTq1ZN46P3QGVge +IeBO/f1iBvVcr7EGb+mRS+nU9/1ZOVJwt9PIBZsPRhG2Ex0jov/In1kTGtIMXeBb +BDdNi8vOcBuXpXIJ2HFkg+q6OkmIojMZhHnXgds9n2CpmlfUas4kDLubHq0SOT98 +74spin9RcaGzcf5a+yX/GT1lUgCJDLJ/SUig3NjE+9MoyJGM6bk1XDtUXSPdkk4F +wwdKG2HDvmndYfaKBGu3ZSsLBbkKl4stnxuE0tOC2m0ai6+HJfp9PUOelU2kLSmj +x/J6dZkPTR8E4APthGtA1nrTrQ08I4sGjxe5/2yPvlyTeHcoFkb0/yvkHln/3WIA +BQOJC92wDWZPkPrnXVynRT2pYafuRmwUV/ML84weTmRBbhd5OTi+75Ko8ZhuWwp7 +iBDGVF93sJVZX1brHVLxCunMN9Gh89nIAy3wwnesfRO98Hp0m1uWoy1ZMnfp0m8R +AmY464JReyQAMSpWbfYgt5o1w+lt8MJqj+pWJeCtynMaVAIruYHR3QHA1ZIaLvAZ +lxnZOqMQAKv1NkafZldk/ecJAWnR3GEcrJgpjIaAtZbg7uI1FZqw31Lsg7pabL8i +Xb0Bdl5pchEP/3VDJVA+7vGeedO1xn0N1Wqyp1zRaSBnRMPrPXcu4+TFSjojlu9M +c2zhZNLfadRwP0KCML1ufQmcdrRxzl+yt1g/A1aS4Y1V1RVCBYybXMxNA07f9fYW +f/d8QmjJu6Ifm5yVbWqH/nUu7tlld8CMyP5ANNOXZtnoI445jIA2jnqHrjUYv/9f +tpejzAT+auTTWzNie+5+msuwh+kKqoS1R+Pzv/Nfm8zuYSBozwU2slKwo62Dqv0W +o/rq6iH9gkbFxbQFjsO3Hs/8INuIXWDpwd9ifiiMX2EeXGNt1nD47I8duIVopJE3 +XuvsZoc+NjLuTi2tti4vXDOT+QMAYIRKQJTWp720zLHH0zRqK8zIFENnBbHCIys3 +SeeIt/MaYUiTfR3pKpf8f1487r/F7+KFwgasMuQlgzAo9xQx3oCnCP74706T7gFb +NyHlBUTJiE4icDYx0AQ4CUOsG4m4TEow/OWL7P9ZFC0SnA3qowng64ETgtI1uB2K +YCbSXMCM5c/CFu8tKWnh2r10paH14CoAFHlHHYfM8G44UdWLZ7r1JEiJ95T6NTUd +YoJojk1mCea7Xvgz36/RWhfwS0mTXcPcI3FzCzmBcqKaHRytcWgAuQINBFMYhggB +EAC+/9JWUsGsh7rgtm3gClvL2hF1Q8AO0pQ8M1R/RYpECNCQQoApakmGE0/H1R3k +h8SfIGLshmpSJNe3Ju+9RFVIUFaGDF3BIMliKSyMTzudUqzzWWA9Hs5EEtWqwlae +HIJJwCpg4Zb4+LLnB1LrRQ1pBpctjaU6eTPY6plszurNxVbcSg2ylVobaySGwBIY +iOHBdNVo+dgKmkxNdqG63dNVXV2yzl/a5Lfq1i6C4lJ2AhHFbI+f8iqEPPgWvcVG +kwYDQLxTDOTFV1zEwVIa/pW65TUuE1AbFxN0nwM8syXxaTXpS/ibPBWyPLWF9WnJ +zntFaDXj2rbKWkojgKmdL0ok/xGZIY46QhY8kv+tn17JbCeSH+CI4ov0b4ciYAb+ +N/CgcI3Ky97Sr/HPGxnWYzF/7sB7Tf8KZ9mTm0vMpxzQ4eOmaWEuPUp6w+hkUwmR +xc9BNrrvWYIxwugLPhCvFJU+rFApxzfCGBjgGVOoCt6GKU2VIdftYWdX97lmA7cf +Y8NDfo5utOCYv0Z1+TqayIqeAmY+CKCLTfnFJNkN5W2zB9f72lJLP7m3LfHqBS/t ++pqL3NNLHFwbbz9lQQwOeqI+i4w4FEUiqp+VhJmvvYSp75e1QnNL0j+hOK725MHf +JcPsXfIBTqRV+PiaelqqVXROUo/dMMwn2SNiSR1d1nm73wARAQABiQIlBBgBCgAP +BQJTGIYIAhsMBQkB4TOAAAoJEDXISg3sHZfNYCcP/A9imQkd3BDdYRsVZDV13CTI +g2NQEbHXyJWk1qp6ycKu7eYkMm6KY/BgXg6dR91Ys1S29K5T6qfFl+KVjYjwGdJU +AuT61K8Aop/ag0M/T1k2OJokLOxdpFX6gi/Vhdhen0sUWBXVB9MRGcMLXQiZlikd +RRG+8iwuGKaJu2LXCD1ZUr7P4S6FRuhymLZiSPnigdhfciEtSuKx9vCzi+UDq0Xh +eJTd6mG5lTh2hm0S5YCslHoroWR0JTl3KANsqvCfi2RBb6uCe6GkXY5xx8B+weGr +NDN5jWGBCKH3IUsBtgAU1MlBggzkpwzweN63clHhNIjgJdsqgGLVmaVUoGDDZQrI +EiQ/rv4hzvDR7nVKEMspC9Ix1+R4MzsHcDe5upmGxOwjsVC/qQrl3dpUtZEnhycY +oGSicQFTgEFxbQwVJzXvVJF8ntyu+wJLAZq71V7ZORwLVIZObVJgkrBn5Ga8yCuz +dqBgBXfhRa+SDFsxX/NpIWpePNPQ1qG6OoW9ehyr/JF9fkK4OOcSBFL4BEtf2nql +zVdBCG6myfX37CGTDz/JO6XLrb+ga1YmT1wY5acrZ3NuCgx0EGTTW5Brheki/qP/ +D+SXmTMZnjdK1lll7iTh8CpZSuxBN269l2TGuyVMoocVKrGiPzKvb+IB96zjAuV7 +DLvXdwSoTY/zzF9T/ZFr +=am/i -----END PGP PUBLIC KEY BLOCK----- ]]> From owner-svn-doc-all@FreeBSD.ORG Thu Mar 6 15:15:32 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 306F7736; Thu, 6 Mar 2014 15:15:32 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 1CD42128; Thu, 6 Mar 2014 15:15:32 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s26FFVPv055234; Thu, 6 Mar 2014 15:15:31 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s26FFVtg055233; Thu, 6 Mar 2014 15:15:31 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403061515.s26FFVtg055233@svn.freebsd.org> From: Glen Barber Date: Thu, 6 Mar 2014 15:15:31 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44149 - head/en_US.ISO8859-1/htdocs/internal X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Mar 2014 15:15:32 -0000 Author: gjb Date: Thu Mar 6 15:15:31 2014 New Revision: 44149 URL: http://svnweb.freebsd.org/changeset/doc/44149 Log: Remove a very out-of-date paragraph describing www.FreeBSD.org and hub.FreeBSD.org. With how the infrastructure is set up, it is probably not reasonable to try to keep these pieces current. Reword the leading sentence of the next paragraph so it makes sense with the first paragraph removed. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/internal/about.xml Modified: head/en_US.ISO8859-1/htdocs/internal/about.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/internal/about.xml Thu Mar 6 15:03:59 2014 (r44148) +++ head/en_US.ISO8859-1/htdocs/internal/about.xml Thu Mar 6 15:15:31 2014 (r44149) @@ -15,18 +15,9 @@

      The Machine

      - Powered by FreeBSD

      The - machine www.FreeBSD.org is a dual 600MHz Pentium III set - up with 1024 megabytes of RAM and about 70 gigabytes of disk space. - The mail processing duties for the domain are handled by - hub.FreeBSD.org, a quad core 2.2GHz AMD64 system with 3072 - megabytes of RAM and about 400 gigabytes disk space. Inbound mail - is buffered by mx1.FreeBSD.org and outbound mail relayed via - mx2.FreeBSD.org, both are dual 3.06 GHz Xeon systems with 1024 - megabytes of RAM and 80 gigabytes of disk.

      - + Powered by FreeBSD

      - Naturally, these systems all run FreeBSD. The hardware and network + Naturally, all systems in the FreeBSD.org cluster run FreeBSD. The hardware and network connection have been generously provided by BSDi, Bytemark Hosting, Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3843F7B6; Thu, 6 Mar 2014 15:17:07 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 25729130; Thu, 6 Mar 2014 15:17:07 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s26FH7tT055434; Thu, 6 Mar 2014 15:17:07 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s26FH6MM055433; Thu, 6 Mar 2014 15:17:07 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403061517.s26FH6MM055433@svn.freebsd.org> From: Glen Barber Date: Thu, 6 Mar 2014 15:17:06 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44150 - head/en_US.ISO8859-1/htdocs/internal X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Mar 2014 15:17:07 -0000 Author: gjb Date: Thu Mar 6 15:17:06 2014 New Revision: 44150 URL: http://svnweb.freebsd.org/changeset/doc/44150 Log: The web build status page no longer exists, and probably will not be back, so remove the reference to it. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/internal/about.xml Modified: head/en_US.ISO8859-1/htdocs/internal/about.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/internal/about.xml Thu Mar 6 15:15:31 2014 (r44149) +++ head/en_US.ISO8859-1/htdocs/internal/about.xml Thu Mar 6 15:17:06 2014 (r44150) @@ -107,9 +107,6 @@ Building and updating the FreeBSD Web Pa

      -

      The recent build status is available here.

      -

      Mirroring the FreeBSD Web Pages

      It is possible to mirror the FreeBSD web pages on www.FreeBSD.org.

      From owner-svn-doc-all@FreeBSD.ORG Thu Mar 6 15:29:05 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C580FCFC; Thu, 6 Mar 2014 15:29:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id B31F9250; Thu, 6 Mar 2014 15:29:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s26FT5S4059756; Thu, 6 Mar 2014 15:29:05 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s26FT5mB059755; Thu, 6 Mar 2014 15:29:05 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403061529.s26FT5mB059755@svn.freebsd.org> From: Glen Barber Date: Thu, 6 Mar 2014 15:29:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44151 - head/en_US.ISO8859-1/htdocs/internal X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Mar 2014 15:29:05 -0000 Author: gjb Date: Thu Mar 6 15:29:05 2014 New Revision: 44151 URL: http://svnweb.freebsd.org/changeset/doc/44151 Log: Update the website build times to reflect reality. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/internal/about.xml Modified: head/en_US.ISO8859-1/htdocs/internal/about.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/internal/about.xml Thu Mar 6 15:17:06 2014 (r44150) +++ head/en_US.ISO8859-1/htdocs/internal/about.xml Thu Mar 6 15:29:05 2014 (r44151) @@ -79,31 +79,24 @@ Building and updating the FreeBSD Web Pa currently rebuilt according to the following schedule:

      - + - - + + - + + - - - - - + - - - - - - + +
      Time (UTC)Build Time (UTC) Build type
      XX:23English www only, if no other build is runningEvery 10 minutesEnglish www only, if no other build is running
      XX:53Every Sunday at 00:00Full build with a new tree checkout
      01:22Full build
      09:22Every 1 hour English only
      13:22Full build without PR and port statistics
      17:22English onlyEvery 3 hoursFull build
      From owner-svn-doc-all@FreeBSD.ORG Thu Mar 6 17:08:22 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F099F26B; Thu, 6 Mar 2014 17:08:22 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id DA7DCE22; Thu, 6 Mar 2014 17:08:22 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s26H8MWe001613; Thu, 6 Mar 2014 17:08:22 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s26H8MKk001612; Thu, 6 Mar 2014 17:08:22 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403061708.s26H8MKk001612@svn.freebsd.org> From: Dru Lavigne Date: Thu, 6 Mar 2014 17:08:22 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44152 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Mar 2014 17:08:23 -0000 Author: dru Date: Thu Mar 6 17:08:22 2014 New Revision: 44152 URL: http://svnweb.freebsd.org/changeset/doc/44152 Log: Initial shuffle through Bluetooth chapter to improve flow. Some sections renamed. Flow is now using USB first followed by the various protocols and utilities. More commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Mar 6 15:29:05 2014 (r44151) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Mar 6 17:08:22 2014 (r44152) @@ -2216,9 +2216,6 @@ freebsdap 00:11:95:c3:0d:ac 1 Bluetooth - - Introduction - Bluetooth is a wireless technology for creating personal networks operating in the 2.4 GHz unlicensed band, with a range of 10 meters. Networks are usually formed ad-hoc from @@ -2236,12 +2233,15 @@ freebsdap 00:11:95:c3:0d:ac 1 Bluetooth PC Card 3CRWB60-A is supported by the &man.ng.bt3c.4; driver. Serial and UART based Bluetooth devices are supported by &man.sio.4;, &man.ng.h4.4; and - &man.hcseriald.8;. This section describes the use of a - USB Bluetooth dongle. - + &man.hcseriald.8;.       + + This section describes the use of a + USB Bluetooth dongle on a &os; system. It + then describes the various Bluetooth protocols and + utilities. - Plugging in the Device + Loading Bluetooth Support By default, Bluetooth device drivers are available as kernel modules. Before attaching a device, load the driver @@ -2284,8 +2284,7 @@ Number of SCO packets: 8             - Host Controller Interface - (<acronym>HCI</acronym>) + Finding Other Bluetooth Devices HCI @@ -2380,6 +2379,157 @@ Reason: Connection terminated by local h + Device Pairing + + By default, Bluetooth communication is not authenticated, + and any device can talk to any other device. A Bluetooth + device, such as a cellular phone, may choose to require + authentication to provide a particular service. Bluetooth + authentication is normally done with a + PIN code, an ASCII + string up to 16 characters in length. The user is required + to enter the same PIN code on both devices. + Once the user has entered the PIN code, + both devices will generate a link key. + After that, the link key can be stored either in the devices + or in a persistent storage. Next time, both devices will + use the previously generated link key. This procedure is + called pairing. Note that if the link + key is lost by either device, the pairing must be + repeated. + + The &man.hcsecd.8; daemon is responsible for handling + Bluetooth authentication requests. The default configuration + file is /etc/bluetooth/hcsecd.conf. An + example section for a cellular phone with the + PIN code arbitrarily set to + 1234 is shown below: + + device { + bdaddr 00:80:37:29:19:a4; + name "Pav's T39"; + key nokey; + pin "1234"; + } + + The only limitation on PIN codes is + length. Some devices, such as Bluetooth headsets, may have + a fixed PIN code built in. The + switch forces &man.hcsecd.8; to stay in + the foreground, so it is easy to see what is happening. Set + the remote device to receive pairing and initiate the + Bluetooth connection to the remote device. The remote device + should indicate that pairing was accepted and request the + PIN code. Enter the same + PIN code listed in + hcsecd.conf. Now the computer and the + remote device are paired. Alternatively, pairing can be + initiated on the remote device. + + The following line can be added to + /etc/rc.conf to configure &man.hcsecd.8; + to start automatically on system start: + + hcsecd_enable="YES" + + The following is a sample of the &man.hcsecd.8; daemon + output: + + hcsecd[16484]: Got Link_Key_Request event from 'ubt0hci', remote bdaddr 0:80:37:29:19:a4 +hcsecd[16484]: Found matching entry, remote bdaddr 0:80:37:29:19:a4, name 'Pav's T39', link key doesn't exist +hcsecd[16484]: Sending Link_Key_Negative_Reply to 'ubt0hci' for remote bdaddr 0:80:37:29:19:a4 +hcsecd[16484]: Got PIN_Code_Request event from 'ubt0hci', remote bdaddr 0:80:37:29:19:a4 +hcsecd[16484]: Found matching entry, remote bdaddr 0:80:37:29:19:a4, name 'Pav's T39', PIN code exists +hcsecd[16484]: Sending PIN_Code_Reply to 'ubt0hci' for remote bdaddr 0:80:37:29:19:a4 + + + + Network Access with + <acronym>PPP</acronym> Profiles + + The Dial-Up Networking (DUN) profile is + mostly used with modems and cellular phones. The scenarios + covered by this profile are the following: + + + + Use of a cellular phone or modem by a computer as a + wireless modem for connecting to a dial-up Internet access + server, or for using other dial-up services. + + + + Use of a cellular phone or modem by a computer to + receive data calls. + + + + Network access with a PPP profile can + be used in the following situations: + + + + LAN access for a single Bluetooth + device. + + + + LAN access for multiple Bluetooth + devices. + + + + PC to PC connection using PPP + networking over serial cable emulation. + + + + In &os;, these profiles are implemented with &man.ppp.8; + and the &man.rfcomm.pppd.8; wrapper which converts a + RFCOMM Bluetooth connection into something + PPP can use. Before a profile can be used, + a new PPP label must be created in + /etc/ppp/ppp.conf. Consult + &man.rfcomm.pppd.8; for examples. + + In the following example, &man.rfcomm.pppd.8; is used + to open a RFCOMM connection to a remote + device with a BD_ADDR of 00:80:37:29:19:a4 + on a DUN RFCOMM channel. + The actual RFCOMM channel number will be + obtained from the remote device via SDP. + It is possible to specify the RFCOMM + channel by hand, and in this case &man.rfcomm.pppd.8; will + not perform the SDP query. Use + &man.sdpcontrol.8; to find out the RFCOMM + channel on the remote device. + + &prompt.root; rfcomm_pppd -a 00:80:37:29:19:a4 -c -C dun -l rfcomm-dialup + + In order to provide network access with the + PPP LAN service, + &man.sdpd.8; must be running and a new entry for + LAN clients must be created in + /etc/ppp/ppp.conf. Consult + &man.rfcomm.pppd.8; for examples. Finally, start the + RFCOMM PPP server on a + valid RFCOMM channel number. The + RFCOMM PPP server will + automatically register the Bluetooth LAN + service with the local SDP daemon. The + example below shows how to start the RFCOMM + PPP server. + + &prompt.root; rfcomm_pppd -s -C 7 -l rfcomm-server + + + + Bluetooth Protocols + + This section describes the various Bluetooth utilities, + their function, and available utilities. + + Logical Link Control and Adaptation Protocol (<acronym>L2CAP</acronym>) @@ -2455,10 +2605,10 @@ c2afe900 c2b53380 1 127 0 Yes Active RFCOMM sockets PCB Recv-Q Send-Q Local address Foreign address Chan DLCI State c2e8bc80 0 250 00:02:72:00:d4:1a 00:07:e0:00:0b:ca 3 6 OPEN - + - - <acronym>RFCOMM</acronym> Protocol + + Radio Frequency Communication (<acronym>RFCOMM</acronym>) The RFCOMM protocol provides emulation of serial ports over the L2CAP protocol. @@ -2488,74 +2638,9 @@ c2e8bc80 0 250 00:02:72:00:d4:1a In &os;, RFCOMM is implemented at the Bluetooth sockets layer. - - - - Pairing of Devices + - By default, Bluetooth communication is not authenticated, - and any device can talk to any other device. A Bluetooth - device, such as a cellular phone, may choose to require - authentication to provide a particular service. Bluetooth - authentication is normally done with a - PIN code, an ASCII - string up to 16 characters in length. The user is required - to enter the same PIN code on both devices. - Once the user has entered the PIN code, - both devices will generate a link key. - After that, the link key can be stored either in the devices - or in a persistent storage. Next time, both devices will - use the previously generated link key. This procedure is - called pairing. Note that if the link - key is lost by either device, the pairing must be - repeated. - - The &man.hcsecd.8; daemon is responsible for handling - Bluetooth authentication requests. The default configuration - file is /etc/bluetooth/hcsecd.conf. An - example section for a cellular phone with the - PIN code arbitrarily set to - 1234 is shown below: - - device { - bdaddr 00:80:37:29:19:a4; - name "Pav's T39"; - key nokey; - pin "1234"; - } - - The only limitation on PIN codes is - length. Some devices, such as Bluetooth headsets, may have - a fixed PIN code built in. The - switch forces &man.hcsecd.8; to stay in - the foreground, so it is easy to see what is happening. Set - the remote device to receive pairing and initiate the - Bluetooth connection to the remote device. The remote device - should indicate that pairing was accepted and request the - PIN code. Enter the same - PIN code listed in - hcsecd.conf. Now the computer and the - remote device are paired. Alternatively, pairing can be - initiated on the remote device. - - The following line can be added to - /etc/rc.conf to configure &man.hcsecd.8; - to start automatically on system start: - - hcsecd_enable="YES" - - The following is a sample of the &man.hcsecd.8; daemon - output: - - hcsecd[16484]: Got Link_Key_Request event from 'ubt0hci', remote bdaddr 0:80:37:29:19:a4 -hcsecd[16484]: Found matching entry, remote bdaddr 0:80:37:29:19:a4, name 'Pav's T39', link key doesn't exist -hcsecd[16484]: Sending Link_Key_Negative_Reply to 'ubt0hci' for remote bdaddr 0:80:37:29:19:a4 -hcsecd[16484]: Got PIN_Code_Request event from 'ubt0hci', remote bdaddr 0:80:37:29:19:a4 -hcsecd[16484]: Found matching entry, remote bdaddr 0:80:37:29:19:a4, name 'Pav's T39', PIN code exists -hcsecd[16484]: Sending PIN_Code_Reply to 'ubt0hci' for remote bdaddr 0:80:37:29:19:a4 - - - + Service Discovery Protocol (<acronym>SDP</acronym>) @@ -2659,89 +2744,9 @@ Bluetooth Profile Descriptor List: channel:       &prompt.root; sdpcontrol -l browse - + - - Dial-Up Networking and Network Access with - <acronym>PPP</acronym> Profiles - - The Dial-Up Networking (DUN) profile is - mostly used with modems and cellular phones. The scenarios - covered by this profile are the following: - - - - Use of a cellular phone or modem by a computer as a - wireless modem for connecting to a dial-up Internet access - server, or for using other dial-up services. - - - - Use of a cellular phone or modem by a computer to - receive data calls. - - - - Network access with a PPP profile can - be used in the following situations: - - - - LAN access for a single Bluetooth - device. - - - - LAN access for multiple Bluetooth - devices. - - - - PC to PC connection using PPP - networking over serial cable emulation. - - - - In &os;, these profiles are implemented with &man.ppp.8; - and the &man.rfcomm.pppd.8; wrapper which converts a - RFCOMM Bluetooth connection into something - PPP can use. Before a profile can be used, - a new PPP label must be created in - /etc/ppp/ppp.conf. Consult - &man.rfcomm.pppd.8; for examples. - - In the following example, &man.rfcomm.pppd.8; is used - to open a RFCOMM connection to a remote - device with a BD_ADDR of 00:80:37:29:19:a4 - on a DUN RFCOMM channel. - The actual RFCOMM channel number will be - obtained from the remote device via SDP. - It is possible to specify the RFCOMM - channel by hand, and in this case &man.rfcomm.pppd.8; will - not perform the SDP query. Use - &man.sdpcontrol.8; to find out the RFCOMM - channel on the remote device. - - &prompt.root; rfcomm_pppd -a 00:80:37:29:19:a4 -c -C dun -l rfcomm-dialup - - In order to provide network access with the - PPP LAN service, - &man.sdpd.8; must be running and a new entry for - LAN clients must be created in - /etc/ppp/ppp.conf. Consult - &man.rfcomm.pppd.8; for examples. Finally, start the - RFCOMM PPP server on a - valid RFCOMM channel number. The - RFCOMM PPP server will - automatically register the Bluetooth LAN - service with the local SDP daemon. The - example below shows how to start the RFCOMM - PPP server. - - &prompt.root; rfcomm_pppd -s -C 7 -l rfcomm-server - - - + <acronym>OBEX</acronym> Object Push (<acronym>OPUSH</acronym>) Profile @@ -2800,10 +2805,10 @@ Success, response: OK, Success (0x20)OBEX server. &prompt.root; obexapp -s -C 10 - + - - Serial Port Profile + + Serial Port Profile (<acronym>SPP</acronym>) The Serial Port Profile (SPP) allows Bluetooth devices to perform serial cable emulation. This @@ -2828,14 +2833,12 @@ rfcomm_sppd[94692]: Starting on /dev/tty port: &prompt.root; cu -l ttyp6 - + + Troubleshooting - - A Remote Device Cannot Connect - Some older Bluetooth devices do not support role switching. By default, when &os; is accepting a new connection, it tries to perform a role switch and become @@ -2847,19 +2850,14 @@ rfcomm_sppd[94692]: Starting on /dev/tty switching on the local side: &prompt.root; hccontrol -n ubt0hci write_node_role_switch 0 - - - - Displaying Bluetooth Packets - Use the third-party package + To display Bluetooth packets, use the third-party package hcidump, which is available as a comms/hcidump package or port. This utility is similar to &man.tcpdump.1; and can be used to display the contents of Bluetooth packets on the terminal and to dump the Bluetooth packets to a file. - From owner-svn-doc-all@FreeBSD.ORG Thu Mar 6 17:23:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 94C43A29; Thu, 6 Mar 2014 17:23:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 80BB2FE6; Thu, 6 Mar 2014 17:23:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s26HNtHc008922; Thu, 6 Mar 2014 17:23:55 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s26HNtYO008920; Thu, 6 Mar 2014 17:23:55 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201403061723.s26HNtYO008920@svn.freebsd.org> From: Gabor Pali Date: Thu, 6 Mar 2014 17:23:55 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44153 - head/en_US.ISO8859-1/articles/contributors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Mar 2014 17:23:55 -0000 Author: pgj Date: Thu Mar 6 17:23:54 2014 New Revision: 44153 URL: http://svnweb.freebsd.org/changeset/doc/44153 Log: - Move carl to developer alumni Modified: head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml head/en_US.ISO8859-1/articles/contributors/contrib.develalumni.xml Modified: head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Thu Mar 6 17:08:22 2014 (r44152) +++ head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Thu Mar 6 17:23:54 2014 (r44153) @@ -271,10 +271,6 @@ - &a.carl.email; - - - &a.vd.email; Modified: head/en_US.ISO8859-1/articles/contributors/contrib.develalumni.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.develalumni.xml Thu Mar 6 17:08:22 2014 (r44152) +++ head/en_US.ISO8859-1/articles/contributors/contrib.develalumni.xml Thu Mar 6 17:23:54 2014 (r44153) @@ -3,6 +3,10 @@ + &a.carl.email; (2013 - 2014) + + + &a.mjacob.email; (1997 - 2013) From owner-svn-doc-all@FreeBSD.ORG Thu Mar 6 18:09:37 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C2ED8653; Thu, 6 Mar 2014 18:09:37 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id A44866C5; Thu, 6 Mar 2014 18:09:37 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s26I9bqZ026448; Thu, 6 Mar 2014 18:09:37 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s26I9bQP026447; Thu, 6 Mar 2014 18:09:37 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403061809.s26I9bQP026447@svn.freebsd.org> From: Dru Lavigne Date: Thu, 6 Mar 2014 18:09:37 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44154 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Mar 2014 18:09:37 -0000 Author: dru Date: Thu Mar 6 18:09:37 2014 New Revision: 44154 URL: http://svnweb.freebsd.org/changeset/doc/44154 Log: Editorial pass through first 1/2 of Bluetooth chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Mar 6 17:23:54 2014 (r44153) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Mar 6 18:09:37 2014 (r44154) @@ -2219,22 +2219,12 @@ freebsdap 00:11:95:c3:0d:ac 1 Bluetooth is a wireless technology for creating personal networks operating in the 2.4 GHz unlicensed band, with a range of 10 meters. Networks are usually formed ad-hoc from - portable devices such as cellular phones, handhelds and + portable devices such as cellular phones, handhelds, and laptops. Unlike Wi-Fi wireless technology, Bluetooth offers - higher level service profiles, such as FTP-like file servers, + higher level service profiles, such as FTP-like file servers, file pushing, voice transport, serial line emulation, and more. - The Bluetooth stack in &os; is implemented using the - &man.netgraph.4; framework. A broad variety of Bluetooth - USB dongles is supported by &man.ng.ubt.4;. - Broadcom BCM2033 based Bluetooth devices are supported by - the &man.ubtbcmfw.4; and &man.ng.ubt.4; drivers. The 3Com - Bluetooth PC Card 3CRWB60-A is supported by the - &man.ng.bt3c.4; driver. Serial and UART based Bluetooth - devices are supported by &man.sio.4;, &man.ng.h4.4; and - &man.hcseriald.8;. - This section describes the use of a USB Bluetooth dongle on a &os; system. It then describes the various Bluetooth protocols and @@ -2243,29 +2233,40 @@ freebsdap 00:11:95:c3:0d:ac 1 Loading Bluetooth Support - By default, Bluetooth device drivers are available as - kernel modules. Before attaching a device, load the driver - into the kernel: + The Bluetooth stack in &os; is implemented using the + &man.netgraph.4; framework. A broad variety of Bluetooth + USB dongles is supported by &man.ng.ubt.4;. + Broadcom BCM2033 based Bluetooth devices are supported by + the &man.ubtbcmfw.4; and &man.ng.ubt.4; drivers. The 3Com + Bluetooth PC Card 3CRWB60-A is supported by the + &man.ng.bt3c.4; driver. Serial and UART based Bluetooth + devices are supported by &man.sio.4;, &man.ng.h4.4;, and + &man.hcseriald.8;. + + Before attaching a device, determine which of the above + drivers it uses, then load the driver. For example, if the + device uses the &man.ng.ubt.4; driver: &prompt.root; kldload ng_ubt - If the Bluetooth device is present in the system during - system startup, load the module from + If the Bluetooth device will be attached to the system during + system startup, the system can be configured to load the module at boot + time by adding the driver to /boot/loader.conf: ng_ubt_load="YES" - Plug in the USB dongle. Output - similar to the following will appear on the console and in - the system log: + Once the driver is loaded, plug in the USB dongle. If the driver load was successful, output + similar to the following should appear on the console and in + /var/log/messages: ubt0: vendor 0x0a12 product 0x0001, rev 1.10/5.25, addr 2 ubt0: Interface 0 endpoints: interrupt=0x81, bulk-in=0x82, bulk-out=0x2 ubt0: Interface 1 (alt.config 5) endpoints: isoc-in=0x83, isoc-out=0x3, wMaxPacketSize=49, nframes=6, buffer size=294 - To start and stop the Bluetooth stack, use - &man.service.8;. It is a good idea to stop the stack before + To start and stop the Bluetooth stack, use its startup + script. It is a good idea to stop the stack before unplugging the device. When starting the stack, the output should be similar to the following: @@ -2291,29 +2292,14 @@ Number of SCO packets: 8 The Host Controller Interface (HCI) - provides a command interface to the baseband controller and - link manager as well as access to hardware status and control - registers. This interface provides a uniform method for - accessing Bluetooth baseband capabilities. The - HCI layer on the host exchanges data and - commands with the HCI firmware on the - Bluetooth hardware. The Host Controller Transport Layer - (physical bus) driver provides both HCI - layers with the ability to exchange information. - - A single netgraph node of type hci - is created for a single Bluetooth device. The - HCI node is normally connected to the - downstream Bluetooth device driver node and the upstream - L2CAP node. All HCI - operations must be performed on the HCI - node and not on the device driver node. The default name - for the HCI node is - devicehci. For more details, refer to + provides a uniform method for + accessing Bluetooth baseband capabilities. In &os;, a + netgraph HCI node + is created for each Bluetooth device. For more details, refer to &man.ng.hci.4;. One of the most common tasks is discovery of Bluetooth - devices in RF proximity. This operation is + devices within RF proximity. This operation is called inquiry. Inquiry and other HCI related operations are done using &man.hccontrol.8;. The example below shows how to find out @@ -2336,7 +2322,7 @@ Inquiry complete. Status: No error [00]< The BD_ADDR is the unique address of a Bluetooth device, similar to the MAC address of a network card. This address is needed for - further communication with a device. It is possible to + further communication with a device and it is possible to assign a human readable name to a BD_ADDR. Information regarding the known Bluetooth hosts is contained in /etc/bluetooth/hosts. The following @@ -2402,8 +2388,8 @@ Reason: Connection terminated by local h Bluetooth authentication requests. The default configuration file is /etc/bluetooth/hcsecd.conf. An example section for a cellular phone with the - PIN code arbitrarily set to - 1234 is shown below: + PIN code set to + 1234 is shown below: device { bdaddr 00:80:37:29:19:a4; @@ -2447,65 +2433,41 @@ hcsecd[16484]: Sending PIN_Code_Reply to Network Access with <acronym>PPP</acronym> Profiles - The Dial-Up Networking (DUN) profile is - mostly used with modems and cellular phones. The scenarios - covered by this profile are the following: - - - - Use of a cellular phone or modem by a computer as a + A Dial-Up Networking (DUN) profile can + be used to configure a cellular phone as a wireless modem for connecting to a dial-up Internet access - server, or for using other dial-up services. - - - - Use of a cellular phone or modem by a computer to - receive data calls. - - + server. It can also be used to configure a computer to + receive data calls from a cellular phone. Network access with a PPP profile can - be used in the following situations: - - - - LAN access for a single Bluetooth - device. - - - - LAN access for multiple Bluetooth - devices. - - - - PC to PC connection using PPP + be used to provide LAN access for a single Bluetooth + device or multiple Bluetooth devices. It can also provide + PC to PC connection using PPP networking over serial cable emulation. - - In &os;, these profiles are implemented with &man.ppp.8; and the &man.rfcomm.pppd.8; wrapper which converts a - RFCOMM Bluetooth connection into something + Bluetooth connection into something PPP can use. Before a profile can be used, a new PPP label must be created in /etc/ppp/ppp.conf. Consult &man.rfcomm.pppd.8; for examples. - In the following example, &man.rfcomm.pppd.8; is used - to open a RFCOMM connection to a remote - device with a BD_ADDR of 00:80:37:29:19:a4 - on a DUN RFCOMM channel. - The actual RFCOMM channel number will be - obtained from the remote device via SDP. + In this example, &man.rfcomm.pppd.8; is used + to open a connection to a remote + device with a BD_ADDR of 00:80:37:29:19:a4 + on a DUN RFCOMM channel: + + &prompt.root; rfcomm_pppd -a 00:80:37:29:19:a4 -c -C dun -l rfcomm-dialup + + The actual channel number will be + obtained from the remote device using the SDP protocol. It is possible to specify the RFCOMM channel by hand, and in this case &man.rfcomm.pppd.8; will not perform the SDP query. Use &man.sdpcontrol.8; to find out the RFCOMM channel on the remote device. - &prompt.root; rfcomm_pppd -a 00:80:37:29:19:a4 -c -C dun -l rfcomm-dialup - In order to provide network access with the PPP LAN service, &man.sdpd.8; must be running and a new entry for From owner-svn-doc-all@FreeBSD.ORG Thu Mar 6 18:32:16 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1EB39361; Thu, 6 Mar 2014 18:32:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id F3AA89DE; Thu, 6 Mar 2014 18:32:15 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s26IWFtv038474; Thu, 6 Mar 2014 18:32:15 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s26IWFVk038473; Thu, 6 Mar 2014 18:32:15 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201403061832.s26IWFVk038473@svn.freebsd.org> From: Mathieu Arnold Date: Thu, 6 Mar 2014 18:32:15 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44155 - head/en_US.ISO8859-1/books/porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Mar 2014 18:32:16 -0000 Author: mat (ports committer) Date: Thu Mar 6 18:32:15 2014 New Revision: 44155 URL: http://svnweb.freebsd.org/changeset/doc/44155 Log: Update the Makefiles chapter. Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Thu Mar 6 18:09:37 2014 (r44154) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Thu Mar 6 18:32:15 2014 (r44155) @@ -56,6 +56,14 @@ You should set PORTNAME to the base name of your port, and PORTVERSION to the version number of the port. + + + Package name should be unique among all of the ports + tree, check that there is not already a port with the same + PORTNAME and if there is add one of PKGNAMEPREFIX + or PKGNAMESUFFIX. + @@ -302,7 +310,7 @@ PORTEPOCH= 1       - + <varname>PKGNAMEPREFIX</varname> and <varname>PKGNAMESUFFIX</varname> @@ -439,6 +447,14 @@ PORTEPOCH= 1       + + Package name should be unique among all of the ports + tree, check that there is not already a port with the same + PORTNAME and if there is add one of PKGNAMEPREFIX + or PKGNAMESUFFIX. + + Here are some (real) examples on how to convert the name as called by the software authors to a suitable package name: @@ -1470,7 +1486,9 @@ PORTEPOCH= 1 DISTNAME is the name of the port as called by the authors of the software. DISTNAME defaults to - ${PORTNAME}-${PORTVERSION}, so override it + ${PORTNAME}-${DISTVERSIONPREFIX}${DISTVERSION}${DISTVERSIONSUFFIX}, + and DISTVERSION defaults to + ${PORTVERSION} so override it only if necessary. DISTNAME is only used in two places. First, the distribution file list (DISTFILES) defaults to @@ -1483,9 +1501,25 @@ PORTEPOCH= 1 ${PORTNAME}-${PORTVERSION}-scheme can be handled automatically by setting DISTVERSION. - PORTVERSION and DISTNAME - will be derived automatically, but can of course be - overridden. The following table lists some examples: + PORTVERSION will be derived from it + automatically. + + + Only one of PORTVERSION and + DISTVERSION can be set at a time. If you + set DISTVERSION and the derived + PORTVERSION is not right, do not use + DISTVERSION, set + PORTVERSION to the right value and set + DISTNAME with PORTNAME + with either some computation of + PORTVERSION or the verbatim upstream + version. + + + The following table lists some examples of + DISTVERSION and the derived + PORTVERSION: @@ -1525,7 +1559,7 @@ PORTEPOCH= 1 PKGNAMESUFFIX do not affect DISTNAME. Also note that if WRKSRC is equal to - work/${PORTNAME}-${PORTVERSION} while + work/${DISTNAME} while the original source archive is named something other than ${PORTNAME}-${PORTVERSION}${EXTRACT_SUFX}, you should probably leave DISTNAME @@ -1558,22 +1592,20 @@ PORTEPOCH= 1 If the original tarball is part of one of the popular archives such as SourceForge, GNU, or Perl CPAN, you may be able refer to those sites in an easy compact form using - MASTER_SITE_* - (e.g., MASTER_SITE_SOURCEFORGE, - MASTER_SITE_GNU and - MASTER_SITE_PERL_CPAN). Simply set - MASTER_SITES to one of these variables and - MASTER_SITE_SUBDIR to the path within the - archive. Here is an example: + predefined macros (e.g., SF, + GNU or CPAN). Simply + set MASTER_SITES to one of these values. + Here is an example: - MASTER_SITES= ${MASTER_SITE_GNU} -MASTER_SITE_SUBDIR= make + MASTER_SITES= GNU/make - Or you can use a condensed format: + Or you can use the older expanded format, though there + really are no reason to do so: - MASTER_SITES= GNU/make + MASTER_SITES= ${MASTER_SITE_GNU} +MASTER_SITE_SUBDIR= make - These variables are defined in + These values and variables are defined in /usr/ports/Mk/bsd.sites.mk. There are new entries added all the time, so make sure to check the latest version of this file before submitting a port. @@ -1634,6 +1666,16 @@ MASTER_SITE_SUBDIR= stardict/WyabdcRealP + GH + /${GH_ACCOUNT}/${GH_PROJECT}/legacy.tar.gz/${GH_TAGNAME}?dummy=/ + + + + GHC + /downloads/${GH_ACCOUNT}/${GH_PROJECT}/ + + + GNOME /pub/GNOME/sources/${PORTNAME}/${PORTVERSION:C/^([0-9]+\.[0-9]+).*/\1/} @@ -1644,12 +1686,27 @@ MASTER_SITE_SUBDIR= stardict/WyabdcRealP + HORDE + /pub/${PORTNAME} + + + + LOGILAB + /pub/${PORTNAME} + + + + MATE + /releases/${PORTVERSION:C/^([0-9]+\.[0-9]+).*/\1/} + + + MOZDEV /pub/mozdev/${PORTNAME:L} - PERL_CPAN + CPAN /pub/CPAN/modules/by-module/${PORTNAME:C/-.*//} @@ -1764,7 +1821,8 @@ EXTRACT_ONLY= source.tar.gzDo not worry if the patches are compressed; they will be decompressed automatically if the filenames end with - .gz or .Z. + .Z, .gz, + .bz2 or .xz. If the patch is distributed with some other files, such as documentation, in a gzipped tarball, you @@ -3088,11 +3146,7 @@ LIB_DEPENDS= libbar.so:${PORTSDIR}/foo/b OPTIONS_DEFINE= BAR BAR_DESC= Bar support -.include <bsd.port.options.mk> - -.if ${PORT_OPTIONS:MBAR} -LIB_DEPENDS= libbar.so:${PORTSDIR}/foo/bar -.endif +BAR_LIB_DEPENDS= libbar.so:${PORTSDIR}/foo/bar Testing option variables is the correct method. It will @@ -3462,17 +3516,8 @@ BAR_DESC= Support feature bar OPTIONS_DEFAULT=FOO -.include <bsd.port.options.mk> - -.if ${PORT_OPTIONS:MFOO} -CONFIGURE_ARGS+=--with-foo -.else -CONFIGURE_ARGS+=--without-foo -.endif - -.if ${PORT_OPTIONS:MBAR} -RUN_DEPENDS+= bar:${PORTSDIR}/bar/bar -.endif +FOO_CONFIGURE_WITH= foo +BAR_RUN_DEPENDS= bar:${PORTSDIR}/bar/bar .include <bsd.port.mk> @@ -3484,6 +3529,11 @@ RUN_DEPENDS+= bar:${PORTSDIR}/bar/bar .if ! ${PORT_OPTIONS:MEXAMPLES} CONFIGURE_ARGS+=--without-examples .endif + + Though, you should use the following so that the + configure knob is really enabled and disabled when the + option is. + EXAMPLES_CONFIGURE_WITH= examples @@ -3507,22 +3557,12 @@ SSL_DESC= Build with OpenSSL support OPTIONS_DEFAULT= PGSQL LDAP SSL -.include <bsd.port.options.mk> +PGSQL_USE= pgsql=yes +PGSQL_CONFIGURE_WITH= postgres -.if ${PORT_OPTIONS:MPGSQL} -USE_PGSQL= yes -CONFIGURE_ARGS+= --with-postgres -.else -CONFIGURE_ARGS+= --without-postgres -.endif +ICU_LIB_DEPENDS= libicuuc.so:${PORTSDIR}/devel/icu -.if ${PORT_OPTIONS:MICU} -LIB_DEPENDS+= libicuuc.so:${PORTSDIR}/devel/icu -.endif - -.if ! ${PORT_OPTIONS:MEXAMPLES} -CONFIGURE_ARGS+= --without-examples -.endif +EXAMPLES_CONFIGURE_WITH= examples # Check other OPTIONS @@ -3559,9 +3599,9 @@ CONFIGURE_ARGS+= --without-examples There is no need to add these to - OPTIONS_DEFAULT. To have them show up - in the options selection dialog, however, they must be - added to OPTIONS_DEFINE. + OPTIONS_DEFAULT. To have them active, + and show up in the options selection dialog, however, they + must be added to OPTIONS_DEFINE. @@ -3598,12 +3638,8 @@ CONFIGURE_ARGS+= --enable-foo Correct Handling of an Option - .if ${PORT_OPTIONS:MFOO} -LIB_DEPENDS+= libfoo.so:${PORTSDIR}/devel/foo -CONFIGURE_ARGS+= --enable-foo -.else -CONFIGURE_ARGS+= --disable-foo -.endif + FOO_LIB_DEPENDS= libfoo.so:${PORTSDIR}/devel/foo +FOO_CONFIGURE_ENABLE= foo In the second example, the library libfoo is explicitly From owner-svn-doc-all@FreeBSD.ORG Thu Mar 6 18:39:21 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5813DAA9; Thu, 6 Mar 2014 18:39:21 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 38B33A6E; Thu, 6 Mar 2014 18:39:21 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s26IdLcm039810; Thu, 6 Mar 2014 18:39:21 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s26IdLed039809; Thu, 6 Mar 2014 18:39:21 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403061839.s26IdLed039809@svn.freebsd.org> From: Dru Lavigne Date: Thu, 6 Mar 2014 18:39:21 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44156 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Mar 2014 18:39:21 -0000 Author: dru Date: Thu Mar 6 18:39:20 2014 New Revision: 44156 URL: http://svnweb.freebsd.org/changeset/doc/44156 Log: Editorial pass through second 1/2 of Bluetooth chapter. Protocols section is still a bit dense. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Mar 6 18:32:15 2014 (r44155) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Mar 6 18:39:20 2014 (r44156) @@ -2488,8 +2488,8 @@ hcsecd[16484]: Sending PIN_Code_Reply to Bluetooth Protocols - This section describes the various Bluetooth utilities, - their function, and available utilities. + This section provides an overview of the various Bluetooth protocols, + their function, and associated utilities. Logical Link Control and Adaptation Protocol @@ -2501,16 +2501,15 @@ hcsecd[16484]: Sending PIN_Code_Reply to <para>The Logical Link Control and Adaptation Protocol (<acronym>L2CAP</acronym>) provides connection-oriented and - connectionless data services to upper layer protocols with - protocol multiplexing capability and segmentation and - reassembly operation. <acronym>L2CAP</acronym> permits + connectionless data services to upper layer protocols. + <acronym>L2CAP</acronym> permits higher level protocols and applications to transmit and receive <acronym>L2CAP</acronym> data packets up to 64 kilobytes in length.</para> <para><acronym>L2CAP</acronym> is based around the concept of <emphasis>channels</emphasis>. A channel is a logical - connection on top of a baseband connection. Each channel is + connection on top of a baseband connection, where each channel is bound to a single protocol in a many-to-one fashion. Multiple channels can be bound to the same protocol, but a channel cannot be bound to multiple protocols. Each @@ -2518,9 +2517,9 @@ hcsecd[16484]: Sending PIN_Code_Reply to directed to the appropriate higher level protocol. Multiple channels can share the same baseband connection.</para> - <para>A single netgraph node of type <emphasis>l2cap</emphasis> - is created for a single Bluetooth device. The - <acronym>L2CAP</acronym> node is normally connected to the + <para>In &os;, a netgraph <acronym>L2CAP</acronym> node + is created for each Bluetooth device. This + node is normally connected to the downstream Bluetooth <acronym>HCI</acronym> node and upstream Bluetooth socket nodes. The default name for the <acronym>L2CAP</acronym> node is <quote>devicel2cap</quote>. @@ -2574,10 +2573,9 @@ c2e8bc80 0 250 00:02:72:00:d4:1a <para>The <acronym>RFCOMM</acronym> protocol provides emulation of serial ports over the <acronym>L2CAP</acronym> protocol. - The protocol is based on the ETSI standard TS 07.10. <acronym>RFCOMM</acronym> is a simple transport protocol, with additional provisions for emulating the 9 circuits of - RS-232 (EIATIA-232-E) serial ports. <acronym>RFCOMM</acronym> + RS-232 (EIATIA-232-E) serial ports. It supports up to 60 simultaneous connections (<acronym>RFCOMM</acronym> channels) between two Bluetooth devices.</para> @@ -2693,8 +2691,8 @@ Bluetooth Profile Descriptor List: <screen>&prompt.root; <userinput>service sdpd start</userinput></screen> - <para>The local server application that wants to provide - Bluetooth service to the remote clients will register service + <para>The local server application that wants to provide a + Bluetooth service to remote clients will register the service with the local <acronym>SDP</acronym> daemon. An example of such an application is &man.rfcomm.pppd.8;. Once started, it will register the Bluetooth LAN service with the local @@ -2710,36 +2708,36 @@ Bluetooth Profile Descriptor List: <sect3> <title><acronym>OBEX</acronym> Object Push - (<acronym>OPUSH</acronym>) Profile + (OPUSH) OBEX - OBEX is a widely used protocol for + Object Exchange (OBEX) is a widely used protocol for simple file transfers between mobile devices. Its main use is in infrared communication, where it is used for generic file transfers between notebooks or PDAs, and for sending business cards or calendar entries between - cellular phones and other devices with PIM + cellular phones and other devices with Personal Information Manager (PIM) applications. The OBEX server and client are - implemented as a third-party package, - obexapp, which is available as + implemented by + obexapp, which can be installed using the comms/obexapp package or port. The OBEX client is used to push and/or - pull objects from the OBEX server. An - object can, for example, be a business card or an appointment. + pull objects from the OBEX server. An example + object is a business card or an appointment. The OBEX client can obtain the RFCOMM channel number from the remote device via SDP. This can be done by specifying the service name instead of the RFCOMM channel number. Supported service - names are: IrMC, FTRN, - and OPUSH. It is also possible to specify + names are: IrMC, FTRN, + and OPUSH. It is also possible to specify the RFCOMM channel as a number. Below is an example of an OBEX session where the device information object is pulled from the cellular phone, @@ -2781,7 +2779,7 @@ Success, response: OK, Success (0x20)In &os;, &man.rfcomm.sppd.1; implements SPP and a pseudo tty is used as a virtual serial port abstraction. The example below shows how to - connect to a remote device serial port service. A + connect to a remote device's serial port service. A RFCOMM channel does not have to be specified as &man.rfcomm.sppd.1; can obtain it from the remote device via SDP. To override this, @@ -2801,20 +2799,20 @@ rfcomm_sppd[94692]: Starting on /dev/tty Troubleshooting - Some older Bluetooth devices do not support role - switching. By default, when &os; is accepting a new + By default, when &os; is accepting a new connection, it tries to perform a role switch and become - master. Devices, which do not support this will not be able + master. Some older Bluetooth devices which do not support role + switching will not be able to connect. Since role switching is performed when a new connection is being established, it is not possible to ask the remote device if it supports role switching. - There is a HCI option to disable role + However, there is a HCI option to disable role switching on the local side: &prompt.root; hccontrol -n ubt0hci write_node_role_switch 0 To display Bluetooth packets, use the third-party package - hcidump, which is available as a + hcidump, which can be installed using the comms/hcidump package or port. This utility is similar to &man.tcpdump.1; and can be used to display the contents of Bluetooth packets on From owner-svn-doc-all@FreeBSD.ORG Thu Mar 6 18:47:06 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 49AD7E27; Thu, 6 Mar 2014 18:47:06 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 1CAA1B39; Thu, 6 Mar 2014 18:47:06 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s26Il5aI043987; Thu, 6 Mar 2014 18:47:05 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s26Il59P043986; Thu, 6 Mar 2014 18:47:05 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201403061847.s26Il59P043986@svn.freebsd.org> From: Mathieu Arnold Date: Thu, 6 Mar 2014 18:47:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44157 - head/en_US.ISO8859-1/books/porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Mar 2014 18:47:06 -0000 Author: mat (ports committer) Date: Thu Mar 6 18:47:05 2014 New Revision: 44157 URL: http://svnweb.freebsd.org/changeset/doc/44157 Log: Add comments to the examples to show what some options helper will do. Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Thu Mar 6 18:39:20 2014 (r44156) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Thu Mar 6 18:47:05 2014 (r44157) @@ -3516,6 +3516,7 @@ BAR_DESC= Support feature bar OPTIONS_DEFAULT=FOO +# Will add --with-foo / --without-foo FOO_CONFIGURE_WITH= foo BAR_RUN_DEPENDS= bar:${PORTSDIR}/bar/bar @@ -3533,7 +3534,8 @@ CONFIGURE_ARGS+=--without-examples Though, you should use the following so that the configure knob is really enabled and disabled when the option is. - EXAMPLES_CONFIGURE_WITH= examples + # Will add --with-examples / --without-examples +EXAMPLES_CONFIGURE_WITH= examples @@ -3558,10 +3560,12 @@ SSL_DESC= Build with OpenSSL support OPTIONS_DEFAULT= PGSQL LDAP SSL PGSQL_USE= pgsql=yes -PGSQL_CONFIGURE_WITH= postgres +# Will add --enable-postgres / --disable-postgres +PGSQL_CONFIGURE_ENABLE= postgres ICU_LIB_DEPENDS= libicuuc.so:${PORTSDIR}/devel/icu +# Will add --with-examples / --without-examples EXAMPLES_CONFIGURE_WITH= examples # Check other OPTIONS @@ -3639,6 +3643,7 @@ CONFIGURE_ARGS+= --enable-foo Correct Handling of an Option FOO_LIB_DEPENDS= libfoo.so:${PORTSDIR}/devel/foo +# Will add --enable-foo / --disable-foo FOO_CONFIGURE_ENABLE= foo From owner-svn-doc-all@FreeBSD.ORG Thu Mar 6 19:16:24 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A13D9DB4; Thu, 6 Mar 2014 19:16:24 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8C496DE9; Thu, 6 Mar 2014 19:16:24 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s26JGOmF057101; Thu, 6 Mar 2014 19:16:24 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s26JGOir057100; Thu, 6 Mar 2014 19:16:24 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403061916.s26JGOir057100@svn.freebsd.org> From: Dru Lavigne Date: Thu, 6 Mar 2014 19:16:24 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44158 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Mar 2014 19:16:24 -0000 Author: dru Date: Thu Mar 6 19:16:24 2014 New Revision: 44158 URL: http://svnweb.freebsd.org/changeset/doc/44158 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Mar 6 18:47:05 2014 (r44157) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Mar 6 19:16:24 2014 (r44158) @@ -2216,19 +2216,18 @@ freebsdap 00:11:95:c3:0d:ac 1 Bluetooth - Bluetooth is a wireless technology for creating personal - networks operating in the 2.4 GHz unlicensed band, with a - range of 10 meters. Networks are usually formed ad-hoc from - portable devices such as cellular phones, handhelds, and - laptops. Unlike Wi-Fi wireless technology, Bluetooth offers - higher level service profiles, such as FTP-like file servers, - file pushing, voice transport, serial line emulation, and - more. - - This section describes the use of a - USB Bluetooth dongle on a &os; system. It - then describes the various Bluetooth protocols and - utilities. + Bluetooth is a wireless technology for creating personal + networks operating in the 2.4 GHz unlicensed band, with a + range of 10 meters. Networks are usually formed ad-hoc from + portable devices such as cellular phones, handhelds, and + laptops. Unlike Wi-Fi wireless technology, Bluetooth offers + higher level service profiles, such as + FTP-like file servers, file pushing, voice + transport, serial line emulation, and more. + + This section describes the use of a USB + Bluetooth dongle on a &os; system. It then describes the + various Bluetooth protocols and utilities. Loading Bluetooth Support @@ -2236,28 +2235,30 @@ freebsdap 00:11:95:c3:0d:ac 1 The Bluetooth stack in &os; is implemented using the &man.netgraph.4; framework. A broad variety of Bluetooth USB dongles is supported by &man.ng.ubt.4;. - Broadcom BCM2033 based Bluetooth devices are supported by - the &man.ubtbcmfw.4; and &man.ng.ubt.4; drivers. The 3Com + Broadcom BCM2033 based Bluetooth devices are supported by the + &man.ubtbcmfw.4; and &man.ng.ubt.4; drivers. The 3Com Bluetooth PC Card 3CRWB60-A is supported by the &man.ng.bt3c.4; driver. Serial and UART based Bluetooth devices are supported by &man.sio.4;, &man.ng.h4.4;, and &man.hcseriald.8;. - + Before attaching a device, determine which of the above drivers it uses, then load the driver. For example, if the device uses the &man.ng.ubt.4; driver: &prompt.root; kldload ng_ubt - If the Bluetooth device will be attached to the system during - system startup, the system can be configured to load the module at boot - time by adding the driver to + If the Bluetooth device will be attached to the system + during system startup, the system can be configured to load + the module at boot time by adding the driver to /boot/loader.conf: ng_ubt_load="YES" - Once the driver is loaded, plug in the USB dongle. If the driver load was successful, output - similar to the following should appear on the console and in + Once the driver is loaded, plug in the + USB dongle. If the driver load was + successful, output similar to the following should appear on + the console and in /var/log/messages: ubt0: vendor 0x0a12 product 0x0001, rev 1.10/5.25, addr 2 @@ -2266,9 +2267,9 @@ ubt0: Interface 1 (alt.config 5) endpoin wMaxPacketSize=49, nframes=6, buffer size=294 To start and stop the Bluetooth stack, use its startup - script. It is a good idea to stop the stack before - unplugging the device. When starting the stack, the output - should be similar to the following: + script. It is a good idea to stop the stack before unplugging + the device. When starting the stack, the output should be + similar to the following: &prompt.root; service bluetooth start ubt0 BD_ADDR: 00:02:72:00:d4:1a @@ -2292,16 +2293,15 @@ Number of SCO packets: 8 The Host Controller Interface (HCI) - provides a uniform method for - accessing Bluetooth baseband capabilities. In &os;, a - netgraph HCI node - is created for each Bluetooth device. For more details, refer to - &man.ng.hci.4;. + provides a uniform method for accessing Bluetooth baseband + capabilities. In &os;, a netgraph HCI node + is created for each Bluetooth device. For more details, refer + to &man.ng.hci.4;. One of the most common tasks is discovery of Bluetooth - devices within RF proximity. This operation is - called inquiry. Inquiry and other - HCI related operations are done using + devices within RF proximity. This + operation is called inquiry. Inquiry and + other HCI related operations are done using &man.hccontrol.8;. The example below shows how to find out which Bluetooth devices are in range. The list of devices should be displayed in a few seconds. Note that a remote @@ -2321,13 +2321,13 @@ Inquiry complete. Status: No error [00]< The BD_ADDR is the unique address of a Bluetooth device, similar to the MAC - address of a network card. This address is needed for - further communication with a device and it is possible to - assign a human readable name to a BD_ADDR. Information - regarding the known Bluetooth hosts is contained in + address of a network card. This address is needed for further + communication with a device and it is possible to assign a + human readable name to a BD_ADDR. Information regarding the + known Bluetooth hosts is contained in /etc/bluetooth/hosts. The following - example shows how to obtain the human readable name that - was assigned to the remote device: + example shows how to obtain the human readable name that was + assigned to the remote device: &prompt.user; hccontrol -n ubt0hci remote_name_request 00:80:37:29:19:a4 BD_ADDR: 00:80:37:29:19:a4 @@ -2388,8 +2388,8 @@ Reason: Connection terminated by local h Bluetooth authentication requests. The default configuration file is /etc/bluetooth/hcsecd.conf. An example section for a cellular phone with the - PIN code set to - 1234 is shown below: + PIN code set to 1234 is + shown below: device { bdaddr 00:80:37:29:19:a4; @@ -2434,16 +2434,17 @@ hcsecd[16484]: Sending PIN_Code_Reply to PPP Profiles A Dial-Up Networking (DUN) profile can - be used to configure a cellular phone as a - wireless modem for connecting to a dial-up Internet access - server. It can also be used to configure a computer to - receive data calls from a cellular phone. + be used to configure a cellular phone as a wireless modem for + connecting to a dial-up Internet access server. It can also + be used to configure a computer to receive data calls from a + cellular phone. Network access with a PPP profile can - be used to provide LAN access for a single Bluetooth - device or multiple Bluetooth devices. It can also provide - PC to PC connection using PPP - networking over serial cable emulation. + be used to provide LAN access for a single + Bluetooth device or multiple Bluetooth devices. It can also + provide PC to PC + connection using PPP networking over serial + cable emulation. In &os;, these profiles are implemented with &man.ppp.8; and the &man.rfcomm.pppd.8; wrapper which converts a @@ -2453,20 +2454,22 @@ hcsecd[16484]: Sending PIN_Code_Reply to /etc/ppp/ppp.conf. Consult &man.rfcomm.pppd.8; for examples. - In this example, &man.rfcomm.pppd.8; is used - to open a connection to a remote - device with a BD_ADDR of 00:80:37:29:19:a4 - on a DUN RFCOMM channel: + In this example, &man.rfcomm.pppd.8; is used to open a + connection to a remote device with a + BD_ADDR of + 00:80:37:29:19:a4 on a + DUN RFCOMM + channel: &prompt.root; rfcomm_pppd -a 00:80:37:29:19:a4 -c -C dun -l rfcomm-dialup - The actual channel number will be - obtained from the remote device using the SDP protocol. - It is possible to specify the RFCOMM - channel by hand, and in this case &man.rfcomm.pppd.8; will - not perform the SDP query. Use - &man.sdpcontrol.8; to find out the RFCOMM - channel on the remote device. + The actual channel number will be obtained from the remote + device using the SDP protocol. It is + possible to specify the RFCOMM channel by + hand, and in this case &man.rfcomm.pppd.8; will not perform + the SDP query. Use &man.sdpcontrol.8; to + find out the RFCOMM channel on the remote + device. In order to provide network access with the PPP LAN service, @@ -2487,62 +2490,63 @@ hcsecd[16484]: Sending PIN_Code_Reply to Bluetooth Protocols - - This section provides an overview of the various Bluetooth protocols, - their function, and associated utilities. - - - Logical Link Control and Adaptation Protocol - (<acronym>L2CAP</acronym>) - - L2CAP - + This section provides an overview of the various Bluetooth + protocols, their function, and associated utilities. + + + Logical Link Control and Adaptation Protocol + (<acronym>L2CAP</acronym>) + + + L2CAP + - The Logical Link Control and Adaptation Protocol - (L2CAP) provides connection-oriented and - connectionless data services to upper layer protocols. - L2CAP permits - higher level protocols and applications to transmit and - receive L2CAP data packets up to 64 - kilobytes in length. - - L2CAP is based around the concept of - channels. A channel is a logical - connection on top of a baseband connection, where each channel is - bound to a single protocol in a many-to-one fashion. Multiple - channels can be bound to the same protocol, but a channel - cannot be bound to multiple protocols. Each - L2CAP packet received on a channel is - directed to the appropriate higher level protocol. Multiple - channels can share the same baseband connection. - - In &os;, a netgraph L2CAP node - is created for each Bluetooth device. This - node is normally connected to the - downstream Bluetooth HCI node and upstream - Bluetooth socket nodes. The default name for the - L2CAP node is devicel2cap. - For more details refer to &man.ng.l2cap.4;. - - A useful command is &man.l2ping.8;, which can be used to - ping other devices. Some Bluetooth implementations might not - return all of the data sent to them, so 0 - bytes in the following example is normal. + The Logical Link Control and Adaptation Protocol + (L2CAP) provides connection-oriented and + connectionless data services to upper layer protocols. + L2CAP permits higher level protocols and + applications to transmit and receive + L2CAP data packets up to 64 kilobytes in + length. + + L2CAP is based around the concept of + channels. A channel is a logical + connection on top of a baseband connection, where each + channel is bound to a single protocol in a many-to-one + fashion. Multiple channels can be bound to the same + protocol, but a channel cannot be bound to multiple + protocols. Each L2CAP packet received on + a channel is directed to the appropriate higher level + protocol. Multiple channels can share the same baseband + connection. + + In &os;, a netgraph L2CAP node is + created for each Bluetooth device. This node is normally + connected to the downstream Bluetooth HCI + node and upstream Bluetooth socket nodes. The default name + for the L2CAP node is + devicel2cap. For more details refer to + &man.ng.l2cap.4;. + + A useful command is &man.l2ping.8;, which can be used to + ping other devices. Some Bluetooth implementations might + not return all of the data sent to them, so 0 + bytes in the following example is normal. - &prompt.root; l2ping -a 00:80:37:29:19:a4 + &prompt.root; l2ping -a 00:80:37:29:19:a4 0 bytes from 0:80:37:29:19:a4 seq_no=0 time=48.633 ms result=0 0 bytes from 0:80:37:29:19:a4 seq_no=1 time=37.551 ms result=0 0 bytes from 0:80:37:29:19:a4 seq_no=2 time=28.324 ms result=0 0 bytes from 0:80:37:29:19:a4 seq_no=3 time=46.150 ms result=0 - The &man.l2control.8; utility is used to perform various - operations on L2CAP nodes. This example - shows how to obtain the list of logical connections (channels) - and the list of baseband connections for the local - device: + The &man.l2control.8; utility is used to perform various + operations on L2CAP nodes. This example + shows how to obtain the list of logical connections + (channels) and the list of baseband connections for the + local device: - &prompt.user; l2control -a 00:02:72:00:d4:1a read_channel_list + &prompt.user; l2control -a 00:02:72:00:d4:1a read_channel_list L2CAP channels: Remote BD_ADDR SCID/ DCID PSM IMTU/ OMTU State 00:07:e0:00:0b:ca 66/ 64 3 132/ 672 OPEN @@ -2551,12 +2555,13 @@ L2CAP connections: Remote BD_ADDR Handle Flags Pending State 00:07:e0:00:0b:ca 41 O 0 OPEN - Another diagnostic tool is &man.btsockstat.1;. It is - similar to &man.netstat.1;, but for Bluetooth network-related - data structures. The example below shows the same logical - connection as &man.l2control.8; above. + Another diagnostic tool is &man.btsockstat.1;. It is + similar to &man.netstat.1;, but for Bluetooth + network-related data structures. The example below shows + the same logical connection as &man.l2control.8; + above. - &prompt.user; btsockstat + &prompt.user; btsockstat Active L2CAP sockets PCB Recv-Q Send-Q Local address/PSM Foreign address CID State c2afe900 0 0 00:02:72:00:d4:1a/3 00:07:e0:00:0b:ca 66 OPEN @@ -2566,86 +2571,89 @@ c2afe900 c2b53380 1 127 0 Yes Active RFCOMM sockets PCB Recv-Q Send-Q Local address Foreign address Chan DLCI State c2e8bc80 0 250 00:02:72:00:d4:1a 00:07:e0:00:0b:ca 3 6 OPEN - + - - Radio Frequency Communication (<acronym>RFCOMM</acronym>) + + Radio Frequency Communication + (<acronym>RFCOMM</acronym>) - The RFCOMM protocol provides emulation - of serial ports over the L2CAP protocol. - RFCOMM is a simple transport protocol, - with additional provisions for emulating the 9 circuits of - RS-232 (EIATIA-232-E) serial ports. It - supports up to 60 simultaneous connections - (RFCOMM channels) between two Bluetooth - devices. - - For the purposes of RFCOMM, a complete - communication path involves two applications running on the - communication endpoints with a communication segment between - them. RFCOMM is intended to cover - applications that make use of the serial ports of the devices - in which they reside. The communication segment is a direct - connect Bluetooth link from one device to another. - - RFCOMM is only concerned with the - connection between the devices in the direct connect case, - or between the device and a modem in the network case. - RFCOMM can support other configurations, - such as modules that communicate via Bluetooth wireless - technology on one side and provide a wired interface on the - other side. - - In &os;, RFCOMM is implemented at the - Bluetooth sockets layer. - - - - Service Discovery Protocol - (<acronym>SDP</acronym>) + The RFCOMM protocol provides + emulation of serial ports over the L2CAP + protocol. RFCOMM is a simple transport + protocol, with additional provisions for emulating the 9 + circuits of RS-232 (EIATIA-232-E) serial ports. It + supports up to 60 simultaneous connections + (RFCOMM channels) between two Bluetooth + devices. + + For the purposes of RFCOMM, a + complete communication path involves two applications + running on the communication endpoints with a communication + segment between them. RFCOMM is intended + to cover applications that make use of the serial ports of + the devices in which they reside. The communication segment + is a direct connect Bluetooth link from one device to + another. + + RFCOMM is only concerned with the + connection between the devices in the direct connect case, + or between the device and a modem in the network case. + RFCOMM can support other configurations, + such as modules that communicate via Bluetooth wireless + technology on one side and provide a wired interface on the + other side. - - SDP - + In &os;, RFCOMM is implemented at the + Bluetooth sockets layer. + - The Service Discovery Protocol (SDP) - provides the means for client applications to discover the - existence of services provided by server applications as well - as the attributes of those services. The attributes of a - service include the type or class of service offered and the - mechanism or protocol information needed to utilize the - service. - - SDP involves communication between a - SDP server and a SDP - client. The server maintains a list of service records that - describe the characteristics of services associated with the - server. Each service record contains information about a - single service. A client may retrieve information from a - service record maintained by the SDP server - by issuing a SDP request. If the client, - or an application associated with the client, decides to use - a service, it must open a separate connection to the service - provider in order to utilize the service. - SDP provides a mechanism for discovering - services and their attributes, but it does not provide a - mechanism for utilizing those services. - - Normally, a SDP client searches for - services based on some desired characteristics of the - services. However, there are times when it is desirable to - discover which types of services are described by an - SDP server's service records without any - prior information about the services. This process of - looking for any offered services is called - browsing. - - The Bluetooth SDP server, &man.sdpd.8;, - and command line client, &man.sdpcontrol.8;, are included in - the standard &os; installation. The following example shows - how to perform a SDP browse query. + + Service Discovery Protocol + (<acronym>SDP</acronym>) - &prompt.user; sdpcontrol -a 00:01:03:fc:6e:ec browse + + SDP + + + The Service Discovery Protocol (SDP) + provides the means for client applications to discover the + existence of services provided by server applications as + well as the attributes of those services. The attributes of + a service include the type or class of service offered and + the mechanism or protocol information needed to utilize the + service. + + SDP involves communication between a + SDP server and a SDP + client. The server maintains a list of service records that + describe the characteristics of services associated with the + server. Each service record contains information about a + single service. A client may retrieve information from a + service record maintained by the SDP + server by issuing a SDP request. If the + client, or an application associated with the client, + decides to use a service, it must open a separate connection + to the service provider in order to utilize the service. + SDP provides a mechanism for discovering + services and their attributes, but it does not provide a + mechanism for utilizing those services. + + Normally, a SDP client searches for + services based on some desired characteristics of the + services. However, there are times when it is desirable to + discover which types of services are described by an + SDP server's service records without any + prior information about the services. This process of + looking for any offered services is called + browsing. + + The Bluetooth SDP server, + &man.sdpd.8;, and command line client, &man.sdpcontrol.8;, + are included in the standard &os; installation. The + following example shows how to perform a + SDP browse query. + + &prompt.user; sdpcontrol -a 00:01:03:fc:6e:ec browse Record Handle: 00000000 Service Class ID List: Service Discovery Server (0x1000) @@ -2668,83 +2676,82 @@ Protocol Descriptor List: Bluetooth Profile Descriptor List: LAN Access Using PPP (0x1102) ver. 1.0 - Note that each service has a list of attributes, such - as the RFCOMM channel. Depending on the - service, the user might need to make note of some of the - attributes. Some Bluetooth implementations do not support - service browsing and may return an empty list. In this case, - it is possible to search for the specific service. The - example below shows how to search for the - OBEX Object Push - (OPUSH) service: - - &prompt.user; sdpcontrol -a 00:01:03:fc:6e:ec search OPUSH - - Offering services on &os; to Bluetooth clients is done - with the &man.sdpd.8; server. The following line can be added - to /etc/rc.conf: - - sdpd_enable="YES" - - Then the &man.sdpd.8; daemon can be - started with: - - &prompt.root; service sdpd start - - The local server application that wants to provide a - Bluetooth service to remote clients will register the service - with the local SDP daemon. An example of - such an application is &man.rfcomm.pppd.8;. Once started, - it will register the Bluetooth LAN service with the local - SDP daemon. - - The list of services registered with the local - SDP server can be obtained by issuing a - SDP browse query via the local control - channel: + Note that each service has a list of attributes, such + as the RFCOMM channel. Depending on the + service, the user might need to make note of some of the + attributes. Some Bluetooth implementations do not support + service browsing and may return an empty list. In this + case, it is possible to search for the specific service. + The example below shows how to search for the + OBEX Object Push + (OPUSH) service: + + &prompt.user; sdpcontrol -a 00:01:03:fc:6e:ec search OPUSH + + Offering services on &os; to Bluetooth clients is done + with the &man.sdpd.8; server. The following line can be + added to /etc/rc.conf: + + sdpd_enable="YES" + + Then the &man.sdpd.8; daemon can be started with: + + &prompt.root; service sdpd start + + The local server application that wants to provide a + Bluetooth service to remote clients will register the + service with the local SDP daemon. An + example of such an application is &man.rfcomm.pppd.8;. Once + started, it will register the Bluetooth LAN service with the + local SDP daemon. + + The list of services registered with the local + SDP server can be obtained by issuing a + SDP browse query via the local control + channel: - &prompt.root; sdpcontrol -l browse - + &prompt.root; sdpcontrol -l browse + - - <acronym>OBEX</acronym> Object Push - (<acronym>OPUSH</acronym>) + + <acronym>OBEX</acronym> Object Push + (<acronym>OPUSH</acronym>) - - OBEX - + + OBEX + - Object Exchange (OBEX) is a widely used protocol for - simple file transfers between mobile devices. Its main use - is in infrared communication, where it is used for generic - file transfers between notebooks or PDAs, - and for sending business cards or calendar entries between - cellular phones and other devices with Personal Information Manager (PIM) - applications. - - The OBEX server and client are - implemented by - obexapp, which can be installed using the - comms/obexapp package or - port. - - The OBEX client is used to push and/or - pull objects from the OBEX server. An example - object is a business card or an appointment. - The OBEX client can obtain the - RFCOMM channel number from the remote - device via SDP. This can be done by - specifying the service name instead of the - RFCOMM channel number. Supported service - names are: IrMC, FTRN, - and OPUSH. It is also possible to specify - the RFCOMM channel as a number. Below is - an example of an OBEX session where the - device information object is pulled from the cellular phone, - and a new object, the business card, is pushed into the - phone's directory. + Object Exchange (OBEX) is a widely + used protocol for simple file transfers between mobile + devices. Its main use is in infrared communication, where + it is used for generic file transfers between notebooks or + PDAs, and for sending business cards or + calendar entries between cellular phones and other devices + with Personal Information Manager (PIM) + applications. + + The OBEX server and client are + implemented by obexapp, which can + be installed using the comms/obexapp + package or port. + + The OBEX client is used to push + and/or pull objects from the OBEX server. + An example object is a business card or an appointment. + The OBEX client can obtain the + RFCOMM channel number from the remote + device via SDP. This can be done by + specifying the service name instead of the + RFCOMM channel number. Supported service + names are: IrMC, FTRN, + and OPUSH. It is also possible to + specify the RFCOMM channel as a number. + Below is an example of an OBEX session + where the device information object is pulled from the + cellular phone, and a new object, the business card, is + pushed into the phone's directory. - &prompt.user; obexapp -a 00:80:37:29:19:a4 -C IrMC + &prompt.user; obexapp -a 00:80:37:29:19:a4 -C IrMC obex> get telecom/devinfo.txt devinfo-t39.txt Success, response: OK, Success (0x20) obex> put new.vcf @@ -2752,72 +2759,70 @@ Success, response: OK, Success (0x20) obex> di Success, response: OK, Success (0x20) - In order to provide the OPUSH service, - &man.sdpd.8; must be running and a root folder, where all - incoming objects will be stored, must be created. The - default path to the root folder is - /var/spool/obex. Finally, start the - OBEX server on a valid - RFCOMM channel number. The - OBEX server will automatically register - the OPUSH service with the local - SDP daemon. The example below shows how - to start the OBEX server. - - &prompt.root; obexapp -s -C 10 - - - - Serial Port Profile (<acronym>SPP</acronym>) - - The Serial Port Profile (SPP) allows - Bluetooth devices to perform serial cable emulation. This - profile allows legacy applications to use Bluetooth as a - cable replacement, through a virtual serial port - abstraction. - - In &os;, &man.rfcomm.sppd.1; implements - SPP and a pseudo tty is used as a virtual - serial port abstraction. The example below shows how to - connect to a remote device's serial port service. A - RFCOMM channel does not have to be - specified as &man.rfcomm.sppd.1; can obtain it from the - remote device via SDP. To override this, - specify a RFCOMM channel on the command - line. + In order to provide the OPUSH + service, &man.sdpd.8; must be running and a root folder, + where all incoming objects will be stored, must be created. + The default path to the root folder is + /var/spool/obex. Finally, start the + OBEX server on a valid + RFCOMM channel number. The + OBEX server will automatically register + the OPUSH service with the local + SDP daemon. The example below shows how + to start the OBEX server. + + &prompt.root; obexapp -s -C 10 + + + + Serial Port Profile (<acronym>SPP</acronym>) + + The Serial Port Profile (SPP) allows + Bluetooth devices to perform serial cable emulation. This + profile allows legacy applications to use Bluetooth as a + cable replacement, through a virtual serial port + abstraction. + + In &os;, &man.rfcomm.sppd.1; implements + SPP and a pseudo tty is used as a virtual + serial port abstraction. The example below shows how to + connect to a remote device's serial port service. A + RFCOMM channel does not have to be + specified as &man.rfcomm.sppd.1; can obtain it from the + remote device via SDP. To override this, + specify a RFCOMM channel on the command + line. - &prompt.root; rfcomm_sppd -a 00:07:E0:00:0B:CA -t /dev/ttyp6 + &prompt.root; rfcomm_sppd -a 00:07:E0:00:0B:CA -t /dev/ttyp6 rfcomm_sppd[94692]: Starting on /dev/ttyp6... - Once connected, the pseudo tty can be used as serial - port: + Once connected, the pseudo tty can be used as serial + port: - &prompt.root; cu -l ttyp6 - - + &prompt.root; cu -l ttyp6 + + Troubleshooting - By default, when &os; is accepting a new - connection, it tries to perform a role switch and become - master. Some older Bluetooth devices which do not support role - switching will not be able - to connect. Since role switching is performed when a - new connection is being established, it is not possible - to ask the remote device if it supports role switching. - However, there is a HCI option to disable role - switching on the local side: - - &prompt.root; hccontrol -n ubt0hci write_node_role_switch 0 - - To display Bluetooth packets, use the third-party package - hcidump, which can be installed using the - comms/hcidump package or - port. This utility is similar to &man.tcpdump.1; and can - be used to display the contents of Bluetooth packets on - the terminal and to dump the Bluetooth packets to a - file. + By default, when &os; is accepting a new connection, it + tries to perform a role switch and become master. Some older + Bluetooth devices which do not support role switching will not + be able to connect. Since role switching is performed when a + new connection is being established, it is not possible to ask + the remote device if it supports role switching. However, + there is a HCI option to disable role + switching on the local side: + + &prompt.root; hccontrol -n ubt0hci write_node_role_switch 0 + + To display Bluetooth packets, use the third-party package + hcidump, which can be installed + using the comms/hcidump package or port. + This utility is similar to &man.tcpdump.1; and can be used to + display the contents of Bluetooth packets on the terminal and + to dump the Bluetooth packets to a file. From owner-svn-doc-all@FreeBSD.ORG Thu Mar 6 19:25:41 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 97BA6926; Thu, 6 Mar 2014 19:25:41 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 786DAECD; Thu, 6 Mar 2014 19:25:41 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s26JPfZw060983; Thu, 6 Mar 2014 19:25:41 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s26JPf59060982; Thu, 6 Mar 2014 19:25:41 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201403061925.s26JPf59060982@svn.freebsd.org> From: Remko Lodder Date: Thu, 6 Mar 2014 19:25:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44159 - translations/nl_NL.ISO8859-1/books/handbook/basics X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Thu, 06 Mar 2014 21:48:28 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Mar 2014 19:25:41 -0000 Author: remko Date: Thu Mar 6 19:25:41 2014 New Revision: 44159 URL: http://svnweb.freebsd.org/changeset/doc/44159 Log: Commit the work from today. This is still incomplete but getting in better shape every day now. Facilitated by: Snow B.V. Modified: translations/nl_NL.ISO8859-1/books/handbook/basics/chapter.xml Modified: translations/nl_NL.ISO8859-1/books/handbook/basics/chapter.xml ============================================================================== --- translations/nl_NL.ISO8859-1/books/handbook/basics/chapter.xml Thu Mar 6 19:16:24 2014 (r44158) +++ translations/nl_NL.ISO8859-1/books/handbook/basics/chapter.xml Thu Mar 6 19:25:41 2014 (r44159) @@ -1315,11 +1315,195 @@ passwd: done - stacksize - XXXX RL: 1247 + stacksize + + De maximale grootte die een proces op de + stack kan benutten + + stacksize + + + + gebruikers limiteren + stacksize + . + Dit alleen is niet voldoende om de hoeveelheid geheugen + die een applicatie mag gebruiken. Het wordt aangeraden + om deze beperking in combinatie met andere beperkingen + te gebruiken. + + + + + Er zijn een aantal belangrijke dingen om te onthouden + wanneer bron limieten worden ingesteld. Hieronder volgen + enkele algemene tips, suggesties en willekeurig + commentaar. + + + + Processen die gestart worden bij het opstarten van + het systeem door /etc/rc zijn + toegewezen aan de daemon login + klasse. + + + + Ondanks dat het /etc/login.conf + bestand welke met het systeem geleverd wordt een goede + bron is voor redelijke limieten voor de meeste zaken, + kan het zijn dat ze niet voor elk systeem het meest + optimaal zijn. Door een limiet te hoog in te stellen + kan deze mogelijk misbruikt worden, terwijl een te laag + ingestelde limiet mogelijk de productiviteit + verlaagd. + + + + Gebruikers van &xorg; + hebben waarschijnlijk meer bronnen nodig dan andere + gebruikers. &xorg; alleen + al veel bronnen in gebruik, maar bemoedigd ook het gebruik + van meerdere applicaties tegelijkertijd door + gebruikers. + + + + Veel limieten worden toegepast op individuele + processen en niet de gebruiker in totaal. Bijvoorbeeld + het zetten van openfiles naar 50, + betekend dat elk proces dat de gebruiker start maximaal + 50 bestanden mag openen. De totale hoeveelheid bestanden + die een gebruiker mag openen is de waarde van + openfiles vermenigvuldigd met de + waarde van maxproc. Dit is ook van + toepassing op geheugen gebruik. + + + + Voor meer informatie over bron limieten en login + klasses en mogelijkheden in het algemeen wordt verwezen + naar de &man.cap.mkdb.1;, &man.getrlimit.2; en + &man.login.conf.5; handleidingen. + + + + Groepen beheren + + + groups + + + + /etc/groups + + + accounts + groups + + Een groep is een lijst van gebruikers. Een groep wordt + geidentificeerd door zijn groepsnaam en + GID. In &os; gebruikt de kernel het + UID van een proces en de lijst van + bijbehorende groepen om te bepalen wat het proces mag doen. + Veelal is het zo dat het GID van een + gebruiker of proces, het de eerste groep uit de lijst + is. + + De koppeling tussen de groepsnaam en het + GID wordt gedaan in + /etc/group. Dit is een plat tekst + bestand met een vier velden gescheiden door een dubbele + punt. Het eerste veld is de groepsnaam, het tweede veld + is het versleutelde wachtwoord, het derde veld is het + GID en het vierde veld is een door + comma's gescheiden lijst van gebruikers. Voor een + complete beschrijving van de syntax wordt verwezen naar + de &man.group.5; handleiding. + + De superuser kan /etc/group + aanpassen in een tekst editor. Als alternatief kan + &man.pw.8; gebruikt worden om groepen toe te voegen + en te bewerken. Bijvoorbeeld om een groep toe te voegen + genaamd teamtwo + en daarna te bevestigen dat deze aangemaakt is: + + + Het toevoegen van een groep door middel van + &man.pw.8; + + &prompt.root; pw groupadd teamtwo +&prompt.root; pw groupshow teamtwo +teamtwo:*:1100: + + + In dit voorbeeld is 1100 het + GID van + teamtwo. Op + dit moment heeft + teamtwo geen + leden. Dit commando voegt + jru toe als lid + van teamtwo. + + + Toevoegen van gebruikers aan een nieuwe groep door + middel van &man.pw.8; + + &prompt.root; pw groupmod teamtwo -M jru +&prompt.root; pw groupshow teamtwo +teamtwo:*:1100:jru + + + Het argument van is een comma + gescheiden lijst van gebruikers die toegevoegd moeten + worden aan de (nieuwe) lijst of om de huidige lijst bij te + werken. Voor de gebruiker is dit groepslidmaatschap anders + dan zijn primaire groepslidmaatschap. Dit betekend dat de + gebruiker niet naar voren komt als lid van een groep wanneer + gebruikt wordt met &man.pw.8;, + maar wel naar voren komt als gebruik gemaakt wordt van + &man.id.1; of een soort gelijke tool. Wanneer &man.pw.8; + wordt gebruikt om een gebruiker toe te voegen aan een groep + wordt alleen /etc/group aangepast en + wordt er niet gekeken naar + /etc/passwd. + + + Toevoegen van een nieuwe gebruiker aan een groep door + middel van &man.pw.8; + + &prompt.root; pw groupmod teamtwo -m db +&prompt.root; pw groupshow teamtwo +teamtwo:*:1100:jru,db + + + In dit voorbeeld is het argument van + een comma gescheiden lijst van gebruikers welke toegevoegd + moeten worden aan de groep. In tegenstelling tot het + voorgaande commando worden deze gebruikers toegevoegd en wordt + de bestaande lijst niet aangepast. + + + Gebruik maken van &man.id.1; om groeplidmaatschappen + te bepalen. + + &prompt.user; id jru +uid=1001(jru) gid=1001(jru) groups=1001(jru), 1100(teamtwo) + + + In dit voorbeeld is + jru lid van de + groepen jru + enteamtwo. + + Voor meer informatie over dit commando en het formaat van + /etc/group wordt verwezen naar de + &man.pw.8; en &man.group.5.; handleidingen. + @@ -1327,6 +1511,12 @@ passwd: done UNIX + In &os; heeft elk bestand en directorie heeft een + geassocieerde set van permissies en diverse tools zijn + beschikbaar om om deze permissies in te zien en aan te passen. + Begrijpen hoe permissies werken zijn noodzakelijk om + XXXX REMKO 1427 + &os;, direct afgeleid van BSD &unix;, is gebaseerd op verschillende belangrijke &unix; concepten. Het meest bekende is dat &os; een multi-user systeem is. Het systeem kan meerdere From owner-svn-doc-all@FreeBSD.ORG Thu Mar 6 19:40:14 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BEA3975B; Thu, 6 Mar 2014 19:40:14 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 9F5FD102; Thu, 6 Mar 2014 19:40:14 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s26JeEp0065718; Thu, 6 Mar 2014 19:40:14 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s26JeEqp065717; Thu, 6 Mar 2014 19:40:14 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403061940.s26JeEqp065717@svn.freebsd.org> From: Dru Lavigne Date: Thu, 6 Mar 2014 19:40:14 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44160 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Mar 2014 19:40:14 -0000 Author: dru Date: Thu Mar 6 19:40:14 2014 New Revision: 44160 URL: http://svnweb.freebsd.org/changeset/doc/44160 Log: Initial prep work for bridging chapter. More commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Mar 6 19:25:41 2014 (r44159) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Mar 6 19:40:14 2014 (r44160) @@ -2841,9 +2841,6 @@ rfcomm_sppd[94692]: Starting on /dev/tty - - Introduction - IP subnet @@ -2867,17 +2864,13 @@ rfcomm_sppd[94692]: Starting on /dev/tty In many respects, a bridge is like an Ethernet switch with very few ports. - - - Situations Where Bridging Is Appropriate - - There are many common situations in which a bridge is used - today. - - - Connecting Networks + Bridging may be appropriate in the following situaitons: + + + Connecting Networks + The basic operation of a bridge is to join two or more network segments together. There are many reasons to use a host based bridge over plain networking equipment such as @@ -2885,18 +2878,12 @@ rfcomm_sppd[94692]: Starting on /dev/tty networks such as a virtual machine interface. A bridge can also connect a wireless interface running in hostap mode to a wired network and act as an access point. - - - - Filtering/Traffic Shaping Firewall - - - firewall - - - NAT - + + + + Filtering/Traffic Shaping Firewall + A common situation is where firewall functionality is needed without routing or Network Address Translation (NAT). @@ -2923,30 +2910,33 @@ rfcomm_sppd[94692]: Starting on /dev/tty into the path just downstream of the DSL or ISDN router without any IP numbering issues. - - - - Network Tap + + + + Network Tap + A bridge can join two network segments and be used to inspect all Ethernet frames that pass between them using &man.bpf.4; and &man.tcpdump.1; on the bridge interface or by sending a copy of all frames out an additional interface known as a span port. - - - - Layer 2 <acronym>VPN</acronym> + + + + Layer 2 VPN + Two Ethernet networks can be joined across an IP link by bridging the networks to an EtherIP tunnel or a &man.tap.4; based solution such as OpenVPN. - - - - Layer 2 Redundancy + + + + Layer 2 Redundancy + A network can be connected together with multiple links and use the Spanning Tree Protocol STP to block redundant paths. For an Ethernet network to @@ -2957,11 +2947,9 @@ rfcomm_sppd[94692]: Starting on /dev/tty calculate a different tree and enable one of the blocked paths to restore connectivity to all points in the network. - - - - - Kernel Configuration + + + This section covers the &man.if.bridge.4; implementation. A netgraph bridging driver is also available, and is described @@ -2979,7 +2967,6 @@ rfcomm_sppd[94692]: Starting on /dev/tty The bridge can be used as a traffic shaper with &man.altq.4; or &man.dummynet.4;. - Enabling the Bridge @@ -3034,15 +3021,8 @@ ifconfig_fxp1="up" It is also possible to assign an IPv6 address to a bridge interface. - - - - Firewalling - - - firewall - + When packet filtering is enabled, bridged packets will pass through the filter inbound on the originating interface on the bridge interface, and outbound on the appropriate @@ -3054,6 +3034,7 @@ ifconfig_fxp1="up" non-IP and IP packets, and layer2 firewalling with &man.ipfw.8;. See &man.if.bridge.4; for more information. + @@ -3117,13 +3098,19 @@ bridge0: flags=8843<UP,BROADCAST,RUNN 400000 from this bridge. The path to the root bridge is via port 4 which is fxp0. + + + A private interface does not forward any traffic to any + other port that is also a private interface. The traffic is + blocked unconditionally so no Ethernet frames will be + forwarded, including ARP. If traffic + needs to be selectively blocked, a firewall should be used + instead. + - Advanced Bridging - - - Reconstruct Traffic Flows + Reconstructing Traffic Flows The bridge supports monitor mode, where the packets are discarded after &man.bpf.4; processing and are not @@ -3138,9 +3125,9 @@ bridge0: flags=8843<UP,BROADCAST,RUNN &prompt.root; ifconfig bridge0 addm fxp0 addm fxp1 addm fxp2 addm fxp3 monitor up &prompt.root; tcpdump -i bridge0 - + - + Span Ports A copy of every Ethernet frame received by the bridge @@ -3155,20 +3142,9 @@ bridge0: flags=8843<UP,BROADCAST,RUNN fxp4: &prompt.root; ifconfig bridge0 span fxp4 - - - - Private Interfaces - - A private interface does not forward any traffic to any - other port that is also a private interface. The traffic is - blocked unconditionally so no Ethernet frames will be - forwarded, including ARP. If traffic - needs to be selectively blocked, a firewall should be used - instead. - + - + Sticky Interfaces If a bridge member interface is marked as sticky, @@ -3209,9 +3185,9 @@ bridge0: flags=8843<UP,BROADCAST,RUNN The customers are completely isolated from each other and the full /24 address range can be allocated without subnetting. - + - + Address Limits The number of unique source MAC @@ -3226,9 +3202,9 @@ bridge0: flags=8843<UP,BROADCAST,RUNN vlan100 to 10: &prompt.root; ifconfig bridge0 ifmaxaddr vlan100 10 - + - + <acronym>SNMP</acronym> Monitoring The bridge interface and STP @@ -3314,7 +3290,6 @@ BEGEMOT-BRIDGE-MIB::begemotBridgeStpDesi &prompt.user; snmpset -v 2c -c private bridge1.example.com BEGEMOT-BRIDGE-MIB::begemotBridgeDefaultBridgeIf.0 s bridge2 - From owner-svn-doc-all@FreeBSD.ORG Thu Mar 6 22:58:57 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2594C8D1; Thu, 6 Mar 2014 22:58:57 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 061B0887; Thu, 6 Mar 2014 22:58:57 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s26MwukK047750; Thu, 6 Mar 2014 22:58:56 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s26Mwu8G047749; Thu, 6 Mar 2014 22:58:56 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403062258.s26Mwu8G047749@svn.freebsd.org> From: Glen Barber Date: Thu, 6 Mar 2014 22:58:56 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44161 - head/en_US.ISO8859-1/htdocs/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Mar 2014 22:58:57 -0000 Author: gjb Date: Thu Mar 6 22:58:56 2014 New Revision: 44161 URL: http://svnweb.freebsd.org/changeset/doc/44161 Log: Chase after r42777, and use the svn-style branch naming convention. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/security/unsupported.xml Modified: head/en_US.ISO8859-1/htdocs/security/unsupported.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/security/unsupported.xml Thu Mar 6 19:40:14 2014 (r44160) +++ head/en_US.ISO8859-1/htdocs/security/unsupported.xml Thu Mar 6 22:58:56 2014 (r44161) @@ -26,154 +26,154 @@ EoL - RELENG_4 + stable/4 n/a n/a n/a January 31, 2007 - RELENG_4_11 + releng/4.11 4.11-RELEASE Extended January 25, 2005 January 31, 2007 - RELENG_5 + stable/5 n/a n/a n/a May 31, 2008 - RELENG_5_3 + releng/5.3 5.3-RELEASE Extended November 6, 2004 October 31, 2006 - RELENG_5_4 + releng/5.4 5.4-RELEASE Normal May 9, 2005 October 31, 2006 - RELENG_5_5 + releng/5.5 5.5-RELEASE Extended May 25, 2006 May 31, 2008 - RELENG_6 + stable/6 n/a n/a n/a November 30, 2010 - RELENG_6_0 + releng/6.0 6.0-RELEASE Normal November 4, 2005 January 31, 2007 - RELENG_6_1 + releng/6.1 6.1-RELEASE Extended May 9, 2006 May 31, 2008 - RELENG_6_2 + releng/6.2 6.2-RELEASE Normal January 15, 2007 May 31, 2008 - RELENG_6_3 + releng/6.3 6.3-RELEASE Extended January 18, 2008 January 31, 2010 - RELENG_6_4 + releng/6.4 6.4-RELEASE Extended November 28, 2008 November 30, 2010 - RELENG_7 + stable/7 n/a n/a n/a February 28, 2013 - RELENG_7_0 + releng/7.0 7.0-RELEASE Normal February 27, 2008 April 30, 2009 - RELENG_7_1 + releng/7.1 7.1-RELEASE Extended January 4, 2009 February 28, 2011 - RELENG_7_2 + releng/7.2 7.2-RELEASE Normal May 4, 2009 June 30, 2010 - RELENG_7_3 + releng/7.3 7.3-RELEASE Extended March 23, 2010 March 31, 2012 - RELENG_7_4 + releng/7.4 7.4-RELEASE Extended February 24, 2011 February 28, 2013 - RELENG_8_0 + releng/8.0 8.0-RELEASE Normal November 25, 2009 November 30, 2010 - RELENG_8_1 + releng/8.1 8.1-RELEASE Extended July 23, 2010 July 31, 2012 - RELENG_8_2 + releng/8.2 8.2-RELEASE Normal February 24, 2011 July 31, 2012 - RELENG_9_0 + releng/9.0 9.0-RELEASE Normal January 10, 2012 From owner-svn-doc-all@FreeBSD.ORG Thu Mar 6 23:00:14 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2FE87987; Thu, 6 Mar 2014 23:00:14 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 1BE62893; Thu, 6 Mar 2014 23:00:14 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s26N0E47048133; Thu, 6 Mar 2014 23:00:14 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s26N0E65048132; Thu, 6 Mar 2014 23:00:14 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403062300.s26N0E65048132@svn.freebsd.org> From: Dru Lavigne Date: Thu, 6 Mar 2014 23:00:14 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44162 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Mar 2014 23:00:14 -0000 Author: dru Date: Thu Mar 6 23:00:13 2014 New Revision: 44162 URL: http://svnweb.freebsd.org/changeset/doc/44162 Log: Editorial pass through the bridging chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Mar 6 22:58:56 2014 (r44161) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Mar 6 23:00:13 2014 (r44162) @@ -2848,34 +2848,31 @@ rfcomm_sppd[94692]: Starting on /dev/tty bridge - It is sometimes useful to divide one physical network, - such as an Ethernet segment, into two separate network + It is sometimes useful to divide a network, + such as an Ethernet segment, into network segments without having to create IP subnets and use a router to connect the segments together. A device that connects two networks together in this fashion - is called a bridge. A &os; system with two - network interface cards can act as a bridge. + is called a bridge. - The bridge works by learning the MAC - layer (Ethernet) addresses of the devices on each of its - network interfaces. It forwards traffic between two networks - only when the source and destination are on different - networks. + A bridge works by learning the MAC + addresses of the devices on each of its + network interfaces. It forwards traffic between networks + only when the source and destination MAC addresses are on different + networks. In many respects, a bridge is like an Ethernet switch with + very few ports. A &os; system with multiple + network interfaces can be configured to act as a bridge. - In many respects, a bridge is like an Ethernet switch with - very few ports. - - Bridging may be appropriate in the following situaitons: + Bridging can be useful in the following situations: Connecting Networks The basic operation of a bridge is to join two or more - network segments together. There are many reasons to use a - host based bridge over plain networking equipment such as - cabling constraints, firewalling, or connecting pseudo - networks such as a virtual machine interface. A bridge can + network segments. There are many reasons to use a + host-based bridge instead of networking equipment, such as + cabling constraints or firewalling. A bridge can also connect a wireless interface running in hostap mode to a wired network and act as an access point. @@ -2884,39 +2881,25 @@ rfcomm_sppd[94692]: Starting on /dev/tty Filtering/Traffic Shaping Firewall - A common situation is where firewall functionality is + A bridge can be used when firewall functionality is needed without routing or Network Address Translation (NAT). An example is a small company that is connected via DSL or ISDN to an ISP. - There are thirteen globally-accessible IP + There are thirteen public IP addresses from the ISP and ten computers on the network. In this situation, using a router-based - firewall is difficult because of subnetting issues. - - - router - - - DSL - - - ISDN - - - A bridge-based firewall can be configured and dropped - into the path just downstream of the DSL - or ISDN router without any - IP numbering issues. + firewall is difficult because of subnetting issues. A bridge-based firewall can be configured without any + IP addressing issues. Network Tap - A bridge can join two network segments and be used to + A bridge can join two network segments in order to inspect all Ethernet frames that pass between them using &man.bpf.4; and &man.tcpdump.1; on the bridge interface or by sending a copy of all frames out an additional interface @@ -2938,41 +2921,34 @@ rfcomm_sppd[94692]: Starting on /dev/tty Layer 2 Redundancy A network can be connected together with multiple links - and use the Spanning Tree Protocol STP - to block redundant paths. For an Ethernet network to - function properly, only one active path can exist between - two devices. STP will detect loops and - put the redundant links into a blocked state. Should one - of the active links fail, STP will - calculate a different tree and enable one of the blocked - paths to restore connectivity to all points in the - network. + and use the Spanning Tree Protocol (STP) + to block redundant paths. - This section covers the &man.if.bridge.4; implementation. + This section describes how to configure a &os; system as a + bridge using &man.if.bridge.4;. A netgraph bridging driver is also available, and is described in &man.ng.bridge.4;. - In &os;, &man.if.bridge.4; is a kernel module which is - automatically loaded by &man.ifconfig.8; when creating a - bridge interface. It is also possible to compile the bridge - in to the kernel by adding device if_bridge - to a custom kernel configuration file. - + Packet filtering can be used with any firewall package - that hooks in via the &man.pfil.9; framework. The firewall - can be loaded as a module or compiled into the kernel. - - The bridge can be used as a traffic shaper with + that hooks into the &man.pfil.9; framework. The bridge can be used as a traffic shaper with &man.altq.4; or &man.dummynet.4;. + Enabling the Bridge + In &os;, &man.if.bridge.4; is a kernel module which is + automatically loaded by &man.ifconfig.8; when creating a + bridge interface. It is also possible to compile bridge support + into a custom kernel by adding device if_bridge + to the custom kernel configuration file. + The bridge is created using interface cloning. To create - a bridge use &man.ifconfig.8;: + the bridge interface: &prompt.root; ifconfig bridge create bridge0 @@ -2992,7 +2968,7 @@ bridge0: flags=8802<BROADCAST,SIMPLEX The other parameters control how STP operates. - Next, add the member network interfaces to the bridge. + Next, specify which network interfaces to add as members of the bridge. For the bridge to forward packets, all member interfaces and the bridge need to be up: @@ -3000,7 +2976,7 @@ bridge0: flags=8802<BROADCAST,SIMPLEX &prompt.root; ifconfig fxp0 up &prompt.root; ifconfig fxp1 up - The bridge is now forwarding Ethernet frames between + The bridge can now forward Ethernet frames between fxp0 and fxp1. Add the following lines to /etc/rc.conf so the bridge is created @@ -3012,17 +2988,20 @@ ifconfig_fxp0="up" ifconfig_fxp1="up" If the bridge host needs an IP - address, the correct place to set this is on the bridge - interface itself rather than one of the member interfaces. - This can be set statically or via - DHCP: + address, set it on the bridge + interface, not on the member interfaces. + The address can be set statically or via + DHCP. This example sets a static + IP address: &prompt.root; ifconfig bridge0 inet 192.168.0.1/24 It is also possible to assign an IPv6 - address to a bridge interface. + address to a bridge interface. To make the changes permanent, + add the addressing information to + /etc/rc.conf. - + When packet filtering is enabled, bridged packets will pass through the filter inbound on the originating interface on the bridge interface, and outbound on the appropriate @@ -3038,16 +3017,24 @@ ifconfig_fxp1="up" - Spanning Tree + Enabling Spanning Tree + + For an Ethernet network to + function properly, only one active path can exist between + two devices. The STP protocol detects loops and + puts redundant links into a blocked state. Should one + of the active links fail, STP + calculates a different tree and enables one of the blocked + paths to restore connectivity to all points in the + network. - The bridge driver implements the Rapid Spanning Tree - Protocol (RSTP or 802.1w) with backwards + The Rapid Spanning Tree + Protocol (RSTP or 802.1w) provides backwards compatibility with legacy STP. - STP is used to detect and remove loops - in a network topology. RSTP provides - faster convergence than legacy STP, the - protocol will exchange information with neighboring switches - to quickly transition to forwarding without creating loops. + RSTP provides + faster convergence and + exchanges information with neighboring switches + to quickly transition to forwarding mode without creating loops. &os; supports RSTP and STP as operating modes, with RSTP being the default mode. @@ -3098,74 +3085,67 @@ bridge0: flags=8843<UP,BROADCAST,RUNN 400000 from this bridge. The path to the root bridge is via port 4 which is fxp0. + - + + Bridge Interface Parameters + + Several ifconfig parameters are unique + to bridge interfaces. This section summarizes some common + uses for these parameters. The complete list of available parameters is + described in &man.ifconfig.8;. + + + + private + A private interface does not forward any traffic to any - other port that is also a private interface. The traffic is + other port that is also designated as a private interface. The traffic is blocked unconditionally so no Ethernet frames will be - forwarded, including ARP. If traffic + forwarded, including ARP packets. If traffic needs to be selectively blocked, a firewall should be used instead. - - - - - Reconstructing Traffic Flows - - The bridge supports monitor mode, where the packets are - discarded after &man.bpf.4; processing and are not - processed or forwarded further. This can be used to - multiplex the input of two or more interfaces into a single - &man.bpf.4; stream. This is useful for reconstructing the - traffic for network taps that transmit the RX/TX signals out - through two separate interfaces. - - To read the input from four network interfaces as one - stream: - - &prompt.root; ifconfig bridge0 addm fxp0 addm fxp1 addm fxp2 addm fxp3 monitor up -&prompt.root; tcpdump -i bridge0 - - - - Span Ports + + - A copy of every Ethernet frame received by the bridge - will be transmitted out a designated span port. The number + + span + + A span port transmits a copy of every Ethernet frame received by the bridge. + The number of span ports configured on a bridge is unlimited, but if an interface is designated as a span port, it cannot also be used as a regular bridge port. This is most useful for snooping a bridged network passively on another host - connected to one of the span ports of the bridge. - - To send a copy of all frames out the interface named + connected to one of the span ports of the bridge. For + example, to send a copy of all frames out the interface named fxp4: &prompt.root; ifconfig bridge0 span fxp4 - - - - Sticky Interfaces + + + + sticky + If a bridge member interface is marked as sticky, dynamically learned address entries are treated at static - once entered into the forwarding cache. Sticky entries are + entries in the forwarding cache. Sticky entries are never aged out of the cache or replaced, even if the address is seen on a different interface. This gives the benefit of static address entries without the need to pre-populate the forwarding table. Clients learned on a particular segment of the bridge can not roam to another segment. - Another example of using sticky addresses is to combine - the bridge with VLANs to create a router - where customer networks are isolated without wasting + An example of using sticky addresses is to combine + the bridge with VLANs in order to isolate + customer networks without wasting IP address space. Consider that CustomerA is - on vlan100 and vlan100, CustomerB is on - vlan101. The bridge has the address - 192.168.0.1 and - is also an Internet router. + vlan101, and the bridge has the address + 192.168.0.1: &prompt.root; ifconfig bridge0 addm vlan100 sticky vlan100 addm vlan101 sticky vlan101 &prompt.root; ifconfig bridge0 inet 192.168.0.1/24 @@ -3185,10 +3165,6 @@ bridge0: flags=8843<UP,BROADCAST,RUNN The customers are completely isolated from each other and the full /24 address range can be allocated without subnetting. - - - - Address Limits The number of unique source MAC addresses behind an interface can be limited. Once the @@ -3202,7 +3178,23 @@ bridge0: flags=8843<UP,BROADCAST,RUNN vlan100 to 10: &prompt.root; ifconfig bridge0 ifmaxaddr vlan100 10 - + + + + + Bridge interfaces also support monitor mode, where the packets are + discarded after &man.bpf.4; processing and are not + processed or forwarded further. This can be used to + multiplex the input of two or more interfaces into a single + &man.bpf.4; stream. This is useful for reconstructing the + traffic for network taps that transmit the RX/TX signals out + through two separate interfaces. For example, + to read the input from four network interfaces as one + stream: + + &prompt.root; ifconfig bridge0 addm fxp0 addm fxp1 addm fxp2 addm fxp3 monitor up +&prompt.root; tcpdump -i bridge0 + <acronym>SNMP</acronym> Monitoring @@ -3210,19 +3202,30 @@ bridge0: flags=8843<UP,BROADCAST,RUNN The bridge interface and STP parameters can be monitored via &man.bsnmpd.1; which is included in the &os; base system. The exported bridge - MIBs conform to the + MIBs conform to IETF standards so any SNMP client or monitoring package can be used to retrieve the data. - On the bridge, uncomment the - begemotSnmpdModulePath."bridge" = - "/usr/lib/snmp_bridge.so" line from - /etc/snmp.config and start - &man.bsnmpd.1;. Other configuration, such as community - names and access lists, may need to be modified. See + To enable monitoring on the bridge, uncomment this + line in + /etc/snmp.config by removing the + beginning # symbol: + + begemotSnmpdModulePath."bridge" = "/usr/lib/snmp_bridge.so" + + Other configuration settings, such as community + names and access lists, may need to be modified in this file. See &man.bsnmpd.1; and &man.snmp.bridge.3; for more - information. + information. Once these edits are saved, add this line to + /etc/rc.conf: + + bsnmpd_enable="YES" + + Then, start + &man.bsnmpd.1;: + + &prompt.root; service bsnmpd start The following examples use the Net-SNMP software From owner-svn-doc-all@FreeBSD.ORG Thu Mar 6 23:27:25 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 99612279; Thu, 6 Mar 2014 23:27:25 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 84CB2AC8; Thu, 6 Mar 2014 23:27:25 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s26NRPaQ060189; Thu, 6 Mar 2014 23:27:25 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s26NRPvO060188; Thu, 6 Mar 2014 23:27:25 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403062327.s26NRPvO060188@svn.freebsd.org> From: Dru Lavigne Date: Thu, 6 Mar 2014 23:27:25 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44163 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Mar 2014 23:27:25 -0000 Author: dru Date: Thu Mar 6 23:27:25 2014 New Revision: 44163 URL: http://svnweb.freebsd.org/changeset/doc/44163 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Mar 6 23:00:13 2014 (r44162) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Mar 6 23:27:25 2014 (r44163) @@ -2848,104 +2848,106 @@ rfcomm_sppd[94692]: Starting on /dev/tty bridge - It is sometimes useful to divide a network, - such as an Ethernet segment, into network - segments without having to create IP - subnets and use a router to connect the segments together. - A device that connects two networks together in this fashion - is called a bridge. - - A bridge works by learning the MAC - addresses of the devices on each of its - network interfaces. It forwards traffic between networks - only when the source and destination MAC addresses are on different - networks. In many respects, a bridge is like an Ethernet switch with - very few ports. A &os; system with multiple - network interfaces can be configured to act as a bridge. + It is sometimes useful to divide a network, such as an + Ethernet segment, into network segments without having to + create IP subnets and use a router to connect + the segments together. A device that connects two networks + together in this fashion is called a + bridge. + + A bridge works by learning the MAC + addresses of the devices on each of its network interfaces. It + forwards traffic between networks only when the source and + destination MAC addresses are on different + networks. In many respects, a bridge is like an Ethernet switch + with very few ports. A &os; system with multiple network + interfaces can be configured to act as a bridge. - Bridging can be useful in the following situations: + Bridging can be useful in the following situations: - - + + Connecting Networks - The basic operation of a bridge is to join two or more - network segments. There are many reasons to use a - host-based bridge instead of networking equipment, such as - cabling constraints or firewalling. A bridge can - also connect a wireless interface running in hostap mode to - a wired network and act as an access point. - - + The basic operation of a bridge is to join two or more + network segments. There are many reasons to use a + host-based bridge instead of networking equipment, such as + cabling constraints or firewalling. A bridge can also + connect a wireless interface running in hostap mode to a + wired network and act as an access point. + + - + Filtering/Traffic Shaping Firewall - A bridge can be used when firewall functionality is - needed without routing or Network Address Translation - (NAT). - - An example is a small company that is connected via - DSL - or ISDN to an ISP. - There are thirteen public IP - addresses from the ISP and ten computers - on the network. In this situation, using a router-based - firewall is difficult because of subnetting issues. A bridge-based firewall can be configured without any - IP addressing issues. - - + A bridge can be used when firewall functionality is + needed without routing or Network Address Translation + (NAT). + + An example is a small company that is connected via + DSL or ISDN to an + ISP. There are thirteen public + IP addresses from the + ISP and ten computers on the network. + In this situation, using a router-based firewall is + difficult because of subnetting issues. A bridge-based + firewall can be configured without any + IP addressing issues. + + Network Tap - A bridge can join two network segments in order to - inspect all Ethernet frames that pass between them using - &man.bpf.4; and &man.tcpdump.1; on the bridge interface or - by sending a copy of all frames out an additional interface - known as a span port. - - + A bridge can join two network segments in order to + inspect all Ethernet frames that pass between them using + &man.bpf.4; and &man.tcpdump.1; on the bridge interface or + by sending a copy of all frames out an additional + interface known as a span port. + + Layer 2 VPN - Two Ethernet networks can be joined across an - IP link by bridging the networks to an - EtherIP tunnel or a &man.tap.4; based solution such as - OpenVPN. - - + Two Ethernet networks can be joined across an + IP link by bridging the networks to an + EtherIP tunnel or a &man.tap.4; based solution such as + OpenVPN. + + Layer 2 Redundancy - A network can be connected together with multiple links - and use the Spanning Tree Protocol (STP) - to block redundant paths. - - - + A network can be connected together with multiple + links and use the Spanning Tree Protocol + (STP) to block redundant paths. + + + - This section describes how to configure a &os; system as a - bridge using &man.if.bridge.4;. - A netgraph bridging driver is also available, and is described - in &man.ng.bridge.4;. + This section describes how to configure a &os; system as a + bridge using &man.if.bridge.4;. A netgraph bridging driver is + also available, and is described in &man.ng.bridge.4;. - + Packet filtering can be used with any firewall package - that hooks into the &man.pfil.9; framework. The bridge can be used as a traffic shaper with - &man.altq.4; or &man.dummynet.4;. - + that hooks into the &man.pfil.9; framework. The bridge can be + used as a traffic shaper with &man.altq.4; or + &man.dummynet.4;. + Enabling the Bridge In &os;, &man.if.bridge.4; is a kernel module which is automatically loaded by &man.ifconfig.8; when creating a - bridge interface. It is also possible to compile bridge support - into a custom kernel by adding device if_bridge - to the custom kernel configuration file. + bridge interface. It is also possible to compile bridge + support into a custom kernel by adding + device if_bridge to the custom kernel + configuration file. The bridge is created using interface cloning. To create the bridge interface: @@ -2968,19 +2970,18 @@ bridge0: flags=8802<BROADCAST,SIMPLEX The other parameters control how STP operates. - Next, specify which network interfaces to add as members of the bridge. - For the bridge to forward packets, all member interfaces and - the bridge need to be up: + Next, specify which network interfaces to add as members + of the bridge. For the bridge to forward packets, all member + interfaces and the bridge need to be up: &prompt.root; ifconfig bridge0 addm fxp0 addm fxp1 up &prompt.root; ifconfig fxp0 up &prompt.root; ifconfig fxp1 up The bridge can now forward Ethernet frames between - fxp0 and - fxp1. Add the following lines to - /etc/rc.conf so the bridge is created - at startup: + fxp0 and fxp1. Add + the following lines to /etc/rc.conf so + the bridge is created at startup: cloned_interfaces="bridge0" ifconfig_bridge0="addm fxp0 addm fxp1 up" @@ -2988,9 +2989,8 @@ ifconfig_fxp0="up" ifconfig_fxp1="up" If the bridge host needs an IP - address, set it on the bridge - interface, not on the member interfaces. - The address can be set statically or via + address, set it on the bridge interface, not on the member + interfaces. The address can be set statically or via DHCP. This example sets a static IP address: @@ -3002,48 +3002,44 @@ ifconfig_fxp1="up" /etc/rc.conf. - When packet filtering is enabled, bridged packets will - pass through the filter inbound on the originating interface - on the bridge interface, and outbound on the appropriate - interfaces. Either stage can be disabled. When direction of - the packet flow is important, it is best to firewall on the - member interfaces rather than the bridge itself. - - The bridge has several configurable settings for passing - non-IP and IP packets, - and layer2 firewalling with &man.ipfw.8;. See - &man.if.bridge.4; for more information. + When packet filtering is enabled, bridged packets will + pass through the filter inbound on the originating interface + on the bridge interface, and outbound on the appropriate + interfaces. Either stage can be disabled. When direction + of the packet flow is important, it is best to firewall on + the member interfaces rather than the bridge itself. + + The bridge has several configurable settings for passing + non-IP and IP packets, + and layer2 firewalling with &man.ipfw.8;. See + &man.if.bridge.4; for more information. Enabling Spanning Tree - For an Ethernet network to - function properly, only one active path can exist between - two devices. The STP protocol detects loops and - puts redundant links into a blocked state. Should one - of the active links fail, STP - calculates a different tree and enables one of the blocked - paths to restore connectivity to all points in the - network. - - The Rapid Spanning Tree - Protocol (RSTP or 802.1w) provides backwards - compatibility with legacy STP. - RSTP provides - faster convergence and - exchanges information with neighboring switches - to quickly transition to forwarding mode without creating loops. - &os; supports RSTP and + For an Ethernet network to function properly, only one + active path can exist between two devices. The + STP protocol detects loops and puts + redundant links into a blocked state. Should one of the + active links fail, STP calculates a + different tree and enables one of the blocked paths to restore + connectivity to all points in the network. + + The Rapid Spanning Tree Protocol (RSTP + or 802.1w) provides backwards compatibility with legacy + STP. RSTP provides + faster convergence and exchanges information with neighboring + switches to quickly transition to forwarding mode without + creating loops. &os; supports RSTP and STP as operating modes, with RSTP being the default mode. STP can be enabled on member interfaces using &man.ifconfig.8;. For a bridge with - fxp0 and - fxp1 as the current interfaces, - enable STP with: + fxp0 and fxp1 as the + current interfaces, enable STP with: &prompt.root; ifconfig bridge0 stp fxp0 stp fxp1 bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 @@ -3088,163 +3084,163 @@ bridge0: flags=8843<UP,BROADCAST,RUNN - Bridge Interface Parameters + Bridge Interface Parameters - Several ifconfig parameters are unique - to bridge interfaces. This section summarizes some common - uses for these parameters. The complete list of available parameters is - described in &man.ifconfig.8;. - - - - private - - A private interface does not forward any traffic to any - other port that is also designated as a private interface. The traffic is - blocked unconditionally so no Ethernet frames will be - forwarded, including ARP packets. If traffic - needs to be selectively blocked, a firewall should be used - instead. - - + Several ifconfig parameters are unique + to bridge interfaces. This section summarizes some common + uses for these parameters. The complete list of available + parameters is described in &man.ifconfig.8;. - - span - - A span port transmits a copy of every Ethernet frame received by the bridge. - The number - of span ports configured on a bridge is unlimited, but if an - interface is designated as a span port, it cannot also be - used as a regular bridge port. This is most useful for - snooping a bridged network passively on another host - connected to one of the span ports of the bridge. For - example, to send a copy of all frames out the interface named - fxp4: + + + private + + A private interface does not forward any traffic to + any other port that is also designated as a private + interface. The traffic is blocked unconditionally so no + Ethernet frames will be forwarded, including + ARP packets. If traffic needs to be + selectively blocked, a firewall should be used + instead. + + - &prompt.root; ifconfig bridge0 span fxp4 - - + + span + + A span port transmits a copy of every Ethernet frame + received by the bridge. The number of span ports + configured on a bridge is unlimited, but if an + interface is designated as a span port, it cannot also + be used as a regular bridge port. This is most useful + for snooping a bridged network passively on another host + connected to one of the span ports of the bridge. For + example, to send a copy of all frames out the interface + named fxp4: + + &prompt.root; ifconfig bridge0 span fxp4 + + - - sticky - - If a bridge member interface is marked as sticky, - dynamically learned address entries are treated at static - entries in the forwarding cache. Sticky entries are - never aged out of the cache or replaced, even if the address - is seen on a different interface. This gives the benefit of - static address entries without the need to pre-populate the - forwarding table. Clients learned on a particular segment - of the bridge can not roam to another segment. - - An example of using sticky addresses is to combine - the bridge with VLANs in order to isolate - customer networks without wasting - IP address space. Consider that - CustomerA is - on vlan100, CustomerB is on - vlan101, and the bridge has the address - 192.168.0.1: + + sticky + + If a bridge member interface is marked as sticky, + dynamically learned address entries are treated at + static entries in the forwarding cache. Sticky entries + are never aged out of the cache or replaced, even if the + address is seen on a different interface. This gives + the benefit of static address entries without the need + to pre-populate the forwarding table. Clients learned + on a particular segment of the bridge can not roam to + another segment. + + An example of using sticky addresses is to combine + the bridge with VLANs in order to + isolate customer networks without wasting + IP address space. Consider that + CustomerA + is on vlan100, CustomerB is on + vlan101, and the bridge has the + address 192.168.0.1: - &prompt.root; ifconfig bridge0 addm vlan100 sticky vlan100 addm vlan101 sticky vlan101 + &prompt.root; ifconfig bridge0 addm vlan100 sticky vlan100 addm vlan101 sticky vlan101 &prompt.root; ifconfig bridge0 inet 192.168.0.1/24 - In this example, both clients see 192.168.0.1 as their - default gateway. Since the bridge cache is sticky, one host - can not spoof the MAC address of the - other customer in order to intercept their traffic. - - Any communication between the VLANs - can be blocked using a firewall or, as seen in this example, - private interfaces: - - &prompt.root; ifconfig bridge0 private vlan100 private vlan101 - - The customers are completely isolated from each other - and the full /24 - address range can be allocated without subnetting. - - The number of unique source MAC - addresses behind an interface can be limited. Once the - limit is reached, packets with unknown source addresses - are dropped until an existing host cache entry expires or - is removed. - - The following example sets the maximum number of - Ethernet devices for CustomerA on - vlan100 to 10: + In this example, both clients see 192.168.0.1 as their + default gateway. Since the bridge cache is sticky, one + host can not spoof the MAC address of + the other customer in order to intercept their + traffic. + + Any communication between the + VLANs can be blocked using a firewall + or, as seen in this example, private interfaces: + + &prompt.root; ifconfig bridge0 private vlan100 private vlan101 + + The customers are completely isolated from each + other and the full /24 address range can be + allocated without subnetting. + + The number of unique source MAC + addresses behind an interface can be limited. Once the + limit is reached, packets with unknown source addresses + are dropped until an existing host cache entry expires + or is removed. + + The following example sets the maximum number of + Ethernet devices for CustomerA on + vlan100 to 10: + + &prompt.root; ifconfig bridge0 ifmaxaddr vlan100 10 + + + + + Bridge interfaces also support monitor mode, where the + packets are discarded after &man.bpf.4; processing and are not + processed or forwarded further. This can be used to + multiplex the input of two or more interfaces into a single + &man.bpf.4; stream. This is useful for reconstructing the + traffic for network taps that transmit the RX/TX signals out + through two separate interfaces. For example, to read the + input from four network interfaces as one stream: - &prompt.root; ifconfig bridge0 ifmaxaddr vlan100 10 - - - - - Bridge interfaces also support monitor mode, where the packets are - discarded after &man.bpf.4; processing and are not - processed or forwarded further. This can be used to - multiplex the input of two or more interfaces into a single - &man.bpf.4; stream. This is useful for reconstructing the - traffic for network taps that transmit the RX/TX signals out - through two separate interfaces. For example, - to read the input from four network interfaces as one - stream: - - &prompt.root; ifconfig bridge0 addm fxp0 addm fxp1 addm fxp2 addm fxp3 monitor up -&prompt.root; tcpdump -i bridge0 - + &prompt.root; ifconfig bridge0 addm fxp0 addm fxp1 addm fxp2 addm fxp3 monitor up +&prompt.root; tcpdump -i bridge0 + - - <acronym>SNMP</acronym> Monitoring + + <acronym>SNMP</acronym> Monitoring - The bridge interface and STP - parameters can be monitored via &man.bsnmpd.1; which is - included in the &os; base system. The exported bridge - MIBs conform to - IETF standards so any - SNMP client or monitoring package can be - used to retrieve the data. - - To enable monitoring on the bridge, uncomment this - line in - /etc/snmp.config by removing the - beginning # symbol: - - begemotSnmpdModulePath."bridge" = "/usr/lib/snmp_bridge.so" - - Other configuration settings, such as community - names and access lists, may need to be modified in this file. See - &man.bsnmpd.1; and &man.snmp.bridge.3; for more - information. Once these edits are saved, add this line to - /etc/rc.conf: - - bsnmpd_enable="YES" - - Then, start - &man.bsnmpd.1;: + The bridge interface and STP + parameters can be monitored via &man.bsnmpd.1; which is + included in the &os; base system. The exported bridge + MIBs conform to IETF + standards so any SNMP client or monitoring + package can be used to retrieve the data. + + To enable monitoring on the bridge, uncomment this line in + /etc/snmp.config by removing the + beginning # symbol: + + begemotSnmpdModulePath."bridge" = "/usr/lib/snmp_bridge.so" - &prompt.root; service bsnmpd start + Other configuration settings, such as community names and + access lists, may need to be modified in this file. See + &man.bsnmpd.1; and &man.snmp.bridge.3; for more information. + Once these edits are saved, add this line to + /etc/rc.conf: + + bsnmpd_enable="YES" + + Then, start &man.bsnmpd.1;: + + &prompt.root; service bsnmpd start - The following examples use the - Net-SNMP software - (net-mgmt/net-snmp) to query a bridge - from a client system. The - net-mgmt/bsnmptools port can also be - used. From the SNMP client which is - running Net-SNMP, add the - following lines to - $HOME/.snmp/snmp.conf in order to - import the bridge MIB definitions: + The following examples use the + Net-SNMP software + (net-mgmt/net-snmp) to query a bridge + from a client system. The + net-mgmt/bsnmptools port can also be used. + From the SNMP client which is running + Net-SNMP, add the following lines + to $HOME/.snmp/snmp.conf in order to + import the bridge MIB definitions: - mibdirs +/usr/share/snmp/mibs + mibdirs +/usr/share/snmp/mibs mibs +BRIDGE-MIB:RSTP-MIB:BEGEMOT-MIB:BEGEMOT-BRIDGE-MIB - To monitor a single bridge using the IETF BRIDGE-MIB - (RFC4188): + To monitor a single bridge using the IETF BRIDGE-MIB + (RFC4188): - &prompt.user; snmpwalk -v 2c -c public bridge1.example.com mib-2.dot1dBridge + &prompt.user; snmpwalk -v 2c -c public bridge1.example.com mib-2.dot1dBridge BRIDGE-MIB::dot1dBaseBridgeAddress.0 = STRING: 66:fb:9b:6e:5c:44 BRIDGE-MIB::dot1dBaseNumPorts.0 = INTEGER: 1 ports BRIDGE-MIB::dot1dStpTimeSinceTopologyChange.0 = Timeticks: (189959) 0:31:39.59 centi-seconds @@ -3261,18 +3257,18 @@ BRIDGE-MIB::dot1dStpPortDesignatedPort.3 BRIDGE-MIB::dot1dStpPortForwardTransitions.3 = Counter32: 1 RSTP-MIB::dot1dStpVersion.0 = INTEGER: rstp(2) - The dot1dStpTopChanges.0 value is - two, indicating that the STP bridge - topology has changed twice. A topology change means that - one or more links in the network have changed or failed - and a new tree has been calculated. The - dot1dStpTimeSinceTopologyChange.0 value - will show when this happened. + The dot1dStpTopChanges.0 value is two, + indicating that the STP bridge topology has + changed twice. A topology change means that one or more links + in the network have changed or failed and a new tree has been + calculated. The + dot1dStpTimeSinceTopologyChange.0 value + will show when this happened. - To monitor multiple bridge interfaces, the private - BEGEMOT-BRIDGE-MIB can be used: + To monitor multiple bridge interfaces, the private + BEGEMOT-BRIDGE-MIB can be used: - &prompt.user; snmpwalk -v 2c -c public bridge1.example.com + &prompt.user; snmpwalk -v 2c -c public bridge1.example.com enterprises.fokus.begemot.begemotBridge BEGEMOT-BRIDGE-MIB::begemotBridgeBaseName."bridge0" = STRING: bridge0 BEGEMOT-BRIDGE-MIB::begemotBridgeBaseName."bridge2" = STRING: bridge2 @@ -3288,10 +3284,10 @@ BEGEMOT-BRIDGE-MIB::begemotBridgeStpTopC BEGEMOT-BRIDGE-MIB::begemotBridgeStpDesignatedRoot."bridge0" = Hex-STRING: 80 00 00 40 95 30 5E 31 BEGEMOT-BRIDGE-MIB::begemotBridgeStpDesignatedRoot."bridge2" = Hex-STRING: 80 00 00 50 8B B8 C6 A9 - To change the bridge interface being monitored via the - mib-2.dot1dBridge subtree: + To change the bridge interface being monitored via the + mib-2.dot1dBridge subtree: - &prompt.user; snmpset -v 2c -c private bridge1.example.com + &prompt.user; snmpset -v 2c -c private bridge1.example.com BEGEMOT-BRIDGE-MIB::begemotBridgeDefaultBridgeIf.0 s bridge2 From owner-svn-doc-all@FreeBSD.ORG Fri Mar 7 02:34:41 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AC275B23; Fri, 7 Mar 2014 02:34:41 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8DF70CD7; Fri, 7 Mar 2014 02:34:41 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s272Yf6D053202; Fri, 7 Mar 2014 02:34:41 GMT (envelope-from bjk@svn.freebsd.org) Received: (from bjk@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s272YecB053194; Fri, 7 Mar 2014 02:34:40 GMT (envelope-from bjk@svn.freebsd.org) Message-Id: <201403070234.s272YecB053194@svn.freebsd.org> From: Benjamin Kaduk Date: Fri, 7 Mar 2014 02:34:40 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44164 - in head/en_US.ISO8859-1/books: dev-model faq fdp-primer/xml-primer handbook/disks handbook/linuxemu porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Mar 2014 02:34:41 -0000 Author: bjk Date: Fri Mar 7 02:34:39 2014 New Revision: 44164 URL: http://svnweb.freebsd.org/changeset/doc/44164 Log: Fix a few typos PR: docs/187241 Submitted by: Alex Weber Approved by: hrs (mentor) Modified: head/en_US.ISO8859-1/books/dev-model/book.xml head/en_US.ISO8859-1/books/faq/book.xml head/en_US.ISO8859-1/books/fdp-primer/xml-primer/chapter.xml head/en_US.ISO8859-1/books/handbook/disks/chapter.xml head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/dev-model/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/dev-model/book.xml Thu Mar 6 23:27:25 2014 (r44163) +++ head/en_US.ISO8859-1/books/dev-model/book.xml Fri Mar 7 02:34:39 2014 (r44164) @@ -1637,7 +1637,7 @@ As the requests are prioritised by the individual developers on the basis of doing what they find interesting, necessary or are - funded to do, there is no overall strategy or priorisation of + funded to do, there is no overall strategy or prioritisation of what requests to regard as requirements and following up their correct implementation. However, most developers have some shared vision of what issues are more important, and they can Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Thu Mar 6 23:27:25 2014 (r44163) +++ head/en_US.ISO8859-1/books/faq/book.xml Fri Mar 7 02:34:39 2014 (r44164) @@ -1559,7 +1559,7 @@ Microcode is a method of programmatically - implementating hardware level instructions. This allows + implementing hardware level instructions. This allows for CPU bugs to be fixed without replacing the on board chip. Install sysutils/devcpu-data, @@ -2960,7 +2960,7 @@ kern.sched.name: ULE Long answer: Soft Updates has two characteristics that may be undesirable on certain - paritions. First, a Soft Updates + partitions. First, a Soft Updates partition has a small chance of losing data during a system crash. (The partition will not be corrupted; the data will simply be lost.) Second, Soft Updates can cause temporary Modified: head/en_US.ISO8859-1/books/fdp-primer/xml-primer/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/xml-primer/chapter.xml Thu Mar 6 23:27:25 2014 (r44163) +++ head/en_US.ISO8859-1/books/fdp-primer/xml-primer/chapter.xml Fri Mar 7 02:34:39 2014 (r44164) @@ -959,7 +959,7 @@ example.xml:5: element head: validity er XML context. - Parameter entity definitons are similar to those for + Parameter entity definitions are similar to those for general entities. However, parameter entries are included with %entity-name;. Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Thu Mar 6 23:27:25 2014 (r44163) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Fri Mar 7 02:34:39 2014 (r44164) @@ -3215,7 +3215,7 @@ geli_da2_flags="-p -k /root/da2.key"Swap partitions are not encrypted by default and should be cleared of any sensitive data before continuing. To - overwrite the current swap parition with random garbage, + overwrite the current swap partition with random garbage, execute the following command: &prompt.root; dd if=/dev/random of=/dev/ad0s1b bs=1m Modified: head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml Thu Mar 6 23:27:25 2014 (r44163) +++ head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml Fri Mar 7 02:34:39 2014 (r44164) @@ -81,7 +81,7 @@ Ports Collection - &linux; libararies are not installed on &os; by default + &linux; libraries are not installed on &os; by default and &linux; binary compatibility is not enabled by default. &linux; libraries can be installed using the &os; Ports Collection. Alternately, &linux; libraries can be installed Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Thu Mar 6 23:27:25 2014 (r44163) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Fri Mar 7 02:34:39 2014 (r44164) @@ -2685,7 +2685,7 @@ ALWAYS_KEEP_DISTFILES= yes When specific versions or specific major and minor revisions of a distfile should be checked. For example, if only version 0.6.4 should be - monitored because newer versions have compatablity issues + monitored because newer versions have compatibility issues with &os;, add: PORTSCOUT= limit:^0\.6\.4 From owner-svn-doc-all@FreeBSD.ORG Fri Mar 7 11:37:22 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 98CF52CF; Fri, 7 Mar 2014 11:37:22 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 6BF9F29A; Fri, 7 Mar 2014 11:37:22 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s27BbMOn006615; Fri, 7 Mar 2014 11:37:22 GMT (envelope-from gabor@svn.freebsd.org) Received: (from gabor@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s27BbM2v006612; Fri, 7 Mar 2014 11:37:22 GMT (envelope-from gabor@svn.freebsd.org) Message-Id: <201403071137.s27BbM2v006612@svn.freebsd.org> From: Gabor Kovesdan Date: Fri, 7 Mar 2014 11:37:22 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44165 - in head: en_US.ISO8859-1/books/handbook share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Mar 2014 11:37:22 -0000 Author: gabor Date: Fri Mar 7 11:37:21 2014 New Revision: 44165 URL: http://svnweb.freebsd.org/changeset/doc/44165 Log: - Allow generating only PGP fingerprints Modified: head/en_US.ISO8859-1/books/handbook/Makefile head/share/xml/freebsd-pgpkeyring.xsl Modified: head/en_US.ISO8859-1/books/handbook/Makefile ============================================================================== --- head/en_US.ISO8859-1/books/handbook/Makefile Fri Mar 7 02:34:39 2014 (r44164) +++ head/en_US.ISO8859-1/books/handbook/Makefile Fri Mar 7 11:37:21 2014 (r44165) @@ -288,7 +288,7 @@ XMLFLAGS+= ${CHAPTERS:S/\/chapter.xml//: XMLFLAGS+= -i chap.freebsd-glossary pgpkeyring: pgpkeys/chapter.xml ${DOC}.parsed.xml - @${XSLTPROC} ${XSLPGP} ${DOC}.parsed.xml + @${XSLTPROC} ${XSLTPROCOPTS} ${XSLPGP} ${DOC}.parsed.xml # # Handbook-specific variables @@ -343,3 +343,8 @@ SRCS+= mirrors.lastmod.inc \ eresources.xml.www.index.inc .include "${DOC_PREFIX}/share/mk/doc.project.mk" + +# XXX +.if defined(FINGERPRINTS_ONLY) +XSLTPROCOPTS+=--param generate.fingerprint.only '1' +.endif Modified: head/share/xml/freebsd-pgpkeyring.xsl ============================================================================== --- head/share/xml/freebsd-pgpkeyring.xsl Fri Mar 7 02:34:39 2014 (r44164) +++ head/share/xml/freebsd-pgpkeyring.xsl Fri Mar 7 11:37:21 2014 (r44165) @@ -8,10 +8,23 @@ + + - - - - + + + + + + + + + + + + + + + From owner-svn-doc-all@FreeBSD.ORG Fri Mar 7 12:23:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B50CEC5A; Fri, 7 Mar 2014 12:23:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 9E4C6977; Fri, 7 Mar 2014 12:23:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s27CNu1h028688; Fri, 7 Mar 2014 12:23:56 GMT (envelope-from gabor@svn.freebsd.org) Received: (from gabor@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s27CNp9g028648; Fri, 7 Mar 2014 12:23:51 GMT (envelope-from gabor@svn.freebsd.org) Message-Id: <201403071223.s27CNp9g028648@svn.freebsd.org> From: Gabor Kovesdan Date: Fri, 7 Mar 2014 12:23:51 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44166 - in head: . de_DE.ISO8859-1/books/handbook el_GR.ISO8859-7/books/handbook en_US.ISO8859-1/books/handbook en_US.ISO8859-1/htdocs/doc es_ES.ISO8859-1/books/handbook fr_FR.ISO8859-... X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Mar 2014 12:23:56 -0000 Author: gabor Date: Fri Mar 7 12:23:51 2014 New Revision: 44166 URL: http://svnweb.freebsd.org/changeset/doc/44166 Log: - Move the PGP keyring generation to the language-independent share directory Discussed with: hrs, wblock Added: head/share/Makefile (contents, props changed) head/share/pgpkeys/Makefile (contents, props changed) Modified: head/Makefile head/de_DE.ISO8859-1/books/handbook/Makefile head/el_GR.ISO8859-7/books/handbook/Makefile head/en_US.ISO8859-1/books/handbook/Makefile head/en_US.ISO8859-1/htdocs/doc/Makefile head/es_ES.ISO8859-1/books/handbook/Makefile head/fr_FR.ISO8859-1/books/handbook/Makefile head/fr_FR.ISO8859-1/htdocs/doc/Makefile head/hu_HU.ISO8859-2/books/handbook/Makefile head/it_IT.ISO8859-15/books/handbook/Makefile head/ja_JP.eucJP/books/handbook/Makefile head/nl_NL.ISO8859-1/books/handbook/Makefile head/pl_PL.ISO8859-2/books/handbook/Makefile head/pt_BR.ISO8859-1/books/handbook/Makefile head/release/Makefile head/ru_RU.KOI8-R/books/handbook/Makefile head/ru_RU.KOI8-R/htdocs/doc/Makefile head/share/mk/doc.docbook.mk head/share/pgpkeys/decke.key head/share/pgpkeys/scop.key head/share/pgpkeys/thomas.key head/zh_CN.UTF-8/books/handbook/Makefile head/zh_TW.Big5/books/handbook/Makefile Modified: head/Makefile ============================================================================== --- head/Makefile Fri Mar 7 11:37:21 2014 (r44165) +++ head/Makefile Fri Mar 7 12:23:51 2014 (r44166) @@ -31,6 +31,8 @@ SUBDIR+= zh_CN.UTF-8 SUBDIR+= zh_TW.Big5 .endif +SUBDIR+= share + DOC_PREFIX?= ${.CURDIR} .if exists(/usr/bin/svnlite) Modified: head/de_DE.ISO8859-1/books/handbook/Makefile ============================================================================== --- head/de_DE.ISO8859-1/books/handbook/Makefile Fri Mar 7 11:37:21 2014 (r44165) +++ head/de_DE.ISO8859-1/books/handbook/Makefile Fri Mar 7 12:23:51 2014 (r44166) @@ -275,9 +275,6 @@ CHAPTERS?= ${SRCS:M*chapter.xml} XMLFLAGS+= ${CHAPTERS:S/\/chapter.xml//:S/^/-i chap./} XMLFLAGS+= -i chap.freebsd-glossary -pgpkeyring: pgpkeys/chapter.xml - @${JADE} -V nochunks ${OTHERFLAGS} ${JADEOPTS} -d ${DSLPGP} -t sgml ${MASTERDOC} - URL_RELPREFIX?= ../../../.. DOC_PREFIX?= ${.CURDIR}/../../.. Modified: head/el_GR.ISO8859-7/books/handbook/Makefile ============================================================================== --- head/el_GR.ISO8859-7/books/handbook/Makefile Fri Mar 7 11:37:21 2014 (r44165) +++ head/el_GR.ISO8859-7/books/handbook/Makefile Fri Mar 7 12:23:51 2014 (r44166) @@ -9,25 +9,6 @@ # ------------------------------------------------------------------------ # -# 悶痰諛汳 齬續蜉汳 跂 塔繪驃粡 -# -# WITH_PGPKEYS 繩顰皷趺 跫髢 阨 繝繪驩籖阨 鞳驩泓繪 裃迴迚袍 -# 踰迴 fingerprints 瘰 PGP 裨繪粡. 総 葩諷 -# 轣 繩顰迴逕瘟 闍裨苟 裨繪粡, 癜 -# 跂痰諛 韵汾繪 轣 縷轣 'defined'. 装 辮蜍閭 -# 粤 辮苟縵聽 黼 熕阡 蜥 跫髢汳 HTML. -# -# Make targets 踰迴 竕 塔繪驃粡 -# -# pgpkeyring This target will read the contents of -# pgpkeys/chapter.xml and will extract all of -# the pgpkeys to standard out. This output can then -# be redirected into a file and distributed as a -# public keyring of FreeBSD developers that can -# easily be imported into PGP/GPG. -# -# ------------------------------------------------------------------------ -# # 忠 轣 韵闢葩黼 沚 轎 裙樣瘟 齡 塔繪驃粡: # # - 桃芟繿齡 癜 Makefile, chapters.ent 裃 book.xml @@ -293,16 +274,6 @@ CHAPTERS?= ${SRCS:M*chapter.xml} XMLFLAGS+= ${CHAPTERS:S/\/chapter.xml//:S/^/-i chap./} XMLFLAGS+= -i chap.freebsd-glossary -pgpkeyring: pgpkeys/chapter.xml - @${JADE} -V nochunks ${OTHERFLAGS} ${JADEOPTS} -d ${DSLPGP} -t sgml ${MASTERDOC} - -# -# Handbook-specific variables -# -.if defined(WITH_PGPKEYS) -JADEFLAGS+= -V withpgpkeys -.endif - URL_RELPREFIX?= ../../../.. DOC_PREFIX?= ${.CURDIR}/../../.. Modified: head/en_US.ISO8859-1/books/handbook/Makefile ============================================================================== --- head/en_US.ISO8859-1/books/handbook/Makefile Fri Mar 7 11:37:21 2014 (r44165) +++ head/en_US.ISO8859-1/books/handbook/Makefile Fri Mar 7 12:23:51 2014 (r44166) @@ -5,25 +5,6 @@ # # ------------------------------------------------------------------------ -# -# Handbook-specific variables -# -# WITH_PGPKEYS The print version of the handbook only prints PGP -# fingerprints by default. If you would like for the -# entire key to be displayed, then set this variable. -# This option has no affect on the HTML formats. -# -# Handbook-specific targets -# -# pgpkeyring This target will read the contents of -# pgpkeys/chapter.xml and will extract all of -# the pgpkeys to standard out. This output can then -# be redirected into a file and distributed as a -# public keyring of FreeBSD developers that can -# easily be imported into PGP/GPG. -# -# ------------------------------------------------------------------------ -# # To add a new chapter to the Handbook: # # - Update this Makefile, chapters.ent and book.xml @@ -287,16 +268,6 @@ CHAPTERS?= ${SRCS:M*chapter.xml} XMLFLAGS+= ${CHAPTERS:S/\/chapter.xml//:S/^/-i chap./} XMLFLAGS+= -i chap.freebsd-glossary -pgpkeyring: pgpkeys/chapter.xml ${DOC}.parsed.xml - @${XSLTPROC} ${XSLTPROCOPTS} ${XSLPGP} ${DOC}.parsed.xml - -# -# Handbook-specific variables -# -.if defined(WITH_PGPKEYS) -JADEFLAGS+= -V withpgpkeys -.endif - URL_RELPREFIX?= ../../../.. DOC_PREFIX?= ${.CURDIR}/../../.. @@ -343,8 +314,3 @@ SRCS+= mirrors.lastmod.inc \ eresources.xml.www.index.inc .include "${DOC_PREFIX}/share/mk/doc.project.mk" - -# XXX -.if defined(FINGERPRINTS_ONLY) -XSLTPROCOPTS+=--param generate.fingerprint.only '1' -.endif Modified: head/en_US.ISO8859-1/htdocs/doc/Makefile ============================================================================== --- head/en_US.ISO8859-1/htdocs/doc/Makefile Fri Mar 7 11:37:21 2014 (r44165) +++ head/en_US.ISO8859-1/htdocs/doc/Makefile Fri Mar 7 12:23:51 2014 (r44166) @@ -26,7 +26,7 @@ all-install: INSTALL_COMPRESSED= install all-pgpkeyring: @unset DESTDIR || true; \ - cd ${DOC_PREFIX}/${LANGCODE}/books/handbook; \ + cd ${DOC_PREFIX}/share/pgpkeys; \ ${MAKE} \ pgpkeyring > ${.OBJDIR}/pgpkeyring.txt Modified: head/es_ES.ISO8859-1/books/handbook/Makefile ============================================================================== --- head/es_ES.ISO8859-1/books/handbook/Makefile Fri Mar 7 11:37:21 2014 (r44165) +++ head/es_ES.ISO8859-1/books/handbook/Makefile Fri Mar 7 12:23:51 2014 (r44166) @@ -10,26 +10,6 @@ # %SRCID% 0.0 -# ------------------------------------------------------------------------ -# -# Handbook-specific variables -# -# WITH_PGPKEYS The print version of the handbook only prints PGP -# fingerprints by default. If you would like for the -# entire key to be displayed, then set this variable. -# This option has no affect on the HTML formats. -# -# Handbook-specific targets -# -# pgpkeyring This target will read the contents of -# pgpkeys/chapter.xml and will extract all of -# the pgpkeys to standard out. This output can then -# be redirected into a file and distributed as a -# public keyring of FreeBSD developers that can -# easily be imported into PGP/GPG. -# -# ------------------------------------------------------------------------ - MAINTAINER= jesusr@FreeBSD.org DOC?= book @@ -200,16 +180,6 @@ CHAPTERS?= ${SRCS:M*chapter.xml} XMLFLAGS+= ${CHAPTERS:S/\/chapter.xml//:S/^/-i chap./} -pgpkeyring: pgpkeys/chapter.xml - @${JADE} -V nochunks ${JADEOPTS} -d ${DSLPGP} -t sgml ${MASTERDOC} - DOC_PREFIX?= ${.CURDIR}/../../.. -# -# Handbook-specific variables -# -.if defined(WITH_PGPKEYS) -JADEFLAGS+= -V withpgpkeys -.endif - .include "${DOC_PREFIX}/share/mk/doc.project.mk" Modified: head/fr_FR.ISO8859-1/books/handbook/Makefile ============================================================================== --- head/fr_FR.ISO8859-1/books/handbook/Makefile Fri Mar 7 11:37:21 2014 (r44165) +++ head/fr_FR.ISO8859-1/books/handbook/Makefile Fri Mar 7 12:23:51 2014 (r44166) @@ -7,26 +7,6 @@ # Build the FreeBSD Handbook. # -# ------------------------------------------------------------------------ -# -# Handbook-specific variables -# -# WITH_PGPKEYS The print version of the handbook only prints PGP -# fingerprints by default. If you would like for the -# entire key to be displayed, then set this variable. -# This option has no affect on the HTML formats. -# -# Handbook-specific targets -# -# pgpkeyring This target will read the contents of -# pgpkeys/chapter.xml and will extract all of -# the pgpkeys to standard out. This output can then -# be redirected into a file and distributed as a -# public keyring of FreeBSD developers that can -# easily be imported into PGP/GPG. -# -# ------------------------------------------------------------------------ - MAINTAINER=blackend@FreeBSD.org DOC?= book @@ -228,16 +208,6 @@ CHAPTERS?= ${SRCS:M*chapter.xml} XMLFLAGS+= ${CHAPTERS:S/\/chapter.xml//:S/^/-i chap./} XMLFLAGS+= -i chap.freebsd-glossary -pgpkeyring: pgpkeys/chapter.xml - @${JADE} -V nochunks ${OTHERFLAGS} ${JADEOPTS} -d ${DSLPGP} -t sgml ${MASTERDOC} - -# -# Handbook-specific variables -# -.if defined(WITH_PGPKEYS) -JADEFLAGS+= -V withpgpkeys -.endif - URL_RELPREFIX?= ../../../.. DOC_PREFIX?= ${.CURDIR}/../../.. Modified: head/fr_FR.ISO8859-1/htdocs/doc/Makefile ============================================================================== --- head/fr_FR.ISO8859-1/htdocs/doc/Makefile Fri Mar 7 11:37:21 2014 (r44165) +++ head/fr_FR.ISO8859-1/htdocs/doc/Makefile Fri Mar 7 12:23:51 2014 (r44166) @@ -34,7 +34,7 @@ all-install: INSTALL_COMPRESSED= install all-pgpkeyring: @unset DESTDIR || true; \ - cd ${DOC_PREFIX}/${LANGCODE}; \ + cd ${DOC_PREFIX}/share/pgpkeys; \ ${MAKE} \ pgpkeyring > ${.OBJDIR}/pgpkeyring.txt Modified: head/hu_HU.ISO8859-2/books/handbook/Makefile ============================================================================== --- head/hu_HU.ISO8859-2/books/handbook/Makefile Fri Mar 7 11:37:21 2014 (r44165) +++ head/hu_HU.ISO8859-2/books/handbook/Makefile Fri Mar 7 12:23:51 2014 (r44166) @@ -11,24 +11,6 @@ # ------------------------------------------------------------------------ # -# Handbook-specific variables -# -# WITH_PGPKEYS The print version of the handbook only prints PGP -# fingerprints by default. If you would like for the -# entire key to be displayed, then set this variable. -# This option has no affect on the HTML formats. -# -# Handbook-specific targets -# -# pgpkeyring This target will read the contents of -# pgpkeys/chapter.xml and will extract all of -# the pgpkeys to standard out. This output can then -# be redirected into a file and distributed as a -# public keyring of FreeBSD developers that can -# easily be imported into PGP/GPG. -# -# ------------------------------------------------------------------------ -# # To add a new chapter to the Handbook: # # - Update this Makefile, chapters.ent and book.xml @@ -255,16 +237,6 @@ CHAPTERS?= ${SRCS:M*chapter.xml} XMLFLAGS+= ${CHAPTERS:S/\/chapter.xml//:S/^/-i chap./} XMLFLAGS+= -i chap.freebsd-glossary -pgpkeyring: pgpkeys/chapter.xml - @${JADE} -V nochunks ${OTHERFLAGS} ${JADEOPTS} -d ${DSLPGP} -t sgml ${MASTERDOC} - -# -# Handbook-specific variables -# -.if defined(WITH_PGPKEYS) -JADEFLAGS+= -V withpgpkeys -.endif - URL_RELPREFIX?= ../../../.. DOC_PREFIX?= ${.CURDIR}/../../.. Modified: head/it_IT.ISO8859-15/books/handbook/Makefile ============================================================================== --- head/it_IT.ISO8859-15/books/handbook/Makefile Fri Mar 7 11:37:21 2014 (r44165) +++ head/it_IT.ISO8859-15/books/handbook/Makefile Fri Mar 7 12:23:51 2014 (r44166) @@ -5,29 +5,6 @@ # Crea il Manuale di FreeBSD. # -# ------------------------------------------------------------------------ -# -# Variabili specifiche del Manuale -# -# WITH_PGPKEYS La versione stampata del manuale riporta solo i -# fingerprints PGP di base. Se vuoi visualizzare -# le chiavi intere, allora setta questa variabile. -# Questa opzione non ha effetto sui formati HTML. -# -# Targets specifici del Manuale -# -# pgpkeyring Questo target legger il contenuto del file -# pgpkeys/chapter.xml ad estrarr tutte le chiavi -# pgp sullo standard output. Questo output pu -# quindi essere rediretto su un file e distribuito -# come un keyring pubblico degli sviluppatori di -# FreeBSD che pu essere facilmente importato in -# PGP/GPG. -# -# ------------------------------------------------------------------------ - -.PATH: ${.CURDIR}/../../share/xml/glossary - MAINTAINER= ale@FreeBSD.org DOC?= book @@ -229,16 +206,6 @@ CHAPTERS?= ${SRCS:M*chapter.xml} XMLFLAGS+= ${CHAPTERS:S/\/chapter.xml//:S/^/-i chap./} XMLFLAGS+= -i chap.freebsd-glossary -pgpkeyring: pgpkeys/chapter.xml - @${JADE} -V nochunks ${OTHERFLAGS} ${JADEOPTS} -d ${DSLPGP} -t sgml ${MASTERDOC} - -# -# Variabili specifiche del Manuale -# -.if defined(WITH_PGPKEYS) -JADEFLAGS+= -V withpgpkeys -.endif - URL_RELPREFIX?= ../../../.. DOC_PREFIX?= ${.CURDIR}/../../.. Modified: head/ja_JP.eucJP/books/handbook/Makefile ============================================================================== --- head/ja_JP.eucJP/books/handbook/Makefile Fri Mar 7 11:37:21 2014 (r44165) +++ head/ja_JP.eucJP/books/handbook/Makefile Fri Mar 7 12:23:51 2014 (r44166) @@ -7,25 +7,6 @@ # # ------------------------------------------------------------------------ -# -# Handbook-specific variables -# -# WITH_PGPKEYS The print version of the handbook only prints PGP -# fingerprints by default. If you would like for the -# entire key to be displayed, then set this variable. -# This option has no affect on the HTML formats. -# -# Handbook-specific targets -# -# pgpkeyring This target will read the contents of -# pgpkeys/chapter.xml and will extract all of -# the pgpkeys to standard out. This output can then -# be redirected into a file and distributed as a -# public keyring of FreeBSD developers that can -# easily be imported into PGP/GPG. -# -# ------------------------------------------------------------------------ -# # To add a new chapter to the Handbook: # # - Update this Makefile, chapters.ent and book.xml @@ -294,16 +275,6 @@ CHAPTERS?= ${SRCS:M*chapter.xml} XMLFLAGS+= ${CHAPTERS:S/\/chapter.xml//:S/^/-i chap./} XMLFLAGS+= -i chap.freebsd-glossary -pgpkeyring: pgpkeys/chapter.xml ${DOC}.parsed.xml - @${XSLTPROC} ${XSLPGP} ${DOC}.parsed.xml - -# -# Handbook-specific variables -# -.if defined(WITH_PGPKEYS) -JADEFLAGS+= -V withpgpkeys -.endif - URL_RELPREFIX?= ../../../.. DOC_PREFIX?= ${.CURDIR}/../../.. Modified: head/nl_NL.ISO8859-1/books/handbook/Makefile ============================================================================== --- head/nl_NL.ISO8859-1/books/handbook/Makefile Fri Mar 7 11:37:21 2014 (r44165) +++ head/nl_NL.ISO8859-1/books/handbook/Makefile Fri Mar 7 12:23:51 2014 (r44166) @@ -8,25 +8,6 @@ # # ------------------------------------------------------------------------ -# -# Handboekspecifieke variabelen -# -# WITH_PGPKEYS De gedrukte verie van het handboek geeft standaard -# alleen PGP vingerafdrukken weer. Als het gewenst -# is dat de complete sleutel wordt weergegeven dan -# dient deze variabele insteld te worden. De optie -# heeft geen invloed op de HTML formaten. -# -# Handboekspecifieke doelen -# -# pgpkeyring Dit doel leest de inhoud van pgpkeys/chapter.xml -# en schrijft dan alle PGP sleutels naar stdout. -# De uitvoer kan omgeleid worden naar een bestand -# en verspreid worden als een publieke sleutelring -# van FreeBSD ontwikkelaars die eenvoudig in -# PGP/GPG ingelezen kan worden. -# -# ------------------------------------------------------------------------ # Om een nieuw hoofdstuk aan het Handboek toe te voegen: # # - Werk deze Makefile, chapters.ent en book.xml bij @@ -291,16 +272,6 @@ CHAPTERS?= ${SRCS:M*chapter.xml} XMLFLAGS+= ${CHAPTERS:S/\/chapter.xml//:S/^/-i chap./} XMLFLAGS+= -i chap.freebsd-glossary -pgpkeyring: pgpkeys/chapter.xml - @${XSLTPROC} ${XSLPGP} ${DOC}.parsed.xml - -# -# Handboekspecifieke variablen -# -.if defined(WITH_PGPKEYS) -JADEFLAGS+= -V withpgpkeys -.endif - URL_RELPREFIX?= ../../../.. DOC_PREFIX?= ${.CURDIR}/../../.. Modified: head/pl_PL.ISO8859-2/books/handbook/Makefile ============================================================================== --- head/pl_PL.ISO8859-2/books/handbook/Makefile Fri Mar 7 11:37:21 2014 (r44165) +++ head/pl_PL.ISO8859-2/books/handbook/Makefile Fri Mar 7 12:23:51 2014 (r44166) @@ -6,26 +6,6 @@ # Build the FreeBSD Handbook. # -# ------------------------------------------------------------------------ -# -# Handbook-specific variables -# -# WITH_PGPKEYS The print version of the handbook only prints PGP -# fingerprints by default. If you would like for the -# entire key to be displayed, then set this variable. -# This option has no affect on the HTML formats. -# -# Handbook-specific targets -# -# pgpkeyring This target will read the contents of -# pgpkeys/chapter.xml and will extract all of -# the pgpkeys to standard out. This output can then -# be redirected into a file and distributed as a -# public keyring of FreeBSD developers that can -# easily be imported into PGP/GPG. -# -# ------------------------------------------------------------------------ - .PATH: ${.CURDIR}/../../share/xml/glossary MAINTAINER= doc@FreeBSD.org @@ -197,16 +177,6 @@ CHAPTERS?= ${SRCS:M*chapter.xml} XMLFLAGS+= ${CHAPTERS:S/\/chapter.xml//:S/^/-i chap./} XMLFLAGS+= -i chap.freebsd-glossary -pgpkeyring: pgpkeys/chapter.xml - @${JADE} -V nochunks ${OTHERFLAGS} ${JADEOPTS} -d ${DSLPGP} -t sgml ${MASTERDOC} - -# -# Handbook-specific variables -# -.if defined(WITH_PGPKEYS) -JADEFLAGS+= -V withpgpkeys -.endif - URL_RELPREFIX?= ../../../.. DOC_PREFIX?= ${.CURDIR}/../../.. Modified: head/pt_BR.ISO8859-1/books/handbook/Makefile ============================================================================== --- head/pt_BR.ISO8859-1/books/handbook/Makefile Fri Mar 7 11:37:21 2014 (r44165) +++ head/pt_BR.ISO8859-1/books/handbook/Makefile Fri Mar 7 12:23:51 2014 (r44166) @@ -9,26 +9,6 @@ # Original revision: 1.53 # -# ------------------------------------------------------------------------ -# -# Handbook-specific variables -# -# WITH_PGPKEYS The print version of the handbook only prints PGP -# fingerprints by default. If you would like for the -# entire key to be displayed, then set this variable. -# This option has no affect on the HTML formats. -# -# Handbook-specific targets -# -# pgpkeyring This target will read the contents of -# pgpkeys/chapter.xml and will extract all of -# the pgpkeys to standard out. This output can then -# be redirected into a file and distributed as a -# public keyring of FreeBSD developers that can -# easily be imported into PGP/GPG. -# -# ------------------------------------------------------------------------ - MAINTAINER=lioux@FreeBSD.org DOC?= book @@ -151,16 +131,6 @@ CHAPTERS?= ${SRCS:M*chapter.xml} XMLFLAGS+= ${CHAPTERS:S/\/chapter.xml//:S/^/-i chap./} -pgpkeyring: pgpkeys/chapter.xml - @${JADE} -V nochunks ${JADEOPTS} -d ${DSLPGP} -t sgml ${MASTERDOC} - DOC_PREFIX?= ${.CURDIR}/../../.. -# -# Handbook-specific variables -# -.if defined(WITH_PGPKEYS) -JADEFLAGS+= -V withpgpkeys -.endif - .include "${DOC_PREFIX}/share/mk/doc.project.mk" Modified: head/release/Makefile ============================================================================== --- head/release/Makefile Fri Mar 7 11:37:21 2014 (r44165) +++ head/release/Makefile Fri Mar 7 12:23:51 2014 (r44166) @@ -131,7 +131,7 @@ release.1: .endif # Build PGP key ring ${RM} -f ${DOCKEYFILE} - cd ${DOC_PREFIX}/en_US.ISO8859-1/books/handbook && ${MAKE} pgpkeyring > ${DOCKEYFILE} + cd ${DOC_PREFIX}/share/pgpkeys && ${MAKE} pgpkeyring > ${DOCKEYFILE} # Construct the build.txt file with the documentation build info. ${RM} -f ${DOCBUILDFILE} ${TOUCH} ${DOCBUILDFILE} Modified: head/ru_RU.KOI8-R/books/handbook/Makefile ============================================================================== --- head/ru_RU.KOI8-R/books/handbook/Makefile Fri Mar 7 11:37:21 2014 (r44165) +++ head/ru_RU.KOI8-R/books/handbook/Makefile Fri Mar 7 12:23:51 2014 (r44166) @@ -9,26 +9,6 @@ # Build the FreeBSD Handbook. # -# ------------------------------------------------------------------------ -# -# Handbook-specific variables -# -# WITH_PGPKEYS The print version of the handbook only prints PGP -# fingerprints by default. If you would like for the -# entire key to be displayed, then set this variable. -# This option has no affect on the HTML formats. -# -# Handbook-specific targets -# -# pgpkeyring This target will read the contents of -# pgpkeys/chapter.xml and will extract all of -# the pgpkeys to standard out. This output can then -# be redirected into a file and distributed as a -# public keyring of FreeBSD developers that can -# easily be imported into PGP/GPG. -# -# ------------------------------------------------------------------------ - .PATH: ${.CURDIR}/../../share/xml/glossary MAINTAINER=phantom@FreeBSD.org @@ -241,16 +221,6 @@ CHAPTERS?= ${SRCS:M*chapter.xml} XMLFLAGS+= ${CHAPTERS:S/\/chapter.xml//:S/^/-i chap./} XMLFLAGS+= -i chap.freebsd-glossary -pgpkeyring: pgpkeys/chapter.xml - @${JADE} -V nochunks ${OTHERFLAGS} ${JADEOPTS} -d ${DSLPGP} -t sgml ${MASTERDOC} - -# -# Handbook-specific variables -# -.if defined(WITH_PGPKEYS) -JADEFLAGS+= -V withpgpkeys -.endif - url_relprEFIX?= ../../../.. DOC_PREFIX?= ${.CURDIR}/../../.. Modified: head/ru_RU.KOI8-R/htdocs/doc/Makefile ============================================================================== --- head/ru_RU.KOI8-R/htdocs/doc/Makefile Fri Mar 7 11:37:21 2014 (r44165) +++ head/ru_RU.KOI8-R/htdocs/doc/Makefile Fri Mar 7 12:23:51 2014 (r44166) @@ -36,7 +36,7 @@ all-install: INSTALL_COMPRESSED= install all-pgpkeyring: @unset DESTDIR || true; \ - cd ${DOC_PREFIX}/${LANGCODE}/books/handbook; \ + cd ${DOC_PREFIX}/share/pgpkeys; \ ${MAKE} \ pgpkeyring > ${.OBJDIR}/pgpkeyring.txt Added: head/share/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/Makefile Fri Mar 7 12:23:51 2014 (r44166) @@ -0,0 +1,5 @@ +# $FreeBSD$ + +SUBDIR+= pgpkeys + +.include Modified: head/share/mk/doc.docbook.mk ============================================================================== --- head/share/mk/doc.docbook.mk Fri Mar 7 11:37:21 2014 (r44165) +++ head/share/mk/doc.docbook.mk Fri Mar 7 12:23:51 2014 (r44166) @@ -58,7 +58,6 @@ XSLXHTML?= http://www.FreeBSD.org/XML/sh XSLXHTMLCHUNK?= http://www.FreeBSD.org/XML/share/xml/freebsd-xhtml-chunk.xsl XSLEPUB?= http://www.FreeBSD.org/XML/share/xml/freebsd-epub.xsl XSLFO?= http://www.FreeBSD.org/XML/share/xml/freebsd-fo.xsl -XSLPGP?= http://www.FreeBSD.org/XML/share/xml/freebsd-pgpkeyring.xsl XSLSCH?= /usr/local/share/xsl/iso-schematron/xslt1/iso_schematron_skeleton_for_xslt1.xsl Added: head/share/pgpkeys/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/pgpkeys/Makefile Fri Mar 7 12:23:51 2014 (r44166) @@ -0,0 +1,24 @@ +# $FreeBSD$ + +XSLPGP= http://www.FreeBSD.org/XML/share/xml/freebsd-pgpkeyring.xsl + +FILES= pgpkeyring.txt +CLEANFILES= pgpkeyring.txt keyring.xml + +keyring.xml: + @${ECHO_CMD} "" > ${.TARGET} + @${ECHO_CMD} "" >> ${.TARGET} + @${CAT} *.key >> ${.TARGET} + @${ECHO_CMD} "" >> ${.TARGET} + +pgpkeyring: keyring.xml + @${XSLTPROC} ${XSLTPROCOPTS} ${XSLPGP} keyring.xml + +pgpkeyring.txt: + @${MAKE} pgpkeyring >${.TARGET} + +.include "${DOC_PREFIX}/share/mk/doc.project.mk" + +.if defined(FINGERPRINTS_ONLY) +XSLTPROCOPTS+=--param generate.fingerprint.only '1' +.endif Modified: head/share/pgpkeys/decke.key ============================================================================== --- head/share/pgpkeys/decke.key Fri Mar 7 11:37:21 2014 (r44165) +++ head/share/pgpkeys/decke.key Fri Mar 7 12:23:51 2014 (r44166) @@ -1,4 +1,3 @@ - +pub 1024D/BCD241CB 2002-04-07 Ville Skytt辰 Key fingerprint = 4E0D EBAB 3106 F1FA 3FA9 B875 D98C D635 BCD2 41CB -uid Ville Skytt -uid Ville Skytt +uid Ville Skytt辰 +uid Ville Skytt辰 sub 2048g/9426F4D1 2002-04-07 ]]> - Empreinte de la cl = 4737 A0AD E596 6D30 4356 29B8 004D 54B8 393D 2469 + Empreinte de la cl辿 = 4737 A0AD E596 6D30 4356 29B8 004D 54B8 393D 2469 uid Thomas Quinot uid Thomas Quinot sub 1024g/8DE13BB2 1999-09-23 Modified: head/zh_CN.UTF-8/books/handbook/Makefile ============================================================================== --- head/zh_CN.UTF-8/books/handbook/Makefile Fri Mar 7 11:37:21 2014 (r44165) +++ head/zh_CN.UTF-8/books/handbook/Makefile Fri Mar 7 12:23:51 2014 (r44166) @@ -7,24 +7,6 @@ # ------------------------------------------------------------------------ # -# Handbook-specific variables -# -# WITH_PGPKEYS The print version of the handbook only prints PGP -# fingerprints by default. If you would like for the -# entire key to be displayed, then set this variable. -# This option has no affect on the HTML formats. -# -# Handbook-specific targets -# -# pgpkeyring This target will read the contents of -# pgpkeys/chapter.xml and will extract all of -# the pgpkeys to standard out. This output can then -# be redirected into a file and distributed as a -# public keyring of FreeBSD developers that can -# easily be imported into PGP/GPG. -# -# ------------------------------------------------------------------------ -# # To add a new chapter to the Handbook: # # - Update this Makefile, chapters.ent and book.xml @@ -296,18 +278,8 @@ CHAPTERS?= ${SRCS:M*chapter.xml} XMLFLAGS+= ${CHAPTERS:S/\/chapter.xml//:S/^/-i chap./} XMLFLAGS+= -i chap.freebsd-glossary -pgpkeyring: pgpkeys/chapter.xml - @${JADE} -V nochunks ${OTHERFLAGS} ${JADEOPTS} -d ${DSLPGP} -t sgml ${MASTERDOC} - DOC_PREFIX?= ${.CURDIR}/../../.. -# -# Handbook-specific variables -# -.if defined(WITH_PGPKEYS) -JADEFLAGS+= -V withpgpkeys -.endif - URL_RELPREFIX?= ../../../.. DOC_PREFIX?= ${.CURDIR}/../../.. Modified: head/zh_TW.Big5/books/handbook/Makefile ============================================================================== --- head/zh_TW.Big5/books/handbook/Makefile Fri Mar 7 11:37:21 2014 (r44165) +++ head/zh_TW.Big5/books/handbook/Makefile Fri Mar 7 12:23:51 2014 (r44166) @@ -5,26 +5,6 @@ # Build the FreeBSD Handbook. # -# ------------------------------------------------------------------------ -# -# Handbook-specific variables -# -# WITH_PGPKEYS The print version of the handbook only prints PGP -# fingerprints by default. If you would like for the -# entire key to be displayed, then set this variable. -# This option has no affect on the HTML formats. -# -# Handbook-specific targets -# -# pgpkeyring This target will read the contents of -# pgpkeys/chapter.xml and will extract all of -# the pgpkeys to standard out. This output can then -# be redirected into a file and distributed as a -# public keyring of FreeBSD developers that can -# easily be imported into PGP/GPG. -# -# ------------------------------------------------------------------------ - .PATH: ${.CURDIR}/../../share/xml/glossary MAINTAINER= doc@FreeBSD.org @@ -241,16 +221,6 @@ CHAPTERS?= ${SRCS:M*chapter.xml} XMLFLAGS+= ${CHAPTERS:S/\/chapter.xml//:S/^/-i chap./} XMLFLAGS+= -i chap.freebsd-glossary -pgpkeyring: pgpkeys/chapter.xml - @${JADE} -V nochunks ${OTHERFLAGS} ${JADEOPTS} -d ${DSLPGP} -t sgml ${MASTERDOC} - -# -# Handbook-specific variables -# -.if defined(WITH_PGPKEYS) -JADEFLAGS+= -V withpgpkeys -.endif - URL_RELPREFIX?= ../../../.. DOC_PREFIX?= ${.CURDIR}/../../.. From owner-svn-doc-all@FreeBSD.ORG Fri Mar 7 12:50:58 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C661130E; Fri, 7 Mar 2014 12:50:58 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id A6E90B59; Fri, 7 Mar 2014 12:50:58 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s27Cow0d040523; Fri, 7 Mar 2014 12:50:58 GMT (envelope-from jonathan@svn.freebsd.org) Received: (from jonathan@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s27Cowmt040522; Fri, 7 Mar 2014 12:50:58 GMT (envelope-from jonathan@svn.freebsd.org) Message-Id: <201403071250.s27Cowmt040522@svn.freebsd.org> From: Jonathan Anderson Date: Fri, 7 Mar 2014 12:50:58 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44168 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Mar 2014 12:50:58 -0000 Author: jonathan (src committer) Date: Fri Mar 7 12:50:58 2014 New Revision: 44168 URL: http://svnweb.freebsd.org/changeset/doc/44168 Log: Update jonathan@ to a longer PGP key. Approved by: rwatson (mentor) Modified: head/share/pgpkeys/jonathan.key Modified: head/share/pgpkeys/jonathan.key ============================================================================== --- head/share/pgpkeys/jonathan.key Fri Mar 7 12:39:40 2014 (r44167) +++ head/share/pgpkeys/jonathan.key Fri Mar 7 12:50:58 2014 (r44168) @@ -1,55 +1,94 @@ +pub 2048R/9C0EE010 2014-03-07 [expires: 2024-03-04] + Key fingerprint = 563B 20C1 BFBF F638 610F C584 B11B 3804 9C0E E010 uid Jonathan Anderson -uid Jonathan Anderson -uid Jonathan Anderson -sub 2048g/A703650D 2006-06-17 +uid Jonathan Anderson (MUN) +uid Jonathan Anderson (Cambridge) +uid Jonathan Anderson (FreeBSD) +sub 2048R/2E0832D2 2014-03-07 [expires: 2024-03-04] +sub 2048R/EC6BB1E5 2014-03-07 [expires: 2019-03-06] ]]> From owner-svn-doc-all@FreeBSD.ORG Fri Mar 7 12:39:41 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5AEABF96; Fri, 7 Mar 2014 12:39:41 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 3CD33A81; Fri, 7 Mar 2014 12:39:41 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s27Cdfce033649; Fri, 7 Mar 2014 12:39:41 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s27Cdflh033648; Fri, 7 Mar 2014 12:39:41 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201403071239.s27Cdflh033648@svn.freebsd.org> From: Ryusuke SUZUKI Date: Fri, 7 Mar 2014 12:39:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44167 - head/ja_JP.eucJP/htdocs/internal X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Fri, 07 Mar 2014 12:51:41 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Mar 2014 12:39:41 -0000 Author: ryusuke Date: Fri Mar 7 12:39:40 2014 New Revision: 44167 URL: http://svnweb.freebsd.org/changeset/doc/44167 Log: - Merge the following from the English version: r44115 -> r44151 head/ja_JP.eucJP/htdocs/internal/about.xml Modified: head/ja_JP.eucJP/htdocs/internal/about.xml Modified: head/ja_JP.eucJP/htdocs/internal/about.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/internal/about.xml Fri Mar 7 12:23:51 2014 (r44166) +++ head/ja_JP.eucJP/htdocs/internal/about.xml Fri Mar 7 12:39:40 2014 (r44167) @@ -5,7 +5,7 @@ ]> - + @@ -18,18 +18,10 @@

      マシン

      - Powered by FreeBSD -

      www.FreeBSD.org は、600MHz デュアル Pentium III および、1024MB - の RAM と約 70 GB のディスクから構成されています。 - FreeBSD.org ドメインのメールを処理しているマシンは - hub.FreeBSD.org と呼ばれており、2.2GHz クアッドコア AMD64 および、 - 3072MB の RAM と約 400 GB のディスクから構成されています。 - 外から来るメールは mx1.FreeBSD.org というマシンにいったん蓄積され、 - 外に配送するメールは mx2.FreeBSD.org というマシンでリレーされています。 - どちらも 3.06 GHz デュアル Xeon および 1024MB の RAM, 80GB のディスクから構成されています。

      - + Powered by FreeBSD

      - もちろんこれらのシステムでは FreeBSD が動作しています。 + すべての FreeBSD.org クラスタのシステムでは、もちろん + FreeBSD が動作しています。 このハードウェアとネットワークコネクションは、 BSDi, Bytemark Hosting, - + - - + + - + + - - - - - + - - - - - - + +
      時刻 (UTC)構築時刻 (UTC) 構築の種類
      XX:23他の構築が行われていない時に、英語版のみ www を構築10 分毎他の構築が行われていない時に、英語版のみ www を構築
      XX:53毎日曜の 00:00新しいツリーをチェックアウトして、すべてを構築
      01:22すべてを構築
      09:221 時間毎 英語版のみ構築
      13:22すべてを構築 (PR と port の統計更新を除く)
      17:22英語版のみ構築3 時間毎すべてを構築
      -

      直近のビルド状況を ここ - で確認できます。

      -

      FreeBSD Web ページのミラー

      www.FreeBSD.org の FreeBSD Web ページを ミラーできます。

      From owner-svn-doc-all@FreeBSD.ORG Fri Mar 7 12:54:47 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DC18E552; Fri, 7 Mar 2014 12:54:47 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C8D82BEF; Fri, 7 Mar 2014 12:54:47 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s27CslgM041440; Fri, 7 Mar 2014 12:54:47 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s27CslwH041439; Fri, 7 Mar 2014 12:54:47 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201403071254.s27CslwH041439@svn.freebsd.org> From: Remko Lodder Date: Fri, 7 Mar 2014 12:54:47 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44169 - head/en_US.ISO8859-1/books/handbook/basics X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Mar 2014 12:54:47 -0000 Author: remko Date: Fri Mar 7 12:54:47 2014 New Revision: 44169 URL: http://svnweb.freebsd.org/changeset/doc/44169 Log: I think the reference here is a little mistake. We talk about \ on the line above the changed line because Windows uses that. We then state that FreeBSD does not use that, but with our Unix Slash (/) in the example. My feeling is that this should have been the Windows slash to make it clear that this does not work and should not be used on FreeBSD (or most other Unixes for that matter). Facilitated by: Snow B.V. Found: During translations. Modified: head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/basics/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Fri Mar 7 12:50:58 2014 (r44168) +++ head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Fri Mar 7 12:54:47 2014 (r44169) @@ -2205,7 +2205,7 @@ root 5211 0.0 0.2 3620 1724 2 different from &windows; which uses \ to separate file and directory names. &os; does not use drive letters, or other drive names in the path. For example, one - would not type c:/foo/bar/readme.txt on + would not type c:\foo\bar\readme.txt on &os;.       Directories and files are stored in a file system. Each From owner-svn-doc-all@FreeBSD.ORG Fri Mar 7 13:12:33 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A821EAC5; Fri, 7 Mar 2014 13:12:33 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 94EA5DAC; Fri, 7 Mar 2014 13:12:33 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s27DCXM2049702; Fri, 7 Mar 2014 13:12:33 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s27DCX79049701; Fri, 7 Mar 2014 13:12:33 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201403071312.s27DCX79049701@svn.freebsd.org> From: Ryusuke SUZUKI Date: Fri, 7 Mar 2014 13:12:33 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44170 - head/ja_JP.eucJP/htdocs/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Mar 2014 13:12:33 -0000 Author: ryusuke Date: Fri Mar 7 13:12:33 2014 New Revision: 44170 URL: http://svnweb.freebsd.org/changeset/doc/44170 Log: - Merge the following from the English version: r41455 -> r44161 head/ja_JP.eucJP/htdocs/security/unsupported.xml Modified: head/ja_JP.eucJP/htdocs/security/unsupported.xml Modified: head/ja_JP.eucJP/htdocs/security/unsupported.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/security/unsupported.xml Fri Mar 7 12:54:47 2014 (r44169) +++ head/ja_JP.eucJP/htdocs/security/unsupported.xml Fri Mar 7 13:12:33 2014 (r44170) @@ -4,6 +4,8 @@ ]> + + @@ -25,154 +27,154 @@ 保守終了予定日 - RELENG_4 + stable/4 なし なし なし 2007 年 1 月 31 日 - RELENG_4_11 + releng/4.11 4.11-RELEASE Extended 2005 年 1 月 25 日 2007 年 1 月 31 日 - RELENG_5 + stable/5 なし なし なし 2008 年 5 月 31 日 - RELENG_5_3 + releng/5.3 5.3-RELEASE Extended 2004 年 11 月 6 日 2006 年 10 月 31 日 - RELENG_5_4 + releng/5.4 5.4-RELEASE Normal 2005 年 5 月 9 日 2006 年 10 月 31 日 - RELENG_5_5 + releng/5.5 5.5-RELEASE Extended 2006 年 5 月 25 日 2008 年 5 月 31 日 - RELENG_6 + stable/6 なし なし なし 2010 年 11 月 30 日 - RELENG_6_0 + releng/6.0 6.0-RELEASE Normal 2005 年 11 月 4 日 2007 年 1 月 31 日 - RELENG_6_1 + releng/6.1 6.1-RELEASE Extended 2006 年 5 月 9 日 2008 年 5 月 31 日 - RELENG_6_2 + releng/6.2 6.2-RELEASE Normal 2007 年 1 月 15 日 2008 年 5 月 31 日 - RELENG_6_3 + releng/6.3 6.3-RELEASE Extended 2008 年 1 月 18 日 2010 年 1 月 31 日 - RELENG_6_4 + releng/6.4 6.4-RELEASE Extended 2008 年 11 月 28 日 2010 年 11 月 30 日 - RELENG_7 + stable/7 なし なし なし 2013 年 2 月 28 日 - RELENG_7_0 + releng/7.0 7.0-RELEASE Normal 2008 年 2 月 27 日 2009 年 4 月 30 日 - RELENG_7_1 + releng/7.1 7.1-RELEASE Extended 2009 年 1 月 4 日 2011 年 2 月 28 日 - RELENG_7_2 + releng/7.2 7.2-RELEASE Normal 2009 年 5 月 4 日 2010 年 6 月 30 日 - RELENG_7_3 + releng/7.3 7.3-RELEASE Extended 2010 年 3 月 23 日 2012 年 3 月 31 日 - RELENG_7_4 + releng/7.4 7.4-RELEASE Extended 2011 年 2 月 24 日 2013 年 2 月 28 日 - RELENG_8_0 + releng/8.0 8.0-RELEASE Normal 2009 年 11 月 25 日 2010 年 11 月 30 日 - RELENG_8_1 + releng/8.1 8.1-RELEASE Extended 2010 年 7 月 23 日 2012 年 7 月 31 日 - RELENG_8_2 + releng/8.2 8.2-RELEASE Normal 2011 年 2 月 24 日 2012 年 7 月 31 日 - RELENG_9_0 + releng/9.0 9.0-RELEASE Normal 2012 年 1 月 10 日 From owner-svn-doc-all@FreeBSD.ORG Fri Mar 7 14:28:50 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 664573F1; Fri, 7 Mar 2014 14:28:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 53823696; Fri, 7 Mar 2014 14:28:50 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s27ESof0079655; Fri, 7 Mar 2014 14:28:50 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s27ESoLV079654; Fri, 7 Mar 2014 14:28:50 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403071428.s27ESoLV079654@svn.freebsd.org> From: Glen Barber Date: Fri, 7 Mar 2014 14:28:50 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44171 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Mar 2014 14:28:50 -0000 Author: gjb Date: Fri Mar 7 14:28:49 2014 New Revision: 44171 URL: http://svnweb.freebsd.org/changeset/doc/44171 Log: Fix doc build. Sponsored by: The FreeBSD Foundation Modified: head/share/pgpkeys/Makefile Modified: head/share/pgpkeys/Makefile ============================================================================== --- head/share/pgpkeys/Makefile Fri Mar 7 13:12:33 2014 (r44170) +++ head/share/pgpkeys/Makefile Fri Mar 7 14:28:49 2014 (r44171) @@ -1,5 +1,7 @@ # $FreeBSD$ +DOC_PREFIX?= ${.CURDIR}/../.. + XSLPGP= http://www.FreeBSD.org/XML/share/xml/freebsd-pgpkeyring.xsl FILES= pgpkeyring.txt From owner-svn-doc-all@FreeBSD.ORG Fri Mar 7 15:16:59 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 73BA8AA6; Fri, 7 Mar 2014 15:16:59 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 60703B28; Fri, 7 Mar 2014 15:16:59 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s27FGxvx000226; Fri, 7 Mar 2014 15:16:59 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s27FGxW1000225; Fri, 7 Mar 2014 15:16:59 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201403071516.s27FGxW1000225@svn.freebsd.org> From: Remko Lodder Date: Fri, 7 Mar 2014 15:16:59 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44172 - head/en_US.ISO8859-1/books/handbook/basics X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Mar 2014 15:16:59 -0000 Author: remko Date: Fri Mar 7 15:16:58 2014 New Revision: 44172 URL: http://svnweb.freebsd.org/changeset/doc/44172 Log: I think that the output from top that is presented here is shown twice. Probably an older example was here first which was updated to also show ZFS statistics (like ARC usage). I removed the 'older' version since it does not seem to have any relation at all with the output shown directly beneath it. Facilitated by: Snow B.V. Found while: translating for doc_nl Modified: head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/basics/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Fri Mar 7 14:28:49 2014 (r44171) +++ head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Fri Mar 7 15:16:58 2014 (r44172) @@ -3034,12 +3034,6 @@ root 5211 0.0 0.2 3620 1724 2 The output from &man.top.1; is similar: &prompt.user; top -last pid: 72257; load averages: 0.13, 0.09, 0.03 up 0+13:38:33 22:39:10 -47 processes: 1 running, 46 sleeping -CPU states: 12.6% user, 0.0% nice, 7.8% system, 0.0% interrupt, 79.7% idle -Mem: 36M Active, 5256K Inact, 13M Wired, 6312K Cache, 15M Buf, 408K Free -Swap: 256M Total, 38M Used, 217M Free, 15% Inuse - last pid: 9609; load averages: 0.56, 0.45, 0.36 up 0+00:20:03 10:21:46 107 processes: 2 running, 104 sleeping, 1 zombie CPU: 6.2% user, 0.1% nice, 8.2% system, 0.4% interrupt, 85.1% idle From owner-svn-doc-all@FreeBSD.ORG Fri Mar 7 15:47:07 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D1876801; Fri, 7 Mar 2014 15:47:07 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id BEBE3DB0; Fri, 7 Mar 2014 15:47:07 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s27Fl7xg012611; Fri, 7 Mar 2014 15:47:07 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s27Fl7lN012610; Fri, 7 Mar 2014 15:47:07 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403071547.s27Fl7lN012610@svn.freebsd.org> From: Glen Barber Date: Fri, 7 Mar 2014 15:47:07 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44174 - head/en_US.ISO8859-1/htdocs/doc X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Mar 2014 15:47:07 -0000 Author: gjb Date: Fri Mar 7 15:47:07 2014 New Revision: 44174 URL: http://svnweb.freebsd.org/changeset/doc/44174 Log: Fix doc installation. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/doc/Makefile Modified: head/en_US.ISO8859-1/htdocs/doc/Makefile ============================================================================== --- head/en_US.ISO8859-1/htdocs/doc/Makefile Fri Mar 7 15:43:12 2014 (r44173) +++ head/en_US.ISO8859-1/htdocs/doc/Makefile Fri Mar 7 15:47:07 2014 (r44174) @@ -37,7 +37,7 @@ install clean: INSTALL_COMPRESSED= ${.TARGET} .if make(install) @unset DESTDIR || true; \ - cd ${DOC_PREFIX}/${LANGCODE}/books/handbook; \ + cd ${DOC_PREFIX}/share/pgpkeys; \ ${MAKE} \ pgpkeyring > ${DESTDIR}/data/doc/pgpkeyring.txt .endif From owner-svn-doc-all@FreeBSD.ORG Fri Mar 7 15:51:25 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B95D79C3; Fri, 7 Mar 2014 15:51:25 +0000 (UTC) Received: from wonkity.com (wonkity.com [67.158.26.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 6C53CDD7; Fri, 7 Mar 2014 15:51:25 +0000 (UTC) Received: from wonkity.com (localhost [127.0.0.1]) by wonkity.com (8.14.8/8.14.8) with ESMTP id s27FpN2u055408 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 7 Mar 2014 08:51:24 -0700 (MST) (envelope-from wblock@wonkity.com) Received: from localhost (wblock@localhost) by wonkity.com (8.14.8/8.14.8/Submit) with ESMTP id s27FpNgw055405; Fri, 7 Mar 2014 08:51:23 -0700 (MST) (envelope-from wblock@wonkity.com) Date: Fri, 7 Mar 2014 08:51:23 -0700 (MST) From: Warren Block To: Remko Lodder Subject: Re: svn commit: r44172 - head/en_US.ISO8859-1/books/handbook/basics In-Reply-To: <201403071516.s27FGxW1000225@svn.freebsd.org> Message-ID: References: <201403071516.s27FGxW1000225@svn.freebsd.org> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (wonkity.com [127.0.0.1]); Fri, 07 Mar 2014 08:51:24 -0700 (MST) Cc: svn-doc-head@freebsd.org, svn-doc-all@freebsd.org, doc-committers@freebsd.org X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Mar 2014 15:51:25 -0000 On Fri, 7 Mar 2014, Remko Lodder wrote: > Author: remko > Date: Fri Mar 7 15:16:58 2014 > New Revision: 44172 > URL: http://svnweb.freebsd.org/changeset/doc/44172 > > Log: > I think that the output from top that is presented here > is shown twice. Probably an older example was here first > which was updated to also show ZFS statistics (like ARC > usage). I removed the 'older' version since it does not > seem to have any relation at all with the output shown > directly beneath it. We talked about this in -doc a few days ago, and I fixed a few related things. Sorry, I should have just committed it then. http://lists.freebsd.org/pipermail/freebsd-doc/2014-March/023409.html From owner-svn-doc-all@FreeBSD.ORG Fri Mar 7 15:43:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 30BD6753; Fri, 7 Mar 2014 15:43:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 1CC36D7F; Fri, 7 Mar 2014 15:43:13 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s27FhD8A012095; Fri, 7 Mar 2014 15:43:13 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s27FhD1N012094; Fri, 7 Mar 2014 15:43:13 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201403071543.s27FhD1N012094@svn.freebsd.org> From: Remko Lodder Date: Fri, 7 Mar 2014 15:43:13 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44173 - translations/nl_NL.ISO8859-1/books/handbook/basics X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Fri, 07 Mar 2014 16:28:06 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Mar 2014 15:43:13 -0000 Author: remko Date: Fri Mar 7 15:43:12 2014 New Revision: 44173 URL: http://svnweb.freebsd.org/changeset/doc/44173 Log: Update my work for the day. Facilited by: Snow B.V. Modified: translations/nl_NL.ISO8859-1/books/handbook/basics/chapter.xml Modified: translations/nl_NL.ISO8859-1/books/handbook/basics/chapter.xml ============================================================================== --- translations/nl_NL.ISO8859-1/books/handbook/basics/chapter.xml Fri Mar 7 15:16:58 2014 (r44172) +++ translations/nl_NL.ISO8859-1/books/handbook/basics/chapter.xml Fri Mar 7 15:43:12 2014 (r44173) @@ -798,7 +798,7 @@ Goodbye! - <command>rmuser</command + <command>rmuser</command> rmuser @@ -1420,7 +1420,7 @@ passwd: done punt. Het eerste veld is de groepsnaam, het tweede veld is het versleutelde wachtwoord, het derde veld is het GID en het vierde veld is een door - comma's gescheiden lijst van gebruikers. Voor een + komma's gescheiden lijst van gebruikers. Voor een complete beschrijving van de syntax wordt verwezen naar de &man.group.5; handleiding. @@ -1458,7 +1458,7 @@ teamtwo:*:1100: teamtwo:*:1100:jru - Het argument van is een comma + Het argument van is een komma gescheiden lijst van gebruikers die toegevoegd moeten worden aan de (nieuwe) lijst of om de huidige lijst bij te werken. Voor de gebruiker is dit groepslidmaatschap anders @@ -1481,8 +1481,8 @@ teamtwo:*:1100:jru teamtwo:*:1100:jru,db - In dit voorbeeld is het argument van - een comma gescheiden lijst van gebruikers welke toegevoegd + In dit voorbeeld is het argument van + een komma gescheiden lijst van gebruikers welke toegevoegd moeten worden aan de groep. In tegenstelling tot het voorgaande commando worden deze gebruikers toegevoegd en wordt de bestaande lijst niet aangepast. @@ -1514,32 +1514,45 @@ uid=1001(jru) gid=1001(jru) groups=1001( In &os; heeft elk bestand en directorie heeft een geassocieerde set van permissies en diverse tools zijn beschikbaar om om deze permissies in te zien en aan te passen. - Begrijpen hoe permissies werken zijn noodzakelijk om - XXXX REMKO 1427 - - &os;, direct afgeleid van BSD &unix;, is gebaseerd op - verschillende belangrijke &unix; concepten. Het meest bekende is - dat &os; een multi-user systeem is. Het systeem kan meerdere - gebruikers behandelen die tegelijkertijd totaal verschillende - dingen doen. Het systeem is verantwoordelijk voor het netjes - delen en beheren voor aanvragen voor hardware, randapparatuur, - geheugen en cpu tijd tussen elke gebruiker. - - Omdat het systeem in staat is om meerdere gebruikers te - ondersteunen, heeft alles wat door het systeem beheerd wordt een - set van rechten die aangeeft wie mag lezen, schrijven en de - bron mag uitvoeren. Deze rechten zijn opgeslagen in drie - octetten, die weer in drie stukjes onderverdeeld zijn: - 蜑n voor de eigenaar van het bestand, - 蜑n voor de groep waar het bestand toe behoort en - 蜑n voor de overigen. De numerieke weergave werkt - als volgt: + Begrijpen hoe permissies werken zijn noodzakelijk om ervoor te + zorgen dat de gebruikers in staat zijn om bestanden die ze nodig + hebben te kunnen benaderen. Daarnaast beschermen de permissies + om bestanden waar de gebruikers niet bij behoren te kunnen af te + schermen, zoals bij bestanden die het besturingssysteem gebruikt + of die van andere gebruikers zijn. + + Deze sectie behandelt de traditionele &unix; permissies zoals + gebruikt binnen &os;. Voor meer diepgang en diepere toegangs + controle wordt verwezen naar . + + In &unix; worden de basis permissies toegewezen via drie + typen toegang: lezen, schrijven en uitvoeren. Deze types + worden gebruikt om te kunnen bepalen of de bestandseigenaar, + de groep, of de anderen toegang hebben tot het bestand. De + lezen, schrijven en uitvoeren permissies kunnen worden + weergegeven door de letters r, + w en de x. Ze kunnen ook + worden weergegeven als binaire cijfers, omdat elke permissie + ofwel ingeschakeld is, ofwel uitgeschakeld + (0). Wanneer deze worden getoond als cijfer + is de volgorde altijd rwx waarbij + r een ingeschakelde waarde heeft van + 4, w een ingeschakelde + waarde heeft van 2 en r + een ingeschakelde waarde heeft van 1. + + Tabel 4.1 vat de mogelijke numerieke en alfabetische opties + samen. Wanneer de Directory Listing kolom + gelezen wordt, wordt een - gebruikt om te + tonen dat de permissie uitgeschakeld is. Rechten Bestandsrechten - + + &unix; permissies + @@ -1617,9 +1630,9 @@ uid=1001(jru) gid=1001(jru) groups=1001( - +
      - ls + &man.ls.1; mappen @@ -1633,54 +1646,47 @@ uid=1001(jru) gid=1001(jru) groups=1001( total 530 -rw-r--r-- 1 root wheel 512 Sep 5 12:31 myfile -rw-r--r-- 1 root wheel 512 Sep 5 12:31 otherfile --rw-r--r-- 1 root wheel 7680 Sep 5 12:31 email.txt -... - - Zo ziet de eerste kolom van ls -l - eruit: - - -rw-r--r-- +-rw-r--r-- 1 root wheel 7680 Sep 5 12:31 email.txt Het eerste (meest linkse) karakter geeft aan of dit een - reguliere bestand is, een map, een speciaal karakter - component(!), een socket of een andere pseudo-file component(!). + regulier bestand is, een map, een speciaal karakter + component(!), een socket of een andere pseudo-file component. In dit geval betekent de - dat het een regulier bestand is. De volgende drie karakters, - rw- in dit voorbeeld, geven de rechten voor de - eigenaar van het bestand. De drie karakters - r-- erna geven de rechten van voor de groep van - het bestand. De overige drie karakters r-- - tonen de rechten voor alle overige gebruikers. Een streepje betekent dat - de rechten uitgeschakeld zijn. In het geval van dit bestand zijn de - rechten zo ingesteld dat de eigenaar kan lezen en schrijven naar - het bestand, de groep het bestand kan lezen, en alle overige - gebruikers kunnen ook het bestand lezen. Volgens de tabel hierboven - worden de rechten 644, waar de cijfers de drie - stukjes van de rechten aangeven. - - Dit is allemaal leuk en aardig, maar hoe controleert het - systeem dan rechten voor apparaten? &os; behandelt de meeste - hardware apparaten als bestanden die door programma's kunnen - worden geopend en gelezen, en waar data naar toe kan worden - geschreven, net zoals elk ander bestand. Deze speciale apparaat - bestanden worden bewaard in de map + rw- in dit voorbeeld, geven de rechten voor + de eigenaar van het bestand. De drie karakters + r-- erna geven de rechten van voor de groep + van het bestand. De overige drie karakters + r-- tonen de rechten voor alle overige + gebruikers. Een streepje betekent dat de rechten uitgeschakeld + zijn. In het geval van dit bestand zijn de rechten zo ingesteld + dat de eigenaar kan lezen en schrijven naar het bestand, de + groep het bestand kan lezen, en alle overige gebruikers kunnen + ook het bestand lezen. Volgens de tabel hierboven worden de + rechten 644, waar de cijfers de drie stukjes + van de rechten aangeven. + + Hoe controleert het systeem rechten voor apparaten? &os; + behandelt de meeste hardware apparaten als bestanden die door + programma's kunnen worden geopend en gelezen, en waar data naar + toe kan worden geschreven, net zoals elk ander bestand. Deze + speciale apparaat bestanden worden bewaard in de map /dev. Mappen worden ook behandeld als bestanden. Ze hebben lees, - schrijf en uitvoerbare rechten. De uitvoerbare vlag voor een map - heeft een klein verschil qua betekenis dan die voor gewone - bestanden. Als een map als uitvoerbaar gemarkeerd is, betekent - het dat erin gekeken mag worden. Het is dus mogelijk om te - wisselen naar de map met cd (wissel van map). + schrijf en uitvoerbare rechten. De uitvoerbare vlag voor een + map heeft iets andere betekenis dan die voor gewone bestanden. + Als een map als uitvoerbaar gemarkeerd is, betekent dit dat + er naar deze map gewisseld kan worden met &man.cd.1;. Dit betekent ook dat in de map bestanden benaderd kunnen worden - waarvan de naam bekend is. Dit is natuurlijk afhankelijk van de - rechten op het bestand zelf. + waarvan de naam bekend is. Afhankelijk van de rechten op het + bestand zelf.       - In het bijzonder, om een lijst van de map te kunnen maken, - moet een gebruiker leesrechten op de map hebben. Om een bestand - te verwijderen zijn de naam van het bestand en schrijf - en uitvoerrechten op de map nodig waarin het - bestand zich bevindt. + Om een inhoudsopgave te maken van een map moet de lees + permissie ingeschakeld zijn. Om bestanden te kunnen verwijderen + waarvan de naam bekend is, moet de schrijf permissie + en de uitvoerbare permissie op de map + ingesteld zijn. Er zijn meer rechtenvlaggen, maar die worden slechts gebruikt in speciale gevallen, zoals bij setuid binaries en sticky mappen. @@ -1688,25 +1694,31 @@ total 530 worden staat in &man.chmod.1;. - Symbolische rechten + + Symbolische rechten + - TomRhodesBijgedragen door + + + Tom + Rhodes + + Bijgedragen door + - - rechten symbolisch - Symbolische rechten, soms ook wel symbolische expressies, - gebruiken karakters in plaats van octale getallen om rechten - aan bestanden en mappen te geven. Symbolische expressies - gebruiken de volgende opbouw: (wie) (actie) (permissies), waar - de volgende waardes beschikbaar zijn: + Symbolische rechten maken gebruik van karakters in plaats + van octale getallen om permissies toe te wijzen aan bestanden + of directories. Symbolische rechten gebruiken de opbouw: + (wie) (actie) (permissies), de volgende waarden zijn hierbij + beschikbaar: @@ -1820,56 +1832,60 @@ total 530 - Deze waardes worden gebruikt met &man.chmod.1;, net zoals - eerder, alleen nu met letters. Het volgende commando kan - gebruikt worden om de overige gebruikers toegang tot + Deze waardes worden gebruikt met &man.chmod.1;, alleen dan + met letters in plaats van cijfers. Het volgende commando + kan worden gebruikt om overige gebruikers de toegang tot BESTAND te ontzeggen: &prompt.user; chmod go= BESTAND - Er kan een door komma's gescheiden lijst geleverd worden als - meer dan 蜑n wijziging aan een bestand moet worden - uitgevoerd. Het volgende commando past de rechten voor de groep - en de wereld aan door de schrijfrechten te - ontnemen om daarna iedereen uitvoerrechten te geven: + Er kan een door komma's gescheiden lijst geleverd worden + als meer dan 蜑n wijziging aan een bestand moet worden + uitgevoerd. Het volgende commando verwijderd de groeps en + wereld schrijf rechten op + FILENAME en voegt uitvoerrechten + toe voor iedereen: - &prompt.user; chmod go-w,a+x BESTAND + &prompt.user; chmod go-w,a+x FILE - &os; bestandsvlaggen + + &os; bestandsvlaggen + - TomRhodesGeschreven door + + + Tom + Rhodes + + Geschreven door + - - - Naast de bestandsrechten die hiervoor zijn besproken, - biedt &os; ondersteuning voor bestandsvlaggen. - Deze vlaggen bieden een aanvullend beveiligingsniveau en - controle over bestanden, maar niet over mappen. - - Bestandsvlaggen voegen een extra niveau van controle over - bestanden, waardoor verzekerd kan worden dat in sommige - gevallen zelfs root een bestand niet kan - verwijderen of wijzigen. - - Bestandsvlaggen worden gewijzigd met het hulpprogramma - &man.chflags.1;, dat een eenvoudige interface heeft. Om - bijvoorbeeld de systeemvlag niet verwijderdbaar in te stellen - op het bestand file1: + Naast de bestandsrechten biedt &os; ondersteuning voor + bestandsvlaggen. Deze vlaggen bieden een + aanvullend beveiligingsniveau en controle over bestanden, maar + niet over mappen. Met bestandsvlaggen kan zelfs worden + voorkomen dat root + bestanden verwijderd en/of aanpast. + + Bestandsvlaggen worden gewijzigd met het &man.chflags.1; + commando. Om bijvoorbeeld de systeemvlag niet verwijderbaar + in te stellen op het bestand + file1: &prompt.root; chflags sunlink file1 - Om de vlag niet verwijderbaar weer te verwijderen kan het - voorgaande commando met no voor - worden uitgevoerd: + Om de systeemvlag niet verwijderbaar weer uit te schakelen + moet het woord no worden toegevoegd voor + : &prompt.root; chflags nosunlink file1 - Om de vlaggen op een bestand te bekijken, kan het &man.ls.1; - commando met de vlaggen gebruikt worden: + Om de vlaggen op een bestand te kijken moet de vlag + gebruikt worden: &prompt.root; ls -lo file1 @@ -1878,16 +1894,25 @@ total 530 -rw-r--r-- 1 trhodes trhodes sunlnk 0 Mar 1 05:54 file1 Een aantal vlaggen kan alleen ingesteld of verwijderd - worden door de gebruiker root. In andere - gevallen kan de eigenaar van een bestand vlaggen instellen. - Meer informatie voor beheerders staat in &man.chflags.1; en - &man.chflags.2;. + worden door root. + In andere gevallen kan de eigenaar van een bestand vlaggen + instellen. Meer informatie voor beheerders staat in + &man.chflags.1; en &man.chflags.2;.             - De <literal>setuid</literal>-, <literal>setgid</literal>-, en <literal>klevende</literal> toestemmingen + + De <literal>setuid</literal>, + <literal>setgid</literal>, en <literal>klevende</literal> + toestemmingen - TomRhodesBijgedragen door + + + Tom + Rhodes + + Bijgedragen door + @@ -1895,8 +1920,8 @@ total 530 Buiten de toestemmingen die reeds besproken zijn, zijn er nog drie specifieke instellingen waarvan alle beheerders kennis - dienen te hebben. Dit zijn de setuid-, - setgid-, en sticky + dienen te hebben. Dit zijn de setuid, + setgid, en sticky toestemmingen. Deze instellingen zijn belangrijk voor sommige @@ -1911,20 +1936,12 @@ total 530 gereedschap &man.passwd.1; draait met de echte gebruikers-ID van de gebruiker die het wachtwoord verandert; echter, om de database met wachtwoorden te manipuleren, draait het met de - effectieve ID van de gebruiker root. Dit - is wat normale gebruikers in staat stelt om hun wachtwoorden te - veranderen zonder een fout Permission + effectieve ID van + root. Dit is wat + normale gebruikers in staat stelt om hun wachtwoorden te + veranderen zonder de fout Permission Denied te zien. - - De &man.mount.8;-optie nosuid zorgt - ervoor dat deze binairen zwijgend falen. Dit houdt in dat ze - niet worden uitgevoerd zonder ooit de gebruiker op de hoogte - te stellen. Deze optie is ook niet geheel betrouwbaar - aangezien een nosuid-wrapper dit volgens de - handleidingpagina &man.mount.8; kan omzeilen. - - De setuid-toestemming kan aangezet worden door het cijfer vier (4) voor een toestemmingenverzameling te plaatsen zoals te zien is in het volgende voorbeeld: @@ -1937,17 +1954,25 @@ total 530 -rwsr-xr-x 1 trhodes trhodes 63 Aug 29 06:36 suidvoorbeeld.sh - Het zou in dit voorbeeld te zien moeten zijn dat een - s nu deel is van de toestemmingenverzameling - bestemd voor de bestandseigenaar, en de uitvoerbare bit - vervangt. Dit staat gereedschappen toe die verhoogde - toestemmingen nodig hebben, zoals passwd. + Merk op dat s nu onderdeel is van + de permissie set welke aangeduid wordt voor de eigenaar en + daarmee de uitvoerbare permissie vervangt. Dit stelt + applicaties zoals &man.passwd.1; in staat om te functioneren + met verhoogde privileges. + + + De nosuid &man.mount.8; optie zal + ervoor zorgen dat zulke binaire bestanden zonder klagen + zullen falen. Echter deze optie is niet helemaal + betrouwbaar omdat er manieren zijn om hieronder uit te + komen. + Open twee terminals om dit in real-time te zien. Start op het ene het proces passwd als een normale gebruiker. Controleer de procestabel terwijl het op een nieuw - wachtwoord wacht en kijk naar de gebruikersinformatie van het - commando passwd. + wachtwoord wacht en kijk naar de gebruikersinformatie via + &man.passwd.1;. In terminal A: @@ -1961,9 +1986,9 @@ Old Password: trhodes 5232 0.0 0.2 3420 1608 0 R+ 2:10AM 0:00.00 grep passwd root 5211 0.0 0.2 3620 1724 2 I+ 2:09AM 0:00.01 - Zoals boven vermeld, wordt passwd door - een normale gebruiker gedraaid, maar gebruikt het de effectieve - UID van root. + Ondanks dat &man.passwd.1; als gewone gebruiker gestart + wordt, gebruikt deze effectief het UID van + root. De setgid-toestemming voert dezelfde functie uit als de setuid-toestemming; @@ -1974,7 +1999,7 @@ root 5211 0.0 0.2 3620 1724 2 Om de setgid-toestemming op een bestand aan te zetten, dient een voorlopende twee (2) aan het commando - chmod gegeven te worden zoals in het volgende + &man.chmod.1; gegeven te worden zoals in het volgende voorbeeld: &prompt.root; chmod 2755 sgidvoorbeeld.sh @@ -1993,34 +2018,30 @@ root 5211 0.0 0.2 3620 1724 2 &man.setuid.2;-systeemaanroepen. - De eerste twee speciale toestemmingsbits die we besproken - hebben (de toestemmingsbits setuid en - setgid) kunnen de systeemveiligheid verlagen, - door verhoogde toestemmingen toe te staan. Er is een derde bit - voor speciale toestemmingen die de veiligheid van een systeem - kan verhogen: de klevende bit. - - De klevende bit, wanneer deze op een map - is ingesteld, staat alleen het verwijderen van bestanden toe - door de eigenaar van die bestanden. Deze - toestemmingenverzameling is nuttig om het verwijderen van - bestanden in publieke mappen, zoals /tmp, door gebruikers die het - bestand niet bezitten te voorkomen. Zet een 蜑n - (1) voor de toestemming om deze toestemming te gebruiken. - Bijvoorbeeld: + De setuid en setgid + permissie bits kunnen de beveiliging van het systeem omlaag + brengen, omdat er verhoogde privileges mogelijk zijn. Het + derde speciale bitje kan echter voor een verbetering van de + beveiliging zorgen. + + Wanneer de sticky bit ingesteld is op + een directory, staat het alleen het verwijderen van bestanden + toe door de eigenaar van deze bestanden. Dit is bijvoorbeeld + handig in directories die door meerdere gebruikers gedeeld + worden zoals /tmp en kan daarmee voorkomen + dat gebruikers die niet de eigenaar zijn daarin bestanden + verwijderen. Om gebruik te maken van deze permissie moet + een voorlopende 蜑n (1) worden meegegeven. &prompt.root; chmod 1777 /tmp - Het effect kan nu met het commando ls - bekeken worden: + De sticky bit permissie kan nu gezien + worden door de t aan het einde van de + permissie set: &prompt.root; ls -al / | grep tmp drwxrwxrwt 10 root wheel 512 Aug 31 01:49 tmp - - De toestemming klevende bit is te - onderscheiden met de t aan het einde van de - verzameling. @@ -2030,13 +2051,12 @@ root 5211 0.0 0.2 3620 1724 2 mappenstructuur De &os; mappenstructuur is erg belangrijk om het systeem - goed te leren kennen. Het belangrijkste concept om greep op te - krijgen is die van de rootmap, /. Deze map is de - eerste die gekoppeld wordt tijdens het opstarten en bevat het - basissysteem dat nodig is om het besturingssysteem gereed te - maken voor multi-user taken. De rootmap bevat ook koppelpunten - voor elk ander bestandssysteem dat misschien gekoppeld - wordt. + goed te leren kennen. De meest belangrijke map is de rootmap + ofwel /. Deze map is de eerste die gekoppeld + wordt tijdens het opstarten en bevat het basissysteem dat nodig + is om het besturingssysteem gereed te maken voor multi-user + taken. De rootmap bevat ook koppelpunten voor elk ander + bestandssysteem dat misschien gekoppeld wordt. Een koppelpunt is een map waar extra bestandssystemen aan het een bestandssysteem gekoppeld kunnen worden (meestal het root @@ -2048,13 +2068,14 @@ root 5211 0.0 0.2 3620 1724 2 verwezen in /etc/fstab, een tabel met bestandssystemen en koppelpunten ter referentie voor het systeem. De meeste bestandssystemen in /etc/fstab - worden automatisch gekoppeld tijdens het opstarten door het script - &man.rc.8;, behalve als de optie - gedefinieerd is. Details staan beschreven in . + worden automatisch gekoppeld tijdens het opstarten door het + script &man.rc.8;, behalve als de optie + gedefinieerd is. Details staan beschreven in + . Een complete beschrijving over het bestandssysteem staat in - &man.hier.7;. Hier wordt volstaan met een overzicht van de - voorkomende mappen. + &man.hier.7;. De volgende tabel laat een overzicht zien van + de meest voorkomende mappen. @@ -2183,12 +2204,15 @@ root 5211 0.0 0.2 3620 1724 2 /tmp/ - Tijdelijke bestanden. De inhoud van /tmp blijft meestal NIET - bewaard na een herstart. Er wordt vaak een - geheugengebaseerd bestandssysteem gekoppeld op /tmp. Dit kan - geautomatiseerd worden met de tmpmfs-gerelateerde - variabelen van &man.rc.conf.5; (of met een regel in - /etc/fstab). Zie &man.mdmfs.8;. + Tijdelijke bestanden. De inhoud van + /tmp blijft meestal NIET bewaard + na een herstart. Er wordt vaak een geheugengebaseerd + bestandssysteem gekoppeld aan + /tmp. Dit kan geautomatiseerd + worden met de tmpmfs-gerelateerde variabelen van + &man.rc.conf.5; (of met een regel in + /etc/fstab). Zie + &man.mdmfs.8;. @@ -2262,7 +2286,7 @@ root 5211 0.0 0.2 3620 1724 2 /usr/sbin/ Systeemdaemons en systeemhulpprogramma's - (uitgevoerd door gebruikers). + uitgevoerd door gebruikers. @@ -2278,13 +2302,6 @@ root 5211 0.0 0.2 3620 1724 2 - /usr/X11R6/ - - Uitvoerbare bestanden en bibliotheken, etc, voor - de X11R6 distributie (optioneel). - - - /var/ Multifunctionele logboek-, tijdelijke, @@ -2335,15 +2352,14 @@ root 5211 0.0 0.2 3620 1724 2 hoofdlettergevoelig, wat betekent dat readme.txt en README.TXT twee verschillende bestanden - zijn. &os; gebruikt de extensie niet (.txt) - van een bestand om te bepalen of het bestand een programma, een - document of een vorm van data is. + zijn. &os; gebruikt de extensie van een bestand niet om te + bepalen of het bestand een programma, een document of een andere + vorm van data is. Bestanden worden bewaard in mappen. Een map kan leeg zijn of honderden bestanden bevatten. Een map kan ook andere mappen bevatten, wat het mogelijk maakt om een hirarchie van - mappen te maken. Dit maakt het veel makkelijker om data te - organiseren. + mappen te maken om data beter te organiseren. Bestanden en mappen worden aangegeven door het bestand of de map aan te geven, gevolgd door een voorwaardse slash, @@ -2352,31 +2368,25 @@ root 5211 0.0 0.2 3620 1724 2 bar bevat, die op zijn beurt het bestand readme.txt bevat, dan wordt de volledige naam of pad naar het bestand - foo/bar/readme.txt. + foo/bar/readme.txt. Let op dat dit anders + is dan onder &windows; welke gebruik maakt van het + \ teken om bestanden en mappen te scheiden. + &os; maakt geen gebruik van schijfletters of andere schijfnamen + in het pad. Zo zal op &os; nooit + c:\foo\bar\readme.txt gebruikt + worden. Mappen en bestanden worden bewaard op een bestandssysteem. Elk bestandssysteem bevat precies 蜑n map op het hoogste niveau die de rootmap van het bestandssysteem heet. Deze rootmap kan op zijn beurt andere - mappen bevatten. - - Tot zover is dit waarschijnlijk hetzelfde als voor elk ander - besturingssysteem. Er zijn een paar verschillen. &ms-dos; - gebruikt bijvoorbeeld een \ om bestanden en - mappen te scheiden, terwijl &macos; gebruik maakt van - :. - - &os; gebruikt geen schijfletters, of andere schijfnamen in - het pad. &os; gebruikt geen - c:/foo/bar/readme.txt. - - En bestandssysteem wordt aangewezen als - root bestandssysteem, waar naar wordt - verwezen met /. Elk ander bestandssysteem - wordt daarna gekoppeld onder het root - bestandssysteem. Hoeveel schijven er ook aan een &os; systeem - hangen, het lijkt alsof elke map zich op dezelfde schijf - bevindt. + mappen bevatten. 負n bestandssysteem wordt gekozen als het + root file system of /. + Elk ander bestandssysteem wordt dan + gemount onder het root file system. + Ongeacht de hoeveelheid schijven er aan het &os; systeem + gekoppeld zijn, elke directory lijkt onderdeel te zijn van + dezelfde schijf. Stel er zijn drie bestandssystemen met de namen A,B en @@ -2386,8 +2396,8 @@ root 5211 0.0 0.2 3620 1724 2 andere twee: B1, B2, C1 en C2). - A wordt het root besturingsysteem. Met - ls, dat de inhoud van de map kan tonen, zijn + A wordt het root besturingsysteem. Als + &man.ls.1; wordt gebruikt om de inhoud van de map te tonen, zijn de twee mappen A1 en A2 te zien. De mappenstructuur ziet er als volgend uit: @@ -2516,16 +2526,6 @@ root 5211 0.0 0.2 3620 1724 2 - Hoewel het niet gelijk is, lijkt het op het gebruik van - join in &ms-dos;. - - Beginnende gebruikers hoeven zich hier gewoonlijk niet mee - bezig te houden. Normaal gesproken worden bestandssystemen - gemaakt als &os; wordt genstalleerd en er wordt - besloten waar ze gekoppeld worden. Meestal worden ze ook niet - gewijzigd tot er een nieuwe schijf aan een systeem wordt - toegevoegd. - Het is mogelijk om 蜑n groot root bestandssysteem te hebben en geen andere. Deze benadering heeft voordelen en nadelen. @@ -2535,15 +2535,15 @@ root 5211 0.0 0.2 3620 1724 2 Verschillende bestandssystemen kunnen verschillende - mount opties hebben. Met een goede - voorbereiding kan het root bestandssysteem bijvoorbeeld als - alleen-lezen gekoppeld worden, waardoor het onmogelijk wordt - om per ongeluk kritische bestanden te verwijderen of te - bewerken. Het scheiden van andere bestandssystemen die - beschrijfbaar zijn door gebruikers, zoals - /home van andere bestandssystemen stelt - de beheerder in staat om ze nosuid te - koppelen. Deze optie voorkomt dat + mount opties hebben. Bijvoorbeeld, + het root bestandssysteem kan alleen-lezen gekoppeld worden, + wat het onmogelijk maakt voor gebruikers om ongewenst + kritieke bestanden te bewerken of te verwijderen. Door + bestandssystemen die schrijfbaar moeten zijn voor gebruikers + te scheiden zoals /home van andere + bestandssystemen, stelt deze in staat om gekoppeld te worden + met de nosuid optie. Deze optie + voorkomt dat suid/guid bits op uitvoerbare bestanden effectief gebruikt kunnen worden, waardoor de beveiliging mogelijk beter wordt. @@ -2601,9 +2601,9 @@ root 5211 0.0 0.2 3620 1724 2 opgeslagen zijn. &os; gebruikt ook schijfruimte voor - wisselbestanden. Wisselbestanden geven - &os; virtueel geheugen. Dit geeft de - computer de mogelijkheid om net te doen alsof er veel meer + wisselbestanden om hiermee + virtueel geheugen te leveren. Dit geeft + de computer de mogelijkheid om net te doen alsof er veel meer geheugen in de machine aanwezig is dan werkelijk het geval is. Als &os; geen geheugen meer heeft, verplaatst het data die op dat moment niet gebruikt wordt naar de wisselbestanden en plaatst het @@ -2645,9 +2645,9 @@ root 5211 0.0 0.2 3620 1724 2 Heeft meestal dezelfde grootte als de hele harde schijf. Dit geeft hulpprogramma's de mogelijkheid - om op een complete schijf te werken (voor bijvoorbeeld een - bad block scanner) om te werken op de - c partitie. Meest wordt hierop dan + om op een complete schijf te werken, zoals een bad + block scanner, om te werken op de + c partitie. Meestal wordt hierop dan ook geen bestandssysteem gecreerd. @@ -2663,11 +2663,11 @@ root 5211 0.0 0.2 3620 1724 2       - Elke partitie die een bestandssysteem bevat is opgeslagen - in wat &os; noemt een slice. Slice is - &os;'s term voor wat meeste mensen partities noemen. Dit komt - wederom door &os;'s &unix; achtergrond. Slices zijn genummerd - van 1 tot en met 4. + Schijven in &os; worden onderverdeeld in + slices, onder &windows; ook wel partities + genoemd, welke genummerd zijn van 1 tot en met 4. Deze worden + vervolgens onderverdeeld in partities, welke bestandssystemen + bevatten, en worden gelabeld door letters. slices @@ -2691,8 +2691,10 @@ root 5211 0.0 0.2 3620 1724 2 partities, die worden weergegeven door letters vanaf a tot h. Deze letter wordt achter de apparaatnaam geplakt. Dus - da0a is de a partitie op de - eerste da drive, die gevaarlijk toegewijd is. + da0a is de + a partitie op de eerste + da schijf, die + gevaarlijk toegewijd is. ad1s3e is de vijfde partitie op de derde slice van de tweede IDE schijf. @@ -2700,23 +2702,24 @@ root 5211 0.0 0.2 3620 1724 2 schijfnaam start met een code die het type aangeeft en dan een nummer dat aangeeft welke schijf het is. In tegenstelling tot bij slices, start het nummeren van schijven bij 0. - Standaardcodes staan beschreven in . + Standaardcodes staan beschreven in + . - Bij een referentie aan een partitie verwacht &os; ook dat - de slice en schijf refereert naar die partitie en als naar een - slice wordt verwezen moet ook de schijfnaam genoemd worden. Dit - kan door de schijfnaam, s, het slice nummer - en de partitieletter aan te geven. Voorbeelden staan in . + Bij een referentie naar een partitie verwacht &os; de + schijfnaam, s, het slice nummer + en de partitieletter aan te geven. Voorbeelden staan in + . In staat een conceptmodel van een schijflayout die een en ander verduidelijkt. - Voordat &os; genstalleerd kan worden moeten eerst de - schijfslices gemaakt worden en daarna moeten de partities op de - slices voor &os; gemaakt worden. Daarna wordt op elke - partitie het bestandssysteem (of wisselbestand) gemaakt en als - laatste wordt besloten waar het filesysteem gekoppeld wordt. + Wanneer &os; genstalleerd wordt, moeten de disk slices + geconfigureerd worden en moeten er partities op deze slices + worden gemaakt zodat &os; hier gebruik van kan maken om er + bestandssystemen op te zetten of een plek voor swap ruimte. + Hierna kan &os; bepalen waar elk bestandssysteem wordt + gekoppeld. Schijf apparaatcodes @@ -2883,8 +2886,8 @@ root 5211 0.0 0.2 3620 1724 2 Een andere vaak voorkomende reden om bepaalde mapbomen op aparte bestandssystemen te plaatsen, is om ze op verschillende fysieke schrijven te zetten of gescheiden virtuele schijven zoals - gemounte Netwerk bestandssystemen of cd-rom - drives. + gemounteNetwerk bestandssystemen, beschreven in + , of cd-rom drives. Het bestand <filename>fstab</filename> @@ -2895,7 +2898,7 @@ root 5211 0.0 0.2 3620 1724 2 gekoppeld met fstab - Tijdens het opstartproces, + Tijdens het opstartproces () worden bestandssystemen die vermeld staan in /etc/fstab automatisch gekoppeld (tenzij ze vermeld staan met ). @@ -2910,8 +2913,8 @@ root 5211 0.0 0.2 3620 1724 2 apparaat - Een apparaatnaam (die moet bestaan) zoals uitgelegd - in . + Een bestaande apparaatnaam zoals uitgelegd in + . @@ -2967,9 +2970,9 @@ root 5211 0.0 0.2 3620 1724 2 gecontroleerd moeten worden. Bestandssystemen die overgeslagen moeten worden moeten hun passno waarde op nul hebben staan. - Voor het root bestandssysteem (dat voor alle andere - gecontroleerd moet worden) moet passno - op 蜑n staan en passno + Voor het root bestandssysteem, welke voor alle anderen + gecontroleerd moet worden, moet passno + op 蜑n staan en de passno waarden voor andere bestandssystemen moeten een waarde hebben groter dan 蜑n. Als bestandssysteem dezelfde passno waarde hebben probeert @@ -2984,7 +2987,7 @@ root 5211 0.0 0.2 3620 1724 2 - Het commando <command>mount</command> + Gebruik maken van &man.mount.8; bestandssystemen @@ -2992,17 +2995,15 @@ root 5211 0.0 0.2 3620 1724 2 koppelen - &man.mount.8; wordt gebruikt om bestandsystemen te - koppelen. - - De meest eenvoudige vorm is: + Bestandssystemen worden gekoppeld door middel van + &man.mount.8;. De basis syntax is als volgt: &prompt.root; mount apparaat koppelpunt - Alle opties voor het commando staat in &man.mount.8;, maar - de meest voorkomende zijn: + Dit commando heeft veel opties welke beschreven staan in + &man.mount.8;. De meest voorkomende zijn: Mountopties @@ -3035,9 +3036,10 @@ root 5211 0.0 0.2 3620 1724 2 Forceert het koppelen van een niet schoon - bestandssysteem (gevaarlijk) of forceert het innemen van - schrijftoegang als de koppelstatus van een bestandssysteem - wijzigt van lezen en schrijven naar alleen lezen. + bestandssysteem (gevaarlijk) of het innemen van + schrijftoegang, bij het degraderen van de status + van het bestandssysteem van lezen-schrijven naar + alleen-lezen. @@ -3046,8 +3048,7 @@ root 5211 0.0 0.2 3620 1724 2 Mount het bestandssysteem alleen lezen. Dit is - identiek aan de optie - voor de optie . + identiek aan de optie . @@ -3059,10 +3060,8 @@ root 5211 0.0 0.2 3620 1724 2 Mount het opgegeven bestandssysteem als het opgegeven type bestandssysteem of koppelt alleen bestandssystemen van het aangegeven type als ook de optie - is opgegeven. - - ufs is het standaard - bestandssysteem. + is opgegeven. Het standaard + type bestandssysteem is ufs. @@ -3091,21 +3090,12 @@ root 5211 0.0 0.2 3620 1724 2 - De optie accepteert een door komma's - gescheiden lijst van opties, waaronder de volgende: + De volgende opties kunnen worden meegegeven bij de + als een door komma's gescheieden + lijst: - noexec - - - Sta geen uitvoerbare bestanden toe op dit - bestandssysteem. Ook dit is een nuttige - veiligheidsoptie. - - - - nosuid @@ -3118,7 +3108,7 @@ root 5211 0.0 0.2 3620 1724 2 - Het commando <command>umount</command> + Gebruik maken van &man.umount.8; bestandssystemen @@ -3126,165 +3116,178 @@ root 5211 0.0 0.2 3620 1724 2 ontkoppelen - &man.umount.8; heeft een koppelpunt, een apparaatnaam, - of als - parameter. + Om een bestandssysteem te ontkoppelen moet gebruik worden + gemaakt van &man.umount.8;. Dit commando heeft EEn parameter, + welke een koppelpunt, een apparaatnaam, de + vlag of de vlag. - Alle vormen kunnen de optie hebben om - een bestandsysteem te forceren te ontkoppelen en de optie + Alle vormen kunnen de optie gebruiken om + een bestandsysteem geforceerd te ontkoppelen en de optie voor uitgebreide informatie. De optie is meestal geen goed idee. Forceren dat een bestandssysteem ontkoppeld wordt kan de computer laten crashen of data op het bestandssysteem beschadigen. - De opties en - worden gebruikt om alle bestandssystemen te unmounten, - mogelijk nader gespecificeerd door de optie - met daarachter op welke typen bestandssystemen het betrekking - heeft. Voor de optie geldt dat deze niet - probeert het root bestandssysteem te ontkoppelen. + Om alle bestandssystemen te ontkoppelen, of alleen de + bestandsssystemen die gespecificeerd zijn door de + optie, moet gebruik worden gemaakt + van de of de optie. + Let op dat de het root bestandssysteem + niet ontkoppeld. - Processen + Processen en daemons - &os; is een multi-tasking besturingssysteem. Dit betekent - dat het lijkt alsof er meer dan 蜑n proces - tegelijkertijd draait. Elk programma dat draait wordt een *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Fri Mar 7 16:36:30 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 28855575; Fri, 7 Mar 2014 16:36:30 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 08D4E258; Fri, 7 Mar 2014 16:36:30 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s27GaTNa033769; Fri, 7 Mar 2014 16:36:29 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s27GaTh6033768; Fri, 7 Mar 2014 16:36:29 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403071636.s27GaTh6033768@svn.freebsd.org> From: Dru Lavigne Date: Fri, 7 Mar 2014 16:36:29 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44175 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Mar 2014 16:36:30 -0000 Author: dru Date: Fri Mar 7 16:36:29 2014 New Revision: 44175 URL: http://svnweb.freebsd.org/changeset/doc/44175 Log: Prep work before reviewing IPv6 chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Fri Mar 7 15:47:07 2014 (r44174) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Fri Mar 7 16:36:29 2014 (r44175) @@ -4355,14 +4355,21 @@ Received 264951 bytes in 0.1 seconds - For more information see: - - - - For more information, refer to KAME.net - - + + Currently IPv6 support for many + applications and services is very good, though for some + software it still needs work. For authoritative information + about the support of IPv6, please consult + the Official Documentation for the software in + question. + + Web, DNS and Mail applications and + servers have the best support for IPv6 + because they are the most common use case. Other applications + may have varying degrees of IPv6 + support. Background on <acronym>IPv6</acronym> Addresses @@ -4476,12 +4483,8 @@ Received 264951 bytes in 0.1 seconds
      - - - - Reading <acronym>IPv6</acronym> Addresses - The canonical form is represented as: + When reading an IPv6 address, the canonical form is represented as: x:x:x:x:x:x:x:x, with each x being a 16 bit hex value. For example: FEBC:A574:382B:23C1:AA49:4592:4EFE:9982. @@ -4525,7 +4528,7 @@ Received 264951 bytes in 0.1 seconds - Getting Connected + Configuring <acronym>IPv6</acronym> Currently, there are four ways to connect to other IPv6 hosts and networks: @@ -4559,15 +4562,6 @@ Received 264951 bytes in 0.1 seconds - - - - Applying the Needed Changes to - <filename>/etc/rc.conf</filename> - - - <acronym>IPv6</acronym> Client - Auto-Configuration To automatically configure a machine on a LAN which acts as a client, not a @@ -4588,11 +4582,6 @@ Received 264951 bytes in 0.1 seconds ipv6_enable="YES" - - - - <acronym>IPv6</acronym> Client Static - Configuration To statically assign the IPv6 address, @@ -4618,14 +4607,16 @@ Received 264951 bytes in 0.1 seconds/etc/rc.conf: ipv6_defaultrouter="2001:db8:4672:6565::1" - + - - <acronym>IPv6</acronym> Router/Gateway Settings + + Connecting to a Provider This section demonstrates how to take the directions from a tunnel provider and convert it into settings that - will persist through reboots. To restore the tunnel on + will persist through reboots. + + To restore the tunnel on startup, add the following lines to /etc/rc.conf. @@ -4658,10 +4649,6 @@ Received 264951 bytes in 0.1 secondsIPv6 tunnel: ipv6_defaultrouter="MY_IPv6_REMOTE_TUNNEL_ENDPOINT_ADDR" - - - - <acronym>IPv6</acronym> Tunnel Settings If the server is to route IPv6 between the rest of the network and the world, the following @@ -4669,7 +4656,6 @@ Received 264951 bytes in 0.1 seconds ipv6_gateway_enable="YES" - @@ -4735,23 +4721,6 @@ Received 264951 bytes in 0.1 secondsRFC 4038 section 4.2 may be useful to some adminstrators. - - - Application Use of <acronym>IPv6</acronym> - - Currently IPv6 support for many - applications and services is very good, though for some - software it still needs work. For authoritative information - about the support of IPv6, please consult - the Official Documentation for the software in - question. - - Web, DNS and Mail applications and - servers have the best support for IPv6 - because they are the most common use case. Other applications - may have varying degrees of IPv6 - support. - - world の構築前に行う作業 + world の構築<emphasis>前</emphasis>に行う作業 重要なデータを他のシステムやリムーバブルメディアにバックアップし、 @@ -1552,104 +1552,60 @@ before running "/usr/sbin/freebsd-update - システムを更新する正式な方法 + システム更新の概要 - 上で述べた作業を行ったら、 - 以下の手順を踏んでシステムをアップデートしてください。 + world の構築では、 + に書かれている手順で入手したソースを用いて、 + 古い &os; のバージョンをアップデートしてください。 + + world は、&os; のカーネル、コアシステムのバイナリ、 + ライブラリ、プログラミングファイル、組み込みのコンパイラを意味します。 + これらのコンポーネントの構築およびインストールの順番は重要です。 - この節で説明するアップデートのプロセスは、古いコンパイラ、 - 古いカーネル、古い world、そして古いコンフィグレーションファイルからなる、 - 古いバージョンの &os; をアップデートすることを想定しています。 - ここで world は、コアシステムのバイナリ、ライブラリ、 - プログラミングファイルを意味します。 - コンパイラは world の一部ですが、 - いくつか特別に気をつけなければならないことがあります。 - - また、これらのステップでは、 - 新しいバージョンのソースをすでに入手していることも仮定しています。 - もしシステムのソースコードが古いようでしたら、 - を読んで、 - ソースコードを新しいバージョンへ同期する方法の詳細を理解してください。 - - ソースからのシステムのアップデートは、 - 当初予想していたものよりとらえがたいものです。 - 長い年月において避けられない依存問題が判明したため、 - &os; の開発者達は、推奨されるアプローチを大きく変更しました。 - この節では、現在推奨されているアップグレードの手順の背後にある、 - 理論的根拠について説明します。 - - 連続したアップデートの手順は、以下の問題に対応している必要があります。 - - - - 古いコンパイラは、 - バグを含み新しいカーネルをコンパイルできない可能性があります。 + 例えば、古いコンパイラは、 + バグを含み、新しいカーネルをコンパイルできない可能性があります。 そのため、新しいカーネルの構築には、 - 新しいコンパイラを使う必要があります。 - ことのことは、新しいカーネルを構築する前に、 - 新しいコンパイラを構築していなければならないことを意味しています。 - 必ずしも、新しいカーネルを構築する前に、新しいコンパイラが - インストールされている - 必要があることを意味しているわけではありません。 - + 新しいコンパイラを使う必要があり、 + 新しいコンパイラを構築しなくてはいけませんが、 + 必ずしも、 + 新しいコンパイラがインストールされている必要があるわけではありません。 - 新しい world は、 新しいカーネルの機能に依存している可能性があるため、 新しい world をインストールする前に、 - 新しいカーネルがインストールされていなければなりません。 - - - - これら 2 つの重要事項は、 - 以下の説明で中心となる buildworld, - buildkernel, - installkernel, - installworld の基本です。 - 他の理由については以下でリストアップします。 - - - - 古い world は、新しいカーネルでは正しく動かないかも知れません。 + 新しいカーネルがインストールされていなければなりません。 + 古い world は、新しいカーネルでは正しく動かないかも知れません。 そのため、新しいカーネルをインストールしたら、 直ちに新しい world をインストールしてください。 - - 設定の中には、新しい world をインストールする前に変更すべきものがありますが、 古い world を壊す可能性があります。 そのため、一般的に設定のアップデートは、 - 2 つの手順が必要です。 - - - - 多くの場合、アップデートのプロセスは、ファイルを置き換えたり、 + 2 つの手順が必要です。 + 多くの場合、アップデートのプロセスは、ファイルを置き換えたり、 追加のみを行い、古いファイルを削除しません。 このことが問題を引き起こす可能性があります。 そのため、アップデートにおいては、 手動で削除すべきファイルがあることを、 - 特定のステップで指定することもあります。 - これは将来自動化されるかもしれないし、されないかもしれません。 - - - - これらを配慮し、以下の推奨手順が作られました。 - アップデートの細かい手順においては、追加の手順が必要になるかもしれませんが、 - この中心となるプロセスは、しばらくの間変わっていません。 - - - - make buildworld + 特定のステップで指定することもあります。 + これらを配慮し、以下のアップグレードの推奨手順が作られました。 + + world の構築プロセスの概要 + + world の構築プロセスで用いられるコマンドは、 + ここで示されている順番で実行してください。 + この節では各コマンドの機能についてまとめます。 + 新しいコンパイラと関連ツールを最初にコンパイルし、 その後、新しいコンパイラで、 新しい world の残りの部分をコンパイルします。 コンパイルされたものは、 /usr/obj に格納されます。 - + - + make buildkernel @@ -1657,25 +1613,25 @@ before running "/usr/sbin/freebsd-update /usr/obj にある 新しい コンパイラが用いられます。 これにより、コンパイラとカーネルのミスマッチを防ぐことができます。 - + - + make installkernel 新しくアップデートされたカーネルで起動できるように、 新しいカーネルとカーネルモジュールをディスク上に配置します。 - + - + シングルユーザモードで再起動 シングルユーザモードは、 すでに実行されているソフトウェアをアップデートする際の問題を最小限にします。 また、新しいカーネル上で古い world が実行される際の問題も最小限にします。 - + - + mergemaster -p 新しい world における最初の設定ファイルのアップデートを行います。 @@ -1686,23 +1642,23 @@ before running "/usr/sbin/freebsd-update installworld のステップで、 新しくインストールされたシステムのユーザまたはシステムのグループ名を問題なく使うことができるように、 この作業がときどき必要となります。 - + - + make installworld world を /usr/obj からコピーします。 これで、ディスクには新しいカーネルと world が置かれたことになります。 - + - + mergemaster ディスクに新しい world が置かれたので、 残りの設定ファイルをアップデートします。 - + - + make delete-old @@ -1712,23 +1668,23 @@ before running "/usr/sbin/freebsd-update たとえば、古い utmp.h が残っていると、 新しい utmpx.h をインストールしたときに、 問題が起きる ports があります。 - + - + 再起動 新しいカーネル、world そして設定ファイルがロードされたので、 再起動が必要です。 - + - + make delete-old-libs 使われなくなったライブラリが新しいライブラリと競合することを避けるため削除します。 古いライブラリを削除する前にすべての ports を再構築する必要があります。 - - + + もし、&os; のあるブランチのあるリリースから、 同じブランチの最新リリースにアップデートするのであれば From owner-svn-doc-all@FreeBSD.ORG Sat Mar 8 17:47:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9F4B4E25; Sat, 8 Mar 2014 17:47:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8986B96D; Sat, 8 Mar 2014 17:47:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s28HlucV058194; Sat, 8 Mar 2014 17:47:56 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s28HluAL058193; Sat, 8 Mar 2014 17:47:56 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201403081747.s28HluAL058193@svn.freebsd.org> From: Gavin Atkinson Date: Sat, 8 Mar 2014 17:47:56 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44194 - head/en_US.ISO8859-1/htdocs/projects X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Mar 2014 17:47:56 -0000 Author: gavin Date: Sat Mar 8 17:47:56 2014 New Revision: 44194 URL: http://svnweb.freebsd.org/changeset/doc/44194 Log: Update for 2014. Poster for 2014 still to come. Modified: head/en_US.ISO8859-1/htdocs/projects/summerofcode.xml Modified: head/en_US.ISO8859-1/htdocs/projects/summerofcode.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/projects/summerofcode.xml Sat Mar 8 13:32:57 2014 (r44193) +++ head/en_US.ISO8859-1/htdocs/projects/summerofcode.xml Sat Mar 8 17:47:56 2014 (r44194) @@ -16,11 +16,11 @@

      The FreeBSD Project is looking forward to participating as a mentoring organization in Google - Summer of Code 2013. + href="http://www.google-melange.com/gsoc/homepage/google/gsoc2014">Google + Summer of Code 2014. This program funds students to contribute to an open source project over the summer break. - We have had over 150 successful + We have had over 160 successful students working on FreeBSD as part of this program in 2005, 2006, 2008, 2009, 2010, - 2011 + 2011, + 2012 and - 2012.

      + 2013.

      This page will be updated throughout the application period to include new information, such as project ideas, proposal information, @@ -77,6 +78,8 @@

      For a complete list of student projects from previous years, visit:

    +

    Sociale netwerken

    +

    &os; is vertegenwoordigd op een aantal sociale + netwerken.

    + +     From owner-svn-doc-all@FreeBSD.ORG Mon Mar 17 07:53:16 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B02E8AE6; Mon, 17 Mar 2014 07:53:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 9C0C7E8B; Mon, 17 Mar 2014 07:53:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2H7rGCl028129; Mon, 17 Mar 2014 07:53:16 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2H7rGbw028128; Mon, 17 Mar 2014 07:53:16 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201403170753.s2H7rGbw028128@svn.freebsd.org> From: Remko Lodder Date: Mon, 17 Mar 2014 07:53:16 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44255 - translations/nl_NL.ISO8859-1/htdocs X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2014 07:53:16 -0000 Author: remko Date: Mon Mar 17 07:53:16 2014 New Revision: 44255 URL: http://svnweb.freebsd.org/changeset/doc/44255 Log: Bump related version number. Facilitated by: Snow B.V. Modified: translations/nl_NL.ISO8859-1/htdocs/internet.xml Modified: translations/nl_NL.ISO8859-1/htdocs/internet.xml ============================================================================== --- translations/nl_NL.ISO8859-1/htdocs/internet.xml Mon Mar 17 07:51:05 2014 (r44254) +++ translations/nl_NL.ISO8859-1/htdocs/internet.xml Mon Mar 17 07:53:16 2014 (r44255) @@ -5,7 +5,7 @@ ]> From owner-svn-doc-all@FreeBSD.ORG Mon Mar 17 07:54:30 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E975BC41; Mon, 17 Mar 2014 07:54:30 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id D5B0EE9B; Mon, 17 Mar 2014 07:54:30 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2H7sUu8028376; Mon, 17 Mar 2014 07:54:30 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2H7sUqH028375; Mon, 17 Mar 2014 07:54:30 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201403170754.s2H7sUqH028375@svn.freebsd.org> From: Remko Lodder Date: Mon, 17 Mar 2014 07:54:30 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44256 - translations/nl_NL.ISO8859-1/htdocs X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2014 07:54:31 -0000 Author: remko Date: Mon Mar 17 07:54:30 2014 New Revision: 44256 URL: http://svnweb.freebsd.org/changeset/doc/44256 Log: Bump related version number Facilitated by: Snow B.V. Modified: translations/nl_NL.ISO8859-1/htdocs/mailto.xml Modified: translations/nl_NL.ISO8859-1/htdocs/mailto.xml ============================================================================== --- translations/nl_NL.ISO8859-1/htdocs/mailto.xml Mon Mar 17 07:53:16 2014 (r44255) +++ translations/nl_NL.ISO8859-1/htdocs/mailto.xml Mon Mar 17 07:54:30 2014 (r44256) @@ -5,7 +5,7 @@ ]> From owner-svn-doc-all@FreeBSD.ORG Mon Mar 17 07:55:29 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5FBCFE6A; Mon, 17 Mar 2014 07:55:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 4BFF2EAA; Mon, 17 Mar 2014 07:55:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2H7tTNC028584; Mon, 17 Mar 2014 07:55:29 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2H7tTHl028583; Mon, 17 Mar 2014 07:55:29 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201403170755.s2H7tTHl028583@svn.freebsd.org> From: Remko Lodder Date: Mon, 17 Mar 2014 07:55:29 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44257 - translations/nl_NL.ISO8859-1/htdocs X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2014 07:55:29 -0000 Author: remko Date: Mon Mar 17 07:55:28 2014 New Revision: 44257 URL: http://svnweb.freebsd.org/changeset/doc/44257 Log: Bump version number Facilitated by: Snow B.V. Modified: translations/nl_NL.ISO8859-1/htdocs/publish.xml Modified: translations/nl_NL.ISO8859-1/htdocs/publish.xml ============================================================================== --- translations/nl_NL.ISO8859-1/htdocs/publish.xml Mon Mar 17 07:54:30 2014 (r44256) +++ translations/nl_NL.ISO8859-1/htdocs/publish.xml Mon Mar 17 07:55:28 2014 (r44257) @@ -5,7 +5,7 @@ ]> From owner-svn-doc-all@FreeBSD.ORG Mon Mar 17 07:57:02 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D6A8EEDA; Mon, 17 Mar 2014 07:57:02 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C2F8BEB7; Mon, 17 Mar 2014 07:57:02 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2H7v2vB028783; Mon, 17 Mar 2014 07:57:02 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2H7v24i028782; Mon, 17 Mar 2014 07:57:02 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201403170757.s2H7v24i028782@svn.freebsd.org> From: Remko Lodder Date: Mon, 17 Mar 2014 07:57:02 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44258 - translations/nl_NL.ISO8859-1/htdocs X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2014 07:57:02 -0000 Author: remko Date: Mon Mar 17 07:57:02 2014 New Revision: 44258 URL: http://svnweb.freebsd.org/changeset/doc/44258 Log: Bump related version Facilitated by: Snow B.V. Modified: translations/nl_NL.ISO8859-1/htdocs/features.xml Modified: translations/nl_NL.ISO8859-1/htdocs/features.xml ============================================================================== --- translations/nl_NL.ISO8859-1/htdocs/features.xml Mon Mar 17 07:55:28 2014 (r44257) +++ translations/nl_NL.ISO8859-1/htdocs/features.xml Mon Mar 17 07:57:02 2014 (r44258) @@ -5,7 +5,7 @@ ]> From owner-svn-doc-all@FreeBSD.ORG Mon Mar 17 07:58:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BF5C7F75; Mon, 17 Mar 2014 07:58:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id AB175EBD; Mon, 17 Mar 2014 07:58:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2H7wAMC028946; Mon, 17 Mar 2014 07:58:10 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2H7wA69028945; Mon, 17 Mar 2014 07:58:10 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201403170758.s2H7wA69028945@svn.freebsd.org> From: Remko Lodder Date: Mon, 17 Mar 2014 07:58:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44259 - translations/nl_NL.ISO8859-1/htdocs X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2014 07:58:10 -0000 Author: remko Date: Mon Mar 17 07:58:10 2014 New Revision: 44259 URL: http://svnweb.freebsd.org/changeset/doc/44259 Log: Bump related version number. Facilitated by: Snow B.V. Modified: translations/nl_NL.ISO8859-1/htdocs/applications.xml Modified: translations/nl_NL.ISO8859-1/htdocs/applications.xml ============================================================================== --- translations/nl_NL.ISO8859-1/htdocs/applications.xml Mon Mar 17 07:57:02 2014 (r44258) +++ translations/nl_NL.ISO8859-1/htdocs/applications.xml Mon Mar 17 07:58:10 2014 (r44259) @@ -6,7 +6,7 @@ From owner-svn-doc-all@FreeBSD.ORG Mon Mar 17 08:04:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E6891312; Mon, 17 Mar 2014 08:04:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id D2807F84; Mon, 17 Mar 2014 08:04:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2H84AH8032722; Mon, 17 Mar 2014 08:04:10 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2H84Abb032721; Mon, 17 Mar 2014 08:04:10 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201403170804.s2H84Abb032721@svn.freebsd.org> From: Remko Lodder Date: Mon, 17 Mar 2014 08:04:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44260 - translations/nl_NL.ISO8859-1/htdocs X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2014 08:04:11 -0000 Author: remko Date: Mon Mar 17 08:04:10 2014 New Revision: 44260 URL: http://svnweb.freebsd.org/changeset/doc/44260 Log: Update the Makefile which adds 5xx.xml. Add the 5xx.xml document as well. Facilitated by: Snow B.V. Added: translations/nl_NL.ISO8859-1/htdocs/5xx.xml (contents, props changed) Modified: translations/nl_NL.ISO8859-1/htdocs/Makefile Added: translations/nl_NL.ISO8859-1/htdocs/5xx.xml ============================================================================== Binary file. No diff available. Modified: translations/nl_NL.ISO8859-1/htdocs/Makefile ============================================================================== --- translations/nl_NL.ISO8859-1/htdocs/Makefile Mon Mar 17 07:58:10 2014 (r44259) +++ translations/nl_NL.ISO8859-1/htdocs/Makefile Mon Mar 17 08:04:10 2014 (r44260) @@ -1,6 +1,6 @@ # $FreeBSD$ # %SOURCE% en_US.ISO8859-1/htdocs/Makefile -# %SRCID% 41060 +# %SRCID% 43328 # XXX rene r40275 (Google Analytics) not merged in (yet) @@ -29,6 +29,7 @@ DOCS+= send-pr.xml DOCS+= support.xml DOCS+= where.xml DOCS+= 4xx.xml +DOCS+= 5xx.xml XMLDOCS= index:xsl:${XML_NEWS_NEWS}: DEPENDSET.index=transtable mirrors news press events \ From owner-svn-doc-all@FreeBSD.ORG Mon Mar 17 08:08:26 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D57043A7; Mon, 17 Mar 2014 08:08:26 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id A94B6FA4; Mon, 17 Mar 2014 08:08:26 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2H88QOM033311; Mon, 17 Mar 2014 08:08:26 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2H88QTP033310; Mon, 17 Mar 2014 08:08:26 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201403170808.s2H88QTP033310@svn.freebsd.org> From: Remko Lodder Date: Mon, 17 Mar 2014 08:08:26 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44261 - translations/nl_NL.ISO8859-1/htdocs X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2014 08:08:26 -0000 Author: remko Date: Mon Mar 17 08:08:26 2014 New Revision: 44261 URL: http://svnweb.freebsd.org/changeset/doc/44261 Log: Update the properties on 5xx.xml, making it the same as 4xx.xml. This should revert this file from being seen binary. I hope. Facilitated by: Snow B.V. Modified: translations/nl_NL.ISO8859-1/htdocs/5xx.xml (contents, props changed) Modified: translations/nl_NL.ISO8859-1/htdocs/5xx.xml ============================================================================== Binary file (source and/or target). No diff available. From owner-svn-doc-all@FreeBSD.ORG Mon Mar 17 08:10:20 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 879C0418; Mon, 17 Mar 2014 08:10:20 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 742D875; Mon, 17 Mar 2014 08:10:20 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2H8AKgo033956; Mon, 17 Mar 2014 08:10:20 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2H8AKbS033955; Mon, 17 Mar 2014 08:10:20 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201403170810.s2H8AKbS033955@svn.freebsd.org> From: Remko Lodder Date: Mon, 17 Mar 2014 08:10:20 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44262 - translations/nl_NL.ISO8859-1/htdocs X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2014 08:10:20 -0000 Author: remko Date: Mon Mar 17 08:10:19 2014 New Revision: 44262 URL: http://svnweb.freebsd.org/changeset/doc/44262 Log: Bump related version number. Facilitated by: Snow B.V. Modified: translations/nl_NL.ISO8859-1/htdocs/4xx.xml Modified: translations/nl_NL.ISO8859-1/htdocs/4xx.xml ============================================================================== --- translations/nl_NL.ISO8859-1/htdocs/4xx.xml Mon Mar 17 08:08:26 2014 (r44261) +++ translations/nl_NL.ISO8859-1/htdocs/4xx.xml Mon Mar 17 08:10:19 2014 (r44262) @@ -6,7 +6,7 @@ From owner-svn-doc-all@FreeBSD.ORG Mon Mar 17 08:40:15 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4319DA53; Mon, 17 Mar 2014 08:40:15 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 2EA47286; Mon, 17 Mar 2014 08:40:15 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2H8eFNs046640; Mon, 17 Mar 2014 08:40:15 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2H8eFR2046639; Mon, 17 Mar 2014 08:40:15 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201403170840.s2H8eFR2046639@svn.freebsd.org> From: Remko Lodder Date: Mon, 17 Mar 2014 08:40:15 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44263 - translations/nl_NL.ISO8859-1/htdocs X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2014 08:40:15 -0000 Author: remko Date: Mon Mar 17 08:40:14 2014 New Revision: 44263 URL: http://svnweb.freebsd.org/changeset/doc/44263 Log: Update the release notes to the projectscope version. Facilitated by: Snow B.V. Modified: translations/nl_NL.ISO8859-1/htdocs/relnotes.xml Modified: translations/nl_NL.ISO8859-1/htdocs/relnotes.xml ============================================================================== --- translations/nl_NL.ISO8859-1/htdocs/relnotes.xml Mon Mar 17 08:10:19 2014 (r44262) +++ translations/nl_NL.ISO8859-1/htdocs/relnotes.xml Mon Mar 17 08:40:14 2014 (r44263) @@ -5,7 +5,7 @@ ]> @@ -78,7 +78,7 @@
  • Errata
    • - +

    &os; 8-STABLE uitgavedocumentatie

    -

    &os; 7-STABLE uitgavedocumentatie

    - - - -

    &os; 6-STABLE uitgavedocumentatie

    - - -

    Andere sites

    HTML in een enkel bestand, PDF en platte tekstversies van de From owner-svn-doc-all@FreeBSD.ORG Mon Mar 17 08:40:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D1CBAAB4; Mon, 17 Mar 2014 08:40:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id BD49A28D; Mon, 17 Mar 2014 08:40:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2H8euXO047414; Mon, 17 Mar 2014 08:40:56 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2H8eu6V047413; Mon, 17 Mar 2014 08:40:56 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201403170840.s2H8eu6V047413@svn.freebsd.org> From: Remko Lodder Date: Mon, 17 Mar 2014 08:40:56 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44264 - translations/nl_NL.ISO8859-1/htdocs X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2014 08:40:56 -0000 Author: remko Date: Mon Mar 17 08:40:56 2014 New Revision: 44264 URL: http://svnweb.freebsd.org/changeset/doc/44264 Log: Bump version number. Facilitated by: Snow B.V. Modified: translations/nl_NL.ISO8859-1/htdocs/logo.xml Modified: translations/nl_NL.ISO8859-1/htdocs/logo.xml ============================================================================== --- translations/nl_NL.ISO8859-1/htdocs/logo.xml Mon Mar 17 08:40:14 2014 (r44263) +++ translations/nl_NL.ISO8859-1/htdocs/logo.xml Mon Mar 17 08:40:56 2014 (r44264) @@ -5,7 +5,7 @@ ]> From owner-svn-doc-all@FreeBSD.ORG Mon Mar 17 08:41:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 23D0EB26; Mon, 17 Mar 2014 08:41:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 0FBCD306; Mon, 17 Mar 2014 08:41:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2H8ftnA049711; Mon, 17 Mar 2014 08:41:55 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2H8ftxc049710; Mon, 17 Mar 2014 08:41:55 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201403170841.s2H8ftxc049710@svn.freebsd.org> From: Remko Lodder Date: Mon, 17 Mar 2014 08:41:55 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44265 - translations/nl_NL.ISO8859-1/htdocs X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2014 08:41:56 -0000 Author: remko Date: Mon Mar 17 08:41:55 2014 New Revision: 44265 URL: http://svnweb.freebsd.org/changeset/doc/44265 Log: Bump version number. Facilitated by: Snow B.V. Modified: translations/nl_NL.ISO8859-1/htdocs/art.xml Modified: translations/nl_NL.ISO8859-1/htdocs/art.xml ============================================================================== --- translations/nl_NL.ISO8859-1/htdocs/art.xml Mon Mar 17 08:40:56 2014 (r44264) +++ translations/nl_NL.ISO8859-1/htdocs/art.xml Mon Mar 17 08:41:55 2014 (r44265) @@ -6,7 +6,7 @@ From owner-svn-doc-all@FreeBSD.ORG Mon Mar 17 08:43:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6A234BA0; Mon, 17 Mar 2014 08:43:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 55938311; Mon, 17 Mar 2014 08:43:13 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2H8hDo5049903; Mon, 17 Mar 2014 08:43:13 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2H8hDhx049902; Mon, 17 Mar 2014 08:43:13 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201403170843.s2H8hDhx049902@svn.freebsd.org> From: Remko Lodder Date: Mon, 17 Mar 2014 08:43:13 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44266 - translations/nl_NL.ISO8859-1/htdocs X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2014 08:43:13 -0000 Author: remko Date: Mon Mar 17 08:43:12 2014 New Revision: 44266 URL: http://svnweb.freebsd.org/changeset/doc/44266 Log: Bump administration version. Facilitated by: Snow B.V. Modified: translations/nl_NL.ISO8859-1/htdocs/administration.xml Modified: translations/nl_NL.ISO8859-1/htdocs/administration.xml ============================================================================== --- translations/nl_NL.ISO8859-1/htdocs/administration.xml Mon Mar 17 08:41:55 2014 (r44265) +++ translations/nl_NL.ISO8859-1/htdocs/administration.xml Mon Mar 17 08:43:12 2014 (r44266) @@ -9,7 +9,7 @@ From owner-svn-doc-all@FreeBSD.ORG Mon Mar 17 08:46:40 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 08063C1E; Mon, 17 Mar 2014 08:46:40 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id E763832D; Mon, 17 Mar 2014 08:46:39 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2H8kdN1050389; Mon, 17 Mar 2014 08:46:39 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2H8kdAu050388; Mon, 17 Mar 2014 08:46:39 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201403170846.s2H8kdAu050388@svn.freebsd.org> From: Remko Lodder Date: Mon, 17 Mar 2014 08:46:39 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44267 - translations/nl_NL.ISO8859-1/htdocs X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2014 08:46:40 -0000 Author: remko Date: Mon Mar 17 08:46:39 2014 New Revision: 44267 URL: http://svnweb.freebsd.org/changeset/doc/44267 Log: Update and bump version for the about page. Facilitated by: Snow B.V. Modified: translations/nl_NL.ISO8859-1/htdocs/about.xml Modified: translations/nl_NL.ISO8859-1/htdocs/about.xml ============================================================================== --- translations/nl_NL.ISO8859-1/htdocs/about.xml Mon Mar 17 08:43:12 2014 (r44266) +++ translations/nl_NL.ISO8859-1/htdocs/about.xml Mon Mar 17 08:46:39 2014 (r44267) @@ -6,7 +6,7 @@ @@ -19,16 +19,13 @@

    Wat is &os;?

    -

    &os; is een geavanceerd besturingssysteem voor x86-compatibele (inclusief - Pentium® en Athlon™), amd64-, x86-64-, en x64-compatibele - (inclusief Opteron™, Athlon™64, en EM64T), ARM, IA-64, - PowerPC, PC-98 en UltraSPARC® architecturen. Het is afgeleid +

    &os; is een besturingssyteem voor een verscheidenheid aan platformen welke + zich richt op features, snelheid en stabiliteit. Het is afgeleid van BSD, de versie van &unix; ontwikkeld op de University of California, Berkeley. Het wordt ontwikkeld en onderhouden door - een groot team van individuen. Aanvullende platformen verkeren in - verschillende stadia van ontwikkeling.

    + een grote community.

    De nieuwste mogelijkheden

    From owner-svn-doc-all@FreeBSD.ORG Mon Mar 17 08:48:11 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BEB54CA1; Mon, 17 Mar 2014 08:48:11 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id AA38733E; Mon, 17 Mar 2014 08:48:11 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2H8mBxh050605; Mon, 17 Mar 2014 08:48:11 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2H8mBTJ050604; Mon, 17 Mar 2014 08:48:11 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201403170848.s2H8mBTJ050604@svn.freebsd.org> From: Remko Lodder Date: Mon, 17 Mar 2014 08:48:11 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44268 - translations/nl_NL.ISO8859-1/htdocs X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2014 08:48:11 -0000 Author: remko Date: Mon Mar 17 08:48:11 2014 New Revision: 44268 URL: http://svnweb.freebsd.org/changeset/doc/44268 Log: Update the referenced version number. This commit makes the htdocs/ directory in sync with the projected version 43328 which is the current aim of my translation efforts as an internal Snow B.V. project. Facilitated by: Snow B.V. Modified: translations/nl_NL.ISO8859-1/htdocs/support.xml Modified: translations/nl_NL.ISO8859-1/htdocs/support.xml ============================================================================== --- translations/nl_NL.ISO8859-1/htdocs/support.xml Mon Mar 17 08:46:39 2014 (r44267) +++ translations/nl_NL.ISO8859-1/htdocs/support.xml Mon Mar 17 08:48:11 2014 (r44268) @@ -5,7 +5,7 @@ ]> From owner-svn-doc-all@FreeBSD.ORG Mon Mar 17 09:20:40 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A29DA3C0; Mon, 17 Mar 2014 09:20:40 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8EBE985B; Mon, 17 Mar 2014 09:20:40 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2H9KeWo064559; Mon, 17 Mar 2014 09:20:40 GMT (envelope-from pluknet@svn.freebsd.org) Received: (from pluknet@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2H9Ke9Y064558; Mon, 17 Mar 2014 09:20:40 GMT (envelope-from pluknet@svn.freebsd.org) Message-Id: <201403170920.s2H9Ke9Y064558@svn.freebsd.org> From: Sergey Kandaurov Date: Mon, 17 Mar 2014 09:20:40 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44269 - head/en_US.ISO8859-1/books/porters-handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2014 09:20:40 -0000 Author: pluknet Date: Mon Mar 17 09:20:40 2014 New Revision: 44269 URL: http://svnweb.freebsd.org/changeset/doc/44269 Log: o Document __FreeBSD_version values from 1100011 to 1100013. o Fix __FreeBSD_version number for 1100014. Submitted by: glebius Modified: head/en_US.ISO8859-1/books/porters-handbook/versions.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/versions.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/versions.xml Mon Mar 17 08:48:11 2014 (r44268) +++ head/en_US.ISO8859-1/books/porters-handbook/versions.xml Mon Mar 17 09:20:40 2014 (r44269) @@ -5015,7 +5015,28 @@ it was never committed: + 1100011 + March 13, 2014 + 11.0-CURRENT after ABI change in struct if_data + (rev 263102). + + + + 1100012 + March 14, 2014 + 11.0-CURRENT after removal of Novell IPX protocol support + (rev 263140). + + + 1100013 + March 14, 2014 + 11.0-CURRENT after removal of AppleTalk protocol support + (rev 263152). + + + + 1100014 March 16, 2014 11.0-CURRENT after renaming <sys/capability.h> to From owner-svn-doc-all@FreeBSD.ORG Mon Mar 17 06:58:20 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2FEEFFAC; Mon, 17 Mar 2014 06:58:20 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 104E9A23; Mon, 17 Mar 2014 06:58:20 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2H6wJdo004380; Mon, 17 Mar 2014 06:58:19 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2H6wJdI004379; Mon, 17 Mar 2014 06:58:19 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201403170658.s2H6wJdI004379@svn.freebsd.org> From: Remko Lodder Date: Mon, 17 Mar 2014 06:58:19 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44251 - translations/nl_NL.ISO8859-1/htdocs X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Mon, 17 Mar 2014 11:50:09 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2014 06:58:20 -0000 Author: remko Date: Mon Mar 17 06:58:19 2014 New Revision: 44251 URL: http://svnweb.freebsd.org/changeset/doc/44251 Log: Update to the latest version in my projectscope. Facilitated by: Snow B.V. Modified: translations/nl_NL.ISO8859-1/htdocs/index.xsl Modified: translations/nl_NL.ISO8859-1/htdocs/index.xsl ============================================================================== --- translations/nl_NL.ISO8859-1/htdocs/index.xsl Sun Mar 16 22:07:35 2014 (r44250) +++ translations/nl_NL.ISO8859-1/htdocs/index.xsl Mon Mar 17 06:58:19 2014 (r44251) @@ -37,26 +37,22 @@
    -

    - Gebaseerd op BSD &unix; -

    -

    &os;® is een geavanceerd +

    Het &os; Project

    +

    &os; is een geavanceerd besturingssysteem voor moderne platforms voor servers, desktop, en embedded computers. - De broncode van &os; heeft meer dan dertig - jaar van continue ontwikkeling, verbetering en - optimalisatie doorgemaakt. Het wordt - ontwikkeld en onderhouden door een groot - team van individuen. &os; biedt - geavanceerd netwerken, indrukwekkende - beveiligingsmogelijkheden en topprestaties en - wordt door sommige van 's werelds drukste - websites en de meest voorkomende - embedded netwerk- en opslagapparaten - gebruikt.

    + Een grote community + heeft continue aan ontwikkeling gedaan + voor meer dan dertig jaar. Zijn + geavanceerde netwerken, beveiliing + en opslag mogelijkheden heeft &os; + het platform van keuze gemaakt voor + veel van 's werelds drukste websites + en meest voorkomende embedded netwerk + en opslagapparaten gebruikt.

    @@ -67,7 +63,7 @@
    .
    - Verkrijg &os; + Download &os;
    .
    @@ -236,7 +232,7 @@
    -

    IN DE MEDIA

    +

    PRESS

    From owner-svn-doc-all@FreeBSD.ORG Mon Mar 17 13:12:14 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C9C73E90; Mon, 17 Mar 2014 13:12:14 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id B63EB1C4; Mon, 17 Mar 2014 13:12:14 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2HDCErJ059500; Mon, 17 Mar 2014 13:12:14 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2HDCEui059499; Mon, 17 Mar 2014 13:12:14 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201403171312.s2HDCEui059499@svn.freebsd.org> From: Mathieu Arnold Date: Mon, 17 Mar 2014 13:12:14 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44270 - head/en_US.ISO8859-1/books/porters-handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2014 13:12:14 -0000 Author: mat (ports committer) Date: Mon Mar 17 13:12:14 2014 New Revision: 44270 URL: http://svnweb.freebsd.org/changeset/doc/44270 Log: Add tar:tbz. Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/uses.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/uses.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/uses.xml Mon Mar 17 09:20:40 2014 (r44269) +++ head/en_US.ISO8859-1/books/porters-handbook/uses.xml Mon Mar 17 13:12:14 2014 (r44270) @@ -615,13 +615,13 @@ tar (none), Z, bzip2, - lzma, tgz, - xz + lzma, tbz, + tgz, xz Set EXTRACT_SUFX to .tar, .tar.Z, .tar.bz2, .tar.lzma, - .tgz or .tar.xz - respectively. + .tbz, .tgz or + .tar.xz respectively. From owner-svn-doc-all@FreeBSD.ORG Mon Mar 17 13:57:29 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C8880BAA; Mon, 17 Mar 2014 13:57:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id B534A7DE; Mon, 17 Mar 2014 13:57:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2HDvTbP076254; Mon, 17 Mar 2014 13:57:29 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2HDvTxp076253; Mon, 17 Mar 2014 13:57:29 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403171357.s2HDvTxp076253@svn.freebsd.org> From: Glen Barber Date: Mon, 17 Mar 2014 13:57:29 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44271 - head/en_US.ISO8859-1/htdocs/releng X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2014 13:57:29 -0000 Author: gjb Date: Mon Mar 17 13:57:29 2014 New Revision: 44271 URL: http://svnweb.freebsd.org/changeset/doc/44271 Log: Add the estimated 9.3-RELEASE target date. Reminded by: rwatson Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releng/index.xml Modified: head/en_US.ISO8859-1/htdocs/releng/index.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/releng/index.xml Mon Mar 17 13:12:14 2014 (r44270) +++ head/en_US.ISO8859-1/htdocs/releng/index.xml Mon Mar 17 13:57:29 2014 (r44271) @@ -37,7 +37,6 @@ --> -

    Code-Freeze Status

    From owner-svn-doc-all@FreeBSD.ORG Tue Mar 18 00:33:44 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 15FD2115; Tue, 18 Mar 2014 00:33:44 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id DB23EED1; Tue, 18 Mar 2014 00:33:43 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2I0XhWo040771; Tue, 18 Mar 2014 00:33:43 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2I0Xhk4040770; Tue, 18 Mar 2014 00:33:43 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403180033.s2I0Xhk4040770@svn.freebsd.org> From: Warren Block Date: Tue, 18 Mar 2014 00:33:43 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44272 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2014 00:33:44 -0000 Author: wblock Date: Tue Mar 18 00:33:43 2014 New Revision: 44272 URL: http://svnweb.freebsd.org/changeset/doc/44272 Log: Restore lost tags. Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Mon Mar 17 13:57:29 2014 (r44271) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Tue Mar 18 00:33:43 2014 (r44272) @@ -491,7 +491,7 @@ route_internalnet2="-net 192.168.2.0/24 The static_routes configuration variable is a list of strings separated by a space, where each string references a route name. The variable - route_internalnet2 contains the static + route_internalnet2 contains the static route for that route name. Using more than one string in @@ -838,8 +838,8 @@ ath0: AR2413 mac 7.9 RF2413 phy 4.5 - &prompt.root; ifconfig wlan0 create wlandev ath0 -&prompt.root; ifconfig wlan0 up scan + &prompt.root; ifconfig wlan0 create wlandev ath0 +&prompt.root; ifconfig wlan0 up scan SSID/MESH ID BSSID CHAN RATE S:N INT CAPS dlinkap 00:13:46:49:41:76 11 54M -90:96 100 EPS WPA WME freebsdap 00:11:95:c3:0d:ac 1 54M -83:96 100 EPS WPA @@ -921,7 +921,7 @@ freebsdap 00:11:95:c3:0d:ac 1 One can also display the current list of known networks with: - &prompt.root; ifconfig wlan0 list scan + &prompt.root; ifconfig wlan0 list scan This information may be updated automatically by the adapter or manually with a request. @@ -1068,7 +1068,7 @@ ifconfig_wlan0="DHCP" to see the status of the interface ath0: - &prompt.root; ifconfig wlan0 + &prompt.root; ifconfig wlan0 wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 ether 00:11:95:d5:43:62 inet 192.168.1.100 netmask 0xffffff00 broadcast 192.168.1.255 @@ -1213,7 +1213,7 @@ wlan0: flags=8843<UP,BROADCAST,RUNNIN the information in /etc/wpa_supplicant.conf: - &prompt.root; wpa_supplicant -i wlan0 -c /etc/wpa_supplicant.conf + &prompt.root; wpa_supplicant -i wlan0 -c /etc/wpa_supplicant.conf Trying to associate with 00:11:95:c3:0d:ac (SSID='freebsdap' freq=2412 MHz) Associated with 00:11:95:c3:0d:ac WPA: Key negotiation completed with 00:11:95:c3:0d:ac [PTK=CCMP GTK=CCMP] @@ -1223,11 +1223,11 @@ CTRL-EVENT-CONNECTED - Connection to 00: to get the IP address from the DHCP server: - &prompt.root; dhclient wlan0 + &prompt.root; dhclient wlan0 DHCPREQUEST on wlan0 to 255.255.255.255 port 67 DHCPACK from 192.168.0.1 bound to 192.168.0.254 -- renewal in 300 seconds. -&prompt.root; ifconfig wlan0 +&prompt.root; ifconfig wlan0 wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 ether 00:11:95:d5:43:62 inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255 @@ -2009,7 +2009,7 @@ wpa_pairwise=CCMP TKIP for more details. It is possible to see the stations associated with the - AP using ifconfig wlan0 list + AP using ifconfig wlan0 list sta. @@ -2143,7 +2143,7 @@ freebsdap 00:11:95:c3:0d:ac 1 Debugging messages can be enabled in the 802.11 protocol support layer using &man.wlandebug.8;. On a &os; system prior to &os; 9.1, this program can be found in - /usr/src/tools/tools/net80211. + /usr/src/tools/tools/net80211. For example, to enable console messages related to scanning for access points and the 802.11 protocol handshakes required to arrange communication: @@ -2153,7 +2153,7 @@ freebsdap 00:11:95:c3:0d:ac 1 Many useful statistics are maintained by the 802.11 layer and wlanstats, found - in /usr/src/tools/tools/net80211, + in /usr/src/tools/tools/net80211, will dump this information. These statistics should display all errors identified by the 802.11 layer. However, some errors are identified in the device drivers @@ -3460,12 +3460,12 @@ BEGEMOT-BRIDGE-MIB::begemotBridgeDefault &prompt.root; ifconfig fxp0 up &prompt.root; ifconfig fxp1 up -&prompt.root; ifconfig lagg0 create -&prompt.root; ifconfig lagg0 up laggproto lacp laggport fxp0 laggport fxp1 10.0.0.3/24 +&prompt.root; ifconfig lagg0 create +&prompt.root; ifconfig lagg0 up laggproto lacp laggport fxp0 laggport fxp1 10.0.0.3/24 Next, verify the status of the virtual interface: - &prompt.root; ifconfig lagg0 + &prompt.root; ifconfig lagg0 lagg0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 00:05:5d:71:8d:b8 @@ -3508,8 +3508,8 @@ Fa0/2 SA 32768 0005.5d71.8d ifconfig_fxp0="up" ifconfig_fxp1="up" -cloned_interfaces="lagg0" -ifconfig_lagg0="laggproto lacp laggport fxp0 laggport fxp1 10.0.0.3/24" +cloned_interfaces="lagg0" +ifconfig_lagg0="laggproto lacp laggport fxp0 laggport fxp1 10.0.0.3/24" @@ -3527,13 +3527,13 @@ ifconfig_lagg0="laggp &prompt.root; ifconfig fxp0 up &prompt.root; ifconfig fxp1 up -&prompt.root; ifconfig lagg0 create -&prompt.root; ifconfig lagg0 up laggproto failover laggport fxp0 laggport fxp1 10.0.0.15/24 +&prompt.root; ifconfig lagg0 create +&prompt.root; ifconfig lagg0 up laggproto failover laggport fxp0 laggport fxp1 10.0.0.15/24 The virtual interface should look something like this: - &prompt.root; ifconfig lagg0 + &prompt.root; ifconfig lagg0 lagg0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 00:05:5d:71:8d:b8 @@ -3557,8 +3557,8 @@ lagg0: flags=8843<UP,BROADCAST,RUNNIN ifconfig_fxp0="up" ifconfig_fxp1="up" -cloned_interfaces="lagg0" -ifconfig_lagg0="laggproto failover laggport fxp0 laggport fxp1 10.0.0.15/24" +cloned_interfaces="lagg0" +ifconfig_lagg0="laggproto failover laggport fxp0 laggport fxp1 10.0.0.15/24" @@ -3608,7 +3608,7 @@ bge0: flags=8843<UP,BROADCAST,RUNNING Bring the wireless interface up, but do not set an IP address: - &prompt.root; ifconfig wlan0 create wlandev iwn0 ssid my_router up + &prompt.root; ifconfig wlan0 create wlandev iwn0 ssid my_router up Make sure the bge0 interface is up, then create the &man.lagg.4; interface with @@ -3616,13 +3616,13 @@ bge0: flags=8843<UP,BROADCAST,RUNNING wlan0: &prompt.root; ifconfig bge0 up -&prompt.root; ifconfig lagg0 create -&prompt.root; ifconfig lagg0 up laggproto failover laggport bge0 laggport wlan0 +&prompt.root; ifconfig lagg0 create +&prompt.root; ifconfig lagg0 up laggproto failover laggport bge0 laggport wlan0 The virtual interface should look something like this: - &prompt.root; ifconfig lagg0 + &prompt.root; ifconfig lagg0 lagg0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 00:21:70:da:ae:37 @@ -3635,18 +3635,18 @@ lagg0: flags=8843<UP,BROADCAST,RUNNIN Then, start the DHCP client to obtain an IP address: - &prompt.root; dhclient lagg0 + &prompt.root; dhclient lagg0 To retain this configuration across reboots, add the following entries to /etc/rc.conf: - ifconfig_bge0="up" + ifconfig_bge0="up" ifconfig_iwn0="ether 00:21:70:da:ae:37" wlans_iwn0="wlan0" ifconfig_wlan0="WPA" -cloned_interfaces="lagg0" -ifconfig_lagg0="laggproto failover laggport bge0 laggport wlan0 DHCP" +cloned_interfaces="lagg0" +ifconfig_lagg0="laggproto failover laggport bge0 laggport wlan0 DHCP" @@ -3973,7 +3973,7 @@ Received 264951 bytes in 0.1 secondshost declarations as the hostname for the diskless host. An alternate way would be to add an option - host-name corbieres + host-name corbieres inside the host declarations. --> @@ -4080,7 +4080,7 @@ cd /usr/src/etc; make distribution - &prompt.root; dd if=/dev/zero of=/path/to/swapfile bs=1k count=1 oseek=100000 + &prompt.root; dd if=/dev/zero of=/path/to/swapfile bs=1k count=1 oseek=100000 To enable the swap file, add the following line to /etc/rc.conf: @@ -4570,7 +4570,7 @@ rtsold_enable="YES" The first /etc/rc.conf entry creates the generic tunneling interface - gif0: + gif0: gif_interfaces="gif0" From owner-svn-doc-all@FreeBSD.ORG Tue Mar 18 00:49:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 708F03D7; Tue, 18 Mar 2014 00:49:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 50A49FC9; Tue, 18 Mar 2014 00:49:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2I0nAoP045589; Tue, 18 Mar 2014 00:49:10 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2I0nArW045588; Tue, 18 Mar 2014 00:49:10 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403180049.s2I0nArW045588@svn.freebsd.org> From: Warren Block Date: Tue, 18 Mar 2014 00:49:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44273 - head/en_US.ISO8859-1/books/handbook/install X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2014 00:49:10 -0000 Author: wblock Date: Tue Mar 18 00:49:09 2014 New Revision: 44273 URL: http://svnweb.freebsd.org/changeset/doc/44273 Log: Restore lost tags. Modified: head/en_US.ISO8859-1/books/handbook/install/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/install/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/install/chapter.xml Tue Mar 18 00:33:43 2014 (r44272) +++ head/en_US.ISO8859-1/books/handbook/install/chapter.xml Tue Mar 18 00:49:09 2014 (r44273) @@ -611,9 +611,9 @@ Memory stick images for &os; 8.X can be downloaded from - the ISO-IMAGES/ + the ISO-IMAGES/ directory at - ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/arch/ISO-IMAGES/version/&os;-version-RELEASE-arch-memstick.img. + ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/arch/ISO-IMAGES/version/&os;-version-RELEASE-arch-memstick.img. Replace arch and version with the architecture and the version number to @@ -668,7 +668,7 @@ &man.dd.1; must be used to write the image directly to the disk: - &prompt.root; dd if=&os;-&rel2.current;-RELEASE-&arch.i386;-memstick.img of=/dev/da0 bs=64k + &prompt.root; dd if=&os;-&rel2.current;-RELEASE-&arch.i386;-memstick.img of=/dev/da0 bs=64k If an Operation not permitted @@ -727,12 +727,12 @@ The &os;/&arch.pc98; boot disks can be downloaded from the floppies directory, - ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/pc98/version-RELEASE/floppies/. + ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/pc98/version-RELEASE/floppies/. Replace version with the version number to install. The floppy images have a .flp - extension. floppies/ contains a number + extension. floppies/ contains a number of different images. Download boot.flp as well as the number of files associated with the type of installation, such as @@ -788,8 +788,8 @@ rawrite for creating the floppies on a computer running &windows;. This tool can be downloaded from - ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/pc98/ - version-RELEASE/tools/ + ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/pc98/ + version-RELEASE/tools/ on the &os; FTP site. Download this tool, insert a floppy, then specify the filename to write to the floppy drive: @@ -1899,7 +1899,7 @@ Mounting root from ufs:/dev/md0c makes the installation slightly cleaner. This filesystem can be mounted anywhere; this example mounts it as - /diskn, + /diskn, where n is a number that changes for each disk. @@ -4313,7 +4313,7 @@ Please press any key to reboot. USB disk onto a &os; system using &man.mount.8;: - &prompt.root; mount /dev/da0a /mnt + &prompt.root; mount /dev/da0a /mnt Adapt the device node and the mount point to the @@ -4325,12 +4325,12 @@ Please press any key to reboot. Add this line to /boot/loader.conf on the USB stick: - &prompt.root; echo 'console="comconsole"' >> /mnt/boot/loader.conf + &prompt.root; echo 'console="comconsole"' >> /mnt/boot/loader.conf Now that the USB is stick configured correctly, unmount the disk using &man.umount.8;: - &prompt.root; umount /mnt + &prompt.root; umount /mnt Now, unplug the USB stick and jump directly to the third step of this procedure. @@ -4354,23 +4354,23 @@ Please press any key to reboot. ISO image, use &man.tar.1; to extract all the files: - &prompt.root; mkdir /path/to/headless-iso -&prompt.root; tar -C /path/to/headless-iso -pxvf &os;-&rel.current;-RELEASE-i386-disc1.iso + &prompt.root; mkdir /path/to/headless-iso +&prompt.root; tar -C /path/to/headless-iso -pxvf &os;-&rel.current;-RELEASE-i386-disc1.iso Next, set the installation media to boot into a serial console. Add this line to the /boot/loader.conf of the extracted ISO image: - &prompt.root; echo 'console="comconsole"' >> /path/to/headless-iso/boot/loader.conf + &prompt.root; echo 'console="comconsole"' >> /path/to/headless-iso/boot/loader.conf Then, create a new ISO image from the modified tree. This example uses &man.mkisofs.8; from the sysutils/cdrtools package or port: - &prompt.root; mkisofs -v -b boot/cdboot -no-emul-boot -r -J -V "Headless_install" \ - -o Headless-&os;-&rel2.current;-RELEASE-i386-disc1.iso/path/to/headless-iso + &prompt.root; mkisofs -v -b boot/cdboot -no-emul-boot -r -J -V "Headless_install" \ + -o Headless-&os;-&rel2.current;-RELEASE-i386-disc1.iso/path/to/headless-iso Now that the ISO image is configured correctly, burn it to a CD/DVD media using a burning @@ -4475,7 +4475,7 @@ Please press any key to reboot. Download the Correct ISO Images - The ISO images for each release can be downloaded from ftp://ftp.FreeBSD.org/pub/FreeBSD/ISO-IMAGES-arch/version or the closest mirror. + The ISO images for each release can be downloaded from ftp://ftp.FreeBSD.org/pub/FreeBSD/ISO-IMAGES-arch/version or the closest mirror. or the closest mirror. Substitute arch and version as appropriate. @@ -4498,7 +4498,7 @@ Please press any key to reboot. - &os;-version-RELEASE-arch-bootonly.iso + &os;-version-RELEASE-arch-bootonly.iso This CD image starts the installation process by booting from a CD-ROM drive but it does not @@ -4509,7 +4509,7 @@ Please press any key to reboot.     - &os;-version-RELEASE-arch-dvd1.iso.gz + &os;-version-RELEASE-arch-dvd1.iso.gz This DVD image contains everything necessary to install the base &os; operating system, a @@ -4519,7 +4519,7 @@ Please press any key to reboot. - &os;-version-RELEASE-arch-memstick.img + &os;-version-RELEASE-arch-memstick.img This image can be written to a USB memory stick in order to install machines capable of booting @@ -4530,7 +4530,7 @@ Please press any key to reboot. - &os;-version-RELEASE-arch-mini-memstick.img + &os;-version-RELEASE-arch-disc1.iso This image can be written to a USB memory stick in order to install machines capable of @@ -4550,7 +4550,7 @@ Please press any key to reboot. - &os;-version-RELEASE-arch-disc2.iso + &os;-version-RELEASE-arch-disc2.iso A CD image with as many third-party packages as would fit on the disc. This image is not @@ -4558,7 +4558,7 @@ Please press any key to reboot. - &os;-version-RELEASE-arch-disc3.iso + &os;-version-RELEASE-arch-disc3.iso Another CD image with as many third-party packages as would fit on the disc. This image is @@ -4566,7 +4566,7 @@ Please press any key to reboot. - &os;-version-RELEASE-arch-livefs.iso + &os;-version-RELEASE-arch-livefs.iso This CD image contains support for booting into a livefs based rescue mode but does not @@ -4653,7 +4653,7 @@ Please press any key to reboot. Anyone with network connectivity to the machine can now chose a media type of FTP and type in - ftp://your machine + ftp://your machine after picking Other in the FTP sites menu during the install. From owner-svn-doc-all@FreeBSD.ORG Tue Mar 18 00:56:34 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 52E54719; Tue, 18 Mar 2014 00:56:34 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 33011118; Tue, 18 Mar 2014 00:56:34 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2I0uYMJ049548; Tue, 18 Mar 2014 00:56:34 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2I0uYof049547; Tue, 18 Mar 2014 00:56:34 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403180056.s2I0uYof049547@svn.freebsd.org> From: Warren Block Date: Tue, 18 Mar 2014 00:56:34 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44274 - head/en_US.ISO8859-1/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2014 00:56:34 -0000 Author: wblock Date: Tue Mar 18 00:56:33 2014 New Revision: 44274 URL: http://svnweb.freebsd.org/changeset/doc/44274 Log: Restore lost tags. Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Tue Mar 18 00:49:09 2014 (r44273) +++ head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Tue Mar 18 00:56:33 2014 (r44274) @@ -420,10 +420,10 @@ MergeChanges /etc/ /var/named/etc/ /boot using the following commands: &prompt.root; mount /cdrom -&prompt.root; cd /cdrom/X.Y-RELEASE/kernels +&prompt.root; cd /cdrom/X.Y-RELEASE/kernels &prompt.root; ./install.sh GENERIC - Replace X.Y-RELEASE + Replace X.Y-RELEASE with the actual version of the release being used. The GENERIC kernel will be installed in /boot/GENERIC by @@ -797,7 +797,7 @@ before running "/usr/sbin/freebsd-update fetch a clean copy of the documentation sources from the western US mirror using the HTTPS protocol: - &prompt.root; svn checkout https://svn0.us-west.FreeBSD.org/doc/head /usr/doc + &prompt.root; svn checkout https://svn0.us-west.FreeBSD.org/doc/head /usr/doc Select the closest mirror from the available Subversion mirror @@ -1109,7 +1109,7 @@ before running "/usr/sbin/freebsd-update Packages use a format that differs from the corresponding port's name: - lang-freebsd-doc, + lang-freebsd-doc, where lang is the short format of the language code, such as hu for Hungarian, or zh_cn for Simplified @@ -1765,7 +1765,7 @@ Script done, … The general format of the command is as follows: - &prompt.root; make -x -DVARIABLE target + &prompt.root; make -x -DVARIABLE target In this example, is an option @@ -1779,7 +1779,7 @@ Script done, … in /etc/make.conf, and this provides another way of setting them. For example: - &prompt.root; make -DNO_PROFILE target + &prompt.root; make -DNO_PROFILE target is another way of specifying that profiled libraries should not be built, and corresponds with the @@ -1801,7 +1801,7 @@ Script done, … Most of the time, no parameters need to be passed to &man.make.1; and the command looks like this: - &prompt.root; make target + &prompt.root; make target Where target is one of many build options. The first target should always be @@ -1908,11 +1908,11 @@ Script done, … To build a custom kernel with an existing customized configuration file, use - KERNCONF=MYKERNEL: + KERNCONF=MYKERNEL: &prompt.root; cd /usr/src -&prompt.root; make buildkernel KERNCONF=MYKERNEL -&prompt.root; make installkernel KERNCONF=MYKERNEL +&prompt.root; make buildkernel KERNCONF=MYKERNEL +&prompt.root; make installkernel KERNCONF=MYKERNEL @@ -2472,7 +2472,7 @@ Building everything.. . The file system holding - /usr/obj can be mounted or + /usr/obj can be mounted or remounted with so that disk writes happen asynchronously. The write completes immediately, and the data is written to the disk a @@ -2601,7 +2601,7 @@ Building everything.. should list them all in KERNCONF, listing its own kernel first. The build machine must have the kernel configuration files for each machine in - /usr/src/sys/arch/conf + /usr/src/sys/arch/conf if it is going to build their kernels. From owner-svn-doc-all@FreeBSD.ORG Tue Mar 18 00:59:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8108AA80; Tue, 18 Mar 2014 00:59:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 6E89C14C; Tue, 18 Mar 2014 00:59:13 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2I0xDlN049864; Tue, 18 Mar 2014 00:59:13 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2I0xD1p049863; Tue, 18 Mar 2014 00:59:13 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403180059.s2I0xD1p049863@svn.freebsd.org> From: Warren Block Date: Tue, 18 Mar 2014 00:59:13 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44275 - head/en_US.ISO8859-1/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2014 00:59:13 -0000 Author: wblock Date: Tue Mar 18 00:59:12 2014 New Revision: 44275 URL: http://svnweb.freebsd.org/changeset/doc/44275 Log: Fix a mis-tagged make target. Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Tue Mar 18 00:56:33 2014 (r44274) +++ head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Tue Mar 18 00:59:12 2014 (r44275) @@ -1805,7 +1805,7 @@ Script done, … Where target is one of many build options. The first target should always be - buildworld. + buildworld. As the names imply, buildworld builds a complete new From owner-svn-doc-all@FreeBSD.ORG Tue Mar 18 01:09:03 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DDDC7F1; Tue, 18 Mar 2014 01:09:03 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C9EE524C; Tue, 18 Mar 2014 01:09:03 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2I193Aj054163; Tue, 18 Mar 2014 01:09:03 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2I1939L054162; Tue, 18 Mar 2014 01:09:03 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403180109.s2I1939L054162@svn.freebsd.org> From: Warren Block Date: Tue, 18 Mar 2014 01:09:03 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44276 - head/en_US.ISO8859-1/books/handbook/network-servers X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2014 01:09:03 -0000 Author: wblock Date: Tue Mar 18 01:09:03 2014 New Revision: 44276 URL: http://svnweb.freebsd.org/changeset/doc/44276 Log: Restore lost tags. Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Tue Mar 18 00:59:12 2014 (r44275) +++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Tue Mar 18 01:09:03 2014 (r44276) @@ -1746,7 +1746,7 @@ nis_client_enable="YES" To prevent specified users from logging on to a system, even if they are present in the NIS database, use vipw - to add -username with the correct number + to add -username with the correct number of colons towards the end of /etc/master.passwd on the client, where username is the username of @@ -2024,7 +2024,7 @@ ellington&prompt.user; ypcat ~ function of the shell and all routines which convert between user names and numerical user IDs. In other words, - cd ~user will + cd ~user will not work, ls -l will show the numerical ID instead of the username, and find . -user joe -print will fail with the message @@ -2501,7 +2501,7 @@ cn: Manager To import this datafile, issue the following command, assuming the file is import.ldif: - &prompt.root; ldapadd -Z -D "cn=Manager,dc=example,dc=com" -W -f import.ldif + &prompt.root; ldapadd -Z -D "cn=Manager,dc=example,dc=com" -W -f import.ldif There will be a request for the password specified earlier, and the output should look like this: @@ -2707,7 +2707,7 @@ result: 0 Success - /var/db/dhclient.leases.interface + /var/db/dhclient.leases.interface The DHCP client keeps a database of valid leases in this file, which is written as a log and @@ -3220,7 +3220,7 @@ dhcpd_ifaces="dc0" /etc/namedb/named.conf that are beyond the scope of this document. Other startup options for named on &os; can be found in - the named_* + the named_* flags in /etc/defaults/rc.conf and in &man.rc.conf.5;. The section is also a good @@ -3637,7 +3637,7 @@ www IN CNAME example. an exact hostname, whereas everything without a trailing . is relative to the origin. For example, ns1 is translated into - ns1.example.org. + ns1.example.org. The format of a zone file follows: @@ -4032,7 +4032,7 @@ dnssec-validation yes; will contain the AD flag to indicate the data was authenticated. Running a query such as - &prompt.user; dig @resolver +dnssec se ds + &prompt.user; dig @resolver +dnssec se ds should return the DS RR for the .se zone. @@ -4379,7 +4379,7 @@ $include Kexample.com.+005+nnnnn.ZSK.key In &os;, the main Apache HTTP Server configuration file is installed as - /usr/local/etc/apache2x/httpd.conf. + /usr/local/etc/apache2x/httpd.conf. This ASCII text file begins comment lines with the #. The most frequently modified directives are: @@ -4394,7 +4394,7 @@ $include Kexample.com.+005+nnnnn.ZSK.key Binaries are stored in the bin and sbin subdirectories of the server root, and configuration files are stored in - etc/apache2x. + etc/apache2x. @@ -4421,7 +4421,7 @@ $include Kexample.com.+005+nnnnn.ZSK.key DocumentRoot - "/usr/local/www/apache2x/data" + "/usr/local/www/apache2x/data" The directory @@ -4485,7 +4485,7 @@ $include Kexample.com.+005+nnnnn.ZSK.key &prompt.root; service apache24 start The httpd service can be tested by - entering http://localhost + entering http://localhost in a web browser, replacing localhost with the fully-qualified domain name of the machine running httpd, @@ -5140,7 +5140,7 @@ DocumentRoot /www/someotherdomain.tld tdbsam, and the following command should be used to add user accounts: - &prompt.root; pdbedit -a -u username + &prompt.root; pdbedit -a -u username Please see the syslogd: - &prompt.root; logger "Test message from logclient" + &prompt.root; logger "Test message from logclient" This message should now exist both in /var/log/messages on the client and From owner-svn-doc-all@FreeBSD.ORG Tue Mar 18 10:02:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D45BE745; Tue, 18 Mar 2014 10:02:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 918187F0; Tue, 18 Mar 2014 10:02:13 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2IA2D8n074456; Tue, 18 Mar 2014 10:02:13 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2IA2DBh074455; Tue, 18 Mar 2014 10:02:13 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201403181002.s2IA2DBh074455@svn.freebsd.org> From: Ryusuke SUZUKI Date: Tue, 18 Mar 2014 10:02:13 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44277 - head/ja_JP.eucJP/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Tue, 18 Mar 2014 11:41:25 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2014 10:02:13 -0000 Author: ryusuke Date: Tue Mar 18 10:02:13 2014 New Revision: 44277 URL: http://svnweb.freebsd.org/changeset/doc/44277 Log: - Merge the following from the English version: r43797 -> r43804 head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Tue Mar 18 01:09:03 2014 (r44276) +++ head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Tue Mar 18 10:02:13 2014 (r44277) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43797 + Original revision: r43804 $FreeBSD$ --> - 質問ですか? + よくある質問 - - - - 変更が行なわれたら、その度にシステムの再構築が必要になるのでしょうか? - + + + 変更が行なわれたら、 + その度にシステムの再構築が必要になるのでしょうか? - - それは変更の性質によるので、なんとも言えません。 + + それは変更の内容によります。 たとえば、svn を実行したとき、 次にあげるようなファイルが更新されていたとします。 @@ -2553,107 +2552,80 @@ Script done, … make all install を行ってください。 しかし、たとえば src/lib/libc/stdlib のような大きな変更が行なわれた場合には、 - システム全体を再構築するか、 - 少なくとも静的にリンクされているものを作り直す必要があります。 + システム全体を再構築することを検討してください。 - 結局のところ、 - どの時点で現在のシステムをアップグレードするかはあなたが決めることです。 - 2 週間ごとにシステムを再構築し、その 2 週間の変更を取り込むユーザもいますし、 + 2 週間ごとにシステムを再構築して、 + その 2 週間分の変更を取り込むユーザもいますし、 変更のあった部分だけ再構築し、 - すべての依存関係を確かめたいと考えるユーザもいます。 + すべての依存関係を確かめたいと考えるユーザもいます。 + それらはどのくらいの頻度でアップグレードしたいか、 + そして &os.stable; か &os.current; + のどちらを追いかけているのかにもよります。 + + - それらはどのくらいの頻度でアップグレードしたいか、 - そして &os.stable; か &os.current; のどちらを追いかけているのかによります。 - - - - - - signal 11 + + どうして signal 11 signal 11 (もしくは他のシグナル番号) のエラーがたくさん出て - コンパイルが失敗します。何が起こっているんでしょうか? - + コンパイルが失敗するのでしょうか? - + これは通常、ハードウェアに問題があることを示しています。 - システムの再構築は、ハードウェアに対する負荷耐久試験を行なうための - 有効な手段の一つで、メモリに関係する問題がよく報告されます。 - その大部分は、 - 不可解な異常終了となることで発見されます。 - - 本当にこの問題によるものかどうかは、make - をもう一度実行し、 - 異なる段階で異常終了が発生するか、ということから確認できます。 + world の再構築は、 + ハードウェア (特にメモリ) + に対する負荷耐久試験を行なうための有効な手段です。 + 本当にこの問題によるものかどうかは、 + make + をもう一度実行し、異なる段階で異常終了が発生するか、 + ということから確認できます。 - このエラーに対応するには、マシンの部品を交換して、 + このエラーに対応するには、RAM を始めとして、 + マシンの部品をメモリから交換して、 どの部分が悪いのかを調べてみてください。 - - - - - - 終了したら /usr/obj - を削除してもかまいませんか? - + + - - 一言で答えるなら「削除しても構わない」です。 + + 終了したら /usr/obj + を削除してもかまいませんか? - /usr/obj には、 + + このディレクトリには、 コンパイルの段階で生成された すべてのオブジェクトファイルが含まれています。 通常 make buildworld の最初の段階では、 このディレクトリを削除して新しくつくり直すようになっています。 構築終了後も /usr/obj を保存しておいても、あまり意味はありません。 - 削除すれば、だいたい 2 GB + 削除すれば、だいたい 2GB のディスクスペースを解放することができます。 + + - 良く理解をしているユーザであれば、 - この段階を省略して make buildworld - を行なうことができます。 - こうすると、ほとんどのソースは再コンパイルされないため、 - 構築はかなり高速化されます。 - これは裏をかえせば、デリケートな依存関係の問題によって、 - システムの構築が奇妙な失敗に終わる可能性があるということです。 - &os; メーリングリストではしばしば、構築の失敗が、 - この段階の省略によるものだということを理解せずに - 不満の声をあげる人がいます。 - - - - - - 構築を中断した場合、その構築を途中から再開することはできますか? - + + 構築を中断した場合、 + その構築を途中から再開することはできますか? - + それは、問題が起こるまでに、 - どれだけの作業を終えているかによって変わります。 - - 一般的に make buildworld は、 - &man.gcc.1; や &man.make.1; まどの基本的なツールや、 + どれだけの作業を終えているかによります。 + 一般的に make buildworld は、 + 基本的なツールや、 システムライブラリの新しいコピーを作成します。 その後、これらのツールやライブラリがインストールされてから、 自分自身の再構築に使われ、もう一度、インストールされます。 - &man.ls.1; や &man.grep.1; - といった標準的なユーザプログラムを含むシステム全体が、 - その新しいシステムファイルを用いて作り直されます。 + システムの残りの部分がその新しいシステムファイルを用いて作り直されます。 再構築の最終段階では、 - まったく安全に次のようにすることができます。 + まったく安全に以下のコマンドを実行することができます。 + これは、前回の make buildworld + の作業をやり直しません。 - … fix the problem … -&prompt.root; cd /usr/src + &prompt.root; cd /usr/src &prompt.root; make -DNO_CLEAN all - - これは、前回の make buildworld - の作業をやり直しません。 - - 次のメッセージ -------------------------------------------------------------- @@ -2663,72 +2635,41 @@ Building everything.. make buildworld の出力にある場合には、 上のようにしてもほとんど悪影響が現れることはありません。 - もしこのメッセージがないとか、よく分からないという場合には、 + もしこのメッセージがない場合には、 安全を確保し、後悔するようなことがないよう、 システムの再構築を最初からやり直しましょう。 - - - - - - どのようにすれば make world を高速化できますか? - - - - - - シングルユーザモードで動かしてください。 - - - - /usr/src と - /usr/obj - を、異なるディスク上の別のファイルシステムに置いてください。 - また可能ならば、 - 異なるディスクコントローラに接続されたディスクを使ってください。 - - - - さらに高速化するには、これらのファイルシステムを - &man.ccd.4; を使って、 - 複数のディスク上に置いてください。 - - - - /etc/make.conf に - NO_PROFILE=true をセットして、 - プロファイル版の作成を無効化してください。 - + + - - &man.make.1; に - - を指定して、複数のプロセスを並列に実行させてください。 - これは、単一のプロセッサでも複数のプロセッサでも、 - 同様に恩恵を得ることができます。 - + + make world を高速化できますか? - - /usr/src - のあるファイルシステムを、 - オプションを付けてマウントもしくは再マウントしてください。 - これは、そのファイルシステムにおいて、 - 最後にアクセスされた時刻の書き込みを抑制します。 - おそらく、この情報が必要になることはないでしょう。 - - &prompt.root; mount -u -o noatime /usr/src - - - 上の例は、 - /usr/src - 自身が独立したファイルシステムであることを想定しています。 - もし /usr - の一部である場合には、 - かわりに適切なマウントポイントを指定すしてください。 - - + + いくつかの方法で build world のプロセスを高速化できます。 + たとえば、全体のプロセスは、 + シングルユーザモードで動かすことで高速になります。 + しかしながら、この方法では、プロセスが完了するまで、 + ユーザがシステムにアクセスすることはできません。 + + ファイルシステムを注意深く設計したり、 + ZFS データセットを使うことでも変わります。 + /usr/src と + /usr/obj + を、異なるディスク上の別のファイルシステムに置くことを検討してください。 + また可能ならば、 + 異なるディスクコントローラに接続された異なるディスクにファイルシステムを置いてください。 + /usr/src + をマウントする時には、 + 最後にアクセスされた時刻の書き込みを抑制するように、 + + オプションを付けてマウントしてください。 + もし、/usr/src が、 + 独立したファイルシステムではないときには、 + オプションで、/usr + を再マウントしてください。 - /usr/obj のあるファイルシステムを、 オプションをつけてマウントもしくは再マウントしてください。 @@ -2757,25 +2698,22 @@ Building everything.. バックアップをきちんと取っておきましょう。 - &prompt.root; mount -u -o async /usr/obj + /etc/make.conf に + NO_PROFILE=true をセットして、 + プロファイル版の作成を無効化してください。 - - もし /usr/obj - 自身がファイルシステムでない場合には、 - 適切なマウントポイントを指すように、 - 上の例の名前を置き換えてください。 - + &man.make.1; に + + を指定して、複数のプロセスを並列に実行させてください。 + これは、単一のプロセッサでも複数のプロセッサでも、 + 同様に恩恵を得ることができます。 - - - - - - - なにか悪いことがあったらどうすればいいですか? - + + + + なにか悪いことがあったらどうすればいいですか? - + 自分の環境に前のビルドの余計なゴミが残っていないことをはっきりと確認してください。 &prompt.root; chflags -R noschg /usr/obj/usr @@ -2793,9 +2731,9 @@ Building everything.. まだ問題があれば、エラーと uname -a の出力を &a.questions; に送ってください。 設定についてさらに質問されても答えられるよう用意してください! - - - + + + From owner-svn-doc-all@FreeBSD.ORG Tue Mar 18 15:31:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AE85B2D7; Tue, 18 Mar 2014 15:31:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 9B334122; Tue, 18 Mar 2014 15:31:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2IFVaPl011157; Tue, 18 Mar 2014 15:31:36 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2IFVaPO011156; Tue, 18 Mar 2014 15:31:36 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201403181531.s2IFVaPO011156@svn.freebsd.org> From: Mathieu Arnold Date: Tue, 18 Mar 2014 15:31:36 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44278 - head/en_US.ISO8859-1/books/porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2014 15:31:36 -0000 Author: mat (ports committer) Date: Tue Mar 18 15:31:36 2014 New Revision: 44278 URL: http://svnweb.freebsd.org/changeset/doc/44278 Log: Add a note about knobs and options being in all uppercase. Remove an obsolete paragraph. Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Tue Mar 18 10:02:13 2014 (r44277) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Tue Mar 18 15:31:36 2014 (r44278) @@ -3374,6 +3374,11 @@ MASTERDIR= ${.CURDIR}/../xdvi300 When a port has a lib-prefix in the PORTNAME the lib-prefix should be dropped in knob naming. + + + Knob names should be always be in all + uppercase. + @@ -3449,6 +3454,11 @@ OPT6_DESC= Describe OPT6 + + Option names should always be in all uppercase. They + should not use mixed case or lowercase. + + OPTIONS can be grouped as radio choices, where only one choice from each group is allowed: @@ -3637,11 +3647,6 @@ CONFIGURE_ARGS+= --enable-foo FOO_CONFIGURE_ENABLE= foo - In the second example, the library libfoo is explicitly - disabled. The configure script does not enable related - features in the application, despite library's presence in the - system. - Under some circumstances, the shorthand conditional syntax can cause problems with complex constructs. If you From owner-svn-doc-all@FreeBSD.ORG Tue Mar 18 16:44:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1355AFD4; Tue, 18 Mar 2014 16:44:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id F3EFDC5F; Tue, 18 Mar 2014 16:44:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2IGitvV041003; Tue, 18 Mar 2014 16:44:55 GMT (envelope-from jhb@svn.freebsd.org) Received: (from jhb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2IGitAR041002; Tue, 18 Mar 2014 16:44:55 GMT (envelope-from jhb@svn.freebsd.org) Message-Id: <201403181644.s2IGitAR041002@svn.freebsd.org> From: John Baldwin Date: Tue, 18 Mar 2014 16:44:55 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44279 - head/en_US.ISO8859-1/books/porters-handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2014 16:44:56 -0000 Author: jhb Date: Tue Mar 18 16:44:55 2014 New Revision: 44279 URL: http://svnweb.freebsd.org/changeset/doc/44279 Log: Document 1000704. Modified: head/en_US.ISO8859-1/books/porters-handbook/versions.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/versions.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/versions.xml Tue Mar 18 15:31:36 2014 (r44278) +++ head/en_US.ISO8859-1/books/porters-handbook/versions.xml Tue Mar 18 16:44:55 2014 (r44279) @@ -4935,6 +4935,13 @@ it was never committed: + 1000704 + March 7, 2014 + 10-STABLE after MFC of the vt(4) driver + (rev 262861). + + + 1100000 October 10, 2013 11.0-CURRENT From owner-svn-doc-all@FreeBSD.ORG Tue Mar 18 21:01:08 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7278FBA; Tue, 18 Mar 2014 21:01:08 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 5F2C5D79; Tue, 18 Mar 2014 21:01:08 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2IL18X8047512; Tue, 18 Mar 2014 21:01:08 GMT (envelope-from matthew@svn.freebsd.org) Received: (from matthew@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2IL18OM047511; Tue, 18 Mar 2014 21:01:08 GMT (envelope-from matthew@svn.freebsd.org) Message-Id: <201403182101.s2IL18OM047511@svn.freebsd.org> From: Matthew Seaman Date: Tue, 18 Mar 2014 21:01:08 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44280 - head/en_US.ISO8859-1/articles/contributors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2014 21:01:08 -0000 Author: matthew (ports committer) Date: Tue Mar 18 21:01:07 2014 New Revision: 44280 URL: http://svnweb.freebsd.org/changeset/doc/44280 Log: Add Ryan Frederick on becoming maintainer for net-mgmt/nagios-check_ports PR: ports/184011 Modified: head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Modified: head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Tue Mar 18 16:44:55 2014 (r44279) +++ head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Tue Mar 18 21:01:07 2014 (r44280) @@ -8945,6 +8945,11 @@ + Ryan Frederick + ryanrfrederick@gmail.com + + + Ryan Grove ryan@wonko.com From owner-svn-doc-all@FreeBSD.ORG Wed Mar 19 12:30:26 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 063B1400; Wed, 19 Mar 2014 12:30:26 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id CCEA6EEE; Wed, 19 Mar 2014 12:30:25 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2JCUPZV024881; Wed, 19 Mar 2014 12:30:25 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2JCUPuA024880; Wed, 19 Mar 2014 12:30:25 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403191230.s2JCUPuA024880@svn.freebsd.org> From: Dru Lavigne Date: Wed, 19 Mar 2014 12:30:25 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44281 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2014 12:30:26 -0000 Author: dru Date: Wed Mar 19 12:30:25 2014 New Revision: 44281 URL: http://svnweb.freebsd.org/changeset/doc/44281 Log: Add entities for ctl.conf(5) and ctld(8) Sponsored by: iXsystems Modified: head/share/xml/man-refs.ent Modified: head/share/xml/man-refs.ent ============================================================================== --- head/share/xml/man-refs.ent Tue Mar 18 21:01:07 2014 (r44280) +++ head/share/xml/man-refs.ent Wed Mar 19 12:30:25 2014 (r44281) @@ -3984,6 +3984,7 @@ conserver.cf5"> core5"> crontab5"> +ctl.conf5"> ctm5"> cvs5"> devd.conf5"> @@ -4315,6 +4316,7 @@ crashinfo8"> cron8"> ctladm8"> +ctld8"> cvsbug8"> cvsupd8"> cxconfig8"> From owner-svn-doc-all@FreeBSD.ORG Wed Mar 19 13:13:30 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F154D412; Wed, 19 Mar 2014 13:13:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id DD0923D2; Wed, 19 Mar 2014 13:13:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2JDDTVE045494; Wed, 19 Mar 2014 13:13:29 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2JDDTRx045493; Wed, 19 Mar 2014 13:13:29 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201403191313.s2JDDTRx045493@svn.freebsd.org> From: Mathieu Arnold Date: Wed, 19 Mar 2014 13:13:29 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44282 - head/en_US.ISO8859-1/books/porters-handbook/special X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2014 13:13:30 -0000 Author: mat (ports committer) Date: Wed Mar 19 13:13:29 2014 New Revision: 44282 URL: http://svnweb.freebsd.org/changeset/doc/44282 Log: Update the special chapter. Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Wed Mar 19 12:30:25 2014 (r44281) +++ head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Wed Mar 19 13:13:29 2014 (r44282) @@ -1048,19 +1048,19 @@ PLIST_SUB+= NLS="@comment " are: bigreqsproto compositeproto damageproto dmx - dmxproto dri2proto evieproto fixesproto fontcacheproto - fontenc fontsproto fontutil glproto ice inputproto kbproto - libfs oldx pciaccess pixman printproto randrproto - recordproto renderproto resourceproto scrnsaverproto sm - trapproto videoproto x11 xau xaw xaw6 xaw7 xbitmaps - xcmiscproto xcomposite xcursor xdamage xdmcp xevie xext - xextproto xf86bigfontproto xf86dgaproto xf86driproto - xf86miscproto xf86rushproto xf86vidmodeproto xfixes xfont - xfontcache xft xi xinerama xineramaproto xkbfile xkbui - xmu xmuu xorg-server xp xpm xprintapputil xprintutil - xproto xproxymngproto xrandr xrender xres xscrnsaver xt - xtrans xtrap xtst xv xvmc xxf86dga xxf86misc - xxf86vm. + dmxproto dri2proto dri3proto evieproto fixesproto + fontcacheproto fontenc fontsproto fontutil glproto ice + inputproto kbproto libfs oldx pciaccess pixman presentproto + printproto randrproto recordproto renderproto resourceproto + scrnsaverproto sm trapproto videoproto x11 xau xaw xaw6 xaw7 + xbitmaps xcb xcmiscproto xcomposite xcursor xdamage xdmcp + xevie xext xextproto xf86bigfontproto xf86dgaproto + xf86driproto xf86miscproto xf86rushproto xf86vidmodeproto + xfixes xfont xfontcache xft xi xinerama xineramaproto + xkbfile xkbui xmu xmuu xorg-macros xorg-server xp xpm + xprintapputil xprintutil xproto xproxymngproto xrandr + xrender xres xscrnsaver xshmfence xt xtrans xtrap xtst xv + xvmc xxf86dga xxf86misc xxf86vm. Always up-to-date list can be found in /usr/ports/Mk/bsd.xorg.mk. @@ -1069,7 +1069,7 @@ PLIST_SUB+= NLS="@comment " implementation. You can specify a dependency on various components of this project with USE_GL variable. Valid options are: - glut, glu, glw, glew, gl and + egl, gl, glesv2, glew, glu, glut, glw and linux. For backwards compatibility, the value of yes maps to glu. @@ -1120,10 +1120,10 @@ USE_XORG= x11 xpm Users can choose x11-toolkits/lesstif instead by setting WANT_LESSTIF - variable. + variable in their make.conf. The MOTIFLIB variable will be set by - bsd.port.mk to reference the + motif.mk to reference the appropriate Motif library. Please patch the source of your port to use ${MOTIFLIB} wherever the Motif library is referenced in the original @@ -1150,7 +1150,7 @@ USE_XORG= x11 xpm Note that MOTIFLIB (usually) expands - to -L/usr/local/lib -lXm or + to -L/usr/local/lib -lXm -lXp or /usr/local/lib/libXm.a, so there is no need to add -L or -l in front. @@ -1172,7 +1172,9 @@ USE_XORG= x11 xpm that operate headless. When the following variable is used, the build infrastructure will start the virtual framebuffer X server. The working DISPLAY is then passed - to the build. + to the build. See USES=display + for the possible arguments. USES= display @@ -2689,9 +2691,6 @@ _DOCSDIR= . the value of the PYTHONPREFIX_SITELIBDIR variable to make it relative to PREFIX. - - Python 2.7 or newer is required for this. It does - not work with Python 2.6. @@ -2700,96 +2699,75 @@ _DOCSDIR= . The Ports Collection supports parallel installation of multiple Tcl/Tk versions. Ports should try to support at least the default - Tcl/Tk version and higher with the - USE_TCL and USE_TK - variables. It is possible to specify the desired version of - tcl with the - WITH_TCL_VER variable. + Tcl/Tk version and higher with + USES=tcl. It is possible to specify the + desired version of tcl by appending + :xx, e.g.: + USES=tcl:85. - The Most Useful Variables for Ports That Use + <title>The Most Useful Read-Only Variables for Ports That Use <application>Tcl/Tk</application> - USE_TCL - The port depends on the - Tcl library (not the - shell). Minimal required version can be specified - with values such as 84+. Individual unsupported - versions can be specified with the - INVALID_TCL_VER variable. - - - - USE_TCL_BUILD - The port needs Tcl - only during the build time. + TCL_VER + chosen major.minor version of + Tcl - USE_TCL_WRAPPER - Ports that require the - Tcl shell and do not - require a specific tclsh version - should use this new variable. The - tclsh wrapper is installed on the - system. The user can specify the desired - tcl shell to use. + TCLSH + full path of the Tcl + interpreter - WITH_TCL_VER - User-defined variable that sets the desired - Tcl version. + TCL_LIBDIR + path of the Tcl + libraries - UNIQUENAME_WITH_TCL_VER - Like WITH_TCL_VER, but - per-port. + TCL_INCLUDEDIR + path of the Tcl C + header files - USE_TCL_THREADS - Require a threaded build of - Tcl/Tk. + TK_VER + chosen major.minor version of + Tk - USE_TK - The port depends on the - Tk library (not the wish - shell). Implies USE_TCL with the - same value. For more information see the description - of USE_TCL variable. + WISH + full path of the Tk + interpreter - USE_TK_BUILD - Analog to the USE_TCL_BUILD - variable. + TK_LIBDIR + path of the Tk + libraries - USE_TK_WRAPPER - Analog to the USE_TCL_WRAPPER - variable. - - - - WITH_TK_VER - Analog to the WITH_TCL_VER - variable and implies WITH_TCL_VER - of the same value. + TK_INCLUDEDIR + path of the Tk C header + files
    - A complete list of available variables can be found in - /usr/ports/Mk/bsd.tcl.mk. + See the USES=tcl and + USES=tk of + for a full description of those + variables. A complete list of those variables is available in + /usr/ports/Mk/Uses/tcl.mk.     @@ -2865,40 +2843,40 @@ _DOCSDIR= . Used as a PKGNAMEPREFIX to distinguish packages for different Ruby versions. - ruby18- + ruby19-     RUBY_VERSION Full version of Ruby in the form of - x.y.z. - 1.8.2 + x.y.z[.p]. + 1.9.3.484 RUBY_SITELIBDIR Architecture independent libraries installation path. - /usr/local/lib/ruby/site_ruby/1.8 + /usr/local/lib/ruby/site_ruby/1.9 RUBY_SITEARCHLIBDIR Architecture dependent libraries installation path. - /usr/local/lib/ruby/site_ruby/1.8/amd64-freebsd6 + /usr/local/lib/ruby/site_ruby/1.9/amd64-freebsd10 RUBY_MODDOCDIR Module documentation installation path. - /usr/local/share/doc/ruby18/patsy + /usr/local/share/doc/ruby19/patsy RUBY_MODEXAMPLESDIR Module examples installation path. - /usr/local/share/examples/ruby18/patsy + /usr/local/share/examples/ruby19/patsy @@ -4751,7 +4729,10 @@ run_rc_command "$1" perl, python, or ruby, make certain that command_interpreter is set - appropriately. Otherwise, + appropriately, e.g., for Perl, + by adding PERL=${PERL} to + SUB_LIST and using + %%PERL%%. Otherwise, &prompt.root; service name stop From owner-svn-doc-all@FreeBSD.ORG Wed Mar 19 13:19:47 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6F292A0F; Wed, 19 Mar 2014 13:19:47 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 4F34360B; Wed, 19 Mar 2014 13:19:47 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2JDJlod046424; Wed, 19 Mar 2014 13:19:47 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2JDJlDR046423; Wed, 19 Mar 2014 13:19:47 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403191319.s2JDJlDR046423@svn.freebsd.org> From: Dru Lavigne Date: Wed, 19 Mar 2014 13:19:47 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44283 - head/en_US.ISO8859-1/books/handbook/network-servers X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2014 13:19:47 -0000 Author: dru Date: Wed Mar 19 13:19:46 2014 New Revision: 44283 URL: http://svnweb.freebsd.org/changeset/doc/44283 Log: Editorial review of iSCSI target section. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Wed Mar 19 13:13:29 2014 (r44282) +++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Wed Mar 19 13:19:46 2014 (r44283) @@ -5696,18 +5696,18 @@ Logging to FILE /var/log/messages - Configuring an iSCSI target is - straightforward: create the + To configure an iSCSI target, + create the /etc/ctl.conf configuration file, add - an appropriate line to /etc/rc.conf to - make sure the ctld(8) + a line to /etc/rc.conf to + make sure the &man.ctld.8; daemon is automatically started at boot, and then start the daemon. - A simple ctl.conf(5) - configuration file looks like this: + The following is an example of a simple + /etc/ctl.conf + configuration file. Refer to &man.ctl.conf.5; for a more + complete description of this file's available options. portal-group pg0 { discovery-auth-group no-authentication @@ -5726,95 +5726,86 @@ target iqn.2012-06.com.example:target0 { } The first entry defines the pg0 - portal group. Portal groups define network addresses the - ctld(8) - daemon will listen on. discovery-auth-group - no-authentication means that every initiator is - allowed to perform iSCSI SendTargets - discovery without any authentication. The following two - lines make ctld(8) + portal group. Portal groups define which network addresses the + &man.ctld.8; + daemon will listen on. The discovery-auth-group + no-authentication entry indicates that any initiator is + allowed to perform iSCSI target + discovery without authentication. Lines three and four + configure &man.ctld.8; to listen on all IPv4 (listen 0.0.0.0) and IPv6 (listen [::]) - addresses on the default port (3260). It is not necessary - to define a new portal group; there is a default one, called - default. The difference between - default and pg0 above - is that with default, the - iSCSI SendTargets discovery is always - denied, while with pg0 it is always + addresses on the default port of 3260. + + It is not necessary + to define a portal group as there is a built-in portal group called + default. In this case, the difference between + default and pg0 + is that with default, target + discovery is always + denied, while with pg0, it is always allowed. The second entry defines a single - target. Target has two - meanings: it is a machine serving iSCSI, - but also a named group of LUNs. In this - example, we use the latter meaning. + target. Target has two possible + meanings: a machine serving iSCSI or + a named group of LUNs. This + example uses the latter meaning, where iqn.2012-06.com.example:target0 is the - target name. For testing purposes it can be left as is; - otherwise, com.example should be changed - to the real domain name, reversed; the - 2012-06 is the year and month of + target name. This target name is suitable for testing purposes. + For actual use, change com.example + to the real domain name, reversed. The + 2012-06 represents the year and month of acquiring control of that domain name, and - target0 can be pretty much whatever. Any - number of targets can be defined in the configuration + target0 can be any value. Any + number of targets can be defined in this configuration file. - auth-group no-authentication allows - all initiators to connect to this target. + The auth-group no-authentication line allows + all initiators to connect to the specified target and portal-group pg0 makes the target reachable through the pg0 portal group. - After that come LUNs. To the + The next section defines the LUN. To the initiator, each LUN will be visible as a - separate disk device, like /dev/da0, - /dev/da1 and so on. Multiple + separate disk device. Multiple LUNs can be defined for each target. - LUNs are identified by numbers; - LUN 0 is mandatory. The first line of - LUN configuration - (path /data/target0-0) defines the full - path to a file or ZVOL backing the LUN. - The file must exist before starting ctld(8). - The second line is optional and specifies the size. + Each LUN is identified by a number, where + LUN 0 is mandatory. The + path /data/target0-0 line defines the full + path to a file or zvol backing the LUN. + That path must exist before starting &man.ctld.8;. + The second line is optional and specifies the size of the + LUN. - To make sure ctld(8) + Next, to make sure the &man.ctld.8; daemon is started at boot, add this line to /etc/rc.conf: ctld_enable="YES" - On a new server being configured as - iSCSI target, ctld(8) - can be started by running this command as root: + To start &man.ctld.8; now, + run this command: &prompt.root; service ctld start - The ctld(8) - daemon reads ctl.conf(5) - file when started. To make configuration changes take - effect immediately, force ctld(8) - to reread it: + As the &man.ctld.8; + daemon is started, it reads /etc/ctl.conf. + If this file is edited after the daemon starts, use this + command so that the changes take + effect immediately: &prompt.root; service ctld reload Authentication - The example above is inherently insecure: it uses no - authentication whatsoever, granting anyone full access to - all targets. To require username and password to access - targets, modify the configuration: + The previous example is inherently insecure as it uses no + authentication, granting anyone full access to + all targets. To require a username and password to access + targets, modify the configuration as follows: auth-group ag0 { chap username1 secretsecret @@ -5839,12 +5830,13 @@ target iqn.2012-06.com.example:target0 { The auth-group section defines username and password pairs. An initiator trying to connect to iqn.2012-06.com.example:target0 must - specify either of those. The SendTargets discovery is still - permitted without any kind of authentication; to change it, - set discovery-auth-group to something - else. + first specify a defined username and secret. However, target discovery is still + permitted without authentication. To require target discovery authentication, + set discovery-auth-group to a defined + auth-group name instead of + no-authentication. - A common case for iSCSI is to have a + It is common to define a single exported target for every initiator. As a shorthand for the syntax above, the username and password can be specified directly in the target entry: @@ -5868,8 +5860,7 @@ target iqn.2012-06.com.example:target0 { The current iSCSI initiator is supported starting with &os; 10.0-RELEASE. To use the iSCSI initiator available in older - versions, refer to iscontrol(8). + versions, refer to &man.iscontrol.8;. This chapter only applies to the new initiator. From owner-svn-doc-all@FreeBSD.ORG Wed Mar 19 13:23:11 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D1202BEA; Wed, 19 Mar 2014 13:23:11 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id BDE956C1; Wed, 19 Mar 2014 13:23:11 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2JDNBT4049832; Wed, 19 Mar 2014 13:23:11 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2JDNBwd049830; Wed, 19 Mar 2014 13:23:11 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403191323.s2JDNBwd049830@svn.freebsd.org> From: Dru Lavigne Date: Wed, 19 Mar 2014 13:23:11 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44284 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2014 13:23:11 -0000 Author: dru Date: Wed Mar 19 13:23:11 2014 New Revision: 44284 URL: http://svnweb.freebsd.org/changeset/doc/44284 Log: Add entity for iscsid(8) Sponsored by: iXsystems Modified: head/share/xml/man-refs.ent Modified: head/share/xml/man-refs.ent ============================================================================== --- head/share/xml/man-refs.ent Wed Mar 19 13:19:46 2014 (r44283) +++ head/share/xml/man-refs.ent Wed Mar 19 13:23:11 2014 (r44284) @@ -4431,6 +4431,7 @@ ipmon8"> ipnat8"> iscontrol8"> +iscsid8"> isdnd8"> isdndebug8"> isdndecode8"> From owner-svn-doc-all@FreeBSD.ORG Wed Mar 19 13:50:11 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 69AFA634; Wed, 19 Mar 2014 13:50:11 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 4A822928; Wed, 19 Mar 2014 13:50:11 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2JDoBmh058686; Wed, 19 Mar 2014 13:50:11 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2JDoBMc058685; Wed, 19 Mar 2014 13:50:11 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403191350.s2JDoBMc058685@svn.freebsd.org> From: Dru Lavigne Date: Wed, 19 Mar 2014 13:50:11 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44285 - head/en_US.ISO8859-1/books/handbook/network-servers X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2014 13:50:11 -0000 Author: dru Date: Wed Mar 19 13:50:10 2014 New Revision: 44285 URL: http://svnweb.freebsd.org/changeset/doc/44285 Log: Finish editorial review of iSCSI chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Wed Mar 19 13:23:11 2014 (r44284) +++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Wed Mar 19 13:50:10 2014 (r44285) @@ -5857,83 +5857,75 @@ target iqn.2012-06.com.example:target0 { Configuring an <acronym>iSCSI</acronym> Initiator - The current iSCSI initiator is + The iSCSI initiator described in this section is supported starting with &os; 10.0-RELEASE. To use the iSCSI initiator available in older - versions, refer to &man.iscontrol.8;. - This chapter only applies to the new initiator. + versions, refer to &man.iscontrol.8;. - The iSCSI initiator requires the iscsid(8) - daemon to run. It does not use a configuration file. To + The iSCSI initiator requires that the &man.iscsid.8; + daemon is running. This daemon does not use a configuration file. To start it automatically at boot, add this line to /etc/rc.conf: iscsid_enable="YES" - On a new machine being configured as an - iSCSI initiator, iscsid(8) - can be started by running this command as root: + To start &man.iscsid.8; now, + run this command: &prompt.root; service iscsid start Connecting to a target can be done with or without an - iscsi.conf(8) - configuration file. + /etc/iscsi.conf + configuration file. This section demonstrates both types of + connections. Connecting to a Target Without a Configuration File - To make the initiator connect to a single target, run - this command as root: - - &prompt.root; iscsictl -A -p 10.10.10.10 -t iqn.2012-06.com.example:target0 - - To verify if the connection succeeded, run it without - arguments. The output should look like this: + To connect an initiator to a single target, specify the + IP address of the portal and the name of + the target: + + &prompt.root; iscsictl -A -p 10.10.10.10 -t iqn.2012-06.com.example:target0 + + To verify if the connection succeeded, run + iscsictl without any + arguments. The output should look similar to this: Target name Target portal State iqn.2012-06.com.example:target0 10.10.10.10 Connected: da0 - This shows that the iSCSI session was + In this example, the iSCSI session was successfully established, with /dev/da0 representing the attached LUN. If the iqn.2012-06.com.example:target0 target exports more than one LUN, multiple - device nodes will be shown in the iscictl(8) + device nodes will be shown in that section of the output: Connected: da0 da1 da2. - Any errors are reported in the system logs, and also - visible in the iscictl(8) - output. For example, this usually means the iscsid(8) + Any errors will be reported in the output, as well as the system logs. + For example, this message usually means that the &man.iscsid.8; daemon is not running: Target name Target portal State iqn.2012-06.com.example:target0 10.10.10.10 Waiting for iscsid(8) - The following suggests a network-level problem, such as + The following message suggests a networking problem, such as a wrong IP address or port: Target name Target portal State iqn.2012-06.com.example:target0 10.10.10.11 Connection refused - This means the specified target name was wrong: + This message means that the specified target name is wrong: Target name Target portal State iqn.2012-06.com.example:atrget0 10.10.10.10 Not found - This means the target requires authentication: + This message means that the target requires authentication: Target name Target portal State iqn.2012-06.com.example:target0 10.10.10.10 Authentication failed @@ -5941,7 +5933,7 @@ iqn.2012-06.com.example:target0 To specify a CHAP username and secret, use this syntax: - &prompt.root; iscsictl -A -p 10.10.10.10 -t iqn.2012-06.com.example:target0 -u user -s secretsecret + &prompt.root; iscsictl -A -p 10.10.10.10 -t iqn.2012-06.com.example:target0 -u user -s secretsecret @@ -5960,19 +5952,19 @@ iqn.2012-06.com.example:target0 chapSecret = secretsecret } - t0 specifies a nickname for the - configuration file section, used at the initiator side to - specify which configuration to use. The following lines - specify various parameters used during connection. Target - address and name are mandatory, others are optional. In - this example, CHAP username and secret + The t0 specifies a nickname for the + configuration file section. It will be used by the initiator to + specify which configuration to use. The other lines + specify the parameters to use during connection. The TargetAddress + and TargetName are mandatory, whereas the other options are optional. In + this example, the CHAP username and secret are shown. - To connect to the target defined above, use: + To connect to the defined target, specify the nickname: - &prompt.root; iscsictl -An t0 + &prompt.root; iscsictl -An t0 - To connect to all targets defined in the configuration + Alternately, to connect to all targets defined in the configuration file, use: &prompt.root; iscsictl -Aa From owner-svn-doc-all@FreeBSD.ORG Wed Mar 19 14:08:07 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8D2DCACD; Wed, 19 Mar 2014 14:08:07 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 77307B61; Wed, 19 Mar 2014 14:08:07 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2JE87cD066422; Wed, 19 Mar 2014 14:08:07 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2JE876m066421; Wed, 19 Mar 2014 14:08:07 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403191408.s2JE876m066421@svn.freebsd.org> From: Dru Lavigne Date: Wed, 19 Mar 2014 14:08:07 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44286 - head/en_US.ISO8859-1/books/handbook/network-servers X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2014 14:08:07 -0000 Author: dru Date: Wed Mar 19 14:08:07 2014 New Revision: 44286 URL: http://svnweb.freebsd.org/changeset/doc/44286 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Wed Mar 19 13:50:10 2014 (r44285) +++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Wed Mar 19 14:08:07 2014 (r44286) @@ -1744,10 +1744,10 @@ nis_client_enable="YES" logins. To prevent specified users from logging on to a system, - even if they are present in the - NIS database, use vipw - to add -username with the correct number - of colons towards the end of + even if they are present in the NIS + database, use vipw to add + -username with + the correct number of colons towards the end of /etc/master.passwd on the client, where username is the username of a user to bar from logging in. The line with the blocked @@ -4394,7 +4394,8 @@ $include Kexample.com.+005+nnnnn.ZSK.key Binaries are stored in the bin and sbin subdirectories of the server root, and configuration files are stored in - etc/apache2x. + etc/apache2x. @@ -4485,7 +4486,8 @@ $include Kexample.com.+005+nnnnn.ZSK.key &prompt.root; service apache24 start The httpd service can be tested by - entering http://localhost + entering + http://localhost in a web browser, replacing localhost with the fully-qualified domain name of the machine running httpd, @@ -5658,27 +5660,26 @@ Logging to FILE /var/log/messages iSCSI is a way to share storage over a - network. Unlike - NFS, which works at the - file system level, iSCSI works at the - block device level. - + network. Unlike NFS, which works at the file + system level, iSCSI works at the block device + level. + In iSCSI terminology, the system that - shares the storage is - known as the target. The storage can be a - physical disk, or an area representing multiple disks or a - portion of a physical disk. For example, if the disk(s) are - formatted with ZFS, a zvol can be created to - use as the iSCSI storage. - + shares the storage is known as the target. + The storage can be a physical disk, or an area representing + multiple disks or a portion of a physical disk. For example, if + the disk(s) are formatted with ZFS, a zvol + can be created to use as the iSCSI + storage. + The clients which access the iSCSI - storage are called initiators. - To initiators, the storage available through + storage are called initiators. To + initiators, the storage available through iSCSI appears as a raw, unformatted disk - known as a LUN. - Device nodes for the disk appear in /dev/ and the device must be + known as a LUN. Device nodes for the disk + appear in /dev/ and the device must be separately formatted and mounted. - + Beginning with 10.0-RELEASE, &os; provides a native, kernel-based iSCSI target and initiator. This section describes how to configure a &os; system as a @@ -5688,28 +5689,26 @@ Logging to FILE /var/log/messagesConfiguring an iSCSI Target - The native iSCSI target is - supported starting with &os; 10.0-RELEASE. To use - iSCSI in older versions of &os;, install a - userspace target from the Ports Collection, such as - net/istgt. This chapter only describes the - native target. + The native iSCSI target is supported + starting with &os; 10.0-RELEASE. To use + iSCSI in older versions of &os;, install + a userspace target from the Ports Collection, such as + net/istgt. This chapter only describes + the native target. - To configure an iSCSI target, - create the - /etc/ctl.conf configuration file, add - a line to /etc/rc.conf to - make sure the &man.ctld.8; - daemon is automatically started at boot, and then start the - daemon. - - The following is an example of a simple - /etc/ctl.conf - configuration file. Refer to &man.ctl.conf.5; for a more - complete description of this file's available options. + To configure an iSCSI target, create + the /etc/ctl.conf configuration file, add + a line to /etc/rc.conf to make sure the + &man.ctld.8; daemon is automatically started at boot, and then + start the daemon. + + The following is an example of a simple + /etc/ctl.conf configuration file. Refer + to &man.ctl.conf.5; for a more complete description of this + file's available options. - portal-group pg0 { + portal-group pg0 { discovery-auth-group no-authentication listen 0.0.0.0 listen [::] @@ -5725,86 +5724,78 @@ target iqn.2012-06.com.example:target0 { } } - The first entry defines the pg0 - portal group. Portal groups define which network addresses the - &man.ctld.8; - daemon will listen on. The discovery-auth-group - no-authentication entry indicates that any initiator is - allowed to perform iSCSI target - discovery without authentication. Lines three and four - configure &man.ctld.8; to - listen on all IPv4 - (listen 0.0.0.0) and - IPv6 (listen [::]) - addresses on the default port of 3260. - - It is not necessary - to define a portal group as there is a built-in portal group called - default. In this case, the difference between - default and pg0 - is that with default, target - discovery is always - denied, while with pg0, it is always - allowed. - - The second entry defines a single - target. Target has two possible - meanings: a machine serving iSCSI or - a named group of LUNs. This - example uses the latter meaning, where - iqn.2012-06.com.example:target0 is the - target name. This target name is suitable for testing purposes. - For actual use, change com.example - to the real domain name, reversed. The - 2012-06 represents the year and month of - acquiring control of that domain name, and - target0 can be any value. Any - number of targets can be defined in this configuration - file. - - The auth-group no-authentication line allows - all initiators to connect to the specified target and - portal-group pg0 makes the target - reachable through the pg0 portal - group. - - The next section defines the LUN. To the - initiator, each LUN will be visible as a - separate disk device. Multiple - LUNs can be defined for each target. - Each LUN is identified by a number, where - LUN 0 is mandatory. The - path /data/target0-0 line defines the full - path to a file or zvol backing the LUN. - That path must exist before starting &man.ctld.8;. - The second line is optional and specifies the size of the - LUN. + The first entry defines the pg0 portal + group. Portal groups define which network addresses the + &man.ctld.8; daemon will listen on. The + discovery-auth-group no-authentication + entry indicates that any initiator is allowed to perform + iSCSI target discovery without + authentication. Lines three and four configure &man.ctld.8; + to listen on all IPv4 + (listen 0.0.0.0) and + IPv6 (listen [::]) + addresses on the default port of 3260. + + It is not necessary to define a portal group as there is a + built-in portal group called default. In + this case, the difference between default + and pg0 is that with + default, target discovery is always denied, + while with pg0, it is always + allowed. + + The second entry defines a single target. Target has two + possible meanings: a machine serving iSCSI + or a named group of LUNs. This example + uses the latter meaning, where + iqn.2012-06.com.example:target0 is the + target name. This target name is suitable for testing + purposes. For actual use, change + com.example to the real domain name, + reversed. The 2012-06 represents the year + and month of acquiring control of that domain name, and + target0 can be any value. Any number of + targets can be defined in this configuration file. + + The auth-group no-authentication line + allows all initiators to connect to the specified target and + portal-group pg0 makes the target reachable + through the pg0 portal group. + + The next section defines the LUN. To + the initiator, each LUN will be visible as + a separate disk device. Multiple LUNs can + be defined for each target. Each LUN is + identified by a number, where LUN 0 is + mandatory. The path /data/target0-0 line + defines the full path to a file or zvol backing the + LUN. That path must exist before starting + &man.ctld.8;. The second line is optional and specifies the + size of the LUN. - Next, to make sure the &man.ctld.8; - daemon is started at boot, add this line to - /etc/rc.conf: + Next, to make sure the &man.ctld.8; daemon is started at + boot, add this line to + /etc/rc.conf: - ctld_enable="YES" + ctld_enable="YES" - To start &man.ctld.8; now, - run this command: + To start &man.ctld.8; now, run this command: - &prompt.root; service ctld start + &prompt.root; service ctld start - As the &man.ctld.8; - daemon is started, it reads /etc/ctl.conf. - If this file is edited after the daemon starts, use this - command so that the changes take - effect immediately: + As the &man.ctld.8; daemon is started, it reads + /etc/ctl.conf. If this file is edited + after the daemon starts, use this command so that the changes + take effect immediately: - &prompt.root; service ctld reload + &prompt.root; service ctld reload Authentication - The previous example is inherently insecure as it uses no - authentication, granting anyone full access to - all targets. To require a username and password to access + The previous example is inherently insecure as it uses + no authentication, granting anyone full access to all + targets. To require a username and password to access targets, modify the configuration as follows: auth-group ag0 { @@ -5830,16 +5821,17 @@ target iqn.2012-06.com.example:target0 { The auth-group section defines username and password pairs. An initiator trying to connect to iqn.2012-06.com.example:target0 must - first specify a defined username and secret. However, target discovery is still - permitted without authentication. To require target discovery authentication, - set discovery-auth-group to a defined + first specify a defined username and secret. However, + target discovery is still permitted without authentication. + To require target discovery authentication, set + discovery-auth-group to a defined auth-group name instead of no-authentication. - It is common to define a - single exported target for every initiator. As a shorthand - for the syntax above, the username and password can be - specified directly in the target entry: + It is common to define a single exported target for + every initiator. As a shorthand for the syntax above, the + username and password can be specified directly in the + target entry: target iqn.2012-06.com.example:target0 { portal-group pg0 @@ -5857,28 +5849,26 @@ target iqn.2012-06.com.example:target0 { Configuring an <acronym>iSCSI</acronym> Initiator - The iSCSI initiator described in this section is - supported starting with &os; 10.0-RELEASE. To use the - iSCSI initiator available in older - versions, refer to &man.iscontrol.8;. + The iSCSI initiator described in this + section is supported starting with &os; 10.0-RELEASE. To + use the iSCSI initiator available in + older versions, refer to &man.iscontrol.8;. - The iSCSI initiator requires that the &man.iscsid.8; - daemon is running. This daemon does not use a configuration file. To - start it automatically at boot, add this line to - /etc/rc.conf: + The iSCSI initiator requires that the + &man.iscsid.8; daemon is running. This daemon does not use a + configuration file. To start it automatically at boot, add + this line to /etc/rc.conf: iscsid_enable="YES" - To start &man.iscsid.8; now, - run this command: + To start &man.iscsid.8; now, run this command: &prompt.root; service iscsid start Connecting to a target can be done with or without an - /etc/iscsi.conf - configuration file. This section demonstrates both types of - connections. + /etc/iscsi.conf configuration file. This + section demonstrates both types of connections. Connecting to a Target Without a Configuration @@ -5891,15 +5881,16 @@ target iqn.2012-06.com.example:target0 { <screen>&prompt.root; <userinput>iscsictl -A -p <replaceable>10.10.10.10</replaceable> -t <replaceable>iqn.2012-06.com.example:target0</replaceable></userinput></screen> <para>To verify if the connection succeeded, run - <command>iscsictl</command> without any - arguments. The output should look similar to this:</para> + <command>iscsictl</command> without any arguments. The + output should look similar to this:</para> <programlisting>Target name Target portal State iqn.2012-06.com.example:target0 10.10.10.10 Connected: da0</programlisting> - <para>In this example, the <acronym>iSCSI</acronym> session was - successfully established, with <filename>/dev/da0</filename> - representing the attached <acronym>LUN</acronym>. If the + <para>In this example, the <acronym>iSCSI</acronym> session + was successfully established, with + <filename>/dev/da0</filename> representing the attached + <acronym>LUN</acronym>. If the <literal>iqn.2012-06.com.example:target0</literal> target exports more than one <acronym>LUN</acronym>, multiple device nodes will be shown in that section of the @@ -5907,25 +5898,28 @@ iqn.2012-06.com.example:target0 <screen>Connected: da0 da1 da2.</screen> - <para>Any errors will be reported in the output, as well as the system logs. - For example, this message usually means that the &man.iscsid.8; - daemon is not running:</para> + <para>Any errors will be reported in the output, as well as + the system logs. For example, this message usually means + that the &man.iscsid.8; daemon is not running:</para> <programlisting>Target name Target portal State iqn.2012-06.com.example:target0 10.10.10.10 Waiting for iscsid(8)</programlisting> - <para>The following message suggests a networking problem, such as - a wrong <acronym>IP</acronym> address or port:</para> + <para>The following message suggests a networking problem, + such as a wrong <acronym>IP</acronym> address or + port:</para> <programlisting>Target name Target portal State iqn.2012-06.com.example:target0 10.10.10.11 Connection refused</programlisting> - <para>This message means that the specified target name is wrong:</para> + <para>This message means that the specified target name is + wrong:</para> <programlisting>Target name Target portal State iqn.2012-06.com.example:atrget0 10.10.10.10 Not found</programlisting> - <para>This message means that the target requires authentication:</para> + <para>This message means that the target requires + authentication:</para> <programlisting>Target name Target portal State iqn.2012-06.com.example:target0 10.10.10.10 Authentication failed</programlisting> @@ -5953,19 +5947,22 @@ iqn.2012-06.com.example:target0 }</programlisting> <para>The <literal>t0</literal> specifies a nickname for the - configuration file section. It will be used by the initiator to - specify which configuration to use. The other lines - specify the parameters to use during connection. The <literal>TargetAddress</literal> - and <literal>TargetName</literal> are mandatory, whereas the other options are optional. In - this example, the <acronym>CHAP</acronym> username and secret - are shown.</para> + configuration file section. It will be used by the + initiator to specify which configuration to use. The other + lines specify the parameters to use during connection. The + <literal>TargetAddress</literal> and + <literal>TargetName</literal> are mandatory, whereas the + other options are optional. In this example, the + <acronym>CHAP</acronym> username and secret are + shown.</para> - <para>To connect to the defined target, specify the nickname:</para> + <para>To connect to the defined target, specify the + nickname:</para> <screen>&prompt.root; <userinput>iscsictl -An <replaceable>t0</replaceable></userinput></screen> - <para>Alternately, to connect to all targets defined in the configuration - file, use:</para> + <para>Alternately, to connect to all targets defined in the + configuration file, use:</para> <screen>&prompt.root; <userinput>iscsictl -Aa</userinput></screen> From owner-svn-doc-all@FreeBSD.ORG Wed Mar 19 15:55:03 2014 Return-Path: <owner-svn-doc-all@FreeBSD.ORG> Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 50F97E99; Wed, 19 Mar 2014 15:55:03 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 32762A2F; Wed, 19 Mar 2014 15:55:03 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2JFt3FG010724; Wed, 19 Mar 2014 15:55:03 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2JFt3C3010723; Wed, 19 Mar 2014 15:55:03 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403191555.s2JFt3C3010723@svn.freebsd.org> From: Dru Lavigne <dru@FreeBSD.org> Date: Wed, 19 Mar 2014 15:55:03 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44287 - head/en_US.ISO8859-1/books/handbook/kernelconfig X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" <svn-doc-all.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/svn-doc-all/> List-Post: <mailto:svn-doc-all@freebsd.org> List-Help: <mailto:svn-doc-all-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=subscribe> X-List-Received-Date: Wed, 19 Mar 2014 15:55:03 -0000 Author: dru Date: Wed Mar 19 15:55:02 2014 New Revision: 44287 URL: http://svnweb.freebsd.org/changeset/doc/44287 Log: Comment out the kernel walk-through as it is out-of-date and architecture specific. Comment out the PAE section as it deals with ancient hardware. Some small editorial fixes. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Wed Mar 19 14:08:07 2014 (r44286) +++ head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Wed Mar 19 15:55:02 2014 (r44287) @@ -250,7 +250,7 @@ ath_hal(4) - Atheros Hardw <para>If <filename>/usr/src/</filename> does not exist or it is empty, source has not been installed. Source can be installed - using <application>Subversion</application>, which is described + using <application>Subversion</application> and the instructions in <xref linkend="svn"/>.</para> <para>Once source is installed, review the contents of @@ -268,25 +268,13 @@ ath_hal(4) - Atheros Hardw The convention is to use a name with all capital letters. When maintaining multiple &os; machines with different hardware, it is a good idea to name it after the machine's hostname. This - example creates a custom configuration file for the + example creates a copy, named <filename>MYKERNEL</filename>, of the + <filename>GENERIC</filename> configuration file for the <literal>amd64</literal> architecture:</para> <screen>&prompt.root; <userinput>cd /usr/src/sys/amd64/conf</userinput> &prompt.root; <userinput>cp GENERIC MYKERNEL</userinput></screen> - <tip> - <para>When finished customizing the kernel configuration file, - save a backup copy to a location outside of <filename>/usr/src</filename>.</para> - - <para>Alternately, keep the kernel configuration file elsewhere - and create a symbolic link to the file:</para> - - <screen>&prompt.root; <userinput>cd /usr/src/sys/amd64/conf</userinput> -&prompt.root; <userinput>mkdir /root/kernels</userinput> -&prompt.root; <userinput>cp GENERIC /root/kernels/MYKERNEL</userinput> -&prompt.root; <userinput>ln -s /root/kernels/MYKERNEL</userinput></screen> - </tip> - <para>The configuration file <filename>MYKERNEL</filename> can now be customized with any ASCII text editor. The default editor is @@ -320,13 +308,26 @@ ath_hal(4) - Atheros Hardw For architecture independent options, refer to <filename>/usr/src/sys/conf/NOTES</filename>.</para> + <tip> + <para>When finished customizing the kernel configuration file, + save a backup copy to a location outside of <filename>/usr/src</filename>.</para> + + <para>Alternately, keep the kernel configuration file elsewhere + and create a symbolic link to the file:</para> + + <screen>&prompt.root; <userinput>cd /usr/src/sys/amd64/conf</userinput> +&prompt.root; <userinput>mkdir /root/kernels</userinput> +&prompt.root; <userinput>cp GENERIC /root/kernels/MYKERNEL</userinput> +&prompt.root; <userinput>ln -s /root/kernels/MYKERNEL</userinput></screen> + </tip> + <para>An <literal>include</literal> directive is available for use in configuration files. This allows another configuration file to be included in the current one, making it easy to maintain - small changes relative to an existing file. For example, if + small changes relative to an existing file. If only a small number of additional options or drivers are required, this allows a delta to be maintained with respect - to GENERIC:</para> + to <filename>GENERIC</filename>, as seen in this example:</para> <programlisting>include GENERIC ident MYKERNEL @@ -351,12 +352,14 @@ options IPDIVERT</programlisting <screen>&prompt.root; <userinput>cd /usr/src/sys/<replaceable>arch</replaceable>/conf && make LINT</userinput></screen> </note> - +<!-- <indexterm> <primary>kernel options</primary> <secondary>ident</secondary> </indexterm> +This is outdated and specific to one architecture. + <programlisting>ident GENERIC</programlisting> <para>This is the identification of the kernel. Change @@ -1064,7 +1067,10 @@ device fwe # Ethernet <para>For more information and additional devices supported by &os;, see <filename>/usr/src/sys/<replaceable>arch</replaceable>/conf/NOTES</filename>.</para> - + --> + + <!-- + This section refers to ancient hardware. <sect2> <title>Large Memory Configurations (<acronym>PAE</acronym>) @@ -1151,6 +1157,7 @@ device fwe # Ethernet consult &man.tuning.7;. &man.pae.4; contains up-to-date information on &os;'s PAE support. +--> From owner-svn-doc-all@FreeBSD.ORG Wed Mar 19 16:52:26 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0101CD18; Wed, 19 Mar 2014 16:52:25 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id E0256F7C; Wed, 19 Mar 2014 16:52:25 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2JGqPw4034441; Wed, 19 Mar 2014 16:52:25 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2JGqPC1034440; Wed, 19 Mar 2014 16:52:25 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403191652.s2JGqPC1034440@svn.freebsd.org> From: Dru Lavigne Date: Wed, 19 Mar 2014 16:52:25 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44288 - head/en_US.ISO8859-1/books/handbook/kernelconfig X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2014 16:52:26 -0000 Author: dru Date: Wed Mar 19 16:52:25 2014 New Revision: 44288 URL: http://svnweb.freebsd.org/changeset/doc/44288 Log: Finish editorial review of kernel config chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Wed Mar 19 15:55:02 2014 (r44287) +++ head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Wed Mar 19 16:52:25 2014 (r44288) @@ -300,7 +300,15 @@ ath_hal(4) - Atheros Hardw put a # at the beginning of the line representing that device or subsystem. Do not add or remove a # for any line that you do not understand. - + + + It is easy to remove support for a device or option and + end up with a broken kernel. For example, if the &man.ata.4; + driver is removed from the kernel configuration file, a system + using ATA disk drivers may not boot. When + in doubt, just leave support in the kernel. + + In addition to the brief descriptions provided in this file, additional descriptions are contained in NOTES, which can be found in the same @@ -1163,28 +1171,9 @@ device fwe # Ethernet Building and Installing a Custom Kernel - After saving the edits, compile the source code for the - kernel. - - - After syncing the source tree - with the latest sources, always read - /usr/src/UPDATING - before performing any update steps. This file describes any - important issues or areas requiring special attention within - the updated source code. - /usr/src/UPDATING always matches - the version of the &os; source and contains more up-to-date - information than this Handbook. - - - - It is easy to remove support for a device or option and - end up with a broken kernel. For example, if the &man.ata.4; - driver is removed from the kernel configuration file, a system - using ATA disk drivers may not boot. When - in doubt, just leave support in the kernel. - + Once the edits to the custom configuration file have been + saved, the source code for the + kernel can be compiled using the following steps: Building a Kernel @@ -1193,13 +1182,8 @@ device fwe # Ethernet building / installing - - It is required to have the full &os; source tree - installed to build the kernel. - - - cd to /usr/src: + Change to this directory: &prompt.root; cd /usr/src @@ -1208,100 +1192,88 @@ device fwe # Ethernet Compile the new kernel by specifying the name of the custom kernel configuration file: - &prompt.root; make buildkernel KERNCONF=MYKERNEL + &prompt.root; make buildkernel KERNCONF=MYKERNEL - Install the new kernel: + Install the new kernel associated with the specified + kernel configuration file. This command will copy the new kernel to + /boot/kernel/kernel and save the old kernel + to /boot/kernel.old/kernel: - &prompt.root; make installkernel KERNCONF=MYKERNEL + &prompt.root; make installkernel KERNCONF=MYKERNEL + + + + Shutdown the system and reboot into the new kernel. + If something goes wrong, refer to . - By default, when a custom kernel is compiled, - all kernel modules are rebuilt as well. + all kernel modules are rebuilt. To update a kernel faster or to build only custom modules, edit /etc/make.conf before starting to - build the kernel: + build the kernel. - MODULES_OVERRIDE = linux acpi sound/sound sound/driver/ds1 ntfs + For example, this variable specifies the list of modules to build + instead of using the default of building all modules: - This variable specifies the list of modules to build - instead the default of building of all of them. + MODULES_OVERRIDE = linux acpi ntfs + + Alternately, this variable lists which modules to + exclude from the build process: WITHOUT_MODULES = linux acpi sound ntfs - This variable sets up a list of top level modules to - exclude from the build process. For other available - variables, refer to &man.make.conf.5;. - + Additional variables are available. + Refer to &man.make.conf.5; for details. /boot/kernel.old - - The new kernel will be copied to /boot/kernel as - /boot/kernel/kernel and the old kernel - will be moved to /boot/kernel.old/kernel. - Now, shutdown the system and reboot into the new kernel. - If something goes wrong, refer to the troubleshooting - instructions and the section which explains how to - recover when the new kernel does not boot. - - - Other files relating to the boot process, such as the boot - &man.loader.8; and configuration, are stored in /boot. Third party or - custom modules can be placed in /boot/kernel, although users - should be aware that keeping modules in sync with the compiled - kernel is very important. Modules not intended to run with - the compiled kernel may result in instability. - If Something Goes Wrong There are four categories of trouble that can occur when - building a custom kernel. They are: + building a custom kernel: - config fails: + config fails - If &man.config.8; fails, it is probably a simple - error. Fortunately, &man.config.8; will print the line - number that it had trouble with. For example, for - this message: + If config fails, it will print the line + number that is incorrect. As an example, for + the following message, make sure that line 17 is typed correctly by + comparing it to + GENERIC or NOTES: config: line 17: syntax error - - Make sure the keyword on line 17 is typed correctly by - comparing it to the - GENERIC kernel or another - reference. - make fails: + make fails - If make fails, it usually signals - an error in the kernel description which is not severe - enough for &man.config.8; to catch. Review the - configuration, and if you still cannot resolve the - problem, send an email to the &a.questions; with the - kernel configuration. + If make fails, it is usually due to + an error in the kernel configuration file which is not severe + enough for config to catch. Review the + configuration, and if the problem is not apparent, + send an email to the &a.questions; which contains the + kernel configuration file. - The kernel does not boot: + The kernel does not boot - If the new kernel does not boot, or fails to recognize + If the new kernel does not boot or fails to recognize devices, do not panic! Fortunately, &os; has an excellent mechanism for recovering from incompatible kernels. Simply choose the kernel to boot from at the &os; boot @@ -1310,9 +1282,7 @@ device fwe # Ethernet prompt option. At the prompt, type boot kernel.old, or - the name of any other kernel that will boot properly. - When reconfiguring a kernel, it is always a good idea to - keep a kernel that is known to work on hand. + the name of any other kernel that is known to boot properly. After booting with a good kernel, check over the configuration file and try to build it again. One helpful @@ -1323,16 +1293,14 @@ device fwe # Ethernet When troubleshooting a kernel, make sure to keep - GENERIC, or some other kernel that - is known to work, on hand as a different name that will - not get erased on the next build. Do not rely on - kernel.old because when installing - a new kernel, kernel.old is - overwritten with the last installed kernel which may - be non-functional. As soon as possible, move the - working kernel to the proper /boot/kernel - location or commands such as &man.ps.1; may not work - properly. To do this, simply rename the directory + a copy of GENERIC, or some other kernel that + is known to work, as a different name that will + not get erased on the next build. This is important + because every time + a new kernel is installed, kernel.old is + overwritten with the last installed kernel, which may or + may not be bootable. As soon as possible, move the + working kernel by renaming the directory containing the good kernel: &prompt.root; mv /boot/kernel /boot/kernel.bad @@ -1343,18 +1311,17 @@ device fwe # Ethernet - The kernel works, but &man.ps.1; does not work - any more: + The kernel works, but &man.ps.1; does not If the kernel version differs from the one that the system utilities have been built with, for example, a - -CURRENT kernel on a -RELEASE, many system status commands + kernel built from -CURRENT sources is installed on a -RELEASE system, many system status commands like &man.ps.1; and &man.vmstat.8; will not work. To fix this, recompile and install a world built with the same version of the - source tree as the kernel. This is one reason why it is - not a good idea to use a different version of the kernel + source tree as the kernel. It is + never a good idea to use a different version of the kernel than the rest of the operating system. From owner-svn-doc-all@FreeBSD.ORG Wed Mar 19 17:14:09 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 279872AD; Wed, 19 Mar 2014 17:14:09 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 12369212; Wed, 19 Mar 2014 17:14:09 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2JHE9Kr042633; Wed, 19 Mar 2014 17:14:09 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2JHE8xn042632; Wed, 19 Mar 2014 17:14:08 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403191714.s2JHE8xn042632@svn.freebsd.org> From: Dru Lavigne Date: Wed, 19 Mar 2014 17:14:08 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44289 - head/en_US.ISO8859-1/books/handbook/kernelconfig X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2014 17:14:09 -0000 Author: dru Date: Wed Mar 19 17:14:08 2014 New Revision: 44289 URL: http://svnweb.freebsd.org/changeset/doc/44289 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Wed Mar 19 16:52:25 2014 (r44288) +++ head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Wed Mar 19 17:14:08 2014 (r44289) @@ -69,17 +69,17 @@ All of the commands listed in the examples in this chapter - should be executed as root. + should be executed as root. Why Build a Custom Kernel? - Traditionally, &os; used a monolithic kernel. - The kernel was one large program, supported a fixed list of - devices, and in order to change the kernel's behavior, one had - to compile and then reboot into a new - kernel. + Traditionally, &os; used a monolithic kernel. The kernel + was one large program, supported a fixed list of devices, and in + order to change the kernel's behavior, one had to compile and + then reboot into a new kernel. Today, most of the functionality in the &os; kernel is contained in modules which can be dynamically loaded and @@ -132,12 +132,11 @@ doing so. If there is a need for specific hardware support, it may already exist as a module. - Kernel modules exist in /boot/kernel and may be - dynamically loaded into the running kernel using - &man.kldload.8;. Most kernel drivers have a - loadable module and manual page. For example, the &man.ath.4; - wireless Ethernet driver has the following information in its - manual page: + Kernel modules exist in /boot/kernel + and may be dynamically loaded into the running kernel using + &man.kldload.8;. Most kernel drivers have a loadable module and + manual page. For example, the &man.ath.4; wireless Ethernet + driver has the following information in its manual page: Alternatively, to load the driver as a module at boot time, place the following line in &man.loader.conf.5;: @@ -145,11 +144,12 @@ following line in &man.loader.conf.5;: if_ath_load="YES" Adding if_ath_load="YES" to - /boot/loader.conf will load this - module dynamically at boot time. + /boot/loader.conf will load this module + dynamically at boot time. - In some cases, there is no associated module in /boot/kernel. This is - mostly true for certain subsystems. + In some cases, there is no associated module in + /boot/kernel. This is mostly true for + certain subsystems. @@ -166,11 +166,10 @@ following line in &man.loader.conf.5;: --> Finding the System Hardware - Before editing the kernel configuration file, it is recommended - to perform an inventory of the machine's hardware. On a dual-boot - system, the inventory - can be created from the other operating system. - For example, µsoft;'s + Before editing the kernel configuration file, it is + recommended to perform an inventory of the machine's hardware. + On a dual-boot system, the inventory can be created from the + other operating system. For example, µsoft;'s Device Manager contains information about installed devices. @@ -180,12 +179,11 @@ following line in &man.loader.conf.5;: access Device Manager. - If &os; is the only installed operating system, - use &man.dmesg.8; to determine the hardware that was found and - listed during the boot probe. Most device - drivers on &os; have a manual page which lists the hardware supported by that driver. - For - example, the following lines indicate that the &man.psm.4; + If &os; is the only installed operating system, use + &man.dmesg.8; to determine the hardware that was found and + listed during the boot probe. Most device drivers on &os; have + a manual page which lists the hardware supported by that driver. + For example, the following lines indicate that the &man.psm.4; driver found a mouse: psm0: <PS/2 Mouse> irq 12 on atkbdc0 @@ -197,12 +195,11 @@ psm0: model Generic PS/2 mouse, device I removed from a custom kernel configuration file. If the output of dmesg does not display - the results of the boot probe output, instead read the contents of - /var/run/dmesg.boot. + the results of the boot probe output, instead read the contents + of /var/run/dmesg.boot. - Another tool for finding hardware is - &man.pciconf.8;, which provides more verbose output. For - example: + Another tool for finding hardware is &man.pciconf.8;, which + provides more verbose output. For example: &prompt.user; pciconf -lv ath0@pci0:3:0:0: class=0x020000 card=0x058a1014 chip=0x1014168c rev=0x01 hdr=0x00 @@ -211,14 +208,12 @@ ath0@pci0:3:0:0: class=0x020000 c class = network subclass = ethernet - This output shows that the - ath driver located a wireless Ethernet - device. - - The flag of &man.man.1; - can be used to provide useful information. For example, to - display a list of manual pages which contain the specified - word: + This output shows that the ath driver + located a wireless Ethernet device. + + The flag of &man.man.1; can be used to + provide useful information. For example, to display a list of + manual pages which contain the specified word: &prompt.root; man -k Atheros @@ -252,36 +247,39 @@ ath_hal(4) - Atheros Hardw empty, source has not been installed. Source can be installed using Subversion and the instructions in . - + Once source is installed, review the contents of /usr/src/sys. This directory contains a - number of subdirectories, including those which represent the following - supported architectures: amd64, i386, ia64, pc98, powerpc, and sparc64. Everything inside a - particular architecture's directory deals with that architecture - only and the rest of the code is machine independent code common - to all platforms. Each supported architecture has a conf subdirectory - which contains the GENERIC kernel - configuration file for that architecture. - + number of subdirectories, including those which represent the + following supported architectures: amd64, + i386, ia64, + pc98, powerpc, and + sparc64. Everything inside a particular + architecture's directory deals with that architecture only and + the rest of the code is machine independent code common to all + platforms. Each supported architecture has a + conf subdirectory which contains the + GENERIC kernel configuration file for that + architecture. + Do not make edits to GENERIC. Instead, copy the file to a different name and make edits to the copy. The convention is to use a name with all capital letters. When maintaining multiple &os; machines with different hardware, it is a good idea to name it after the machine's hostname. This - example creates a copy, named MYKERNEL, of the - GENERIC configuration file for the + example creates a copy, named MYKERNEL, of + the GENERIC configuration file for the amd64 architecture: &prompt.root; cd /usr/src/sys/amd64/conf &prompt.root; cp GENERIC MYKERNEL - The configuration file - MYKERNEL can now be customized - with any ASCII text editor. The default editor is - vi, though an easier editor - for beginners, called ee, is also + The configuration file MYKERNEL can now + be customized with any ASCII text editor. The default editor is + vi, though an easier editor for + beginners, called ee, is also installed with &os;. - + kernel NOTES @@ -299,9 +297,10 @@ ath_hal(4) - Atheros Hardw ignored. To remove kernel support for a device or subsystem, put a # at the beginning of the line representing that device or subsystem. Do not add or remove a - # for any line that you do not understand. + # for any line that you do not + understand. - + It is easy to remove support for a device or option and end up with a broken kernel. For example, if the &man.ata.4; driver is removed from the kernel configuration file, a system @@ -309,8 +308,8 @@ ath_hal(4) - Atheros Hardw in doubt, just leave support in the kernel. - In addition to the brief descriptions provided in this file, additional - descriptions are contained in + In addition to the brief descriptions provided in this file, + additional descriptions are contained in NOTES, which can be found in the same directory as GENERIC for that architecture. For architecture independent options, refer to @@ -318,7 +317,8 @@ ath_hal(4) - Atheros Hardw When finished customizing the kernel configuration file, - save a backup copy to a location outside of /usr/src. + save a backup copy to a location outside of + /usr/src. Alternately, keep the kernel configuration file elsewhere and create a symbolic link to the file: @@ -332,10 +332,10 @@ ath_hal(4) - Atheros Hardw An include directive is available for use in configuration files. This allows another configuration file to be included in the current one, making it easy to maintain - small changes relative to an existing file. If - only a small number of additional options or drivers are - required, this allows a delta to be maintained with respect - to GENERIC, as seen in this example: + small changes relative to an existing file. If only a small + number of additional options or drivers are required, this + allows a delta to be maintained with respect to + GENERIC, as seen in this example: include GENERIC ident MYKERNEL @@ -346,17 +346,19 @@ options IPFIREWALL_DEFAULT_TO_AC options IPDIVERT Using this method, the local configuration file expresses - local differences from a GENERIC - kernel. As upgrades are performed, new features added to + local differences from a GENERIC kernel. + As upgrades are performed, new features added to GENERIC will also be added to the local kernel unless they are specifically prevented using - nooptions or nodevice. - A comprehensive list of configuration directives and their + nooptions or nodevice. A + comprehensive list of configuration directives and their descriptions may be found in &man.config.5;. To build a file which contains all available options, - run the following command as root: + run the following command as root: + &prompt.root; cd /usr/src/sys/arch/conf && make LINT @@ -461,9 +463,10 @@ options NFS_ROOT # NFS The &ms-dos; file system. Unless the system needs to mount a DOS formatted hard drive partition at boot time, comment this out. It will be automatically loaded the first time a DOS - partition is mounted. The emulators/mtools package allows - access to DOS floppies without having to mount and unmount - them and does not require MSDOSFS. + partition is mounted. The emulators/mtools + package allows access to DOS floppies without having to mount + and unmount them and does not require + MSDOSFS. options CD9660 # ISO 9660 Filesystem @@ -476,24 +479,26 @@ options NFS_ROOT # NFS options PROCFS # Process filesystem (requires PSEUDOFS) The process file system. This is a pretend - file system mounted on /proc which allows some programs - to provide more information on what processes are running. Use - of PROCFS is not required under most - circumstances, as most debugging and monitoring tools have been - adapted to run without PROCFS. The default - installation will not mount this file system by default. + file system mounted on /proc which allows + some programs to provide more information on what processes are + running. Use of PROCFS is not required under + most circumstances, as most debugging and monitoring tools have + been adapted to run without PROCFS. The + default installation will not mount this file system by + default. options PSEUDOFS # Pseudo-filesystem framework - Kernels making use of PROCFS must - also include support for PSEUDOFS. + Kernels making use of PROCFS must + also include support for PSEUDOFS. options GEOM_PART_GPT # GUID Partition Tables. - Adds support for GUID - Partition Tables (GPT). GPT - provides the ability to have a large number of partitions per - disk, 128 in the standard configuration. + Adds support for GUID + Partition Tables (GPT). GPT + provides the ability to have a large number of partitions per + disk, 128 in the standard configuration. options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!] @@ -995,7 +1000,8 @@ device loop # Network loopbac device tun # Packet tunnel. - This is used by the userland PPP software. See the PPP section of the Handbook for more + This is used by the userland PPP software. See the PPP section of the Handbook for more information. @@ -1076,7 +1082,7 @@ device fwe # Ethernet &os;, see /usr/src/sys/arch/conf/NOTES. --> - + - + Building and Installing a Custom Kernel Once the edits to the custom configuration file have been - saved, the source code for the - kernel can be compiled using the following steps: + saved, the source code for the kernel can be compiled using the + following steps: Building a Kernel - - kernel - building / installing - + + + kernel + building / installing + Change to this directory: @@ -1197,13 +1204,14 @@ device fwe # Ethernet Install the new kernel associated with the specified - kernel configuration file. This command will copy the new kernel to - /boot/kernel/kernel and save the old kernel - to /boot/kernel.old/kernel: + kernel configuration file. This command will copy the new + kernel to /boot/kernel/kernel and save + the old kernel to + /boot/kernel.old/kernel: &prompt.root; make installkernel KERNCONF=MYKERNEL - + Shutdown the system and reboot into the new kernel. If something goes wrong, refer to - By default, when a custom kernel is compiled, - all kernel modules are rebuilt. - To update a kernel faster or to build only custom modules, - edit /etc/make.conf before starting to - build the kernel. + By default, when a custom kernel is compiled, all kernel + modules are rebuilt. To update a kernel faster or to build + only custom modules, edit /etc/make.conf + before starting to build the kernel. - For example, this variable specifies the list of modules to build - instead of using the default of building all modules: + For example, this variable specifies the list of modules to + build instead of using the default of building all + modules: - MODULES_OVERRIDE = linux acpi ntfs + MODULES_OVERRIDE = linux acpi ntfs - Alternately, this variable lists which modules to - exclude from the build process: + Alternately, this variable lists which modules to exclude + from the build process: - WITHOUT_MODULES = linux acpi sound ntfs + WITHOUT_MODULES = linux acpi sound ntfs - Additional variables are available. - Refer to &man.make.conf.5; for details. + Additional variables are available. Refer to + &man.make.conf.5; for details. /boot/kernel.old - - If Something Goes Wrong + + If Something Goes Wrong - There are four categories of trouble that can occur when - building a custom kernel: + There are four categories of trouble that can occur when + building a custom kernel: - - - config fails + + + config fails - - If config fails, it will print the line - number that is incorrect. As an example, for - the following message, make sure that line 17 is typed correctly by - comparing it to - GENERIC or NOTES: + + If config fails, it will print the + line number that is incorrect. As an example, for the + following message, make sure that line 17 is typed + correctly by comparing it to GENERIC + or NOTES: config: line 17: syntax error @@ -1261,16 +1269,17 @@ device fwe # Ethernet If make fails, it is usually due to - an error in the kernel configuration file which is not severe - enough for config to catch. Review the - configuration, and if the problem is not apparent, - send an email to the &a.questions; which contains the - kernel configuration file. + an error in the kernel configuration file which is not + severe enough for config to catch. + Review the configuration, and if the problem is not + apparent, send an email to the &a.questions; which + contains the kernel configuration file. - The kernel does not boot + The kernel does not boot If the new kernel does not boot or fails to recognize @@ -1280,9 +1289,8 @@ device fwe # Ethernet loader. This can be accessed when the system boot menu appears by selecting the Escape to a loader prompt option. At the prompt, type - boot - kernel.old, or - the name of any other kernel that is known to boot properly. + boot kernel.old, or the name of any + other kernel that is known to boot properly. After booting with a good kernel, check over the configuration file and try to build it again. One helpful @@ -1293,19 +1301,17 @@ device fwe # Ethernet When troubleshooting a kernel, make sure to keep - a copy of GENERIC, or some other kernel that - is known to work, as a different name that will - not get erased on the next build. This is important - because every time - a new kernel is installed, kernel.old is - overwritten with the last installed kernel, which may or - may not be bootable. As soon as possible, move the - working kernel by renaming the directory - containing the good kernel: + a copy of GENERIC, or some other + kernel that is known to work, as a different name that + will not get erased on the next build. This is + important because every time a new kernel is installed, + kernel.old is overwritten with the + last installed kernel, which may or may not be bootable. + As soon as possible, move the working kernel by renaming + the directory containing the good kernel: &prompt.root; mv /boot/kernel /boot/kernel.bad &prompt.root; mv /boot/kernel.good /boot/kernel - @@ -1316,13 +1322,14 @@ device fwe # Ethernet If the kernel version differs from the one that the system utilities have been built with, for example, a - kernel built from -CURRENT sources is installed on a -RELEASE system, many system status commands - like &man.ps.1; and &man.vmstat.8; will not work. To fix - this, recompile and install a - world built with the same version of the - source tree as the kernel. It is - never a good idea to use a different version of the kernel - than the rest of the operating system. + kernel built from -CURRENT sources is installed on a + -RELEASE system, many system status commands like + &man.ps.1; and &man.vmstat.8; will not work. To fix this, + recompile and install a + world built with the same version of the source + tree as the kernel. It is never a good idea to use a + different version of the kernel than the rest of the + operating system. From owner-svn-doc-all@FreeBSD.ORG Wed Mar 19 19:45:48 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8BBB2B96; Wed, 19 Mar 2014 19:45:48 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 77B0C3DA; Wed, 19 Mar 2014 19:45:48 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2JJjmO0004796; Wed, 19 Mar 2014 19:45:48 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2JJjmsf004795; Wed, 19 Mar 2014 19:45:48 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403191945.s2JJjmsf004795@svn.freebsd.org> From: Glen Barber Date: Wed, 19 Mar 2014 19:45:48 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44290 - head/en_US.ISO8859-1/htdocs/internal X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2014 19:45:48 -0000 Author: gjb Date: Wed Mar 19 19:45:47 2014 New Revision: 44290 URL: http://svnweb.freebsd.org/changeset/doc/44290 Log: Syncronize with the Project-wide policy regarding idle commit bits. Submitted by: core-secretary Approved by: doceng (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/internal/doceng.xml Modified: head/en_US.ISO8859-1/htdocs/internal/doceng.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/internal/doceng.xml Wed Mar 19 17:14:08 2014 (r44289) +++ head/en_US.ISO8859-1/htdocs/internal/doceng.xml Wed Mar 19 19:45:47 2014 (r44290) @@ -81,11 +81,12 @@ and accounts@ CC'ed.

    Idle Doc Committers

    -Doc Committers that have not made a commit in 12 months will be +Doc Committers that have not made a commit in 18 months will be contacted by a doceng@ member and without a response after a delay of 2 weeks, these committers will be automatically removed from the access file. In case of no response, doceng@ will also contact core@ -about the idle committers. +about the idle committers. Committers that wish to get back their +commit bits will have to reapply with the appropriate authority. From owner-svn-doc-all@FreeBSD.ORG Wed Mar 19 23:15:51 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E525B45A; Wed, 19 Mar 2014 23:15:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id D0D06C1E; Wed, 19 Mar 2014 23:15:50 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2JNFod0090948; Wed, 19 Mar 2014 23:15:50 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2JNFoJq090947; Wed, 19 Mar 2014 23:15:50 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403192315.s2JNFoJq090947@svn.freebsd.org> From: Glen Barber Date: Wed, 19 Mar 2014 23:15:50 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44291 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2014 23:15:51 -0000 Author: gjb Date: Wed Mar 19 23:15:50 2014 New Revision: 44291 URL: http://svnweb.freebsd.org/changeset/doc/44291 Log: Add hyperv manual pages. Sponsored by: The FreeBSD Foundation Modified: head/share/xml/man-refs.ent Modified: head/share/xml/man-refs.ent ============================================================================== --- head/share/xml/man-refs.ent Wed Mar 19 19:45:47 2014 (r44290) +++ head/share/xml/man-refs.ent Wed Mar 19 23:15:50 2014 (r44291) @@ -3479,6 +3479,12 @@ hptiop4"> hptmv4"> hptrr4"> +hv_ata_pci_disengage4"> +hv_kvp4"> +hv_netvsc4"> +hv_storvsc4"> +hv_utils4"> +hv_vmbus4"> hwpmc4"> i4b4"> i4bcapi4"> @@ -4410,6 +4416,7 @@ hlfsd8"> hostapd8"> hostapd_cli8"> +hv_kvp_daemon8"> i2c8"> iasl8"> ibcs28"> From owner-svn-doc-all@FreeBSD.ORG Wed Mar 19 23:47:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 640CC694; Wed, 19 Mar 2014 23:47:12 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 46F7AEE6; Wed, 19 Mar 2014 23:47:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2JNlCkA003916; Wed, 19 Mar 2014 23:47:12 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2JNlCvn003915; Wed, 19 Mar 2014 23:47:12 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403192347.s2JNlCvn003915@svn.freebsd.org> From: Dru Lavigne Date: Wed, 19 Mar 2014 23:47:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44292 - head/en_US.ISO8859-1/books/handbook/linuxemu X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2014 23:47:12 -0000 Author: dru Date: Wed Mar 19 23:47:11 2014 New Revision: 44292 URL: http://svnweb.freebsd.org/changeset/doc/44292 Log: Start editorial review. More commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml Wed Mar 19 23:15:50 2014 (r44291) +++ head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml Wed Mar 19 23:47:11 2014 (r44292) @@ -51,19 +51,17 @@ Linux - &os; provides binary compatibility with &linux;, allowing - users to install and run &linux; binaries on a &os; system. - Many companies and developers develop only for &linux;, and - binary compatibility allows &os; users to run about 90% of all - &linux; applications without modification. This includes - productivity applications, games, and more. It has even been - reported that, in some situations, &linux; binaries perform + &os; provides 32-bit binary compatibility with &linux;, allowing + users to install and run most 32-bit &linux; binaries on a &os; system + without having to first modify the binary. It has even been + reported that, in some situations, 32-bit &linux; binaries perform better on &os; than they do on &linux;. However, some &linux;-specific operating system features are not supported under &os;. For example, &linux; binaries will not work on &os; if they overly use &i386; specific - calls, such as enabling virtual 8086 mode. + calls, such as enabling virtual 8086 mode. In addition, 64-bit + &linux; binaries are not supported at this time. After reading this chapter, you will know: @@ -101,51 +99,49 @@     - Installation + Configuring &linux; Binary Compatibility Ports Collection - &linux; libraries are not installed on &os; by default - and &linux; binary compatibility is not enabled by default. - &linux; libraries can be installed using the &os; Ports - Collection. Alternately, &linux; libraries can be installed - manually. - - Using the Ports Collection is by far the easiest way to - install &linux; libraries: + By default, &linux; libraries are not installed and + &linux; binary compatibility is not enabled. + &linux; libraries can either be installed manually or from the &os; Ports + Collection. + + The emulators/linux-base-f10 package or + port is the easiest way to + install a base set of &linux; libraries and binaries on + a &os; system. To install the port: &prompt.root; cd /usr/ports/emulators/linux_base-f10 &prompt.root; make install distclean - Once the port is installed, enable &linux; binary - compatibility by loading the linux module. - Type the following as - root: + Once installed, enable &linux; binary + compatibility by loading the linux module: &prompt.root; kldload linux - In order for &linux; compatibility to always be enabled at - boot time, add the following line to - /etc/rc.conf: - - linux_enable="YES" - - To verify that the module is loaded, use - &man.kldstat.8;: + To verify that the module is loaded: &prompt.user; kldstat Id Refs Address Size Name 1 2 0xc0100000 16bdb8 kernel 7 1 0xc24db000 d000 linux.ko + In order for &linux; compatibility to be enabled at + boot time, add the following line to + /etc/rc.conf: + + linux_enable="YES" + kernel options COMPAT_LINUX Users who prefer to statically link &linux; binary - compatibility into the kernel should add - options COMPAT_LINUX to the custom kernel + compatibility into a custom kernel should add + options COMPAT_LINUX to their custom kernel configuration file. Compile and install the new kernel as described in . From owner-svn-doc-all@FreeBSD.ORG Thu Mar 20 04:13:05 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A7A6B29B; Thu, 20 Mar 2014 04:13:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 951A6BBF; Thu, 20 Mar 2014 04:13:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2K4D5Z6015484; Thu, 20 Mar 2014 04:13:05 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2K4D5uX015483; Thu, 20 Mar 2014 04:13:05 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403200413.s2K4D5uX015483@svn.freebsd.org> From: Warren Block Date: Thu, 20 Mar 2014 04:13:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44293 - head/share/misc X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2014 04:13:05 -0000 Author: wblock Date: Thu Mar 20 04:13:05 2014 New Revision: 44293 URL: http://svnweb.freebsd.org/changeset/doc/44293 Log: Fix the display of line numbers in screen and programlisting elements. Later version of the patch supplied by Allan Jude . PR: docs/187733 Submitted by: Dru Lavigne Modified: head/share/misc/docbook.css Modified: head/share/misc/docbook.css ============================================================================== --- head/share/misc/docbook.css Wed Mar 19 23:47:11 2014 (r44292) +++ head/share/misc/docbook.css Thu Mar 20 04:13:05 2014 (r44293) @@ -272,7 +272,7 @@ html { background-color: #edc; border-style: solid; border-color: #EEB985; - border-width: 0 0 0 24px; + border-width: 0 0 0 2.5em; border-radius: 6px; counter-reset: code; } @@ -284,7 +284,7 @@ html { background-color: #eee; border-style: solid; border-color: #BABABA; - border-width: 0 0 0 24px; + border-width: 0 0 0 2.5em; border-radius: 6px; counter-reset: code; } @@ -292,18 +292,19 @@ html { span.verbatim { counter-increment: code; display: block; - padding: 0 13px 0 29px; + padding: 0 0.5em 0 3.75em; position: relative; - margin: 0 -8px 0 -24px; + margin: 0 -0.3em 0 -3.85em; overflow: hidden; } span.verbatim:before { - width: 24px; + width: 3em; text-align: right; - content: counter(code) " "; + content: counter(code); position: absolute; - left: -10px; + left: 0; + color: #404040; } @media screen { /* hide from IE3 */ From owner-svn-doc-all@FreeBSD.ORG Thu Mar 20 14:40:53 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3ED6FA8E; Thu, 20 Mar 2014 14:40:53 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 2AA3FD7D; Thu, 20 Mar 2014 14:40:53 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2KEerm7065756; Thu, 20 Mar 2014 14:40:53 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2KEercY065755; Thu, 20 Mar 2014 14:40:53 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403201440.s2KEercY065755@svn.freebsd.org> From: Dru Lavigne Date: Thu, 20 Mar 2014 14:40:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44294 - head/en_US.ISO8859-1/books/handbook/linuxemu X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2014 14:40:53 -0000 Author: dru Date: Thu Mar 20 14:40:52 2014 New Revision: 44294 URL: http://svnweb.freebsd.org/changeset/doc/44294 Log: Some more edits to Linux Emulation. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml Thu Mar 20 04:13:05 2014 (r44293) +++ head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml Thu Mar 20 14:40:52 2014 (r44294) @@ -146,52 +146,24 @@ Id Refs Address Size Name described in . - Installing Libraries Manually - - While using the Ports Collection is recommended, &linux; - libraries can be installed manually. The &linux; shared - libraries required by a program and the runtime linker should - be copied to /compat/linux. Any shared - libraries opened by &linux; programs run under &os; will look - in this directory first. For example, if a &linux; program - loads /lib/libc.so, &os; will first try - to open /compat/linux/lib/libc.so, and if - that does not exist, it will then try - /lib/libc.so. Shared libraries should be - installed to /compat/linux/lib rather - than to the paths that the &linux; ld.so - reports. - - Generally, one will need to look for the shared - libraries that &linux; binaries depend on only the first few - times that a &linux; program is installed on &os;. After a - while, there will be a sufficient set of &linux; shared - libraries on the system to be able to run newly imported - &linux; binaries without any extra work. - - - How to Install Additional Shared Libraries + Installing Additional Libraries Manually shared libraries - If the linux_base port is installed - and an application still complains about missing shared - libraries, there are two methods - root can use to - determine which shared libraries the &linux; binaries - need. - - If a &linux; system is available, determine which shared - libraries the application needs, and copy them to the &os; - system. - - - In this example, FTP was used to download the &linux; - binary of Doom on a &linux; - system . To check which shared libraries it needs, run - ldd linuxdoom: + If a &linux; + application complains about missing shared + libraries after configuring &linux; binary compatibility, + determine which shared libraries the &linux; binary + needs and install them manually. + + From a &linux; system, + ldd can be used to determine which shared + libraries the application needs. For example, to + check which shared libraries linuxdoom needs, run + this command from a &linux; system that has + Doom installed: &prompt.user; ldd linuxdoom libXt.so.3 (DLL Jump 3.1) => /usr/X11/lib/libXt.so.3.1.0 @@ -201,10 +173,10 @@ libc.so.4 (DLL Jump 4.5pl26) => /lib/ symbolic links - Copy all the files in the last column into + Then, copy all the files in the last column of the output from the &linux; system into /compat/linux on - the &os; system, with the names in the first column as - symbolic links pointing to them. This example will result + the &os; system. Once copied, create symbolic links to the names in the first column. + This example will result in the following files on the &os; system: /compat/linux/usr/X11/lib/libXt.so.3.1.0 @@ -214,8 +186,6 @@ libc.so.4 (DLL Jump 4.5pl26) => /lib/ /compat/linux/lib/libc.so.4.6.29 /compat/linux/lib/libc.so.4 -> libc.so.4.6.29 -
    - If a &linux; shared library already exists with a matching major revision number to the first column of the ldd output, it does not need to @@ -223,61 +193,53 @@ libc.so.4 (DLL Jump 4.5pl26) => /lib/ existing library should work. It is advisable to copy the shared library if it is a newer version, though. The old one can be removed, as long as the symbolic - link points to the new one. For example, these - libraries exist on the system: + link points to the new one. + + For example, these + libraries already exist on the &os; system: /compat/linux/lib/libc.so.4.6.27 /compat/linux/lib/libc.so.4 -> libc.so.4.6.27 - and a binary claims to require a later version - according to the output of - ldd: + and ldd indicates that a binary requires a later version: libc.so.4 (DLL Jump 4.5pl26) -> libc.so.4.6.29 - If it is only one or two versions out of date - in the trailing digit, do not worry about copying - /lib/libc.so.4.6.29, because - the program should work fine with the slightly older + Since the existing library is only one or two versions out of date + in the last digit, + the program should still work with the slightly older version. However, it is safe to replace the - libc.so: + existing libc.so with the newer version: /compat/linux/lib/libc.so.4.6.29 /compat/linux/lib/libc.so.4 -> libc.so.4.6.29 - -
    -
    - - The symbolic link mechanism is - only needed for &linux; binaries - as the &os; runtime linker takes care of looking for - matching major revision numbers. - -
    -     -     + Generally, one will need to look for the shared + libraries that &linux; binaries depend on only the first few + times that a &linux; program is installed on &os;. After a + while, there will be a sufficient set of &linux; shared + libraries on the system to be able to run newly installed + &linux; binaries without any extra work.     - Installing &linux; ELF Binaries + Installing &linux; <acronym>ELF</acronym> Binaries Linux ELF binaries - ELF binaries sometimes require an extra step of - branding. If an unbranded ELF binary is - executed, it will generate an error message like the - following: + ELF binaries sometimes require an extra step. + When an unbranded ELF binary is + executed, it will generate an error message: &prompt.user; ./my-linux-elf-binary ELF binary type not known Abort To help the &os; kernel distinguish between a &os; - ELF binary and a &linux; binary, use &man.brandelf.1;: + ELF binary and a &linux; binary, use &man.brandelf.1;: &prompt.user; brandelf -t Linux my-linux-elf-binary @@ -285,49 +247,44 @@ Abort GNU toolchain Since the GNU toolchain places the appropriate branding - information into ELF binaries automatically, this step is + information into ELF binaries automatically, this step is usually not necessary. - Installing a &linux; RPM Based Application + Installing a &linux; <acronym>RPM</acronym> Based Application - &os; uses its own package database to track all software - installed from the Ports Collection. However, the &linux; RPM - database is not supported. - - In order to install a &linux; RPM-based application, first + In order to install a &linux; RPM-based application, first install the archivers/rpm2cpio package or port. Once installed, root can use this - command to install a .rpm as - follows: + command to install a .rpm: &prompt.root; cd /compat/linux &prompt.root; rpm2cpio -q < /path/to/linux.archive.rpm | cpio -id If necessary, brandelf the installed - ELF binaries, but not the libraries. + ELF binaries. Note that this will prevent a clean uninstall. Configuring the Hostname Resolver - If DNS does not work or this error appears: + If DNS does not work or this error appears: resolv+: "bind" is an invalid keyword resolv+: "hosts" is an invalid keyword - Configure + configure /compat/linux/etc/host.conf as follows: order hosts, bind multi on - This order specifies that /etc/hosts - is searched first and DNS is searched second. When + This specifies that /etc/hosts + is searched first and DNS is searched second. When /compat/linux/etc/host.conf does not exist, &linux; applications use /etc/host.conf and complain about the From owner-svn-doc-all@FreeBSD.ORG Thu Mar 20 14:51:31 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D512CE82; Thu, 20 Mar 2014 14:51:31 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id B361BF15; Thu, 20 Mar 2014 14:51:31 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2KEpVks071862; Thu, 20 Mar 2014 14:51:31 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2KEpVnD071861; Thu, 20 Mar 2014 14:51:31 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403201451.s2KEpVnD071861@svn.freebsd.org> From: Dru Lavigne Date: Thu, 20 Mar 2014 14:51:31 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44295 - head/en_US.ISO8859-1/books/handbook/linuxemu X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2014 14:51:31 -0000 Author: dru Date: Thu Mar 20 14:51:31 2014 New Revision: 44295 URL: http://svnweb.freebsd.org/changeset/doc/44295 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml Thu Mar 20 14:40:52 2014 (r44294) +++ head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml Thu Mar 20 14:51:31 2014 (r44295) @@ -51,17 +51,17 @@ Linux - &os; provides 32-bit binary compatibility with &linux;, allowing - users to install and run most 32-bit &linux; binaries on a &os; system - without having to first modify the binary. It has even been - reported that, in some situations, 32-bit &linux; binaries perform - better on &os; than they do on &linux;. + &os; provides 32-bit binary compatibility with &linux;, + allowing users to install and run most 32-bit &linux; binaries + on a &os; system without having to first modify the binary. It + has even been reported that, in some situations, 32-bit &linux; + binaries perform better on &os; than they do on &linux;. However, some &linux;-specific operating system features are not supported under &os;. For example, &linux; binaries - will not work on &os; if they overly use &i386; specific - calls, such as enabling virtual 8086 mode. In addition, 64-bit - &linux; binaries are not supported at this time. + will not work on &os; if they overly use &i386; specific calls, + such as enabling virtual 8086 mode. In addition, 64-bit &linux; + binaries are not supported at this time. After reading this chapter, you will know: @@ -103,21 +103,21 @@ Ports Collection - By default, &linux; libraries are not installed and - &linux; binary compatibility is not enabled. - &linux; libraries can either be installed manually or from the &os; Ports + By default, &linux; libraries are not installed and &linux; + binary compatibility is not enabled. &linux; libraries can + either be installed manually or from the &os; Ports Collection. The emulators/linux-base-f10 package or - port is the easiest way to - install a base set of &linux; libraries and binaries on - a &os; system. To install the port: + port is the easiest way to install a base set of &linux; + libraries and binaries on a &os; system. To install the + port: &prompt.root; cd /usr/ports/emulators/linux_base-f10 &prompt.root; make install distclean - Once installed, enable &linux; binary - compatibility by loading the linux module: + Once installed, enable &linux; binary compatibility by + loading the linux module: &prompt.root; kldload linux @@ -128,8 +128,8 @@ Id Refs Address Size Name 1 2 0xc0100000 16bdb8 kernel 7 1 0xc24db000 d000 linux.ko - In order for &linux; compatibility to be enabled at - boot time, add the following line to + In order for &linux; compatibility to be enabled at boot + time, add the following line to /etc/rc.conf: linux_enable="YES" @@ -148,90 +148,92 @@ Id Refs Address Size Name Installing Additional Libraries Manually - - shared libraries - + + shared libraries + - If a &linux; - application complains about missing shared - libraries after configuring &linux; binary compatibility, - determine which shared libraries the &linux; binary - needs and install them manually. - - From a &linux; system, - ldd can be used to determine which shared - libraries the application needs. For example, to - check which shared libraries linuxdoom needs, run - this command from a &linux; system that has - Doom installed: + If a &linux; application complains about missing shared + libraries after configuring &linux; binary compatibility, + determine which shared libraries the &linux; binary needs and + install them manually. + + From a &linux; system, ldd can be used + to determine which shared libraries the application needs. + For example, to check which shared libraries + linuxdoom needs, run this command from a + &linux; system that has Doom + installed: - &prompt.user; ldd linuxdoom + &prompt.user; ldd linuxdoom libXt.so.3 (DLL Jump 3.1) => /usr/X11/lib/libXt.so.3.1.0 libX11.so.3 (DLL Jump 3.1) => /usr/X11/lib/libX11.so.3.1.0 libc.so.4 (DLL Jump 4.5pl26) => /lib/libc.so.4.6.29 - - symbolic links - - Then, copy all the files in the last column of the output from the &linux; system into - /compat/linux on - the &os; system. Once copied, create symbolic links to the names in the first column. - This example will result - in the following files on the &os; system: + + symbolic links + - /compat/linux/usr/X11/lib/libXt.so.3.1.0 + Then, copy all the files in the last column of the output + from the &linux; system into + /compat/linux on the &os; system. Once + copied, create symbolic links to the names in the first + column. This example will result in the following files on + the &os; system: + + /compat/linux/usr/X11/lib/libXt.so.3.1.0 /compat/linux/usr/X11/lib/libXt.so.3 -> libXt.so.3.1.0 /compat/linux/usr/X11/lib/libX11.so.3.1.0 /compat/linux/usr/X11/lib/libX11.so.3 -> libX11.so.3.1.0 /compat/linux/lib/libc.so.4.6.29 /compat/linux/lib/libc.so.4 -> libc.so.4.6.29 - If a &linux; shared library already exists with a - matching major revision number to the first column of - the ldd output, it does not need to - be copied to the file named in the last column, as the - existing library should work. It is advisable to copy - the shared library if it is a newer version, though. - The old one can be removed, as long as the symbolic - link points to the new one. + If a &linux; shared library already exists with a + matching major revision number to the first column of the + ldd output, it does not need to be copied + to the file named in the last column, as the existing library + should work. It is advisable to copy the shared library if it + is a newer version, though. The old one can be removed, as + long as the symbolic link points to the new one. - For example, these - libraries already exist on the &os; system: + For example, these libraries already exist on the &os; + system: - /compat/linux/lib/libc.so.4.6.27 + /compat/linux/lib/libc.so.4.6.27 /compat/linux/lib/libc.so.4 -> libc.so.4.6.27 - and ldd indicates that a binary requires a later version: + and ldd indicates that a binary + requires a later version: - libc.so.4 (DLL Jump 4.5pl26) -> libc.so.4.6.29 + libc.so.4 (DLL Jump 4.5pl26) -> libc.so.4.6.29 - Since the existing library is only one or two versions out of date - in the last digit, - the program should still work with the slightly older - version. However, it is safe to replace the - existing libc.so with the newer version: + Since the existing library is only one or two versions out + of date in the last digit, the program should still work with + the slightly older version. However, it is safe to replace + the existing libc.so with the newer + version: - /compat/linux/lib/libc.so.4.6.29 + /compat/linux/lib/libc.so.4.6.29 /compat/linux/lib/libc.so.4 -> libc.so.4.6.29 - Generally, one will need to look for the shared - libraries that &linux; binaries depend on only the first few - times that a &linux; program is installed on &os;. After a - while, there will be a sufficient set of &linux; shared - libraries on the system to be able to run newly installed - &linux; binaries without any extra work. + Generally, one will need to look for the shared libraries + that &linux; binaries depend on only the first few times that + a &linux; program is installed on &os;. After a while, there + will be a sufficient set of &linux; shared libraries on the + system to be able to run newly installed &linux; binaries + without any extra work. - Installing &linux; <acronym>ELF</acronym> Binaries + Installing &linux; <acronym>ELF</acronym> + Binaries Linux ELF binaries - ELF binaries sometimes require an extra step. - When an unbranded ELF binary is + ELF binaries sometimes require an extra + step. When an unbranded ELF binary is executed, it will generate an error message: &prompt.user; ./my-linux-elf-binary @@ -239,53 +241,57 @@ ELF binary type not known Abort To help the &os; kernel distinguish between a &os; - ELF binary and a &linux; binary, use &man.brandelf.1;: + ELF binary and a &linux; binary, use + &man.brandelf.1;: &prompt.user; brandelf -t Linux my-linux-elf-binary GNU toolchain + Since the GNU toolchain places the appropriate branding - information into ELF binaries automatically, this step is - usually not necessary. + information into ELF binaries + automatically, this step is usually not necessary. - Installing a &linux; <acronym>RPM</acronym> Based Application + Installing a &linux; <acronym>RPM</acronym> Based + Application - In order to install a &linux; RPM-based application, first - install the archivers/rpm2cpio package or - port. Once installed, - root can use this - command to install a .rpm: + In order to install a &linux; RPM-based + application, first install the + archivers/rpm2cpio package or port. Once + installed, root can + use this command to install a + .rpm: &prompt.root; cd /compat/linux &prompt.root; rpm2cpio -q < /path/to/linux.archive.rpm | cpio -id If necessary, brandelf the installed - ELF binaries. - Note that this will prevent a clean uninstall. + ELF binaries. Note that this will prevent + a clean uninstall. Configuring the Hostname Resolver - If DNS does not work or this error appears: + If DNS does not work or this error + appears: resolv+: "bind" is an invalid keyword resolv+: "hosts" is an invalid keyword - configure - /compat/linux/etc/host.conf as - follows: + configure /compat/linux/etc/host.conf + as follows: order hosts, bind multi on - This specifies that /etc/hosts - is searched first and DNS is searched second. When - /compat/linux/etc/host.conf does not + This specifies that /etc/hosts is + searched first and DNS is searched second. + When /compat/linux/etc/host.conf does not exist, &linux; applications use /etc/host.conf and complain about the incompatible &os; syntax. Remove bind if a From owner-svn-doc-all@FreeBSD.ORG Thu Mar 20 15:20:18 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4DFC9E8E; Thu, 20 Mar 2014 15:20:18 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 2F3592AF; Thu, 20 Mar 2014 15:20:18 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2KFKIwA081750; Thu, 20 Mar 2014 15:20:18 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2KFKHt9081748; Thu, 20 Mar 2014 15:20:17 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403201520.s2KFKHt9081748@svn.freebsd.org> From: Dru Lavigne Date: Thu, 20 Mar 2014 15:20:17 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44296 - in head/en_US.ISO8859-1/books/handbook: bsdinstall config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2014 15:20:18 -0000 Author: dru Date: Thu Mar 20 15:20:17 2014 New Revision: 44296 URL: http://svnweb.freebsd.org/changeset/doc/44296 Log: Incorporate 12.2 Initial Configuration - Partition Layout into 2.7 Allocating Disk Space. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml head/en_US.ISO8859-1/books/handbook/config/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Thu Mar 20 14:51:31 2014 (r44295) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Thu Mar 20 15:20:17 2014 (r44296) @@ -1232,6 +1232,104 @@ Trying to mount root from cd9660:/dev/is + This section describes what to consider when laying + out the disk partitions. It then demonstrates how to use both + the Guided Partitioning and Manual Partitioning screens. + + + Designing the Partition Layout + + partition layout + + /etc + + + /var + + + /usr + + + When laying out file systems, remember that hard drives transfer data + faster from the outer tracks to the inner. Thus, smaller + and heavier-accessed file systems should be closer to the + outside of the drive, while larger partitions like + /usr should be placed toward the inner + parts of the disk. It is a good idea to create partitions + in an order similar to: /, swap, + /var, and + /usr. + + The size of the /var partition + reflects the intended machine's usage. This partition is + used to hold mailboxes, log files, and printer spools. + Mailboxes and log files can grow to unexpected sizes + depending on the number of users and how long log files are + kept. On average, most users rarely need more than about a + gigabyte of free disk space in + /var. + + + Sometimes, a lot of disk space is required in + /var/tmp. When new software is + installed, the packaging tools + extract a temporary copy of the packages under + /var/tmp. Large software packages, + like Firefox, + OpenOffice or + LibreOffice may be tricky to + install if there is not enough disk space under + /var/tmp. + + + The /usr partition holds many of + the files which support the system, including the &os; Ports + Collection and system source code. At least 2 gigabytes is + recommended for this partition. + + When selecting partition sizes, keep the space + requirements in mind. Running out of space in one partition + while barely using another can be a hassle. + + + swap sizing + + + swap partition + + + As a rule of thumb, the swap partition should be about + double the size of physical memory (RAM). + Systems with minimal RAM may perform + better with more swap. Configuring too little swap can + lead to inefficiencies in the VM page + scanning code and might create issues later if more memory + is added. + + On larger systems with multiple SCSI + disks or multiple IDE disks operating + on different controllers, it is recommended that swap be + configured on each drive, up to four drives. The swap + partitions should be approximately the same size. The + kernel can handle arbitrary sizes but internal data + structures scale to 4 times the largest swap partition. + Keeping the swap partitions near the same size will allow + the kernel to optimally stripe swap space across disks. + Large swap sizes are fine, even if swap is not used much. + It might be easier to recover from a runaway program before + being forced to reboot. + + By properly partitioning a system, fragmentation + introduced in the smaller write heavy partitions will not + bleed over into the mostly read partitions. Keeping the + write loaded partitions closer to the disk's edge will + increase I/O performance in the partitions where it occurs + the most. While I/O performance in the larger partitions + may be needed, shifting them more toward the edge of the + disk will not lead to a significant performance improvement + over moving /var to the edge. + + Guided Partitioning Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/config/chapter.xml Thu Mar 20 14:51:31 2014 (r44295) +++ head/en_US.ISO8859-1/books/handbook/config/chapter.xml Thu Mar 20 15:20:17 2014 (r44296) @@ -61,11 +61,6 @@ - How to efficiently work with file systems and swap - partitions. - - - The basics of rc.conf configuration and /usr/local/etc/rc.d startup scripts. @@ -110,141 +105,6 @@     - - Initial Configuration - - - Partition Layout - - partition layout - - /etc - - - /var - - - /usr - - - - Base Partitions - - When laying out file systems with &man.bsdlabel.8; or - &man.sysinstall.8;, remember that hard drives transfer data - faster from the outer tracks to the inner. Thus, smaller - and heavier-accessed file systems should be closer to the - outside of the drive, while larger partitions like - /usr should be placed toward the inner - parts of the disk. It is a good idea to create partitions - in an order similar to: /, swap, - /var, and - /usr. - - The size of the /var partition - reflects the intended machine's usage. This partition is - used to hold mailboxes, log files, and printer spools. - Mailboxes and log files can grow to unexpected sizes - depending on the number of users and how long log files are - kept. On average, most users rarely need more than about a - gigabyte of free disk space in - /var. - - - Sometimes, a lot of disk space is required in - /var/tmp. When new software is - installed with &man.pkg.add.1;, the packaging tools - extract a temporary copy of the packages under - /var/tmp. Large software packages, - like Firefox, - OpenOffice or - LibreOffice may be tricky to - install if there is not enough disk space under - /var/tmp. - - - The /usr partition holds many of - the files which support the system, including the &os; Ports - Collection and system source code. At least 2 gigabytes is - recommended for this partition. - - When selecting partition sizes, keep the space - requirements in mind. Running out of space in one partition - while barely using another can be a hassle. - - - The Auto-defaults partition sizer - used by &man.sysinstall.8; will sometimes select smaller - than adequate /var and - / partitions. Partition wisely and - generously. - - - - - Swap Partition - - - swap sizing - - - swap partition - - - As a rule of thumb, the swap partition should be about - double the size of physical memory (RAM) - as the kernel's virtual memory (VM) - paging algorithms are tuned to perform best when the swap - partition is at least two times the size of main memory. - Systems with minimal RAM may perform - better with more swap. Configuring too little swap can - lead to inefficiencies in the VM page - scanning code and might create issues later if more memory - is added. - - On larger systems with multiple SCSI - disks or multiple IDE disks operating - on different controllers, it is recommended that swap be - configured on each drive, up to four drives. The swap - partitions should be approximately the same size. The - kernel can handle arbitrary sizes but internal data - structures scale to 4 times the largest swap partition. - Keeping the swap partitions near the same size will allow - the kernel to optimally stripe swap space across disks. - Large swap sizes are fine, even if swap is not used much. - It might be easier to recover from a runaway program before - being forced to reboot. - - - - Why Partition? - - Several users think a single large partition will be - fine, but there are several reasons why this is a bad idea. - First, each partition has different operational - characteristics and separating them allows the file system - to tune accordingly. For example, the root and - /usr partitions are read-mostly, with - few writes, while a lot of reads and writes could occur in - /var and - /var/tmp. - - By properly partitioning a system, fragmentation - introduced in the smaller write heavy partitions will not - bleed over into the mostly read partitions. Keeping the - write loaded partitions closer to the disk's edge will - increase I/O performance in the partitions where it occurs - the most. While I/O performance in the larger partitions - may be needed, shifting them more toward the edge of the - disk will not lead to a significant performance improvement - over moving /var to the edge. Finally, - there are safety concerns. A smaller, neater root partition - which is mostly read-only has a greater chance of surviving - a bad crash. - - - - Core Configuration From owner-svn-doc-all@FreeBSD.ORG Thu Mar 20 15:42:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 83561C39; Thu, 20 Mar 2014 15:42:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 550C76E9; Thu, 20 Mar 2014 15:42:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2KFgN94093362; Thu, 20 Mar 2014 15:42:23 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2KFgNV9093361; Thu, 20 Mar 2014 15:42:23 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201403201542.s2KFgNV9093361@svn.freebsd.org> From: Benedict Reuschling Date: Thu, 20 Mar 2014 15:42:23 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44297 - head/de_DE.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2014 15:42:23 -0000 Author: bcr Date: Thu Mar 20 15:42:22 2014 New Revision: 44297 URL: http://svnweb.freebsd.org/changeset/doc/44297 Log: Update to r43812: Add a short USB tethering description and the required kernel modules. Submitted by: Bjoern Heidotting Obtained from: The FreeBSD German Documentation Project Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Mar 20 15:20:17 2014 (r44296) +++ head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Mar 20 15:42:22 2014 (r44297) @@ -5,7 +5,7 @@ $FreeBSD$ $FreeBSDde:$ - basiert auf: r43731 + basiert auf: r43812 --> Weiterfhrende Netzwerkthemen @@ -31,13 +31,17 @@ + Wissen, wie man USB Tethering einrichtet. + + + &bluetooth;- sowie drahtlose, der Norm &ieee; 802.11 - entsprechende, Gerte mit FreeBSD verwenden + entsprechende, Gerte mit &os; verwenden knnen. - Eine Bridge unter FreeBSD einrichten knnen. + Eine Bridge unter &os; einrichten knnen. @@ -55,7 +59,7 @@ - IPv6 auf einem FreeBSD-Rechner einrichten + IPv6 auf einem &os;-Rechner einrichten knnen. @@ -83,7 +87,7 @@ - Einen neuen FreeBSD-Kernel konfigurieren und installieren + Einen neuen &os;-Kernel konfigurieren und installieren knnen (). @@ -184,7 +188,7 @@ host2.example.com link#1 Der nchste auffllige Punkt sind die mit 0:e0: beginnenden Adressen. Es handelt sich dabei um Ethernet Hardwareadressen, die auch als - MAC-Adressen bekannt sind. FreeBSD identifiziert Rechner im + MAC-Adressen bekannt sind. &os; identifiziert Rechner im lokalen Netz automatisch (im Beispiel test0) und fgt eine direkte Route zu diesem Rechner hinzu. Dies passiert ber die Ethernet-Schnittstelle @@ -202,7 +206,7 @@ host2.example.com link#1 Subnetz - FreeBSD fgt auerdem Subnetzrouten fr das + &os; fgt auerdem Subnetzrouten fr das lokale Subnetz hinzu (10.20.30.255 ist die Broadcast-Adresse fr das Subnetz 10.20.30, example.com ist der zu @@ -220,7 +224,7 @@ host2.example.com link#1 Die Zeile host1 bezieht sich auf unseren Rechner, der durch seine Ethernetadresse bekannt ist. - Da unser Rechner der Sender ist, verwendet FreeBSD automatisch + Da unser Rechner der Sender ist, verwendet &os; automatisch das Loopback-Gert (lo0), anstatt den Datenverkehr ber die Ethernetschnittstelle zu senden. @@ -519,7 +523,7 @@ host2.example.com link#1 Ein Netzwerkrouter ist einfach ein System, das Pakete von einer Schnittstelle zur anderen weiterleitet. Internetstandards und gute Ingenieurspraxis sorgten - dafr, dass diese Funktion in FreeBSD in der Voreinstellung + dafr, dass diese Funktion in &os; in der Voreinstellung deaktiviert ist. Sie knnen diese Funktion aktivieren, indem Sie in &man.rc.conf.5; folgende nderung durchfhren: @@ -539,7 +543,7 @@ host2.example.com link#1 Ihr neuer Router bentigt nun noch Routen, um zu wissen, wohin er den Verkehr senden soll. Haben Sie ein (sehr) einfaches Netzwerk, knnen Sie statische Routen - verwenden. FreeBSD verfgt ber den Standard + verwenden. &os; verfgt ber den Standard BSD-Routing-Daemon &man.routed.8;, der RIP (sowohl Version 1 als auch Version 2) und IRDP versteht. BGP v4, OSPF v2 und andere Protokolle werden von @@ -2131,7 +2135,7 @@ ifconfig_wlan0="inet 192.16 - Hostbasierender Access Point ohne Authentifizierung + <title>Hostbasierender Access Point ohne Authentifizierung oder Verschlsselung Obwohl es nicht empfohlen wird, einen AP ohne jegliche @@ -2487,6 +2491,31 @@ freebsdap 00:11:95:c3:0d:ac 1 + + USB Tethering + + tether + + Viele Mobiltelefone bieten die Mglichkeit, ihre + Datenverbindung ber USB (oft "Tethering" genannt) zu + teilen. Diese Funktion verwendet das + RNDIS oder + CDC-Protokoll. + + Bevor Sie ein Gert anschlieen, laden Sie den + entsprechenden Treiber in den Kernel: + + &prompt.root; kldload if_urndis +&prompt.root; kldload cdce + + Sobald das Gert angeschlossen ist, steht es Ihnen + unter ue0 + wie ein normales Netzwerkgert zur Verfgung. + Stellen Sie sicher, dass die Option + USB Tethering auf dem Gert + aktiviert ist. + + Bluetooth @@ -3161,7 +3190,7 @@ rfcomm_sppd[94692]: Starting on /dev/tty aufzuteilen, ohne gleich IP-Subnetze zu erzeugen, die ber einen Router miteinander verbunden sind. Ein Gert, das zwei Netze auf diese Weise verbindet, wird als - Bridge bezeichnet. Jedes FreeBSD-System + Bridge bezeichnet. Jedes &os;-System mit zwei Netzwerkkarten kann als Bridge fungieren. Die Bridge arbeitet, indem sie die MAC Layeradressen @@ -3983,7 +4012,7 @@ ifconfig_lagg0="laggproto failover laggp - Start und Betrieb von FreeBSD ber ein Netzwerk + Start und Betrieb von &os; ber ein Netzwerk Jean-FrançoisDockèsAktualisiert von @@ -4002,7 +4031,7 @@ ifconfig_lagg0="laggproto failover laggp plattenloser Betrieb - FreeBSD kann ber ein Netzwerk starten und arbeiten, ohne + &os; kann ber ein Netzwerk starten und arbeiten, ohne eine lokale Festplatte zu verwenden, indem es Dateisysteme eines NFS-Servers in den eigenen Verzeichnisbaum einhngt. Dazu sind, von den Standardkonfigurationsdateien @@ -4067,7 +4096,7 @@ ifconfig_lagg0="laggproto failover laggp knnen. Im folgenden Abschnitt wird die Installation eines kompletten Systems beschrieben, wobei der Schwerpunkt auf Einfachheit und Kompatibilitt zu den - Standardstartskripten von FreeBSD liegt. Das beschriebene + Standardstartskripten von &os; liegt. Das beschriebene System hat folgende Eigenschaften: @@ -4078,7 +4107,7 @@ ifconfig_lagg0="laggproto failover laggp schreibgeschtzt sind. Das root-Dateisystem ist eine Kopie - eines Standardwurzelverzeichnisses von FreeBSD + eines Standardwurzelverzeichnisses von &os; (blicherweise das des Servers), bei dem einige Konfigurationsdateien durch fr den plattenlosen Betrieb geeignete Versionen ersetzt wurden. @@ -4388,7 +4417,7 @@ margaux:ha=0123456789ab:tc=.def100Etherboot auf - einem FreeBSD-System einsetzen knnen. + einem &os;-System einsetzen knnen. Als Erstes mssen Sie net/etherboot als Paket @@ -4693,11 +4722,11 @@ cd /usr/src/etc; make distribution - Der Server luft nicht unter FreeBSD + Der Server luft nicht unter &os; Wenn das root-Dateisystem nicht auf einem - FreeBSD-Rechner liegt, muss das Dateisystem zuerst unter - FreeBSD erzeugt werden. Anschlieend wird es + &os;-Rechner liegt, muss das Dateisystem zuerst unter + &os; erzeugt werden. Anschlieend wird es beispielsweise mit tar oder cpio an den gewnschten Ort kopiert. @@ -4707,7 +4736,7 @@ cd /usr/src/etc; make distribution @@ -4768,7 +4797,7 @@ cd /usr/src/etc; make distributionKarten - Das ISDN-Subsystem von FreeBSD untersttzt den + Das ISDN-Subsystem von &os; untersttzt den DSS1/Q.931- (oder Euro-ISDN)-Standard nur fr passive Karten. Zustzlich werden aber auch einige aktive Karten untersttzt, bei denen die Firmware auch @@ -4789,11 +4818,11 @@ cd /usr/src/etc; make distribution - FreeBSD untersttzt eine stndig wachsende Anzahl + &os; untersttzt eine stndig wachsende Anzahl von PC-ISDN-Karten, die weltweit erfolgreich eingesetzt werden. - Von FreeBSD untersttzte passive ISDN-Karten enthalten + Von &os; untersttzte passive ISDN-Karten enthalten fast immer den ISAC/HSCX/IPAC ISDN-Chipsatz von Infineon (ehemals Siemens). Untersttzt werden aber auch Karten mit Cologne Chip (diese allerdings nur fr den ISA-Bus), @@ -4864,7 +4893,7 @@ cd /usr/src/etc; make distributionDer PPP-Daemon bestimmt die Stabilitt und Eigenschaften der Verbindung, wenn Sie einen Terminaladapter - verwenden. Daher knnen Sie unter FreeBSD einfach von + verwenden. Daher knnen Sie unter &os; einfach von einer Modemverbindung auf eine ISDN-Verbindung wechseln, wenn Sie PPP bereits konfiguriert haben. Allerdings bedeutet dies auch, das bereits bestehende Probleme mit PPP auch unter @@ -4874,7 +4903,7 @@ cd /usr/src/etc; make distributionPPP, und nicht das User-PPP. - Folgende Terminaladapter werden von FreeBSD + Folgende Terminaladapter werden von &os; untersttzt: @@ -4899,7 +4928,7 @@ cd /usr/src/etc; make distributionSie sollten sich die Anleitung fr die Nutzung serieller Gerte unter - FreeBSD ansehen, wenn Sie detaillierte Informationen + &os; ansehen, wenn Sie detaillierte Informationen ber serielle Gerte und die Unterschiede zwischen asynchronen und synchronen seriellen Ports bentigen. @@ -4921,7 +4950,7 @@ cd /usr/src/etc; make distributionEine synchrone Karte mit einem Terminaladapter ist mindestens so schnell wie ein autonomer ISDN-Router, - und, in Kombination mit einem einfachen 386-FreeBSD-System, + und, in Kombination mit einem einfachen 386-&os;-System, wahrscheinlich flexibler. Die Entscheidung zwischen synchroner Karte/Terminaladapter @@ -4942,7 +4971,7 @@ cd /usr/src/etc; make distribution ISDN-Bridges und Router sind keine Eigenheit von - FreeBSD oder eines anderen Betriebssystems. Fr eine + &os; oder eines anderen Betriebssystems. Fr eine vollstndigere Beschreibung von Routing und Netzwerkkopplungen mit einer Bridge informieren Sie sich bitte durch weiterfhrende Literatur. @@ -5103,7 +5132,7 @@ ISDN BRI Verbindung &man.natd.8;, der Network-Address-Translation-Daemon von - FreeBSD, akzeptiert ankommende Raw-IP-Pakete, ndert den + &os;, akzeptiert ankommende Raw-IP-Pakete, ndert den Sender der Daten in den eigenen Rechner und leitet diese Pakete in den ausgehenden IP-Paketstrom um, indem IP-Adresse und Port des Senders so gendert werden, dass bei einer Antwort der @@ -5133,7 +5162,7 @@ ISDN BRI Verbindung IP-Adresse an das Internet angebundener Rechner mehreren Rechnern eines lokalen Netzwerks Internetdienste anbieten. - Um dies zu ermglichen, muss der FreeBSD-Rechner als + Um dies zu ermglichen, muss der &os;-Rechner als Gateway fungieren. Dazu sind zwei Netzwerkkarten notwendig. Eine fr die Verbindung zum Internet, die zweite fr die Verbindung mit dem lokalen Netzwerk. Smtliche Rechner @@ -5709,9 +5738,9 @@ round-trip min/avg/max/stddev = 2.530/2. IP next generation bekannt) handelt es sich um die neueste Version des bekannten IP-Protokolls (das auch als IPv4 bezeichnet - wird). FreeBSD enthlt, genauso wie die anderen frei + wird). &os; enthlt, genauso wie die anderen frei erhltlichen BSD-Systeme, die IPv6-Referenzimplementation - von KAME. FreeBSD erfllt damit bereits + von KAME. &os; erfllt damit bereits alle fr die Nutzung von IPv6 ntigen Voraussetzungen. Dieser Abschnitt konzentriert sich daher auf die Konfiguration und den Betrieb von IPv6. From owner-svn-doc-all@FreeBSD.ORG Thu Mar 20 15:46:05 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 58916D99; Thu, 20 Mar 2014 15:46:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 44BAD75A; Thu, 20 Mar 2014 15:46:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2KFk5bL093928; Thu, 20 Mar 2014 15:46:05 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2KFk5Ks093927; Thu, 20 Mar 2014 15:46:05 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403201546.s2KFk5Ks093927@svn.freebsd.org> From: Dru Lavigne Date: Thu, 20 Mar 2014 15:46:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44298 - head/en_US.ISO8859-1/books/handbook/config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2014 15:46:05 -0000 Author: dru Date: Thu Mar 20 15:46:04 2014 New Revision: 44298 URL: http://svnweb.freebsd.org/changeset/doc/44298 Log: Incorporate Core Configuration as a sub-section of Using rc Under FreeBSD. Rename that section to Managing Services in FreeBSD and rename sub-section to Managing System-Specific Configuration. This revised section still needs an editorial review. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/config/chapter.xml Thu Mar 20 15:42:22 2014 (r44297) +++ head/en_US.ISO8859-1/books/handbook/config/chapter.xml Thu Mar 20 15:46:04 2014 (r44298) @@ -105,70 +105,6 @@ - - Core Configuration - - - rc files - rc.conf - - - The principal location for system configuration information - is /etc/rc.conf. This file contains a - wide range of configuration information and it is read at - system startup to configure the system. It provides the - configuration information for the rc* - files. - - The entries in /etc/rc.conf override - the default settings in - /etc/defaults/rc.conf. The file containing - the default settings should not be edited. Instead, all - system-specific changes should be made to - /etc/rc.conf. - - A number of strategies may be applied in clustered - applications to separate site-wide configuration from - system-specific configuration in order to keep administration - overhead down. The recommended approach is to place - system-specific configuration into - /etc/rc.conf.local. For example: - - - - /etc/rc.conf: - - sshd_enable="YES" -keyrate="fast" -defaultrouter="10.1.1.254" - - - - /etc/rc.conf.local: - - hostname="node1.example.org" -ifconfig_fxp0="inet 10.1.1.1/8" - - - - Distribute /etc/rc.conf to every - system using rsync or a similar program, - while /etc/rc.conf.local remains - unique. - - Upgrading the system using &man.sysinstall.8; or - make world will not overwrite - /etc/rc.conf, so system configuration - information will not be lost. - - - The configuration in /etc/rc.conf - is parsed by &man.sh.1;. This allows system operators to - create complex configuration scenarios. Refer to - &man.rc.conf.5; for further information on this topic. - - - Application Configuration @@ -499,7 +435,7 @@ PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin - Using &man.rc.8; Under &os; + Managing Services in &os; @@ -512,8 +448,8 @@ PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin - In 2002, &os; integrated the NetBSD &man.rc.8; system for - system initialization. The files listed in + &os; uses the &man.rc.8; system of startup scripts during + system initialization and for managing services. The scripts listed in /etc/rc.d provide basic services which can be controlled with the , , and @@ -651,6 +587,64 @@ sshd is running as pid 433. xlink:href="&url.articles.rc-scripting;">this article for instructions on how to create custom &man.rc.8; scripts. + + + Managing System-Specific Configuration + + + rc files + rc.conf + + + The principal location for system configuration information + is /etc/rc.conf. This file contains a + wide range of configuration information and it is read at + system startup to configure the system. It provides the + configuration information for the rc* + files. + + The entries in /etc/rc.conf override + the default settings in + /etc/defaults/rc.conf. The file containing + the default settings should not be edited. Instead, all + system-specific changes should be made to + /etc/rc.conf. + + A number of strategies may be applied in clustered + applications to separate site-wide configuration from + system-specific configuration in order to keep administration + overhead down. The recommended approach is to place + system-specific configuration into + /etc/rc.conf.local. For example, these + entries in /etc/rc.conf apply to all systems: + + sshd_enable="YES" +keyrate="fast" +defaultrouter="10.1.1.254" + + Whereas these systems in + /etc/rc.conf.local apply to this system + only: + + hostname="node1.example.org" +ifconfig_fxp0="inet 10.1.1.1/8" + + Distribute /etc/rc.conf to every + system using rsync or a similar program, + while /etc/rc.conf.local remains + unique. + + Upgrading the system will not overwrite + /etc/rc.conf, so system configuration + information will not be lost. + + + The configuration in /etc/rc.conf + is parsed by &man.sh.1;. This allows system operators to + create complex configuration scenarios. Refer to + &man.rc.conf.5; for further information on this topic. + + From owner-svn-doc-all@FreeBSD.ORG Thu Mar 20 15:55:59 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A4FCA48D; Thu, 20 Mar 2014 15:55:59 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 917D7887; Thu, 20 Mar 2014 15:55:59 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2KFtxWh098101; Thu, 20 Mar 2014 15:55:59 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2KFtx8Q098099; Thu, 20 Mar 2014 15:55:59 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403201555.s2KFtx8Q098099@svn.freebsd.org> From: Dru Lavigne Date: Thu, 20 Mar 2014 15:55:59 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44299 - in head/en_US.ISO8859-1/books/handbook: config ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2014 15:55:59 -0000 Author: dru Date: Thu Mar 20 15:55:58 2014 New Revision: 44299 URL: http://svnweb.freebsd.org/changeset/doc/44299 Log: Incorporate Application Configuration into 5.7 Post-Installation Considerations. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/config/chapter.xml Thu Mar 20 15:46:04 2014 (r44298) +++ head/en_US.ISO8859-1/books/handbook/config/chapter.xml Thu Mar 20 15:55:58 2014 (r44299) @@ -105,49 +105,6 @@ - - Application Configuration - - Typically, installed applications have their own - configuration files and syntax. It is important that these - files be kept separate from the base system, so that they may be - easily located and managed by the package management - tools. - - /usr/local/etc - - Typically, these files are installed in - /usr/local/etc. In the case where an - application has a large number of configuration files, a - subdirectory will be created to hold them. - - Normally, when a port or package is installed, sample - configuration files are also installed. These are usually - identified with a suffix such as .sample. - If there are no existing configuration files for the - application, they can be created by copying the sample - files. - - For example, consider the contents of the directory - /usr/local/etc/apache: - - -rw-r--r-- 1 root wheel 2184 May 20 1998 access.conf --rw-r--r-- 1 root wheel 2184 May 20 1998 access.conf.default --rw-r--r-- 1 root wheel 9555 May 20 1998 httpd.conf --rw-r--r-- 1 root wheel 9555 May 20 1998 httpd.conf.default --rw-r--r-- 1 root wheel 12205 May 20 1998 magic --rw-r--r-- 1 root wheel 12205 May 20 1998 magic.default --rw-r--r-- 1 root wheel 2700 May 20 1998 mime.types --rw-r--r-- 1 root wheel 2700 May 20 1998 mime.types.default --rw-r--r-- 1 root wheel 7980 May 20 1998 srm.conf --rw-r--r-- 1 root wheel 7933 May 20 1998 srm.conf.default - - The file sizes show that only srm.conf - has been changed. A later update of the - Apache port would not overwrite - this changed file. - - Starting Services Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Thu Mar 20 15:46:04 2014 (r44298) +++ head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Thu Mar 20 15:55:58 2014 (r44299) @@ -1711,8 +1711,14 @@ ports-mgmt/pkg Most applications install at least one default configuration file in /usr/local/etc. - The configuration files should be reviewed and possibly - edited to meet the system's needs. + In the case where an application has a large number of + configuration files, a subdirectory will be created to hold + them. Often, sample configuration files are installed which + end with a suffix such as .sample. The + configuration files should be reviewed and possibly + edited to meet the system's needs. To edit a sample file, + first copy it without the .sample + extension. From owner-svn-doc-all@FreeBSD.ORG Thu Mar 20 17:07:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 16AFEB02; Thu, 20 Mar 2014 17:07:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 02AEB15D; Thu, 20 Mar 2014 17:07:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2KH7Z1v026492; Thu, 20 Mar 2014 17:07:35 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2KH7ZuW026491; Thu, 20 Mar 2014 17:07:35 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403201707.s2KH7ZuW026491@svn.freebsd.org> From: Dru Lavigne Date: Thu, 20 Mar 2014 17:07:35 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44300 - head/en_US.ISO8859-1/books/handbook/boot X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2014 17:07:36 -0000 Author: dru Date: Thu Mar 20 17:07:35 2014 New Revision: 44300 URL: http://svnweb.freebsd.org/changeset/doc/44300 Log: Initial prep work for Booting Process chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/boot/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Thu Mar 20 15:55:58 2014 (r44299) +++ head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Thu Mar 20 17:07:35 2014 (r44300) @@ -153,14 +153,11 @@ have been configured to run on a &os; system at startup. - + The Boot Manager and Boot Stages Boot Manager - - The Boot Manager - Master Boot Record (MBR) @@ -236,11 +233,10 @@ label=FreeBSD run /sbin/lilo -v to commit the new changes. Verify these are correct by checking the screen messages. - - Stage One, <filename>/boot/boot1</filename>, and Stage - Two, <filename>/boot/boot2</filename> + Stage One and Stage + Two Conceptually, the first and second stages are part of the same program, on the same area of the disk. Because of space @@ -305,7 +301,7 @@ boot: - Stage Three, <filename>/boot/loader</filename> + Stage Three boot-loader @@ -318,9 +314,6 @@ boot: more powerful interpreter which has a more complex command set. - - Loader Program Flow - During initialization, the loader will probe for a console and for disks, and figure out which disk it is booting from. It will set variables accordingly, and an @@ -345,7 +338,6 @@ boot: prompt which understands the command set, where the user may adjust variables, unload all modules, load modules, and then finally boot or reboot. - Loader Built-In Commands @@ -545,10 +537,88 @@ boot: + + + + Kernel Interaction During Boot + + + kernel + boot interaction + + + Once the kernel is loaded by either the default loader + or by boot2, + which bypasses the loader, it + examines any boot flags and adjusts its behavior as + necessary. + + + kernel + bootflags + + + Here are the more common boot flags: + + + + + + + During kernel initialization, ask for the device + to mount as the root file system. + + + + + + + + Boot from CDROM. + + - + + + + + Run UserConfig, the boot-time kernel + configurator. + + + + + + + + Boot into single-user mode. + + + + + + + + Be more verbose during kernel startup. + + + + + + Refer to &man.boot.8; for more information on the other + boot flags. + + + + + + - Boot Time Splash Screens + Configuring Boot Time Splash Screens @@ -575,9 +645,6 @@ boot: and configure a graphical display manager and a graphical login manager. - - Splash Screen Function - The splash screen function supports 256-colors in the bitmap (.bmp), ZSoft PCX (.pcx), or @@ -622,10 +689,6 @@ boot: sysutils/bsd-splash-changer port, splash images can be chosen from a collection randomly at each boot. - - - - Enabling the Splash Screen Function The splash screen .bmp, .pcx, or .bin @@ -710,92 +773,9 @@ bitmap_name="/boot/splash.b For more information, refer to &man.splash.4;, &man.loader.conf.5;, and &man.vga.4;. - - - - Kernel Interaction During Boot - - - kernel - boot interaction - - - Once the kernel is loaded by either the default loader - () or by boot2 - (), which bypasses the loader, it - examines any boot flags and adjusts its behavior as - necessary. - - - Kernel Boot Flags - - - kernel - bootflags - - - Here are the more common boot flags: - - - - - - - During kernel initialization, ask for the device - to mount as the root file system. - - - - - - - - Boot from CDROM. - - - - - - - - Run UserConfig, the boot-time kernel - configurator. - - - - - - - - Boot into single-user mode. - - - - - - - - Be more verbose during kernel startup. - - - - - - Refer to &man.boot.8; for more information on the other - boot flags. - - - - - - Device Hints @@ -905,16 +885,12 @@ bitmap_name="/boot/splash.b in the init_path variable in loader. - - Automatic Reboot Sequence - - The automatic reboot sequence makes sure that the file + The boot sequence makes sure that the file systems available on the system are consistent. If they are not, and &man.fsck.8; cannot fix the inconsistencies of a UFS file system, &man.init.8; drops the system into single-user - mode () so that the system + mode so that the system administrator can resolve the problem directly. - Single-User Mode @@ -923,7 +899,7 @@ bitmap_name="/boot/splash.b console This mode can be reached through the automatic reboot - sequence (), the user booting + sequence, the user booting with , or by setting the boot_ single variable in &man.loader.8;. @@ -970,9 +946,6 @@ console none multi-user mode, in which it starts the resource configuration of the system. - - Resource Configuration - rc files The resource configuration system reads in @@ -988,7 +961,6 @@ console none To learn more about the resource configuration system, refer to &man.rc.8; and examine the scripts themselves. - From owner-svn-doc-all@FreeBSD.ORG Thu Mar 20 17:14:41 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6D40BF23; Thu, 20 Mar 2014 17:14:41 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 5758F219; Thu, 20 Mar 2014 17:14:41 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2KHEfQO030271; Thu, 20 Mar 2014 17:14:41 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2KHEfSb030270; Thu, 20 Mar 2014 17:14:41 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403201714.s2KHEfSb030270@svn.freebsd.org> From: Dru Lavigne Date: Thu, 20 Mar 2014 17:14:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44301 - head/en_US.ISO8859-1/books/handbook/config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2014 17:14:41 -0000 Author: dru Date: Thu Mar 20 17:14:40 2014 New Revision: 44301 URL: http://svnweb.freebsd.org/changeset/doc/44301 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/config/chapter.xml Thu Mar 20 17:07:35 2014 (r44300) +++ head/en_US.ISO8859-1/books/handbook/config/chapter.xml Thu Mar 20 17:14:40 2014 (r44301) @@ -406,13 +406,12 @@ PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin &os; uses the &man.rc.8; system of startup scripts during - system initialization and for managing services. The scripts listed in - /etc/rc.d provide basic - services which can be controlled with the - , , and - options to &man.service.8;. For - instance, &man.sshd.8; can be restarted with the following - command: + system initialization and for managing services. The scripts + listed in /etc/rc.d provide basic services + which can be controlled with the , + , and options to + &man.service.8;. For instance, &man.sshd.8; can be restarted + with the following command: &prompt.root; service sshd restart @@ -544,64 +543,66 @@ sshd is running as pid 433. xlink:href="&url.articles.rc-scripting;">this article for instructions on how to create custom &man.rc.8; scripts. - - - Managing System-Specific Configuration - - rc files - rc.conf - + + Managing System-Specific Configuration - The principal location for system configuration information - is /etc/rc.conf. This file contains a - wide range of configuration information and it is read at - system startup to configure the system. It provides the - configuration information for the rc* - files. - - The entries in /etc/rc.conf override - the default settings in - /etc/defaults/rc.conf. The file containing - the default settings should not be edited. Instead, all - system-specific changes should be made to - /etc/rc.conf. - - A number of strategies may be applied in clustered - applications to separate site-wide configuration from - system-specific configuration in order to keep administration - overhead down. The recommended approach is to place - system-specific configuration into - /etc/rc.conf.local. For example, these - entries in /etc/rc.conf apply to all systems: + + rc files + rc.conf + + + The principal location for system configuration + information is /etc/rc.conf. This file + contains a wide range of configuration information and it is + read at system startup to configure the system. It provides + the configuration information for the + rc* files. + + The entries in /etc/rc.conf override + the default settings in + /etc/defaults/rc.conf. The file + containing the default settings should not be edited. + Instead, all system-specific changes should be made to + /etc/rc.conf. + + A number of strategies may be applied in clustered + applications to separate site-wide configuration from + system-specific configuration in order to keep administration + overhead down. The recommended approach is to place + system-specific configuration into + /etc/rc.conf.local. For example, these + entries in /etc/rc.conf apply to all + systems: - sshd_enable="YES" + sshd_enable="YES" keyrate="fast" defaultrouter="10.1.1.254" - Whereas these systems in - /etc/rc.conf.local apply to this system - only: + Whereas these systems in + /etc/rc.conf.local apply to this system + only: - hostname="node1.example.org" + hostname="node1.example.org" ifconfig_fxp0="inet 10.1.1.1/8" - Distribute /etc/rc.conf to every - system using rsync or a similar program, - while /etc/rc.conf.local remains - unique. - - Upgrading the system will not overwrite - /etc/rc.conf, so system configuration - information will not be lost. - - - The configuration in /etc/rc.conf - is parsed by &man.sh.1;. This allows system operators to - create complex configuration scenarios. Refer to - &man.rc.conf.5; for further information on this topic. - - + Distribute /etc/rc.conf to every + system using rsync or a similar program, + while /etc/rc.conf.local remains + unique. + + Upgrading the system will not overwrite + /etc/rc.conf, so system configuration + information will not be lost. + + + The configuration in /etc/rc.conf + is parsed by &man.sh.1;. This allows system operators to + create complex configuration scenarios. Refer to + &man.rc.conf.5; for further information on this + topic. + + From owner-svn-doc-all@FreeBSD.ORG Thu Mar 20 19:05:41 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8BA48672; Thu, 20 Mar 2014 19:05:41 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 76A7720F; Thu, 20 Mar 2014 19:05:41 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2KJ5fZS075629; Thu, 20 Mar 2014 19:05:41 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2KJ5fDk075628; Thu, 20 Mar 2014 19:05:41 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403201905.s2KJ5fDk075628@svn.freebsd.org> From: Dru Lavigne Date: Thu, 20 Mar 2014 19:05:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44302 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2014 19:05:41 -0000 Author: dru Date: Thu Mar 20 19:05:40 2014 New Revision: 44302 URL: http://svnweb.freebsd.org/changeset/doc/44302 Log: Editorial review of first 1/2 of OPIE chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu Mar 20 17:14:40 2014 (r44301) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu Mar 20 19:05:40 2014 (r44302) @@ -620,75 +620,72 @@ Enter new password: By default, &os; includes support for One-time Passwords In - Everything (OPIE), which uses the MD5 hash by + Everything (OPIE). OPIE + is designed to prevent replay attacks, in which an attacker + discovers a user's password and uses it to access a system. + Since a password is only used once in OPIE, a + discovered password is of little use to an attacker. + OPIE uses a secure hash and a + challenge/response system to manage passwords. The &os; + implementation uses the MD5 hash by default. - There are three different types of passwords. The first is - the usual &unix; style or Kerberos password. The second is the - one-time password which is generated by &man.opiekey.1; and - accepted by &man.opiepasswd.1; and the login prompt. The final - type of password is the secret password used by - &man.opiekey.1;, and sometimes &man.opiepasswd.1;, to generate - one-time passwords. - - The secret password has nothing to do with the &unix; - password. They can be the same, but this is not recommended. - OPIE secret passwords are not limited to 8 - characters like old &unix; passwordsUnder &os; - the standard login password may be up to 128 characters in - length.. Passwords of six or seven word - long phrases are fairly common. For the most part, the - OPIE system operates completely independently - of the &unix; password system. + OPIE uses three different types of passwords. The first is + the usual &unix; or Kerberos password. The second is the + one-time password which is generated by opiekey. + The third + type of password is the secret password which is used + to generate + one-time passwords. The secret password has nothing to do with, + and should be different from, the &unix; + password. - Besides the password, there are two other pieces of data + There are two other pieces of data that are important to OPIE. One is the seed or key, consisting of two letters and five digits. The other is the iteration count, a number between 1 and 100. OPIE creates the one-time password by - concatenating the seed and the secret password, applying the MD5 + concatenating the seed and the secret password, applying the MD5 hash as many times as specified by the iteration count, and - turning the result into six short English words. These six - English words are the one-time password. The authentication - system (primarily PAM) keeps track of the last one-time password + turning the result into six short English words which represent + the one-time password. The authentication + system keeps track of the last one-time password used, and the user is authenticated if the hash of the user-provided password is equal to the previous password. Because a one-way hash is used, it is impossible to generate future one-time passwords if a successfully used password is captured. The iteration count is decremented after each successful login to keep the user and the login program in sync. - When the iteration count gets down to 1, + When the iteration count gets down to 1, OPIE must be reinitialized. There are a few programs involved in this process. - &man.opiekey.1; accepts an iteration count, a seed, and a secret - password, and generates a one-time password or a consecutive - list of one-time passwords. In addition to initializing + A one-time password, or a consecutive + list of one-time passwords, is generated by passing an iteration + count, a seed, and a secret + password to &man.opiekey.1;. In addition to initializing OPIE, &man.opiepasswd.1; is used to change - passwords, iteration counts, or seeds. It takes either a secret - passphrase, or an iteration count, seed, and a one-time - password. The relevant credential files in + passwords, iteration counts, or seeds. The relevant credential files in /etc/opiekeys are examined by &man.opieinfo.1; which prints out the invoking user's current iteration count and seed. - There are four different sorts of operations. The first is - to use &man.opiepasswd.1; over a secure connection to set up - one-time-passwords for the first time, or to change the password - or seed. The second operation is to use &man.opiepasswd.1; over - an insecure connection, in conjunction with &man.opiekey.1; over - a secure connection, to do the same. The third is to use - &man.opiekey.1; to log in over an insecure connection. The - fourth is to use &man.opiekey.1; to generate a number of keys - which can be written down or printed out to carry to insecure - locations in order to make a connection to anywhere. + This section describes four different sorts of operations. The first is + how to set up + one-time-passwords for the first time + over a secure connection. The second is how to use opiepasswd over + an insecure connection. The third is how to + log in over an insecure connection. The + fourth is how to generate a number of keys + which can be written down or printed out to use at insecure + locations. - Secure Connection Initialization + Initializing <acronym>OPIE</acronym> To initialize OPIE for the first time, - execute &man.opiepasswd.1;: + run this command from a secure location: &prompt.user; opiepasswd -c [grimreaper] ~ $ opiepasswd -f -c @@ -703,25 +700,38 @@ Again new secret pass phrase: ID unfurl OTP key is 499 to4268 MOS MALL GOAT ARM AVID COED - At the Enter new secret pass phrase: or - Enter secret password: prompt, enter a - password or phrase. This is not the login password as this - password is used to generate the one-time login keys. The - ID line gives the parameters of the instance: - the login name, iteration count, and seed. When logging in, + The sets console mode which assumes + that the command is being run from a secure location, such as + a computer under the user's control or a + SSH session to a computer under the user's + control. + + When prompted, enter the secret + password which will be + used to generate the one-time login keys. This password + should be difficult to guess and should be different than the + password which is associated with the user's login + account. It must be between 10 and 127 characters long. + Remember this password. + + The + ID line lists + the login name (unfurl), default iteration count + (499), and default seed + (to4268). When logging in, the system will remember these parameters and display them, meaning that they do not have to be memorized. The last line - gives the particular one-time password which corresponds to + lists the generated one-time password which corresponds to those parameters and the secret password. At the next login, - this one-time password is the one to use. + use this one-time password. Insecure Connection Initialization - To initialize or change the secret password over an - insecure connection, a secure connection is needed to some - place where &man.opiekey.1; can be run. This might be a shell + To initialize or change the secret password on an + insecure system, a secure connection is needed to some + place where opiekey can be run. This might be a shell prompt on a trusted machine. An iteration count is needed, where 100 is probably a good value, and the seed can either be specified or the randomly-generated one used. On the insecure From owner-svn-doc-all@FreeBSD.ORG Thu Mar 20 19:19:22 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C554CFA2; Thu, 20 Mar 2014 19:19:22 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id B29703D6; Thu, 20 Mar 2014 19:19:22 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2KJJMMo080117; Thu, 20 Mar 2014 19:19:22 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2KJJMkD080116; Thu, 20 Mar 2014 19:19:22 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403201919.s2KJJMkD080116@svn.freebsd.org> From: Glen Barber Date: Thu, 20 Mar 2014 19:19:22 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44303 - head/en_US.ISO8859-1/articles/committers-guide X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2014 19:19:22 -0000 Author: gjb Date: Thu Mar 20 19:19:22 2014 New Revision: 44303 URL: http://svnweb.freebsd.org/changeset/doc/44303 Log: Document the 'Relnotes:' commit template line. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/committers-guide/article.xml Thu Mar 20 19:05:40 2014 (r44302) +++ head/en_US.ISO8859-1/articles/committers-guide/article.xml Thu Mar 20 19:19:22 2014 (r44303) @@ -2486,6 +2486,12 @@ ControlPersist yes + Relnotes: + If the change is a candidate for inclusion in + the release notes for the next release from the branch, + set to yes. + + Security: If the change is related to a security vulnerability or security exposure, include one or more @@ -2589,7 +2595,8 @@ MFC after: 2 weeks +MFC after: 1 month +Relnotes: yes From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 13:26:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C2ED946C; Fri, 21 Mar 2014 13:26:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id ADBEE9AF; Fri, 21 Mar 2014 13:26:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LDQg5p020335; Fri, 21 Mar 2014 13:26:42 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LDQfml020329; Fri, 21 Mar 2014 13:26:41 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201403211326.s2LDQfml020329@svn.freebsd.org> From: Mathieu Arnold Date: Fri, 21 Mar 2014 13:26:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44305 - in head/en_US.ISO8859-1/books/porters-handbook: makefiles quick-porting slow-porting special X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 13:26:42 -0000 Author: mat (ports committer) Date: Fri Mar 21 13:26:41 2014 New Revision: 44305 URL: http://svnweb.freebsd.org/changeset/doc/44305 Log: Add xml:id to sect[123]. Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml head/en_US.ISO8859-1/books/porters-handbook/quick-porting/chapter.xml head/en_US.ISO8859-1/books/porters-handbook/slow-porting/chapter.xml head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Thu Mar 20 19:37:47 2014 (r44304) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Fri Mar 21 13:26:41 2014 (r44305) @@ -49,7 +49,7 @@ names the port, describes its version number, and lists it in the correct category. - + <varname>PORTNAME</varname> and <varname>PORTVERSION</varname> @@ -70,7 +70,7 @@ <varname>PORTREVISION</varname> and <varname>PORTEPOCH</varname> - + <varname>PORTREVISION</varname> The PORTREVISION variable is a @@ -176,7 +176,7 @@ PORTREVISION should be bumped. - + <varname>PORTEPOCH</varname> From time to time a software vendor or &os; porter will @@ -241,7 +241,7 @@ still a numerically greater value. - + Example of <varname>PORTREVISION</varname> and <varname>PORTEPOCH</varname> Usage @@ -602,7 +602,7 @@ PORTEPOCH= 1 Categorization - + <varname>CATEGORIES</varname> When a package is created, it is put under @@ -1480,7 +1480,7 @@ PORTEPOCH= 1 describes the files that must be downloaded in order to build the port, and where they can be downloaded from. - + <varname>DISTVERSION/DISTNAME</varname> DISTNAME is the name of the port as @@ -1570,7 +1570,7 @@ PORTEPOCH= 1 - + <varname>MASTER_SITES</varname> Record the directory part of the FTP/HTTP-URL pointing at @@ -1734,7 +1734,7 @@ MASTER_SITE_SUBDIR= stardict/WyabdcRealP - + <varname>EXTRACT_SUFX</varname> If you have one distribution file, and it uses an odd @@ -1764,7 +1764,7 @@ EXTRACT_SUFX= .tar.gzip - + <varname>DISTFILES</varname> Sometimes the names of the files to be downloaded have no @@ -1784,7 +1784,7 @@ EXTRACT_SUFX= .tar.gzip ${DISTNAME}${EXTRACT_SUFX}. - + <varname>EXTRACT_ONLY</varname> If only some of the DISTFILES must be @@ -1903,7 +1903,7 @@ EXTRACT_ONLY= source.tar.gz - + Simplified Information This section tells you how to quickly prepare fine @@ -1972,7 +1972,7 @@ DISTFILES= source1.tar.gz:source1 \ - + Detailed Information Okay, so the previous section example did not reflect @@ -2373,7 +2373,7 @@ PATCHFILES= patch1:test - + What Does Change for Ports? What Does Not? @@ -2494,7 +2494,7 @@ PATCHFILES= patch1:test - + <varname>DIST_SUBDIR</varname> Do not let your port clutter @@ -2525,7 +2525,7 @@ PATCHFILES= patch1:test - + <varname>ALWAYS_KEEP_DISTFILES</varname> If your port uses binary distfiles and has a license that @@ -2716,7 +2716,7 @@ ALWAYS_KEEP_DISTFILES= yes also some pre-supported dependency variables for common cases, plus a few more to control the behavior of dependencies. - + <varname>LIB_DEPENDS</varname> This variable specifies the shared libraries this port @@ -2743,7 +2743,7 @@ ALWAYS_KEEP_DISTFILES= yes system. - + <varname>RUN_DEPENDS</varname> This variable specifies executables or files this port @@ -2824,7 +2824,7 @@ ALWAYS_KEEP_DISTFILES= yes RUN_DEPENDS:= ${BUILD_DEPENDS} - + <varname>BUILD_DEPENDS</varname> This variable specifies executables or files this port @@ -2849,7 +2849,7 @@ ALWAYS_KEEP_DISTFILES= yes - + <varname>FETCH_DEPENDS</varname> This variable specifies executables or files this port @@ -2870,7 +2870,7 @@ ALWAYS_KEEP_DISTFILES= yes the same as DEPENDS_TARGET. - + <varname>EXTRACT_DEPENDS</varname> This variable specifies executables or files this port @@ -2900,7 +2900,7 @@ ALWAYS_KEEP_DISTFILES= yes - + <varname>PATCH_DEPENDS</varname> This variable specifies executables or files this port @@ -3029,7 +3029,7 @@ ALWAYS_KEEP_DISTFILES= yes Xfce. - + Minimal Version of a Dependency A minimal version of a dependency can be specified in any @@ -3045,7 +3045,7 @@ ALWAYS_KEEP_DISTFILES= yes p5-Spiffy-0.26 or newer is installed on the machine. - + Notes on Dependencies As mentioned above, the default target to call when a @@ -3080,7 +3080,7 @@ ALWAYS_KEEP_DISTFILES= yes and extract it. - + Circular Dependencies Are Fatal @@ -3100,7 +3100,7 @@ ALWAYS_KEEP_DISTFILES= yes a lot of grief in the process. - + Problems Caused by Automatic Dependencies Dependencies must be declared either explicitly or by @@ -3293,10 +3293,10 @@ MASTERDIR= ${.CURDIR}/../xdvi300 options properly will make users happy, and effectively provide two or more ports for the price of one. - + Knobs - + <varname>WITH_<replaceable>*</replaceable></varname> and <varname>WITHOUT_<replaceable>*</replaceable></varname> @@ -3360,7 +3360,7 @@ MASTERDIR= ${.CURDIR}/../xdvi300 - + Knob Naming Porters should use like-named knobs, both for the @@ -3382,10 +3382,10 @@ MASTERDIR= ${.CURDIR}/../xdvi300 - + <varname>OPTIONS</varname> - + Background The OPTIONS_* variables give the @@ -3415,7 +3415,7 @@ MASTERDIR= ${.CURDIR}/../xdvi300 to remove the saved configuration. - + Syntax OPTIONS_DEFINE contains a list of @@ -3574,7 +3574,7 @@ EXAMPLES_CONFIGURE_WITH= examples - + Default Options The following options are always on by default. @@ -3610,7 +3610,7 @@ EXAMPLES_CONFIGURE_WITH= examples - + Feature Auto-Activation When using a GNU configure script, keep an eye on which @@ -3660,13 +3660,13 @@ FOO_CONFIGURE_ENABLE= foo - + Options Helpers There are some macros to help simplify conditional values which differ based on the options set. - + OPTIONS_SUB If OPTIONS_SUB is set to @@ -3690,7 +3690,7 @@ PLIST_SUB+= OPT1="@comment " NO_OPT1="" .endif - + X_CONFIGURE_ENABLE If X_CONFIGURE_ENABLE is set then @@ -3715,7 +3715,7 @@ CONFIGURE_ARGS+= --disable-test .endif - + X_CONFIGURE_WITH If X_CONFIGURE_WITH is set then @@ -3741,7 +3741,7 @@ CONFIGURE_ARGS+= --without-test .endif - + X_CONFIGURE_ON If X_CONFIGURE_ON is set then its @@ -3763,7 +3763,7 @@ CONFIGURE_ARGS+= --add-test .endif - + X_CONFIGURE_OFF If X_CONFIGURE_OFF is set then its @@ -3785,7 +3785,7 @@ CONFIGURE_ARGS+= --no-test .endif - + X_CMAKE_ON If X_CMAKE_ON is set then its value @@ -3807,7 +3807,7 @@ CMAKE_ARGS+= -DTEST:BOOL=true .endif - + X_CMAKE_OFF If X_CMAKE_OFF is set then its value @@ -3829,7 +3829,7 @@ CMAKE_ARGS+= -DTEST:BOOL=false .endif - + Dependencies For any of the following dependency type: @@ -3910,7 +3910,7 @@ LIB_DEPENDS+= liba.so:${PORTSDIR}/devel/ - + Generic Variables Replacement For any of the following variables: @@ -4070,7 +4070,7 @@ PORTVERSION= 1.0 There are a number of variables you can override if that is not the case. - + <varname>WRKSRC</varname> The variable lists the name of the directory that is @@ -4086,7 +4086,7 @@ PORTVERSION= 1.0 WRKSRC= ${WRKDIR}/${PORTNAME} - + <varname>NO_WRKSUBDIR</varname> If the port does not extract in to a subdirectory at all @@ -4116,7 +4116,7 @@ PORTVERSION= 1.0 those other ports for a few months to cater for users who only update once in a while. - + <varname>CONFLICTS_INSTALL</varname> If your package cannot coexist with other packages @@ -4133,7 +4133,7 @@ PORTVERSION= 1.0 stage and prior to the install stage. - + <varname>CONFLICTS_BUILD</varname> If your port cannot be built if a certain port is already @@ -4146,7 +4146,7 @@ PORTVERSION= 1.0 conflicts are not recorded in the resulting package. - + <varname>CONFLICTS</varname> If your port cannot be built if a certain port is already Modified: head/en_US.ISO8859-1/books/porters-handbook/quick-porting/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/quick-porting/chapter.xml Thu Mar 20 19:37:47 2014 (r44304) +++ head/en_US.ISO8859-1/books/porters-handbook/quick-porting/chapter.xml Fri Mar 21 13:26:41 2014 (r44305) @@ -84,7 +84,7 @@ COMMENT= Cat chasing a mouse all over th pkg- prefix distinguishes them from other files. - + <filename>pkg-descr</filename> This is a longer description of the port. One to a few @@ -135,7 +135,7 @@ the screen. WWW: http://www.oneko.org/ - + <filename>pkg-plist</filename> This file lists all the files installed by the port. It Modified: head/en_US.ISO8859-1/books/porters-handbook/slow-porting/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/slow-porting/chapter.xml Thu Mar 20 19:37:47 2014 (r44304) +++ head/en_US.ISO8859-1/books/porters-handbook/slow-porting/chapter.xml Fri Mar 21 13:26:41 2014 (r44305) @@ -264,7 +264,7 @@ &prompt.user; cp file file.orig - + Automatic Patch Generation When all the files have been modified, use make @@ -274,7 +274,7 @@ - + Manual Patch Generation Patches are saved into files named @@ -348,7 +348,7 @@ - + General Rules for Patching Try to minimize the amount of non-functional whitespace @@ -368,7 +368,7 @@ - + Simple Automatic Replacements Simple replacements can be performed directly from the Modified: head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Thu Mar 20 19:37:47 2014 (r44304) +++ head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Fri Mar 21 13:26:41 2014 (r44305) @@ -167,7 +167,7 @@ In situations like this, the variables described in the following sections can be set. - + <varname>NO_PACKAGE</varname> This variable indicates that we may not generate a @@ -193,7 +193,7 @@ generated. - + <varname>NO_CDROM</varname> This variable alone indicates that, although we are @@ -215,7 +215,7 @@ only. - + <varname>NOFETCHFILES</varname> Files defined in the NOFETCHFILES @@ -228,7 +228,7 @@ files and not report about them. - + <varname>RESTRICTED</varname> Set this variable alone if the application's license @@ -250,7 +250,7 @@ EULA. - + <varname>RESTRICTED_FILES</varname> When RESTRICTED or @@ -261,7 +261,7 @@ - + <varname>LEGAL_TEXT</varname> If the port has legal concerns not addressed by the @@ -272,7 +272,7 @@ so. - + <filename>/usr/ports/LEGAL</filename> and <varname>LEGAL</varname> @@ -284,7 +284,7 @@ make -VLEGAL. - + Examples The preferred way to state "the distfiles for this port @@ -785,7 +785,7 @@ CMAKE_SOURCE_PATH= ${WRKSRC}/subp Using GNU <literal>gettext</literal> - + Basic Usage If your port requires gettext, set @@ -816,7 +816,7 @@ LDFLAGS+= -L${LOCALBASE}/lib GNU_CONFIGURE= yes - + Optional Usage Some software products allow for disabling NLS, e.g., @@ -882,7 +882,7 @@ PLIST_SUB+= NLS="@comment " generation. - + Handling Message Catalog Directories There is a point to note about installing message @@ -1156,7 +1156,7 @@ USE_XORG= x11 xpm in front. - + X11 Fonts If your port installs fonts for the X Window System, put @@ -1164,7 +1164,7 @@ USE_XORG= x11 xpm LOCALBASE/lib/X11/fonts/local. - + Getting a Fake <envar>DISPLAY</envar> with Xvfb Some applications require a working X11 display for @@ -1198,7 +1198,7 @@ USE_XORG= x11 xpm encouraged for applications which can be used in a desktop environment. - + Using Predefined <filename>.desktop</filename> Files @@ -2280,7 +2280,7 @@ do-install: Similarly, there is a defined policy regarding the CATEGORIES of a Java port, which is - detailed in . + detailed in . @@ -2517,7 +2517,7 @@ do-install: - + PEAR Modules Porting PEAR modules is a very simple process. @@ -4655,7 +4655,7 @@ run_rc_command "$1" _enable variable is not optional, and should use the ":" for the default. - + Pre-Commit Checklist Before contributing a port with an From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 13:29:17 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C9C25746; Fri, 21 Mar 2014 13:29:17 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id B63279EF; Fri, 21 Mar 2014 13:29:17 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LDTHE9020721; Fri, 21 Mar 2014 13:29:17 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LDTHeG020720; Fri, 21 Mar 2014 13:29:17 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201403211329.s2LDTHeG020720@svn.freebsd.org> From: Mathieu Arnold Date: Fri, 21 Mar 2014 13:29:17 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44306 - head/en_US.ISO8859-1/books/porters-handbook/special X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 13:29:17 -0000 Author: mat (ports committer) Date: Fri Mar 21 13:29:17 2014 New Revision: 44306 URL: http://svnweb.freebsd.org/changeset/doc/44306 Log: Fix xref. Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Fri Mar 21 13:26:41 2014 (r44305) +++ head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Fri Mar 21 13:29:17 2014 (r44306) @@ -2280,7 +2280,7 @@ do-install: Similarly, there is a defined policy regarding the CATEGORIES of a Java port, which is - detailed in . + detailed in . From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 13:44:51 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3E92DD5F; Fri, 21 Mar 2014 13:44:51 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 1EC49BA2; Fri, 21 Mar 2014 13:44:51 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LDioIU028318; Fri, 21 Mar 2014 13:44:50 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LDiocl028316; Fri, 21 Mar 2014 13:44:50 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201403211344.s2LDiocl028316@svn.freebsd.org> From: Mathieu Arnold Date: Fri, 21 Mar 2014 13:44:50 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44307 - in head/en_US.ISO8859-1/books/porters-handbook: makefiles special X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 13:44:51 -0000 Author: mat (ports committer) Date: Fri Mar 21 13:44:50 2014 New Revision: 44307 URL: http://svnweb.freebsd.org/changeset/doc/44307 Log: Add some missing inside some . Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Fri Mar 21 13:29:17 2014 (r44306) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Fri Mar 21 13:44:50 2014 (r44307) @@ -3667,7 +3667,7 @@ FOO_CONFIGURE_ENABLE= foo</programlistin which differ based on the options set.</para> <sect3 xml:id="options_sub"> - <title>OPTIONS_SUB + <varname>OPTIONS_SUB</varname> If OPTIONS_SUB is set to yes then each of the options added to @@ -3691,7 +3691,7 @@ PLIST_SUB+= OPT1="@comment " NO_OPT1="" - X_CONFIGURE_ENABLE + <varname><replaceable>X</replaceable>_CONFIGURE_ENABLE</varname> If X_CONFIGURE_ENABLE is set then --enable-${X_CONFIGURE_ENABLE} or @@ -3716,7 +3716,7 @@ CONFIGURE_ARGS+= --disable-test - X_CONFIGURE_WITH + <varname><replaceable>X</replaceable>_CONFIGURE_WITH</varname> If X_CONFIGURE_WITH is set then --with-${X_CONFIGURE_WITH} or @@ -3742,7 +3742,7 @@ CONFIGURE_ARGS+= --without-test - X_CONFIGURE_ON + <varname><replaceable>X</replaceable>_CONFIGURE_ON</varname> If X_CONFIGURE_ON is set then its value will be appended to CONFIGURE_ARGS @@ -3764,7 +3764,7 @@ CONFIGURE_ARGS+= --add-test - X_CONFIGURE_OFF + <varname><replaceable>X</replaceable>_CONFIGURE_OFF</varname> If X_CONFIGURE_OFF is set then its value will be appended to CONFIGURE_ARGS @@ -3786,7 +3786,7 @@ CONFIGURE_ARGS+= --no-test - X_CMAKE_ON + <varname><replaceable>X</replaceable>_CMAKE_ON</varname> If X_CMAKE_ON is set then its value will be appended to CMAKE_ARGS depending @@ -3808,7 +3808,7 @@ CMAKE_ARGS+= -DTEST:BOOL=true - X_CMAKE_OFF + <varname><replaceable>X</replaceable>_CMAKE_OFF</varname> If X_CMAKE_OFF is set then its value will be appended to CMAKE_ARGS depending @@ -3865,7 +3865,7 @@ CMAKE_ARGS+= -DTEST:BOOL=false - X_ABOVEVARIABLE + <varname><replaceable>X</replaceable>_<replaceable>ABOVEVARIABLE</replaceable></varname> If X_ABOVEVARIABLE is defined then its value will be appended to @@ -3888,7 +3888,7 @@ LIB_DEPENDS+= liba.so:${PORTSDIR}/devel/ - X_ABOVEVARIABLE_OFF + <varname><replaceable>X</replaceable>_<replaceable>ABOVEVARIABLE</replaceable>_OFF</varname> If X_ABOVEVARIABLE_OFF is set then a dependency of type ABOVEVARIABLE will @@ -4002,7 +4002,7 @@ LIB_DEPENDS+= liba.so:${PORTSDIR}/devel/ - X_ABOVEVARIABLE + <varname><replaceable>X</replaceable>_<replaceable>ABOVEVARIABLE</replaceable></varname> If X_ABOVEVARIABLE is defined then its value will be appended to @@ -4026,7 +4026,7 @@ CFLAGS+= -DTEST - X_ABOVEVARIABLE_OFF + <varname><replaceable>X</replaceable>_<replaceable>ABOVEVARIABLE</replaceable>_OFF</varname> If X_ABOVEVARIABLE_OFF is set then a flag ABOVEVARIABLE will be Modified: head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Fri Mar 21 13:29:17 2014 (r44306) +++ head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Fri Mar 21 13:44:50 2014 (r44307) @@ -1075,7 +1075,7 @@ PLIST_SUB+= NLS="@comment " glu. - USE_XORG Example + <varname>USE_XORG</varname> Example USE_XORG= xrender xft xkbfile xt xaw USE_GL= glu From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 14:15:52 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BDA4BD40; Fri, 21 Mar 2014 14:15:52 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id A71CDEE7; Fri, 21 Mar 2014 14:15:52 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LEFqfr040636; Fri, 21 Mar 2014 14:15:52 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LEFqPX040635; Fri, 21 Mar 2014 14:15:52 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201403211415.s2LEFqPX040635@svn.freebsd.org> From: Mathieu Arnold Date: Fri, 21 Mar 2014 14:15:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44308 - head/en_US.ISO8859-1/books/porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 14:15:52 -0000 Author: mat (ports committer) Date: Fri Mar 21 14:15:52 2014 New Revision: 44308 URL: http://svnweb.freebsd.org/changeset/doc/44308 Log: Replaces abuses of by . Add where applicable. Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Fri Mar 21 13:44:50 2014 (r44307) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Fri Mar 21 14:15:52 2014 (r44308) @@ -1492,7 +1492,7 @@ PORTEPOCH= 1 only if necessary. DISTNAME is only used in two places. First, the distribution file list (DISTFILES) defaults to - ${DISTNAME}${EXTRACT_SUFX}. + ${DISTNAME}${EXTRACT_SUFX}. Second, the distribution file is expected to extract into a subdirectory named WRKSRC, which defaults to work/${DISTNAME}. @@ -1561,7 +1561,7 @@ PORTEPOCH= 1 WRKSRC is equal to work/${DISTNAME} while the original source archive is named something other than - ${PORTNAME}-${PORTVERSION}${EXTRACT_SUFX}, + ${PORTNAME}-${PORTVERSION}${EXTRACT_SUFX}, you should probably leave DISTNAME alone— you are better off defining DISTFILES than having to set both @@ -1642,92 +1642,92 @@ MASTER_SITE_SUBDIR= stardict/WyabdcRealP APACHE_JAKARTA - /dist/jakarta/${PORTNAME:S,-,,/,}/source + /dist/jakarta/${PORTNAME:S,-,,/,}/source BERLIOS - /${PORTNAME:L} + /${PORTNAME:L} CHEESESHOP - /packages/source/source/${DISTNAME:C/(.).*/\1/}/${DISTNAME:C/(.*)-[0-9].*/\1/} + /packages/source/source/${DISTNAME:C/(.).*/\1/}/${DISTNAME:C/(.*)-[0-9].*/\1/} DEBIAN - /debian/pool/main/${PORTNAME:C/^((lib)?.).*$/\1/}/${PORTNAME} + /debian/pool/main/${PORTNAME:C/^((lib)?.).*$/\1/}/${PORTNAME} GCC - /pub/gcc/releases/${DISTNAME} + /pub/gcc/releases/${DISTNAME} GH - /${GH_ACCOUNT}/${GH_PROJECT}/legacy.tar.gz/${GH_TAGNAME}?dummy=/ + /${GH_ACCOUNT}/${GH_PROJECT}/legacy.tar.gz/${GH_TAGNAME}?dummy=/ GHC - /downloads/${GH_ACCOUNT}/${GH_PROJECT}/ + /downloads/${GH_ACCOUNT}/${GH_PROJECT}/ GNOME - /pub/GNOME/sources/${PORTNAME}/${PORTVERSION:C/^([0-9]+\.[0-9]+).*/\1/} + /pub/GNOME/sources/${PORTNAME}/${PORTVERSION:C/^([0-9]+\.[0-9]+).*/\1/} GNU - /gnu/${PORTNAME} + /gnu/${PORTNAME} HORDE - /pub/${PORTNAME} + /pub/${PORTNAME} LOGILAB - /pub/${PORTNAME} + /pub/${PORTNAME} MATE - /releases/${PORTVERSION:C/^([0-9]+\.[0-9]+).*/\1/} + /releases/${PORTVERSION:C/^([0-9]+\.[0-9]+).*/\1/} MOZDEV - /pub/mozdev/${PORTNAME:L} + /pub/mozdev/${PORTNAME:L} CPAN - /pub/CPAN/modules/by-module/${PORTNAME:C/-.*//} + /pub/CPAN/modules/by-module/${PORTNAME:C/-.*//} PYTHON - /ftp/python/${PYTHON_PORTVERSION:C/rc[0-9]//} + /ftp/python/${PYTHON_PORTVERSION:C/rc[0-9]//} RUBYFORGE - /${PORTNAME:L} + /${PORTNAME:L} SAVANNAH - /${PORTNAME:L} + /${PORTNAME:L} SF - /project/${PORTNAME:L}/${PORTNAME:L}/${PORTVERSION} + /project/${PORTNAME:L}/${PORTNAME:L}/${PORTVERSION} @@ -2350,13 +2350,15 @@ DISTFILES= something.tar.gz:sourceforge< - How do I use this with PATCH* + How do I use this with + PATCH* variables? All examples were done with - MASTER* variables but they work - exactly the same for PATCH* ones as - can be seen in MASTER* + variables but they work exactly the same for + PATCH* + ones as can be seen in . Minimal Version of a Dependency A minimal version of a dependency can be specified in any - *_DEPENDS variable except - LIB_DEPENDS using the following - syntax: + *_DEPENDS + variable except LIB_DEPENDS using the + following syntax: p5-Spiffy>=0.26:${PORTSDIR}/devel/p5-Spiffy @@ -3055,7 +3057,8 @@ ALWAYS_KEEP_DISTFILES= yes never defined in a port's Makefile. If your port needs a special way to handle a dependency, use the :target part of the - *_DEPENDS variables instead of redefining + *_DEPENDS + variables instead of redefining DEPENDS_TARGET. When you type make clean, its @@ -3067,7 +3070,7 @@ ALWAYS_KEEP_DISTFILES= yes KDE, GNOME or Mozilla. To depend on another port unconditionally, use the - variable ${NONEXISTENT} as the first field + variable ${NONEXISTENT} as the first field of BUILD_DEPENDS or RUN_DEPENDS. Use this only when you need to get the source of the other port. You can often save @@ -3693,11 +3696,16 @@ PLIST_SUB+= OPT1="@comment " NO_OPT1="" <varname><replaceable>X</replaceable>_CONFIGURE_ENABLE</varname> - If X_CONFIGURE_ENABLE is set then - --enable-${X_CONFIGURE_ENABLE} or - --disable-${X_CONFIGURE_ENABLE} will be - added to CONFIGURE_ARGS depending on the - value of the optionX, for example: + If + X_CONFIGURE_ENABLE + is set then + --enable-${X_CONFIGURE_ENABLE} + or + --disable-${X_CONFIGURE_ENABLE} + will be added to CONFIGURE_ARGS depending + on the value of the + option X, for + example: OPTIONS_DEFINE= OPT1 OPT1_CONFIGURE_ENABLE= test @@ -3718,11 +3726,15 @@ CONFIGURE_ARGS+= --disable-test <varname><replaceable>X</replaceable>_CONFIGURE_WITH</varname> - If X_CONFIGURE_WITH is set then - --with-${X_CONFIGURE_WITH} or - --without-${X_CONFIGURE_WITH} will be - added to CONFIGURE_ARGS depending on the - status of the option X, for + If + X_CONFIGURE_WITH + is set then + --with-${X_CONFIGURE_WITH} + or + --without-${X_CONFIGURE_WITH} + will be added to CONFIGURE_ARGS depending + on the status of the option + X, for example: OPTIONS_DEFINE= OPT1 @@ -3744,9 +3756,11 @@ CONFIGURE_ARGS+= --without-test <varname><replaceable>X</replaceable>_CONFIGURE_ON</varname> - If X_CONFIGURE_ON is set then its - value will be appended to CONFIGURE_ARGS - depending on the status of the option X, + If + X_CONFIGURE_ON + is set then its value will be appended to + CONFIGURE_ARGS depending on the status of + the option X, for example: OPTIONS_DEFINE= OPT1 @@ -3766,9 +3780,11 @@ CONFIGURE_ARGS+= --add-test <varname><replaceable>X</replaceable>_CONFIGURE_OFF</varname> - If X_CONFIGURE_OFF is set then its - value will be appended to CONFIGURE_ARGS - depending on the status of the option X, + If + X_CONFIGURE_OFF + is set then its value will be appended to + CONFIGURE_ARGS depending on the status of + the option X, for example: OPTIONS_DEFINE= OPT1 @@ -3788,9 +3804,11 @@ CONFIGURE_ARGS+= --no-test <varname><replaceable>X</replaceable>_CMAKE_ON</varname> - If X_CMAKE_ON is set then its value - will be appended to CMAKE_ARGS depending - on the status of the option X, for + If + X_CMAKE_ON is + set then its value will be appended to + CMAKE_ARGS depending on the status of the + option X, for example: OPTIONS_DEFINE= OPT1 @@ -3810,9 +3828,11 @@ CMAKE_ARGS+= -DTEST:BOOL=true <varname><replaceable>X</replaceable>_CMAKE_OFF</varname> - If X_CMAKE_OFF is set then its value - will be appended to CMAKE_ARGS depending - on the status of the option X, for + If + X_CMAKE_OFF is + set then its value will be appended to + CMAKE_ARGS depending on the status of the + option X, for example: OPTIONS_DEFINE= OPT1 @@ -3867,10 +3887,13 @@ CMAKE_ARGS+= -DTEST:BOOL=false <varname><replaceable>X</replaceable>_<replaceable>ABOVEVARIABLE</replaceable></varname> - If X_ABOVEVARIABLE is defined then - its value will be appended to - ABOVEVARIABLE depending on the status - of the option X, for example: + If + X_ABOVEVARIABLE + is defined then its value will be appended to + ABOVEVARIABLE + depending on the status of the option + X, for + example: OPTIONS_DEFINE= OPT1 OPT1_LIB_DEPENDS= liba.so:${PORTSDIR}/devel/a @@ -3890,10 +3913,13 @@ LIB_DEPENDS+= liba.so:${PORTSDIR}/devel/ <varname><replaceable>X</replaceable>_<replaceable>ABOVEVARIABLE</replaceable>_OFF</varname> - If X_ABOVEVARIABLE_OFF is set then - a dependency of type ABOVEVARIABLE will - be added when option X is not selected. - For example: + If + X_ABOVEVARIABLE_OFF + is set then a dependency of type + ABOVEVARIABLE + will be added when option + X is not + selected. For example: OPTIONS_DEFINE= OPT1 OPT1_LIB_DEPENDS_OFF= liba.so:${PORTSDIR}/devel/a @@ -4004,10 +4030,13 @@ LIB_DEPENDS+= liba.so:${PORTSDIR}/devel/ <varname><replaceable>X</replaceable>_<replaceable>ABOVEVARIABLE</replaceable></varname> - If X_ABOVEVARIABLE is defined then - its value will be appended to - ABOVEVARIABLE depending on the status - of the option X, for example: + If + X_ABOVEVARIABLE + is defined then its value will be appended to + ABOVEVARIABLE + depending on the status of the option + X, for + example: OPTIONS_DEFINE= OPT1 OPT1_USES= gmake @@ -4028,9 +4057,12 @@ CFLAGS+= -DTEST <varname><replaceable>X</replaceable>_<replaceable>ABOVEVARIABLE</replaceable>_OFF</varname> - If X_ABOVEVARIABLE_OFF is set then - a flag ABOVEVARIABLE will be - automatically set when option X is not + If + X_ABOVEVARIABLE_OFF + is set then a flag + ABOVEVARIABLE + will be automatically set when option + X is not selected. For example: OPTIONS_DEFINE= OPT1 @@ -4236,7 +4268,7 @@ PORTVERSION= 1.0 If you need to strip a file, but wish to use neither INSTALL_PROGRAM nor INSTALL_LIB macros, - ${STRIP_CMD} will strip your program or + ${STRIP_CMD} will strip your program or shared library. This is typically done within the post-install target. For example: From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 15:40:02 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D4786AEA; Fri, 21 Mar 2014 15:40:02 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C1E92AAB; Fri, 21 Mar 2014 15:40:02 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LFe2PO074016; Fri, 21 Mar 2014 15:40:02 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LFe2Xs074004; Fri, 21 Mar 2014 15:40:02 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403211540.s2LFe2Xs074004@svn.freebsd.org> From: Glen Barber Date: Fri, 21 Mar 2014 15:40:02 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44309 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 15:40:02 -0000 Author: gjb Date: Fri Mar 21 15:40:02 2014 New Revision: 44309 URL: http://svnweb.freebsd.org/changeset/doc/44309 Log: Add aacraid(4). Sponsored by: The FreeBSD Foundation Modified: head/share/xml/man-refs.ent Modified: head/share/xml/man-refs.ent ============================================================================== --- head/share/xml/man-refs.ent Fri Mar 21 14:15:52 2014 (r44308) +++ head/share/xml/man-refs.ent Fri Mar 21 15:40:02 2014 (r44309) @@ -3296,6 +3296,7 @@ SMP4"> YP4"> aac4"> +aacraid4"> abtn4"> acd4"> acpi4"> From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 16:12:49 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C0D349D8; Fri, 21 Mar 2014 16:12:49 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 9476FE9A; Fri, 21 Mar 2014 16:12:49 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LGCnfA089062; Fri, 21 Mar 2014 16:12:49 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LGCnCl089061; Fri, 21 Mar 2014 16:12:49 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403211612.s2LGCnCl089061@svn.freebsd.org> From: Dru Lavigne Date: Fri, 21 Mar 2014 16:12:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44310 - head/en_US.ISO8859-1/books/handbook/config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 16:12:49 -0000 Author: dru Date: Fri Mar 21 16:12:49 2014 New Revision: 44310 URL: http://svnweb.freebsd.org/changeset/doc/44310 Log: Small fixes to Managing Services. This section still needs a more thorough review. Submitted by: bjk Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/config/chapter.xml Fri Mar 21 15:40:02 2014 (r44309) +++ head/en_US.ISO8859-1/books/handbook/config/chapter.xml Fri Mar 21 16:12:49 2014 (r44310) @@ -568,8 +568,8 @@ sshd is running as pid 433. A number of strategies may be applied in clustered applications to separate site-wide configuration from - system-specific configuration in order to keep administration - overhead down. The recommended approach is to place + system-specific configuration in order to reduce administration + overhead. The recommended approach is to place system-specific configuration into /etc/rc.conf.local. For example, these entries in /etc/rc.conf apply to all @@ -579,7 +579,7 @@ sshd is running as pid 433. keyrate="fast" defaultrouter="10.1.1.254" - Whereas these systems in + Whereas these entries in /etc/rc.conf.local apply to this system only: @@ -587,7 +587,8 @@ defaultrouter="10.1.1.254" Distribute /etc/rc.conf to every - system using rsync or a similar program, + system using an application such as rsync or + puppet, while /etc/rc.conf.local remains unique. @@ -596,8 +597,9 @@ ifconfig_fxp0="inet 10.1.1.1/8" - The configuration in /etc/rc.conf - is parsed by &man.sh.1;. This allows system operators to + Both /etc/rc.conf and + /etc/rc.conf.local + are parsed by &man.sh.1;. This allows system operators to create complex configuration scenarios. Refer to &man.rc.conf.5; for further information on this topic. From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 17:25:31 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C4BA05EB; Fri, 21 Mar 2014 17:25:31 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id AFABD8BD; Fri, 21 Mar 2014 17:25:31 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LHPVvY018229; Fri, 21 Mar 2014 17:25:31 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LHPVtZ018228; Fri, 21 Mar 2014 17:25:31 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403211725.s2LHPVtZ018228@svn.freebsd.org> From: Dru Lavigne Date: Fri, 21 Mar 2014 17:25:31 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44311 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 17:25:31 -0000 Author: dru Date: Fri Mar 21 17:25:31 2014 New Revision: 44311 URL: http://svnweb.freebsd.org/changeset/doc/44311 Log: Update example Security Advisory and its descriptions. Next commit will add to the introduction of this section. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Mar 21 16:12:49 2014 (r44310) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Mar 21 17:25:31 2014 (r44311) @@ -3183,66 +3183,178 @@ You are advised to update or deinstall t What Does an Advisory Look Like? - &os; security advisories use the format seen in this - example: + Here is an example of a &os; security advisory: ============================================================================= -FreeBSD-SA-XX:XX.UTIL Security Advisory +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-SA-14:04.bind Security Advisory The FreeBSD Project -Topic: denial of service due to some problem +Topic: BIND remote denial of service vulnerability -Category: core -Module: sys -Announced: 2003-09-23 -Credits: Person -Affects: All releases of &os; - &os; 4-STABLE prior to the correction date -Corrected: 2003-09-23 16:42:59 UTC (RELENG_4, 4.9-PRERELEASE) - 2003-09-23 20:08:42 UTC (RELENG_5_1, 5.1-RELEASE-p6) - 2003-09-23 20:07:06 UTC (RELENG_5_0, 5.0-RELEASE-p15) - 2003-09-23 16:44:58 UTC (RELENG_4_8, 4.8-RELEASE-p8) - 2003-09-23 16:47:34 UTC (RELENG_4_7, 4.7-RELEASE-p18) - 2003-09-23 16:49:46 UTC (RELENG_4_6, 4.6-RELEASE-p21) - 2003-09-23 16:51:24 UTC (RELENG_4_5, 4.5-RELEASE-p33) - 2003-09-23 16:52:45 UTC (RELENG_4_4, 4.4-RELEASE-p43) - 2003-09-23 16:54:39 UTC (RELENG_4_3, 4.3-RELEASE-p39) -CVE Name: CVE-XXXX-XXXX +Category: contrib +Module: bind +Announced: 2014-01-14 +Credits: ISC +Affects: FreeBSD 8.x and FreeBSD 9.x +Corrected: 2014-01-14 19:38:37 UTC (stable/9, 9.2-STABLE) + 2014-01-14 19:42:28 UTC (releng/9.2, 9.2-RELEASE-p3) + 2014-01-14 19:42:28 UTC (releng/9.1, 9.1-RELEASE-p10) + 2014-01-14 19:38:37 UTC (stable/8, 8.4-STABLE) + 2014-01-14 19:42:28 UTC (releng/8.4, 8.4-RELEASE-p7) + 2014-01-14 19:42:28 UTC (releng/8.3, 8.3-RELEASE-p14) +CVE Name: CVE-2014-0591 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the -following sections, please visit -http://www.FreeBSD.org/security/. +following sections, please visit <URL:http://security.FreeBSD.org/>. + +I. Background + +BIND 9 is an implementation of the Domain Name System (DNS) protocols. +The named(8) daemon is an Internet Domain Name Server. + +II. Problem Description + +Because of a defect in handling queries for NSEC3-signed zones, BIND can +crash with an "INSIST" failure in name.c when processing queries possessing +certain properties. This issue only affects authoritative nameservers with +at least one NSEC3-signed zone. Recursive-only servers are not at risk. + +III. Impact + +An attacker who can send a specially crafted query could cause named(8) +to crash, resulting in a denial of service. + +IV. Workaround + +No workaround is available, but systems not running authoritative DNS service +with at least one NSEC3-signed zone using named(8) are not vulnerable. + +V. Solution + +Perform one of the following: + +1) Upgrade your vulnerable system to a supported FreeBSD stable or +release / security branch (releng) dated after the correction date. + +2) To update your vulnerable system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. -I. Background +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. +[FreeBSD 8.3, 8.4, 9.1, 9.2-RELEASE and 8.4-STABLE] +# fetch http://security.FreeBSD.org/patches/SA-14:04/bind-release.patch +# fetch http://security.FreeBSD.org/patches/SA-14:04/bind-release.patch.asc +# gpg --verify bind-release.patch.asc -II. Problem Description +[FreeBSD 9.2-STABLE] +# fetch http://security.FreeBSD.org/patches/SA-14:04/bind-stable-9.patch +# fetch http://security.FreeBSD.org/patches/SA-14:04/bind-stable-9.patch.asc +# gpg --verify bind-stable-9.patch.asc +b) Execute the following commands as root: -III. Impact +# cd /usr/src +# patch < /path/to/patch +Recompile the operating system using buildworld and installworld as +described in <URL:http://www.FreeBSD.org/handbook/makeworld.html>. -IV. Workaround +Restart the applicable daemons, or reboot the system. +3) To update your vulnerable system via a binary patch: -V. Solution +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: +# freebsd-update fetch +# freebsd-update install -VI. Correction details +VI. Correction details +The following list contains the correction revision numbers for each +affected branch. -VII. References +Branch/path Revision +- ------------------------------------------------------------------------- +stable/8/ r260646 +releng/8.3/ r260647 +releng/8.4/ r260647 +stable/9/ r260646 +releng/9.1/ r260647 +releng/9.2/ r260647 +- ------------------------------------------------------------------------- - - - The Topic field specifies the - problem. It provides an introduction to the security - advisory and notes the utility affected by the +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + +<URL:http://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> + +VII. References + +<URL:https://kb.isc.org/article/AA-01078> + +<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0591> + +The latest revision of this advisory is available at +<URL:http://security.FreeBSD.org/advisories/FreeBSD-SA-14:04.bind.asc> +-----BEGIN PGP SIGNATURE----- + +iQIcBAEBCgAGBQJS1ZTYAAoJEO1n7NZdz2rnOvQP/2/68/s9Cu35PmqNtSZVVxVG +ZSQP5EGWx/lramNf9566iKxOrLRMq/h3XWcC4goVd+gZFrvITJSVOWSa7ntDQ7TO +XcinfRZ/iyiJbs/Rg2wLHc/t5oVSyeouyccqODYFbOwOlk35JjOTMUG1YcX+Zasg +ax8RV+7Zt1QSBkMlOz/myBLXUjlTZ3Xg2FXVsfFQW5/g2CjuHpRSFx1bVNX6ysoG +9DT58EQcYxIS8WfkHRbbXKh9I1nSfZ7/Hky/kTafRdRMrjAgbqFgHkYTYsBZeav5 +fYWKGQRJulYfeZQ90yMTvlpF42DjCC3uJYamJnwDIu8OhS1WRBI8fQfr9DRzmRua +OK3BK9hUiScDZOJB6OqeVzUTfe7MAA4/UwrDtTYQ+PqAenv1PK8DZqwXyxA9ThHb +zKO3OwuKOVHJnKvpOcr+eNwo7jbnHlis0oBksj/mrq2P9m2ueF9gzCiq5Ri5Syag +Wssb1HUoMGwqU0roS8+pRpNC8YgsWpsttvUWSZ8u6Vj/FLeHpiV3mYXPVMaKRhVm +067BA2uj4Th1JKtGleox+Em0R7OFbCc/9aWC67wiqI6KRyit9pYiF3npph+7D5Eq +7zPsUdDd+qc+UTiLp3liCRp5w6484wWdhZO6wRtmUgxGjNkxFoNnX8CitzF8AaqO +UWWemqWuz3lAZuORQ9KX +=OQzQ +-----END PGP SIGNATURE----- + + Every security advisory uses the following format: + + + + Each security advisory is signed by the + PGP key of the Security Officer. The + public key for the Security Officer can be verified at + . + + + + The name of the security advisory always begins with + FreeBSD-SA- (for FreeBSD Security + Advisory), followed by the year in two digit format + (14:), followed by the advisory number + for that year (04.), followed by the + name of the affected application or subsystem + (bind). The advisory shown here is the + fourth advisory for 2014 and it affects + BIND. + + + + The Topic field summarizes the vulnerability. - + - + The Category refers to the affected part of the system which may be one of core, contrib, or @@ -3250,113 +3362,95 @@ VII. References

    contrib category means that the - vulnerability affects software contributed to the &os; - Project, such as Sendmail. + vulnerability affects software included with &os;, + such as BIND. The ports category indicates that the - vulnerability affects add on software available through + vulnerability affects software available through the Ports Collection.     -     + - + The Module field refers to the component location. In this example, the - sys module is affected; therefore, this - vulnerability affects a component used within the - kernel. - + bind module is affected; therefore, this + vulnerability affects an application installed with the + operating system.     + - + The Announced field reflects the - date the security advisory was published, or announced - to the world. This means that the security team has + date the security advisory was published. This means + that the security team has verified that the problem exists and that a patch has been committed to the &os; source code repository. - + - + The Credits field gives credit to the individual or organization who noticed the vulnerability and reported it. - + - + The Affects field explains which - releases of &os; are affected by this vulnerability. - For the kernel, a quick look over the output from - &man.ident.1; on the affected files will help in - determining the revision. For ports, the version number - is listed after the port name in /var/db/pkg. If the - system does not sync with the &os; Subversion repository - and is not rebuilt daily, chances are that it is - affected. - + releases of &os; are affected by this vulnerability.     + - + The Corrected field indicates the - date, time, time offset, and release that was + date, time, time offset, and releases that were corrected. - + - - Reserved for the identification information used to - look up vulnerabilities in the Common Vulnerabilities - and Exposures database. - - - - The Background field gives - information about the affected utility. Most of the time - this is why the utility exists in &os;, what it is used - for, and a bit of information on how the utility came to - be. - + + The CVE Name field lists the + advisory number, if one exists, in the public cve.mitre.org + security vulnerabilities database. + + + + The Background field provides a + description of the affected module. + - + The Problem Description field - explains the security hole in depth. This can include - information on flawed code, or even how the utility - could be maliciously used to open a security hole. - + explains the vulnerability. This can include + information about the flawed code and how the utility + could be maliciously used.     + - + The Impact field describes what - type of impact the problem could have on a system. For - example, this could be anything from a denial of service - attack, to extra privileges available to users, or even - giving the attacker superuser access. - - - - The Workaround field offers a - workaround to system administrators who cannot - upgrade the system due to time constraints, network - availability, or other reasons. Security should not be - taken lightly, and an affected system should either be - patched or the workaround implemented. - + type of impact the problem could have on a system.     + + + + The Workaround field indicates if + a workaround is available to system administrators who cannot + immediately patch the system . + - - The Solution field offers + + The Solution field provides the instructions for patching the affected system. This is a step by step tested and verified method for getting a system patched and working securely. - + - + The Correction Details field - displays the Subversion branch or release name with the - periods changed to underscore characters. It also shows - the revision number of the affected files within each - branch. - - - - The References field usually - offers sources of other information. This can include - web URLs, books, mailing lists, and - newsgroups. - - + displays each affected Subversion branch with + the revision number that contains the corrected code.     + + + + The References field + offers sources of additional information regarding the + vulnerability. + +     From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 17:32:33 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8A9D47A8; Fri, 21 Mar 2014 17:32:33 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 77909986; Fri, 21 Mar 2014 17:32:33 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LHWXoa021859; Fri, 21 Mar 2014 17:32:33 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LHWX3N021858; Fri, 21 Mar 2014 17:32:33 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403211732.s2LHWX3N021858@svn.freebsd.org> From: Glen Barber Date: Fri, 21 Mar 2014 17:32:33 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44312 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 17:32:33 -0000 Author: gjb Date: Fri Mar 21 17:32:32 2014 New Revision: 44312 URL: http://svnweb.freebsd.org/changeset/doc/44312 Log: Fix services_mkdb(8) reference. Sponsored by: The FreeBSD Foundation Modified: head/share/xml/man-refs.ent Modified: head/share/xml/man-refs.ent ============================================================================== --- head/share/xml/man-refs.ent Fri Mar 21 17:25:31 2014 (r44311) +++ head/share/xml/man-refs.ent Fri Mar 21 17:32:32 2014 (r44312) @@ -4699,7 +4699,7 @@ rc.pccard8"> rc.sendmail8"> rc.service8"> -rc.services.mkdb8"> +services.mkdb8"> rc.serial8"> rc.shutdown8"> rc.subr8"> From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 17:34:28 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C9C6C8BD; Fri, 21 Mar 2014 17:34:28 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 9C8489A0; Fri, 21 Mar 2014 17:34:28 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LHYSXw022119; Fri, 21 Mar 2014 17:34:28 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LHYSLB022118; Fri, 21 Mar 2014 17:34:28 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403211734.s2LHYSLB022118@svn.freebsd.org> From: Glen Barber Date: Fri, 21 Mar 2014 17:34:28 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44313 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 17:34:28 -0000 Author: gjb Date: Fri Mar 21 17:34:28 2014 New Revision: 44313 URL: http://svnweb.freebsd.org/changeset/doc/44313 Log: Move the services_mkdb(8) entry to keep alphabetical sort. Sponsored by: The FreeBSD Foundation Modified: head/share/xml/man-refs.ent Modified: head/share/xml/man-refs.ent ============================================================================== --- head/share/xml/man-refs.ent Fri Mar 21 17:32:32 2014 (r44312) +++ head/share/xml/man-refs.ent Fri Mar 21 17:34:28 2014 (r44313) @@ -4699,7 +4699,6 @@ rc.pccard8"> rc.sendmail8"> rc.service8"> -services.mkdb8"> rc.serial8"> rc.shutdown8"> rc.subr8"> @@ -4757,6 +4756,7 @@ securelevel8"> sendmail8"> service8"> +services.mkdb8"> setextattr8"> setfmac8"> setfsmac8"> From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 17:58:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DED4EB91; Fri, 21 Mar 2014 17:58:12 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id CBCA2BEB; Fri, 21 Mar 2014 17:58:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LHwCuK030955; Fri, 21 Mar 2014 17:58:12 GMT (envelope-from dim@svn.freebsd.org) Received: (from dim@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LHwC8Q030954; Fri, 21 Mar 2014 17:58:12 GMT (envelope-from dim@svn.freebsd.org) Message-Id: <201403211758.s2LHwC8Q030954@svn.freebsd.org> From: Dimitry Andric Date: Fri, 21 Mar 2014 17:58:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44314 - head/en_US.ISO8859-1/books/porters-handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 17:58:12 -0000 Author: dim (src committer) Date: Fri Mar 21 17:58:12 2014 New Revision: 44314 URL: http://svnweb.freebsd.org/changeset/doc/44314 Log: Document __FreeBSD_version values 902509 and 1000705. Modified: head/en_US.ISO8859-1/books/porters-handbook/versions.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/versions.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/versions.xml Fri Mar 21 17:34:28 2014 (r44313) +++ head/en_US.ISO8859-1/books/porters-handbook/versions.xml Fri Mar 21 17:58:12 2014 (r44314) @@ -4361,6 +4361,13 @@ it was never committed: + 902509 + March 21, 2014 + 9-STABLE after upgrade of llvm/clang to 3.4 release + (rev 263509). + + + 1000000 September 26, 2011 10.0-CURRENT. @@ -4942,6 +4949,13 @@ it was never committed: + 1000705 + March 21, 2014 + 10-STABLE after upgrade of llvm/clang to 3.4 release + (rev 263508). + + + 1100000 October 10, 2013 11.0-CURRENT From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 18:12:31 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A4944505; Fri, 21 Mar 2014 18:12:31 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 77F66DBF; Fri, 21 Mar 2014 18:12:31 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LICV62038698; Fri, 21 Mar 2014 18:12:31 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LICVDW038697; Fri, 21 Mar 2014 18:12:31 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403211812.s2LICVDW038697@svn.freebsd.org> From: Dru Lavigne Date: Fri, 21 Mar 2014 18:12:31 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44315 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 18:12:31 -0000 Author: dru Date: Fri Mar 21 18:12:30 2014 New Revision: 44315 URL: http://svnweb.freebsd.org/changeset/doc/44315 Log: Finish editorial review of Security Advisory section. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Mar 21 17:58:12 2014 (r44314) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Mar 21 18:12:30 2014 (r44315) @@ -3172,13 +3172,29 @@ You are advised to update or deinstall t &os; Security Advisories - Like many production quality operating systems, &os; - publishes Security Advisories. These - advisories are usually mailed to the security lists and noted - in the Errata only after the appropriate releases have been - patched. This section explains what an advisory is, how to - understand it, and what measures to take in order to patch a - system. + Like many producers of quality operating systems, the &os; + Project has a security team which is responsible for + determining the End-of-Life (EoL) date for each + &os; release and to provide security updates for supported + releases which have not yet reached their + EoL. More information about the &os; + security team and the supported releases is available on the + &os; security + page. + + One task of the security team is to respond to reported + security vulnerabilities in the &os; operating system. Once a + vulnerability is confirmed, the security team verifies the steps + necessary to fix the vulnerability and updates the source code + with the fix. It then publishes the details as a + Security Advisory. Security + advisories are published on the &os; website + and mailed to the &a.security-notifications.name;, + &a.security.name;, and &a.announce.name; mailing lists. + + This section describes the format of a &os; + security advisory. What Does an Advisory Look Like? From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 18:12:46 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C778F566; Fri, 21 Mar 2014 18:12:46 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id B469ADC2; Fri, 21 Mar 2014 18:12:46 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LICk1w038760; Fri, 21 Mar 2014 18:12:46 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LICkZl038759; Fri, 21 Mar 2014 18:12:46 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403211812.s2LICkZl038759@svn.freebsd.org> From: Glen Barber Date: Fri, 21 Mar 2014 18:12:46 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44316 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 18:12:46 -0000 Author: gjb Date: Fri Mar 21 18:12:46 2014 New Revision: 44316 URL: http://svnweb.freebsd.org/changeset/doc/44316 Log: Add urndis(4). Sponsored by: The FreeBSD Foundation Modified: head/share/xml/man-refs.ent Modified: head/share/xml/man-refs.ent ============================================================================== --- head/share/xml/man-refs.ent Fri Mar 21 18:12:30 2014 (r44315) +++ head/share/xml/man-refs.ent Fri Mar 21 18:12:46 2014 (r44316) @@ -3920,6 +3920,7 @@ virtio_blk4"> virtio_random4"> virtio_scsi4"> +urndis4"> vkbd4"> vlan4"> vmx4"> From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 18:14:06 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 113FB614; Fri, 21 Mar 2014 18:14:06 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id F2E66DD6; Fri, 21 Mar 2014 18:14:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LIE5bQ038946; Fri, 21 Mar 2014 18:14:05 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LIE5FI038945; Fri, 21 Mar 2014 18:14:05 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403211814.s2LIE5FI038945@svn.freebsd.org> From: Dru Lavigne Date: Fri, 21 Mar 2014 18:14:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44317 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 18:14:06 -0000 Author: dru Date: Fri Mar 21 18:14:05 2014 New Revision: 44317 URL: http://svnweb.freebsd.org/changeset/doc/44317 Log: Replace section name so it is no longer a question. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Mar 21 18:12:46 2014 (r44316) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Mar 21 18:14:05 2014 (r44317) @@ -3197,7 +3197,7 @@ You are advised to update or deinstall t security advisory. - What Does an Advisory Look Like? + Format of a Security Advisory Here is an example of a &os; security advisory: From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 18:37:50 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CD38D23B; Fri, 21 Mar 2014 18:37:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id BA7CBFF9; Fri, 21 Mar 2014 18:37:50 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LIboxw047535; Fri, 21 Mar 2014 18:37:50 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LIboNs047534; Fri, 21 Mar 2014 18:37:50 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403211837.s2LIboNs047534@svn.freebsd.org> From: Glen Barber Date: Fri, 21 Mar 2014 18:37:50 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44318 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 18:37:50 -0000 Author: gjb Date: Fri Mar 21 18:37:50 2014 New Revision: 44318 URL: http://svnweb.freebsd.org/changeset/doc/44318 Log: Add axge(4). Sponsored by: The FreeBSD Foundation Modified: head/share/xml/man-refs.ent Modified: head/share/xml/man-refs.ent ============================================================================== --- head/share/xml/man-refs.ent Fri Mar 21 18:14:05 2014 (r44317) +++ head/share/xml/man-refs.ent Fri Mar 21 18:37:50 2014 (r44318) @@ -3361,6 +3361,7 @@ auxio4"> awi4"> axe4"> +axge4"> bce4"> bfe4"> bge4"> From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 18:39:07 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5A157306; Fri, 21 Mar 2014 18:39:07 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 46E0651; Fri, 21 Mar 2014 18:39:07 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LId71t047764; Fri, 21 Mar 2014 18:39:07 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LId7Ba047763; Fri, 21 Mar 2014 18:39:07 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201403211839.s2LId7Ba047763@svn.freebsd.org> From: Benedict Reuschling Date: Fri, 21 Mar 2014 18:39:07 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44319 - head/de_DE.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 18:39:07 -0000 Author: bcr Date: Fri Mar 21 18:39:06 2014 New Revision: 44319 URL: http://svnweb.freebsd.org/changeset/doc/44319 Log: Update to r43891: Remove ATM section. Submitted by: Bjoern Heidotting Obtained from: The FreeBSD German Documentation Project Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Fri Mar 21 18:37:50 2014 (r44318) +++ head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Fri Mar 21 18:39:06 2014 (r44319) @@ -5,7 +5,7 @@ $FreeBSD$ $FreeBSDde:$ - basiert auf: r43812 + basiert auf: r43891 --> Weiterfhrende Netzwerkthemen @@ -64,10 +64,6 @@ - ATM einrichten knnen. - - - CARP, das Common Address Redundancy Protocol, unter &os; einsetzen knnen. @@ -6169,7 +6165,7 @@ rl0: flags=8943<UP,BROADCAST,RUNNING, auf den korrekten Wert setzen. - + CARP - Common Address Redundancy Protocol From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 19:07:01 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5B18AAD4; Fri, 21 Mar 2014 19:07:01 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 462193A0; Fri, 21 Mar 2014 19:07:01 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LJ71fA060127; Fri, 21 Mar 2014 19:07:01 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LJ71Qh060125; Fri, 21 Mar 2014 19:07:01 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403211907.s2LJ71Qh060125@svn.freebsd.org> From: Dru Lavigne Date: Fri, 21 Mar 2014 19:07:01 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44320 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 19:07:01 -0000 Author: dru Date: Fri Mar 21 19:07:00 2014 New Revision: 44320 URL: http://svnweb.freebsd.org/changeset/doc/44320 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Mar 21 18:39:06 2014 (r44319) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Mar 21 19:07:00 2014 (r44320) @@ -5,7 +5,9 @@ $FreeBSD$ --> - Security + + Security + @@ -17,8 +19,6 @@ - - security @@ -123,9 +123,9 @@ The CIA triad is a bedrock concept of computer security, customers and end users expect privacy of their data. They expect orders they place to not be changed - or their information altered behind the scenes. They also expect - access to information at all times. Together they make up the - confidentiality, integrity, and availability of the + or their information altered behind the scenes. They also + expect access to information at all times. Together they make + up the confidentiality, integrity, and availability of the system. To protect CIA, security professionals @@ -143,21 +143,22 @@ What is a threat as pertaining to computer security? For years it was assumed that threats are remote attackers, people - whom will attempt to access the system without permission, from - a remote location. In today's world, this definition has been - expanded to include employees, malicious software, rogue + whom will attempt to access the system without permission, + from a remote location. In today's world, this definition has + been expanded to include employees, malicious software, rogue network devices, natural disasters, security vulnerabilities, and even competing corporations. - Every day thousands of systems and networks are attacked and - several hundred are accessed without permission. Sometimes - by simple accident, others by remote attackers, and in some - cases, corporate espionage or former employees. As a system - user, it is important to prepare for and admit when a mistake - has lead to a security breach and report possible issues to - the security team. As an administrator, it is important to - know of the threats and be prepared to mitigate them. - + Every day thousands of systems and networks are attacked + and several hundred are accessed without permission. + Sometimes by simple accident, others by remote attackers, and + in some cases, corporate espionage or former employees. As a + system user, it is important to prepare for and admit when a + mistake has lead to a security breach and report possible + issues to the security team. As an administrator, it is + important to know of the threats and be prepared to mitigate + them. + A Ground Up Approach @@ -169,14 +170,14 @@ is in these latter configuration aspects that system policy and procedures should take place. - Many places of business already have a security policy that - covers the configuration technology devices in use. They + Many places of business already have a security policy + that covers the configuration technology devices in use. They should contain, at minimal, the security configuration of end user workstations and desktops, mobile devices such as phones and laptops, and both production and development servers. In - many cases, when applying computer security, standard operating - procedures (SOPs) already exist. When in - doubt, ask the security team. + many cases, when applying computer security, standard + operating procedures (SOPs) already exist. + When in doubt, ask the security team. @@ -199,7 +200,7 @@ This command will change the account from this toor:*:0:0::0:0:Bourne-again Superuser:/root: to toor:*LOCKED**:0:0::0:0:Bourne-again - Superuser:/root: + Superuser:/root: In some cases, this is not possible, perhaps because of an additional service. In those cases, login access @@ -209,7 +210,7 @@ &prompt.root; chsh -s /usr/sbin/nologin toor - Only super users are able to change the shell for + Only super users are able to change the shell for other users. Attempting to perform this as a regular user will fail. @@ -219,37 +220,37 @@ toor:*:0:0::0:0:Bourne-again Superuser:/root:/usr/sbin/nologin - The /usr/sbin/nologin shell will block - the &man.login.1; command from assigning a shell to this + The /usr/sbin/nologin shell will + block the &man.login.1; command from assigning a shell to this user. - + Permitted Account Escalation - In some cases, system administration access needs to - be shared with other users. &os; has two methods to - handle this. The first one, which is not recommended, - is a shared root password and adding users to the - wheel group. - To achieve this, edit the /etc/group - and add the user to the end of the first group. This - user must be separated by a comma character. + In some cases, system administration access needs to be + shared with other users. &os; has two methods to handle this. + The first one, which is not recommended, is a shared root + password and adding users to the wheel group. To achieve + this, edit the /etc/group and add the + user to the end of the first group. This user must be + separated by a comma character. The correct way to permit this privilege escalation is using the security/sudo port which will - provide additional auditing, more fine grained user - control, and even lock users into running only single, - privileged commands such as &man.service.8; + provide additional auditing, more fine grained user control, + and even lock users into running only single, privileged + commands such as &man.service.8; After installation, edit the /usr/local/etc/sudoers file by using the visudo interface. In this example, - a new webadmin group will be added, the user - trhodes to that - group, and then give the user - access to restart apache24, the following - procedure may be followed: + a new webadmin group will be added, the user trhodes to that group, and + then give the user access to restart + apache24, the following procedure may be + followed: &prompt.root; pw groupadd webadmin -M trhodes -g 6000 @@ -268,10 +269,10 @@ Passwords - Passwords are a necessary evil of technology. In the cases - they must be used, not only should the password be extremely - complex, but also use a powerful hash mechanism to protect it. - At the time of this writing, &os; supports + Passwords are a necessary evil of technology. In the + cases they must be used, not only should the password be + extremely complex, but also use a powerful hash mechanism to + protect it. At the time of this writing, &os; supports DES, MD5, Blowfish, SHA256, and SHA512 in the crypt() library. The default is @@ -288,8 +289,8 @@ At the time of this writing, Blowfish is not part of - AES nor is it considered compliant - with any FIPS (Federal Information + AES nor is it considered compliant with + any FIPS (Federal Information Processing Standards) standard and its use may not be permitted in some environments. @@ -307,7 +308,7 @@ their network. - Password Policy and Enforcement + Password Policy and Enforcement Enforcing a strong password policy for local accounts is a fundamental aspect of local system security and policy. @@ -328,8 +329,8 @@ password requisite pam_passwdqc.so min=disabled,disabled,disabled,12,10 similar=deny retry=3 enforce=users - There is already a commented out line for this module and - it may be altered to the version above. This statement + There is already a commented out line for this module + and it may be altered to the version above. This statement basically sets several requirements. First, a minimal password length is disabled, allowing for a password of any length. Using only two character classes are disabled, @@ -346,7 +347,7 @@ particular to understand what character classes are. After this change is made and the file saved, any user - changing their password will see a message similar to the + changing their password will see a message similar to the following. This message might also clear up some confusion about the configuration. @@ -371,13 +372,14 @@ Enter new password: again In most password policies, a password aging requirement - is normally set. This means that a every password must expire - after so many days after it has been set. To set a password - age time in &os;, set the in + is normally set. This means that a every password must + expire after so many days after it has been set. To set a + password age time in &os;, set the + in /etc/login.conf. Most users when added to the system just fall into the - default group which is where this variable could be added and - the database rebuilt using: + default group which is where this variable could be added + and the database rebuilt using: &prompt.root; cap_mkdb /etc/login.conf @@ -386,8 +388,9 @@ Enter new password: &prompt.root; pw usermod -p 30-apr-2014 -n trhodes - As seen here, an expiration date is set in the form of day, - month, year. For more information, see &man.pw.8; + As seen here, an expiration date is set in the form of + day, month, year. For more information, see + &man.pw.8; @@ -419,8 +422,8 @@ Enter new password: After the process complete, which will require some manual pressing of the ENTER key, a status message will be printed to the screen. This message will include the - amount of files checked, suspect files, possible rootkits, - and more. During the check, some generic security warnings may + amount of files checked, suspect files, possible rootkits, and + more. During the check, some generic security warnings may be produced about hidden files, the OpenSSH protocol selection, and occasionally known vulnerable versions of installed software. @@ -450,24 +453,24 @@ Enter new password: Detection System or IDS. &os; provides native support for a basic - IDS system. In fact, as part of the nightly - &man.periodic.8; security emails will notify an administrator - of changes. Since the information is stored locally, there is - a change a malicious user could modify and spoof - the information. As such, it is recommended to create a - separate set of binary signatures and store them on a read - only, root owned directory or, preferably, off system such - as a USB disk or - rsync server. + IDS system. In fact, as part of the + nightly &man.periodic.8; security emails will notify an + administrator of changes. Since the information is stored + locally, there is a change a malicious user could modify and + spoof the information. As such, it is + recommended to create a separate set of binary signatures and + store them on a read only, root owned directory or, + preferably, off system such as a USB disk + or rsync server. To being, a seed needs to be generated. This is a numeric constant that will be used as to help generate the hash values - and to check the hash values. Lacking this seed value will make - faking or checking the checksum values of files difficult it not - impossible. In the following example, the key will be passed - with the flag. First, generate a set of - hashes and checksums for /bin using the - following command: + and to check the hash values. Lacking this seed value will + make faking or checking the checksum values of files difficult + it not impossible. In the following example, the key will be + passed with the flag. First, generate a + set of hashes and checksums for /bin + using the following command: &prompt.root; mtree -s 3483151339707503 -c -K cksum,sha256digest -p /bin > bin_chksum_mtree @@ -513,20 +516,24 @@ Enter new password: This should produce the same checksum for /bin that was produced when the command - was originally ran. Since no changes occurred in the time these - commands were ran, the bin_chksum_output - output will be empty. To simulate a change, change the date - on the /bin/cat file using - &man.touch.1; and run the verification command again: + was originally ran. Since no changes occurred in the time + these commands were ran, the + bin_chksum_output output will be empty. + To simulate a change, change the date on the + /bin/cat file using &man.touch.1; and run + the verification command again: &prompt.root; touch /bin/cat + &prompt.root; mtree -s 3483151339707503 -p /bin < bin_chksum_mtree >> bin_chksum_output + &prompt.root; cat bin_chksum_output + cat changed modification time expected Fri Sep 27 06:32:55 2013 found Mon Feb 3 10:28:43 2014 - More advanced IDS systems exist, such as - security/aide but in most cases, + More advanced IDS systems exist, such + as security/aide but in most cases, &man.mtree.8; provides the functionality administrators need. It is important to keep the seed value and the checksum output hidden from malicious users. @@ -541,9 +548,9 @@ Enter new password: (DOS) style attacks. Some of the more important will be covered here. Any time a setting is changed with &man.sysctl.8;, the chance to cause undesired harm is - increased affecting the availability of the system. Considering - the CIA of the system should be done during - any system-wide configuration change. + increased affecting the availability of the system. + Considering the CIA of the system should be + done during any system-wide configuration change. The following is a list of &man.sysctl.8;'s and a short description of what effects the changes will have on the @@ -574,11 +581,11 @@ Enter new password: ports will be dropped with no return RST response. The normal behavior is to return an RST to show a port is closed. These will - provide some level of protection against stealth - scans against a system. Set the net.inet.tcp.blackhole to - 2 and the net.inet.udp.blackhole to - 1 and review the information in &man.blackhole.4; - for more information. + provide some level of protection against + stealth scans against a system. Set the + net.inet.tcp.blackhole to 2 and the + net.inet.udp.blackhole to 1 and review the + information in &man.blackhole.4; for more information. Additionally the net.inet.icmp.drop_redirect and net.inet.ip.redirect should be set as well. These two @@ -607,7 +614,7 @@ Enter new password: Some additional &man.sysctl.8;s are documented in &man.security.7; and it is recommended it be consulted for additional information. - + @@ -630,28 +637,25 @@ Enter new password: implementation uses the MD5 hash by default. - OPIE uses three different types of passwords. The first is - the usual &unix; or Kerberos password. The second is the - one-time password which is generated by opiekey. - The third - type of password is the secret password which is used - to generate + OPIE uses three different types of + passwords. The first is the usual &unix; or Kerberos password. + The second is the one-time password which is generated by + opiekey. The third type of password is the + secret password which is used to generate one-time passwords. The secret password has nothing to do with, - and should be different from, the &unix; - password. + and should be different from, the &unix; password. - There are two other pieces of data - that are important to OPIE. One is the - seed or key, consisting of two - letters and five digits. The other is the iteration - count, a number between 1 and 100. - OPIE creates the one-time password by - concatenating the seed and the secret password, applying the MD5 - hash as many times as specified by the iteration count, and - turning the result into six short English words which represent - the one-time password. The authentication - system keeps track of the last one-time password - used, and the user is authenticated if the hash of the + There are two other pieces of data that are important to + OPIE. One is the seed or + key, consisting of two letters and five digits. + The other is the iteration count, a number + between 1 and 100. OPIE creates the one-time + password by concatenating the seed and the secret password, + applying the MD5 hash as many times as + specified by the iteration count, and turning the result into + six short English words which represent the one-time password. + The authentication system keeps track of the last one-time + password used, and the user is authenticated if the hash of the user-provided password is equal to the previous password. Because a one-way hash is used, it is impossible to generate future one-time passwords if a successfully used password is @@ -660,26 +664,23 @@ Enter new password: When the iteration count gets down to 1, OPIE must be reinitialized. - There are a few programs involved in this process. - A one-time password, or a consecutive - list of one-time passwords, is generated by passing an iteration - count, a seed, and a secret + There are a few programs involved in this process. A + one-time password, or a consecutive list of one-time passwords, + is generated by passing an iteration count, a seed, and a secret password to &man.opiekey.1;. In addition to initializing OPIE, &man.opiepasswd.1; is used to change - passwords, iteration counts, or seeds. The relevant credential files in - /etc/opiekeys are examined by + passwords, iteration counts, or seeds. The relevant credential + files in /etc/opiekeys are examined by &man.opieinfo.1; which prints out the invoking user's current iteration count and seed. - This section describes four different sorts of operations. The first is - how to set up - one-time-passwords for the first time - over a secure connection. The second is how to use opiepasswd over - an insecure connection. The third is how to - log in over an insecure connection. The - fourth is how to generate a number of keys - which can be written down or printed out to use at insecure - locations. + This section describes four different sorts of operations. + The first is how to set up one-time-passwords for the first time + over a secure connection. The second is how to use + opiepasswd over an insecure connection. The + third is how to log in over an insecure connection. The fourth + is how to generate a number of keys which can be written down or + printed out to use at insecure locations. Initializing <acronym>OPIE</acronym> @@ -706,36 +707,34 @@ MOS MALL GOAT ARM AVID COED SSH session to a computer under the user's control. - When prompted, enter the secret - password which will be + When prompted, enter the secret password which will be used to generate the one-time login keys. This password should be difficult to guess and should be different than the - password which is associated with the user's login - account. It must be between 10 and 127 characters long. - Remember this password. - - The - ID line lists - the login name (unfurl), default iteration count + password which is associated with the user's login account. + It must be between 10 and 127 characters long. Remember this + password. + + The ID line lists the login name + (unfurl), default iteration count (499), and default seed - (to4268). When logging in, - the system will remember these parameters and display them, - meaning that they do not have to be memorized. The last line - lists the generated one-time password which corresponds to - those parameters and the secret password. At the next login, - use this one-time password. + (to4268). When logging in, the system will + remember these parameters and display them, meaning that they + do not have to be memorized. The last line lists the + generated one-time password which corresponds to those + parameters and the secret password. At the next login, use + this one-time password. Insecure Connection Initialization To initialize or change the secret password on an - insecure system, a secure connection is needed to some - place where opiekey can be run. This might be a shell - prompt on a trusted machine. An iteration count is needed, - where 100 is probably a good value, and the seed can either be - specified or the randomly-generated one used. On the insecure - connection, the machine being initialized, use + insecure system, a secure connection is needed to some place + where opiekey can be run. This might be a + shell prompt on a trusted machine. An iteration count is + needed, where 100 is probably a good value, and the seed can + either be specified or the randomly-generated one used. On + the insecure connection, the machine being initialized, use &man.opiepasswd.1;: &prompt.user; opiepasswd @@ -762,8 +761,8 @@ Reminder: Do not use opiekey from telnet Enter secret pass phrase: GAME GAG WELT OUT DOWN CHAT - Switch back over to the insecure connection, and copy - the generated one-time password over to the relevant + Switch back over to the insecure connection, and copy the + generated one-time password over to the relevant program. @@ -867,14 +866,15 @@ Enter secret pass phrase: < - TCP Wrappers + + TCP Wrappers + - TomRhodesWritten by + TomRhodesWritten + by - - TCP Wrappers TCP Wrappers extends the abilities of @@ -919,16 +919,16 @@ Enter secret pass phrase: < daemon is the daemon which &man.inetd.8; started, address is a valid hostname, IP address, or an IPv6 address enclosed in - brackets ([ ]), and action is - either allow or deny. + brackets ([ ]), and action is either + allow or deny. TCP Wrappers uses a first rule match semantic, meaning that the configuration file is scanned in ascending order for a matching rule. When a match is found, the rule is applied and the search process stops. For example, to allow POP3 connections - via the mail/qpopper - daemon, the following lines should be appended to + via the mail/qpopper daemon, the following + lines should be appended to hosts.allow: # This line is required for POP3 connections: @@ -1001,9 +1001,10 @@ ALL : .example.com \ /var/log/connections.log) \ : deny - This will deny all connection attempts from *.example.com and log the hostname, - IP address, and the daemon to which - access was attempted to + This will deny all connection attempts from *.example.com and log + the hostname, IP address, and the daemon + to which access was attempted to /var/log/connections.log. This example uses the substitution characters @@ -1048,17 +1049,19 @@ sendmail : PARANOID : deny - <application>Kerberos5</application> + + <application>Kerberos5</application> + - TillmanHodgsonContributed by + TillmanHodgsonContributed + by - MarkMurrayBased on a contribution by + MarkMurrayBased + on a contribution by - - Kerberos is a network add-on system/protocol that allows users to authenticate themselves through the services of a secure server. @@ -1089,7 +1092,8 @@ sendmail : PARANOID : deny The DNS domain (zone) - will be example.org. + will be example.org. @@ -1138,14 +1142,14 @@ sendmail : PARANOID : denyUS export regulations. The MIT Kerberos is - available as the security/krb5 package or port. - Heimdal Kerberos is another version - 5 implementation, and was explicitly developed outside of the - US to avoid export regulations. The + available as the security/krb5 package or + port. Heimdal Kerberos is another + version 5 implementation, and was explicitly developed outside + of the US to avoid export regulations. The Heimdal Kerberos distribution is - available as a the security/heimdal package or port, - and a minimal installation is included in the base &os; - install. + available as a the security/heimdal package + or port, and a minimal installation is included in the base + &os; install. These instructions assume the use of the Heimdal distribution included in &os;. @@ -1196,8 +1200,9 @@ kadmind5_server_enable="YES"This /etc/krb5.conf implies that the KDC will use the fully-qualified hostname - kerberos.example.org. Add a - CNAME (alias) entry to the zone file to accomplish this + kerberos.example.org. Add + a CNAME (alias) entry to the zone file to accomplish this if the KDC has a different hostname. @@ -1209,7 +1214,9 @@ kadmind5_server_enable="YES" With the following lines being appended to the - example.org zone file: + example.org zone + file: _kerberos._udp IN SRV 01 00 88 kerberos.example.org. _kerberos._tcp IN SRV 01 00 88 kerberos.example.org. @@ -1355,10 +1362,10 @@ kadmin> exitIf &man.kadmind.8; is not running on the KDC and there is no access to - &man.kadmin.8; remotely, add the host principal - (host/myserver.EXAMPLE.ORG) directly on - the KDC and then extract it to a - temporary file to avoid overwriting the + &man.kadmin.8; remotely, add the host principal (host/myserver.EXAMPLE.ORG) + directly on the KDC and then extract it to + a temporary file to avoid overwriting the /etc/krb5.keytab on the KDC, using something like this: @@ -1447,19 +1454,20 @@ kadmin> exitKerberos principal. For - example, tillman@EXAMPLE.ORG may need - access to the local user account - webdevelopers. Other principals may also - need access to that local account. + example, tillman@EXAMPLE.ORG may need + access to the local user account webdevelopers. Other + principals may also need access to that local account. The .k5login and .k5users files, placed in a user's home directory, can be used to solve this problem. For example, if .k5login with the following contents is - placed in the home directory of - webdevelopers, both principals listed - will have access to that account without requiring a shared - password.: + placed in the home directory of webdevelopers, both principals + listed will have access to that account without requiring a + shared password.: tillman@example.org jdoe@example.org @@ -1476,8 +1484,8 @@ jdoe@example.org When using either the Heimdal or MIT - KerberosKerberos5troubleshooting ports, ensure that - the PATH lists the + KerberosKerberos5troubleshooting + ports, ensure that the PATH lists the Kerberos versions of the client applications before the system versions. @@ -1496,11 +1504,12 @@ jdoe@example.org - If the hostname is changed, the - host/ principal must be changed and - the keytab updated. This also applies to special keytab - entries like the www/ principal - used for Apache's www/mod_auth_kerb. + If the hostname is changed, the host/ principal must be + changed and the keytab updated. This also applies to + special keytab entries like the www/ principal used for + Apache's www/mod_auth_kerb. @@ -1517,8 +1526,9 @@ jdoe@example.org Some operating systems that act as clients to the KDC do not set the permissions for - &man.ksu.1; to be setuid root. This - means that &man.ksu.1; does not work. This is not a + &man.ksu.1; to be setuid root. This means that + &man.ksu.1; does not work. This is not a KDC error. @@ -1528,10 +1538,10 @@ jdoe@example.org principal to have a ticket life longer than the default ten hours, use modify_principal at the &man.kadmin.8; prompt to change the maxlife of both the - principal in question and the - krbtgt principal. Then the - principal can use kinit -l to request a - ticket with a longer lifetime. + principal in question and the krbtgt principal. Then + the principal can use kinit -l to + request a ticket with a longer lifetime. @@ -1611,16 +1621,18 @@ jdoe@example.org The client applications may also use slightly different command line options to accomplish the same tasks. Following the instructions on the MIT - Kerberos web site is - recommended. Be careful of path issues: the - MIT port installs into /usr/local/ by default, and the + Kerberos web + site is recommended. Be careful of path issues: the + MIT port installs into + /usr/local/ by default, and the normal system applications run instead of MIT versions if PATH lists the system directories first. - With the &os; MIT security/krb5 port, be sure to - read + With the &os; MIT + security/krb5 port, be sure to read /usr/local/share/doc/krb5/README.FreeBSD installed by the port to understand why logins via &man.telnetd.8; and klogind behave @@ -1642,8 +1654,7 @@ kadmind5_server_enable="YES"This is done because the applications for MIT Kerberos installs binaries in the - /usr/local - hierarchy. + /usr/local hierarchy. @@ -1656,8 +1667,8 @@ kadmind5_server_enable="YES" - <application>Kerberos</application> is an - All or Nothing Approach + <application>Kerberos</application> is an All or + Nothing Approach Every service enabled on the network must be modified to work with Kerberos, or be @@ -1675,10 +1686,10 @@ kadmind5_server_enable="YES"In a multi-user environment, Kerberos is less secure. This is - because it stores the tickets in /tmp, which is readable by - all users. If a user is sharing a computer with other - users, it is possible that the user's tickets can be stolen - or copied by another user. + because it stores the tickets in /tmp, + which is readable by all users. If a user is sharing a + computer with other users, it is possible that the user's + tickets can be stolen or copied by another user. This can be overcome with the -c command-line option or, preferably, the @@ -1724,8 +1735,8 @@ kadmind5_server_enable="YES"KDC to the users, hosts or services. This means that a trojanned &man.kinit.1; could record all user names and passwords. Filesystem integrity checking - tools like security/tripwire can alleviate - this. + tools like security/tripwire can + alleviate this. @@ -1777,31 +1788,36 @@ kadmind5_server_enable="YES" - + The Kerberos FAQ - Designing + Designing an Authentication System: a Dialog in Four Scenes - RFC + RFC 1510, The Kerberos Network Authentication Service (V5) - MIT + MIT Kerberos home page - Heimdal + Heimdal Kerberos home page @@ -1810,14 +1826,15 @@ kadmind5_server_enable="YES" - OpenSSL + + OpenSSL + - TomRhodesWritten by + TomRhodesWritten + by - - security OpenSSL @@ -1833,15 +1850,14 @@ kadmind5_server_enable="YES"www/apache22, and - mail/claws-mail offer - compilation support for building with - OpenSSL. + mail/claws-mail offer compilation support for + building with OpenSSL. In most cases, the Ports Collection will attempt to build - the security/openssl - port unless WITH_OPENSSL_BASE is explicitly - set to yes. + the security/openssl port unless + WITH_OPENSSL_BASE is explicitly set to + yes. The version of OpenSSL included @@ -1865,7 +1881,8 @@ kadmind5_server_enable="YES"Certificate Authority (CA), a warning is produced. A - CA is a company, such as VeriSign, signs + CA is a company, such as VeriSign, signs certificates in order to validate the credentials of individuals or companies. This process has a cost associated with it and is not a requirement for using certificates; however, it can put @@ -1946,8 +1963,9 @@ An optional company name []:A certificate authority signature file, myca.key and the certificate itself, new.crt. These should be placed in a - directory, preferably under /etc, which is readable only by - root. Permissions of 0700 are + directory, preferably under /etc, which + is readable only by root. Permissions of 0700 are appropriate and can be set using &man.chmod.1;. @@ -2022,7 +2040,9 @@ Connection closed by foreign host. - <acronym>VPN</acronym> over IPsec + + <acronym>VPN</acronym> over IPsec + NikClayton
    nik@FreeBSD.org
    @@ -2030,23 +2050,22 @@ Connection closed by foreign host.     - - IPsec - Understanding IPsec + + Understanding IPsec + - Hiten M.Pandya + Hiten + M.Pandya
    hmp@FreeBSD.org
    Written by     - - This section demonstrates the process of setting up IPsec. It assumes familiarity with the concepts of building a custom kernel (see ). @@ -2055,8 +2074,9 @@ Connection closed by foreign host.IP) layer. It allows two or more hosts to communicate in a secure manner. The &os; IPsec network stack is based on the - KAME implementation, - which has support for both IPv4 and IPv6. + KAME + implementation, which has support for both IPv4 and + IPv6. IPsec @@ -2171,13 +2191,15 @@ device crypto The internal addresses of the two networks can be either public or private IP addresses. However, the address space must not collide. For example, both - networks cannot use - 192.168.1.x. + networks cannot use 192.168.1.x.     *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 19:42:50 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 276A041A; Fri, 21 Mar 2014 19:42:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 13D48A1F; Fri, 21 Mar 2014 19:42:50 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LJgnk0076056; Fri, 21 Mar 2014 19:42:49 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LJgntC076055; Fri, 21 Mar 2014 19:42:49 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403211942.s2LJgntC076055@svn.freebsd.org> From: Glen Barber Date: Fri, 21 Mar 2014 19:42:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44321 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 19:42:50 -0000 Author: gjb Date: Fri Mar 21 19:42:49 2014 New Revision: 44321 URL: http://svnweb.freebsd.org/changeset/doc/44321 Log: Add etcupdate(8). Sponsored by: The FreeBSD Foundation Modified: head/share/xml/man-refs.ent Modified: head/share/xml/man-refs.ent ============================================================================== --- head/share/xml/man-refs.ent Fri Mar 21 19:07:00 2014 (r44320) +++ head/share/xml/man-refs.ent Fri Mar 21 19:42:49 2014 (r44321) @@ -4357,6 +4357,7 @@ editmap8"> edquota8"> eeprom8"> +etcupdate8"> extattrctl8"> faithd8"> fastboot8"> From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 19:53:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9BF6287C; Fri, 21 Mar 2014 19:53:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 7C637B27; Fri, 21 Mar 2014 19:53:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LJruA0080205; Fri, 21 Mar 2014 19:53:56 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LJruLM080204; Fri, 21 Mar 2014 19:53:56 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403211953.s2LJruLM080204@svn.freebsd.org> From: Dru Lavigne Date: Fri, 21 Mar 2014 19:53:56 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44322 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 19:53:56 -0000 Author: dru Date: Fri Mar 21 19:53:55 2014 New Revision: 44322 URL: http://svnweb.freebsd.org/changeset/doc/44322 Log: Initial prep work for OpenSSH chapter. Divide sections into client stuff and server stuff. Still needs an editorial review and the last 2 hanging sub-sections need to be incorporated. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Mar 21 19:42:49 2014 (r44321) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Mar 21 19:53:55 2014 (r44322) @@ -2514,42 +2514,15 @@ racoon_enable="yes"     compatible with both SSH version 1 and 2 protocols. - - Advantages of Using - <application>OpenSSH</application> - When data is sent over the network in an unencrypted form, network sniffers anywhere in between the client and server can steal user/password information or data transferred during the session. OpenSSH offers a variety of authentication and encryption methods to prevent this from happening. - - Enabling the SSH Server - - - OpenSSH - enabling - - - To see if &man.sshd.8; is enabled, check - /etc/rc.conf for this line: - - sshd_enable="YES" - - This will start &man.sshd.8;, the daemon program for - OpenSSH, the next time the system - initializes. Alternatively, it is possible to use - &man.service.8; to start OpenSSH - now: - - &prompt.root; service sshd start - - - - The SSH Client + Using the SSH Client Utilities OpenSSH @@ -2584,10 +2557,6 @@ user@example.com's password: 1 or version 2, respectively. The version 1 compatibility is maintained in the client for backwards compatibility with older versions. - - - - Secure Copy OpenSSH @@ -2617,28 +2586,9 @@ COPYRIGHT 100% |************* SSH, connection, one or more of the file arguments takes the form . - - - - Configuration - - - OpenSSH - configuration - - - The system-wide configuration files for both the - OpenSSH daemon and client reside - in /etc/ssh. - - ssh_config configures the client - settings, while sshd_config configures - the daemon. Each file has its own manual page which describes - the available configuration options. - - - &man.ssh-keygen.1; + + Key-based Authentication Instead of using passwords, &man.ssh-keygen.1; can be used to generate DSA or RSA @@ -2690,23 +2640,15 @@ bb:48:db:f2:93:57:80:b6:aa:bc:f5:d5:ba:8 that host IP. - If a passphrase is used in &man.ssh-keygen.1;, the user - will be prompted for the passphrase each time in order to use - the private key. &man.ssh-agent.1; can alleviate the strain - of repeatedly entering long passphrases, and is explored in - . - The various options and files can be different according to the OpenSSH version. To avoid problems, consult &man.ssh-keygen.1;. - - - - Using SSH Agent to Cache Keys - To load SSH keys into memory for use, + If a passphrase is used in &man.ssh-keygen.1;, the user + will be prompted for the passphrase each time in order to use + the private key. To load SSH keys into memory for use, without needing to type the passphrase each time, use &man.ssh-agent.1; and &man.ssh-add.1;. @@ -2745,9 +2687,9 @@ Identity added: /home/user/.ssh/id_dsa ( &xorg; has been restarted so that the changes can take effect, run &man.ssh-add.1; to load all of the SSH keys. - + - + <acronym>SSH</acronym> Tunneling @@ -2850,11 +2792,7 @@ Escape character is '^]'. run as a separate user. - - Practical <acronym>SSH</acronym> Tunneling - Examples - - + Secure Access of a POP3 Server In this example, there is an SSH @@ -2873,9 +2811,9 @@ user@ssh-server.example.com's password: localhost on port 2110. This connection will be forwarded securely across the tunnel to mail.example.com. - + - + Bypassing a Draconian Firewall Some network administrators impose firewall rules @@ -2897,12 +2835,30 @@ user@unfirewalled-system.example.org's p 8888, which will be forwarded over to music.example.com on port 8000, successfully bypassing the firewall. - + - The <varname>AllowUsers</varname> Option + Enabling the SSH Server + + + OpenSSH + enabling + + + To see if &man.sshd.8; is enabled, check + /etc/rc.conf for this line: + + sshd_enable="YES" + + This will start &man.sshd.8;, the daemon program for + OpenSSH, the next time the system + initializes. Alternatively, it is possible to use + &man.service.8; to start OpenSSH + now: + + &prompt.root; service sshd start It is often a good idea to limit which users can log in and from where using AllowUsers. For @@ -2936,6 +2892,24 @@ user@unfirewalled-system.example.org's p + Configuration + + + OpenSSH + configuration + + + The system-wide configuration files for both the + OpenSSH daemon and client reside + in /etc/ssh. + + ssh_config configures the client + settings, while sshd_config configures + the daemon. Each file has its own manual page which describes + the available configuration options. + + + Further Reading The Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 955E2B16; Fri, 21 Mar 2014 20:34:39 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 75914EB7; Fri, 21 Mar 2014 20:34:39 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LKYdTA097135; Fri, 21 Mar 2014 20:34:39 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LKYdlg097134; Fri, 21 Mar 2014 20:34:39 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403212034.s2LKYdlg097134@svn.freebsd.org> From: Dru Lavigne Date: Fri, 21 Mar 2014 20:34:39 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44323 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 20:34:39 -0000 Author: dru Date: Fri Mar 21 20:34:38 2014 New Revision: 44323 URL: http://svnweb.freebsd.org/changeset/doc/44323 Log: Initial prep work for Storage chapter. Many more commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Fri Mar 21 19:53:55 2014 (r44322) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Fri Mar 21 20:34:38 2014 (r44323) @@ -602,9 +602,6 @@ umass0: detached creating - - Introduction - CD media provide a number of features that differentiate them from conventional disks. Initially, they were not writable by the user. They are designed so that they can be @@ -663,7 +660,6 @@ umass0: detached K3b require the ATAPI/CAM module with ATAPI hardware. - <application>mkisofs</application> @@ -1136,9 +1132,6 @@ cd0: Attempt to query device size failed burning - - Introduction - Compared to the CD, the DVD is the next generation of optical media storage technology. The DVD can hold more data than any CD and is the standard for video publishing. @@ -1195,7 +1188,6 @@ cd0: Attempt to query device size failed the DVD-Video player are compatible with the media under consideration.     - Configuration @@ -1513,19 +1505,12 @@ cd0: Attempt to query device size failed DVD-RAM - - Configuration - DVD-RAM writers can use either a SCSI or ATAPI interface. For ATAPI devices, DMA access has to be enabled by adding the following line to /boot/loader.conf: hw.ata.atapi_dma="1" - - - - Preparing the Media A DVD-RAM can be seen as a removable hard drive. Like any other hard drive, the DVD-RAM must be formatted before @@ -1538,10 +1523,6 @@ cd0: Attempt to query device size failed The DVD device, acd0, must be changed according to the configuration. - - - - Using the Media Once the DVD-RAM has been formatted, it can be mounted as a normal hard drive: @@ -1550,7 +1531,6 @@ cd0: Attempt to query device size failed Once mounted, the DVD-RAM will be both readable and writeable. -     @@ -2660,30 +2640,35 @@ Filesystem 1K-blocks Used Avail Capacity Disk Encryption with <application>gbde</application> - - - Configuring gbde requires - superuser privileges. - - &prompt.user; su - -Password: - + gbde encrypts the sector payload using 128-bit + AES in CBC mode. Each sector on the disk is encrypted with + a different AES key. For more information on the + cryptographic design, including how the sector keys are + derived from the user-supplied passphrase, refer to + &man.gbde.4;. - - If using a custom kernel configuration file, ensure it - contains this line: + + &man.sysinstall.8; is incompatible with + gbde-encrypted devices. All + *.bde + devices must be detached from the kernel before starting + &man.sysinstall.8; or it will crash during its initial + probing for devices. To detach the encrypted device used in + the example, use the following command: - options GEOM_BDE + &prompt.root; gbde detach /dev/ad4s1c + - If the kernel already contains this support, use - kldload to load &man.gbde.4;: + &os; provides a kernel module for + gbde which can be loaded with + this command: &prompt.root; kldload geom_bde - - - - Preparing the Encrypted Hard Drive + If using a custom kernel configuration file, ensure it + contains this line: + + options GEOM_BDE The following example demonstrates adding a new hard drive to a system that will hold a single encrypted @@ -2856,7 +2841,6 @@ Filesystem Size Used Avail Cap /dev/ad4s1c.bde 150G 4.1K 138G 0% /private - Mounting Existing Encrypted File Systems @@ -2900,9 +2884,6 @@ Filesystem Size Used Avail Cap - - Automatically Mounting Encrypted Partitions - It is possible to create a script to automatically attach, check, and mount an encrypted partition, but for security reasons the script should not contain the @@ -2924,34 +2905,6 @@ gbde_lockdir="/etc/gbde"gbde encrypted partition will be mounted automatically. This can be useful when using gbde on laptops. - - - - - Cryptographic Protections Employed by - <command>gbde</command> - - &man.gbde.8; encrypts the sector payload using 128-bit - AES in CBC mode. Each sector on the disk is encrypted with - a different AES key. For more information on the - cryptographic design, including how the sector keys are - derived from the user-supplied passphrase, refer to - &man.gbde.4;. - - - - Compatibility Issues - - &man.sysinstall.8; is incompatible with - gbde-encrypted devices. All - *.bde - devices must be detached from the kernel before starting - &man.sysinstall.8; or it will crash during its initial - probing for devices. To detach the encrypted device used in - the example, use the following command: - - &prompt.root; gbde detach /dev/ad4s1c - @@ -3331,9 +3284,6 @@ Device 1K-blocks Used Av high availability - - Synopsis - High availability is one of the main requirements in serious business applications and highly-available storage is a key component in such environments. Highly Available @@ -3396,7 +3346,6 @@ Device 1K-blocks Used Av GmbH and TransIP BV. - HAST Features @@ -3496,9 +3445,6 @@ Device 1K-blocks Used Av is not up-to-date or an I/O error occurs. In such case, the read operation is sent to the secondary node. - - Synchronization and Replication Modes - HAST tries to provide fast failure recovery. For this reason, it is very important to reduce synchronization time after a node's outage. To provide fast @@ -3539,7 +3485,6 @@ Device 1K-blocks Used Av latency is too high for other modes. - @@ -3912,9 +3857,6 @@ esac Troubleshooting - - General Troubleshooting Tips - HAST should generally work without issues. However, as with any other software product, there may be times when it does not work as supposed. The sources @@ -3930,7 +3872,6 @@ esac obtained this way. Consider also using -F, which starts &man.hastd.8; in the foreground. - Recovering from the Split-brain Condition From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 20:55:43 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D583EE18; Fri, 21 Mar 2014 20:55:43 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C11F18F; Fri, 21 Mar 2014 20:55:43 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LKthMo005528; Fri, 21 Mar 2014 20:55:43 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LKthWH005527; Fri, 21 Mar 2014 20:55:43 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403212055.s2LKthWH005527@svn.freebsd.org> From: Dru Lavigne Date: Fri, 21 Mar 2014 20:55:43 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44324 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 20:55:43 -0000 Author: dru Date: Fri Mar 21 20:55:43 2014 New Revision: 44324 URL: http://svnweb.freebsd.org/changeset/doc/44324 Log: Add acronym tags to Storage chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Fri Mar 21 20:34:38 2014 (r44323) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Fri Mar 21 20:55:43 2014 (r44324) @@ -16,7 +16,7 @@ This chapter covers the use of disks in &os;. This includes memory-backed disks, network-attached disks, standard SCSI/IDE - storage devices, and devices using the USB interface. + storage devices, and devices using the USB interface. After reading this chapter, you will know: @@ -32,7 +32,7 @@ - How to configure &os; to use USB storage devices. + How to configure &os; to use USB storage devices. @@ -50,7 +50,7 @@ - How to create and burn CDs and DVDs on &os;. + How to create and burn CDs and DVDs on &os;. @@ -93,44 +93,44 @@ - IDE hard drives + IDE hard drives ad or ada - IDE CD-ROM drives + IDE CD-ROM drives acd or cd - SATA hard drives + SATA hard drives ad or ada - SATA CD-ROM drives + SATA CD-ROM drives acd or cd - SCSI hard drives and USB Mass storage + SCSI hard drives and USB Mass storage devices da - SCSI CD-ROM drives + SCSI CD-ROM drives cd - Assorted non-standard CD-ROM drives - mcd for Mitsumi CD-ROM and - scd for Sony CD-ROM devices + Assorted non-standard CD-ROM drives + mcd for Mitsumi CD-ROM and + scd for Sony CD-ROM devices @@ -139,12 +139,12 @@ - SCSI tape drives + SCSI tape drives sa - IDE tape drives + IDE tape drives ast @@ -402,7 +402,7 @@ super-block backups (for fsck -b #) at: - USB Storage Devices + <acronym>USB</acronym> Storage Devices @@ -420,16 +420,16 @@ super-block backups (for fsck -b #) at: disks - Many external storage solutions, such as hard drives, USB + Many external storage solutions, such as hard drives, USB thumbdrives, and CD/DVD burners, use the Universal Serial Bus - (USB). &os; provides support for these devices. + (USB). &os; provides support for these devices. Configuration - The USB mass storage devices driver, &man.umass.4;, is + The USB mass storage devices driver, &man.umass.4;, is built into the GENERIC kernel and - provides support for USB storage devices. For a custom + provides support for USB storage devices. For a custom kernel, be sure that the following lines are present in the kernel configuration file: @@ -442,21 +442,21 @@ device ehci device usb device umass - Since the &man.umass.4; driver uses the SCSI subsystem to - access the USB storage devices, any USB device will be seen as - a SCSI device by the system. Depending on the USB chipset on + Since the &man.umass.4; driver uses the SCSI subsystem to + access the USB storage devices, any USB device will be seen as + a SCSI device by the system. Depending on the USB chipset on the motherboard, device uhci or - device ohci is used to provide USB 1.X - support. Support for USB 2.0 controllers is provided by + device ohci is used to provide USB 1.X + support. Support for USB 2.0 controllers is provided by device ehci. - If the USB device is a CD or DVD burner, &man.cd.4;, + If the USB device is a CD or DVD burner, &man.cd.4;, must be added to the kernel via the line: device cd - Since the burner is seen as a SCSI drive, the driver + Since the burner is seen as a SCSI drive, the driver &man.atapicam.4; should not be used in the kernel configuration. @@ -465,7 +465,7 @@ device umass Testing the Configuration - To test the USB configuration, plug in the USB device. In + To test the USB configuration, plug in the USB device. In the system message buffer, &man.dmesg.8;, the drive should appear as something like: @@ -479,8 +479,8 @@ da0: 126MB (258048 512 byte sectors: 64H The brand, device node (da0), and other details will differ according to the device. - Since the USB device is seen as a SCSI one, - camcontrol can be used to list the USB + Since the USB device is seen as a SCSI one, + camcontrol can be used to list the USB storage devices attached to the system: &prompt.root; camcontrol devlist @@ -488,7 +488,7 @@ da0: 126MB (258048 512 byte sectors: 64H If the drive comes with a file system, it can be mounted. Refer to for - instructions on how to format and create partitions on the USB + instructions on how to format and create partitions on the USB drive. @@ -511,12 +511,12 @@ da0: 126MB (258048 512 byte sectors: 64H add path 'da*' mode 0660 group operator - If SCSI disks are installed in the system, change + If SCSI disks are installed in the system, change the second line as follows: add path 'da[3-9]*' mode 0660 group operator - This will exclude the first three SCSI disks + This will exclude the first three SCSI disks (da0 to da2)from belonging to the operator @@ -551,7 +551,7 @@ add path 'da*' mode 0660 group operator< &prompt.root; mkdir /mnt/username &prompt.root; chown username:usergroup /mnt/username - Suppose a USB thumbdrive is plugged in, and a device + Suppose a USB thumbdrive is plugged in, and a device /dev/da0s1 appears. If the device is preformatted with a FAT file system, it can be mounted using: @@ -584,7 +584,7 @@ umass0: detached - Creating and Using CD Media + Creating and Using <acronym>CD</acronym> Media @@ -598,22 +598,22 @@ umass0: detached - CD-ROMs + CD-ROMs creating - CD media provide a number of features that differentiate + CD media provide a number of features that differentiate them from conventional disks. Initially, they were not writable by the user. They are designed so that they can be read continuously without delays to move the head between tracks. They are also much easier to transport between systems. - CD media do have tracks, but this refers to a section of + CD media do have tracks, but this refers to a section of data to be read continuously and not a physical property of - the disk. For example, to produce a CD on &os;, prepare the - data files that are going to make up the tracks on the CD, - then write the tracks to the CD. + the disk. For example, to produce a CD on &os;, prepare the + data files that are going to make up the tracks on the CD, + then write the tracks to the CD. ISO 9660 @@ -624,7 +624,7 @@ umass0: detached The ISO 9660 file system was designed to deal with these differences. To overcome the original file system limits, it provides an extension mechanism that allows properly written - CDs to exceed those limits while still working with systems + CDs to exceed those limits while still working with systems that do not support those extensions. @@ -638,27 +638,27 @@ umass0: detached below. - CD burner - ATAPI + CD burner + ATAPI - Which tool to use to burn the CD depends on whether the - CD burner is ATAPI or something else. ATAPI CD burners use + Which tool to use to burn the CD depends on whether the + CD burner is ATAPI or something else. ATAPI CD burners use burncd which is part of the base system. - SCSI and USB CD burners should use cdrecord + SCSI and USB CD burners should use cdrecord from the sysutils/cdrtools port. It is also possible to use cdrecord and other - tools for SCSI drives on ATAPI hardware with the + tools for SCSI drives on ATAPI hardware with the ATAPI/CAM module. - For CD burning software with a graphical user + For CD burning software with a graphical user interface, consider X-CD-Roast or K3b. These tools are available as packages or from the sysutils/xcdroast and sysutils/k3b ports. X-CD-Roast and K3b require the - ATAPI/CAM module with ATAPI + ATAPI/CAM module with ATAPI hardware. @@ -699,7 +699,7 @@ umass0: detached Microsoft systems, and can be used to create HFS file systems used by &macos;. - For CDs that are going to be used only on &os; systems, + For CDs that are going to be used only on &os; systems, can be used to disable all filename restrictions. When used with , it produces a file system image that is identical to the specified &os; @@ -707,14 +707,14 @@ umass0: detached of ways. - CD-ROMs + CD-ROMs creating bootable The last option of general use is . This is used to specify the location of the boot image for use - in producing an El Torito bootable CD. This + in producing an El Torito bootable CD. This option takes an argument which is the path to a boot image - from the top of the tree being written to the CD. By default, + from the top of the tree being written to the CD. By default, &man.mkisofs.8; creates an ISO image in floppy disk emulation mode, and thus expects the boot image to be exactly 1200, 1440 or 2880 KB in @@ -748,11 +748,11 @@ umass0: detached <application>burncd</application> - CD-ROMs + CD-ROMs burning - For an ATAPI CD burner, burncd can be - used to burn an ISO image onto a CD. + For an ATAPI CD burner, burncd can be + used to burn an ISO image onto a CD. burncd is part of the base system, installed as /usr/sbin/burncd. Usage is very simple, as it has few options: @@ -763,15 +763,15 @@ umass0: detached imagefile.iso on cddevice. The default device is /dev/acd0. See &man.burncd.8; for - options to set the write speed, eject the CD after burning, + options to set the write speed, eject the CD after burning, and write audio data. <application>cdrecord</application> - For systems without an ATAPI CD burner, - cdrecord can be used to burn CDs. + For systems without an ATAPI CD burner, + cdrecord can be used to burn CDs. cdrecord is not part of the base system and must be installed from either the sysutils/cdrtools package or port. Changes @@ -794,7 +794,7 @@ umass0: detached results like this: - CD-ROMs + CD-ROMs burning &prompt.root; cdrecord -scanbus @@ -820,7 +820,7 @@ scsibus1: 1,7,0 107) * This lists the appropriate value for - the devices on the list. Locate the CD burner, and use the + the devices on the list. Locate the CD burner, and use the three numbers separated by commas as the value for . In this case, the CRW device is 1,5,0, so the appropriate input is . @@ -830,15 +830,15 @@ scsibus1: - Duplicating Audio CDs + Duplicating Audio <acronym>CD</acronym>s - To duplicate an audio CD, extract the audio data from the - CD to a series of files, then write these files to a blank CD. - The process is slightly different for ATAPI and SCSI + To duplicate an audio CD, extract the audio data from the + CD to a series of files, then write these files to a blank CD. + The process is slightly different for ATAPI and SCSI drives. - SCSI Drives + <acronym>SCSI</acronym> Drives Use cdda2wav to extract the @@ -860,19 +860,19 @@ scsibus1: - ATAPI Drives + <acronym>ATAPI</acronym> Drives With the help of the ATAPI/CAM module, - cdda2wav can also be used on ATAPI + cdda2wav can also be used on ATAPI drives. This tool is usually a better choice for most of users, as it supports jitter correction and endianness, than the method proposed below. - The ATAPI CD driver makes each track available as + The ATAPI CD driver makes each track available as /dev/acddtnn, where d is the drive number, and nn is the track number @@ -910,52 +910,52 @@ scsibus1: - Duplicating Data CDs + Duplicating Data <acronym>CD</acronym>s - It is possible to copy a data CD to an image file that is + It is possible to copy a data CD to an image file that is functionally equivalent to the image file created with - &man.mkisofs.8;, and then use it to duplicate any data CD. - The example given here assumes that the CD-ROM device is - acd0. Substitute the correct CD-ROM + &man.mkisofs.8;, and then use it to duplicate any data CD. + The example given here assumes that the CD-ROM device is + acd0. Substitute the correct CD-ROM device. &prompt.root; dd if=/dev/acd0 of=file.iso bs=2048 - Now that there is an image, it can be burned to CD as + Now that there is an image, it can be burned to CD as described above. - Using Data CDs + Using Data <acronym>CD</acronym>s It is possible to mount and read the data on a standard - data CD. By default, &man.mount.8; assumes that a file system + data CD. By default, &man.mount.8; assumes that a file system is of type ufs. Running this command: &prompt.root; mount /dev/cd0 /mnt will generate an error about Incorrect super - block, and will fail to mount the CD. The CD + block, and will fail to mount the CD. The CD does not use the UFS file system, so attempts to mount it as such will fail. Instead, tell &man.mount.8; that the file system is of type ISO9660 by specifying to &man.mount.8;. For example, - to mount the CD-ROM device, /dev/cd0, + to mount the CD-ROM device, /dev/cd0, under /mnt, use: &prompt.root; mount -t cd9660 /dev/cd0 /mnt Replace /dev/cd0 with the device - name for the CD device. Also, + name for the CD device. Also, executes &man.mount.cd9660.8;, meaning the above command is equivalent to: &prompt.root; mount_cd9660 /dev/cd0 /mnt - While data CD-ROMs from any vendor can be mounted this + While data CD-ROMs from any vendor can be mounted this way, disks with certain ISO 9660 extensions might behave oddly. For example, Joliet disks store all filenames in two-byte Unicode characters. The &os; kernel does not speak @@ -979,13 +979,13 @@ scsibus1: Occasionally, Device not configured - will be displayed when trying to mount a CD-ROM. This - usually means that the CD-ROM drive thinks that there is no + will be displayed when trying to mount a CD-ROM. This + usually means that the CD-ROM drive thinks that there is no disk in the tray, or that the drive is not visible on the bus. - It can take a couple of seconds for a CD-ROM drive to realize + It can take a couple of seconds for a CD-ROM drive to realize that a media is present, so be patient. - Sometimes, a SCSI CD-ROM may be missed because it did not + Sometimes, a SCSI CD-ROM may be missed because it did not have enough time to answer the bus reset. To resolve this, add the following option to the kernel configuration and rebuild the @@ -993,29 +993,29 @@ scsibus1: options SCSI_DELAY=15000 - This tells the SCSI bus to pause 15 seconds during boot, - to give the CD-ROM drive every possible chance to answer the + This tells the SCSI bus to pause 15 seconds during boot, + to give the CD-ROM drive every possible chance to answer the bus reset. Burning Raw Data CDs - It is possible to burn a file directly to CD, without + It is possible to burn a file directly to CD, without creating an ISO 9660 file system. Some people do this for backup purposes. This command runs more quickly than burning - a standard CD: + a standard CD: &prompt.root; burncd -f /dev/acd1 -s 12 data archive.tar.gz fixate - In order to retrieve the data burned to such a CD, the + In order to retrieve the data burned to such a CD, the data must be read from the raw device node: &prompt.root; tar xzvf /dev/acd1 - This type of disk can not be mounted as a normal CD-ROM + This type of disk can not be mounted as a normal CD-ROM and the data cannot be read under any operating system except - &os;. In order to mount the CD, or to share the data with + &os;. In order to mount the CD, or to share the data with another operating system, &man.mkisofs.8; must be used as described above. @@ -1036,12 +1036,12 @@ scsibus1: - CD burner + CD burner ATAPI/CAM driver - This driver allows ATAPI devices, such as CD/DVD drives, - to be accessed through the SCSI subsystem, and so allows the + This driver allows ATAPI devices, such as CD/DVD drives, + to be accessed through the SCSI subsystem, and so allows the use of applications like sysutils/cdrdao or &man.cdrecord.1;. @@ -1082,30 +1082,30 @@ cd0: Attempt to query device size failed The drive can now be accessed via the /dev/cd0 device name. For example, to - mount a CD-ROM on /mnt, + mount a CD-ROM on /mnt, type the following: &prompt.root; mount -t cd9660 /dev/cd0 /mnt As root, run the - following command to get the SCSI address of the + following command to get the SCSI address of the burner: &prompt.root; camcontrol devlist <MATSHITA CDRW/DVD UJDA740 1.00> at scbus1 target 0 lun 0 (pass0,cd0) - In this example, 1,0,0 is the SCSI - address to use with &man.cdrecord.1; and other SCSI + In this example, 1,0,0 is the SCSI + address to use with &man.cdrecord.1; and other SCSI applications. - For more information about ATAPI/CAM and SCSI system, + For more information about ATAPI/CAM and SCSI system, refer to &man.atapicam.4; and &man.cam.4;. - Creating and Using DVD Media + Creating and Using <acronym>DVD</acronym> Media @@ -1128,62 +1128,62 @@ cd0: Attempt to query device size failed - DVD + DVD burning - Compared to the CD, the DVD is the next generation of - optical media storage technology. The DVD can hold more data - than any CD and is the standard for video publishing. + Compared to the CD, the DVD is the next generation of + optical media storage technology. The DVD can hold more data + than any CD and is the standard for video publishing. Five physical recordable formats can be defined for a - recordable DVD: + recordable DVD: - DVD-R: This was the first DVD recordable format + DVD-R: This was the first DVD recordable format available. The DVD-R standard is defined by the - DVD + DVD Forum. This format is write once. - DVD-RW: This is the rewritable version of the - DVD-R standard. A DVD-RW can be rewritten about 1000 + DVD-RW: This is the rewritable version of the + DVD-R standard. A DVD-RW can be rewritten about 1000 times. - DVD-RAM: This is a rewritable format which can be seen + DVD-RAM: This is a rewritable format which can be seen as a removable hard drive. However, this media is not - compatible with most DVD-ROM drives and DVD-Video players - as only a few DVD writers support the DVD-RAM format. + compatible with most DVD-ROM drives and DVD-Video players + as only a few DVD writers support the DVD-RAM format. Refer to for more - information on DVD-RAM use. + information on DVD-RAM use. - DVD+RW: This is a rewritable format defined by - the DVD+RW - Alliance. A DVD+RW can be rewritten about 1000 + DVD+RW: This is a rewritable format defined by + the DVD+RW + Alliance. A DVD+RW can be rewritten about 1000 times. DVD+R: This format is the write once variation - of the DVD+RW format. + of the DVD+RW format. - A single layer recordable DVD can hold up to + A single layer recordable DVD can hold up to 4,700,000,000 bytes which is actually 4.38 GB or 4485 MB as 1 kilobyte is 1024 bytes. A distinction must be made between the physical media and the application. For example, a DVD-Video is a specific - file layout that can be written on any recordable DVD - physical media such as DVD-R, DVD+R, or DVD-RW. Before + file layout that can be written on any recordable DVD + physical media such as DVD-R, DVD+R, or DVD-RW. Before choosing the type of media, ensure that both the burner and the DVD-Video player are compatible with the media under consideration. @@ -1192,19 +1192,19 @@ cd0: Attempt to query device size failed Configuration - To perform DVD recording, use &man.growisofs.1;. This + To perform DVD recording, use &man.growisofs.1;. This command is part of the sysutils/dvd+rw-tools utilities which - support all DVD media types. + support all DVD media types. - These tools use the SCSI subsystem to access the devices, + These tools use the SCSI subsystem to access the devices, therefore ATAPI/CAM support must be loaded or statically compiled into the kernel. This - support is not needed if the burner uses the USB interface. + support is not needed if the burner uses the USB interface. Refer to for more details - on USB device configuration. + on USB device configuration. - DMA access must also be enabled for ATAPI devices, by + DMA access must also be enabled for ATAPI devices, by adding the following line to /boot/loader.conf: @@ -1224,12 +1224,12 @@ cd0: Attempt to query device size failed - Burning Data DVDs + Burning Data <acronym>DVD</acronym>s Since &man.growisofs.1; is a front-end to mkisofs, it will invoke &man.mkisofs.8; to create the file system layout and perform - the write on the DVD. This means that an image of the data + the write on the DVD. This means that an image of the data does not need to be created before the burning process. To burn to a DVD+R or a DVD-R the data in @@ -1245,11 +1245,11 @@ cd0: Attempt to query device size failed For the initial session recording, is used for both single and multiple sessions. Replace - /dev/cd0, with the name of the DVD + /dev/cd0, with the name of the DVD device. Using indicates that the disk will be closed and that the recording will be unappendable. This should also provide better media - compatibility with DVD-ROM drives. + compatibility with DVD-ROM drives. To burn a pre-mastered image, such as imagefile.iso, use: @@ -1295,10 +1295,10 @@ cd0: Attempt to query device size failed - Burning a DVD-Video + Burning a <acronym>DVD</acronym>-Video - DVD + DVD DVD-Video @@ -1306,11 +1306,11 @@ cd0: Attempt to query device size failed 9660 and micro-UDF (M-UDF) specifications. Since DVD-Video presents a specific data structure hierarchy, a particular program such as multimedia/dvdauthor is - needed to author the DVD. + needed to author the DVD. If an image of the DVD-Video file system already exists, it can be burned in the same way as any other image. If - dvdauthor was used to make the DVD and the + dvdauthor was used to make the DVD and the result is in /path/to/video, the following command should be used to burn the DVD-Video: @@ -1323,40 +1323,40 @@ cd0: Attempt to query device size failed - Using a DVD+RW + Using a <acronym>DVD+RW</acronym> - DVD - DVD+RW + DVD + DVD+RW - Unlike CD-RW, a virgin DVD+RW needs to be formatted before + Unlike CD-RW, a virgin DVD+RW needs to be formatted before first use. It is recommended to let &man.growisofs.1; take care of this automatically whenever appropriate. However, it is possible to use - dvd+rw-format to format the DVD+RW: + dvd+rw-format to format the DVD+RW: &prompt.root; dvd+rw-format /dev/cd0 Only perform this operation once and keep in mind that - only virgin DVD+RW medias need to be formatted. Once - formatted, the DVD+RW can be burned as usual. + only virgin DVD+RW medias need to be formatted. Once + formatted, the DVD+RW can be burned as usual. To burn a totally new file system and not just append some - data onto a DVD+RW, the media does not need to be blanked + data onto a DVD+RW, the media does not need to be blanked first. Instead, write over the previous recording like this: &prompt.root; growisofs -Z /dev/cd0 -J -R /path/to/newdata - The DVD+RW format supports appending data to a previous + The DVD+RW format supports appending data to a previous recording. This operation consists of merging a new session to the existing one as it is not considered to be multi-session writing. &man.growisofs.1; will grow the ISO 9660 file system present on the media. - For example, to append data to a DVD+RW, use the + For example, to append data to a DVD+RW, use the following: &prompt.root; growisofs -M /dev/cd0 -J -R /path/to/nextdata @@ -1366,7 +1366,7 @@ cd0: Attempt to query device size failed Use for better media - compatibility with DVD-ROM drives. When using DVD+RW, this + compatibility with DVD-ROM drives. When using DVD+RW, this option will not prevent the addition of data. @@ -1376,31 +1376,31 @@ cd0: Attempt to query device size failed - Using a DVD-RW + Using a <acronym>DVD-RW</acronym> - DVD - DVD-RW + DVD + DVD-RW - A DVD-RW accepts two disc formats: incremental sequential - and restricted overwrite. By default, DVD-RW discs are in + A DVD-RW accepts two disc formats: incremental sequential + and restricted overwrite. By default, DVD-RW discs are in sequential format. - A virgin DVD-RW can be directly written without being - formatted. However, a non-virgin DVD-RW in sequential format + A virgin DVD-RW can be directly written without being + formatted. However, a non-virgin DVD-RW in sequential format needs to be blanked before writing a new initial session. - To blank a DVD-RW in sequential mode: + To blank a DVD-RW in sequential mode: &prompt.root; dvd+rw-format -blank=full /dev/cd0 A full blanking using will take about one hour on a 1x media. A fast blanking can be - performed using , if the DVD-RW will - be recorded in Disk-At-Once (DAO) mode. To burn the DVD-RW + performed using , if the DVD-RW will + be recorded in Disk-At-Once (DAO) mode. To burn the DVD-RW in DAO mode, use the command: &prompt.root; growisofs -use-the-force-luke=dao -Z /dev/cd0=imagefile.iso @@ -1411,29 +1411,29 @@ cd0: Attempt to query device size failed required. One should instead use restricted overwrite mode with - any DVD-RW as this format is more flexible than the default + any DVD-RW as this format is more flexible than the default of incremental sequential. - To write data on a sequential DVD-RW, use the same - instructions as for the other DVD formats: + To write data on a sequential DVD-RW, use the same + instructions as for the other DVD formats: &prompt.root; growisofs -Z /dev/cd0 -J -R /path/to/data To append some data to a previous recording, use with &man.growisofs.1;. However, if data - is appended on a DVD-RW in incremental sequential mode, a new + is appended on a DVD-RW in incremental sequential mode, a new session will be created on the disc and the result will be a multi-session disc. - A DVD-RW in restricted overwrite format does not need to + A DVD-RW in restricted overwrite format does not need to be blanked before a new initial session. Instead, overwrite the disc with . It is also possible to grow an existing ISO 9660 file system written on the disc with . The result will be a one-session - DVD. + DVD. - To put a DVD-RW in restricted overwrite format, the + To put a DVD-RW in restricted overwrite format, the following command must be used: &prompt.root; dvd+rw-format /dev/cd0 @@ -1446,19 +1446,19 @@ cd0: Attempt to query device size failed Multi-Session - Few DVD-ROM drives support multi-session DVDs and most of - the time only read the first session. DVD+R, DVD-R and DVD-RW + Few DVD-ROM drives support multi-session DVDs and most of + the time only read the first session. DVD+R, DVD-R and DVD-RW in sequential format can accept multiple sessions. The notion - of multiple sessions does not exist for the DVD+RW and the - DVD-RW restricted overwrite formats. + of multiple sessions does not exist for the DVD+RW and the + DVD-RW restricted overwrite formats. Using the following command after an initial non-closed - session on a DVD+R, DVD-R, or DVD-RW in sequential format, + session on a DVD+R, DVD-R, or DVD-RW in sequential format, will add a new session to the disc: &prompt.root; growisofs -M /dev/cd0 -J -R /path/to/nextdata - Using this command with a DVD+RW or a DVD-RW in restricted + Using this command with a DVD+RW or a DVD-RW in restricted overwrite mode will append data while merging the new session to the existing one. The result will be a single-session disc. Use this method to add data after an initial write on @@ -1477,7 +1477,7 @@ cd0: Attempt to query device size failed For More Information - To obtain more information about a DVD, use + To obtain more information about a DVD, use dvd+rw-mediainfo /dev/cd0 while the disc in the specified drive. @@ -1498,22 +1498,22 @@ cd0: Attempt to query device size failed - Using a DVD-RAM + Using a <acronym>DVD-RAM</acronym> - DVD - DVD-RAM + DVD + DVD-RAM - DVD-RAM writers can use either a SCSI or ATAPI - interface. For ATAPI devices, DMA access has to be + DVD-RAM writers can use either a SCSI or ATAPI + interface. For ATAPI devices, DMA access has to be enabled by adding the following line to /boot/loader.conf: hw.ata.atapi_dma="1" - A DVD-RAM can be seen as a removable hard drive. Like - any other hard drive, the DVD-RAM must be formatted before + A DVD-RAM can be seen as a removable hard drive. Like + any other hard drive, the DVD-RAM must be formatted before it can be used. In this example, the whole disk space will be formatted with a standard UFS2 file system: @@ -1521,15 +1521,15 @@ cd0: Attempt to query device size failed &prompt.root; bsdlabel -Bw acd0 &prompt.root; newfs /dev/acd0 - The DVD device, acd0, must be + The DVD device, acd0, must be changed according to the configuration. - Once the DVD-RAM has been formatted, it can be mounted + Once the DVD-RAM has been formatted, it can be mounted as a normal hard drive: &prompt.root; mount /dev/acd0 /mnt - Once mounted, the DVD-RAM will be both readable and + Once mounted, the DVD-RAM will be both readable and writeable. @@ -1618,8 +1618,8 @@ cd0: Attempt to query device size failed to be used in a modern system. Modern backup systems tend to use off site combined with local removable disk drive technologies. Still, &os; will support any tape drive that - uses SCSI, such as LTO and older devices such as DAT. There is - limited support for SATA and USB tape drives. + uses SCSI, such as LTO and older devices such as DAT. There is + limited support for SATA and USB tape drives. Serial Access with &man.sa.4; @@ -2002,7 +2002,7 @@ cd0: Attempt to query device size failed - livefs CD + livefs CD Store this printout and a copy of the installation media in a secure location. Should an emergency restore be needed, boot into the installation media and select @@ -2015,7 +2015,7 @@ cd0: Attempt to query device size failed The installation media for &os;/&arch.i386; &rel2.current;-RELEASE does not *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 20:56:50 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A59B6E82; Fri, 21 Mar 2014 20:56:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 9275498; Fri, 21 Mar 2014 20:56:50 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LKuoEV005665; Fri, 21 Mar 2014 20:56:50 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LKuoMv005664; Fri, 21 Mar 2014 20:56:50 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403212056.s2LKuoMv005664@svn.freebsd.org> From: Dru Lavigne Date: Fri, 21 Mar 2014 20:56:50 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44325 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 20:56:50 -0000 Author: dru Date: Fri Mar 21 20:56:50 2014 New Revision: 44325 URL: http://svnweb.freebsd.org/changeset/doc/44325 Log: Fix grammo. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Mar 21 20:55:43 2014 (r44324) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Mar 21 20:56:50 2014 (r44325) @@ -456,7 +456,7 @@ Enter new password: IDS system. In fact, as part of the nightly &man.periodic.8; security emails will notify an administrator of changes. Since the information is stored - locally, there is a change a malicious user could modify and + locally, there is a chance a malicious user could modify and spoof the information. As such, it is recommended to create a separate set of binary signatures and store them on a read only, root owned directory or, From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 21:37:43 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4EE3438F; Fri, 21 Mar 2014 21:37:43 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 3BB20677; Fri, 21 Mar 2014 21:37:43 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LLbh3V022298; Fri, 21 Mar 2014 21:37:43 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LLbhIA022297; Fri, 21 Mar 2014 21:37:43 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403212137.s2LLbhIA022297@svn.freebsd.org> From: Glen Barber Date: Fri, 21 Mar 2014 21:37:43 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44326 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 21:37:43 -0000 Author: gjb Date: Fri Mar 21 21:37:42 2014 New Revision: 44326 URL: http://svnweb.freebsd.org/changeset/doc/44326 Log: Add protect(1). Sponsored by: The FreeBSD Foundation Modified: head/share/xml/man-refs.ent Modified: head/share/xml/man-refs.ent ============================================================================== --- head/share/xml/man-refs.ent Fri Mar 21 20:56:50 2014 (r44325) +++ head/share/xml/man-refs.ent Fri Mar 21 21:37:42 2014 (r44326) @@ -523,6 +523,7 @@ printenv1"> printf1"> procstat1"> +protect1"> ps1"> psbb1"> psroff1"> From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 21:54:51 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A6B82230; Fri, 21 Mar 2014 21:54:51 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 92BE8861; Fri, 21 Mar 2014 21:54:51 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LLsp1s030278; Fri, 21 Mar 2014 21:54:51 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LLspGx030277; Fri, 21 Mar 2014 21:54:51 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403212154.s2LLspGx030277@svn.freebsd.org> From: Dru Lavigne Date: Fri, 21 Mar 2014 21:54:51 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44327 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 21:54:51 -0000 Author: dru Date: Fri Mar 21 21:54:51 2014 New Revision: 44327 URL: http://svnweb.freebsd.org/changeset/doc/44327 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Fri Mar 21 21:37:42 2014 (r44326) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Fri Mar 21 21:54:51 2014 (r44327) @@ -16,7 +16,8 @@ This chapter covers the use of disks in &os;. This includes memory-backed disks, network-attached disks, standard SCSI/IDE - storage devices, and devices using the USB interface. + storage devices, and devices using the USB + interface. After reading this chapter, you will know: @@ -32,7 +33,8 @@ - How to configure &os; to use USB storage devices. + How to configure &os; to use USB + storage devices. @@ -50,7 +52,8 @@ - How to create and burn CDs and DVDs on &os;. + How to create and burn CDs and + DVDs on &os;. @@ -99,7 +102,8 @@     - IDE CD-ROM drives + IDE CD-ROM + drives acd or cd @@ -111,26 +115,32 @@ - SATA CD-ROM drives + SATA CD-ROM + drives acd or cd - SCSI hard drives and USB Mass storage + SCSI hard drives and + USB Mass storage devices da - SCSI CD-ROM drives + SCSI CD-ROM + drives cd - Assorted non-standard CD-ROM drives - mcd for Mitsumi CD-ROM and - scd for Sony CD-ROM devices + Assorted non-standard CD-ROM + drives + mcd for Mitsumi + CD-ROM and + scd for Sony + CD-ROM devices @@ -420,18 +430,19 @@ super-block backups (for fsck -b #) at: disks - Many external storage solutions, such as hard drives, USB - thumbdrives, and CD/DVD burners, use the Universal Serial Bus - (USB). &os; provides support for these devices. + Many external storage solutions, such as hard drives, + USB thumbdrives, and CD/DVD burners, use the + Universal Serial Bus (USB). &os; provides + support for these devices. Configuration - The USB mass storage devices driver, &man.umass.4;, is - built into the GENERIC kernel and - provides support for USB storage devices. For a custom - kernel, be sure that the following lines are present in the - kernel configuration file: + The USB mass storage devices driver, + &man.umass.4;, is built into the GENERIC + kernel and provides support for USB storage + devices. For a custom kernel, be sure that the following + lines are present in the kernel configuration file: device scbus device da @@ -442,32 +453,38 @@ device ehci device usb device umass - Since the &man.umass.4; driver uses the SCSI subsystem to - access the USB storage devices, any USB device will be seen as - a SCSI device by the system. Depending on the USB chipset on - the motherboard, device uhci or - device ohci is used to provide USB 1.X - support. Support for USB 2.0 controllers is provided by + Since the &man.umass.4; driver uses the + SCSI subsystem to access the + USB storage devices, any + USB device will be seen as a + SCSI device by the system. Depending on + the USB chipset on the motherboard, + device uhci or + device ohci is used to provide + USB 1.X support. Support for + USB 2.0 controllers is provided by device ehci. - If the USB device is a CD or DVD burner, &man.cd.4;, - must be added to the kernel via the line: + If the USB device is a + CD or DVD burner, + &man.cd.4;, must be added to the kernel via the line: device cd - Since the burner is seen as a SCSI drive, the driver - &man.atapicam.4; should not be used in the kernel - configuration. + Since the burner is seen as a SCSI + drive, the driver &man.atapicam.4; should not be used in the + kernel configuration. Testing the Configuration - To test the USB configuration, plug in the USB device. In - the system message buffer, &man.dmesg.8;, the drive should - appear as something like: + To test the USB configuration, plug in + the USB device. In the system message + buffer, &man.dmesg.8;, the drive should appear as something + like: umass0: USB Solid state disk, rev 1.10/1.00, addr 2 GEOM: create disk da0 dp=0xc2d74850 @@ -479,17 +496,18 @@ da0: 126MB (258048 512 byte sectors: 64H The brand, device node (da0), and other details will differ according to the device. - Since the USB device is seen as a SCSI one, - camcontrol can be used to list the USB - storage devices attached to the system: + Since the USB device is seen as a + SCSI one, camcontrol can + be used to list the USB storage devices + attached to the system: &prompt.root; camcontrol devlist <Generic Traveling Disk 1.11> at scbus0 target 0 lun 0 (da0,pass0) If the drive comes with a file system, it can be mounted. - Refer to for - instructions on how to format and create partitions on the USB - drive. + Refer to for instructions on + how to format and create partitions on the + USB drive. Allowing untrusted users to mount arbitrary media, by @@ -502,25 +520,24 @@ da0: 126MB (258048 512 byte sectors: 64H To make the device mountable as a normal user, one solution is to make all users of the device a member of the operator group - using &man.pw.8;. Next, ensure that the - operator group is - able to read and write the device by adding these lines to + using &man.pw.8;. Next, ensure that the operator group is able to + read and write the device by adding these lines to /etc/devfs.rules: [localrules=5] add path 'da*' mode 0660 group operator - If SCSI disks are installed in the system, change - the second line as follows: + If SCSI disks are installed in the + system, change the second line as follows: add path 'da[3-9]*' mode 0660 group operator - This will exclude the first three SCSI disks - (da0 to - da2)from belonging to the - operator - group. + This will exclude the first three + SCSI disks (da0 to + da2)from belonging to the operator group. Next, enable the &man.devfs.rules.5; ruleset in @@ -551,10 +568,10 @@ add path 'da*' mode 0660 group operator< &prompt.root; mkdir /mnt/username &prompt.root; chown username:usergroup /mnt/username - Suppose a USB thumbdrive is plugged in, and a device - /dev/da0s1 appears. If the device is - preformatted with a FAT file system, it can be mounted - using: + Suppose a USB thumbdrive is plugged in, + and a device /dev/da0s1 appears. If the + device is preformatted with a FAT file system, it can be + mounted using: &prompt.user; mount -t msdosfs -o -m=644,-M=755 /dev/da0s1 /mnt/username @@ -602,64 +619,70 @@ umass0: detached creating - CD media provide a number of features that differentiate - them from conventional disks. Initially, they were not - writable by the user. They are designed so that they can be - read continuously without delays to move the head between - tracks. They are also much easier to transport between - systems. - - CD media do have tracks, but this refers to a section of - data to be read continuously and not a physical property of - the disk. For example, to produce a CD on &os;, prepare the - data files that are going to make up the tracks on the CD, - then write the tracks to the CD. + CD media provide a number of features + that differentiate them from conventional disks. Initially, + they were not writable by the user. They are designed so that + they can be read continuously without delays to move the head + between tracks. They are also much easier to transport + between systems. + + CD media do have tracks, but this refers + to a section of data to be read continuously and not a physical + property of the disk. For example, to produce a + CD on &os;, prepare the data files that are + going to make up the tracks on the CD, then + write the tracks to the CD. - ISO 9660 - - file systems - ISO 9660 - + ISO 9660 + + file systems + ISO 9660 + - The ISO 9660 file system was designed to deal with these - differences. To overcome the original file system limits, it - provides an extension mechanism that allows properly written - CDs to exceed those limits while still working with systems - that do not support those extensions. + The ISO 9660 file system was designed to deal with these + differences. To overcome the original file system limits, it + provides an extension mechanism that allows properly written + CDs to exceed those limits while still + working with systems that do not support those + extensions. - - sysutils/cdrtools - + + sysutils/cdrtools + - The sysutils/cdrtools - port includes &man.mkisofs.8;, a program that can be used to - produce a data file containing an ISO 9660 file system. It - has options that support various extensions, and is described - below. + The sysutils/cdrtools port includes + &man.mkisofs.8;, a program that can be used to produce a data + file containing an ISO 9660 file system. It has options that + support various extensions, and is described below. - - CD burner - ATAPI - + + CD burner + ATAPI + - Which tool to use to burn the CD depends on whether the - CD burner is ATAPI or something else. ATAPI CD burners use - burncd which is part of the base system. - SCSI and USB CD burners should use cdrecord - from the sysutils/cdrtools port. It is - also possible to use cdrecord and other - tools for SCSI drives on ATAPI hardware with the - ATAPI/CAM module. - - For CD burning software with a graphical user - interface, consider X-CD-Roast or - K3b. These tools are available as - packages or from the sysutils/xcdroast and - sysutils/k3b ports. - X-CD-Roast and - K3b require the - ATAPI/CAM module with ATAPI - hardware. + Which tool to use to burn the CD depends + on whether the CD burner is + ATAPI or something else. + ATAPI CD burners use + burncd which is part of the base system. + SCSI and USB + CD burners should use + cdrecord from the + sysutils/cdrtools port. It is also possible + to use cdrecord and other tools for + SCSI drives on ATAPI + hardware with the ATAPI/CAM + module. + + For CD burning software with a graphical + user interface, consider X-CD-Roast + or K3b. These tools are available as + packages or from the sysutils/xcdroast and + sysutils/k3b ports. + X-CD-Roast and + K3b require the ATAPI/CAM module with + ATAPI hardware. <application>mkisofs</application> @@ -699,27 +722,29 @@ umass0: detached Microsoft systems, and can be used to create HFS file systems used by &macos;. - For CDs that are going to be used only on &os; systems, - can be used to disable all filename - restrictions. When used with , it produces - a file system image that is identical to the specified &os; - tree, though it may violate the ISO 9660 standard in a number - of ways. + For CDs that are going to be used only + on &os; systems, can be used to disable + all filename restrictions. When used with + , it produces a file system image that is + identical to the specified &os; tree, though it may violate + the ISO 9660 standard in a number of ways. CD-ROMs creating bootable + The last option of general use is . This is used to specify the location of the boot image for use - in producing an El Torito bootable CD. This - option takes an argument which is the path to a boot image - from the top of the tree being written to the CD. By default, - &man.mkisofs.8; creates an ISO image in - floppy disk emulation mode, and thus expects - the boot image to be exactly 1200, 1440 or 2880 KB in - size. Some boot loaders, like the one used by the &os; - distribution disks, do not use emulation mode. In this case, + in producing an El Torito bootable + CD. This option takes an argument which is + the path to a boot image from the top of the tree being + written to the CD. By default, + &man.mkisofs.8; creates an ISO image in floppy disk + emulation mode, and thus expects the boot image to + be exactly 1200, 1440 or 2880 KB in size. Some boot + loaders, like the one used by the &os; distribution disks, do + not use emulation mode. In this case, should be used. So, if /tmp/myboot holds a bootable &os; system with the boot image in @@ -751,8 +776,9 @@ umass0: detached CD-ROMs burning - For an ATAPI CD burner, burncd can be - used to burn an ISO image onto a CD. + For an ATAPI CD + burner, burncd can be used to burn an ISO + image onto a CD. burncd is part of the base system, installed as /usr/sbin/burncd. Usage is very simple, as it has few options: @@ -763,24 +789,26 @@ umass0: detached imagefile.iso on cddevice. The default device is /dev/acd0. See &man.burncd.8; for - options to set the write speed, eject the CD after burning, - and write audio data. + options to set the write speed, eject the + CD after burning, and write audio + data. <application>cdrecord</application> - For systems without an ATAPI CD burner, - cdrecord can be used to burn CDs. + For systems without an ATAPI + CD burner, cdrecord can + be used to burn CDs. cdrecord is not part of the base system and must be installed from either the sysutils/cdrtools package or port. Changes to the base system can cause binary versions of this program to fail, possibly resulting in a coaster. It is recommended to either upgrade the port when the system is - upgraded, or for users - tracking -STABLE, to upgrade the - port when a new version becomes available. + upgraded, or for users tracking + -STABLE, to upgrade the port when a new version + becomes available. While cdrecord has many options, basic usage is simple. Burning an ISO 9660 image is done @@ -820,21 +848,23 @@ scsibus1: 1,7,0 107) * This lists the appropriate value for - the devices on the list. Locate the CD burner, and use the - three numbers separated by commas as the value for - . In this case, the CRW device is 1,5,0, - so the appropriate input is . - Refer to &man.cdrecord.1; for easier ways to specify this - value and for information on writing audio tracks and - controlling the write speed. + the devices on the list. Locate the CD + burner, and use the three numbers separated by commas as the + value for . In this case, the CRW device + is 1,5,0, so the appropriate input is + . Refer to &man.cdrecord.1; for + easier ways to specify this value and for information on + writing audio tracks and controlling the write speed. Duplicating Audio <acronym>CD</acronym>s - To duplicate an audio CD, extract the audio data from the - CD to a series of files, then write these files to a blank CD. - The process is slightly different for ATAPI and SCSI + To duplicate an audio CD, extract the + audio data from the CD to a series of + files, then write these files to a blank + CD. The process is slightly different for + ATAPI and SCSI drives. @@ -854,8 +884,8 @@ scsibus1: &prompt.user; cdrecord -v dev=2,0 -dao -useinfo *.wav Make sure that 2,0 is set - appropriately, as described in - . + appropriately, as described in . @@ -865,19 +895,21 @@ scsibus1: With the help of the ATAPI/CAM module, - cdda2wav can also be used on ATAPI - drives. This tool is usually a better choice for most of - users, as it supports jitter correction and endianness, - than the method proposed below. + cdda2wav can also be used on + ATAPI drives. This tool is usually a + better choice for most of users, as it supports jitter + correction and endianness, than the method proposed + below. - The ATAPI CD driver makes each track available as - /dev/acddtnn, - where d is the drive number, - and nn is the track number - written with two decimal digits, prefixed with zero as - needed. So the first track on the first disk is + The ATAPI CD + driver makes each track available as + /dev/acddtnn, where + d is the drive number, and + nn is the track number written + with two decimal digits, prefixed with zero as needed. So + the first track on the first disk is /dev/acd0t01, the second is /dev/acd0t02, the third is /dev/acd0t03, and so on. @@ -912,58 +944,59 @@ scsibus1: Duplicating Data <acronym>CD</acronym>s - It is possible to copy a data CD to an image file that is - functionally equivalent to the image file created with - &man.mkisofs.8;, and then use it to duplicate any data CD. - The example given here assumes that the CD-ROM device is - acd0. Substitute the correct CD-ROM - device. + It is possible to copy a data CD to an + image file that is functionally equivalent to the image file + created with &man.mkisofs.8;, and then use it to duplicate any + data CD. The example given here assumes + that the CD-ROM device is + acd0. Substitute the correct + CD-ROM device. &prompt.root; dd if=/dev/acd0 of=file.iso bs=2048 - Now that there is an image, it can be burned to CD as - described above. + Now that there is an image, it can be burned to + CD as described above. Using Data <acronym>CD</acronym>s It is possible to mount and read the data on a standard - data CD. By default, &man.mount.8; assumes that a file system - is of type ufs. Running this - command: + data CD. By default, &man.mount.8; assumes + that a file system is of type ufs. Running + this command: &prompt.root; mount /dev/cd0 /mnt will generate an error about Incorrect super - block, and will fail to mount the CD. The CD - does not use the UFS file system, so - attempts to mount it as such will fail. Instead, tell - &man.mount.8; that the file system is of type - ISO9660 by specifying - to &man.mount.8;. For example, - to mount the CD-ROM device, /dev/cd0, - under /mnt, - use: + block, and will fail to mount the + CD. The CD does not use + the UFS file system, so attempts to mount + it as such will fail. Instead, tell &man.mount.8; that the + file system is of type ISO9660 by + specifying to &man.mount.8;. For + example, to mount the CD-ROM device, + /dev/cd0, under + /mnt, use: &prompt.root; mount -t cd9660 /dev/cd0 /mnt Replace /dev/cd0 with the device - name for the CD device. Also, - executes &man.mount.cd9660.8;, meaning the above command is - equivalent to: + name for the CD device. Also, + executes &man.mount.cd9660.8;, + meaning the above command is equivalent to: &prompt.root; mount_cd9660 /dev/cd0 /mnt - While data CD-ROMs from any vendor can be mounted this - way, disks with certain ISO 9660 extensions might behave - oddly. For example, Joliet disks store all filenames in - two-byte Unicode characters. The &os; kernel does not speak - Unicode, but the &os; CD9660 driver is able to convert Unicode - characters on the fly. If some non-English characters show up - as question marks, specify the local charset with - . For more information, refer to - &man.mount.cd9660.8;. + While data CD-ROMs from any vendor can + be mounted this way, disks with certain ISO 9660 extensions + might behave oddly. For example, Joliet disks store all + filenames in two-byte Unicode characters. The &os; kernel + does not speak Unicode, but the &os; CD9660 driver is able to + convert Unicode characters on the fly. If some non-English + characters show up as question marks, specify the local + charset with . For more information, refer + to &man.mount.cd9660.8;. In order to do this character conversion with the help @@ -979,13 +1012,16 @@ scsibus1: Occasionally, Device not configured - will be displayed when trying to mount a CD-ROM. This - usually means that the CD-ROM drive thinks that there is no - disk in the tray, or that the drive is not visible on the bus. - It can take a couple of seconds for a CD-ROM drive to realize - that a media is present, so be patient. + will be displayed when trying to mount a + CD-ROM. This usually means that the + CD-ROM drive thinks that there is no disk + in the tray, or that the drive is not visible on the bus. It + can take a couple of seconds for a CD-ROM + drive to realize that a media is present, so be + patient. - Sometimes, a SCSI CD-ROM may be missed because it did not + Sometimes, a SCSI + CD-ROM may be missed because it did not have enough time to answer the bus reset. To resolve this, add the following option to the kernel configuration and rebuild the @@ -993,31 +1029,34 @@ scsibus1: options SCSI_DELAY=15000 - This tells the SCSI bus to pause 15 seconds during boot, - to give the CD-ROM drive every possible chance to answer the - bus reset. + This tells the SCSI bus to pause 15 + seconds during boot, to give the CD-ROM + drive every possible chance to answer the bus reset. Burning Raw Data CDs - It is possible to burn a file directly to CD, without - creating an ISO 9660 file system. Some people do this for - backup purposes. This command runs more quickly than burning - a standard CD: + It is possible to burn a file directly to + CD, without creating an ISO 9660 file + system. Some people do this for backup purposes. This + command runs more quickly than burning a standard + CD: &prompt.root; burncd -f /dev/acd1 -s 12 data archive.tar.gz fixate - In order to retrieve the data burned to such a CD, the - data must be read from the raw device node: + In order to retrieve the data burned to such a + CD, the data must be read from the raw + device node: &prompt.root; tar xzvf /dev/acd1 - This type of disk can not be mounted as a normal CD-ROM - and the data cannot be read under any operating system except - &os;. In order to mount the CD, or to share the data with - another operating system, &man.mkisofs.8; must be used as - described above. + This type of disk can not be mounted as a normal + CD-ROM and the data cannot be read under + any operating system except &os;. In order to mount the + CD, or to share the data with another + operating system, &man.mkisofs.8; must be used as described + above. @@ -1040,9 +1079,10 @@ scsibus1: ATAPI/CAM driver - This driver allows ATAPI devices, such as CD/DVD drives, - to be accessed through the SCSI subsystem, and so allows the - use of applications like sysutils/cdrdao or + This driver allows ATAPI devices, such + as CD/DVD drives, to be accessed through the + SCSI subsystem, and so allows the use of + applications like sysutils/cdrdao or &man.cdrecord.1;. To use this driver, add the following line to @@ -1082,24 +1122,25 @@ cd0: Attempt to query device size failed The drive can now be accessed via the /dev/cd0 device name. For example, to - mount a CD-ROM on /mnt, - type the following: + mount a CD-ROM on + /mnt, type the following: &prompt.root; mount -t cd9660 /dev/cd0 /mnt As root, run the - following command to get the SCSI address of the - burner: + following command to get the SCSI address + of the burner: &prompt.root; camcontrol devlist <MATSHITA CDRW/DVD UJDA740 1.00> at scbus1 target 0 lun 0 (pass0,cd0) - In this example, 1,0,0 is the SCSI - address to use with &man.cdrecord.1; and other SCSI - applications. - - For more information about ATAPI/CAM and SCSI system, - refer to &man.atapicam.4; and &man.cam.4;. + In this example, 1,0,0 is the + SCSI address to use with &man.cdrecord.1; + and other SCSI applications. + + For more information about ATAPI/CAM and + SCSI system, refer to &man.atapicam.4; and + &man.cam.4;. @@ -1132,41 +1173,48 @@ cd0: Attempt to query device size failed burning - Compared to the CD, the DVD is the next generation of - optical media storage technology. The DVD can hold more data - than any CD and is the standard for video publishing. + Compared to the CD, the + DVD is the next generation of optical media + storage technology. The DVD can hold more + data than any CD and is the standard for + video publishing. Five physical recordable formats can be defined for a recordable DVD: - DVD-R: This was the first DVD recordable format - available. The DVD-R standard is defined by the - DVD + DVD-R: This was the first DVD + recordable format available. The DVD-R standard is + defined by the DVD Forum. This format is write once. - DVD-RW: This is the rewritable version of the - DVD-R standard. A DVD-RW can be rewritten about 1000 + DVD-RW: This is the rewritable + version of the DVD-R standard. A + DVD-RW can be rewritten about 1000 times. - DVD-RAM: This is a rewritable format which can be seen - as a removable hard drive. However, this media is not - compatible with most DVD-ROM drives and DVD-Video players - as only a few DVD writers support the DVD-RAM format. - Refer to for more - information on DVD-RAM use. + DVD-RAM: This is a rewritable + format which can be seen as a removable hard drive. + However, this media is not compatible with most + DVD-ROM drives and DVD-Video players + as only a few DVD writers support the + DVD-RAM format. Refer to for more information on + DVD-RAM use. - DVD+RW: This is a rewritable format defined by - the DVD+RW - Alliance. A DVD+RW can be rewritten about 1000 - times. + DVD+RW: This is a rewritable format + defined by the DVD+RW + Alliance. A DVD+RW can be + rewritten about 1000 times. @@ -1175,38 +1223,39 @@ cd0: Attempt to query device size failed - A single layer recordable DVD can hold up to - 4,700,000,000 bytes which is actually 4.38 GB or - 4485 MB as 1 kilobyte is 1024 bytes. + A single layer recordable DVD can hold + up to 4,700,000,000 bytes which is actually 4.38 GB + or 4485 MB as 1 kilobyte is 1024 bytes. A distinction must be made between the physical media and the application. For example, a DVD-Video is a specific - file layout that can be written on any recordable DVD - physical media such as DVD-R, DVD+R, or DVD-RW. Before - choosing the type of media, ensure that both the burner and - the DVD-Video player are compatible with the media under - consideration. + file layout that can be written on any recordable + DVD physical media such as DVD-R, DVD+R, + or DVD-RW. Before choosing the type of + media, ensure that both the burner and the DVD-Video player + are compatible with the media under consideration. Configuration - To perform DVD recording, use &man.growisofs.1;. This - command is part of the + To perform DVD recording, use + &man.growisofs.1;. This command is part of the sysutils/dvd+rw-tools utilities which support all DVD media types. - These tools use the SCSI subsystem to access the devices, - therefore ATAPI/CAM support - must be loaded or statically compiled into the kernel. This - support is not needed if the burner uses the USB interface. - Refer to for more details - on USB device configuration. - - DMA access must also be enabled for ATAPI devices, by - adding the following line to - /boot/loader.conf: + These tools use the SCSI subsystem to + access the devices, therefore ATAPI/CAM support must be loaded + or statically compiled into the kernel. This support is not + needed if the burner uses the USB + interface. Refer to for more + details on USB device configuration. + + DMA access must also be enabled for + ATAPI devices, by adding the following line + to /boot/loader.conf: hw.ata.atapi_dma="1" @@ -1226,15 +1275,16 @@ cd0: Attempt to query device size failed Burning Data <acronym>DVD</acronym>s - Since &man.growisofs.1; is a front-end to - mkisofs, it will invoke + Since &man.growisofs.1; is a front-end to mkisofs, it will invoke &man.mkisofs.8; to create the file system layout and perform - the write on the DVD. This means that an image of the data - does not need to be created before the burning process. + the write on the DVD. This means that an + image of the data does not need to be created before the + burning process. To burn to a DVD+R or a DVD-R the data in - /path/to/data, - use the following command: + /path/to/data, use the following + command: &prompt.root; growisofs -dvd-compat -Z /dev/cd0 -J -R /path/to/data @@ -1245,11 +1295,12 @@ cd0: Attempt to query device size failed For the initial session recording, is used for both single and multiple sessions. Replace - /dev/cd0, with the name of the DVD - device. Using indicates that the - disk will be closed and that the recording will be - unappendable. This should also provide better media - compatibility with DVD-ROM drives. + /dev/cd0, with the name of the + DVD device. Using + indicates that the disk will be + closed and that the recording will be unappendable. This + should also provide better media compatibility with + DVD-ROM drives. To burn a pre-mastered image, such as imagefile.iso, use: @@ -1310,9 +1361,10 @@ cd0: Attempt to query device size failed If an image of the DVD-Video file system already exists, it can be burned in the same way as any other image. If - dvdauthor was used to make the DVD and the - result is in /path/to/video, the - following command should be used to burn the DVD-Video: + dvdauthor was used to make the + DVD and the result is in + /path/to/video, the following command + should be used to burn the DVD-Video: &prompt.root; growisofs -Z /dev/cd0 -dvd-video /path/to/video @@ -1330,34 +1382,36 @@ cd0: Attempt to query device size failed DVD+RW - Unlike CD-RW, a virgin DVD+RW needs to be formatted before - first use. It is recommended to let - &man.growisofs.1; take care of this automatically whenever - appropriate. However, it is possible to use - dvd+rw-format to format the DVD+RW: + Unlike CD-RW, a virgin DVD+RW needs to + be formatted before first use. It is + recommended to let &man.growisofs.1; take + care of this automatically whenever appropriate. However, it + is possible to use dvd+rw-format to format + the DVD+RW: &prompt.root; dvd+rw-format /dev/cd0 Only perform this operation once and keep in mind that - only virgin DVD+RW medias need to be formatted. Once - formatted, the DVD+RW can be burned as usual. + only virgin DVD+RW medias need to be + formatted. Once formatted, the DVD+RW can + be burned as usual. To burn a totally new file system and not just append some - data onto a DVD+RW, the media does not need to be blanked - first. Instead, write over the previous recording like - this: + data onto a DVD+RW, the media does not need + to be blanked first. Instead, write over the previous + recording like this: &prompt.root; growisofs -Z /dev/cd0 -J -R /path/to/newdata - The DVD+RW format supports appending data to a previous - recording. This operation consists of merging a new session - to the existing one as it is not considered to be - multi-session writing. &man.growisofs.1; will - grow the ISO 9660 file system present on - the media. + The DVD+RW format supports appending + data to a previous recording. This operation consists of + merging a new session to the existing one as it is not + considered to be multi-session writing. &man.growisofs.1; + will grow the ISO 9660 file system + present on the media. - For example, to append data to a DVD+RW, use the - following: + For example, to append data to a + DVD+RW, use the following: &prompt.root; growisofs -M /dev/cd0 -J -R /path/to/nextdata @@ -1366,8 +1420,9 @@ cd0: Attempt to query device size failed Use for better media - compatibility with DVD-ROM drives. When using DVD+RW, this - option will not prevent the addition of data. + compatibility with DVD-ROM drives. When + using DVD+RW, this option will not + prevent the addition of data. To blank the media, use: @@ -1383,25 +1438,28 @@ cd0: Attempt to query device size failed DVD-RW - A DVD-RW accepts two disc formats: incremental sequential - and restricted overwrite. By default, DVD-RW discs are in - sequential format. - - A virgin DVD-RW can be directly written without being - formatted. However, a non-virgin DVD-RW in sequential format *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 23:17:17 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C903FC68; Fri, 21 Mar 2014 23:17:17 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 9C9A8F0D; Fri, 21 Mar 2014 23:17:17 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LNHH1f064689; Fri, 21 Mar 2014 23:17:17 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LNHH59064688; Fri, 21 Mar 2014 23:17:17 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201403212317.s2LNHH59064688@svn.freebsd.org> From: Ryusuke SUZUKI Date: Fri, 21 Mar 2014 23:17:17 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44328 - head/ja_JP.eucJP/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Sat, 22 Mar 2014 02:27:20 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 23:17:17 -0000 Author: ryusuke Date: Fri Mar 21 23:17:17 2014 New Revision: 44328 URL: http://svnweb.freebsd.org/changeset/doc/44328 Log: - Merge the following from the English version: r43804 -> r43806 head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Fri Mar 21 21:54:51 2014 (r44327) +++ head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Fri Mar 21 23:17:17 2014 (r44328) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43804 + Original revision: r43806 $FreeBSD$ --> + システム上で world の構築が一度でも行われたのであれば、 + 前回の構築の際のコピーが + /usr/obj + に存在するはずです。 + このディレクトリが存在しているのであれば、 + このディレクトリを削除して、 + make buildworld の行程にかかる時間を短縮し、 + 依存問題に悩まされるようなトラブルを回避することができます。 + + &prompt.root; cd /usr/obj +&prompt.root; chflags -R noschg * +&prompt.root; rm -rf * + + + 新しいコンパイラと関連ツールを最初にコンパイルし、 その後、新しいコンパイラで、 新しい world の残りの部分をコンパイルします。 @@ -1638,7 +1653,8 @@ before running "/usr/sbin/freebsd-update 以下のコマンドを実行してください。 &prompt.root; mount -u / -&prompt.root; mount -a -t ufs +&prompt.root; mount -a -t ufs +&prompt.root; swapon -a もしシステムが ZFS でフォーマットされている場合には、 以下の 2 つのコマンドを実行してください。 @@ -1651,19 +1667,25 @@ before running "/usr/sbin/freebsd-update その後、どちらのファイルシステムでも、 - 以下を実行してください。 + CMOS クロックが地域時間に設定されていて + GMT ではない場合 + (&man.date.1; が正しい時間と地域を表示しないなら当てはまります) + には、次のコマンドを実行してください。 &prompt.root; adjkerntz -i 次に、新しい world - における最初の設定ファイルのアップデートを行います。たとえば、 + に対する /etc + の最初の設定ファイルのアップデートを行います。 + 以下のコマンドは + installworld + に成功するために本質的なファイルのみを比較します。 + たとえば、 このステップでは、最後のアップデート後に &os; に追加された、 - 新しいグループや新しいシステムアカウントををシステムに追加されることがあります。 - installworld のステップで、 - 新しくインストールされたシステムのユーザおよびシステムのグループ名を問題なく使うことができるように、 - この作業が必要となることがあります。 + 新しいグループや新しいシステムアカウント、 + もしくはスタートアップスクリプトがシステムに追加されることがあります。 &prompt.root; mergemaster -p @@ -1708,43 +1730,52 @@ before running "/usr/sbin/freebsd-update &prompt.root; make delete-old-libs + + シングルユーザモード + + もしシステムがダウンタイムを持つことができるのであれば、 + システムのコンパイルをマルチユーザモードでおこない、 + インストールのためにシングルユーザモードに移行するという方法ではなく、 + コンパイルをシングルユーザモードで行うことを考えてください。 + システムの再インストールでは、たくさんの重要なシステムファイル、 + すべての標準的なシステムバイナリ、ライブラリ、 + インクルードファイルが変更されるので、 + 実際に動作しているシステムにおいて、 + 特にアクティブなユーザは、トラブルに見舞われる可能性があります。 - <filename>/etc/make.conf</filename> の確認 + 設定ファイル make.conf - この後の節ではそれぞれのステップについて詳しく説明しています。 - 特にカスタムカーネルを利用する場合について説明しています。 + この節では world + の構築のプロセスで使われるコンフィグレーションファイルについて説明します。 - &man.make.1; のオプションの説明は、&man.make.conf.5; や + &man.make.1; で利用可能なオプションの説明は &man.make.conf.5; や、 + 共通の例が /usr/share/examples/etc/make.conf にあります。 - これらの設定を /etc/make.conf に追加して、 - &man.make.1; の実行やプログラムの構築方法を設定してください。 - ある設定を変更したことにより、影響が広い範囲におよび、 - 驚くべき結果をもたらす可能性があります。 - 両方のファイルに書かれているコメントを読むことと、 - デフォルトの設定は、パフォーマンスと安全性の観点から選ばれていることを覚えておいてください。 - - /etc/make.conf で設定されたオプションは、 - &man.make.1; が使われる際には常に有効となります。 + これらの設定を /etc/make.conf に追加すると、 + &man.make.1; の実行やプログラムの構築方法を設定できます。 + これらのオプションは、 + &man.make.1; が使われる際には常に有効となるため、 Ports Collection からアプリケーションをコンパイルする時、 ユーザが書いた C プログラムや &os; オペレーティングシステムを構築する際に影響を及ぼします。 - - - <filename>/etc/src.conf</filename> を確認する + ある設定を変更したことにより、影響が広い範囲におよび、 + 驚くべき結果をもたらす可能性があります。 + 両方のファイルに書かれているコメントを読むことと、 + デフォルトの設定は、パフォーマンスと安全性の観点から選ばれていることを覚えておいてください。 src.conf /etc/src.conf は、 - ソースコードを用いたオペレーティングシステムの構築についてコントロールします。 + ソースコードを用いたオペレーティングシステムの構築をコントロールします。 /etc/make.conf とは異なり、 /etc/src.conf に書かれた設定は、 &os; オペレーティングシステムそのものを構築するときにのみ影響します。 @@ -1753,123 +1784,7 @@ before running "/usr/sbin/freebsd-update 一見したところ無効にされている、 使われていないカーネルモジュールやビルドオプションに注意してください。 ときどき予期しなかったり、わずかな影響を与えることがあります。 - - - - <filename>/etc</filename> にあるファイルの更新 - - /etc には、 - システム起動時に実行されるスクリプトだけでなく、 - システムの設定に関連する情報の大部分が含まれています。 - そのディレクトリに含まれるスクリプトは、 - &os; のバージョンによって多少異なります。 - - 設定ファイルのなかには、/etc/group - のように稼働中のシステムが日々利用しているものもあります。 - - - make installworld によるインストールの段階では、 - 特定のユーザ名、あるいはグループが存在していることを - 要求する場面があります。システムのアップグレードを行なう際には、 - それらのユーザ名やグループが削除、 - あるいは変更されて存在していない可能性が考えられます。 - make buildworld において、 - それらのユーザ名やグループが存在するか確認が行われる場合もあります。 - - - 解決方法は、buildworld の前に - をつけて &man.mergemaster.8; を実行することです。 - これを実行すると、buildworld や - installworld - が成功するために必要なファイルだけを比較します。 - - - 名前を変更したり、削除してしまったグループが所有しているファイルを、 - 次のようにして調べることもできます。 - - - &prompt.root; find / -group GID -print - - このコマンドはグループ名もしくは数字で示されるグループ ID - で指定されたグループ GID - が所有するすべてのファイルを表示します。 - - - - - シングルユーザモードへの移行 - シングルユーザモード - - コンパイルは、シングルユーザモードで行なうことを考えてください。 - システムの再インストールは重要なシステムファイル、 - すべての標準システムのバイナリ、ライブラリ、インクルードファイルを操作します。 - 稼働中のシステムに (特に他のユーザがそのシステムにログインしている時に) - そのような変更を加えることは、トラブルを引き起こす原因となります。 - - マルチユーザモード - もう一つの方法として、マルチユーザモードでシステムを再構築して、 - シングルユーザモードに移行してからそれをインストールする、 - というのがあります。もしこのような方法で行ないたい場合は、 - 以下の手順を構築が完了するところまで飛ばしてください。 - installkernel もしくは - installworld を実行する際に、 - シングルユーザモードに移行してください。 - - &prompt.root; shutdown now - - あるいはシステムを再起動し、ブートプロンプトから - single user オプションを選択してください。 - シングルユーザモードで起動した後は、 - シェルプロンプトから次のように実行してください。 - - &prompt.root; fsck -p -&prompt.root; mount -u / -&prompt.root; mount -a -t ufs -&prompt.root; swapon -a - - これはファイルシステムをチェックした後、 - / を読み書き可能にして再マウント、 - /etc/fstab に指定されている、 - それ以外の UFS ファイルシステムをすべてマウントしてから - スワップを有効にします。 - - - - CMOS クロックが地域時間に設定されていて - GMT ではない場合 - (&man.date.1; が正しい時間と地域を表示しないなら当てはまります)、 - 次のコマンドを実行すしてください。 - -&prompt.root; adjkerntz -i - - こうすれば、 - 確実に地域時刻が正しく設定されます。 - - - - - - <filename>/usr/obj</filename> の削除 - - システムが再構築される時、構築されたものはデフォルトで - /usr/obj 以下のサブディレクトリに格納されます。 - そのディレクトリの下は /usr/src - と同じ構造となります。 - - もしこのディレクトリが存在しているのであれば、 - このディレクトリを削除して、 - make buildworld の行程にかかる時間を短縮し、 - 依存問題に悩まされるようなトラブルを回避することができます。 - - /usr/obj 以下のファイルには、変更不可 - (immutable) フラグがセットされているものがある可能性があります。 - このようなファイルは最初に &man.chflags.1; - を用いてから削除する必要があります。 - - &prompt.root; cd /usr/obj -&prompt.root; chflags -R noschg * -&prompt.root; rm -rf * - + ベースシステムの再構築 @@ -2079,17 +1994,9 @@ Script done, … kern.securelevel について詳しくは &man.init.8; を、ファイルの様々なフラグについて詳しくは &man.chflags.1; をご覧ください。 - - - - シングルユーザモードで再起動する - single-user mode 新しいカーネルが動作するかどうかテストするために、 - シングルユーザモードで再起動してください。 - シングルユーザモードでの起動は、 - - に書かれている手順に従ってください。 + シングルユーザモードで再起動してください。 @@ -2239,10 +2146,6 @@ Script done, … また、/etc にあるべきファイルのうちで /usr/src/etc にないものもあります。 - &man.mergemaster.8; を (勧められた通り) - 使っているのであれば、次の節 - まで飛ばしてもかまいません。 - 手動で行う際の一番簡単な方法は、 ファイルを新しいディレクトリにインストールしてから、 以前のものと異なっている部分を調べて更新作業を行なうことです。 @@ -2459,15 +2362,6 @@ Script done, … - - 再起動 - - すべてがあるべき正しい場所に存在することをチェックしたら、 - &man.shutdown.8; を実行してシステムを再起動してください。 - - &prompt.root; shutdown -r now - - 使われなくなったライブラリの削除 @@ -2714,7 +2608,7 @@ Building everything.. なにか悪いことがあったらどうすればいいですか? - 自分の環境に前のビルドの余計なゴミが残っていないことをはっきりと確認してください。 + まず、自分の環境に前のビルドの余計なゴミが残っていないことをはっきりと確認してください。 &prompt.root; chflags -R noschg /usr/obj/usr &prompt.root; rm -rf /usr/obj/usr From owner-svn-doc-all@FreeBSD.ORG Fri Mar 21 23:33:04 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4CA59EAB; Fri, 21 Mar 2014 23:33:04 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 39134C3; Fri, 21 Mar 2014 23:33:04 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2LNX4XS072342; Fri, 21 Mar 2014 23:33:04 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2LNX4lK072341; Fri, 21 Mar 2014 23:33:04 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201403212333.s2LNX4lK072341@svn.freebsd.org> From: Ryusuke SUZUKI Date: Fri, 21 Mar 2014 23:33:04 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44329 - head/ja_JP.eucJP/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Sat, 22 Mar 2014 02:40:50 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 23:33:04 -0000 Author: ryusuke Date: Fri Mar 21 23:33:03 2014 New Revision: 44329 URL: http://svnweb.freebsd.org/changeset/doc/44329 Log: - Merge the following from the English version: r43806 -> r43809 head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Fri Mar 21 23:17:17 2014 (r44328) +++ head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Fri Mar 21 23:33:03 2014 (r44329) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43806 + Original revision: r43809 $FreeBSD$ --> - + ベースシステムの再構築 - 実行される &man.make.1; からの出力は、ファイルに保存すると良いでしょう。 - もし、何か障害が発生した場合、エラーメッセージのコピーを - &os; メーリングリストに投稿してください。 - - ファイルに保存する最も簡単な方法は、&man.script.1; - コマンドを使い、引数に出力を保存したいファイル名を指定することです。 - これを make world の直前に行ない、再構築が終了したら - 以下のように exit と入力してください。 + 実行される &man.make.1; からの出力は、 + ファイルに保存すると良いでしょう。 + もし、何か障害が発生した場合、エラーメッセージのコピーを + &os; メーリングリストに投稿してください。 + + ファイルに保存する最も簡単な方法は、&man.script.1; + コマンドを使い、引数に出力を保存したいファイル名を指定することです。 + これを make world の直前に行ない、再構築が終了したら + 以下のように exit と入力してください。 - &prompt.root; script /var/tmp/mw.out + &prompt.root; script /var/tmp/mw.out Script started, output file is /var/tmp/mw.out &prompt.root; make TARGET … compile, compile, compile … @@ -2459,7 +2460,8 @@ Script done, … - どうして signal 11 + どうして + signal 11 signal 11 (もしくは他のシグナル番号) のエラーがたくさん出て @@ -2482,17 +2484,17 @@ Script done, … - 終了したら /usr/obj + 終了したら /usr/obj を削除してもかまいませんか? このディレクトリには、 - コンパイルの段階で生成された - すべてのオブジェクトファイルが含まれています。 - 通常 make buildworld の最初の段階では、 - このディレクトリを削除して新しくつくり直すようになっています。 + コンパイルの段階で生成された + すべてのオブジェクトファイルが含まれています。 + 通常 make buildworld の最初の段階では、 + このディレクトリを削除して新しくつくり直すようになっています。 構築終了後も /usr/obj - を保存しておいても、あまり意味はありません。 + を保存しておいても、あまり意味はありません。 削除すれば、だいたい 2GB のディスクスペースを解放することができます。 @@ -2509,7 +2511,7 @@ Script done, … 基本的なツールや、 システムライブラリの新しいコピーを作成します。 その後、これらのツールやライブラリがインストールされてから、 - 自分自身の再構築に使われ、もう一度、インストールされます。 + 自分自身の再構築に使われ、もう一度、インストールされます。 システムの残りの部分がその新しいシステムファイルを用いて作り直されます。 再構築の最終段階では、 @@ -2564,48 +2566,49 @@ Building everything.. class="directory">/usr を再マウントしてください。 - /usr/obj - のあるファイルシステムを、 - オプションをつけてマウントもしくは再マウントしてください。 - これによって、ディスクへの書き込みが非同期になります。 - つまり、書き込み命令はすぐに完了するのに対し、 - 実際にデータがディスクに書き込まれるのは、その数秒後になります。 - これによって、書き込み処理の一括化が可能になるため、 - 劇的なパフォーマンスの向上が期待できます。 - - - - - - このオプションを指定すると、ファイルシステムは - 壊れやすくなってしまうことに注意してください。 - このオプションを付けていて、突然電源が落ちた場合には、 - 再起動後にファイルシステムが復旧不能になる可能性が - 非常に高くなります。 - - もし、>/usr/obj - が、ファイルシステムにある唯一のディレクトリであれば、 - これは問題になりません。 - しかし、同じファイルシステムに、他の貴重なデータを置いているときには、 - このオプションを有効にする前に、 - バックアップをきちんと取っておきましょう。 - - - /etc/make.conf に - NO_PROFILE=true をセットして、 - プロファイル版の作成を無効化してください。 - - &man.make.1; に - - を指定して、複数のプロセスを並列に実行させてください。 - これは、単一のプロセッサでも複数のプロセッサでも、 - 同様に恩恵を得ることができます。 - + /usr/obj + のあるファイルシステムを、 + オプションをつけてマウントもしくは再マウントしてください。 + これによって、ディスクへの書き込みが非同期になります。 + つまり、書き込み命令はすぐに完了するのに対し、 + 実際にデータがディスクに書き込まれるのは、その数秒後になります。 + これによって、書き込み処理の一括化が可能になるため、 + 劇的なパフォーマンスの向上が期待できます。 + + + + + + このオプションを指定すると、ファイルシステムは + 壊れやすくなってしまうことに注意してください。 + このオプションを付けていて、突然電源が落ちた場合には、 + 再起動後にファイルシステムが復旧不能になる可能性が + 非常に高くなります。 + + もし、>/usr/obj + が、ファイルシステムにある唯一のディレクトリであれば、 + これは問題になりません。 + しかし、同じファイルシステムに、 + 他の貴重なデータを置いているときには、 + このオプションを有効にする前に、 + バックアップをきちんと取っておきましょう。 + + + /etc/make.conf に + NO_PROFILE=true をセットして、 + プロファイル版の作成を無効化してください。 + + &man.make.1; に + + を指定して、複数のプロセスを並列に実行させてください。 + これは、単一のプロセッサでも複数のプロセッサでも、 + 同様に恩恵を得ることができます。 + - なにか悪いことがあったらどうすればいいですか? + なにか悪いことがあったらどうすればいいですか? まず、自分の環境に前のビルドの余計なゴミが残っていないことをはっきりと確認してください。 @@ -2616,13 +2619,13 @@ Building everything.. &prompt.root; make cleandir &prompt.root; make cleandir - ええ、make cleandir + ええ、make cleandir は本当に 2 回実行するのです。 - そして、make buildworld を行い、 + そして、make buildworld を行い、 全プロセスを最初からやり直してください。 - まだ問題があれば、エラーと uname -a + まだ問題があれば、エラーと uname -a の出力を &a.questions; に送ってください。 設定についてさらに質問されても答えられるよう用意してください! From owner-svn-doc-all@FreeBSD.ORG Sat Mar 22 19:06:49 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EE6B05E4; Sat, 22 Mar 2014 19:06:49 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id DA02DC8D; Sat, 22 Mar 2014 19:06:49 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2MJ6n9C058851; Sat, 22 Mar 2014 19:06:49 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2MJ6nkH058850; Sat, 22 Mar 2014 19:06:49 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403221906.s2MJ6nkH058850@svn.freebsd.org> From: Warren Block Date: Sat, 22 Mar 2014 19:06:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44330 - head/share/misc X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Mar 2014 19:06:50 -0000 Author: wblock Date: Sat Mar 22 19:06:49 2014 New Revision: 44330 URL: http://svnweb.freebsd.org/changeset/doc/44330 Log: Improve Handbook ToC readability. Adjust link colors based on http://en.wikipedia.org/wiki/Help:Link_color. This makes links less garish and less distracting when near plain text. PR: docs/186857 Submitted by: Allan Jude Modified: head/share/misc/docbook.css Modified: head/share/misc/docbook.css ============================================================================== --- head/share/misc/docbook.css Fri Mar 21 23:33:03 2014 (r44329) +++ head/share/misc/docbook.css Sat Mar 22 19:06:49 2014 (r44330) @@ -34,6 +34,16 @@ font-weight: bold; } +a:link { + color:#0645AD; + text-decoration: underline; +} + +a:visited, a:hover, a:active { + color:#663366; + text-decoration: underline; +} + div.blockquote-title { font-weight: bold; margin-top: 1em; From owner-svn-doc-all@FreeBSD.ORG Sat Mar 22 22:22:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AFF1A1DC; Sat, 22 Mar 2014 22:22:12 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 9B20AD73; Sat, 22 Mar 2014 22:22:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2MMMCNc039071; Sat, 22 Mar 2014 22:22:12 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2MMMCJ7039070; Sat, 22 Mar 2014 22:22:12 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201403222222.s2MMMCJ7039070@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sat, 22 Mar 2014 22:22:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44331 - head/ja_JP.eucJP/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Mar 2014 22:22:12 -0000 Author: ryusuke Date: Sat Mar 22 22:22:12 2014 New Revision: 44331 URL: http://svnweb.freebsd.org/changeset/doc/44331 Log: - Merge the following from the English version: r43809 -> r44275 head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Sat Mar 22 19:06:49 2014 (r44330) +++ head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Sat Mar 22 22:22:12 2014 (r44331) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43809 + Original revision: r44275 $FreeBSD$ --> &prompt.root; mount /cdrom -&prompt.root; cd /cdrom/X.Y-RELEASE/kernels +&prompt.root; cd /cdrom/X.Y-RELEASE/kernels &prompt.root; ./install.sh GENERIC - ここで X.Y-RELEASE + ここで X.Y-RELEASE を実際のリリース番号に置き換えてください。 GENERIC は、デフォルトで /boot/GENERIC にインストールされます。 @@ -805,7 +805,7 @@ before running "/usr/sbin/freebsd-update western US ミラーから HTTPS プロトコルを用いて、 ドキュメントのソースをダウンロードします。 - &prompt.root; svn checkout https://svn0.us-west.FreeBSD.org/doc/head /usr/doc + &prompt.root; svn checkout https://svn0.us-west.FreeBSD.org/doc/head /usr/doc 利用可能な Subversion ミラーサイト @@ -1124,7 +1124,7 @@ before running "/usr/sbin/freebsd-update ドキュメントの package は、対応する port 名とは異なり、 - lang-freebsd-doc + lang-freebsd-doc の形式で名前がつけられています。 ここで、lang は言語コードの短縮形です。 ハンガリー語の場合は hu、簡体字の場合には @@ -1687,7 +1687,7 @@ before running "/usr/sbin/freebsd-update 新しいグループや新しいシステムアカウント、 もしくはスタートアップスクリプトがシステムに追加されることがあります。 - &prompt.root; mergemaster -p + &prompt.root; mergemaster @@ -1829,7 +1829,7 @@ Script done, … コマンドラインの一般的な書式は、次のとおりです。 - &prompt.root; make -x -DVARIABLE target + &prompt.root; make -x -DVARIABLE target この例では、 が &man.make.1; に渡されるオプションになります。 @@ -1844,7 +1844,7 @@ Script done, … 同様です。これは変数を設定するもう一つの方法として用意されています。 たとえば以下の通りです。 - &prompt.root; make -DNO_PROFILE target + &prompt.root; make -DNO_PROFILE target は、プロファイル版のライブラリを構築しないことを指定する @@ -1869,7 +1869,7 @@ Script done, … 大抵の場合、&man.make.1; にパラメータを指定する必要はないでしょうから、 コマンドラインは次のようなものになります。 - &prompt.root; make target + &prompt.root; make target ここで、target は、多くのビルドオプションのどれかになります。 @@ -1976,12 +1976,12 @@ Script done, … 既にあるコンフィグレーションファイルを使ってカスタムカーネルを構築するには、 - KERNCONF=MYKERNEL + KERNCONF=MYKERNEL を使ってください。 &prompt.root; cd /usr/src -&prompt.root; make buildkernel KERNCONF=MYKERNEL -&prompt.root; make installkernel KERNCONF=MYKERNEL +&prompt.root; make buildkernel KERNCONF=MYKERNEL +&prompt.root; make installkernel KERNCONF=MYKERNEL @@ -2396,7 +2396,7 @@ Script done, … &prompt.root; pkg which /usr/local/lib/libtiff.so /usr/local/lib/libtiff.so was installed by package tiff-3.9.4 - &prompt.root; pkg which /usr/local/lib/libXext.so +&prompt.root; pkg which /usr/local/lib/libXext.so /usr/local/lib/libXext.so was installed by package libXext-1.1.1,1 見つかった port をアンインストールし、 @@ -2566,7 +2566,7 @@ Building everything.. class="directory">/usr を再マウントしてください。 - /usr/obj + /usr/obj のあるファイルシステムを、 オプションをつけてマウントもしくは再マウントしてください。 これによって、ディスクへの書き込みが非同期になります。 @@ -2703,7 +2703,8 @@ Building everything.. ビルドマシンは自分自身のカーネルから順に全部のカーネル名を KERNCONF にリストアップしてください。 各マシンのカーネルもビルドするのであれば、 - ビルドマシンは各マシンのカーネル設定ファイルを /usr/src/sys/arch/conf + ビルドマシンは各マシンのカーネル設定ファイルを + /usr/src/sys/arch/conf に持っていなければなりません。 From owner-svn-doc-all@FreeBSD.ORG Sun Mar 23 02:20:32 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E8C23710; Sun, 23 Mar 2014 02:20:31 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C8239FF; Sun, 23 Mar 2014 02:20:31 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2N2KVHZ035880; Sun, 23 Mar 2014 02:20:31 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2N2KVGN035873; Sun, 23 Mar 2014 02:20:31 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403230220.s2N2KVGN035873@svn.freebsd.org> From: Glen Barber Date: Sun, 23 Mar 2014 02:20:31 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44332 - in head: en_US.ISO8859-1/books/handbook share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 23 Mar 2014 02:20:32 -0000 Author: gjb Date: Sun Mar 23 02:20:31 2014 New Revision: 44332 URL: http://svnweb.freebsd.org/changeset/doc/44332 Log: Add FreeBSD 10.0-RELEASE to the list of releases the Handbook covers. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/books/handbook/book.xml head/share/xml/freebsd.ent Modified: head/en_US.ISO8859-1/books/handbook/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/book.xml Sat Mar 22 22:22:12 2014 (r44331) +++ head/en_US.ISO8859-1/books/handbook/book.xml Sun Mar 23 02:20:31 2014 (r44332) @@ -92,7 +92,8 @@ Welcome to FreeBSD! This handbook covers the installation and day to day use of - FreeBSD &rel2.current;-RELEASE and + FreeBSD &rel3.current;-RELEASE, + FreeBSD &rel2.current;-RELEASE, and FreeBSD &rel.current;-RELEASE. This manual is a work in progress and is the work of many individuals. As such, some sections may become Modified: head/share/xml/freebsd.ent ============================================================================== --- head/share/xml/freebsd.ent Sat Mar 22 22:22:12 2014 (r44331) +++ head/share/xml/freebsd.ent Sun Mar 23 02:20:31 2014 (r44332) @@ -64,19 +64,26 @@ used in both environments. - - + + + + - - - + + + + + + + + - From owner-svn-doc-all@FreeBSD.ORG Sun Mar 23 02:33:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C70F5A49; Sun, 23 Mar 2014 02:33:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id B3594219; Sun, 23 Mar 2014 02:33:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2N2XNC3041495; Sun, 23 Mar 2014 02:33:23 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2N2XNAl041494; Sun, 23 Mar 2014 02:33:23 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403230233.s2N2XNAl041494@svn.freebsd.org> From: Glen Barber Date: Sun, 23 Mar 2014 02:33:23 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44334 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 23 Mar 2014 02:33:23 -0000 Author: gjb Date: Sun Mar 23 02:33:23 2014 New Revision: 44334 URL: http://svnweb.freebsd.org/changeset/doc/44334 Log: Add an entity for AMD, since we have one for Intel. Submitted by: Allan Jude Sponsored by: The FreeBSD Foundation Modified: head/share/xml/trademarks.ent Modified: head/share/xml/trademarks.ent ============================================================================== --- head/share/xml/trademarks.ent Sun Mar 23 02:24:07 2014 (r44333) +++ head/share/xml/trademarks.ent Sun Mar 23 02:33:23 2014 (r44334) @@ -144,6 +144,7 @@ Coverity, Inc."> IEEE"> POSIX"> +AMD"> Intel, Celeron, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or registered From owner-svn-doc-all@FreeBSD.ORG Sun Mar 23 03:03:30 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 97AD4BD; Sun, 23 Mar 2014 03:03:30 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8408F686; Sun, 23 Mar 2014 03:03:30 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2N33U92054335; Sun, 23 Mar 2014 03:03:30 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2N33UAi054334; Sun, 23 Mar 2014 03:03:30 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403230303.s2N33UAi054334@svn.freebsd.org> From: Glen Barber Date: Sun, 23 Mar 2014 03:03:30 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44335 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 23 Mar 2014 03:03:30 -0000 Author: gjb Date: Sun Mar 23 03:03:29 2014 New Revision: 44335 URL: http://svnweb.freebsd.org/changeset/doc/44335 Log: Move AMD entity to existing amd* entities. Sponsored by: The FreeBSD Foundation Modified: head/share/xml/trademarks.ent Modified: head/share/xml/trademarks.ent ============================================================================== --- head/share/xml/trademarks.ent Sun Mar 23 02:33:23 2014 (r44334) +++ head/share/xml/trademarks.ent Sun Mar 23 03:03:29 2014 (r44335) @@ -39,6 +39,7 @@ AMD, AMD Athlon, AMD Opteron, Athlon, Élan, Opteron, and PCnet are trademarks of Advanced Micro Devices, Inc."> +AMD"> Am486"> Am5x86"> AMD Athlon"> @@ -144,7 +145,6 @@ Coverity, Inc."> IEEE"> POSIX"> -AMD"> Intel, Celeron, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or registered From owner-svn-doc-all@FreeBSD.ORG Sun Mar 23 12:59:54 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A0707B61; Sun, 23 Mar 2014 12:59:54 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8D61678C; Sun, 23 Mar 2014 12:59:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2NCxsu1095560; Sun, 23 Mar 2014 12:59:54 GMT (envelope-from pawel@svn.freebsd.org) Received: (from pawel@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2NCxsci095559; Sun, 23 Mar 2014 12:59:54 GMT (envelope-from pawel@svn.freebsd.org) Message-Id: <201403231259.s2NCxsci095559@svn.freebsd.org> From: Pawel Pekala Date: Sun, 23 Mar 2014 12:59:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44336 - head/en_US.ISO8859-1/articles/contributors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 23 Mar 2014 12:59:54 -0000 Author: pawel (ports committer) Date: Sun Mar 23 12:59:54 2014 New Revision: 44336 URL: http://svnweb.freebsd.org/changeset/doc/44336 Log: Add Jonathan Price for security/d0_blind_id PR: ports/187716 Modified: head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Modified: head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Sun Mar 23 03:03:29 2014 (r44335) +++ head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Sun Mar 23 12:59:54 2014 (r44336) @@ -5101,6 +5101,11 @@ + Jonathan Price + freebsd@jonathanprice.org + + + Jordan DeLong fracture@allusion.net From owner-svn-doc-all@FreeBSD.ORG Sun Mar 23 14:00:39 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C58D1ED5; Sun, 23 Mar 2014 14:00:39 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id B2521C82; Sun, 23 Mar 2014 14:00:39 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2NE0dIN020803; Sun, 23 Mar 2014 14:00:39 GMT (envelope-from jkois@svn.freebsd.org) Received: (from jkois@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2NE0dhF020802; Sun, 23 Mar 2014 14:00:39 GMT (envelope-from jkois@svn.freebsd.org) Message-Id: <201403231400.s2NE0dhF020802@svn.freebsd.org> From: Johann Kois Date: Sun, 23 Mar 2014 14:00:39 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44337 - head/de_DE.ISO8859-1/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 23 Mar 2014 14:00:39 -0000 Author: jkois Date: Sun Mar 23 14:00:39 2014 New Revision: 44337 URL: http://svnweb.freebsd.org/changeset/doc/44337 Log: PR: www/187848 Remove a double "und" from index.xsl. Found by: Bernd While here, fix another problem in the same sentence. Obtained from: The FreeBSD German Documentation Project Modified: head/de_DE.ISO8859-1/htdocs/index.xsl Modified: head/de_DE.ISO8859-1/htdocs/index.xsl ============================================================================== --- head/de_DE.ISO8859-1/htdocs/index.xsl Sun Mar 23 12:59:54 2014 (r44336) +++ head/de_DE.ISO8859-1/htdocs/index.xsl Sun Mar 23 14:00:39 2014 (r44337) @@ -50,7 +50,7 @@ groen Entwicklergruppe seit mehr als 30 Jahren kontinuierlich weiterentwickelt, verbessert und optimiert. Seine leistungsfhigen und - und beeindruckende Netzwerk-, Sicherheits- und + beeindruckenden Netzwerk-, Sicherheits- und Speicherfunktionen machen &os; zum Betriebssystem der Wahl fr einige der grten From owner-svn-doc-all@FreeBSD.ORG Sun Mar 23 14:40:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DDCD7257; Sun, 23 Mar 2014 14:40:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id B0EE5F9E; Sun, 23 Mar 2014 14:40:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2NEegRq037040; Sun, 23 Mar 2014 14:40:42 GMT (envelope-from jkois@svn.freebsd.org) Received: (from jkois@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2NEegcK037039; Sun, 23 Mar 2014 14:40:42 GMT (envelope-from jkois@svn.freebsd.org) Message-Id: <201403231440.s2NEegcK037039@svn.freebsd.org> From: Johann Kois Date: Sun, 23 Mar 2014 14:40:42 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44338 - head/de_DE.ISO8859-1/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Sun, 23 Mar 2014 14:50:44 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 23 Mar 2014 14:40:42 -0000 Author: jkois Date: Sun Mar 23 14:40:42 2014 New Revision: 44338 URL: http://svnweb.freebsd.org/changeset/doc/44338 Log: r43868 -> r44209 MFde: Resync the project news. Obtained from: The FreeBSD German Documentation Project Modified: head/de_DE.ISO8859-1/share/xml/news.xml Modified: head/de_DE.ISO8859-1/share/xml/news.xml ============================================================================== --- head/de_DE.ISO8859-1/share/xml/news.xml Sun Mar 23 14:00:39 2014 (r44337) +++ head/de_DE.ISO8859-1/share/xml/news.xml Sun Mar 23 14:40:42 2014 (r44338) @@ -4,7 +4,7 @@ - - Remote Host Logging with <command>syslogd</command> - - Interacting with system logs is a crucial aspect of both - security and system administration. Monitoring the log files of - multiple hosts can become unwieldy as the number of systems - increases. Configuring centralized logging can reduce some of - the administrative burden of log file administration. - - Centralized log file aggregation, merging, and rotation can - be configured using &os; native tools, such as &man.syslogd.8; - and &man.newsyslog.8;. This section demonstrates an example - configuration, where host A, named - logserv.example.com, will - collect logging information for the local network. Host - B, named logclient.example.com, will - be configured to pass logging information to the logging - server. - - - Log Server Configuration - - A log server is a system that has been configured to - accept logging information from other hosts. Before - configuring a log server, check the following: - - - - If there is a firewall between the logging server and - any logging clients, ensure that the firewall ruleset - allows UDP port 514 for both the - clients and the server. - - - - The logging server and all client machines must have - forward and reverse entries in the local - DNS. If the network does not have a - DNS server, create entries in each - system's /etc/hosts. Proper name - resolution is required so that log entries are not - rejected by the logging server. - - - - On the log server, edit - /etc/syslog.conf to specify the name of - the client to receive log entries from, the logging facility - to be used, and the name of the log to store the host's log - entries. This example adds the hostname of - B, logs all facilities, and stores - the log entries in - /var/log/logclient.log. - - - Sample Log Server Configuration - - +logclient.example.com -*.* /var/log/logclient.log - - - When adding multiple log clients, add a similar two-line - entry for each client. More information about the available - facilities may be found in &man.syslog.conf.5;. - - Next, configure /etc/rc.conf: - - syslogd_enable="YES" -syslogd_flags="-a logclient.example.com -v -v" - - The first entry starts syslogd - at system boot. The second entry allows log entries from the - specified client. The increases the - verbosity of logged messages. This is useful for tweaking - facilities as administrators are able to see what type of - messages are being logged under each facility. - - Multiple options may be specified to - allow logging from multiple clients. IP - addresses and whole netblocks may also be specified. Refer to - &man.syslogd.8; for a full list of possible options. - - Finally, create the log file: - - &prompt.root; touch /var/log/logclient.log - - At this point, syslogd should - be restarted and verified: - - &prompt.root; service syslogd restart -&prompt.root; pgrep syslog - - If a PID is returned, the server - restarted successfully, and client configuration can begin. - If the server did not restart, consult - /var/log/messages for the error. - - - - Log Client Configuration - - A logging client sends log entries to a logging server on - the network. The client also keeps a local copy of its own - logs. - - Once a logging server has been configured, edit - /etc/rc.conf on the logging - client: - - syslogd_enable="YES" -syslogd_flags="-s -v -v" - - The first entry enables syslogd - on boot up. The second entry prevents logs from being - accepted by this client from other hosts () - and increases the verbosity of logged messages. - - Next, define the logging server in the client's - /etc/syslog.conf. In this example, all - logged facilities are sent to a remote system, denoted by the - @ symbol, with the specified - hostname: - - *.* @logserv.example.com - - After saving the edit, restart - syslogd for the changes to take - effect: - - &prompt.root; service syslogd restart - - To test that log messages are being sent across the - network, use &man.logger.1; on the client to send a message to - syslogd: - - &prompt.root; logger "Test message from logclient" - - This message should now exist both in - /var/log/messages on the client and - /var/log/logclient.log on the log - server. - - - - Debugging Log Servers - - If no messages are being received on the log server, the - cause is most likely a network connectivity issue, a hostname - resolution issue, or a typo in a configuration file. To - isolate the cause, ensure that both the logging server and the - logging client are able to ping each other - using the hostname specified in their - /etc/rc.conf. If this fails, check the - network cabling, the firewall ruleset, and the hostname - entries in the DNS server or - /etc/hosts on both the logging server and - clients. Repeat until the ping is - successful from both hosts. - - If the ping succeeds on both hosts but - log messages are still not being received, temporarily - increase logging verbosity to narrow down the configuration - issue. In the following example, - /var/log/logclient.log on the logging - server is empty and /var/log/messages on - the logging client does not indicate a reason for the failure. - To increase debugging output, edit the - syslogd_flags entry on the logging server - and issue a restart: - - syslogd_flags="-d -a logclien.example.com -v -v" - - &prompt.root; service syslogd restart - - Debugging data similar to the following will flash on the - console immediately after the restart: - - logmsg: pri 56, flags 4, from logserv.example.com, msg syslogd: restart -syslogd: restarted -logmsg: pri 6, flags 4, from logserv.example.com, msg syslogd: kernel boot file is /boot/kernel/kernel -Logging to FILE /var/log/messages -syslogd: kernel boot file is /boot/kernel/kernel -cvthname(192.168.1.10) -validate: dgram from IP 192.168.1.10, port 514, name logclient.example.com; -rejected in rule 0 due to name mismatch. - - In this example, the log messages are being rejected due - to a typo which results in a hostname mismatch. The client's - hostname should be logclient, not - logclien. Fix the typo, issue a restart, - and verify the results: - - &prompt.root; service syslogd restart -logmsg: pri 56, flags 4, from logserv.example.com, msg syslogd: restart -syslogd: restarted -logmsg: pri 6, flags 4, from logserv.example.com, msg syslogd: kernel boot file is /boot/kernel/kernel -syslogd: kernel boot file is /boot/kernel/kernel -logmsg: pri 166, flags 17, from logserv.example.com, -msg Dec 10 20:55:02 <syslog.err> logserv.example.com syslogd: exiting on signal 2 -cvthname(192.168.1.10) -validate: dgram from IP 192.168.1.10, port 514, name logclient.example.com; -accepted in rule 0. -logmsg: pri 15, flags 0, from logclient.example.com, msg Dec 11 02:01:28 trhodes: Test message 2 -Logging to FILE /var/log/logclient.log -Logging to FILE /var/log/messages - - At this point, the messages are being properly received - and placed in the correct file. - - - - Security Considerations - - As with any network service, security requirements should - be considered before implementing a logging server. Log files - may contain sensitive data about services enabled on the local - host, user accounts, and configuration data. Network data - sent from the client to the server will not be encrypted or - password protected. If a need for encryption exists, consider - using security/stunnel, which will transmit - the logging data over an encrypted tunnel. - - Local security is also an issue. Log files are not - encrypted during use or after log rotation. Local users may - access log files to gain additional insight into system - configuration. Setting proper permissions on log files is - critical. The built-in log rotator, &man.newsyslog.8;, - supports setting permissions on newly created and rotated log - files. Setting log files to mode 600 - should prevent unwanted access by local users. Refer to - &man.newsyslog.conf.5; for additional information. - - - + + + January-March + + 2014 + + +
    + Introduction + +

    This report covers &os;-related projects between January and + March 2014. This is the first of four reports planned for 2014.

    + + + + +

    Thanks to all the reporters for the excellent work! This report + contains 1 entry and we hope you enjoy reading it.

    + +

    The deadline for submissions covering between April and + June 2014 is July 7th, 2014.

    +
    + + + ports + + Ports + + + + Chromium + + + + Chromium on &os; Team + freebsd-chromium@FreeBSD.org + + + + + Chromium website + Development repository on GitHub + Chromium on &os; wiki + + + +

    Over the last four years the Chromium team has been busy with + porting Chromium to &os;. This involves patching the browser so + that it runs on &os;, tracking and documenting security updates, + and merging patches back upstream.

    + +

    While there are already several browsers available for &os;, + advantages of Chromium are:

    + +
      +
    • Quick response from upstream to security issues, resulting + in approximately bi-weekly updates.
      • + +
    • A testbed for security features of &os;, like Capsicum. + While support for this capability and sandbox framework is + currently not included in the browser, a proof-of-concept + implementation for an early version of Chromium was realized + within a single weekend.
      • +
    + +

    George Liaskos and &a.rene; are currently busy with submitting + the remaining patches specific to &os; back upstream. Apart from + making future updates easier, it sometimes also improves the + overall code quality.

    + +

    &a.jonathan; recently updated the Capsicum patches for Chromium + and is talking to upstream about them.

    + + + + Advocate &os;. While patches are getting accepted by both + humans and bots, it is not an official platform so attitude varies + from developer to developer. While &a.rene; thinks it is a bit + early, it might be fruitful to investigate what is required to + make &os; (and possibly OpenBSD) an official platform in terms + of both hardware and procedures. + + If you feel comfortable with large source trees, you can try + to build the Git version of Chromium on &os;. If you are also + comfortable with signing Googles Contributor License Agreement, + you can join testing and submitting patches upstream. + +     +     From owner-svn-doc-all@FreeBSD.ORG Tue Mar 25 00:00:19 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B5D5E318; Tue, 25 Mar 2014 00:00:19 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id A347CBB3; Tue, 25 Mar 2014 00:00:19 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2P00Jl9067881; Tue, 25 Mar 2014 00:00:19 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2P00JGr067880; Tue, 25 Mar 2014 00:00:19 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201403250000.s2P00JGr067880@svn.freebsd.org> From: Gabor Pali Date: Tue, 25 Mar 2014 00:00:19 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44349 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Mar 2014 00:00:19 -0000 Author: pgj Date: Tue Mar 25 00:00:19 2014 New Revision: 44349 URL: http://svnweb.freebsd.org/changeset/doc/44349 Log: - Add 2014Q1 report on the Handbook ZFS chapter Submitted by: Allan Jude Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Mar 24 22:25:11 2014 (r44348) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Tue Mar 25 00:00:19 2014 (r44349) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 1 entry and we hope you enjoy reading it.

    + contains 2 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -30,6 +30,12 @@ Ports + + doc + + Documentation + + Chromium @@ -89,4 +95,86 @@ you can join testing and submitting patches upstream. + + + ZFS Chapter of the Handbook + + + + + Allan + Jude + + freebsd@allanjude.com + + + + + Benedict + Reuschling + + bcr@FreeBSD.org + + + + + Warren + Block + + wblock@FreeBSD.org + + + + + Preview ZFS Handbook + Slides from AsiaBSDCon 2014 + + + +

    ZFS is one of the premier features of &os;. The current + documentation in the Handbook and elsewhere online is severely + lacking. Much of the original documentation from Sun and Oracle + has disappeared, moved, or is about the proprietary version of + ZFS.

    + +

    New users have many questions about ZFS and yet there exists a + great deal more bad advice about ZFS than proper documentation. + The current ZFS chapter of the &os; Handbook starts off with the + required steps to configure an i386 machine to run ZFS. This is + more likely to scare off a new user than to educate them about + how to properly use ZFS.

    + +

    At BSDCan 2013, the process of writing an entirely new + chapter of the Handbook on ZFS was started. Currently this + chapter consists of approximately 16,000 words covering all + subcommands of the zpool(8) and zfs(8) + utilities, delegation, tuning and a section devoted to + defintions and explainations of the terms and features of + ZFS.

    + +

    The remaining section is the FAQ. To help users address the + most common problems they might run into with ZFS. It would be + useful to hear experiences, questions, misconceptions, gotchas, + stumbling blocks and suggestions for the FAQ section from other + users. Also, a use cases section that highlights some of the + cases where ZFS provides advantages over traditional file + systems.

    + +

    Please send suggestions to the freebsd-doc mailing + list.

    + + + ScaleEngine, Inc + + + Technical review by Matt Ahrens (co-creator of ZFS). + Improve delegation section. + Improve tuning section, add new sysctls added in + head. + Add section on jails and the jailed property. + Add FAQ section. + Add Use Cases section. + General editing and review. + +     From owner-svn-doc-all@FreeBSD.ORG Tue Mar 25 07:04:46 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 88370792; Tue, 25 Mar 2014 07:04:46 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 74C21146; Tue, 25 Mar 2014 07:04:46 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2P74kpM044500; Tue, 25 Mar 2014 07:04:46 GMT (envelope-from gabor@svn.freebsd.org) Received: (from gabor@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2P74kZc044498; Tue, 25 Mar 2014 07:04:46 GMT (envelope-from gabor@svn.freebsd.org) Message-Id: <201403250704.s2P74kZc044498@svn.freebsd.org> From: Gabor Kovesdan Date: Tue, 25 Mar 2014 07:04:46 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44350 - in head/share: misc xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Mar 2014 07:04:46 -0000 Author: gabor Date: Tue Mar 25 07:04:45 2014 New Revision: 44350 URL: http://svnweb.freebsd.org/changeset/doc/44350 Log: - Revert verbatim line numbering changes since they broke callouts and other inline markup PR: docs/187773 Submitted by: Allan Jude Modified: head/share/misc/docbook.css head/share/xml/freebsd-xhtml-common.xsl Modified: head/share/misc/docbook.css ============================================================================== --- head/share/misc/docbook.css Tue Mar 25 00:00:19 2014 (r44349) +++ head/share/misc/docbook.css Tue Mar 25 07:04:45 2014 (r44350) @@ -275,46 +275,23 @@ html { text-decoration: underline; } -.screen { - white-space: pre-wrap; +pre.screen { + white-space: pre; + overflow: auto; font-family: monospace; padding: 1ex; background-color: #edc; - border-style: solid; - border-color: #EEB985; - border-width: 0 0 0 2.5em; - border-radius: 6px; - counter-reset: code; + border: 1px solid #ccc; } -.programlisting { - white-space: pre-wrap; +pre.programlisting { + white-space: pre; + overflow: auto; font-family: monospace; padding: 1ex; background-color: #eee; - border-style: solid; - border-color: #BABABA; - border-width: 0 0 0 2.5em; + border: 1px solid #ccc; border-radius: 6px; - counter-reset: code; -} - -span.verbatim { - counter-increment: code; - display: block; - padding: 0 0.5em 0 3.75em; - position: relative; - margin: 0 -0.3em 0 -3.85em; - overflow: hidden; -} - -span.verbatim:before { - width: 3em; - text-align: right; - content: counter(code); - position: absolute; - left: 0; - color: #404040; } @media screen { /* hide from IE3 */ @@ -408,7 +385,7 @@ span.verbatim:before { font-weight: bold; } -.screen strong { +pre.screen strong { font-weight: normal; } Modified: head/share/xml/freebsd-xhtml-common.xsl ============================================================================== --- head/share/xml/freebsd-xhtml-common.xsl Tue Mar 25 00:00:19 2014 (r44349) +++ head/share/xml/freebsd-xhtml-common.xsl Tue Mar 25 07:04:45 2014 (r44350) @@ -7,7 +7,6 @@ version='1.0' xmlns:str="http://exslt.org/strings" xmlns:db="http://docbook.org/ns/docbook" - xmlns="http://www.w3.org/1999/xhtml" exclude-result-prefixes="db" extension-element-prefixes="str"> @@ -32,7 +31,6 @@ - @@ -294,61 +292,4 @@
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - div - pre - - - - - - - - - - - - - - - - - From owner-svn-doc-all@FreeBSD.ORG Tue Mar 25 13:17:16 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DB7FF868; Tue, 25 Mar 2014 13:17:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C8000A33; Tue, 25 Mar 2014 13:17:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2PDHGJ4098333; Tue, 25 Mar 2014 13:17:16 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2PDHGaJ098332; Tue, 25 Mar 2014 13:17:16 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403251317.s2PDHGaJ098332@svn.freebsd.org> From: Warren Block Date: Tue, 25 Mar 2014 13:17:16 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44351 - head/en_US.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Mar 2014 13:17:16 -0000 Author: wblock Date: Tue Mar 25 13:17:16 2014 New Revision: 44351 URL: http://svnweb.freebsd.org/changeset/doc/44351 Log: Move a space from inside a guibutton element to outside. Translators: this visibly changes content, even though it is just a space. Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Tue Mar 25 07:04:45 2014 (r44350) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Tue Mar 25 13:17:16 2014 (r44351) @@ -1685,8 +1685,8 @@ Trying to mount root from cd9660:/dev/is Enter to proceed. If changes need to be made, select [ Back ] to return to the partition editor. - [ Revert & Exit ] - will exit the installer without making any changes + [ Revert & Exit ] + will exit the installer without making any changes to the hard drive. Installation time will vary depending on the distributions From owner-svn-doc-all@FreeBSD.ORG Tue Mar 25 15:25:18 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BF124983; Tue, 25 Mar 2014 15:25:18 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id A9C91B3E; Tue, 25 Mar 2014 15:25:18 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2PFPIiM052295; Tue, 25 Mar 2014 15:25:18 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2PFPIXO052294; Tue, 25 Mar 2014 15:25:18 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201403251525.s2PFPIXO052294@svn.freebsd.org> From: Remko Lodder Date: Tue, 25 Mar 2014 15:25:18 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44352 - translations/nl_NL.ISO8859-1/books/handbook/firewalls X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Tue, 25 Mar 2014 15:34:05 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Mar 2014 15:25:18 -0000 Author: remko Date: Tue Mar 25 15:25:18 2014 New Revision: 44352 URL: http://svnweb.freebsd.org/changeset/doc/44352 Log: Update work in progress, this file is almost up to date with the translation target. Facilitated by: Snow B.V. Modified: translations/nl_NL.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: translations/nl_NL.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- translations/nl_NL.ISO8859-1/books/handbook/firewalls/chapter.xml Tue Mar 25 13:17:16 2014 (r44351) +++ translations/nl_NL.ISO8859-1/books/handbook/firewalls/chapter.xml Tue Mar 25 15:25:18 2014 (r44352) @@ -2022,18 +2022,16 @@ block drop out quick on $ext_if from any IPFILTER is een cross-platform open source firewall, welke geporteerd is naar de &os;, NetBSD, OpenBSD en &solaris; besturingssystemen. - XXX RL 1920 IPFILTER is gebaseerd op een firewall aan de kernelkant en een NAT mechanisme dat gecontroleerd en gemonitord kan worden door programma's in userland. De - firewallregels kunnen ingesteld of verwijderd worden met het - hulpprogramma &man.ipf.8;. De NAT regels - kunnen ingesteld of verwijderd worden met &man.ipnat.8;. Het - programma &man.ipfstat.8; kan actuele statistieken leveren voor - de kernelonderdelen van IPFILTER. &man.ipmon.8; kan acties van - IPFILTER wegschrijven naar logboekbestanden van het - systeem. + firewallregels kunnen ingesteld of verwijderd via &man.ipf.8; + De NAT regels kunnen ingesteld of verwijderd + worden met &man.ipnat.8;. Actuele statistieken voor de kernel + onderdelen van IPFILTER kunnen worden getoond met &man.ipfstat.8; + Om acties van IPFILTER naar de systeem logbestanden weg te + schrijven kan &man.ipmon.8; gebruikt worden. IPF is oorspronkelijk geschreven met logica die regels verwerkte volgens het principe de laatst passende regel @@ -2043,9 +2041,8 @@ block drop out quick on $ext_if from any toegevoegd waarmee de logica van het verwerken van regels drastisch is gemoderniseerd. In de officile documentatie van IPF worden alleen de regels en verwerkingslogica - behandeld. De moderne functies worden alleen behandeld als - opties, waardoor hun nut dat er een veel betere en veiligere firewall mee - te maken volledig onderbelicht blijft. + behandeld en de gemoderniseerde functies worden alleen + behandeld als additionele opties. De instructies in dit hoofdstuk zijn gebaseerd op regels die gebruik maken van de optie quick en de @@ -2071,17 +2068,15 @@ block drop out quick on $ext_if from any inschakelen - IPF zit in de basisinstallatie van &os; als een aparte + IPF zit in de basisinstallatie van &os; als een run time laadbare module. Een systeem laadt de - IPF kernel laadbare module dynamisch als - ipfilter_enable="YES" in - rc.conf staat. Voor de laadbare module - zijn de opties logging en default - pass all ingeschakeld. IPF hoeft niet in de - kernel gecompileerd te worden om het standaardgedrag te - wijzigen naar block all. Dat is mogelijk - door op het einde van de regelverzameling een regel block - all toe te voegen die al het verkeer blokkeert. + module dynamisch als ipfilter_enable="YES" + in rc.conf staat. Voor de laadbare module + zijn de opties logging en default pass all + ingeschakeld. Om de standaard aan te passen naar + block all moet er een + block all regel aan het einde van de + ruleset worden toegevoegd. @@ -2111,15 +2106,11 @@ block drop out quick on $ext_if from any kernelopties - Het is niet verplicht om IPF in te schakelen door de - volgende opties in de &os; kernel te compileren. Dit wordt - alleen beschreven als achtergrondinformatie. Door IPF in de - kernel te compileren wordt de laadbare module niet - gebruikt. - - Voorbeeld kernelinstellingen voor IPF staan beschreven in - de /usr/src/sys/i386/conf/LINTin de - kernelbroncode en worden hier beschreven: + Voor gebruikers die het wenselijk vinden om IPF + ondersteuning in de kernel te compileren en een + custom kernel zijn de volgende opties die ook in + /usr/src/sys/conf/NOTES staan + beschreven beschikbaar: options IPFILTER options IPFILTER_LOG @@ -2129,10 +2120,10 @@ options IPFILTER_DEFAULT_BLOCKIPFILTER firewall in. options IPFILTER_LOG schakelt de - optie in waarmee IPF verkeer kan loggen door het naar het + optie in waarmee IPF verkeer kan loggen via het ipl pakketloggende - pseudo-apparaat te schrijven voor iedere regel met het - sleutelwoord log erin. + pseudo-apparaat voor iedere regel met het sleutelwoord + log erin. options IPFILTER_DEFAULT_BLOCK wijzigt het standaardgedrag zodat ieder pakket waarop geen @@ -2173,11 +2164,10 @@ ipnat_rules="/etc/ipnat.rules" # best ipf - Het commando &man.ipf.8; wordt gebruikt om het bestand met - firewallregels te laden. Gewoonlijk wordt er een bestand - aangemaakt waarin de situatieafhankelijke regels staan - waarmee in 蜑n keer de bestaande regels kunnen - worden vervangen: + Om de ruleset te laden wordt &man.ipf.8; gebruikt. + Afwijkende regels worden normaal gesproken in een bestand + geplaatst waarna het volgende commando gebruikt kan worden + om de bestaande regels te vervangen: &prompt.root; ipf -Fa -f /etc/ipf.rules @@ -2309,12 +2299,11 @@ Packet log flags set: (0) De daemon wordt gebruikt als continu een systeemlogboek bijgewerkt moet worden zodat het mogelijk is om - gebeurtenissen in het verleden te bekijken. Zo zijn &os; en - IPFILTER ingesteld om samen te werken. &os; heeft ingebouwde - mogelijkheden om automatisch syslogs te roteren. Daarom is - het beter om de uitvoer naar &man.syslogd.8; te schrijven - dan naar een gewoon bestand. In de standaardversie van - rc.conf is te zien dat de instelling + gebeurtenissen in het verleden te bekijken. &oss; heeft een + ingebouwde mogelijkheid om automatisch systeem logs te roteren. + Daarom is het beter om de uitvoer naar &man.syslogd.8; te + schrijven dan naar een gewoon bestand. In de standaardversie + van rc.conf is te zien dat de instelling ipmon_flags de waarde heeft: @@ -2323,40 +2312,36 @@ Packet log flags set: (0) # v = log tcp window, ack, seq # n = vertaal IP & poort naar namen - De voordelen van loggen zijn duidelijk. Het biedt de - mogelijkheid om na het feit informatie na te zien als: welke - pakketten heeft de firewall laten vallen, waar kwamen ze - vandaan en waar gingen ze heen? Dit zijn allemaal voordelen - als het gaat om uitvinden waar een aanvaller vandaan komt en - wat deze heeft geprobeerd. + Logging biedt de mogelijkheid om achteraf informatie terug + te bekijken, zoals welke adressen er gedropt werden, vanaf + welke adressen men kwam en waar ze naartoe gingen. Dit zijn + allemaal voordelen als het gaat om uitvinden waar een + aanvaller vandaan komt en wat deze heeft geprobeerd. - Zelfs als loggen is ingeschakeld, logt IPF nog niets uit - zichzelf. De beheerder van de firewall beslist welke regels in de + Zelfs als loggen is ingeschakeld, logt IPF standaard niets. + De beheerder van de firewall beslist welke regels in de regelverzameling iets weg moeten schrijven door het sleutelwoord log aan die regels toe te voegen. Gewoonlijk worden alleen deny regels gelogd. Het is heel normaal om als laatste regel een - deny regel aan de set met regels toe te - voegen waar het sleutelwoord log in staat. - Zo krijgt een beheerder alle pakketten te zien waarop geen - enkele regel van toepassing was. + weiger alle verkeer regel aan de set met regels + toe te voegen waar het sleutelwoord log in + staat. Zo krijgt een beheerder alle pakketten te zien waarop + geen enkele regel van toepassing was. Loggen met IPMON - Syslogd heeft een eigen methode - om logboekgegevens te scheiden. Het maakt gebruik van speciale - groepen die facility en level + &man.syslogd.8; heeft een eigen methode om logboekgegevens + te scheiden. Het maakt gebruik van groepen die + facility en level heten. &man.ipmon.8; in mode gebruikt - local0 - als facilitynaam. Alle door &man.ipmon.8; gelogde - gegevens gaan standaard naar de naam security. - De nu volgende levels - kunnen gebruikt worden om de gelogde gegevens nog verder uit - elkaar te trekken als dat gewenst is. + local0 als facility naam. + De volgende levels kunnen worden gebruikt om het gelogde + verkeer nog verder te scheiden: LOG_INFO – pakketten gelogd met het sleutelwoord "log" als actie in plaats van pass of block. LOG_NOTICE – gelogde pakketten die ook zijn doorgelaten @@ -2367,41 +2352,31 @@ LOG_ERR – gelogde pakketten die ee Om IPFILTER alle gelogde gegevens naar /var/log/ipfilter.log te laten schrijven, - dient dat bestand vooraf te bestaan. Dat kan met het volgende - commando: + moet vooraf het bestand bestaan: &prompt.root; touch /var/log/ipfilter.log - De functionaliteit van &man.syslogd.8; wordt beheerd met - instellingen in /etc/syslog.conf. - Dit bestand biedt aanzienlijke - flexibiliteit in hoe syslog omgaat met - systeemberichten die door softwaretoepassingen als IPF worden - gegeven. - - Zo kan de volgende instelling toegevoegd worden aan - /etc/syslog.conf: + &man.syslogd.8; wordt bedient door definities in + /etc/syslog.conf. Dit bestand levert + behoorlijke flexibiliteit over hoe + syslog met systeem meldingen + omgaat zoals software applicaties als IPF. + + Om alle gelogde berichten naar een gespecificeerd + bestand te schrijven, moet het volgende statement + worden toegevoegd aan /etc/syslog.conf: local0.* /var/log/ipfilter.log - Het deel local0.* - betekent dat alle logberichten naar de aangegeven plaats - geschreven moeten worden. - - Om de wijzigingen in - /etc/syslog.conf actief te maken kan er opnieuw - opgestart worden of is het mogelijk de daemon &man.syslogd.8; een schop - te geven zodat /etc/syslog.conf opnieuw - wordt ingelezen met /etc/rc.d/syslogd - reload. Het PID (procesnummer) is te achterhalen - door een overzicht van taken te tonen met - ps -ax. Het PID is het nummer in de - linker kolom voor de regel waarop syslog - staat. + Om de wijzigingen te activeren en om &man.syslogd.8; + te instrueren om het gewijzigde + /etc/syslog.conf opnieuw te lezen + moet het service syslogd reload gedraaid + worden. Vaak wordt vergeten /etc/newsyslog.conf te wijzigen om het - nieuw aangemaakte logboekbestand te laten roteren. + aangemaakte logboekbestand te laten roteren. @@ -2419,18 +2394,16 @@ LOG_ERR – gelogde pakketten die ee De tijd waarop het pakket is ontvangen weergegeven als HH:MM:SS.F voor uren, minuten, seconden en fracties - van een seconde. De fractie kan meerdere cijfers lang - zijn. + van een seconde. De naam van de interface waarop het pakket is - ontvangen, bijvoorbeeld - dc0. + ontvangen. - De groep en regelnummer van de regel, bijvoorbeeld + De groep en regelnummer van de regel in het formaat @0:17. @@ -2441,22 +2414,21 @@ LOG_ERR – gelogde pakketten die ee De acties: p voor doorgelaten - (passed), b voor - geblokkeerd (blocked), - S voor een verkeerd pakket - (short packet), n voor + b voor geblokkeerd, S + voor een verkeerd pakket, n voor dat er geen enkele regel van toepassing was, L voor een logboekregel. De volgorde - waarin deze acties getoond worden is: S, p, b, n, L. Een + waarin deze acties getoond worden is: S, + p, b, + n, L. Een hoofdletter P of B betekent dat het pakket gelogd is vanwege een globale - instelling, niet vanwege 蜑n regel in het - bijzonder. + instelling, niet vanwege 蜑n regel in het bijzonder. - De adressen. Dit zijn eigenlijk drie velden: het - bronadres en poort gescheiden door een komma, het symbool + De adressen geschreven in drie velden: hetbronadres en + poort gescheiden door een komma, het symbool -> en het bestemmingsadres en poort, bijvoorbeeld: 209.53.17.22,80 -> 198.73.220.17,1722. @@ -2508,8 +2480,7 @@ LOG_ERR – gelogde pakketten die ee compatibel met de shells &man.sh.1;, &man.csh.1; en &man.tcsh.1;. Velden waarvoor substitutie van toepassing is worden - vooraf gegaan door het dollarteken - $. + vooraf gegaan door een $. Definities worden niet vooraf gegaan door het voorvoegsel $. @@ -2551,12 +2522,11 @@ pass out quick on $oif proto tcp EOF ################## Einde IPF regels script ######################## - Dat is alles. De regels zijn niet van belang in dit - voorbeeld, maar tonen hoe substitutievelden worden - gedefinieerd en hoe ze worden gebruikt. Als het bovenstaande - voorbeeld de inhoud van - /etc/ipf.rules.script was, dan konden deze regels - herladen worden door het vanaf de commandoregel aan te roepen: + De regels zijn niet van belang in dit voorbeeld, maar + richt zich op hoe de substitutievelden worden gevuld. Als dit + voorbeeld zich in een bestand bevond genaamd + /etc/ipf.rules.script was, dan konden + deze regels herladen worden door het draaien van: &prompt.root; sh /etc/ipf.rules.script @@ -2573,8 +2543,8 @@ EOF cat en zet het commentaarteken bij de regel die begint met /sbin/ipf. Plaats ipfilter_enable="YES" in - /etc/rc.conf zoals gewoonlijk en start - het script eenmalig na elke wijziging om + /etc/rc.conf en start het script + eenmalig na elke wijziging om /etc/ipf.rules te maken of bij te werken. @@ -2595,35 +2565,35 @@ EOF sh /etc/ipf.rules.script De permissies op dit script moeten zijn: lezen,schrijven - en uitvoeren voor de gebruiker root. + en uitvoeren voor de gebruiker + root: &prompt.root; chmod 700 /usr/local/etc/rc.d/ipf.loadrules.sh - Als het systeem nu herstart, worden de regels via het + Als het systeem nu herstart, worden de IPF regels via het script gestart. - Sets van IPF regels + IPF rulesets - Een set regels is een groep IPF-regels - die is gemaakt om pakketten toe te staan of te blokkeren op - basis van de eigenschappen van dat pakket. De - bi-directionele uitwisseling van pakketten tussen hosts + Een ruleset bevat een groep van IPF regels welke verkeer + toestaan of weigeren gebaseerd op de waarden in het pakket. + Het bidirectioneel uitwisselen van pakketten tussen machines bestaat uit een gesprek dat een sessie heet. De set van firewallregels verwerkt zowel de pakketten die arriveren van het publieke Internet, als de pakketten die door het systeem zijn geproduceerd als een antwoord erop. Elke - TCP/IP-dienst (telnet, www, mail, enzovoorts) is - vooraf gedefinieerd door een protocol en bevoorrechte (luister)poort. - Pakketten bedoeld voor een speciale dienst beginnen bij het bronadres - gebruik makend van een onbevoorrechte (hogere orde) poort en komen aan - bij de specifieke dienstpoort op het bestemmingsadres. Alle - bovengenoemde parameters (poorten en adressen) kunnen gebruikt worden - als selectiecriteria om regels aan te maken die diensten zullen toestaan - of blokkeren. + TCP/IP-dienst is + vooraf gedefinieerd door een protocol en luisterpoort. + Pakketten bedoeld voor een speciale dienst beginnen bij het + bronadres gebruik makend van een onbevoorrechte poort en komen + aan bij de specifieke dienstpoort op het bestemmingsadres. + Alle bovengenoemde parameters (poorten en adressen) kunnen + gebruikt worden als selectiecriteria om regels aan te maken + die diensten zullen toestaan of blokkeren. IPFILTER @@ -2631,27 +2601,13 @@ sh /etc/ipf.rules.scriptvolgorde regelverwerking - IPF is oorspronkelijk geschreven met logica die regels - verwerkte volgens het principe de laatst passende - regel wint en gebruikte toen alleen staatloze regels. - In de loop der tijd is IPF verbeterd en zijn de opties - quick en keep state toegevoegd - waarmee de logica van het verwerken van regels drastisch is - gemoderniseerd. - - De instructies in dit hoofdstuk zijn gebaseerd op regels - die gebruik maken van de optie quick - en de stateful optie keep state. Dit - is het raamwerk waarmee een set van inclusieve firewallregels - wordt samengesteld. - Werk bij het wijzigen van firewallregels zeer - voorzichtig. Met sommige instellingen is een - server niet meer bereikbaar. Om het - veilig te spelen is het aan te raden de eerste instellingen - vanaf het console te maken, in plaats van via - ssh. + voorzichtig. Met sommige instellingen kunnen + ervoor zorgen dat de beheerder niet meer bij de server + kan komen. Om veilig te zijn is het aan te raden om de + eerste instellingen vanaf de console te maken, in plaats + van op afstand via ssh. @@ -2667,7 +2623,7 @@ sh /etc/ipf.rules.scriptDe regelsyntaxis die hier wordt besproken is versimpeld door alleen de moderne stateful regels en de eerste van toepassing zijnde regel wint te belichten. De - complete regelsyntaxis is na te lezen in &man.ipf.8;. + regelsyntaxis is na te lezen in &man.ipf.8;. Het karakter # wordt gebruikt om het begin van een opmerking te markeren en zowel op een eigen @@ -2718,9 +2674,9 @@ sh /etc/ipf.rules.script ACTIE - De actie geeft aan wat er met het pakket gedaan moet - worden als het van toepassing is op de rest van de - filterregel. Iedere regel moet een + Het actie sleutelwoord geeft aan wat er met het pakket + gedaan moet worden als het van toepassing is op de rest van + de filterregel. Iedere regel moet een actie hebben. De volgende acties zijn mogelijk: block geeft aan dat het pakket @@ -2739,7 +2695,7 @@ sh /etc/ipf.rules.scriptin of out - zijn en 蜑n van de twee moet gecodeerd worden, anders + zijn en 蜑n van de twee moet gebruikt worden, anders is de regel syntactisch onjuist. in betekent dat de regel van @@ -2758,32 +2714,26 @@ sh /etc/ipf.rules.script log geeft aan dat het pakket naar het - ipl logboekbestand geschreven moeten - worden (zoals verderop beschreven staat in de paragraaf - Loggen) als de regel van toepassing is op - het pakket. + &man.ipl.4; logboekbestand geschreven moeten worden als de + regel van toepassing is op het pakket. quick geeft aan dat als een regel van toepassing is, dat de laatste regel moet zijn die wordt - gecontroleerd, waardoor er een pad wordt - kortgesloten waardoor de volgende regels voor - dat pakket niet meer gecontroleerd worden. Deze optie is - voor de moderne regels eigenlijk verplicht. + gecontroleerd, waarna verdere evaluatie van regels niet meer + zal plaatsvinden. on geeft de interface aan die in de parameters meegenomen moet worden. De namen van interfaces kunnen getoond worden met &man.ifconfig.8;. Als deze optie wordt gebruikt, kan een regel alleen van toepassing zijn als het pakket door de aangegeven interface gaat in de richting - die is aangegeven - (in/out). Ook deze - optie is verplicht voor de moderne regels. + die is aangegeven. Als een pakket wordt gelogd, dan worden de koppen van het - pakket weggeschreven naar het ipl - pakketloggende pseudo-apparaat. Direct na het - sleutelwoord log mogen de volgende opties - gebruikt worden (in de aangegeven volgorde): + pakket weggeschreven naar het &man.ipl.4; pakketloggende + pseudo-apparaat. Direct na het sleutelwoord + log mogen de volgende opties + gebruikt worden in de aangegeven volgorde: body geeft aan dat de eerste 128 bytes van de inhoud van het pakket worden opgeslagen na de @@ -2791,12 +2741,9 @@ sh /etc/ipf.rules.scriptfirst; als het sleutelwoord log samen met een optie keep - state wordt gebruikt, wordt het aangeraden om - deze optie ook te gebruiken zodat alleen het pakket dat als - eerste in de sessie van toepassing was en niet ook alle - pakketten die daarna in de sessie volgens - keep state van toepassing - zijn. + state wordt gebruikt, deze optie is aangeraden + zodat alleen het eerste pakket van de sessie wordt gelogged + en niet elk pakket dat de stateful connectie matcht. @@ -2817,9 +2764,8 @@ sh /etc/ipf.rules.scriptproto is het sleutelwoord dat moet worden aangegeven samen met een van de - sleutelwoorden uit de subopties. De waarde geeft een bepaald - protocol aan dat van toepassing moet zijn. Ook deze optie is - verplicht voor de moderne regels. + sleutelwoorden uit de subopties. De suboptie geeft een + specifiek protocol aan welke van toepassing moet zijn. tcp/udp, tcp, udp, icmp of ieder @@ -2835,9 +2781,8 @@ sh /etc/ipf.rules.script BRON_ADR/BEST_ADR - Het sleutelwoord all is in feite - hetzelfde als from any to any zonder - overige parameters. + Het sleutelwoord all is gelijk aan + from any to any zonder andere parameters. from bron to bestemming; de sleutelwoorden from en @@ -2847,16 +2792,20 @@ sh /etc/ipf.rules.scriptIP-adres aangegeven worden. any is een bijzonder sleutelwoord dat van toepassing is op ieder - IP-adres. Voorbeelden van gebruik: from - any to any of from 0.0.0.0/0 to any of - from any to 0.0.0.0/0 of from 0.0.0.0 to - any of from any to 0.0.0.0. - - Het is vaak lastig om te komen tot een reeks IP-adressen die zich - niet gemakkelijk laten uitdrukken met de gepunte numerieke vorm/ - maskerlengte notatie. De port net-mgmt/ipcalc kan gebruikt worden om de - berekeningen te vereenvoudigen. Aanvullende informatie is beschikbaar - op de webpagina van het gereedschap: http://jodies.de/ipcalc. + IP-adres. Voorbeelden van gebruik: + from any to any of + from 0.0.0.0/0 to any of + from any to 0.0.0.0/0 of + from 0.0.0.0 to any of + from any to 0.0.0.0. + + Het is vaak lastig om te komen tot een reeks IP-adressen + die zich niet gemakkelijk laten uitdrukken met de gepunte + numerieke vorm/ maskerlengte notatie. De port + net-mgmt/ipcalc kan gebruikt worden om de + berekeningen te vereenvoudigen. Aanvullende informatie is + beschikbaar op de webpagina van het gereedschap: + http://jodies.de/ipcalc. @@ -2873,25 +2822,24 @@ sh /etc/ipf.rules.scriptto object, dan wordt het vergeleken met het poortnummer van de - bestemming. Het gebruik van het to object - is in de moderne regels verplicht en neemt de vorm aan van - from any to any port = 80. - - Enkelvoudige poortvergelijkingen kunnen op verschillende manieren - gedaan worden met een aantal verschillende operatoren. - Er kunnen ook reeksen van poorten ingesteld worden. - - poort "=" | "!=" | "<" | ">" | "<=" | ">=" | - "eq" | "ne" | "lt" | "gt" | "le" | "ge" - - Reeksen van poorten worden met de volgende optie - aangegeven: poort <> | >< - - - De volgende twee parameters die betrekking hebben op - bron en bestemming, zijn verplicht in de moderne - regels. - + bestemming. Voorbeeld gebruik hiervan is from any + to any port = 80. + + Enkelvoudige poortvergelijkingen kunnen op verschillende + manieren gedaan worden met een aantal verschillende + operatoren. In plaats van = zoals + getoond in het voorbeeld hierboven, kunnen de volgende + operatoren worden gebruikt: !=, + <, >, + <=, >=, + eq, ne, + lt, gt, + le en ge. + + Om poort reeksen te specificeren moeten er twee + poortnummers worden geplaatst tussen + <> of + ><. @@ -2913,10 +2861,6 @@ sh /etc/ipf.rules.scriptkeep state geeft aan dat in een regel met pass voor alle pakketten die van toepassing zijn stateful gefilterd moet worden. - - - Deze optie is voor moderne regels verplicht. - @@ -2931,41 +2875,40 @@ sh /etc/ipf.rules.scriptMet stateful filteren wordt verkeer benaderd als een uitwisseling van pakketten tussen twee kanten die een sessie - zijn. Als het is ingeschakeld, dan maakt het - mechanisme dynamisch interne - regels voor pakketten die in de sessie horen te volgen. Het - kan bekijken of de karakteristieken van de sessie tussen - verzender en ontvanger de juiste procedure volgen. Alle - pakketten die niet passen in de sessie, worden automatisch - geblokkeerd. - - keep state staat ook - ICMP-pakketten toe die gerelateerd zijn aan een - TCP- of UDP-sessie. Dus als er - een ICMP-type 3 code 4 komt in antwoord op - websurfen, dat wordt toegestaan van binnen naar buiten door een - keep state regel, dan wordt dat toegelaten. - Pakketten waarvan IPF zeker is dat ze onderdeel zijn van de - sessie worden toegelaten, zelfs als ze van een ander protocol - zijn. - - Wat er gebeurt: pakketten die naar buiten gaan op de - interface die met Internet is verbonden worden eerst - vergeleken met de dynamische staattabel. Als een pakket - voldoet aan de verwachting van het volgende pakket in de - sessie, dan mag het de firewall verlaten en wordt de - toestand van de sessie in de dynamische toestandstabel bijgewerkt. - Pakketten die niet bij een reeds actieve sessie horen, worden tegen de - uitgaande regelverzameling gecontroleerd. + zijn. Wanneer deze actief is genereert + keep-state dynamisch interne regels voor + elk verwacht pakket welke uitgewisseld wordt tijdens de sessie. + Het heeft voldoende mogelijkheden om te zien of een pakketje + geldig is voor een bepaalde sessie of niet. Elk pakket welke + niet goed in de sessie template past wordt automatisch + geweigerd. + + IPF stateful filtering staat ook ICMP + pakketten toe als deze gerelateerd zijn aan een bestaande + TCP of UDP sessie. Dus + als een ICMP type 3 code 4 pakket een + reactie is op een sessie gestart via een keep state regel, zal + deze automatisch worden toegestaan. Elk pakket waarvan IPF + zeker kan zijn dat deze onderdeel is van een actieve sessie, + ook al is het een ander protocol, wordt toegestaan. + + Pakketten die uitgaand zijn op een interface welke + verbonden is met het Internet, worden allereerst gecontroleerd + in de dynamische staattabel. Als het pakket overeenkomt met + de verwachting van het volgende pakket in de sessie, mag deze + de firewall verlaten en wordt de toestand van de sessie + bijgewerkt in de staattabel. Pakketten die niet bij een reeds + actieve sessie horen, worden vergeleken met de regels voor het + uitgaande verkeer. Pakketten die binnenkomen op de interface die met Internet is verbonden worden eerst vergeleken met de dynamische staattabel. Als een pakket voldoet aan de verwachting van het volgende pakket in de sessie, dan mag het - de firewall verlaten en wordt de toestand van de sessie in de dynamische - toestandstabel bijgewerkt. Pakketten die niet bij een reeds actieve - sessie horen, worden vergeleken met de regelverzameling voor - binnenkomend verkeer. + de firewall verlaten en wordt de toestand van de sessie in de + dynamische toestandstabel bijgewerkt. Pakketten die niet bij + een reeds actieve sessie horen, worden vergeleken met de + regelverzameling voor binnenkomend verkeer. Als de sessie wordt beindigd wordt het uit de dynamische staattabel verwijderd. @@ -2985,42 +2928,39 @@ sh /etc/ipf.rules.script Voorbeeld van inclusieve regels - De onderstaande regels zijn een voorbeeld van hoe een - erg veilige inclusieve firewall opgezet kan worden. Een - inclusieve firewall staat alleen diensten toe die passen bij - de pass-regels en blokkeert al het - overige verkeer. Firewalls die bedoeld zijn om andere machines te - beschermen, ook wel netwerk-firewalls genoemd, dienen - tenminste twee interfaces te hebben, die over het algemeen zijn - ingesteld om de ene kant te vertrouwen (het LAN) maar - niet de andere (het publieke Internet). Ook kan een firewall worden - ingesteld om alleen het systeem te beschermen waarop het - draait—dit wordt een host-gebaseerde firewall - genoemd, en is in het bijzonder geschikt voor servers op een onvertrouwd - netwerk. - - Alle &unix; systemen en dus ook &os; zijn zo ontworpen - dat ze voor interne communicatie de interface - lo0 en IP adres - 127.0.0.1 gebruiken. De - firewall moet dit interne verkeer gewoon doorgang laten - vinden. + De onderstaande regels zijn een voorbeeld van een + inclusieve firewall, welke alleen diensten toelaat welke + passen bij de pass-regels en blokkeert + al het overige verkeer. Netwerk firewalls die bedoeld zijn + om andere machines te beveiligen, zouden minstenst twee + interfaces moeten hebben en zijn veelal geconfigureerd om het + LAN te vertrouwen en het publieke Internet + niet. Ook kan een firewall worden ingesteld om alleen het + systeem waar deze op actief is te beschermen, wat vaak voorkomt + bij servers op onveilige netwerken of een desktop systeem welke + niet beveiligd wordt door een firewall op het netwerk. + + &os; gebruikt lo0 en het IP adres + 127.0.0.1 voor + interne communicatie met het besturingssysteem. De firewall + regels moeten regels bevatten die deze communicatie vrijelijk + toestaat. Voor de interface die is verbonden met het publieke - Internet worden regels gemaakt waarmee de toegang voor uitgaande en - binnenkomende verbindingen worden geautoriseerd en beheerst. - Dit kan de PPP-interface tun0 zijn of de - netwerkkaart die is verbonden met een xDSL- of kabelmodem. + Internet worden regels gemaakt waarmee de toegang voor + uitgaande en binnenkomende verbindingen worden geautoriseerd + en beheerst. In gevallen dat er 蜑n of meer netwerkkaarten zijn aangesloten op private netwerksegmenten kunnen er regels - op de firewall nodig zijn om pakketten die van die LAN-interfaces - afkomen vrije doorgang te geven naar elkaar en/of naar buiten - (het Internet). - - De regels worden opgedeeld in drie onderdelen: eerst de vertrouwde - interfaces, dan het publieke uitgaande interface en als laatste het - onvertrouwde publieke binnenkomende interfaces. + op de firewall nodig zijn om pakketten die van die + LAN-interfaces afkomen vrije doorgang te geven naar elkaar + en/of het Internet. + + De regels worden opgedeeld in drie onderdelen: de vertrouwde + interfaces, dan het publieke uitgaande interface en als + laatste de onvertrouwde publieke binnenkomende + interface. In iedere sectie moeten zo staan dat de regels die het meest gebruikt worden v齠r de regels die minder @@ -3028,6 +2968,7 @@ sh /etc/ipf.rules.script + In het onderdeel Uitgaand staan alleen regels met pass die parameters bevatten om uniek individuele diensten identificeren die het publieke Internet mogen From owner-svn-doc-all@FreeBSD.ORG Tue Mar 25 15:28:50 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B4EE3B98; Tue, 25 Mar 2014 15:28:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id A16C1B87; Tue, 25 Mar 2014 15:28:50 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2PFSoM4052674; Tue, 25 Mar 2014 15:28:50 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2PFSoMk052673; Tue, 25 Mar 2014 15:28:50 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201403251528.s2PFSoMk052673@svn.freebsd.org> From: Remko Lodder Date: Tue, 25 Mar 2014 15:28:50 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44353 - translations/nl_NL.ISO8859-1/books/handbook/firewalls X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Tue, 25 Mar 2014 15:40:19 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Mar 2014 15:28:50 -0000 Author: remko Date: Tue Mar 25 15:28:50 2014 New Revision: 44353 URL: http://svnweb.freebsd.org/changeset/doc/44353 Log: correct some typos, the chapter passes the lint check again. More work tommorrow. Facilitated by: Snow B.V. Modified: translations/nl_NL.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: translations/nl_NL.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- translations/nl_NL.ISO8859-1/books/handbook/firewalls/chapter.xml Tue Mar 25 15:25:18 2014 (r44352) +++ translations/nl_NL.ISO8859-1/books/handbook/firewalls/chapter.xml Tue Mar 25 15:28:50 2014 (r44353) @@ -983,7 +983,7 @@ rdr-anchor "ftp-proxy/*" Nu de daadwerkelijke omleiding. Omleidingsregels en - NAT regels vallen beiden in dezelfde + NAT regels vallen beiden in dezelfde regel klasse. Er mag direct naar deze regels worden verwezen, en filter regels mogen afhankelijk zijn van deze regels. Logisch gezien moeten rdr @@ -1170,7 +1170,7 @@ pass inet proto icmp from any to $ext_if &man.traceroute.8; is een ander nuttig hulpmiddel wanneer er gebruikers zijn die claimen dat het Internet niet werkt. Standaard gebruikt Unix - traceroute UDP verbindingen gebaseerd + traceroute UDP verbindingen gebaseerd op een vastgestelde formule naar de doelmachine. De regel hieronder werkt met traceroute op alle Unix'en waaronder GNU/Linux: @@ -1195,7 +1195,7 @@ pass out on $ext_if inet proto udp from Deze oplossing is opgemerkt op de openbsd-misc lijst. Deze lijst en zijn doorzoekbare archieven (zoals onder - andere beschikbaar op< http://marc.theaimsgroup.com/), zijn een enorm waardevolle bron als er OpenBSD of PF informatie gezocht wordt. @@ -1359,7 +1359,7 @@ Sep 26 03:12:44 skapet sshd[24703]: Fail ook de mensen die poort 22 scannen in staat zijn om ook poort 2222 te scannen om het trucje te herhalen. - Sinds OpenBSD 3.7 en vlak erna in &os versie 6.0 + Sinds OpenBSD 3.7 en vlak erna in &os; versie 6.0 heeft PF een elegantere oplossing. Passeer regels kunnen geschreven worden met daarbij het bijhouden van bepaalde limieten met wat bepaalde @@ -1859,7 +1859,7 @@ rdr pass on $ext_if inet proto tcp from spamdb is de belangrijkste interface voor de beheerder om de black-, grey- en whitelists te beheren via de inhoud van de - /var/db/spamdb database. + /var/db/spamdb database. @@ -1905,7 +1905,7 @@ rdr pass on $ext_if inet proto tcp from inschakelt, wat ervoor zorgt dat gefragmenteerde pakketten worden samengevoegd en afwijken worden eruit gefilterd. Het inschakelen van - scrub geeft een mate van + scrub geeft een mate van beveiliging tegen bepaalde aanvallen, welke gebaseerd zijn op het incorrect behandelen van gefragmenteerde pakketten. Er zijn een aantal @@ -2299,7 +2299,7 @@ Packet log flags set: (0) De daemon wordt gebruikt als continu een systeemlogboek bijgewerkt moet worden zodat het mogelijk is om - gebeurtenissen in het verleden te bekijken. &oss; heeft een + gebeurtenissen in het verleden te bekijken. &os; heeft een ingebouwde mogelijkheid om automatisch systeem logs te roteren. Daarom is het beter om de uitvoer naar &man.syslogd.8; te schrijven dan naar een gewoon bestand. In de standaardversie From owner-svn-doc-all@FreeBSD.ORG Wed Mar 26 12:57:03 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DC0B4DCB; Wed, 26 Mar 2014 12:57:03 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C6D8E8CB; Wed, 26 Mar 2014 12:57:03 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2QCv33A085764; Wed, 26 Mar 2014 12:57:03 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2QCv3Zw085763; Wed, 26 Mar 2014 12:57:03 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201403261257.s2QCv3Zw085763@svn.freebsd.org> From: Benedict Reuschling Date: Wed, 26 Mar 2014 12:57:03 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44354 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Mar 2014 12:57:03 -0000 Author: bcr Date: Wed Mar 26 12:57:03 2014 New Revision: 44354 URL: http://svnweb.freebsd.org/changeset/doc/44354 Log: Correct spelling of Bulgaria's capital city. Noticed by: Peter Pentchev Modified: head/share/xml/events2014.xml Modified: head/share/xml/events2014.xml ============================================================================== --- head/share/xml/events2014.xml Tue Mar 25 15:28:50 2014 (r44353) +++ head/share/xml/events2014.xml Wed Mar 26 12:57:03 2014 (r44354) @@ -134,7 +134,7 @@ Bulgaria - Sophia + Sofia InterExpo Congress Center EuroBSDcon is the premier European conference on the From owner-svn-doc-all@FreeBSD.ORG Wed Mar 26 13:19:58 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3A8B2B4F; Wed, 26 Mar 2014 13:19:58 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 26B6FC09; Wed, 26 Mar 2014 13:19:58 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2QDJwxj094392; Wed, 26 Mar 2014 13:19:58 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2QDJwwC094391; Wed, 26 Mar 2014 13:19:58 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201403261319.s2QDJwwC094391@svn.freebsd.org> From: Mathieu Arnold Date: Wed, 26 Mar 2014 13:19:57 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44355 - head/en_US.ISO8859-1/books/porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Mar 2014 13:19:58 -0000 Author: mat (ports committer) Date: Wed Mar 26 13:19:57 2014 New Revision: 44355 URL: http://svnweb.freebsd.org/changeset/doc/44355 Log: OPTIONS_SUB supports SUB_LIST now. Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Wed Mar 26 12:57:03 2014 (r44354) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Wed Mar 26 13:19:57 2014 (r44355) @@ -3675,7 +3675,8 @@ FOO_CONFIGURE_ENABLE= fooIf OPTIONS_SUB is set to yes then each of the options added to OPTIONS_DEFINE will be added to - PLIST_SUB, for example: + PLIST_SUB and + SUB_LIST, for example: OPTIONS_DEFINE= OPT1 OPTIONS_SUB= yes @@ -3688,14 +3689,17 @@ OPTIONS_SUB= yes .if ${PORT_OPTIONS:MOPT1} PLIST_SUB+= OPT1="" NO_OPT1="@comment " +SUB_LIST+= OPT1="" NO_OPT1="@comment " .else PLIST_SUB+= OPT1="@comment " NO_OPT1="" +SUB_LIST+= OPT1="@comment " NO_OPT1="" .endif The value of OPTIONS_SUB is ignored. Setting it to any value will add - PLIST_SUB entries for + PLIST_SUB and + SUB_LIST entries for all options. From owner-svn-doc-all@FreeBSD.ORG Wed Mar 26 15:01:47 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E7A0CC47; Wed, 26 Mar 2014 15:01:47 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id D3215A04; Wed, 26 Mar 2014 15:01:47 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2QF1lZd038278; Wed, 26 Mar 2014 15:01:47 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2QF1lCb038276; Wed, 26 Mar 2014 15:01:47 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201403261501.s2QF1lCb038276@svn.freebsd.org> From: Remko Lodder Date: Wed, 26 Mar 2014 15:01:47 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44356 - in translations/nl_NL.ISO8859-1/books/handbook: bsdinstall firewalls X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Mar 2014 15:01:48 -0000 Author: remko Date: Wed Mar 26 15:01:47 2014 New Revision: 44356 URL: http://svnweb.freebsd.org/changeset/doc/44356 Log: Import work in progress for the firewalls chapter. This brings the chapter on par with the translation target revision. Also add a placeholder chapter for bsdinstall so that it should be possible to build the handbook again. There is an external error from docbook.sourceforge.net though which prevents the build from properly running, not sure what causes that yet. Facilitated by: Snow B.V. Modified: translations/nl_NL.ISO8859-1/books/handbook/bsdinstall/chapter.xml translations/nl_NL.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: translations/nl_NL.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- translations/nl_NL.ISO8859-1/books/handbook/bsdinstall/chapter.xml Wed Mar 26 13:19:57 2014 (r44355) +++ translations/nl_NL.ISO8859-1/books/handbook/bsdinstall/chapter.xml Wed Mar 26 15:01:47 2014 (r44356) @@ -1,36 +1,341 @@ - - &os; 9.<replaceable>X</replaceable> en nieuwer installeren + + + + + Het installeren van &os; 9.<replaceable>X</replaceable> + en later + - JimMockGeherstructureerd, gereorganiseerd en delen herschreven - door + + + Jim + Mock + + + Geherstructeerd, gereorganiseerd en delen herschreven + door + + - RandyPrattDe handleiding van sysinstall, schermafdrukken en algemene - kopij door + + + Randy + Pratt + + + De walkthrough door sysinstall, de screenshots en + generale kopij door + + - GavinAtkinsonBijgwerkt voor bsdinstall door + + + Gavin + Atkinson + - WarrenBlock + Bijgewerkt voor bsdinstall door + + + + + Warren + Block + + - - - Overzicht + Synopsis + + Wordt vertaald. + + + + Hardware Requirements + + Wordt vertaald. + + + Minimal Configuration + + Wordt vertaald. + + + + Supported Hardware + + Wordt vertaald. + + + + + Pre-Installation Tasks + + Wordt vertaald. + + + Decide Where to Install &os; + + Wordt vertaald. + + + Disk Layouts for &os;/&arch.i386; and + &os;/&arch.amd64; + + Wordt vertaald. + + + + + Collect Network Information + + Wordt vertaald. + + + + Prepare the Installation Media + + Wordt vertaald. + + + + Acquire the Memory Stick Image + + Wordt vertaald. + + + + + + + Starting the Installation + + Wordt vertaald. + + + Booting + + Wordt vertaald. + + + Booting on &i386; and &arch.amd64; + + Wordt vertaald. + + + + + Reviewing the Device Probe Results + + Wordt vertaald. + + + + + Introducing <application>bsdinstall</application> + + Wordt vertaald. + + + Selecting the Keymap Menu + + Wordt vertaald. + + + + Setting the Hostname + + Wordt vertaald. + + + + Selecting Components to Install + + Wordt vertaald. + + + + + Installing from the Network + + Wordt vertaald. + + + + Allocating Disk Space + + Wordt vertaald. + + + Guided Partitioning + + Wordt vertaald. + + + + Manual Partitioning + + Wordt vertaald. + + + + + Committing to the Installation + + Wordt vertaald. + + + + Post-Installation + + Wordt vertaald + + + Setting the <systemitem + class="username">root</systemitem> Password + + Wordt vertaald + + + + Configuring Network Interfaces + + Wordt vertaald + + + Configuring a Wireless Network Interface + + Wordt vertaald + + + + Configuring IPv4 Networking + + Wordt vertaald + + + IPv4 DHCP Network Configuration + + Wordt vertaald + + + + IPv4 Static Network Configuration + + Wordt vertaald + + + + + Configuring IPv6 Networking + + Wordt vertaald + + + IPv6 Stateless Address Autoconfiguration + + Wordt vertaald + + + + IPv6 Static Network Configuration + + Wordt vertaald + + + + + Configuring <acronym>DNS</acronym> + + Wordt vertaald + + + + + Setting the Time Zone + + Wordt vertaald + + + + Selecting Services to Enable + + Wordt vertaald + + + + Enabling Crash Dumps + + Wordt vertaald + + + + Add Users + + Wordt vertaald + + + + Final Configuration + + Wordt vertaald + + + + &os; Booting and Shutdown + + Wordt vertaald + + + &os;/&arch.i386; Booting + + Wordt vertaald + + + + + &os; Shutdown + + Wordt vertaald + + + + + Troubleshooting + + Wordt vertaald + + + What to Do If Something Goes Wrong + + Wordt vertaald + + + + Troubleshooting Questions and Answers + + Wordt vertaald + + - installatie + + Using the Live CD - Wordt nog vertaald. + Wordt vertaald Modified: translations/nl_NL.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- translations/nl_NL.ISO8859-1/books/handbook/firewalls/chapter.xml Wed Mar 26 13:19:57 2014 (r44355) +++ translations/nl_NL.ISO8859-1/books/handbook/firewalls/chapter.xml Wed Mar 26 15:01:47 2014 (r44356) @@ -5,7 +5,7 @@ $FreeBSD$ %SOURCE% en_US.ISO8859-1/books/handbook/firewalls/chapter.xml - %SRCID% 40732 + %SRCID% 43328 --> Firewalls @@ -2968,11 +2968,10 @@ sh /etc/ipf.rules.script - In het onderdeel Uitgaand staan alleen regels met pass die parameters bevatten om - uniek individuele diensten identificeren die het publieke Internet mogen - benaderen. Bij al die regels staan de opties + uniek individuele diensten te identificeren die het publieke + Internet mogen benaderen. Bij al die regels staan de opties quick, on, proto, port en keep state aan. De regels met @@ -2983,62 +2982,54 @@ sh /etc/ipf.rules.scriptIn het onderdeel Inkomend staan eerst alle regels voor het blokkeren van ongewenste pakketten, om twee redenen. - Als eerste kan het zo zijn dat kwaadaardige pakketten gedeeltelijk - overeenkomen met legitiem verkeer. Deze pakketten moeten worden - weggegooid in plaats van binnengelaten te worden, gebaseerd op hun - gedeeltelijke match met de allow-regels. De tweede - reden is dat bekende en oninteressante verwerpingen stil geblokkeerd - kunnen worden in plaats van gevangen en gelogd te worden door de - laatste regels in de sectie. De laatste regel in elke sectie blokkeert - en logt alle pakketten en kan worden gebruikt voor het wettelijke bewijs - nodig om degenen die uw systeem aanvallen aan te klagen. - - Waar ook gezorgd voor moet worden is dat al het verkeer dat wordt - geweigerd geen antwoord verstuurd. Ongeldige pakketten dienen gewoon te - verdwijnen. Zo weet een aanvaller niet of een pakket het doelsysteem - wel heeft bereikt. Zo kan een aanvaller geen informatie verzamelen - over een systeem: hoe minder informatie er over een systeem - beschikbaar is, hoe meer tijd iemand erin moet steken voordat - er iets slechts gedaan kan worden. Regels die een optie log - first bevatten, zullen alleen de eerste keer dat de - gebeurtenis voorkomt de gebeurtenis loggen. Deze optie is opgenomen in - de voorbeeldregel nmap OS fingerpint. Het - gereedschap security/nmap wordt vaak - door aanvallers gebruikt om het besturingssysteem van uw server - proberen te achterhalen. + Als eerste kan het zo zijn dat kwaadaardige pakketten + gedeeltelijk overeenkomen met legitiem verkeer. Deze + pakketten moeten worden weggegooid in plaats van binnengelaten + te worden, gebaseerd op hun gedeeltelijke match met de + allow-regels. De tweede reden is dat + bekende en oninteressante verwerpingen stil geblokkeerd kunnen + worden in plaats van gevangen en gelogd te worden door de + laatste regels in de sectie. + + De ruleset moet ervoor zorgen dat er geen antwoord wordt + verstuurd voor ongewenst verkeer. Ongeldige pakketten moeten + stil worden geweigerd zodat de aanvaller geen informatie heeft + of het pakket wel of niet aangekomen is. Regels die een + log first> bevatten, loggen alleen de + gebeurtenis de eerste keer dat deze gebeurtenis voorkomt. Deze + optie komt voor in de voorbeeld nmap OS + fingerprint regel. Het gereedschap + security/nmap wordt vaak door aanvallers + gebruikt om het besturingssysteem van uw server proberen te + achterhalen. We raden aan om telkens als er logmeldingen van een regel met de optie log first komen, ipfstat -hio uit te voeren om te - bekijken hoe vaak de regel van toepassing is geweest. Een groot aantal - overeenkomsten geeft gewoonlijk aan dat de firewall overspoeld wordt, - met andere woorden aangevallen wordt. - - Het bestand /etc/services kan gebruikt worden - om onbekende poortnummers op te zoeken. Ook kan http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers - worden bezocht en het poortnummer worden opgezocht om het doel van een - bepaalde poort uit te vinden. + bekijken hoe vaak de regel van toepassing is geweest. Een + groot aantal overeenkomsten geeft gewoonlijk aan dat de + firewall overspoeld wordt of wordt aangevallen. + + Om onbekende poort nummers op te zoeken kan gekeken worden + in /etc/services. Ook kan http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers Op de volgende link worden poortnummers van Trojans beschreven: http://www.sans.org/security-resources/idfaq/oddports.php. - De onderstaande set regels is een complete en erg veilige - inclusieve set met regels voor een firewall die is - getest op productiesystemen. Deze set met regels is eenvoudig aan te - passen voor uw eigen systeem. Maak gewoon commentaar van elke - pass-regel voor een dienst die niet gewenst - is. - - Logberichten die niet gewenst zijn, zijn uit te sluiten door een - block-regel toe te voegen in het begin van het - onderdeel Inkomend. - - Voor de onderstaande regels dient de - dc0 interfacenaam in iedere regel - vervangen te worden door de echte interfacenaam van de netwerkkaart - in het systeem die met het publieke Internet is verbonden. - Voor gebruikers van PPP zou dat tun0 - zijn. + De onderstaande set regels vormt een + inclusive firewall ruleset welke + makkelijk aangepast kan worden door pass + regels die niet nodig zijn te voorzien van een commentaar + teken. + + Logberichten die niet gewenst zijn, zijn uit te sluiten + door een block-regel toe te voegen in het + begin van het onderdeel Inkomend. + + Verander de dc0 interfacenaam in elke + regel naar de interfacenaam die gebruikt wordt het systeem + aan het Internet te koppelen. Dit zou de inhoud van /etc/ipf.rules kunnen zijn: @@ -3230,85 +3221,40 @@ block in log first quick on dc0 all NAT staat voor Network Address - Translation (netwerkadres vertaling). In &linux; heet dit - IP Masquerading. Een van de vele mogelijkheden die IPF - NAT kan bieden is het delen van - 蜑n IP adres op het publieke - Internet met een LAN achter een firewall. - - De vraag zou kunnen rijzen waarom iemand dat zou willen. - ISP's wijzen normaliter namelijk dynamisch een - IP adres toe aan hun niet-commercile - gebruikers. Dynamisch betekent hier dat het - IP-adres iedere dat er wordt ingebeld of - dat het kabel- of xDSL-modem uit- en aangeschakeld wordt - anders kan zijn. Dit dynamische IP-adres wordt - gebruikt om uw systeem op het publieke Internet te identificeren. - - Stel dat er vijf PC's in een huis staan en iedere - computer in dat huis heeft toegang tot Internet nodig. Dan - zouden er bij een ISP vijf individuele accounts moeten zijn - en vijf telefoonlijnen om dat te realiseren. - - Met NAT is er maar 蜑n - account bij een ISP nodig. De andere vier PC's moeten met kabels - op een switch worden aangesloten waarop ook een &os; systeem is - aangesloten dat binnen uw LAN als gateway gaat opereren. - NAT zal automatisch de private LAN - IP adressen van alle PC's vertalen naar - een enkel publiek IP-adres als de - pakketten de firewall naar het Internet verlaten. - - Er is een speciale reeks van IP-adressen - gereserveerd voor NAT op private LANs. - Volgens RFC 1918 kunnen de volgende reeksen - IP-adressen gebruikt worden op private - netwerken die nooit direct op het publieke Internet - gerouteerd worden. + Translation (netwerkadres vertaling). In &linux; + heet dit IP Masquerading. De IPF + NAT functie stelt het private LAN achter de + firewall in staat om 蜑n enkel door de ISP toegewezen + IP te delen, ook al is dat adres dynamisch + toegewezen. NAT stelt elke computer in het LAN in staat om een + verbinding met het internet te maken zonder dat de ISP betaald + hoeft te worden voor meerdere Internet accounts of IP + adressen. + + NAT zal automatisch het private LAN + IP adres vertalen naar het enkele publieke IP adres zodra het + pakketje de firewall verlaat richting het publieke Internet. + Daarnaast vertaald het de pakketten ook terug voor terugkomende + pakketten. + + Volgens RFC1918 zijn de volgende IP reeksen gereserveerd + voor private netwerken welke nooit direct gerouteerd worden + naar het publieke Internet, waardoor ze gebruikt kunnen worden + voor NAT: - - - - - - - - - - - Eerste IP - - - - Laatste IP - - - - 10.0.0.0 - - - - 10.255.255.255 - - - - 172.16.0.0 - - - - 172.31.255.255 - - - - 192.168.0.0 + + + 10.0.0.0/8 + - + + 172.16.0.0/12 + - 192.168.255.255 - - - - + + 192.168.0.0/16 + + @@ -3327,13 +3273,15 @@ block in log first quick on dc0 all opgeslagen in /etc/ipnat.rules. Meer details staan in &man.ipnat.8;. - Bij het maken van wijzigingen aan de - NAT-regels nadat NAT - gestart is, wordt aangeraden de wijziging aan het bestand met - regels te maken en daarna ipnat - te gebruiken om alle actieve - NAT-regels te wissen. Daarna kunnen de regels uit - het bestand weer als volgt geladen worden: + Wanneer het bestand waarin de NAT regels + staan wordt bewerkt nadat NAT gestart is, + moet ipnat gestart worden met de opties + om de interne in gebruik zijnde + NAT regels te verwijderen, en de huidige + inhoud van de translatietabel leeg te gooien. + + Om de NAT regels opnieuw in te laden + moet er een commando als de volgende worden uitgevoerd: &prompt.root; ipnat -CF -f /etc/ipnat.rules @@ -3367,7 +3315,7 @@ block in log first quick on dc0 all &man.ipnat.5;. De syntaxis voor een NAT regel ziet er - ongeveer als volgt uit: + als volgt uit: map IF LAN_IP_REEKS -> PUBLIEK_ADRES @@ -3378,11 +3326,12 @@ block in log first quick on dc0 all door de aanduiding van de externe interface. LAN_IP_REEKS is de reeks die - clients op een LAN gebruiken, meestal iets van 192.168.1.0/24. + clients op een LAN gebruiken, meestal iets van + 192.168.1.0/24. PUBLIEK_ADRES kan het publieke - IP adres zijn of een speciaal sleutelwoord - 0.32, wat betekent dat het + vaste IP adres zijn of een speciaal + sleutelwoord 0/32, wat betekent dat het IP adres van IF gebruikt moet worden. @@ -3390,24 +3339,21 @@ block in log first quick on dc0 all Hoe <acronym>NAT</acronym> werkt - Een pakket komt vanaf het LAN aan bij de firewall en - heeft een publieke bestemming. Het wordt verwerkt door de - filterregels voor inkomend verkeer en daarna krijgt - NAT de kans zijn regels op het pakket toe - te passen. De regels worden van boven naar beneden toegepast - en de eerste regel die van toepassing is wint. - NAT controleert voor alle regels het - pakket op interfacenaam en bron IP adres. - Als de interfacenaam van een pakket past bij een - NAT regel dan wordt het bron - IP adres van dat pakket gecontroleerd, dat - is dus een IP adres op het private LAN, - om te bekijken of het valt in de reeks die is opgegeven aan - de linkerkant van een NAT regel. Als ook - dat klopt, dan wordt het bron IP adres van - het pakket vervangen (rewritten) door een - publiek IP adres dat verkregen kan zijn - met het sleutelwoord 0.32. + In IPF, wanneer er een pakket aankomt op de firewall + vanaf het LAN netwerk met een publiekelijk doel, passeert + deze de uitgaande filter regels. Hierna gaat het pakket + langs de NAT regels, welke van top-down + worden toegepast, waarbij de eerst overeenkomende regel + wint. NAT test elke van zijn regels + aan de interface van het pakket en het bron IP adres. + Wanneer de interface van het pakket overeenkomt met een + NAT regel zal het bron IP adres van + het pakket worden bekeken of deze in de gespecificeerde + IP reeks valt aan de linkerkant van de pijl in de + NAT regel. Wanneer deze overeenkomt + zal het bron IP adres van het pakket worden herschreven + naar het publiekelijke IP adres verkregen door het + 0/32 sleutelwoord. NAT werkt dan zijn interne NAT tabel bij, zodat als er een pakket uit die sessie terugkomt van het publieke Internet, dat pakket @@ -3466,10 +3412,9 @@ block in log first quick on dc0 all map dc0 192.168.1.0/24 -> 0.32 portmap tcp/udp 20000:60000 - Het kan nog eenvoudiger door gebruik te maken van het - sleutelwoord auto zodat - IPNAT zelf bepaalt welke poorten gebruikt - kunnen worden: + Daarnaast is er het sleutelwoord auto + welke IPNAT gebruikt om te bepalen welke + poorten gebruikt kunnen worden: map dc0 192.168.1.0/24 -> 0.32 portmap tcp/udp auto @@ -3505,17 +3450,17 @@ block in log first quick on dc0 all Poorten omleiden - Het is erg gebruikelijk om een webserver, mailserver, + Het is gebruikelijk om een webserver, mailserver, database server en DNS server op verschillende computers op een LAN te draaien. Het uitgaande verkeer van die servers kan dan met NAT afgehandeld worden, maar er moet ook ingesteld worden dat inkomend - verkeer bij de juiste computer terecht komt. - IPNAT gebruikt daarvoor de opties in - NAT waarmee verkeer omgeleid kan worden. - Als bijvoorbeeld een webserver op het LAN-adres 10.0.10.25 draait en het enkele publieke - IP adres zou 20.20.20.5 zijn, dan zou de regel er als volgt - uit zien: + verkeer bij de juiste server terecht komt. Bijvoorbeeld + bij een webserver welke opereert op het LAN adres + 10.0.10.25 + en gebruik maakt het enkele publieke IP adres + 20.20.20.5 zou + de volgende regel kunnen gebruiken: rdr dc0 20.20.20.5/32 port 80 -> 10.0.10.25 port 80 @@ -3523,9 +3468,9 @@ block in log first quick on dc0 all rdr dc0 0.0.0.0/32 port 80 -> 10.0.10.25 port 80 - Voor een DNS server op een LAN die ook vanuit Internet - bereikbaar met zijn en die draait op 10.0.10.33 zou de regel er als - volgt uit zien: + Voor een DNS server op het lan met het private adres + 10.0.10.33 welke + publieke DNS verzoeken moet krijgen: rdr dc0 20.20.20.5/32 port 53 -> 10.0.10.33 port 53 udp @@ -3533,17 +3478,12 @@ block in log first quick on dc0 all FTP en <acronym>NAT</acronym> - FTP is dinosaurus uit het tijdperk van voor Internet was - zoals het nu is, toen onderzoeksinstellingen met elkaar - verbonden waren via huurlijnen en FTP de aangewezen methode - was om bestanden met elkaar uit te wisselen. Maar bij het - gebruik van FTP worden gebruikersnaam en wachtwoord als - platte tekst verzonden en het protocol is nooit aangepast. - FTP is er in twee smaken: actief en passief. Het verschil - zit 'm in hoe het datakanaal wordt opgezet. De passieve - variant is veiliger voor een gebruiker omdat bij deze variant - beide communicatiekanalen door de clint zelf worden opgezet. - Op de volgende pagina zijn details over FTP na te lezen: http://www.slacksite.com/other/ftp.html. + FTP heeft twee modi, actieve en passieve mode. Het + verschil zit hem erin hoe het data kanaal wordt verkregen. + Passieve mode is veiliger omdat het data kanaal wordt verkregen + via de client zelf. Voor een goede uitleg over FTP en de + verschillende modussen zie: http://www.slacksite.com/other/ftp.html. IP<acronym>NAT</acronym>-regels @@ -3574,20 +3514,14 @@ block in log first quick on dc0 all map dc0 10.0.10.0/29 -> 0/32 - De FTP-afbeeldregel hoort voor de - normale regels te staan. Alle pakketten worden als eerste - vergeleken met de eerste regel en zo verder. Eerst wordt - gekeken over de interfacenaam overeenkomt, daarna het - bron IP adres van het LAN en dan of het - een FTP pakket is. Als dat allemaal klopt, dan maakt de - speciale FTP proxy een tijdelijke filterregel die de - pakketten uit de FTP sessie naar binnen en buiten doorlaat - en ook NAT toepast op de FTP pakketten. Alle pakketten - van het LAN die niet van het protocoltype FTP zijn en dus - niet bij de eerste regel passen, worden tegen de derde - regel gehouden die van toepassing is vanwege de interface - en bron IP adres, zodat er dan - NAT op toegepast wordt. + De FTP map regels gaan voor de + NAT regel zodat wanneer het pakket + overeenkomt met een FTP regel, de FTP proxy tijdelijke + regels aanmaakt om FTP pakketten te laten doorgaan en + NAT vertalingen te laten ondergaan. + Alle LAN pakketten welke geen FTP zijn, komen niet overeen + met de FTP regels maar zullen NAT + ondergaan als ze overeenkomen met de derde regel. @@ -3620,41 +3554,26 @@ pass in quick on rl0 proto tcp from any IPFW - IPFIREWALL (IPFW) is een firewall die binnen &os; - wordt ontwikkeld en onderhouden door vrijwillige leden van de - staf. Het maakt gebruik van verouderde staatloze regels en een - verouderde techniek om te realiseren wat eenvoudige stateful - logica zou kunnen heten. - - De verzameling voorbeeldregels van IPFW (die in - /etc/rc.firewall en - /etc/rc.firewall6 staan) uit de standaard - &os;-installatie is redelijk eenvoudig en niet voorbereid om - zonder wijzigingen gebruikt te worden. Het voorbeeld maakt geen - gebruik van stateful filteren, wat een voordeel is in de meeste - situaties. Daarom worden deze regels niet als basis gebruikt in - dit onderdeel. - - De staatloze syntaxis van IPFW is krachtig door de - technisch geavanceerde mogelijkheden van de regelsyntaxis die - de kennis van de gemiddelde gebruiker van firewalls ver - overstijgt. IPFW is gericht op de professionele gebruiker - of de gevorderde thuisgebruiker die hoge eisen stelt aan de - wijze waarop er met pakketten wordt omgegaan. Voordat de - kracht van de IPFW regels echt ingezet kan worden, moet de - gebruiker veel weten over de verschillende protocollen en - de wijze waarop pakketten in elkaar zitten. Het tot op dat - niveau behandelen van stof valt buiten de doelstellingen van - dit Handboek. - - IPFW bestaat uit zeven componenten: de verwerkingseenheid - voor de firewallregels, verantwoording, loggen, regels met - divert (omleiden) waarmee - NAT gebruikt kan worden en de speciale - gevorderde mogelijkheden voor bandbreedtebeheer met DUMMYNET, de - fwd rule forward-mogelijkheid, de bridge-mogelijkheden - en de ipstealth-mogelijkheden. IPFW ondersteunt zowel IPv4 als - IPv6. + IPFW is een stateful firewall geschreven + voor &os;, welke ook een traffic shaper, een pakket scheduler + en in-kernel NAT levert. + + &os; levert een voorbeeld ruleset in + /etc/rc.firewall. De voorbeeld + ruleset definieert een aantal firewall type's voor veel + voorkomende scenario's om beginnende gebruikers te ondersteunen + met het maken van een geschikte ruleset. &man.ipfw.8; levert een + krachtige syntax welke gebruikt kan worden door geavanceerde + gebruikers om eigen rulesets te maken welke geschikt is voor + het niveau van beveiliging voor een omgeving. + + IPFW bestaat uit meerdere componenten: de kernel firewall + filter regel verwerker en de geintregeerde pakket accounting + faciliteiten, de log faciliteiten, de divert + regel welke NAT inschakelt, de dummynet + traffic shaper faciliteiten, de fwd rule + doorstuur faciliteit, de bridge faciliteit en de ipstealth + faciliteit. IPFW ondersteund zowel IPv4 als IPv6. IPFW inschakelen @@ -3665,24 +3584,20 @@ pass in quick on rl0 proto tcp from any inschakelen - IPFW zit bij de basisinstallatie van &os; als een losse - tijdens runtime laadbare module. Het systeem laadt de kernelmodule + IPFW zit bij de basisinstallatie van &os; als een + runtime laadbare module. Het systeem laadt de kernelmodule dynamisch als in rc.conf de regel - firewall_enable="YES" staat. IPFW hoeft - niet in de &os; kernel gecompileerd te worden. - - Na het rebooten van een systeem met - firewall_enable="YES" in - rc.conf is het volgende bericht op het - scherm te zien tijdens het booten: + firewall_enable="YES" staat. Nadat het + systeem herstart is wordt de volgende wit uitgelichte melding + getoond op het scherm als onderdeel van het opstart proces: ipfw2 initialized, divert disabled, rule-based forwarding disabled, default to deny, logging disabled - In de laadbare module zit de mogelijkheid om te loggen - gecompileerd. Er is een knop in /etc/sysctl.conf - om loggen aan te zetten en de uitgebreide loglimiet in te stellen. Door - deze regels toe te voegen, staat loggen aan bij toekomstige - herstarts: + De laadbare module bevat logging mogelijkheden. Om + logging in te schakelen en de verbose log limieten in te + stellen moeten de volgende regels worden toegevoegd aan + /etc/sysctl.conf voordat er herstart + wordt. net.inet.ip.fw.verbose=1 net.inet.ip.fw.verbose_limit=5 @@ -3715,9 +3630,9 @@ net.inet.ip.fw.verbose_limit=5kernelopties - Het is niet verplicht om IPFW in te schakelen door het - mee te compileren in de &os; kernel. Dit wordt alleen beschreven als - achtergrondinformatie. + Voor de gebruikers die IPFW statisch in de kernel willen + compileren zijn de volgende opties beschikbaar voor de custom + kernel configuratie: options IPFIREWALL @@ -3726,18 +3641,18 @@ net.inet.ip.fw.verbose_limit=5options IPFIREWALL_VERBOSE - Met IPFIREWALL_VERBOSE wordt het - loggen van pakketten die worden verwerkt met IPFW mogelijk - die het sleutelwoord log in een regel hebben - staan. + Deze optie schakelt het loggen van pakketten in welke + IPFW passeren met het sleutelwoord log in + de ruleset. options IPFIREWALL_VERBOSE_LIMIT=5 - Limiteert het aantal pakketten dat per regel wordt gelogd - via &man.syslogd.8;. Deze optie kan gebruikt worden in - vijandige omgevingen waar de activiteit van een firewall gelogd - moet worden. Hierdoor kan een mogelijke ontzegging van dienst - aanval door het vol laten lopen van syslog voorkomen worden. + Deze optie limiteert de hoeveelheid pakketten welke gelogd + worden via &man.syslogd.8; per regel. Deze optie kan gebruikt + worden in vijandige omgevingen waar de activiteit van een + firewall gelogd moet worden. Hierdoor kan een mogelijke + ontzegging van dienst aanval door het vol laten lopen van + syslog voorkomen worden. kernelopties @@ -3747,10 +3662,9 @@ net.inet.ip.fw.verbose_limit=5options IPFIREWALL_DEFAULT_TO_ACCEPT - Met IPFIREWALL_DEFAULT_TO_ACCEPT wordt - standaard alles door de firewall doorgelaten. Dit wordt - aangeraden als iemand voor het eerst een firewall - opzet. + Met deze optie wordt alles standaard door de firewall + doorgelaten, wat een goed idee is als de firewall voor de + eerste keer wordt ingesteld. kernelopties @@ -3760,8 +3674,8 @@ net.inet.ip.fw.verbose_limit=5options IPDIVERT - Met IPDIVERT wordt de - NAT functionaliteit ingeschakeld. + Met deze optie wordt de NAT + functionaliteit ingeschakeld. De firewall zal alle binnenkomende en uitgaande pakketten @@ -3789,56 +3703,47 @@ net.inet.ip.fw.verbose_limit=5 - open — laat al het verkeer door. + open: laat al het verkeer door. - client — beschermt alleen deze + client: beschermt alleen deze machine. - simple — beschermt het hele + simple: beschermt het hele netwerk. - closed — blokkeert alle IP-verkeer, + closed: blokkeert alle IP-verkeer, behalve voor lokaal verkeer. - UNKNOWN — voorkomt het laden + UNKNOWN: voorkomt het laden de firewall-regels. - bestandsnaam - — absoluut pad naar een bestand dat firewall-regels - bevat. + bestandsnaam:absoluut pad naar + een bestand dat firewall-regels bevat. *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Wed Mar 26 15:44:15 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 60599374; Wed, 26 Mar 2014 15:44:15 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 4B85EE1C; Wed, 26 Mar 2014 15:44:15 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2QFiFuQ054744; Wed, 26 Mar 2014 15:44:15 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2QFiFi4054743; Wed, 26 Mar 2014 15:44:15 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201403261544.s2QFiFi4054743@svn.freebsd.org> From: Ryusuke SUZUKI Date: Wed, 26 Mar 2014 15:44:15 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44357 - head/ja_JP.eucJP/books/handbook/install X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Wed, 26 Mar 2014 15:47:24 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Mar 2014 15:44:15 -0000 Author: ryusuke Date: Wed Mar 26 15:44:14 2014 New Revision: 44357 URL: http://svnweb.freebsd.org/changeset/doc/44357 Log: - Merge the following from the English version: r43681 -> r44273 head/ja_JP.eucJP/books/handbook/install/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/install/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/install/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/install/chapter.xml Wed Mar 26 15:01:47 2014 (r44356) +++ head/ja_JP.eucJP/books/handbook/install/chapter.xml Wed Mar 26 15:44:14 2014 (r44357) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43681 + Original revision: r44273 $FreeBSD$ --> @@ -598,8 +598,9 @@ &os; 8.X のメモリスティックのイメージは、 - ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/arch/ISO-IMAGES/version/&os;-version-RELEASE-arch-memstick.img の - ISO-IMAGES/ ディレクトリからダウンロードできます。 + ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/arch/ISO-IMAGES/version/&os;-version-RELEASE-arch-memstick.img の + ISO-IMAGES/ + ディレクトリからダウンロードできます。 ここで、 archversion の部分を、 それぞれインストールするアーキテクチャとバージョン番号に置き換えてください。 @@ -651,7 +652,7 @@ したがって、&man.dd.1; を使用して、 直接ディスクにイメージを書き込む必要があります。 - &prompt.root; dd if=&os;-&rel2.current;-RELEASE-&arch.i386;-memstick.img of=/dev/da0 bs=64k + &prompt.root; dd if=&os;-&rel2.current;-RELEASE-&arch.i386;-memstick.img of=/dev/da0 bs=64k Operation not permitted @@ -711,13 +712,14 @@ &os;/&arch.pc98; のブートディスクは、 floppies ディレクトリ、 - ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/pc98/version-RELEASE/floppies/ + ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/pc98/version-RELEASE/floppies/. から入手できます。 ここで version の部分を、 それぞれインストールするバージョン番号に置き換えてください。 フロッピーイメージは .flp - という拡張子がついています。floppies/ + という拡張子がついています。 + floppies/ には複数の異なるイメージがあります。 boot.flp とともに、 kern.small* または @@ -771,8 +773,8 @@ が動作しているコンピュータでフロッピーを作成する rawrite と呼ばれるツールを提供しています。 このツールは &os; の FTP サイト上の - ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/pc98/ - version-RELEASE/tools/ + ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/pc98/ + version-RELEASE/tools/ からダウンロードできます。 このツールをダウンロードしたら、フロッピーを挿入してください。 その後、ファイル名を指定してフロッピードライブに書き込んでください。 @@ -1860,7 +1862,7 @@ Mounting root from ufs:/dev/md0c インストールが少しだけわかりやすくなります。 このファイルシステムをマウントする場所はどこにでも選択できます。 この例では、これらを - /diskn + /diskn としてマウントするよう提案しています。 ここで n はそれぞれのディスクごとに変更する数字です。 @@ -2556,7 +2558,7 @@ Do you want to configure inetd and the n もし &gui.no; を選んだ場合には、さまざまなサービスは有効になりません。 これらのサービスは、インストール後に /etc/inetd.conf をテキストエディタで編集することで有効になります。 - 詳しくは inetd の章 を見てください。 + 詳しくは inetd の章 を見てください。 これらのサービスを利用したいと考えているならば, &gui.yes; を選びインストールしてください。 @@ -4247,7 +4249,7 @@ Please press any key to reboot. os; のシステムに &man.mount.8; コマンドを使って USB ディスクをマウントしてください。 - &prompt.root; mount /dev/da0a /mnt + &prompt.root; mount /dev/da0a /mnt デバイスノードおよびマウントポイントの部分は、 @@ -4259,12 +4261,12 @@ Please press any key to reboot. 以下の行を USB スティックの /boot/loader.conf に追加してください。 - &prompt.root; echo 'console="comconsole"' >> /mnt/boot/loader.conf + &prompt.root; echo 'console="comconsole"' >> /mnt/boot/loader.conf USB スティックを正しく設定することができたら、 &man.umount.8; を使ってディスクをアンマウントしてください。 - &prompt.root; umount /mnt + &prompt.root; umount /mnt その後 USB スティックを抜き、3 番目の手順に進んでください。 @@ -4287,22 +4289,22 @@ Please press any key to reboot. 以下のようにすべてのファイルを &man.tar.1; を使って展開してください。 - &prompt.root; mkdir /path/to/headless-iso -&prompt.root; tar -C /path/to/headless-iso -pxvf &os;-&rel.current;-RELEASE-i386-disc1.iso + &prompt.root; mkdir /path/to/headless-iso +&prompt.root; tar -C /path/to/headless-iso -pxvf &os;-&rel.current;-RELEASE-i386-disc1.iso 次に、 インストールメディアをシリアルコンソールを使って起動するように設定します。 以下の行を展開した ISO イメージの /boot/loader.conf に追加します。 - &prompt.root; echo 'console="comconsole"' >> /path/to/headless-iso/boot/loader.conf + &prompt.root; echo 'console="comconsole"' >> /path/to/headless-iso/boot/loader.conf その後、修正されたツリーを使って新しい ISO イメージを作成します。 この例では、sysutils/cdrtools package または port の &man.mkisofs.8; を使っています。 - &prompt.root; mkisofs -v -b boot/cdboot -no-emul-boot -r -J -V "Headless_install" \ - -o Headless-&os;-&rel2.current;-RELEASE-i386-disc1.iso/path/to/headless-iso + &prompt.root; mkisofs -v -b boot/cdboot -no-emul-boot -r -J -V "Headless_install" \ + -o Headless-&os;-&rel2.current;-RELEASE-i386-disc1.iso/path/to/headless-iso 適切な ISO イメージを作成できたので、 お気に入りの CD ライタ用のアプリケーションを使って @@ -4406,7 +4408,7 @@ Please press any key to reboot. 適切な ISO イメージのダウンロード それぞれのリリースの ISO イメージは、 - ftp://ftp.FreeBSD.org/pub/FreeBSD/ISO-IMAGES-arch/version + ftp://ftp.FreeBSD.org/pub/FreeBSD/ISO-IMAGES-arch/version もしくは近くのミラーからダウンロードできます。 ここで、archversion の部分は適切なものに置き換えてください。 @@ -4428,7 +4430,7 @@ Please press any key to reboot. - &os;-version-RELEASE-arch-bootonly.iso + &os;-version-RELEASE-arch-bootonly.iso CD-ROM ドライブから起動することでインストールを行うことができる CD イメージです。 この CD のみを使って &os; をインストールすることはできません。 @@ -4437,7 +4439,7 @@ Please press any key to reboot. - &os;-version-RELEASE-arch-dvd1.iso.gz + &os;-version-RELEASE-arch-dvd1.iso.gz この DVD イメージには、 &os; オペレーティングシステムのベースシステム、 @@ -4447,7 +4449,7 @@ Please press any key to reboot. - &os;-version-RELEASE-arch-memstick.img + &os;-version-RELEASE-arch-memstick.img USB メモリスティックに書き込めるイメージです。 USB ドライブから起動可能なコンピュータで、 @@ -4458,7 +4460,7 @@ Please press any key to reboot. - &os;-version-RELEASE-arch-mini-memstick.img + &os;-version-RELEASE-arch-disc1.iso USB メモリスティックに書き込めるイメージです。 USB ドライブから起動可能なコンピュータで、 @@ -4478,7 +4480,7 @@ Please press any key to reboot. - &os;-version-RELEASE-arch-disc2.iso + &os;-version-RELEASE-arch-disc2.iso この CD イメージには、ディスクに収まる容量のサードパーティ製 package が含まれています。このイメージは、 @@ -4487,7 +4489,7 @@ Please press any key to reboot. - &os;-version-RELEASE-arch-disc3.iso + &os;-version-RELEASE-arch-disc3.iso ディスクに収まる容量のサードパーティ製 package を含むもう 1 つの CD イメージです。このイメージは、 @@ -4496,7 +4498,7 @@ Please press any key to reboot. - &os;-version-RELEASE-arch-livefs.iso + &os;-version-RELEASE-arch-livefs.iso livefs ベースのレスキューモードで起動できるイメージです。 @@ -4582,7 +4584,7 @@ Please press any key to reboot. このマシンにネットワークで繋がっているマシンは、 インストール時にメディアタイプで FTP を選択し、 FTP サイトメニューで Other を選んだ後 - ftp://your machine + ftp://your machine と打ち込むことができます。 From owner-svn-doc-all@FreeBSD.ORG Wed Mar 26 15:52:52 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E5AFB795; Wed, 26 Mar 2014 15:52:52 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id D1EFEF44; Wed, 26 Mar 2014 15:52:52 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2QFqqZi058625; Wed, 26 Mar 2014 15:52:52 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2QFqquN058624; Wed, 26 Mar 2014 15:52:52 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403261552.s2QFqquN058624@svn.freebsd.org> From: Dru Lavigne Date: Wed, 26 Mar 2014 15:52:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44358 - head/en_US.ISO8859-1/books/handbook/mac X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Mar 2014 15:52:53 -0000 Author: dru Date: Wed Mar 26 15:52:52 2014 New Revision: 44358 URL: http://svnweb.freebsd.org/changeset/doc/44358 Log: Slight shuffling of content to improve flow of MAC chapter. Editorial review of Synopsis and Key Terms. More commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mac/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Wed Mar 26 15:44:14 2014 (r44357) +++ head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Wed Mar 26 15:52:52 2014 (r44358) @@ -21,20 +21,19 @@ MAC - &os; 5.X introduced new security extensions from the - TrustedBSD - Project based on the &posix;.1e draft. Two of the - most significant new security mechanisms are file system Access - Control Lists (ACLs) and Mandatory Access - Control (MAC) facilities. MAC allows new - access control modules to be loaded, implementing new security + &os; supports security extensions + based on the &posix;.1e draft. These + security mechanisms include file system Access + Control Lists () and Mandatory Access + Control (MAC). MAC allows + access control modules to be loaded in order to implement security policies. Some modules provide protections for a narrow subset of the system, hardening a particular service. Others provide comprehensive labeled security across all subjects and objects. The mandatory part of the definition indicates that enforcement of controls is performed by administrators and the operating system. This is in contrast to the default security mechanism - of Discretionary Access Control (DAC where + of Discretionary Access Control (DAC) where enforcement is left to the discretion of users. This chapter focuses on the MAC framework @@ -109,28 +108,23 @@ understanding, proper design, and thorough testing. - - What Will Not Be Covered - - This chapter covers a broad range of security issues - relating to the MAC framework. The + While this chapter covers a broad range of security issues + relating to the MAC framework, the development of new MAC security policy modules will not be covered. A number of security policy modules included with the MAC framework have specific characteristics which are provided for both - testing and new module development. These include - &man.mac.test.4;, &man.mac.stub.4; and &man.mac.none.4;. - For more information on these security policy modules and - the various mechanisms they provide, refer to their manual - pages. - + testing and new module development. Refer to + &man.mac.test.4;, &man.mac.stub.4; and &man.mac.none.4; + for more information on these security policy modules and + the various mechanisms they provide.     - Key Terms in This Chapter + Key Terms - Before reading this chapter, a few key terms must be - explained: + The following key terms are used when referring to the + MAC framework: @@ -144,21 +138,18 @@ - high-watermark: this type of - policy permits the raising of security levels for the - purpose of accessing higher level information. In most - cases, the original level is restored after the process - is complete. Currently, the &os; MAC - framework does not include this type of policy. - - - integrity: the level of trust which can be placed on data. As the integrity of the data is elevated, so does the ability to trust that data. + level: the increased or decreased + setting of a security attribute. As the level increases, + its security is considered to elevate as well. + + + label: a security attribute which can be applied to files, directories, or other items in the system. It could be considered a confidentiality stamp. @@ -173,23 +164,8 @@ - level: the increased or decreased - setting of a security attribute. As the level increases, - its security is considered to elevate as well. - - - - low-watermark: this type of - policy permits lowering security levels for the purpose of - accessing information which is less secure. In most cases, - the original security level of the user is restored after - the process is complete. The only security policy module in - &os; to use this is &man.mac.lomac.4;. - - - multilabel: this property is a file - system option which can be set in single user mode using + system option which can be set in single-user mode using &man.tunefs.8;, during boot using &man.fstab.5;, or during the creation of a new file system. This option permits an administrator to apply different MAC @@ -198,129 +174,71 @@ + single label: a policy where the + entire file system uses one label to enforce access control + over the flow of data. Whenever + is not set, all files will conform to the same label + setting. + + + object: an entity through which information flows under the direction of a subject. This includes directories, files, fields, screens, keyboards, memory, magnetic storage, printers or any other data storage or moving device. An object is a data container or a system resource. Access to - an object effectively means access to + an object effectively means access to its data. + subject: any active entity that + causes information to flow between + objects such as a user, user process, + or system process. On &os;, this is almost always a + thread acting in a process on behalf of a user. + + + policy: a collection of rules which defines how objectives are to be achieved. A - policy usually documents how certain - items are to be handled. This chapter considers the term - policy to be a security - policy, or a collection of rules which controls + policy usually documents how certain + items are to be handled. This chapter considers a + policy to be a collection of rules which controls the flow of data and information and defines who has access to that data and information. - sensitivity: usually used when - discussing Multilevel Security MLS. A - sensitivity level describes how important or secret the data - should be. As the sensitivity level increases, so does the - importance of the secrecy, or confidentiality, of the - data. + high-watermark: this type of + policy permits the raising of security levels for the + purpose of accessing higher level information. In most + cases, the original level is restored after the process + is complete. Currently, the &os; MAC + framework does not include this type of policy. - single label: a policy where the - entire file system uses one label to enforce access control - over the flow of data. Whenever - is not set, all files will conform to the same label - setting. + low-watermark: this type of + policy permits lowering security levels for the purpose of + accessing information which is less secure. In most cases, + the original security level of the user is restored after + the process is complete. The only security policy module in + &os; to use this is &man.mac.lomac.4;. - subject: any active entity that - causes information to flow between - objects such as a user, user process, - or system process. On &os;, this is almost always a - thread acting in a process on behalf of a user. + sensitivity: usually used when + discussing Multilevel Security (MLS). A + sensitivity level describes how important or secret the data + should be. As the sensitivity level increases, so does the + importance of the secrecy, or confidentiality, of the + data. - - Explanation of MAC - - With all of these new terms in mind, consider how the - MAC framework augments the security of - the system as a whole. The various security policy modules - provided by the MAC framework could be used - to protect the network and file systems or to block users from - accessing certain ports and sockets. Perhaps the best use of - the policy modules is to load several security policy modules at - a time in order to provide a MLS environment. - This approach differs from a hardening policy, which typically - hardens elements of a system which are used only for specific - purposes. The downside to MLS is increased - administrative overhead. - - The overhead is minimal when compared to the lasting effect - of a framework which provides the ability to pick and choose - which policies are required for a specific configuration and - which keeps performance overhead down. The reduction of support - for unneeded policies can increase the overall performance of - the system as well as offer flexibility of choice. A good - implementation would consider the overall security requirements - and effectively implement the various security policy modules - offered by the framework. - - A system utilizing MAC guarantees that a - user will not be permitted to change security attributes at - will. All user utilities, programs, and scripts must work - within the constraints of the access rules provided by the - selected security policy modules and total control of the - MAC access rules are in the hands of the - system administrator. - - It is the duty of the system administrator to - carefully select the correct security policy modules. For an - environment that needs to limit access control over the network, - the &man.mac.portacl.4;, &man.mac.ifoff.4;, and &man.mac.biba.4; - policy modules make good starting points. For an environment - where strict confidentiality of file system objects is required, - consider the &man.mac.bsdextended.4; and &man.mac.mls.4; policy - modules. - - Policy decisions could be made based on network - configuration. If only certain users should be permitted - access to &man.ssh.1;, the &man.mac.portacl.4; policy module is - a good choice. In the case of file systems, access to objects - might be considered confidential to some users, but not to - others. As an example, a large development team might be - broken off into smaller projects where developers in project A - might not be permitted to access objects written by developers - in project B. Yet both projects might need to access objects - created by developers in project C. Using the different - security policy modules provided by the MAC - framework, users could be divided into these groups and then - given access to the appropriate objects. - - Each security policy module has a unique way of dealing with - the overall security of a system. Module selection should be - based on a well thought out security policy which may require - revision and reimplementation. Understanding the different - security policy modules offered by the MAC - framework will help administrators choose the best policies - for their situations. - - - Implementing MAC is much like - implementing a firewall, care must be taken to prevent being - completely locked out of the system. The ability to revert - back to a previous configuration should be considered and the - implementation of MAC remotely should be - done with extreme caution. - - - Understanding MAC Labels @@ -735,6 +653,77 @@ test: biba/high &man.mac.bsdextended.4; policies. In the case of a machine with few local users, &man.mac.partition.4; might be a good choice. + + Consider how the + MAC framework augments the security of + the system as a whole. The various security policy modules + provided by the MAC framework could be used + to protect the network and file systems or to block users from + accessing certain ports and sockets. Perhaps the best use of + the policy modules is to load several security policy modules at + a time in order to provide a MLS environment. + This approach differs from a hardening policy, which typically + hardens elements of a system which are used only for specific + purposes. The downside to MLS is increased + administrative overhead. + + The overhead is minimal when compared to the lasting effect + of a framework which provides the ability to pick and choose + which policies are required for a specific configuration and + which keeps performance overhead down. The reduction of support + for unneeded policies can increase the overall performance of + the system as well as offer flexibility of choice. A good + implementation would consider the overall security requirements + and effectively implement the various security policy modules + offered by the framework. + + A system utilizing MAC guarantees that a + user will not be permitted to change security attributes at + will. All user utilities, programs, and scripts must work + within the constraints of the access rules provided by the + selected security policy modules and total control of the + MAC access rules are in the hands of the + system administrator. + + It is the duty of the system administrator to + carefully select the correct security policy modules. For an + environment that needs to limit access control over the network, + the &man.mac.portacl.4;, &man.mac.ifoff.4;, and &man.mac.biba.4; + policy modules make good starting points. For an environment + where strict confidentiality of file system objects is required, + consider the &man.mac.bsdextended.4; and &man.mac.mls.4; policy + modules. + + Policy decisions could be made based on network + configuration. If only certain users should be permitted + access to &man.ssh.1;, the &man.mac.portacl.4; policy module is + a good choice. In the case of file systems, access to objects + might be considered confidential to some users, but not to + others. As an example, a large development team might be + broken off into smaller projects where developers in project A + might not be permitted to access objects written by developers + in project B. Yet both projects might need to access objects + created by developers in project C. Using the different + security policy modules provided by the MAC + framework, users could be divided into these groups and then + given access to the appropriate objects. + + Each security policy module has a unique way of dealing with + the overall security of a system. Module selection should be + based on a well thought out security policy which may require + revision and reimplementation. Understanding the different + security policy modules offered by the MAC + framework will help administrators choose the best policies + for their situations. + + + Implementing MAC is much like + implementing a firewall, care must be taken to prevent being + completely locked out of the system. The ability to revert + back to a previous configuration should be considered and the + implementation of MAC remotely should be + done with extreme caution. + From owner-svn-doc-all@FreeBSD.ORG Wed Mar 26 20:22:01 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5753AF95; Wed, 26 Mar 2014 20:22:01 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 42F7C7D6; Wed, 26 Mar 2014 20:22:01 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2QKM1uY070511; Wed, 26 Mar 2014 20:22:01 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2QKM1L2070509; Wed, 26 Mar 2014 20:22:01 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403262022.s2QKM1L2070509@svn.freebsd.org> From: Dru Lavigne Date: Wed, 26 Mar 2014 20:22:01 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44359 - head/en_US.ISO8859-1/books/handbook/mac X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Mar 2014 20:22:01 -0000 Author: dru Date: Wed Mar 26 20:22:00 2014 New Revision: 44359 URL: http://svnweb.freebsd.org/changeset/doc/44359 Log: Shuffle of Label section to improve flow. Editorial review of Label section. More commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mac/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Wed Mar 26 15:52:52 2014 (r44358) +++ head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Wed Mar 26 20:22:00 2014 (r44359) @@ -244,58 +244,86 @@ A MAC label is a security attribute which may be applied to subjects and objects throughout - the system. - - When setting a label, the administrator must be able to - comprehend what exactly is being done and understand any + the system. When setting a label, the administrator must + understand its implications in order to prevent unexpected or undesired behavior of the system. The attributes available on an object - depend on the loaded policy module as policy modules interpret + depend on the loaded policy module, as policy modules interpret their attributes in different ways. The security label on an object is used as a part of a security access control decision by a policy. With some policies, the label contains all of the information necessary to make a decision. In other policies, the labels may be - processed as part of a larger rule set. For instance, setting - the label of biba/low on a file will - represent a label maintained by the Biba security policy module, - with a value of low. - - A few policy modules which support the labeling feature - in &os; offer three specific predefined labels: low, high, and - equal. Such policy modules enforce access control in a - different manner with each policy module, where the low label is - the lowest setting, the equal label sets the subject or object - to be disabled or unaffected, and the high label enforces the - highest setting available in the Biba and MLS - policy modules. - - Within single label file system environments, only one - label may be used on objects. This label enforces one set of - access permissions across the entire system and in many - environments may be all that is required. There are a few - cases where multiple labels may be set on objects or subjects - in the file system by passing to - &man.tunefs.8;. - - In the case of Biba and MLS, a numeric - label may be set to indicate the precise level of hierarchical - control. This numeric level is used to partition or sort - information into different groups of classification only - permitting access to that group or a higher group level. + processed as part of a larger rule set. - In most cases, the administrator will set up a single label - to use throughout the file system. This is similar to - DAC to some extent as - root is the one in control and who + There are two types of label policies: single label and multi label. + By default, the system will use + single label. The administrator should be aware of the + pros and cons of each in order to implement policies which meet the + requirements of the system's security model. + + A single label security policy + only permits one label + to be used for every subject or object. Since a single label policy enforces one set of + access permissions across the entire system, it provides lower + administration overhead, but decreases the flexibility of + policies which support labeling. However, in many + environments, a single label policy may be all that is required. + + A single label policy is somewhat similar to + DAC as + root configures the policies so that users are placed in the - appropriate categories/access levels. Alas, many policy modules - can restrict the root user as well. Basic + appropriate categories and access levels. A notable difference is that many policy modules + can also restrict root. Basic control over objects will then be released to the group, but root may revoke or modify the settings - at any time. This is the hierarchical/clearance model covered - by policies such as Biba and MLS. + at any time. + + When appropriate, a multi label policy can + be set on + a UFS file system by passing to + &man.tunefs.8;. A multi label policy permits each subject or object + to have its own independent MAC label. + The decision to use a multi label or + single label policy is only required for policies + which implement the labeling feature, such as biba, + lomac, and mls. Some policies, + such as seeotheruids, + portacl and partition, + do not use labels at all. + + Using a multi label policy on a partition and + establishing a multi label security model can increase + administrative overhead as everything in that file system has a + label. This includes directories, files, and even device + nodes. + + The following command will set + on the specified UFS file system. This may only be + done in single-user mode and is not a requirement for the swap + file system: + + &prompt.root; tunefs -l enable / + + + Some users have experienced problems with setting the + flag on the root partition. + If this is the case, please review + . + + + Since the multi label policy is set on a per-file system basis, a multi label policy may not be + needed if the file system layout is well designed. Consider an example security + MAC model for a &os; web server. This machine + uses the single label, + biba/high, for everything in the default file + systems. If the web server needs to + run at biba/low + to prevent write up capabilities, it could + be installed to a separate UFS /usr/local file system set at + biba/low. Label Configuration @@ -306,31 +334,35 @@ configuration or the manipulation and verification of the configuration. - All configuration may be done using &man.setfmac.8; and - &man.setpmac.8;. setfmac is used to set - MAC labels on system objects while - setpmac is used to set the labels on system - subjects. Observe: + All configuration may be done using + setfmac, which is used to set + MAC labels on system objects, and + setpmac, which is used to set the labels on system + subjects. For example, to set the biba MAC + label to high on test: &prompt.root; setfmac biba/high test If the configuration is successful, the prompt will be returned without error. A common error is Permission denied which usually occurs - when the label is being set or modified on an object which is - restricted.Other conditions may produce different + when the label is being set or modified on a restricted object. + Other conditions may produce different failures. For instance, the file may not be owned by the user attempting to relabel the object, the object may not - exist, or the object may be read only. A mandatory policy + exist, or the object may be read-only. A mandatory policy will not allow the process to relabel the file, maybe because of a property of the file, a property of the process, or a property of the proposed new label value. For - example, a user running at low integrity tries to change the - label of a high integrity file. Or perhaps a user running + example, if a user running at low integrity tries to change the + label of a high integrity file, or a user running at low integrity tries to change the label of a low - integrity file to a high integrity label. The - system administrator may use the following commands to - overcome this: + integrity file to a high integrity label, these operations will fail. + + The + system administrator may use setpmac to override the + policy module's settings by assigning a different label to the + invoked process: &prompt.root; setfmac biba/high test Permission denied @@ -338,80 +370,85 @@ &prompt.root; getfmac test test: biba/high - setpmac can be used to override the - policy module's settings by assigning a different label to the - invoked process. getpmac is usually used - with currently running processes, such as - sendmail. It takes a process ID in - place of a command. If users attempt to manipulate a file not + For currently running processes, such as + sendmail, + getpmac is usually used instead. + This command takes a process ID (PID) in + place of a command name. If users attempt to manipulate a file not in their access, subject to the rules of the loaded policy modules, the Operation not permitted - error will be displayed by the - mac_set_link function. + error will be displayed. + - - Common Label Types + + Predefined Labels - For the &man.mac.biba.4;, &man.mac.mls.4; and - &man.mac.lomac.4; policy modules, the ability to assign - simple labels is provided. These take the form of high, - equal, and low, where: + A few &os; policy modules which support the labeling feature + offer three predefined labels: low, equal, and high, + where: - The low label is considered the + low is considered the lowest label setting an object or subject may have. Setting this on objects or subjects blocks their access to objects or subjects marked high. - The equal label should only be + equal sets the subject or object + to be disabled or unaffected and should only be placed on objects considered to be exempt from the policy. - The high label grants an object - or subject the highest possible setting. + high grants an object + or subject the highest setting available in the Biba and + MLS policy modules. - With respect to each policy module, each of those - settings will establish a different information flow - directive. Refer to the manual pages of the module to - determine the traits of these generic label + Such policy modules include &man.mac.biba.4;, &man.mac.mls.4; and + &man.mac.lomac.4;. Each of the predefined + labels establishes a different information flow + directive. Refer to the manual page of the module to + determine the traits of the generic label configurations. + - - Advanced Label Configuration - - Numeric grade labels are used for - comparison:compartment+compartment. + + Numeric Labels + + The Biba and MLS policy modules support a numeric + label which may be set to indicate the precise level of hierarchical + control. This numeric level is used to partition or sort + information into different groups of classification, only + permitting access to that group or a higher group level. For example: biba/10:2+3+6(5:2+3-20:2+3+4+5+6) may be interpreted as Biba Policy - Label/Grade - 10:Compartments 2, 3 and 6: - (grade 5 ...) + Label/Grade + 10:Compartments 2, 3 and 6: + (grade 5 ...) In this example, the first grade would be considered - the effective grade with - effective compartments, the second grade + the effective grade with + effective compartments, the second grade is the low grade, and the last one is the high grade. - In most configurations, these settings will not be used - as they are advanced configurations. + In most configurations, such fine-grained settings are not needed + as they are considered to be advanced configurations. - System objects only have a current grade/compartment. + System objects only have a current grade and compartment. System subjects reflect the range of available rights in the system, and network interfaces, where they are used for access control. The grade and compartments in a subject and object pair are used to construct a relationship known as - dominance, in which a subject dominates an + dominance, in which a subject dominates an object, the object dominates the subject, neither dominates the other, or both dominate each other. The both dominate case occurs when the two @@ -422,21 +459,27 @@ test: biba/high using su or setpmac in order to access objects in a compartment from which they are not restricted. - - + - - Users and Label Settings + + User Labels Users are required to have labels so that their files and processes properly interact with the security policy defined on the system. This is configured in - login.conf using login classes. Every + /etc/login.conf using login classes. Every policy module that uses labels will implement the user class setting. - An example entry containing every policy module setting - is displayed below: + To set the + user class default label which will be enforced by + MAC, add a entry. An + example entry containing every policy module + is displayed below. Note that in a real + configuration, the administrator would never enable + every policy module. It is recommended that the rest of + this chapter be reviewed before any configuration is + implemented. default:\ :copyright=/etc/COPYRIGHT:\ @@ -462,25 +505,15 @@ test: biba/high :ignoretime@:\ :label=partition/13,mls/5,biba/10(5-15),lomac/10[2]: - To set the - user class default label which will be enforced by - MAC, use . Users - are never permitted to modify this value. In a real - configuration, however, the administrator would never enable - every policy module. It is recommended that the rest of - this chapter be reviewed before any configuration is - implemented. - - - Users may change their label after they login, subject + While users + can not modify the default value, they may change their label after they login, subject to the constraints of the policy. The example above tells - the Biba policy that a process's minimum integrity is 5, - its maximum is 15, and the default effective label is 10. - The process will run at 10 until it chooses to change - label, perhaps due to the user using &man.setpmac.8;, + the Biba policy that a process's minimum integrity is 5, + its maximum is 15, and the default effective label is 10. + The process will run at 10 until it chooses to change + label, perhaps due to the user using setpmac, which will be constrained by Biba to the configured range. - After any change to login.conf, the login class capability @@ -489,30 +522,29 @@ test: biba/high Many sites have a large number of users requiring several different user classes. In depth planning is - required as this may get extremely difficult to + required as this can become difficult to manage. - + - - Network Interfaces and Label Settings + + Network Interface Labels Labels may be set on network interfaces to help control the flow of data across the network. Policies using network interface labels function in the same way that policies function with respect to objects. Users at high - settings in biba, for example, will not + settings in Biba, for example, will not be permitted to access network interfaces with a label of - low. + low. - may be passed to - ifconfig when setting the - MAC label on network interfaces. For - example: + When setting the + MAC label on network interfaces, may be passed to + ifconfig: &prompt.root; ifconfig bge0 maclabel biba/equal - will set the MAC label of - biba/equal on the &man.bge.4; interface. + This example will set the MAC label of + biba/equal on the bge0 interface. When using a setting similar to biba/high(low-high), the entire label should be quoted to prevent an error from being @@ -523,86 +555,8 @@ test: biba/high label on network interfaces. Setting the label to will have a similar effect. Review the output of sysctl, the policy manual - pages, and the information in this chapter for more + pages, and the information in the rest of this chapter for more information on those tunables. - - - - - Singlelabel or Multilabel? - - By default, the system will use - . For the administrator, there - are several differences which offer pros and cons to the - flexibility in the system's security model. - - A security policy which uses - only permits one label, such as biba/high, - to be used for each subject or object. This provides lower - administration overhead, but decreases the flexibility of - policies which support labeling. - - permits each subject or object - to have its own independent MAC label. - The decision to use or - is only required for the policies - which implement the labeling feature, including the Biba, - Lomac, and MLS policies. - - In many cases, may not be - needed. Consider the following situation and security - model: - - - - &os; web-server using the MAC - framework and a mix of the various policies. - - - - This machine only requires one label, - biba/high, for everything in the - system. This file system would not require - as a single label will always - be in effect. - - - - But, this machine will be a web server and should - have the web server run at biba/low - to prevent write up capabilities. The server could - use a separate partition set at - biba/low for most if not all - of its runtime state. - - - - If any of the non-labeling policies are to be used, - would not be required. These - include the seeotheruids, - portacl and partition - policies. - - Using with a partition and - establishing a security model based on - functionality could increase - administrative overhead as everything in the file system has a - label. This includes directories, files, and even device - nodes. - - The following command will set - on the file systems to have multiple labels. This may only be - done in single user mode and is not a requirement for the swap - file system: - - &prompt.root; tunefs -l enable / - - - Some users have experienced problems with setting the - flag on the root partition. - If this is the case, please review the - of this chapter. - From owner-svn-doc-all@FreeBSD.ORG Wed Mar 26 21:38:02 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D26AA8ED; Wed, 26 Mar 2014 21:38:02 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BDBCBF82; Wed, 26 Mar 2014 21:38:02 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2QLc20j000898; Wed, 26 Mar 2014 21:38:02 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2QLc2Mf000897; Wed, 26 Mar 2014 21:38:02 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403262138.s2QLc2Mf000897@svn.freebsd.org> From: Dru Lavigne Date: Wed, 26 Mar 2014 21:38:02 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44360 - head/en_US.ISO8859-1/books/handbook/mac X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Mar 2014 21:38:02 -0000 Author: dru Date: Wed Mar 26 21:38:02 2014 New Revision: 44360 URL: http://svnweb.freebsd.org/changeset/doc/44360 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mac/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Wed Mar 26 20:22:00 2014 (r44359) +++ head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Wed Mar 26 21:38:02 2014 (r44360) @@ -4,14 +4,15 @@ $FreeBSD$ --> - Mandatory Access Control + + Mandatory Access Control + - TomRhodesWritten by + TomRhodesWritten + by - - Synopsis @@ -21,20 +22,20 @@ MAC - &os; supports security extensions - based on the &posix;.1e draft. These - security mechanisms include file system Access - Control Lists () and Mandatory Access - Control (MAC). MAC allows - access control modules to be loaded in order to implement security - policies. Some modules provide protections for a narrow subset - of the system, hardening a particular service. Others provide - comprehensive labeled security across all subjects and objects. - The mandatory part of the definition indicates that enforcement - of controls is performed by administrators and the operating - system. This is in contrast to the default security mechanism - of Discretionary Access Control (DAC) where - enforcement is left to the discretion of users. + &os; supports security extensions based on the + &posix;.1e draft. These security mechanisms include file system + Access Control Lists () and Mandatory + Access Control (MAC). MAC + allows access control modules to be loaded in order to implement + security policies. Some modules provide protections for a + narrow subset of the system, hardening a particular service. + Others provide comprehensive labeled security across all + subjects and objects. The mandatory part of the definition + indicates that enforcement of controls is performed by + administrators and the operating system. This is in contrast to + the default security mechanism of Discretionary Access Control + (DAC) where enforcement is left to the + discretion of users. This chapter focuses on the MAC framework and the set of pluggable security policy modules &os; provides @@ -80,13 +81,13 @@ - Understand &unix; and &os; basics - (). + Understand &unix; and &os; basics (). - Have some familiarity with security and how it - pertains to &os; (). + Have some familiarity with security and how it pertains + to &os; (). @@ -108,16 +109,16 @@ understanding, proper design, and thorough testing. - While this chapter covers a broad range of security issues - relating to the MAC framework, the - development of new MAC security policy - modules will not be covered. A number of security policy - modules included with the MAC framework - have specific characteristics which are provided for both - testing and new module development. Refer to - &man.mac.test.4;, &man.mac.stub.4; and &man.mac.none.4; - for more information on these security policy modules and - the various mechanisms they provide. + While this chapter covers a broad range of security issues + relating to the MAC framework, the + development of new MAC security policy + modules will not be covered. A number of security policy + modules included with the MAC framework have + specific characteristics which are provided for both testing and + new module development. Refer to &man.mac.test.4;, + &man.mac.stub.4; and &man.mac.none.4; for more information on + these security policy modules and the various mechanisms they + provide. @@ -188,8 +189,7 @@ files, fields, screens, keyboards, memory, magnetic storage, printers or any other data storage or moving device. An object is a data container or a system resource. Access to - an object effectively means access to - its data. + an object effectively means access to its data. @@ -202,26 +202,25 @@ policy: a collection of rules - which defines how objectives are to be achieved. A - policy usually documents how certain - items are to be handled. This chapter considers a - policy to be a collection of rules which controls - the flow of data and information and defines who has access - to that data and information. + which defines how objectives are to be achieved. A policy + usually documents how certain items are to be handled. This + chapter considers a policy to be a collection of rules which + controls the flow of data and information and defines who + has access to that data and information. high-watermark: this type of policy permits the raising of security levels for the purpose of accessing higher level information. In most - cases, the original level is restored after the process - is complete. Currently, the &os; MAC + cases, the original level is restored after the process is + complete. Currently, the &os; MAC framework does not include this type of policy. - low-watermark: this type of - policy permits lowering security levels for the purpose of + low-watermark: this type of policy + permits lowering security levels for the purpose of accessing information which is less secure. In most cases, the original security level of the user is restored after the process is complete. The only security policy module in @@ -243,13 +242,12 @@ Understanding MAC Labels A MAC label is a security attribute - which may be applied to subjects and objects throughout - the system. When setting a label, the administrator must - understand its - implications in order to prevent unexpected or undesired - behavior of the system. The attributes available on an object - depend on the loaded policy module, as policy modules interpret - their attributes in different ways. + which may be applied to subjects and objects throughout the + system. When setting a label, the administrator must + understand its implications in order to prevent unexpected or + undesired behavior of the system. The attributes available on + an object depend on the loaded policy module, as policy modules + interpret their attributes in different ways. The security label on an object is used as a part of a security access control decision by a policy. With some @@ -257,73 +255,71 @@ to make a decision. In other policies, the labels may be processed as part of a larger rule set. - There are two types of label policies: single label and multi label. - By default, the system will use - single label. The administrator should be aware of the - pros and cons of each in order to implement policies which meet the - requirements of the system's security model. - - A single label security policy - only permits one label - to be used for every subject or object. Since a single label policy enforces one set of - access permissions across the entire system, it provides lower - administration overhead, but decreases the flexibility of - policies which support labeling. However, in many - environments, a single label policy may be all that is required. + There are two types of label policies: single label and + multi label. By default, the system will use single label. The + administrator should be aware of the pros and cons of each in + order to implement policies which meet the requirements of the + system's security model. + + A single label security policy only permits one label to be + used for every subject or object. Since a single label policy + enforces one set of access permissions across the entire system, + it provides lower administration overhead, but decreases the + flexibility of policies which support labeling. However, in + many environments, a single label policy may be all that is + required. A single label policy is somewhat similar to - DAC as - root - configures the policies so that users are placed in the - appropriate categories and access levels. A notable difference is that many policy modules - can also restrict root. Basic - control over objects will then be released to the group, but - root may revoke or modify the settings - at any time. - - When appropriate, a multi label policy can - be set on - a UFS file system by passing to - &man.tunefs.8;. A multi label policy permits each subject or object - to have its own independent MAC label. - The decision to use a multi label or - single label policy is only required for policies - which implement the labeling feature, such as biba, - lomac, and mls. Some policies, - such as seeotheruids, - portacl and partition, - do not use labels at all. - - Using a multi label policy on a partition and - establishing a multi label security model can increase - administrative overhead as everything in that file system has a - label. This includes directories, files, and even device - nodes. - - The following command will set - on the specified UFS file system. This may only be - done in single-user mode and is not a requirement for the swap - file system: + DAC as root configures the policies so + that users are placed in the appropriate categories and access + levels. A notable difference is that many policy modules can + also restrict root. + Basic control over objects will then be released to the group, + but root may revoke or + modify the settings at any time. + + When appropriate, a multi label policy can be set on a + UFS file system by passing + to &man.tunefs.8;. A multi label + policy permits each subject or object to have its own + independent MAC label. The decision to use a + multi label or single label policy is only required for policies + which implement the labeling feature, such as + biba, lomac, and + mls. Some policies, such as + seeotheruids, portacl and + partition, do not use labels at all. + + Using a multi label policy on a partition and establishing a + multi label security model can increase administrative overhead + as everything in that file system has a label. This includes + directories, files, and even device nodes. + + The following command will set + on the specified UFS file system. This may + only be done in single-user mode and is not a requirement for + the swap file system: - &prompt.root; tunefs -l enable / + &prompt.root; tunefs -l enable / - - Some users have experienced problems with setting the - flag on the root partition. - If this is the case, please review - . - + + Some users have experienced problems with setting the + flag on the root partition. If + this is the case, please review . + - Since the multi label policy is set on a per-file system basis, a multi label policy may not be - needed if the file system layout is well designed. Consider an example security - MAC model for a &os; web server. This machine - uses the single label, - biba/high, for everything in the default file - systems. If the web server needs to - run at biba/low - to prevent write up capabilities, it could - be installed to a separate UFS /usr/local file system set at - biba/low. + Since the multi label policy is set on a per-file system + basis, a multi label policy may not be needed if the file system + layout is well designed. Consider an example security + MAC model for a &os; web server. This + machine uses the single label, biba/high, for + everything in the default file systems. If the web server needs + to run at biba/low to prevent write up + capabilities, it could be installed to a separate + UFS /usr/local file + system set at biba/low. Label Configuration @@ -337,32 +333,33 @@ All configuration may be done using setfmac, which is used to set MAC labels on system objects, and - setpmac, which is used to set the labels on system - subjects. For example, to set the biba MAC - label to high on test: + setpmac, which is used to set the labels on + system subjects. For example, to set the + biba MAC label to + high on test: &prompt.root; setfmac biba/high test If the configuration is successful, the prompt will be returned without error. A common error is Permission denied which usually occurs - when the label is being set or modified on a restricted object. - Other conditions may produce different - failures. For instance, the file may not be owned by the - user attempting to relabel the object, the object may not - exist, or the object may be read-only. A mandatory policy - will not allow the process to relabel the file, maybe - because of a property of the file, a property of the - process, or a property of the proposed new label value. For - example, if a user running at low integrity tries to change the - label of a high integrity file, or a user running - at low integrity tries to change the label of a low - integrity file to a high integrity label, these operations will fail. - - The - system administrator may use setpmac to override the - policy module's settings by assigning a different label to the - invoked process: + when the label is being set or modified on a restricted + object. Other conditions may produce different failures. For + instance, the file may not be owned by the user attempting to + relabel the object, the object may not exist, or the object + may be read-only. A mandatory policy will not allow the + process to relabel the file, maybe because of a property of + the file, a property of the process, or a property of the + proposed new label value. For example, if a user running at + low integrity tries to change the label of a high integrity + file, or a user running at low integrity tries to change the + label of a low integrity file to a high integrity label, these + operations will fail. + + The system administrator may use + setpmac to override the policy module's + settings by assigning a different label to the invoked + process: &prompt.root; setfmac biba/high test Permission denied @@ -372,116 +369,110 @@ test: biba/high For currently running processes, such as sendmail, - getpmac is usually used instead. - This command takes a process ID (PID) in - place of a command name. If users attempt to manipulate a file not + getpmac is usually used instead. This + command takes a process ID (PID) in place + of a command name. If users attempt to manipulate a file not in their access, subject to the rules of the loaded policy modules, the Operation not permitted error will be displayed. - + - - Predefined Labels + + Predefined Labels - A few &os; policy modules which support the labeling feature - offer three predefined labels: low, equal, and high, - where: - - - - low is considered the - lowest label setting an object or subject may have. - Setting this on objects or subjects blocks their access - to objects or subjects marked high. - - - - equal sets the subject or object - to be disabled or unaffected and should only be - placed on objects considered to be exempt from the - policy. - - - - high grants an object - or subject the highest setting available in the Biba and - MLS policy modules. - - - - Such policy modules include &man.mac.biba.4;, &man.mac.mls.4; and - &man.mac.lomac.4;. Each of the predefined - labels establishes a different information flow - directive. Refer to the manual page of the module to - determine the traits of the generic label - configurations. - + A few &os; policy modules which support the labeling + feature offer three predefined labels: low, + equal, and high, + where: + + + + low is considered the lowest label + setting an object or subject may have. Setting this on + objects or subjects blocks their access to objects or + subjects marked high. + + + + equal sets the subject or object to + be disabled or unaffected and should only be placed on + objects considered to be exempt from the policy. + + + + high grants an object or subject + the highest setting available in the Biba and + MLS policy modules. + + + + Such policy modules include &man.mac.biba.4;, + &man.mac.mls.4; and &man.mac.lomac.4;. Each of the predefined + labels establishes a different information flow directive. + Refer to the manual page of the module to determine the traits + of the generic label configurations. + - - Numeric Labels - - The Biba and MLS policy modules support a numeric - label which may be set to indicate the precise level of hierarchical - control. This numeric level is used to partition or sort - information into different groups of classification, only - permitting access to that group or a higher group level. - For example: - - biba/10:2+3+6(5:2+3-20:2+3+4+5+6) - - may be interpreted as Biba Policy - Label/Grade - 10:Compartments 2, 3 and 6: - (grade 5 ...) - - In this example, the first grade would be considered - the effective grade with - effective compartments, the second grade - is the low grade, and the last one is the high grade. - In most configurations, such fine-grained settings are not needed - as they are considered to be advanced configurations. - - System objects only have a current grade and compartment. - System subjects reflect the range of available rights in - the system, and network interfaces, where they are used - for access control. - - The grade and compartments in a subject and object - pair are used to construct a relationship known as - dominance, in which a subject dominates an - object, the object dominates the subject, neither - dominates the other, or both dominate each other. The - both dominate case occurs when the two - labels are equal. Due to the information flow nature of - Biba, a user has rights to a set of compartments that - might correspond to projects, but objects also have a set - of compartments. Users may have to subset their rights - using su or setpmac - in order to access objects in a compartment from which - they are not restricted. - + + Numeric Labels - - User Labels + The Biba and MLS policy modules support + a numeric label which may be set to indicate the precise level + of hierarchical control. This numeric level is used to + partition or sort information into different groups of + classification, only permitting access to that group or a + higher group level. For example: + + biba/10:2+3+6(5:2+3-20:2+3+4+5+6) + + may be interpreted as Biba Policy Label/Grade + 10:Compartments 2, 3 and 6: (grade 5 ...) + + In this example, the first grade would be considered the + effective grade with effective compartments, the second grade + is the low grade, and the last one is the high grade. In most + configurations, such fine-grained settings are not needed as + they are considered to be advanced configurations. + + System objects only have a current grade and compartment. + System subjects reflect the range of available rights in the + system, and network interfaces, where they are used for access + control. + + The grade and compartments in a subject and object pair + are used to construct a relationship known as + dominance, in which a subject dominates + an object, the object dominates the subject, neither dominates + the other, or both dominate each other. The both + dominate case occurs when the two labels are equal. + Due to the information flow nature of Biba, a user has rights + to a set of compartments that might correspond to projects, + but objects also have a set of compartments. Users may have + to subset their rights using su or + setpmac in order to access objects in a + compartment from which they are not restricted. + - Users are required to have labels so that their files - and processes properly interact with the security policy - defined on the system. This is configured in - /etc/login.conf using login classes. Every - policy module that uses labels will implement the user class - setting. + + User Labels - To set the - user class default label which will be enforced by - MAC, add a entry. An - example entry containing every policy module - is displayed below. Note that in a real - configuration, the administrator would never enable - every policy module. It is recommended that the rest of - this chapter be reviewed before any configuration is - implemented. + Users are required to have labels so that their files and + processes properly interact with the security policy defined + on the system. This is configured in + /etc/login.conf using login classes. + Every policy module that uses labels will implement the user + class setting. + + To set the user class default label which will be enforced + by MAC, add a entry. + An example entry containing every + policy module is displayed below. Note that in a real + configuration, the administrator would never enable every + policy module. It is recommended that the rest of this + chapter be reviewed before any configuration is + implemented. - default:\ + default:\ :copyright=/etc/COPYRIGHT:\ :welcome=/etc/motd:\ :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\ @@ -505,58 +496,56 @@ test: biba/high :ignoretime@:\ :label=partition/13,mls/5,biba/10(5-15),lomac/10[2]: - While users - can not modify the default value, they may change their label after they login, subject - to the constraints of the policy. The example above tells - the Biba policy that a process's minimum integrity is 5, - its maximum is 15, and the default effective label is 10. - The process will run at 10 until it chooses to change - label, perhaps due to the user using setpmac, - which will be constrained by Biba to the configured - range. - - After any change to - login.conf, the login class capability - database must be rebuilt using - cap_mkdb. - - Many sites have a large number of users requiring - several different user classes. In depth planning is - required as this can become difficult to - manage. - + While users can not modify the default value, they may + change their label after they login, subject to the + constraints of the policy. The example above tells the Biba + policy that a process's minimum integrity is + 5, its maximum is 15, + and the default effective label is 10. The + process will run at 10 until it chooses to + change label, perhaps due to the user using + setpmac, which will be constrained by Biba + to the configured range. + + After any change to login.conf, the + login class capability database must be rebuilt using + cap_mkdb. + + Many sites have a large number of users requiring + several different user classes. In depth planning is + required as this can become difficult to manage. + - - Network Interface Labels + + Network Interface Labels - Labels may be set on network interfaces to help - control the flow of data across the network. Policies - using network interface labels function in the same way that - policies function with respect to objects. Users at high - settings in Biba, for example, will not - be permitted to access network interfaces with a label of - low. - - When setting the - MAC label on network interfaces, may be passed to - ifconfig: - - &prompt.root; ifconfig bge0 maclabel biba/equal - - This example will set the MAC label of - biba/equal on the bge0 interface. - When using a setting similar to - biba/high(low-high), the entire label - should be quoted to prevent an error from being - returned. - - Each policy module which supports labeling has a tunable - which may be used to disable the MAC - label on network interfaces. Setting the label to - will have a similar effect. Review - the output of sysctl, the policy manual - pages, and the information in the rest of this chapter for more - information on those tunables. + Labels may be set on network interfaces to help control + the flow of data across the network. Policies using network + interface labels function in the same way that policies + function with respect to objects. Users at high settings in + Biba, for example, will not be permitted to access network + interfaces with a label of low. + + When setting the MAC label on network + interfaces, may be passed to + ifconfig: + + &prompt.root; ifconfig bge0 maclabel biba/equal + + This example will set the MAC label of + biba/equal on the bge0 + interface. When using a setting similar to + biba/high(low-high), the entire label + should be quoted to prevent an error from being + returned. + + Each policy module which supports labeling has a tunable + which may be used to disable the MAC label + on network interfaces. Setting the label to + will have a similar effect. Review + the output of sysctl, the policy manual + pages, and the information in the rest of this chapter for + more information on those tunables. @@ -677,14 +666,14 @@ test: biba/high back to a previous configuration should be considered and the implementation of MAC remotely should be done with extreme caution. - + Module Configuration Beginning with &os; 8.0, the default &os; kernel - includes options MAC. This means that + includes options MAC. This means that every module included with the MAC framework may be loaded as a run-time kernel module. The recommended method is to add the module name to @@ -709,757 +698,776 @@ test: biba/high Available MAC Policies - &os; includes a group of policies that will cover - most security requirements. Each policy is discussed - below. - - - The MAC See Other UIDs Policy + &os; includes a group of policies that will cover most + security requirements. Each policy is discussed below. - - MAC See Other UIDs Policy - - Module name: mac_seeotheruids.ko + + The MAC See Other UIDs Policy - Kernel configuration line: - options MAC_SEEOTHERUIDS - - Boot option: - mac_seeotheruids_load="YES" - - The &man.mac.seeotheruids.4; module mimics and extends - the security.bsd.see_other_uids and - security.bsd.see_other_gids - sysctl tunables. This option does - not require any labels to be set before configuration and - can operate transparently with the other modules. - - After loading the module, the following - sysctl tunables may be used to control - the features: + + MAC See Other UIDs Policy + + Module name: + mac_seeotheruids.ko - - - security.mac.seeotheruids.enabled - enables the module and uses the default settings which deny - users the ability to view processes and sockets owned by - other users. - + Kernel configuration line: + options MAC_SEEOTHERUIDS - - - security.mac.seeotheruids.specificgid_enabled - allows certain groups to be exempt from this policy. To - exempt specific groups from this policy, use the - security.mac.seeotheruids.specificgid=XXX - sysctl tunable. Replace - XXX with the numeric group ID to - be exempted. - + Boot option: + mac_seeotheruids_load="YES" - - - security.mac.seeotheruids.primarygroup_enabled - is used to exempt specific primary groups from this policy. - When using this tunable, - security.mac.seeotheruids.specificgid_enabled - may not be set. - - - + The &man.mac.seeotheruids.4; module mimics and extends + the security.bsd.see_other_uids and + security.bsd.see_other_gids + sysctl tunables. This option does not + require any labels to be set before configuration and can + operate transparently with the other modules. + + After loading the module, the following + sysctl tunables may be used to control the + features: + + + + security.mac.seeotheruids.enabled + enables the module and uses the default settings which + deny users the ability to view processes and sockets owned + by other users. + + + + + security.mac.seeotheruids.specificgid_enabled + allows certain groups to be exempt from this policy. To + exempt specific groups from this policy, use the + security.mac.seeotheruids.specificgid=XXX + sysctl tunable. Replace + XXX with the numeric group ID + to be exempted. + + + + + security.mac.seeotheruids.primarygroup_enabled + is used to exempt specific primary groups from this + policy. When using this tunable, + security.mac.seeotheruids.specificgid_enabled + may not be set. + + + - - The MAC BSD Extended Policy + + The MAC BSD Extended Policy - - MAC - File System Firewall Policy - - Module name: mac_bsdextended.ko + + MAC + File System Firewall Policy + + Module name: + mac_bsdextended.ko - Kernel configuration line: - options MAC_BSDEXTENDED + Kernel configuration line: + options MAC_BSDEXTENDED - Boot option: - mac_bsdextended_load="YES" + Boot option: + mac_bsdextended_load="YES" - The &man.mac.bsdextended.4; module enforces the file system - firewall. This module's policy provides an extension to the - standard file system permissions model, permitting an - administrator to create a firewall-like ruleset to protect - files, utilities, and directories in the file system hierarchy. - When access to a file system object is attempted, the list of - rules is iterated until either a matching rule is located or - the end is reached. This behavior may be changed by the use - of a &man.sysctl.8; parameter, - security.mac.bsdextended.firstmatch_enabled. - Similar to other firewall modules in &os;, a file containing - the access control rules can be created and read by the system - at boot time using an &man.rc.conf.5; variable. - - The rule list may be entered using &man.ugidfw.8; which has - a syntax similar to &man.ipfw.8;. More tools can be written by - using the functions in the &man.libugidfw.3; library. - - Extreme caution should be taken when working with this - module as incorrect use could block access to certain parts of - the file system. - - - Examples - - After the &man.mac.bsdextended.4; module has been loaded, - the following command may be used to list the current rule - configuration: + The &man.mac.bsdextended.4; module enforces the file + system firewall. This module's policy provides an extension + to the standard file system permissions model, permitting an + administrator to create a firewall-like ruleset to protect + files, utilities, and directories in the file system + hierarchy. When access to a file system object is attempted, + the list of rules is iterated until either a matching rule is + located or the end is reached. This behavior may be changed + by the use of a &man.sysctl.8; parameter, + security.mac.bsdextended.firstmatch_enabled. + Similar to other firewall modules in &os;, a file containing + the access control rules can be created and read by the system + at boot time using an &man.rc.conf.5; variable. + + The rule list may be entered using &man.ugidfw.8; which + has a syntax similar to &man.ipfw.8;. More tools can be + written by using the functions in the &man.libugidfw.3; + library. + + Extreme caution should be taken when working with this + module as incorrect use could block access to certain parts of + the file system. + + + Examples + + After the &man.mac.bsdextended.4; module has been + loaded, the following command may be used to list the + current rule configuration: - &prompt.root; ugidfw list + &prompt.root; ugidfw list 0 slots, 0 rules - By default, no rules are defined and everything is - completely accessible. To create a rule which will block all - access by users but leave root - unaffected, run the following command: - - &prompt.root; ugidfw add subject not uid root new object not uid root mode n - - This is a very bad idea as it will block all users from - issuing even the most simple commands, such as - ls. The next example will block - user1 any and all access, including - directory listings, to - user2's home - directory: + By default, no rules are defined and everything is + completely accessible. To create a rule which will block + all access by users but leave root unaffected, run the + following command: + + &prompt.root; ugidfw add subject not uid root new object not uid root mode n + + This is a very bad idea as it will block all users from + issuing even the most simple commands, such as + ls. The next example will block + user1 any and all + access, including directory listings, to user2's + home directory: - &prompt.root; ugidfw set 2 subject uid user1 object uid user2 mode n + &prompt.root; ugidfw set 2 subject uid user1 object uid user2 mode n &prompt.root; ugidfw set 3 subject uid user1 object gid user2 mode n - Instead of user1, - - could be used. This enforces the same access restrictions for - all users instead of just one user. - - - The root user is unaffected by - these changes. - - - For more information, refer to &man.mac.bsdextended.4; and - &man.ugidfw.8; - - - - - The MAC Interface Silencing Policy - - - MAC Interface Silencing Policy - - Module name: mac_ifoff.ko - - Kernel configuration line: - options MAC_IFOFF - - Boot option: - mac_ifoff_load="YES" - - The &man.mac.ifoff.4; module exists solely to disable - network interfaces on the fly and keep network interfaces from - being brought up during system boot. It does not require any - labels to be set up on the system, nor does it depend on other - MAC modules. - - Most of this module's control is performed through the - sysctl tunables listed below. - - - - security.mac.ifoff.lo_enabled - enables or disables all traffic on the loopback (&man.lo.4;) - interface. - - - - security.mac.ifoff.bpfrecv_enabled - enables or disables all traffic on the Berkeley Packet - Filter interface (&man.bpf.4;) - - - - security.mac.ifoff.other_enabled - enables or disables traffic on all other interfaces. - - - - One of the most common uses of &man.mac.ifoff.4; is network - monitoring in an environment where network traffic should not - be permitted during the boot sequence. Another suggested use - would be to write a script which uses - security/aide to - automatically block network traffic if it finds new or altered - files in protected directories. - - - - The MAC Port Access Control List Policy - - *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Thu Mar 27 01:49:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BFDFEAB8; Thu, 27 Mar 2014 01:49:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id ACBEAAC4; Thu, 27 Mar 2014 01:49:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2R1nANO006495; Thu, 27 Mar 2014 01:49:10 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2R1nAiT006494; Thu, 27 Mar 2014 01:49:10 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403270149.s2R1nAiT006494@svn.freebsd.org> From: Glen Barber Date: Thu, 27 Mar 2014 01:49:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44361 - head/en_US.ISO8859-1/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Mar 2014 01:49:10 -0000 Author: gjb Date: Thu Mar 27 01:49:10 2014 New Revision: 44361 URL: http://svnweb.freebsd.org/changeset/doc/44361 Log: Due to time constraints, Ken has decided it would be best to rotate another re@ member into this role. Update the administration page to reflect I will now wear the Release Engineering Team Lead hat. Many thanks to Ken for his many years in this role, and his continued service as an active member on the re@ team. Approved by: core Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/administration.xml Modified: head/en_US.ISO8859-1/htdocs/administration.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/administration.xml Wed Mar 26 21:38:02 2014 (r44360) +++ head/en_US.ISO8859-1/htdocs/administration.xml Thu Mar 27 01:49:10 2014 (r44361) @@ -151,7 +151,7 @@ Engineering Team in greater detail.

      -
    • &a.gjb.email;
      • +
    • &a.gjb.email; (Lead)
    • &a.kib.email;
    • &a.joel.email;
    • &a.blackend.email;
      • @@ -161,7 +161,7 @@
    • &a.rodrigc.email;
    • &a.hrs.email;
    • &a.glebius.email;
      • -
    • &a.kensmith.email; (Lead)
      • +
    • &a.kensmith.email;
    • &a.marius.email;
    From owner-svn-doc-all@FreeBSD.ORG Thu Mar 27 16:13:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9D276314; Thu, 27 Mar 2014 16:13:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8A73E355; Thu, 27 Mar 2014 16:13:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2RGDtIX060706; Thu, 27 Mar 2014 16:13:55 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2RGDtvw060705; Thu, 27 Mar 2014 16:13:55 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403271613.s2RGDtvw060705@svn.freebsd.org> From: Glen Barber Date: Thu, 27 Mar 2014 16:13:55 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44362 - head/en_US.ISO8859-1/books/porters-handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Mar 2014 16:13:55 -0000 Author: gjb Date: Thu Mar 27 16:13:55 2014 New Revision: 44362 URL: http://svnweb.freebsd.org/changeset/doc/44362 Log: Document r263818, vt(4) merge to stable/9. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/books/porters-handbook/versions.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/versions.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/versions.xml Thu Mar 27 01:49:10 2014 (r44361) +++ head/en_US.ISO8859-1/books/porters-handbook/versions.xml Thu Mar 27 16:13:55 2014 (r44362) @@ -4368,6 +4368,13 @@ it was never committed:     + 902510 + March 27, 2014 + 9-STABLE after merge of the vt(4) driver + (rev r263818). + + + 1000000 September 26, 2011 10.0-CURRENT. From owner-svn-doc-all@FreeBSD.ORG Thu Mar 27 16:50:33 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 58E1D465; Thu, 27 Mar 2014 16:50:33 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 444AB8DB; Thu, 27 Mar 2014 16:50:33 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2RGoX0G074747; Thu, 27 Mar 2014 16:50:33 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2RGoWkT074743; Thu, 27 Mar 2014 16:50:32 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201403271650.s2RGoWkT074743@svn.freebsd.org> From: Mathieu Arnold Date: Thu, 27 Mar 2014 16:50:32 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44363 - in head/en_US.ISO8859-1/books/porters-handbook: pkg-files plist upgrading X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Mar 2014 16:50:33 -0000 Author: mat (ports committer) Date: Thu Mar 27 16:50:32 2014 New Revision: 44363 URL: http://svnweb.freebsd.org/changeset/doc/44363 Log: Update plist, pkg-files and upgrading chapters. Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/pkg-files/chapter.xml head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml head/en_US.ISO8859-1/books/porters-handbook/upgrading/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/pkg-files/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/pkg-files/chapter.xml Thu Mar 27 16:13:55 2014 (r44362) +++ head/en_US.ISO8859-1/books/porters-handbook/pkg-files/chapter.xml Thu Mar 27 16:50:32 2014 (r44363) @@ -54,25 +54,15 @@ pkg install you can do this via the pkg-install script. This script will automatically be added to the package, and will be run twice by - pkg the first time as - - ${SH} pkg-install ${PKGNAME} - PRE-INSTALL and the second time as + pkg the first time as ${SH} + pkg-install ${PKGNAME} PRE-INSTALL before the + package is installed and the second time as ${SH} pkg-install ${PKGNAME} - POST-INSTALL. $2 can be - tested to determine which mode the script is being run in. - The PKG_PREFIX environmental variable will be - set to the package installation directory. - - - This script is not run automatically if you install the - port with make install. If you are - depending on it being run, you will have to explicitly call - it from your port's Makefile, with a - line like PKG_PREFIX=${PREFIX} ${SH} - ${PKGINSTALL} ${PKGNAME} - PRE-INSTALL. - + POST-INSTALL after it has been installed. + $2 can be tested to determine which + mode the script is being run in. The PKG_PREFIX + environmental variable will be set to the package installation + directory. @@ -80,12 +70,16 @@ This script executes when a package is removed. - This script will be run twice by - pkg delete The first time as + This script will be run twice by pkg + delete The first time as ${SH} + pkg-deinstall ${PKGNAME} DEINSTALL before the + port is de-installed and the second time as ${SH} pkg-deinstall ${PKGNAME} - DEINSTALL and the second time as - ${SH} pkg-deinstall - ${PKGNAME} POST-DEINSTALL. + POST-DEINSTALL after the port has been de-installed. + $2 can be tested to determine which + mode the script is being run in. The PKG_PREFIX + environmental variable will be set to the package installation + directory @@ -143,12 +137,6 @@ - - Please change these variables rather than overriding - PKG_ARGS. If you change - PKG_ARGS, those files will not correctly be - installed in /var/db/pkg upon install - from a port. @@ -163,14 +151,15 @@ The SUB_FILES variable specifies a list of files to be automatically modified. Each - file in the + file in the SUB_FILES list must have a corresponding - file.in present in - FILESDIR. A modified version will be created - in WRKDIR. Files defined as a value of - USE_RC_SUBR (or the deprecated - USE_RCORDER) are automatically added to the - SUB_FILES. For the files + file.in present + in FILESDIR. A modified version will be + created as + ${WRKDIR}/file. + Files defined as a value of USE_RC_SUBR (or + the deprecated USE_RCORDER) are automatically + added to the SUB_FILES. For the files pkg-message, pkg-install, and pkg-deinstall, the corresponding Makefile @@ -186,7 +175,7 @@ LOCALBASE, DATADIR, DOCSDIR, EXAMPLESDIR, WWWDIR, and ETCDIR. Any - line beginning with @comment will be deleted + line beginning with @comment will be deleted from resulting files after a variable substitution. The following example will replace Modified: head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml Thu Mar 27 16:13:55 2014 (r44362) +++ head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml Thu Mar 27 16:50:32 2014 (r44363) @@ -57,19 +57,22 @@ PLIST_SUB= OCTAVE_VERSION=${OCTAVE_VERSI If your port installs files conditionally on the options set in the port, the usual way of handling it is prefixing the pkg-plist lines with a - %%TAG%% and adding that - TAG to the PLIST_SUB - variable inside the Makefile with a special - value of @comment, which makes package tools - to ignore the line: - - .if defined(WITH_X11) -PLIST_SUB+= X11="" -.else -PLIST_SUB+= X11="@comment " -.endif - - and in the pkg-plist: + %%OPT%% for lines needed when the option is + enabled, or %%NO_OPT%% when the option is + disabled, and adding OPTIONS_SUB=yes to the + Makefile. See for more information. + + For instance, if there are files that are only installed + when the X11 option is enabled, and the + Makefile has: + + OPTIONS_DEFINE= X11 +OPTIONS_SUB= yes + + In the pkg-plist file, put + %%X11%% in front of the lines only being + installed when the option is enabled, like this : %%X11%%bin/foo-gui @@ -104,6 +107,24 @@ PLIST_SUB+= X11="@comment " and PLIST_DIRSTRY must be set before TMPPLIST is written, i.e., in pre-install or earlier. + + From time to time, the OPTIONS_SUB + construct is not enough, in those cases, adding a specific + TAG to the PLIST_SUB + variable inside the Makefile with a special + value of @comment, makes package tools to + ignore the line. For instance, if some files are only installed + when the X11 option is on and the + architecture is i386: + + .include <bsd.port.pre.mk> + +.if ${PORT_OPTIONS:MX11} && ${ARCH} == "i386" +PLIST_SUB+= X11I386="" +.else +PLIST_SUB+= X11I386="@comment " +.endif + @@ -112,10 +133,10 @@ PLIST_SUB+= X11="@comment " Cleaning Up Empty Directories - Do make your ports remove empty directories when they are - de-installed. This is usually accomplished by adding - @dirrm lines for all directories that are - specifically created by the port. You need to delete + When being de-installed, A port has to remove empty + directories it created. This is usually accomplished by + adding @dirrm lines for all directories + that are specifically created by the port. You need to delete subdirectories before you can delete parent directories. @@ -209,6 +230,17 @@ etc/orbit.conf.sample message pointing out that the user must copy and edit the file before the software will work. + + + When a port installs its configuration in a subdirectory + of ${PREFIX}/etc, it should be in + ETCDIR, which defaults to + ${PREFIX}/etc/${PORTNAME}, it can be + overrided in the ports Makefile if there + is a convention for the port to use some other directory. The + %%ETCDIR%% macro should be used in its + stead in the pkg-plist file. + @@ -223,9 +255,10 @@ etc/orbit.conf.sample and PLIST_DIRSTRY. Even if the contents are auto-generated by a tool or a target in the Makefile before the inclusion into the Ports - Collection by a committer, this is still considered a static - list, since it is possible to examine it without having to - download or compile the distfile. + Collection by a committer (e.g., using make + makeplist>), this is still considered a static list, + since it is possible to examine it without having to download or + compile the distfile. A dynamic package list is a package list which is generated at the time the port is compiled based @@ -249,14 +282,17 @@ etc/orbit.conf.sample Automated Package List Creation - First, make sure your port is almost complete, with only - pkg-plist missing. You may then run - make makeplist to generate a - pkg-plist automatically. This file must be - double checked for correctness. - - User configuration files should be removed, or installed as - filename.sample. The + First, make sure the port is almost complete, with only + pkg-plist missing. Running make + makeplist will show what should be put in + pkg-plist. The output of + makeplist must be double checked for + correctness as it tries to automatically guess a few things, and + can get it wrong. + + User configuration files should be installed as + filename.sample, as it is described in + . The info/dir file should not be listed and appropriate install-info lines should be added as noted in the Modified: head/en_US.ISO8859-1/books/porters-handbook/upgrading/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/upgrading/chapter.xml Thu Mar 27 16:13:55 2014 (r44362) +++ head/en_US.ISO8859-1/books/porters-handbook/upgrading/chapter.xml Thu Mar 27 16:50:32 2014 (r44363) @@ -147,7 +147,10 @@ to see what has changed, and to update the diff if something was modified in the Ports Collection since you began work on it, or if the - committer asks for something to be fixed. + committer asks for something to be fixed. Also, a patch + generated with svn diff can be easily applied + with svn patch and will save some time to the + committer. &prompt.user; cd ~/my_wrkdir &prompt.user; svn co https://svn0.us-west.FreeBSD.org/ports/head/dns/pdnsd @@ -173,10 +176,11 @@ While in the working directory, make any changes that you - would usually make to the port. If you add or remove a file, - use svn to track these changes: + would usually make to the port. If you add, move or remove a + file, use svn to track these changes: &prompt.user; svn add new_file +&prompt.user; svn move old_name new_name &prompt.user; svn remove deleted_file Make sure that you check the port using the checklist in @@ -251,6 +255,14 @@ Send your patch following the guidelines in . + + + You can have patch automatically generated and the PR + pre-filled with your contact information by using + the Port Tools port + submit command. See for more details. + @@ -273,6 +285,17 @@ instructions, please make sure to get the shell escaping right. + + It is recommended that the AFFECTS line contains a glob + matching all the ports affected by the entry so that automated + tools can parse it as easily as possible. If an update + concerns all the existing BIND 9 + versions the AFFECTS content should be + users of dns/bind9*, it should + not be users of BIND + 9 + + The /usr/ports/MOVED file is used to list moved or removed ports. Each line in the file is made up of the name of the port, where the port was moved to, when, @@ -285,12 +308,18 @@ The date should be entered in the form YYYY-MM-DD. New entries should be added to - the end of the file to keep it in chronological order. + the top of the file to keep it in reverse chronological order + (the latest entries first). If a port was removed but has since been restored, delete the line in this file that states that it was removed. + If a port was renamed and then renamed back to its original + name, you should add a new one with the intermediate name to the + old name, and remove the old entry as to not create a + loop. + The changes can be validated with Tools/scripts/MOVEDlint.awk. From owner-svn-doc-all@FreeBSD.ORG Thu Mar 27 23:08:41 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B3E7976F; Thu, 27 Mar 2014 23:08:41 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 87E75348; Thu, 27 Mar 2014 23:08:41 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2RN8f0K030203; Thu, 27 Mar 2014 23:08:41 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2RN8fOr030201; Thu, 27 Mar 2014 23:08:41 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201403272308.s2RN8fOr030201@svn.freebsd.org> From: Gabor Pali Date: Thu, 27 Mar 2014 23:08:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44364 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Mar 2014 23:08:41 -0000 Author: pgj Date: Thu Mar 27 23:08:41 2014 New Revision: 44364 URL: http://svnweb.freebsd.org/changeset/doc/44364 Log: - Add 2014Q1 report for the Release Engineering team Submitted by: gjb Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Thu Mar 27 16:50:32 2014 (r44363) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Thu Mar 27 23:08:41 2014 (r44364) @@ -18,13 +18,19 @@

    Thanks to all the reporters for the excellent work! This report - contains 2 entries and we hope you enjoy reading it.

    + contains 3 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    + team + + &os; Team Reports + + + ports Ports @@ -177,4 +183,40 @@ General editing and review. + + + &os; Release Engineering Team + + + + &os; Release Engineering Team + re@FreeBSD.org + + + + + &os; 9.3-RELEASE schedule + &os; 9.3-RELEASE todo list + &os; development snapshots + + + +

    In early January, the &os; Release Engineering Team became + aware of several last-minute showstopper issues in + &os; 10.0, which lead to an extension in the final release + builds. &os; 10.0-RELEASE was announced on January 20, two + months behind the original schedule.

    + +

    The schedule for the &os; 9.3-RELEASE cycle has been + written and posted to the website, and the release cycle will + begin early May.

    + +

    There is ongoing work to integrate support for embedded + architectures as part of the release build process. At this + time, support exists for a number of ARM kernels, in particular + the Raspberry Pi, BeagleBone, and WandBoard.

    + + + The &os; Foundation +     From owner-svn-doc-all@FreeBSD.ORG Fri Mar 28 02:46:38 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4CACC8FC; Fri, 28 Mar 2014 02:46:38 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 394D4B74; Fri, 28 Mar 2014 02:46:38 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2S2kcAO024687; Fri, 28 Mar 2014 02:46:38 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2S2kckx024686; Fri, 28 Mar 2014 02:46:38 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201403280246.s2S2kckx024686@svn.freebsd.org> From: Glen Barber Date: Fri, 28 Mar 2014 02:46:38 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44365 - head/en_US.ISO8859-1/htdocs/cgi X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Mar 2014 02:46:38 -0000 Author: gjb Date: Fri Mar 28 02:46:37 2014 New Revision: 44365 URL: http://svnweb.freebsd.org/changeset/doc/44365 Log: Remove trailing '/' to fix a broken link. Submitted by: Denis (geodni@free.fr) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/cgi/cgi-style.pl Modified: head/en_US.ISO8859-1/htdocs/cgi/cgi-style.pl ============================================================================== --- head/en_US.ISO8859-1/htdocs/cgi/cgi-style.pl Thu Mar 27 23:08:41 2014 (r44364) +++ head/en_US.ISO8859-1/htdocs/cgi/cgi-style.pl Fri Mar 28 02:46:37 2014 (r44365) @@ -127,7 +127,7 @@ $i_topbar = qq`
  • Developer's Handbook
  • Manual Pages
  • Documentation Project Primer
    • -
  • All Books and Articles
    • +
  • All Books and Articles
    • From owner-svn-doc-all@FreeBSD.ORG Fri Mar 28 02:59:01 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 19FC6ACF; Fri, 28 Mar 2014 02:59:01 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 06D4AC32; Fri, 28 Mar 2014 02:59:01 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2S2x0Ib028886; Fri, 28 Mar 2014 02:59:00 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2S2x0g0028885; Fri, 28 Mar 2014 02:59:00 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403280259.s2S2x0g0028885@svn.freebsd.org> From: Warren Block Date: Fri, 28 Mar 2014 02:59:00 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44366 - head/en_US.ISO8859-1/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Mar 2014 02:59:01 -0000 Author: wblock Date: Fri Mar 28 02:59:00 2014 New Revision: 44366 URL: http://svnweb.freebsd.org/changeset/doc/44366 Log: Recover lost tags. Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Fri Mar 28 02:46:37 2014 (r44365) +++ head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Fri Mar 28 02:59:00 2014 (r44366) @@ -423,7 +423,7 @@ MergeChanges /etc/ /var/named/etc/ /boot &prompt.root; cd /cdrom/X.Y-RELEASE/kernels &prompt.root; ./install.sh GENERIC - Replace X.Y-RELEASE + Replace X.Y-RELEASE with the actual version of the release being used. The GENERIC kernel will be installed in /boot/GENERIC by From owner-svn-doc-all@FreeBSD.ORG Fri Mar 28 03:08:32 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DB9D1E2D; Fri, 28 Mar 2014 03:08:31 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BBBCAD97; Fri, 28 Mar 2014 03:08:31 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2S38VlB033748; Fri, 28 Mar 2014 03:08:31 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2S38VBW033747; Fri, 28 Mar 2014 03:08:31 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403280308.s2S38VBW033747@svn.freebsd.org> From: Warren Block Date: Fri, 28 Mar 2014 03:08:31 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44367 - head/en_US.ISO8859-1/books/handbook/multimedia X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Mar 2014 03:08:32 -0000 Author: wblock Date: Fri Mar 28 03:08:31 2014 New Revision: 44367 URL: http://svnweb.freebsd.org/changeset/doc/44367 Log: Recover lost tags. Modified: head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml Fri Mar 28 02:59:00 2014 (r44366) +++ head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml Fri Mar 28 03:08:31 2014 (r44367) @@ -266,10 +266,10 @@ pcm2: <Conexant CX20590 (Analog 2.0+H Another quick way to test the card is to send data to /dev/dsp: - &prompt.user; cat filename > /dev/dsp + &prompt.user; cat filename > /dev/dsp where - filename can + filename can be any type of file. This command should produce some noise, confirming that the sound card is working. @@ -373,7 +373,7 @@ pcm7: <HDA Realtek ALC889 PCM #3 Digi hw.snd.default_unit to the unit that should be used for playback: - &prompt.root; sysctl hw.snd.default_unit=n + &prompt.root; sysctl hw.snd.default_unit=n where n is the number of the sound device to use. In this example, it should be @@ -518,7 +518,7 @@ pcm7: <HDA Realtek ALC889 PCM #3 Digi Foobar-GreatestHits.mp3, enter the following to play the file: - &prompt.root; mpg123 -a /dev/dsp1.0 Foobar-GreatestHits.mp3 + &prompt.root; mpg123 -a /dev/dsp1.0 Foobar-GreatestHits.mp3 High Performance MPEG 1.0/2.0/2.5 Audio Player for Layer 1, 2 and 3. Version 0.59r (1999/Jun/15). Written and copyrights by Michael Hipp. Uses code from various people. See 'README' for more! @@ -551,7 +551,7 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz into individual (per track) WAV files: - &prompt.root; cdda2wav -D 0,1,0 -B + &prompt.root; cdda2wav -D 0,1,0 -B The indicates the SCSI device 0,1,0, @@ -563,18 +563,18 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz device name in place of the SCSI unit numbers. For example, to rip track 7 from an IDE drive: - &prompt.root; cdda2wav -D /dev/acd0 -t 7 + &prompt.root; cdda2wav -D /dev/acd0 -t 7 To rip individual tracks, make use of the as shown: - &prompt.root; cdda2wav -D 0,1,0 -t 7 + &prompt.root; cdda2wav -D 0,1,0 -t 7 This example rips track seven of the audio CDROM. To rip a range of tracks, such as track one to seven, specify a range: - &prompt.root; cdda2wav -D 0,1,0 -t 1+7 + &prompt.root; cdda2wav -D 0,1,0 -t 1+7 &man.dd.1; can also be used to extract audio tracks on ATAPI drives, as described in . @@ -592,18 +592,18 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz The following command will convert the ripped WAV files - audio01.wav + audio01.wav to - audio01.mp3: + audio01.mp3: - &prompt.root; lame -h -b 128 \ ---tt "Foo Song Title" \ ---ta "FooBar Artist" \ ---tl "FooBar Album" \ ---ty "2001" \ ---tc "Ripped and encoded by Foo" \ ---tg "Genre" \ -audio01.wav audio01.mp3 + &prompt.root; lame -h -b 128 \ +--tt "Foo Song Title" \ +--ta "FooBar Artist" \ +--tl "FooBar Album" \ +--ty "2001" \ +--tc "Ripped and encoded by Foo" \ +--tg "Genre" \ +audio01.wav audio01.mp3 128 kbits is a standard MP3 bitrate. The 160 and 192 bitrates provide higher quality. @@ -685,8 +685,8 @@ audio01.wav audio01.mp3 Run mpg123 -s - audio01.mp3 > - audio01.pcm + audio01.mp3 > + audio01.pcm @@ -703,7 +703,7 @@ audio01.wav audio01.mp3SoX, which can be installed from the audio/sox port or package: - &prompt.user; sox -t wav -r 44100 -s -w -c 2 track.wav track.raw + &prompt.user; sox -t wav -r 44100 -s -w -c 2 track.wav track.raw Refer to for more information on using a CD burner in &os;. @@ -974,26 +974,26 @@ no adaptors present options. To play the file - testfile.avi, + testfile.avi, specify the video interfaces with , as seen in the following examples: - &prompt.user; mplayer -vo xv testfile.avi + &prompt.user; mplayer -vo xv testfile.avi - &prompt.user; mplayer -vo sdl testfile.avi + &prompt.user; mplayer -vo sdl testfile.avi - &prompt.user; mplayer -vo x11 testfile.avi + &prompt.user; mplayer -vo x11 testfile.avi - &prompt.root; mplayer -vo dga testfile.avi + &prompt.root; mplayer -vo dga testfile.avi - &prompt.root; mplayer -vo 'sdl:dga' testfile.avi + &prompt.root; mplayer -vo 'sdl:dga' testfile.avi It is worth trying all of these options, as their relative performance depends on many factors and will vary significantly with hardware. To play a DVD, replace - testfile.avi + testfile.avi with , where N is the title number to play and @@ -1058,25 +1058,25 @@ zoom=yes Here is an example of a simple copy: - &prompt.user; mencoder input.avi -oac copy -ovc copy -o output.avi + &prompt.user; mencoder input.avi -oac copy -ovc copy -o output.avi To rip to a file, use with mplayer. To convert - input.avi to + input.avi to the MPEG4 codec with MPEG3 audio encoding, first install the audio/lame port. Due to licensing restrictions, a package is not available. Once installed, type: - &prompt.user; mencoder input.avi -oac mp3lame -lameopts br=192 \ - -ovc lavc -lavcopts vcodec=mpeg4:vhq -o output.avi + &prompt.user; mencoder input.avi -oac mp3lame -lameopts br=192 \ + -ovc lavc -lavcopts vcodec=mpeg4:vhq -o output.avi This will produce output playable by applications such as mplayer and xine. - input.avi + input.avi can be replaced with and run as root to re-encode a DVD title directly. Since it @@ -1107,7 +1107,7 @@ zoom=yes invoked from the command line by specifying the name of the file to play: - &prompt.user; xine -g -p mymovie.avi + &prompt.user; xine -g -p mymovie.avi Refer to xine-project.org/faq for more information and @@ -1140,11 +1140,11 @@ zoom=yes a PAL MPEG-1 file (PAL VCD): &prompt.user; transcode -i -input.avi -V --export_prof vcd-pal -o output_vcd -&prompt.user; mplex -f 1 -o output_vcd.mpg output_vcd.m1v output_vcd.mpa +input.avi -V --export_prof vcd-pal -o output_vcd +&prompt.user; mplex -f 1 -o output_vcd.mpg output_vcd.m1v output_vcd.mpa The resulting MPEG file, - output_vcd.mpg, + output_vcd.mpg, is ready to be played with MPlayer. The file can be burned on a CD media to create a video CD using a utility such as @@ -1629,7 +1629,7 @@ add path usb/0.2.0 mode 0666 group usbusb in order to allow access to the scanner: - &prompt.root; pw groupmod usb -m joe + &prompt.root; pw groupmod usb -m joe For more details refer to &man.pw.8;. From owner-svn-doc-all@FreeBSD.ORG Fri Mar 28 03:11:05 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A38E9EB2; Fri, 28 Mar 2014 03:11:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 90196E14; Fri, 28 Mar 2014 03:11:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2S3B51o036997; Fri, 28 Mar 2014 03:11:05 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2S3B57b036996; Fri, 28 Mar 2014 03:11:05 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403280311.s2S3B57b036996@svn.freebsd.org> From: Warren Block Date: Fri, 28 Mar 2014 03:11:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44368 - head/en_US.ISO8859-1/books/handbook/mac X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Mar 2014 03:11:05 -0000 Author: wblock Date: Fri Mar 28 03:11:04 2014 New Revision: 44368 URL: http://svnweb.freebsd.org/changeset/doc/44368 Log: Recover lost tags. Modified: head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mac/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Fri Mar 28 03:08:31 2014 (r44367) +++ head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Fri Mar 28 03:11:04 2014 (r44368) @@ -822,8 +822,8 @@ test: biba/high class="username">user2's home directory: - &prompt.root; ugidfw set 2 subject uid user1 object uid user2 mode n -&prompt.root; ugidfw set 3 subject uid user1 object gid user2 mode n + &prompt.root; ugidfw set 2 subject uid user1 object uid user2 mode n +&prompt.root; ugidfw set 3 subject uid user1 object gid user2 mode n Instead of user1, - &prompt.root; pptp address adsl + &prompt.root; pptp address adsl If an ampersand (&) is added @@ -1649,7 +1649,7 @@ ng0: flags=88d1<UP,POINTOPOINT,RUNNIN pptp process has confirmed a connection, examine the tunnel: - &prompt.user; ifconfig tun0 + &prompt.user; ifconfig tun0 tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500 inet 216.136.204.21 --> 204.152.186.171 netmask 0xffffff00 Opened by PID 918 From owner-svn-doc-all@FreeBSD.ORG Fri Mar 28 03:20:19 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D552A2F0; Fri, 28 Mar 2014 03:20:19 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B6838E71; Fri, 28 Mar 2014 03:20:19 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2S3KJBR040092; Fri, 28 Mar 2014 03:20:19 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2S3KJo6040091; Fri, 28 Mar 2014 03:20:19 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403280320.s2S3KJo6040091@svn.freebsd.org> From: Warren Block Date: Fri, 28 Mar 2014 03:20:19 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44370 - head/en_US.ISO8859-1/books/handbook/config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Mar 2014 03:20:19 -0000 Author: wblock Date: Fri Mar 28 03:20:19 2014 New Revision: 44370 URL: http://svnweb.freebsd.org/changeset/doc/44370 Log: Recover lost tags. Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/config/chapter.xml Fri Mar 28 03:15:59 2014 (r44369) +++ head/en_US.ISO8859-1/books/handbook/config/chapter.xml Fri Mar 28 03:20:19 2014 (r44370) @@ -649,7 +649,7 @@ ifconfig_fxp0="inet 10.1.1.1/8"If the NIC is supported, determine the name of the &os; driver for the NIC. Refer to /usr/src/sys/conf/NOTES and - /usr/src/sys/arch/conf/NOTES + /usr/src/sys/arch/conf/NOTES for the list of NIC drivers with some information about the supported chipsets. When in doubt, read the manual page of the driver as it will provide more @@ -698,7 +698,7 @@ dc1: [ITHREAD] Alternatively, statically compile support for the NIC into a custom kernel. Refer to /usr/src/sys/conf/NOTES, - /usr/src/sys/arch/conf/NOTES and the + /usr/src/sys/arch/conf/NOTES and the manual page of the driver to determine which line to add to the custom kernel configuration file. For more information about recompiling the kernel, refer to @@ -785,14 +785,14 @@ linuxemu/chapter.xml --> root, use &man.ndisgen.8;: - &prompt.root; ndisgen /path/to/W32DRIVER.INF /path/to/W32DRIVER.SYS + &prompt.root; ndisgen /path/to/W32DRIVER.INF /path/to/W32DRIVER.SYS This command is interactive and prompts for any extra information it requires. A new kernel module will be generated in the current directory. Use &man.kldload.8; to load the new module: - &prompt.root; kldload ./W32DRIVER_SYS.ko + &prompt.root; kldload ./W32DRIVER_SYS.ko In addition to the generated kernel module, the ndis.ko and @@ -995,8 +995,8 @@ ifconfig_dc1="inet 10.0.0.1 netmask 255. access to the Internet is needed, manually configure the default gateway and the nameserver: - &prompt.root; echo 'defaultrouter="your_default_router"' >> /etc/rc.conf -&prompt.root; echo 'nameserver your_DNS_server' >> /etc/resolv.conf + &prompt.root; echo 'defaultrouter="your_default_router"' >> /etc/rc.conf +&prompt.root; echo 'nameserver your_DNS_server' >> /etc/resolv.conf @@ -1151,7 +1151,7 @@ round-trip min/avg/max/stddev = 0.700/0. ifconfig_fxp0_alias0="inet xxx.xxx.xxx.xxx netmask xxx.xxx.xxx.xxx" Alias entries must start with - alias0 using a + alias0 using a sequential number such as alias0, alias1, and so on. The configuration process will stop at the first @@ -2729,7 +2729,7 @@ kern.maxvnodes: 100000 Use &man.swapon.8; to add a swap partition to the system. For example: - &prompt.root; swapon /dev/ada1s1b + &prompt.root; swapon /dev/ada1s1b It is possible to use any partition not currently @@ -3065,7 +3065,7 @@ kern.maxvnodes: 100000 very large. Generate a copy of the ASL by running this command: - &prompt.root; acpidump -dt > name-system.asl + &prompt.root; acpidump -dt > name-system.asl Substitute the login name for name and manufacturer/model for @@ -3427,8 +3427,8 @@ hw.acpi.s4bios: 0 Some AML versions assume the user is running &windows;. To override this, set - hw.acpi.osname="Windows - 2001" in + hw.acpi.osname="Windows + 2001" in /boot/loader.conf, using the strings in the ASL. From owner-svn-doc-all@FreeBSD.ORG Fri Mar 28 03:25:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 087513C2; Fri, 28 Mar 2014 03:25:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DD141F10; Fri, 28 Mar 2014 03:25:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2S3PC47041799; Fri, 28 Mar 2014 03:25:12 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2S3PCa0041798; Fri, 28 Mar 2014 03:25:12 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403280325.s2S3PCa0041798@svn.freebsd.org> From: Warren Block Date: Fri, 28 Mar 2014 03:25:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44371 - head/en_US.ISO8859-1/books/handbook/kernelconfig X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Mar 2014 03:25:13 -0000 Author: wblock Date: Fri Mar 28 03:25:12 2014 New Revision: 44371 URL: http://svnweb.freebsd.org/changeset/doc/44371 Log: Recover lost tags. Modified: head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Fri Mar 28 03:20:19 2014 (r44370) +++ head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Fri Mar 28 03:25:12 2014 (r44371) @@ -271,10 +271,10 @@ ath_hal(4) - Atheros Hardw the GENERIC configuration file for the amd64 architecture: - &prompt.root; cd /usr/src/sys/amd64/conf -&prompt.root; cp GENERIC MYKERNEL + &prompt.root; cd /usr/src/sys/amd64/conf +&prompt.root; cp GENERIC MYKERNEL - The configuration file MYKERNEL can now + The configuration file MYKERNEL can now be customized with any ASCII text editor. The default editor is vi, though an easier editor for beginners, called ee, is also @@ -374,7 +374,7 @@ This is outdated and specific to one arc This is the identification of the kernel. Change this to the new kernel name, such as - MYKERNEL. + MYKERNEL. The value in the ident string will print when the kernel boots. @@ -1289,7 +1289,7 @@ device fwe # Ethernet loader. This can be accessed when the system boot menu appears by selecting the Escape to a loader prompt option. At the prompt, type - boot kernel.old, or the name of any + boot kernel.old, or the name of any other kernel that is known to boot properly. After booting with a good kernel, check over the @@ -1310,8 +1310,8 @@ device fwe # Ethernet As soon as possible, move the working kernel by renaming the directory containing the good kernel: - &prompt.root; mv /boot/kernel /boot/kernel.bad -&prompt.root; mv /boot/kernel.good /boot/kernel + &prompt.root; mv /boot/kernel /boot/kernel.bad +&prompt.root; mv /boot/kernel.good /boot/kernel From owner-svn-doc-all@FreeBSD.ORG Fri Mar 28 03:38:48 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2DC26882; Fri, 28 Mar 2014 03:38:48 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1A90CFF9; Fri, 28 Mar 2014 03:38:48 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2S3clgX046139; Fri, 28 Mar 2014 03:38:47 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2S3cl0Y046138; Fri, 28 Mar 2014 03:38:47 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403280338.s2S3cl0Y046138@svn.freebsd.org> From: Warren Block Date: Fri, 28 Mar 2014 03:38:47 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44372 - head/en_US.ISO8859-1/books/handbook/firewalls X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Mar 2014 03:38:48 -0000 Author: wblock Date: Fri Mar 28 03:38:47 2014 New Revision: 44372 URL: http://svnweb.freebsd.org/changeset/doc/44372 Log: Recover lost tags. Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Fri Mar 28 03:25:12 2014 (r44371) +++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Fri Mar 28 03:38:47 2014 (r44372) @@ -1702,7 +1702,7 @@ options IPDIVERT # enables NAT - filename: full path of the file + filename: full path of the file containing the firewall ruleset. @@ -2501,7 +2501,7 @@ good_tcpo="22,25,37,53,80,443,110"To zero the counters for just the rule with number NUM: - &prompt.root; ipfw zero NUM + &prompt.root; ipfw zero NUM Logging Firewall Messages From owner-svn-doc-all@FreeBSD.ORG Fri Mar 28 13:23:26 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CA4769AF; Fri, 28 Mar 2014 13:23:26 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B64BBC2A; Fri, 28 Mar 2014 13:23:26 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2SDNQOQ086043; Fri, 28 Mar 2014 13:23:26 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2SDNQT1086042; Fri, 28 Mar 2014 13:23:26 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403281323.s2SDNQT1086042@svn.freebsd.org> From: Warren Block Date: Fri, 28 Mar 2014 13:23:26 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44373 - head/en_US.ISO8859-1/books/handbook/kernelconfig X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Mar 2014 13:23:26 -0000 Author: wblock Date: Fri Mar 28 13:23:26 2014 New Revision: 44373 URL: http://svnweb.freebsd.org/changeset/doc/44373 Log: Remove an unnecessary anchor element, moving the kernelconfig-noboot ID into a more appropriate tag. This avoids fop PDF build errors. Modified: head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Fri Mar 28 03:38:47 2014 (r44372) +++ head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Fri Mar 28 13:23:26 2014 (r44373) @@ -1277,9 +1277,8 @@ device fwe # Ethernet - - The kernel does not boot + + The kernel does not boot If the new kernel does not boot or fails to recognize From owner-svn-doc-all@FreeBSD.ORG Fri Mar 28 15:55:53 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7C5F037F; Fri, 28 Mar 2014 15:55:53 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6763CD18; Fri, 28 Mar 2014 15:55:53 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2SFtr2x048272; Fri, 28 Mar 2014 15:55:53 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2SFtrAc048271; Fri, 28 Mar 2014 15:55:53 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403281555.s2SFtrAc048271@svn.freebsd.org> From: Dru Lavigne Date: Fri, 28 Mar 2014 15:55:53 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44374 - head/en_US.ISO8859-1/books/handbook/mac X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Mar 2014 15:55:53 -0000 Author: dru Date: Fri Mar 28 15:55:53 2014 New Revision: 44374 URL: http://svnweb.freebsd.org/changeset/doc/44374 Log: Editorial review of Available MAC Policies. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mac/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Fri Mar 28 13:23:26 2014 (r44373) +++ head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Fri Mar 28 15:55:53 2014 (r44374) @@ -552,13 +552,10 @@ test: biba/high Planning the Security Configuration - Whenever a new technology is implemented, a planning phase + Before implementing any MAC policies, a planning phase is recommended. During the planning stages, an administrator - should consider the implementation requirements and the - implementation goals. - - For MAC installations, these - include: + should consider the implementation requirements and + goals, such as: @@ -573,29 +570,19 @@ test: biba/high - Which MAC module or modules will be + Which MAC modules will be required to achieve this goal. - Good planning helps to ensure a trouble-free and efficient - trusted system implementation. A trial run of the trusted + A trial run of the trusted system and its configuration should occur before a MAC - implementation is used on production systems. The idea of - just letting loose on a system with MAC is - like setting up for failure. - - Different environments have different needs and - requirements. Establishing an in depth and complete security + implementation is used on production systems. Since different + environments have different needs and + requirements, establishing a complete security profile will decrease the need of changes once the system - goes live. The rest of this chapter covers the available - modules, describes their use and configuration, and in some - cases, provides insight on applicable situations. For instance, - a web server might use the &man.mac.biba.4; and - &man.mac.bsdextended.4; policies. In the case of a machine - with few local users, &man.mac.partition.4; might be a good - choice. + goes live. Consider how the MAC framework augments the security of @@ -624,8 +611,8 @@ test: biba/high user will not be permitted to change security attributes at will. All user utilities, programs, and scripts must work within the constraints of the access rules provided by the - selected security policy modules and total control of the - MAC access rules are in the hands of the + selected security policy modules and control of the + MAC access rules is in the hands of the system administrator. It is the duty of the system administrator to @@ -659,47 +646,37 @@ test: biba/high framework will help administrators choose the best policies for their situations. + The rest of this chapter covers the available + modules, describes their use and configuration, and in some + cases, provides insight on applicable situations. + Implementing MAC is much like - implementing a firewall, care must be taken to prevent being + implementing a firewall since care must be taken to prevent being completely locked out of the system. The ability to revert back to a previous configuration should be considered and the - implementation of MAC remotely should be + implementation of MAC over a remote connection should be done with extreme caution. - - Module Configuration + + Available MAC Policies Beginning with &os; 8.0, the default &os; kernel includes options MAC. This means that every module included with the MAC - framework may be loaded as a run-time kernel module. The - recommended method is to add the module name to + framework can be loaded with kldload as a run-time kernel module. + After testing the module, add the module name to /boot/loader.conf so that it will load during boot. Each module also provides a kernel option for those administrators who choose to compile their own custom kernel. - Some modules support the use of labeling, which is - controlling access by enforcing a label such as this is - allowed and this is not. A label configuration file may - control how files may be accessed, network communication can be - exchanged, and more. The previous section showed how the - flag could be set on file systems to - enable per-file or per-partition access control. - - A single label configuration enforces only one label - across the system, that is why the tunefs - option is called . - - - - Available MAC Policies - &os; includes a group of policies that will cover most - security requirements. Each policy is discussed below. + security requirements. Each policy is summarized below. The + last three policies support integer settings in place of the + three default labels. The MAC See Other UIDs Policy @@ -716,21 +693,21 @@ test: biba/high Boot option: mac_seeotheruids_load="YES" - The &man.mac.seeotheruids.4; module mimics and extends + The &man.mac.seeotheruids.4; module extends the security.bsd.see_other_uids and security.bsd.see_other_gids sysctl tunables. This option does not require any labels to be set before configuration and can - operate transparently with the other modules. + operate transparently with other modules. After loading the module, the following - sysctl tunables may be used to control the + sysctl tunables may be used to control its features: security.mac.seeotheruids.enabled - enables the module and uses the default settings which + enables the module and implements the default settings which deny users the ability to view processes and sockets owned by other users. @@ -738,10 +715,10 @@ test: biba/high security.mac.seeotheruids.specificgid_enabled - allows certain groups to be exempt from this policy. To - exempt specific groups from this policy, use the + allows specified groups to be exempt from this policy. To + exempt specific groups, use the security.mac.seeotheruids.specificgid=XXX - sysctl tunable. Replace + sysctl tunable, replacing XXX with the numeric group ID to be exempted. @@ -773,15 +750,15 @@ test: biba/high Boot option: mac_bsdextended_load="YES" - The &man.mac.bsdextended.4; module enforces the file - system firewall. This module's policy provides an extension + The &man.mac.bsdextended.4; module enforces a file + system firewall. It provides an extension to the standard file system permissions model, permitting an administrator to create a firewall-like ruleset to protect files, utilities, and directories in the file system hierarchy. When access to a file system object is attempted, the list of rules is iterated until either a matching rule is located or the end is reached. This behavior may be changed - by the use of a &man.sysctl.8; parameter, + using security.mac.bsdextended.firstmatch_enabled. Similar to other firewall modules in &os;, a file containing the access control rules can be created and read by the system @@ -792,13 +769,6 @@ test: biba/high written by using the functions in the &man.libugidfw.3; library. - Extreme caution should be taken when working with this - module as incorrect use could block access to certain parts of - the file system. - - - Examples - After the &man.mac.bsdextended.4; module has been loaded, the following command may be used to list the current rule configuration: @@ -807,17 +777,15 @@ test: biba/high 0 slots, 0 rules By default, no rules are defined and everything is - completely accessible. To create a rule which will block - all access by users but leave root unaffected, run the - following command: + completely accessible. To create a rule which blocks + all access by users but leaves root unaffected: &prompt.root; ugidfw add subject not uid root new object not uid root mode n - This is a very bad idea as it will block all users from - issuing even the most simple commands, such as - ls. The next example will block - user1 any and all + While this rule is simple to implement, it is a very bad idea as it blocks all users from + issuing any commands. A more realistic example blocks + user1 all access, including directory listings, to user2's home directory: @@ -828,17 +796,15 @@ test: biba/high Instead of user1, could be - used. This enforces the same access restrictions for all - users instead of just one user. + used in order to enforce the same access restrictions for all + users. However, the root + user is unaffected by these rules. - The root - user is unaffected by these changes. - - - For more information, refer to &man.mac.bsdextended.4; - and &man.ugidfw.8; - + Extreme caution should be taken when working with this + module as incorrect use could block access to certain parts of + the file system. + @@ -855,26 +821,26 @@ test: biba/high Boot option: mac_ifoff_load="YES" - The &man.mac.ifoff.4; module exists solely to disable - network interfaces on the fly and keep network interfaces from - being brought up during system boot. It does not require any - labels to be set up on the system, nor does it depend on other + The &man.mac.ifoff.4; module is used to disable + network interfaces on the fly and to keep network interfaces from + being brought up during system boot. It does not use + labels and does not depend on any other MAC modules. - Most of this module's control is performed through the - sysctl tunables listed below. + Most of this module's control is performed through these + sysctl tunables: security.mac.ifoff.lo_enabled - enables or disables all traffic on the loopback - (&man.lo.4;) interface. + enables or disables all traffic on the loopback, + &man.lo.4;, interface. security.mac.ifoff.bpfrecv_enabled enables or disables all traffic on the Berkeley Packet - Filter interface (&man.bpf.4;) + Filter interface, &man.bpf.4;. @@ -887,7 +853,7 @@ test: biba/high One of the most common uses of &man.mac.ifoff.4; is network monitoring in an environment where network traffic should not be permitted during the boot sequence. Another - suggested use would be to write a script which uses + use would be to write a script which uses an application such as security/aide to automatically block network traffic if it finds new or altered files in protected directories. @@ -908,9 +874,8 @@ test: biba/high mac_portacl_load="YES" The &man.mac.portacl.4; module is used to limit binding to - local TCP and UDP ports - using a variety of sysctl variables. - &man.mac.portacl.4; makes it possible to allow non-TCP and UDP ports, + making it possible to allow non-root users to bind to specified privileged ports below 1024. @@ -939,76 +904,54 @@ test: biba/high security.mac.portacl.rules - specifies the mac_portacl policy, which is a text string - of the form: rule[,rule,...] with as - many rules as needed. Each rule is of the form: + specifies the policy as a text string + of the form rule[,rule,...], with as + many rules as needed, and where each rule is of the form idtype:id:protocol:port. The - idtype parameter can be - uid or gid and is - used to interpret the id parameter - as either a user id or group id, respectively. The - protocol parameter is used to - determine if the rule should apply to - TCP or UDP by - setting the parameter to tcp or - udp. The final + idtype is either + uid or gid. The + protocol parameter can be + tcp or + udp. The port parameter is the port number - to allow the specified user or group to bind to. + to allow the specified user or group to bind to. Only + numeric values can be used for the user ID, group ID, + and port parameters. - - Since the ruleset is interpreted directly by the kernel, - only numeric values can be used for the user ID, group ID, - and port parameters. Names cannot be used for users, - groups, or services. - - - By default, ports below 1024 can only be used by or bound - to privileged processes, which run as By default, ports below 1024 can only be used by + privileged processes which run as root. For &man.mac.portacl.4; to allow non-privileged processes to bind to ports below 1024, - this restriction has to be disabled by setting the - &man.sysctl.8; variables - net.inet.ip.portrange.reservedlow and - net.inet.ip.portrange.reservedhigh to - zero: + set the following tunables as + follows: &prompt.root; sysctl security.mac.portacl.port_high=1023 -&prompt.root; sysctl net.inet.ip.portrange.reservedlow=0 -net.inet.ip.portrange.reservedhigh=0 - - See the examples below or refer to &man.mac.portacl.4; for - further information. - - - Examples +&prompt.root; sysctl net.inet.ip.portrange.reservedlow=0 +&prompt.root; sysctl net.inet.ip.portrange.reservedhigh=0 - Since the root - user should not be crippled by this policy, this example - starts by setting the + To prevent the root + user from being affected by this policy, set security.mac.portacl.suser_exempt to a non-zero value. &prompt.root; sysctl security.mac.portacl.suser_exempt=1 - Next, allow the user with UID 80 - to bind to port 80. This allows the www user to run a web server - without ever having root privilege. + To allow the www user with UID 80 + to bind to port 80 + without ever needing root privilege: &prompt.root; sysctl security.mac.portacl.rules=uid:80:tcp:80 - The next example permits the user with the - UID of 1001 to bind to the - TCP ports 110 (pop3) and - 995 (pop3s). This permits this user to start - a server that accepts connections on ports 110 and - 995. + This next example permits the user with the + UID of 1001 to bind to + TCP ports 110 (POP3) and + 995 (POP3s): &prompt.root; sysctl security.mac.portacl.rules=uid:1001:tcp:110,uid:1001:tcp:995 - @@ -1025,13 +968,9 @@ net.inet.ip.portrange.reservedhigh=0Boot option: mac_partition_load="YES" - The &man.mac.partition.4; policy will drop processes into + The &man.mac.partition.4; policy drops processes into specific partitions based on their - MAC label. This module should be added to - &man.loader.conf.5; so that it loads and enables the policy - at system boot. - - Most configuration for this policy is done using + MAC label. Most configuration for this policy is done using &man.setpmac.8;. One sysctl tunable is available for this policy: @@ -1051,26 +990,20 @@ net.inet.ip.portrange.reservedhigh=0top as well as many other commands that must spawn a process. - To set or drop utilities into a partition label, use the - setpmac utility: - - &prompt.root; setpmac partition/13 top - This example adds top to the label set on users in the insecure class. All processes spawned by users in the insecure class will stay in the partition/13 label. - - Examples + &prompt.root; setpmac partition/13 top - The following command will display the partition label + This command displays the partition label and the process list: &prompt.root; ps Zax - This command will display another user's process + This command displays another user's process partition label and that user's currently running processes: @@ -1081,19 +1014,6 @@ net.inet.ip.portrange.reservedhigh=0root's label unless the &man.mac.seeotheruids.4; policy is loaded. - - A really crafty implementation could have all of the - services disabled in /etc/rc.conf and - started by a script that starts them with the proper - labeling set. - - - The following policies support integer settings - in place of the three default labels offered. These - options, including their limitations, are further - explained in the module manual pages. - - @@ -1116,37 +1036,32 @@ net.inet.ip.portrange.reservedhigh=0In MLS environments, a clearance level is set in the label of each subject or object, along with compartments. Since these - clearance or sensibility levels can reach numbers greater than - several thousand; it would be a daunting task for any system - administrator to thoroughly configure each subject or object. - Thankfully, three instant labels are included - in this policy. - - These labels are mls/low, - mls/equal and mls/high. - Since these labels are described in depth in the manual page, - they will only get a brief description here: + clearance levels can reach numbers greater than + several thousand, it would be a daunting task + to thoroughly configure every subject or object. + To ease this administrative overhead, three labels are included + in this policy: mls/low, + mls/equal and mls/high, + where: - The mls/low label contains a low - configuration which permits it to be dominated by all - other objects. Anything labeled with + Anything labeled with mls/low will have a low clearance level and not be permitted to access information of a higher level. This label also prevents objects of a higher - clearance level from writing or passing information on to - them. + clearance level from writing or passing information to a + lower level. - The mls/equal label should be - placed on objects considered to be exempt from the + mls/equal should be + placed on objects which should be exempt from the policy. - The mls/high label is the highest + mls/high is the highest level of clearance possible. Objects assigned this label will hold dominance over all other objects in the system; however, they will not permit the leaking of information @@ -1158,8 +1073,8 @@ net.inet.ip.portrange.reservedhigh=0 - A hierarchical security level with a set of non - hierarchical categories. + A hierarchical security level with a set of + non-hierarchical categories. @@ -1167,7 +1082,7 @@ net.inet.ip.portrange.reservedhigh=0. This means that a subject can have read access to objects on its own level or below, but not above. Similarly, a subject can have write access to - objects on its own level or above but not beneath. + objects on its own level or above, but not beneath. @@ -1183,8 +1098,7 @@ net.inet.ip.portrange.reservedhigh=0 The following sysctl tunables are - available for the configuration of special services and - interfaces: + available: @@ -1212,32 +1126,27 @@ net.inet.ip.portrange.reservedhigh=0 - To manipulate the MLS labels, use - &man.setfmac.8;. To assign a label to an object, issue the - following command: + To manipulate MLS labels, use + &man.setfmac.8;. To assign a label to an object: &prompt.root; setfmac mls/5 test To get the MLS label for the file - test, issue the following command: + test: &prompt.root; getfmac test Another approach is to create a master policy file in /etc/ which specifies the MLS policy information and to feed that - file to setfmac. This method will be - explained after all policies are covered. - - - Planning Mandatory Sensitivity + file to setfmac. - When using the MLS policy module, an administrator plans + When using the MLS policy module, an administrator plans to control the flow of sensitive information. The default block read up block write down sets everything to a low state. Everything is accessible and an administrator slowly augments the confidentiality of the - information during the configuration stage;. + information. Beyond the three basic label options, an administrator may group users and groups as required to block the @@ -1248,14 +1157,13 @@ net.inet.ip.portrange.reservedhigh=0Top Secret. Some administrators instead create different groups based on project levels. Regardless of the classification method, a well thought out - plan must exist before implementing such a restrictive + plan must exist before implementing a restrictive policy. - Some example situations for the MLS policy module + Some example situations for the MLS policy module include an e-commerce web server, a file server holding critical company information, and financial institution environments. - @@ -1277,36 +1185,35 @@ net.inet.ip.portrange.reservedhigh=0MLS policy prevents the upward flow of - sensitive information. Much of this section can apply to both - policies. + sensitive information. In Biba environments, an integrity label is set on each subject or object. These labels are made up of - hierarchical grades and non-hierarchical components. As an + hierarchical grades and non-hierarchical components. As a grade ascends, so does its integrity. Supported labels are biba/low, biba/equal, and - biba/high; as explained below: + biba/high, where: - The biba/low label is considered + biba/low is considered the lowest integrity an object or subject may have. - Setting this on objects or subjects will block their write - access to objects or subjects marked high. They still - have read access though. + Setting this on objects or subjects blocks their write + access to objects or subjects marked as biba/high, but will not prevent + read access. - The biba/equal label should only be + biba/equal should only be placed on objects considered to be exempt from the policy. - The biba/high label will permit - writing to objects set at a lower label, but not permit + biba/high permits + writing to objects set at a lower label, but does not permit reading that object. It is recommended that this label be placed on objects that affect the integrity of the entire system. @@ -1317,8 +1224,8 @@ net.inet.ip.portrange.reservedhigh=0 - Hierarchical integrity level with a set of non - hierarchical integrity categories. + Hierarchical integrity levels with a set of + non-hierarchical integrity categories. @@ -1336,12 +1243,12 @@ net.inet.ip.portrange.reservedhigh=0 - Integrity levels instead of MLS sensitivity + Integrity levels instead of MLS sensitivity levels. - The following sysctl tunables can be + The following tunables can be used to manipulate the Biba policy: @@ -1372,26 +1279,20 @@ net.inet.ip.portrange.reservedhigh=0getfmac test test: biba/low - - Planning Mandatory Integrity - - Integrity, which is different from sensitivity, - guarantees that the information will never be manipulated by + Integrity, which is different from sensitivity, is used to + guarantee that information is not manipulated by untrusted parties. This includes information passed between - subjects, objects, and both. It ensures that users will - only be able to modify or access information they explicitly - need to. - - The &man.mac.biba.4; security policy module permits an - administrator to address which files and programs a user may + subjects and objects. It ensures that users will + only be able to modify or access information they have been given explicit + access to. The &man.mac.biba.4; security policy module permits an + administrator to configure which files and programs a user may see and invoke while assuring that the programs and files - are free from threats and trusted by the system for that + are trusted by the system for that user. During the initial planning phase, an administrator must be prepared to partition users into grades, levels, and - areas. Users will be blocked access not only to data but to - programs and utilities both before and after they start. + areas. The system will default to a high label once this policy module is enabled, and it is up to the administrator to configure the different grades and levels for users. @@ -1405,7 +1306,7 @@ test: biba/low A lower integrity subject is unable to write to a higher integrity subject and a higher integrity subject cannot - observe or read a lower integrity object. Setting a label + list or read a lower integrity object. Setting a label at the lowest possible grade could make it inaccessible to subjects. Some prospective environments for this security policy module would include a constrained web server, a @@ -1413,11 +1314,10 @@ test: biba/low A less useful implementation would be a personal workstation, a machine used as a router, or a network firewall. - - The MAC LOMAC Module + The MAC Low-watermark Module MAC LOMAC @@ -1435,38 +1335,34 @@ test: biba/low objects only after decreasing the integrity level to not disrupt any integrity rules. - The MAC version of the Low-watermark - integrity policy works almost identically to Biba, but with + The Low-watermark + integrity policy works almost identically to Biba, with the exception of using floating labels to support subject demotion via an auxiliary grade compartment. This secondary compartment takes the form [auxgrade]. - When assigning a LOMAC policy with an auxiliary grade, use the - syntax lomac/10[2] where the number two - (2) is the auxiliary grade. + When assigning a policy with an auxiliary grade, use the + syntax lomac/10[2], where + 2 is the auxiliary grade. - The MAC LOMAC policy relies on the + This policy relies on the ubiquitous labeling of all system objects with integrity labels, permitting subjects to read from low integrity objects and then downgrading the label on the subject to prevent future writes to high integrity objects using - [auxgrade]. The policy may provide for + [auxgrade]. The policy may provide greater compatibility and require less initial configuration than Biba. - - Examples - Like the Biba and MLS policies, setfmac and setpmac are used to place labels on system objects: &prompt.root; setfmac /usr/home/trhodes lomac/high[low] -&prompt.root; getfmac /usr/home/trhodes lomac/high[low] +&prompt.root; getfmac /usr/home/trhodes lomac/high[low] The auxiliary grade low is a feature - provided only by the MAC LOMAC + provided only by the MAC LOMAC policy. - From owner-svn-doc-all@FreeBSD.ORG Fri Mar 28 16:58:45 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DCCF9F9C; Fri, 28 Mar 2014 16:58:45 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C86EB67B; Fri, 28 Mar 2014 16:58:45 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2SGwjtc073549; Fri, 28 Mar 2014 16:58:45 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2SGwj5L073548; Fri, 28 Mar 2014 16:58:45 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403281658.s2SGwj5L073548@svn.freebsd.org> From: Dru Lavigne Date: Fri, 28 Mar 2014 16:58:45 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44375 - head/en_US.ISO8859-1/books/handbook/mac X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Mar 2014 16:58:45 -0000 Author: dru Date: Fri Mar 28 16:58:45 2014 New Revision: 44375 URL: http://svnweb.freebsd.org/changeset/doc/44375 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mac/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Fri Mar 28 15:55:53 2014 (r44374) +++ head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Fri Mar 28 16:58:45 2014 (r44375) @@ -552,10 +552,10 @@ test: biba/high Planning the Security Configuration - Before implementing any MAC policies, a planning phase - is recommended. During the planning stages, an administrator - should consider the implementation requirements and - goals, such as: + Before implementing any MAC policies, a + planning phase is recommended. During the planning stages, an + administrator should consider the implementation requirements + and goals, such as: @@ -570,32 +570,30 @@ test: biba/high - Which MAC modules will be - required to achieve this goal. + Which MAC modules will be required to + achieve this goal. - A trial run of the trusted - system and its configuration should occur - before a MAC - implementation is used on production systems. Since different - environments have different needs and - requirements, establishing a complete security - profile will decrease the need of changes once the system - goes live. - - Consider how the - MAC framework augments the security of - the system as a whole. The various security policy modules - provided by the MAC framework could be used - to protect the network and file systems or to block users from - accessing certain ports and sockets. Perhaps the best use of - the policy modules is to load several security policy modules at - a time in order to provide a MLS environment. - This approach differs from a hardening policy, which typically - hardens elements of a system which are used only for specific - purposes. The downside to MLS is increased - administrative overhead. + A trial run of the trusted system and its configuration + should occur before a + MAC implementation is used on production + systems. Since different environments have different needs and + requirements, establishing a complete security profile will + decrease the need of changes once the system goes live. + + Consider how the MAC framework augments + the security of the system as a whole. The various security + policy modules provided by the MAC framework + could be used to protect the network and file systems or to + block users from accessing certain ports and sockets. Perhaps + the best use of the policy modules is to load several security + policy modules at a time in order to provide a + MLS environment. This approach differs from + a hardening policy, which typically hardens elements of a system + which are used only for specific purposes. The downside to + MLS is increased administrative + overhead. The overhead is minimal when compared to the lasting effect of a framework which provides the ability to pick and choose @@ -615,10 +613,10 @@ test: biba/high MAC access rules is in the hands of the system administrator. - It is the duty of the system administrator to - carefully select the correct security policy modules. For an - environment that needs to limit access control over the network, - the &man.mac.portacl.4;, &man.mac.ifoff.4;, and &man.mac.biba.4; + It is the duty of the system administrator to carefully + select the correct security policy modules. For an environment + that needs to limit access control over the network, the + &man.mac.portacl.4;, &man.mac.ifoff.4;, and &man.mac.biba.4; policy modules make good starting points. For an environment where strict confidentiality of file system objects is required, consider the &man.mac.bsdextended.4; and &man.mac.mls.4; policy @@ -646,17 +644,17 @@ test: biba/high framework will help administrators choose the best policies for their situations. - The rest of this chapter covers the available - modules, describes their use and configuration, and in some - cases, provides insight on applicable situations. + The rest of this chapter covers the available modules, + describes their use and configuration, and in some cases, + provides insight on applicable situations. Implementing MAC is much like - implementing a firewall since care must be taken to prevent being - completely locked out of the system. The ability to revert - back to a previous configuration should be considered and the - implementation of MAC over a remote connection should be - done with extreme caution. + implementing a firewall since care must be taken to prevent + being completely locked out of the system. The ability to + revert back to a previous configuration should be considered + and the implementation of MAC over a remote + connection should be done with extreme caution. @@ -664,14 +662,14 @@ test: biba/high Available MAC Policies Beginning with &os; 8.0, the default &os; kernel - includes options MAC. This means that - every module included with the MAC - framework can be loaded with kldload as a run-time kernel module. - After testing the module, add the module name to + includes options MAC. This means that every + module included with the MAC framework can be + loaded with kldload as a run-time kernel + module. After testing the module, add the module name to /boot/loader.conf so that it will load - during boot. Each module also provides a kernel option - for those administrators who choose to compile their own - custom kernel. + during boot. Each module also provides a kernel option for + those administrators who choose to compile their own custom + kernel. &os; includes a group of policies that will cover most security requirements. Each policy is summarized below. The @@ -693,8 +691,8 @@ test: biba/high Boot option: mac_seeotheruids_load="YES" - The &man.mac.seeotheruids.4; module extends - the security.bsd.see_other_uids and + The &man.mac.seeotheruids.4; module extends the + security.bsd.see_other_uids and security.bsd.see_other_gids sysctl tunables. This option does not require any labels to be set before configuration and can @@ -707,9 +705,9 @@ test: biba/high security.mac.seeotheruids.enabled - enables the module and implements the default settings which - deny users the ability to view processes and sockets owned - by other users. + enables the module and implements the default settings + which deny users the ability to view processes and sockets + owned by other users. @@ -750,15 +748,14 @@ test: biba/high Boot option: mac_bsdextended_load="YES" - The &man.mac.bsdextended.4; module enforces a file - system firewall. It provides an extension - to the standard file system permissions model, permitting an - administrator to create a firewall-like ruleset to protect - files, utilities, and directories in the file system - hierarchy. When access to a file system object is attempted, - the list of rules is iterated until either a matching rule is - located or the end is reached. This behavior may be changed - using + The &man.mac.bsdextended.4; module enforces a file system + firewall. It provides an extension to the standard file + system permissions model, permitting an administrator to + create a firewall-like ruleset to protect files, utilities, + and directories in the file system hierarchy. When access to + a file system object is attempted, the list of rules is + iterated until either a matching rule is located or the end is + reached. This behavior may be changed using security.mac.bsdextended.firstmatch_enabled. Similar to other firewall modules in &os;, a file containing the access control rules can be created and read by the system @@ -769,41 +766,43 @@ test: biba/high written by using the functions in the &man.libugidfw.3; library. - After the &man.mac.bsdextended.4; module has been - loaded, the following command may be used to list the - current rule configuration: + After the &man.mac.bsdextended.4; module has been loaded, + the following command may be used to list the current rule + configuration: - &prompt.root; ugidfw list + &prompt.root; ugidfw list 0 slots, 0 rules - By default, no rules are defined and everything is - completely accessible. To create a rule which blocks - all access by users but leaves root unaffected: - - &prompt.root; ugidfw add subject not uid root new object not uid root mode n - - While this rule is simple to implement, it is a very bad idea as it blocks all users from - issuing any commands. A more realistic example blocks - user1 all - access, including directory listings, to user2's - home directory: + By default, no rules are defined and everything is + completely accessible. To create a rule which blocks all + access by users but leaves root unaffected: + + &prompt.root; ugidfw add subject not uid root new object not uid root mode n + + While this rule is simple to implement, it is a very bad + idea as it blocks all users from issuing any commands. A + more realistic example blocks user1 all access, including + directory listings, to user2's + home directory: &prompt.root; ugidfw set 2 subject uid user1 object uid user2 mode n &prompt.root; ugidfw set 3 subject uid user1 object gid user2 mode n - Instead of user1, could be - used in order to enforce the same access restrictions for all - users. However, the root - user is unaffected by these rules. - - - Extreme caution should be taken when working with this - module as incorrect use could block access to certain parts of - the file system. + Instead of user1, could be used + in order to enforce the same access restrictions for all + users. However, the root user is unaffected by + these rules. + + + Extreme caution should be taken when working with this + module as incorrect use could block access to certain + parts of the file system. @@ -821,10 +820,10 @@ test: biba/high Boot option: mac_ifoff_load="YES" - The &man.mac.ifoff.4; module is used to disable - network interfaces on the fly and to keep network interfaces from - being brought up during system boot. It does not use - labels and does not depend on any other + The &man.mac.ifoff.4; module is used to disable network + interfaces on the fly and to keep network interfaces from + being brought up during system boot. It does not use labels + and does not depend on any other MAC modules. Most of this module's control is performed through these @@ -853,8 +852,8 @@ test: biba/high One of the most common uses of &man.mac.ifoff.4; is network monitoring in an environment where network traffic should not be permitted during the boot sequence. Another - use would be to write a script which uses an application such as - security/aide to automatically block + use would be to write a script which uses an application such + as security/aide to automatically block network traffic if it finds new or altered files in protected directories. @@ -904,19 +903,18 @@ test: biba/high security.mac.portacl.rules - specifies the policy as a text string - of the form rule[,rule,...], with as - many rules as needed, and where each rule is of the form + specifies the policy as a text string of the form + rule[,rule,...], with as many rules as + needed, and where each rule is of the form idtype:id:protocol:port. The idtype is either uid or gid. The protocol parameter can be - tcp or - udp. The + tcp or udp. The port parameter is the port number to allow the specified user or group to bind to. Only numeric values can be used for the user ID, group ID, - and port parameters. + and port parameters. @@ -931,27 +929,27 @@ test: biba/high &prompt.root; sysctl net.inet.ip.portrange.reservedlow=0 &prompt.root; sysctl net.inet.ip.portrange.reservedhigh=0 - To prevent the root - user from being affected by this policy, set - security.mac.portacl.suser_exempt to a - non-zero value. - - &prompt.root; sysctl security.mac.portacl.suser_exempt=1 - - To allow the www user with UID 80 - to bind to port 80 - without ever needing root privilege: - - &prompt.root; sysctl security.mac.portacl.rules=uid:80:tcp:80 - - This next example permits the user with the - UID of 1001 to bind to - TCP ports 110 (POP3) and - 995 (POP3s): + To prevent the root user from being affected + by this policy, set + security.mac.portacl.suser_exempt to a + non-zero value. + + &prompt.root; sysctl security.mac.portacl.suser_exempt=1 + + To allow the www + user with UID 80 to bind to port 80 + without ever needing root privilege: + + &prompt.root; sysctl security.mac.portacl.rules=uid:80:tcp:80 + + This next example permits the user with the + UID of 1001 to bind to + TCP ports 110 (POP3) and 995 + (POP3s): - &prompt.root; sysctl security.mac.portacl.rules=uid:1001:tcp:110,uid:1001:tcp:995 + &prompt.root; sysctl security.mac.portacl.rules=uid:1001:tcp:110,uid:1001:tcp:995 @@ -970,9 +968,10 @@ test: biba/high The &man.mac.partition.4; policy drops processes into specific partitions based on their - MAC label. Most configuration for this policy is done using - &man.setpmac.8;. One sysctl tunable is - available for this policy: + MAC label. Most configuration for this + policy is done using &man.setpmac.8;. One + sysctl tunable is available for this + policy: @@ -998,22 +997,21 @@ test: biba/high &prompt.root; setpmac partition/13 top - This command displays the partition label - and the process list: + This command displays the partition label and the process + list: + + &prompt.root; ps Zax + + This command displays another user's process partition + label and that user's currently running processes: - &prompt.root; ps Zax + &prompt.root; ps -ZU trhodes - This command displays another user's process - partition label and that user's currently running - processes: - - &prompt.root; ps -ZU trhodes - - - Users can see processes in root's label unless the - &man.mac.seeotheruids.4; policy is loaded. - + + Users can see processes in root's label unless the + &man.mac.seeotheruids.4; policy is loaded. + @@ -1036,36 +1034,33 @@ test: biba/high In MLS environments, a clearance level is set in the label of each subject or object, along with compartments. Since these - clearance levels can reach numbers greater than - several thousand, it would be a daunting task - to thoroughly configure every subject or object. - To ease this administrative overhead, three labels are included - in this policy: mls/low, - mls/equal and mls/high, - where: + clearance levels can reach numbers greater than several + thousand, it would be a daunting task to thoroughly configure + every subject or object. To ease this administrative + overhead, three labels are included in this policy: + mls/low, mls/equal and + mls/high, where: - Anything labeled with - mls/low will have a low clearance level - and not be permitted to access information of a higher - level. This label also prevents objects of a higher - clearance level from writing or passing information to a - lower level. + Anything labeled with mls/low will + have a low clearance level and not be permitted to access + information of a higher level. This label also prevents + objects of a higher clearance level from writing or + passing information to a lower level. - mls/equal should be - placed on objects which should be exempt from the - policy. + mls/equal should be placed on + objects which should be exempt from the policy. - mls/high is the highest - level of clearance possible. Objects assigned this label - will hold dominance over all other objects in the system; - however, they will not permit the leaking of information - to objects of a lower class. + mls/high is the highest level of + clearance possible. Objects assigned this label will hold + dominance over all other objects in the system; however, + they will not permit the leaking of information to objects + of a lower class. @@ -1141,29 +1136,28 @@ test: biba/high MLS policy information and to feed that file to setfmac. - When using the MLS policy module, an administrator plans - to control the flow of sensitive information. The default - block read up block write down sets - everything to a low state. Everything is accessible and an - administrator slowly augments the confidentiality of the - information. - - Beyond the three basic label options, an administrator - may group users and groups as required to block the - information flow between them. It might be easier to look - at the information in clearance levels using descriptive - words, such as classifications of - Confidential, Secret, - and Top Secret. Some administrators - instead create different groups based on project levels. - Regardless of the classification method, a well thought out - plan must exist before implementing a restrictive - policy. - - Some example situations for the MLS policy module - include an e-commerce web server, a file server holding - critical company information, and financial institution - environments. + When using the MLS policy module, an + administrator plans to control the flow of sensitive + information. The default block read up block write + down sets everything to a low state. Everything + is accessible and an administrator slowly augments the + confidentiality of the information. + + Beyond the three basic label options, an administrator + may group users and groups as required to block the + information flow between them. It might be easier to look at + the information in clearance levels using descriptive words, + such as classifications of Confidential, + Secret, and Top Secret. + Some administrators instead create different groups based on + project levels. Regardless of the classification method, a + well thought out plan must exist before implementing a + restrictive policy. + + Some example situations for the MLS + policy module include an e-commerce web server, a file server + holding critical company information, and financial + institution environments. @@ -1198,23 +1192,22 @@ test: biba/high - biba/low is considered - the lowest integrity an object or subject may have. - Setting this on objects or subjects blocks their write - access to objects or subjects marked as biba/high, but will not prevent - read access. + biba/low is considered the lowest + integrity an object or subject may have. Setting this on + objects or subjects blocks their write access to objects + or subjects marked as biba/high, but + will not prevent read access. - biba/equal should only be - placed on objects considered to be exempt from the - policy. + biba/equal should only be placed on + objects considered to be exempt from the policy. - biba/high permits - writing to objects set at a lower label, but does not permit - reading that object. It is recommended that this label be + biba/high permits writing to + objects set at a lower label, but does not permit reading + that object. It is recommended that this label be placed on objects that affect the integrity of the entire system. @@ -1243,13 +1236,13 @@ test: biba/high - Integrity levels instead of MLS sensitivity - levels. + Integrity levels instead of MLS + sensitivity levels. - The following tunables can be - used to manipulate the Biba policy: + The following tunables can be used to manipulate the Biba + policy: @@ -1279,41 +1272,38 @@ test: biba/high &prompt.root; getfmac test test: biba/low - Integrity, which is different from sensitivity, is used to - guarantee that information is not manipulated by - untrusted parties. This includes information passed between - subjects and objects. It ensures that users will - only be able to modify or access information they have been given explicit - access to. The &man.mac.biba.4; security policy module permits an - administrator to configure which files and programs a user may - see and invoke while assuring that the programs and files - are trusted by the system for that - user. - - During the initial planning phase, an administrator must - be prepared to partition users into grades, levels, and - areas. - The system will default to a high label once this policy - module is enabled, and it is up to the administrator to - configure the different grades and levels for users. - Instead of using clearance levels, a good planning method - could include topics. For instance, only allow developers - modification access to the source code repository, source - code compiler, and other development utilities. Other users - would be grouped into other categories such as testers, - designers, or end users and would only be permitted read - access. - - A lower integrity subject is unable to write to a higher - integrity subject and a higher integrity subject cannot - list or read a lower integrity object. Setting a label - at the lowest possible grade could make it inaccessible to - subjects. Some prospective environments for this security - policy module would include a constrained web server, a - development and test machine, and a source code repository. - A less useful implementation would be a personal - workstation, a machine used as a router, or a network - firewall. + Integrity, which is different from sensitivity, is used to + guarantee that information is not manipulated by untrusted + parties. This includes information passed between subjects + and objects. It ensures that users will only be able to + modify or access information they have been given explicit + access to. The &man.mac.biba.4; security policy module + permits an administrator to configure which files and programs + a user may see and invoke while assuring that the programs and + files are trusted by the system for that user. + + During the initial planning phase, an administrator must + be prepared to partition users into grades, levels, and areas. + The system will default to a high label once this policy + module is enabled, and it is up to the administrator to + configure the different grades and levels for users. Instead + of using clearance levels, a good planning method could + include topics. For instance, only allow developers + modification access to the source code repository, source + code compiler, and other development utilities. Other users + would be grouped into other categories such as testers, + designers, or end users and would only be permitted read + access. + + A lower integrity subject is unable to write to a higher + integrity subject and a higher integrity subject cannot list + or read a lower integrity object. Setting a label at the + lowest possible grade could make it inaccessible to subjects. + Some prospective environments for this security policy module + would include a constrained web server, a development and test + machine, and a source code repository. A less useful + implementation would be a personal workstation, a machine used + as a router, or a network firewall. @@ -1335,34 +1325,33 @@ test: biba/low objects only after decreasing the integrity level to not disrupt any integrity rules. - The Low-watermark - integrity policy works almost identically to Biba, with - the exception of using floating labels to support subject - demotion via an auxiliary grade compartment. This secondary - compartment takes the form [auxgrade]. - When assigning a policy with an auxiliary grade, use the - syntax lomac/10[2], where + The Low-watermark integrity policy works almost + identically to Biba, with the exception of using floating + labels to support subject demotion via an auxiliary grade + compartment. This secondary compartment takes the form + [auxgrade]. When assigning a policy with + an auxiliary grade, use the syntax + lomac/10[2], where 2 is the auxiliary grade. - This policy relies on the - ubiquitous labeling of all system objects with integrity - labels, permitting subjects to read from low integrity objects - and then downgrading the label on the subject to prevent - future writes to high integrity objects using - [auxgrade]. The policy may provide - greater compatibility and require less initial configuration - than Biba. - - Like the Biba and MLS policies, - setfmac and setpmac - are used to place labels on system objects: + This policy relies on the ubiquitous labeling of all + system objects with integrity labels, permitting subjects to + read from low integrity objects and then downgrading the label + on the subject to prevent future writes to high integrity + objects using [auxgrade]. The policy may + provide greater compatibility and require less initial + configuration than Biba. + + Like the Biba and MLS policies, + setfmac and setpmac + are used to place labels on system objects: - &prompt.root; setfmac /usr/home/trhodes lomac/high[low] + &prompt.root; setfmac /usr/home/trhodes lomac/high[low] &prompt.root; getfmac /usr/home/trhodes lomac/high[low] - The auxiliary grade low is a feature - provided only by the MAC LOMAC - policy. + The auxiliary grade low is a feature + provided only by the MAC + LOMAC policy. From owner-svn-doc-all@FreeBSD.ORG Fri Mar 28 17:21:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1EEE675B; Fri, 28 Mar 2014 17:21:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0C36098D; Fri, 28 Mar 2014 17:21:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2SHLMqD084853; Fri, 28 Mar 2014 17:21:22 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2SHLMam084852; Fri, 28 Mar 2014 17:21:22 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403281721.s2SHLMam084852@svn.freebsd.org> From: Dru Lavigne Date: Fri, 28 Mar 2014 17:21:22 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44376 - head/en_US.ISO8859-1/books/handbook/mac X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Mar 2014 17:21:23 -0000 Author: dru Date: Fri Mar 28 17:21:22 2014 New Revision: 44376 URL: http://svnweb.freebsd.org/changeset/doc/44376 Log: Add missing comma. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mac/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Fri Mar 28 16:58:45 2014 (r44375) +++ head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Fri Mar 28 17:21:22 2014 (r44376) @@ -1038,7 +1038,7 @@ test: biba/high thousand, it would be a daunting task to thoroughly configure every subject or object. To ease this administrative overhead, three labels are included in this policy: - mls/low, mls/equal and + mls/low, mls/equal, and mls/high, where: From owner-svn-doc-all@FreeBSD.ORG Fri Mar 28 19:05:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 078847B5; Fri, 28 Mar 2014 19:05:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E78286DB; Fri, 28 Mar 2014 19:05:35 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2SJ5ZUe026280; Fri, 28 Mar 2014 19:05:35 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2SJ5Zcp026279; Fri, 28 Mar 2014 19:05:35 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403281905.s2SJ5Zcp026279@svn.freebsd.org> From: Dru Lavigne Date: Fri, 28 Mar 2014 19:05:35 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44377 - head/en_US.ISO8859-1/books/handbook/audit X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Mar 2014 19:05:36 -0000 Author: dru Date: Fri Mar 28 19:05:35 2014 New Revision: 44377 URL: http://svnweb.freebsd.org/changeset/doc/44377 Log: Editorial review of first 1/2 of Security Event Auditing. Add 2 tables. Still need to research additional entries which are not described in this section. More commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/audit/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/audit/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/audit/chapter.xml Fri Mar 28 17:21:22 2014 (r44376) +++ head/en_US.ISO8859-1/books/handbook/audit/chapter.xml Fri Mar 28 19:05:35 2014 (r44377) @@ -44,30 +44,31 @@ requirements. --> MAC - The &os; operating system includes support for fine-grained - security event auditing. Event auditing allows the reliable, + The &os; operating system includes support for + security event auditing. Event auditing supports reliable, fine-grained, and configurable logging of a variety of security-relevant system events, including logins, configuration changes, and file and network access. These log records can be invaluable for live system monitoring, intrusion detection, and - postmortem analysis. &os; implements &sun;'s published - BSM API and file format, and is interoperable - with both &sun;'s &solaris; and &apple;'s &macos; X audit + postmortem analysis. &os; implements &sun;'s published Basic + Security Module (BSM) Application Programming + Interface (API) and file format, and is interoperable + with the &solaris; and &macos; X audit implementations. This chapter focuses on the installation and configuration - of Event Auditing. It explains audit policies, and provides an + of event auditing. It explains audit policies and provides an example audit configuration. After reading this chapter, you will know: - What Event Auditing is and how it works. + What event auditing is and how it works. - How to configure Event Auditing on &os; for users and + How to configure event auditing on &os; for users and processes. @@ -98,55 +99,55 @@ requirements. --> - The audit facility has some known limitations which - include that not all security-relevant system events are - currently auditable, and that some login mechanisms, such as - X11-based display managers and third party daemons, do not + The audit facility has some known limitations. + Not all security-relevant system events are + auditable and some login mechanisms, such as + Xorg-based display managers and third-party daemons, do not properly configure auditing for user login sessions. The security event auditing facility is able to generate - very detailed logs of system activity: on a busy system, trail + very detailed logs of system activity. On a busy system, trail file data can be very large when configured for high detail, exceeding gigabytes a week in some configurations. - Administrators should take into account disk space + Administrators should take into account the disk space requirements associated with high volume audit configurations. For example, it may be desirable to dedicate a file system to - the /var/audit tree + /var/audit so that other file systems are not affected if the audit file system becomes full. - Key Terms in This Chapter + Key Terms - Before reading this chapter, a few key audit-related terms - must be explained: + The following terms are related to security event + auditing: - event: An auditable event is any + event: an auditable event is any event that can be logged using the audit subsystem. Examples of security-relevant events include the creation of a file, the building of a network connection, or a user logging in. Events are either attributable, meaning that they can be traced to an authenticated user, or - non-attributable if they cannot be. Examples + non-attributable. Examples of non-attributable events are any events that occur before authentication in the login process, such as bad password attempts. - class: Event classes are named sets - of related events, and are used in selection expressions. + class: a named set + of related events which are used in selection expressions. Commonly used classes of events include file - creation (fc), exec (ex) and + creation (fc), exec (ex), and login_logout (lo). - record: A record is an audit log + record: an audit log entry describing a security event. Records contain a record event type, information on the subject (user) performing the action, date and time information, information on any @@ -155,25 +156,24 @@ requirements. --> - trail: An audit trail, or log file, - consists of a series of audit records describing security - events. Typically, trails are in roughly chronological + trail: a log file + consisting of a series of audit records describing security + events. Trails are in roughly chronological order with respect to the time events completed. Only authorized processes are allowed to commit records to the audit trail. - selection expression: A selection - expression is a string containing a list of prefixes and + selection expression: a + string containing a list of prefixes and audit event class names used to match events. - preselection: The process by which + preselection: the process by which the system identifies which events are of interest to the - administrator in order to avoid generating audit records - describing events that are not of interest. The + administrator. The preselection configuration uses a series of selection expressions to identify which classes of events to audit for which users, as well as global settings that apply to both @@ -181,7 +181,7 @@ requirements. --> - reduction: The process by which + reduction: the process by which records from existing audit trails are selected for preservation, printing, or analysis. Likewise, the process by which undesired audit records are removed from the audit @@ -194,78 +194,25 @@ requirements. --> - - Installing Audit Support - - User space support for Event Auditing is installed as part - of the base &os; operating system. Kernel support for Event - Auditing is compiled in by default, but support for this feature - must be explicitly compiled into the custom kernel by adding the - following line to the kernel configuration file: - - options AUDIT - - Rebuild and reinstall the kernel via the normal process - explained in . - - Once an audit-enabled kernel is built, installed, and the - system has been rebooted, enable the audit daemon by adding the - following line to &man.rc.conf.5;: - - auditd_enable="YES" - - Audit support must then be started by a reboot, or by - manually starting the audit daemon: - - service auditd start - - Audit Configuration - All configuration files for security audit are found in - /etc/security. The following files must be - present before the audit daemon is started: + User space support for event auditing is installed as part + of the base &os; operating system. Kernel support can be enabled + by adding the following line to + /etc/rc.conf: - - - audit_class - Contains the - definitions of the audit classes. - - - - audit_control - Controls aspects - of the audit subsystem, such as default audit classes, - minimum disk space to leave on the audit log volume, - maximum audit trail size, etc. - + auditd_enable="YES" - - audit_event - Textual names and - descriptions of system audit events, as well as a list of - which classes each event is in. - + Then, start the audit daemon: - - audit_user - User-specific audit - requirements, which are combined with the global defaults at - login. - + &prompt.root; service auditd start - - audit_warn - A customizable shell - script used by &man.auditd.8; to generate warning messages - in exceptional situations, such as when space for audit - records is running low or when the audit trail file has - been rotated. - - + Users who prefer to compile + a custom kernel must include the + following line in their custom kernel configuration file: - - Audit configuration files should be edited and maintained - carefully, as errors in configuration may result in improper - logging of events. - + options AUDIT Event Selection Expressions @@ -280,170 +227,218 @@ requirements. --> right, and two expressions are combined by appending one onto the other. - The following list contains the default audit event - classes present in audit_class: + summarizes the default audit event + classes: + + + Default Audit Event Classes - - - all - all - - Match all event classes. - - - - ad - - administrative - Administrative - actions performed on the system as a whole. - - - - ap - - application - Application defined - action. - - - - cl - - file close - Audit calls to the - close system call. - - - - ex - exec - - Audit program execution. Auditing of command line + + + + Class Name + Description + Action + + + + + + all + all + Match all event classes. + + + + ad + administrative + Administrative + actions performed on the system as a whole. + + + + ap + application + Application defined + action. + + + + cl + file close + Audit calls to the + close system call. + + + + ex + exec + Audit program execution. Auditing of command line arguments and environmental variables is controlled via &man.audit.control.5; using the argv and envv parameters to the - policy setting. - + policy setting. + - - fa - - file attribute access - Audit the - access of object attributes such as &man.stat.1;, - &man.pathconf.2; and similar events. - - - - fc - - file create - Audit events where a - file is created as a result. - - - - fd - - file delete - Audit events where file - deletion occurs. - - - - fm - - file attribute modify - Audit events - where file attribute modification occurs, such as - &man.chown.8;, &man.chflags.1;, &man.flock.2;, etc. - - - - fr - file read - - Audit events in which data is read, files are opened for - reading, etc. - - - - fw - - file write - Audit events in which - data is written, files are written or modified, - etc. - - - - io - ioctl - - Audit use of the &man.ioctl.2; system call. - - - - ip - ipc - - Audit various forms of Inter-Process Communication, + + fa + file attribute access + Audit the + access of object attributes such as &man.stat.1; and + &man.pathconf.2;. + + + + fc + file create + Audit events where a + file is created as a result. + + + + fd + file delete + Audit events where file + deletion occurs. + + + + fm + file attribute modify + Audit events + where file attribute modification occurs, such as by + &man.chown.8;, &man.chflags.1;, and &man.flock.2;. + + + + fr + file read + Audit events in which data is read or files are opened for + reading. + + + + fw + file write + Audit events in which + data is written or files are written or modified. + + + + io + ioctl + Audit use of the ioctl system call. + + + + ip + ipc + Audit various forms of Inter-Process Communication, including POSIX pipes and System V IPC - operations. - - - - lo - - login_logout - Audit &man.login.1; - and &man.logout.1; events occurring on the system. - - - - na - - non attributable - Audit - non-attributable events. - - - - no - - invalid class - Match no audit - events. - - - - nt - network - - Audit events related to network actions, such as - &man.connect.2; and &man.accept.2;. - - - - ot - other - - Audit miscellaneous events. - - - - pc - process - - Audit process operations, such as &man.exec.3; and - &man.exit.3;. - + operations. + - + + lo + login_logout + Audit &man.login.1; + and &man.logout.1; events. + + + + na + non attributable + Audit + non-attributable events. + + + + no + invalid class + Match no audit + events. + + + + nt + network + Audit events related to network actions such as + &man.connect.2; and &man.accept.2;. + + + + ot + other + Audit miscellaneous events. + + + + pc + process + Audit process operations such as &man.exec.3; and + &man.exit.3;. + + + +
    These audit event classes may be customized by modifying the audit_class and audit_ event configuration files. - Each audit class in the list is combined with a prefix + Each audit event class is combined with a prefix indicating whether successful/failed operations are matched, and whether the entry is adding or removing matching for the - class and type. + class and type. summarizes + the available prefixes: + + + Prefixes for Audit Event Classes + + + + + Prefix + Action + + + + + + + + Audit successful events in this + class. + + + + - + Audit failed events in this + class. + + + + ^ + Audit neither successful nor + failed events in this class. + + + + ^+ + Do not audit successful events + in this class. + + + + ^- + Do not audit failed events in + this class. + + + +
    - - - (none) Audit both successful and failed instances of - the event. - - - - + Audit successful events in this - class. - - - - - Audit failed events in this - class. - - - - ^ Audit neither successful nor - failed events in this class. - - - - ^+ Do not audit successful events - in this class. - - - - ^- Do not audit failed events in - this class. - - + If no prefix is present, both successful and failed instances of + the event will be audited. The following example selection string selects both successful and failed login/logout events, but only successful @@ -455,11 +450,53 @@ requirements. --> Configuration Files - In most cases, administrators will need to modify only two - files when configuring the audit system: audit_ - control and audit_user. - The first controls system-wide audit properties and policies; - the second may be used to fine-tune auditing by user. + The following configuration files for security event auditing are found in + /etc/security: + + + + audit_class: contains the + definitions of the audit classes. + + + + audit_control: controls aspects + of the audit subsystem, such as default audit classes, + minimum disk space to leave on the audit log volume, and + maximum audit trail size. + + + + audit_event: textual names and + descriptions of system audit events and a list of + which classes each event is in. + + + + audit_user: user-specific audit + requirements to be combined with the global defaults at + login. + + + + audit_warn: a customizable shell + script used by &man.auditd.8; to generate warning messages + in exceptional situations, such as when space for audit + records is running low or when the audit trail file has + been rotated. + + + + + Audit configuration files should be edited and maintained + carefully, as errors in configuration may result in improper + logging of events. + + + In most cases, administrators will only need to modify + audit_control and audit_user. + The first file controls system-wide audit properties and policies and + the second file may be used to fine-tune auditing by user. The <filename>audit_control</filename> File @@ -468,11 +505,13 @@ requirements. --> specified in audit_control: dir:/var/audit -flags:lo -minfree:20 -naflags:lo -policy:cnt -filesz:0 +dist:off +flags:lo,aa +minfree:5 +naflags:lo,aa +policy:cnt,argv +filesz:2M +expire-after:10M The entry is used to set one or more directories where audit logs will be stored. If more From owner-svn-doc-all@FreeBSD.ORG Fri Mar 28 20:37:21 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 63FA8E17; Fri, 28 Mar 2014 20:37:21 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4F7B2F4B; Fri, 28 Mar 2014 20:37:21 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2SKbLCM064279; Fri, 28 Mar 2014 20:37:21 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2SKbL0a064278; Fri, 28 Mar 2014 20:37:21 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403282037.s2SKbL0a064278@svn.freebsd.org> From: Dru Lavigne Date: Fri, 28 Mar 2014 20:37:21 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44378 - head/en_US.ISO8859-1/books/handbook/audit X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Mar 2014 20:37:21 -0000 Author: dru Date: Fri Mar 28 20:37:20 2014 New Revision: 44378 URL: http://svnweb.freebsd.org/changeset/doc/44378 Log: Finish editorial review of Event Auditing. Still need an Action for aa in Table 17.1. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/audit/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/audit/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/audit/chapter.xml Fri Mar 28 19:05:35 2014 (r44377) +++ head/en_US.ISO8859-1/books/handbook/audit/chapter.xml Fri Mar 28 20:37:20 2014 (r44378) @@ -250,6 +250,12 @@ requirements. --> + aa + authentication and authorization + + + + ad administrative Administrative @@ -521,38 +527,45 @@ expire-after:10M prevent interference between the audit subsystem and other subsystems if the file system fills. + If the field is set to + on or yes, hard links + will be created to all trail files in + /var/audit/dist. + The field sets the system-wide default preselection mask for attributable events. In the - example above, successful and failed login and logout events - are audited for all users. + example above, successful and failed login/logout events as + well as authentication and authorization are audited for all users. The entry defines the minimum percentage of free space for the file system where the audit - trail is stored. When this threshold is exceeded, a warning - will be generated. The above example sets the minimum free - space to twenty percent. + trail is stored. The entry specifies audit classes to be audited for non-attributed events, such as the - login process and system daemons. + login/logout process and authentication and authorization. The entry specifies a comma-separated list of policy flags controlling various - aspects of audit behavior. The default - cnt flag indicates that the system should + aspects of audit behavior. The + cnt indicates that the system should continue running despite an auditing failure (this flag is - highly recommended). Another commonly used flag is - argv, which causes command line arguments + highly recommended). The other flag, + argv, causes command line arguments to the &man.execve.2; system call to be audited as part of command execution. The entry specifies the maximum - size in bytes to allow an audit trail file to grow to before - automatically terminating and rotating the trail file. The - default, 0, disables automatic log rotation. If the - requested file size is non-zero and below the minimum 512k, + size for an audit trail before + automatically terminating and rotating the trail file. A + value of 0 disables automatic log rotation. If the + requested file size is below the minimum of 512k, it will be ignored and a log message will be generated. + + The field specifies when + audit log files will expire and be removed. + @@ -561,18 +574,18 @@ expire-after:10M The administrator can specify further audit requirements for specific users in audit_user. Each line configures auditing for a user via two fields: - the first is the alwaysaudit field, - which specifies a set of events that should always be - audited for the user, and the second is the - neveraudit field, which specifies a set + the alwaysaudit field + specifies a set of events that should always be + audited for the user, and the + neveraudit field specifies a set of events that should never be audited for the user. - The following example audit_user - audits login/logout events and successful command execution - for root, and - audits file creation and successful command execution for + The following example entries + audit login/logout events and successful command execution + for root and + file creation and successful command execution for www. If used with - the above example audit_control, the + the default audit_control, the lo entry for root is redundant, and login/logout events will also be audited for @@ -585,36 +598,34 @@ www:fc,+ex:no - Administering the Audit Subsystem + Working with Audit Trails - - Viewing Audit Trails - - Audit trails are stored in the BSM binary format, so tools - must be used to modify or convert to text. The - &man.praudit.1; command converts trail files to a simple text - format; the &man.auditreduce.1; command may be used to reduce + Since audit trails are stored in the + BSM binary format, several built-in tools + are available to modify or convert these trails to text. + To convert trail files to a simple text + format, use praudit. To reduce the audit trail file for analysis, archiving, or printing - purposes. A variety of selection parameters are supported by - &man.auditreduce.1;, including event type, event class, user, + purposes, use auditreduce. This utility supports a variety of selection parameters, + including event type, event class, user, date or time of the event, and the file path or object acted on. - For example, &man.praudit.1; will dump the entire + For example, to dump the entire contents of a specified audit log in plain text: - &prompt.root; praudit /var/audit/AUDITFILE + &prompt.root; praudit /var/audit/AUDITFILE Where - AUDITFILE is + AUDITFILE is the audit log to dump. Audit trails consist of a series of audit records made up - of tokens, which &man.praudit.1; prints sequentially one per + of tokens, which praudit prints sequentially, one per line. Each token is of a specific type, such as - header holding an audit record header, or - path holding a file path from a name - lookup. The following is an example of an + header (an audit record header) or + path (a file path from a name + lookup). The following is an example of an execve event: header,133,10,execve(2),0,Mon Sep 25 15:58:03 2006, + 384 msec @@ -627,75 +638,63 @@ trailer,133 This audit represents a successful execve call, in which the command - finger doug has been run. The arguments + finger doug has been run. The exec arg token contains the processed command line presented by the shell to the kernel. The path token holds the path to the executable as looked up by the kernel. - The attribute token describes the binary, - and in particular, includes the file mode which can be used to - determine if the application was setuid. The - subject token describes the subject - process, and stores in sequence the audit user ID, effective + The attribute token describes the binary + and includes the file mode. The + subject token + stores the audit user ID, effective user ID and group ID, real user ID and group ID, process ID, session ID, port ID, and login address. Notice that the audit - user ID and real user ID differ: the user - robert has switched + user ID and real user ID differ as the user + robert switched to the root account before running this command, but it is audited using the - original authenticated user. Finally, the + original authenticated user. The return token indicates the successful - execution, and the trailer concludes the + execution and the trailer concludes the record. - XML output format is also supported by - &man.praudit.1;, and can be selected using + XML output format is also supported + and can be selected by including . - - - - Reducing Audit Trails - Since audit logs may be very large, an administrator will - likely want to select a subset of records for using, such as - records associated with a specific user: + Since audit logs may be very large, a + subset of records can be selected using + auditreduce. This example selects all + audit records produced for the user + trhodes stored in + AUDITFILE: - &prompt.root; auditreduce -u trhodes /var/audit/AUDITFILE | praudit - - This will select all audit records produced for - trhodes stored in - AUDITFILE. - - - - Delegating Audit Review Rights + &prompt.root; auditreduce -u trhodes /var/audit/AUDITFILE | praudit Members of the - audit group are - given permission to read audit trails in - /var/audit; by default, this group is + audit group have + permission to read audit trails in + /var/audit. By default, this group is empty, so only the - root user may read + root user can read audit trails. Users may be added to the audit group in - order to delegate audit review rights to the user. As the + order to delegate audit review rights. As the ability to track audit log contents provides significant insight into the behavior of users and processes, it is recommended that the delegation of audit review rights be performed with caution. - Live Monitoring Using Audit Pipes - Audit pipes are cloning pseudo-devices in the device file - system which allow applications to tap the live audit record + Audit pipes are cloning pseudo-devices + which allow applications to tap the live audit record stream. This is primarily of interest to authors of intrusion - detection and system monitoring applications. However, for - the administrator the audit pipe device is a convenient way to + detection and system monitoring applications. However, + the audit pipe device is a convenient way for the administrator to allow live monitoring without running into problems with audit trail file ownership or log rotation interrupting the event - stream. To track the live audit event stream, use the - following command line: + stream. To track the live audit event stream: &prompt.root; praudit /dev/auditpipe @@ -704,7 +703,7 @@ trailer,133 make them accessible to the members of the audit group, add a devfs rule to - devfs.rules: + /etc/devfs.rules: add path 'auditpipe*' mode 0440 group audit @@ -715,56 +714,49 @@ trailer,133 It is easy to produce audit event feedback cycles, in which the viewing of each audit event results in the generation of more audit events. For example, if all - network I/O is audited, and &man.praudit.1; is run from an - SSH session, then a continuous stream of audit events will + network I/O is audited, and praudit is run from an + SSH session, a continuous stream of audit events will be generated at a high rate, as each event being printed - will generate another event. It is advisable to run - &man.praudit.1; on an audit pipe device from sessions - without fine-grained I/O auditing in order to avoid this - happening. + will generate another event. For this reason, it is advisable to run + praudit on an audit pipe device from sessions + without fine-grained I/O auditing. - Rotating Audit Trail Files + Rotating and Compressing Audit Trail Files - Audit trails are written to only by the kernel, and - managed only by the audit daemon, &man.auditd.8;. + Audit trails are written to by the kernel and + managed by the audit daemon, &man.auditd.8;. Administrators should not attempt to use &man.newsyslog.conf.5; or other tools to directly rotate - audit logs. Instead, the &man.audit.8; management tool may + audit logs. Instead, audit should be used to shut down auditing, reconfigure the audit system, and perform log rotation. The following command causes the audit daemon to create a new audit log and signal the kernel to switch to using the new log. The old log will be terminated and renamed, at which point it may then be - manipulated by the administrator. + manipulated by the administrator: &prompt.root; audit -n - If &man.auditd.8; is not currently running, this command will fail and an error message will be produced. - Adding the following line to - /etc/crontab will force the rotation - every twelve hours from &man.cron.8;: + /etc/crontab will schedule this rotation + every twelve hours: 0 */12 * * * root /usr/sbin/audit -n - The change will take effect once you have saved the new - /etc/crontab. + The change will take effect once + /etc/crontab is saved. Automatic rotation of the audit trail file based on file size is possible using in - &man.audit.control.5;, and is described in the configuration - files section of this chapter. - - - - Compressing Audit Trails + audit.control as described in . As audit trail files can become very large, it is often desirable to compress or otherwise archive trails once they @@ -772,8 +764,8 @@ trailer,133 audit_warn script can be used to perform customized operations for a variety of audit-related events, including the clean termination of audit trails when they are - rotated. For example, the following may be added to the - audit_warn script to compress audit + rotated. For example, the following may be added to + /etc/security/audit_warn to compress audit trails on close: # @@ -785,7 +777,7 @@ fi Other archiving activities might include copying trail files to a centralized server, deleting old trail files, or - reducing the audit trail to remove unneeded records. The + reducing the audit trail to remove unneeded records. This script will be run only when audit trail files are cleanly terminated, so will not be run on trails left unterminated following an improper shutdown. From owner-svn-doc-all@FreeBSD.ORG Fri Mar 28 21:08:05 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8DDC8C81; Fri, 28 Mar 2014 21:08:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 79130292; Fri, 28 Mar 2014 21:08:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2SL85TL076919; Fri, 28 Mar 2014 21:08:05 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2SL854o076918; Fri, 28 Mar 2014 21:08:05 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403282108.s2SL854o076918@svn.freebsd.org> From: Dru Lavigne Date: Fri, 28 Mar 2014 21:08:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44379 - head/en_US.ISO8859-1/books/handbook/audit X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Mar 2014 21:08:05 -0000 Author: dru Date: Fri Mar 28 21:08:05 2014 New Revision: 44379 URL: http://svnweb.freebsd.org/changeset/doc/44379 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/audit/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/audit/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/audit/chapter.xml Fri Mar 28 20:37:20 2014 (r44378) +++ head/en_US.ISO8859-1/books/handbook/audit/chapter.xml Fri Mar 28 21:08:05 2014 (r44379) @@ -44,16 +44,16 @@ requirements. --> MAC - The &os; operating system includes support for - security event auditing. Event auditing supports reliable, - fine-grained, and configurable logging of a variety of - security-relevant system events, including logins, configuration - changes, and file and network access. These log records can be - invaluable for live system monitoring, intrusion detection, and - postmortem analysis. &os; implements &sun;'s published Basic - Security Module (BSM) Application Programming - Interface (API) and file format, and is interoperable - with the &solaris; and &macos; X audit + The &os; operating system includes support for security + event auditing. Event auditing supports reliable, fine-grained, + and configurable logging of a variety of security-relevant + system events, including logins, configuration changes, and file + and network access. These log records can be invaluable for + live system monitoring, intrusion detection, and postmortem + analysis. &os; implements &sun;'s published Basic Security + Module (BSM) Application Programming + Interface (API) and file format, and is + interoperable with the &solaris; and &macos; X audit implementations. This chapter focuses on the installation and configuration @@ -82,14 +82,14 @@ requirements. --> - Understand &unix; and &os; basics - (). + Understand &unix; and &os; basics (). Be familiar with the basics of kernel - configuration/compilation - (). + configuration/compilation (). @@ -99,22 +99,21 @@ requirements. -->     - The audit facility has some known limitations. - Not all security-relevant system events are - auditable and some login mechanisms, such as - Xorg-based display managers and third-party daemons, do not - properly configure auditing for user login sessions. + The audit facility has some known limitations. Not all + security-relevant system events are auditable and some login + mechanisms, such as Xorg-based + display managers and third-party daemons, do not properly + configure auditing for user login sessions. The security event auditing facility is able to generate - very detailed logs of system activity. On a busy system, trail - file data can be very large when configured for high detail, - exceeding gigabytes a week in some configurations. + very detailed logs of system activity. On a busy system, + trail file data can be very large when configured for high + detail, exceeding gigabytes a week in some configurations. Administrators should take into account the disk space requirements associated with high volume audit configurations. For example, it may be desirable to dedicate a file system to - /var/audit - so that other file systems are not affected if the audit file - system becomes full. + /var/audit so that other file systems are + not affected if the audit file system becomes full. @@ -132,23 +131,23 @@ requirements. --> a file, the building of a network connection, or a user logging in. Events are either attributable, meaning that they can be traced to an authenticated user, or - non-attributable. Examples - of non-attributable events are any events that occur before + non-attributable. Examples of + non-attributable events are any events that occur before authentication in the login process, such as bad password attempts. - class: a named set - of related events which are used in selection expressions. - Commonly used classes of events include file - creation (fc), exec (ex), and + class: a named set of related + events which are used in selection expressions. Commonly + used classes of events include file creation + (fc), exec (ex), and login_logout (lo). - record: an audit log - entry describing a security event. Records contain a record + record: an audit log entry + describing a security event. Records contain a record event type, information on the subject (user) performing the action, date and time information, information on any objects or arguments, and a success or failure @@ -156,28 +155,27 @@ requirements. --> - trail: a log file - consisting of a series of audit records describing security - events. Trails are in roughly chronological - order with respect to the time events completed. Only - authorized processes are allowed to commit records to the - audit trail. + trail: a log file consisting of a + series of audit records describing security events. Trails + are in roughly chronological order with respect to the time + events completed. Only authorized processes are allowed to + commit records to the audit trail. - selection expression: a - string containing a list of prefixes and - audit event class names used to match events. + selection expression: a string + containing a list of prefixes and audit event class names + used to match events. preselection: the process by which the system identifies which events are of interest to the - administrator. The - preselection configuration uses a series of selection - expressions to identify which classes of events to audit for - which users, as well as global settings that apply to both - authenticated and unauthenticated processes. + administrator. The preselection configuration uses a series + of selection expressions to identify which classes of events + to audit for which users, as well as global settings that + apply to both authenticated and unauthenticated + processes. @@ -198,9 +196,9 @@ requirements. --> Audit Configuration User space support for event auditing is installed as part - of the base &os; operating system. Kernel support can be enabled - by adding the following line to - /etc/rc.conf: + of the base &os; operating system. Kernel support can be + enabled by adding the following line to + /etc/rc.conf: auditd_enable="YES" @@ -208,8 +206,7 @@ requirements. --> &prompt.root; service auditd start - Users who prefer to compile - a custom kernel must include the + Users who prefer to compile a custom kernel must include the following line in their custom kernel configuration file: options AUDIT @@ -227,10 +224,10 @@ requirements. --> right, and two expressions are combined by appending one onto the other. - summarizes the default audit event - classes: + summarizes the default + audit event classes: - +
    Default Audit Event Classes @@ -242,150 +239,147 @@ requirements. --> - - - all - all - Match all event classes. - - - - aa - authentication and authorization - - - - - ad - administrative - Administrative - actions performed on the system as a whole. - - - - ap - application - Application defined - action. - - - - cl - file close - Audit calls to the - close system call. - - - - ex - exec - Audit program execution. Auditing of command line - arguments and environmental variables is controlled via - &man.audit.control.5; using the argv - and envv parameters to the - policy setting. - - - - fa - file attribute access - Audit the - access of object attributes such as &man.stat.1; and - &man.pathconf.2;. - - - - fc - file create - Audit events where a - file is created as a result. - - - - fd - file delete - Audit events where file - deletion occurs. - - - - fm - file attribute modify - Audit events - where file attribute modification occurs, such as by - &man.chown.8;, &man.chflags.1;, and &man.flock.2;. - - - - fr - file read - Audit events in which data is read or files are opened for - reading. - - - - fw - file write - Audit events in which - data is written or files are written or modified. - - - - io - ioctl - Audit use of the ioctl system call. - - - - ip - ipc - Audit various forms of Inter-Process Communication, - including POSIX pipes and System V IPC - operations. - - - - lo - login_logout - Audit &man.login.1; - and &man.logout.1; events. - - - - na - non attributable - Audit - non-attributable events. - - - - no - invalid class - Match no audit - events. - - - - nt - network - Audit events related to network actions such as - &man.connect.2; and &man.accept.2;. - - - - ot - other - Audit miscellaneous events. - - - - pc - process - Audit process operations such as &man.exec.3; and - &man.exit.3;. - - - + + + all + all + Match all event classes. + + + + aa + authentication and authorization + + + + + ad + administrative + Administrative actions performed on the system as + a whole. + + + + ap + application + Application defined action. + + + + cl + file close + Audit calls to the + close system call. + + + + ex + exec + Audit program execution. Auditing of command + line arguments and environmental variables is + controlled via &man.audit.control.5; using the + argv and envv + parameters to the policy + setting. + + + + fa + file attribute access + Audit the access of object attributes such as + &man.stat.1; and &man.pathconf.2;. + + + + fc + file create + Audit events where a file is created as a + result. + + + + fd + file delete + Audit events where file deletion occurs. + + + + fm + file attribute modify + Audit events where file attribute modification + occurs, such as by &man.chown.8;, &man.chflags.1;, and + &man.flock.2;. + + + + fr + file read + Audit events in which data is read or files are + opened for reading. + + + + fw + file write + Audit events in which data is written or files + are written or modified. + + + + io + ioctl + Audit use of the ioctl + system call. + + + + ip + ipc + Audit various forms of Inter-Process + Communication, including POSIX pipes and System V + IPC operations. + + + + lo + login_logout + Audit &man.login.1; and &man.logout.1; + events. + + + + na + non attributable + Audit non-attributable events. + + + + no + invalid class + Match no audit events. + + + + nt + network + Audit events related to network actions such as + &man.connect.2; and &man.accept.2;. + + + + ot + other + Audit miscellaneous events. + + + + pc + process + Audit process operations such as &man.exec.3; and + &man.exit.3;. + + +
    These audit event classes may be customized by modifying @@ -398,7 +392,7 @@ requirements. --> class and type. summarizes the available prefixes: - +
    Prefixes for Audit Event Classes @@ -409,42 +403,39 @@ requirements. --> - - - + - Audit successful events in this - class. - - - - - - Audit failed events in this - class. - - - - ^ - Audit neither successful nor - failed events in this class. - - - - ^+ - Do not audit successful events - in this class. - - - - ^- - Do not audit failed events in - this class. - - + + + + + Audit successful events in this class. + + + + - + Audit failed events in this class. + + + + ^ + Audit neither successful nor failed events in + this class. + + + + ^+ + Do not audit successful events in this + class. + + + + ^- + Do not audit failed events in this class. + +
    - If no prefix is present, both successful and failed instances of - the event will be audited. + If no prefix is present, both successful and failed + instances of the event will be audited. The following example selection string selects both successful and failed login/logout events, but only successful @@ -456,53 +447,55 @@ requirements. --> Configuration Files - The following configuration files for security event auditing are found in - /etc/security: - - - - audit_class: contains the - definitions of the audit classes. - - - - audit_control: controls aspects - of the audit subsystem, such as default audit classes, - minimum disk space to leave on the audit log volume, and - maximum audit trail size. - - - - audit_event: textual names and - descriptions of system audit events and a list of - which classes each event is in. - - - - audit_user: user-specific audit - requirements to be combined with the global defaults at - login. - - - - audit_warn: a customizable shell - script used by &man.auditd.8; to generate warning messages - in exceptional situations, such as when space for audit - records is running low or when the audit trail file has - been rotated. - - + The following configuration files for security event + auditing are found in + /etc/security: + + + + audit_class: contains the + definitions of the audit classes. + + + + audit_control: controls aspects + of the audit subsystem, such as default audit classes, + minimum disk space to leave on the audit log volume, and + maximum audit trail size. + + + + audit_event: textual names and + descriptions of system audit events and a list of which + classes each event is in. + + + + audit_user: user-specific audit + requirements to be combined with the global defaults at + login. + + + + audit_warn: a customizable shell + script used by &man.auditd.8; to generate warning messages + in exceptional situations, such as when space for audit + records is running low or when the audit trail file has + been rotated. + + - - Audit configuration files should be edited and maintained - carefully, as errors in configuration may result in improper - logging of events. - + + Audit configuration files should be edited and + maintained carefully, as errors in configuration may result + in improper logging of events. + In most cases, administrators will only need to modify - audit_control and audit_user. - The first file controls system-wide audit properties and policies and - the second file may be used to fine-tune auditing by user. + audit_control and + audit_user. The first file controls + system-wide audit properties and policies and the second file + may be used to fine-tune auditing by user. The <filename>audit_control</filename> File @@ -535,7 +528,8 @@ expire-after:10M The field sets the system-wide default preselection mask for attributable events. In the example above, successful and failed login/logout events as - well as authentication and authorization are audited for all users. + well as authentication and authorization are audited for all + users. The entry defines the minimum percentage of free space for the file system where the audit @@ -543,29 +537,27 @@ expire-after:10M The entry specifies audit classes to be audited for non-attributed events, such as the - login/logout process and authentication and authorization. + login/logout process and authentication and + authorization. The entry specifies a comma-separated list of policy flags controlling various - aspects of audit behavior. The - cnt indicates that the system should - continue running despite an auditing failure (this flag is - highly recommended). The other flag, - argv, causes command line arguments - to the &man.execve.2; system call to be audited as part of - command execution. + aspects of audit behavior. The cnt + indicates that the system should continue running despite an + auditing failure (this flag is highly recommended). The + other flag, argv, causes command line + arguments to the &man.execve.2; system call to be audited as + part of command execution. The entry specifies the maximum - size for an audit trail before - automatically terminating and rotating the trail file. A - value of 0 disables automatic log rotation. If the - requested file size is below the minimum of 512k, - it will be ignored and a log message will be - generated. + size for an audit trail before automatically terminating and + rotating the trail file. A value of 0 + disables automatic log rotation. If the requested file size + is below the minimum of 512k, it will be ignored and a log + message will be generated. The field specifies when audit log files will expire and be removed. - @@ -574,22 +566,21 @@ expire-after:10M The administrator can specify further audit requirements for specific users in audit_user. Each line configures auditing for a user via two fields: - the alwaysaudit field - specifies a set of events that should always be - audited for the user, and the - neveraudit field specifies a set - of events that should never be audited for the user. - - The following example entries - audit login/logout events and successful command execution - for root and - file creation and successful command execution for - www. If used with - the default audit_control, the - lo entry for - root is redundant, - and login/logout events will also be audited for - www. + the alwaysaudit field specifies a set of + events that should always be audited for the user, and the + neveraudit field specifies a set of + events that should never be audited for the user. + + The following example entries audit login/logout events + and successful command execution for root and file creation and + successful command execution for www. If used with the + default audit_control, the + lo entry for root is redundant, and + login/logout events will also be audited for www. root:lo,+ex:no www:fc,+ex:no @@ -600,35 +591,33 @@ www:fc,+ex:no Working with Audit Trails - Since audit trails are stored in the - BSM binary format, several built-in tools - are available to modify or convert these trails to text. - To convert trail files to a simple text - format, use praudit. To reduce - the audit trail file for analysis, archiving, or printing - purposes, use auditreduce. This utility supports a variety of selection parameters, - including event type, event class, user, - date or time of the event, and the file path or object acted - on. - - For example, to dump the entire - contents of a specified audit log in plain text: - - &prompt.root; praudit /var/audit/AUDITFILE - - Where - AUDITFILE is - the audit log to dump. - - Audit trails consist of a series of audit records made up - of tokens, which praudit prints sequentially, one per - line. Each token is of a specific type, such as - header (an audit record header) or - path (a file path from a name - lookup). The following is an example of an - execve event: + Since audit trails are stored in the BSM + binary format, several built-in tools are available to modify or + convert these trails to text. To convert trail files to a + simple text format, use praudit. To reduce + the audit trail file for analysis, archiving, or printing + purposes, use auditreduce. This utility + supports a variety of selection parameters, including event + type, event class, user, date or time of the event, and the file + path or object acted on. + + For example, to dump the entire contents of a specified + audit log in plain text: + + &prompt.root; praudit /var/audit/AUDITFILE + + Where AUDITFILE is the audit log + to dump. + + Audit trails consist of a series of audit records made up of + tokens, which praudit prints sequentially, + one per line. Each token is of a specific type, such as + header (an audit record header) or + path (a file path from a name lookup). The + following is an example of an + execve event: - header,133,10,execve(2),0,Mon Sep 25 15:58:03 2006, + 384 msec + header,133,10,execve(2),0,Mon Sep 25 15:58:03 2006, + 384 msec exec arg,finger,doug path,/usr/bin/finger attribute,555,root,wheel,90,24918,104944 @@ -636,72 +625,66 @@ subject,robert,root,wheel,root,wheel,384 return,success,0 trailer,133 - This audit represents a successful - execve call, in which the command - finger doug has been run. The exec arg - token contains the processed command line presented by - the shell to the kernel. The path token - holds the path to the executable as looked up by the kernel. - The attribute token describes the binary - and includes the file mode. The - subject token - stores the audit user ID, effective - user ID and group ID, real user ID and group ID, process ID, - session ID, port ID, and login address. Notice that the audit - user ID and real user ID differ as the user - robert switched - to the root account - before running this command, but it is audited using the - original authenticated user. The - return token indicates the successful - execution and the trailer concludes the - record. - - XML output format is also supported - and can be selected by including - . - - Since audit logs may be very large, a - subset of records can be selected using - auditreduce. This example selects all - audit records produced for the user - trhodes stored in - AUDITFILE: - - &prompt.root; auditreduce -u trhodes /var/audit/AUDITFILE | praudit - - Members of the - audit group have - permission to read audit trails in - /var/audit. By default, this group is - empty, so only the - root user can read - audit trails. Users may be added to the - audit group in - order to delegate audit review rights. As the - ability to track audit log contents provides significant - insight into the behavior of users and processes, it is - recommended that the delegation of audit review rights be - performed with caution. + This audit represents a successful + execve call, in which the command + finger doug has been run. The + exec arg token contains the processed command + line presented by the shell to the kernel. The + path token holds the path to the executable + as looked up by the kernel. The attribute + token describes the binary and includes the file mode. The + subject token stores the audit user ID, + effective user ID and group ID, real user ID and group ID, + process ID, session ID, port ID, and login address. Notice that + the audit user ID and real user ID differ as the user + robert switched to the + root account before + running this command, but it is audited using the original + authenticated user. The return token + indicates the successful execution and the + trailer concludes the record. + + XML output format is also supported and + can be selected by including . + + Since audit logs may be very large, a subset of records can + be selected using auditreduce. This example + selects all audit records produced for the user + trhodes stored in + AUDITFILE: + + &prompt.root; auditreduce -u trhodes /var/audit/AUDITFILE | praudit + + Members of the audit group have permission to + read audit trails in /var/audit. By + default, this group is empty, so only the root user can read audit trails. + Users may be added to the audit group in order to + delegate audit review rights. As the ability to track audit log + contents provides significant insight into the behavior of users + and processes, it is recommended that the delegation of audit + review rights be performed with caution. Live Monitoring Using Audit Pipes - Audit pipes are cloning pseudo-devices - which allow applications to tap the live audit record - stream. This is primarily of interest to authors of intrusion - detection and system monitoring applications. However, - the audit pipe device is a convenient way for the administrator to - allow live monitoring without running into problems with audit - trail file ownership or log rotation interrupting the event - stream. To track the live audit event stream: + Audit pipes are cloning pseudo-devices which allow + applications to tap the live audit record stream. This is + primarily of interest to authors of intrusion detection and + system monitoring applications. However, the audit pipe + device is a convenient way for the administrator to allow live + monitoring without running into problems with audit trail file + ownership or log rotation interrupting the event stream. To + track the live audit event stream: &prompt.root; praudit /dev/auditpipe By default, audit pipe device nodes are accessible only to the root user. To - make them accessible to the members of the - audit group, add a + make them accessible to the members of the audit group, add a devfs rule to /etc/devfs.rules: @@ -714,12 +697,14 @@ trailer,133 It is easy to produce audit event feedback cycles, in which the viewing of each audit event results in the generation of more audit events. For example, if all - network I/O is audited, and praudit is run from an - SSH session, a continuous stream of audit events will - be generated at a high rate, as each event being printed - will generate another event. For this reason, it is advisable to run - praudit on an audit pipe device from sessions - without fine-grained I/O auditing. + network I/O is audited, and + praudit is run from an + SSH session, a continuous stream of audit + events will be generated at a high rate, as each event being + printed will generate another event. For this reason, it is + advisable to run praudit on an audit pipe + device from sessions without fine-grained + I/O auditing. @@ -740,9 +725,8 @@ trailer,133 &prompt.root; audit -n - If &man.auditd.8; is not currently running, this - command will fail and an error message will be - produced. + If &man.auditd.8; is not currently running, this command + will fail and an error message will be produced. Adding the following line to /etc/crontab will schedule this rotation @@ -765,8 +749,8 @@ trailer,133 customized operations for a variety of audit-related events, including the clean termination of audit trails when they are rotated. For example, the following may be added to - /etc/security/audit_warn to compress audit - trails on close: + /etc/security/audit_warn to compress + audit trails on close: # # Compress audit trail files on close. From owner-svn-doc-all@FreeBSD.ORG Sat Mar 29 10:51:16 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 982A0341; Sat, 29 Mar 2014 10:51:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 856D220F; Sat, 29 Mar 2014 10:51:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2TApGRh025989; Sat, 29 Mar 2014 10:51:16 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2TApG0h025988; Sat, 29 Mar 2014 10:51:16 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201403291051.s2TApG0h025988@svn.freebsd.org> From: Gabor Pali Date: Sat, 29 Mar 2014 10:51:16 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44380 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Mar 2014 10:51:16 -0000 Author: pgj Date: Sat Mar 29 10:51:16 2014 New Revision: 44380 URL: http://svnweb.freebsd.org/changeset/doc/44380 Log: - Fix a typo in meganm's FreeBSD.org email address Spotted by: Barnerd (on IRC) Modified: head/share/xml/authors.ent Modified: head/share/xml/authors.ent ============================================================================== --- head/share/xml/authors.ent Fri Mar 28 21:08:05 2014 (r44379) +++ head/share/xml/authors.ent Sat Mar 29 10:51:16 2014 (r44380) @@ -1369,7 +1369,7 @@ mdodd@FreeBSD.org"> -meganm@FreeBSD.rgo"> +meganm@FreeBSD.org"> melifaro@FreeBSD.org"> From owner-svn-doc-all@FreeBSD.ORG Sat Mar 29 16:06:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A9DF6720; Sat, 29 Mar 2014 16:06:12 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 975F42B; Sat, 29 Mar 2014 16:06:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2TG6CfU057267; Sat, 29 Mar 2014 16:06:12 GMT (envelope-from pawel@svn.freebsd.org) Received: (from pawel@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2TG6C3b057266; Sat, 29 Mar 2014 16:06:12 GMT (envelope-from pawel@svn.freebsd.org) Message-Id: <201403291606.s2TG6C3b057266@svn.freebsd.org> From: Pawel Pekala Date: Sat, 29 Mar 2014 16:06:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44381 - head/en_US.ISO8859-1/articles/contributors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Mar 2014 16:06:12 -0000 Author: pawel (ports committer) Date: Sat Mar 29 16:06:12 2014 New Revision: 44381 URL: http://svnweb.freebsd.org/changeset/doc/44381 Log: Add Serguei Okladnikov for net/qjsonrpc PR: ports/187070 Modified: head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Modified: head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Sat Mar 29 10:51:16 2014 (r44380) +++ head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Sat Mar 29 16:06:12 2014 (r44381) @@ -9310,6 +9310,11 @@     + Serguei Okladnikov + oklaspec@gmail.com + + + Sevan Janiyan venture37@geeklan.co.uk From owner-svn-doc-all@FreeBSD.ORG Sat Mar 29 19:44:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C4C4FE7B; Sat, 29 Mar 2014 19:44:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B12D35F7; Sat, 29 Mar 2014 19:44:13 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2TJiDcw049555; Sat, 29 Mar 2014 19:44:13 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2TJiDmJ049554; Sat, 29 Mar 2014 19:44:13 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201403291944.s2TJiDmJ049554@svn.freebsd.org> From: Gabor Pali Date: Sat, 29 Mar 2014 19:44:13 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44382 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Mar 2014 19:44:13 -0000 Author: pgj Date: Sat Mar 29 19:44:13 2014 New Revision: 44382 URL: http://svnweb.freebsd.org/changeset/doc/44382 Log: - Add 2014Q1 status report entry for doceng Submitted by: gjb Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sat Mar 29 16:06:12 2014 (r44381) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sat Mar 29 19:44:13 2014 (r44382) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 3 entries and we hope you enjoy reading it.

    + contains 4 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -219,4 +219,28 @@ The &os; Foundation + + + &os; Documentation Engineering Team + + + + &os; Documentation Engineering Team + doceng@FreeBSD.org + + + + + Announcement of Warren Block's addition + + + +

    The &os; Documentation Engineering Team is responsible for + defining and following up documentation goals for the committers + in the Documentation project. The team is pleased to announce a + new member — &a.wblock;. In early March, the &os; + Documentation Engineering Team members assumed responsibility + for the &os; Webmaster Team.

    + +     From owner-svn-doc-all@FreeBSD.ORG Sat Mar 29 21:56:43 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0CC0C746; Sat, 29 Mar 2014 21:56:43 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DF995F64; Sat, 29 Mar 2014 21:56:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2TLugl9002567; Sat, 29 Mar 2014 21:56:42 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2TLugeb002566; Sat, 29 Mar 2014 21:56:42 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201403292156.s2TLugeb002566@svn.freebsd.org> From: Gabor Pali Date: Sat, 29 Mar 2014 21:56:42 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44383 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Mar 2014 21:56:43 -0000 Author: pgj Date: Sat Mar 29 21:56:42 2014 New Revision: 44383 URL: http://svnweb.freebsd.org/changeset/doc/44383 Log: - Add 2014Q1 quarterly report for the Ada ports Submitted by: marino Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sat Mar 29 19:44:13 2014 (r44382) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sat Mar 29 21:56:42 2014 (r44383) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 4 entries and we hope you enjoy reading it.

    + contains 5 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -243,4 +243,56 @@ for the &os; Webmaster Team.

    + + + &os; Ada Ports + + + + + John + Marino + + marino@FreeBSD.org + + + + + + SPARK 2014 + + + +

    Ada is a structured, statically typed, imperative, + wide-spectrum, and object-oriented high-level computer + programming language, extended from Pascal and other languages, + originally targeted at embedded and real-time systems. The + number of Ada ports in the collection has grown significantly + since the last report six months ago. There are almost 50 + Ada-related ports now, with new ones getting added the time.

    + +

    The previous plan was to move from the GCC 4.7-based GNAT + compiler to a GCC 4.8-based one, but finally GCC 4.8 was skipped + and now a GCC 4.9-based GNAT is the standard Ada compiler, which + fully supports the new ISO standard, Ada 2012. Moving to a + newer compiler allowed several important ports like PolyOrb and + GPRBuild to be upgraded to the latest available versions. In + fact, almost every Ada port is currrently at its most recent + upstream version.

    + +

    For non-Windows-based Ada development, &os; and DragonFly are + now undisputed as the go-to platforms. The other candidates are + Debian and Fedora, but there are few Ada software on those + platforms that are not also in &os; ports tree, but the versions are + much older. The Ports Collection also features software not found + anywhere else such as the USAFA's Ironsides DNS server, + libsparkcrypto, matreshka, GNATDroid (Android cross-compiler) and + several developer libraries.

    + +

    A desired addition to the Ada ports will be SPARK 2014 (see + links), which should cement &os; as an option for professional, + safety-critical application development. This package should + have its first release by early summer.

    + +     From owner-svn-doc-all@FreeBSD.ORG Sat Mar 29 22:04:03 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D0D72AAB; Sat, 29 Mar 2014 22:04:03 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BCEDD9B; Sat, 29 Mar 2014 22:04:03 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2TM43OK006594; Sat, 29 Mar 2014 22:04:03 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2TM43tI006593; Sat, 29 Mar 2014 22:04:03 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201403292204.s2TM43tI006593@svn.freebsd.org> From: Gabor Pali Date: Sat, 29 Mar 2014 22:04:03 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44384 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Mar 2014 22:04:03 -0000 Author: pgj Date: Sat Mar 29 22:04:03 2014 New Revision: 44384 URL: http://svnweb.freebsd.org/changeset/doc/44384 Log: - Insert an introductory sentence for the Chromium entry in the draft 2014Q1 status report Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sat Mar 29 21:56:42 2014 (r44383) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sat Mar 29 22:04:03 2014 (r44384) @@ -59,7 +59,11 @@ -

    Over the last four years the Chromium team has been busy with +

    Chromium is the open source web browser project from which + Google Chrome draws its source code. The browsers share the + majority of code and features, though there are some minor + differences in features and they have different licensing. Over + the last four years, the Chromium team has been busy with porting Chromium to &os;. This involves patching the browser so that it runs on &os;, tracking and documenting security updates, and merging patches back upstream.

    From owner-svn-doc-all@FreeBSD.ORG Sun Mar 30 02:18:49 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 12C872E0; Sun, 30 Mar 2014 02:18:49 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F1D9A61E; Sun, 30 Mar 2014 02:18:48 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2U2Imxw010205; Sun, 30 Mar 2014 02:18:48 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2U2ImCl010204; Sun, 30 Mar 2014 02:18:48 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403300218.s2U2ImCl010204@svn.freebsd.org> From: Warren Block Date: Sun, 30 Mar 2014 02:18:48 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44385 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 Mar 2014 02:18:49 -0000 Author: wblock Date: Sun Mar 30 02:18:48 2014 New Revision: 44385 URL: http://svnweb.freebsd.org/changeset/doc/44385 Log: Recover lost tags. Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Sat Mar 29 22:04:03 2014 (r44384) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Sun Mar 30 02:18:48 2014 (r44385) @@ -195,7 +195,7 @@ one is to lock an account, for example, to lock the toor account: - &prompt.root; pw lock toor + &prompt.root; pw lock toor This command will change the account from this toor:*:0:0::0:0:Bourne-again Superuser:/root: @@ -1284,7 +1284,7 @@ Verifying password - Password: KDC itself: - &prompt.user; kinit tillman + &prompt.user; kinit tillman tillman@EXAMPLE.ORG's Password: &prompt.user; klist @@ -1912,18 +1912,18 @@ There are quite a few fields but you can For some fields there will be a default value, If you enter '.', the field will be left blank. ----- -Country Name (2 letter code) [AU]:US -State or Province Name (full name) [Some-State]:PA -Locality Name (eg, city) []:Pittsburgh -Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Company -Organizational Unit Name (eg, section) []:Systems Administrator -Common Name (eg, YOUR name) []:localhost.example.org -Email Address []:trhodes@FreeBSD.org +Country Name (2 letter code) [AU]:US +State or Province Name (full name) [Some-State]:PA +Locality Name (eg, city) []:Pittsburgh +Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Company +Organizational Unit Name (eg, section) []:Systems Administrator +Common Name (eg, YOUR name) []:localhost.example.org +Email Address []:trhodes@FreeBSD.org Please enter the following 'extra' attributes to be sent with your certificate request -A challenge password []:SOME PASSWORD -An optional company name []:Another Name +A challenge password []:SOME PASSWORD +An optional company name []:Another Name Notice the response directly after the Common Name prompt shows a domain name. This prompt @@ -2013,12 +2013,12 @@ define(`confTLS_SRV_OPTIONS', `V')dnl

    For a simple test, connect to the mail server using &man.telnet.1;:     - &prompt.root; telnet example.com 25 + &prompt.root; telnet example.com 25 Trying 192.0.34.166... Connected to example.com. Escape character is '^]'. 220 example.com ESMTP Sendmail 8.12.10/8.12.10; Tue, 31 Aug 2004 03:41:22 -0400 (EDT) -ehlo example.com +ehlo example.com 250-example.com Hello example.com [192.0.34.166], pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING @@ -2223,9 +2223,9 @@ device crypto &prompt.root; ifconfig gif0 create - &prompt.root; ifconfig gif0 internal1 internal2 + &prompt.root; ifconfig gif0 internal1 internal2 - &prompt.root; ifconfig gif0 tunnel external1 external2 + &prompt.root; ifconfig gif0 tunnel external1 external2 In this example, the corporate LAN's external IP address is - &prompt.root; corp-net# route add 10.0.0.0 10.0.0.5 255.255.255.0 + &prompt.root; corp-net# route add 10.0.0.0 10.0.0.5 255.255.255.0 - &prompt.root; corp-net# route add net 10.0.0.0: gateway 10.0.0.5 + &prompt.root; corp-net# route add net 10.0.0.0: gateway 10.0.0.5 - &prompt.root; priv-net# route add 10.246.38.0 10.246.38.1 255.255.255.0 + &prompt.root; priv-net# route add 10.246.38.0 10.246.38.1 255.255.255.0 - &prompt.root; priv-net# route add host 10.246.38.0: gateway 10.246.38.1 + &prompt.root; priv-net# route add host 10.246.38.0: gateway 10.246.38.1 At this point, internal machines should be reachable from each gateway as well as from machines behind the @@ -2431,7 +2431,7 @@ Foreground mode. em0 with the network interface card as required: - &prompt.root; tcpdump -i em0 host 172.16.5.4 and dst 192.168.1.12 + &prompt.root; tcpdump -i em0 host 172.16.5.4 and dst 192.168.1.12 Data similar to the following should appear on the console. If not, there is an issue and debugging the @@ -2533,7 +2533,7 @@ racoon_enable="yes" &man.sshd.8;, specify the username and host to log into: - &prompt.root; ssh user@example.com + &prompt.root; ssh user@example.com Host key not found from the list of known hosts. Are you sure you want to continue connecting (yes/no)? yes Host 'example.com' added to the list of known hosts. @@ -2569,7 +2569,7 @@ user@example.com's password: Use &man.scp.1; to copy a file to or from a remote machine in a secure fashion. - &prompt.root; scp user@example.com:/COPYRIGHT COPYRIGHT + &prompt.root; scp user@example.com:/COPYRIGHT COPYRIGHT user@example.com's password: ******* COPYRIGHT 100% |*****************************| 4735 00:00 @@ -2594,7 +2594,7 @@ COPYRIGHT 100% |************* to generate DSA or RSA keys to authenticate a user: - &prompt.user; ssh-keygen -t dsa + &prompt.user; ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/home/user/.ssh/id_dsa): Created directory '/home/user/.ssh'. @@ -2704,7 +2704,7 @@ Identity added: /home/user/.ssh/id_dsa ( The following command tells &man.ssh.1; to create a tunnel for &man.telnet.1;: - &prompt.user; ssh -2 -N -f -L 5023:localhost:23 user@foo.example.com + &prompt.user; ssh -2 -N -f -L 5023:localhost:23 user@foo.example.com &prompt.user; This example uses the following options: @@ -2777,7 +2777,7 @@ Identity added: /home/user/.ssh/id_dsa ( Using &man.ssh.1; to Create a Secure Tunnel for SMTP - &prompt.user; ssh -2 -N -f -L 5025:localhost:25 user@mailserver.example.com + &prompt.user; ssh -2 -N -f -L 5025:localhost:25 user@mailserver.example.com user@mailserver.example.com's password: ***** &prompt.user; telnet localhost 5025 Trying 127.0.0.1... @@ -2803,7 +2803,7 @@ Escape character is '^]'. SSH server, and tunnel through to the mail server. - &prompt.user; ssh -2 -N -f -L 2110:mail.example.com:110 user@ssh-server.example.com + &prompt.user; ssh -2 -N -f -L 2110:mail.example.com:110 user@ssh-server.example.com user@ssh-server.example.com's password: ****** Once the tunnel is up and running, point the email @@ -2827,7 +2827,7 @@ user@ssh-server.example.com's password: connection to a machine outside of the network's firewall and use it to tunnel to the desired service. - &prompt.user; ssh -2 -N -f -L 8888:music.example.com:8000 user@unfirewalled-system.example.org + &prompt.user; ssh -2 -N -f -L 8888:music.example.com:8000 user@unfirewalled-system.example.org user@unfirewalled-system.example.org's password: ******* In this example, a streaming Ogg Vorbis client can now From owner-svn-doc-all@FreeBSD.ORG Sun Mar 30 02:23:31 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CD62F358; Sun, 30 Mar 2014 02:23:31 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BA07A6AD; Sun, 30 Mar 2014 02:23:31 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2U2NVUV013675; Sun, 30 Mar 2014 02:23:31 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2U2NViN013674; Sun, 30 Mar 2014 02:23:31 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403300223.s2U2NViN013674@svn.freebsd.org> From: Warren Block Date: Sun, 30 Mar 2014 02:23:31 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44386 - head/en_US.ISO8859-1/books/handbook/desktop X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 Mar 2014 02:23:31 -0000 Author: wblock Date: Sun Mar 30 02:23:31 2014 New Revision: 44386 URL: http://svnweb.freebsd.org/changeset/doc/44386 Log: Recover lost tags. Modified: head/en_US.ISO8859-1/books/handbook/desktop/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/desktop/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/desktop/chapter.xml Sun Mar 30 02:18:48 2014 (r44385) +++ head/en_US.ISO8859-1/books/handbook/desktop/chapter.xml Sun Mar 30 02:23:31 2014 (r44386) @@ -802,7 +802,7 @@ Once the package is installed, type the following command to launch Apache OpenOffice: - &prompt.user; openoffice-X.Y.Z + &prompt.user; openoffice-X.Y.Z where X.Y.Z is the version number of the installed version of Apache @@ -824,7 +824,7 @@ To build a localized version, replace the previous command with: - &prompt.root; make LOCALIZED_LANG=your_language install clean + &prompt.root; make LOCALIZED_LANG=your_language install clean Replace your_language with the correct From owner-svn-doc-all@FreeBSD.ORG Sun Mar 30 02:26:47 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 196A34AB; Sun, 30 Mar 2014 02:26:47 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EE1226C6; Sun, 30 Mar 2014 02:26:46 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2U2Qkwu014045; Sun, 30 Mar 2014 02:26:46 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2U2Qkkb014044; Sun, 30 Mar 2014 02:26:46 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201403300226.s2U2Qkkb014044@svn.freebsd.org> From: Gabor Pali Date: Sun, 30 Mar 2014 02:26:46 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44387 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 Mar 2014 02:26:47 -0000 Author: pgj Date: Sun Mar 30 02:26:46 2014 New Revision: 44387 URL: http://svnweb.freebsd.org/changeset/doc/44387 Log: - Add 2014Q1 status report entry for the Xfce team Submitted by: olivierd Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sun Mar 30 02:23:31 2014 (r44386) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sun Mar 30 02:26:46 2014 (r44387) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 5 entries and we hope you enjoy reading it.

    + contains 6 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -299,4 +299,82 @@ have its first release by early summer.

    + + + Xfce/&os; + + + + + &os; Xfce Team + + xfce@FreeBSD.org + + + + + + Development repository + + ports/183690 + + + +

    Xfce is a free software desktop environment for Unix and + Unix-like platforms, such as &os;. It aims to be fast and + lightweight, while still being visually appealing and easy to + use. The Xfce team continues to keep up-to-date each piece of + the Xfce Desktop.

    + +

    The latest commits concerned:

    + +
      +
    • Applications:
      • + +
        +
      • Midori (0.5.7)
        • +
      • xfburn (0.5.0)
        • +
      • xfce4-parole (0.5.4)
        • +
      • xfce4-taskmanager (1.0.1)
        • +
      • xfce4-tumbler (0.1.30)
        • +
      + +
    • Panel plugins:
      • + +
        +
      • xfce4-clipman-plugin (1.2.5)
        • +
      • xfce4-equake-plugin (1.3.4)
        • +
      • xfce4-wavelan-plugin (0.5.11)
        • +
      • xfce4-whiskermenu-plugin (1.3.2)
        • +
      +
    + +

    We also follow development of core components (available in + your repository). See link for documentation on how to upgrade + those libraries.

    + +
      +
    • garcon (0.3.0)
      • +
    • libxfce4menu (4.11.1)
      • +
    • libxfce4util (4.11.0)
      • +
    • xfce4-appfinder (4.11.0)
      • +
    • xfce4-desktop (4.11.4)
      • +
    • xfce4-dev-tools (4.11.0)
      • +
    • xfce4-panel (4.11.0)
      • +
    • xfce4-parole (0.6.0)
      • +
    • xfce4-settings (4.11.2)
      • +
    • xfce4-session (4.11.0)
      • +
    • xfce4-wm (4.11.1)
      • +
    • xfce4-xkb-plugin (0.7.0)
      • +
    + + + + Add support of DragonFly for xfce4-taskmanger. + + Finish to replace Tango icons theme by GNOME, in order to + close ports/183690 (see links, it remains + Midori). + +     From owner-svn-doc-all@FreeBSD.ORG Sun Mar 30 02:31:03 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 33D5151E; Sun, 30 Mar 2014 02:31:03 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 20E996D4; Sun, 30 Mar 2014 02:31:03 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2U2V2AV016318; Sun, 30 Mar 2014 02:31:02 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2U2V25m016317; Sun, 30 Mar 2014 02:31:02 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403300231.s2U2V25m016317@svn.freebsd.org> From: Warren Block Date: Sun, 30 Mar 2014 02:31:02 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44388 - head/en_US.ISO8859-1/books/handbook/l10n X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 Mar 2014 02:31:03 -0000 Author: wblock Date: Sun Mar 30 02:31:02 2014 New Revision: 44388 URL: http://svnweb.freebsd.org/changeset/doc/44388 Log: Recover lost tags. Modified: head/en_US.ISO8859-1/books/handbook/l10n/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/l10n/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/l10n/chapter.xml Sun Mar 30 02:26:46 2014 (r44387) +++ head/en_US.ISO8859-1/books/handbook/l10n/chapter.xml Sun Mar 30 02:31:02 2014 (r44388) @@ -321,7 +321,7 @@ me:\ new users or specified for an individual user.     If all new users use the same language, set - defaultclass = language in + defaultclass = language in /etc/adduser.conf. To override this setting when creating a user, either @@ -332,7 +332,7 @@ me:\ or specify the locale to set when invoking adduser: - &prompt.root; adduser -class language + &prompt.root; adduser -class language pw @@ -341,7 +341,7 @@ me:\ If pw is used to add new users, specify the locale as follows: - &prompt.root; pw useradd user_name -L language + &prompt.root; pw useradd user_name -L language From owner-svn-doc-all@FreeBSD.ORG Sun Mar 30 02:49:18 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 85EE35EE; Sun, 30 Mar 2014 02:49:18 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 66DCD868; Sun, 30 Mar 2014 02:49:18 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2U2nIGV022438; Sun, 30 Mar 2014 02:49:18 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2U2nIQi022437; Sun, 30 Mar 2014 02:49:18 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403300249.s2U2nIQi022437@svn.freebsd.org> From: Warren Block Date: Sun, 30 Mar 2014 02:49:18 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44389 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 Mar 2014 02:49:18 -0000 Author: wblock Date: Sun Mar 30 02:49:18 2014 New Revision: 44389 URL: http://svnweb.freebsd.org/changeset/doc/44389 Log: Recover lost tags. Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Sun Mar 30 02:31:02 2014 (r44388) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Sun Mar 30 02:49:18 2014 (r44389) @@ -560,20 +560,20 @@ add path 'da*' mode 0660 group operator< the user that is to mount the file system. One way to do that is for root to create a subdirectory owned by that user as - /mnt/username. In the following example, + /mnt/username. In the following example, replace username with the login name of the user and usergroup with the user's primary group: - &prompt.root; mkdir /mnt/username -&prompt.root; chown username:usergroup /mnt/username + &prompt.root; mkdir /mnt/username +&prompt.root; chown username:usergroup /mnt/username Suppose a USB thumbdrive is plugged in, and a device /dev/da0s1 appears. If the device is preformatted with a FAT file system, it can be mounted using: - &prompt.user; mount -t msdosfs -o -m=644,-M=755 /dev/da0s1 /mnt/username + &prompt.user; mount -t msdosfs -o -m=644,-M=755 /dev/da0s1 /mnt/username Before the device can be unplugged, it must be unmounted first. After device @@ -692,7 +692,7 @@ umass0: detached     file system that is an image of a directory tree in the &unix; file system name space. The simplest usage is: - &prompt.root; mkisofs -o imagefile.iso /path/to/tree + &prompt.root; mkisofs -o imagefile.iso /path/to/tree file systems @@ -783,7 +783,7 @@ umass0: detached     installed as /usr/sbin/burncd. Usage is very simple, as it has few options: - &prompt.root; burncd -f cddevice data imagefile.iso fixate + &prompt.root; burncd -f cddevice data imagefile.iso fixate This command will burn a copy of imagefile.iso on @@ -814,7 +814,7 @@ umass0: detached     usage is simple. Burning an ISO 9660 image is done with: - &prompt.root; cdrecord dev=device imagefile.iso + &prompt.root; cdrecord dev=device imagefile.iso The tricky part of using cdrecord is finding the to use. To find the proper @@ -881,7 +881,7 @@ scsibus1: Use cdrecord to write the .wav files: - &prompt.user; cdrecord -v dev=2,0 -dao -useinfo *.wav + &prompt.user; cdrecord -v dev=2,0 -dao -useinfo *.wav Make sure that 2,0 is set appropriately, as described in The ATAPI CD driver makes each track available as - /dev/acddtnn, where + /dev/acddtnn, where d is the drive number, and nn is the track number written with two decimal digits, prefixed with zero as needed. So @@ -936,7 +936,7 @@ scsibus1: files, and that burncd should fixate the disk when finished: - &prompt.root; burncd -f /dev/acd0 audio track1.cdr track2.cdr ... fixate + &prompt.root; burncd -f /dev/acd0 audio track1.cdr track2.cdr ... fixate @@ -1125,7 +1125,7 @@ cd0: Attempt to query device size failed mount a CD-ROM on /mnt, type the following: - &prompt.root; mount -t cd9660 /dev/cd0 /mnt + &prompt.root; mount -t cd9660 /dev/cd0 /mnt As root, run the following command to get the SCSI address @@ -1286,7 +1286,7 @@ cd0: Attempt to query device size failed /path/to/data, use the following command: - &prompt.root; growisofs -dvd-compat -Z /dev/cd0 -J -R /path/to/data + &prompt.root; growisofs -dvd-compat -Z /dev/cd0 -J -R /path/to/data In this example, is passed to &man.mkisofs.8; to create an ISO 9660 file system with Joliet @@ -1305,7 +1305,7 @@ cd0: Attempt to query device size failed To burn a pre-mastered image, such as imagefile.iso, use: - &prompt.root; growisofs -dvd-compat -Z /dev/cd0=imagefile.iso + &prompt.root; growisofs -dvd-compat -Z /dev/cd0=imagefile.iso The write speed should be detected and automatically set according to the media and the drive being used. To force the @@ -1326,11 +1326,11 @@ cd0: Attempt to query device size failed To create this type of ISO file: - &prompt.user; mkisofs -R -J -udf -iso-level 3 -o imagefile.iso /path/to/data + &prompt.user; mkisofs -R -J -udf -iso-level 3 -o imagefile.iso /path/to/data To burn files directly to a disk: - &prompt.root; growisofs -dvd-compat -udf -iso-level 3 -Z /dev/cd0 -J -R /path/to/data + &prompt.root; growisofs -dvd-compat -udf -iso-level 3 -Z /dev/cd0 -J -R /path/to/data When an ISO image already contains large files, no additional options are required for &man.growisofs.1; to @@ -1366,7 +1366,7 @@ cd0: Attempt to query device size failed /path/to/video, the following command should be used to burn the DVD-Video: - &prompt.root; growisofs -Z /dev/cd0 -dvd-video /path/to/video + &prompt.root; growisofs -Z /dev/cd0 -dvd-video /path/to/video is passed to &man.mkisofs.8; to instruct it to create a DVD-Video file system layout. @@ -1389,7 +1389,7 @@ cd0: Attempt to query device size failed is possible to use dvd+rw-format to format the DVD+RW: - &prompt.root; dvd+rw-format /dev/cd0 + &prompt.root; dvd+rw-format /dev/cd0 Only perform this operation once and keep in mind that only virgin DVD+RW medias need to be @@ -1401,7 +1401,7 @@ cd0: Attempt to query device size failed to be blanked first. Instead, write over the previous recording like this: - &prompt.root; growisofs -Z /dev/cd0 -J -R /path/to/newdata + &prompt.root; growisofs -Z /dev/cd0 -J -R /path/to/newdata The DVD+RW format supports appending data to a previous recording. This operation consists of @@ -1413,7 +1413,7 @@ cd0: Attempt to query device size failed For example, to append data to a DVD+RW, use the following: - &prompt.root; growisofs -M /dev/cd0 -J -R /path/to/nextdata + &prompt.root; growisofs -M /dev/cd0 -J -R /path/to/nextdata The same &man.mkisofs.8; options used to burn the initial session should be used during next writes. @@ -1427,7 +1427,7 @@ cd0: Attempt to query device size failed To blank the media, use: - &prompt.root; growisofs -Z /dev/cd0=/dev/zero + &prompt.root; growisofs -Z /dev/cd0=/dev/zero @@ -1451,7 +1451,7 @@ cd0: Attempt to query device size failed To blank a DVD-RW in sequential mode: - &prompt.root; dvd+rw-format -blank=full /dev/cd0 + &prompt.root; dvd+rw-format -blank=full /dev/cd0 A full blanking using will @@ -1461,7 +1461,7 @@ cd0: Attempt to query device size failed (DAO) mode. To burn the DVD-RW in DAO mode, use the command: - &prompt.root; growisofs -use-the-force-luke=dao -Z /dev/cd0=imagefile.iso + &prompt.root; growisofs -use-the-force-luke=dao -Z /dev/cd0=imagefile.iso Since &man.growisofs.1; automatically attempts to detect fast blanked media and engage DAO write, @@ -1477,7 +1477,7 @@ cd0: Attempt to query device size failed use the same instructions as for the other DVD formats: - &prompt.root; growisofs -Z /dev/cd0 -J -R /path/to/data + &prompt.root; growisofs -Z /dev/cd0 -J -R /path/to/data To append some data to a previous recording, use with &man.growisofs.1;. However, if data @@ -1495,11 +1495,11 @@ cd0: Attempt to query device size failed To put a DVD-RW in restricted overwrite format, the following command must be used: - &prompt.root; dvd+rw-format /dev/cd0 + &prompt.root; dvd+rw-format /dev/cd0 To change back to sequential format, use: - &prompt.root; dvd+rw-format -blank=full /dev/cd0 + &prompt.root; dvd+rw-format -blank=full /dev/cd0 @@ -1517,7 +1517,7 @@ cd0: Attempt to query device size failed session on a DVD+R, DVD-R, or DVD-RW in sequential format, will add a new session to the disc: - &prompt.root; growisofs -M /dev/cd0 -J -R /path/to/nextdata + &prompt.root; growisofs -M /dev/cd0 -J -R /path/to/nextdata Using this command with a DVD+RW or a DVD-RW in restricted overwrite mode will @@ -1540,7 +1540,7 @@ cd0: Attempt to query device size failed For More Information To obtain more information about a DVD, - use dvd+rw-mediainfo /dev/cd0 while the + use dvd+rw-mediainfo /dev/cd0 while the disc in the specified drive. More information about @@ -1580,9 +1580,9 @@ cd0: Attempt to query device size failed used. In this example, the whole disk space will be formatted with a standard UFS2 file system: - &prompt.root; dd if=/dev/zero of=/dev/acd0 bs=2k count=1 -&prompt.root; bsdlabel -Bw acd0 -&prompt.root; newfs /dev/acd0 + &prompt.root; dd if=/dev/zero of=/dev/acd0 bs=2k count=1 +&prompt.root; bsdlabel -Bw acd0 +&prompt.root; newfs /dev/acd0 The DVD device, acd0, must be changed according to the @@ -1591,7 +1591,7 @@ cd0: Attempt to query device size failed Once the DVD-RAM has been formatted, it can be mounted as a normal hard drive: - &prompt.root; mount /dev/acd0 /mnt + &prompt.root; mount /dev/acd0 /mnt Once mounted, the DVD-RAM will be both readable and writeable. @@ -1732,7 +1732,7 @@ cd0: Attempt to query device size failed An example of writing a single file to tape using &man.tar.1;: - &prompt.root; tar cvf /dev/sa0 file + &prompt.root; tar cvf /dev/sa0 file Recovering files from a &man.tar.1; archive on tape into the current directory: @@ -1943,7 +1943,7 @@ cd0: Attempt to query device size failed Backing Up the Current Directory With <command>tar</command> - &prompt.root; tar czvf /tmp/mybackup.tgz . + &prompt.root; tar czvf /tmp/mybackup.tgz . To restore the entire backup, cd into @@ -1957,7 +1957,7 @@ cd0: Attempt to query device size failed Restoring Up the Current Directory With <command>tar</command> - &prompt.root; tar xzvf /tmp/mybackup.tgz + &prompt.root; tar xzvf /tmp/mybackup.tgz There are dozens of available switches which are described @@ -1988,7 +1988,7 @@ cd0: Attempt to query device size failed Using<command>ls</command> and <command>cpio</command> to Make a Recursive Backup of the Current Directory - &prompt.root; ls -R | cpio -ovF /tmp/mybackup.cpio + &prompt.root; ls -R | cpio -ovF /tmp/mybackup.cpio @@ -2015,7 +2015,7 @@ cd0: Attempt to query device size failed Backing Up the Current Directory With <command>pax</command> - &prompt.root; pax -wf /tmp/mybackup.pax . + &prompt.root; pax -wf /tmp/mybackup.pax . @@ -2169,8 +2169,8 @@ cd0: Attempt to query device size failed Using <command>mdconfig</command> to Mount an Existing File System Image - &prompt.root; mdconfig -a -t vnode -f diskimage -u 0 -&prompt.root; mount /dev/md0 /mnt + &prompt.root; mdconfig -a -t vnode -f diskimage -u 0 +&prompt.root; mount /dev/md0 /mnt To create a new file system image with @@ -2180,18 +2180,18 @@ cd0: Attempt to query device size failed Creating a New File-Backed Disk with <command>mdconfig</command> - &prompt.root; dd if=/dev/zero of=newimage bs=1k count=5k + &prompt.root; dd if=/dev/zero of=newimage bs=1k count=5k 5120+0 records in 5120+0 records out -&prompt.root; mdconfig -a -t vnode -f newimage -u 0 -&prompt.root; bsdlabel -w md0 auto -&prompt.root; newfs md0a +&prompt.root; mdconfig -a -t vnode -f newimage -u 0 +&prompt.root; bsdlabel -w md0 auto +&prompt.root; newfs md0a /dev/md0a: 5.0MB (10224 sectors) block size 16384, fragment size 2048 using 4 cylinder groups of 1.25MB, 80 blks, 192 inodes. super-block backups (for fsck -b #) at: 160, 2720, 5280, 7840 -&prompt.root; mount /dev/md0a /mnt -&prompt.root; df /mnt +&prompt.root; mount /dev/md0a /mnt +&prompt.root; df /mnt Filesystem 1K-blocks Used Avail Capacity Mounted on /dev/md0a 4710 4 4330 0% /mnt @@ -2215,11 +2215,11 @@ Filesystem 1K-blocks Used Avail Capacity Configure and Mount a File-Backed Disk with <command>mdmfs</command> - &prompt.root; dd if=/dev/zero of=newimage bs=1k count=5k + &prompt.root; dd if=/dev/zero of=newimage bs=1k count=5k 5120+0 records in 5120+0 records out -&prompt.root; mdmfs -F newimage -s 5m md0 /mnt -&prompt.root; df /mnt +&prompt.root; mdmfs -F newimage -s 5m md0 /mnt +&prompt.root; df /mnt Filesystem 1K-blocks Used Avail Capacity Mounted on /dev/md0 4718 4 4338 0% /mnt @@ -2252,15 +2252,15 @@ Filesystem 1K-blocks Used Avail Capacity Creating a New Memory-Based Disk with <command>mdconfig</command> - &prompt.root; mdconfig -a -t swap -s 5m -u 1 -&prompt.root; newfs -U md1 + &prompt.root; mdconfig -a -t swap -s 5m -u 1 +&prompt.root; newfs -U md1 /dev/md1: 5.0MB (10240 sectors) block size 16384, fragment size 2048 using 4 cylinder groups of 1.27MB, 81 blks, 192 inodes. with soft updates super-block backups (for fsck -b #) at: 160, 2752, 5344, 7936 -&prompt.root; mount /dev/md1 /mnt -&prompt.root; df /mnt +&prompt.root; mount /dev/md1 /mnt +&prompt.root; df /mnt Filesystem 1K-blocks Used Avail Capacity Mounted on /dev/md1 4718 4 4338 0% /mnt @@ -2269,8 +2269,8 @@ Filesystem 1K-blocks Used Avail Capacity Creating a New Memory-Based Disk with <command>mdmfs</command> - &prompt.root; mdmfs -s 5m md2 /mnt -&prompt.root; df /mnt + &prompt.root; mdmfs -s 5m md2 /mnt +&prompt.root; df /mnt Filesystem 1K-blocks Used Avail Capacity Mounted on /dev/md2 4846 2 4458 0% /mnt @@ -2293,7 +2293,7 @@ Filesystem 1K-blocks Used Avail Capacity For example, to detach and free all resources used by /dev/md4: - &prompt.root; mdconfig -d -u 4 + &prompt.root; mdconfig -d -u 4 It is possible to list information about configured &man.md.4; devices by running @@ -2755,7 +2755,7 @@ Filesystem 1K-blocks Used Avail Capacity . For the purposes of this example, a new hard drive partition has been added as /dev/ad4s1c and - /dev/ad0s1* represents the existing + /dev/ad0s1* represents the existing standard &os; partitions. &prompt.root; ls /dev/ad* @@ -2869,7 +2869,7 @@ sector_size = 2048 &man.newfs.8; must be performed on an attached gbde partition which is - identified by a *.bde + identified by a *.bde extension to the device name. @@ -3114,7 +3114,7 @@ Reenter new passphrase: Enter passphrase: The new plaintext device will be named - /dev/da2.eli. + /dev/da2.eli. &prompt.root; ls /dev/da2* /dev/da2 /dev/da2.eli @@ -3234,7 +3234,7 @@ geli_da2_flags="-p -k /root/da2.key" - &prompt.root; dd if=/dev/random of=/dev/ad0s1b bs=1m + &prompt.root; dd if=/dev/random of=/dev/ad0s1b bs=1m Swap Encryption with &man.gbde.8; @@ -3587,16 +3587,16 @@ Device 1K-blocks Used Av primary-secondary operation using HAST to replicate the data between the two. The nodes will be called - hasta with an IP address of + hasta with an IP address of 172.16.0.1 and - hastb with an IP of address + hastb with an IP of address 172.16.0.2. Both nodes will have a - dedicated hard drive /dev/ad6 of the same + dedicated hard drive /dev/ad6 of the same size for HAST operation. The HAST pool, sometimes also referred to as a resource or the GEOM provider in - /dev/hast/, will be called - test. + /dev/hast/, will be called + test. Configuration of HAST is done using /etc/hast.conf. This file should be the @@ -3647,13 +3647,13 @@ Device 1K-blocks Used Av administrator, or software like Heartbeat, using &man.hastctl.8;. On the primary node, - hasta, issue + hasta, issue this command: &prompt.root; hastctl role primary test Similarly, run this command on the secondary node, - hastb: + hastb: &prompt.root; hastctl role secondary test @@ -3680,10 +3680,10 @@ Device 1K-blocks Used Av The next step is to create a file system on the - /dev/hast/test + /dev/hast/test GEOM provider and mount it. This must be done on the primary node, as - /dev/hast/test + /dev/hast/test appears only on the primary node. Creating the file system can take a few minutes, depending on the size of the hard drive: From owner-svn-doc-all@FreeBSD.ORG Sun Mar 30 02:56:53 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7254E66B; Sun, 30 Mar 2014 02:56:53 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5295A8F6; Sun, 30 Mar 2014 02:56:53 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2U2urd4026186; Sun, 30 Mar 2014 02:56:53 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2U2uroE026185; Sun, 30 Mar 2014 02:56:53 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403300256.s2U2uroE026185@svn.freebsd.org> From: Warren Block Date: Sun, 30 Mar 2014 02:56:53 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44390 - head/en_US.ISO8859-1/books/handbook/serialcomms X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 Mar 2014 02:56:53 -0000 Author: wblock Date: Sun Mar 30 02:56:52 2014 New Revision: 44390 URL: http://svnweb.freebsd.org/changeset/doc/44390 Log: Recover lost tags. Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Sun Mar 30 02:49:18 2014 (r44389) +++ head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Sun Mar 30 02:56:52 2014 (r44390) @@ -463,7 +463,7 @@ Call-in ports are named - /dev/ttyuN + /dev/ttyuN where N is the port number, starting from zero. Generally, the call-in port is used for terminals. Call-in ports require that the @@ -474,7 +474,7 @@ Call-out ports are named - /dev/cuauN. + /dev/cuauN. Call-out ports are usually not used for terminals, but are used for modems. The call-out port can be used if the serial cable or the terminal does not support the @@ -540,20 +540,20 @@ Most devices in the kernel are accessed through device special files which are located in - /dev. The + /dev. The sio devices are accessed through the - /dev/ttyuN + /dev/ttyuN (dial-in) and - /dev/cuauN + /dev/cuauN (call-out) devices. &os; also provides initialization devices - (/dev/ttyuN.init + (/dev/ttyuN.init and - /dev/cuauN.init) + /dev/cuauN.init) and locking devices - (/dev/ttyuN.lock + (/dev/ttyuN.lock and - /dev/cuauN.lock). + /dev/cuauN.lock). The initialization devices are used to initialize communications port parameters each time a port is opened, such as crtscts for modems which use @@ -573,8 +573,8 @@ cuau The - ttyuN (or - cuauN) + ttyuN (or + cuauN) is the regular device to open for applications. When a process opens the device, it will have a default set of terminal I/O settings. These settings can be viewed with the @@ -705,12 +705,12 @@ To connect from a client system that runs &os; to the serial connection of another system, use: - &prompt.root; cu -l serial-port-device + &prompt.root; cu -l serial-port-device Where serial-port-device is the name of a special device file denoting a serial port on the system. These device files are called - /dev/cuauN. + /dev/cuauN. The N-part of a device name is the serial port number. @@ -1409,7 +1409,7 @@ vq|VH57600|Very High Speed Modem at 5760 If the modem is locked at a different data rate, substitute the appropriate value for - std.speed + std.speed instead of std.19200. Make sure to use a valid type listed in /etc/gettytab. @@ -1637,7 +1637,7 @@ AT&B2&W If no getty processes are waiting to open the desired - ttyuN + ttyuN port, double-check the entries in /etc/ttys to see if there are any mistakes. Also, check @@ -1750,7 +1750,7 @@ AT&B2&W Or, use cu as root with the following command: - &prompt.root; cu -lline -sspeed + &prompt.root; cu -lline -sspeed line is the serial port, such as /dev/cuau0, and @@ -1816,7 +1816,7 @@ tip57600|Dial any phone number at 57600 Server Rather than waiting until connected and typing - CONNECT host + CONNECT host each time, use tip's cm capability. For example, these entries in /etc/remote will let you type @@ -1879,7 +1879,7 @@ big-university 5551114 set a variable. Type - ~sforce=single-char + ~sforce=single-char followed by a newline. single-char is any single character. If single-char is left out, then the @@ -1974,7 +1974,7 @@ raisechar=^^ To send files, start the receiving program on the remote end. Then, type ~C sz - files to send them to the + files to send them to the remote system. From owner-svn-doc-all@FreeBSD.ORG Sun Mar 30 03:01:17 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C66D988E; Sun, 30 Mar 2014 03:01:17 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 87F2F9CE; Sun, 30 Mar 2014 03:01:17 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2U31HgK030411; Sun, 30 Mar 2014 03:01:17 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2U31HBE030410; Sun, 30 Mar 2014 03:01:17 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201403300301.s2U31HBE030410@svn.freebsd.org> From: Warren Block Date: Sun, 30 Mar 2014 03:01:17 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44391 - head/en_US.ISO8859-1/books/handbook/virtualization X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 Mar 2014 03:01:17 -0000 Author: wblock Date: Sun Mar 30 03:01:16 2014 New Revision: 44391 URL: http://svnweb.freebsd.org/changeset/doc/44391 Log: Recover lost tags. Modified: head/en_US.ISO8859-1/books/handbook/virtualization/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/virtualization/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/virtualization/chapter.xml Sun Mar 30 02:56:52 2014 (r44390) +++ head/en_US.ISO8859-1/books/handbook/virtualization/chapter.xml Sun Mar 30 03:01:16 2014 (r44391) @@ -1160,7 +1160,7 @@ EndSection be added as members of this group. pw can be used to add new members: - &prompt.root; pw groupmod vboxusers -m yourusername + &prompt.root; pw groupmod vboxusers -m yourusername The default permissions for /dev/vboxnetctl are restrictive and need to be changed for bridged @@ -1195,7 +1195,7 @@ perm vboxnetctl 0660 users need to be members of operator: - &prompt.root; pw groupmod operator -m jerry + &prompt.root; pw groupmod operator -m jerry Then, add the following to /etc/devfs.rules, or create this file if @@ -1243,8 +1243,8 @@ add path 'usb/*' mode 0660 group operato In order for users to be able to use &virtualbox; DVD/CD functions, they - need access to /dev/xpt0, /dev/cdN, - and /dev/passN. + need access to /dev/xpt0, /dev/cdN, + and /dev/passN. This is usually achieved by making the user a member of operator. Permissions to these devices have to be corrected by adding the following lines to From owner-svn-doc-all@FreeBSD.ORG Sun Mar 30 20:44:41 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C3CF5A7A; Sun, 30 Mar 2014 20:44:41 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AF2FE987; Sun, 30 Mar 2014 20:44:41 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2UKifYb069891; Sun, 30 Mar 2014 20:44:41 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2UKifaW069890; Sun, 30 Mar 2014 20:44:41 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201403302044.s2UKifaW069890@svn.freebsd.org> From: Benedict Reuschling Date: Sun, 30 Mar 2014 20:44:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44392 - head/de_DE.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Sun, 30 Mar 2014 21:45:21 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 Mar 2014 20:44:41 -0000 Author: bcr Date: Sun Mar 30 20:44:41 2014 New Revision: 44392 URL: http://svnweb.freebsd.org/changeset/doc/44392 Log: Update to r43901. Most of the work on this patch was done by the submitter. I sprinkled some whitespace and typo fixes here and there, but nothing major. Submitted by: Bjoern Heidotting Obtained from: The FreeBSD German Documentation Project Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Sun Mar 30 03:01:16 2014 (r44391) +++ head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Sun Mar 30 20:44:41 2014 (r44392) @@ -5,7 +5,7 @@ $FreeBSD$ $FreeBSDde:$ - basiert auf: r43891 + basiert auf: r43901 --> Weiterfhrende Netzwerkthemen @@ -14,7 +14,7 @@ - + @@ -101,7 +101,7 @@ - + Routing @@ -555,7 +555,7 @@ host2.example.com link#1 - + Manuelle Konfiguration @@ -800,7 +800,7 @@ route_net2="-net 192.168.1.0/24 192.168. - + Netzwerke, drahtlos @@ -2521,7 +2521,7 @@ freebsdap 00:11:95:c3:0d:ac 1 - + Bluetooth @@ -3173,7 +3173,7 @@ rfcomm_sppd[94692]: Starting on /dev/tty - + Einfhrung @@ -3706,7 +3706,7 @@ BEGEMOT-BRIDGE-MIB::begemotBridgeDefault SharonBahagi - + lagg failover @@ -3715,110 +3715,120 @@ BEGEMOT-BRIDGE-MIB::begemotBridgeDefault loadbalance roundrobin - - Einleitung - Die &man.lagg.4;-Schnittstelle erlaubt die Aggregation von - mehreren Netzwerkadaptern als eine virtuelle Schnittstelle mit dem - Ziel, Ausfallsicherheit (Failover) und Hochgeschwindigkeitsverbindungen - bereitzustellen. - - - - Anwendungsoptionen + Die von &os; untersttzte &man.lagg.4;-Schnittstelle + erlaubt die Gruppierung von mehreren Netzwerkadaptern als eine + virtuelle Schnittstelle mit dem Ziel, Ausfallsicherheit + (Failover) und Link Aggregation bereitzustellen. Link + Aggregation funktioniert am besten mit Switches, welche + LACP untersttzen, da dieses Protokoll den + Datenverkehr bidirektional verteilt, whrend es auch auf den + Ausfall einzelner Verbindungen reagiert. + + Die von der lagg-Schnittstelle untersttzten Betriebsarten + bestimmten, welche Ports fr den ausgehenden Datenverkehr + benutzt werden, und ob ein bestimmter Port eingehenden + Datenverkehr akzeptiert. Folgende Betriebsarten werden von + &man.lagg.4; untersttzt: - - Ausfallsicherheit (Failover) - - - Sendet und empfngt Netzwerkverkehr nur auf dem - Masterport. Sollte der Masterport nicht zur Verfgung stehen, - wird der nchste aktive Port verwendet. Der zuerst - hinzugefgte Adapter wird zum Masterport, jeder weitere Adapter - dient als Gert zur Ausfallsicherheit. - + + failover (Ausfallsicherheit) + + Dieser Modus sendet und empfngt Datenverkehr nur + auf dem Masterport. Sollte der Masterport nicht zur + Verfgung stehen, wird der nchste aktive Port + verwendet. Der zuerst hinzugefgte Adapter der + virtuellen Schnittstelle wird zum Masterport, jeder + weitere Adapter dient als Gert zur Ausfallsicherheit. + Wenn ein Failover auf einem Nicht-Master Port + stattfindet, wird der ursprngliche Port wieder zum + Master-Port, sobald er wieder verfgbar ist. + - &cisco; Fast ðerchannel; - - - &cisco; Fast ðerchannel; (FEC), ist eine statische - Konfiguration und handelt weder Aggregation mit der Gegenstelle aus, - noch werden Frames zur berwachung der Verbindung ausgetauscht. - Wenn der Switch LACP untersttzt, sollte diese Option auch - verwendet werden. - - FEC balanciert den ausgehenden Verkehr - ber die aktiven Ports, basierend auf gehashten - Protokollheaderinformationen und akzeptiert eingehenden Verkehr auf - jedem aktiven Port. Der Hash enthlt die Ethernet-Quell- und - Zieladresse, und, falls verfgbar, den VLAN-Tag, sowie die - IPv4/IPv6 Quell- und Zieladresse. - - - - LACP - - - Das &ieee; 802.3ad Link-Aggregation Control Protokoll - (LACP) und das Marker Protocol. LACP wird eine Menge von - aggregierbaren Verbindungen mit der Gegenstelle in einer oder - mehreren Link Aggregated Groups (LAG) aushandeln. Jede LAG besteht - aus Ports der gleichen Geschwindigkeit, eingestellt auf - Voll-Duplex-Betrieb. Der Verkehr wird ber die Ports - in der LAG mit der grten Gesamtgeschwindigkeit - balanciert, in den meisten Fllen wird es nur eine LAG geben, - die alle Ports enthlt. Im Falle von nderungen in der - physischen Anbindung wird die Link-Aggregation schnell zu einer - neuen Konfiguration konvergieren. - - LACP balanciert ausgehenden Verkehr - ber die aktiven Ports basierend auf der gehashten - Protokollheaderinformation und akzeptiert eingehenden Verkehr auf - jedem aktiven Port. Der Hash beinhaltet die Ethernet-Quell- und - Zieladresse, und, soweit verfgbar, den VLAN-Tag, sowie die - IPv4/IPv6 Quell- und Zieladresse. - - - - Lastverteilung (Loadbalance) - - - Dabei handelt es sich um einen Alias des - FEC-Modus. - + + fec / loadbalance (Lastverteilung) + + &cisco; Fast ðerchannel; (FEC) + findet sich auf lteren &cisco; Switches. Es bietet + eine statische Konfiguration und handelt weder + Aggregation mit der Gegenstelle aus, noch werden Frames + zur berwachung der Verbindung ausgetauscht. Wenn der + Switch LACP untersttzt, sollte diese + Option auch verwendet werden. + - Round-Robin + + lacp + + Das &ieee; 802.3ad Link-Aggregation Control + Protokoll (LACP). Mit + LACP wird eine Menge von + aggregierbaren Verbindungen mit der Gegenstelle in einer + oder mehreren Link Aggregated Groups + (LAG) ausgehandelt. Jede + LAG besteht aus Ports der gleichen + Geschwindigkeit, eingestellt auf Voll-Duplex-Betrieb. + Der Verkehr wird ber die Ports in der + LAG mit der grten + Gesamtgeschwindigkeit balanciert. Typischerweise gibt + es nur eine LAG, die alle Ports + enthlt. Im Falle von nderungen in der physischen + Anbindung wird LACP schnell zu einer + neuen Konfiguration konvergieren. + + LACP balanciert ausgehenden + Verkehr ber die aktiven Ports basierend auf der + gehashten Protokollheaderinformation und akzeptiert + eingehenden Verkehr auf jedem aktiven Port. Der Hash + beinhaltet die Ethernet-Quell- und Zieladresse, und, + soweit verfgbar, den VLAN-Tag, + sowie die IPv4 oder + IPv6 Quell- und Zieladresse. + + - - Verteilt ausgehenden Verkehr mittels einer Round-Robin-Zuteilung - ber alle aktiven Ports und akzeptiert eingehenden Verkehr auf - jedem aktiven Port. Dieser Modus verletzt die Reihenfolge von - Ethernet-Frames und sollte mit Vorsicht eingesetzt werden. - - + + roundrobin + + Dieser Modus verteilt ausgehenden Verkehr mittels + einer Round-Robin-Zuteilung ber alle aktiven Ports und + akzeptiert eingehenden Verkehr auf jedem aktiven Port. + Da dieser Modus die Reihenfolge von Ethernet-Frames + verletzt, sollte er mit Vorsicht eingesetzt + werden. + + - Beispiele + Dieser Abschnitt zeigt, wie man einen &cisco; Switch und + ein &os;-System fr LACP Load Balancing + konfiguriert. Weiterhin wird gezeigt, wie man zwei + Ethernet-Schnittstellen, sowie eine Ethernet- und eine + Drahtlos-Schnittstelle fr den Failover-Modus konfigurieren + kann. + - LACP Aggregation mit einem Switch von &cisco; + <acronym>LACP</acronym> Aggregation mit einem Switch + von &cisco; - Dieses Beispiel verbindet zwei Adapter auf einer &os;-Maschine - mit dem Switch als eine einzelne, lastverteilte und ausfallsichere - Verbindung. Weitere Adapter knnen hinzugefgt werden, um - den Durchsatz zu erhhen und die Ausfallsicherheit zu steigern. - Da die Reihenfolge der Frames bei Ethernet zwingend eingehalten - werden muss, fliet auch jeglicher Verkehr zwischen zwei - Stationen ber den gleichen physischen Kanal, was die maximale - Geschwindigkeit der Verbindung auf die eines einzelnen Adapters - beschrnkt. Der bertragungsalgorithmus versucht, so viele - Informationen wie mglich zu verwenden, um die verschiedenen - Verkehrsflsse zu unterscheiden und balanciert diese ber - die verfgbaren Adapter. + Dieses Beispiel verbindet zwei Adapter auf einer + &os;-Maschine mit dem Switch als eine einzelne, + lastverteilte und ausfallsichere Verbindung. Weitere + Adapter knnen hinzugefgt werden, um den Durchsatz zu + erhhen und die Ausfallsicherheit zu steigern. Da die + Reihenfolge der Frames bei Ethernet zwingend eingehalten + werden muss, fliet auch jeglicher Verkehr zwischen zwei + Stationen ber den gleichen physischen Kanal, was die + maximale Geschwindigkeit der Verbindung auf die eines + einzelnen Adapters beschrnkt. Der bertragungsalgorithmus + versucht, so viele Informationen wie mglich zu verwenden, + um die verschiedenen Verkehrsflsse zu unterscheiden und + balanciert diese ber die verfgbaren Adapter. Fgen Sie auf dem &cisco;-Switch die Adapter FastEthernet0/1 und @@ -3836,24 +3846,25 @@ BEGEMOT-BRIDGE-MIB::begemotBridgeDefault Auf der Maschine mit &os; erstellen Sie die &man.lagg.4;-Schnittstelle unter Verwendung von fxp0 und - fxp1: - - &prompt.root; ifconfig lagg0 create -&prompt.root; ifconfig lagg0 up laggproto lacp laggport fxp0 laggport fxp1 - - berprfen Sie den Status der Schnittstelle, indem - Sie folgendes eingeben: + fxp1 und starten Sie + Schnittstelle mit der IP-Adresse + 10.0.0.3/24: + + &prompt.root; ifconfig fxp0 up +&prompt.root; ifconfig fxp1 up +&prompt.root; ifconfig lagg0 create +&prompt.root; ifconfig lagg0 up laggproto lacp laggport fxp0 laggport fxp1 10.0.0.3/24 + + Als nchstes, berprfen Sie den Status der virtuellen + Schnittstelle. Ports, die als ACTIVE + markiert sind, sind Teil der aktiven Aggregations-Gruppe, + die mit dem Switch ausgehandelt wurde und der Verkehr wird + ber diese bertragen und empfangen. Benutzen Sie die + ausfhrliche Ausgabe von &man.ifconfig.8;, um sich die + LAG-Bezeichner anzeigen zu lassen. - &prompt.root; ifconfig lagg0 - - Ports, die als ACTIVE markiert sind, sind - Teil der aktiven Aggregations-Gruppe, die mit dem Switch - ausgehandelt wurde und der Verkehr wird ber diese - bertragen und empfangen. Benutzen Sie die ausfhrliche - Ausgabe von &man.ifconfig.8;, um sich die LAG-Identifikatoren - anzeigen zu lassen. - - lagg0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 + &prompt.root; ifconfig lagg0 +lagg0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 00:05:5d:71:8d:b8 media: Ethernet autoselect @@ -3862,10 +3873,10 @@ BEGEMOT-BRIDGE-MIB::begemotBridgeDefault laggport: fxp1 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING> laggport: fxp0 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING> - Um den Status der Ports auf dem Switch anzuzeigen, geben Sie - show lacp neighbor ein: + Um den Status der Ports auf dem &cisco; Switch + anzuzeigen: - switch# show lacp neighbor + switch# show lacp neighbor Flags: S - Device is requesting Slow LACPDUs F - Device is requesting Fast LACPDUs A - Device is in Active mode P - Device is in Passive mode @@ -3881,30 +3892,46 @@ Fa0/2 SA 32768 0005.5d71.8d Benutzen Sie das Kommando show lacp neighbor detail, um weitere Informationen zu erhalten. + + Damit diese Konfiguration auch nach einem Neustart + erhalten bleibt, fgen Sie auf Ihrem &os;-System folgende + Eintrge in /etc/rc.conf hinzu: + + ifconfig_fxp0="up" +ifconfig_fxp1="up" +cloned_interfaces="lagg0 +ifconfig_lagg0="laggproto lacp laggport fxp0 laggport fxp1 10.0.0.3/24" + Ausfallsicherer Modus - Der ausfallsichere Modus kann verwendet werden, um zu einer - zweiten Schnittstelle zu wechseln, sollte die Verbindung mit der - Master-Schnittstelle ausfallen. Erstellen und konfigurieren Sie die - lagg0-Schnittstelle mit - fxp0 als Master und - fxp1 als die sekundre - Schnittstelle: - - &prompt.root; ifconfig lagg0 create -&prompt.root; ifconfig lagg0 up laggproto failover laggport fxp0 laggport fxp1 - - Die Schnittstelle wird so hnlich wie im folgenden - aussehen, mit dem groen Unterschied, dass die - MAC-Adresse und die Gertenamen - unterschiedlich sein werden: + Der ausfallsichere Modus kann verwendet werden, um zu + einer zweiten Schnittstelle zu wechseln, sollte die + Verbindung mit der Master-Schnittstelle ausfallen. Um den + ausfallsicheren Modus zu konfigurieren, stellen Sie sicher, + dass die zugrunde liegenden physikalischen Schnittstellen + aktiv sind. Erstellen Sie dann die + &man.lagg.4;-Schnittstelle. In diesem Beispiel ist + fxp0 die Master-Schnittstelle, + fxp1 die sekundre Schnittstelle, + und der virtuellen Schnittstelle wird die + IP-Adresse + 10.0.0.15/24 zugewiesen: + + &prompt.root; ifconfig fxp0 up +&prompt.root; ifconfig fxp1 up +&prompt.root; ifconfig lagg0 create +&prompt.root; ifconfig lagg0 up laggproto failover laggport fxp0 laggport fxp1 10.0.0.15/24 + + Die virtuelle Schnittstelle sollte in etwa so + aussehen: &prompt.root; ifconfig lagg0 lagg0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 00:05:5d:71:8d:b8 + inet 10.0.0.15 netmask 0xffffff00 broadcast 10.0.0.255 media: Ethernet autoselect status: active laggproto failover @@ -3912,42 +3939,53 @@ lagg0: flags=8843<UP,BROADCAST,RUNNIN laggport: fxp0 flags=5<MASTER,ACTIVE> Der Verkehr wird auf fxp0 - bertragen und empfangen. Wenn die Verbindung auf - fxp0 abbricht, so wird + bertragen und empfangen. Wenn die Verbindung auf + fxp0 abbricht, so wird fxp1 die Verbindung bernehmen. - Sobald die Verbindung auf der Master-Schnittstelle wiederhergestellt - ist, wird diese auch wieder als aktive Schnittstelle genutzt. + Sobald die Verbindung auf der Master-Schnittstelle + wiederhergestellt ist, wird diese auch wieder als aktive + Schnittstelle genutzt. + + Damit diese Konfiguration auch nach einem Neustart + erhalten bleibt, fgen Sie folgende Eintrge in + /etc/rc.conf hinzu: + + ifconfig_fxp0="up" +ifconfig_fxp1="up" +cloned_interfaces="lagg0 +ifconfig_lagg0="laggproto failover laggport fxp0 laggport fxp1 10.0.0.15/24" Failover Modus zwischen drahtgebundenen und drahtlosen Schnittstellen - Fr Laptop-Benutzer ist es normalerweise - wnschenswert, wireless als sekundre Schnittstelle - einzurichten, die verwendet wird, wenn die Verbindung via Kabel - nicht verfgbar ist. Mit &man.lagg.4; ist es mglich, - eine IP-Adresse fr die Kabelverbindung zu verwenden. - Sie ist leistungsfhig und sicher. Gleichzeitig haben Sie - die Mglichkeit Daten ber die drahtlose Verbindung - zu bertragen. - - In dieser Konfiguration, mssen wir die zugrunde - liegenden MAC-Adresse der WLAN-Schnittstelle - berschreiben, damit sie zur Adresse von &man.lagg.4; passt, - welche von der drahtgebundenen Masterschnittstelle vererbt - wurde. - - In dieser Konfiguration behandeln wir die drahtgebundene - Schnittstelle bge0 als die Master und - die drahtlose Schnittstelle wlan0 als - die Failover-Schnittstelle. Die wlan0 - wurde von der iwn0 mit der - MAC-Adresse der kabelgebundenen eingerichtet. - Im ersten Schritt erhalten wir die MAC-Adresse - der kabelgebundenen Schnittstelle: + Fr Laptop-Benutzer ist es normalerweise wnschenswert, + wireless als sekundre Schnittstelle einzurichten, die + verwendet wird, wenn die Ethernet-Verbindung nicht verfgbar + ist. Mit &man.lagg.4; ist es mglich, ein Failover zu + konfigurieren, welches die Ethernet-Verbindung aus + Performance- und Sicherheitsgrnden bevorzugt, whrend es + gleichzeitig mglich bleibt, Daten ber die drahtlose + Verbindung zu bertragen. + + Dies wird durch das berschreiben der + MAC-Adresse der drahtlosen Schnittstelle, + durch die der Ethernet-Schnittstelle erreicht. + + In dieser Konfiguration behandeln wir die + Ethernet-Schnittstelle bge0 als + die Master und die drahtlose Schnittstelle + wlan0 als die + Failover-Schnittstelle. Die + wlan0 wurde von der + iwn0 mit der + MAC-Adresse der Ethernet-Schnittstelle + eingerichtet. Im ersten Schritt ermitteln wir die + MAC-Adresse der + Ethernet-Schnittstelle: - &prompt.root; ifconfig bge0 + &prompt.root; ifconfig bge0 bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=19b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4> ether 00:21:70:da:ae:37 @@ -3956,12 +3994,13 @@ bge0: flags=8843<UP,BROADCAST,RUNNING media: Ethernet autoselect (1000baseT <full-duplex>) status: active - Sie knnen bge0 in - ihre tatschliche ndern und werden eine andere - ether-Zeile mit der - MAC-Adresse ihrer kabelgebundenen - Schnittstelle erhalten. Nun ndern wir die zugrunde liegende - drahtlose Schnittstelle iwn0: + Ersetzen Sie bge0 durch den + Namen der Ethernet-Schnittstelle Ihres Systems. Die + ether-Zeile wird die + MAC-Adresse der angegebenen Schnittstelle + enthalten. ndern Sie nun die + MAC-Adresse der zugrunde liegenden + Wireless-Schnittstelle: &prompt.root; ifconfig iwn0 ether 00:21:70:da:ae:37 @@ -3970,17 +4009,18 @@ bge0: flags=8843<UP,BROADCAST,RUNNING &prompt.root; ifconfig wlan0 create wlandev iwn0 ssid my_router up - Erstellen Sie die &man.lagg.4; Schnittstelle mit - bge0 als Master und - wlan0 als Failover falls - notwendig: + Stellen Sie sicher, dass die + bge0-Schnittstelle aktiv ist. + Erstellen Sie dann die &man.lagg.4;-Schnittstelle mit + bge0 als Master mit Failover auf + wlan0: - &prompt.root; ifconfig lagg0 create + &prompt.root; ifconfig bge0 up +&prompt.root; ifconfig lagg0 create &prompt.root; ifconfig lagg0 up laggproto failover laggport bge0 laggport wlan0 - Die Schnittstelle sieht nhlich aus, die Hauptunterschiede - werden die MAC-Adresse und die Gertenamen - sein: + Die virtuelle Schnittstelle sollte in etwa so + aussehen: &prompt.root; ifconfig lagg0 lagg0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 @@ -3992,9 +4032,9 @@ lagg0: flags=8843<UP,BROADCAST,RUNNIN laggport: wlan0 flags=0<> laggport: bge0 flags=5<MASTER,ACTIVE> - Um zu vermeiden, dass Sie dies nach jedem Neustart machen mssen, knnen Sie - etwas in der Art in ihre /etc/rc.conf - Datei schreiben: + Damit diese Konfiguration auch nach einem Neustart + erhalten bleibt, fgen Sie folgende Eintrge in + /etc/rc.conf hinzu: ifconfig_bge0="up" ifconfig_iwn0="ether 00:21:70:da:ae:37" @@ -4018,7 +4058,7 @@ ifconfig_lagg0="laggproto failover laggp - + plattenloser Arbeitsplatz @@ -4786,7 +4826,7 @@ cd /usr/src/etc; make distribution - + ISDN @@ -5118,7 +5158,7 @@ ISDN BRI Verbindung - + berblick @@ -5728,7 +5768,7 @@ round-trip min/avg/max/stddev = 2.530/2. - + Bei IPv6 (auch als IPng oder IP next generation @@ -6173,7 +6213,7 @@ rl0: flags=8943<UP,BROADCAST,RUNNING, - + <foreignphrase>Classical IP over ATM</foreignphrase> @@ -6365,7 +6405,7 @@ route_hostD="192.168.173.4 hatm0 0 102 l </authorgroup> </info> - + <indexterm><primary>CARP</primary></indexterm> <indexterm><primary>Common Address Redundancy Protocol (CARP)</primary></indexterm> From owner-svn-doc-all@FreeBSD.ORG Mon Mar 31 00:32:10 2014 Return-Path: <owner-svn-doc-all@FreeBSD.ORG> Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 295B16B0; Mon, 31 Mar 2014 00:32:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 16657E2E; Mon, 31 Mar 2014 00:32:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2V0W9dI071615; Mon, 31 Mar 2014 00:32:09 GMT (envelope-from brd@svn.freebsd.org) Received: (from brd@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2V0W9FI071614; Mon, 31 Mar 2014 00:32:09 GMT (envelope-from brd@svn.freebsd.org) Message-Id: <201403310032.s2V0W9FI071614@svn.freebsd.org> From: Brad Davis <brd@FreeBSD.org> Date: Mon, 31 Mar 2014 00:32:09 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44393 - head/en_US.ISO8859-1/books/handbook/network-servers X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" <svn-doc-all.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/svn-doc-all/> List-Post: <mailto:svn-doc-all@freebsd.org> List-Help: <mailto:svn-doc-all-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=subscribe> X-List-Received-Date: Mon, 31 Mar 2014 00:32:10 -0000 Author: brd Date: Mon Mar 31 00:32:09 2014 New Revision: 44393 URL: http://svnweb.freebsd.org/changeset/doc/44393 Log: - First pass at making the DNS section less BIND specific and mentioning Unbound. Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Sun Mar 30 20:44:41 2014 (r44392) +++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Mon Mar 31 00:32:09 2014 (r44393) @@ -2945,33 +2945,41 @@ dhcpd_ifaces="dc0"</programlisting> --> <title>Domain Name System (<acronym>DNS</acronym>) - BIND + DNS Domain Name System (DNS) is the protocol through which domain names are mapped to IP - addresses, and vice versa. By default, &os; installs the - Berkeley Internet Name Domain (BIND), which - is the most common implementation of the DNS - protocol. The &os; version provides enhanced security features, - a new file system layout, and automated &man.chroot.8; - configuration. BIND is maintained by the isc.org. It is not - necessary to run a name server to perform DNS - lookups on a system. + addresses, and vice versa. DNS is coordinated + across the Internet through a somewhat complex system of + authoritative root, Top Level Domain (TLD), + and other smaller-scale name servers, which host and cache + individual domain information. It is not necessary to run a name + server to perform DNS lookups on a system. - DNS - DNS is coordinated across the Internet - through a somewhat complex system of authoritative root, Top - Level Domain (TLD), and other smaller-scale - name servers, which host and cache individual domain - information. Table 28.4 describes some of the terms associated - with DNS: + BIND + + In &os; 10, the Berkeley Internet Name Domain + (BIND) has been removed from the base system + and replaced with Unbound. Unbound as configured in the &os; + Base is a local caching resolver. BIND is + still available from The Ports Collection as dns/bind99 or dns/bind98. In &os; 9 and lower, + BIND is included in &os; Base. The &os; + version provides enhanced security features, a new file system + layout, and automated &man.chroot.8; configuration. + BIND is maintained by the Internet Systems + Consortium. resolver reverse DNS root zone + The following table describes some of the terms associated + with DNS: + <acronym>DNS</acronym> Terminology From owner-svn-doc-all@FreeBSD.ORG Mon Mar 31 13:57:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 09347A29; Mon, 31 Mar 2014 13:57:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E9905FF7; Mon, 31 Mar 2014 13:57:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2VDvCoX007070; Mon, 31 Mar 2014 13:57:12 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2VDvCLU007069; Mon, 31 Mar 2014 13:57:12 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403311357.s2VDvCLU007069@svn.freebsd.org> From: Dru Lavigne Date: Mon, 31 Mar 2014 13:57:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44394 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Mar 2014 13:57:13 -0000 Author: dru Date: Mon Mar 31 13:57:12 2014 New Revision: 44394 URL: http://svnweb.freebsd.org/changeset/doc/44394 Log: As per discussion on freebsd-doc@, clarify wording of lagg definition. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Mon Mar 31 00:32:09 2014 (r44393) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Mon Mar 31 13:57:12 2014 (r44394) @@ -3329,8 +3329,8 @@ BEGEMOT-BRIDGE-MIB::begemotBridgeDefault &os; provides the &man.lagg.4; interface which can be used to aggregate multiple network interfaces into one virtual interface in order to provide failover and link aggregation. - Failover allows traffic to continue to flow even if an - interface becomes available. Link aggregation works best on + Failover allows traffic to continue to flow as long as at least one + aggregated network interface has an established link. Link aggregation works best on switches which support LACP, as this protocol distributes traffic bi-directionally while responding to the failure of individual links. From owner-svn-doc-all@FreeBSD.ORG Mon Mar 31 14:14:58 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B3E8EAE7; Mon, 31 Mar 2014 14:14:58 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 999BD29D; Mon, 31 Mar 2014 14:14:58 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2VEEws9015971; Mon, 31 Mar 2014 14:14:58 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2VEEwm6015970; Mon, 31 Mar 2014 14:14:58 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403311414.s2VEEwm6015970@svn.freebsd.org> From: Dru Lavigne Date: Mon, 31 Mar 2014 14:14:58 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44395 - head/en_US.ISO8859-1/books/handbook/audit X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Mar 2014 14:14:58 -0000 Author: dru Date: Mon Mar 31 14:14:58 2014 New Revision: 44395 URL: http://svnweb.freebsd.org/changeset/doc/44395 Log: Small corrections to audit chapter. Submitted by: Taras Korenko Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/audit/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/audit/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/audit/chapter.xml Mon Mar 31 13:57:12 2014 (r44394) +++ head/en_US.ISO8859-1/books/handbook/audit/chapter.xml Mon Mar 31 14:14:58 2014 (r44395) @@ -196,8 +196,10 @@ requirements. --> Audit Configuration User space support for event auditing is installed as part - of the base &os; operating system. Kernel support can be - enabled by adding the following line to + of the base &os; operating system. Kernel support is available + in the GENERIC kernel by default, + and &man.auditd.8; can be enabled + by adding the following line to /etc/rc.conf: auditd_enable="YES" @@ -217,10 +219,7 @@ requirements. --> Selection expressions are used in a number of places in the audit configuration to determine which events should be audited. Expressions contain a list of event classes to - match, each with a prefix indicating whether matching records - should be accepted or ignored, and optionally to indicate if - the entry is intended to match successful or failed - operations. Selection expressions are evaluated from left to + match. Selection expressions are evaluated from left to right, and two expressions are combined by appending one onto the other. @@ -383,10 +382,10 @@ requirements. -->
    These audit event classes may be customized by modifying - the audit_class and audit_ - event configuration files. + the audit_class and + audit_event configuration files.     - Each audit event class is combined with a prefix + Each audit event class may be combined with a prefix indicating whether successful/failed operations are matched, and whether the entry is adding or removing matching for the class and type. summarizes @@ -650,8 +649,8 @@ trailer,133 Since audit logs may be very large, a subset of records can be selected using auditreduce. This example selects all audit records produced for the user - trhodes stored in - AUDITFILE: + trhodes stored in + AUDITFILE: &prompt.root; auditreduce -u trhodes /var/audit/AUDITFILE | praudit @@ -739,8 +738,8 @@ trailer,133 Automatic rotation of the audit trail file based on file size is possible using in - audit.control as described in . + audit_control as described in . As audit trail files can become very large, it is often desirable to compress or otherwise archive trails once they From owner-svn-doc-all@FreeBSD.ORG Mon Mar 31 14:40:05 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6F3FD947; Mon, 31 Mar 2014 14:40:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5BFC47DD; Mon, 31 Mar 2014 14:40:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2VEe593025209; Mon, 31 Mar 2014 14:40:05 GMT (envelope-from skreuzer@svn.freebsd.org) Received: (from skreuzer@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2VEe5JO025208; Mon, 31 Mar 2014 14:40:05 GMT (envelope-from skreuzer@svn.freebsd.org) Message-Id: <201403311440.s2VEe5JO025208@svn.freebsd.org> From: Steven Kreuzer Date: Mon, 31 Mar 2014 14:40:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44396 - head/en_US.ISO8859-1/books/handbook/linuxemu X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Mar 2014 14:40:05 -0000 Author: skreuzer Date: Mon Mar 31 14:40:04 2014 New Revision: 44396 URL: http://svnweb.freebsd.org/changeset/doc/44396 Log: Replace archivers/rpm2cpio with archivers/rpm in section 11.2.3 since archivers/rpm is mentioned in the later sections. Remove -q from the rpm2cpio command since it is not a valid flag Reported by: David Demelier Approved by: hrs@ (mentor) Modified: head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml Mon Mar 31 14:14:58 2014 (r44395) +++ head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml Mon Mar 31 14:40:04 2014 (r44396) @@ -261,13 +261,13 @@ Abort     In order to install a &linux; RPM-based application, first install the - archivers/rpm2cpio package or port. Once + archivers/rpm package or port. Once installed, root can use this command to install a .rpm: &prompt.root; cd /compat/linux -&prompt.root; rpm2cpio -q < /path/to/linux.archive.rpm | cpio -id +&prompt.root; rpm2cpio < /path/to/linux.archive.rpm | cpio -id     If necessary, brandelf the installed ELF binaries. Note that this will prevent From owner-svn-doc-all@FreeBSD.ORG Mon Mar 31 15:03:21 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EB22632F; Mon, 31 Mar 2014 15:03:21 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BD17CAA4; Mon, 31 Mar 2014 15:03:21 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2VF3Lee036660; Mon, 31 Mar 2014 15:03:21 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2VF3LUF036658; Mon, 31 Mar 2014 15:03:21 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403311503.s2VF3LUF036658@svn.freebsd.org> From: Dru Lavigne Date: Mon, 31 Mar 2014 15:03:21 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44397 - head/en_US.ISO8859-1/books/handbook/mac X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Mar 2014 15:03:22 -0000 Author: dru Date: Mon Mar 31 15:03:21 2014 New Revision: 44397 URL: http://svnweb.freebsd.org/changeset/doc/44397 Log: As per discussion with trhodes, update Nagios example with the less verbose example suggested in PR148984. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mac/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Mon Mar 31 14:40:04 2014 (r44396) +++ head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Mon Mar 31 15:03:21 2014 (r44397) @@ -1463,37 +1463,28 @@ mac_seeotheruids_load="YES"# This is the default BIBA policy for this system. # System: -/var/run biba/equal -/var/run/* biba/equal +/var/run(/.*)? biba/equal -/dev biba/equal -/dev/* biba/equal +/dev/(/.*)? biba/equal /var biba/equal -/var/spool biba/equal -/var/spool/* biba/equal +/var/spool(/.*)? biba/equal -/var/log biba/equal -/var/log/* biba/equal +/var/log(/.*)? biba/equal -/tmp biba/equal -/tmp/* biba/equal -/var/tmp biba/equal -/var/tmp/* biba/equal +/tmp(/.*)? biba/equal +/var/tmp(/.*)? biba/equal /var/spool/mqueue biba/equal /var/spool/clientmqueue biba/equal # For Nagios: -/usr/local/etc/nagios -/usr/local/etc/nagios/* biba/10 +/usr/local/etc/nagios(/.*)? biba/10 -/var/spool/nagios biba/10 -/var/spool/nagios/* biba/10 +/var/spool/nagios(/.*)? biba/10 # For apache -/usr/local/etc/apache biba/10 -/usr/local/etc/apache/* biba/10 +/usr/local/etc/apache(/.*)? biba/10 This policy enforces security by setting restrictions on the flow of information. In this specific configuration, From owner-svn-doc-all@FreeBSD.ORG Mon Mar 31 16:36:58 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 609C2B42; Mon, 31 Mar 2014 16:36:58 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 40D85802; Mon, 31 Mar 2014 16:36:58 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2VGawPU074339; Mon, 31 Mar 2014 16:36:58 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2VGawMV074338; Mon, 31 Mar 2014 16:36:58 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403311636.s2VGawMV074338@svn.freebsd.org> From: Dru Lavigne Date: Mon, 31 Mar 2014 16:36:58 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44398 - head/en_US.ISO8859-1/books/handbook/mac X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Mar 2014 16:36:58 -0000 Author: dru Date: Mon Mar 31 16:36:57 2014 New Revision: 44398 URL: http://svnweb.freebsd.org/changeset/doc/44398 Log: Finish editorial review of MAC chapter. Switch examples to put the easiest one first. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mac/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Mon Mar 31 15:03:21 2014 (r44397) +++ head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Mon Mar 31 16:36:57 2014 (r44398) @@ -45,8 +45,8 @@ - Which MAC security policy modules - are included in &os; and their associated mechanisms. + The terminology associated with the + MAC framework. @@ -56,13 +56,13 @@ - How to efficiently configure a system to use the + The considerations to take into account before + configuring a system to use the MAC framework. - - How to configure the different security policy modules - included with the MAC framework. + Which MAC security policy modules + are included in &os; and how to configure them. @@ -1355,6 +1355,56 @@ test: biba/low     + + User Lock Down + + This example considers a relatively small storage system + with fewer than fifty users. Users will have login + capabilities and are permitted to store data and access + resources. + + For this scenario, the &man.mac.bsdextended.4; and + &man.mac.seeotheruids.4; policy modules could co-exist and block + access to system objects while hiding user processes. + + Begin by adding the following line to + /boot/loader.conf: + + mac_seeotheruids_load="YES" + + The &man.mac.bsdextended.4; security policy module may be + activated by adding this line to + /etc/rc.conf: + + ugidfw_enable="YES" + + Default rules stored in + /etc/rc.bsdextended will be loaded at + system initialization. However, the default entries may need + modification. Since this machine is expected only to service + users, everything may be left commented out except the last + two lines in order to force the loading of user owned system + objects by default. + + Add the required users to this machine and reboot. For + testing purposes, try logging in as a different user across + two consoles. Run ps aux to see if processes + of other users are visible. Verify that running &man.ls.1; on + another user's home directory fails. + + Do not try to test with the root user unless the specific + sysctls have been modified to block super + user access. + + + When a new user is added, their &man.mac.bsdextended.4; + rule will not be in the ruleset list. To update the ruleset + quickly, unload the security policy module and reload it again + using &man.kldunload.8; and &man.kldload.8;. + + + Nagios in a MAC Jail @@ -1362,19 +1412,22 @@ test: biba/low     Nagios in a MAC Jail - The following demonstration implements a secure - environment using various MAC modules - with properly configured policies. This is only a test as - implementing a policy and ignoring it could be disastrous in a + This section demonstrates the steps that are needed to + implement the Nagios network + monitoring system in a MAC environment. + This is meant as an example which still requires the administrator + to test that the implemented policy meets the security + requirements of the network before using in a production environment. - Before beginning this process, - must be set on each file system as not doing so will result in - errors. This example assumes that + This example requires + to be set on each file system. It also + assumes that net-mgmt/nagios-plugins, net-mgmt/nagios, and www/apache22 are all installed, configured, - and working correctly. + and working correctly before attempting the integration into the + MAC framework. Create an Insecure User Class @@ -1406,27 +1459,17 @@ test: biba/low     :ignoretime@:\ :label=biba/10(10-10): - Add the following line to the default user class: + Then, add the following line to the default user class section: :label=biba/high: - Next, issue the following command to rebuild the + Save the edits and issue the following command to rebuild the database: &prompt.root; cap_mkdb /etc/login.conf - Boot Configuration - - Add the following lines to - /boot/loader.conf: - - mac_biba_load="YES" -mac_seeotheruids_load="YES" - - - Configure Users Set the root @@ -1435,22 +1478,21 @@ mac_seeotheruids_load="YES"&prompt.root; pw usermod root -L default All user accounts that are not root or system users will now - require a login class. The login class is required otherwise - users will be refused access to common commands such as - &man.vi.1;. The following sh script should + class="username">root will now + require a login class. The login class is required, otherwise + users will be refused access to common commands. + The following sh script should do the trick: &prompt.root; for x in `awk -F: '($3 >= 1001) && ($3 != 65534) { print $1 }' \ /etc/passwd`; do pw usermod $x -L default; done; - Drop the nagios - and www users into + Next, drop the nagios + and www accounts into the insecure class: - &prompt.root; pw usermod nagios -L insecure - - &prompt.root; pw usermod www -L insecure + &prompt.root; pw usermod nagios -L insecure +&prompt.root; pw usermod www -L insecure @@ -1458,7 +1500,7 @@ mac_seeotheruids_load="YES"Create the Contexts File A contexts file should now be created as - /etc/policy.contexts. + /etc/policy.contexts: # This is the default BIBA policy for this system. @@ -1495,20 +1537,14 @@ mac_seeotheruids_load="YES"Nagios will be completely self contained or jailed. - This file will be read by the system by issuing the - following command: - - &prompt.root; setfsmac -ef /etc/policy.contexts / -&prompt.root; setfsmac -ef /etc/policy.contexts / + This file will be read after running + setfsmac on every file system. This + example sets the policy on the root file system: - - The above file system layout will differ depending - upon the environment and must be run on every file - system. - + &prompt.root; setfsmac -ef /etc/policy.contexts / - /etc/mac.conf requires the following - modifications in the main section: + Next, add these edits + to the main section of /etc/mac.conf: default_labels file ?biba default_labels ifnet ?biba @@ -1517,15 +1553,17 @@ default_labels socket ?biba - Enable Networking + Loader Configuration - Add the following line to + To finish the configuration, add the following lines to /boot/loader.conf: + + mac_biba_load="YES" +mac_seeotheruids_load="YES" +security.mac.biba.trust_all_interfaces=1 - security.mac.biba.trust_all_interfaces=1 - - And the following to the network card configuration stored - in rc.conf. If the primary Internet + And the following line to the network card configuration stored + in /etc/rc.conf. If the primary network configuration is done via DHCP, this may need to be configured manually after every system boot: @@ -1539,15 +1577,15 @@ default_labels socket ?bibaMAC Configuration Testing - Ensure that the web server and + First, ensure that the web server and Nagios will not be started on - system initialization and reboot. Ensure the root user cannot access any of + system initialization and reboot. Ensure that root cannot access any of the files in the Nagios configuration directory. If root can issue an &man.ls.1; - command on /var/spool/nagios, something - is wrong. Otherwise a permission denied error + class="username">root can list the contents of + /var/spool/nagios, something + is wrong. Instead, a permission denied error should be returned. If all seems well, Nagios, @@ -1560,8 +1598,8 @@ setpmac biba/10\(10-10\) /usr/local/etc/ Double check to ensure that everything is working properly. If not, check the log files for error messages. - Use &man.sysctl.8; to disable the &man.mac.biba.4; security - policy module enforcement and try starting everything again as + If needed, use &man.sysctl.8; to disable the &man.mac.biba.4; security + policy module and try starting everything again as usual. @@ -1583,56 +1621,6 @@ setpmac biba/10\(10-10\) /usr/local/etc/ - - User Lock Down - - This example considers a relatively small storage system - with fewer than fifty users. Users will have login - capabilities, and be permitted to store data and access - resources. - - For this scenario, the &man.mac.bsdextended.4; and - &man.mac.seeotheruids.4; policy modules could co-exist and block - access to system objects while hiding user processes. - - Begin by adding the following line to - /boot/loader.conf: - - mac_seeotheruids_load="YES" - - The &man.mac.bsdextended.4; security policy module may be - activated by adding this line to - /etc/rc.conf: - - ugidfw_enable="YES" - - Default rules stored in - /etc/rc.bsdextended will be loaded at - system initialization. However, the default entries may need - modification. Since this machine is expected only to service - users, everything may be left commented out except the last - two lines in order to force the loading of user owned system - objects by default. - - Add the required users to this machine and reboot. For - testing purposes, try logging in as a different user across - two consoles. Run ps aux to see if processes - of other users are visible. Verify that running &man.ls.1; on - another user's home directory fails. - - Do not try to test with the root user unless the specific - sysctls have been modified to block super - user access. - - - When a new user is added, their &man.mac.bsdextended.4; - rule will not be in the ruleset list. To update the ruleset - quickly, unload the security policy module and reload it again - using &man.kldunload.8; and &man.kldload.8;. - - - Troubleshooting the MAC Framework @@ -1640,14 +1628,16 @@ setpmac biba/10\(10-10\) /usr/local/etc/ MAC Troubleshooting - This section discusses common configuration issues. + This section discusses common configuration errors and how + to resolve them. - - - The flag does not stay - enabled on my root (/) - partition! + + + The flag does not stay + enabled on the root (/) + partition: + The following steps may resolve this transient error: @@ -1687,12 +1677,13 @@ setpmac biba/10\(10-10\) /usr/local/etc/ + - - After establishing a secure environment with - MAC, I am no longer able to start - Xorg! - + + After establishing a secure environment with + MAC, + Xorg no longer starts: + This could be caused by the MAC partition policy or by a mislabeling in one of the MAC labeling policies. To @@ -1700,7 +1691,7 @@ setpmac biba/10\(10-10\) /usr/local/etc/ - Check the error message; if the user is in the + Check the error message. If the user is in the insecure class, the partition policy may be the culprit. Try setting the user's class back to the @@ -1710,36 +1701,35 @@ setpmac biba/10\(10-10\) /usr/local/etc/ - Double-check the label policies. Ensure that the - policies are set correctly for the user, the Xorg - application, and the /dev + Double-check that the label policies + are set correctly for the user, Xorg, + and the /dev entries. If neither of these resolve the problem, send the error message and a description of the environment to - the &a.questions; mailing list. + the &a.questions;. + - - The error: _secure_path: unable to stat - .login_conf shows up. - - When a user attempts to switch from the + The _secure_path: unable to stat + .login_conf error appears: + + This error can appear when a user attempts to switch from the root user to another user in - the system, the error message _secure_path: - unable to stat .login_conf appears. - - This message is usually shown when the user has a higher + the system. This message usually occurs when the user has a higher label setting than that of the user they are attempting to - become. For instance, joe has a default label of - . The root user, who has a label - of , cannot view biba/low and root has a label + of , root cannot view joe's home directory. This will happen whether or not root has used @@ -1749,23 +1739,22 @@ setpmac biba/10\(10-10\) /usr/local/etc/ class="username">root to view objects set at a lower integrity level. + - - The system no longer recognizes the root user. - - In normal or even single user mode, the root is not recognized, - whoami returns 0 (zero), and + + The system no longer recognizes root: + + When this occurs, + whoami returns 0 and su returns who are you?. - This can happen if a labeling policy has been disabled, - either by a &man.sysctl.8; or the policy module was + This can happen if a labeling policy has been disabled + by &man.sysctl.8; or the policy module was unloaded. If the policy is disabled, the login capabilities - database needs to be reconfigured with - removed. Double check - login.conf to ensure that all + database needs to be reconfigured. Double check + /etc/login.conf to ensure that all options have been removed and rebuild the database with cap_mkdb. @@ -1778,6 +1767,7 @@ setpmac biba/10\(10-10\) /usr/local/etc/ the new label. Disable the policy using &man.sysctl.8; and everything should return to normal. - + +     From owner-svn-doc-all@FreeBSD.ORG Mon Mar 31 17:01:17 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EF6556BB; Mon, 31 Mar 2014 17:01:17 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DB475A86; Mon, 31 Mar 2014 17:01:17 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2VH1HrB083817; Mon, 31 Mar 2014 17:01:17 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2VH1HcW083816; Mon, 31 Mar 2014 17:01:17 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403311701.s2VH1HcW083816@svn.freebsd.org> From: Dru Lavigne Date: Mon, 31 Mar 2014 17:01:17 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44399 - head/en_US.ISO8859-1/books/handbook/mac X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Mar 2014 17:01:18 -0000 Author: dru Date: Mon Mar 31 17:01:17 2014 New Revision: 44399 URL: http://svnweb.freebsd.org/changeset/doc/44399 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mac/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Mon Mar 31 16:36:57 2014 (r44398) +++ head/en_US.ISO8859-1/books/handbook/mac/chapter.xml Mon Mar 31 17:01:17 2014 (r44399) @@ -1414,15 +1414,13 @@ test: biba/low This section demonstrates the steps that are needed to implement the Nagios network - monitoring system in a MAC environment. - This is meant as an example which still requires the administrator - to test that the implemented policy meets the security - requirements of the network before using in a - production environment. - - This example requires - to be set on each file system. It also - assumes that + monitoring system in a MAC environment. This + is meant as an example which still requires the administrator to + test that the implemented policy meets the security requirements + of the network before using in a production environment. + + This example requires to be set + on each file system. It also assumes that net-mgmt/nagios-plugins, net-mgmt/nagios, and www/apache22 are all installed, configured, @@ -1459,12 +1457,13 @@ test: biba/low :ignoretime@:\ :label=biba/10(10-10): - Then, add the following line to the default user class section: + Then, add the following line to the default user class + section: :label=biba/high: - Save the edits and issue the following command to rebuild the - database: + Save the edits and issue the following command to rebuild + the database: &prompt.root; cap_mkdb /etc/login.conf @@ -1478,22 +1477,21 @@ test: biba/low &prompt.root; pw usermod root -L default All user accounts that are not root will now - require a login class. The login class is required, otherwise - users will be refused access to common commands. - The following sh script should - do the trick: + class="username">root will now require a login + class. The login class is required, otherwise users will be + refused access to common commands. The following + sh script should do the trick: &prompt.root; for x in `awk -F: '($3 >= 1001) && ($3 != 65534) { print $1 }' \ /etc/passwd`; do pw usermod $x -L default; done; - Next, drop the nagios - and www accounts into - the insecure class: + Next, drop the nagios and www accounts into the insecure + class: &prompt.root; pw usermod nagios -L insecure &prompt.root; pw usermod www -L insecure - @@ -1528,8 +1526,8 @@ test: biba/low # For apache /usr/local/etc/apache(/.*)? biba/10 - This policy enforces security by setting restrictions - on the flow of information. In this specific configuration, + This policy enforces security by setting restrictions on + the flow of information. In this specific configuration, users, including root, should never be allowed to access Nagios. @@ -1537,14 +1535,14 @@ test: biba/low Nagios will be completely self contained or jailed. - This file will be read after running + This file will be read after running setfsmac on every file system. This example sets the policy on the root file system: &prompt.root; setfsmac -ef /etc/policy.contexts / - Next, add these edits - to the main section of /etc/mac.conf: + Next, add these edits to the main section of + /etc/mac.conf: default_labels file ?biba default_labels ifnet ?biba @@ -1557,15 +1555,16 @@ default_labels socket ?bibaTo finish the configuration, add the following lines to /boot/loader.conf: - + mac_biba_load="YES" mac_seeotheruids_load="YES" security.mac.biba.trust_all_interfaces=1 - And the following line to the network card configuration stored - in /etc/rc.conf. If the primary network - configuration is done via DHCP, this may - need to be configured manually after every system boot: + And the following line to the network card configuration + stored in /etc/rc.conf. If the primary + network configuration is done via DHCP, + this may need to be configured manually after every system + boot: maclabel biba/equal @@ -1580,13 +1579,13 @@ security.mac.biba.trust_all_interfaces=1 First, ensure that the web server and Nagios will not be started on system initialization and reboot. Ensure that root cannot access any of - the files in the Nagios - configuration directory. If root can list the contents of - /var/spool/nagios, something - is wrong. Instead, a permission denied error - should be returned. + class="username">root cannot access any of the + files in the Nagios configuration + directory. If root + can list the contents of + /var/spool/nagios, something is wrong. + Instead, a permission denied error should be + returned. If all seems well, Nagios, Apache, and @@ -1597,9 +1596,9 @@ setpmac biba/equal make start && setpmac biba/10\(10-10\) /usr/local/etc/rc.d/nagios.sh forcestart Double check to ensure that everything is working - properly. If not, check the log files for error messages. - If needed, use &man.sysctl.8; to disable the &man.mac.biba.4; security - policy module and try starting everything again as + properly. If not, check the log files for error messages. If + needed, use &man.sysctl.8; to disable the &man.mac.biba.4; + security policy module and try starting everything again as usual. @@ -1633,141 +1632,143 @@ setpmac biba/10\(10-10\) /usr/local/etc/ - The flag does not stay + The flag does not stay enabled on the root (/) partition: - - The following steps may resolve this transient - error: - - - - Edit /etc/fstab and set the - root partition to for - read-only. - - - - Reboot into single user mode. - - - - Run tunefs on /. - - - - Reboot the system. - - - - Run mount - / and change the - back to in - /etc/fstab and reboot the system - again. - - - - Double-check the output from - mount to ensure that - has been properly set on the - root file system. - - - - + + The following steps may resolve this transient + error: + + + + Edit /etc/fstab and set the + root partition to for + read-only. + + + + Reboot into single user mode. + + + + Run tunefs on /. + + + + Reboot the system. + + + + Run mount + / and change the + back to in + /etc/fstab and reboot the system + again. + + + + Double-check the output from + mount to ensure that + has been properly set on + the root file system. + + + + After establishing a secure environment with - MAC, - Xorg no longer starts: - - This could be caused by the MAC - partition policy or by a mislabeling in - one of the MAC labeling policies. To - debug, try the following: - - - - Check the error message. If the user is in the - insecure class, the - partition policy may be the culprit. - Try setting the user's class back to the - default class and rebuild the - database with cap_mkdb. If this does - not alleviate the problem, go to step two. - - - - Double-check that the label policies - are set correctly for the user, Xorg, - and the /dev - entries. - - - - If neither of these resolve the problem, send the - error message and a description of the environment to - the &a.questions;. - - - - + MAC, Xorg no + longer starts: + + This could be caused by the MAC + partition policy or by a mislabeling + in one of the MAC labeling policies. + To debug, try the following: + + + + Check the error message. If the user is in the + insecure class, the + partition policy may be the + culprit. Try setting the user's class back to the + default class and rebuild the + database with cap_mkdb. If this + does not alleviate the problem, go to step two. + + + + Double-check that the label policies are set + correctly for the user, + Xorg, and the + /dev entries. + + + + If neither of these resolve the problem, send the + error message and a description of the environment to + the &a.questions;. + + + + The _secure_path: unable to stat .login_conf error appears: - - This error can appear when a user attempts to switch from the root user to another user in - the system. This message usually occurs when the user has a higher - label setting than that of the user they are attempting to - become. For instance, if joe has a default label of - and root has a label - of , root cannot view joe's home directory. This - will happen whether or not root has used - su to become joe as the Biba integrity - model will not permit root to view objects set at - a lower integrity level. - - + + This error can appear when a user attempts to switch + from the root + user to another user in the system. This message + usually occurs when the user has a higher label setting + than that of the user they are attempting to become. + For instance, if joe has a default label + of and root has a label of + , root cannot view + joe's home + directory. This will happen whether or not root has used + su to become joe as the Biba + integrity model will not permit root to view objects set + at a lower integrity level. + + The system no longer recognizes root: - - When this occurs, - whoami returns 0 and - su returns who are - you?. - - This can happen if a labeling policy has been disabled - by &man.sysctl.8; or the policy module was - unloaded. If the policy is disabled, the login capabilities - database needs to be reconfigured. Double check - /etc/login.conf to ensure that all - options have been removed and rebuild - the database with cap_mkdb. - - This may also happen if a policy restricts access to - master.passwd. This is usually caused - by an administrator altering the file under a label which - conflicts with the general policy being used by the system. - In these cases, the user information would be read by the - system and access would be blocked as the file has inherited - the new label. Disable the policy using &man.sysctl.8; and - everything should return to normal. - - - + + When this occurs, whoami returns + 0 and su returns + who are you?. + + This can happen if a labeling policy has been + disabled by &man.sysctl.8; or the policy module was + unloaded. If the policy is disabled, the login + capabilities database needs to be reconfigured. Double + check /etc/login.conf to ensure + that all options have been + removed and rebuild the database with + cap_mkdb. + + This may also happen if a policy restricts access to + master.passwd. This is usually + caused by an administrator altering the file under a + label which conflicts with the general policy being used + by the system. In these cases, the user information + would be read by the system and access would be blocked + as the file has inherited the new label. Disable the + policy using &man.sysctl.8; and everything should return + to normal. + + + From owner-svn-doc-all@FreeBSD.ORG Mon Mar 31 17:56:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5ED29608; Mon, 31 Mar 2014 17:56:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 316A9F4F; Mon, 31 Mar 2014 17:56:13 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2VHuD7p007677; Mon, 31 Mar 2014 17:56:13 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2VHuDQ4007676; Mon, 31 Mar 2014 17:56:13 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403311756.s2VHuDQ4007676@svn.freebsd.org> From: Dru Lavigne Date: Mon, 31 Mar 2014 17:56:13 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44400 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Mar 2014 17:56:13 -0000 Author: dru Date: Mon Mar 31 17:56:12 2014 New Revision: 44400 URL: http://svnweb.freebsd.org/changeset/doc/44400 Log: Editorial review of Process Accounting. This section is a bit lean. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Mon Mar 31 17:01:17 2014 (r44399) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Mon Mar 31 17:56:12 2014 (r44400) @@ -3492,12 +3492,17 @@ UWWemqWuz3lAZuORQ9KX their allocation among users, provide for system monitoring, and minimally track a user's commands. - This indeed has both positive and negative points. One + Process accounting has both positive and negative points. One of the positives is that an intrusion may be narrowed down to the point of entry. A negative is the amount of logs generated by process accounting, and the disk space they may require. This section walks an administrator through the basics of process accounting. + + + If more fine-grained accounting is needed, refer to + . + Enabling and Utilizing Process Accounting @@ -3513,16 +3518,17 @@ UWWemqWuz3lAZuORQ9KX Once enabled, accounting will begin to track information such as CPU statistics and executed commands. All accounting logs are in a non-human readable - format which can be viewed using &man.sa.8;. If issued - without any options, &man.sa.8; prints information relating to + format which can be viewed using sa. If issued + without any options, sa prints information relating to the number of per-user calls, the total elapsed time in minutes, total CPU and user time in - minutes, and the average number of I/O operations. - - To view information about commands being issued, use - &man.lastcomm.1;. This command displays the commands issued - by users on specific &man.ttys.5;. For example, this command - prints out all known usage of &man.ls.1; by I/O operations. Refer to + &man.sa.8; for the list of available options which control the + output. + + To display the commands issued + by users, use lastcomm. For example, this command + prints out all usage of ls by trhodes on the ttyp1 terminal: From owner-svn-doc-all@FreeBSD.ORG Mon Mar 31 18:52:57 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C579DA05; Mon, 31 Mar 2014 18:52:57 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A5B9C7E2; Mon, 31 Mar 2014 18:52:57 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2VIqvJ2031769; Mon, 31 Mar 2014 18:52:57 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2VIqvtk031768; Mon, 31 Mar 2014 18:52:57 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403311852.s2VIqvtk031768@svn.freebsd.org> From: Dru Lavigne Date: Mon, 31 Mar 2014 18:52:57 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44401 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Mar 2014 18:52:57 -0000 Author: dru Date: Mon Mar 31 18:52:57 2014 New Revision: 44401 URL: http://svnweb.freebsd.org/changeset/doc/44401 Log: Editorial review of Resource Limits. rctl(8) does not mention its kernel config options. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Mon Mar 31 17:56:12 2014 (r44400) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Mon Mar 31 18:52:57 2014 (r44401) @@ -3553,95 +3553,99 @@ UWWemqWuz3lAZuORQ9KX Resource limits - For years, &os; has used a resource limits database + Traditionally, &os; used a resource limits database controlled through a flat file, - /etc/login.conf. While it has been - discussed previously and is still supported, it is not the most - optimal method of controlling resources. The flat file requires - users to be divided into various group labels known as classes, - which require changes not only to this flat file but also the - password database. Potentially a single, more constrained user - would require an additional label to be added, the resource - database rebuilt using cap_mkdb, and edits - made to /etc/master.passwd. In addition, - the password database must be rebuilt using - pwd_mkdb. This multi-step process could be - very time consuming depending on how many users must be - singled out. - - A new command in &os;, &man.rctl.8;, allows for a more fine - grained method of controlling resources limits for users. This - command will support much more than users, it will also set + /etc/login.conf. While this method + is still supported, any changes require a multi-step process of + editing this file in order to divide users into various group labels known as classes, + rebuilding the resource database using + cap_mkdb, making necessary changes + to /etc/master.passwd, and rebuilding + the password database using + pwd_mkdb. This could be + time consuming, depending upon the number of users to + configure. + + Beginning with &os; 9.0-RELEASE, + rctl can be used to provide a more fine-grained + method of controlling resources limits for users. This + command supports much more than users as it can be used to set resource constraints on processes, jails, and the original login class. These advanced features provide administrators and users with methods to control resources through the command line and - set rules on system initialization using a configuration + to set rules on system initialization using a configuration file. - To enable this feature, add these lines to - GENERIC, or the custom kernel - configuration file, and rebuild.: + + Enabling and Configuring Resource Limits + + By default, kernel support for rctl is + not built-in, meaning that the kernel will first need to be + recompiled using the instructions in . Add these lines to either + GENERIC or a custom kernel + configuration file, then rebuild the kernel: options RACCT options RCTL - The entire system will need rebuilt. See , which will provide instructions for - the process. Once this is complete, + Once the system has rebooted into the new kernel, rctl may be used to set rules for the system. - Rule syntax is simple, controlled through the use of - a subject, a - subject-id, resource, - and action. Take the following example + Rule syntax is controlled through the use of + a subject, + subject-id, resource, + and action, as seen in this example rule: - user:trhodes:maxproc:deny=10/user + user:trhodes:maxproc:deny=10/user - This rule shows a basic premise of a rule, here the subject - is user and the subject-id is - trhodes. The maxproc is, of course, max - number of processes, which is considered the resource. The - action here is set to deny, which blocks any - new processes from being created. In the previous example, the - user, trhodes will be constrained to - 10 (ten) processes and no greater. Other - actions are available and could be log to the console, pass a - notification to &man.devd.8;, or send a sigterm to the + In this rule, the subject + is user, the subject-id is + trhodes, the resource, + maxproc, is the maximum + number of processes, and the + action is deny, which blocks any + new processes from being created. This means that the + user, trhodes, will be constrained to no greater than + 10 processes. Other possible + actions include logging to the console, passing a + notification to &man.devd.8;, or sending a sigterm to the process. - Some care must be taken while adding rules. The one above - will unfortunately block my user from doing the most simple - tasks after I have logged in and executed a - screen session. When a resource limit has + Some care must be taken when adding rules. Since this user + is constrained to 10 processes, this example + will prevent the user from performing other + tasks after logging in and executing a + screen session. Once a resource limit has been hit, an error will be printed, as in this example: &prompt.user; man test /usr/bin/man: Cannot fork: Resource temporarily unavailable eval: Cannot fork: Resource temporarily unavailable - For another example, &man.rctl.8; can be used to prevent - a jail from exceeding a memory limit. This rule could be + As another example, + a jail can be prevented from exceeding a memory limit. This rule could be written as: &prompt.root; rctl -a jail:httpd:memoryuse:deny=2G/jail - Rules may also persist across reboots if they have been + Rules will persist across reboots if they have been added to /etc/rctl.conf. The format is a rule, without the preceding command. For example, the previous - rule could be added like the following: + rule could be added as: # Block jail from using more than 2G memory: jail:httpd:memoryuse:deny=2G/jail - To remove a rule, just ask rctl to + To remove a rule, use rctl to remove it from the list: &prompt.root; rctl -r user:trhodes:maxproc:deny=10/user - The manual page shows a method for removing all rules; - however, if removing all rules for a single user is required, + A method for removing all rules is documented in &man.rctl.8;. + However, if removing all rules for a single user is required, this command may be issued: &prompt.root; rctl -r user:trhodes @@ -3649,5 +3653,6 @@ jail:httpd:memoryuse:deny=2G/jailMany other resources exist which can be used to exert additional control over various subjects. See &man.rctl.8; to learn about them. + From owner-svn-doc-all@FreeBSD.ORG Mon Mar 31 19:55:45 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 80BE6238; Mon, 31 Mar 2014 19:55:45 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6D5F2D97; Mon, 31 Mar 2014 19:55:45 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2VJtj07057151; Mon, 31 Mar 2014 19:55:45 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2VJtjVR057150; Mon, 31 Mar 2014 19:55:45 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201403311955.s2VJtjVR057150@svn.freebsd.org> From: Gabor Pali Date: Mon, 31 Mar 2014 19:55:45 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44402 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Mar 2014 19:55:45 -0000 Author: pgj Date: Mon Mar 31 19:55:44 2014 New Revision: 44402 URL: http://svnweb.freebsd.org/changeset/doc/44402 Log: - Add a 2014Q1 report on the PCI SR-IOV infrastructure Submitted by: rstone Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Mar 31 18:52:57 2014 (r44401) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Mar 31 19:55:44 2014 (r44402) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 6 entries and we hope you enjoy reading it.

    + contains 7 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -31,6 +31,12 @@ + kern + + Kernel + + + ports Ports @@ -377,4 +383,66 @@ Midori). + + + PCI SR-IOV Infrastructure + + + + + Ryan + Stone + + rstone@FreeBSD.org + + + + + Work in progress on GitHub + + + +

    PCI Single Root I/O Virtualization (SR-IOV) is an optional part + of the PCIe standard that provides hardware acceleration for the + virtualization of PCIe devices. When SR-IOV is in use, a + function in a PCI device (known as a Physical Function, or PF) + will present multiple Virtual PCI Functions (VF) on the PCI bus. + These VFs are fully independent PCI devices that have + access to the resources of the PF. For example, on a network + interface card VFs could transmit and receive packets + independent of the PF.

    + +

    The most obvious use case for SR-IOV is virtualization. A + hypervisor like bhyve could instantiate a VF for every VM and + use PCI passthrough to assign the VFs to the VMs. This would + allow multiple VMs to share access to the PCI device without + having to do any expensive communication with the hypervisor, + greatly increasing performance of performing I/O from a VM.

    + +

    There are two parts to this project. The first is implementing + an API in the PCI subsystem for the creating VFs and configuring + standard PCI features like BARs. The second part is updating + individual drivers for PCI devices that support SR-IOV to + configure their VFs. For example, a network interface driver + will typically have to assign a MAC address to a VF and + configure the interface to route packets destined for that MAC + address to the VF.

    + +

    At this point only SR-IOV support for the ixgbe(4) + driver is planned. The PCI subsystem API is designed to be + generic and should support SR-IOV on any device, but fairly + extensive driver work is necessary to support SR-IOV, which is + currently not planned due to lack of time and hardware.

    + +

    At present, ixgbe(4) is able to create VFs and the + ixgbevf driver is able to pass traffic. There is still + a fair amount of work to support VLAN tags, multicast addresses + and other features on the VFs. Also, the VF configuration needs + to be better integrated with the PF initialization path to + ensure that resets of the PF do not interrupt operation of the + VFs.

    + + + Sandvine, Inc +     From owner-svn-doc-all@FreeBSD.ORG Mon Mar 31 20:39:26 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BC0BB527; Mon, 31 Mar 2014 20:39:26 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A7B4022D; Mon, 31 Mar 2014 20:39:26 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2VKdQLN074658; Mon, 31 Mar 2014 20:39:26 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2VKdQ87074657; Mon, 31 Mar 2014 20:39:26 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403312039.s2VKdQ87074657@svn.freebsd.org> From: Dru Lavigne Date: Mon, 31 Mar 2014 20:39:26 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44403 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Mar 2014 20:39:26 -0000 Author: dru Date: Mon Mar 31 20:39:26 2014 New Revision: 44403 URL: http://svnweb.freebsd.org/changeset/doc/44403 Log: Editorial review of ACL chapter. Still need a section on ZFS and ACLs. This section would benefit from more usage examples and a more complete description of how ACLs augment tradiational permissions. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Mon Mar 31 19:55:44 2014 (r44402) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Mon Mar 31 20:39:26 2014 (r44403) @@ -72,7 +72,7 @@ - How to use filesystem ACLs. + How to use file system ACLs. @@ -1734,7 +1734,7 @@ kadmind5_server_enable="YES"KDC to the users, hosts or services. This means that a trojanned &man.kinit.1; could record all - user names and passwords. Filesystem integrity checking + user names and passwords. File system integrity checking tools like security/tripwire can alleviate this.     @@ -2927,8 +2927,7 @@ user@unfirewalled-system.example.org's p - Filesystem Access Control Lists - (<acronym>ACL</acronym>)s + Access Control Lists TomRhodesContributed @@ -2940,10 +2939,10 @@ user@unfirewalled-system.example.org's p ACL - Filesystem Access Control Lists (ACLs) + Access Control Lists (ACLs) extend the standard &unix; permission model in a &posix;.1e - compatible way. This permits an administrator to make use of - and take advantage of a more sophisticated security + compatible way. This permits an administrator to + take advantage of a more fine-grained permissions model. The &os; GENERIC kernel provides @@ -2955,58 +2954,56 @@ user@unfirewalled-system.example.org's p options UFS_ACL If this option is not compiled in, a warning message will be - displayed when attempting to mount a filesystem supporting - ACLs. ACLs rely on - extended attributes being enabled on the filesystem. Extended - attributes are natively supported in + displayed when attempting to mount a file system with + ACL support. ACLs rely on + extended attributes which + are natively supported in UFS2. - - A higher level of administrative overhead is required to - configure extended attributes on UFS1 - than on UFS2. The performance of - extended attributes on UFS2 is also - substantially higher. As a result, UFS2 - is recommended for use with ACLs. - + This chapter describes how to enable + ACL support and provides some usage + examples. + + + Enabling <acronym>ACL</acronym> Support ACLs are enabled by the mount-time administrative flag, , which may be added to /etc/fstab. The mount-time flag can also be automatically set in a persistent manner using &man.tunefs.8; to modify a superblock ACLs - flag in the filesystem header. In general, it is preferred + flag in the file system header. In general, it is preferred to use the superblock flag for several reasons: - The mount-time ACLs flag cannot be - changed by a remount using . It - requires a complete &man.umount.8; and fresh &man.mount.8;. + The superblock flag cannot be + changed by a remount using as it + requires a complete umount and fresh mount. This means that ACLs cannot be enabled on - the root filesystem after boot. It also means that the - disposition of a filesystem cannot be changed once it is in + the root file system after boot. It also means that + ACL support on + a file system cannot be changed while the system is in use. - Setting the superblock flag will cause the filesystem + Setting the superblock flag causes the file system to always be mounted with ACLs enabled, even if there is not an fstab entry or if the devices re-order. This prevents accidental - mounting of the filesystem without ACLs - enabled, which can result in the security problem of - ACLs being improperly enforced. + mounting of the file system without ACL + support. It is desirable to discourage accidental mounting without - ACLs enabled, because nasty things can + ACLs enabled because nasty things can happen if ACLs are enabled, then disabled, then re-enabled without flushing the extended attributes. In general, once ACLs are enabled on a - filesystem, they should not be disabled, as the resulting file + file system, they should not be disabled, as the resulting file protections may not be compatible with those intended by the users of the system, and re-enabling ACLs may re-attach the previous ACLs to files @@ -3014,9 +3011,9 @@ user@unfirewalled-system.example.org's p unpredictable behavior. - Filesystems with ACLs enabled will - show a + (plus) sign in their permission - settings when viewed. For example: + File systems with ACLs enabled will + show a plus (+) sign in their permission + settings: drwx------ 2 robert robert 512 Dec 27 11:54 private drwxrwx---+ 2 robert robert 512 Dec 23 10:57 directory1 @@ -3031,12 +3028,13 @@ drwxr-xr-x 2 robert robert 512 Nov 10 are all taking advantage of ACLs, whereas public_html is not. +     - Making Use of <acronym>ACL</acronym>s + Using <acronym>ACL</acronym>s - Filesystem ACLs can be viewed using - &man.getfacl.1;. For instance, to view the + File system ACLs can be viewed using + getfacl. For instance, to view the ACL settings on test: @@ -3049,25 +3047,29 @@ drwxr-xr-x 2 robert robert 512 Nov 10 other::r-- To change the ACL settings on this - file, use &man.setfacl.1;: - - &prompt.user; setfacl -k test - - To remove all of the currently defined - ACLs from a file or filesystem, one can use + file, use setfacl. To remove all of the currently defined + ACLs from a file or file system, include . However, the preferred method is to use as it leaves the basic fields required for ACLs to work. + &prompt.user; setfacl -k test + + To modify the default ACL entries, use + : + &prompt.user; setfacl -m u:trhodes:rwx,group:web:r--,o::--- test - In this example, is used to modify the - default ACL entries. Since there were no + In this example, there were no pre-defined entries, as they were removed by the previous - command, it restores the default options and assign the + command. This command restores the default options and assigns the options listed. If a user or group is added which does not exist on the system, an Invalid argument error will be displayed. + + Refer to &man.getfacl.1; and &man.setfacl.1; for more + information about the options available for these + commands. From owner-svn-doc-all@FreeBSD.ORG Mon Mar 31 21:09:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6EBA9E49; Mon, 31 Mar 2014 21:09:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 59C606D8; Mon, 31 Mar 2014 21:09:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2VL9aAx087254; Mon, 31 Mar 2014 21:09:36 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2VL9aKA087253; Mon, 31 Mar 2014 21:09:36 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201403312109.s2VL9aKA087253@svn.freebsd.org> From: Dru Lavigne Date: Mon, 31 Mar 2014 21:09:36 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44404 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Mar 2014 21:09:36 -0000 Author: dru Date: Mon Mar 31 21:09:35 2014 New Revision: 44404 URL: http://svnweb.freebsd.org/changeset/doc/44404 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Mon Mar 31 20:39:26 2014 (r44403) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Mon Mar 31 21:09:35 2014 (r44404) @@ -2514,12 +2514,12 @@ racoon_enable="yes" compatible with both SSH version 1 and 2 protocols.     - When data is sent over the network in an unencrypted form, - network sniffers anywhere in between the client and server - can steal user/password information or data transferred - during the session. OpenSSH offers - a variety of authentication and encryption methods to prevent - this from happening. + When data is sent over the network in an unencrypted form, + network sniffers anywhere in between the client and server can + steal user/password information or data transferred during the + session. OpenSSH offers a variety of + authentication and encryption methods to prevent this from + happening. Using the SSH Client Utilities @@ -2587,14 +2587,14 @@ COPYRIGHT 100% |************* arguments takes the form . - - Key-based Authentication + + Key-based Authentication - Instead of using passwords, &man.ssh-keygen.1; can be used - to generate DSA or RSA - keys to authenticate a user: + Instead of using passwords, &man.ssh-keygen.1; can be + used to generate DSA or + RSA keys to authenticate a user: - &prompt.user; ssh-keygen -t dsa + &prompt.user; ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/home/user/.ssh/id_dsa): Created directory '/home/user/.ssh'. @@ -2605,179 +2605,182 @@ Your public key has been saved in /home/ The key fingerprint is: bb:48:db:f2:93:57:80:b6:aa:bc:f5:d5:ba:8f:79:17 user@host.example.com - &man.ssh-keygen.1; will create a public and private key - pair for use in authentication. The private key is stored - in ~/.ssh/id_dsa or - ~/.ssh/id_rsa, whereas the public key - is stored in ~/.ssh/id_dsa.pub or - ~/.ssh/id_rsa.pub, respectively for the - DSA and RSA key types. - The public key must be placed in - ~/.ssh/authorized_keys on the - remote machine for both RSA or - DSA keys in order for the setup to - work. - - This setup allows connections to the remote machine based - upon SSH keys instead of passwords. - - - Many users believe that keys are secure by design and - will use a key without a passphrase. This is - dangerous behavior and the method - an administrator may use to verify keys have a passphrase - is to view the key manually. If the private key file - contains the word ENCRYPTED the key - owner is using a passphrase. While it may still be a weak - passphrase, at least if the system is compromised, access - to other sites will still require some level of password - guessing. In addition, to better secure end users, the - from may be placed in the public key - file. For example, adding - from="192.168.10.5 in the front of - ssh-rsa or rsa-dsa - prefix will only allow that specific user to login from - that host IP. - - - - The various options and files can be different according - to the OpenSSH version. To avoid - problems, consult &man.ssh-keygen.1;. - - - If a passphrase is used in &man.ssh-keygen.1;, the user - will be prompted for the passphrase each time in order to use - the private key. To load SSH keys into memory for use, - without needing to type the passphrase each time, use - &man.ssh-agent.1; and &man.ssh-add.1;. - - Authentication is handled by &man.ssh-agent.1;, using the - private key(s) that are loaded into it. Then, - &man.ssh-agent.1; should be used to launch another - application. At the most basic level, it could spawn a shell - or a window manager. - - To use &man.ssh-agent.1; in a shell, start it with a shell - as an argument. Next, add the identity by running - &man.ssh-add.1; and providing it the passphrase for the - private key. Once these steps have been completed, the user - will be able to &man.ssh.1; to any host that has the - corresponding public key installed. For example: + &man.ssh-keygen.1; will create a public and private key + pair for use in authentication. The private key is stored + in ~/.ssh/id_dsa or + ~/.ssh/id_rsa, whereas the public key + is stored in ~/.ssh/id_dsa.pub or + ~/.ssh/id_rsa.pub, respectively for the + DSA and RSA key types. + The public key must be placed in + ~/.ssh/authorized_keys on the remote + machine for both RSA or + DSA keys in order for the setup to + work. + + This setup allows connections to the remote machine + based upon SSH keys instead of + passwords. + + + Many users believe that keys are secure by design and + will use a key without a passphrase. This is + dangerous behavior and the method an + administrator may use to verify keys have a passphrase is + to view the key manually. If the private key file + contains the word ENCRYPTED the key + owner is using a passphrase. While it may still be a weak + passphrase, at least if the system is compromised, access + to other sites will still require some level of password + guessing. In addition, to better secure end users, the + from may be placed in the public key + file. For example, adding + from="192.168.10.5 in the front of + ssh-rsa or rsa-dsa + prefix will only allow that specific user to login from + that host IP. + + + + The various options and files can be different + according to the OpenSSH + version. To avoid problems, consult + &man.ssh-keygen.1;. + + + If a passphrase is used in &man.ssh-keygen.1;, the user + will be prompted for the passphrase each time in order to + use the private key. To load SSH keys + into memory for use, without needing to type the passphrase + each time, use &man.ssh-agent.1; and &man.ssh-add.1;. + + Authentication is handled by &man.ssh-agent.1;, using + the private key(s) that are loaded into it. Then, + &man.ssh-agent.1; should be used to launch another + application. At the most basic level, it could spawn a + shell or a window manager. + + To use &man.ssh-agent.1; in a shell, start it with a + shell as an argument. Next, add the identity by running + &man.ssh-add.1; and providing it the passphrase for the + private key. Once these steps have been completed, the user + will be able to &man.ssh.1; to any host that has the + corresponding public key installed. For example: - &prompt.user; ssh-agent csh + &prompt.user; ssh-agent csh &prompt.user; ssh-add Enter passphrase for /home/user/.ssh/id_dsa: Identity added: /home/user/.ssh/id_dsa (/home/user/.ssh/id_dsa) &prompt.user; - To use &man.ssh-agent.1; in - &xorg;, a call to &man.ssh-agent.1; - needs to be placed in ~/.xinitrc. This - provides the &man.ssh-agent.1; services to all programs - launched in &xorg;. An example - ~/.xinitrc might look like - this: - - exec ssh-agent startxfce4 - - This launches &man.ssh-agent.1;, which in turn launches - XFCE, every time - &xorg; starts. Once - &xorg; has been restarted so that - the changes can take effect, run &man.ssh-add.1; to load all - of the SSH keys. - + To use &man.ssh-agent.1; in + &xorg;, a call to + &man.ssh-agent.1; needs to be placed in + ~/.xinitrc. This provides the + &man.ssh-agent.1; services to all programs launched in + &xorg;. An example + ~/.xinitrc might look like this: + + exec ssh-agent startxfce4 + + This launches &man.ssh-agent.1;, which in turn launches + XFCE, every time + &xorg; starts. Once + &xorg; has been restarted so that + the changes can take effect, run &man.ssh-add.1; to load all + of the SSH keys. + - - <acronym>SSH</acronym> Tunneling + + <acronym>SSH</acronym> Tunneling - - OpenSSH - tunneling - + + OpenSSH + tunneling + + + OpenSSH has the ability to + create a tunnel to encapsulate another protocol in an + encrypted session. - OpenSSH has the ability to - create a tunnel to encapsulate another protocol in an - encrypted session. + The following command tells &man.ssh.1; to create a + tunnel for &man.telnet.1;: - The following command tells &man.ssh.1; to create a - tunnel for &man.telnet.1;: - - &prompt.user; ssh -2 -N -f -L 5023:localhost:23 user@foo.example.com + &prompt.user; ssh -2 -N -f -L 5023:localhost:23 user@foo.example.com &prompt.user; - This example uses the following options: + This example uses the following options: + + + + + + + Forces &man.ssh.1; to use version 2 to connect to + the server. + + + + + + + + Indicates no command, or tunnel only. If omitted, + &man.ssh.1; initiates a normal session. + + + + + + + + Forces &man.ssh.1; to run in the + background. + + + + + + + + Indicates a local tunnel in + localport:remotehost:remoteport + format. + + + + + + + + The login name to use on the specified remote + SSH server. + + + + + An SSH tunnel works by creating a + listen socket on localhost on the + specified port. It then forwards any connections received + on the local host/port via the SSH + connection to the specified remote host and port. + + In the example, port 5023 on + localhost is forwarded to port + 23 on + localhost of the remote machine. + Since 23 is used by + &man.telnet.1;, this creates an encrypted &man.telnet.1; + session through an SSH tunnel. + + This can be used to wrap any number of insecure TCP + protocols such as SMTP, POP3, and FTP. - - - - - - Forces &man.ssh.1; to use version 2 to connect to - the server. - - - - - - - - Indicates no command, or tunnel only. If omitted, - &man.ssh.1; initiates a normal session. - - - - - - - - Forces &man.ssh.1; to run in the background. - - - - - - - - Indicates a local tunnel in - localport:remotehost:remoteport - format. - - - - - - - - The login name to use on the specified remote - SSH server. - - - - - An SSH tunnel works by creating a - listen socket on localhost on the - specified port. It then forwards any connections received on - the local host/port via the SSH connection - to the specified remote host and port. - - In the example, port 5023 on - localhost is forwarded to port - 23 on - localhost of the remote machine. - Since 23 is used by &man.telnet.1;, - this creates an encrypted &man.telnet.1; session through an - SSH tunnel. - - This can be used to wrap any number of insecure TCP - protocols such as SMTP, POP3, and FTP. - - - Using &man.ssh.1; to Create a Secure Tunnel for - SMTP + + Using &man.ssh.1; to Create a Secure Tunnel for + SMTP - &prompt.user; ssh -2 -N -f -L 5025:localhost:25 user@mailserver.example.com + &prompt.user; ssh -2 -N -f -L 5025:localhost:25 user@mailserver.example.com user@mailserver.example.com's password: ***** &prompt.user; telnet localhost 5025 Trying 127.0.0.1... @@ -2785,14 +2788,15 @@ Connected to localhost. Escape character is '^]'. 220 mailserver.example.com ESMTP - This can be used in conjunction with &man.ssh-keygen.1; - and additional user accounts to create a more seamless - SSH tunneling environment. Keys can be - used in place of typing a password, and the tunnels can be - run as a separate user. - + This can be used in conjunction with + &man.ssh-keygen.1; and additional user accounts to create + a more seamless SSH tunneling + environment. Keys can be used in place of typing a + password, and the tunnels can be run as a separate + user. + - + Secure Access of a POP3 Server In this example, there is an SSH @@ -2939,11 +2943,10 @@ user@unfirewalled-system.example.org's p ACL - Access Control Lists (ACLs) - extend the standard &unix; permission model in a &posix;.1e - compatible way. This permits an administrator to - take advantage of a more fine-grained permissions - model. + Access Control Lists (ACLs) extend the + standard &unix; permission model in a &posix;.1e compatible way. + This permits an administrator to take advantage of a more + fine-grained permissions model. The &os; GENERIC kernel provides ACL support for UFS file @@ -2956,78 +2959,76 @@ user@unfirewalled-system.example.org's p If this option is not compiled in, a warning message will be displayed when attempting to mount a file system with ACL support. ACLs rely on - extended attributes which - are natively supported in + extended attributes which are natively supported in UFS2. This chapter describes how to enable ACL support and provides some usage examples. - - Enabling <acronym>ACL</acronym> Support + + Enabling <acronym>ACL</acronym> Support - ACLs are enabled by the mount-time - administrative flag, , which may be added - to /etc/fstab. The mount-time flag can - also be automatically set in a persistent manner using - &man.tunefs.8; to modify a superblock ACLs - flag in the file system header. In general, it is preferred - to use the superblock flag for several reasons: - - - - The superblock flag cannot be - changed by a remount using as it - requires a complete umount and fresh mount. - This means that ACLs cannot be enabled on - the root file system after boot. It also means that - ACL support on - a file system cannot be changed while the system is in - use. - - - - Setting the superblock flag causes the file system - to always be mounted with ACLs enabled, - even if there is not an fstab entry - or if the devices re-order. This prevents accidental - mounting of the file system without ACL - support. - - + ACLs are enabled by the mount-time + administrative flag, , which may be added + to /etc/fstab. The mount-time flag can + also be automatically set in a persistent manner using + &man.tunefs.8; to modify a superblock ACLs + flag in the file system header. In general, it is preferred + to use the superblock flag for several reasons: - - It is desirable to discourage accidental mounting without - ACLs enabled because nasty things can - happen if ACLs are enabled, then disabled, - then re-enabled without flushing the extended attributes. In - general, once ACLs are enabled on a - file system, they should not be disabled, as the resulting file - protections may not be compatible with those intended by the - users of the system, and re-enabling ACLs - may re-attach the previous ACLs to files - that have since had their permissions changed, resulting in - unpredictable behavior. - + + + The superblock flag cannot be changed by a remount + using as it requires a complete + umount and fresh + mount. This means that + ACLs cannot be enabled on the root file + system after boot. It also means that + ACL support on a file system cannot be + changed while the system is in use. + - File systems with ACLs enabled will - show a plus (+) sign in their permission - settings: + + Setting the superblock flag causes the file system to + always be mounted with ACLs enabled, + even if there is not an fstab entry + or if the devices re-order. This prevents accidental + mounting of the file system without ACL + support. + + - drwx------ 2 robert robert 512 Dec 27 11:54 private + + It is desirable to discourage accidental mounting + without ACLs enabled because nasty things + can happen if ACLs are enabled, then + disabled, then re-enabled without flushing the extended + attributes. In general, once ACLs are + enabled on a file system, they should not be disabled, as + the resulting file protections may not be compatible with + those intended by the users of the system, and re-enabling + ACLs may re-attach the previous + ACLs to files that have since had their + permissions changed, resulting in unpredictable + behavior. + + + File systems with ACLs enabled will + show a plus (+) sign in their permission + settings: + + drwx------ 2 robert robert 512 Dec 27 11:54 private drwxrwx---+ 2 robert robert 512 Dec 23 10:57 directory1 drwxrwx---+ 2 robert robert 512 Dec 22 10:20 directory2 drwxrwx---+ 2 robert robert 512 Dec 27 11:57 directory3 drwxr-xr-x 2 robert robert 512 Nov 10 11:54 public_html - In this example, - directory1, - directory2, and - directory3 - are all taking advantage of ACLs, whereas - public_html - is not. + In this example, directory1, + directory2, and + directory3 are all taking advantage of + ACLs, whereas + public_html is not. @@ -3047,11 +3048,11 @@ drwxr-xr-x 2 robert robert 512 Nov 10 other::r-- To change the ACL settings on this - file, use setfacl. To remove all of the currently defined - ACLs from a file or file system, include - . However, the preferred method is to use - as it leaves the basic fields required - for ACLs to work. + file, use setfacl. To remove all of the + currently defined ACLs from a file or file + system, include . However, the preferred + method is to use as it leaves the basic + fields required for ACLs to work. &prompt.user; setfacl -k test @@ -3060,12 +3061,12 @@ drwxr-xr-x 2 robert robert 512 Nov 10 &prompt.user; setfacl -m u:trhodes:rwx,group:web:r--,o::--- test - In this example, there were no - pre-defined entries, as they were removed by the previous - command. This command restores the default options and assigns the - options listed. If a user or group is added which does not - exist on the system, an Invalid - argument error will be displayed. + In this example, there were no pre-defined entries, as + they were removed by the previous command. This command + restores the default options and assigns the options listed. + If a user or group is added which does not exist on the + system, an Invalid argument error will + be displayed. Refer to &man.getfacl.1; and &man.setfacl.1; for more information about the options available for these @@ -3494,13 +3495,13 @@ UWWemqWuz3lAZuORQ9KX their allocation among users, provide for system monitoring, and minimally track a user's commands. - Process accounting has both positive and negative points. One - of the positives is that an intrusion may be narrowed down to - the point of entry. A negative is the amount of logs + Process accounting has both positive and negative points. + One of the positives is that an intrusion may be narrowed down + to the point of entry. A negative is the amount of logs generated by process accounting, and the disk space they may - require. This section walks an administrator through the - basics of process accounting. - + require. This section walks an administrator through the basics + of process accounting. + If more fine-grained accounting is needed, refer to . @@ -3520,16 +3521,16 @@ UWWemqWuz3lAZuORQ9KX Once enabled, accounting will begin to track information such as CPU statistics and executed commands. All accounting logs are in a non-human readable - format which can be viewed using sa. If issued - without any options, sa prints information relating to - the number of per-user calls, the total elapsed time in - minutes, total CPU and user time in - minutes, and the average number of I/O operations. Refer to - &man.sa.8; for the list of available options which control the - output. + format which can be viewed using sa. If + issued without any options, sa prints + information relating to the number of per-user calls, the + total elapsed time in minutes, total CPU + and user time in minutes, and the average number of + I/O operations. Refer to &man.sa.8; for + the list of available options which control the output. - To display the commands issued - by users, use lastcomm. For example, this command + To display the commands issued by users, use + lastcomm. For example, this command prints out all usage of ls by trhodes on the ttyp1 terminal: @@ -3559,102 +3560,96 @@ UWWemqWuz3lAZuORQ9KX controlled through a flat file, /etc/login.conf. While this method is still supported, any changes require a multi-step process of - editing this file in order to divide users into various group labels known as classes, - rebuilding the resource database using - cap_mkdb, making necessary changes - to /etc/master.passwd, and rebuilding - the password database using - pwd_mkdb. This could be - time consuming, depending upon the number of users to + editing this file in order to divide users into various group + labels known as classes, rebuilding the resource database using + cap_mkdb, making necessary changes to + /etc/master.passwd, and rebuilding the + password database using pwd_mkdb. This + could be time consuming, depending upon the number of users to configure. Beginning with &os; 9.0-RELEASE, - rctl can be used to provide a more fine-grained - method of controlling resources limits for users. This - command supports much more than users as it can be used to set - resource constraints on processes, jails, and the original login - class. These advanced features provide administrators and users - with methods to control resources through the command line and - to set rules on system initialization using a configuration + rctl can be used to provide a more + fine-grained method of controlling resources limits for users. + This command supports much more than users as it can be used to + set resource constraints on processes, jails, and the original + login class. These advanced features provide administrators and + users with methods to control resources through the command line + and to set rules on system initialization using a configuration file. - - Enabling and Configuring Resource Limits + + Enabling and Configuring Resource Limits - By default, kernel support for rctl is - not built-in, meaning that the kernel will first need to be - recompiled using the instructions in . Add these lines to either - GENERIC or a custom kernel - configuration file, then rebuild the kernel: + By default, kernel support for rctl is + not built-in, meaning that the kernel will first need to be + recompiled using the instructions in . Add these lines to either + GENERIC or a custom kernel configuration + file, then rebuild the kernel: - options RACCT + options RACCT options RCTL - Once the system has rebooted into the new kernel, - rctl may be used to set rules for the - system. - - Rule syntax is controlled through the use of - a subject, - subject-id, resource, - and action, as seen in this example - rule: - - user:trhodes:maxproc:deny=10/user - - In this rule, the subject - is user, the subject-id is - trhodes, the resource, - maxproc, is the maximum - number of processes, and the - action is deny, which blocks any - new processes from being created. This means that the - user, trhodes, will be constrained to no greater than - 10 processes. Other possible - actions include logging to the console, passing a - notification to &man.devd.8;, or sending a sigterm to the - process. - - Some care must be taken when adding rules. Since this user - is constrained to 10 processes, this example - will prevent the user from performing other - tasks after logging in and executing a - screen session. Once a resource limit has - been hit, an error will be printed, as in this example: + Once the system has rebooted into the new kernel, + rctl may be used to set rules for the + system. + + Rule syntax is controlled through the use of a subject, + subject-id, resource, and action, as seen in this example + rule: + + user:trhodes:maxproc:deny=10/user + + In this rule, the subject is user, the + subject-id is trhodes, the resource, + maxproc, is the maximum number of + processes, and the action is deny, which + blocks any new processes from being created. This means that + the user, trhodes, will be constrained to + no greater than 10 processes. Other + possible actions include logging to the console, passing a + notification to &man.devd.8;, or sending a sigterm to the + process. + + Some care must be taken when adding rules. Since this + user is constrained to 10 processes, this + example will prevent the user from performing other tasks + after logging in and executing a + screen session. Once a resource limit has + been hit, an error will be printed, as in this example: - &prompt.user; man test + &prompt.user; man test /usr/bin/man: Cannot fork: Resource temporarily unavailable eval: Cannot fork: Resource temporarily unavailable - As another example, - a jail can be prevented from exceeding a memory limit. This rule could be - written as: - - &prompt.root; rctl -a jail:httpd:memoryuse:deny=2G/jail - - Rules will persist across reboots if they have been - added to /etc/rctl.conf. The format is a - rule, without the preceding command. For example, the previous - rule could be added as: + As another example, a jail can be prevented from exceeding + a memory limit. This rule could be written as: + + &prompt.root; rctl -a jail:httpd:memoryuse:deny=2G/jail + + Rules will persist across reboots if they have been added + to /etc/rctl.conf. The format is a rule, + without the preceding command. For example, the previous rule + could be added as: - # Block jail from using more than 2G memory: + # Block jail from using more than 2G memory: jail:httpd:memoryuse:deny=2G/jail - To remove a rule, use rctl to - remove it from the list: + To remove a rule, use rctl to remove it + from the list: - &prompt.root; rctl -r user:trhodes:maxproc:deny=10/user + &prompt.root; rctl -r user:trhodes:maxproc:deny=10/user - A method for removing all rules is documented in &man.rctl.8;. - However, if removing all rules for a single user is required, - this command may be issued: + A method for removing all rules is documented in + &man.rctl.8;. However, if removing all rules for a single + user is required, this command may be issued: - &prompt.root; rctl -r user:trhodes + &prompt.root; rctl -r user:trhodes - Many other resources exist which can be used to exert - additional control over various subjects. - See &man.rctl.8; to learn about them. + Many other resources exist which can be used to exert + additional control over various subjects. + See &man.rctl.8; to learn about them. From owner-svn-doc-all@FreeBSD.ORG Tue Apr 1 10:06:03 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5E8FFF64; Tue, 1 Apr 2014 10:06:03 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4AB7BC79; Tue, 1 Apr 2014 10:06:03 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s31A63tO007755; Tue, 1 Apr 2014 10:06:03 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s31A635S007754; Tue, 1 Apr 2014 10:06:03 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201404011006.s31A635S007754@svn.freebsd.org> From: Ryusuke SUZUKI Date: Tue, 1 Apr 2014 10:06:03 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44405 - head/ja_JP.eucJP/books/handbook/ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Apr 2014 10:06:03 -0000 Author: ryusuke Date: Tue Apr 1 10:06:02 2014 New Revision: 44405 URL: http://svnweb.freebsd.org/changeset/doc/44405 Log: - Merge the following from the English version: r42829 -> r42903 head/ja_JP.eucJP/books/handbook/ports/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/ports/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/ports/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/ports/chapter.xml Mon Mar 31 21:09:35 2014 (r44404) +++ head/ja_JP.eucJP/books/handbook/ports/chapter.xml Tue Apr 1 10:06:02 2014 (r44405) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r42829 + Original revision: r42903 $FreeBSD$ --> @@ -909,33 +909,14 @@ Deinstalling ca_root_nss-3.15.1_1... don Ports Collection の利用 - このセクションでは、Ports Collection - を利用してプログラムをインストールしたり、 - システムから削除したりする基本的な手順について説明します。 - 利用可能な make のターゲットや環境変数についての詳細は - &man.ports.7; をご覧ください。 - - - &os; Ports プロジェクトは、2012 年にバージョン管理システムを - CVS から Subversion へと移行しました。 - 一般的な ports の利用において推奨される方法は - Portsnap です。 - ローカルで ports をカスタマイズしたい - (すなわち、ローカルで追加のパッチをメンテナンスしたい) - と考えているユーザは、直接 Subversion を使うとよいでしょう。 - CVSup のサービスは、 - 2013 年 2 月 28 日に廃止されました。 - - - - Ports Collection の準備 - - Ports Collection とは、/usr/ports + Ports Collection とは、/usr/ports 以下に置かれる Makefile, 修正パッチ、 説明文などの一連のファイルのことです。このファイルのセットは、 アプリケーションをコンパイルして &os; にインストールするのに用いられます。 - 以下では、&os; のセットアップ時に Ports Collection をインストールしなかった場合に、 - Ports Collection を準備する方法について示します。 + port を用いてアプリケーションをコンパイルできるようにするには、 + まず最初に Ports Collection をインストールする必要があります。 + &os; のインストール時に Ports Collection をインストールしなかった場合に、 + 以下の方法のどれかを用いてインストールしてください。 Portsnap を利用する方法 @@ -963,8 +944,8 @@ Deinstalling ca_root_nss-3.15.1_1... don 上で示した Portsnap を初めて利用する際に行うコマンドを実行した後は、 以下のコマンドで - /usr/ports - をアップデートできます。 + /usr/ports + をアップデートしてください。 &prompt.root; portsnap fetch &prompt.root; portsnap update @@ -974,8 +955,8 @@ Deinstalling ca_root_nss-3.15.1_1... don Subversion を用いる方法 - たとえば、ローカルで変更点をメンテナンスする状況のように、 - ports ツリーの管理が必要な場合には、 + ports ツリーの管理が必要な場合や、 + ローカルで変更点をメンテナンスする必要がある場合には、 Subversion を使って Ports Collection を取得する方法があります。 Subversion のより詳細な説明については、 @@ -1008,189 +989,50 @@ Deinstalling ca_root_nss-3.15.1_1... don ports ツリーをチェックアウトしてください。 - パフォーマンスを良くするため、以下のコマンドにおいて、 - svn0.us-east.FreeBSD.orgSubversion + パフォーマンスを良くするため、 + svn0.us-east.FreeBSD.org + を + Subversion ミラー - の中から地理的に近い場所にあるミラーに置き換えてください。 - コミッタの方々は、最初に Subversion - Primer を読んで、適切なプロトコルを選択してください。 + の中から地理的に近い場所にあるミラーに置き換えてください。 &prompt.root; svn checkout https://svn0.us-east.FreeBSD.org/ports/head /usr/ports Subversion - でチェックアウトした後、 - /usr/ports - をアップデートするには、以下を実行してください。 + で最初のチェックアウトを行ったら、必要に応じて + /usr/ports + をアップデートしてください。 &prompt.root; svn update /usr/ports - - sysinstall を利用する方法 - - ここでは、sysinstall - を利用してインストールメディアから Ports Collection - をインストールする方法について説明します。 - この方法では、リリース時の古い Ports Collection - がインストールされることに注意してください。 - もし、インターネットへの接続が可能であれば、 - これまでに説明した方法を使ってください。 - - - root ユーザ権限で、以下のように - sysinstall を実行してください。 - - &prompt.root; sysinstall - - - - スクロールダウンして Configure を選び、 - Enter を押してください。 - - - - スクロールダウンして Distributions を選び、 - Enter を押してください。 - - - - スクロールダウンして ports を選び、 - Space キーを押してください。 - - - - Exit までスクロールアップして、 - Enter を押してください。 - - - - CDROM や FTP といったインストールメディアを選択してください。 - - - - Exit までスクロールアップして、Enter - を押してください。 - - - - X を押して、 - sysinstall を終了してください。 - - - - - - <application>CVSup</application>/<application>csup</application> - から <application>portsnap</application> への移行 - - - 2013 年 2 月 28 日までに - ports ツリーの CVS - へのエクスポートは終了します。 - そのため、CVSup および - csup を用いて ports - ツリーをアップデートすることはできなくなります。 - - - - Portsnap への移行 - - 移行に際しては、 - /usr に約 - 1 GB のディスク容量と、 - さらに Portsnap - は約 150 MB のディスク容量を /var に必要とします。 - - - もし &man.cron.8; を使って - CVSup - csup を実行するなど、 - 自動的な ports のアップデートを行なっているのであれば、 - 停止してください。 - - - - 現在の ports ツリーを一時的に別の場所に移動します。 - - &prompt.root; mv /usr/ports /usr/ports.old - - - - 新しい ports ツリーを - Portsnap を使ってダウンロードして、 - /usr/ports - に展開してください。 - - &prompt.root; portsnap fetch extract - - - - distfiles および保存されている packages を新しい - port ツリーに移動してください。 - - &prompt.root; mv /usr/ports.old/distfiles /usr/ports -&prompt.root; mv /usr/ports.old/packages /usr/ports - - - - 古い ports ツリーを削除してください。 - - &prompt.root; rm -rf /usr/ports.old - - - - もし CVSup - を使用していたのであれば、アンインストールできます。 - - &prompt.root; pkg_delete -r -v cvsup-without-gui-\* - - pkgng のユーザは、 - 以下のコマンドを使って削除できます。 - - &prompt.root; pkg delete cvsup-without-gui - - - - - - - - ports のインストール - - - ports - インストール - - - port スケルトンは、アプリケーションを &os; - 上で正しくコンパイルしインストールする方法を提供するファイルのセットのことです。 - それぞれの port スケルトンには、次のファイルが含まれています。 + Ports Collection + はソフトウェアのカテゴリを表すディレクトリを持ち、 + 各カテゴリには、各アプリケーションのサブディレクトリがあります。 + ports スケルトンとも呼ばれる各サブディレクトリには、 + プログラムを &os; + 上で正しくコンパイルしてインストールする方法を提供するファイルのセットが含まれています。 + それぞれの port スケルトンには、 + 次のファイルおよびディレクトリが含まれています。 - Makefile。 - Makefile - にはアプリケーションのコンパイル方法やシステムのどこにインストールするかを指定する命令文が含まれています。 + Makefile: + このファイルにはアプリケーションのコンパイル方法やシステムのどこにインストールするかを指定する命令文が含まれています。 - distinfo。 + distinfo: このファイルには、その port を構築するためにダウンロードする必要があるファイルのファイル名と、 - それらのファイルがダウンロードによって壊れていないかを - (&man.sha256.1; を使って) - 確認するためのチェックサム情報が含まれています。 + チェックサム情報が含まれています。 - files。 + files: このディレクトリには &os; 上でプログラムをコンパイルし、 インストールするための修正パッチが含まれています。 このディレクトリには、その port @@ -1198,12 +1040,12 @@ Deinstalling ca_root_nss-3.15.1_1... don - pkg-descr。 + pkg-descr: このファイルにはプログラムに関する、より詳しい説明文が含まれます。 - pkg-plist。 + pkg-plist: これは、その port によってインストールされる全ファイルのリストです。 これにはプログラムを削除する際に、 どのファイルを削除すれば良いのかを ports @@ -1212,235 +1054,228 @@ Deinstalling ca_root_nss-3.15.1_1... don これらの他に pkg-message - といったファイルを含む ports もあります。 - ports システムは、 - このようなファイルを用いて特殊な状況にも対応しています。 + や特殊な状況に対応するためのファイルを含む ports もあります。 これらのファイルについての詳細および - ports の一般的な説明については、port + ports の一般的な説明については、 + port 作成者のためのハンドブック をご覧下さい。 - port は実際のソースコード (distfile とも呼ばれます) + port は実際のソースコード + (distfile とも呼ばれます) を含んではいません。 - ソースコードはソフトウェアの作者が好む形式で配布されます。 - 以下では port をインストールする 2 つの方法について説明します。 + port の構築の展開部で、ダウンロードされたソースは自動的に + /usr/ports/distfiles + に保存されます。 - - ports をインストールするには、 - root としてログインする必要があります。 - + + ports のインストール - - port をコンパイルする前に、 - Ports Collection が最新であることを確認してください。 - また、その port に関連したセキュリティ上の問題がないことを - http://vuxml.freebsd.org/ - で確認してください。ports-mgmt/portaudit - をインストールしているのであれば、 - 新しく port をインストールする前に、 - portaudit -F コマンドを実行して、 - 最新の脆弱性に関するデータベースをダウンロードしてください。 - セキュリティの検査およびデータベースの更新は、 - 日々のセキュリティチェックで行なわれます。 - 詳しくは、&man.portaudit.1; および &man.periodic.8; - のマニュアルページを参照してください。 - + + ports + installing + - Ports Collection は、ネットワークに接続できることを想定しています。 - もし接続できなければ、distfile のコピーを - /usr/ports/distfiles - に手動で置いてください。 + この節では、Ports Collection + を利用してプログラムをインストールしたり、 + システムから削除したりする基本的な手順について説明します。 + 利用可能な make のターゲットや環境変数についての詳細は + &man.ports.7; をご覧ください。 - まず、インストールしたい port のディレクトリに移動してください。 + - &prompt.root; cd /usr/ports/sysutils/lsof + いかなる port でも、構築する前には、 + 前節に書かれているように、Ports Collection をアップデートしてください。 + サードパーティ製のソフトウェアをインストールすると、 + セキュリティの脆弱性を引き起こす可能性があります。 + その port に関連したセキュリティ上の問題がないことを、まずは + http://vuxml.freebsd.org/ + で確認してください。または、ports-mgmt/portaudit + をインストールしているのであれば、新しい port をインストールする前に、 + portaudit -F -a を実行してください。 + 毎日のシステムのセキュリティ確認時に、 + 自動的にセキュリティの検査およびデータベースの更新を行うようにこのコマンドを設定できます。 + 詳しくは、portaudit および &man.periodic.8; + のマニュアルページを参照してください。 + - port をコンパイルまたは - ビルド (build) するには、プロンプトから - make と入力してください。 - そうすると、次のような出力が現われるはずです。 + Ports Collection は、ネットワークに接続できることを想定しています。 + また、superuser の権限も必要となります。 - &prompt.root; make ->> lsof_4.57D.freebsd.tar.gz doesn't seem to exist in /usr/ports/distfiles/. + freebsdmaill.com + の &os; Toolkit のようなサードパーティ製の DVD-ROM + 製品の中には distfiles を収録しているものがあります。 + これらを使うとインターネットへの接続がなくても + ports をインストールするのに使うことができます。 + DVD を /cdrom + にマウントしてください。 + ほかのマウントポイントを使用したければ、 + CD_MOUNTPTS 変数を設定してください。 + ディスク上に必要な distfiles が存在すると、 + 自動的に利用されます。port には DVD + への収録を許可しないライセンス条項を持つものがあります。 + これにはダウンロード前に登録を必要としたり、 + 再配布が禁止されているという理由があります。 + DVD に含まれていない port をインストールしたい場合には、 + ネットワークに接続する必要があります。 + + port をコンパイルしてインストールするには、 + インストールしたい port のディレクトリに移動してください。 + その後、プロンプトからまたは + make install と入力してください。 + すると、次のような出力が現われるはずです。 + + &prompt.root; cd /usr/ports/sysutils/lsof +&prompt.root; make install +>> lsof_4.88D.freebsd.tar.gz doesn't seem to exist in /usr/ports/distfiles/. >> Attempting to fetch from ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/. -===> Extracting for lsof-4.57 +===> Extracting for lsof-4.88 ... [extraction output snipped] ... ->> Checksum OK for lsof_4.57D.freebsd.tar.gz. -===> Patching for lsof-4.57 -===> Applying FreeBSD patches for lsof-4.57 -===> Configuring for lsof-4.57 +>> Checksum OK for lsof_4.88D.freebsd.tar.gz. +===> Patching for lsof-4.88.d,8 +===> Applying FreeBSD patches for lsof-4.88.d,8 +===> Configuring for lsof-4.88.d,8 ... [configure output snipped] ... -===> Building for lsof-4.57 +===> Building for lsof-4.88.d,8 ... [compilation output snipped] ... -&prompt.root; - - コンパイルが終了すると、プロンプトに戻ります。 - 次に make install - を使って、port のインストールを行ないます。 +===> Installing for lsof-4.88.d,8 - &prompt.root; make install -===> Installing for lsof-4.57 +===> Installing for lsof-4.88.d,8 ... [installation output snipped] ... ===> Generating temporary packing list -===> Compressing manual pages for lsof-4.57 -===> Registering installation for lsof-4.57 +===> Compressing manual pages for lsof-4.88.d,8 +===> Registering installation for lsof-4.88.d,8 ===> SECURITY NOTE: This port has installed the following binaries which execute with increased privileges. +/usr/local/sbin/lsof &prompt.root; - プロンプトに戻ったら、 - インストールしたプログラムは実行できるようになっています。 - lsof は高い権限で動作するプログラムなので、 - セキュリティに関する警告が表示されます。ports - のコンパイルやインストール中に表示されるこれらの警告に注意してください。 + lsof は高い権限で動作するプログラムなので、 + インストールする時にセキュリティに関する警告が表示されます。 + インストールが終わったら、プロンプトが戻ります。 + + シェルによってはコマンドの実行ファイルを探す時間を短縮するために、 + 環境変数 PATH に登録されている + ディレクトリのコマンド一覧をキャッシュするものがあります。 + tcsh シェルを使っているのであれば、 + フルパスを指定することなく新しくインストールしたコマンドを利用できるように、 + rehash を実行してください。 + sh シェルを使っているのであれば + かわりに hash -r を実行してください。 + 詳細については、 + あなたの使っているシェルのドキュメントをご覧ください。 - コンパイル時に作成される作業用ディレクトリを削除すると良いでしょう。 + インストールの間に、作業用ディレクトリが作成されます。 このディレクトリにはコンパイル時に使用されるすべての一時ファイルが含まれています。 このディレクトリを削除することで、ディスク容量を節約でき、また port を新しいバージョンへアップデートする際に問題が起こる可能性を小さくします。 &prompt.root; make clean -===> Cleaning for lsof-4.57 +===> Cleaning for lsof-88.d,8 &prompt.root; - makemake install - および make clean - と三つに分けられた手順の代わりに、 - 最初から make install clean と実行することで、 - 余分な手順を二つ省くことができます。 + port を構築する際に、 + make install clean + と実行することで、 + これらの余分な手順を省くことができます。 + + + ports のインストールのカスタマイズ - - デフォルトでは、ユーザに port - のオプションを選択させる設定のため、 - make install - だけの実行では、ユーザとの対話が起こり長時間待たされることがあります。 - 依存する port の数が多い場合に、これを避けるには、まず最初に make + ports の中にはビルドオプションを指定できるものがあります。 + このオプションを指定することで、 + アプリケーションの機能の一部を有効もしくは無効にできます。 + また、セキュリティオプションを設定したり、 + その他のカスタマイズを行うことができます。 + このようなアプリケーションには + www/firefox, + security/gpgme や + mail/sylpheed-claws + などがあります。 + port に利用可能なオプションがある場合には、 + デフォルトでは、ユーザに port + のオプションをメニューから選択させる設定のため、 + 何度もユーザとの対話が起こり待たされることがあります。 + これを避けるには、まず最初に make config-recursive を実行して設定を一括で行い、その後 - make install - [clean] を実行してください。 - + make + install [clean] + を実行して port を構築してインストールしてください。 config-recursive を実行する際、 - &man.make.1; のターゲットである all-depends-list を実行すると、設定すべき ports の一覧を得ることができます。 多くの場合は、すべての依存 ports のオプションが定義され、 - ports オプションの &man.dialog.1; 画面が表示されなくなり、 - すべてのオプションが意図通りに設定されたことを確認できるまで + ports オプションの画面が表示されなくなり、 + すべてのオプションが設定されたことを確認できるまで make config-recursive を実行すると良いでしょう。 - - シェルによってはコマンドの実行ファイルを探す時間を短縮するために、 - 環境変数 PATH に登録されている - ディレクトリのコマンド一覧をキャッシュするものがあります。 - tcsh を使っているのであれば、 - フルパスを指定することなく新しくインストールしたコマンドを利用できるように、 - rehash を実行してください。 - sh シェルを使っているのであれば - かわりに hash -r を実行してください。 - 詳細については、 - あなたの使っているシェルのドキュメントをご覧ください。 - - - &os; - Mall の &os; Toolkit のようなサードパーティ製の DVD-ROM - 製品の中には distfiles を収録しているものがあります。 - これらを Ports Collection で使うことができます。 - DVD-ROM を /cdrom にマウントしてください。 - ほかのマウントポイントを使用したければ、 - CD_MOUNTPTS 変数を設定してください。 - ディスク上に必要な distfiles が存在すると、 - 自動的に利用されます。 - - - port には DVD - への収録を許可しないライセンス条項を持つものがあります。 - これにはダウンロード前に登録を必要としたり、 - 再配布が禁止されているという理由があります。 - DVD に含まれていない port をインストールしたい場合には、 - ネットワークに接続する必要があります。 - + port の構築後、再びこのメニューを表示させてオプションの追加や削除、 + 設定の変更を行う方法はたくさんあります。 + 一つ目は port のディレクトリに cd で移動し、 + make config + と入力する方法です。 + 別の方法は make showconfig + を使う方法です。 + 他の方法は make rmconfig + の実行です。 + このコマンドを実行すると選択されているすべてのオプションが削除され、 + 設定をもう一度やり直すことができます。 + これらの方法や他の方法についての詳細は、 + &man.ports.7; マニュアルで説明されています。 - ports は、FTP_PASSIVE_MODE, - FTP_PROXY, FTP_PASSWORD - といった環境変数を参照する &man.fetch.1; - を用いてファイルをダウンロードします。 - ファイアウォールの内側であったり、 + ports は、いくつかの環境変数を参照する &man.fetch.1; + を用いてソースファイルをダウンロードします。 + &os; システムがファイアウォールの内側であったり、 FTP/HTTP プロキシを使う場合には、 - これらの環境変数を設定することなります。 - 環境変数の一覧については &man.fetch.3; をご覧ください。 + FTP_PASSIVE_MODE, + FTP_PROXY, FTP_PASSWORD + の環境変数を設定することなります。 + 対応している環境変数の一覧については + &man.fetch.3; をご覧ください。 - ネットワークに常時接続できないユーザのために + インターネットに常時接続できないユーザのために make fetch コマンドが用意されています。 - (ネットワークに接続している時に) このコマンドを - /usr/ports で実行してください。 - 必要なファイルがダウンロードされます。 - このコマンドは /usr/ports/net - といった、より下の階層のカテゴリにおいても使うことができます。 + このコマンドを + /usr/ports + で実行してすべての distfiles をダウンロードするか、 + /usr/ports/net + といったカテゴリや、あるスケルトンにおいても実行できます。 ある port がライブラリやその他の ports に依存している場合には、 別のカテゴリの ports の distfiles はダウンロードされないことに注意してください。 - port が依存しているすべてをダウンロードしたければ、 - make - fetch-recursive + port が依存しているすべての distfiles をダウンロードしたければ、 + make fetch-recursive を使ってください。 - - トップディレクトリで make - を実行するとすべての port がビルドされます。 - しかしながら ports の中には同時に存在できないものがあったり、 - 異なる ports の別のファイルが同じ名前で - インストールされる場合があることに注意してください。 - - めったにないことかもしれませんが、 - デフォルトの MASTER_SITES - に書かれているサイト以外から tarball - を持ってくることが必要になる場合があります。 - そのような場合には以下のように - MASTER_SITES を変更してください。 + ローカルに distfiles のリポジトリがあるような場合に、 + MASTER_SITES 変数を変更することで + Makefile で指定されているダウンロードの場所を + 変更することができます。 + 設定する場合には、変更先を以下のようにして指定してください。 &prompt.root; cd /usr/ports/directory &prompt.root; make MASTER_SITE_OVERRIDE= \ -ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/ fetch - - 上の例では MASTER_SITES を - ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/ - に変更しています。 - - - ports の中にはビルドオプションを指定できるものがあります。 - このオプションを指定することで、 - アプリケーションの機能の一部を有効もしくは無効にできます。 - また、セキュリティオプションを設定したり、 - その他のカスタマイズを行うことができます。 - このようなアプリケーションには - www/firefox, - security/gpgme や - mail/sylpheed-claws - などがあります。 - 利用可能なオプションがある場合には、 - port をコンパイルする前にメニューが表示されます。 - - - - ports ディレクトリの変更 +ftp://ftp.organization.org/pub/FreeBSD/ports/distfiles/ fetch WRKDIRPREFIX 変数と PREFIX 変数を変更することで、 @@ -1448,46 +1283,25 @@ ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/ &prompt.root; make WRKDIRPREFIX=/usr/home/example/ports install - とすると、ports は /usr/home/example/ports - でコンパイルされ、すべて /usr/local + とすると、ports は /usr/home/example/ports + でコンパイルされ、すべて /usr/local 以下にインストールされます。 &prompt.root; make PREFIX=/usr/home/example/local install - この場合、port のコンパイルは /usr/ports + この場合、port のコンパイルは /usr/ports でおこない、 - /usr/home/example/local - にインストールします。 - - そして、 + /usr/home/example/local + にインストールします。そして &prompt.root; make WRKDIRPREFIX=../ports PREFIX=../local install とすれば両者を組み合わせることが可能です。 - あるいは、これらを環境変数に設定する方法もあります。 + これらを環境変数に設定する方法もあります。 どのように環境変数を設定するかについては、 あなたの使っているシェルのマニュアルページを参照してください。 - - - ports の再構築 - - ports をコンパイルする際、ビルドオプションを設定するために - ncurses ベースのメニューが表示されることがあります。 - port の構築後、再びこのメニューを表示させてオプションの追加や削除、 - 設定の変更を行う方法はたくさんあります。 - 一つ目は port のディレクトリに cd で移動し、 - make config と入力する方法です。 - 別の方法は make showconfig - を使う方法です。 - 他の方法は make rmconfig - の実行です。 - このコマンドを実行すると選択されているすべてのオプションが削除され、 - 設定をもう一度やり直すことができます。 - これらの方法や他の方法についての詳細は、 - &man.ports.7; マニュアルで説明されています。 - @@ -1498,11 +1312,33 @@ ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/ 削除 - インストールされた ports および packages は、 - &man.pkg.delete.1; コマンドで削除できます。 - - &prompt.root; pkg_delete lsof-4.57 - + インストールされた ports は、 + &man.pkg.delete.1; コマンドで削除できます。 + &os; システムが pkg + を使うように設定されているのであれば、 + pkg delete を使って port を削除してください。 + これらのコマンドの使用例は、 および にあります。 + + あるいは、port のディレクトリにて + make deinstall を実行することでも削除できます。 + + &prompt.root; cd /usr/ports/sysutils/lsof +make deinstall +===> Deinstalling for sysutils/lsof +===> Deinstalling +Deinstallation has been requested for the following 1 packages: + + lsof-4.88.d,8 + +The deinstallation will free 229 kB +[1/1] Deleting lsof-4.88.d,8... done + + port が削除されるときに表示されるメッセージを読むことをお勧めします。 + もし削除した port に依存するアプリケーションがあった場合には、 + その情報が表示されますが、port の削除は行われます。 + そのようなケースでは、依存を直すためにアプリケーションを再インストールするとよいでしょう。 From owner-svn-doc-all@FreeBSD.ORG Tue Apr 1 17:27:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 52A91502; Tue, 1 Apr 2014 17:27:12 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3EA721F1; Tue, 1 Apr 2014 17:27:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s31HRC4D090155; Tue, 1 Apr 2014 17:27:12 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s31HRCV4090154; Tue, 1 Apr 2014 17:27:12 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404011727.s31HRCV4090154@svn.freebsd.org> From: Warren Block Date: Tue, 1 Apr 2014 17:27:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44406 - head/en_US.ISO8859-1/books/handbook/virtualization X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Apr 2014 17:27:12 -0000 Author: wblock Date: Tue Apr 1 17:27:11 2014 New Revision: 44406 URL: http://svnweb.freebsd.org/changeset/doc/44406 Log: Correct permissions shown for host DVD/CD pass-through. PR: docs/188176 Submitted by: Tom Hoffmann Modified: head/en_US.ISO8859-1/books/handbook/virtualization/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/virtualization/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/virtualization/chapter.xml Tue Apr 1 10:06:02 2014 (r44405) +++ head/en_US.ISO8859-1/books/handbook/virtualization/chapter.xml Tue Apr 1 17:27:11 2014 (r44406) @@ -1247,10 +1247,10 @@ add path 'usb/*' mode 0660 group operato and /dev/passN. This is usually achieved by making the user a member of operator. Permissions to these devices - have to be corrected by adding the following lines to + have to be corrected by adding these lines to /etc/devfs.conf: - perm cd* 0600 + perm cd* 0660 perm xpt0 0660 perm pass* 0660 From owner-svn-doc-all@FreeBSD.ORG Tue Apr 1 17:37:50 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 44ABABBC; Tue, 1 Apr 2014 17:37:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1595430C; Tue, 1 Apr 2014 17:37:50 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s31HbnQB095023; Tue, 1 Apr 2014 17:37:49 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s31Hbndb095022; Tue, 1 Apr 2014 17:37:49 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404011737.s31Hbndb095022@svn.freebsd.org> From: Warren Block Date: Tue, 1 Apr 2014 17:37:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44407 - head/en_US.ISO8859-1/books/handbook/virtualization X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Apr 2014 17:37:50 -0000 Author: wblock Date: Tue Apr 1 17:37:49 2014 New Revision: 44407 URL: http://svnweb.freebsd.org/changeset/doc/44407 Log: Miscellaneous fixes and spelling corrections. Modified: head/en_US.ISO8859-1/books/handbook/virtualization/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/virtualization/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/virtualization/chapter.xml Tue Apr 1 17:27:11 2014 (r44406) +++ head/en_US.ISO8859-1/books/handbook/virtualization/chapter.xml Tue Apr 1 17:37:49 2014 (r44407) @@ -271,9 +271,9 @@ - - Virtualization + + + + Virtualization + - MurrayStokelyContributed by + + + Murray + Stokely + + Contributed by + - - - Synopsis - Virtualization software allows multiple operating systems - to run simultaneously on the same computer. Such software - systems for PCs often involve a host operating system which runs - the virtualization software and supports any number of guest + Virtualization software allows multiple operating systems to + run simultaneously on the same computer. Such software systems + for PCs often involve a host operating system which runs the + virtualization software and supports any number of guest operating systems. After reading this chapter, you will know: @@ -265,11 +273,13 @@ the host &mac;. This can be accomplished by adding ifconfig_ed0="DHCP" to /etc/rc.conf. More advanced - networking setups are described in . + networking setups are described in + . + Beveiliging - MatthewDillonVeel uit dit hoofdstuk is overgenomen uit de - security(7) handleiding van + + + Matthew + Dillon + + Veel uit dit hoofdstuk is overgenomen uit de + security(7) handleiding van + - SiebrandMazelandVertaald door + + + Siebrand + Mazeland + + Vertaald door + @@ -29,29 +41,24 @@ systeembeveiligingsconcepten, een aantal goede basisregels en een paar gevorderde onderwerpen binnen &os;. Veel van de onderwerpen die worden behandeld kunnen ook worden toegepast op - systemen en Internet in het algemeen. Het Internet is niet - langer een vriendelijke omgeving waar iedereen - een goede buur wil zijn. Het beveiligen van een systeem is - onontbeerlijk als gegevens, intellectueel eigendom, tijd en wat - dan ook uit de handen van hackers en dergelijke gehouden moeten - worden. - - &os; biedt veel hulpmiddelen en mechanismen om te zorgen - voor de integriteit en veiligheid van een systeem en - netwerk. + systemen en Internet in het algemeen. Het beveiligen van een + systeem is onontbeerlijk als gegevens, intellectueel eigendom, + tijd en wat dan ook uit de handen van hackers en dergelijke + gehouden moeten worden. + + &os; biedt veel hulpmiddelen en mechanismen om de integriteit + te borgen en de veiligheid van een systeem en het netwerk. Na het lezen van dit hoofdstuk weet de lezer: - Van basis systeembeveiligingsconcepten in relatie tot - &os;. + van Basis systeembeveiligingsconcepten in &os;. - Meer over verschillende versleutelingsmechanismen die - beschikbaar zijn in &os; zoals DES en - MD5. + Meer over verschillende versleutelingsmechanismen in + &os;. @@ -61,29 +68,27 @@ Hoe TCP Wrappers in te stellen voor - gebruik met inetd. + gebruik met &man.inetd.8;. - Hoe Kerberos5 op &os; opgezet + Hoe Kerberos op &os; opgezet kan worden. Hoe IPsec wordt ingesteld en hoe een - VPN op te zetten tussen &os; en - µsoft.windows; machines. + VPN op te zetten. - Hoe OpenSSH, &os;'s - SSH implementatie, in te stellen en te - gebruiken. + Hoe OpenSSH in &os; is in te + stellen en te gebruiken. - Wat bestandssysteem-ACLs zijn en hoe - die te gebruiken; + Hoe bestandssysteem-ACLs gebruikt + kunnen worden. @@ -93,13 +98,19 @@ - Hoe om te gaan met publicaties van &os; - beveiligingswaarschuwingen. + Hoe om te gaan met beveiligingswaarschuwingen van + &os; + + + + Wat processaccounting is en hoe deze ingeschakeld kan + worden binnen &os; - Iets van procesaccounting en hoe dat is in te schakelen - in &os;. + Hoe de bron limieten database in elkaar zit en hoe deze + gebruikt kan worden om gebruikerslimieten te + controleren. @@ -113,34 +124,25 @@ In dit boek worden nog meer onderwerpen met betrekking tot beveiliging beschreven. Zo wordt bijvoorbeeld Verplichte - Toegangscontrole (Mandatory Access Control) besproken in en Internet Firewalls in . + Toegangscontrole (Mandatory Access Control) besproken in + en Internet Firewalls in + . Introductie Beveiliging is een taak die begint en eindigt bij de - systeembeheerder. Hoewel alle BSD &unix; meergebruikerssystemen - enige inherente beveiliging kennen, is het bouwen en onderhouden - van additionele beveiligingsmechanismen om de gebruikers - eerlijk te houden waarschijnlijk een van de - zwaarste taken voor de systeembeheerder. Machines zijn zo veilig - als ze gemaakt worden en beveiligingsoverwegingen staan altijd op - gespannen voet met de wens om gebruiksvriendelijkheid. &unix; - systemen zijn in het algemeen in staat tot het tegelijkertijd - uitvoeren van een enorm aantal processen en veel van die - processen acteren als server - daarmee wordt bedoeld dat externe - entiteiten er verbindingen mee kunnen maken en ertegen kunnen - praten. Nu de minicomputers en mainframes van gisteren de - desktops van vandaag zijn en computers onderdeel zijn van - netwerken en internetwerken, wordt beveiliging nog - belangrijker. + systeembeheerder. Hoewel &os; enige inherente beveiliging + levert is het de zwaarste taak voor een systeembeheerder om deze + te configureren en bij te houden. Systeembeveiliging heeft ook te maken met het omgaan met verschillende vormen van aanvallen, zoals een poging om een systeem te crashen of op een andere manier onstabiel te maken, - zonder te proberen de root account aan te - vallen (break root). Aandachtspunten voor + zonder te proberen de + root account aan te + vallen. Aandachtspunten voor beveiliging kunnen opgesplitst worden in categorien: @@ -184,22 +186,20 @@ Ontzegging van Dienst (DoS) - Een ontzegging van dienst (DoS) aanval is een techniek die - de machine middelen ontneemt. In het algemeen zijn DoS aanvallen - brute kracht mechanismen die proberen de machine te crashen of op - een andere manier onbruikbaar te maken door de machine of de - netwerkcode te overvragen. Sommige DoS aanvallen proberen - misbruik te maken van bugs in de netwerkcode om een machine met - een enkel pakket te crashen. Zoiets kan alleen gerepareerd - worden door een aanpassing aan de kernel te maken. Aanvallen op - servers kunnen vaak hersteld worden door op de juiste wijze - opties in stellen om de belasting van servers te limiteren in - ongunstige omstandigheden. Omgaan met brute kracht aanvallen is - lastiger. Zo is een aanval met gefingeerde pakketten - (spoofed-packet) vrijwel niet te stoppen, behalve - dan door het systeem van Internet los te koppelen. Misschien - gaat de machine er niet door plat, maar het kan wel een volledige - Internetverbinding verzadigen. + Een ontzegging van dienst DoS aanval is + een actie die de machine middelen ontneemt. In het algemeen + zijn DoS aanvallen brute kracht mechanismen + die proberen de machine te crashen of op een andere manier + onbruikbaar te maken door de machine of de netwerkcode te + overvragen. Sommige DoS aanvallen proberen misbruik te maken + van bugs in de netwerkcode om een machine met een enkel pakket + te crashen. Zoiets kan alleen gerepareerd worden door een + aanpassing aan de kernel te maken. Aanvallen op servers kunnen + vaak hersteld worden door op de juiste wijze opties in stellen + om de belasting van servers te limiteren in ongunstige + omstandigheden. Omgaan met brute kracht aanvallen is lastiger. + Dit type aanval kan weliswaar de machine niet omver krijgen maar + kan wel de internetverbinding overbelasten. beveiliging @@ -207,36 +207,25 @@ account compromitteren - Een gecompromitteerde gebruikersaccount komt nog veel vaker - voor dan een DoS aanval. Veel systeembeheerders draaien nog - steeds standaard telnetd, - rlogind, - rshd en - ftpd servers op hun machines. Deze - servers communiceren standaard niet over beveiligde verbindingen. - Het resultaat is dat als er een redelijk grote gebruikersgroep - is, er altijd wel van een of meer van de gebruikers die van - afstand op dat systeem aanmelden (wat toch de meest normale en - makkelijke manier is om op een systeem aan te melden) het - wachtwoord is afgeluisterd (sniffed). Een - oplettende systeembeheerder analyseert zijn logboekbestanden om - te zoeken naar verdachte bronadressen, zelfs als het om - succesvolle aanmeldpogingen gaat. - - Uitgangspunt moet altijd zijn dat als een aanvaller toegang - heeft tot een gebruikersaccount, de aanvaller de - root account kan compromitteren. In - werkelijkheid is het wel zo dat voor een systeem dat goed - beveiligd is en goed wordt onderhouden, toegang tot een - gebruikersaccount niet automatisch betekent dat de aanvaller ook - root privileges kan krijgen. Het is van - belang dit onderscheid te maken, omdat een aanvaller zonder - toegang tot root in het algemeen zijn sporen - niet kan wissen en op z'n best wat kan rommelen met bestanden van - de gebruiker of de machine kan crashen. Gecompromitteerde - gebruikersaccounts zijn vrij normaal omdat gebruikers normaliter - niet de voorzorgsmaatregelen nemen die systeembeheerders - nemen. + Een gecompromitteerde gebruikersaccount komt veel vaker + voor dan een DoS aanval. Veel + systeembeheerders draaien nog onbeveiligde diensten, wat + betekend dat mensen die op het systeem aanloggen vanaf een + andere locatie potentieel het wachtwoord afgeluisterd kan worden. + De oplettende systeembeheerder analyseert de log bestanden en + zoekt dan naar verdachte bron adressen en verdachte logins. + + Op een goed beveiligd en onderhouden systeem, betekend + toegang tot een gebruikersaccount niet direct dat de aanvaller + ook toegang heeft tot het + root account. Zonder + root toegang is de + aanvaller veelal niet in staat om zijn sporen uit te wissen en + kan op zijn best in staat zijn om met de bestanden van de + gebruiker te rommelen of de machine te laten crashen. + Gecompromiteerde gebruikeraccounts komen vaker voor omdat + gebruikers niet dezelfde voorzorgsmaatregelen nemen die + systeembeheerders vaak wel nemen. beveiliging @@ -244,29 +233,18 @@ achterdeuren - Systeembeheerders moeten onthouden dat er in potentie heel - veel manieren zijn om toegang tot root te - krijgen. Een aanvaller zou het - root wachtwoord kunnen kennen, een bug kunnen - ontdekken in een dienst die onder root - draait en daar via een netwerkverbinding op in kunnen breken of - een aanvaller zou een probleem kennen met een suid-root programma - dat de aanvaller in staat stelt root te - worden als hij eenmaal toegang heeft tot een gebruikersaccount. - Als een aanvaller een manier heeft gevonden om - root te worden op een machine, dan hoeft - hij misschien geen achterdeur (backdoor) te - installeren. Veel bekende manieren die zijn gevonden om - root te worden, en weer zijn afgesloten, - vereisen veel werk van de aanvaller om zijn rommel achter zich op - te ruimen, dus de meeste aanvallers installeren een achterdeur. - Een achterdeur biedt de aanvaller een manier om makkelijk opnieuw - root toegang tot het systeem te krijgen, maar - dit geeft de slimme systeembeheerder ook een makkelijke manier om - de inbraak te ontdekken. Het onmogelijk maken een achterdeur te - installeren zou best wel eens nadelig kunnen zijn voor - beveiliging, omdat hiermee nog niet het gat gedicht is waardoor - er in eerste instantie is ingebroken. + Er zijn veel potentiele manieren om toegang tot + root te krijgen. Het + kan zijn dat de aanvaller het wachtwoord weet voor + root, of dat de + aanvaller in staat is om een exploit op een bug los te laten in + een dienst die draait als + root, of de aanvaller + weet misschien een bug in een SUID-root programma. Een aanvaller + kan een programma gebruiken, welke bekend staat als een backdoor, + om te zoeken naar vatbare systemen gebruik makende van + ongepatchte exploits om toegang tot een systeem te verkrijgen en + zijn sporen uit te wissen. Beveiligingsmaatregelen moeten altijd gemplementeerd worden in een meerlagenmodel en worden als volgt @@ -274,13 +252,14 @@ - Beveiligen van root en - medewerkersaccounts. + Beveiligen van root + en medewerkersaccounts. - Beveiligen van root – servers - onder root en suid-/sgid-binaire + Beveiligen van root + – servers onder root en suid-/sgid-binaire bestanden. @@ -307,8 +286,8 @@ - In het volgende onderdeel van dit hoofdstuk gaan we dieper in - op de bovenstaande punten. + In het volgende onderdeel van dit hoofdstuk gaan we dieper + in op deze punten. @@ -320,95 +299,67 @@ &os; beveiligen - - Commando versus protocol - - In dit hele document gebruiken we - vette tekst om te verwijzen naar een - commando of applicatie en een monospaced - lettertype om te verwijzen naar specifieke commando's. - Protocollen staan vermeld in een normaal lettertype. Dit - typografische onderscheid is zinvol omdat bijvoorbeeld ssh - zowel een protocol als een commando is. - - - In de volgende onderdelen behandelen we de methodes uit de - vorige paragraaf om een - &os;-systeem te beveiligen. + Deze sectie beschrijft methoden om een &os; systeem te + beveiligen tegen de aanvallen zoals genoemd in de + voorgaande sectie. - Beveiligen van <systemitem class="username">root</systemitem> en - medewerkersaccounts. + Beveiligen van <systemitem class="username">root</systemitem> + en medewerkersaccounts. - su + + &man.su.1; + - Om te beginnen: doe geen moeite om medewerkersaccounts - te beveiligen als de root account niet - beveiligd is. Op de meeste systemen heeft de - root account een wachtwoord. Als eerste - moet aangenomen worden dat dit wachtwoord - altijd gecompromitteerd is. Dit betekent - niet dat het wachtwoord verwijderd moet worden. Het wachtwoord - is namelijk bijna altijd nodig voor toegang via het console van + Op de meeste systemen heeft de + root account een + wachtwoord. Als eerste moet aangenomen worden dat dit + wachtwoord altijd het risico loopt om + gecompromitteerd te worden. Dit betekent niet dat het + wachtwoord verwijderd moet worden. Het wachtwoord is namelijk + bijna altijd nodig voor toegang via het console van de machine. Het betekent wel dat het niet mogelijk gemaakt moet worden om het wachtwoord te gebruiken buiten het console - om en mogelijk zelfs niet via het &man.su.1; commando. Pty's - moeten bijvoorbeeld gemarkeerd staan als onveilig - (insecure) in het bestand - /etc/ttys zodat direct aanmelden met - root via telnet - of rlogin niet wordt toegestaan. Als andere - aanmelddiensten zoals sshd gebruikt - worden, dan hoort direct aanmelden via - root uitgeschakeld staat. Dit kan door - het bestand /etc/ssh/sshd_config te - bewerken en ervoor te zorgen dat - PermitRootLogin op no - staat. Dit moet gebeuren voor iedere methode van toegang - – diensten zoals FTP worden vaak over het hoofd gezien. - Het direct aanmelden van root hoort alleen - te mogen via het systeemconsole. - - wheel - - Natuurlijk moet een systeembeheerder de mogelijkheid hebben - om root te worden. Daarvoor kunnen een - paar gaatjes geprikt worden. Maar dan moet ervoor gezorgd - worden dat er voor deze gaatjes extra aanmelden met een - wachtwoord nodig is. En manier om - root toegankelijk te maken is door het - toevoegen van de juiste medewerkersaccounts aan de - wheel groep (in - /etc/group). De medewerkers die lid zijn - van de groep wheel mogen - su–en naar root. - Maak medewerkers nooit native lid van de groep - wheel door ze in de groep - wheel te plaatsen in - /etc/group. Medewerkersaccounts horen lid - te zijn van de groep staff en horen dan - pas toegevoegd te worden aan de groep - wheel in het bestand - /etc/group. Alleen medewerkers die ook - echt toegang tot root nodig hebben horen - in de groep wheel geplaatst te worden. - Het is ook mogelijk, door een autenticatiemethode als Kerberos - te gebruiken, om het bestand .k5login van - Kerberos in de root account te gebruiken - om een &man.ksu.1; naar root toe te staan - zonder ook maar iemand lid te maken van de groep - wheel. Dit is misschien wel een - betere oplossing, omdat het - wheel-mechanisme het nog steeds mogelijk - maakt voor een inbreker root te breken als - de inbreker een wachtwoordbestand te pakken heeft gekregen en - toegang kan krijgen tot 蜑n van de - medewerkersaccounts. Hoewel het instellen van het - wheel-mechanisme beter is dan niets, is - het niet per se de meest veilige optie. + om en mogelijk zelfs niet via het &man.su.1; commando. In + het bestand /etc/ttys kunnen bijvoorbeeld + regels ingesteld worden als insecure + waardoor root niet + kan inloggen op de gespecificeerde terminals. In &os; is het + zo dat root standaard + niet kan aanloggen via &man.ssh.1; omdat + PermitRootLogin is ingesteld op + no in het bestand + /etc/ssh/sshd_config. Overdenk dit voor + elke methode waarbij toegang verkregen kan worden tot het + systeem, omdat diensten zoals FTP vaak vergeten worden. Directe + logins van root + zouden alleen mogelijk moeten zijn via de console. - Om een account volledig op slot te zetten, dient het - commando &man.pw.8; gebruikt te worden: + + wheel + + + Omdat een systeembeheerder toegang nodig heeft tot het + root account, moet er + additionele wachtwoord verificatie geconfigureerd worden. EEn + methode is om de gewenste gebruikeraccounts toe te voegen aan + de wheel groep in + /etc/group. Leden van de groep + wheel mogen gebruik + maken van &man.su.1; om root + te worden. Alleen de gebruikers die echt toegang nodig hebben + tot het root account + moeten geplaatst worden in de groep + wheel. Als er + gebruik gemaakt wordt van Kerberos authenticatie moet er een + .k5login bestand gemaakt worden in de + homedirectory van root + om gebruik te kunnen maken van &man.ksu.1; zonder dat iedereen + in de groep wheel + geplaatst moet worden. + + Om een account volledig op slot te zetten wordt gebruik + gemaakt van &man.pw.8;: &prompt.root; pw lock staff @@ -420,7 +371,7 @@ *-karakter te vervangen. Dit karakter zal nooit overeenkomen met het versleutelde wachtwoord en dus gebruikerstoegang blokkeren. Het volgende - medewerkersaccount bijvoorbeeld: + account bijvoorbeeld: foobar:R9DT/Fa1/LV9U:1000:1000::0:0:Foo Bar:/home/foobar:/usr/local/bin/tcsh @@ -437,34 +388,27 @@ Deze beveiligingsmechanismen hebben ook als uitgangspunt dat vanaf een zwaarder beveiligde machine wordt aangemeld op een - minder beveiligd systeem. Als een hoofdserver bijvoorbeeld - allerlei servers draait, zou het werkstation er geen moeten - draaien. Om een werkstation redelijk veilig te laten zijn, - dienen er zo min mogelijk servers op te draaien, bij voorkeur - zelfs geen en er zou een schermbeveiliging met - wachtwoordbeveiliging op moeten draaien. Maar als een aanvaller - fysieke toegang heeft tot een werkstation, dan kan hij elke - beveiliging die erop is aangebracht omzeilen. Dit probleem - dient echt overwogen te worden, net als het feit dat de meeste - aanvallen van een afstand plaatsvinden, via het netwerk, door - mensen die geen fysieke toegang hebben tot werkstations of - servers. + minder beveiligd systeem. Als een server bijvoorbeeld netwerk + diensten levert, zou een workstation er geen moeten draaien. + Om een werkstation redelijk veilig te laten zijn, dienen er zo + min mogelijk servers op te draaien, bij voorkeur zelfs geen en + er zou een schermbeveiliging met wachtwoordbeveiliging op + moeten draaien. Maar als een aanvaller fysieke toegang heeft + tot een werkstation, dan kan hij elke beveiliging die erop is + aangebracht omzeilen. Gelukkig vinden de meeste aanvallen + plaats op afstand, van mensen die geen fysieke toegang hebben + tot het systeem. Het gebruik van iets als Kerberos geeft de mogelijkheid - om het wachtwoord van de account van een medewerker buiten - gebruik te stellen of te wijzigen op 蜑n plaats, - waarbij het meteen actief is op alle machines waarop die - medewerker een account heeft. Als de account van een - medewerker gecompromitteerd raakt, moet vooral de mogelijkheid - om per direct het wachtwoord voor machines te kunnen aanpassen - niet onderschat worden. Met afzonderlijke wachtwoorden kan het - veranderen van wachtwoorden op N systemen een puinhoop worden. - Met Kerberos kunnen ook wachtwoordrestricties opgelegd worden: - het is niet alleen mogelijk om een Kerberos - ticket na een bepaalde tijd te laten verlopen, - maar het Kerberos systeem kan afdwingen dat de gebruiker na een - bepaalde tijd een nieuw wachtwoord kiest (na bijvoorbeeld een - maand). + om het wachtwoord van een account buiten gebruik te stellen of + te wijzigen op 蜑n plaats, waarbij het meteen actief is op + alle machines waarop de gebruiker een account heeft. Als het + account gecompromitteerd raakt, moet vooral de mogelijkheid om + per direct het wachtwoord voor machines te kunnen aanpassen + niet onderschat worden. Additionele beperkingen kunnen worden + opgedrongen met Kerberos: een Kerberos ticket kan na verloop + van tijd zijn geldigheid verliezen waarna het Kerberos systeem + de gebruiker dwingt om het wachtwoord te wijzigen. @@ -472,79 +416,30 @@ onder root en suid-/sgid-binaire bestanden - ntalk - - comsat - - finger - - zandbakken + + zandbakken + - sshd - - telnetd - - rshd - - rlogind - - Een voorzichtige systeembeheerder draait alleen die servers - die nodig zijn, niets meer, niets minder. Bedenk dat - servers van derde partijen vaak de meeste neiging hebben tot - het vertonen van bugs. Zo staat bijvoorbeeld het draaien van - een oude versie van imapd of - popper gelijk aan het weggeven van - de root account aan de hele wereld. Draai - nooit een server die niet zorgvuldig is onderzocht. Veel - servers hoeven niet te draaien als root. - Zo kunnen de ntalk, - comsat en - finger daemons bijvoorbeeld draaien - in speciale gebruikerszandbakken - (sandboxes). Een zandbak - is niet perfect, tenzij er heel veel moeite gedaan wordt, maar - de meerlagenbenadering blijft bestaan: als iemand via een - server die in een zandbak draait weet in te breken, dan moeten - ze eerst nog uit de zandbak komen. Hoe groter het aantal lagen - is waar een inbreker doorheen moet, hoe kleiner de kans op - succes is. root gaten zijn historisch - gezien aanwezig geweest in vrijwel iedere server die ooit als - root gedraaid heeft, inclusief de - basisservers van een systeem. Op een machine waarop mensen - alleen aanmelden via sshd en nooit - via telnetd of - rshd of - rlogind dienen die servers - uitgeschakeld te worden! - - &os; draait ntalkd, - comsat en - finger tegenwoordig standaard in een - zandbak. Een ander programma dat misschien beter in een - zandbak kan draaien is &man.named.8;. In - /etc/defaults/rc.conf staat als commentaar - welke parameters er nodig zijn om - named in een zandbak te draaien. - Afhankelijk van of het een nieuwe systeeminstallatie of het - bijwerken van een bestaand systeem betreft, worden de speciale - gebruikersaccounts die bij die zandbakken horen misschien niet - genstalleerd. Een voorzichtige systeembeheerder - onderzoekt en implementeert zandbakken voor servers waar dat - ook maar mogelijk is. - - sendmail - - Er zijn een aantal diensten die vooral niet in een zandbak - draaien: sendmail, - popper, - imapd, - ftpd en andere. Voor sommige - servers zijn alternatieven, maar dat kost misschien meer tijd - dan er te besteden is (gemak dient de mens). Het kan voorkomen - dat deze servers als root moeten draaien - en dat er vertrouwd moet worden op andere mechanismen om een - inbraak via die servers te detecteren. + + &man.sshd.8; + + Een voorzichtige systeembeheerder draait alleen die diensten + die nodig zijn, niets meer, niets minder. De systeembeheerder + is zich ervan bewust dat diensten van derde partijen vaak het + meest bug gevoelig zijn. Draai nooit een server die niet + goed gecontroleerd is. Denk twee keer na voordat een dienst + als root gestart + wordt, omdat er veel daemons zijn die onder andere gebruikers + kunnen draaien of gestart kunnen worden in een + zandbak. Activeer geen onveilige + diensten als &man.telnetd.8; of &man.rlogind.8;. + + Een ander potentieel beveiligingsgat is het gebruik van + SUID-root en SGID binaries. De meeste van deze binaries zoals + &man.rlogin.1; leven in /bin, + /sbin + De andere grote mogelijkheid voor root gaten in een systeem zijn de suid-root en sgid-binaire bestanden die genstalleerd zijn op een systeem. Veel van From owner-svn-doc-all@FreeBSD.ORG Tue Apr 1 21:29:11 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9FC4B3E7; Tue, 1 Apr 2014 21:29:11 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 73EF4E3D; Tue, 1 Apr 2014 21:29:11 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s31LTBqv091461; Tue, 1 Apr 2014 21:29:11 GMT (envelope-from flo@svn.freebsd.org) Received: (from flo@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s31LTBXe091459; Tue, 1 Apr 2014 21:29:11 GMT (envelope-from flo@svn.freebsd.org) Message-Id: <201404012129.s31LTBXe091459@svn.freebsd.org> From: Florian Smeets Date: Tue, 1 Apr 2014 21:29:11 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44411 - in head/en_US.ISO8859-1: books/handbook/eresources share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Apr 2014 21:29:11 -0000 Author: flo (ports committer) Date: Tue Apr 1 21:29:10 2014 New Revision: 44411 URL: http://svnweb.freebsd.org/changeset/doc/44411 Log: Add the freebsd-games mailing list Approved by: gjb Modified: head/en_US.ISO8859-1/books/handbook/eresources/chapter.xml head/en_US.ISO8859-1/share/xml/mailing-lists.ent Modified: head/en_US.ISO8859-1/books/handbook/eresources/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/eresources/chapter.xml Tue Apr 1 20:55:32 2014 (r44410) +++ head/en_US.ISO8859-1/books/handbook/eresources/chapter.xml Tue Apr 1 21:29:10 2014 (r44411) @@ -301,6 +301,11 @@ + &a.games.name; + Support for Games on &os; + + + &a.gecko.name; Gecko Rendering Engine issues @@ -1312,6 +1317,20 @@ + &a.games.name; + + + Games on &os; + + This is a technical list for discussions related to bring + games to &os;. It is for individuals actively working on + porting games to &os;, to bring up problems or discuss + alternative solutions. Individuals interested in following the + technical discussion are also welcome. + + + + &a.gecko.name; Modified: head/en_US.ISO8859-1/share/xml/mailing-lists.ent ============================================================================== --- head/en_US.ISO8859-1/share/xml/mailing-lists.ent Tue Apr 1 20:55:32 2014 (r44410) +++ head/en_US.ISO8859-1/share/xml/mailing-lists.ent Tue Apr 1 21:29:10 2014 (r44411) @@ -201,6 +201,10 @@ FreeBSD file system project mailing list"> freebsd-fs"> + +Games on FreeBSD mailing list"> +freebsd-games"> + FreeBSD gecko mailing list"> freebsd-gecko"> From owner-svn-doc-all@FreeBSD.ORG Tue Apr 1 22:07:30 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 80845E3F; Tue, 1 Apr 2014 22:07:30 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 52E891F8; Tue, 1 Apr 2014 22:07:30 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s31M7U6W007916; Tue, 1 Apr 2014 22:07:30 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s31M7U93007915; Tue, 1 Apr 2014 22:07:30 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404012207.s31M7U93007915@svn.freebsd.org> From: Warren Block Date: Tue, 1 Apr 2014 22:07:30 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44412 - head/en_US.ISO8859-1/books/handbook/eresources X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Apr 2014 22:07:30 -0000 Author: wblock Date: Tue Apr 1 22:07:29 2014 New Revision: 44412 URL: http://svnweb.freebsd.org/changeset/doc/44412 Log: Change "bring" to "bringing" and correct some uses of "3rd" to "third". Modified: head/en_US.ISO8859-1/books/handbook/eresources/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/eresources/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/eresources/chapter.xml Tue Apr 1 21:29:10 2014 (r44411) +++ head/en_US.ISO8859-1/books/handbook/eresources/chapter.xml Tue Apr 1 22:07:29 2014 (r44412) @@ -1322,7 +1322,7 @@ Games on &os; - This is a technical list for discussions related to bring + This is a technical list for discussions related to bringing games to &os;. It is for individuals actively working on porting games to &os;, to bring up problems or discuss alternative solutions. Individuals interested in following the @@ -1630,7 +1630,7 @@ by using binary packages to install software, including binary package toolkits and formats, their development and support within &os;, package repository management, - and 3rd party packages. + and third party packages. Note that discussion of ports which fail to generate packages correctly should generally be considered as @@ -1739,7 +1739,7 @@ This is a list for discussions related to improving Python-support on &os;. This is a technical mailing list. It is for individuals working on porting Python, - its 3rd party modules and + its third party modules and Zope stuff to &os;. Individuals interested in following the technical discussion are also welcome. @@ -1769,7 +1769,7 @@ This is a list for discussions related to the Ruby support on &os;. This is a technical mailing list. It is for individuals working on Ruby ports, - 3rd party libraries and frameworks. + third party libraries and frameworks. Individuals interested in the technical discussion are also welcome. From owner-svn-doc-all@FreeBSD.ORG Tue Apr 1 22:56:00 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5EF0EDCF; Tue, 1 Apr 2014 22:56:00 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 49C8783D; Tue, 1 Apr 2014 22:56:00 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s31Mu0Ov028321; Tue, 1 Apr 2014 22:56:00 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s31Mu0Fl028315; Tue, 1 Apr 2014 22:56:00 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404012256.s31Mu0Fl028315@svn.freebsd.org> From: Warren Block Date: Tue, 1 Apr 2014 22:56:00 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44413 - head/en_US.ISO8859-1/books/handbook/eresources X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Apr 2014 22:56:00 -0000 Author: wblock Date: Tue Apr 1 22:55:59 2014 New Revision: 44413 URL: http://svnweb.freebsd.org/changeset/doc/44413 Log: Whitespace-only fixes, translators please ignore. Modified: head/en_US.ISO8859-1/books/handbook/eresources/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/eresources/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/eresources/chapter.xml Tue Apr 1 22:07:29 2014 (r44412) +++ head/en_US.ISO8859-1/books/handbook/eresources/chapter.xml Tue Apr 1 22:55:59 2014 (r44413) @@ -4,68 +4,72 @@ $FreeBSD$ --> - + + Resources on the Internet The rapid pace of &os; progress makes print media impractical as a means of following the latest developments. - Electronic resources are the best, if not often the only, way - to stay informed of the latest advances. Since &os; is a - volunteer effort, the user community itself also generally serves - as a technical support department of sorts, with + Electronic resources are the best, if not often the only, way to + stay informed of the latest advances. Since &os; is a volunteer + effort, the user community itself also generally serves as a + technical support department of sorts, with electronic mail, web forums, and USENET news being the most effective way of reaching that community. The most important points of contact with the &os; user - community are outlined below. Please send other resources - not mentioned here to the &a.doc; so that they - may also be included. + community are outlined below. Please send other resources not + mentioned here to the &a.doc; so that they may also be + included. Mailing Lists The mailing lists are the most direct way of addressing questions or opening a technical discussion to a concentrated - &os; audience. There are a wide variety of lists on a number - of different &os; topics. Sending questions to the - most appropriate mailing list will invariably assure a faster - and more accurate response. + &os; audience. There are a wide variety of lists on a number of + different &os; topics. Sending questions to the most + appropriate mailing list will invariably assure a faster and + more accurate response. The charters for the various lists are given at the bottom of this document. Please read the charter before - joining or sending mail to any list. Most - list subscribers receive many hundreds of &os; related - messages every day, and the charters and rules for - use are meant to keep the signal-to-noise ratio - of the lists high. To do less would see the mailing lists - ultimately fail as an effective communications medium for the - Project. + joining or sending mail to any list. Most list + subscribers receive many hundreds of &os; related messages every + day, and the charters and rules for use are meant to keep the + signal-to-noise ratio of the lists high. To do less would see + the mailing lists ultimately fail as an effective communications + medium for the Project. - To test the ability to send email to - &os; lists, send a test message to &a.test.name;. - Please do not send test messages to any other list. + To test the ability to send email to &os; lists, + send a test message to &a.test.name;. Please do + not send test messages to any other list. When in doubt about what list to post a question to, see - How to get best - results from the FreeBSD-questions mailing + How to get + best results from the FreeBSD-questions mailing list. - Before posting to any list, please learn about how to - best use the mailing lists, such as how to help avoid - frequently-repeated discussions, by reading the Mailing List Frequently - Asked Questions (FAQ) document. + Before posting to any list, please learn about how to best + use the mailing lists, such as how to help avoid + frequently-repeated discussions, by reading the + Mailing List + Frequently Asked Questions (FAQ) document. Archives are kept for all of the mailing lists and can be - searched using the &os; World Wide Web - server. The keyword searchable archive offers an + searched using the + &os; World Wide + Web server. The keyword searchable archive offers an excellent way of finding answers to frequently asked questions and should be consulted before posting a question. Note that - this also means that messages sent to &os; mailing lists - are archived in perpetuity. When protecting privacy is a - concern, consider using a disposable secondary email address - and posting only public information. + this also means that messages sent to &os; mailing lists are + archived in perpetuity. When protecting privacy is a concern, + consider using a disposable secondary email address and posting + only public information. List Summary @@ -92,7 +96,7 @@ &a.announce.name; Important events and Project milestones -(moderated) + (moderated) @@ -166,11 +170,10 @@ - Technical lists: The following - lists are for technical discussion. Read the - charter for each list carefully before joining or sending - mail to one as there are firm guidelines for their use and - content. + Technical lists: The following lists + are for technical discussion. Read the charter for each list + carefully before joining or sending mail to one as there are + firm guidelines for their use and content. @@ -624,10 +627,10 @@ - Limited lists: The following lists + Limited lists: The following lists are for more specialized (and demanding) audiences and are - probably not of interest to the general public. It is also - a good idea to establish a presence in the technical lists + probably not of interest to the general public. It is also a + good idea to establish a presence in the technical lists before joining one of these limited lists in order to understand the communications etiquette involved. @@ -666,16 +669,16 @@ - Digest lists: All of the above lists + Digest lists: All of the above lists are available in a digest format. Once subscribed to a list, the digest options can be changed in the account options section. - SVN lists: The following lists - are for people interested in seeing the log messages for - changes to various areas of the source tree. They are - Read-Only lists and should not have - mail sent to them. + SVN lists: The following lists are + for people interested in seeing the log messages for changes + to various areas of the source tree. They are + Read-Only lists and should not have mail + sent to them. @@ -693,8 +696,8 @@ /usr/doc All changes to the doc Subversion repository (except for user, - projects - and translations) + projects and + translations) @@ -860,90 +863,89 @@ How to Subscribe To subscribe to a list, click the list name at - &a.mailman.lists.link;. - The page that is displayed should contain all of the - necessary subscription instructions for that list. + &a.mailman.lists.link;. The page that is displayed should + contain all of the necessary subscription instructions for + that list. To actually post to a given list, send mail to listname@FreeBSD.org. It will then be redistributed to mailing list members world-wide. - To unsubscribe from a list, click on the URL - found at the bottom of every email received from the list. - It is also possible to send an email to + To unsubscribe from a list, click on the URL found at the + bottom of every email received from the list. It is also + possible to send an email to listname-unsubscribe@FreeBSD.org to unsubscribe. - It is important to keep discussion - in the technical mailing lists on a technical track. To - only receive important announcements, instead - join the &a.announce;, which is intended - for infrequent traffic. + It is important to keep discussion in the technical + mailing lists on a technical track. To only receive important + announcements, instead join the &a.announce;, which is + intended for infrequent traffic. List Charters - All &os; mailing lists have - certain basic rules which must be adhered to by anyone using - them. Failure to comply with these guidelines will result - in two (2) written warnings from the &os; Postmaster - postmaster@FreeBSD.org, after which, on a - third offense, the poster will removed from all &os; - mailing lists and filtered from further posting to them. We - regret that such rules and measures are necessary at all, - but today's Internet is a pretty harsh environment, it would - seem, and many fail to appreciate just how fragile some of - its mechanisms are. + All &os; mailing lists have certain + basic rules which must be adhered to by anyone using them. + Failure to comply with these guidelines will result in two (2) + written warnings from the &os; Postmaster + postmaster@FreeBSD.org, after which, on a third + offense, the poster will removed from all &os; mailing lists + and filtered from further posting to them. We regret that + such rules and measures are necessary at all, but today's + Internet is a pretty harsh environment, it would seem, and + many fail to appreciate just how fragile some of its + mechanisms are. Rules of the road: The topic of any posting should adhere to the basic - charter of the list it is posted to. If the list - is about technical issues, the posting should contain - technical discussion. Ongoing irrelevant chatter or - flaming only detracts from the value of the mailing list - for everyone on it and will not be tolerated. For - free-form discussion on no particular topic, the &a.chat; - is freely available and should be used instead. + charter of the list it is posted to. If the list is about + technical issues, the posting should contain technical + discussion. Ongoing irrelevant chatter or flaming only + detracts from the value of the mailing list for everyone + on it and will not be tolerated. For free-form discussion + on no particular topic, the &a.chat; is freely available + and should be used instead. No posting should be made to more than 2 mailing lists, and only to 2 when a clear and obvious need to post - to both lists exists. For most lists, there is already - a great deal of subscriber overlap and except for the most + to both lists exists. For most lists, there is already a + great deal of subscriber overlap and except for the most esoteric mixes (say -stable & -scsi), there really is no reason to post to more than one list at - a time. If a message is received with - multiple mailing lists on the Cc - line, trim the Cc line - before replying. The person who replies is - still responsible for cross-posting, no matter - who the originator might have been. + a time. If a message is received with multiple mailing + lists on the Cc line, trim the + Cc line before replying. The + person who replies is still responsible for + cross-posting, no matter who the originator might have + been. - Personal attacks and profanity (in the context of - an argument) are not allowed, and that includes users - and developers alike. Gross breaches of netiquette, - like excerpting or reposting private mail when permission - to do so was not and would not be forthcoming, are frowned - upon but not specifically enforced. - However, there are also very few - cases where such content would fit within the charter - of a list and it would therefore probably rate a warning - (or ban) on that basis alone. + Personal attacks and profanity (in the context of an + argument) are not allowed, and that includes users and + developers alike. Gross breaches of netiquette, like + excerpting or reposting private mail when permission to do + so was not and would not be forthcoming, are frowned upon + but not specifically enforced. + However, there are also very few + cases where such content would fit within the charter of a + list and it would therefore probably rate a warning (or + ban) on that basis alone. - Advertising of non-&os; related products or - services is strictly prohibited and will result in an - immediate ban if it is clear that the offender is - advertising by spam. + Advertising of non-&os; related products or services + is strictly prohibited and will result in an immediate ban + if it is clear that the offender is advertising by + spam. @@ -978,13 +980,13 @@ Important events / milestones - This is the mailing list for people interested - only in occasional announcements of significant &os; - events. This includes announcements about snapshots - and other releases. It contains announcements of new - &os; capabilities. It may contain calls for - volunteers etc. This is a low volume, strictly - moderated mailing list. + This is the mailing list for people interested only + in occasional announcements of significant &os; events. + This includes announcements about snapshots and other + releases. It contains announcements of new &os; + capabilities. It may contain calls for volunteers etc. + This is a low volume, strictly moderated mailing + list. @@ -1059,9 +1061,10 @@ Bug reports - This is the mailing list for reporting bugs in - &os;. Whenever possible, bugs should be submitted - using the &man.send-pr.1; command or the WEB + This is the mailing list for reporting bugs in &os;. + Whenever possible, bugs should be submitted using the + &man.send-pr.1; command or the + WEB interface to it. @@ -1073,16 +1076,16 @@ Non technical items related to the &os; community - This list contains the overflow from the other - lists about non-technical, social information. It - includes discussion about whether Jordan looks like a - toon ferret or not, whether or not to type in capitals, - who is drinking too much coffee, where the best beer - is brewed, who is brewing beer in their basement, and - so on. Occasional announcements of important events - (such as upcoming parties, weddings, births, new jobs, - etc) can be made to the technical lists, but the follow - ups should be directed to this -chat list. + This list contains the overflow from the other lists + about non-technical, social information. It includes + discussion about whether Jordan looks like a toon ferret + or not, whether or not to type in capitals, who is + drinking too much coffee, where the best beer is brewed, + who is brewing beer in their basement, and so on. + Occasional announcements of important events (such as + upcoming parties, weddings, births, new jobs, etc) can + be made to the technical lists, but the follow ups + should be directed to this -chat list. @@ -1164,8 +1167,8 @@ and projects related to the creation of documentation for &os;. The members of this mailing list are collectively referred to as The &os; - Documentation Project. It is an open list; - feel free to join and contribute! + Documentation Project. It is an open list; feel + free to join and contribute! @@ -1176,10 +1179,10 @@ Writing device drivers for &os; - This is a forum for technical discussions related - to device drivers on &os;. It is primarily a place - for device driver writers to ask questions about how - to write device drivers using the APIs in the &os; + This is a forum for technical discussions related to + device drivers on &os;. It is primarily a place for + device driver writers to ask questions about how to + write device drivers using the APIs in the &os; kernel. @@ -1192,10 +1195,10 @@ &os; DTrace is an integrated component of &os; that - provides a framework for understanding the kernel as - well as user space programs at run time. The mailing - list is an archived discussion for developers of the - code as well as those using it. + provides a framework for understanding the kernel as + well as user space programs at run time. The mailing + list is an archived discussion for developers of the + code as well as those using it. @@ -1231,17 +1234,17 @@ Using &os; in embedded applications - This list discusses topics related to using &os; - in embedded systems. This is a technical mailing list - for which strictly technical content is expected. For - the purpose of this list, embedded systems are - those computing devices which are not desktops and which + This list discusses topics related to using &os; in + embedded systems. This is a technical mailing list for + which strictly technical content is expected. For the + purpose of this list, embedded systems are those + computing devices which are not desktops and which usually serve a single purpose as opposed to being general computing environments. Examples include, but are not limited to, all kinds of phone handsets, network equipment such as routers, switches and PBXs, remote - measuring equipment, PDAs, Point Of Sale systems, and - so on. + measuring equipment, PDAs, Point Of Sale systems, and so + on. @@ -1267,10 +1270,10 @@ Project. This list is for those interested in providing or - making use of peer support of &os;-related software - for which the &os; Project no longer provides - official support in the form of security - advisories and patches. + making use of peer support of &os;-related software for + which the &os; Project no longer provides official + support in the form of security advisories and + patches. @@ -1283,11 +1286,11 @@ This is a mailing list for discussion of the design and implementation of a &firewire; (aka IEEE 1394 aka - iLink) subsystem for &os;. Relevant topics - specifically include the standards, bus devices and - their protocols, adapter boards/cards/chips sets, and - the architecture and implementation of code for their - proper support. + iLink) subsystem for &os;. Relevant topics specifically + include the standards, bus devices and their protocols, + adapter boards/cards/chips sets, and the architecture + and implementation of code for their proper + support. @@ -1299,8 +1302,8 @@ This is the mailing list for discussion of Fortran related ports on &os;: compilers, libraries, scientific - and engineering applications from laptops to HPC clusters. - + and engineering applications from laptops to HPC + clusters. @@ -1310,9 +1313,9 @@ File systems - Discussions concerning &os; filesystems. - This is a technical mailing list for which strictly - technical content is expected. + Discussions concerning &os; filesystems. This is a + technical mailing list for which strictly technical + content is expected. @@ -1322,11 +1325,12 @@ Games on &os; - This is a technical list for discussions related to bringing - games to &os;. It is for individuals actively working on - porting games to &os;, to bring up problems or discuss - alternative solutions. Individuals interested in following the - technical discussion are also welcome. + This is a technical list for discussions related to + bringing games to &os;. It is for individuals actively + working on porting games to &os;, to bring up problems + or discuss alternative solutions. Individuals + interested in following the technical discussion are + also welcome. @@ -1402,8 +1406,8 @@ Porting &os; to IA64 This is a technical mailing list for individuals - actively working on porting &os; to the IA-64 - platform from &intel;, to bring up problems or discuss + actively working on porting &os; to the IA-64 platform + from &intel;, to bring up problems or discuss alternative solutions. Individuals interested in following the technical discussion are also welcome. @@ -1428,9 +1432,8 @@ &java; Development This is the mailing list for people discussing the - development of significant &java; applications for - &os; and the porting and maintenance of - &jdk;s. + development of significant &java; applications for &os; + and the porting and maintenance of &jdk;s. @@ -1443,15 +1446,16 @@ This is a forum for posting employment notices specifically related to &os; and resumes from those seeking &os;-related employment. This is - not a mailing list - for general employment issues since adequate forums - for that already exist elsewhere. - - Note that this list, like other FreeBSD.org mailing lists, - is distributed worldwide. Be clear - about the geographic location and the extent to which - telecommuting or - assistance with relocation is available. + not a mailing list for general + employment issues since adequate forums for that already + exist elsewhere. + + Note that this list, like other FreeBSD.org + mailing lists, is distributed worldwide. Be clear about + the geographic location and the extent to which + telecommuting or assistance with relocation is + available. Email should use open formats only — preferably plain text, but basic Portable Document @@ -1483,8 +1487,8 @@ This is a forum for technical discussions related to &os;. This is the primary technical mailing list. - It is for individuals actively working on &os;, to - bring up problems or discuss alternative solutions. + It is for individuals actively working on &os;, to bring + up problems or discuss alternative solutions. Individuals interested in following the technical discussion are also welcome. This is a technical mailing list for which strictly technical content is @@ -1499,8 +1503,8 @@ General discussion of &os; hardware - General discussion about the types of hardware - that &os; runs on, various problems and suggestions + General discussion about the types of hardware that + &os; runs on, various problems and suggestions concerning what to buy or avoid. @@ -1511,8 +1515,8 @@ Mirror sites - Announcements and discussion for people who run - &os; mirror sites. + Announcements and discussion for people who run &os; + mirror sites. @@ -1524,9 +1528,9 @@ Providers This mailing list is for discussing topics relevant - to Internet Service Providers (ISPs) using &os;. - This is a technical mailing list for which strictly - technical content is expected. + to Internet Service Providers (ISPs) using &os;. This + is a technical mailing list for which strictly technical + content is expected. @@ -1539,11 +1543,11 @@ This is a list for discussions related to the Mono development framework on &os;. This is a technical - mailing list. It is for individuals actively working - on porting Mono or C# applications to &os;, to bring - up problems or discuss alternative solutions. - Individuals interested in following the technical - discussion are also welcome. + mailing list. It is for individuals actively working on + porting Mono or C# applications to &os;, to bring up + problems or discuss alternative solutions. Individuals + interested in following the technical discussion are + also welcome. @@ -1554,9 +1558,9 @@ Office applications on &os; - Discussion centers around office applications, - their installation, their development and their support - within &os;. + Discussion centers around office applications, their + installation, their development and their support within + &os;. @@ -1571,8 +1575,8 @@ changes and issues related to the FreeBSD.org Project infrastructure. - This moderated list is strictly for announcements: no replies, - requests, discussions, or opinions. + This moderated list is strictly for announcements: + no replies, requests, discussions, or opinions. @@ -1585,21 +1589,20 @@ This mailing list exists to provide a place for hackers, administrators, and/or concerned parties to - discuss performance related topics pertaining to - &os;. Acceptable topics includes talking about - &os; installations that are either under high load, - are experiencing performance problems, or are pushing - the limits of &os;. Concerned parties that are - willing to work toward improving the performance of - &os; are highly encouraged to subscribe to this list. - This is a highly technical list ideally suited for - experienced &os; users, hackers, or administrators - interested in keeping &os; fast, robust, and - scalable. This list is not a question-and-answer list - that replaces reading through documentation, but it is a - place to make contributions or inquire about unanswered - performance related topics. - + discuss performance related topics pertaining to &os;. + Acceptable topics includes talking about &os; + installations that are either under high load, are + experiencing performance problems, or are pushing the + limits of &os;. Concerned parties that are willing to + work toward improving the performance of &os; are highly + encouraged to subscribe to this list. This is a highly + technical list ideally suited for experienced &os; + users, hackers, or administrators interested in keeping + &os; fast, robust, and scalable. This list is not a + question-and-answer list that replaces reading through + documentation, but it is a place to make contributions + or inquire about unanswered performance related + topics. @@ -1611,11 +1614,9 @@ filter firewall system Discussion concerning the packet filter (pf) - firewall system in terms of &os;. Technical - discussion and user questions are both welcome. This - list is also a place to discuss the ALTQ QoS - framework. - + firewall system in terms of &os;. Technical discussion + and user questions are both welcome. This list is also + a place to discuss the ALTQ QoS framework. @@ -1643,11 +1644,11 @@ &a.pkg-fallout.name; - Fallout logs from package building - - All packages building failures logs from the package building - clusters + Fallout logs from package + building + All packages building failures logs from the package + building clusters @@ -1658,9 +1659,9 @@ Porting to Non &intel; platforms - Cross-platform &os; issues, general discussion - and proposals for non &intel; &os; ports. This is - a technical mailing list for which strictly technical + Cross-platform &os; issues, general discussion and + proposals for non &intel; &os; ports. This is a + technical mailing list for which strictly technical content is expected. @@ -1688,8 +1689,9 @@ &os; Ports Collection - Important news for developers, porters, and users - of the Ports Collection (/usr/ports), including + Important news for developers, porters, and users of + the Ports Collection + (/usr/ports), including architecture/infrastructure changes, new capabilities, critical upgrade instructions, and release engineering information. This is a low-volume mailing list, @@ -1721,12 +1723,11 @@ ProLiant server platforms This mailing list is to be used for the technical - discussion of the usage of &os; on HP ProLiant - servers, including the discussion of ProLiant-specific - drivers, management software, configuration tools, and - BIOS updates. As such, this is the primary place to - discuss the hpasmd, hpasmcli, and hpacucli - modules. + discussion of the usage of &os; on HP ProLiant servers, + including the discussion of ProLiant-specific drivers, + management software, configuration tools, and BIOS + updates. As such, this is the primary place to discuss + the hpasmd, hpasmcli, and hpacucli modules. @@ -1740,7 +1741,7 @@ Python-support on &os;. This is a technical mailing list. It is for individuals working on porting Python, its third party modules and - Zope stuff to &os;. + Zope stuff to &os;. Individuals interested in following the technical discussion are also welcome. @@ -1752,10 +1753,10 @@ User questions - This is the mailing list for questions about - &os;. Do not send how to - questions to the technical lists unless - the question is quite technical. + This is the mailing list for questions about &os;. + Do not send how to questions to the + technical lists unless the question is quite + technical. @@ -1767,9 +1768,9 @@ discussions This is a list for discussions related to the Ruby - support on &os;. This is a technical mailing - list. It is for individuals working on Ruby ports, - third party libraries and frameworks. + support on &os;. This is a technical mailing list. It + is for individuals working on Ruby ports, third party + libraries and frameworks. Individuals interested in the technical discussion are also welcome. @@ -1782,9 +1783,9 @@ SCSI subsystem - This is the mailing list for people working on - the SCSI subsystem for &os;. This is a technical - mailing list for which strictly technical content is + This is the mailing list for people working on the + SCSI subsystem for &os;. This is a technical mailing + list for which strictly technical content is expected. @@ -1795,12 +1796,12 @@ Security issues - &os; computer security issues (DES, Kerberos, - known security holes and fixes, etc). This is a - technical mailing list for which strictly technical - discussion is expected. Note that this is not a - question-and-answer list, but that contributions (BOTH - question AND answer) to the FAQ are welcome. + &os; computer security issues (DES, Kerberos, known + security holes and fixes, etc). This is a technical + mailing list for which strictly technical discussion is + expected. Note that this is not a question-and-answer + list, but that contributions (BOTH question AND answer) + to the FAQ are welcome. @@ -1810,9 +1811,9 @@ Security Notifications - Notifications of &os; security problems and - fixes. This is not a discussion list. The discussion - list is FreeBSD-security. + Notifications of &os; security problems and fixes. + This is not a discussion list. The discussion list is + FreeBSD-security. @@ -1844,9 +1845,8 @@ Announcements This list provides notifications about the - availability - of new &os; development snapshots for the head/ and - stable/ branches. + availability of new &os; development snapshots for the + head/ and stable/ branches. @@ -1859,8 +1859,8 @@ This is the mailing list for users of &os.stable;. It includes warnings about new features coming out in - -STABLE that will affect the users, and instructions - on steps that must be taken to remain -STABLE. Anyone + -STABLE that will affect the users, and instructions on + steps that must be taken to remain -STABLE. Anyone running STABLE should subscribe to this list. This is a technical mailing list for which strictly technical content is expected. @@ -1874,8 +1874,8 @@ C99 & POSIX Conformance - This is a forum for technical discussions related - to &os; Conformance to the C99 and the POSIX + This is a forum for technical discussions related to + &os; Conformance to the C99 and the POSIX standards. @@ -1887,9 +1887,9 @@ Testing on &os; Technical mailing list discussing testing on &os;, - including ATF/Kyua, test build infrastructure, - port tests to &os; from other operating systems - (NetBSD, ...), etc. + including ATF/Kyua, test build infrastructure, port + tests to &os; from other operating systems (NetBSD, + ...), etc. @@ -1916,8 +1916,8 @@ Maintenance of &os;'s integrated toolchain - This is the mailing list for discussions related - to the maintenance of the toolchain shipped with &os;. + This is the mailing list for discussions related to + the maintenance of the toolchain shipped with &os;. This could include the state of Clang and GCC, but also pieces of software such as assemblers, linkers and debuggers. @@ -1944,8 +1944,8 @@ List This is the mailing list for the coordinators from - each of the local area Users Groups to discuss matters - with each other and a designated individual from the + each of the local area Users Groups to discuss matters + with each other and a designated individual from the Core Team. This mail list should be limited to meeting synopsis and coordination of projects that span User Groups. @@ -1976,10 +1976,9 @@ Status This mailing list can be used by developers to - announce the creation - and progress of &os; related work. Messages - will be moderated. It is suggested to send the message - "To:" a more topical &os; list and only "BCC:" + announce the creation and progress of &os; related work. + Messages will be moderated. It is suggested to send the + message "To:" a more topical &os; list and only "BCC:" this list. This way the WIP can also be discussed on the topical list, as no discussion is allowed on this list. @@ -1988,9 +1987,10 @@ messages. An editorial digest of the messages to this list - might be posted to the &os; website every few months - as part of the Status Reports - http://www.freebsd.org/news/status/. + might be posted to the &os; website every few months as + part of the Status Reports + http://www.freebsd.org/news/status/. Past reports are archived. @@ -2029,11 +2029,11 @@ XFCE - This is a forum for discussions related to bring - the XFCE environment to &os;. + This is a forum for discussions related to bring the + XFCE environment to &os;. This is a technical mailing list. It is for individuals actively working on porting - XFCE to &os;, to bring up + XFCE to &os;, to bring up problems or discuss alternative solutions. Individuals interested in following the technical discussion are also welcome. @@ -2046,11 +2046,11 @@ Zope - This is a forum for discussions related to bring - the Zope environment to &os;. + This is a forum for discussions related to bring the + Zope environment to &os;. This is a technical mailing list. It is for individuals actively working on porting - Zope to &os;, to bring up + Zope to &os;, to bring up problems or discuss alternative solutions. Individuals interested in following the technical discussion are also welcome. @@ -2058,6 +2058,7 @@ + Filtering on the Mailing Lists @@ -2147,25 +2148,30 @@ - comp.unix.bsd.freebsd.announce + comp.unix.bsd.freebsd.announce - comp.unix.bsd.freebsd.misc + Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 12CB4E73; Tue, 1 Apr 2014 23:03:09 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F1FEF8E4; Tue, 1 Apr 2014 23:03:08 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s31N38Lk032103; Tue, 1 Apr 2014 23:03:08 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s31N38BE032102; Tue, 1 Apr 2014 23:03:08 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404012303.s31N38BE032102@svn.freebsd.org> From: Dru Lavigne Date: Tue, 1 Apr 2014 23:03:08 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44414 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Apr 2014 23:03:09 -0000 Author: dru Date: Tue Apr 1 23:03:08 2014 New Revision: 44414 URL: http://svnweb.freebsd.org/changeset/doc/44414 Log: Editorial review of CARP chapter. Add a few clarifications. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Tue Apr 1 22:55:59 2014 (r44413) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Tue Apr 1 23:03:08 2014 (r44414) @@ -4903,22 +4903,38 @@ route_hostD="192.168.173.4 hatm0 0 102 l The Common Address Redundancy Protocol (CARP) allows multiple hosts to share the - same IP address and provide high - availability. One or more hosts can fail, and the - others will take over for the failed system transparently. In - addition to the shared IP address, hosts also - have a unique IP address for management and - configuration, as in the example provided here. - - - Using <acronym>CARP</acronym> for High - Availability + same IP address and Virtual Host ID + (VHID) in order to provide high + availability for one or more services. This means that one or more + hosts can fail, and the + other hosts will transparently take over so that users do not see a service + failure. + + In + addition to the shared IP address, each host + has its own IP address for management and + configuration. All of the machines that share an + IP address have the same + VHID. The VHID for each + virtual IP address must be unique across + the broadcast domain of the network interface. + + High availability using CARP is built + into &os;, though the steps to configure it vary slightly + depending upon the &os; version. This section provides the same + example configuration for versions before and equal to or after + &os; 10. - CARP is often used to provide - high availability for one or more services. This example + This example configures failover support with three hosts, all with unique IP addresses, but providing the same web - content. These machines are load balanced with a Round Robin + content. It has two different masters named + hosta.example.org and + hostb.example.org, with + a shared backup named + hostc.example.org. + + These machines are load balanced with a Round Robin DNS configuration. The master and backup machines are configured identically except for their hostnames and management IP addresses. These servers @@ -4930,82 +4946,69 @@ route_hostD="192.168.173.4 hatm0 0 102 l interfaces, one for each of the master content server's IP addresses. When a failure occurs, the backup server will pick up the failed master machine's - IP address. Users will not see a service - failure at all. - - This example has two different masters named - hosta.example.org and - hostb.example.org, with - a shared backup named - hostc.example.org. - - Each virtual IP address has a unique - identification number known as a Virtual Host Identification - (VHID). All of the machines that share an - IP address have the same - VHID. The VHID for each - virtual IP address must be unique across - the broadcast domain of the network interface. - + IP address. Using <acronym>CARP</acronym> on &os; 10 and Later - Enable support for CARP by loading the + Enable boot-time support for CARP by adding an entry for the carp.ko kernel module in /boot/loader.conf: carp_load="YES" - - The CARP module can also be built into - the &os; kernel as described in + + To load the module now without rebooting: + + &prompt.root; kldload carp + + For users who prefer to use a custom kernel, include the + following line in the custom kernel configuration file and + compile the kernel as described in : device carp - The hostname, management IP address, - CARP configuration, and the - IP address to be shared are all set by + The hostname, management IP address and subnet mask, + shared IP address, and VHID are all set by adding entries to /etc/rc.conf. This example is for hosta.example.org: - hostname="hosta.example.org" -ifconfig_em0="inet 192.168.1.3 netmask 255.255.255.0" -ifconfig_em0_alias0="vhid 1 pass testpass alias 192.168.1.50/32" - - On hostb.example.org: - - hostname="hostb.example.org" -ifconfig_em0="inet 192.168.1.4 netmask 255.255.255.0" -ifconfig_em0_alias0="vhid 2 pass testpass alias 192.168.1.51/32" - - - The passwords specified with &man.ifconfig.8; - must be identical. + hostname="hosta.example.org" +ifconfig_em0="inet 192.168.1.3 netmask 255.255.255.0" +ifconfig_em0_alias0="vhid 1 pass testpass alias 192.168.1.50/32" + + The next set of entries are for + hostb.example.org. Since it + represents a second master, it uses a different shared + IP address and + VHID. However, the passwords specified with + must be identical as CARP will only listen to and accept advertisements from machines with the correct password. - + + hostname="hostb.example.org" +ifconfig_em0="inet 192.168.1.4 netmask 255.255.255.0" +ifconfig_em0_alias0="vhid 2 pass testpass alias 192.168.1.51/32" The third machine, - hostc.example.org, is prepared to - handle failover from either of the previous hosts. This + hostc.example.org, is configured to + handle failover from either master. This machine is configured with two CARP VHIDs, one to handle the virtual - IP address of each of the master hosts. - , the CARP - advertising skew, is set to ensure that the backup host - advertises later than the master. + IP address for each of the master hosts. + The CARP + advertising skew, , is set to ensure that the backup host + advertises later than the master, since controls the order of precedence when there are multiple - backup servers. Set the configuration in - /etc/rc.conf: + backup servers. hostname="hostc.example.org" -ifconfig_em0="inet 192.168.1.5 netmask 255.255.255.0" -ifconfig_em0_alias0="vhid 1 advskew 100 pass testpass alias 192.168.1.50/32" -ifconfig_em0_alias1="vhid 2 advskew 100 pass testpass alias 192.168.1.51/32" +ifconfig_em0="inet 192.168.1.5 netmask 255.255.255.0" +ifconfig_em0_alias0="vhid 1 advskew 100 pass testpass alias 192.168.1.50/32" +ifconfig_em0_alias1="vhid 2 advskew 100 pass testpass alias 192.168.1.51/32" Having two CARP VHIDs configured means that @@ -5027,8 +5030,8 @@ ifconfig_em0_alias1="vhid 2 advskew 100 &prompt.root; ifconfig em0 vhid 1 state backup - At this point, either networking must be restarted or the - machine rebooted, then CARP is + Once the configuration is complete, either restart networking or reboot + each system. High availability is now enabled. CARP functionality can be controlled @@ -5042,76 +5045,63 @@ ifconfig_em0_alias1="vhid 2 advskew 100 Using <acronym>CARP</acronym> on &os; 9 and Earlier - Enable support for CARP by loading the + The configuration for these versions of &os; is similar to + the one described in the previous section, except that a + CARP device must first be created and + referred to in the configuration. + + Enable boot-time support for CARP by loading the if_carp.ko kernel module in /boot/loader.conf: if_carp_load="YES" - CARP can also be built into the - &os; kernel as described in + To load the module now without rebooting: + + &prompt.root; kldload carp + + For users who prefer to use a custom kernel, include the + following line in the custom kernel configuration file and + compile the kernel as described in : device carp - The CARP devices themselves may be - created using &man.ifconfig.8;: + Next, on each host, create a CARP device: &prompt.root; ifconfig carp0 create - Set the hostname, configure the management - IP address, then configure - CARP and the IP address - to be shared by adding the required lines to - /etc/rc.conf. Here are example lines for + Set the hostname, management + IP address, the shared + IP address, and VHID + by adding the required lines to + /etc/rc.conf. Since a virtual + CARP device is used instead of an alias, + the actual subnet mask of /24 is used + instead of /32. Here are the entries for hosta.example.org: - hostname="hosta.example.org" -ifconfig_fxp0="inet 192.168.1.3 netmask 255.255.255.0" + hostname="hosta.example.org" +ifconfig_fxp0="inet 192.168.1.3 netmask 255.255.255.0" cloned_interfaces="carp0" -ifconfig_carp0="vhid 1 pass testpass 192.168.1.50/24" +ifconfig_carp0="vhid 1 pass testpass 192.168.1.50/24" On hostb.example.org: - hostname="hostb.example.org" -ifconfig_fxp0="inet 192.168.1.4 netmask 255.255.255.0" + hostname="hostb.example.org" +ifconfig_fxp0="inet 192.168.1.4 netmask 255.255.255.0" cloned_interfaces="carp0" -ifconfig_carp0="vhid 2 pass testpass 192.168.1.51/24" - - - The passwords specified with &man.ifconfig.8; - must be identical. - CARP will only listen to and accept - advertisements from machines with the correct password. The - VHID must also be unique for each virtual - IP address. - +ifconfig_carp0="vhid 2 pass testpass 192.168.1.51/24" The third machine, - hostc.example.org, is prepared to - handle failover from either of the previous hosts. This - machine is configured with two CARP - devices, one to handle each of the virtual - IP address of each of the master hosts. - Setting the controls the - CARP advertising skew. The skew ensuring - that the backup hosts advertises later than the master, and - controls the order of precedence when there are multiple - backup servers. Set the configuration in - /etc/rc.conf: + hostc.example.org, is configured to + handle failover from either of the master hosts: - hostname="hostc.example.org" -ifconfig_fxp0="inet 192.168.1.5 netmask 255.255.255.0" + hostname="hostc.example.org" +ifconfig_fxp0="inet 192.168.1.5 netmask 255.255.255.0" cloned_interfaces="carp0 carp1" -ifconfig_carp0="vhid 1 advskew 100 pass testpass 192.168.1.50/24" -ifconfig_carp1="vhid 2 advskew 100 pass testpass 192.168.1.51/24" - - Having two CARP devices configured - means that hostc.example.org will - notice if either of the master servers becomes unavailable. - If a master fails to advertise before the backup server, the - backup server will pick up the shared IP - address until the master becomes available again. +ifconfig_carp0="vhid 1 advskew 100 pass testpass 192.168.1.50/24" +ifconfig_carp1="vhid 2 advskew 100 pass testpass 192.168.1.51/24" Preemption is disabled in the GENERIC &os; kernel. @@ -5128,15 +5118,10 @@ ifconfig_carp1="vhid 2 advskew 100 pass interface which corresponds to the correct host. - At this point, either networking must be restarted or the - machine rebooted, then CARP is + Once the configuration is complete, either restart networking or reboot + each system. High availability is now enabled. - CARP functionality can be controlled - via several &man.sysctl.8; variables documented in the - &man.carp.4; manual pages. Other actions can be triggered - from CARP events by using - &man.devd.8;. From owner-svn-doc-all@FreeBSD.ORG Tue Apr 1 23:24:54 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CE166151; Tue, 1 Apr 2014 23:24:54 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B8ABCA7B; Tue, 1 Apr 2014 23:24:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s31NOs6B040222; Tue, 1 Apr 2014 23:24:54 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s31NOsUN040221; Tue, 1 Apr 2014 23:24:54 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404012324.s31NOsUN040221@svn.freebsd.org> From: Dru Lavigne Date: Tue, 1 Apr 2014 23:24:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44415 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Apr 2014 23:24:54 -0000 Author: dru Date: Tue Apr 1 23:24:54 2014 New Revision: 44415 URL: http://svnweb.freebsd.org/changeset/doc/44415 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Tue Apr 1 23:03:08 2014 (r44414) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Tue Apr 1 23:24:54 2014 (r44415) @@ -489,10 +489,10 @@ static_routes="internalnet2" route_internalnet2="-net 192.168.2.0/24 192.168.1.2" The static_routes configuration - variable is a list of strings separated by a space, where - each string references a route name. The variable - route_internalnet2 contains the static - route for that route name. + variable is a list of strings separated by a space, where each + string references a route name. The variable + route_internalnet2 + contains the static route for that route name. Using more than one string in static_routes creates multiple static @@ -2009,7 +2009,8 @@ wpa_pairwise=CCMP TKIP for more details. It is possible to see the stations associated with the - AP using ifconfig wlan0 list + AP using ifconfig + wlan0 list sta. @@ -2143,7 +2144,8 @@ freebsdap 00:11:95:c3:0d:ac 1 Debugging messages can be enabled in the 802.11 protocol support layer using &man.wlandebug.8;. On a &os; system prior to &os; 9.1, this program can be found in - /usr/src/tools/tools/net80211. + /usr/src/tools/tools/net80211. For example, to enable console messages related to scanning for access points and the 802.11 protocol handshakes required to arrange communication: @@ -2151,9 +2153,9 @@ freebsdap 00:11:95:c3:0d:ac 1 &prompt.root; wlandebug -i ath0 +scan+auth+debug+assoc net.wlan.0.debug: 0 => 0xc80000<assoc,auth,scan> - Many useful statistics are maintained by - the 802.11 layer and wlanstats, found - in /usr/src/tools/tools/net80211, + Many useful statistics are maintained by the 802.11 + layer and wlanstats, found in /usr/src/tools/tools/net80211, will dump this information. These statistics should display all errors identified by the 802.11 layer. However, some errors are identified in the device drivers @@ -3211,7 +3213,7 @@ bridge0: flags=8843<UP,BROADCAST,RUNN beginning # symbol: begemotSnmpdModulePath."bridge" = "/usr/lib/snmp_bridge.so" - + Other configuration settings, such as community names and access lists, may need to be modified in this file. See &man.bsnmpd.1; and &man.snmp.bridge.3; for more information. @@ -3329,16 +3331,17 @@ BEGEMOT-BRIDGE-MIB::begemotBridgeDefault &os; provides the &man.lagg.4; interface which can be used to aggregate multiple network interfaces into one virtual interface in order to provide failover and link aggregation. - Failover allows traffic to continue to flow as long as at least one - aggregated network interface has an established link. Link aggregation works best on - switches which support LACP, as this - protocol distributes traffic bi-directionally while responding - to the failure of individual links. + Failover allows traffic to continue to flow as long as at least + one aggregated network interface has an established link. Link + aggregation works best on switches which support + LACP, as this protocol distributes traffic + bi-directionally while responding to the failure of individual + links. The aggregation protocols supported by the lagg interface - determine which ports are used for outgoing traffic and - whether or not a specific port accepts incoming traffic. The - following protocols are supported by &man.lagg.4;: + determine which ports are used for outgoing traffic and whether + or not a specific port accepts incoming traffic. The following + protocols are supported by &man.lagg.4;: @@ -4905,74 +4908,71 @@ route_hostD="192.168.173.4 hatm0 0 102 l (CARP) allows multiple hosts to share the same IP address and Virtual Host ID (VHID) in order to provide high - availability for one or more services. This means that one or more - hosts can fail, and the - other hosts will transparently take over so that users do not see a service + availability for one or more services. This means + that one or more hosts can fail, and the other hosts will + transparently take over so that users do not see a service failure. - - In - addition to the shared IP address, each host - has its own IP address for management and - configuration. All of the machines that share an - IP address have the same - VHID. The VHID for each - virtual IP address must be unique across - the broadcast domain of the network interface. + + In addition to the shared IP address, + each host has its own IP address for + management and configuration. All of the machines that share an + IP address have the same + VHID. The VHID for each + virtual IP address must be unique across the + broadcast domain of the network interface. High availability using CARP is built into &os;, though the steps to configure it vary slightly depending upon the &os; version. This section provides the same example configuration for versions before and equal to or after - &os; 10. + &os; 10. - This example - configures failover support with three hosts, all with unique - IP addresses, but providing the same web - content. It has two different masters named - hosta.example.org and - hostb.example.org, with - a shared backup named - hostc.example.org. + This example configures failover support with three hosts, + all with unique IP addresses, but providing + the same web content. It has two different masters named + hosta.example.org and + hostb.example.org, with a shared backup + named hostc.example.org. These machines are load balanced with a Round Robin - DNS configuration. The master and backup - machines are configured identically except for their hostnames - and management IP addresses. These servers - must have the same configuration and run the same services. - When the failover occurs, requests to the service on the - shared IP address can only be answered - correctly if the backup server has access to the same content. - The backup machine has two additional CARP - interfaces, one for each of the master content server's - IP addresses. When a failure occurs, the - backup server will pick up the failed master machine's - IP address. + DNS configuration. The master and backup + machines are configured identically except for their hostnames + and management IP addresses. These servers + must have the same configuration and run the same services. + When the failover occurs, requests to the service on the shared + IP address can only be answered correctly if + the backup server has access to the same content. The backup + machine has two additional CARP interfaces, + one for each of the master content server's + IP addresses. When a failure occurs, the + backup server will pick up the failed master machine's + IP address. Using <acronym>CARP</acronym> on &os; 10 and Later - Enable boot-time support for CARP by adding an entry for the - carp.ko kernel module in - /boot/loader.conf: + Enable boot-time support for CARP by + adding an entry for the carp.ko kernel + module in /boot/loader.conf: carp_load="YES" - + To load the module now without rebooting: - + &prompt.root; kldload carp For users who prefer to use a custom kernel, include the following line in the custom kernel configuration file and - compile the kernel as described in - : + compile the kernel as described in : device carp - The hostname, management IP address and subnet mask, - shared IP address, and VHID are all set by - adding entries to /etc/rc.conf. This - example is for + The hostname, management IP address and + subnet mask, shared IP address, and + VHID are all set by adding entries to + /etc/rc.conf. This example is for hosta.example.org: hostname="hosta.example.org" @@ -4982,12 +4982,11 @@ ifconfig_em0_ The next set of entries are for hostb.example.org. Since it represents a second master, it uses a different shared - IP address and - VHID. However, the passwords specified with - must be identical as - CARP will only listen to and accept - advertisements from machines with the correct - password. + IP address and VHID. + However, the passwords specified with + must be identical as CARP will only listen + to and accept advertisements from machines with the correct + password. hostname="hostb.example.org" ifconfig_em0="inet 192.168.1.4 netmask 255.255.255.0" @@ -4995,15 +4994,15 @@ ifconfig_em0_ The third machine, hostc.example.org, is configured to - handle failover from either master. This - machine is configured with two CARP + handle failover from either master. This machine is + configured with two CARP VHIDs, one to handle the virtual IP address for each of the master hosts. - The CARP - advertising skew, , is set to ensure that the backup host - advertises later than the master, since - controls the order of precedence when there are multiple - backup servers. + The CARP advertising skew, + , is set to ensure that the backup + host advertises later than the master, since + controls the order of precedence when + there are multiple backup servers. hostname="hostc.example.org" ifconfig_em0="inet 192.168.1.5 netmask 255.255.255.0" @@ -5030,8 +5029,8 @@ ifconfig_em0_ &prompt.root; ifconfig em0 vhid 1 state backup - Once the configuration is complete, either restart networking or reboot - each system. High availability is now + Once the configuration is complete, either restart + networking or reboot each system. High availability is now enabled. CARP functionality can be controlled @@ -5050,31 +5049,31 @@ ifconfig_em0_ CARP device must first be created and referred to in the configuration. - Enable boot-time support for CARP by loading the - if_carp.ko kernel module in + Enable boot-time support for CARP by + loading the if_carp.ko kernel module in /boot/loader.conf: if_carp_load="YES" To load the module now without rebooting: - + &prompt.root; kldload carp For users who prefer to use a custom kernel, include the following line in the custom kernel configuration file and - compile the kernel as described in - : + compile the kernel as described in : device carp - Next, on each host, create a CARP device: + Next, on each host, create a CARP + device: &prompt.root; ifconfig carp0 create - Set the hostname, management - IP address, the shared - IP address, and VHID - by adding the required lines to + Set the hostname, management IP + address, the shared IP address, and + VHID by adding the required lines to /etc/rc.conf. Since a virtual CARP device is used instead of an alias, the actual subnet mask of /24 is used @@ -5104,8 +5103,8 @@ ifconfig_carp0="vhid 1 - Preemption is disabled in the GENERIC &os; kernel. - If Preemption has been enabled with a custom kernel, + Preemption is disabled in the GENERIC &os; kernel. If + Preemption has been enabled with a custom kernel, hostc.example.org may not release the IP address back to the original content server. The administrator can force the backup @@ -5118,10 +5117,9 @@ ifconfig_carp1="vhid 2 - Once the configuration is complete, either restart networking or reboot - each system. High availability is now + Once the configuration is complete, either restart + networking or reboot each system. High availability is now enabled. - From owner-svn-doc-all@FreeBSD.ORG Tue Apr 1 23:26:30 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9F2591C5; Tue, 1 Apr 2014 23:26:30 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8BC5EA88; Tue, 1 Apr 2014 23:26:30 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s31NQULw040449; Tue, 1 Apr 2014 23:26:30 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s31NQUQm040448; Tue, 1 Apr 2014 23:26:30 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404012326.s31NQUQm040448@svn.freebsd.org> From: Dru Lavigne Date: Tue, 1 Apr 2014 23:26:30 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44416 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Apr 2014 23:26:30 -0000 Author: dru Date: Tue Apr 1 23:26:30 2014 New Revision: 44416 URL: http://svnweb.freebsd.org/changeset/doc/44416 Log: Fix grammo. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Tue Apr 1 23:24:54 2014 (r44415) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Tue Apr 1 23:26:30 2014 (r44416) @@ -5104,7 +5104,7 @@ ifconfig_carp1="vhid 2 Preemption is disabled in the GENERIC &os; kernel. If - Preemption has been enabled with a custom kernel, + preemption has been enabled with a custom kernel, hostc.example.org may not release the IP address back to the original content server. The administrator can force the backup From owner-svn-doc-all@FreeBSD.ORG Wed Apr 2 10:25:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A7E538C3; Wed, 2 Apr 2014 10:25:12 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 945FC993; Wed, 2 Apr 2014 10:25:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s32APCGs012755; Wed, 2 Apr 2014 10:25:12 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s32APC40012754; Wed, 2 Apr 2014 10:25:12 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404021025.s32APC40012754@svn.freebsd.org> From: Gabor Pali Date: Wed, 2 Apr 2014 10:25:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44418 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Apr 2014 10:25:12 -0000 Author: pgj Date: Wed Apr 2 10:25:12 2014 New Revision: 44418 URL: http://svnweb.freebsd.org/changeset/doc/44418 Log: - Add 2014Q1 status report on Kyua Submitted by: jmmv Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Wed Apr 2 09:21:21 2014 (r44417) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Wed Apr 2 10:25:12 2014 (r44418) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 7 entries and we hope you enjoy reading it.

    + contains 8 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -37,6 +37,12 @@ + bin + + Userland Programs + + + ports Ports @@ -445,4 +451,90 @@ Sandvine, Inc + + + &os; Test Suite + + + + + Julio + Merino + + jmmv@FreeBSD.org + + + + + Project page + Testing cluster + Roadmap for the project + AsiaBSDCon 2014 tutorial materials + + + +

    The &os; Test Suite project aims to equip &os; with a + comprehensive collection of tests that are easy to run out of + the box and during the development of the system. The test + suite is installed into /usr/tests/ and the + kyua(1) command-line tool (devel/kyua in the + Ports Collection) is used to run them. See the project page for + more details.

    + +

    Since the last status report, we have been hard at work + polishing the framework in many different areas. The highlights + are:

    + +
      +
    • A roadmap for the project has been prepared and published, + see links.
      • + +
    • Many tests have been added to the test suite thanks to the + work of various developers and, in particular, a good bunch of + old tests from src/tools/regression/ have been + incorporated into the new test suite. As of this writing, + there are 509 test cases continuously running.
      • + +
    • The testing infrastructure in stable/10 branch has + been synced to head. It should now be possible to + seamlessly MFC changes to the stable branch along with their + tests, if any.
      • + +
    • The testing cluster, which only issued amd64 + builds, has been extended to perform i386 builds as + well. Additionally, a canary machine has been put in place so + that changes to the cluster configuration can be properly + validated before deployment.
      • + +
    • A tutorial on Kyua and the &os; Test Suite was given at + AsiaBSDCon 2014. The tutorial materials are available for + public consumption, please consult the links.
      • + +
    • Both Kyua's and ATF's upstream sites have been moved to + GitHub, mostly due to the discontinuation of file downloads in + Google Code.
      • +
    + + + + Enable the build of the test suite by default. + + Add alerting for failed or missing test runs from the + testing cluster. + + Add bhyve support to the testing cluster for faster + turnaround times. + + Simplify and improve Kyua HTML reports. In particular, + reports will be coalesced into single HTML files for easier + management and will include more useful details for debugging. + Such details are the revision at which the system was built, + date and duration of the whole run, or list of installed + packages, to mention a few examples. + + Add JUnit XML output to Kyua for better integration with + Jenkins. This work is actively ongoing and should be ready for + prime time at BSDCan 2014. + +     From owner-svn-doc-all@FreeBSD.ORG Wed Apr 2 09:21:21 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A0C05E54; Wed, 2 Apr 2014 09:21:21 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8D12CF91; Wed, 2 Apr 2014 09:21:21 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s329LLgl086161; Wed, 2 Apr 2014 09:21:21 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s329LLDG086160; Wed, 2 Apr 2014 09:21:21 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201404020921.s329LLDG086160@svn.freebsd.org> From: Ryusuke SUZUKI Date: Wed, 2 Apr 2014 09:21:21 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44417 - head/ja_JP.eucJP/books/handbook/ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Wed, 02 Apr 2014 11:38:05 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Apr 2014 09:21:21 -0000 Author: ryusuke Date: Wed Apr 2 09:21:21 2014 New Revision: 44417 URL: http://svnweb.freebsd.org/changeset/doc/44417 Log: - Merge the following from the English version: r42903 -> r42904 head/ja_JP.eucJP/books/handbook/ports/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/ports/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/ports/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/ports/chapter.xml Tue Apr 1 23:26:30 2014 (r44416) +++ head/ja_JP.eucJP/books/handbook/ports/chapter.xml Wed Apr 2 09:21:21 2014 (r44417) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r42903 + Original revision: r42904 $FreeBSD$ --> @@ -274,7 +274,8 @@ lsof: /usr/ports/sysutils/lsof &prompt.root; echo /usr/ports/*/*lsof* /usr/ports/sysutils/lsof - この方法では /usr/ports/distfiles + この方法では /usr/ports/distfiles 以下にダウンロードされたファイル名にもマッチします。 @@ -283,7 +284,8 @@ lsof: /usr/ports/sysutils/lsof port を検索する方法もあります。 この検索機能を利用するには、 cd コマンドを用いて - /usr/ports ディレクトリに移動し、make search + /usr/ports + ディレクトリに移動し、make search name=プログラム名 と入力してください。 プログラム名 @@ -316,7 +318,8 @@ R-deps: port がどこにあるかを示しています。 より絞られた情報を得るには、 - quicksearch と呼ばれる機能を使ってください。 + quicksearch + と呼ばれる機能を使ってください。     &prompt.root; cd /usr/ports &prompt.root; make quicksearch name=lsof @@ -325,16 +328,15 @@ Path: /usr/ports/sysutils/lsof Info: Lists information about open files (similar to fstat(1)) もっと詳しく検索するには、 - make search - key=string または - make quicksearch - key=string + make search key=string または + make quicksearch key=string と入力してください。 string の部分には検索したいテキストを入れます。 プログラムの名前がわからない場合でも、 ある目的に関連した ports の検索に利用できるよう、 - テキストの部分には、コメント、説明文および依存情報を入れることができます。 + テキストの部分には、コメント、 + 説明文および依存情報を入れることができます。 search および quicksearch を使う場合には、 @@ -411,8 +413,8 @@ Info: Lists information about open fil この例では、lsof は、 バージョン番号を指定しないで用いられています。 リモートでダウンロードを行うときにバージョンは含まれないためです。 - 別の &os; FTP ミラーサイトを使うには、 - PACKAGESITE 環境変数に利用したいサイトを設定してください。 + 別の &os; FTP ミラーサイトを使うには、PACKAGESITE + 環境変数に利用したいサイトを設定してください。 &man.pkg.add.1; は、FTP_PASSIVE_MODE, FTP_PROXY, FTP_PASSWORD といった環境変数を使う &man.fetch.3; @@ -441,19 +443,18 @@ Info: Lists information about open fil package は .tbz - という拡張子を持つファイルとして配布されており、 - や &os; DVD の /packages ディレクトリにあります。 - packages ディレクトリのレイアウトは、 - /usr/ports - ツリーのものと同様です。 - カテゴリごとにディレクトリがあり、 - All ディレクトリにはすべての package - があります。 + という拡張子を持つファイルとして配布されており、 + や &os; DVD の /packages ディレクトリにあります。 + packages ディレクトリのレイアウトは、 + /usr/ports + ツリーのものと同様です。 + カテゴリごとにディレクトリがあり、All ディレクトリにはすべての package + があります。 package システムのディレクトリ構造は ports のレイアウトと同一です。 - 両者が組み合わさって package/port システムが構成されます。 - + 両者が組み合わさって package/port システムが構成されます。 @@ -493,11 +494,10 @@ docbook = ... 2 列目の記号は、インストールされているバージョンの - ローカル ports ツリーのバージョンに対する - 新旧を表します。 + ローカル ports ツリーのバージョンに対する新旧を表します。 - + 記号 @@ -523,25 +523,34 @@ docbook = > インストールされている package のバージョンは、 ローカルにある ports ツリーのものより新しいです。 - すなわち、ローカルの ports ツリーはおそらく古くなっています。 + すなわち、ローカルの ports + ツリーはおそらく古くなっています。 + - ?インストールされた package を - ports インデックスの中に見つけることができません。 - インストールされた port が Ports Collection から削除されたり、 - 名前が変更された場合などに起こります。 - - *複数のバージョンの - package が存在します。 - - !インストールされた package - はインデックス中に存在しますが、何らかの理由で、 - インストールされた package - のバージョン番号をインデックス中のエントリと比較できません。 + + ? + インストールされた package を + ports インデックスの中に見つけることができません。 + インストールされた port が Ports Collection から削除されたり、 + 名前が変更された場合などに起こります。 + - + + * + 複数のバージョンの package が存在します。 + + + + ! + インストールされた package + はインデックス中に存在しますが、何らかの理由で、 + インストールされた package + のバージョン番号をインデックス中のエントリと比較できません。 + + - - + + package の削除 @@ -569,7 +578,8 @@ docbook = &prompt.root; pkg_delete xchat\* - 上の例では、名前が xchat で始まるすべての packages が削除されます。 + 上の例では、名前が xchat + で始まるすべての packages が削除されます。 @@ -582,7 +592,9 @@ docbook = バイナリ packages をより早く、 より簡単に管理できるようにする数多くの機能を提供します。 - pkgngports-mgmt/portmasterports-mgmt/portupgrade などの + pkgng は + ports-mgmt/portmaster や + ports-mgmt/portupgrade などの port 管理ツールの置き換えではありません。 これらのツールは、 サードパーティ製ソフトウェアをバイナリ packages と @@ -616,8 +628,8 @@ docbook = &prompt.root; pkg_add -r pkg pkgng をインストールしたら、 - 以下のコマンドを実行して、 - package データベースをこれまでの伝統的なフォーマットから新しいフォーマットへと変換する必要があります。 + 以下のコマンドを実行して、package + データベースをこれまでの伝統的なフォーマットから新しいフォーマットへと変換する必要があります。 &prompt.root; pkg2ng @@ -682,38 +694,38 @@ docbook = - インストールされている package の情報を入手する - - オプションを使用しないで pkg info - を実行すると、 - システムにインストールされているすべての package もしくは、 - ある特定の package の情報が得られます。 + インストールされている package の情報を入手する - たとえば、インストールされている - pkgng の情報を調べるには、 - 以下のように実行してください。 + オプションを使用しないで pkg info + を実行すると、 + システムにインストールされているすべての package もしくは、 + ある特定の package の情報が得られます。 + + たとえば、インストールされている + pkgng の情報を調べるには、 + 以下のように実行してください。 - &prompt.root; pkg info pkg + &prompt.root; pkg info pkg pkg-1.1.4_1 - - - - package のインストールと削除 - - バイナリ package をインストールするには、 - 以下のコマンドを使ってください。 - ここで packagename は、インストールする - package の名前です。 + - &prompt.root; pkg install packagename + + package のインストールと削除 - このコマンドは、リポジトリデータを使用して、 - インストールすべきソフトウェアのバージョン、および、 - インストールされていない依存ソフトウェアがあるかどうかを調べます。 - たとえば、curl - をインストールするには以下を実行してください。 + バイナリ package をインストールするには、 + 以下のコマンドを使ってください。 + ここで packagename は、インストールする + package の名前です。 + + &prompt.root; pkg install packagename + + このコマンドは、リポジトリデータを使用して、 + インストールすべきソフトウェアのバージョン、および、 + インストールされていない依存ソフトウェアがあるかどうかを調べます。 + たとえば、curl + をインストールするには以下を実行してください。 - &prompt.root; pkg install curl + &prompt.root; pkg install curl Updating repository catalogue /usr/local/tmp/All/curl-7.31.0_1.txz 100% of 1181 kB 1380 kBps 00m01s @@ -761,35 +773,35 @@ Proceed with deleting packages [y/N]: インストールされている package のアップグレード - pkg version - を用いて古くなった packages を見つけることができます。 - ローカルに ports ツリーがない場合には、 - pkg-version(8) は、リモートリポジトリのカタログを利用します。 - そうでなければ、ローカルの ports ツリーを使って - package のバージョンを同定します。 - - pkg upgrade を実行すると、 - インストールされている packages - が最新のバージョンにアップグレードされます。 - このコマンドは、インストールされているソフトウェアのバージョンと、 - リポジトリのカタログから利用できるバージョンとを比較します。 - 比較が終わったら、 - 新しいバージョンが用意されているアプリケーションの一覧を表示します。 - アップグレードを行うのであれば、 - y を選択してください。 - キャンセルする場合には、 - n を選択してください。 + pkg version + を用いて古くなった packages を見つけることができます。 + ローカルに ports ツリーがない場合には、 + pkg-version(8) は、リモートリポジトリのカタログを利用します。 + そうでなければ、ローカルの ports ツリーを使って + package のバージョンを同定します。 + + pkg upgrade を実行すると、 + インストールされている packages + が最新のバージョンにアップグレードされます。 + このコマンドは、インストールされているソフトウェアのバージョンと、 + リポジトリのカタログから利用できるバージョンとを比較します。 + 比較が終わったら、 + 新しいバージョンが用意されているアプリケーションの一覧を表示します。 + アップグレードを行うのであれば、 + y を選択してください。 + キャンセルする場合には、 + n を選択してください。 インストールされている package の検証 - 時折、 - サードウェア製のアプリケーションに脆弱性が見つかることがあります。 - 脆弱性を調べるために、 - pkgng は、検証機能を持っています。 - システムにインストールされているソフトウェアに既知の脆弱性がないかどうかを調べるには、 - 以下のように実行してください。 + 時折、 + サードウェア製のアプリケーションに脆弱性が見つかることがあります。 + 脆弱性を調べるために、 + pkgng は、検証機能を持っています。 + システムにインストールされているソフトウェアに既知の脆弱性がないかどうかを調べるには、 + 以下のように実行してください。 &prompt.root; pkg audit -F @@ -798,11 +810,11 @@ Proceed with deleting packages [y/N]: リーフ依存 ports の自動削除 package を削除すると、不必要な依存 ports - が残されることがあります。 - 依存のために導入され、現在は不必要になった package は、 - 以下のようにすると自動的に検出され、削除されます。 + が残されることがあります。 + 依存のために導入され、現在は不必要になった package は、 + 以下のようにすると自動的に検出され、削除されます。 - &prompt.root; pkg autoremove + &prompt.root; pkg autoremove Packages to be autoremoved: ca_root_nss-3.13.5 @@ -815,260 +827,267 @@ Deinstalling ca_root_nss-3.15.1_1... don package データベースのバックアップ - 伝統的な package 管理システムとは異なり、 - pkgng には package - データベースをバックアップするメカニズムがあります。 - package データベースの内容を手動でバックアップするには、 - 以下を実行してください。以下の - pkgng.db - を適切なファイル名に置き換えてください。 - - &prompt.root; pkg backup -d pkgng.db - - さらに、pkgng は - package データベースを毎日自動的にバックアップする - &man.periodic.8; スクリプトを含んでいます。 - この機能は、&man.periodic.conf.5; の中で、 - daily_backup_pkgng_enable を - YES に設定すると有効になります。 - - - スクリプトによる定期的な - package データベースのバックアップを無効にするには、 - &man.periodic.conf.5; の中で、 - daily_backup_pkgdb_enable を - NO に設定してください。 - + 伝統的な package 管理システムとは異なり、 + pkgng には package + データベースをバックアップするメカニズムがあります。 + package データベースの内容を手動でバックアップするには、 + 以下を実行してください。以下の + pkgng.db + を適切なファイル名に置き換えてください。 + + &prompt.root; pkg backup -d pkgng.db + + さらに、pkgng は + package データベースを毎日自動的にバックアップする + &man.periodic.8; スクリプトを含んでいます。 + この機能は、&man.periodic.conf.5; の中で、 + daily_backup_pkgng_enable を + YES に設定すると有効になります。 + + + スクリプトによる定期的な + package データベースのバックアップを無効にするには、 + &man.periodic.conf.5; の中で、 + daily_backup_pkgdb_enable を + NO に設定してください。 + - 過去にバックアップした package - データベースの中身をリストアするには、以下を実行してください。 + 過去にバックアップした package + データベースの中身をリストアするには、以下を実行してください。 - &prompt.root; pkg backup -r /path/to/pkgng.db + &prompt.root; pkg backup -r /path/to/pkgng.db 古くなった package の削除 - デフォルトでは、pkgng - はキャッシュディレクトリにバイナリ packages を保存します。 - このディレクトリは、pkg.conf(5) の - PKG_CACHEDIR 変数で定義されます。 - pkg upgrade を使って packages - をアップグレードする際には、 - アップグレードされた package - の古いバージョンは自動的には削除されません。 + デフォルトでは、pkgng + はキャッシュディレクトリにバイナリ packages を保存します。 + このディレクトリは、pkg.conf(5) の + PKG_CACHEDIR 変数で定義されます。 + pkg upgrade を使って packages + をアップグレードする際には、 + アップグレードされた package + の古いバージョンは自動的には削除されません。 - システムからこれらの古いバイナリ package を削除するには、 - 以下を実行してください。 + システムからこれらの古いバイナリ package を削除するには、 + 以下を実行してください。 - &prompt.root; pkg clean + &prompt.root; pkg clean package メタデータの変更 - &os; Ports Collection - では、メジャーバージョン番号が変更になることがあります。 - これに対応するために、pkgng には、 - package の情報をアップデートするコマンドが組み込まれています。 - たとえば、lang/php5 が、 - バージョン 5.4 を表すようになり、 - lang/php5 を - lang/php53 - と名前を変更する必要があるような場合に、有用です。 + &os; Ports Collection + では、メジャーバージョン番号が変更になることがあります。 + これに対応するために、pkgng には、 + package の情報をアップデートするコマンドが組み込まれています。 + たとえば、lang/php5 が、 + バージョン 5.4 を表すようになり、 + lang/php5 を + lang/php53 + と名前を変更する必要があるような場合に、有用です。 + + 上記の例の package の情報を変更するには、 + 以下のように実行してください。 + + &prompt.root; pkg set -o lang/php5:lang/php53 + + 別の例として、lang/ruby18 を + lang/ruby19 にアップデートするには、 + 以下のようにしてください。 + + &prompt.root; pkg set -o lang/ruby18:lang/ruby19 + + 最後の例として、 + libglut 共有ライブラリの情報を + graphics/libglut から + graphics/freeglut へと変更するには、 + 以下のように実行してください。 + + &prompt.root; pkg set -o graphics/libglut:graphics/freeglut - 上記の例の package の情報を変更するには、 + + package の情報を変更したら、 + 情報が変更された package に依存している + packages を再インストールすることが重要となります。 + 依存 packages を再インストールするには、 以下のように実行してください。 - &prompt.root; pkg set -o lang/php5:lang/php53 + &prompt.root; pkg install -Rf graphics/freeglut + + + + - 別の例として、lang/ruby18lang/ruby19 にアップデートするには、 - 以下のようにしてください。 + + Ports Collection の利用 - &prompt.root; pkg set -o lang/ruby18:lang/ruby19 + Ports Collection とは、/usr/ports + 以下に置かれる Makefile, 修正パッチ、 + 説明文などの一連のファイルのことです。このファイルのセットは、 + アプリケーションをコンパイルして &os; + にインストールするのに用いられます。 + port を用いてアプリケーションをコンパイルできるようにするには、 + まず最初に Ports Collection をインストールする必要があります。 + &os; のインストール時に Ports Collection をインストールしなかった場合に、 + 以下の方法のどれかを用いてインストールしてください。 - 最後の例として、 - libglut 共有ライブラリの情報を graphics/libglut から graphics/freeglut へと変更するには、 - 以下のように実行してください。 + + Portsnap を利用する方法 - &prompt.root; pkg set -o graphics/libglut:graphics/freeglut + Portsnap は Ports Collection + を取得するための速くて使いやすく、 + 多くのユーザに推奨されるツールです。 - - package の情報を変更したら、 - 情報が変更された package に依存している - packages を再インストールすることが重要となります。 - 依存 packages を再インストールするには、 - 以下のように実行してください。 + + 圧縮された Ports Collection のスナップショットを + /var/db/portsnap + にダウンロードしてください。 - &prompt.root; pkg install -Rf graphics/freeglut + &prompt.root; portsnap fetch + - - - + + 初めて Portsnap を使う時は、 + スナップショットをまず /usr/ports + に展開してください。 - - Ports Collection の利用 + &prompt.root; portsnap extract + - Ports Collection とは、/usr/ports - 以下に置かれる Makefile, 修正パッチ、 - 説明文などの一連のファイルのことです。このファイルのセットは、 - アプリケーションをコンパイルして &os; にインストールするのに用いられます。 - port を用いてアプリケーションをコンパイルできるようにするには、 - まず最初に Ports Collection をインストールする必要があります。 - &os; のインストール時に Ports Collection をインストールしなかった場合に、 - 以下の方法のどれかを用いてインストールしてください。 - - - Portsnap を利用する方法 - - Portsnap は Ports Collection - を取得するための速くて使いやすく、 - 多くのユーザに推奨されるツールです。 - - - 圧縮された Ports Collection のスナップショットを - /var/db/portsnap - にダウンロードしてください。 - - &prompt.root; portsnap fetch - - - - 初めて Portsnap を使う時は、 - スナップショットをまず /usr/ports に展開してください。 - - &prompt.root; portsnap extract - - - - 上で示した Portsnap - を初めて利用する際に行うコマンドを実行した後は、 - 以下のコマンドで - /usr/ports - をアップデートしてください。 + + 上で示した Portsnap + を初めて利用する際に行うコマンドを実行した後は、 + 以下のコマンドで + /usr/ports + をアップデートしてください。 - &prompt.root; portsnap fetch + &prompt.root; portsnap fetch &prompt.root; portsnap update - - + + + + + Subversion を用いる方法 - - Subversion を用いる方法 + ports ツリーの管理が必要な場合や、 + ローカルで変更点をメンテナンスする必要がある場合には、 + Subversion を使って + Ports Collection を取得する方法があります。 + Subversion のより詳細な説明については、 + + Subversion Primer を参照してください。 - ports ツリーの管理が必要な場合や、 - ローカルで変更点をメンテナンスする必要がある場合には、 - Subversion を使って - Ports Collection を取得する方法があります。 - Subversion のより詳細な説明については、 - - Subversion Primer を参照してください。 - - - Subversion - を使って ports ツリーをチェックアウトする前に、 - Subversion - をインストールしておく必要があります。 - ports ツリーがすでにインストールされていれば、 - 以下のようにして Subversion - をインストールできます。 + + Subversion + を使って ports ツリーをチェックアウトする前に、 + Subversion + をインストールしておく必要があります。 + ports ツリーがすでにインストールされていれば、 + 以下のようにして Subversion + をインストールできます。 - &prompt.root; cd /usr/ports/devel/subversion + &prompt.root; cd /usr/ports/devel/subversion &prompt.root; make install clean - ports ツリーがなければ、package から - Subversion をインストールできます。 + ports ツリーがなければ、package から + Subversion をインストールできます。 + + &prompt.root; pkg_add -r subversion - &prompt.root; pkg_add -r subversion + package の管理に pkgng + を使っているのであれば、代わりに以下のようにして + Subversion をインストールできます。 - package の管理に pkgng - を使っているのであれば、代わりに以下のようにして - Subversion をインストールできます。 - - &prompt.root; pkg install subversion - - - - ports ツリーをチェックアウトしてください。 - パフォーマンスを良くするため、 - svn0.us-east.FreeBSD.org - を - Subversion - ミラー - の中から地理的に近い場所にあるミラーに置き換えてください。 - - &prompt.root; svn checkout https://svn0.us-east.FreeBSD.org/ports/head /usr/ports - - - - Subversion - で最初のチェックアウトを行ったら、必要に応じて - /usr/ports - をアップデートしてください。 - - &prompt.root; svn update /usr/ports - - - - Ports Collection - はソフトウェアのカテゴリを表すディレクトリを持ち、 - 各カテゴリには、各アプリケーションのサブディレクトリがあります。 - ports スケルトンとも呼ばれる各サブディレクトリには、 - プログラムを &os; - 上で正しくコンパイルしてインストールする方法を提供するファイルのセットが含まれています。 - それぞれの port スケルトンには、 - 次のファイルおよびディレクトリが含まれています。 - - - - Makefile: - このファイルにはアプリケーションのコンパイル方法やシステムのどこにインストールするかを指定する命令文が含まれています。 - - - - distinfo: - このファイルには、その port - を構築するためにダウンロードする必要があるファイルのファイル名と、 - チェックサム情報が含まれています。 - - - - files: - このディレクトリには &os; 上でプログラムをコンパイルし、 - インストールするための修正パッチが含まれています。 - このディレクトリには、その port - の構築に必要なその他のファイルが入る場合もあります。 - - - - pkg-descr: - このファイルにはプログラムに関する、より詳しい説明文が含まれます。 - - - - pkg-plist: - これは、その port によってインストールされる全ファイルのリストです。 - これにはプログラムを削除する際に、 - どのファイルを削除すれば良いのかを ports - システムに伝える役割もあります。 - - - - これらの他に pkg-message - や特殊な状況に対応するためのファイルを含む ports もあります。 - これらのファイルについての詳細および - ports の一般的な説明については、 - port - 作成者のためのハンドブック をご覧下さい。 - - port は実際のソースコード - (distfile とも呼ばれます) - を含んではいません。 - port の構築の展開部で、ダウンロードされたソースは自動的に - /usr/ports/distfiles - に保存されます。 + &prompt.root; pkg install subversion + - + + ports ツリーをチェックアウトしてください。 + パフォーマンスを良くするため、 + svn0.us-east.FreeBSD.org + を + Subversion + ミラー + の中から地理的に近い場所にあるミラーに置き換えてください。 + + &prompt.root; svn checkout https://svn0.us-east.FreeBSD.org/ports/head /usr/ports + + + + Subversion + で最初のチェックアウトを行ったら、必要に応じて + /usr/ports + をアップデートしてください。 + + &prompt.root; svn update /usr/ports + + + + Ports Collection + はソフトウェアのカテゴリを表すディレクトリを持ち、 + 各カテゴリには、各アプリケーションのサブディレクトリがあります。 + ports スケルトンとも呼ばれる各サブディレクトリには、 + プログラムを &os; + 上で正しくコンパイルしてインストールする方法を提供するファイルのセットが含まれています。 + それぞれの port スケルトンには、 + 次のファイルおよびディレクトリが含まれています。 + + + + Makefile: + このファイルにはアプリケーションのコンパイル方法やシステムのどこにインストールするかを指定する命令文が含まれています。 + + + + distinfo: + このファイルには、その port + を構築するためにダウンロードする必要があるファイルのファイル名と、 + チェックサム情報が含まれています。 + + + + files: + このディレクトリには &os; 上でプログラムをコンパイルし、 + インストールするための修正パッチが含まれています。 + このディレクトリには、その port + の構築に必要なその他のファイルが入る場合もあります。 + + + + pkg-descr: + このファイルにはプログラムに関する、 + より詳しい説明文が含まれます。 + + + + pkg-plist: + これは、その port によってインストールされる全ファイルのリストです。 + これにはプログラムを削除する際に、 + どのファイルを削除すれば良いのかを ports + システムに伝える役割もあります。 + + + + これらの他に pkg-message + や特殊な状況に対応するためのファイルを含む ports もあります。 + これらのファイルについての詳細および + ports の一般的な説明については、 + port + 作成者のためのハンドブック をご覧下さい。 + + port は実際のソースコード + (distfile とも呼ばれます) + を含んではいません。 + port の構築の展開部で、ダウンロードされたソースは自動的に /usr/ports/distfiles + に保存されます。 + + ports のインストール @@ -1079,32 +1098,36 @@ Deinstalling ca_root_nss-3.15.1_1... don この節では、Ports Collection を利用してプログラムをインストールしたり、 システムから削除したりする基本的な手順について説明します。 - 利用可能な make のターゲットや環境変数についての詳細は + 利用可能な make + のターゲットや環境変数についての詳細は &man.ports.7; をご覧ください。 - - いかなる port でも、構築する前には、 - 前節に書かれているように、Ports Collection をアップデートしてください。 - サードパーティ製のソフトウェアをインストールすると、 - セキュリティの脆弱性を引き起こす可能性があります。 - その port に関連したセキュリティ上の問題がないことを、まずは - http://vuxml.freebsd.org/ - で確認してください。または、ports-mgmt/portaudit - をインストールしているのであれば、新しい port をインストールする前に、 - portaudit -F -a を実行してください。 - 毎日のシステムのセキュリティ確認時に、 - 自動的にセキュリティの検査およびデータベースの更新を行うようにこのコマンドを設定できます。 - 詳しくは、portaudit および &man.periodic.8; - のマニュアルページを参照してください。 + いかなる port でも、構築する前には、 + 前節に書かれているように、Ports Collection + をアップデートしてください。 + サードパーティ製のソフトウェアをインストールすると、 + セキュリティの脆弱性を引き起こす可能性があります。 + その port に関連したセキュリティ上の問題がないことを、まずは + http://vuxml.freebsd.org/ + で確認してください。または、ports-mgmt/portaudit + をインストールしているのであれば、 + 新しい port をインストールする前に、 + portaudit -F -a を実行してください。 + 毎日のシステムのセキュリティ確認時に、 + 自動的にセキュリティの検査およびデータベースの更新を行うようにこのコマンドを設定できます。 + 詳しくは、portaudit + および &man.periodic.8; + のマニュアルページを参照してください。 Ports Collection は、ネットワークに接続できることを想定しています。 また、superuser の権限も必要となります。 - freebsdmaill.com - の &os; Toolkit のようなサードパーティ製の DVD-ROM + freebsdmaill.com + の &os; Toolkit のようなサードパーティ製の DVD-ROM 製品の中には distfiles を収録しているものがあります。 これらを使うとインターネットへの接続がなくても ports をインストールするのに使うことができます。 @@ -1160,60 +1183,59 @@ Deinstalling ca_root_nss-3.15.1_1... don /usr/local/sbin/lsof &prompt.root; - lsof は高い権限で動作するプログラムなので、 - インストールする時にセキュリティに関する警告が表示されます。 - インストールが終わったら、プロンプトが戻ります。 - - シェルによってはコマンドの実行ファイルを探す時間を短縮するために、 - 環境変数 PATH に登録されている - ディレクトリのコマンド一覧をキャッシュするものがあります。 - tcsh シェルを使っているのであれば、 - フルパスを指定することなく新しくインストールしたコマンドを利用できるように、 - rehash を実行してください。 - sh シェルを使っているのであれば - かわりに hash -r を実行してください。 - 詳細については、 - あなたの使っているシェルのドキュメントをご覧ください。 - - インストールの間に、作業用ディレクトリが作成されます。 - このディレクトリにはコンパイル時に使用されるすべての一時ファイルが含まれています。 - このディレクトリを削除することで、ディスク容量を節約でき、また port - を新しいバージョンへアップデートする際に問題が起こる可能性を小さくします。 + lsof は高い権限で動作するプログラムなので、 + インストールする時にセキュリティに関する警告が表示されます。 + インストールが終わったら、プロンプトが戻ります。 + + シェルによってはコマンドの実行ファイルを探す時間を短縮するために、 + 環境変数 PATH に登録されている + ディレクトリのコマンド一覧をキャッシュするものがあります。 + tcsh シェルを使っているのであれば、 + フルパスを指定することなく新しくインストールしたコマンドを利用できるように、 + rehash を実行してください。 + sh シェルを使っているのであれば + かわりに hash -r を実行してください。 + 詳細については、 + あなたの使っているシェルのドキュメントをご覧ください。 + + インストールの間に、作業用ディレクトリが作成されます。 + このディレクトリにはコンパイル時に使用されるすべての一時ファイルが含まれています。 + このディレクトリを削除することで、ディスク容量を節約でき、また port + を新しいバージョンへアップデートする際に問題が起こる可能性を小さくします。 - &prompt.root; make clean + &prompt.root; make clean ===> Cleaning for lsof-88.d,8 &prompt.root; - - port を構築する際に、 - make install clean - と実行することで、 - これらの余分な手順を省くことができます。 - - + + port を構築する際に、 + make install clean + と実行することで、 + これらの余分な手順を省くことができます。 + + ports のインストールのカスタマイズ - ports の中にはビルドオプションを指定できるものがあります。 - このオプションを指定することで、 - アプリケーションの機能の一部を有効もしくは無効にできます。 - また、セキュリティオプションを設定したり、 - その他のカスタマイズを行うことができます。 - このようなアプリケーションには - www/firefox, - security/gpgme や - mail/sylpheed-claws - などがあります。 - port に利用可能なオプションがある場合には、 - デフォルトでは、ユーザに port - のオプションをメニューから選択させる設定のため、 - 何度もユーザとの対話が起こり待たされることがあります。 - これを避けるには、まず最初に make - config-recursive - を実行して設定を一括で行い、その後 - make - install [clean] - を実行して port を構築してインストールしてください。 + ports の中にはビルドオプションを指定できるものがあります。 + このオプションを指定することで、 + アプリケーションの機能の一部を有効もしくは無効にできます。 + また、セキュリティオプションを設定したり、 + その他のカスタマイズを行うことができます。 + このようなアプリケーションには + www/firefox, + security/gpgme や + mail/sylpheed-claws + などがあります。 + port に利用可能なオプションがある場合には、 + デフォルトでは、ユーザに port + のオプションをメニューから選択させる設定のため、 + 何度もユーザとの対話が起こり待たされることがあります。 + これを避けるには、まず最初に + make config-recursive + を実行して設定を一括で行い、その後 + make install [clean] + を実行して port を構築してインストールしてください。 config-recursive を実行する際、 @@ -1222,12 +1244,12 @@ Deinstalling ca_root_nss-3.15.1_1... don 多くの場合は、すべての依存 ports のオプションが定義され、 ports オプションの画面が表示されなくなり、 すべてのオプションが設定されたことを確認できるまで - make - config-recursive + make config-recursive を実行すると良いでしょう。 - port の構築後、再びこのメニューを表示させてオプションの追加や削除、 *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Wed Apr 2 18:12:19 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 03068372; Wed, 2 Apr 2014 18:12:19 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D9CE63E6; Wed, 2 Apr 2014 18:12:18 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s32ICIKv005313; Wed, 2 Apr 2014 18:12:18 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s32ICIFV005312; Wed, 2 Apr 2014 18:12:18 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404021812.s32ICIFV005312@svn.freebsd.org> From: Dru Lavigne Date: Wed, 2 Apr 2014 18:12:18 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44420 - head/en_US.ISO8859-1/books/handbook/ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Apr 2014 18:12:19 -0000 Author: dru Date: Wed Apr 2 18:12:18 2014 New Revision: 44420 URL: http://svnweb.freebsd.org/changeset/doc/44420 Log: Editorial review of Poudriere section. Expand on the intro some. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Wed Apr 2 17:59:41 2014 (r44419) +++ head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Wed Apr 2 18:12:18 2014 (r44420) @@ -1545,56 +1545,61 @@ The deinstallation will free 229 kB Building Packages with <application>Poudriere</application> - Poudriere uses &os; jails to set - up isolated compilation environments. Inside, ports are - compiled and packaged using standard &man.make.1; targets and - &man.pkg.8;. - - - Installation and Configuration - - Install Poudriere from the - Ports Collection - (ports-mgmt/poudriere). - - Configuration files are + Poudriere is a + BSD-licensed utility for creating and testing + &os; packages. It uses &os; jails to set + up isolated compilation environments which can be used to build + packages for versions of &os; that are different from the box + on which it is installed, and also to build packages for i386 if + the host is an &arch.amd64; system. Once the packages are built, they + will be in a layout identical to the official mirrors and are + therefore useable by + &man.pkg.8; and other package management tools. + + Poudriere can be installed + using the + ports-mgmt/poudriere package or + port. The installation will include a sample configuration file + /usr/local/etc/poudriere.conf.sample. + This file should be copied to + /usr/local/etc/poudriere.conf which can + then be edited to suit the local configuration. + + While ZFS is not required on the + system running poudriere, + it is beneficial. When ZFS is used, the + ZPOOL must be + specified in /usr/local/etc/poudriere.conf and - /usr/local/etc/poudriere.d/. Example - settings are shown in - /usr/local/etc/poudriere.conf.sample. - - Using ZFS is not required, - but beneficial. When ZFS is used, the - ZPOOL for - Poudriere's datasets must be - specified. Set FREEBSD_HOST to a nearby - mirror. Defaults for the other values are adequate. Defining + FREEBSD_HOST should be set to a nearby + mirror. Defining CCACHE_DIR enables the use of devel/ccache to cache - compilation. This will reduce build times for - frequently-compiled code. It is convenient to put - Poudriere datasets in an isolated + compilation and reduce build times for + frequently-compiled code. It may be convenient to put + poudriere datasets in an isolated tree mounted at - /poudriere. That is - not a functional modification, but a matter of taste. + /poudriere. Defaults + for the other configuration values are adequate. The number of processor cores detected is used to define how many builds should run in parallel. Supply enough virtual memory, either with RAM or swap space. If virtual memory runs out, compiling jails will stop and be torn down, resulting in weird error messages. - Initialize Jails and Port Trees - Initially, it is sufficient to install a &os; tree and a - ports tree. Creating a simple setup only requires supplying a - name with and a version with + Once configured, initialize + poudriere so that it installs a + jail with the required &os; tree and a + ports tree. Specify a name for the jail using + and the &os; version with . On systems running &os;/&arch.amd64;, the architecture can be set with to either i386 or amd64. - The default is the architecture shown by + The default is to use the architecture shown by uname. &prompt.root; poudriere jail -c -j 10amd64 -v 10.0-RELEASE @@ -1644,12 +1649,12 @@ Fetching 1 new ports or files... done. Building new INDEX files... done. - On a single computer, Poudriere + On a single computer, poudriere can build ports with multiple configurations, in multiple jails, and from different port trees. Custom configurations for these combinations are called sets. See the CUSTOMIZATION section of &man.poudriere.8; for - detail. + details. The basic configuration shown here puts a single jail-, port-, and set-specific make.conf in @@ -1670,29 +1675,29 @@ devel/git ports-mgmt/pkg ... - Options and dependencies for the specified ports are - configured: + To configure the options and dependencies for the + specified ports: &prompt.root; poudriere options -j 10amd64 -p local -z workstation -f workstation-pkglist - Finally, packages are built and a &man.pkg.8; repository - is created: + Finally, to build the packages and create the package + repository: &prompt.root; poudriere bulk -j 10amd64 -p local -z workstation -f workstation-pkglist Ctrlt - displays the current state. + displays the current state of the build. Poudriere also builds files in /poudriere/logs/bulk/jailname that can be used with a web server to display build information. - Packages are now available for installation from the - Poudriere repository. + Once the build is complete, packages are now available for installation from the + poudriere repository. - For more information on - Poudriere, see &man.poudriere.8; + For more information on using + poudriere, see &man.poudriere.8; and the main web site, . From owner-svn-doc-all@FreeBSD.ORG Wed Apr 2 17:59:41 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A78B0A0F; Wed, 2 Apr 2014 17:59:41 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 928711C5; Wed, 2 Apr 2014 17:59:41 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s32HxfXV096835; Wed, 2 Apr 2014 17:59:41 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s32Hxfk1096834; Wed, 2 Apr 2014 17:59:41 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201404021759.s32Hxfk1096834@svn.freebsd.org> From: Remko Lodder Date: Wed, 2 Apr 2014 17:59:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44419 - translations/nl_NL.ISO8859-1/books/handbook/security X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Wed, 02 Apr 2014 18:39:45 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Apr 2014 17:59:41 -0000 Author: remko Date: Wed Apr 2 17:59:41 2014 New Revision: 44419 URL: http://svnweb.freebsd.org/changeset/doc/44419 Log: Update my work in progress with today's work. Facilitated by: Snow B.V. Modified: translations/nl_NL.ISO8859-1/books/handbook/security/chapter.xml Modified: translations/nl_NL.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- translations/nl_NL.ISO8859-1/books/handbook/security/chapter.xml Wed Apr 2 10:25:12 2014 (r44418) +++ translations/nl_NL.ISO8859-1/books/handbook/security/chapter.xml Wed Apr 2 17:59:41 2014 (r44419) @@ -438,41 +438,26 @@ Een ander potentieel beveiligingsgat is het gebruik van SUID-root en SGID binaries. De meeste van deze binaries zoals &man.rlogin.1; leven in /bin, - /sbin - - De andere grote mogelijkheid voor root - gaten in een systeem zijn de suid-root en sgid-binaire - bestanden die genstalleerd zijn op een systeem. Veel van - die bestanden, zoals rlogin, staan in - /bin, - /sbin, - /usr/bin of - /usr/sbin. Hoewel het niet 100% - veilig is, mag aangenomen worden dat de suid- en sgid-binaire bestanden - van een standaardsysteem redelijk veilig zijn. Toch worden er - nog wel eens root gaten gevonden in deze - bestanden. Zo is er in 1998 een root gat - gevonden in Xlib waardoor - xterm (die normaliter suid is) - kwetsbaar bleek. Een voorzichtige systeembeheerder kiest voor - better to be safe than sorry door de - suid-bestanden die alleen medewerkers hoeven uit te voeren aan - een speciale groep toe te wijzen en de suid-bestanden die - niemand gebruikt te lozen (chmod 000). Een - server zonder monitor heeft normaal gezien - xterm niet nodig. Sgid-bestanden - kunnen bijna net zo gevaarlijk zijn. Als een inbreker een - sgid-kmem stuk kan krijgen, dan kan hij wellicht - /dev/kmem lezen en dus het gecodeerde - wachtwoordbestand, waardoor mogelijk ieder account met - een wachtwoord besmet is. Een inbreker toegang tot de groep - kmem kan krijgen, zou bijvoorbeeld mee - kunnen kijken met de toetsaanslagen die ingegeven worden via de - pty's, inclusief die pty's die gebruikt worden door gebruikers - die via beveiligde methodes aanmelden. Een inbreker die - toegang krijgt tot de groep tty kan naar - bijna alle tty's van gebruikers schrijven. Als een gebruiker - een terminalprogramma of een terminalemulator met een + /sbin, /usr/bin of + /usr/sbin. Ondanks dat niets 100% veilig + is, zijn de systeem standaard SUID en SGID binaries goed te + vertrouwen. Het is aangeraden om SUID binaries tot een + specifieke groep te beperken, zodat alleen bepaalde stafleden + SUID binaries kunnen gebruiken, en het verwijderen van niet + gebruikte SUID binaries. SGID binaries kunnen nagenoeg net + zo gevaarlijk zijn. Als een aanvaller in staat is om een + SGID-kmem binary te breken, kan de aanvaller in staat zijn om + /dev/kmem uit te lezen en daarmee ook + het gecodeerde wachtwoord bestand waardoor mogelijk ieder + genoemd account gecompromitteerd is. Ook is het mogelijk dat + een aanvaller die toegang heeft tot de groep + kmem in staat is om toetsaanslagen mee te + lezen welke verstuurd worden door de pty's, inclusief de pty's + die worden gebruikt om in te loggen met veilige methoden. Een + aanvaller die de groep + tty kan breken, is + in staat om naar nagenoeg elke tty te schrijven. Als de + gebruiker een terminalprogramma of een terminalemulator met een toetsenbordsimulatieoptie draait, dan kan de inbreker in potentie een gegevensstroom genereren die ervoor zorgt dat de terminal van de gebruiker een commando echot, dat dan wordt @@ -483,65 +468,55 @@ Beveiligen van gebruikersaccounts Gebruikersaccounts zijn gewoonlijk het meest lastig om te - beveiligen. Hoewel er allerlei draconische maatregelen genomen - kunnen worden met betrekking tot de medewerkers en hun - wachtwoorden weggesterd kunnen worden, gaat dat - waarschijnlijk niet lukken met de gewone gebruikersaccounts. - Als er toch voldoende vrijheid is, dan prijst de beheerder zich - gelukkig en is het misschien toch mogelijk de accounts - voldoende te beveiligen. Als die vrijheid er niet is, dan - moeten die accounts gewoon netter gemonitord worden. Het - gebruik van ssh en - Kerberos voor gebruikersaccounts is - problematischer vanwege het extra beheer en de ondersteuning, - maar nog steeds een prima oplossing in vergelijking met een - versleuteld wachtwoordbestand. + beveiligen. Wees alert bij het monitoren van gebruikeraccounts. + Het gebruik van &man.ssh.1; en Kerberos voor gebruikeraccounts, + vereisen extra beheer en technische ondersteuning maar leveren + een goede oplossing ten opzichte van een gecodeerd + wachtwoordbestand. Beveiligen van het wachtwoordbestand De enige echte oplossing is zoveel mogelijk wachtwoorden - wegsterren en ssh - of Kerberos gebruiken voor toegang - tot die accounts. Hoewel een gecodeerd wachtwoordbestand - (/etc/spwd.db) alleen gelezen kan worden - door root, is het wel mogelijk dat een - inbreker leestoegang krijgt tot dat bestand zonder dat de - aanvaller root-schrijftoegang krijgt. + wegsterren en &man.ssh.1; of Kerberos + gebruiken voor toegang tot die accounts. Hoewel een gecodeerd + wachtwoordbestand (/etc/spwd.db) alleen + gelezen kan worden door + root, is het wel + mogelijk dat een inbreker leestoegang krijgt tot dat bestand + zonder dat de aanvaller root-schrijftoegang krijgt. Beveiligingsscripts moeten altijd controleren op en - rapporteren over wijzigingen in het wachtwoordbestand (zie ook + rapporteren over wijzigingen in het wachtwoordbestand zoals + beschreven in Bestandsintegriteit - Controleren hieronder). + Controleren hieronder. Beveiligen van de kern van de kernel, ruwe apparaten en bestandssystemen - Als een aanvaller toegang krijgt tot - root dan kan hij ongeveer alles, maar er - zijn een paar slimmigheidjes. Zo hebben bijvoorbeeld de meeste - moderne kernels een ingebouwd pakketsnuffelstuurprogramma - (packet sniffing). Bij &os; is dat het - bpf apparaat. Een inbreker zal in het - algemeen proberen een pakketsnuffelaar te draaien op een - gecompromitteerde machine. De inbreker hoeft deze mogelijkheid - niet te hebben en bij de meeste systemen is het niet verplicht - het bpf apparaat mee te - compileren. + De meeste moderne kernels bevatten een ingebouwd packet + sniffer apparaat. Binnen &os; wordt deze + bpf genoemd. Dit apparaat is nodig voor + DHCP maar kan verwijderd worden in een speciale kernel + configuratie als het systeem geen DHCP levert of nodig + heeft. - sysctl + + &man.sysctl.8; + - Maar zelfs als het bpf + Zelfs als het bpf apparaat is uitgeschakeld, dan zijn er nog /dev/mem en /dev/kmem. De inbreker kan namelijk nog schrijven naar ruwe schrijfapparaten. En er is ook nog een optie in de kernel die modulelader (module loader) heet, &man.kldload.8;. Een ondernemende - inbreker kan een KLD-module gebruiken om zijn eigen + inbreker kan een &man.kldload.8; gebruiken om zijn eigen bpf-apparaat of een ander snuffelapparaat te installeren in een draaiende kernel. Om deze problemen te voorkomen, moet de kernel op een hoger @@ -556,161 +531,145 @@ &prompt.root; sysctl kern.securelevel=1 Standaard start de kernel van &os; op met een - veiligheidsniveau van -1. Het veiligheidsniveau blijft -1 - tenzij het is veranderd, fwel door de beheerder - fwel door &man.init.8; vanwege een instelling in de - opstartscripts. Het veiligheidsniveau kan tijdens het opstarten - van het systeem verhoogd worden door de variabele + veiligheidsniveau van -1. Dit wordt insecure + mode genoemd, omdat alle onveranderlijke + bestandsvlaggen kunnen in en uitgeschakeld worden, en er + mag van alle apparaten gelezen en naartoe geschreven worden. + Het beveiliginsniveau blijft op -1 tenzij deze wordt aangepast, + ofwel door de beheerder ofwel door &man.init.8; door + instellingen in de opstartscripts. Het beveiligingsniveau kan + verhoogd worden tijdens het opstarten van het systeem door + het instellen van de variabele kern_securelevel_enable op - YES te zetten in het bestand - /etc/rc.conf, en de waarde van de variabele - kern_securelevel op het gewenste - veiligheidsniveau in te stellen. - - Het standaard veiligheidsniveau van een &os;-systeem direct - nadat de opstartscripts zijn uitgevoerd is -1. Dit wordt - onveilige modus genoemd omdat de onveranderlijke - bestandsvlag uitgezet kan worden, er van/naar alle apparaten mag - worden gelezen en geschreven, enzovoorts. - - Als eenmaal het veiligheidsniveau op 1 of een hogere waarde - is ingesteld, worden de alleen-toevoegen en onveranderlijke - bestanden gehonoreerd, deze kunnen niet worden uitgezet, en - wordt toegang tot rauwe apparaten ontzegd. Hogere niveaus - beperken nog meer bewerkingen. Lees, voor een volledige - beschrijving van het effect van de verschillende - veiligheidsniveaus, de handleidingpagina &man.security.7;. + YES in /etc/rc.conf, en + de waarde van kern_securelevel op het + gewenste beveiligingsniveau. + + Zodra het beveiligingsniveau is ingesteld op 1 of een + hogere waarde worden de 'alleen toevoegen' en 'niet aanpassen' + bestanden gehonoreerd, deze kunnen niet worden uitgeschakeld + en toegang tot ruwe apparaten wordt verboden. Nog hogere + niveau's bieden nog meer restricties. Voor een volledige + beschrijving van het effect van de diverse beveiligingsniveau's + kan gekeken worden in &man.security.7; en &man.init.8;. Het ophogen van het veiligheidsniveau naar 1 of hoger kan - enkele problemen met X11 (toegang tot - /dev/io zal worden geblokkeerd), of met - de installatie van &os; wanneer die vanaf de broncode is - gebouwd (het gedeelte installword van - het proces moet tijdelijk de alleen-toevoegen en - onveranderlijke vlaggen van sommige bestanden uitzetten), en - met enkele andere gevallen veroorzaken. Soms, zoals het geval - is met X11, is het mogelijk om dit te omzeilen door - &man.xdm.1; behoorlijk vroeg in het opstartproces te starten, - wanneer het veiligheidsniveau nog laag genoeg is. - Omzeilmethoden zoals deze zijn misschien niet voor alle - veiligheidsniveaus of voor alle beperkingen die ze opleggen - mogelijk. Wat vooruit plannen is een goed idee. Het is - belangrijk om de beperkingen die door elk veiligheidsniveau - worden opgelegd te begrijpen omdat ze het gebruiksgemak van - het systeem sterk verminderen. Het vergemakkelijkt ook het - kiezen van eens standaardinstelling en voorkomt allerlei - verassingen. + enkele problemen met &xorg; geven + omdat toegang tot /dev/io wordt + geblokkeerd, of met de installatie van &os; wanneer deze uit + de broncode is gebouwd, omdat + installworld tijdelijk de + alleen-toevoegen en onveranderlijke vlaggen van enkele + bestanden moet resetten. In het geval van + &xorg; kan hier mogelijk omheen + gewerkt worden door het vroeg opstarten van &man.xdm.1; vroeg + in het opstart proces, zolang het beveiligingsniveau nog + laag genoeg is. Omzeilmethoden zoals deze zijn misschien + niet voor alle veiligheidsniveaus of voor alle beperkingen + die ze opleggen mogelijk. Wat vooruit plannen is een goed + idee. Het is belangrijk om de beperkingen die door elk + veiligheidsniveau worden opgelegd te begrijpen omdat ze het + gebruiksgemak van het systeem sterk verminderen. Het + vergemakkelijkt ook het kiezen van eens standaardinstelling + en voorkomt allerlei verrassingen. Als het veiligheidsniveau van de kernel naar 1 of hoger wordt verhoogd, kan het nuttig zijn om de vlag schg aan te zetten voor kritieke - opstartprogramma's, mappen, en scriptbestanden (i.e., alles dat - gedraaid wordt tot het punt waar het veiligheidsniveau wordt - ingesteld). Dit kan overdreven zijn, en het bijwerken van het - systeem is veel moeilijker wanneer het op een hoog - veiligheidsniveau werkt. Een minder beperkend compromis is om + opstartprogramma's, mappen, en scriptbestanden, en alles + dat opgestart wordt tot het punt waarop het veiligheidsniveau + toegepast wordt. Een minder beperkend compromis is om het systeem op een hoger veiligheidsniveau te draaien maar het aanzetten van de vlag schg voor elk systeembestand en -map onder de zon over te slaan. Een andere mogelijkheid is om / en /usr simpelweg als alleen-lezen - aan te koppelen. Het dient opgemerkt te worden dat het te draconisch - zijn over wat is toegestaan het belangrijke detecteren van een - inbraak kan verhinderen. + aan te koppelen. Het dient opgemerkt te worden dat het te + draconisch zijn over wat is toegestaan het belangrijke + detecteren van een inbraak kan verhinderen. - Bestandsintegriteit controleren: binaire bestanden, - instellingenbestanden, enzovoort + Bestandsintegriteit controleren - Als puntje bij paaltje komt kan de kern van een systeem - maar tot een bepaald punt beveiligd worden zonder dat het - minder prettig werken wordt. Zo werk het zetten van de - schg bit met chflags op - de meeste bestanden in / en - /usr waarschijnlijk averechts, - omdat, hoewel de bestanden beschermd zijn, ook het venster waarin - detectie plaats kan vinden is gesloten. De laatste laag van - beveiliging is waarschijnlijk de meest belangrijke: detectie. - Alle overige beveiliging is vrijwel waardeloos (of nog erger: - geeft een vals gevoel van beveiliging) als een mogelijke inbraak - niet gedetecteerd kan worden. Een belangrijk doel van het - meerlagenmodel is het vertragen van een aanvaller, nog meer dan - hem te stoppen, om hem op heterdaad te kunnen betrappen. + Er kan maar zoveel worden beveilgd aan de kern van + het systeem tot het onprettiger werken wordt. Zo werk het + zetten van de schg bit met + chflags op de meeste bestanden in + / en /usr + waarschijnlijk averechts, omdat, hoewel de bestanden beschermd + zijn, ook het venster waarin detectie plaats kan vinden is + gesloten. Beveiligingsmaatregelen zijn waardeloos of nog erger + geven een vals gevoel van beveiliging als potentiele inbraken + niet kunnen worden gedetecteerd. De helft van het werk van + beveiliging is het vertragen van een aanvaller, niet om hem + te stoppen, zodat deze op heterdaad gepakt kan worden. De beste manier om te zoeken naar een inbraak is zoeken naar gewijzigde, ontbrekende of onverwachte bestanden. De beste manier om te zoeken naar gewijzigde bestanden is vanaf een - ander (vaak gecentraliseerd) systeem met beperkte toegang. + ander ,vaak gecentraliseerd, systeem met beperkte toegang. Met zelfgeschreven scripts op dat extra beveiligde systeem met beperkte toegang is een beheerder vrijwel onzichtbaar voor mogelijke aanvallers en dat is belangrijk. Om het nut te - maximaliseren moeten in het algemeen dat systeem met beperkte - toegang best veel rechten gegeven worden op de andere machines - in het netwerk, vaak via een alleen-lezen NFS-export van de - andere machines naar het systeem met beperkte toegang of door - ssh sleutelparen in te stellen om - het systeem met beperkte toegang een - ssh verbinding te laten maken met de - andere machines. Buiten het netwerkverkeer, is NFS de minst - zichtbare methode. Hierdoor kunnen de bestandssystemen - op alle clintmachines vrijwel ongezien gemonitord worden. - Als de server met beperkte toegang verbonden is met de - clintmachines via een switch, dan is de NFS-methode vaak - de beste keus. Als de server met beperkte toegang met de andere - machines is verbonden via een hub of door meerdere routers, dan - is de NFS-methode wellicht niet veilig genoeg (vanuit een - netwerk standpunt) en kan beter ssh - gebruikt worden, ondanks de audit-sporen die - ssh achterlaat. + maximaliseren moet het systeem met beperkte toegang + significante toegang hebben tot andere systemen, veelal door + een alleen-lezen NFS export of door het + opzetten van &man.ssh.1; sleutelparen. Buiten het netwerk + verkeer is NFS het minst zichtbaar waardoor + de beheerder in staat is om bestandssystemen op elke client + nagenoeg onzichtbaar te monitoren. Als de machine met + beperkte toegang verbonden is met een switch naar de andere + machines, is NFS veelal de betere keuze. + Als de machine met beperkte toegang verbonden is met de andere + machines via meerdere lagen routeringen kan de + NFS methode te onveilig zijn en kan + &man.ssh.1; een veiligere keuze zijn. Als de machine met beperkte toegang eenmaal minstens leestoegang heeft tot een clintsysteem dat het moet gaan monitoren, dan moeten scripts gemaakt worden om dat monitoren - ook echt uit te voeren. Uitgaande van een NFS-koppeling, kunnen - de scripts gebruik maken van eenvoudige systeem hulpprogramma's - als &man.find.1; en &man.md5.1;. We adviseren minstens - 蜑n keer per dag een md5 te maken van alle - bestanden op de clintmachine en van instellingenbestanden - als in /etc en + ook echt uit te voeren. Uitgaande van een + NFS-koppeling, kunnen de scripts gebruik + maken van eenvoudige systeem hulpprogramma's als &man.find.1; + en &man.md5.1;. We adviseren minstens 蜑n keer per dag een + md5 te maken van alle bestanden op de clintmachine en van + instellingenbestanden als in /etc en /usr/local/etc zelfs vaker. - Als er verschillen worden aangetroffen ten opzichte van de basis md5 - informatie op het systeem met beperkte toegang, dan hoort het - script te gillen om een beheerder die het moet gaan uitzoeken. - Een goed beveiligingsscript controleert ook op onverwachte - suid-bestanden en op nieuwe en verwijderde bestanden op - systeempartities als / en + Als er verschillen worden aangetroffen ten opzichte van de + basis md5 informatie op het systeem met beperkte toegang, dan + hoort het script te gillen om een beheerder. Een goed + beveiligingsscript controleert ook op onverwachte + SUID-bestanden en op nieuwe en verwijderde + bestanden op systeempartities als / en /usr. - Als ssh in plaats van NFS wordt - gebruikt, dan is het schrijven van het script lastiger. Dan - moeten de scripts met scp naar de clint - verplaatst worden om ze uit te voeren, waardoor ze zichtbaar - worden. Voor de veiligheid dienen ook de binaire bestanden die - het script gebruikt, zoals &man.find.1;, gekopieerd te - worden. De ssh-clint op de - clint zou al gecompromitteerd kunnen zijn. Het is - misschien noodzakelijk ssh te gebruiken over onveilige - verbindingen, maar dat maakt alles een stuk lastiger. + Als &man.ssh.1; in plaats van NFS wordt gebruikt, dan is + het schrijven van het script lastiger. Er is bijvoorbeeld + &man.scp.1; nodig om de scripts te transporteren naar de + machine die ze zal draaien. Het kan namelijk zijn dat + &man.ssh.1; reeds gecompromitteerd is op de clientmachine. + Het gebruik van &man.ssh.1; kan noodzakelijk zijn over + onveilige lijnen heen, maar is lastiger om mee om te + gaan. Een goed beveiligingsscript voert ook controles uit op de instellingenbestanden van gebruikers en medewerkers: .rhosts, .shosts, - .ssh/authorized_keys, enzovoort. + .ssh/authorized_keys. Dat zijn bestanden die buiten het bereik van de - MD5-controle vallen. + MD5-controle kunnen vallen. Als gebruikers veel schijfruimte hebben, dan kan het te lang duren om alle bestanden op deze partitie te controleren. In dat geval is het verstandig de koppelvlaggen zo in te stellen dat - suid-binaire bestanden op die partities niet zijn toegestaan. - Zie daarvoor de optie nosuid (zie - &man.mount.8;). Die partities moeten wel toch nog minstens eens - per week doorzocht worden, omdat het doel van deze - beveiligingslaag het ontdekken van een inbraakpoging is, of die - nu succesvol is of niet. + SUID-binaire bestanden op die partities niet zijn toegestaan + door gebruik te maken van de optie nosuid + in combinatie met &man.mount.8;. Controleer deze partities + minstens eens per week, omdat het doel is om een inbraak te + detecteren ongeacht of de poging wel of niet geslaagd is. Procesverantwoording (zie &man.accton.8;) kost relatief gezien weinig en kan bijdragen aan een evaluatie mechanisme @@ -720,8 +679,8 @@ Tenslotte horen beveiligingsscripts de logboekbestanden te verwerken en de logboekbestanden zelf horen zo veilig mogelijk - tot stand te komen. remote syslog kan erg - zinvol zijn. Een aanvaller zal proberen zijn sporen uit te + tot stand te komen en doorgestuurd te worden naar een syslog + server. Een aanvaller zal proberen zijn sporen uit te wissen en logboekbestanden zijn van groot belang voor een systeembeheerder als het gaat om uitzoeken wanneer en hoe er is ingebroken. Een manier om logboekbestanden veilig te stellen @@ -735,7 +694,7 @@ Een beetje paranoia is niet verkeerd. Eigenlijk kan de systeembeheerder zoveel beveiligingsopties inschakelen als hij - wil, als deze maar geen impact hebben op het gebruiksgemak en + wil, die geen impact hebben op het gebruiksgemak en de beveiligingsopties die wel impact hebben op het gebruiksgemak kunnen ingeschakeld worden als daar zorgvuldig mee wordt omgegaan. Nog belangrijker is misschien @@ -749,13 +708,13 @@ Ontzeggen van Dienst aanvallen - Ontzegging van Dienst (DoS) + + Ontzegging van Dienst (DoS) + - In deze paragraaf worden Ontzeggen van Dienst aanvallen - (Denial of Service of DoS) behandeld. Een - DoS-aanval wordt meestal uitgevoerd als pakketaanval. Hoewel er - weinig gedaan kan worden tegen de huidige aanvallen met - gefingeerde pakketten die een netwerk kunnen verzadigen, kan + Een DoS aanval is meestal een pakket + gebasseerde aanval. Ondanks dat er niet veel te doen is tegen + gefingeerde pakkette die een netwerk kunnen verzadigen, kan de schade geminimaliseerd worden door ervoor te zorgen dat servers er niet door plat gaan door: @@ -765,33 +724,31 @@ - Limiteren van springplank (springboard) - aanvallen (ICMP response aanvallen, ping broadcast, etc.). + Limiteren van springplank aanvallen zoals ICMP + response aanvallen en ping broadcasts. - De Kernel Route Cache overloaden. + De kernel route cache overloaden. - Een veelvoorkomende DoS-aanval is om een server aan te - vallen door het zoveel kindprocessen aan te laten maken dat het - hostsysteem uiteindelijk geen bestandsdescriptors, geheugen - enzovoort meer heeft en het dan opgeeft. - inetd (zie &man.inetd.8;) kent een - aantal instellingen om dit type aanval af te zwakken. Hoewel - het mogelijk is ervoor te zorgen dat een machine niet plat - gaat, is het in het algemeen niet mogelijk te voorkomen dat de - dienstverlening door de aanval wordt verstoord. Meer is te - lezen in de handleiding van inetd - en het advies is in het bijzonder aandacht aan de - , en - opties te besteden. Aanvallen met gefingeerde - IP adressen omzeilen de - optie naar inetd, dus in het - algemeen moet een combinatie van opties gebruikt worden. - Sommige op zichzelf staande servers hebben parameters waarmee - het aantal forks gelimiteerd kan worden. + Een veelvoorkomende DoS-aanval is om + forkende server aan te vallen, waardoor er zoveel kindprocessen + worden gestart waarmee het hostsysteem uiteindelijk geen + bestandsdescriptors, geheugen enzovoort meer heeft en het dan + opgeeft. Er zijn een aantal &man.inetd.8; opties die dit + soort aanvallen kunnen beperken. Er moet wel worden opgemerkt + dat ondanks dat het mogelijk is om te voorkomen dat een machine + onderuit gaat, het meestal niet mogelijk is om te voorkomen dat + een dienst hinder ondervind van dit type aanval. Lees + &man.inetd.8; zorgvuldig en besteed in het bijzonder aandacht + aan de opties , en + . Gefingeerde pakketten kunnen de + optie omzeilen, dus vaak moet er een + combinatie van opties worden gebruikt. Sommige op zichzelf + staande servers hebben parameters waarmee het aantal forks + gelimiteerd kan worden. Sendmail heeft de optie die veel beter blijkt te @@ -812,59 +769,35 @@ tussenpozen voor verwerking verkort worden door deze bijvoorbeeld op in te stellen, maar dan is een redelijke instelling van - MaxDaemonChildren van belang om - die Sendmail te - beschermen tegen trapsgewijze fouten. + MaxDaemonChildren van belang om tegen + trapsgewijze fouten te beschermen. - Syslogd kan direct aangevallen + &man.syslogd.8;> kan direct aangevallen worden en het is sterk aan te raden de optie te gebruiken waar dat ook maar mogelijk is en anders de optie. Er dient voorzichtig omgesprongen te worden met diensten - die terugverbinden zoals - TCP Wrapper's reverse-identd die - direct aangevallen kan worden. In het algemeen is het hierom - onverstandig gebruik te maken van de reverse-ident optie van + die terugverbinden zoals reverse-identd die direct aangevallen + kan worden. In het algemeen is het hierom onverstandig gebruik + te maken van de reverse-ident optie van TCP Wrapper. - Het is een goed idee om interne diensten af te schermen - voor toegang van buitenaf door ze te firewallen op de routers - aan de rand van een netwerk (border routers). - Dit heeft als achtergrond dat verzadigingsaanvallen voorkomen - van buiten het LAN voorkomen kunnen worden. Daarmee wordt geen - aanval op root via het netwerk en die - diensten daaraan voorkomen. Er dient altijd een exclusieve - firewall te zijn, dat wil zeggen firewall alles - behalve poorten A, B, C, D en M-Z. - Zo worden alle lage poorten gefirewalled behalve die voor - specifieke diensten als named (als - er een primary is voor een zone), - ntalkd, - sendmail en andere diensten die - vanaf Internet toegankelijk moeten zijn. Als de firewall - andersom wordt ingesteld, als een inclusieve of tolerante - firewall, dan is de kans groot dat er wordt vergeten een aantal - diensten af te sluiten of dat er een nieuwe - interne dienst wordt toegevoegd en de firewall niet wordt - bijgewerkt. Er kan nog steeds voor gekozen worden de hoge - poorten open te zetten, zodat een tolerante situatie ontstaat, - zonder de lage poorten open te stellen. &os; biedt ook de - mogelijkheid een reeks poortnummers die gebruikt worden voor - dynamische verbindingen in te stellen via de verscheidene - net.inet.ip.portrange - sysctls (sysctl -a | fgrep - portrange), waardoor ook de complexiteit van de - firewall instellingen kan vereenvoudigen. Zo kan bijvoorbeeld - een normaal begin tot eindbereik ingesteld worden van 4000 tot - 5000 en een hoog poortbereik van 49152 tot 65535. Daarna kan - alles onder 4000 op de firewall geblokkeerd worden (met - uitzondering van bepaalde poorten die vanaf Internet bereikbaar - moeten zijn natuurlijk). - - Een andere veelvoorkomende DoS-aanval is de - springplankaanval: een server zo aanvallen dat de respons van - die server de server zelf, het lokale netwerk of een andere + Het is aangeraden om interne diensten te beschermen voor + toegang van buitenaf door deze te firewallen op de routers + aan de rand van het netwerk. Dit om verzadigingsaanvallen + van buiten het LAN netwerk te voorkomen, en niet zozeer om + een netwerk gebaseerde aanval op + root te voorkomen. + Configureer altijd een exclusieve firewall, welke altijd alle + verkeer weigert, tenzij expliciet toegestaan. De reeks van + poorten die dynamisch gebruikt worden door &os; worden bediend + door de net.inet.ip.portrange + &man.sysctl.8; variabele. + + Een andere veelvoorkomende DoS-aanval + is de springplankaanval: een server zo aanvallen dat de respons + van die server de server zelf, het lokale netwerk of een andere machine overbelast. De meest voorkomende aanval van dit type is de ICMP ping broadcast aanval. De aanvaller fingeert ping-pakketten die naar het broadcast-adres @@ -877,44 +810,40 @@ verzadigen, zeker als de aanvaller hetzelfde doet met tientallen andere netwerken. Broadcastaanvallen met een volume van meer dan 120 megabit zijn al voorgekomen. Een tweede - springplankaanval is er een tegen het ICMP-foutmeldingssysteem. - Door een pakket te maken waarop een ICMP-foutmelding komt, kan - een aanvaller de inkomende verbinding van een server verzadigen - en de uitgaande verbinding laten verzadigen met - ICMP-foutmeldingen. Dit type aanval kan een server ook laten - crashen door te zorgen dat het geheugen ervan vol zit, zeker als - de server de ICMP-antwoorden niet zo snel kwijt kan als dat het - ze genereert. Gebruik de - sysctl-variabele - net.inet.icmp.icmplim om deze aanvallen te - beperken. De laatste belangrijke klasse springplankaanvallen - hangt samen met een aantal interne diensten van - inetd zoals de UDP-echodienst. Een - aanvaller fingeert eenvoudigweg een UDP-pakket met als - bronadres de echopoort van Server A en als bestemming de - echopoort van Server B, waar Server A en B allebei op een LAN - staan. Die twee servers gaan dat pakket dan heen en weer - kaatsen. Een aanvaller kan beide servers overbelasten door een - aantal van deze pakketten te injecteren. Soortgelijke problemen - kunnen ontstaan met de poort chargen. - Een competente systeembeheerder zal al deze interne - inetd testdiensten - uitschakelen. + springplankaanval is er een er ICMP-foutmeldingen antwoorden + worden gegenereerd, welke de inkomende verbinding van een + server kan verzadigen en de uitgaande verbinding wordt verzadigd + door ICMP foutmeldingen. Dit type aanval kan een server laten + crashen door ervoor te zorgen dat de machine geen vrij geheugen + meer heeft, in het bijzonder als de server niet in staat is + om snel genoeg de ICMP foutmeldingen te verwerken. Gebruik de + &man.sysctl.8; variabele net.inet.icmp.icmplim + om deze aanvallen te beperken. De laatste belangrijke klasse + springplankaanvallen is gerelateerd aan bepaalde interne + &man.inetd.8; diensten, zoals de UDP-echodienst. Een aanvaller + fingeert een UDP-pakket met als bronadres de echopoort van + Server A en als bestemming de echopoort van Server B, waar + Server A en B allebei op een LAN staan. Die twee servers gaan + dat pakket dan heen en weer kaatsen. Een aanvaller kan beide + servers en het LAN overbelasten door een aantal van deze + pakketten te injecteren. Soortgelijke problemen kunnen + ontstaan met de poort chargen. + Deze interne test diensten moeten uitgeschakeld blijven. Gefingeerde pakketten kunnen ook gebruikt worden om de kernel route cache te overbelasten. Raadpleeg daarvoor de net.inet.ip.rtexpire, rtminexpire en rtmaxcache - sysctl parameters. Een aanval met - gefingeerde pakketten met een willekeurig bron-IP zorgt ervoor + &man.sysctl.8; parameters. Een aanval met gefingeerde + pakketten met een willekeurig bron-IP zorgt ervoor dat de kernel een tijdelijke gecachede route maakt in de routetabel, die uitgelezen kan worden met netstat -rna - | fgrep W3. Deze routes hebben een levensduur van + | fgrep W3. Deze routes hebben een levensduur van ongeveer 1600 seconden. Als de kernel merkt dat de gecachede routetabel te groot is geworden, dan wordt rtexpire dynamisch verkleind, maar deze waarde wordt nooit lager dan rtminexpire. - Er zijn twee problemen: + Dit creert twee problemen: @@ -928,7 +857,7 @@ - Als servers verbonden zijn met het Internet via een E3 + Als servers verbonden zijn met het Internet via een T3 of sneller, dan is het verstandig om handmatig rtexpire en rtminexpire aan te passen via &man.sysctl.8;. Als de een van de parameters @@ -938,33 +867,35 @@ - Aandachtspunten voor toegang met - <application>Kerberos</application> en - <application>SSH</application> + Aandachtspunten voor toegang met Kerberos en + &man.ssh.1; - ssh + + &man.ssh.1; + Er zijn een aantal aandachtspunten die in acht genomen - moeten worden als Kerberos of ssh gebruikt worden. Kerberos 5 - is een prima autenticatieprotocol, maar er zitten bugs in de - Kerberos-versies van telnet en - rlogin waardoor ze niet geschikt - zijn voor binair verkeer. Kerberos codeert standaard de sessie - niet, tenzij de optie wordt gebruikt. - ssh codeert standaard wel - alles. - - Ssh werkt prima, maar het stuurt coderingssleutels - standaard door. Dit betekent dat als gegeven een veilig - werkstation met sleutels die toegang geven tot de rest van het - systeem en ssh wordt gebruikt om verbinding te maken met een - onveilige machine, die sleutels gebruikt kunnen worden. De - sleutels zelf zijn niet bekend, maar ssh stelt een - doorstuurpoort in zolang als een gebruikers aangemeld blijft. - Als de aanvaller roottoegang heeft op de - onveilige machine, dan kan hij die poort gebruiken om toegang - te krijgen tot alle machines waar de sleutels van de gebruiker - toegang toe geven. + moeten worden als Kerberos of &man.ssh.1; gebruikt worden. + Kerberos is een prima autenticatieprotocol, maar er zitten + bugs in de Kerberos-versies van &man.telnet.1; en &man.rlogin.1; + waardoor ze niet geschikt zijn voor binair verkeer. Kerberos + codeert standaard de sessie niet, tenzij de optie + wordt gebruikt. &man.ssh.1; codeert + standaard wel alles. + + Ondanks dat &man.ssh.1; prima werkt, stuurt deze de + coderingssleutels standaard door. Dit introduceert een + beveiligings risico voor een gebruiker die &man.ssh.1; + gebruikt om een onveilige machine te benaderen vanaf een + veilig werkstation. De sleutels zelf zijn niet bekend maar + &man.ssh.1; stelt een doorstuur poort in zolang de gebruiker + aangemeld is. Als een aanvaller in staat is geweest om het + root account te + breken op de onveilige machine, kan hij van die poort gebruik + maken om toegang te krijgen tot alle machines waar de sleutels + van de gebruiker toegang toe geven. + + Het advies is ssh in combinatie met Kerberos te gebruiken voor het aanmelden door medewerkers wanneer dat ook maar From owner-svn-doc-all@FreeBSD.ORG Wed Apr 2 19:05:22 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DE6B1A31; Wed, 2 Apr 2014 19:05:22 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C747BCC6; Wed, 2 Apr 2014 19:05:22 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s32J5M10026720; Wed, 2 Apr 2014 19:05:22 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s32J5MXr026719; Wed, 2 Apr 2014 19:05:22 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404021905.s32J5MXr026719@svn.freebsd.org> From: Dru Lavigne Date: Wed, 2 Apr 2014 19:05:22 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44421 - head/en_US.ISO8859-1/books/handbook/ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Apr 2014 19:05:22 -0000 Author: dru Date: Wed Apr 2 19:05:22 2014 New Revision: 44421 URL: http://svnweb.freebsd.org/changeset/doc/44421 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Wed Apr 2 18:12:18 2014 (r44420) +++ head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Wed Apr 2 19:05:22 2014 (r44421) @@ -197,7 +197,7 @@ Before installing any application, check http://vuxml.freebsd.org/ for security issues related to the application or install - ports-mgmt/portaudit. Once installed, type + ports-mgmt/portaudit. Once installed, type portaudit -F -a to check all installed applications for known vulnerabilities. @@ -422,11 +422,12 @@ Info: Lists information about open fil Package files are distributed in the .tbz format. Packages are available - from ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/packages/ + from ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/packages/ or the /packages directory of the &os; DVD distribution. The layout of the packages directory is - similar to that of the /usr/ports tree. Each - category has its own directory, and every package can be + similar to that of the /usr/ports tree. + Each category has its own directory, and every package can be found within the All directory. @@ -880,18 +881,18 @@ Deinstalling ca_root_nss-3.15.1_1... don The Ports Collection is a set of Makefiles, patches, and description files - stored in /usr/ports. - This set of files is used to compile and install applications - on &os;. Before an application can be compiled using a port, - the Ports Collection must first be installed. If it was not - installed during the installation of &os;, use one of the - following methods to install it: + stored in /usr/ports. This set of files is + used to compile and install applications on &os;. Before an + application can be compiled using a port, the Ports Collection + must first be installed. If it was not installed during the + installation of &os;, use one of the following methods to + install it: Portsnap Method The base system of &os; includes - Portsnap. This is a fast and + Portsnap. This is a fast and user-friendly tool for retrieving the Ports Collection and is the recommended choice for most users. This utility connects to a &os; site, verifies the secure key, and @@ -907,8 +908,8 @@ Deinstalling ca_root_nss-3.15.1_1... don - When running Portsnap for - the first time, extract the snapshot into + When running Portsnap for the + first time, extract the snapshot into /usr/ports: &prompt.root; portsnap extract @@ -934,20 +935,19 @@ Deinstalling ca_root_nss-3.15.1_1... don Subversion Method - If more control over the ports tree is needed or if - local changes need to be maintained, - Subversion can be used to - obtain the Ports Collection. Refer to If more control over the ports tree is needed or if local + changes need to be maintained, + Subversion can be used to obtain + the Ports Collection. Refer to the Subversion Primer for a detailed description of Subversion. - Subversion must be - installed before it can be used to check out the ports - tree. If a copy of the ports tree is already present, - install Subversion like - this: + Subversion must be installed + before it can be used to check out the ports tree. If a + copy of the ports tree is already present, install + Subversion like this: &prompt.root; cd /usr/ports/devel/subversion &prompt.root; make install clean @@ -996,9 +996,9 @@ Deinstalling ca_root_nss-3.15.1_1... don - distinfo: contains the names - and checksums of the files that must be downloaded to - build the port. + distinfo: contains the names and + checksums of the files that must be downloaded to build the + port. @@ -1147,8 +1147,7 @@ Deinstalling ca_root_nss-3.15.1_1... don To save this extra step, instead use make - install clean when - compiling the port. + install clean when compiling the port. @@ -1164,11 +1163,10 @@ Deinstalling ca_root_nss-3.15.1_1... don options, it may pause several times for user interaction as the default behavior is to prompt the user to select options from a menu. To avoid this, run make - config-recursive - within the port skeleton to do this configuration in one - batch. Then, run make - install [clean] to - compile and install the port. + config-recursive within the port skeleton to do + this configuration in one batch. Then, run make + install [clean] to compile and install the + port. When using @@ -1176,10 +1174,10 @@ Deinstalling ca_root_nss-3.15.1_1... don ports to configure are gathered by the all-depends-list target. It is recommended to run make - config-recursive - until all dependent ports options have been defined, and - ports options screens no longer appear, to be certain - that all dependency options have been configured. + config-recursive until all dependent ports + options have been defined, and ports options screens no + longer appear, to be certain that all dependency options + have been configured. There are several ways to revisit a port's build options @@ -1189,10 +1187,10 @@ Deinstalling ca_root_nss-3.15.1_1... don port and type make config. Another option is to use make showconfig. Another option is to execute make - rmconfig which will - remove all selected options and allow you to start over. - All of these options, and others, are explained in great - detail in &man.ports.7;. + rmconfig which will remove all selected options + and allow you to start over. All of these options, and + others, are explained in great detail in + &man.ports.7;. The ports system uses &man.fetch.1; to download the source files, which supports various environment variables. @@ -1203,17 +1201,16 @@ Deinstalling ca_root_nss-3.15.1_1... don complete list of supported variables. For users who cannot be connected to the Internet all - the time, make fetch can be run - within /usr/ports, to fetch all - distfiles, or within a category, such as + the time, make fetch can be run within + /usr/ports, to fetch all distfiles, or + within a category, such as /usr/ports/net, or within the specific port skeleton. Note that if a port has any dependencies, running this command in a category or ports skeleton will not fetch the distfiles of ports from another category. Instead, use make - fetch-recursive to - also fetch the distfiles for all the dependencies of a - port. + fetch-recursive to also fetch the distfiles for + all the dependencies of a port. In rare cases, such as when an organization has a local distfiles repository, the MASTER_SITES @@ -1245,10 +1242,9 @@ Deinstalling ca_root_nss-3.15.1_1... don will combine the two. - These can also be set as environmental variables. - Refer to the manual page for your shell for instructions - on how to set an environmental variable. - + These can also be set as environmental variables. Refer + to the manual page for your shell for instructions on how to + set an environmental variable. @@ -1313,15 +1309,14 @@ The deinstallation will free 229 kB attempting an upgrade, read /usr/ports/UPDATING from the top of the file to the date closest to the last time ports were - upgraded or the system was installed. This file - describes various issues and additional steps users may - encounter and need to perform when updating a port, - including such things as file format changes, changes in - locations of configuration files, or any - incompatibilities with previous versions. Make note of - any instructions which match any of the ports that need - upgrading and follow these instructions when performing - the upgrade. + upgraded or the system was installed. This file describes + various issues and additional steps users may encounter and + need to perform when updating a port, including such things + as file format changes, changes in locations of + configuration files, or any incompatibilities with previous + versions. Make note of any instructions which match any of + the ports that need upgrading and follow these instructions + when performing the upgrade. To perform the actual upgrade, use either @@ -1462,9 +1457,9 @@ The deinstallation will free 229 kB To upgrade only a specified application instead of all available ports, use portupgrade - pkgname. It is very important to include - to first upgrade all the ports required - by the given application: + pkgname. It is very + important to include to first upgrade + all the ports required by the given application: &prompt.root; portupgrade -R firefox @@ -1472,9 +1467,9 @@ The deinstallation will free 229 kB is included, Portupgrade searches for available packages in the local directories listed in - PKG_PATH. If none are available locally, - it then fetches packages from a remote site. If - packages can not be found locally or fetched remotely, + PKG_PATH. If none are available locally, it + then fetches packages from a remote site. If packages can + not be found locally or fetched remotely, Portupgrade will use ports. To avoid using ports entirely, specify . This last set of options tells @@ -1545,62 +1540,58 @@ The deinstallation will free 229 kB Building Packages with <application>Poudriere</application> - Poudriere is a + Poudriere is a BSD-licensed utility for creating and testing - &os; packages. It uses &os; jails to set - up isolated compilation environments which can be used to build - packages for versions of &os; that are different from the box - on which it is installed, and also to build packages for i386 if - the host is an &arch.amd64; system. Once the packages are built, they - will be in a layout identical to the official mirrors and are - therefore useable by - &man.pkg.8; and other package management tools. - - Poudriere can be installed - using the - ports-mgmt/poudriere package or - port. The installation will include a sample configuration file - /usr/local/etc/poudriere.conf.sample. - This file should be copied to - /usr/local/etc/poudriere.conf which can - then be edited to suit the local configuration. - - While ZFS is not required on the - system running poudriere, - it is beneficial. When ZFS is used, the - ZPOOL must be - specified in - /usr/local/etc/poudriere.conf and - FREEBSD_HOST should be set to a nearby - mirror. Defining - CCACHE_DIR enables the use of - devel/ccache to cache - compilation and reduce build times for - frequently-compiled code. It may be convenient to put - poudriere datasets in an isolated - tree mounted at - /poudriere. Defaults - for the other configuration values are adequate. - - The number of processor cores detected is used to define - how many builds should run in parallel. Supply enough virtual - memory, either with RAM or swap space. If - virtual memory runs out, compiling jails will stop and be torn - down, resulting in weird error messages. + &os; packages. It uses &os; jails to set up isolated + compilation environments which can be used to build packages for + versions of &os; that are different from the box on which it is + installed, and also to build packages for i386 if the host is an + &arch.amd64; system. Once the packages are built, they will be + in a layout identical to the official mirrors and are therefore + useable by &man.pkg.8; and other package management + tools. + + Poudriere can be installed using + the ports-mgmt/poudriere package + or port. The installation will include a sample configuration + file /usr/local/etc/poudriere.conf.sample. + This file should be copied to + /usr/local/etc/poudriere.conf which can + then be edited to suit the local configuration. + + While ZFS is not required on the system + running poudriere, it is beneficial. + When ZFS is used, the + ZPOOL must be specified in + /usr/local/etc/poudriere.conf and + FREEBSD_HOST should be set to a nearby + mirror. Defining CCACHE_DIR enables the use + of devel/ccache to cache + compilation and reduce build times for frequently-compiled code. + It may be convenient to put + poudriere datasets in an isolated + tree mounted at /poudriere. Defaults for the + other configuration values are adequate. + + The number of processor cores detected is used to define how + many builds should run in parallel. Supply enough virtual + memory, either with RAM or swap space. If + virtual memory runs out, compiling jails will stop and be torn + down, resulting in weird error messages. Initialize Jails and Port Trees Once configured, initialize poudriere so that it installs a - jail with the required &os; tree and a - ports tree. Specify a name for the jail using - and the &os; version with - . On systems running &os;/&arch.amd64;, - the architecture can be set with to - either i386 or amd64. - The default is to use the architecture shown by - uname. + jail with the required &os; tree and a ports tree. Specify a + name for the jail using and the &os; + version with . On systems running + &os;/&arch.amd64;, the architecture can be set with + to either i386 or + amd64. The default is to use the + architecture shown by uname. &prompt.root; poudriere jail -c -j 10amd64 -v 10.0-RELEASE ====>> Creating 10amd64 fs... done @@ -1693,8 +1684,9 @@ ports-mgmt/pkg that can be used with a web server to display build information. - Once the build is complete, packages are now available for installation from the - poudriere repository. + Once the build is complete, packages are now available for + installation from the poudriere + repository. For more information on using poudriere, see &man.poudriere.8; From owner-svn-doc-all@FreeBSD.ORG Wed Apr 2 19:06:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E69EFAA3; Wed, 2 Apr 2014 19:06:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D4431CD9; Wed, 2 Apr 2014 19:06:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s32J6NbN026858; Wed, 2 Apr 2014 19:06:23 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s32J6NdE026857; Wed, 2 Apr 2014 19:06:23 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404021906.s32J6NdE026857@svn.freebsd.org> From: Dru Lavigne Date: Wed, 2 Apr 2014 19:06:23 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44422 - head/en_US.ISO8859-1/books/handbook/ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Apr 2014 19:06:24 -0000 Author: dru Date: Wed Apr 2 19:06:23 2014 New Revision: 44422 URL: http://svnweb.freebsd.org/changeset/doc/44422 Log: Fix grammo. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Wed Apr 2 19:05:22 2014 (r44421) +++ head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Wed Apr 2 19:06:23 2014 (r44422) @@ -1548,7 +1548,7 @@ The deinstallation will free 229 kB installed, and also to build packages for i386 if the host is an &arch.amd64; system. Once the packages are built, they will be in a layout identical to the official mirrors and are therefore - useable by &man.pkg.8; and other package management + usable by &man.pkg.8; and other package management tools. Poudriere can be installed using From owner-svn-doc-all@FreeBSD.ORG Wed Apr 2 20:08:46 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 296CC96F; Wed, 2 Apr 2014 20:08:46 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1242C6B4; Wed, 2 Apr 2014 20:08:46 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s32K8k1Y052622; Wed, 2 Apr 2014 20:08:46 GMT (envelope-from crees@svn.freebsd.org) Received: (from crees@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s32K8jNv052619; Wed, 2 Apr 2014 20:08:45 GMT (envelope-from crees@svn.freebsd.org) Message-Id: <201404022008.s32K8jNv052619@svn.freebsd.org> From: Chris Rees Date: Wed, 2 Apr 2014 20:08:45 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44423 - in head: en_US.ISO8859-1/books/handbook en_US.ISO8859-1/books/handbook/bsdinstall en_US.ISO8859-1/books/handbook/disks share/images/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Apr 2014 20:08:46 -0000 Author: crees Date: Wed Apr 2 20:08:45 2014 New Revision: 44423 URL: http://svnweb.freebsd.org/changeset/doc/44423 Log: Update the bsdinstall handbook section to describe the automatic 'root-on-zfs' feature. Also add documentation for the 'shell' mode feature that was not documented before. PR: docs/187683 Submitted by: Allan Jude Approved by: bcr (mentor) Added: head/share/images/books/handbook/bsdinstall/bsdinstall-zfs-disk_info.png (contents, props changed) head/share/images/books/handbook/bsdinstall/bsdinstall-zfs-disk_select.png (contents, props changed) head/share/images/books/handbook/bsdinstall/bsdinstall-zfs-geli_password.png (contents, props changed) head/share/images/books/handbook/bsdinstall/bsdinstall-zfs-menu.png (contents, props changed) head/share/images/books/handbook/bsdinstall/bsdinstall-zfs-partmenu.png (contents, props changed) head/share/images/books/handbook/bsdinstall/bsdinstall-zfs-vdev_invalid.png (contents, props changed) head/share/images/books/handbook/bsdinstall/bsdinstall-zfs-vdev_type.png (contents, props changed) head/share/images/books/handbook/bsdinstall/bsdinstall-zfs-warning.png (contents, props changed) Modified: head/en_US.ISO8859-1/books/handbook/Makefile head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/Makefile ============================================================================== --- head/en_US.ISO8859-1/books/handbook/Makefile Wed Apr 2 19:06:23 2014 (r44422) +++ head/en_US.ISO8859-1/books/handbook/Makefile Wed Apr 2 20:08:45 2014 (r44423) @@ -56,6 +56,7 @@ IMAGES_EN+= bsdinstall/bsdinstall-distfi IMAGES_EN+= bsdinstall/bsdinstall-final-confirmation.png IMAGES_EN+= bsdinstall/bsdinstall-finalconfiguration.png IMAGES_EN+= bsdinstall/bsdinstall-final-modification-shell.png +IMAGES_EN+= bsdinstall/bsdinstall-keymap-10.png IMAGES_EN+= bsdinstall/bsdinstall-keymap-select-default.png IMAGES_EN+= bsdinstall/bsdinstall-mainexit.png IMAGES_EN+= bsdinstall/bsdinstall-netinstall-files.png @@ -73,6 +74,14 @@ IMAGES_EN+= bsdinstall/bsdinstall-timezo IMAGES_EN+= bsdinstall/bsdinstall-timezone-country.png IMAGES_EN+= bsdinstall/bsdinstall-timezone-region.png IMAGES_EN+= bsdinstall/bsdinstall-timezone-zone.png +IMAGES_EN+= bsdinstall/bsdinstall-zfs-disk_info.png +IMAGES_EN+= bsdinstall/bsdinstall-zfs-disk_select.png +IMAGES_EN+= bsdinstall/bsdinstall-zfs-geli_password.png +IMAGES_EN+= bsdinstall/bsdinstall-zfs-menu.png +IMAGES_EN+= bsdinstall/bsdinstall-zfs-partmenu.png +IMAGES_EN+= bsdinstall/bsdinstall-zfs-vdev_invalid.png +IMAGES_EN+= bsdinstall/bsdinstall-zfs-vdev_type.png +IMAGES_EN+= bsdinstall/bsdinstall-zfs-warning.png IMAGES_EN+= geom/striping.pic IMAGES_EN+= install/adduser1.scr IMAGES_EN+= install/adduser2.scr Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Wed Apr 2 19:06:23 2014 (r44422) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Wed Apr 2 20:08:45 2014 (r44423) @@ -54,6 +54,17 @@ + + + + + Allan + Jude + + + Updated for root-on-ZFS by + + @@ -159,7 +170,8 @@ &intel; EM64T architecture. Examples of these processors include the &intel; &core; 2 Duo, Quad, Extreme processor families, the &intel; &xeon; 3000, - 5000, and 7000 sequences of processors, and the + 5000, and 7000 sequences of processors, the + &intel; &xeon; E3, E5 and E7 processors, and the &intel; &core; i3, i5 and i7 processors. If you have a machine based on an nVidia nForce3 @@ -1056,6 +1068,23 @@ Trying to mount root from cd9660:/dev/is ISO-8859-1 is also a safe option if the choice of keymap is not clear. + + In &os; 10.0-RELEASE and later, this menu has been + enhanced. The full selection of keymaps is shown, with the + default preselected. In addition, when selecting a different + keymap, a dialog is displayed that allows the user to try + the keymap and ensure it is correct before proceeding. + +
    + Enhanced Keymap Menu + + + + + + +
    +     @@ -1213,16 +1242,19 @@ Trying to mount root from cd9660:/dev/is Allocating Disk Space - There are three ways to allocate disk space for &os;. + There are four ways to allocate disk space for &os;. Guided partitioning automatically sets up disk partitions, while Manual partitioning - allows advanced users to create customized partitions. Finally, + allows advanced users to create customized partitions. The + ZFS option, only available in &os; 10 and + later, will create an optionally encrypted root-on-ZFS system + with support for Boot Environments. Finally, there's the option of starting a shell where command-line programs like &man.gpart.8;, &man.fdisk.8;, and &man.bsdlabel.8; can be used directly.
    - Selecting Guided or Manual Partitioning + Selecting Guided, Manual or Shell Partitioning @@ -1232,6 +1264,17 @@ Trying to mount root from cd9660:/dev/is
    +
    + Selecting Guided, Manual, Shell or + <acronym>ZFS</acronym> Partitioning + + + + + + +
    + This section describes what to consider when laying out the disk partitions. It then demonstrates how to use both the Guided Partitioning and Manual Partitioning screens. @@ -1525,7 +1568,7 @@ Trying to mount root from cd9660:/dev/is Another partition type worth noting is freebsd-zfs, used for partitions that will - contain a &os; ZFS filesystem. See + contain a &os; ZFS filesystem. See . &man.gpart.8; shows more of the available GPT partition types. @@ -1662,6 +1705,174 @@ Trying to mount root from cd9660:/dev/is [ Finish ] to continue with the installation.         + + + Root-on-ZFS Automatic Partitioning + + Support for automatic creation of root-on-ZFS + installations was added in &os; 10.0-RELEASE. This + partitioning mode only works with whole disks and will erase + the contents of the entire disk. The installer will + automatically create partitions aligned to 4k boundaries, as + well as force ZFS to use 4k sectors. This + is safe even with 512 byte sector disks, and has the added + benefit of ensuring that pools created on 512 byte disks will + be able to have 4k sector disks added to them in the future, + for additional storage space, or as replacements for failed + disks. The installer can also optionally employ GELI disk encryption. + If encryption is enabled, a 2 GB unencrypted boot pool is + created that contains the /boot + directory, which holds the kernel and other files necessary + to boot the system. A swap partition of a user selectable + size is also created, and all remaining space is used for the + ZFS pool. + + The main ZFS menu in the installer + offers a number of options to control the creation of the + pool. + +
    + <acronym>ZFS</acronym> Partitioning Menu + + + + + + +
    + + The most important option is selecting the vdev type + and one or more disks that will make up the vdev that will + constitute the pool. The automatic ZFS + installer currently only supports the creation of a single + top level vdev, except in stripe mode. To create more complex + pools, use Shell Mode to create + the pool. The installer supports the creation of various + pool types, including stripe (not recommended, no redundancy), + mirror (best performance, least usable space), and RAID-Z 1, + 2, and 3 (with the capability to withstand the concurrent + failure of 1, 2, and 3 disks, respectively). A tooltip across + the bottom of the screen while selecting the pool type + provides advice about the number of required disks for each + type, and in the case of RAID-Z, the optimal number of disks + for each configuration. + +
    + <acronym>ZFS</acronym> Pool Type + + + + + + +
    + + Once a pool type has been selected, a list of available + disks is displayed, and the user is prompted to select one or + more disks to make up the pool. The configuration is then + validated, to ensure enough disks were selected. If not, + select <Change Selection> to + return to the list of disks, or + <Cancel> to change the pool + type. + +
    + Disk Selection + + + + + + +
    + +
    + Invalid Selection + + + + + + +
    + + If one or more disks are missing from the list, or if disks + were attached after the installer was started, select + - Rescan Devices to repopulate the list + of available disks. To ensure that the correct disk is + selected, so as not to accidently destroy the wrong disks, the + - Disk Info menu allows you to inspect + each disk, including its partition table, and various other + information, including the device model number and serial + number, if available. + +
    + Analysing a Disk + + + + + + +
    + + The menu also allows the user to enter a name for the + pool, disable forcing 4k sectors, enable or disable + encryption, switch between GPT (recommended) and MBR partition + table types, and select the desired amount of swap + space. Once all options have been set to the desired values, + select the >>> Install + option at the top of the menu. + + If &man.geli.8; disk encryption was enabled, the + installer will prompt twice for the passphrase to be + used to encrypt the disks. + +
    + Disk Encryption Password + + + + + + +
    + + The installer then offers a last chance to cancel before + the contents of the selected drives are destroyed to create + the ZFS pool. + +
    + Last Chance + + + + + + +
    + + The installation then proceeds normally. + +     + + + Shell Mode Partitioning + + When creating advanced installations the basic interface + of bsdinstall may not provide the level of flexibility + required. Selecting the Shell option + from the partitioning menu will drop the user to a shell. The + user is expected to partition the drives and create the + desired file system(s), populate an &man.fstab.5; file in + /tmp/bsdinstall_etc/fstab, and mount the + file systems under /mnt. Once this is + done, running exit will return to + bsdinstall and continue the installation, starting with the + extraction of the distribution sets. + Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 2 19:06:23 2014 (r44422) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 2 20:08:45 2014 (r44423) @@ -2971,7 +2971,7 @@ gbde_lockdir="/etc/gbde" - + Disk Encryption with <command>geli</command> Added: head/share/images/books/handbook/bsdinstall/bsdinstall-zfs-disk_info.png ============================================================================== Binary file. No diff available. Added: head/share/images/books/handbook/bsdinstall/bsdinstall-zfs-disk_select.png ============================================================================== Binary file. No diff available. Added: head/share/images/books/handbook/bsdinstall/bsdinstall-zfs-geli_password.png ============================================================================== Binary file. No diff available. Added: head/share/images/books/handbook/bsdinstall/bsdinstall-zfs-menu.png ============================================================================== Binary file. No diff available. Added: head/share/images/books/handbook/bsdinstall/bsdinstall-zfs-partmenu.png ============================================================================== Binary file. No diff available. Added: head/share/images/books/handbook/bsdinstall/bsdinstall-zfs-vdev_invalid.png ============================================================================== Binary file. No diff available. Added: head/share/images/books/handbook/bsdinstall/bsdinstall-zfs-vdev_type.png ============================================================================== Binary file. No diff available. Added: head/share/images/books/handbook/bsdinstall/bsdinstall-zfs-warning.png ============================================================================== Binary file. No diff available. From owner-svn-doc-all@FreeBSD.ORG Wed Apr 2 20:11:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4FA15A19; Wed, 2 Apr 2014 20:11:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 22E8B79C; Wed, 2 Apr 2014 20:11:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s32KBNAB055902; Wed, 2 Apr 2014 20:11:23 GMT (envelope-from crees@svn.freebsd.org) Received: (from crees@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s32KBMgg055901; Wed, 2 Apr 2014 20:11:22 GMT (envelope-from crees@svn.freebsd.org) Message-Id: <201404022011.s32KBMgg055901@svn.freebsd.org> From: Chris Rees Date: Wed, 2 Apr 2014 20:11:22 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44424 - head/share/images/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Apr 2014 20:11:23 -0000 Author: crees Date: Wed Apr 2 20:11:22 2014 New Revision: 44424 URL: http://svnweb.freebsd.org/changeset/doc/44424 Log: Add missed file from the last commit Approved by: bcr (mentor, implicit) Added: head/share/images/books/handbook/bsdinstall/bsdinstall-keymap-10.png (contents, props changed) Added: head/share/images/books/handbook/bsdinstall/bsdinstall-keymap-10.png ============================================================================== Binary file. No diff available. From owner-svn-doc-all@FreeBSD.ORG Thu Apr 3 12:58:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CD4187EA; Thu, 3 Apr 2014 12:58:12 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AC5D69D3; Thu, 3 Apr 2014 12:58:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s33CwC89080013; Thu, 3 Apr 2014 12:58:12 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s33CwCWi080012; Thu, 3 Apr 2014 12:58:12 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404031258.s33CwCWi080012@svn.freebsd.org> From: Dru Lavigne Date: Thu, 3 Apr 2014 12:58:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44425 - head/en_US.ISO8859-1/books/handbook/ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Apr 2014 12:58:12 -0000 Author: dru Date: Thu Apr 3 12:58:12 2014 New Revision: 44425 URL: http://svnweb.freebsd.org/changeset/doc/44425 Log: Minor wordsmithing suggested by bjk and wblock. Submitted by: bjk, wblock Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Wed Apr 2 20:11:22 2014 (r44424) +++ head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Thu Apr 3 12:58:12 2014 (r44425) @@ -1543,25 +1543,25 @@ The deinstallation will free 229 kB Poudriere is a BSD-licensed utility for creating and testing &os; packages. It uses &os; jails to set up isolated - compilation environments which can be used to build packages for - versions of &os; that are different from the box on which it is + compilation environments. These jails can be used to build packages for + versions of &os; that are different from the system on which it is installed, and also to build packages for i386 if the host is an - &arch.amd64; system. Once the packages are built, they will be - in a layout identical to the official mirrors and are therefore - usable by &man.pkg.8; and other package management + &arch.amd64; system. Once the packages are built, they are + in a layout identical to the official mirrors. These packages + are usable by &man.pkg.8; and other package management tools. - Poudriere can be installed using + Poudriere is installed using the ports-mgmt/poudriere package - or port. The installation will include a sample configuration + or port. The installation includes a sample configuration file /usr/local/etc/poudriere.conf.sample. - This file should be copied to - /usr/local/etc/poudriere.conf which can - then be edited to suit the local configuration. + Copy this file to + /usr/local/etc/poudriere.conf. Edit the + copied file to suit the local configuration. While ZFS is not required on the system running poudriere, it is beneficial. - When ZFS is used, the + When ZFS is used, ZPOOL must be specified in /usr/local/etc/poudriere.conf and FREEBSD_HOST should be set to a nearby @@ -1583,14 +1583,14 @@ The deinstallation will free 229 kB Initialize Jails and Port Trees - Once configured, initialize + After configuration, initialize poudriere so that it installs a jail with the required &os; tree and a ports tree. Specify a name for the jail using and the &os; version with . On systems running &os;/&arch.amd64;, the architecture can be set with to either i386 or - amd64. The default is to use the + amd64. The default is the architecture shown by uname. &prompt.root; poudriere jail -c -j 10amd64 -v 10.0-RELEASE @@ -1666,13 +1666,13 @@ devel/git ports-mgmt/pkg ... - To configure the options and dependencies for the - specified ports: + Options and dependencies for the specified ports are + configured:: &prompt.root; poudriere options -j 10amd64 -p local -z workstation -f workstation-pkglist - Finally, to build the packages and create the package - repository: + Finally, packages are built and a package + repository is created: &prompt.root; poudriere bulk -j 10amd64 -p local -z workstation -f workstation-pkglist @@ -1684,7 +1684,7 @@ ports-mgmt/pkg that can be used with a web server to display build information. - Once the build is complete, packages are now available for + Packages are now available for installation from the poudriere repository. From owner-svn-doc-all@FreeBSD.ORG Thu Apr 3 14:15:47 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 38551496; Thu, 3 Apr 2014 14:15:47 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 16A57186; Thu, 3 Apr 2014 14:15:47 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s33EFkxK013444; Thu, 3 Apr 2014 14:15:46 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s33EFkBU013443; Thu, 3 Apr 2014 14:15:46 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201404031415.s33EFkBU013443@svn.freebsd.org> From: Glen Barber Date: Thu, 3 Apr 2014 14:15:46 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44426 - head/en_US.ISO8859-1/htdocs/releases/10.0R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Apr 2014 14:15:47 -0000 Author: gjb Date: Thu Apr 3 14:15:46 2014 New Revision: 44426 URL: http://svnweb.freebsd.org/changeset/doc/44426 Log: Regen after r264074 Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html Modified: head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html Thu Apr 3 12:58:12 2014 (r44425) +++ head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html Thu Apr 3 14:15:46 2014 (r44426) @@ -1,5 +1,5 @@ -FreeBSD 10.0-RELEASE Errata

    FreeBSD 10.0-RELEASE Errata

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation Project

    FreeBSD is a registered trademark of +FreeBSD 10.0-RELEASE Errata

    FreeBSD 10.0-RELEASE Errata

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation Project

    FreeBSD is a registered trademark of the FreeBSD Foundation.

    Intel, Celeron, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United @@ -51,7 +51,9 @@ an OK: 

    set vfs.unmapped_buf_allowed=0
 boot

    Note that the following line has to be added to /boot/loader.conf after a boot. - It disables unmapped I/O at every boot: 

    vfs.unmapped_buf_allowed=0

  • A bug in Heimdal (an + It disables unmapped I/O at every boot: 

    vfs.unmapped_buf_allowed=0

    [2014-04-03 update] It has been reported that + instability may be present on virtual machines running + on other hypervisors, such as Xen or KVM.

  • A bug in Heimdal (an implementation of Kerberos authentication in FreeBSD base system) has been fixed. It could cause an interoperability issue between From owner-svn-doc-all@FreeBSD.ORG Thu Apr 3 14:26:28 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D883E6F3; Thu, 3 Apr 2014 14:26:28 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C3C1228C; Thu, 3 Apr 2014 14:26:28 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s33EQSui017879; Thu, 3 Apr 2014 14:26:28 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s33EQScb017878; Thu, 3 Apr 2014 14:26:28 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404031426.s33EQScb017878@svn.freebsd.org> From: Dru Lavigne Date: Thu, 3 Apr 2014 14:26:28 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44427 - head/en_US.ISO8859-1/books/handbook/network-servers X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Apr 2014 14:26:29 -0000 Author: dru Date: Thu Apr 3 14:26:28 2014 New Revision: 44427 URL: http://svnweb.freebsd.org/changeset/doc/44427 Log: Editorial review of Samba chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Thu Apr 3 14:15:46 2014 (r44426) +++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Thu Apr 3 14:26:28 2014 (r44427) @@ -4967,16 +4967,33 @@ DocumentRoot /www/someotherdomain.tld Samba is a popular open source - software package that provides file and print services for - µsoft.windows; clients. Such clients can connect to and - use &os; filespace as if it was a local disk drive, or - &os; printers as if they were local printers. - - Samba software packages should - be included on the &os; installation media. If they were not - installed when first installing &os;, then they may be - installed from the net/samba36 port or - package. + software package that provides file and print services using the + SMB/CIFS protocol. This protocol is built + into µsoft.windows; systems. It can be added to + non-µsoft.windows; systems by installing the + Samba client libraries. The protocol + allows clients to access + shared data and printers. These shares can be mapped as a local disk drive and + shared printers can be used as if they were local printers. + + On &os;, the Samba client + libraries can be installed using the + net/samba-libsmbclient port or package. The + client provides the ability for a &os; system to access + SMB/CIFS shares in a µsoft.windows; + network. + + A &os; system can also be configured to act as a + Samba server. This allows the + administrator to create SMB/CIFS shares on + the &os; system which can be accessed by clients running + µsoft.windows; or the Samba + client libraries. In order to configure a + Samba server on &os;, the + net/samba36 port or + package must first be installed. The rest of this section + provides an overview of how to configure a + Samba server on &os;. @@ -5006,10 +5023,9 @@ DocumentRoot /www/someotherdomain.tld The Samba Web Administration Tool (SWAT) runs as a daemon from inetd. Therefore, inetd must be enabled as shown in - , and the following line in - /etc/inetd.conf should be uncommented - before swat can be used to - configure Samba: + . To enable + swat, uncomment the following line in + /etc/inetd.conf: swat stream tcp nowait/400 root /usr/local/sbin/swat swat @@ -5017,21 +5033,20 @@ DocumentRoot /www/someotherdomain.tld the inetd configuration must be reloaded after this configuration file is changed. - Once swat has been enabled in - inetd.conf, a web browser may be used + Once swat has been enabled, + use a web browser to connect to http://localhost:901. - At first login, the system root account must be - used. + At first login, enter the credentials for root. - Once successfully logging on to the main - Samba configuration page, the - system documentation will be available, or configuration may - begin by clicking on the Globals tab. + Once logged in, the main + Samba configuration page and the + system documentation will be available. Begin configuration + by clicking on the Globals tab. The Globals section corresponds to the variables that are set in the [global] section of @@ -5041,8 +5056,8 @@ DocumentRoot /www/someotherdomain.tld Global Settings - Whether swat is being used or - /usr/local/etc/smb.conf is being edited + Whether swat is used or + /usr/local/etc/smb.conf is edited directly, the first directives encountered when configuring Samba are: @@ -5051,7 +5066,7 @@ DocumentRoot /www/someotherdomain.tld workgroup - NT Domain-Name or Workgroup-Name for the computers + The domain name or workgroup name for the computers that will be accessing this server. @@ -5060,7 +5075,7 @@ DocumentRoot /www/someotherdomain.tld netbios name - This sets the NetBIOS name by which a + The NetBIOS name by which a Samba server is known. By default it is the same as the first component of the host's DNS name. @@ -5071,7 +5086,7 @@ DocumentRoot /www/someotherdomain.tld server string - This sets the string that will be displayed with + The string that will be displayed with the net view command and some other networking tools that seek to display descriptive text about the server. @@ -5085,7 +5100,7 @@ DocumentRoot /www/someotherdomain.tld Two of the most important settings in /usr/local/etc/smb.conf are the - security model chosen, and the backend password format for + security model and the backend password format for client users. The following directives control these options: @@ -5094,11 +5109,11 @@ DocumentRoot /www/someotherdomain.tld security - The two most common options here are + The two most common options are security = share and security = user. If the clients use usernames that are the same as their usernames on - the &os; machine then user level security should be + the &os; machine, user level security should be used. This is the default security policy and it requires clients to first log on before they can access shared resources. @@ -5133,74 +5148,59 @@ DocumentRoot /www/someotherdomain.tld backend is used, the /usr/local/etc/samba/smbpasswd file must be created to allow Samba to - authenticate clients. To provide the &unix; user accounts + authenticate clients. To provide &unix; user accounts access from &windows; clients, use the following - command: + command to add each required user to that file: - &prompt.root; smbpasswd -a username + &prompt.root; smbpasswd -a username The recommended backend is now - tdbsam, and the following command - should be used to add user accounts: + tdbsam. If this backend is selected, use the following command + to add user accounts: &prompt.root; pdbedit -a -u username - Please see the This section has only mentioned the most commonly used + settings. Refer to the Official - Samba HOWTO for additional information about - configuration options. With the basics outlined here, the - minimal required start running - Samba will be explained. Other - documentation should be consulted in addition to the - information here. + Samba HOWTO for additional information about the + available configuration options. Starting <application>Samba</application> - The net/samba36 port adds a new startup - script, which can be used to control - Samba. To enable this script, so - that it can be used for example to start, stop or restart - Samba, add the following line to - the /etc/rc.conf file: + To enable + Samba at boot time, add the following line to + /etc/rc.conf: samba_enable="YES" - Or, for fine grain control: + Alternately, its services can be started separately: nmbd_enable="YES" smbd_enable="YES" - - This will also configure - Samba to automatically start at - system boot time. - - - It is possible then to start - Samba at any time by typing: + To start + Samba now: &prompt.root; service samba start Starting SAMBA: removing stale tdbs : Starting nmbd. Starting smbd. - Please refer to for - more information about using rc scripts. - - Samba actually consists of - three separate daemons. Notice that both the + Samba consists of + three separate daemons. Both the nmbd and - smbd daemons are started by the - samba script. If winbind, - name resolution services were enabled in + smbd daemons are started by + samba_enable. If winbind + name resolution services are enabled in smb.conf, - the winbindd daemon will be + the winbindd daemon is started as well. Samba may be stopped at any @@ -5211,8 +5211,8 @@ Starting smbd. Samba is a complex software suite with functionality that allows broad integration with µsoft.windows; networks. For more information about - functionality beyond the basic installation described here, - please see http://www.samba.org. From owner-svn-doc-all@FreeBSD.ORG Thu Apr 3 14:36:37 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1A61EB01; Thu, 3 Apr 2014 14:36:37 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 07CB2382; Thu, 3 Apr 2014 14:36:37 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s33EaajD022328; Thu, 3 Apr 2014 14:36:36 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s33EaaNF022327; Thu, 3 Apr 2014 14:36:36 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404031436.s33EaaNF022327@svn.freebsd.org> From: Dru Lavigne Date: Thu, 3 Apr 2014 14:36:36 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44429 - head/en_US.ISO8859-1/books/handbook/ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Apr 2014 14:36:37 -0000 Author: dru Date: Thu Apr 3 14:36:36 2014 New Revision: 44429 URL: http://svnweb.freebsd.org/changeset/doc/44429 Log: Fix typo. Submitted by: wblock Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Thu Apr 3 14:30:44 2014 (r44428) +++ head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Thu Apr 3 14:36:36 2014 (r44429) @@ -1667,7 +1667,7 @@ ports-mgmt/pkg ... Options and dependencies for the specified ports are - configured:: + configured: &prompt.root; poudriere options -j 10amd64 -p local -z workstation -f workstation-pkglist From owner-svn-doc-all@FreeBSD.ORG Thu Apr 3 14:30:44 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CF4CF88C; Thu, 3 Apr 2014 14:30:44 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BC3532C2; Thu, 3 Apr 2014 14:30:44 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s33EUi46020757; Thu, 3 Apr 2014 14:30:44 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s33EUiJ3020756; Thu, 3 Apr 2014 14:30:44 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201404031430.s33EUiJ3020756@svn.freebsd.org> From: Ryusuke SUZUKI Date: Thu, 3 Apr 2014 14:30:44 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44428 - head/ja_JP.eucJP/books/handbook/desktop X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Thu, 03 Apr 2014 15:35:12 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Apr 2014 14:30:44 -0000 Author: ryusuke Date: Thu Apr 3 14:30:44 2014 New Revision: 44428 URL: http://svnweb.freebsd.org/changeset/doc/44428 Log: - Merge the following from the English version: r43825 -> r44386 head/ja_JP.eucJP/books/handbook/desktop/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/desktop/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/desktop/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/desktop/chapter.xml Thu Apr 3 14:26:28 2014 (r44427) +++ head/ja_JP.eucJP/books/handbook/desktop/chapter.xml Thu Apr 3 14:30:44 2014 (r44428) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43825 + Original revision: r44386 $FreeBSD$ --> @@ -840,7 +840,7 @@ package をインストールしたら、以下のコマンドを入力して Apache OpenOffice を起動してください。 - &prompt.user; openoffice-X.Y.Z + &prompt.user; openoffice-X.Y.Z ここで X.Y.Z は、 インストールされている @@ -862,7 +862,7 @@ 地域化されたバージョンをビルドするには、 上記のコマンドの代わりに以下を実行して下さい。 - &prompt.root; make LOCALIZED_LANG=your_language install clean + &prompt.root; make LOCALIZED_LANG=your_language install clean your_language を正しい言語 ISO コードに置き換えてください。 From owner-svn-doc-all@FreeBSD.ORG Thu Apr 3 19:05:06 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2DBA6D55; Thu, 3 Apr 2014 19:05:06 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 198441DE; Thu, 3 Apr 2014 19:05:06 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s33J56cJ035093; Thu, 3 Apr 2014 19:05:06 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s33J56cF035092; Thu, 3 Apr 2014 19:05:06 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404031905.s33J56cF035092@svn.freebsd.org> From: Dru Lavigne Date: Thu, 3 Apr 2014 19:05:06 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44430 - head/en_US.ISO8859-1/books/handbook/network-servers X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Apr 2014 19:05:06 -0000 Author: dru Date: Thu Apr 3 19:05:05 2014 New Revision: 44430 URL: http://svnweb.freebsd.org/changeset/doc/44430 Log: Editorial review of NFS chapter. Divide config section into server stuff and client stuff. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Thu Apr 3 14:36:36 2014 (r44429) +++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Thu Apr 3 19:05:05 2014 (r44430) @@ -472,25 +472,28 @@ server-program-arguments - - Network File System (NFS) + NFS &os; supports the Network File System @@ -499,8 +502,8 @@ server-program-argumentsNFS, users and programs can access files on remote systems as if they were stored locally. - The most notable benefits that - NFS provides are: + NFS has many practical uses. Some of + the more common uses include: @@ -510,13 +513,24 @@ server-program-arguments - User home directories can be stored in one location - and accessed by their owners over the network. + Several clients may need access to the + /usr/ports/distfiles directory. + Sharing that directory allows for quick access to the + source files without having to download them to each + client. + + + + On large networks, it is often more convenient to + configure a central NFS server on which + all user home directories are stored. Users can log into + a client anywhere on the network and have access to their + home directories. Administration of NFS exports is - also simplified. For example, there is only one file + simplified. For example, there is only one file system where security or backup policies must be set. @@ -525,14 +539,16 @@ server-program-argumentsRemovable media storage devices can be used by other machines on the network. This reduces the number of devices throughout the network and provides a centralized location - to manage their security. + to manage their security. It is often more convenient to + install software on multiple machines from a centralized + installation media. - NFS consists of at least two main - parts: a server and one or more clients. The client + NFS consists of + a server and one or more clients. The client remotely accesses the data that is stored on the server - machine. In order for this to function properly a few + machine. In order for this to function properly, a few processes have to be configured and running. These daemons must be running on the server: @@ -571,15 +587,14 @@ server-program-arguments nfsd The NFS daemon which services - requests from the NFS + requests from NFS clients. mountd The NFS mount daemon which - carries out the requests that &man.nfsd.8; passes on - to it. + carries out requests received from nfsd. @@ -592,120 +607,98 @@ server-program-arguments - Running &man.nfsiod.8; can improve performance on the - client, but is not required. + Running &man.nfsiod.8; on the + client can improve performance, but is not required. - Configuring <acronym>NFS</acronym> + Configuring the Server NFS configuration - Enabling the NFS server - is straightforward. The required processes - can be set to start at boot time by adding - these options to - /etc/rc.conf: - - rpcbind_enable="YES" -nfs_server_enable="YES" -mountd_flags="-r" - - mountd runs automatically - whenever the NFS server is enabled. - - To enable the client, set this option in - /etc/rc.conf: - - nfs_client_enable="YES" - - /etc/exports specifies which file - systems the NFS server will export. Each - line in /etc/exports specifies a file - system to be exported and which clients have access to that - file system, as well as any access options. There are many - such options that can be used in this file, but only a few - will be mentioned here. See &man.exports.5; for the full list - of options. + The file systems which the NFS server will + share are specified in /etc/exports. Each + line in this file specifies a file + system to be exported, which clients have access to that + file system, and any access options. When adding entries to this file, + each exported file system, its properties, and allowed + hosts must occur on a single line. If no clients are listed in the entry, + then any client on the network can mount that file + system. NFS export examples - These examples give an idea of how to export file systems. - Minor modifications may be required for the examples to work - on the reader's network. - - This example shows how to export the - /cdrom directory to - three clients called alpha, + The following /etc/exports entries + demonstrate how to export file systems. + The examples can be modified to match the file systems + and client names on the reader's network. There are many + options that can be used in this file, but only a few + will be mentioned here. See &man.exports.5; for the full list + of options. + + This example shows how to export + /cdrom to + three hosts named alpha, bravo, and charlie: /cdrom -ro alpha bravo charlie - The -ro flag makes the file systems + The -ro flag makes the file system read-only, preventing clients from making any changes to - those exported file systems. + the exported file system. This example assumes that the host + names are either in DNS or in + /etc/hosts. Refer to &man.hosts.5; if + the network does not have a DNS + server. The next example exports /home to three clients by IP address. This can be - useful for networks without DNS. - Optionally, /etc/hosts could be - configured for internal hostnames; please review &man.hosts.5; - for more information. The -alldirs flag + useful for networks without DNS or + /etc/hosts entries. + The -alldirs flag allows subdirectories to be mount points. In other words, it - will not mount the subdirectories but permit the client to - mount only the directories that are required or needed. + will not automaticaly mount the subdirectories, but will permit the client to + mount the directories that are required as needed. /home -alldirs 10.0.0.2 10.0.0.3 10.0.0.4 - This next line exports /a so that two - clients from different domains may access the file system. - The flag allows the - root user on the + This next example exports /a so that two + clients from different domains may access that file system. + The allows + root on the remote system to write data on the exported file system as - root. If the - -maproot=root flag is not specified, the + root. If + -maproot=root is not specified, the client's root user will be mapped to the server's nobody account and will be - subject to the access limitations defined for user, + subject to the access limitations defined for nobody. /a -maproot=root host.example.com box.example.org - For a client to have access to an exported file system, - the client must be listed in - /etc/exports. - - In /etc/exports, each line defines - the export information for one file system to one or more - clients. A remote host can only be specified once per file - system. For example, assume that - /usr is a single file system. This - entry, in /etc/exports, would be - invalid: + A client can only be specified once per file + system. For example, if + /usr is a single file system, these + entries would be + invalid as both entries + specify the same host: # Invalid when /usr is one file system /usr/src client /usr/ports client - The /usr file system has two lines - specifying exports to the same host, - client. The correct format for this - situation is: + The correct format for this + situation is to use one entry: /usr/src /usr/ports client - The exported file system, its properties, and allowed - hosts must occur on a single line. If no clients are listed, - then any client on the network may mount the exported file - system. - The following is an example of a valid export list, where /usr and /exports are local file systems: @@ -719,35 +712,50 @@ mountd_flags="-r" /exports -alldirs -maproot=root client01 client02 /exports/obj -ro - The mountd daemon reads - /etc/exports when started. To make - NFS server changes take effect immediately, - force mountd to reread - /etc/exports: + To enable the processes required by the NFS server + at boot time, add + these options to + /etc/rc.conf: + + rpcbind_enable="YES" +nfs_server_enable="YES" +mountd_flags="-r" + + The server can be started now by + running this command: + + &prompt.root; service nfsd start + + Whenever the NFS server is started, + mountd also starts automatically. + However, mountd only reads + /etc/exports when it is started. To make subsequent + /etc/exports edits take effect immediately, + force mountd to reread it: &prompt.root; service mountd reload + - Please refer to for - more information about using rc scripts. + + Configuring the Client - On a new server being configured with - NFS services, the server can be started by - running this command as root: + To enable NFS clients, set this option in each client's + /etc/rc.conf: - &prompt.root; service nfsd start + nfs_client_enable="YES" - On the NFS client: + Then, run this command on each NFS + client: - &prompt.root; service nfsclient restart + &prompt.root; service nfsclient start The client now has everything it needs to mount a remote file system. In these examples, the server's name is server and the client's name is - client. For testing or to - temporarily mount a remote file system, execute - mount as root on + client. To + mount the /home file system on + server to the + /mnt mount point on client: @@ -756,12 +764,9 @@ mountd_flags="-r" &prompt.root; mount server:/home /mnt - This mounts the server: - /home file system to the - client: - /mnt mount point. The files and - directories in the server - /home file system will now be available + The files and + directories in + /home will now be available on client, in the /mnt directory. @@ -777,117 +782,75 @@ mountd_flags="-r" Locking - Some applications (e.g., mutt) - require file locking to operate correctly. In the case of - NFS, rpc.lockd - can be used for file locking. To enable it, add this line to - /etc/rc.conf on both client and + Some applications + require file locking to operate correctly. To enable locking, add these lines to + /etc/rc.conf on both the client and server: rpc_lockd_enable="YES" rpc_statd_enable="YES" - Please note that this assumes that both - NFS client and server are already - configured. - - Start the application, as root, with: + Then start the applications: &prompt.root; service lockd start &prompt.root; service statd start If locking is not required on the server, the NFS client can be configured to lock - locally by passing to &man.mount.nfs.8;. + locally by including when running mount. Refer to &man.mount.nfs.8; for further details. - - Practical Uses - - NFS has many practical uses. Some of - the more common uses: - - - NFS - uses - - - - Share a CD-ROM or other media with - any number of clients. It is often more convenient to - install software on multiple machines from a single - location. - - - - On large networks, it is often more convenient to - configure a central NFS server on which - all user home directories are stored. Users can log into - a client anywhere on the network and have access to their - home directories. - - - - Several clients may need access to the - /usr/ports/distfiles directory. - Sharing that directory allows for quick access to the - source files without having to download them to each - client. - - - - - - Automatic Mounts with - <application>amd</application> + amd automatic mounter daemon - &man.amd.8; (the automatic mounter daemon) automatically + The automatic mounter daemon, + amd, automatically mounts a remote file system whenever a file or directory - within that file system is accessed. Filesystems that are - inactive for a period of time will also be automatically - unmounted by amd. - amd provides an alternative to - modifying /etc/fstab to list every - client. + within that file system is accessed. File systems that are + inactive for a period of time will be automatically + unmounted by amd. + - amd operates by attaching - itself as an NFS server to the + This daemon provides an alternative to + modifying /etc/fstab to list every + client. It operates by attaching + itself as an NFS server to the /host and /net directories. When a file is accessed within one of these directories, amd looks up the corresponding remote mount and automatically mounts it. /net is used to mount an exported file - system from an IP address, while + system from an IP address while /host is used to mount an export from a - remote hostname. - - For instance, an attempt to access a file within + remote hostname. For instance, an attempt to access a file within /host/foobar/usr would tell amd to mount the /usr export on the host @@ -897,7 +860,7 @@ rpc_statd_enable="YES" Mounting an Export with <application>amd</application> - showmount -e shows the exported file + In this example, showmount -e shows the exported file systems that can be mounted from the NFS server, foobar: @@ -917,14 +880,15 @@ Exports list on foobar: amd automatically mounts the desired export. - amd is enabled by placing - this line in /etc/rc.conf: + To enable amd at boot time, add + this line to /etc/rc.conf: amd_enable="YES" - It can then be started using the &os; &man.rc.8; scripts - or by using the &man.service.8; command. + To start amd now: + &prompt.root; service amd start + Custom flags can be passed to amd from the amd_flags environment variable. By @@ -932,10 +896,11 @@ Exports list on foobar: amd_flags="-a /.amd_mnt -l syslog /host /etc/amd.map /net /etc/amd.map" - /etc/amd.map defines the default - options with which exports are mounted. - /etc/amd.conf defines some of the more - advanced features of amd. + The default options with which exports are mounted are + defined in /etc/amd.map. + Some of the more + advanced features of amd are + defined in /etc/amd.conf. Consult &man.amd.8; and &man.amd.conf.5; for more information. From owner-svn-doc-all@FreeBSD.ORG Thu Apr 3 23:00:30 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5DA91C38; Thu, 3 Apr 2014 23:00:30 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 322939E9; Thu, 3 Apr 2014 23:00:30 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s33N0UIo039326; Thu, 3 Apr 2014 23:00:30 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s33N0U5N039325; Thu, 3 Apr 2014 23:00:30 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404032300.s33N0U5N039325@svn.freebsd.org> From: Gabor Pali Date: Thu, 3 Apr 2014 23:00:30 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44431 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Apr 2014 23:00:30 -0000 Author: pgj Date: Thu Apr 3 23:00:29 2014 New Revision: 44431 URL: http://svnweb.freebsd.org/changeset/doc/44431 Log: - Add 2014Q1 status report on the OpenAFS port Submitted by: bjk Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Thu Apr 3 19:05:05 2014 (r44430) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Thu Apr 3 23:00:29 2014 (r44431) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 8 entries and we hope you enjoy reading it.

    + contains 9 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -537,4 +537,48 @@ prime time at BSDCan 2014. + + + OpenAFS on &os; + + + + + Benjamin + Kaduk + + bjk@FreeBSD.org + + + + + OpenAFS homepage + + + +

    AFS is a distributed network filesystem that originated from + the Andrew Project at Carnegie-Mellon University. OpenAFS is an + open-source implementation of the AFS protocol derived from IBM + AFS, which was released under the IBM Public License. OpenAFS + on &os; (the net/openafs port) is suitable for light + use, but is not yet production ready.

    + +

    We got a chance to pick up this porting project after some + hiatus. Recent work focused on investigating the bugs preventing + the use of a disk cache for caching file data. An internal + "lookupname" abstraction was intended to return an unlocked, + referenced vnode, but instead returned a locked, referenced + vnode, leading to various failure modes depending on the number + of kernel debugging options enabled.

    + + + + Track down an issue involving incorrect reference counts on + the AFS root vnode that cause warnings on shutdown. + + Audit the locking in all the vnode operations code — + it is expected that there remain some incorrectly locked areas, + though none that present visible issues under light load. + +     From owner-svn-doc-all@FreeBSD.ORG Thu Apr 3 23:19:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 16C2F1C5; Thu, 3 Apr 2014 23:19:12 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0224BB43; Thu, 3 Apr 2014 23:19:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s33NJBG6047060; Thu, 3 Apr 2014 23:19:11 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s33NJBVt047059; Thu, 3 Apr 2014 23:19:11 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404032319.s33NJBVt047059@svn.freebsd.org> From: Dru Lavigne Date: Thu, 3 Apr 2014 23:19:11 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44432 - head/en_US.ISO8859-1/books/handbook/network-servers X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Apr 2014 23:19:12 -0000 Author: dru Date: Thu Apr 3 23:19:11 2014 New Revision: 44432 URL: http://svnweb.freebsd.org/changeset/doc/44432 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Thu Apr 3 23:00:29 2014 (r44431) +++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Thu Apr 3 23:19:11 2014 (r44432) @@ -503,7 +503,7 @@ server-program-arguments NFS has many practical uses. Some of - the more common uses include: + the more common uses include: @@ -530,9 +530,8 @@ server-program-arguments Administration of NFS exports is - simplified. For example, there is only one file - system where security or backup policies must be - set. + simplified. For example, there is only one file system + where security or backup policies must be set. @@ -545,11 +544,10 @@ server-program-arguments - NFS consists of - a server and one or more clients. The client - remotely accesses the data that is stored on the server - machine. In order for this to function properly, a few - processes have to be configured and running. + NFS consists of a server and one or more + clients. The client remotely accesses the data that is stored + on the server machine. In order for this to function properly, + a few processes have to be configured and running. These daemons must be running on the server: @@ -587,28 +585,28 @@ server-program-arguments nfsd The NFS daemon which services - requests from NFS - clients. + requests from NFS clients. mountd The NFS mount daemon which - carries out requests received from nfsd. + carries out requests received from + nfsd. rpcbind - This daemon allows - NFS clients to discover which port - the NFS server is using. + This daemon allows NFS + clients to discover which port the + NFS server is using. - Running &man.nfsiod.8; on the - client can improve performance, but is not required. + Running &man.nfsiod.8; on the client can improve + performance, but is not required. Configuring the Server @@ -618,15 +616,14 @@ server-program-argumentsconfiguration - The file systems which the NFS server will - share are specified in /etc/exports. Each - line in this file specifies a file - system to be exported, which clients have access to that - file system, and any access options. When adding entries to this file, - each exported file system, its properties, and allowed - hosts must occur on a single line. If no clients are listed in the entry, - then any client on the network can mount that file - system. + The file systems which the NFS server + will share are specified in /etc/exports. + Each line in this file specifies a file system to be exported, + which clients have access to that file system, and any access + options. When adding entries to this file, each exported file + system, its properties, and allowed hosts must occur on a + single line. If no clients are listed in the entry, then any + client on the network can mount that file system. NFS @@ -634,24 +631,23 @@ server-program-arguments The following /etc/exports entries - demonstrate how to export file systems. - The examples can be modified to match the file systems - and client names on the reader's network. There are many - options that can be used in this file, but only a few - will be mentioned here. See &man.exports.5; for the full list - of options. + demonstrate how to export file systems. The examples can be + modified to match the file systems and client names on the + reader's network. There are many options that can be used in + this file, but only a few will be mentioned here. See + &man.exports.5; for the full list of options. This example shows how to export - /cdrom to - three hosts named alpha, + /cdrom to three hosts named + alpha, bravo, and charlie: /cdrom -ro alpha bravo charlie The -ro flag makes the file system - read-only, preventing clients from making any changes to - the exported file system. This example assumes that the host + read-only, preventing clients from making any changes to the + exported file system. This example assumes that the host names are either in DNS or in /etc/hosts. Refer to &man.hosts.5; if the network does not have a DNS @@ -660,42 +656,40 @@ server-program-argumentsThe next example exports /home to three clients by IP address. This can be useful for networks without DNS or - /etc/hosts entries. - The -alldirs flag - allows subdirectories to be mount points. In other words, it - will not automaticaly mount the subdirectories, but will permit the client to - mount the directories that are required as needed. + /etc/hosts entries. The + -alldirs flag allows subdirectories to be + mount points. In other words, it will not automaticaly mount + the subdirectories, but will permit the client to mount the + directories that are required as needed. /home -alldirs 10.0.0.2 10.0.0.3 10.0.0.4 - This next example exports /a so that two - clients from different domains may access that file system. - The allows - root on the - remote system to write data on the exported file system as - root. If + This next example exports /a so that + two clients from different domains may access that file + system. The allows root on the remote system to + write data on the exported file system as root. If -maproot=root is not specified, the client's root user will be mapped to the server's nobody account and will be - subject to the access limitations defined for - nobody. + subject to the access limitations defined for nobody. /a -maproot=root host.example.com box.example.org - A client can only be specified once per file - system. For example, if - /usr is a single file system, these - entries would be - invalid as both entries - specify the same host: + A client can only be specified once per file system. For + example, if /usr is a single file system, + these entries would be invalid as both entries specify the + same host: # Invalid when /usr is one file system /usr/src client /usr/ports client - The correct format for this - situation is to use one entry: + The correct format for this situation is to use one + entry: /usr/src /usr/ports client @@ -712,35 +706,35 @@ server-program-arguments - To enable the processes required by the NFS server - at boot time, add - these options to - /etc/rc.conf: + To enable the processes required by the + NFS server at boot time, add these options + to /etc/rc.conf: - rpcbind_enable="YES" + rpcbind_enable="YES" nfs_server_enable="YES" mountd_flags="-r" - The server can be started now by - running this command: + The server can be started now by running this + command: &prompt.root; service nfsd start Whenever the NFS server is started, mountd also starts automatically. However, mountd only reads - /etc/exports when it is started. To make subsequent - /etc/exports edits take effect immediately, - force mountd to reread it: + /etc/exports when it is started. To make + subsequent /etc/exports edits take effect + immediately, force mountd to reread + it: &prompt.root; service mountd reload - + Configuring the Client - To enable NFS clients, set this option in each client's - /etc/rc.conf: + To enable NFS clients, set this option + in each client's /etc/rc.conf: nfs_client_enable="YES" @@ -752,8 +746,8 @@ mountd_flags="-r" The client now has everything it needs to mount a remote file system. In these examples, the server's name is server and the client's name is - client. To - mount the /home file system on + client. To mount the + /home file system on server to the /mnt mount point on client: @@ -764,10 +758,9 @@ mountd_flags="-r" &prompt.root; mount server:/home /mnt - The files and - directories in - /home will now be available - on client, in the + The files and directories in + /home will now be available on + client, in the /mnt directory. To mount a remote file system each time the client boots, @@ -782,8 +775,8 @@ mountd_flags="-r" Locking - Some applications - require file locking to operate correctly. To enable locking, add these lines to + Some applications require file locking to operate + correctly. To enable locking, add these lines to /etc/rc.conf on both the client and server: @@ -797,8 +790,9 @@ rpc_statd_enable="YES" If locking is not required on the server, the NFS client can be configured to lock - locally by including when running mount. - Refer to &man.mount.nfs.8; for further details. + locally by including when running + mount. Refer to &man.mount.nfs.8; + for further details. @@ -831,27 +825,25 @@ rpc_statd_enable="YES" The automatic mounter daemon, - amd, automatically - mounts a remote file system whenever a file or directory - within that file system is accessed. File systems that are - inactive for a period of time will be automatically - unmounted by amd. - - - This daemon provides an alternative to - modifying /etc/fstab to list every - client. It operates by attaching - itself as an NFS server to the - /host and - /net directories. When - a file is accessed within one of these directories, + amd, automatically mounts a remote + file system whenever a file or directory within that file + system is accessed. File systems that are inactive for a + period of time will be automatically unmounted by + amd. + + This daemon provides an alternative to modifying + /etc/fstab to list every client. It + operates by attaching itself as an NFS + server to the /host and + /net directories. When a file is + accessed within one of these directories, amd looks up the corresponding remote mount and automatically mounts it. /net is used to mount an exported file system from an IP address while /host is used to mount an export from a - remote hostname. For instance, an attempt to access a file within - /host/foobar/usr would tell + remote hostname. For instance, an attempt to access a file + within /host/foobar/usr would tell amd to mount the /usr export on the host foobar. @@ -860,9 +852,10 @@ rpc_statd_enable="YES" Mounting an Export with <application>amd</application> - In this example, showmount -e shows the exported file - systems that can be mounted from the NFS - server, foobar: + In this example, showmount -e shows + the exported file systems that can be mounted from the + NFS server, + foobar: &prompt.user; showmount -e foobar Exports list on foobar: @@ -888,7 +881,7 @@ Exports list on foobar: To start amd now: &prompt.root; service amd start - + Custom flags can be passed to amd from the amd_flags environment variable. By @@ -897,9 +890,8 @@ Exports list on foobar: amd_flags="-a /.amd_mnt -l syslog /host /etc/amd.map /net /etc/amd.map" The default options with which exports are mounted are - defined in /etc/amd.map. - Some of the more - advanced features of amd are + defined in /etc/amd.map. Some of the + more advanced features of amd are defined in /etc/amd.conf. Consult &man.amd.8; and &man.amd.conf.5; for more @@ -930,46 +922,44 @@ Exports list on foobar: --> - Network Information System - (<acronym>NIS</acronym>) + Network Information System + (<acronym>NIS</acronym>) - NIS - Solaris - HP-UX - AIX - Linux - NetBSD - OpenBSD - - yellow pages - NIS - + NIS + Solaris + HP-UX + AIX + Linux + NetBSD + OpenBSD + + yellow pages + NIS + - Network Information System (NIS) - is designed to centralize administration of &unix;-like - systems such as &solaris;, HP-UX, &aix;, Linux, NetBSD, - OpenBSD, and &os;. NIS was originally - known as Yellow Pages but the name was changed due to - trademark issues. This is the reason why - NIS commands begin with - yp. + Network Information System (NIS) is + designed to centralize administration of &unix;-like systems + such as &solaris;, HP-UX, &aix;, Linux, NetBSD, OpenBSD, and + &os;. NIS was originally known as Yellow + Pages but the name was changed due to trademark issues. This + is the reason why NIS commands begin with + yp. - - NIS - domains + + NIS + domains - NIS is a Remote Procedure Call - (RPC)-based client/server system that - allows a group of machines within an NIS - domain to share a common set of configuration files. This - permits a system administrator to set up - NIS client systems with only minimal - configuration data and to add, remove, or modify configuration - data from a single location. + NIS is a Remote Procedure Call + (RPC)-based client/server system that allows + a group of machines within an NIS domain to + share a common set of configuration files. This permits a + system administrator to set up NIS client + systems with only minimal configuration data and to add, remove, + or modify configuration data from a single location. - &os; uses version 2 of the NIS - protocol. + &os; uses version 2 of the NIS + protocol. <acronym>NIS</acronym> Terms and Processes @@ -1130,250 +1120,245 @@ Exports list on foobar: Planning Considerations This section describes a sample NIS - environment which consists of 15 &os; machines with - no centralized point of administration. Each - machine has its own /etc/passwd and - /etc/master.passwd. These files are - kept in sync with each other only through manual - intervention. Currently, when a user is added to the lab, - the process must be repeated on all 15 machines. - - The configuration of the lab will be as follows: - - - - - - Machine name - IP address - Machine role - - - - - - ellington - 10.0.0.2 - NIS master - - - - coltrane - 10.0.0.3 - NIS slave - - - - basie - 10.0.0.4 - Faculty workstation - - - - bird - 10.0.0.5 - Client machine - - - - cli[1-11] - - 10.0.0.[6-17] - Other client machines - - - - - - If this is the first time an NIS - scheme is being developed, it should be thoroughly planned - ahead of time. Regardless of network size, several - decisions need to be made as part of the planning - process. - - - Choosing a <acronym>NIS</acronym> Domain Name - - - NIS - domain name - - When a client broadcasts its requests for info, it - includes the name of the NIS domain - that it is part of. This is how multiple servers on one - network can tell which server should answer which request. - Think of the NIS domain name as the - name for a group of hosts. - - Some organizations choose to use their Internet domain - name for their NIS domain name. This - is not recommended as it can cause confusion when trying - to debug network problems. The NIS - domain name should be unique within the network and it is - helpful if it describes the group of machines it - represents. For example, the Art department at Acme Inc. - might be in the acme-art - NIS domain. This example will use the - domain name test-domain. - - However, some non-&os; operating systems require the - NIS domain name to be the same as the - Internet domain name. If one or more machines on the - network have this restriction, the Internet domain name - must be used as the - NIS domain name. - - - - Physical Server Requirements - - There are several things to keep in mind when choosing - a machine to use as a NIS server. - Since NIS clients depend upon the - availability of the server, choose a machine that is not - rebooted frequently. The NIS server - should ideally be a stand alone machine whose sole purpose - is to be an NIS server. If the network - is not heavily used, it is acceptable to put the - NIS server on a machine running other - services. However, if the NIS server - becomes unavailable, it will adversely affect all - NIS clients. - - - - - Configuring the <acronym>NIS</acronym> Master - Server - - The canonical copies of all NIS - files are stored on the master server. The databases used - to store the information are called NIS - maps. In &os;, these maps are stored in - /var/yp/[domainname] where - [domainname] is the name of the - NIS domain. Since multiple domains are - supported, it is possible to have several directories, one - for each domain. Each domain will have its own independent - set of maps. - - NIS master and slave servers handle - all NIS requests through &man.ypserv.8;. - This daemon is responsible for receiving incoming requests - from NIS clients, translating the - requested domain and map name to a path to the corresponding - database file, and transmitting data from the database back - to the client. + environment which consists of 15 &os; machines with no + centralized point of administration. Each machine has its own + /etc/passwd and + /etc/master.passwd. These files are kept + in sync with each other only through manual intervention. + Currently, when a user is added to the lab, the process must + be repeated on all 15 machines. + + The configuration of the lab will be as follows: + + + + + + Machine name + IP address + Machine role + + + + + + ellington + 10.0.0.2 + NIS master + + + + coltrane + 10.0.0.3 + NIS slave + + + + basie + 10.0.0.4 + Faculty workstation + + + + bird + 10.0.0.5 + Client machine + + + + cli[1-11] + + 10.0.0.[6-17] + Other client machines + + + + + + If this is the first time an NIS + scheme is being developed, it should be thoroughly planned + ahead of time. Regardless of network size, several decisions + need to be made as part of the planning process. - NIS - server configuration + + Choosing a <acronym>NIS</acronym> Domain Name + + + NIS + domain name - Setting up a master NIS server can - be relatively straight forward, depending on environmental - needs. Since &os; provides built-in - NIS support, it only needs to be - enabled by adding the following lines to - /etc/rc.conf: - - - - nisdomainname="test-domain" - - This line sets the NIS domain - name to test-domain. - - - - nis_server_enable="YES" - - This automates the start up of the - NIS server processes when the - system boots. - - - - nis_yppasswdd_enable="YES" - - This enables the &man.rpc.yppasswdd.8; daemon so - that users can change their NIS - password from a client machine. - - - - Care must be taken in a multi-server domain where the - server machines are also NIS clients. It - is generally a good idea to force the servers to bind to - themselves rather than allowing them to broadcast bind - requests and possibly become bound to each other. Strange - failure modes can result if one server goes down and others - are dependent upon it. Eventually, all the clients will - time out and attempt to bind to other servers, but the delay - involved can be considerable and the failure mode is still - present since the servers might bind to each other all over - again. - - A server that is also a client can be forced to bind to - a particular server by adding these additional lines to - /etc/rc.conf: + When a client broadcasts its requests for info, it + includes the name of the NIS domain that + it is part of. This is how multiple servers on one network + can tell which server should answer which request. Think of + the NIS domain name as the name for a + group of hosts. + + Some organizations choose to use their Internet domain + name for their NIS domain name. This is + not recommended as it can cause confusion when trying to + debug network problems. The NIS domain + name should be unique within the network and it is helpful + if it describes the group of machines it represents. For + example, the Art department at Acme Inc. might be in the + acme-art NIS domain. This + example will use the domain name + test-domain. + + However, some non-&os; operating systems require the + NIS domain name to be the same as the + Internet domain name. If one or more machines on the + network have this restriction, the Internet domain name + must be used as the + NIS domain name. + - nis_client_enable="YES" # run client stuff as well + + Physical Server Requirements + + There are several things to keep in mind when choosing a + machine to use as a NIS server. Since + NIS clients depend upon the availability + of the server, choose a machine that is not rebooted + frequently. The NIS server should + ideally be a stand alone machine whose sole purpose is to be + an NIS server. If the network is not + heavily used, it is acceptable to put the + NIS server on a machine running other + services. However, if the NIS server + becomes unavailable, it will adversely affect all + NIS clients. + + + + + Configuring the <acronym>NIS</acronym> Master + Server + + The canonical copies of all NIS files + are stored on the master server. The databases used to store + the information are called NIS maps. In + &os;, these maps are stored in + /var/yp/[domainname] where + [domainname] is the name of the + NIS domain. Since multiple domains are + supported, it is possible to have several directories, one for + each domain. Each domain will have its own independent set of + maps. + + NIS master and slave servers handle all + NIS requests through &man.ypserv.8;. This + daemon is responsible for receiving incoming requests from + NIS clients, translating the requested + domain and map name to a path to the corresponding database + file, and transmitting data from the database back to the + client. + + NIS + server configuration + + Setting up a master NIS server can be + relatively straight forward, depending on environmental needs. + Since &os; provides built-in NIS support, + it only needs to be enabled by adding the following lines to + /etc/rc.conf: + + + + nisdomainname="test-domain" + + This line sets the NIS domain name + to test-domain. + + + + nis_server_enable="YES" + + This automates the start up of the + NIS server processes when the system + boots. + + + + nis_yppasswdd_enable="YES" + + This enables the &man.rpc.yppasswdd.8; daemon so that + users can change their NIS password + from a client machine. + + + + Care must be taken in a multi-server domain where the + server machines are also NIS clients. It + is generally a good idea to force the servers to bind to + themselves rather than allowing them to broadcast bind + requests and possibly become bound to each other. Strange + failure modes can result if one server goes down and others + are dependent upon it. Eventually, all the clients will time + out and attempt to bind to other servers, but the delay + involved can be considerable and the failure mode is still + present since the servers might bind to each other all over + again. + + A server that is also a client can be forced to bind to a + particular server by adding these additional lines to + /etc/rc.conf: + + nis_client_enable="YES" # run client stuff as well nis_client_flags="-S NIS domain,server" - After saving the edits, type - /etc/netstart to restart the network - and apply the values defined in - /etc/rc.conf. Before initializing - the NIS maps, start - &man.ypserv.8;: - - &prompt.root; service ypserv start - - - Initializing the <acronym>NIS</acronym> - Maps - - - NIS - maps - - NIS maps are generated from the - configuration files in /etc on the - NIS master, with one exception: - /etc/master.passwd. This is to - prevent the propagation of passwords to all the servers in - the NIS domain. Therefore, before the - NIS maps are initialized, configure the - primary password files: + After saving the edits, type + /etc/netstart to restart the network and + apply the values defined in /etc/rc.conf. + Before initializing the NIS maps, start + &man.ypserv.8;: + + &prompt.root; service ypserv start + + + Initializing the <acronym>NIS</acronym> Maps + + + NIS + maps + + NIS maps are generated from the + configuration files in /etc on the + NIS master, with one exception: + /etc/master.passwd. This is to prevent + the propagation of passwords to all the servers in the + NIS domain. Therefore, before the + NIS maps are initialized, configure the + primary password files: - &prompt.root; cp /etc/master.passwd /var/yp/master.passwd + &prompt.root; cp /etc/master.passwd /var/yp/master.passwd &prompt.root; cd /var/yp &prompt.root; vi master.passwd - It is advisable to remove all entries for system - accounts as well as any user accounts that do not need to - be propagated to the NIS clients, such - as the root and - any other administrative accounts. - - Ensure that the - /var/yp/master.passwd is neither - group or world readable by setting its permissions to - 600. - - - After completing this task, initialize the - NIS maps. &os; includes the - &man.ypinit.8; script to do this. When generating maps - for the master server, include - and specify the NIS - domain name: + It is advisable to remove all entries for system + accounts as well as any user accounts that do not need to be + propagated to the NIS clients, such as + the root and any + other administrative accounts. + + Ensure that the + /var/yp/master.passwd is neither group + or world readable by setting its permissions to + 600. + + + After completing this task, initialize the + NIS maps. &os; includes the + &man.ypinit.8; script to do this. When generating maps + for the master server, include and + specify the NIS domain name: - ellington&prompt.root; ypinit -m test-domain + ellington&prompt.root; ypinit -m test-domain Server Type: MASTER Domain: test-domain Creating an YP server will require that you answer a few questions. Questions will all be asked at the beginning of the procedure. @@ -1397,63 +1382,58 @@ Is this correct? [y/n: y] y< NIS Map update completed. ellington has been setup as an YP master server without any errors. - This will create - /var/yp/Makefile from - /var/yp/Makefile.dist. By - default, this file assumes that the environment has a - single NIS server with only &os; - clients. Since test-domain has a - slave server, edit this line in - /var/yp/Makefile so that it begins - with a comment (#): - - NOPUSH = "True" - - - - Adding New Users - - Every time a new user is created, the user account - must be added to the master NIS - server and the NIS maps rebuilt. - Until this occurs, the new user will not be able to - login anywhere except on the NIS - master. For example, to add the new user - jsmith to the - test-domain domain, run these - commands on the master server: + This will create /var/yp/Makefile + from /var/yp/Makefile.dist. By + default, this file assumes that the environment has a + single NIS server with only &os; clients. + Since test-domain has a slave server, + edit this line in /var/yp/Makefile so + that it begins with a comment + (#): + + NOPUSH = "True" + + + + Adding New Users + + Every time a new user is created, the user account must + be added to the master NIS server and the + NIS maps rebuilt. Until this occurs, the + new user will not be able to login anywhere except on the + NIS master. For example, to add the new + user jsmith to the + test-domain domain, run these commands on + the master server: - &prompt.root; pw useradd jsmith + &prompt.root; pw useradd jsmith &prompt.root; cd /var/yp &prompt.root; make test-domain - The user could also be added using adduser - jsmith instead of pw useradd - jsmith. - - - - - Setting up a <acronym>NIS</acronym> Slave - Server - - - NIS - slave server *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Thu Apr 3 23:20:16 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 620F0222; Thu, 3 Apr 2014 23:20:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4ED18B48; Thu, 3 Apr 2014 23:20:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s33NKGIj047272; Thu, 3 Apr 2014 23:20:16 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s33NKGMG047271; Thu, 3 Apr 2014 23:20:16 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404032320.s33NKGMG047271@svn.freebsd.org> From: Dru Lavigne Date: Thu, 3 Apr 2014 23:20:16 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44433 - head/en_US.ISO8859-1/books/handbook/network-servers X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Apr 2014 23:20:16 -0000 Author: dru Date: Thu Apr 3 23:20:15 2014 New Revision: 44433 URL: http://svnweb.freebsd.org/changeset/doc/44433 Log: Fix grammo. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Thu Apr 3 23:19:11 2014 (r44432) +++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Thu Apr 3 23:20:15 2014 (r44433) @@ -658,7 +658,7 @@ server-program-argumentsDNS or /etc/hosts entries. The -alldirs flag allows subdirectories to be - mount points. In other words, it will not automaticaly mount + mount points. In other words, it will not automatically mount the subdirectories, but will permit the client to mount the directories that are required as needed. From owner-svn-doc-all@FreeBSD.ORG Fri Apr 4 01:25:04 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 230DD9B4; Fri, 4 Apr 2014 01:25:04 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0E9A5797; Fri, 4 Apr 2014 01:25:04 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s341P3l0002445; Fri, 4 Apr 2014 01:25:03 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s341P3SN002444; Fri, 4 Apr 2014 01:25:03 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404040125.s341P3SN002444@svn.freebsd.org> From: Warren Block Date: Fri, 4 Apr 2014 01:25:03 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44434 - head/en_US.ISO8859-1/books/porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Apr 2014 01:25:04 -0000 Author: wblock Date: Fri Apr 4 01:25:03 2014 New Revision: 44434 URL: http://svnweb.freebsd.org/changeset/doc/44434 Log: Recover lost tags. Make descriptions of the components of package names easier to read. Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Thu Apr 3 23:20:15 2014 (r44433) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Fri Apr 4 01:25:03 2014 (r44434) @@ -335,25 +335,27 @@ PORTEPOCH= 1 Package Naming Conventions - The following are the conventions you should follow in - naming your packages. This is to have our package directory + These are the conventions to follow when + naming packages. This is to make the package directory easy to scan, as there are already thousands of packages and users are going to turn away if they hurt their eyes! - The package name should look like - language_region-name-compiled.specifics-version.numbers. + Package names take the form of + language_region-name-compiled.specifics-version.numbers. The package name is defined as ${PKGNAMEPREFIX}${PORTNAME}${PKGNAMESUFFIX}-${PORTVERSION}. Make sure to set the variables to conform to that format. - + + + language_region- &os; strives to support the native language of its users. The language- part - should be a two letter abbreviation of the natural - language defined by ISO-639 if the port is specific to a + is a two letter abbreviation of the natural + language defined by ISO-639 when the port is specific to a certain language. Examples are ja for Japanese, ru for Russian, vi for Vietnamese, @@ -365,25 +367,25 @@ PORTEPOCH= 1 Examples are en_US for US English and fr_CH for Swiss French. - The language- part should - be set in the PKGNAMEPREFIX + The language- part is + set in the PKGNAMEPREFIX variable. + + + name The first letter of the name part should be lowercase. (The rest of the name may contain - capital letters, so use your own discretion when you are + capital letters, so use your own discretion when converting a software name that has some capital letters in it.) There is a tradition of naming Perl 5 modules by prepending p5- and converting the double-colon - separator to a hyphen; for example, the + separator to a hyphen. For example, the Data::Dumper module becomes p5-Data-Dumper. - - - Make sure that the port's name and version are clearly separated and placed into the PORTNAME and PORTVERSION variables. The only @@ -401,7 +403,10 @@ PORTEPOCH= 1 distinguished by the PKGNAMEPREFIX and PKGNAMESUFFIX values. + + + -compiled.specifics If the port can be built with different hardcoded @@ -412,13 +417,16 @@ PORTEPOCH= 1 Examples are paper size and font units. The -compiled.specifics - part should be set in the PKGNAMESUFFIX + part is set in the PKGNAMESUFFIX variable. + + + -version.numbers - The version string should follow a dash - (-) and be a period-separated list of + The version string follows a dash + (-) and is a period-separated list of integers and single lowercase alphabetics. In particular, it is not permissible to have another dash inside the version string. The only exception is the string @@ -437,18 +445,19 @@ PORTEPOCH= 1 at the version string. In particular, make sure version number components are always delimited by a period, and if the date is part of the string, use the - 0.0.yyyy.mm.dd format, not - dd.mm.yyyy or the non-Y2K compliant - yy.mm.dd format. It is important to + 0.0.yyyy.mm.dd format, not + dd.mm.yyyy or the non-Y2K compliant + yy.mm.dd format. It is important to prefix the version with 0.0. in case a release with an actual version number is made, which would of course be numerically less than - yyyy. + yyyy. - + + - Package name should be unique among all of the ports + Package name must be unique among all of the ports tree, check that there is not already a port with the same PORTNAME and if there is add one of PKGNAMEPREFIX @@ -595,7 +604,7 @@ PORTEPOCH= 1 string to 1.0 (like the piewm example above). Otherwise, ask the original author or use the date string - (0.0.yyyy.mm.dd) as the version. + (0.0.yyyy.mm.dd) as the version. @@ -1983,7 +1992,7 @@ DISTFILES= source1.tar.gz:source1 \ - Elements can be postfixed with :n + Elements can be postfixed with :n where n is [^:,]+, i.e., n could conceptually be any @@ -2090,7 +2099,7 @@ DISTFILES= source1.tar.gz:source1 \ be terminated with the forward slash / character. If any elements belong to any groups, the group postfix - :n must come right after the + :n must come right after the terminator /. The MASTER_SITES:n mechanism relies on the existence of the terminator @@ -2383,7 +2392,7 @@ PATCHFILES= patch1:test All current ports remain the same. The MASTER_SITES:n feature code is only activated if there are elements postfixed with - :n like elements according to the + :n like elements according to the aforementioned syntax rules, especially as shown in item . @@ -2750,7 +2759,7 @@ ALWAYS_KEEP_DISTFILES= yes This variable specifies executables or files this port depends on during run-time. It is a list of - path:dir:target + path:dir:target tuples where path is the name of the executable or file, dir is the directory in which to find it in case it is not available, and @@ -2832,7 +2841,7 @@ ALWAYS_KEEP_DISTFILES= yes This variable specifies executables or files this port requires to build. Like RUN_DEPENDS, it is a list of - path:dir:target + path:dir:target tuples. For example, BUILD_DEPENDS= unzip:${PORTSDIR}/archivers/unzip @@ -2856,7 +2865,7 @@ ALWAYS_KEEP_DISTFILES= yes This variable specifies executables or files this port requires to fetch. Like the previous two, it is a list of - path:dir:target + path:dir:target tuples. For example, FETCH_DEPENDS= ncftp2:${PORTSDIR}/net/ncftp2 @@ -2877,7 +2886,7 @@ ALWAYS_KEEP_DISTFILES= yes This variable specifies executables or files this port requires for extraction. Like the previous, it is a list of - path:dir:target + path:dir:target tuples. For example, EXTRACT_DEPENDS= unzip:${PORTSDIR}/archivers/unzip @@ -2907,7 +2916,7 @@ ALWAYS_KEEP_DISTFILES= yes This variable specifies executables or files this port requires to patch. Like the previous, it is a list of - path:dir:target + path:dir:target tuples. For example, PATCH_DEPENDS= ${NONEXISTENT}:${PORTSDIR}/java/jfc:extract @@ -4248,8 +4257,8 @@ PORTVERSION= 1.0 files in the port's *-install targets. Set ownership directly in pkg-plist with the corresponding entries, - such as @owner owner and - @group group. These operators work until + such as @owner owner and + @group group. These operators work until being overridden, or until the end of pkg-plist, so do not forget to reset them after they are no longer needed. The default ownership is From owner-svn-doc-all@FreeBSD.ORG Fri Apr 4 01:46:32 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 92E43D24; Fri, 4 Apr 2014 01:46:32 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 71CF0921; Fri, 4 Apr 2014 01:46:32 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s341kWKC010894; Fri, 4 Apr 2014 01:46:32 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s341kWbi010893; Fri, 4 Apr 2014 01:46:32 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404040146.s341kWbi010893@svn.freebsd.org> From: Warren Block Date: Fri, 4 Apr 2014 01:46:32 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44435 - head/en_US.ISO8859-1/books/porters-handbook/special X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Apr 2014 01:46:32 -0000 Author: wblock Date: Fri Apr 4 01:46:32 2014 New Revision: 44435 URL: http://svnweb.freebsd.org/changeset/doc/44435 Log: Update Qt and KDE sections. Modified version of patch supplied with PR. PR: docs/187473 Submitted by: Max Brazhnikov Modified: head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Fri Apr 4 01:25:03 2014 (r44434) +++ head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Fri Apr 4 01:46:32 2014 (r44435) @@ -1281,137 +1281,102 @@ USE_XORG= x11 xpm Ports That Require Qt + The Ports Collection provides support for Qt 4 and Qt 5 + frameworks with the USE_QTx variable, + where x is 4 or 5. USE_QTx should be + set to the list of required Qt components (libraries, + tools, plugins). The Qt 4 and Qt 5 frameworks are quite similar. + The main difference is the set of supported components. + + The Qt framework exports a number of variables which can be used + by ports, some of them listed below: + - Variables for Ports That Use Qt + Variables Provided to Ports That Use Qt - USE_QT4 - Specify tool and library dependencies for ports - that use Qt 4. See - Qt 4 component - selection for more details. - - - QT_PREFIX - Set to the path where Qt installed to - (read-only variable). + Set to the path where Qt was installed + (${LOCALBASE}). - MOC - Set to the path of moc - (read-only variable). Default set according to - USE_QT_VER value. + QMAKE + Full path to qmake binary. - QTCPPFLAGS - Additional compiler flags passed via - CONFIGURE_ENV for Qt toolkit. - Default set according to - USE_QT_VER. + LRELEASE + Full path to lrelease utility. - QTCFGLIBS - Additional libraries for linking passed via - CONFIGURE_ENV for Qt toolkit. - Default set according to - USE_QT_VER. + MOC + Full path to moc. - QTNONSTANDARD - Suppress modification of - CONFIGURE_ENV, - CONFIGURE_ARGS, - CPPFLAGS and - MAKE_ENV. + RCC + Full path to rcc. - - -
    - - - Additional Variables for Ports That Use Qt - 4.x - - UIC - Set to the path of uic - (read-only variable). - - - - QMAKE - Set to the path of qmake - (read-only variable). - - - - QMAKESPEC - Set to the path of configuration file for - qmake (read-only - variable). - - - - QMAKEFLAGS - Additional flags for - qmake. + Full path to uic. QT_INCDIR - Set to Qt 4 include directories (read-only - variable). + Qt include directory. QT_LIBDIR - Set to Qt 4 libraries path (read-only - variable). + Qt libraries path. QT_PLUGINDIR - Set to Qt 4 plugins path (read-only - variable). + Qt plugins path.
    - When USE_QT4 is set, the following + When using the Qt framework, these settings are deployed: CONFIGURE_ARGS+= --with-qt-includes=${QT_INCDIR} \ --with-qt-libraries=${QT_LIBDIR} \ --with-extra-libs=${LOCALBASE}/lib \ --with-extra-includes=${LOCALBASE}/include -CONFIGURE_ENV+= MOC="${MOC}" UIC="${UIC}" LIBS="${QTCFGLIBS}" \ - QMAKE="${QMAKE}" QMAKESPEC="${QMAKESPEC}" QTDIR="${QT_PREFIX}" -MAKE_ENV+= QMAKESPEC="${QMAKESPEC}" -PLIST_SUB+= QT_INCDIR_REL=${QT_INCDIR_REL} \ - QT_LIBDIR_REL=${QT_LIBDIR_REL} \ - QT_PLUGINDIR_REL=${QT_PLUGINDIR_REL} +CONFIGURE_ENV+= QTDIR="${QT_PREFIX}" QMAKE="${QMAKE}" \ + MOC="${MOC}" RCC="${RCC}" UIC="${UIC}" \ + QMAKESPEC="${QMAKESPEC}" + +PLIST_SUB+= QT_INCDIR=${QT_INCDIR_REL} \ + QT_LIBDIR=${QT_LIBDIR_REL} \ + QT_PLUGINDIR=${QT_PLUGINDIR_REL} + + Some configure scripts do not support the arguments above. + To suppress modification ofCONFIGURE_ENV and + CONFIGURE_ARGS, set the + QT_NONSTANDARD variable. +     - + Component Selection - Individual Qt 4 tool and library dependencies must be - specified in the USE_QT4 variable. Every - component can be suffixed by either + Individual Qt tool and library dependencies must be + specified in the USE_QTx variable. Every + component can be suffixed with _build or _run, the suffix indicating whether the component should be depended - on at buildtime or runtime, respectively. If unsuffixed, + on at buildtime or runtime. If unsuffixed, the component will be depended on at both build- and runtime. Usually, library components should be specified unsuffixed, tool components should be specified with the @@ -1419,11 +1384,12 @@ PLIST_SUB+= QT_INCDIR_REL=${QT_INCDIR_RE should be specified with the _run suffix. The most commonly used components are listed below (all available components are listed in - _USE_QT4_ALL in + _USE_QT_ALL, _USE_QT4_ONLY, + and _USE_QT5_ONLY variables in /usr/ports/Mk/bsd.qt.mk): - Available Qt 4 Library Components + Available Qt Library Components @@ -1435,9 +1401,18 @@ PLIST_SUB+= QT_INCDIR_REL=${QT_INCDIR_RE + core + core library (Qt 5 only) + + + corelib - core library (can be omitted unless the port - uses nothing but corelib) + core library (Qt 4 only) + + + + dbus + Qt DBus library @@ -1452,43 +1427,43 @@ PLIST_SUB+= QT_INCDIR_REL=${QT_INCDIR_RE opengl - OpenGL library + Qt OpenGL library - qt3support - Qt 3 compatibility library + script + script library - qtestlib - unit testing library + sql + SQL library - script - script library + testlib + unit testing library - sql - SQL library + webkit + Qt WebKit library xml - XML library + Qt XML library
    - You can determine which libraries the application - depends on, by running ldd on the main + To determine the libraries an application + depends on, run ldd on the main executable after a successful compilation. - Available Qt 4 Tool Components + Available Qt Tool Components @@ -1500,36 +1475,55 @@ PLIST_SUB+= QT_INCDIR_REL=${QT_INCDIR_RE - moc - meta object compiler (needed for almost - every Qt application at buildtime) + qmake + Makefile generator/build utility - qmake - Makefile generator / build utility + buildtools + build tools (moc, + rcc), needed for almost + every Qt application (Qt 5 only) + + + + linguisttools + localization tools: lrelease, + lupdate (Qt 5 only) + + + + linguist + localization tools: lrelease, + lupdate (Qt 4 only) + + + + moc + meta object compiler, needed for almost + every Qt application at buildtime (Qt 4 only) rcc - resource compiler (needed if the application + resource compiler, needed if the application comes with *.rc or - *.qrc files) + *.qrc files (Qt 4 only) uic - user interface compiler (needed if the + user interface compiler, needed if the application comes with *.ui - files created by Qt Designer - in practice, every Qt - application with a GUI) + files, in practice, every Qt + application with a GUI (Qt 4 only)
    - Available Qt 4 Plugin Components + Available Qt Plugin Components @@ -1542,14 +1536,14 @@ PLIST_SUB+= QT_INCDIR_REL=${QT_INCDIR_RE iconengines - SVG icon engine plugin (if the application - ships SVG icons) + SVG icon engine plugin, needed if the application + ships SVG icons (Qt 4 only) imageformats - imageformat plugins for GIF, JPEG, MNG and - SVG (if the application ships image files) + plugins for TGA, TIFF, and MNG + image formats @@ -1577,6 +1571,24 @@ PLIST_SUB+= QT_INCDIR_REL=${QT_INCDIR_RE Using <command>qmake</command> + + If the application provides a + qmake project file + (*.pro), define + USES= qmake along with + USE_QTx. Note + that USES= qmake already implies a build + dependency on qmake, therefore the qmake component can be + omitted from + USE_QTx. + Similar to CMake, + qmake supports out-of-source + builds, which can be enabled by specifying the + outsource argument (see USES= qmake + example). +
    Variables for Ports That Use <command>qmake</command> @@ -1592,7 +1604,7 @@ PLIST_SUB+= QT_INCDIR_REL=${QT_INCDIR_RE QMAKE_ARGS - Port specific QMake + Port specific qmake flags to be passed to the qmake binary. @@ -1605,33 +1617,37 @@ PLIST_SUB+= QT_INCDIR_REL=${QT_INCDIR_RE - QMAKE_PRO - Name of the project .pro - file. The default is empty (using - autodetection). + QMAKE_SOURCE_PATH + + Path to qmake project files + (.pro). The default is + ${WRKSRC} if an + out-of-source build is requested, empty + otherwise.
    - If the application does not provide a - configure script but a - .pro file, you can use the - following: + + <literal>USES= qmake</literal> Example + + This snippet demonstrates the use of + qmake for a Qt 4 port: - USES= qmake -USE_QT4= qmake_build + USES= qmake:outsource +USE_QT4= moc_build + - USES=qmake instructs the port to - use qmake for configuring. - Note that USES=qmake does not imply a - dependency on Qt 4 qmake, thus - USE_QT4 has to be populated with the - qmake_build component. + For a Qt 5 port: + USES= qmake:outsource +USE_QT5= buildtools_build + + - Qt applications often are written to be cross-platform + Qt applications are often written to be cross-platform and often X11/Unix is not the platform they are developed - on, which in turn often leads to certain loose ends, + on, which in turn leads to certain loose ends, like: @@ -1670,7 +1686,7 @@ USE_QT4= qmake_build KDE 4 Variable Definitions - If your application depends on KDE 4.x, set + If the application depends on KDE 4, set USE_KDE4 to the list of required components. _build and _run suffixes can be used to force @@ -1702,44 +1718,38 @@ USE_QT4= qmake_build kdelibs - KDE Developer Platform + KDE core libraries kdeprefix If set, port will be installed into - ${KDE4_PREFIX} instead of - ${LOCALBASE} - - - - sharedmime - MIME types database for KDE ports + ${KDE4_PREFIX} automoc4 - Automatic moc for Qt 4 packages + Build tool to automatically generate moc files akonadi - Storage server for KDE-Pim + Storage server for KDE PIM data soprano - Qt 4 RDF framework + Library for Resource Description Framework (RDF) strigi - Desktop search daemon + Strigi desktop search library libkcddb - KDE CDDB library + KDE CDDB (compact disc database) library @@ -1766,7 +1776,7 @@ USE_QT4= qmake_build libkipi - KDE Image Plugin Interface + KDE Image Plugin Interface @@ -1782,17 +1792,17 @@ USE_QT4= qmake_build pimlibs - KDE-Pim libraries + Personal information management libraries kate - Text editor framework + Advanced text editor framework marble - Virtual globe + Virtual globe and world atlas @@ -1828,15 +1838,17 @@ USE_QT4= qmake_build - KDE 4.x ports are installed into - KDE4_PREFIX, which is - /usr/local/kde4 currently. This is + KDE 4 ports are installed into + KDE4_PREFIX. This is achieved by specifying the kdeprefix component, which overrides the default - PREFIX. The ports however respect any - PREFIX set via MAKEFLAGS + PREFIX. The ports, however, respect any + PREFIX set via the MAKEFLAGS environment variable and/or make - arguments. + arguments. Currently KDE4_PREFIX + is identical to the default PREFIX, + ${LOCALBASE}. + <varname>USE_KDE4</varname> Example From owner-svn-doc-all@FreeBSD.ORG Fri Apr 4 01:55:03 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E1FE3F44; Fri, 4 Apr 2014 01:55:02 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B311B9CF; Fri, 4 Apr 2014 01:55:02 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s341t2PK014776; Fri, 4 Apr 2014 01:55:02 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s341t233014775; Fri, 4 Apr 2014 01:55:02 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404040155.s341t233014775@svn.freebsd.org> From: Warren Block Date: Fri, 4 Apr 2014 01:55:02 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44436 - head/en_US.ISO8859-1/books/porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Apr 2014 01:55:03 -0000 Author: wblock Date: Fri Apr 4 01:55:02 2014 New Revision: 44436 URL: http://svnweb.freebsd.org/changeset/doc/44436 Log: Whitespace-only fixes, translators please ignore. Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Fri Apr 4 01:46:32 2014 (r44435) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Fri Apr 4 01:55:02 2014 (r44436) @@ -351,108 +351,120 @@ PORTEPOCH= 1 language_region- - - &os; strives to support the native language of its - users. The language- part - is a two letter abbreviation of the natural - language defined by ISO-639 when the port is specific to a - certain language. Examples are ja for - Japanese, ru for Russian, - vi for Vietnamese, - zh for Chinese, ko - for Korean and de for German. - - If the port is specific to a certain region within the - language area, add the two letter country code as well. - Examples are en_US for US English and - fr_CH for Swiss French. - - The language- part is - set in the PKGNAMEPREFIX - variable. - + + + &os; strives to support the native language of its + users. The language- part is + a two letter abbreviation of the natural language + defined by ISO-639 when the port is specific to a + certain language. Examples are ja + for Japanese, ru for Russian, + vi for Vietnamese, + zh for Chinese, ko + for Korean and de for German. + + If the port is specific to a certain region within + the language area, add the two letter country code as + well. Examples are en_US for US + English and fr_CH for Swiss + French. + + The language- part is + set in the PKGNAMEPREFIX + variable. + name - - The first letter of the name part - should be lowercase. (The rest of the name may contain - capital letters, so use your own discretion when - converting a software name that has some capital letters - in it.) There is a tradition of naming - Perl 5 modules by prepending - p5- and converting the double-colon - separator to a hyphen. For example, the - Data::Dumper module becomes - p5-Data-Dumper. - Make sure that the port's name and version are clearly - separated and placed into the PORTNAME - and PORTVERSION variables. The only - reason for PORTNAME to contain a - version part is if the upstream distribution is really - named that way, as in the - textproc/libxml2 or - japanese/kinput2-freewnn ports. - Otherwise, the PORTNAME should not - contain any version-specific information. It is quite - normal for several ports to have the same - PORTNAME, as the - www/apache* ports do; in that case, - different versions (and different index entries) are - distinguished by the PKGNAMEPREFIX and - PKGNAMESUFFIX values. - + + + The first letter of the name + part should be lowercase. (The rest of the name may + contain capital letters, so use your own discretion when + converting a software name that has some capital letters + in it.) There is a tradition of naming + Perl 5 modules by prepending + p5- and converting the double-colon + separator to a hyphen. For example, the + Data::Dumper module becomes + p5-Data-Dumper. + + Make sure that the port's name and version are + clearly separated and placed into the + PORTNAME and + PORTVERSION variables. The only + reason for PORTNAME to contain a + version part is if the upstream distribution is really + named that way, as in the + textproc/libxml2 or + japanese/kinput2-freewnn ports. + Otherwise, the PORTNAME should not + contain any version-specific information. It is quite + normal for several ports to have the same + PORTNAME, as the + www/apache* ports do; in that case, + different versions (and different index entries) are + distinguished by the PKGNAMEPREFIX + and PKGNAMESUFFIX values. + -compiled.specifics - - If the port can be built with different - hardcoded - defaults (usually part of the directory name in a - family of ports), the - -compiled.specifics part should - state the compiled-in defaults (the hyphen is optional). - Examples are paper size and font units. - - The -compiled.specifics - part is set in the PKGNAMESUFFIX - variable. - + + + If the port can be built with different hardcoded defaults + (usually part of the directory name in a family of + ports), the + -compiled.specifics part + should state the compiled-in defaults (the hyphen is + optional). Examples are paper size and font + units. + + The -compiled.specifics + part is set in the PKGNAMESUFFIX + variable. + -version.numbers - - The version string follows a dash - (-) and is a period-separated list of - integers and single lowercase alphabetics. In particular, - it is not permissible to have another dash inside the - version string. The only exception is the string - pl (meaning patchlevel), - which can be used only when there are - no major and minor version numbers in the software. If - the software version has strings like - alpha, beta, - rc, or pre, take the first - letter and put it immediately after a period. If the - version string continues after those names, the numbers - should follow the single alphabet without an extra period - between them. - - The idea is to make it easier to sort ports by looking - at the version string. In particular, make sure version - number components are always delimited by a period, and if - the date is part of the string, use the - 0.0.yyyy.mm.dd format, not - dd.mm.yyyy or the non-Y2K compliant - yy.mm.dd format. It is important to - prefix the version with 0.0. in case a - release with an actual version number is made, which would - of course be numerically less than - yyyy. - + + + The version string follows a dash + (-) and is a period-separated list of + integers and single lowercase alphabetics. In + particular, it is not permissible to have another dash + inside the version string. The only exception is the + string pl (meaning + patchlevel), which can be used + only when there are no major and + minor version numbers in the software. If the software + version has strings like alpha, + beta, rc, or + pre, take the first letter and put it + immediately after a period. If the version string + continues after those names, the numbers should follow + the single alphabet without an extra period between + them. + + The idea is to make it easier to sort ports by + looking at the version string. In particular, make sure + version number components are always delimited by a + period, and if the date is part of the string, use the + 0.0.yyyy.mm.dd + format, not + dd.mm.yyyy + or the non-Y2K compliant + yy.mm.dd + format. It is important to prefix the version with + 0.0. in case a release with an actual + version number is made, which would of course be + numerically less than + yyyy. + @@ -604,7 +616,8 @@ PORTEPOCH= 1 string to 1.0 (like the piewm example above). Otherwise, ask the original author or use the date string - (0.0.yyyy.mm.dd) as the version. + (0.0.yyyy.mm.dd) + as the version. @@ -1992,8 +2005,9 @@ DISTFILES= source1.tar.gz:source1 \ - Elements can be postfixed with :n - where n is + Elements can be postfixed with + :n where + n is [^:,]+, i.e., n could conceptually be any alphanumeric string but we will limit it to @@ -2099,8 +2113,9 @@ DISTFILES= source1.tar.gz:source1 \ be terminated with the forward slash / character. If any elements belong to any groups, the group postfix - :n must come right after the - terminator /. The + :n + must come right after the terminator + /. The MASTER_SITES:n mechanism relies on the existence of the terminator / to avoid confusing elements @@ -2392,9 +2407,9 @@ PATCHFILES= patch1:test All current ports remain the same. The MASTER_SITES:n feature code is only activated if there are elements postfixed with - :n like elements according to the - aforementioned syntax rules, especially as shown in - item :n like + elements according to the aforementioned syntax rules, + especially as shown in item . @@ -4257,16 +4272,16 @@ PORTVERSION= 1.0 files in the port's *-install targets. Set ownership directly in pkg-plist with the corresponding entries, - such as @owner owner and - @group group. These operators work until - being overridden, or until the end of - pkg-plist, so do not forget to reset them - after they are no longer needed. The default ownership is - root:wheel. + such as + @owner owner and + @group group. + These operators work until being overridden, or until the end + of pkg-plist, so do not forget to reset + them after they are no longer needed. The default ownership + is root:wheel.     - INSTALL_PROGRAM is a command to install binary executables. From owner-svn-doc-all@FreeBSD.ORG Fri Apr 4 02:02:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4F53BFFF; Fri, 4 Apr 2014 02:02:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2F0C0A67; Fri, 4 Apr 2014 02:02:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3422gja018618; Fri, 4 Apr 2014 02:02:42 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3422fFx018617; Fri, 4 Apr 2014 02:02:41 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404040202.s3422fFx018617@svn.freebsd.org> From: Warren Block Date: Fri, 4 Apr 2014 02:02:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44437 - head/en_US.ISO8859-1/books/porters-handbook/special X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Apr 2014 02:02:42 -0000 Author: wblock Date: Fri Apr 4 02:02:41 2014 New Revision: 44437 URL: http://svnweb.freebsd.org/changeset/doc/44437 Log: Whitespace-only fixes, translators please ignore. Modified: head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Fri Apr 4 01:55:02 2014 (r44436) +++ head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Fri Apr 4 02:02:41 2014 (r44437) @@ -1217,11 +1217,9 @@ USE_XORG= x11 xpm Updating Desktop Database If a port has a MimeType entry in its - portname.desktop, - the desktop database must be updated after install and - deinstall. To do this, define USES= - desktop-file-utils. - + portname.desktop, the desktop database + must be updated after install and deinstall. To do this, + define USES= desktop-file-utils.     @@ -1229,10 +1227,9 @@ USE_XORG= x11 xpm DESKTOP_ENTRIES Macro Desktop entries can be easily created for applications - by using the DESKTOP_ENTRIES variable. - A file named - name.desktop - will be created, installed, and added to the + by using the DESKTOP_ENTRIES variable. A + file named name.desktop will be + created, installed, and added to the pkg-plist automatically. Syntax is: @@ -1282,14 +1279,18 @@ USE_XORG= x11 xpm Ports That Require Qt The Ports Collection provides support for Qt 4 and Qt 5 - frameworks with the USE_QTx variable, - where x is 4 or 5. USE_QTx should be - set to the list of required Qt components (libraries, - tools, plugins). The Qt 4 and Qt 5 frameworks are quite similar. - The main difference is the set of supported components. + frameworks with the + USE_QTx + variable, where x is + 4 or 5. + USE_QTx should + be set to the list of required Qt components (libraries, + tools, plugins). The Qt 4 and Qt 5 frameworks are quite + similar. The main difference is the set of supported + components.     - The Qt framework exports a number of variables which can be used - by ports, some of them listed below: + The Qt framework exports a number of variables which can + be used by ports, some of them listed below: Variables Provided to Ports That Use Qt @@ -1304,12 +1305,14 @@ USE_XORG= x11 xpm QMAKE - Full path to qmake binary. + Full path to qmake + binary. LRELEASE - Full path to lrelease utility. + Full path to lrelease + utility. @@ -1362,30 +1365,30 @@ PLIST_SUB+= QT_INCDIR=${QT_INCDIR_REL} \ QT_PLUGINDIR=${QT_PLUGINDIR_REL} Some configure scripts do not support the arguments above. - To suppress modification ofCONFIGURE_ENV and - CONFIGURE_ARGS, set the + To suppress modification ofCONFIGURE_ENV + and CONFIGURE_ARGS, set the QT_NONSTANDARD variable. - Component Selection Individual Qt tool and library dependencies must be - specified in the USE_QTx variable. Every - component can be suffixed with + specified in the + USE_QTx + variable. Every component can be suffixed with _build or _run, the - suffix indicating whether the component should be depended - on at buildtime or runtime. If unsuffixed, - the component will be depended on at both build- and - runtime. Usually, library components should be specified - unsuffixed, tool components should be specified with the - _build suffix and plugin components - should be specified with the _run suffix. - The most commonly used components are listed below (all - available components are listed in - _USE_QT_ALL, _USE_QT4_ONLY, - and _USE_QT5_ONLY variables in + suffix indicating whether the component should be depended on + at buildtime or runtime. If unsuffixed, the component will be + depended on at both build- and runtime. Usually, library + components should be specified unsuffixed, tool components + should be specified with the _build suffix + and plugin components should be specified with the + _run suffix. The most commonly used + components are listed below (all available components are + listed in _USE_QT_ALL, + _USE_QT4_ONLY, and + _USE_QT5_ONLY variables in /usr/ports/Mk/bsd.qt.mk):
    @@ -1587,7 +1590,7 @@ PLIST_SUB+= QT_INCDIR=${QT_INCDIR_REL} \ builds, which can be enabled by specifying the outsource argument (see USES= qmake - example). + example).
    Variables for Ports That Use @@ -1636,13 +1639,11 @@ PLIST_SUB+= QT_INCDIR=${QT_INCDIR_REL} \ <application>qmake</application> for a Qt 4 port:</para> <programlisting>USES= qmake:outsource -USE_QT4= moc_build -</programlisting> +USE_QT4= moc_build</programlisting> <para>For a Qt 5 port:</para> <programlisting>USES= qmake:outsource -USE_QT5= buildtools_build -</programlisting> +USE_QT5= buildtools_build</programlisting> </example> <para>Qt applications are often written to be cross-platform @@ -1729,7 +1730,8 @@ USE_QT5= buildtools_build <row> <entry><literal>automoc4</literal></entry> - <entry>Build tool to automatically generate moc files</entry> + <entry>Build tool to automatically generate moc + files</entry> </row> <row> @@ -1739,7 +1741,8 @@ USE_QT5= buildtools_build <row> <entry><literal>soprano</literal></entry> - <entry>Library for Resource Description Framework (RDF)</entry> + <entry>Library for Resource Description Framework + (RDF)</entry> </row> <row> @@ -1847,8 +1850,7 @@ USE_QT5= buildtools_build environment variable and/or <command>make</command> arguments. Currently <varname>KDE4_PREFIX</varname> is identical to the default <varname>PREFIX</varname>, - <literal>${LOCALBASE}</literal>. - </para> + <literal>${LOCALBASE}</literal>.</para> <example xml:id="kde4-components-example"> <title><varname>USE_KDE4</varname> Example From owner-svn-doc-all@FreeBSD.ORG Fri Apr 4 12:32:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A1F07251; Fri, 4 Apr 2014 12:32:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 74A328E7; Fri, 4 Apr 2014 12:32:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s34CWugY078909; Fri, 4 Apr 2014 12:32:56 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s34CWu8K078908; Fri, 4 Apr 2014 12:32:56 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404041232.s34CWu8K078908@svn.freebsd.org> From: Gabor Pali Date: Fri, 4 Apr 2014 12:32:56 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44438 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Apr 2014 12:32:56 -0000 Author: pgj Date: Fri Apr 4 12:32:55 2014 New Revision: 44438 URL: http://svnweb.freebsd.org/changeset/doc/44438 Log: - Add 2014Q1 status report for the libvirt bhyve support Submitted by: novel Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Fri Apr 4 02:02:41 2014 (r44437) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Fri Apr 4 12:32:55 2014 (r44438) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 9 entries and we hope you enjoy reading it.

    + contains 10 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -581,4 +581,44 @@ though none that present visible issues under light load. + + + libvirt/bhyve Support + + + + + Roman + Bogorodskiy + + novel@FreeBSD.org + + + + + bhyve Driver + libvirt Home Page + Developer Blog + + + +

    Libvirt is a virtualization library providing a common API for + various hypervisors (Qemu/KVM, Xen, LXC, and others), and also a + popular library used by a number of projects. Libvirt 1.2.2, + released on March, 2014, was the first release to include bhyve + support. Enabling bhyve support allows consumers to use bhyve + in libvirt-ready applications without major efforts.

    + +

    Currently, libvirt supports almost all essential features of + bhyve, such as Virtual Machince lifecycle (start, stop), bridged + networking, and virtio/SATA driver support. The work continues + to implement more API calls and to cover more of features + offered by bhyve.

    + + + + &os; port of netcf is needed for adding interface + driver support to libvirt. + +     From owner-svn-doc-all@FreeBSD.ORG Fri Apr 4 12:48:04 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 60709BE5; Fri, 4 Apr 2014 12:48:04 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3FDB8A1A; Fri, 4 Apr 2014 12:48:04 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s34Cm4HY083716; Fri, 4 Apr 2014 12:48:04 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s34Cm45J083715; Fri, 4 Apr 2014 12:48:04 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404041248.s34Cm45J083715@svn.freebsd.org> From: Gabor Pali Date: Fri, 4 Apr 2014 12:48:04 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44439 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Apr 2014 12:48:04 -0000 Author: pgj Date: Fri Apr 4 12:48:03 2014 New Revision: 44439 URL: http://svnweb.freebsd.org/changeset/doc/44439 Log: - Add 2014Q1 status report on FreeBSD/arm64 Submitted by: andrew Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Fri Apr 4 12:32:55 2014 (r44438) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Fri Apr 4 12:48:03 2014 (r44439) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 10 entries and we hope you enjoy reading it.

    + contains 11 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -37,6 +37,12 @@ + arch + + Architectures + + + bin Userland Programs @@ -621,4 +627,54 @@ driver support to libvirt. + + + &os;/arm64 + + + + + Andrew + Turner + + andrew@FreeBSD.org + + + + + Project branch in the Subversion repository + GitHub repository + + + +

    Arm64 is the name of the in-progress port of &os; to the ARMv8 + CPU when it is in AArch64 mode. Until recently, all ARM CPU + designs were 32-bit only. With the introduction of the ARMv8, + architecture ARM has added a new 64-bit mode. This new mode has + been named AArch64.

    + +

    Progress has been good on getting &os; to build and run on the + ARM Foundation model. &os; is able to be built for this + architecture, however it requires a number of external tools + including objdump(1) and ld(1). These tools + are provided by an external copy of binutils until replacements + can be written.

    + +

    &os; will run the early boot on the Foundation model. The + loader has been ported to the AArch64 UEFI environment and can + load and run the kernel. The kernel is able to create the + initial page tables to be able to run from virtual memory. It + can then execute C code to parse the memory map provided by the + loader. This is as far as the kernel currently boots.

    + +

    This work is now happening in the &os; Subversion repository in + a project branch, see the links.

    + + + + Implement an initial pmap(9) layer. + Write the missing machine-dependent code. + Test on real hardware. + +     From owner-svn-doc-all@FreeBSD.ORG Fri Apr 4 12:56:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9EB8CFC; Fri, 4 Apr 2014 12:56:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 71F75AD5; Fri, 4 Apr 2014 12:56:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s34CuNA5087711; Fri, 4 Apr 2014 12:56:23 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s34CuNPl087710; Fri, 4 Apr 2014 12:56:23 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404041256.s34CuNPl087710@svn.freebsd.org> From: Gabor Pali Date: Fri, 4 Apr 2014 12:56:23 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44440 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Apr 2014 12:56:23 -0000 Author: pgj Date: Fri Apr 4 12:56:22 2014 New Revision: 44440 URL: http://svnweb.freebsd.org/changeset/doc/44440 Log: - Add 2014Q1 status report for FreeBSD/armv6hf Submitted by: andrew Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Fri Apr 4 12:48:03 2014 (r44439) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Fri Apr 4 12:56:22 2014 (r44440) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 11 entries and we hope you enjoy reading it.

    + contains 12 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -677,4 +677,48 @@ Test on real hardware. + + + &os;/armv6hf + + + + + Andrew + Turner + + andrew@FreeBSD.org + + + + +

    &os; has been updated to allow it to use the VFP variant of the + ARM EABI ABI. The VFP unit is the ARM hardware to perform + floating-point operations. This changes the ABI to improve the + performance of code that uses floating-point operations. By + default, &os; already uses the ARM EABI on all releases from + 10.0.

    + +

    This is important for users of &os;/arm with an ARMv6 or ARMv7 + SoC and who use code that makes use of floating-point + operations. It removes the need for the slow software + floating-point support in libc. This is mostly + compatible with the existing ABI, with the exception of how + floating-point values are passed into functions. Because no + floating-point values are passed to the kernel, the + armv6 and armv6hf kernels will work with + either userland.

    + +

    As part of this, some support functions have been updated to + use the VFP unit when available. It is intended the existing + armv6 target architecture will be kept for cases where + the SoC lacks a VFP unit, or existing binaries that are + incompatible with the new ABI.

    + + + + Testing. + More testing. + +     From owner-svn-doc-all@FreeBSD.ORG Fri Apr 4 13:26:26 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A73F0DCB; Fri, 4 Apr 2014 13:26:26 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 867C1DB9; Fri, 4 Apr 2014 13:26:26 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s34DQQnQ000491; Fri, 4 Apr 2014 13:26:26 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s34DQQGh000490; Fri, 4 Apr 2014 13:26:26 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404041326.s34DQQGh000490@svn.freebsd.org> From: Gabor Pali Date: Fri, 4 Apr 2014 13:26:26 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44441 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Apr 2014 13:26:26 -0000 Author: pgj Date: Fri Apr 4 13:26:26 2014 New Revision: 44441 URL: http://svnweb.freebsd.org/changeset/doc/44441 Log: - Add 2014Q1 status report on CentOS 6.5-based Linux base Submitted by: Johannes Meixner Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Fri Apr 4 12:56:22 2014 (r44440) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Fri Apr 4 13:26:26 2014 (r44441) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 12 entries and we hope you enjoy reading it.

    + contains 13 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -721,4 +721,58 @@ More testing. + + + Using CentOS 6.5 as Linux base + + + + + Johannes + Meixner + + xmj@chaot.net + + + + + Work in Progress + ports/187786 + + + +

    The current Linux emulation layer relies on using a Linux base + distribution along with Linux ports of relevant non-base + software. Fedora 10 has been imported in 2006, and it shows + — current Linux software like Skype 4, Sublime Text 2, or + even modern games fail to run with the provided libraries.

    + +

    CentOS 6.5 has been released in December 2013 and will be + supported until 2017, thus making it an ideal basis for an + update to the ports infrastructure. Built upon the work of + Carlos Jacobo Puga Medina, all ports using Linux has been + updated to work with either Fedora 10 or CentOS 6.5.

    + +

    The goal of this project is to make CentOS 6.5 the default + Linux distribution, so that &os; users can enjoy running modern + Linux binaries without having to resort to proper virtualization + la VirtualBox, or even dual-booting.

    + + + Goldener Grund O + + + Clean up Mk/bsd.linux-*.mk and fix errors detected + in ports/187786. + + Revert making c6 the default (in the git repository). + Testing. + + Review patches and import into the ports tree (any help + appreciated). + + Make c6 the default (after sufficient testing) within the + ports tree. + +     From owner-svn-doc-all@FreeBSD.ORG Fri Apr 4 14:30:08 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 17510B52; Fri, 4 Apr 2014 14:30:08 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EE1CA649; Fri, 4 Apr 2014 14:30:07 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s34EU7gO026424; Fri, 4 Apr 2014 14:30:07 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s34EU7vU026423; Fri, 4 Apr 2014 14:30:07 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404041430.s34EU7vU026423@svn.freebsd.org> From: Dru Lavigne Date: Fri, 4 Apr 2014 14:30:07 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44442 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Apr 2014 14:30:08 -0000 Author: dru Date: Fri Apr 4 14:30:07 2014 New Revision: 44442 URL: http://svnweb.freebsd.org/changeset/doc/44442 Log: Editorial review of first 1/2 of Kerberos chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Apr 4 13:26:26 2014 (r44441) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Apr 4 14:30:07 2014 (r44442) @@ -303,7 +303,7 @@ time, all network logins should avoid the use of passwords in exchange for this two factor authentication method. For more information see the section of - the handbook. Kerberose users may need to make additional + the handbook. Kerberos users may need to make additional changes to implement OpenSSH in their network. @@ -1050,7 +1050,7 @@ sendmail : PARANOID : deny - <application>Kerberos5</application> + <application>Kerberos</application> TillmanHodgsonContributed @@ -1062,11 +1062,15 @@ sendmail : PARANOID : deny - Kerberos is a network add-on - system/protocol that allows users to authenticate themselves - through the services of a secure server. + Kerberos is a network + authentication protocol which was originally created by the + Massachusetts Institute of Technology + (MIT) as a solution to network security + problems. The Kerberos protocol uses + strong cryptography so that both a client and server can prove + their identity over an insecure network. Kerberos can be described as an - identity-verifying proxy system. It can also be described as a + identity-verifying proxy system and as a trusted third-party authentication system. After a user authenticates with Kerberos, their communications can be encrypted to assure privacy and data @@ -1074,24 +1078,42 @@ sendmail : PARANOID : denyThe only function of Kerberos is to provide the secure authentication of users on the network. - It does not provide authorization functions (what users are - allowed to do) or auditing functions (what those users did). It + It does not provide authorization + or auditing functions. It is recommended that Kerberos be used with other security methods which provide authorization and audit services. + The current version of the protocol is version 5, described + in RFC 1510. Several free + implementations of this protocol are + available, covering a wide range of operating systems. + MIT + continues to develop their Kerberos + package. It is commonly used in the US as + a cryptography product, and has historically been affected by + US export regulations. In &os;, + MIT Kerberos is + available as the security/krb5 package or + port. Heimdal Kerberos + was explicitly developed outside + of the US to avoid export regulations. The + Heimdal Kerberos distribution is + available as the security/heimdal package + or port, and a minimal installation is included in the base + &os; install. + This section provides a guide on how to set up - Kerberos as distributed for &os;. - Refer to the relevant manual pages for more complete - descriptions. + Kerberos using the Heimdal + distribution included in &os;. For purposes of demonstrating a - Kerberos installation, the various + Kerberos installation, the name spaces will be as follows: - The DNS domain (zone) + The DNS domain (zone) will be example.org. @@ -1104,58 +1126,13 @@ sendmail : PARANOID : deny Use real domain names when setting up - Kerberos even if it will run + Kerberos, even if it will run internally. This avoids DNS problems and assures inter-operation with other Kerberos realms. - History - - - Kerberos5 - history - - - Kerberos was created by - MIT as a solution to network security - problems. The Kerberos protocol - uses strong cryptography so that a client can prove its - identity to a server (and vice versa) across an insecure - network connection. - - Kerberos is both the name of a - network authentication protocol and an adjective to describe - programs that implement it, such as - Kerberos telnet. The current - version of the protocol is version 5, described in - RFC 1510. - - Several free implementations of this protocol are - available, covering a wide range of operating systems. The - Massachusetts Institute of Technology - (MIT), where - Kerberos was originally developed, - continues to develop their Kerberos - package. It is commonly used in the US as - a cryptography product, and has historically been affected by - US export regulations. The - MIT Kerberos is - available as the security/krb5 package or - port. Heimdal Kerberos is another - version 5 implementation, and was explicitly developed outside - of the US to avoid export regulations. The - Heimdal Kerberos distribution is - available as a the security/heimdal package - or port, and a minimal installation is included in the base - &os; install. - - These instructions assume the use of the Heimdal - distribution included in &os;. - - - Setting up a Heimdal <acronym>KDC</acronym> @@ -1168,19 +1145,17 @@ sendmail : PARANOID : denyKerberos provides. It is the computer that issues Kerberos tickets. The KDC is considered - trusted by all other computers in the + trusted by all other computers in the Kerberos realm, and thus has heightened security concerns. - While running the Kerberos - server requires very few computing resources, a dedicated + While running a KDC + requires few computing resources, a dedicated machine acting only as a KDC is recommended for security reasons. - To begin setting up a KDC, ensure that - /etc/rc.conf contains the correct - settings to act as a KDC. As required, - adjust paths to reflect the system: + To begin setting up a KDC, add these lines to + /etc/rc.conf: kerberos5_server_enable="YES" kadmind5_server_enable="YES" @@ -1189,132 +1164,131 @@ kadmind5_server_enable="YES" [libdefaults] - default_realm = EXAMPLE.ORG + default_realm = EXAMPLE.ORG [realms] - EXAMPLE.ORG = { - kdc = kerberos.example.org - admin_server = kerberos.example.org + EXAMPLE.ORG = { + kdc = kerberos.example.org + admin_server = kerberos.example.org } [domain_realm] - .example.org = EXAMPLE.ORG + .example.org = EXAMPLE.ORG - This /etc/krb5.conf implies that the + In this example, the KDC will use the fully-qualified hostname kerberos.example.org. Add - a CNAME (alias) entry to the zone file to accomplish this - if the KDC has a different hostname. + a CNAME entry to the DNS zone file + if the KDC has a different hostname than + that specified in /etc/krb5.conf. - For large networks with a properly configured DNS server, the above example could be trimmed to: [libdefaults] - default_realm = EXAMPLE.ORG + default_realm = EXAMPLE.ORG With the following lines being appended to the example.org zone file: - _kerberos._udp IN SRV 01 00 88 kerberos.example.org. -_kerberos._tcp IN SRV 01 00 88 kerberos.example.org. -_kpasswd._udp IN SRV 01 00 464 kerberos.example.org. -_kerberos-adm._tcp IN SRV 01 00 749 kerberos.example.org. -_kerberos IN TXT EXAMPLE.ORG - + _kerberos._udp IN SRV 01 00 88 kerberos.example.org. +_kerberos._tcp IN SRV 01 00 88 kerberos.example.org. +_kpasswd._udp IN SRV 01 00 464 kerberos.example.org. +_kerberos-adm._tcp IN SRV 01 00 749 kerberos.example.org. +_kerberos IN TXT EXAMPLE.ORG - For clients to be able to find the - Kerberos services, it + In order for clients to be able to find the + Kerberos services, the KDC must have either a fully configured /etc/krb5.conf or a minimally configured /etc/krb5.conf - and a properly configured DNS + and a properly configured DNS server. Next, create the Kerberos - database which contains the keys of all principals encrypted + database which contains the keys of all principals (users and hosts) encrypted with a master password. It is not required to remember this password as it will be stored in /var/heimdal/m-key. To create the - master key, run &man.kstash.8; and enter a password. + master key, run kstash and enter a password: + + &prompt.root; kstash +Master key: xxxxxxxx +Verifying password - Master key: xxxxxxxx Once the master key has been created, initialize the database using kadmin -l. This option - instructs &man.kadmin.8; to modify the local database files + instructs kadmin to modify the local database files directly rather than going through the &man.kadmind.8; network service. This handles the chicken-and-egg problem of trying to connect to the database before it is created. At the - &man.kadmin.8; prompt, use init to create - the realm's initial database. + kadmin prompt, use init to create + the realm's initial database: + + &prompt.root; kadmin -l +kadmin> init EXAMPLE.ORG +Realm max ticket life [unlimited]: - Lastly, while still in &man.kadmin.8;, create the first + Lastly, while still in kadmin, create the first principal using add. Stick to the default options for the principal for now, as these can be changed later with modify. Type - ? at the &man.kadmin.8; prompt to see the + ? at the prompt to see the available options. - A sample database creation session is shown below: - - &prompt.root; kstash -Master key: xxxxxxxx -Verifying password - Master key: xxxxxxxx - -&prompt.root; kadmin -l -kadmin> init EXAMPLE.ORG -Realm max ticket life [unlimited]: -kadmin> add tillman + kadmin> add tillman Max ticket life [unlimited]: Max renewable life [unlimited]: Attributes []: -Password: xxxxxxxx -Verifying password - Password: xxxxxxxx +Password: xxxxxxxx +Verifying password - Password: xxxxxxxx - Next, start the KDC services. Run + Next, start the KDC services by running service kerberos start and - service kadmind start to bring up the - services. While there will not be any kerberized daemons + service kadmind start. + While there will not be any kerberized daemons running at this point, it is possible to confirm that the KDC is functioning by obtaining and - listing a ticket for the principal (user) that was just - created from the command-line of the KDC - itself: + listing a ticket for the principal that was just + created from the command-line of the KDC: &prompt.user; kinit tillman tillman@EXAMPLE.ORG's Password: &prompt.user; klist -Credentials cache: FILE:/tmp/krb5cc_500 +Credentials cache: FILE:/tmp/krb5cc_500 Principal: tillman@EXAMPLE.ORG Issued Expires Principal Aug 27 15:37:58 Aug 28 01:37:58 krbtgt/EXAMPLE.ORG@EXAMPLE.ORG - The ticket can then be revoked when finished: + The temporary ticket can be revoked when the test is finished: &prompt.user; kdestroy - <application>Kerberos</application> Enabling a Server - with Heimdal Services + Configuring a Server to use + <application>Kerberos</application> Kerberos5 enabling services - First, copy + To configure a server to use + Kerberos authentication, copy /etc/krb5.conf from the - KDC to the client computer in a secure + KDC to the server in a secure fashion, such as &man.scp.1;, or physically via removable media. - Next, create /etc/krb5.keytab. + Next, create /etc/krb5.keytab on the + server. This is the major difference between a server providing Kerberos enabled daemons and a workstation: the server must have a @@ -1323,20 +1297,18 @@ Aug 27 15:37:58 Aug 28 01:37:58 krbtgt KDC to verify each others identity. It must be transmitted to the server in a secure fashion, as the security of the server can be broken if the key is made - public. - - Typically, the keytab is transferred - to the server using &man.kadmin.8;. This is handy because the + public. Typically, the keytab is transferred + to the server using kadmin. This is handy because the host principal, the KDC end of the krb5.keytab, is also created using - &man.kadmin.8;. + kadmin. - A ticket must already be obtained and this ticket must be - allowed to use the &man.kadmin.8; interface in the + A ticket must first be obtained and this ticket must be + allowed to use the kadmin interface in the kadmind.acl. See the section titled - Remote administration ininfo + Remote administration in info heimdal for details on designing access control - lists. Instead of enabling remote &man.kadmin.8; access, the + lists. Instead of enabling remote kadmin access, the administrator can securely connect to the KDC via the local console or &man.ssh.1;, and perform administration locally using @@ -1346,15 +1318,14 @@ Aug 27 15:37:58 Aug 28 01:37:58 krbtgt use add --random-key from the Kerberos server. This adds the server's host principal. Then, use ext - to extract the server's host principal to its own keytab. For - example: + to extract the server's host principal to its own keytab: &prompt.root; kadmin kadmin> add --random-key host/myserver.example.org Max ticket life [unlimited]: Max renewable life [unlimited]: Attributes []: -kadmin> ext host/myserver.example.org +kadmin> ext host/myserver.example.org kadmin> exit Note that ext stores the extracted key @@ -1362,15 +1333,14 @@ kadmin> exitIf &man.kadmind.8; is not running on the KDC and there is no access to - &man.kadmin.8; remotely, add the host principal (host/myserver.EXAMPLE.ORG) + &man.kadmin.8; remotely, add the server's host principal directly on the KDC and then extract it to a temporary file to avoid overwriting the /etc/krb5.keytab on the - KDC, using something like this: + KDC: &prompt.root; kadmin -kadmin> ext --keytab=/tmp/example.keytab host/myserver.example.org +kadmin> ext --keytab=/tmp/example.keytab host/myserver.example.org kadmin> exit The keytab can then be securely copied to the server From owner-svn-doc-all@FreeBSD.ORG Fri Apr 4 15:21:37 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 78AB8449; Fri, 4 Apr 2014 15:21:37 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5AD01C2B; Fri, 4 Apr 2014 15:21:37 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s34FLbE9051561; Fri, 4 Apr 2014 15:21:37 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s34FLb5f051560; Fri, 4 Apr 2014 15:21:37 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404041521.s34FLb5f051560@svn.freebsd.org> From: Dru Lavigne Date: Fri, 4 Apr 2014 15:21:37 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44444 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Apr 2014 15:21:37 -0000 Author: dru Date: Fri Apr 4 15:21:36 2014 New Revision: 44444 URL: http://svnweb.freebsd.org/changeset/doc/44444 Log: Finish editorial review of Kerberos chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Apr 4 15:16:08 2014 (r44443) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Apr 4 15:21:36 2014 (r44444) @@ -1366,23 +1366,24 @@ kadmin> exit - <application>Kerberos</application> Enabling a Client - with Heimdal + Configuring a Client to use + <application>Kerberos</application> Kerberos5 configure clients - Setting up a client computer is easy as only - /etc/krb5.conf is needed. Securely copy - this file over to the client computer from the + To configure a client to use + Kerberos, securely copy + /etc/krb5.conf + to the client computer from the KDC. - Test the client by attempting to use &man.kinit.1;, - &man.klist.1;, and &man.kdestroy.1; from the client to obtain, - show, and then delete a ticket for the principal created - above. Kerberos applications + Test the client by using kinit, + klist, and kdestroy from the client to obtain, + show, and then delete an existing ticket for the principal. + Kerberos applications should also be able to connect to Kerberos enabled servers. If that does not work but obtaining a ticket does, the problem is @@ -1390,26 +1391,21 @@ kadmin> exitKDC. When testing a Kerberized application, try using a packet - sniffer such as &man.tcpdump.1; to confirm that the password + sniffer such as tcpdump to confirm that the password is not sent in the clear. - Various non-core Kerberos - client applications are available. The minimal - installation in &os; installs &man.telnetd.8; as the only - Kerberos enabled service. - - The Heimdal port installs + Various Kerberos + client applications are available. + &os; installs telnetd as the only + Kerberos enabled service. The + Heimdal package or port installs Kerberos enabled versions of - &man.ftpd.8;, &man.rshd.8;, &man.rcp.1;, &man.rlogind.8;, and + ftpd, rshd, + rcp, rlogind, and a few other less common programs. The MIT - port also contains a full suite of + port contains a full suite of Kerberos client applications. - - - - User Configuration Files: <filename>.k5login</filename> - and <filename>.k5users</filename> .k5login @@ -1433,7 +1429,7 @@ kadmin> exitThe .k5login and .k5users files, placed in a user's home directory, can be used to solve this problem. For example, if - .k5login with the following contents is + the following .k5login is placed in the home directory of webdevelopers, both principals listed will have access to that account without requiring a @@ -1447,15 +1443,63 @@ jdoe@example.org + <acronym>MIT</acronym> Differences + + The major difference between the MIT and + Heimdal implementations is that kadmin has a different, but + equivalent, set of commands and uses a different protocol. + If the KDC is MIT, the + Heimdal version of kadmin cannot be used to administer + the KDC remotely, and vice versa. + + Client applications may also use slightly different + command line options to accomplish the same tasks. + Following the instructions at + Kerberos http://web.mit.edu/Kerberos/www/ + is recommended. Be careful of path issues: the + MIT port installs into + /usr/local/ by default, and the + &os; system applications run instead of the + MIT versions if PATH lists + the system directories first. + + + With the &os; MIT + security/krb5 port, be sure to read + /usr/local/share/doc/krb5/README.FreeBSD + installed by the port to understand why logins via + telnetd and klogind behave + somewhat oddly. Correcting the incorrect permissions + on cache file behavior requires that the + login.krb5 binary be used for + authentication so that it can properly change ownership for + the forwarded credentials. + + + The following edits should also be made to + rc.conf: + + kerberos5_server="/usr/local/sbin/krb5kdc" +kadmind5_server="/usr/local/sbin/kadmind" +kerberos5_server_flags="" +kerberos5_server_enable="YES" +kadmind5_server_enable="YES" + + + <application>Kerberos</application> Tips, Tricks, and Troubleshooting + When configuring and troubleshooting + Kerberos, keep the following points + in mind: + - When using either the Heimdal or + When using either Heimdal or MIT - KerberosKerberos5troubleshooting - ports, ensure that the PATH lists the + Kerberos, ensure that the PATH lists the Kerberos versions of the client applications before the system versions. @@ -1468,12 +1512,6 @@ jdoe@example.org - MIT and Heimdal interoperate - except for &man.kadmin.8;, which is not - standardized. - - - If the hostname is changed, the host/ principal must be changed and the keytab updated. This also applies to @@ -1485,7 +1523,7 @@ jdoe@example.org All hosts in the realm must be both forward and reverse resolvable in DNS or, at a - minimum, in /etc/hosts. CNAMEs + minimum, exist in /etc/hosts. CNAMEs will work, but the A and PTR records must be correct and in place. The error message for unresolvable hosts is not intuitive: Kerberos5 refuses authentication @@ -1496,31 +1534,30 @@ jdoe@example.org Some operating systems that act as clients to the KDC do not set the permissions for - &man.ksu.1; to be setuid ksu to be setuid root. This means that - &man.ksu.1; does not work. This is not a + ksu does not work. This is a permissions problem, not a KDC error. With MIT - Kerberos, in order to allow a + Kerberos, to allow a principal to have a ticket life longer than the default ten hours, use modify_principal at the - &man.kadmin.8; prompt to change the maxlife of both the + &man.kadmin.8; prompt to change the maxlife of both the principal in question and the krbtgt principal. Then - the principal can use kinit -l to + class="username">krbtgt principal. The + principal can then use kinit -l to request a ticket with a longer lifetime. - When running a packet sniffer on the KDC to aid in troubleshooting while - running &man.kinit.1; from a workstation, the Ticket + running kinit from a workstation, the Ticket Granting Ticket (TGT) is sent - immediately upon running &man.kinit.1;, even before the + immediately, even before the password is typed. This is because the Kerberos server freely transmits a TGT to any unauthorized @@ -1528,7 +1565,7 @@ jdoe@example.org encrypted in a key derived from the user's password. When a user types their password, it is not sent to the KDC, it is instead used to decrypt - the TGT that &man.kinit.1; already + the TGT that kinit already obtained. If the decryption process results in a valid ticket with a valid time stamp, the user has valid Kerberos credentials. @@ -1541,17 +1578,16 @@ jdoe@example.org This second layer of encryption allows the Kerberos server to verify the authenticity of each TGT. - - To use long ticket lifetimes, such as a week, when + To use long ticket lifetimes when using OpenSSH to connect to the machine where the ticket is stored, make sure that Kerberos is set to no in - sshd_config or else tickets will be + /etc/ssh/sshd_config. Otherwise, tickets will be deleted at log out. @@ -1578,106 +1614,45 @@ jdoe@example.org - Differences with the <acronym>MIT</acronym> - Port - - The major difference between MIT and - Heimdal relates to &man.kadmin.8; which has a different, but - equivalent, set of commands and uses a different protocol. - If the KDC is MIT, the - Heimdal version of &man.kadmin.8; cannot be used to administer - the KDC remotely, and vice versa. - - The client applications may also use slightly different - command line options to accomplish the same tasks. - Following the instructions on the MIT - Kerberos web - site is recommended. Be careful of path issues: the - MIT port installs into - /usr/local/ by default, and the - normal system applications run instead of - MIT versions if PATH lists - the system directories first. - - - With the &os; MIT - security/krb5 port, be sure to read - /usr/local/share/doc/krb5/README.FreeBSD - installed by the port to understand why logins via - &man.telnetd.8; and klogind behave - somewhat oddly. Correcting the incorrect permissions - on cache file behavior requires that the - login.krb5 binary be used for - authentication so that it can properly change ownership for - the forwarded credentials. - - - The following edits should also be made to - rc.conf: - - kerberos5_server="/usr/local/sbin/krb5kdc" -kadmind5_server="/usr/local/sbin/kadmind" -kerberos5_server_flags="" -kerberos5_server_enable="YES" -kadmind5_server_enable="YES" - - This is done because the applications for - MIT Kerberos installs binaries in the - /usr/local hierarchy. - - - - Mitigating Limitations Found in - <application>Kerberos</application> + Mitigating <application>Kerberos</application> Limitations Kerberos5 limitations and shortcomings - - <application>Kerberos</application> is an All or - Nothing Approach - - Every service enabled on the network must be modified - to work with Kerberos, or be - otherwise secured against network attacks, or else the - user's credentials could be stolen and re-used. An example - of this would be Kerberos - enabling all remote shells but not converting the - POP3 mail server which sends passwords in + Since Kerberos is an all or + nothing approach, every service enabled on the network must either be modified + to work with Kerberos or be + otherwise secured against network attacks. This is to prevent + user credentials from being stolen and re-used. An example is when + Kerberos is + enabled on all remote shells but the non-Kerberized + POP3 mail server sends passwords in plain text. - - - - <application>Kerberos</application> is Intended for - Single-User Workstations - In a multi-user environment, - Kerberos is less secure. This is - because it stores the tickets in /tmp, + Kerberos is intended for + single-user workstations. In a multi-user environment, + Kerberos is less secure as it + stores the tickets in /tmp, which is readable by all users. If a user is sharing a - computer with other users, it is possible that the user's + computer, it is possible that the user's tickets can be stolen or copied by another user. - This can be overcome with the -c - command-line option or, preferably, the + This can be overcome with kinit -c + or, preferably, the KRB5CCNAME environment variable. Storing the ticket in the user's home directory and using file permissions are commonly used to mitigate this problem. - - - The KDC is a Single Point of Failure - - By design, the KDC must be as secure + The KDC is a single point of failure. By design, the + KDC must be as secure as its master password database. The KDC should have absolutely no other services running on it and should be physically secure. The danger is high because Kerberos stores all passwords - encrypted with the same master key which is + encrypted with the same master key which is stored as a file on the KDC. A compromised master key is not quite as bad as one @@ -1687,56 +1662,49 @@ kadmind5_server_enable="YES"KDC is secure, an attacker cannot do much with the master key. - Additionally, if the KDC is + If the KDC is unavailable, network services are unusable as authentication cannot be performed. This can be alleviated with a single master KDC and one or more slaves, and with careful implementation of secondary or fall-back authentication using PAM. - - - - <application>Kerberos</application> - Shortcomings Kerberos allows users, hosts and services to authenticate between themselves. It does not have a mechanism to authenticate the - KDC to the users, hosts or services. - This means that a trojanned &man.kinit.1; could record all + KDC to the users, hosts, or services. + This means that a trojanned kinit could record all user names and passwords. File system integrity checking tools like security/tripwire can alleviate this. - - Access Issues with Kerberos and &man.ssh.1; + Access Issues with Kerberos and <command>ssh</command> &man.ssh.1; - There are a few issues with both Kerberos and &man.ssh.1; - that need to be addressed if they are used. Kerberos is an + Kerberos is an excellent authentication protocol, but there are bugs in the - kerberized versions of &man.telnet.1; and &man.rlogin.1; that + kerberized versions of telnet and rlogin that make them unsuitable for dealing with binary streams. By default, Kerberos does not encrypt a session unless - is used whereas &man.ssh.1; encrypts + is used, whereas ssh encrypts everything. - While &man.ssh.1; works well, it forwards encryption keys + While ssh works well, it forwards encryption keys by default. This introduces a security risk to a user who - uses &man.ssh.1; to access an insecure machine from a secure + uses ssh to access an insecure machine from a secure workstation. The keys themselves are not exposed, but - &man.ssh.1; installs a forwarding port for the duration of the + ssh installs a forwarding port for the duration of the login. If an attacker has broken root on the insecure machine, he can utilize that port to gain access to any other machine that those keys unlock. - It is recommended that &man.ssh.1; is used in combination - with Kerberos whenever possible for staff logins and - &man.ssh.1; can be compiled with Kerberos support. This + It is recommended that ssh is used in combination + with Kerberos whenever possible for staff logins as it + can be compiled with Kerberos support. This reduces reliance on potentially exposed SSH keys while protecting passwords via Kerberos. Keys should only be used for automated tasks from secure machines as this From owner-svn-doc-all@FreeBSD.ORG Fri Apr 4 15:16:08 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E82851B0; Fri, 4 Apr 2014 15:16:08 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D35DEB74; Fri, 4 Apr 2014 15:16:08 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s34FG8iS048127; Fri, 4 Apr 2014 15:16:08 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s34FG8O5048126; Fri, 4 Apr 2014 15:16:08 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201404041516.s34FG8O5048126@svn.freebsd.org> From: Remko Lodder Date: Fri, 4 Apr 2014 15:16:08 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44443 - translations/nl_NL.ISO8859-1/books/handbook/security X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Fri, 04 Apr 2014 15:27:28 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Apr 2014 15:16:09 -0000 Author: remko Date: Fri Apr 4 15:16:08 2014 New Revision: 44443 URL: http://svnweb.freebsd.org/changeset/doc/44443 Log: Update my today's work in progress. Facilitated by: Snow B.V. Modified: translations/nl_NL.ISO8859-1/books/handbook/security/chapter.xml Modified: translations/nl_NL.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- translations/nl_NL.ISO8859-1/books/handbook/security/chapter.xml Fri Apr 4 14:30:07 2014 (r44442) +++ translations/nl_NL.ISO8859-1/books/handbook/security/chapter.xml Fri Apr 4 15:16:08 2014 (r44443) @@ -895,35 +895,36 @@ maken om toegang te krijgen tot alle machines waar de sleutels van de gebruiker toegang toe geven. - - - Het advies is ssh in combinatie met Kerberos te gebruiken - voor het aanmelden door medewerkers wanneer dat ook maar - mogelijk is. Ssh kan gecompileerd - worden met Kerberos-ondersteuning. Dit vermindert de kans op - blootstelling van ssh-sleutels en beschermt tegelijkertijd - de wachtwoorden met Kerberos. Ssh-sleutels zouden alleen - gebruikt moeten worden voor geautomatiseerde taken vanaf - veilige machines (iets waar Kerberos ongeschikt voor is). Het - advies is om het doorsturen van sleutels uit te schakelen in de - ssh-instellingen of om de from=IP/DOMAIN - optie te gebruiken die ssh in staat stelt het bestand - authorized_keys te gebruiken om de - sleutel alleen bruikbaar te maken voor entiteiten die zich - aanmelden vanaf vooraf aangewezen machines. + Het advies is &man.ssh.1; in combinatie met Kerberos te + gebruiken voor het aanmelden door medewerkers wanneer dat ook + maar mogelijk is, &man.ssh.1; kan gecompileerd worden met + Kerberos-ondersteuning. Dit vermindert de kans op + blootstelling van SSH-sleutels en beschermt + tegelijkertijd de wachtwoorden met Kerberos. Sleutels zouden + alleen gebruikt moeten worden voor geautomatiseerde taken vanaf + veilige machines, iets waar Kerberos niet geschikt voor is. + Het advies is om ofwel het doorsturen van sleutels uit te + schakelen in de SSH-instellingen ofwel om + de from=IP/DOMAIN optie welke ingesteld kan + worden in het bestand authorized_keys, + zodat de sleutels alleen bruikbaar zijn voor entiteiten die + zich aanmelden vanaf de specicifieke machines. DES, Blowfish, MD5, SHA256, SHA512 en crypt - BillSwingleDelen geschreven en herschreven door + + + Bill + Swingle + + Delen geschreven en herschreven door + - - - beveiliging @@ -943,68 +944,55 @@ SHA512 Iedere gebruiker op een &unix; systeem heeft een wachtwoord - bij zijn account. Het lijkt voor de hand liggend dat deze - wachtwoorden alleen bekend horen te zijn bij de gebruiker en het - eigenlijke besturingssysteem. Om deze wachtwoorden geheim te - houden, zijn ze gecodeerd in een eenweg hash - (one-way hash), wat betekent dat ze eenvoudig - gecodeerd kunnen worden maar niet gedecodeerd. Met andere - woorden, wat net gesteld werd is helemaal niet waar: het - besturingssysteem kent het echte wachtwoord - niet. De enige manier om een wachtwoord in platte - tekst te verkrijgen, is door er met brute kracht naar + bij zijn account. Om deze wachtwoorden geheim te houden, worden + ze gedoceerd met een eenweg hash, hiermee kunnen + ze eenvoudig gecodeerd worden maar niet gedecodeerd. Het + besturingssysteem zelf kent het wachtwoord zelf niet. Het is + alleen op de hoogte van het gecodeerde + wachtwoord. De enige manier om een wachtwoord in platte + tekst te verkrijgen is door er met brute kracht naar te zoeken in alle mogelijke wachtwoorden. - Helaas was DES, de Data Encryption Standard, de enige - manier om wachtwoorden veilig te coderen toen &unix; ontstond. - Dit was geen probleem voor gebruikers in de VS, maar omdat - de broncode van DES niet gexporteerd mocht worden moest - &os; een manier vinden om zowel te gehoorzamen aan de wetten van - de Verenigde Staten als aansluiting te houden bij alle andere varianten - van &unix; die nog steeds DES gebruikten. - - De oplossing werd gevonden in het splitsen van de - coderingsbibliotheken zodat gebruikers in de Verenigde Staten de - DES-bibliotheken konden installeren en gebruiken en internationale - gebruikers een coderingsmethode konden gebruiken die - gexporteerd mocht worden. Zo is het gekomen dat &os; MD5 - is gaan gebruiken als coderingsmethode. Van MD5 wordt aangenomen - dat het veiliger is dan DES, dus de mogelijkheid om DES te - installeren is vooral beschikbaar om aansluiting te kunnen + Van oorsprong was de enige veilige methode om wachtwoorden + te coderen binnen &unix; gebaseerd op de Data Encryption Standard + (DES). Omdat de broncode van + DES niet gexporteerd kon worden buiten de + VS, moest &os; een manier vinden om zowel te voldoen aan de + wetten van de VS maar ook compatibel te blijven met andere + &unix; varianten, welke DES gebruikten. + Het antwoord hierop was MD5, waarbij aangenomen werd dat deze + veiliger is dan DES. houden. Het crypt-mechanisme herkennen - Op dit moment ondersteunt de bibliotheek DES, MD5, Blowfish, - SHA256 en SHA512 hashfuncties. Standaard gebruikt &os; 9.1 en - nieuwer SHA512 om wachtwoorden te coderen. Oudere versies gebruiken - standaard MD5. - - Het is vrij makkelijk om uit te vinden welke - coderingsmethode &os; op een bepaald moment gebruikt. De - gecodeerde wachtwoorden in - /etc/master.passwd bekijken is een manier. - Wachtwoorden die gecodeerd zijn met MD5 zijn langer dan wanneer - ze gecodeerd zijn met DES-hash. Daarnaast beginnen ze met de - karakters $1$. Wachtwoorden - die beginnen met $2a$ zijn - gecodeerd met de Blowfish hashfunctie. DES-wachtwoordstrings - hebben geen bijzondere kenmerken, maar ze zijn korter dan MD5 - wachtwoorden en gecodeerd in een 64-karakter alfabet waar geen - $ karakter in zit. Een relatief korte - string die niet begint met een dollar teken is dus - waarschijnlijk een DES-wachtwoord. Zowel SHA256 als SHA512 beginnen - met de tekens $6$. - + Op dit moment ondersteunt de bibliotheek + DES, MD5, Blowfish, SHA256 en SHA512 + hashfuncties. Om te kunnen bepalen welke encryptie methode + &os; gebruikt moeten de gecodeerde wachtworden in + /etc/master.passwd bekeken worden. + Wachtwoorden versleuteld met de MD5 hash zijn langer dan + wanneer ze gecodeerd zijn met de DES hash + en begint met de karakters $1$. + Wachtwoorden die beginnen met de karakters + $2$ zijn gecodeerd met de + Blowfish hashfunctie. DES wachtwoordstrings + hebben geen specifiek identificeerbare karakteristieken, maar + deze zijn korter dan MD5 wachtwoorden en zijn gedoceerd in een + 64-karakter alfabet waar het $ karakter geen onderdeel + van is, dus een relatief korte string welke niet begint met een + dollar teken is vrijwel zeker een DES + wachtwoord. Zowel SHA256 als SHA512 beginnen met de karakters + $6$. + Het wachtwoordformaat voor nieuwe wachtwoorden wordt ingesteld met de passwd_format aanmeldinstelling in /etc/login.conf waar des, md5, blf, sha256 of - sha512 in mag staan. Zie de &man.login.conf.5; - handleiding voor meer informatie over - aanmeldinstellingen. + sha512 in mag staan. Zie &man.login.conf.5; + voor meer informatie over aanmeldinstellingen. @@ -1019,93 +1007,85 @@ eenmalige wachtwoorden - Standaard biedt &os; ondersteuning voor OPIE (Eenmalige - Wachtwoorden in Alles - One-time Passwords In - Everything), wat standaard een MD5-hash gebruikt. - - Hier worden drie verschillende soorten wachtwoorden - besproken. De eerste is het normale &unix; of Kerberos - wachtwoord. Dit heet het &unix; wachtwoord. Het - tweede type is een eenmalig wachtwoord dat wordt gemaakt met het - OPIE-programma &man.opiekey.1; en dat wordt geaccepteerd door - &man.opiepasswd.1; en de aanmeldprocedure. Dit heet het - eenmalige wachtwoord. Het laatste type wachtwoord - is het wachtwoord dat wordt opgegeven aan het programma - opiekey (en soms aan het programma - opiepasswd) dat gebruikt wordt om eenmalige - wachtwoorden te maken. Dit type heet geheim - wachtwoord of gewoon een wachtwoord zonder - toevoeging. + Standaard biedt &os; ondersteuning voor Eenmalige + Wachtwoorden in Alles OPIE wat standaard een + MD5-hash gebruikt. + + Er zijn drie verschillende soorten wachtwoorden. De eerste + is het &unix; of Kerberos wachtwoord. De tweede is het + eenmalige wachtwoord, welke gegeneerd wordt door &man.opiekey.1; + en geaccepteerd wordt door &man.opiepasswd.1; en de login prompt. + Het laatste type wachtwoord is het geheime wachtwoord + welke gebruikt wordt door &man.opiekey.1; en soms + &man.opiepasswd.1; om eenmalige wachtwoorden te genereren. Het geheime wachtwoord heeft niets te maken met het &unix; - wachtwoord; ze kunnen hetzelfde zijn, dat wordt afgeraden. - OPIE geheime wachtwoorden kennen niet de beperking van 8 - karakters zoals de oude &unix; wachtwoorden. + wachtwoord. Ze kunnen hetzelfde zijn, dat wordt afgeraden. + OPIE geheime wachtwoorden kennen niet de + beperking van 8 karakters zoals de oude &unix; wachtwoorden. Bij &os; mag het wachtwoord voor aanmelden tot 128 karakters lang zijn. - Ze mogen onbeperkt lang zijn. Wachtwoorden van een zes of zeven - woorden lange zin zijn niet ongewoon. Voor het overgrote deel - werkt het OPIE-systeem volledig onafhankelijk van het &unix; - wachtwoordsysteem. + Wachtwoorden van een zes of zeven woorden lange zin zijn niet + ongewoon. Voor het overgrote deel werkt het + OPIE-systeem volledig onafhankelijk van het + &unix; wachtwoordsysteem. Buiten het wachtwoord zijn er nog twee stukjes gegevens die - van belang zijn voor OPIE. Het eerste wordt zaad - (seed) of sleutel + van belang zijn voor OPIE. Het eerste wordt + zaad (seed) of sleutel (key) genoemd en bestaat uit twee letters en vijf cijfers. Het tweede stukje gegevens heet de - iteratieteller, een nummer tussen 1 en 100. OPIE - maakt een eenmalig wachtwoord door het zaad en het geheime - wachtwoord aaneen te schakelen en daarop het door de - iteratieteller aangegeven keren MD5-hash toe te passen. Daarna - wordt het resultaat omgezet in zes korte Engelse woorden. Deze - zes woorden zijn een eenmalige wachtwoord. Het - autenticatiesysteem (hoofdzakelijk PAM) houdt bij welk + iteratieteller, een nummer tussen 1 en 100. + OPIE maakt een eenmalig wachtwoord door het + zaad en het geheime wachtwoord aaneen te schakelen en daarop het + door de iteratieteller aangegeven keren MD5-hash toe te passen. + Daarna wordt het resultaat omgezet in zes korte Engelse woorden. + Deze zes woorden zijn een eenmalige wachtwoord. Het + authenticatiesysteem (hoofdzakelijk PAM) houdt bij welk eenmalig wachtwoord het laatst is gebruikt en de gebruiker wordt - geautenticeerd als de hash van het door de gebruiker ingegeven + geauthenticeerd als de hash van het door de gebruiker ingegeven wachtwoord gelijk is aan het vorige wachtwoord. Omdat er een eenweg hash wordt gebruikt, is het onmogelijk om toekomstige eenmalige wachtwoorden te maken als iemand toch een eenmalig wachtwoord heeft afgevangen. De iteratieteller wordt verlaagd na iedere succesvolle aanmelding om de gebruiker en het aanmeldprogramma synchroon te houden. Als de iteratieteller op 1 - staat, moet OPIE opnieuw ingesteld worden. + staat, moet OPIE opnieuw ingesteld worden. - Er zijn enkele programma's bij ieder systeem betrokken die - hieronder worden besproken. Het programma - opiekey heeft een iteratieteller, - zaad en een geheim wachtwoord nodig en maakt dan een eenmalig - wachtwoord of een lijst van opeenvolgende eenmalige wachtwoorden. - Het programma opiepasswd wordt gebruikt om OPIE - te initialiseren en om wachtwoorden, iteratietellers en zaad te - wijzigen. Het accepteert zowel wachtwoordzinnen als een - iteratieteller, zaad en een eenmalig wachtwoord. Het programma - opieinfo bekijkt de relevante bestanden waarin - de eigenschappen staan (/etc/opiekeys) en - toont de huidige iteratieteller en zaad van de gebruiker die het + Er zijn enkele programma's betrokken bij dit proces. + &man.opiekey.1; accepteert een iteratieteller, een zaad en een + geheim wachtwoord, genereert een eenmalig wachtwoord, of een + lijst met eenmalige wachtwoorden. Naast het initialiseren van + OPIE wordt &man.opiekey.1; gebruikt om + wachtwoorden, iteratietellers en zaden te wijzigen. Deze + accepteert een geheime wachtwoordzin, een iteratieteller, + een zaad en een eenmalig wachtwoord. De relevante bestanden + met eigenschappen staan in /etc/opiekeys + en kunnen worden bekeken door &man.opieinfo.1;, en toont de + huidige iteratieteller en zaad, van de gebruiker die het commando uitvoert. - Nu worden vier verschillende acties besproken. Bij de eerste - wordt opiepasswd gebruikt in een beveiligde - verbinding om voor het eerst eenmalige wachtwoorden in te stellen - of om een wachtwoord of zaad aan te passen. Bij de tweede wordt - opiepasswd gebruikt over een onbeveiligde - verbinding samen met opiekey over een - beveiligde verbinding om hetzelfde te bereiken. In een derde - scenario wordt opiekey gebruikt om aan te - melden over een onveilige verbinding. Het vierde - scenario behandelt het gebruik van opiekey om - een aantal sleutels aan te maken die opgeschreven of afgedrukt - kunnen worden, zodat ze meegenomen kunnen worden naar een plaats - van waar geen enkele veilige verbinding opgezet kan worden. + Er zijn vier soorten acties. De eerste is het gebruik van + &man.opiepasswd.1; over een beveiligde verbinding om eenmalige + wachtwoorden voor de eerste keer in te stellen, of om een + wachtwoord of zaad te wijzigen. De tweede is het gebruik van + &man.opiepasswd.1; over een onveilige verbinding, in combinatie + met &man.opiekey.1; over een veilige verbinding om hetzelfde te + kunnen doen. De derde is het gebruik van &man.opiekey.1; om in + te loggen over een onveilige verbinding. En de vierde is het + gebruik van &man.opiekey.1; om een aantal sleutels te genereren + welke opgeschreven kunnen worden of uitgeprint om mee te nemen + naar onveilige locaties om zodoende overal een verbinding naar te + kunnen maken. Veilige verbinding initialiseren - Gebruik het commando opiepasswd om OPIE - voor de eerste keer te initialiseren: + Om OPIE voor de eerste keer te + initialiseren moet &man.opiepasswd.1; worden uitgevoerd: &prompt.user; opiepasswd -c [grimreaper] ~ $ opiepasswd -f -c @@ -1123,16 +1103,16 @@ MOS MALL GOAT ARM AVID COED Als Enter new secret pass phrase: of Enter secret password: op het scherm verschijnt, dient een wachtwoord of wachtwoordzin ingevoerd te - worden. Dit is dus niet het aanmeldwachtwoord is, maar dit - wordt gebruikt om eenmalige wachtwoorden te maken. De + worden. Dit is niet het aanmeldwachtwoord, maar dit wachtwoord + wordt gebruikt om eenmalige wachtwoorden aan te maken. De ID regel geeft de parameters van het verzoek weer: de aanmeldnaam, de iteratieteller en zaad. Bij het aanmelden kent het systeem deze parameters en worden deze weergegeven zodat ze niet onthouden hoeven te worden. Op de laatste regel staat het eenmalige wachtwoord dat overeenkomt met - die parameters en het geheime wachtwoord. Als de gebruiker - direct opnieuw zou aanmelden, zou hij dat eenmalige wachtwoord - moeten gebruiken. + die parameters en het geheime wachtwoord. Bij de volgende + keer aanmelden, is dit het eenmalige wachtwoord wat gebruikt + moet worden. @@ -1140,13 +1120,13 @@ MOS MALL GOAT ARM AVID COED Om een wachtwoord te initialiseren of te wijzigen over een onveilige verbinding, moet er al ergens een veilige verbinding - bestaan waar de gebruiker opiekey kan - uitvoeren. Dit kan een shellprompt zijn op een machine die - vertrouwd wordt. De gebruiker moet ook een iteratieteller + bestaan waar &man.opiekey.1; uitgevoerd kan worden. Dit kan + een shellprompt zijn op een machine die vertrouwd wordt. De + gebruiker moet ook een iteratieteller verzinnen (100 is wellicht een prima getal) en een eigen zaad bedenken of er een laten fabriceren. Over de onveilige - verbinding (naar de machine die de gebruiker wil initialiseren) - wordt het commando opiepasswd gebruikt: + verbinding, moet op de machine die geinitialiseerd wordt + &man.opiepasswd.;1 gebruikt worden: &prompt.user; opiepasswd @@ -1180,8 +1160,8 @@ GAME GAG WELT OUT DOWN CHAT Een enkel eenmalig wachtwoord maken - Als OPIE eenmaal is ingesteld staat er bij het - aanmelden iets als het volgende: + Als OPIE eenmaal is ingesteld staat er + bij het aanmelden iets als het volgende: &prompt.user; telnet example.com Trying 10.0.0.1... @@ -1194,12 +1174,11 @@ login: <gebruikersnaam> otp-md5 498 gr4269 ext Password: - NB: de OPIE-prompt heeft een handige optie (die hier niet te - zien is): als er op Return wordt gedrukt bij de - wachtwoordregel, wordt de echo aangezet, zodat de invoer - zichtbaar is. Dit is erg handig als er met de hand een - wachtwoord wordt ingegeven, zoals wanneer het wordt ingevoerd - vanaf een afdruk. + De OPIE prompts hebben een handige optie. + Als er op Return wordt gedrukt bij de + wachtwoordregel, wordt echo aangezet en is de invoer zichtbaar. + Dit kan handig zijn als er wachtwoord ingegeven wordt die + overgetypt wordt vanaf een uitgeprinte lijst. MS-DOS @@ -1209,12 +1188,11 @@ Password: Nu moet het eenmalige wachtwoord gemaakt worden om het aanmeldprompt mee te antwoorden. Dit moet gedaan worden op een - vertrouwd systeem waarop opiekey beschikbaar - is. Er zijn ook versies voor &ms-dos;, &windows; en &macos;. - Voor het commando moet zowel de iteratieteller als het zaad - ingeven worden op de commandoregel. Deze kan zo overgenomen - worden vanaf het aanmeldprompt op de machine waarop de gebruiker - zich wil aanmelden. + vertrouwd systeem waarop het veilig is om &man.opiekey.1; uit + te voeren. Er zijn ook versies voor &windows; en &macos; en + &os; Dit commando heeft de iteratieteller en het zaad nodig + als opties op de commandoregel. Gebruik knippen-en-plakken + vanaf de login prompt op de machine waarop aangemeld wordt. Op het vertrouwde systeem: From owner-svn-doc-all@FreeBSD.ORG Fri Apr 4 15:48:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 51D44C22; Fri, 4 Apr 2014 15:48:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3CCD1E6B; Fri, 4 Apr 2014 15:48:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s34FmAiV060794; Fri, 4 Apr 2014 15:48:10 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s34FmAal060793; Fri, 4 Apr 2014 15:48:10 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404041548.s34FmAal060793@svn.freebsd.org> From: Dru Lavigne Date: Fri, 4 Apr 2014 15:48:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44445 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Apr 2014 15:48:10 -0000 Author: dru Date: Fri Apr 4 15:48:09 2014 New Revision: 44445 URL: http://svnweb.freebsd.org/changeset/doc/44445 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Apr 4 15:21:36 2014 (r44444) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Apr 4 15:48:09 2014 (r44445) @@ -24,15 +24,14 @@ Synopsis - Security, whether physical or virtual, is a topic - so broad that an entire industry has grown up around it. - Hundreds of standard practices have been authored about - how to secure systems and networks, and as a user of &os;, - understanding how to protect against attacks and intruders - is a must. + Security, whether physical or virtual, is a topic so broad + that an entire industry has grown up around it. Hundreds of + standard practices have been authored about how to secure + systems and networks, and as a user of &os;, understanding how + to protect against attacks and intruders is a must. - In this chapter, several fundamentals and techniques will - be discussed. The &os; system comes with multiple layers of + In this chapter, several fundamentals and techniques will be + discussed. The &os; system comes with multiple layers of security, and many more third party utilities may be added to enhance security. @@ -76,9 +75,9 @@ - How to use portaudit to - audit third party software packages installed from the - Ports Collection. + How to use portaudit to audit + third party software packages installed from the Ports + Collection. @@ -91,8 +90,8 @@ - Understand the resource limits database and - how to utilize it to control user resources. + Understand the resource limits database and how to + utilize it to control user resources. @@ -121,11 +120,11 @@ integrity, and availability of information systems. The CIA triad is a bedrock concept of - computer security, customers and end users expect privacy - of their data. They expect orders they place to not be changed - or their information altered behind the scenes. They also - expect access to information at all times. Together they make - up the confidentiality, integrity, and availability of the + computer security, customers and end users expect privacy of + their data. They expect orders they place to not be changed or + their information altered behind the scenes. They also expect + access to information at all times. Together they make up the + confidentiality, integrity, and availability of the system. To protect CIA, security professionals @@ -1070,51 +1069,48 @@ sendmail : PARANOID : denyKerberos can be described as an - identity-verifying proxy system and as a - trusted third-party authentication system. After a user - authenticates with Kerberos, their - communications can be encrypted to assure privacy and data - integrity. + identity-verifying proxy system and as a trusted third-party + authentication system. After a user authenticates with + Kerberos, their communications can be + encrypted to assure privacy and data integrity. The only function of Kerberos is to provide the secure authentication of users on the network. - It does not provide authorization - or auditing functions. It - is recommended that Kerberos be used + It does not provide authorization or auditing functions. It is + recommended that Kerberos be used with other security methods which provide authorization and audit services. The current version of the protocol is version 5, described in RFC 1510. Several free - implementations of this protocol are - available, covering a wide range of operating systems. - MIT - continues to develop their Kerberos - package. It is commonly used in the US as - a cryptography product, and has historically been affected by - US export regulations. In &os;, - MIT Kerberos is - available as the security/krb5 package or - port. Heimdal Kerberos - was explicitly developed outside - of the US to avoid export regulations. The - Heimdal Kerberos distribution is - available as the security/heimdal package - or port, and a minimal installation is included in the base - &os; install. + implementations of this protocol are available, covering a wide + range of operating systems. MIT continues to + develop their Kerberos package. It + is commonly used in the US as a cryptography + product, and has historically been affected by + US export regulations. In &os;, + MIT Kerberos is + available as the security/krb5 package or + port. Heimdal Kerberos was + explicitly developed outside of the US to + avoid export regulations. The Heimdal + Kerberos distribution is available as + the security/heimdal package or port, and a + minimal installation is included in the base &os; + install. This section provides a guide on how to set up Kerberos using the Heimdal - distribution included in &os;. + distribution included in &os;. For purposes of demonstrating a - Kerberos installation, the - name spaces will be as follows: + Kerberos installation, the name + spaces will be as follows: - The DNS domain (zone) - will be The DNS domain (zone) will be + example.org. @@ -1127,8 +1123,8 @@ sendmail : PARANOID : deny Use real domain names when setting up Kerberos, even if it will run - internally. This avoids DNS problems - and assures inter-operation with other + internally. This avoids DNS problems and + assures inter-operation with other Kerberos realms. @@ -1144,18 +1140,18 @@ sendmail : PARANOID : denyKerberos provides. It is the computer that issues Kerberos - tickets. The KDC is considered - trusted by all other computers in the + tickets. The KDC is considered trusted by + all other computers in the Kerberos realm, and thus has heightened security concerns. - While running a KDC - requires few computing resources, a dedicated - machine acting only as a KDC is recommended - for security reasons. + While running a KDC requires few + computing resources, a dedicated machine acting only as a + KDC is recommended for security + reasons. - To begin setting up a KDC, add these lines to - /etc/rc.conf: + To begin setting up a KDC, add these + lines to /etc/rc.conf: kerberos5_server_enable="YES" kadmind5_server_enable="YES" @@ -1173,27 +1169,26 @@ kadmind5_server_enable="YES".example.org = EXAMPLE.ORG - In this example, the - KDC will use the fully-qualified hostname - In this example, the KDC will use the + fully-qualified hostname kerberos.example.org. Add - a CNAME entry to the DNS zone file - if the KDC has a different hostname than - that specified in /etc/krb5.conf. - - For large networks with a properly configured - DNS server, the above example could be - trimmed to: + a CNAME entry to the DNS + zone file if the KDC has a different + hostname than that specified in + /etc/krb5.conf. + + For large networks with a properly configured + DNS server, the above example could be + trimmed to: - [libdefaults] + [libdefaults] default_realm = EXAMPLE.ORG - With the following lines being appended to the - example.org zone - file: + With the following lines being appended to the + example.org zone + file: - _kerberos._udp IN SRV 01 00 88 kerberos.example.org. + _kerberos._udp IN SRV 01 00 88 kerberos.example.org. _kerberos._tcp IN SRV 01 00 88 kerberos.example.org. _kpasswd._udp IN SRV 01 00 464 kerberos.example.org. _kerberos-adm._tcp IN SRV 01 00 749 kerberos.example.org. @@ -1201,20 +1196,21 @@ _kerberos IN TXT In order for clients to be able to find the - Kerberos services, the KDC - must have either a fully configured - /etc/krb5.conf or a minimally - configured /etc/krb5.conf - and a properly configured DNS - server. + Kerberos services, the + KDC must have either + a fully configured /etc/krb5.conf or a + minimally configured /etc/krb5.conf + and a properly configured + DNS server. Next, create the Kerberos - database which contains the keys of all principals (users and hosts) encrypted - with a master password. It is not required to remember this - password as it will be stored in - /var/heimdal/m-key. To create the - master key, run kstash and enter a password: + database which contains the keys of all principals (users and + hosts) encrypted with a master password. It is not required + to remember this password as it will be stored in + /var/heimdal/m-key. To create the master + key, run kstash and enter a + password: &prompt.root; kstash Master key: xxxxxxxx @@ -1222,23 +1218,24 @@ Verifying password - Master key: Once the master key has been created, initialize the database using kadmin -l. This option - instructs kadmin to modify the local database files - directly rather than going through the &man.kadmind.8; network - service. This handles the chicken-and-egg problem of trying - to connect to the database before it is created. At the - kadmin prompt, use init to create - the realm's initial database: + instructs kadmin to modify the local + database files directly rather than going through the + &man.kadmind.8; network service. This handles the + chicken-and-egg problem of trying to connect to the database + before it is created. At the kadmin + prompt, use init to create the realm's + initial database: &prompt.root; kadmin -l kadmin> init EXAMPLE.ORG Realm max ticket life [unlimited]: - Lastly, while still in kadmin, create the first - principal using add. Stick to the default - options for the principal for now, as these can be changed - later with modify. Type - ? at the prompt to see the - available options. + Lastly, while still in kadmin, create + the first principal using add. Stick to + the default options for the principal for now, as these can be + changed later with modify. Type + ? at the prompt to see the available + options. kadmin> add tillman Max ticket life [unlimited]: @@ -1249,12 +1246,12 @@ Verifying password - Password: Next, start the KDC services by running service kerberos start and - service kadmind start. - While there will not be any kerberized daemons - running at this point, it is possible to confirm that the - KDC is functioning by obtaining and - listing a ticket for the principal that was just - created from the command-line of the KDC: + service kadmind start. While there will + not be any kerberized daemons running at this point, it is + possible to confirm that the KDC is + functioning by obtaining and listing a ticket for the + principal that was just created from the command-line of the + KDC: &prompt.user; kinit tillman tillman@EXAMPLE.ORG's Password: @@ -1266,7 +1263,8 @@ Credentials cache: FILE:/tmp/krb5cc_500 Issued Expires Principal Aug 27 15:37:58 Aug 28 01:37:58 krbtgt/EXAMPLE.ORG@EXAMPLE.ORG - The temporary ticket can be revoked when the test is finished: + The temporary ticket can be revoked when the test is + finished: &prompt.user; kdestroy @@ -1283,23 +1281,21 @@ Aug 27 15:37:58 Aug 28 01:37:58 krbtgt To configure a server to use Kerberos authentication, copy /etc/krb5.conf from the - KDC to the server in a secure - fashion, such as &man.scp.1;, or physically via removable - media. + KDC to the server in a secure fashion, such + as &man.scp.1;, or physically via removable media. Next, create /etc/krb5.keytab on the - server. - This is the major difference between a server providing - Kerberos enabled daemons and a - workstation: the server must have a - keytab. This file contains the - server's host key, which allows it and the - KDC to verify each others identity. It - must be transmitted to the server in a secure fashion, as - the security of the server can be broken if the key is made - public. Typically, the keytab is transferred - to the server using kadmin. This is handy because the - host principal, the KDC end of the + server. This is the major difference between a server + providing Kerberos enabled daemons + and a workstation: the server must have a + keytab. This file contains the server's + host key, which allows it and the KDC to + verify each others identity. It must be transmitted to the + server in a secure fashion, as the security of the server can + be broken if the key is made public. Typically, the + keytab is transferred to the server using + kadmin. This is handy because the host + principal, the KDC end of the krb5.keytab, is also created using kadmin. @@ -1308,17 +1304,17 @@ Aug 27 15:37:58 Aug 28 01:37:58 krbtgt kadmind.acl. See the section titled Remote administration in info heimdal for details on designing access control - lists. Instead of enabling remote kadmin access, the - administrator can securely connect to the + lists. Instead of enabling remote kadmin + access, the administrator can securely connect to the KDC via the local console or &man.ssh.1;, and perform administration locally using kadmin -l. After installing /etc/krb5.conf, use add --random-key from the - Kerberos server. This adds - the server's host principal. Then, use ext - to extract the server's host principal to its own keytab: + Kerberos server. This adds the + server's host principal. Then, use ext to + extract the server's host principal to its own keytab: &prompt.root; kadmin kadmin> add --random-key host/myserver.example.org @@ -1350,11 +1346,11 @@ kadmin> exitAt this point, the server can communicate with the KDC using - krb5.conf and it can prove its - own identity with krb5.keytab. It is now + krb5.conf and it can prove its own + identity with krb5.keytab. It is now ready for the Kerberos services to - be enabled. For this example, the &man.telnetd.8; service - is enabled in /etc/inetd.conf and + be enabled. For this example, the &man.telnetd.8; service is + enabled in /etc/inetd.conf and &man.inetd.8; has been restarted with service inetd restart: @@ -1376,36 +1372,34 @@ kadmin> exitTo configure a client to use Kerberos, securely copy - /etc/krb5.conf - to the client computer from the - KDC. + /etc/krb5.conf to the client computer + from the KDC. Test the client by using kinit, - klist, and kdestroy from the client to obtain, - show, and then delete an existing ticket for the principal. - Kerberos applications - should also be able to connect to + klist, and kdestroy from + the client to obtain, show, and then delete an existing ticket + for the principal. Kerberos + applications should also be able to connect to Kerberos enabled servers. If that does not work but obtaining a ticket does, the problem is likely with the server and not with the client or the KDC. When testing a Kerberized application, try using a packet - sniffer such as tcpdump to confirm that the password - is not sent in the clear. + sniffer such as tcpdump to confirm that the + password is not sent in the clear. - Various Kerberos - client applications are available. - &os; installs telnetd as the only + Various Kerberos client + applications are available. &os; installs + telnetd as the only Kerberos enabled service. The Heimdal package or port installs Kerberos enabled versions of ftpd, rshd, - rcp, rlogind, and - a few other less common programs. The MIT - port contains a full suite of - Kerberos client - applications. + rcp, rlogind, and a few + other less common programs. The MIT port + contains a full suite of Kerberos + client applications. .k5login @@ -1429,8 +1423,8 @@ kadmin> exitThe .k5login and .k5users files, placed in a user's home directory, can be used to solve this problem. For example, if - the following .k5login is - placed in the home directory of .k5login is placed in the + home directory of webdevelopers, both principals listed will have access to that account without requiring a shared password.: @@ -1445,22 +1439,22 @@ jdoe@example.org <acronym>MIT</acronym> Differences - The major difference between the MIT and - Heimdal implementations is that kadmin has a different, but - equivalent, set of commands and uses a different protocol. - If the KDC is MIT, the - Heimdal version of kadmin cannot be used to administer - the KDC remotely, and vice versa. + The major difference between the MIT + and Heimdal implementations is that kadmin + has a different, but equivalent, set of commands and uses a + different protocol. If the KDC is + MIT, the Heimdal version of + kadmin cannot be used to administer the + KDC remotely, and vice versa. Client applications may also use slightly different - command line options to accomplish the same tasks. - Following the instructions at - Kerberos Kerberos http://web.mit.edu/Kerberos/www/ is recommended. Be careful of path issues: the MIT port installs into - /usr/local/ by default, and the - &os; system applications run instead of the + /usr/local/ by default, and the &os; + system applications run instead of the MIT versions if PATH lists the system directories first. @@ -1469,10 +1463,10 @@ jdoe@example.org security/krb5 port, be sure to read /usr/local/share/doc/krb5/README.FreeBSD installed by the port to understand why logins via - telnetd and klogind behave - somewhat oddly. Correcting the incorrect permissions - on cache file behavior requires that the - login.krb5 binary be used for + telnetd and klogind + behave somewhat oddly. Correcting the incorrect + permissions on cache file behavior requires that + the login.krb5 binary be used for authentication so that it can properly change ownership for the forwarded credentials. @@ -1494,12 +1488,12 @@ kadmind5_server_enable="YES"When configuring and troubleshooting Kerberos, keep the following points in mind: - + - When using either Heimdal or - MIT - Kerberos, ensure that the PATH lists the + When using either Heimdal or MIT + Kerberos, ensure that the + PATH lists the Kerberos versions of the client applications before the system versions. @@ -1536,8 +1530,9 @@ kadmind5_server_enable="YES"KDC do not set the permissions for ksu to be setuid root. This means that - ksu does not work. This is a permissions problem, not a - KDC error. + ksu does not work. This is a + permissions problem, not a KDC + error. @@ -1545,50 +1540,50 @@ kadmind5_server_enable="YES"Kerberos, to allow a principal to have a ticket life longer than the default ten hours, use modify_principal at the - &man.kadmin.8; prompt to change the maxlife of both the - principal in question and the maxlife of both the principal in + question and the krbtgt principal. The principal can then use kinit -l to request a ticket with a longer lifetime. - When running a packet sniffer on the - KDC to aid in troubleshooting while - running kinit from a workstation, the Ticket - Granting Ticket (TGT) is sent - immediately, even before the - password is typed. This is because the - Kerberos server freely - transmits a TGT to any unauthorized - request. However, every TGT is - encrypted in a key derived from the user's password. - When a user types their password, it is not sent to the - KDC, it is instead used to decrypt - the TGT that kinit already - obtained. If the decryption process results in a valid - ticket with a valid time stamp, the user has valid - Kerberos credentials. - These credentials include a session key for - establishing secure communications with the - Kerberos server in the - future, as well as the actual TGT, - which is encrypted with the - Kerberos server's own key. - This second layer of encryption allows the - Kerberos server to verify - the authenticity of each TGT. + When running a packet sniffer on the + KDC to aid in troubleshooting while + running kinit from a workstation, the + Ticket Granting Ticket (TGT) is sent + immediately, even before the password is typed. This is + because the Kerberos server + freely transmits a TGT to any + unauthorized request. However, every + TGT is encrypted in a key derived from + the user's password. When a user types their password, it + is not sent to the KDC, it is instead + used to decrypt the TGT that + kinit already obtained. If the + decryption process results in a valid ticket with a valid + time stamp, the user has valid + Kerberos credentials. These + credentials include a session key for establishing secure + communications with the + Kerberos server in the future, + as well as the actual TGT, which is + encrypted with the Kerberos + server's own key. This second layer of encryption allows + the Kerberos server to verify + the authenticity of each TGT. - To use long ticket lifetimes when - using OpenSSH to connect to the + To use long ticket lifetimes when using + OpenSSH to connect to the machine where the ticket is stored, make sure that Kerberos is set to no in - /etc/ssh/sshd_config. Otherwise, tickets will be - deleted at log out. + /etc/ssh/sshd_config. Otherwise, + tickets will be deleted at log out. @@ -1614,104 +1609,106 @@ kadmind5_server_enable="YES" - Mitigating <application>Kerberos</application> Limitations + Mitigating <application>Kerberos</application> + Limitations Kerberos5 limitations and shortcomings - Since Kerberos is an all or - nothing approach, every service enabled on the network must either be modified - to work with Kerberos or be - otherwise secured against network attacks. This is to prevent - user credentials from being stolen and re-used. An example is when - Kerberos is - enabled on all remote shells but the non-Kerberized - POP3 mail server sends passwords in - plain text. - - Kerberos is intended for - single-user workstations. In a multi-user environment, - Kerberos is less secure as it - stores the tickets in /tmp, - which is readable by all users. If a user is sharing a - computer, it is possible that the user's - tickets can be stolen or copied by another user. - - This can be overcome with kinit -c - or, preferably, the - KRB5CCNAME environment variable. Storing - the ticket in the user's home directory and using file - permissions are commonly used to mitigate this - problem. - - The KDC is a single point of failure. By design, the - KDC must be as secure - as its master password database. The KDC - should have absolutely no other services running on it and - should be physically secure. The danger is high because - Kerberos stores all passwords - encrypted with the same master key which is - stored as a file on the KDC. - - A compromised master key is not quite as bad as one - might fear. The master key is only used to encrypt the - Kerberos database and as a seed - for the random number generator. As long as access to the - KDC is secure, an attacker cannot do much - with the master key. - - If the KDC is - unavailable, network services are unusable as authentication - cannot be performed. This can be alleviated with a single - master KDC and one or more slaves, and - with careful implementation of secondary or fall-back - authentication using PAM. - - Kerberos allows users, hosts - and services to authenticate between themselves. It does - not have a mechanism to authenticate the - KDC to the users, hosts, or services. - This means that a trojanned kinit could record all - user names and passwords. File system integrity checking - tools like security/tripwire can - alleviate this. + Since Kerberos is an all or + nothing approach, every service enabled on the network must + either be modified to work with + Kerberos or be otherwise secured + against network attacks. This is to prevent user credentials + from being stolen and re-used. An example is when + Kerberos is enabled on all remote + shells but the non-Kerberized POP3 mail + server sends passwords in plain text. + + Kerberos is intended for + single-user workstations. In a multi-user environment, + Kerberos is less secure as it + stores the tickets in /tmp, which is + readable by all users. If a user is sharing a computer, it is + possible that the user's tickets can be stolen or copied by + another user. + + This can be overcome with kinit -c or, + preferably, the KRB5CCNAME environment + variable. Storing the ticket in the user's home directory and + using file permissions are commonly used to mitigate this + problem. + + The KDC is a single point of failure. + By design, the KDC must be as secure as its + master password database. The KDC should + have absolutely no other services running on it and should be + physically secure. The danger is high because + Kerberos stores all passwords + encrypted with the same master key which is stored as a file + on the KDC. + + A compromised master key is not quite as bad as one might + fear. The master key is only used to encrypt the + Kerberos database and as a seed for + the random number generator. As long as access to the + KDC is secure, an attacker cannot do much + with the master key. + + If the KDC is unavailable, network + services are unusable as authentication cannot be performed. + This can be alleviated with a single master + KDC and one or more slaves, and with + careful implementation of secondary or fall-back + authentication using PAM. + + Kerberos allows users, hosts + and services to authenticate between themselves. It does not + have a mechanism to authenticate the + KDC to the users, hosts, or services. This + means that a trojanned kinit could record + all user names and passwords. File system integrity checking + tools like security/tripwire can + alleviate this. - Access Issues with Kerberos and <command>ssh</command> + Access Issues with Kerberos and + <command>ssh</command> &man.ssh.1; - Kerberos is an - excellent authentication protocol, but there are bugs in the - kerberized versions of telnet and rlogin that + Kerberos is an excellent authentication protocol, but + there are bugs in the kerberized versions of + telnet and rlogin that make them unsuitable for dealing with binary streams. By default, Kerberos does not encrypt a session unless - is used, whereas ssh encrypts - everything. + is used, whereas ssh + encrypts everything. - While ssh works well, it forwards encryption keys - by default. This introduces a security risk to a user who - uses ssh to access an insecure machine from a secure - workstation. The keys themselves are not exposed, but - ssh installs a forwarding port for the duration of the - login. If an attacker has broken - root on - the insecure machine, he can utilize that port to gain access - to any other machine that those keys unlock. - - It is recommended that ssh is used in combination - with Kerberos whenever possible for staff logins as it - can be compiled with Kerberos support. This - reduces reliance on potentially exposed SSH - keys while protecting passwords via Kerberos. Keys should - only be used for automated tasks from secure machines as this - is something that Kerberos is unsuited to. It is recommended - to either turn off key-forwarding in the - SSH configuration, or to make use - of from=IP/DOMAIN in + While ssh works well, it forwards + encryption keys by default. This introduces a security risk + to a user who uses ssh to access an + insecure machine from a secure workstation. The keys + themselves are not exposed, but ssh + installs a forwarding port for the duration of the login. If + an attacker has broken root on the insecure machine, + he can utilize that port to gain access to any other machine + that those keys unlock. + + It is recommended that ssh is used in + combination with Kerberos whenever possible for staff logins + as it can be compiled with Kerberos support. This reduces + reliance on potentially exposed SSH keys + while protecting passwords via Kerberos. Keys should only be + used for automated tasks from secure machines as this is + something that Kerberos is unsuited to. It is recommended to + either turn off key-forwarding in the + SSH configuration, or to make use of + from=IP/DOMAIN in authorized_keys to make the key only usable to entities logging in from specific machines. From owner-svn-doc-all@FreeBSD.ORG Fri Apr 4 15:49:46 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3DE26F5D; Fri, 4 Apr 2014 15:49:46 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2B485E8A; Fri, 4 Apr 2014 15:49:46 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s34FnkTb061065; Fri, 4 Apr 2014 15:49:46 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s34FnkB3061064; Fri, 4 Apr 2014 15:49:46 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404041549.s34FnkB3061064@svn.freebsd.org> From: Dru Lavigne Date: Fri, 4 Apr 2014 15:49:46 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44446 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Apr 2014 15:49:46 -0000 Author: dru Date: Fri Apr 4 15:49:45 2014 New Revision: 44446 URL: http://svnweb.freebsd.org/changeset/doc/44446 Log: Fix 2 grammos. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Apr 4 15:48:09 2014 (r44445) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Apr 4 15:49:45 2014 (r44446) @@ -1449,7 +1449,7 @@ jdoe@example.org Client applications may also use slightly different command line options to accomplish the same tasks. Following - the instructions at Kerberos http://web.mit.edu/Kerberos/www/ is recommended. Be careful of path issues: the MIT port installs into @@ -1681,7 +1681,7 @@ kadmind5_server_enable="YES"&man.ssh.1; Kerberos is an excellent authentication protocol, but - there are bugs in the kerberized versions of + there are bugs in the Kerberized versions of telnet and rlogin that make them unsuitable for dealing with binary streams. By default, Kerberos does not encrypt a session unless From owner-svn-doc-all@FreeBSD.ORG Fri Apr 4 21:37:09 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AB754F4B; Fri, 4 Apr 2014 21:37:09 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8B518603; Fri, 4 Apr 2014 21:37:09 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s34Lb9Gm007442; Fri, 4 Apr 2014 21:37:09 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s34Lb9fN007441; Fri, 4 Apr 2014 21:37:09 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201404042137.s34Lb9fN007441@svn.freebsd.org> From: Glen Barber Date: Fri, 4 Apr 2014 21:37:09 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44447 - head/en_US.ISO8859-1/htdocs/releases/10.0R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Apr 2014 21:37:09 -0000 Author: gjb Date: Fri Apr 4 21:37:09 2014 New Revision: 44447 URL: http://svnweb.freebsd.org/changeset/doc/44447 Log: Regenerate after r264140. (This also includes an update to the Last-Modified from the previous change.) Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html Modified: head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html Fri Apr 4 15:49:45 2014 (r44446) +++ head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html Fri Apr 4 21:37:09 2014 (r44447) @@ -1,5 +1,5 @@ -FreeBSD 10.0-RELEASE Errata

    FreeBSD 10.0-RELEASE Errata

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation Project

    FreeBSD is a registered trademark of +FreeBSD 10.0-RELEASE Errata

    FreeBSD 10.0-RELEASE Errata

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation Project

    FreeBSD is a registered trademark of the FreeBSD Foundation.

    Intel, Celeron, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United @@ -12,7 +12,7 @@ as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the or the - symbol.

    Last modified on 2014-02-11 by hrs.
    Abstract

    This document lists errata items for FreeBSD 10.0-RELEASE, + symbol.

    Last modified on 2014-04-04 by gjb.
    Abstract

    This document lists errata items for FreeBSD 10.0-RELEASE, containing significant information discovered after the release or too late in the release cycle to be otherwise included in the release documentation. @@ -92,7 +92,13 @@ boot

    The mount_udf(8) utility has a bug which prevents it from mounting any UDF file system. This has been fixed - in FreeBSD-CURRENT and FreeBSD 10.0-STABLE.

    4.Late-Breaking News

    No news.

    This file, and other release-related documents, + in FreeBSD-CURRENT and FreeBSD 10.0-STABLE.

  • Updating LSI firmware on mps(4) controllers with + the sas2flash utility may cause + the system to hang, or may cause the sytem to panic. This + is fixed in the stable/10 branch with + revisions r262553 and + r262575, and will be included in + FreeBSD10.1-RELEASE.

    • 4.Late-Breaking News

    No news.

    This file, and other release-related documents, can be downloaded from http://www.FreeBSD.org/snapshots/.

    For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.

    All users of FreeBSD stable should From owner-svn-doc-all@FreeBSD.ORG Sat Apr 5 02:09:18 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8F2E6153; Sat, 5 Apr 2014 02:09:18 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7C4BFDB2; Sat, 5 Apr 2014 02:09:18 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3529IK6019122; Sat, 5 Apr 2014 02:09:18 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3529Ilx019121; Sat, 5 Apr 2014 02:09:18 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404050209.s3529Ilx019121@svn.freebsd.org> From: Warren Block Date: Sat, 5 Apr 2014 02:09:18 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44448 - head/share/misc X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Apr 2014 02:09:18 -0000 Author: wblock Date: Sat Apr 5 02:09:17 2014 New Revision: 44448 URL: http://svnweb.freebsd.org/changeset/doc/44448 Log: Restore a missing border-radius, reduce border radius to keep small boxes from looking oval. Modified: head/share/misc/docbook.css Modified: head/share/misc/docbook.css ============================================================================== --- head/share/misc/docbook.css Fri Apr 4 21:37:09 2014 (r44447) +++ head/share/misc/docbook.css Sat Apr 5 02:09:17 2014 (r44448) @@ -282,6 +282,7 @@ pre.screen { padding: 1ex; background-color: #edc; border: 1px solid #ccc; + border-radius: 4px; } pre.programlisting { @@ -291,7 +292,7 @@ pre.programlisting { padding: 1ex; background-color: #eee; border: 1px solid #ccc; - border-radius: 6px; + border-radius: 4px; } @media screen { /* hide from IE3 */ @@ -304,7 +305,7 @@ pre.programlisting { } .note, .tip, .important, .warning, .caution, .example, div.procedure { - border-radius: 6px; + border-radius: 4px; padding: 2ex 2ex 0 2ex; margin: .75em 3em .75em 1em; line-height: 1.3; From owner-svn-doc-all@FreeBSD.ORG Sat Apr 5 09:15:14 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D1401754; Sat, 5 Apr 2014 09:15:14 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BE46531D; Sat, 5 Apr 2014 09:15:14 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s359FEBj094889; Sat, 5 Apr 2014 09:15:14 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s359FE0R094888; Sat, 5 Apr 2014 09:15:14 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404050915.s359FE0R094888@svn.freebsd.org> From: Gabor Pali Date: Sat, 5 Apr 2014 09:15:14 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44449 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Apr 2014 09:15:15 -0000 Author: pgj Date: Sat Apr 5 09:15:14 2014 New Revision: 44449 URL: http://svnweb.freebsd.org/changeset/doc/44449 Log: - Add 2014Q1 status report for ASLR Submitted by: Shawn Webb Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sat Apr 5 02:09:17 2014 (r44448) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sat Apr 5 09:15:14 2014 (r44449) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 13 entries and we hope you enjoy reading it.

    + contains 14 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -775,4 +775,70 @@ ports tree. + + + ASLR and PIE + + + + + Shawn + Webb + + lattera@gmail.com + + + + + Oliv辿r + Pint辿r + + oliver.pntr@gmail.com + + + + + Blog post with latest status update + Shawn's ASLR branch + Oliv辿r's ASLR branch + + + +

    Address space layout randomization (ASLR) is a computer + security technique involved in protection from buffer overflow + attacks. In order to prevent an attacker from reliably jumping + to a particular exploited function in memory, ASLR involves + randomly arranging the positions of key data areas of a program, + including the base of the executable and the positions of the + stack, heap, and libraries, in a process' address space.

    + +

    We have added (a potentially buggy) ASLR support to all + supported &os; architectures. Focus is still on amd64 as + that is what the developers have access to. We have added + support for Position-Independent Executables (PIEs) in a number + of applications in base. We have identified a number of bugs + and are actively working on targeting them.

    + + + + Shawn has access to a Raspberry Pi (RPI). PIE is 90% + broken. Debug and fix major issues on the RPI. The existing NX + stack protections are not obeyed on RPI. Properly implemented + ASLR requires NX stack. + + Shawn will be receiving a sparc64 box on April 6, + 2014. He will test ASLR on sparc64, identifying and + fixing any bugs that pop up. + + Oliv辿r has identified one or more bugs with the Linuxulator. + He will be looking into that and fixing those. + + Shawn will be cleaning up code and adding more applications + in base to support PIE. He will also add PIE support to the + ports framework for general consumption. + + Shawn will be giving a presentation regarding ASLR at + BSDCan 2014. + +     From owner-svn-doc-all@FreeBSD.ORG Sat Apr 5 09:40:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2F6B0A6B; Sat, 5 Apr 2014 09:40:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 028C8692; Sat, 5 Apr 2014 09:40:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s359essx004347; Sat, 5 Apr 2014 09:40:54 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s359es0N004346; Sat, 5 Apr 2014 09:40:54 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404050940.s359es0N004346@svn.freebsd.org> From: Gabor Pali Date: Sat, 5 Apr 2014 09:40:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44450 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Apr 2014 09:40:55 -0000 Author: pgj Date: Sat Apr 5 09:40:54 2014 New Revision: 44450 URL: http://svnweb.freebsd.org/changeset/doc/44450 Log: - Add 2014Q1 status report for UEFI boot Submitted by: emaste Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sat Apr 5 09:15:14 2014 (r44449) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sat Apr 5 09:40:54 2014 (r44450) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 14 entries and we hope you enjoy reading it.

    + contains 15 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -841,4 +841,54 @@ BSDCan 2014. + + + UEFI Boot + + + + + Ed + Maste + + emaste@FreeBSD.org + + + + + Project page on the wiki + + + +

    The Unified Extensible Firmware Interface (UEFI) provides boot- + and run-time services for x86 computers, and is a replacement + for the legacy BIOS. This project will adapt the &os; loader + and kernel boot process for compatibility with UEFI firmware, + found on contemporary servers, desktops, and laptops.

    + +

    Starting with &a.rpaulo;'s i386 EFI loader, &a.benno; + developed a working proof-of-concept amd64 loader in 2013 + under sponsorship from the &os; Foundation. After refinement, + that work has now been merged from the projects/uefi + Subversion branch into &os; head. The project includes + the infrastructure to build a UEFI-enabled loader, and the + kernel-side changes to parse metadata provided by the + loader.

    + +

    A number of integration tasks remain, with a plan to have UEFI + installation and boot support merged to stable/10 in + time for &os; 10.1-RELEASE.

    + + + The &os; Foundation + + + Document manual installation, including dual-boot + configurations. + + Implement chain-loading from UFS/ZFS file systems. + Integrate UEFI configuration with the &os; installer. + Support secure boot. + +     From owner-svn-doc-all@FreeBSD.ORG Sat Apr 5 09:48:34 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 46244B68; Sat, 5 Apr 2014 09:48:34 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 19D47783; Sat, 5 Apr 2014 09:48:34 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s359mXZR007418; Sat, 5 Apr 2014 09:48:33 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s359mX2v007417; Sat, 5 Apr 2014 09:48:33 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404050948.s359mX2v007417@svn.freebsd.org> From: Gabor Pali Date: Sat, 5 Apr 2014 09:48:33 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44451 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Apr 2014 09:48:34 -0000 Author: pgj Date: Sat Apr 5 09:48:33 2014 New Revision: 44451 URL: http://svnweb.freebsd.org/changeset/doc/44451 Log: - Add 2014Q1 status report for clusteradm Submitted by: gjb Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sat Apr 5 09:40:54 2014 (r44450) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sat Apr 5 09:48:33 2014 (r44451) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 15 entries and we hope you enjoy reading it.

    + contains 16 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -891,4 +891,43 @@ Support secure boot. + + + &os; Cluster Administration Team + + + + &os; Cluster Administration Team + + admins@ + + + + +

    The &os; Cluster Administration Team consists of the people + responsible for administering the machines that the project + relies on for its distributed work and communications to be + synchronised. In this quarter, the team has worked on the + following:

    + +
      +
    • Assimilated master email configurations into a single source + control repository.
      • + +
    • Moved the &os; web server CGI services to a new location + (sponsored).
      • + +
    • Further enhanced upon our internal monitoring + utilities.
      • + +
    • Added a Russian pkg(8) mirror, hosted by + Yandex.
      • + +
    • Moved the &os; Foundation web services to a new server + (sponsored).
      • +
    + + + The &os; Foundation +     From owner-svn-doc-all@FreeBSD.ORG Sat Apr 5 12:05:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 99CF5831; Sat, 5 Apr 2014 12:05:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 853F9338; Sat, 5 Apr 2014 12:05:13 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s35C5D9s064338; Sat, 5 Apr 2014 12:05:13 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s35C5DV8064337; Sat, 5 Apr 2014 12:05:13 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201404051205.s35C5DV8064337@svn.freebsd.org> From: Benedict Reuschling Date: Sat, 5 Apr 2014 12:05:13 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44452 - head/de_DE.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Apr 2014 12:05:13 -0000 Author: bcr Date: Sat Apr 5 12:05:13 2014 New Revision: 44452 URL: http://svnweb.freebsd.org/changeset/doc/44452 Log: Update to r43904. Only minor whitespace fixes by myself, most of the work was done by the submitter. Submitted by: Bjoern Heidotting Obtained from: The FreeBSD German Documentation Project Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Sat Apr 5 09:48:33 2014 (r44451) +++ head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Sat Apr 5 12:05:13 2014 (r44452) @@ -5,7 +5,7 @@ $FreeBSD$ $FreeBSDde:$ - basiert auf: r43901 + basiert auf: r43904 --> Weiterfhrende Netzwerkthemen @@ -3718,16 +3718,18 @@ BEGEMOT-BRIDGE-MIB::begemotBridgeDefault Die von &os; untersttzte &man.lagg.4;-Schnittstelle erlaubt die Gruppierung von mehreren Netzwerkadaptern als eine virtuelle Schnittstelle mit dem Ziel, Ausfallsicherheit - (Failover) und Link Aggregation bereitzustellen. Link - Aggregation funktioniert am besten mit Switches, welche - LACP untersttzen, da dieses Protokoll den - Datenverkehr bidirektional verteilt, whrend es auch auf den - Ausfall einzelner Verbindungen reagiert. + (Failover) und Link Aggregation bereitzustellen. Bei Failover + kann der Verkehr auch dann weiter flieen, wenn nur eine + Schnittstelle verfgbar ist. Link Aggregation funktioniert am + besten mit Switches, welche LACP + untersttzen, da dieses Protokoll den Datenverkehr + bidirektional verteilt, whrend es auch auf den Ausfall + einzelner Verbindungen reagiert. - Die von der lagg-Schnittstelle untersttzten Betriebsarten + Die von der lagg-Schnittstelle untersttzten Protokolle bestimmten, welche Ports fr den ausgehenden Datenverkehr benutzt werden, und ob ein bestimmter Port eingehenden - Datenverkehr akzeptiert. Folgende Betriebsarten werden von + Datenverkehr akzeptiert. Die folgenden Protokolle werden von &man.lagg.4; untersttzt: @@ -3816,18 +3818,26 @@ BEGEMOT-BRIDGE-MIB::begemotBridgeDefault <acronym>LACP</acronym> Aggregation mit einem Switch von &cisco; - Dieses Beispiel verbindet zwei Adapter auf einer - &os;-Maschine mit dem Switch als eine einzelne, - lastverteilte und ausfallsichere Verbindung. Weitere - Adapter knnen hinzugefgt werden, um den Durchsatz zu - erhhen und die Ausfallsicherheit zu steigern. Da die - Reihenfolge der Frames bei Ethernet zwingend eingehalten - werden muss, fliet auch jeglicher Verkehr zwischen zwei - Stationen ber den gleichen physischen Kanal, was die - maximale Geschwindigkeit der Verbindung auf die eines - einzelnen Adapters beschrnkt. Der bertragungsalgorithmus - versucht, so viele Informationen wie mglich zu verwenden, - um die verschiedenen Verkehrsflsse zu unterscheiden und + Dieses Beispiel verbindet zwei &man.fxp.4; + Ethernet-Schnittstellen einer &os;-Maschine zu den ersten + zwei Ethernet-Ports auf einem &cisco; Switch als eine + einzelne, lastverteilte und ausfallsichere Verbindung. + Weitere Adapter knnen hinzugefgt werden, um den Durchsatz + zu erhhen und die Ausfallsicherheit zu steigern. Ersetzen + Sie die Namen der &cisco;-Ports, Ethernet-Gerte, + channel-group Nummern und IP-Adressen im + Beispiel durch Namen, die mit Ihrer lokalen Konfiguration + bereinstimmen. + + + Da die Reihenfolge der Frames bei Ethernet zwingend + eingehalten werden muss, fliet auch jeglicher Verkehr + zwischen zwei Stationen ber den gleichen physischen + Kanal, was die maximale Geschwindigkeit der Verbindung auf + die eines einzelnen Adapters beschrnkt. + Der bertragungsalgorithmus versucht, so viele + Informationen wie mglich zu verwenden, um die + verschiedenen Verkehrsflsse zu unterscheiden und balanciert diese ber die verfgbaren Adapter. Fgen Sie auf dem &cisco;-Switch die Adapter @@ -3835,33 +3845,34 @@ BEGEMOT-BRIDGE-MIB::begemotBridgeDefault FastEthernet0/2 zu der channel-group 1 hinzu: - interface FastEthernet0/1 - channel-group 1 mode active + interface +FastEthernet0/1 + channel-group 1 mode active channel-protocol lacp ! -interface FastEthernet0/2 - channel-group 1 mode active +interface FastEthernet0/2 + channel-group 1 mode active channel-protocol lacp Auf der Maschine mit &os; erstellen Sie die &man.lagg.4;-Schnittstelle unter Verwendung von fxp0 und - fxp1 und starten Sie - Schnittstelle mit der IP-Adresse - 10.0.0.3/24: - - &prompt.root; ifconfig fxp0 up -&prompt.root; ifconfig fxp1 up + fxp1 und starten Sie + Schnittstelle mit der IP-Adresse + 10.0.0.3/24: + + &prompt.root; ifconfig +fxp0 up +&prompt.root; ifconfig fxp1 +up &prompt.root; ifconfig lagg0 create -&prompt.root; ifconfig lagg0 up laggproto lacp laggport fxp0 laggport fxp1 10.0.0.3/24 +&prompt.root; ifconfig lagg0 up laggproto lacp laggport +fxp0 laggport +fxp1 +10.0.0.3/24 Als nchstes, berprfen Sie den Status der virtuellen - Schnittstelle. Ports, die als ACTIVE - markiert sind, sind Teil der aktiven Aggregations-Gruppe, - die mit dem Switch ausgehandelt wurde und der Verkehr wird - ber diese bertragen und empfangen. Benutzen Sie die - ausfhrliche Ausgabe von &man.ifconfig.8;, um sich die - LAG-Bezeichner anzeigen zu lassen. + Schnittstelle: &prompt.root; ifconfig lagg0 lagg0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 @@ -3873,6 +3884,13 @@ lagg0: flags=8843<UP,BROADCAST,RUNNIN laggport: fxp1 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING> laggport: fxp0 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING> + Ports, die als ACTIVE markiert + sind, sind Teil der aktiven Aggregations-Gruppe, die mit dem + Switch ausgehandelt wurde und der Verkehr wird ber diese + bertragen und empfangen. Benutzen Sie + im obigen Kommando, um sich die + LAG-Bezeichner anzeigen zu lassen. + Um den Status der Ports auf dem &cisco; Switch anzuzeigen: @@ -3919,10 +3937,15 @@ ifconfig_lagg0="laggp IP-Adresse 10.0.0.15/24 zugewiesen: - &prompt.root; ifconfig fxp0 up -&prompt.root; ifconfig fxp1 up + &prompt.root; ifconfig +fxp0 up +&prompt.root; ifconfig fxp1 +up &prompt.root; ifconfig lagg0 create -&prompt.root; ifconfig lagg0 up laggproto failover laggport fxp0 laggport fxp1 10.0.0.15/24 +&prompt.root; ifconfig lagg0 up laggproto failover laggport +fxp0 laggport +fxp1 +10.0.0.15/24 Die virtuelle Schnittstelle sollte in etwa so aussehen: @@ -3957,8 +3980,8 @@ ifconfig_lagg0="laggp - Failover Modus zwischen drahtgebundenen und drahtlosen - Schnittstellen + Failover Modus zwischen Ethernet- und + Wireless-Schnittstellen Fr Laptop-Benutzer ist es normalerweise wnschenswert, wireless als sekundre Schnittstelle einzurichten, die @@ -3969,7 +3992,7 @@ ifconfig_lagg0="laggp gleichzeitig mglich bleibt, Daten ber die drahtlose Verbindung zu bertragen. - Dies wird durch das berschreiben der + Dies wird durch das berschreiben der physikalischen MAC-Adresse der drahtlosen Schnittstelle, durch die der Ethernet-Schnittstelle erreicht. @@ -4002,12 +4025,16 @@ bge0: flags=8843<UP,BROADCAST,RUNNING MAC-Adresse der zugrunde liegenden Wireless-Schnittstelle: - &prompt.root; ifconfig iwn0 ether 00:21:70:da:ae:37 + &prompt.root; ifconfig +iwn0 ether +00:21:70:da:ae:37 Starten Sie den Wireless-Schnittstelle, aber ohne IP-Adresse: - &prompt.root; ifconfig wlan0 create wlandev iwn0 ssid my_router up + &prompt.root; ifconfig wlan0 create wlandev +iwn0 ssid +my_router up Stellen Sie sicher, dass die bge0-Schnittstelle aktiv ist. @@ -4015,9 +4042,11 @@ bge0: flags=8843<UP,BROADCAST,RUNNING bge0 als Master mit Failover auf wlan0: - &prompt.root; ifconfig bge0 up + &prompt.root; ifconfig +bge0 up &prompt.root; ifconfig lagg0 create -&prompt.root; ifconfig lagg0 up laggproto failover laggport bge0 laggport wlan0 +&prompt.root; ifconfig lagg0 up laggproto failover laggport +bge0 laggport wlan0 Die virtuelle Schnittstelle sollte in etwa so aussehen: @@ -4036,13 +4065,15 @@ lagg0: flags=8843<UP,BROADCAST,RUNNIN erhalten bleibt, fgen Sie folgende Eintrge in /etc/rc.conf hinzu: - ifconfig_bge0="up" -ifconfig_iwn0="ether 00:21:70:da:ae:37" -wlans_iwn0="wlan0" + ifconfig_bge0="up" +ifconfig_iwn0="ether +00:21:70:da:ae:37" +wlans_iwn0="wlan0" ifconfig_wlan0="WPA" -cloned_interfaces="lagg0" -ifconfig_lagg0="laggproto failover laggport bge0 laggport wlan0 DHCP" - +cloned_interfaces="lagg0" +ifconfig_lagg0="laggproto failover laggport +bge0 laggport wlan0 +DHCP" From owner-svn-doc-all@FreeBSD.ORG Sat Apr 5 14:13:00 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D612F53A; Sat, 5 Apr 2014 14:13:00 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C338B2AB; Sat, 5 Apr 2014 14:13:00 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s35D4dQl088689; Sat, 5 Apr 2014 13:04:39 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s35D4doh088688; Sat, 5 Apr 2014 13:04:39 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201404051304.s35D4doh088688@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sat, 5 Apr 2014 13:04:39 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44453 - head/ja_JP.eucJP/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Sat, 05 Apr 2014 15:17:43 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Apr 2014 14:13:00 -0000 Author: ryusuke Date: Sat Apr 5 13:04:39 2014 New Revision: 44453 URL: http://svnweb.freebsd.org/changeset/doc/44453 Log: - Merge the following from the English version: r44275 -> r44366 head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Sat Apr 5 12:05:13 2014 (r44452) +++ head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Sat Apr 5 13:04:39 2014 (r44453) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r44275 + Original revision: r44366 $FreeBSD$ --> cd /cdrom/X.Y-RELEASE/kernels &prompt.root; ./install.sh GENERIC - ここで X.Y-RELEASE + ここで X.Y-RELEASE を実際のリリース番号に置き換えてください。 GENERIC は、デフォルトで /boot/GENERIC にインストールされます。 From owner-svn-doc-all@FreeBSD.ORG Sun Apr 6 09:10:59 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6738F8BC; Sun, 6 Apr 2014 09:10:59 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 53AE3954; Sun, 6 Apr 2014 09:10:59 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s369Axrr094504; Sun, 6 Apr 2014 09:10:59 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s369AxNA094503; Sun, 6 Apr 2014 09:10:59 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404060910.s369AxNA094503@svn.freebsd.org> From: Gabor Pali Date: Sun, 6 Apr 2014 09:10:59 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44455 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Apr 2014 09:10:59 -0000 Author: pgj Date: Sun Apr 6 09:10:58 2014 New Revision: 44455 URL: http://svnweb.freebsd.org/changeset/doc/44455 Log: - Add 2014Q1 status report on KDE ports Submitted by: dbn Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sun Apr 6 07:21:09 2014 (r44454) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sun Apr 6 09:10:58 2014 (r44455) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 16 entries and we hope you enjoy reading it.

    + contains 17 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -930,4 +930,69 @@ The &os; Foundation + + + KDE/&os; + + + + KDE/&os; Team + kde@FreeBSD.org + + + + + KDE/&os; Home Page + area51 + PortScout Status + + + +

    The KDE/&os; Team have continued to improve the experience of + KDE software and Qt under &os;.

    + +

    During this quarter, the team has kept most of the KDE and Qt + ports up-to-date, working on the following releases:

    + +
      +
    • KDE SC: 4.12.2, 4.12.3, and 4.12.4; Workspace: 4.11.6, + 4.11.7, and 4.11.8
      • +
    • Qt: 5.2.1
      • +
    • KDevelop: 4.6.0
      • +
    • Digikam (and KIPI-plugins): 3.5.0
      • +
    + +

    As a result — according to PortScout — + kde@ has 526 ports (up from 464), of which 98.86% are + up-to-date (up from 88.15%). iXsystems continues to provide a + machine for the team to build packages and to test updates. + They have been providing the KDE/&os; team with support for + quite a long time and we are very grateful for that.

    + +

    A major change has been the depreciation of the KDE3 ports and + the move of the KDE4_PREFIX to LOCALBASE. + Also, work on Qt5 continues to maturity. &a.rakuco; has been + working with upstream to ensure Baloo (Nepomuk successor in KDE + SC 4.13) compiles and runs on non-Linux systems. His work not + only benefits &os; but other BSDs and OS X.

    + +

    As usual, the team is always looking for more testers and + porters, so please contact us and visit our home page (see + links). It would be especially useful to have more helping + hands on tasks such as getting rid of the dependency on the + defunct HAL project and providing integration with KDE's + Bluedevil Bluetooth interface.

    + + + iXsystems, Inc + + + Update out-of-date ports, see PortScout for a list. + Work on Qt 5. + + Make sure the whole KDE stack (including Qt) builds and + works correctly with Clang and libc++. + Remove the dependency on HAL. + +     From owner-svn-doc-all@FreeBSD.ORG Sun Apr 6 09:25:05 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E9356B5C; Sun, 6 Apr 2014 09:25:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BC6F2A81; Sun, 6 Apr 2014 09:25:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s369P5pD099451; Sun, 6 Apr 2014 09:25:05 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s369P5ZM099450; Sun, 6 Apr 2014 09:25:05 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404060925.s369P5ZM099450@svn.freebsd.org> From: Gabor Pali Date: Sun, 6 Apr 2014 09:25:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44456 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Apr 2014 09:25:06 -0000 Author: pgj Date: Sun Apr 6 09:25:05 2014 New Revision: 44456 URL: http://svnweb.freebsd.org/changeset/doc/44456 Log: - Add 2014Q1 status report for the Wine ports Submitted by: dbn Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sun Apr 6 09:10:58 2014 (r44455) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sun Apr 6 09:25:05 2014 (r44456) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 17 entries and we hope you enjoy reading it.

    + contains 18 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -995,4 +995,59 @@ Remove the dependency on HAL. + + + Wine/&os; + + + + + Gerald + Pfeiffer + + gerald@FreeBSD.org + + + + + David + Naylor + + dbn@FreeBSD.org + + + + + Wine Wiki Page + Wine on amd64 Wiki Page + Wine Home Page + + + +

    Wine is a free and open source software application that aims + to allow applications designed for Microsoft Windows to run on + Unix-like operating systems, such as &os;. The Wine project has + been in maintenance mode this quarter and has updated the ports + for the following versions:

    + +
      +
    • Stable releases: 1.6.2
      • +
    • Development releases: 1.7.9 through 1.7.15
      • +
    + +

    The ports have packages built for amd64, available + through the the ports emulators/i386-wine and + emulators/i386-wine-devel.

    + + + + See the Open Tasks and Known Problems sections + on the Wine wiki page. + + &os;/amd64 integration, consult the i386-Wine wiki + page for the details. + + Port WoW64 and Wine64. + +     From owner-svn-doc-all@FreeBSD.ORG Sun Apr 6 09:27:07 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 52676CBC; Sun, 6 Apr 2014 09:27:07 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3EEEEA99; Sun, 6 Apr 2014 09:27:07 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s369R7Y1099778; Sun, 6 Apr 2014 09:27:07 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s369R74V099777; Sun, 6 Apr 2014 09:27:07 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404060927.s369R74V099777@svn.freebsd.org> From: Gabor Pali Date: Sun, 6 Apr 2014 09:27:07 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44457 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Apr 2014 09:27:07 -0000 Author: pgj Date: Sun Apr 6 09:27:06 2014 New Revision: 44457 URL: http://svnweb.freebsd.org/changeset/doc/44457 Log: - Add a missed introductory sentence for the KDE report Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sun Apr 6 09:25:05 2014 (r44456) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sun Apr 6 09:27:06 2014 (r44457) @@ -948,8 +948,11 @@ -

    The KDE/&os; Team have continued to improve the experience of - KDE software and Qt under &os;.

    +

    KDE is an international free software community producing an + integrated set of cross-platform applications designed to run on + Linux, &os;, Solaris, Microsoft Windows, and OS X systems. The + KDE/&os; Team have continued to improve the experience of KDE + software and Qt under &os;.

    During this quarter, the team has kept most of the KDE and Qt ports up-to-date, working on the following releases:

    From owner-svn-doc-all@FreeBSD.ORG Sun Apr 6 09:30:50 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1C4CFD41; Sun, 6 Apr 2014 09:30:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 07F21B0D; Sun, 6 Apr 2014 09:30:50 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s369UnPg000395; Sun, 6 Apr 2014 09:30:49 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s369UnpT000394; Sun, 6 Apr 2014 09:30:49 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404060930.s369UnpT000394@svn.freebsd.org> From: Gabor Pali Date: Sun, 6 Apr 2014 09:30:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44458 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Apr 2014 09:30:50 -0000 Author: pgj Date: Sun Apr 6 09:30:49 2014 New Revision: 44458 URL: http://svnweb.freebsd.org/changeset/doc/44458 Log: - Update the text for the ASLR report Submitted by: Shawn Webb Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sun Apr 6 09:27:06 2014 (r44457) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sun Apr 6 09:30:49 2014 (r44458) @@ -812,12 +812,14 @@ including the base of the executable and the positions of the stack, heap, and libraries, in a process' address space.

    -

    We have added (a potentially buggy) ASLR support to all - supported &os; architectures. Focus is still on amd64 as - that is what the developers have access to. We have added - support for Position-Independent Executables (PIEs) in a number - of applications in base. We have identified a number of bugs - and are actively working on targeting them.

    +

    We have added ASLR support to all architectures. As the + primary developers behind this feature have the most access to + amd64, the focus of development is on the + amd64 architecture. Other architectures, such as ARM, + have known bugs with our current ASLR implementation and we are + working hard to fix them. We added support for + Position-Independent Executables (PIEs) in a number of + applications in base.

    From owner-svn-doc-all@FreeBSD.ORG Sun Apr 6 07:21:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7E91593B; Sun, 6 Apr 2014 07:21:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6A134F4E; Sun, 6 Apr 2014 07:21:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s367LAFS048694; Sun, 6 Apr 2014 07:21:10 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s367LARA048693; Sun, 6 Apr 2014 07:21:10 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201404060721.s367LARA048693@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sun, 6 Apr 2014 07:21:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44454 - head/ja_JP.eucJP/books/handbook/multimedia X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Sun, 06 Apr 2014 11:23:51 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Apr 2014 07:21:10 -0000 Author: ryusuke Date: Sun Apr 6 07:21:09 2014 New Revision: 44454 URL: http://svnweb.freebsd.org/changeset/doc/44454 Log: - Merge the following from the English version: r43126 -> r44367 head/ja_JP.eucJP/books/handbook/multimedia/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/multimedia/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/multimedia/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/multimedia/chapter.xml Sat Apr 5 13:04:39 2014 (r44453) +++ head/ja_JP.eucJP/books/handbook/multimedia/chapter.xml Sun Apr 6 07:21:09 2014 (r44454) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43126 + Original revision: r44367 $FreeBSD$ --> @@ -266,9 +266,9 @@ pcm2: <Conexant CX20590 (Analog 2.0+H /dev/dsp デバイスにデータを送ってみてください。     - &prompt.user; cat filename > /dev/dsp + &prompt.user; cat filename > /dev/dsp - ここで filename + ここで filename は、どのような形式のファイルでも構いません。 このコマンドラインを実行すると雑音が発生するはずです。 これにより、サウンドカードが動作していることを確認できます。 @@ -372,7 +372,7 @@ pcm7: <HDA Realtek ALC889 PCM #3 Digi hw.snd.default_unit をプレイバックで使用するユニット番号に変更してください。 - &prompt.root; sysctl hw.snd.default_unit=n + &prompt.root; sysctl hw.snd.default_unit=n ここで、n は使用するサウンドデバイスの番号です。 この例では 4 です。 @@ -514,7 +514,7 @@ pcm7: <HDA Realtek ALC889 PCM #3 Digi Foobar-GreatestHits.mp3 とすると、ファイルを再生するには、次のように実行してください。 - &prompt.root; mpg123 -a /dev/dsp1.0 Foobar-GreatestHits.mp3 + &prompt.root; mpg123 -a /dev/dsp1.0 Foobar-GreatestHits.mp3 High Performance MPEG 1.0/2.0/2.5 Audio Player for Layer 1, 2 and 3. Version 0.59r (1999/Jun/15). Written and copyrights by Michael Hipp. Uses code from various people. See 'README' for more! @@ -548,7 +548,7 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz CD 全体を (トラックごとに) 個々の WAV ファイルに抽出できます。 - &prompt.root; cdda2wav -D 0,1,0 -B + &prompt.root; cdda2wav -D 0,1,0 -B は SCSI デバイス 0,1,0 を表します。 @@ -562,19 +562,19 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz たとえば IDE ドライブから七番目のトラックを抽出するには、 次のようにします。 - &prompt.root; cdda2wav -D /dev/acd0 -t 7 + &prompt.root; cdda2wav -D /dev/acd0 -t 7 個々のトラックを抽出するには、 次のように を使用します。 - &prompt.root; cdda2wav -D 0,1,0 -t 7 + &prompt.root; cdda2wav -D 0,1,0 -t 7 上記の例はオーディオ CDROM の七番目のトラックを抽出します。 範囲を指定して、 一番目から七番目のトラックまで抽出したい場合、 次のようにします。 - &prompt.root; cdda2wav -D 0,1,0 -t 1+7 + &prompt.root; cdda2wav -D 0,1,0 -t 1+7 &man.dd.1; も で説明されているように ATAPI @@ -592,17 +592,19 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz ライセンスの制限により、package は利用できません。 次のコマンドを実行すると、抽出した WAV ファイル - audio01.wav を使って - audio01.mp3 に変換します。 - - &prompt.root; lame -h -b 128 \ ---tt "曲名" \ ---ta "アーティスト名" \ ---tl "アルバム名" \ ---ty "年" \ ---tc "コメント" \ ---tg "ジャンル" \ -audio01.wav audio01.mp3 + audio01.wav + を使って + audio01.mp3 + に変換します。 + + &prompt.root; lame -h -b 128 \ +--tt "曲名" \ +--ta "アーティスト名" \ +--tl "アルバム名" \ +--ty "" \ +--tc "コメント" \ +--tg "ジャンル" \ +audio01.wav audio01.mp3 128 kbits が MP3 の標準のビットレートです。 @@ -686,8 +688,10 @@ audio01.wav audio01.mp3 - mpg123 -s audio01.mp3 - > audio01.pcm を実行します。 + mpg123 -s + audio01.mp3 > + audio01.pcm + を実行します。 @@ -707,7 +711,7 @@ audio01.wav audio01.mp3SoX を使うと簡単にヘッダ情報を削除できます。 - &prompt.user; sox -t wav -r 44100 -s -w -c 2 track.wav track.raw + &prompt.user; sox -t wav -r 44100 -s -w -c 2 track.wav track.raw &os; での CD 作成の詳しい情報は を参照してください。 @@ -981,23 +985,27 @@ no adaptors present 数多くのオプションの完全な説明については、 mplayer(1) のマニュアルに記載されています。 - testfile.avi + testfile.avi というファイルを再生するには、以下の例のように、 とともに、 ビデオインタフェースを指定してください。 - &prompt.user; mplayer -vo xv testfile.avi - &prompt.user; mplayer -vo sdl testfile.avi - &prompt.user; mplayer -vo x11 testfile.avi - &prompt.root; mplayer -vo dga testfile.avi - &prompt.root; mplayer -vo 'sdl:dga' testfile.avi + &prompt.user; mplayer -vo xv testfile.avi + + &prompt.user; mplayer -vo sdl testfile.avi + + &prompt.user; mplayer -vo x11 testfile.avi + + &prompt.root; mplayer -vo dga testfile.avi + + &prompt.root; mplayer -vo 'sdl:dga' testfile.avi ビデオ再生の相対的性能は多くの要因に依存し、 ハードウェアに応じて著しく変わると思われるので、 これらのオプションをすべて試してみる価値はあるでしょう。 DVD を再生するには、 - testfile.avi を + testfile.avi に置き換えてください。 @@ -1070,13 +1078,13 @@ zoom=yes はじめは単純なファイルのコピーです。 - &prompt.user; mencoder input.avi -oac copy -ovc copy -o output.avi + &prompt.user; mencoder input.avi -oac copy -ovc copy -o output.avi したがって、単にファイルを抽出したいときには、 mplayer をつけます。 - input.avi + input.avi を音声に MPEG3 エンコードを使用して MPEG4 コーデックに変換するには、まず最初に audio/lame @@ -1084,8 +1092,8 @@ zoom=yes ライセンスの制限により、package は利用できません。 インストールしたら、以下のように入力してください。 - &prompt.user; mencoder input.avi -oac mp3lame -lameopts br=192 \ - -ovc lavc -lavcopts vcodec=mpeg4:vhq -o output.avi + &prompt.user; mencoder input.avi -oac mp3lame -lameopts br=192 \ + -ovc lavc -lavcopts vcodec=mpeg4:vhq -o output.avi これは mplayerxine @@ -1093,7 +1101,7 @@ zoom=yes DVD タイトルを直接再エンコードするためには、 上記のコマンドラインの - input.avi を + input.avi に置き換えて、 root 権限で実行します。 期待する結果を得るには何度か繰り返すことになるので、 @@ -1124,7 +1132,7 @@ zoom=yes 再生するファイル名を指定することで、 コマンドラインから実行することもできます。 - &prompt.user; xine -g -p mymovie.avi + &prompt.user; xine -g -p mymovie.avi xine-project.org/faq @@ -1157,11 +1165,11 @@ zoom=yes PAL MPEG-1 (PAL VCD) に変換する使用例を示します。 &prompt.user; transcode -i -input.avi -V --export_prof vcd-pal -o output_vcd -&prompt.user; mplex -f 1 -o output_vcd.mpg output_vcd.m1v output_vcd.mpa +input.avi -V --export_prof vcd-pal -o output_vcd +&prompt.user; mplex -f 1 -o output_vcd.mpg output_vcd.m1v output_vcd.mpa 作成された MPEG ファイル、 - output_vcd.mpg は、 + output_vcd.mpg は、 MPlayer を使って再生できます。 また、multimedia/vcdimager および sysutils/cdrdao @@ -1679,7 +1687,7 @@ add path usb/0.2.0 mode 0666 group usbusb グループに追加してスキャナを利用できるようにしてください。 - &prompt.root; pw groupmod usb -m joe + &prompt.root; pw groupmod usb -m joe 詳細については、&man.pw.8; をご覧ください。 From owner-svn-doc-all@FreeBSD.ORG Sun Apr 6 13:42:25 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0575B692; Sun, 6 Apr 2014 13:42:25 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CD10EF19; Sun, 6 Apr 2014 13:42:24 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s36DgOvh006333; Sun, 6 Apr 2014 13:42:24 GMT (envelope-from brueffer@svn.freebsd.org) Received: (from brueffer@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s36DgOTo006332; Sun, 6 Apr 2014 13:42:24 GMT (envelope-from brueffer@svn.freebsd.org) Message-Id: <201404061342.s36DgOTo006332@svn.freebsd.org> From: Christian Brueffer Date: Sun, 6 Apr 2014 13:42:24 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44459 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Apr 2014 13:42:25 -0000 Author: brueffer Date: Sun Apr 6 13:42:24 2014 New Revision: 44459 URL: http://svnweb.freebsd.org/changeset/doc/44459 Log: Fix a few typos and grammos. Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sun Apr 6 09:30:49 2014 (r44458) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sun Apr 6 13:42:24 2014 (r44459) @@ -291,7 +291,7 @@ originally targeted at embedded and real-time systems. The number of Ada ports in the collection has grown significantly since the last report six months ago. There are almost 50 - Ada-related ports now, with new ones getting added the time.

    + Ada-related ports now, with new ones getting added all the time.

    The previous plan was to move from the GCC 4.7-based GNAT compiler to a GCC 4.8-based one, but finally GCC 4.8 was skipped @@ -299,13 +299,13 @@ fully supports the new ISO standard, Ada 2012. Moving to a newer compiler allowed several important ports like PolyOrb and GPRBuild to be upgraded to the latest available versions. In - fact, almost every Ada port is currrently at its most recent + fact, almost every Ada port is currently at its most recent upstream version.

    For non-Windows-based Ada development, &os; and DragonFly are now undisputed as the go-to platforms. The other candidates are Debian and Fedora, but there are few Ada software on those - platforms that are not also in &os; ports tree, but the versions are + platforms that are not also in the &os; ports tree, but the versions are much older. The Ports Collection also features software not found anywhere else such as the USAFA's Ironsides DNS server, libsparkcrypto, matreshka, GNATDroid (Android cross-compiler) and @@ -432,7 +432,7 @@ greatly increasing performance of performing I/O from a VM.

    There are two parts to this project. The first is implementing - an API in the PCI subsystem for the creating VFs and configuring + an API in the PCI subsystem for creating VFs and configuring standard PCI features like BARs. The second part is updating individual drivers for PCI devices that support SR-IOV to configure their VFs. For example, a network interface driver @@ -501,7 +501,7 @@ incorporated into the new test suite. As of this writing, there are 509 test cases continuously running. -

  • The testing infrastructure in stable/10 branch has +
  • The testing infrastructure in the stable/10 branch has been synced to head. It should now be possible to seamlessly MFC changes to the stable branch along with their tests, if any.
    • From owner-svn-doc-all@FreeBSD.ORG Sun Apr 6 15:11:20 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 85B5E667; Sun, 6 Apr 2014 15:11:20 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 58F447DF; Sun, 6 Apr 2014 15:11:20 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s36FBKr4041115; Sun, 6 Apr 2014 15:11:20 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s36FBKee041114; Sun, 6 Apr 2014 15:11:20 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404061511.s36FBKee041114@svn.freebsd.org> From: Gabor Pali Date: Sun, 6 Apr 2014 15:11:20 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44460 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Apr 2014 15:11:20 -0000 Author: pgj Date: Sun Apr 6 15:11:19 2014 New Revision: 44460 URL: http://svnweb.freebsd.org/changeset/doc/44460 Log: - Add 2014Q1 status report on the Chromebook port Submitted by: br Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sun Apr 6 13:42:24 2014 (r44459) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sun Apr 6 15:11:19 2014 (r44460) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 18 entries and we hope you enjoy reading it.

    + contains 19 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -1055,4 +1055,41 @@ Port WoW64 and Wine64. + + + &os; on Chromebook + + + + + Ruslan + Bukin + + br@FreeBSD.org + + + + + Manual + + + +

    Chromebook is an ARMv7 Cortex-A15 personal computer powered by + Samsung Exynos 5 Dual System-on-Chip. As of the current status + of this project, such laptop can be booted with &os; from USB + flash — it works stable (including SMP) and it can build + third-party applications. Display and keyboard works.

    + +

    Thank &a.grehan; for providing hardware.

    + + + + Implement keyboard polling mode. + + Add support for the upcoming second generation of + Chromebook. + + Write SD, SATA drivers. + +     From owner-svn-doc-all@FreeBSD.ORG Mon Apr 7 08:56:08 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B269B992; Mon, 7 Apr 2014 08:56:08 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 91D68DE0; Mon, 7 Apr 2014 08:56:08 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s378u8xP041092; Mon, 7 Apr 2014 08:56:08 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s378u8Xx041091; Mon, 7 Apr 2014 08:56:08 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404070856.s378u8Xx041091@svn.freebsd.org> From: Gabor Pali Date: Mon, 7 Apr 2014 08:56:08 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44461 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Apr 2014 08:56:08 -0000 Author: pgj Date: Mon Apr 7 08:56:07 2014 New Revision: 44461 URL: http://svnweb.freebsd.org/changeset/doc/44461 Log: - Add 2014Q1 status report for Jenkins Submitted by: rodrigc Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sun Apr 6 15:11:19 2014 (r44460) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 7 08:56:07 2014 (r44461) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 19 entries and we hope you enjoy reading it.

    + contains 20 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -31,6 +31,12 @@ + proj + + Projects + + + kern Kernel @@ -1092,4 +1098,154 @@ Write SD, SATA drivers. + + + Jenkins Continuous Integration for &os; + + + + + Craig + Rodrigues + + rodrigc@FreeBSD.org + + + + Jenkins Administrators + jenkins-admin@FreeBSD.org + + + + &os; Testing + freebsd-testing@FreeBSD.org + + + + + Jenkins CI server in &os; cluster + Jenkins on &os; project status + Video and slides of March 13, 2014 presentation at Bay Area &os; User Group (BAFUG) + Jenkins, libvirt, and bhyve + Jenkins Continuous Integration + Ansible + + + +

    Jenkins is a framework that is used by many companies and open + source projects for Continuous Integration (CI). CI allows + developers to commit code to a Source Code Management (SCM) + system such as Subversion, and then have automated programs + check out, build, and test the code. Jenkins is implemented in + the Java language.

    + +

    &a.emaste; reviewed some CI work that &a.rodrigc; had done for + the FreeNAS project with Jenkins, and encouraged him to set up + something similar for the &os; Project. With the help of the + &os; Cluster Administration Team, He set up a &os; machine + running two bhyve virtual machines, + jenkins-9.FreeBSD.org and + jenkins-10.FreeBSD.org. He set up software builds of + head and several stable branches on these + machines. The status of these builds is visible via a web + interface which is accessible via jenkins.FreeBSD.org. + When any of these builds fail, emails are sent to + freebsd-current or freebsd-stable. Emails are + also sent directly to the list of people who recently committed + code to Subversion since the last successful build.

    + +

    As part of the Jenkins setup, &a.rodrigc; encountered problems + with running Java &os; 9.2 and &os; 10.0. Both problems + stemmed from changes to the &os; Virtual Memory (VM) subsystem. + On &os; 9.2-RELEASE, running Jenkins under Java would cause the + kernel to panic. This was a known problem, and fixed in + 9.2.-RELEASE-p3. On &os; 10.0-RELEASE, Java processes would + randomly crash. Disabling the vm.pmap.pcid_enabled + sysctl(3) variable seemed to fix the problem. In + kern/187238, Henrik Gulbrandsen submitted fixes to the + &os; VM to address this problem. &a.kib; committed these fixes + to head. These fixes are being tested now.

    + +

    During the setup of the bhyve VM's which run Jenkins processes, + &a.rodrigc; wrote scripts to start bhyve VM's from the + rc.d bootup scripts, which were then published at + GitHub.

    + +

    On February 19, 2014, &a.rodrigc; notified the &os; developers + that Jenkins was running in the &os; cluster, and that they + could look at the web interface to see the status of builds.

    + +

    On March 13, 2014, &a.rodrigc; gave a presentation of the + Jenkins work at the Bay Area &os; User Group (BAFUG) in Mountain + View, California, USA. Video of the presentation was recorded + and put online by iXsystems.

    + +

    &a.rodrigc; assembled a team of volunteers, + jenkins-admin, to help maintain + jenkins.FreeBSD.org and expand the use of Jenkins CI + used in the &os; cluster. jenkins-admin consists of + the following people working in the following areas:

    + +
      +
    • R. Tyler Croy is both a &os; developer and a Jenkins + developer. He will be working on fixing bugs in Jenkins + specific to &os;. He is first looking at fixing the libpam4j + library which is used by Jenkins to interface with the PAM + system for user authentication. The released version of + libpam4j does not currently work on &os;.
      • + +
    • &a.lwhsu; maintains the devel/jenkins port. He set + up a Jenkins build which rans the scan-build static analyzer + which is part of LLVM.
      • + +
    • &a.skreuzer; has experience administering Jenkins systems. + He set up several builds on jenkins.FreeBSD.org, + including a Jenkins build of the &os; documentation. He is + looking into automatic provisioning of VM's running Jenkins in + the &os; cluster using Ansible.
      • + +
    • &a.rodrigc; will be running a Continuous Testing working + group at the &os; Devsummit in Ottawa on May 15, 2014. + He will also give a Jenkins presentation on May 17, 2014. + He is interested in working with &a.jmmv; to + integrate Jenkins and Kyua. They have exchanged + some emails about this on the freebsd-testing list.
      • + +
    • &a.swills; maintains the devel/jenkins-lts port. + He has implemented several builds at jenkins.FreeBSD.org + which detect commits to the &os; ports repository, and then + builds the ports tree using Poudri竪re.
      • +
    + +

    At the end of March, &a.novel; reported to + jenkins-admin that he has successfully run the Jenkins + libvirt plugin with his libvirt modifications to integrate with + bhyve. He provided a link to a blog posting where he described + his experience.

    + + + iXsystems, Inc + + + Obtain certificates for LDAP and web servers, to replace + self-signed certificates. + + Set up more Jenkins builds of the &os; base repository on + different branches and with different configurations. + + Set up more Jenkins builds of the &os; ports repository on + different &os; versions. + + Integrate with Kyua, so that Jenkins can run Kyua tests, and + report the results directly in the native Jenkins web UI where + test results are reported. + + Write scripts which can take a Jenkins build of &os;, and + boot the results in a bhyve VM or on real hardware. + + Fix libpam4j on &os;. + Continuous Testing working group at Devsummit on May 15, 2014 + Jenkins presentation at BSDCan on May 17, 2014 + +     From owner-svn-doc-all@FreeBSD.ORG Mon Apr 7 08:58:48 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4A08EA48; Mon, 7 Apr 2014 08:58:48 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 36D65E0A; Mon, 7 Apr 2014 08:58:48 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s378wmnv041383; Mon, 7 Apr 2014 08:58:48 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s378wm14041382; Mon, 7 Apr 2014 08:58:48 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404070858.s378wm14041382@svn.freebsd.org> From: Gabor Pali Date: Mon, 7 Apr 2014 08:58:48 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44462 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Apr 2014 08:58:48 -0000 Author: pgj Date: Mon Apr 7 08:58:47 2014 New Revision: 44462 URL: http://svnweb.freebsd.org/changeset/doc/44462 Log: - Fix gerald's last name in the Wine 2014Q1 status report Submitted by: gerald Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 7 08:56:07 2014 (r44461) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 7 08:58:47 2014 (r44462) @@ -1014,7 +1014,7 @@ Gerald - Pfeiffer + Pfeifer gerald@FreeBSD.org From owner-svn-doc-all@FreeBSD.ORG Mon Apr 7 10:08:44 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 424F0F5D; Mon, 7 Apr 2014 10:08:44 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2E124658; Mon, 7 Apr 2014 10:08:44 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s37A8iQV070750; Mon, 7 Apr 2014 10:08:44 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s37A8i3B070749; Mon, 7 Apr 2014 10:08:44 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201404071008.s37A8i3B070749@svn.freebsd.org> From: Ryusuke SUZUKI Date: Mon, 7 Apr 2014 10:08:44 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44463 - head/ja_JP.eucJP/books/handbook/multimedia X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Mon, 07 Apr 2014 11:32:37 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Apr 2014 10:08:44 -0000 Author: ryusuke Date: Mon Apr 7 10:08:43 2014 New Revision: 44463 URL: http://svnweb.freebsd.org/changeset/doc/44463 Log: o Whitespace cleanup. o Rewrap line. o Fix indent. Modified: head/ja_JP.eucJP/books/handbook/multimedia/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/multimedia/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/multimedia/chapter.xml Mon Apr 7 08:58:47 2014 (r44462) +++ head/ja_JP.eucJP/books/handbook/multimedia/chapter.xml Mon Apr 7 10:08:43 2014 (r44463) @@ -43,28 +43,28 @@ - &os; でのサウンドカードの設定方法 + &os; でのサウンドカードの設定方法 - サウンドの設定に関するトラブルシューティング + サウンドの設定に関するトラブルシューティング - MP3 およびその他の形式の音声を再生、エンコードする方法 + MP3 およびその他の形式の音声を再生、エンコードする方法 - &os; システムでのビデオ再生の準備 + &os; システムでのビデオ再生の準備 - DVD, .mpg および - .avi ファイルを再生する方法 + DVD, .mpg および + .avi ファイルを再生する方法 - CD および DVD + CD および DVD の情報をファイルに抽出する方法 @@ -93,10 +93,10 @@ @@ -304,7 +304,8 @@ pcm2: <Conexant CX20590 (Analog 2.0+H
    - sb_dspwr(XX) timed out + sb_dspwr(XX) timed + out 使用する I/O ポートが適切に設定されていません。 @@ -317,7 +318,8 @@ pcm2: <Conexant CX20590 (Analog 2.0+H - xxx: gus pcm not attached, out of memory + xxx: gus pcm not attached, out of + memory デバイスを使用するのに十分なメモリを確保できません。 @@ -376,126 +378,127 @@ pcm7: <HDA Realtek ALC889 PCM #3 Digi ここで、n は使用するサウンドデバイスの番号です。 この例では 4 です。 - /etc/sysctl.conf に以下の行を入れると、 + /etc/sysctl.conf に以下の行を入れると、 設定の変更が常に反映されるようになります。 hw.snd.default_unit=4 - - - - - - 複数音源の利用 - - 同時に再生することのできる音源を複数実装していることは、 - 多くの場合望ましいことです。 - &os; では、仮想サウンドチャネル - を使ってカーネル内でサウンドを合成することにより、 - サウンドカードの再生を多重化することができます。 + - 仮想チャネルの数を決めるのに三つの &man.sysctl.8; - 変数を設定できます。 - - &prompt.root; sysctl dev.pcm.0.play.vchans=4 -&prompt.root; sysctl dev.pcm.0.rec.vchans=4 -&prompt.root; sysctl hw.snd.maxautovchans=4 + + - この例では四つの仮想チャネルを設定しています。 - これは通常利用する上で十分実用的な数です。 - dev.pcm.0.play.vchans=4 と - dev.pcm.0.rec.vchans=4 は、 - デバイスが取り付けられた後で設定できます。 - これらは pcm0 - が再生や録音のために持っている仮想チャネルの数です。 - hw.snd.maxautovchans は、 - &man.kldload.8; - を用いて認識された新しいデバイスの仮想チャネル数です。 - pcm - モジュールはハードウェアドライバとは独立して読み込むことができるので、 - hw.snd.maxautovchans - は、オーディオデバイスが取り付けられた時に、 - デバイスに与えられる仮想チャネルの数を表しています。 - より詳細な情報については &man.pcm.4; を参照してください。 + 複数音源の利用 - - デバイスを使用しているときに仮想チャンネルの数を変更することはできません。 - まず、ミュージックプレーヤやサウンドデーモンといった - デバイスを使用しているすべてのプログラムを終了してください。 - + 同時に再生することのできる音源を複数実装していることは、 + 多くの場合望ましいことです。 + &os; では、仮想サウンドチャネル + を使ってカーネル内でサウンドを合成することにより、 + サウンドカードの再生を多重化することができます。 - - /dev/dsp0 - を必要とするプログラムが意識しなくても、 - 適切な pcm - デバイスが自動的に設定されます。 - + 仮想チャネルの数を決めるのに三つの &man.sysctl.8; + 変数を設定できます。 - - - - ミキサチャネルの初期値を設定する - - 各ミキサチャネルの初期値は - &man.pcm.4; ドライバのソースコードにハードコーディングされています。 - &man.mixer.8; および他のサードパーティ製のアプリケーションやデーモンによって、 - サウンドカードのミキサレベルを変更できますが、 - 永続的な解決方法ではありません。 - そのかわり以下の例のように、 - 適切な値を /boot/device.hints - ファイルに記述することによって、 - ドライバレベルでミキサの初期値を設定することができます。 - - hint.pcm.0.vol="50" - - この例では、&man.pcm.4; が読み込まれたと同時に、 - ボリュームチャネルの初期値を 50 - に設定します。 - - + &prompt.root; sysctl dev.pcm.0.play.vchans=4 +&prompt.root; sysctl dev.pcm.0.rec.vchans=4 +&prompt.root; sysctl hw.snd.maxautovchans=4 - - - MP3 オーディオ + ミキサチャネルの初期値を設定する - この節では、&os; で利用できる MP3 - プレイヤや、オーディオ CD トラックを吸い出す方法、 - および MP3 のエンコード、 - デコードの方法について説明します。 - - - MP3 プレイヤ - - XMMS は - 人気のあるグラフィカルな MP3 プレイヤです。 - XMMS のインタフェースは - Nullsoft の Winamp - とほとんど同一なので、Winamp - のスキンを使うことができます。 - XMMS - はネイティブプラグインにも対応しています。 - - XMMS は - multimedia/xmms の - port または package からインストールできます。 + 各ミキサチャネルの初期値は + &man.pcm.4; ドライバのソースコードにハードコーディングされています。 + &man.mixer.8; + および他のサードパーティ製のアプリケーションやデーモンによって、 + サウンドカードのミキサレベルを変更できますが、 + 永続的な解決方法ではありません。 + そのかわり以下の例のように、 + 適切な値を /boot/device.hints + ファイルに記述することによって、 + ドライバレベルでミキサの初期値を設定することができます。 + + hint.pcm.0.vol="50" + + この例では、&man.pcm.4; が読み込まれたと同時に、 + ボリュームチャネルの初期値を 50 + に設定します。 + + + + + + + MP3 オーディオ + + この節では、&os; で利用できる MP3 + プレイヤや、オーディオ CD トラックを吸い出す方法、 + および MP3 のエンコード、 + デコードの方法について説明します。 + + + MP3 プレイヤ + + XMMS は + 人気のあるグラフィカルな MP3 プレイヤです。 + XMMS のインタフェースは + Nullsoft の Winamp + とほとんど同一なので、Winamp + のスキンを使うことができます。 + XMMS + はネイティブプラグインにも対応しています。 + + XMMS は + multimedia/xmms の + port または package からインストールできます。 XMMS のプレイリスト、 グラフィックイコライザそしてその他のインタフェースは直感的です。 @@ -525,8 +528,7 @@ THIS SOFTWARE COMES WITH ABSOLUTELY NO W Playing MPEG stream from Foobar-GreatestHits.mp3 ... -MPEG 1.0 layer III, 128 kbit/s, 44100 Hz joint-stereo - +MPEG 1.0 layer III, 128 kbit/s, 44100 Hz joint-stereo @@ -539,8 +541,8 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz WAV ファイルにコピーすることで行われます。 sysutils/cdrtools - スイートからインストールされる cdda2wav ツールは - CD からオーディオデータを抽出したり、 + スイートからインストールされる cdda2wav ツールは + CD からオーディオデータを抽出したり、 情報を関係づけるのに使われます。 CD をドライブにいれて次のコマンドを @@ -553,7 +555,7 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz は SCSI デバイス 0,1,0 を表します。 これは cdrecord -scanbus - の出力に一致します。 + の出力に一致します。 cdda2wav は ATAPI (IDE) CDROM ドライブに対応しています。 @@ -570,15 +572,15 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz &prompt.root; cdda2wav -D 0,1,0 -t 7 上記の例はオーディオ CDROM の七番目のトラックを抽出します。 - 範囲を指定して、 + 範囲を指定して、 一番目から七番目のトラックまで抽出したい場合、 - 次のようにします。 + 次のようにします。 &prompt.root; cdda2wav -D 0,1,0 -t 1+7 &man.dd.1; も で説明されているように ATAPI - ドライブ上のオーディオトラックを展開するのに使われます。 + ドライブ上のオーディオトラックを展開するのに使われます。 @@ -610,13 +612,13 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz の標準のビットレートです。 160 kbits または 192 kbits のビットレートは、 さらに高音質を提供します。 - ビットレートが高くなるにつれて作成される + ビットレートが高くなるにつれて作成される MP3 ファイルは多くのディスク領域を消費します。 オプションを指定すると - 低速高品質 モードとなります。 - ではじまるオプションは ID3 タグを設定します。 - このタグにはたいてい曲の情報が含まれており、 - MP3 ファイルに格納されます。 + 低速高品質 モードとなります。 + ではじまるオプションは ID3 タグを設定します。 + このタグにはたいてい曲の情報が含まれており、 + MP3 ファイルに格納されます。 Lame のマニュアルを参照すれば、 他のエンコーディングのオプションが見つかるでしょう。 @@ -625,14 +627,14 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz MP3 のデコード MP3 からオーディオ CD を作成するには、 - まず非圧縮 WAV 形式に変換しなければなりません。 - XMMS と + まず非圧縮 WAV 形式に変換しなければなりません。 + XMMSmpg123 の両方が MP3 から非圧縮ファイル形式への出力に対応しています。 XMMS - でディスクへ書き出す方法は次の通りです。 + でディスクへ書き出す方法は次の通りです。 @@ -641,7 +643,7 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz 右クリックで - XMMS メニューを表示します。 + XMMS メニューを表示します。 @@ -651,7 +653,7 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz Output Plugin を Disk Writer Plugin - に変更します。 + に変更します。 @@ -666,15 +668,15 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz 普段通り XMMSMP3 ファイルを読み込みます。 - 音量は 100% でイコライザの設定はオフにします。 + 音量は 100% でイコライザの設定はオフにします。 Play を押します。 XMMS - は MP3 を再生しているかのように表示しますが、 - 音声はきこえません。 - 実際には MP3 をファイルに出力しています。 + は MP3 を再生しているかのように表示しますが、 + 音声はきこえません。 + 実際には MP3 をファイルに出力しています。 @@ -684,7 +686,7 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz mpg123 - で標準出力へ書き出す方法は次の通りです。 + で標準出力へ書き出す方法は次の通りです。 @@ -696,25 +698,25 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz XMMS - は WAV 形式でファイルに書き出しますが、 - mpg123 は + は WAV 形式でファイルに書き出しますが、 + mpg123MP3 を raw PCM オーディオデータに変換します。 - 両形式は cdrecord - を使ってオーディオ CD を作成するのに利用できます。 + 両形式は cdrecord + を使ってオーディオ CD を作成するのに利用できます。 &man.burncd.8; を使う場合は raw Pulse-Code Modulation (PCM) が必要です。 WAV ファイルを使用する場合、 - それぞれのトラックの先頭に小さなノイズが入るのに気づくでしょう。 + それぞれのトラックの先頭に小さなノイズが入るのに気づくでしょう。 これは WAV ファイルのヘッダ情報です。 audio/sox の port または package からインストールできる SoX - を使うと簡単にヘッダ情報を削除できます。 + を使うと簡単にヘッダ情報を削除できます。 &prompt.user; sox -t wav -r 44100 -s -w -c 2 track.wav track.raw &os; での CD 作成の詳しい情報は - を参照してください。 + を参照してください。 @@ -767,81 +769,80 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz kern.ipc.shmmax=67108864 kern.ipc.shmall=32768 - - ビデオ機能の決定 + + ビデオ機能の決定 - XVideo - SDL - DGA - - &xorg; - においてビデオ表示性能を改善する方法はいくつかあり、 - 正しく動作するかどうかはハードウェアに大きく依存しています。 - 下記に説明したどの方法でも、 - ハードウェアが変わると品質が変わるでしょう。 + XVideo + SDL + DGA - よく知られたビデオインタフェースは次の通りです。 + &xorg; + においてビデオ表示性能を改善する方法はいくつかあり、 + 正しく動作するかどうかはハードウェアに大きく依存しています。 + 下記に説明したどの方法でも、 + ハードウェアが変わると品質が変わるでしょう。 - - - &xorg;: - 共有メモリを用いた通常の出力 - + よく知られたビデオインタフェースは次の通りです。 - - XVideo: 特別なアクセラレータによって、 - drawable オブジェクトに直接ビデオを表示する - &xorg; インタフェースの拡張機能です。 - この拡張を使うことで廉価なコンピュータでも高品質の再生が可能になります。 - 次の節では、この拡張が動作していることの確認方法について説明します。 - + + + &xorg;: + 共有メモリを用いた通常の出力 + - - SDL: Simple Directmedia Layer は、 - さまざまなオペレーティングシステムの間でサウンドとグラフィックスを効果的に利用したクロスプラットホームアプリケーションを開発することを目的としたレイヤです。 - SDL はハードウェアに対する低レベルの抽象的概念を提供し、 - 時には &xorg; - インタフェースを使用するよりも効果的なことがあります。 - - &os; では、SDL は、 - devel/sdl20 package または port - によりインストールできます。 - + + XVideo: 特別なアクセラレータによって、 + drawable オブジェクトに直接ビデオを表示する + &xorg; インタフェースの拡張機能です。 + この拡張を使うことで廉価なコンピュータでも高品質の再生が可能になります。 + 次の節では、この拡張が動作していることの確認方法について説明します。 + - - DGA: Direct Graphics Access は、 - プログラムが &xorg; - サーバを介せず直接フレームバッファを変更することを可能にする - &xorg; の拡張機能です。 - 低レベルのメモリマッピングが実行できることを期待しているので、 - この機能を使うプログラムは - root - 権限で実行されなければなりません。 - DGA 機能拡張は &man.dga.1; - によってテストとベンチマークができます。 - dga - 実行中はキーボードを押せばいつでもディスプレイ色が変更されます。 - 中止するには q を押します。 - + + SDL: Simple Directmedia Layer は、 + さまざまなオペレーティングシステムの間でサウンドとグラフィックスを効果的に利用したクロスプラットホームアプリケーションを開発することを目的としたレイヤです。 + SDL はハードウェアに対する低レベルの抽象的概念を提供し、 + 時には &xorg; + インタフェースを使用するよりも効果的なことがあります。 + &os; では、SDL は、 + devel/sdl20 package または port + によりインストールできます。 + - - SVGAlib: 低レベルコンソールグラフィックレイヤ - - + + DGA: Direct Graphics Access は、 + プログラムが &xorg; + サーバを介せず直接フレームバッファを変更することを可能にする + &xorg; の拡張機能です。 + 低レベルのメモリマッピングが実行できることを期待しているので、 + この機能を使うプログラムは + root + 権限で実行されなければなりません。 + DGA 機能拡張は &man.dga.1; + によってテストとベンチマークができます。 + dga + 実行中はキーボードを押せばいつでもディスプレイ色が変更されます。 + 中止するには q を押します。 + - - XVideo + + SVGAlib: 低レベルコンソールグラフィックレイヤ + + - この拡張機能が動作しているかどうかを調べるには、 - xvinfo を使います。 + + XVideo - &prompt.user; xvinfo + この拡張機能が動作しているかどうかを調べるには、 + xvinfo を使います。 - 以下のような結果が得られたならば、カードは - XVideo に対応しています。 + &prompt.user; xvinfo - X-Video Extension version 2.2 -screen #0 + 以下のような結果が得られたならば、カードは + XVideo に対応しています。 + + X-Video Extension version 2.2 + screen #0 Adaptor #0: "Savage Streams Engine" number of ports: 1 port base: 43 @@ -909,86 +910,87 @@ screen #0 depth: 1 red, green, blue masks: 0x0, 0x0, 0x0 - リストにある形式、YUV2, YUV12 などが XVideo - のすべての実装で存在するとは限りません。 - 対応している形式が少ないために、 - あるプレイヤでは悪影響が出るかもしれないことにも注意してください。 + リストにある形式、YUV2, YUV12 などが XVideo + のすべての実装で存在するとは限りません。 + 対応している形式が少ないために、 + あるプレイヤでは悪影響が出るかもしれないことにも注意してください。 + + 出力が以下のような場合、 - 出力が以下のような場合、 - X-Video Extension version 2.2 + X-Video Extension version 2.2 screen #0 no adaptors present - カードはおそらく XVideo に対応していないのでしょう。 - このことはディスプレイでビデオを表示するのに、 - ビデオカードおよびプロセッサによっては、 - 計算上の要求を満たすことがより困難になることを意味します。 - - - - - ビデオを扱う ports および packages - - ビデオ ports - ビデオ packages - - この節では Ports Collection で利用可能な、 - ビデオの再生に使用できるソフトウェアについて紹介します。 - - - <application>MPlayer</application> および - <application>MEncoder</application> - - MPlayer - はコマンドラインのビデオプレイヤで、 - 高速性と柔軟性をもたらすグラフィカルなインタフェースも持っています。 - MPlayer - の他のグラフィカルなフロントエンドも - Ports Collection からインストールできます。 - - MPlayer - - MPlayer は - multimedia/mplayer - package または port からインストールできます。 - いくつかのコンパイル時のオプションを設定することができ、また、 - 構築の際にさまざまなハードウェアのチェックがおこなわれます。 - そのため、package からインストールを行わず、 - port から構築することを好むユーザもいます。 - - port を構築する際に、メニューのオプションは、port - にコンパイル時にオプションとしてどの形式に対応するかを決定するため、 - 見ておく必要があります。 - オプションが選択されていなければ、 - MPlayer - はその形式のビデオ形式を表示することは出来ません。 - 矢印キーとスペースキーを使って必要な形式を選択してください。 - 選択が終わったら、Enter を押して、 - port の構築とインストールを続けてください。 - - デフォルトでは、この packege または port は、 - mplayer コマンドラインユーティリティと - gmplayer グラフィカルユーティリティを構築します。 - ビデオをエンコードする必要があれば、 - multimedia/mencoder - port をコンパイルしてください。 - ライセンスの制限のため、 - MEncoder の - package は利用できません。 - - MPlayer を初めて起動すると、 - 各自のホームディレクトリ内に ~/.mplayer - が作成されます。このサブディレクトリには、 - ユーザ固有の設定ファイルのデフォルトバージョンが含まれています。 - - この節では、一般的な使用法についてのみ説明します。 - 数多くのオプションの完全な説明については、 - mplayer(1) のマニュアルに記載されています。 - - testfile.avi - というファイルを再生するには、以下の例のように、 - とともに、 - ビデオインタフェースを指定してください。 + カードはおそらく XVideo に対応していないのでしょう。 + このことはディスプレイでビデオを表示するのに、 + ビデオカードおよびプロセッサによっては、 + 計算上の要求を満たすことがより困難になることを意味します。 + + + + + ビデオを扱う ports および packages + + ビデオ ports + ビデオ packages + + この節では Ports Collection で利用可能な、 + ビデオの再生に使用できるソフトウェアについて紹介します。 + + + <application>MPlayer</application> および + <application>MEncoder</application> + + MPlayer + はコマンドラインのビデオプレイヤで、 + 高速性と柔軟性をもたらすグラフィカルなインタフェースも持っています。 + MPlayer + の他のグラフィカルなフロントエンドも + Ports Collection からインストールできます。 + + MPlayer + + MPlayer は + multimedia/mplayer + package または port からインストールできます。 + いくつかのコンパイル時のオプションを設定することができ、また、 + 構築の際にさまざまなハードウェアのチェックがおこなわれます。 + そのため、package からインストールを行わず、 + port から構築することを好むユーザもいます。 + + port を構築する際に、メニューのオプションは、port + にコンパイル時にオプションとしてどの形式に対応するかを決定するため、 + 見ておく必要があります。 + オプションが選択されていなければ、 + MPlayer + はその形式のビデオ形式を表示することは出来ません。 + 矢印キーとスペースキーを使って必要な形式を選択してください。 + 選択が終わったら、Enter を押して、 + port の構築とインストールを続けてください。 + + デフォルトでは、この packege または port は、 + mplayer コマンドラインユーティリティと + gmplayer グラフィカルユーティリティを構築します。 + ビデオをエンコードする必要があれば、 + multimedia/mencoder + port をコンパイルしてください。 + ライセンスの制限のため、 + MEncoder の + package は利用できません。 + + MPlayer を初めて起動すると、 + 各自のホームディレクトリ内に ~/.mplayer + が作成されます。このサブディレクトリには、 + ユーザ固有の設定ファイルのデフォルトバージョンが含まれています。 + + この節では、一般的な使用法についてのみ説明します。 + 数多くのオプションの完全な説明については、 + mplayer(1) のマニュアルに記載されています。 + + testfile.avi + というファイルを再生するには、以下の例のように、 + とともに、 + ビデオインタフェースを指定してください。 &prompt.user; mplayer -vo xv testfile.avi @@ -1000,71 +1002,71 @@ no adaptors present &prompt.root; mplayer -vo 'sdl:dga' testfile.avi - ビデオ再生の相対的性能は多くの要因に依存し、 - ハードウェアに応じて著しく変わると思われるので、 - これらのオプションをすべて試してみる価値はあるでしょう。 - - DVD を再生するには、 - testfile.avi を - - に置き換えてください。 - <N> には再生するタイトル番号を、 - DEVICE - は DVD のデバイスノードを指定します。 - たとえば、/dev/dvd - から 2 番目のタイトルを再生するには以下のようにします。 - - &prompt.root; mplayer -vo xv dvd://3 -dvd-device /dev/dvd - - - デフォルトの DVD デバイスは、 - MPlayer port の構築時に - WITH_DVD_DEVICE=/path/to/desired/device - を追加することでで定義できます。 - デフォルトでは、デバイスは - /dev/cd0 です。 - 詳細はこの port の - Makefile.options をご覧ください。 - - - 停止、休止、再生などをするにはキーバインディングを使ってください。 - キーバインディングの一覧を見るには、mplayer -h - を実行するか、もしくは、mplayer(1) を読んでください。 - - 再生に関する追加のオプションがあります。 - 全画面モードにする オプションと、 - 性能を向上させる オプションです。 - - よく使用するオプションについては、各ユーザの - .mplayer/config - に以下のように追加してください。 + ビデオ再生の相対的性能は多くの要因に依存し、 + ハードウェアに応じて著しく変わると思われるので、 + これらのオプションをすべて試してみる価値はあるでしょう。 + + DVD を再生するには、 + testfile.avi を + + に置き換えてください。 + <N> には再生するタイトル番号を、 + DEVICE + は DVD のデバイスノードを指定します。 + たとえば、/dev/dvd + から 2 番目のタイトルを再生するには以下のようにします。 + + &prompt.root; mplayer -vo xv dvd://3 -dvd-device /dev/dvd - vo=xv + + デフォルトの DVD デバイスは、 + MPlayer port の構築時に + WITH_DVD_DEVICE=/path/to/desired/device + を追加することでで定義できます。 + デフォルトでは、デバイスは + /dev/cd0 です。 + 詳細はこの port の + Makefile.options をご覧ください。 + + + 停止、休止、再生などをするにはキーバインディングを使ってください。 + キーバインディングの一覧を見るには、mplayer -h + を実行するか、もしくは、mplayer(1) を読んでください。 + + 再生に関する追加のオプションがあります。 + 全画面モードにする オプションと、 + 性能を向上させる オプションです。 + + よく使用するオプションについては、各ユーザの + .mplayer/config + に以下のように追加してください。 + + vo=xv fs=yes zoom=yes - mplayer を使って、 - DVD タイトルを - .vob に抽出できます。 - DVD から - 2 番目のタイトルをダンプするには次のようにします。 - - &prompt.root; mplayer -dumpstream -dumpfile out.vob dvd://2 -dvd-device /dev/dvd - - 出力された out.vob ファイルは - MPEG 形式です。 - - &unix; ビデオについて、 - 高レベルのノウハウを得たいと考えている方は mplayerhq.hu/DOCS - をご覧ください。技術的な情報があります。 - このドキュメントは、 - バグを報告する前に、読むべきものです。 - - - mencoder - + mplayer を使って、 + DVD タイトルを + .vob に抽出できます。 + DVD から + 2 番目のタイトルをダンプするには次のようにします。 + + &prompt.root; mplayer -dumpstream -dumpfile out.vob dvd://2 -dvd-device /dev/dvd + + 出力された out.vob ファイルは + MPEG 形式です。 + + &unix; ビデオについて、 + 高レベルのノウハウを得たいと考えている方は mplayerhq.hu/DOCS + をご覧ください。技術的な情報があります。 + このドキュメントは、 + バグを報告する前に、読むべきものです。 + + + mencoder + mencoder を使う前に、mplayerhq.hu/DOCS/HTML/en/mencoder.html @@ -1076,160 +1078,160 @@ zoom=yes mplayer でさえ再生できない出力ファイルを作成してしまいます。 - はじめは単純なファイルのコピーです。 + はじめは単純なファイルのコピーです。 &prompt.user; mencoder input.avi -oac copy -ovc copy -o output.avi - したがって、単にファイルを抽出したいときには、 - mplayer - をつけます。 - - input.avi - を音声に MPEG3 エンコードを使用して - MPEG4 コーデックに変換するには、まず最初に - audio/lame - port をインストールしてください。 - ライセンスの制限により、package は利用できません。 - インストールしたら、以下のように入力してください。 + したがって、単にファイルを抽出したいときには、 + mplayer + をつけます。 + + input.avi + を音声に MPEG3 エンコードを使用して + MPEG4 コーデックに変換するには、まず最初に + audio/lame + port をインストールしてください。 + ライセンスの制限により、package は利用できません。 + インストールしたら、以下のように入力してください。 &prompt.user; mencoder input.avi -oac mp3lame -lameopts br=192 \ -ovc lavc -lavcopts vcodec=mpeg4:vhq -o output.avi - これは mplayer や - xine - といったアプリケーションで再生可能な出力ファイルを作成します。 - - DVD タイトルを直接再エンコードするためには、 - 上記のコマンドラインの - input.avi を - に置き換えて、 - root 権限で実行します。 - 期待する結果を得るには何度か繰り返すことになるので、 - かわりにタイトルをファイルにダンプして、 - ファイルに対して作業することをおすすめします。 - - - - <application>xine</application> ビデオプレイヤ - - xine は、 - 再利用可能な基本ライブラリと、 - プラグインで拡張できる実行可能なモジュールを提供するビデオプレイヤです。 - multimedia/xine package - または port からインストールできます。 - - 実用上、xine - を使用するには高速なビデオカードとともに高速な CPU があるか、 - またはビデオカードが XVideo 拡張に対応している必要があります。 - XVideo インタフェースとともに xine - ビデオプレイヤを使うのが最良です。 - - デフォルトでは、xine プレイヤは - GUI 付きで起動するでしょう。 - メニューを使用して特定のファイルを開くことができます。 - - xine は、 - 再生するファイル名を指定することで、 - コマンドラインから実行することもできます。 + これは mplayer や + xine + といったアプリケーションで再生可能な出力ファイルを作成します。 + + DVD タイトルを直接再エンコードするためには、 + 上記のコマンドラインの + input.avi を + に置き換えて、 + root 権限で実行します。 + 期待する結果を得るには何度か繰り返すことになるので、 + かわりにタイトルをファイルにダンプして、 + ファイルに対して作業することをおすすめします。 + + + + <application>xine</application> ビデオプレイヤ + + xine は、 *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Mon Apr 7 15:12:06 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AC37138B; Mon, 7 Apr 2014 15:12:06 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8B85CBC3; Mon, 7 Apr 2014 15:12:06 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s37FC6GU000349; Mon, 7 Apr 2014 15:12:06 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s37FC6wR000348; Mon, 7 Apr 2014 15:12:06 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404071512.s37FC6wR000348@svn.freebsd.org> From: Dru Lavigne Date: Mon, 7 Apr 2014 15:12:06 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44464 - head/en_US.ISO8859-1/books/handbook/dtrace X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Apr 2014 15:12:06 -0000 Author: dru Date: Mon Apr 7 15:12:06 2014 New Revision: 44464 URL: http://svnweb.freebsd.org/changeset/doc/44464 Log: Editorial review of Implementation Differences in DTrace. Need to collaborate with someone who knows more about DTrace to finish the review of the rest of this chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Mon Apr 7 10:08:43 2014 (r44463) +++ head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Mon Apr 7 15:12:06 2014 (r44464) @@ -103,52 +103,50 @@ that might make this chapter too large. Implementation Differences - While the &dtrace; in &os; is very similar to that found - in &solaris;, differences exist that should be explained before - continuing. The primary difference users will notice is that - on &os;, &dtrace; needs to be specifically enabled. There are - kernel options and modules which must be enabled for &dtrace; to - work properly. These will be explained later. + While the &dtrace; in &os; is similar to that found + in &solaris;, differences do exist. + The primary difference is that + on &os;, &dtrace; needs to be specifically enabled by loading + kernel modules or by compiling a custom kernel with specific + options. - There is a DDB_CTF kernel option which - is used to enable support for loading the CTF + &os; uses the DDB_CTF kernel option + to enable support for loading CTF data from kernel modules and the kernel itself. CTF is the &solaris; Compact C Type Format which encapsulates a reduced form of debugging information similar to DWARF and the venerable stabs. - This CTF data is added to the binaries by the + CTF data is added to binaries by the ctfconvert and ctfmerge build tools. The ctfconvert utility parses DWARF ELF debug sections created by the compiler and ctfmerge merges CTF ELF sections from - objects into either executables or shared libraries. More on - how to enable this for the kernel and &os; build is - forthcoming. + objects into either executables or shared libraries. Some different providers exist for &os; than for &solaris;. Most notable is the dtmalloc provider, which allows tracing malloc() by type in the &os; kernel. - Only root may use &dtrace; on &os;. - This is related to security differences, &solaris; has a few + Due to security differences, only root may use &dtrace; on &os;. + &solaris; has a few low level security checks which do not yet exist in &os;. As such, the /dev/dtrace/dtrace is - strictly limited to root users only. + strictly limited to root. - Finally, the &dtrace; software falls under &sun;'s - CDDL license. The Common - Development and Distribution License comes with &os;, - see the + &dtrace; falls under &sun;'s Common + Development and Distribution License + (CDDL) license. To view this license on &os;, + see /usr/src/cddl/contrib/opensolaris/OPENSOLARIS.LICENSE or view it online at - http://www.opensolaris.org/os/licensing. - - This license means that a &os; kernel with the &dtrace; - options is still BSD licensed; however - the CDDL kicks in when the modules are - distributed in binary form, or the binaries are loaded. + http://www.opensolaris.org/os/licensing. + While a &os; kernel with &dtrace; support + is BSD licensed, + the CDDL is used when the modules are + distributed in binary form or the binaries are loaded. From owner-svn-doc-all@FreeBSD.ORG Mon Apr 7 15:16:17 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CE03160E; Mon, 7 Apr 2014 15:16:17 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AF338BF7; Mon, 7 Apr 2014 15:16:17 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s37FGHsC000892; Mon, 7 Apr 2014 15:16:17 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s37FGH9W000891; Mon, 7 Apr 2014 15:16:17 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404071516.s37FGH9W000891@svn.freebsd.org> From: Dru Lavigne Date: Mon, 7 Apr 2014 15:16:17 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44465 - head/en_US.ISO8859-1/books/handbook/dtrace X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Apr 2014 15:16:17 -0000 Author: dru Date: Mon Apr 7 15:16:17 2014 New Revision: 44465 URL: http://svnweb.freebsd.org/changeset/doc/44465 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Mon Apr 7 15:12:06 2014 (r44464) +++ head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Mon Apr 7 15:16:17 2014 (r44465) @@ -15,14 +15,15 @@ that might make this chapter too large. re-write and large modification once DTrace is complete, but at least we can get everyone started ... --> - &dtrace; + + &dtrace; + - TomRhodesWritten by + TomRhodesWritten + by - - Synopsis @@ -103,9 +104,8 @@ that might make this chapter too large. Implementation Differences - While the &dtrace; in &os; is similar to that found - in &solaris;, differences do exist. - The primary difference is that + While the &dtrace; in &os; is similar to that found in + &solaris;, differences do exist. The primary difference is that on &os;, &dtrace; needs to be specifically enabled by loading kernel modules or by compiling a custom kernel with specific options. @@ -131,22 +131,21 @@ that might make this chapter too large. Due to security differences, only root may use &dtrace; on &os;. - &solaris; has a few - low level security checks which do not yet exist in &os;. As - such, the /dev/dtrace/dtrace is - strictly limited to root. - - &dtrace; falls under &sun;'s Common - Development and Distribution License - (CDDL) license. To view this license on &os;, - see + &solaris; has a few low level security checks which do not yet + exist in &os;. As such, the + /dev/dtrace/dtrace is strictly limited to + root. + + &dtrace; falls under &sun;'s Common Development and + Distribution License (CDDL) license. To view + this license on &os;, see /usr/src/cddl/contrib/opensolaris/OPENSOLARIS.LICENSE - or view it online at - http://www.opensolaris.org/os/licensing. - While a &os; kernel with &dtrace; support - is BSD licensed, - the CDDL is used when the modules are - distributed in binary form or the binaries are loaded. + or view it online at http://www.opensolaris.org/os/licensing. + While a &os; kernel with &dtrace; support is + BSD licensed, the CDDL is + used when the modules are distributed in binary form or the + binaries are loaded. @@ -179,7 +178,8 @@ options DDB_CTF the GENERIC kernel configuration. - To accomplish this task, rebuild the &os; sources using: + To accomplish this task, rebuild the &os; sources + using:

    Thanks to all the reporters for the excellent work! This report - contains 20 entries and we hope you enjoy reading it.

    + contains 21 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -1248,4 +1248,42 @@ Jenkins presentation at BSDCan on May 17, 2014 + + + Native iSCSI Stack + + + + + Edward Tomasz + Napieraa + + trasz@FreeBSD.org + + + + + + + + +

    The new &os; in-kernel iSCSI stack was functionally complete in + &os; 10.0-RELEASE, but ongoing enhancements and bug fixes are + being committed to &os; head, with a plan to merge them + back to stable/10 in time for &os; 10.1-RELEASE.

    + +

    Many issues have been resolved, including very slow operation + with data digests enabled, bugs in persistent reservations which + impacted Hyper-V Failover Cluster, and a negotiation problem + affecting Dell Equallogic users.

    + +

    There have also been numerous enhancements, such as support for + redirections, which are neccessary for some High Availability + setups, and the ability to modify session parameters in the + iscsictl utility. Previously it was necessary to remove the + session and add it again.

    + + + The &os; Foundation +     From owner-svn-doc-all@FreeBSD.ORG Mon Apr 7 16:11:09 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E6BD2234; Mon, 7 Apr 2014 16:11:09 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D35FC1DD; Mon, 7 Apr 2014 16:11:09 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s37GB9TJ025795; Mon, 7 Apr 2014 16:11:09 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s37GB9a1025794; Mon, 7 Apr 2014 16:11:09 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404071611.s37GB9a1025794@svn.freebsd.org> From: Gabor Pali Date: Mon, 7 Apr 2014 16:11:09 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44467 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Apr 2014 16:11:10 -0000 Author: pgj Date: Mon Apr 7 16:11:09 2014 New Revision: 44467 URL: http://svnweb.freebsd.org/changeset/doc/44467 Log: - Add 2014Q1 status report on vt(4) Submitted by: ray Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 7 15:52:11 2014 (r44466) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 7 16:11:09 2014 (r44467) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 21 entries and we hope you enjoy reading it.

    + contains 22 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -1286,4 +1286,118 @@ The &os; Foundation + + + Updated <tt>vt(4)</tt> System Console + + + + + Aleksandr + Rybalko + + ray@FreeBSD.org + + + + + Ed + Maste + + emaste@FreeBSD.org + + + + + Ed + Schouten + + ed@FreeBSD.org + + + + + Project wiki page + + + +

    vt(4) is a modern replacement for the existing, quite + old, virtual terminal emulator called syscons(4). + Initially motivated by the lack of Unicode support and + infrastructural issues in syscons(4), the project was + later expanded to cover the new requirement to support Kernel + Mode Setting (KMS).

    + +

    The project is now in head, stable/10 and + stable/9 branches. Hence, vt(4) can be tested + by using VT kernel configuration (i386 and + amd64) or by replacing two lines in the + GENERIC kernel configuration file:

    + + 
    device sc
+device vga
    + +

    with the following ones:

    + + 
    device vt
+device vt_vga
    + +

    Or, to use for UEFI testing, add the following lines + instead:

    + + 
    device vt
+device vt_efifb
    + +

    Major highlights:

    + +
      +
    • Unicode support.
      • +
    • Double-width character support for CJK characters.
      • +
    • xterm(1)-like terminal emulation.
      • +
    • Support for Kernel Mode Setting (KMS) drivers + (i915kms, radeonkms).
      • +
    • Support for different fonts per terminal window.
      • +
    • Simplified drivers.
      • +
    + +

    Brief status of supported architectures and hardware:

    + +
      +
    • amd64 (VGA/i915kms/radeonkms) — + works.
      • +
    • ARM framebuffer — works.
      • +
    • i386 (VGA/i915kms/radeonkms) — + works.
      • +
    • IA64 — untested.
      • +
    • MIPS — untested.
      • +
    • PPC and PPC64 — works, but without X.Org yet.
      • +
    • SPARC — works on certain hardware (e.g., Ultra 5).
      • +
    • vesa(4) — in progress.
      • +
    • i386/amd64 nVidia driver — not supported. VGA should + be used (VESA planned).
      • +
    • Xbox framebuffer driver — will be deleted as + unused.
      • +
    + + + The &os; Foundation + + + Create sub-directories for vt(4) under + /usr/share/ to store key maps and fonts. + + Implement remaining features supported by + vidcontrol(1). + + Write the vt(4) manual page. (This is in + progress.) + + Support direct handling of keyboard by the kbd + device (without kbdmux(4)). + + CJK fonts. (This is in progress). + Address performance issues on some architectures. + Switch to vt(4) by default. + +     From owner-svn-doc-all@FreeBSD.ORG Mon Apr 7 16:17:05 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4ADFB533; Mon, 7 Apr 2014 16:17:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 372D32A5; Mon, 7 Apr 2014 16:17:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s37GH5C6026961; Mon, 7 Apr 2014 16:17:05 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s37GH5gf026960; Mon, 7 Apr 2014 16:17:05 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404071617.s37GH5gf026960@svn.freebsd.org> From: Gabor Pali Date: Mon, 7 Apr 2014 16:17:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44468 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Apr 2014 16:17:05 -0000 Author: pgj Date: Mon Apr 7 16:17:04 2014 New Revision: 44468 URL: http://svnweb.freebsd.org/changeset/doc/44468 Log: - Add 2014Q1 status report on the new automounter Submitted by: trasz Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 7 16:11:09 2014 (r44467) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 7 16:17:04 2014 (r44468) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 22 entries and we hope you enjoy reading it.

    + contains 23 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -1400,4 +1400,29 @@ device vt_efifb Switch to vt(4) by default. + + + New Automounter + + + + + Edward Tomasz + Napieraa + + trasz@FreeBSD.org + + + + +

    The automount project is nearing the functional prototype + stage, and a call for testing is expected in the next month. + The userspace portion consists of the automountd(8) + daemon, which is designed to be fully compatible with its + counterpart in OS X, Solaris, and Linux, and which is nearly + complete. Work on the kernel component continues.

    + + + The &os; Foundation +     From owner-svn-doc-all@FreeBSD.ORG Mon Apr 7 16:30:38 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A7DBBC17; Mon, 7 Apr 2014 16:30:38 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 948C0620; Mon, 7 Apr 2014 16:30:38 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s37GUcR7032261; Mon, 7 Apr 2014 16:30:38 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s37GUcbj032260; Mon, 7 Apr 2014 16:30:38 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404071630.s37GUcbj032260@svn.freebsd.org> From: Gabor Pali Date: Mon, 7 Apr 2014 16:30:38 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44469 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Apr 2014 16:30:38 -0000 Author: pgj Date: Mon Apr 7 16:30:38 2014 New Revision: 44469 URL: http://svnweb.freebsd.org/changeset/doc/44469 Log: - Add 2014Q1 status report for the OpenStack host support Submitted by: Micha Dubiel Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 7 16:17:04 2014 (r44468) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 7 16:30:38 2014 (r44469) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 23 entries and we hope you enjoy reading it.

    + contains 24 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -1425,4 +1425,103 @@ device vt_efifb The &os; Foundation + + + &os; Host Support for OpenStack and OpenContrail + + + + + Grzegorz + Bernacki + + gjb@semihalf.com + + + + + Micha + Dubiel + + md@semihalf.com + + + + + Dominik + Ermel + + der@semihalf.com + + + + + Rafa + Jaworowski + + raj@semihalf.com + + + + + + + + + + + + + +

    OpenStack is a cloud operating system that controls large pools + of compute, storage, and networking resources in a data center. + OpenContrail is a network virtualization (SDN) solution + comprising network controller, virtual router and analytics + engine, which can be integrated with cloud orchestration systems + like OpenStack or CloudStack.

    + +

    This work goal is to enable &os; as a fully supported compute + host for OpenStack using OpenContrail virtualized networking. The + main areas of development are the following:

    + +
      +
    • Libvirt hypervisor driver for bhyve.
      • + +
    • Support for bhyve (via the libvirt compute driver) and the + &os; platform in overall in nova-compute.
      • + +
    • Port OpenContrail vRouter (forwarding plane kernel module) + to &os;.
      • + +
    • Port OpenContrail Agent (network controller node) to + &os;.
      • + +
    • Integration, performance optimization.
      • +
    + +

    The current state of the development allows for a working demo + of OpenStack with compute node component running on a &os; + host:

    + +
      +
    • The native bhyve hypervisor is driven by a + nova-compute component for spawning guest instances + using libvirt and a nova-network component for + providing simple networking using bridges between guest + VMs.
      • + +
    • QEMU might also be used instead of the bhyve this way.
      • + +
    • The main goal on the networking side is to use OpenContrail + solution, compliant with the modern OpenStack networking API + ("neutron").
      • +
    + +

    Also, initial port of the OpenContrail vRouter kernel module + has been completed. It successfully handles all networking on + the host.

    + + + Juniper Networks +     From owner-svn-doc-all@FreeBSD.ORG Mon Apr 7 16:35:40 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A482AEA8; Mon, 7 Apr 2014 16:35:40 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 90F7D679; Mon, 7 Apr 2014 16:35:40 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s37GZe7X035520; Mon, 7 Apr 2014 16:35:40 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s37GZeE3035519; Mon, 7 Apr 2014 16:35:40 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404071635.s37GZeE3035519@svn.freebsd.org> From: Gabor Pali Date: Mon, 7 Apr 2014 16:35:40 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44470 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Apr 2014 16:35:40 -0000 Author: pgj Date: Mon Apr 7 16:35:40 2014 New Revision: 44470 URL: http://svnweb.freebsd.org/changeset/doc/44470 Log: - Add 2014Q1 status report for the i915kms update Submitted by: kib Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 7 16:30:38 2014 (r44469) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 7 16:35:40 2014 (r44470) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 24 entries and we hope you enjoy reading it.

    + contains 25 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -1524,4 +1524,28 @@ device vt_efifb Juniper Networks + + + Intel GPU Driver Update + + + + + Konstantin + Belousov + + kib@FreeBSD.org + + + + +

    The project to update the Intel grapics chipset driver + (i915kms) to a recent snapshot of the Linux upstream + code continues. Progress was delayed by external circumstances, + but it is hoped to reach a useful milestone in the near + future.

    + + + The &os; Foundation +     From owner-svn-doc-all@FreeBSD.ORG Mon Apr 7 16:40:16 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4B778390; Mon, 7 Apr 2014 16:40:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2CFAF6D1; Mon, 7 Apr 2014 16:40:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s37GeGkU038008; Mon, 7 Apr 2014 16:40:16 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s37GeF8T038006; Mon, 7 Apr 2014 16:40:15 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404071640.s37GeF8T038006@svn.freebsd.org> From: Dru Lavigne Date: Mon, 7 Apr 2014 16:40:15 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44471 - in head: en_US.ISO8859-1/books/handbook/filesystems share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Apr 2014 16:40:16 -0000 Author: dru Date: Mon Apr 7 16:40:15 2014 New Revision: 44471 URL: http://svnweb.freebsd.org/changeset/doc/44471 Log: Add entity for reiserfs(5). Fix filesystems to file systems. Editorial review of Linux File Systems. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/filesystems/chapter.xml head/share/xml/man-refs.ent Modified: head/en_US.ISO8859-1/books/handbook/filesystems/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/filesystems/chapter.xml Mon Apr 7 16:35:40 2014 (r44470) +++ head/en_US.ISO8859-1/books/handbook/filesystems/chapter.xml Mon Apr 7 16:40:15 2014 (r44471) @@ -552,7 +552,7 @@ errors: No known data errors Quotas limit the amount of space that a dataset and its descendants can consume, and enforce a limit on the amount - of space used by filesystems and snapshots for the + of space used by file systems and snapshots for the descendants. Quotas are useful to limit the amount of space a particular user can use. @@ -648,7 +648,7 @@ errors: No known data errors quotas for all groups. To display the amount of space consumed by each user on - the specified filesystem or snapshot, along with any + the specified file system or snapshot, along with any specified quotas, use zfs userspace. For group information, use zfs groupspace. For more information about @@ -721,15 +721,16 @@ errors: No known data errors - &linux; Filesystems + &linux; File Systems - This section describes some of the &linux; filesystems - supported by &os;. + &os; provides built-in support for several &linux; file + systems. This section demonstrates how to load support for and + how to mount the supported &linux; file systems. <acronym>ext2</acronym> - The &man.ext2fs.5; file system kernel implementation has + Kernel support for ext2 file systems has been available since &os; 2.2. In &os; 8.x and earlier, the code is licensed under the GPL. Since &os; 9.0, the code has @@ -737,85 +738,70 @@ errors: No known data errors licensed. The &man.ext2fs.5; driver allows the &os; kernel to both - read and write to ext2 file systems. + read and write to ext2 file systems. - To access an ext2 file system, first + + + This driver can also be used to access ext3 and ext4 file + systems. However, ext3 journaling, extended attributes, and + inodes greater than 128-bytes are not supported. Support + for ext4 is read-only. + + + To access an ext file system, first load the kernel loadable module: &prompt.root; kldload ext2fs - Then, to mount an &man.ext2fs.5; volume located on - /dev/ad1s1: + Then, mount the ext volume by specifying its &os; + partition name and an existing mount point. This example + mounts /dev/ad1s1 on + /mnt: - &prompt.root; mount -t ext2fs /dev/ad1s1 /mnt + &prompt.root; mount -t ext2fs /dev/ad1s1 /mnt XFS - XFS was originally written by - SGI for the IRIX - operating system and was then ported to &linux; and - released under the GPL. See - this page - for more details. The &os; port was started by Russel - Cattelan, &a.kan.email;, and &a.rodrigc.email;. + &os; provides read-only support for XFS + file systems. - To load XFS as a kernel-loadable - module: + To load the &man.xfs.5; driver: &prompt.root; kldload xfs - The &man.xfs.5; driver lets the &os; kernel access XFS - filesystems. However, only read-only access is supported and - writing to a volume is not possible. - - To mount a &man.xfs.5; volume located on + To mount an XFS volume located on /dev/ad1s1: - &prompt.root; mount -t xfs /dev/ad1s1 /mnt + &prompt.root; mount -t xfs /dev/ad1s1 /mnt - The sysutils/xfsprogs - port includes the mkfs.xfs which enables - the creation of XFS filesystems, plus - utilities for analyzing and repairing them. - - The -p flag to - mkfs.xfs can be used to create an - &man.xfs.5; filesystem which is populated with files and other - metadata. This can be used to quickly create a read-only - filesystem which can be tested on &os;. + The sysutils/xfsprogs package or + port includes mkfs.xfs, which enables + the creation of read-only XFS file systems + for testing purposes. Additional + utilities are included for analyzing and repairing + XFS file systems. ReiserFS - The Reiser file system, ReiserFS, was ported to - &os; by &a.dumbbell.email;, and has been released under the - GPL . - - The ReiserFS driver permits the &os; kernel to access - ReiserFS file systems and read their contents, but not - write to them. + &os; provides read-only support for The Reiser file + system, ReiserFS. - First, the kernel-loadable module needs to be - loaded: + To load the &man.reiserfs.5; driver: &prompt.root; kldload reiserfs Then, to mount a ReiserFS volume located on /dev/ad1s1: - &prompt.root; mount -t reiserfs /dev/ad1s1 /mnt + &prompt.root; mount -t reiserfs /dev/ad1s1 /mnt - File Systems Support + + File Systems Support + - TomRhodesWritten by + TomRhodesWritten + by - - Synopsis @@ -68,11 +69,13 @@ - Understand &unix; and &os; basics. + Understand &unix; and &os; basics. - Be familiar with the basics of kernel configuration and + Be familiar with the basics of kernel configuration and compilation. @@ -82,7 +85,8 @@ - Have some familiarity with disks, storage, and device names in + Have some familiarity with disks, storage, and device names in &os;. @@ -160,17 +164,17 @@ vfs.zfs.arc_max="40M" vfs.zfs.vdev.cache.size="5M" For a more detailed list of recommendations for - ZFS-related tuning, see http://wiki.freebsd.org/ZFSTuningGuide. + ZFS-related tuning, see http://wiki.freebsd.org/ZFSTuningGuide.     Using <acronym>ZFS</acronym> - There is a start up mechanism that allows &os; to - mount ZFS pools during system - initialization. To set it, issue the following - commands: + There is a start up mechanism that allows &os; to mount + ZFS pools during system initialization. To + set it, issue the following commands: &prompt.root; echo 'zfs_enable="YES"' >> /etc/rc.conf &prompt.root; service zfs start @@ -227,7 +231,8 @@ drwxr-xr-x 21 root wheel 512 Aug 29 2 The example/compressed dataset is now a ZFS compressed file system. Try - copying some large files to /example/compressed. + copying some large files to + /example/compressed. Compression can be disabled with: @@ -375,9 +380,8 @@ example/data 17547008 0 175 To get a list of all available snapshots, run ls in the file system's - .zfs/snapshot - directory. For example, to see the previously taken - snapshot: + .zfs/snapshot directory. For example, + to see the previously taken snapshot: &prompt.root; ls /storage/home/.zfs/snapshot @@ -388,9 +392,9 @@ example/data 17547008 0 175 &prompt.root; zfs destroy storage/home@08-30-08 - After testing, /storage/home can be made the - real /home using - this command: + After testing, /storage/home can be + made the real /home using this + command: &prompt.root; zfs set mountpoint=/home storage/home @@ -583,13 +587,16 @@ errors: No known data errors - POSIX compatible name such as + POSIX compatible name such as joe. - POSIX - numeric ID such as + POSIX numeric ID such as 789. @@ -619,8 +626,8 @@ errors: No known data errors User quota properties are not displayed by zfs get all. - Non-root users can only see their own - quotas unless they have been granted the + Non-root users can + only see their own quotas unless they have been granted the userquota privilege. Users with this privilege are able to view and set everyone's quota. @@ -641,9 +648,10 @@ errors: No known data errors &prompt.root; zfs set groupquota@firstgroup=none As with the user quota property, - non-root users can only see the quotas - associated with the groups that they belong to. However, - root or a user with the + non-root users can + only see the quotas associated with the groups that they + belong to. However, root or a user with the groupquota privilege can view and set all quotas for all groups. @@ -655,8 +663,8 @@ errors: No known data errors supported options or how to display only specific options, refer to &man.zfs.1;. - Users with sufficient privileges and - root can list the quota for + Users with sufficient privileges and root can list the quota for storage/home/bob using: &prompt.root; zfs get quota storage/home/bob From owner-svn-doc-all@FreeBSD.ORG Mon Apr 7 17:15:52 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 752ADB8F; Mon, 7 Apr 2014 17:15:52 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6285AAAC; Mon, 7 Apr 2014 17:15:52 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s37HFq4g052665; Mon, 7 Apr 2014 17:15:52 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s37HFqd9052664; Mon, 7 Apr 2014 17:15:52 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404071715.s37HFqd9052664@svn.freebsd.org> From: Dru Lavigne Date: Mon, 7 Apr 2014 17:15:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44473 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Apr 2014 17:15:52 -0000 Author: dru Date: Mon Apr 7 17:15:51 2014 New Revision: 44473 URL: http://svnweb.freebsd.org/changeset/doc/44473 Log: Remove reference to Coda as it was disconnected from the build in 2012. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Mon Apr 7 16:48:22 2014 (r44472) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Mon Apr 7 17:15:51 2014 (r44473) @@ -2124,13 +2124,12 @@ cd0: Attempt to query device size failed virtual disks. NFS - Coda disks memory These include network file systems such as the Network File System and Coda, + linkend="network-nfs">Network File System, memory-based file systems, and file-backed file systems. According to the &os; version, the tools used for the From owner-svn-doc-all@FreeBSD.ORG Mon Apr 7 17:17:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4FE44C2F; Mon, 7 Apr 2014 17:17:12 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 231B5ABC; Mon, 7 Apr 2014 17:17:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s37HHCLB052851; Mon, 7 Apr 2014 17:17:12 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s37HHBaS052850; Mon, 7 Apr 2014 17:17:11 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404071717.s37HHBaS052850@svn.freebsd.org> From: Gabor Pali Date: Mon, 7 Apr 2014 17:17:11 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44474 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Apr 2014 17:17:12 -0000 Author: pgj Date: Mon Apr 7 17:17:11 2014 New Revision: 44474 URL: http://svnweb.freebsd.org/changeset/doc/44474 Log: - Add 2014Q1 status report for multi-core ARM support Submitted by: ian Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 7 17:15:51 2014 (r44473) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 7 17:17:11 2014 (r44474) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 25 entries and we hope you enjoy reading it.

    + contains 26 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -1548,4 +1548,65 @@ device vt_efifb The &os; Foundation + + + SMP on Multi-Core ARM Systems + + + + + Ian + Lepore + + ian@FreeBSD.org + + + + + Olivier + Houchard + + cognet@ci0.org + + + + + Wojciech + Macek + + wma@semihalf.com + + + + +

    &os; now supports Symmetrical MultiProcessing (SMP) on a + variety of ARM multi-core systems. The effort to bring SMP to + ARM has been underway for quite some time, but a major push by + the &os; ARM developer community over the past two months has + resulted in robust production-ready SMP support.

    + +

    An ever-growing number of ARM-based development boards and + small low-power computer systems are available with multi-core + processors. &os; is now able to make good use of all that + computing power, making such systems more attractive to both end + users and vendors looking to create products based on similar + designs.

    + +

    SMP is now enabled by default in the configuration files for + all currently-supported systems that have multi-core processors. + This includes systems based on the following processor + families:

    + +
      +
    • Allwinner A20
      • +
    • Freescale i.MX6
      • +
    • Marvell Armada XP
      • +
    • Samsung Exynos 5
      • +
    • Texas Instruments OMAP4
      • +
    + + + Microsemi, Inc. + Semihalf sp.j +     From owner-svn-doc-all@FreeBSD.ORG Mon Apr 7 17:21:46 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 77A24CDC; Mon, 7 Apr 2014 17:21:46 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4A333B52; Mon, 7 Apr 2014 17:21:46 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s37HLkNl054083; Mon, 7 Apr 2014 17:21:46 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s37HLjxk054080; Mon, 7 Apr 2014 17:21:45 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404071721.s37HLjxk054080@svn.freebsd.org> From: Dru Lavigne Date: Mon, 7 Apr 2014 17:21:45 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44475 - in head/en_US.ISO8859-1/books/handbook: filesystems install kernelconfig X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Apr 2014 17:21:46 -0000 Author: dru Date: Mon Apr 7 17:21:45 2014 New Revision: 44475 URL: http://svnweb.freebsd.org/changeset/doc/44475 Log: Remove references to NTFS as it was removed from the build in 2012. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/filesystems/chapter.xml head/en_US.ISO8859-1/books/handbook/install/chapter.xml head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/filesystems/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/filesystems/chapter.xml Mon Apr 7 17:17:11 2014 (r44474) +++ head/en_US.ISO8859-1/books/handbook/filesystems/chapter.xml Mon Apr 7 17:21:45 2014 (r44475) @@ -38,8 +38,7 @@ on locally attached USB storage devices, flash drives, and hard disks. This includes support for the &linux; Extended File System (EXT) and the - µsoft; New Technology File System - (NTFS).     + Reiser file system. There are different levels of &os; support for the various file systems. Some require a kernel module to be loaded and Modified: head/en_US.ISO8859-1/books/handbook/install/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/install/chapter.xml Mon Apr 7 17:17:11 2014 (r44474) +++ head/en_US.ISO8859-1/books/handbook/install/chapter.xml Mon Apr 7 17:21:45 2014 (r44475) @@ -4082,9 +4082,6 @@ Please press any key to reboot. primary partitions. Use &man.fdisk.8; to help determine which slices belong to &os; and which belong to other operating systems. - - NTFS partitions can also be mounted in a similar manner - using &man.mount.ntfs.8;.     Modified: head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Mon Apr 7 17:17:11 2014 (r44474) +++ head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Mon Apr 7 17:21:45 2014 (r44475) @@ -1228,12 +1228,12 @@ device fwe # Ethernet build instead of using the default of building all modules: - MODULES_OVERRIDE = linux acpi ntfs + MODULES_OVERRIDE = linux acpi Alternately, this variable lists which modules to exclude from the build process: - WITHOUT_MODULES = linux acpi sound ntfs + WITHOUT_MODULES = linux acpi sound Additional variables are available. Refer to &man.make.conf.5; for details. From owner-svn-doc-all@FreeBSD.ORG Mon Apr 7 18:23:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 54D23DE2; Mon, 7 Apr 2014 18:23:36 +0000 (UTC) Received: from dmz-mailsec-scanner-1.mit.edu (dmz-mailsec-scanner-1.mit.edu [18.9.25.12]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 897F0169; Mon, 7 Apr 2014 18:23:35 +0000 (UTC) X-AuditID: 1209190c-f794a6d000000c27-00-5342ebf2d8e7 Received: from mailhub-auth-3.mit.edu ( [18.9.21.43]) (using TLS with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-1.mit.edu (Symantec Messaging Gateway) with SMTP id 49.17.03111.2FBE2435; Mon, 7 Apr 2014 14:18:26 -0400 (EDT) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-3.mit.edu (8.13.8/8.9.2) with ESMTP id s37IIPh3029502; Mon, 7 Apr 2014 14:18:25 -0400 Received: from multics.mit.edu (system-low-sipb.mit.edu [18.187.2.37]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id s37IINge012340 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 7 Apr 2014 14:18:24 -0400 Received: (from kaduk@localhost) by multics.mit.edu (8.12.9.20060308) id s37IIMNS026548; Mon, 7 Apr 2014 14:18:22 -0400 (EDT) Date: Mon, 7 Apr 2014 14:18:22 -0400 (EDT) From: Benjamin Kaduk To: Dru Lavigne Subject: Re: svn commit: r44475 - in head/en_US.ISO8859-1/books/handbook: filesystems install kernelconfig In-Reply-To: <201404071721.s37HLjxk054080@svn.freebsd.org> Message-ID: References: <201404071721.s37HLjxk054080@svn.freebsd.org> User-Agent: Alpine 1.10 (GSO 962 2008-03-14) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrHIsWRmVeSWpSXmKPExsUixCmqrfvptVOwwcejHBY/Ph5isuhqUrW4 sWg/k8Xu/l5mBxaPGZ/mswQwRnHZpKTmZJalFunbJXBlzLk5m7HgKlPFrUPv2RsYO5m6GDk5 JARMJP7P38IGYYtJXLi3Hsjm4hASmM0ksbLlGTNIQkhgA6PE8n9qEImDTBJnjvSxQyTqJT48 uMEKYrMIaEn8e/AJzGYTUJGY+WYj2FQRAUWJp1/3MoLYzAJREnuWNoLVCAvkSMx+8AvM5hSw kjjZfhOonoODV8BRYtt1NxBTSMBS4vpKKZAKUQEdidX7p7CA2LwCghInZz5hgZhoKXHuz3W2 CYyCs5CkZiFJLWBkWsUom5JbpZubmJlTnJqsW5ycmJeXWqRrqJebWaKXmlK6iREcrJI8Oxjf HFQ6xCjAwajEw1txxClYiDWxrLgy9xCjJAeTkijv66dAIb6k/JTKjMTijPii0pzU4kOMEhzM SiK8kbeBcrwpiZVVqUX5MClpDhYlcd631lbBQgLpiSWp2ampBalFMFkZDg4lCd6GV0CNgkWp 6akVaZk5JQhpJg5OkOE8QMOngNTwFhck5hZnpkPkTzEqSonzbgdJCIAkMkrz4HphyeQVozjQ K8K8K0GqeICJCK77FdBgJqDBhq5gg0sSEVJSDYxAAc4tzv+KXu97UZDwqSfr+OGXLlVG1jOv c9YHn8wOnGc68bGZRLrHDZEcJlbrvclHXfUmTP+0J0Tu0T/Xhws13itxHrmXf+jYHtFdB1Jd f/hFbczey7H2/L/wV5ucf9xKXXJI11ileYeSuOBDO55p7U3brjd8i5W7odid9/J27nqz6WXL w5VYijMSDbWYi4oTAX7/5M0BAwAA Cc: svn-doc-head@freebsd.org, svn-doc-all@freebsd.org, doc-committers@freebsd.org X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Apr 2014 18:23:36 -0000 On Mon, 7 Apr 2014, Dru Lavigne wrote: > Author: dru > Date: Mon Apr 7 17:21:45 2014 > New Revision: 44475 > URL: http://svnweb.freebsd.org/changeset/doc/44475 > > Log: > Remove references to NTFS as it was removed from the build in 2012. We are supposed to recommend ntfs-3g from ports with FUSE, these days, IIRC. -Ben From owner-svn-doc-all@FreeBSD.ORG Mon Apr 7 20:38:17 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 89DCD86D; Mon, 7 Apr 2014 20:38:17 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5D25FF6C; Mon, 7 Apr 2014 20:38:17 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s37KcHbA035319; Mon, 7 Apr 2014 20:38:17 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s37KcHoh035318; Mon, 7 Apr 2014 20:38:17 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404072038.s37KcHoh035318@svn.freebsd.org> From: Dru Lavigne Date: Mon, 7 Apr 2014 20:38:17 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44476 - head/en_US.ISO8859-1/books/handbook/filesystems X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Apr 2014 20:38:17 -0000 Author: dru Date: Mon Apr 7 20:38:16 2014 New Revision: 44476 URL: http://svnweb.freebsd.org/changeset/doc/44476 Log: Fix XFS section to indicate that this now requires the kernel support to be compiled in as it is no longer attached to the build. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/filesystems/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/filesystems/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/filesystems/chapter.xml Mon Apr 7 17:21:45 2014 (r44475) +++ head/en_US.ISO8859-1/books/handbook/filesystems/chapter.xml Mon Apr 7 20:38:16 2014 (r44476) @@ -771,23 +771,25 @@ errors: No known data errors XFS - &os; provides read-only support for XFS + A &os; kernel can be configured to provide read-only + support for XFS file systems. - To load the &man.xfs.5; driver: + To compile in XFS support, add the + following option to a custom kernel configuration file and + recompile the kernel using the instructions in : - &prompt.root; kldload xfs + options XFS - To mount an XFS volume located on + Then, to mount an XFS volume located on /dev/ad1s1: &prompt.root; mount -t xfs /dev/ad1s1 /mnt The sysutils/xfsprogs package or - port includes mkfs.xfs, which enables - the creation of read-only XFS file systems - for testing purposes. Additional - utilities are included for analyzing and repairing + port provides additional + utilities, with man pages, for using, analyzing, and repairing XFS file systems. From owner-svn-doc-all@FreeBSD.ORG Mon Apr 7 20:46:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6F853C80 for ; Mon, 7 Apr 2014 20:46:36 +0000 (UTC) Received: from nm1-vm4.access.bullet.mail.gq1.yahoo.com (nm1-vm4.access.bullet.mail.gq1.yahoo.com [216.39.63.89]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 33046DA for ; Mon, 7 Apr 2014 20:46:36 +0000 (UTC) Received: from [216.39.60.173] by nm1.access.bullet.mail.gq1.yahoo.com with NNFMP; 07 Apr 2014 20:43:26 -0000 Received: from [216.39.60.248] by tm9.access.bullet.mail.gq1.yahoo.com with NNFMP; 07 Apr 2014 20:43:26 -0000 Received: from [127.0.0.1] by omp1019.access.mail.gq1.yahoo.com with NNFMP; 07 Apr 2014 20:43:26 -0000 X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 577168.48251.bm@omp1019.access.mail.gq1.yahoo.com Received: (qmail 58848 invoked by uid 60001); 7 Apr 2014 20:43:26 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=att.net; s=s1024; t=1396903406; bh=Nh8YK4xO4utJNv/o6l2sy9TaUkNnShx1BDGgARqCKWc=; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=cCu7aOQDyQXvtCURsOBcxL+ZoNkw8c5mLjb7Ag79tTiOhDNpyIrP80s6XiD8ScjDkAdqXhJx+oZVnAi56zfY7qV5dDkHgm4qQnvRLm4qI2S+68eUt0Uh5KM78dqXBLPqTrkOHMdyhPVLmq5qmHp5h+749BGR7tXqj2MBKNDi820= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=att.net; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=Z6Xq3mqTah43tUKbzyEZFtJfKwmAzqfj1xTDHW/o1KHDNPp7PKuYnIbT1zRp6jsiB+ombyEnpMmkweXPWpbdtQxqegfXl9JyjpEyOMenQbMHup0BIGmE94cUODm2vVmdSydkFAyTV8Sv1pK04HiUSOsIAaCqCEjW+JgQVwEOP/0=; X-YMail-OSG: 5uq4RsIVM1nMjL.pMDthJHrgN1wgriUOG3lDIUXZc0EXluF eXcFB5HnDGDigA2jxIpospYT7Lw0Ou4xtd8lV4TANf7T3JHp0iGnYWcAbZQE lPOqH4pWASTJAjykhXVIjZ1M41luPpeW9LN_ruQxrkB_CxvHGCDA9blCiT3v o4_87s8TygKkjHcsB.93GXZu9FWUbuoN_kqBb7RdRk5CqNq_0dWUsJifuRoS SrqVZOEDtk.WHFeqiDKBnWiRLBpma8FUu.qVxxbyShMPbnCLrea5B2AqL9_7 YAmTu9G6rRJzhTO6Rfql2OR1d3ID07D8MbVo4cvQs8KWR5Xj_DNmIV0GLvG1 vxaIt5DRYl4GRlIN.p9V5E0J2fQtRmqNzddnUpsgdQbXdKiqBcS.9IjsyH36 XofLqE0YdrRAOd5NWLf_FahuydpKVyW6FIn5Xe2NETKF07CbAE3aMv3_YKoM 2waKrOd.9EV3Jm90Fl8AExQcUmpyRW_kCYt4F.arZYXmn1t8WwLMnLrYZbEY yplxscjVLtpn7G7uRff9BWIix2gtdoHs27lu6Sw3LTzK2VvAMyNUaM5vfglU iRtSyysDwzmPn7JyY_Oy_1D2w_69dCvrA8eY- Received: from [64.134.163.50] by web184904.mail.gq1.yahoo.com via HTTP; Mon, 07 Apr 2014 13:43:26 PDT X-Rocket-MIMEInfo: 002.001, Cgo.PsKgIFJlbW92ZSByZWZlcmVuY2VzIHRvIE5URlMgYXMgaXQgd2FzIHJlbW92ZWQgZnJvbSB0aGUgYnVpbGQgaW4gMjAxMi4KPgo.V2UgYXJlIHN1cHBvc2VkIHRvIHJlY29tbWVuZCBudGZzLTNnIGZyb20gcG9ydHMgd2l0aCBGVVNFLCB0aGVzZSBkYXlzLCAKPklJUkMuCgoKCkkndmUgYWRkZWQgYW4gZWRpdG9yaWFsIG5vdGUgdG8gYWRkIGEgbm9uLW5hdGl2ZSwgbm9uLUxpbnV4IHNlY3Rpb24gdG8gdGhlIGZpbGUgc3lzdGVtIGNoYXB0ZXIgKHNlZSBodHRwOi8vcGVvcGxlLmZyZWVic2Qub3JnL35kcnUBMAEBAQE- X-Mailer: YahooMailWebService/0.8.182.648 References: <201404071721.s37HLjxk054080@svn.freebsd.org> Message-ID: <1396903406.31288.YahooMailNeo@web184904.mail.gq1.yahoo.com> Date: Mon, 7 Apr 2014 13:43:26 -0700 (PDT) From: Dru Lavigne Subject: Re: svn commit: r44475 - in head/en_US.ISO8859-1/books/handbook: filesystems install kernelconfig To: Benjamin Kaduk , Dru Lavigne In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Cc: "svn-doc-head@freebsd.org" , "svn-doc-all@freebsd.org" , "doc-committers@freebsd.org" X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list Reply-To: Dru Lavigne List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Apr 2014 20:46:36 -0000 =0A=0A>>=A0 Remove references to NTFS as it was removed from the build in 2= 012.=0A>=0A>We are supposed to recommend ntfs-3g from ports with FUSE, thes= e days, =0A>IIRC.=0A=0A=0A=0AI've added an editorial note to add a non-nati= ve, non-Linux section to the file system chapter (see http://people.freebsd= .org/~dru/handbook_toc.odt). That would be a good place to discuss FUSE, FA= T32, NTFS, etc. support and would fit well after the Linux File System sect= ion.=0A=0A=0ACheers,=0A=0ADru=0A From owner-svn-doc-all@FreeBSD.ORG Mon Apr 7 20:51:17 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D6E06DF1; Mon, 7 Apr 2014 20:51:17 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C2CA6124; Mon, 7 Apr 2014 20:51:17 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s37KpHpe042073; Mon, 7 Apr 2014 20:51:17 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s37KpHJI042072; Mon, 7 Apr 2014 20:51:17 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404072051.s37KpHJI042072@svn.freebsd.org> From: Gabor Pali Date: Mon, 7 Apr 2014 20:51:17 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44477 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Apr 2014 20:51:18 -0000 Author: pgj Date: Mon Apr 7 20:51:17 2014 New Revision: 44477 URL: http://svnweb.freebsd.org/changeset/doc/44477 Log: - Add 2014Q1 status report for the FreeBSD Foundation Submitted by: Deb Goodkin Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 7 20:38:16 2014 (r44476) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 7 20:51:17 2014 (r44477) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 26 entries and we hope you enjoy reading it.

    + contains 27 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -66,6 +66,12 @@ Documentation + + misc + + Miscellaneous + + Chromium @@ -1609,4 +1615,111 @@ device vt_efifb Microsemi, Inc. Semihalf sp.j + + + The &os; Foundation + + + + + Deb + Goodkin + + deb@FreeBSDFoundation.org + + + + + + &os; Journal + + + +

    The &os; Foundation is a 501(c)(3) non-profit organization + dedicated to supporting and promoting the &os; Project and + community worldwide. Most of the funding is used to support + &os; development projects, conferences and developer summits, + purchase equipment to grow and improve the &os; infrastructure, + and provide legal support for the Project.

    + +

    We published the first issue of the &os; Journal, our new on-line + &os; magazine. The positive feedback from both the &os; and + outside communities has been incredible. This quarter we began work + on articles and promotion for the second issue. We also started working + on a dynamic version of the magazine that can be read in many web + browsers including those that run on &os;.

    + +

    This year we are earmarking more funding towards &os; advocacy + and education. You will see more literature, white papers, + articles, and so on to help promote &os;.

    + +

    The Foundation held a board meeting in Berkeley, California, in + January. We discussed longer term strategy and planning for the + year. We put together our 2014 budget with a plan of raising at + least $1,000,000 and spending $900,000.

    + +

    Two Foundation funded projects were completed. The first, + co-sponsored by Google, integrated the Casper daemon into &os;. + The second was auditdistd(8) improvements for the &os; + cluster.

    + +

    Work continued on the following Foundation-sponsored projects: + Intel graphics driver update by &a.kib;, UEFI boot support for + amd64 by &a.emaste;, autofs automounter and in-kernel + iSCSI stack enhancements, bug fixes by &a.trasz;, updated + vt(4) system console by &a.ray;. A more detailed + project update for each of the above projects can be found + within this quarterly status report.

    + +

    We were a Gold Sponsor for NYCBSDCon 2014 in New York, + February 8, which was attended by sSeveral board members. We + were represented at SCALE in Los Angeles, February 22-23, and + ICANN in Singapore, March 22-25.

    + +

    We were a sponsor for AsiaBSDCon in Tokyo, March 15-16. Board + member &a.hrs; was the conference organizer. Board members + &a.mckusick; and &a.gnn; taught tutorials and Kirk gave a + keynote. Board member &a.dru; manned the foundation table and + spoke at one of the sessions.

    + +

    We became a Gold+ sponsor for BSDCan 2014, May 16-17 and + have started reaching out to vendors to attend the developer + summit that runs in the two days before BSDCan.

    + +

    Board members George, Kirk, and &a.rwatson; pushed to finish + the final draft of the next edition of their book The Design + and Implementation of the FreeBSD Operating System.

    + +

    ITWire editor Sam Varghese published an interview with Kirk and + Foundation technical manager &a.emaste; about the status of + secure boot on &os;.

    + +

    The &os; Logo is now officially a registered trademark to + represent the &os; operating system. We are working to expand the + registration beyond just the &os; operating system, but + currently still have to use the TM symbol when using it + on apparel and other non-operating-system items. We continued + reviewing requests and granting permission to use &os; + trademarks.

    + +

    After finishing the 10.0-RELEASE, Foundation system + administrator and release engineer &a.gjb; began work on adding + support for &os;/arm image builds as part of the release build + process. As result of this work, &os;/arm images are produced + as part of the weekly development snapshot builds, and available + from any of the &os; FTP mirrors. Supported kernel + configurations currently include BEAGLEBONE, + RPI-B, PANDABOARD, WANDBOARD-QUAD, + and ZEDBOARD.

    + +

    George visited six large &os; users in the Bay Area in + February. These meetings are conducted to help facilitate + collaboration between &os; customers and the &os; Project. It + is an opportunity to exchange information on what the customers + are doing and what is being worked on in the Project. It is + also an opportunity to try to connect customers with the + appropriate &os; developers who may be working on areas of &os; + that interest these customers.

    + +     From owner-svn-doc-all@FreeBSD.ORG Mon Apr 7 21:05:28 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D584611F; Mon, 7 Apr 2014 21:05:28 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C1B692A2; Mon, 7 Apr 2014 21:05:28 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s37L5SP7047179; Mon, 7 Apr 2014 21:05:28 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s37L5SmX047178; Mon, 7 Apr 2014 21:05:28 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404072105.s37L5SmX047178@svn.freebsd.org> From: Gabor Pali Date: Mon, 7 Apr 2014 21:05:28 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44478 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Apr 2014 21:05:29 -0000 Author: pgj Date: Mon Apr 7 21:05:28 2014 New Revision: 44478 URL: http://svnweb.freebsd.org/changeset/doc/44478 Log: - Add 2014Q1 status report on the LLDB port Submitted by: emaste Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 7 20:51:17 2014 (r44477) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 7 21:05:28 2014 (r44478) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 27 entries and we hope you enjoy reading it.

    + contains 28 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -1722,4 +1722,81 @@ device vt_efifb that interest these customers.

    + + + LLDB Debugger Port + + + + + Ed + Maste + + emaste@FreeBSD.org + + + + + + + + +

    LLDB is the the debugger project in the associated with + Clang/LLVM. It supports the Mac OS X, Linux, and &os; platforms, + with ongoing work on Windows. It builds on existing components + in the larger LLVM project, for example using Clang's expression + parser and LLVM's disassembler.

    + +

    The majority of work since the last status update has been on + bugfixes and implementation of the remaining functionality + missing on &os;. Most of these improvements are now in the LLDB + snapshot in the base system, which has been updated to upstream + Subversion revision r202189. Some highlights of the new update + include:

    + +
      +
    • Improvements to the remote GDB protocol client.
      • +
    • Bug fixes for big-endian targets.
      • +
    • Initial support for libdispatch (GCD) queues in the + debuggee.
      • +
    • Add "step-avoid-libraries" setting.
      • +
    • IO subsystem improvements (including initial work on a + curses GUI).
      • +
    • Support hardware watchpoints.
      • +
    • Improved unwinding through hand-written assembly + functions.
      • +
    • Handle DW_TAG_unspecified_parameters for variadic + functions.
      • +
    • Fix Ctrl+C interrupting a running inferior process.
      • +
    • Various bug fixes for memory leaks, LLDB segfaults, the C++ + demangler, ELF core files, DWARF debug info, and others.
      • +
    + +

    LLDB is currently not yet built by default and may be enabled + by adding WITH_LLDB= to src.conf(5). A port + will be made available for those wo wish to track ongoing + development more closely.

    + + + DARP/AFRL + SRI International + University of Cambridge + + + Add support for remote debugging (gdbserver-compatible + debugserver). + + Add support for local and core file kernel debugging. + + Implement, fix or test support on all non-amd64 + architectures. + + Verify cross-debugging. + Investigate and fix test suite failures. + Package LLDB as a port. + + Enable by default in the base system for working + architectures. + +     From owner-svn-doc-all@FreeBSD.ORG Mon Apr 7 21:13:19 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0CA3E58E; Mon, 7 Apr 2014 21:13:19 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EE14635C; Mon, 7 Apr 2014 21:13:18 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s37LDIiU051063; Mon, 7 Apr 2014 21:13:18 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s37LDIGx051062; Mon, 7 Apr 2014 21:13:18 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404072113.s37LDIGx051062@svn.freebsd.org> From: Gabor Pali Date: Mon, 7 Apr 2014 21:13:18 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44479 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Apr 2014 21:13:19 -0000 Author: pgj Date: Mon Apr 7 21:13:18 2014 New Revision: 44479 URL: http://svnweb.freebsd.org/changeset/doc/44479 Log: - Improve the 2014Q1 status report on ARM SMP Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 7 21:05:28 2014 (r44478) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 7 21:13:18 2014 (r44479) @@ -1584,6 +1584,10 @@ device vt_efifb + + Announcement + +

    &os; now supports Symmetrical MultiProcessing (SMP) on a variety of ARM multi-core systems. The effort to bring SMP to @@ -1598,10 +1602,10 @@ device vt_efifb users and vendors looking to create products based on similar designs.

    -

    SMP is now enabled by default in the configuration files for - all currently-supported systems that have multi-core processors. - This includes systems based on the following processor - families:

    +

    As of r264138 in &os; head, SMP is now enabled by + default in the configuration files for all currently-supported + systems that have multi-core processors. This includes systems + based on the following processor families:

    • Allwinner A20
      • @@ -1610,6 +1614,9 @@ device vt_efifb
    • Samsung Exynos 5
    • Texas Instruments OMAP4
    + +

    We do plan to merge this work to stable/10 in time for + 10.1-RELEASE.

    Microsemi, Inc. From owner-svn-doc-all@FreeBSD.ORG Mon Apr 7 21:34:54 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AC13ED29; Mon, 7 Apr 2014 21:34:54 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7DF4577A; Mon, 7 Apr 2014 21:34:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s37LYst9059533; Mon, 7 Apr 2014 21:34:54 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s37LYsQM059532; Mon, 7 Apr 2014 21:34:54 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404072134.s37LYsQM059532@svn.freebsd.org> From: Gabor Pali Date: Mon, 7 Apr 2014 21:34:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44480 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Apr 2014 21:34:54 -0000 Author: pgj Date: Mon Apr 7 21:34:53 2014 New Revision: 44480 URL: http://svnweb.freebsd.org/changeset/doc/44480 Log: - Add 2014Q1 status report on auditdistd Submitted by: pjd Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 7 21:13:18 2014 (r44479) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 7 21:34:53 2014 (r44480) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 28 entries and we hope you enjoy reading it.

    + contains 29 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -1806,4 +1806,42 @@ device vt_efifb architectures. + + + auditdistd(8) + + + + + Pawel Jakub + Dawidek + + pjd@FreeBSD.org + + + + +

    The auditdistd(8) daemon is responsible for + distributing audit trail files over TCP/IP network securely and + reliably.

    + +

    The daemon now supports client-side certificates, which can be + used to automatically configure receiver side — directory + name for received trail files is determined based on the + commonName field in client's certificate. There is no + need anymore to add every sender to receiver's configuration + file.

    + +

    The sender's functionality was extended to allow sending audit + trail files to multile receivers.

    + +

    Complete Public Key Infrastructure (PKI) support is now + implemented, including full certificate chain verification, + Certificate Revocation Lists (CRL) verification at every level + and support for multiple Certificate Authority (CA) + certificates.

    + + + The &os; Foundation +     From owner-svn-doc-all@FreeBSD.ORG Mon Apr 7 21:37:24 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 32FCADAF; Mon, 7 Apr 2014 21:37:24 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1FFCA79A; Mon, 7 Apr 2014 21:37:24 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s37LbNsf059861; Mon, 7 Apr 2014 21:37:23 GMT (envelope-from brueffer@svn.freebsd.org) Received: (from brueffer@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s37LbNPv059860; Mon, 7 Apr 2014 21:37:23 GMT (envelope-from brueffer@svn.freebsd.org) Message-Id: <201404072137.s37LbNPv059860@svn.freebsd.org> From: Christian Brueffer Date: Mon, 7 Apr 2014 21:37:23 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44481 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Apr 2014 21:37:24 -0000 Author: brueffer Date: Mon Apr 7 21:37:23 2014 New Revision: 44481 URL: http://svnweb.freebsd.org/changeset/doc/44481 Log: Belatedly add an ITwire article from January describing progress in UEFI secure boot support. Modified: head/share/xml/press.xml Modified: head/share/xml/press.xml ============================================================================== --- head/share/xml/press.xml Mon Apr 7 21:34:53 2014 (r44480) +++ head/share/xml/press.xml Mon Apr 7 21:37:23 2014 (r44481) @@ -18,6 +18,17 @@ 1 + &os; to support secure boot by mid-year + http://www.itwire.com/business-it-news/open-source/62855-freebsd-to-support-secure-boot-by-mid-year + ITWire + http://www.itwire.com/ + 20 January 2014 + Sam Varghese +

    Kirk McKusick describes the progress &os; has been making in supporting + UEFI secure boot, which is scheduled for inclusion in &os; 10.1.

    +     + + McKusick Denies &os; Lagging on Security http://www.itwire.com/business-it-news/open-source/62728-mckusick-denies-freebsd-lagging-on-security ITWire From owner-svn-doc-all@FreeBSD.ORG Mon Apr 7 21:45:11 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7B2CA3B5; Mon, 7 Apr 2014 21:45:11 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5BC338D8; Mon, 7 Apr 2014 21:45:11 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s37LjBot064026; Mon, 7 Apr 2014 21:45:11 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s37LjBH9064025; Mon, 7 Apr 2014 21:45:11 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404072145.s37LjBH9064025@svn.freebsd.org> From: Gabor Pali Date: Mon, 7 Apr 2014 21:45:11 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44482 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Apr 2014 21:45:11 -0000 Author: pgj Date: Mon Apr 7 21:45:10 2014 New Revision: 44482 URL: http://svnweb.freebsd.org/changeset/doc/44482 Log: - Add 2014Q1 status report for the SDIO driver Submitted by: Ilya Bakulin Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 7 21:37:23 2014 (r44481) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 7 21:45:10 2014 (r44482) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 29 entries and we hope you enjoy reading it.

    + contains 30 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -1844,4 +1844,58 @@ device vt_efifb The &os; Foundation + + + SDIO driver + + + + + Ilya + Bakulin + + ilya@bakulin.de + + + + + SDIO project page on &os; wiki + Source code + + + +

    SDIO is an interface designed as an extension of the existing + SD card standard, to allow connecting different peripherals to + the host with the standard SD controller. Peripherals currently + sold at the general market include WLAN/BT modules, cameras, + fingerprint readers, and barcode scanners. The &os; driver is + implemented as an extension to the existing MMC bus, adding a + lot of new SDIO-specific bus methods. A prototype of the driver + for the Marvell SDIO WLAN/BT (Avastar 88W8787) module is also + being developed, using the existing Linux driver as the + reference.

    + +

    SDIO card detection and initialization already work, most + needed bus methods are implemented and tested.

    + +

    WiFi driver is able to load a firmware onto the card and + initialize it. Migration of the MMC stack to the new locking + model is necessary in order to work with SDIO cards effectively. + The &os; CAM implementation is believed to be a good choice. + There is an ongoing work to implement an MMC transport for + CAM.

    + + + + SDIO stack: finish CAM migration. The XPT layer is almost + ready, what is missing is a SIM module, for which a modified + version of SDHCI controller driver will be used, and a + peripheral module, where porting the mmcsd(4) driver is + required. + + Marvell SDIO WiFi: connect it to the &os; network stack, + write the code to implement required functions, such as sending + and receiving data, network scanning and so on. + +     From owner-svn-doc-all@FreeBSD.ORG Tue Apr 8 01:13:54 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E9BD3230; Tue, 8 Apr 2014 01:13:54 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D6E561CB6; Tue, 8 Apr 2014 01:13:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s381DsGP024471; Tue, 8 Apr 2014 01:13:54 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s381DsVm024470; Tue, 8 Apr 2014 01:13:54 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201404080113.s381DsVm024470@svn.freebsd.org> From: Glen Barber Date: Tue, 8 Apr 2014 01:13:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44483 - head/en_US.ISO8859-1/articles/committers-guide X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Apr 2014 01:13:55 -0000 Author: gjb Date: Tue Apr 8 01:13:54 2014 New Revision: 44483 URL: http://svnweb.freebsd.org/changeset/doc/44483 Log: Add a note about where to look for information about updating ssh keys for the cluster. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/committers-guide/article.xml Mon Apr 7 21:45:10 2014 (r44482) +++ head/en_US.ISO8859-1/articles/committers-guide/article.xml Tue Apr 8 01:13:54 2014 (r44483) @@ -3041,6 +3041,11 @@ Relnotes: yes security/openssh, &man.ssh.1;, &man.ssh-add.1;, &man.ssh-agent.1;, &man.ssh-keygen.1;, and &man.scp.1;. + + For information on adding, changing, or removing &man.ssh.1; + keys, see this + article. From owner-svn-doc-all@FreeBSD.ORG Tue Apr 8 01:16:41 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A9AA0299; Tue, 8 Apr 2014 01:16:41 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 970611CC1; Tue, 8 Apr 2014 01:16:41 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s381GfPu024863; Tue, 8 Apr 2014 01:16:41 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s381Gf2v024862; Tue, 8 Apr 2014 01:16:41 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201404080116.s381Gf2v024862@svn.freebsd.org> From: Glen Barber Date: Tue, 8 Apr 2014 01:16:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44484 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Apr 2014 01:16:41 -0000 Author: gjb Date: Tue Apr 8 01:16:41 2014 New Revision: 44484 URL: http://svnweb.freebsd.org/changeset/doc/44484 Log: Fix the a.re.members.email entity. Sponsored by: The FreeBSD Foundation Modified: head/share/xml/authors.ent Modified: head/share/xml/authors.ent ============================================================================== --- head/share/xml/authors.ent Tue Apr 8 01:13:54 2014 (r44483) +++ head/share/xml/authors.ent Tue Apr 8 01:16:41 2014 (r44484) @@ -2301,7 +2301,7 @@ - + From owner-svn-doc-all@FreeBSD.ORG Tue Apr 8 15:18:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4A4E3FF5; Tue, 8 Apr 2014 15:18:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 29CCB1C8C; Tue, 8 Apr 2014 15:18:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s38FIAED070305; Tue, 8 Apr 2014 15:18:10 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s38FIAqx070304; Tue, 8 Apr 2014 15:18:10 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404081518.s38FIAqx070304@svn.freebsd.org> From: Dru Lavigne Date: Tue, 8 Apr 2014 15:18:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44485 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Apr 2014 15:18:10 -0000 Author: dru Date: Tue Apr 8 15:18:09 2014 New Revision: 44485 URL: http://svnweb.freebsd.org/changeset/doc/44485 Log: Editorial review of first 1/2 of HAST chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Tue Apr 8 01:16:41 2014 (r44484) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Tue Apr 8 15:18:09 2014 (r44485) @@ -3297,7 +3297,7 @@ Device 1K-blocks Used Av - Highly Available Storage (HAST) + Highly Available Storage (<acronym>HAST</acronym>) @@ -3348,75 +3348,24 @@ Device 1K-blocks Used Av High availability is one of the main requirements in serious business applications and highly-available storage is a - key component in such environments. Highly Available STorage, - or HASTHighly - Available STorage, was developed by - &a.pjd.email; as a framework which allows transparent storage of + key component in such environments. In &os;, the Highly Available STorage + (HAST) + framework allows transparent storage of the same data across several physically separated machines - connected by a TCP/IP network. HAST can be + connected by a TCP/IP network. HAST can be understood as a network-based RAID1 (mirror), and is similar to - the DRBD® storage system known from the GNU/&linux; + the DRBD® storage system used in the GNU/&linux; platform. In combination with other high-availability features of &os; like CARP, HAST makes it possible to build a highly-available storage cluster that is resistant to hardware failures. - After reading this section, you will know: - - - - What HAST is, how it works and - which features it provides. - - - - How to set up and use HAST on - &os;. - - - - How to integrate CARP and - &man.devd.8; to build a robust storage system. - - - - Before reading this section, you should: - - - - Understand &unix; and &os; basics. - - - - Know how to configure network - interfaces and other core &os; subsystems. - - - - Have a good understanding of &os; - networking. - - - - The HAST project was sponsored by The - &os; Foundation with support from OMCnet Internet Service - GmbH and TransIP - BV. - - - HAST Features - - The main features of the HAST system - are: + The following are the main features of + HAST: - Can be used to mask I/O errors on local hard + Can be used to mask I/O errors on local hard drives. @@ -3426,9 +3375,9 @@ Device 1K-blocks Used Av - Efficient and quick resynchronization, synchronizing - only blocks that were modified during the downtime of a - node. + Efficient and quick resynchronization as + only the blocks that were modified during the downtime of a + node are synchronized.

    Thanks to all the reporters for the excellent work! This report - contains 30 entries and we hope you enjoy reading it.

    + contains 31 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -1898,4 +1898,76 @@ device vt_efifb and receiving data, network scanning and so on. + + + GNOME/&os; + + + + + &os; GNOME Team + + gnome@FreeBSD.org + + + + + GNOME &os; page + JHbuild info and results + MATE staging repository (might break) + GNOME staging repository (might break) + + + +

    GNOME is a desktop environment and graphical user interface + that runs on top of a computer operating system. GNOME is part + of the GNU Project and can be used with various Unix-like + operating systems, including &os;.

    + +

    Preperations for merging GNOME 3 are moving forward. The + work on the documentation is falling behind a bit, but we got + some solid feedback on the rough work to keep this moving + forward as well. In the meantime, deprecation of ports that + need the old GNOME 2 desktop ports has begun. These ports + will break when the GNOME desktop components are updated to the + GNOME 3 version.

    + +

    Thanks to a combined effort by Ryan Lortie (GNOME developer), + Ting-Wei Lan (upstream contributor), and &a.kwm;, we now have a + &os;-powered JHbuild tinderbox. JHbuild is a build system that + lets building GNOME upstream code. It will attempt twice a day + to build gnome components from a specific branch, which is the + git master branch most of the time, in order to catch compile + issues. A positive side effect of this is that it lets upstream + know GNOME still lives on other systems than Linux. It also + exposes the GNOME code base to the Clang compiler and + libc++. Since the start of this project over a hundred + issues have been fixed.

    + +

    Gustau Perez has stepped up and put together a port set in the + ports-experimental tree of our developement repository + with GNOME 3.12. It was decided to polish GNOME 3.12. It will + be merged when the preparation work has (mostly) finished, and + we are happy with the stability of GNOME 3.12.

    + +

    Gustau Perez also ported Cinnamon 2.0 to &os;. It will appear + in the Ports Collection after GNOME 3 has been merged.

    + +

    MATE 1.8 was released at the beginning of April, Eric Turgeon + of GhostBSD is volunteered to do that update for &os;. Note + that this update is still based on GTK+, version 2. The + GTK+ 3-based MATE is on the roadmap for 1.10.

    + + + + Finish the work needed to be done before GNOME 3 can be + merged at all. Documentation work, port deprecation, and so + on. + + Finish porting of MATE 1.8. + + Update Cairo to 1.12 in coordination with the Graphics + Team. + +     From owner-svn-doc-all@FreeBSD.ORG Tue Apr 8 15:48:47 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 754D9C62; Tue, 8 Apr 2014 15:48:47 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 54075112C; Tue, 8 Apr 2014 15:48:47 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s38FmlQe082982; Tue, 8 Apr 2014 15:48:47 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s38Fml6N082981; Tue, 8 Apr 2014 15:48:47 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404081548.s38Fml6N082981@svn.freebsd.org> From: Dru Lavigne Date: Tue, 8 Apr 2014 15:48:47 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44487 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Apr 2014 15:48:47 -0000 Author: dru Date: Tue Apr 8 15:48:46 2014 New Revision: 44487 URL: http://svnweb.freebsd.org/changeset/doc/44487 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Tue Apr 8 15:41:16 2014 (r44486) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Tue Apr 8 15:48:46 2014 (r44487) @@ -530,7 +530,7 @@ add path 'da*' mode 0660 group operator< If SCSI disks are installed in the - system, change the second line as follows: + system, change the second line as follows: add path 'da[3-9]*' mode 0660 group operator @@ -559,11 +559,12 @@ add path 'da*' mode 0660 group operator< system is to be mounted. This directory needs to be owned by the user that is to mount the file system. One way to do that is for root to - create a subdirectory owned by that user as - /mnt/username. In the following example, - replace username with the login - name of the user and usergroup with - the user's primary group: + create a subdirectory owned by that user as /mnt/username. + In the following example, replace + username with the login name of the + user and usergroup with the user's + primary group: &prompt.root; mkdir /mnt/username &prompt.root; chown username:usergroup /mnt/username @@ -893,8 +894,8 @@ scsibus1: <acronym>ATAPI</acronym> Drives - With the help of the - ATAPI/CAM module, + With the help of the ATAPI/CAM module, cdda2wav can also be used on ATAPI drives. This tool is usually a better choice for most of users, as it supports jitter @@ -905,11 +906,11 @@ scsibus1: The ATAPI CD driver makes each track available as - /dev/acddtnn, where - d is the drive number, and - nn is the track number written - with two decimal digits, prefixed with zero as needed. So - the first track on the first disk is + /dev/acddtnn, + where d is the drive number, + and nn is the track number + written with two decimal digits, prefixed with zero as + needed. So the first track on the first disk is /dev/acd0t01, the second is /dev/acd0t02, the third is /dev/acd0t03, and so on. @@ -1173,69 +1174,69 @@ cd0: Attempt to query device size failed burning - Compared to the CD, the - DVD is the next generation of optical media - storage technology. The DVD can hold more - data than any CD and is the standard for - video publishing. + Compared to the CD, the + DVD is the next generation of optical media + storage technology. The DVD can hold more + data than any CD and is the standard for + video publishing. - Five physical recordable formats can be defined for a - recordable DVD: + Five physical recordable formats can be defined for a + recordable DVD: - - - DVD-R: This was the first DVD - recordable format available. The DVD-R standard is - defined by the DVD - Forum. This format is write once. - + + + DVD-R: This was the first DVD + recordable format available. The DVD-R standard is defined + by the DVD + Forum. This format is write once. + - - DVD-RW: This is the rewritable - version of the DVD-R standard. A - DVD-RW can be rewritten about 1000 - times. - + + DVD-RW: This is the rewritable + version of the DVD-R standard. A + DVD-RW can be rewritten about 1000 + times. + - - DVD-RAM: This is a rewritable - format which can be seen as a removable hard drive. - However, this media is not compatible with most - DVD-ROM drives and DVD-Video players - as only a few DVD writers support the - DVD-RAM format. Refer to for more information on - DVD-RAM use. - + + DVD-RAM: This is a rewritable format + which can be seen as a removable hard drive. However, this + media is not compatible with most + DVD-ROM drives and DVD-Video players as + only a few DVD writers support the + DVD-RAM format. Refer to for more information on + DVD-RAM use. + - - DVD+RW: This is a rewritable format - defined by the DVD+RW + + DVD+RW: This is a rewritable format + defined by the DVD+RW Alliance. A DVD+RW can be - rewritten about 1000 times. - + rewritten about 1000 times. + - - DVD+R: This format is the write once variation - of the DVD+RW format. - - + + DVD+R: This format is the write once variation of the + DVD+RW format. + + - A single layer recordable DVD can hold - up to 4,700,000,000 bytes which is actually 4.38 GB - or 4485 MB as 1 kilobyte is 1024 bytes. + A single layer recordable DVD can hold up + to 4,700,000,000 bytes which is actually 4.38 GB or + 4485 MB as 1 kilobyte is 1024 bytes. - - A distinction must be made between the physical media - and the application. For example, a DVD-Video is a specific - file layout that can be written on any recordable - DVD physical media such as DVD-R, DVD+R, - or DVD-RW. Before choosing the type of - media, ensure that both the burner and the DVD-Video player - are compatible with the media under consideration. - + + A distinction must be made between the physical media and + the application. For example, a DVD-Video is a specific file + layout that can be written on any recordable + DVD physical media such as DVD-R, DVD+R, or + DVD-RW. Before choosing the type of media, + ensure that both the burner and the DVD-Video player are + compatible with the media under consideration. + Configuration @@ -1540,7 +1541,8 @@ cd0: Attempt to query device size failed For More Information To obtain more information about a DVD, - use dvd+rw-mediainfo /dev/cd0 while the + use dvd+rw-mediainfo + /dev/cd0 while the disc in the specified drive. More information about @@ -2067,7 +2069,7 @@ cd0: Attempt to query device size failed     livefs - CD + CD Store this printout and a copy of the installation media in a secure location. Should an emergency restore be @@ -2754,8 +2756,8 @@ Filesystem 1K-blocks Used Avail Capacity . For the purposes of this example, a new hard drive partition has been added as /dev/ad4s1c and - /dev/ad0s1* represents the existing - standard &os; partitions. + /dev/ad0s1* + represents the existing standard &os; partitions. &prompt.root; ls /dev/ad* /dev/ad0 /dev/ad0s1b /dev/ad0s1e /dev/ad4s1 @@ -2868,7 +2870,8 @@ sector_size = 2048 &man.newfs.8; must be performed on an attached gbde partition which is - identified by a *.bde + identified by a + *.bde extension to the device name. @@ -3297,7 +3300,8 @@ Device 1K-blocks Used Av - Highly Available Storage (<acronym>HAST</acronym>) + Highly Available Storage + (<acronym>HAST</acronym>) @@ -3348,57 +3352,56 @@ Device 1K-blocks Used Av High availability is one of the main requirements in serious business applications and highly-available storage is a - key component in such environments. In &os;, the Highly Available STorage - (HAST) - framework allows transparent storage of - the same data across several physically separated machines - connected by a TCP/IP network. HAST can be - understood as a network-based RAID1 (mirror), and is similar to - the DRBD® storage system used in the GNU/&linux; - platform. In combination with other high-availability features - of &os; like CARP, HAST - makes it possible to build a highly-available storage cluster - that is resistant to hardware failures. + key component in such environments. In &os;, the Highly + Available STorage (HAST) framework allows + transparent storage of the same data across several physically + separated machines connected by a TCP/IP + network. HAST can be understood as a + network-based RAID1 (mirror), and is similar to the DRBD® + storage system used in the GNU/&linux; platform. In combination + with other high-availability features of &os; like + CARP, HAST makes it + possible to build a highly-available storage cluster that is + resistant to hardware failures. - The following are the main features of - HAST: + The following are the main features of + HAST: - - - Can be used to mask I/O errors on local hard - drives. - + + + Can be used to mask I/O errors on + local hard drives. + - - File system agnostic as it works with any file - system supported by &os;. - + + File system agnostic as it works with any file system + supported by &os;. + - - Efficient and quick resynchronization as - only the blocks that were modified during the downtime of a - node are synchronized. - + + Efficient and quick resynchronization as only the blocks + that were modified during the downtime of a node are + synchronized. + - + - - Can be used in an already deployed environment to add - additional redundancy. - + + Can be used in an already deployed environment to add + additional redundancy. + - - Together with CARP, - Heartbeat, or other tools, it - can be used to build a robust and durable storage - system. - - + + Together with CARP, + Heartbeat, or other tools, it can + be used to build a robust and durable storage system. + + After reading this section, you will know: @@ -3442,48 +3445,47 @@ Device 1K-blocks Used Av The HAST project was sponsored by The &os; Foundation with support from http://www.omc.net/ and http://www.omc.net/ + and http://www.transip.nl/. HAST Operation - HAST provides synchronous - block-level replication between two - physical machines: - the primary, also known as the + HAST provides synchronous block-level + replication between two physical machines: the + primary, also known as the master node, and the secondary, or slave node. These two machines together are referred to as a cluster. - Since HAST works in a - primary-secondary configuration, it allows only one of the - cluster nodes to be active at any given time. The - primary node, also called + Since HAST works in a primary-secondary + configuration, it allows only one of the cluster nodes to be + active at any given time. The primary node, also called active, is the one which will handle all - the I/O requests to HAST-managed - devices. The secondary node is - automatically synchronized from the primary - node. + the I/O requests to + HAST-managed devices. The secondary node + is automatically synchronized from the primary node. The physical components of the HAST - system are the local disk on primary node, and the - disk on the remote, secondary node. + system are the local disk on primary node, and the disk on the + remote, secondary node. HAST operates synchronously on a block level, making it transparent to file systems and applications. HAST provides regular GEOM providers in - /dev/hast/ for use by - other tools or applications. There is no difference - between using HAST-provided devices and - raw disks or partitions. + /dev/hast/ for use by other tools or + applications. There is no difference between using + HAST-provided devices and raw disks or + partitions. Each write, delete, or flush operation is sent to both the - local disk and to the remote disk over TCP/IP. Each read - operation is served from the local disk, unless the local disk - is not up-to-date or an I/O error occurs. In such cases, the - read operation is sent to the secondary node. + local disk and to the remote disk over + TCP/IP. Each read operation is served from + the local disk, unless the local disk is not up-to-date or an + I/O error occurs. In such cases, the read + operation is sent to the secondary node. HAST tries to provide fast failure recovery. For this reason, it is important to reduce @@ -3499,30 +3501,31 @@ Device 1K-blocks Used Av - memsync: This mode reports a write operation - as completed when the local write operation is finished - and when the remote node acknowledges data arrival, but - before actually storing the data. The data on the remote - node will be stored directly after sending the - acknowledgement. This mode is intended to reduce - latency, but still provides good + memsync: This mode reports a + write operation as completed when the local write + operation is finished and when the remote node + acknowledges data arrival, but before actually storing the + data. The data on the remote node will be stored directly + after sending the acknowledgement. This mode is intended + to reduce latency, but still provides good reliability. - fullsync: This mode reports a write - operation as completed when both the local write and the - remote write complete. This is the safest and the + fullsync: This mode reports a + write operation as completed when both the local write and + the remote write complete. This is the safest and the slowest replication mode. This mode is the default. - async: This mode reports a write operation as - completed when the local write completes. This is the - fastest and the most dangerous replication mode. It - should only be used when replicating to a distant node where - latency is too high for other modes. + async: This mode reports a write + operation as completed when the local write completes. + This is the fastest and the most dangerous replication + mode. It should only be used when replicating to a + distant node where latency is too high for other + modes. @@ -3541,8 +3544,8 @@ Device 1K-blocks Used Av - The userland management - utility, &man.hastctl.8;. + The userland management utility, + &man.hastctl.8;. @@ -3553,26 +3556,26 @@ Device 1K-blocks Used Av Users who prefer to statically build - GEOM_GATE support into the kernel - should add this line to the custom kernel configuration - file, then rebuild the kernel using the instructions in GEOM_GATE support into the kernel should + add this line to the custom kernel configuration file, then + rebuild the kernel using the instructions in : options GEOM_GATE The following example describes how to configure two nodes - in master-slave/primary-secondary - operation using HAST to replicate the data - between the two. The nodes will be called - hasta, with an IP address of - 172.16.0.1, and - hastb, with an IP of address + in master-slave/primary-secondary operation using + HAST to replicate the data between the two. + The nodes will be called hasta, with an + IP address of + 172.16.0.1, and hastb, + with an IP of address 172.16.0.2. Both nodes will have a dedicated hard drive /dev/ad6 of the same size for HAST operation. The HAST pool, sometimes referred to as a - resource or the GEOM provider in - /dev/hast/, will be called + resource or the GEOM provider in /dev/hast/, will be called test. Configuration of HAST is done using @@ -3596,14 +3599,14 @@ Device 1K-blocks Used Av It is also possible to use host names in the - remote statements if - the hosts are resolvable and defined either in + remote statements if the hosts are + resolvable and defined either in /etc/hosts or in the local DNS. - Once the configuration exists on both nodes, - the HAST pool can be created. Run these + Once the configuration exists on both nodes, the + HAST pool can be created. Run these commands on both nodes to place the initial metadata onto the local disk and to start &man.hastd.8;: @@ -3615,17 +3618,16 @@ Device 1K-blocks Used Av providers with an existing file system or to convert an existing storage to a HAST-managed pool. This procedure needs to store some metadata on the provider - and there will not be enough required space - available on an existing provider. + and there will not be enough required space available on an + existing provider. A HAST node's primary or secondary role is selected by an administrator, or software like Heartbeat, using &man.hastctl.8;. - On the primary node, - hasta, issue - this command: + On the primary node, hasta, issue this + command: &prompt.root; hastctl role primary test @@ -3634,25 +3636,25 @@ Device 1K-blocks Used Av &prompt.root; hastctl role secondary test - Verify the result by running hastctl on each - node: + Verify the result by running hastctl on + each node: &prompt.root; hastctl status test Check the status line in the output. - If it says degraded, - something is wrong with the configuration file. It should say complete - on each node, meaning that the synchronization - between the nodes has started. The synchronization - completes when hastctl status - reports 0 bytes of dirty extents. - + If it says degraded, something is wrong + with the configuration file. It should say + complete on each node, meaning that the + synchronization between the nodes has started. The + synchronization completes when hastctl + status reports 0 bytes of dirty + extents. The next step is to create a file system on the - GEOM provider and mount it. This must be done on the - primary node. Creating - the file system can take a few minutes, depending on the size - of the hard drive. This example creates a UFS + GEOM provider and mount it. This must be + done on the primary node. Creating the + file system can take a few minutes, depending on the size of + the hard drive. This example creates a UFS file system on /dev/hast/test: &prompt.root; newfs -U /dev/hast/test From owner-svn-doc-all@FreeBSD.ORG Tue Apr 8 15:50:22 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 74E9CCDB; Tue, 8 Apr 2014 15:50:22 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 61262113D; Tue, 8 Apr 2014 15:50:22 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s38FoMbU083599; Tue, 8 Apr 2014 15:50:22 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s38FoMiU083598; Tue, 8 Apr 2014 15:50:22 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404081550.s38FoMiU083598@svn.freebsd.org> From: Dru Lavigne Date: Tue, 8 Apr 2014 15:50:22 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44488 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Apr 2014 15:50:22 -0000 Author: dru Date: Tue Apr 8 15:50:21 2014 New Revision: 44488 URL: http://svnweb.freebsd.org/changeset/doc/44488 Log: Fix a grammo and a missing acronym tag. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Tue Apr 8 15:48:46 2014 (r44487) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Tue Apr 8 15:50:21 2014 (r44488) @@ -3569,7 +3569,7 @@ Device 1K-blocks Used Av The nodes will be called hasta, with an IP address of 172.16.0.1, and hastb, - with an IP of address + with an IP address of 172.16.0.2. Both nodes will have a dedicated hard drive /dev/ad6 of the same size for HAST operation. The @@ -3614,7 +3614,8 @@ Device 1K-blocks Used Av &prompt.root; service hastd onestart - It is not possible to use GEOM + It is not possible to use + GEOM providers with an existing file system or to convert an existing storage to a HAST-managed pool. This procedure needs to store some metadata on the provider From owner-svn-doc-all@FreeBSD.ORG Tue Apr 8 15:52:53 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9A0D1D9A; Tue, 8 Apr 2014 15:52:53 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7953A11D2; Tue, 8 Apr 2014 15:52:53 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s38Fqrbr086747; Tue, 8 Apr 2014 15:52:53 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s38FqruD086746; Tue, 8 Apr 2014 15:52:53 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404081552.s38FqruD086746@svn.freebsd.org> From: Gabor Pali Date: Tue, 8 Apr 2014 15:52:53 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44489 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Apr 2014 15:52:53 -0000 Author: pgj Date: Tue Apr 8 15:52:52 2014 New Revision: 44489 URL: http://svnweb.freebsd.org/changeset/doc/44489 Log: - Add 2014Q1 status report GCC in the ports Submitted by: gerald Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Tue Apr 8 15:50:21 2014 (r44488) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Tue Apr 8 15:52:52 2014 (r44489) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 31 entries and we hope you enjoy reading it.

    + contains 32 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -1970,4 +1970,61 @@ device vt_efifb Team. + + + GCC in the Ports Collection + + + + + Gerald + Pfeifer + + gerald@FreeBSD.org + + + + + Upstream GCC + + + +

    While the age old version of the GNU Compiler Collection (GCC) + in the base system is on its way out with &os; 10 and + later, there are many users who want (and some platforms which + need) to use GCC.

    + +

    For that purpose there are various versions of GCC in the ports + tree, including lang/gcc46, lang/gcc47, + lang/gcc48 and lang/gcc49 which track upstream + snapshots of the respective release branches, and more + importantly lang/gcc which serves as the canonical + version of GCC and is the default when a port requests + USE_GCC=yes as well as for some cases of + USES=compiler.

    + +

    With a lot of help from Christoph Moench-Tegeder who fixed + many ports and made a fair number respect CXXFLAGS, + LDFLAGS and friends, we managed to update the canonical + version from GCC 4.6.4 to GCC 4.7.3. Many of Christoph's fixes + also benefit Clang and other modern compilers.

    + +

    For users of lang/gcc, this upgrade proved very + smooth, and we generally recommend using this port over version + specific ones.

    + +

    After ten years of service lang/gcc34 retired, as did + lang/gcc44 after half that timespan.

    + +

    On a related note, with the help of &a.marino;, the license of + the GCC ports now properly reflects the combination of GPLv3 for + the compiler itself and GPLv3 with GCC Runtime Library Exception + for the runtime. The latter is the key in making it possible to + use GCC for building and distributing non-free software.

    + + + + Move lang/gcc from GCC 4.7 to GCC 4.8. + +     From owner-svn-doc-all@FreeBSD.ORG Tue Apr 8 16:42:18 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8CACFB32; Tue, 8 Apr 2014 16:42:18 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7860B1695; Tue, 8 Apr 2014 16:42:18 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s38GgIaI007167; Tue, 8 Apr 2014 16:42:18 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s38GgI9s007166; Tue, 8 Apr 2014 16:42:18 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404081642.s38GgI9s007166@svn.freebsd.org> From: Gabor Pali Date: Tue, 8 Apr 2014 16:42:18 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44490 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Apr 2014 16:42:18 -0000 Author: pgj Date: Tue Apr 8 16:42:17 2014 New Revision: 44490 URL: http://svnweb.freebsd.org/changeset/doc/44490 Log: - Add 2014Q1 status report for the Graphics stack Submitted by: dumbbell Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Tue Apr 8 15:52:52 2014 (r44489) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Tue Apr 8 16:42:17 2014 (r44490) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 32 entries and we hope you enjoy reading it.

    + contains 33 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -2027,4 +2027,78 @@ device vt_efifb Move lang/gcc from GCC 4.7 to GCC 4.8. + + + The Graphics stack on &os; + + + + &os; Graphics Team + graphics-team@FreeBSD.org + + + + + Graphics stack roadmap and supported hardware matrix + WITH_NEW_XORG status + Ports-related development repository + + + +

    On the kernel side, the Radeon KMS driver was merged in + stable/9 and will be available in &os; 9.3-RELEASE. + Now both the 9.x and 10.x branches share the same support for + Intel and AMD GPUs.

    + +

    The next big tasks are the updates of the DRM generic code and + the i915 driver. Both are making good progress and the + DRM update should hopefully be ready for wider testing during + April. An update of the Radeon driver is on the to-do list, but + nothing is scheduled yet.

    + +

    On the ports tree and packages side, the update to Cairo 1.12 + mentioned in the last quarterly report is ready to be committed, + as people who tested it either reported improvements or no + regressions. As a reminder, the switch from Cairo 1.10 to 1.12 + causes display artifacts with xf86-video-intel 2.7.1, but fixes + similar problems with other hardware/driver combinations. + Furthermore, Cairo 1.12 is required by Pango 1.36.0, GTK+ 3.10 + and Firefox 27.0. A Heads up mail will be posted to the + freebsd-x11 mailing-list when this update goes + live.

    + +

    In the graphics stack's ports development tree, new Mesa ports + are being worked on. Those ports are required to support GLAMOR + (the GL-based 2D acceleration library used by Radeon HD 7000+ + cards for instance) and OpenCL (using the GPU to perform + non-graphical calculations). We were able to execute some + "Hello World" OpenCL programs and play with OpenCL in darktable, + but there are some compatibility issues between Clover (Mesa's + libOpenCL implementation) and Clang/libc++.

    + +

    We are preparing an alternate pkg(8) repository with + packages built with WITH_NEW_XORG. The goal is to ease + the usage of the KMS drivers and move forward with the graphics + stack updates. The main pkg(8) repository will still + use the default setting (WITH_NEW_XORG set on + head, but not on the stable branches).

    + +

    This will pave the way to WITH_NEW_XORG deprecation + and the removal of the older stack. The current plan is to do + this after 10.0-RELEASE End-of-Life, scheduled on January 31st, + 2015. By that time, the only supported releases will be + 8.4-RELEASE, 9.3-RELEASE and 10.1-RELEASE. &os; 9.3 and 10.1 + will be fully equipped to work with the newer stack. + Unfortunately, &os; 8.x misses the required kernel DRM + infrastructure: supporting X.Org here cripples progress on the + graphics stack and, once WITH_NEW_XORG is gone, we will + not support 8.x as a desktop anymore. Therefore, please upgrade + to 9.3 or 10.1 when they are available.

    + + + + See the Graphics and WITH_NEW_XORG wiki pages + for up-to-date information. + +     From owner-svn-doc-all@FreeBSD.ORG Tue Apr 8 16:53:41 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 34C6F178; Tue, 8 Apr 2014 16:53:41 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 20DDA1799; Tue, 8 Apr 2014 16:53:41 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s38GreH4011547; Tue, 8 Apr 2014 16:53:40 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s38GreJR011546; Tue, 8 Apr 2014 16:53:40 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404081653.s38GreJR011546@svn.freebsd.org> From: Gabor Pali Date: Tue, 8 Apr 2014 16:53:40 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44491 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Apr 2014 16:53:41 -0000 Author: pgj Date: Tue Apr 8 16:53:40 2014 New Revision: 44491 URL: http://svnweb.freebsd.org/changeset/doc/44491 Log: - Add 2014Q1 status report for portmgr Submitted by: tabthorpe Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Tue Apr 8 16:42:17 2014 (r44490) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Tue Apr 8 16:53:40 2014 (r44491) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 33 entries and we hope you enjoy reading it.

    + contains 34 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -2101,4 +2101,80 @@ device vt_efifb for up-to-date information. + + + &os; Port Management Team + + + + + Thomas + Abthorpe + + portmgr-secretary@FreeBSD.org + + + + + Frederic + Culot + + culot@FreeBSD.org + + + + Port Management Team + portmgr@FreeBSD.org + + + + + + + + + + + + + + + +

    The &os; Port Management Team is to ensure that the &os; Ports + Developer community provides a ports collection that is + functional, stable, up-to-date and full-featured. It is also to + coordinate among the committers and developers who work on + it.

    + +

    The ports tree slowly approaches the 25,000 ports threshold, + while the PR count exceeds 1,800. In the first quarter, we added + four new committers, took in three commit bits for safe keeping, + and reinstated one commit bit.

    + +

    In January, longest serving port manager &a.marcus; stepped + down from his active duties on the team. At a similar time + &a.itetcu; also stepped down from his duties. Fortunately, as a + result of the first portmgr-lurkers intake, we were + able to replace them with &a.mat; and &a.antoine;.

    + +

    Commencing March 1, the second intake portmgr-lurkers + started active duty on portmgr for a four month duration. + The next two candidates are &a.danfe; and &a.culot;.

    + +

    This quarter also saw the release of the first quarterly + branch, namely 2014Q1. This branch is intended at + providing a stable and high-quality ports tree, with patches + related to security fixes as well as packaging and runtime fixes + being backported from head.

    + +

    Ongoing maintenance goes into redports.org, including QAT runs + and ports and security updates.

    + + + + As previously noted, many PRs continue to languish, we would + like to see committers dedicate themselves to closing as many as + possible. + +     From owner-svn-doc-all@FreeBSD.ORG Tue Apr 8 17:02:44 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7B7233E8; Tue, 8 Apr 2014 17:02:44 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4D9221882; Tue, 8 Apr 2014 17:02:44 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s38H2iqt015592; Tue, 8 Apr 2014 17:02:44 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s38H2iOx015591; Tue, 8 Apr 2014 17:02:44 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404081702.s38H2iOx015591@svn.freebsd.org> From: Gabor Pali Date: Tue, 8 Apr 2014 17:02:44 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44492 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Apr 2014 17:02:44 -0000 Author: pgj Date: Tue Apr 8 17:02:43 2014 New Revision: 44492 URL: http://svnweb.freebsd.org/changeset/doc/44492 Log: - Add 2014Q1 status report for external toolchains Submitted by: imp Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Tue Apr 8 16:53:40 2014 (r44491) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Tue Apr 8 17:02:43 2014 (r44492) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 34 entries and we hope you enjoy reading it.

    + contains 35 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -2177,4 +2177,46 @@ device vt_efifb possible. + + + External Toolchain Improvements + + + + + Warner + Losh + + imp@FreeBSD.org + + + + + &a.brooks;' XCC work + + + +

    Building on the work that &a.brooks; did to enable external + Clang toolchains, this project hopes to generalize that to GCC, + as well as support different versions of these compilers + simultaneously for the &os; base system and the kernel. We also + hope get to the point that a port can be cross-compiled entirely + from scratch with no initial binary artifacts.

    + + + + Setup Subversion project repository. + + Fix issues with differences of interpretation of the + -B argument between GCC and Clang. + + Support building the entire tree based only on xdev-built + compilers. + + Support building the entire tree based only on ports-built GCC + compilers. + + Support full bootstrapping of &os; to new platforms. + +     From owner-svn-doc-all@FreeBSD.ORG Tue Apr 8 17:08:57 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 08D2867B; Tue, 8 Apr 2014 17:08:57 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CFEF118C6; Tue, 8 Apr 2014 17:08:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s38H8uM8016556; Tue, 8 Apr 2014 17:08:56 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s38H8u54016555; Tue, 8 Apr 2014 17:08:56 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404081708.s38H8u54016555@svn.freebsd.org> From: Gabor Pali Date: Tue, 8 Apr 2014 17:08:56 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44493 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Apr 2014 17:08:57 -0000 Author: pgj Date: Tue Apr 8 17:08:56 2014 New Revision: 44493 URL: http://svnweb.freebsd.org/changeset/doc/44493 Log: - Add 2014Q1 status report for forward porting GCC Submitted by: imp Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Tue Apr 8 17:02:43 2014 (r44492) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Tue Apr 8 17:08:56 2014 (r44493) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 35 entries and we hope you enjoy reading it.

    + contains 36 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -2219,4 +2219,32 @@ device vt_efifb Support full bootstrapping of &os; to new platforms. + + + Forward Port &os; GCC + + + + + Warner + Losh + + imp@FreeBSD.org + + + + +

    Not all of the &os; changes to GC have been reflected upstream. + A large amount of the platform support as well as a couple minor + improvements like the kernel formatting checker need to be + forwarded ported (and if possible, moved upstream in to + GCC).

    + +

    We will be targeting the &os; ports tree lang/gcc* + ports for these efforts to (optionally) include them in these + builds. Some variation from normal builds may be required due + to bootstrapping issues when combined with the external + toolchain enhancements project.

    + +     From owner-svn-doc-all@FreeBSD.ORG Tue Apr 8 23:27:33 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9D7E3681; Tue, 8 Apr 2014 23:27:33 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 870EE13E5; Tue, 8 Apr 2014 23:27:33 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s38NRXtc073306; Tue, 8 Apr 2014 23:27:33 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s38NRVsA073296; Tue, 8 Apr 2014 23:27:31 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201404082327.s38NRVsA073296@svn.freebsd.org> From: Xin LI Date: Tue, 8 Apr 2014 23:27:31 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44494 - in head/share: security/advisories security/patches/SA-14:05 security/patches/SA-14:06 xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Apr 2014 23:27:33 -0000 Author: delphij Date: Tue Apr 8 23:27:31 2014 New Revision: 44494 URL: http://svnweb.freebsd.org/changeset/doc/44494 Log: Add two latest security advisories: Fix NFS server deadlock vulnerability. [SA-14:05] Fix OpenSSL multiple vulnerabilities. [SA-14:06] Added: head/share/security/advisories/FreeBSD-SA-14:05.nfsserver.asc (contents, props changed) head/share/security/advisories/FreeBSD-SA-14:06.openssl.asc (contents, props changed) head/share/security/patches/SA-14:05/ head/share/security/patches/SA-14:05/nfsserver.patch (contents, props changed) head/share/security/patches/SA-14:05/nfsserver.patch.asc (contents, props changed) head/share/security/patches/SA-14:06/ head/share/security/patches/SA-14:06/openssl-10.patch (contents, props changed) head/share/security/patches/SA-14:06/openssl-10.patch.asc (contents, props changed) head/share/security/patches/SA-14:06/openssl.patch (contents, props changed) head/share/security/patches/SA-14:06/openssl.patch.asc (contents, props changed) Modified: head/share/xml/advisories.xml Added: head/share/security/advisories/FreeBSD-SA-14:05.nfsserver.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-SA-14:05.nfsserver.asc Tue Apr 8 23:27:31 2014 (r44494) @@ -0,0 +1,165 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-SA-14:05.nfsserver Security Advisory + The FreeBSD Project + +Topic: Deadlock in the NFS server + +Category: core +Module: nfsserver +Announced: 2014-04-08 +Credits: Rick Macklem +Affects: All supported versions of FreeBSD. +Corrected: 2014-04-08 18:27:39 UTC (stable/10, 10.0-STABLE) + 2014-04-08 18:27:46 UTC (releng/10.0, 10.0-RELEASE-p1) + 2014-04-08 23:16:19 UTC (stable/9, 9.2-STABLE) + 2014-04-08 23:16:05 UTC (releng/9.2, 9.2-RELEASE-p4) + 2014-04-08 23:16:05 UTC (releng/9.1, 9.1-RELEASE-p11) + 2014-04-08 23:16:19 UTC (stable/8, 8.4-STABLE) + 2014-04-08 23:16:05 UTC (releng/8.4, 8.4-RELEASE-p8) + 2014-04-08 23:16:05 UTC (releng/8.3, 8.3-RELEASE-p15) +CVE Name: CVE-2014-1453 + +For general information regarding FreeBSD Security Advisories, +including descriptions of the fields above, security branches, and the +following sections, please visit . + +I. Background + +The Network File System (NFS) allows a host to export some or all of its +file systems so that other hosts can access them over the network and mount +them as if they were on local disks. FreeBSD includes both server and client +implementations of NFS. + +II. Problem Description + +The kernel holds a lock over the source directory vnode while trying to +convert the target directory file handle to a vnode, which needs to be +returned with the lock held, too. This order may be in violation of normal +lock order, which in conjunction with other threads that grab locks in the +right order, constitutes a deadlock condition because no thread can proceed. + +III. Impact + +An attacker on a trusted client could cause the NFS server become deadlocked, +resulting in a denial of service. + +IV. Workaround + +Systems that do not provide NFS services are not vulnerable. Neither +are systems that do but use the old NFS implementation, which is the +default in FreeBSD 8.x. + +To determine which implementation an NFS server is running, run the +following command: + +# kldstat -v | grep -cw nfsd + +This will print 1 if the system is running the new NFS implementation, +and 0 otherwise. + +To switch to the old NFS implementation: + +1) Append the following lines to /etc/rc.conf: + + nfsv4_server_enable="no" + oldnfs_server_enable="yes" + +2) If the NFS server is compiled into the kernel (which is the case + for the stock GENERIC kernel), replace the NFSD option with the + NFSSERVER option, then recompile your kernel as described in + . + + If the NFS server is not compiled into the kernel, the correct + module will be loaded at boot time. + +3) Finally, reboot the system. + +V. Solution + +Perform one of the following: + +1) Upgrade your vulnerable system to a supported FreeBSD stable or +release / security branch (releng) dated after the correction date. + +2) To update your vulnerable system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch http://security.FreeBSD.org/patches/SA-14:05/nfsserver.patch +# fetch http://security.FreeBSD.org/patches/SA-14:05/nfsserver.patch.asc +# gpg --verify nfsserver.patch.asc + +b) Apply the patch. + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile your kernel as described in + and reboot the +system. + +3) To update your vulnerable system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +VI. Correction details + +The following list contains the correction revision numbers for each +affected branch. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/8/ r264285 +releng/8.3/ r264284 +releng/8.4/ r264284 +stable/9/ r264285 +releng/9.1/ r264284 +releng/9.2/ r264284 +stable/10/ r264266 +releng/10.0/ r264267 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + + + +The latest revision of this advisory is available at + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (FreeBSD) + +iQIcBAEBCgAGBQJTRISyAAoJEO1n7NZdz2rnOvoQAJoxWjKV1UACccAi4Z/ChESU +rSi2NrW6ZixCmSzbPxAcz9Qv7vaQVSywfG5Zy1JddNh1aVy4ExUsd/FZcRr92Cz2 +ujprve/JBMc0YOsND7KIna9Rk7Ryj0IchRXquN5SyDhZbvWwnDNatQWID5awzgYM +aX+48WUFk/oFX009JCR2LO3u3GqOZN6fJhLSQs+Yj+CuxQO9XlQSSUK+lTDO/2ig +snT7j52eCJhsMNn1QcdMGx1Y+NdfIEDfinioAPKLUfWCXWwNRAhTD5scasHDQWV4 +60kVXZzl/CNOD7awOXwIrx3GRPQSwsg2YUqGP+jXlEdIA+MNE5+vUijDcLI/cTBj +WSApShrdybIyOyPzczDKmLae9NUeKspUoZTwwwSJ6p8Zr6m0/dBzKbk7TB+XFn17 +Q1FVDkpq7pJUzPQxNfB9Z6wwRXeZgaJBEck/P0DvHZwJDq1mZLbcPFap91I4p471 +iBVhSHHP466pj0EUuCjNrld7BgVj/iCrCO7LZr4L9t/7sDAIE+CYqv5eR7byUIOO +WoMs3zplSR1XgTk5c9p6XQifv3dtRGyJicfjtKdNFxYjeokIhXxdAjWjQmwC2XoG +PK7enzV2MHWg3nCpdCztD+4ZjHqdwOq/o2g0rVrum7SfOeZXyqr+YB58rpd6uR11 +8z8hxDfKCzc/Lo1/T+EO +=xBcd +-----END PGP SIGNATURE----- Added: head/share/security/advisories/FreeBSD-SA-14:06.openssl.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-SA-14:06.openssl.asc Tue Apr 8 23:27:31 2014 (r44494) @@ -0,0 +1,169 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-SA-14:06.openssl Security Advisory + The FreeBSD Project + +Topic: OpenSSL multiple vulnerabilities + +Category: contrib +Module: openssl +Announced: 2014-04-08 +Affects: All supported versions of FreeBSD. +Corrected: 2014-04-08 18:27:39 UTC (stable/10, 10.0-STABLE) + 2014-04-08 18:27:46 UTC (releng/10.0, 10.0-RELEASE-p1) + 2014-04-08 23:16:19 UTC (stable/9, 9.2-STABLE) + 2014-04-08 23:16:05 UTC (releng/9.2, 9.2-RELEASE-p4) + 2014-04-08 23:16:05 UTC (releng/9.1, 9.1-RELEASE-p11) + 2014-04-08 23:16:19 UTC (stable/8, 8.4-STABLE) + 2014-04-08 23:16:05 UTC (releng/8.4, 8.4-RELEASE-p8) + 2014-04-08 23:16:05 UTC (releng/8.3, 8.3-RELEASE-p15) +CVE Name: CVE-2014-0076, CVE-2014-0160 + +For general information regarding FreeBSD Security Advisories, +including descriptions of the fields above, security branches, and the +following sections, please visit . + +I. Background + +FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is +a collaborative effort to develop a robust, commercial-grade, full-featured +Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) +and Transport Layer Security (TLS v1) protocols as well as a full-strength +general purpose cryptography library. + +The Heartbeat Extension provides a new protocol for TLS/DTLS allowing the +usage of keep-alive functionality without performing a renegotiation and a +basis for path MTU (PMTU) discovery for DTLS. + +Elliptic Curve Digital Signature Algorithm (ECDSA) is a variant of the +Digital Signature Algorithm (DSA) which uses Elliptic Curve Cryptography. +OpenSSL uses the Montgomery Ladder Approach to compute scalar multiplication +in a fixed amount of time, which does not leak any information through timing +or power. + +II. Problem Description + +The code used to handle the Heartbeat Extension does not do sufficient boundary +checks on record length, which allows reading beyond the actual payload. +[CVE-2014-0160]. Affects FreeBSD 10.0 only. + +A flaw in the implementation of Montgomery Ladder Approach would create a +side-channel that leaks sensitive timing information. [CVE-2014-0076] + +III. Impact + +An attacker who can send a specifically crafted packet to TLS server or client +with an established connection can reveal up to 64k of memory of the remote +system. Such memory might contain sensitive information, including key +material, protected content, etc. which could be directly useful, or might +be leveraged to obtain elevated privileges. [CVE-2014-0160] + +A local attacker might be able to snoop a signing process and might recover +the signing key from it. [CVE-2014-0076] + +IV. Workaround + +No workaround is available, but systems that do not use OpenSSL to implement +the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) +protocols implementation and do not use the ECDSA implementation from OpenSSL +are not vulnerable. + +V. Solution + +Perform one of the following: + +1) Upgrade your vulnerable system to a supported FreeBSD stable or +release / security branch (releng) dated after the correction date. + +2) To update your vulnerable system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +[FreeBSD 8.x and FreeBSD 9.x] +# fetch http://security.FreeBSD.org/patches/SA-14:06/openssl.patch +# fetch http://security.FreeBSD.org/patches/SA-14:06/openssl.patch.asc +# gpg --verify openssl.patch.asc + +[FreeBSD 10.0] +# fetch http://security.FreeBSD.org/patches/SA-14:06/openssl-10.patch +# fetch http://security.FreeBSD.org/patches/SA-14:06/openssl-10.patch.asc +# gpg --verify openssl-10.patch.asc + +Recompile the operating system using buildworld and installworld as +described in . + +Restart all deamons using the library, or reboot the system. + +3) To update your vulnerable system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +IMPORTANT: the update procedure above does not update OpenSSL from the +Ports Collection or from a package, known as security/openssl, which +has to be updated separately via ports or package. Users who have +installed security/openssl should update to at least version 1.0.1_10. + +VI. Correction details + +The following list contains the correction revision numbers for each +affected branch. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/8/ r264285 +releng/8.3/ r264284 +releng/8.4/ r264284 +stable/9/ r264285 +releng/9.1/ r264284 +releng/9.2/ r264284 +stable/10/ r264266 +releng/10.0/ r264267 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + + + + + + + +The latest revision of this advisory is available at + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (FreeBSD) + +iQIcBAEBCgAGBQJTRISyAAoJEO1n7NZdz2rnwdgP/RFT6HsugPJZeIKX2Rn36Mat +qgAET7gotiU1Y7G/647BiSCOn/BQs9Z1yTLE7wKdgiVDDTZOHJCJxssXav/+Cqli +G1Cyoi2Rv9R77sno0wdj62YguTg0EKnU52CYpHVmF2NA0H/zexXDrCgiQtyvnU62 +ZtM2TO76qhKFXwNtIQ1EQYmu+qsxLbp65ryyu9Tq7rXlc52JYTa0QdWDcKoPtcBO +U85HzJwQglX2lEmipv63s0vwur5eSTtlWSmUSpFzE1jsjYiRl7xFHQKdXxA5Ifw0 +qO7LYrYK7b4EyEq9TcQQKvh05IgorjRcA4i0mSQFpc0HINtgv3bYlHyQL+tyN1+k +/4uzdDFB27j8EuKZzEg6aF1JLNq9/zMvx+E0iykPodb5i+n5BzPzWc4rogHvj7rU +mfSeABG3m/SifTewy1258V3TRfTKLNU8EPX2CTnJI9WjYX83GO7sM1vtaGQUOAFK +gff2tFfeSmDpyCmp+RwnmIr5IefIG2y8s/0iJM/wLF3rW8ZrwP1zX+cot5KRCWfT +FpdhHHLRcsCLM7frxmSgRdN+iuXIAcdfbj1EN7z1ryHLk2vRsm2n66kojt4BCnig +7JcStOjMSz843+1L3eCZubHIxVxxjKBGwqVfQ9OWbgeIro0+bapYLJIavuAa9BM6 +1T0hWKFh59zAxyGPqX49 +=X7Qk +-----END PGP SIGNATURE----- Added: head/share/security/patches/SA-14:05/nfsserver.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-14:05/nfsserver.patch Tue Apr 8 23:27:31 2014 (r44494) @@ -0,0 +1,70 @@ +Index: sys/fs/nfsserver/nfs_nfsdserv.c +=================================================================== +--- sys/fs/nfsserver/nfs_nfsdserv.c (revision 264251) ++++ sys/fs/nfsserver/nfs_nfsdserv.c (working copy) +@@ -1457,10 +1457,23 @@ nfsrvd_rename(struct nfsrv_descript *nd, int isdgr + nfsvno_relpathbuf(&fromnd); + goto out; + } ++ /* ++ * Unlock dp in this code section, so it is unlocked before ++ * tdp gets locked. This avoids a potential LOR if tdp is the ++ * parent directory of dp. ++ */ + if (nd->nd_flag & ND_NFSV4) { + tdp = todp; + tnes = *toexp; +- tdirfor_ret = nfsvno_getattr(tdp, &tdirfor, nd->nd_cred, p, 0); ++ if (dp != tdp) { ++ NFSVOPUNLOCK(dp, 0); ++ tdirfor_ret = nfsvno_getattr(tdp, &tdirfor, nd->nd_cred, ++ p, 0); /* Might lock tdp. */ ++ } else { ++ tdirfor_ret = nfsvno_getattr(tdp, &tdirfor, nd->nd_cred, ++ p, 1); ++ NFSVOPUNLOCK(dp, 0); ++ } + } else { + tfh.nfsrvfh_len = 0; + error = nfsrv_mtofh(nd, &tfh); +@@ -1481,10 +1494,12 @@ nfsrvd_rename(struct nfsrv_descript *nd, int isdgr + tnes = *exp; + tdirfor_ret = nfsvno_getattr(tdp, &tdirfor, nd->nd_cred, + p, 1); ++ NFSVOPUNLOCK(dp, 0); + } else { ++ NFSVOPUNLOCK(dp, 0); + nd->nd_cred->cr_uid = nd->nd_saveduid; + nfsd_fhtovp(nd, &tfh, LK_EXCLUSIVE, &tdp, &tnes, NULL, +- 0, p); ++ 0, p); /* Locks tdp. */ + if (tdp) { + tdirfor_ret = nfsvno_getattr(tdp, &tdirfor, + nd->nd_cred, p, 1); +@@ -1499,7 +1514,7 @@ nfsrvd_rename(struct nfsrv_descript *nd, int isdgr + if (error) { + if (tdp) + vrele(tdp); +- vput(dp); ++ vrele(dp); + nfsvno_relpathbuf(&fromnd); + nfsvno_relpathbuf(&tond); + goto out; +@@ -1514,7 +1529,7 @@ nfsrvd_rename(struct nfsrv_descript *nd, int isdgr + } + if (tdp) + vrele(tdp); +- vput(dp); ++ vrele(dp); + nfsvno_relpathbuf(&fromnd); + nfsvno_relpathbuf(&tond); + goto out; +@@ -1523,7 +1538,7 @@ nfsrvd_rename(struct nfsrv_descript *nd, int isdgr + /* + * Done parsing, now down to business. + */ +- nd->nd_repstat = nfsvno_namei(nd, &fromnd, dp, 1, exp, p, &fdirp); ++ nd->nd_repstat = nfsvno_namei(nd, &fromnd, dp, 0, exp, p, &fdirp); + if (nd->nd_repstat) { + if (nd->nd_flag & ND_NFSV3) { + nfsrv_wcc(nd, fdirfor_ret, &fdirfor, fdiraft_ret, Added: head/share/security/patches/SA-14:05/nfsserver.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-14:05/nfsserver.patch.asc Tue Apr 8 23:27:31 2014 (r44494) @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (FreeBSD) + +iQIcBAABCgAGBQJTRISyAAoJEO1n7NZdz2rnpjwP/1IqQ6BYvuyc5s5PZe27pJaX +R5gOEq72RxI1mFEhV+6H0Sfk8YD7KjO74YxF9jsCyqbRJJNF08v1rik4sCBjjyWg ++kk58H5xrGFFXMx1A4xiBwXBZzgnzc2g/18IV3x2+YvjmZFzldSp7HOzOouKNBh0 +kRN8gisceYsNdbj0nUkp9ztJbrPID+A2e5GWtu/b9fYCMoD20ng6jO1tOQ8ZQ/MY +v0uEQvZH8Nx05525a1LCxKYb5EfbXSQp2kg7UeUmCJ/2XNf6kFydrR9xeuy4Bf9w +nSd/aVm+3alJEPvogH0RwZyZOXaEG2BibLhs6TzVRpbLYA1KoVgREeFYKbR8swhz +omZJq2wrXctHR+5HejNHbzCfD3i8EvIx5RJuFikX2MqHpFiiBZwAcjwQ8+zv3cGw +n5PpkvmIc5DhCvcAgLdD8yfY/BgYaRSjDkNh/gXMlM14RtT9/8+SAfaVdArHLM4a +Vn+7YEE3BKQQqI77vJNwjlMQoiaX4kYSB+PfQm67I4cO2d2s+KcxYuCuGaIDUKzl +viUE0HjQqDiA7zyfm0efXug6ezmmuEX3+vkTe42kA9BLrBh5EQnW18UR1RCr4rMw +I/bXDLsiPoAyVd+6DJ1RgZK+1TLP6p6SBlE4TUA7IDzartIBWkL/LgWjvXeD+zNc +EvHJWTOgfiFtbaPjrZf2 +=ud+9 +-----END PGP SIGNATURE----- Added: head/share/security/patches/SA-14:06/openssl-10.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-14:06/openssl-10.patch Tue Apr 8 23:27:31 2014 (r44494) @@ -0,0 +1,241 @@ +Index: crypto/openssl/crypto/bn/bn.h +=================================================================== +--- crypto/openssl/crypto/bn/bn.h (revision 264251) ++++ crypto/openssl/crypto/bn/bn.h (working copy) +@@ -538,6 +538,8 @@ BIGNUM *BN_mod_inverse(BIGNUM *ret, + BIGNUM *BN_mod_sqrt(BIGNUM *ret, + const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx); + ++void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords); ++ + /* Deprecated versions */ + #ifndef OPENSSL_NO_DEPRECATED + BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int safe, +@@ -774,11 +776,20 @@ int RAND_pseudo_bytes(unsigned char *buf,int num); + + #define bn_fix_top(a) bn_check_top(a) + ++#define bn_check_size(bn, bits) bn_wcheck_size(bn, ((bits+BN_BITS2-1))/BN_BITS2) ++#define bn_wcheck_size(bn, words) \ ++ do { \ ++ const BIGNUM *_bnum2 = (bn); \ ++ assert(words <= (_bnum2)->dmax && words >= (_bnum2)->top); \ ++ } while(0) ++ + #else /* !BN_DEBUG */ + + #define bn_pollute(a) + #define bn_check_top(a) + #define bn_fix_top(a) bn_correct_top(a) ++#define bn_check_size(bn, bits) ++#define bn_wcheck_size(bn, words) + + #endif + +Index: crypto/openssl/crypto/bn/bn_lib.c +=================================================================== +--- crypto/openssl/crypto/bn/bn_lib.c (revision 264251) ++++ crypto/openssl/crypto/bn/bn_lib.c (working copy) +@@ -824,3 +824,55 @@ int bn_cmp_part_words(const BN_ULONG *a, const BN_ + } + return bn_cmp_words(a,b,cl); + } ++ ++/* ++ * Constant-time conditional swap of a and b. ++ * a and b are swapped if condition is not 0. The code assumes that at most one bit of condition is set. ++ * nwords is the number of words to swap. The code assumes that at least nwords are allocated in both a and b, ++ * and that no more than nwords are used by either a or b. ++ * a and b cannot be the same number ++ */ ++void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords) ++ { ++ BN_ULONG t; ++ int i; ++ ++ bn_wcheck_size(a, nwords); ++ bn_wcheck_size(b, nwords); ++ ++ assert(a != b); ++ assert((condition & (condition - 1)) == 0); ++ assert(sizeof(BN_ULONG) >= sizeof(int)); ++ ++ condition = ((condition - 1) >> (BN_BITS2 - 1)) - 1; ++ ++ t = (a->top^b->top) & condition; ++ a->top ^= t; ++ b->top ^= t; ++ ++#define BN_CONSTTIME_SWAP(ind) \ ++ do { \ ++ t = (a->d[ind] ^ b->d[ind]) & condition; \ ++ a->d[ind] ^= t; \ ++ b->d[ind] ^= t; \ ++ } while (0) ++ ++ ++ switch (nwords) { ++ default: ++ for (i = 10; i < nwords; i++) ++ BN_CONSTTIME_SWAP(i); ++ /* Fallthrough */ ++ case 10: BN_CONSTTIME_SWAP(9); /* Fallthrough */ ++ case 9: BN_CONSTTIME_SWAP(8); /* Fallthrough */ ++ case 8: BN_CONSTTIME_SWAP(7); /* Fallthrough */ ++ case 7: BN_CONSTTIME_SWAP(6); /* Fallthrough */ ++ case 6: BN_CONSTTIME_SWAP(5); /* Fallthrough */ ++ case 5: BN_CONSTTIME_SWAP(4); /* Fallthrough */ ++ case 4: BN_CONSTTIME_SWAP(3); /* Fallthrough */ ++ case 3: BN_CONSTTIME_SWAP(2); /* Fallthrough */ ++ case 2: BN_CONSTTIME_SWAP(1); /* Fallthrough */ ++ case 1: BN_CONSTTIME_SWAP(0); ++ } ++#undef BN_CONSTTIME_SWAP ++} +Index: crypto/openssl/crypto/ec/ec2_mult.c +=================================================================== +--- crypto/openssl/crypto/ec/ec2_mult.c (revision 264251) ++++ crypto/openssl/crypto/ec/ec2_mult.c (working copy) +@@ -208,11 +208,15 @@ static int gf2m_Mxy(const EC_GROUP *group, const B + return ret; + } + ++ + /* Computes scalar*point and stores the result in r. + * point can not equal r. +- * Uses algorithm 2P of ++ * Uses a modified algorithm 2P of + * Lopez, J. and Dahab, R. "Fast multiplication on elliptic curves over + * GF(2^m) without precomputation" (CHES '99, LNCS 1717). ++ * ++ * To protect against side-channel attack the function uses constant time swap, ++ * avoiding conditional branches. + */ + static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, + const EC_POINT *point, BN_CTX *ctx) +@@ -246,6 +250,11 @@ static int ec_GF2m_montgomery_point_multiply(const + x2 = &r->X; + z2 = &r->Y; + ++ bn_wexpand(x1, group->field.top); ++ bn_wexpand(z1, group->field.top); ++ bn_wexpand(x2, group->field.top); ++ bn_wexpand(z2, group->field.top); ++ + if (!BN_GF2m_mod_arr(x1, &point->X, group->poly)) goto err; /* x1 = x */ + if (!BN_one(z1)) goto err; /* z1 = 1 */ + if (!group->meth->field_sqr(group, z2, x1, ctx)) goto err; /* z2 = x1^2 = x^2 */ +@@ -270,16 +279,12 @@ static int ec_GF2m_montgomery_point_multiply(const + word = scalar->d[i]; + while (mask) + { +- if (word & mask) +- { +- if (!gf2m_Madd(group, &point->X, x1, z1, x2, z2, ctx)) goto err; +- if (!gf2m_Mdouble(group, x2, z2, ctx)) goto err; +- } +- else +- { +- if (!gf2m_Madd(group, &point->X, x2, z2, x1, z1, ctx)) goto err; +- if (!gf2m_Mdouble(group, x1, z1, ctx)) goto err; +- } ++ BN_consttime_swap(word & mask, x1, x2, group->field.top); ++ BN_consttime_swap(word & mask, z1, z2, group->field.top); ++ if (!gf2m_Madd(group, &point->X, x2, z2, x1, z1, ctx)) goto err; ++ if (!gf2m_Mdouble(group, x1, z1, ctx)) goto err; ++ BN_consttime_swap(word & mask, x1, x2, group->field.top); ++ BN_consttime_swap(word & mask, z1, z2, group->field.top); + mask >>= 1; + } + mask = BN_TBIT; +Index: crypto/openssl/ssl/d1_both.c +=================================================================== +--- crypto/openssl/ssl/d1_both.c (revision 264251) ++++ crypto/openssl/ssl/d1_both.c (working copy) +@@ -1458,26 +1458,36 @@ dtls1_process_heartbeat(SSL *s) + unsigned int payload; + unsigned int padding = 16; /* Use minimum padding */ + ++ if (s->msg_callback) ++ s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT, ++ &s->s3->rrec.data[0], s->s3->rrec.length, ++ s, s->msg_callback_arg); ++ + /* Read type and payload length first */ ++ if (1 + 2 + 16 > s->s3->rrec.length) ++ return 0; /* silently discard */ + hbtype = *p++; + n2s(p, payload); ++ if (1 + 2 + payload + 16 > s->s3->rrec.length) ++ return 0; /* silently discard per RFC 6520 sec. 4 */ + pl = p; + +- if (s->msg_callback) +- s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT, +- &s->s3->rrec.data[0], s->s3->rrec.length, +- s, s->msg_callback_arg); +- + if (hbtype == TLS1_HB_REQUEST) + { + unsigned char *buffer, *bp; ++ unsigned int write_length = 1 /* heartbeat type */ + ++ 2 /* heartbeat length */ + ++ payload + padding; + int r; + ++ if (write_length > SSL3_RT_MAX_PLAIN_LENGTH) ++ return 0; ++ + /* Allocate memory for the response, size is 1 byte + * message type, plus 2 bytes payload length, plus + * payload, plus padding + */ +- buffer = OPENSSL_malloc(1 + 2 + payload + padding); ++ buffer = OPENSSL_malloc(write_length); + bp = buffer; + + /* Enter response type, length and copy payload */ +@@ -1488,11 +1498,11 @@ dtls1_process_heartbeat(SSL *s) + /* Random padding */ + RAND_pseudo_bytes(bp, padding); + +- r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, 3 + payload + padding); ++ r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, write_length); + + if (r >= 0 && s->msg_callback) + s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT, +- buffer, 3 + payload + padding, ++ buffer, write_length, + s, s->msg_callback_arg); + + OPENSSL_free(buffer); +Index: crypto/openssl/ssl/t1_lib.c +=================================================================== +--- crypto/openssl/ssl/t1_lib.c (revision 264251) ++++ crypto/openssl/ssl/t1_lib.c (working copy) +@@ -2486,16 +2486,20 @@ tls1_process_heartbeat(SSL *s) + unsigned int payload; + unsigned int padding = 16; /* Use minimum padding */ + ++ if (s->msg_callback) ++ s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT, ++ &s->s3->rrec.data[0], s->s3->rrec.length, ++ s, s->msg_callback_arg); ++ + /* Read type and payload length first */ ++ if (1 + 2 + 16 > s->s3->rrec.length) ++ return 0; /* silently discard */ + hbtype = *p++; + n2s(p, payload); ++ if (1 + 2 + payload + 16 > s->s3->rrec.length) ++ return 0; /* silently discard per RFC 6520 sec. 4 */ + pl = p; + +- if (s->msg_callback) +- s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT, +- &s->s3->rrec.data[0], s->s3->rrec.length, +- s, s->msg_callback_arg); +- + if (hbtype == TLS1_HB_REQUEST) + { + unsigned char *buffer, *bp; Added: head/share/security/patches/SA-14:06/openssl-10.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-14:06/openssl-10.patch.asc Tue Apr 8 23:27:31 2014 (r44494) @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (FreeBSD) + +iQIcBAABCgAGBQJTRISyAAoJEO1n7NZdz2rnH4MQAN2LbMPf1MKwtVJPT9r1qDwh +RXxn23yAPwnGh4Y4YkG+lWl2rq4QK3smKgsYwl45D9TJyK+5xjzRjT34nqmfPaKl +lyQU/LtlxwxsUVrDx/12eaQgRZWcK3NWI65hJGu2kgNRT5g1mSLeTh0EBYDTp0A5 +JF2RuL8hVir3JiDKkbQf/lLfkfpKq8P1Y24ha1W0GJameh+dFFmnjv9WPTBiQvBQ +9HV/8RIT88TJtS0PVtKtX2Inr7Xb2Dl4lvHS+graI+zsLKWSCQmG/Lt/cDfcuyKe +CKjnXESlGwD4joNmZLz49G4BtVyDrXJXV3np98mCkt4VA8baRJn/tMerOyIiRA1Z +PruJETeQRxnvdnLetODmgxObkOqdEHk6tYTpTUGSeLQQih3iGSxXuSC9LBx7u2jY +soyB7NT59NbReIhVLCtPn6Ww9xd1HmpYEOd8yfklKOuNdchK1l89RX668lmqblAb +EtOxe9+cDjyrggKFS4OeJTOiciJBlln7YTgpLQbxXQU2DEjGemMD20W06ZVO3ku8 +OYH+8IVT+WWslteifp2UhW+Sh43qLy/49ahM2SOpD/Cjuf4p/r1OFgYXIZcW59q0 +eroE9cUXWV1lAvaYKR1P5nBO/FWl3uVPSx0aFvmlGACR4nULKlwRLWcKrYz+nftV +KIonztokb/H3JnITL+A8 +=kE9T +-----END PGP SIGNATURE----- Added: head/share/security/patches/SA-14:06/openssl.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-14:06/openssl.patch Tue Apr 8 23:27:31 2014 (r44494) @@ -0,0 +1,147 @@ +Index: crypto/openssl/crypto/bn/bn.h +=================================================================== +--- crypto/openssl/crypto/bn/bn.h (revision 264251) ++++ crypto/openssl/crypto/bn/bn.h (working copy) +@@ -511,6 +511,8 @@ BIGNUM *BN_mod_inverse(BIGNUM *ret, + BIGNUM *BN_mod_sqrt(BIGNUM *ret, + const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx); + ++void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords); ++ + /* Deprecated versions */ + #ifndef OPENSSL_NO_DEPRECATED + BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int safe, +@@ -740,11 +742,20 @@ int RAND_pseudo_bytes(unsigned char *buf,int num); + + #define bn_fix_top(a) bn_check_top(a) + ++#define bn_check_size(bn, bits) bn_wcheck_size(bn, ((bits+BN_BITS2-1))/BN_BITS2) ++#define bn_wcheck_size(bn, words) \ ++ do { \ ++ const BIGNUM *_bnum2 = (bn); \ ++ assert(words <= (_bnum2)->dmax && words >= (_bnum2)->top); \ ++ } while(0) ++ + #else /* !BN_DEBUG */ + + #define bn_pollute(a) + #define bn_check_top(a) + #define bn_fix_top(a) bn_correct_top(a) ++#define bn_check_size(bn, bits) ++#define bn_wcheck_size(bn, words) + + #endif + +Index: crypto/openssl/crypto/bn/bn_lib.c +=================================================================== +--- crypto/openssl/crypto/bn/bn_lib.c (revision 264251) ++++ crypto/openssl/crypto/bn/bn_lib.c (working copy) +@@ -824,3 +824,55 @@ int bn_cmp_part_words(const BN_ULONG *a, const BN_ + } + return bn_cmp_words(a,b,cl); + } ++ ++/* ++ * Constant-time conditional swap of a and b. ++ * a and b are swapped if condition is not 0. The code assumes that at most one bit of condition is set. ++ * nwords is the number of words to swap. The code assumes that at least nwords are allocated in both a and b, ++ * and that no more than nwords are used by either a or b. ++ * a and b cannot be the same number ++ */ ++void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords) ++ { ++ BN_ULONG t; ++ int i; ++ ++ bn_wcheck_size(a, nwords); ++ bn_wcheck_size(b, nwords); ++ ++ assert(a != b); ++ assert((condition & (condition - 1)) == 0); ++ assert(sizeof(BN_ULONG) >= sizeof(int)); ++ ++ condition = ((condition - 1) >> (BN_BITS2 - 1)) - 1; ++ ++ t = (a->top^b->top) & condition; ++ a->top ^= t; ++ b->top ^= t; ++ ++#define BN_CONSTTIME_SWAP(ind) \ ++ do { \ ++ t = (a->d[ind] ^ b->d[ind]) & condition; \ ++ a->d[ind] ^= t; \ ++ b->d[ind] ^= t; \ ++ } while (0) ++ ++ ++ switch (nwords) { ++ default: ++ for (i = 10; i < nwords; i++) ++ BN_CONSTTIME_SWAP(i); ++ /* Fallthrough */ ++ case 10: BN_CONSTTIME_SWAP(9); /* Fallthrough */ ++ case 9: BN_CONSTTIME_SWAP(8); /* Fallthrough */ ++ case 8: BN_CONSTTIME_SWAP(7); /* Fallthrough */ ++ case 7: BN_CONSTTIME_SWAP(6); /* Fallthrough */ ++ case 6: BN_CONSTTIME_SWAP(5); /* Fallthrough */ ++ case 5: BN_CONSTTIME_SWAP(4); /* Fallthrough */ ++ case 4: BN_CONSTTIME_SWAP(3); /* Fallthrough */ ++ case 3: BN_CONSTTIME_SWAP(2); /* Fallthrough */ ++ case 2: BN_CONSTTIME_SWAP(1); /* Fallthrough */ ++ case 1: BN_CONSTTIME_SWAP(0); ++ } ++#undef BN_CONSTTIME_SWAP ++} +Index: crypto/openssl/crypto/ec/ec2_mult.c +=================================================================== +--- crypto/openssl/crypto/ec/ec2_mult.c (revision 264251) ++++ crypto/openssl/crypto/ec/ec2_mult.c (working copy) +@@ -208,9 +208,12 @@ static int gf2m_Mxy(const EC_GROUP *group, const B + + /* Computes scalar*point and stores the result in r. + * point can not equal r. +- * Uses algorithm 2P of ++ * Uses a modified algorithm 2P of + * Lopex, J. and Dahab, R. "Fast multiplication on elliptic curves over + * GF(2^m) without precomputation". ++ * ++ * To protect against side-channel attack the function uses constant time ++ * swap avoiding conditional branches. + */ + static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, + const EC_POINT *point, BN_CTX *ctx) +@@ -244,6 +247,11 @@ static int ec_GF2m_montgomery_point_multiply(const + x2 = &r->X; + z2 = &r->Y; + ++ bn_wexpand(x1, group->field.top); ++ bn_wexpand(z1, group->field.top); ++ bn_wexpand(x2, group->field.top); ++ bn_wexpand(z2, group->field.top); ++ + if (!BN_GF2m_mod_arr(x1, &point->X, group->poly)) goto err; /* x1 = x */ + if (!BN_one(z1)) goto err; /* z1 = 1 */ + if (!group->meth->field_sqr(group, z2, x1, ctx)) goto err; /* z2 = x1^2 = x^2 */ +@@ -266,16 +274,12 @@ static int ec_GF2m_montgomery_point_multiply(const + { + for (; j >= 0; j--) + { +- if (scalar->d[i] & mask) +- { +- if (!gf2m_Madd(group, &point->X, x1, z1, x2, z2, ctx)) goto err; +- if (!gf2m_Mdouble(group, x2, z2, ctx)) goto err; +- } +- else +- { +- if (!gf2m_Madd(group, &point->X, x2, z2, x1, z1, ctx)) goto err; +- if (!gf2m_Mdouble(group, x1, z1, ctx)) goto err; +- } ++ BN_consttime_swap(scalar->d[i] & mask, x1, x2, group->field.top); ++ BN_consttime_swap(scalar->d[i] & mask, z1, z2, group->field.top); ++ if (!gf2m_Madd(group, &point->X, x2, z2, x1, z1, ctx)) goto err; ++ if (!gf2m_Mdouble(group, x1, z1, ctx)) goto err; ++ BN_consttime_swap(scalar->d[i] & mask, x1, x2, group->field.top); ++ BN_consttime_swap(scalar->d[i] & mask, z1, z2, group->field.top); + mask >>= 1; + } + j = BN_BITS2 - 1; Added: head/share/security/patches/SA-14:06/openssl.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-14:06/openssl.patch.asc Tue Apr 8 23:27:31 2014 (r44494) @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (FreeBSD) + +iQIcBAABCgAGBQJTRISyAAoJEO1n7NZdz2rnhZIP/0Y8pnBr0lwVcN9qvtZUmFNn +Xg74WoB4CcpHKfDMSct2Rcn++Ezx3BferOQ0TLQdLhoIoZQiQIvtiXL87Xie9Abg +jD1enNYn1tw5jb5rwbRrTamo/Sfwgnsnasy/mg+ZJSGRvTmcsQXVousUvEe68IHM +zO0AcM6QsS4YU5agwS+0ICCkfQFY29JlizJ/uABXq5gasiTdslm8g18kcUB8VIp6 +G7TL0hhqDnh2C1K49YSQVtkDZkSfWJfjthl0tv/hpL7X6JPhUFDChFGCrJAdB0fm +sDAzOd+4fPBbtjhwhibZz8LnzfsDQ8jeU+hnoO+lVqJ8U61OZgWv7zyWV2EVfjlt +hmhBadR8RjIPM8uZ4C3TTjcJt0uhrr6lEJ0omvt/TIloS7tFbub24/oMN3Vw6DxY +qLh6G6tZ1B5nRMqnqboQWJKOhdXiyd2ZnVjUDx/gyLLBRbXpQakUKyrDJoMelMEv +qKBf2SKm1yMWSwLrNQ526HEvaDmgPH2YDnQOG+MgNVn4w+A3zXapXtZiu7TV4z3z +rpiQU6QHrv+g41Jkh0TZJUavoWHxM7mpt9otmEg4uC7KlfVe0mrpu+OCTr+1nlSR +g0AubXbvRW5YaLoGGZpOw80YoRa3GybMdhB1tXDV2Bv5+yNczS+DmlN4WKaG2rvc +NJtlEfF4UvAMSv6AI9V/ +=FeFQ +-----END PGP SIGNATURE----- Modified: head/share/xml/advisories.xml ============================================================================== --- head/share/xml/advisories.xml Tue Apr 8 17:08:56 2014 (r44493) +++ head/share/xml/advisories.xml Tue Apr 8 23:27:31 2014 (r44494) @@ -8,6 +8,22 @@ 2014 + 4 + + + 08 + + + FreeBSD-SA-14:06.openssl + + + + FreeBSD-SA-14:05.nfsserver + + + + + 1 From owner-svn-doc-all@FreeBSD.ORG Wed Apr 9 01:06:07 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 24A75CE7; Wed, 9 Apr 2014 01:06:07 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 04C8110C2; Wed, 9 Apr 2014 01:06:07 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s391660X037350; Wed, 9 Apr 2014 01:06:06 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s39166oX037349; Wed, 9 Apr 2014 01:06:06 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201404090106.s39166oX037349@svn.freebsd.org> From: Xin LI Date: Wed, 9 Apr 2014 01:06:06 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44495 - head/share/security/advisories X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 01:06:07 -0000 Author: delphij Date: Wed Apr 9 01:06:06 2014 New Revision: 44495 URL: http://svnweb.freebsd.org/changeset/doc/44495 Log: SA-14:06: Add patch applying step in Solutions section. Noticed by: fwaggle Modified: head/share/security/advisories/FreeBSD-SA-14:06.openssl.asc Modified: head/share/security/advisories/FreeBSD-SA-14:06.openssl.asc ============================================================================== --- head/share/security/advisories/FreeBSD-SA-14:06.openssl.asc Tue Apr 8 23:27:31 2014 (r44494) +++ head/share/security/advisories/FreeBSD-SA-14:06.openssl.asc Wed Apr 9 01:06:06 2014 (r44495) @@ -25,6 +25,11 @@ For general information regarding FreeBS including descriptions of the fields above, security branches, and the following sections, please visit . +0. Revision History + +v1.0 2014-04-08 Initial release. +v1.1 2014-04-08 Added patch applying step in Solutions section. + I. Background FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is @@ -95,6 +100,11 @@ detached PGP signature using your PGP ut # fetch http://security.FreeBSD.org/patches/SA-14:06/openssl-10.patch.asc # gpg --verify openssl-10.patch.asc +b) Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + Recompile the operating system using buildworld and installworld as described in . @@ -153,17 +163,17 @@ The latest revision of this advisory is -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) -iQIcBAEBCgAGBQJTRISyAAoJEO1n7NZdz2rnwdgP/RFT6HsugPJZeIKX2Rn36Mat -qgAET7gotiU1Y7G/647BiSCOn/BQs9Z1yTLE7wKdgiVDDTZOHJCJxssXav/+Cqli -G1Cyoi2Rv9R77sno0wdj62YguTg0EKnU52CYpHVmF2NA0H/zexXDrCgiQtyvnU62 -ZtM2TO76qhKFXwNtIQ1EQYmu+qsxLbp65ryyu9Tq7rXlc52JYTa0QdWDcKoPtcBO -U85HzJwQglX2lEmipv63s0vwur5eSTtlWSmUSpFzE1jsjYiRl7xFHQKdXxA5Ifw0 -qO7LYrYK7b4EyEq9TcQQKvh05IgorjRcA4i0mSQFpc0HINtgv3bYlHyQL+tyN1+k -/4uzdDFB27j8EuKZzEg6aF1JLNq9/zMvx+E0iykPodb5i+n5BzPzWc4rogHvj7rU -mfSeABG3m/SifTewy1258V3TRfTKLNU8EPX2CTnJI9WjYX83GO7sM1vtaGQUOAFK -gff2tFfeSmDpyCmp+RwnmIr5IefIG2y8s/0iJM/wLF3rW8ZrwP1zX+cot5KRCWfT -FpdhHHLRcsCLM7frxmSgRdN+iuXIAcdfbj1EN7z1ryHLk2vRsm2n66kojt4BCnig -7JcStOjMSz843+1L3eCZubHIxVxxjKBGwqVfQ9OWbgeIro0+bapYLJIavuAa9BM6 -1T0hWKFh59zAxyGPqX49 -=X7Qk +iQIcBAEBCgAGBQJTRJySAAoJEO1n7NZdz2rnzPcQALd6So7vDRBaYiaGwQjc55oI +QwTnNzkkgxVTGwi8lDV6h8bIW3Ga8AhMGoZCVOeKbDABBDghVYe6Na5e/wsHbPPu +tXmDRhoi2aV0sVCTFfpoCNJ8l2lb+5vnmEC6Oi3PMQDbRC+Ptg15o0W/2hXw0eKO +yu4BhS4dl6lX7IvlR1n4sr0rfa8vwxe5OpUUd6Bzw0SUBmV+BTzq1C70FuOZ/hnD +ThaZS8Ox3fcWuPylhPbhxnWqg0oVNkBpiRYpIBadrpl9EiRRzbTfF+uFvauR9tBN +1mK8lLwd7DK6x8iCSnDd2ZlN1rNn8EPsGohT4vP+szz2E2YP1x8ugihEBdYax+Dh +Z4TWkm3/wJwEf00G32E1hZ8F+UavE8AmnGVk6gxiRpnv2sdNJYRlWd9O8u251qMq +uzcmBX6Jr14dQCwlqof8pYKYV7VCE/Cu4JHThOCL042CLwUmXyJVMFzm6WPQlNjC +dlPbSG+PXjninPjcYBoMR+863X35Guv0pJBNG/ofEh+Jy5MveaMRQX/mA+wy29zm +qg74lM07adXkJujPAuA5dYjZivpW1NPOHeIjaYjaI6KDw2q3BlkGa2C3PeYDQxn4 +Iqujqpem5nyQY4BO2XC8gVtuym0jDSA98bgFXumNDkmzlUUuOFOWD8YScLopOzOu +EpUXgezogk1Rd3EVsaJ+ +=UBO0 -----END PGP SIGNATURE----- From owner-svn-doc-all@FreeBSD.ORG Wed Apr 9 04:05:54 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 80E0012E; Wed, 9 Apr 2014 04:05:54 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 533B3133D; Wed, 9 Apr 2014 04:05:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3945srP051732; Wed, 9 Apr 2014 04:05:54 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3945sOf051731; Wed, 9 Apr 2014 04:05:54 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404090405.s3945sOf051731@svn.freebsd.org> From: Gabor Pali Date: Wed, 9 Apr 2014 04:05:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44496 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 04:05:54 -0000 Author: pgj Date: Wed Apr 9 04:05:53 2014 New Revision: 44496 URL: http://svnweb.freebsd.org/changeset/doc/44496 Log: - Add 2014Q1 status report for postmaster Submitted by: flo Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Wed Apr 9 01:06:06 2014 (r44495) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Wed Apr 9 04:05:53 2014 (r44496) @@ -18,7 +18,7 @@

    Thanks to all the reporters for the excellent work! This report - contains 36 entries and we hope you enjoy reading it.

    + contains 37 entries and we hope you enjoy reading it.

    The deadline for submissions covering between April and June 2014 is July 7th, 2014.

    @@ -2247,4 +2247,51 @@ device vt_efifb toolchain enhancements project.

    + + + &os; Postmaster Team + + + + &os; Postmaster Team + postmaster@FreeBSD.org + + + + +

    The &os; Postmaster Team is responsible for mail being + correctly delivered to the committers' email address, ensuring + that the mailing lists work, and should take measures against + possible disruptions of project mail services, such as having + troll-, spam- and virus-filters.

    + +

    In the first quarter of 2014, the team has implemented the + following items that may be interest of the general public:

    + +
      +
    • Continued a discussion on current and possible future mail + and spam filtering.
      • + +
    • Discovered more of what needs to be done for a new year + (with respect to email archives), did what we could, and + recorded the steps for next time.
      • + +
    • Added &a.koobs; to donations, requested by + &a.gahr;.
      • + +
    • Added &a.wblock; to doceng.
      • + +
    • Made sure portmgr receives bounces for + pkg-fallout messages.
      • + +
    • Created a jenkins-admin mail alias.
      • + +
    • Enabled Mailman password reminder emails again.
      • + +
    • Discovered that all Mailman cron jobs were disabled in + November during upgrades. Enabled those again. This caused + problems like digests not being sent.
      • +
    + +     From owner-svn-doc-all@FreeBSD.ORG Wed Apr 9 04:10:48 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7BADB1A9; Wed, 9 Apr 2014 04:10:48 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 68BCE1352; Wed, 9 Apr 2014 04:10:48 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s394AmBu052353; Wed, 9 Apr 2014 04:10:48 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s394Am8i052352; Wed, 9 Apr 2014 04:10:48 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404090410.s394Am8i052352@svn.freebsd.org> From: Gabor Pali Date: Wed, 9 Apr 2014 04:10:48 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44497 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 04:10:48 -0000 Author: pgj Date: Wed Apr 9 04:10:47 2014 New Revision: 44497 URL: http://svnweb.freebsd.org/changeset/doc/44497 Log: - Improve the 2014Q1 entries for portmgr and re Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Wed Apr 9 04:05:53 2014 (r44496) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Wed Apr 9 04:10:47 2014 (r44497) @@ -235,11 +235,16 @@ -

    In early January, the &os; Release Engineering Team became - aware of several last-minute showstopper issues in - &os; 10.0, which lead to an extension in the final release - builds. &os; 10.0-RELEASE was announced on January 20, two - months behind the original schedule.

    +

    The &os; Release Engineering Team is responsible for setting + and publishing release schedules for official project releases of + &os;, announcing code freezes and maintaining the respective + branches, among other things.

    + +

    In early January, the team became aware of several last-minute + showstopper issues in &os; 10.0, which lead to an extension + in the final release builds. &os; 10.0-RELEASE was + announced on January 20, two months behind the original + schedule.

    The schedule for the &os; 9.3-RELEASE cycle has been written and posted to the website, and the release cycle will @@ -2123,7 +2128,7 @@ device vt_efifb - Port Management Team + &os; Port Management Team portmgr@FreeBSD.org From owner-svn-doc-all@FreeBSD.ORG Wed Apr 9 09:05:33 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6F61CE8; Wed, 9 Apr 2014 09:05:33 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4C7B71963; Wed, 9 Apr 2014 09:05:33 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3995Xs8036364; Wed, 9 Apr 2014 09:05:33 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3995XZp036363; Wed, 9 Apr 2014 09:05:33 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201404090905.s3995XZp036363@svn.freebsd.org> From: Ryusuke SUZUKI Date: Wed, 9 Apr 2014 09:05:33 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44498 - head/ja_JP.eucJP/books/handbook/kernelconfig X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Wed, 09 Apr 2014 11:30:07 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 09:05:33 -0000 Author: ryusuke Date: Wed Apr 9 09:05:32 2014 New Revision: 44498 URL: http://svnweb.freebsd.org/changeset/doc/44498 Log: - Merge the following from the English version: r43817 -> r44287 head/ja_JP.eucJP/books/handbook/kernelconfig/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/kernelconfig/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/kernelconfig/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/kernelconfig/chapter.xml Wed Apr 9 04:10:47 2014 (r44497) +++ head/ja_JP.eucJP/books/handbook/kernelconfig/chapter.xml Wed Apr 9 09:05:32 2014 (r44498) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43817 + Original revision: r44287 $FreeBSD$ --> @@ -286,26 +286,13 @@ ath_hal(4) - Atheros Hardw 慣習として、この名前はすべて大文字でつづられます。もし、 いくつかの異なるハードウェアの &os; マシンを扱うなら、 この名前にホスト名を含めるとよいでしょう。ここでは、例として - amd64 - アーキテクチャのカスタムコンフィグレーションファイルを作成します。 + MYKERNEL という名前の + amd64 アーキテクチャ用の GENERIC + コンフィグレーションファイルのコピーを作成します。 &prompt.root; cd /usr/src/sys/amd64/conf &prompt.root; cp GENERIC MYKERNEL - - カーネルコンフィグレーションファイルの編集を終えたら、 - ファイルのバックアップを /usr/src - 以外の場所に保存してください。 - - もしくは、カーネルコンフィグレーションファイルは他の場所において、 - シンボリックリンクを張る方法もあります。 - - &prompt.root; cd /usr/src/sys/amd64/conf -&prompt.root; mkdir /root/kernels -&prompt.root; cp GENERIC /root/kernels/MYKERNEL -&prompt.root; ln -s /root/kernels/MYKERNEL - - これで、コンフィグレーションファイル MYKERNEL を ASCII テキストエディタで編集できます。 @@ -340,12 +327,27 @@ ath_hal(4) - Atheros Hardw アーキテクチャに依存しないオプションについては、 /usr/src/sys/conf/NOTES をご覧ください。 + + カーネルコンフィグレーションファイルの編集を終えたら、 + ファイルのバックアップを /usr/src + 以外の場所に保存してください。 + + もしくは、カーネルコンフィグレーションファイルは他の場所において、 + シンボリックリンクを張る方法もあります。 + + &prompt.root; cd /usr/src/sys/amd64/conf +&prompt.root; mkdir /root/kernels +&prompt.root; cp GENERIC /root/kernels/MYKERNEL +&prompt.root; ln -s /root/kernels/MYKERNEL + + コンフィグレーションファイルでは include ディレクティブを利用できます。 コンフィグレーションファイルに他のファイルを取り込むことができるので、 すでに存在するファイルに対する小さな変更を簡単に維持できます。 - たとえば、オプションやドライバの追加が少しだけの場合には、 - 以下のように GENERIC からの差分だけの管理が可能になります。 + オプションやドライバの追加が少しだけの場合には、 + 以下の例のように GENERIC + からの差分だけの管理が可能になります。 include GENERIC ident MYKERNEL @@ -373,11 +375,14 @@ options IPDIVERT &prompt.root; cd /usr/src/sys/arch/conf && make LINT + + + From owner-svn-doc-all@FreeBSD.ORG Wed Apr 9 12:40:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 08A67A52; Wed, 9 Apr 2014 12:40:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EA02C11F9; Wed, 9 Apr 2014 12:40:41 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s39CefX7025473; Wed, 9 Apr 2014 12:40:41 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s39Cef2P025472; Wed, 9 Apr 2014 12:40:41 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404091240.s39Cef2P025472@svn.freebsd.org> From: Warren Block Date: Wed, 9 Apr 2014 12:40:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44499 - head/en_US.ISO8859-1/articles/releng X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 12:40:42 -0000 Author: wblock Date: Wed Apr 9 12:40:41 2014 New Revision: 44499 URL: http://svnweb.freebsd.org/changeset/doc/44499 Log: Correct link to the releng-packages article. PR: docs/188392 Submitted by: Ondra Knezour Modified: head/en_US.ISO8859-1/articles/releng/article.xml Modified: head/en_US.ISO8859-1/articles/releng/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/releng/article.xml Wed Apr 9 09:05:32 2014 (r44498) +++ head/en_US.ISO8859-1/articles/releng/article.xml Wed Apr 9 12:40:41 2014 (r44499) @@ -1,7 +1,7 @@ The Release Engineering of Third Party Packages'> +The Release Engineering of Third Party Packages'> ]>

    From owner-svn-doc-all@FreeBSD.ORG Wed Apr 9 13:44:06 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 07B55EAB; Wed, 9 Apr 2014 13:44:06 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E7FAC194F; Wed, 9 Apr 2014 13:44:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s39Di5tc053635; Wed, 9 Apr 2014 13:44:05 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s39Di5gQ053634; Wed, 9 Apr 2014 13:44:05 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404091344.s39Di5gQ053634@svn.freebsd.org> From: Dru Lavigne Date: Wed, 9 Apr 2014 13:44:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44500 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 13:44:06 -0000 Author: dru Date: Wed Apr 9 13:44:05 2014 New Revision: 44500 URL: http://svnweb.freebsd.org/changeset/doc/44500 Log: Finish editorial review of HAST chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 9 12:40:41 2014 (r44499) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 9 13:44:05 2014 (r44500) @@ -3675,22 +3675,22 @@ Device 1K-blocks Used Av The goal of this example is to build a robust storage system which is resistant to the failure of any given node. - The scenario is that a primary node of - the cluster fails. If this happens, the - secondary node is there to take over + If the primary node + fails, the + secondary node is there to take over seamlessly, check and mount the file system, and continue to work without missing a single bit of data. - To accomplish this task, another &os; feature, - CARP, provides for automatic failover on - the IP layer. CARP (Common - Address Redundancy Protocol) allows multiple hosts on the - same network segment to share an IP address. Set up + To accomplish this task, the Common + Address Redundancy Protocol + (CARP) is used to provide for automatic failover at + the IP layer. CARP allows multiple hosts on the + same network segment to share an IP address. Set up CARP on both nodes of the cluster according to the documentation available in - . After setup, each node will - have its own carp0 interface with a - shared IP address of + . In this example, each node will + have its own management IP address and a + shared IP address of 172.16.0.254. The primary HAST node of the cluster must be the master CARP node. @@ -3699,7 +3699,7 @@ Device 1K-blocks Used Av section is now ready to be exported to the other hosts on the network. This can be accomplished by exporting it through NFS or - Samba, using the shared IP + Samba, using the shared IP address 172.16.0.254. The only problem which remains unresolved is an automatic failover should the primary node fail. @@ -3713,7 +3713,7 @@ Device 1K-blocks Used Av These state change events make it possible to run a script which will automatically handle the HAST failover. - To be able to catch state changes on the + To catch state changes on the CARP interfaces, add this configuration to /etc/devd.conf on each node: @@ -3732,21 +3732,27 @@ notify 30 { action "/usr/local/sbin/carp-hast-switch slave"; }; + + If the systems are running &os; 10 or higher, + replace carp0 with the name of the + CARP-configured interface. + + Restart &man.devd.8; on both nodes to put the new configuration into effect: &prompt.root; service devd restart - When the carp0 interface state + When the specified interface state changes by going up or down , the system generates a - notification, allowing the &man.devd.8; subsystem to run an - arbitrary script, in this case - /usr/local/sbin/carp-hast-switch. This - script handles the automatic failover. For further - clarification about the above &man.devd.8; configuration, + notification, allowing the &man.devd.8; subsystem to run the + specified automatic failover script, + /usr/local/sbin/carp-hast-switch. + For further + clarification about this configuration, refer to &man.devd.conf.5;. - An example of such a script could be: + Here is an example of an automated failover script: #!/bin/sh @@ -3755,7 +3761,7 @@ notify 30 { # and Viktor Petersson <vpetersson@wireload.net> # The names of the HAST resources, as listed in /etc/hast.conf -resources="test" +resources="test" # delay in mounting HAST resource after becoming master # make your best guess @@ -3833,13 +3839,12 @@ case "$1" in esac In a nutshell, the script takes these actions when a - node becomes master / - primary: + node becomes master: - Promotes the HAST pools to - primary on a given node. + Promotes the HAST pool to + primary on the other node. @@ -3848,41 +3853,40 @@ esac - Mounts the pools at an appropriate place. + Mounts the pool. - When a node becomes backup / - secondary: + When a node becomes + secondary: - Unmounts the HAST pools. + Unmounts the HAST pool. - Degrades the HAST pools to + Degrades the HAST pool to secondary. - Keep in mind that this is just an example script which + This is just an example script which serves as a proof of concept. It does not handle all the possible scenarios and can be extended or altered in any - way, for example, to start/stop required services. + way, for example, to start or stop required services. - For this example, a standard UFS file system was used. + For this example, a standard UFS file system was used. To reduce the time needed for recovery, a journal-enabled - UFS or ZFS file system can be used instead. + UFS or ZFS file system can be used instead. More detailed information with additional examples can - be found in the HAST Wiki - page. + be found at http://wiki.FreeBSD.org/HAST. @@ -3893,22 +3897,21 @@ esac issues. However, as with any other software product, there may be times when it does not work as supposed. The sources of the problems may be different, but the rule of thumb is to - ensure that the time is synchronized between all nodes of the + ensure that the time is synchronized between the nodes of the cluster. - When troubleshooting HAST problems, the + When troubleshooting HAST, the debugging level of &man.hastd.8; should be increased by - starting &man.hastd.8; with -d. This + starting hastd with -d. This argument may be specified multiple times to further increase - the debugging level. A lot of useful information may be - obtained this way. Consider also using - -F, which starts &man.hastd.8; in the + the debugging level. Consider also using + -F, which starts hastd in the foreground. Recovering from the Split-brain Condition - Split-brain is when the nodes of the + Split-brain occurs when the nodes of the cluster are unable to communicate with each other, and both are configured as primary. This is a dangerous condition because it allows both nodes to make incompatible changes to @@ -3916,15 +3919,15 @@ esac system administrator. The administrator must decide which node has more - important changes (or merge them manually) and let + important changes or merge them manually. Then, let HAST perform full synchronization of the node which has the broken data. To do this, issue these commands on the node which needs to be resynchronized: - &prompt.root; hastctl role init <resource> -&prompt.root; hastctl create <resource> -&prompt.root; hastctl role secondary <resource> + &prompt.root; hastctl role init test +&prompt.root; hastctl create test +&prompt.root; hastctl role secondary test From owner-svn-doc-all@FreeBSD.ORG Wed Apr 9 14:04:20 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DE0F9B79; Wed, 9 Apr 2014 14:04:20 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BEE921B9B; Wed, 9 Apr 2014 14:04:20 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s39E4KWd062448; Wed, 9 Apr 2014 14:04:20 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s39E4Kgk062447; Wed, 9 Apr 2014 14:04:20 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404091404.s39E4Kgk062447@svn.freebsd.org> From: Dru Lavigne Date: Wed, 9 Apr 2014 14:04:20 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44501 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 14:04:20 -0000 Author: dru Date: Wed Apr 9 14:04:20 2014 New Revision: 44501 URL: http://svnweb.freebsd.org/changeset/doc/44501 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 9 13:44:05 2014 (r44500) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 9 14:04:20 2014 (r44501) @@ -3675,21 +3675,20 @@ Device 1K-blocks Used Av The goal of this example is to build a robust storage system which is resistant to the failure of any given node. - If the primary node - fails, the - secondary node is there to take over - seamlessly, check and mount the file system, and continue to - work without missing a single bit of data. - - To accomplish this task, the Common - Address Redundancy Protocol - (CARP) is used to provide for automatic failover at - the IP layer. CARP allows multiple hosts on the - same network segment to share an IP address. Set up - CARP on both nodes of the cluster - according to the documentation available in - . In this example, each node will - have its own management IP address and a + If the primary node fails, the secondary node is there to + take over seamlessly, check and mount the file system, and + continue to work without missing a single bit of + data. + + To accomplish this task, the Common Address Redundancy + Protocol (CARP) is used to provide for + automatic failover at the IP layer. + CARP allows multiple hosts on the same + network segment to share an IP address. + Set up CARP on both nodes of the cluster + according to the documentation available in . In this example, each node will have + its own management IP address and a shared IP address of 172.16.0.254. The primary HAST node of the cluster must be the @@ -3699,10 +3698,11 @@ Device 1K-blocks Used Av section is now ready to be exported to the other hosts on the network. This can be accomplished by exporting it through NFS or - Samba, using the shared IP - address 172.16.0.254. The only - problem which remains unresolved is an automatic failover - should the primary node fail. + Samba, using the shared + IP address + 172.16.0.254. The only problem + which remains unresolved is an automatic failover should the + primary node fail. In the event of CARP interfaces going up or down, the &os; operating system generates a @@ -3714,9 +3714,8 @@ Device 1K-blocks Used Av which will automatically handle the HAST failover. To catch state changes on the - CARP interfaces, add this - configuration to - /etc/devd.conf on each node: + CARP interfaces, add this configuration + to /etc/devd.conf on each node: notify 30 { match "system" "IFNET"; @@ -3743,16 +3742,16 @@ notify 30 { &prompt.root; service devd restart - When the specified interface state - changes by going up or down , the system generates a - notification, allowing the &man.devd.8; subsystem to run the - specified automatic failover script, + When the specified interface state changes by going up + or down , the system generates a notification, allowing the + &man.devd.8; subsystem to run the specified automatic + failover script, /usr/local/sbin/carp-hast-switch. - For further - clarification about this configuration, - refer to &man.devd.conf.5;. + For further clarification about this configuration, refer to + &man.devd.conf.5;. - Here is an example of an automated failover script: + Here is an example of an automated failover + script: #!/bin/sh @@ -3857,8 +3856,7 @@ esac - When a node becomes - secondary: + When a node becomes secondary: @@ -3872,16 +3870,18 @@ esac - This is just an example script which - serves as a proof of concept. It does not handle all the - possible scenarios and can be extended or altered in any - way, for example, to start or stop required services. + This is just an example script which serves as a proof + of concept. It does not handle all the possible scenarios + and can be extended or altered in any way, for example, to + start or stop required services. - For this example, a standard UFS file system was used. - To reduce the time needed for recovery, a journal-enabled - UFS or ZFS file system can be used instead. + For this example, a standard UFS + file system was used. To reduce the time needed for + recovery, a journal-enabled UFS or + ZFS file system can be used + instead. More detailed information with additional examples can @@ -3902,21 +3902,21 @@ esac When troubleshooting HAST, the debugging level of &man.hastd.8; should be increased by - starting hastd with -d. This - argument may be specified multiple times to further increase - the debugging level. Consider also using - -F, which starts hastd in the - foreground. + starting hastd with -d. + This argument may be specified multiple times to further + increase the debugging level. Consider also using + -F, which starts hastd + in the foreground. Recovering from the Split-brain Condition - Split-brain occurs when the nodes of the - cluster are unable to communicate with each other, and both - are configured as primary. This is a dangerous condition - because it allows both nodes to make incompatible changes to - the data. This problem must be corrected manually by the - system administrator. + Split-brain occurs when the nodes + of the cluster are unable to communicate with each other, + and both are configured as primary. This is a dangerous + condition because it allows both nodes to make incompatible + changes to the data. This problem must be corrected + manually by the system administrator. The administrator must decide which node has more important changes or merge them manually. Then, let From owner-svn-doc-all@FreeBSD.ORG Wed Apr 9 14:06:19 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E77B7D32; Wed, 9 Apr 2014 14:06:19 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D4A301BBC; Wed, 9 Apr 2014 14:06:19 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s39E6J7a062852; Wed, 9 Apr 2014 14:06:19 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s39E6JdS062850; Wed, 9 Apr 2014 14:06:19 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404091406.s39E6JdS062850@svn.freebsd.org> From: Dru Lavigne Date: Wed, 9 Apr 2014 14:06:19 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44502 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 14:06:20 -0000 Author: dru Date: Wed Apr 9 14:06:19 2014 New Revision: 44502 URL: http://svnweb.freebsd.org/changeset/doc/44502 Log: Fix grammo. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 9 14:04:20 2014 (r44501) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 9 14:06:19 2014 (r44502) @@ -1903,7 +1903,7 @@ cd0: Attempt to query device size failed This example sets RSH in order to write the - the backup to a tape drive on a remote system over a + backup to a tape drive on a remote system over a SSH connection: From owner-svn-doc-all@FreeBSD.ORG Wed Apr 9 14:28:58 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F0CAF9C8; Wed, 9 Apr 2014 14:28:58 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D0D1A1DED; Wed, 9 Apr 2014 14:28:58 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s39ESwgA071921; Wed, 9 Apr 2014 14:28:58 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s39ESwJv071920; Wed, 9 Apr 2014 14:28:58 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404091428.s39ESwJv071920@svn.freebsd.org> From: Dru Lavigne Date: Wed, 9 Apr 2014 14:28:58 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44503 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 14:28:59 -0000 Author: dru Date: Wed Apr 9 14:28:58 2014 New Revision: 44503 URL: http://svnweb.freebsd.org/changeset/doc/44503 Log: Editorial review of Encrypted Swap chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 9 14:06:19 2014 (r44502) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 9 14:28:58 2014 (r44503) @@ -3192,7 +3192,7 @@ geli_da2_flags="-p -k /root/da2.key" - Encrypting Swap Space + Encrypting Swap @@ -3213,23 +3213,21 @@ geli_da2_flags="-p -k /root/da2.key"Like the encryption of disk partitions, encryption of swap space is used to protect sensitive information. Consider an application that deals with passwords. As long as these - passwords stay in physical memory, these passwords will not be - written to disk and be cleared after a reboot. If &os; starts - swapping out memory pages to free space for other applications, - the passwords may be written to the disk platters unencrypted. + passwords stay in physical memory, they are not + written to disk and will be cleared after a reboot. However, if &os; starts + swapping out memory pages to free space, + the passwords may be written to the disk unencrypted. Encrypting swap space can be a solution for this scenario. - The &man.gbde.8; or &man.geli.8; encryption systems may be - used for swap encryption. Both systems use the - encswap - rc.d script. - - - For the remainder of this section, - ad0s1b will be the swap + This section demonstrates how to configure an encrypted + swap partition using &man.gbde.8; or &man.geli.8; encryption. + It assumes a UFS file system where + /dev/ad0s1b is the swap partition. - + + + Configuring Encrypted Swap Swap partitions are not encrypted by default and should be cleared of any sensitive data before continuing. To @@ -3238,42 +3236,32 @@ geli_da2_flags="-p -k /root/da2.key"&prompt.root; dd if=/dev/random of=/dev/ad0s1b bs=1m - - Swap Encryption with &man.gbde.8; - - The .bde suffix should be added to the - device in the respective /etc/fstab swap - line: + To encrypt the swap partition using &man.gbde.8;, add the + .bde suffix to the swap line in + /etc/fstab: # Device Mountpoint FStype Options Dump Pass# /dev/ad0s1b.bde none swap sw 0 0 - - - - Swap Encryption with &man.geli.8; - The procedure for instead using &man.geli.8; for swap - encryption is similar to that of using &man.gbde.8;. The - .eli suffix should be added to the device - in the respective /etc/fstab swap - line: + To instead encrypt the swap partition using &man.geli.8;, + use the + .eli suffix: # Device Mountpoint FStype Options Dump Pass# /dev/ad0s1b.eli none swap sw 0 0 - &man.geli.8; uses the AES algorithm - with a key length of 128 bit by default. These defaults can + By default, &man.geli.8; uses the AES algorithm + with a key length of 128 bit. These defaults can be altered by using geli_swap_flags in - /etc/rc.conf. The following line tells - the encswap rc.d script to create - &man.geli.8; swap partitions using the Blowfish algorithm with + /etc/rc.conf. The following flags configure + encryption using the Blowfish algorithm with a key length of 128 bits and a sectorsize of 4 kilobytes, and sets detach on last close: geli_swap_flags="-e blowfish -l 128 -s 4096 -d" Refer to the description of - onetime in &man.geli.8; for a list of + onetime in &man.geli.8; for a list of possible options. From owner-svn-doc-all@FreeBSD.ORG Wed Apr 9 14:32:07 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 662F6B2E; Wed, 9 Apr 2014 14:32:07 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 531621FCB; Wed, 9 Apr 2014 14:32:07 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s39EW77V075280; Wed, 9 Apr 2014 14:32:07 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s39EW7cT075279; Wed, 9 Apr 2014 14:32:07 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404091432.s39EW7cT075279@svn.freebsd.org> From: Dru Lavigne Date: Wed, 9 Apr 2014 14:32:07 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44504 - head/en_US.ISO8859-1/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 14:32:07 -0000 Author: dru Date: Wed Apr 9 14:32:06 2014 New Revision: 44504 URL: http://svnweb.freebsd.org/changeset/doc/44504 Log: As per discussion on freebsd-doc, add -iF to second instance of mergemaster. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Wed Apr 9 14:28:58 2014 (r44503) +++ head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Wed Apr 9 14:32:06 2014 (r44504) @@ -1641,7 +1641,7 @@ before running "/usr/sbin/freebsd-update Update any remaining configuration files. - &prompt.root; mergemaster + &prompt.root; mergemaster -iF From owner-svn-doc-all@FreeBSD.ORG Wed Apr 9 14:38:39 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 259F3F67; Wed, 9 Apr 2014 14:38:39 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 063061059; Wed, 9 Apr 2014 14:38:39 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s39EccsY076247; Wed, 9 Apr 2014 14:38:38 GMT (envelope-from brueffer@svn.freebsd.org) Received: (from brueffer@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s39EccmW076246; Wed, 9 Apr 2014 14:38:38 GMT (envelope-from brueffer@svn.freebsd.org) Message-Id: <201404091438.s39EccmW076246@svn.freebsd.org> From: Christian Brueffer Date: Wed, 9 Apr 2014 14:38:38 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44505 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 14:38:39 -0000 Author: brueffer Date: Wed Apr 9 14:38:38 2014 New Revision: 44505 URL: http://svnweb.freebsd.org/changeset/doc/44505 Log: Spelling, grammar and language fixes. Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Wed Apr 9 14:32:06 2014 (r44504) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Wed Apr 9 14:38:38 2014 (r44505) @@ -1093,11 +1093,11 @@

    Chromebook is an ARMv7 Cortex-A15 personal computer powered by Samsung Exynos 5 Dual System-on-Chip. As of the current status - of this project, such laptop can be booted with &os; from USB - flash — it works stable (including SMP) and it can build - third-party applications. Display and keyboard works.

    + of this project, such laptops can be booted with &os; from USB + flash — it works stably (including SMP) and it can build + third-party applications. The display and keyboard work.

    -

    Thank &a.grehan; for providing hardware.

    +

    Thanks to &a.grehan; for providing hardware.

    @@ -1153,7 +1153,7 @@

    &a.emaste; reviewed some CI work that &a.rodrigc; had done for the FreeNAS project with Jenkins, and encouraged him to set up something similar for the &os; Project. With the help of the - &os; Cluster Administration Team, He set up a &os; machine + &os; Cluster Administration Team, he set up a &os; machine running two bhyve virtual machines, jenkins-9.FreeBSD.org and jenkins-10.FreeBSD.org. He set up software builds of @@ -1206,7 +1206,7 @@ libpam4j does not currently work on &os;.

  • &a.lwhsu; maintains the devel/jenkins port. He set - up a Jenkins build which rans the scan-build static analyzer + up a Jenkins build which runs the scan-build static analyzer which is part of LLVM.
  • &a.skreuzer; has experience administering Jenkins systems. @@ -1225,7 +1225,7 @@
  • &a.swills; maintains the devel/jenkins-lts port. He has implemented several builds at jenkins.FreeBSD.org which detect commits to the &os; ports repository, and then - builds the ports tree using Poudri竪re.
    • + build the ports tree using Poudri竪re.

    At the end of March, &a.novel; reported to @@ -1289,7 +1289,7 @@ affecting Dell Equallogic users.

    There have also been numerous enhancements, such as support for - redirections, which are neccessary for some High Availability + redirections, which are necessary for some High Availability setups, and the ability to modify session parameters in the iscsictl utility. Previously it was necessary to remove the session and add it again.

    @@ -1381,7 +1381,7 @@ device vt_efifb works.
  • IA64 — untested.
  • MIPS — untested.
    • -
  • PPC and PPC64 — works, but without X.Org yet.
    • +
  • PPC and PPC64 — work, but without X.Org yet.
  • SPARC — works on certain hardware (e.g., Ultra 5).
  • vesa(4) — in progress.
  • i386/amd64 nVidia driver — not supported. VGA should @@ -1430,7 +1430,7 @@ device vt_efifb stage, and a call for testing is expected in the next month. The userspace portion consists of the automountd(8) daemon, which is designed to be fully compatible with its - counterpart in OS X, Solaris, and Linux, and which is nearly + counterparts in OS X, Solaris, and Linux, and which is nearly complete. Work on the kernel component continues.

    @@ -1521,14 +1521,14 @@ device vt_efifb providing simple networking using bridges between guest VMs.
    • -
  • QEMU might also be used instead of the bhyve this way.
    • +
  • QEMU might also be used instead of bhyve this way.
  • The main goal on the networking side is to use OpenContrail solution, compliant with the modern OpenStack networking API ("neutron").
    • -

    Also, initial port of the OpenContrail vRouter kernel module +

    Also, an initial port of the OpenContrail vRouter kernel module has been completed. It successfully handles all networking on the host.

    @@ -1550,7 +1550,7 @@ device vt_efifb -

    The project to update the Intel grapics chipset driver +

    The project to update the Intel graphics chipset driver (i915kms) to a recent snapshot of the Linux upstream code continues. Progress was delayed by external circumstances, but it is hoped to reach a useful milestone in the near @@ -1684,7 +1684,7 @@ device vt_efifb within this quarterly status report.

    We were a Gold Sponsor for NYCBSDCon 2014 in New York, - February 8, which was attended by sSeveral board members. We + February 8, which was attended by several board members. We were represented at SCALE in Los Angeles, February 22-23, and ICANN in Singapore, March 22-25.

    @@ -1753,7 +1753,7 @@ device vt_efifb -

    LLDB is the the debugger project in the associated with +

    LLDB is the debugger project associated with Clang/LLVM. It supports the Mac OS X, Linux, and &os; platforms, with ongoing work on Windows. It builds on existing components in the larger LLVM project, for example using Clang's expression @@ -1786,7 +1786,7 @@ device vt_efifb

    LLDB is currently not yet built by default and may be enabled by adding WITH_LLDB= to src.conf(5). A port - will be made available for those wo wish to track ongoing + will be made available for those who wish to track ongoing development more closely.

    @@ -1831,14 +1831,14 @@ device vt_efifb reliably.

    The daemon now supports client-side certificates, which can be - used to automatically configure receiver side — directory + used to automatically configure the receiver side — the directory name for received trail files is determined based on the commonName field in client's certificate. There is no - need anymore to add every sender to receiver's configuration + need anymore to add every sender to the receiver's configuration file.

    The sender's functionality was extended to allow sending audit - trail files to multile receivers.

    + trail files to multiple receivers.

    Complete Public Key Infrastructure (PKI) support is now implemented, including full certificate chain verification, @@ -1883,18 +1883,18 @@ device vt_efifb

    SDIO card detection and initialization already work, most needed bus methods are implemented and tested.

    -

    WiFi driver is able to load a firmware onto the card and +

    The WiFi driver is able to load a firmware onto the card and initialize it. Migration of the MMC stack to the new locking model is necessary in order to work with SDIO cards effectively. The &os; CAM implementation is believed to be a good choice. - There is an ongoing work to implement an MMC transport for + There is ongoing work to implement an MMC transport for CAM.

    SDIO stack: finish CAM migration. The XPT layer is almost ready, what is missing is a SIM module, for which a modified - version of SDHCI controller driver will be used, and a + version of the SDHCI controller driver will be used, and a peripheral module, where porting the mmcsd(4) driver is required. @@ -1959,7 +1959,7 @@ device vt_efifb in the Ports Collection after GNOME 3 has been merged.

    MATE 1.8 was released at the beginning of April, Eric Turgeon - of GhostBSD is volunteered to do that update for &os;. Note + of GhostBSD had volunteered to do that update for &os;. Note that this update is still based on GTK+, version 2. The GTK+ 3-based MATE is on the roadmap for 1.10.

    @@ -2239,10 +2239,10 @@ device vt_efifb -

    Not all of the &os; changes to GC have been reflected upstream. +

    Not all of the &os; changes to GCC have been reflected upstream. A large amount of the platform support as well as a couple minor improvements like the kernel formatting checker need to be - forwarded ported (and if possible, moved upstream in to + forward ported (and if possible, moved upstream into GCC).

    We will be targeting the &os; ports tree lang/gcc* From owner-svn-doc-all@FreeBSD.ORG Wed Apr 9 15:41:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B3CD1C84; Wed, 9 Apr 2014 15:41:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 93A3F18AD; Wed, 9 Apr 2014 15:41:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s39FftEk004298; Wed, 9 Apr 2014 15:41:55 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s39FftQT004295; Wed, 9 Apr 2014 15:41:55 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404091541.s39FftQT004295@svn.freebsd.org> From: Dru Lavigne Date: Wed, 9 Apr 2014 15:41:55 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44506 - in head/en_US.ISO8859-1/books/handbook: disks filesystems X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 15:41:55 -0000 Author: dru Date: Wed Apr 9 15:41:54 2014 New Revision: 44506 URL: http://svnweb.freebsd.org/changeset/doc/44506 Log: Add section ID to ZFS Quotas so it can be referred to in Disk Quotas. Editorial review of Disk Quotas. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml head/en_US.ISO8859-1/books/handbook/filesystems/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 9 14:38:38 2014 (r44505) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 9 15:41:54 2014 (r44506) @@ -2412,7 +2412,7 @@ Filesystem 1K-blocks Used Avail Capacity - File System Quotas + Disk Quotas accounting @@ -2420,32 +2420,35 @@ Filesystem 1K-blocks Used Avail Capacity disk quotas - Quotas are an optional feature of the operating system that + Disk quotas can be used to limit the amount of disk space or the number of files a user or members of a group may allocate on a per-file - system basis. This is used most often on timesharing systems - where it is desirable to limit the amount of resources any one - user or group of users may allocate. This prevents one user or + system basis. This prevents one user or group of users from consuming all of the available disk space. + + This section describes how to configure disk quotas for the + UFS file system. To configure quotas on the + ZFS file system, refer to - Configuring the System to Enable Disk Quotas + Enabling Disk Quotas - Before using disk quotas, quota support must be added to - the kernel by adding the following line to the kernel - configuration file: + To determine if the &os; kernel provides support for disk + quotas: - options QUOTA + &prompt.user; sysctl kern.features.ufs_quota +kern.features.ufs_quota: 1 - Before &os; 9.2, the GENERIC - kernel usually did not include this option. - sysctl kern.features.ufs_quota can be used - to test whether the current kernel supports quotas. If the - option is not present, a custom kernel must be compiled. - Refer to for more information - on kernel configuration. + In this example, the 1 indicates quota + support. If the value is instead 0, + add the following line to a custom kernel configuration file + and rebuild the kernel using the instructions in : + options QUOTA + Next, enable disk quotas in /etc/rc.conf: @@ -2455,8 +2458,7 @@ Filesystem 1K-blocks Used Avail Capacity disk quotas checking - For finer control over quota startup, an additional - configuration variable is available. Normally on bootup, the + Normally on bootup, the quota integrity of each file system is checked by &man.quotacheck.8;. This program insures that the data in the quota database properly reflects the data on the file system. @@ -2467,41 +2469,35 @@ Filesystem 1K-blocks Used Avail Capacity check_quotas="NO" Finally, edit /etc/fstab to enable - disk quotas on a per-file system basis. This is when user or - group quotas can be enabled on the file systems. - - To enable per-user quotas on a file system, add + disk quotas on a per-file system basis. To enable per-user quotas on a file system, add to the options field in the /etc/fstab entry for the file system to enable quotas on. For example: /dev/da1s2g /home ufs rw,userquota 1 2 - To enable group quotas, instead use - . To enable both user and group - quotas, change the entry as follows: + To enable group quotas, use + instead. To enable both user and group + quotas, separate the options with a comma: /dev/da1s2g /home ufs rw,userquota,groupquota 1 2 - By default, the quota files are stored in the root + By default, quota files are stored in the root directory of the file system as quota.user and quota.group. Refer to &man.fstab.5; for - more information. Even though an alternate location for the - quota files can be specified, this is not recommended because - the various quota utilities do not seem to handle this - properly. + more information. Specifying an alternate location for the + quota files is not recommended. - Once the configuration is complete, reboot the system - with the new kernel. /etc/rc will + Once the configuration is complete, reboot the system and + /etc/rc will automatically run the appropriate commands to create the initial quota files for all of the quotas enabled in - /etc/fstab. There is no need to - manually create any zero length quota files. + /etc/fstab. In the normal course of operations, there should be no need to manually run &man.quotacheck.8;, &man.quotaon.8;, or - &man.quotaoff.8;. However, one should read their manual pages + &man.quotaoff.8;. However, one should read these manual pages to be familiar with their operation. @@ -2513,8 +2509,8 @@ Filesystem 1K-blocks Used Avail Capacity limits - Once the system has been configured to enable quotas, - verify they really are enabled by running: + To + verify that quotas are enabled, run: &prompt.root; quota -v @@ -2523,13 +2519,13 @@ Filesystem 1K-blocks Used Avail Capacity enabled on. The system is now ready to be assigned quota limits with - &man.edquota.8;. + edquota. Several options are available to enforce limits on the amount of disk space a user or group may allocate, and how many files they may create. Allocations can be limited based on disk space (block quotas), number of files (inode quotas), - or a combination of both. Each limits is further broken down + or a combination of both. Each limit is further broken down into two categories: hard and soft limits. hard limit @@ -2549,31 +2545,27 @@ Filesystem 1K-blocks Used Avail Capacity are allowed. When the user drops back below the soft limit, the grace period is reset. - The following is an example output from &man.edquota.8;. - When &man.edquota.8; is invoked, the editor specified by + In the following example, the quota for the + test account is being edited. + When edquota is invoked, the editor specified by EDITOR is opened in order to edit the quota limits. The default editor is set to vi. - &prompt.root; edquota -u test - - Quotas for user test: + &prompt.root; edquota -u test +Quotas for user test: /usr: kbytes in use: 65, limits (soft = 50, hard = 75) inodes in use: 7, limits (soft = 50, hard = 60) /usr/var: kbytes in use: 0, limits (soft = 50, hard = 75) - inodes in use: 0, limits (soft = 50, hard = 60) + inodes in use: 0, limits (soft = 50, hard = 60) There are normally two lines for each file system that has quotas enabled. One line represents the block limits and the other represents the inode limits. Change the value to - modify the quota limit. For example, to raise this - user's block limit from a soft limit of 50 and a hard limit of - 75 to a soft limit of 500 and a hard limit of 600, - change: - - /usr: kbytes in use: 65, limits (soft = 50, hard = 75) - - to: + modify the quota limit. For example, to raise the + block limit on /usr + to a soft limit of 500 and a hard limit of 600, + change the values in that line as follows: /usr: kbytes in use: 65, limits (soft = 500, hard = 600) @@ -2581,13 +2573,13 @@ Filesystem 1K-blocks Used Avail Capacity editor. Sometimes it is desirable to set quota limits on a range - of UIDs. This can be done by passing to - &man.edquota.8;. First, assign the desired quota limit to a - user, then run - edquota -p protouser startuid-enduid. For - example, if test has - the desired quota limits, the following command will duplicate - those quota limits for UIDs 10,000 through 19,999: + of users. This can be done by first assigning the desired quota limit to a + user. Then, use to duplicate that quota + to a specified range of user IDs (UIDs). + The following command will duplicate + those quota limits for UIDs + 10,000 through + 19,999: &prompt.root; edquota -p test 10000-19999 @@ -2602,8 +2594,7 @@ Filesystem 1K-blocks Used Avail Capacity checking - Either &man.quota.1; or &man.repquota.8; can be used to - check quota limits and disk usage. To check individual user + To check individual user or group quotas and disk usage, use &man.quota.1;. A user may only examine their own quota and the quota of a group they are a member of. Only the superuser may view all user and @@ -2611,7 +2602,11 @@ Filesystem 1K-blocks Used Avail Capacity for file systems with quotas enabled, use &man.repquota.8;. - The following is sample output from + Normally, file systems that the user is not using any disk + space on will not show in the output of quota, even if + the user has a quota limit assigned for that file system. Use + to display those file systems. The + following is sample output from quota -v for a user that has quota limits on two file systems. @@ -2627,13 +2622,6 @@ Filesystem 1K-blocks Used Avail Capacity days of grace period left. The asterisk * indicates that the user is currently over the quota limit. - - Normally, file systems that the user is not using any disk - space on will not show in the output of &man.quota.1;, even if - the user has a quota limit assigned for that file system. Use - to display those file systems, such as - /usr/var in the above - example. @@ -2641,18 +2629,20 @@ Filesystem 1K-blocks Used Avail Capacity NFS - Quotas are enforced by the quota subsystem on the NFS + Quotas are enforced by the quota subsystem on the NFS server. The &man.rpc.rquotad.8; daemon makes quota - information available to &man.quota.1; on NFS clients, + information available to quota on NFS clients, allowing users on those machines to see their quota statistics. - Enable rpc.rquotad in - /etc/inetd.conf like so: + On the NFS server, enable + rpc.rquotad by removing the + # from this line in + /etc/inetd.conf: rquotad/1 dgram rpc/udp wait root /usr/libexec/rpc.rquotad rpc.rquotad - Now restart inetd: + Then, restart inetd: &prompt.root; service inetd restart Modified: head/en_US.ISO8859-1/books/handbook/filesystems/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/filesystems/chapter.xml Wed Apr 9 14:38:38 2014 (r44505) +++ head/en_US.ISO8859-1/books/handbook/filesystems/chapter.xml Wed Apr 9 15:41:54 2014 (r44506) @@ -545,7 +545,7 @@ errors: No known data errors ZFS options. - + ZFS Quotas ZFS supports different types of quotas: the refquota, From owner-svn-doc-all@FreeBSD.ORG Wed Apr 9 15:54:46 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8BE73B1; Wed, 9 Apr 2014 15:54:46 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5937D19D6; Wed, 9 Apr 2014 15:54:46 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s39FskEU008961; Wed, 9 Apr 2014 15:54:46 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s39FskoO008960; Wed, 9 Apr 2014 15:54:46 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404091554.s39FskoO008960@svn.freebsd.org> From: Dru Lavigne Date: Wed, 9 Apr 2014 15:54:46 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44507 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 15:54:46 -0000 Author: dru Date: Wed Apr 9 15:54:45 2014 New Revision: 44507 URL: http://svnweb.freebsd.org/changeset/doc/44507 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 9 15:41:54 2014 (r44506) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 9 15:54:45 2014 (r44507) @@ -2420,13 +2420,11 @@ Filesystem 1K-blocks Used Avail Capacity disk quotas - Disk quotas - can be used to limit the amount of disk space or the number of - files a user or members of a group may allocate on a per-file - system basis. This prevents one user or - group of users from consuming all of the available disk - space. - + Disk quotas can be used to limit the amount of disk space or + the number of files a user or members of a group may allocate on + a per-file system basis. This prevents one user or group of + users from consuming all of the available disk space. + This section describes how to configure disk quotas for the UFS file system. To configure quotas on the ZFS file system, refer to In this example, the 1 indicates quota - support. If the value is instead 0, - add the following line to a custom kernel configuration file - and rebuild the kernel using the instructions in 0, add + the following line to a custom kernel configuration file and + rebuild the kernel using the instructions in : options QUOTA - + Next, enable disk quotas in /etc/rc.conf: @@ -2458,41 +2456,40 @@ kern.features.ufs_quota: 1 disk quotas checking - Normally on bootup, the - quota integrity of each file system is checked by - &man.quotacheck.8;. This program insures that the data in the - quota database properly reflects the data on the file system. - This is a time consuming process that will significantly - affect the time the system takes to boot. To skip this step, - add this variable to /etc/rc.conf: + Normally on bootup, the quota integrity of each file + system is checked by &man.quotacheck.8;. This program insures + that the data in the quota database properly reflects the data + on the file system. This is a time consuming process that + will significantly affect the time the system takes to boot. + To skip this step, add this variable to + /etc/rc.conf: check_quotas="NO" Finally, edit /etc/fstab to enable - disk quotas on a per-file system basis. To enable per-user quotas on a file system, add - to the options field in the - /etc/fstab entry for the file system to - enable quotas on. For example: + disk quotas on a per-file system basis. To enable per-user + quotas on a file system, add to the + options field in the /etc/fstab entry for + the file system to enable quotas on. For example: /dev/da1s2g /home ufs rw,userquota 1 2 - To enable group quotas, use - instead. To enable both user and group - quotas, separate the options with a comma: + To enable group quotas, use + instead. To enable both user and group quotas, separate the + options with a comma: /dev/da1s2g /home ufs rw,userquota,groupquota 1 2 - By default, quota files are stored in the root - directory of the file system as - quota.user and + By default, quota files are stored in the root directory + of the file system as quota.user and quota.group. Refer to &man.fstab.5; for more information. Specifying an alternate location for the quota files is not recommended. Once the configuration is complete, reboot the system and - /etc/rc will - automatically run the appropriate commands to create the - initial quota files for all of the quotas enabled in + /etc/rc will automatically run the + appropriate commands to create the initial quota files for all + of the quotas enabled in /etc/fstab. In the normal course of operations, there should be no @@ -2545,11 +2542,11 @@ kern.features.ufs_quota: 1 are allowed. When the user drops back below the soft limit, the grace period is reset. - In the following example, the quota for the - test account is being edited. - When edquota is invoked, the editor specified by - EDITOR is opened in order to edit the quota - limits. The default editor is set to + In the following example, the quota for the test account is being edited. + When edquota is invoked, the editor + specified by EDITOR is opened in order to edit + the quota limits. The default editor is set to vi. &prompt.root; edquota -u test @@ -2559,13 +2556,14 @@ Quotas for user test: /usr/var: kbytes in use: 0, limits (soft = 50, hard = 75) inodes in use: 0, limits (soft = 50, hard = 60) - There are normally two lines for each file system that - has quotas enabled. One line represents the block limits and - the other represents the inode limits. Change the value to - modify the quota limit. For example, to raise the - block limit on /usr - to a soft limit of 500 and a hard limit of 600, - change the values in that line as follows: + There are normally two lines for each file system that has + quotas enabled. One line represents the block limits and the + other represents the inode limits. Change the value to modify + the quota limit. For example, to raise the block limit on + /usr to a soft limit of + 500 and a hard limit of + 600, change the values in that line as + follows: /usr: kbytes in use: 65, limits (soft = 500, hard = 600) @@ -2573,11 +2571,11 @@ Quotas for user test: editor. Sometimes it is desirable to set quota limits on a range - of users. This can be done by first assigning the desired quota limit to a - user. Then, use to duplicate that quota - to a specified range of user IDs (UIDs). - The following command will duplicate - those quota limits for UIDs + of users. This can be done by first assigning the desired + quota limit to a user. Then, use to + duplicate that quota to a specified range of user IDs + (UIDs). The following command will + duplicate those quota limits for UIDs 10,000 through 19,999: @@ -2594,21 +2592,20 @@ Quotas for user test: checking - To check individual user - or group quotas and disk usage, use &man.quota.1;. A user - may only examine their own quota and the quota of a group they - are a member of. Only the superuser may view all user and - group quotas. To get a summary of all quotas and disk usage - for file systems with quotas enabled, use - &man.repquota.8;. + To check individual user or group quotas and disk usage, + use &man.quota.1;. A user may only examine their own quota + and the quota of a group they are a member of. Only the + superuser may view all user and group quotas. To get a + summary of all quotas and disk usage for file systems with + quotas enabled, use &man.repquota.8;. Normally, file systems that the user is not using any disk - space on will not show in the output of quota, even if - the user has a quota limit assigned for that file system. Use - to display those file systems. The - following is sample output from - quota -v for a user that has quota limits - on two file systems. + space on will not show in the output of + quota, even if the user has a quota limit + assigned for that file system. Use to + display those file systems. The following is sample output + from quota -v for a user that has quota + limits on two file systems. Disk quotas for user test (uid 1002): Filesystem usage quota limit grace files quota limit grace @@ -2629,11 +2626,11 @@ Quotas for user test: NFS - Quotas are enforced by the quota subsystem on the NFS - server. The &man.rpc.rquotad.8; daemon makes quota - information available to quota on NFS clients, - allowing users on those machines to see their quota - statistics. + Quotas are enforced by the quota subsystem on the + NFS server. The &man.rpc.rquotad.8; daemon + makes quota information available to quota + on NFS clients, allowing users on those + machines to see their quota statistics. On the NFS server, enable rpc.rquotad by removing the @@ -3203,30 +3200,28 @@ geli_da2_flags="-p -k /root/da2.key"Like the encryption of disk partitions, encryption of swap space is used to protect sensitive information. Consider an application that deals with passwords. As long as these - passwords stay in physical memory, they are not - written to disk and will be cleared after a reboot. However, if &os; starts - swapping out memory pages to free space, - the passwords may be written to the disk unencrypted. - Encrypting swap space can be a solution for this - scenario. - - This section demonstrates how to configure an encrypted - swap partition using &man.gbde.8; or &man.geli.8; encryption. - It assumes a UFS file system where - /dev/ad0s1b is the swap - partition. + passwords stay in physical memory, they are not written to disk + and will be cleared after a reboot. However, if &os; starts + swapping out memory pages to free space, the passwords may be + written to the disk unencrypted. Encrypting swap space can be a + solution for this scenario. + + This section demonstrates how to configure an encrypted + swap partition using &man.gbde.8; or &man.geli.8; encryption. + It assumes a UFS file system where + /dev/ad0s1b is the swap partition. Configuring Encrypted Swap - Swap partitions are not encrypted by default and should - be cleared of any sensitive data before continuing. To - overwrite the current swap partition with random garbage, - execute the following command: + Swap partitions are not encrypted by default and should be + cleared of any sensitive data before continuing. To overwrite + the current swap partition with random garbage, execute the + following command: - &prompt.root; dd if=/dev/random of=/dev/ad0s1b bs=1m + &prompt.root; dd if=/dev/random of=/dev/ad0s1b bs=1m - To encrypt the swap partition using &man.gbde.8;, add the + To encrypt the swap partition using &man.gbde.8;, add the .bde suffix to the swap line in /etc/fstab: @@ -3240,19 +3235,18 @@ geli_da2_flags="-p -k /root/da2.key"# Device Mountpoint FStype Options Dump Pass# /dev/ad0s1b.eli none swap sw 0 0 - By default, &man.geli.8; uses the AES algorithm - with a key length of 128 bit. These defaults can - be altered by using geli_swap_flags in - /etc/rc.conf. The following flags configure - encryption using the Blowfish algorithm with - a key length of 128 bits and a sectorsize of 4 kilobytes, and - sets detach on last close: + By default, &man.geli.8; uses the AES + algorithm with a key length of 128 bit. These defaults can be + altered by using geli_swap_flags in + /etc/rc.conf. The following flags + configure encryption using the Blowfish algorithm with a key + length of 128 bits and a sectorsize of 4 kilobytes, and sets + detach on last close: geli_swap_flags="-e blowfish -l 128 -s 4096 -d" - Refer to the description of - onetime in &man.geli.8; for a list of - possible options. + Refer to the description of onetime in + &man.geli.8; for a list of possible options. From owner-svn-doc-all@FreeBSD.ORG Wed Apr 9 17:57:02 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 81A84A0A; Wed, 9 Apr 2014 17:57:02 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 60CA318D8; Wed, 9 Apr 2014 17:57:02 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s39Hv2Ul059152; Wed, 9 Apr 2014 17:57:02 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s39Hv2oa059151; Wed, 9 Apr 2014 17:57:02 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404091757.s39Hv2oa059151@svn.freebsd.org> From: Dru Lavigne Date: Wed, 9 Apr 2014 17:57:02 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44508 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 17:57:02 -0000 Author: dru Date: Wed Apr 9 17:57:01 2014 New Revision: 44508 URL: http://svnweb.freebsd.org/changeset/doc/44508 Log: Editorial Review of Tape Backup chapter. The next commit will integrate it into the Backup Basics chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 9 15:54:45 2014 (r44507) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 9 17:57:01 2014 (r44508) @@ -1680,78 +1680,66 @@ cd0: Attempt to query device size failed tape media - Tape technology has continued to evolve but is less likely - to be used in a modern system. Modern backup systems tend to - use off site combined with local removable disk drive - technologies. Still, &os; will support any tape drive that - uses SCSI, such as LTO and older devices such - as DAT. There is limited support for SATA + While tape technology has continued to evolve, + modern backup systems tend to combine + off-site backups with local removable media. + &os; supports any tape drive that + uses SCSI, such as LTO or + DAT. There is limited support for SATA and USB tape drives. - - Serial Access with &man.sa.4; - - - tape drives - - - &os; uses the &man.sa.4; driver, providing + For SCSI tape devices, &os; uses the &man.sa.4; driver and the /dev/sa0, /dev/nsa0, - and /dev/esa0. In normal use, only - /dev/sa0 is needed. - /dev/nsa0 is the same physical drive - as /dev/sa0 but does not rewind the - tape after writing a file. This allows writing more than one + and /dev/esa0 devices. The physical device name is + /dev/sa0. When + /dev/nsa0 is used, the backup application will + not rewind the + tape after writing a file, which allows writing more than one file to a tape. Using /dev/esa0 - ejects the tape after the device is closed, if - applicable. - + ejects the tape after the device is closed. + + This section summarizes how to configure and use a + SCSI tape device on &os;. - Controlling the Tape Drive with - &man.mt.1; + Using a Tape Drive for Backups tape media mt - &man.mt.1; is the &os; utility for controlling other + In &os;, mt is used to control operations of the tape drive, such as seeking through files on - a tape or writing tape control marks to the tape. - - For example, the first three files on a tape can be + a tape or writing tape control marks to the tape. For + example, the first three files on a tape can be preserved by skipping past them before writing a new file: &prompt.root; mt -f /dev/nsa0 fsf 3 - - - - Using &man.tar.1; to Read and - Write Tape Backups - - An example of writing a single file to tape using - &man.tar.1;: + + This utility supports many operations. Refer to + &man.mt.1; for details. + + To write a single file to tape using + tar, specify the name of the tape device + and the file to backup: &prompt.root; tar cvf /dev/sa0 file - Recovering files from a &man.tar.1; archive on tape into + To recovering files from a tar archive on tape into the current directory: &prompt.root; tar xvf /dev/sa0 - - - - Using &man.dump.8; and - &man.restore.8; to Create and Restore Backups - A simple backup of /usr with - &man.dump.8;: + To backup a UFS file system, use + dump. This examples backs up + /usr without rewinding the tape when + finished: &prompt.root; dump -0aL -b64 -f /dev/nsa0 /usr - Interactively restoring files from a &man.dump.8; file on + To interactively restore files from a dump file on tape into the current directory: &prompt.root; restore -i -f /dev/nsa0 @@ -1760,7 +1748,7 @@ cd0: Attempt to query device size failed Other Tape Software - Higher-level programs are available to simplify tape + Third-party programs are available to simplify tape backup. The most popular are Amanda and Bacula. These programs aim to make From owner-svn-doc-all@FreeBSD.ORG Wed Apr 9 18:14:02 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7F98368F; Wed, 9 Apr 2014 18:14:02 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6AE251B4D; Wed, 9 Apr 2014 18:14:02 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s39IE2dE067198; Wed, 9 Apr 2014 18:14:02 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s39IE2aZ067197; Wed, 9 Apr 2014 18:14:02 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404091814.s39IE2aZ067197@svn.freebsd.org> From: Dru Lavigne Date: Wed, 9 Apr 2014 18:14:02 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44509 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 18:14:02 -0000 Author: dru Date: Wed Apr 9 18:14:01 2014 New Revision: 44509 URL: http://svnweb.freebsd.org/changeset/doc/44509 Log: Integrate tape backups into Backup Basics chapter. This improves the flow as tar/dump are already covered. The next commit will fix the formatting. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 9 17:57:01 2014 (r44508) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 9 18:14:01 2014 (r44509) @@ -1675,89 +1675,6 @@ cd0: Attempt to query device size failed Collection. - - Creating and Using Data Tapes - - tape media - - While tape technology has continued to evolve, - modern backup systems tend to combine - off-site backups with local removable media. - &os; supports any tape drive that - uses SCSI, such as LTO or - DAT. There is limited support for SATA - and USB tape drives. - - For SCSI tape devices, &os; uses the &man.sa.4; driver and the - /dev/sa0, /dev/nsa0, - and /dev/esa0 devices. The physical device name is - /dev/sa0. When - /dev/nsa0 is used, the backup application will - not rewind the - tape after writing a file, which allows writing more than one - file to a tape. Using /dev/esa0 - ejects the tape after the device is closed. - - This section summarizes how to configure and use a - SCSI tape device on &os;. - - - Using a Tape Drive for Backups - - - tape media - mt - - - In &os;, mt is used to control - operations of the tape drive, such as seeking through files on - a tape or writing tape control marks to the tape. For - example, the first three files on a tape can be - preserved by skipping past them before writing a new - file: - - &prompt.root; mt -f /dev/nsa0 fsf 3 - - This utility supports many operations. Refer to - &man.mt.1; for details. - - To write a single file to tape using - tar, specify the name of the tape device - and the file to backup: - - &prompt.root; tar cvf /dev/sa0 file - - To recovering files from a tar archive on tape into - the current directory: - - &prompt.root; tar xvf /dev/sa0 - - To backup a UFS file system, use - dump. This examples backs up - /usr without rewinding the tape when - finished: - - &prompt.root; dump -0aL -b64 -f /dev/nsa0 /usr - - To interactively restore files from a dump file on - tape into the current directory: - - &prompt.root; restore -i -f /dev/nsa0 - - - - Other Tape Software - - Third-party programs are available to simplify tape - backup. The most popular are - Amanda and - Bacula. These programs aim to make - backups easier and more convenient, or to automate complex - backups of multiple machines. The Ports Collection contains - both these and other tape utility applications. - - - Backup Basics @@ -2009,6 +1926,65 @@ cd0: Attempt to query device size failed + + Using Data Tapes for Backups + + tape media + + While tape technology has continued to evolve, + modern backup systems tend to combine + off-site backups with local removable media. + &os; supports any tape drive that + uses SCSI, such as LTO or + DAT. There is limited support for SATA + and USB tape drives. + + For SCSI tape devices, &os; uses the &man.sa.4; driver and the + /dev/sa0, /dev/nsa0, + and /dev/esa0 devices. The physical device name is + /dev/sa0. When + /dev/nsa0 is used, the backup application will + not rewind the + tape after writing a file, which allows writing more than one + file to a tape. Using /dev/esa0 + ejects the tape after the device is closed. + + In &os;, mt is used to control + operations of the tape drive, such as seeking through files on + a tape or writing tape control marks to the tape. For + example, the first three files on a tape can be + preserved by skipping past them before writing a new + file: + + &prompt.root; mt -f /dev/nsa0 fsf 3 + + This utility supports many operations. Refer to + &man.mt.1; for details. + + To write a single file to tape using + tar, specify the name of the tape device + and the file to backup: + + &prompt.root; tar cvf /dev/sa0 file + + To recovering files from a tar archive on tape into + the current directory: + + &prompt.root; tar xvf /dev/sa0 + + To backup a UFS file system, use + dump. This examples backs up + /usr without rewinding the tape when + finished: + + &prompt.root; dump -0aL -b64 -f /dev/nsa0 /usr + + To interactively restore files from a dump file on + tape into the current directory: + + &prompt.root; restore -i -f /dev/nsa0 + + Third-Party Backup Utilities @@ -2018,7 +1994,9 @@ cd0: Attempt to query device size failed The &os; Ports Collection provides many third-party utilities which can be used to schedule the creation of - backups. Many of these applications are client/server based + backups, simplify tape backup, and make + backups easier and more convenient. + Many of these applications are client/server based and can be used to automate the backups of a single system or all of the computers in a network. From owner-svn-doc-all@FreeBSD.ORG Wed Apr 9 18:20:06 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B29CEE6B; Wed, 9 Apr 2014 18:20:06 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 931081BDB; Wed, 9 Apr 2014 18:20:06 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s39IK6dZ068267; Wed, 9 Apr 2014 18:20:06 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s39IK6vl068266; Wed, 9 Apr 2014 18:20:06 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404091820.s39IK6vl068266@svn.freebsd.org> From: Dru Lavigne Date: Wed, 9 Apr 2014 18:20:06 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44510 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 18:20:06 -0000 Author: dru Date: Wed Apr 9 18:20:06 2014 New Revision: 44510 URL: http://svnweb.freebsd.org/changeset/doc/44510 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 9 18:14:01 2014 (r44509) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 9 18:20:06 2014 (r44510) @@ -1926,38 +1926,38 @@ cd0: Attempt to query device size failed - - Using Data Tapes for Backups + + Using Data Tapes for Backups - tape media + tape media - While tape technology has continued to evolve, - modern backup systems tend to combine - off-site backups with local removable media. - &os; supports any tape drive that - uses SCSI, such as LTO or - DAT. There is limited support for SATA - and USB tape drives. - - For SCSI tape devices, &os; uses the &man.sa.4; driver and the - /dev/sa0, /dev/nsa0, - and /dev/esa0 devices. The physical device name is - /dev/sa0. When - /dev/nsa0 is used, the backup application will - not rewind the - tape after writing a file, which allows writing more than one - file to a tape. Using /dev/esa0 - ejects the tape after the device is closed. + While tape technology has continued to evolve, modern + backup systems tend to combine off-site backups with local + removable media. &os; supports any tape drive that uses + SCSI, such as LTO or + DAT. There is limited support for + SATA and USB tape + drives. + + For SCSI tape devices, &os; uses the + &man.sa.4; driver and the /dev/sa0, + /dev/nsa0, and + /dev/esa0 devices. The physical device + name is /dev/sa0. When + /dev/nsa0 is used, the backup application + will not rewind the tape after writing a file, which allows + writing more than one file to a tape. Using + /dev/esa0 ejects the tape after the + device is closed. In &os;, mt is used to control operations of the tape drive, such as seeking through files on a tape or writing tape control marks to the tape. For - example, the first three files on a tape can be - preserved by skipping past them before writing a new - file: + example, the first three files on a tape can be preserved by + skipping past them before writing a new file: &prompt.root; mt -f /dev/nsa0 fsf 3 - + This utility supports many operations. Refer to &man.mt.1; for details. @@ -1967,8 +1967,8 @@ cd0: Attempt to query device size failed &prompt.root; tar cvf /dev/sa0 file - To recovering files from a tar archive on tape into - the current directory: + To recovering files from a tar archive + on tape into the current directory: &prompt.root; tar xvf /dev/sa0 @@ -1979,12 +1979,13 @@ cd0: Attempt to query device size failed &prompt.root; dump -0aL -b64 -f /dev/nsa0 /usr - To interactively restore files from a dump file on - tape into the current directory: + To interactively restore files from a + dump file on tape into the current + directory: &prompt.root; restore -i -f /dev/nsa0 - - + + Third-Party Backup Utilities @@ -1994,11 +1995,10 @@ cd0: Attempt to query device size failed The &os; Ports Collection provides many third-party utilities which can be used to schedule the creation of - backups, simplify tape backup, and make - backups easier and more convenient. - Many of these applications are client/server based - and can be used to automate the backups of a single system or - all of the computers in a network. + backups, simplify tape backup, and make backups easier and + more convenient. Many of these applications are client/server + based and can be used to automate the backups of a single + system or all of the computers in a network. Popular utilities include Amanda, From owner-svn-doc-all@FreeBSD.ORG Wed Apr 9 19:14:04 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0EE4DD51; Wed, 9 Apr 2014 19:14:04 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E1ED3130F; Wed, 9 Apr 2014 19:14:03 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s39JE3Wb092206; Wed, 9 Apr 2014 19:14:03 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s39JE3i6092205; Wed, 9 Apr 2014 19:14:03 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201404091914.s39JE3i6092205@svn.freebsd.org> From: Glen Barber Date: Wed, 9 Apr 2014 19:14:03 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44511 - head/en_US.ISO8859-1/htdocs/releases/10.0R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 19:14:04 -0000 Author: gjb Date: Wed Apr 9 19:14:03 2014 New Revision: 44511 URL: http://svnweb.freebsd.org/changeset/doc/44511 Log: Regen after r264286. Reminded by: brooks Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html Modified: head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html Wed Apr 9 18:20:06 2014 (r44510) +++ head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html Wed Apr 9 19:14:03 2014 (r44511) @@ -1,5 +1,5 @@ -FreeBSD 10.0-RELEASE Errata

    FreeBSD 10.0-RELEASE Errata

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation Project

    FreeBSD is a registered trademark of +FreeBSD 10.0-RELEASE Errata

    FreeBSD 10.0-RELEASE Errata

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation Project

    FreeBSD is a registered trademark of the FreeBSD Foundation.

    Intel, Celeron, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United @@ -12,7 +12,7 @@ as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the or the - symbol.

    Last modified on 2014-04-04 by gjb.
    Abstract

    This document lists errata items for FreeBSD 10.0-RELEASE, + symbol.

    Last modified on 2014-04-09 by gjb.
    Abstract

    This document lists errata items for FreeBSD 10.0-RELEASE, containing significant information discovered after the release or too late in the release cycle to be otherwise included in the release documentation. @@ -38,7 +38,7 @@ the snapshot).

    For a list of all FreeBSD CERT security advisories, see http://www.FreeBSD.org/security/ or ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/.

    2.Security Advisories

    AdvisoryDateTopic
    SA-13:14.openssh19November2013

    OpenSSH AES-GCM memory corruption - vulnerability

    SA-14:01.bsnmpd14January2014

    bsnmpd remote denial of service vulnerability

    SA-14:02.ntpd14January2014

    ntpd distributed reflection Denial of Service vulnerability

    SA-14:03.openssl14January2014

    OpenSSL multiple vulnerabilities

    SA-14:04.bind< /a>14January2014

    BIND remote denial of service vulnerability

    • 3.Open Issues

    3.Open Issues

    • FreeBSD/i386 10.0-RELEASE running as a guest operating system on VirtualBox can have a problem with disk I/O access. It depends on some specific hardware configuration and does not depend on a From owner-svn-doc-all@FreeBSD.ORG Wed Apr 9 20:03:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 61E30D4; Wed, 9 Apr 2014 20:03:12 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4F0A41870; Wed, 9 Apr 2014 20:03:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s39K3CVL012935; Wed, 9 Apr 2014 20:03:12 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s39K3Cb2012934; Wed, 9 Apr 2014 20:03:12 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404092003.s39K3Cb2012934@svn.freebsd.org> From: Dru Lavigne Date: Wed, 9 Apr 2014 20:03:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44512 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 20:03:12 -0000 Author: dru Date: Wed Apr 9 20:03:11 2014 New Revision: 44512 URL: http://svnweb.freebsd.org/changeset/doc/44512 Log: Fix grammo. Submitted by: wblock Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 9 19:14:03 2014 (r44511) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 9 20:03:11 2014 (r44512) @@ -1967,7 +1967,7 @@ cd0: Attempt to query device size failed &prompt.root; tar cvf /dev/sa0 file - To recovering files from a tar archive + To recover files from a tar archive on tape into the current directory: &prompt.root; tar xvf /dev/sa0 From owner-svn-doc-all@FreeBSD.ORG Wed Apr 9 20:11:05 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A192A6CA; Wed, 9 Apr 2014 20:11:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8DC03195B; Wed, 9 Apr 2014 20:11:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s39KB53N014536; Wed, 9 Apr 2014 20:11:05 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s39KB5YI014535; Wed, 9 Apr 2014 20:11:05 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404092011.s39KB5YI014535@svn.freebsd.org> From: Dru Lavigne Date: Wed, 9 Apr 2014 20:11:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44513 - head/en_US.ISO8859-1/books/handbook/jails X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 20:11:05 -0000 Author: dru Date: Wed Apr 9 20:11:05 2014 New Revision: 44513 URL: http://svnweb.freebsd.org/changeset/doc/44513 Log: Integrate later Introduction into the Synopsis of the Jails chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/jails/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Wed Apr 9 20:03:11 2014 (r44512) +++ head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Wed Apr 9 20:11:05 2014 (r44513) @@ -18,34 +18,90 @@ Synopsis - This chapter will provide an explanation of what &os; jails - are and how to use them. Jails, sometimes referred to as an - enhanced replacement of - chroot environments, are a very powerful - tool for system administrators, but their basic usage can also - be useful for advanced users. + Since system administration is a difficult + task, many tools have been developed to make life easier for + the administrator. These tools often enhance + the way systems are installed, configured, and + maintained. One of the tools which can be used to enhance the security + of a &os; system is jails. Jails have + been available since &os; 4.X and continue to be + enhanced in their + usefulness, performance, reliability, and security. - - Jails are a powerful tool, but they are not a security - panacea. It is particularly important to note that while it - is not possible for a jailed process to break out on its own, - there are several ways in which an unprivileged user outside - the jail can cooperate with a privileged user inside the jail - and thereby obtain elevated privileges in the host + Jails build upon the &man.chroot.2; concept, which is used to + change the root directory of a set of processes, creating a + safe environment, separate from the rest of the system. + Processes created in the chrooted environment can not access + files or resources outside of it. For that reason, + compromising a service running in a chrooted environment + should not allow the attacker to compromise the entire system. + However, a chroot has several limitations. It is suited to easy tasks which do not + require much flexibility or complex, advanced features. Over time + many ways have + been found to escape from a chrooted environment, making it + a less than ideal solution for + securing services. + + Jails improve on the concept of the traditional + chroot environment in several ways. In a traditional + chroot environment, processes are only limited in the + part of the file system they can access. The rest of the + system resources, system users, running + processes, and the networking subsystem are shared by the + chrooted processes and the processes of the host system. + Jails expand this model by virtualizing access to the + file system, the set of users, and the networking + subsystem. More + fine-grained controls are available for tuning the + access of a jailed environment. + + A jail is characterized by four elements: + + + + A directory subtree: the starting point from + which a jail is entered. Once inside the jail, a process + is not permitted to escape outside of this subtree. + + + + A hostname: which will be used + by the jail. + + + + An IP address: which is + assigned to the jail. The IP address of a jail is + often an alias address for an existing network + interface. + + + + A command: the path name of an executable to + run inside the jail. The path is relative to the + root directory of the jail environment. + + + + Jails have their own set of users + and their own root account which + are limited + to the jail environment. + The root + account of a jail is not allowed to perform operations + to the system outside of the associated jail environment. - Most of these attacks can be mitigated by ensuring that - the jail root is not accessible to unprivileged users in the - host environment. Regardless, as a general rule, untrusted - users with privileged access to a jail should not be given - access to the host environment. - + This chapter provides an overview of jail terminology + are how to use &os; jails. Jails are a powerful + tool for system administrators, but their basic usage can also + be useful for advanced users. After reading this chapter, you will know: - What a jail is, and what purpose it may serve in &os; + What a jail is and what purpose it may serve in &os; installations. @@ -59,25 +115,21 @@ - Other sources of useful information about jails are: - - - - The &man.jail.8; manual page. This is the full - reference of the jail utility — the - administrative tool which can be used in &os; to start, - stop, and control &os; jails. - + + Jails are a powerful tool, but they are not a security + panacea. While it + is not possible for a jailed process to break out on its own, + there are several ways in which an unprivileged user outside + the jail can cooperate with a privileged user inside the jail + to obtain elevated privileges in the host + environment. - - The mailing lists and their archives. The archives of - the &a.questions; and other mailing lists hosted by the - &a.mailman.lists; already contain a wealth of material for - jails. It should always be engaging to search the archives, - or post a new question to the &a.questions.name; mailing - list. - - + Most of these attacks can be mitigated by ensuring that + the jail root is not accessible to unprivileged users in the + host environment. As a general rule, untrusted + users with privileged access to a jail should not be given + access to the host environment. + @@ -141,111 +193,6 @@ - - Introduction - - Since system administration is a difficult and perplexing - task, many powerful tools were developed to make life easier for - the administrator. These tools mostly provide enhancements of - some sort to the way systems are installed, configured and - maintained. Part of the tasks which an administrator is - expected to do is to properly configure the security of a - system, so that it can continue serving its real purpose, - without allowing security violations. - - One of the tools which can be used to enhance the security - of a &os; system are jails. Jails were - introduced in &os; 4.X by &a.phk.email;, but were greatly - improved in &os; 5.X to make them a powerful and flexible - subsystem. Their development still goes on, enhancing their - usefulness, performance, reliability, and security. - - - What is a Jail - - BSD-like operating systems have had &man.chroot.2; since - the time of 4.2BSD. The &man.chroot.8; utility can be used to - change the root directory of a set of processes, creating a - safe environment, separate from the rest of the system. - Processes created in the chrooted environment can not access - files or resources outside of it. For that reason, - compromising a service running in a chrooted environment - should not allow the attacker to compromise the entire system. - The &man.chroot.8; utility is good for easy tasks which do not - require much flexibility or complex, advanced features. Since - the inception of the chroot concept, however, many ways have - been found to escape from a chrooted environment and, although - they have been fixed in modern versions of the &os; kernel, it - was clear that &man.chroot.2; was not the ideal solution for - securing services. A new subsystem had to be - implemented. - - This is one of the main reasons why - jails were developed. - - Jails improve on the concept of the traditional - &man.chroot.2; environment in several ways. In a traditional - &man.chroot.2; environment, processes are only limited in the - part of the file system they can access. The rest of the - system resources (like the set of system users, the running - processes, or the networking subsystem) are shared by the - chrooted processes and the processes of the host system. - Jails expand this model by virtualizing not only access to the - file system, but also the set of users, the networking - subsystem of the &os; kernel and a few other things. A more - complete set of fine-grained controls available for tuning the - access of a jailed environment is described in - . - - A jail is characterized by four elements: - - - - A directory subtree — the starting point from - which a jail is entered. Once inside the jail, a process - is not permitted to escape outside of this subtree. - Traditional security issues which plagued the original - &man.chroot.2; design will not affect &os; jails. - - - - A hostname — the hostname which will be used - within the jail. Jails are mainly used for hosting - network services, therefore having a descriptive hostname - for each jail can really help the system - administrator. - - - - An IP address — this will be - assigned to the jail and cannot be changed in any way - during the jail's life span. The IP address of a jail is - usually an alias address for an existing network - interface, but this is not strictly necessary. - - - - A command — the path name of an executable to - run inside the jail. The path is relative to the - root directory of the jail environment. - - - - Apart from these, jails can have their own set of users - and their own root user. Naturally, the - powers of the root user are limited - within the jail environment and, from the point of view of the - host system, the jail root user is not an - omnipotent user. In addition, the root - user of a jail is not allowed to perform critical operations - to the system outside of the associated &man.jail.8; - environment. More information about capabilities and - restrictions of the root user will be - discussed in - below. - - - Creating and Controlling Jails @@ -322,7 +269,7 @@ Once a jail is installed, it can be started by using the &man.jail.8; utility. The &man.jail.8; utility takes four mandatory arguments which are described in the - . Other arguments may be specified + . Other arguments may be specified too, e.g., to run the jailed process with the credentials of a specific user. The argument From owner-svn-doc-all@FreeBSD.ORG Wed Apr 9 20:47:32 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4BE519B0; Wed, 9 Apr 2014 20:47:32 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 38D2B1D16; Wed, 9 Apr 2014 20:47:32 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s39KlW1a030060; Wed, 9 Apr 2014 20:47:32 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s39KlWx5030059; Wed, 9 Apr 2014 20:47:32 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201404092047.s39KlWx5030059@svn.freebsd.org> From: Benedict Reuschling Date: Wed, 9 Apr 2014 20:47:32 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-svnadmin@freebsd.org Subject: svn commit: r44514 - svnadmin/conf X-SVN-Group: doc-svnadmin MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 20:47:32 -0000 Author: bcr Date: Wed Apr 9 20:47:31 2014 New Revision: 44514 URL: http://svnweb.freebsd.org/changeset/doc/44514 Log: "The Guide says there is an art to flying", said Ford, "or rather a knack. The knack lies in learning how to throw yourself at the ground and miss." - Douglas Adams: Life, the Universe and Everything It is about time we release crees from our mentorship to fly on his own. Congratulations and happy committing! Discussed with: gjb (co-mentor) Approved by: doceng (implicit) Modified: svnadmin/conf/mentors Modified: svnadmin/conf/mentors ============================================================================== --- svnadmin/conf/mentors Wed Apr 9 20:11:05 2014 (r44513) +++ svnadmin/conf/mentors Wed Apr 9 20:47:31 2014 (r44514) @@ -10,7 +10,6 @@ # Sort by mentee login name. # Mentee Mentor Optional comment -crees bcr co-mentor: gjb bjk hrs des gjb backup mentor: gabor ebrandi gabor From owner-svn-doc-all@FreeBSD.ORG Wed Apr 9 22:49:58 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C606AD77; Wed, 9 Apr 2014 22:49:58 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B23FD1D9F; Wed, 9 Apr 2014 22:49:58 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s39MnwqX079203; Wed, 9 Apr 2014 22:49:58 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s39MnwLj079202; Wed, 9 Apr 2014 22:49:58 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404092249.s39MnwLj079202@svn.freebsd.org> From: Gabor Pali Date: Wed, 9 Apr 2014 22:49:58 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44515 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 22:49:58 -0000 Author: pgj Date: Wed Apr 9 22:49:58 2014 New Revision: 44515 URL: http://svnweb.freebsd.org/changeset/doc/44515 Log: - Improve the 2014Q1 status report on the Wine port Submitted by: dbn Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Wed Apr 9 20:47:31 2014 (r44514) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Wed Apr 9 22:49:58 2014 (r44515) @@ -1069,7 +1069,8 @@ &os;/amd64 integration, consult the i386-Wine wiki page for the details. - Port WoW64 and Wine64. + Port WoW64 (supporting Windows 32-bit and 64-bit from the + same port) and Wine64. From owner-svn-doc-all@FreeBSD.ORG Thu Apr 10 07:19:02 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CCBD227D; Thu, 10 Apr 2014 07:19:02 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B92731C6F; Thu, 10 Apr 2014 07:19:02 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3A7J2Rj093380; Thu, 10 Apr 2014 07:19:02 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3A7J2Rd093379; Thu, 10 Apr 2014 07:19:02 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201404100719.s3A7J2Rd093379@svn.freebsd.org> From: Benedict Reuschling Date: Thu, 10 Apr 2014 07:19:02 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44516 - head/de_DE.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Apr 2014 07:19:02 -0000 Author: bcr Date: Thu Apr 10 07:19:02 2014 New Revision: 44516 URL: http://svnweb.freebsd.org/changeset/doc/44516 Log: Fix missing & in ports.size-entity. Submitted by: Bjoern Heidotting Obtained from: The FreeBSD German Documentation Project Done in front of: Unix for developers class summer semester 2014 Modified: head/de_DE.ISO8859-1/books/handbook/bsdinstall/chapter.xml Modified: head/de_DE.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/de_DE.ISO8859-1/books/handbook/bsdinstall/chapter.xml Wed Apr 9 22:49:58 2014 (r44515) +++ head/de_DE.ISO8859-1/books/handbook/bsdinstall/chapter.xml Thu Apr 10 07:19:02 2014 (r44516) @@ -1122,7 +1122,7 @@ Trying to mount root from cd9660:/dev/is gengend Plattenplatz zur Verfgung steht. Whlen Sie diese Option nur, wenn Sie ber ausreichend Festplattenspeicher verfgen. Seit - &os; 9.0, nimmt die Ports-Sammlung etwa ports.size; + &os; 9.0, nimmt die Ports-Sammlung etwa &ports.size; Plattenplatz ein. Sie knnen fr neuere Versionen von &os; einen grsseren Wert annehmen. From owner-svn-doc-all@FreeBSD.ORG Thu Apr 10 15:07:30 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DA3558CC; Thu, 10 Apr 2014 15:07:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B984E1D15; Thu, 10 Apr 2014 15:07:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3AF7Tra087030; Thu, 10 Apr 2014 15:07:29 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3AF7TFm087029; Thu, 10 Apr 2014 15:07:29 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404101507.s3AF7TFm087029@svn.freebsd.org> From: Dru Lavigne Date: Thu, 10 Apr 2014 15:07:29 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44517 - head/en_US.ISO8859-1/books/handbook/jails X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Apr 2014 15:07:30 -0000 Author: dru Date: Thu Apr 10 15:07:29 2014 New Revision: 44517 URL: http://svnweb.freebsd.org/changeset/doc/44517 Log: Rename Service Jails to a more descriptive Updating Multiple Jails. Editorial review of this section. It still needs to address PR168939 and the comments in this section. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/jails/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Thu Apr 10 07:19:02 2014 (r44516) +++ head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Thu Apr 10 15:07:29 2014 (r44517) @@ -470,61 +470,55 @@ jail_www_devf - Application of Jails + + Updating Multiple Jails - - Service Jails DanielGerzoContributed by + + + + Simon + L. B. Nielsen + + Based upon an idea presented by + + + + + + Ken + Tom + + And an article written by + + - - - This section is based upon an idea originally presented by - &a.simon.email; at http://simon.nitro.dk/service-jails.html, and - an updated article written by Ken Tom - locals@gmail.com. This section illustrates how - to set up a &os; system that adds an additional layer of - security, using the &man.jail.8; feature. It is also assumed - that the given system is at least running RELENG_6_0 and the - information provided earlier in this chapter has been well - understood. - - - Design - - One of the major problems with jails is the management - of their upgrade process. This tends to be a problem + The management of multiple jails can become + problematic because every jail has to be rebuilt from scratch whenever - it is updated. This is usually not a problem for a single - jail, since the update process is fairly simple, but can be - quite time consuming and tedious if a lot of jails are - created. - - - This setup requires advanced experience with &os; and - usage of its features. If the presented steps below look - too complicated, it is advised to take a look at a simpler - system such as + it is upgraded. This can be + time consuming and tedious if a lot of jails are + created and manually updated. + + This section demonstrates one method to resolve this issue by + safely sharing as much as is possible between jails + using read-only &man.mount.nullfs.8; mounts, so that + updating is simpler. This makes it more attractive to put single services, + such as HTTP, DNS, + and SMTP, into + individual jails. Additionally, + it provides a simple way to add, remove, and + upgrade jails. + + + Simpler solutions exist, + such as sysutils/ezjail, which provides an easier method of administering &os; jails and is not as sophisticated as this setup. - - - This idea has been presented to resolve such issues by - sharing as much as is possible between jails, in a safe way - — using read-only &man.mount.nullfs.8; mounts, so that - updating will be simpler, and putting single services into - individual jails will become more attractive. Additionally, - it provides a simple way to add or remove jails as well as a - way to upgrade them. - - - Examples of services in this context are: an - HTTP server, a DNS - server, a SMTP server, and so - forth. The goals of the setup described in this section @@ -533,8 +527,8 @@ jail_www_devf Create a simple and easy to understand jail - structure. This implies not having - to run a full installworld on each and every + structure that does not require + running a full installworld on each and every jail. @@ -563,29 +557,31 @@ jail_www_devf - As it has been already mentioned, this design relies - heavily on having a single master template which is - read-only (known as nullfs) + This design relies + on a single, read-only master template which is mounted into each jail and one read-write device per jail. A device can be a separate physical disc, a partition, or a - vnode backed &man.md.4; device. In this example, we will - use read-write nullfs + vnode backed memory device. This example + uses read-write nullfs mounts. - The file system layout is described in the following - list: + The file system layout is as follows: + The jails are based under the + /home partition. + + + Each jail will be mounted under the /home/j directory. - /home/j/mroot - is the template for each jail and the read-only - partition for all of the jails. + The template for each jail and the read-only + partition for all of the jails is /home/j/mroot. @@ -596,57 +592,43 @@ jail_www_devf Each jail will have a - /s directory, + /s directory that will be linked to the read-write portion of the system. - Each jail shall have its own read-write system that + Each jail will have its own read-write system that is based upon /home/j/skel. - Each jailspace (read-write portion of each jail) - shall be created in /home/js. + The read-write portion of each jail + will be created in /home/js. - - This assumes that the jails are based under the - /home partition. - This can, of course, be changed to anything else, but this - change will have to be reflected in each of the examples - below. - - - + Creating the Template - This section will describe the steps needed to create - the master template that will be the read-only portion for - the jails to use. - - It is always a good idea to update the &os; system to - the latest -RELEASE branch. Check the corresponding - Handbook Chapter - to accomplish this task. In the case the update is not - feasible, the buildworld will be required in order to be - able to proceed. Additionally, the - sysutils/cpdup package - will be required. We will use the &man.portsnap.8; utility - to download the &os; Ports Collection. The Handbook - Portsnap - Chapter is always good reading for - newcomers. + This section describes the steps needed to create + the master template. + + It is recommended to first update the host &os; system to + the latest -RELEASE branch using the instructions in + . + Additionally, this template uses the + sysutils/cpdup package or port + and portsnap + will be used to download the &os; Ports Collection. First, create a directory structure for the read-only file system which will contain the &os; - binaries for our jails, then change directory to the + binaries for the jails. Then, change directory to the &os; source tree and install the read-only file system to the jail template: @@ -680,7 +662,7 @@ jail_www_devf Use mergemaster to - install missing configuration files. Then get rid of + install missing configuration files. Then, remove the the extra directories that mergemaster creates: @@ -691,10 +673,10 @@ jail_www_devf Now, symlink the read-write file system to the - read-only file system. Please make sure that the + read-only file system. Ensure that the symlinks are created in the correct - s/ locations. - Real directories or the creation of directories in the + s/ locations as + the creation of directories in the wrong locations will cause the installation to fail. @@ -712,34 +694,34 @@ jail_www_devf As a last step, create a generic - /home/j/skel/etc/make.conf with its - contents as shown below: + /home/j/skel/etc/make.conf containing + this line: WRKDIRPREFIX?= /s/portbuild - Having WRKDIRPREFIX set up this - way will make it possible to compile &os; ports inside + This + makes it possible to compile &os; ports inside each jail. Remember that the ports directory is part of the read-only system. The custom path for WRKDIRPREFIX allows builds to be done in the read-write portion of every jail. - + - + Creating Jails - Now that we have a complete &os; jail template, we can + The jail template can now be used to setup and configure the jails in /etc/rc.conf. This example - demonstrates the creation of 3 jails: NS, - MAIL and WWW. + demonstrates the creation of 3 jails: NS, + MAIL and WWW. - Put the following lines into the - /etc/fstab file, so that the + Add the following lines to + /etc/fstab, so that the read-only template for the jails and the read-write space will be available in the respective jails: @@ -750,19 +732,12 @@ jail_www_devf /home/js/mail /home/j/mail/s nullfs rw 0 0 /home/js/www /home/j/www/s nullfs rw 0 0 - - Partitions marked with a 0 pass number are not - checked by &man.fsck.8; during boot, and partitions - marked with a 0 dump number are not backed up by - &man.dump.8;. We do not want - fsck to check - nullfs mounts or - dump to back up the - read-only nullfs mounts of the jails. This is why - they are marked with 0 0 in the - last two columns of each fstab - entry above. - + To prevent + fsck from checking + nullfs mounts during boot and + dump from backing up the + read-only nullfs mounts of the jails, the last two + columns are both set to 0. @@ -785,25 +760,20 @@ jail_www_ip="62.123.43.14" jail_www_rootdir="/usr/home/j/www" jail_www_devfs_enable="YES" - - The reason why the + The jail_name_rootdir variable is set to /usr/home instead of - /home is that - the physical path of the - /home directory + /home because + the physical path of + /home on a default &os; installation is /usr/home. The jail_name_rootdir variable must not be set to a path which includes a symbolic link, otherwise the - jails will refuse to start. Use the &man.realpath.1; - utility to determine a value which should be set to - this variable. Please see the &os;-SA-07:01.jail - Security Advisory for more information. - + jails will refuse to start. @@ -814,11 +784,8 @@ jail_www_devfs_enable="YES" - Install the read-write template into each jail. - Note the use of - sysutils/cpdup, - which helps to ensure that a correct copy is done of - each directory: + Install the read-write template into each jail using + sysutils/cpdup: @@ -926,13 +890,6 @@ jail_www_devfs_enable="YES"umount /home/j/mail &prompt.root; umount /home/j/www/s &prompt.root; umount /home/j/www - - - The read-write systems are attached to the - read-only system - (/s) and must - be unmounted first. - @@ -961,11 +918,9 @@ jail_www_devfs_enable="YES" - Use &man.jls.8; to check if the jails started correctly. - Do not forget to run mergemaster in each jail. The - configuration files will need to be updated as well as the - rc.d scripts. - + Use jls to check if the jails started correctly. + Run mergemaster in each jail to update the + configuration files. From owner-svn-doc-all@FreeBSD.ORG Thu Apr 10 16:39:25 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 153926A1; Thu, 10 Apr 2014 16:39:25 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 01206179A; Thu, 10 Apr 2014 16:39:25 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3AGdONM024779; Thu, 10 Apr 2014 16:39:24 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3AGdOBh024778; Thu, 10 Apr 2014 16:39:24 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404101639.s3AGdOBh024778@svn.freebsd.org> From: Dru Lavigne Date: Thu, 10 Apr 2014 16:39:24 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44518 - head/en_US.ISO8859-1/books/handbook/jails X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Apr 2014 16:39:25 -0000 Author: dru Date: Thu Apr 10 16:39:24 2014 New Revision: 44518 URL: http://svnweb.freebsd.org/changeset/doc/44518 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/jails/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Thu Apr 10 15:07:29 2014 (r44517) +++ head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Thu Apr 10 16:39:24 2014 (r44518) @@ -5,97 +5,91 @@ $FreeBSD$ --> - Jails + + Jails + - MatteoRiondatoContributed by + MatteoRiondatoContributed + by - - jails Synopsis - Since system administration is a difficult - task, many tools have been developed to make life easier for - the administrator. These tools often enhance - the way systems are installed, configured, and - maintained. One of the tools which can be used to enhance the security - of a &os; system is jails. Jails have - been available since &os; 4.X and continue to be - enhanced in their - usefulness, performance, reliability, and security. - - Jails build upon the &man.chroot.2; concept, which is used to - change the root directory of a set of processes, creating a - safe environment, separate from the rest of the system. - Processes created in the chrooted environment can not access - files or resources outside of it. For that reason, - compromising a service running in a chrooted environment - should not allow the attacker to compromise the entire system. - However, a chroot has several limitations. It is suited to easy tasks which do not - require much flexibility or complex, advanced features. Over time - many ways have - been found to escape from a chrooted environment, making it - a less than ideal solution for - securing services. - - Jails improve on the concept of the traditional - chroot environment in several ways. In a traditional - chroot environment, processes are only limited in the - part of the file system they can access. The rest of the - system resources, system users, running - processes, and the networking subsystem are shared by the - chrooted processes and the processes of the host system. - Jails expand this model by virtualizing access to the - file system, the set of users, and the networking - subsystem. More - fine-grained controls are available for tuning the - access of a jailed environment. + Since system administration is a difficult task, many tools + have been developed to make life easier for the administrator. + These tools often enhance the way systems are installed, + configured, and maintained. One of the tools which can be used + to enhance the security of a &os; system is + jails. Jails have been available since + &os; 4.X and continue to be enhanced in their usefulness, + performance, reliability, and security. + + Jails build upon the &man.chroot.2; concept, which is used + to change the root directory of a set of processes, creating a + safe environment, separate from the rest of the system. + Processes created in the chrooted environment can not access + files or resources outside of it. For that reason, compromising + a service running in a chrooted environment should not allow the + attacker to compromise the entire system. However, a chroot has + several limitations. It is suited to easy tasks which do not + require much flexibility or complex, advanced features. Over + time many ways have been found to escape from a chrooted + environment, making it a less than ideal solution for securing + services. + + Jails improve on the concept of the traditional chroot + environment in several ways. In a traditional chroot + environment, processes are only limited in the part of the file + system they can access. The rest of the system resources, + system users, running processes, and the networking subsystem + are shared by the chrooted processes and the processes of the + host system. Jails expand this model by virtualizing access to + the file system, the set of users, and the networking subsystem. + More fine-grained controls are available for tuning the access + of a jailed environment. - A jail is characterized by four elements: + A jail is characterized by four elements: - - - A directory subtree: the starting point from - which a jail is entered. Once inside the jail, a process - is not permitted to escape outside of this subtree. - + + + A directory subtree: the starting point from which a + jail is entered. Once inside the jail, a process is not + permitted to escape outside of this subtree. + - - A hostname: which will be used - by the jail. - + + A hostname: which will be used by the jail. + - - An IP address: which is - assigned to the jail. The IP address of a jail is - often an alias address for an existing network - interface. - + + An IP address: which is assigned to + the jail. The IP address of a jail is + often an alias address for an existing network + interface. + - - A command: the path name of an executable to - run inside the jail. The path is relative to the - root directory of the jail environment. - - + + A command: the path name of an executable to run inside + the jail. The path is relative to the root directory of the + jail environment. + + - Jails have their own set of users - and their own root account which - are limited - to the jail environment. - The root - account of a jail is not allowed to perform operations - to the system outside of the associated jail - environment. - - This chapter provides an overview of jail terminology - are how to use &os; jails. Jails are a powerful - tool for system administrators, but their basic usage can also - be useful for advanced users. + Jails have their own set of users and their own root account which are limited + to the jail environment. The root account of a jail is not + allowed to perform operations to the system outside of the + associated jail environment. + + This chapter provides an overview of jail terminology are + how to use &os; jails. Jails are a powerful tool for system + administrators, but their basic usage can also be useful for + advanced users. After reading this chapter, you will know: @@ -110,25 +104,24 @@ - The basics of jail administration, both from inside - and outside the jail. + The basics of jail administration, both from inside and + outside the jail. Jails are a powerful tool, but they are not a security - panacea. While it - is not possible for a jailed process to break out on its own, - there are several ways in which an unprivileged user outside - the jail can cooperate with a privileged user inside the jail - to obtain elevated privileges in the host - environment. + panacea. While it is not possible for a jailed process to + break out on its own, there are several ways in which an + unprivileged user outside the jail can cooperate with a + privileged user inside the jail to obtain elevated privileges + in the host environment. Most of these attacks can be mitigated by ensuring that the jail root is not accessible to unprivileged users in the - host environment. As a general rule, untrusted - users with privileged access to a jail should not be given - access to the host environment. + host environment. As a general rule, untrusted users with + privileged access to a jail should not be given access to the + host environment. @@ -268,8 +261,8 @@ Once a jail is installed, it can be started by using the &man.jail.8; utility. The &man.jail.8; utility takes four - mandatory arguments which are described in the - . Other arguments may be specified + mandatory arguments which are described in the . Other arguments may be specified too, e.g., to run the jailed process with the credentials of a specific user. The argument @@ -324,8 +317,8 @@ jail_www_devf - &man.service.8; can be used to - start or stop a jail by hand, if an entry for it exists in + &man.service.8; can be used to start or stop a jail by hand, + if an entry for it exists in rc.conf: &prompt.root; service jail start www @@ -418,16 +411,17 @@ jail_www_devf These variables can be used by the system administrator of the host system to add or remove some of - the limitations imposed by default on the - root user. Note that there are some - limitations which cannot be removed. The - root user is not allowed to mount or - unmount file systems from within a &man.jail.8;. The - root inside a jail may not load or unload - &man.devfs.8; rulesets, set firewall rules, or do many other - administrative tasks which require modifications of in-kernel - data, such as setting the securelevel of - the kernel. + the limitations imposed by default on the root user. Note that there + are some limitations which cannot be removed. The + root user is not + allowed to mount or unmount file systems from within a + &man.jail.8;. The root inside a jail may not + load or unload &man.devfs.8; rulesets, set firewall rules, or + do many other administrative tasks which require modifications + of in-kernel data, such as setting the + securelevel of the kernel. The base system of &os; contains a basic set of tools for viewing information about the active jails, and attaching to a @@ -446,10 +440,10 @@ jail_www_devf Attach to a running jail, from its host system, and run a command inside the jail or perform administrative tasks inside the jail itself. This is especially useful - when the root user wants to cleanly - shut down a jail. The &man.jexec.8; utility can also be - used to start a shell in a jail to do administration in - it; for example: + when the root + user wants to cleanly shut down a jail. The &man.jexec.8; + utility can also be used to start a shell in a jail to do + administration in it; for example: &prompt.root; jexec 1 tcsh @@ -462,10 +456,9 @@ jail_www_devf Among the many third-party utilities for jail administration, one of the most complete and useful is - sysutils/jailutils. It is - a set of small applications that contribute to &man.jail.8; - management. Please refer to its web page for more - information. + sysutils/jailutils. It is a set of small + applications that contribute to &man.jail.8; management. + Please refer to its web page for more information. @@ -474,7 +467,8 @@ jail_www_devf Updating Multiple Jails - DanielGerzoContributed by + DanielGerzoContributed + by @@ -496,191 +490,176 @@ jail_www_devf - The management of multiple jails can become - problematic - because every jail has to be rebuilt from scratch whenever - it is upgraded. This can be - time consuming and tedious if a lot of jails are - created and manually updated. - - This section demonstrates one method to resolve this issue by - safely sharing as much as is possible between jails - using read-only &man.mount.nullfs.8; mounts, so that - updating is simpler. This makes it more attractive to put single services, - such as HTTP, DNS, - and SMTP, into - individual jails. Additionally, - it provides a simple way to add, remove, and - upgrade jails. + The management of multiple jails can become problematic + because every jail has to be rebuilt from scratch whenever it is + upgraded. This can be time consuming and tedious if a lot of + jails are created and manually updated. + + This section demonstrates one method to resolve this issue + by safely sharing as much as is possible between jails using + read-only &man.mount.nullfs.8; mounts, so that updating is + simpler. This makes it more attractive to put single services, + such as HTTP, DNS, and + SMTP, into individual jails. Additionally, + it provides a simple way to add, remove, and upgrade + jails. + + + Simpler solutions exist, such as + sysutils/ezjail, which provides an easier + method of administering &os; jails and is not as sophisticated + as this setup. + - - Simpler solutions exist, - such as - sysutils/ezjail, which - provides an easier method of administering &os; jails and - is not as sophisticated as this setup. - + The goals of the setup described in this section are: + + + + Create a simple and easy to understand jail structure + that does not require running a full installworld on each + and every jail. + + + + Make it easy to add new jails or remove existing + ones. + + + + Make it easy to update or upgrade existing jails. + + + + Make it possible to run a customized &os; branch. + - The goals of the setup described in this section - are: + + Be paranoid about security, reducing as much as + possible the possibility of compromise. + + + + Save space and inodes, as much as possible. + + + + This design relies on a single, read-only master template + which is mounted into each jail and one read-write device per + jail. A device can be a separate physical disc, a partition, or + a vnode backed memory device. This example uses read-write + nullfs mounts. - - - Create a simple and easy to understand jail - structure that does not require - running a full installworld on each and every - jail. - - - - Make it easy to add new jails or remove existing - ones. - - - - Make it easy to update or upgrade existing - jails. - - - - Make it possible to run a customized &os; - branch. - - - - Be paranoid about security, reducing as much as - possible the possibility of compromise. - - - - Save space and inodes, as much as possible. - - - - This design relies - on a single, read-only master template which is - mounted into each jail and one read-write device per jail. - A device can be a separate physical disc, a partition, or a - vnode backed memory device. This example - uses read-write nullfs - mounts. - - The file system layout is as follows: - - - - The jails are based under the - /home partition. - - - - Each jail will be mounted under the - /home/j - directory. - - - - The template for each jail and the read-only - partition for all of the jails is /home/j/mroot. - - - - A blank directory will be created for each jail - under the /home/j - directory. - - - - Each jail will have a - /s directory - that will be linked to the read-write portion of the - system. - - - - Each jail will have its own read-write system that - is based upon /home/j/skel. - - - - The read-write portion of each jail - will be created in /home/js. - - + The file system layout is as follows: + + + + The jails are based under the + /home partition. + + + + Each jail will be mounted under the + /home/j directory. + + + + The template for each jail and the read-only partition + for all of the jails is + /home/j/mroot. + + + + A blank directory will be created for each jail under + the /home/j directory. + + + + Each jail will have a /s directory + that will be linked to the read-write portion of the + system. + + + + Each jail will have its own read-write system that is + based upon /home/j/skel. + + + + The read-write portion of each jail will be created in + /home/js. + + - - Creating the Template + + Creating the Template - This section describes the steps needed to create - the master template. + This section describes the steps needed to create the + master template. - It is recommended to first update the host &os; system to - the latest -RELEASE branch using the instructions in - . - Additionally, this template uses the - sysutils/cpdup package or port - and portsnap - will be used to download the &os; Ports Collection. - - - - First, create a directory structure for the - read-only file system which will contain the &os; - binaries for the jails. Then, change directory to the - &os; source tree and install the read-only file system - to the jail template: + It is recommended to first update the host &os; system to + the latest -RELEASE branch using the instructions in . Additionally, this template uses the + sysutils/cpdup package or port and + portsnap will be used to download + the &os; Ports Collection. + + + + First, create a directory structure for the read-only + file system which will contain the &os; binaries for the + jails. Then, change directory to the &os; source tree and + install the read-only file system to the jail + template: - &prompt.root; mkdir /home/j /home/j/mroot + &prompt.root; mkdir /home/j /home/j/mroot &prompt.root; cd /usr/src &prompt.root; make installworld DESTDIR=/home/j/mroot - + - - Next, prepare a &os; Ports Collection for the jails - as well as a &os; source tree, which is required for - mergemaster: + + Next, prepare a &os; Ports Collection for the jails as + well as a &os; source tree, which is required for + mergemaster: - &prompt.root; cd /home/j/mroot + &prompt.root; cd /home/j/mroot &prompt.root; mkdir usr/ports &prompt.root; portsnap -p /home/j/mroot/usr/ports fetch extract &prompt.root; cpdup /usr/src /home/j/mroot/usr/src - + - - Create a skeleton for the read-write portion of the - system: + + Create a skeleton for the read-write portion of the + system: - &prompt.root; mkdir /home/j/skel /home/j/skel/home /home/j/skel/usr-X11R6 /home/j/skel/distfiles + &prompt.root; mkdir /home/j/skel /home/j/skel/home /home/j/skel/usr-X11R6 /home/j/skel/distfiles &prompt.root; mv etc /home/j/skel &prompt.root; mv usr/local /home/j/skel/usr-local &prompt.root; mv tmp /home/j/skel &prompt.root; mv var /home/j/skel &prompt.root; mv root /home/j/skel - + - - Use mergemaster to - install missing configuration files. Then, remove the - the extra directories that - mergemaster creates: + + Use mergemaster to install + missing configuration files. Then, remove the the extra + directories that mergemaster + creates: - &prompt.root; mergemaster -t /home/j/skel/var/tmp/temproot -D /home/j/skel -i + &prompt.root; mergemaster -t /home/j/skel/var/tmp/temproot -D /home/j/skel -i &prompt.root; cd /home/j/skel &prompt.root; rm -R bin boot lib libexec mnt proc rescue sbin sys usr dev - + - - Now, symlink the read-write file system to the - read-only file system. Ensure that the - symlinks are created in the correct - s/ locations as - the creation of directories in the - wrong locations will cause the installation to - fail. + + Now, symlink the read-write file system to the + read-only file system. Ensure that the symlinks are + created in the correct s/ locations + as the creation of directories in the wrong locations will + cause the installation to fail. - &prompt.root; cd /home/j/mroot + &prompt.root; cd /home/j/mroot &prompt.root; mkdir s &prompt.root; ln -s s/etc etc &prompt.root; ln -s s/home home @@ -690,61 +669,59 @@ jail_www_devf &prompt.root; ln -s s/distfiles usr/ports/distfiles &prompt.root; ln -s s/tmp tmp &prompt.root; ln -s s/var var - + + + + As a last step, create a generic + /home/j/skel/etc/make.conf containing + this line: + + WRKDIRPREFIX?= /s/portbuild + + This makes it possible to compile &os; ports inside + each jail. Remember that the ports directory is part of + the read-only system. The custom path for + WRKDIRPREFIX allows builds to be done + in the read-write portion of every jail. + + + + + + Creating Jails - - As a last step, create a generic - /home/j/skel/etc/make.conf containing - this line: - - WRKDIRPREFIX?= /s/portbuild - - This - makes it possible to compile &os; ports inside - each jail. Remember that the ports directory is part of - the read-only system. The custom path for - WRKDIRPREFIX allows builds to be done - in the read-write portion of every jail. - - - - - - Creating Jails - - The jail template can now be used to - setup and configure the jails in - /etc/rc.conf. This example - demonstrates the creation of 3 jails: NS, - MAIL and WWW. - - - - Add the following lines to - /etc/fstab, so that the - read-only template for the jails and the read-write - space will be available in the respective jails: + The jail template can now be used to setup and configure + the jails in /etc/rc.conf. This example + demonstrates the creation of 3 jails: NS, + MAIL and WWW. + + + + Add the following lines to + /etc/fstab, so that the read-only + template for the jails and the read-write space will be + available in the respective jails: - /home/j/mroot /home/j/ns nullfs ro 0 0 + /home/j/mroot /home/j/ns nullfs ro 0 0 /home/j/mroot /home/j/mail nullfs ro 0 0 /home/j/mroot /home/j/www nullfs ro 0 0 /home/js/ns /home/j/ns/s nullfs rw 0 0 /home/js/mail /home/j/mail/s nullfs rw 0 0 /home/js/www /home/j/www/s nullfs rw 0 0 - To prevent - fsck from checking - nullfs mounts during boot and - dump from backing up the - read-only nullfs mounts of the jails, the last two - columns are both set to 0. - - - - Configure the jails in - /etc/rc.conf: + To prevent + fsck from checking + nullfs mounts during boot and + dump from backing up the + read-only nullfs mounts of the jails, the last two + columns are both set to 0. + + + + Configure the jails in + /etc/rc.conf: - jail_enable="YES" + jail_enable="YES" jail_set_hostname_allow="NO" jail_list="ns mail www" jail_ns_hostname="ns.example.org" @@ -760,167 +737,164 @@ jail_www_ip="62.123.43.14" jail_www_rootdir="/usr/home/j/www" jail_www_devfs_enable="YES" - The - jail_name_rootdir - variable is set to - /usr/home - instead of - /home because - the physical path of - /home - on a default &os; installation is - /usr/home. The - jail_name_rootdir - variable must not be set to a - path which includes a symbolic link, otherwise the - jails will refuse to start. - - - - Create the required mount points for the read-only - file system of each jail: - - &prompt.root; mkdir /home/j/ns /home/j/mail /home/j/www - - - - Install the read-write template into each jail using - sysutils/cpdup: + The + jail_name_rootdir + variable is set to + /usr/home instead + of /home because + the physical path of /home on a default &os; + installation is /usr/home. The + jail_name_rootdir + variable must not be set to a path + which includes a symbolic link, otherwise the jails will + refuse to start. + + + + Create the required mount points for the read-only + file system of each jail: + + &prompt.root; mkdir /home/j/ns /home/j/mail /home/j/www + + + + Install the read-write template into each jail using + sysutils/cpdup: - &prompt.root; mkdir /home/js + &prompt.root; mkdir /home/js &prompt.root; cpdup /home/j/skel /home/js/ns &prompt.root; cpdup /home/j/skel /home/js/mail &prompt.root; cpdup /home/j/skel /home/js/www - + - - In this phase, the jails are built and prepared to - run. First, mount the required file systems for each - jail, and then start them: + + In this phase, the jails are built and prepared to + run. First, mount the required file systems for each + jail, and then start them: - &prompt.root; mount -a + &prompt.root; mount -a &prompt.root; service jail start - - + + - The jails should be running now. To check if they have - started correctly, use jls. Its output - should be similar to the following: + The jails should be running now. To check if they have + started correctly, use jls. Its output + should be similar to the following: - &prompt.root; jls + &prompt.root; jls JID IP Address Hostname Path 3 192.168.3.17 ns.example.org /home/j/ns 2 192.168.3.18 mail.example.org /home/j/mail 1 62.123.43.14 www.example.org /home/j/www - At this point, it should be possible to log onto each - jail, add new users, or configure daemons. The - JID column indicates the jail - identification number of each running jail. Use the - following command to perform administrative tasks - in the jail whose JID is 3: - - &prompt.root; jexec 3 tcsh - - - - Upgrading - - The design of this setup - provides an easy way to upgrade existing jails while - minimizing their downtime. Also, it - provides a way to roll back to the older version should a - problem occur. - - - - The first step is to upgrade the host system. - Then, create a new temporary read-only - template in /home/j/mroot2. + At this point, it should be possible to log onto each + jail, add new users, or configure daemons. The + JID column indicates the jail + identification number of each running jail. Use the following + command to perform administrative tasks in the jail whose + JID is 3: + + &prompt.root; jexec 3 tcsh + + + + Upgrading + + The design of this setup provides an easy way to upgrade + existing jails while minimizing their downtime. Also, it + provides a way to roll back to the older version should a + problem occur. + + + + The first step is to upgrade the host system. Then, + create a new temporary read-only template in + /home/j/mroot2. - &prompt.root; mkdir /home/j/mroot2 + &prompt.root; mkdir /home/j/mroot2 &prompt.root; cd /usr/src &prompt.root; make installworld DESTDIR=/home/j/mroot2 &prompt.root; cd /home/j/mroot2 &prompt.root; cpdup /usr/src usr/src &prompt.root; mkdir s - The installworld - creates a few unnecessary directories, which should be - removed: + The installworld creates a + few unnecessary directories, which should be + removed: - &prompt.root; chflags -R 0 var + &prompt.root; chflags -R 0 var &prompt.root; rm -R etc var root usr/local tmp - + - - Recreate the read-write symlinks for the master file - system: + + Recreate the read-write symlinks for the master file + system: - &prompt.root; ln -s s/etc etc + &prompt.root; ln -s s/etc etc &prompt.root; ln -s s/root root &prompt.root; ln -s s/home home &prompt.root; ln -s ../s/usr-local usr/local &prompt.root; ln -s ../s/usr-X11R6 usr/X11R6 &prompt.root; ln -s s/tmp tmp &prompt.root; ln -s s/var var - + - - Next, stop the jails: + + Next, stop the jails: - &prompt.root; service jail stop - + &prompt.root; service jail stop + - - Unmount the original file systems as the read-write - systems are attached to the read-only system - (/s): + + Unmount the original file systems as the read-write + systems are attached to the read-only system + (/s): - &prompt.root; umount /home/j/ns/s + &prompt.root; umount /home/j/ns/s &prompt.root; umount /home/j/ns &prompt.root; umount /home/j/mail/s &prompt.root; umount /home/j/mail &prompt.root; umount /home/j/www/s &prompt.root; umount /home/j/www - + - - Move the old read-only file system and replace it - with the new one. This will serve as a backup and - archive of the old read-only file system should - something go wrong. The naming convention used here - corresponds to when a new read-only file system has been - created. Move the original &os; Ports Collection over - to the new file system to save some space and - inodes: + + Move the old read-only file system and replace it with + the new one. This will serve as a backup and archive of + the old read-only file system should something go wrong. + The naming convention used here corresponds to when a new + read-only file system has been created. Move the original + &os; Ports Collection over to the new file system to save + some space and inodes: - &prompt.root; cd /home/j + &prompt.root; cd /home/j &prompt.root; mv mroot mroot.20060601 &prompt.root; mv mroot2 mroot &prompt.root; mv mroot.20060601/usr/ports mroot/usr - + - - At this point the new read-only template is ready, - so the only remaining task is to remount the file - systems and start the jails: + + At this point the new read-only template is ready, so + the only remaining task is to remount the file systems and + start the jails: - &prompt.root; mount -a + &prompt.root; mount -a &prompt.root; service jail start - - + + - Use jls to check if the jails started correctly. - Run mergemaster in each jail to update the - configuration files. + Use jls to check if the jails started + correctly. Run mergemaster in each jail to *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Thu Apr 10 16:57:59 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0C6A2D30; Thu, 10 Apr 2014 16:57:59 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EB5061975; Thu, 10 Apr 2014 16:57:58 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3AGvwlA032767; Thu, 10 Apr 2014 16:57:58 GMT (envelope-from xmj@svn.freebsd.org) Received: (from xmj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3AGvvHX032760; Thu, 10 Apr 2014 16:57:57 GMT (envelope-from xmj@svn.freebsd.org) Message-Id: <201404101657.s3AGvvHX032760@svn.freebsd.org> From: Johannes Jost Meixner Date: Thu, 10 Apr 2014 16:57:57 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44519 - in head: en_US.ISO8859-1/articles/contributors share/pgpkeys share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Apr 2014 16:57:59 -0000 Author: xmj (ports committer) Date: Thu Apr 10 16:57:57 2014 New Revision: 44519 URL: http://svnweb.freebsd.org/changeset/doc/44519 Log: - Add my entity, insert myself as a developer, remove myself as additional contributor. - Add a news entry about me. - Add my PGP public key. Approved by: swills@ (mentor) Added: head/share/pgpkeys/xmj.key (contents, props changed) Modified: head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml head/share/pgpkeys/pgpkeys-developers.xml head/share/pgpkeys/pgpkeys.ent head/share/xml/authors.ent head/share/xml/news.xml Modified: head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Thu Apr 10 16:39:24 2014 (r44518) +++ head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Thu Apr 10 16:57:57 2014 (r44519) @@ -4864,11 +4864,6 @@ - Johannes Meixner - xmj@chaot.net - - - Johannes Stille Modified: head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Thu Apr 10 16:39:24 2014 (r44518) +++ head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Thu Apr 10 16:57:57 2014 (r44519) @@ -855,6 +855,10 @@ + &a.xmj.email; + + + &a.jmelo.email; Modified: head/share/pgpkeys/pgpkeys-developers.xml ============================================================================== --- head/share/pgpkeys/pgpkeys-developers.xml Thu Apr 10 16:39:24 2014 (r44518) +++ head/share/pgpkeys/pgpkeys-developers.xml Thu Apr 10 16:57:57 2014 (r44519) @@ -1256,6 +1256,11 @@ &pgpkey.tmclaugh; + + &a.xmj.email; + &pgpkey.xmj; + + &a.jmelo.email; &pgpkey.jmelo; Modified: head/share/pgpkeys/pgpkeys.ent ============================================================================== --- head/share/pgpkeys/pgpkeys.ent Thu Apr 10 16:39:24 2014 (r44518) +++ head/share/pgpkeys/pgpkeys.ent Thu Apr 10 16:57:57 2014 (r44519) @@ -444,6 +444,7 @@ + Added: head/share/pgpkeys/xmj.key ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/pgpkeys/xmj.key Thu Apr 10 16:57:57 2014 (r44519) @@ -0,0 +1,51 @@ + + + +uid Johannes Jost Meixner +sub 2048R/A9F0E3193C0C8867 2014-04-09 [expires: 2017-04-08] + +]]> + Modified: head/share/xml/authors.ent ============================================================================== --- head/share/xml/authors.ent Thu Apr 10 16:39:24 2014 (r44518) +++ head/share/xml/authors.ent Thu Apr 10 16:57:57 2014 (r44519) @@ -2226,6 +2226,9 @@ wylie@magnesium.net"> + +xmj@FreeBSD.org"> + xride@FreeBSD.org"> Modified: head/share/xml/news.xml ============================================================================== --- head/share/xml/news.xml Thu Apr 10 16:39:24 2014 (r44518) +++ head/share/xml/news.xml Thu Apr 10 16:57:57 2014 (r44519) @@ -31,6 +31,18 @@ 2014 + 4 + + + 7 + +

      New committer: + Johannes Jost Meixner (ports)

      + + + + + 3 From owner-svn-doc-all@FreeBSD.ORG Thu Apr 10 18:05:33 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B2CB6305; Thu, 10 Apr 2014 18:05:33 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 84ADD115E; Thu, 10 Apr 2014 18:05:33 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3AI5Xnw061346; Thu, 10 Apr 2014 18:05:33 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3AI5XFJ061345; Thu, 10 Apr 2014 18:05:33 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404101805.s3AI5XFJ061345@svn.freebsd.org> From: Dru Lavigne Date: Thu, 10 Apr 2014 18:05:33 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44520 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Apr 2014 18:05:33 -0000 Author: dru Date: Thu Apr 10 18:05:32 2014 New Revision: 44520 URL: http://svnweb.freebsd.org/changeset/doc/44520 Log: Editorial review of first 1/2 of OpenSSH chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu Apr 10 16:57:57 2014 (r44519) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu Apr 10 18:05:32 2014 (r44520) @@ -2437,8 +2437,8 @@ racoon_enable="yes" OpenSSH is a set of network - connectivity tools used to access remote machines securely. - Additionally, TCP/IP connections can be tunneled/forwarded + connectivity tools used to provide secure access to remote machines. + Additionally, TCP/IP connections can be tunneled or forwarded securely through SSH connections. OpenSSH encrypts all traffic to effectively eliminate eavesdropping, connection hijacking, and @@ -2456,6 +2456,11 @@ racoon_enable="yes" authentication and encryption methods to prevent this from happening. + This section describes how to use the built-in client + utilities to securely access other systems and securely transfer + files from a &os; system. It then describes how to configure a + SSH server on a &os; system. + Using the SSH Client Utilities @@ -2464,34 +2469,39 @@ racoon_enable="yes" client - To use &man.ssh.1; to connect to a system running - &man.sshd.8;, specify the username and host to log - into: + To log into a SSH server, use + ssh and specify a username that exists on + that server and the IP address or hostname + of the server. If this is the first time a connection has + been made to the specified server, the user will be prompted + to first verify the server's fingerprint: &prompt.root; ssh user@example.com -Host key not found from the list of known hosts. +The authenticity of host 'example.com (10.0.0.1)' can't be established. +ECDSA key fingerprint is 25:cc:73:b5:b3:96:75:3d:56:19:49:d2:5c:1f:91:3b. Are you sure you want to continue connecting (yes/no)? yes -Host 'example.com' added to the list of known hosts. -user@example.com's password: ******* +Permanently added 'example.com' (ECDSA) to the list of known hosts. +Password for user@example.com: user_password SSH utilizes a key fingerprint system to verify the authenticity of the server when the client - connects. The user is prompted to type - yes when connecting for the first time. + connects. When the user accepts the key's fingerprint by typing + yes when connecting for the first time, a + copy of the key is saved to + .ssh/known_hosts in the user's home directory. Future attempts to login are verified against the saved - fingerprint key and the &man.ssh.1; client will display an - alert if the saved fingerprint differs from the received - fingerprint on future login attempts. The fingerprints are - saved in ~/.ssh/known_hosts. - - By default, recent versions of &man.sshd.8; only accept - SSH v2 connections. The client will use - version 2 if possible and will fall back to version 1. The - client can also be forced to use one or the other by passing - it the or for version - 1 or version 2, respectively. The version 1 compatibility is - maintained in the client for backwards compatibility with - older versions. + key and ssh will display an + alert if the server's key does not match the saved key. If + this occurs, the user should first verify + why the key has changed before continuing with the + connection. + + By default, recent versions of OpenSSH only accept + SSHv2 connections. By default, the client will use + version 2 if possible and will fall back to version 1 if the + server does not support version 2. To + force ssh to only use the specified protocol, include + or . OpenSSH @@ -2501,128 +2511,122 @@ user@example.com's password: &man.scp.1; - Use &man.scp.1; to copy a file to or from a remote machine - in a secure fashion. + Use &man.scp.1; to securely copy a file to or from a remote machine. + This example copies COPYRIGHT on the + remote system to a file of the same name in the current + directory of the local system: &prompt.root; scp user@example.com:/COPYRIGHT COPYRIGHT -user@example.com's password: ******* +Password for user@example.com: ******* COPYRIGHT 100% |*****************************| 4735 00:00 &prompt.root; - Since the fingerprint was already saved for this host in - the previous example, it is verified when using &man.scp.1; - here. - - The arguments passed to &man.scp.1; are similar to - &man.cp.1;, with the file or files to copy in the first - argument, and the destination in the second. Since the file - is fetched over the network, through an - SSH, connection, one or more of the file + Since the fingerprint was already verified for this host, + the server's key is automatically checked before prompting for + the user's password. + + The arguments passed to scp are similar to + cp. The file or files to copy is the first + argument and the destination to copy to is the second. Since the file + is fetched over the network, one or more of the file arguments takes the form . Key-based Authentication - Instead of using passwords, &man.ssh-keygen.1; can be - used to generate DSA or - RSA keys to authenticate a user: + Instead of using passwords, a client can be configured + to connect to the remote machine + using keys instead of + passwords. To generate DSA or + RSA authentication keys, use + ssh-keygen. To generate a + public and private key pair, specify the type of key and + follow the prompts. It is recommended to protect the keys + with a memorable, but hard to guess passphrase. &prompt.user; ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/home/user/.ssh/id_dsa): Created directory '/home/user/.ssh'. -Enter passphrase (empty for no passphrase): -Enter same passphrase again: +Enter passphrase (empty for no passphrase): type some passphrase here which can contain spaces +Enter same passphrase again: type some passphrase here which can contain spaces Your identification has been saved in /home/user/.ssh/id_dsa. Your public key has been saved in /home/user/.ssh/id_dsa.pub. The key fingerprint is: bb:48:db:f2:93:57:80:b6:aa:bc:f5:d5:ba:8f:79:17 user@host.example.com - &man.ssh-keygen.1; will create a public and private key - pair for use in authentication. The private key is stored - in ~/.ssh/id_dsa or - ~/.ssh/id_rsa, whereas the public key - is stored in ~/.ssh/id_dsa.pub or - ~/.ssh/id_rsa.pub, respectively for the - DSA and RSA key types. - The public key must be placed in + Depending upon the specified protocol, the private key is stored + in ~/.ssh/id_dsa (or + ~/.ssh/id_rsa), and the public key + is stored in ~/.ssh/id_dsa.pub (or + ~/.ssh/id_rsa.pub). + The public key must be first copied to ~/.ssh/authorized_keys on the remote - machine for both RSA or - DSA keys in order for the setup to + machine in order for key-based authentication to work. - This setup allows connections to the remote machine - based upon SSH keys instead of - passwords. - Many users believe that keys are secure by design and will use a key without a passphrase. This is - dangerous behavior and the method an - administrator may use to verify keys have a passphrase is - to view the key manually. If the private key file - contains the word ENCRYPTED the key - owner is using a passphrase. While it may still be a weak - passphrase, at least if the system is compromised, access - to other sites will still require some level of password - guessing. In addition, to better secure end users, the + dangerous behavior. An + administrator can verify that a key pair is protected by a passphrase + by viewing the private key manually. If the private key file + contains the word ENCRYPTED, the key + owner is using a passphrase. In addition, to better secure end users, from may be placed in the public key file. For example, adding - from="192.168.10.5 in the front of + from="192.168.10.5" in the front of ssh-rsa or rsa-dsa prefix will only allow that specific user to login from - that host IP. + that IP address. - The various options and files can be different according to the OpenSSH version. To avoid problems, consult &man.ssh-keygen.1;. - - If a passphrase is used in &man.ssh-keygen.1;, the user - will be prompted for the passphrase each time in order to - use the private key. To load SSH keys - into memory for use, without needing to type the passphrase + If a passphrase is used, the user + will be prompted for the passphrase each time a connection + is made to the server. To load SSH keys + into memory, without needing to type the passphrase each time, use &man.ssh-agent.1; and &man.ssh-add.1;. - Authentication is handled by &man.ssh-agent.1;, using + Authentication is handled by ssh-agent, using the private key(s) that are loaded into it. Then, - &man.ssh-agent.1; should be used to launch another - application. At the most basic level, it could spawn a + ssh-agent should be used to launch another + application such as a shell or a window manager. - To use &man.ssh-agent.1; in a shell, start it with a + To use ssh-agent in a shell, start it with a shell as an argument. Next, add the identity by running - &man.ssh-add.1; and providing it the passphrase for the + ssh-add and providing it the passphrase for the private key. Once these steps have been completed, the user - will be able to &man.ssh.1; to any host that has the + will be able to ssh to any host that has the corresponding public key installed. For example: &prompt.user; ssh-agent csh &prompt.user; ssh-add -Enter passphrase for /home/user/.ssh/id_dsa: +Enter passphrase for /home/user/.ssh/id_dsa: type passphrase here Identity added: /home/user/.ssh/id_dsa (/home/user/.ssh/id_dsa) &prompt.user; - To use &man.ssh-agent.1; in - &xorg;, a call to - &man.ssh-agent.1; needs to be placed in + To use ssh-agent in + &xorg;, add an entry for it in ~/.xinitrc. This provides the - &man.ssh-agent.1; services to all programs launched in + ssh-agent services to all programs launched in &xorg;. An example ~/.xinitrc might look like this: exec ssh-agent startxfce4 - This launches &man.ssh-agent.1;, which in turn launches + This launches ssh-agent, which in turn launches XFCE, every time &xorg; starts. Once &xorg; has been restarted so that - the changes can take effect, run &man.ssh-add.1; to load all + the changes can take effect, run ssh-add to load all of the SSH keys. From owner-svn-doc-all@FreeBSD.ORG Thu Apr 10 19:09:17 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D39BDFDD; Thu, 10 Apr 2014 19:09:17 +0000 (UTC) Received: from dmz-mailsec-scanner-5.mit.edu (dmz-mailsec-scanner-5.mit.edu [18.7.68.34]) by mx1.freebsd.org (Postfix) with ESMTP id 1C1441827; Thu, 10 Apr 2014 19:09:16 +0000 (UTC) X-AuditID: 12074422-f79186d00000135a-2c-5346eb2af4ff Received: from mailhub-auth-3.mit.edu ( [18.9.21.43]) (using TLS with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-5.mit.edu (Symantec Messaging Gateway) with SMTP id 71.5C.04954.A2BE6435; Thu, 10 Apr 2014 15:04:10 -0400 (EDT) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-3.mit.edu (8.13.8/8.9.2) with ESMTP id s3AJ49pr023500; Thu, 10 Apr 2014 15:04:10 -0400 Received: from multics.mit.edu (system-low-sipb.mit.edu [18.187.2.37]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id s3AJ47eC021565 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Thu, 10 Apr 2014 15:04:09 -0400 Received: (from kaduk@localhost) by multics.mit.edu (8.12.9.20060308) id s3AJ46dL005515; Thu, 10 Apr 2014 15:04:06 -0400 (EDT) Date: Thu, 10 Apr 2014 15:04:06 -0400 (EDT) From: Benjamin Kaduk To: Dru Lavigne Subject: Re: svn commit: r44520 - head/en_US.ISO8859-1/books/handbook/security In-Reply-To: <201404101805.s3AI5XFJ061345@svn.freebsd.org> Message-ID: References: <201404101805.s3AI5XFJ061345@svn.freebsd.org> User-Agent: Alpine 1.10 (GSO 962 2008-03-14) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrEIsWRmVeSWpSXmKPExsUixCmqrav12i3Y4PUPJYsfHw8xWXQ1qVrc WLSfyWJ3fy+zA4vHjE/zWQIYo7hsUlJzMstSi/TtErgyOpYcZyuYJ1bx581z9gbGv4JdjJwc EgImEmcX/maFsMUkLtxbz9bFyMUhJDCbSaLj8VFWCGcjo8Sm31vYIZxDTBILP+6HKmtglHj4 6RMjSD+LgLbEknu9YLPYBFQkZr7ZyAZiiwgoSjz9uheshlkgSmLP0kawGmGBAIkzcxrYQWxO ASuJK72XwWp4BRwl7v3bCGYLCVhKnFqxhAnEFhXQkVi9fwoLRI2gxMmZT1ggZlpK/Fv7i3UC o+AsJKlZSFILGJlWMcqm5Fbp5iZm5hSnJusWJyfm5aUW6Zrq5WaW6KWmlG5iBAUtu4vSDsaf B5UOMQpwMCrx8B645BYsxJpYVlyZe4hRkoNJSZT323OgEF9SfkplRmJxRnxRaU5q8SFGCQ5m JRHe9FdAOd6UxMqq1KJ8mJQ0B4uSOO9ba6tgIYH0xJLU7NTUgtQimKwMB4eSBG8ySKNgUWp6 akVaZk4JQpqJgxNkOA/QcGuw4cUFibnFmekQ+VOMilLivGkgCQGQREZpHlwvLKm8YhQHekWY NwikigeYkOC6XwENZgIanGrnAjK4JBEhJdXAaOdnt6pyU1+/UEWpdejx/6rTLOdbni2bviVl Ld+R95FTRE3nbX3O1uKh8fa/xL79Dqpre+Z2RxyXVTrOMElkp2yrxZdL4g0MUion/gV1XwzR eRP+4vRFxorMXfmX7qo9jFz8rXvGI+OqF2xbEjgvZy1zC1dyuxT88KTXkR2hjz4e7ivd8F7U VImlOCPRUIu5qDgRAKCSR2QFAwAA Cc: svn-doc-head@freebsd.org, svn-doc-all@freebsd.org, doc-committers@freebsd.org X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Apr 2014 19:09:17 -0000 On Thu, 10 Apr 2014, Dru Lavigne wrote: > Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml > ============================================================================== > --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu Apr 10 16:57:57 2014 (r44519) > +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu Apr 10 18:05:32 2014 (r44520) > @@ -2464,34 +2469,39 @@ racoon_enable="yes" > client > > > - To use &man.ssh.1; to connect to a system running > - &man.sshd.8;, specify the username and host to log > - into: > + To log into a SSH server, use > + ssh and specify a username that exists on > + that server and the IP address or hostname > + of the server. If this is the first time a connection has > + been made to the specified server, the user will be prompted > + to first verify the server's fingerprint: There are a few cases where the user will not be prompted to verify the server's fingerprint on the first connection (and also some where the user will be prompted on not-the-first connection). They are probably uncommon enough that we don't need to document them, but for the record, the ones I can think of are: Successful GSSAPIKeyExchange will avoid the need for a prompt VerifyHostKeyDNS in ssh_config in combination with SSHFP records from DNSSEC can be configured to validate the key without prompting the user If there is a software upgrade on either client or server such that the negotiated key-exchange algorithm changes (e.g., from RSA to ECDSA), the user will be re-prompted for the new key, even though an old key for a different mechanism is saved. > + Since the fingerprint was already verified for this host, > + the server's key is automatically checked before prompting for > + the user's password. > + > + The arguments passed to scp are similar to > + cp. The file or files to copy is the first It is probably worth noting a glaring discrepancy between scp(1) and cp(1)'s arguments, here, namely with respect to recursive copies. scp takes -r, but cp takes -R. > + argument and the destination to copy to is the second. Since the file > + is fetched over the network, one or more of the file > arguments takes the form > . > [...] > + Instead of using passwords, a client can be configured > + to connect to the remote machine > + using keys instead of > + passwords. To generate DSA or "instead of [using] passwords" is duplicated in this sentence. -Ben From owner-svn-doc-all@FreeBSD.ORG Thu Apr 10 19:23:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 144456AF; Thu, 10 Apr 2014 19:23:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 009CF19A3; Thu, 10 Apr 2014 19:23:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3AJNfD1094594; Thu, 10 Apr 2014 19:23:41 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3AJNfZV094593; Thu, 10 Apr 2014 19:23:41 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404101923.s3AJNfZV094593@svn.freebsd.org> From: Dru Lavigne Date: Thu, 10 Apr 2014 19:23:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44521 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Apr 2014 19:23:42 -0000 Author: dru Date: Thu Apr 10 19:23:41 2014 New Revision: 44521 URL: http://svnweb.freebsd.org/changeset/doc/44521 Log: Fix redundant sentence. Also fix path and wording in ssh-agent example. Submitted by: bjk Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu Apr 10 18:05:32 2014 (r44520) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu Apr 10 19:23:41 2014 (r44521) @@ -2538,8 +2538,7 @@ COPYRIGHT 100% |************* Instead of using passwords, a client can be configured to connect to the remote machine - using keys instead of - passwords. To generate DSA or + using keys. To generate DSA or RSA authentication keys, use ssh-keygen. To generate a public and private key pair, specify the type of key and @@ -2609,8 +2608,8 @@ bb:48:db:f2:93:57:80:b6:aa:bc:f5:d5:ba:8 &prompt.user; ssh-agent csh &prompt.user; ssh-add -Enter passphrase for /home/user/.ssh/id_dsa: type passphrase here -Identity added: /home/user/.ssh/id_dsa (/home/user/.ssh/id_dsa) +Enter passphrase for key '/usr/home/user/.ssh/id_dsa': type passphrase here +Identity added: /usr/home/user/.ssh/id_dsa (/usr/home/user/.ssh/id_dsa) &prompt.user; To use ssh-agent in From owner-svn-doc-all@FreeBSD.ORG Thu Apr 10 20:02:15 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6F0A0CF4; Thu, 10 Apr 2014 20:02:15 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5BEE71D68; Thu, 10 Apr 2014 20:02:15 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3AK2FTA012023; Thu, 10 Apr 2014 20:02:15 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3AK2FwS012022; Thu, 10 Apr 2014 20:02:15 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404102002.s3AK2FwS012022@svn.freebsd.org> From: Gabor Pali Date: Thu, 10 Apr 2014 20:02:15 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44522 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Apr 2014 20:02:15 -0000 Author: pgj Date: Thu Apr 10 20:02:14 2014 New Revision: 44522 URL: http://svnweb.freebsd.org/changeset/doc/44522 Log: - Add 2014Q1 status report for core Submitted by: pgj Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Thu Apr 10 19:23:41 2014 (r44521) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Thu Apr 10 20:02:14 2014 (r44522) @@ -18,7 +18,7 @@

      Thanks to all the reporters for the excellent work! This report - contains 37 entries and we hope you enjoy reading it.

      + contains 38 entries and we hope you enjoy reading it.

      The deadline for submissions covering between April and June 2014 is July 7th, 2014.

      @@ -2300,4 +2300,64 @@ device vt_efifb
    + + + &os; Core Team + + + + &os; Core Team + core@FreeBSD.org + + + + +

    The &os; Core Team constitutes the project's Board of + Directors, responsible for deciding the project's overall + goals and direction as well as managing specific areas of the + &os; project landscape.

    + +

    The first quarter of 2014 was very active for the Core Team. + &a.jhb; and &a.theraven; kept coordinating the work required for + providing a newer version of X.Org for 9.x and 10.x systems. + Now, after that vt(4), a successor to + syscons(4) that offers a KMS-enabled console, has been + merged to both stable/9 and stable/10, an + alternative pkg(8) repository is in preparation for + wider testing. In addition to that, &a.jhb; published the + policy on licenses for new files and files with non-standard + licenses. Thanks to the efforts of &a.gavin;, &os; has again + made it into the Google Summer of Code program, for the tenth + time now. &a.theraven; reported that both libc++ and + libstdc++ can be now built as all the + standards-compliant implementations of the required numerical + functions have been added.

    + +

    The Core Team has conducted an annual review among the Project + teams and hats, where they had to declare if they are wishing to + continue their service. As a result, &a.flo; replaced &a.dhw; + in the lead role of the Postmaster Team, and &a.gjb; assumed the + head Release Engineer position from &a.kensmith;. The Core Team + congratulates to Florian and Glen, and thanks David and Ken for + their long-standing work.

    + +

    The Core Team approved chartering the Ports Security Team, + which is established to maintain security updates for the ported + applications. In coordination with the Port Management Team, + pkg_tools was eventually deprecated and tagged with an + End-of-Life date, in order to clear the way for pkg(8). + The Port Management Team also requested a way to make it + possible to track userland ABI and KBI changes reliably for the + Ports Collection. Ideally this can be achieved by increasing + the value of __FreeBSD_version on each fix, therefore + the corresponding discussion concluded in freezing the ABI note + tag for releases in order to keep the size of the binary patches + for freebsd-update(8) low. A related Errata Notice is + about to be published soon.

    + +

    There was only a single commit bit was taken for safekeeping, + we did not have new committers to the src/ repository in + this quarter.

    + +     From owner-svn-doc-all@FreeBSD.ORG Thu Apr 10 20:15:39 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 95F8D1D9; Thu, 10 Apr 2014 20:15:39 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 833941FC2; Thu, 10 Apr 2014 20:15:39 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3AKFdGV016535; Thu, 10 Apr 2014 20:15:39 GMT (envelope-from brd@svn.freebsd.org) Received: (from brd@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3AKFdWU016534; Thu, 10 Apr 2014 20:15:39 GMT (envelope-from brd@svn.freebsd.org) Message-Id: <201404102015.s3AKFdWU016534@svn.freebsd.org> From: Brad Davis Date: Thu, 10 Apr 2014 20:15:39 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44523 - head/en_US.ISO8859-1/books/handbook/ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Apr 2014 20:15:39 -0000 Author: brd Date: Thu Apr 10 20:15:39 2014 New Revision: 44523 URL: http://svnweb.freebsd.org/changeset/doc/44523 Log: - White space fix only. Translators can ignore. Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Thu Apr 10 20:02:14 2014 (r44522) +++ head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Thu Apr 10 20:15:39 2014 (r44523) @@ -1296,11 +1296,11 @@ The deinstallation will free 229 kB the upgrade. To determine if newer versions of installed ports are - available, ensure that the latest version of the ports tree - is installed, using the updating command described in either - Procedure 5.1 or Procedure 5.2. Then, run this command to - get a listing of the ports which are older than the currently - available version: + available, ensure that the latest version of the ports tree + is installed, using the updating command described in either + Procedure 5.1 or Procedure 5.2. Then, run this command to + get a listing of the ports which are older than the currently + available version: &prompt.root; pkg_version -l "<" From owner-svn-doc-all@FreeBSD.ORG Thu Apr 10 20:37:05 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C7168730; Thu, 10 Apr 2014 20:37:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 98AE311B5; Thu, 10 Apr 2014 20:37:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3AKb5Dw024906; Thu, 10 Apr 2014 20:37:05 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3AKb52d024905; Thu, 10 Apr 2014 20:37:05 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404102037.s3AKb52d024905@svn.freebsd.org> From: Dru Lavigne Date: Thu, 10 Apr 2014 20:37:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44524 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Apr 2014 20:37:05 -0000 Author: dru Date: Thu Apr 10 20:37:05 2014 New Revision: 44524 URL: http://svnweb.freebsd.org/changeset/doc/44524 Log: Finish editorial review of OpenSSH chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu Apr 10 20:15:39 2014 (r44523) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu Apr 10 20:37:05 2014 (r44524) @@ -2454,12 +2454,16 @@ racoon_enable="yes" steal user/password information or data transferred during the session. OpenSSH offers a variety of authentication and encryption methods to prevent this from - happening. + happening. More information about + OpenSSH is available from http://www.openssh.com/. - This section describes how to use the built-in client + This section provides an overview of the built-in client utilities to securely access other systems and securely transfer files from a &os; system. It then describes how to configure a - SSH server on a &os; system. + SSH server on a &os; system. More + information is available in the man pages mentioned in this + chapter. Using the SSH Client Utilities @@ -2501,7 +2505,8 @@ Password for user@example.com: ssh to only use the specified protocol, include - or . + or . Additional + options are described in &man.ssh.1;. OpenSSH @@ -2532,6 +2537,11 @@ COPYRIGHT 100% |************* is fetched over the network, one or more of the file arguments takes the form . + + To open an interactive session for copying files, use + sftp. Refer to &man.sftp.1; for a list of + available commands while in an sftp + session. Key-based Authentication @@ -2641,8 +2651,8 @@ Identity added: /usr/home/user/.ssh/id_d create a tunnel to encapsulate another protocol in an encrypted session. - The following command tells &man.ssh.1; to create a - tunnel for &man.telnet.1;: + The following command tells ssh to create a + tunnel for telnet: &prompt.user; ssh -2 -N -f -L 5023:localhost:23 user@foo.example.com &prompt.user; @@ -2654,7 +2664,7 @@ Identity added: /usr/home/user/.ssh/id_d - Forces &man.ssh.1; to use version 2 to connect to + Forces ssh to use version 2 to connect to the server. @@ -2664,7 +2674,7 @@ Identity added: /usr/home/user/.ssh/id_d Indicates no command, or tunnel only. If omitted, - &man.ssh.1; initiates a normal session. + ssh initiates a normal session. @@ -2672,7 +2682,7 @@ Identity added: /usr/home/user/.ssh/id_d - Forces &man.ssh.1; to run in the + Forces ssh to run in the background. @@ -2699,24 +2709,25 @@ Identity added: /usr/home/user/.ssh/id_d An SSH tunnel works by creating a listen socket on localhost on the - specified port. It then forwards any connections received - on the local host/port via the SSH - connection to the specified remote host and port. - - In the example, port 5023 on - localhost is forwarded to port - 23 on - localhost of the remote machine. - Since 23 is used by - &man.telnet.1;, this creates an encrypted &man.telnet.1; + specified localport. It then forwards any connections received + on localport via the SSH + connection to the specified remotehost:remoteport. + In the example, port 5023 on + the client is forwarded to port + 23 on + the remote machine. + Since port 23 is used by + telnet, this creates an encrypted telnet session through an SSH tunnel. - This can be used to wrap any number of insecure TCP - protocols such as SMTP, POP3, and FTP. + This method can be used to wrap any number of insecure TCP + protocols such as SMTP, + POP3, and FTP, as seen + in the following examples. - Using &man.ssh.1; to Create a Secure Tunnel for - SMTP + Create a Secure Tunnel for + <acronym>SMTP</acronym> &prompt.user; ssh -2 -N -f -L 5025:localhost:25 user@mailserver.example.com user@mailserver.example.com's password: ***** @@ -2727,7 +2738,7 @@ Escape character is '^]'. 220 mailserver.example.com ESMTP This can be used in conjunction with - &man.ssh-keygen.1; and additional user accounts to create + ssh-keygen and additional user accounts to create a more seamless SSH tunneling environment. Keys can be used in place of typing a password, and the tunnels can be run as a separate @@ -2735,39 +2746,39 @@ Escape character is '^]'. - Secure Access of a POP3 Server + Secure Access of a <acronym>POP3</acronym> Server In this example, there is an SSH server that accepts connections from the outside. On the - same network resides a mail server running a POP3 server. + same network resides a mail server running a POP3 server. To check email in a secure manner, create an SSH connection to the - SSH server, and tunnel through to the - mail server. + SSH server and tunnel through to the + mail server: &prompt.user; ssh -2 -N -f -L 2110:mail.example.com:110 user@ssh-server.example.com user@ssh-server.example.com's password: ****** Once the tunnel is up and running, point the email - client to send POP3 requests to + client to send POP3 requests to localhost on port 2110. This connection will be forwarded securely across the tunnel to mail.example.com. - Bypassing a Draconian Firewall + Bypassing a Firewall - Some network administrators impose firewall rules - which filter both incoming and outgoing connections. For - example, it might limit access from remote machines to - ports 22 and 80 to only allow &man.ssh.1; and web surfing. + Some firewalls + filter both incoming and outgoing connections. For + example, a firewall might limit access from remote machines to + ports 22 and 80 to only allow SSH and web surfing. This prevents access to any other service which uses a port other than 22 or 80. The solution is to create an SSH connection to a machine outside of the network's firewall - and use it to tunnel to the desired service. + and use it to tunnel to the desired service: &prompt.user; ssh -2 -N -f -L 8888:music.example.com:8000 user@unfirewalled-system.example.org user@unfirewalled-system.example.org's password: ******* @@ -2789,21 +2800,39 @@ user@unfirewalled-system.example.org's p enabling - To see if &man.sshd.8; is enabled, check - /etc/rc.conf for this line: + In addition to providing built-in SSH + client utilities, a &os; system can be configured as an + SSH server, accepting connections from + other SSH clients. + + To see if sshd is enabled, check + /etc/rc.conf for this line and add it if + it is missing: sshd_enable="YES" - This will start &man.sshd.8;, the daemon program for + This will start sshd, the daemon program for OpenSSH, the next time the system - initializes. Alternatively, it is possible to use - &man.service.8; to start OpenSSH + boots. To start it now: &prompt.root; service sshd start - It is often a good idea to limit which users can log in - and from where using AllowUsers. For + The first time sshd starts on a + &os; system, the system's host keys will be automatically + created and the fingerprint will be displayed on the console. + Provide users with the fingerprint so that they can verify it + the first time they connect to the server. + + Refer to &man.sshd.8; for the list of available options + when starting sshd and a more + complete discussion about authentication, the login process, + and the various configuration files. + + It is a good idea to limit which users can log into the + SSH server + and from where using the AllowUsers keyword + in the OpenSSH server configuration file. For example, to only allow root to log in from 192.168.1.32, add @@ -2812,7 +2841,8 @@ user@unfirewalled-system.example.org's p AllowUsers root@192.168.1.32 To allow admin - to log in from anywhere, list that username by itself: + to log in from anywhere, list that user without specifying an + IP address: AllowUsers admin @@ -2820,50 +2850,32 @@ user@unfirewalled-system.example.org's p so: AllowUsers root@192.168.1.32 admin - - - It is important to list each user that needs to log into - this machine; otherwise, they will be locked out. - - After making changes to - /etc/ssh/sshd_config, tell &man.sshd.8; + /etc/ssh/sshd_config, tell sshd to reload its configuration file by running: &prompt.root; service sshd reload - - - Configuration - - - OpenSSH - configuration - - - The system-wide configuration files for both the - OpenSSH daemon and client reside - in /etc/ssh. - - ssh_config configures the client - settings, while sshd_config configures - the daemon. Each file has its own manual page which describes - the available configuration options. - - - - Further Reading - - The OpenSSH - website. - - &man.ssh.1;, &man.scp.1;, &man.ssh-keygen.1;, - &man.ssh-agent.1;, &man.ssh-add.1;, and &man.ssh.config.5; for - client options. + + When this keyword is used, it is important to list each user that needs to log into + this machine. Any user that is not specified in that line will be locked out. Also, the + keywords used in the OpenSSH + server configuration file are case-sensitive. If the + keyword is not spelled correctly, including its case, it will + be ignored. Always test changes to this file to make sure + that the edits are working as expected. Refer to + &man.sshd.config.5; to verify the spelling and use of the + available keywords. + - &man.sshd.8;, &man.sftp-server.8;, and &man.sshd.config.5; - for server options. + + Don't confuse /etc/ssh/sshd_config + with /etc/ssh/ssh_config (note the extra + d in the first filename). The first file + configures the server and the second file configures the + client. Refer to &man.ssh.config.5; for a listing of the + available client settings,. + From owner-svn-doc-all@FreeBSD.ORG Thu Apr 10 20:52:24 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4184FFB0; Thu, 10 Apr 2014 20:52:24 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2C7A31392; Thu, 10 Apr 2014 20:52:24 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3AKqODv032801; Thu, 10 Apr 2014 20:52:24 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3AKqOM0032800; Thu, 10 Apr 2014 20:52:24 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404102052.s3AKqOM0032800@svn.freebsd.org> From: Dru Lavigne Date: Thu, 10 Apr 2014 20:52:24 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44525 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Apr 2014 20:52:24 -0000 Author: dru Date: Thu Apr 10 20:52:23 2014 New Revision: 44525 URL: http://svnweb.freebsd.org/changeset/doc/44525 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu Apr 10 20:37:05 2014 (r44524) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu Apr 10 20:52:23 2014 (r44525) @@ -2437,9 +2437,10 @@ racoon_enable="yes" OpenSSH is a set of network - connectivity tools used to provide secure access to remote machines. - Additionally, TCP/IP connections can be tunneled or forwarded - securely through SSH connections. + connectivity tools used to provide secure access to remote + machines. Additionally, TCP/IP connections + can be tunneled or forwarded securely through + SSH connections. OpenSSH encrypts all traffic to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks. @@ -2473,9 +2474,9 @@ racoon_enable="yes" client - To log into a SSH server, use + To log into a SSH server, use ssh and specify a username that exists on - that server and the IP address or hostname + that server and the IP address or hostname of the server. If this is the first time a connection has been made to the specified server, the user will be prompted to first verify the server's fingerprint: @@ -2489,24 +2490,24 @@ Password for user@example.com: SSH utilizes a key fingerprint system to verify the authenticity of the server when the client - connects. When the user accepts the key's fingerprint by typing - yes when connecting for the first time, a - copy of the key is saved to - .ssh/known_hosts in the user's home directory. - Future attempts to login are verified against the saved - key and ssh will display an - alert if the server's key does not match the saved key. If - this occurs, the user should first verify - why the key has changed before continuing with the - connection. - - By default, recent versions of OpenSSH only accept - SSHv2 connections. By default, the client will use - version 2 if possible and will fall back to version 1 if the - server does not support version 2. To - force ssh to only use the specified protocol, include - or . Additional - options are described in &man.ssh.1;. + connects. When the user accepts the key's fingerprint by + typing yes when connecting for the first + time, a copy of the key is saved to + .ssh/known_hosts in the user's home + directory. Future attempts to login are verified against the + saved key and ssh will display an alert if + the server's key does not match the saved key. If this + occurs, the user should first verify why the key has changed + before continuing with the connection. + + By default, recent versions of + OpenSSH only accept + SSHv2 connections. By default, the client + will use version 2 if possible and will fall back to version 1 + if the server does not support version 2. To force + ssh to only use the specified protocol, + include or . + Additional options are described in &man.ssh.1;. OpenSSH @@ -2516,10 +2517,11 @@ Password for user@example.com: &man.scp.1; - Use &man.scp.1; to securely copy a file to or from a remote machine. - This example copies COPYRIGHT on the - remote system to a file of the same name in the current - directory of the local system: + Use &man.scp.1; to securely copy a file to or from a + remote machine. This example copies + COPYRIGHT on the remote system to a file + of the same name in the current directory of the local + system: &prompt.root; scp user@example.com:/COPYRIGHT COPYRIGHT Password for user@example.com: ******* @@ -2531,13 +2533,13 @@ COPYRIGHT 100% |************* the server's key is automatically checked before prompting for the user's password. - The arguments passed to scp are similar to - cp. The file or files to copy is the first - argument and the destination to copy to is the second. Since the file - is fetched over the network, one or more of the file - arguments takes the form + The arguments passed to scp are similar + to cp. The file or files to copy is the + first argument and the destination to copy to is the second. + Since the file is fetched over the network, one or more of the + file arguments takes the form . - + To open an interactive session for copying files, use sftp. Refer to &man.sftp.1; for a list of available commands while in an sftp @@ -2546,14 +2548,14 @@ COPYRIGHT 100% |************* Key-based Authentication - Instead of using passwords, a client can be configured - to connect to the remote machine - using keys. To generate DSA or - RSA authentication keys, use - ssh-keygen. To generate a - public and private key pair, specify the type of key and - follow the prompts. It is recommended to protect the keys - with a memorable, but hard to guess passphrase. + Instead of using passwords, a client can be configured + to connect to the remote machine using keys. To generate + DSA or RSA + authentication keys, use ssh-keygen. To + generate a public and private key pair, specify the type of + key and follow the prompts. It is recommended to protect + the keys with a memorable, but hard to guess + passphrase. &prompt.user; ssh-keygen -t dsa Generating public/private dsa key pair. @@ -2566,12 +2568,12 @@ Your public key has been saved in /home/ The key fingerprint is: bb:48:db:f2:93:57:80:b6:aa:bc:f5:d5:ba:8f:79:17 user@host.example.com - Depending upon the specified protocol, the private key is stored - in ~/.ssh/id_dsa (or + Depending upon the specified protocol, the private key + is stored in ~/.ssh/id_dsa (or ~/.ssh/id_rsa), and the public key is stored in ~/.ssh/id_dsa.pub (or - ~/.ssh/id_rsa.pub). - The public key must be first copied to + ~/.ssh/id_rsa.pub). The + public key must be first copied to ~/.ssh/authorized_keys on the remote machine in order for key-based authentication to work. @@ -2580,10 +2582,11 @@ bb:48:db:f2:93:57:80:b6:aa:bc:f5:d5:ba:8 Many users believe that keys are secure by design and will use a key without a passphrase. This is dangerous behavior. An - administrator can verify that a key pair is protected by a passphrase - by viewing the private key manually. If the private key file - contains the word ENCRYPTED, the key - owner is using a passphrase. In addition, to better secure end users, + administrator can verify that a key pair is protected by a + passphrase by viewing the private key manually. If the + private key file contains the word + ENCRYPTED, the key owner is using a + passphrase. In addition, to better secure end users, from may be placed in the public key file. For example, adding from="192.168.10.5" in the front of @@ -2592,29 +2595,29 @@ bb:48:db:f2:93:57:80:b6:aa:bc:f5:d5:ba:8 that IP address. - The various options and files can be different - according to the OpenSSH - version. To avoid problems, consult - &man.ssh-keygen.1;. - - If a passphrase is used, the user - will be prompted for the passphrase each time a connection - is made to the server. To load SSH keys - into memory, without needing to type the passphrase - each time, use &man.ssh-agent.1; and &man.ssh-add.1;. - - Authentication is handled by ssh-agent, using - the private key(s) that are loaded into it. Then, - ssh-agent should be used to launch another - application such as a + The various options and files can be different + according to the OpenSSH version. + To avoid problems, consult &man.ssh-keygen.1;. + + If a passphrase is used, the user will be prompted for + the passphrase each time a connection is made to the server. + To load SSH keys into memory, without + needing to type the passphrase each time, use + &man.ssh-agent.1; and &man.ssh-add.1;. + + Authentication is handled by + ssh-agent, using the private key(s) that + are loaded into it. Then, ssh-agent + should be used to launch another application such as a shell or a window manager. - To use ssh-agent in a shell, start it with a - shell as an argument. Next, add the identity by running - ssh-add and providing it the passphrase for the - private key. Once these steps have been completed, the user - will be able to ssh to any host that has the - corresponding public key installed. For example: + To use ssh-agent in a shell, start it + with a shell as an argument. Next, add the identity by + running ssh-add and providing it the + passphrase for the private key. Once these steps have been + completed, the user will be able to ssh + to any host that has the corresponding public key installed. + For example: &prompt.user; ssh-agent csh &prompt.user; ssh-add @@ -2625,18 +2628,18 @@ Identity added: /usr/home/user/.ssh/id_d To use ssh-agent in &xorg;, add an entry for it in ~/.xinitrc. This provides the - ssh-agent services to all programs launched in - &xorg;. An example + ssh-agent services to all programs + launched in &xorg;. An example ~/.xinitrc might look like this: exec ssh-agent startxfce4 - This launches ssh-agent, which in turn launches - XFCE, every time + This launches ssh-agent, which in + turn launches XFCE, every time &xorg; starts. Once &xorg; has been restarted so that - the changes can take effect, run ssh-add to load all - of the SSH keys. + the changes can take effect, run ssh-add + to load all of the SSH keys. @@ -2651,8 +2654,9 @@ Identity added: /usr/home/user/.ssh/id_d create a tunnel to encapsulate another protocol in an encrypted session. - The following command tells ssh to create a - tunnel for telnet: + The following command tells ssh to + create a tunnel for + telnet: &prompt.user; ssh -2 -N -f -L 5023:localhost:23 user@foo.example.com &prompt.user; @@ -2664,8 +2668,8 @@ Identity added: /usr/home/user/.ssh/id_d - Forces ssh to use version 2 to connect to - the server. + Forces ssh to use version 2 to + connect to the server. @@ -2674,7 +2678,8 @@ Identity added: /usr/home/user/.ssh/id_d Indicates no command, or tunnel only. If omitted, - ssh initiates a normal session. + ssh initiates a normal + session. @@ -2709,21 +2714,21 @@ Identity added: /usr/home/user/.ssh/id_d An SSH tunnel works by creating a listen socket on localhost on the - specified localport. It then forwards any connections received - on localport via the SSH - connection to the specified remotehost:remoteport. - In the example, port 5023 on - the client is forwarded to port - 23 on - the remote machine. - Since port 23 is used by - telnet, this creates an encrypted telnet + specified localport. It then forwards + any connections received on localport via + the SSH connection to the specified + remotehost:remoteport. In the example, + port 5023 on the client is forwarded to + port 23 on the remote machine. Since + port 23 is used by telnet, this + creates an encrypted telnet session through an SSH tunnel. - This method can be used to wrap any number of insecure TCP - protocols such as SMTP, - POP3, and FTP, as seen - in the following examples. + This method can be used to wrap any number of insecure + TCP protocols such as + SMTP, POP3, and + FTP, as seen in the following + examples. Create a Secure Tunnel for @@ -2738,23 +2743,24 @@ Escape character is '^]'. 220 mailserver.example.com ESMTP</screen> <para>This can be used in conjunction with - <command>ssh-keygen</command> and additional user accounts to create - a more seamless <acronym>SSH</acronym> tunneling + <command>ssh-keygen</command> and additional user accounts + to create a more seamless <acronym>SSH</acronym> tunneling environment. Keys can be used in place of typing a password, and the tunnels can be run as a separate user.</para> </example> <example> - <title>Secure Access of a <acronym>POP3</acronym> Server + Secure Access of a <acronym>POP3</acronym> + Server In this example, there is an SSH server that accepts connections from the outside. On the - same network resides a mail server running a POP3 server. - To check email in a secure manner, create an - SSH connection to the - SSH server and tunnel through to the - mail server: + same network resides a mail server running a + POP3 server. To check email in a + secure manner, create an SSH connection + to the SSH server and tunnel through to + the mail server: &prompt.user; ssh -2 -N -f -L 2110:mail.example.com:110 user@ssh-server.example.com user@ssh-server.example.com's password: ****** @@ -2771,10 +2777,11 @@ user@ssh-server.example.com's password: Some firewalls filter both incoming and outgoing connections. For - example, a firewall might limit access from remote machines to - ports 22 and 80 to only allow SSH and web surfing. - This prevents access to any other service which uses a - port other than 22 or 80. + example, a firewall might limit access from remote + machines to ports 22 and 80 to only allow + SSH and web surfing. This prevents + access to any other service which uses a port other than + 22 or 80. The solution is to create an SSH connection to a machine outside of the network's firewall @@ -2805,16 +2812,15 @@ user@unfirewalled-system.example.org's p SSH server, accepting connections from other SSH clients. - To see if sshd is enabled, check - /etc/rc.conf for this line and add it if - it is missing: + To see if sshd is enabled, + check /etc/rc.conf for this line and add + it if it is missing: sshd_enable="YES" - This will start sshd, the daemon program for - OpenSSH, the next time the system - boots. To start it - now: + This will start sshd, the + daemon program for OpenSSH, the + next time the system boots. To start it now: &prompt.root; service sshd start @@ -2830,10 +2836,10 @@ user@unfirewalled-system.example.org's p and the various configuration files. It is a good idea to limit which users can log into the - SSH server - and from where using the AllowUsers keyword - in the OpenSSH server configuration file. For - example, to only allow SSH server and from where using the + AllowUsers keyword in the + OpenSSH server configuration file. + For example, to only allow root to log in from 192.168.1.32, add this line to /etc/ssh/sshd_config: @@ -2850,31 +2856,34 @@ user@unfirewalled-system.example.org's p so: AllowUsers root@192.168.1.32 admin + After making changes to - /etc/ssh/sshd_config, tell sshd - to reload its configuration file by running: + /etc/ssh/sshd_config, + tell sshd to reload its + configuration file by running: &prompt.root; service sshd reload - When this keyword is used, it is important to list each user that needs to log into - this machine. Any user that is not specified in that line will be locked out. Also, the + When this keyword is used, it is important to list each + user that needs to log into this machine. Any user that is + not specified in that line will be locked out. Also, the keywords used in the OpenSSH server configuration file are case-sensitive. If the - keyword is not spelled correctly, including its case, it will - be ignored. Always test changes to this file to make sure - that the edits are working as expected. Refer to + keyword is not spelled correctly, including its case, it + will be ignored. Always test changes to this file to make + sure that the edits are working as expected. Refer to &man.sshd.config.5; to verify the spelling and use of the available keywords. Don't confuse /etc/ssh/sshd_config - with /etc/ssh/ssh_config (note the extra - d in the first filename). The first file - configures the server and the second file configures the - client. Refer to &man.ssh.config.5; for a listing of the - available client settings,. + with /etc/ssh/ssh_config (note the + extra d in the first filename). The + first file configures the server and the second file + configures the client. Refer to &man.ssh.config.5; for a + listing of the available client settings,. From owner-svn-doc-all@FreeBSD.ORG Thu Apr 10 22:40:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 68A3280B; Thu, 10 Apr 2014 22:40:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 554881D11; Thu, 10 Apr 2014 22:40:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3AMegQ6079271; Thu, 10 Apr 2014 22:40:42 GMT (envelope-from brd@svn.freebsd.org) Received: (from brd@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3AMegKL079270; Thu, 10 Apr 2014 22:40:42 GMT (envelope-from brd@svn.freebsd.org) Message-Id: <201404102240.s3AMegKL079270@svn.freebsd.org> From: Brad Davis Date: Thu, 10 Apr 2014 22:40:42 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44526 - head/en_US.ISO8859-1/books/handbook/ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Apr 2014 22:40:42 -0000 Author: brd Date: Thu Apr 10 22:40:41 2014 New Revision: 44526 URL: http://svnweb.freebsd.org/changeset/doc/44526 Log: - Add the pkgng verison of listing out of date ports. Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Thu Apr 10 20:52:23 2014 (r44525) +++ head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Thu Apr 10 22:40:41 2014 (r44526) @@ -1298,9 +1298,16 @@ The deinstallation will free 229 kB To determine if newer versions of installed ports are available, ensure that the latest version of the ports tree is installed, using the updating command described in either - Procedure 5.1 or Procedure 5.2. Then, run this command to - get a listing of the ports which are older than the currently - available version: + Procedure 5.1 or Procedure 5.2. On &os; 10 and later, or if + the system has been converted to + pkgng, the following command will + list the installed ports which are out of date: + + &prompt.root; pkg version -l "<" + + For &os; 9.X and lower, the + following command will list the installed ports that are out + of date: &prompt.root; pkg_version -l "<" From owner-svn-doc-all@FreeBSD.ORG Fri Apr 11 01:25:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5F28BEFB; Fri, 11 Apr 2014 01:25:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3E20F1C73; Fri, 11 Apr 2014 01:25:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3B1PNLX047593; Fri, 11 Apr 2014 01:25:23 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3B1PNsR047592; Fri, 11 Apr 2014 01:25:23 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404110125.s3B1PNsR047592@svn.freebsd.org> From: Warren Block Date: Fri, 11 Apr 2014 01:25:23 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44527 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Apr 2014 01:25:23 -0000 Author: wblock Date: Fri Apr 11 01:25:22 2014 New Revision: 44527 URL: http://svnweb.freebsd.org/changeset/doc/44527 Log: Clarity, punctuation, and spelling fixes. Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Thu Apr 10 22:40:41 2014 (r44526) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Fri Apr 11 01:25:22 2014 (r44527) @@ -131,8 +131,8 @@ If you feel comfortable with large source trees, you can try to build the Git version of Chromium on &os;. If you are also - comfortable with signing Googles Contributor License Agreement, - you can join testing and submitting patches upstream. + comfortable with signing Google's Contributor License Agreement, + you can join in testing and submitting patches upstream. @@ -195,7 +195,7 @@

    The remaining section is the FAQ. To help users address the most common problems they might run into with ZFS. It would be useful to hear experiences, questions, misconceptions, gotchas, - stumbling blocks and suggestions for the FAQ section from other + stumbling blocks, and suggestions for the FAQ section from other users. Also, a use cases section that highlights some of the cases where ZFS provides advantages over traditional file systems.

    @@ -358,8 +358,8 @@

    Xfce is a free software desktop environment for Unix and Unix-like platforms, such as &os;. It aims to be fast and lightweight, while still being visually appealing and easy to - use. The Xfce team continues to keep up-to-date each piece of - the Xfce Desktop.

    + use. The Xfce team continues to keep each piece of + the Xfce Desktop up to date.

    The latest commits concerned:

    @@ -407,7 +407,7 @@ Add support of DragonFly for xfce4-taskmanger. - Finish to replace Tango icons theme by GNOME, in order to + Finish replacing Tango icon theme with GNOME, in order to close ports/183690 (see links, it remains Midori). @@ -438,7 +438,7 @@ will present multiple Virtual PCI Functions (VF) on the PCI bus. These VFs are fully independent PCI devices that have access to the resources of the PF. For example, on a network - interface card VFs could transmit and receive packets + interface card, VFs could transmit and receive packets independent of the PF.

    The most obvious use case for SR-IOV is virtualization. A @@ -465,7 +465,7 @@

    At present, ixgbe(4) is able to create VFs and the ixgbevf driver is able to pass traffic. There is still - a fair amount of work to support VLAN tags, multicast addresses + a fair amount of work to support VLAN tags, multicast addresses, and other features on the VFs. Also, the VF configuration needs to be better integrated with the PF initialization path to ensure that resets of the PF do not interrupt operation of the @@ -633,7 +633,7 @@ in libvirt-ready applications without major efforts.

    Currently, libvirt supports almost all essential features of - bhyve, such as Virtual Machince lifecycle (start, stop), bridged + bhyve, such as Virtual Machine lifecycle (start, stop), bridged networking, and virtio/SATA driver support. The work continues to implement more API calls and to cover more of features offered by bhyve.

    @@ -716,9 +716,9 @@ default, &os; already uses the ARM EABI on all releases from 10.0.

    -

    This is important for users of &os;/arm with an ARMv6 or ARMv7 - SoC and who use code that makes use of floating-point - operations. It removes the need for the slow software +

    This is important for &os;/arm users running code with + floating-point operations on ARMv6 or ARMv7 SoC systems. + It removes the need for the slow software floating-point support in libc. This is mostly compatible with the existing ABI, with the exception of how floating-point values are passed into functions. Because no @@ -726,8 +726,8 @@ armv6 and armv6hf kernels will work with either userland.

    -

    As part of this, some support functions have been updated to - use the VFP unit when available. It is intended the existing +

    As part of this change, some support functions have been updated to + use the VFP unit when available. The existing armv6 target architecture will be kept for cases where the SoC lacks a VFP unit, or existing binaries that are incompatible with the new ABI.

    @@ -758,22 +758,22 @@ -

    The current Linux emulation layer relies on using a Linux base +

    The Linux emulation layer relies on a Linux base distribution along with Linux ports of relevant non-base - software. Fedora 10 has been imported in 2006, and it shows + software. Fedora 10 was imported in 2006, and it shows — current Linux software like Skype 4, Sublime Text 2, or even modern games fail to run with the provided libraries.

    -

    CentOS 6.5 has been released in December 2013 and will be - supported until 2017, thus making it an ideal basis for an +

    CentOS 6.5 was released in December 2013 and will be + supported until 2017, making it an ideal basis for an update to the ports infrastructure. Built upon the work of - Carlos Jacobo Puga Medina, all ports using Linux has been + Carlos Jacobo Puga Medina, all ports using Linux have been updated to work with either Fedora 10 or CentOS 6.5.

    The goal of this project is to make CentOS 6.5 the default Linux distribution, so that &os; users can enjoy running modern - Linux binaries without having to resort to proper virtualization - la VirtualBox, or even dual-booting.

    + Linux binaries without having to resort to virtualization + à la VirtualBox, or even dual-booting.

    Goldener Grund O @@ -991,7 +991,7 @@ They have been providing the KDE/&os; team with support for quite a long time and we are very grateful for that.

    -

    A major change has been the depreciation of the KDE3 ports and +

    A major change has been the deprecation of the KDE3 ports and the move of the KDE4_PREFIX to LOCALBASE. Also, work on Qt5 continues to maturity. &a.rakuco; has been working with upstream to ensure Baloo (Nepomuk successor in KDE @@ -1144,7 +1144,7 @@ -

    Jenkins is a framework that is used by many companies and open +

    Jenkins is a framework used by many companies and open source projects for Continuous Integration (CI). CI allows developers to commit code to a Source Code Management (SCM) system such as Subversion, and then have automated programs @@ -1159,9 +1159,9 @@ jenkins-9.FreeBSD.org and jenkins-10.FreeBSD.org. He set up software builds of head and several stable branches on these - machines. The status of these builds is visible via a web - interface which is accessible via jenkins.FreeBSD.org. - When any of these builds fail, emails are sent to + machines. The status of these builds is visible on a web + interface accessible at jenkins.FreeBSD.org. + When any of the builds fail, emails are sent to freebsd-current or freebsd-stable. Emails are also sent directly to the list of people who recently committed code to Subversion since the last successful build.

    @@ -1175,11 +1175,11 @@ randomly crash. Disabling the vm.pmap.pcid_enabled sysctl(3) variable seemed to fix the problem. In kern/187238, Henrik Gulbrandsen submitted fixes to the - &os; VM to address this problem. &a.kib; committed these fixes - to head. These fixes are being tested now.

    + &os; VM to address this problem. &a.kib; committed the fixes + to head, where they are being tested now.

    -

    During the setup of the bhyve VM's which run Jenkins processes, - &a.rodrigc; wrote scripts to start bhyve VM's from the +

    During the setup of the bhyve VMs which run Jenkins processes, + &a.rodrigc; wrote scripts to start bhyve VMs from the rc.d bootup scripts, which were then published at GitHub.

    @@ -1213,8 +1213,8 @@
  • &a.skreuzer; has experience administering Jenkins systems. He set up several builds on jenkins.FreeBSD.org, including a Jenkins build of the &os; documentation. He is - looking into automatic provisioning of VM's running Jenkins in - the &os; cluster using Ansible.
    • + looking into using Ansible for automatic provisioning of VMs running Jenkins in + the &os; cluster.
  • &a.rodrigc; will be running a Continuous Testing working group at the &os; Devsummit in Ottawa on May 15, 2014. @@ -1248,7 +1248,7 @@ Set up more Jenkins builds of the &os; ports repository on different &os; versions. - Integrate with Kyua, so that Jenkins can run Kyua tests, and + Integrate with Kyua, so that Jenkins can run Kyua tests and report the results directly in the native Jenkins web UI where test results are reported. @@ -1492,9 +1492,9 @@ device vt_efifb engine, which can be integrated with cloud orchestration systems like OpenStack or CloudStack.

    -

    This work goal is to enable &os; as a fully supported compute +

    The goal of this work is to make &os; a fully supported compute host for OpenStack using OpenContrail virtualized networking. The - main areas of development are the following:

    + main areas of development are:

    • Libvirt hypervisor driver for bhyve.
      • @@ -1511,7 +1511,7 @@ device vt_efifb
    • Integration, performance optimization.
    -

    The current state of the development allows for a working demo +

    The current state of development allows for a working demo of OpenStack with compute node component running on a &os; host:

    @@ -1524,7 +1524,7 @@ device vt_efifb
  • QEMU might also be used instead of bhyve this way.
    • -
  • The main goal on the networking side is to use OpenContrail +
  • The main goal on the networking side is to use the OpenContrail solution, compliant with the modern OpenStack networking API ("neutron").
    • @@ -1621,7 +1621,7 @@ device vt_efifb
  • Texas Instruments OMAP4
    • -

    We do plan to merge this work to stable/10 in time for +

    We plan to merge this work to stable/10 in time for 10.1-RELEASE.

    @@ -1676,7 +1676,7 @@ device vt_efifb The second was auditdistd(8) improvements for the &os; cluster.

    -

    Work continued on the following Foundation-sponsored projects: +

    Work continued on these Foundation-sponsored projects: Intel graphics driver update by &a.kib;, UEFI boot support for amd64 by &a.emaste;, autofs automounter and in-kernel iSCSI stack enhancements, bug fixes by &a.trasz;, updated @@ -1755,7 +1755,7 @@ device vt_efifb

    LLDB is the debugger project associated with - Clang/LLVM. It supports the Mac OS X, Linux, and &os; platforms, + Clang/LLVM. It supports Mac OS X, Linux, and &os; platforms, with ongoing work on Windows. It builds on existing components in the larger LLVM project, for example using Clang's expression parser and LLVM's disassembler.

    @@ -1828,7 +1828,7 @@ device vt_efifb

    The auditdistd(8) daemon is responsible for - distributing audit trail files over TCP/IP network securely and + distributing audit trail files over TCP/IP networks securely and reliably.

    The daemon now supports client-side certificates, which can be @@ -1871,9 +1871,9 @@ device vt_efifb

    SDIO is an interface designed as an extension of the existing - SD card standard, to allow connecting different peripherals to + SD card standard, allowing connection of different peripherals to the host with the standard SD controller. Peripherals currently - sold at the general market include WLAN/BT modules, cameras, + sold on the general market include WLAN/BT modules, cameras, fingerprint readers, and barcode scanners. The &os; driver is implemented as an extension to the existing MMC bus, adding a lot of new SDIO-specific bus methods. A prototype of the driver @@ -1884,7 +1884,7 @@ device vt_efifb

    SDIO card detection and initialization already work, most needed bus methods are implemented and tested.

    -

    The WiFi driver is able to load a firmware onto the card and +

    The WiFi driver is able to load firmware onto the card and initialize it. Migration of the MMC stack to the new locking model is necessary in order to work with SDIO cards effectively. The &os; CAM implementation is believed to be a good choice. @@ -1894,7 +1894,7 @@ device vt_efifb SDIO stack: finish CAM migration. The XPT layer is almost - ready, what is missing is a SIM module, for which a modified + ready. What is missing is a SIM module, for which a modified version of the SDHCI controller driver will be used, and a peripheral module, where porting the mmcsd(4) driver is required. @@ -1930,7 +1930,7 @@ device vt_efifb of the GNU Project and can be used with various Unix-like operating systems, including &os;.

    -

    Preperations for merging GNOME 3 are moving forward. The +

    Preparations for merging GNOME 3 are moving forward. The work on the documentation is falling behind a bit, but we got some solid feedback on the rough work to keep this moving forward as well. In the meantime, deprecation of ports that @@ -1941,11 +1941,11 @@ device vt_efifb

    Thanks to a combined effort by Ryan Lortie (GNOME developer), Ting-Wei Lan (upstream contributor), and &a.kwm;, we now have a &os;-powered JHbuild tinderbox. JHbuild is a build system that - lets building GNOME upstream code. It will attempt twice a day - to build gnome components from a specific branch, which is the - git master branch most of the time, in order to catch compile - issues. A positive side effect of this is that it lets upstream - know GNOME still lives on other systems than Linux. It also + allows building GNOME upstream code. Twice a day, it will attempt + to build Gnome components from a specific branch, usually the + git master branch, to catch compile + issues. A positive side effect is that it lets upstream + know GNOME still lives on non-Linux systems. It also exposes the GNOME code base to the Clang compiler and libc++. Since the start of this project over a hundred issues have been fixed.

    @@ -1997,8 +1997,8 @@ device vt_efifb

    While the age old version of the GNU Compiler Collection (GCC) in the base system is on its way out with &os; 10 and - later, there are many users who want (and some platforms which - need) to use GCC.

    + later, there are many users who want—and some platforms which + need—to use GCC.

    For that purpose there are various versions of GCC in the ports tree, including lang/gcc46, lang/gcc47, @@ -2035,7 +2035,7 @@ device vt_efifb - The Graphics stack on &os; + The Graphics Stack on &os; @@ -2157,19 +2157,19 @@ device vt_efifb four new committers, took in three commit bits for safe keeping, and reinstated one commit bit.

    -

    In January, longest serving port manager &a.marcus; stepped +

    In January, the longest serving port manager, &a.marcus;, stepped down from his active duties on the team. At a similar time &a.itetcu; also stepped down from his duties. Fortunately, as a result of the first portmgr-lurkers intake, we were able to replace them with &a.mat; and &a.antoine;.

    -

    Commencing March 1, the second intake portmgr-lurkers +

    Commencing March 1, the second intake of portmgr-lurkers started active duty on portmgr for a four month duration. The next two candidates are &a.danfe; and &a.culot;.

    This quarter also saw the release of the first quarterly - branch, namely 2014Q1. This branch is intended at - providing a stable and high-quality ports tree, with patches + branch, namely 2014Q1. This branch is intended to + provide a stable and high-quality ports tree, with patches related to security fixes as well as packaging and runtime fixes being backported from head.

    @@ -2178,7 +2178,7 @@ device vt_efifb - As previously noted, many PRs continue to languish, we would + As previously noted, many PRs continue to languish. We would like to see committers dedicate themselves to closing as many as possible. @@ -2241,7 +2241,7 @@ device vt_efifb

    Not all of the &os; changes to GCC have been reflected upstream. - A large amount of the platform support as well as a couple minor + A large amount of the platform support as well as a couple of minor improvements like the kernel formatting checker need to be forward ported (and if possible, moved upstream into GCC).

    @@ -2271,8 +2271,8 @@ device vt_efifb possible disruptions of project mail services, such as having troll-, spam- and virus-filters.

    -

    In the first quarter of 2014, the team has implemented the - following items that may be interest of the general public:

    +

    In the first quarter of 2014, the team has implemented these + items that may be interest of the general public:

    • Continued a discussion on current and possible future mail @@ -2333,12 +2333,12 @@ device vt_efifb standards-compliant implementations of the required numerical functions have been added.

      -

      The Core Team has conducted an annual review among the Project - teams and hats, where they had to declare if they are wishing to +

      The Core Team conducted an annual review among the Project + teams and hats, where team members had to declare whether they wished to continue their service. As a result, &a.flo; replaced &a.dhw; in the lead role of the Postmaster Team, and &a.gjb; assumed the head Release Engineer position from &a.kensmith;. The Core Team - congratulates to Florian and Glen, and thanks David and Ken for + congratulates Florian and Glen, and thanks David and Ken for their long-standing work.

      The Core Team approved chartering the Ports Security Team, @@ -2355,8 +2355,8 @@ device vt_efifb for freebsd-update(8) low. A related Errata Notice is about to be published soon.

      -

      There was only a single commit bit was taken for safekeeping, - we did not have new committers to the src/ repository in +

      Only a single commit bit was taken for safekeeping. + We did not have new committers to the src/ repository in this quarter.

      From owner-svn-doc-all@FreeBSD.ORG Fri Apr 11 02:10:57 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1D26ADBF; Fri, 11 Apr 2014 02:10:57 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 079F31278; Fri, 11 Apr 2014 02:10:57 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3B2Au1k066880; Fri, 11 Apr 2014 02:10:57 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3B2AuoU066879; Fri, 11 Apr 2014 02:10:56 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404110210.s3B2AuoU066879@svn.freebsd.org> From: Warren Block Date: Fri, 11 Apr 2014 02:10:56 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44528 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Apr 2014 02:10:57 -0000 Author: wblock Date: Fri Apr 11 02:10:56 2014 New Revision: 44528 URL: http://svnweb.freebsd.org/changeset/doc/44528 Log: Whitespace-only fixes, translators please ignore. Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Fri Apr 11 01:25:22 2014 (r44527) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Fri Apr 11 02:10:56 2014 (r44528) @@ -12,13 +12,15 @@ Introduction

      This report covers &os;-related projects between January and - March 2014. This is the first of four reports planned for 2014.

      + March 2014. This is the first of four reports planned for + 2014.

      -

      Thanks to all the reporters for the excellent work! This report - contains 38 entries and we hope you enjoy reading it.

      + +

      Thanks to all the reporters for the excellent work! This + report contains 38 entries and we hope you enjoy reading it.

      The deadline for submissions covering between April and June 2014 is July 7th, 2014.

      @@ -92,11 +94,11 @@

      Chromium is the open source web browser project from which Google Chrome draws its source code. The browsers share the majority of code and features, though there are some minor - differences in features and they have different licensing. Over - the last four years, the Chromium team has been busy with - porting Chromium to &os;. This involves patching the browser so - that it runs on &os;, tracking and documenting security updates, - and merging patches back upstream.

      + differences in features and they have different licensing. + Over the last four years, the Chromium team has been busy with + porting Chromium to &os;. This involves patching the browser + so that it runs on &os;, tracking and documenting security + updates, and merging patches back upstream.

      While there are already several browsers available for &os;, advantages of Chromium are:

      @@ -112,27 +114,28 @@ within a single weekend.
    -

    George Liaskos and &a.rene; are currently busy with submitting - the remaining patches specific to &os; back upstream. Apart from - making future updates easier, it sometimes also improves the - overall code quality.

    +

    George Liaskos and &a.rene; are currently busy with + submitting the remaining patches specific to &os; back + upstream. Apart from making future updates easier, it + sometimes also improves the overall code quality.

    -

    &a.jonathan; recently updated the Capsicum patches for Chromium - and is talking to upstream about them.

    +

    &a.jonathan; recently updated the Capsicum patches for + Chromium and is talking to upstream about them.

    Advocate &os;. While patches are getting accepted by both - humans and bots, it is not an official platform so attitude varies - from developer to developer. While &a.rene; thinks it is a bit - early, it might be fruitful to investigate what is required to - make &os; (and possibly OpenBSD) an official platform in terms - of both hardware and procedures. - - If you feel comfortable with large source trees, you can try - to build the Git version of Chromium on &os;. If you are also - comfortable with signing Google's Contributor License Agreement, - you can join in testing and submitting patches upstream. + humans and bots, it is not an official platform so attitude + varies from developer to developer. While &a.rene; thinks it + is a bit early, it might be fruitful to investigate what is + required to make &os; (and possibly OpenBSD) an official + platform in terms of both hardware and procedures. + + If you feel comfortable with large source trees, you can + try to build the Git version of Chromium on &os;. If you are + also comfortable with signing Google's Contributor License + Agreement, you can join in testing and submitting patches + upstream. @@ -173,16 +176,16 @@

    ZFS is one of the premier features of &os;. The current documentation in the Handbook and elsewhere online is severely - lacking. Much of the original documentation from Sun and Oracle - has disappeared, moved, or is about the proprietary version of - ZFS.

    - -

    New users have many questions about ZFS and yet there exists a - great deal more bad advice about ZFS than proper documentation. - The current ZFS chapter of the &os; Handbook starts off with the - required steps to configure an i386 machine to run ZFS. This is - more likely to scare off a new user than to educate them about - how to properly use ZFS.

    + lacking. Much of the original documentation from Sun and + Oracle has disappeared, moved, or is about the proprietary + version of ZFS.

    + +

    New users have many questions about ZFS and yet there exists + a great deal more bad advice about ZFS than proper + documentation. The current ZFS chapter of the &os; Handbook + starts off with the required steps to configure an i386 + machine to run ZFS. This is more likely to scare off a new + user than to educate them about how to properly use ZFS.

    At BSDCan 2013, the process of writing an entirely new chapter of the Handbook on ZFS was started. Currently this @@ -193,12 +196,12 @@ ZFS.

    The remaining section is the FAQ. To help users address the - most common problems they might run into with ZFS. It would be - useful to hear experiences, questions, misconceptions, gotchas, - stumbling blocks, and suggestions for the FAQ section from other - users. Also, a use cases section that highlights some of the - cases where ZFS provides advantages over traditional file - systems.

    + most common problems they might run into with ZFS. It would + be useful to hear experiences, questions, misconceptions, + gotchas, stumbling blocks, and suggestions for the FAQ section + from other users. Also, a use cases section that highlights + some of the cases where ZFS provides advantages over + traditional file systems.

    Please send suggestions to the freebsd-doc mailing list.

    @@ -207,7 +210,8 @@ ScaleEngine, Inc - Technical review by Matt Ahrens (co-creator of ZFS). + Technical review by Matt Ahrens (co-creator of + ZFS). Improve delegation section. Improve tuning section, add new sysctls added in head. @@ -236,15 +240,15 @@

    The &os; Release Engineering Team is responsible for setting - and publishing release schedules for official project releases of - &os;, announcing code freezes and maintaining the respective - branches, among other things.

    - -

    In early January, the team became aware of several last-minute - showstopper issues in &os; 10.0, which lead to an extension - in the final release builds. &os; 10.0-RELEASE was - announced on January 20, two months behind the original - schedule.

    + and publishing release schedules for official project releases + of &os;, announcing code freezes and maintaining the + respective branches, among other things.

    + +

    In early January, the team became aware of several + last-minute showstopper issues in &os; 10.0, which lead + to an extension in the final release builds. + &os; 10.0-RELEASE was announced on January 20, two months + behind the original schedule.

    The schedule for the &os; 9.3-RELEASE cycle has been written and posted to the website, and the release cycle will @@ -252,8 +256,8 @@

    There is ongoing work to integrate support for embedded architectures as part of the release build process. At this - time, support exists for a number of ARM kernels, in particular - the Raspberry Pi, BeagleBone, and WandBoard.

    + time, support exists for a number of ARM kernels, in + particular the Raspberry Pi, BeagleBone, and WandBoard.

    The &os; Foundation @@ -275,11 +279,11 @@

    The &os; Documentation Engineering Team is responsible for - defining and following up documentation goals for the committers - in the Documentation project. The team is pleased to announce a - new member — &a.wblock;. In early March, the &os; - Documentation Engineering Team members assumed responsibility - for the &os; Webmaster Team.

    + defining and following up documentation goals for the + committers in the Documentation project. The team is pleased + to announce a new member — &a.wblock;. In early March, + the &os; Documentation Engineering Team members assumed + responsibility for the &os; Webmaster Team.

    @@ -304,34 +308,35 @@

    Ada is a structured, statically typed, imperative, wide-spectrum, and object-oriented high-level computer - programming language, extended from Pascal and other languages, - originally targeted at embedded and real-time systems. The - number of Ada ports in the collection has grown significantly - since the last report six months ago. There are almost 50 - Ada-related ports now, with new ones getting added all the time.

    + programming language, extended from Pascal and other + languages, originally targeted at embedded and real-time + systems. The number of Ada ports in the collection has grown + significantly since the last report six months ago. There are + almost 50 Ada-related ports now, with new ones getting added + all the time.

    The previous plan was to move from the GCC 4.7-based GNAT - compiler to a GCC 4.8-based one, but finally GCC 4.8 was skipped - and now a GCC 4.9-based GNAT is the standard Ada compiler, which - fully supports the new ISO standard, Ada 2012. Moving to a - newer compiler allowed several important ports like PolyOrb and - GPRBuild to be upgraded to the latest available versions. In - fact, almost every Ada port is currently at its most recent - upstream version.

    + compiler to a GCC 4.8-based one, but finally GCC 4.8 was + skipped and now a GCC 4.9-based GNAT is the standard Ada + compiler, which fully supports the new ISO standard, Ada 2012. + Moving to a newer compiler allowed several important ports + like PolyOrb and GPRBuild to be upgraded to the latest + available versions. In fact, almost every Ada port is + currently at its most recent upstream version.

    For non-Windows-based Ada development, &os; and DragonFly are - now undisputed as the go-to platforms. The other candidates are - Debian and Fedora, but there are few Ada software on those - platforms that are not also in the &os; ports tree, but the versions are - much older. The Ports Collection also features software not found - anywhere else such as the USAFA's Ironsides DNS server, - libsparkcrypto, matreshka, GNATDroid (Android cross-compiler) and - several developer libraries.

    + now undisputed as the go-to platforms. The other candidates + are Debian and Fedora, but there are few Ada software on those + platforms that are not also in the &os; ports tree, but the + versions are much older. The Ports Collection also features + software not found anywhere else such as the USAFA's Ironsides + DNS server, libsparkcrypto, matreshka, GNATDroid (Android + cross-compiler) and several developer libraries.

    A desired addition to the Ada ports will be SPARK 2014 (see - links), which should cement &os; as an option for professional, - safety-critical application development. This package should - have its first release by early summer.

    + links), which should cement &os; as an option for + professional, safety-critical application development. This + package should have its first release by early summer.

    @@ -385,8 +390,8 @@

    We also follow development of core components (available in - your repository). See link for documentation on how to upgrade - those libraries.

    + your repository). See link for documentation on how to + upgrade those libraries.

    • garcon (0.3.0)
      • @@ -431,13 +436,13 @@ -

      PCI Single Root I/O Virtualization (SR-IOV) is an optional part - of the PCIe standard that provides hardware acceleration for the - virtualization of PCIe devices. When SR-IOV is in use, a - function in a PCI device (known as a Physical Function, or PF) - will present multiple Virtual PCI Functions (VF) on the PCI bus. - These VFs are fully independent PCI devices that have - access to the resources of the PF. For example, on a network +

      PCI Single Root I/O Virtualization (SR-IOV) is an optional + part of the PCIe standard that provides hardware acceleration + for the virtualization of PCIe devices. When SR-IOV is in + use, a function in a PCI device (known as a Physical Function, + or PF) will present multiple Virtual PCI Functions (VF) on the + PCI bus. These VFs are fully independent PCI devices that have + access to the resources of the PF. For example, on a network interface card, VFs could transmit and receive packets independent of the PF.

      @@ -446,16 +451,17 @@ use PCI passthrough to assign the VFs to the VMs. This would allow multiple VMs to share access to the PCI device without having to do any expensive communication with the hypervisor, - greatly increasing performance of performing I/O from a VM.

      + greatly increasing performance of performing I/O from a + VM.

      -

      There are two parts to this project. The first is implementing - an API in the PCI subsystem for creating VFs and configuring - standard PCI features like BARs. The second part is updating - individual drivers for PCI devices that support SR-IOV to - configure their VFs. For example, a network interface driver - will typically have to assign a MAC address to a VF and - configure the interface to route packets destined for that MAC - address to the VF.

      +

      There are two parts to this project. The first is + implementing an API in the PCI subsystem for creating VFs and + configuring standard PCI features like BARs. The second part + is updating individual drivers for PCI devices that support + SR-IOV to configure their VFs. For example, a network + interface driver will typically have to assign a MAC address + to a VF and configure the interface to route packets destined + for that MAC address to the VF.

      At this point only SR-IOV support for the ixgbe(4) driver is planned. The PCI subsystem API is designed to be @@ -464,12 +470,12 @@ currently not planned due to lack of time and hardware.

      At present, ixgbe(4) is able to create VFs and the - ixgbevf driver is able to pass traffic. There is still - a fair amount of work to support VLAN tags, multicast addresses, - and other features on the VFs. Also, the VF configuration needs - to be better integrated with the PF initialization path to - ensure that resets of the PF do not interrupt operation of the - VFs.

      + ixgbevf driver is able to pass traffic. There is + still a fair amount of work to support VLAN tags, multicast + addresses, and other features on the VFs. Also, the VF + configuration needs to be better integrated with the PF + initialization path to ensure that resets of the PF do not + interrupt operation of the VFs.

      Sandvine, Inc @@ -501,32 +507,32 @@ the box and during the development of the system. The test suite is installed into /usr/tests/ and the kyua(1) command-line tool (devel/kyua in the - Ports Collection) is used to run them. See the project page for - more details.

      + Ports Collection) is used to run them. See the project page + for more details.

      Since the last status report, we have been hard at work - polishing the framework in many different areas. The highlights - are:

      + polishing the framework in many different areas. The + highlights are:

      • A roadmap for the project has been prepared and published, see links.
      • Many tests have been added to the test suite thanks to the - work of various developers and, in particular, a good bunch of - old tests from src/tools/regression/ have been + work of various developers and, in particular, a good bunch + of old tests from src/tools/regression/ have been incorporated into the new test suite. As of this writing, there are 509 test cases continuously running.
        • -
      • The testing infrastructure in the stable/10 branch has - been synced to head. It should now be possible to - seamlessly MFC changes to the stable branch along with their - tests, if any.
        • +
      • The testing infrastructure in the stable/10 + branch has been synced to head. It should now be + possible to seamlessly MFC changes to the stable branch + along with their tests, if any.
      • The testing cluster, which only issued amd64 builds, has been extended to perform i386 builds as - well. Additionally, a canary machine has been put in place so - that changes to the cluster configuration can be properly + well. Additionally, a canary machine has been put in place + so that changes to the cluster configuration can be properly validated before deployment.
      • A tutorial on Kyua and the &os; Test Suite was given at @@ -534,8 +540,8 @@ public consumption, please consult the links.
      • Both Kyua's and ATF's upstream sites have been moved to - GitHub, mostly due to the discontinuation of file downloads in - Google Code.
        • + GitHub, mostly due to the discontinuation of file downloads + in Google Code.
      @@ -556,8 +562,8 @@ packages, to mention a few examples. Add JUnit XML output to Kyua for better integration with - Jenkins. This work is actively ongoing and should be ready for - prime time at BSDCan 2014. + Jenkins. This work is actively ongoing and should be ready + for prime time at BSDCan 2014. @@ -580,28 +586,29 @@

      AFS is a distributed network filesystem that originated from - the Andrew Project at Carnegie-Mellon University. OpenAFS is an - open-source implementation of the AFS protocol derived from IBM - AFS, which was released under the IBM Public License. OpenAFS - on &os; (the net/openafs port) is suitable for light - use, but is not yet production ready.

      + the Andrew Project at Carnegie-Mellon University. OpenAFS is + an open-source implementation of the AFS protocol derived from + IBM AFS, which was released under the IBM Public License. + OpenAFS on &os; (the net/openafs port) is suitable + for light use, but is not yet production ready.

      We got a chance to pick up this porting project after some - hiatus. Recent work focused on investigating the bugs preventing - the use of a disk cache for caching file data. An internal - "lookupname" abstraction was intended to return an unlocked, - referenced vnode, but instead returned a locked, referenced - vnode, leading to various failure modes depending on the number - of kernel debugging options enabled.

      + hiatus. Recent work focused on investigating the bugs + preventing the use of a disk cache for caching file data. An + internal "lookupname" abstraction was intended to return an + unlocked, referenced vnode, but instead returned a locked, + referenced vnode, leading to various failure modes depending + on the number of kernel debugging options enabled.

      - Track down an issue involving incorrect reference counts on - the AFS root vnode that cause warnings on shutdown. + Track down an issue involving incorrect reference counts + on the AFS root vnode that cause warnings on shutdown. Audit the locking in all the vnode operations code — - it is expected that there remain some incorrectly locked areas, - though none that present visible issues under light load. + it is expected that there remain some incorrectly locked + areas, though none that present visible issues under light + load. @@ -625,18 +632,19 @@ -

      Libvirt is a virtualization library providing a common API for - various hypervisors (Qemu/KVM, Xen, LXC, and others), and also a - popular library used by a number of projects. Libvirt 1.2.2, - released on March, 2014, was the first release to include bhyve - support. Enabling bhyve support allows consumers to use bhyve - in libvirt-ready applications without major efforts.

      +

      Libvirt is a virtualization library providing a common API + for various hypervisors (Qemu/KVM, Xen, LXC, and others), and + also a popular library used by a number of projects. Libvirt + 1.2.2, released on March, 2014, was the first release to + include bhyve support. Enabling bhyve support allows + consumers to use bhyve in libvirt-ready applications without + major efforts.

      Currently, libvirt supports almost all essential features of - bhyve, such as Virtual Machine lifecycle (start, stop), bridged - networking, and virtio/SATA driver support. The work continues - to implement more API calls and to cover more of features - offered by bhyve.

      + bhyve, such as Virtual Machine lifecycle (start, stop), + bridged networking, and virtio/SATA driver support. The work + continues to implement more API calls and to cover more of + features offered by bhyve.

      @@ -664,28 +672,28 @@ -

      Arm64 is the name of the in-progress port of &os; to the ARMv8 - CPU when it is in AArch64 mode. Until recently, all ARM CPU - designs were 32-bit only. With the introduction of the ARMv8, - architecture ARM has added a new 64-bit mode. This new mode has - been named AArch64.

      +

      Arm64 is the name of the in-progress port of &os; to the + ARMv8 CPU when it is in AArch64 mode. Until recently, all ARM + CPU designs were 32-bit only. With the introduction of the + ARMv8, architecture ARM has added a new 64-bit mode. This new + mode has been named AArch64.

      -

      Progress has been good on getting &os; to build and run on the - ARM Foundation model. &os; is able to be built for this +

      Progress has been good on getting &os; to build and run on + the ARM Foundation model. &os; is able to be built for this architecture, however it requires a number of external tools including objdump(1) and ld(1). These tools - are provided by an external copy of binutils until replacements - can be written.

      + are provided by an external copy of binutils until + replacements can be written.

      &os; will run the early boot on the Foundation model. The loader has been ported to the AArch64 UEFI environment and can load and run the kernel. The kernel is able to create the initial page tables to be able to run from virtual memory. It - can then execute C code to parse the memory map provided by the - loader. This is as far as the kernel currently boots.

      + can then execute C code to parse the memory map provided by + the loader. This is as far as the kernel currently boots.

      -

      This work is now happening in the &os; Subversion repository in - a project branch, see the links.

      +

      This work is now happening in the &os; Subversion repository + in a project branch, see the links.

      @@ -709,27 +717,26 @@ -

      &os; has been updated to allow it to use the VFP variant of the - ARM EABI ABI. The VFP unit is the ARM hardware to perform - floating-point operations. This changes the ABI to improve the - performance of code that uses floating-point operations. By - default, &os; already uses the ARM EABI on all releases from - 10.0.

      +

      &os; has been updated to allow it to use the VFP variant of + the ARM EABI ABI. The VFP unit is the ARM hardware to perform + floating-point operations. This changes the ABI to improve + the performance of code that uses floating-point operations. + By default, &os; already uses the ARM EABI on all releases + from 10.0.

      This is important for &os;/arm users running code with - floating-point operations on ARMv6 or ARMv7 SoC systems. - It removes the need for the slow software - floating-point support in libc. This is mostly - compatible with the existing ABI, with the exception of how - floating-point values are passed into functions. Because no - floating-point values are passed to the kernel, the - armv6 and armv6hf kernels will work with - either userland.

      - -

      As part of this change, some support functions have been updated to - use the VFP unit when available. The existing - armv6 target architecture will be kept for cases where - the SoC lacks a VFP unit, or existing binaries that are + floating-point operations on ARMv6 or ARMv7 SoC systems. It + removes the need for the slow software floating-point support + in libc. This is mostly compatible with the existing + ABI, with the exception of how floating-point values are + passed into functions. Because no floating-point values are + passed to the kernel, the armv6 and armv6hf + kernels will work with either userland.

      + +

      As part of this change, some support functions have been + updated to use the VFP unit when available. The existing + armv6 target architecture will be kept for cases + where the SoC lacks a VFP unit, or existing binaries that are incompatible with the new ABI.

      @@ -758,31 +765,34 @@ -

      The Linux emulation layer relies on a Linux base - distribution along with Linux ports of relevant non-base - software. Fedora 10 was imported in 2006, and it shows - — current Linux software like Skype 4, Sublime Text 2, or - even modern games fail to run with the provided libraries.

      +

      The Linux emulation layer relies on a Linux base distribution + along with Linux ports of relevant non-base software. Fedora + 10 was imported in 2006, and it shows — current Linux + software like Skype 4, Sublime Text 2, or even modern games + fail to run with the provided libraries.

      CentOS 6.5 was released in December 2013 and will be - supported until 2017, making it an ideal basis for an - update to the ports infrastructure. Built upon the work of - Carlos Jacobo Puga Medina, all ports using Linux have been - updated to work with either Fedora 10 or CentOS 6.5.

      + supported until 2017, making it an ideal basis for an update + to the ports infrastructure. Built upon the work of Carlos + Jacobo Puga Medina, all ports using Linux have been updated to + work with either Fedora 10 or CentOS 6.5.

      The goal of this project is to make CentOS 6.5 the default - Linux distribution, so that &os; users can enjoy running modern - Linux binaries without having to resort to virtualization - à la VirtualBox, or even dual-booting.

      + Linux distribution, so that &os; users can enjoy running + modern Linux binaries without having to resort to + virtualization à la VirtualBox, or even + dual-booting.

      Goldener Grund O - Clean up Mk/bsd.linux-*.mk and fix errors detected - in ports/187786. + Clean up Mk/bsd.linux-*.mk and fix errors + detected in ports/187786. + + Revert making c6 the default (in the git + repository). - Revert making c6 the default (in the git repository). Testing. Review patches and import into the ports tree (any help @@ -823,38 +833,40 @@

      Address space layout randomization (ASLR) is a computer security technique involved in protection from buffer overflow - attacks. In order to prevent an attacker from reliably jumping - to a particular exploited function in memory, ASLR involves - randomly arranging the positions of key data areas of a program, - including the base of the executable and the positions of the - stack, heap, and libraries, in a process' address space.

      + attacks. In order to prevent an attacker from reliably + jumping to a particular exploited function in memory, ASLR + involves randomly arranging the positions of key data areas of + a program, including the base of the executable and the + positions of the stack, heap, and libraries, in a process' + address space.

      We have added ASLR support to all architectures. As the primary developers behind this feature have the most access to amd64, the focus of development is on the - amd64 architecture. Other architectures, such as ARM, - have known bugs with our current ASLR implementation and we are - working hard to fix them. We added support for + amd64 architecture. Other architectures, such as + ARM, have known bugs with our current ASLR implementation and + we are working hard to fix them. We added support for Position-Independent Executables (PIEs) in a number of applications in base.

      Shawn has access to a Raspberry Pi (RPI). PIE is 90% - broken. Debug and fix major issues on the RPI. The existing NX - stack protections are not obeyed on RPI. Properly implemented - ASLR requires NX stack. + broken. Debug and fix major issues on the RPI. The existing + NX stack protections are not obeyed on RPI. Properly + implemented ASLR requires NX stack.       Shawn will be receiving a sparc64 box on April 6, 2014. He will test ASLR on sparc64, identifying and fixing any bugs that pop up. - Oliv辿r has identified one or more bugs with the Linuxulator. - He will be looking into that and fixing those. - - Shawn will be cleaning up code and adding more applications - in base to support PIE. He will also add PIE support to the - ports framework for general consumption. + Oliv辿r has identified one or more bugs with the + Linuxulator. He will be looking into that and fixing + those. + + Shawn will be cleaning up code and adding more + applications in base to support PIE. He will also add PIE + support to the ports framework for general consumption. Shawn will be giving a presentation regarding ASLR at BSDCan 2014. @@ -879,24 +891,25 @@ -

      The Unified Extensible Firmware Interface (UEFI) provides boot- - and run-time services for x86 computers, and is a replacement - for the legacy BIOS. This project will adapt the &os; loader - and kernel boot process for compatibility with UEFI firmware, - found on contemporary servers, desktops, and laptops.

      - -

      Starting with &a.rpaulo;'s i386 EFI loader, &a.benno; - developed a working proof-of-concept amd64 loader in 2013 - under sponsorship from the &os; Foundation. After refinement, - that work has now been merged from the projects/uefi - Subversion branch into &os; head. The project includes - the infrastructure to build a UEFI-enabled loader, and the - kernel-side changes to parse metadata provided by the - loader.

      - -

      A number of integration tasks remain, with a plan to have UEFI - installation and boot support merged to stable/10 in - time for &os; 10.1-RELEASE.

      +

      The Unified Extensible Firmware Interface (UEFI) provides + boot- and run-time services for x86 computers, and is a + replacement for the legacy BIOS. This project will adapt the + &os; loader and kernel boot process for compatibility with + UEFI firmware, found on contemporary servers, desktops, and + laptops.

      + +

      Starting with &a.rpaulo;'s i386 EFI loader, + &a.benno; developed a working proof-of-concept amd64 + loader in 2013 under sponsorship from the &os; Foundation. + After refinement, that work has now been merged from the + projects/uefi Subversion branch into &os; + head. The project includes the infrastructure to + build a UEFI-enabled loader, and the kernel-side changes to + parse metadata provided by the loader.

      + +

      A number of integration tasks remain, with a plan to have + UEFI installation and boot support merged to + stable/10 in time for &os; 10.1-RELEASE.

      The &os; Foundation @@ -906,7 +919,8 @@ configurations. Implement chain-loading from UFS/ZFS file systems. - Integrate UEFI configuration with the &os; installer. + Integrate UEFI configuration with the &os; + installer. Support secure boot.       @@ -930,8 +944,8 @@ following:

        -
      • Assimilated master email configurations into a single source - control repository.
        • +
      • Assimilated master email configurations into a single + source control repository.
      • Moved the &os; web server CGI services to a new location (sponsored).
        • @@ -942,8 +956,8 @@
      • Added a Russian pkg(8) mirror, hosted by Yandex.
        • -
      • Moved the &os; Foundation web services to a new server - (sponsored).
        • +
      • Moved the &os; Foundation web services to a new + server (sponsored).
      @@ -968,10 +982,10 @@

      KDE is an international free software community producing an - integrated set of cross-platform applications designed to run on - Linux, &os;, Solaris, Microsoft Windows, and OS X systems. The - KDE/&os; Team have continued to improve the experience of KDE - software and Qt under &os;.

      + integrated set of cross-platform applications designed to run + on Linux, &os;, Solaris, Microsoft Windows, and OS X systems. + The KDE/&os; Team have continued to improve the experience of + KDE software and Qt under &os;.

      During this quarter, the team has kept most of the KDE and Qt ports up-to-date, working on the following releases:

      @@ -994,9 +1008,9 @@

      A major change has been the deprecation of the KDE3 ports and the move of the KDE4_PREFIX to LOCALBASE. Also, work on Qt5 continues to maturity. &a.rakuco; has been - working with upstream to ensure Baloo (Nepomuk successor in KDE - SC 4.13) compiles and runs on non-Linux systems. His work not - only benefits &os; but other BSDs and OS X.

      + working with upstream to ensure Baloo (Nepomuk successor in + KDE SC 4.13) compiles and runs on non-Linux systems. His work + not only benefits &os; but other BSDs and OS X.

      As usual, the team is always looking for more testers and porters, so please contact us and visit our home page (see @@ -1048,9 +1062,9 @@

      Wine is a free and open source software application that aims to allow applications designed for Microsoft Windows to run on - Unix-like operating systems, such as &os;. The Wine project has - been in maintenance mode this quarter and has updated the ports - for the following versions:

      + Unix-like operating systems, such as &os;. The Wine project + has been in maintenance mode this quarter and has updated the + ports for the following versions:

      • Stable releases: 1.6.2
        • @@ -1063,11 +1077,11 @@ - See the Open Tasks and Known Problems sections - on the Wine wiki page. + See the Open Tasks and Known Problems + sections on the Wine wiki page. - &os;/amd64 integration, consult the i386-Wine wiki - page for the details. + &os;/amd64 integration, consult the i386-Wine + wiki page for the details. Port WoW64 (supporting Windows 32-bit and 64-bit from the same port) and Wine64. @@ -1092,11 +1106,12 @@ -

        Chromebook is an ARMv7 Cortex-A15 personal computer powered by - Samsung Exynos 5 Dual System-on-Chip. As of the current status - of this project, such laptops can be booted with &os; from USB - flash — it works stably (including SMP) and it can build - third-party applications. The display and keyboard work.

        +

        Chromebook is an ARMv7 Cortex-A15 personal computer powered + by Samsung Exynos 5 Dual System-on-Chip. As of the current + status of this project, such laptops can be booted with &os; + from USB flash — it works stably (including SMP) and it + can build third-party applications. The display and keyboard + work.

        Thanks to &a.grehan; for providing hardware.

        @@ -1148,49 +1163,52 @@ source projects for Continuous Integration (CI). CI allows developers to commit code to a Source Code Management (SCM) system such as Subversion, and then have automated programs - check out, build, and test the code. Jenkins is implemented in - the Java language.

        + check out, build, and test the code. Jenkins is implemented + in the Java language.

        -

        &a.emaste; reviewed some CI work that &a.rodrigc; had done for - the FreeNAS project with Jenkins, and encouraged him to set up - something similar for the &os; Project. With the help of the - &os; Cluster Administration Team, he set up a &os; machine - running two bhyve virtual machines, +

        &a.emaste; reviewed some CI work that &a.rodrigc; had done + for the FreeNAS project with Jenkins, and encouraged him to + set up something similar for the &os; Project. With the help + of the &os; Cluster Administration Team, he set up a &os; + machine running two bhyve virtual machines, jenkins-9.FreeBSD.org and jenkins-10.FreeBSD.org. He set up software builds of head and several stable branches on these machines. The status of these builds is visible on a web - interface accessible at jenkins.FreeBSD.org. - When any of the builds fail, emails are sent to - freebsd-current or freebsd-stable. Emails are - also sent directly to the list of people who recently committed - code to Subversion since the last successful build.

        - -

        As part of the Jenkins setup, &a.rodrigc; encountered problems - with running Java &os; 9.2 and &os; 10.0. Both problems - stemmed from changes to the &os; Virtual Memory (VM) subsystem. - On &os; 9.2-RELEASE, running Jenkins under Java would cause the - kernel to panic. This was a known problem, and fixed in - 9.2.-RELEASE-p3. On &os; 10.0-RELEASE, Java processes would - randomly crash. Disabling the vm.pmap.pcid_enabled - sysctl(3) variable seemed to fix the problem. In - kern/187238, Henrik Gulbrandsen submitted fixes to the - &os; VM to address this problem. &a.kib; committed the fixes - to head, where they are being tested now.

        - -

        During the setup of the bhyve VMs which run Jenkins processes, - &a.rodrigc; wrote scripts to start bhyve VMs from the - rc.d bootup scripts, which were then published at + interface accessible at jenkins.FreeBSD.org. When + any of the builds fail, emails are sent to + freebsd-current or freebsd-stable. Emails + are also sent directly to the list of people who recently + committed code to Subversion since the last successful + build.

        + +

        As part of the Jenkins setup, &a.rodrigc; encountered + problems with running Java &os; 9.2 and &os; 10.0. + Both problems stemmed from changes to the &os; Virtual Memory + (VM) subsystem. On &os; 9.2-RELEASE, running Jenkins under + Java would cause the kernel to panic. This was a known + problem, and fixed in 9.2.-RELEASE-p3. On &os; 10.0-RELEASE, + Java processes would randomly crash. Disabling the + vm.pmap.pcid_enabled sysctl(3) variable + seemed to fix the problem. In kern/187238, Henrik + Gulbrandsen submitted fixes to the &os; VM to address this + problem. &a.kib; committed the fixes to head, where + they are being tested now.

        + +

        During the setup of the bhyve VMs which run Jenkins + processes, &a.rodrigc; wrote scripts to start bhyve VMs from + the rc.d bootup scripts, which were then published at GitHub.

        -

        On February 19, 2014, &a.rodrigc; notified the &os; developers - that Jenkins was running in the &os; cluster, and that they - could look at the web interface to see the status of builds.

        +

        On February 19, 2014, &a.rodrigc; notified the &os; + developers that Jenkins was running in the &os; cluster, and + that they could look at the web interface to see the status of + builds.

        On March 13, 2014, &a.rodrigc; gave a presentation of the - Jenkins work at the Bay Area &os; User Group (BAFUG) in Mountain - View, California, USA. Video of the presentation was recorded - and put online by iXsystems.

        + Jenkins work at the Bay Area &os; User Group (BAFUG) in + Mountain View, California, USA. Video of the presentation was + recorded and put online by iXsystems.

        &a.rodrigc; assembled a team of volunteers, jenkins-admin, to help maintain @@ -1201,39 +1219,40 @@

        • R. Tyler Croy is both a &os; developer and a Jenkins developer. He will be working on fixing bugs in Jenkins - specific to &os;. He is first looking at fixing the libpam4j - library which is used by Jenkins to interface with the PAM - system for user authentication. The released version of - libpam4j does not currently work on &os;.
          • - -
        • &a.lwhsu; maintains the devel/jenkins port. He set - up a Jenkins build which runs the scan-build static analyzer - which is part of LLVM.
          • + specific to &os;. He is first looking at fixing the + libpam4j library which is used by Jenkins to interface with + the PAM system for user authentication. The released + version of libpam4j does not currently work on &os;. + +
        • &a.lwhsu; maintains the devel/jenkins port. He + set up a Jenkins build which runs the scan-build static + analyzer which is part of LLVM.
        • &a.skreuzer; has experience administering Jenkins systems. He set up several builds on jenkins.FreeBSD.org, including a Jenkins build of the &os; documentation. He is - looking into using Ansible for automatic provisioning of VMs running Jenkins in - the &os; cluster.
          • + looking into using Ansible for automatic provisioning of VMs + running Jenkins in the &os; cluster.
        • &a.rodrigc; will be running a Continuous Testing working - group at the &os; Devsummit in Ottawa on May 15, 2014. - He will also give a Jenkins presentation on May 17, 2014. - He is interested in working with &a.jmmv; to - integrate Jenkins and Kyua. They have exchanged - some emails about this on the freebsd-testing list.
          • + group at the &os; Devsummit in Ottawa on May 15, 2014. He + will also give a Jenkins presentation on May 17, 2014. He + is interested in working with &a.jmmv; to integrate Jenkins + and Kyua. They have exchanged some emails about this on the + freebsd-testing list.
        • &a.swills; maintains the devel/jenkins-lts port. - He has implemented several builds at jenkins.FreeBSD.org - which detect commits to the &os; ports repository, and then - build the ports tree using Poudri竪re.
          • + He has implemented several builds at + jenkins.FreeBSD.org which detect commits to the + &os; ports repository, and then build the ports tree using + Poudri竪re.

        At the end of March, &a.novel; reported to - jenkins-admin that he has successfully run the Jenkins - libvirt plugin with his libvirt modifications to integrate with - bhyve. He provided a link to a blog posting where he described - his experience.

        + jenkins-admin that he has successfully run the + Jenkins libvirt plugin with his libvirt modifications to + integrate with bhyve. He provided a link to a blog posting + where he described his experience.

        iXsystems, Inc @@ -1248,16 +1267,19 @@ Set up more Jenkins builds of the &os; ports repository on different &os; versions. - Integrate with Kyua, so that Jenkins can run Kyua tests and - report the results directly in the native Jenkins web UI where - test results are reported. + Integrate with Kyua, so that Jenkins can run Kyua tests + and report the results directly in the native Jenkins web UI + where test results are reported. Write scripts which can take a Jenkins build of &os;, and boot the results in a bhyve VM or on real hardware. Fix libpam4j on &os;. - Continuous Testing working group at Devsummit on May 15, 2014 - Jenkins presentation at BSDCan on May 17, 2014 + + Continuous Testing working group at Devsummit on May 15, + 2014 + + Jenkins presentation at BSDCan on May 17, 2014         @@ -1279,21 +1301,22 @@ -

        The new &os; in-kernel iSCSI stack was functionally complete in - &os; 10.0-RELEASE, but ongoing enhancements and bug fixes are - being committed to &os; head, with a plan to merge them - back to stable/10 in time for &os; 10.1-RELEASE.

        *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Fri Apr 11 08:14:51 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8A4B7B52; Fri, 11 Apr 2014 08:14:51 +0000 (UTC) Received: from mail-pb0-x230.google.com (mail-pb0-x230.google.com [IPv6:2607:f8b0:400e:c01::230]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46A8E1649; Fri, 11 Apr 2014 08:14:51 +0000 (UTC) Received: by mail-pb0-f48.google.com with SMTP id md12so5081718pbc.7 for ; Fri, 11 Apr 2014 01:14:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:reply-to:user-agent:mime-version:to:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=C2+gsAbFxqtCgVGg2WdeB/Av10g8nr6rJx8t9a525OA=; b=dpOquq5HFby5M+aQzkek97qlb5eSqBMUmV/I9cDXMloAGz+/pcwZOn52ksCoXw+vGs 7Yqgif06ug+xOJCiY6cp7eviRWBdx0YwaN1Ah9BiJmr4bHnLEWxRwc+z3XY1Kt1yMrIS 5Z6+tLo9Ns/Iv5t0pjd1fJsab9b2mUlE+BYO8mXTQYZ0ssQL2IT4YBBEoALk44RPOahh 4lnEPmz2ZQjJQuL0OOh92KR/2fwn5hgyaRvQFKkPYfJn/vyRVt+O105YzU6MVI8a5PLz Xcyuy55OQ/W6Xy3OZCSnu5xOer4I7AX3UBaULtCQQOrsvhSiL5DgQiBKaqRsfm8nSs7o luNg== X-Received: by 10.68.215.40 with SMTP id of8mr25406051pbc.15.1397204090954; Fri, 11 Apr 2014 01:14:50 -0700 (PDT) Received: from [192.168.1.7] (ppp59-167-128-11.static.internode.on.net. [59.167.128.11]) by mx.google.com with ESMTPSA id tf10sm13915351pbc.70.2014.04.11.01.14.48 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 11 Apr 2014 01:14:50 -0700 (PDT) Message-ID: <5347A471.40505@FreeBSD.org> Date: Fri, 11 Apr 2014 18:14:41 +1000 From: Kubilay Kocak User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:28.0) Gecko/20100101 Thunderbird/28.0 MIME-Version: 1.0 To: Brad Davis , doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org, Baptiste Daroussin Subject: Re: svn commit: r44526 - head/en_US.ISO8859-1/books/handbook/ports References: <201404102240.s3AMegKL079270@svn.freebsd.org> In-Reply-To: <201404102240.s3AMegKL079270@svn.freebsd.org> X-Enigmail-Version: 1.6 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list Reply-To: koobs@FreeBSD.org List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Apr 2014 08:14:51 -0000 On 11/04/2014 8:40 AM, Brad Davis wrote: > Author: brd > Date: Thu Apr 10 22:40:41 2014 > New Revision: 44526 > URL: http://svnweb.freebsd.org/changeset/doc/44526 > > Log: > - Add the pkgng verison of listing out of date ports. > > Modified: > head/en_US.ISO8859-1/books/handbook/ports/chapter.xml > > Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml > ============================================================================== > --- head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Thu Apr 10 20:52:23 2014 (r44525) > +++ head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Thu Apr 10 22:40:41 2014 (r44526) > @@ -1298,9 +1298,16 @@ The deinstallation will free 229 kB > To determine if newer versions of installed ports are > available, ensure that the latest version of the ports tree > is installed, using the updating command described in either > - Procedure 5.1 or Procedure 5.2. Then, run this command to > - get a listing of the ports which are older than the currently > - available version: > + Procedure 5.1 or Procedure 5.2. On &os; 10 and later, or if > + the system has been converted to > + pkgng, the following command will I believe we currently reference the (no longer) new package system as 'pkg' now, rather than by its previous name. It is 'current generation' now. Maybe 'pkg(8)' would help make this explicit If any current doc policy conflicts with this, perhaps it could be updated. > + list the installed ports which are out of date: > + > + &prompt.root; pkg version -l "<" > + > + For &os; 9.X and lower, the > + following command will list the installed ports that are out > + of date: > > &prompt.root; pkg_version -l "<" > > _______________________________________________ > svn-doc-all@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/svn-doc-all > To unsubscribe, send any mail to "svn-doc-all-unsubscribe@freebsd.org" > Koobs From owner-svn-doc-all@FreeBSD.ORG Fri Apr 11 13:48:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 80ACE158; Fri, 11 Apr 2014 13:48:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6C3301BDF; Fri, 11 Apr 2014 13:48:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3BDmtVi059131; Fri, 11 Apr 2014 13:48:55 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3BDmt6t059130; Fri, 11 Apr 2014 13:48:55 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404111348.s3BDmt6t059130@svn.freebsd.org> From: Warren Block Date: Fri, 11 Apr 2014 13:48:55 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44529 - head/en_US.ISO8859-1/books/handbook/printing X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Apr 2014 13:48:55 -0000 Author: wblock Date: Fri Apr 11 13:48:55 2014 New Revision: 44529 URL: http://svnweb.freebsd.org/changeset/doc/44529 Log: A from-scratch rewrite of the Printing chapter, designed to address issues with the old chapter. It adds a quick-start section, simplifies setup, vastly reduces the section on shared printers in schools and businesses, and provides a framework that allows the addition of other printing systems. Reviewed by: freebsd-doc and IRC, no objections Modified: head/en_US.ISO8859-1/books/handbook/printing/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/printing/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/printing/chapter.xml Fri Apr 11 02:10:56 2014 (r44528) +++ head/en_US.ISO8859-1/books/handbook/printing/chapter.xml Fri Apr 11 13:48:55 2014 (r44529) @@ -1,5033 +1,1142 @@ - - Printing - - SeanKellyContributed by - - + + + + Printing + - JimMockRestructured and updated by + + + Warren + Block + Originally contributed by + - + Putting information on paper is a vital function, despite many + attempts to eliminate it. Printing has two basic components. The + data must be delivered to the printer, and must be in a form that + the printer can understand. + + + Quick Start + + Basic printing can be set up quickly. The printer must be + capable of printing plain ASCII text. For + printing to other types of files, see + . + + + + Create a directory to store files while they are being + printed: + + &prompt.root; mkdir -p /var/spool/lpd/lp +&prompt.root; chown daemon:daemon /var/spool/lpd/lp +&prompt.root; chmod 770 /var/spool/lpd/lp + + + + As root, + create /etc/printcap with these + contents: + + lp:\ + :lp=/dev/unlpt0:\ + :sh:\ + :mx#0:\ + :sd=/var/spool/lpd/lp:\ + :lf=/var/log/lpd-errs: + + + + This line is for a printer connected to a + USB port. + + For a printer connected to a parallel or + printer port, use: + + :lp=/dev/lpt0:\ + + For a printer connected directly to a network, + use: + + :lp=:rm=network-printer-name:rp=raw:\ + + Replace + network-printer-name with the + DNS host name of the network + printer. + + + + + + Enable lpd by editing + /etc/rc.conf, adding this line: + + lpd_enable="YES" + + Start the service: + + &prompt.root; service lpd start +Starting lpd. + - - Synopsis + + Print a test: - LPD spooling system - printing + &prompt.root; printf "1. This printer can print.\n2. This is the second line.\n" | lpr + + + If both lines do not start at the left border, but + stairstep instead, see + . + - &os; can be used to print with a wide variety of printers, - from the oldest impact printer to the latest laser printers, - and everything in between, allowing you to produce high-quality - printed output from the applications you run. - - &os; can also be configured to act as a print server on a - network; in this capacity &os; can receive print jobs from a - variety of other computers, including other &os; computers, - &windows; and &macos; hosts. &os; will ensure that one job - at a time is printed, and can keep statistics on which users - and machines are doing the most printing, produce - banner pages showing whose printout is whose, - and more. - - After reading this chapter, you will know: - - - - How to configure the &os; print spooler. - - - - How to install print filters, to handle special print - jobs differently, including converting incoming documents - to print formats that your printers understand. - - - - How to enable header, or banner pages on your - printout. - - - - How to print with printers connected to other - computers. - - - - How to print with printers connected directly to the - network. - - - - How to control printer restrictions, including limiting - the size of print jobs, and preventing certain users from - printing. - - - - How to keep printer statistics, and account for printer - usage. - - - - How to troubleshoot printing problems. - - - - Before reading this chapter, you should: - - - - Know how to configure and install a new kernel - (). - - + Text files can now be printed with + lpr. Give the filename on the command + line, or pipe output directly into + lpr. + + &prompt.user; lpr textfile.txt +&prompt.user; ls -lh | lpr + + - - Introduction + + Printer Connections - In order to use printers with &os; you may set them up to - work with the Berkeley line printer spooling system, also known - as the LPD spooling system, or just - LPD. It is the standard printer - control system in &os;. This chapter introduces - LPD and will guide you through its - configuration. - - If you are already familiar with - LPD or another printer spooling - system, you may wish to skip to section Basic Setup. - - LPD controls everything about - a host's printers. It is responsible for a number of - things: - - - - It controls access to attached printers and printers - attached to other hosts on the network. - - - - It enables users to submit files to be printed; these - submissions are known as jobsprint jobs. - - - - It prevents multiple users from accessing a printer at - the same time by maintaining a queue - for each printer. - - - - It can print header pages (also - known as banner or - burst pages) so users can easily find - jobs they have printed in a stack of printouts. - - - - It takes care of communications parameters for printers - connected on serial ports. - - - - It can send jobs over the network to a - LPD spooler on another - host. - - - - It can run special filters to format jobs to be printed - for various printer languages or printer - capabilities. - - - - It can account for printer usage. - - - - Through a configuration file - (/etc/printcap), and by providing the - special filter programs, you can enable the - LPD system to do all or some subset - of the above for a great variety of printer hardware. + Printers are connected to computer systems in a variety of + ways. Small desktop printers are usually connected directly to + computer's USB port. Older printers are + connected to a parallel or printer port. Some + printers are directly connected to a network, making it easy for + multiple computers share them. A few printers use a much less + common serial port connection. - - Why You Should Use the Spooler + &os; can communicate with all of these types of + printers. - The spooler still provides benefit on a single-user system - and should be used because: + + + USB - - LPD prints jobs in the - background; you do not have to wait for data to be copied - to the printer. + USB printers can be connected to + any available USB port on the + computer. + + When &os; detects a USB printer, + two device entries are created: + /dev/ulpt0 and + /dev/unlpt0. Data sent to either + device will be relayed to the printer. After each print + job, ulpt0 resets the + USBport. Resetting the port can cause + problems with some printers, so the + unlpt0 device is used instead. + unlpt0 does not reset the USB port at + all. + - - LPD can conveniently run - a job to be printed through filters to add date/time - headers or convert a special file format (such as a &tex;&tex; - DVI file) into a format the printer will understand. - You will not have to do these steps manually. - + + Parallel (IEEE-1284) - Many free and commercial programs that provide a print - feature usually expect to talk to the spooler on your - system. By setting up the spooling system, you will more - easily support other software you may later add or already - have. + The parallel port device is + /dev/lpt0. This device appears + whether a printer is attached or not, it is not + autodetected. + + Vendors have largely moved away from these + legacy ports, and many computers no longer + have them. Adapters can be used to connect a parallel + printer to a USB port. With such an + adapter, the printer can be treated as if it were actually + a USB printer. Devices called + print servers can also be used to + connect parallel printers directly to a network. - - - - - - Basic Setup - - To use printers with the LPD - spooling system, you will need to set up both your printer - hardware and the LPD software. This - document describes two levels of setup: - - - - See section Simple - Printer Setup to learn how to connect a printer, - tell LPD how to communicate with - it, and print plain text files to the printer. - - - - See section Advanced - Printer Setup to learn how to print a variety of - special file formats, to print header pages, to print across - a network, to control access to printers, and to do printer - accounting. - - - - - Simple Printer Setup - - This section tells how to configure printer hardware - and the LPD software to use the - printer. It teaches the basics: + - - - Section Hardware - Setup gives some hints on connecting the printer - to a port on your computer. - + + Serial (RS-232) - Section Software - Setup shows how to set up the - LPD spooler configuration - file (/etc/printcap). + Serial ports are another legacy port, rarely used for + printers except in certain niche applications. Cables, + connectors, and required wiring vary widely. + + For serial ports built into a motherboard, the serial + device name is /dev/cuau0 or + /dev/cuau1. Serial + USB adapters can also be used, and + these will appear as + /dev/cuaU0. + + Several communication parameters must be known to + communicate with a serial printer. The most important are + baud rate and + parity. Values vary, but typical + serial printers often use a baud rate of 9600 and no + parity. - - - If you are setting up a printer that uses a network - protocol to accept data to print instead of a computer's local - interfaces, see Printers With - Networked Data Stream Interfaces. - - Although this section is called Simple Printer - Setup, it is actually fairly complex. Getting the - printer to work with your computer and the - LPD spooler is the hardest part. - The advanced options like header pages and accounting are - fairly easy once you get the printer working. - - - Hardware Setup - - This section tells about the various ways you can - connect a printer to your PC. It talks about the kinds of - ports and cables, and also the kernel configuration you may - need to enable &os; to speak to the printer. - - If you have already connected your printer and have - successfully printed with it under another operating system, - you can probably skip to section Software Setup. - - - Ports and Cables - - Printers sold for use on PC's today generally come - with one or more of the following three interfaces: - - - - Serialprintersserial interfaces, also known - as RS-232 or COM ports, use a serial port - on your computer to send data to the printer. Serial - interfaces are common in the computer industry and - cables are readily available and also easy to - construct. Serial interfaces sometimes need special - cables and might require you to configure somewhat - complex communications options. Most PC serial ports - have a maximum transmission rate of 115200 bps, - which makes printing large graphic print jobs with - them impractical. - - - - Parallelprintersparallel interfaces use a - parallel port on your computer to send data to the - printer. Parallel interfaces are common in the PC - market and are faster than RS-232 serial. Cables are - readily available but more difficult to construct by - hand. There are usually no communications options - with parallel interfaces, making their configuration - exceedingly simple. - - Parallel interfaces are sometimes known as - Centronicscentronicsparallel printers interfaces, named after the - connector type on the printer. - - - - USBprintersUSB interfaces, named for the Universal Serial - Bus, can run at even faster speeds than parallel or - RS-232 serial interfaces. Cables are simple and - cheap. USB is superior to RS-232 Serial and to - Parallel for printing, but it is not as well supported - under &unix; systems. A way to avoid this problem is - to purchase a printer that has both a USB interface - and a Parallel interface, as many printers do. - - - - In general, Parallel interfaces usually offer just - one-way communication (computer to printer) while serial - and USB gives you two-way. Newer parallel ports (EPP and - ECP) and printers can communicate in both directions under - &os; when a IEEE-1284-compliant cable is used. - - PostScript - - Two-way communication to the printer over a parallel - port is generally done in one of two ways. The first - method uses a custom-built printer driver for &os; that - speaks the proprietary language used by the printer. This - is common with inkjet printers and can be used for - reporting ink levels and other status information. The - second method is used when the printer supports - &postscript;. - - &postscript; jobs are actually programs sent to the - printer; they need not produce paper at all and may return - results directly to the computer. &postscript; also uses - two-way communication to tell the computer about problems, - such as errors in the &postscript; program or paper jams. - Your users may be appreciative of such information. - Furthermore, the best way to do effective accounting with - a &postscript; printer requires two-way communication: - you ask the printer for its page count (how many pages - it has printed in its lifetime), then send the user's job, - then ask again for its page count. Subtract the two - values and you know how much paper to charge to the - user. - - - - Parallel Ports - - To hook up a printer using a parallel interface, - connect the Centronics cable between the printer and the - computer. The instructions that came with the printer, - the computer, or both should give you complete - guidance. - - Remember which parallel port you used on the computer. - The first parallel port is - ppc0 to &os;; - the second is ppc1, and so on. The - printer device name uses the same scheme: - /dev/lpt0 for - the printer on the first parallel ports etc. - - - - Serial Ports - - To hook up a printer using a serial interface, connect - the proper serial cable between the printer and the - computer. The instructions that came with the printer, - the computer, or both should give you complete - guidance. - - If you are unsure what the proper serial - cable is, you may wish to try one of the - following alternatives: - - - - A modem cable connects each - pin of the connector on one end of the cable straight - through to its corresponding pin of the connector on - the other end. This type of cable is also known as a - DTE-to-DCE cable. - - - - A null-modem cablenull-modem cable connects - some pins straight through, swaps others (send data to - receive data, for example), and shorts some internally - in each connector hood. This type of cable is also - known as a DTE-to-DTE cable. - - - - A serial printer cable, - required for some unusual printers, is like the - null-modem cable, but sends some signals to their - counterparts instead of being internally - shorted. - - - - baud rate - parity - flow control - protocol - You should also set up the communications parameters - for the printer, usually through front-panel controls or - DIP switches on the printer. Choose the highest - bps (bits per second, sometimes - baud rate) that both your computer - and the printer can support. Choose 7 or 8 data bits; - none, even, or odd parity; and 1 or 2 stop bits. Also - choose a flow control protocol: either none, or XON/XOFF - (also known as in-band or - software) flow control. Remember these - settings for the software configuration that - follows. - - - - - Software Setup - - This section describes the software setup necessary - to print with the LPD spooling - system in &os;. - - Here is an outline of the steps involved: - - - - Configure your kernel, if necessary, for the port - you are using for the printer; section Kernel Configuration - tells you what you need to do. - - - - Set the communications mode for the parallel port, - if you are using a parallel port; section Setting the - Communication Mode for the Parallel Port gives - details. - - - - Test if the operating system can send data to the - printer. Section Checking Printer - Communications gives some suggestions on how to - do this. - - - - Set up LPD for the - printer by modifying the file - /etc/printcap. You will find out - how to do this later in this chapter. - - - - - Kernel Configuration - - The operating system kernel is compiled to work with - a specific set of devices. The serial or parallel - interface for your printer is a part of that set. - Therefore, it might be necessary to add support for an - additional serial or parallel port if your kernel is not - already configured for one. - - To find out if the kernel you are currently using - supports a serial interface, type: - - &prompt.root; grep sioN /var/run/dmesg.boot - - Where N is the number of - the serial port, starting from zero. If you see output - similar to the following: - - sio2 at port 0x3e8-0x3ef irq 5 on isa -sio2: type 16550A - - then the kernel supports the port. - - To find out if the kernel supports a parallel - interface, type: - - &prompt.root; grep ppcN /var/run/dmesg.boot - - Where N is the number of - the parallel port, starting from zero. If you see output - similar to the following: - - ppc0: <Parallel port> at port 0x378-0x37f irq 7 on isa0 -ppc0: SMC-like chipset (ECP/EPP/PS2/NIBBLE) in COMPATIBLE mode -ppc0: FIFO with 16/16/8 bytes threshold - - then the kernel supports the port. - - You might have to reconfigure your kernel in order - for the operating system to recognize and use the parallel - or serial port you are using for the printer. - - To add support for a serial port, see the section on - kernel configuration. To add support for a parallel port, - see that section and the section that - follows. - - - - - Setting the Communication Mode for the Parallel - Port - - When you are using the parallel interface, you can - choose whether &os; should use interrupt-driven or polled - communication with the printer. The generic printer - device driver (&man.lpt.4;) on &os; - uses the &man.ppbus.4; system, which controls the port - chipset with the &man.ppc.4; driver. - - - - The interrupt-driven method - is the default with the GENERIC kernel. With this - method, the operating system uses an IRQ line to - determine when the printer is ready for data. - - - - The polled method directs the - operating system to repeatedly ask the printer if it is - ready for more data. When it responds ready, the kernel - sends more data. - - - - The interrupt-driven method is usually somewhat faster - but uses up a precious IRQ line. Some newer HP printers - are claimed not to work correctly in interrupt mode, - apparently due to some (not yet exactly understood) timing - problem. These printers need polled mode. You should use - whichever one works. Some printers will work in both - modes, but are painfully slow in interrupt mode. - - You can set the communications mode in two ways: by - configuring the kernel or by using the &man.lptcontrol.8; - program. - - To set the communications mode by configuring - the kernel: - - - - Edit your kernel configuration file. Look for - an ppc0 entry. If you are setting up - the second parallel port, use ppc1 - instead. Use ppc2 for the third - port, and so on. - - - - If you want interrupt-driven mode, edit the - following line: - - hint.ppc.0.irq="N" - - in the /boot/device.hints - file and replace N with - the right IRQ number. The kernel configuration file - must also contain the &man.ppc.4; driver: - - device ppc - - - - If you want polled mode, remove in your - /boot/device.hints file, the - following line: - - hint.ppc.0.irq="N" - - In some cases, this is not enough to put the - port in polled mode under &os;. Most of - time it comes from &man.acpi.4; driver, this latter - is able to probe and attach devices, and therefore, - control the access mode to the printer port. You - should check your &man.acpi.4; configuration to - correct this problem. - - - - - - Save the file. Then configure, build, and install - the kernel, then reboot. See kernel configuration - for more details. - - - - To set the communications mode with - &man.lptcontrol.8;: - - - - Type: - - &prompt.root; lptcontrol -i -d /dev/lptN - - to set interrupt-driven mode for - lptN. - - - - Type: - - &prompt.root; lptcontrol -p -d /dev/lptN - - to set polled-mode for - lptN. - - - - You could put these commands in your - /etc/rc.local file to set the mode each - time your system boots. See &man.lptcontrol.8; for more - information. - - - - Checking Printer Communications - - Before proceeding to configure the spooling system, you - should make sure the operating system can successfully send - data to your printer. It is a lot easier to debug printer - communication and the spooling system separately. - - To test the printer, we will send some text to it. For - printers that can immediately print characters sent to them, - the program &man.lptest.1; is perfect: it generates all 96 - printable ASCII characters in 96 lines. - - PostScript - For a &postscript; (or other language-based) printer, we - will need a more sophisticated test. A small &postscript; - program, such as the following, will suffice: - - %!PS -100 100 moveto 300 300 lineto stroke -310 310 moveto /Helvetica findfont 12 scalefont setfont -(Is this thing working?) show -showpage - - The above &postscript; code can be placed into a file - and used as shown in the examples appearing in the following - sections. - - PCL - - When this document refers to a printer language, it - is assuming a language like &postscript;, and not Hewlett - Packard's PCL. Although PCL has great functionality, you - can intermingle plain text with its escape sequences. - &postscript; cannot directly print plain text, and that - is the kind of printer language for which we must make - special accommodations. - - - - Checking a Parallel Printer - - This section tells you how to check if &os; can - communicate with a printer connected to a parallelprintersparallel - port. - - To test a printer on a parallel - port: - - - - Become root with - &man.su.1;. - - - - Send data to the printer. - - - - If the printer can print plain text, then use - &man.lptest.1;. Type: - - &prompt.root; lptest > /dev/lptN - - Where N is the - number of the parallel port, starting from - zero. - - - - If the printer understands &postscript; or - other printer language, then send a small program - to the printer. Type: - - &prompt.root; cat > /dev/lptN - - Then, line by line, type the program - carefully as you cannot edit - a line once you have pressed - RETURN or - ENTER. When you have finished - entering the program, press - CONTROL+D, or whatever your - end of file key is. - - Alternatively, you can put the program in a - file and type: - - &prompt.root; cat file > /dev/lptN - - Where file is the - name of the file containing the program you want - to send to the printer. - - - - - - You should see something print. Do not worry if the - text does not look right; we will fix such things - later. - - - - Checking a Serial Printer - - - printers - serial - - This section tells you how to check if &os; can - communicate with a printer on a serial port. - - To test a printer on a serial - port: - - - - Become root with - &man.su.1;. - - - - Edit the file /etc/remote. - Add the following entry: - - printer:dv=/dev/port:br#bps-rate:pa=parity - - bits-per-second - serial port - parity - Where port is the - device entry for the serial port - (ttyu0, ttyu1, - etc.), bps-rate is the - bits-per-second rate at which the printer - communicates, and parity - is the parity required by the printer (either - even, odd, - none, or - zero). - - Here is a sample entry for a printer connected via - a serial line to the third serial port at - 19200 bps with no parity: - - printer:dv=/dev/ttyu2:br#19200:pa=none - - - - Connect to the printer with &man.tip.1;. - Type: - - &prompt.root; tip printer - - If this step does not work, edit the file - /etc/remote again and try using - /dev/cuaaN - instead of - /dev/ttyuN. - - - - Send data to the printer. - - - - If the printer can print plain text, then use - &man.lptest.1;. Type: - - &prompt.user; $lptest - - - - If the printer understands &postscript; or - other printer language, then send a small program - to the printer. Type the program, line by line, - very carefully as backspacing - or other editing keys may be significant to the - printer. You may also need to type a special - end-of-file key for the printer so it knows it - received the whole program. For &postscript; - printers, press - CONTROL+D. - - Alternatively, you can put the program in a - file and type: - - &prompt.user; >file - - Where file is the - name of the file containing the program. After - &man.tip.1; sends the file, press any required - end-of-file key. - - - - - *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Fri Apr 11 14:00:49 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0C7DC914; Fri, 11 Apr 2014 14:00:49 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id ED9271D2D; Fri, 11 Apr 2014 14:00:48 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3BE0mt3064243; Fri, 11 Apr 2014 14:00:48 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3BE0mH2064242; Fri, 11 Apr 2014 14:00:48 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404111400.s3BE0mH2064242@svn.freebsd.org> From: Dru Lavigne Date: Fri, 11 Apr 2014 14:00:48 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44530 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Apr 2014 14:00:49 -0000 Author: dru Date: Fri Apr 11 14:00:48 2014 New Revision: 44530 URL: http://svnweb.freebsd.org/changeset/doc/44530 Log: Add sentence regarding recursive difference between scp and cp. Submitted by: bjk Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Apr 11 13:48:55 2014 (r44529) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Apr 11 14:00:48 2014 (r44530) @@ -2538,7 +2538,10 @@ COPYRIGHT 100% |************* first argument and the destination to copy to is the second. Since the file is fetched over the network, one or more of the file arguments takes the form - . + . Be + aware when copying directories recursively that + scp uses , whereas + cp uses . To open an interactive session for copying files, use sftp. Refer to &man.sftp.1; for a list of From owner-svn-doc-all@FreeBSD.ORG Fri Apr 11 14:11:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8D9CCD30 for ; Fri, 11 Apr 2014 14:11:36 +0000 (UTC) Received: from nm38.bullet.mail.ne1.yahoo.com (nm38.bullet.mail.ne1.yahoo.com [98.138.229.31]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 49CCD1FD4 for ; Fri, 11 Apr 2014 14:11:35 +0000 (UTC) Received: from [127.0.0.1] by nm38.bullet.mail.ne1.yahoo.com with NNFMP; 11 Apr 2014 14:11:29 -0000 Received: from [98.138.100.118] by nm38.bullet.mail.ne1.yahoo.com with NNFMP; 11 Apr 2014 14:08:43 -0000 Received: from [216.39.60.167] by tm109.bullet.mail.ne1.yahoo.com with NNFMP; 11 Apr 2014 14:08:43 -0000 Received: from [216.39.60.231] by tm3.access.bullet.mail.gq1.yahoo.com with NNFMP; 11 Apr 2014 14:08:43 -0000 Received: from [127.0.0.1] by omp1002.access.mail.gq1.yahoo.com with NNFMP; 11 Apr 2014 14:08:43 -0000 X-Yahoo-Newman-Property: ymail-4 X-Yahoo-Newman-Id: 158611.52708.bm@omp1002.access.mail.gq1.yahoo.com Received: (qmail 27743 invoked by uid 60001); 11 Apr 2014 14:02:03 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=att.net; s=s1024; t=1397224923; bh=wMKQE61vDZ8qD3mftqoWVmVPyx+9jSRkzZekPbkITEg=; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=pNLjZ9oabfW+TEkGz29kANJb5B7E6Wh5HYPBvI6j5t1ZwJmsoYf0LdcBeRyJ3PFmG+8h8DQ38Dn4sZsPLWY6iZpyK5m+O8GiBaz7ZbBzDGJjtdiZYUkYBGTBNWziXx/sIUnb4oAW+7JOyhwoZUFJG8ub7ssdq3LBawVazJg1fYM= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=att.net; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=pti49OMtVzJ28CNfTqGJOr/qwFjRx74PHWO5q+uxnzlbPwhljghOikWZE5wrQ4PNZPZbOEQuOIfMwkvDL/2vc9ns8XPhoQVC4A6ddjrCHVFPtxC/zo8LJ/aX6g1GTqLlug3yCjruLpi+U3NwJJBNZHjBcASYUh+zxJTxSqHhgTs=; X-YMail-OSG: 0Os6RskVM1nMnjBu72ByYkxpgTMMOhF5NdulJ3KrGZU39tQ hvX2ohYk62C4yB.LmQn5iVr1ucBcdsa4ve8XmmnzhInuTe3S7oLQOA6efiRO 7l_Slsj2W.jnkoB4SguTpwuQRQqSfC.lhJbM.2H6ycJbgE60H.OaNOBs0cDa 4cQoVzF0v2hVLvtCaJ_u2dHBQaLMbY96dPTBVgrRH1pBo2QQgyQSGqMJQmfP b4baBFhkA1v80HjRg_vOlC7o4SoPsI0Lt1HJYjggnztLZ7_zzlZkY.7vj5AC rRG3.v0t3fZ6vldiYO985QUVKI6ckoIiJ3qk6cjVdRg.0br2fBK8U0SKhiWK gdwPCoOW5sux_Cy0aLkXqY_ss.7KTX71uWN716IMnN0SEFF8XVt5AvKKxspX OSjnIxm8fRNAOSjZZrRD44N6UL71Tl8dOHRr7Kgvs5bbnmh59OBzk1ZcLy5Y ShcwwcVEo4S.5E9F7bwEnYUO68_OvJtAL_vDHJjNgUm6naG5i.vtGJOKRwzp 44463Ew-- Received: from [99.98.83.69] by web184904.mail.gq1.yahoo.com via HTTP; Fri, 11 Apr 2014 07:02:03 PDT X-Rocket-MIMEInfo: 002.001, CgoKCi0tLS0tIE9yaWdpbmFsIE1lc3NhZ2UgLS0tLS0KPiBGcm9tOiBCZW5qYW1pbiBLYWR1ayA8a2FkdWtATUlULkVEVT4KPiBUbzogRHJ1IExhdmlnbmUgPGRydUBmcmVlYnNkLm9yZz4KPiBDYzogZG9jLWNvbW1pdHRlcnNAZnJlZWJzZC5vcmc7IHN2bi1kb2MtYWxsQGZyZWVic2Qub3JnOyBzdm4tZG9jLWhlYWRAZnJlZWJzZC5vcmcKPiBTZW50OiBUaHVyc2RheSwgQXByaWwgMTAsIDIwMTQgMzowNCBQTQo.IFN1YmplY3Q6IFJlOiBzdm4gY29tbWl0OiByNDQ1MjAgLSBoZWFkL2VuX1VTLklTTzg4NTktMS8BMAEBAQE- X-Mailer: YahooMailWebService/0.8.182.648 References: <201404101805.s3AI5XFJ061345@svn.freebsd.org> Message-ID: <1397224923.21440.YahooMailNeo@web184904.mail.gq1.yahoo.com> Date: Fri, 11 Apr 2014 07:02:03 -0700 (PDT) From: Dru Lavigne Subject: Re: svn commit: r44520 - head/en_US.ISO8859-1/books/handbook/security To: Benjamin Kaduk In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Cc: "svn-doc-head@freebsd.org" , "svn-doc-all@freebsd.org" , "doc-committers@freebsd.org" X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list Reply-To: Dru Lavigne List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Apr 2014 14:11:36 -0000 =0A=0A=0A=0A----- Original Message -----=0A> From: Benjamin Kaduk =0A> To: Dru Lavigne =0A> Cc: doc-committers@freebsd= .org; svn-doc-all@freebsd.org; svn-doc-head@freebsd.org=0A> Sent: Thursday,= April 10, 2014 3:04 PM=0A> Subject: Re: svn commit: r44520 - head/en_US.IS= O8859-1/books/handbook/security=0A> =0A> On Thu, 10 Apr 2014, Dru Lavigne w= rote:=0A> =0A>> Modified: head/en_US.ISO8859-1/books/handbook/security/cha= pter.xml=0A>> =0A> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=0A>> --- head/en_US.ISO8859-1/books/handboo= k/security/chapter.xml=A0=A0=A0 Thu Apr 10 =0A> 16:57:57 2014=A0=A0=A0 (r44= 519)=0A>> +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml=A0= =A0=A0 Thu Apr 10 =0A> 18:05:32 2014=A0=A0=A0 (r44520)=0A>> @@ -2464,34 +2= 469,39 @@ =0A> racoon_enable=3D"yes"=0A>> =A0=A0=A0 client=0A>> =A0 =A0 =A0 =0A>> =0A>> -=A0 = =A0 =A0 To use &man.ssh.1; to connect to a system running=0A>> -=A0= =A0=A0 &man.sshd.8;, specify the username and host to log=0A>> -=A0=A0=A0 = into:=0A>> +=A0 =A0 =A0 To log into a SSH = server, =0A> use=0A>> +=A0=A0=A0 ssh and specify a user= name that exists =0A> on=0A>> +=A0=A0=A0 that server and the IP address or =0A> hostname=0A>> +=A0=A0=A0 of the server.=A0 If thi= s is the first time a connection has=0A>> +=A0=A0=A0 been made to the spec= ified server, the user will be prompted=0A>> +=A0=A0=A0 to first verify th= e server's fingerprint:=0A> =0A> There are a few cases where the use= r will not be prompted to verify the =0A> server's fingerprint on the first= connection (and also some where the user =0A> will be prompted on not-the-= first connection).=A0 They are probably uncommon =0A> enough that we don't = need to document them, but for the record, the ones I =0A> can think of are= :=0A> =0A> Successful GSSAPIKeyExchange will avoid the need for a prompt=0A= > =0A> VerifyHostKeyDNS in ssh_config in combination with SSHFP records fro= m =0A> DNSSEC can be configured to validate the key without prompting the u= ser=0A> =0A> If there is a software upgrade on either client or server such= that the =0A> negotiated key-exchange algorithm changes (e.g., from RSA to= ECDSA), the =0A> user will be re-prompted for the new key, even though an = old key for a =0A> different mechanism is saved.=0A> =0A>> +=A0 =A0 =A0 Since the fingerprint was already verified for this =0A> host,=0A>> += =A0=A0=A0 the server's key is automatically checked before prompting for=0A= >> +=A0=A0=A0 the user's password.=0A>> +=0A>> +=A0 =A0 =A0 The arguments passed to =0A> scp are similar to=0A>> += =A0=A0=A0 cp.=A0 The file or files to copy is the =0A> f= irst=0A> =0A> It is probably worth noting a glaring discrepancy between scp= (1) and =0A> cp(1)'s arguments, here, namely with respect to recursive copi= es.=A0 scp =0A> takes -r, but cp takes -R.=0A> =0A>> +=A0=A0=A0 argument a= nd the destination to copy to is the second.=A0 Since the file=0A>> +=A0= =A0=A0 is fetched over the network, one or more of the file=0A>> =A0=A0=A0= arguments takes the form=0A>> =A0=A0=A0 =0A> .=0A>> =0A> [...]=0A>> +=A0 =A0 =A0 =A0 <= para>Instead of using passwords, a client can be configured=0A>> +=A0=A0= =A0 =A0 to connect to the remote machine=0A>> +=A0=A0=A0 =A0 using keys in= stead of=0A>> +=A0=A0=A0 =A0 passwords.=A0 To generate DSA or=0A> =0A> "instead of [using] passwords" is duplicated in this senten= ce.=0A=0A=0AThanks! See r44530 and r44521.=0A=0ACheers,=0A=0ADru=0A From owner-svn-doc-all@FreeBSD.ORG Fri Apr 11 15:47:39 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1CC5B766; Fri, 11 Apr 2014 15:47:39 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F153E19E0; Fri, 11 Apr 2014 15:47:38 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3BFlcNr011872; Fri, 11 Apr 2014 15:47:38 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3BFlccV011871; Fri, 11 Apr 2014 15:47:38 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404111547.s3BFlccV011871@svn.freebsd.org> From: Dru Lavigne Date: Fri, 11 Apr 2014 15:47:38 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44531 - head/en_US.ISO8859-1/books/handbook/geom X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Apr 2014 15:47:39 -0000 Author: dru Date: Fri Apr 11 15:47:38 2014 New Revision: 44531 URL: http://svnweb.freebsd.org/changeset/doc/44531 Log: Editorial review of Synopsis/Introduction and RAID0 sections. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Fri Apr 11 14:00:48 2014 (r44530) +++ head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Fri Apr 11 15:47:38 2014 (r44531) @@ -26,31 +26,34 @@ Synopsis - GEOM + GEOM - GEOM Disk Framework - GEOM + GEOM Disk Framework + GEOM - This chapter covers the use of disks under the GEOM - framework in &os;. This includes the major RAID + In &os;, the GEOM framework permits access and control to classes, such as Master + Boot Records and BSD labels, through the use + of providers, or the disk devices in /dev. + By supporting various software RAID + configurations, GEOM transparently provides access to the + operating system and operating system utilities. + + This chapter covers the use of disks under the GEOM + framework in &os;. This includes the major RAID control utilities which use the framework for configuration. - This chapter will not go into in depth discussion on how GEOM - handles or controls I/O, the underlying subsystem, or code. - This information is provided in &man.geom.4; and its various - SEE ALSO references. This chapter is also + This chapter is not a definitive guide to RAID configurations - and only GEOM-supported RAID classifications - will be discussed. + and only GEOM-supported RAID classifications + are discussed. After reading this chapter, you will know: What type of RAID support is - available through GEOM. + available through GEOM. @@ -61,11 +64,11 @@ How to mirror, stripe, encrypt, and remotely connect - disk devices through GEOM. + disk devices through GEOM. - How to troubleshoot disks attached to the GEOM + How to troubleshoot disks attached to the GEOM framework. @@ -74,28 +77,17 @@ - Understand how &os; treats disk - devices. + Understand how &os; treats disk devices (). - Know how to configure and install a new - &os; kernel. + Know how to configure and install a new kernel + (. - - GEOM Introduction - - GEOM permits access and control to classes, such as Master - Boot Records and BSD labels, through the use - of providers, or the special files in /dev. - By supporting various software RAID - configurations, GEOM transparently provides access to the - operating system and operating system utilities. - - RAID0 - Striping @@ -119,30 +111,29 @@ - GEOM + GEOM Striping - Striping combine several disk drives into a single volume. - In many cases, this is done through the use of hardware - controllers. The GEOM disk subsystem provides software support - for RAID0, also known as disk - striping. - - In a RAID0 system, data is split into - blocks that get written across all the drives in the array. - Instead of having to wait on the system to write 256k to one - disk, a RAID0 system can simultaneously write - 64k to each of four different disks, offering superior I/O + Striping combines several disk drives into a single volume. + Striping can be performed through the use of hardware + RAID controllers. The + GEOM disk subsystem provides software support + for disk striping, also known as RAID0, + without the need for a RAID disk + controller. + + In RAID0, data is split into + blocks that are written across all the drives in the array. As + seen in the following illustration, + instead of having to wait on the system to write 256k to one + disk, RAID0 can simultaneously write + 64k to each of the four disks in the array, offering superior I/O performance. This performance can be enhanced further by using multiple disk controllers. - - Each disk in a RAID0 stripe must be of - the same size, since I/O requests are interleaved to read or - write to multiple disks in parallel. - + @@ -153,8 +144,26 @@ + Each disk in a RAID0 stripe must be of + the same size, since I/O requests are interleaved to read or + write to multiple disks in parallel. + + + RAID0 does not + provide any redundancy. This means that if one disk in the + array fails, all of the data on the disks is lost. If the + data is important, implement a backup strategy that regularly + saves backups to a remote system or device. + + + The process for creating a software, + GEOM-based RAID0 on a &os; + system using commodity disks is as follows. Once the stripe is + created, refer to &man.gstripe..8; for more information on how + to control an existing stripe. + - Creating a Stripe of Unformatted ATA Disks + Creating a Stripe of Unformatted <acronym>ATA</acronym> Disks Load the geom_stripe.ko @@ -167,9 +176,7 @@ Ensure that a suitable mount point exists. If this volume will become a root partition, then temporarily use another mount point such as - /mnt: - - &prompt.root; mkdir /mnt + /mnt. @@ -199,8 +206,8 @@ Done. /dev/stripe in addition to st0. Those include st0a and - st0c. At this point, a file system - may be created on st0a using + st0c. At this point, a UFS file system + can be created on st0a using newfs: &prompt.root; newfs -U /dev/stripe/st0a @@ -209,12 +216,14 @@ Done. few seconds, the process will be complete. The volume has been created and is ready to be mounted. - + To manually mount the created disk stripe: &prompt.root; mount /dev/stripe/st0a /mnt + + To mount this striped file system automatically during the boot process, place the volume information in /etc/fstab. In this example, a permanent @@ -224,19 +233,23 @@ Done. &prompt.root; mkdir /stripe &prompt.root; echo "/dev/stripe/st0a /stripe ufs rw 2 2" \ >> /etc/fstab + + The geom_stripe.ko module must also be automatically loaded during system initialization, by adding a line to /boot/loader.conf: &prompt.root; echo 'geom_stripe_load="YES"' >> /boot/loader.conf + + RAID1 - Mirroring - GEOM + GEOM Disk Mirroring @@ -856,7 +869,7 @@ mountroot> - GEOM + GEOM Software RAID Devices @@ -1193,7 +1206,7 @@ raid/r0 OPTIMAL ada0 (ACTIVE (ACTIVE)) - GEOM + GEOM RAID3 @@ -1325,9 +1338,9 @@ Done. - GEOM Gate Network Devices + <acronym>GEOM</acronym> Gate Network Devices - GEOM supports the remote use of devices, such as disks, + GEOM supports the remote use of devices, such as disks, CD-ROMs, and files through the use of the gate utilities. This is similar to NFS. @@ -1373,7 +1386,7 @@ ggate0 Labeling Disk Devices - GEOM + GEOM Disk Labels @@ -1579,10 +1592,10 @@ ufsid/486b6fc16926168e N/A ad4s1f - UFS Journaling Through GEOM + UFS Journaling Through <acronym>GEOM</acronym> - GEOM + GEOM Journaling From owner-svn-doc-all@FreeBSD.ORG Fri Apr 11 15:50:20 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5C9E895A; Fri, 11 Apr 2014 15:50:20 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 499ED1A8C; Fri, 11 Apr 2014 15:50:20 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3BFoKK0013069; Fri, 11 Apr 2014 15:50:20 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3BFoKWn013067; Fri, 11 Apr 2014 15:50:20 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201404111550.s3BFoKWn013067@svn.freebsd.org> From: Ryusuke SUZUKI Date: Fri, 11 Apr 2014 15:50:20 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44532 - head/ja_JP.eucJP/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Apr 2014 15:50:20 -0000 Author: ryusuke Date: Fri Apr 11 15:50:19 2014 New Revision: 44532 URL: http://svnweb.freebsd.org/changeset/doc/44532 Log: - Merge the following from the English version: r44209 -> r44519 head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml ============================================================================== --- head/ja_JP.eucJP/share/xml/news.xml Fri Apr 11 15:47:38 2014 (r44531) +++ head/ja_JP.eucJP/share/xml/news.xml Fri Apr 11 15:50:19 2014 (r44532) @@ -20,7 +20,7 @@ the contents of will be preferred over <p>. $FreeBSD$ - Original revision: r44209 + Original revision: r44519 --> <news> <cvs:keyword xmlns:cvs="http://www.FreeBSD.org/XML/CVS"> @@ -31,6 +31,18 @@ <name>2014</name> <month> + <name>4</name> + + <day> + <name>7</name> + <event> + <p>新コミッタ就任: + <a href="mailto:xmj@FreeBSD.org">Johannes Jost Meixner</a> (ports)</p> + </event> + </day> + </month> + + <month> <name>3</name> <day> From owner-svn-doc-all@FreeBSD.ORG Fri Apr 11 16:07:33 2014 Return-Path: <owner-svn-doc-all@FreeBSD.ORG> Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 226A839F; Fri, 11 Apr 2014 16:07:33 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E85A81C43; Fri, 11 Apr 2014 16:07:32 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3BG7WIg020618; Fri, 11 Apr 2014 16:07:32 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3BG7WbD020617; Fri, 11 Apr 2014 16:07:32 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404111607.s3BG7WbD020617@svn.freebsd.org> From: Warren Block <wblock@FreeBSD.org> Date: Fri, 11 Apr 2014 16:07:32 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44533 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" <svn-doc-all.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/svn-doc-all/> List-Post: <mailto:svn-doc-all@freebsd.org> List-Help: <mailto:svn-doc-all-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=subscribe> X-List-Received-Date: Fri, 11 Apr 2014 16:07:33 -0000 Author: wblock Date: Fri Apr 11 16:07:32 2014 New Revision: 44533 URL: http://svnweb.freebsd.org/changeset/doc/44533 Log: Clarify usage of GELI rc.d script. PR: docs/187321 Reviewed by: Allan Jude and mat@ on IRC Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Fri Apr 11 15:50:19 2014 (r44532) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Fri Apr 11 16:07:32 2014 (r44533) @@ -3126,8 +3126,8 @@ Filesystem Size Used Avail Capaci geli_da2_flags="-p -k /root/da2.key"</programlisting> <para>This configures <filename>/dev/da2</filename> as a - <command>geli</command> provider of which the master key - file is located in <filename>/root/da2.key</filename>. + <command>geli</command> provider with a master key + file of <filename>/root/da2.key</filename>. <command>geli</command> will not use a passphrase when attaching to the provider if <option>-P</option> was given during the @@ -3135,6 +3135,26 @@ geli_da2_flags="-p -k /root/da2.key"</pr the <command>geli</command> provider from the kernel before the system shuts down.</para> + <note> + <para>During the startup process, scripts prompt for the + passphrase before attaching the <acronym>GELI</acronym> + provider. Other kernel messages might be shown before and + after the password prompt. If the boot process seems to + stall, look carefully for the password prompt among the + other messages.</para> + + <para>When the correct password is given, the provider is + attached. A consumer, like a file system, is then mounted + on the provider, typically by an entry in + <filename>/etc/fstab</filename> (see + &man.fstab.5;).</para> + + <para>Later in the startup process, &os; configures + <acronym>GELI</acronym> providers to automatically detach. + <acronym>GELI</acronym> providers without any consumers + will detach at that time.</para> + </note> + <para>More information about configuring <filename>rc.d</filename> is provided in the <link linkend="configtuning-rcd">rc.d</link> section of the From owner-svn-doc-all@FreeBSD.ORG Fri Apr 11 16:09:56 2014 Return-Path: <owner-svn-doc-all@FreeBSD.ORG> Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A8403780; Fri, 11 Apr 2014 16:09:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 94BBA1C8F; Fri, 11 Apr 2014 16:09:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3BG9uTS020899; Fri, 11 Apr 2014 16:09:56 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3BG9uFk020898; Fri, 11 Apr 2014 16:09:56 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404111609.s3BG9uFk020898@svn.freebsd.org> From: Dru Lavigne <dru@FreeBSD.org> Date: Fri, 11 Apr 2014 16:09:56 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44534 - head/en_US.ISO8859-1/books/handbook/geom X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" <svn-doc-all.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/svn-doc-all/> List-Post: <mailto:svn-doc-all@freebsd.org> List-Help: <mailto:svn-doc-all-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=subscribe> X-List-Received-Date: Fri, 11 Apr 2014 16:09:56 -0000 Author: dru Date: Fri Apr 11 16:09:56 2014 New Revision: 44534 URL: http://svnweb.freebsd.org/changeset/doc/44534 Log: Fix build. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Fri Apr 11 16:07:32 2014 (r44533) +++ head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Fri Apr 11 16:09:56 2014 (r44534) @@ -159,7 +159,7 @@ <para>The process for creating a software, <acronym>GEOM</acronym>-based <acronym>RAID0</acronym> on a &os; system using commodity disks is as follows. Once the stripe is - created, refer to &man.gstripe..8; for more information on how + created, refer to &man.gstripe.8; for more information on how to control an existing stripe.</para> <procedure> From owner-svn-doc-all@FreeBSD.ORG Fri Apr 11 16:46:10 2014 Return-Path: <owner-svn-doc-all@FreeBSD.ORG> Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DF317BDF; Fri, 11 Apr 2014 16:46:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CB8981260; Fri, 11 Apr 2014 16:46:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3BGkAQ9037384; Fri, 11 Apr 2014 16:46:10 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3BGkArk037383; Fri, 11 Apr 2014 16:46:10 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201404111646.s3BGkArk037383@svn.freebsd.org> From: Mathieu Arnold <mat@FreeBSD.org> Date: Fri, 11 Apr 2014 16:46:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44535 - head/en_US.ISO8859-1/books/porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" <svn-doc-all.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/svn-doc-all/> List-Post: <mailto:svn-doc-all@freebsd.org> List-Help: <mailto:svn-doc-all-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=subscribe> X-List-Received-Date: Fri, 11 Apr 2014 16:46:10 -0000 Author: mat (ports committer) Date: Fri Apr 11 16:46:10 2014 New Revision: 44535 URL: http://svnweb.freebsd.org/changeset/doc/44535 Log: Add a bit about USE_GITHUB. Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Fri Apr 11 16:09:56 2014 (r44534) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Fri Apr 11 16:46:10 2014 (r44535) @@ -1754,6 +1754,119 @@ MASTER_SITE_SUBDIR= stardict/WyabdcRealP </tbody> </tgroup> </table> + + <sect3 xml:id="makefile-master_sites-github"> + <title><varname>USE_GITHUB</varname> + + If the distribution file comes from a specific commit or + tag on GitHub + for which there is no officially released file, there is an + easy way to set the right DISTNAME and + MASTER_SITES automatically. These + variables are available: + + + <varname>USE_GITHUB</varname> Description + + + + + Variable + Description + Default + Mandatory + + + + + + GH_ACCOUNT + Account name of the GitHub user hosting the + project + none + Mandatory + + + + GH_PROJECT + Name of the project on GitHub + ${PORTNAME} + + + + + GH_TAGNAME + Name of the tag to download (2.0.1, hash, ...) + Using the name of a branch here is incorrect. It is + possible to do + GH_TAGNAME=${GH_COMMIT} to do a + snapshot + ${DISTVERSION} + + + + GH_COMMIT + first 7 digits of the commit that generated + GH_TAGNAME (see + git-describe(1)) + none + Mandatory + + + +
        + + + Simple Use of <varname>USE_GITHUB</varname> + + While trying to make a port for version + 1.2.7 of pkg + from the &os; user on github, at , The + Makefile would end up looking like + this (slightly stripped for the example): + + PORTNAME= pkg +PORTVERSION= 1.2.7 + +USE_GITHUB= yes +GH_ACCOUNT= freebsd +GH_COMMIT= f53e577 + + It will automatically have + MASTER_SITES set to GH + GHC and WRKSRC to + ${WRKDIR}/freebsd-pkg-f53e577. + + + + More Complete Use of + <varname>USE_GITHUB</varname> + + While trying to make a port for the bleeding edge + version of pkg from the &os; + user on github, at , The + Makefile would end up looking like + this (slightly stripped for the example): + + PORTNAME= pkg-devel +PORTVERSION= 1.3.0.a.20140411 + +USE_GITHUB= yes +GH_ACCOUNT= freebsd +GH_PROJECT= pkg +GH_TAGNAME= ${GH_COMMIT} +GH_COMMIT= 6dbb17b + + It will automatically have + MASTER_SITES set to GH + GHC and WRKSRC to + ${WRKDIR}/freebsd-pkg-6dbb17b. + + + From owner-svn-doc-all@FreeBSD.ORG Fri Apr 11 16:47:04 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 54140C48; Fri, 11 Apr 2014 16:47:04 +0000 (UTC) Received: from dmz-mailsec-scanner-7.mit.edu (dmz-mailsec-scanner-7.mit.edu [18.7.68.36]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8E89D1270; Fri, 11 Apr 2014 16:47:03 +0000 (UTC) X-AuditID: 12074424-f79e26d000000c70-04-53481b5231c5 Received: from mailhub-auth-1.mit.edu ( [18.9.21.35]) (using TLS with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-7.mit.edu (Symantec Messaging Gateway) with SMTP id 52.C2.03184.25B18435; Fri, 11 Apr 2014 12:41:54 -0400 (EDT) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-1.mit.edu (8.13.8/8.9.2) with ESMTP id s3BGfrS3012434; Fri, 11 Apr 2014 12:41:53 -0400 Received: from multics.mit.edu (system-low-sipb.mit.edu [18.187.2.37]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id s3BGfpee031841 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 11 Apr 2014 12:41:52 -0400 Received: (from kaduk@localhost) by multics.mit.edu (8.12.9.20060308) id s3BGfoCR018407; Fri, 11 Apr 2014 12:41:50 -0400 (EDT) Date: Fri, 11 Apr 2014 12:41:50 -0400 (EDT) From: Benjamin Kaduk To: Dru Lavigne Subject: Re: svn commit: r44524 - head/en_US.ISO8859-1/books/handbook/security In-Reply-To: <201404102037.s3AKb52d024905@svn.freebsd.org> Message-ID: References: <201404102037.s3AKb52d024905@svn.freebsd.org> User-Agent: Alpine 1.10 (GSO 962 2008-03-14) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrAIsWRmVeSWpSXmKPExsUixCmqrBsk7RFs8OQqq8WPj4eYLLqaVC1u LNrPZLG7v5fZgcVjxqf5LAGMUVw2Kak5mWWpRfp2CVwZP6/tYyq4wVGxf71fA+M89i5GTg4J AROJpwcXMEPYYhIX7q1n62Lk4hASmM0kMenFZXYIZyOjxI73k5ggnENMEn9vvGOBcBoYJVav +Qk2i0VAW6J5818wm01ARWLmm41sILaIgKLE0697GUFsZoEoiT1LG1lBbGGBAIm/HYdYQGxO ASuJaz+Wg9m8Ao4SX2e0A93EAbTAUuLnRC6QsKiAjsTq/VOgSgQlTs58wgIx0lLi3J/rbBMY BWchSc1CklrAyLSKUTYlt0o3NzEzpzg1Wbc4OTEvL7VI11wvN7NELzWldBMjKGDZXVR2MDYf UjrEKMDBqMTDe+CSW7AQa2JZcWXuIUZJDiYlUd4Lkh7BQnxJ+SmVGYnFGfFFpTmpxYcYJTiY lUR4N111DxbiTUmsrEotyodJSXOwKInzvrW2ChYSSE8sSc1OTS1ILYLJynBwKEnwqkoBDRUs Sk1PrUjLzClBSDNxcIIM5wEaHgJSw1tckJhbnJkOkT/FqCglznsL5CIBkERGaR5cLyyhvGIU B3pFmFcbpJ0HmIzgul8BDWYCGnxpMsjVxSWJCCmpBsbwK5VVihrNl5Zv4fjD6JN0wULIUFG9 wVKZT9ox6Ln1/7puix0yO6pnfRFSm1v7uF7F5V4cZ+OVz618ytPf+k8OKpoS3L4gO27tiuOz DGoMA2QUr6maWJ3cEyBo/5dl3i/3J86rEyR0T1ZV2k/o8MxeVCqQutpotY+fEGuYS2zHV+WP 8UsnKrEUZyQaajEXFScCADz/aMEDAwAA Cc: svn-doc-head@freebsd.org, svn-doc-all@freebsd.org, doc-committers@freebsd.org X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Apr 2014 16:47:04 -0000 On Thu, 10 Apr 2014, Dru Lavigne wrote: > Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml > ============================================================================== > --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu Apr 10 20:15:39 2014 (r44523) > +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu Apr 10 20:37:05 2014 (r44524) > > + The first time sshd starts on a > + &os; system, the system's host keys will be automatically > + created and the fingerprint will be displayed on the console. > + Provide users with the fingerprint so that they can verify it > + the first time they connect to the server. I wonder if any readers will think that they need to save this fingerprint from the first startup (as if it would not be retrievable later). On the other hand, talking about 'ssh-keygen -l -f /etc/ssh/ssh_host_ecdsa_key.pub' is not really appropriate here, I think. I don't think this text necessarily has to change, though; it was just a thought that occurred to me. -Ben From owner-svn-doc-all@FreeBSD.ORG Fri Apr 11 17:06:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DA3548F5; Fri, 11 Apr 2014 17:06:12 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C5AE914CA; Fri, 11 Apr 2014 17:06:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3BH6CkO046159; Fri, 11 Apr 2014 17:06:12 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3BH6CJN046158; Fri, 11 Apr 2014 17:06:12 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404111706.s3BH6CJN046158@svn.freebsd.org> From: Dru Lavigne Date: Fri, 11 Apr 2014 17:06:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44536 - head/en_US.ISO8859-1/books/handbook/geom X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Apr 2014 17:06:12 -0000 Author: dru Date: Fri Apr 11 17:06:12 2014 New Revision: 44536 URL: http://svnweb.freebsd.org/changeset/doc/44536 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Fri Apr 11 16:46:10 2014 (r44535) +++ head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Fri Apr 11 17:06:12 2014 (r44536) @@ -33,20 +33,21 @@ GEOM         - In &os;, the GEOM framework permits access and control to classes, such as Master - Boot Records and BSD labels, through the use - of providers, or the disk devices in /dev. - By supporting various software RAID - configurations, GEOM transparently provides access to the + In &os;, the GEOM framework permits + access and control to classes, such as Master Boot Records and + BSD labels, through the use of providers, or + the disk devices in /dev. By supporting + various software RAID configurations, + GEOM transparently provides access to the operating system and operating system utilities. - This chapter covers the use of disks under the GEOM - framework in &os;. This includes the major RAID - control utilities which use the framework for configuration. - This chapter is - not a definitive guide to RAID configurations - and only GEOM-supported RAID classifications - are discussed. + This chapter covers the use of disks under the + GEOM framework in &os;. This includes the + major RAID control utilities which use the + framework for configuration. This chapter is not a definitive + guide to RAID configurations and only + GEOM-supported RAID + classifications are discussed. After reading this chapter, you will know: @@ -68,8 +69,8 @@ - How to troubleshoot disks attached to the GEOM - framework. + How to troubleshoot disks attached to the + GEOM framework. @@ -82,8 +83,8 @@ - Know how to configure and install a new kernel - (. + Know how to configure and install a new kernel (.         @@ -122,18 +123,18 @@ RAID controllers. The GEOM disk subsystem provides software support for disk striping, also known as RAID0, - without the need for a RAID disk + without the need for a RAID disk controller.         - In RAID0, data is split into - blocks that are written across all the drives in the array. As - seen in the following illustration, - instead of having to wait on the system to write 256k to one - disk, RAID0 can simultaneously write - 64k to each of the four disks in the array, offering superior I/O - performance. This performance can be enhanced further by using - multiple disk controllers. - + In RAID0, data is split into blocks that + are written across all the drives in the array. As seen in the + following illustration, instead of having to wait on the system + to write 256k to one disk, RAID0 can + simultaneously write 64k to each of the four disks in the array, + offering superior I/O performance. This + performance can be enhanced further by using multiple disk + controllers. + @@ -145,11 +146,12 @@ Each disk in a RAID0 stripe must be of - the same size, since I/O requests are interleaved to read or - write to multiple disks in parallel. + the same size, since I/O requests are + interleaved to read or write to multiple disks in + parallel. - RAID0 does not + RAID0 does not provide any redundancy. This means that if one disk in the array fails, all of the data on the disks is lost. If the data is important, implement a backup strategy that regularly @@ -163,7 +165,8 @@ to control an existing stripe. - Creating a Stripe of Unformatted <acronym>ATA</acronym> Disks + Creating a Stripe of Unformatted <acronym>ATA</acronym> + Disks Load the geom_stripe.ko @@ -203,11 +206,11 @@ Done. This process should create two other devices in - /dev/stripe in - addition to st0. Those include - st0a and - st0c. At this point, a UFS file system - can be created on st0a using + /dev/stripe in addition to + st0. Those include + st0a and st0c. At + this point, a UFS file system can be + created on st0a using newfs: &prompt.root; newfs -U /dev/stripe/st0a @@ -218,30 +221,31 @@ Done. - To manually mount the created disk stripe: + To manually mount the created disk stripe: - &prompt.root; mount /dev/stripe/st0a /mnt + &prompt.root; mount /dev/stripe/st0a /mnt - To mount this striped file system automatically during the - boot process, place the volume information in - /etc/fstab. In this example, a permanent - mount point, named stripe, is - created: + To mount this striped file system automatically during + the boot process, place the volume information in + /etc/fstab. In this example, a + permanent mount point, named stripe, is + created: - &prompt.root; mkdir /stripe + &prompt.root; mkdir /stripe &prompt.root; echo "/dev/stripe/st0a /stripe ufs rw 2 2" \ - >> /etc/fstab - +>> /etc/fstab + - - The geom_stripe.ko module must also be - automatically loaded during system initialization, by adding a - line to /boot/loader.conf: + + The geom_stripe.ko module must also + be automatically loaded during system initialization, by + adding a line to + /boot/loader.conf: - &prompt.root; echo 'geom_stripe_load="YES"' >> /boot/loader.conf - + &prompt.root; echo 'geom_stripe_load="YES"' >> /boot/loader.conf +         @@ -1340,9 +1344,9 @@ Done. <acronym>GEOM</acronym> Gate Network Devices - GEOM supports the remote use of devices, such as disks, - CD-ROMs, and files through the use of the gate utilities. - This is similar to NFS. + GEOM supports the remote use of devices, + such as disks, CD-ROMs, and files through the use of the gate + utilities. This is similar to NFS. To begin, an exports file must be created. This file specifies who is permitted to access the exported resources and From owner-svn-doc-all@FreeBSD.ORG Fri Apr 11 21:48:20 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 78186FE3; Fri, 11 Apr 2014 21:48:20 +0000 (UTC) Received: from prod2.absolight.net (mx3.absolight.net [IPv6:2a01:678:2:100::25]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "plouf.absolight.net", Issuer "CAcert Class 3 Root" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 369FA1230; Fri, 11 Apr 2014 21:48:20 +0000 (UTC) Received: from prod2.absolight.net (localhost [127.0.0.1]) by prod2.absolight.net (Postfix) with ESMTP id C2A02BDC68; Fri, 11 Apr 2014 23:48:14 +0200 (CEST) Received: from atuin.in.mat.cc (atuin.in.mat.cc [79.143.241.205]) by prod2.absolight.net (Postfix) with ESMTPA id 9CA3EBDC65; Fri, 11 Apr 2014 23:48:14 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by atuin.in.mat.cc (Postfix) with ESMTP id DC063D374D34; Fri, 11 Apr 2014 23:48:12 +0200 (CEST) Date: Fri, 11 Apr 2014 23:48:09 +0200 From: Mathieu Arnold To: koobs@FreeBSD.org, Brad Davis , doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org, Baptiste Daroussin Subject: Re: svn commit: r44526 - head/en_US.ISO8859-1/books/handbook/ports Message-ID: <82DBCD124724B04674ECA686@atuin.in.mat.cc> In-Reply-To: <5347A471.40505@FreeBSD.org> References: <201404102240.s3AMegKL079270@svn.freebsd.org> <5347A471.40505@FreeBSD.org> X-Mailer: Mulberry/4.0.8 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Apr 2014 21:48:20 -0000 +--On 11 avril 2014 18:14:41 +1000 Kubilay Kocak wrote: | On 11/04/2014 8:40 AM, Brad Davis wrote: |> Author: brd |> Date: Thu Apr 10 22:40:41 2014 |> New Revision: 44526 |> URL: http://svnweb.freebsd.org/changeset/doc/44526 |> |> Log: |> - Add the pkgng verison of listing out of date ports. |> |> Modified: |> head/en_US.ISO8859-1/books/handbook/ports/chapter.xml |> |> Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml |> ======================================================================== |> ====== --- head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Thu Apr |> 10 20:52:23 2014 (r44525) +++ |> head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Thu Apr 10 |> 22:40:41 2014 (r44526) @@ -1298,9 +1298,16 @@ The deinstallation will |> free 229 kB To determine if newer versions of installed ports are |> available, ensure that the latest version of the ports tree is |> installed, using the updating command described in either |> - Procedure 5.1 or Procedure 5.2. Then, run this command to |> - get a listing of the ports which are older than the currently |> - available version: |> + Procedure 5.1 or Procedure 5.2. On &os; 10 and later, or if |> + the system has been converted to |> + pkgng, the following command will | | I believe we currently reference the (no longer) new package system as | 'pkg' now, rather than by its previous name. It is 'current generation' | now. Maybe 'pkg(8)' would help make this explicit | | If any current doc policy conflicts with this, perhaps it could be | updated. On that, in the Porter's Handbook, I've replaced all occurences to pkg_foo man pages with the pkg-foo ones, I've put the pkg examples before the pkg_tools ones. We should really put pkg in front, as a reminder, pkg_install dies on September 1st. -- Mathieu Arnold From owner-svn-doc-all@FreeBSD.ORG Fri Apr 11 22:14:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BAAF8C7; Fri, 11 Apr 2014 22:14:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A7B0A152F; Fri, 11 Apr 2014 22:14:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3BMEaei076246; Fri, 11 Apr 2014 22:14:36 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3BMEa0Y076245; Fri, 11 Apr 2014 22:14:36 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404112214.s3BMEa0Y076245@svn.freebsd.org> From: Warren Block Date: Fri, 11 Apr 2014 22:14:36 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44537 - head/en_US.ISO8859-1/books/handbook/ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Apr 2014 22:14:36 -0000 Author: wblock Date: Fri Apr 11 22:14:36 2014 New Revision: 44537 URL: http://svnweb.freebsd.org/changeset/doc/44537 Log: Replace two hardcoded links to procedures with XML IDs and . Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Fri Apr 11 17:06:12 2014 (r44536) +++ head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Fri Apr 11 22:14:36 2014 (r44537) @@ -888,7 +888,7 @@ Deinstalling ca_root_nss-3.15.1_1... don installation of &os;, use one of the following methods to install it: - + Portsnap Method The base system of &os; includes @@ -932,7 +932,7 @@ Deinstalling ca_root_nss-3.15.1_1... don - + Subversion Method If more control over the ports tree is needed or if local @@ -1298,7 +1298,7 @@ The deinstallation will free 229 kB To determine if newer versions of installed ports are available, ensure that the latest version of the ports tree is installed, using the updating command described in either - Procedure 5.1 or Procedure 5.2. On &os; 10 and later, or if + or . On &os; 10 and later, or if the system has been converted to pkgng, the following command will list the installed ports which are out of date: From owner-svn-doc-all@FreeBSD.ORG Fri Apr 11 22:17:58 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 98E5E32B; Fri, 11 Apr 2014 22:17:58 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8569D1561; Fri, 11 Apr 2014 22:17:58 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3BMHw8n076830; Fri, 11 Apr 2014 22:17:58 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3BMHwVp076829; Fri, 11 Apr 2014 22:17:58 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404112217.s3BMHwVp076829@svn.freebsd.org> From: Warren Block Date: Fri, 11 Apr 2014 22:17:58 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44538 - head/en_US.ISO8859-1/books/handbook/ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Apr 2014 22:17:58 -0000 Author: wblock Date: Fri Apr 11 22:17:58 2014 New Revision: 44538 URL: http://svnweb.freebsd.org/changeset/doc/44538 Log: Whitespace-only fixes, translators please ignore. Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Fri Apr 11 22:14:36 2014 (r44537) +++ head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Fri Apr 11 22:17:58 2014 (r44538) @@ -4,7 +4,10 @@ $FreeBSD$ --> - + + Installing Applications: Packages and Ports @@ -1296,18 +1299,19 @@ The deinstallation will free 229 kB the upgrade. To determine if newer versions of installed ports are - available, ensure that the latest version of the ports tree - is installed, using the updating command described in either - or . On &os; 10 and later, or if - the system has been converted to - pkgng, the following command will - list the installed ports which are out of date: + available, ensure that the latest version of the ports tree is + installed, using the updating command described in either + or + . On &os; 10 + and later, or if the system has been converted to + pkgng, the following command will + list the installed ports which are out of date: &prompt.root; pkg version -l "<" For &os; 9.X and lower, the - following command will list the installed ports that are out - of date: + following command will list the installed ports that are out + of date: &prompt.root; pkg_version -l "<" @@ -1550,13 +1554,13 @@ The deinstallation will free 229 kB Poudriere is a BSD-licensed utility for creating and testing &os; packages. It uses &os; jails to set up isolated - compilation environments. These jails can be used to build packages for - versions of &os; that are different from the system on which it is - installed, and also to build packages for i386 if the host is an - &arch.amd64; system. Once the packages are built, they are - in a layout identical to the official mirrors. These packages - are usable by &man.pkg.8; and other package management - tools. + compilation environments. These jails can be used to build + packages for versions of &os; that are different from the system + on which it is installed, and also to build packages for i386 if + the host is an &arch.amd64; system. Once the packages are + built, they are in a layout identical to the official mirrors. + These packages are usable by &man.pkg.8; and other package + management tools. Poudriere is installed using the ports-mgmt/poudriere package @@ -1789,8 +1793,8 @@ ports-mgmt/pkg role="nolink">freebsd-listname@FreeBSD.org. Take this into account when sending an email. - In particular, ports shown as maintained by ports@FreeBSD.org are not + In particular, ports shown as maintained by + ports@FreeBSD.org are not maintained by a specific individual. Instead, any fixes and support come from the general community who subscribe to that mailing list. More volunteers are always From owner-svn-doc-all@FreeBSD.ORG Fri Apr 11 22:54:35 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A2409CE7; Fri, 11 Apr 2014 22:54:35 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8EE841885; Fri, 11 Apr 2014 22:54:35 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3BMsZlF092879; Fri, 11 Apr 2014 22:54:35 GMT (envelope-from pluknet@svn.freebsd.org) Received: (from pluknet@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3BMsZfX092878; Fri, 11 Apr 2014 22:54:35 GMT (envelope-from pluknet@svn.freebsd.org) Message-Id: <201404112254.s3BMsZfX092878@svn.freebsd.org> From: Sergey Kandaurov Date: Fri, 11 Apr 2014 22:54:35 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44539 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Apr 2014 22:54:35 -0000 Author: pluknet Date: Fri Apr 11 22:54:35 2014 New Revision: 44539 URL: http://svnweb.freebsd.org/changeset/doc/44539 Log: Spelling fixes. Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Fri Apr 11 22:17:58 2014 (r44538) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Fri Apr 11 22:54:35 2014 (r44539) @@ -192,7 +192,7 @@ chapter consists of approximately 16,000 words covering all subcommands of the zpool(8) and zfs(8) utilities, delegation, tuning and a section devoted to - defintions and explainations of the terms and features of + definitions and explanations of the terms and features of ZFS.

        The remaining section is the FAQ. To help users address the @@ -1979,7 +1979,7 @@ device vt_efifb fixed.

        Gustau Perez has stepped up and put together a port set in - the ports-experimental tree of our developement + the ports-experimental tree of our development repository with GNOME 3.12. It was decided to polish GNOME 3.12. It will be merged when the preparation work has (mostly) finished, and we are happy with the stability of From owner-svn-doc-all@FreeBSD.ORG Sat Apr 12 00:33:43 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 39A1EAD2; Sat, 12 Apr 2014 00:33:43 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0C0021179; Sat, 12 Apr 2014 00:33:43 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3C0XgqT034455; Sat, 12 Apr 2014 00:33:42 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3C0XgnV034454; Sat, 12 Apr 2014 00:33:42 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404120033.s3C0XgnV034454@svn.freebsd.org> From: Warren Block Date: Sat, 12 Apr 2014 00:33:42 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44540 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Apr 2014 00:33:43 -0000 Author: wblock Date: Sat Apr 12 00:33:42 2014 New Revision: 44540 URL: http://svnweb.freebsd.org/changeset/doc/44540 Log: Spelling, title capitalization, and repeated word fixes. Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Fri Apr 11 22:54:35 2014 (r44539) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Sat Apr 12 00:33:42 2014 (r44540) @@ -613,7 +613,7 @@ - libvirt/bhyve Support + <tt>libvirt/bhyve</tt> Support @@ -747,7 +747,7 @@ - Using CentOS 6.5 as Linux base + Using CentOS 6.5 as Linux Base @@ -1072,7 +1072,7 @@

      The ports have packages built for amd64, available - through the the ports emulators/i386-wine and + through the ports emulators/i386-wine and emulators/i386-wine-devel.

      @@ -1842,7 +1842,7 @@ device vt_efifb - auditdistd(8) + <tt>auditdistd(8)</tt> @@ -1880,7 +1880,7 @@ device vt_efifb - SDIO driver + SDIO Driver @@ -2133,7 +2133,7 @@ device vt_efifb Unfortunately, &os; 8.x misses the required kernel DRM infrastructure: supporting X.Org here cripples progress on the graphics stack and, once WITH_NEW_XORG is gone, we - will not support 8.x as a desktop anymore. Therefore, please + will not support 8.x as a desktop any more. Therefore, please upgrade to 9.3 or 10.1 when they are available.

      From owner-svn-doc-all@FreeBSD.ORG Sat Apr 12 01:11:21 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 45E24193; Sat, 12 Apr 2014 01:11:21 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 32E1713C9; Sat, 12 Apr 2014 01:11:21 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3C1BLg8049567; Sat, 12 Apr 2014 01:11:21 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3C1BLTB049566; Sat, 12 Apr 2014 01:11:21 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201404120111.s3C1BLTB049566@svn.freebsd.org> From: Glen Barber Date: Sat, 12 Apr 2014 01:11:21 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44541 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Apr 2014 01:11:21 -0000 Author: gjb Date: Sat Apr 12 01:11:20 2014 New Revision: 44541 URL: http://svnweb.freebsd.org/changeset/doc/44541 Log: Update the 9.3-RELEASE schedule to reflect that the reminder mail was sent (a week late, my fault). Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Sat Apr 12 00:33:42 2014 (r44540) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Sat Apr 12 01:11:20 2014 (r44541) @@ -51,7 +51,7 @@ Release schedule reminder 4 April 2014 - - + 11 April 2014 Release Engineers send reminder announcement e-mail to developers with updated schedule. From owner-svn-doc-all@FreeBSD.ORG Sat Apr 12 13:20:00 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C37B9BE1; Sat, 12 Apr 2014 13:20:00 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AEFAE1693; Sat, 12 Apr 2014 13:20:00 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3CDK0Rw048061; Sat, 12 Apr 2014 13:20:00 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3CDK0EG048060; Sat, 12 Apr 2014 13:20:00 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201404121320.s3CDK0EG048060@svn.freebsd.org> From: Benedict Reuschling Date: Sat, 12 Apr 2014 13:20:00 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44542 - head/de_DE.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Apr 2014 13:20:00 -0000 Author: bcr Date: Sat Apr 12 13:20:00 2014 New Revision: 44542 URL: http://svnweb.freebsd.org/changeset/doc/44542 Log: Update to r43918: Update the CARP section to reflect changes between how FreeBSD 9.X and 10.X handle this device. Thanks to the submitter for doing the work on this and sending it to me. Submitted by: Bjoern Heidotting Obtained from: The FreeBSD German Documentation Project Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Sat Apr 12 01:11:20 2014 (r44541) +++ head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Sat Apr 12 13:20:00 2014 (r44542) @@ -5,7 +5,7 @@ $FreeBSD$ $FreeBSDde:$ - basiert auf: r43904 + basiert auf: r43918 --> Weiterfhrende Netzwerkthemen @@ -4526,7 +4526,7 @@ margaux:ha=0123456789ab:tc=.def100TFTP verwendet werden, muss beim Kompilieren die Option LOADER_TFTP_SUPPORT in der Datei - /etc/make.conf eingetragen sein. Sehen + /etc/make.conf eingetragen sein. Sehen Sie sich die Datei /usr/share/examples/etc/make.conf fr weitere Anweisungen an. @@ -5719,7 +5719,7 @@ hint.ppc.0.irq="7" Danach berprfen Sie, ob die Kernelkonfigurationsdatei die Zeile device plip enthlt, oder ob das - Kernelmodul plip.ko geladen wurde. In + Kernelmodul plip.ko geladen wurde. In beiden Fllen sollte die parallele Schnittstelle von &man.ifconfig.8; angezeigt werden: @@ -5911,7 +5911,7 @@ round-trip min/avg/max/stddev = 2.530/2. Es gibt verschiedene Arten von IPv6-Adressen: Unicast-, Anycast- und Multicast-Adressen. - Unicast-Adressen sind die herkmlichen Adressen. Ein + Unicast-Adressen sind die herkmlichen Adressen. Ein Paket, das an eine Unicast-Adresse gesendet wird, kommt nur an der Schnittstelle an, die dieser Adresse zugeordnet ist. @@ -6433,6 +6433,7 @@ route_hostD="192.168.173.4 hatm0 0 102 l CARP - Common Address Redundancy Protocol TomRhodesBeigetragen von + AllanJudeAktualisiert von @@ -6442,215 +6443,237 @@ route_hostD="192.168.173.4 hatm0 0 102 l Common Address Redundancy Protocol (CARP) Das Common Address Redundancy - Protocol (CARP) erlaubt es, + Protocol (CARP) erlaubt es, mehreren Rechnern die gleiche IP-Adresse - zuzuweisen. Durch ein solches Vorgehen l籖t sich - beispielsweise die Verfgbarkeit bestimmter Dienste - verbessern oder die Last zwischen einzelnen Systemen besser - verteilen. Den auf diese Art und Weise konfigurierten Systemen - kann zustzlich eine eigene (im Netzwerk eindeutige) - IP-Adresse zugewiesen werden (wie dies auch - im folgenden Beispiel erfolgt). - - Um CARP zu aktivieren, mssen Sie die - &os;-Kernelkonfigurationsdatei um die folgende Option erweitern - und danach den &os;-Kernel (wie in beschrieben) neu bauen: - - device carp - - Alternativ knnen Sie aber auch das Kernelmodul - if_carp.ko beim Systemstart - automatisch laden. Dazu nehmen Sie die folgende Zeile - in die Datei /boot/loader.conf - auf: - - if_carp_load="YES" - - Danach ist CARP auf Ihrem System - verfgbar und kann ber verschiedene - sysctl-Optionen (OIDs) - gesteuert werden. - - - - - - OID - Beschreibung - - - - - - net.inet.carp.allow - Akzeptiert ankommende CARP-Pakete. - In der Voreinstellung aktiviert. - - - - net.inet.carp.preempt - Diese Option deaktiviert alle - CARP-Gerte, sobald eines von - ihnen ausfllt. In der Voreinstellung - deaktiviert. - - - - net.inet.carp.log - Hat diese Variable den Wert 0, wird - kein Protokoll generiert, whrend mit dem Wert - 1 nur inkorrekte - CARP-Pakete protokolliert werden. Hat - die Variable einen Wert grer - 1, werden nur die Statuswechsel von - CARP-Gerten protokolliert. In der - Voreinstellung hat diese Variable den Wert - 1. - - - - net.inet.carp.arpbalance - Gleicht die Netzwerklast im lokalen Netzwerk durch - den Einsatz von ARP aus. In der - Voreinstellung deaktiviert. - - - - net.inet.carp.suppress_preempt - Eine nur lesbare OID, die - den Preemption Suppression-Status - anzeigt. Preemption kann verhindert werden. Dies auch dann, - wenn ein Gert ausfllt. Hat die Variable - den Wert 0, bedeutet dies, dass Preemption - nicht verhindert wird. Tritt ein Problem auf, wird der Wert - dieser OID um 1 - erhht. - - - - - - Das CARP-Gert selbst erzeugen Sie mit dem - ifconfig-Befehl: - - &prompt.root; ifconfig carp0 create - - Damit Sie dieses Protokoll in Ihrem Netzwerk einsetzen - knnen, muss jede Netzwerkkarte eine eindeutige - Identifikationsnummer, die sogenannte VHID - (Virtual Host Identification), - besitzen, da sich ansonsten die Rechner Ihres Netzwerks nicht - voneinander unterscheiden lassen. - - - Die Serververfgbarkeit mit CARP - verbessern - - Wie bereits weiter oben erwhnt wurde, knnen Sie - CARP dazu verwenden, die Verfbarkeit - Ihrer Server zu verbessern. Im folgenden Bespiel werden - insgesamt drei Server (mit jeweils eigener, eindeutiger - IP-Adresse), die alle den gleichen Inhalt - anbieten, in einer Round Robin - DNS-Konfiguration eingerichtet. - Der Backup-Server verfgt ber zwei - CARP-Schnittstellen (fr die beiden - IP-Adressen der Content-Server). Tritt bei - einem Content-Server ein Problem auf, bernimmt der - Backup-Server die IP-Adresse des - ausgefallenen Servers. Dadurch sollte die Auswahl eines Servers - vom Anwender nicht bemerkt werden. Der Backup-Server muss - identisch konfiguriert sein und die gleichen Daten und Dienste - anbieten wie das System, das er ersetzen soll. - - Die beiden Content-Server werden (abgesehen von ihren - jeweiligen Hostnamen und VHIDs) identisch - konfiguriert und heien in unserem Beispiel - hosta.example.org beziehungsweise - hostb.example.org. Damit Sie - CARP einsetzen knnen, mssen - Sie als Erstes die Datei rc.conf auf - beiden Systemen anpassen. Fr das System - hosta.example.org nehmen Sie dazu folgende - Zeilen in rc.conf auf: + zuzuweisen und Hochverfgbarkeit + bereitzustellen. Das bedeutet, dass ein oder mehrere Rechner + ausfallen knnen und die anderen Rechner transparent + einspringen, ohne das der Benutzer etwas von einem Ausfall + mitbekommt. Neben der gemeinsamen + IP-Adresse, haben die jeweiligen Rechner auch + eine eindeutige IP-Adresse zur Verwaltung und + Konfiguration, wie in den folgenden Beispielen zu sehen + ist. + + + Hochverfgbarkeit mit <acronym>CARP</acronym> + + CARP wird hufig verwendet, um einen + oder mehrere Dienste hochverfgbar zu machen. Dieses Beispiel + konfiguriert eine Failover-Untersttzung mit drei Servern (mit + jeweils eigener, eindeutiger IP-Adresse), + die alle den gleichen Web-Inhalt anbieten. Die Lastverteilung + dieser Maschinen wird dabei ber Round + Robin DNS konfiguriert. + Mit Ausnahme des Hostnamens und der + IP-Management-Adresse sind Master- und + Backup-Maschinen identisch konfiguriert. Die Server mssen + die gleiche Konfiguration und die gleichen Dienste aktiviert + haben. Tritt ein Failover auf, knnen Anfragen an den Dienst + mit der gemeinsam genutzten IP-Adresse nur + dann richtig beantwortet werden, wenn der Backup-Server + Zugriff auf denselben Inhalt hat. Die Backup-Maschine verfgt + ber zwei zustzliche CARP-Schnittstellen, + eine fr jede IP-Adresse des + Master-Content-Servers. Sobald ein Fehler auftritt, bernimmt + der Backup-Server die IP-Adresse des + ausgefallenen Master-Servers. Die Benutzer werden einen + Dienstausfall berhaupt nicht bemerken. + + Dieses Beispiel benutzt zwei verschiedene Master namens + hosta.example.org und + hostb.example.org mit einem + gemeinsamen Backup namens + hostc.example.org. + + Jede virtuelle IP-Adresse hat eine + eindeutige Identifikationsnummer, die als + Virtual Host Identification + (VHID) bekannt ist. Alle Maschinen, die + sich eine IP-Adresse teilen, verwenden die + gleiche VHID. Die VHID + fr jede einzelne IP-Adresse muss, + entsprechend der Broadcast-Domne der Netzwerkschnittstelle, + eindeutig sein. + + + + <acronym>CARP</acronym> mit &os; 10 (und neuer) + benutzen + + Untersttzung fr CARP erhalten Sie + durch das Laden des Kernelmoduls carp.ko + in /boot/loader.conf: + + carp_load="YES" + + Das CARP-Modul kann auch, wie in beschrieben, direkt in den &os; + Kernel eingebunden werden: + + device carp + + Hostname, IP-Management-Adresse, + Subnetzmaske, gemeinsame IP-Adresse und + VHID werden durch das Hinzufgen in + /etc/rc.conf gesetzt. Dieses Beispiel + ist fr hosta.example.org: hostname="hosta.example.org" -ifconfig_fxp0="inet 192.168.1.3 netmask 255.255.255.0" -cloned_interfaces="carp0" -ifconfig_carp0="vhid 1 pass testpass 192.168.1.50/24" +ifconfig_em0="inet 192.168.1.3 netmask 255.255.255.0" +ifconfig_em0_alias0="vhid 1 pass testpass alias 192.168.1.50/32" - Fr das System hostb.example.org - bentigen Sie zustzlich folgende Zeilen in - rc.conf: + Beispiel fr + hostb.example.org: hostname="hostb.example.org" -ifconfig_fxp0="inet 192.168.1.4 netmask 255.255.255.0" -cloned_interfaces="carp0" -ifconfig_carp0="vhid 2 pass testpass 192.168.1.51/24" +ifconfig_em0="inet 192.168.1.4 netmask 255.255.255.0" +ifconfig_em0_alias0="vhid 2 pass testpass alias 192.168.1.51/32" Achten Sie unbedingt darauf, dass die durch die Option - an ifconfig - bergebenen Passwrter auf beiden Systemen - identisch sind, da + an &man.ifconfig.8; bergebenen + Passwrter auf beiden Systemen identisch sind, da carp-Gerte nur mit Systemen kommunizieren knnen, die ber ein korrektes Passwort - verfgen. Beachten Sie weiters, dass sich die - VHIDs der beiden Systeme unterscheiden - mssen. + verfgen. - Nun richten Sie noch das dritte System, - provider.example.org, ein, das aktiviert - wird, wenn eines der beiden zuvor konfigurierten Systeme - ausfllt. Dieses dritte System bentigt zwei - carp-Gerte, um bei Bedarf - eines der beiden anderen - Systeme ersetzen zu knnen. Dazu konfigurieren Sie - rc.conf analog zur folgenden - Beispielkonfiguration: - - hostname="provider.example.org" -ifconfig_fxp0="inet 192.168.1.5 netmask 255.255.255.0" -cloned_interfaces="carp0 carp1" -ifconfig_carp0="vhid 1 advskew 100 pass testpass 192.168.1.50/24" -ifconfig_carp1="vhid 2 advskew 100 pass testpass 192.168.1.51/24" - - Durch die beiden carp-Gerte - ist es provider.example.org mglich, - festzustellen, ob eines der beiden anderen Systeme nicht mehr - reagiert. In diesem Fall bernimmt - provider.example.org die - IP-Adresse des betroffenen Systems. + Die dritte Maschine, + hostc.example.org ist so + konfiguriert, das sie aktiviert wird, wenn eines der beiden + zuvor konfigurierten Systeme ausfllt. Diese Maschine ist mit + zwei CARP VHIDs + konfiguriert, eine fr jede virtuelle + IP-Adresse der beiden Master-Server. Die + Option (CARP + advertising skew) wird gesetzt, um sicherzustellen, dass sich + der Backup-Server spter ankndigt wie der Master-Server. + steuert die Rangfolge fr den Fall + das mehrere Backup-Server zur Verfgung stehen. Passen Sie + die Konfiguration in /etc/rc.conf + an: + + hostname="hostc.example.org" +ifconfig_em0="inet 192.168.1.5 netmask 255.255.255.0" +ifconfig_em0_alias0="vhid 1 advskew 100 pass testpass alias 192.168.1.50/32" +ifconfig_em1_alias0="vhid 2 advskew 100 pass testpass alias 192.168.1.51/32" + + Durch die zwei konfigurierten CARP + VHIDs ist + hostc.example.org in der Lage + festzustellen, wenn einer der Master-Server nicht mehr + reagiert. Wenn der Master-Server sich spter ankndigt als + der Backup-Server, bernimmt der Backup-Server die gemeinsame + IP-Adresse, bis der Master-Server erneut + verfgbar ist. + + Preemption ist + standardm籖ig deaktiviert. Wird + Preemption aktiviert, kann es + vorkommen, dass hostc.example.org die + virtuelle IP-Adresse nicht wieder an den + Master-Server zurckgibt. Der Administrator kann jedoch den + Backup-Server dazu zwingen, die bernommene + IP-Adresse wieder an den Master-Server + zurckzugeben: + + &prompt.root; ifconfig em0 vhid 1 state +backup + + An dieser Stelle muss entweder das Netzwerk neu gestartet, + oder die Machine neu gebootet werden, um + CARP zu aktivieren. + + Die Funktionalitt von CARP kann, wie + in der Manualpage &man.carp.4; beschrieben, ber verschiedene + &man.sysctl.8; Parameter kontrolliert werden. Mit dem Einsatz + von &man.devd.8; knnen weitere Aktionen zu + CARP-Ereignissen ausgelst werden. + + + + <acronym>CARP</acronym> mit &os; 9 (und lter) + benutzen + + Untersttzung fr CARP erhalten Sie + durch das Laden des Kernelmoduls carp.ko + in /boot/loader.conf: + + if_carp_load="YES" + + CARP kann auch direkt in den Kernel + eingebunden werden. Diese Prozedur wird in beschrieben: + + device carp + + Die CARP-Schnittstellen selbst knnen + mittels &man.ifconfig.8; erstellt werden: + + &prompt.root; ifconfig carp0 create + + + Konfigurieren Sie Hostnamen, + IP-Management-Adresse, die gemeinsam + genutzte IP-Adresse und die + VHID, indem Sie die erforderlichen Zeilen + in /etc/rc.conf hinzufgen. Hierzu ein + Beispiel fr + hosta.example.org: + + hostname="hosta.example.org" +ifconfig_fxp0="inet 192.168.1.3 netmask 255.255.255.0" +cloned_interfaces="carp0" +ifconfig_carp0="vhid 1 pass testpass 192.168.1.50/24" + + Beispiel fr + hostb.example.org: + + hostname="hostb.example.org" +ifconfig_fxp0="inet 192.168.1.4 netmask 255.255.255.0" +cloned_interfaces="carp0" +ifconfig_carp0="vhid 2 pass testpass 192.168.1.51/24" - Ist im installierten &os;-Kernel die Option - "preemption" aktiviert, kann es sein, dass - provider.example.org die bernommene - IP-Adresse nicht mehr an den - Content-Server zurckgibt (wenn dieser wieder - funktioniert). In diesem Fall muss ein Administrator die - entsprechende Schnittstelle dazu zwingen, dies zu tun. - Dazu gibt er auf dem Rechner - provider.example.org den folgenden - Befehl ein: - - &prompt.root; ifconfig carp0 down && ifconfig carp0 up - - Dieser Befehl muss auf das - carp-Gert ausgefhrt - werden, das dem betroffenen System zugeordnet ist. + Preemption ist im GENERIC + &os; Kernel deaktiviert. Haben Sie jedoch + Preemption in einem + angepassten Kernel aktiviert, dass + hostc.example.org die virtuelle + IP-Adresse nicht wieder an den + Master-Server zurckgibt. Der Administrator kann jedoch den + Backup-Server dazu zwingen, die bernommene + IP-Adresse wieder an den Master-Server + zurckzugeben: + + &prompt.root; ifconfig carp0 down && ifconfig carp0 up + + Dieser Befehl muss auf dem + carp-Gert ausgefhrt werden, dass dem + betroffenen System zugeordnet ist. - Damit ist CARP vollstndig - konfiguriert und der Testbetrieb kann beginnen. Zuvor - mssen Sie allerdings noch alle Systeme neu starten - (beziehungsweise die Netzwerkkonfiguration auf allen - Systemen neu einlesen), um die Einstelllungen zu - bernehmen. - - Fr weitere Informtionen lesen Sie bitte die Manualpage - &man.carp.4;. + An dieser Stelle muss entweder das Netzwerk neu gestartet, + oder die Maschine neu gebootet werden, um + CARP zu aktivieren. + + Die Funktionalitt von CARP kann, wie + in der Manualpage &man.carp.4; beschrieben, ber verschiedene + &man.sysctl.8; Parameter kontrolliert werden. Mit dem Einsatz + von &man.devd.8; knnen weitere Aktionen zu + CARP-Ereignissen ausgelst werden. From owner-svn-doc-all@FreeBSD.ORG Sun Apr 13 01:29:40 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9DD3A997; Sun, 13 Apr 2014 01:29:40 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8905813C4; Sun, 13 Apr 2014 01:29:40 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3D1TeRK052908; Sun, 13 Apr 2014 01:29:40 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3D1Te3O052907; Sun, 13 Apr 2014 01:29:40 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404130129.s3D1Te3O052907@svn.freebsd.org> From: Warren Block Date: Sun, 13 Apr 2014 01:29:40 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44543 - head/en_US.ISO8859-1/articles/committers-guide X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Apr 2014 01:29:40 -0000 Author: wblock Date: Sun Apr 13 01:29:40 2014 New Revision: 44543 URL: http://svnweb.freebsd.org/changeset/doc/44543 Log: Recover lost tags. Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/committers-guide/article.xml Sat Apr 12 13:20:00 2014 (r44542) +++ head/en_US.ISO8859-1/articles/committers-guide/article.xml Sun Apr 13 01:29:40 2014 (r44543) @@ -122,9 +122,9 @@ project repository has its own -developers and -committers mailing lists. Archives for these lists may be found in files - /home/mail/repository-name-developers-archive + /home/mail/repository-name-developers-archive and - /home/mail/repository-name-committers-archive + /home/mail/repository-name-committers-archive on the FreeBSD.org cluster.) @@ -454,8 +454,8 @@ You need a Passphrase to protect your se The most notable change is the location of the &os; website www tree, which has been moved from - www/lang/ to - head/lang/htdocs/. + www/lang/ to + head/lang/htdocs/. The &os; ports repository switched @@ -554,7 +554,7 @@ You need a Passphrase to protect your se The above command will check out a CURRENT source tree as - /usr/src/, which can be any target + /usr/src/, which can be any target directory on the local filesystem. Omitting the final argument of that command causes the working copy, in this case, to be named head, but that can be @@ -644,19 +644,19 @@ You need a Passphrase to protect your se /stable/n which corresponds to - RELENG_n. + RELENG_n. /releng/n.n which corresponds to - RELENG_n_n. + RELENG_n_n. /release/n.n.n which corresponds to - RELENG_n_n_n_RELEASE. + RELENG_n_n_n_RELEASE. @@ -735,7 +735,7 @@ You need a Passphrase to protect your se /branches/RELENG_n_n_n which corresponds to - RELENG_n_n_n + RELENG_n_n_n is used to merge back security updates in preparation for a release. @@ -743,7 +743,7 @@ You need a Passphrase to protect your se /tags/RELEASE_n_n_n which corresponds to - RELEASE_n_n_n + RELEASE_n_n_n represents a release tag of the ports tree. @@ -847,7 +847,7 @@ You need a Passphrase to protect your se to the main repository. To do this, use the following command: - &prompt.user; svn co https://svn0.us-west.FreeBSD.org/base/head /usr/src + &prompt.user; svn co https://svn0.us-west.FreeBSD.org/base/head /usr/src Select the closest mirror and verify the mirror server certificate from the list of &prompt.user; svn update -&prompt.user; svn update -r12345 +&prompt.user; svn update -r12345 @@ -892,11 +892,11 @@ You need a Passphrase to protect your se &prompt.user; svn commit To commit all changes in, for example, - lib/libfetch/ and - usr/bin/fetch/ in a single + lib/libfetch/ and + usr/bin/fetch/ in a single operation: - &prompt.user; svn commit lib/libfetch usr/bin/fetch + &prompt.user; svn commit lib/libfetch usr/bin/fetch There is also a commit wrapper for the ports tree to handle the properties and sanity checking your @@ -928,7 +928,7 @@ You need a Passphrase to protect your se add. To add a file named foo, edit it, then: - &prompt.user; svn add foo + &prompt.user; svn add foo Most new source files should include a @@ -944,7 +944,7 @@ You need a Passphrase to protect your se Files can be removed with svn remove: - &prompt.user; svn remove foo + &prompt.user; svn remove foo Subversion does not require deleting the file before using svn rm, and indeed complains if @@ -953,20 +953,20 @@ You need a Passphrase to protect your se It is possible to add directories with svn add: - &prompt.user; mkdir bar -&prompt.user; svn add bar + &prompt.user; mkdir bar +&prompt.user; svn add bar Although svn mkdir makes this easier by combining the creation of the directory and the adding of it: - &prompt.user; svn mkdir bar + &prompt.user; svn mkdir bar Like files, directories are removed with svn rm. There is no separate command specifically for removing directories. - &prompt.user; svn rm bar + &prompt.user; svn rm bar @@ -976,7 +976,7 @@ You need a Passphrase to protect your se foo.c named bar.c, with the new file also under version control: - &prompt.user; svn copy foo.c bar.c + &prompt.user; svn copy foo.c bar.c The example above is equivalent to: @@ -985,7 +985,7 @@ You need a Passphrase to protect your se To move and rename a file: - &prompt.user; svn move foo.c bar.c + &prompt.user; svn move foo.c bar.c @@ -1042,11 +1042,11 @@ You need a Passphrase to protect your se The simple, not yet deprecated procedure is the following: - &prompt.user; svn resolved foo + &prompt.user; svn resolved foo However, the preferred procedure is: - &prompt.user; svn resolve --accept=working foo + &prompt.user; svn resolve --accept=working foo The two examples are equivalent. Possible values for --accept are: @@ -1129,7 +1129,7 @@ You need a Passphrase to protect your se Thus, given the working copy produced by the previous example: - &prompt.user; cd ~/freebsd + &prompt.user; cd ~/freebsd &prompt.user; svn update --set-depth=immediates . The above command will populate the working copy in @@ -1141,7 +1141,7 @@ You need a Passphrase to protect your se head (in this case) to infinity, and fully populate it: - &prompt.user; svn update --set-depth=infinity head + &prompt.user; svn update --set-depth=infinity head @@ -1388,7 +1388,7 @@ You need a Passphrase to protect your se Changes to manual pages should be merged to - share/man/manN/, for the + share/man/manN/, for the appropriate value of N. @@ -1681,7 +1681,7 @@ U stable/9/share/man/man4/netmap.4 To flatten the pf tree: - &prompt.user; cd vendor/pf/dist/contrib/pf + &prompt.user; cd vendor/pf/dist/contrib/pf &prompt.user; svn mv $(svn list) ../.. &prompt.user; cd ../.. &prompt.user; svn rm contrib @@ -1726,8 +1726,8 @@ U stable/9/share/man/man4/netmap.4 that corresponds to the last related change to the vendor tree, prior to importing new sources: - &prompt.user; cd head/contrib/pf -&prompt.user; svn merge --record-only svn+ssh://svn.freebsd.org/base/vendor/pf/dist@180876 . + &prompt.user; cd head/contrib/pf +&prompt.user; svn merge --record-only svn+ssh://svn.freebsd.org/base/vendor/pf/dist@180876 . &prompt.user; svn commit @@ -1757,9 +1757,9 @@ U stable/9/share/man/man4/netmap.4 about to be imported is recommended, to facilitate the process. - &prompt.user; cd vendor/pf/dist + &prompt.user; cd vendor/pf/dist &prompt.user; svn list -R | grep -v '/$' | sort >../old -&prompt.user; cd ../pf-4.3 +&prompt.user; cd ../pf-4.3 &prompt.user; find . -type f | cut -c 3- | sort >../new With these two files, @@ -1774,14 +1774,14 @@ U stable/9/share/man/man4/netmap.4 Importing into the Vendor Tree Now, the sources must be copied into - dist and + dist and the svn add and svn rm commands should be used as needed: - &prompt.user; cd vendor/pf/pf-4.3 + &prompt.user; cd vendor/pf/pf-4.3 &prompt.user; tar cf - . | tar xf - -C ../dist -&prompt.user; cd ../dist +&prompt.user; cd ../dist &prompt.user; comm -23 ../old ../new | xargs svn rm &prompt.user; comm -13 ../old ../new | xargs svn --parents add @@ -1813,11 +1813,11 @@ U stable/9/share/man/man4/netmap.4 future reference. The best and quickest way to do this is directly in the repository: - &prompt.user; svn cp svn+ssh://svn.freebsd.org/base/vendor/pf/dist svn+ssh://svn.freebsd.org/base/vendor/pf/4.3 + &prompt.user; svn cp svn+ssh://svn.freebsd.org/base/vendor/pf/dist svn+ssh://svn.freebsd.org/base/vendor/pf/4.3 Once that is complete, svn up the working copy of - vendor/pf + vendor/pf to get the new tag, although this is rarely needed. @@ -1825,7 +1825,7 @@ U stable/9/share/man/man4/netmap.4 svn:mergeinfo results must be removed: - &prompt.user; cd vendor/pf + &prompt.user; cd vendor/pf &prompt.user; svn cp dist 4.3 &prompt.user; svn propdel svn:mergeinfo -R 4.3 @@ -1834,9 +1834,9 @@ U stable/9/share/man/man4/netmap.4 Merging to Head - &prompt.user; cd head/contrib/pf + &prompt.user; cd head/contrib/pf &prompt.user; svn up -&prompt.user; svn merge --accept=postpone svn+ssh://svn.freebsd.org/base/vendor/pf/dist . +&prompt.user; svn merge --accept=postpone svn+ssh://svn.freebsd.org/base/vendor/pf/dist . The --accept=postpone tells Subversion that it should not complain because merge @@ -1874,7 +1874,7 @@ U stable/9/share/man/man4/netmap.4 main tree. To check diffs against the vendor branch: - &prompt.user; svn diff --no-diff-deleted --old=svn+ssh://svn.freebsd.org/base/vendor/pf/dist --new=. + &prompt.user; svn diff --no-diff-deleted --old=svn+ssh://svn.freebsd.org/base/vendor/pf/dist --new=. The --no-diff-deleted tells Subversion not to complain about files that are in the @@ -1919,10 +1919,10 @@ U stable/9/share/man/man4/netmap.4 First, prepare the directory in vendor: - &prompt.user; svn co --depth immediates $FSVN/vendor -&prompt.user; cd vendor -&prompt.user; svn mkdir byacc -&prompt.user; svn mkdir byacc/dist + &prompt.user; svn co --depth immediates $FSVN/vendor +&prompt.user; cd vendor +&prompt.user; svn mkdir byacc +&prompt.user; svn mkdir byacc/dist Now, import the sources into the dist directory. @@ -1931,7 +1931,7 @@ U stable/9/share/man/man4/netmap.4 the imported version. To save time and bandwidth, direct remote committing and tagging is possible: - &prompt.user; svn cp -m "Tag byacc 20120115" $FSVN/vendor/byacc/dist $FSVN/vendor/byacc/20120115 + &prompt.user; svn cp -m "Tag byacc 20120115" $FSVN/vendor/byacc/dist $FSVN/vendor/byacc/20120115 @@ -1940,7 +1940,7 @@ U stable/9/share/man/man4/netmap.4 Due to this being a new file, copy it for the merge: - &prompt.user; svn cp -m "Import byacc to contrib" $FSVN/vendor/byacc/dist $FSVN/head/contrib/byacc + &prompt.user; svn cp -m "Import byacc to contrib" $FSVN/vendor/byacc/dist $FSVN/head/contrib/byacc Working normally on newly imported sources is still possible. @@ -2102,7 +2102,7 @@ U stable/9/share/man/man4/netmap.4 work that is beneficial to the &os; community in some way but not intended to be merged directly back into HEAD then the proper location is - base/user/your-name/. base/user/your-name/. This page contains further details. @@ -2262,7 +2262,7 @@ ControlPersist yes Add an entry for yourself to - src/share/misc/committers-repository.dot, + src/share/misc/committers-repository.dot, where repository is either doc, ports or src, depending on the commit privileges you obtained. @@ -2336,7 +2336,7 @@ ControlPersist yes Log into hub.FreeBSD.org and - create a /var/forward/user (where + create a /var/forward/user (where user is your username) file containing the e-mail address where you want mail addressed to @@ -2676,7 +2676,7 @@ Relnotes: yes areas, to our shame), the same applies. If, however, you are about to modify something which is clearly being actively maintained by someone else (and it is only by watching the - repository-committers mailing list that you + repository-committers mailing list that you can really get a feel for just what is and is not) then consider sending the change to them instead, just as you would have before becoming a committer. For ports, you should contact the @@ -2773,7 +2773,7 @@ Relnotes: yes for tracking bugs and change requests. Be sure that if you commit a fix or suggestion found in a GNATS PR, you use - edit-pr pr-number on + edit-pr pr-number on freefall to close it. It is also considered nice if you take time to close any PRs associated with your commits, if appropriate. You can also make use of @@ -2840,11 +2840,11 @@ Relnotes: yes command. For example, to assign PR 123456 to yourself type - take-pr 123456. + take-pr 123456. If you want to set the PR to patched awaiting an MFC at the same time use: change-pr -t -p -m "awaiting MFC" - 123456 + 123456 @@ -3020,7 +3020,7 @@ Relnotes: yes $HOME/.ssh/id_rsa.pub) to the person setting you up as a committer so it can be put into the - yourlogin + yourlogin file in /etc/ssh-keys/ on freefall. @@ -3824,7 +3824,7 @@ Relnotes: yes &prompt.root; make install &prompt.root; make package &prompt.root; make deinstall -&prompt.root; pkg_add package you built above +&prompt.root; pkg_add package you built above &prompt.root; make deinstall &prompt.root; make reinstall &prompt.root; make package @@ -3948,8 +3948,8 @@ Relnotes: yes and then copy the last living revision of the port: - &prompt.user; cd /usr/ports/category -&prompt.user; svn cp 'svn+ssh://svn.freebsd.org/ports/head/category/portname/@{YYYY-MM-DD}' portname + &prompt.user; cd /usr/ports/category +&prompt.user; svn cp 'svn+ssh://svn.freebsd.org/ports/head/category/portname/@{YYYY-MM-DD}' portname Pick a date that is before the removal but after the last true commit. @@ -4381,9 +4381,9 @@ Relnotes: yes To do this, use the chkorigin.sh tool, as follows: env - PORTSDIR=/path/to/ports + PORTSDIR=/path/to/ports sh -e - /path/to/ports/Tools/scripts/chkorigin.sh. + /path/to/ports/Tools/scripts/chkorigin.sh. This will check every port in the ports tree, even those not connected to the build, so you can run it directly after the move From owner-svn-doc-all@FreeBSD.ORG Sun Apr 13 01:40:20 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id ACA5DC45; Sun, 13 Apr 2014 01:40:20 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 988F514D6; Sun, 13 Apr 2014 01:40:20 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3D1eKCH057354; Sun, 13 Apr 2014 01:40:20 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3D1eKlO057353; Sun, 13 Apr 2014 01:40:20 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404130140.s3D1eKlO057353@svn.freebsd.org> From: Warren Block Date: Sun, 13 Apr 2014 01:40:20 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44544 - head/en_US.ISO8859-1/articles/committers-guide X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Apr 2014 01:40:20 -0000 Author: wblock Date: Sun Apr 13 01:40:20 2014 New Revision: 44544 URL: http://svnweb.freebsd.org/changeset/doc/44544 Log: Whitespace-only fixes, translators please ignore. Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/committers-guide/article.xml Sun Apr 13 01:29:40 2014 (r44543) +++ head/en_US.ISO8859-1/articles/committers-guide/article.xml Sun Apr 13 01:40:20 2014 (r44544) @@ -307,19 +307,22 @@ You need a Passphrase to protect your se Kerberos and LDAP web password for &os; cluster - Some of the services in the &os; cluster require a Kerberos password. - In the &os; cluster, LDAP is proxying to Kerberos, so this also serves as - the LDAP web password. - To reset your Kerberos password in the &os; cluster using a random password - generator: - &prompt.user; ssh kpasswd.freebsd.org - - Alternatively, you can set your Kerberos password manually by logging into - freefall.FreeBSD.org and + Some of the services in the &os; cluster require a Kerberos + password. In the &os; cluster, LDAP is proxying to Kerberos, so + this also serves as the LDAP web password. + + To reset your Kerberos password in the &os; cluster using a + random password generator: + + &prompt.user; ssh kpasswd.freebsd.org + + Alternatively, you can set your Kerberos password manually + by logging into freefall.FreeBSD.org and running: - &prompt.user; kpasswd + &prompt.user; kpasswd @@ -554,11 +557,11 @@ You need a Passphrase to protect your se The above command will check out a CURRENT source tree as - /usr/src/, which can be any target - directory on the local filesystem. Omitting the final - argument of that command causes the working copy, in this - case, to be named head, but that can be - renamed safely. + /usr/src/, + which can be any target directory on the local filesystem. + Omitting the final argument of that command causes the + working copy, in this case, to be named head, + but that can be renamed safely. svn+ssh means the SVN protocol tunnelled over @@ -892,9 +895,10 @@ You need a Passphrase to protect your se &prompt.user; svn commit To commit all changes in, for example, - lib/libfetch/ and - usr/bin/fetch/ in a single - operation: + lib/libfetch/ + and + usr/bin/fetch/ + in a single operation: &prompt.user; svn commit lib/libfetch usr/bin/fetch @@ -1388,8 +1392,9 @@ You need a Passphrase to protect your se Changes to manual pages should be merged to - share/man/manN/, for the - appropriate value of N. + share/man/manN/, + for the appropriate value of + N. @@ -2102,7 +2107,8 @@ U stable/9/share/man/man4/netmap.4 work that is beneficial to the &os; community in some way but not intended to be merged directly back into HEAD then the proper location is - base/user/your-name/. base/user/your-name/. + This page contains further details. @@ -2336,9 +2342,10 @@ ControlPersist yes Log into hub.FreeBSD.org and - create a /var/forward/user (where - user is your username) file - containing the e-mail address where you want mail + create a + /var/forward/user + (where user is your username) + file containing the e-mail address where you want mail addressed to yourusername@FreeBSD.org to be forwarded. This includes all of the commit messages as @@ -2491,6 +2498,7 @@ ControlPersist yes the release notes for the next release from the branch, set to yes. + Security: If the change is related to a security @@ -2676,11 +2684,11 @@ Relnotes: yes areas, to our shame), the same applies. If, however, you are about to modify something which is clearly being actively maintained by someone else (and it is only by watching the - repository-committers mailing list that you - can really get a feel for just what is and is not) then consider - sending the change to them instead, just as you would have - before becoming a committer. For ports, you should contact the - listed MAINTAINER in the + repository-committers + mailing list that you can really get a feel for just what is and + is not) then consider sending the change to them instead, just + as you would have before becoming a committer. For ports, you + should contact the listed MAINTAINER in the Makefile. For other parts of the repository, if you are unsure who the active maintainer might be, it may help to scan the revision history to see who has @@ -2773,8 +2781,8 @@ Relnotes: yes for tracking bugs and change requests. Be sure that if you commit a fix or suggestion found in a GNATS PR, you use - edit-pr pr-number on - freefall to close it. It is also + edit-pr pr-number + on freefall to close it. It is also considered nice if you take time to close any PRs associated with your commits, if appropriate. You can also make use of &man.send-pr.1; yourself for proposing any change which you feel @@ -3948,11 +3956,11 @@ Relnotes: yes and then copy the last living revision of the port: - &prompt.user; cd /usr/ports/category + &prompt.user; cd /usr/ports/category &prompt.user; svn cp 'svn+ssh://svn.freebsd.org/ports/head/category/portname/@{YYYY-MM-DD}' portname - Pick a date that is before the removal but after the - last true commit. + Pick a date that is before the removal but after + the last true commit. @@ -4006,12 +4014,11 @@ Relnotes: yes - When you want to add a port that is related to - any port that is already in the tree in a separate - directory, you have to do a repository copy. - Here related means - it is a different version or a slightly modified - version. Examples are + When you want to add a port that is related to any + port that is already in the tree in a separate + directory, you have to do a repository copy. Here + related means it is a different + version or a slightly modified version. Examples are print/ghostscript* (different versions) and x11-wm/windowmaker* (English-only and internationalized version). @@ -4019,8 +4026,8 @@ Relnotes: yes Another example is when a port is moved from one subdirectory to another, or when you want to change the name of a directory because the author(s) renamed their - software even though it is a - descendant of a port already in a tree. + software even though it is a descendant of a port + already in a tree. From owner-svn-doc-all@FreeBSD.ORG Sun Apr 13 02:42:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9F77218C; Sun, 13 Apr 2014 02:42:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 885D81A20; Sun, 13 Apr 2014 02:42:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3D2guAQ085755; Sun, 13 Apr 2014 02:42:56 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3D2gs5i085745; Sun, 13 Apr 2014 02:42:54 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404130242.s3D2gs5i085745@svn.freebsd.org> From: Warren Block Date: Sun, 13 Apr 2014 02:42:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44545 - in head/en_US.ISO8859-1/books/porters-handbook: pkg-files plist porting-dads quick-porting security slow-porting special upgrading X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Apr 2014 02:42:56 -0000 Author: wblock Date: Sun Apr 13 02:42:54 2014 New Revision: 44545 URL: http://svnweb.freebsd.org/changeset/doc/44545 Log: Recover lost tags. Modified: head/en_US.ISO8859-1/books/porters-handbook/pkg-files/chapter.xml head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml head/en_US.ISO8859-1/books/porters-handbook/porting-dads/chapter.xml head/en_US.ISO8859-1/books/porters-handbook/quick-porting/chapter.xml head/en_US.ISO8859-1/books/porters-handbook/security/chapter.xml head/en_US.ISO8859-1/books/porters-handbook/slow-porting/chapter.xml head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml head/en_US.ISO8859-1/books/porters-handbook/upgrading/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/pkg-files/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/pkg-files/chapter.xml Sun Apr 13 01:40:20 2014 (r44544) +++ head/en_US.ISO8859-1/books/porters-handbook/pkg-files/chapter.xml Sun Apr 13 02:42:54 2014 (r44545) @@ -12,7 +12,7 @@ The <filename>pkg-*</filename> Files There are some tricks we have not mentioned yet about the - pkg-* files that come in handy + pkg-* files that come in handy sometimes. @@ -84,16 +84,16 @@ Changing the Names of - <filename>pkg-*</filename> Files + pkg-* Files - All the names of pkg-* files are + All the names of pkg-* files are defined using variables so you can change them in your Makefile if need be. This is especially - useful when you are sharing the same pkg-* + useful when you are sharing the same pkg-* files among several ports or have to write to one of the above files (see writing to places other than WRKDIR for why it is a - bad idea to write directly into the pkg-* + bad idea to write directly into the pkg-* subdirectory). Here is a list of variable names and their default values. Modified: head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml Sun Apr 13 01:40:20 2014 (r44544) +++ head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml Sun Apr 13 02:42:54 2014 (r44545) @@ -28,15 +28,15 @@ 4.9). %%PERL_VERSION%% and %%PERL_VER%% is the full version number of perl (e.g., 5.8.9). - Several other %%VARS%% related to port's + Several other %%VARS%% related to port's documentation files are described in the relevant section. If you need to make other substitutions, you can set the PLIST_SUB variable with a list of - VAR=VALUE pairs and instances of - %%VAR%% will be substituted with + VAR=VALUE pairs and instances of + %%VAR%% will be substituted with VALUE in the pkg-plist. @@ -97,7 +97,7 @@ OPTIONS_SUB= yes PLIST contents. Names listed in PLIST_FILES, PLIST_DIRS, and PLIST_DIRSTRY are subject to - %%VAR%% substitution as described above. + %%VAR%% substitution as described above. Except for that, names from PLIST_FILES will appear in the final packing list unchanged, while @dirrm and @dirrmtry will @@ -190,7 +190,7 @@ lib/X11/oneko/sounds/cat.au out. Instead, install sample file(s) with a - filename.sample suffix. Then copy the + filename.sample suffix. Then copy the sample file to the real configuration file name, if it does not already exist. On deinstall delete the configuration file, but only if it is identical to the .sample @@ -291,7 +291,7 @@ etc/orbit.conf.sample can get it wrong. User configuration files should be installed as - filename.sample, as it is described in + filename.sample, as it is described in . The info/dir file should not be listed and appropriate install-info lines should be Modified: head/en_US.ISO8859-1/books/porters-handbook/porting-dads/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/porting-dads/chapter.xml Sun Apr 13 01:40:20 2014 (r44544) +++ head/en_US.ISO8859-1/books/porters-handbook/porting-dads/chapter.xml Sun Apr 13 02:42:54 2014 (r44545) @@ -36,7 +36,7 @@ xlink:href="&url.books.handbook;/ports-using.html#PORTS-CD"> installing ports from a CDROM for an example of building ports from a read-only tree). If you need to modify - one of the pkg-* files, do so by + one of the pkg-* files, do so by redefining a variable, not by writing over it. @@ -48,9 +48,9 @@ Most ports do not have to worry about this. In particular, if you are referring to a WRKDIR of another port, note that the correct location is - WRKDIRPREFIXPORTSDIR/subdir/name/work not - PORTSDIR/subdir/name/work or - .CURDIR/../../subdir/name/work or some + WRKDIRPREFIXPORTSDIR/subdir/name/work not + PORTSDIR/subdir/name/work or + .CURDIR/../../subdir/name/work or some such. Also, if you are defining WRKDIR Modified: head/en_US.ISO8859-1/books/porters-handbook/quick-porting/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/quick-porting/chapter.xml Sun Apr 13 01:40:20 2014 (r44544) +++ head/en_US.ISO8859-1/books/porters-handbook/quick-porting/chapter.xml Sun Apr 13 02:42:54 2014 (r44545) @@ -302,7 +302,7 @@ PLIST_DIRS= lib/X11/oneko - pkg add package-filename + pkg add package-filename Modified: head/en_US.ISO8859-1/books/porters-handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/security/chapter.xml Sun Apr 13 01:40:20 2014 (r44544) +++ head/en_US.ISO8859-1/books/porters-handbook/security/chapter.xml Sun Apr 13 02:42:54 2014 (r44545) @@ -469,7 +469,7 @@ section of your entry will match correct package(s), issue the following command: - &prompt.user; portaudit -f /usr/ports/INDEX -r uuid + &prompt.user; portaudit -f /usr/ports/INDEX -r uuid Please refer to &man.portaudit.1; for better Modified: head/en_US.ISO8859-1/books/porters-handbook/slow-porting/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/slow-porting/chapter.xml Sun Apr 13 01:40:20 2014 (r44544) +++ head/en_US.ISO8859-1/books/porters-handbook/slow-porting/chapter.xml Sun Apr 13 02:42:54 2014 (r44545) @@ -59,7 +59,7 @@ The patch target is run. First, any patches defined in PATCHFILES are applied. Second, if any patch files named - patch-* are found in + patch-* are found in PATCHDIR (defaults to the files subdirectory), they are applied at this time in alphabetical order. @@ -170,7 +170,7 @@ Get the original sources (normally) as a compressed tarball (foo.tar.gz or - foo.tar.bz2) and copy it into + foo.tar.bz2) and copy it into DISTDIR. Always use mainstream sources when and where you can. Modified: head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Sun Apr 13 01:40:20 2014 (r44544) +++ head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Sun Apr 13 02:42:54 2014 (r44545) @@ -1217,7 +1217,7 @@ USE_XORG= x11 xpm Updating Desktop Database If a port has a MimeType entry in its - portname.desktop, the desktop database + portname.desktop, the desktop database must be updated after install and deinstall. To do this, define USES= desktop-file-utils. @@ -1228,7 +1228,7 @@ USE_XORG= x11 xpm Desktop entries can be easily created for applications by using the DESKTOP_ENTRIES variable. A - file named name.desktop will be + file named name.desktop will be created, installed, and added to the pkg-plist automatically. Syntax is: @@ -2428,7 +2428,7 @@ do-install: Web Applications Web applications should be installed into - PREFIX/www/appname. + PREFIX/www/appname. For your convenience, this path is available both in Makefile and in pkg-plist as WWWDIR, @@ -4748,7 +4748,7 @@ run_rc_command "$1" SUB_LIST and using %%PERL%%. Otherwise, - &prompt.root; service name stop + &prompt.root; service name stop will probably not work properly. See &man.service.8; for more information. Modified: head/en_US.ISO8859-1/books/porters-handbook/upgrading/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/upgrading/chapter.xml Sun Apr 13 01:40:20 2014 (r44544) +++ head/en_US.ISO8859-1/books/porters-handbook/upgrading/chapter.xml Sun Apr 13 02:42:54 2014 (r44545) @@ -153,7 +153,7 @@ committer. &prompt.user; cd ~/my_wrkdir -&prompt.user; svn co https://svn0.us-west.FreeBSD.org/ports/head/dns/pdnsd +&prompt.user; svn co https://svn0.us-west.FreeBSD.org/ports/head/dns/pdnsd &prompt.user; cd ~/my_wrkdir/pdnsd From owner-svn-doc-all@FreeBSD.ORG Mon Apr 14 06:39:06 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 115F2AB3; Mon, 14 Apr 2014 06:39:06 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F1F7817FA; Mon, 14 Apr 2014 06:39:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3E6d5fo077532; Mon, 14 Apr 2014 06:39:05 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3E6d5Iu077529; Mon, 14 Apr 2014 06:39:05 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404140639.s3E6d5Iu077529@svn.freebsd.org> From: Gabor Pali Date: Mon, 14 Apr 2014 06:39:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44546 - head/en_US.ISO8859-1/articles/contributors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Apr 2014 06:39:06 -0000 Author: pgj Date: Mon Apr 14 06:39:05 2014 New Revision: 44546 URL: http://svnweb.freebsd.org/changeset/doc/44546 Log: - Move davidxu to the alumni section Modified: head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml head/en_US.ISO8859-1/articles/contributors/contrib.develalumni.xml Modified: head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Sun Apr 13 02:42:54 2014 (r44545) +++ head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Mon Apr 14 06:39:05 2014 (r44546) @@ -1471,10 +1471,6 @@ - &a.davidxu.email; - - - &a.emax.email; Modified: head/en_US.ISO8859-1/articles/contributors/contrib.develalumni.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.develalumni.xml Sun Apr 13 02:42:54 2014 (r44545) +++ head/en_US.ISO8859-1/articles/contributors/contrib.develalumni.xml Mon Apr 14 06:39:05 2014 (r44546) @@ -3,6 +3,10 @@ + &a.davidxu.email; (2002 - 2014) + + + &a.ru.email; (2014) From owner-svn-doc-all@FreeBSD.ORG Mon Apr 14 06:40:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 063FFB28; Mon, 14 Apr 2014 06:40:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E6EB3180E; Mon, 14 Apr 2014 06:40:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3E6etK1078633; Mon, 14 Apr 2014 06:40:55 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3E6etIG078632; Mon, 14 Apr 2014 06:40:55 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404140640.s3E6etIG078632@svn.freebsd.org> From: Gabor Pali Date: Mon, 14 Apr 2014 06:40:55 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44547 - head/en_US.ISO8859-1/articles/contributors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Apr 2014 06:40:56 -0000 Author: pgj Date: Mon Apr 14 06:40:55 2014 New Revision: 44547 URL: http://svnweb.freebsd.org/changeset/doc/44547 Log: - Add the start year for ru's alumni entry Modified: head/en_US.ISO8859-1/articles/contributors/contrib.develalumni.xml Modified: head/en_US.ISO8859-1/articles/contributors/contrib.develalumni.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.develalumni.xml Mon Apr 14 06:39:05 2014 (r44546) +++ head/en_US.ISO8859-1/articles/contributors/contrib.develalumni.xml Mon Apr 14 06:40:55 2014 (r44547) @@ -7,7 +7,7 @@ - &a.ru.email; (2014) + &a.ru.email; (1999 - 2014) From owner-svn-doc-all@FreeBSD.ORG Mon Apr 14 12:48:53 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BE1364E5; Mon, 14 Apr 2014 12:48:53 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AA1C8136F; Mon, 14 Apr 2014 12:48:53 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3ECmrcI030696; Mon, 14 Apr 2014 12:48:53 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3ECmr95030695; Mon, 14 Apr 2014 12:48:53 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404141248.s3ECmr95030695@svn.freebsd.org> From: Dru Lavigne Date: Mon, 14 Apr 2014 12:48:53 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44548 - head/en_US.ISO8859-1/books/handbook/install X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Apr 2014 12:48:53 -0000 Author: dru Date: Mon Apr 14 12:48:53 2014 New Revision: 44548 URL: http://svnweb.freebsd.org/changeset/doc/44548 Log: There is no cu editor. The figure shows the ee editor. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/install/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/install/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/install/chapter.xml Mon Apr 14 06:40:55 2014 (r44547) +++ head/en_US.ISO8859-1/books/handbook/install/chapter.xml Mon Apr 14 12:48:53 2014 (r44548) @@ -2809,7 +2809,7 @@ use the current settings. [ Yes ] No If &gui.yes; is selected, press - Enter and the &man.cu.1; editor + Enter and the &man.ee.1; editor will automatically start.
      From owner-svn-doc-all@FreeBSD.ORG Mon Apr 14 14:20:38 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9FAA6E52; Mon, 14 Apr 2014 14:20:38 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8B9CC1C63; Mon, 14 Apr 2014 14:20:38 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3EEKckd068126; Mon, 14 Apr 2014 14:20:38 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3EEKcuT068125; Mon, 14 Apr 2014 14:20:38 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201404141420.s3EEKcuT068125@svn.freebsd.org> From: Mathieu Arnold Date: Mon, 14 Apr 2014 14:20:38 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44549 - head/en_US.ISO8859-1/books/porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Apr 2014 14:20:38 -0000 Author: mat (ports committer) Date: Mon Apr 14 14:20:38 2014 New Revision: 44549 URL: http://svnweb.freebsd.org/changeset/doc/44549 Log: Add the OPT_USE knob's documentation. Poked by: bdrewery Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Mon Apr 14 12:48:53 2014 (r44548) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Mon Apr 14 14:20:38 2014 (r44549) @@ -3841,6 +3841,34 @@ SUB_LIST+= OPT1="@comment " NO_OPT1="" + + <varname><replaceable>X</replaceable>_USE</varname> + + For each + key=value + pair in X_USE + the corresponding + USE_KEY + variable will be set to value. + If value has spaces in it, + replace them with commas, they will get back as spaces + during processing. For example: + + OPTIONS_DEFINE= OPT1 +OPT1_USE= mysql=yes xorg=x11,xextproto,xext,xrandr + + is equivalent to: + + OPTIONS_DEFINE= OPT1 + +.include <bsd.port.options.mk> + +.if ${PORT_OPTIONS:MOPT1} +USE_MYSQL= yes +USE_XORG= x11 xextproto xext xrandr +.endif + + <varname><replaceable>X</replaceable>_CONFIGURE_ENABLE</varname> From owner-svn-doc-all@FreeBSD.ORG Mon Apr 14 15:52:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CCFD328D; Mon, 14 Apr 2014 15:52:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B6B6C1818; Mon, 14 Apr 2014 15:52:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3EFqgA5008098; Mon, 14 Apr 2014 15:52:42 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3EFqgvE008097; Mon, 14 Apr 2014 15:52:42 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404141552.s3EFqgvE008097@svn.freebsd.org> From: Dru Lavigne Date: Mon, 14 Apr 2014 15:52:42 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44550 - head/en_US.ISO8859-1/books/handbook/install X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Apr 2014 15:52:42 -0000 Author: dru Date: Mon Apr 14 15:52:42 2014 New Revision: 44550 URL: http://svnweb.freebsd.org/changeset/doc/44550 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/install/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/install/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/install/chapter.xml Mon Apr 14 14:20:38 2014 (r44549) +++ head/en_US.ISO8859-1/books/handbook/install/chapter.xml Mon Apr 14 15:52:42 2014 (r44550) @@ -5,34 +5,33 @@ $FreeBSD$ --> - Installing &os; 8.<replaceable>X</replaceable> + + Installing &os; 8.<replaceable>X</replaceable> + - JimMockRestructured, reorganized, and parts - rewritten by + JimMockRestructured, + reorganized, and parts rewritten by - RandyPrattThe sysinstall walkthrough, screenshots, and general - copy by + RandyPrattThe + sysinstall walkthrough, screenshots, and general copy by + - - - Synopsis installation &os; provides a text-based, easy to use installation - program. &os; 9.0-RELEASE and later use the installation program - known as &man.bsdinstall.8; - while &os; 8.X uses - &man.sysinstall.8;. This chapter describes - how to use &man.sysinstall.8;. - The use of &man.bsdinstall.8; - is covered in . + program. &os; 9.0-RELEASE and later use the installation + program known as &man.bsdinstall.8; while + &os; 8.X uses + &man.sysinstall.8;. This chapter describes how to use + &man.sysinstall.8;. The use of &man.bsdinstall.8; is covered in + . After reading this chapter, you will know: @@ -50,8 +49,8 @@ - The questions &man.sysinstall.8; asks, - what they mean, and how to answer them. + The questions &man.sysinstall.8; asks, what they mean, + and how to answer them. @@ -59,20 +58,20 @@ - Read the supported hardware list that shipped with the version - of &os; to install, and verify that the system's hardware is - supported. + Read the supported hardware list that shipped with the + version of &os; to install, and verify that the system's + hardware is supported. In general, these installation instructions are written - for the &i386; and &os;/&arch.amd64; architectures. - Where applicable, instructions specific to other - platforms will be listed. There may be minor - differences between the installer and what is shown here. - This chapter should be used as a general guide rather - than a literal installation manual. + for the &i386; and &os;/&arch.amd64; architectures. Where + applicable, instructions specific to other platforms will be + listed. There may be minor differences between the installer + and what is shown here. This chapter should be used as a + general guide rather than a literal installation + manual. @@ -86,25 +85,24 @@ The minimal configuration to install &os; varies with the &os; version and the hardware architecture. - A summary of this information is given in the following sections. - Depending on the method chosen to install &os;, - a floppy drive, CDROM drive, or - network adapter may be needed. Instructions on how to - prepare the installation media can be found in - . + A summary of this information is given in the following + sections. Depending on the method chosen to install &os;, + a floppy drive, CDROM drive, or network adapter may be needed. + Instructions on how to prepare the installation media can be + found in . &os;/&arch.i386; and &os;/&arch.pc98; - Both &os;/&arch.i386; and &os;/&arch.pc98; require a 486 or - better processor, at least 24 MB of RAM, and at - least 150 MB of free hard drive space for the - most minimal installation. + Both &os;/&arch.i386; and &os;/&arch.pc98; require a 486 + or better processor, at least 24 MB of RAM, and at + least 150 MB of free hard drive space for the most + minimal installation. In the case of older hardware, installing more RAM and - more hard drive space is often more important than - a faster processor. + more hard drive space is often more important than a + faster processor. @@ -113,32 +111,29 @@ There are two classes of processors capable of running &os;/&arch.amd64;. The first are AMD64 processors, - including the &amd.athlon;64, - &amd.athlon;64-FX, and &amd.opteron; or better - processors. - - The second class of processors - includes those using the &intel; EM64T - architecture. Examples of these processors include the - &intel; &core; 2 Duo, Quad, Extreme processor - families, and the &intel; &xeon; 3000, 5000, and 7000 - sequences of processors. - - If the machine is based on an nVidia nForce3 - Pro-150, the BIOS setup must be used to - disable the IO APIC. If this option does not exist, - disable ACPI instead as there - are bugs in the Pro-150 chipset. + including the &amd.athlon;64, &amd.athlon;64-FX, and + &amd.opteron; or better processors. + + The second class of processors includes those using the + &intel; EM64T architecture. Examples of these processors + include the &intel; &core; 2 Duo, Quad, Extreme + processor families, and the &intel; &xeon; 3000, 5000, + and 7000 sequences of processors. + + If the machine is based on an nVidia nForce3 Pro-150, + the BIOS setup must be used to disable + the IO APIC. If this option does not exist, disable ACPI + instead as there are bugs in the Pro-150 chipset. &os;/&arch.sparc64; - To install &os;/&arch.sparc64;, use a supported - platform (see ). + To install &os;/&arch.sparc64;, use a supported platform + (see ). - A dedicated disk is needed for &os;/&arch.sparc64; as - it is not possible to share a disk with another operating + A dedicated disk is needed for &os;/&arch.sparc64; as it + is not possible to share a disk with another operating system at this time. @@ -150,12 +145,13 @@ release in the &os; Hardware Notes. This document can usually be found in a file named HARDWARE.TXT, in the top-level directory of a CDROM or FTP distribution, or in - &man.sysinstall.8;'s documentation menu. - It lists, for a given architecture, which hardware devices are - known to be supported by each release of &os;. Copies of the - supported hardware list for various releases and architectures - can also be found on the Release - Information page of the &os; website. + &man.sysinstall.8;'s documentation menu. It lists, for a + given architecture, which hardware devices are known to be + supported by each release of &os;. Copies of the supported + hardware list for various releases and architectures can also + be found on the Release + Information page of the &os; website. @@ -167,31 +163,25 @@ Before installing &os; it is recommended to inventory the components in the computer. The &os; installation routines - will show components such as hard disks, network cards, - and CDROM drives with their model number and manufacturer. - &os; will also - attempt to determine the correct configuration for these devices, - including information about IRQ and I/O port usage. Due - to the - vagaries of computer hardware, this process is not always - completely - successful, and &os; may need some manual - configuration. - - If another operating system is already installed, - use the facilities provided - by that operating systems to view the hardware configuration. - If the settings of an expansion - card are not obvious, check if they are printed on the - card itself. Popular IRQ - numbers are 3, 5, and 7, and I/O port addresses are normally - written as - hexadecimal numbers, such as 0x330. + will show components such as hard disks, network cards, and + CDROM drives with their model number and manufacturer. &os; + will also attempt to determine the correct configuration for + these devices, including information about IRQ and I/O port + usage. Due to the vagaries of computer hardware, this process + is not always completely successful, and &os; may need some + manual configuration. + + If another operating system is already installed, use the + facilities provided by that operating systems to view the + hardware configuration. If the settings of an expansion card + are not obvious, check if they are printed on the card itself. + Popular IRQ numbers are 3, 5, and 7, and I/O port addresses + are normally written as hexadecimal numbers, such as + 0x330. It is recommended to print or write down this information - before - installing &os;. It may help to use a table, as seen in this - example: + before installing &os;. It may help to use a table, as seen + in this example: Sample Device Inventory @@ -221,7 +211,8 @@ N/A - 40 GB, made by Seagate, first IDE master + 40 GB, made by Seagate, first IDE + master @@ -241,7 +232,8 @@ N/A - 20 GB, made by IBM, second IDE master + 20 GB, made by IBM, second IDE + master @@ -282,174 +274,157 @@
      Once the inventory of the components in the computer is - complete, check if it matches the hardware - requirements of the &os; release to install. + complete, check if it matches the hardware requirements of the + &os; release to install. Make a Backup - If the computer contains - valuable data, ensure it is backed up, and that the backup - has been - tested before installing &os;. The &os; - installer will prompt before writing any - data to disk, but once that process has started, it cannot be - undone. + If the computer contains valuable data, ensure it is + backed up, and that the backup has been tested before + installing &os;. The &os; installer will prompt before + writing any data to disk, but once that process has started, + it cannot be undone. Decide Where to Install &os; - If &os; is to be installed on the entire hard disk, - skip this - section. + If &os; is to be installed on the entire hard disk, skip + this section. However, if &os; will co-exist with other operating - systems, a rough understanding of how data is - laid out on the disk is useful. + systems, a rough understanding of how data is laid out on the + disk is useful. Disk Layouts for &os;/&arch.i386; - A PC disk can be divided into discrete chunks known as - partitions. Since - &os; also has partitions, naming - can quickly become confusing. Therefore, these - disk chunks are referred to as slices - in &os;. For example, the &os; version of - &man.fdisk.8; - refers to slices instead of partitions. By design, the PC only - supports four partitions per disk. These partitions are called - primary partitions. To work around this - limitation and allow more than four partitions, a new partition type - was created, the extended partition. A disk - may contain only one extended partition. Special partitions, called - logical partitions, can be created inside this - extended partition. - - Each partition has a partition ID, which is - a number used to identify the type of data on the partition. &os; - partitions have the partition ID of 165. - - In general, each operating system will identify - partitions in a particular way. For example, - &windows;, assigns each primary and logical partition a - drive letter, starting with - C:. - - &os; must be installed into a primary partition. If - there are multiple disks, a &os; - partition can be created - on all, or some, of them. When &os; is installed, at least - one partition must be available. This might be a blank - partition or it might be an existing partition whose - data can be overwritten. - - If all the partitions on all the disks are in use, - free one of them for &os; using the tools - provided by an existing operating system, such as &windows; - fdisk. - - If there is a spare partition, use that. If it is too - small, - shrink one or more existing partitions to create more - available space. - - A minimal installation of &os; takes as little as 100 MB - of disk - space. However, that is a very minimal install, - leaving almost no space for files. A more realistic minimum - is 250 MB without a graphical environment, and 350 MB or - more for - a graphical user interface. If other - third-party software will be installed, - even more space is needed. - - You can use a tool such as GParted - to resize your partitions and make space for - &os;. GParted is known to work on - NTFS and - is available on a number of Live CD Linux distributions, such as - SystemRescueCD. + A PC disk can be divided into discrete chunks known as + partitions. Since &os; also has + partitions, naming can quickly become confusing. Therefore, + these disk chunks are referred to as slices in &os;. For + example, the &os; version of &man.fdisk.8; refers to slices + instead of partitions. By design, the PC only supports four + partitions per disk. These partitions are called + primary partitions. To work around + this limitation and allow more than four partitions, a new + partition type was created, the extended + partition. A disk may contain only one + extended partition. Special partitions, called + logical partitions, can be created + inside this extended partition. + + Each partition has a partition + ID, which is a number used to identify the + type of data on the partition. &os; partitions have the + partition ID of 165. + + In general, each operating system will identify + partitions in a particular way. For example, &windows;, + assigns each primary and logical partition a + drive letter, starting with + C:. + + &os; must be installed into a primary partition. If + there are multiple disks, a &os; partition can be created on + all, or some, of them. When &os; is installed, at least one + partition must be available. This might be a blank + partition or it might be an existing partition whose data + can be overwritten. + + If all the partitions on all the disks are in use, free + one of them for &os; using the tools provided by an existing + operating system, such as &windows; + fdisk. + + If there is a spare partition, use that. If it is too + small, shrink one or more existing partitions to create more + available space. + + A minimal installation of &os; takes as little as + 100 MB of disk space. However, that is a + very minimal install, leaving almost no + space for files. A more realistic minimum is 250 MB + without a graphical environment, and 350 MB or more for + a graphical user interface. If other third-party software + will be installed, even more space is needed. + + You can use a tool such as + GParted to resize your partitions + and make space for &os;. GParted + is known to work on NTFS and is available + on a number of Live CD Linux distributions, such as SystemRescueCD. + + + Incorrect use of a shrinking tool can delete the data + on the disk. Always have a recent, working backup before + using this type of tool. + + + + Using an Existing Partition Unchanged + + Consider a computer with a single 4 GB disk that + already has a version of &windows; installed, where the + disk has been split into two drive letters, + C: and D:, each + of which is 2 GB in size. There is 1 GB of data + on C:, and 0.5 GB of data on + D:. + + This disk has two partitions, one per drive letter. + Copy all existing data from D: to + C:, which will free up the second + partition, ready for &os;. + + + + Shrinking an Existing Partition + + Consider a computer with a single 4 GB disk that + already has a version of &windows; installed. When + &windows; was installed, it created one large partition, + a C: drive that is 4 GB in size. + Currently, 1.5 GB of space is used, and &os; should + have 2 GB of space. - - Incorrect use of a shrinking tool can delete the data - on the disk. - Always have a recent, working backup before using this - type of tool. - - - - Using an Existing Partition Unchanged - - Consider a computer with a single 4 GB disk - that - already has a version of &windows; installed, where the - disk has been split into two drive letters, - C: and - D:, each of which is 2 GB in size. - There is 1 GB of data on C:, - and - 0.5 GB of data on - D:. - - This disk has two partitions, one per - drive letter. Copy all existing data from - D: to C:, which - will free up the second partition, ready for &os;. - - - - Shrinking an Existing Partition - - Consider a computer with a single 4 GB disk - that already has a version of &windows; installed. When - &windows; was installed, it created one large partition, - a - C: drive that is 4 GB in size. - Currently, 1.5 GB of space is used, and &os; should - have 2 GB - of space. - - In order to install &os;, either: - - - - Backup the &windows; data and then reinstall - &windows;, - asking for a 2 GB partition at install time. - + In order to install &os;, either: - - Use one of the tools described above to shrink your &windows; - partition. - - - + + + Backup the &windows; data and then reinstall + &windows;, asking for a 2 GB partition at install + time. + + + Use one of the tools described above to shrink + your &windows; partition. + + + Collect the Network Configuration Details - Before - installing from an FTP - site or an + Before installing from an FTP site or an NFS server, make note of the network - configuration. The - installer - will prompt for this information so that - it can connect to the network to complete the + configuration. The installer will prompt for this information + so that it can connect to the network to complete the installation. - Connecting to an Ethernet Network or Cable/DSL Modem + Connecting to an Ethernet Network or Cable/DSL + Modem - If using an Ethernet network or an Internet - connection using an Ethernet adapter via cable or DSL, the - following information is needed: + If using an Ethernet network or an Internet connection + using an Ethernet adapter via cable or DSL, the following + information is needed: @@ -482,10 +457,9 @@ Connecting Using a Modem - If using a dialup modem, - &os; can still be installed over the Internet, it will just - take a very - long time. + If using a dialup modem, &os; can still be installed + over the Internet, it will just take a very long + time. You will need to know: @@ -510,28 +484,28 @@ Check for &os; Errata Although the &os; Project strives to ensure that each - release - of &os; is as stable as possible, bugs do occasionally creep into - the process. On rare occasions those bugs affect the - installation process. As these problems are discovered and fixed, they - are noted in the &os; Errata, - which is found on the &os; website. - Check the errata before installing to make sure that there are - no late-breaking problems to be aware of. + release of &os; is as stable as possible, bugs do occasionally + creep into the process. On rare occasions those bugs affect + the installation process. As these problems are discovered + and fixed, they are noted in the &os; + Errata, which is found on the &os; website. Check + the errata before installing to make sure that there are no + late-breaking problems to be aware of. Information about all releases, including the errata for - each - release, can be found on the - release - information section of the - &os; website. + each release, can be found on the release + information section of the &os; + website. Obtain the &os; Installation Files - The &os; installer can install &os; from files - located in any of the following places: + The &os; installer can install &os; from files located in + any of the following places: Local Media @@ -570,15 +544,14 @@ - If installing from a purchased &os; CD/DVD, - skip ahead to + If installing from a purchased &os; CD/DVD, skip ahead to . - To obtain the &os; installation files, - skip ahead to which explains how - to prepare the installation media. After reading - that section, come back here and read on to - . + To obtain the &os; installation files, skip ahead to which explains how to prepare + the installation media. After reading that section, come back + here and read on to . @@ -586,18 +559,15 @@ The &os; installation process is started by booting the computer into the &os; installer. It is not a program that - can be run - within another operating system. The computer normally boots - using the operating system installed on the hard disk, but it - can also be configured to boot from a CDROM or from a USB - disk. + can be run within another operating system. The computer + normally boots using the operating system installed on the + hard disk, but it can also be configured to boot from a CDROM + or from a USB disk. - If installing from a CD/DVD to a - computer whose BIOS supports booting from - the CD/DVD, skip this section. The - &os; CD/DVD images are bootable and can be used to - install + If installing from a CD/DVD to a computer whose BIOS + supports booting from the CD/DVD, skip this section. The + &os; CD/DVD images are bootable and can be used to install &os; without any other special preparation. @@ -610,16 +580,16 @@ Memory stick images for &os; 8.X can be downloaded - from - the ISO-IMAGES/ - directory at + from the ISO-IMAGES/ directory at ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/arch/ISO-IMAGES/version/&os;-version-RELEASE-arch-memstick.img. Replace arch and - version with the - architecture and the version number to - install. For example, the memory stick - images for &os;/&arch.i386; &rel2.current;-RELEASE are - available from ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/&arch.i386;/ISO-IMAGES/&rel2.current;/&os;-&rel2.current;-RELEASE-&arch.i386;-memstick.img. + version with the architecture + and the version number to install. For example, the + memory stick images for + &os;/&arch.i386; &rel2.current;-RELEASE are + available from ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/&arch.i386;/ISO-IMAGES/&rel2.current;/&os;-&rel2.current;-RELEASE-&arch.i386;-memstick.img. A different directory path is used for @@ -632,14 +602,13 @@ The memory stick image has a .img extension. The ISO-IMAGES/ directory contains a number of different images and the one to - use depends on the version of &os; and the - type of media supported by the hardware being installed - to. + use depends on the version of &os; and the type of media + supported by the hardware being installed to. Before proceeding, back up the - data on the USB stick, as this - procedure will erase it. + data on the USB stick, as this procedure will + erase it. @@ -650,31 +619,29 @@ Using &os; to Write the Image - The example below - lists /dev/da0 as the - target device where the image will be written. Be very careful - that you have the correct device as the output target, or you - may destroy your existing data. + The example below lists + /dev/da0 as the target device + where the image will be written. Be very careful that + you have the correct device as the output target, or + you may destroy your existing data. Writing the Image with &man.dd.1; - The .img file - is not a regular file that can - just be copied to the - memory stick. It is an image of the complete contents of the - disk. This means that + The .img file is + not a regular file that can just + be copied to the memory stick. It is an image of the + complete contents of the disk. This means that &man.dd.1; must be used to write the image directly to the disk: &prompt.root; dd if=&os;-&rel2.current;-RELEASE-&arch.i386;-memstick.img of=/dev/da0 bs=64k - If an - Operation not permitted - error is displayed, make certain that the target device - is not in use, mounted, or being automounted by - another program. Then try + If an Operation not + permitted error is displayed, make + certain that the target device is not in use, mounted, + or being automounted by another program. Then try again. @@ -684,35 +651,38 @@ Make sure to use the correct drive letter as the - output - target, as this command will overwrite and destroy - any existing data on the specified device. + output target, as this command will overwrite and + destroy any existing data on the specified + device. - Obtaining <application>Image Writer for Windows</application> + Obtaining <application>Image Writer for + Windows</application> - Image Writer for Windows is a - free application that can correctly write an image file to a - memory stick. Download it from - https://launchpad.net/win32-image-writer/ + Image Writer for + Windows is a free application that can + correctly write an image file to a memory stick. + Download it from https://launchpad.net/win32-image-writer/ and extract it into a folder. Writing the Image with Image Writer - Double-click - the Win32DiskImager icon to start - the program. Verify that the drive letter shown - under Device is the drive - with the memory stick. Click the folder icon and select the - image to be written to the memory stick. - Click Save to accept the image file - name. Verify that everything is correct, and that no folders - on the memory stick are open in other windows. Finally, - click Write to write the image file to - the drive. + Double-click the + Win32DiskImager icon to + start the program. Verify that the drive letter shown + under Device is the + drive with the memory stick. Click the folder icon + and select the image to be written to the memory + stick. Click Save to accept + the image file name. Verify that everything is + correct, and that no folders on the memory stick are + open in other windows. Finally, click + Write to write the image file + to the drive. @@ -725,14 +695,15 @@ Acquire the Boot Floppy Images - The &os;/&arch.pc98; boot disks - can be downloaded from the floppies directory, + The &os;/&arch.pc98; boot disks can be downloaded from + the floppies directory, ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/pc98/version-RELEASE/floppies/. Replace version with the version number to install. The floppy images have a .flp - extension. floppies/ contains a number + extension. floppies/ contains a number of different images. Download boot.flp as well as the number of files associated with the type of installation, such as @@ -741,34 +712,29 @@ The FTP program must use binary - mode - to download these disk images. Some web browsers - use text or + mode to download these disk images. Some + web browsers use text or ASCII mode, which will be apparent - if - the disks are not bootable. + if the disks are not bootable. Prepare the Floppy Disks - Prepare one floppy disk per downloaded image file. - It is imperative that these disks are free from - defects. The easiest way to test this is to reformat the - disks. - Do not trust pre-formatted floppies. The format - utility in &windows; will not tell about the presence of - bad blocks, it simply marks them as bad - and ignores them. It is advised to use brand new - floppies. + Prepare one floppy disk per downloaded image file. It + is imperative that these disks are free from defects. The + easiest way to test this is to reformat the disks. Do not + trust pre-formatted floppies. The format utility in + &windows; will not tell about the presence of bad blocks, + it simply marks them as bad and ignores + them. It is advised to use brand new floppies. - If the installer - crashes, freezes, or otherwise misbehaves, one of - the first things to suspect is the floppies. Write - the floppy image files to new disks and try - again. + If the installer crashes, freezes, or otherwise + misbehaves, one of the first things to suspect is the + floppies. Write the floppy image files to new disks and + try again. @@ -777,44 +743,37 @@ The .flp files are not regular files that can be copied - to the disk. - They are images of the complete contents of the - disk. - Specific tools must be used to write the + to the disk. They are images of the complete contents of + the disk. Specific tools must be used to write the images directly to the disk. DOS - &os; provides a tool called - rawrite for creating the floppies on a - computer running - &windows;. This tool can be downloaded from + &os; provides a tool called rawrite + for creating the floppies on a computer running &windows;. + This tool can be downloaded from ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/pc98/ - version-RELEASE/tools/ - on the &os; FTP site. Download this tool, insert a - floppy, then specify the filename to write to the floppy - drive: + version-RELEASE/tools/ on the + &os; FTP site. Download this tool, insert a floppy, then + specify the filename to write to the floppy drive: C:\> rawrite boot.flp A: Repeat this command for each .flp - file, replacing the floppy disk each time, being sure to label - the disks with the name of the file. - Adjust the command line as necessary, depending on where - the .flp files are located. + file, replacing the floppy disk each time, being sure to + label the disks with the name of the file. Adjust the + command line as necessary, depending on where the + .flp files are located. When writing the floppies on a &unix;-like system, - such as - another &os; system, use &man.dd.1; to - write the image files directly to disk. On &os;, - run: + such as another &os; system, use &man.dd.1; to write the + image files directly to disk. On &os;, run: &prompt.root; dd if=boot.flp of=/dev/fd0 On &os;, /dev/fd0 refers to the - first floppy disk. Other &unix; - variants might have different names for the floppy disk - device, so check the documentation for the - system as necessary. + first floppy disk. Other &unix; variants might have + different names for the floppy disk device, so check the + documentation for the system as necessary. @@ -827,8 +786,7 @@ By default, the installer will not make any changes to - the - disk(s) until after the following message: + the disk(s) until after the following message: Last Chance: Are you SURE you want continue the installation? @@ -839,10 +797,8 @@ We can take no responsibility for lost d The install can be exited at any time prior to this final warning without changing the contents of the hard drive. If - there is a - concern that something is configured incorrectly, - turn the computer off before this point, and no damage - will be + there is a concern that something is configured incorrectly, + turn the computer off before this point, and no damage will be done. @@ -852,86 +808,85 @@ We can take no responsibility for lost d Booting for the &i386; - - - Turn on the computer. As it starts it should display an - option to enter the system set up menu, or BIOS, commonly reached - by keys like F2, F10, - Del, or - - Alt - S - . Use whichever keystroke is indicated on screen. In - some cases the computer may display a graphic while it - starts. - Typically, pressing Esc will dismiss the graphic - and display the boot messages. - - - - Find the setting that controls which devices the system boots - from. This is usually labeled as the Boot Order - and commonly shown as a list of devices, such as - Floppy, CDROM, - First Hard Disk, and so on. - - If booting from the CD/DVD, make sure that - the CDROM drive is selected. If booting from a USB disk, - make sure that it is selected instead. When in doubt, *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Mon Apr 14 15:59:34 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6FF6D392; Mon, 14 Apr 2014 15:59:34 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5BB98186C; Mon, 14 Apr 2014 15:59:34 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3EFxYVE008872; Mon, 14 Apr 2014 15:59:34 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3EFxY6O008871; Mon, 14 Apr 2014 15:59:34 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404141559.s3EFxY6O008871@svn.freebsd.org> From: Dru Lavigne Date: Mon, 14 Apr 2014 15:59:34 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44551 - head/en_US.ISO8859-1/books/handbook/install X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Apr 2014 15:59:34 -0000 Author: dru Date: Mon Apr 14 15:59:33 2014 New Revision: 44551 URL: http://svnweb.freebsd.org/changeset/doc/44551 Log: Fix a few grammos. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/install/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/install/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/install/chapter.xml Mon Apr 14 15:52:42 2014 (r44550) +++ head/en_US.ISO8859-1/books/handbook/install/chapter.xml Mon Apr 14 15:59:33 2014 (r44551) @@ -243,7 +243,6 @@ 0x1f0 - @@ -3565,7 +3564,7 @@ Retype new password :
      - RPC. communication between + RPC communication between NFS servers and clients is managed by &man.rpcbind.8; which is required for NFS servers to operate correctly. Status monitoring is provided @@ -4265,7 +4264,7 @@ Please press any key to reboot.       - A tape will be be used to install &os;. + A tape will be used to install &os;.       @@ -4285,7 +4284,6 @@ Please press any key to reboot. The ISO images for each release can be downloaded from ftp://ftp.FreeBSD.org/pub/FreeBSD/ISO-IMAGES-arch/version - or the closest mirror. or the closest mirror. Substitute arch and version as appropriate. From owner-svn-doc-all@FreeBSD.ORG Mon Apr 14 16:11:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8BDEE586; Mon, 14 Apr 2014 16:11:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 77DAB1A1B; Mon, 14 Apr 2014 16:11:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3EGBAb4015544; Mon, 14 Apr 2014 16:11:10 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3EGBAq9015543; Mon, 14 Apr 2014 16:11:10 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201404141611.s3EGBAq9015543@svn.freebsd.org> From: Mathieu Arnold Date: Mon, 14 Apr 2014 16:11:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44552 - head/en_US.ISO8859-1/books/porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Apr 2014 16:11:10 -0000 Author: mat (ports committer) Date: Mon Apr 14 16:11:10 2014 New Revision: 44552 URL: http://svnweb.freebsd.org/changeset/doc/44552 Log: Replace all X by OPT in the options part of the Makefile chapter. Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Mon Apr 14 15:59:33 2014 (r44551) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Mon Apr 14 16:11:10 2014 (r44552) @@ -3842,11 +3842,11 @@ SUB_LIST+= OPT1="@comment " NO_OPT1="" - <varname><replaceable>X</replaceable>_USE</varname> + <varname><replaceable>OPT</replaceable>_USE</varname> For each key=value - pair in X_USE + pair in OPT_USE the corresponding USE_KEY variable will be set to value. @@ -3870,17 +3870,17 @@ USE_XORG= x11 xextproto xext xrandr - <varname><replaceable>X</replaceable>_CONFIGURE_ENABLE</varname> + <varname><replaceable>OPT</replaceable>_CONFIGURE_ENABLE</varname> If - X_CONFIGURE_ENABLE + OPT_CONFIGURE_ENABLE is set then - --enable-${X_CONFIGURE_ENABLE} + --enable-${OPT_CONFIGURE_ENABLE} or - --disable-${X_CONFIGURE_ENABLE} + --disable-${OPT_CONFIGURE_ENABLE} will be added to CONFIGURE_ARGS depending on the value of the - option X, for + option OPT, for example: OPTIONS_DEFINE= OPT1 @@ -3900,17 +3900,17 @@ CONFIGURE_ARGS+= --disable-test - <varname><replaceable>X</replaceable>_CONFIGURE_WITH</varname> + <varname><replaceable>OPT</replaceable>_CONFIGURE_WITH</varname> If - X_CONFIGURE_WITH + OPT_CONFIGURE_WITH is set then - --with-${X_CONFIGURE_WITH} + --with-${OPT_CONFIGURE_WITH} or - --without-${X_CONFIGURE_WITH} + --without-${OPT_CONFIGURE_WITH} will be added to CONFIGURE_ARGS depending on the status of the option - X, for + OPT, for example: OPTIONS_DEFINE= OPT1 @@ -3930,13 +3930,13 @@ CONFIGURE_ARGS+= --without-test - <varname><replaceable>X</replaceable>_CONFIGURE_ON</varname> + <varname><replaceable>OPT</replaceable>_CONFIGURE_ON</varname> If - X_CONFIGURE_ON + OPT_CONFIGURE_ON is set then its value will be appended to CONFIGURE_ARGS depending on the status of - the option X, + the option OPT, for example: OPTIONS_DEFINE= OPT1 @@ -3954,13 +3954,13 @@ CONFIGURE_ARGS+= --add-test - <varname><replaceable>X</replaceable>_CONFIGURE_OFF</varname> + <varname><replaceable>OPT</replaceable>_CONFIGURE_OFF</varname> If - X_CONFIGURE_OFF + OPT_CONFIGURE_OFF is set then its value will be appended to CONFIGURE_ARGS depending on the status of - the option X, + the option OPT, for example: OPTIONS_DEFINE= OPT1 @@ -3978,13 +3978,13 @@ CONFIGURE_ARGS+= --no-test - <varname><replaceable>X</replaceable>_CMAKE_ON</varname> + <varname><replaceable>OPT</replaceable>_CMAKE_ON</varname> If - X_CMAKE_ON is + OPT_CMAKE_ON is set then its value will be appended to CMAKE_ARGS depending on the status of the - option X, for + option OPT, for example: OPTIONS_DEFINE= OPT1 @@ -4002,13 +4002,13 @@ CMAKE_ARGS+= -DTEST:BOOL=true - <varname><replaceable>X</replaceable>_CMAKE_OFF</varname> + <varname><replaceable>OPT</replaceable>_CMAKE_OFF</varname> If - X_CMAKE_OFF is + OPT_CMAKE_OFF is set then its value will be appended to CMAKE_ARGS depending on the status of the - option X, for + option OPT, for example: OPTIONS_DEFINE= OPT1 @@ -4061,14 +4061,14 @@ CMAKE_ARGS+= -DTEST:BOOL=false - <varname><replaceable>X</replaceable>_<replaceable>ABOVEVARIABLE</replaceable></varname> + <varname><replaceable>OPT</replaceable>_<replaceable>ABOVEVARIABLE</replaceable></varname> If - X_ABOVEVARIABLE + OPT_ABOVEVARIABLE is defined then its value will be appended to ABOVEVARIABLE depending on the status of the option - X, for + OPT, for example: OPTIONS_DEFINE= OPT1 @@ -4087,14 +4087,14 @@ LIB_DEPENDS+= liba.so:${PORTSDIR}/devel/ - <varname><replaceable>X</replaceable>_<replaceable>ABOVEVARIABLE</replaceable>_OFF</varname> + <varname><replaceable>OPT</replaceable>_<replaceable>ABOVEVARIABLE</replaceable>_OFF</varname> If - X_ABOVEVARIABLE_OFF + OPT_ABOVEVARIABLE_OFF is set then a dependency of type ABOVEVARIABLE will be added when option - X is not + OPT is not selected. For example: OPTIONS_DEFINE= OPT1 @@ -4234,14 +4234,14 @@ DOCS_ALL_TARGET= doc - <varname><replaceable>X</replaceable>_<replaceable>ABOVEVARIABLE</replaceable></varname> + <varname><replaceable>OPT</replaceable>_<replaceable>ABOVEVARIABLE</replaceable></varname> If - X_ABOVEVARIABLE + OPT_ABOVEVARIABLE is defined then its value will be appended to ABOVEVARIABLE depending on the status of the option - X, for + OPT, for example: OPTIONS_DEFINE= OPT1 @@ -4261,14 +4261,14 @@ CFLAGS+= -DTEST - <varname><replaceable>X</replaceable>_<replaceable>ABOVEVARIABLE</replaceable>_OFF</varname> + <varname><replaceable>OPT</replaceable>_<replaceable>ABOVEVARIABLE</replaceable>_OFF</varname> If - X_ABOVEVARIABLE_OFF + OPT_ABOVEVARIABLE_OFF is set then a flag ABOVEVARIABLE will be automatically set when option - X is not + OPT is not selected. For example: OPTIONS_DEFINE= OPT1 From owner-svn-doc-all@FreeBSD.ORG Mon Apr 14 16:13:18 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5344960F; Mon, 14 Apr 2014 16:13:18 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3F8171A39; Mon, 14 Apr 2014 16:13:18 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3EGDIRf016481; Mon, 14 Apr 2014 16:13:18 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3EGDI0J016480; Mon, 14 Apr 2014 16:13:18 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201404141613.s3EGDI0J016480@svn.freebsd.org> From: Mathieu Arnold Date: Mon, 14 Apr 2014 16:13:18 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44553 - head/en_US.ISO8859-1/books/porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Apr 2014 16:13:18 -0000 Author: mat (ports committer) Date: Mon Apr 14 16:13:17 2014 New Revision: 44553 URL: http://svnweb.freebsd.org/changeset/doc/44553 Log: Whitespace-only fixes, translators please ignore. Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Mon Apr 14 16:11:10 2014 (r44552) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Mon Apr 14 16:13:17 2014 (r44553) @@ -3846,8 +3846,9 @@ SUB_LIST+= OPT1="@comment " NO_OPT1="" For each key=value - pair in OPT_USE - the corresponding + pair in + OPT_USE the + corresponding USE_KEY variable will be set to value. If value has spaces in it, @@ -3879,8 +3880,8 @@ USE_XORG= x11 xextproto xext xrandr or --disable-${OPT_CONFIGURE_ENABLE} will be added to CONFIGURE_ARGS depending - on the value of the - option OPT, for + on the value of the option + OPT, for example: OPTIONS_DEFINE= OPT1 @@ -3936,8 +3937,9 @@ CONFIGURE_ARGS+= --without-test OPT_CONFIGURE_ON is set then its value will be appended to CONFIGURE_ARGS depending on the status of - the option OPT, - for example: + the option + OPT, for + example: OPTIONS_DEFINE= OPT1 OPT1_CONFIGURE_ON= --add-test @@ -3960,8 +3962,9 @@ CONFIGURE_ARGS+= --add-test OPT_CONFIGURE_OFF is set then its value will be appended to CONFIGURE_ARGS depending on the status of - the option OPT, - for example: + the option + OPT, for + example: OPTIONS_DEFINE= OPT1 OPT1_CONFIGURE_OFF= --no-test @@ -3981,11 +3984,11 @@ CONFIGURE_ARGS+= --no-test <varname><replaceable>OPT</replaceable>_CMAKE_ON</varname> If - OPT_CMAKE_ON is - set then its value will be appended to + OPT_CMAKE_ON + is set then its value will be appended to CMAKE_ARGS depending on the status of the - option OPT, for - example: + option OPT, + for example: OPTIONS_DEFINE= OPT1 OPT1_CMAKE_ON= -DTEST:BOOL=true @@ -4005,11 +4008,11 @@ CMAKE_ARGS+= -DTEST:BOOL=true <varname><replaceable>OPT</replaceable>_CMAKE_OFF</varname> If - OPT_CMAKE_OFF is - set then its value will be appended to + OPT_CMAKE_OFF + is set then its value will be appended to CMAKE_ARGS depending on the status of the - option OPT, for - example: + option OPT, + for example: OPTIONS_DEFINE= OPT1 OPT1_CMAKE_OFF= -DTEST:BOOL=false From owner-svn-doc-all@FreeBSD.ORG Mon Apr 14 17:44:45 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A411B347; Mon, 14 Apr 2014 17:44:45 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 910CF1598; Mon, 14 Apr 2014 17:44:45 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3EHij1M054125; Mon, 14 Apr 2014 17:44:45 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3EHijKh054124; Mon, 14 Apr 2014 17:44:45 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404141744.s3EHijKh054124@svn.freebsd.org> From: Dru Lavigne Date: Mon, 14 Apr 2014 17:44:45 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44554 - head/en_US.ISO8859-1/books/handbook/install X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Apr 2014 17:44:45 -0000 Author: dru Date: Mon Apr 14 17:44:45 2014 New Revision: 44554 URL: http://svnweb.freebsd.org/changeset/doc/44554 Log: Fix typo. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/install/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/install/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/install/chapter.xml Mon Apr 14 16:13:17 2014 (r44553) +++ head/en_US.ISO8859-1/books/handbook/install/chapter.xml Mon Apr 14 17:44:45 2014 (r44554) @@ -4228,7 +4228,7 @@ Please press any key to reboot. The headless machine can now be controlled using - &man.cu.1;. It will load the kernel and then dispaly a + &man.cu.1;. It will load the kernel and then display a selection of which type of terminal to use. Select the &os; color console and proceed with the installation. From owner-svn-doc-all@FreeBSD.ORG Mon Apr 14 18:39:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 816BE776; Mon, 14 Apr 2014 18:39:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6CC1A1AB1; Mon, 14 Apr 2014 18:39:13 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3EIdDsp075760; Mon, 14 Apr 2014 18:39:13 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3EIdDwI075758; Mon, 14 Apr 2014 18:39:13 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404141839.s3EIdDwI075758@svn.freebsd.org> From: Dru Lavigne Date: Mon, 14 Apr 2014 18:39:13 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44555 - in head/en_US.ISO8859-1/books/handbook: config dtrace X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Apr 2014 18:39:13 -0000 Author: dru Date: Mon Apr 14 18:39:12 2014 New Revision: 44555 URL: http://svnweb.freebsd.org/changeset/doc/44555 Log: Prep work for merging Power and Resource Management and Using and Debugging FreeBSD ACPI Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/config/chapter.xml Mon Apr 14 17:44:45 2014 (r44554) +++ head/en_US.ISO8859-1/books/handbook/config/chapter.xml Mon Apr 14 18:39:12 2014 (r44555) @@ -2838,57 +2838,25 @@ kern.maxvnodes: 100000 It is important to utilize hardware resources in an - efficient manner. Before the Advanced Configuration and Power - Interface (ACPI) was introduced, it was - difficult and inflexible for operating systems to manage the - power usage and thermal properties of a system. The hardware - was managed by the BIOS and the user had less - control and visibility into the power management settings. Some - limited configurability was available via Advanced - Power Management (APM). Power - and resource management allows the operating system to monitor - system limits and to possibly provide an alert if the system - temperature increases unexpectedly. - - This section provides comprehensive information about - ACPI. References will be provided for - further reading. - - - What Is ACPI? - - - ACPI - - - - APM - - - ACPI is a standard written by an - alliance of vendors to provide a standard interface for - hardware resources and power management. It is a key - element in Operating System-directed configuration - and Power Management as it provides more control - and flexibility to the operating system. Modern systems - stretched the limits of the current Plug and - Play interfaces prior to the introduction of - ACPI. ACPI is the - direct successor to APM. - - - - Shortcomings of Advanced Power Management - - The APM facility controls the power - usage of a system based on its activity. The - APM BIOS is supplied - by the vendor and is specific to the hardware platform. An - APM driver in the operating system - mediates access to the APM - Software Interface, which allows management of - power levels. APM should still be used - for systems manufactured at or before the year 2000. + efficient manner. Power and resource management allows the + operating system to monitor system limits and to possibly + provide an alert if the system temperature increases + unexpectedly. An early specification for providing power + management was the Advanced Power Management + (APM) facility. APM + controls the power usage of a system based on its activity. + However, it was difficult and inflexible for operating systems + to manage the power usage and thermal properties of a system. + The hardware was managed by the BIOS and the + user had limited configurability and visibility into the power + management settings. The APM + BIOS is supplied by the vendor and is + specific to the hardware platform. An APM + driver in the operating system mediates access to the + APM Software Interface, which allows + management of power levels. APM should still + be used for systems manufactured at or before the year + 2000. There are four major problems in APM. First, power management is done by the vendor-specific @@ -2918,11 +2886,37 @@ kern.maxvnodes: 100000 many situations. PNPBIOS is 16-bit technology, so the operating system has to use 16-bit emulation in order to interface with - PNPBIOS methods. - - The &os; APM driver is documented in + PNPBIOS methods. &os; provides an + APM driver for backwards compatibility with + older hardware. The driver is documented in &man.apm.4;. - + + + ACPI + + + + APM + + + The successor to APM is the Advanced + Configuration and Power Interface (ACPI). + ACPI is a standard written by an + alliance of vendors to provide a standard interface for + hardware resources and power management. It is a key + element in Operating System-directed configuration + and Power Management as it provides more control + and flexibility to the operating system. Modern systems + stretched the limits of the current Plug and + Play interfaces prior to the introduction of + ACPI.. + + This chapter demonstrates how to configure + ACPI on &os;. It then offers some tips on + how to debug ACPI and how to submit a + problem report containing debugging information so that + developers can diagnosis and fix ACPI + issues. Configuring <acronym>ACPI</acronym> @@ -2963,11 +2957,10 @@ kern.maxvnodes: 100000 Other options are available via &man.sysctl.8;. Refer to &man.acpi.4; and &man.acpiconf.8; for more information. - - + - Using and Debugging &os; <acronym>ACPI</acronym> + Debugging &os; <acronym>ACPI</acronym> @@ -3018,9 +3011,6 @@ kern.maxvnodes: 100000 cause of problems and in debugging and developing a solution. - - Submitting Debugging Information - Before submitting a problem, ensure the latest BIOS version is installed and, if Modified: head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Mon Apr 14 17:44:45 2014 (r44554) +++ head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Mon Apr 14 18:39:12 2014 (r44555) @@ -35,9 +35,10 @@ that might make this chapter too large. &dtrace;, also known as Dynamic Tracing, was developed by &sun; as a tool for locating performance bottlenecks in - production and pre-production systems. It is not, in any way, - a debugging tool, but a tool for real time system analysis to - locate performance and other issues. + production and pre-production systems. In addition to + diagnosing performance problems, &dtrace; can be used to help + investigate and debug unexpected behavior in both the &os; + kernel and in userland programs. &dtrace; is a remarkable profiling tool, with an impressive array of features for diagnosing system issues. It may also @@ -45,6 +46,17 @@ that might make this chapter too large. capabilities. Users may even author their own utilities using the &dtrace; D Language, allowing them to customize their profiling based on specific needs. + + The &dtrace; implementation in &os; provides experimental + support for userland &dtrace;. This feature allows users to + perform function boundary tracing for userland programs using + the pid provider, and to insert static probes + into userland programs for later tracing. Some ports, such as + databases/postgres-server and + lang/php5 have a &dtrace; option to enable + static probes. &os; 10.0-RELEASE has reasonably good userland + &dtrace; support, but it is not considered production ready. In + particular, it is possible to crash traced programs. After reading this chapter, you will know: @@ -72,12 +84,6 @@ that might make this chapter too large. - Be familiar with - the basics of kernel configuration/compilation - (). - - - Have some familiarity with security and how it pertains to &os; (). @@ -87,18 +93,6 @@ that might make this chapter too large. (). - - - - This feature is considered experimental. Some options - may be lacking in functionality, other parts may not work - at all. In time, this feature will be considered production - ready and this documentation will be altered to fit that - situation. - @@ -106,9 +100,15 @@ that might make this chapter too large. While the &dtrace; in &os; is similar to that found in &solaris;, differences do exist. The primary difference is that - on &os;, &dtrace; needs to be specifically enabled by loading - kernel modules or by compiling a custom kernel with specific - options. + in &os;, &dtrace; is implemented as a set of kernel modules and + &dtrace; can not be used until the modules are loaded. To load + all of the necessary modules: + + &prompt.root; kldload dtraceall + + Beginning with &os; 10.0-RELEASE, the modules are + automatically loaded when dtrace is + run. &os; uses the DDB_CTF kernel option to enable support for loading CTF @@ -127,7 +127,14 @@ that might make this chapter too large. Some different providers exist for &os; than for &solaris;. Most notable is the dtmalloc provider, which allows tracing malloc() by type in the - &os; kernel. + &os; kernel. Some of the providers found in &solaris;, such as + cpc and mib, are not + present in &os;. These may appear in future versions of &os;. + Moreover, some of the providers available in both operating + systems are not compatible, in the sense that their probes have + different argument types. Thus, D scripts + written on &solaris; may or may not work unmodified on &os;, and + vice versa. Due to security differences, only root may use &dtrace; on &os;. @@ -151,78 +158,52 @@ that might make this chapter too large. Enabling &dtrace; Support - To enable support for &dtrace;, add the following lines to - the kernel configuration file: + In &os; 9.2 and 10.0, &dtrace; support is built into the + GENERIC kernel. Users of earlier versions + of &os; or who prefer to statically compile in &dtrace; support + should add the following lines to a custom kernel configuration + file and recompile the kernel using the instructions in . options KDTRACE_HOOKS options DDB_CTF - Users of the AMD64 architecture will want to add the - following line to their kernel configuration file: + Users of the AMD64 architecture should also add this + line: options KDTRACE_FRAME - This option provides support for the - FBT feature. &dtrace; will work without - this option; however, there will be limited support for + This option provides support for + FBT. While &dtrace; will work without + this option, there will be limited support for function boundary tracing. - All sources must be rebuilt and installed with - CTF options. - - - Starting from 10.0, the following steps are not needed any - more as the WITH_CTF option is included in - the GENERIC kernel configuration. - - - To accomplish this task, rebuild the &os; sources - using: - - - - &prompt.root; cd /usr/src - -&prompt.root; make WITH_CTF=1 kernel - - - - The system will need to be restarted. - - After rebooting and allowing the new kernel to be loaded - into memory, support for the Korn shell should be added. This + Once the &os; system has rebooted into the new kernel, or + the &dtrace; kernel modules have been loaded using + kldload dtraceall, the system will + have support for the Korn shell. This is needed as the &dtrace;Toolkit has several utilities written - in ksh. Install the - shells/ksh93. It is also + in ksh. Make sure that the + shells/ksh93 package or port is installed. + It is also possible to run these tools under shells/pdksh or shells/mksh. Finally, obtain the current &dtrace;Toolkit. - If you are running FreeBSD 10, you will find the &dtrace;Toolkit + FreeBSD 10 includes the &dtrace;Toolkit in /usr/share/dtrace. - Otherwise, you can install the &dtrace;Toolkit using the - sysutils/DTraceToolkit + Otherwise, install the &dtrace;Toolkit using the + sysutils/DTraceToolkit package or port. Using &dtrace; - Before making use of &dtrace; functionality, the &dtrace; - device must exist. To load the device, issue the following - command: - - &prompt.root; kldload dtraceall - - &dtrace; support should now be available. To view all + To view all probes the administrator may now execute the following command: @@ -255,14 +236,6 @@ options DDB_CTF use /usr/bin/perl will need altered to use /usr/local/bin/perl. - - At this point it is prudent to remind the reader that - &dtrace; support in &os; is incomplete - and experimental. Many of these scripts - will not work as they are either too &solaris;-specific or - use probes which are unsupported at this time. - - At the time of this writing only two of the scripts of the &dtrace; Toolkit are fully supported in &os;: the hotkernel From owner-svn-doc-all@FreeBSD.ORG Mon Apr 14 19:48:31 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F04257AE; Mon, 14 Apr 2014 19:48:31 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DB7F51356; Mon, 14 Apr 2014 19:48:31 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3EJmV09004770; Mon, 14 Apr 2014 19:48:31 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3EJmVDu004769; Mon, 14 Apr 2014 19:48:31 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404141948.s3EJmVDu004769@svn.freebsd.org> From: Dru Lavigne Date: Mon, 14 Apr 2014 19:48:31 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44556 - head/en_US.ISO8859-1/books/handbook/config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Apr 2014 19:48:32 -0000 Author: dru Date: Mon Apr 14 19:48:31 2014 New Revision: 44556 URL: http://svnweb.freebsd.org/changeset/doc/44556 Log: Editorial review of first 1/2 of ACPI chapter. Move how to submit a report subsection to after the troubleshooting sub-section. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/config/chapter.xml Mon Apr 14 18:39:12 2014 (r44555) +++ head/en_US.ISO8859-1/books/handbook/config/chapter.xml Mon Apr 14 19:48:31 2014 (r44556) @@ -2854,9 +2854,7 @@ kern.maxvnodes: 100000 specific to the hardware platform. An APM driver in the operating system mediates access to the APM Software Interface, which allows - management of power levels. APM should still - be used for systems manufactured at or before the year - 2000. + management of power levels. There are four major problems in APM. First, power management is done by the vendor-specific @@ -2881,15 +2879,15 @@ kern.maxvnodes: 100000 or one that can adapt well to the purpose of the machine. - The Plug and Play BIOS - (PNPBIOS) was unreliable in + The Plug and Play BIOS + (PNPBIOS) was unreliable in many situations. PNPBIOS is 16-bit technology, so the operating system has to use 16-bit emulation in order to interface with PNPBIOS methods. &os; provides an - APM driver for backwards compatibility with - older hardware. The driver is documented in - &man.apm.4;. + APM driver as APM should + still be used for systems manufactured at or before the year + 2000. The driver is documented in &man.apm.4;. ACPI @@ -2902,14 +2900,11 @@ kern.maxvnodes: 100000 The successor to APM is the Advanced Configuration and Power Interface (ACPI). ACPI is a standard written by an - alliance of vendors to provide a standard interface for + alliance of vendors to provide an interface for hardware resources and power management. It is a key element in Operating System-directed configuration and Power Management as it provides more control - and flexibility to the operating system. Modern systems - stretched the limits of the current Plug and - Play interfaces prior to the introduction of - ACPI.. + and flexibility to the operating system. This chapter demonstrates how to configure ACPI on &os;. It then offers some tips on @@ -2921,21 +2916,18 @@ kern.maxvnodes: 100000 Configuring <acronym>ACPI</acronym> - The &man.acpi.4; driver is loaded by default at start - up by &man.loader.8; and should - not be compiled into the kernel. The - reasoning is that modules are easier to work with and do not - require a kernel rebuild. This has the advantage of making - testing easier. Another reason is that starting - ACPI after a system has been brought up - often does not work well. If experiencing problems, - ACPI can be disabled altogether. This - driver should not and can not be unloaded because the system + In &os; the &man.acpi.4; driver is loaded by default at system + boot and should + not be compiled into the kernel. This + driver can not be unloaded after boot because the system bus uses it for various hardware interactions. - ACPI can be disabled by rebooting after + However, if the system is experiencing problems, + ACPI can be disabled altogether + by rebooting after setting hint.acpi.0.disabled="1" in /boot/loader.conf or by setting this - variable at the &man.loader.8; prompt. + variable at the loader prompt, as described in . ACPI and APM @@ -2945,146 +2937,26 @@ kern.maxvnodes: 100000 ACPI can be used to put the system into - a sleep mode with &man.acpiconf.8;, the - flag, and a 1-5 option. Most users + a sleep mode with acpiconf, the + flag, and a number from 1 to 5. Most users only need 1 (quick suspend to RAM) or 3 (suspend to RAM). Option 5 performs - a soft-off which is the same action as: + a soft-off which is the same as running halt -p. - &prompt.root; halt -p - - Other options are available via &man.sysctl.8;. Refer to + Other options are available using sysctl. Refer to &man.acpi.4; and &man.acpiconf.8; for more information. - - - Debugging &os; <acronym>ACPI</acronym> - - - - - Nate - Lawson - - Written by - - - - - - - Peter - Schultz - - With contributions from - - - - - Tom - Rhodes - - - - - - - ACPI - problems - - - ACPI is a fundamentally new way of - discovering devices, managing power usage, and providing - standardized access to various hardware previously managed by - the BIOS. Progress is being made toward - ACPI working on all systems, but bugs in some - motherboards' ACPI Machine - Language (AML) bytecode, - incompleteness in &os;'s kernel subsystems, and bugs in the - &intel; ACPI-CA interpreter continue to - appear. - - This section is intended to help users assist the &os; - ACPI maintainers in identifying the root - cause of problems and in debugging and developing a - solution. - - - Before submitting a problem, ensure the latest - BIOS version is installed and, if - available, the embedded controller firmware version. - - - When submitting a problem, send the following information - to - freebsd-acpi@FreeBSD.org: - - - - Description of the buggy behavior, including system - type and model and anything that causes the bug to appear. - Note as accurately as possible when the bug began - occurring if it is new. - - - - The output of &man.dmesg.8; after running - boot -v, including any error messages - generated by the bug. - - - - The &man.dmesg.8; output from boot - -v with ACPI disabled, - if disabling it helps to fix the problem. - - - - Output from sysctl hw.acpi. This - lists which features the system offers. - - - - The URL to a pasted version of the - ACPI Source - Language (ASL). Do - not send the - ASL directly to the list as it can be - very large. Generate a copy of the - ASL by running this command: - - &prompt.root; acpidump -dt > name-system.asl - - Substitute the login name for - name and manufacturer/model for - system. For example, use - njl-FooCo6000.asl. - - - - Most &os; developers watch &a.current;, but one should - submit problems to &a.acpi.name; to be sure it is seen. Be - patient when waiting for a response. If the bug is not - immediately apparent, submit a PR using - &man.send-pr.1;. When entering a PR, - include the same information as requested above. This helps - developers to track the problem and resolve it. Do not send a - PR without emailing &a.acpi.name; first as - it is likely that the problem has been reported before. - - - - Background - + + Common Problems ACPI ACPI is present in all modern computers that conform to the ia32 (x86), ia64 (Itanium), and amd64 - (AMD) architectures. The full standard has many features + (AMD) architectures. The full standard has many features including CPU performance management, power planes control, thermal zones, various battery systems, embedded controllers, and bus enumeration. Most systems @@ -3100,8 +2972,8 @@ kern.maxvnodes: 100000 in memory that specify things like the APIC map (used for SMP), config registers, and simple configuration values. Additionally, a bytecode table, - the Differentiated System Description - Table DSDT, specifies a + the Differentiated System Description + Table DSDT, specifies a tree-like name space of devices and methods. The ACPI driver must parse the fixed @@ -3116,10 +2988,6 @@ kern.maxvnodes: 100000 in src/sys/dev/acpica/Osd. Finally, drivers that implement various ACPI devices are found in src/sys/dev/acpica. - - - - Common Problems ACPI @@ -3129,7 +2997,9 @@ kern.maxvnodes: 100000 For ACPI to work correctly, all the parts have to work correctly. Here are some common problems, in order of frequency of appearance, and some possible - workarounds or fixes. + workarounds or fixes. If a fix does not resolve the issue, + refer to for instructions + on how to submit a bug report. Mouse Issues @@ -3137,9 +3007,7 @@ kern.maxvnodes: 100000 In some cases, resuming from a suspend operation will cause the mouse to fail. A known work around is to add hint.psm.0.flags="0x3000" to - /boot/loader.conf. If this does not - work, consider sending a bug report using - &man.send-pr.1;. + /boot/loader.conf. @@ -3148,18 +3016,18 @@ kern.maxvnodes: 100000 ACPI has three suspend to RAM (STR) states, S1-S3, and one suspend - to disk state (STD), called - S4. S5 is - soft off and is the normal state the system - is in when plugged in but not powered up. - S4 can be implemented in two separate - ways. S4BIOS is a - BIOS-assisted suspend to disk. + to disk state (STD), called + S4. STD can be implemented in two separate + ways. The S4BIOS is a + BIOS-assisted suspend to disk and S4OS is implemented - entirely by the operating system. + entirely by the operating system. The normal state the system + is in when plugged in but not powered up is + soft off (S5). + - Start by checking sysctl hw.acpi - for the suspend-related items. Here are the results for a + Use sysctl hw.acpi to check + for the suspend-related items. These example results are from a Thinkpad: hw.acpi.supported_sleep_state: S3 S4 S5 @@ -3167,11 +3035,11 @@ hw.acpi.s4bios: 0 Use acpiconf -s to test S3, - S4OS, and + S4, and S5. An of one - (1), indicates + (1) indicates S4BIOS support instead - of S4 OS. + of S4 operating system support. When testing suspend/resume, start with S1, if supported. This state is most @@ -3180,11 +3048,7 @@ hw.acpi.s4bios: 0 which is similar to S1. Next, try S3. This is the deepest STR state and requires a lot of driver - support to properly reinitialize the hardware. If there are - problems resuming, email &a.acpi.name;. However, the - problem may not be resolved quickly since due to the amount - of drivers and hardware that need more testing and - work. + support to properly reinitialize the hardware. A common problem with suspend/resume is that many device drivers do not save, restore, or reinitialize their @@ -3210,8 +3074,8 @@ hw.acpi.s4bios: 0 console, a Firewire port and cable for using &man.dcons.4;, and kernel debugging skills. - To help isolate the problem, remove as many drivers - from the kernel as possible. If it works, narrow down which + To help isolate the problem, unload as many drivers + as possible. If it works, narrow down which driver is the problem by loading drivers until it fails again. Typically, binary drivers like nvidia.ko, display drivers, and @@ -3257,7 +3121,7 @@ hw.acpi.s4bios: 0 how the BIOS configures interrupts before correctness of the APIC (MADT) table, and routing of the - System Control Interrupt + System Control Interrupt (SCI). @@ -3297,7 +3161,7 @@ hw.acpi.s4bios: 0 get a backtrace. Follow the advice for enabling options DDB and setting up a serial console in or setting - up a &man.dump.8; partition. To get a backtrace in + up a dump partition. To get a backtrace in DDB, use tr. When handwriting the backtrace, get at least the last five and the top five lines in the trace. @@ -3314,25 +3178,13 @@ hw.acpi.s4bios: 0 First, try setting hw.acpi.disable_on_poweroff="0" in - &man.loader.conf.5;. This keeps ACPI + /boot/loader. This keeps ACPI from disabling various events during the shutdown process. Some systems need this value set to 1 (the default) for the same reason. This usually fixes the problem of a system powering up spontaneously after a suspend or poweroff. - - - Other Problems - - For other problems with ACPI, such as - it not working with a docking station or devices not being - detected, email a description to &a.acpi.name;. Some - issues may be related to unfinished parts of the - ACPI subsystem which might take a while - to be implemented. Be patient and prepared to test - patches. - @@ -3567,5 +3419,123 @@ debug.acpi.level="ACPI_LV_ERROR" + + + + Debugging &os; <acronym>ACPI</acronym> + + + + + Nate + Lawson + + Written by + + + + + + + Peter + Schultz + + With contributions from + + + + + Tom + Rhodes + + + + + + + ACPI + problems + + + ACPI provides a method for + discovering devices, managing power usage, and providing + standardized access to various hardware previously managed by + the BIOS. Progress is being made toward + ACPI working on all systems, but bugs in some + motherboards' ACPI Machine + Language (AML) bytecode, + incompleteness in &os;'s kernel subsystems, and bugs in the + &intel; ACPI-CA interpreter continue to + appear. + + This section is intended to help users assist the &os; + ACPI maintainers in identifying the root + cause of problems and in debugging and developing a + solution. + + + Before submitting a problem, ensure the latest + BIOS version is installed and, if + available, the embedded controller firmware version. + + + When submitting a problem, send the following information + to + freebsd-acpi@FreeBSD.org: + + + + Description of the buggy behavior, including system + type and model and anything that causes the bug to appear. + Note as accurately as possible when the bug began + occurring if it is new. + + + + The output of &man.dmesg.8; after running + boot -v, including any error messages + generated by the bug. + + + + The &man.dmesg.8; output from boot + -v with ACPI disabled, + if disabling it helps to fix the problem. + + + + Output from sysctl hw.acpi. This + lists which features the system offers. + + + + The URL to a pasted version of the + ACPI Source + Language (ASL). Do + not send the + ASL directly to the list as it can be + very large. Generate a copy of the + ASL by running this command: + + &prompt.root; acpidump -dt > name-system.asl + + Substitute the login name for + name and manufacturer/model for + system. For example, use + njl-FooCo6000.asl. + + + + Most &os; developers watch &a.current;, but one should + submit problems to &a.acpi.name; to be sure it is seen. Be + patient when waiting for a response. If the bug is not + immediately apparent, submit a PR using + &man.send-pr.1;. When entering a PR, + include the same information as requested above. This helps + developers to track the problem and resolve it. Do not send a + PR without emailing &a.acpi.name; first as + it is likely that the problem has been reported before. + + From owner-svn-doc-all@FreeBSD.ORG Mon Apr 14 20:52:06 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A5A4D114; Mon, 14 Apr 2014 20:52:06 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9158C19FC; Mon, 14 Apr 2014 20:52:06 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3EKq6vh033685; Mon, 14 Apr 2014 20:52:06 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3EKq6jY033684; Mon, 14 Apr 2014 20:52:06 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404142052.s3EKq6jY033684@svn.freebsd.org> From: Dru Lavigne Date: Mon, 14 Apr 2014 20:52:06 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44557 - head/en_US.ISO8859-1/books/handbook/config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Apr 2014 20:52:06 -0000 Author: dru Date: Mon Apr 14 20:52:06 2014 New Revision: 44557 URL: http://svnweb.freebsd.org/changeset/doc/44557 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/config/chapter.xml Mon Apr 14 19:48:31 2014 (r44556) +++ head/en_US.ISO8859-1/books/handbook/config/chapter.xml Mon Apr 14 20:52:06 2014 (r44557) @@ -698,13 +698,13 @@ dc1: [ITHREAD] Alternatively, statically compile support for the NIC into a custom kernel. Refer to /usr/src/sys/conf/NOTES, - /usr/src/sys/arch/conf/NOTES and the - manual page of the driver to determine which line to add - to the custom kernel configuration file. For more - information about recompiling the kernel, refer to - . If the - NIC was detected at boot, the kernel - does not need to be recompiled. + /usr/src/sys/arch/conf/NOTES + and the manual page of the driver to determine which line + to add to the custom kernel configuration file. For more + information about recompiling the kernel, refer to . If the NIC + was detected at boot, the kernel does not need to be + recompiled. @@ -1512,10 +1512,10 @@ cron.* A, named logserv.example.com, will collect logging information for the local network. Host - B, named logclient.example.com, will - be configured to pass logging information to the logging - server. + B, named logclient.example.com, + will be configured to pass logging information to the logging + server. Log Server Configuration @@ -2856,75 +2856,72 @@ kern.maxvnodes: 100000 APM Software Interface, which allows management of power levels. - There are four major problems in APM. - First, power management is done by the vendor-specific - BIOS, separate from the operating system. - For example, the user can set idle-time values for a hard - drive in the APM BIOS - so that, when exceeded, the BIOS spins - down the hard drive without the consent of the operating - system. Second, the APM logic is embedded - in the BIOS, and it operates outside the - scope of the operating system. This means that users can - only fix problems in the APM - BIOS by flashing a new one into the - ROM, which is a dangerous procedure with - the potential to leave the system in an unrecoverable state - if it fails. Third, APM is a - vendor-specific technology, meaning that there is a lot of - duplication of efforts and bugs found in one vendor's - BIOS may not be solved in others. Lastly, - the APM BIOS did not - have enough room to implement a sophisticated power policy - or one that can adapt well to the purpose of the - machine. - - The Plug and Play BIOS - (PNPBIOS) was unreliable in - many situations. PNPBIOS is 16-bit - technology, so the operating system has to use 16-bit - emulation in order to interface with - PNPBIOS methods. &os; provides an - APM driver as APM should - still be used for systems manufactured at or before the year - 2000. The driver is documented in &man.apm.4;. + There are four major problems in APM. + First, power management is done by the vendor-specific + BIOS, separate from the operating system. + For example, the user can set idle-time values for a hard drive + in the APM BIOS so that, + when exceeded, the BIOS spins down the hard + drive without the consent of the operating system. Second, the + APM logic is embedded in the + BIOS, and it operates outside the scope of + the operating system. This means that users can only fix + problems in the APM + BIOS by flashing a new one into the + ROM, which is a dangerous procedure with the + potential to leave the system in an unrecoverable state if it + fails. Third, APM is a vendor-specific + technology, meaning that there is a lot of duplication of + efforts and bugs found in one vendor's BIOS + may not be solved in others. Lastly, the APM + BIOS did not have enough room to implement a + sophisticated power policy or one that can adapt well to the + purpose of the machine. + + The Plug and Play BIOS + (PNPBIOS) was unreliable in many situations. + PNPBIOS is 16-bit technology, so the + operating system has to use 16-bit emulation in order to + interface with PNPBIOS methods. &os; + provides an APM driver as + APM should still be used for systems + manufactured at or before the year 2000. The driver is + documented in &man.apm.4;. - - ACPI - + + ACPI + - - APM - + + APM + The successor to APM is the Advanced Configuration and Power Interface (ACPI). - ACPI is a standard written by an - alliance of vendors to provide an interface for - hardware resources and power management. It is a key - element in Operating System-directed configuration - and Power Management as it provides more control - and flexibility to the operating system. - - This chapter demonstrates how to configure - ACPI on &os;. It then offers some tips on - how to debug ACPI and how to submit a - problem report containing debugging information so that - developers can diagnosis and fix ACPI - issues. + ACPI is a standard written by an alliance of + vendors to provide an interface for hardware resources and power + management. It is a key element in Operating + System-directed configuration and Power Management + as it provides more control and flexibility to the operating + system. + + This chapter demonstrates how to configure + ACPI on &os;. It then offers some tips on + how to debug ACPI and how to submit a problem + report containing debugging information so that developers can + diagnosis and fix ACPI issues. Configuring <acronym>ACPI</acronym> - In &os; the &man.acpi.4; driver is loaded by default at system - boot and should - not be compiled into the kernel. This - driver can not be unloaded after boot because the system - bus uses it for various hardware interactions. - However, if the system is experiencing problems, - ACPI can be disabled altogether - by rebooting after - setting hint.acpi.0.disabled="1" in + In &os; the &man.acpi.4; driver is loaded by default at + system boot and should not be compiled + into the kernel. This driver can not be unloaded after boot + because the system bus uses it for various hardware + interactions. However, if the system is experiencing + problems, ACPI can be disabled altogether + by rebooting after setting + hint.acpi.0.disabled="1" in /boot/loader.conf or by setting this variable at the loader prompt, as described in . @@ -2937,34 +2934,38 @@ kern.maxvnodes: 100000 ACPI can be used to put the system into - a sleep mode with acpiconf, the - flag, and a number from 1 to 5. Most users - only need 1 (quick suspend to + a sleep mode with acpiconf, the + flag, and a number from + 1 to 5. Most users only + need 1 (quick suspend to RAM) or 3 (suspend to RAM). Option 5 performs - a soft-off which is the same as running halt -p. + a soft-off which is the same as running + halt -p. - Other options are available using sysctl. Refer to - &man.acpi.4; and &man.acpiconf.8; for more information. + Other options are available using + sysctl. Refer to &man.acpi.4; and + &man.acpiconf.8; for more information. Common Problems + ACPI ACPI is present in all modern computers that conform to the ia32 (x86), ia64 (Itanium), and amd64 - (AMD) architectures. The full standard has many features - including CPU performance management, power - planes control, thermal zones, various battery systems, - embedded controllers, and bus enumeration. Most systems - implement less than the full standard. For instance, a - desktop system usually only implements bus enumeration - while a laptop might have cooling and battery management - support as well. Laptops also have suspend and resume, with - their own associated complexity. + (AMD) architectures. The full standard has + many features including CPU performance + management, power planes control, thermal zones, various + battery systems, embedded controllers, and bus enumeration. + Most systems implement less than the full standard. For + instance, a desktop system usually only implements bus + enumeration while a laptop might have cooling and battery + management support as well. Laptops also have suspend and + resume, with their own associated complexity. An ACPI-compliant system has various components. The BIOS and chipset vendors @@ -2972,9 +2973,9 @@ kern.maxvnodes: 100000 in memory that specify things like the APIC map (used for SMP), config registers, and simple configuration values. Additionally, a bytecode table, - the Differentiated System Description - Table DSDT, specifies a - tree-like name space of devices and methods. + the Differentiated System Description Table + DSDT, specifies a tree-like name space of + devices and methods. The ACPI driver must parse the fixed tables, implement an interpreter for the bytecode, and modify @@ -3017,25 +3018,24 @@ kern.maxvnodes: 100000 RAM (STR) states, S1-S3, and one suspend to disk state (STD), called - S4. STD can be implemented in two separate - ways. The S4BIOS is a + S4. STD can be + implemented in two separate ways. The + S4BIOS is a BIOS-assisted suspend to disk and S4OS is implemented - entirely by the operating system. The normal state the system - is in when plugged in but not powered up is - soft off (S5). - + entirely by the operating system. The normal state the + system is in when plugged in but not powered up is + soft off (S5). - Use sysctl hw.acpi to check - for the suspend-related items. These example results are from a + Use sysctl hw.acpi to check for the + suspend-related items. These example results are from a Thinkpad: hw.acpi.supported_sleep_state: S3 S4 S5 hw.acpi.s4bios: 0 Use acpiconf -s to test - S3, - S4, and + S3, S4, and S5. An of one (1) indicates S4BIOS support instead @@ -3074,20 +3074,19 @@ hw.acpi.s4bios: 0 console, a Firewire port and cable for using &man.dcons.4;, and kernel debugging skills. - To help isolate the problem, unload as many drivers - as possible. If it works, narrow down which - driver is the problem by loading drivers until it fails - again. Typically, binary drivers like - nvidia.ko, display drivers, and - USB will have the most problems while - Ethernet interfaces usually work fine. If drivers can be - properly loaded and unloaded, automate this by putting the - appropriate commands in + To help isolate the problem, unload as many drivers as + possible. If it works, narrow down which driver is the + problem by loading drivers until it fails again. Typically, + binary drivers like nvidia.ko, display + drivers, and USB will have the most + problems while Ethernet interfaces usually work fine. If + drivers can be properly loaded and unloaded, automate this + by putting the appropriate commands in /etc/rc.suspend and - /etc/rc.resume. - Try setting to - 0 if the display is messed up after - resume. Try setting longer or shorter values for + /etc/rc.resume. Try setting + to 0 + if the display is messed up after resume. Try setting + longer or shorter values for to see if that helps. @@ -3120,9 +3119,8 @@ hw.acpi.s4bios: 0 interrupt storm. Chipsets may have problems based on boot, how the BIOS configures interrupts before correctness of the APIC - (MADT) table, and routing of the - System Control Interrupt - (SCI). + (MADT) table, and routing of the System + Control Interrupt (SCI). interrupt storms @@ -3163,8 +3161,8 @@ hw.acpi.s4bios: 0 console in or setting up a dump partition. To get a backtrace in DDB, use tr. When - handwriting the backtrace, get at least the last five - and the top five lines in the trace. + handwriting the backtrace, get at least the last five and + the top five lines in the trace. Then, try to isolate the problem by booting with ACPI disabled. If that works, isolate @@ -3178,12 +3176,12 @@ hw.acpi.s4bios: 0 First, try setting hw.acpi.disable_on_poweroff="0" in - /boot/loader. This keeps ACPI - from disabling various events during the shutdown process. - Some systems need this value set to 1 - (the default) for the same reason. This usually fixes the - problem of a system powering up spontaneously after a - suspend or poweroff. + /boot/loader. This keeps + ACPI from disabling various events during + the shutdown process. Some systems need this value set to + 1 (the default) for the same reason. + This usually fixes the problem of a system powering up + spontaneously after a suspend or poweroff. @@ -3196,9 +3194,9 @@ hw.acpi.s4bios: 0 ASL - Some BIOS vendors provide incorrect - or buggy bytecode. This is usually manifested by kernel - console messages like this: + Some BIOS vendors provide incorrect or + buggy bytecode. This is usually manifested by kernel console + messages like this: ACPI-1287: *** Error: Method execution failed [\\_SB_.PCI0.LPC0.FIGD._STA] \\ (Node 0xc3f6d160), AE_NOT_FOUND @@ -3206,18 +3204,16 @@ hw.acpi.s4bios: 0 Often, these problems may be resolved by updating the BIOS to the latest revision. Most console messages are harmless, but if there are other problems like - the battery status is not working, these messages are a - good place to start looking for problems. The bytecode, - known as AML, is compiled from a source - language called ASL. The - AML is found in the table known as the - DSDT. To get a copy of the system's - ASL, use &man.acpidump.8;. Include both - , to show the contents of the fixed tables, - and , to disassemble the - AML. Refer to - for an example - syntax. + the battery status is not working, these messages are a good + place to start looking for problems. The bytecode, known as + AML, is compiled from a source language + called ASL. The AML is + found in the table known as the DSDT. To + get a copy of the system's ASL, use + &man.acpidump.8;. Include both , to show + the contents of the fixed tables, and , to + disassemble the AML. Refer to for an example syntax. The simplest first check is to recompile the ASL to check for errors. Warnings can @@ -3296,9 +3292,9 @@ hw.acpi.s4bios: 0 &prompt.root; iasl your.asl - Adding the flag forces creation - of the AML, even if there are errors - during compilation. Some errors, such as missing return + Adding the flag forces creation of + the AML, even if there are errors during + compilation. Some errors, such as missing return statements, are automatically worked around by the interpreter. @@ -3342,8 +3338,8 @@ acpi_dsdt_name="/boot/DSDT.aml"level is a bitmask so multiple options can be set at once, separated by spaces. In practice, a serial console should be used to log the output - so it is not lost as the console message buffer flushes. - A full list of the individual layers and levels is found in + so it is not lost as the console message buffer flushes. A + full list of the individual layers and levels is found in &man.acpi.4;. Debugging output is not enabled by default. To enable it, @@ -3420,8 +3416,8 @@ debug.acpi.level="ACPI_LV_ERROR" - - + + Debugging &os; <acronym>ACPI</acronym> @@ -3452,26 +3448,26 @@ debug.acpi.level="ACPI_LV_ERROR" - - ACPI - problems - + + ACPI + problems + - ACPI provides a method for - discovering devices, managing power usage, and providing - standardized access to various hardware previously managed by - the BIOS. Progress is being made toward - ACPI working on all systems, but bugs in some - motherboards' ACPI Machine - Language (AML) bytecode, - incompleteness in &os;'s kernel subsystems, and bugs in the - &intel; ACPI-CA interpreter continue to - appear. - - This section is intended to help users assist the &os; - ACPI maintainers in identifying the root - cause of problems and in debugging and developing a - solution. + ACPI provides a method for + discovering devices, managing power usage, and providing + standardized access to various hardware previously managed by + the BIOS. Progress is being made toward + ACPI working on all systems, but bugs in + some motherboards' ACPI Machine Language + (AML) bytecode, incompleteness in &os;'s + kernel subsystems, and bugs in the &intel; + ACPI-CA interpreter continue to + appear. + + This section is intended to help users assist the &os; + ACPI maintainers in identifying the root + cause of problems and in debugging and developing a + solution. Before submitting a problem, ensure the latest @@ -3512,10 +3508,10 @@ debug.acpi.level="ACPI_LV_ERROR"The URL to a pasted version of the ACPI Source Language (ASL). Do - not send the - ASL directly to the list as it can be - very large. Generate a copy of the - ASL by running this command: + not send the ASL + directly to the list as it can be very large. Generate a + copy of the ASL by running this + command: &prompt.root; acpidump -dt > name-system.asl @@ -3536,6 +3532,5 @@ debug.acpi.level="ACPI_LV_ERROR"PR without emailing &a.acpi.name; first as it is likely that the problem has been reported before. - From owner-svn-doc-all@FreeBSD.ORG Mon Apr 14 22:29:04 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BF593225; Mon, 14 Apr 2014 22:29:04 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 925051527; Mon, 14 Apr 2014 22:29:04 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3EMT4La072163; Mon, 14 Apr 2014 22:29:04 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3EMT4Ws072162; Mon, 14 Apr 2014 22:29:04 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404142229.s3EMT4Ws072162@svn.freebsd.org> From: Dru Lavigne Date: Mon, 14 Apr 2014 22:29:04 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44558 - head/en_US.ISO8859-1/books/handbook/dtrace X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Apr 2014 22:29:04 -0000 Author: dru Date: Mon Apr 14 22:29:04 2014 New Revision: 44558 URL: http://svnweb.freebsd.org/changeset/doc/44558 Log: Forced commit to add comment to dtrace file committed in r44555. That commit updated the DTrace chapter to remove no longer needed warnings and to update kernel DTrace for 10.x stuff. Submitted by: markj Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml ============================================================================== From owner-svn-doc-all@FreeBSD.ORG Tue Apr 15 10:08:25 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 226A4CF4; Tue, 15 Apr 2014 10:08:25 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 01E911600; Tue, 15 Apr 2014 10:08:25 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3FA8OcU061640; Tue, 15 Apr 2014 10:08:24 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3FA8ODb061639; Tue, 15 Apr 2014 10:08:24 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404151008.s3FA8ODb061639@svn.freebsd.org> From: Gabor Pali Date: Tue, 15 Apr 2014 10:08:24 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44559 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Apr 2014 10:08:25 -0000 Author: pgj Date: Tue Apr 15 10:08:24 2014 New Revision: 44559 URL: http://svnweb.freebsd.org/changeset/doc/44559 Log: - Add 2014Q1 status report on ZFSguru Submitted by: Jason Edwards Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Mon Apr 14 22:29:04 2014 (r44558) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Tue Apr 15 10:08:24 2014 (r44559) @@ -20,7 +20,7 @@

      Thanks to all the reporters for the excellent work! This - report contains 38 entries and we hope you enjoy reading it.

      + report contains 39 entries and we hope you enjoy reading it.

      The deadline for submissions covering between April and June 2014 is July 7th, 2014.

      @@ -2398,4 +2398,92 @@ device vt_efifb in this quarter.

       + + + ZFSguru + + + + + Jason + Edwards + + sub.mesa@gmail.com + + + + + Home page + + + +

      ZFSguru is a multifunctional server appliance with a strong + emphasis on storage. It desired to bring BSD and ZFS technology + to a wider audience, while at the same time pleasing more + advanced users as well with unique features. A vanilla + ZFSguru installation comes with only Samba and a web-interface + setup, but can be extended easily by installing addons called + services to add functionality as desired. This prevents + users from running stuff they do not need and do not want. + Advanced users can still use ZFSguru as they would a normal &os; + installation with a 100% ZFS setup (Root-on-ZFS). + ZFSguru does not strip away anything, and uses a + GENERIC-like kernel with only some additional stuff + added like InfiniBand networking, Device Polling and AltQ. This + means you can use a ZFSguru installation as you would use a &os; + installation.

      + +

      In the first month of 2014, ZFSguru has released beta9 version + of the web interface. This release brings vastly improved support + for Samba and NFS configuration. In particular, it adds a + convenient drag-and-drop interface for Samba permissions. This + allows novice users to configure access to shares in various + configurations. It allows both control and usability, with no + manual being necessary in order to operate it. This is the + ZFSguru-style.

      + +

      New system versions have been released, based on &os; 9.2, + 10.0, and head. The experimental head version + has vt(4) and X.org 7.12.4 and the Intel/Radeon KMS + graphics drivers. That is, the latest and greatest of &os; + graphics development. The ZFSguru project plans to release + stable/10 builds in the near future which also have the + MFC'ed patches for vt(4). Please see the + vt(4) entry for more information.

      + +

      Support for ZFS version 5000 is now universal across 9.2, 10.0 + and head builds. LZ4 compression is the key feature for + ZFS version 5000. Otherwise users are advised to keep their + pool versions as is, to be as compatible as you can with as many + ZFS platforms as possible. Only upgrade the pool as you desire + its functionality, forfeiting the compatibility with older + storage platforms.

      + + + + ZFSguru beta10 will increase compatibility of new added + Samba functionality with non-Gecko browsers. It will also fix + some minor bugs as well as speed up some pages by having a + redesigned remote database system called GuruDB. + + ZFSguru beta11 will add the one major feature still missing + in ZFSguru: the Migration Manager. This allows users to maintain + a file with all the configuration of their ZFSguru installation. + It can be used like a firmware — restoring the machine to + the exact state and configuration of the snapshot configuration. + It allows users to maintain a backup of their ZFSguru + configuration and makes upgrading to a newer ZFSguru system + version without any hassle. + + Automated system builds should bring more system image + releases. + + New website with new forum and new login system. + + Developer website with GitLab setup, allowing bugreports, + code contributions and wiki + wall messages. Note that GitLab has + also been provided as ZFSguru service, for those interested in + trying GitLab. + +       From owner-svn-doc-all@FreeBSD.ORG Tue Apr 15 12:42:29 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E4EF6934; Tue, 15 Apr 2014 12:42:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D1ED81606; Tue, 15 Apr 2014 12:42:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3FCgT3t026021; Tue, 15 Apr 2014 12:42:29 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3FCgTQH026020; Tue, 15 Apr 2014 12:42:29 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201404151242.s3FCgTQH026020@svn.freebsd.org> From: Mathieu Arnold Date: Tue, 15 Apr 2014 12:42:29 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44560 - head/en_US.ISO8859-1/books/porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Apr 2014 12:42:30 -0000 Author: mat (ports committer) Date: Tue Apr 15 12:42:29 2014 New Revision: 44560 URL: http://svnweb.freebsd.org/changeset/doc/44560 Log: Add a note about the inline strip patch feature. Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Tue Apr 15 10:08:24 2014 (r44559) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Tue Apr 15 12:42:29 2014 (r44560) @@ -1973,6 +1973,20 @@ EXTRACT_ONLY= source.tar.gzPATCHDIR directory—that directory may not be writable. + + If there are multiple patches and they need mixed values + for the strip parameter, it can be added alongside the patch + name in PATCHFILES, e.g: + + PATCHFILES= patch1 patch2:-p1 + + This does not conflict with the master site grouping + feature, the following also works: + + PATCHFILES= patch2:-p1:source2 + + The tarball will have been extracted alongside the regular source by then, so there is no need to explicitly From owner-svn-doc-all@FreeBSD.ORG Tue Apr 15 16:12:59 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A20B21CA; Tue, 15 Apr 2014 16:12:59 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8CE5E1D0E; Tue, 15 Apr 2014 16:12:59 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3FGCx0B013599; Tue, 15 Apr 2014 16:12:59 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3FGCxnE013598; Tue, 15 Apr 2014 16:12:59 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404151612.s3FGCxnE013598@svn.freebsd.org> From: Dru Lavigne Date: Tue, 15 Apr 2014 16:12:59 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44561 - head/en_US.ISO8859-1/books/handbook/config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Apr 2014 16:12:59 -0000 Author: dru Date: Tue Apr 15 16:12:59 2014 New Revision: 44561 URL: http://svnweb.freebsd.org/changeset/doc/44561 Log: Finish editorial review of ACPI chapter. Some shuffling of ASL/AML stuff to improve flow. Remove Japanese and Russian references. These resources could stay in their respective translations. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/config/chapter.xml Tue Apr 15 12:42:29 2014 (r44560) +++ head/en_US.ISO8859-1/books/handbook/config/chapter.xml Tue Apr 15 16:12:59 2014 (r44561) @@ -3183,11 +3183,9 @@ hw.acpi.s4bios: 0 This usually fixes the problem of a system powering up spontaneously after a suspend or poweroff. - - - - <acronym>ASL</acronym>, &man.acpidump.8;, and - <acronym>IASL</acronym> + + + BIOS Contains Buggy Bytecode ACPI @@ -3203,39 +3201,30 @@ hw.acpi.s4bios: 0 Often, these problems may be resolved by updating the BIOS to the latest revision. Most console - messages are harmless, but if there are other problems like + messages are harmless, but if there are other problems, like the battery status is not working, these messages are a good - place to start looking for problems. The bytecode, known as - AML, is compiled from a source language - called ASL. The AML is - found in the table known as the DSDT. To - get a copy of the system's ASL, use - &man.acpidump.8;. Include both , to show - the contents of the fixed tables, and , to - disassemble the AML. Refer to for an example syntax. - - The simplest first check is to recompile the - ASL to check for errors. Warnings can - usually be ignored, but errors are bugs that will usually - prevent ACPI from working correctly. To - recompile the ASL, issue the following - command: - - &prompt.root; iasl your.asl + place to start looking for problems. + - - Fixing the <acronym>ASL</acronym> + + Overriding the Default <acronym>AML</acronym> - + The BIOS bytecode, known as + ACPI Machine Language + (AML), is compiled from a source language + called ACPI Source Language + (ASL). The AML is + found in the table known as the Differentiated System + Description Table (DSDT). + ACPI ASL The goal of &os; is for everyone to have working - ACPI without any user intervention. At - this point, workarounds are still being developed for common + ACPI without any user intervention. + Workarounds are still being developed for common mistakes made by BIOS vendors. The µsoft; interpreter (acpi.sys and acpiec.sys) does not strictly check for @@ -3245,60 +3234,40 @@ hw.acpi.s4bios: 0 ASL. &os; developers continue to identify and document which non-standard behavior is allowed by µsoft;'s interpreter and replicate it so that &os; can - work without forcing users to fix the ASL. - As a workaround, and to help identify behavior, fix the - ASL manually. If this works, send a - &man.diff.1; of the old and new ASL so - developers can possibly work around the buggy behavior in - ACPI-CA. + work without forcing users to fix the ASL. - - ACPI - error messages - - - Here is a list of common error messages, their cause, and - how to fix them: + To help identify buggy behavior and possibly fix it manually, a copy can be + made of the system's + ASL. To copy the system's + ASL to a specified file name, use + acpidump with , to show + the contents of the fixed tables, and , to + disassemble the AML: - - Operating System Dependencies + &prompt.root; acpidump -td > my.asl Some AML versions assume the user is running &windows;. To override this, set hw.acpi.osname="Windows - 2001" in - /boot/loader.conf, using the strings - in the ASL. - - - - Missing Return Statements - - Some methods do not explicitly return a value as the - standard requires. While ACPI-CA - does not handle this, &os; has a workaround that allows it - to return the value implicitly. Explicit return statements - can be added where required if the value which should be - returned is known. To force &man.iasl.8; to compile the - ASL, use the - flag. - - - - Overriding the Default <acronym>AML</acronym> - - After customizing your.asl, compile - it with this command: + 2009" in + /boot/loader.conf, using the most recent &windows; + version listed in the ASL. + + Other workarounds may require + my.asl to be customized. If this file is edited, compile the new + ASL using the following command. Warnings can + usually be ignored, but errors are bugs that will usually + prevent ACPI from working correctly. - &prompt.root; iasl your.asl + &prompt.root; iasl -f my.asl - Adding the flag forces creation of + Including forces creation of the AML, even if there are errors during compilation. Some errors, such as missing return - statements, are automatically worked around by the + statements, are automatically worked around by the &os; interpreter. - The default output filename for &man.iasl.8; is + The default output filename for iasl is DSDT.aml. Load this file instead of the BIOS's buggy copy, which is still present in flash memory, by editing @@ -3308,13 +3277,44 @@ hw.acpi.s4bios: 0 acpi_dsdt_name="/boot/DSDT.aml" Be sure to copy DSDT.aml to - /boot. - + /boot, then reboot the system. If this fixes the problem, send a + &man.diff.1; of the old and new ASL to + &a.acpi.name; so that + developers can work around the buggy behavior in + acpica. - - Getting Debugging Output from - <acronym>ACPI</acronym> + + + Getting and Submitting Debugging Info + + + + + Nate + Lawson + + Written by + + + + + + + Peter + Schultz + + With contributions from + + + + + Tom + Rhodes + + + + ACPI @@ -3329,13 +3329,14 @@ acpi_dsdt_name="/boot/DSDT.aml"The ACPI driver has a flexible debugging facility. A set of subsystems and the level of verbosity can be specified. The subsystems to debug are - specified as layers and are broken down into - ACPI-CA components (ACPI_ALL_COMPONENTS) + specified as layers and are broken down into + components (ACPI_ALL_COMPONENTS) and ACPI hardware support - (ACPI_ALL_DRIVERS). The verbosity of debugging output is - specified as the level and ranges from - ACPI_LV_ERROR (just report errors) to ACPI_LV_VERBOSE - (everything). The level is a bitmask so + (ACPI_ALL_DRIVERS). The verbosity of debugging output is + specified as the level and ranges from just report errors + (ACPI_LV_ERROR) to everything + (ACPI_LV_VERBOSE). + The level is a bitmask so multiple options can be set at once, separated by spaces. In practice, a serial console should be used to log the output so it is not lost as the console message buffer flushes. A @@ -3343,160 +3344,72 @@ acpi_dsdt_name="/boot/DSDT.aml" Debugging output is not enabled by default. To enable it, - add options ACPI_DEBUG to the kernel + add options ACPI_DEBUG to the custom kernel configuration file if ACPI is compiled into the kernel. Add ACPI_DEBUG=1 to /etc/make.conf to enable it globally. - If it is a module, recompile just the + If a module is used instead of a custom kernel, recompile just the acpi.ko module as follows: - &prompt.root; cd /sys/modules/acpi/acpi -&& make clean && -make ACPI_DEBUG=1 + &prompt.root; cd /sys/modules/acpi/acpi && make clean && make ACPI_DEBUG=1 - Install acpi.ko in + Copy the compiled acpi.ko to /boot/kernel and add the desired level - and layer to /boot/loader.conf. This - example enables debug messages for all - ACPI-CA components and all - ACPI hardware drivers such as - (CPU and LID. It only - outputs error messages at the least verbose level. + and layer to /boot/loader.conf. The entries in this + example enable debug messages for all ACPI + components and + hardware drivers and + output error messages at the least verbose level: debug.acpi.layer="ACPI_ALL_COMPONENTS ACPI_ALL_DRIVERS" debug.acpi.level="ACPI_LV_ERROR" If the required information is triggered by a specific - event, such as a suspend and then resume, leave out changes to - /boot/loader.conf and instead use - &man.sysctl.8; to specify the layer and level after booting + event, such as a suspend and then resume, do not modify + /boot/loader.conf. Instead, use + sysctl to specify the layer and level after booting and preparing the system for the specific event. The - variables which can be set using &man.sysctl.8; are named + variables which can be set using sysctl are named the same as the tunables in /boot/loader.conf. - - - - References - - More information about ACPI may be - found in the following locations: - - - - The &a.acpi; - - - - The ACPI Mailing List Archives http://lists.freebsd.org/pipermail/freebsd-acpi/ - - - - The old ACPI Mailing List Archives - http://home.jp.FreeBSD.org/mail-list/acpi-jp/ - - - - The ACPI 2.0 Specification http://acpi.info/spec.htm - - - - &man.acpi.4;, &man.acpi.thermal.4;, &man.acpidump.8;, - &man.iasl.8;, and &man.acpidb.8; - - - - DSDT - debugging resource. - - - - - - - Debugging &os; <acronym>ACPI</acronym> - - - - - Nate - Lawson - - Written by - - - - - - - Peter - Schultz - - With contributions from - - - - - Tom - Rhodes - - - - ACPI problems - ACPI provides a method for - discovering devices, managing power usage, and providing - standardized access to various hardware previously managed by - the BIOS. Progress is being made toward - ACPI working on all systems, but bugs in - some motherboards' ACPI Machine Language - (AML) bytecode, incompleteness in &os;'s - kernel subsystems, and bugs in the &intel; - ACPI-CA interpreter continue to - appear. - - This section is intended to help users assist the &os; - ACPI maintainers in identifying the root - cause of problems and in debugging and developing a - solution. + Once the debugging information is gathered, it can be + sent to &a.acpi.name; so that it can be used by the &os; + ACPI maintainers to identify the root cause + of the problem and to develop a solution. - Before submitting a problem, ensure the latest + Before submitting debugging information to this mailing list, ensure the latest BIOS version is installed and, if available, the embedded controller firmware version. - When submitting a problem, send the following information - to - freebsd-acpi@FreeBSD.org: + When submitting a problem report, include the following + information: Description of the buggy behavior, including system - type and model and anything that causes the bug to appear. + type, model, and anything that causes the bug to appear. Note as accurately as possible when the bug began occurring if it is new. - The output of &man.dmesg.8; after running + The output of dmesg after running boot -v, including any error messages generated by the bug. - The &man.dmesg.8; output from boot + The dmesg output from boot -v with ACPI disabled, - if disabling it helps to fix the problem. + if disabling ACPI helps to fix the problem. @@ -3506,8 +3419,8 @@ debug.acpi.level="ACPI_LV_ERROR" The URL to a pasted version of the - ACPI Source - Language (ASL). Do + system's + ASL. Do not send the ASL directly to the list as it can be very large. Generate a copy of the ASL by running this @@ -3522,7 +3435,7 @@ debug.acpi.level="ACPI_LV_ERROR" - Most &os; developers watch &a.current;, but one should + Most &os; developers watch the &a.current;, but one should submit problems to &a.acpi.name; to be sure it is seen. Be patient when waiting for a response. If the bug is not immediately apparent, submit a PR using @@ -3532,5 +3445,29 @@ debug.acpi.level="ACPI_LV_ERROR"PR without emailing &a.acpi.name; first as it is likely that the problem has been reported before. + + + References + + More information about ACPI may be + found in the following locations: + + + + The &os; ACPI Mailing List Archives (http://lists.freebsd.org/pipermail/freebsd-acpi/) + + + + The ACPI 2.0 Specification (http://acpi.info/spec.htm) + + + + &man.acpi.4;, &man.acpi.thermal.4;, &man.acpidump.8;, + &man.iasl.8;, and &man.acpidb.8; + + + From owner-svn-doc-all@FreeBSD.ORG Tue Apr 15 16:40:29 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B7152941; Tue, 15 Apr 2014 16:40:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 888E8113A; Tue, 15 Apr 2014 16:40:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3FGeTQN022993; Tue, 15 Apr 2014 16:40:29 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3FGeTbC022992; Tue, 15 Apr 2014 16:40:29 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404151640.s3FGeTbC022992@svn.freebsd.org> From: Dru Lavigne Date: Tue, 15 Apr 2014 16:40:29 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44562 - head/en_US.ISO8859-1/books/handbook/config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Apr 2014 16:40:29 -0000 Author: dru Date: Tue Apr 15 16:40:29 2014 New Revision: 44562 URL: http://svnweb.freebsd.org/changeset/doc/44562 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/config/chapter.xml Tue Apr 15 16:12:59 2014 (r44561) +++ head/en_US.ISO8859-1/books/handbook/config/chapter.xml Tue Apr 15 16:40:29 2014 (r44562) @@ -3183,50 +3183,51 @@ hw.acpi.s4bios: 0 This usually fixes the problem of a system powering up spontaneously after a suspend or poweroff. - + BIOS Contains Buggy Bytecode - - ACPI - ASL - - - Some BIOS vendors provide incorrect or - buggy bytecode. This is usually manifested by kernel console - messages like this: + + ACPI + ASL + + + Some BIOS vendors provide incorrect + or buggy bytecode. This is usually manifested by kernel + console messages like this: - ACPI-1287: *** Error: Method execution failed [\\_SB_.PCI0.LPC0.FIGD._STA] \\ + ACPI-1287: *** Error: Method execution failed [\\_SB_.PCI0.LPC0.FIGD._STA] \\ (Node 0xc3f6d160), AE_NOT_FOUND - Often, these problems may be resolved by updating the - BIOS to the latest revision. Most console - messages are harmless, but if there are other problems, like - the battery status is not working, these messages are a good - place to start looking for problems. + Often, these problems may be resolved by updating the + BIOS to the latest revision. Most + console messages are harmless, but if there are other + problems, like the battery status is not working, these + messages are a good place to start looking for + problems. - + Overriding the Default <acronym>AML</acronym> - The BIOS bytecode, known as + The BIOS bytecode, known as ACPI Machine Language (AML), is compiled from a source language called ACPI Source Language (ASL). The AML is found in the table known as the Differentiated System Description Table (DSDT). - + ACPI ASL The goal of &os; is for everyone to have working ACPI without any user intervention. - Workarounds are still being developed for common - mistakes made by BIOS vendors. The - µsoft; interpreter (acpi.sys and + Workarounds are still being developed for common mistakes made + by BIOS vendors. The µsoft; + interpreter (acpi.sys and acpiec.sys) does not strictly check for adherence to the standard, and thus many BIOS vendors who only test @@ -3234,53 +3235,54 @@ hw.acpi.s4bios: 0 ASL. &os; developers continue to identify and document which non-standard behavior is allowed by µsoft;'s interpreter and replicate it so that &os; can - work without forcing users to fix the ASL. + work without forcing users to fix the + ASL. - To help identify buggy behavior and possibly fix it manually, a copy can be - made of the system's + To help identify buggy behavior and possibly fix it + manually, a copy can be made of the system's ASL. To copy the system's ASL to a specified file name, use acpidump with , to show the contents of the fixed tables, and , to disassemble the AML: - &prompt.root; acpidump -td > my.asl + &prompt.root; acpidump -td > my.asl - Some AML versions assume the user is - running &windows;. To override this, set - hw.acpi.osname="Windows - 2009" in - /boot/loader.conf, using the most recent &windows; - version listed in the ASL. - - Other workarounds may require - my.asl to be customized. If this file is edited, compile the new - ASL using the following command. Warnings can - usually be ignored, but errors are bugs that will usually + Some AML versions assume the user is + running &windows;. To override this, set + hw.acpi.osname="Windows + 2009" in + /boot/loader.conf, using the most recent + &windows; version listed in the ASL. + + Other workarounds may require my.asl + to be customized. If this file is edited, compile the new + ASL using the following command. Warnings + can usually be ignored, but errors are bugs that will usually prevent ACPI from working correctly. - &prompt.root; iasl -f my.asl + &prompt.root; iasl -f my.asl - Including forces creation of - the AML, even if there are errors during - compilation. Some errors, such as missing return - statements, are automatically worked around by the &os; - interpreter. - - The default output filename for iasl is - DSDT.aml. Load this file instead of - the BIOS's buggy copy, which is still - present in flash memory, by editing - /boot/loader.conf as follows: + Including forces creation of the + AML, even if there are errors during + compilation. Some errors, such as missing return statements, + are automatically worked around by the &os; + interpreter. + + The default output filename for iasl is + DSDT.aml. Load this file instead of the + BIOS's buggy copy, which is still present + in flash memory, by editing + /boot/loader.conf as follows: - acpi_dsdt_load="YES" + acpi_dsdt_load="YES" acpi_dsdt_name="/boot/DSDT.aml" - Be sure to copy DSDT.aml to - /boot, then reboot the system. If this fixes the problem, send a - &man.diff.1; of the old and new ASL to - &a.acpi.name; so that - developers can work around the buggy behavior in + Be sure to copy DSDT.aml to + /boot, then reboot the system. If this + fixes the problem, send a &man.diff.1; of the old and new + ASL to &a.acpi.name; so that developers can + work around the buggy behavior in acpica. @@ -3329,36 +3331,34 @@ acpi_dsdt_name="/boot/DSDT.aml"The ACPI driver has a flexible debugging facility. A set of subsystems and the level of verbosity can be specified. The subsystems to debug are - specified as layers and are broken down into - components (ACPI_ALL_COMPONENTS) - and ACPI hardware support - (ACPI_ALL_DRIVERS). The verbosity of debugging output is - specified as the level and ranges from just report errors - (ACPI_LV_ERROR) to everything - (ACPI_LV_VERBOSE). - The level is a bitmask so - multiple options can be set at once, separated by spaces. In - practice, a serial console should be used to log the output - so it is not lost as the console message buffer flushes. A - full list of the individual layers and levels is found in - &man.acpi.4;. + specified as layers and are broken down into components + (ACPI_ALL_COMPONENTS) and + ACPI hardware support + (ACPI_ALL_DRIVERS). The verbosity of + debugging output is specified as the level and ranges from + just report errors (ACPI_LV_ERROR) to + everything (ACPI_LV_VERBOSE). The level is + a bitmask so multiple options can be set at once, separated by + spaces. In practice, a serial console should be used to log + the output so it is not lost as the console message buffer + flushes. A full list of the individual layers and levels is + found in &man.acpi.4;. Debugging output is not enabled by default. To enable it, add options ACPI_DEBUG to the custom kernel configuration file if ACPI is compiled into the kernel. Add ACPI_DEBUG=1 to - /etc/make.conf to enable it globally. - If a module is used instead of a custom kernel, recompile just the - acpi.ko module as follows: + /etc/make.conf to enable it globally. If + a module is used instead of a custom kernel, recompile just + the acpi.ko module as follows: &prompt.root; cd /sys/modules/acpi/acpi && make clean && make ACPI_DEBUG=1 Copy the compiled acpi.ko to /boot/kernel and add the desired level - and layer to /boot/loader.conf. The entries in this - example enable debug messages for all ACPI - components and - hardware drivers and + and layer to /boot/loader.conf. The + entries in this example enable debug messages for all + ACPI components and hardware drivers and output error messages at the least verbose level: debug.acpi.layer="ACPI_ALL_COMPONENTS ACPI_ALL_DRIVERS" @@ -3367,10 +3367,10 @@ debug.acpi.level="ACPI_LV_ERROR"If the required information is triggered by a specific event, such as a suspend and then resume, do not modify /boot/loader.conf. Instead, use - sysctl to specify the layer and level after booting - and preparing the system for the specific event. The - variables which can be set using sysctl are named - the same as the tunables in + sysctl to specify the layer and level after + booting and preparing the system for the specific event. The + variables which can be set using sysctl are + named the same as the tunables in /boot/loader.conf. @@ -3378,15 +3378,16 @@ debug.acpi.level="ACPI_LV_ERROR"problems - Once the debugging information is gathered, it can be - sent to &a.acpi.name; so that it can be used by the &os; + Once the debugging information is gathered, it can be sent + to &a.acpi.name; so that it can be used by the &os; ACPI maintainers to identify the root cause of the problem and to develop a solution. - Before submitting debugging information to this mailing list, ensure the latest - BIOS version is installed and, if - available, the embedded controller firmware version. + Before submitting debugging information to this mailing + list, ensure the latest BIOS version is + installed and, if available, the embedded controller + firmware version. When submitting a problem report, include the following @@ -3409,7 +3410,8 @@ debug.acpi.level="ACPI_LV_ERROR" The dmesg output from boot -v with ACPI disabled, - if disabling ACPI helps to fix the problem. + if disabling ACPI helps to fix the + problem. @@ -3419,8 +3421,7 @@ debug.acpi.level="ACPI_LV_ERROR" The URL to a pasted version of the - system's - ASL. Do + system's ASL. Do not send the ASL directly to the list as it can be very large. Generate a copy of the ASL by running this @@ -3454,7 +3455,8 @@ debug.acpi.level="ACPI_LV_ERROR" - The &os; ACPI Mailing List Archives (The &os; ACPI Mailing List Archives + (http://lists.freebsd.org/pipermail/freebsd-acpi/) From owner-svn-doc-all@FreeBSD.ORG Tue Apr 15 16:41:38 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9F0569A7; Tue, 15 Apr 2014 16:41:38 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8BD421140; Tue, 15 Apr 2014 16:41:38 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3FGfce3025674; Tue, 15 Apr 2014 16:41:38 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3FGfct3025673; Tue, 15 Apr 2014 16:41:38 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404151641.s3FGfct3025673@svn.freebsd.org> From: Dru Lavigne Date: Tue, 15 Apr 2014 16:41:38 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44563 - head/en_US.ISO8859-1/books/handbook/config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Apr 2014 16:41:38 -0000 Author: dru Date: Tue Apr 15 16:41:38 2014 New Revision: 44563 URL: http://svnweb.freebsd.org/changeset/doc/44563 Log: Fix grammo. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/config/chapter.xml Tue Apr 15 16:40:29 2014 (r44562) +++ head/en_US.ISO8859-1/books/handbook/config/chapter.xml Tue Apr 15 16:41:38 2014 (r44563) @@ -985,7 +985,7 @@ ifconfig_dc1="inet 10.0.0.1 netmask 255. If the network is not using DNS, edit /etc/hosts to add the names and - IP addresses of of the hosts on the + IP addresses of the hosts on the LAN, if they are not already there. For more information, refer to &man.hosts.5; and to /usr/share/examples/etc/hosts. From owner-svn-doc-all@FreeBSD.ORG Tue Apr 15 17:34:53 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B69D69C6; Tue, 15 Apr 2014 17:34:53 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A29CD16A6; Tue, 15 Apr 2014 17:34:53 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3FHYrJT047600; Tue, 15 Apr 2014 17:34:53 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3FHYrQ3047599; Tue, 15 Apr 2014 17:34:53 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404151734.s3FHYrQ3047599@svn.freebsd.org> From: Dru Lavigne Date: Tue, 15 Apr 2014 17:34:53 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44564 - head/en_US.ISO8859-1/books/handbook/dtrace X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Apr 2014 17:34:53 -0000 Author: dru Date: Tue Apr 15 17:34:53 2014 New Revision: 44564 URL: http://svnweb.freebsd.org/changeset/doc/44564 Log: Some editorial changes to the DTrace chapter. Will finish the editorial pass on this chapter once I confirm with devs whether PR150255 is correct and get more info on inconsistencies about the Toolkit. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Tue Apr 15 16:41:38 2014 (r44563) +++ head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Tue Apr 15 17:34:53 2014 (r44564) @@ -43,12 +43,13 @@ that might make this chapter too large. &dtrace; is a remarkable profiling tool, with an impressive array of features for diagnosing system issues. It may also be used to run pre-written scripts to take advantage of its - capabilities. Users may even author their own utilities using + capabilities. Users can author their own utilities using the &dtrace; D Language, allowing them to customize their profiling based on specific needs. - The &dtrace; implementation in &os; provides experimental - support for userland &dtrace;. This feature allows users to + The &os; implementation in provides full support for kernel + &dtrace; and experimental + support for userland &dtrace;. Userland &dtrace; allows users to perform function boundary tracing for userland programs using the pid provider, and to insert static probes into userland programs for later tracing. Some ports, such as @@ -87,11 +88,6 @@ that might make this chapter too large. Have some familiarity with security and how it pertains to &os; (). - - - Understand how to obtain and rebuild the &os; sources - (). - @@ -143,7 +139,7 @@ that might make this chapter too large. /dev/dtrace/dtrace is strictly limited to root. - &dtrace; falls under &sun;'s Common Development and + &dtrace; falls under the Common Development and Distribution License (CDDL) license. To view this license on &os;, see /usr/src/cddl/contrib/opensolaris/OPENSOLARIS.LICENSE @@ -163,12 +159,11 @@ that might make this chapter too large. of &os; or who prefer to statically compile in &dtrace; support should add the following lines to a custom kernel configuration file and recompile the kernel using the instructions in . + linkend="kernelconfig"/>: options KDTRACE_HOOKS options DDB_CTF - Users of the AMD64 architecture should also add this line: @@ -178,13 +173,12 @@ options DDB_CTF FBT. While &dtrace; will work without this option, there will be limited support for function boundary tracing. - Once the &os; system has rebooted into the new kernel, or the &dtrace; kernel modules have been loaded using kldload dtraceall, the system will have support for the Korn shell. This - is needed as the &dtrace;Toolkit has several utilities written + is needed as the &dtrace; Toolkit has several utilities written in ksh. Make sure that the shells/ksh93 package or port is installed. It is also @@ -192,31 +186,33 @@ options DDB_CTF shells/pdksh or shells/mksh. - Finally, obtain the current &dtrace;Toolkit. - FreeBSD 10 includes the &dtrace;Toolkit + Finally, obtain the current &dtrace; Toolkit. + FreeBSD 10 includes the &dtrace; Toolkit in /usr/share/dtrace. - Otherwise, install the &dtrace;Toolkit using the + Otherwise, install the &dtrace; Toolkit using the sysutils/DTraceToolkit package or port. + + The &dtrace; Toolkit includes many scripts in the special + language of &dtrace;. This language is called the D + language and it is very similar + to C++. An in depth discussion of the language is beyond the + scope of this document. It is extensively discussed at http://wikis.oracle.com/display/DTrace/Documentation. Using &dtrace; To view all - probes the administrator may now execute the following + probes, the administrator can execute the following command: &prompt.root; dtrace -l | more - All output is passed to the more - utility as it will quickly overflow the screen buffer. At - this point, &dtrace; should be considered working. It is now - time to review the toolkit. - - The toolkit is a collection of ready-made scripts to run - with &dtrace; to collect system information. There are scripts - to check open files, memory, CPU usage and + The &dtrace; Toolkit is a collection of ready-made scripts + for collecting system information. There are scripts + to check open files, memory, CPU usage, and a lot more. Extract the scripts with the following command: @@ -353,15 +349,4 @@ Elapsed Times for processes csh, getpid() system call used the least amount of time. - - - The D Language - - The &dtrace; Toolkit includes many scripts in the special - language of &dtrace;. This language is called the D - language by &sun; documentation, and it is very similar - to C++. An in depth discussion of the language is beyond the - scope of this document. It is extensively discussed at http://wikis.oracle.com/display/DTrace/Documentation. - From owner-svn-doc-all@FreeBSD.ORG Tue Apr 15 17:45:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0EC99D42; Tue, 15 Apr 2014 17:45:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EE5301797; Tue, 15 Apr 2014 17:45:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3FHjs4o051930; Tue, 15 Apr 2014 17:45:54 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3FHjs0K051929; Tue, 15 Apr 2014 17:45:54 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404151745.s3FHjs0K051929@svn.freebsd.org> From: Dru Lavigne Date: Tue, 15 Apr 2014 17:45:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44565 - head/en_US.ISO8859-1/books/handbook/dtrace X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Apr 2014 17:45:55 -0000 Author: dru Date: Tue Apr 15 17:45:54 2014 New Revision: 44565 URL: http://svnweb.freebsd.org/changeset/doc/44565 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Tue Apr 15 17:34:53 2014 (r44564) +++ head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Tue Apr 15 17:45:54 2014 (r44565) @@ -41,18 +41,18 @@ that might make this chapter too large. kernel and in userland programs. &dtrace; is a remarkable profiling tool, with an impressive - array of features for diagnosing system issues. It may also - be used to run pre-written scripts to take advantage of its - capabilities. Users can author their own utilities using - the &dtrace; D Language, allowing them to customize their - profiling based on specific needs. - + array of features for diagnosing system issues. It may also be + used to run pre-written scripts to take advantage of its + capabilities. Users can author their own utilities using the + &dtrace; D Language, allowing them to customize their profiling + based on specific needs. + The &os; implementation in provides full support for kernel - &dtrace; and experimental - support for userland &dtrace;. Userland &dtrace; allows users to - perform function boundary tracing for userland programs using - the pid provider, and to insert static probes - into userland programs for later tracing. Some ports, such as + &dtrace; and experimental support for userland &dtrace;. + Userland &dtrace; allows users to perform function boundary + tracing for userland programs using the pid + provider, and to insert static probes into userland programs for + later tracing. Some ports, such as databases/postgres-server and lang/php5 have a &dtrace; option to enable static probes. &os; 10.0-RELEASE has reasonably good userland @@ -85,8 +85,8 @@ that might make this chapter too large. - Have some familiarity with security and how it - pertains to &os; (). + Have some familiarity with security and how it pertains + to &os; (). @@ -106,12 +106,12 @@ that might make this chapter too large. automatically loaded when dtrace is run. - &os; uses the DDB_CTF kernel option - to enable support for loading CTF - data from kernel modules and the kernel itself. - CTF is the &solaris; Compact C Type Format - which encapsulates a reduced form of debugging information - similar to DWARF and the venerable stabs. + &os; uses the DDB_CTF kernel option to + enable support for loading CTF data from + kernel modules and the kernel itself. CTF is + the &solaris; Compact C Type Format which encapsulates a reduced + form of debugging information similar to + DWARF and the venerable stabs. CTF data is added to binaries by the ctfconvert and ctfmerge build tools. The ctfconvert utility parses @@ -122,8 +122,8 @@ that might make this chapter too large. Some different providers exist for &os; than for &solaris;. Most notable is the dtmalloc provider, which - allows tracing malloc() by type in the - &os; kernel. Some of the providers found in &solaris;, such as + allows tracing malloc() by type in the &os; + kernel. Some of the providers found in &solaris;, such as cpc and mib, are not present in &os;. These may appear in future versions of &os;. Moreover, some of the providers available in both operating @@ -139,9 +139,9 @@ that might make this chapter too large. /dev/dtrace/dtrace is strictly limited to root. - &dtrace; falls under the Common Development and - Distribution License (CDDL) license. To view - this license on &os;, see + &dtrace; falls under the Common Development and Distribution + License (CDDL) license. To view this license + on &os;, see /usr/src/cddl/contrib/opensolaris/OPENSOLARIS.LICENSE or view it online at http://www.opensolaris.org/os/licensing. @@ -164,78 +164,73 @@ that might make this chapter too large. options KDTRACE_HOOKS options DDB_CTF - Users of the AMD64 architecture should also add this - line: + Users of the AMD64 architecture should also add this + line: - options KDTRACE_FRAME + options KDTRACE_FRAME - This option provides support for - FBT. While &dtrace; will work without - this option, there will be limited support for - function boundary tracing. + This option provides support for FBT. + While &dtrace; will work without this option, there will be + limited support for function boundary tracing. Once the &os; system has rebooted into the new kernel, or the &dtrace; kernel modules have been loaded using - kldload dtraceall, the system will - have support for the Korn shell. This - is needed as the &dtrace; Toolkit has several utilities written - in ksh. Make sure that the - shells/ksh93 package or port is installed. - It is also - possible to run these tools under + kldload dtraceall, the system will have + support for the Korn shell. This is needed as the &dtrace; + Toolkit has several utilities written in ksh. + Make sure that the shells/ksh93 package or + port is installed. It is also possible to run these tools under shells/pdksh or shells/mksh. - Finally, obtain the current &dtrace; Toolkit. - FreeBSD 10 includes the &dtrace; Toolkit - in /usr/share/dtrace. - Otherwise, install the &dtrace; Toolkit using the + Finally, obtain the current &dtrace; Toolkit. FreeBSD 10 + includes the &dtrace; Toolkit in + /usr/share/dtrace. Otherwise, install the + &dtrace; Toolkit using the sysutils/DTraceToolkit package or port. - + The &dtrace; Toolkit includes many scripts in the special - language of &dtrace;. This language is called the D - language and it is very similar - to C++. An in depth discussion of the language is beyond the - scope of this document. It is extensively discussed at http://wikis.oracle.com/display/DTrace/Documentation. Using &dtrace; - To view all - probes, the administrator can execute the following - command: + To view all probes, the administrator can execute the + following command: &prompt.root; dtrace -l | more The &dtrace; Toolkit is a collection of ready-made scripts - for collecting system information. There are scripts - to check open files, memory, CPU usage, and - a lot more. Extract the scripts with the following - command: + for collecting system information. There are scripts to check + open files, memory, CPU usage, and a lot + more. Extract the scripts with the following command: &prompt.root; gunzip -c DTraceToolkit* | tar xvf - Change into that directory with the cd - and change the execution permissions on all files, designated - as those files with lower case names, to + and change the execution permissions on all files, designated as + those files with lower case names, to 755. All of these scripts will need modifications to their contents. The ones which refer to /usr/bin/ksh need that changed to - /usr/local/bin/ksh, the others which - use /usr/bin/sh need to be altered to use - /bin/sh, and finally the ones which - use /usr/bin/perl will need altered to - use /usr/local/bin/perl. + /usr/local/bin/ksh, the others which use + /usr/bin/sh need to be altered to use + /bin/sh, and finally the ones which use + /usr/bin/perl will need altered to use + /usr/local/bin/perl. At the time of this writing only two of the scripts of the - &dtrace; Toolkit are fully supported in &os;: - the hotkernel - and procsystime scripts. These are the two + &dtrace; Toolkit are fully supported in &os;: the + hotkernel and + procsystime scripts. These are the two we will explore in the following parts of this section. The hotkernel is designed to identify @@ -312,11 +307,11 @@ kernel The procsystime script captures and prints the system call time usage for a given PID or process name. In the following - example, a new instance of /bin/csh - was spawned. The procsystime was executed - and remained waiting while a few commands were typed on the - other incarnation of csh. These are the - results of this test: + example, a new instance of /bin/csh was + spawned. The procsystime was executed and + remained waiting while a few commands were typed on the other + incarnation of csh. These are the results of + this test: &prompt.root; ./procsystime -n csh Tracing... Hit Ctrl-C to end... @@ -344,8 +339,8 @@ Elapsed Times for processes csh, sigsuspend 6985124 read 3988049784 - As shown, the read() system call - seems to use the most time in nanoseconds with the + As shown, the read() system call seems + to use the most time in nanoseconds with the getpid() system call used the least amount of time. From owner-svn-doc-all@FreeBSD.ORG Tue Apr 15 20:08:59 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EF422150; Tue, 15 Apr 2014 20:08:59 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DA539171C; Tue, 15 Apr 2014 20:08:59 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3FK8xIA010093; Tue, 15 Apr 2014 20:08:59 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3FK8x8t010092; Tue, 15 Apr 2014 20:08:59 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404152008.s3FK8x8t010092@svn.freebsd.org> From: Dru Lavigne Date: Tue, 15 Apr 2014 20:08:59 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44566 - head/en_US.ISO8859-1/books/handbook/network-servers X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Apr 2014 20:09:00 -0000 Author: dru Date: Tue Apr 15 20:08:59 2014 New Revision: 44566 URL: http://svnweb.freebsd.org/changeset/doc/44566 Log: Editorial review of first part of LDAP chapter. Rename the chapter to be consistent with the format used in the rest of this mega-chapter. Need to verify the configuration commands before finishing editorial review of rest of this section. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Tue Apr 15 17:45:54 2014 (r44565) +++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Tue Apr 15 20:08:59 2014 (r44566) @@ -2128,67 +2128,69 @@ TWO (,hotel,test-domain) - - &os; and <acronym>LDAP</acronym> + LDAP - LDAP, the Lightweight Directory Access - Protocol, is an application layer protocol used to access, - modify, and authenticate (bind) using a distributed directory + The Lightweight Directory Access + Protocol (LDAP) is an application layer protocol used to access, + modify, and authenticate objects using a distributed directory information service. Think of it as a phone or record book which stores several levels of hierarchical, homogeneous - information. It is often used in networks where users often - need access to several levels of internal information utilizing + information. It is used in Active Directory and + OpenLDAP networks and allows users to + access to several levels of internal information utilizing a single account. For example, email authentication, pulling employee contact information, and internal website - authentication might all make use of a single user in the + authentication might all make use of a single user account in the LDAP server's record base. - This section will not provide a history or the - implementation details of the protocol. These sections were - authored to get an LDAP server and/or client - configured both quickly and securely; however, any information - base requires planning and this is no exception. - - Planning should include what type of information will be - stored, what that information will be used for, whom should - have access to said information, and how to secure this - information from prying eyes. + This section provides a quick start guide for configuring + an LDAP server on a &os; system. + It assumes that the administrator already has a design plan + which includes the type of information to + store, what that information will be used for, which users should + have access to that information, and how to secure this + information from unauthorized access. <acronym>LDAP</acronym> Terminology and Structure - Before continuing, several parts of - LDAP must be explained to prevent - confusion. And confusion with this configuration is - relatively simple. To begin, all directory entries consist of - a group of attributes. Each of these - attribute sets contain a name, a unique identifier known as a - DN or distinguished name normally built - from several other attributes such as the - RDN. The RDN or - relative distinguished name, is a more common name for the - attribute. Like directories have absolute and relative paths, + LDAP uses several terms which should be + understood before starting the configuration. + All directory entries consist of + a group of attributes. Each of these + attribute sets contains a unique identifier known as a + Distinguished Name (DN) + which is normally built + from several other attributes such as the common or + Relative Distinguished Name + (RDN). + Similar to how directories have absolute and relative paths, consider a DN as an absolute path and the RDN as the relative path. - As an example, an entry might look like the - following: + An example LDAP entry looks like the + following. This example searches for the entry for the specified user + account (uid), organizational unit + (ou), and organization + (o): - &prompt.user; ldapsearch -xb "uid=trhodes,ou=users,o=example.com" - - # extended LDIF + &prompt.user; ldapsearch -xb "uid=trhodes,ou=users,o=example.com" +# extended LDIF # # LDAPv3 # base <uid=trhodes,ou=users,o=example.com> with scope subtree @@ -2201,21 +2203,25 @@ dn: uid=trhodes,ou=users,o=example.com mail: trhodes@example.com cn: Tom Rhodes uid: trhodes -telephoneNumber: (xxx) xxx-xxxx +telephoneNumber: (123) 456-7890 # search result search: 2 result: 0 Success # numResponses: 2 -# numEntries: 1 +# numEntries: 1 - In this example, it is very obvious what the various - attributes are; however, the cn attribute - should be noticed. This is the RDN - discussed previously. In addition, there is a unique user id - provided here. It is common practice to have specific uid or - uuids for entries to ease in any future migration. + This example entry shows the values for the + dn, mail, + cn, uid, and + telephoneNumber + attributes. The cn attribute + is the RDN. + + More information about LDAP and its + terminology can be found at http://www.openldap.org/doc/admin24/intro.html. @@ -2223,72 +2229,63 @@ result: 0 Success LDAP Server - To configure &os; to act as an LDAP - server, the OpenLDAP port needs installed. This may be - accomplished using the pkg_add command - or by installing the - net/openldap24-server - port. Building the port is recommended as the administrator - may select a great deal of options at this time and disable - some options. In most cases, the defaults will be fine; - however, this is the time to enable SQL support if - needed. - - A few directories will be required from this point on, - at minimal, a data directory and a directory to store the - certificates in. Create them both with the following - commands: + &os; does not provide a built-in LDAP + server. Begin the configuration by installing the + net/openldap24-server package or + port. Since the port has many configurable + options, it is recommended that the default options are + reviewed to see if the package is sufficient, and to instead + compile the port if any options should be changed. + In most cases, the defaults are fine. + However, if SQL support is needed, this option must be + enabled and the port compiled using the instructions in . + + Next, create the directories to hold the + data and to store the + certificates: - &prompt.root; mkdir /var/db/openldap-data - - &prompt.root; mkdir /usr/local/etc/openldap/private + &prompt.root; mkdir /var/db/openldap-data +&prompt.root; mkdir /usr/local/etc/openldap/private Copy over the database configuration file: &prompt.root; cp /usr/local/etc/openldap/DB_CONFIG.example /var/db/openldap-data/DB_CONFIG - The next phase is to configure the SSL - certificates. While creating certificates is discussed in - the OpenSSL section in this - book, a certificate authority is needed so a different method - will be used. It is recommended that this section be reviewed - prior to configuring to ensure correct information is entered - during the certificate creation process below. - - The following commands must be executed in the - /usr/local/etc/openldap/private - directory. This is important as the file permissions will + The next phase is to configure the certificate authority. + The following commands must be executed from + /usr/local/etc/openldap/private. + This is important as the file permissions need to be restrictive and users should not have access to - these files directly. To create the certificates, issues the - following commands. + these files. To create the certificate authority, + start with this command and follow the prompts: - &prompt.root; openssl req -days 365 -nodes -new -x509 -keyout ca.key -out ../ca.crt + &prompt.root; openssl req -days 365 -nodes -new -x509 -keyout ca.key -out ../ca.crt - The entries for these may be completely generic + The entries for the prompts may be generic except for the - Common Name entry. This entry must have - something different than the system hostname. If the entry - is the hostname, it would be like the hostname is attempting - to verify hostname. In cases with a self signed certificate - like this example, just prefix the hostname with - CA for certificate authority. + Common Name. This entry must be + different than the system hostname. + If this will be a self signed certificate, + prefix the hostname with + CA for certificate authority. The next task is to create a certificate signing request - and a private key. To do this, issue the following - commands: + and a private key. Input this command and follow the + prompts: - &prompt.root; openssl req -days 365 -nodes -new -keyout server.key -out server.csr + &prompt.root; openssl req -days 365 -nodes -new -keyout server.key -out server.csr During the certificate generation process, be sure to - correctly set the common name attribute. After this has - been completed, the key will need signed: + correctly set the Common Name attribute. Once + complete, sign the key: - &prompt.root; openssl x509 -req -days 365 -in server.csr -out ../server.crt -CA ../ca.crt -CAkey ca.key -CAcreateserial + &prompt.root; openssl x509 -req -days 365 -in server.csr -out ../server.crt -CA ../ca.crt -CAkey ca.key -CAcreateserial The final part of the certificate generation process is to generate and sign the client certificates: - &prompt.root; openssl req -days 365 -nodes -new -keyout client.key -out client.csr + &prompt.root; openssl req -days 365 -nodes -new -keyout client.key -out client.csr &prompt.root; openssl x509 -req -days 3650 -in client.csr -out ../client.crt -CA ../ca.crt -CAkey ca.key From owner-svn-doc-all@FreeBSD.ORG Tue Apr 15 21:10:40 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CD9B332E; Tue, 15 Apr 2014 21:10:40 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AFCE61CC8; Tue, 15 Apr 2014 21:10:40 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3FLAekA035059; Tue, 15 Apr 2014 21:10:40 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3FLAepD035058; Tue, 15 Apr 2014 21:10:40 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404152110.s3FLAepD035058@svn.freebsd.org> From: Dru Lavigne Date: Tue, 15 Apr 2014 21:10:40 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44567 - head/en_US.ISO8859-1/books/handbook/network-servers X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Apr 2014 21:10:40 -0000 Author: dru Date: Tue Apr 15 21:10:40 2014 New Revision: 44567 URL: http://svnweb.freebsd.org/changeset/doc/44567 Log: Initial editorial pass through config section of LDAP. Another pass is needed as this section could benefit from either several sub-headings or procedures. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Tue Apr 15 20:08:59 2014 (r44566) +++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Tue Apr 15 21:10:40 2014 (r44567) @@ -2285,13 +2285,12 @@ result: 0 Success The final part of the certificate generation process is to generate and sign the client certificates: - &prompt.root; openssl req -days 365 -nodes -new -keyout client.key -out client.csr + &prompt.root; openssl req -days 365 -nodes -new -keyout client.key -out client.csr +&prompt.root; openssl x509 -req -days 3650 -in client.csr -out ../client.crt -CA ../ca.crt -CAkey ca.key - &prompt.root; openssl x509 -req -days 3650 -in client.csr -out ../client.crt -CA ../ca.crt -CAkey ca.key - - Remember, again, to respect the common name attribute. - This is a common cause for confusion during the first attempt - to configure LDAP. In addition, ensure + Remember to use the same Common Name + attribute when prompted. + When finished, ensure that a total of eight (8) new files have been generated through the proceeding commands. If so, the next step is to edit /usr/local/etc/openldap/slapd.conf @@ -2302,60 +2301,58 @@ TLSCertificateFile /usr/local/etc/openld TLSCertificateKeyFile /usr/local/etc/openldap/private/server.key TLSCACertificateFile /usr/local/etc/openldap/ca.crt - In addition, edit + Then, edit /usr/local/etc/openldap/ldap.conf and add the following lines: TLS_CACERT /usr/local/etc/openldap/ca.crt TLS_CIPHER_SUITE HIGH:MEDIUM:+SSLv3 - While editing these this file, set the - to the desired values, and uncomment all - three of the , - and options. In addition, set the + While editing this file, uncomment the following entries + and set them to the desired values: + , + , + and . Set the to contain and - . - - The resulting file should look similar to the following - shown here: + . Then, add two entries pointing to + the certificate authority. When finished, the entries should + look similar to the following: BASE dc=example,dc=com URI ldap:// ldaps:// SIZELIMIT 12 TIMELIMIT 15 -#DEREF never TLS_CACERT /usr/local/etc/openldap/ca.crt TLS_CIPHER_SUITE HIGH:MEDIUM:+SSLv3 - A password for the server will need to be created as the - default is extremely poor as is normal in this industry. To - do this, issue the following command, sending the output to - slapd.conf: + The default password for the server should then be + changed: &prompt.root; slappasswd -h "{SHA}" >> /usr/local/etc/openldap/slapd.conf - There will be a prompt for entering the password and, + This command will prompt for the password and, if the process does not fail, a password hash will be added to the end of slapd.conf. - slappasswd understands several hashing - formats, refer to its manual page for more information. + Several hashing + formats are supported. Refer to the manual page for + slappasswd for more information. - Edit + Next, edit /usr/local/etc/openldap/slapd.conf and add the following lines: password-hash {sha} allow bind_v2 - In addition, the in this file must - be updated to match the from the - previous configuration. The option - should also be set. A good recommendation is something like + The in this file must + be updated to match the used in + /usr/local/etc/openldap/ldap.conf and + should also be set. A recommended value for is something like . Before saving this file, place - the option in front of the password - output from the slappasswd and delete the + the in front of the password + output from slappasswd and delete the old option above. The end result should look similar to this: @@ -2366,28 +2363,23 @@ TLSCACertificateFile /usr/local/etc/open rootpw {SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g= Finally, enable the OpenLDAP - service in rc.conf. At this time, - setting up a URI and providing the group - and user to run as may be useful. Edit - /etc/rc.conf and add the following - lines: + service in /etc/rc.conf and set + the URI: slapd_enable="YES" slapd_flags="-4 -h ldaps:///" - At this point the server should be ready to be brought - up and tested. To perform this task, issue the following - command: + At this point the server can be started + and tested: &prompt.root; service slapd start - If everything was configured correctly, a search of the + If everything is configured correctly, a search of the directory should show a successful connection with a single response as in this example: - &prompt.root; ldapsearch -Z - - # extended LDIF + &prompt.root; ldapsearch -Z +# extended LDIF # # LDAPv3 # base <dc=example,dc=com> (default) with scope subtree @@ -2399,55 +2391,49 @@ slapd_flags="-4 -h ldaps:///" - - Considering the service should now be responding, as it - is above, the directory may be populated using the - ldapadd command. In this example, there - is a file containing a list of users to be added to this - particular directory. First, create a file to be imported - with the following dataset: - - dn: dc=example,dc=com -objectclass: dcObject -objectclass: organization -o: Example -dc: Example - -dn: cn=Manager,dc=example,dc=com -objectclass: organizationalRole -cn: Manager +# numResponses: 1 - To debug any of the following, stop the - slapd service using the - service command and start it using with - debugging options. To accomplish this, issue the following - command: + If the command fails and the configuration looks + correct, stop the + slapd service and restart it with + debugging options: - &prompt.root; /usr/local/libexec/slapd -d -1 + &prompt.root; service slapd stop +&prompt.root; /usr/local/libexec/slapd -d -1 - To import this datafile, issue the following command, - assuming the file is import.ldif: + Once the service is responding, + the directory can be populated using + ldapadd. In this example, + a file containing this list of users is first created. Each + user should use the following format: - &prompt.root; ldapadd -Z -D "cn=Manager,dc=example,dc=com" -W -f import.ldif + dn: dc=example,dc=com +objectclass: dcObject +objectclass: organization +o: Example +dc: Example + +dn: cn=Manager,dc=example,dc=com +objectclass: organizationalRole +cn: Manager - There will be a request for the password specified - earlier, and the output should look like this: + To import this file, specify the file name. + The following command will prompt for the password specified + earlier and the output should look something like this: - Enter LDAP Password: + &prompt.root; ldapadd -Z -D "cn=Manager,dc=example,dc=com" -W -f import.ldif +Enter LDAP Password: adding new entry "dc=example,dc=com" adding new entry "cn=Manager,dc=example,dc=com" Verify the data was added by issuing a search on the - server using ldapsearch. In this case - the output should look like this: - - &prompt.user; ldapsearch -Z + server using ldapsearch: - # extended LDIF + &prompt.user; ldapsearch -Z +# extended LDIF # # LDAPv3 # base <dc=example,dc=com> (default) with scope subtree @@ -2474,9 +2460,7 @@ result: 0 Success # numResponses: 3 # numEntries: 2 - It is of course advisable to read about the structure of - LDAP directories and the various manual - pages mentioned in this section. At this point, the server + At this point, the server should be configured and functioning properly. From owner-svn-doc-all@FreeBSD.ORG Tue Apr 15 21:22:38 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D15A3483; Tue, 15 Apr 2014 21:22:38 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BB61F1E4B; Tue, 15 Apr 2014 21:22:38 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3FLMccO042244; Tue, 15 Apr 2014 21:22:38 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3FLMcGo042243; Tue, 15 Apr 2014 21:22:38 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404152122.s3FLMcGo042243@svn.freebsd.org> From: Dru Lavigne Date: Tue, 15 Apr 2014 21:22:38 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44568 - head/en_US.ISO8859-1/books/handbook/network-servers X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Apr 2014 21:22:38 -0000 Author: dru Date: Tue Apr 15 21:22:38 2014 New Revision: 44568 URL: http://svnweb.freebsd.org/changeset/doc/44568 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Tue Apr 15 21:10:40 2014 (r44567) +++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Tue Apr 15 21:22:38 2014 (r44568) @@ -2145,48 +2145,48 @@ TWO (,hotel,test-domain) LDAP - The Lightweight Directory Access - Protocol (LDAP) is an application layer protocol used to access, - modify, and authenticate objects using a distributed directory - information service. Think of it as a phone or record book - which stores several levels of hierarchical, homogeneous + The Lightweight Directory Access Protocol + (LDAP) is an application layer protocol used + to access, modify, and authenticate objects using a distributed + directory information service. Think of it as a phone or record + book which stores several levels of hierarchical, homogeneous information. It is used in Active Directory and OpenLDAP networks and allows users to - access to several levels of internal information utilizing - a single account. For example, email authentication, pulling + access to several levels of internal information utilizing a + single account. For example, email authentication, pulling employee contact information, and internal website - authentication might all make use of a single user account in the - LDAP server's record base. + authentication might all make use of a single user account in + the LDAP server's record base. - This section provides a quick start guide for configuring - an LDAP server on a &os; system. - It assumes that the administrator already has a design plan - which includes the type of information to - store, what that information will be used for, which users should - have access to that information, and how to secure this - information from unauthorized access. + This section provides a quick start guide for configuring an + LDAP server on a &os; system. It assumes + that the administrator already has a design plan which includes + the type of information to store, what that information will be + used for, which users should have access to that information, + and how to secure this information from unauthorized + access. <acronym>LDAP</acronym> Terminology and Structure LDAP uses several terms which should be - understood before starting the configuration. - All directory entries consist of - a group of attributes. Each of these - attribute sets contains a unique identifier known as a - Distinguished Name (DN) - which is normally built - from several other attributes such as the common or + understood before starting the configuration. All directory + entries consist of a group of + attributes. Each of these attribute + sets contains a unique identifier known as a + Distinguished Name + (DN) which is normally built from several + other attributes such as the common or Relative Distinguished Name - (RDN). - Similar to how directories have absolute and relative paths, - consider a DN as an absolute path and the - RDN as the relative path. + (RDN). Similar to how directories have + absolute and relative paths, consider a DN + as an absolute path and the RDN as the + relative path. An example LDAP entry looks like the - following. This example searches for the entry for the specified user - account (uid), organizational unit - (ou), and organization + following. This example searches for the entry for the + specified user account (uid), + organizational unit (ou), and organization (o): &prompt.user; ldapsearch -xb "uid=trhodes,ou=users,o=example.com" @@ -2215,9 +2215,9 @@ result: 0 Success This example entry shows the values for the dn, mail, cn, uid, and - telephoneNumber - attributes. The cn attribute - is the RDN. + telephoneNumber attributes. The + cn attribute is the + RDN. More information about LDAP and its terminology can be found at LDAP Server &os; does not provide a built-in LDAP - server. Begin the configuration by installing the - net/openldap24-server package or - port. Since the port has many configurable - options, it is recommended that the default options are - reviewed to see if the package is sufficient, and to instead - compile the port if any options should be changed. - In most cases, the defaults are fine. - However, if SQL support is needed, this option must be - enabled and the port compiled using the instructions in . - - Next, create the directories to hold the - data and to store the - certificates: + server. Begin the configuration by installing the net/openldap24-server package or port. + Since the port has many configurable options, it is + recommended that the default options are reviewed to see if + the package is sufficient, and to instead compile the port if + any options should be changed. In most cases, the defaults + are fine. However, if SQL support is needed, this option must + be enabled and the port compiled using the instructions in + . + + Next, create the directories to hold the data and to store + the certificates: &prompt.root; mkdir /var/db/openldap-data &prompt.root; mkdir /usr/local/etc/openldap/private @@ -2254,21 +2252,20 @@ result: 0 Success The next phase is to configure the certificate authority. The following commands must be executed from - /usr/local/etc/openldap/private. - This is important as the file permissions - need to be restrictive and users should not have access to - these files. To create the certificate authority, - start with this command and follow the prompts: + /usr/local/etc/openldap/private. This is + important as the file permissions need to be restrictive and + users should not have access to these files. To create the + certificate authority, start with this command and follow the + prompts: &prompt.root; openssl req -days 365 -nodes -new -x509 -keyout ca.key -out ../ca.crt The entries for the prompts may be generic except for the Common Name. This entry must be - different than the system hostname. - If this will be a self signed certificate, - prefix the hostname with - CA for certificate authority. + different than the system hostname. If + this will be a self signed certificate, prefix the hostname + with CA for certificate authority. The next task is to create a certificate signing request and a private key. Input this command and follow the @@ -2277,24 +2274,23 @@ result: 0 Success &prompt.root; openssl req -days 365 -nodes -new -keyout server.key -out server.csr During the certificate generation process, be sure to - correctly set the Common Name attribute. Once - complete, sign the key: + correctly set the Common Name attribute. + Once complete, sign the key: &prompt.root; openssl x509 -req -days 365 -in server.csr -out ../server.crt -CA ../ca.crt -CAkey ca.key -CAcreateserial - The final part of the certificate generation process - is to generate and sign the client certificates: + The final part of the certificate generation process is to + generate and sign the client certificates: &prompt.root; openssl req -days 365 -nodes -new -keyout client.key -out client.csr &prompt.root; openssl x509 -req -days 3650 -in client.csr -out ../client.crt -CA ../ca.crt -CAkey ca.key Remember to use the same Common Name - attribute when prompted. - When finished, ensure - that a total of eight (8) new files have been generated - through the proceeding commands. If so, the next step is to - edit /usr/local/etc/openldap/slapd.conf - and add the following options: + attribute when prompted. When finished, ensure that a total + of eight (8) new files have been generated through the + proceeding commands. If so, the next step is to edit + /usr/local/etc/openldap/slapd.conf and + add the following options: TLSCipherSuite HIGH:MEDIUM:+SSLv3 TLSCertificateFile /usr/local/etc/openldap/server.crt @@ -2302,18 +2298,17 @@ TLSCertificateKeyFile /usr/local/etc/ope TLSCACertificateFile /usr/local/etc/openldap/ca.crt Then, edit - /usr/local/etc/openldap/ldap.conf and - add the following lines: + /usr/local/etc/openldap/ldap.conf and add + the following lines: TLS_CACERT /usr/local/etc/openldap/ca.crt TLS_CIPHER_SUITE HIGH:MEDIUM:+SSLv3 While editing this file, uncomment the following entries - and set them to the desired values: - , - , - and . Set the - to contain and + and set them to the desired values: , + , and + . Set the to + contain and . Then, add two entries pointing to the certificate authority. When finished, the entries should look similar to the following: @@ -2332,10 +2327,9 @@ TLS_CIPHER_SUITE HIGH:MEDIUM:+SSLv3&prompt.root; slappasswd -h "{SHA}" >> /usr/local/etc/openldap/slapd.conf - This command will prompt for the password and, - if the process does not fail, a password hash will be added - to the end of slapd.conf. - Several hashing + This command will prompt for the password and, if the + process does not fail, a password hash will be added to the + end of slapd.conf. Several hashing formats are supported. Refer to the manual page for slappasswd for more information. @@ -2346,15 +2340,16 @@ TLS_CIPHER_SUITE HIGH:MEDIUM:+SSLv3password-hash {sha} allow bind_v2 - The in this file must - be updated to match the used in - /usr/local/etc/openldap/ldap.conf and - should also be set. A recommended value for is something like + The in this file must be updated + to match the used in + /usr/local/etc/openldap/ldap.conf and + should also be set. A recommended + value for is something like . Before saving this file, place - the in front of the password - output from slappasswd and delete the - old option above. The end result - should look similar to this: + the in front of the password output + from slappasswd and delete the old + option above. The end result should + look similar to this: TLSCipherSuite HIGH:MEDIUM:+SSLv3 TLSCertificateFile /usr/local/etc/openldap/server.crt @@ -2363,14 +2358,13 @@ TLSCACertificateFile /usr/local/etc/open rootpw {SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g= Finally, enable the OpenLDAP - service in /etc/rc.conf and set - the URI: + service in /etc/rc.conf and set the + URI: slapd_enable="YES" slapd_flags="-4 -h ldaps:///" - At this point the server can be started - and tested: + At this point the server can be started and tested: &prompt.root; service slapd start @@ -2395,17 +2389,15 @@ result: 32 No such object If the command fails and the configuration looks - correct, stop the - slapd service and restart it with - debugging options: + correct, stop the slapd service and + restart it with debugging options: &prompt.root; service slapd stop &prompt.root; /usr/local/libexec/slapd -d -1 - Once the service is responding, - the directory can be populated using - ldapadd. In this example, + Once the service is responding, the directory can be + populated using ldapadd. In this example, a file containing this list of users is first created. Each user should use the following format: @@ -2419,9 +2411,9 @@ dn: cn=ManagerManager - To import this file, specify the file name. - The following command will prompt for the password specified - earlier and the output should look something like this: + To import this file, specify the file name. The following + command will prompt for the password specified earlier and the + output should look something like this: &prompt.root; ldapadd -Z -D "cn=Manager,dc=example,dc=com" -W -f import.ldif Enter LDAP Password: @@ -2460,8 +2452,8 @@ result: 0 Success # numResponses: 3 # numEntries: 2 - At this point, the server - should be configured and functioning properly. + At this point, the server should be configured and + functioning properly. From owner-svn-doc-all@FreeBSD.ORG Tue Apr 15 22:02:22 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4F695D75; Tue, 15 Apr 2014 22:02:22 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2F0F2132D; Tue, 15 Apr 2014 22:02:22 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3FM2MYA058466; Tue, 15 Apr 2014 22:02:22 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3FM2MnW058465; Tue, 15 Apr 2014 22:02:22 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404152202.s3FM2MnW058465@svn.freebsd.org> From: Gabor Pali Date: Tue, 15 Apr 2014 22:02:22 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44569 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Apr 2014 22:02:22 -0000 Author: pgj Date: Tue Apr 15 22:02:21 2014 New Revision: 44569 URL: http://svnweb.freebsd.org/changeset/doc/44569 Log: - Add 2014Q1 status report for bhyve Submitted by: Allan Jude Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Tue Apr 15 21:22:38 2014 (r44568) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Tue Apr 15 22:02:21 2014 (r44569) @@ -20,7 +20,7 @@

      Thanks to all the reporters for the excellent work! This - report contains 39 entries and we hope you enjoy reading it.

      + report contains 40 entries and we hope you enjoy reading it.

      The deadline for submissions covering between April and June 2014 is July 7th, 2014.

      @@ -2486,4 +2486,149 @@ device vt_efifb trying GitLab.       + + + bhyve + + + + + Peter + Grehan + + grehan@FreeBSD.org + + + + + Neel + Natu + + neel@FreeBSD.org + + + + + John + Baldwin + + jhb@FreeBSD.org + + + + + Tycho + Nightingale + + tychon@FreeBSD.org + + + + + Allan + Jude + + freebsd@allanjude.com + + + + + bhyve FAQ and Talks + Talk: bhyve Past, Present, Future + + + +

      bhyve is a Type-1 hypervisor that runs on the &os; platform. + It currently only runs &os; (9.x or later) and Linux guests, + current development efforts aim at widening support for other + x86 64-bit operating systems. After a great deal of work by all + involved, bhyve was shipped as part of &os; 10.0-RELEASE. + Increased interest in bhyve and the first usable versions have + provided great feedback and many bug reports.

      + +

      A number of important improvements have been made to bhyve this + quarter:

      + +
        +
      • Optionally ignore accesses to unimplemented MSRs
        • + +
      • Support soft power-off via the ACPI S5 state for bhyve + guests
        • + +
      • Graceful shutdown via ACPI on SIGTERM
        • + +
      • Fix issue with virtio-blk devices on Linux guests with more + than 4GB of ram
        • + +
      • Increase the block-layer backend maximum requests to match + AHCI command queue depth
        • + +
      • Add SMBIOS support
        • + +
      • Improve support for nmdm, opening the tty non-blocking
        • + +
      • Add HPET device emulation
        • + +
      • Implement the Virtual Interrupt Delivery and + Posted Interrupt Processing VT-x features on newer + Intel CPUs
        • + +
      • Add support for booting &os;/i386 guests
        • + +
      • Add virtualized XSAVE support for features like AVX
        • + +
      • Add Support for booting from ZFS with bhyveload
        • +
      + + + + Improve documentation. + + Write Handbook chapter for bhyve. + + Merge fixes and features back to stable/10. + + Support for booting with UEFI instead of userspace + loaders. + + CSM BIOS boot support for &os; (which has no UEFI support + currently). + + Add support for virtio-scsi. + + Improve virtio-net, add offload features, support multiple + queues. + + Implement Intel 82580 and e1000 NIC emulation. + + Netmap support. + + Flexible networking backend: wanproxy, vhost-net. + + Improve resource accounting. + + Move to a single process model, instead of bhyveload and + bhyve. + + Support running bhyve as non-root. + + Add filters for popular VM file formats (VMDK, VHD, + QCOW2). + + Implement an abstraction layer for video (no X11 or SDL in + base system). + + Support for VNC as a video output. + + Implement USB and Sound. + + Suspend/resume support. + + Live Migration. + + Nested VT-x support (bhyve in bhyve). + + Support for other architectures (ARM, MIPS, PPC). + +       From owner-svn-doc-all@FreeBSD.ORG Tue Apr 15 22:06:48 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EC0FEE20; Tue, 15 Apr 2014 22:06:48 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BEB3C1354; Tue, 15 Apr 2014 22:06:48 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3FM6mKW058959; Tue, 15 Apr 2014 22:06:48 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3FM6mXO058958; Tue, 15 Apr 2014 22:06:48 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404152206.s3FM6mXO058958@svn.freebsd.org> From: Gabor Pali Date: Tue, 15 Apr 2014 22:06:48 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44570 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Apr 2014 22:06:49 -0000 Author: pgj Date: Tue Apr 15 22:06:48 2014 New Revision: 44570 URL: http://svnweb.freebsd.org/changeset/doc/44570 Log: - Fix the Jenkins 2014Q1 report Reported by: Allan Jude Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Tue Apr 15 22:02:21 2014 (r44569) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Tue Apr 15 22:06:48 2014 (r44570) @@ -1182,18 +1182,18 @@ committed code to Subversion since the last successful build.

      -

      As part of the Jenkins setup, &a.rodrigc; encountered - problems with running Java &os; 9.2 and &os; 10.0. - Both problems stemmed from changes to the &os; Virtual Memory - (VM) subsystem. On &os; 9.2-RELEASE, running Jenkins under - Java would cause the kernel to panic. This was a known - problem, and fixed in 9.2.-RELEASE-p3. On &os; 10.0-RELEASE, - Java processes would randomly crash. Disabling the - vm.pmap.pcid_enabled sysctl(3) variable - seemed to fix the problem. In kern/187238, Henrik - Gulbrandsen submitted fixes to the &os; VM to address this - problem. &a.kib; committed the fixes to head, where - they are being tested now.

      +

      As part of the Jenkins setup, &a.rodrigc; encountered problems + with running Java on &os; 9.2 and &os; 10.0. Both + problems stemmed from changes to the &os; Virtual Memory (VM) + subsystem. On &os; 9.2-RELEASE, running Jenkins under Java + would cause the kernel to panic. This was a known problem, and + fixed in 9.2.-RELEASE-p3. On &os; 10.0-RELEASE, Java processes + would randomly crash. Disabling the + vm.pmap.pcid_enabled sysctl(3) variable seemed + to fix the problem. In kern/187238, Henrik Gulbrandsen + submitted fixes to the &os; VM to address this problem. &a.kib; + committed the fixes to head, where they are being + tested now.

      During the setup of the bhyve VMs which run Jenkins processes, &a.rodrigc; wrote scripts to start bhyve VMs from From owner-svn-doc-all@FreeBSD.ORG Tue Apr 15 23:00:33 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 095F1B5A; Tue, 15 Apr 2014 23:00:33 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DE08C17E6; Tue, 15 Apr 2014 23:00:32 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3FN0WXH080854; Tue, 15 Apr 2014 23:00:32 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3FN0WvE080853; Tue, 15 Apr 2014 23:00:32 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404152300.s3FN0WvE080853@svn.freebsd.org> From: Dru Lavigne Date: Tue, 15 Apr 2014 23:00:32 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44571 - head/en_US.ISO8859-1/books/handbook/dtrace X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Apr 2014 23:00:33 -0000 Author: dru Date: Tue Apr 15 23:00:32 2014 New Revision: 44571 URL: http://svnweb.freebsd.org/changeset/doc/44571 Log: Add needed kernel option which addresses PR150255. Clarify the Toolkit and what comes by default in 10.0. Fix a grammo. The Using DTrace section still needs an editorial review. Submitted by: markj Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Tue Apr 15 22:06:48 2014 (r44570) +++ head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Tue Apr 15 23:00:32 2014 (r44571) @@ -162,7 +162,8 @@ that might make this chapter too large. linkend="kernelconfig"/>: options KDTRACE_HOOKS -options DDB_CTF +options DDB_CTF +options DEBUG=-g Users of the AMD64 architecture should also add this line: @@ -175,21 +176,34 @@ options DDB_CTF Once the &os; system has rebooted into the new kernel, or the &dtrace; kernel modules have been loaded using - kldload dtraceall, the system will have - support for the Korn shell. This is needed as the &dtrace; + kldload dtraceall, the system will need + support for the Korn shell as the &dtrace; Toolkit has several utilities written in ksh. Make sure that the shells/ksh93 package or port is installed. It is also possible to run these tools under shells/pdksh or shells/mksh. - Finally, obtain the current &dtrace; Toolkit. FreeBSD 10 - includes the &dtrace; Toolkit in - /usr/share/dtrace. Otherwise, install the - &dtrace; Toolkit using the + Finally, install the current &dtrace; Toolkit, + a collection of ready-made scripts + for collecting system information. There are scripts to check + open files, memory, CPU usage, and a lot + more. &os; 10 + installs a few of these scripts into + /usr/share/dtrace. On other &os; versions, + or to install the full + &dtrace; Toolkit, use the sysutils/DTraceToolkit package or port. + + The scripts found in + /usr/share/dtrace have been specifically + ported to &os;. Not all of the scripts found in the &dtrace; + Toolkit will work as-is on &os; and some scripts may require + some effort in order for them to work on &os;. + + The &dtrace; Toolkit includes many scripts in the special language of &dtrace;. This language is called the D language and it is very similar to C++. An in depth discussion of the @@ -206,34 +220,12 @@ options DDB_CTF &prompt.root; dtrace -l | more - The &dtrace; Toolkit is a collection of ready-made scripts - for collecting system information. There are scripts to check - open files, memory, CPU usage, and a lot - more. Extract the scripts with the following command: - - &prompt.root; gunzip -c DTraceToolkit* | tar xvf - - - Change into that directory with the cd - and change the execution permissions on all files, designated as - those files with lower case names, to - 755. - - All of these scripts will need modifications to their - contents. The ones which refer to - /usr/bin/ksh need that changed to - /usr/local/bin/ksh, the others which use - /usr/bin/sh need to be altered to use - /bin/sh, and finally the ones which use - /usr/bin/perl will need altered to use - /usr/local/bin/perl. - - At the time of this writing only two of the scripts of the - &dtrace; Toolkit are fully supported in &os;: the + This section demonstrates how to use two of the fully supported scripts from the + &dtrace; Toolkit: the hotkernel and - procsystime scripts. These are the two - we will explore in the following parts of this section. + procsystime scripts. - The hotkernel is designed to identify + The hotkernel script is designed to identify which function is using the most kernel time. Run normally, it will produce output similar to the following: From owner-svn-doc-all@FreeBSD.ORG Wed Apr 16 12:29:33 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 53DE5E86; Wed, 16 Apr 2014 12:29:33 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 40E7818E2; Wed, 16 Apr 2014 12:29:33 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3GCTXJT010588; Wed, 16 Apr 2014 12:29:33 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3GCTXrL010587; Wed, 16 Apr 2014 12:29:33 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404161229.s3GCTXrL010587@svn.freebsd.org> From: Gabor Pali Date: Wed, 16 Apr 2014 12:29:33 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44572 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2014 12:29:33 -0000 Author: pgj Date: Wed Apr 16 12:29:32 2014 New Revision: 44572 URL: http://svnweb.freebsd.org/changeset/doc/44572 Log: - Match order of projects in the report body with their order in the table of contents when producing the HTML output Reviewed by: gabor Modified: head/en_US.ISO8859-1/htdocs/news/status/report.xsl Modified: head/en_US.ISO8859-1/htdocs/news/status/report.xsl ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report.xsl Tue Apr 15 23:00:32 2014 (r44571) +++ head/en_US.ISO8859-1/htdocs/news/status/report.xsl Wed Apr 16 12:29:32 2014 (r44572) @@ -60,10 +60,15 @@

      - - - - + + + + + + + News Home | Status Home From owner-svn-doc-all@FreeBSD.ORG Wed Apr 16 12:38:45 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2B6BE39F; Wed, 16 Apr 2014 12:38:45 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 18AB719E4; Wed, 16 Apr 2014 12:38:45 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3GCcing014620; Wed, 16 Apr 2014 12:38:44 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3GCciXG014619; Wed, 16 Apr 2014 12:38:44 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404161238.s3GCciXG014619@svn.freebsd.org> From: Dru Lavigne Date: Wed, 16 Apr 2014 12:38:44 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44573 - head/en_US.ISO8859-1/books/handbook/dtrace X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2014 12:38:45 -0000 Author: dru Date: Wed Apr 16 12:38:44 2014 New Revision: 44573 URL: http://svnweb.freebsd.org/changeset/doc/44573 Log: Fix grammo. Submitted by: bjk Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Wed Apr 16 12:29:32 2014 (r44572) +++ head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Wed Apr 16 12:38:44 2014 (r44573) @@ -47,7 +47,7 @@ that might make this chapter too large. &dtrace; D Language, allowing them to customize their profiling based on specific needs. - The &os; implementation in provides full support for kernel + The &os; implementation provides full support for kernel &dtrace; and experimental support for userland &dtrace;. Userland &dtrace; allows users to perform function boundary tracing for userland programs using the pid From owner-svn-doc-all@FreeBSD.ORG Wed Apr 16 13:07:07 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 13C6179F; Wed, 16 Apr 2014 13:07:07 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 006D21C88; Wed, 16 Apr 2014 13:07:07 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3GD760r026522; Wed, 16 Apr 2014 13:07:06 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3GD76bc026521; Wed, 16 Apr 2014 13:07:06 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404161307.s3GD76bc026521@svn.freebsd.org> From: Warren Block Date: Wed, 16 Apr 2014 13:07:06 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44574 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2014 13:07:07 -0000 Author: wblock Date: Wed Apr 16 13:07:06 2014 New Revision: 44574 URL: http://svnweb.freebsd.org/changeset/doc/44574 Log: Clarify note on Midori. Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Wed Apr 16 12:38:44 2014 (r44573) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Wed Apr 16 13:07:06 2014 (r44574) @@ -413,8 +413,8 @@ Add support of DragonFly for xfce4-taskmanger. Finish replacing Tango icon theme with GNOME, in order to - close ports/183690 (see links, it remains - Midori). + close ports/183690 (see links, Midori remains to be + fixed).       From owner-svn-doc-all@FreeBSD.ORG Wed Apr 16 13:08:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9DD73887; Wed, 16 Apr 2014 13:08:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8ADE31C92; Wed, 16 Apr 2014 13:08:13 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3GD8DHl026670; Wed, 16 Apr 2014 13:08:13 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3GD8DPZ026669; Wed, 16 Apr 2014 13:08:13 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404161308.s3GD8DPZ026669@svn.freebsd.org> From: Warren Block Date: Wed, 16 Apr 2014 13:08:13 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44575 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2014 13:08:13 -0000 Author: wblock Date: Wed Apr 16 13:08:13 2014 New Revision: 44575 URL: http://svnweb.freebsd.org/changeset/doc/44575 Log: Use past tense of "lead". Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Wed Apr 16 13:07:06 2014 (r44574) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Wed Apr 16 13:08:13 2014 (r44575) @@ -245,7 +245,7 @@ respective branches, among other things.

      In early January, the team became aware of several - last-minute showstopper issues in &os; 10.0, which lead + last-minute showstopper issues in &os; 10.0, which led to an extension in the final release builds. &os; 10.0-RELEASE was announced on January 20, two months behind the original schedule.

      From owner-svn-doc-all@FreeBSD.ORG Wed Apr 16 14:01:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4C012CD9; Wed, 16 Apr 2014 14:01:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 38C98136C; Wed, 16 Apr 2014 14:01:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3GE1ull050938; Wed, 16 Apr 2014 14:01:56 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3GE1uRk050937; Wed, 16 Apr 2014 14:01:56 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404161401.s3GE1uRk050937@svn.freebsd.org> From: Dru Lavigne Date: Wed, 16 Apr 2014 14:01:56 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44576 - head/en_US.ISO8859-1/books/handbook/dtrace X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2014 14:01:56 -0000 Author: dru Date: Wed Apr 16 14:01:55 2014 New Revision: 44576 URL: http://svnweb.freebsd.org/changeset/doc/44576 Log: Finish editorial review of DTrace chapter. Add an explanatory paragraph for probes. This chapter still needs a section on userland DTrace. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Wed Apr 16 13:08:13 2014 (r44575) +++ head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Wed Apr 16 14:01:55 2014 (r44576) @@ -215,25 +215,43 @@ options DEBUG=-g Using &dtrace; + &dtrace; scripts consist of a list of one or more + probes, or instrumentation points, where + each probe is associated with an action. Whenever the condition + for a probe is met, the associated action is executed. For + example, an action may occur when a file is opened, a process is + started, or a line of code is executed. The action might be to + log some information or to modify context variables. The + reading and writing of context variables allows probes to share + information and to cooperatively analyze the correlation of + different events. + To view all probes, the administrator can execute the following command: &prompt.root; dtrace -l | more - This section demonstrates how to use two of the fully supported scripts from the + Each probe has an ID, a + PROVIDER (dtrace or fbt), a + MODULE, and a + FUNCTION NAME. Refer to &man.dtrace.1; for + more information about this command. + + The examples in this section provide an overview of how to + use two of the fully supported scripts from the &dtrace; Toolkit: the hotkernel and procsystime scripts. The hotkernel script is designed to identify - which function is using the most kernel time. Run normally, it + which function is using the most kernel time. It will produce output similar to the following: &prompt.root; cd /usr/share/dtrace/toolkit &prompt.root; ./hotkernel Sampling... Hit Ctrl-C to end. - The system administrator must use the + As instructed, use the CtrlC key combination to stop the process. Upon termination, the script will display a list of kernel functions @@ -272,8 +290,7 @@ kernel`sched_idletd how we should look that up. --> This script will also work with kernel modules. To use this - feature, run the script with the - flag: + feature, run the script with : &prompt.root; ./hotkernel -m Sampling... Hit Ctrl-C to end. @@ -297,10 +314,10 @@ kernel seriously obvious. It is 5AM btw. --> The procsystime script captures and - prints the system call time usage for a given - PID or process name. In the following + prints the system call time usage for a given process ID + (PID) or process name. In the following example, a new instance of /bin/csh was - spawned. The procsystime was executed and + spawned. Then, procsystime was executed and remained waiting while a few commands were typed on the other incarnation of csh. These are the results of this test: @@ -331,8 +348,8 @@ Elapsed Times for processes csh, sigsuspend 6985124 read 3988049784 - As shown, the read() system call seems - to use the most time in nanoseconds with the + As shown, the read() system call + used the most time in nanoseconds while the getpid() system call used the least amount of time. From owner-svn-doc-all@FreeBSD.ORG Wed Apr 16 14:05:35 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C9D0BDE2; Wed, 16 Apr 2014 14:05:35 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9C74113B7; Wed, 16 Apr 2014 14:05:35 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3GE5ZW2051353; Wed, 16 Apr 2014 14:05:35 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3GE5ZNh051352; Wed, 16 Apr 2014 14:05:35 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404161405.s3GE5ZNh051352@svn.freebsd.org> From: Dru Lavigne Date: Wed, 16 Apr 2014 14:05:35 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44577 - head/en_US.ISO8859-1/books/handbook/dtrace X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2014 14:05:35 -0000 Author: dru Date: Wed Apr 16 14:05:35 2014 New Revision: 44577 URL: http://svnweb.freebsd.org/changeset/doc/44577 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Wed Apr 16 14:01:55 2014 (r44576) +++ head/en_US.ISO8859-1/books/handbook/dtrace/chapter.xml Wed Apr 16 14:05:35 2014 (r44577) @@ -243,9 +243,9 @@ options DEBUG=-g hotkernel and procsystime scripts. - The hotkernel script is designed to identify - which function is using the most kernel time. It - will produce output similar to the following: + The hotkernel script is designed to + identify which function is using the most kernel time. It will + produce output similar to the following: &prompt.root; cd /usr/share/dtrace/toolkit &prompt.root; ./hotkernel @@ -314,13 +314,14 @@ kernel seriously obvious. It is 5AM btw. --> The procsystime script captures and - prints the system call time usage for a given process ID - (PID) or process name. In the following - example, a new instance of /bin/csh was - spawned. Then, procsystime was executed and - remained waiting while a few commands were typed on the other - incarnation of csh. These are the results of - this test: + prints the system call time usage for a given process + ID (PID) or process name. + In the following example, a new instance of + /bin/csh was spawned. Then, + procsystime was executed and remained + waiting while a few commands were typed on the other incarnation + of csh. These are the results of this + test: &prompt.root; ./procsystime -n csh Tracing... Hit Ctrl-C to end... @@ -348,8 +349,8 @@ Elapsed Times for processes csh, sigsuspend 6985124 read 3988049784 - As shown, the read() system call - used the most time in nanoseconds while the + As shown, the read() system call used + the most time in nanoseconds while the getpid() system call used the least amount of time. From owner-svn-doc-all@FreeBSD.ORG Wed Apr 16 15:55:47 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E2587422; Wed, 16 Apr 2014 15:55:46 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CDA051FBD; Wed, 16 Apr 2014 15:55:46 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3GFtka4096755; Wed, 16 Apr 2014 15:55:46 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3GFtkVM096754; Wed, 16 Apr 2014 15:55:46 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404161555.s3GFtkVM096754@svn.freebsd.org> From: Dru Lavigne Date: Wed, 16 Apr 2014 15:55:46 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44578 - head/en_US.ISO8859-1/books/handbook/network-servers X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2014 15:55:47 -0000 Author: dru Date: Wed Apr 16 15:55:46 2014 New Revision: 44578 URL: http://svnweb.freebsd.org/changeset/doc/44578 Log: Editorial review of first half of Apache chapter. Some reshuffling to improve flow. Add descriptions for virtual hosting and modules. Add URLs to module config docs. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Wed Apr 16 14:05:35 2014 (r44577) +++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Wed Apr 16 15:55:46 2014 (r44578) @@ -4249,18 +4249,19 @@ $include Kexample.com.+005+nnnnn.ZSK.key - - Apache HTTP Server + web servers setting up @@ -4273,7 +4274,7 @@ $include Kexample.com.+005+nnnnn.ZSK.key This section summarizes how to configure and start version 2.x of the Apache HTTP - Server, the most widely used version, on &os;. + Server on &os;. For more detailed information about Apache 2.X and its configuration directives, refer to In &os;, the main Apache HTTP Server configuration file is installed as - /usr/local/etc/apache2x/httpd.conf. - This ASCII text file begins comment lines with the + /usr/local/etc/apache2x/httpd.conf, + where x represents the version number. + This ASCII text file begins comment lines with a #. The most frequently modified directives are: @@ -4301,30 +4303,36 @@ $include Kexample.com.+005+nnnnn.ZSK.key Apache installation. Binaries are stored in the bin and sbin subdirectories of the server - root, and configuration files are stored in + root and configuration files are stored in the etc/apache2x. + class="directory">etc/apache2x + subdirectory. - ServerAdmin you@your.address + ServerAdmin you@example.com - The email address to receive problems with the + Change this to the email address to receive problems with the server. This address also appears on some server-generated pages, such as error documents. - ServerName www.example.com + ServerName www.example.com:80 - Allows an administrator to set a host name which is + Allows an administrator to set a hostname which is sent back to clients for the server. For example, www can be used instead of the - actual host name. + actual hostname. If the system does not have a + registeredDNS name, enter its + IP address instead. If the server + will listen on an alternate report, change + 80 to the alternate port + number. @@ -4342,106 +4350,102 @@ $include Kexample.com.+005+nnnnn.ZSK.key - It is always a good idea to make backup copies of the + It is always a good idea to make a backup copy of the default Apache configuration file before making changes. When the configuration of - Apache, is complete, save the - file and verify the configuration using apachectl(8). + Apache is complete, save the + file and verify the configuration using apachectl. Running apachectl configtest should return Syntax OK. Apache starting or stopping - The www/apache24 port - installs an &man.rc.8; script to aid in starting, stopping, - and restarting Apache, which can be - found in /usr/local/etc/rc.d/. - To launch Apache at system startup, add the following line to /etc/rc.conf: - apache24_enable="YES" + apache24_enable="YES" If Apache should be started with non-default options, the following line may be added to /etc/rc.conf to specify the needed flags: - apache24_flags="" - - The Apache configuration can be - tested for errors after making subsequent configuration - changes while httpd is running. This can - be done by the &man.rc.8; script directly, or by the - &man.service.8; utility by issuing one of the following - commands: + apache24_flags="" - &prompt.root; service apache24 configtest - - - It is important to note that the - configtest is not an &man.rc.8; standard, - and should not be expected to work for all &man.rc.8; - startup scripts. - - - If Apache does not report + If apachectl does not report configuration errors, start httpd - with &man.service.8;: + now: - &prompt.root; service apache24 start + &prompt.root; service apache24 start The httpd service can be tested by entering http://localhost in a web browser, replacing localhost with the fully-qualified - domain name of the machine running httpd, - if it is not the local machine. The default web page that is + domain name of the machine running httpd. + The default web page that is displayed is - /usr/local/www/apache24/data/index.html. + /usr/local/www/apache24/data/index.html. + + The Apache configuration can be + tested for errors after making subsequent configuration + changes while httpd is running using + the following + command: + + &prompt.root; service apache24 configtest + + + It is important to note that + configtest is not an &man.rc.8; standard, + and should not be expected to work for all + startup scripts. + Virtual Hosting - Apache supports two different - types of Virtual Hosting. The first method is Name-based - Virtual Hosting. Name-based virtual hosting uses the clients - HTTP/1.1 headers to figure out the hostname. This allows many - different domains to share the same IP + Virtual hosting allows multiple websites to run on one + Apache server. The virtual hosts + can be IP-based or + name-based. IP-based + virtual hosting uses a different IP address + for each website. Name-based virtual hosting uses the clients + HTTP/1.1 headers to figure out the hostname, which allows the + websites to share the same IP address. To setup Apache to use - Name-based Virtual Hosting add an entry like the following to - httpd.conf: - - NameVirtualHost * - - If the webserver was named www.domain.tld and - a virtual domain for www.someotherdomain.tld - then add the following entries to + name-based virtual hosting, add a + VirtualHost block for each website. For + example, for the webserver named www.domain.tld with + a virtual domain of www.someotherdomain.tld, + add the following entries to httpd.conf: <VirtualHost *> -ServerName www.domain.tld -DocumentRoot /www/domain.tld +ServerName www.domain.tld +DocumentRoot /www/domain.tld </VirtualHost> <VirtualHost *> -ServerName www.someotherdomain.tld -DocumentRoot /www/someotherdomain.tld +ServerName www.someotherdomain.tld +DocumentRoot /www/someotherdomain.tld </VirtualHost> - Replace the addresses with the addresses needed and the - path to the documents with what are being used. + For each virtual host, replace the values for + ServerName and + DocumentRoot with the values to be + used. For more information about setting up virtual hosts, - please consult the official Apache + consult the official Apache documentation at: http://httpd.apache.org/docs/vhosts/. @@ -4452,14 +4456,25 @@ DocumentRoot /www/someotherdomain.tld Apache modules - There are many different Apache - modules available to add functionality to the basic server. - The &os; Ports Collection provides an easy way to install - Apache together with some of the - more popular add-on modules. + Apache uses + modules to augment the functionality provided by the basic + server. Refer to http://httpd.apache.org/docs/current/mod/ + for a complete listing of and the configuration details for + the available modules. + + In &os;, some modules can be compiled with the + www/apache24 port. Type make + config within + /usr/ports/www/apache24 to see which + modules are available and which are enabled by + default. If the module is not compiled with the port, the + &os; Ports Collection provides an easy way to install + many modules. This section describes three of the most + commonly used modules. - <application>mod_ssl</application> + <filename>mod_ssl</filename> web servers @@ -4468,157 +4483,56 @@ DocumentRoot /www/someotherdomain.tld SSL cryptography - The mod_ssl module uses the - OpenSSL library to provide strong cryptography via the - Secure Sockets Layer (SSL v2/v3) and Transport Layer - Security (TLS v1) protocols. This module provides + The mod_ssl module uses the + OpenSSL library to provide strong cryptography via the + Secure Sockets Layer (SSLv3) and Transport Layer + Security (TLSv1) protocols. This module provides everything necessary to request a signed certificate from a trusted certificate signing authority to run a secure web server on &os;. - The mod_ssl module is built - by default, but can be enabled by specifying - -DWITH_SSL at compile time. - - - - Language Bindings - - There are Apache modules for most major scripting - languages. These modules typically make it possible to - write Apache modules entirely in - a scripting language. They are also often used as a - persistent interpreter embedded into the server that avoids - the overhead of starting an external interpreter and the - startup-time penalty for dynamic websites, as described in - the next section. - - - - - Dynamic Websites - - - web servers - dynamic - - - In the last decade, more businesses have turned to the - Internet in order to enhance their revenue and increase - exposure. This has also increased the need for interactive - web content. While some companies, such as µsoft;, - have introduced solutions into their proprietary products, - the open source community answered the call. Modern options - for dynamic web content include Django, Ruby on Rails, - mod_perl2, and - mod_php. - - - Django - - Python - Django - - Django is a BSD licensed framework designed to allow - developers to write high performance, elegant web - applications quickly. It provides an object-relational - mapper so that data types are developed as Python objects, - and a rich dynamic database-access API is provided for those - objects without the developer ever having to write SQL. It - also provides an extensible template system so that the - logic of the application is separated from the HTML - presentation. - - Django depends on mod_python, - Apache, and an SQL database - engine. The &os; Port will install all of - these pre-requisites with the appropriate - flags. - - - Installing Django with - <application>Apache2</application>, - <application>mod_python3</application>, and - <application>PostgreSQL</application> - - &prompt.root; cd /usr/ports/www/py-django; make all install clean -DWITH_MOD_PYTHON3 -DWITH_POSTGRESQL - - - Once Django and these pre-requisites are installed, - the application will need a Django project directory along - with the Apache configuration to use the embedded Python - interpreter. This will be the interpreter to - call the application for specific URLs on the site. - - - Apache Configuration for Django/mod_python - - A line must be added to the apache - httpd.conf file to configure Apache - to pass requests for certain URLs to the web - application: - - <Location "/"> - SetHandler python-program - PythonPath "['/dir/to/the/django/packages/'] + sys.path" - PythonHandler django.core.handlers.modpython - SetEnv DJANGO_SETTINGS_MODULE mysite.settings - PythonAutoReload On - PythonDebug On -</Location> - - - - - Ruby on Rails - - Ruby on Rails - - Ruby on Rails is another open source web framework that - provides a full development stack and is optimized to make - web developers more productive and capable of writing - powerful applications quickly. It can be installed easily - from the ports system. - - &prompt.root; cd /usr/ports/www/rubygem-rails; make all install clean + In &os;, mod_ssl module is enabled + by default in both the package and the port. The available + configuration directives are explained at http://httpd.apache.org/docs/current/mod/mod_ssl.html. - <application>mod_perl2</application> + <filename>mod_perl2</filename> mod_perl2 Perl - The Apache/Perl integration - project brings together the full power of the Perl - programming language and the - Apache HTTP Server. With the - mod_perl2 module it is possible - to write Apache modules entirely - in Perl. In addition, the persistent interpreter embedded + The + mod_perl2 module makes it possible + to write Apache modules + in Perl. In addition, the persistent interpreter embedded in the server avoids the overhead of starting an external - interpreter and the penalty of Perl start-up time. + interpreter and the penalty of Perl start-up time. - mod_perl2 is available in the - www/mod_perl2 - port. + The mod_perl2 can be installed using the + www/mod_perl2 package or + port. Documentation for using this module can be found at + http://perl.apache.org/docs/2.0/index.html. - - <application>mod_php</application> + mod_php @@ -4717,6 +4631,95 @@ DocumentRoot /www/someotherdomain.tld &prompt.root; apachectl graceful + + + Dynamic Websites + + + web servers + dynamic + + + In the last decade, more businesses have turned to the + Internet in order to enhance their revenue and increase + exposure. This has also increased the need for interactive + web content. While some companies, such as µsoft;, + have introduced solutions into their proprietary products, + the open source community answered the call. Modern options + for dynamic web content include Django, Ruby on Rails, + mod_perl2, and + mod_php. + + + Django + + Python + Django + + Django is a BSD licensed framework designed to allow + developers to write high performance, elegant web + applications quickly. It provides an object-relational + mapper so that data types are developed as Python objects, + and a rich dynamic database-access API is provided for those + objects without the developer ever having to write SQL. It + also provides an extensible template system so that the + logic of the application is separated from the HTML + presentation. + + Django depends on mod_python, + Apache, and an SQL database + engine. The &os; Port will install all of + these pre-requisites with the appropriate + flags. + + + Installing Django with + <application>Apache2</application>, + <application>mod_python3</application>, and + <application>PostgreSQL</application> + + &prompt.root; cd /usr/ports/www/py-django; make all install clean -DWITH_MOD_PYTHON3 -DWITH_POSTGRESQL + + + Once Django and these pre-requisites are installed, + the application will need a Django project directory along + with the Apache configuration to use the embedded Python + interpreter. This will be the interpreter to + call the application for specific URLs on the site. + + + Apache Configuration for Django/mod_python + + A line must be added to the apache + httpd.conf file to configure Apache + to pass requests for certain URLs to the web + application: + + <Location "/"> + SetHandler python-program + PythonPath "['/dir/to/the/django/packages/'] + sys.path" + PythonHandler django.core.handlers.modpython + SetEnv DJANGO_SETTINGS_MODULE mysite.settings + PythonAutoReload On + PythonDebug On +</Location> + + + + + Ruby on Rails + + Ruby on Rails + + Ruby on Rails is another open source web framework that + provides a full development stack and is optimized to make + web developers more productive and capable of writing + powerful applications quickly. It can be installed easily + from the ports system. + + &prompt.root; cd /usr/ports/www/rubygem-rails; make all install clean + + From owner-svn-doc-all@FreeBSD.ORG Wed Apr 16 17:12:26 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4376F95; Wed, 16 Apr 2014 17:12:26 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2E38B183A; Wed, 16 Apr 2014 17:12:26 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3GHCQV2029535; Wed, 16 Apr 2014 17:12:26 GMT (envelope-from taras@svn.freebsd.org) Received: (from taras@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3GHCQH9029534; Wed, 16 Apr 2014 17:12:26 GMT (envelope-from taras@svn.freebsd.org) Message-Id: <201404161712.s3GHCQH9029534@svn.freebsd.org> From: Taras Korenko Date: Wed, 16 Apr 2014 17:12:26 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44579 - head/ru_RU.KOI8-R/books/handbook/audit X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Wed, 16 Apr 2014 17:31:04 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2014 17:12:26 -0000 Author: taras Date: Wed Apr 16 17:12:25 2014 New Revision: 44579 URL: http://svnweb.freebsd.org/changeset/doc/44579 Log: MFen: + books/handbook/audit/chapter.xml r30208 --> r43688 PR: docs/187278 Submitted by: Vladimir Romanov Modified: head/ru_RU.KOI8-R/books/handbook/audit/chapter.xml Modified: head/ru_RU.KOI8-R/books/handbook/audit/chapter.xml ============================================================================== --- head/ru_RU.KOI8-R/books/handbook/audit/chapter.xml Wed Apr 16 15:55:46 2014 (r44578) +++ head/ru_RU.KOI8-R/books/handbook/audit/chapter.xml Wed Apr 16 17:12:25 2014 (r44579) @@ -5,7 +5,7 @@ $FreeBSDru: frdp/doc/ru_RU.KOI8-R/books/handbook/audit/chapter.xml,v 1.10 2007/06/26 08:38:00 den Exp $ $FreeBSD$ - Original revision: r30208 + Original revision: r43688 --> - + 疸追 嗜泰塢 妥斛仭嗄腕塢 - TomRhodes疱塹 + + + Tom + Rhodes + + 疱塹 + + + + Robert + Watson + + - 篥良眩厦霤凖從 料 簒嗷防 凉挧: + + + 篥良 + 眩厦 + + 霤凖從 料 簒嗷防 凉挧: + + + + 盟追揺 + 鯱輿力 + + 鐶力很杜錨 佚凖從珍: + - + 誨壮防 和斛 AUDIT @@ -30,10 +57,9 @@ requirements. --> 疸追 嗜泰塢 妥斛仭嗄腕塢 MAC - &os; 6.2-RELEASE 堆姪 佻敖良 彭厶鰭 &os; - 徊明涸脊 單耐 佻陳賭嵋 奏追堊 嗜泰塢 妥斛仭嗄腕塢. - 疸追 嗜泰塢 珍都 料津嵶拱 塹淮拱 嗤腕和 通 - 侑塹墨棉厦彖良 卅斂扶隣 嗜泰塢, 嘛凉僧隣 妥斛仭嗄腕墮, + 鑰賭礎貧領叢 喇嘖斗 &os; 徊明涸都 單耐 佻陳賭嵋 奏追堊 + 嗜泰塢 妥斛仭嗄腕塢. 疸追 嗜泰塢 珍都 料津嵶拱 塹淮拱 嗤腕和 + 通 侑塹墨棉厦彖良 卅斂扶隣 嗜泰塢, 嘛凉僧隣 妥斛仭嗄腕墮, 徊明涸 徃歪 喇嘖斗, 冨妖療良 墨瞭蒜孀礎鰭, 掴嘖孃 徳別鼠 單塢. 塢 攸佗喇 溶杯 泰墮 療攸妖良踊 通 溶良塹夘稜 噸遼檀藁敏媽歸 喇嘖斗, 和料簒崚良 徭碗崚良 @@ -84,117 +110,107 @@ requirements. --> - 鯏遡冨礎頻 奏追堊 &os; 6.2 - 榾嗤賭浜杜堊蒙料, 瓶佻蒙斛彖良 - 電 凖遡慘挌 攸珍涸 掴網力 侑鷲旌歪不慯 塹蒙墨 佻嗅 - 徇浜壮徒慘惑 變阻詫姪良 嗜 徨斗 夘嗚鼠, 墨塹燮 侑夫歪不 - 瓶佻蒙斛彖良 榾嗤賭浜杜堊蒙力馬 侑惑卅様力馬 和途佚淌良. - 冨彭嘖隣 惑卅良淌良冤 堽腕不嗔 塹 徳穆, 湟 療 徨 嗜泰塢 - 料嘖湾殄 溶妖淋 侑塹墨棉簒斗. 鄙侑浜賭, 療墨塹燮 妖帆良斃 - 徃歪 喇嘖斗 (X11-腕力彖領拇 亘藁隣 妖療綴賭, 洋惑賄 - 侑惑卅様力 和途佚淌良 嘖碗藁良 侑鷲旌歪不徒妬) 療 - 嗚藁読杯夘厦彖隣 通 侑塹墨棉厦彖良 嗜泰塢 徃歪 喇嘖斗 淌凖 - 佻柘瓶堙葉 奏追堊. - - - - 蚌佻蒙斛彖良 喇嘖斗 奏追堊 溶崚 侑夫途塢 播療夘厦彖良 - 惑厦洋挌 嶮厠遡慘挌 徳別: 蛭 卅斃賭 料 喇蒙力 攸拝孛杜隣 單叟賭組 - 療墨塹燮 墨瞭蒜孀礎頻 溶崚 掴嘖蒜壮 療嗚鰐慄蛭 派覗汰編 療津明. - 當揺良嘖卅塹燮 掴網隣 徇浜壮徒慘 嗅田不 攸 追嗚忸 侑腕墟僧嘖從 - 卅敖徒 喇嘖斗 奏追堊. 鄙侑浜賭, 凖墨妖猟嫖墫 忸津棉墮 - 堋徒慘拱 卅敖徒 通 徳別從 喇嘖斗 奏追堊 - /var/audit, 湟和 佚凖佻摸杜錨 卅敖徒 奏追堊 - 療 很頻模 料 卅堆塹嗤腕和力嘖 徨妬 腕堊蒙力 喇嘖斗. + 鯏遡冨礎頻 奏追堊 浜電 冨彭嘖隣 惑卅良淌良, 料侑浜賭, + 療 徨 嗜泰塢 料嘖湾殄 溶妖淋 侑塹墨棉簒斗. + 鄙侑浜賭, 療墨塹燮 妖帆良斃 徃歪 喇嘖斗 (鑽力彖領拇 料 X11 + 亘藁隣 妖療綴賭, 洋惑賄 侑惑卅様力 和途佚淌良 嘖碗藁良 + 侑鷲旌歪不徒妬) 療 嗚藁読杯夘厦彖隣 通 侑塹墨棉厦彖良 嗜泰塢 + 徃歪 喇嘖斗 淌凖 佻柘瓶堙葉 奏追堊. + 蚌佻蒙斛彖良 喇嘖斗 奏追堊 溶崚 侑夫途塢 播療夘厦彖良 + 惑厦洋挌 嶮厠遡慘挌 徳別: 蛭 卅斃賭 料 喇蒙力 攸拝孛杜隣 單叟賭組 + 療墨塹燮 墨瞭蒜孀礎頻 溶崚 掴嘖蒜壮 療嗚鰐慄蛭 派覗汰編 療津明. + 當揺良嘖卅塹燮 掴網隣 侑瀕浜壮 從 徇浜僧錨 墟殿彖良 + 追嗚從葉 侑腕墟僧嘖徼 通 料拝孛杜隣 墨瞭蒜孀礎品 喇嘖斗 + 奏追堊. 鄙侑浜賭, 凖墨妖猟嫖墫 忸津棉墮 堋徒慘拱 卅敖徒 通 + 徳別從 喇嘖斗 奏追堊 + /var/audit, + 湟和 佚凖佻摸杜錨 卅敖徒 奏追堊 療 很頻模 料 卅堆塹嗤腕和力嘖 + 徨妬 腕堊蒙力 喇嘖斗. - 詭折砺拇 佻倫塢 - 牧壮防 嗅彖曼. + 詭折砺拇 佻倫塢 篩領亙 臾宋. 霤凖 湟杜錨 榑亙 婆宋 療和範追溶 椀凖津棉墮 療嗚鰐慄 - 北折砺挌 佻倫塢. 塹 燐嵶 通 塹馬, 湟和 侑田墸卅塢墮 - 療掴卅旁妖良, 墨塹燮 溶杯 從變彬燐墮 冨-攸 卅變秒 墟阻塹徊 - 療墨塹燮 堙厖瀕. 簒嗷墨 彭厶鰭 掴釦妖淋 侑夫歪冱嗔 + 北折砺挌 佻倫塢. 簒嗷墨 彭厶鰭 掴釦妖淋 侑夫歪冱嗔 駄冨防 佻 嗟搜盲 佚凖從 嗚和冒 嬲惣掀租墫 碗蒜瀕遡慘拱 僧婆品嗚品 堙厖瀕. 嗜泰塢 (event): 麩泰塢, 墨塹厦 - 溶崚 泰墮 攸療單力 嶮厠遡. 當揺良嘖卅塹 溶崚 忸舵卅墮, - 冒防 浜杜力 嗜泰塢 怠蔦 嶮厠遡敏彖墮嗔 佻柘瓶堙溶 - 奏追堊. 麸瓶亘 彖嵶挌 通 妥斛仭嗄腕塢 喇嘖斗 - 嗜泰塢 徊明涸都: 嗜敖僧錨 徳別, 瀕秒描棉攸檀 單堙從馬 + 溶崚 泰墮 攸療單力 嶮厠遡. 靤浜賭 彖嵶挌 通 妥斛仭嗄腕塢 + 喇嘖斗 嗜泰塢 徊明涸都: 嗜敖僧錨 徳別, 瀕秒描棉攸檀 單堙從馬 嗜田瀕杜頻, 徃歪 佻蒙斛彖堙妄 喇嘖斗. 麩泰塢 卅敖徒兩墫 料 侑賓瓶掀租踊 (attributable) - 堙, 墨塹燮 溶杯 泰墮 堽途杜 墨遼凖堽詫 佻蒙斛彖堙明 - - 療-侑賓瓶掀租踊 (non-attributable). 靤浜賭 + 療-侑賓瓶掀租踊 (non-attributable), 途棉 + 蛭 療蒙斫 堽途塢 墨遼凖堽詫 佻蒙斛彖堙明. 靤浜賭 療-侑賓瓶掀租溶馬 嗜泰塢 - 明堆 嗜泰塢, 侑鷲斛枦壷電 掴 - 宋塹夘攸檀 佻蒙斛彖堙妄, 堊墨, 冒 療嫩挿隣 徃歪 佻蒙斛彖堙妄 - 喇嘖斗. + 奏堙淋鋲彬礎鰭 佻蒙斛彖堙妄, 堊墨, 料侑浜賭, 堊墨, 冒 + 療嫩挿隣 徃歪 佻蒙斛彖堙妄 喇嘖斗. - 詭喪 (class): 麩泰塢 溶杯 泰墮 - 堽途杜 歪力葉 斌 堆姪 北喪啻, 和掵力 腕力忸彖决 - 料 冒堙馬夘 嗜泰塢: 嗜敖僧錨 徳別 (fc), - 掴嘖孃 徳別 (fo), - 忸佻摸杜錨 徳別 (ex), 嗜泰塢 - 徃歪 喇嘖斗 忸範珍 冨 療 (lo). - 蚌佻蒙斛彖良 北喪嗜 佻旌鰐囘 祖揺良嘖卅塹簒 嗜敖宋壮 - 忸嗜墨孀徇砺拇 侑宋斌 奏追堊 妥 嬲惣僧頻 墨遼凖堽挌 - 椀賭礎品, 壘都 墨塹燮 掴網杜 掴汰很冱慯 嶮厠遡. + 詭喪 (class): 詭喪噎 嗜泰塢 榑 + 浜杜彖領拇 料堆燮 歪力塢侘挌 嗜泰塢, 墨塹燮 瓶佻蒙旁脊嗔 + 忸卅崚良冏 忸堆卅. 喪塹瓶佻蒙旁斗拇 北喪噎 嗜泰塢 + 徊明涸脊 嗜敖僧錨 徳別 (fc), + 忸佻摸杜錨 徳別 (ex) + 嗜泰塢 徃歪 喇嘖斗 忸範珍 冨 療 (lo). 双瓶 (record): 双瓶 - 榑 田瀕扶料 攸佗嗹 嶮厠遡, 椀瓶掀狙歔 塹 斌 瀕賄 嗜泰塢. 双瓶 和掵力 嗜津雙不 瀕届厖礎廟 塢佚 嗜泰塢, - 瀕届厖礎廟 嗾貸屠堙 嗜泰塢 (佻蒙斛彖堙姪), 徠斗 嗜泰塢, - 瀕届厖礎廟 和 和濺穆組 嗜泰塢 (料侑浜賭, 徳別組) - 瀕届厖礎廟 和 孑佚枸腕塢 忸佻摸杜頻 椀賭礎鰭, 佻厦追忝妬 - 嗜泰塢. + 瀕届厖礎廟 嗾貸屠堙 嗜泰塢 (佻蒙斛彖堙姪), 墨塹燮 + 忸佻摸斌 療墨塹厦 津篇墸頻, 珍壞 徠斗 嗜泰塢, + 瀕届厖礎廟 和 和濺穆組 倉杯妖淋組 嗜泰塢, 途棉 藁 途墮, + 堊勃 瀕届厖礎廟 和 孑佚枸腕塢 忸佻摸杜頻 椀賭礎鰭, + 佻厦追忝妬 嗜泰塢. 孀料 (trail): - 嶮厠遡 奏追堊, 斌 模-徳別 - - 嗜津雙不 單夘 攸佗單 喇嘖斗隣 嗜泰塢冏. + 嶮厠遡 奏追堊, 斌 模-徳別 - + 嗜津雙不 單夘 攸佗單 喇嘖斗隣 嗜泰塢冏. 訌 侑宋斌, 嶮厠遡 嗜津雙不 攸佗喇 嘖厦馬 頒藁鰐惑扶途墨 佻厮痛 佻 徠斗杜 攸彭叨杜頻 - 嗜泰塢. 鰐慄 宋塹夘斛彖領拇 侑話途噎 (料侑浜賭, - auditd) 浜点 掴嘖孃 嶮厠遡. + 嗜泰塢. 鰐慄 宋塹夘斛彖領拇 侑話途噎 溶杯 + 掴汰很冱 攸佗喇 嶮厠遡. - 忸卅崚良 忸津姪良 (selection expression): + 忸卅崚良 忸堆卅 (selection expression): 黌厦冒, 嗜津雙掃叢 嗤瓶亘 侑兎彬嗜 浜杜 北喪嗜, 瓶佻蒙旁斗叢 - 通 忸津姪良 拝孃俎 嗜泰塢. + 通 忸堆卅 拝孃俎 嗜泰塢. - 侑田彖夘堙蒙力 忸津姪良 (preselection): - 靤話途, 從 徠斗 墨塹厦馬 喇嘖斗 椀凖津妄都, 冒防 嗜泰塢 浜点 - 侑貧夘堙堽媽 彖嵶腕墮 通 祖揺良嘖卅塹卅. 塹 療和範追溶 通 塹馬, + 侑田彖夘堙蒙隣 忸堆 (preselection): + 靤話途, 佻溶毆 墨塹厦馬 喇嘖斗 椀凖津妄都, 冒防 嗜泰塢 浜点 + 彖嵶腕墮 通 祖揺良嘖卅塹卅. 塹 療和範追溶 通 塹馬, 湟和 冨妥崛墮 侑塹墨棉厦彖良 嗜泰塢, 療 浜点殄 良冒墨 變挿浜腕塢. - 靤田彖夘堙蒙力 忸津姪良 瓶佻蒙旁都 厮 - 忸卅崚良 忸津姪良 通 塹馬, 湟和 椀凖津棉墮, - 冒防 浜杜力 北喪噎 嗜泰塢 通 冒墨馬 佻蒙斛彖堙妄 療和範追溶 徇腕不 - 嶮厠遡, 堊 崚, 冒 通 宋塹夘斛彖領挌 療宋塹夘斛彖領挌 - 侑話途嗜. + 靤田彖夘堙蒙隣 忸堆 瓶佻蒙旁都 厮 忸卅崚良 忸堆卅 + 通 塹馬, 湟和 椀凖津棉墮, 冒防 浜杜力 北喪噎 嗜泰塢 通 + 冒墨馬 佻蒙斛彖堙妄 療和範追溶 徇腕不 嶮厠遡, 堊 崚 + 婆和遡慘拇 料嘖厦碧, 墨塹燮 怠蔦 侑浜杜冱慯 冒 通 + 宋塹夘斛彖領挌, 堊 通 療宋塹夘斛彖領挌 侑話途嗜. 翩蒙墟礎頻 (reduction): 靤話途, 凖旁蒙堊堙 墨塹厦馬 攸佗喇 冨 嗾歸嘖徼摂吐 嶮厠遡 - 忸津妄脊嗔 通 頒僧杜頻, 卅嗤党壮防 斌 僧遡冨. 靤話途 從 洋惑詫 - 僧遡惑扶杜 侑田彖夘堙蒙力葉 忸津姪良. 蚌佻蒙旁 - 読蒙墟礎廟 祖揺良嘖卅塹燮 溶杯 凖遡冨忸彖墮 - 卅斂扶隣 佻棉塢防 頒僧杜頻 嶮厠遡 奏追堊. 鄙侑浜賭, 津堊棉敝厦彖領拱 - 嶮厠遡 溶崚 頒僧不慯 妖嗔, 力 佻嗅 榑惑 藁 掴網杜 泰墮 嗜牧掃杜 - 湟和 頒僧不 塹蒙墨 瀕届厖礎廟 徃歪 喇嘖斗 忸範津 冨 療 - 堆姪 通不徒慘拱 嘔亘. + 忸津妄脊嗔 通 頒僧杜頻, 卅嗤党壮防 斌 僧遡冨. 阻崚, 榑 + 侑話途, 凖旁蒙堊堙 墨塹厦馬 療崚盟堙蒙隣 攸佗喇 嫩遡兩墫 + 冨 嶮厠遡 奏追堊. 蚌佻蒙旁 読蒙墟礎廟, 祖揺良嘖卅塹燮 溶杯 + 凖遡冨忸彖墮 卅斂扶隣 佻棉塢防 頒僧杜頻 珍領挌 奏追堊. + 鄙侑浜賭, 津堊棉敝厦彖領拱 嶮厠遡 溶崚 頒僧不慯 妖嗔, 力 + 佻嗅 榑惑 藁 掴網杜 泰墮 嗜牧掃杜 湟和 頒僧不 塹蒙墨 + 瀕届厖礎廟 徃歪 喇嘖斗 忸範津 冨 療 通 壇姪 倉班彖檀. @@ -203,30 +219,31 @@ requirements. --> 嘖僧徊 喇嘖斗 奏追堊 靉蒙斛彖堙蒙嗚叢 涸嘖 佻柘瓶堙踊 奏追堊 孑堊料很夫租墫 冒 涸嘖 - 汰斛從 喇嘖斗 &os; 料淺料 彭厶鰭 6.2-RELEASE. 斗 療 妖療, - 佻陳賭嵋 奏追堊 掴網料 泰墮 掴汰很杜 冂厦. 塹馬 - 溶嵶 掴舵墮嗔, 掴汰徂 嗅田媽殳 嘖厦釦 墨瞭蒜孀礎貧領拱 徳別 - 彖枦馬 嗤澱描蒙力馬 冂卅: + 汰斛從 喇嘖斗 &os;. 靉陳賭嵋 奏追堊 嗜泰塢 嗜 嘖碗藁 冂卅 + 堊勃 墨熔斌敏嫖墫 佻 嬪鰐涸良, 力 佻陳賭嵋 珍領亙 從斃嵶腕塢 + 墟殿嫖 嗜敖僧頻 嘛賄馬 冂卅, 掴汰很杜錨 嗅田媽歸 嘖厦防 + 墨瞭蒜孀礎貧領拱 徳別 冂卅: options AUDIT 靤話途 啾碗防 孑堊力徊 冂卅 佻漬和力 椀瓶僧 婆宋 . - 靉嗅 榑惑, 療和範追溶 卅斷奴不 攸侖嗚 津溶料 奏追堊, + 訌 塹蒙墨 冂厦 佻陳賭嵋亙 奏追堊 泰模 嗜岱僧 孑堊力很杜, + 喇嘖斗 泰盟 佚凖攸拝孛杜, 療和範追溶 卅斷奴不 攸侖嗚 津溶料 奏追堊, 掴汰徂 嗅田媽殳 嘖厦釦 &man.rc.conf.5;: auditd_enable="YES" - 簗 攸侖嗚 津溶料 嗜 嗤澱鋲扶途防揺 仭卅妖墟鼠 燐嵶 - 嬲惣壮 榑 仭卅妖墟 椀檀 - 徳別 &man.rc.conf.5;. - + 壮斗 燐嵶 攸侖嘖不 佻陳賭嵋 奏追堊 棉堆 侖堙 + 佚凖攸拝孳防, 棉堆 徠孺燐, 攸侖嘖夫 津溶 奏追堊: + + service auditd start + 鄙嘖厦碧 喇嘖斗 奏追堊 - 單 墨瞭蒜孀礎貧領拇 徳別 喇嘖斗 奏追堊 料範佃墫 冒堊模播 /etc/security. 霤凖 攸侖嗚詫 津溶料 奏追堊 堊 掴網隣 料範追墮嗔 嗅田媽殄 徳別: @@ -241,72 +258,80 @@ requirements. --> audit_control - 霑卅妖墟 喇嘖斗 奏追堊: 北喪噎 佻 嬪鰐涸良, 揺良輿蒙力 追嗚從 侑腕墟僧嘖從, 墨塹厦 掴網力 腕堊彖墮嗔 料 卅敖徒 嶮厠遡 - 奏追堊, 漬嫻錨. + 奏追堊, 輿睦浜遡慘拱 卅斃賭 嶮厠遡 奏追堊 漬嫻錨. - audit_event - 鑰凖津妄都 腕力徇拇 - 嗜泰塢 奏追堊. 塹, 腕力徇詫, 喇嘖斗隣 忸斛忸. + audit_event - 屠嘖忸 浜杜 + 椀瓶僧頻 嗜泰塢 奏追堊, 堊勃 嗤瓶亘, 椀凖津妄摂品 + 嗜墸都嘖徂 北喪嗜 嗜泰塢, 墨塹燮 料範佃墫 珍領挌 + 北喪啻. - audit_user - 麩泰塢 奏追堊 通 - 通 堋徒慘挌 佻蒙斛彖堙姪. 靉蒙斛彖堙棉, 療 孃詫瀕租踊 - 榑詫 徳別, 怠蔦 卅嗷輿墟夫壮慯 冒 嗾貸屠壅 墨瞭蒜孀礎鰭 - 佻-嬪鰐涸良 徳別 audit_control. + audit_user - 凖堆彖良 奏追堊, 墨塹燮 + 毀扶狙墫 通 堋徒慘挌 佻蒙斛彖堙姪. 鑪 嗜田瀕兩墫 + 婆和遡慘挈 料嘖厦碧鼠 佻 嬪鰐涸良 侑 徃歪 佻蒙斛彖堙妄 + 喇嘖斗. - audit_warn - 麕夘來 墨輿猟力馬 - 瀕堙厥凖堊塹卅 Bourne Shell, 墨塹燮 瓶佻蒙旁都嗔, 湟和 - 喃杜賭敏彖墮 侑田孃凖崢狙殄 嗜和歸良 和 瓶北折不徒慘挌 + 瀕堙厥凖堊塹卅, 瓶佻蒙旁斗拱 &man.auditd.8;, + 湟和 喃杜賭敏彖墮 侑田孃凖崢狙殄 嗜和歸良 和 瓶北折不徒慘挌 喇壞礎頻, 料侑浜賭, 墨把 攸冒涙夫租墫 嘛和歪力 追嗚從 - 侑腕墟僧嘖從 通 攸佗單 嶮厠遡 奏追堊. + 侑腕墟僧嘖從 通 攸佗單 嶮厠遡 奏追堊, 棉堆 墨把 侑鷲斛枳 + 厦堊檀 徳別 嶮厠遡 奏追堊. + + 譱別 墨瞭蒜孀礎鰭 奏追堊 掴網隣 凖珍穆敏彖墮嗔 + 冨妖倫墮嗔 腕塹厦嵶腕墮, 堊 冒 柯陀 墨瞭蒜孀礎鰭 + 溶杯 侑夫途塢 療侑宋斌慘詫 模杯 嗜泰塢 + + - 耋厖壮 墨瞭蒜孀礎貧領惑 徳別 + 捍爽杜頻 忸堆卅 嗜泰塢 - 耋厖壮 墨瞭蒜孀礎貧領惑 徳別 療 淌輪 模派淌, 力 良, 堙 - 療 妖療, 掴嘖壮淮 侑腕塹 卅堆堊墮. 鐵料墨, 祖揺良嘖卅塹卅 - 嗅田嫖 泰墮 淌輪 徇浜壮徒慘挈 侑 冨妖療良 變挿杜品 佻 - 嬪鰐涸良, 佻嗚鰐慄 榑 嗜敖租 佻堙涼描蒙燐 椀喪力嘖 - 療侑宋斌慘惑 啾碗 珍領挌 喇嘖斗亙 奏追堊. - - 墨瞭蒜孀礎貧領詫 徳別 溶杯 瓶佻蒙斛彖墮嗔 冒 佻摸拇, - 堊 嗜牧掃杜隣 仭卅妖墟. 麩墸都嘖徂 怠蔦 侑夫田杜 - 良崚. + 捍爽杜頻 忸堆卅 瓶佻蒙旁脊嗔 療嗚鰐慄蛭 妖嘖組 + 墨瞭蒜孀礎鰭 奏追堊 通 椀凖津姪良 塹馬, 冒防 嗜泰塢 掴網隣 + 佻鍔賭覗墮嗔 奏追壞. 捍爽杜頻 嗜津雙壮 嗤瓶亘 北喪嗜 嗜泰塢, + 墨塹燮揺 瀕堙凖嗾摂電 料 嗜泰塢 怠津 嘔宋良彖墮嗔. 訌崢賄 + 忸卅崚良 浜電 侑兎彬, 佻冒旛彖摂品, 燐嵶 棉 侑瀕冱 + 斌 蒜力夘厦彖墮 料閉杜力 嗜泰塢, , 從斃嵶, 佻冒旛彖摂品, + 瀕堙凖嗾脊 棉 料 孑佚枸拇 斌 療孑佚枸拇 椀賭礎鰭. 捍爽杜頻 + 忸堆卅 卅嗷輿墟夫狙墫 嗅砺 料侑宋, 鍔 忸卅崚良 + 和濺追倫脊嗔 侑腕壅 掴汰很杜錨 徭碗惑 忸卅崚良 墨涼 + 佚叟惑. - 麑田媽殄 嗤瓶亘 嗜津雙不 徨 北喪噎 佻 嬪鰐涸良, + 麑田媽殄 嗤瓶亘 嗜津雙不 北喪噎 佻 嬪鰐涸良, 侑瓶孕嘖徼摂錨 徳別 audit_class: - - all - + all - all - 麩墸都嘖徼都 徨斗 北喪啻 嗜泰塢. - - administrative + ad - administrative - 疸追 祖揺良嘖卅塢徇挌 津篇墸品, 侑鷲斛枦壷蛭 喇嘖斗. - - application - + ap - application - 疸追 嗜泰塢, 忸旌僧力馬 冒防-棉堆 侑斌崚良斗. - - file_close - - 疸追 忸斛從 喇嘖斗力 噸遼檀 - close. + cl - file close + - 疸追 忸斛從 喇嘖斗力 噸遼檀 close. - - exec - + ex - exec - 疸追 攸侖嗚 侑斌崚良. 疸追 倉杯妖淋 墨輿猟力 嘖厦防 佚凖妖領挌 亘簒崚良 墨淋厦棉簒都嗔 淌凖 &man.audit.control.5; 瓶佻蒙旁 仭卅妖墟 argv envv @@ -314,85 +339,85 @@ requirements. --> - - file_attr_acc - - 疸追 掴嘖孃 壮夘怠堊 和濺穆 蛭 冨妖療良, - 料侑浜賭 淌凖 &man.stat.1;, &man.pathconf.2;, + fa - file attribute access + - 疸追 掴嘖孃 壮夘怠堊 和濺穆, + 料侑浜賭 &man.stat.1;, &man.pathconf.2;, 堊勃 佻掴体挌 榑浜 嗜泰塢. - - file_creation + fc - file create - 疸追 嗜泰塢, 凖旁蒙堊堙 墨塹燮 嗜敖狙墫 徳別. - - file_deletion + fd - file delete - 疸追 嗜泰塢, 凖旁蒙堊堙 墨塹燮 嫩遡兩墫 徳別. - - file_attr_mod + fm - file attribute modify - 疸追 嗜泰塢, 凖旁蒙堊堙 墨塹燮 冨妖倫脊嗔 壮夘怠壅 徳別, 料侑浜賭, &man.chown.8;, &man.chflags.1;, &man.flock.2;. - - file_read + fr - file read - 疸追 嗜泰塢, 凖旁蒙堊堙 墨塹燮 侑鷲喩歪不 湟杜錨 珍領挌, 塰燮彖脊嗔 徳別 料 湟杜錨 .. - - file_write - + fw - file write - - 疸追 嗜泰塢, 凖旁蒙堊堙 墨塹燮 侑鷲喩歪不 - 攸佗嗹 珍領挌, 冨妖療良 徳別 堊 珍姪. + 攸佗嗹 珍領挌, 攸佗嗹 斌 冨妖療良 徳別 堊 珍姪. - - ioctl - + io - ioctl - 疸追 忸斛從 喇嘖斗力 噸遼檀 &man.ioctl.2;. - - ipc - + ip - ipc - 疸追 卅斂扶隣 徂掴 忱蘇溶津篇墸頻 侑話途嗜, - 徊明涸 嗜敖僧錨 療-浜杜彖領挌 冒料模 (pipe) + 徊明涸 嗜敖僧錨 療-浜杜彖領挌 冒料模 (POSIX pipe) 忱蘇溶津篇墸錨 侑話途嗜 嘖斌 System V IPC. - - login_logout - - 疸追 嗜泰塢 &man.login.1; &man.logout.1;. + lo - login_logout - + 疸追 嗜泰塢 &man.login.1; &man.logout.1;, + 侑鷲喩歪處蛭 喇嘖斗. - - non_attrib - + na - non attributable - 疸追 療-侑賓瓶掀租踊 嗜泰塢. - - no_class - - 勒嘖亙 北喪, 瓶佻蒙旁都嗔 通 塰明淌良 - 奏追堊. + no - invalid class - + 酖 嗜墸都嘖徼都 良冒防 嗜泰塢冤 奏追堊. - - network - + nt - network - 疸追 嗜泰塢, 嘛凉僧隣 單堙忸揺 佻痛明淌良冤, 料侑浜賭 &man.connect.2; &man.accept.2;. - - other - - 疸追 嗜泰塢, 療 從枦壷蛭 漬嫻錨 北喪噎. + ot - other - + 疸追 卅斂扶隣 嗜泰塢. - - process - + pc - process - 疸追 津篇墸品 侑話途嗜, 堊防 冒 &man.exec.3; &man.exit.3;. @@ -402,40 +427,40 @@ requirements. --> 徳別 audit_class audit_event. - 訌崢拱 北喪 墨預瀕敏嫖墫 侑兎彬嗜, 佻冒旛彖摂浜 嫩挿力 - 斌 療嫩挿力 攸彭叨杜錨 椀賭礎鰭. + 訌崢拱 北喪 奏追堊 墨預瀕敏嫖墫 侑兎彬嗜, 佻冒旛彖摂浜, + 冒防 椀賭礎鰭 怠蔦 孺不掀壮慯 - 嫩挿隣 斌 療嫩挿隣, + 堊勃 塹, 徊明涸都 棉 珍領叢 攸佗嗹 奏追 通 珍領惑 + 北喪啻 塢仭, 棉堆 塰明涸都 吐. [侖嘖亙 侑兎彬] - 疸追 侑從追墫 冒 通 - 孑佚枸惑, 堊 通 柯堆淮惑 嗜泰塢. 鄙侑浜賭, 侑腕塹 - 嬲惣僧錨 北喪啻 妥 侑兎彬啻 侑夫田都 攸療單良 嗜泰塢 - 嶮厠遡 侑 明堆 凖旁蒙堊堙 椀賭礎鰭. + 孑佚枸惑, 堊 通 柯堆淮惑 嗜泰塢. + - 疸追 塹蒙墨 孑佚枸挌 - 嗜泰塢. + 嗜泰塢 珍領詫 北喪單. - - 疸追 塹蒙墨 柯堆淮挌 - 嗜泰塢. + 嗜泰塢 珍領詫 北喪單. ^ - 鑚北折杜錨 奏追堊 冒 孑佚枸挌, 堊 - 柯堆淮挌 嗜泰塢. + 柯堆淮挌 嗜泰塢 珍領詫 北喪單. - ^- - 鑚北折杜錨 奏追堊 柯堆淮挌 - 嗜泰塢. + ^+ - 鑚北折杜錨 奏追堊 孑佚枸挌 + 嗜泰塢 珍領詫 北喪單. - ^+ - 北折杜錨 奏追堊 孑佚枸挌 - 嗜泰塢. + ^- - 鑚北折杜錨 奏追堊 柯堆淮挌 + 嗜泰塢 珍領詫 北喪單. @@ -454,16 +479,14 @@ requirements. --> 冨妖療良 塹蒙墨 鍔 墨瞭蒜孀礎貧領挌 徳別 喇嘖斗 奏追堊: audit_control audit_user. 霤叟拱 冨 良 嗜津雙不 - 和殄 料嘖厦碧 喇嘖斗 奏追堊 孑堊力徊 佻 嬪鰐涸良 冒 - 通 侑賓瓶掀租踊, 堊 通 療-侑賓瓶掀租踊 嗜泰塢. 塹厦 - 瓶佻蒙旁都嗔 通 料嘖厦碧 奏追堊 佻蒙斛彖堙蒙嗚蛭 嗜泰塢. + 和殄 料嘖厦碧 喇嘖斗 奏追堊, 徭碗亙 溶崚 瓶佻蒙斛彖墮嗔 + 通 堆姪 塹遼亙 料嘖厦碧 奏追堊 佻蒙斛彖堙姪. 譱別 <filename>audit_control</filename> - 譱別 audit_control 嗜津雙不 - 料嘖厦碧 佻 嬪鰐涸良, 墨塹燮, 從斃嵶, 佻墟殿嫖墫 - 冨妖良墮. 麩津雙浜賄 榑惑 徳別: + 酖墨塹燮 料嘖厦碧 佻 嬪鰐涸良 通 佻柘瓶堙踊 + 奏追堊 嗜津雙壮嗔 徳別 audit_control: dir:/var/audit flags:lo @@ -472,115 +495,120 @@ naflags:lo policy:cnt filesz:0 - 霑卅妖墟 嬲惣掀租 冒堊模, - 墨塹厦 怠津 嗜頒僧冱慯 嶮厠遡 喇嘖斗 奏追堊. 訌 + 双瓶 瓶佻蒙旁都嗔 通 + 孑堊力徊 歪力馬 斌 堆姪 冒堊模馬, + 墨塹燮 怠津 嗜頒僧冱慯 嶮厠遡 喇嘖斗 奏追堊. 縒棉 + 嬲惣僧 堆姪 淌 歪瀕 冒堊模, 塹 嬲惣僧隣 冒堊模派 + 怠蔦 瓶佻蒙斛彖墮嗔 佻 淌凖追, 佻 妖凖 攸佻摸杜頻. 訌 侑宋斌, 喇嘖斗 奏追堊 墨瞭蒜孀敏嫖墫 堊防 和卅斛, 湟 嶮厠遡 奏追堊 頒僧不嗔 料 堋徒慘詫 卅敖徒, 湟和 - 侑田墸卅塢墮 啾鷲 卅堆堙 椀賭礎貧領亙 喇嘖斗, 途棉 - 嘛和歪力 妖嘖 料 卅敖徒 喇嘖斗 奏追堊 怠津 - 瓶淌厥僧. - - 霑卅妖墟 瓶佻蒙旁都嗔 通 - 孑堊力徊 婆和遡慘挌 椀檀. 料淌良 榑惑 仭卅妖墟 - 料嘖卅夫租 奏追 通 徨堵 嗜泰塢 - &man.login.1; &man.logout.1;. 睿姪 佻漬和隣 - 侑浜賭: - - dir:/var/audit -flags:lo,ad,-all,^-fa,^-fc,^-cl -minfree:20 -naflags:lo + 侑田墸卅塢墮 佚凖單淌良 佻柘瓶堙踊 奏追堊 腕堊蒙隣 + 佻柘瓶堙 嗅孺租, 途棉 嘛和歪力 妖嘖 料 卅敖徒 + 喇嘖斗 奏追堊 怠津 瓶淌厥僧. + + 双瓶 瓶佻蒙旁都嗔 通 + 孑堊力徊 婆和遡慘亙 輿嗚 侑田彖夘堙蒙力馬 忸堆卅 + 通 侑賓瓶掀租踊 嗜泰塢. 侑浜賭 忸枦, 怠蔦 佻鍔賭覗墮嗔 + 奏追壞 冒 孑佚枸拇, 堊 療嫩挿隣 佻俎塰 徃歪 + 喇嘖斗 忸範珍 冨 療 通 徨堵 佻蒙斛彖堙姪 - 阻賄 變挿杜錨 仭卅妖墟 - 侑夫田都 奏追壞 徨堵 嗜泰塢 &man.login.1; - &man.logout.1;, 徨堵 祖揺良嘖卅塢徇挌 嗜泰塢, 徨堵 柯堆淮挌 - 喇嘖斗隣 嗜泰塢 , 料墨療, 塰明涸都 奏追 徨堵 柯堆淮挌 - 嗜泰塢 北喪嗜 , - . 酖嗟墟 料 塹, 湟 仭卅妖墟 - 嬲惣掀租 料 療和範追溶嘖 奏追堊 - 徨堵 喇嘖斗隣 嗜泰塢, 侑兎彬 塒杜囘 - 榑 佻彭津良 通 徨堵 佻嗅田媽殄 椀檀. - - 鼠都慥, 湟 變挿杜頻 嘲不掀狙墫 嗅砺 料侑宋. - 靉榑詫 料範佃殄途 嗤卅彖 變挿杜頻 佚凖椀凖津妄脊 變挿杜頻, - 料範佃殄途 嗅砺. - - 霑卅妖墟 椀凖津妄都 揺良輿蒙力 + 双瓶 椀凖津妄都 揺良輿蒙力 變挿杜錨 嘛和歪力馬 追嗚從馬 侑腕墟僧嘖彖 料 卅敖徒, - 墨塹燮 嗜頒僧兩墫 徳別 嶮厠遡 奏追堊. 鄙侑浜賭, 途棉 - 變挿杜錨 仭卅妖墟 孑堊力很杜 - /var/audit, 仭卅妖墟 - 卅彭 鍔祖蛋塢 (20), 塹 侑田孃凖崢狙歸 - 嗜和歸良 怠津 忸珍力, 墨把 卅敖徒 /var 怠津 攸佻摸杜 料 - 從單謡津嗔 (80%) 侑話杜塹. - - 霑卅妖墟 椀凖津妄都 北喪噎 - 奏追堊 通 療-侑賓瓶掀租踊 嗜泰塢, 塹 途墮 嗜泰塢, - 通 墨塹燮 療 椀凖津味 墨遼凖堽拱 佻蒙斛彖堙蒙. - + 墨塹燮 嗜頒僧兩墫 徳別 嶮厠遡 奏追堊. 誅把 珍領叢 + 拝僧秒 怠津 侑砺掏杜, 怠津 喃杜賭敏彖力 侑田孃凖崢杜錨. + 掏登夘彭津領拱 侑浜賭 孑堊料很夫租 揺良輿蒙力 嘛和歪力 + 侑腕墟僧嘖從 鍔祖蛋墮 侑話杜塹. + + 双瓶 椀凖津妄都 北喪噎 + 奏追堊 通 療-侑賓瓶掀租踊 嗜泰塢, 料侑浜賭, 侑話途嗜 + 徃歪 喇嘖斗 喇嘖斗隣 津溶力. + + 双瓶 椀凖津妄都 嗤瓶亘 + 凸素 佻棉塢防, 椀凖津妄摂妬 卅斂扶隣 喪佚穆 佻彭津良 + 奏追堊. 姪妖淋 嗤瓶冒 堋徒兩墫 漬嫻 漬嫻 攸佰壅揺. + 靉 嬪鰐涸良, 凸素 cnt 嬲惣掀租, 湟 + 喇嘖斗 掴網料 侑歪鰐崛墮 卅堆堊墮, 療嗟墟 料 柯陀 + 奏追堊 (珍領拱 凸素 淌輪 喇蒙力 凖墨妖猟嫖墫 瓶佻蒙斛彖墮). + 簟嫻亙 涸嘖鷲嗤鰐憙嫖踊 凸素 - argv, + 墨塹燮 攸嘖宋妄都 佻鍔賭覗墮 奏追壞 倉杯妖淋 墨輿猟力 + 嘖厦防 侑 忸斛彭 喇嘖斗力馬 忸斛彖 &man.execve.2;, 冒 + 涸嘖 忸佻摸杜頻 墨輿猟. + + 双瓶 椀凖津妄都 + 輿睦浜遡慘拱 卅斃賭 汰編組, 掴 墨塹厦馬 溶崚 卅嘖 + 嶮厠遡 嗜泰塢 奏追堊, 侑砥津 淌 藁 怠津 宋塹輿塢淌嗚 + 攸墨涙杜 佻鍔賭芭孕 厦堊檀. 靉 嬪鰐涸良, 變挿杜錨 0 + 攸侑倒租 宋塹輿塢淌嗚媽 厦堊檀 模馬. 縒棉 墟殿嫖踊 + 卅斃賭 徳別 療燐姪從, 力 良崚 揺良輿蒙力馬 變挿杜頻 + 512, 塹 藁 怠津 侑鷲芭碗敏彖, 怠津 喃杜賭敏彖力 + 侑田孃凖崢狙歸 嗜和歸良 模覗. 譱別 <filename>audit_user</filename> - 譱別 audit_user 佻旌鰐囘 - 祖揺良嘖卅塹簒 椀凖津棉墮 北喪噎 嗜泰塢, 奏追 墨塹燮 怠津 - 侑鷲旌歪不慯 通 冒崢惑 佻蒙斛彖堙妄 喇嘖斗. - - 靉 嬪鰐涸良 徳別 audit_user - 嗜津雙不: - - root:lo:no -audit:fc:no - - 鐶卅塢堙 徇浜僧錨: 佻 嬪鰐涸良 侑鷲旌歪不嗔 奏追 徨堵 - login/logout 嗜泰塢 - 塰明涸都嗔 奏追 徨堵 漬嫻蛭 嗜泰塢 通 佻蒙斛彖堙妄 - root. 堊 墨瞭蒜孀礎頻 堊勃 徊明涸都 - 奏追 徨堵 嗜泰塢, 嘛凉僧隣 嗜敖僧錨 徳別 塰明涸都 - 奏追 徨堵 漬嫻蛭 嗜泰塢 通 佻蒙斛彖堙妄 - audit. 莽墹 瓶佻蒙斛彖良 喇嘖斗 - 奏追堊 療 墟殿嫖 料棉淺 喇嘖斗 嗤澱描蒙力馬 - 佻蒙斛彖堙妄, 療墨塹燮 墨瞭蒜孀礎頻, 腕和杜力 - 瓶佻蒙旁摂蛭 MAC (Mandatory Access - Control), 榑 溶崚 泰墮 療和範追溶. + 當揺良嘖卅塹 溶崚 椀凖津棉墮 掴佻摸不徒慘拇 + 墟殿彖良 奏追壞 通 墨遼凖堽挌 佻蒙斛彖堙姪 + 徳別 audit_user. + 訌崢叢 嘖厦冒 墨瞭蒜孀敏嫖 奏追 通 佻蒙斛彖堙妄 + 瓶佻蒙斛彖良斗 鍔嬌 佻姪: 佚叟賄 佻姪 + alwaysaudit, 墨塹厦 椀凖津妄都 + 料堆 嗜泰塢, 墨塹燮 掴網隣 徨吐珍 佻鍔賭覗墮嗔 + 奏追壞 通 珍領惑 佻蒙斛彖堙妄, 徭碗賄 - 佻姪 + neveraudit, 墨塹厦 椀凖津妄都 + 料堆 嗜泰塢, 墨塹燮 良墨把 療 掴網隣 佻鍔賭覗墮嗔 + 奏追壞 通 佻蒙斛彖堙妄. + + 酩崚嗅田媽殄 侑浜賭 audit_user + 侑從追 奏追 徨堵 嗜泰塢 徃歪 喇嘖斗 忸範珍 冨 + 喇嘖斗 通 佻蒙斛彖堙妄 root, + 堊勃 侑從追 奏追 徨堵 嗜泰塢, 嘛凉僧隣 嗜敖僧錨 + 徳別 孑佚枸挈 忸佻摸杜錨 墨輿猟 通 佻蒙斛彖堙妄 + www. 靤 瓶佻蒙斛彖良 + 忸枦侑夫田杜隣 侑浜賭詫 徳別 audit_control, + 攸佗嗹 loroot + 况妄都嗔 棉枸妬, 牧詫 塹馬, 嗜泰塢 徃歪 喇嘖斗 忸範珍 + 冨 喇嘖斗 怠蔦 佻鍔賭覗墮嗔 奏追壞 通 佻蒙斛彖堙妄 + www. + + root:lo,+ex:no +www:fc,+ex:no - 當揺良嘖夘厦彖良 喇嘖斗 奏追堊 + 當揺良嘖夘厦彖良 佻柘瓶堙踊 奏追堊 靤腕溶墟 嶮厠遡 奏追堊 孀料 奏追堊 頒僧不嗔 舵料厠詫 届厖壮 BSM, 佻榑詫 通 吐 冨妖療良 墨臨賭堊檀 堙睦塹忸 届厖壮 佻料掴耐墫 嗤澱描蒙隣 - 孕斌不. 誅輿猟 praudit 侑渡岱惣嫖 嶮厠遡 奏追堊 - 堙睦塹忸 届厖壮; 墨輿猟 auditreduce 溶崚 泰墮 + 孕斌不. 誅輿猟 &man.praudit.1; 侑渡岱惣嫖 嶮厠遡 奏追堊 + 堙睦塹忸 届厖壮; 墨輿猟 &man.auditreduce.1; 溶崚 泰墮 瓶佻蒙斛彖料 通 厦堊檀 読蒙墟礎鰭 嶮厠遡 壇妄 僧遡冨, - 倉班徂厦彖良 斌 卅嗤党壮防. 誅輿猟 auditreduce - 佻陳賭嵒彖都 洋崚嘖從 仭卅妖墟 忸堆卷, 徊明涸 塢俎 嗜泰塢, 北喪噎 - 嗜泰塢, 佻蒙斛彖堙蒙嗚錨 嗜泰塢, 珍壞 徠斗 嗜泰塢 侖塢 徳別, - 墨塹燮 堽腕冱嗔 嗜泰塢. + 倉班徂厦彖良 斌 卅嗤党壮防. 輓崚嘖從 仭卅妖墟 忸堆卷 + 佻陳賭嵒彖脊嗔 墨輿猟亙 &man.auditreduce.1;, 徊明涸 塢俎 + 嗜泰塢, 北喪噎 嗜泰塢, 墨遼凖堽惑 佻蒙斛彖堙妄, 珍壞 + 徠斗 嗜泰塢, 堊勃 侖塢 徳別, 墨塹燮 堽腕冱嗔 嗜泰塢. - 鄙侑浜賭, 孕斌不 praudit 忸彭津 徨 嗜津雙浜賄 + 鄙侑浜賭, 孕斌不 &man.praudit.1; 忸彭津 徨 嗜津雙浜賄 嶮厠遡 奏追堊 堙睦塹從 届厖壮: &prompt.root; praudit /var/audit/AUDITFILE - 珍領詫 侑浜賭 AUDITFILE - 嶮厠遡, + 珍領詫 侑浜賭 AUDITFILE - 嶮厠遡, 墨塹燮 怠津 忸彭津 堙睦塹從 届厖壮. 孀料 奏追堊 嗜嘖鷲 冨 單夘 攸佗單, 墨塹燮, 嘛論 - 淌凖椿 嗜嘖湾 冨 槎斗杜塹. 塢 槎斗杜壅 墨輿猟 - praudit 忸從追 佻嗅田彖堙蒙力 - 佻 歪力葉 料 嘖厦釦. - 訌崢拱 槎斗杜 浜電 嗤澱鋲扶途防 塢, 料侑浜賭 - 攸馬模從 (header) 嗜津雙不 攸馬模從 pfgbcb, a + 淌凖椿 嗜嘖湾 冨 槎斗杜塹, 墨塹燮 墨輿猟 &man.praudit.1; + 忸從追 佻嗅田彖堙蒙力 - 佻 歪力葉 料 嘖厦釦. 訌崢拱 槎斗杜 + 浜電 嗤澱鋲扶途防 塢, 料侑浜賭 + 攸馬模從 (header) 嗜津雙不 攸馬模從 攸佗喇, a 侖墮 (path) - 侖墮 徳別, 墨塹厦葉 堽腕不嗔 攸佗嗹. - lookup. 麑田媽殄 侑浜賭 佻冒旛彖都 攸佗嗹 通 嗜泰塢 忸佻摸杜頻 - (execve): + 麑田媽殄 侑浜賭 佻冒旛彖都 攸佗嗹 通 嗜泰塢 execve: header,133,10,execve(2),0,Mon Sep 25 15:58:03 2006, + 384 msec exec arg,finger,doug @@ -590,27 +618,33 @@ subject,robert,root,wheel,root,wheel,384 return,success,0 trailer,133 - 堊 攸佗嗹 况妄都嗔 凖旁蒙堊塹 孑佚枸惑 忸佻摸杜頻 喇嘖斗力馬 + 堊 攸佗嗹 墟爽租 凖旁蒙堊 孑佚枸惑 忸佻摸杜頻 喇嘖斗力馬 忸斛彖 execve, 墨塹燮 嘖遡 凖旁蒙堊塹 忸佻摸杜頻 - 墨輿猟 finger doug. 姪妖淋 exec 嗜津雙不 - 墨輿猟, 墨塹簒 和鰐淤 佚凖珍盟 冂簒, 電 倉杯妖淋. 姪妖淋 + 墨輿猟 finger doug. 槎斗杜堊 攸佗喇 途墮 + 墨輿猟料 嘖厦冒, 墨塹簒 和鰐淤 佚凖珍盟 冂簒. 姪妖淋 侖墮 (path) 嗜津雙不 侖墮 瓶佻摸囘溶葉 徳別 侑田嘖宋姪良 冂卅. 姪妖淋 壮夘怠 (attribute) - 椀瓶掀租 瓶佻摸囘踊 徳別, , 涸嘖力嘖, 侑宋 掴嘖孃 徳別. - 姪妖淋 嗾貸屠 (subject) 椀瓶掀租 侑話途, 忸旌宋柯 - 忸佻摸杜錨 嗜頒僧囘 吐 徂津 厮珍 變挿杜品, 侑田嘖宋妄摂蛭 嗜堆 - UID 奏追簒斗惑 佻蒙斛彖堙妄, 瓶佻摸兩殄 (effective) UID GID, - 凖遡慘拇 (real) UID GID, 苗杜塢読冒塹 侑話途啻, 苗杜塢読冒塹 單嗷鰭, - 佻參 祖凖, 墨塹厦馬 泰 腕斈途墸姪 徃歪 喇嘖斗. - 鐶卅塢堙 徇浜僧錨 - 苗杜塢読冒塹 奏追簒斗惑 佻蒙斛彖堙妄 凖遡慘拱 - 苗杜塢読冒塹 佻蒙斛彖堙妄 毀扶狙墫: 榑 變挿不, 湟 佻蒙斛彖堙蒙 - robert 佻忸喇 侑夫斌吐鰭 掴 佻蒙斛彖堙妄 - root 佚凖 忸佻摸杜錨 墨輿猟, 力 喇嘖斗 奏追堊 - 攸療嗅 吐 津篇墸頻 嶮厠遡 瓶佻蒙旁 冨料涸蒙隣 苗杜塢読冒塹. - 鄙墨療, 槎斗杜 從旌卅 (return) 椀瓶掀租 孑佚枸賄 + 椀瓶掀租 瓶佻摸囘踊 徳別, , 涸嘖力嘖, 凖嵒 徳別, 湟 + 溶嵶 瓶佻蒙斛彖墮 通 椀凖津姪良, 瓶佻蒙斛彖模 棉 侑斌崚良 + setuid. 姪妖淋 嗾貸屠 (subject) 椀瓶掀租 侑話途, 忸旌宋柯 + 嗜頒僧囘 吐 徂津 厮珍 變挿杜品, 侑田嘖宋妄摂蛭 嗜堆 + ID 奏追簒斗惑 佻蒙斛彖堙妄, 瓶佻摸兩殄 (effective) UID GID, + 凖遡慘拇 ID 佻蒙斛彖堙妄 拝孃俎, 苗杜塢読冒塹 侑話途啻, + 苗杜塢読冒塹 單嗷鰭, 佻參 祖凖, 墨塹厦馬 泰 腕斈途墸姪 + 徃歪 喇嘖斗. 鐶卅塢堙 徇浜僧錨 - 苗杜塢読冒塹 奏追簒斗惑 + 佻蒙斛彖堙妄 凖遡慘拱 苗杜塢読冒塹 佻蒙斛彖堙妄 毀扶狙墫: + 榑 變挿不, 湟 佻蒙斛彖堙蒙 robert 佻忸喇 + 侑夫斌吐鰭 掴 佻蒙斛彖堙妄 root 佚凖 + 忸佻摸杜錨 墨輿猟, 力 喇嘖斗 奏追堊 攸療嗅 吐 津篇墸頻 + 嶮厠遡 瓶佻蒙旁 冨料涸蒙隣 苗杜塢読冒塹. 鄙墨療, 槎斗杜 + 從旌卅 (return) 椀瓶掀租 孑佚枸賄 攸彭叨杜錨 椀賭礎鰭 墨掴 攸彭叨杜頻 0, 槎斗杜 trailer 攸彭叨租 攸佗嗹. + 篩領拇 届厖壮 XML 堊勃 溶嵶 + 忸彭嘖 佻溶毆 墨輿猟 &man.praudit.1;, 瓶佻蒙旁 倉杯妖淋 + . + @@ -622,8 +656,8 @@ trailer,133 &prompt.root; auditreduce -u trhodes /var/audit/AUDITFILE | praudit - 堊 墨輿猟 忸津棉 徨 攸佗喇, 堽腕處錨嗔 佻蒙斛彖堙明 - trhodes, 墨塹燮 頒僧冱嗔 徳別 + 堊 墨輿猟 忸津棉 徨 攸佗喇, 堽腕處錨嗔 + trhodes, 墨塹燮 頒僧冱嗔 AUDITFILE. @@ -631,50 +665,55 @@ trailer,133 篥姪派厦彖良 侑宋 侑腕溶墟 嶮厠遡 姪隣 拝孃俎 audit 浜点 掴嘖孃 料 湟杜錨 - 嶮厠遡 奏追堊, 料範佃歸葉嗔 /var/audit; + 嶮厠遡 奏追堊, 料範佃歸葉嗔 + /var/audit; 佻 嬪鰐涸良 榑 拝孃仭 侖嘖, 塹蒙墨 root 浜電 良 掴嘖孃. 簗 塹馬, 湟 泰 佚凖珍墮 佻蒙斛彖堙明 侑宋 料 湟杜錨 嶮厠遡, 吐 療和範追溶 掴汰徂墮 拝孃侖 audit. 靤宋 料 湟杜錨 嶮厠遡 奏追堊 佻旌鰐囘 佻盲淺墮 洋崚嘖從 - 瀕届厖礎鰭 佻彭津良 佻蒙斛彖堙姪 侑話途嗜, 湟 溶崚 侑夫途塢 - 卅嗚燮塢 墨瞭苗杜檀遡慘挌 珍領挌. 靉榑詫, 凖墨妖猟嫖墫 津姪派厦彖墮 - 侑宋 料 湟杜錨 嶮厠遡 奏追堊 堆蒙柤 腕塹厦嵶腕墮. + 瀕届厖礎鰭 佻彭津良 佻蒙斛彖堙姪 侑話途嗜, 佻榑詫, + 凖墨妖猟嫖墫 津姪派厦彖墮 侑宋 料 湟杜錨 嶮厠遡 奏追堊 + 堆蒙柤 腕塹厦嵶腕墮. - 輜良塹夘稜 喇嘖斗 凖遡慘詫 徠斗杜 + 輜良塹夘稜 喇嘖斗 凖遡慘詫 徠斗杜 瓶佻蒙斛彖良斗 佻塹墨 奏追堊 - 靉塹防 喇嘖斗 奏追堊 - 北藁敏彖領拇 佯砺掴-孑墟亙嘖彖, - 瓶佻蒙旁 墨塹燮, 侑斌崚良 溶杯 佻盲涸墮 瀕届厖礎廟 喇嘖斗隣 - 嗜泰塢冏 凖遡慘詫 徠斗杜. 佚叟媽 淌凖椿, 榑 掴網力 - 攸瀕堙凖嗜彖墮 宋塹厦 侑惑卅様 通 溶良塹夘稜 椀凖津姪良 - 徭碗崚良 喇嘖斗. 斗 療 妖療, 通 祖揺良嘖卅塹卅 佻塹防 - 喇嘖斗 奏追堊 溶杯 嘖壮 嫩和隣 瀕嘖簒妖淋詫 通 溶良塹夘稜 - 凖遡慘詫 徠斗杜 妥 塹馬, 湟和 彡宋壮慯 津堊棉 和途佚淌良 - 妥斛仭嗄腕塢 侑 佚凖珍淺 侑宋 料 湟杜錨 嶮厠遡 奏追堊. 簗 塹馬, - 湟和 佻盲淺墮 佻塹 嗜泰塢 凖遡慘詫 徠斗杜 瓶佻蒙旁編 + 靉塹防 喇嘖斗 奏追堊 - 北藁敏彖領拇 佯砺掴-孑墟亙嘖彖 + 徳別從 喇嘖斗 孑墟亙嘖, 瓶佻蒙旁 墨塹燮, 侑斌崚良 溶杯 + 佻盲涸墮 瀕届厖礎廟 喇嘖斗隣 嗜泰塢冏 凖遡慘詫 徠斗杜. + 佚叟媽 淌凖椿, 榑 掴網力 攸瀕堙凖嗜彖墮 宋塹厦 侑惑卅様 + 通 溶良塹夘稜 椀凖津姪良 徭碗崚良 喇嘖斗. 斗 療 + 妖療, 通 祖揺良嘖卅塹卅 佻塹防 喇嘖斗 奏追堊 溶杯 嘖壮 + 嫩和隣 瀕嘖簒妖淋詫 通 溶良塹夘稜 凖遡慘詫 徠斗杜 妥 + 侑和姪, 嘛斫僧隣 侑宋鼠 徳別 奏追堊, 從斃嵶腕墮 + 侑話途啻 厦堊檀, 湟 侑夫田都 和燮徼 佻塹冒 嗜泰塢. + 簗 塹馬, 湟和 佻盲淺墮 佻塹 嗜泰塢 凖遡慘詫 徠斗杜 瓶佻蒙旁編 嗅田媽殳 墨輿猟: &prompt.root; praudit /dev/auditpipe - 靉 嬪鰐涸良, 佻塹防 掴嘖孃隣 塹蒙墨 佻蒙斛彖堙明 root. 塹泰 - 喞徒壮 蛭 掴嘖孃隣揺 淕杜鼠 拝孃俎 audit 掴汰忤堙 + 靉 嬪鰐涸良, 佻塹防 掴嘖孃隣 塹蒙墨 佻蒙斛彖堙明 root. + 塹泰 喞徒壮 蛭 掴嘖孃隣揺 淕杜鼠 拝孃俎 audit 掴汰忤堙 侑宋斌 devfs 徳別 devfs.rules: add path 'auditpipe*' mode 0440 group audit - 麝墟不 嘖卅良稚 嗤卅從淮彬 &man.devfs.rules.5; 通 堆姪 佻摸亙 + 麝墟不 &man.devfs.rules.5; 通 堆姪 佻摸亙 瀕届厖礎鰭 料嘖厦碧 徳別從 喇嘖斗 devfs. 靤 療腕塹厦嵶詫 瓶佻蒙斛彖良 從斃嵶 從變彬力彭良 妥嗚藁党隣 檀北 嗜泰塢. 鄙侑浜賭, 途棉 奏追壞 佻鍔賭覗脊嗔 徨 椀賭礎鰭 - 單堙從馬 忻歪-忸從珍, 墨輿猟 praudit - 攸侖歸料 從 徠斗 SSH-單嗷鰭, 塹 明堆 嗜泰塢 佻厦追 忸從 - 嗜和歸良, 墨塹厦 嘛論 淌凖椿 塹崚 怠津 嗜泰塢斗 堊 掴 - 妥嗚藁党力嘖. 鯀旁洋電 怠津 療 攸侖嗚壮 praudit - 料 佻塹謀 嗜泰塢 冨 單嗷鰭, 墨塹卅 津堊蒙力 嶮厠遡敏嫖墫. + 單堙從馬 忻歪-忸從珍, 墨輿猟 &man.praudit.1; + 攸侖歸料 從 徠斗 SSH-單嗷鰭, 塹 怠津 喃杜賭敏彖 + 佻嘖湾領拱 佻塹 嗜和歸良 奏追堊, 堊 冒 冒崢賄 嗜泰塢 + 忸斛彭 倒 藁掴 嗜泰塢, 堊 掴 妥嗚藁党力嘖. + 鯀旁洋電 怠津 攸侖嗚壮 &man.praudit.1; + 料 孑墟亙嘖彭 佻塹冒 塹蒙墨 冨 單嗷品, 墨塹燮 + 療 堆蒙柤馬 奏追堊 忻歪-忸從珍, 湟和 冨妥崛墮 堊墨馬 + 佻彭津良. @@ -682,20 +721,20 @@ trailer,133 鯱堊檀 嶮厠遡慘挌 徳別 奏追堊 孀料 奏追堊 佗枦墫 塹蒙墨 冂厦 孃卅很囘墫 塹蒙墨 津溶力 - 奏追堊 auditd. 當揺良嘖卅塹燮 療 掴網隣 俎堊墮嗔 + 奏追堊 &man.auditd.8;. 當揺良嘖卅塹燮 療 掴網隣 俎堊墮嗔 瓶佻蒙斛彖墮 &man.newsyslog.conf.5; 斌 漬嫻錨 瀕嘖簒妖淋 通 侑冤亙 厦堊檀 模馬. 妖嘖 榑惑, 通 侑屠卅歸良 奏追堊, 凖墨瞭蒜孀礎鰭 厦堊檀 嶮厠遡慘挌 徳別 掴網料 瓶佻蒙斛彖墮嗔 - 墨輿猟 audit. 麑田媽歔 墨輿猟 侑夫田都 + 墨輿猟 &man.audit.8;. 麑田媽歔 墨輿猟 侑夫田都 嗜敖僧廟 力從馬 嶮厠遡慘惑 徳別 珍嘖 墨輿猟 冂簒 佚凖北折不慯 料 攸佗嗹 榑 徳別. 靤塹墨棉厦彖良 嘖倉拱 徳別 怠津 侑屠卅歸力, - 啻 徳別 - 佚凖浜杜彖. 塹 凖墨妖猟彖領拱 嗤腕和 厦堊檀 - 嶮厠遡慘挌 徳別. + 啻 徳別 - 佚凖浜杜彖, 凖旁蒙堊堙 淌馬 良 溶嵶 怠津 + 卅堆堊墮 祖揺良嘖卅塹簒. &prompt.root; audit -n - 縒棉 津溶 auditd 療 攸侖歸, 塹 榑 墨輿猟 + 縒棉 &man.auditd.8; 療 攸侖歸, 塹 榑 墨輿猟 亘藁淺墫 療嫩挿妬 怠津 忸彭津力 嗜和歸良 和 柯陀. @@ -708,10 +747,10 @@ trailer,133 蠣妖療良 徨壞佰 喇盲 佻嗅 嗜頒僧杜頻 徳別 /etc/crontab. - 疱塹輿塢淌嗚叢 厦堊檀 嶮厠遡慘挌 徳別 從斃嵶 侑 瓶佻蒙斛彖良 - 椀檀 徳別 - &man.audit.control.5;, 椀瓶僧 單肪鰭 - "耋厖壮 墨瞭蒜孀礎貧領惑 徳別". + 疱塹輿塢淌嗚叢 厦堊檀 嶮厠遡慘挌 徳別 料 腕力彖良 + 蛭 卅斃賭 從斃嵶 侑 瓶佻蒙斛彖良 椀檀 + 徳別 &man.audit.control.5;, 椀瓶僧 卅敖徒 + "耋厖壮 墨瞭蒜孀礎貧領惑 徳別" 珍領亙 婆宋. @@ -719,10 +758,10 @@ trailer,133 靉嗚鰐慄 嶮厠遡慘拇 徳別 溶杯 掴嘖蒜壮 淌輪 堆蒙柯 卅斃賭, 溶崚 從變彬燐墮 療和範追溶嘖 嗽浜壮 蛭 壇妄 頒僧杜頻 嘔惣 崚 - 佻嗅 攸牧捏頻 蛭 津溶力 auditd. 簗 忸佻摸杜頻 - 椀凖津姪領挌 佻蒙斛彖堙姪 津篇墸品 嗜墸都嘖徼摂蛭 卅變蕨岱惣隣 - 嗜泰塢冤 喇嘖斗 奏追堊, 徊明涸 力厖遡慘賄 攸彭叨杜錨 卅堆壅 喇嘖斗 - 奏追堊 読蒙墟礎廟 嶮厠遡慘挌 徳別, 溶崚 泰墮 瓶佻蒙斛彖 嗚夘來 + 佻嗅 攸牧捏頻 蛭 津溶力 奏追堊. 簗 忸佻摸杜頻 + 椀凖津姪領挌 佻蒙斛彖堙姪 津篇墸品, 嗜墸都嘖徼摂蛭 卅變蕨岱惣隣 + 嗜泰塢冤 喇嘖斗 奏追堊, 徊明涸 力厖遡慘賄 攸彭叨杜錨 嶮厠遡 + 奏追堊 侑 蛭 厦堊檀, 溶崚 泰墮 瓶佻蒙斛彖 嗚夘來 audit_warn. 鄙侑浜賭, 掴汰很杜錨 嗅田媽殄 嘖厦 徳別 audit_warn 侑夫田都 嗽壮廟 徳別 佻嗅 吐 攸牧捏頻: @@ -734,13 +773,12 @@ if [ "$1" = closefile ]; then gzip -9 $2 fi - 靤浜賭鼠 漬嫻蛭 津篇墸品 溶杯 泰墮, 料侑浜賭, 墨佗厦彖良 徳別 妖嘖 蛭 - 佻嗅田媽歸馬 頒僧杜頻, 嫩遡杜錨 嘖倉挌 嶮厠遡慘挌 徳別, 読蒙墟礎頻 - 嶮厠遡慘挌 徳別 通 嫩遡杜頻 療燐嵶挌 攸佗單. 麕夘來 - audit_warn 怠津 攸侖歸 塹蒙墨 塹蒙墨 侑 - 墨厰屠堽詫 攸牧捏鰭 嶮厠遡 喇嘖斗亙 奏追堊 療 攸侖嘖不嗔 - 通 嶮厠遡慘挌 徳別, 攸佗嗹 墨塹燮 泰盟 侑屠卅歸料 - 凖旁蒙堊堙 療墨厰屠堽惑 攸彭叨杜頻. + 靤浜賭鼠 漬嫻蛭 津篇墸品 溶杯 泰墮, 料侑浜賭, 墨佗厦彖良 徳別 + 奏追堊 料 壇淋卅棉斛彖領拱 單叟賭, 嫩遡杜錨 嘖倉挌 嶮厠遡慘挌 徳別, + 読蒙墟礎頻 嶮厠遡慘挌 徳別 通 嫩遡杜頻 療燐嵶挌 攸佗單. 麕夘來 + 怠津 攸侖歸 塹蒙墨 塹蒙墨 侑 墨厰屠堽詫 攸牧捏鰭 嶮厠遡 喇嘖斗亙 + 奏追堊 療 攸侖嘖不嗔 通 嶮厠遡慘挌 徳別, 攸佗嗹 墨塹燮 泰盟 + 侑屠卅歸料 凖旁蒙堊堙 療墨厰屠堽惑 攸彭叨杜頻. From owner-svn-doc-all@FreeBSD.ORG Wed Apr 16 17:32:07 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4957B86A; Wed, 16 Apr 2014 17:32:07 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2A5E41A81; Wed, 16 Apr 2014 17:32:07 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3GHW7Nf037833; Wed, 16 Apr 2014 17:32:07 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3GHW7G5037832; Wed, 16 Apr 2014 17:32:07 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404161732.s3GHW7G5037832@svn.freebsd.org> From: Dru Lavigne Date: Wed, 16 Apr 2014 17:32:07 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44582 - head/en_US.ISO8859-1/books/handbook/network-servers X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2014 17:32:07 -0000 Author: dru Date: Wed Apr 16 17:32:06 2014 New Revision: 44582 URL: http://svnweb.freebsd.org/changeset/doc/44582 Log: Finish editorial pass through Apache chapter. Update mod_php to reflect the new port. Comment out some of the mod_php config until it can be confirmed as required--the new port does not add these lines and I suspect they were only needed in Apache 1.x. Add some references. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Wed Apr 16 17:21:04 2014 (r44581) +++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Wed Apr 16 17:32:06 2014 (r44582) @@ -4498,21 +4498,21 @@ DocumentRoot /www/someother - <filename>mod_perl2</filename> + <filename>mod_perl</filename> - mod_perl2 + mod_perl Perl The - mod_perl2 module makes it possible + mod_perl module makes it possible to write Apache modules in Perl. In addition, the persistent interpreter embedded in the server avoids the overhead of starting an external interpreter and the penalty of Perl start-up time. - The mod_perl2 can be installed using the + The mod_perl can be installed using the www/mod_perl2 package or port. Documentation for using this module can be found at /www/someother - <application>mod_php</application> + <filename>mod_php</filename> @@ -4539,57 +4539,27 @@ DocumentRoot /www/someother PHP - PHP, also known as - PHP: Hypertext Preprocessor is a + PHP: Hypertext Preprocessor + (PHP) is a general-purpose scripting language that is especially suited - for Web development. Capable of being embedded into - HTML its syntax draws upon C, &java;, and - Perl with the intention of allowing web developers to write + for web development. Capable of being embedded into + HTML, its syntax draws upon + C, &java;, and + Perl with the intention of allowing web developers to write dynamically generated webpages quickly. To gain support for PHP5 for the - Apache web server, begin by - installing the lang/php5 - port. - - If the lang/php5 - port is being installed for the first time, available - OPTIONS will be displayed automatically. - If a menu is not displayed, i.e., because the - lang/php5 port has been installed some - time in the past, it is always possible to bring the - options dialog up again by running: - - &prompt.root; make config - - in the port directory. - - In the options dialog, check the - APACHE option to build - mod_php5 as a loadable module for - the Apache web server. - - - A lot of sites are still using PHP4 - for various reasons (i.e., compatibility issues or already - deployed web applications). If the - mod_php4 is needed instead of - mod_php5, then please use the - lang/php4 port. The - lang/php4 port - supports many of the configuration and build-time options - of the lang/php5 - port. - - - This will install and configure the modules required + Apache web server, + install the www/mod_php5 package or + port. This will install and configure the modules required to support dynamic PHP applications. - Check to ensure the following sections have been added to - /usr/local/etc/apache22/httpd.conf: + The installation will automatically add this line to + /usr/local/etc/apache24/httpd.conf: - LoadModule php5_module libexec/apache/libphp5.so - - AddModule mod_php5.c + LoadModule php5_module libexec/apache24/libphp5.so + + Then, perform a graceful + restart to load the PHP module: &prompt.root; apachectl graceful - For future upgrades of PHP, the - make config command will not be required; - the selected OPTIONS are saved - automatically by the &os; Ports framework. - - The PHP support in &os; is extremely - modular so the base install is very limited. It is very - easy to add support using the + The PHP support provided by + www/mod_php5 + is limited. Additional + support can be installed using the lang/php5-extensions - port. This port provides a menu driven interface to - PHP extension installation. - Alternatively, individual extensions can be installed using - the appropriate port. - - For instance, to add support for the - MySQL database server to - PHP5, simply install the port + port which provides a menu driven interface to the available + PHP extensions. + + Alternatively, individual extensions can be installed using + the appropriate port. For instance, to add PHP support for the + MySQL database server, install databases/php5-mysql. After installing an extension, the @@ -4640,15 +4603,11 @@ DocumentRoot /www/someother dynamic - In the last decade, more businesses have turned to the - Internet in order to enhance their revenue and increase - exposure. This has also increased the need for interactive - web content. While some companies, such as µsoft;, - have introduced solutions into their proprietary products, - the open source community answered the call. Modern options - for dynamic web content include Django, Ruby on Rails, - mod_perl2, and - mod_php. + In addition to mod_perl and + mod_php, other languages are + available for creating dynamic web content. These include + Django and + Ruby on Rails. Django @@ -4656,54 +4615,54 @@ DocumentRoot /www/someother Python Django - Django is a BSD licensed framework designed to allow + Django is a BSD-licensed framework designed to allow developers to write high performance, elegant web applications quickly. It provides an object-relational - mapper so that data types are developed as Python objects, - and a rich dynamic database-access API is provided for those - objects without the developer ever having to write SQL. It + mapper so that data types are developed as Python objects. + A rich dynamic database-access API is provided for those + objects without the developer ever having to write SQL. It also provides an extensible template system so that the - logic of the application is separated from the HTML + logic of the application is separated from the HTML presentation. - Django depends on mod_python, - Apache, and an SQL database - engine. The &os; Port will install all of - these pre-requisites with the appropriate - flags. - - - Installing Django with - <application>Apache2</application>, - <application>mod_python3</application>, and - <application>PostgreSQL</application> - - &prompt.root; cd /usr/ports/www/py-django; make all install clean -DWITH_MOD_PYTHON3 -DWITH_POSTGRESQL - - - Once Django and these pre-requisites are installed, - the application will need a Django project directory along - with the Apache configuration to use the embedded Python - interpreter. This will be the interpreter to - call the application for specific URLs on the site. - - - Apache Configuration for Django/mod_python - - A line must be added to the apache - httpd.conf file to configure Apache - to pass requests for certain URLs to the web - application: + Django depends on mod_python, + and an SQL database + engine. In &os;, the www/py-django port + automatically installs mod_python and + supports the PostgreSQL, + MySQL, or + SQLite databases, with the default + being SQLite. To change the + datbase engine, type make config within + /usr/ports/www/py-django, then install + the port. + + Once Django is installed, + the application will need a project directory along + with the Apache configuration in order to + use the embedded Python + interpreter. This interpreter is used to + call the application for specific URLs on the site. + + To configure Apache to pass + requests for certain URLs to the web + application, add the following to + httpd.conf, specifying the full path to + the project directory: <Location "/"> SetHandler python-program - PythonPath "['/dir/to/the/django/packages/'] + sys.path" + PythonPath "['/dir/to/the/django/packages/'] + sys.path" PythonHandler django.core.handlers.modpython SetEnv DJANGO_SETTINGS_MODULE mysite.settings PythonAutoReload On PythonDebug On </Location> - + + Refer to https://docs.djangoproject.com/en/1.6/ + for more information on how to use + Django. @@ -4711,13 +4670,17 @@ DocumentRoot /www/someother Ruby on Rails - Ruby on Rails is another open source web framework that - provides a full development stack and is optimized to make + Ruby on Rails is another open source web framework that + provides a full development stack. It is optimized to make web developers more productive and capable of writing - powerful applications quickly. It can be installed easily - from the ports system. + powerful applications quickly. On &os;, tt can be installed + using the www/rubygem-rails package or + port. - &prompt.root; cd /usr/ports/www/rubygem-rails; make all install clean + Refer to http://rubyonrails.org/documentation + for more information on how to use Ruby on + Rails. From owner-svn-doc-all@FreeBSD.ORG Wed Apr 16 17:18:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 687E5413; Wed, 16 Apr 2014 17:18:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 53D4A1891; Wed, 16 Apr 2014 17:18:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3GHIN2x030371; Wed, 16 Apr 2014 17:18:23 GMT (envelope-from taras@svn.freebsd.org) Received: (from taras@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3GHINHj030370; Wed, 16 Apr 2014 17:18:23 GMT (envelope-from taras@svn.freebsd.org) Message-Id: <201404161718.s3GHINHj030370@svn.freebsd.org> From: Taras Korenko Date: Wed, 16 Apr 2014 17:18:23 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44580 - head/ru_RU.KOI8-R/books/handbook/audit X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Wed, 16 Apr 2014 17:59:56 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2014 17:18:23 -0000 Author: taras Date: Wed Apr 16 17:18:22 2014 New Revision: 44580 URL: http://svnweb.freebsd.org/changeset/doc/44580 Log: MFen: + books/handbook/audit/chapter.xml r43688 --> r44395 Modified: head/ru_RU.KOI8-R/books/handbook/audit/chapter.xml Modified: head/ru_RU.KOI8-R/books/handbook/audit/chapter.xml ============================================================================== --- head/ru_RU.KOI8-R/books/handbook/audit/chapter.xml Wed Apr 16 17:12:25 2014 (r44579) +++ head/ru_RU.KOI8-R/books/handbook/audit/chapter.xml Wed Apr 16 17:18:22 2014 (r44580) @@ -5,7 +5,7 @@ $FreeBSDru: frdp/doc/ru_RU.KOI8-R/books/handbook/audit/chapter.xml,v 1.10 2007/06/26 08:38:00 den Exp $ $FreeBSD$ - Original revision: r43688 + Original revision: r44395 --> + xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" + xml:id="audit"> 疸追 嗜泰塢 妥斛仭嗄腕塢 - - Tom - Rhodes - - 疱塹 + + Tom + Rhodes + + 疱塹 - - Robert - Watson - - - - - - - 篥良 - 眩厦 - - 霤凖從 料 簒嗷防 凉挧: - - - - 盟追揺 - 鯱輿力 - - 鐶力很杜錨 佚凖從珍: + + Robert + Watson + @@ -57,20 +41,23 @@ requirements. --> 疸追 嗜泰塢 妥斛仭嗄腕塢 MAC - 鑰賭礎貧領叢 喇嘖斗 &os; 徊明涸都 單耐 佻陳賭嵋 奏追堊 - 嗜泰塢 妥斛仭嗄腕塢. 疸追 嗜泰塢 珍都 料津嵶拱 塹淮拱 嗤腕和 - 通 侑塹墨棉厦彖良 卅斂扶隣 嗜泰塢, 嘛凉僧隣 妥斛仭嗄腕墮, + 鑰賭礎貧領叢 喇嘖斗 &os; 徊明涸都 單耐 佻陳賭嵋 奏追堊 + 嗜泰塢 妥斛仭嗄腕塢. 疸追 佻旌鰐囘 忸佻摸冱 料津嵶賄, + 津堊蒙力 派陀 料嘖卅夫租溶 侑塹墨棉厦彖良 + 卅斂扶隣 嗜泰塢, 嘛凉僧隣 妥斛仭嗄腕墮, 徊明涸 徃歪 喇嘖斗, 冨妖療良 墨瞭蒜孀礎鰭, 掴嘖孃 徳別鼠 單塢. 塢 攸佗喇 溶杯 泰墮 療攸妖良踊 通 溶良塹夘稜 噸遼檀藁敏媽歸 喇嘖斗, 和料簒崚良 徭碗崚良 通 僧遡冨 嗜泰塢, 侑夫田柯 牧組 喇嘖斗. - &os; 凖遡冨彖 椀嫗棉墨彖領拱 &sun; BSM - API 届厖壮 徳別, 墨塹燮 嗜徑途塢 凖遡冨礎頻揺 - 奏追堊 &sun; &solaris; &apple; &macos; X. + &os; 凖遡冨彖 椀嫗棉墨彖領拱 &sun; 瀕堙卞妬 侑彬盟栂惑 + 侑惑卅様敏彖良 (Application Programming Interface, + API), 料旛彖斗拱 Basic Security Module + (BSM), 届厖壮 徳別, 墨塹燮 嗜徑途塢 + 凖遡冨礎頻揺 奏追堊 &solaris; &macos; X. - 榑亙 婆宋 椀瓶掀租墫, 腕力徇詫, 侑話途 孑堊力徊 + 榑亙 婆宋 椀瓶掀租墫 侑話途 孑堊力徊 墨瞭蒜孀敏彖良 喇嘖斗 奏追堊. 塹 淺嗅, 侑夫歪不嗔 - 卅昊决療良 佻棉塢 奏追堊, 堊 崚 珍脊嗔 侑浜賭 墨瞭蒜孀礎貧領挌 + 卅昊决療良 佻棉塢 奏追堊, 堊勃 珍脊嗔 侑浜賭 墨瞭蒜孀礎貧領挌 徳別. 靉嗅 侑湟杜頻 榑亙 婆宋 忸 怠津堙 變壮: @@ -80,13 +67,14 @@ requirements. --> + 訌 料嘖厦不 奏追 從 &os; 通 溶良塹夘稜 佻蒙斛彖堙姪 侑話途嗜. - 訌 侑腕輿墟夫壮 嶮厠遡 奏追堊, 瓶佻蒙斛彖墮 惑卅良淌良 佻 - 卅斃賭 嗤澱描蒙隣 瀕嘖簒妖淋 通 吐 侑腕溶墟. + 訌 侑腕輿墟夫壮 嶮厠遡 奏追堊 侑 佻溶殄 + 瀕嘖簒妖淋 侑腕溶墟 読蒙墟礎鰭 (reduction). @@ -110,438 +98,494 @@ requirements. --> - 鯏遡冨礎頻 奏追堊 浜電 冨彭嘖隣 惑卅良淌良, 料侑浜賭, - 療 徨 嗜泰塢 料嘖湾殄 溶妖淋 侑塹墨棉簒斗. - 鄙侑浜賭, 療墨塹燮 妖帆良斃 徃歪 喇嘖斗 (鑽力彖領拇 料 X11 - 亘藁隣 妖療綴賭, 洋惑賄 侑惑卅様力 和途佚淌良 嘖碗藁良 - 侑鷲旌歪不徒妬) 療 嗚藁読杯夘厦彖隣 通 侑塹墨棉厦彖良 嗜泰塢 - 徃歪 喇嘖斗 淌凖 佻柘瓶堙葉 奏追堊. - 蚌佻蒙斛彖良 喇嘖斗 奏追堊 溶崚 侑夫途塢 播療夘厦彖良 - 惑厦洋挌 嶮厠遡慘挌 徳別: 蛭 卅斃賭 料 喇蒙力 攸拝孛杜隣 單叟賭組 - 療墨塹燮 墨瞭蒜孀礎頻 溶崚 掴嘖蒜壮 療嗚鰐慄蛭 派覗汰編 療津明. - 當揺良嘖卅塹燮 掴網隣 侑瀕浜壮 從 徇浜僧錨 墟殿彖良 + 鯏遡冨礎頻 奏追堊 浜電 冨彭嘖隣 惑卅良淌良. + 酖 徨 嗜泰塢 料嘖湾殄 溶妖淋 侑塹墨棉簒斗拇. + 阻崚, 療墨塹燮 妖帆良斃 徃歪 喇嘖斗, 堊防 冒 + 亘藁隣 妖療綴賭 X11 斌 + 津溶隣 嘖碗藁良 侑鷲旌歪不徒妬, 療 料嘖卅夫狙 奏追 + 佻蒙斛彖堙蒙嗚蛭 單嗷品 掴網隣 和卅斛. + + 蚌佻蒙斛彖良 喇嘖斗 奏追堊 溶崚 侑夫途塢 + 播療夘厦彖良 冨和斌媽殄 佻漬和力嘖冤 嶮厠遡慘挌 徳別. + 虍 卅斃賭 料 攸拝孛杜隣 單叟賭組 療墨塹燮 墨瞭蒜孀礎頻 + 溶崚 侑砺掏壮 療嗚鰐慄 派覗汰編 療津明. + 當揺良嘖卅塹燮 掴網隣 侑瀕浜壮 從 徇浜僧錨 墟殿彖良 追嗚從葉 侑腕墟僧嘖徼 通 料拝孛杜隣 墨瞭蒜孀礎品 喇嘖斗 - 奏追堊. 鄙侑浜賭, 凖墨妖猟嫖墫 忸津棉墮 堋徒慘拱 卅敖徒 通 - 徳別從 喇嘖斗 奏追堊 - /var/audit, - 湟和 佚凖佻摸杜錨 卅敖徒 奏追堊 療 很頻模 料 卅堆塹嗤腕和力嘖 - 徨妬 腕堊蒙力 喇嘖斗. + 奏追堊. 鄙侑浜賭, 崚盟堙蒙力 忸津棉墮 堋徒慘拱 卅敖徒 通 + 徳別從 喇嘖斗 奏追堊 /var/audit, + 湟和 攸佻摸杜錨 卅敖徒 奏追堊 療 很頻模 料 + 漬嫻錨 徳別忸 喇嘖斗. - - 詭折砺拇 佻倫塢 篩領亙 臾宋. + 詭折砺拇 佻倫塢 - 霤凖 湟杜錨 榑亙 婆宋 療和範追溶 椀凖津棉墮 療嗚鰐慄 - 北折砺挌 佻倫塢. 簒嗷墨 彭厶鰭 掴釦妖淋 侑夫歪冱嗔 - 駄冨防 佻 嗟搜盲 佚凖從 嗚和冒 嬲惣掀租墫 碗蒜瀕遡慘拱 - 僧婆品嗚品 堙厖瀕. + 麑田媽殄 堙厖瀕 堽腕冱嗔 奏追壞 嗜泰塢 + 妥斛仭嗄腕塢: - 嗜泰塢 (event): 麩泰塢, 墨塹厦 - 溶崚 泰墮 攸療單力 嶮厠遡. 靤浜賭 彖嵶挌 通 妥斛仭嗄腕塢 - 喇嘖斗 嗜泰塢 徊明涸都: 嗜敖僧錨 徳別, 瀕秒描棉攸檀 單堙從馬 + 嗜泰塢 (event): 嗜泰塢, 墨塹厦 + 溶崚 泰墮 攸療單力 嶮厠遡. 靤浜賭鼠 嗜泰塢, + 堽腕處蛭嗔 妥斛仭嗄腕塢 喇嘖斗, 况妄脊嗔: 嗜敖僧錨 + 徳別, 瀕秒描棉攸檀 單堙從馬 嗜田瀕杜頻, 徃歪 佻蒙斛彖堙妄 喇嘖斗. 麩泰塢 卅敖徒兩墫 料 侑賓瓶掀租踊 (attributable) - 堙, 墨塹燮 溶杯 泰墮 堽途杜 墨遼凖堽詫 佻蒙斛彖堙明 - - 療-侑賓瓶掀租踊 (non-attributable), 途棉 - 蛭 療蒙斫 堽途塢 墨遼凖堽詫 佻蒙斛彖堙明. 靤浜賭 - 療-侑賓瓶掀租溶馬 嗜泰塢 - 明堆 嗜泰塢, 侑鷲斛枦壷電 掴 - 奏堙淋鋲彬礎鰭 佻蒙斛彖堙妄, 堊墨, 料侑浜賭, 堊墨, 冒 - 療嫩挿隣 徃歪 佻蒙斛彖堙妄 喇嘖斗. + 療侑賓瓶掀租踊 (non-attributable). + 靤浜賭 + 療侑賓瓶掀租溶馬 嗜泰塢 — 明堆 嗜泰塢, 侑鷲斛枦壷電 掴 + 奏堙淋鋲彬礎鰭 佻蒙斛彖堙妄, 料侑浜賭, 療彭厠 + 料岱僧隣 仭厦蒙. - 詭喪 (class): 詭喪噎 嗜泰塢 榑 - 浜杜彖領拇 料堆燮 歪力塢侘挌 嗜泰塢, 墨塹燮 瓶佻蒙旁脊嗔 - 忸卅崚良冏 忸堆卅. 喪塹瓶佻蒙旁斗拇 北喪噎 嗜泰塢 + 北喪 (class): 浜杜彖領拇 料堆燮 + 歪力塢侘挌 嗜泰塢, 墨塹燮 瓶佻蒙旁脊嗔 + 忸卅崚良冏 忸堆卅. 喪塹 瓶佻蒙旁斗拇 北喪噎 嗜泰塢 徊明涸脊 嗜敖僧錨 徳別 (fc), 忸佻摸杜錨 徳別 (ex) 嗜泰塢 徃歪 喇嘖斗 忸範珍 冨 療 (lo). - 双瓶 (record): 双瓶 - - 榑 田瀕扶料 攸佗嗹 嶮厠遡, 椀瓶掀狙歔 塹 斌 瀕賄 - 嗜泰塢. 双瓶 和掵力 嗜津雙不 瀕届厖礎廟 塢佚 嗜泰塢, + 攸佗嗹 (record): 田瀕扶料 攸佗嗹 + 嶮厠遡, 椀瓶掀狙歔 塹 斌 瀕賄 + 嗜泰塢. 双瓶 嗜津雙壮 瀕届厖礎廟 塢佚 嗜泰塢, 瀕届厖礎廟 嗾貸屠堙 嗜泰塢 (佻蒙斛彖堙姪), 墨塹燮 - 忸佻摸斌 療墨塹厦 津篇墸頻, 珍壞 徠斗 嗜泰塢, - 瀕届厖礎廟 和 和濺穆組 倉杯妖淋組 嗜泰塢, 途棉 藁 途墮, - 堊勃 瀕届厖礎廟 和 孑佚枸腕塢 忸佻摸杜頻 椀賭礎鰭, - 佻厦追忝妬 嗜泰塢. + 忸佻摸斌 療墨塹厦 津篇墸錨, 珍壞 徠斗 嗜泰塢, + 瀕届厖礎廟 和 和濺穆組 倉杯妖淋組 嗜泰塢, + 堊勃 瀕届厖礎廟 和 孑佚枸腕塢 斌 療孑佚枸腕塢 忸佻摸杜頻 + 椀賭礎鰭. - 孀料 (trail): - 嶮厠遡 奏追堊, 斌 模-徳別 - - 嗜津雙不 單夘 攸佗單 喇嘖斗隣 嗜泰塢冏. - 訌 侑宋斌, 嶮厠遡 嗜津雙不 攸佗喇 嘖厦馬 + 嶮厠遡 (trail): 徳別, + 嗜津雙掃品 佻嗅田彖堙蒙力嘖 攸佗單 奏追堊, 椀瓶掀狙殄 + 嗜泰塢 妥斛仭嗄腕塢 (security events). + 孀料 嗜津雙不 攸佗喇 碗錨淋敏從淮 頒藁鰐惑扶途墨 佻厮痛 佻 徠斗杜 攸彭叨杜頻 嗜泰塢. 鰐慄 宋塹夘斛彖領拇 侑話途噎 溶杯 掴汰很冱 攸佗喇 嶮厠遡. - 忸卅崚良 忸堆卅 (selection expression): - 黌厦冒, 嗜津雙掃叢 嗤瓶亘 侑兎彬嗜 浜杜 北喪嗜, 瓶佻蒙旁斗叢 - 通 忸堆卅 拝孃俎 嗜泰塢. + 忸卅崚良 忸堆卅 (selection + expression): 嘖厦冒, 嗜津雙掃叢 嗤瓶亘 侑兎彬嗜 浜杜 + 北喪嗜, 瓶佻蒙旁斗叢 通 忸堆卅 拝孃俎 嗜泰塢. 侑田彖夘堙蒙隣 忸堆 (preselection): - 靤話途, 佻溶毆 墨塹厦馬 喇嘖斗 椀凖津妄都, 冒防 嗜泰塢 浜点 - 彖嵶腕墮 通 祖揺良嘖卅塹卅. 塹 療和範追溶 通 塹馬, - 湟和 冨妥崛墮 侑塹墨棉厦彖良 嗜泰塢, 療 浜点殄 良冒墨 變挿浜腕塢. - 靤田彖夘堙蒙隣 忸堆 瓶佻蒙旁都 厮 忸卅崚良 忸堆卅 - 通 塹馬, 湟和 椀凖津棉墮, 冒防 浜杜力 北喪噎 嗜泰塢 通 - 冒墨馬 佻蒙斛彖堙妄 療和範追溶 徇腕不 嶮厠遡, 堊 崚 - 婆和遡慘拇 料嘖厦碧, 墨塹燮 怠蔦 侑浜杜冱慯 冒 通 + 侑話途, 佻溶毆 墨塹厦馬 喇嘖斗 椀凖津妄都, 冒防 嗜泰塢 浜点 + 彖嵶腕墮 通 祖揺良嘖卅塹卅. + 靤田彖夘堙蒙隣 忸堆 瓶佻蒙旁都 厮 忸卅崚良 忸堆卅, + 攸珍摂蛭 冒防 浜杜力 北喪噎 嗜泰塢 通 + 冒墨馬 佻蒙斛彖堙妄 療和範追溶 徇腕不 嶮厠遡, 堊勃 — + 婆和遡慘拇 料嘖厦碧, 墨塹燮 怠蔦 侑浜杜冱慯 冒 通 宋塹夘斛彖領挌, 堊 通 療宋塹夘斛彖領挌 侑話途嗜. - 翩蒙墟礎頻 (reduction): - 靤話途, 凖旁蒙堊堙 墨塹厦馬 攸佗喇 冨 嗾歸嘖徼摂吐 嶮厠遡 - 忸津妄脊嗔 通 頒僧杜頻, 卅嗤党壮防 斌 僧遡冨. 阻崚, 榑 + 読蒙墟礎頻 (reduction): + 侑話途, 凖旁蒙堊堙 墨塹厦馬 攸佗喇 冨 嗾歸嘖徼摂吐 嶮厠遡 + 忸津妄脊嗔 通 頒僧杜頻, 卅嗤党壮防 斌 僧遡冨. 阻崚, 榑 侑話途, 凖旁蒙堊堙 墨塹厦馬 療崚盟堙蒙隣 攸佗喇 嫩遡兩墫 - 冨 嶮厠遡 奏追堊. 蚌佻蒙旁 読蒙墟礎廟, 祖揺良嘖卅塹燮 溶杯 + 冨 嶮厠遡 奏追堊. 蚌佻蒙旁 読蒙墟礎廟, 祖揺良嘖卅塹燮 溶杯 凖遡冨忸彖墮 卅斂扶隣 佻棉塢防 頒僧杜頻 珍領挌 奏追堊. 鄙侑浜賭, 津堊棉敝厦彖領拱 嶮厠遡 溶崚 頒僧不慯 妖嗔, 力 - 佻嗅 榑惑 藁 掴網杜 泰墮 嗜牧掃杜 湟和 頒僧不 塹蒙墨 - 瀕届厖礎廟 徃歪 喇嘖斗 忸範津 冨 療 通 壇姪 倉班彖檀. + 佻嗅 榑惑 藁 溶崚 泰墮 嗜牧掃杜 湟和 頒僧不 塹蒙墨 + 瀕届厖礎廟 徃歪 喇嘖斗 忸範津 冨 療. - - 嘖僧徊 喇嘖斗 奏追堊 - - 靉蒙斛彖堙蒙嗚叢 涸嘖 佻柘瓶堙踊 奏追堊 孑堊料很夫租墫 冒 涸嘖 - 汰斛從 喇嘖斗 &os;. 靉陳賭嵋 奏追堊 嗜泰塢 嗜 嘖碗藁 冂卅 - 堊勃 墨熔斌敏嫖墫 佻 嬪鰐涸良, 力 佻陳賭嵋 珍領亙 從斃嵶腕塢 - 墟殿嫖 嗜敖僧頻 嘛賄馬 冂卅, 掴汰很杜錨 嗅田媽歸 嘖厦防 - 墨瞭蒜孀礎貧領拱 徳別 冂卅: - - options AUDIT - - 靤話途 啾碗防 孑堊力徊 冂卅 佻漬和力 椀瓶僧 婆宋 - . - - 訌 塹蒙墨 冂厦 佻陳賭嵋亙 奏追堊 泰模 嗜岱僧 孑堊力很杜, - 喇嘖斗 泰盟 佚凖攸拝孛杜, 療和範追溶 卅斷奴不 攸侖嗚 津溶料 奏追堊, - 掴汰徂 嗅田媽殳 嘖厦釦 &man.rc.conf.5;: - - auditd_enable="YES" - - 壮斗 燐嵶 攸侖嘖不 佻陳賭嵋 奏追堊 棉堆 侖堙 - 佚凖攸拝孳防, 棉堆 徠孺燐, 攸侖嘖夫 津溶 奏追堊: - - service auditd start - - 鄙嘖厦碧 喇嘖斗 奏追堊 - 單 墨瞭蒜孀礎貧領拇 徳別 喇嘖斗 奏追堊 料範佃墫 冒堊模播 - /etc/security. 霤凖 攸侖嗚詫 - 津溶料 奏追堊 堊 掴網隣 料範追墮嗔 嗅田媽殄 徳別: + 靉蒙斛彖堙蒙嗚叢 涸嘖 喇嘖斗 奏追堊 徃歪不 汰斛徼 + 喇嘖斗 &os;, 喇嘖斗料 涸嘖 徊明淌料 冂厦 + GENERIC, 嘖倉 津溶料 &man.auditd.8; + 阻塢徂簒都嗔 徊明淌良斗 嗅田媽歸 攸佗喇 + /etc/rc.conf: - - - audit_class - 麩津雙不 椀凖津姪良 - 北喪嗜 奏追堊. - - - - audit_control - 霑卅妖墟 喇嘖斗 - 奏追堊: 北喪噎 佻 嬪鰐涸良, 揺良輿蒙力 追嗚從 - 侑腕墟僧嘖從, 墨塹厦 掴網力 腕堊彖墮嗔 料 卅敖徒 嶮厠遡 - 奏追堊, 輿睦浜遡慘拱 卅斃賭 嶮厠遡 奏追堊 漬嫻錨. - + auditd_enable="YES" - - audit_event - 屠嘖忸 浜杜 - 椀瓶僧頻 嗜泰塢 奏追堊, 堊勃 嗤瓶亘, 椀凖津妄摂品 - 嗜墸都嘖徂 北喪嗜 嗜泰塢, 墨塹燮 料範佃墫 珍領挌 - 北喪啻. - + 壮斗 燐嵶 攸侖嘖不 津溶 奏追堊: - - audit_user - 凖堆彖良 奏追堊, 墨塹燮 - 毀扶狙墫 通 堋徒慘挌 佻蒙斛彖堙姪. 鑪 嗜田瀕兩墫 - 婆和遡慘挈 料嘖厦碧鼠 佻 嬪鰐涸良 侑 徃歪 佻蒙斛彖堙妄 - 喇嘖斗. - + &prompt.root; service auditd start - - audit_warn - 麕夘來 墨輿猟力馬 - 瀕堙厥凖堊塹卅, 瓶佻蒙旁斗拱 &man.auditd.8;, - 湟和 喃杜賭敏彖墮 侑田孃凖崢狙殄 嗜和歸良 和 瓶北折不徒慘挌 - 喇壞礎頻, 料侑浜賭, 墨把 攸冒涙夫租墫 嘛和歪力 追嗚從 - 侑腕墟僧嘖從 通 攸佗單 嶮厠遡 奏追堊, 棉堆 墨把 侑鷲斛枳 - 厦堊檀 徳別 嶮厠遡 奏追堊. - - + 靉蒙斛彖堙妄, 侑田佻淺堊摂浜 嘖厦不 嗤澱描棉敝厦彖領賄 + 冂厦, 療和範追溶 徊明淺墮 嗅田媽殳 攸佗嗹 徳別 墨瞭蒜孀礎鰭 + 冂卅: - - 譱別 墨瞭蒜孀礎鰭 奏追堊 掴網隣 凖珍穆敏彖墮嗔 - 冨妖倫墮嗔 腕塹厦嵶腕墮, 堊 冒 柯陀 墨瞭蒜孀礎鰭 - 溶杯 侑夫途塢 療侑宋斌慘詫 模杯 嗜泰塢 - + options AUDIT 捍爽杜頻 忸堆卅 嗜泰塢 捍爽杜頻 忸堆卅 瓶佻蒙旁脊嗔 療嗚鰐慄蛭 妖嘖組 - 墨瞭蒜孀礎鰭 奏追堊 通 椀凖津姪良 塹馬, 冒防 嗜泰塢 掴網隣 - 佻鍔賭覗墮嗔 奏追壞. 捍爽杜頻 嗜津雙壮 嗤瓶亘 北喪嗜 嗜泰塢, - 墨塹燮揺 瀕堙凖嗾摂電 料 嗜泰塢 怠津 嘔宋良彖墮嗔. 訌崢賄 - 忸卅崚良 浜電 侑兎彬, 佻冒旛彖摂品, 燐嵶 棉 侑瀕冱 - 斌 蒜力夘厦彖墮 料閉杜力 嗜泰塢, , 從斃嵶, 佻冒旛彖摂品, - 瀕堙凖嗾脊 棉 料 孑佚枸拇 斌 療孑佚枸拇 椀賭礎鰭. 捍爽杜頻 - 忸堆卅 卅嗷輿墟夫狙墫 嗅砺 料侑宋, 鍔 忸卅崚良 - 和濺追倫脊嗔 侑腕壅 掴汰很杜錨 徭碗惑 忸卅崚良 墨涼 - 佚叟惑. - - 麑田媽殄 嗤瓶亘 嗜津雙不 北喪噎 佻 嬪鰐涸良, - 侑瓶孕嘖徼摂錨 徳別 audit_class: - - - - all - all - - 麩墸都嘖徼都 徨斗 北喪啻 嗜泰塢. - - - - ad - administrative - - 疸追 祖揺良嘖卅塢徇挌 津篇墸品, 侑鷲斛枦壷蛭 - 喇嘖斗. - - - - ap - application - - 疸追 嗜泰塢, 忸旌僧力馬 冒防-棉堆 侑斌崚良斗. - - - - cl - file close - - 疸追 忸斛從 喇嘖斗力 噸遼檀 close. - - - - ex - exec - - 疸追 攸侖嗚 侑斌崚良. 疸追 倉杯妖淋 墨輿猟力 嘖厦防 - 佚凖妖領挌 亘簒崚良 墨淋厦棉簒都嗔 淌凖 &man.audit.control.5; - 瓶佻蒙旁 仭卅妖墟 argv envv - 椀檀 policy. - - - - fa - file attribute access - - 疸追 掴嘖孃 壮夘怠堊 和濺穆, - 料侑浜賭 &man.stat.1;, &man.pathconf.2;, - 堊勃 佻掴体挌 榑浜 嗜泰塢. - - - - fc - file create - - 疸追 嗜泰塢, 凖旁蒙堊堙 墨塹燮 嗜敖狙墫 - 徳別. - - - - fd - file delete - - 疸追 嗜泰塢, 凖旁蒙堊堙 墨塹燮 嫩遡兩墫 - 徳別. - - - - fm - file attribute modify - - 疸追 嗜泰塢, 凖旁蒙堊堙 墨塹燮 冨妖倫脊嗔 - 壮夘怠壅 徳別, 料侑浜賭, &man.chown.8;, - &man.chflags.1;, &man.flock.2;. - - - - fr - file read - - 疸追 嗜泰塢, 凖旁蒙堊堙 墨塹燮 侑鷲喩歪不 - 湟杜錨 珍領挌, 塰燮彖脊嗔 徳別 料 湟杜錨 .. - + 墨瞭蒜孀礎鰭 通 埖碗 嗜泰塢, 佻通砥掃蛭 奏追壞. + 捍爽杜頻 嗜津雙壮 佚凖淌輪 北喪嗜 嗜泰塢, 墨塹燮 + 嘔宋良彖都嗔 侑鷲營田枦 嗜泰塢. 捍爽杜頻 + 忸堆卅 卅嗷輿墟夫狙墫 嗅砺 料侑宋, 鍔 忸卅崚良 + 和濺追倫脊嗔 掴汰很杜錨 佚叟惑 忸卅崚良 墨 + 徭碗詫. + + 佚凖淺嗅囘 浜点殄途 + 佻 嬪鰐涸良 攸佗喇: + + + 詭喪噎 嗜泰塢 喇嘖斗 奏追堊 + + + + + 虱 北喪啻 + 鯀營鋲厦徊 + 篥篇墸錨 + + + + + + all + all + 麩墸都嘖徼都 徨斗 北喪啻 嗜泰塢. + + + + aa + authentication and authorization + + + + + ad + administrative + 疸追 祖揺良嘖卅塢徇挌 津篇墸品, 侑鷲斛枦壷蛭 + 喇嘖斗. + + + + ap + application + 麩泰塢, 椀凖津妄斗拇 冒防-棉堆 + 侑斌崚良斗. + + + + cl + file close + 疸追 忸斛從 喇嘖斗力 噸遼檀 + close. + + + + ex + exec + 疸追 攸侖嗚 侑斌崚良. 疸追 倉杯妖淋 + 墨輿猟力 嘖厦防 佚凖妖領挌 亘簒崚良 墨淋厦棉簒都嗔 + 淌凖 &man.audit.control.5; 瓶佻蒙旁 仭卅妖墟 + argv envv + 椀檀 policy. + + + + fa + file attribute access + 疸追 掴嘖孃 壮夘怠堊 和濺穆, 料侑浜賭 + 堊防 冒 &man.stat.1;, &man.pathconf.2;. + + + + fc + file create + 疸追 嗜泰塢, 凖旁蒙堊堙 墨塹燮 嗜敖狙墫 + 徳別. + + + + fd + file delete + 疸追 嗜泰塢, 凖旁蒙堊堙 墨塹燮 嫩遡兩墫 + 徳別. + + + + fm + file attribute modify + 疸追 嗜泰塢, 凖旁蒙堊堙 墨塹燮 冨妖倫脊嗔 + 壮夘怠壅 徳別, 料侑浜賭, &man.chown.8;, + &man.chflags.1;, &man.flock.2;. + + + + fr + file read + 疸追 嗜泰塢, 凖旁蒙堊堙 墨塹燮 侑鷲喩歪不 + 湟杜錨 珍領挌 斌 塰燮彖脊嗔 徳別 料 湟杜錨. + + + + fw + file write + 疸追 嗜泰塢, 凖旁蒙堊堙 墨塹燮 侑鷲喩歪不 + 攸佗嗹 珍領挌, 攸佗嗹 斌 冨妖療良 徳別. + + + + io + ioctl + 疸追 忸斛從 喇嘖斗力 噸遼檀 + &man.ioctl.2;. + + + + ip + ipc + 疸追 卅斂扶隣 徂掴 忱蘇溶津篇墸頻 侑話途嗜, + 徊明涸 嗜敖僧錨 療浜杜彖領挌 冒料模 (POSIX pipe) + 忱蘇溶津篇墸錨 侑話途嗜 嘖斌 System V + IPC. + + + + lo + login_logout + 疸追 嗜泰塢 &man.login.1; + &man.logout.1;. + + + + na + non attributable + 疸追 療侑賓瓶掀租踊 嗜泰塢. + + + + no + invalid class + 酖 嗜墸都嘖徼都 良冒防 嗜泰塢冤 奏追堊. + + + + nt + network + 疸追 嗜泰塢, 嘛凉僧隣 單堙忸揺 + 佻痛明淌良冤, 料侑浜賭 &man.connect.2; + &man.accept.2;. + + + + ot + other + 疸追 卅斂扶隣 嗜泰塢. + + + + pc + process + 疸追 津篇墸品 侑話途嗜, 堊防 冒 &man.exec.3; + &man.exit.3;. + + + +
      + + 塢 北喪噎 嗜泰塢 溶杯 泰墮 料嘖厦杜 冨妖療良斗 + 墨瞭蒜孀礎貧領挌 徳別 audit_class + audit_event. + + 訌崢拱 北喪 奏追堊 溶嵶 嗚詫舵良厦彖墮 侑兎彬嗜, + 佻冒旛彖摂浜, + 冒防 椀賭礎鰭 怠蔦 孺不掀壮慯 — 嫩挿隣 斌 療嫩挿隣, + 堊勃 塹, 徊明涸都 棉 珍領叢 攸佗嗹 奏追 通 珍領惑 + 北喪啻 塢仭, 棉堆 塰明涸都 吐. 和和歔都 掴嘖孃隣 + 侑兎彬噎: + + + 靤兎彬噎 北喪嗜 奏追堊 嗜泰塢 + + + + + 靤兎彬 + 篥篇墸錨 + + + + + + + + 疸追 孑佚枸挌 嗜泰塢 珍領詫 北喪單. + + + + - + 疸追 柯堆淮挌 嗜泰塢 珍領詫 北喪單. + + + + ^ + 鑚北折杜錨 奏追堊 冒 孑佚枸挌, 堊 柯堆淮挌 + 嗜泰塢 珍領詫 北喪單. + + + + ^+ + 鑚北折杜錨 奏追堊 孑佚枸挌 嗜泰塢 珍領詫 + 北喪單. + + + + ^- + 鑚北折杜錨 奏追堊 柯堆淮挌 嗜泰塢 珍領詫 + 北喪單. + + + +
      + + 縒棉 侑兎彬 療 嬲惣僧, 塹 奏追壞 佻通砥壮 冒 孑佚枸拇, + 堊 療孑佚枸拇 嗜泰塢. + + 麑田媽殄 侑浜賭 忸舵卅都 孑佚枸拇 療孑佚枸拇 嗜泰塢 徃歪 + 喇嘖斗 忸範珍 冨 療, 塹蒙墨 孑佚枸拇 嗜泰塢 忸佻摸杜頻 + 侑斌崚良: - - fw - file write - - - 疸追 嗜泰塢, 凖旁蒙堊堙 墨塹燮 侑鷲喩歪不 - 攸佗嗹 珍領挌, 攸佗嗹 斌 冨妖療良 徳別 堊 珍姪. - - - - io - ioctl - - 疸追 忸斛從 喇嘖斗力 噸遼檀 &man.ioctl.2;. - - - - ip - ipc - - 疸追 卅斂扶隣 徂掴 忱蘇溶津篇墸頻 侑話途嗜, - 徊明涸 嗜敖僧錨 療-浜杜彖領挌 冒料模 (POSIX pipe) - 忱蘇溶津篇墸錨 侑話途嗜 嘖斌 System V - IPC. - - - - lo - login_logout - - 疸追 嗜泰塢 &man.login.1; &man.logout.1;, - 侑鷲喩歪處蛭 喇嘖斗. - - - - na - non attributable - - 疸追 療-侑賓瓶掀租踊 嗜泰塢. - - - - no - invalid class - - 酖 嗜墸都嘖徼都 良冒防 嗜泰塢冤 奏追堊. - - - - nt - network - - 疸追 嗜泰塢, 嘛凉僧隣 單堙忸揺 佻痛明淌良冤, - 料侑浜賭 &man.connect.2; &man.accept.2;. - - - - ot - other - - 疸追 卅斂扶隣 嗜泰塢. - + lo,+ex + - - pc - process - - 疸追 津篇墸品 侑話途嗜, 堊防 冒 &man.exec.3; - &man.exit.3;. - - + + 誅瞭蒜孀礎貧領拇 徳別 - 塢 北喪噎 嗜泰塢 溶杯 泰墮 料嘖厦杜 冨妖療良斗 墨瞭蒜孀礎貧領挌 - 徳別 audit_class - audit_event. - - 訌崢拱 北喪 奏追堊 墨預瀕敏嫖墫 侑兎彬嗜, 佻冒旛彖摂浜, - 冒防 椀賭礎鰭 怠蔦 孺不掀壮慯 - 嫩挿隣 斌 療嫩挿隣, - 堊勃 塹, 徊明涸都 棉 珍領叢 攸佗嗹 奏追 通 珍領惑 - 北喪啻 塢仭, 棉堆 塰明涸都 吐. + 冒堊模播 /etc/security 料範佃墫 + 嗅田媽殄 墨瞭蒜孀礎貧領拇 徳別 喇嘖斗 奏追堊: - [侖嘖亙 侑兎彬] - 疸追 侑從追墫 冒 通 - 孑佚枸惑, 堊 通 柯堆淮惑 嗜泰塢. - - - - + - 疸追 塹蒙墨 孑佚枸挌 - 嗜泰塢 珍領詫 北喪單. + audit_class: 嗜津雙不 椀凖津姪良 + 北喪嗜 奏追堊. - - - 疸追 塹蒙墨 柯堆淮挌 - 嗜泰塢 珍領詫 北喪單. + audit_control: 墨淋厦面敏嫖 + 療墨塹燮 喪佚穆 喇嘖斗 奏追堊, 堊防 冒 北喪噎 佻 + 嬪鰐涸良, 揺良輿蒙力 追嗚從 + 侑腕墟僧嘖從, 墨塹厦 掴網力 腕堊彖墮嗔 料 卅敖徒 嶮厠遡 + 奏追堊, 輿睦浜遡慘拱 卅斃賭 嶮厠遡 奏追堊. - ^ - 鑚北折杜錨 奏追堊 冒 孑佚枸挌, 堊 - 柯堆淮挌 嗜泰塢 珍領詫 北喪單. + + audit_event: 嘛凉掀租 + 苗杜塢読冒塹燮 嗜泰塢 (eventnum) 蛭 堙睦塹忸揺 + 浜杜鼠, 椀瓶僧頻揺 北喪啻揺 嗜泰塢. - ^+ - 鑚北折杜錨 奏追堊 孑佚枸挌 - 嗜泰塢 珍領詫 北喪單. + audit_user: 孕淮囘 料嘖厦碧 + 奏追堊 通 墨遼凖堽挌 佻蒙斛彖堙姪; 藁 墨預瀕敏媽墫 + 婆和遡慘挈 料嘖厦碧鼠 侑 徃歪 佻蒙斛彖堙妄 + 喇嘖斗. - ^- - 鑚北折杜錨 奏追堊 柯堆淮挌 - 嗜泰塢 珍領詫 北喪單. + audit_warn: 料嘖卅夫租踊 嗚夘來 + 墨輿猟力馬 瀕堙厥凖堊塹卅, 墨塹燮 忸旛彖都嗔 &man.auditd.8; + 通 播療卅檀 侑田孃凖崢杜品 瓶北折不徒慘挌 喇壞礎頻, + 堊防 冒 瓶淌厥僧錨 追嗚從馬 侑腕墟僧嘖彖 攸佗嗔揺 奏追堊 + 斌 侑 厦堊檀 嶮厠遡 奏追堊. - - 麑田媽殄 侑浜賭 忸舵卅都 孑佚枸拇 療-孑佚枸拇 嗜泰塢 徃歪 - 喇嘖斗 忸範珍 冨 療, 塹蒙墨 孑佚枸拇 嗜泰塢 瓶佻摸杜頻 - 徳別: - - lo,+ex - - - - 誅瞭蒜孀礎貧領拇 徳別 + + 譱別 墨瞭蒜孀礎鰭 奏追堊 掴網隣 凖珍穆敏彖墮嗔 + 冨妖倫墮嗔 腕塹厦嵶腕墮, 堊 冒 柯陀 墨瞭蒜孀礎鰭 + 溶杯 侑夫途塢 嗜頒僧杜廟 妥嗤鰐土隣 攸佗單. + - 堆蒙柯林墸 嗅孺租 祖揺良嘖卅塹簒 侑苗T嗔 徇腕不 + 堆蒙柯林墸 嗅孺租 祖揺良嘖卅塹簒 侑苗都嗔 徇腕不 冨妖療良 塹蒙墨 鍔 墨瞭蒜孀礎貧領挌 徳別 喇嘖斗 奏追堊: audit_control audit_user. 霤叟拱 冨 良 嗜津雙不 和殄 料嘖厦碧 喇嘖斗 奏追堊, 徭碗亙 溶崚 瓶佻蒙斛彖墮嗔 - 通 堆姪 塹遼亙 料嘖厦碧 奏追堊 佻蒙斛彖堙姪. + 通 孕淮杜頻 料嘖厦屠 奏追堊 通 墨遼凖堽挌 + 佻蒙斛彖堙姪. 譱別 <filename>audit_control</filename> - 酖墨塹燮 料嘖厦碧 佻 嬪鰐涸良 通 佻柘瓶堙踊 - 奏追堊 嗜津雙壮嗔 徳別 audit_control: + 酩崚 侑夫田杜 佚凖淌輪 料嘖厦屠 佻 嬪鰐涸良, + 嗜津雙掃蛭嗔 audit_control: dir:/var/audit -flags:lo -minfree:20 -naflags:lo -policy:cnt -filesz:0 +dist:off +flags:lo,aa +minfree:5 +naflags:lo,aa +policy:cnt,argv +filesz:2M +expire-after:10M       双瓶 瓶佻蒙旁都嗔 通 孑堊力徊 歪力馬 斌 堆姪 冒堊模馬, - 墨塹燮 怠津 嗜頒僧冱慯 嶮厠遡 喇嘖斗 奏追堊. 縒棉 + 墨塹燮 怠津 嗜頒僧冱慯 嶮厠遡 喇嘖斗 奏追堊. 縒棉 嬲惣僧 堆姪 淌 歪瀕 冒堊模, 塹 嬲惣僧隣 冒堊模派 - 怠蔦 瓶佻蒙斛彖墮嗔 佻 淌凖追, 佻 妖凖 攸佻摸杜頻. 訌 - 侑宋斌, 喇嘖斗 奏追堊 墨瞭蒜孀敏嫖墫 堊防 和卅斛, 湟 - 嶮厠遡 奏追堊 頒僧不嗔 料 堋徒慘詫 卅敖徒, 湟和 - 侑田墸卅塢墮 佚凖單淌良 佻柘瓶堙踊 奏追堊 腕堊蒙隣 - 佻柘瓶堙 嗅孺租, 途棉 嘛和歪力 妖嘖 料 卅敖徒 - 喇嘖斗 奏追堊 怠津 瓶淌厥僧. + 怠蔦 瓶佻蒙斛彖墮嗔 佻 淌凖追, 佻 妖凖 攸佻摸杜頻. 訌 + 侑宋斌, 喇嘖斗 奏追堊 料嘖卅夫租墫 料 頒僧杜錨 + 嶮厠遡 奏追堊 料 堋徒慘詫 卅敖徒, 湟和 + 侑田墸卅塢墮 忱蘇洋賄 很頻良 佻柘瓶堙踊 奏追堊 腕堊蒙隣 + 佻柘瓶堙 嗅孺租 瓶淌厥僧頻 嘛和歪力馬 妖嘖 料 + 卅敖徒.       + + 縒棉 椀檀 浜電 變挿杜錨 + onyes, 塹 通 + 徨堵 嶮厠遡 奏追堊 怠蔦 嗜敖宋壮慯 崚嘖防 嗷挂防, + 嗜頒僧囘踊 /var/audit/dist. 双瓶 瓶佻蒙旁都嗔 通 孑堊力徊 婆和遡慘亙 輿嗚 侑田彖夘堙蒙力馬 忸堆卅 - 通 侑賓瓶掀租踊 嗜泰塢. 侑浜賭 忸枦, 怠蔦 佻鍔賭覗墮嗔 - 奏追壞 冒 孑佚枸拇, 堊 療嫩挿隣 佻俎塰 徃歪 - 喇嘖斗 忸範珍 冨 療 通 徨堵 佻蒙斛彖堙姪 + 通 侑賓瓶掀租踊 嗜泰塢. 侑浜賭 忸枦 奏追壞 怠蔦 + 佻鍔賭覗墮嗔 冒 孑佚枸拇, 堊 療嫩挿隣 佻俎塰 徃歪 + 喇嘖斗 忸範珍 冨 療, 堊勃 — 奏堙淋鋲彬礎頻 + 宋塹夘攸檀 通 徨堵 佻蒙斛彖堙姪.       双瓶 椀凖津妄都 揺良輿蒙力 - 變挿杜錨 嘛和歪力馬 追嗚從馬 侑腕墟僧嘖彖 料 卅敖徒, - 墨塹燮 嗜頒僧兩墫 徳別 嶮厠遡 奏追堊. 誅把 珍領叢 - 拝僧秒 怠津 侑砺掏杜, 怠津 喃杜賭敏彖力 侑田孃凖崢杜錨. - 掏登夘彭津領拱 侑浜賭 孑堊料很夫租 揺良輿蒙力 嘛和歪力 - 侑腕墟僧嘖從 鍔祖蛋墮 侑話杜塹. + 墨棉淌嘖從 嘛和歪力馬 追嗚從馬 侑腕墟僧嘖彖 料 卅敖徒, + 墨塹燮 嗜頒僧兩墫 徳別 嶮厠遡 奏追堊. + 双瓶 椀凖津妄都 北喪噎 - 奏追堊 通 療-侑賓瓶掀租踊 嗜泰塢, 料侑浜賭, 侑話途嗜 + 奏追堊 通 療侑賓瓶掀租踊 嗜泰塢, 料侑浜賭, 侑話途嗜 徃歪 喇嘖斗 喇嘖斗隣 津溶力. - 双瓶 椀凖津妄都 嗤瓶亘 - 凸素 佻棉塢防, 椀凖津妄摂妬 卅斂扶隣 喪佚穆 佻彭津良 - 奏追堊. 姪妖淋 嗤瓶冒 堋徒兩墫 漬嫻 漬嫻 攸佰壅揺. - 靉 嬪鰐涸良, 凸素 cnt 嬲惣掀租, 湟 - 喇嘖斗 掴網料 侑歪鰐崛墮 卅堆堊墮, 療嗟墟 料 柯陀 - 奏追堊 (珍領拱 凸素 淌輪 喇蒙力 凖墨妖猟嫖墫 瓶佻蒙斛彖墮). - 簟嫻亙 涸嘖鷲嗤鰐憙嫖踊 凸素 - argv, - 墨塹燮 攸嘖宋妄都 佻鍔賭覗墮 奏追壞 倉杯妖淋 墨輿猟力 - 嘖厦防 侑 忸斛彭 喇嘖斗力馬 忸斛彖 &man.execve.2;, 冒 - 涸嘖 忸佻摸杜頻 墨輿猟. - - 双瓶 椀凖津妄都 - 輿睦浜遡慘拱 卅斃賭 汰編組, 掴 墨塹厦馬 溶崚 卅嘖 - 嶮厠遡 嗜泰塢 奏追堊, 侑砥津 淌 藁 怠津 宋塹輿塢淌嗚 - 攸墨涙杜 佻鍔賭芭孕 厦堊檀. 靉 嬪鰐涸良, 變挿杜錨 0 - 攸侑倒租 宋塹輿塢淌嗚媽 厦堊檀 模馬. 縒棉 墟殿嫖踊 - 卅斃賭 徳別 療燐姪從, 力 良崚 揺良輿蒙力馬 變挿杜頻 - 512, 塹 藁 怠津 侑鷲芭碗敏彖, 怠津 喃杜賭敏彖力 - 侑田孃凖崢狙歸 嗜和歸良 模覗. + 双瓶 椀凖津妄都 卅敖徒囘踊 + 攸佰壅揺 嗤瓶亘 + 凸素 佻棉塢防, 椀凖津妄摂妬 卅斂扶隣 喪佚穆 佻彭津良 + 奏追堊. + 飜素 cnt 嬲惣掀租, 湟 + 喇嘖斗 掴網料 侑歪鰐崛墮 卅堆堊墮, 療嗟墟 料 柯陀 + 奏追堊 (珍領拱 凸素 料嘖湾堙蒙力 凖墨妖猟嫖墫). + 塹厦 凸素, argv, + 攸嘖宋妄都 佻鍔賭覗墮 奏追壞 倉杯妖淋 墨輿猟力 + 嘖厦防 侑 忸斛彭 喇嘖斗力馬 忸斛彖 &man.execve.2;. + + 双瓶 椀凖津妄都 輿睦浜遡慘拱 + 卅斃賭 嶮厠遡 嗜泰塢 奏追堊, 佻 掴嘖埠杜鰭 墨塹厦馬 + 嶮厠遡 怠津 宋塹輿塢淌嗚 + 攸墨涙杜 佻鍔賭芭孕 厦堊檀. 料淌良 0 + 攸侑倒租 宋塹輿塢淌嗚媽 厦堊檀 模馬. 縒棉 嬲惣僧隣 + 卅斃賭 良崚 揺良輿蒙力馬 變挿杜頻 + 512, 塹 藁 怠津 侑鷲芭碗敏彖, 怠津 喃杜賭敏彖力 + 侑田孃凖崢狙歸 嗜和歸良 模覗. + + 靉姪 椀凖津妄都 溶妖淋 + 徠斗杜, 侑 掴嘖埠杜鰭 墨塹厦馬 嶮厠遡慘拇 徳別 嘲不狙墫 + 療阻壞遡慘挈 嫩遡兩墫.       @@ -550,65 +594,68 @@ filesz:0 當揺良嘖卅塹 溶崚 椀凖津棉墮 掴佻摸不徒慘拇 墟殿彖良 奏追壞 通 墨遼凖堽挌 佻蒙斛彖堙姪 徳別 audit_user. - 訌崢叢 嘖厦冒 墨瞭蒜孀敏嫖 奏追 通 佻蒙斛彖堙妄 - 瓶佻蒙斛彖良斗 鍔嬌 佻姪: 佚叟賄 佻姪 - alwaysaudit, 墨塹厦 椀凖津妄都 + 訌崢叢 嘖厦冒 佻旌鰐囘 孕淮不 料嘖厦碧 奏追堊 + 通 佻蒙斛彖堙妄 侑 佻溶殄 鍔嬌 佻姪: + alwaysaudit — 椀凖津妄摂電 料堆 嗜泰塢, 墨塹燮 掴網隣 徨吐珍 佻鍔賭覗墮嗔 - 奏追壞 通 珍領惑 佻蒙斛彖堙妄, 徭碗賄 - 佻姪 - neveraudit, 墨塹厦 椀凖津妄都 + 奏追壞 通 珍領惑 佻蒙斛彖堙妄, + neveraudit — 佚凖淺嗅兩歸 料堆 嗜泰塢, 墨塹燮 良墨把 療 掴網隣 佻鍔賭覗墮嗔 奏追壞 通 佻蒙斛彖堙妄. - 酩崚嗅田媽殄 侑浜賭 audit_user - 侑從追 奏追 徨堵 嗜泰塢 徃歪 喇嘖斗 忸範珍 冨 - 喇嘖斗 通 佻蒙斛彖堙妄 root, - 堊勃 侑從追 奏追 徨堵 嗜泰塢, 嘛凉僧隣 嗜敖僧錨 - 徳別 孑佚枸挈 忸佻摸杜錨 墨輿猟 通 佻蒙斛彖堙妄 - www. 靤 瓶佻蒙斛彖良 - 忸枦侑夫田杜隣 侑浜賭詫 徳別 audit_control, - 攸佗嗹 loroot - 况妄都嗔 棉枸妬, 牧詫 塹馬, 嗜泰塢 徃歪 喇嘖斗 忸範珍 + 酩崚嗅田媽殄 侑浜賭 料嘖卅夫租 奏追 徨堵 嗜泰塢 + 徃歪 喇嘖斗, 忸範珍 冨 喇嘖斗, 堊勃 奏追 徨堵 + 孑佚枸挌 忸佻摸杜品 墨輿猟 通 佻蒙斛彖堙妄 + root, + 堊勃 — 奏追 徨堵 嗜泰塢, 嘛凉僧隣 嗜敖僧錨 + 徳別 孑佚枸挈 忸佻摸杜錨 墨輿猟 佻蒙斛彖堙姪 + www. + 料嘖厦碧鼠 佻 嬪鰐涸良 audit_control + 攸佗嗹 lo 通 + root + 况妄都嗔 冨泰塹淮亙, 牧詫 塹馬, 嗜泰塢 徃歪 喇嘖斗 忸範珍 冨 喇嘖斗 怠蔦 佻鍔賭覗墮嗔 奏追壞 通 佻蒙斛彖堙妄 www. root:lo,+ex:no www:fc,+ex:no - - 當揺良嘖夘厦彖良 佻柘瓶堙踊 奏追堊 + 鯀堆堊 嶮厠遡鼠 奏追堊 + + 阻 冒 嶮厠遡 奏追堊 頒僧不嗔 舵料厠詫 届厖壮 + BSM, 塹 通 吐 冨妖療良 斌 佚凖從珍 + 堙睦塹忸 届厖壮 侑田腕堊很兩墫 徨墟賄領拇 孕斌不. 塢棉堊 + praudit 侑渡岱惣嫖 嶮厠遡 奏追堊 堙睦塹忸 + 届厖壮. 塢棉堊 auditreduce 侑浜杜囘墫 通 + 読蒙墟礎鰭 嶮厠遡慘挌 攸佗單 壇蒙 僧遡冨, 倉班徂厦彖良 + 斌 卅嗤党壮防. 靉嗅田倫 孕斌不 佻陳賭嵒彖都 卅變蕨岱惣錨 + 仭卅妖墟, 佻旌鰐兩殄 忸舵卅墮 攸佗喇 佻 塢侖 嗜泰塢, 佻 + 北喪嗾 嗜泰塢, 佻 佻蒙斛彖堙明, 佻 珍堙 斌 徠斗杜 嗜泰塢, + 佻 侖塢 徳別 斌 佻 和濺穆, 料 墨塹燮 侑鷲旌歪斌腕 + 津篇墸錨. - - 靤腕溶墟 嶮厠遡 奏追堊 - *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Wed Apr 16 17:21:04 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DFA375B5; Wed, 16 Apr 2014 17:21:04 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CA392192A; Wed, 16 Apr 2014 17:21:04 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3GHL403033354; Wed, 16 Apr 2014 17:21:04 GMT (envelope-from taras@svn.freebsd.org) Received: (from taras@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3GHL4i0033353; Wed, 16 Apr 2014 17:21:04 GMT (envelope-from taras@svn.freebsd.org) Message-Id: <201404161721.s3GHL4i0033353@svn.freebsd.org> From: Taras Korenko Date: Wed, 16 Apr 2014 17:21:04 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44581 - head/ru_RU.KOI8-R/books/handbook/audit X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Wed, 16 Apr 2014 18:01:43 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2014 17:21:05 -0000 Author: taras Date: Wed Apr 16 17:21:04 2014 New Revision: 44581 URL: http://svnweb.freebsd.org/changeset/doc/44581 Log: + whitespace cleanup after previous two commits. Modified: head/ru_RU.KOI8-R/books/handbook/audit/chapter.xml Modified: head/ru_RU.KOI8-R/books/handbook/audit/chapter.xml ============================================================================== --- head/ru_RU.KOI8-R/books/handbook/audit/chapter.xml Wed Apr 16 17:18:22 2014 (r44580) +++ head/ru_RU.KOI8-R/books/handbook/audit/chapter.xml Wed Apr 16 17:21:04 2014 (r44581) @@ -16,7 +16,9 @@ requirements. --> - 疸追 嗜泰塢 妥斛仭嗄腕塢 + + 疸追 嗜泰塢 妥斛仭嗄腕塢 + @@ -25,6 +27,7 @@ requirements. --> 疱塹 + Robert @@ -36,40 +39,41 @@ requirements. --> 誨壮防 和斛 + AUDIT 疸追 嗜泰塢 妥斛仭嗄腕塢 MAC + 鑰賭礎貧領叢 喇嘖斗 &os; 徊明涸都 單耐 佻陳賭嵋 奏追堊 嗜泰塢 妥斛仭嗄腕塢. 疸追 佻旌鰐囘 忸佻摸冱 料津嵶賄, - 津堊蒙力 派陀 料嘖卅夫租溶 侑塹墨棉厦彖良 - 卅斂扶隣 嗜泰塢, 嘛凉僧隣 妥斛仭嗄腕墮, - 徊明涸 徃歪 喇嘖斗, 冨妖療良 墨瞭蒜孀礎鰭, 掴嘖孃 - 徳別鼠 單塢. 塢 攸佗喇 溶杯 泰墮 療攸妖良踊 通 - 溶良塹夘稜 噸遼檀藁敏媽歸 喇嘖斗, 和料簒崚良 徭碗崚良 - 通 僧遡冨 嗜泰塢, 侑夫田柯 牧組 喇嘖斗. - &os; 凖遡冨彖 椀嫗棉墨彖領拱 &sun; 瀕堙卞妬 侑彬盟栂惑 - 侑惑卅様敏彖良 (Application Programming Interface, - API), 料旛彖斗拱 Basic Security Module - (BSM), 届厖壮 徳別, 墨塹燮 嗜徑途塢 - 凖遡冨礎頻揺 奏追堊 &solaris; &macos; X. + 津堊蒙力 派陀 料嘖卅夫租溶 侑塹墨棉厦彖良 卅斂扶隣 + 嗜泰塢, 嘛凉僧隣 妥斛仭嗄腕墮, 徊明涸 徃歪 喇嘖斗, + 冨妖療良 墨瞭蒜孀礎鰭, 掴嘖孃 徳別鼠 單塢. 塢 攸佗喇 + 溶杯 泰墮 療攸妖良踊 通 溶良塹夘稜 噸遼檀藁敏媽歸 喇嘖斗, + 和料簒崚良 徭碗崚良 通 僧遡冨 嗜泰塢, 侑夫田柯 牧組 + 喇嘖斗. &os; 凖遡冨彖 椀嫗棉墨彖領拱 &sun; 瀕堙卞妬 + 侑彬盟栂惑 侑惑卅様敏彖良 (Application Programming + Interface, API), 料旛彖斗拱 Basic Security + Module (BSM), 届厖壮 徳別, 墨塹燮 + 嗜徑途塢 凖遡冨礎頻揺 奏追堊 &solaris; &macos; X. 榑亙 婆宋 椀瓶掀租墫 侑話途 孑堊力徊 墨瞭蒜孀敏彖良 喇嘖斗 奏追堊. 塹 淺嗅, 侑夫歪不嗔 - 卅昊决療良 佻棉塢 奏追堊, 堊勃 珍脊嗔 侑浜賭 墨瞭蒜孀礎貧領挌 - 徳別. + 卅昊决療良 佻棉塢 奏追堊, 堊勃 珍脊嗔 侑浜賭 + 墨瞭蒜孀礎貧領挌 徳別. 靉嗅 侑湟杜頻 榑亙 婆宋 忸 怠津堙 變壮: + 塹 堊墨 喇嘖斗 奏追堊 冒 藁 卅堆堊都. - 訌 料嘖厦不 奏追 從 &os; 通 溶良塹夘稜 - 佻蒙斛彖堙姪 侑話途嗜. + 佻蒙斛彖堙姪 侑話途嗜. @@ -93,28 +97,29 @@ requirements. --> 靉良輿墮 腕力徇拇 侑瀕檀俎 妥斛仭嗄腕塢 侑浜杜杜鰭 - 椀賭礎貧領亙 喇嘖斗 &os; (). + 椀賭礎貧領亙 喇嘖斗 &os; (). - 鯏遡冨礎頻 奏追堊 浜電 冨彭嘖隣 惑卅良淌良. - 酖 徨 嗜泰塢 料嘖湾殄 溶妖淋 侑塹墨棉簒斗拇. - 阻崚, 療墨塹燮 妖帆良斃 徃歪 喇嘖斗, 堊防 冒 - 亘藁隣 妖療綴賭 X11 斌 - 津溶隣 嘖碗藁良 侑鷲旌歪不徒妬, 療 料嘖卅夫狙 奏追 - 佻蒙斛彖堙蒙嗚蛭 單嗷品 掴網隣 和卅斛. + 鯏遡冨礎頻 奏追堊 浜電 冨彭嘖隣 惑卅良淌良. 酖 徨 + 嗜泰塢 料嘖湾殄 溶妖淋 侑塹墨棉簒斗拇. 阻崚, 療墨塹燮 + 妖帆良斃 徃歪 喇嘖斗, 堊防 冒 亘藁隣 妖療綴賭 + X11 斌 津溶隣 嘖碗藁良 + 侑鷲旌歪不徒妬, 療 料嘖卅夫狙 奏追 佻蒙斛彖堙蒙嗚蛭 單嗷品 + 掴網隣 和卅斛. 蚌佻蒙斛彖良 喇嘖斗 奏追堊 溶崚 侑夫途塢 播療夘厦彖良 冨和斌媽殄 佻漬和力嘖冤 嶮厠遡慘挌 徳別. 虍 卅斃賭 料 攸拝孛杜隣 單叟賭組 療墨塹燮 墨瞭蒜孀礎頻 - 溶崚 侑砺掏壮 療嗚鰐慄 派覗汰編 療津明. - 當揺良嘖卅塹燮 掴網隣 侑瀕浜壮 從 徇浜僧錨 墟殿彖良 - 追嗚從葉 侑腕墟僧嘖徼 通 料拝孛杜隣 墨瞭蒜孀礎品 喇嘖斗 - 奏追堊. 鄙侑浜賭, 崚盟堙蒙力 忸津棉墮 堋徒慘拱 卅敖徒 通 - 徳別從 喇嘖斗 奏追堊 /var/audit, - 湟和 攸佻摸杜錨 卅敖徒 奏追堊 療 很頻模 料 - 漬嫻錨 徳別忸 喇嘖斗. + 溶崚 侑砺掏壮 療嗚鰐慄 派覗汰編 療津明. 當揺良嘖卅塹燮 + 掴網隣 侑瀕浜壮 從 徇浜僧錨 墟殿彖良 追嗚從葉 + 侑腕墟僧嘖徼 通 料拝孛杜隣 墨瞭蒜孀礎品 喇嘖斗 奏追堊. + 鄙侑浜賭, 崚盟堙蒙力 忸津棉墮 堋徒慘拱 卅敖徒 通 徳別從 + 喇嘖斗 奏追堊 /var/audit, 湟和 + 攸佻摸杜錨 卅敖徒 奏追堊 療 很頻模 料 漬嫻錨 徳別忸 + 喇嘖斗. @@ -129,46 +134,43 @@ requirements. --> 嗜泰塢 (event): 嗜泰塢, 墨塹厦 溶崚 泰墮 攸療單力 嶮厠遡. 靤浜賭鼠 嗜泰塢, 堽腕處蛭嗔 妥斛仭嗄腕塢 喇嘖斗, 况妄脊嗔: 嗜敖僧錨 - 徳別, 瀕秒描棉攸檀 單堙從馬 - 嗜田瀕杜頻, 徃歪 佻蒙斛彖堙妄 喇嘖斗. 麩泰塢 - 卅敖徒兩墫 料 侑賓瓶掀租踊 (attributable) - - 堙, 墨塹燮 溶杯 泰墮 堽途杜 墨遼凖堽詫 佻蒙斛彖堙明 - - 療侑賓瓶掀租踊 (non-attributable). - 靤浜賭 - 療侑賓瓶掀租溶馬 嗜泰塢 — 明堆 嗜泰塢, 侑鷲斛枦壷電 掴 - 奏堙淋鋲彬礎鰭 佻蒙斛彖堙妄, 料侑浜賭, 療彭厠 - 料岱僧隣 仭厦蒙. + 徳別, 瀕秒描棉攸檀 單堙從馬 嗜田瀕杜頻, 徃歪 佻蒙斛彖堙妄 + 喇嘖斗. 麩泰塢 卅敖徒兩墫 料 + 侑賓瓶掀租踊 (attributable) - 堙, 墨塹燮 + 溶杯 泰墮 堽途杜 墨遼凖堽詫 佻蒙斛彖堙明 - + 療侑賓瓶掀租踊 (non-attributable). 靤浜賭 + 療侑賓瓶掀租溶馬 嗜泰塢 — 明堆 嗜泰塢, + 侑鷲斛枦壷電 掴 奏堙淋鋲彬礎鰭 佻蒙斛彖堙妄, 料侑浜賭, + 療彭厠 料岱僧隣 仭厦蒙. 北喪 (class): 浜杜彖領拇 料堆燮 - 歪力塢侘挌 嗜泰塢, 墨塹燮 瓶佻蒙旁脊嗔 - 忸卅崚良冏 忸堆卅. 喪塹 瓶佻蒙旁斗拇 北喪噎 嗜泰塢 - 徊明涸脊 嗜敖僧錨 徳別 (fc), - 忸佻摸杜錨 徳別 (ex) - 嗜泰塢 徃歪 喇嘖斗 忸範珍 冨 療 (lo). + 歪力塢侘挌 嗜泰塢, 墨塹燮 瓶佻蒙旁脊嗔 忸卅崚良冏 + 忸堆卅. 喪塹 瓶佻蒙旁斗拇 北喪噎 嗜泰塢 徊明涸脊 + 嗜敖僧錨 徳別 (fc), 忸佻摸杜錨 + 徳別 (ex) 嗜泰塢 徃歪 喇嘖斗 + 忸範珍 冨 療 (lo). 攸佗嗹 (record): 田瀕扶料 攸佗嗹 - 嶮厠遡, 椀瓶掀狙歔 塹 斌 瀕賄 - 嗜泰塢. 双瓶 嗜津雙壮 瀕届厖礎廟 塢佚 嗜泰塢, - 瀕届厖礎廟 嗾貸屠堙 嗜泰塢 (佻蒙斛彖堙姪), 墨塹燮 - 忸佻摸斌 療墨塹厦 津篇墸錨, 珍壞 徠斗 嗜泰塢, - 瀕届厖礎廟 和 和濺穆組 倉杯妖淋組 嗜泰塢, - 堊勃 瀕届厖礎廟 和 孑佚枸腕塢 斌 療孑佚枸腕塢 忸佻摸杜頻 - 椀賭礎鰭. + 嶮厠遡, 椀瓶掀狙歔 塹 斌 瀕賄 嗜泰塢. 双瓶 + 嗜津雙壮 瀕届厖礎廟 塢佚 嗜泰塢, 瀕届厖礎廟 嗾貸屠堙 + 嗜泰塢 (佻蒙斛彖堙姪), 墨塹燮 忸佻摸斌 療墨塹厦 津篇墸錨, + 珍壞 徠斗 嗜泰塢, 瀕届厖礎廟 和 和濺穆組 倉杯妖淋組 + 嗜泰塢, 堊勃 瀕届厖礎廟 和 孑佚枸腕塢 斌 療孑佚枸腕塢 + 忸佻摸杜頻 椀賭礎鰭. - 嶮厠遡 (trail): 徳別, - 嗜津雙掃品 佻嗅田彖堙蒙力嘖 攸佗單 奏追堊, 椀瓶掀狙殄 - 嗜泰塢 妥斛仭嗄腕塢 (security events). - 孀料 嗜津雙不 攸佗喇 碗錨淋敏從淮 - 頒藁鰐惑扶途墨 佻厮痛 佻 徠斗杜 攸彭叨杜頻 - 嗜泰塢. 鰐慄 宋塹夘斛彖領拇 侑話途噎 溶杯 + 嶮厠遡 (trail): 徳別, 嗜津雙掃品 + 佻嗅田彖堙蒙力嘖 攸佗單 奏追堊, 椀瓶掀狙殄 嗜泰塢 + 妥斛仭嗄腕塢 (security events). 孀料 嗜津雙不 攸佗喇 + 碗錨淋敏從淮 頒藁鰐惑扶途墨 佻厮痛 佻 徠斗杜 + 攸彭叨杜頻 嗜泰塢. 鰐慄 宋塹夘斛彖領拇 侑話途噎 溶杯 掴汰很冱 攸佗喇 嶮厠遡. - + 忸卅崚良 忸堆卅 (selection @@ -177,26 +179,27 @@ requirements. --> - 侑田彖夘堙蒙隣 忸堆 (preselection): - 侑話途, 佻溶毆 墨塹厦馬 喇嘖斗 椀凖津妄都, 冒防 嗜泰塢 浜点 - 彖嵶腕墮 通 祖揺良嘖卅塹卅. + 侑田彖夘堙蒙隣 忸堆 + (preselection): 侑話途, 佻溶毆 墨塹厦馬 喇嘖斗 + 椀凖津妄都, 冒防 嗜泰塢 浜点 彖嵶腕墮 通 祖揺良嘖卅塹卅. 靤田彖夘堙蒙隣 忸堆 瓶佻蒙旁都 厮 忸卅崚良 忸堆卅, - 攸珍摂蛭 冒防 浜杜力 北喪噎 嗜泰塢 通 - 冒墨馬 佻蒙斛彖堙妄 療和範追溶 徇腕不 嶮厠遡, 堊勃 — + 攸珍摂蛭 冒防 浜杜力 北喪噎 嗜泰塢 通 冒墨馬 + 佻蒙斛彖堙妄 療和範追溶 徇腕不 嶮厠遡, 堊勃 — 婆和遡慘拇 料嘖厦碧, 墨塹燮 怠蔦 侑浜杜冱慯 冒 通 宋塹夘斛彖領挌, 堊 通 療宋塹夘斛彖領挌 侑話途嗜. - 読蒙墟礎頻 (reduction): - 侑話途, 凖旁蒙堊堙 墨塹厦馬 攸佗喇 冨 嗾歸嘖徼摂吐 嶮厠遡 - 忸津妄脊嗔 通 頒僧杜頻, 卅嗤党壮防 斌 僧遡冨. 阻崚, 榑 - 侑話途, 凖旁蒙堊堙 墨塹厦馬 療崚盟堙蒙隣 攸佗喇 嫩遡兩墫 - 冨 嶮厠遡 奏追堊. 蚌佻蒙旁 読蒙墟礎廟, 祖揺良嘖卅塹燮 溶杯 - 凖遡冨忸彖墮 卅斂扶隣 佻棉塢防 頒僧杜頻 珍領挌 奏追堊. - 鄙侑浜賭, 津堊棉敝厦彖領拱 嶮厠遡 溶崚 頒僧不慯 妖嗔, 力 - 佻嗅 榑惑 藁 溶崚 泰墮 嗜牧掃杜 湟和 頒僧不 塹蒙墨 - 瀕届厖礎廟 徃歪 喇嘖斗 忸範津 冨 療. + 読蒙墟礎頻 (reduction): 侑話途, + 凖旁蒙堊堙 墨塹厦馬 攸佗喇 冨 嗾歸嘖徼摂吐 嶮厠遡 + 忸津妄脊嗔 通 頒僧杜頻, 卅嗤党壮防 斌 僧遡冨. 阻崚, + 榑 侑話途, 凖旁蒙堊堙 墨塹厦馬 療崚盟堙蒙隣 攸佗喇 + 嫩遡兩墫 冨 嶮厠遡 奏追堊. 蚌佻蒙旁 読蒙墟礎廟, + 祖揺良嘖卅塹燮 溶杯 凖遡冨忸彖墮 卅斂扶隣 佻棉塢防 + 頒僧杜頻 珍領挌 奏追堊. 鄙侑浜賭, 津堊棉敝厦彖領拱 嶮厠遡 + 溶崚 頒僧不慯 妖嗔, 力 佻嗅 榑惑 藁 溶崚 泰墮 + 嗜牧掃杜 湟和 頒僧不 塹蒙墨 瀕届厖礎廟 徃歪 喇嘖斗 + 忸範津 冨 療. @@ -228,10 +231,9 @@ requirements. --> 捍爽杜頻 忸堆卅 瓶佻蒙旁脊嗔 療嗚鰐慄蛭 妖嘖組 墨瞭蒜孀礎鰭 通 埖碗 嗜泰塢, 佻通砥掃蛭 奏追壞. 捍爽杜頻 嗜津雙壮 佚凖淌輪 北喪嗜 嗜泰塢, 墨塹燮 - 嘔宋良彖都嗔 侑鷲營田枦 嗜泰塢. 捍爽杜頻 - 忸堆卅 卅嗷輿墟夫狙墫 嗅砺 料侑宋, 鍔 忸卅崚良 - 和濺追倫脊嗔 掴汰很杜錨 佚叟惑 忸卅崚良 墨 - 徭碗詫. + 嘔宋良彖都嗔 侑鷲營田枦 嗜泰塢. 捍爽杜頻 忸堆卅 + 卅嗷輿墟夫狙墫 嗅砺 料侑宋, 鍔 忸卅崚良 和濺追倫脊嗔 + 掴汰很杜錨 佚叟惑 忸卅崚良 墨 徭碗詫. 佚凖淺嗅囘 浜点殄途 佻 嬪鰐涸良 攸佗喇: @@ -399,10 +401,9 @@ requirements. --> audit_event. 訌崢拱 北喪 奏追堊 溶嵶 嗚詫舵良厦彖墮 侑兎彬嗜, - 佻冒旛彖摂浜, - 冒防 椀賭礎鰭 怠蔦 孺不掀壮慯 — 嫩挿隣 斌 療嫩挿隣, - 堊勃 塹, 徊明涸都 棉 珍領叢 攸佗嗹 奏追 通 珍領惑 - 北喪啻 塢仭, 棉堆 塰明涸都 吐. 和和歔都 掴嘖孃隣 侑兎彬噎: @@ -452,9 +453,9 @@ requirements. --> 縒棉 侑兎彬 療 嬲惣僧, 塹 奏追壞 佻通砥壮 冒 孑佚枸拇, 堊 療孑佚枸拇 嗜泰塢. - 麑田媽殄 侑浜賭 忸舵卅都 孑佚枸拇 療孑佚枸拇 嗜泰塢 徃歪 - 喇嘖斗 忸範珍 冨 療, 塹蒙墨 孑佚枸拇 嗜泰塢 忸佻摸杜頻 - 侑斌崚良: + 麑田媽殄 侑浜賭 忸舵卅都 孑佚枸拇 療孑佚枸拇 嗜泰塢 + 徃歪 喇嘖斗 忸範珍 冨 療, 塹蒙墨 孑佚枸拇 嗜泰塢 + 忸佻摸杜頻 侑斌崚良: lo,+ex @@ -474,9 +475,9 @@ requirements. --> audit_control: 墨淋厦面敏嫖 療墨塹燮 喪佚穆 喇嘖斗 奏追堊, 堊防 冒 北喪噎 佻 - 嬪鰐涸良, 揺良輿蒙力 追嗚從 - 侑腕墟僧嘖從, 墨塹厦 掴網力 腕堊彖墮嗔 料 卅敖徒 嶮厠遡 - 奏追堊, 輿睦浜遡慘拱 卅斃賭 嶮厠遡 奏追堊. + 嬪鰐涸良, 揺良輿蒙力 追嗚從 侑腕墟僧嘖從, 墨塹厦 + 掴網力 腕堊彖墮嗔 料 卅敖徒 嶮厠遡 奏追堊, 輿睦浜遡慘拱 + 卅斃賭 嶮厠遡 奏追堊. @@ -495,10 +496,11 @@ requirements. --> audit_warn: 料嘖卅夫租踊 嗚夘來 - 墨輿猟力馬 瀕堙厥凖堊塹卅, 墨塹燮 忸旛彖都嗔 &man.auditd.8; - 通 播療卅檀 侑田孃凖崢杜品 瓶北折不徒慘挌 喇壞礎頻, - 堊防 冒 瓶淌厥僧錨 追嗚從馬 侑腕墟僧嘖彖 攸佗嗔揺 奏追堊 - 斌 侑 厦堊檀 嶮厠遡 奏追堊. + 墨輿猟力馬 瀕堙厥凖堊塹卅, 墨塹燮 忸旛彖都嗔 + &man.auditd.8; 通 播療卅檀 侑田孃凖崢杜品 + 瓶北折不徒慘挌 喇壞礎頻, 堊防 冒 瓶淌厥僧錨 追嗚從馬 + 侑腕墟僧嘖彖 攸佗嗔揺 奏追堊 斌 侑 厦堊檀 嶮厠遡 + 奏追堊. @@ -531,16 +533,15 @@ policy:cnt,argv filesz:2M expire-after:10M - 双瓶 瓶佻蒙旁都嗔 通 - 孑堊力徊 歪力馬 斌 堆姪 冒堊模馬, - 墨塹燮 怠津 嗜頒僧冱慯 嶮厠遡 喇嘖斗 奏追堊. 縒棉 - 嬲惣僧 堆姪 淌 歪瀕 冒堊模, 塹 嬲惣僧隣 冒堊模派 - 怠蔦 瓶佻蒙斛彖墮嗔 佻 淌凖追, 佻 妖凖 攸佻摸杜頻. 訌 - 侑宋斌, 喇嘖斗 奏追堊 料嘖卅夫租墫 料 頒僧杜錨 - 嶮厠遡 奏追堊 料 堋徒慘詫 卅敖徒, 湟和 - 侑田墸卅塢墮 忱蘇洋賄 很頻良 佻柘瓶堙踊 奏追堊 腕堊蒙隣 - 佻柘瓶堙 嗅孺租 瓶淌厥僧頻 嘛和歪力馬 妖嘖 料 - 卅敖徒. + 双瓶 瓶佻蒙旁都嗔 通 孑堊力徊 + 歪力馬 斌 堆姪 冒堊模馬, 墨塹燮 怠津 嗜頒僧冱慯 + 嶮厠遡 喇嘖斗 奏追堊. 縒棉 嬲惣僧 堆姪 淌 歪瀕 冒堊模, + 塹 嬲惣僧隣 冒堊模派 怠蔦 瓶佻蒙斛彖墮嗔 佻 淌凖追, 佻 + 妖凖 攸佻摸杜頻. 訌 侑宋斌, 喇嘖斗 奏追堊 料嘖卅夫租墫 + 料 頒僧杜錨 嶮厠遡 奏追堊 料 堋徒慘詫 卅敖徒, 湟和 + 侑田墸卅塢墮 忱蘇洋賄 很頻良 佻柘瓶堙踊 奏追堊 + 腕堊蒙隣 佻柘瓶堙 嗅孺租 瓶淌厥僧頻 嘛和歪力馬 + 妖嘖 料 卅敖徒. 縒棉 椀檀 浜電 變挿杜錨 onyes, 塹 通 @@ -548,8 +549,8 @@ expire-after:10M 嗜頒僧囘踊 /var/audit/dist. 双瓶 瓶佻蒙旁都嗔 通 - 孑堊力徊 婆和遡慘亙 輿嗚 侑田彖夘堙蒙力馬 忸堆卅 - 通 侑賓瓶掀租踊 嗜泰塢. 侑浜賭 忸枦 奏追壞 怠蔦 + 孑堊力徊 婆和遡慘亙 輿嗚 侑田彖夘堙蒙力馬 忸堆卅 通 + 侑賓瓶掀租踊 嗜泰塢. 侑浜賭 忸枦 奏追壞 怠蔦 佻鍔賭覗墮嗔 冒 孑佚枸拇, 堊 療嫩挿隣 佻俎塰 徃歪 喇嘖斗 忸範珍 冨 療, 堊勃 — 奏堙淋鋲彬礎頻 宋塹夘攸檀 通 徨堵 佻蒙斛彖堙姪. @@ -564,24 +565,21 @@ expire-after:10M 徃歪 喇嘖斗 喇嘖斗隣 津溶力. 双瓶 椀凖津妄都 卅敖徒囘踊 - 攸佰壅揺 嗤瓶亘 - 凸素 佻棉塢防, 椀凖津妄摂妬 卅斂扶隣 喪佚穆 佻彭津良 - 奏追堊. - 飜素 cnt 嬲惣掀租, 湟 - 喇嘖斗 掴網料 侑歪鰐崛墮 卅堆堊墮, 療嗟墟 料 柯陀 - 奏追堊 (珍領拱 凸素 料嘖湾堙蒙力 凖墨妖猟嫖墫). - 塹厦 凸素, argv, - 攸嘖宋妄都 佻鍔賭覗墮 奏追壞 倉杯妖淋 墨輿猟力 - 嘖厦防 侑 忸斛彭 喇嘖斗力馬 忸斛彖 &man.execve.2;. + 攸佰壅揺 嗤瓶亘 凸素 佻棉塢防, 椀凖津妄摂妬 卅斂扶隣 + 喪佚穆 佻彭津良 奏追堊. 飜素 cnt + 嬲惣掀租, 湟 喇嘖斗 掴網料 侑歪鰐崛墮 卅堆堊墮, 療嗟墟 + 料 柯陀 奏追堊 (珍領拱 凸素 料嘖湾堙蒙力 凖墨妖猟嫖墫). + 塹厦 凸素, argv, 攸嘖宋妄都 佻鍔賭覗墮 + 奏追壞 倉杯妖淋 墨輿猟力 嘖厦防 侑 忸斛彭 喇嘖斗力馬 + 忸斛彖 &man.execve.2;. 双瓶 椀凖津妄都 輿睦浜遡慘拱 卅斃賭 嶮厠遡 嗜泰塢 奏追堊, 佻 掴嘖埠杜鰭 墨塹厦馬 - 嶮厠遡 怠津 宋塹輿塢淌嗚 - 攸墨涙杜 佻鍔賭芭孕 厦堊檀. 料淌良 0 - 攸侑倒租 宋塹輿塢淌嗚媽 厦堊檀 模馬. 縒棉 嬲惣僧隣 - 卅斃賭 良崚 揺良輿蒙力馬 變挿杜頻 - 512, 塹 藁 怠津 侑鷲芭碗敏彖, 怠津 喃杜賭敏彖力 - 侑田孃凖崢狙歸 嗜和歸良 模覗. + 嶮厠遡 怠津 宋塹輿塢淌嗚 攸墨涙杜 佻鍔賭芭孕 厦堊檀. + 料淌良 0 攸侑倒租 宋塹輿塢淌嗚媽 + 厦堊檀 模馬. 縒棉 嬲惣僧隣 卅斃賭 良崚 揺良輿蒙力馬 + 變挿杜頻 512, 塹 藁 怠津 侑鷲芭碗敏彖, 怠津 + 喃杜賭敏彖力 侑田孃凖崢狙歸 嗜和歸良 模覗. 靉姪 椀凖津妄都 溶妖淋 徠斗杜, 侑 掴嘖埠杜鰭 墨塹厦馬 嶮厠遡慘拇 徳別 嘲不狙墫 @@ -592,30 +590,28 @@ expire-after:10M 譱別 <filename>audit_user</filename> 當揺良嘖卅塹 溶崚 椀凖津棉墮 掴佻摸不徒慘拇 - 墟殿彖良 奏追壞 通 墨遼凖堽挌 佻蒙斛彖堙姪 - 徳別 audit_user. - 訌崢叢 嘖厦冒 佻旌鰐囘 孕淮不 料嘖厦碧 奏追堊 - 通 佻蒙斛彖堙妄 侑 佻溶殄 鍔嬌 佻姪: - alwaysaudit — 椀凖津妄摂電 - 料堆 嗜泰塢, 墨塹燮 掴網隣 徨吐珍 佻鍔賭覗墮嗔 - 奏追壞 通 珍領惑 佻蒙斛彖堙妄, - neveraudit — 佚凖淺嗅兩歸 - 料堆 嗜泰塢, 墨塹燮 良墨把 療 掴網隣 佻鍔賭覗墮嗔 - 奏追壞 通 佻蒙斛彖堙妄. + 墟殿彖良 奏追壞 通 墨遼凖堽挌 佻蒙斛彖堙姪 徳別 + audit_user. 訌崢叢 嘖厦冒 佻旌鰐囘 + 孕淮不 料嘖厦碧 奏追堊 通 佻蒙斛彖堙妄 侑 佻溶殄 鍔嬌 + 佻姪: alwaysaudit — 椀凖津妄摂電 + 料堆 嗜泰塢, 墨塹燮 掴網隣 徨吐珍 佻鍔賭覗墮嗔 奏追壞 + 通 珍領惑 佻蒙斛彖堙妄, neveraudit + — 佚凖淺嗅兩歸 料堆 嗜泰塢, 墨塹燮 良墨把 療 + 掴網隣 佻鍔賭覗墮嗔 奏追壞 通 佻蒙斛彖堙妄. 酩崚嗅田媽殄 侑浜賭 料嘖卅夫租 奏追 徨堵 嗜泰塢 徃歪 喇嘖斗, 忸範珍 冨 喇嘖斗, 堊勃 奏追 徨堵 - 孑佚枸挌 忸佻摸杜品 墨輿猟 通 佻蒙斛彖堙妄 - root, - 堊勃 — 奏追 徨堵 嗜泰塢, 嘛凉僧隣 嗜敖僧錨 - 徳別 孑佚枸挈 忸佻摸杜錨 墨輿猟 佻蒙斛彖堙姪 - www. - 料嘖厦碧鼠 佻 嬪鰐涸良 audit_control - 攸佗嗹 lo 通 - root - 况妄都嗔 冨泰塹淮亙, 牧詫 塹馬, 嗜泰塢 徃歪 喇嘖斗 忸範珍 - 冨 喇嘖斗 怠蔦 佻鍔賭覗墮嗔 奏追壞 通 佻蒙斛彖堙妄 - www. + 孑佚枸挌 忸佻摸杜品 墨輿猟 通 佻蒙斛彖堙妄 root, 堊勃 — 奏追 + 徨堵 嗜泰塢, 嘛凉僧隣 嗜敖僧錨 徳別 孑佚枸挈 + 忸佻摸杜錨 墨輿猟 佻蒙斛彖堙姪 www. 料嘖厦碧鼠 佻 + 嬪鰐涸良 audit_control 攸佗嗹 + loroot 况妄都嗔 冨泰塹淮亙, + 牧詫 塹馬, 嗜泰塢 徃歪 喇嘖斗 忸範珍 冨 喇嘖斗 + 怠蔦 佻鍔賭覗墮嗔 奏追壞 通 佻蒙斛彖堙妄 www. root:lo,+ex:no www:fc,+ex:no @@ -625,39 +621,38 @@ www:fc,+ex:no 鯀堆堊 嶮厠遡鼠 奏追堊 - + 阻 冒 嶮厠遡 奏追堊 頒僧不嗔 舵料厠詫 届厖壮 BSM, 塹 通 吐 冨妖療良 斌 佚凖從珍 堙睦塹忸 届厖壮 侑田腕堊很兩墫 徨墟賄領拇 孕斌不. 塢棉堊 - praudit 侑渡岱惣嫖 嶮厠遡 奏追堊 堙睦塹忸 - 届厖壮. 塢棉堊 auditreduce 侑浜杜囘墫 通 - 読蒙墟礎鰭 嶮厠遡慘挌 攸佗單 壇蒙 僧遡冨, 倉班徂厦彖良 - 斌 卅嗤党壮防. 靉嗅田倫 孕斌不 佻陳賭嵒彖都 卅變蕨岱惣錨 - 仭卅妖墟, 佻旌鰐兩殄 忸舵卅墮 攸佗喇 佻 塢侖 嗜泰塢, 佻 - 北喪嗾 嗜泰塢, 佻 佻蒙斛彖堙明, 佻 珍堙 斌 徠斗杜 嗜泰塢, - 佻 侖塢 徳別 斌 佻 和濺穆, 料 墨塹燮 侑鷲旌歪斌腕 - 津篇墸錨. - - 鄙侑浜賭, 通 塹岱爽杜頻 徨吐 嗜津雙浜惑 嶮厠遡 奏追堊 - 堙睦塹從 届厖壮 忸佻摸不: - - &prompt.root; praudit /var/audit/AUDITFILE - - 珍領詫 侑浜賭 AUDITFILE - — 嶮厠遡, - 墨塹燮 怠津 忸彭津 堙睦塹從 届厖壮. - - 孀料 奏追堊 嗜嘖鷲 冨 單夘 攸佗單, 墨塹燮, 嘛論 - 淌凖椿 嗜嘖湾 冨 槎斗杜塹, 墨塹燮 墨輿猟 - praudit - 忸從追 佻嗅田彖堙蒙力 - 佻 歪力葉 料 嘖厦釦. 訌崢拱 槎斗杜 - 浜電 椀凖津姪領拱 塢, 料侑浜賭 - header (嗜津雙不 攸馬模從 攸佗喇) 斌 - path (佻摸拱 侖墮 徳別). - 麑田媽殄 侑浜賭 佻冒旛彖都 攸佗嗹 通 嗜泰塢 - execve: + praudit 侑渡岱惣嫖 嶮厠遡 奏追堊 + 堙睦塹忸 届厖壮. 塢棉堊 auditreduce + 侑浜杜囘墫 通 読蒙墟礎鰭 嶮厠遡慘挌 攸佗單 壇蒙 僧遡冨, + 倉班徂厦彖良 斌 卅嗤党壮防. 靉嗅田倫 孕斌不 佻陳賭嵒彖都 + 卅變蕨岱惣錨 仭卅妖墟, 佻旌鰐兩殄 忸舵卅墮 攸佗喇 佻 塢侖 + 嗜泰塢, 佻 北喪嗾 嗜泰塢, 佻 佻蒙斛彖堙明, 佻 珍堙 斌 + 徠斗杜 嗜泰塢, 佻 侖塢 徳別 斌 佻 和濺穆, 料 墨塹燮 + 侑鷲旌歪斌腕 津篇墸錨. + + 鄙侑浜賭, 通 塹岱爽杜頻 徨吐 嗜津雙浜惑 嶮厠遡 奏追堊 + 堙睦塹從 届厖壮 忸佻摸不: + + &prompt.root; praudit /var/audit/AUDITFILE + + 珍領詫 侑浜賭 AUDITFILE + — 嶮厠遡, 墨塹燮 怠津 忸彭津 堙睦塹從 + 届厖壮. + + 孀料 奏追堊 嗜嘖鷲 冨 單夘 攸佗單, 墨塹燮, 嘛論 + 淌凖椿 嗜嘖湾 冨 槎斗杜塹, 墨塹燮 墨輿猟 + praudit 忸從追 佻嗅田彖堙蒙力 - 佻 歪力葉 + 料 嘖厦釦. 訌崢拱 槎斗杜 浜電 椀凖津姪領拱 塢, 料侑浜賭 + header (嗜津雙不 攸馬模從 攸佗喇) 斌 + path (佻摸拱 侖墮 徳別). 麑田媽殄 + 侑浜賭 佻冒旛彖都 攸佗嗹 通 嗜泰塢 + execve: - header,133,10,execve(2),0,Mon Sep 25 15:58:03 2006, + 384 msec + header,133,10,execve(2),0,Mon Sep 25 15:58:03 2006, + 384 msec exec arg,finger,doug path,/usr/bin/finger attribute,555,root,wheel,90,24918,104944 @@ -665,77 +660,75 @@ subject,robert,root,wheel,root,wheel,384 return,success,0 trailer,133 - 堊 攸佗嗹 墟爽租 凖旁蒙堊 孑佚枸惑 忸佻摸杜頻 喇嘖斗力馬 - 忸斛彖 execve, 墨塹燮 嘖遡 凖旁蒙堊塹 忸佻摸杜頻 - 墨輿猟 finger doug. 槎斗杜堙 攸佗喇 - exec arg 途墮 - 墨輿猟料 嘖厦冒, 墨塹簒 和鰐淤 佚凖珍盟 冂簒. 姪妖淋 - path 嗜津雙不 侖墮 瓶佻摸囘溶葉 徳別 - 侑田嘖宋姪良 冂卅. 姪妖淋 attribute - 椀瓶掀租 瓶佻摸囘踊 徳別, 堊勃 侑宋 掴嘖孃 徳別. - 姪妖淋 subject 椀瓶掀租 - ID 奏追簒斗惑 佻蒙斛彖堙妄, 瓶佻摸兩殄 (effective) UID GID, - 凖遡慘拇 ID 佻蒙斛彖堙妄 拝孃俎, 苗杜塢読冒塹 侑話途啻, - 苗杜塢読冒塹 單嗷鰭, 佻參 祖凖, 墨塹厦馬 泰 腕斈途墸姪 - 徃歪 喇嘖斗. 鐶卅塢堙 徇浜僧錨: 苗杜塢読冒塹 奏追簒斗惑 - 佻蒙斛彖堙妄 凖遡慘拱 苗杜塢読冒塹 佻蒙斛彖堙妄 毀扶狙墫, - 堊 冒 佻蒙斛彖堙蒙 - robert 佻忸喇 - 侑夫斌吐鰭 掴 佻蒙斛彖堙妄 - root 佚凖 - 忸佻摸杜錨 墨輿猟, 力 喇嘖斗 奏追堊 攸療嗅 吐 津篇墸頻 - 嶮厠遡 瓶佻蒙旁 冨料涸蒙隣 苗杜塢読冒塹. 姪妖淋 - return 椀瓶掀租 孑佚枸賄 - 忸佻摸杜錨 椀賭礎鰭, 槎斗杜 - trailer 攸彭叨租 攸佗嗹. - - 冒攸 倉杯妖淋 溶嵶 佻盲淺墮 - 忸從 届厖壮 XML. - - 靉嗚鰐慄 模派 喇嘖斗 奏追堊 溶杯 浜都 惑厦洋拱 卅斃賭, - 從斃嵶 忸津棉墮 塹蒙墨 涸嘖 攸佗單 侑 佻溶殄 - auditreduce. 嗅田媽歸 侑浜賭 - 冨 AUDITFILE 忸舵卅脊嗔 徨 攸佗喇, - 冒啻摂錨嗔 佻蒙斛彖堙妄 - trhodes: - - &prompt.root; auditreduce -u trhodes /var/audit/AUDITFILE | praudit - - 姪隣 拝孃俎 audit - 浜点 掴嘖孃 料 湟杜錨 嶮厠遡 奏追堊, 料範佃歸葉嗔 - /var/audit. 靉 嬪鰐涸良 榑 拝孃仭 侖嘖, - 塹蒙墨 root - 浜電 良 掴嘖孃. 簗 塹馬, 湟和 珍墮 佻蒙斛彖堙明 - 侑宋 料 湟杜錨 嶮厠遡, 吐 療和範追溶 掴汰徂墮 拝孃侖 - audit. - 靤宋 料 湟杜錨 嶮厠遡 奏追堊 佻旌鰐囘 佻盲淺墮 洋崚嘖從 - 瀕届厖礎鰭 佻彭津良 佻蒙斛彖堙姪 侑話途嗜, 佻榑詫 - 凖墨妖猟嫖墫 津姪派厦彖墮 侑宋 料 湟杜錨 嶮厠遡 奏追堊 - 堆蒙柤 腕塹厦嵶腕墮. - + 堊 攸佗嗹 墟爽租 凖旁蒙堊 孑佚枸惑 忸佻摸杜頻 + 喇嘖斗力馬 忸斛彖 execve, 墨塹燮 嘖遡 + 凖旁蒙堊塹 忸佻摸杜頻 墨輿猟 finger doug. + 槎斗杜堙 攸佗喇 exec arg 途墮 墨輿猟料 + 嘖厦冒, 墨塹簒 和鰐淤 佚凖珍盟 冂簒. 姪妖淋 + path 嗜津雙不 侖墮 瓶佻摸囘溶葉 徳別 + 侑田嘖宋姪良 冂卅. 姪妖淋 attribute + 椀瓶掀租 瓶佻摸囘踊 徳別, 堊勃 侑宋 掴嘖孃 徳別. + 姪妖淋 subject 椀瓶掀租 ID 奏追簒斗惑 + 佻蒙斛彖堙妄, 瓶佻摸兩殄 (effective) UID GID, 凖遡慘拇 ID + 佻蒙斛彖堙妄 拝孃俎, 苗杜塢読冒塹 侑話途啻, 苗杜塢読冒塹 + 單嗷鰭, 佻參 祖凖, 墨塹厦馬 泰 腕斈途墸姪 徃歪 + 喇嘖斗. 鐶卅塢堙 徇浜僧錨: 苗杜塢読冒塹 奏追簒斗惑 + 佻蒙斛彖堙妄 凖遡慘拱 苗杜塢読冒塹 佻蒙斛彖堙妄 毀扶狙墫, + 堊 冒 佻蒙斛彖堙蒙 robert 佻忸喇 侑夫斌吐鰭 掴 + 佻蒙斛彖堙妄 root + 佚凖 忸佻摸杜錨 墨輿猟, 力 喇嘖斗 奏追堊 攸療嗅 吐 + 津篇墸頻 嶮厠遡 瓶佻蒙旁 冨料涸蒙隣 苗杜塢読冒塹. 姪妖淋 + return 椀瓶掀租 孑佚枸賄 忸佻摸杜錨 + 椀賭礎鰭, 槎斗杜 trailer 攸彭叨租 + 攸佗嗹. + + 冒攸 倉杯妖淋 溶嵶 佻盲淺墮 忸從 + 届厖壮 XML. + + 靉嗚鰐慄 模派 喇嘖斗 奏追堊 溶杯 浜都 惑厦洋拱 卅斃賭, + 從斃嵶 忸津棉墮 塹蒙墨 涸嘖 攸佗單 侑 佻溶殄 + auditreduce. 嗅田媽歸 侑浜賭 冨 + AUDITFILE 忸舵卅脊嗔 徨 攸佗喇, + 冒啻摂錨嗔 佻蒙斛彖堙妄 trhodes: + + &prompt.root; auditreduce -u trhodes /var/audit/AUDITFILE | praudit + + 姪隣 拝孃俎 audit 浜点 掴嘖孃 料 湟杜錨 + 嶮厠遡 奏追堊, 料範佃歸葉嗔 /var/audit. + 靉 嬪鰐涸良 榑 拝孃仭 侖嘖, 塹蒙墨 root 浜電 良 掴嘖孃. 簗 + 塹馬, 湟和 珍墮 佻蒙斛彖堙明 侑宋 料 湟杜錨 嶮厠遡, 吐 + 療和範追溶 掴汰徂墮 拝孃侖 audit. 靤宋 料 湟杜錨 嶮厠遡 + 奏追堊 佻旌鰐囘 佻盲淺墮 洋崚嘖從 瀕届厖礎鰭 佻彭津良 + 佻蒙斛彖堙姪 侑話途嗜, 佻榑詫 凖墨妖猟嫖墫 津姪派厦彖墮 + 侑宋 料 湟杜錨 嶮厠遡 奏追堊 堆蒙柤 腕塹厦嵶腕墮. + 輜良塹夘稜 喇嘖斗 凖遡慘詫 徠斗杜 瓶佻蒙斛彖良斗 佻塹墨 奏追堊 靉塹防 喇嘖斗 奏追堊 — 北藁敏媽殄途 佯砺掴孑墟亙嘖彖, 佻旌鰐兩殄 侑斌崚良冤 侑腕輿墟夫壮 - 凖遡慘詫 徠斗杜 佻塹 嗜泰塢 奏追堊. - 佚叟媽 淌凖椿, 榑 掴網力 攸瀕堙凖嗜彖墮 宋塹厦 侑惑卅様 - 椀凖津姪良 徭碗崚良 溶良塹夘稜 喇嘖斗. 斗 療 - 妖療, 通 祖揺良嘖卅塹卅 佻塹 喇嘖斗 奏追堊 侑田腕堊很囘 - 從斃嵶腕墮 碗覗良斛彖墮 料駄青杜錨 攸 喇嘖斗亙, - 冨妥崛 侑和姪 侑宋鼠 掴嘖孃 料 嶮厠遡 奏追堊 斌 - 侑賭掀僧錨 佻塹冒 嗜泰塢 冨-攸 厦堊檀 嶮厠遡. 簗 - 墫姪嵒彖良 佻塹冒 嗜泰塢 奏追堊 凖遡慘詫 徠斗杜, - 忸佻摸不: + 凖遡慘詫 徠斗杜 佻塹 嗜泰塢 奏追堊. 佚叟媽 淌凖椿, + 榑 掴網力 攸瀕堙凖嗜彖墮 宋塹厦 侑惑卅様 椀凖津姪良 + 徭碗崚良 溶良塹夘稜 喇嘖斗. 斗 療 妖療, 通 + 祖揺良嘖卅塹卅 佻塹 喇嘖斗 奏追堊 侑田腕堊很囘 從斃嵶腕墮 + 碗覗良斛彖墮 料駄青杜錨 攸 喇嘖斗亙, 冨妥崛 侑和姪 + 侑宋鼠 掴嘖孃 料 嶮厠遡 奏追堊 斌 侑賭掀僧錨 佻塹冒 + 嗜泰塢 冨-攸 厦堊檀 嶮厠遡. 簗 墫姪嵒彖良 佻塹冒 + 嗜泰塢 奏追堊 凖遡慘詫 徠斗杜, 忸佻摸不: &prompt.root; praudit /dev/auditpipe 靉 嬪鰐涸良, 佻塹防 掴嘖孃隣 塹蒙墨 佻蒙斛彖堙明 root. 塹泰 - 喞徒壮 蛭 掴嘖孃隣揺 淕杜鼠 拝孃俎 - audit, 掴汰忤堙 - 侑宋斌 devfs 徳別 + 喞徒壮 蛭 掴嘖孃隣揺 淕杜鼠 拝孃俎 audit, 掴汰忤堙 侑宋斌 + devfs 徳別 /etc/devfs.rules: add path 'auditpipe*' mode 0440 group audit @@ -752,37 +745,36 @@ trailer,133 praudit 攸侖歸料 從 徠斗 SSH-單嗷鰭, 塹 怠津 喃杜賭敏彖 瀕堙林夫隣 佻塹 嗜和歸良 奏追堊, 堊 冒 冒崢賄 - 佚涸堊斗賄 嗜泰塢 - 忸斛彭 倒 歪力 嗜泰塢. 靉 榑亙 侑扶瀕 凖墨妖猟嫖墫 - 攸侖嗚壮 praudit - 料 孑墟亙嘖彭 佻塹冒 塹蒙墨 冨 單嗷品, 通 墨塹燮 - 療 津堊蒙力馬 奏追堊 忻歪-忸從珍. + 佚涸堊斗賄 嗜泰塢 忸斛彭 倒 歪力 嗜泰塢. 靉 榑亙 + 侑扶瀕 凖墨妖猟嫖墫 攸侖嗚壮 praudit + 料 孑墟亙嘖彭 佻塹冒 塹蒙墨 冨 單嗷品, 通 墨塹燮 療 + 津堊蒙力馬 奏追堊 忻歪-忸從珍. 鯱堊檀 嗽壮錨 嶮厠遡慘挌 徳別 奏追堊 - 孀料 奏追堊 佗枦墫 冂厦 孃卅很囘墫 津溶力 - 奏追堊 &man.auditd.8;. 當揺良嘖卅塹卅 療 嗅田嫖 俎堊墮嗔 - 瓶佻蒙斛彖墮 &man.newsyslog.conf.5; 斌 漬嫻錨 瀕嘖簒妖淋 通 - 侑冤亙 厦堊檀 模馬. 妖嘖 榑惑, 通 侑屠卅歸良 奏追堊, - 凖墨瞭蒜孀礎鰭 厦堊檀 嶮厠遡慘挌 徳別 掴網料 瓶佻蒙斛彖墮嗔 - 墨輿猟 audit. 麑田媽歔 墨輿猟 侑夫田都 - 嗜敖僧廟 力從馬 嶮厠遡慘惑 徳別 珍嘖 嬲惣僧錨 冂簒 佚凖北折不慯 - 料 攸佗嗹 榑 徳別. 靤塹墨棉厦彖良 嘖倉拱 徳別 怠津 - 侑屠卅歸力, - 啻 徳別 — 佚凖浜杜彖, 凖旁蒙堊堙 淌馬 良 溶嵶 怠津 + 孀料 奏追堊 佗枦墫 冂厦 孃卅很囘墫 津溶力 奏追堊 + &man.auditd.8;. 當揺良嘖卅塹卅 療 嗅田嫖 俎堊墮嗔 + 瓶佻蒙斛彖墮 &man.newsyslog.conf.5; 斌 漬嫻錨 瀕嘖簒妖淋 + 通 侑冤亙 厦堊檀 模馬. 妖嘖 榑惑, 通 侑屠卅歸良 + 奏追堊, 凖墨瞭蒜孀礎鰭 厦堊檀 嶮厠遡慘挌 徳別 掴網料 + 瓶佻蒙斛彖墮嗔 墨輿猟 audit. 麑田媽歔 + 墨輿猟 侑夫田都 嗜敖僧廟 力從馬 嶮厠遡慘惑 徳別 珍嘖 + 嬲惣僧錨 冂簒 佚凖北折不慯 料 攸佗嗹 榑 徳別. + 靤塹墨棉厦彖良 嘖倉拱 徳別 怠津 侑屠卅歸力, 啻 徳別 + — 佚凖浜杜彖, 凖旁蒙堊堙 淌馬 良 溶嵶 怠津 卅堆堊墮 祖揺良嘖卅塹簒: &prompt.root; audit -n - 縒棉 &man.auditd.8; 療 攸侖歸, 塹 榑 墨輿猟 - 亘藁淺墫 療嫩挿妬, 怠津 忸彭津力 嗜和歸良 和 柯陀. + 縒棉 &man.auditd.8; 療 攸侖歸, 塹 榑 墨輿猟 亘藁淺墫 + 療嫩挿妬, 怠津 忸彭津力 嗜和歸良 和 柯陀. 簣汰很杜錨 嗅田媽歸 嘖厦防 徳別 - /etc/crontab 侑夫田都 厦堊檀 - 冒崢拇 鍔杜祖蛋墮 涸嗜: + /etc/crontab 侑夫田都 厦堊檀 冒崢拇 + 鍔杜祖蛋墮 涸嗜: 0 */12 * * * root /usr/sbin/audit -n @@ -790,19 +782,21 @@ trailer,133 /etc/crontab. 疱塹輿塢淌嗚叢 厦堊檀 嶮厠遡慘挌 徳別 料 腕力彖良 - 蛭 卅斃賭 從斃嵶 侑 瓶佻蒙斛彖良 椀檀 - 徳別 audit_control, 墨塹卅 椀瓶僧 + 蛭 卅斃賭 從斃嵶 侑 瓶佻蒙斛彖良 椀檀 + 徳別 + audit_control, 墨塹卅 椀瓶僧 . - 靉嗚鰐慄 嶮厠遡慘拇 徳別 溶杯 掴嘖蒜壮 淌輪 堆蒙柯 卅斃賭, - 溶崚 從變彬燐墮 療和範追溶嘖 嗽浜壮 蛭 壇妄 頒僧杜頻 嘔惣 崚 - 佻嗅 攸牧捏頻 蛭 津溶力 奏追堊. 簗 忸佻摸杜頻 - 椀凖津姪領挌 佻蒙斛彖堙姪 津篇墸品, 嗜墸都嘖徼摂蛭 卅變蕨岱惣隣 - 嗜泰塢冤 喇嘖斗 奏追堊, 徊明涸 力厖遡慘賄 攸彭叨杜錨 嶮厠遡 - 奏追堊 侑 蛭 厦堊檀, 溶崚 泰墮 瓶佻蒙斛彖 嗚夘來 - audit_warn. 鄙侑浜賭, 掴汰很杜錨 嗅田媽殄 嘖厦 - 徳別 /etc/security/audit_warn - 侑夫田都 嗽壮廟 徳別 奏追堊 佻嗅 吐 攸牧捏頻: + 靉嗚鰐慄 嶮厠遡慘拇 徳別 溶杯 掴嘖蒜壮 淌輪 堆蒙柯 + 卅斃賭, 溶崚 從變彬燐墮 療和範追溶嘖 嗽浜壮 蛭 壇妄 + 頒僧杜頻 嘔惣 崚 佻嗅 攸牧捏頻 蛭 津溶力 奏追堊. 簗 + 忸佻摸杜頻 椀凖津姪領挌 佻蒙斛彖堙姪 津篇墸品, + 嗜墸都嘖徼摂蛭 卅變蕨岱惣隣 嗜泰塢冤 喇嘖斗 奏追堊, + 徊明涸 力厖遡慘賄 攸彭叨杜錨 嶮厠遡 奏追堊 侑 蛭 厦堊檀, + 溶崚 泰墮 瓶佻蒙斛彖 嗚夘來 audit_warn. + 鄙侑浜賭, 掴汰很杜錨 嗅田媽殄 嘖厦 徳別 + /etc/security/audit_warn 侑夫田都 + 嗽壮廟 徳別 奏追堊 佻嗅 吐 攸牧捏頻: # # Compress audit trail files on close. @@ -812,11 +806,12 @@ if [ "$1" = closefile ]; then fi 靤浜賭鼠 漬嫻蛭 津篇墸品 溶杯 泰墮 墨佗厦彖良 徳別 - 奏追堊 料 壇淋卅棉斛彖領拱 單叟賭, 嫩遡杜錨 嘖倉挌 嶮厠遡慘挌 徳別, - 読蒙墟礎頻 嶮厠遡慘挌 徳別 通 嫩遡杜頻 療燐嵶挌 攸佗單. 麕夘來 - 怠津 攸侖歸 塹蒙墨 侑 墨厰屠堽詫 攸牧捏鰭 嶮厠遡 喇嘖斗亙 - 奏追堊 療 攸侖嘖不嗔 通 嶮厠遡慘挌 徳別, 攸佗嗹 墨塹燮 泰盟 - 侑屠卅歸料 凖旁蒙堊堙 療墨厰屠堽惑 攸彭叨杜頻. + 奏追堊 料 壇淋卅棉斛彖領拱 單叟賭, 嫩遡杜錨 嘖倉挌 嶮厠遡慘挌 + 徳別, 読蒙墟礎頻 嶮厠遡慘挌 徳別 通 嫩遡杜頻 療燐嵶挌 + 攸佗單. 麕夘來 怠津 攸侖歸 塹蒙墨 侑 墨厰屠堽詫 攸牧捏鰭 + 嶮厠遡 喇嘖斗亙 奏追堊 療 攸侖嘖不嗔 通 嶮厠遡慘挌 徳別, + 攸佗嗹 墨塹燮 泰盟 侑屠卅歸料 凖旁蒙堊堙 療墨厰屠堽惑 + 攸彭叨杜頻. From owner-svn-doc-all@FreeBSD.ORG Wed Apr 16 18:10:03 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 236D9C05; Wed, 16 Apr 2014 18:10:03 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 04A091DE3; Wed, 16 Apr 2014 18:10:03 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3GIA2ce051618; Wed, 16 Apr 2014 18:10:02 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3GIA27K051617; Wed, 16 Apr 2014 18:10:02 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404161810.s3GIA27K051617@svn.freebsd.org> From: Dru Lavigne Date: Wed, 16 Apr 2014 18:10:02 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44583 - head/en_US.ISO8859-1/books/handbook/network-servers X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2014 18:10:03 -0000 Author: dru Date: Wed Apr 16 18:10:02 2014 New Revision: 44583 URL: http://svnweb.freebsd.org/changeset/doc/44583 Log: white space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Wed Apr 16 17:32:06 2014 (r44582) +++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Wed Apr 16 18:10:02 2014 (r44583) @@ -4267,17 +4267,17 @@ $include Kexample.com.+005+nnnnn.ZSK.key setting up Apache - The open source Apache HTTP Server - is the most widely used web server. &os; does - not install this web server by default, but it can be installed - from the www/apache24 package or port. + The open source + Apache HTTP Server is the most widely + used web server. &os; does not install this web server by + default, but it can be installed from the + www/apache24 package or port. This section summarizes how to configure and start version 2.x of the Apache HTTP - Server on &os;. - For more detailed information about - Apache 2.X and its configuration - directives, refer to on &os;. For more detailed information + about Apache 2.X and its + configuration directives, refer to httpd.apache.org. @@ -4289,10 +4289,10 @@ $include Kexample.com.+005+nnnnn.ZSK.key In &os;, the main Apache HTTP Server configuration file is installed as /usr/local/etc/apache2x/httpd.conf, - where x represents the version number. - This ASCII text file begins comment lines with a - #. The most frequently modified directives - are: + where x represents the version + number. This ASCII text file begins + comment lines with a #. The most + frequently modified directives are: @@ -4303,8 +4303,7 @@ $include Kexample.com.+005+nnnnn.ZSK.key Apache installation. Binaries are stored in the bin and sbin subdirectories of the server - root and configuration files are stored in the - etc/apache2x subdirectory. @@ -4314,21 +4313,22 @@ $include Kexample.com.+005+nnnnn.ZSK.key ServerAdmin you@example.com - Change this to the email address to receive problems with the - server. This address also appears on some + Change this to the email address to receive problems + with the server. This address also appears on some server-generated pages, such as error documents. - ServerName www.example.com:80 + ServerName + www.example.com:80 Allows an administrator to set a hostname which is sent back to clients for the server. For example, www can be used instead of the actual hostname. If the system does not have a - registeredDNS name, enter its + registered DNS name, enter its IP address instead. If the server will listen on an alternate report, change 80 to the alternate port @@ -4341,22 +4341,22 @@ $include Kexample.com.+005+nnnnn.ZSK.key "/usr/local/www/apache2x/data" - The directory - where documents will be served from. By default, all - requests are taken from this directory, but symbolic - links and aliases may be used to point to other - locations. + The directory where documents will be served from. + By default, all requests are taken from this directory, + but symbolic links and aliases may be used to point to + other locations. - It is always a good idea to make a backup copy of the default - Apache configuration file before - making changes. When the configuration of - Apache is complete, save the - file and verify the configuration using apachectl. - Running apachectl configtest should return - Syntax OK. + It is always a good idea to make a backup copy of the + default Apache configuration file + before making changes. When the configuration of + Apache is complete, save the file + and verify the configuration using + apachectl. Running apachectl + configtest should return Syntax + OK. Apache starting or stopping @@ -4386,24 +4386,22 @@ $include Kexample.com.+005+nnnnn.ZSK.key in a web browser, replacing localhost with the fully-qualified domain name of the machine running httpd. - The default web page that is - displayed is + The default web page that is displayed is /usr/local/www/apache24/data/index.html. The Apache configuration can be tested for errors after making subsequent configuration - changes while httpd is running using - the following - command: + changes while httpd is running using the + following command: &prompt.root; service apache24 configtest It is important to note that configtest is not an &man.rc.8; standard, - and should not be expected to work for all - startup scripts. - + and should not be expected to work for all startup + scripts. + @@ -4412,19 +4410,19 @@ $include Kexample.com.+005+nnnnn.ZSK.key Virtual hosting allows multiple websites to run on one Apache server. The virtual hosts can be IP-based or - name-based. IP-based - virtual hosting uses a different IP address - for each website. Name-based virtual hosting uses the clients - HTTP/1.1 headers to figure out the hostname, which allows the - websites to share the same IP - address. + name-based. + IP-based virtual hosting uses a different + IP address for each website. Name-based + virtual hosting uses the clients HTTP/1.1 headers to figure + out the hostname, which allows the websites to share the same + IP address. To setup Apache to use name-based virtual hosting, add a VirtualHost block for each website. For example, for the webserver named www.domain.tld with - a virtual domain of www.domain.tld with a + virtual domain of www.someotherdomain.tld, add the following entries to httpd.conf: @@ -4456,9 +4454,8 @@ DocumentRoot /www/someother Apache modules - Apache uses - modules to augment the functionality provided by the basic - server. Refer to Apache uses modules to augment + the functionality provided by the basic server. Refer to http://httpd.apache.org/docs/current/mod/ for a complete listing of and the configuration details for the available modules. @@ -4467,11 +4464,11 @@ DocumentRoot /www/someother www/apache24 port. Type make config within /usr/ports/www/apache24 to see which - modules are available and which are enabled by - default. If the module is not compiled with the port, the - &os; Ports Collection provides an easy way to install - many modules. This section describes three of the most - commonly used modules. + modules are available and which are enabled by default. If + the module is not compiled with the port, the &os; Ports + Collection provides an easy way to install many modules. This + section describes three of the most commonly used + modules. <filename>mod_ssl</filename> @@ -4484,9 +4481,10 @@ DocumentRoot /www/someother cryptography The mod_ssl module uses the - OpenSSL library to provide strong cryptography via the - Secure Sockets Layer (SSLv3) and Transport Layer - Security (TLSv1) protocols. This module provides + OpenSSL library to provide strong + cryptography via the Secure Sockets Layer + (SSLv3) and Transport Layer Security + (TLSv1) protocols. This module provides everything necessary to request a signed certificate from a trusted certificate signing authority to run a secure web server on &os;. @@ -4506,16 +4504,16 @@ DocumentRoot /www/someother The - mod_perl module makes it possible - to write Apache modules - in Perl. In addition, the persistent interpreter embedded - in the server avoids the overhead of starting an external - interpreter and the penalty of Perl start-up time. - - The mod_perl can be installed using the - www/mod_perl2 package or - port. Documentation for using this module can be found at - mod_perl module makes it possible to + write Apache modules in + Perl. In addition, the + persistent interpreter embedded in the server avoids the + overhead of starting an external interpreter and the penalty + of Perl start-up time. + + The mod_perl can be installed using + the www/mod_perl2 package or port. + Documentation for using this module can be found at http://perl.apache.org/docs/2.0/index.html. @@ -4540,23 +4538,24 @@ DocumentRoot /www/someother PHP: Hypertext Preprocessor - (PHP) is a - general-purpose scripting language that is especially suited - for web development. Capable of being embedded into - HTML, its syntax draws upon - C, &java;, and - Perl with the intention of allowing web developers to write - dynamically generated webpages quickly. + (PHP) is a general-purpose scripting + language that is especially suited for web development. + Capable of being embedded into HTML, its + syntax draws upon C, &java;, and + Perl with the intention of + allowing web developers to write dynamically generated + webpages quickly. To gain support for PHP5 for the - Apache web server, - install the www/mod_php5 package or - port. This will install and configure the modules required - to support dynamic PHP applications. - The installation will automatically add this line to + Apache web server, install the + www/mod_php5 package or port. This will + install and configure the modules required to support + dynamic PHP applications. The + installation will automatically add this line to /usr/local/etc/apache24/httpd.conf: LoadModule php5_module libexec/apache24/libphp5.so + - Then, perform a graceful - restart to load the PHP - module: + + Then, perform a graceful restart to load the + PHP module: &prompt.root; apachectl graceful The PHP support provided by - www/mod_php5 - is limited. Additional + www/mod_php5 is limited. Additional support can be installed using the - lang/php5-extensions - port which provides a menu driven interface to the available + lang/php5-extensions port which provides + a menu driven interface to the available PHP extensions. - Alternatively, individual extensions can be installed using - the appropriate port. For instance, to add PHP support for the + Alternatively, individual extensions can be installed + using the appropriate port. For instance, to add + PHP support for the MySQL database server, install databases/php5-mysql. @@ -4615,34 +4615,37 @@ AddModule mod_php5.c Python Django - Django is a BSD-licensed framework designed to allow - developers to write high performance, elegant web - applications quickly. It provides an object-relational - mapper so that data types are developed as Python objects. - A rich dynamic database-access API is provided for those - objects without the developer ever having to write SQL. It - also provides an extensible template system so that the - logic of the application is separated from the HTML + Django is a BSD-licensed + framework designed to allow developers to write high + performance, elegant web applications quickly. It provides + an object-relational mapper so that data types are developed + as Python objects. A rich + dynamic database-access API is provided + for those objects without the developer ever having to write + SQL. It also provides an extensible + template system so that the logic of the application is + separated from the HTML presentation. - Django depends on mod_python, - and an SQL database - engine. In &os;, the www/py-django port - automatically installs mod_python and - supports the PostgreSQL, + Django depends on mod_python, and + an SQL database engine. In &os;, the + www/py-django port automatically installs + mod_python and supports the + PostgreSQL, MySQL, or - SQLite databases, with the default - being SQLite. To change the - datbase engine, type make config within - /usr/ports/www/py-django, then install - the port. - - Once Django is installed, - the application will need a project directory along - with the Apache configuration in order to + SQLite databases, with the + default being SQLite. To change + the datbase engine, type make config + within /usr/ports/www/py-django, then + install the port. + + Once Django is installed, the + application will need a project directory along with the + Apache configuration in order to use the embedded Python - interpreter. This interpreter is used to - call the application for specific URLs on the site. + interpreter. This interpreter is used to call the + application for specific URLs on the + site. To configure Apache to pass requests for certain URLs to the web @@ -4670,12 +4673,12 @@ AddModule mod_php5.c Ruby on Rails - Ruby on Rails is another open source web framework that - provides a full development stack. It is optimized to make - web developers more productive and capable of writing - powerful applications quickly. On &os;, tt can be installed - using the www/rubygem-rails package or - port. + Ruby on Rails is another open + source web framework that provides a full development stack. + It is optimized to make web developers more productive and + capable of writing powerful applications quickly. On &os;, + tt can be installed using the + www/rubygem-rails package or port. Refer to http://rubyonrails.org/documentation From owner-svn-doc-all@FreeBSD.ORG Wed Apr 16 18:27:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 004FF1C2; Wed, 16 Apr 2014 18:27:11 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D63B2112C; Wed, 16 Apr 2014 18:27:11 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3GIRBbO059705; Wed, 16 Apr 2014 18:27:11 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3GIRBYm059704; Wed, 16 Apr 2014 18:27:11 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404161827.s3GIRBYm059704@svn.freebsd.org> From: Dru Lavigne Date: Wed, 16 Apr 2014 18:27:11 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44584 - head/en_US.ISO8859-1/books/handbook/network-servers X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2014 18:27:12 -0000 Author: dru Date: Wed Apr 16 18:27:11 2014 New Revision: 44584 URL: http://svnweb.freebsd.org/changeset/doc/44584 Log: Fix a few typos and redundancy. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Wed Apr 16 18:10:02 2014 (r44583) +++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Wed Apr 16 18:27:11 2014 (r44584) @@ -303,8 +303,8 @@ server-program-arguments indicates whether or not the service is able to handle its own socket. - socket types must use the - option while + socket types must use + while daemons, which are usually multi-threaded, should use . usually hands off multiple sockets @@ -746,8 +746,8 @@ mountd_flags="-r" The client now has everything it needs to mount a remote file system. In these examples, the server's name is server and the client's name is - client. To mount the - /home file system on + client. To mount + /home on server to the /mnt mount point on client: @@ -1898,7 +1898,7 @@ INTERNS (,able,test-domain) (,baker, netgroups Netgroup names longer than 8 characters should not be The names are case sensitive and using capital letters - letters for netgroup names is an easy way to distinguish + for netgroup names is an easy way to distinguish between user, machine and netgroup names. Some non-&os; NIS clients cannot @@ -1977,7 +1977,7 @@ ellington&prompt.user; ypcat +@IT_EMP:::::::::. Otherwise, all user accounts imported from NIS will have /sbin/nologin as their login - shell and noone will be able to login to the system. + shell and no one will be able to login to the system. To configure the less important servers, replace the old +::::::::: on the servers with these @@ -2348,7 +2348,7 @@ allow bind_v2 . Before saving this file, place the in front of the password output from slappasswd and delete the old - option above. The end result should + . The end result should look similar to this: TLSCipherSuite HIGH:MEDIUM:+SSLv3 @@ -4635,7 +4635,7 @@ AddModule mod_php5.c MySQL, or SQLite databases, with the default being SQLite. To change - the datbase engine, type make config + the database engine, type make config within /usr/ports/www/py-django, then install the port. @@ -4677,7 +4677,7 @@ AddModule mod_php5.c source web framework that provides a full development stack. It is optimized to make web developers more productive and capable of writing powerful applications quickly. On &os;, - tt can be installed using the + it can be installed using the www/rubygem-rails package or port. Refer to /usr/local/etc/smb.conf and customized before Samba can be used. - The smb.conf file contains runtime - configuration information for - Samba, such as definitions of the + Runtime configuration information for + Samba is found in + smb.conf, such as definitions of the printers and file system shares that will be shared with &windows; clients. The Samba package includes a web based tool called swat which provides a - simple way of configuring the smb.conf - file. + simple way for configuring + smb.conf. Using the Samba Web Administration Tool (SWAT) @@ -4960,8 +4960,8 @@ AddModule mod_php5.c server string - The string that will be displayed with the - net view command and some other + The string that will be displayed in the output of + net view and some other networking tools that seek to display descriptive text about the server. @@ -5019,8 +5019,8 @@ AddModule mod_php5.c Assuming that the default smbpasswd - backend is used, the - /usr/local/etc/samba/smbpasswd file + backend is used, + /usr/local/etc/samba/smbpasswd must be created to allow Samba to authenticate clients. To provide &unix; user accounts access from &windows; clients, use the following command to @@ -5557,7 +5557,7 @@ iqn.2012-06.com.example:target0 - Connecting to a Target With a Configuration + <title>Connecting to a Target with a Configuration File To connect using a configuration file, create From owner-svn-doc-all@FreeBSD.ORG Wed Apr 16 18:41:06 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 294958DA; Wed, 16 Apr 2014 18:41:06 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 15BF712E1; Wed, 16 Apr 2014 18:41:06 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3GIf5IW077170; Wed, 16 Apr 2014 18:41:05 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3GIf5td077169; Wed, 16 Apr 2014 18:41:05 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404161841.s3GIf5td077169@svn.freebsd.org> From: Gabor Pali Date: Wed, 16 Apr 2014 18:41:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44585 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2014 18:41:06 -0000 Author: pgj Date: Wed Apr 16 18:41:05 2014 New Revision: 44585 URL: http://svnweb.freebsd.org/changeset/doc/44585 Log: - Improve the ZFSguru 2014Q1 report as requested by the submitter Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Wed Apr 16 18:27:11 2014 (r44584) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Wed Apr 16 18:41:05 2014 (r44585) @@ -2418,20 +2418,22 @@ device vt_efifb

      ZFSguru is a multifunctional server appliance with a strong - emphasis on storage. It desired to bring BSD and ZFS technology - to a wider audience, while at the same time pleasing more - advanced users as well with unique features. A vanilla - ZFSguru installation comes with only Samba and a web-interface - setup, but can be extended easily by installing addons called - services to add functionality as desired. This prevents - users from running stuff they do not need and do not want. - Advanced users can still use ZFSguru as they would a normal &os; - installation with a 100% ZFS setup (Root-on-ZFS). - ZFSguru does not strip away anything, and uses a - GENERIC-like kernel with only some additional stuff - added like InfiniBand networking, Device Polling and AltQ. This - means you can use a ZFSguru installation as you would use a &os; - installation.

      + emphasis on storage. It wants to deliver all the great BSD and + ZFS technology to a wider audience, while at the same time + pleasing more advanced users as well with unique features and + customization.

      + +

      A vanilla ZFSguru installation comes with only Samba and + a web-interface setup, but can be extended easily by installing + addons called services to add functionality as desired. + This prevents users from running programs they do not need and + do not want. Advanced users can still use ZFSguru as they would + a normal &os; installation with a 100% ZFS setup + (Root-on-ZFS). ZFSguru does not strip away anything, and + uses a GENERIC-like kernel with only some additional + settings added like InfiniBand networking, Device Polling and + AltQ. This means you can use a ZFSguru installation as you + would use a &os; installation.

      In the first month of 2014, ZFSguru has released beta9 version of the web interface. This release brings vastly improved support @@ -2448,8 +2450,9 @@ device vt_efifb graphics drivers. That is, the latest and greatest of &os; graphics development. The ZFSguru project plans to release stable/10 builds in the near future which also have the - MFC'ed patches for vt(4). Please see the - vt(4) entry for more information.

      + MFC'ed patches for vt(4), the KMS-enabled system + console with Unicode support. Please see the vt(4) + entry for more information.

      Support for ZFS version 5000 is now universal across 9.2, 10.0 and head builds. LZ4 compression is the key feature for @@ -2472,7 +2475,7 @@ device vt_efifb It can be used like a firmware — restoring the machine to the exact state and configuration of the snapshot configuration. It allows users to maintain a backup of their ZFSguru - configuration and makes upgrading to a newer ZFSguru system + configuration and allows upgrading to a newer ZFSguru system version without any hassle. Automated system builds should bring more system image @@ -2481,9 +2484,9 @@ device vt_efifb New website with new forum and new login system. Developer website with GitLab setup, allowing bugreports, - code contributions and wiki + wall messages. Note that GitLab has - also been provided as ZFSguru service, for those interested in - trying GitLab. + code contributions, wiki, and wall messages. Note that GitLab + has also been provided as ZFSguru service, for those interested + in trying GitLab. From owner-svn-doc-all@FreeBSD.ORG Wed Apr 16 19:46:59 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 63296845; Wed, 16 Apr 2014 19:46:59 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3F0CE18FF; Wed, 16 Apr 2014 19:46:59 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3GJkxla004906; Wed, 16 Apr 2014 19:46:59 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3GJkxPV004905; Wed, 16 Apr 2014 19:46:59 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404161946.s3GJkxPV004905@svn.freebsd.org> From: Dru Lavigne Date: Wed, 16 Apr 2014 19:46:59 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44586 - head/en_US.ISO8859-1/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2014 19:46:59 -0000 Author: dru Date: Wed Apr 16 19:46:58 2014 New Revision: 44586 URL: http://svnweb.freebsd.org/changeset/doc/44586 Log: Update the CD/DVD sets page. Comment out the deprecated sites. I think the St. Petersburg address for Linux Center is incorrect, but Google Translate was not helpful in figuring out the correct address. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Wed Apr 16 18:41:05 2014 (r44585) +++ head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Wed Apr 16 19:46:58 2014 (r44586) @@ -8,21 +8,18 @@ Obtaining &os; - CDROM and DVD Publishers + <acronym>CD</acronym> and + <acronym>DVD</acronym> Sets - - CD and DVD Sets - - &os; CD and DVD sets are available from many online + &os; CD and DVD sets + are available from several online retailers: -

      - &os; Mall, Inc. +
      &os; Mall, Inc. 2420 Sand Creek Rd C-1 #347 - Brentwood, - CA + Brentwood, CA 94513 USA Phone: +1 925 240-6652 @@ -34,17 +31,19 @@ -
      - Dr. Hinner EDV +
      Dr. Hinner EDV Kochelseestr. 11 D-81371 München Germany Phone: (0177) 428 419 0 + Email: infow@hinner.de WWW: http://www.hinner.de/linux/freebsd.html
      + + -
      - LinuxCenter.Ru +
      Linux Center Galernaya Street, 55 Saint-Petersburg 190000 Russia - Phone: +7-812-3125208 + Phone: +7-812-309-06-86 Email: info@linuxcenter.ru WWW: http://linuxcenter.ru/shop/freebsd
      - From owner-svn-doc-all@FreeBSD.ORG Wed Apr 16 20:11:52 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1FE9B170; Wed, 16 Apr 2014 20:11:52 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0CF181B99; Wed, 16 Apr 2014 20:11:52 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3GKBp7U017175; Wed, 16 Apr 2014 20:11:51 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3GKBpfK017174; Wed, 16 Apr 2014 20:11:51 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404162011.s3GKBpfK017174@svn.freebsd.org> From: Warren Block Date: Wed, 16 Apr 2014 20:11:51 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44587 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2014 20:11:52 -0000 Author: wblock Date: Wed Apr 16 20:11:51 2014 New Revision: 44587 URL: http://svnweb.freebsd.org/changeset/doc/44587 Log: Remove an errant apostrophe. Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Wed Apr 16 19:46:58 2014 (r44586) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Wed Apr 16 20:11:51 2014 (r44587) @@ -2450,7 +2450,7 @@ device vt_efifb graphics drivers. That is, the latest and greatest of &os; graphics development. The ZFSguru project plans to release stable/10 builds in the near future which also have the - MFC'ed patches for vt(4), the KMS-enabled system + MFCed patches for vt(4), the KMS-enabled system console with Unicode support. Please see the vt(4) entry for more information.

      From owner-svn-doc-all@FreeBSD.ORG Wed Apr 16 20:32:21 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 75453476; Wed, 16 Apr 2014 20:32:21 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 56AC61D28; Wed, 16 Apr 2014 20:32:21 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3GKWLtI025329; Wed, 16 Apr 2014 20:32:21 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3GKWLrO025328; Wed, 16 Apr 2014 20:32:21 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404162032.s3GKWLrO025328@svn.freebsd.org> From: Warren Block Date: Wed, 16 Apr 2014 20:32:21 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44588 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2014 20:32:21 -0000 Author: wblock Date: Wed Apr 16 20:32:20 2014 New Revision: 44588 URL: http://svnweb.freebsd.org/changeset/doc/44588 Log: Whitespace-only fixes, translators please ignore. Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Wed Apr 16 20:11:51 2014 (r44587) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Wed Apr 16 20:32:20 2014 (r44588) @@ -1182,18 +1182,18 @@ committed code to Subversion since the last successful build.

      -

      As part of the Jenkins setup, &a.rodrigc; encountered problems - with running Java on &os; 9.2 and &os; 10.0. Both - problems stemmed from changes to the &os; Virtual Memory (VM) - subsystem. On &os; 9.2-RELEASE, running Jenkins under Java - would cause the kernel to panic. This was a known problem, and - fixed in 9.2.-RELEASE-p3. On &os; 10.0-RELEASE, Java processes - would randomly crash. Disabling the - vm.pmap.pcid_enabled sysctl(3) variable seemed - to fix the problem. In kern/187238, Henrik Gulbrandsen - submitted fixes to the &os; VM to address this problem. &a.kib; - committed the fixes to head, where they are being - tested now.

      +

      As part of the Jenkins setup, &a.rodrigc; encountered + problems with running Java on &os; 9.2 and + &os; 10.0. Both problems stemmed from changes to the + &os; Virtual Memory (VM) subsystem. On &os; 9.2-RELEASE, + running Jenkins under Java would cause the kernel to panic. + This was a known problem, and fixed in 9.2.-RELEASE-p3. On + &os; 10.0-RELEASE, Java processes would randomly crash. + Disabling the vm.pmap.pcid_enabled sysctl(3) + variable seemed to fix the problem. In kern/187238, + Henrik Gulbrandsen submitted fixes to the &os; VM to address + this problem. &a.kib; committed the fixes to head, + where they are being tested now.

      During the setup of the bhyve VMs which run Jenkins processes, &a.rodrigc; wrote scripts to start bhyve VMs from @@ -2418,49 +2418,49 @@ device vt_efifb

      ZFSguru is a multifunctional server appliance with a strong - emphasis on storage. It wants to deliver all the great BSD and - ZFS technology to a wider audience, while at the same time + emphasis on storage. It wants to deliver all the great BSD + and ZFS technology to a wider audience, while at the same time pleasing more advanced users as well with unique features and customization.

      -

      A vanilla ZFSguru installation comes with only Samba and - a web-interface setup, but can be extended easily by installing - addons called services to add functionality as desired. - This prevents users from running programs they do not need and - do not want. Advanced users can still use ZFSguru as they would - a normal &os; installation with a 100% ZFS setup - (Root-on-ZFS). ZFSguru does not strip away anything, and - uses a GENERIC-like kernel with only some additional - settings added like InfiniBand networking, Device Polling and - AltQ. This means you can use a ZFSguru installation as you - would use a &os; installation.

      - -

      In the first month of 2014, ZFSguru has released beta9 version - of the web interface. This release brings vastly improved support - for Samba and NFS configuration. In particular, it adds a - convenient drag-and-drop interface for Samba permissions. This - allows novice users to configure access to shares in various - configurations. It allows both control and usability, with no - manual being necessary in order to operate it. This is the - ZFSguru-style.

      +

      A vanilla ZFSguru installation comes with only Samba + and a web-interface setup, but can be extended easily by + installing addons called services to add functionality + as desired. This prevents users from running programs they do + not need and do not want. Advanced users can still use + ZFSguru as they would a normal &os; installation with a 100% + ZFS setup (Root-on-ZFS). ZFSguru does not strip away + anything, and uses a GENERIC-like kernel with only + some additional settings added like InfiniBand networking, + Device Polling and AltQ. This means you can use a ZFSguru + installation as you would use a &os; installation.

      + +

      In the first month of 2014, ZFSguru has released beta9 + version of the web interface. This release brings vastly + improved support for Samba and NFS configuration. In + particular, it adds a convenient drag-and-drop interface for + Samba permissions. This allows novice users to configure + access to shares in various configurations. It allows both + control and usability, with no manual being necessary in order + to operate it. This is the ZFSguru-style.

      New system versions have been released, based on &os; 9.2, - 10.0, and head. The experimental head version - has vt(4) and X.org 7.12.4 and the Intel/Radeon KMS - graphics drivers. That is, the latest and greatest of &os; - graphics development. The ZFSguru project plans to release - stable/10 builds in the near future which also have the - MFCed patches for vt(4), the KMS-enabled system - console with Unicode support. Please see the vt(4) - entry for more information.

      - -

      Support for ZFS version 5000 is now universal across 9.2, 10.0 - and head builds. LZ4 compression is the key feature for - ZFS version 5000. Otherwise users are advised to keep their - pool versions as is, to be as compatible as you can with as many - ZFS platforms as possible. Only upgrade the pool as you desire - its functionality, forfeiting the compatibility with older - storage platforms.

      + 10.0, and head. The experimental head + version has vt(4) and X.org 7.12.4 and the + Intel/Radeon KMS graphics drivers. That is, the latest and + greatest of &os; graphics development. The ZFSguru project + plans to release stable/10 builds in the near future + which also have the MFCed patches for vt(4), the + KMS-enabled system console with Unicode support. Please see + the vt(4) entry for more information.

      + +

      Support for ZFS version 5000 is now universal across 9.2, + 10.0 and head builds. LZ4 compression is the key + feature for ZFS version 5000. Otherwise users are advised to + keep their pool versions as is, to be as compatible as you can + with as many ZFS platforms as possible. Only upgrade the pool + as you desire its functionality, forfeiting the compatibility + with older storage platforms.

      @@ -2469,14 +2469,14 @@ device vt_efifb some minor bugs as well as speed up some pages by having a redesigned remote database system called GuruDB. - ZFSguru beta11 will add the one major feature still missing - in ZFSguru: the Migration Manager. This allows users to maintain - a file with all the configuration of their ZFSguru installation. - It can be used like a firmware — restoring the machine to - the exact state and configuration of the snapshot configuration. - It allows users to maintain a backup of their ZFSguru - configuration and allows upgrading to a newer ZFSguru system - version without any hassle. + ZFSguru beta11 will add the one major feature still + missing in ZFSguru: the Migration Manager. This allows users + to maintain a file with all the configuration of their ZFSguru + installation. It can be used like a firmware — restoring + the machine to the exact state and configuration of the + snapshot configuration. It allows users to maintain a backup + of their ZFSguru configuration and allows upgrading to a newer + ZFSguru system version without any hassle. Automated system builds should bring more system image releases. @@ -2485,8 +2485,8 @@ device vt_efifb Developer website with GitLab setup, allowing bugreports, code contributions, wiki, and wall messages. Note that GitLab - has also been provided as ZFSguru service, for those interested - in trying GitLab. + has also been provided as ZFSguru service, for those + interested in trying GitLab. @@ -2544,13 +2544,13 @@ device vt_efifb

      bhyve is a Type-1 hypervisor that runs on the &os; platform. It currently only runs &os; (9.x or later) and Linux guests, current development efforts aim at widening support for other - x86 64-bit operating systems. After a great deal of work by all - involved, bhyve was shipped as part of &os; 10.0-RELEASE. + x86 64-bit operating systems. After a great deal of work by + all involved, bhyve was shipped as part of &os; 10.0-RELEASE. Increased interest in bhyve and the first usable versions have provided great feedback and many bug reports.

      -

      A number of important improvements have been made to bhyve this - quarter:

      +

      A number of important improvements have been made to bhyve + this quarter:

      • Optionally ignore accesses to unimplemented MSRs
        • @@ -2560,15 +2560,16 @@ device vt_efifb
      • Graceful shutdown via ACPI on SIGTERM
        • -
      • Fix issue with virtio-blk devices on Linux guests with more - than 4GB of ram
        • +
      • Fix issue with virtio-blk devices on Linux guests with + more than 4GB of ram
      • Increase the block-layer backend maximum requests to match AHCI command queue depth
      • Add SMBIOS support
        • -
      • Improve support for nmdm, opening the tty non-blocking
        • +
      • Improve support for nmdm, opening the tty + non-blocking
      • Add HPET device emulation
        • @@ -2589,7 +2590,8 @@ device vt_efifb Write Handbook chapter for bhyve. - Merge fixes and features back to stable/10. + Merge fixes and features back to + stable/10. Support for booting with UEFI instead of userspace loaders. From owner-svn-doc-all@FreeBSD.ORG Wed Apr 16 20:45:16 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8BA106DD; Wed, 16 Apr 2014 20:45:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6A5F81E50; Wed, 16 Apr 2014 20:45:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3GKjGZi029865; Wed, 16 Apr 2014 20:45:16 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3GKjGDY029864; Wed, 16 Apr 2014 20:45:16 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404162045.s3GKjGDY029864@svn.freebsd.org> From: Dru Lavigne Date: Wed, 16 Apr 2014 20:45:16 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44589 - head/en_US.ISO8859-1/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2014 20:45:16 -0000 Author: dru Date: Wed Apr 16 20:45:15 2014 New Revision: 44589 URL: http://svnweb.freebsd.org/changeset/doc/44589 Log: Begin editorial review of Subversion chapter. Move mirrors into this chapter and rename rsync chapter to match the rest of the ToC for this section. Add an introductory paragraph on what this chapter covers. More commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Wed Apr 16 20:32:20 2014 (r44588) +++ head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Wed Apr 16 20:45:15 2014 (r44589) @@ -422,35 +422,28 @@ Comment out for now until these can be v Introduction - As of July 2012, &os; uses Subversion - (svn) as the primary version control + As of July 2012, &os; uses + Subversion + as the primary version control system for storing all of &os;'s source code, documentation, and the Ports Collection. - Subversion is generally a developer tool. Most users - should use FreeBSD - Update to update the &os; base system, and Portsnap to + Subversion is generally a developer tool. Most users + should use freebsd-update () to update + the &os; base system, and portsnap ( to update the &os; Ports Collection. - In Subversion, URLs are used to - designate a repository, taking the form of - protocol://hostname/path. Mirrors - may support different protocols as specified below. The first - component of the path is the &os; repository to access. There - are three different repositories, base for - the &os; base system source code, ports for - the Ports Collection, and doc for - documentation. For example, the URL - svn://svn0.us-east.FreeBSD.org/ports/head/ - specifies the main branch of the ports repository on the - svn0.us-east.FreeBSD.org - mirror, using the svn protocol. + This chapter demonstrates how to install + Subversion on a &os; system and then + use it to create a local copy of a &os; repository. It + includes a list of the available &os; + Subversion mirrors and resources to + additional information on how to use + Subversion. @@ -495,6 +488,21 @@ Comment out for now until these can be v repository. + Subversion uses + URLs to designate a repository, taking the form of + protocol://hostname/path. Mirrors + may support different protocols as specified below. The first + component of the path is the &os; repository to access. There + are three different repositories, base for + the &os; base system source code, ports for + the Ports Collection, and doc for + documentation. For example, the URL + svn://svn0.us-east.FreeBSD.org/ports/head/ + specifies the main branch of the ports repository on the + svn0.us-east.FreeBSD.org + mirror, using the svn protocol. + A checkout from a given repository is performed with a command like this: @@ -586,20 +594,7 @@ Comment out for now until these can be v &prompt.root; make update SVN_UPDATE=yes - - For More Information - - For other information about using - Subversion, please see the - Subversion Book, titled - Version - Control with Subversion, or the Subversion - Documentation. - - - - + <application>Subversion</application> Mirror Sites @@ -730,10 +725,23 @@ Certificate information: or other problems, svn is the next choice, with slightly faster transfers. When neither can be used, use http. + + + + For More Information + + For other information about using + Subversion, please see the + Subversion Book, titled + Version + Control with Subversion, or the Subversion + Documentation. + - <application>rsync</application> Sites + Using <application>rsync</application> The following sites make &os; available through the rsync protocol. The rsync utility works in From owner-svn-doc-all@FreeBSD.ORG Wed Apr 16 20:50:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5BFFA79F; Wed, 16 Apr 2014 20:50:12 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 498F51001; Wed, 16 Apr 2014 20:50:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3GKoCVB030873; Wed, 16 Apr 2014 20:50:12 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3GKoCct030872; Wed, 16 Apr 2014 20:50:12 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404162050.s3GKoCct030872@svn.freebsd.org> From: Dru Lavigne Date: Wed, 16 Apr 2014 20:50:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44590 - head/en_US.ISO8859-1/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2014 20:50:12 -0000 Author: dru Date: Wed Apr 16 20:50:11 2014 New Revision: 44590 URL: http://svnweb.freebsd.org/changeset/doc/44590 Log: Fix xref. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Wed Apr 16 20:45:15 2014 (r44589) +++ head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Wed Apr 16 20:50:11 2014 (r44590) @@ -432,8 +432,8 @@ Comment out for now until these can be v Subversion is generally a developer tool. Most users should use freebsd-update () to update - the &os; base system, and portsnap ( to + the &os; base system, and portsnap () to update the &os; Ports Collection. From owner-svn-doc-all@FreeBSD.ORG Wed Apr 16 20:50:50 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D2AE9801; Wed, 16 Apr 2014 20:50:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BF6461037; Wed, 16 Apr 2014 20:50:50 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3GKoo8Y031303; Wed, 16 Apr 2014 20:50:50 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3GKoovS031302; Wed, 16 Apr 2014 20:50:50 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404162050.s3GKoovS031302@svn.freebsd.org> From: Warren Block Date: Wed, 16 Apr 2014 20:50:50 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44591 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2014 20:50:50 -0000 Author: wblock Date: Wed Apr 16 20:50:50 2014 New Revision: 44591 URL: http://svnweb.freebsd.org/changeset/doc/44591 Log: Update introduction. Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Wed Apr 16 20:50:11 2014 (r44590) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Wed Apr 16 20:50:50 2014 (r44591) @@ -15,7 +15,24 @@ March 2014. This is the first of four reports planned for 2014.

        - +

        The first quarter of 2014 was, again, a hectic and + productive time for &os;. The Ports team released their + landmark first quarterly stable branch. &os; continues + to grow on the ARM architecture, now running on an ARM-based + ChromeBook. SMP is now possible on multi-core ARM systems. + bhyve, the native &os; hypervisor, continues to improve. An + integral test suite is taking shape, and the Jenkins Continuous + Integration system has been implemented. &os; patches to GCC + are being forward-ported, and LLDB, the Clang/LLVM + debugger is being ported. Desktop use has also seen + improvements, with work on Gnome, KDE, Xfce, KMS video drivers, + X.org, and vt, the new console driver which supports + KMS and Unicode. Linux and Wine binary compatibility layers + have been improved. UEFI booting support has been merged to + head. The &os; Foundation continues to assist in moving &os; + forward, sponsoring conferences and meetings and numerous + development projects. And these are only some of the things + that happened! Read on for even more.

        From owner-svn-doc-all@FreeBSD.ORG Wed Apr 16 21:07:49 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 373BFC41; Wed, 16 Apr 2014 21:07:49 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 22288115C; Wed, 16 Apr 2014 21:07:49 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3GL7nRK038462; Wed, 16 Apr 2014 21:07:49 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3GL7nme038461; Wed, 16 Apr 2014 21:07:49 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404162107.s3GL7nme038461@svn.freebsd.org> From: Dru Lavigne Date: Wed, 16 Apr 2014 21:07:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44592 - head/en_US.ISO8859-1/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2014 21:07:49 -0000 Author: dru Date: Wed Apr 16 21:07:48 2014 New Revision: 44592 URL: http://svnweb.freebsd.org/changeset/doc/44592 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Wed Apr 16 20:50:50 2014 (r44591) +++ head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Wed Apr 16 21:07:48 2014 (r44592) @@ -11,36 +11,35 @@ <acronym>CD</acronym> and <acronym>DVD</acronym> Sets - &os; CD and DVD sets - are available from several online - retailers: + &os; CD and DVD sets + are available from several online retailers: - - -
        &os; Mall, Inc. - 2420 Sand Creek Rd C-1 #347 - Brentwood, CA - 94513 - USA - Phone: +1 925 240-6652 - Fax: +1 925 674-0821 - Email: info@freebsdmall.com - WWW: http://www.freebsdmall.com/ -
        -         - - -
        Dr. Hinner EDV - Kochelseestr. 11 - D-81371 München - Germany - Phone: (0177) 428 419 0 - Email: infow@hinner.de - WWW: http://www.hinner.de/linux/freebsd.html -
        -         + + +
        &os; Mall, Inc. + 2420 Sand Creek Rd C-1 #347 + Brentwood, CA + 94513 + USA + Phone: +1 925 240-6652 + Fax: +1 925 674-0821 + Email: info@freebsdmall.com + WWW: http://www.freebsdmall.com/ +
        +         + + +
        Dr. Hinner EDV + Kochelseestr. 11 + D-81371 München + Germany + Phone: (0177) 428 419 0 + Email: infow@hinner.de + WWW: http://www.hinner.de/linux/freebsd.html +
        +         - - -
        Linux Center - Galernaya Street, 55 - Saint-Petersburg - 190000 - Russia - Phone: +7-812-309-06-86 - Email: info@linuxcenter.ru - WWW: http://linuxcenter.ru/shop/freebsd -
        -         -         + + +
        Linux Center + Galernaya Street, 55 + Saint-Petersburg + 190000 + Russia + Phone: +7-812-309-06-86 + Email: info@linuxcenter.ru + WWW: http://linuxcenter.ru/shop/freebsd +
        +         +         @@ -423,23 +422,23 @@ Comment out for now until these can be v Introduction As of July 2012, &os; uses - Subversion - as the primary version control - system for storing all of &os;'s source code, documentation, - and the Ports Collection. + Subversion as the primary version + control system for storing all of &os;'s source code, + documentation, and the Ports Collection. - Subversion is generally a developer tool. Most users - should use freebsd-update (Subversion is generally a + developer tool. Most users should use + freebsd-update () to update the &os; base system, and portsnap () to - update the &os; Ports Collection. + linkend="ports-using"/>) to update the &os; Ports + Collection. This chapter demonstrates how to install - Subversion on a &os; system and then - use it to create a local copy of a &os; repository. It + Subversion on a &os; system and + then use it to create a local copy of a &os; repository. It includes a list of the available &os; Subversion mirrors and resources to additional information on how to use @@ -489,14 +488,15 @@ Comment out for now until these can be v Subversion uses - URLs to designate a repository, taking the form of - protocol://hostname/path. Mirrors - may support different protocols as specified below. The first - component of the path is the &os; repository to access. There - are three different repositories, base for - the &os; base system source code, ports for - the Ports Collection, and doc for - documentation. For example, the URL + URLs to designate a repository, taking the + form of protocol://hostname/path. + Mirrors may support different protocols as specified below. + The first component of the path is the &os; repository to + access. There are three different repositories, + base for the &os; base system source code, + ports for the Ports Collection, and + doc for documentation. For example, the + URL svn://svn0.us-east.FreeBSD.org/ports/head/ specifies the main branch of the ports repository on the make update SVN_UPDATE=yes - - <application>Subversion</application> Mirror Sites - - - Subversion Repository - Mirror Sites - + + <application>Subversion</application> Mirror + Sites + + + Subversion Repository + Mirror Sites + + + All mirrors carry all repositories. + + The master &os; Subversion + server, svn.FreeBSD.org, is + publicly accessible, read-only. That may change in the + future, so users are encouraged to use one of the official + mirrors. To view the &os; + Subversion repositories through a + browser, use http://svnweb.FreeBSD.org/. - All mirrors carry all repositories. + + The &os; Subversion mirror + network is still in its early days, and will likely change. + Do not count on this list of mirrors being static. In + particular, the SSL certificates of the + servers will likely change at some point. + - The master &os; Subversion - server, svn.FreeBSD.org, is - publicly accessible, read-only. That may change in the future, - so users are encouraged to use one of the official mirrors. To - view the &os; Subversion repositories - through a browser, use http://svnweb.FreeBSD.org/. - - - The &os; Subversion mirror network is still in its early days, - and will likely change. Do not count on this list of mirrors - being static. In particular, the SSL certificates of the - servers will likely change at some point. - - - - - - - - - - - Name - - Protocols - - Location - - SSL Fingerprint - - - - - - svn0.us-west.FreeBSD.org - - svn, http, - https - - USA, California - - SHA1 - 1C:BD:85:95:11:9F:EB:75:A5:4B:C8:A3:FE:08:E4:02:73:06:1E:61 - - - - svn0.us-east.FreeBSD.org - - svn, http, - https, - rsync - - USA, New Jersey - - SHA1 - 1C:BD:85:95:11:9F:EB:75:A5:4B:C8:A3:FE:08:E4:02:73:06:1E:61 - - - - svn0.eu.FreeBSD.org - - svn, http, - https, - rsync - - Europe, UK - - SHA1 - 39:B0:53:35:CE:60:C7:BB:00:54:96:96:71:10:94:BB:CE:1C:07:A7 - - - - - - HTTPS is the preferred protocol, - providing protection against another computer pretending to be - the &os; mirror (commonly known as a man in the - middle attack) or otherwise trying to send bad content - to the end user. - - On the first connection to an HTTPS - mirror, the user will be asked to verify the server - fingerprint: + + + + + + + + + Name + + Protocols + + Location + + SSL Fingerprint + + + + + + svn0.us-west.FreeBSD.org + + svn, http, + https + + USA, California + + SHA1 + 1C:BD:85:95:11:9F:EB:75:A5:4B:C8:A3:FE:08:E4:02:73:06:1E:61 + + + + svn0.us-east.FreeBSD.org + + svn, http, + https, + rsync + + USA, New Jersey + + SHA1 + 1C:BD:85:95:11:9F:EB:75:A5:4B:C8:A3:FE:08:E4:02:73:06:1E:61 + + + + svn0.eu.FreeBSD.org + + svn, http, + https, + rsync + + Europe, UK + + SHA1 + 39:B0:53:35:CE:60:C7:BB:00:54:96:96:71:10:94:BB:CE:1C:07:A7 + + + + + + HTTPS is the preferred protocol, + providing protection against another computer pretending to be + the &os; mirror (commonly known as a man in the + middle attack) or otherwise trying to send bad + content to the end user. + + On the first connection to an HTTPS + mirror, the user will be asked to verify the server + fingerprint: - Error validating server certificate for 'https://svn0.us-west.freebsd.org:443': + Error validating server certificate for 'https://svn0.us-west.freebsd.org:443': - The certificate is not issued by a trusted authority. Use the fingerprint to validate the certificate manually! - The certificate hostname does not match. @@ -710,22 +713,22 @@ Certificate information: - Fingerprint: 1C:BD:85:95:11:9F:EB:75:A5:4B:C8:A3:FE:08:E4:02:73:06:1E:61 (R)eject, accept (t)emporarily or accept (p)ermanently? - Compare the fingerprint shown to those listed in the table - above. If the fingerprint matches, the server security - certificate can be accepted temporarily or permanently. A - temporary certificate will expire after a single session with - the server, and the verification step will be repeated on the - next connection. Accepting the certificate permanently will - store the authentication credentials in - ~/.subversion/auth/ and - the user will not be asked to verify the fingerprint again until - the certificate expires. - - If https cannot be used due to firewall - or other problems, svn is the next choice, - with slightly faster transfers. When neither can be used, use - http. - + Compare the fingerprint shown to those listed in the table + above. If the fingerprint matches, the server security + certificate can be accepted temporarily or permanently. A + temporary certificate will expire after a single session with + the server, and the verification step will be repeated on the + next connection. Accepting the certificate permanently will + store the authentication credentials in + ~/.subversion/auth/ and the user will not + be asked to verify the fingerprint again until the certificate + expires. + + If https cannot be used due to firewall + or other problems, svn is the next choice, + with slightly faster transfers. When neither can be used, use + http. + For More Information @@ -737,7 +740,7 @@ Certificate information: Control with Subversion, or the Subversion Documentation. - + @@ -745,15 +748,14 @@ Certificate information: The following sites make &os; available through the rsync protocol. The rsync utility works in - much the same way as the &man.rcp.1; command, - but has more options and uses the rsync remote-update protocol - which transfers only the differences between two sets of files, - thus greatly speeding up the synchronization over the network. - This is most useful if you are a mirror site for the - &os; FTP server, or the CVS repository. The + much the same way as the &man.rcp.1; command, but has more + options and uses the rsync remote-update protocol which + transfers only the differences between two sets of files, thus + greatly speeding up the synchronization over the network. This + is most useful if you are a mirror site for the &os; + FTP server, or the CVS repository. The rsync suite is available for many - operating systems, on &os;, see the - net/rsync + operating systems, on &os;, see the net/rsync port or use the package. @@ -881,7 +883,9 @@ Certificate information: This server may only be used by &os; primary mirror sites. + Available collections: + &os;: The master archive of the &os; From owner-svn-doc-all@FreeBSD.ORG Thu Apr 17 17:05:54 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 677553E1; Thu, 17 Apr 2014 17:05:54 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4814117D4; Thu, 17 Apr 2014 17:05:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3HH5rWh047489; Thu, 17 Apr 2014 17:05:53 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3HH5rhs047488; Thu, 17 Apr 2014 17:05:53 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404171705.s3HH5rhs047488@svn.freebsd.org> From: Dru Lavigne Date: Thu, 17 Apr 2014 17:05:53 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44593 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Apr 2014 17:05:54 -0000 Author: dru Date: Thu Apr 17 17:05:53 2014 New Revision: 44593 URL: http://svnweb.freebsd.org/changeset/doc/44593 Log: Editorial review of TCP Wrapper chapter. Change application name to singular. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Wed Apr 16 21:07:48 2014 (r44592) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu Apr 17 17:05:53 2014 (r44593) @@ -51,7 +51,7 @@ - How to configure TCP Wrappers for use + How to configure TCP Wrapper for use with &man.inetd.8;. @@ -866,7 +866,7 @@ Enter secret pass phrase: < - TCP Wrappers + TCP Wrapper TomRhodesWritten @@ -874,55 +874,61 @@ Enter secret pass phrase: < - TCP Wrappers + TCP Wrapper - TCP Wrappers extends the abilities of - to provide support for every - server daemon under its control. It can be configured - to provide logging support, return messages to connections, and - permit a daemon to only accept internal connections. While some - of these features can be provided by implementing a firewall, - TCP Wrappers adds an extra layer of - protection and goes beyond the amount of control a firewall can - provide. + TCP Wrapper is a host-based + access control system which extends the abilities of + . It can be configured + to provide logging support, return messages, and + connection restrictions for the + server daemons under the control of + inetd. Refer to &man.tcpd.8; for + more information about + TCP Wrapper and its features. - TCP Wrappers should not be considered a + TCP Wrapper should not be considered a replacement for a properly configured firewall. - TCP Wrappers should be used in conjunction - with a firewall and other security enhancements. + Instead, TCP Wrapper should be used in conjunction + with a firewall and other security enhancements in order to + provide another layer of protection in the implementation of a + security policy. Initial Configuration - To enable TCP Wrappers in &os;, ensure - the &man.inetd.8; server is started from - /etc/rc.conf with - . Then, properly configure + To enable TCP Wrapper in &os;, + add the following lines to + /etc/rc.conf: + + inetd_enable="YES" +inetd_flags="-Ww" + + Then, properly configure /etc/hosts.allow. - Unlike other implementations of TCP - Wrappers, the use of hosts.deny has - been deprecated. All configuration options should be placed + Unlike other implementations of + TCP Wrapper, the use of hosts.deny is + deprecated in &os;. All configuration options should be placed in /etc/hosts.allow. In the simplest configuration, daemon connection policies - are set to either be permitted or blocked depending on the + are set to either permit or block, depending on the options in /etc/hosts.allow. The default - configuration in &os; is to allow a connection to every daemon - started with &man.inetd.8;. + configuration in &os; is to allow all connections to the daemons + started with inetd. Basic configuration usually takes the form of daemon : address : action, where - daemon is the daemon which &man.inetd.8; + daemon is the daemon which inetd started, address is a valid hostname, IP address, or an IPv6 address enclosed in brackets ([ ]), and action is either allow or deny. - TCP Wrappers uses a first rule match - semantic, meaning that the configuration file is scanned in - ascending order for a matching rule. When a match is found, + TCP Wrapper uses a first rule match + semantic, meaning that the configuration file is scanned + from the beginning for a matching rule. When a match is found, the rule is applied and the search process stops. For example, to allow POP3 connections @@ -933,8 +939,8 @@ Enter secret pass phrase: < # This line is required for POP3 connections: qpopper : ALL : allow - After adding this line, &man.inetd.8; needs to be - restarted: + Whenever this file is edited, restart + inetd: &prompt.root; service inetd restart @@ -942,7 +948,7 @@ qpopper : ALL : allow Advanced Configuration - TCP Wrappers provides advanced options + TCP Wrapper provides advanced options to allow more control over the way connections are handled. In some cases, it may be appropriate to return a comment to certain hosts or daemon connections. In other cases, a log @@ -950,15 +956,12 @@ qpopper : ALL : allow administrator. Other situations may require the use of a service for local connections only. This is all possible through the use of configuration options known as - wildcards, expansion characters and + wildcards, expansion characters, and external command execution. - - External Commands - Suppose that a situation occurs where a connection should be denied yet a reason should be sent to the - individual who attempted to establish that connection. That + host who attempted to establish that connection. That action is possible with . When a connection attempt is made, executes a shell command or script. An example exists in @@ -970,9 +973,9 @@ ALL : ALL \ : twist /bin/echo "You are not welcome to use %d from %h." In this example, the message You are not allowed - to use daemon from - hostname. will be returned for - any daemon not previously configured in the access file. + to use daemon name from + hostname. will be returned for + any daemon not configured in hosts.allow. This is useful for sending a reply back to the connection initiator right after the established connection is dropped. Any message returned must be wrapped in @@ -980,8 +983,8 @@ ALL : ALL \ It may be possible to launch a denial of service - attack on the server if an attacker, or group of - attackers, could flood these daemons with connection + attack on the server if an attacker + floods these daemons with connection requests. @@ -990,9 +993,9 @@ ALL : ALL \ implicitly denies the connection and may be used to run external shell commands or scripts. Unlike , will not send - a reply back to the individual who established the + a reply back to the host who established the connection. For example, consider the following - configuration line: + configuration: # We do not allow connections from example.com: ALL : .example.com \ @@ -1004,46 +1007,38 @@ ALL : .example.com \ class="fqdomainname">*.example.com and log the hostname, IP address, and the daemon to which access was attempted to - /var/log/connections.log. - - This example uses the substitution characters + /var/log/connections.log. This example + uses the substitution characters %a and %h. Refer to &man.hosts.access.5; for the complete list. - - - Wildcard Options - - The ALL option may be used to match - every instance of a daemon, domain, or an - IP address. Another wildcard is + To match every instance of a daemon, domain, or + IP address, use ALL. Another wildcard is PARANOID which may be used to match any host which provides an IP address - that may be forged. For example, - PARANOID may be used to define an action - to be taken whenever a connection is made from an - IP address that differs from its + that may be forged because the + IP address differs from its resolved hostname. In this example, all connection requests to - &man.sendmail.8; which have an IP address + Sendmail which have an IP address that varies from its hostname will be denied: # Block possibly spoofed requests to sendmail: sendmail : PARANOID : deny - Using the PARANOID wildcard may - severely cripple servers if the client or server has a - broken DNS setup. Administrator - discretion is advised. + Using the PARANOID wildcard will + result in denied connections if the client or server has a + broken DNS setup. To learn more about wildcards and their associated functionality, refer to &man.hosts.access.5;. - Before any of the specific configuration lines above - will work, the first configuration line should be commented + + When adding new configuration lines, make sure that any + unneeded entries for that daemon are commented out in hosts.allow. - + From owner-svn-doc-all@FreeBSD.ORG Thu Apr 17 17:22:59 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9DA429CB; Thu, 17 Apr 2014 17:22:59 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8972D19F7; Thu, 17 Apr 2014 17:22:59 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3HHMx31055580; Thu, 17 Apr 2014 17:22:59 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3HHMxSd055579; Thu, 17 Apr 2014 17:22:59 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404171722.s3HHMxSd055579@svn.freebsd.org> From: Gabor Pali Date: Thu, 17 Apr 2014 17:22:59 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44594 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Apr 2014 17:22:59 -0000 Author: pgj Date: Thu Apr 17 17:22:59 2014 New Revision: 44594 URL: http://svnweb.freebsd.org/changeset/doc/44594 Log: - Further improvements to the 2014Q1 status report Submitted by: bjk (most of them) Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Thu Apr 17 17:05:53 2014 (r44593) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Thu Apr 17 17:22:59 2014 (r44594) @@ -212,12 +212,12 @@ definitions and explanations of the terms and features of ZFS.

        -

        The remaining section is the FAQ. To help users address the - most common problems they might run into with ZFS. It would - be useful to hear experiences, questions, misconceptions, - gotchas, stumbling blocks, and suggestions for the FAQ section - from other users. Also, a use cases section that highlights - some of the cases where ZFS provides advantages over +

        The remaining section is the FAQ, to help users address the + most common problems they might run into with ZFS. It would be + useful to hear experiences, questions, misconceptions, gotchas, + stumbling blocks, and suggestions for the FAQ section from other + users. Also, it would be good to have a use cases section that + highlights some of the cases where ZFS provides advantages over traditional file systems.

        Please send suggestions to the freebsd-doc mailing @@ -296,10 +296,10 @@

        The &os; Documentation Engineering Team is responsible for - defining and following up documentation goals for the - committers in the Documentation project. The team is pleased - to announce a new member — &a.wblock;. In early March, - the &os; Documentation Engineering Team members assumed + defining and following up on the documentation goals for the + committers in the Documentation project. The team is pleased to + announce a new member — &a.wblock;. In early March, the + &os; Documentation Engineering Team members assumed responsibility for the &os; Webmaster Team.

        @@ -342,10 +342,10 @@ currently at its most recent upstream version.

        For non-Windows-based Ada development, &os; and DragonFly are - now undisputed as the go-to platforms. The other candidates - are Debian and Fedora, but there are few Ada software on those - platforms that are not also in the &os; ports tree, but the - versions are much older. The Ports Collection also features + now undisputed as the go-to platforms. The other candidates are + Debian and Fedora, but there are few Ada softwares on those + platforms that are not also in the &os; ports tree, and the &os; + versions are much newer. The Ports Collection also features software not found anywhere else such as the USAFA's Ironsides DNS server, libsparkcrypto, matreshka, GNATDroid (Android cross-compiler) and several developer libraries.

        @@ -407,7 +407,7 @@

      We also follow development of core components (available in - your repository). See link for documentation on how to + your repository). See the links for documentation on how to upgrade those libraries.

        @@ -574,8 +574,8 @@ Simplify and improve Kyua HTML reports. In particular, reports will be coalesced into single HTML files for easier management and will include more useful details for debugging. - Such details are the revision at which the system was built, - date and duration of the whole run, or list of installed + Such details are the revision at which the system was built, the + date and duration of the whole run, or the list of installed packages, to mention a few examples. Add JUnit XML output to Kyua for better integration with @@ -689,15 +689,15 @@ -

        Arm64 is the name of the in-progress port of &os; to the - ARMv8 CPU when it is in AArch64 mode. Until recently, all ARM - CPU designs were 32-bit only. With the introduction of the - ARMv8, architecture ARM has added a new 64-bit mode. This new - mode has been named AArch64.

        +

        Arm64 is the name of the in-progress port of &os; to the ARMv8 + CPU when it is in AArch64 mode. Until recently, all ARM CPU + designs were 32-bit only. With the introduction of the ARMv8 + architecture, ARM has added a new 64-bit mode. This new mode + has been named AArch64.

        Progress has been good on getting &os; to build and run on the ARM Foundation model. &os; is able to be built for this - architecture, however it requires a number of external tools + architecture, however, it requires a number of external tools including objdump(1) and ld(1). These tools are provided by an external copy of binutils until replacements can be written.

        @@ -871,7 +871,7 @@ Shawn has access to a Raspberry Pi (RPI). PIE is 90% broken. Debug and fix major issues on the RPI. The existing NX stack protections are not obeyed on RPI. Properly - implemented ASLR requires NX stack. + implemented ASLR requires a NX stack.         Shawn will be receiving a sparc64 box on April 6, 2014. He will test ASLR on sparc64, identifying and @@ -881,9 +881,9 @@ Linuxulator. He will be looking into that and fixing those. - Shawn will be cleaning up code and adding more - applications in base to support PIE. He will also add PIE - support to the ports framework for general consumption. + Shawn will be cleaning up code and adding support for PIE to + more applications in base. He will also add PIE support to the + ports framework for general consumption. Shawn will be giving a presentation regarding ASLR at BSDCan 2014. @@ -1123,12 +1123,12 @@ -

        Chromebook is an ARMv7 Cortex-A15 personal computer powered - by Samsung Exynos 5 Dual System-on-Chip. As of the current - status of this project, such laptops can be booted with &os; - from USB flash — it works stably (including SMP) and it - can build third-party applications. The display and keyboard - work.

        +

        One model of Chromebook is an ARMv7 Cortex-A15 personal + computer powered by a Samsung Exynos 5 Dual System-on-Chip. As of + the current status of this project, such laptops can be booted + with &os; from USB flash — it works stably (including SMP) + and it can build third-party applications. The display and + keyboard work.

        Thanks to &a.grehan; for providing hardware.

        @@ -1382,7 +1382,7 @@

        The project is now in head, stable/10 and stable/9 branches. Hence, vt(4) can be - tested by using VT kernel configuration + tested by using the VT kernel configuration (i386 and amd64) or by replacing two lines in the GENERIC kernel configuration file:

        @@ -1439,7 +1439,7 @@ device vt_efifb Create sub-directories for vt(4) under /usr/share/ to store key maps and fonts. - Implement remaining features supported by + Implement the remaining features supported by vidcontrol(1). Write the vt(4) manual page. (This is in @@ -1529,7 +1529,7 @@ device vt_efifb

        OpenStack is a cloud operating system that controls large pools of compute, storage, and networking resources in a data center. OpenContrail is a network virtualization (SDN) - solution comprising network controller, virtual router and + solution comprising a network controller, virtual router, and analytics engine, which can be integrated with cloud orchestration systems like OpenStack or CloudStack.

        @@ -1718,10 +1718,10 @@ device vt_efifb &os;. The second was auditdistd(8) improvements for the &os; cluster.

        -

        Work continued on these Foundation-sponsored projects: - Intel graphics driver update by &a.kib;, UEFI boot support for +

        Work continued on these Foundation-sponsored projects: Intel + graphics driver update by &a.kib;, UEFI boot support for amd64 by &a.emaste;, autofs automounter and in-kernel - iSCSI stack enhancements, bug fixes by &a.trasz;, updated + iSCSI stack enhancements and bug fixes by &a.trasz;, and updated vt(4) system console by &a.ray;. A more detailed project update for each of the above projects can be found within this quarterly status report.

        @@ -1761,9 +1761,9 @@ device vt_efifb

        After finishing the 10.0-RELEASE, Foundation system administrator and release engineer &a.gjb; began work on adding support for &os;/arm image builds as part of the - release build process. As result of this work, &os;/arm + release build process. As a result of this work, &os;/arm images are produced as part of the weekly development snapshot - builds, and available from any of the &os; FTP mirrors. + builds, and are available from any of the &os; FTP mirrors. Supported kernel configurations currently include BEAGLEBONE, RPI-B, PANDABOARD, WANDBOARD-QUAD, and ZEDBOARD.

        @@ -1797,18 +1797,18 @@ device vt_efifb -

        LLDB is the debugger project associated with - Clang/LLVM. It supports Mac OS X, Linux, and &os; platforms, - with ongoing work on Windows. It builds on existing - components in the larger LLVM project, for example using - Clang's expression parser and LLVM's disassembler.

        +

        LLDB is the debugger project associated with Clang/LLVM. It + supports the Mac OS X, Linux, and &os; platforms, with ongoing + work on Windows. It builds on existing components in the larger + LLVM project, for example using Clang's expression parser and + LLVM's disassembler.

        The majority of work since the last status update has been on bugfixes and implementation of the remaining functionality - missing on &os;. Most of these improvements are now in the - LLDB snapshot in the base system, which has been updated to - upstream Subversion revision r202189. Some highlights of the - new update include:

        + missing on &os;. Most of these improvements are now in the LLDB + snapshot in the base system, which has been updated to upstream + Subversion revision r202189. Some highlights of the new update + include:

        • Improvements to the remote GDB protocol client.
          • @@ -1924,9 +1924,9 @@ device vt_efifb adding a lot of new SDIO-specific bus methods. A prototype of the driver for the Marvell SDIO WLAN/BT (Avastar 88W8787) module is also being developed, using the existing Linux - driver as the reference.

          + driver as a reference.

          -

          SDIO card detection and initialization already work, most +

          SDIO card detection and initialization already work; most needed bus methods are implemented and tested.

          The WiFi driver is able to load firmware onto the card and @@ -2105,53 +2105,51 @@ device vt_efifb Now both the 9.x and 10.x branches share the same support for Intel and AMD GPUs.

          -

          The next big tasks are the updates of the DRM generic code - and the i915 driver. Both are making good progress - and the DRM update should hopefully be ready for wider testing - during April. An update of the Radeon driver is on the to-do - list, but nothing is scheduled yet.

          +

          The next big tasks are the updates of the DRM generic code and + the i915 driver. Both are making good progress and the + DRM update should hopefully be ready for wider testing during + April. An update of the Radeon driver is on the to-do list, but + nothing is scheduled yet.

          On the ports tree and packages side, the update to Cairo 1.12 - mentioned in the last quarterly report is ready to be - committed, as people who tested it either reported - improvements or no regressions. As a reminder, the switch - from Cairo 1.10 to 1.12 causes display artifacts with - xf86-video-intel 2.7.1, but fixes similar problems with other - hardware/driver combinations. Furthermore, Cairo 1.12 is - required by Pango 1.36.0, GTK+ 3.10 and Firefox 27.0. A - Heads up mail will be posted to the + mentioned in the last quarterly report is ready to be committed, + as people who tested it either reported improvements or no + regressions. As a reminder, the switch from Cairo 1.10 to 1.12 + causes display artifacts with xf86-video-intel 2.7.1, but fixes + similar problems with other hardware/driver combinations. + Furthermore, Cairo 1.12 is required by Pango 1.36.0, GTK+ 3.10 + and Firefox 27.0. A Heads up mail will be posted to the freebsd-x11 mailing-list when this update goes live.

          -

          In the graphics stack's ports development tree, new Mesa - ports are being worked on. Those ports are required to - support GLAMOR (the GL-based 2D acceleration library used by - Radeon HD 7000+ cards for instance) and OpenCL (using the GPU - to perform non-graphical calculations). We were able to - execute some "Hello World" OpenCL programs and play with - OpenCL in darktable, but there are some compatibility issues - between Clover (Mesa's libOpenCL implementation) and - Clang/libc++.

          +

          In the graphics stack's ports development tree, new Mesa ports + are being worked on. Those ports are required to support GLAMOR + (the GL-based 2D acceleration library used by Radeon HD 7000+ + cards for instance) and OpenCL (using the GPU to perform + non-graphical calculations). We were able to execute some + "Hello World" OpenCL programs and play with OpenCL in darktable, + but there are some compatibility issues between Clover (Mesa's + libOpenCL implementation) and Clang/libc++.

          We are preparing an alternate pkg(8) repository with - packages built with WITH_NEW_XORG. The goal is to - ease the usage of the KMS drivers and move forward with the - graphics stack updates. The main pkg(8) repository - will still use the default setting (WITH_NEW_XORG set - on head, but not on the stable - branches).

          - -

          This will pave the way to WITH_NEW_XORG deprecation - and the removal of the older stack. The current plan is to do - this after 10.0-RELEASE End-of-Life, scheduled on January - 31st, 2015. By that time, the only supported releases will be - 8.4-RELEASE, 9.3-RELEASE and 10.1-RELEASE. &os; 9.3 and 10.1 - will be fully equipped to work with the newer stack. - Unfortunately, &os; 8.x misses the required kernel DRM - infrastructure: supporting X.Org here cripples progress on the - graphics stack and, once WITH_NEW_XORG is gone, we - will not support 8.x as a desktop any more. Therefore, please - upgrade to 9.3 or 10.1 when they are available.

          + packages built with WITH_NEW_XORG. The goal is to ease + the usage of the KMS drivers and move forward with the graphics + stack updates. The main pkg(8) repository will still + use the default setting (WITH_NEW_XORG set on + head, but not on the stable branches).

          + +

          This will pave the way to the deprecation + ofWITH_NEW_XORG and the removal of the older stack. + The current plan is to do this after 10.0-RELEASE End-of-Life, + scheduled on January 31st, 2015. By that time, the only + supported releases will be 8.4-RELEASE, 9.3-RELEASE and + 10.1-RELEASE. &os; 9.3 and 10.1 will be fully equipped to work + with the newer stack. Unfortunately, &os; 8.x misses the + required kernel DRM infrastructure: supporting X.Org here + cripples progress on the graphics stack and, once + WITH_NEW_XORG is gone, we will not support 8.x as a + desktop any more. Therefore, please upgrade to 9.3 or 10.1 when + they are available.

          @@ -2198,10 +2196,10 @@ device vt_efifb -

          The &os; Port Management Team is to ensure that the &os; - Ports Developer community provides a ports collection that is - functional, stable, up-to-date and full-featured. It is also - to coordinate among the committers and developers who work on +

          The role of the &os; Port Management Team is to ensure that the + &os; Ports Developer community provides a ports collection that is + functional, stable, up-to-date and full-featured. It is also to + coordinate among the committers and developers who work on it.

          The ports tree slowly approaches the 25,000 ports threshold, @@ -2217,18 +2215,18 @@ device vt_efifb &a.antoine;.

          Commencing March 1, the second intake of - portmgr-lurkers started active duty on - portmgr for a four month duration. The next two - candidates are &a.danfe; and &a.culot;.

          + portmgr-lurkers started active duty on portmgr + for a four month duration. The next two candidates are + &a.danfe; and &a.culot;.

          This quarter also saw the release of the first quarterly branch, namely 2014Q1. This branch is intended to provide a stable and high-quality ports tree, with patches - related to security fixes as well as packaging and runtime - fixes being backported from head.

          + related to security fixes as well as packaging and runtime fixes + being backported from head.

          -

          Ongoing maintenance goes into redports.org, including QAT - runs and ports and security updates.

          +

          Ongoing maintenance goes into redports.org, including QAT runs + and ports and security updates.

          @@ -2321,7 +2319,7 @@ device vt_efifb

          The &os; Postmaster Team is responsible for mail being - correctly delivered to the committers' email address, ensuring + correctly delivered to the committers' email addresses, ensuring that the mailing lists work, and should take measures against possible disruptions of project mail services, such as having troll-, spam- and virus-filters.

          @@ -2375,16 +2373,17 @@ device vt_efifb

          The first quarter of 2014 was very active for the Core Team. &a.jhb; and &a.theraven; kept coordinating the work required for providing a newer version of X.Org for 9.x and 10.x - systems. Now, after that vt(4), a successor to + systems. Now that vt(4), a successor to syscons(4) that offers a KMS-enabled console, has been merged to both stable/9 and stable/10, an alternative pkg(8) repository is in preparation - for wider testing. In addition to that, &a.jhb; published the + for wider testing of vt(4) and the new X.Org version. + In addition to that, &a.jhb; published the policy on licenses for new files and files with non-standard licenses. Thanks to the efforts of &a.gavin;, &os; has again made it into the Google Summer of Code program, for the tenth - time now. &a.theraven; reported that both libc++ and - libstdc++ can be now built as all the + time. &a.theraven; reported that both libc++ and + libstdc++ can now be built, as all of the standards-compliant implementations of the required numerical functions have been added.

          @@ -2407,7 +2406,7 @@ device vt_efifb achieved by increasing the value of __FreeBSD_version on each fix, therefore the corresponding discussion concluded in freezing the ABI note tag for releases in order to keep the - size of the binary patches for freebsd-update(8) low. + size of binary patches for freebsd-update(8) low. A related Errata Notice is about to be published soon.

          Only a single commit bit was taken for safekeeping. @@ -2459,7 +2458,7 @@ device vt_efifb Samba permissions. This allows novice users to configure access to shares in various configurations. It allows both control and usability, with no manual being necessary in order - to operate it. This is the ZFSguru-style.

          + to operate it. This is the ZFSguru style.

          New system versions have been released, based on &os; 9.2, 10.0, and head. The experimental head @@ -2481,7 +2480,7 @@ device vt_efifb - ZFSguru beta10 will increase compatibility of new added + ZFSguru beta10 will increase the compatibility of newly added Samba functionality with non-Gecko browsers. It will also fix some minor bugs as well as speed up some pages by having a redesigned remote database system called GuruDB. @@ -2500,9 +2499,9 @@ device vt_efifb New website with new forum and new login system. - Developer website with GitLab setup, allowing bugreports, + Developer website with GitLab setup, allowing bug reports, code contributions, wiki, and wall messages. Note that GitLab - has also been provided as ZFSguru service, for those + has also been provided as a ZFSguru service, for those interested in trying GitLab. @@ -2559,7 +2558,7 @@ device vt_efifb

          bhyve is a Type-1 hypervisor that runs on the &os; platform. - It currently only runs &os; (9.x or later) and Linux guests, + It currently only runs &os; (9.x or later) and Linux guests; current development efforts aim at widening support for other x86 64-bit operating systems. After a great deal of work by all involved, bhyve was shipped as part of &os; 10.0-RELEASE. @@ -2577,8 +2576,8 @@ device vt_efifb

        • Graceful shutdown via ACPI on SIGTERM
          • -
        • Fix issue with virtio-blk devices on Linux guests with - more than 4GB of ram
          • +
        • Fix an issue with virtio-blk devices on Linux guests with + more than 4GB of RAM
        • Increase the block-layer backend maximum requests to match AHCI command queue depth
          • From owner-svn-doc-all@FreeBSD.ORG Thu Apr 17 17:31:45 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D048BAFA; Thu, 17 Apr 2014 17:31:45 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BCFC01ACD; Thu, 17 Apr 2014 17:31:45 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3HHVjhq059555; Thu, 17 Apr 2014 17:31:45 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3HHVjcH059554; Thu, 17 Apr 2014 17:31:45 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404171731.s3HHVjcH059554@svn.freebsd.org> From: Gabor Pali Date: Thu, 17 Apr 2014 17:31:45 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44595 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Apr 2014 17:31:46 -0000 Author: pgj Date: Thu Apr 17 17:31:45 2014 New Revision: 44595 URL: http://svnweb.freebsd.org/changeset/doc/44595 Log: - Add 2014Q1 status report for GSoC Submitted by: gavin Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Thu Apr 17 17:22:59 2014 (r44594) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Thu Apr 17 17:31:45 2014 (r44595) @@ -37,7 +37,7 @@

          Thanks to all the reporters for the excellent work! This - report contains 40 entries and we hope you enjoy reading it.

          + report contains 41 entries and we hope you enjoy reading it.

          The deadline for submissions covering between April and June 2014 is July 7th, 2014.

          @@ -2652,4 +2652,70 @@ device vt_efifb Support for other architectures (ARM, MIPS, PPC).           + + + &os; Participating in Summer of Code 2014 + + + + + Gavin + Atkinson + + gavin@FreeBSD.org + + + + + Glen + Barber + + gjb@FreeBSD.org + + + + + Wojciech + Koszek + + wkoszek@FreeBSD.org + + + + + + + + + +

          &os; is pleased to have been accepted as a participating + organization in Google's Summer of Code 2014. This will be the + tenth time we have participated in the program, having been + selected to participate every year since its introduction.

          + +

          This year, the administrators made a special attempt to spread + the word about Summer of Code around Universities, including + making contact with around 350 mainly Polish, British, African + and American universities to advertise the Summer of Code + program, with a particular focus on &os;'s participation. We + made contact with both technical departments and student + societies. Posters were produced in several languages, and &os; + committers and users were encouraged to distribute these posters + around their local universities.

          + +

          &os; received a total of 39 proposals from students, and were + subsequently granted 15 slots from Google. We are now facing + the unpleasant challenge of trying to decide which of the 39 + proposals to select, taking into account the quality, + desirability and feasibility of each proposal, as well as + ensuring we will be able to provide an excellent mentoring + experience to each selected student. All mentors have + volunteered to mentor, and we pair students with mentors + primarily based on the prospective mentor's areas of expertise, + interest in the project, also taking into account the desire to + pair students up with mentors in similar timezones in order to + improve the student experience. The final list of accepted + students is expected to be announced on the 21st April.

          + +           From owner-svn-doc-all@FreeBSD.ORG Thu Apr 17 17:40:16 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EA089C6E; Thu, 17 Apr 2014 17:40:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D763E1B21; Thu, 17 Apr 2014 17:40:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3HHeGpV061130; Thu, 17 Apr 2014 17:40:16 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3HHeGg8061129; Thu, 17 Apr 2014 17:40:16 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404171740.s3HHeGg8061129@svn.freebsd.org> From: Gabor Pali Date: Thu, 17 Apr 2014 17:40:16 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44596 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Apr 2014 17:40:17 -0000 Author: pgj Date: Thu Apr 17 17:40:16 2014 New Revision: 44596 URL: http://svnweb.freebsd.org/changeset/doc/44596 Log: - Finish building the 2014Q1 status report, thanks again to all reporters! Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Thu Apr 17 17:31:45 2014 (r44595) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Thu Apr 17 17:40:16 2014 (r44596) @@ -34,8 +34,6 @@ development projects. And these are only some of the things that happened! Read on for even more.

          - -

          Thanks to all the reporters for the excellent work! This report contains 41 entries and we hope you enjoy reading it.

          From owner-svn-doc-all@FreeBSD.ORG Thu Apr 17 17:43:33 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 14B9AF67; Thu, 17 Apr 2014 17:43:33 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0134F1C07; Thu, 17 Apr 2014 17:43:33 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3HHhWS1063916; Thu, 17 Apr 2014 17:43:32 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3HHhWaD063915; Thu, 17 Apr 2014 17:43:32 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404171743.s3HHhWaD063915@svn.freebsd.org> From: Gabor Pali Date: Thu, 17 Apr 2014 17:43:32 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44597 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Apr 2014 17:43:33 -0000 Author: pgj Date: Thu Apr 17 17:43:32 2014 New Revision: 44597 URL: http://svnweb.freebsd.org/changeset/doc/44597 Log: - Minor nits to the GSoC 2014Q1 status report entry Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Thu Apr 17 17:40:16 2014 (r44596) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-01-2014-03.xml Thu Apr 17 17:43:32 2014 (r44597) @@ -2692,7 +2692,7 @@ device vt_efifb selected to participate every year since its introduction.

          This year, the administrators made a special attempt to spread - the word about Summer of Code around Universities, including + the word about Summer of Code around universities, including making contact with around 350 mainly Polish, British, African and American universities to advertise the Summer of Code program, with a particular focus on &os;'s participation. We @@ -2711,7 +2711,7 @@ device vt_efifb volunteered to mentor, and we pair students with mentors primarily based on the prospective mentor's areas of expertise, interest in the project, also taking into account the desire to - pair students up with mentors in similar timezones in order to + pair students up with mentors in similar time zones in order to improve the student experience. The final list of accepted students is expected to be announced on the 21st April.

          From owner-svn-doc-all@FreeBSD.ORG Thu Apr 17 18:24:41 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A7F12C80; Thu, 17 Apr 2014 18:24:41 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 94CED11FC; Thu, 17 Apr 2014 18:24:41 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3HIOfvL080900; Thu, 17 Apr 2014 18:24:41 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3HIOfRk080898; Thu, 17 Apr 2014 18:24:41 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404171824.s3HIOfRk080898@svn.freebsd.org> From: Gabor Pali Date: Thu, 17 Apr 2014 18:24:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44598 - in head: en_US.ISO8859-1/htdocs/news/status share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Apr 2014 18:24:41 -0000 Author: pgj Date: Thu Apr 17 18:24:40 2014 New Revision: 44598 URL: http://svnweb.freebsd.org/changeset/doc/44598 Log: - Publish the 2014Q1 report Modified: head/en_US.ISO8859-1/htdocs/news/status/status.xml head/share/xml/news.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/status.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/status.xml Thu Apr 17 17:43:32 2014 (r44597) +++ head/en_US.ISO8859-1/htdocs/news/status/status.xml Thu Apr 17 18:24:40 2014 (r44598) @@ -13,8 +13,8 @@ -

          Next Quarterly Status Report submissions (January — - March) due: April 7th, 2014

          +

          Next Quarterly Status Report submissions (April — + June) due: July 7th, 2014

          Use the xml generator or download and edit the @@ -55,6 +55,13 @@

          These status reports may be reproduced in whole or in part, as long as the source is clearly identified and appropriate credit given.

          +

          2014

          + +           +

          2013

            Modified: head/share/xml/news.xml ============================================================================== --- head/share/xml/news.xml Thu Apr 17 17:43:32 2014 (r44597) +++ head/share/xml/news.xml Thu Apr 17 18:24:40 2014 (r44598) @@ -34,6 +34,18 @@ 4 + 17 + + + January-March, 2014 Status Report + +

            The January-March, 2014 Status Report + is now available with 41 entries.

            +             +             + + 7

            New committer: From owner-svn-doc-all@FreeBSD.ORG Thu Apr 17 20:16:20 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B5AC6471; Thu, 17 Apr 2014 20:16:20 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 95CA61D73; Thu, 17 Apr 2014 20:16:20 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3HKGKmG027873; Thu, 17 Apr 2014 20:16:20 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3HKGKuM027871; Thu, 17 Apr 2014 20:16:20 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404172016.s3HKGKuM027871@svn.freebsd.org> From: Dru Lavigne Date: Thu, 17 Apr 2014 20:16:20 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44600 - in head/en_US.ISO8859-1/books/handbook: network-servers security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Apr 2014 20:16:20 -0000 Author: dru Date: Thu Apr 17 20:16:19 2014 New Revision: 44600 URL: http://svnweb.freebsd.org/changeset/doc/44600 Log: Begin editorial review of OpenSSL chapter. Comment out IDEA note for now as the patents expired 2 years ago. Add a section ID to LDAP chapter so it can be referred to in this chapter. More commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Thu Apr 17 20:06:59 2014 (r44599) +++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Thu Apr 17 20:16:19 2014 (r44600) @@ -2224,7 +2224,7 @@ result: 0 Success xlink:href="http://www.openldap.org/doc/admin24/intro.html">http://www.openldap.org/doc/admin24/intro.html. - + Configuring an <acronym>LDAP</acronym> Server LDAP Server Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu Apr 17 20:06:59 2014 (r44599) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu Apr 17 20:16:19 2014 (r44600) @@ -1770,31 +1770,19 @@ kadmind5_server_enable="YES"OpenSSL - The - OpenSSL toolkit is included in &os;. + OpenSSL is an open source + implementation of the SSL and + TLS protocols. It provides an encryption transport layer on top of the normal communications layer, allowing it to be intertwined with many network applications and services. - Some uses of OpenSSL may include - encrypted authentication of mail clients and web based - transactions such as credit card payments. Many ports such as - www/apache22, and - mail/claws-mail offer compilation support for - building with OpenSSL. - - - In most cases, the Ports Collection will attempt to build - the security/openssl port unless - WITH_OPENSSL_BASE is explicitly set to - yes. - - The version of OpenSSL included - in &os; supports Secure Sockets Layer v2/v3 (SSLv2/SSLv3) and + in &os; supports the Secure Sockets Layer v2/v3 (SSLv2/SSLv3) and Transport Layer Security v1 (TLSv1) network security protocols and can be used as a general cryptographic library. - + - One of the most common uses of + OpenSSL is often used to + encrypt authentication of mail clients and to secure web based + transactions such as credit card payments. Some ports, such as + www/apache24 and + databases/postgresql91-server, include a compile option for + building with OpenSSL. If selected, + the port will add support using the + security/openssl port. To instead have the + port compile against the built in version of + OpenSSL, include + WITH_OPENSSL_BASE when compiling + in OpenSSL support. + + Another common use of OpenSSL is to provide certificates - for use with software applications. These certificates ensure - that the credentials of the company or individual are valid - and not fraudulent. If the certificate in question has not - been verified by a Certificate Authority - (CA), a warning is produced. A - CA is a company, such as VeriSign, signs - certificates in order to validate the credentials of individuals - or companies. This process has a cost associated with it and is - not a requirement for using certificates; however, it can put + for use with software applications. Certificates can be used to verify + the credentials of a company or individual. + If a certificate has not + been signed by an external Certificate Authority + (CA), such as http://www.verisign.com, + the application that uses the certificate will produce a warning. + There is a cost associated with obtaining a signed certificate and using a + signed certificate is not mandatory as certificates can be + self-signed. However, using an external authority will prevent warnings and can put users at ease. + This section demonstrates how to create and use certificates + on a &os; system. Refer to for an + example of how to create a CA for signing + one's own certificates. + Generating Certificates From owner-svn-doc-all@FreeBSD.ORG Thu Apr 17 20:33:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A47DA9FD; Thu, 17 Apr 2014 20:33:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9050210B2; Thu, 17 Apr 2014 20:33:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3HKXtVc036126; Thu, 17 Apr 2014 20:33:55 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3HKXt6T036125; Thu, 17 Apr 2014 20:33:55 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404172033.s3HKXt6T036125@svn.freebsd.org> From: Dru Lavigne Date: Thu, 17 Apr 2014 20:33:55 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44601 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Apr 2014 20:33:55 -0000 Author: dru Date: Thu Apr 17 20:33:55 2014 New Revision: 44601 URL: http://svnweb.freebsd.org/changeset/doc/44601 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu Apr 17 20:16:19 2014 (r44600) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu Apr 17 20:33:55 2014 (r44601) @@ -51,8 +51,8 @@ - How to configure TCP Wrapper for use - with &man.inetd.8;. + How to configure TCP Wrapper + for use with &man.inetd.8;. @@ -877,21 +877,20 @@ Enter secret pass phrase: < TCP Wrapper TCP Wrapper is a host-based - access control system which extends the abilities of - . It can be configured - to provide logging support, return messages, and - connection restrictions for the - server daemons under the control of + access control system which extends the abilities of . It can be configured to provide + logging support, return messages, and connection restrictions + for the server daemons under the control of inetd. Refer to &man.tcpd.8; for more information about TCP Wrapper and its features. - TCP Wrapper should not be considered a - replacement for a properly configured firewall. - Instead, TCP Wrapper should be used in conjunction - with a firewall and other security enhancements in order to - provide another layer of protection in the implementation of a - security policy. + TCP Wrapper should not be + considered a replacement for a properly configured firewall. + Instead, TCP Wrapper should be used + in conjunction with a firewall and other security enhancements + in order to provide another layer of protection in the + implementation of a security policy. Initial Configuration @@ -903,33 +902,35 @@ Enter secret pass phrase: < inetd_enable="YES" inetd_flags="-Ww" - Then, properly configure + Then, properly configure /etc/hosts.allow. Unlike other implementations of - TCP Wrapper, the use of hosts.deny is - deprecated in &os;. All configuration options should be placed - in /etc/hosts.allow. + TCP Wrapper, the use of + hosts.deny is deprecated in &os;. All + configuration options should be placed in + /etc/hosts.allow. In the simplest configuration, daemon connection policies - are set to either permit or block, depending on the - options in /etc/hosts.allow. The default - configuration in &os; is to allow all connections to the daemons - started with inetd. + are set to either permit or block, depending on the options in + /etc/hosts.allow. The default + configuration in &os; is to allow all connections to the + daemons started with inetd. Basic configuration usually takes the form of daemon : address : action, where - daemon is the daemon which inetd - started, address is a valid hostname, + daemon is the daemon which + inetd started, + address is a valid hostname, IP address, or an IPv6 address enclosed in brackets ([ ]), and action is either allow or deny. TCP Wrapper uses a first rule match - semantic, meaning that the configuration file is scanned - from the beginning for a matching rule. When a match is found, - the rule is applied and the search process stops. + semantic, meaning that the configuration file is scanned from + the beginning for a matching rule. When a match is found, the + rule is applied and the search process stops. For example, to allow POP3 connections via the mail/qpopper daemon, the following @@ -942,102 +943,100 @@ qpopper : ALL : allow Whenever this file is edited, restart inetd: - &prompt.root; service inetd restart + &prompt.root; service inetd restart Advanced Configuration - TCP Wrapper provides advanced options - to allow more control over the way connections are handled. - In some cases, it may be appropriate to return a comment to - certain hosts or daemon connections. In other cases, a log - entry should be recorded or an email sent to the + TCP Wrapper provides advanced + options to allow more control over the way connections are + handled. In some cases, it may be appropriate to return a + comment to certain hosts or daemon connections. In other + cases, a log entry should be recorded or an email sent to the administrator. Other situations may require the use of a service for local connections only. This is all possible - through the use of configuration options known as - wildcards, expansion characters, and - external command execution. - - Suppose that a situation occurs where a connection - should be denied yet a reason should be sent to the - host who attempted to establish that connection. That - action is possible with . When a - connection attempt is made, executes - a shell command or script. An example exists in - hosts.allow: + through the use of configuration options known as wildcards, + expansion characters, and external command execution. - # The rest of the daemons are protected. + Suppose that a situation occurs where a connection should + be denied yet a reason should be sent to the host who + attempted to establish that connection. That action is + possible with . When a connection + attempt is made, executes a shell + command or script. An example exists in + hosts.allow: + + # The rest of the daemons are protected. ALL : ALL \ : severity auth.info \ : twist /bin/echo "You are not welcome to use %d from %h." - In this example, the message You are not allowed - to use daemon name from - hostname. will be returned for - any daemon not configured in hosts.allow. - This is useful for sending a reply back to the connection - initiator right after the established connection is dropped. - Any message returned must be wrapped in - quote (") characters. + In this example, the message You are not allowed to + use daemon name from + hostname. will be returned + for any daemon not configured in + hosts.allow. This is useful for sending + a reply back to the connection initiator right after the + established connection is dropped. Any message returned + must be wrapped in quote + (") characters. - - It may be possible to launch a denial of service - attack on the server if an attacker - floods these daemons with connection - requests. - + + It may be possible to launch a denial of service attack + on the server if an attacker floods these daemons with + connection requests. + - Another possibility is to use . - Like , - implicitly denies the connection and may be used to run - external shell commands or scripts. Unlike - , will not send - a reply back to the host who established the - connection. For example, consider the following - configuration: + Another possibility is to use . + Like , implicitly + denies the connection and may be used to run external shell + commands or scripts. Unlike , + will not send a reply back to the host + who established the connection. For example, consider the + following configuration: - # We do not allow connections from example.com: + # We do not allow connections from example.com: ALL : .example.com \ : spawn (/bin/echo %a from %h attempted to access %d >> \ /var/log/connections.log) \ : deny - This will deny all connection attempts from *.example.com and log - the hostname, IP address, and the daemon - to which access was attempted to - /var/log/connections.log. This example - uses the substitution characters - %a and %h. Refer to - &man.hosts.access.5; for the complete list. - - To match every instance of a daemon, domain, or - IP address, use ALL. Another wildcard is - PARANOID which may be used to match - any host which provides an IP address - that may be forged because the - IP address differs from its resolved - hostname. In this example, all connection requests to - Sendmail which have an IP address - that varies from its hostname will be denied: + This will deny all connection attempts from *.example.com and log the + hostname, IP address, and the daemon to + which access was attempted to + /var/log/connections.log. This example + uses the substitution characters %a and + %h. Refer to &man.hosts.access.5; for the + complete list. + + To match every instance of a daemon, domain, or + IP address, use ALL. + Another wildcard is PARANOID which may be + used to match any host which provides an IP + address that may be forged because the IP + address differs from its resolved hostname. In this example, + all connection requests to Sendmail + which have an IP address that varies from + its hostname will be denied: - # Block possibly spoofed requests to sendmail: + # Block possibly spoofed requests to sendmail: sendmail : PARANOID : deny - - Using the PARANOID wildcard will - result in denied connections if the client or server has a - broken DNS setup. - + + Using the PARANOID wildcard will + result in denied connections if the client or server has a + broken DNS setup. + - To learn more about wildcards and their associated - functionality, refer to &man.hosts.access.5;. + To learn more about wildcards and their associated + functionality, refer to &man.hosts.access.5;. When adding new configuration lines, make sure that any - unneeded entries for that daemon are commented - out in hosts.allow. + unneeded entries for that daemon are commented out in + hosts.allow. @@ -1772,15 +1771,16 @@ kadmind5_server_enable="YES"OpenSSL is an open source implementation of the SSL and - TLS protocols. - It provides an encryption transport layer on top of the normal - communications layer, allowing it to be intertwined with many - network applications and services. + TLS protocols. It provides an encryption + transport layer on top of the normal communications layer, + allowing it to be intertwined with many network applications and + services. The version of OpenSSL included - in &os; supports the Secure Sockets Layer v2/v3 (SSLv2/SSLv3) and - Transport Layer Security v1 (TLSv1) network security protocols - and can be used as a general cryptographic library. + in &os; supports the Secure Sockets Layer v2/v3 (SSLv2/SSLv3) + and Transport Layer Security v1 (TLSv1) network security + protocols and can be used as a general cryptographic + library. - OpenSSL is often used to - encrypt authentication of mail clients and to secure web based + OpenSSL is often used to encrypt + authentication of mail clients and to secure web based transactions such as credit card payments. Some ports, such as www/apache24 and - databases/postgresql91-server, include a compile option for - building with OpenSSL. If selected, - the port will add support using the - security/openssl port. To instead have the - port compile against the built in version of + databases/postgresql91-server, include a + compile option for building with + OpenSSL. If selected, the port will + add support using the security/openssl port. + To instead have the port compile against the built in version of OpenSSL, include - WITH_OPENSSL_BASE when compiling - in OpenSSL support. + WITH_OPENSSL_BASE when compiling in + OpenSSL support. - Another common use of - OpenSSL is to provide certificates - for use with software applications. Certificates can be used to verify - the credentials of a company or individual. - If a certificate has not - been signed by an external Certificate Authority + Another common use of OpenSSL is + to provide certificates for use with software applications. + Certificates can be used to verify the credentials of a company + or individual. If a certificate has not been signed by an + external Certificate Authority (CA), such as http://www.verisign.com, - the application that uses the certificate will produce a warning. - There is a cost associated with obtaining a signed certificate and using a - signed certificate is not mandatory as certificates can be - self-signed. However, using an external authority will prevent warnings and can put - users at ease. + the application that uses the certificate will produce a + warning. There is a cost associated with obtaining a signed + certificate and using a signed certificate is not mandatory as + certificates can be self-signed. However, using an external + authority will prevent warnings and can put users at + ease. This section demonstrates how to create and use certificates on a &os; system. Refer to for an From owner-svn-doc-all@FreeBSD.ORG Fri Apr 18 12:06:39 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 30952E1B; Fri, 18 Apr 2014 12:06:39 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 11125181A; Fri, 18 Apr 2014 12:06:39 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3IC6ccw026707; Fri, 18 Apr 2014 12:06:38 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3IC6cQh026706; Fri, 18 Apr 2014 12:06:38 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201404181206.s3IC6cQh026706@svn.freebsd.org> From: Mathieu Arnold Date: Fri, 18 Apr 2014 12:06:38 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44602 - head/en_US.ISO8859-1/books/porters-handbook/plist X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Apr 2014 12:06:39 -0000 Author: mat (ports committer) Date: Fri Apr 18 12:06:38 2014 New Revision: 44602 URL: http://svnweb.freebsd.org/changeset/doc/44602 Log: Document the new @sample keyword, and move the old way in a note below. Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml Thu Apr 17 20:33:55 2014 (r44601) +++ head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml Fri Apr 18 12:06:38 2014 (r44602) @@ -189,46 +189,19 @@ lib/X11/oneko/sounds/cat.au edited by the user, and a re-installation will wipe them out. - Instead, install sample file(s) with a - filename.sample suffix. Then copy the - sample file to the real configuration file name, if it does not - already exist. On deinstall delete the configuration file, but - only if it is identical to the .sample - file. You need to handle this in the + Instead, install sample file(s) as + filename.sample, + and for each sample file, add this line to your pkg-plist. - For each configuration file, create the following three - lines in pkg-plist: - - @unexec if cmp -s %D/etc/orbit.conf.sample %D/etc/orbit.conf; then rm -f %D/etc/orbit.conf; fi -etc/orbit.conf.sample -@exec if [ ! -f %D/etc/orbit.conf ] ; then cp -p %D/%F %B/orbit.conf; fi - - The order of these lines is important. On deinstallation, - the sample file is compared to the actual configuration file. - If these files are identical, no changes have been made by the - user and the actual file can be safely deleted. Because the - sample file must still exist for the comparison, the - @unexec line comes before the sample - configuration file name. On installation, if an actual - configuration file is not already present, the sample file is - copied to the actual file. The sample file must be present - before it can be copied, so the @exec line - comes after the sample configuration file name. - - To debug any issues, temporarily remove the - -s flag to &man.cmp.1; for more - output. - - See &man.pkg-create.8; for more information on - %D and related substitution markers. + @sample etc/orbit.conf.sample If there is a very good reason not to install a working - configuration file by default, leave the - @exec line out of - pkg-plist and add a - message pointing out that - the user must copy and edit the file before the software will + configuration file by default, only list the sample filename in + pkg-plist, without the @sample + part, and add a message pointing out that the + user must copy and edit the file before the software will work. @@ -241,6 +214,36 @@ etc/orbit.conf.sample %%ETCDIR%% macro should be used in its stead in the pkg-plist file. + + + The sample configuration files should always have the + .sample suffix. If for some historical + reason you cannot use the standard suffix, you can still use + this construct: + + @unexec if cmp -s %D/etc/orbit.conf-dist %D/etc/orbit.conf; then rm -f %D/etc/orbit.conf; fi +etc/orbit.conf-dist +@exec if [ ! -f %D/etc/orbit.conf ] ; then cp -p %D/%F %B/orbit.conf; fi + + The order of these lines is important. On deinstallation, + the sample file is compared to the actual configuration file. + If these files are identical, no changes have been made by the + user and the actual file can be safely deleted. Because the + sample file must still exist for the comparison, the + @unexec line comes before the sample + configuration file name. On installation, if an actual + configuration file is not already present, the sample file is + copied to the actual file. The sample file must be present + before it can be copied, so the @exec line + comes after the sample configuration file name. + + To debug any issues, temporarily remove the + -s flag to &man.cmp.1; for more + output. + + See &man.pkg-create.8; for more information on + %D and related substitution markers. + From owner-svn-doc-all@FreeBSD.ORG Fri Apr 18 14:47:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3C357E04; Fri, 18 Apr 2014 14:47:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 27B1B1794; Fri, 18 Apr 2014 14:47:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3IElNwj092073; Fri, 18 Apr 2014 14:47:23 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3IElMIx092072; Fri, 18 Apr 2014 14:47:22 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404181447.s3IElMIx092072@svn.freebsd.org> From: Warren Block Date: Fri, 18 Apr 2014 14:47:22 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44603 - head/en_US.ISO8859-1/books/porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Apr 2014 14:47:23 -0000 Author: wblock Date: Fri Apr 18 14:47:22 2014 New Revision: 44603 URL: http://svnweb.freebsd.org/changeset/doc/44603 Log: Make some wording more explicit. Reviewed by: mat Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Fri Apr 18 12:06:38 2014 (r44602) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Fri Apr 18 14:47:22 2014 (r44603) @@ -3866,7 +3866,7 @@ SUB_LIST+= OPT1="@comment " NO_OPT1="" USE_KEY variable will be set to value. If value has spaces in it, - replace them with commas, they will get back as spaces + replace them with commas, they will be changed back to spaces during processing. For example: OPTIONS_DEFINE= OPT1 From owner-svn-doc-all@FreeBSD.ORG Fri Apr 18 16:10:46 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B82F8563; Fri, 18 Apr 2014 16:10:46 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A331B11CA; Fri, 18 Apr 2014 16:10:46 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3IGAkxN026629; Fri, 18 Apr 2014 16:10:46 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3IGAkSY026628; Fri, 18 Apr 2014 16:10:46 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404181610.s3IGAkSY026628@svn.freebsd.org> From: Dru Lavigne Date: Fri, 18 Apr 2014 16:10:46 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44604 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Apr 2014 16:10:46 -0000 Author: dru Date: Fri Apr 18 16:10:46 2014 New Revision: 44604 URL: http://svnweb.freebsd.org/changeset/doc/44604 Log: Finish editorial review of OpenSSL chapter. Update instructions and examples. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Apr 18 14:47:22 2014 (r44603) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Apr 18 16:10:46 2014 (r44604) @@ -1781,17 +1781,6 @@ kadmind5_server_enable="YES" - OpenSSL is often used to encrypt authentication of mail clients and to secure web based @@ -1833,8 +1822,15 @@ This patent expired in 2012, is the note certificate generation - To generate a certificate, the following command is - available: + To generate a certificate that will be signed by an + external CA, issue the following command and + input the information requested at the prompts. This input + information will be written to the certificate. At the + Common Name prompt, input the fully + qualified name for the system that will use the certificate. + If this name does not match the server, the application verifying the + certificate will issue a warning to the user, rendering the + verification provided by the certificate as useless. &prompt.root; openssl req -new -nodes -out req.pem -keyout cert.pem Generating a 1024 bit RSA private key @@ -1861,100 +1857,120 @@ Please enter the following 'extra' attri to be sent with your certificate request A challenge password []:SOME PASSWORD An optional company name []:Another Name - - Notice the response directly after the Common - Name prompt shows a domain name. This prompt - requires a server name to be entered for verification - purposes and placing anything but a domain name yields a - useless certificate. Other options, such as the expire - time and alternate encryption algorithms, are available. A + + Other options, such as the expire + time and alternate encryption algorithms, are available when + creating a certificate. A complete list of options is described in &man.openssl.1;. - Two files should now exist in the directory in which this - command was issued. The certificate request, - req.pem, may be sent to a + This command will create two files in the current directory. + The certificate request, + req.pem, can be sent to a CA who will validate the entered credentials, sign the request, and return the signed - certificate. The second file is named - cert.pem and is the private key for the - certificate and should be protected at all costs. If this - falls in the hands of others it can be used to impersonate + certificate. The second file, + cert.pem, is the private key for the + certificate and should be stored in a secure location. If this + falls in the hands of others, it can be used to impersonate the user or the server. - In cases where a signature from a CA - is not required, a self signed certificate can be created. + Alternately, if a signature from a CA + is not required, a self-signed certificate can be created. First, generate the RSA key: - &prompt.root; openssl dsaparam -rand -genkey -out myRSA.key 1024 - - Next, generate the CA key: - - &prompt.root; openssl gendsa -des3 -out myca.key myRSA.key + &prompt.root; openssl dsaparam -rand -genkey -out myRSA.key 1024 +0 semi-random bytes loaded +Generating DSA parameters, 1024 bit long prime +This could take some time +.............+........+...........+...+....+........+.....+++++++++++++++++++++++++++++++++++++++++++++++++++* +..........+.+...........+....+........+.................+.+++++++++++++++++++++++++++++++++++++++++++++++++++* + + Next, generate the CA key. When + prompted, enter a passphrase between 4 to 1023 characters. + Remember this passphrase as it is needed whenever the key is + used to sign a certificate. + + &prompt.root; openssl gendsa -des3 -out myca.key myRSA.key +Generating DSA key, 1024 bits +Enter PEM pass phrase: +Verifying - Enter PEM pass phrase: + + Use this key to create a self-signed certificate. When + prompted, enter the passphrase. Then follow the usual prompts + for creating a certificate: - Use this key to create the certificate: - - &prompt.root; openssl req -new -x509 -days 365 -key myca.key -out new.crt + &prompt.root; openssl req -new -x509 -days 365 -key myca.key -out new.crt +Enter pass phrase for myca.key: +You are about to be asked to enter information that will be incorporated +into your certificate request. +What you are about to enter is what is called a Distinguished Name or a DN. +There are quite a few fields but you can leave some blank +For some fields there will be a default value, +If you enter '.', the field will be left blank. +----- +Country Name (2 letter code) [AU]:US +State or Province Name (full name) [Some-State]:PA +Locality Name (eg, city) []:Pittsburgh +Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Company +Organizational Unit Name (eg, section) []:Systems Administrator +Common Name (e.g. server FQDN or YOUR name) []:localhost.example.org +Email Address []:trhodes@FreeBSD.org - Two new files should appear in the directory: a + This will create two new files in the current directory: a certificate authority signature file, - myca.key and the certificate itself, + myca.key, and the certificate itself, new.crt. These should be placed in a directory, preferably under /etc, which is readable only by root. Permissions of 0700 are - appropriate and can be set using &man.chmod.1;. + class="username">root. Permissions of 0700 are + appropriate for these files and can be set using chmod. Using Certificates One use for a certificate is to encrypt connections to the - Sendmail MTA. - This prevents the use of clear text authentication for users - who send mail via the local MTA. + Sendmail mail server in order to + prevent the use of clear text authentication. - Some MUAs will display error if the - user has not installed the certificate locally. Refer to + Some mail clients will display an error if the + user has not installed a local copy of the certificate. Refer to the documentation included with the software for more information on certificate installation. - To configure Sendmail, the - following lines should be placed in the local - .mc file: - - dnl SSL Options -define(`confCACERT_PATH',`/etc/certs')dnl -define(`confCACERT',`/etc/certs/new.crt')dnl -define(`confSERVER_CERT',`/etc/certs/new.crt')dnl -define(`confSERVER_KEY',`/etc/certs/myca.key')dnl -define(`confTLS_SRV_OPTIONS', `V')dnl - - In this example, /etc/certs/ - stores the certificate and key files locally. After saving - the edits, rebuild the local .cf file by - typing - make install - within /etc/mail. - Follow that up with make - restart which should - start the Sendmail daemon. + To configure Sendmail, add the + following lines to + /etc/rc.conf: + + sendmail_enable="YES" +sendmail_cert_create="YES" +sendmail_cert_cn="localhost.example.org" + + This will automatically create a self-signed certificate, + /etc/mail/certs/host.cert, a signing key, + /etc/mail/certs/host.key, and a + CA certificate, + /etc/mail/certs/cacert.pem. The + certificate will use the Common Name + specified in . + After saving + the edits, restart Sendmail: - If all went well, there will be no error messages in - /var/log/maillog and - Sendmail will show up in the - process list. + &prompt.root; service sendmail restart - For a simple test, connect to the mail server using - &man.telnet.1;: + If all went well, there will be no error messages in + /var/log/maillog. For a simple test, + connect to the mail server's listening port using + telnet: &prompt.root; telnet example.com 25 Trying 192.0.34.166... -Connected to example.com. +Connected to example.com. Escape character is '^]'. -220 example.com ESMTP Sendmail 8.12.10/8.12.10; Tue, 31 Aug 2004 03:41:22 -0400 (EDT) +220 example.com ESMTP Sendmail 8.14.7/8.14.7; Fri, 18 Apr 2014 11:50:32 -0400 (EDT) ehlo example.com 250-example.com Hello example.com [192.0.34.166], pleased to meet you 250-ENHANCEDSTATUSCODES @@ -1968,10 +1984,10 @@ Escape character is '^]'. 250-DELIVERBY 250 HELP quit -221 2.0.0 example.com closing connection +221 2.0.0 example.com closing connection Connection closed by foreign host. - If the STARTTLS line appears in the + If the STARTTLS line appears in the output, everything is working correctly. From owner-svn-doc-all@FreeBSD.ORG Fri Apr 18 17:35:05 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E628D1EE; Fri, 18 Apr 2014 17:35:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B841F19D2; Fri, 18 Apr 2014 17:35:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3IHZ5BE063571; Fri, 18 Apr 2014 17:35:05 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3IHZ5ch063570; Fri, 18 Apr 2014 17:35:05 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201404181735.s3IHZ5ch063570@svn.freebsd.org> From: Benedict Reuschling Date: Fri, 18 Apr 2014 17:35:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44605 - head/de_DE.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Apr 2014 17:35:06 -0000 Author: bcr Date: Fri Apr 18 17:35:05 2014 New Revision: 44605 URL: http://svnweb.freebsd.org/changeset/doc/44605 Log: Add missing section about PXE booting that didn't get noticed until now. A big thanks goes out to Bjoern who noticed it and did the work of translating the section. Submitted by: Bjoern Heidotting Obtained from: The FreeBSD German Documentation Project Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Fri Apr 18 16:10:46 2014 (r44604) +++ head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Fri Apr 18 17:35:05 2014 (r44605) @@ -50,6 +50,11 @@ + Wissen, wie man mithilfe von PXE ber ein Netzwerk + bootet und ein NFS-Root-Dateisystem einrichtet. + + + Wissen, wie man NAT (Network Address Translation) einrichtet. @@ -4810,6 +4815,340 @@ cd /usr/src/etc; make distribution + + + + <acronym>PXE</acronym>-Boot mit einem + <acronym>NFS</acronym>-Root-Dateisystem + + + + + Craig + Rodrigues + + +

            rodrigc@FreeBSD.org
            + + Beigetragen von + + + + + Das &intel; Preboot eXecution Environment + (PXE) erlaubt es, ein Betriebssystem ber das + Netzwerk zu starten. PXE-Untersttzung wird + von modernen Mainboards ber das BIOS + bereitgestellt, wo Sie es bei den Einstellungen zum Starten ber + das Netzwerk aktivieren knnen. Ein voll funktionsfhiges + PXE-Setup erfordert zustzlich einen richtig + konfigurierten DHCP- und + TFTP-Server. + + Sobald das Gastsystem startet, erhlt es vom + DHCP-Server Informationen, wo der initiale + Bootloader per TFTP zu bekommen ist. Nachdem + das Gastsystem diese Informationen erhlt, ldt es den + Bootloader ber TFTP herunter und fhrt + diesen anschlieend aus. Dieses Verfahren ist in Sektion 2.2.1 + der Preboot + Execution Environment (PXE) Specification dokumentiert. + In &os; ist /boot/pxeboot der Bootloader, + der whrend des PXE-Vorgangs abgerufen wird. + Nachdem /boot/pxeboot ausgefhrt und der + &os;-Kernel geladen wurde, wird mit dem Rest der + &os;-Bootsequenz fortgefahren. Weitere Informationen ber den + Bootvorgang unter &os; finden Sie in . + + + Einrichtung der <command>chroot</command>-Umgebung fr + das NFS-Root-Dateisystem + + + + Whlen Sie ein Verzeichnis welches eine + &os;-Installation enthlt und ber NFS eingehangen + werden kann. Als Beispiel kann das Verzeichnis + /b/tftpboot/FreeBSD/install + verwendet werden. + + &prompt.root; export NFSROOTDIR=/b/tftpboot/FreeBSD/install +&prompt.root; mkdir -p ${NFSROOTDIR} + + + + Aktivieren Sie den NFS-Server. Diese Prozedur wird + im Kapitel + beschrieben. + + Exportieren Sie das eben erstellte Verzeichnis ber + NFS, indem Sie folgende Zeile in + /etc/exports hinzufgen: + + /b -ro -alldirs + + + + Starten Sie den NFS-Server neu: + + &prompt.root; /etc/rc.d/nfsd restart + + + + Aktivieren Sie &man.inetd.8; wie im Kapitel beschrieben. + + + + Fgen Sie folgende Zeilen in + /etc/inetd.conf hinzu: + + tftp dgram udp wait root /usr/libexec/tftp tftp -l -s /b/tftpboot + + + + Starten Sie inetd neu: + + &prompt.root; /etc/rc.d/inetd restart + + + + Erstellen Sie einen neues + Basissystem und einen &os;-Kernel: + + &prompt.root; cd /usr/src +&prompt.root; make buildworld +&prompt.root; make buildkernel + + + + Installieren sie &os; in das Verzeichnis, welches + ber NFS eingehangen ist: + + +&prompt.root; make installworld DESTDIR=${NFSROOTDIR} +&prompt.root; make installkernel DESTDIR=${NFSROOTDIR} +&prompt.root; make distribution DESTDIR=${NFSROOTDIR} + + + + + Testen Sie den TFTP-Server und + vergewissern Sie sich, dass Sie den Bootloader + herunterladen knnen, der ber PXE + bereitgestellt wird: + + +&prompt.root; tftp localhost +tftp> get FreeBSD/install/boot/pxeboot +Received 264951 bytes in 0.1 seconds + + + + + Bearbeiten Sie + ${NFSROOTDIR}/etc/fstab und + erstellen Sie einen Eintrag, um das Root-Dateisystem + ber NFS einzuhngen: + + +# Device Mountpoint FSType Options Dump Pass +myhost.example.com:/b/tftpboot/FreeBSD/install / nfs ro 0 0 + + + Ersetzen Sie + myhost.example.com durch den + Hostnamen oder die IP-Adresse Ihres + NFS-Servers. In diesem Beispiel wird + das Root-Dateisystem schreibgeschtzt eingehangen, um + ein potenzielles Lschen des Inhalts durch die + NFS-Clients zu verhindern. + + + + Setzen Sie das root-Passwort in der + &man.chroot.8;-Umgebung: + + &prompt.root; chroot ${NFSROOTDIR} +&prompt.root; passwd + + Damit setzen Sie das root-Passwort fr die + Client-Maschinen, welche ber PXE + starten. + + + + Aktivieren Sie &man.ssh.1; root-Logins fr + Client-Maschinen, die ber PXE + starten, indem Sie die Option + PermitRootLogin in + ${NFSROOTDIR}/etc/ssh/sshd_config + aktivieren. Dies ist in &man.sshd.config.5; + dokumentiert. + + + + Fhren Sie weitere Anpassungen der + &man.chroot.8;-Umgebung in ${NFSROOTDIR} durch, wie zum + Beispiel die Installation weiterer Pakete mittels + &man.pkg.add.1;, dass Bearbeiten der Passwortdatei mit + &man.vipw.8;, oder &man.amd.conf.5; fr den Automounter. + Ein Beispiel: + + +&prompt.root; chroot ${NFSROOTDIR} +&prompt.root; pkg_add -r bash + + + + + + + Speicher-Dateisysteme fr + <filename>/etc/rc.initdiskless</filename> + + Booten Sie von einem NFS-Root-Volume, + so erkennt /etc/rc dies und startet + daraufhin das /etc/rc.initdiskless + Skript. Lesen Sie die Kommentare in diesem Skript um zu + verstehen, was dort vor sich geht. Weil das + NFS-Root-Verzeichnis schreibgeschtzt ist, + wir aber Schreibzugriff fr /etc und + /var bentigen, mssen wir diese + Verzeichnisse ber Speicher-Dateisysteme (memory backed file + system) einbinden. + + +&prompt.root; chroot ${NFSROOTDIR} +&prompt.root; mkdir -p conf/base +&prompt.root; tar -c -v -f conf/base/etc.cpio.gz --format cpio +--gzip etc +&prompt.root; tar -c -v -f conf/base/var.cpio.gz --format cpio +--gzip var + + Bei Starten werden die Speicher-Dateisysteme fr + /etc und /var + erstellt und eingehangen und der Inhalt der + cpio.gz-Dateien in diese hinein + kopiert. + + + + Einrichtung des DHCP-Servers + + PXE bentigt fr die Einrichtung einen + TFTP-Server und einen + DHCP-Server. Der + DHCP-Server muss nicht unbedingt auf der + gleichen Maschine laufen wie der + TFTP-Server, aber er muss in Ihrem Netzwerk + erreichbar sein. + + + + Installieren Sie den DHCP-Server, + indem Sie den Anweisungen in folgen. Stellen Sie + sicher, dass /etc/rc.conf und + /usr/local/etc/dhcpd.conf richtig + konfiguriert sind. + + + + Konfigurieren Sie in + /usr/local/etc/dhcpd.conf die + next-server, + filename und option + root-path Einstellungen, um die + IP-Adresse des + TFTP-Servers, den Pfad zu + /boot/pxeboot in + TFTP und den Pfad zum + NFS-Root-Dateisystem zu bestimmen. + Hierzu ein Beispiel fr + /usr/local/etc/dhcpd.conf: + + +subnet 192.168.0.0 netmask 255.255.255.0 { + range 192.168.0.2 192.168.0.3; + option subnet-mask 255.255.255.0; + option routers 192.168.0.1; + option broadcast-address 192.168.0.255; + option domain-name-server 192.168.35.35 192.168.35.36; + option domain-name "example.com"; + + # IP address of TFTP server + next-server 192.168.0.1; + + # path of boot loader obtained + # via tftp + filename "FreeBSD/install/boot/pxeboot"; + + # pxeboot boot loader will try to NFS mount this directory for root FS + option root-path "192.168.0.1:/b/tftpboot/FreeBSD/install/"; + +} + + + + + + + Konfiguration des <acronym>PXE</acronym>-Clients und + Fehlersuche bei Verbindungsproblemen + + + + Sobald die Client-Maschine startet, gehen Sie in die + BIOS-Einstellungen und konfigurieren + Sie den Start ber das Netzwerk (boot from network). Sind + Ihre bisherigen Konfigurationsschritte korrekt, sollte + alles funktionieren. + + + + Benutzen Sie den net/wireshark Port zur + Fehlersuche im Netzwerkverkehr von DHCP + und TFTP. + + + + Stellen Sie sicher, dass Sie die + pxeboot-Datei ber + TFTP herunterladen knnen. Schauen Sie + in /var/log/xferlog auf Ihrem + TFTP-Server und vergewissern Sie sich, + dass die pxeboot-Datei von der + richtigen Adresse heruntergeladen wurde. Um die obige + Konfiguration von dhcpd.conf zu + testen, geben Sie folgendes ein: + + &prompt.root; tftp 192.168.0.1 +tftp> get FreeBSD/install/boot/pxeboot +Received 264951 bytes in 0.1 seconds + + Weitere Informationen finden Sie in &man.tftpd.8; und + &man.tftp.1;. Die BUGS-Sektionen dieser + Seiten dokumentieren einige Einschrnkungen von + TFTP. + + + + Achten Sie darauf, dass Sie das Root-Dateisystem ber + NFS einhngen knnen. Auch hier knnen + Sie Ihre Einstellungen aus dhcpd.conf + wie folgt testen: + + &prompt.root; mount -t nfs 192.168.0.1:/b +/tftpboot/FreeBSD/install /mnt + + + + + ISDN – diensteintegrierendes digitales Netzwerk @@ -6433,7 +6772,7 @@ route_hostD="192.168.173.4 hatm0 0 102 l CARP - Common Address Redundancy Protocol TomRhodesBeigetragen von - AllanJudeAktualisiert von + AllanJudeAktualisiert von From owner-svn-doc-all@FreeBSD.ORG Fri Apr 18 19:42:58 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 67C1F1FA; Fri, 18 Apr 2014 19:42:58 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 48F12175E; Fri, 18 Apr 2014 19:42:58 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3IJgwKj016829; Fri, 18 Apr 2014 19:42:58 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3IJgwdB016828; Fri, 18 Apr 2014 19:42:58 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404181942.s3IJgwdB016828@svn.freebsd.org> From: Dru Lavigne Date: Fri, 18 Apr 2014 19:42:58 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44606 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Apr 2014 19:42:58 -0000 Author: dru Date: Fri Apr 18 19:42:57 2014 New Revision: 44606 URL: http://svnweb.freebsd.org/changeset/doc/44606 Log: Fix some redundancy and title capitalization in Security chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Apr 18 17:35:05 2014 (r44605) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Apr 18 19:42:57 2014 (r44606) @@ -242,8 +242,8 @@ and even lock users into running only single, privileged commands such as &man.service.8; - After installation, edit the - /usr/local/etc/sudoers file by using + After installation, edit + /usr/local/etc/sudoers using the visudo interface. In this example, a new webadmin group will be added, the user trhodes to that group, and @@ -322,9 +322,8 @@ also enforce mixed characters. In particular the &man.pam.passwdqc.8; will be discussed. - To proceed, open the - /etc/pam.d/passwd file and add the - following line to the file. + To proceed, add the following line to + /etc/pam.d/passwd: password requisite pam_passwdqc.so min=disabled,disabled,disabled,12,10 similar=deny retry=3 enforce=users @@ -408,18 +407,18 @@ Enter new password: A backdoor or rootkit software does do one thing useful for administrators - once detected, it is a sign that a compromise happened at some point. But normally these types - types of applications are hidden very well. Tools do exist + of applications are hidden very well. Tools do exist to detect backdoors and rootkits, one of them is security/rkhunter. - After installation the system may be checked using the - following command which will produce a lot of - information: + After installation, the system may be checked using the + following command. It will produce a lot of + information and will require some manual + pressing of the ENTER key: &prompt.root; rkhunter -c - After the process complete, which will require some manual - pressing of the ENTER key, a status message + After the process completes, a status message will be printed to the screen. This message will include the amount of files checked, suspect files, possible rootkits, and more. During the check, some generic security warnings may @@ -477,8 +476,8 @@ Enter new password: &prompt.root; mtree: /bin checksum: 3427012225 - Viewing the bin_cksum_mtree file - should yield output similar to the following as well: + Viewing bin_cksum_mtree + should yield output similar to the following: # user: root # machine: dreadnaught @@ -518,8 +517,8 @@ Enter new password: was originally ran. Since no changes occurred in the time these commands were ran, the bin_chksum_output output will be empty. - To simulate a change, change the date on the - /bin/cat file using &man.touch.1; and run + To simulate a change, change the date on + /bin/cat using &man.touch.1; and run the verification command again: &prompt.root; touch /bin/cat @@ -1264,7 +1263,7 @@ Aug 27 15:37:58 Aug 28 01:37:58 krbtgt - Configuring a Server to use + <title>Configuring a Server to Use <application>Kerberos</application> @@ -1356,7 +1355,7 @@ kadmin> exit - Configuring a Client to use + <title>Configuring a Client to Use <application>Kerberos</application> @@ -2899,7 +2898,7 @@ user@unfirewalled-system.example.org's p - Don't confuse /etc/ssh/sshd_config + Do not confuse /etc/ssh/sshd_config with /etc/ssh/ssh_config (note the extra d in the first filename). The first file configures the server and the second file From owner-svn-doc-all@FreeBSD.ORG Fri Apr 18 19:49:22 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 464324D8; Fri, 18 Apr 2014 19:49:22 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 271FD17AA; Fri, 18 Apr 2014 19:49:22 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3IJnMTp017643; Fri, 18 Apr 2014 19:49:22 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3IJnMAX017642; Fri, 18 Apr 2014 19:49:22 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404181949.s3IJnMAX017642@svn.freebsd.org> From: Dru Lavigne Date: Fri, 18 Apr 2014 19:49:21 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44607 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Apr 2014 19:49:22 -0000 Author: dru Date: Fri Apr 18 19:49:21 2014 New Revision: 44607 URL: http://svnweb.freebsd.org/changeset/doc/44607 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Apr 18 19:42:57 2014 (r44606) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Fri Apr 18 19:49:21 2014 (r44607) @@ -972,9 +972,9 @@ ALL : ALL \ : twist /bin/echo "You are not welcome to use %d from %h." In this example, the message You are not allowed to - use daemon name from - hostname. will be returned - for any daemon not configured in + use daemon name from + hostname. will be + returned for any daemon not configured in hosts.allow. This is useful for sending a reply back to the connection initiator right after the established connection is dropped. Any message returned @@ -1103,7 +1103,7 @@ sendmail : PARANOID : deny The DNS domain (zone) will be - example.org. @@ -1822,14 +1822,15 @@ kadmind5_server_enable="YES" To generate a certificate that will be signed by an - external CA, issue the following command and - input the information requested at the prompts. This input - information will be written to the certificate. At the + external CA, issue the following command + and input the information requested at the prompts. This + input information will be written to the certificate. At the Common Name prompt, input the fully qualified name for the system that will use the certificate. - If this name does not match the server, the application verifying the - certificate will issue a warning to the user, rendering the - verification provided by the certificate as useless. + If this name does not match the server, the application + verifying the certificate will issue a warning to the user, + rendering the verification provided by the certificate as + useless. &prompt.root; openssl req -new -nodes -out req.pem -keyout cert.pem Generating a 1024 bit RSA private key @@ -1856,23 +1857,22 @@ Please enter the following 'extra' attri to be sent with your certificate request A challenge password []:SOME PASSWORD An optional company name []:Another Name - - Other options, such as the expire - time and alternate encryption algorithms, are available when - creating a certificate. A - complete list of options is described in + + Other options, such as the expire time and alternate + encryption algorithms, are available when creating a + certificate. A complete list of options is described in &man.openssl.1;. - This command will create two files in the current directory. - The certificate request, + This command will create two files in the current + directory. The certificate request, req.pem, can be sent to a CA who will validate the entered credentials, sign the request, and return the signed certificate. The second file, cert.pem, is the private key for the - certificate and should be stored in a secure location. If this - falls in the hands of others, it can be used to impersonate - the user or the server. + certificate and should be stored in a secure location. If + this falls in the hands of others, it can be used to + impersonate the user or the server. Alternately, if a signature from a CA is not required, a self-signed certificate can be created. @@ -1922,8 +1922,9 @@ Email Address []:new.crt. These should be placed in a directory, preferably under /etc, which is readable only by root. Permissions of 0700 are - appropriate for these files and can be set using chmod. + class="username">root. Permissions of + 0700 are appropriate for these files and + can be set using chmod. @@ -1934,9 +1935,9 @@ Email Address []: - Some mail clients will display an error if the - user has not installed a local copy of the certificate. Refer to - the documentation included with the software for more + Some mail clients will display an error if the user has + not installed a local copy of the certificate. Refer to the + documentation included with the software for more information on certificate installation. @@ -1954,8 +1955,7 @@ sendmail_cert_cn="localhost CA certificate, /etc/mail/certs/cacert.pem. The certificate will use the Common Name - specified in . - After saving + specified in . After saving the edits, restart Sendmail: &prompt.root; service sendmail restart From owner-svn-doc-all@FreeBSD.ORG Fri Apr 18 19:59:57 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 16FFC6DA; Fri, 18 Apr 2014 19:59:57 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 02A3D18C1; Fri, 18 Apr 2014 19:59:57 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3IJxuKi021740; Fri, 18 Apr 2014 19:59:56 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3IJxuP9021739; Fri, 18 Apr 2014 19:59:56 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404181959.s3IJxuP9021739@svn.freebsd.org> From: Dru Lavigne Date: Fri, 18 Apr 2014 19:59:56 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44608 - head/en_US.ISO8859-1/books/handbook/basics X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Apr 2014 19:59:57 -0000 Author: dru Date: Fri Apr 18 19:59:56 2014 New Revision: 44608 URL: http://svnweb.freebsd.org/changeset/doc/44608 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/basics/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Fri Apr 18 19:49:21 2014 (r44607) +++ head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Fri Apr 18 19:59:56 2014 (r44608) @@ -534,11 +534,12 @@ console none The home directory is the full path to a directory on the system. This is the user's starting directory when the user logs in. A common convention is to put - all user home directories under - /home/username or - /usr/home/username. Each user - stores their personal files and subdirectories in - their own home directory. + all user home directories under /home/username + or /usr/home/username. + Each user stores their personal files and + subdirectories in their own home directory. @@ -918,11 +919,12 @@ Other information: The commands &man.chfn.1; and &man.chsh.1; are links - to &man.chpass.1;, as are &man.ypchpass.1;, &man.ypchfn.1;, - and &man.ypchsh.1;. Since NIS support - is automatic, specifying the yp before - the command is not necessary. How to configure NIS is - covered in . + to &man.chpass.1;, as are &man.ypchpass.1;, + &man.ypchfn.1;, and &man.ypchsh.1;. Since + NIS support is automatic, specifying + the yp before the command is not + necessary. How to configure NIS is covered in . @@ -1043,13 +1045,13 @@ passwd: done to a login class, default by default, and each login class has a set of login capabilities associated with it. A login capability is a - name=value pair, where - name is a well-known identifier and - value is an arbitrary string which - is processed accordingly depending on the - name. Setting up login classes and - capabilities is rather straightforward and is also described - in &man.login.conf.5;. + name=value + pair, where name is a well-known + identifier and value is an + arbitrary string which is processed accordingly depending on + the name. Setting up login classes + and capabilities is rather straightforward and is also + described in &man.login.conf.5;. &os; does not normally read the configuration in @@ -2094,14 +2096,17 @@ root 5211 0.0 0.2 3620 1724 2 /usr/local/ Local executables and libraries. Also used as the default destination for the &os; ports framework. - Within /usr/local, the general - layout sketched out by &man.hier.7; for - /usr should be used. Exceptions - are the man directory, which is directly under - /usr/local rather than under - /usr/local/share, and the ports - documentation is in - share/doc/port. + Within + /usr/local, the + general layout sketched out by &man.hier.7; for + /usr should be + used. Exceptions are the man directory, which is + directly under /usr/local rather than + under /usr/local/share, and + the ports documentation is in share/doc/port. @@ -3062,10 +3067,9 @@ Swap: 2048M Total, 2048M Free figures in the header relate to how many processes are running, how much memory and swap space has been used, and how much time the system is spending in different CPU states. If - the ZFS - file system module has been loaded, an ARC line indicates - how much data was read from the memory cache - instead of from disk. + the ZFS file system module has been loaded, + an ARC line indicates how much data was + read from the memory cache instead of from disk. Below the header is a series of columns containing similar information to the output from &man.ps.1;, such as the @@ -3443,16 +3447,17 @@ Swap: 2048M Total, 2048M Free The &unix; shell is not just a command interpreter, it - acts as a powerful tool which allows users to execute commands, - redirect their output, redirect their input and chain commands - together to improve the final command output. When this functionality - is mixed with built in commands, the user is provided with - an environment that can maximize efficiency. - - Shell redirection is the action of sending the output - or the input of a command into another command or into a - file. To capture the output of the &man.ls.1; command, for - example, into a file, simply redirect the output: + acts as a powerful tool which allows users to execute + commands, redirect their output, redirect their input and + chain commands together to improve the final command output. + When this functionality is mixed with built in commands, the + user is provided with an environment that can maximize + efficiency. + + Shell redirection is the action of sending the output or + the input of a command into another command or into a file. + To capture the output of the &man.ls.1; command, for example, + into a file, simply redirect the output: &prompt.user; ls > directory_listing.txt @@ -3464,41 +3469,42 @@ Swap: 2048M Total, 2048M Free &prompt.user; sort < directory_listing.txt The input will be sorted and placed on the screen. To - redirect that input into another file, one could redirect - the output of &man.sort.1; by mixing the direction: + redirect that input into another file, one could redirect the + output of &man.sort.1; by mixing the direction: &prompt.user; sort < directory_listing.txt > sorted.txt - In all of the previous examples, the commands are performing - redirection using file descriptors. Every unix system has file - descriptors; however, here we will focus on three, so named as - Standard Input, Standard Output, and Standard Error. Each one - has a purpose, where input could be a keyboard or a mouse, - something that provides input. Output could be a screen or - paper in a printer for example. And error would be anything - that is used for diagnostic or error messages. All three - are considered I/O based file descriptors - and sometimes considered streams. - - Through the use of these descriptors, short named - stdin, stdout, and stderr, the shell allows output and - input to be passed around through various commands and - redirected to or from a file. Another method of redirection - is the pipe operator. + In all of the previous examples, the commands are + performing redirection using file descriptors. Every unix + system has file descriptors; however, here we will focus on + three, so named as Standard Input, Standard Output, and + Standard Error. Each one has a purpose, where input could be + a keyboard or a mouse, something that provides input. Output + could be a screen or paper in a printer for example. And + error would be anything that is used for diagnostic or error + messages. All three are considered I/O + based file descriptors and sometimes considered + streams. + + Through the use of these descriptors, short named stdin, + stdout, and stderr, the shell allows output and input to be + passed around through various commands and redirected to or + from a file. Another method of redirection is the pipe + operator. The &unix; pipe operator, | allows the - output of one command to be directly passed, or directed - to another program. Basically a pipe will allow the - standard output of a command to be passed as standard - input to another command, for example: + output of one command to be directly passed, or directed to + another program. Basically a pipe will allow the standard + output of a command to be passed as standard input to another + command, for example: &prompt.user; cat directory_listing.txt | sort | less In that example, the contents of directory_listing.txt will be sorted and - the output passed to &man.less.1;. This allows the user - to scroll through the output at their own pace and prevent - it from scrolling off the screen. + the output passed to &man.less.1;. This allows the user to + scroll through the output at their own pace and prevent it + from scrolling off the screen. From owner-svn-doc-all@FreeBSD.ORG Fri Apr 18 20:31:05 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0A2F82CC; Fri, 18 Apr 2014 20:31:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EA9071C02; Fri, 18 Apr 2014 20:31:04 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3IKV4YP036972; Fri, 18 Apr 2014 20:31:04 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3IKV4SN036971; Fri, 18 Apr 2014 20:31:04 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404182031.s3IKV4SN036971@svn.freebsd.org> From: Dru Lavigne Date: Fri, 18 Apr 2014 20:31:04 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44609 - head/en_US.ISO8859-1/books/handbook/boot X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Apr 2014 20:31:05 -0000 Author: dru Date: Fri Apr 18 20:31:04 2014 New Revision: 44609 URL: http://svnweb.freebsd.org/changeset/doc/44609 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/boot/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Fri Apr 18 19:59:56 2014 (r44608) +++ head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Fri Apr 18 20:31:04 2014 (r44609) @@ -26,10 +26,10 @@ different versions of the same operating system, or a different installed kernel. - This chapter details the configuration options that can - be set. It demonstrates how to customize the &os; boot - process, including everything that happens until the &os; kernel - has started, probed for devices, and started &man.init.8;. This + This chapter details the configuration options that can be + set. It demonstrates how to customize the &os; boot process, + including everything that happens until the &os; kernel has + started, probed for devices, and started &man.init.8;. This occurs when the text color of the boot messages changes from bright white to grey. @@ -63,8 +63,8 @@ Turning on a computer and starting the operating system poses an interesting dilemma. By definition, the computer does not know how to do anything until the operating system is - started. This includes running programs from the disk. If - the computer can not run a program from the disk without the + started. This includes running programs from the disk. If the + computer can not run a program from the disk without the operating system, and the operating system programs are on the disk, how is the operating system started? @@ -129,16 +129,16 @@ systems so that the user can choose which one to boot from. Two boot managers are discussed in the next subsection. - The remainder of the &os; bootstrap system is divided - into three stages. The first stage is run by the + The remainder of the &os; bootstrap system is divided into + three stages. The first stage is run by the MBR, which knows just enough to get the computer into a specific state and run the second stage. The - second stage can do a little bit more, before running the - third stage. The third stage finishes the task of loading the + second stage can do a little bit more, before running the third + stage. The third stage finishes the task of loading the operating system. The work is split into three stages because - PC standards put limits on the size of the programs that can - be run at stages one and two. Chaining the tasks together - allows &os; to provide a more flexible loader. + PC standards put limits on the size of the programs that can be + run at stages one and two. Chaining the tasks together allows + &os; to provide a more flexible loader. kernel &man.init.8; @@ -158,85 +158,83 @@ Boot Manager - Master Boot Record - (MBR) + Master Boot Record + (MBR) - The code in the MBR or boot manager is - sometimes referred to as stage zero of - the boot process. This section discusses two boot managers: - boot0 and - LILO. - - - The <application>boot0</application> Boot - Manager: - - The MBR installed by &os;'s installer - or &man.boot0cfg.8; is based on - /boot/boot0. The size and capability - of boot0 is restricted to 446 - bytes due to the slice table and 0x55AA - identifier at the end of the MBR. If - boot0 and multiple operating - systems are installed, a message similar to this example - will be displayed at boot time: - + The code in the MBR or boot manager is + sometimes referred to as stage zero of the + boot process. This section discusses two boot managers: + boot0 and + LILO. + + + The <application>boot0</application> Boot + Manager: + + The MBR installed by &os;'s installer + or &man.boot0cfg.8; is based on + /boot/boot0. The size and capability of + boot0 is restricted to 446 bytes + due to the slice table and 0x55AA + identifier at the end of the MBR. If + boot0 and multiple operating + systems are installed, a message similar to this example will + be displayed at boot time: + - - <filename>boot0</filename> Screenshot + + <filename>boot0</filename> Screenshot - F1 Win + F1 Win F2 FreeBSD Default: F2 - + - Other operating systems, in particular &windows;, will - overwrite an existing MBR if they are - installed after &os;. If this happens, or to replace the - existing MBR with the &os; - MBR, use the following command: - - &prompt.root; fdisk -B -b /boot/boot0 device - - where device is the boot disk, - such as ad0 for the first - IDE disk, ad2 - for the first IDE disk on a second - IDE controller, or - da0 - for the first SCSI disk. To create a - custom configuration of the MBR, refer to - &man.boot0cfg.8;. - - - The LILO Boot Manager: - - To install this boot manager so it will also boot - &os;, boot into Linux and add the following to the existing - /etc/lilo.conf configuration: - + Other operating systems, in particular &windows;, will + overwrite an existing MBR if they are + installed after &os;. If this happens, or to replace the + existing MBR with the &os; + MBR, use the following command: + + &prompt.root; fdisk -B -b /boot/boot0 device + + where device is the boot disk, + such as ad0 for the first + IDE disk, ad2 for the + first IDE disk on a second + IDE controller, or da0 + for the first SCSI disk. To create a + custom configuration of the MBR, refer to + &man.boot0cfg.8;. + + + The LILO Boot Manager: + + To install this boot manager so it will also boot &os;, + boot into Linux and add the following to the existing + /etc/lilo.conf configuration: + - other=/dev/hdXY + other=/dev/hdXY table=/dev/hdX loader=/boot/chain.b label=FreeBSD - Specify &os;'s primary partition and drive using Linux - specifiers, replacing X with the - Linux drive letter and Y with the - Linux primary partition number. For a SCSI - drive, change /dev/hd to - /dev/sd. The - line can be omitted if - both operating systems are installed on the same drive. Next, - run /sbin/lilo -v to commit the new - changes. Verify these are correct by checking the screen - messages. + Specify &os;'s primary partition and drive using Linux + specifiers, replacing X with the + Linux drive letter and Y with the + Linux primary partition number. For a SCSI + drive, change /dev/hd to + /dev/sd. The + line can be omitted if + both operating systems are installed on the same drive. Next, + run /sbin/lilo -v to commit the new + changes. Verify these are correct by checking the screen + messages. - Stage One and Stage - Two + Stage One and Stage Two Conceptually, the first and second stages are part of the same program, on the same area of the disk. Because of space @@ -314,30 +312,30 @@ boot: more powerful interpreter which has a more complex command set. - During initialization, the loader will probe for a - console and for disks, and figure out which disk it is - booting from. It will set variables accordingly, and an - interpreter is started where user commands can be passed - from a script or interactively. - - loader - loader configuration - - The loader will then read - /boot/loader.rc, which by default reads - in /boot/defaults/loader.conf which - sets reasonable defaults for variables and reads - /boot/loader.conf for local changes to - those variables. loader.rc then acts - on these variables, loading whichever modules and kernel are - selected. - - Finally, by default, the loader issues a 10 second wait - for key presses, and boots the kernel if it is not - interrupted. If interrupted, the user is presented with a - prompt which understands the command set, where the user may - adjust variables, unload all modules, load modules, and then - finally boot or reboot. + During initialization, the loader will probe for a + console and for disks, and figure out which disk it is + booting from. It will set variables accordingly, and an + interpreter is started where user commands can be passed from + a script or interactively. + + loader + loader configuration + + The loader will then read + /boot/loader.rc, which by default reads + in /boot/defaults/loader.conf which sets + reasonable defaults for variables and reads + /boot/loader.conf for local changes to + those variables. loader.rc then acts on + these variables, loading whichever modules and kernel are + selected. + + Finally, by default, the loader issues a 10 second wait + for key presses, and boots the kernel if it is not + interrupted. If interrupted, the user is presented with a + prompt which understands the command set, where the user may + adjust variables, unload all modules, load modules, and then + finally boot or reboot. Loader Built-In Commands @@ -539,19 +537,17 @@ boot: - - Kernel Interaction During Boot + + Kernel Interaction During Boot - - kernel - boot interaction - + + kernel + boot interaction + - Once the kernel is loaded by either the default loader - or by boot2, - which bypasses the loader, it - examines any boot flags and adjusts its behavior as - necessary. + Once the kernel is loaded by either the default loader or + by boot2, which bypasses the loader, it examines any boot + flags and adjusts its behavior as necessary. kernel @@ -610,15 +606,16 @@ boot: - - - - Configuring Boot Time Splash Screens + + + Configuring Boot Time Splash Screens @@ -629,150 +626,146 @@ boot: Contributed by - + - The splash screen creates an alternate boot screen. The - splash screen hides all the boot probe messages and service - startup messages before displaying either a command line or - graphical login prompt. - - There are two basic environments available in &os;. The - first is the default legacy virtual console command line - environment. After the system finishes booting, a console - login prompt is presented. The second environment is the - graphical environment as described in . - Refer to that chapter for more information on how to install - and configure a graphical display manager and a graphical - login manager. - - The splash screen function supports 256-colors in the - bitmap (.bmp), ZSoft - PCX (.pcx), or - TheDraw (.bin) formats. The splash - image files must have a resolution of 320 by 200 pixels or - less in order to work on standard VGA adapters. - - To use larger images, up to the maximum resolution of - 1024 by 768 pixels, load the VESA - module during system boot. For a custom kernel, as - described in , include the - VESA kernel configuration option. - Loading VESA support provides the - ability to display a splash screen image that fills the - whole display screen. - - While the splash screen is being displayed during the - booting process, it can be turned off any time by hitting - any key on the keyboard. - - The splash screen also defaults to being a screen - saver outside. After a time period of non-use, the splash - screen will be displayed and will cycle through steps of - changing intensity of the image, from bright to very dark - and over again. The configuration of the splash screen - saver can be overridden by adding a - saver= line to - /etc/rc.conf. Several built-in - screen savers are available and described in - &man.splash.4;. The saver= option only - applies to virtual consoles and has no effect on graphical - display managers. - - A few boot loader messages, including the boot options - menu and a timed wait count down prompt, are displayed at - boot time, even when the splash screen is enabled. - - Sample splash screen files can be downloaded from the - gallery at http://artwork.freebsdgr.org. - By installing the - sysutils/bsd-splash-changer port, - splash images can be chosen from a collection randomly at - each boot. - - The splash screen .bmp, - .pcx, or .bin - image has to be placed on the root partition, for example - in /boot. - - For the default boot display resolution of 256-colors - and 320 by 200 pixels or less, edit - /boot/loader.conf so it contains the - following: + The splash screen creates an alternate boot screen. The + splash screen hides all the boot probe messages and service + startup messages before displaying either a command line or + graphical login prompt. + + There are two basic environments available in &os;. The + first is the default legacy virtual console command line + environment. After the system finishes booting, a console + login prompt is presented. The second environment is the + graphical environment as described in . + Refer to that chapter for more information on how to install + and configure a graphical display manager and a graphical + login manager. + + The splash screen function supports 256-colors in the + bitmap (.bmp), ZSoft + PCX (.pcx), or + TheDraw (.bin) formats. The splash image + files must have a resolution of 320 by 200 pixels or less in + order to work on standard VGA adapters. + + To use larger images, up to the maximum resolution of + 1024 by 768 pixels, load the VESA module + during system boot. For a custom kernel, as described in + , include the + VESA kernel configuration option. Loading + VESA support provides the ability to + display a splash screen image that fills the whole display + screen. + + While the splash screen is being displayed during the + booting process, it can be turned off any time by hitting any + key on the keyboard. + + The splash screen also defaults to being a screen saver + outside. After a time period of non-use, the splash screen + will be displayed and will cycle through steps of changing + intensity of the image, from bright to very dark and over + again. The configuration of the splash screen saver can be + overridden by adding a saver= line to + /etc/rc.conf. Several built-in screen + savers are available and described in &man.splash.4;. The + saver= option only applies to virtual + consoles and has no effect on graphical display + managers. + + A few boot loader messages, including the boot options + menu and a timed wait count down prompt, are displayed at + boot time, even when the splash screen is enabled. + + Sample splash screen files can be downloaded from the + gallery at http://artwork.freebsdgr.org. + By installing the + sysutils/bsd-splash-changer port, splash + images can be chosen from a collection randomly at each + boot. + + The splash screen .bmp, + .pcx, or .bin image + has to be placed on the root partition, for example in + /boot. + + For the default boot display resolution of 256-colors and + 320 by 200 pixels or less, edit + /boot/loader.conf so it contains the + following: - splash_bmp_load="YES" + splash_bmp_load="YES" bitmap_load="YES" bitmap_name="/boot/splash.bmp" - For larger video resolutions up to the maximum of 1024 - by 768 pixels, edit - /boot/loader.conf, so it contains the - following: + For larger video resolutions up to the maximum of 1024 by + 768 pixels, edit /boot/loader.conf, so it + contains the following: - vesa_load="YES" + vesa_load="YES" splash_bmp_load="YES" bitmap_load="YES" bitmap_name="/boot/splash.bmp" - This example assumes that - /boot/splash.bmp - is used for the splash screen. To use a - PCX file, use the following statements, - plus the vesa_load="YES" line, - depending on the resolution: + This example assumes that + /boot/splash.bmp + is used for the splash screen. To use a + PCX file, use the following statements, + plus the vesa_load="YES" line, depending on + the resolution: - splash_pcx_load="YES" + splash_pcx_load="YES" bitmap_load="YES" bitmap_name="/boot/splash.pcx" - Beginning with &os; 8.3, another option is to use - ASCII art in TheDraw - format. + Beginning with &os; 8.3, another option is to use + ASCII art in TheDraw + format. - splash_txt="YES" + splash_txt="YES" bitmap_load="YES" bitmap_name="/boot/splash.bin" - The file name is not restricted to - splash as shown in the above example. It - can be anything as long as it is one of the supported - types such as, - splash_640x400.bmp - or - bluewave.pcx. - - Other interesting loader.conf - options include: - - - - beastie_disable="YES" - - - This will stop the boot options menu from being - displayed, but the timed wait count down prompt will - still be present. Even with the display of the boot - options menu disabled, entering an option selection - at the timed wait count down prompt will enact the - corresponding boot option. - - - - - loader_logo="beastie" - - - This will replace the default words - &os;, which are displayed to the - right of the boot options menu with the colored - beastie logo. - - - + The file name is not restricted to splash + as shown in the above example. It can be anything as long as + it is one of the supported types such as, + splash_640x400.bmp + or + bluewave.pcx. + + Other interesting loader.conf options + include: + + + beastie_disable="YES" - For more information, refer to &man.splash.4;, - &man.loader.conf.5;, and &man.vga.4;. + + This will stop the boot options menu from being + displayed, but the timed wait count down prompt will + still be present. Even with the display of the boot + options menu disabled, entering an option selection at + the timed wait count down prompt will enact the + corresponding boot option. + + + + + loader_logo="beastie" + + + This will replace the default words + &os;, which are displayed to the right of + the boot options menu with the colored beastie + logo. + + + + + For more information, refer to &man.splash.4;, + &man.loader.conf.5;, and &man.vga.4;. @@ -885,12 +878,11 @@ bitmap_name="/boot/splash.b in the init_path variable in loader. - The boot sequence makes sure that the file - systems available on the system are consistent. If they are - not, and &man.fsck.8; cannot fix the inconsistencies of a UFS - file system, &man.init.8; drops the system into single-user - mode so that the system - administrator can resolve the problem directly. + The boot sequence makes sure that the file systems available + on the system are consistent. If they are not, and &man.fsck.8; + cannot fix the inconsistencies of a UFS file system, + &man.init.8; drops the system into single-user mode so that the + system administrator can resolve the problem directly. Single-User Mode @@ -899,9 +891,9 @@ bitmap_name="/boot/splash.b console This mode can be reached through the automatic reboot - sequence, the user booting - with , or by setting the boot_ - single variable in &man.loader.8;. + sequence, the user booting with , or by + setting the boot_ single variable in + &man.loader.8;. It can also be reached by calling &man.shutdown.8; from multi-user mode () without @@ -909,8 +901,8 @@ bitmap_name="/boot/splash.b If the system console is set to insecure in /etc/ttys, - the system will prompt for the - root password before + the system will prompt for the root password before initiating single-user mode. @@ -927,11 +919,11 @@ console none An insecure console means that physical security to the console is considered to be - insecure, so only someone who knows the - root password may - use single-user mode. Thus, to add this measure of - security, choose insecure, instead of the - default of secure. + insecure, so only someone who knows the root password may use + single-user mode. Thus, to add this measure of security, + choose insecure, instead of the default + of secure. @@ -941,26 +933,24 @@ console none multi-user mode If &man.init.8; finds the file systems to be in order, or - once the user has finished their commands in single-user - mode (), the system enters + once the user has finished their commands in single-user mode + (), the system enters multi-user mode, in which it starts the resource configuration of the system. - rc files + rc files + + The resource configuration system reads in configuration + defaults from /etc/defaults/rc.conf, and + system-specific details from + /etc/rc.conf, and then proceeds to mount + the system file systems listed in + /etc/fstab. It starts up networking + services, miscellaneous system daemons, then the startup + scripts of locally installed packages. - The resource configuration system reads in - configuration defaults from - /etc/defaults/rc.conf, and - system-specific details from - /etc/rc.conf, and then proceeds to - mount the system file systems listed in - /etc/fstab. It starts up networking - services, miscellaneous system daemons, then the startup - scripts of locally installed packages. - - To learn more about the resource configuration system, - refer to &man.rc.8; and examine the scripts - themselves. + To learn more about the resource configuration system, + refer to &man.rc.8; and examine the scripts themselves. From owner-svn-doc-all@FreeBSD.ORG Fri Apr 18 22:13:32 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8DCB4C20; Fri, 18 Apr 2014 22:13:32 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7AFB71642; Fri, 18 Apr 2014 22:13:32 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3IMDWSq085186; Fri, 18 Apr 2014 22:13:32 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3IMDWwI085185; Fri, 18 Apr 2014 22:13:32 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404182213.s3IMDWwI085185@svn.freebsd.org> From: Warren Block Date: Fri, 18 Apr 2014 22:13:32 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44610 - head/en_US.ISO8859-1/books/fdp-primer/docbook-markup X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Apr 2014 22:13:32 -0000 Author: wblock Date: Fri Apr 18 22:13:32 2014 New Revision: 44610 URL: http://svnweb.freebsd.org/changeset/doc/44610 Log: Mention groupnames. Modified: head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Fri Apr 18 20:31:04 2014 (r44609) +++ head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Fri Apr 18 22:13:32 2014 (r44610) @@ -1637,7 +1637,7 @@ This is the file called 'foo2' - Hosts, Domains, IP Addresses, User Names, and Other + <title>Hosts, Domains, IP Addresses, User Names, Group Names, and Other System Items @@ -1723,6 +1723,15 @@ This is the file called 'foo2' root. + + + class="groupname" + + + The text is a groupname, like + wheel. + + From owner-svn-doc-all@FreeBSD.ORG Sun Apr 20 09:50:21 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 545B118D; Sun, 20 Apr 2014 09:50:21 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 262CE1D05; Sun, 20 Apr 2014 09:50:21 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3K9oLVa055481; Sun, 20 Apr 2014 09:50:21 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3K9oLRY055480; Sun, 20 Apr 2014 09:50:21 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201404200950.s3K9oLRY055480@svn.freebsd.org> From: Mathieu Arnold Date: Sun, 20 Apr 2014 09:50:20 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44611 - head/en_US.ISO8859-1/books/porters-handbook/plist X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Apr 2014 09:50:21 -0000 Author: mat (ports committer) Date: Sun Apr 20 09:50:20 2014 New Revision: 44611 URL: http://svnweb.freebsd.org/changeset/doc/44611 Log: Add a section about plist keywords. Reviewed by: wblock, bcr Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml Fri Apr 18 22:13:32 2014 (r44610) +++ head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml Sun Apr 20 09:50:20 2014 (r44611) @@ -304,4 +304,409 @@ etc/orbit.conf-dist the shared libraries section. + + + Expanding Package List with Keywords + + + <literal>@fc</literal> + <replaceable>directory</replaceable> + + Add a @dirrmtry entry for the + directory passed as an argument, and run fc-cache + -s on that directory after installation and + deinstallation. + + + + <literal>@fcfontsdir</literal> + <replaceable>directory</replaceable> + + Add a @dirrmtry entry for the + directory passed as an argument, and run fc-cache + -s, mkfontscale and + mkfontdir on that directory after + installation and deinstallation. Additionally, on + deinstallation, it removes the + fonts.scale and + fonts.dir cache files if they are + empty. + + + + <literal>@fontsdir</literal> + <replaceable>directory</replaceable> + + Add a @dirrmtry entry for the + directory passed as an argument, and run + mkfontscale and + mkfontdir on that directory after + installation and deinstallation. Additionally, on + deinstallation, it removes the + fonts.scale and + fonts.dir cache files if they are + empty. + + + + <literal>@info</literal> + <replaceable>file</replaceable> + + Add the file passed as argument to the plist, and updates + the info document index on installation and deinstallation. + Additionally, it removes the index if empty on + deinstallation. + + + + <literal>@sample</literal> + <replaceable>file</replaceable> + + Add the file passed as argument to the plist. + + On installation, check for a real file with + just the base name (the name without the + .sample extension). If the real file is + not found, copy the sample file to the base file name. On + deinstallation, remove the configuration file if it has not + been modified. See for more + information. + + + + Base Keywords + + There are a few historic keywords that are hardcoded, and + documented in &man.pkg-create.8;. For the sake of + completeness, they are also documented here. + + + <literal>@cwd</literal> + [<replaceable>directory</replaceable>] + + Set the internal directory pointer to point to + directory. All subsequent filenames are assumed relative to + this directory. + + + + <literal>@exec</literal> + <replaceable>command</replaceable> (deprecated) + + Execute command as part of + the unpacking process. If command contains any of the + following sequences somewhere in it, they are expanded + inline. For the following examples, assume that + @cwd is set to /usr/local and the last + extracted file was bin/emacs. + + + + %F + + + Expand to the last filename extracted (as + specified). In the example case + bin/emacs. + + + + + %D + + Expand to the current directory prefix, as set + with @cwd. In the example case + /usr/local. + + + + + %B + + + Expand to the basename of the fully qualified + filename, that is, the current directory prefix plus + the last filespec, minus the trailing filename. In + the example case, that would be /usr/local/bin. + + + + + %f + + + Expand to the filename part of the fully qualified + name, or the converse of %B. In + the example case, + emacs. + + + + + + + <literal>@unexec</literal> + <replaceable>command</replaceable> (deprecated) + + Execute command as part of + the deinstallation process. Expansion of special + % sequences is the same as for + @exec. This command is not executed + during the package add, as @exec is, but + rather when the package is deleted. This is useful for + deleting links and other ancillary files that were created + as a result of adding the package, but not directly known to + the package's table of contents (and hence not automatically + removable). + + + + <literal>@mode</literal> + <replaceable>mode</replaceable> + + Set default permission for all subsequently extracted + files to mode. Format is the + same as that used by &man.chmod.1;. Use without an arg to + set back to default permissions (mode of the file while + being packed). + + + + <literal>@owner</literal> + <replaceable>user</replaceable> + + Set default ownership for all subsequent files to + user. Use without an argument to + set back to default ownership (root). + + + + <literal>@group</literal> + <replaceable>group</replaceable> + + Set default group ownership for all subsequent files to + group. Use without an arg to set + back to default group ownership (wheel). + + + + <literal>@comment</literal> + <replaceable>string</replaceable> + + This line is ignored when packing. + + + + <literal>@dirrm</literal> + <replaceable>directory</replaceable> + + Declare directory name to be deleted at deinstall time. + By default, directories created by a package installation + are not deleted when the package is deinstalled. This + provides an explicit directory cleanup method. These + directives should appear at the end of the package list. If + the directory is not empty a warning is printed, and the + directory is not removed. + + + + <literal>@dirrmtry</literal> + <replaceable>directory</replaceable> + + Declare directory name to be removed, as for + @dirrm, but does not issue a warning if + the directory cannot be removed. + + + + + Creating Your Own Keyword + + Package list files can be extended by keywords that are + defined in the ${PORTSDIR}/Keywords directory. + The settings for each keyword lives in a + YAML file named + keyword.yaml. + The file must contain at least one of the following + sections: + + + + attributes + + + Changes the owner, group, or mode used by the + keyword. Contains an associative array where the + possible keys are owner, + group, and mode. + The values are, respectively, a user name, a group name, + and a file mode. For example: + + attributes: { owner: "games", group: "games", mode: 0555 } + + + + + action + + + Defines what happens to the keyword's parameter. + Contains an array where the possible values are: + + + + setprefix + + + Set the prefix for the next plist + entries. + + + + + dirrm + + + Register a directory to be deleted on + deinstall. + + + + + dirrmtry + + + Register a directory to try and deleted on + deinstall. + + + + + file + + + Register a file. + + + + + setmode + + + Set the mode for the next plist + entries. + + + + + setowner + + + Set the owner for the next plist + entries. + + + + + setgroup + + + Set the group for the next plist + entries. + + + + + comment + + + Does not do anything, equivalent to not + entering an action + section. + + + + + ignore_next + + + Ignore the next entry in the plist. + + + + + + + + pre-install + post-install + pre-deinstall + post-deinstall + pre-upgrade + post-upgrade + + + These keywords contains a &man.sh.1; script to be + executed before or after installation, deinstallation, + or upgrade of the package. In addition to the usual + @exec + %foo + placeholders described in , there is a new + one, %@, which represents the + argument of the keyword. + + + + + + Example of a <literal>@dirrmtryecho</literal> + Keyword + + This keyword does two things, it adds a + @dirrmtry + directory line to the + packing list, and echoes the fact that the directory is + removed when deinstalling the package. + + actions: [dirrmtry] +post-deinstall: | + echo "Directory %D/%@ removed." + + + + Real Life Example, How the <literal>@sample</literal> + Could be Implemented + + This keyword does three things, it adds the + filename passed as an argument to + @sample to the packing list, it adds to + the post-install script instructions to + copy the sample to the actual configuration file if it does + not already exist, and it adds to the + post-deinstall instructions to remove the + configuration file if it has not been modified. + + actions: [file] +post-install: | + sample_file="%D/%@" + target_file="${sample_file%.sample}" + if ! [ -f "${target_file}" ]; then + /bin/cp -p "${sample_file}" "${target_file}" + fi +pre-deinstall: | + sample_file="%D/%@" + target_file="${sample_file%.sample}" + if cmp -s "${target_file}" "${sample_file}"; then + rm -f "${target_file}" + fi + + + From owner-svn-doc-all@FreeBSD.ORG Sun Apr 20 10:29:46 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 375698D7; Sun, 20 Apr 2014 10:29:46 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 23F0D113C; Sun, 20 Apr 2014 10:29:46 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3KATjnq071239; Sun, 20 Apr 2014 10:29:45 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3KATjle071238; Sun, 20 Apr 2014 10:29:45 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201404201029.s3KATjle071238@svn.freebsd.org> From: Mathieu Arnold Date: Sun, 20 Apr 2014 10:29:45 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44612 - head/en_US.ISO8859-1/books/porters-handbook/plist X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Apr 2014 10:29:46 -0000 Author: mat (ports committer) Date: Sun Apr 20 10:29:45 2014 New Revision: 44612 URL: http://svnweb.freebsd.org/changeset/doc/44612 Log: Add a missing xml:id. Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml Sun Apr 20 09:50:20 2014 (r44611) +++ head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml Sun Apr 20 10:29:45 2014 (r44612) @@ -524,7 +524,7 @@ etc/orbit.conf-dist - + Creating Your Own Keyword Package list files can be extended by keywords that are From owner-svn-doc-all@FreeBSD.ORG Mon Apr 21 12:24:38 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 72DE5B11; Mon, 21 Apr 2014 12:24:38 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5FBA11270; Mon, 21 Apr 2014 12:24:38 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3LCOcbF016696; Mon, 21 Apr 2014 12:24:38 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3LCOcTk016695; Mon, 21 Apr 2014 12:24:38 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201404211224.s3LCOcTk016695@svn.freebsd.org> From: Ryusuke SUZUKI Date: Mon, 21 Apr 2014 12:24:38 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44613 - head/ja_JP.eucJP/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Apr 2014 12:24:38 -0000 Author: ryusuke Date: Mon Apr 21 12:24:37 2014 New Revision: 44613 URL: http://svnweb.freebsd.org/changeset/doc/44613 Log: - Merge the following from the English version: r44519 -> r44598 head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml ============================================================================== --- head/ja_JP.eucJP/share/xml/news.xml Sun Apr 20 10:29:45 2014 (r44612) +++ head/ja_JP.eucJP/share/xml/news.xml Mon Apr 21 12:24:37 2014 (r44613) @@ -20,7 +20,7 @@ the contents of will be preferred over <p>. $FreeBSD$ - Original revision: r44519 + Original revision: r44598 --> <news> <cvs:keyword xmlns:cvs="http://www.FreeBSD.org/XML/CVS"> @@ -34,6 +34,19 @@ <name>4</name> <day> + <name>17</name> + + <event> + <title>開発進捗レポート (2014 年 1 月 - 3 月) 公開 + +

            2014 + 年 1 月から 3 月の開発進捗レポート (41 エントリ) + が公開されました。

            +             +             + + 7

            新コミッタ就任: From owner-svn-doc-all@FreeBSD.ORG Mon Apr 21 15:54:17 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D01B377A; Mon, 21 Apr 2014 15:54:17 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BB6051637; Mon, 21 Apr 2014 15:54:17 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3LFsH1E002421; Mon, 21 Apr 2014 15:54:17 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3LFsH42002420; Mon, 21 Apr 2014 15:54:17 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404211554.s3LFsH42002420@svn.freebsd.org> From: Dru Lavigne Date: Mon, 21 Apr 2014 15:54:17 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44614 - head/en_US.ISO8859-1/books/handbook/multimedia X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Apr 2014 15:54:17 -0000 Author: dru Date: Mon Apr 21 15:54:17 2014 New Revision: 44614 URL: http://svnweb.freebsd.org/changeset/doc/44614 Log: Editorial review of Scanners chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml Mon Apr 21 12:24:37 2014 (r44613) +++ head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml Mon Apr 21 15:54:17 2014 (r44614) @@ -5,19 +5,19 @@ $FreeBSD$ --> - - - Multimedia + Synopsis @@ -92,26 +92,28 @@ - + Marc Fonvieille - Enhanced by in September 2004 + + Enhanced by - - --> - - Setting Up the Sound Card + PCI sound cards @@ -385,18 +387,19 @@ pcm7: <HDA Realtek ALC889 PCM #3 Digi - - Utilizing Multiple Sound Sources + It is often desirable to have multiple sources of sound that are able to play simultaneously. &os; uses Virtual @@ -435,19 +438,20 @@ pcm7: <HDA Realtek ALC889 PCM #3 Digi - + - Setting Default Values for Mixer Channels The default values for the different mixer channels are hardcoded in the source code of the &man.pcm.4; driver. While @@ -467,19 +471,19 @@ pcm7: <HDA Realtek ALC889 PCM #3 Digi - - - --> - - MP3 Audio + This section describes some MP3 players available for &os;, how to rip audio CD tracks, and @@ -554,13 +558,13 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz &prompt.root; cdda2wav -D 0,1,0 -B The - indicates the SCSI device 0,1,0, + indicates the SCSI device 0,1,0, which corresponds to the output of cdrecord -scanbus. cdda2wav will support ATAPI (IDE) CDROM drives. To rip from an IDE drive, specify the - device name in place of the SCSI unit numbers. For example, + device name in place of the SCSI unit numbers. For example, to rip track 7 from an IDE drive: &prompt.root; cdda2wav -D /dev/acd0 -t 7 @@ -711,19 +715,20 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz - - - --> + - Video Playback Before configuring video playback, determine the model and chipset of the video card. While @@ -1158,26 +1163,28 @@ zoom=yes - - - --> - - TV Cards + TV cards @@ -1359,49 +1366,51 @@ bktr0: Pinnacle/Miro TV, Philips SECAM t - - - --> - - Image Scanners + image scanners - In &os;, access to image scanners is provided by the - SANE (Scanner Access Now Easy) - API available through the &os; Ports - Collection. SANE will also use + In &os;, access to image scanners is provided by + SANE (Scanner Access Now Easy), which + is available in the &os; Ports Collection. + SANE will also use some &os; device drivers to provide access to the scanner hardware. - &os; supports both SCSI and USB scanners. Be sure the + &os; supports both SCSI and + USB scanners. Depending + upon the scanner interface, different device drivers are + required. Be sure the scanner is supported by SANE prior - to performing any configuration. Refer to the - supported devices list for more information about + to performing any configuration. Refer to + http://www.sane-project.org/sane-supported-devices.html + for more information about supported scanners. - - Kernel Configuration - - Both SCSI and USB interfaces are supported. Depending - upon the scanner interface, different device drivers are - required. + This chapter describes how to determine if the scanner has + been detected by &os;. It then provides an overview of how to + configure and use SANE on a &os; + system. - - USB Interface + + Checking the Scanner - The GENERIC kernel by default - includes the device drivers needed to support USB scanners. + The GENERIC kernel + includes the device drivers needed to support USB scanners. Users with a custom kernel should ensure that the following lines are present in the custom kernel configuration file: @@ -1411,31 +1420,27 @@ device uhci device ohci device ehci - Plug in the USB scanner. Use &man.dmesg.8; to determine + To determine if the USB scanner is + detected, plug it in and use dmesg to determine whether the scanner appears in the system message - buffer: + buffer. If it does, it should display a message similar to + this: ugen0.2: <EPSON> at usbus0 - These messages indicate that the scanner is using - either /dev/ugen0.2 or - /dev/uscanner0, depending on the &os; - version. For this example, a - &epson.perfection; 1650 USB scanner was used. - - - - SCSI Interface - - If the scanner uses a SCSI interface, it is important to - know which SCSI controller board it will use. Depending - upon the SCSI chipset, a custom kernel configuration file + In this example, an &epson.perfection; 1650 + USB scanner was detected on + /dev/ugen0.2. + + If the scanner uses a SCSI interface, it is important to + know which SCSI controller board it will use. Depending + upon the SCSI chipset, a custom kernel configuration file may be needed. The GENERIC kernel - supports the most common SCSI controllers. Refer to + supports the most common SCSI controllers. Refer to /usr/src/sys/conf/NOTES to determine the correct line to add to a custom kernel configuration - file. In addition to the SCSI adapter driver, the following - lines are needed in the kernel configuration file: + file. In addition to the SCSI adapter driver, the following + lines are needed in a custom kernel configuration file: device scbus device pass @@ -1448,9 +1453,9 @@ pass2: <AGFA SNAPSCAN 600 1.10> Fi pass2: 3.300MB/s transfers If the scanner was not powered-on at system boot, it - is still possible to manually force the detection by - performing a SCSI bus scan with the &man.camcontrol.8; - command: + is still possible to manually force detection by + performing a SCSI bus scan with + camcontrol: &prompt.root; camcontrol rescan all Re-scan of bus 0 was successful @@ -1458,7 +1463,7 @@ Re-scan of bus 1 was successful Re-scan of bus 2 was successful Re-scan of bus 3 was successful - The scanner should now appear in the SCSI devices + The scanner should now appear in the SCSI devices list: &prompt.root; camcontrol devlist @@ -1468,22 +1473,24 @@ Re-scan of bus 3 was successful <PHILIPS CDD3610 CD-R/RW 1.00> at scbus2 target 0 lun 0 (pass2,cd0) Refer to &man.scsi.4; and &man.camcontrol.8; for more - details about SCSI devices on &os;. - + details about SCSI devices on &os;. - SANE Configuration + <application>SANE</application> Configuration The SANE system is split in two parts: the backends (graphics/sane-backends) and the - frontends (graphics/sane-frontends). The - backends provide access to the scanner. The - SANE's supported - devices list specifies which backend will support the - image scanner. The correct backend is needed in order to use - the scanner. The frontends provide the graphical scanning - interface, xscanimage. + frontends (graphics/sane-frontends or + graphics/xsane). The + backends provide access to the scanner. Refer to + http://www.sane-project.org/sane-supported-devices.html + to determine which backend supports the + scanner. The frontends provide the graphical scanning + interface. graphics/sane-frontends + installs xscanimage while + graphics/xsane installs + xsane. After installing the graphics/sane-backends port or package, use sane-find-scanner to check the @@ -1498,44 +1505,33 @@ found SCSI scanner "AGFA SNAPSCAN 600 1. The vendor and the product model may or may not appear. - Some USB scanners require firmware to be loaded. Refer - to &man.sane-find-scanner.1; and &man.sane.7; for + Some USB scanners require firmware to be loaded. Refer + to sane-find-scanner(1) and sane(7) for details. Next, check if the scanner will be identified by a - scanning frontend. By default, the - SANE backends come with a command - line tool called &man.scanimage.1;. This command can be used + scanning frontend. The + SANE backends include + scanimage which can be used to list the devices and perform an image acquisition. Use - to list the scanner devices: - - &prompt.root; scanimage -L -device `snapscan:/dev/pass3' is a AGFA SNAPSCAN 600 flatbed scanner - - Here is the output for the USB scanner used in : + to list the scanner devices. The first + example is for a SCSI scanner and the + second is for a USB scanner: &prompt.root; scanimage -L +device `snapscan:/dev/pass3' is a AGFA SNAPSCAN 600 flatbed scanner +&prompt.root; scanimage -L device 'epson2:libusb:/dev/usb:/dev/ugen0.2' is a Epson GT-8200 flatbed scanner - In this output, + In this second example, 'epson2:libusb:/dev/usb:/dev/ugen0.2' is - the backend name (epson2) and the device - node (/dev/ugen0.2) used by the + the backend name (epson2) and + /dev/ugen0.2 is the device node used by the scanner. - - No output or a message saying that no scanners were - identified indicates that &man.scanimage.1; is unable to - identify the scanner. If this happens, edit the backend - configuration file in /usr/local/etc/sane.d/ - and define the scanner device used. - - In the above example, the USB scanner is perfectly - detected and working. - - To determine if the scanner is correctly - identified: + If scanimage is unable to + identify the scanner, this message will appear: &prompt.root; scanimage -L @@ -1544,44 +1540,36 @@ check that the scanner is plugged in, tu sane-find-scanner tool (if appropriate). Please read the documentation which came with this software (README, FAQ, manpages). - Since the scanner is not identified, edit - /usr/local/etc/sane.d/epson2.conf. In - this example, the scanner model is - &epson.perfection; 1650 and it uses the - epson2 backend. When editing, read the - help comments in the backend configuration file. Line - changes are simple: comment out all lines that have the - wrong interface for the scanner. In this example, comment - out all lines starting with the word scsi - as the scanner uses the USB interface. Then, at the end - of the file, add a line specifying the interface and the + If this happens, edit the backend + configuration file in /usr/local/etc/sane.d/ + and define the scanner device used. For example, if the undetected scanner model is + an &epson.perfection; 1650 and it uses the + epson2 backend, edit + /usr/local/etc/sane.d/epson2.conf. + When editing, add a line specifying the interface and the device node used. In this case, add the following line: - usb /dev/uscanner0 + usb /dev/ugen0.2 Save the edits and verify that the scanner is - identified: + identified with the right backend name and the device node: &prompt.root; scanimage -L -device `epson:/dev/uscanner0' is a Epson GT-8200 flatbed scanner - - The `epson:/dev/uscanner0' field now - gives the right backend name and the device node. - +device 'epson2:libusb:/dev/usb:/dev/ugen0.2' is a Epson GT-8200 flatbed scanner Once scanimage -L sees the scanner, the - configuration is complete and the device is now ready to - scan. + configuration is complete and the scanner is now ready to + use. - While &man.scanimage.1; can be used to perform an image + While scanimage can be used to perform an image acquisition from the command line, it is often preferable to use a graphical interface to perform image scanning. The graphics/sane-frontends package or port installs a simple but efficient graphical interface, xscanimage. - Xsane, which is installed with + Alternately, xsane, which is installed with the graphics/xsane package or port, is another popular graphical scanning frontend. It offers advanced features such as various scanning modes, color @@ -1590,34 +1578,33 @@ device `epson:/dev/uscanner0' is a Epson - Giving Other Users Access to the Scanner + Scanner Permissions In order to have access to the scanner, a user needs read and write permissions to the device node used by the - scanner. In the previous example, the USB scanner uses the + scanner. In the previous example, the USB scanner uses the device node /dev/ugen0.2 which is really a symlink to the real device node /dev/usb/0.2.0. The symlink and the device node are owned, respectively, by the wheel and - operator groups. Adding the user to - these groups will allow access to the scanner. However, for - security reasons, always think twice before adding a user - to any group, especially wheel. A better - solution is to create a group to make the scanner device + operator groups. While adding the user to + these groups will allow access to the scanner, it is considered insecure to + add a user + to wheel. A better + solution is to create a group and make the scanner device accessible to members of this group. This example creates a group called - usb using - &man.pw.8;: + usb: &prompt.root; pw groupadd usb Then, make the /dev/ugen0.2 symlink and the /dev/usb/0.2.0 device node accessible to the usb group with write - permissions of (0660 or - 0664. All of this is done by adding the + permissions of 0660 or + 0664 by adding the following lines to /etc/devfs.rules: From owner-svn-doc-all@FreeBSD.ORG Mon Apr 21 16:23:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 20E9E3D7; Mon, 21 Apr 2014 16:23:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 013AC1913; Mon, 21 Apr 2014 16:23:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3LGNfUE014958; Mon, 21 Apr 2014 16:23:41 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3LGNffs014957; Mon, 21 Apr 2014 16:23:41 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404211623.s3LGNffs014957@svn.freebsd.org> From: Warren Block Date: Mon, 21 Apr 2014 16:23:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44615 - head/en_US.ISO8859-1/articles/ldap-auth X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Apr 2014 16:23:42 -0000 Author: wblock Date: Mon Apr 21 16:23:41 2014 New Revision: 44615 URL: http://svnweb.freebsd.org/changeset/doc/44615 Log: Correct email port number. While here, fix title capitalization and contractions. PR: docs/188845 Submitted by: Ondra Knezour Modified: head/en_US.ISO8859-1/articles/ldap-auth/article.xml Modified: head/en_US.ISO8859-1/articles/ldap-auth/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/ldap-auth/article.xml Mon Apr 21 15:54:17 2014 (r44614) +++ head/en_US.ISO8859-1/articles/ldap-auth/article.xml Mon Apr 21 16:23:41 2014 (r44615) @@ -129,7 +129,7 @@ SSL stands for Secure Sockets Layer, and services that implement SSL do not listen on the same ports as their non-SSL counterparts. Thus SMTPS listens - on port 465 (not 45), HTTPS listens on 443, and LDAPS on + on port 465 (not 25), HTTPS listens on 443, and LDAPS on 636. The reason SSL uses a different port than TLS is because a @@ -171,7 +171,7 @@ TLSCACertificateFile /path/to/your/cacer self-signed certificate with OpenSSL: - Generating an RSA key + Generating an RSA Key &prompt.user; openssl genrsa -out cert.key 1024 Generating RSA private key, 1024 bit long modulus @@ -196,7 +196,7 @@ e is 65537 (0x10001) signed: - Self-signing the certificate + Self-signing the Certificate &prompt.user; openssl x509 -req -in cert.csr -days 365 -signkey cert.key -out cert.crt Signature ok @@ -335,7 +335,7 @@ cn: tuser I start my LDAP users' UIDs at 10000 to avoid collisions with system accounts; you can configure whatever number you wish here, - as long as it's less than 65536. + as long as it is less than 65536. We also need group entries. They are as configurable as user entries, but we will use the defaults below: @@ -555,7 +555,7 @@ passwd: files ldap you should be made aware of; see - Shell script for changing passwords + Shell Script for Changing Passwords - Ruby script for changing passwords + Ruby Script for Changing Passwords - Setting attributes read-only + Setting Attributes Read-only Several attributes in LDAP should be read-only. If left writable by the user, for example, a user could change his @@ -667,7 +667,7 @@ conn.modify(luser, [replace])]]>slapd.conf: - Hide passwords + Hide Passwords access to dn.subtree="ou=people,dc=example,dc=org" attrs=userPassword @@ -691,7 +691,7 @@ access to * hole, modify the above to - Read-only attributes + Read-only Attributes access to dn.subtree="ou=people,dc=example,dc=org" attrs=userPassword @@ -712,7 +712,7 @@ access to * - <systemitem class="username">Root</systemitem> account definition + <systemitem class="username">root</systemitem> Account Definition Often the root or manager account for the LDAP service will be defined in the configuration file. @@ -724,21 +724,21 @@ access to * Even better is to define accounts that have limited permissions, and omit a root account entirely. - For example, users to can add or remove user accounts are added to + For example, users that can add or remove user accounts are added to one group, but they cannot themselves change the membership of this group. Such a security policy would help mitigate the effects of a leaked password. - Creating a management group + Creating a Management Group Say you want your IT department to be able to change home - directories for users, but you don't want all of them to be able + directories for users, but you do not want all of them to be able to add or remove users. The way to do this is to add a group for these admins: - Creating a management group + Creating a Management Group dn: cn=homemanagement,dc=example,dc=org objectClass: top @@ -753,7 +753,7 @@ memberUid: uid=user2,ou=people,dc=exampl slapd.conf: - ACLs for a home directory management group + ACLs for a Home Directory Management Group access to dn.subtree="ou=people,dc=example,dc=org" attr=homeDirectory @@ -764,7 +764,7 @@ memberUid: uid=user2,ou=people,dc=exampl Now tuser and user2 can change other users' home directories. - In this example we've given a subset of administrative + In this example we have given a subset of administrative power to certain users without giving them power in other domains. The idea is that soon no single user account has the power of a root account, but every power @@ -774,7 +774,7 @@ memberUid: uid=user2,ou=people,dc=exampl - Password storage + Password Storage By default OpenLDAP will store the value of the userPassword attribute as it @@ -823,7 +823,7 @@ memberUid: uid=user2,ou=people,dc=exampl - <application>OpenSSL</application> Certificates For LDAP + <application>OpenSSL</application> Certificates for LDAP If you are hosting two or more LDAP servers, you will probably not want to use self-signed certificates, since each client will @@ -841,7 +841,7 @@ memberUid: uid=user2,ou=people,dc=exampl are - Creating a certificate + Creating a Certificate &prompt.user; openssl genrsa -out root.key 1024 &prompt.user; openssl req -new -key root.key -out root.csr @@ -872,7 +872,7 @@ memberUid: uid=user2,ou=people,dc=exampl : - Signing as a certificate authority + Signing as a Certificate Authority &prompt.user; openssl x509 -req -days 1024 \ -in ldap-server-one.csr -CA root.crt -CAkey root.key \ From owner-svn-doc-all@FreeBSD.ORG Mon Apr 21 17:17:08 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D9C298AD; Mon, 21 Apr 2014 17:17:07 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AB8171E47; Mon, 21 Apr 2014 17:17:07 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3LHH7dO036530; Mon, 21 Apr 2014 17:17:07 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3LHH7f2036528; Mon, 21 Apr 2014 17:17:07 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404211717.s3LHH7f2036528@svn.freebsd.org> From: Dru Lavigne Date: Mon, 21 Apr 2014 17:17:07 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44616 - head/en_US.ISO8859-1/books/handbook/multimedia X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Apr 2014 17:17:08 -0000 Author: dru Date: Mon Apr 21 17:17:07 2014 New Revision: 44616 URL: http://svnweb.freebsd.org/changeset/doc/44616 Log: Editorial review of MP3 chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml Mon Apr 21 16:23:41 2014 (r44615) +++ head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml Mon Apr 21 17:17:07 2014 (r44616) @@ -66,7 +66,7 @@ - Rip CD and DVD content into + Rip CD and DVD content into files. @@ -251,13 +251,13 @@ pcm2: <Conexant CX20590 (Analog 2.0+H If all goes well, the sound card should now work in os;. If the CD or DVD drive is properly connected to the sound card, one can insert an - audio CD in the drive and play it with + audio CD in the drive and play it with &man.cdcontrol.1;: &prompt.user; cdcontrol -f /dev/acd0 play 1 - Audio CDs have specialized encodings which means that + Audio CDs have specialized encodings which means that they should not be mounted using &man.mount.8;. @@ -486,7 +486,7 @@ pcm7: <HDA Realtek ALC889 PCM #3 Digi This section describes some MP3 - players available for &os;, how to rip audio CD tracks, and + players available for &os;, how to rip audio CD tracks, and how to encode and decode MP3s. @@ -494,146 +494,132 @@ pcm7: <HDA Realtek ALC889 PCM #3 Digi A popular graphical MP3 player is XMMS. - Winamp - skins can be used with XMMS since - the interface is almost identical to that of Nullsoft's - Winamp. - XMMS also has native plug-in - support. - - XMMS can be installed from - the multimedia/xmms port - or package. - - XMMS's interface is intuitive, + It supports Winamp + skins and additional plugins. The interface is intuitive, with a playlist, graphic equalizer, and more. Those familiar with Winamp will find - XMMS simple to use. + XMMS simple to use. On &os;, + XMMS can be installed from + the multimedia/xmms port + or package. - The audio/mpg123 port + The audio/mpg123 package or port provides an alternative, command-line MP3 - player. - - mpg123 can be run by specifying - the sound device and the MP3 file on the - command line. Assuming the audio device is - /dev/dsp1.0 and the - MP3 file is - Foobar-GreatestHits.mp3, enter the - following to play the file: - - &prompt.root; mpg123 -a /dev/dsp1.0 Foobar-GreatestHits.mp3 -High Performance MPEG 1.0/2.0/2.5 Audio Player for Layer 1, 2 and 3. -Version 0.59r (1999/Jun/15). Written and copyrights by Michael Hipp. -Uses code from various people. See 'README' for more! -THIS SOFTWARE COMES WITH ABSOLUTELY NO WARRANTY! USE AT YOUR OWN RISK! - - - - + player. Once installed, specify + the MP3 file to play on the + command line. If the system has multiple audio devices, the + sound device can also be specifed: + + &prompt.root; mpg123 -a /dev/dsp1.0 Foobar-GreatestHits.mp3 +High Performance MPEG 1.0/2.0/2.5 Audio Player for Layers 1, 2 and 3 + version 1.18.1; written and copyright by Michael Hipp and others + free software (LGPL) without any warranty but with best wishes Playing MPEG stream from Foobar-GreatestHits.mp3 ... MPEG 1.0 layer III, 128 kbit/s, 44100 Hz joint-stereo + + Additional MP3 players are available in + the &os; Ports Collection. - Ripping CD Audio Tracks + Ripping <acronym>CD</acronym> Audio Tracks - Before encoding a CD or CD track to - MP3, the audio data on the CD must be - ripped to the hard drive. This is done by copying the raw CD + Before encoding a CD or CD track to + MP3, the audio data on the CD must be + ripped to the hard drive. This is done by copying the raw CD Digital Audio (CDDA) data to WAV files. The cdda2wav tool, which is installed with the sysutils/cdrtools - suite, is used for ripping audio information from CDs and the - information associated with them. + suite, can be used to rip audio information from + CDs. - With the audio CD in the drive, the following command can - be issued as root to rip an entire CD - into individual (per track) WAV + With the audio CD in the drive, the following command can + be issued as root to rip an entire CD + into individual, per track, WAV files: &prompt.root; cdda2wav -D 0,1,0 -B - The - indicates the SCSI device 0,1,0, - which corresponds to the output of cdrecord - -scanbus. - - cdda2wav will support ATAPI - (IDE) CDROM drives. To rip from an IDE drive, specify the - device name in place of the SCSI unit numbers. For example, - to rip track 7 from an IDE drive: - - &prompt.root; cdda2wav -D /dev/acd0 -t 7 + In this example, the + indicates the SCSI device + 0,1,0 containing the CD to rip. + Use cdrecord -scanbus to determine the + correct device parameters for the system. - To rip individual tracks, make use of the - as shown: + To rip individual tracks, use + to specify the track: &prompt.root; cdda2wav -D 0,1,0 -t 7 - This example rips track seven of the audio CDROM. To rip + To rip a range of tracks, such as track one to seven, specify a range: &prompt.root; cdda2wav -D 0,1,0 -t 1+7 - &man.dd.1; can also be used to extract audio tracks on - ATAPI drives, as described in . + To rip from an ATAPI + (IDE) CDROM drive, specify the + device name in place of the SCSI unit numbers. For example, + to rip track 7 from an IDE drive: + + &prompt.root; cdda2wav -D /dev/acd0 -t 7 + Alternately, dd can be used to extract audio tracks on + ATAPI drives, as described in . - Encoding MP3s + Encoding and Decoding MP3s Lame is a popular MP3 encoder which can be installed from the audio/lame port. Due to - licensing restrictions, a package is not available. + patent issues, a package is not available. The following command will convert the ripped - WAV files + WAV file audio01.wav to audio01.mp3: - &prompt.root; lame -h -b 128 \ ---tt "Foo Song Title" \ ---ta "FooBar Artist" \ ---tl "FooBar Album" \ ---ty "2001" \ ---tc "Ripped and encoded by Foo" \ ---tg "Genre" \ -audio01.wav audio01.mp3 + &prompt.root; lame -h -b 128 --tt "Foo Song Title" --ta "FooBar Artist" --tl "FooBar Album" \ +--ty "2014" --tc "Ripped and encoded by Foo" --tg "Genre" audio01.wav audio01.mp3 - 128 kbits is a standard MP3 - bitrate. The 160 and 192 bitrates provide higher quality. + The specified 128 kbits is a standard MP3 + bitrate while the 160 and 192 bitrates provide higher quality. The higher the bitrate, the larger the size of the resulting - MP3. turns on the + MP3. The turns on the higher quality but a little slower mode. The - options beginning with indicate ID3 tags, + options beginning with indicate ID3 tags, which usually contain song information, to be embedded within the MP3 file. Additional encoding options can be found in the lame manual page. - - - - Decoding MP3s - In order to burn an audio CD from MP3s, + In order to burn an audio CD from MP3s, they must first be converted to a non-compressed - WAV format. Both - XMMS and - mpg123 support the output of - MP3 to an uncompressed file format. - - Writing to Disk in XMMS: + file format. XMMS can be used to convert to the + WAV format, while + mpg123 can be used to convert to the + raw Pulse-Code Modulation (PCM) audio data + format. + + To convert audio01.mp3 + using mpg123, specify the name of + the PCM file: + + &prompt.root; mpg123 -s audio01.mp3 > audio01.pcm + + To use XMMS to convert a + MP3 to WAV format, use + these steps: + Converting to <acronym>WAV</acronym> Format in <application>XMMS</application> Launch XMMS. @@ -683,34 +669,20 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz - Writing to stdout in - mpg123: - - - - Run mpg123 -s - audio01.mp3 > - audio01.pcm - - - - XMMS writes a file in the - WAV format, while - mpg123 converts the - MP3 into raw PCM audio data. Both of these + Both the WAV and PCM formats can be used with cdrecord - to create audio CDs, whereas &man.burncd.8; requires a raw - Pulse-Code Modulation (PCM). When using + to create audio CDs, whereas burncd requires the + PCM format. When using WAV files, there will be a small tick sound at the beginning of each track. This sound is the - header of the WAV file. One can remove the - header with SoX, which can be - installed from the audio/sox port or package: + header of the WAV file. The + audio/sox port or package can be used to remove the + header: &prompt.user; sox -t wav -r 44100 -s -w -c 2 track.wav track.raw Refer to for more - information on using a CD burner in &os;. + information on using a CD burner in &os;. From owner-svn-doc-all@FreeBSD.ORG Mon Apr 21 18:12:06 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 257FB92A; Mon, 21 Apr 2014 18:12:06 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1097B155B; Mon, 21 Apr 2014 18:12:06 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3LIC6tE060412; Mon, 21 Apr 2014 18:12:06 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3LIC6UY060411; Mon, 21 Apr 2014 18:12:06 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404211812.s3LIC6UY060411@svn.freebsd.org> From: Dru Lavigne Date: Mon, 21 Apr 2014 18:12:06 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44617 - head/en_US.ISO8859-1/books/handbook/multimedia X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Apr 2014 18:12:06 -0000 Author: dru Date: Mon Apr 21 18:12:05 2014 New Revision: 44617 URL: http://svnweb.freebsd.org/changeset/doc/44617 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml Mon Apr 21 17:17:07 2014 (r44616) +++ head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml Mon Apr 21 18:12:05 2014 (r44617) @@ -8,6 +8,7 @@ Multimedia + @@ -66,8 +67,8 @@ - Rip CD and DVD content into - files. + Rip CD and DVD + content into files. @@ -138,7 +139,7 @@ &prompt.root; kldload snd_hda To automate the loading of this driver at boot time, add the - driver to /boot/loader.conf. The line for + driver to /boot/loader.conf. The line for this driver is: snd_hda_load="YES" @@ -165,7 +166,8 @@ This section is for users who prefer to statically compile in support for the sound card in a custom kernel. For more - information about recompiling a kernel, refer to . + information about recompiling a kernel, refer to . When using a custom kernel to provide sound support, make sure that the audio framework driver exists in the custom @@ -209,10 +211,9 @@ hint.sbc.0.flags="0x15" In this case, the card uses the 0x220 I/O port and the IRQ 5. - The syntax used in - /boot/device.hints is described in - &man.sound.4; and the manual page for the driver of the sound - card. + The syntax used in /boot/device.hints + is described in &man.sound.4; and the manual page for the + driver of the sound card. The settings shown above are the defaults. In some cases, the IRQ or other settings may need to be changed to @@ -257,13 +258,15 @@ pcm2: <Conexant CX20590 (Analog 2.0+H &prompt.user; cdcontrol -f /dev/acd0 play 1 - Audio CDs have specialized encodings which means that - they should not be mounted using &man.mount.8;. + Audio CDs have specialized encodings + which means that they should not be mounted using + &man.mount.8;. - Various applications, such as audio/workman, provide a - friendlier interface. The audio/mpg123 port can be installed - to listen to MP3 audio files. + Various applications, such as + audio/workman, provide a friendlier + interface. The audio/mpg123 port can be + installed to listen to MP3 audio files. Another quick way to test the card is to send data to /dev/dsp: @@ -403,8 +406,8 @@ pcm7: <HDA Realtek ALC889 PCM #3 Digi It is often desirable to have multiple sources of sound that are able to play simultaneously. &os; uses Virtual - Sound Channels to multiplex the - sound card's playback by mixing sound in the kernel. + Sound Channels to multiplex the sound card's playback + by mixing sound in the kernel. Three &man.sysctl.8; knobs are available for configuring virtual channels: @@ -486,29 +489,28 @@ pcm7: <HDA Realtek ALC889 PCM #3 Digi This section describes some MP3 - players available for &os;, how to rip audio CD tracks, and - how to encode and decode MP3s. + players available for &os;, how to rip audio + CD tracks, and how to encode and decode + MP3s. MP3 Players A popular graphical MP3 player is - XMMS. - It supports Winamp - skins and additional plugins. The interface is intuitive, - with a playlist, graphic equalizer, and more. Those familiar - with Winamp will find + XMMS. It supports + Winamp skins and additional + plugins. The interface is intuitive, with a playlist, graphic + equalizer, and more. Those familiar with + Winamp will find XMMS simple to use. On &os;, - XMMS can be installed from - the multimedia/xmms port - or package. + XMMS can be installed from the + multimedia/xmms port or package. The audio/mpg123 package or port provides an alternative, command-line MP3 - player. Once installed, specify - the MP3 file to play on the - command line. If the system has multiple audio devices, the - sound device can also be specifed: + player. Once installed, specify the MP3 + file to play on the command line. If the system has multiple + audio devices, the sound device can also be specifed: &prompt.root; mpg123 -a /dev/dsp1.0 Foobar-GreatestHits.mp3 High Performance MPEG 1.0/2.0/2.5 Audio Player for Layers 1, 2 and 3 @@ -525,50 +527,54 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz Ripping <acronym>CD</acronym> Audio Tracks - Before encoding a CD or CD track to - MP3, the audio data on the CD must be - ripped to the hard drive. This is done by copying the raw CD - Digital Audio (CDDA) data to - WAV files. + Before encoding a CD or + CD track to MP3, the + audio data on the CD must be ripped to the + hard drive. This is done by copying the raw + CD Digital Audio (CDDA) + data to WAV files. The cdda2wav tool, which is installed - with the sysutils/cdrtools - suite, can be used to rip audio information from + with the sysutils/cdrtools suite, can be + used to rip audio information from CDs. - With the audio CD in the drive, the following command can - be issued as root to rip an entire CD - into individual, per track, WAV - files: + With the audio CD in the drive, the + following command can be issued as root to rip an entire + CD into individual, per track, + WAV files: &prompt.root; cdda2wav -D 0,1,0 -B - In this example, the - indicates the SCSI device - 0,1,0 containing the CD to rip. - Use cdrecord -scanbus to determine the - correct device parameters for the system. + In this example, the indicates the + SCSI device 0,1,0 + containing the CD to rip. Use + cdrecord -scanbus to determine the correct + device parameters for the system. - To rip individual tracks, use - to specify the track: + To rip individual tracks, use to + specify the track: &prompt.root; cdda2wav -D 0,1,0 -t 7 - To rip - a range of tracks, such as track one to seven, specify a - range: + To rip a range of tracks, such as track one to seven, + specify a range: &prompt.root; cdda2wav -D 0,1,0 -t 1+7 To rip from an ATAPI - (IDE) CDROM drive, specify the - device name in place of the SCSI unit numbers. For example, - to rip track 7 from an IDE drive: + (IDE) CDROM drive, + specify the device name in place of the + SCSI unit numbers. For example, to rip + track 7 from an IDE drive: &prompt.root; cdda2wav -D /dev/acd0 -t 7 - Alternately, dd can be used to extract audio tracks on - ATAPI drives, as described in . + Alternately, dd can be used to extract + audio tracks on ATAPI drives, as described + in . @@ -577,49 +583,51 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz Lame is a popular MP3 encoder which can be installed from the - audio/lame port. Due to - patent issues, a package is not available. + audio/lame port. Due to patent issues, a + package is not available. The following command will convert the ripped WAV file - audio01.wav - to + audio01.wav to audio01.mp3: &prompt.root; lame -h -b 128 --tt "Foo Song Title" --ta "FooBar Artist" --tl "FooBar Album" \ --ty "2014" --tc "Ripped and encoded by Foo" --tg "Genre" audio01.wav audio01.mp3 - The specified 128 kbits is a standard MP3 - bitrate while the 160 and 192 bitrates provide higher quality. - The higher the bitrate, the larger the size of the resulting - MP3. The turns on the - higher quality but a little slower mode. The - options beginning with indicate ID3 tags, + The specified 128 kbits is a standard + MP3 bitrate while the 160 and 192 bitrates + provide higher quality. The higher the bitrate, the larger + the size of the resulting MP3. The + turns on the higher quality but a + little slower mode. The options beginning with + indicate ID3 tags, which usually contain song information, to be embedded within the MP3 file. Additional encoding options can be found in the lame manual page. - In order to burn an audio CD from MP3s, - they must first be converted to a non-compressed - file format. XMMS can be used to convert to the - WAV format, while - mpg123 can be used to convert to the - raw Pulse-Code Modulation (PCM) audio data - format. - - To convert audio01.mp3 - using mpg123, specify the name of - the PCM file: + In order to burn an audio CD from + MP3s, they must first be converted to a + non-compressed file format. XMMS + can be used to convert to the WAV format, + while mpg123 can be used to convert + to the raw Pulse-Code Modulation (PCM) + audio data format. + + To convert audio01.mp3 using + mpg123, specify the name of the + PCM file: &prompt.root; mpg123 -s audio01.mp3 > audio01.pcm - + To use XMMS to convert a MP3 to WAV format, use these steps: - Converting to <acronym>WAV</acronym> Format in <application>XMMS</application> + Converting to <acronym>WAV</acronym> Format in + <application>XMMS</application> + Launch XMMS. @@ -671,18 +679,20 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz Both the WAV and PCM formats can be used with cdrecord - to create audio CDs, whereas burncd requires the + to create audio CDs, whereas + burncd requires the PCM format. When using - WAV files, there will be a small tick - sound at the beginning of each track. This sound is the - header of the WAV file. The - audio/sox port or package can be used to remove the - header: + WAV files, there will be a small tick sound + at the beginning of each track. This sound is the header of + the WAV file. The + audio/sox port or package can be used to + remove the header: &prompt.user; sox -t wav -r 44100 -s -w -c 2 track.wav track.raw Refer to for more - information on using a CD burner in &os;. + information on using a CD burner in + &os;. @@ -701,7 +711,6 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz - Before configuring video playback, determine the model and chipset of the video card. While &xorg; supports a wide variety of @@ -714,9 +723,9 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz It is a good idea to have a short MPEG test file for evaluating various players and options. Since some DVD applications look for - DVD media in /dev/dvd by default, or have this - device name hardcoded in them, it might be useful to make a - symbolic links to the proper device: + DVD media in /dev/dvd by + default, or have this device name hardcoded in them, it might be + useful to make a symbolic links to the proper device: &prompt.root; ln -sf /dev/cd0 /dev/dvd @@ -732,85 +741,87 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz device. To enhance the shared memory - &xorg; interface, it is - recommended to increase the values of these &man.sysctl.8; + &xorg; interface, it is recommended + to increase the values of these &man.sysctl.8; variables: kern.ipc.shmmax=67108864 kern.ipc.shmall=32768 - - Determining Video Capabilities + + Determining Video Capabilities - XVideo - SDL - DGA + XVideo + SDL + DGA - There are several possible ways to display video under - &xorg; and what works is largely - hardware dependent. Each method described below will have - varying quality across different hardware. + There are several possible ways to display video under + &xorg; and what works is largely + hardware dependent. Each method described below will have + varying quality across different hardware. - Common video interfaces include: + Common video interfaces include: - - - &xorg;: normal output using - shared memory. - + + + &xorg;: normal output using + shared memory. + - - XVideo: an extension to the - &xorg; interface which - allows video to be directly displayed in drawable objects - through a special acceleration. This extension provides - good quality playback even on low-end machines. The next - section describes how to determine if this extension is - running. - + + XVideo: an extension to the + &xorg; interface which + allows video to be directly displayed in drawable objects + through a special acceleration. This extension provides + good quality playback even on low-end machines. The next + section describes how to determine if this extension is + running. + - - SDL: the Simple Directmedia Layer is - a porting layer for many operating systems, allowing - cross-platform applications to be developed which make - efficient use of sound and graphics. SDL - provides a low-level abstraction to the hardware which can - sometimes be more efficient than the - &xorg; interface. On &os;, - SDL can be installed using the devel/sdl20 package or - port. - + + SDL: the Simple Directmedia Layer + is a porting layer for many operating systems, allowing + cross-platform applications to be developed which make + efficient use of sound and graphics. + SDL provides a low-level abstraction to + the hardware which can sometimes be more efficient than + the &xorg; interface. On &os;, + SDL can be installed using the + devel/sdl20 package or port. + - - DGA: the Direct Graphics Access is an - &xorg; extension which allows a - program to bypass the &xorg; - server and directly alter the framebuffer. Because it - relies on a low level memory mapping, programs using it must - be run as root. The - DGA extension can be tested and - benchmarked using &man.dga.1;. When dga - is running, it changes the colors of the display whenever a - key is pressed. To quit, press q. - + + DGA: the Direct Graphics Access is + an &xorg; extension which + allows a program to bypass the + &xorg; server and directly + alter the framebuffer. Because it relies on a low level + memory mapping, programs using it must be run as + root. The + DGA extension can be tested and + benchmarked using &man.dga.1;. When + dga is running, it changes the colors + of the display whenever a key is pressed. To quit, press + q. + - - SVGAlib: a low level console graphics layer. - - + + SVGAlib: a low level console graphics layer. + + - - XVideo + + XVideo - To check whether this extension is running, use - xvinfo: + To check whether this extension is running, use + xvinfo: - &prompt.user; xvinfo + &prompt.user; xvinfo - XVideo is supported for the card if the result is similar - to: + XVideo is supported for the card if the result is + similar to: - X-Video Extension version 2.2 + X-Video Extension version 2.2 screen #0 Adaptor #0: "Savage Streams Engine" number of ports: 1 @@ -879,263 +890,272 @@ kern.ipc.shmall=32768 depth: 1 red, green, blue masks: 0x0, 0x0, 0x0 - The formats listed, such as YUV2 and YUV12, are not - present with every implementation of XVideo and their absence - may hinder some players. + The formats listed, such as YUV2 and YUV12, are not + present with every implementation of XVideo and their + absence may hinder some players. - If the result instead looks like: + If the result instead looks like: - X-Video Extension version 2.2 + X-Video Extension version 2.2 screen #0 no adaptors present - XVideo is probably not supported for the card. This means - that it will be more difficult for the display to meet the - computational demands of rendering video, depending on the - video card and processor. - - - - - Ports and Packages Dealing with Video - - video ports - video packages - - This section introduces some of the software available from - the &os; Ports Collection which can be used for video - playback. - - - <application>MPlayer</application> and - <application>MEncoder</application> - - MPlayer is a command-line video - player with an optional graphical interface which aims to - provide speed and flexibility. Other graphical front-ends to - MPlayer are available from the &os; - Ports Collection. - - MPlayer - - MPlayer can be installed using - the multimedia/mplayer - package or port. Several compile options are available and a - variety of hardware checks occur during the build process. - For these reasons, some users prefer to build the port rather - than install the package. - - When compiling the port, the menu options should be - reviewed to determine the type of support to compile into the - port. If an option is not selected, - MPlayer will not be able to - display that type of video format. Use the arrow keys and - spacebar to select the required formats. When finished, - press Enter to continue the port compile - and installation. - - By default, the package or port will build the - mplayer command line utility and the - gmplayer graphical utility. To encode - videos, compile the multimedia/mencoder port. Due to - licensing restrictions, a package is not available for - MEncoder. - - The first time MPlayer is run, - it will create ~/.mplayer in the user's home - directory. This subdirectory contains default versions of - the user-specific configuration files. - - This section describes only a few common uses. Refer to - mplayer(1) for a complete description of its numerous - options. - - To play the file - testfile.avi, - specify the video interfaces with , as - seen in the following examples: - - &prompt.user; mplayer -vo xv testfile.avi - - &prompt.user; mplayer -vo sdl testfile.avi - - &prompt.user; mplayer -vo x11 testfile.avi - - &prompt.root; mplayer -vo dga testfile.avi - - &prompt.root; mplayer -vo 'sdl:dga' testfile.avi - - It is worth trying all of these options, as their - relative performance depends on many factors and will vary - significantly with hardware. - - To play a DVD, replace - testfile.avi - with , where - N is the title number to play and - DEVICE is the device node for the - DVD. For example, to play title 3 from - /dev/dvd: + XVideo is probably not supported for the card. This + means that it will be more difficult for the display to meet + the computational demands of rendering video, depending on + the video card and processor. + + - &prompt.root; mplayer -vo xv dvd://3 -dvd-device /dev/dvd + + Ports and Packages Dealing with Video - - The default DVD device can be defined - during the build of the MPlayer - port by including the - WITH_DVD_DEVICE=/path/to/desired/device - option. By default, the device is - /dev/cd0. More details can be found in - the port's Makefile.options. - + video ports + video packages - To stop, pause, advance, and so on, use a keybinding. To - see the list of keybindings, run mplayer - -h or read mplayer(1). - - Additional playback options include , which engages fullscreen mode, and - , which helps performance. + This section introduces some of the software available + from the &os; Ports Collection which can be used for video + playback. + + + <application>MPlayer</application> and + <application>MEncoder</application> + + MPlayer is a command-line + video player with an optional graphical interface which aims + to provide speed and flexibility. Other graphical + front-ends to MPlayer are + available from the &os; Ports Collection. + + MPlayer + + MPlayer can be installed + using the multimedia/mplayer package or + port. Several compile options are available and a variety + of hardware checks occur during the build process. For + these reasons, some users prefer to build the port rather + than install the package. + + When compiling the port, the menu options should be + reviewed to determine the type of support to compile into + the port. If an option is not selected, + MPlayer will not be able to + display that type of video format. Use the arrow keys and + spacebar to select the required formats. When finished, + press Enter to continue the port compile + and installation. + + By default, the package or port will build the + mplayer command line utility and the + gmplayer graphical utility. To encode + videos, compile the multimedia/mencoder + port. Due to licensing restrictions, a package is not + available for MEncoder. + + The first time MPlayer is + run, it will create ~/.mplayer in the + user's home directory. This subdirectory contains default + versions of the user-specific configuration files. + + This section describes only a few common uses. Refer to + mplayer(1) for a complete description of its numerous + options. + + To play the file + testfile.avi, + specify the video interfaces with , as + seen in the following examples: + + &prompt.user; mplayer -vo xv testfile.avi + + &prompt.user; mplayer -vo sdl testfile.avi + + &prompt.user; mplayer -vo x11 testfile.avi + + &prompt.root; mplayer -vo dga testfile.avi + + &prompt.root; mplayer -vo 'sdl:dga' testfile.avi + + It is worth trying all of these options, as their + relative performance depends on many factors and will vary + significantly with hardware. + + To play a DVD, replace + testfile.avi + with , where + N is the title number to play and + DEVICE is the device node for the + DVD. For example, to play title 3 from + /dev/dvd: + + &prompt.root; mplayer -vo xv dvd://3 -dvd-device /dev/dvd + + + The default DVD device can be + defined during the build of the + MPlayer port by including the + WITH_DVD_DEVICE=/path/to/desired/device + option. By default, the device is + /dev/cd0. More details can be found + in the port's + Makefile.options. + + + To stop, pause, advance, and so on, use a keybinding. + To see the list of keybindings, run mplayer + -h or read mplayer(1). + + Additional playback options include , which engages fullscreen mode, and + , which helps performance. - Each user can add commonly used options to their - ~/.mplayer/config like so: + Each user can add commonly used options to their + ~/.mplayer/config like so: - vo=xv + vo=xv fs=yes zoom=yes - mplayer can be used to rip a - DVD title to a .vob. - To dump the second title from a DVD: - - &prompt.root; mplayer -dumpstream -dumpfile out.vob dvd://2 -dvd-device /dev/dvd - - The output file, out.vob, will be in - MPEG format. - - Anyone wishing to obtain a high level of expertise with - &unix; video should consult mplayerhq.hu/DOCS - as it is technically informative. This documentation should - be considered as required reading before submitting any bug - reports. - - - mencoder - - - Before using mencoder, it is a good - idea to become familiar with the options described at - mplayerhq.hu/DOCS/HTML/en/mencoder.html. - There are innumerable ways to improve quality, lower bitrate, - and change formats, and some of these options may make the - difference between good or bad performance. Improper - combinations of command line options can yield output files - that are unplayable even by mplayer. - - Here is an example of a simple copy: - - &prompt.user; mencoder input.avi -oac copy -ovc copy -o output.avi - - To rip to a file, use with - mplayer. - - To convert - input.avi to - the MPEG4 codec with MPEG3 audio encoding, first install the - audio/lame port. Due to - licensing restrictions, a package is not available. Once - installed, type: + mplayer can be used to rip a + DVD title to a .vob. + To dump the second title from a + DVD: + + &prompt.root; mplayer -dumpstream -dumpfile out.vob dvd://2 -dvd-device /dev/dvd + + The output file, out.vob, will be + in MPEG format. + + Anyone wishing to obtain a high level of expertise with + &unix; video should consult mplayerhq.hu/DOCS + as it is technically informative. This documentation should + be considered as required reading before submitting any bug + reports. + + + mencoder + + + Before using mencoder, it is a good + idea to become familiar with the options described at mplayerhq.hu/DOCS/HTML/en/mencoder.html. + There are innumerable ways to improve quality, lower + bitrate, and change formats, and some of these options may + make the difference between good or bad performance. + Improper combinations of command line options can yield + output files that are unplayable even by + mplayer. + + Here is an example of a simple copy: + + &prompt.user; mencoder input.avi -oac copy -ovc copy -o output.avi + + To rip to a file, use with + mplayer. + + To convert + input.avi to + the MPEG4 codec with MPEG3 audio encoding, first install the + audio/lame port. Due to licensing + restrictions, a package is not available. Once installed, + type: - &prompt.user; mencoder input.avi -oac mp3lame -lameopts br=192 \ + &prompt.user; mencoder input.avi -oac mp3lame -lameopts br=192 \ -ovc lavc -lavcopts vcodec=mpeg4:vhq -o output.avi - This will produce output playable by applications such as - mplayer and xine. + This will produce output playable by applications such + as mplayer and + xine. + + input.avi + can be replaced with and run as root to re-encode a + DVD title directly. Since it may take a + few tries to get the desired result, it is recommended to + instead dump the title to a file and to work on the + file. + + + + The <application>xine</application> Video + Player + + xine is a video player with a + reusable base library and a modular executable which can be + extended with plugins. It can be installed using the + multimedia/xine package or port. + + In practice, xine requires + either a fast CPU with a fast video card, or support for the + XVideo extension. The xine video + player performs best on XVideo interfaces. + + By default, the xine player + starts a graphical user interface. The menus can then be + used to open a specific file. + + Alternatively, xine may be + invoked from the command line by specifying the name of the + file to play: + + &prompt.user; xine -g -p mymovie.avi + + Refer to + xine-project.org/faq for more information and + troubleshooting tips. + + + + The <application>Transcode</application> + Utilities + + Transcode provides a suite of + tools for re-encoding video and audio files. + Transcode can be used to merge + video files or repair broken files using command line tools + with stdin/stdout stream interfaces. + + In &os;, Transcode can be + installed using the multimedia/transcode + package or port. Many users prefer to compile the port as + it provides a menu of compile options for specifying the + support and codecs to compile in. If an option is not + selected, Transcode will not be + able to encode that format. Use the arrow keys and spacebar + to select the required formats. When finished, press + Enter to continue the port compile and + installation. - input.avi - can be replaced with and run as root to - re-encode a DVD title directly. Since it - may take a few tries to get the desired result, it is - recommended to instead dump the title to a file and to work on - the file. - - - - The <application>xine</application> Video Player - - xine is a video player with a - reusable base library and a modular executable which can be - extended with plugins. It can be installed using the - multimedia/xine package or - port. - - In practice, xine requires - either a fast CPU with a fast video card, or support for the - XVideo extension. The xine video - player performs best on XVideo interfaces. - - By default, the xine player - starts a graphical user interface. The menus can then be used - to open a specific file. - - Alternatively, xine may be - invoked from the command line - by specifying the name of the file to play: - - &prompt.user; xine -g -p mymovie.avi - - Refer to - xine-project.org/faq for more information and - troubleshooting tips. - - - - The <application>Transcode</application> - Utilities - - Transcode provides a suite of - tools for re-encoding video and audio files. - Transcode can be used to merge - video files or repair broken files using command line tools - with stdin/stdout stream - interfaces. - - In &os;, Transcode can be - installed using the multimedia/transcode package or - port. Many users prefer to compile the port as it provides a - menu of compile options for specifying the support and codecs - to compile in. If an option is not selected, - Transcode will not be able to - encode that format. Use the arrow keys and spacebar to select - the required formats. When finished, press - Enter to continue the port compile and - installation. + This example demonstrates how to convert a DivX file + into a PAL MPEG-1 file (PAL VCD): - This example demonstrates how to convert a DivX file into - a PAL MPEG-1 file (PAL VCD): - - &prompt.user; transcode -i + &prompt.user; transcode -i input.avi -V --export_prof vcd-pal -o output_vcd &prompt.user; mplex -f 1 -o output_vcd.mpg output_vcd.m1v output_vcd.mpa - The resulting MPEG file, - output_vcd.mpg, - is ready to be played with MPlayer. - The file can be burned on a CD media to - create a video CD using a utility such as - multimedia/vcdimager or sysutils/cdrdao. - - In addition to the manual page for - transcode, refer to transcoding.org/cgi-bin/transcode - for further information and examples. - - - + The resulting MPEG file, + output_vcd.mpg, + is ready to be played with + MPlayer. The file can be burned + on a CD media to create a video + CD using a utility such as + multimedia/vcdimager or + sysutils/cdrdao. + + In addition to the manual page for + transcode, refer to transcoding.org/cgi-bin/transcode + for further information and examples. + + + - - + + TV Cards @@ -1158,29 +1178,29 @@ zoom=yes - - TV cards - - - TV cards can be used to watch broadcast or cable TV on a *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Mon Apr 21 18:16:37 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A798FBAE; Mon, 21 Apr 2014 18:16:37 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9412615C2; Mon, 21 Apr 2014 18:16:37 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3LIGbho061109; Mon, 21 Apr 2014 18:16:37 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3LIGbLp061108; Mon, 21 Apr 2014 18:16:37 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404211816.s3LIGbLp061108@svn.freebsd.org> From: Dru Lavigne Date: Mon, 21 Apr 2014 18:16:37 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44618 - head/en_US.ISO8859-1/books/handbook/multimedia X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Apr 2014 18:16:37 -0000 Author: dru Date: Mon Apr 21 18:16:37 2014 New Revision: 44618 URL: http://svnweb.freebsd.org/changeset/doc/44618 Log: Fix grammo. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml Mon Apr 21 18:12:05 2014 (r44617) +++ head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml Mon Apr 21 18:16:37 2014 (r44618) @@ -725,7 +725,7 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz DVD applications look for DVD media in /dev/dvd by default, or have this device name hardcoded in them, it might be - useful to make a symbolic links to the proper device: + useful to make a symbolic link to the proper device: &prompt.root; ln -sf /dev/cd0 /dev/dvd From owner-svn-doc-all@FreeBSD.ORG Mon Apr 21 18:48:00 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CBD6338C; Mon, 21 Apr 2014 18:48:00 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B8EB618C7; Mon, 21 Apr 2014 18:48:00 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3LIm0ts073807; Mon, 21 Apr 2014 18:48:00 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3LIm0No073805; Mon, 21 Apr 2014 18:48:00 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404211848.s3LIm0No073805@svn.freebsd.org> From: Dru Lavigne Date: Mon, 21 Apr 2014 18:48:00 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44619 - head/en_US.ISO8859-1/books/handbook/kernelconfig X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Apr 2014 18:48:00 -0000 Author: dru Date: Mon Apr 21 18:48:00 2014 New Revision: 44619 URL: http://svnweb.freebsd.org/changeset/doc/44619 Log: Fix redundancy and missing acronym tag. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Mon Apr 21 18:16:37 2014 (r44618) +++ head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Mon Apr 21 18:48:00 2014 (r44619) @@ -274,8 +274,8 @@ ath_hal(4) - Atheros Hardw &prompt.root; cd /usr/src/sys/amd64/conf &prompt.root; cp GENERIC MYKERNEL - The configuration file MYKERNEL can now - be customized with any ASCII text editor. The default editor is + MYKERNEL can now + be customized with any ASCII text editor. The default editor is vi, though an easier editor for beginners, called ee, is also installed with &os;. From owner-svn-doc-all@FreeBSD.ORG Mon Apr 21 18:51:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2D5A94DD; Mon, 21 Apr 2014 18:51:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 006A71963; Mon, 21 Apr 2014 18:51:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3LIpsb9077146; Mon, 21 Apr 2014 18:51:54 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3LIpsfa077145; Mon, 21 Apr 2014 18:51:54 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404211851.s3LIpsfa077145@svn.freebsd.org> From: Dru Lavigne Date: Mon, 21 Apr 2014 18:51:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44620 - head/en_US.ISO8859-1/books/handbook/kernelconfig X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Apr 2014 18:51:55 -0000 Author: dru Date: Mon Apr 21 18:51:54 2014 New Revision: 44620 URL: http://svnweb.freebsd.org/changeset/doc/44620 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Mon Apr 21 18:48:00 2014 (r44619) +++ head/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml Mon Apr 21 18:51:54 2014 (r44620) @@ -83,8 +83,8 @@ Today, most of the functionality in the &os; kernel is contained in modules which can be dynamically loaded and - unloaded from the kernel as necessary. This allows the - running kernel to adapt immediately to new hardware or for new + unloaded from the kernel as necessary. This allows the running + kernel to adapt immediately to new hardware or for new functionality to be brought into the kernel. This is known as a modular kernel. @@ -274,11 +274,12 @@ ath_hal(4) - Atheros Hardw &prompt.root; cd /usr/src/sys/amd64/conf &prompt.root; cp GENERIC MYKERNEL - MYKERNEL can now - be customized with any ASCII text editor. The default editor is - vi, though an easier editor for - beginners, called ee, is also - installed with &os;. + MYKERNEL can + now be customized with any ASCII text editor. + The default editor is vi, though an + easier editor for beginners, called + ee, is also installed with + &os;. kernel @@ -1288,8 +1289,10 @@ device fwe # Ethernet loader. This can be accessed when the system boot menu appears by selecting the Escape to a loader prompt option. At the prompt, type - boot kernel.old, or the name of any - other kernel that is known to boot properly. + boot + kernel.old, or the + name of any other kernel that is known to boot + properly. After booting with a good kernel, check over the configuration file and try to build it again. One helpful From owner-svn-doc-all@FreeBSD.ORG Mon Apr 21 21:16:03 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 74E9DFA; Mon, 21 Apr 2014 21:16:03 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6238817CA; Mon, 21 Apr 2014 21:16:03 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3LLG3Ut036304; Mon, 21 Apr 2014 21:16:03 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3LLG32W036301; Mon, 21 Apr 2014 21:16:03 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201404212116.s3LLG32W036301@svn.freebsd.org> From: Glen Barber Date: Mon, 21 Apr 2014 21:16:03 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44621 - head/en_US.ISO8859-1/articles/contributors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Apr 2014 21:16:03 -0000 Author: gjb Date: Mon Apr 21 21:16:02 2014 New Revision: 44621 URL: http://svnweb.freebsd.org/changeset/doc/44621 Log: Jordan Hubbard (jkh) has had his commit bit reinstated months ago. Remove him from the Alumni section, and add him back to the committers section. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml head/en_US.ISO8859-1/articles/contributors/contrib.develalumni.xml Modified: head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Mon Apr 21 18:51:54 2014 (r44620) +++ head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Mon Apr 21 21:16:02 2014 (r44621) @@ -527,6 +527,10 @@ + &a.jkh.email; + + + &a.davide.email; Modified: head/en_US.ISO8859-1/articles/contributors/contrib.develalumni.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.develalumni.xml Mon Apr 21 18:51:54 2014 (r44620) +++ head/en_US.ISO8859-1/articles/contributors/contrib.develalumni.xml Mon Apr 21 21:16:02 2014 (r44621) @@ -591,10 +591,6 @@ - &a.jkh.email; (1993 - 2008) - - - &a.jdp.email; ( - 2008) From owner-svn-doc-all@FreeBSD.ORG Mon Apr 21 21:29:57 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BA7C4801; Mon, 21 Apr 2014 21:29:57 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A66521917; Mon, 21 Apr 2014 21:29:57 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3LLTvGM040809; Mon, 21 Apr 2014 21:29:57 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3LLTvZ5040808; Mon, 21 Apr 2014 21:29:57 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404212129.s3LLTvZ5040808@svn.freebsd.org> From: Dru Lavigne Date: Mon, 21 Apr 2014 21:29:57 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44622 - head/en_US.ISO8859-1/books/handbook/boot X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Apr 2014 21:29:57 -0000 Author: dru Date: Mon Apr 21 21:29:57 2014 New Revision: 44622 URL: http://svnweb.freebsd.org/changeset/doc/44622 Log: Prep work for boot chapter. Add missing items from what is covered in this chapter list. Add note about GPT and EFI/UEFI. Some shuffling of headings to improve flow. More commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/boot/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Mon Apr 21 21:16:02 2014 (r44621) +++ head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Mon Apr 21 21:29:57 2014 (r44622) @@ -19,7 +19,7 @@ The process of starting a computer and loading the operating system is referred to as the bootstrap process, - or simply booting. &os;'s boot process provides + or booting. &os;'s boot process provides a great deal of flexibility in customizing what happens when the system starts, including the ability to select from different operating systems installed on the same computer, @@ -47,18 +47,27 @@ - The basics of &man.device.hints.5;. + How to configure a customized boot splash screen. + + + + The basics of setting device hints. + + + + How to boot into single- and multi-user mode and how to + properly shutdown a &os; system. This chapter only describes the boot process for &os; - running on Intel x86 systems. + running on x86 and amd64 systems. - The Booting Problem + &os; Boot Process Turning on a computer and starting the operating system poses an interesting dilemma. By definition, the computer does @@ -71,7 +80,7 @@ This problem parallels one in the book The Adventures of Baron Munchausen. A character had fallen part way down a manhole, and pulled himself - out by grabbing his bootstraps, and lifting. In the early days + out by grabbing his bootstraps and lifting. In the early days of computing the term bootstrap was applied to the mechanism used to load the operating system, which has become shortened to booting. @@ -81,9 +90,9 @@ Basic Input/Output SystemBIOS - On x86 hardware the Basic Input/Output System + On x86 hardware, the Basic Input/Output System (BIOS) is responsible for loading the - operating system. To do this, the BIOS + operating system. The BIOS looks on the hard disk for the Master Boot Record (MBR), which must be located in a specific place on the disk. The BIOS has enough @@ -91,6 +100,19 @@ assumes that the MBR can then carry out the rest of the tasks involved in loading the operating system, possibly with the help of the BIOS. + + + amd64 hardware is backward compatible as it understands + BIOS instructions. Newer hardware uses + a GUID Partition Table (GPT) instead of a + MBR. &os; can boot from a + MBR or GPT partition. + When booting from GPT, &os; can boot from + either a legacy BIOS or an Extensible + Firmware Interface (EFI). Work is in + progress to provide Unified Extensible Firmware Interface + (UEFI) support. + Master Boot Record MBR) @@ -101,60 +123,50 @@ The code within the MBR is usually referred to as a boot manager, especially - when it interacts with the user. In this case, the boot + when it interacts with the user. The boot manager usually has more code in the first - track of the disk or within the file - system of some operating systems. A boot manager is sometimes - also called a boot loader, but &os; uses - that term for a later stage of booting. Popular boot managers - include boot0, also called - Boot Easy, the standard &os; boot - manager, Grub, - GAG, and - LILO. Only - boot0 fits within the - MBR. + track of the disk or within the file + system. Examples of boot managers + include the standard &os; boot + manager boot0, also called + Boot Easy, and Grub, + which is used by many &linux; distributions. - If only one operating system is installed, a standard PC - MBR will suffice. This + If only one operating system is installed, the MBR searches for the first bootable (active) slice on the disk, and then runs the code on that slice to load - the remainder of the operating system. By default, the - MBR installed by &man.fdisk.8; is such an - MBR and is based on - /boot/mbr. - - If multiple operating systems are present, a different boot + the remainder of the operating system. If multiple operating + systems are present, a different boot manager can be installed which displays the list of operating - systems so that the user can choose which one to boot from. Two - boot managers are discussed in the next subsection. + systems so that the user can choose which one to boot from. The remainder of the &os; bootstrap system is divided into - three stages. The first stage is run by the - MBR, which knows just enough to get the + three stages. The first stage knows just enough to get the computer into a specific state and run the second stage. The second stage can do a little bit more, before running the third stage. The third stage finishes the task of loading the operating system. The work is split into three stages because - PC standards put limits on the size of the programs that can be + the MBR puts limits on the size of the programs that can be run at stages one and two. Chaining the tasks together allows &os; to provide a more flexible loader. kernel &man.init.8; - The kernel is then started and it begins to probe for + The kernel is then started and begins to probe for devices and initialize them for use. Once the kernel boot process is finished, the kernel passes control to the user - process &man.init.8;, which then makes sure the disks are in a - usable state. &man.init.8; then starts the user-level resource + process &man.init.8;, which makes sure the disks are in a + usable state, starts the user-level resource configuration which mounts file systems, sets up network cards to communicate on the network, and starts the processes which - have been configured to run on a &os; system at startup. - + have been configured to run at startup. + + This section describes these stages in more detail and + demonstrates how to interact with the &os; boot process. - - The Boot Manager and Boot Stages + + The Boot Manager Boot Manager @@ -232,6 +244,7 @@ label=FreeBSD run /sbin/lilo -v to commit the new changes. Verify these are correct by checking the screen messages. + Stage One and Stage Two @@ -605,6 +618,7 @@ boot: boot flags. + - + Configuring Boot Time Splash Screens @@ -766,7 +780,6 @@ bitmap_name="/boot/splash.b For more information, refer to &man.splash.4;, &man.loader.conf.5;, and &man.vga.4;. - From owner-svn-doc-all@FreeBSD.ORG Mon Apr 21 22:51:02 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3A1756AB; Mon, 21 Apr 2014 22:51:02 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 258C51239; Mon, 21 Apr 2014 22:51:02 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3LMp2gb075011; Mon, 21 Apr 2014 22:51:02 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3LMp2Te075010; Mon, 21 Apr 2014 22:51:02 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404212251.s3LMp2Te075010@svn.freebsd.org> From: Dru Lavigne Date: Mon, 21 Apr 2014 22:51:02 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44623 - head/en_US.ISO8859-1/books/handbook/boot X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Apr 2014 22:51:02 -0000 Author: dru Date: Mon Apr 21 22:51:01 2014 New Revision: 44623 URL: http://svnweb.freebsd.org/changeset/doc/44623 Log: Editorial review of boot stages. Format loader built-in commands as a table. More commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/boot/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Mon Apr 21 21:29:57 2014 (r44622) +++ head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Mon Apr 21 22:51:01 2014 (r44623) @@ -173,18 +173,13 @@ Master Boot Record (MBR) - The code in the MBR or boot manager is + The boot manager code in the MBR is sometimes referred to as stage zero of the - boot process. This section discusses two boot managers: - boot0 and - LILO. - - - The <application>boot0</application> Boot - Manager: + boot process. By default, &os; uses the + boot0 boot manager. - The MBR installed by &os;'s installer - or &man.boot0cfg.8; is based on + The MBR installed by the &os; installer + is based on /boot/boot0. The size and capability of boot0 is restricted to 446 bytes due to the slice table and 0x55AA @@ -192,7 +187,6 @@ boot0 and multiple operating systems are installed, a message similar to this example will be displayed at boot time: - <filename>boot0</filename> Screenshot @@ -203,7 +197,7 @@ F2 FreeBSD Default: F2 - Other operating systems, in particular &windows;, will + Other operating systems will overwrite an existing MBR if they are installed after &os;. If this happens, or to replace the existing MBR with the &os; @@ -219,65 +213,37 @@ Default: F2 for the first SCSI disk. To create a custom configuration of the MBR, refer to &man.boot0cfg.8;. - - - The LILO Boot Manager: - - To install this boot manager so it will also boot &os;, - boot into Linux and add the following to the existing - /etc/lilo.conf configuration: - - - other=/dev/hdXY -table=/dev/hdX -loader=/boot/chain.b -label=FreeBSD - - Specify &os;'s primary partition and drive using Linux - specifiers, replacing X with the - Linux drive letter and Y with the - Linux primary partition number. For a SCSI - drive, change /dev/hd to - /dev/sd. The - line can be omitted if - both operating systems are installed on the same drive. Next, - run /sbin/lilo -v to commit the new - changes. Verify these are correct by checking the screen - messages. Stage One and Stage Two Conceptually, the first and second stages are part of the - same program, on the same area of the disk. Because of space + same program on the same area of the disk. Because of space constraints, they have been split into two, but are always installed together. They are copied from the combined - /boot/boot by the installer or - &man.bsdlabel.8;. + /boot/boot by the &os; installer or + bsdlabel. - They are located outside file systems, in the first track + These two stages are located outside file systems, in the first track of the boot slice, starting with the first sector. This is - where boot0 (), or any other + where boot0, or any other boot manager, expects to find a program to run which will - continue the boot process. The number of sectors used is - easily determined from the size of - /boot/boot. + continue the boot process. - boot1 is very simple, since it can - only be 512 bytes in size, and knows just enough about the + The first stage, boot1, is very simple, since it can + only be 512 bytes in size. It knows just enough about the &os; bsdlabel, which stores information about the slice, to find and execute boot2. - boot2 is slightly more sophisticated, - and understands the &os; file system enough to find files, and + Stage two, boot2, is slightly more sophisticated, + and understands the &os; file system enough to find files. It can provide a simple interface to choose the kernel or loader - to run. - - However, &man.loader.8; is much more sophisticated and - provides a boot configuration which is run by - boot2. + to run. It runs loader, which is much more sophisticated and + provides a boot configuration file. If the boot process is + interrupted at stage two, the following interactive screen is + displayed: <filename>boot2</filename> Screenshot @@ -287,26 +253,23 @@ Default: 0:ad(0,a)/boot/loader boot: - &man.bsdlabel.8; can be used to replace the installed + To replace the installed boot1 and - boot2: - - &prompt.root; bsdlabel -B diskslice - - where diskslice is the disk and + boot2, use bsdlabel, + where diskslice is the disk and slice to boot from, such as ad0s1 for the first slice on the first IDE - disk. + disk: - - Dangerously Dedicated Mode + &prompt.root; bsdlabel -B diskslice + If just the disk name is used, such as - ad0, &man.bsdlabel.8; will create a - dangerously dedicated disk, without slices. + ad0, bsdlabel will create the disk in + dangerously dedicated mode, without slices. This is probably not the desired action, so double check the - diskslice passed to - &man.bsdlabel.8; before pressing + diskslice + before pressing Return. @@ -316,16 +279,16 @@ boot: boot-loader - The loader is the final stage of the three-stage - bootstrap, and is located on the file system, usually as + The loader is the final stage of the three-stage + bootstrap process. It is located on the file system, usually as /boot/loader. - The loader is intended as an interactive method for + The loader is intended as an interactive method for configuration, using a built-in command set, backed up by a more powerful interpreter which has a more complex command set. - During initialization, the loader will probe for a + During initialization, loader will probe for a console and for disks, and figure out which disk it is booting from. It will set variables accordingly, and an interpreter is started where user commands can be passed from @@ -334,7 +297,7 @@ boot: loader loader configuration - The loader will then read + The loader will then read /boot/loader.rc, which by default reads in /boot/defaults/loader.conf which sets reasonable defaults for variables and reads @@ -343,166 +306,135 @@ boot: these variables, loading whichever modules and kernel are selected. - Finally, by default, the loader issues a 10 second wait + Finally, by default, loader issues a 10 second wait for key presses, and boots the kernel if it is not interrupted. If interrupted, the user is presented with a prompt which understands the command set, where the user may adjust variables, unload all modules, load modules, and then - finally boot or reboot. + finally boot or reboot. lists the most + commonly used loader commands. For + a complete discussion of all available commands, refer to + &man.loader.8;. - + Loader Built-In Commands - These are the most commonly used loader commands. For a - complete discussion of all available commands, refer to - &man.loader.8;. - - - - autoboot seconds - - - Proceeds to boot the kernel if not interrupted + + + + Variable + Description + + + + + + autoboot seconds + Proceeds to boot the kernel if not interrupted within the time span given, in seconds. It displays a countdown, and the default time span is 10 - seconds. - - + seconds. + - - boot + + boot -options - kernelname - - - Immediately proceeds to boot the kernel, with any + kernelname + Immediately proceeds to boot the kernel, with any specified options or kernel name. Providing a kernel name on the command-line is only applicable after an - unload command has been issued; - otherwise the previously-loaded kernel will be - used. - - - - - boot-conf - - - Goes through the same automatic configuration of + unload has been issued. + Otherwise the previously-loaded kernel will be + used. + + + + boot-conf + Goes through the same automatic configuration of modules based on specified variables, most commonly kernel. This only makes sense if unload is used first, before - changing some variables. - - - - - help - topic + changing some variables. + - - Shows help messages read from + + help + topic + Shows help messages read from /boot/loader.help. If the topic given is index, the list of - available topics is displayed. - - - - - include filename - … - - - Processes the file with the given filename. The - file is read in and interpreted line by line. An - error immediately stops the include command. - - + available topics is displayed. + - - load -t - type - filename + + include filename + … + Reads the specified file and interprets it line by line. An + error immediately stops the include. + - - Loads the kernel, kernel module, or file of the + + load -t + type + filename + Loads the kernel, kernel module, or file of the type given, with the specified filename. Any arguments after filename - are passed to the file. - - - - - ls -l - path + are passed to the file. + - - Displays a listing of files in the given path, or + + ls -l + path + Displays a listing of files in the given path, or the root directory, if the path is not specified. If is specified, file sizes will - also be shown. - - - - - lsdev - -v + also be shown. + - - Lists all of the devices from which it may be + + lsdev + -v + Lists all of the devices from which it may be possible to load modules. If is - specified, more details are printed. - - - - - lsmod - -v - - - Displays loaded modules. If - is specified, more details are shown. - - - - - more filename - - - Displays the files specified, with a pause at each - LINES displayed. - - - - - reboot - - - Immediately reboots the system. - - - - - set variable - set - variable=value - - - Sets the loader's environment variables. - - - - - unload - - - Removes all loaded modules. - - - - + specified, more details are printed. + + + + lsmod + -v + Displays loaded modules. If + is specified, more details are shown. + + + + more filename + Displays the files specified, with a pause at each + LINES displayed. + + + + reboot + Immediately reboots the system. + + + + set variable, set + variable=value + Sets the specified environment variables. + + + + unload + Removes all loaded modules. + + + +
            + - + Loader Examples Here are some practical examples of loader usage: @@ -547,7 +479,6 @@ boot: load -t userconfig_script /boot/kernel.conf - From owner-svn-doc-all@FreeBSD.ORG Mon Apr 21 22:53:06 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E7D6FA25; Mon, 21 Apr 2014 22:53:06 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D488312E8; Mon, 21 Apr 2014 22:53:06 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3LMr6rv077488; Mon, 21 Apr 2014 22:53:06 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3LMr6c9077487; Mon, 21 Apr 2014 22:53:06 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404212253.s3LMr6c9077487@svn.freebsd.org> From: Dru Lavigne Date: Mon, 21 Apr 2014 22:53:06 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44624 - head/en_US.ISO8859-1/books/handbook/boot X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Apr 2014 22:53:07 -0000 Author: dru Date: Mon Apr 21 22:53:06 2014 New Revision: 44624 URL: http://svnweb.freebsd.org/changeset/doc/44624 Log: Fix two grammos. Submitted by: wblock Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/boot/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Mon Apr 21 22:51:01 2014 (r44623) +++ head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Mon Apr 21 22:53:06 2014 (r44624) @@ -56,7 +56,7 @@ How to boot into single- and multi-user mode and how to - properly shutdown a &os; system. + properly shut down a &os; system.             @@ -138,7 +138,7 @@ the remainder of the operating system. If multiple operating systems are present, a different boot manager can be installed which displays the list of operating - systems so that the user can choose which one to boot from.             + systems so that the user can choose which one to boot.             The remainder of the &os; bootstrap system is divided into three stages. The first stage knows just enough to get the From owner-svn-doc-all@FreeBSD.ORG Tue Apr 22 05:23:35 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E07AEE13; Tue, 22 Apr 2014 05:23:35 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C8EE71477; Tue, 22 Apr 2014 05:23:35 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3M5NZGg038345; Tue, 22 Apr 2014 05:23:35 GMT (envelope-from kuriyama@svn.freebsd.org) Received: (from kuriyama@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3M5NZtZ038344; Tue, 22 Apr 2014 05:23:35 GMT (envelope-from kuriyama@svn.freebsd.org) Message-Id: <201404220523.s3M5NZtZ038344@svn.freebsd.org> From: Jun Kuriyama Date: Tue, 22 Apr 2014 05:23:35 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44625 - head/en_US.ISO8859-1/articles/hubs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Apr 2014 05:23:36 -0000 Author: kuriyama Date: Tue Apr 22 05:23:35 2014 New Revision: 44625 URL: http://svnweb.freebsd.org/changeset/doc/44625 Log: - Update distribution sizes. (FTP: 1.1 TB) Modified: head/en_US.ISO8859-1/articles/hubs/article.xml Modified: head/en_US.ISO8859-1/articles/hubs/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/hubs/article.xml Mon Apr 21 22:53:06 2014 (r44624) +++ head/en_US.ISO8859-1/articles/hubs/article.xml Tue Apr 22 05:23:35 2014 (r44625) @@ -67,7 +67,7 @@ Here are some approximate figures: - Full FTP Distribution: 1.0 TB + Full FTP Distribution: 1.1 TB CVS repository: 5.4 GB CTM deltas: 3.2 GB Web pages: 463 MB From owner-svn-doc-all@FreeBSD.ORG Tue Apr 22 15:49:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4BA445FA; Tue, 22 Apr 2014 15:49:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1E1DD16C1; Tue, 22 Apr 2014 15:49:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3MFnsMX099451; Tue, 22 Apr 2014 15:49:54 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3MFnsjQ099449; Tue, 22 Apr 2014 15:49:54 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404221549.s3MFnsjQ099449@svn.freebsd.org> From: Dru Lavigne Date: Tue, 22 Apr 2014 15:49:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44626 - head/en_US.ISO8859-1/books/handbook/boot X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Apr 2014 15:49:55 -0000 Author: dru Date: Tue Apr 22 15:49:54 2014 New Revision: 44626 URL: http://svnweb.freebsd.org/changeset/doc/44626 Log: Move init section into Boot Process as the Last Stage. Format boot options as a table. Expand on single-user mode section. More commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/boot/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Tue Apr 22 05:23:35 2014 (r44625) +++ head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Tue Apr 22 15:49:54 2014 (r44626) @@ -345,7 +345,7 @@ boot: specified options or kernel name. Providing a kernel name on the command-line is only applicable after an unload has been issued. - Otherwise the previously-loaded kernel will be + Otherwise, the previously-loaded kernel will be used. @@ -432,25 +432,16 @@ boot: - - - Loader Examples - - Here are some practical examples of loader usage: - - - - To boot the usual kernel in single-user + Here are some practical examples of + loader usage. To boot the usual kernel in single-user modesingle-user mode: boot -s - - - To unload the usual kernel and modules, and then - load the previous or another kernel: + To unload the usual kernel and modules and then + load the previous or another, specified kernel: unload load kernel.old @@ -463,94 +454,183 @@ boot: system upgrade or before configuring a custom kernel.             - Use the following to load the usual modules with another kernel: unload set kernel="kernel.old" -boot-conf - +boot-conf - To load an automated kernel configuration script: load -t userconfig_script /boot/kernel.conf - - - - - - Kernel Interaction During Boot kernel boot interaction + - Once the kernel is loaded by either the default loader or - by boot2, which bypasses the loader, it examines any boot - flags and adjusts its behavior as necessary. + + Last Stage + + + &man.init.8; + + Once the kernel is loaded by either loader or + by boot2, which bypasses + loader, it examines any boot + flags and adjusts its behavior as necessary. lists the commonly used boot flags. + Refer to &man.boot.8; for more information on the other + boot flags. kernel bootflags - Here are the more common boot flags: + + Kernel Interaction During Boot - - - + + + + Option + Description + + - - During kernel initialization, ask for the device - to mount as the root file system. - - + + + + During kernel initialization, ask for the device + to mount as the root file system. + - - + + + Boot the root file system from a CDROM. + - - Boot from CDROM. - - + + + Boot into single-user mode. + - - + + + Be more verbose during kernel startup. + + + +
            - - Run UserConfig, the boot-time kernel - configurator. - - + Once the kernel has finished booting, it passes control to + the user process &man.init.8;, which is located at + /sbin/init, or the program path specified + in the init_path variable in + loader. This is the last stage of the boot + process. - - + The boot sequence makes sure that the file systems available + on the system are consistent. If a UFS file + system is not, and fsck + cannot fix the inconsistencies, + init drops the system into single-user mode so that the + system administrator can resolve the problem directly. Otherwise, + the system boots into multi-user mode. - - Boot into single-user mode. - - + + Single-User Mode - - + single-user mode + console - - Be more verbose during kernel startup. - - - + A user can specify this mode by + booting with , or by + setting the boot_ single variable in + loader. It can also be reached by + running shutdown now from + multi-user mode. Single-user mode begins with this message: + + Enter full pathname of shell or RETURN for /bin/sh: + + If the user presses Enter, the system + will enter the default Bourne shell. To specify a different + shell, input the full path to the shell. + + Single-user mode is usually used to repair a system that will not + boot due to an inconsistent file system or an error in a boot + configuration file. It can also be used to reset the + root password when + it is unknown. These actions are possible as the single-user + mode prompt gives full, local access to the system and its + configuration files. There is no networking in this mode. + + While single-user mode is useful for repairing a system, + it poses a security risk unless the system is in a physically + secure location. By default, any user who can gain physical + access to a system will have full control of that system after + booting into single-user mode. - - Refer to &man.boot.8; for more information on the other - boot flags. - + If the system console is changed to + insecure in /etc/ttys, + the system will first prompt for the root password before + initiating single-user mode. This adds a measure of security + while removing the ability to reset the root password when it is + unknown. + + + Configuring an Insecure Console in + <filename>/etc/ttys</filename> + + # name getty type status comments +# +# If console is marked "insecure", then init will ask for the root password +# when going to single-user mode. +console none unknown off insecure + + + An insecure console means that + physical security to the console is considered to be + insecure, so only someone who knows the root password may use + single-user mode. + + + + Multi-User Mode + + multi-user mode + + If init finds the file systems to be in order, or + once the user has finished their commands in single-user mode + and has typed exit to leave single-user mode, + the system enters + multi-user mode, in which it starts the resource configuration + of the system. + + rc files + + The resource configuration system reads in configuration + defaults from /etc/defaults/rc.conf and + system-specific details from + /etc/rc.conf. It then proceeds to mount + the system file systems listed in + /etc/fstab. It starts up networking + services, miscellaneous system daemons, then the startup + scripts of locally installed packages. + + To learn more about the resource configuration system, + refer to &man.rc.8; and examine the scripts located in + /etc/rc.d. +             - - - - Configuring Boot Time Splash Screens + + + Configuring Boot Time Splash Screens @@ -653,122 +654,117 @@ console none - Typically when a &os; system boots, it displays its - progress as a series of messages at the console. A boot splash - screen creates an alternate boot screen that - hides all of the boot probe and service - startup messages. A few boot loader messages, including the boot options - menu and a timed wait countdown prompt, are displayed at - boot time, even when the splash screen is enabled. The display of the splash screen - can be turned off by hitting any - key on the keyboard during the boot process. - - There are two basic environments available in &os;. The - first is the default legacy virtual console command line - environment. After the system finishes booting, a console - login prompt is presented. The second environment is a configured - graphical environment. Refer to - for more information on how to install - and configure a graphical display manager and a graphical - login manager. - - Once the system has booted, the splash screen defaults to being a screen saver. - After a time period of non-use, the splash screen - will display and will cycle through steps of changing - intensity of the image, from bright to very dark and over - again. The configuration of the splash screen saver can be - overridden by adding a saver= line to - /etc/rc.conf. Several built-in screen - savers are available and described in &man.splash.4;. The - saver= option only applies to virtual - consoles and has no effect on graphical display - managers. - - Sample splash screen files can be downloaded from the - gallery at http://artwork.freebsdgr.org. - By installing the - sysutils/bsd-splash-changer package or port, a random splash - image from a collection will display at - boot. - - The splash screen function supports 256-colors in the - bitmap (.bmp), ZSoft - PCX (.pcx), or - TheDraw (.bin) formats. The .bmp, - .pcx, or .bin image - has to be placed on the root partition, for example in - /boot. The splash image - files must have a resolution of 320 by 200 pixels or less in - order to work on standard VGA adapters. - For the default boot display resolution of 256-colors and - 320 by 200 pixels or less, add the following lines to - /boot/loader.conf. - Replace splash.bmp with the name of - the bitmap file to use: + Typically when a &os; system boots, it displays its progress + as a series of messages at the console. A boot splash screen + creates an alternate boot screen that hides all of the boot + probe and service startup messages. A few boot loader messages, + including the boot options menu and a timed wait countdown + prompt, are displayed at boot time, even when the splash screen + is enabled. The display of the splash screen can be turned off + by hitting any key on the keyboard during the boot + process. + + There are two basic environments available in &os;. The + first is the default legacy virtual console command line + environment. After the system finishes booting, a console login + prompt is presented. The second environment is a configured + graphical environment. Refer to for more + information on how to install and configure a graphical display + manager and a graphical login manager. + + Once the system has booted, the splash screen defaults to + being a screen saver. After a time period of non-use, the + splash screen will display and will cycle through steps of + changing intensity of the image, from bright to very dark and + over again. The configuration of the splash screen saver can be + overridden by adding a saver= line to + /etc/rc.conf. Several built-in screen + savers are available and described in &man.splash.4;. The + saver= option only applies to virtual + consoles and has no effect on graphical display managers. + + Sample splash screen files can be downloaded from the + gallery at http://artwork.freebsdgr.org. + By installing the sysutils/bsd-splash-changer + package or port, a random splash image from a collection will + display at boot. + *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Tue Apr 22 17:52:05 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AF73AAF; Tue, 22 Apr 2014 17:52:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 827941630; Tue, 22 Apr 2014 17:52:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3MHq5R5052591; Tue, 22 Apr 2014 17:52:05 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3MHq5i7052590; Tue, 22 Apr 2014 17:52:05 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404221752.s3MHq5i7052590@svn.freebsd.org> From: Dru Lavigne Date: Tue, 22 Apr 2014 17:52:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44629 - head/en_US.ISO8859-1/books/handbook/boot X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Apr 2014 17:52:05 -0000 Author: dru Date: Tue Apr 22 17:52:05 2014 New Revision: 44629 URL: http://svnweb.freebsd.org/changeset/doc/44629 Log: Fix a few grammos. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/boot/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Tue Apr 22 17:49:42 2014 (r44628) +++ head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Tue Apr 22 17:52:05 2014 (r44629) @@ -81,9 +81,9 @@ Adventures of Baron Munchausen. A character had fallen part way down a manhole, and pulled himself out by grabbing his bootstraps and lifting. In the early days of - computing the term bootstrap was applied - to the mechanism used to load the operating system, which has - become shortened to booting. + computing, the term bootstrap was applied + to the mechanism used to load the operating system. It has + since become shortened to booting. BIOS @@ -447,7 +447,7 @@ boot: Use kernel.GENERIC to refer to the default kernel that comes with an installation, or - kernel.oldkernel.old + kernel.old, to refer to the previously installed kernel before a system upgrade or before configuring a custom kernel. @@ -549,7 +549,7 @@ boot: console A user can specify this mode by booting with - , or by setting the boot + or by setting the boot _ single variable in loader. It can also be reached by running shutdown now from multi-user From owner-svn-doc-all@FreeBSD.ORG Tue Apr 22 19:43:19 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4E6D663B; Tue, 22 Apr 2014 19:43:19 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2E02F1306; Tue, 22 Apr 2014 19:43:19 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3MJhJwX099185; Tue, 22 Apr 2014 19:43:19 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3MJhJqo099184; Tue, 22 Apr 2014 19:43:19 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404221943.s3MJhJqo099184@svn.freebsd.org> From: Dru Lavigne Date: Tue, 22 Apr 2014 19:43:19 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44630 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Apr 2014 19:43:19 -0000 Author: dru Date: Tue Apr 22 19:43:18 2014 New Revision: 44630 URL: http://svnweb.freebsd.org/changeset/doc/44630 Log: Prep work for IPsec chapter. Add additional definitions to intro. Still need to define SA and SAD. Still need to setup test environment to verify tech setup. This section does not yet mention setkey. More commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Tue Apr 22 17:52:05 2014 (r44629) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Tue Apr 22 19:43:18 2014 (r44630) @@ -61,7 +61,7 @@ - How to configure IPsec and create a + How to configure IPsec and create a VPN. @@ -1993,23 +1993,13 @@ Connection closed by foreign host. - <acronym>VPN</acronym> over IPsec + <acronym>VPN</acronym> over <acronym>IPsec</acronym> NikClayton

            nik@FreeBSD.org
            Written by - - - - IPsec - - - - - Understanding IPsec - Hiten M.Pandya @@ -2018,57 +2008,66 @@ Connection closed by foreign host. - This section demonstrates the process of setting up IPsec. - It assumes familiarity with the concepts of building a custom - kernel (see ). + + IPsec + - IPsec is a protocol which sits on + Internet Protocol Security (IPsec) is a set of protocols which sit on top of the Internet Protocol (IP) layer. - It allows two or more hosts to communicate in a secure manner. - The &os; IPsec network stack is based on the - KAME - implementation, which has support for both IPv4 and - IPv6. + It allows two or more hosts to communicate in a secure manner + by authenticating and encrypting each IP packet of a communication session. + The &os; IPsec network stack is based on the + http://www.kame.net/ + implementation and supports both IPv4 and + IPv6 sessions. - IPsec + IPsec ESP - IPsec + IPsec AH - IPsec consists of two sub-protocols: + IPsec is comprised of the following sub-protocols: Encapsulated Security Payload - ESP): this protocol - protects the IP packet data from third party interference + (ESP): this protocol + protects the IP packet data from third party interference by encrypting the contents using symmetric cryptography - algorithms such as Blowfish and 3DES. + algorithms such as Blowfish and 3DES. Authentication Header - (AH): this protocol - protects the IP packet header from third party + (AH)): this protocol + protects the IP packet header from third party interference and spoofing by computing a cryptographic - checksum and hashing the IP packet header fields with a + checksum and hashing the IP packet header fields with a secure hashing function. This is then followed by an additional header that contains the hash, to allow the information in the packet to be authenticated. + + + IP Payload Compression Protocol + (IPComp): this protocol + tries to increase communication performance by compressing + the IP payload in order ro reduce the + amount of data sent. + - ESP and AH can + These protocols can either be used together or separately, depending on the environment. - VPN + VPN @@ -2076,17 +2075,18 @@ Connection closed by foreign host.VPN - IPsec can either be used to directly encrypt the traffic - between two hosts using Transport Mode or - to build virtual tunnels using - Tunnel Mode. The latter mode is more - commonly known as a Virtual Private Network - (VPN). Consult &man.ipsec.4; - for detailed information on the IPsec subsystem in + IPsec supports two modes of operation. + The first mode, Transport Mode, + protects communications between two hosts. The second mode, + Tunnel Mode, is used to build virtual tunnels, + commonly known as Virtual Private Networks + (VPNs). Consult &man.ipsec.4; + for detailed information on the IPsec subsystem in &os;. - To add IPsec support to the kernel, add the following - options to the custom kernel configuration file: + To add IPsec support to the kernel, add the following + options to the custom kernel configuration file and rebuild + the kernel using the instructions in : kernel options @@ -2101,56 +2101,49 @@ device crypto IPSEC_DEBUG - If IPsec debugging support is desired, the following + If IPsec debugging support is desired, the following kernel option should also be added: options IPSEC_DEBUG #debug for IP security - - - - <acronym>VPN</acronym> Between a Home and Corporate - Network - - - VPN - creating - - There is no standard for what constitutes a - VPN. VPNs can be - implemented using a number of different technologies, each - of which has their own strengths and weaknesses. This - section presents the strategies used for implementing a - VPN for the following scenario: + This rest of this chapter demonstrates the process of + setting up an IPsec VPN + between a home network and a corporate + network. In the example scenario: - There are at least two sites where each site is using - IP internally. - - - Both sites are connected to the Internet through a gateway that is running &os;. - The gateway on each network has at least one public - IP address. + The gateway on each network has at least one external + IP address. In this example, the corporate LAN's + external IP address is 172.16.5.4 and the home + LAN's external IP + address is 192.168.1.12. The internal addresses of the two networks can be - either public or private IP addresses. However, the + either public or private IP addresses. However, the address space must not collide. For example, both networks cannot use 192.168.1.x. + class="ipaddress">192.168.1.x. In this + example, the corporate LAN's + internal IP address is 10.246.38.1 and the home + LAN's internal IP + address is 10.0.0.5. - + - Configuring IPsec on &os; + Configuring a <acronym>VPN</acronym> on &os; TomRhodes @@ -2173,36 +2166,21 @@ device crypto addresses of the internal and external interfaces of the two gateways: - &prompt.root; ifconfig gif0 create - - &prompt.root; ifconfig gif0 internal1 internal2 + &prompt.root; ifconfig gif0 create +&prompt.root; ifconfig gif0 internal1 internal2 +&prompt.root; ifconfig gif0 tunnel external1 external2 - &prompt.root; ifconfig gif0 tunnel external1 external2 + Verify the setup on each gateway, using + ifconfig. Here is the output from Gateway 1: - In this example, the corporate LAN's - external IP address is 172.16.5.4 and its internal - IP address is 10.246.38.1. The home - LAN's external IP - address is 192.168.1.12 and its - internal private IP address is - 10.0.0.5. - - If this is confusing, review the following example - output from &man.ifconfig.8;: - - Gateway 1: - -gif0: flags=8051 mtu 1280 + gif0: flags=8051 mtu 1280 tunnel inet 172.16.5.4 --> 192.168.1.12 inet6 fe80::2e0:81ff:fe02:5881%gif0 prefixlen 64 scopeid 0x6 -inet 10.246.38.1 --> 10.0.0.5 netmask 0xffffff00 +inet 10.246.38.1 --> 10.0.0.5 netmask 0xffffff00 -Gateway 2: + Here is the output from Gateway 2: -gif0: flags=8051 mtu 1280 + gif0: flags=8051 mtu 1280 tunnel inet 192.168.1.12 --> 172.16.5.4 inet 10.0.0.5 --> 10.246.38.1 netmask 0xffffff00 inet6 fe80::250:bfff:fe3a:c1f%gif0 prefixlen 64 scopeid 0x4 @@ -2235,16 +2213,13 @@ round-trip min/avg/max/stddev = 28.106/9 receive ICMP packets from the privately configured addresses. Next, both gateways must be told how to route packets in order to correctly send traffic from - either network. The following command will achieve this + either network. The following commands will achieve this goal: - &prompt.root; corp-net# route add 10.0.0.0 10.0.0.5 255.255.255.0 - - &prompt.root; corp-net# route add net 10.0.0.0: gateway 10.0.0.5 - - &prompt.root; priv-net# route add 10.246.38.0 10.246.38.1 255.255.255.0 - - &prompt.root; priv-net# route add host 10.246.38.0: gateway 10.246.38.1 + &prompt.root; corp-net# route add 10.0.0.0 10.0.0.5 255.255.255.0 +&prompt.root; corp-net# route add net 10.0.0.0: gateway 10.0.0.5 +&prompt.root; priv-net# route add 10.246.38.0 10.246.38.1 255.255.255.0 +&prompt.root; priv-net# route add host 10.246.38.0: gateway 10.246.38.1 At this point, internal machines should be reachable from each gateway as well as from machines behind the @@ -2432,7 +2407,6 @@ pass out quick on gif0 from any to any - From owner-svn-doc-all@FreeBSD.ORG Tue Apr 22 20:03:45 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D732FC61; Tue, 22 Apr 2014 20:03:45 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B76D415CA; Tue, 22 Apr 2014 20:03:45 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3MK3jMA007560; Tue, 22 Apr 2014 20:03:45 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3MK3jZx007559; Tue, 22 Apr 2014 20:03:45 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404222003.s3MK3jZx007559@svn.freebsd.org> From: Dru Lavigne Date: Tue, 22 Apr 2014 20:03:45 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44631 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Apr 2014 20:03:46 -0000 Author: dru Date: Tue Apr 22 20:03:45 2014 New Revision: 44631 URL: http://svnweb.freebsd.org/changeset/doc/44631 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Tue Apr 22 19:43:18 2014 (r44630) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Tue Apr 22 20:03:45 2014 (r44631) @@ -1993,7 +1993,8 @@ Connection closed by foreign host. - <acronym>VPN</acronym> over <acronym>IPsec</acronym> + <acronym>VPN</acronym> over + <acronym>IPsec</acronym> NikClayton @@ -2012,183 +2013,190 @@ Connection closed by foreign host.IPsec - Internet Protocol Security (IPsec) is a set of protocols which sit on - top of the Internet Protocol (IP) layer. - It allows two or more hosts to communicate in a secure manner - by authenticating and encrypting each IP packet of a communication session. - The &os; IPsec network stack is based on the - http://www.kame.net/ - implementation and supports both IPv4 and - IPv6 sessions. + Internet Protocol Security (IPsec) is a + set of protocols which sit on top of the Internet Protocol + (IP) layer. It allows two or more hosts to + communicate in a secure manner by authenticating and encrypting + each IP packet of a communication session. + The &os; IPsec network stack is based on the + http://www.kame.net/ + implementation and supports both IPv4 and + IPv6 sessions. - - IPsec - ESP - - - - IPsec - AH - - - IPsec is comprised of the following sub-protocols: + + IPsec + ESP + - - - Encapsulated Security Payload - (ESP): this protocol - protects the IP packet data from third party interference - by encrypting the contents using symmetric cryptography - algorithms such as Blowfish and 3DES. - + + IPsec + AH + - - Authentication Header - (AH)): this protocol - protects the IP packet header from third party - interference and spoofing by computing a cryptographic - checksum and hashing the IP packet header fields with a - secure hashing function. This is then followed by an - additional header that contains the hash, to allow the - information in the packet to be authenticated. - + IPsec is comprised of the following + sub-protocols: - - IP Payload Compression Protocol - (IPComp): this protocol - tries to increase communication performance by compressing - the IP payload in order ro reduce the - amount of data sent. - - + + + Encapsulated Security Payload + (ESP): this protocol protects + the IP packet data from third party + interference by encrypting the contents using symmetric + cryptography algorithms such as Blowfish and + 3DES. + + + + Authentication Header + (AH)): this protocol protects + the IP packet header from third party + interference and spoofing by computing a cryptographic + checksum and hashing the IP packet + header fields with a secure hashing function. This is then + followed by an additional header that contains the hash, to + allow the information in the packet to be + authenticated. + + + + IP Payload Compression Protocol + (IPComp): this protocol tries + to increase communication performance by compressing the + IP payload in order ro reduce the + amount of data sent. + + - These protocols can - either be used together or separately, depending on the - environment. + These protocols can either be used together or separately, + depending on the environment. - - VPN - + + VPN + - - virtual private network - VPN - + + virtual private network + VPN + - IPsec supports two modes of operation. - The first mode, Transport Mode, - protects communications between two hosts. The second mode, - Tunnel Mode, is used to build virtual tunnels, - commonly known as Virtual Private Networks - (VPNs). Consult &man.ipsec.4; - for detailed information on the IPsec subsystem in - &os;. - - To add IPsec support to the kernel, add the following - options to the custom kernel configuration file and rebuild - the kernel using the instructions in : + IPsec supports two modes of operation. + The first mode, Transport Mode, protects + communications between two hosts. The second mode, + Tunnel Mode, is used to build virtual + tunnels, commonly known as Virtual Private Networks + (VPNs). Consult &man.ipsec.4; for detailed + information on the IPsec subsystem in + &os;. + + To add IPsec support to the kernel, add + the following options to the custom kernel configuration file + and rebuild the kernel using the instructions in : - - kernel options - IPSEC - + + kernel options + IPSEC + - options IPSEC #IP security + options IPSEC #IP security device crypto - - kernel options - IPSEC_DEBUG - - - If IPsec debugging support is desired, the following - kernel option should also be added: + + kernel options + IPSEC_DEBUG + - options IPSEC_DEBUG #debug for IP security + If IPsec debugging support is desired, + the following kernel option should also be added: - This rest of this chapter demonstrates the process of - setting up an IPsec VPN - between a home network and a corporate - network. In the example scenario: + options IPSEC_DEBUG #debug for IP security - - - Both sites are connected to the Internet through a - gateway that is running &os;. - - - - The gateway on each network has at least one external - IP address. In this example, the corporate LAN's - external IP address is This rest of this chapter demonstrates the process of + setting up an IPsec VPN + between a home network and a corporate network. In the example + scenario: + + + + Both sites are connected to the Internet through a + gateway that is running &os;. + + + + The gateway on each network has at least one external + IP address. In this example, the + corporate LAN's external + IP address is 172.16.5.4 and the home LAN's external IP address is 192.168.1.12. - + - - The internal addresses of the two networks can be - either public or private IP addresses. However, the - address space must not collide. For example, both - networks cannot use 192.168.1.x. In this - example, the corporate LAN's - internal IP address is + The internal addresses of the two networks can be either + public or private IP addresses. However, + the address space must not collide. For example, both + networks cannot use 192.168.1.x. In this + example, the corporate LAN's internal + IP address is 10.246.38.1 and the home LAN's internal IP - address is 10.0.0.5. - - + address is 10.0.0.5. + + - - - Configuring a <acronym>VPN</acronym> on &os; + + + Configuring a <acronym>VPN</acronym> on &os; TomRhodes
            trhodes@FreeBSD.org
            Written by             -             +             - To begin, security/ipsec-tools - must be installed from the Ports Collection. This software - provides a number of applications which support the - configuration. - - The next requirement is to create two &man.gif.4; - pseudo-devices which will be used to tunnel packets and - allow both networks to communicate properly. As root, run the following - commands, replacing internal and - external with the real IP - addresses of the internal and external interfaces of the two - gateways: + To begin, security/ipsec-tools must be + installed from the Ports Collection. This software provides a + number of applications which support the configuration. + + The next requirement is to create two &man.gif.4; + pseudo-devices which will be used to tunnel packets and allow + both networks to communicate properly. As root, run the following + commands, replacing internal and + external with the real IP + addresses of the internal and external interfaces of the two + gateways: - &prompt.root; ifconfig gif0 create + &prompt.root; ifconfig gif0 create &prompt.root; ifconfig gif0 internal1 internal2 &prompt.root; ifconfig gif0 tunnel external1 external2 - Verify the setup on each gateway, using - ifconfig. Here is the output from Gateway 1: + Verify the setup on each gateway, using + ifconfig. Here is the output from Gateway + 1: - gif0: flags=8051 mtu 1280 + gif0: flags=8051 mtu 1280 tunnel inet 172.16.5.4 --> 192.168.1.12 inet6 fe80::2e0:81ff:fe02:5881%gif0 prefixlen 64 scopeid 0x6 inet 10.246.38.1 --> 10.0.0.5 netmask 0xffffff00 - Here is the output from Gateway 2: + Here is the output from Gateway 2: - gif0: flags=8051 mtu 1280 + gif0: flags=8051 mtu 1280 tunnel inet 192.168.1.12 --> 172.16.5.4 inet 10.0.0.5 --> 10.246.38.1 netmask 0xffffff00 inet6 fe80::250:bfff:fe3a:c1f%gif0 prefixlen 64 scopeid 0x4 - Once complete, both internal IP - addresses should be reachable using &man.ping.8;: + Once complete, both internal IP + addresses should be reachable using &man.ping.8;: - priv-net# ping 10.0.0.5 + priv-net# ping 10.0.0.5 PING 10.0.0.5 (10.0.0.5): 56 data bytes 64 bytes from 10.0.0.5: icmp_seq=0 ttl=64 time=42.786 ms 64 bytes from 10.0.0.5: icmp_seq=1 ttl=64 time=19.255 ms @@ -2209,23 +2217,23 @@ PING 10.246.38.1 (10.246.38.1): 56 data 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 28.106/94.594/154.524/49.814 ms - As expected, both sides have the ability to send and - receive ICMP packets from the privately - configured addresses. Next, both gateways must be told how - to route packets in order to correctly send traffic from - either network. The following commands will achieve this - goal: + As expected, both sides have the ability to send and + receive ICMP packets from the privately + configured addresses. Next, both gateways must be told how to + route packets in order to correctly send traffic from either + network. The following commands will achieve this + goal: - &prompt.root; corp-net# route add 10.0.0.0 10.0.0.5 255.255.255.0 + &prompt.root; corp-net# route add 10.0.0.0 10.0.0.5 255.255.255.0 &prompt.root; corp-net# route add net 10.0.0.0: gateway 10.0.0.5 &prompt.root; priv-net# route add 10.246.38.0 10.246.38.1 255.255.255.0 &prompt.root; priv-net# route add host 10.246.38.0: gateway 10.246.38.1 - At this point, internal machines should be reachable - from each gateway as well as from machines behind the - gateways. Again, use &man.ping.8; to confirm: + At this point, internal machines should be reachable from + each gateway as well as from machines behind the gateways. + Again, use &man.ping.8; to confirm: - corp-net# ping 10.0.0.8 + corp-net# ping 10.0.0.8 PING 10.0.0.8 (10.0.0.8): 56 data bytes 64 bytes from 10.0.0.8: icmp_seq=0 ttl=63 time=92.391 ms 64 bytes from 10.0.0.8: icmp_seq=1 ttl=63 time=21.870 ms @@ -2247,15 +2255,15 @@ PING 10.246.38.1 (10.246.38.107): 56 dat 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 21.145/31.721/53.491/12.179 ms - Setting up the tunnels is the easy part. Configuring a - secure link is a more in depth process. The following - configuration uses pre-shared (PSK) - RSA keys. Other than the - IP addresses, the - /usr/local/etc/racoon/racoon.conf on - both gateways will be identical and look similar to: + Setting up the tunnels is the easy part. Configuring a + secure link is a more in depth process. The following + configuration uses pre-shared (PSK) + RSA keys. Other than the + IP addresses, the + /usr/local/etc/racoon/racoon.conf on both + gateways will be identical and look similar to: - path pre_shared_key "/usr/local/etc/racoon/psk.txt"; #location of pre-shared key file + path pre_shared_key "/usr/local/etc/racoon/psk.txt"; #location of pre-shared key file log debug; #log verbosity setting: set to 'notify' when testing and debugging is complete padding # options are not to be changed @@ -2313,33 +2321,33 @@ sainfo (address 10.246.38.0/24 any addr compression_algorithm deflate; } - For descriptions of each available option, refer to the - manual page for racoon.conf. + For descriptions of each available option, refer to the + manual page for racoon.conf. - The Security Policy Database (SPD) - needs to be configured so that &os; and - racoon are able to encrypt and - decrypt network traffic between the hosts. - - This can be achieved with a shell script, similar to the - following, on the corporate gateway. This file will be used - during system initialization and should be saved as - /usr/local/etc/racoon/setkey.conf. + The Security Policy Database (SPD) + needs to be configured so that &os; and + racoon are able to encrypt and + decrypt network traffic between the hosts. + + This can be achieved with a shell script, similar to the + following, on the corporate gateway. This file will be used + during system initialization and should be saved as + /usr/local/etc/racoon/setkey.conf. - flush; + flush; spdflush; # To the home network spdadd 10.246.38.0/24 10.0.0.0/24 any -P out ipsec esp/tunnel/172.16.5.4-192.168.1.12/use; spdadd 10.0.0.0/24 10.246.38.0/24 any -P in ipsec esp/tunnel/192.168.1.12-172.16.5.4/use; - Once in place, racoon may be - started on both gateways using the following command: + Once in place, racoon may be + started on both gateways using the following command: - &prompt.root; /usr/local/sbin/racoon -F -f /usr/local/etc/racoon/racoon.conf -l /var/log/racoon.log + &prompt.root; /usr/local/sbin/racoon -F -f /usr/local/etc/racoon/racoon.conf -l /var/log/racoon.log - The output should be similar to the following: + The output should be similar to the following: - corp-net# /usr/local/sbin/racoon -F -f /usr/local/etc/racoon/racoon.conf + corp-net# /usr/local/sbin/racoon -F -f /usr/local/etc/racoon/racoon.conf Foreground mode. 2006-01-30 01:35:47: INFO: begin Identity Protection mode. 2006-01-30 01:35:48: INFO: received Vendor ID: KAME/racoon @@ -2352,43 +2360,43 @@ Foreground mode. 2006-01-30 01:36:18: INFO: IPsec-SA established: ESP/Tunnel 192.168.1.12[0]->172.16.5.4[0] spi=124397467(0x76a279b) 2006-01-30 01:36:18: INFO: IPsec-SA established: ESP/Tunnel 172.16.5.4[0]->192.168.1.12[0] spi=175852902(0xa7b4d66) - To ensure the tunnel is working properly, switch to - another console and use &man.tcpdump.1; to view network - traffic using the following command. Replace - em0 with the network interface card as - required: - - &prompt.root; tcpdump -i em0 host 172.16.5.4 and dst 192.168.1.12 - - Data similar to the following should appear on the - console. If not, there is an issue and debugging the - returned data will be required. + To ensure the tunnel is working properly, switch to + another console and use &man.tcpdump.1; to view network + traffic using the following command. Replace + em0 with the network interface card as + required: + + &prompt.root; tcpdump -i em0 host 172.16.5.4 and dst 192.168.1.12 + + Data similar to the following should appear on the + console. If not, there is an issue and debugging the + returned data will be required. - 01:47:32.021683 IP corporatenetwork.com > 192.168.1.12.privatenetwork.com: ESP(spi=0x02acbf9f,seq=0xa) + 01:47:32.021683 IP corporatenetwork.com > 192.168.1.12.privatenetwork.com: ESP(spi=0x02acbf9f,seq=0xa) 01:47:33.022442 IP corporatenetwork.com > 192.168.1.12.privatenetwork.com: ESP(spi=0x02acbf9f,seq=0xb) 01:47:34.024218 IP corporatenetwork.com > 192.168.1.12.privatenetwork.com: ESP(spi=0x02acbf9f,seq=0xc) - At this point, both networks should be available and - seem to be part of the same network. Most likely both - networks are protected by a firewall. To allow traffic to - flow between them, rules need to be added to pass packets. - For the &man.ipfw.8; firewall, add the following lines to - the firewall configuration file: + At this point, both networks should be available and seem + to be part of the same network. Most likely both networks are + protected by a firewall. To allow traffic to flow between + them, rules need to be added to pass packets. For the + &man.ipfw.8; firewall, add the following lines to the firewall + configuration file: - ipfw add 00201 allow log esp from any to any + ipfw add 00201 allow log esp from any to any ipfw add 00202 allow log ah from any to any ipfw add 00203 allow log ipencap from any to any ipfw add 00204 allow log udp from any 500 to any - - The rule numbers may need to be altered depending on - the current host configuration. - + + The rule numbers may need to be altered depending on the + current host configuration. + - For users of &man.pf.4; or &man.ipf.8;, the following - rules should do the trick: + For users of &man.pf.4; or &man.ipf.8;, the following + rules should do the trick: - pass in quick proto esp from any to any + pass in quick proto esp from any to any pass in quick proto ah from any to any pass in quick proto ipencap from any to any pass in quick proto udp from any port = 500 to any port = 500 @@ -2399,11 +2407,11 @@ pass out quick proto ipencap from any to pass out quick proto udp from any port = 500 to any port = 500 pass out quick on gif0 from any to any - Finally, to allow the machine to start support for the - VPN during system initialization, add the - following lines to /etc/rc.conf: + Finally, to allow the machine to start support for the + VPN during system initialization, add the + following lines to /etc/rc.conf: - ipsec_enable="YES" + ipsec_enable="YES" ipsec_program="/usr/local/sbin/setkey" ipsec_file="/usr/local/etc/racoon/setkey.conf" # allows setting up spd policies on boot racoon_enable="yes" From owner-svn-doc-all@FreeBSD.ORG Wed Apr 23 14:57:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DC654627; Wed, 23 Apr 2014 14:57:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B975B10CB; Wed, 23 Apr 2014 14:57:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3NEvNKx087607; Wed, 23 Apr 2014 14:57:23 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3NEvNr4087606; Wed, 23 Apr 2014 14:57:23 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404231457.s3NEvNr4087606@svn.freebsd.org> From: Dru Lavigne Date: Wed, 23 Apr 2014 14:57:23 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44632 - head/en_US.ISO8859-1/books/arch-handbook/usb X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Apr 2014 14:57:23 -0000 Author: dru Date: Wed Apr 23 14:57:23 2014 New Revision: 44632 URL: http://svnweb.freebsd.org/changeset/doc/44632 Log: Update URLs in USB sections and put them in Synopsis. Fix some typos and inconsistencies noted in PR119545. Add sentence indicating that this chapter discusses 2.0 implementation. This whole chapter still needs an update for the 3.x implementation. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/arch-handbook/usb/chapter.xml Modified: head/en_US.ISO8859-1/books/arch-handbook/usb/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/arch-handbook/usb/chapter.xml Tue Apr 22 20:03:45 2014 (r44631) +++ head/en_US.ISO8859-1/books/arch-handbook/usb/chapter.xml Wed Apr 23 14:57:23 2014 (r44632) @@ -80,10 +80,34 @@ for the generic classes available in their operating system MacOS and discouraging the use of separate drivers for each new device. This chapter tries to collate essential information for a - basic understanding of the present implementation of the USB + basic understanding of the USB 2.0 implementation stack in FreeBSD/NetBSD. It is recommended however to read it - together with the relevant specifications mentioned in the - references below. + together with the relevant 2.0 specifications and other + developer resources: + + + + USB 2.0 Specification (http://www.usb.org/developers/docs/usb20_docs/) + + + + Universal Host Controller Interface + (UHCI) Specification (ftp://ftp.netbsd.org/pub/NetBSD/misc/blymn/uhci11d.pdf) + + + + Open Host Controller Interface (OHCI) + Specification(ftp://ftp.compaq.com/pub/supportinformation/papers/hcir1_0a.pdf) + + + + Developer section of USB home page (http://www.usb.org/developers/) + + Structure of the USB Stack @@ -132,12 +156,11 @@ which the recipient of the data can return either ACK (acknowledge reception), NAK (retry), STALL (error condition) or nothing (garbled data stage, device not available or - disconnected). Section 8.5 of the USB - specification explains the details of packets in more + disconnected). Section 8.5 of the USB 2.0 Specification + explains the details of packets in more detail. Four different types of transfers can occur on a USB bus: control, bulk, interrupt and isochronous. The types of - transfers and their characteristics are described below (`Pipes' - subsection). + transfers and their characteristics are described below. Large transfers between the device on the USB bus and the device driver are split up into multiple packets by the host @@ -154,16 +177,17 @@ root ports and the changes that have occurred since the last reset of the status change register. Access to these registers is provided through a virtualised hub as suggested in the USB - specification [ 2]. The virtual hub must comply with the hub + specification. The virtual hub must comply with the hub device class given in chapter 11 of that specification. It must provide a default pipe through which device requests can be sent to it. It returns the standard andhub class specific set of descriptors. It should also provide an interrupt pipe that reports changes happening at its ports. There are currently two - specifications for host controllers available: Universal - Host Controller Interface (UHCI; Intel) and Open - Host Controller Interface (OHCI; Compaq, Microsoft, - National Semiconductor). The UHCI specification has been + specifications for host controllers available: Universal Host + Controller Interface (UHCI) from Intel + and Open Host Controller Interface (OHCI) + from Compaq, Microsoft, and National + Semiconductor. The UHCI specification has been designed to reduce hardware complexity by requiring the host controller driver to supply a complete schedule of the transfers for each frame. OHCI type controllers are much more independent @@ -220,8 +244,8 @@ service routine will locate all the finished transfers and call their callbacks. - See for a more elaborate description the UHCI - specification. + Refer to the UHCI Specification for a + more elaborate description. @@ -239,14 +263,13 @@ the controller hardware does the splitting into packets. The pointers to the data buffers are updated after each transfer and when the start and end pointer are equal, the TD is - retired to the done-queue. The four types of endpoints have - their own queues. Control and bulk endpoints are queued each at + retired to the done-queue. The four types of endpoints + (interrupt, isochronous, control, and bulk) have their + own queues. Control and bulk endpoints are queued each at their own queue. Interrupt EDs are queued in a tree, with the level in the tree defining the frequency at which they run. - framelist interruptisochronous control bulk - The schedule being run by the host controller in each frame looks as follows. The controller will first run the non-periodic control and bulk queues, up to a time limit set @@ -263,8 +286,8 @@ transfer and reschedule interrupt and isochronous endpoints. - See for a more elaborate description the - OHCI specification. Services layer The middle layer + See the UHCI Specification for a more + elaborate description. The middle layer provides access to the device in a controlled way and maintains resources in use by the different drivers and the services layer. The layer takes care of the following @@ -303,7 +326,7 @@ provide different frame sizes and numbers of frames per second. - Within each interface 0 or more endpoints can be + Within each interface, 0 or more endpoints can be specified. Endpoints are the unidirectional access points for communicating with a device. They provide buffers to temporarily store incoming or outgoing data from the @@ -312,14 +335,16 @@ default endpoint, endpoint 0, is not part of any interface and available in all configurations. It is managed by the services layer and not directly available to device drivers. - + This hierarchical configuration information is described in the device by a standard set of descriptors (see section 9.6 - of the USB specification [ 2]). They can be requested through + of the USB specification). They can be requested through the Get Descriptor Request. The services layer caches these descriptors to avoid unnecessary transfers on the USB bus. Access to the descriptors is provided through function @@ -403,10 +428,10 @@ (endpoint 0). The pipe carries the device requests and associated data. The difference between transfers over the default pipe and other pipes is that the protocol for - the transfers is described in the USB specification [ 2]. These + the transfers is described in the USB specification. These requests are used to reset and configure the device. A basic set of commands that must be supported by each device is - provided in chapter 9 of the USB specification [ 2]. The + provided in chapter 9 of the USB specification. The commands supported on this pipe can be extended by a device class specification to support additional functionality. @@ -444,9 +469,9 @@ bandwidth. More information on scheduling of transfers and bandwidth - reclamation can be found in chapter 5of the USB specification - [ 2], section 1.3 of the UHCI specification [ 3] and section - 3.4.2 of the OHCI specification [4]. + reclamation can be found in chapter 5of the USB specification, + section 1.3 of the UHCI specification, and section + 3.4.2 of the OHCI specification.             @@ -528,18 +553,18 @@ The protocol used over pipes other than the default pipe is undefined by the USB specification. Information on this can be found from various sources. The most accurate source is the - developer's section on the USB home pages [ 1]. From these pages - a growing number of deviceclass specifications are + developer's section on the USB home pages. + From these pages, a growing number of deviceclass specifications are available. These specifications specify what a compliant device should look like from a driver perspective, basic functionality it needs to provide and the protocol that is to be used over the - communication channels. The USB specification [ 2] includes the + communication channels. The USB specification includes the description of the Hub Class. A class specification for Human Interface Devices (HID) has been created to cater for keyboards, tablets, bar-code readers, buttons, knobs, switches, etc. A third example is the class specification for mass storage devices. For a full list of device classes see the developers - section on the USB home pages [ 1]. + section on the USB home pages. For many devices the protocol information has not yet been published however. Information on the protocol being used might From owner-svn-doc-all@FreeBSD.ORG Wed Apr 23 15:17:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9AF64B7F; Wed, 23 Apr 2014 15:17:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 86D0D12B8; Wed, 23 Apr 2014 15:17:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3NFHaYX095977; Wed, 23 Apr 2014 15:17:36 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3NFHahP095976; Wed, 23 Apr 2014 15:17:36 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404231517.s3NFHahP095976@svn.freebsd.org> From: Warren Block Date: Wed, 23 Apr 2014 15:17:36 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44633 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Apr 2014 15:17:36 -0000 Author: wblock Date: Wed Apr 23 15:17:36 2014 New Revision: 44633 URL: http://svnweb.freebsd.org/changeset/doc/44633 Log: Add gptboot(8) entity. Modified: head/share/xml/man-refs.ent Modified: head/share/xml/man-refs.ent ============================================================================== --- head/share/xml/man-refs.ent Wed Apr 23 14:57:23 2014 (r44632) +++ head/share/xml/man-refs.ent Wed Apr 23 15:17:36 2014 (r44633) @@ -4403,6 +4403,7 @@ gnop8"> gpart8"> gpt8"> +gptboot8"> graid8"> graid38"> growfs8"> From owner-svn-doc-all@FreeBSD.ORG Wed Apr 23 15:28:20 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DA324EC1; Wed, 23 Apr 2014 15:28:20 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C5BFC13A0; Wed, 23 Apr 2014 15:28:20 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3NFSKNv000323; Wed, 23 Apr 2014 15:28:20 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3NFSKZC000322; Wed, 23 Apr 2014 15:28:20 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404231528.s3NFSKZC000322@svn.freebsd.org> From: Warren Block Date: Wed, 23 Apr 2014 15:28:20 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44634 - head/en_US.ISO8859-1/books/handbook/ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Apr 2014 15:28:20 -0000 Author: wblock Date: Wed Apr 23 15:28:20 2014 New Revision: 44634 URL: http://svnweb.freebsd.org/changeset/doc/44634 Log: Link to the Subversion mirrors page by ID, rather than a static (and broken) URL. Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Wed Apr 23 15:17:36 2014 (r44633) +++ head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Wed Apr 23 15:28:20 2014 (r44634) @@ -968,8 +968,7 @@ Deinstalling ca_root_nss-3.15.1_1... don Check out a copy of the ports tree. For better performance, replace svn0.us-east.FreeBSD.org with a - Subversion + Subversion mirror close to your geographic location: &prompt.root; svn checkout https://svn0.us-east.FreeBSD.org/ports/head /usr/ports From owner-svn-doc-all@FreeBSD.ORG Wed Apr 23 17:04:03 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 317A96C6; Wed, 23 Apr 2014 17:04:03 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1BFCA1E16; Wed, 23 Apr 2014 17:04:03 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3NH42s2040729; Wed, 23 Apr 2014 17:04:02 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3NH42TB040728; Wed, 23 Apr 2014 17:04:02 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404231704.s3NH42TB040728@svn.freebsd.org> From: Dru Lavigne Date: Wed, 23 Apr 2014 17:04:02 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44635 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Apr 2014 17:04:03 -0000 Author: dru Date: Wed Apr 23 17:04:02 2014 New Revision: 44635 URL: http://svnweb.freebsd.org/changeset/doc/44635 Log: Editorial review of USB Storage Devices chapter. Update examples. Add note for xhci. Incorporate resources into context. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 23 15:28:20 2014 (r44634) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 23 17:04:02 2014 (r44635) @@ -431,70 +431,70 @@ super-block backups (for fsck -b #) at: Many external storage solutions, such as hard drives, - USB thumbdrives, and CD/DVD burners, use the + USB thumbdrives, and CD + and DVD burners, use the Universal Serial Bus (USB). &os; provides - support for these devices. + support for USB 1.x, 2.0, and 3.0 devices. - - Configuration - - The USB mass storage devices driver, - &man.umass.4;, is built into the GENERIC - kernel and provides support for USB storage - devices. For a custom kernel, be sure that the following + + USB 3.0 support is not compatible with + some hardware, including Haswell (Lynx point) chipsets. If + &os; boots with a failed with error 19 + message, disable xHCI/USB3 in the system + BIOS. + + + Support for USB storage devices + is built into the GENERIC + kernel. For a custom kernel, be sure that the following lines are present in the kernel configuration file: - device scbus -device da -device pass -device uhci -device ohci -device ehci -device usb -device umass - - Since the &man.umass.4; driver uses the - SCSI subsystem to access the - USB storage devices, any + device scbus # SCSI bus (required for ATA/SCSI) +device da # Direct Access (disks) +device pass # Passthrough device (direct ATA/SCSI access) +device uhci # provides USB 1.x support +device ohci # provides USB 1.x support +device ehci # provides USB 2.0 support +device xhci # provides USB 3.0 support +device usb # USB Bus (required) +device umass # Disks/Mass storage - Requires scbus and da +device cd # needed for CD and DVD burners + + &os; uses the &man.umass.4; driver which uses the + SCSI subsystem to access + USB storage devices. Since any USB device will be seen as a - SCSI device by the system. Depending on - the USB chipset on the motherboard, - device uhci or - device ohci is used to provide - USB 1.X support. Support for - USB 2.0 controllers is provided by - device ehci. - - - If the USB device is a - CD or DVD burner, - &man.cd.4;, must be added to the kernel via the line: - - device cd - - Since the burner is seen as a SCSI - drive, the driver &man.atapicam.4; should not be used in the - kernel configuration. - - + SCSI device by the system, + if the USB device is a + CD or DVD burner, do + not include + in a custom kernel configuration file. + + The rest of this section demonstrates how to verify that a + USB storage device is recognized by &os; and + how to configure the device so that it can be used. - Testing the Configuration + Device Configuration To test the USB configuration, plug in - the USB device. In the system message - buffer, &man.dmesg.8;, the drive should appear as something - like: - - umass0: USB Solid state disk, rev 1.10/1.00, addr 2 -GEOM: create disk da0 dp=0xc2d74850 -da0 at umass-sim0 bus 0 target 0 lun 0 -da0: <Generic Traveling Disk 1.11> Removable Direct Access SCSI-2 device -da0: 1.000MB/s transfers -da0: 126MB (258048 512 byte sectors: 64H 32S/T 126C) + the USB device. Use + dmesg to confirm that the drive appears in + the system message buffer. It should look something + like this: + + umass0: <STECH Simple Drive, class 0/0, rev 2.00/1.04, addr 3> on usbus0 +umass0: SCSI over Bulk-Only; quirks = 0x0100 +umass0:4:0:-1: Attached to scbus4 +da0 at umass-sim0 bus 0 scbus4 target 0 lun 0 +da0: <STECH Simple Drive 1.04> Fixed Direct Access SCSI-4 device +da0: Serial Number WD-WXE508CAN263 +da0: 40.000MB/s transfers +da0: 152627MB (312581808 512 byte sectors: 255H 63S/T 19457C) +da0: quirks=0x2<NO_6_BYTE> - The brand, device node (da0), and - other details will differ according to the device. + The brand, device node (da0), speed, + and size will differ according to the device. Since the USB device is seen as a SCSI one, camcontrol can @@ -502,26 +502,36 @@ da0: 126MB (258048 512 byte sectors: 64H attached to the system: &prompt.root; camcontrol devlist -<Generic Traveling Disk 1.11> at scbus0 target 0 lun 0 (da0,pass0) +<STECH Simple Drive 1.04> at scbus4 target 0 lun 0 (pass3,da0)             + + Alternately, usbconfig can be used to + list the device. Refer to &man.usbconfig.8; for more + information about this command. - If the drive comes with a file system, it can be mounted. - Refer to for instructions on + &prompt.root; usbconfig +ugen0.3: <Simple Drive STECH> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=ON (2mA) + + If the device has not been formatted, + refer to for instructions on how to format and create partitions on the - USB drive. + USB drive. If the drive comes with a file + system, it can be mounted by root using the + instructions in . Allowing untrusted users to mount arbitrary media, by enabling vfs.usermount as described below, should not be considered safe from a - security point of view. Most file systems in &os; were not + security point of view. Most file systems were not built to safeguard against malicious devices. To make the device mountable as a normal user, one solution is to make all users of the device a member of the operator group - using &man.pw.8;. Next, ensure that the operator group is able to + using &man.pw.8;. Next, ensure that operator is able to read and write the device by adding these lines to /etc/devfs.rules: @@ -529,31 +539,37 @@ da0: 126MB (258048 512 byte sectors: 64H add path 'da*' mode 0660 group operator - If SCSI disks are installed in the + If internal SCSI disks are also installed in the system, change the second line as follows: - add path 'da[3-9]*' mode 0660 group operator + add path 'da[3-9]*' mode 0660 group operator This will exclude the first three SCSI disks (da0 to da2)from belonging to the operator group. + class="groupname">operator group. Replace + 3 with the number of internal + SCSI disks. Refer to &man.devfs.rules.5; + for more information about this file. - Next, enable the &man.devfs.rules.5; ruleset in + Next, enable the ruleset in /etc/rc.conf: devfs_system_ruleset="localrules" - Next, instruct the running kernel to allow regular users - to mount file systems. The easiest way is to add the + Then, instruct the system to allow regular users + to mount file systems by adding the following line to /etc/sysctl.conf: vfs.usermount=1 - Since this only takes effect after the next reboot use - &man.sysctl.8; to set this variable now. + Since this only takes effect after the next reboot, use + sysctl to set this variable now: + + &prompt.root; sysctl vfs.usermount=1 +vfs.usermount: 0 -> 1 The final step is to create a directory where the file system is to be mounted. This directory needs to be owned by @@ -571,32 +587,24 @@ add path 'da*' mode 0660 group operator< Suppose a USB thumbdrive is plugged in, and a device /dev/da0s1 appears. If the - device is preformatted with a FAT file system, it can be - mounted using: + device is formatted with a FAT file system, the user can + mount it using: &prompt.user; mount -t msdosfs -o -m=644,-M=755 /dev/da0s1 /mnt/username Before the device can be unplugged, it - must be unmounted first. After device + must be unmounted first: + + &prompt.user; umount /mnt/username + + After device removal, the system message buffer will show messages similar to the following: - umass0: at uhub0 port 1 (addr 2) disconnected -(da0:umass-sim0:0:0:0): lost device -(da0:umass-sim0:0:0:0): removing device entry -GEOM: destroy disk da0 dp=0xc2d74850 -umass0: detached - - - - Further Reading - - Beside the Adding - Disks and Mounting and - Unmounting File Systems sections, reading various - manual pages may also be useful: &man.umass.4;, - &man.camcontrol.8;, and &man.usbconfig.8; under &os;  8.X - or &man.usbdevs.8; under earlier versions of &os;. + umass0: at uhub3, port 2, addr 3 (disconnected) +da0 at umass-sim0 bus 0 scbus4 target 0 lun 0 +da0: <STECH Simple Drive 1.04> s/n WD-WXE508CAN263 detached +(da0:umass-sim0:0:0:0): Periph destroyed From owner-svn-doc-all@FreeBSD.ORG Wed Apr 23 18:16:35 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8A0858BA; Wed, 23 Apr 2014 18:16:35 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 755DE165F; Wed, 23 Apr 2014 18:16:35 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3NIGZ85070230; Wed, 23 Apr 2014 18:16:35 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3NIGZQE070229; Wed, 23 Apr 2014 18:16:35 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404231816.s3NIGZQE070229@svn.freebsd.org> From: Dru Lavigne Date: Wed, 23 Apr 2014 18:16:35 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44636 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Apr 2014 18:16:35 -0000 Author: dru Date: Wed Apr 23 18:16:34 2014 New Revision: 44636 URL: http://svnweb.freebsd.org/changeset/doc/44636 Log: Initial prep work for CD chapter. Move ATAPI section to beginning. This section will be reworked to describe what is needed for supported devices, including the changes for 10.x. Rename some headings to indicate the type of device it applies to. More commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 23 17:04:02 2014 (r44635) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 23 18:16:34 2014 (r44636) @@ -629,75 +629,126 @@ da0: <STECH Simple Drive 1.04> s/n CD media provide a number of features - that differentiate them from conventional disks. Initially, - they were not writable by the user. They are designed so that + that differentiate them from conventional disks. They are designed so that they can be read continuously without delays to move the head - between tracks. They are also much easier to transport - between systems. + between tracks. While CD media do have tracks, these refer + to a section of data to be read continuously, and not a physical + property of the disk. The ISO 9660 file system was designed to deal with these + differences. - CD media do have tracks, but this refers - to a section of data to be read continuously and not a physical - property of the disk. For example, to produce a - CD on &os;, prepare the data files that are - going to make up the tracks on the CD, then - write the tracks to the CD. - - ISO 9660 + ISO 9660 file systems ISO 9660 - The ISO 9660 file system was designed to deal with these - differences. To overcome the original file system limits, it - provides an extension mechanism that allows properly written - CDs to exceed those limits while still - working with systems that do not support those - extensions. - - - sysutils/cdrtools - - - The sysutils/cdrtools port includes - &man.mkisofs.8;, a program that can be used to produce a data - file containing an ISO 9660 file system. It has options that - support various extensions, and is described below. - CD burner ATAPI - Which tool to use to burn the CD depends - on whether the CD burner is - ATAPI or something else. - ATAPI CD burners use - burncd which is part of the base system. - SCSI and USB - CD burners should use - cdrecord from the - sysutils/cdrtools port. It is also possible - to use cdrecord and other tools for - SCSI drives on ATAPI - hardware with the ATAPI/CAM - module. - - For CD burning software with a graphical - user interface, consider X-CD-Roast - or K3b. These tools are available as - packages or from the sysutils/xcdroast and - sysutils/k3b ports. - X-CD-Roast and - K3b require the ATAPI/CAM module with - ATAPI hardware. + The &os; Ports Collection provides several utilities for + burning and duplicating audio and data CDs. + Which tool to use to burn a CD depends + on whether the CD burner is an + ATAPI, SCSI, or + USB device. This chapter demonstrates the use + of several command line utilities. For CD + burning software with a graphical, consider installing the + sysutils/xcdroast or + sysutils/k3b packages or ports. + + + + Supported Devices + + + + + Marc + Fonvieille + + Contributed by + + + + + + CD burner + ATAPI/CAM driver + + + This driver allows ATAPI devices, such + as CD/DVD drives, to be accessed through the + SCSI subsystem, and so allows the use of + applications like sysutils/cdrdao or + &man.cdrecord.1;. + + To use this driver, add the following line to + /boot/loader.conf: + + atapicam_load="YES" + + then, reboot the system. + + + Users who prefer to statically compile &man.atapicam.4; + support into the kernel, should add this line to the + kernel configuration file: + + device atapicam + + Ensure the following lines are still in the kernel + configuration file: + + device ata +device scbus +device cd +device pass + + Then rebuild, install the new kernel, and reboot the + machine. + + + During the boot process, the burner should show up, like + so: + + acd0: CD-RW <MATSHITA CD-RW/DVD-ROM UJDA740> at ata1-master PIO4 +cd0 at ata1 bus 0 target 0 lun 0 +cd0: <MATSHITA CDRW/DVD UJDA740 1.00> Removable CD-ROM SCSI-0 device +cd0: 16.000MB/s transfers +cd0: Attempt to query device size failed: NOT READY, Medium not present - tray closed + + The drive can now be accessed via the + /dev/cd0 device name. For example, to + mount a CD-ROM on + /mnt, type the following: + + &prompt.root; mount -t cd9660 /dev/cd0 /mnt + + As root, run the + following command to get the SCSI address + of the burner: + + &prompt.root; camcontrol devlist +<MATSHITA CDRW/DVD UJDA740 1.00> at scbus1 target 0 lun 0 (pass0,cd0) + + In this example, 1,0,0 is the + SCSI address to use with &man.cdrecord.1; + and other SCSI applications. + + For more information about ATAPI/CAM and + SCSI system, refer to &man.atapicam.4; and + &man.cam.4;. + - <application>mkisofs</application> + Creating an <acronym>ISO</acronym> File System - The sysutils/cdrtools - port also installs &man.mkisofs.8;, which produces an ISO 9660 + In order to produce a data CD, the data files that are + going to make up the tracks on the CD must be prepared then + written to the CD. In &os;, the sysutils/cdrtools + package or port installs mkisofs, which produces an ISO 9660 file system that is an image of a directory tree in the &unix; file system name space. The simplest usage is: @@ -779,7 +830,7 @@ da0: <STECH Simple Drive 1.04> s/n - <application>burncd</application> + Using an <acronym>ATAPI</acronym> Burner CD-ROMs @@ -804,7 +855,7 @@ da0: <STECH Simple Drive 1.04> s/n - <application>cdrecord</application> + Using a <acronym>USB</acronym> or <acronym>SCSI</acronym> Burner For systems without an ATAPI CD burner, cdrecord can @@ -1067,90 +1118,6 @@ scsibus1: operating system, &man.mkisofs.8; must be used as described above. - - - - Using the ATAPI/CAM Driver - - - - - Marc - Fonvieille - - Contributed by - - - - - - CD burner - ATAPI/CAM driver - - - This driver allows ATAPI devices, such - as CD/DVD drives, to be accessed through the - SCSI subsystem, and so allows the use of - applications like sysutils/cdrdao or - &man.cdrecord.1;. - - To use this driver, add the following line to - /boot/loader.conf: - - atapicam_load="YES" - - then, reboot the system. - - - Users who prefer to statically compile &man.atapicam.4; - support into the kernel, should add this line to the - kernel configuration file: - - device atapicam - - Ensure the following lines are still in the kernel - configuration file: - - device ata -device scbus -device cd -device pass - - Then rebuild, install the new kernel, and reboot the - machine. - - - During the boot process, the burner should show up, like - so: - - acd0: CD-RW <MATSHITA CD-RW/DVD-ROM UJDA740> at ata1-master PIO4 -cd0 at ata1 bus 0 target 0 lun 0 -cd0: <MATSHITA CDRW/DVD UJDA740 1.00> Removable CD-ROM SCSI-0 device -cd0: 16.000MB/s transfers -cd0: Attempt to query device size failed: NOT READY, Medium not present - tray closed - - The drive can now be accessed via the - /dev/cd0 device name. For example, to - mount a CD-ROM on - /mnt, type the following: - - &prompt.root; mount -t cd9660 /dev/cd0 /mnt - - As root, run the - following command to get the SCSI address - of the burner: - - &prompt.root; camcontrol devlist -<MATSHITA CDRW/DVD UJDA740 1.00> at scbus1 target 0 lun 0 (pass0,cd0) - - In this example, 1,0,0 is the - SCSI address to use with &man.cdrecord.1; - and other SCSI applications. - - For more information about ATAPI/CAM and - SCSI system, refer to &man.atapicam.4; and - &man.cam.4;. - From owner-svn-doc-all@FreeBSD.ORG Wed Apr 23 19:35:49 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6A87FAA; Wed, 23 Apr 2014 19:35:49 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 565CF1D80; Wed, 23 Apr 2014 19:35:49 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3NJZnS5003160; Wed, 23 Apr 2014 19:35:49 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3NJZntd003159; Wed, 23 Apr 2014 19:35:49 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404231935.s3NJZntd003159@svn.freebsd.org> From: Dru Lavigne Date: Wed, 23 Apr 2014 19:35:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44637 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Apr 2014 19:35:49 -0000 Author: dru Date: Wed Apr 23 19:35:48 2014 New Revision: 44637 URL: http://svnweb.freebsd.org/changeset/doc/44637 Log: Editorial review of Supported CD Devices section. Add notes for ATAPI devices prior to 10.0. Update verification example. More commits to come in this chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 23 18:16:34 2014 (r44636) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 23 19:35:48 2014 (r44637) @@ -678,68 +678,73 @@ da0: <STECH Simple Drive 1.04> s/n ATAPI/CAM driver - This driver allows ATAPI devices, such - as CD/DVD drives, to be accessed through the - SCSI subsystem, and so allows the use of - applications like sysutils/cdrdao or - &man.cdrecord.1;. - - To use this driver, add the following line to - /boot/loader.conf: - - atapicam_load="YES" - - then, reboot the system. + The GENERIC kernel provides support + for SCSI, USB, and + ATAPI CD readers and + burners. If a custom kernel is used, the options that need to + be present in the kernel configuration file vary by the type + of device. + + For a SCSI burner, make sure these + options are present: + + device scbus # SCSI bus (required for ATA/SCSI) +device da # Direct Access (disks) +device pass # Passthrough device (direct ATA/SCSI access) +device cd # needed for CD and DVD burners + + For a USB burner, make sure these + options are present: + + device scbus # SCSI bus (required for ATA/SCSI) +device da # Direct Access (disks) +device pass # Passthrough device (direct ATA/SCSI access) +device cd # needed for CD and DVD burners +device uhci # provides USB 1.x support +device ohci # provides USB 1.x support +device ehci # provides USB 2.0 support +device xhci # provides USB 3.0 support +device usb # USB Bus (required) +device umass # Disks/Mass storage - Requires scbus and da + + For an ATAPI burner, make sure these + options are present: + + device ata # Legacy ATA/SATA controllers +device scbus # SCSI bus (required for ATA/SCSI) +device pass # Passthrough device (direct ATA/SCSI access) +device cd # needed for CD and DVD burners + - Users who prefer to statically compile &man.atapicam.4; - support into the kernel, should add this line to the - kernel configuration file: + On &os; versions prior to 10.x, this line is also + needed in the kernel configuration file if the burner is an + ATAPI device: device atapicam - Ensure the following lines are still in the kernel - configuration file: + Alternately, this driver can be loaded at boot time by adding the following line to + /boot/loader.conf: - device ata -device scbus -device cd -device pass + atapicam_load="YES" - Then rebuild, install the new kernel, and reboot the - machine. + This will require a reboot of the system as this driver + can only be loaded at boot time. - During the boot process, the burner should show up, like - so: - - acd0: CD-RW <MATSHITA CD-RW/DVD-ROM UJDA740> at ata1-master PIO4 -cd0 at ata1 bus 0 target 0 lun 0 -cd0: <MATSHITA CDRW/DVD UJDA740 1.00> Removable CD-ROM SCSI-0 device -cd0: 16.000MB/s transfers -cd0: Attempt to query device size failed: NOT READY, Medium not present - tray closed - - The drive can now be accessed via the - /dev/cd0 device name. For example, to - mount a CD-ROM on - /mnt, type the following: - - &prompt.root; mount -t cd9660 /dev/cd0 /mnt - - As root, run the - following command to get the SCSI address - of the burner: - - &prompt.root; camcontrol devlist -<MATSHITA CDRW/DVD UJDA740 1.00> at scbus1 target 0 lun 0 (pass0,cd0) - - In this example, 1,0,0 is the - SCSI address to use with &man.cdrecord.1; - and other SCSI applications. - - For more information about ATAPI/CAM and - SCSI system, refer to &man.atapicam.4; and - &man.cam.4;. + To verify that &os; recognizes the device, run + dmesg and look for an entry for the device. + On systems prior to 10.x, the device name in the first line of + the output will be acd0 instead of + cd0. + + &prompt.user; dmesg | grep cd +cd0 at ahcich1 bus 0 scbus1 target 0 lun 0 +cd0: <HL-DT-ST DVDRAM GU70N LT20> Removable CD-ROM SCSI-0 device +cd0: Serial Number M3OD3S34152 +cd0: 150.000MB/s transfers (SATA 1.x, UDMA6, ATAPI 12bytes, PIO 8192bytes) +cd0: Attempt to query device size failed: NOT READY, Medium not present - tray closed + @@ -915,6 +920,17 @@ scsibus1: . Refer to &man.cdrecord.1; for easier ways to specify this value and for information on writing audio tracks and controlling the write speed. + + Alternately, as root, run the + following command to get the SCSI address + of the burner: + + &prompt.root; camcontrol devlist +<MATSHITA CDRW/DVD UJDA740 1.00> at scbus1 target 0 lun 0 (pass0,cd0) + + In this example, 1,0,0 is the + SCSI address to use with &man.cdrecord.1; + and other SCSI applications. @@ -1021,6 +1037,13 @@ scsibus1: Using Data <acronym>CD</acronym>s + The drive can now be accessed via the + /dev/cd0 device name. For example, to + mount a CD-ROM on + /mnt, type the following: + + &prompt.root; mount -t cd9660 /dev/cd0 /mnt + It is possible to mount and read the data on a standard data CD. By default, &man.mount.8; assumes that a file system is of type ufs. Running From owner-svn-doc-all@FreeBSD.ORG Wed Apr 23 20:00:06 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D9A02891; Wed, 23 Apr 2014 20:00:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C56511142; Wed, 23 Apr 2014 20:00:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3NK05Et012362; Wed, 23 Apr 2014 20:00:05 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3NK05F4012357; Wed, 23 Apr 2014 20:00:05 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404232000.s3NK05F4012357@svn.freebsd.org> From: Dru Lavigne Date: Wed, 23 Apr 2014 20:00:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44638 - in head/en_US.ISO8859-1/books/handbook: disks install multimedia X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Apr 2014 20:00:06 -0000 Author: dru Date: Wed Apr 23 20:00:04 2014 New Revision: 44638 URL: http://svnweb.freebsd.org/changeset/doc/44638 Log: Rip out all instances of burncd in prep for closing PR171098. Add note for 8.x users about the existence of burncd. Still need to tech review the rest of the CD chapter and update some examples to use cdrecord. More commits to come. Reviewed by: zeising Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml head/en_US.ISO8859-1/books/handbook/install/chapter.xml head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 23 19:35:48 2014 (r44637) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 23 20:00:04 2014 (r44638) @@ -747,6 +747,80 @@ cd0: Attempt to query device size failed + + Burning a <acronym>CD</acronym> + + In &os;, cdrecord can + be used to burn CDs. This command is + installed with the + sysutils/cdrtools package or port. + + + &os; 8.x includes the built-in + burncd utility for burning + CDs using an ATAPI + CD burner. Refer to the manual page for + burncd for usage examples. + + + While cdrecord has many options, basic + usage is simple. Burning an ISO 9660 image is done + with: + + &prompt.root; cdrecord dev=device imagefile.iso + + The tricky part of using cdrecord is + finding the to use. To find the proper + setting, use which might produce + results like this: + + + CD-ROMs + burning + + &prompt.root; cdrecord -scanbus +Cdrecord-Clone 2.01 (i386-unknown-freebsd7.0) Copyright (C) 1995-2004 Jörg Schilling +Using libscg version 'schily-0.1' +scsibus0: + 0,0,0 0) 'SEAGATE ' 'ST39236LW ' '0004' Disk + 0,1,0 1) 'SEAGATE ' 'ST39173W ' '5958' Disk + 0,2,0 2) * + 0,3,0 3) 'iomega ' 'jaz 1GB ' 'J.86' Removable Disk + 0,4,0 4) 'NEC ' 'CD-ROM DRIVE:466' '1.26' Removable CD-ROM + 0,5,0 5) * + 0,6,0 6) * + 0,7,0 7) * +scsibus1: + 1,0,0 100) * + 1,1,0 101) * + 1,2,0 102) * + 1,3,0 103) * + 1,4,0 104) * + 1,5,0 105) 'YAMAHA ' 'CRW4260 ' '1.0q' Removable CD-ROM + 1,6,0 106) 'ARTEC ' 'AM12S ' '1.06' Scanner + 1,7,0 107) * + + This lists the appropriate value for + the devices on the list. Locate the CD + burner, and use the three numbers separated by commas as the + value for . In this case, the CRW device + is 1,5,0, so the appropriate input is + . Refer to &man.cdrecord.1; for + easier ways to specify this value and for information on + writing audio tracks and controlling the write speed. + + Alternately, as root, run the + following command to get the SCSI address + of the burner: + + &prompt.root; camcontrol devlist +<MATSHITA CDRW/DVD UJDA740 1.00> at scbus1 target 0 lun 0 (pass0,cd0) + + In this example, 1,0,0 is the + SCSI address to use with &man.cdrecord.1; + and other SCSI applications. + + Creating an <acronym>ISO</acronym> File System @@ -834,105 +908,6 @@ cd0: Attempt to query device size failed &man.mkisofs.8; for details. - - Using an <acronym>ATAPI</acronym> Burner - - - CD-ROMs - burning - - For an ATAPI CD - burner, burncd can be used to burn an ISO - image onto a CD. - burncd is part of the base system, - installed as /usr/sbin/burncd. Usage is - very simple, as it has few options: - - &prompt.root; burncd -f cddevice data imagefile.iso fixate - - This command will burn a copy of - imagefile.iso on - cddevice. The default device is - /dev/acd0. See &man.burncd.8; for - options to set the write speed, eject the - CD after burning, and write audio - data. - - - - Using a <acronym>USB</acronym> or <acronym>SCSI</acronym> Burner - - For systems without an ATAPI - CD burner, cdrecord can - be used to burn CDs. - cdrecord is not part of the base system and - must be installed from either the - sysutils/cdrtools package or port. Changes - to the base system can cause binary versions of this program - to fail, possibly resulting in a coaster. It - is recommended to either upgrade the port when the system is - upgraded, or for users tracking - -STABLE, to upgrade the port when a new version - becomes available. - - While cdrecord has many options, basic - usage is simple. Burning an ISO 9660 image is done - with: - - &prompt.root; cdrecord dev=device imagefile.iso - - The tricky part of using cdrecord is - finding the to use. To find the proper - setting, use which might produce - results like this: - - - CD-ROMs - burning - - &prompt.root; cdrecord -scanbus -Cdrecord-Clone 2.01 (i386-unknown-freebsd7.0) Copyright (C) 1995-2004 Jörg Schilling -Using libscg version 'schily-0.1' -scsibus0: - 0,0,0 0) 'SEAGATE ' 'ST39236LW ' '0004' Disk - 0,1,0 1) 'SEAGATE ' 'ST39173W ' '5958' Disk - 0,2,0 2) * - 0,3,0 3) 'iomega ' 'jaz 1GB ' 'J.86' Removable Disk - 0,4,0 4) 'NEC ' 'CD-ROM DRIVE:466' '1.26' Removable CD-ROM - 0,5,0 5) * - 0,6,0 6) * - 0,7,0 7) * -scsibus1: - 1,0,0 100) * - 1,1,0 101) * - 1,2,0 102) * - 1,3,0 103) * - 1,4,0 104) * - 1,5,0 105) 'YAMAHA ' 'CRW4260 ' '1.0q' Removable CD-ROM - 1,6,0 106) 'ARTEC ' 'AM12S ' '1.06' Scanner - 1,7,0 107) * - - This lists the appropriate value for - the devices on the list. Locate the CD - burner, and use the three numbers separated by commas as the - value for . In this case, the CRW device - is 1,5,0, so the appropriate input is - . Refer to &man.cdrecord.1; for - easier ways to specify this value and for information on - writing audio tracks and controlling the write speed. - - Alternately, as root, run the - following command to get the SCSI address - of the burner: - - &prompt.root; camcontrol devlist -<MATSHITA CDRW/DVD UJDA740 1.00> at scbus1 target 0 lun 0 (pass0,cd0) - - In this example, 1,0,0 is the - SCSI address to use with &man.cdrecord.1; - and other SCSI applications. - - Duplicating Audio <acronym>CD</acronym>s @@ -1008,12 +983,14 @@ scsibus1: Burn the extracted files to disk using - burncd. Specify that these are audio - files, and that burncd should fixate + cdrecord. Specify that these are audio + files, and that cdrecord should fixate the disk when finished: - + + @@ -1124,10 +1101,11 @@ scsibus1: CD, without creating an ISO 9660 file system. Some people do this for backup purposes. This command runs more quickly than burning a standard - CD: - + CD. + In order to retrieve the data burned to such a CD, the data must be read from the raw device node: Modified: head/en_US.ISO8859-1/books/handbook/install/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/install/chapter.xml Wed Apr 23 19:35:48 2014 (r44637) +++ head/en_US.ISO8859-1/books/handbook/install/chapter.xml Wed Apr 23 20:00:04 2014 (r44638) @@ -4406,7 +4406,7 @@ Please press any key to reboot. Burn the Media Next, write the downloaded image(s) to disc. If using - another &os; system, refer to and + another &os; system, refer to for instructions. If using another platform, use any burning utility Modified: head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml Wed Apr 23 19:35:48 2014 (r44637) +++ head/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml Wed Apr 23 20:00:04 2014 (r44638) @@ -678,10 +678,7 @@ MPEG 1.0 layer III, 128 kbit/s, 44100 Hz Both the WAV and PCM - formats can be used with cdrecord - to create audio CDs, whereas - burncd requires the - PCM format. When using + formats can be used with cdrecord. When using WAV files, there will be a small tick sound at the beginning of each track. This sound is the header of the WAV file. The From owner-svn-doc-all@FreeBSD.ORG Wed Apr 23 20:27:03 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C374E1D8; Wed, 23 Apr 2014 20:27:03 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AF3AE13A2; Wed, 23 Apr 2014 20:27:03 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3NKR3O8024281; Wed, 23 Apr 2014 20:27:03 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3NKR3VJ024280; Wed, 23 Apr 2014 20:27:03 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404232027.s3NKR3VJ024280@svn.freebsd.org> From: Dru Lavigne Date: Wed, 23 Apr 2014 20:27:03 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44639 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Apr 2014 20:27:03 -0000 Author: dru Date: Wed Apr 23 20:27:03 2014 New Revision: 44639 URL: http://svnweb.freebsd.org/changeset/doc/44639 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 23 20:00:04 2014 (r44638) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 23 20:27:03 2014 (r44639) @@ -432,24 +432,24 @@ super-block backups (for fsck -b #) at: Many external storage solutions, such as hard drives, USB thumbdrives, and CD - and DVD burners, use the - Universal Serial Bus (USB). &os; provides - support for USB 1.x, 2.0, and 3.0 devices. + and DVD burners, use the Universal Serial Bus + (USB). &os; provides support for + USB 1.x, 2.0, and 3.0 devices. USB 3.0 support is not compatible with - some hardware, including Haswell (Lynx point) chipsets. If + some hardware, including Haswell (Lynx point) chipsets. If &os; boots with a failed with error 19 message, disable xHCI/USB3 in the system BIOS. - - Support for USB storage devices - is built into the GENERIC - kernel. For a custom kernel, be sure that the following - lines are present in the kernel configuration file: - device scbus # SCSI bus (required for ATA/SCSI) + Support for USB storage devices is built + into the GENERIC kernel. For a custom + kernel, be sure that the following lines are present in the + kernel configuration file: + + device scbus # SCSI bus (required for ATA/SCSI) device da # Direct Access (disks) device pass # Passthrough device (direct ATA/SCSI access) device uhci # provides USB 1.x support @@ -460,15 +460,15 @@ device usb # USB Bus (required) device umass # Disks/Mass storage - Requires scbus and da device cd # needed for CD and DVD burners - &os; uses the &man.umass.4; driver which uses the - SCSI subsystem to access - USB storage devices. Since any - USB device will be seen as a - SCSI device by the system, - if the USB device is a - CD or DVD burner, do - not include - in a custom kernel configuration file. + &os; uses the &man.umass.4; driver which uses the + SCSI subsystem to access + USB storage devices. Since any + USB device will be seen as a + SCSI device by the system, if the + USB device is a CD or + DVD burner, do not + include in a custom kernel + configuration file. The rest of this section demonstrates how to verify that a USB storage device is recognized by &os; and @@ -480,15 +480,15 @@ device cd # needed for CD and DVD burner To test the USB configuration, plug in the USB device. Use dmesg to confirm that the drive appears in - the system message buffer. It should look something - like this: + the system message buffer. It should look something like + this: umass0: <STECH Simple Drive, class 0/0, rev 2.00/1.04, addr 3> on usbus0 umass0: SCSI over Bulk-Only; quirks = 0x0100 umass0:4:0:-1: Attached to scbus4 da0 at umass-sim0 bus 0 scbus4 target 0 lun 0 -da0: <STECH Simple Drive 1.04> Fixed Direct Access SCSI-4 device -da0: Serial Number WD-WXE508CAN263 +da0: <STECH Simple Drive 1.04> Fixed Direct Access SCSI-4 device +da0: Serial Number WD-WXE508CAN263 da0: 40.000MB/s transfers da0: 152627MB (312581808 512 byte sectors: 255H 63S/T 19457C) da0: quirks=0x2<NO_6_BYTE> @@ -511,36 +511,36 @@ da0: quirks=0x2<NO_6_BYTE>&prompt.root; usbconfig ugen0.3: <Simple Drive STECH> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=ON (2mA) - If the device has not been formatted, - refer to for instructions on - how to format and create partitions on the - USB drive. If the drive comes with a file - system, it can be mounted by root using the + If the device has not been formatted, refer to for instructions on how to format + and create partitions on the USB drive. If + the drive comes with a file system, it can be mounted by + root using the instructions in . Allowing untrusted users to mount arbitrary media, by - enabling vfs.usermount as - described below, should not be considered safe from a - security point of view. Most file systems were not - built to safeguard against malicious devices. + enabling vfs.usermount as described + below, should not be considered safe from a security point + of view. Most file systems were not built to safeguard + against malicious devices. To make the device mountable as a normal user, one solution is to make all users of the device a member of the operator group using &man.pw.8;. Next, ensure that operator is able to - read and write the device by adding these lines to + class="groupname">operator is able to read and + write the device by adding these lines to /etc/devfs.rules: [localrules=5] add path 'da*' mode 0660 group operator - If internal SCSI disks are also installed in the - system, change the second line as follows: + If internal SCSI disks are also + installed in the system, change the second line as + follows: add path 'da[3-9]*' mode 0660 group operator @@ -558,9 +558,8 @@ add path 'da*' mode 0660 group operator< devfs_system_ruleset="localrules" - Then, instruct the system to allow regular users - to mount file systems by adding the - following line to + Then, instruct the system to allow regular users to mount + file systems by adding the following line to /etc/sysctl.conf: vfs.usermount=1 @@ -568,7 +567,7 @@ add path 'da*' mode 0660 group operator< Since this only takes effect after the next reboot, use sysctl to set this variable now: - &prompt.root; sysctl vfs.usermount=1 + &prompt.root; sysctl vfs.usermount=1 vfs.usermount: 0 -> 1 The final step is to create a directory where the file @@ -587,19 +586,18 @@ vfs.usermount: 0 -> 1 Suppose a USB thumbdrive is plugged in, and a device /dev/da0s1 appears. If the - device is formatted with a FAT file system, the user can - mount it using: + device is formatted with a FAT file system, + the user can mount it using: &prompt.user; mount -t msdosfs -o -m=644,-M=755 /dev/da0s1 /mnt/username Before the device can be unplugged, it - must be unmounted first: + must be unmounted first: &prompt.user; umount /mnt/username - - After device - removal, the system message buffer will show messages similar - to the following: + + After device removal, the system message buffer will show + messages similar to the following: umass0: at uhub3, port 2, addr 3 (disconnected) da0 at umass-sim0 bus 0 scbus4 target 0 lun 0 @@ -629,14 +627,16 @@ da0: <STECH Simple Drive 1.04> s/n CD media provide a number of features - that differentiate them from conventional disks. They are designed so that - they can be read continuously without delays to move the head - between tracks. While CD media do have tracks, these refer - to a section of data to be read continuously, and not a physical - property of the disk. The ISO 9660 file system was designed to deal with these - differences. + that differentiate them from conventional disks. They are + designed so that they can be read continuously without delays to + move the head between tracks. While CD media + do have tracks, these refer to a section of data to be read + continuously, and not a physical property of the disk. The + ISO 9660 file system was designed to deal + with these differences. - ISO 9660 + ISO + 9660 file systems ISO 9660 @@ -652,10 +652,10 @@ da0: <STECH Simple Drive 1.04> s/n Which tool to use to burn a CD depends on whether the CD burner is an ATAPI, SCSI, or - USB device. This chapter demonstrates the use - of several command line utilities. For CD - burning software with a graphical, consider installing the - sysutils/xcdroast or + USB device. This chapter demonstrates the + use of several command line utilities. For + CD burning software with a graphical, + consider installing the sysutils/xcdroast or sysutils/k3b packages or ports. @@ -713,23 +713,23 @@ device umass # Disks/Mass storage - Requ device ata # Legacy ATA/SATA controllers device scbus # SCSI bus (required for ATA/SCSI) device pass # Passthrough device (direct ATA/SCSI access) -device cd # needed for CD and DVD burners - +device cd # needed for CD and DVD burners On &os; versions prior to 10.x, this line is also - needed in the kernel configuration file if the burner is an - ATAPI device: + needed in the kernel configuration file if the burner is an + ATAPI device: device atapicam - Alternately, this driver can be loaded at boot time by adding the following line to - /boot/loader.conf: + Alternately, this driver can be loaded at boot time by + adding the following line to + /boot/loader.conf: - atapicam_load="YES" + atapicam_load="YES" - This will require a reboot of the system as this driver - can only be loaded at boot time. + This will require a reboot of the system as this driver + can only be loaded at boot time. To verify that &os; recognizes the device, run @@ -740,27 +740,25 @@ device cd # needed for CD and DVD burner &prompt.user; dmesg | grep cd cd0 at ahcich1 bus 0 scbus1 target 0 lun 0 -cd0: <HL-DT-ST DVDRAM GU70N LT20> Removable CD-ROM SCSI-0 device +cd0: <HL-DT-ST DVDRAM GU70N LT20> Removable CD-ROM SCSI-0 device cd0: Serial Number M3OD3S34152 cd0: 150.000MB/s transfers (SATA 1.x, UDMA6, ATAPI 12bytes, PIO 8192bytes) -cd0: Attempt to query device size failed: NOT READY, Medium not present - tray closed - +cd0: Attempt to query device size failed: NOT READY, Medium not present - tray closed Burning a <acronym>CD</acronym> - In &os;, cdrecord can - be used to burn CDs. This command is - installed with the + In &os;, cdrecord can be used to burn + CDs. This command is installed with the sysutils/cdrtools package or port. &os; 8.x includes the built-in - burncd utility for burning - CDs using an ATAPI - CD burner. Refer to the manual page for - burncd for usage examples. + burncd utility for burning + CDs using an ATAPI + CD burner. Refer to the manual page for + burncd for usage examples. While cdrecord has many options, basic @@ -809,9 +807,10 @@ scsibus1: easier ways to specify this value and for information on writing audio tracks and controlling the write speed. - Alternately, as root, run the - following command to get the SCSI address - of the burner: + Alternately, as root, run the following + command to get the SCSI address of the + burner: &prompt.root; camcontrol devlist <MATSHITA CDRW/DVD UJDA740 1.00> at scbus1 target 0 lun 0 (pass0,cd0) @@ -824,12 +823,14 @@ scsibus1: Creating an <acronym>ISO</acronym> File System - In order to produce a data CD, the data files that are - going to make up the tracks on the CD must be prepared then - written to the CD. In &os;, the sysutils/cdrtools - package or port installs mkisofs, which produces an ISO 9660 - file system that is an image of a directory tree in the &unix; - file system name space. The simplest usage is: + In order to produce a data CD, the data + files that are going to make up the tracks on the + CD must be prepared then written to the + CD. In &os;, the + sysutils/cdrtools package or port installs + mkisofs, which produces an ISO 9660 file + system that is an image of a directory tree in the &unix; file + system name space. The simplest usage is: &prompt.root; mkisofs -o imagefile.iso /path/to/tree @@ -2027,7 +2028,7 @@ Update example for cdrecord include a rescue shell. For this version, instead download and burn a Livefs CD image from ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/&arch.i386;/ISO-IMAGES/&rel2.current;/&os;-&rel2.current;-RELEASE-&arch.i386;-livefs.iso. + xlink:href="ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/&arch.i386;/ISO-IMAGES/&rel2.current;/&os;-&rel2.current;-RELEASE-&arch.i386;-livefs.iso">ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/&arch.i386;/ISO-IMAGES/&rel2.current;/&os;-&rel2.current;-RELEASE-&arch.i386;-livefs.iso. Next, test the rescue shell and the backups. Make notes From owner-svn-doc-all@FreeBSD.ORG Wed Apr 23 20:28:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AE140252; Wed, 23 Apr 2014 20:28:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9AB4813AC; Wed, 23 Apr 2014 20:28:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3NKSatm024465; Wed, 23 Apr 2014 20:28:36 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3NKSam9024464; Wed, 23 Apr 2014 20:28:36 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404232028.s3NKSam9024464@svn.freebsd.org> From: Dru Lavigne Date: Wed, 23 Apr 2014 20:28:36 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44640 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Apr 2014 20:28:36 -0000 Author: dru Date: Wed Apr 23 20:28:36 2014 New Revision: 44640 URL: http://svnweb.freebsd.org/changeset/doc/44640 Log: Fix grammo. Remove no longer needed sentence. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 23 20:27:03 2014 (r44639) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 23 20:28:36 2014 (r44640) @@ -649,12 +649,9 @@ da0: <STECH Simple Drive 1.04> s/n The &os; Ports Collection provides several utilities for burning and duplicating audio and data CDs. - Which tool to use to burn a CD depends - on whether the CD burner is an - ATAPI, SCSI, or - USB device. This chapter demonstrates the + This chapter demonstrates the use of several command line utilities. For - CD burning software with a graphical, + CD burning software with a graphical utility, consider installing the sysutils/xcdroast or sysutils/k3b packages or ports. From owner-svn-doc-all@FreeBSD.ORG Thu Apr 24 11:36:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C66A81A1; Thu, 24 Apr 2014 11:36:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B2D141C5E; Thu, 24 Apr 2014 11:36:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3OBagfO098373; Thu, 24 Apr 2014 11:36:42 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3OBagFF098372; Thu, 24 Apr 2014 11:36:42 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404241136.s3OBagFF098372@svn.freebsd.org> From: Dru Lavigne Date: Thu, 24 Apr 2014 11:36:42 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44641 - head/en_US.ISO8859-1/books/arch-handbook/usb X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Apr 2014 11:36:42 -0000 Author: dru Date: Thu Apr 24 11:36:42 2014 New Revision: 44641 URL: http://svnweb.freebsd.org/changeset/doc/44641 Log: Fix grammo. Submitted by: bjk Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/arch-handbook/usb/chapter.xml Modified: head/en_US.ISO8859-1/books/arch-handbook/usb/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/arch-handbook/usb/chapter.xml Wed Apr 23 20:28:36 2014 (r44640) +++ head/en_US.ISO8859-1/books/arch-handbook/usb/chapter.xml Thu Apr 24 11:36:42 2014 (r44641) @@ -469,7 +469,7 @@ This part is unclear, is it an unformatt bandwidth. More information on scheduling of transfers and bandwidth - reclamation can be found in chapter 5of the USB specification, + reclamation can be found in chapter 5 of the USB specification, section 1.3 of the UHCI specification, and section 3.4.2 of the OHCI specification. From owner-svn-doc-all@FreeBSD.ORG Thu Apr 24 13:16:40 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DF2E2CCB; Thu, 24 Apr 2014 13:16:39 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CA2E3174A; Thu, 24 Apr 2014 13:16:39 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3ODGdJi040322; Thu, 24 Apr 2014 13:16:39 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3ODGd3h040320; Thu, 24 Apr 2014 13:16:39 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404241316.s3ODGd3h040320@svn.freebsd.org> From: Dru Lavigne Date: Thu, 24 Apr 2014 13:16:39 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44642 - in head/en_US.ISO8859-1/books: faq handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Apr 2014 13:16:40 -0000 Author: dru Date: Thu Apr 24 13:16:39 2014 New Revision: 44642 URL: http://svnweb.freebsd.org/changeset/doc/44642 Log: Editorial review of Burning CDs and Creating ISO File sections. Add data CDs as a note and modify reference to new location in FAQ. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/faq/book.xml head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Thu Apr 24 11:36:42 2014 (r44641) +++ head/en_US.ISO8859-1/books/faq/book.xml Thu Apr 24 13:16:39 2014 (r44642) @@ -3383,7 +3383,7 @@ C:\="DOS" - This is discussed in the Handbook section on duplicating data CDs. + This is discussed in the Handbook section on duplicating data CDs. For more on working with CD-ROMs, see the Creating CDs Section in the Storage chapter in the Handbook. Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Thu Apr 24 11:36:42 2014 (r44641) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Thu Apr 24 13:16:39 2014 (r44642) @@ -759,14 +759,15 @@ cd0: Attempt to query device size failed While cdrecord has many options, basic - usage is simple. Burning an ISO 9660 image is done - with: + usage is simple. Specify the name of the + ISO file to burn and, if the system has + multiple burner devices, specify the name of the device to + use: - &prompt.root; cdrecord dev=device imagefile.iso + &prompt.root; cdrecord dev=device imagefile.iso - The tricky part of using cdrecord is - finding the to use. To find the proper - setting, use which might produce + To determine the device name of the burner, + use which might produce results like this: @@ -774,8 +775,8 @@ cd0: Attempt to query device size failed burning &prompt.root; cdrecord -scanbus -Cdrecord-Clone 2.01 (i386-unknown-freebsd7.0) Copyright (C) 1995-2004 Jörg Schilling -Using libscg version 'schily-0.1' +ProDVD-ProBD-Clone 3.00 (amd64-unknown-freebsd10.0) Copyright (C) 1995-2010 Jörg Schilling +Using libscg version 'schily-0.9' scsibus0: 0,0,0 0) 'SEAGATE ' 'ST39236LW ' '0004' Disk 0,1,0 1) 'SEAGATE ' 'ST39173W ' '5958' Disk @@ -795,39 +796,40 @@ scsibus1: 1,6,0 106) 'ARTEC ' 'AM12S ' '1.06' Scanner 1,7,0 107) * - This lists the appropriate value for - the devices on the list. Locate the CD - burner, and use the three numbers separated by commas as the - value for . In this case, the CRW device - is 1,5,0, so the appropriate input is - . Refer to &man.cdrecord.1; for - easier ways to specify this value and for information on + Locate the entry for the CD + burner and use the three numbers separated by commas as the + value for . In this case, the Yamaha burner device + is 1,5,0, so the appropriate input to specify that device is + . Refer to the manual page for cdrecord for + other ways to specify this value and for information on writing audio tracks and controlling the write speed. - Alternately, as root, run the following - command to get the SCSI address of the + Alternately, run the following + command to get the device address of the burner: &prompt.root; camcontrol devlist -<MATSHITA CDRW/DVD UJDA740 1.00> at scbus1 target 0 lun 0 (pass0,cd0) +<MATSHITA CDRW/DVD UJDA740 1.00> at scbus1 target 0 lun 0 (cd0,pass0) - In this example, 1,0,0 is the - SCSI address to use with &man.cdrecord.1; - and other SCSI applications. + Use the numeric values for scbus, + target, and lun. For + this example, 1,0,0 is the + device name to use. - Creating an <acronym>ISO</acronym> File System + Writing Data to an <acronym>ISO</acronym> File System In order to produce a data CD, the data files that are going to make up the tracks on the - CD must be prepared then written to the - CD. In &os;, the - sysutils/cdrtools package or port installs - mkisofs, which produces an ISO 9660 file - system that is an image of a directory tree in the &unix; file - system name space. The simplest usage is: + CD must be prepared before they can be burned to the + CD. In &os;, + sysutils/cdrtools installs + mkisofs, which can be used to produce an ISO 9660 file + system that is an image of a directory tree within a &unix; file + system. The simplest usage is to specify the name of the + ISO file to create and the path to the files + to place into the ISO 9660 file system: &prompt.root; mkisofs -o imagefile.iso /path/to/tree @@ -836,35 +838,27 @@ scsibus1: ISO 9660 - This command creates an - imagefile.iso containing an ISO - 9660 file system that is a copy of the tree at - /path/to/tree. In the process, it - maps the file names to names that fit the limitations of - the standard ISO 9660 file system, and will exclude files that - have names uncharacteristic of ISO file systems. + This command + maps the file names in the specified path to names that fit the limitations of + the standard ISO 9660 file system, and will exclude files that + do not meet the standard for ISO file systems. file systems - HFS - - - file systems Joliet - A number of options are available to overcome these - restrictions. In particular, enables the - Rock Ridge extensions common to &unix; systems, + A number of options are available to overcome the + restrictions imposed by the standard. In particular, enables the + Rock Ridge extensions common to &unix; systems and enables Joliet extensions used by - Microsoft systems, and can be used to - create HFS file systems used by &macos;. + Microsoft systems. For CDs that are going to be used only on &os; systems, can be used to disable all filename restrictions. When used with , it produces a file system image that is - identical to the specified &os; tree, though it may violate - the ISO 9660 standard in a number of ways. + identical to the specified &os; tree, even if it violates + the ISO 9660 standard. CD-ROMs @@ -872,27 +866,26 @@ scsibus1: The last option of general use is . - This is used to specify the location of the boot image for use + This is used to specify the location of a boot image for use in producing an El Torito bootable CD. This option takes an argument which is the path to a boot image from the top of the tree being written to the CD. By default, - &man.mkisofs.8; creates an ISO image in floppy disk + mkisofs creates an ISO image in floppy disk emulation mode, and thus expects the boot image to be exactly 1200, 1440 or 2880 KB in size. Some boot - loaders, like the one used by the &os; distribution disks, do + loaders, like the one used by the &os; distribution media, do not use emulation mode. In this case, should be used. So, if /tmp/myboot holds a bootable &os; system with the boot image in /tmp/myboot/boot/cdboot, this command - would produce the image of an ISO 9660 file system as + would produce /tmp/bootable.iso: &prompt.root; mkisofs -R -no-emul-boot -b boot/cdboot -o /tmp/bootable.iso /tmp/myboot - If md is configured in the - kernel, the file system can be mounted as a memory disk + The resulting ISO image can be mounted as a memory disk with: &prompt.root; mdconfig -a -t vnode -f /tmp/bootable.iso -u 0 @@ -902,8 +895,23 @@ scsibus1: /tmp/myboot are identical. There are many other options available for - &man.mkisofs.8; to fine-tune its behavior. Refer to + mkisofs to fine-tune its behavior. Refer to &man.mkisofs.8; for details. + + + It is possible to copy a data CD to an + image file that is functionally equivalent to the image file + created with mkisofs. To do so, use + dd with the device name as the input file + and the name of the ISO to create as the + output file: + + &prompt.root; dd if=/dev/cd0 of=file.iso bs=2048 + + The resulting image file can be burned to + CD as described in . + @@ -992,23 +1000,6 @@ Update example for cdrecord - - Duplicating Data <acronym>CD</acronym>s - - It is possible to copy a data CD to an - image file that is functionally equivalent to the image file - created with &man.mkisofs.8;, and then use it to duplicate any - data CD. The example given here assumes - that the CD-ROM device is - acd0. Substitute the correct - CD-ROM device. - - &prompt.root; dd if=/dev/acd0 of=file.iso bs=2048 - - Now that there is an image, it can be burned to - CD as described above. - - Using Data <acronym>CD</acronym>s From owner-svn-doc-all@FreeBSD.ORG Thu Apr 24 13:49:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 73261337; Thu, 24 Apr 2014 13:49:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5ECA81A8B; Thu, 24 Apr 2014 13:49:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3ODnNFw053279; Thu, 24 Apr 2014 13:49:23 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3ODnMIF053277; Thu, 24 Apr 2014 13:49:22 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404241349.s3ODnMIF053277@svn.freebsd.org> From: Dru Lavigne Date: Thu, 24 Apr 2014 13:49:22 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44643 - in head/en_US.ISO8859-1/books: faq handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Apr 2014 13:49:23 -0000 Author: dru Date: Thu Apr 24 13:49:22 2014 New Revision: 44643 URL: http://svnweb.freebsd.org/changeset/doc/44643 Log: Move raw data cds into Using Data cds section. Update reference in FAQ. Fix title names for 2 new references in FAQ. Still need to tech review the rest of this chapter and update the examples. More commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/faq/book.xml head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Thu Apr 24 13:16:39 2014 (r44642) +++ head/en_US.ISO8859-1/books/faq/book.xml Thu Apr 24 13:49:22 2014 (r44643) @@ -3373,7 +3373,7 @@ C:\="DOS" You most likely burned a raw file to your CD, rather than creating an ISO 9660 file system. Take a look at the Handbook chapter on creating CD-ROMs, - particularly the section on burning raw data CDs. + particularly the section on Using Data CDs. @@ -3383,7 +3383,7 @@ C:\="DOS" - This is discussed in the Handbook section on duplicating data CDs. + This is discussed in the Handbook section on Writing Data to an ISO File System. For more on working with CD-ROMs, see the Creating CDs Section in the Storage chapter in the Handbook. Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Thu Apr 24 13:16:39 2014 (r44642) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Thu Apr 24 13:49:22 2014 (r44643) @@ -914,92 +914,6 @@ scsibus1: - - Duplicating Audio <acronym>CD</acronym>s - - To duplicate an audio CD, extract the - audio data from the CD to a series of - files, then write these files to a blank - CD. The process is slightly different for - ATAPI and SCSI - drives. - - - <acronym>SCSI</acronym> Drives - - - Use cdda2wav to extract the - audio: - - &prompt.user; cdda2wav -vall -D2,0 -B -Owav - - - - Use cdrecord to write the - .wav files: - - &prompt.user; cdrecord -v dev=2,0 -dao -useinfo *.wav - - Make sure that 2,0 is set - appropriately, as described in . - - - - - <acronym>ATAPI</acronym> Drives - - - With the help of the ATAPI/CAM module, - cdda2wav can also be used on - ATAPI drives. This tool is usually a - better choice for most of users, as it supports jitter - correction and endianness, than the method proposed - below. - - - - The ATAPI CD - driver makes each track available as - /dev/acddtnn, - where d is the drive number, - and nn is the track number - written with two decimal digits, prefixed with zero as - needed. So the first track on the first disk is - /dev/acd0t01, the second is - /dev/acd0t02, the third is - /dev/acd0t03, and so on. - - Make sure the appropriate files exist in - /dev. If the entries are missing, - force the system to retaste the media: - - &prompt.root; dd if=/dev/acd0 of=/dev/null count=1 - - - - Extract each track using &man.dd.1;, making sure to - specify a block size when extracting the files: - - &prompt.root; dd if=/dev/acd0t01 of=track1.cdr bs=2352 -&prompt.root; dd if=/dev/acd0t02 of=track2.cdr bs=2352 -... - - - - Burn the extracted files to disk using - cdrecord. Specify that these are audio - files, and that cdrecord should fixate - the disk when finished: - - - - - Using Data <acronym>CD</acronym>s @@ -1081,14 +995,12 @@ Update example for cdrecord This tells the SCSI bus to pause 15 seconds during boot, to give the CD-ROM drive every possible chance to answer the bus reset. - - - - Burning Raw Data CDs + It is possible to burn a file directly to CD, without creating an ISO 9660 file - system. Some people do this for backup purposes. This + system. This is known as burning a raw data + CD. Some people do this for backup purposes. This command runs more quickly than burning a standard CD. + + + From owner-svn-doc-all@FreeBSD.ORG Thu Apr 24 15:32:08 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A7249E35; Thu, 24 Apr 2014 15:32:08 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 879E91970; Thu, 24 Apr 2014 15:32:08 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3OFW85g097894; Thu, 24 Apr 2014 15:32:08 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3OFW8GD097893; Thu, 24 Apr 2014 15:32:08 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404241532.s3OFW8GD097893@svn.freebsd.org> From: Dru Lavigne Date: Thu, 24 Apr 2014 15:32:08 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44644 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Apr 2014 15:32:08 -0000 Author: dru Date: Thu Apr 24 15:32:08 2014 New Revision: 44644 URL: http://svnweb.freebsd.org/changeset/doc/44644 Log: Finish editorial review of CD chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Thu Apr 24 13:49:22 2014 (r44643) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Thu Apr 24 15:32:08 2014 (r44644) @@ -917,46 +917,23 @@ scsibus1: Using Data <acronym>CD</acronym>s - The drive can now be accessed via the - /dev/cd0 device name. For example, to - mount a CD-ROM on - /mnt, type the following: - - &prompt.root; mount -t cd9660 /dev/cd0 /mnt - - It is possible to mount and read the data on a standard - data CD. By default, &man.mount.8; assumes - that a file system is of type ufs. Running - this command: - - &prompt.root; mount /dev/cd0 /mnt - - will generate an error about Incorrect super - block, and will fail to mount the - CD. The CD does not use - the UFS file system, so attempts to mount - it as such will fail. Instead, tell &man.mount.8; that the - file system is of type ISO9660 by - specifying to &man.mount.8;. For - example, to mount the CD-ROM device, - /dev/cd0, under - /mnt, use: - - &prompt.root; mount -t cd9660 /dev/cd0 /mnt - - Replace /dev/cd0 with the device - name for the CD device. Also, - executes &man.mount.cd9660.8;, - meaning the above command is equivalent to: + Once an ISO has been burned to a + CD, it can be mounted by specifying the + file system type, the name of the device containing the + CD, and an existing mount point: + + &prompt.root; mount -t cd9660 /dev/cd0 /mnt + + Since mount assumes + that a file system is of type ufs, a + Incorrect super block error will occur + if -t cd9660 is not included when mounting + a data CD. - &prompt.root; mount_cd9660 /dev/cd0 /mnt - - While data CD-ROMs from any vendor can - be mounted this way, disks with certain ISO 9660 extensions + While any data CD can + be mounted this way, disks with certain ISO 9660 extensions might behave oddly. For example, Joliet disks store all - filenames in two-byte Unicode characters. The &os; kernel - does not speak Unicode, but the &os; CD9660 driver is able to - convert Unicode characters on the fly. If some non-English + filenames in two-byte Unicode characters. If some non-English characters show up as question marks, specify the local charset with . For more information, refer to &man.mount.cd9660.8;. @@ -971,54 +948,51 @@ scsibus1: cd9660_iconv_load="YES" and then rebooting the machine, or by directly loading - the module with &man.kldload.8;. + the module with kldload. Occasionally, Device not configured - will be displayed when trying to mount a - CD-ROM. This usually means that the - CD-ROM drive thinks that there is no disk + will be displayed when trying to mount a data + CD. This usually means that the + CD drive thinks that there is no disk in the tray, or that the drive is not visible on the bus. It - can take a couple of seconds for a CD-ROM + can take a couple of seconds for a CD drive to realize that a media is present, so be patient. Sometimes, a SCSI - CD-ROM may be missed because it did not + CD drive may be missed because it did not have enough time to answer the bus reset. To resolve this, - add the following option to the kernel configuration and - rebuild the - kernel. + a custom kernel can be created which increases the default + SCSI delay. Add the following option to + the custom kernel configuration file and rebuild the kernel + using the instructions in : options SCSI_DELAY=15000 This tells the SCSI bus to pause 15 - seconds during boot, to give the CD-ROM + seconds during boot, to give the CD drive every possible chance to answer the bus reset. It is possible to burn a file directly to - CD, without creating an ISO 9660 file + CD, without creating an ISO 9660 file system. This is known as burning a raw data - CD. Some people do this for backup purposes. This - command runs more quickly than burning a standard - CD. - - In order to retrieve the data burned to such a - CD, the data must be read from the raw - device node: + CD and some people do this for backup purposes. - &prompt.root; tar xzvf /dev/acd1 - - This type of disk can not be mounted as a normal - CD-ROM and the data cannot be read under - any operating system except &os;. In order to mount the - CD, or to share the data with another - operating system, &man.mkisofs.8; must be used as described - above. + This type of disk can not be mounted as a normal data + CD. In order to retrieve the data burned to such a + CD, the data must be read from the raw + device node. For example, this command will extract a + compressed tar file located on the second CD + device into the current working directory: + + &prompt.root; tar xzvf /dev/cd1 + + In order to mount a data + CD, the data must be written using + mkisofs. @@ -1027,18 +1001,32 @@ Update example for cdrecord To duplicate an audio CD, extract the audio data from the CD to a series of files, then write these files to a blank - CD. The process is slightly different for - ATAPI and SCSI - drives. + CD. - - <acronym>SCSI</acronym> Drives + describes how to + duplicate and burn an audio CD. If the + &os; version is less than 10.0 and the device is + ATAPI, the module + must be first loaded using the instructions in . - - Use cdda2wav to extract the - audio: + + Duplicating an Audio <acronym>CD</acronym> - &prompt.user; cdda2wav -vall -D2,0 -B -Owav + + The sysutils/cdrecord package or + port installs cdda2wav. This command + can be used to extract all of the audio tracks, with each + track written to a separate WAV + file in the current working directory: + + &prompt.user; cdda2wav -vall -B -Owav + + A device name does not need to be specified if there + is only one CD device on the system. + Refer to the cdda2wav manual page for + instructions on how to specify a device and to learn more + about the other options available for this command. @@ -1052,59 +1040,6 @@ Update example for cdrecord linkend="cdrecord"/>. - - - <acronym>ATAPI</acronym> Drives - - - With the help of the ATAPI/CAM module, - cdda2wav can also be used on - ATAPI drives. This tool is usually a - better choice for most of users, as it supports jitter - correction and endianness, than the method proposed - below. - - - - The ATAPI CD - driver makes each track available as - /dev/acddtnn, - where d is the drive number, - and nn is the track number - written with two decimal digits, prefixed with zero as - needed. So the first track on the first disk is - /dev/acd0t01, the second is - /dev/acd0t02, the third is - /dev/acd0t03, and so on. - - Make sure the appropriate files exist in - /dev. If the entries are missing, - force the system to retaste the media: - - &prompt.root; dd if=/dev/acd0 of=/dev/null count=1 - - - - Extract each track using &man.dd.1;, making sure to - specify a block size when extracting the files: - - &prompt.root; dd if=/dev/acd0t01 of=track1.cdr bs=2352 -&prompt.root; dd if=/dev/acd0t02 of=track2.cdr bs=2352 -... - - - - Burn the extracted files to disk using - cdrecord. Specify that these are audio - files, and that cdrecord should fixate - the disk when finished: - - - From owner-svn-doc-all@FreeBSD.ORG Thu Apr 24 17:38:47 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 56122D71; Thu, 24 Apr 2014 17:38:47 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 35FED17EE; Thu, 24 Apr 2014 17:38:47 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3OHclqI049786; Thu, 24 Apr 2014 17:38:47 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3OHclqj049785; Thu, 24 Apr 2014 17:38:47 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404241738.s3OHclqj049785@svn.freebsd.org> From: Dru Lavigne Date: Thu, 24 Apr 2014 17:38:47 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44645 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Apr 2014 17:38:47 -0000 Author: dru Date: Thu Apr 24 17:38:46 2014 New Revision: 44645 URL: http://svnweb.freebsd.org/changeset/doc/44645 Log: Rename chapter to Memory Disks as NFS is mentioned, but not covered, and vnconfig was deprecated in 5.0. Adjust Synopsis to match topics covered in Disks chapter. Next commit will add an intro and do a tech review of Memory Disks chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Thu Apr 24 15:32:08 2014 (r44644) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Thu Apr 24 17:38:46 2014 (r44645) @@ -14,10 +14,11 @@ Synopsis - This chapter covers the use of disks in &os;. This includes - memory-backed disks, network-attached disks, standard SCSI/IDE - storage devices, and devices using the USB - interface. + This chapter covers the use of disks and storage media in + &os;. This includes SCSI and + IDE disks, CD and + DVD media, memory-backed disks, and + USB storage devices. After reading this chapter, you will know: @@ -33,37 +34,45 @@ + How to grow the size of a disk's partition on &os;. + + + How to configure &os; to use USB storage devices. - How to set up virtual file systems, such as memory - disks. + How to use CD and + DVD media on a &os; system. - How to use quotas to limit disk space usage. + How to use the backup programs available under + &os;. - How to encrypt disks to secure them against - attackers. + How to set up memory + disks. - How to create and burn CDs and - DVDs on &os;. + What file system snapshots are and how to use them + efficiently. - How to use the backup programs available under - &os;. + How to use quotas to limit disk space usage. - What file system snapshots are and how to use them - efficiently. + How to encrypt disks and swap to secure them against + attackers. + + + + How to configure a highly available storage network. @@ -626,7 +635,7 @@ da0: <STECH Simple Drive 1.04> s/n creating - CD media provide a number of features + Compact Disc (CD) media provide a number of features that differentiate them from conventional disks. They are designed so that they can be read continuously without delays to move the head between tracks. While CD media @@ -1966,7 +1975,7 @@ scsibus1: - Network, Memory, and File-Backed File Systems + Memory Disks @@ -1979,36 +1988,16 @@ scsibus1: - virtual disks - - disks - virtual - + In addition to physical disks, &os; also supports + the creation and use of memory disks. - In addition to physical disks such as floppies, - CDs, and hard drives, &os; also supports - virtual disks. - - NFS disks memory - These include network file systems such as the Network File System, - memory-based file systems, and file-backed file systems. - - According to the &os; version, the tools used for the - creation and use of file-backed and memory-based file systems - differ. - - - Use &man.devfs.5; to allocate device nodes transparently - for the user. - - File-Backed File System + Attaching and Detaching Existing Images disks @@ -2034,7 +2023,7 @@ scsibus1: Using <command>mdconfig</command> to Mount an Existing File System Image - &prompt.root; mdconfig -a -t vnode -f diskimage -u 0 + &prompt.root; mdconfig -f diskimage.iso -u 0 &prompt.root; mount /dev/md0 /mnt @@ -2093,10 +2082,30 @@ Filesystem 1K-blocks Used Avail Capacity &man.mdmfs.8; uses the &man.md.4; auto-unit feature to automatically select an unused device. For more details about &man.mdmfs.8;, refer to its manual page. + + + disks + detaching a memory disk + + + When a memory-based or file-based file system is no + longer in use, its resources should be released back to + the system. First, unmount the file system, then use + &man.mdconfig.8; to detach the disk from the system and + release the resources. + + For example, to detach and free all resources used by + /dev/md4: + + &prompt.root; mdconfig -d -u 4 + + It is possible to list information about configured + &man.md.4; devices by running + mdconfig -l. - Memory-Based File System + Creating a Memory Disk disks @@ -2140,30 +2149,6 @@ Filesystem 1K-blocks Used Avail Capacity /dev/md2 4846 2 4458 0% /mnt - - - Detaching a Memory Disk from the System - - - disks - detaching a memory disk - - - When a memory-based or file-based file system is no - longer in use, its resources should be released back to - the system. First, unmount the file system, then use - &man.mdconfig.8; to detach the disk from the system and - release the resources. - - For example, to detach and free all resources used by - /dev/md4: - - &prompt.root; mdconfig -d -u 4 - - It is possible to list information about configured - &man.md.4; devices by running - mdconfig -l. - From owner-svn-doc-all@FreeBSD.ORG Thu Apr 24 18:20:15 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C492A102; Thu, 24 Apr 2014 18:20:15 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 973F91C3B; Thu, 24 Apr 2014 18:20:15 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3OIKFKi067104; Thu, 24 Apr 2014 18:20:15 GMT (envelope-from pi@svn.freebsd.org) Received: (from pi@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3OIKFee067101; Thu, 24 Apr 2014 18:20:15 GMT (envelope-from pi@svn.freebsd.org) Message-Id: <201404241820.s3OIKFee067101@svn.freebsd.org> From: Kurt Jaeger Date: Thu, 24 Apr 2014 18:20:15 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44646 - in head: en_US.ISO8859-1/articles/contributors share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Apr 2014 18:20:15 -0000 Author: pi (ports committer) Date: Thu Apr 24 18:20:14 2014 New Revision: 44646 URL: http://svnweb.freebsd.org/changeset/doc/44646 Log: - Add my entity - Insert myself as a developer - Remove myself from contributors Approved by: culot (mentor) Modified: head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml head/share/xml/authors.ent Modified: head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Thu Apr 24 17:38:46 2014 (r44645) +++ head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Thu Apr 24 18:20:14 2014 (r44646) @@ -5762,11 +5762,6 @@ - Kurt Jaeger - fbsd-ports@opsec.eu - - - Kurt Olsen kurto@tiny.mcs.usu.edu Modified: head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Thu Apr 24 17:38:46 2014 (r44645) +++ head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Thu Apr 24 18:20:14 2014 (r44646) @@ -539,6 +539,10 @@ + &a.pi.email; + + + &a.versus.email; Modified: head/share/xml/authors.ent ============================================================================== --- head/share/xml/authors.ent Thu Apr 24 17:38:46 2014 (r44645) +++ head/share/xml/authors.ent Thu Apr 24 18:20:14 2014 (r44646) @@ -1653,6 +1653,9 @@ pho@FreeBSD.org"> + +pi@FreeBSD.org"> + piero@FreeBSD.org"> From owner-svn-doc-all@FreeBSD.ORG Thu Apr 24 18:24:49 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3621B3A8; Thu, 24 Apr 2014 18:24:49 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 220801CDD; Thu, 24 Apr 2014 18:24:49 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3OIOmlX070234; Thu, 24 Apr 2014 18:24:49 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3OIOmvB070233; Thu, 24 Apr 2014 18:24:48 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404241824.s3OIOmvB070233@svn.freebsd.org> From: Dru Lavigne Date: Thu, 24 Apr 2014 18:24:48 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44647 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Apr 2014 18:24:49 -0000 Author: dru Date: Thu Apr 24 18:24:48 2014 New Revision: 44647 URL: http://svnweb.freebsd.org/changeset/doc/44647 Log: Editorial review of Attaching and Detaching Existing Images. More commits to come to finish review of this chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Thu Apr 24 18:20:14 2014 (r44646) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Thu Apr 24 18:24:48 2014 (r44647) @@ -1989,44 +1989,67 @@ scsibus1:             In addition to physical disks, &os; also supports - the creation and use of memory disks. + the creation and use of memory disks. One possible use for a + memory disk is to access the contents of an + ISO file system without the overhead of first + burning it to a CD or DVD, + then mounting the CD/DVD media. + + In &os;, the &man.md.4; driver is used to provide support + for memory disks. The GENERIC kernel + includes this driver. When using a custom kernel + configuration file, ensure it includes this line: - - disks - memory - + device md Attaching and Detaching Existing Images disks - file-backed + memory - &man.mdconfig.8; is used to configure and enable memory - disks, &man.md.4;, under &os;. To use &man.mdconfig.8;, - &man.md.4; must be first loaded. When using a custom kernel - configuration file, ensure it includes this line: + To mount an existing file system image, use + mdconfig to specify the name of the + ISO file and a free unit number. Then, + refer to that unit number to mount it on an existing mount + point. Once mounted, the files in the ISO + will appear in the mount point. This example attaches + diskimage.iso to the memory device + /dev/md0 then mounts that memory device + on /mnt: - device md + &prompt.root; mdconfig -f diskimage.iso -u 0 +&prompt.root; mount /dev/md0 /mnt - &man.mdconfig.8; supports several types of memory backed - virtual disks: memory disks allocated with &man.malloc.9; and - memory disks using a file or swap space as backing. One - possible use is the mounting of CD - images. + If a unit number is not specified with + , mdconfig will + automatically allocate an unused memory device and output + the name of the allocated unit, such + as md4. Refer to &man.mdconfig.8; + for more details about this command and its options. + + When a memory disk is no + longer in use, its resources should be released back to + the system. First, unmount the file system, then use + mdconfig to detach the disk from the system and + release its resources. To continue this example: - To mount an existing file system image: + &prompt.root; umount /mnt +&prompt.root; mdconfig -d -u 0 - - Using <command>mdconfig</command> to Mount an Existing - File System Image + To determine if any memory disks are still attached to the + system, type mdconfig -l. + - &prompt.root; mdconfig -f diskimage.iso -u 0 -&prompt.root; mount /dev/md0 /mnt - + + Creating a Memory Disk + + disks + memory file system + To create a new file system image with &man.mdconfig.8;: @@ -2050,12 +2073,32 @@ Filesystem 1K-blocks Used Avail Capacity /dev/md0a 4710 4 4330 0% /mnt - If unit number is not specified with - , &man.mdconfig.8; uses the - &man.md.4; automatic allocation to select an unused device. - The name of the allocated unit will be output to stdout, such - as md4. Refer to &man.mdconfig.8; - for more details about. + For a memory-based file system, swap + backing should normally be used. This does not mean + that the memory disk will be swapped out to disk by default, + but rather that the memory disk will be allocated from a + memory pool which can be swapped out to disk if needed. It is + also possible to create memory-based disks which are + &man.malloc.9; backed, but using large malloc backed memory + disks can result in a system panic if the kernel runs out of + memory. + + + Creating a New Memory-Based Disk with + <command>mdconfig</command> + + &prompt.root; mdconfig -a -t swap -s 5m -u 1 +&prompt.root; newfs -U md1 +/dev/md1: 5.0MB (10240 sectors) block size 16384, fragment size 2048 + using 4 cylinder groups of 1.27MB, 81 blks, 192 inodes. + with soft updates +super-block backups (for fsck -b #) at: + 160, 2752, 5344, 7936 +&prompt.root; mount /dev/md1 /mnt +&prompt.root; df /mnt +Filesystem 1K-blocks Used Avail Capacity Mounted on +/dev/md1 4718 4 4338 0% /mnt + While &man.mdconfig.8; is useful, it takes several command lines to create a file-backed file system. &os; also @@ -2087,58 +2130,6 @@ Filesystem 1K-blocks Used Avail Capacity disks detaching a memory disk - - When a memory-based or file-based file system is no - longer in use, its resources should be released back to - the system. First, unmount the file system, then use - &man.mdconfig.8; to detach the disk from the system and - release the resources. - - For example, to detach and free all resources used by - /dev/md4: - - &prompt.root; mdconfig -d -u 4 - - It is possible to list information about configured - &man.md.4; devices by running - mdconfig -l. - - - - Creating a Memory Disk - - - disks - memory file system - - - For a memory-based file system, swap - backing should normally be used. This does not mean - that the memory disk will be swapped out to disk by default, - but rather that the memory disk will be allocated from a - memory pool which can be swapped out to disk if needed. It is - also possible to create memory-based disks which are - &man.malloc.9; backed, but using large malloc backed memory - disks can result in a system panic if the kernel runs out of - memory. - - - Creating a New Memory-Based Disk with - <command>mdconfig</command> - - &prompt.root; mdconfig -a -t swap -s 5m -u 1 -&prompt.root; newfs -U md1 -/dev/md1: 5.0MB (10240 sectors) block size 16384, fragment size 2048 - using 4 cylinder groups of 1.27MB, 81 blks, 192 inodes. - with soft updates -super-block backups (for fsck -b #) at: - 160, 2752, 5344, 7936 -&prompt.root; mount /dev/md1 /mnt -&prompt.root; df /mnt -Filesystem 1K-blocks Used Avail Capacity Mounted on -/dev/md1 4718 4 4338 0% /mnt - - Creating a New Memory-Based Disk with <command>mdmfs</command> From owner-svn-doc-all@FreeBSD.ORG Thu Apr 24 19:51:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DDC9B47C; Thu, 24 Apr 2014 19:51:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BE5A616F0; Thu, 24 Apr 2014 19:51:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3OJpu0W007624; Thu, 24 Apr 2014 19:51:56 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3OJpuC1007623; Thu, 24 Apr 2014 19:51:56 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404241951.s3OJpuC1007623@svn.freebsd.org> From: Dru Lavigne Date: Thu, 24 Apr 2014 19:51:56 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44648 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Apr 2014 19:51:56 -0000 Author: dru Date: Thu Apr 24 19:51:56 2014 New Revision: 44648 URL: http://svnweb.freebsd.org/changeset/doc/44648 Log: Finish editorial review of Memory Disks chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Thu Apr 24 18:24:48 2014 (r44647) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Thu Apr 24 19:51:56 2014 (r44648) @@ -2030,6 +2030,11 @@ scsibus1: as md4. Refer to &man.mdconfig.8; for more details about this command and its options. + + disks + detaching a memory disk + + When a memory disk is no longer in use, its resources should be released back to the system. First, unmount the file system, then use @@ -2044,48 +2049,26 @@ scsibus1: - Creating a Memory Disk + Creating a File- or Memory-Backed Memory Disk disks memory file system - To create a new file system image with - &man.mdconfig.8;: - - - Creating a New File-Backed Disk with - <command>mdconfig</command> - - &prompt.root; dd if=/dev/zero of=newimage bs=1k count=5k -5120+0 records in -5120+0 records out -&prompt.root; mdconfig -a -t vnode -f newimage -u 0 -&prompt.root; bsdlabel -w md0 auto -&prompt.root; newfs md0a -/dev/md0a: 5.0MB (10224 sectors) block size 16384, fragment size 2048 - using 4 cylinder groups of 1.25MB, 80 blks, 192 inodes. -super-block backups (for fsck -b #) at: - 160, 2720, 5280, 7840 -&prompt.root; mount /dev/md0a /mnt -&prompt.root; df /mnt -Filesystem 1K-blocks Used Avail Capacity Mounted on -/dev/md0a 4710 4 4330 0% /mnt - - - For a memory-based file system, swap - backing should normally be used. This does not mean - that the memory disk will be swapped out to disk by default, - but rather that the memory disk will be allocated from a - memory pool which can be swapped out to disk if needed. It is - also possible to create memory-based disks which are - &man.malloc.9; backed, but using large malloc backed memory - disks can result in a system panic if the kernel runs out of - memory. - - - Creating a New Memory-Based Disk with - <command>mdconfig</command> + &os; also supports memory disks where the storage to use + is allocated from either a hard disk or an area of memory. + The first method is commonly referred to as a file-backed file + system and the second method as a memory-backed file system. + Both types can be created using + mdconfig. + + To create a new memory-backed file system, specify a type + of swap and the size of the memory disk to + create. Then, format the memory disk with a file system and + mount as usual. This example creates a 5M memory disk on unit + 1. That memory disk is then formatted with + the UFS file system before it is + mounted: &prompt.root; mdconfig -a -t swap -s 5m -u 1 &prompt.root; newfs -U md1 @@ -2098,47 +2081,55 @@ super-block backups (for fsck -b #) at: &prompt.root; df /mnt Filesystem 1K-blocks Used Avail Capacity Mounted on /dev/md1 4718 4 4338 0% /mnt - - While &man.mdconfig.8; is useful, it takes several - command lines to create a file-backed file system. &os; also - comes with &man.mdmfs.8; which automatically configures a - &man.md.4; disk using &man.mdconfig.8;, puts a UFS file system - on it using &man.newfs.8;, and mounts it using &man.mount.8;. - For example, to create and mount the same file system image as - above, type the following: - - - Configure and Mount a File-Backed Disk with - <command>mdmfs</command> + + To create a new file-backed memory disk, first allocate an + area of disk to use. This example creates an empty 5K file + named newimage: &prompt.root; dd if=/dev/zero of=newimage bs=1k count=5k 5120+0 records in -5120+0 records out -&prompt.root; mdmfs -F newimage -s 5m md0 /mnt -&prompt.root; df /mnt -Filesystem 1K-blocks Used Avail Capacity Mounted on -/dev/md0 4718 4 4338 0% /mnt - - - When is used without a unit number, - &man.mdmfs.8; uses the &man.md.4; auto-unit feature to - automatically select an unused device. For more details - about &man.mdmfs.8;, refer to its manual page. - - - disks - detaching a memory disk - - - Creating a New Memory-Based Disk with - <command>mdmfs</command> +5120+0 records out - &prompt.root; mdmfs -s 5m md2 /mnt + Next, attach that file to a memory disk, label the memory + disk and format it with the UFS file + system, mount the memory disk, and verify the size of the + file-backed disk: + + &prompt.root; mdconfig -f newimage -u 0 +&prompt.root; bsdlabel -w md0 auto +&prompt.root; newfs md0a +/dev/md0a: 5.0MB (10224 sectors) block size 16384, fragment size 2048 + using 4 cylinder groups of 1.25MB, 80 blks, 192 inodes. +super-block backups (for fsck -b #) at: + 160, 2720, 5280, 7840 +&prompt.root; mount /dev/md0a /mnt &prompt.root; df /mnt Filesystem 1K-blocks Used Avail Capacity Mounted on -/dev/md2 4846 2 4458 0% /mnt - +/dev/md0a 4710 4 4330 0% /mnt + + It takes several commands to create a file- or memory-backed file + system using mdconfig. &os; also + comes with mdmfs which automatically configures a + memory disk, formats it with the UFS file system, + and mounts it. For example, after creating + newimage with + dd, this one command is equivalent to + running the bsdlabel, + newfs, and mount + commands shown above: + + &prompt.root; mdmfs -F newimage -s 5m md0 /mnt + + To instead create a new memory-based memory disk with + mdmfs, use this one command: + + &prompt.root; mdmfs -s 5m md1 /mnt + + If the unit number is not specified, + mdmfs will + automatically select an unused memory device. For more details + about mdmfs, refer to &man.mdmfs.8;. From owner-svn-doc-all@FreeBSD.ORG Thu Apr 24 20:14:15 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 754EDD1F; Thu, 24 Apr 2014 20:14:15 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 606EA1917; Thu, 24 Apr 2014 20:14:15 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3OKEF6x017190; Thu, 24 Apr 2014 20:14:15 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3OKEF7m017189; Thu, 24 Apr 2014 20:14:15 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404242014.s3OKEF7m017189@svn.freebsd.org> From: Dru Lavigne Date: Thu, 24 Apr 2014 20:14:15 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44649 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Apr 2014 20:14:15 -0000 Author: dru Date: Thu Apr 24 20:14:14 2014 New Revision: 44649 URL: http://svnweb.freebsd.org/changeset/doc/44649 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Thu Apr 24 19:51:56 2014 (r44648) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Thu Apr 24 20:14:14 2014 (r44649) @@ -34,7 +34,8 @@ - How to grow the size of a disk's partition on &os;. + How to grow the size of a disk's partition on + &os;. @@ -53,8 +54,7 @@ - How to set up memory - disks. + How to set up memory disks. @@ -72,7 +72,8 @@ - How to configure a highly available storage network. + How to configure a highly available storage + network. @@ -635,14 +636,14 @@ da0: <STECH Simple Drive 1.04> s/n creating - Compact Disc (CD) media provide a number of features - that differentiate them from conventional disks. They are - designed so that they can be read continuously without delays to - move the head between tracks. While CD media - do have tracks, these refer to a section of data to be read - continuously, and not a physical property of the disk. The - ISO 9660 file system was designed to deal - with these differences. + Compact Disc (CD) media provide a number + of features that differentiate them from conventional disks. + They are designed so that they can be read continuously without + delays to move the head between tracks. While + CD media do have tracks, these refer to a + section of data to be read continuously, and not a physical + property of the disk. The ISO 9660 file + system was designed to deal with these differences. ISO 9660 @@ -658,10 +659,10 @@ da0: <STECH Simple Drive 1.04> s/n The &os; Ports Collection provides several utilities for burning and duplicating audio and data CDs. - This chapter demonstrates the - use of several command line utilities. For - CD burning software with a graphical utility, - consider installing the sysutils/xcdroast or + This chapter demonstrates the use of several command line + utilities. For CD burning software with a + graphical utility, consider installing the + sysutils/xcdroast or sysutils/k3b packages or ports. @@ -775,9 +776,9 @@ cd0: Attempt to query device size failed &prompt.root; cdrecord dev=device imagefile.iso - To determine the device name of the burner, - use which might produce - results like this: + To determine the device name of the burner, use + which might produce results like + this: CD-ROMs @@ -805,40 +806,42 @@ scsibus1: 1,6,0 106) 'ARTEC ' 'AM12S ' '1.06' Scanner 1,7,0 107) * - Locate the entry for the CD - burner and use the three numbers separated by commas as the - value for . In this case, the Yamaha burner device - is 1,5,0, so the appropriate input to specify that device is - . Refer to the manual page for cdrecord for - other ways to specify this value and for information on - writing audio tracks and controlling the write speed. - - Alternately, run the following - command to get the device address of the - burner: + Locate the entry for the CD burner and + use the three numbers separated by commas as the value for + . In this case, the Yamaha burner device + is 1,5,0, so the appropriate input to + specify that device is . Refer to + the manual page for cdrecord for other ways + to specify this value and for information on writing audio + tracks and controlling the write speed. + + Alternately, run the following command to get the device + address of the burner: &prompt.root; camcontrol devlist <MATSHITA CDRW/DVD UJDA740 1.00> at scbus1 target 0 lun 0 (cd0,pass0) Use the numeric values for scbus, target, and lun. For - this example, 1,0,0 is the - device name to use. + this example, 1,0,0 is the device name to + use. - Writing Data to an <acronym>ISO</acronym> File System + Writing Data to an <acronym>ISO</acronym> File + System In order to produce a data CD, the data files that are going to make up the tracks on the - CD must be prepared before they can be burned to the - CD. In &os;, + CD must be prepared before they can be + burned to the CD. In &os;, sysutils/cdrtools installs - mkisofs, which can be used to produce an ISO 9660 file - system that is an image of a directory tree within a &unix; file - system. The simplest usage is to specify the name of the - ISO file to create and the path to the files - to place into the ISO 9660 file system: + mkisofs, which can be used to produce an + ISO 9660 file system that is an image of a + directory tree within a &unix; file system. The simplest + usage is to specify the name of the ISO + file to create and the path to the files to place into the + ISO 9660 file system: &prompt.root; mkisofs -o imagefile.iso /path/to/tree @@ -847,27 +850,29 @@ scsibus1: ISO 9660 - This command - maps the file names in the specified path to names that fit the limitations of - the standard ISO 9660 file system, and will exclude files that - do not meet the standard for ISO file systems. + This command maps the file names in the specified path to + names that fit the limitations of the standard + ISO 9660 file system, and will exclude + files that do not meet the standard for ISO + file systems. file systems Joliet + A number of options are available to overcome the - restrictions imposed by the standard. In particular, enables the - Rock Ridge extensions common to &unix; systems and - enables Joliet extensions used by - Microsoft systems. + restrictions imposed by the standard. In particular, + enables the Rock Ridge extensions common + to &unix; systems and enables Joliet + extensions used by Microsoft systems. For CDs that are going to be used only on &os; systems, can be used to disable all filename restrictions. When used with , it produces a file system image that is - identical to the specified &os; tree, even if it violates - the ISO 9660 standard. + identical to the specified &os; tree, even if it violates the + ISO 9660 standard. CD-ROMs @@ -880,22 +885,22 @@ scsibus1: CD. This option takes an argument which is the path to a boot image from the top of the tree being written to the CD. By default, - mkisofs creates an ISO image in floppy disk - emulation mode, and thus expects the boot image to - be exactly 1200, 1440 or 2880 KB in size. Some boot - loaders, like the one used by the &os; distribution media, do - not use emulation mode. In this case, - should be used. So, if - /tmp/myboot holds a bootable &os; system - with the boot image in + mkisofs creates an ISO + image in floppy disk emulation mode, and thus + expects the boot image to be exactly 1200, 1440 or + 2880 KB in size. Some boot loaders, like the one used by + the &os; distribution media, do not use emulation mode. In + this case, should be used. So, + if /tmp/myboot holds a bootable &os; + system with the boot image in /tmp/myboot/boot/cdboot, this command would produce /tmp/bootable.iso: &prompt.root; mkisofs -R -no-emul-boot -b boot/cdboot -o /tmp/bootable.iso /tmp/myboot - The resulting ISO image can be mounted as a memory disk - with: + The resulting ISO image can be mounted + as a memory disk with: &prompt.root; mdconfig -a -t vnode -f /tmp/bootable.iso -u 0 &prompt.root; mount -t cd9660 /dev/md0 /mnt @@ -904,23 +909,23 @@ scsibus1: /tmp/myboot are identical. There are many other options available for - mkisofs to fine-tune its behavior. Refer to - &man.mkisofs.8; for details. + mkisofs to fine-tune its behavior. Refer + to &man.mkisofs.8; for details. - It is possible to copy a data CD to an - image file that is functionally equivalent to the image file - created with mkisofs. To do so, use - dd with the device name as the input file - and the name of the ISO to create as the - output file: + It is possible to copy a data CD to + an image file that is functionally equivalent to the image + file created with mkisofs. To do so, use + dd with the device name as the input + file and the name of the ISO to create as + the output file: &prompt.root; dd if=/dev/cd0 of=file.iso bs=2048 - The resulting image file can be burned to - CD as described in . - + The resulting image file can be burned to + CD as described in . + @@ -933,14 +938,14 @@ scsibus1: &prompt.root; mount -t cd9660 /dev/cd0 /mnt - Since mount assumes - that a file system is of type ufs, a - Incorrect super block error will occur - if -t cd9660 is not included when mounting - a data CD. + Since mount assumes that a file system + is of type ufs, a Incorrect + super block error will occur if -t + cd9660 is not included when mounting a data + CD. - While any data CD can - be mounted this way, disks with certain ISO 9660 extensions + While any data CD can be mounted this + way, disks with certain ISO 9660 extensions might behave oddly. For example, Joliet disks store all filenames in two-byte Unicode characters. If some non-English characters show up as question marks, specify the local @@ -963,8 +968,8 @@ scsibus1: Occasionally, Device not configured will be displayed when trying to mount a data CD. This usually means that the - CD drive thinks that there is no disk - in the tray, or that the drive is not visible on the bus. It + CD drive thinks that there is no disk in + the tray, or that the drive is not visible on the bus. It can take a couple of seconds for a CD drive to realize that a media is present, so be patient. @@ -985,32 +990,35 @@ scsibus1: drive every possible chance to answer the bus reset. - It is possible to burn a file directly to - CD, without creating an ISO 9660 file - system. This is known as burning a raw data - CD and some people do this for backup purposes. - - This type of disk can not be mounted as a normal data - CD. In order to retrieve the data burned to such a - CD, the data must be read from the raw - device node. For example, this command will extract a - compressed tar file located on the second CD - device into the current working directory: - - &prompt.root; tar xzvf /dev/cd1 - - In order to mount a data - CD, the data must be written using - mkisofs. - + It is possible to burn a file directly to + CD, without creating an + ISO 9660 file system. This is known as + burning a raw data CD and some people do + this for backup purposes. + + This type of disk can not be mounted as a normal data + CD. In order to retrieve the data burned + to such a CD, the data must be read from + the raw device node. For example, this command will extract + a compressed tar file located on the second + CD device into the current working + directory: + + &prompt.root; tar xzvf /dev/cd1 + + In order to mount a data CD, the + data must be written using + mkisofs. + Duplicating Audio <acronym>CD</acronym>s + To duplicate an audio CD, extract the audio data from the CD to a series of files, then write these files to a blank - CD. + CD. describes how to duplicate and burn an audio CD. If the @@ -1026,11 +1034,11 @@ scsibus1: The sysutils/cdrecord package or port installs cdda2wav. This command can be used to extract all of the audio tracks, with each - track written to a separate WAV - file in the current working directory: + track written to a separate WAV file in + the current working directory: &prompt.user; cdda2wav -vall -B -Owav - + A device name does not need to be specified if there is only one CD device on the system. Refer to the cdda2wav manual page for @@ -1049,7 +1057,7 @@ scsibus1: linkend="cdrecord"/>. - + @@ -1988,19 +1996,19 @@ scsibus1: - In addition to physical disks, &os; also supports - the creation and use of memory disks. One possible use for a + In addition to physical disks, &os; also supports the + creation and use of memory disks. One possible use for a memory disk is to access the contents of an ISO file system without the overhead of first burning it to a CD or DVD, then mounting the CD/DVD media. - - In &os;, the &man.md.4; driver is used to provide support - for memory disks. The GENERIC kernel - includes this driver. When using a custom kernel - configuration file, ensure it includes this line: - device md + In &os;, the &man.md.4; driver is used to provide support + for memory disks. The GENERIC kernel + includes this driver. When using a custom kernel configuration + file, ensure it includes this line: + + device md Attaching and Detaching Existing Images @@ -2020,26 +2028,26 @@ scsibus1: /dev/md0 then mounts that memory device on /mnt: - &prompt.root; mdconfig -f diskimage.iso -u 0 + &prompt.root; mdconfig -f diskimage.iso -u 0 &prompt.root; mount /dev/md0 /mnt If a unit number is not specified with , mdconfig will automatically allocate an unused memory device and output - the name of the allocated unit, such - as md4. Refer to &man.mdconfig.8; - for more details about this command and its options. + the name of the allocated unit, such as + md4. Refer to &man.mdconfig.8; for more + details about this command and its options. disks detaching a memory disk - When a memory disk is no - longer in use, its resources should be released back to - the system. First, unmount the file system, then use - mdconfig to detach the disk from the system and - release its resources. To continue this example: + When a memory disk is no longer in use, its resources + should be released back to the system. First, unmount the + file system, then use mdconfig to detach + the disk from the system and release its resources. To + continue this example: &prompt.root; umount /mnt &prompt.root; mdconfig -d -u 0 @@ -2070,7 +2078,7 @@ scsibus1: the UFS file system before it is mounted: - &prompt.root; mdconfig -a -t swap -s 5m -u 1 + &prompt.root; mdconfig -a -t swap -s 5m -u 1 &prompt.root; newfs -U md1 /dev/md1: 5.0MB (10240 sectors) block size 16384, fragment size 2048 using 4 cylinder groups of 1.27MB, 81 blks, 192 inodes. @@ -2082,12 +2090,11 @@ super-block backups (for fsck -b #) at: Filesystem 1K-blocks Used Avail Capacity Mounted on /dev/md1 4718 4 4338 0% /mnt - - To create a new file-backed memory disk, first allocate an + To create a new file-backed memory disk, first allocate an area of disk to use. This example creates an empty 5K file named newimage: - &prompt.root; dd if=/dev/zero of=newimage bs=1k count=5k + &prompt.root; dd if=/dev/zero of=newimage bs=1k count=5k 5120+0 records in 5120+0 records out @@ -2095,7 +2102,7 @@ Filesystem 1K-blocks Used Avail Capacity disk and format it with the UFS file system, mount the memory disk, and verify the size of the file-backed disk: - + &prompt.root; mdconfig -f newimage -u 0 &prompt.root; bsdlabel -w md0 auto &prompt.root; newfs md0a @@ -2108,28 +2115,28 @@ super-block backups (for fsck -b #) at: Filesystem 1K-blocks Used Avail Capacity Mounted on /dev/md0a 4710 4 4330 0% /mnt - It takes several commands to create a file- or memory-backed file - system using mdconfig. &os; also - comes with mdmfs which automatically configures a - memory disk, formats it with the UFS file system, - and mounts it. For example, after creating - newimage with - dd, this one command is equivalent to + It takes several commands to create a file- or + memory-backed file system using mdconfig. + &os; also comes with mdmfs which + automatically configures a memory disk, formats it with the + UFS file system, and mounts it. For + example, after creating newimage + with dd, this one command is equivalent to running the bsdlabel, newfs, and mount commands shown above: - &prompt.root; mdmfs -F newimage -s 5m md0 /mnt + &prompt.root; mdmfs -F newimage -s 5m md0 /mnt To instead create a new memory-based memory disk with - mdmfs, use this one command: + mdmfs, use this one command: + + &prompt.root; mdmfs -s 5m md1 /mnt - &prompt.root; mdmfs -s 5m md1 /mnt - - If the unit number is not specified, - mdmfs will - automatically select an unused memory device. For more details - about mdmfs, refer to &man.mdmfs.8;. + If the unit number is not specified, + mdmfs will automatically select an unused + memory device. For more details about + mdmfs, refer to &man.mdmfs.8;. From owner-svn-doc-all@FreeBSD.ORG Thu Apr 24 20:17:38 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 037DBDF6; Thu, 24 Apr 2014 20:17:38 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E46AF193A; Thu, 24 Apr 2014 20:17:37 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3OKHbTI017597; Thu, 24 Apr 2014 20:17:37 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3OKHbwH017596; Thu, 24 Apr 2014 20:17:37 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404242017.s3OKHbwH017596@svn.freebsd.org> From: Dru Lavigne Date: Thu, 24 Apr 2014 20:17:37 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44650 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Apr 2014 20:17:38 -0000 Author: dru Date: Thu Apr 24 20:17:37 2014 New Revision: 44650 URL: http://svnweb.freebsd.org/changeset/doc/44650 Log: Fix missing entity. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Thu Apr 24 20:14:14 2014 (r44649) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Thu Apr 24 20:17:37 2014 (r44650) @@ -865,7 +865,7 @@ scsibus1: restrictions imposed by the standard. In particular, enables the Rock Ridge extensions common to &unix; systems and enables Joliet - extensions used by Microsoft systems. + extensions used by µsoft; systems. For CDs that are going to be used only on &os; systems, can be used to disable From owner-svn-doc-all@FreeBSD.ORG Thu Apr 24 20:50:14 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9A961D87; Thu, 24 Apr 2014 20:50:14 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 869FA1C84; Thu, 24 Apr 2014 20:50:14 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3OKoEBJ032167; Thu, 24 Apr 2014 20:50:14 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3OKoEql032166; Thu, 24 Apr 2014 20:50:14 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404242050.s3OKoEql032166@svn.freebsd.org> From: Dru Lavigne Date: Thu, 24 Apr 2014 20:50:14 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44651 - head/en_US.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Apr 2014 20:50:14 -0000 Author: dru Date: Thu Apr 24 20:50:14 2014 New Revision: 44651 URL: http://svnweb.freebsd.org/changeset/doc/44651 Log: Replace "you"usage in 9.x Install chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Thu Apr 24 20:17:37 2014 (r44650) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Thu Apr 24 20:50:14 2014 (r44651) @@ -101,7 +101,7 @@ The questions bsdinstall will - ask you, what they mean, and how to answer them. + ask, what they mean, and how to answer them. @@ -110,7 +110,7 @@ Read the supported hardware list that shipped with the - version of &os; you are installing, and verify that your + version of &os; to be installed and verify that the system's hardware is supported. @@ -136,9 +136,9 @@ &os; version and the hardware architecture. A summary of this information is given in the following - sections. Depending on the method you choose to install &os;, - you may also need a supported CDROM drive, and in some cases a - network adapter. This will be covered by + sections. Depending upon the method chosen to install &os;, + a supported CDROM drive and, in some cases, a + network adapter may be needed. This will be covered by . @@ -174,12 +174,10 @@ &intel; &xeon; E3, E5 and E7 processors, and the &intel; &core; i3, i5 and i7 processors. - If you have a machine based on an nVidia nForce3 - Pro-150, you must use the BIOS setup to - disable the IO APIC. If you do not have an option to do - this, you will likely have to disable ACPI instead. There - are bugs in the Pro-150 chipset for which we have not yet - found a workaround. + If the system is based on an nVidia nForce3 + Pro-150, the IO APIC must be disabled + in the BIOS setup. If this BIOS option does not exist, + disable ACPI instead. @@ -225,7 +223,7 @@ Pre-Installation Tasks - Back Up Your Data + Back Up Important Data Back up all important data on the target computer where &os; will be installed. Test the backups before @@ -348,7 +346,7 @@ - Back up your &windows; data. Then reinstall + Back up any &windows; data. Then reinstall &windows;, creating a 20 GB partition during the install. @@ -462,14 +460,14 @@ corrupt and should be discarded. - If you already have a copy of &os; on CDROM, DVD, or USB + If a copy of &os; already exists on CDROM, DVD, or USB memory stick, this section can be skipped. &os; CD and DVD images are bootable ISO files. Only one CD or DVD is needed for an install. Burn the ISO image to a bootable CD or DVD using the CD recording applications - available with your current operating system. On &os;, + available with the current operating system. On &os;, recording is provided by &man.cdrecord.1; from sysutils/cdrtools, installed from the Ports Collection. @@ -488,7 +486,7 @@ ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/arch/arch/ISO-IMAGES/version/&os;-version-RELEASE-arch-memstick.img. Replace arch and version with the - architecture and the version number which you want to + architecture and the version number to install, respectively. For example, the memory stick images for &os;/&arch.i386; 9.0-RELEASE are available from The example below shows /dev/da0 as the target device where the image will be written. Be very careful that - the correct device is used as the output target, or - you may destroy existing data. + the correct device is used as the output target, as this command will + destroy existing data. @@ -549,8 +547,8 @@ Be sure to give the correct drive letter as the - output target, or you may overwrite and destroy - existing data. + output target, as existing data will be overwritten + and destroyed. @@ -600,7 +598,7 @@ By default, the installation will not make any changes to - your disk(s) until you see the following message: + the disk(s) before the following message: Your changes will now be written to disk. If you have chosen to overwrite existing data, it will @@ -609,8 +607,8 @@ commit your changes? The install can be exited at any time prior to this warning without changing the contents of the hard drive. If - you are concerned that you have configured something - incorrectly you can just turn the computer off before this + there is a concern that something is + incorrectly configured, just turn the computer off before this point, and no damage will be done. @@ -622,19 +620,19 @@ commit your changes? - If you prepared a bootable USB stick, + When using a prepared bootable USB stick, as described in - , then - plug in your USB stick before turning on the + , + plug in the USB stick before turning on the computer. - If you are booting from CDROM, then you will need to - turn on the computer, and insert the CDROM at the first + When booting from CDROM, + turn on the computer and insert the CDROM at the first opportunity. - Configure your machine to boot from either the CDROM + Configure the system to boot from either the CDROM or from USB, depending on the media being used for the installation. BIOS configurations allow the selection of a specific boot device. Most @@ -645,24 +643,24 @@ commit your changes? - If your computer starts up as normal and loads your + If the computer starts up as normal and loads an existing operating system, then either: The disks were not inserted early enough in the boot process. Leave them in, and try restarting - your computer. + the computer. The BIOS changes earlier did - not work correctly. You should redo that step until - you get the right option. + not work correctly. Redo that step until + the right option is selected. - Your particular BIOS does not + This particular BIOS does not support booting from the desired media. The Plop Boot Manager can be used to boot older @@ -672,8 +670,8 @@ commit your changes? - &os; will start to boot. If you are booting from - CDROM you will see a display similar to this (version + &os; will start to boot. When booting from + CDROM, messages similar to this will be displayed (version information omitted): Booting from CD-ROM... @@ -752,8 +750,8 @@ Loading /boot/defaults/loader.conf Booting for &sparc64; Most &sparc64; systems are set up to boot automatically - from disk. To install &os;, you need to boot over the - network or from a CDROM, which requires you to break into + from disk. To install &os;, booting over the + network or from a CDROM requires a break into the PROM (OpenFirmware). @@ -767,8 +765,8 @@ Copyright 1998-2001 Sun Microsystems, In OpenBoot 4.2, 128 MB memory installed, Serial #51090132. Ethernet address 0:3:ba:b:92:d4, Host ID: 830b92d4. - If your system proceeds to boot from disk at this point, - you need to press + If the system proceeds to boot from disk at this point, + press L1A or @@ -795,7 +793,7 @@ Ethernet address 0:3:ba:b:92:d4, Host ID - At this point, place the CDROM into your drive, and from + At this point, place the CDROM into the drive, and from the PROM prompt, type boot cdrom. @@ -808,17 +806,17 @@ Ethernet address 0:3:ba:b:92:d4, Host ID screen are stored and can be reviewed. To review the buffer, press Scroll Lock. - This turns on scrolling in the display. You can then use the + This turns on scrolling in the display. Use the arrow keys, or PageUp and - PageDown to view the results. Press + PageDown, to view the results. Press Scroll Lock again to stop scrolling. Do this now, to review the text that scrolled off the screen when the kernel was carrying out the device probes. - You will see text similar to - , although the precise - text will differ depending on the devices that you have in - your computer. + Text similar to + will be displayed, although the precise + text will differ depending on the devices in + the computer.
            Typical Device Probe Results @@ -973,15 +971,15 @@ Trying to mount root from cd9660:/dev/is
            Check the probe results carefully to make sure that &os; - found all the devices you expected. If a device was not - found, then it will not be listed. + found all the devices. If a device was not + found, it will not be listed. Refer to Kernel - modules allows you to add in support for devices + modules for instructions on how to add in support for devices which are not in the GENERIC kernel. - After the procedure of device probing, you will see - . The install media + After the procedure of device probing, + will be displayed. The install media can be used in three ways: to install &os;, as a live CD, or to simply access a &os; shell. Use the arrow keys to choose @@ -1170,12 +1168,11 @@ Trying to mount root from cd9660:/dev/is to use the ports collection. - The installation program does not check to see if - you have adequate space. Select this option only if you - have adequate hard disk space. As of &os; 9.0, the + The installation program does not check for + adequate disk space. Select this option only if + sufficient hard disk space is available. The &os; Ports Collection takes up about &ports.size; of - disk space. You can safely assume a larger value for - more recent versions of &os;. + disk space. @@ -1803,7 +1800,7 @@ Trying to mount root from cd9660:/dev/is - Rescan Devices to repopulate the list of available disks. To ensure that the correct disk is selected, so as not to accidently destroy the wrong disks, the - - Disk Info menu allows you to inspect + - Disk Info menu can be used to inspect each disk, including its partition table, and various other information, including the device model number and serial number, if available. @@ -2310,13 +2307,13 @@ Trying to mount root from cd9660:/dev/is Setting the Time Zone - Setting the time zone for your machine will allow it to + Setting the time zone for the machine will allow it to automatically correct for any regional time changes and perform other time zone related functions properly. The example shown is for a machine located in the Eastern - time zone of the United States. Your selections will vary - according to your geographical location. + time zone of the United States. The selections will vary + according to the geographical location.
            Select Local or UTC Clock @@ -2332,7 +2329,7 @@ Trying to mount root from cd9660:/dev/is Select [ Yes ] or [ No ] according to how the machine's clock is configured and press - Enter. If you do not know whether the system + Enter. If it is not known whether the system uses UTC or local time, select [ No ] to choose the more commonly-used local time. @@ -2661,7 +2658,7 @@ Trying to mount root from cd9660:/dev/is Handbook - Download and install the - &os; Handbook (which is what you are reading now). + &os; Handbook. @@ -2957,23 +2954,23 @@ login: Due to various limitations of the PC architecture, it is impossible for probing to be 100% reliable, however, there are - a few things you can do if it fails. + a few things to try if it fails. Check the Hardware - Notes document for your version of &os; to make sure + Notes document for the version of &os; to make sure your hardware is supported. - If your hardware is supported and you still experience - lock-ups or other problems, you will need to build a - custom kernel. This will - allow you to add in support for devices which are not present + If the hardware is supported and + lock-ups or other problems occur, build a + custom kernel which + adds support for devices which are not present in the GENERIC kernel. The kernel on the boot disks is configured assuming that most hardware devices are in their factory default configuration in terms of IRQs, - IO addresses, and DMA channels. If your hardware has been - reconfigured, you will most likely need to edit the kernel - configuration and recompile to tell &os; where to find + IO addresses, and DMA channels. If the hardware has been + reconfigured, a custom kernel + configuration file can tell &os; where to find things. It is also possible that a probe for a device not present From owner-svn-doc-all@FreeBSD.ORG Thu Apr 24 21:42:27 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 977456B6; Thu, 24 Apr 2014 21:42:27 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 69C0E136D; Thu, 24 Apr 2014 21:42:27 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3OLgR9a054612; Thu, 24 Apr 2014 21:42:27 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3OLgRXF054611; Thu, 24 Apr 2014 21:42:27 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404242142.s3OLgRXF054611@svn.freebsd.org> From: Dru Lavigne Date: Thu, 24 Apr 2014 21:42:27 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44652 - head/en_US.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Apr 2014 21:42:27 -0000 Author: dru Date: Thu Apr 24 21:42:26 2014 New Revision: 44652 URL: http://svnweb.freebsd.org/changeset/doc/44652 Log: Fix links. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Thu Apr 24 20:50:14 2014 (r44651) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Thu Apr 24 21:42:26 2014 (r44652) @@ -196,9 +196,8 @@ &os;/&arch.sparc64; Systems supported by &os;/&arch.sparc64; are listed at - the - FreeBSD/sparc64 Project. + the FreeBSD/sparc64 Project (http://www.freebsd.org/platforms/sparc.html). A dedicated disk is required for &os;/&arch.sparc64;. It is not possible to share a disk with another operating @@ -213,9 +212,9 @@ release are listed in the Hardware Notes file. Usually named HARDWARE.TXT, the file is located in the root directory of the release media. Copies of the supported - hardware list are also available on the Release - Information page of the &os; web site. + hardware list are also available on the Release Information + page of the &os; web site (http://www.FreeBSD.org/releases/index.html). @@ -272,7 +271,7 @@ inconvenient workarounds like logical partitions. - Some older operating systems like &windows; XP + Some older operating systems, like &windows; XP, are not compatible with the GPT partition scheme. If &os; will be sharing a disk with such an operating system, @@ -281,9 +280,9 @@ &os;'s standard boot loader requires either a primary or - GPT partition. (See + GPT partition. Refer to for more information about the &os; - booting process.) If all of the primary or + booting process. If all of the primary or GPT partitions are already in use, one must be freed for &os;. @@ -295,12 +294,12 @@ user interface will be used. Third-party application software requires more space. - A variety of - free and commercial partition resizing tools are - available. GParted - Live is a free Live CD which includes the + A variety of free and commercial partition resizing + tools are listed at http://en.wikipedia.org/wiki/List_of_disk_partitioning_software. + GParted Live (http://gparted.sourceforge.net/livecd.php) + is a free Live CD which includes the GParted partition editor. GParted is also included with many other Linux Live CD distributions. @@ -416,18 +415,15 @@ release of &os; is as stable as possible, bugs occasionally creep into the process. On very rare occasions those bugs affect the installation process. As these problems are - discovered and fixed, they are noted in the FreeBSD - Errata on the &os; web site. Check the errata before + discovered and fixed, they are noted in the &os; Errata (http://www.freebsd.org/releases/&rel.current;R/errata.html) + on the &os; web site. Check the errata before installing to make sure that there are no problems that might affect the installation. Information and errata for all the releases can be found - on the - release - information section of the - &os; web - site. + on the release information section of the &os; web site (http://www.freebsd.org/releases/index.html). @@ -446,9 +442,9 @@ CD is consequently much smaller, and reduces bandwidth usage during the install by only downloading required files. - Copies of &os; installation media are available at the - &os; web - site. Also download + Copies of &os; installation media are available at + www.freebsd.org/where.html#download. + Also download CHECKSUM.SHA256 from the same directory as the image file, and use it to check the image file's integrity by calculating a checksum. @@ -661,9 +657,10 @@ commit your changes? This particular BIOS does not - support booting from the desired media. The Plop - Boot Manager can be used to boot older + support booting from the desired media. The + Plop Boot Manager (http://www.plop.at/en/bootmanager.html) + can be used to boot older computers from CD or USB media. @@ -740,9 +737,9 @@ Loading /boot/defaults/loader.conf boot cd:,\ppc\loader cd:0 - For Xserves without keyboards, see &apple;'s - support web site about booting into Open + For Xserves without keyboards, refer to http://support.apple.com/kb/TA26930 + about booting into Open Firmware. @@ -973,16 +970,16 @@ Trying to mount root from cd9660:/dev/is Check the probe results carefully to make sure that &os; found all the devices. If a device was not found, it will not be listed. Refer to - Kernel - modules for instructions on how to add in support for devices + + for instructions on how to add in support for devices which are not in the GENERIC kernel. - After the procedure of device probing, + After the procedure of device probing, the menu shown in will be displayed. The install media - can be used in three ways: to install &os;, as a - live CD, or - to simply access a &os; shell. Use the arrow keys to choose + can be used in three ways: to install &os;, as a live CD as described in + , or + to access a &os; shell. Use the arrow keys to choose an option, and Enter to select.
            @@ -1010,10 +1007,10 @@ Trying to mount root from cd9660:/dev/is &a.kmoore.email;'s pc-sysinstall is included with - PC-BSD, and can - also be used to - install &os;. Although sometimes confused with + PC-BSD and can + be used to install &os; using the instructions at http://wiki.pcbsd.org/index.php/Use_PC-BSD_Installer_to_Install_FreeBSD. + Although sometimes confused with bsdinstall, the two are not related. @@ -1482,10 +1479,9 @@ Trying to mount root from cd9660:/dev/is APM - Apple - Partition Map, used by &powerpc; - &macintosh;. + Apple Partition Map, used by &powerpc; + &macintosh; (http://support.apple.com/kb/TA21692). @@ -1497,29 +1493,25 @@ Trying to mount root from cd9660:/dev/is GPT - GUID - Partition Table. + GUID Partition Table (http://en.wikipedia.org/wiki/GUID_Partition_Table). MBR - Master - Boot Record. + Master Boot Record (http://en.wikipedia.org/wiki/Master_boot_record). PC98 - MBR - variant, used by NEC PC-98 - computers. + MBR ariant used by NEC PC-98 computers (http://en.wikipedia.org/wiki/Pc9801). VTOC8 - Volume Table Of Contents, used by Sun SPARC64 and + Volume Table Of Contents used by Sun SPARC64 and UltraSPARC computers. @@ -1565,7 +1557,7 @@ Trying to mount root from cd9660:/dev/is Another partition type worth noting is freebsd-zfs, used for partitions that will - contain a &os; ZFS filesystem. See + contain a &os; ZFS file system. . &man.gpart.8; shows more of the available GPT partition types. @@ -1716,8 +1708,9 @@ Trying to mount root from cd9660:/dev/is benefit of ensuring that pools created on 512 byte disks will be able to have 4k sector disks added to them in the future, for additional storage space, or as replacements for failed - disks. The installer can also optionally employ GELI disk encryption. + disks. The installer can also optionally employ GELI disk + encryption as described in . If encryption is enabled, a 2 GB unencrypted boot pool is created that contains the /boot directory, which holds the kernel and other files necessary @@ -1744,8 +1737,8 @@ Trying to mount root from cd9660:/dev/is constitute the pool. The automatic ZFS installer currently only supports the creation of a single top level vdev, except in stripe mode. To create more complex - pools, use Shell Mode to create + pools, use the instructions in to create the pool. The installer supports the creation of various pool types, including stripe (not recommended, no redundancy), mirror (best performance, least usable space), and RAID-Z 1, @@ -1953,8 +1946,8 @@ Trying to mount root from cd9660:/dev/is Once all requested distribution files have been extracted, bsdinstall will then drop straight - into the post-installation configuration tasks (see - ). + into the post-installation configuration tasks described in + . @@ -2222,7 +2215,7 @@ Trying to mount root from cd9660:/dev/is SLAAC allows an IPv6 network component to request autoconfiguration information from a local router. See RFC4862 + xlink:href="http://tools.ietf.org/html/rfc4862">http://tools.ietf.org/html/rfc4862 for more information.
            @@ -2956,15 +2949,15 @@ login: impossible for probing to be 100% reliable, however, there are a few things to try if it fails. - Check the Hardware - Notes document for the version of &os; to make sure + Check the Hardware Notes (http://www.freebsd.org/releases/index.html) + document for the version of &os; to make sure your hardware is supported. If the hardware is supported and - lock-ups or other problems occur, build a - custom kernel which - adds support for devices which are not present + lock-ups or other problems occur, build a custom kernel using the instructions in + to + add support for devices which are not present in the GENERIC kernel. The kernel on the boot disks is configured assuming that most hardware devices are in their factory default configuration in terms of IRQs, From owner-svn-doc-all@FreeBSD.ORG Thu Apr 24 21:46:37 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B50F3869; Thu, 24 Apr 2014 21:46:37 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A1849139A; Thu, 24 Apr 2014 21:46:37 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3OLkbpt055386; Thu, 24 Apr 2014 21:46:37 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3OLkbIa055385; Thu, 24 Apr 2014 21:46:37 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404242146.s3OLkbIa055385@svn.freebsd.org> From: Dru Lavigne Date: Thu, 24 Apr 2014 21:46:37 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44653 - head/en_US.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Apr 2014 21:46:37 -0000 Author: dru Date: Thu Apr 24 21:46:37 2014 New Revision: 44653 URL: http://svnweb.freebsd.org/changeset/doc/44653 Log: Fix filesystem and use of "just" and "simply". Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Thu Apr 24 21:42:26 2014 (r44652) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Thu Apr 24 21:46:37 2014 (r44653) @@ -530,7 +530,7 @@ not a regular file. It is an image of the complete contents of the memory stick. It cannot - simply be copied like a regular file, but must be + be copied like a regular file, but must be written directly to the target device with &man.dd.1;: @@ -780,7 +780,7 @@ Ethernet address 0:3:ba:b:92:d4, Host ID - This is the prompt used on systems with just one + This is the prompt used on systems with one CPU. @@ -1384,8 +1384,8 @@ Trying to mount root from cd9660:/dev/is
            - The entire disk can be allocated to &os;, or just a - portion of it. If + The entire disk or a portion of it can be allocated to &os;. + If [ Entire Disk ] is chosen, a general partition layout filling the whole disk is created. Selecting @@ -1546,7 +1546,7 @@ Trying to mount root from cd9660:/dev/is freebsd-ufs - A &os; UFS - filesystem. + file system. @@ -1562,11 +1562,11 @@ Trying to mount root from cd9660:/dev/is of the available GPT partition types. - Multiple filesystem partitions can be used, and some + Multiple file system partitions can be used, and some people may prefer a traditional layout with separate partitions for the /, /var, /tmp, and - /usr filesystems. See + /usr file systems. See for an example. @@ -1587,7 +1587,7 @@ Trying to mount root from cd9660:/dev/is A mountpoint is needed if this partition will contain a - filesystem. If only a single UFS partition will be created, + file system. If only a single UFS partition will be created, the mountpoint should be /. A label is also requested. A label @@ -1604,7 +1604,7 @@ Trying to mount root from cd9660:/dev/is in /dev/. - Use a unique label on every filesystem to avoid + Use a unique label on every file system to avoid conflicts from identical labels. A few letters from the computer's name, use, or location can be added to the label. For instance, labroot or @@ -1613,13 +1613,13 @@ Trying to mount root from cd9660:/dev/is - Creating Traditional Split Filesystem + <title>Creating Traditional Split File System Partitions For a traditional partition layout where the /, /var, /tmp, and /usr - directories are separate filesystems on their own + directories are separate file systems on their own partitions, create a GPT partitioning scheme, then create the partitions as shown. Partition sizes shown are typical for a 20G target disk. If more space is available on the @@ -2909,7 +2909,8 @@ login: &os; Shutdown Proper shutdown of a &os; computer helps protect data and - even hardware from damage. Do not just turn off the power. + even hardware from damage. Do not turn off the power before + the system has been properly shut down. If the user is a member of the wheel group, become the superuser by typing su at the command From owner-svn-doc-all@FreeBSD.ORG Thu Apr 24 22:11:46 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 844A64BA; Thu, 24 Apr 2014 22:11:46 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6DD1216C2; Thu, 24 Apr 2014 22:11:46 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3OMBkqR066762; Thu, 24 Apr 2014 22:11:46 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3OMBkOD066761; Thu, 24 Apr 2014 22:11:46 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404242211.s3OMBkOD066761@svn.freebsd.org> From: Dru Lavigne Date: Thu, 24 Apr 2014 22:11:46 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44654 - head/en_US.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Apr 2014 22:11:46 -0000 Author: dru Date: Thu Apr 24 22:11:46 2014 New Revision: 44654 URL: http://svnweb.freebsd.org/changeset/doc/44654 Log: Fix most missing acronym tags. Fix other tags spotted along the way. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Thu Apr 24 21:46:37 2014 (r44653) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Thu Apr 24 22:11:46 2014 (r44654) @@ -137,7 +137,7 @@ A summary of this information is given in the following sections. Depending upon the method chosen to install &os;, - a supported CDROM drive and, in some cases, a + a supported CD drive and, in some cases, a network adapter may be needed. This will be covered by . @@ -145,12 +145,12 @@ &os;/&arch.i386; &os;/&arch.i386; requires a 486 or better processor and - at least 64 MB of RAM. At least 1.1 GB of free + at least 64 MB of RAM. At least 1.1 GB of free hard drive space is needed for the most minimal installation. - On old computers, increasing RAM and hard drive space + On old computers, increasing RAM and hard drive space is usually more effective at improving performance than installing a faster processor. @@ -175,19 +175,19 @@ &intel; &core; i3, i5 and i7 processors. If the system is based on an nVidia nForce3 - Pro-150, the IO APIC must be disabled - in the BIOS setup. If this BIOS option does not exist, - disable ACPI instead. + Pro-150, the IO APIC must be disabled + in the BIOS setup. If this BIOS option does not exist, + disable ACPI instead. &os;/&arch.powerpc; &apple; &macintosh; All New World &apple; &macintosh; systems with built-in - USB are supported. SMP is supported on machines with - multiple CPUs. + USB are supported. SMP is supported on machines with + multiple CPUs. - A 32-bit kernel can only use the first 2 GB of RAM. + A 32-bit kernel can only use the first 2 GB of RAM. &firewire; is not supported on the Blue & White PowerMac G3. @@ -246,26 +246,26 @@ Hard disks can be divided into multiple sections. These sections are called - partitions. + partitions. There are two ways of dividing a disk into partitions. - A traditional Master Boot Record + A traditional Master Boot Record (MBR) holds a - partition table defining up to four primary - partitions. (For historical reasons, &os; - calls primary partitions slices.) A + partition table defining up to four primary + partitions. For historical reasons, &os; + calls primary partitions slices. A limit of only four partitions is restrictive for large disks, so one of these primary partitions can be made into - an extended partition. Multiple - logical partitions may then be + an extended partition. Multiple + logical partitions may then be created inside the extended partition. This may sound a little unwieldy, and it is. - The GUID Partition Table + The GUID Partition Table (GPT) is a newer and simpler method of partitioning a disk. GPT is far - more versatile than the traditional MBR partition table. + more versatile than the traditional MBR partition table. Common GPT implementations allow up to 128 partitions per disk, eliminating the need for inconvenient workarounds like logical partitions. @@ -311,7 +311,7 @@ Resizing µsoft; Vista partitions can be - difficult. A Vista installation CDROM can be useful when + difficult. A Vista installation CD can be useful when attempting such an operation. @@ -372,10 +372,10 @@ Some &os; installation methods need a network connection to download files. To connect to an Ethernet network (or - cable or DSL modem with an Ethernet interface), the installer + cable or DSL modem with an Ethernet interface), the installer will request some information about the network. - DHCP is commonly + DHCP is commonly used to provide automatic network configuration. If DHCP is not available, this network information must be obtained from the local network @@ -430,7 +430,7 @@ Prepare the Installation Media A &os; installation is started by booting the computer - with a &os; installation CD, DVD, or USB memory stick. The + with a &os; installation CD, DVD, or USB memory stick. The installer is not a program that can be run from within another operating system. @@ -439,7 +439,7 @@ bootonly variant. Bootonly install media does not have copies of the installation files, but downloads them from the network during an install. The bootonly install - CD is consequently much smaller, and reduces bandwidth usage + CD is consequently much smaller, and reduces bandwidth usage during the install by only downloading required files. Copies of &os; installation media are available at @@ -456,16 +456,16 @@ corrupt and should be discarded. - If a copy of &os; already exists on CDROM, DVD, or USB + If a copy of &os; already exists on CD, DVD, or USB memory stick, this section can be skipped. - &os; CD and DVD images are bootable ISO files. Only one - CD or DVD is needed for an install. Burn the ISO image to a - bootable CD or DVD using the CD recording applications + &os; CD and DVD images are bootable ISO files. Only one + CD or DVD is needed for an install. Burn the ISO image to a + bootable CD or DVD using the burning applications available with the current operating system. On &os;, - recording is provided by &man.cdrecord.1; from - sysutils/cdrtools, installed + recording is provided by cdrecord from + sysutils/cdrtools, installed from the Ports Collection. To create a bootable memory stick, follow these @@ -619,17 +619,17 @@ commit your changes? When using a prepared bootable USB stick, as described in , - plug in the USB stick before turning on the + plug in the USB stick before turning on the computer. - When booting from CDROM, - turn on the computer and insert the CDROM at the first + When booting from CD, + turn on the computer and insert the CD at the first opportunity. - Configure the system to boot from either the CDROM - or from USB, depending on the media being used for the + Configure the system to boot from either the CD + or from USB, depending on the media being used for the installation. BIOS configurations allow the selection of a specific boot device. Most systems also provide for selecting a boot device during @@ -661,14 +661,14 @@ commit your changes? Plop Boot Manager (http://www.plop.at/en/bootmanager.html) can be used to boot older - computers from CD or USB media. + computers from CD or USB media. &os; will start to boot. When booting from - CDROM, messages similar to this will be displayed (version + CD, messages similar to this will be displayed (version information omitted): Booting from CD-ROM... @@ -718,7 +718,7 @@ Loading /boot/defaults/loader.conf Booting for &macintosh; &powerpc; On most machines, holding C on the - keyboard during boot will boot from the CD. Otherwise, hold + keyboard during boot will boot from the CD. Otherwise, hold Command Option @@ -748,7 +748,7 @@ Loading /boot/defaults/loader.conf Most &sparc64; systems are set up to boot automatically from disk. To install &os;, booting over the - network or from a CDROM requires a break into + network or from a CD requires a break into the PROM (OpenFirmware). @@ -785,12 +785,12 @@ Ethernet address 0:3:ba:b:92:d4, Host ID - This is the prompt used on SMP systems, the digit - indicates the number of the active CPU. + This is the prompt used on SMP systems, the digit + indicates the number of the active CPU. - At this point, place the CDROM into the drive, and from + At this point, place the CD into the drive, and from the PROM prompt, type boot cdrom. @@ -977,7 +977,7 @@ Trying to mount root from cd9660:/dev/is After the procedure of device probing, the menu shown in will be displayed. The install media - can be used in three ways: to install &os;, as a live CD as described in + can be used in three ways: to install &os;, as a live CD as described in , or to access a &os; shell. Use the arrow keys to choose an option, and Enter to select. @@ -1124,8 +1124,8 @@ Trying to mount root from cd9660:/dev/is Deciding which components to install will depend largely on the intended use of the system and the amount of disk space - available. The &os; Kernel and userland (collectively the - base system) are always installed. + available. The &os; kernel and userland, collectively known as the + base system, are always installed. Depending on the type of installation, some of these components may not appear. @@ -1141,7 +1141,7 @@ Trying to mount root from cd9660:/dev/is - games - Several traditional BSD + games - Several traditional BSD games, including fortune, rot13, and others. @@ -1360,8 +1360,8 @@ Trying to mount root from cd9660:/dev/is introduced in the smaller write heavy partitions will not bleed over into the mostly read partitions. Keeping the write loaded partitions closer to the disk's edge will - increase I/O performance in the partitions where it occurs - the most. While I/O performance in the larger partitions + increase I/O performance in the partitions where it occurs + the most. While I/O performance in the larger partitions may be needed, shifting them more toward the edge of the disk will not lead to a significant performance improvement over moving /var to the edge. @@ -1620,7 +1620,7 @@ Trying to mount root from cd9660:/dev/is /, /var, /tmp, and /usr directories are separate file systems on their own - partitions, create a GPT partitioning scheme, then create + partitions, create a GPT partitioning scheme, then create the partitions as shown. Partition sizes shown are typical for a 20G target disk. If more space is available on the target disk, larger swap or /var @@ -1810,7 +1810,7 @@ Trying to mount root from cd9660:/dev/is The menu also allows the user to enter a name for the pool, disable forcing 4k sectors, enable or disable - encryption, switch between GPT (recommended) and MBR partition + encryption, switch between GPT (recommended) and MBR partition table types, and select the desired amount of swap space. Once all options have been set to the desired values, select the >>> Install @@ -2092,7 +2092,7 @@ Trying to mount root from cd9660:/dev/is Configuring IPv4 Networking - Choose whether IPv4 networking is to be used. This is + Choose whether IPv4 networking is to be used. This is the most common type of network connection.
            @@ -2106,7 +2106,7 @@ Trying to mount root from cd9660:/dev/is
            - There are two methods of IPv4 configuration. + There are two methods of IPv4 configuration. DHCP will automatically configure the network interface correctly, and is the preferred method. Static @@ -2121,14 +2121,14 @@ Trying to mount root from cd9660:/dev/is - IPv4 DHCP Network Configuration + <acronym>IPv4</acronym> <acronym>DHCP</acronym> Network Configuration - If a DHCP server is available, select + If a DHCP server is available, select [ Yes ] to automatically configure the network interface.
            - Choose IPv4 DHCP Configuration + Choose <acronym>IPv4</acronym> <acronym>DHCP</acronym> Configuration @@ -2140,13 +2140,13 @@ Trying to mount root from cd9660:/dev/is - IPv4 Static Network Configuration + <acronym>IPv4</acronym> Static Network Configuration Static configuration of the network interface requires - entry of some IPv4 information. + entry of some IPv4 information.
            - IPv4 Static Configuration + <acronym>IPv4</acronym> Static Configuration @@ -2159,7 +2159,7 @@ Trying to mount root from cd9660:/dev/is IP Address - The - manually-assigned IPv4 address to be assigned to this + manually-assigned IPv4 address to be assigned to this computer. This address must be unique and not already in use by another piece of equipment on the local network. @@ -2186,8 +2186,8 @@ Trying to mount root from cd9660:/dev/is Configuring IPv6 Networking - IPv6 is a newer method of network configuration. If - IPv6 is available and desired, choose + IPv6 is a newer method of network configuration. If + IPv6 is available and desired, choose [ Yes ] to select it. @@ -2210,9 +2210,9 @@ Trying to mount root from cd9660:/dev/is requires manual entry of network information. - IPv6 Stateless Address Autoconfiguration + <acronym>IPv6</acronym> Stateless Address Autoconfiguration - SLAAC allows an IPv6 network + SLAAC allows an IPv6 network component to request autoconfiguration information from a local router. See http://tools.ietf.org/html/rfc4862 @@ -2231,10 +2231,10 @@ Trying to mount root from cd9660:/dev/is - IPv6 Static Network Configuration + <acronym>IPv6</acronym> Static Network Configuration Static configuration of the network interface requires - entry of the IPv6 configuration information. + entry of the IPv6 configuration information.
            IPv6 Static Configuration @@ -2271,8 +2271,8 @@ Trying to mount root from cd9660:/dev/is Configuring <acronym>DNS</acronym> - The Domain Name System (or - DNS) Resolver + The Domain Name System + (DNS) resolver converts hostnames to and from network addresses. If DHCP or SLAAC was used to autoconfigure the network interface, the @@ -2501,7 +2501,7 @@ Trying to mount root from cd9660:/dev/is - Uid - User ID. Typically, this + Uid - User ID. Typically, this is left blank so the system will assign a value. @@ -2689,12 +2689,12 @@ Trying to mount root from cd9660:/dev/is If further configuration or special setup is needed, selecting [ Live CD ] - will boot the install media into Live CD mode. + will boot the install media into Live CD mode. When the installation is complete, select [ Reboot ] to reboot the computer and start the new &os; system. Do not forget to - remove the &os; install CD, DVD, or USB memory stick, or the + remove the &os; install CD, DVD, or USB memory stick, or the computer may boot from it again. @@ -2893,7 +2893,7 @@ FreeBSD/amd64 (machine3.example.com) (tt login: - Generating the RSA and DSA keys may take some time on + Generating the RSA and DSA keys may take some time on slower machines. This happens only on the initial boot-up of a new installation, and only if sshd is set to start @@ -2961,8 +2961,8 @@ login: add support for devices which are not present in the GENERIC kernel. The kernel on the boot disks is configured assuming that most hardware devices - are in their factory default configuration in terms of IRQs, - IO addresses, and DMA channels. If the hardware has been + are in their factory default configuration in terms of IRQs, + I/O addresses, and DMA channels. If the hardware has been reconfigured, a custom kernel configuration file can tell &os; where to find things. @@ -3001,12 +3001,12 @@ login: &os; makes extensive use of the system - ACPI service on the i386, amd64, and ia64 platforms to + ACPI service on the i386, amd64, and ia64 platforms to aid in system configuration if it is detected during boot. Unfortunately, some bugs still exist in both the - ACPI driver and within system motherboards and + ACPI driver and within system motherboards and BIOS - firmware. ACPI can be disabled by setting + firmware. ACPI can be disabled by setting the hint.acpi.0.disabled hint in the third stage boot loader: @@ -3026,16 +3026,16 @@ login: - Using the Live CD + Using the Live <acronym>CD</acronym> - A live CD of &os; is available on the same CD as the main + A live CD of &os; is available on the same CD as the main installation program. This is useful for those who are still wondering whether &os; is the right operating system for them and want to test some of the features before installing. The following points should be noted while using the live - CD: + CD: To gain access to the system, authentication is @@ -3045,13 +3045,13 @@ login: - As the system runs directly from the CD, performance + As the system runs directly from the CD, performance will be significantly slower than that of a system installed on a hard disk. - The live CD provides a command prompt and not a + The live CD provides a command prompt and not a graphical interface. From owner-svn-doc-all@FreeBSD.ORG Thu Apr 24 23:01:57 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 67E031AA; Thu, 24 Apr 2014 23:01:57 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 53B201B2E; Thu, 24 Apr 2014 23:01:57 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3ON1vWh087536; Thu, 24 Apr 2014 23:01:57 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3ON1vSW087535; Thu, 24 Apr 2014 23:01:57 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404242301.s3ON1vSW087535@svn.freebsd.org> From: Dru Lavigne Date: Thu, 24 Apr 2014 23:01:57 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44655 - head/en_US.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Apr 2014 23:01:57 -0000 Author: dru Date: Thu Apr 24 23:01:56 2014 New Revision: 44655 URL: http://svnweb.freebsd.org/changeset/doc/44655 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Thu Apr 24 22:11:46 2014 (r44654) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Thu Apr 24 23:01:56 2014 (r44655) @@ -20,8 +20,8 @@ Mock - Restructured, reorganized, and parts - rewritten by + Restructured, reorganized, and parts rewritten + by @@ -79,8 +79,8 @@ sysinstall for installation. This chapter describes the use of bsdinstall. The use of - sysinstall is covered in - . + sysinstall is covered in . After reading this chapter, you will know: @@ -145,14 +145,15 @@ &os;/&arch.i386; &os;/&arch.i386; requires a 486 or better processor and - at least 64 MB of RAM. At least 1.1 GB of free - hard drive space is needed for the most minimal - installation. + at least 64 MB of RAM. At least + 1.1 GB of free hard drive space is needed for the most + minimal installation. - On old computers, increasing RAM and hard drive space - is usually more effective at improving performance than - installing a faster processor. + On old computers, increasing RAM + and hard drive space is usually more effective at + improving performance than installing a faster + processor. @@ -161,9 +162,8 @@ There are two classes of processors capable of running &os;/&arch.amd64;. The first are AMD64 processors, - including the &amd.athlon;64, - &amd.athlon;64-FX, &amd.opteron; or better - processors. + including the &amd.athlon;64, &amd.athlon;64-FX, + &amd.opteron; or better processors. The second class of processors that can use &os;/&arch.amd64; includes those using the @@ -174,22 +174,25 @@ &intel; &xeon; E3, E5 and E7 processors, and the &intel; &core; i3, i5 and i7 processors. - If the system is based on an nVidia nForce3 - Pro-150, the IO APIC must be disabled - in the BIOS setup. If this BIOS option does not exist, - disable ACPI instead. + If the system is based on an nVidia nForce3 Pro-150, the + IO APIC + must be disabled in the + BIOS setup. If this + BIOS option does not exist, disable + ACPI instead. &os;/&arch.powerpc; &apple; &macintosh; All New World &apple; &macintosh; systems with built-in - USB are supported. SMP is supported on machines with + USB are supported. + SMP is supported on machines with multiple CPUs. - A 32-bit kernel can only use the first 2 GB of RAM. - &firewire; is not supported on the Blue & White PowerMac - G3. + A 32-bit kernel can only use the first 2 GB of + RAM. &firewire; is not supported on the + Blue & White PowerMac G3. @@ -224,21 +227,20 @@ Back Up Important Data - Back up all important data on the target computer - where &os; will be installed. Test the backups before - continuing. The &os; installer will ask before making changes - to the disk, but once the process has started it cannot be - undone. + Back up all important data on the target computer where + &os; will be installed. Test the backups before continuing. + The &os; installer will ask before making changes to the disk, + but once the process has started it cannot be undone. Decide Where to Install &os; If &os; will be the only operating system installed, and - will be allowed to use the entire hard disk, the rest of - this section can be skipped. But if &os; will share the disk - with other operating systems, an understanding of disk - layout is useful during the installation. + will be allowed to use the entire hard disk, the rest of this + section can be skipped. But if &os; will share the disk with + other operating systems, an understanding of disk layout is + useful during the installation. Disk Layouts for &os;/&arch.i386; and @@ -250,38 +252,37 @@ <para>There are two ways of dividing a disk into partitions. A traditional <firstterm>Master Boot Record</firstterm> - (<acronym>MBR</acronym>) holds a - partition table defining up to four <firstterm>primary - partitions</firstterm>. For historical reasons, &os; - calls primary partitions <firstterm>slices</firstterm>. A - limit of only four partitions is restrictive for large - disks, so one of these primary partitions can be made into - an <firstterm>extended partition</firstterm>. Multiple - <firstterm>logical partitions</firstterm> may then be - created inside the extended partition. This may sound a - little unwieldy, and it is.</para> + (<acronym>MBR</acronym>) holds a partition table defining up + to four <firstterm>primary partitions</firstterm>. For + historical reasons, &os; calls primary partitions + <firstterm>slices</firstterm>. A limit of only four + partitions is restrictive for large disks, so one of these + primary partitions can be made into an <firstterm>extended + partition</firstterm>. Multiple <firstterm>logical + partitions</firstterm> may then be created inside the + extended partition. This may sound a little unwieldy, and + it is.</para> <para>The <firstterm>GUID Partition Table</firstterm> - (<acronym>GPT</acronym>) is a - newer and simpler method of partitioning a disk. - <acronym>GPT</acronym> is far - more versatile than the traditional <acronym>MBR </acronym>partition table. - Common <acronym>GPT</acronym> implementations allow up to - 128 partitions per disk, eliminating the need for - inconvenient workarounds like logical partitions.</para> + (<acronym>GPT</acronym>) is a newer and simpler method of + partitioning a disk. <acronym>GPT</acronym> is far more + versatile than the traditional <acronym>MBR</acronym> + partition table. Common <acronym>GPT</acronym> + implementations allow up to 128 partitions per disk, + eliminating the need for inconvenient workarounds like + logical partitions.</para> <warning> <para>Some older operating systems, like &windows; XP, are not compatible with the <acronym>GPT</acronym> partition scheme. If &os; will be sharing a disk with - such an operating system, - <acronym>MBR</acronym> + such an operating system, <acronym>MBR</acronym> partitioning is required.</para> </warning> <para>&os;'s standard boot loader requires either a primary or - <acronym>GPT</acronym> partition. Refer to - <xref linkend="boot"/> for more information about the &os; + <acronym>GPT</acronym> partition. Refer to <xref + linkend="boot"/> for more information about the &os; booting process. If all of the primary or <acronym>GPT</acronym> partitions are already in use, one must be freed for &os;.</para> @@ -311,8 +312,8 @@ </warning> <para>Resizing µsoft; Vista partitions can be - difficult. A Vista installation <acronym>CD</acronym> can be useful when - attempting such an operation.</para> + difficult. A Vista installation <acronym>CD</acronym> can + be useful when attempting such an operation.</para> <example> <title>Using an Existing Partition @@ -320,14 +321,14 @@ A &windows; computer has a single 40 GB disk that has been split into two 20 GB partitions. &windows; calls them C: and - D:. The - C: partition contains 10 GB - of data, and the D: partition - contains 5 GB of data. + D:. The C: + partition contains 10 GB of data, and the + D: partition contains 5 GB of + data. Moving the data from D: to - C: frees up the second partition - to be used for &os;. + C: frees up the second partition to + be used for &os;. @@ -372,14 +373,15 @@ Some &os; installation methods need a network connection to download files. To connect to an Ethernet network (or - cable or DSL modem with an Ethernet interface), the installer - will request some information about the network. - - DHCP is commonly - used to provide automatic network configuration. If - DHCP is not available, this network - information must be obtained from the local network - administrator or service provider: + cable or DSL modem with an Ethernet + interface), the installer will request some information about + the network. + + DHCP is commonly used to provide + automatic network configuration. If DHCP + is not available, this network information must be obtained + from the local network administrator or service + provider: Network Information @@ -417,9 +419,9 @@ affect the installation process. As these problems are discovered and fixed, they are noted in the &os; Errata (http://www.freebsd.org/releases/&rel.current;R/errata.html) - on the &os; web site. Check the errata before - installing to make sure that there are no problems that might - affect the installation. + on the &os; web site. Check the errata before installing to + make sure that there are no problems that might affect the + installation. Information and errata for all the releases can be found on the release information section of the &os; web site (Prepare the Installation Media A &os; installation is started by booting the computer - with a &os; installation CD, DVD, or USB memory stick. The - installer is not a program that can be run from within another - operating system. + with a &os; installation CD, + DVD, or USB memory + stick. The installer is not a program that can be run from + within another operating system. In addition to the standard installation media which contains copies of all the &os; installation files, there is a bootonly variant. Bootonly install media does not have copies of the installation files, but downloads them from the network during an install. The bootonly install - CD is consequently much smaller, and reduces bandwidth usage - during the install by only downloading required files. - - Copies of &os; installation media are available at - www.freebsd.org/where.html#download. - Also download - CHECKSUM.SHA256 from the same directory - as the image file, and use it to check the image file's - integrity by calculating a checksum. - &os; provides &man.sha256.1; for this, while other operating - systems have similar programs. Compare the calculated - checksum with the one shown in + CD is consequently much smaller, and + reduces bandwidth usage during the install by only downloading + required files. + + Copies of &os; installation media are available at www.freebsd.org/where.html#download. + Also download CHECKSUM.SHA256 from the + same directory as the image file, and use it to check the + image file's integrity by calculating a + checksum. &os; provides &man.sha256.1; + for this, while other operating systems have similar programs. + Compare the calculated checksum with the one shown in CHECKSUM.SHA256. The checksums must match exactly. If the checksums do not match, the file is corrupt and should be discarded. - If a copy of &os; already exists on CD, DVD, or USB - memory stick, this section can be skipped. + If a copy of &os; already exists on + CD, DVD, or + USB memory stick, this section can be + skipped. - &os; CD and DVD images are bootable ISO files. Only one - CD or DVD is needed for an install. Burn the ISO image to a - bootable CD or DVD using the burning applications - available with the current operating system. On &os;, - recording is provided by cdrecord from - sysutils/cdrtools, installed - from the Ports Collection. + &os; CD and DVD + images are bootable ISO files. Only one + CD or DVD is needed for + an install. Burn the ISO image to a + bootable CD or DVD using + the burning applications available with the current operating + system. On &os;, recording is provided by + cdrecord from + sysutils/cdrtools, installed from the Ports + Collection. To create a bootable memory stick, follow these steps: @@ -481,11 +489,10 @@ directory at ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/arch/arch/ISO-IMAGES/version/&os;-version-RELEASE-arch-memstick.img. Replace arch and - version with the - architecture and the version number to - install, respectively. For example, the memory stick - images for &os;/&arch.i386; 9.0-RELEASE are - available from version with the architecture + and the version number to install, respectively. For + example, the memory stick images for + &os;/&arch.i386; 9.0-RELEASE are available from ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/&arch.i386;/&arch.i386;/ISO-IMAGES/9.0/&os;-9.0-RELEASE-&arch.i386;-memstick.img. @@ -519,8 +526,8 @@ The example below shows /dev/da0 as the target device where the image will be written. Be very careful that - the correct device is used as the output target, as this command will - destroy existing data. + the correct device is used as the output target, as + this command will destroy existing data. @@ -529,10 +536,9 @@ The .img file is not a regular file. It is an image of the complete contents of - the memory stick. It cannot - be copied like a regular file, but must be - written directly to the target device with - &man.dd.1;: + the memory stick. It cannot be + copied like a regular file, but must be written + directly to the target device with &man.dd.1;: &prompt.root; dd if=&os;-9.0-RELEASE-&arch.i386;-memstick.img of=/dev/da0 bs=64k @@ -603,9 +609,9 @@ commit your changes? The install can be exited at any time prior to this warning without changing the contents of the hard drive. If - there is a concern that something is - incorrectly configured, just turn the computer off before this - point, and no damage will be done. + there is a concern that something is incorrectly configured, + just turn the computer off before this point, and no damage + will be done. @@ -616,24 +622,25 @@ commit your changes? - When using a prepared bootable USB stick, - as described in - , - plug in the USB stick before turning on the + When using a prepared bootable USB + stick, as described in , plug in the + USB stick before turning on the computer. - When booting from CD, - turn on the computer and insert the CD at the first - opportunity. + When booting from CD, turn on the + computer and insert the CD at the + first opportunity. - Configure the system to boot from either the CD - or from USB, depending on the media being used for the - installation. BIOS configurations - allow the selection of a specific boot device. Most - systems also provide for selecting a boot device during - startup, typically by pressing F10, + Configure the system to boot from either the + CD or from USB, + depending on the media being used for the installation. + BIOS configurations allow the + selection of a specific boot device. Most systems also + provide for selecting a boot device during startup, + typically by pressing F10, F11, F12, or Escape. @@ -645,31 +652,32 @@ commit your changes? The disks were not inserted early enough in the - boot process. Leave them in, and try restarting - the computer. + boot process. Leave them in, and try restarting the + computer. The BIOS changes earlier did - not work correctly. Redo that step until - the right option is selected. + not work correctly. Redo that step until the right + option is selected. This particular BIOS does not - support booting from the desired media. The + support booting from the desired media. The Plop Boot Manager (http://www.plop.at/en/bootmanager.html) - can be used to boot older - computers from CD or USB media. + can be used to boot older computers from + CD or USB + media. &os; will start to boot. When booting from - CD, messages similar to this will be displayed (version - information omitted): + CD, messages similar to this will be + displayed (version information omitted): Booting from CD-ROM... 645MB medium detected @@ -718,7 +726,8 @@ Loading /boot/defaults/loader.conf Booting for &macintosh; &powerpc; On most machines, holding C on the - keyboard during boot will boot from the CD. Otherwise, hold + keyboard during boot will boot from the + CD. Otherwise, hold Command Option @@ -739,19 +748,16 @@ Loading /boot/defaults/loader.conf For Xserves without keyboards, refer to http://support.apple.com/kb/TA26930 - about booting into Open - Firmware. + about booting into Open Firmware. Booting for &sparc64; Most &sparc64; systems are set up to boot automatically - from disk. To install &os;, booting over the - network or from a CD requires a break into - the - PROM - (OpenFirmware). + from disk. To install &os;, booting over the network or + from a CD requires a break into the + PROM (OpenFirmware). To do this, reboot the system, and wait until the boot message appears. It depends on the model, but should look @@ -763,17 +769,14 @@ OpenBoot 4.2, 128 MB memory installed, S Ethernet address 0:3:ba:b:92:d4, Host ID: 830b92d4. If the system proceeds to boot from disk at this point, - press - L1A - or - StopA on the keyboard, or send a BREAK over the serial console (using for example ~# in &man.tip.1; or &man.cu.1;) to get to the - PROM - prompt. It looks like this: + PROM prompt. It looks like this: ok ok {0} @@ -785,13 +788,14 @@ Ethernet address 0:3:ba:b:92:d4, Host ID - This is the prompt used on SMP systems, the digit - indicates the number of the active CPU. + This is the prompt used on SMP + systems, the digit indicates the number of the active + CPU. - At this point, place the CD into the drive, and from - the PROM prompt, type + At this point, place the CD into the + drive, and from the PROM prompt, type boot cdrom. @@ -803,17 +807,16 @@ Ethernet address 0:3:ba:b:92:d4, Host ID screen are stored and can be reviewed. To review the buffer, press Scroll Lock. - This turns on scrolling in the display. Use the - arrow keys, or PageUp and - PageDown, to view the results. Press - Scroll Lock again to stop scrolling. + This turns on scrolling in the display. Use the arrow keys, + or PageUp and PageDown, to + view the results. Press Scroll Lock again to + stop scrolling. Do this now, to review the text that scrolled off the screen when the kernel was carrying out the device probes. - Text similar to - will be displayed, although the precise - text will differ depending on the devices in - the computer. + Text similar to will be + displayed, although the precise text will differ depending on + the devices in the computer.
            Typical Device Probe Results @@ -968,19 +971,19 @@ Trying to mount root from cd9660:/dev/is
            Check the probe results carefully to make sure that &os; - found all the devices. If a device was not - found, it will not be listed. Refer to - - for instructions on how to add in support for devices - which are not in the GENERIC - kernel. + found all the devices. If a device was not found, it will not + be listed. Refer to for instructions on + how to add in support for devices which are not in the + GENERIC kernel. After the procedure of device probing, the menu shown in - will be displayed. The install media - can be used in three ways: to install &os;, as a live CD as described in - , or - to access a &os; shell. Use the arrow keys to choose - an option, and Enter to select. + will be displayed. + The install media can be used in three ways: to install &os;, + as a live CD as described in , or to access a &os; shell. Use + the arrow keys to choose an option, and Enter + to select.
            Selecting Installation Media Mode @@ -1007,8 +1010,8 @@ Trying to mount root from cd9660:/dev/is &a.kmoore.email;'s pc-sysinstall is included with - PC-BSD and can - be used to install &os; using the instructions at http://wiki.pcbsd.org/index.php/Use_PC-BSD_Installer_to_Install_FreeBSD. Although sometimes confused with bsdinstall, the two are not @@ -1124,8 +1127,9 @@ Trying to mount root from cd9660:/dev/is Deciding which components to install will depend largely on the intended use of the system and the amount of disk space - available. The &os; kernel and userland, collectively known as the - base system, are always installed. + available. The &os; kernel and userland, collectively known + as the base system, are always + installed. Depending on the type of installation, some of these components may not appear. @@ -1141,8 +1145,9 @@ Trying to mount root from cd9660:/dev/is - games - Several traditional BSD - games, including fortune, + games - Several traditional + BSD games, including + fortune, rot13, and others. @@ -1167,9 +1172,9 @@ Trying to mount root from cd9660:/dev/is The installation program does not check for adequate disk space. Select this option only if - sufficient hard disk space is available. The - &os; Ports Collection takes up about &ports.size; of - disk space. + sufficient hard disk space is available. The &os; Ports + Collection takes up about &ports.size; of disk + space. @@ -1242,10 +1247,10 @@ Trying to mount root from cd9660:/dev/is allows advanced users to create customized partitions. The ZFS option, only available in &os; 10 and later, will create an optionally encrypted root-on-ZFS system - with support for Boot Environments. Finally, - there's the option of starting a shell where command-line - programs like &man.gpart.8;, &man.fdisk.8;, and &man.bsdlabel.8; - can be used directly. + with support for Boot Environments. Finally, there's the option + of starting a shell where command-line programs like + &man.gpart.8;, &man.fdisk.8;, and &man.bsdlabel.8; can be used + directly.
            Selecting Guided, Manual or Shell Partitioning @@ -1269,12 +1274,12 @@ Trying to mount root from cd9660:/dev/is
            - This section describes what to consider when laying - out the disk partitions. It then demonstrates how to use both - the Guided Partitioning and Manual Partitioning screens. - - - Designing the Partition Layout + This section describes what to consider when laying out the + disk partitions. It then demonstrates how to use both the + Guided Partitioning and Manual Partitioning screens. + + + Designing the Partition Layout partition layout @@ -1287,86 +1292,86 @@ Trying to mount root from cd9660:/dev/is /usr - When laying out file systems, remember that hard drives transfer data - faster from the outer tracks to the inner. Thus, smaller - and heavier-accessed file systems should be closer to the - outside of the drive, while larger partitions like - /usr should be placed toward the inner - parts of the disk. It is a good idea to create partitions - in an order similar to: /, swap, - /var, and - /usr. - - The size of the /var partition - reflects the intended machine's usage. This partition is - used to hold mailboxes, log files, and printer spools. - Mailboxes and log files can grow to unexpected sizes - depending on the number of users and how long log files are - kept. On average, most users rarely need more than about a - gigabyte of free disk space in - /var. + When laying out file systems, remember that hard drives + transfer data faster from the outer tracks to the inner. + Thus, smaller and heavier-accessed file systems should be + closer to the outside of the drive, while larger partitions + like /usr should be placed toward the + inner parts of the disk. It is a good idea to create + partitions in an order similar to: /, + swap, /var, and + /usr. + + The size of the /var partition + reflects the intended machine's usage. This partition is + used to hold mailboxes, log files, and printer spools. + Mailboxes and log files can grow to unexpected sizes + depending on the number of users and how long log files are + kept. On average, most users rarely need more than about a + gigabyte of free disk space in + /var. - - Sometimes, a lot of disk space is required in - /var/tmp. When new software is - installed, the packaging tools - extract a temporary copy of the packages under - /var/tmp. Large software packages, - like Firefox, - OpenOffice or - LibreOffice may be tricky to - install if there is not enough disk space under - /var/tmp. - + + Sometimes, a lot of disk space is required in + /var/tmp. When new software is + installed, the packaging tools extract a temporary copy of + the packages under /var/tmp. Large + software packages, like Firefox, + OpenOffice or + LibreOffice may be tricky to + install if there is not enough disk space under + /var/tmp. + + + The /usr partition holds many of the + files which support the system, including the &os; Ports + Collection and system source code. At least 2 gigabytes is + recommended for this partition. + + When selecting partition sizes, keep the space + requirements in mind. Running out of space in one partition + while barely using another can be a hassle. + + + swap sizing + + + swap partition + + + As a rule of thumb, the swap partition should be about + double the size of physical memory (RAM). + Systems with minimal RAM may perform + better with more swap. Configuring too little swap can lead + to inefficiencies in the VM page scanning + code and might create issues later if more memory is + added. + + On larger systems with multiple SCSI + disks or multiple IDE disks operating on + different controllers, it is recommended that swap be + configured on each drive, up to four drives. The swap + partitions should be approximately the same size. The + kernel can handle arbitrary sizes but internal data structures + scale to 4 times the largest swap partition. Keeping the swap + partitions near the same size will allow the kernel to + optimally stripe swap space across disks. Large swap sizes + are fine, even if swap is not used much. It might be easier + to recover from a runaway program before being forced to + reboot. + + By properly partitioning a system, fragmentation + introduced in the smaller write heavy partitions will not + bleed over into the mostly read partitions. Keeping the + write loaded partitions closer to the disk's edge will + increase I/O performance in the + partitions where it occurs the most. While + I/O performance in the larger partitions + may be needed, shifting them more toward the edge of the disk + will not lead to a significant performance improvement over + moving /var to the edge. + - The /usr partition holds many of - the files which support the system, including the &os; Ports - Collection and system source code. At least 2 gigabytes is - recommended for this partition. - - When selecting partition sizes, keep the space - requirements in mind. Running out of space in one partition - while barely using another can be a hassle. - - - swap sizing - - - swap partition - - - As a rule of thumb, the swap partition should be about - double the size of physical memory (RAM). - Systems with minimal RAM may perform - better with more swap. Configuring too little swap can - lead to inefficiencies in the VM page - scanning code and might create issues later if more memory - is added. - - On larger systems with multiple SCSI - disks or multiple IDE disks operating - on different controllers, it is recommended that swap be - configured on each drive, up to four drives. The swap - partitions should be approximately the same size. The - kernel can handle arbitrary sizes but internal data - structures scale to 4 times the largest swap partition. - Keeping the swap partitions near the same size will allow - the kernel to optimally stripe swap space across disks. - Large swap sizes are fine, even if swap is not used much. - It might be easier to recover from a runaway program before - being forced to reboot. - - By properly partitioning a system, fragmentation - introduced in the smaller write heavy partitions will not - bleed over into the mostly read partitions. Keeping the - write loaded partitions closer to the disk's edge will - increase I/O performance in the partitions where it occurs - the most. While I/O performance in the larger partitions - may be needed, shifting them more toward the edge of the - disk will not lead to a significant performance improvement - over moving /var to the edge. - - Guided Partitioning @@ -1384,8 +1389,8 @@ Trying to mount root from cd9660:/dev/is
            - The entire disk or a portion of it can be allocated to &os;. - If + The entire disk or a portion of it can be allocated to + &os;. If [ Entire Disk ] is chosen, a general partition layout filling the whole disk is created. Selecting @@ -1441,8 +1446,8 @@ Trying to mount root from cd9660:/dev/is
            - Highlighting a drive (ada0 in - this example) and selecting + Highlighting a drive (ada0 in this + example) and selecting [ Create ] displays a menu for choosing the type of partitioning scheme. @@ -1480,7 +1485,7 @@ Trying to mount root from cd9660:/dev/is APM Apple Partition Map, used by &powerpc; - &macintosh; (http://support.apple.com/kb/TA21692). @@ -1545,8 +1550,8 @@ Trying to mount root from cd9660:/dev/is             - freebsd-ufs - A &os; UFS - file system. + freebsd-ufs - A &os; UFS file + system. @@ -1557,17 +1562,16 @@ Trying to mount root from cd9660:/dev/is Another partition type worth noting is freebsd-zfs, used for partitions that will - contain a &os; ZFS file system. - . &man.gpart.8; shows more - of the available GPT partition - types. + contain a &os; ZFS file system. . &man.gpart.8; shows more of + the available GPT partition types. Multiple file system partitions can be used, and some people may prefer a traditional layout with separate partitions for the /, /var, /tmp, and - /usr file systems. See - for an + /usr file systems. See for an example. Size may be entered with common abbreviations: @@ -1598,10 +1602,10 @@ Trying to mount root from cd9660:/dev/is and partition numbers in files like /etc/fstab makes the system more tolerant of changing hardware. GPT labels appear in - /dev/gpt/ when a disk is attached. - Other partitioning schemes have different label - capabilities, and their labels appear in different directories - in /dev/. + /dev/gpt/ when a disk is attached. Other + partitioning schemes have different label capabilities, and + their labels appear in different directories in + /dev/. Use a unique label on every file system to avoid @@ -1620,14 +1624,14 @@ Trying to mount root from cd9660:/dev/is /, /var, /tmp, and /usr directories are separate file systems on their own - partitions, create a GPT partitioning scheme, then create - the partitions as shown. Partition sizes shown are typical - for a 20G target disk. If more space is available on the - target disk, larger swap or /var - partitions may be useful. Labels shown here are prefixed - with ex for example, but - readers should use other unique label values as described - above. + partitions, create a GPT partitioning + scheme, then create the partitions as shown. Partition + sizes shown are typical for a 20G target disk. If more + space is available on the target disk, larger swap or + /var partitions may be useful. Labels + shown here are prefixed with ex for + example, but readers should use other unique + label values as described above. By default, &os;'s gptboot expects the first UFS partition found to be the @@ -1732,22 +1736,22 @@ Trying to mount root from cd9660:/dev/is
            - The most important option is selecting the vdev type - and one or more disks that will make up the vdev that will + The most important option is selecting the vdev type and + one or more disks that will make up the vdev that will constitute the pool. The automatic ZFS installer currently only supports the creation of a single top level vdev, except in stripe mode. To create more complex pools, use the instructions in to create - the pool. The installer supports the creation of various - pool types, including stripe (not recommended, no redundancy), - mirror (best performance, least usable space), and RAID-Z 1, - 2, and 3 (with the capability to withstand the concurrent - failure of 1, 2, and 3 disks, respectively). A tooltip across - the bottom of the screen while selecting the pool type - provides advice about the number of required disks for each - type, and in the case of RAID-Z, the optimal number of disks - for each configuration. + linkend="bsdinstall-part-shell"/> to create the pool. The + installer supports the creation of various pool types, + including stripe (not recommended, no redundancy), mirror + (best performance, least usable space), and RAID-Z 1, 2, and 3 + (with the capability to withstand the concurrent failure of 1, + 2, and 3 disks, respectively). A tooltip across the bottom of + the screen while selecting the pool type provides advice about + the number of required disks for each type, and in the case of + RAID-Z, the optimal number of disks for each + configuration.
            <acronym>ZFS</acronym> Pool Type @@ -1773,7 +1777,8 @@ Trying to mount root from cd9660:/dev/is - +
            @@ -1783,13 +1788,14 @@ Trying to mount root from cd9660:/dev/is - +
            - If one or more disks are missing from the list, or if disks - were attached after the installer was started, select + If one or more disks are missing from the list, or if + disks were attached after the installer was started, select - Rescan Devices to repopulate the list *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Fri Apr 25 10:02:26 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 42FEAE9A; Fri, 25 Apr 2014 10:02:26 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 910051BCD; Fri, 25 Apr 2014 10:02:25 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3PA2PM0060863; Fri, 25 Apr 2014 10:02:25 GMT (envelope-from gahr@svn.freebsd.org) Received: (from gahr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3PA2PoN060862; Fri, 25 Apr 2014 10:02:25 GMT (envelope-from gahr@svn.freebsd.org) Message-Id: <201404251002.s3PA2PoN060862@svn.freebsd.org> From: Pietro Cerutti Date: Fri, 25 Apr 2014 10:02:25 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44656 - head/en_US.ISO8859-1/htdocs/donations X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Apr 2014 10:02:26 -0000 Author: gahr (ports committer) Date: Fri Apr 25 10:02:25 2014 New Revision: 44656 URL: http://svnweb.freebsd.org/changeset/doc/44656 Log: - Document the donation of several machines from Roger Ehrlich to the FreeBSD.org cluster Modified: head/en_US.ISO8859-1/htdocs/donations/donors.xml Modified: head/en_US.ISO8859-1/htdocs/donations/donors.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/donations/donors.xml Thu Apr 24 23:01:56 2014 (r44655) +++ head/en_US.ISO8859-1/htdocs/donations/donors.xml Fri Apr 25 10:02:25 2014 (r44656) @@ -2978,6 +2978,15 @@ culot received + + + Roger Ehrlich <rehrlich@ryerson.ca> + 2x IBM Power PC, POWER4 CHRP Model 7028-6C4; Serial #108D21C & 108D1EC.
            + 3x Sun V490 + + FreeBSD.org cluster + received + From owner-svn-doc-all@FreeBSD.ORG Fri Apr 25 11:06:17 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 69BDF2F3; Fri, 25 Apr 2014 11:06:17 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 56CB61344; Fri, 25 Apr 2014 11:06:17 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3PB6H0R085833; Fri, 25 Apr 2014 11:06:17 GMT (envelope-from brueffer@svn.freebsd.org) Received: (from brueffer@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3PB6HFU085832; Fri, 25 Apr 2014 11:06:17 GMT (envelope-from brueffer@svn.freebsd.org) Message-Id: <201404251106.s3PB6HFU085832@svn.freebsd.org> From: Christian Brueffer Date: Fri, 25 Apr 2014 11:06:17 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44657 - head/en_US.ISO8859-1/htdocs/donations X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Apr 2014 11:06:17 -0000 Author: brueffer Date: Fri Apr 25 11:06:16 2014 New Revision: 44657 URL: http://svnweb.freebsd.org/changeset/doc/44657 Log: Fix the www build. Modified: head/en_US.ISO8859-1/htdocs/donations/donors.xml Modified: head/en_US.ISO8859-1/htdocs/donations/donors.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/donations/donors.xml Fri Apr 25 10:02:25 2014 (r44656) +++ head/en_US.ISO8859-1/htdocs/donations/donors.xml Fri Apr 25 11:06:16 2014 (r44657) @@ -2981,7 +2981,7 @@ Roger Ehrlich <rehrlich@ryerson.ca> - 2x IBM Power PC, POWER4 CHRP Model 7028-6C4; Serial #108D21C & 108D1EC.
            + 2x IBM Power PC, POWER4 CHRP Model 7028-6C4; Serial #108D21C & 108D1EC.
            3x Sun V490 FreeBSD.org cluster From owner-svn-doc-all@FreeBSD.ORG Fri Apr 25 13:49:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 23C739FF; Fri, 25 Apr 2014 13:49:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1066B15E9; Fri, 25 Apr 2014 13:49:13 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3PDnC2V053892; Fri, 25 Apr 2014 13:49:12 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3PDnCEu053891; Fri, 25 Apr 2014 13:49:12 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201404251349.s3PDnCEu053891@svn.freebsd.org> From: Ryusuke SUZUKI Date: Fri, 25 Apr 2014 13:49:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44659 - head/ja_JP.eucJP/books/handbook/ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Apr 2014 13:49:13 -0000 Author: ryusuke Date: Fri Apr 25 13:49:12 2014 New Revision: 44659 URL: http://svnweb.freebsd.org/changeset/doc/44659 Log: o Fix typo. Modified: head/ja_JP.eucJP/books/handbook/ports/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/ports/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/ports/chapter.xml Fri Apr 25 13:47:44 2014 (r44658) +++ head/ja_JP.eucJP/books/handbook/ports/chapter.xml Fri Apr 25 13:49:12 2014 (r44659) @@ -1145,7 +1145,7 @@ Deinstalling ca_root_nss-3.15.1_1... don port をコンパイルしてインストールするには、 インストールしたい port のディレクトリに移動してください。 - その後、プロンプトからまたは + その後、プロンプトから make install と入力してください。 すると、次のような出力が現われるはずです。 From owner-svn-doc-all@FreeBSD.ORG Fri Apr 25 14:48:47 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4F78CF47; Fri, 25 Apr 2014 14:48:47 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2F5BA1C74; Fri, 25 Apr 2014 14:48:47 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3PEmlEX078561; Fri, 25 Apr 2014 14:48:47 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3PEml81078560; Fri, 25 Apr 2014 14:48:47 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404251448.s3PEml81078560@svn.freebsd.org> From: Dru Lavigne Date: Fri, 25 Apr 2014 14:48:47 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44662 - head/en_US.ISO8859-1/books/handbook/geom X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Apr 2014 14:48:47 -0000 Author: dru Date: Fri Apr 25 14:48:46 2014 New Revision: 44662 URL: http://svnweb.freebsd.org/changeset/doc/44662 Log: Editorial review of mirror chapter. Mostly fixes to acronyms, links, and "filesystems" and sentences beginning with commands. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Fri Apr 25 14:07:42 2014 (r44661) +++ head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Fri Apr 25 14:48:46 2014 (r44662) @@ -295,8 +295,8 @@ Done.             - &man.dump.8; is used in these procedures to copy file - systems. But &man.dump.8; does not work on file systems with + While dump is used in these procedures to copy file + systems, it does not work on file systems with soft updates journaling. See &man.tunefs.8; for information on detecting and disabling soft updates journaling. @@ -307,34 +307,34 @@ Done. Many disk systems store metadata at the end of each disk. Old metadata should be erased before reusing the disk for a mirror. Most problems are caused by two particular types of - leftover metadata: GPT partition tables, and old - &man.gmirror.8; metadata from a previous mirror. + leftover metadata: GPT partition tables and old + metadata from a previous mirror.             - GPT metadata can be erased with &man.gpart.8;. This - example erases both primary and backup GPT partition tables + GPT metadata can be erased with gpart. This + example erases both primary and backup GPT partition tables from disk ada8: &prompt.root; gpart destroy -F ada8 - &man.gmirror.8; can remove a disk from an active mirror - and erase the metadata in one step. Here, the example disk + A disk can be removed from an active mirror and the + metadata erased in one step using gmirror. Here, the example disk ada8 is removed from the active mirror gm4: &prompt.root; gmirror remove gm4 ada8 - If the mirror is not running but old mirror metadata is + If the mirror is not running, but old mirror metadata is still on the disk, use gmirror clear to remove it: &prompt.root; gmirror clear ada8 - &man.gmirror.8; stores one block of metadata at the end of - the disk. Because GPT partition schemes also store metadata - at the end of the disk, mirroring entire GPT disks with - &man.gmirror.8; is not recommended. MBR partitioning is used + When gmirror is used, one block of metadata is stored at the end of + the disk. Because GPT partition schemes also store metadata + at the end of the disk, mirroring entire GPT disks with + gmirror is not recommended. MBR partitioning is used here because it only stores a partition table at the start of - the disk and does not conflict with &man.gmirror.8;. + the disk and does not conflict with gmirror. @@ -347,8 +347,8 @@ Done. system. A new mirror will be created on these two disks and used to replace the old single disk. - &man.gmirror.8; requires a kernel module, - geom_mirror.ko, either built into the + The + geom_mirror.ko kernel module must either be built into the kernel or loaded at boot- or run-time. Manually load the kernel module now: @@ -358,17 +358,17 @@ Done. &prompt.root; gmirror label -v gm0 /dev/ada1 /dev/ada2 - gm0 is a user-chosen device name + In this example, gm0 is a user-chosen device name assigned to the new mirror. After the mirror has been started, this device name will appear in /dev/mirror/. - MBR and bsdlabel partition tables can now be created on - the mirror with &man.gpart.8;. Here we show a traditional - split-filesystem layout, with partitions for + MBR and bsdlabel partition tables can now be created on + the mirror with gpart. This example uses a traditional + file system layout, with partitions for /, swap, /var, /tmp, and /usr. A - single / filesystem and a swap partition + single / file system and a swap partition will also work. Partitions on the mirror do not have to be the same size @@ -400,14 +400,14 @@ Done. 18874370 137426928 6 freebsd-ufs (65G) 156301298 1 - free - (512B) - Make the mirror bootable by installing bootcode in the MBR + Make the mirror bootable by installing bootcode in the MBR and bsdlabel and setting the active slice: &prompt.root; gpart bootcode -b /boot/mbr mirror/gm0 &prompt.root; gpart set -a active -i 1 mirror/gm0 &prompt.root; gpart bootcode -b /boot/boot mirror/gm0s1 - Format the filesystems on the new mirror, enabling + Format the file systems on the new mirror, enabling soft-updates. &prompt.root; newfs -U /dev/mirror/gm0s1a @@ -415,9 +415,9 @@ Done. &prompt.root; newfs -U /dev/mirror/gm0s1e &prompt.root; newfs -U /dev/mirror/gm0s1f - Filesystems from the original + File systems from the original ada0 disk can now be copied onto the - mirror with &man.dump.8; and &man.restore.8;. + mirror with dump and restore. &prompt.root; mount /dev/mirror/gm0s1a /mnt &prompt.root; dump -C16 -b64 -0aL -f - / | (cd /mnt && restore -rf -) @@ -428,8 +428,8 @@ Done. &prompt.root; dump -C16 -b64 -0aL -f - /tmp | (cd /mnt/tmp && restore -rf -) &prompt.root; dump -C16 -b64 -0aL -f - /usr | (cd /mnt/usr && restore -rf -) - /mnt/etc/fstab must be edited to - point to the new mirror filesystems: + Next, edit /mnt/etc/fstab to + point to the new mirror file systems: # Device Mountpoint FStype Options Dump Pass# /dev/mirror/gm0s1a / ufs rw 1 1 @@ -438,21 +438,21 @@ Done. /dev/mirror/gm0s1e /tmp ufs rw 2 2 /dev/mirror/gm0s1f /usr ufs rw 2 2 - If the &man.gmirror.8; kernel module has not been built + If the geom_mirror.ko kernel module has not been built into the kernel, /mnt/boot/loader.conf is edited to load the module at boot: geom_mirror_load="YES" Reboot the system to test the new mirror and verify that - all data has been copied. The BIOS will see the mirror as two + all data has been copied. The BIOS will see the mirror as two individual drives rather than a mirror. Because the drives are identical, it does not matter which is selected to boot. - See the Troubleshooting - section if there are problems booting. Powering down and + See + if there are problems booting. Powering down and disconnecting the original ada0 disk will allow it to be kept as an offline backup. @@ -469,17 +469,17 @@ Done. system. A one-disk mirror will be created on the new disk, the existing system copied onto it, and then the old disk will be inserted into the mirror. This slightly complex procedure - is required because &man.gmirror.8; needs to put a 512-byte + is required because gmirror needs to put a 512-byte block of metadata at the end of each disk, and the existing ada0 has usually had all of its space already allocated. - Load the &man.gmirror.8; kernel module: + Load the geom_mirror.ko kernel module: &prompt.root; gmirror load Check the media size of the original disk with - &man.diskinfo.8;: + diskinfo: &prompt.root; diskinfo -v ada0 | head -n3 /dev/ada0 @@ -488,39 +488,37 @@ Done. Create a mirror on the new disk. To make certain that the mirror capacity is not any larger than the original drive, - &man.gnop.8; is used to create a fake drive of the exact same + gnop is used to create a fake drive of the exact same size. This drive does not store any data, but is used only to - limit the size of the mirror. When &man.gmirror.8; creates + limit the size of the mirror. When gmirror creates the mirror, it will restrict the capacity to the size of gzero.nop, even if the new drive (ada1) has more space. Note that the 1000204821504 in the second line should be equal to ada0's media size - as shown by &man.diskinfo.8; above. + as shown by diskinfo above. &prompt.root; geom zero load &prompt.root; gnop create -s 1000204821504 gzero &prompt.root; gmirror label -v gm0 gzero.nop ada1 &prompt.root; gmirror forget gm0 - gzero.nop does not store any - data, so the mirror does not see it as connected. The mirror + Since gzero.nop does not store any + data, the mirror does not see it as connected. The mirror is told to forget unconnected components, removing references to gzero.nop. The result is a mirror device containing only a single disk, ada1. After creating gm0, view the - partition table on ada0. - - This output is from a 1 TB drive. If there is some + partition table on ada0. This output is from a 1 TB drive. If there is some unallocated space at the end of the drive, the contents may be copied directly from ada0 to the new mirror. However, if the output shows that all of the space on the - disk is allocated like the following listing, there is no - space available for the 512-byte &man.gmirror.8; metadata at + disk is allocated, like in the following listing, there is no + space available for the 512-byte mirror metadata at the end of the disk. &prompt.root; gpart show ada0 @@ -533,9 +531,8 @@ Done. be explained later. In either case, partition tables on the primary disk - should be copied first with the &man.gpart.8; - backup and restore - subcommands. + should be first copied using gpart backup + and gpart restore. &prompt.root; gpart backup ada0 > table.ada0 &prompt.root; gpart backup ada0s1 > table.ada0s1 @@ -615,7 +612,7 @@ BSD 8 Both the slice and the last partition should have some free space at the end of each disk. - Create filesystems on these new partitions. The + Create file systems on these new partitions. The number of partitions will vary, matching the partitions on the original disk, ada0. @@ -625,7 +622,7 @@ BSD 8 &prompt.root; newfs -U /dev/mirror/gm0s1f &prompt.root; newfs -U /dev/mirror/gm0s1g - Make the mirror bootable by installing bootcode in the MBR + Make the mirror bootable by installing bootcode in the MBR and bsdlabel and setting the active slice: &prompt.root; gpart bootcode -b /boot/mbr mirror/gm0 @@ -650,15 +647,15 @@ BSD 8 /dev/mirror/gm0s1f /data1 ufs rw 2 2 /dev/mirror/gm0s1g /data2 ufs rw 2 2 - If the &man.gmirror.8; kernel module has not been built + If the geom_mirror.ko kernel module has not been built into the kernel, edit /boot/loader.conf to load it: geom_mirror_load="YES" - Filesystems from the original disk can now be copied onto - the mirror with &man.dump.8; and &man.restore.8;. Note that - it may take some time to create a snapshot for each filesystem + File systems from the original disk can now be copied onto + the mirror with dump and restore. Note that + it may take some time to create a snapshot for each file system dumped with dump -L. &prompt.root; mount /dev/mirror/gm0s1a /mnt @@ -676,9 +673,9 @@ BSD 8 ada1. If everything is working, the system will boot from mirror/gm0, which now contains the same data as - ada0 had previously. See the - Troubleshooting - section if there are problems booting. + ada0 had previously. See + + if there are problems booting. At this point, the mirror still consists of only the single ada1 disk. @@ -694,9 +691,9 @@ BSD 8 mirror/gm0 has the same contents as ada0 before adding ada0 to the mirror. If there is - something wrong with the contents copied by &man.dump.8; and - &man.restore.8;, revert /etc/fstab to - mount the filesystems on ada0, + something wrong with the contents copied by dump and + restore, revert /etc/fstab to + mount the file systems on ada0, reboot, and try the whole procedure again. @@ -704,8 +701,8 @@ BSD 8 GEOM_MIRROR: Device gm0: rebuilding provider ada0 Synchronization between the two disks will start - immediately. &man.gmirror.8; status - shows the progress. + immediately. Use gmirror status + to view the progress. &prompt.root; gmirror status Name Status Components @@ -720,7 +717,7 @@ mirror/gm0 DEGRADED ada1 (ACTIVE) mirror/gm0 COMPLETE ada1 (ACTIVE) ada0 (ACTIVE) - mirror/gm0 now consists of + The mirror, mirror/gm0, now consists of the two disks ada0 and ada1, and the contents are automatically synchronized with each other. In use, @@ -731,21 +728,12 @@ mirror/gm0 COMPLETE ada1 (ACTIVE) Troubleshooting - - Problems with Booting - - - BIOS Settings - - BIOS settings may have to be changed to boot from one + If the system no longer boots, BIOS + settings may have to be changed to boot from one of the new mirrored drives. Either mirror drive can be used for booting, as they contain identical data. - - - Boot Problems - - If the boot stopped with this message, something is + If the boot stops with this message, something is wrong with the mirror device: Mounting from ufs:/dev/mirror/gm0s1a failed with error 19. @@ -771,7 +759,7 @@ Manual root filesystem specification: mountroot> Forgetting to load the - geom_mirror module in + geom_mirror.ko module in /boot/loader.conf can cause this problem. To fix it, boot from a &os; 9.0 or later installation media and choose Shell at @@ -788,15 +776,15 @@ mountroot> Save the file and reboot. - Other problems that cause error 19 - require more effort to fix. Enter - ufs:/dev/ada0s1a at the boot loader - prompt. Although the system should boot from + Other problems that cause error 19 + require more effort to fix. Although the system should boot from ada0, another prompt to select a - shell appears because /etc/fstab is - incorrect. Press the Enter key at the prompt. Undo the - modifications so far by reverting - /etc/fstab, mounting filesystems from + shell will appear if /etc/fstab is + incorrect. Enter + ufs:/dev/ada0s1a at the boot loader + prompt and press Enter. Undo the + edits in + /etc/fstab then mount the file systems from the original disk (ada0) instead of the mirror. Reboot the system and try the procedure again. @@ -804,8 +792,6 @@ mountroot> Enter full pathname of shell or RETURN for /bin/sh: &prompt.root; cp /etc/fstab.orig /etc/fstab &prompt.root; reboot - - @@ -833,9 +819,8 @@ mountroot> &prompt.root; gmirror forget gm0 - Any old metadata should be - cleared from the - replacement disk. Then the disk, + Any old metadata should be cleared from the replacement disk using the instructions in + . Then the disk, ada4 for this example, is inserted into the mirror: From owner-svn-doc-all@FreeBSD.ORG Fri Apr 25 15:26:07 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F20F8C00; Fri, 25 Apr 2014 15:26:06 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DCC581172; Fri, 25 Apr 2014 15:26:06 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3PFQ6Tk094868; Fri, 25 Apr 2014 15:26:06 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3PFQ6pX094867; Fri, 25 Apr 2014 15:26:06 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404251526.s3PFQ6pX094867@svn.freebsd.org> From: Dru Lavigne Date: Fri, 25 Apr 2014 15:26:06 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44663 - head/en_US.ISO8859-1/books/handbook/geom X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Apr 2014 15:26:07 -0000 Author: dru Date: Fri Apr 25 15:26:06 2014 New Revision: 44663 URL: http://svnweb.freebsd.org/changeset/doc/44663 Log: Put RAID3 chapter before Software RAID Devices chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Fri Apr 25 14:48:46 2014 (r44662) +++ head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Fri Apr 25 15:26:06 2014 (r44663) @@ -842,6 +842,179 @@ mountroot>             + + + + <acronym>RAID</acronym>3 - Byte-level Striping with + Dedicated Parity + + + + + Mark + Gladman + + Written by + + + + + Daniel + Gerzo + + + + + + + + Tom + Rhodes + + Based on documentation by + + + + + Murray + Stokely + + + + + + + GEOM + + + RAID3 + + + RAID3 is a method used to combine several + disk drives into a single volume with a dedicated parity disk. + In a RAID3 system, data is split up into a + number of bytes that are written across all the drives in the + array except for one disk which acts as a dedicated parity disk. + This means that reading 1024KB from a + RAID3 implementation will access all disks in + the array. Performance can be enhanced by using multiple disk + controllers. The RAID3 array provides a + fault tolerance of 1 drive, while providing a capacity of 1 - + 1/n times the total capacity of all drives in the array, where n + is the number of hard drives in the array. Such a configuration + is mostly suitable for storing data of larger sizes such as + multimedia files. + + At least 3 physical hard drives are required to build a + RAID3 array. Each disk must be of the same + size, since I/O requests are interleaved to read or write to + multiple disks in parallel. Also, due to the nature of + RAID3, the number of drives must be + equal to 3, 5, 9, 17, and so on, or 2^n + 1. + + + Creating a Dedicated <acronym>RAID</acronym>3 + Array + + In &os;, support for RAID3 is + implemented by the &man.graid3.8; GEOM + class. Creating a dedicated + RAID3 array on &os; requires the following + steps. + + + While it is theoretically possible to boot from a + RAID3 array on &os;, that configuration + is uncommon and is not advised. + + + + + First, load the geom_raid3.ko + kernel module by issuing the following command: + + &prompt.root; graid3 load + + Alternatively, it is possible to manually load the + geom_raid3.ko module: + + &prompt.root; kldload geom_raid3.ko + + + + Create or ensure that a suitable mount point + exists: + + &prompt.root; mkdir /multimedia/ + + + + Determine the device names for the disks which will be + added to the array, and create the new + RAID3 device. The final device listed + will act as the dedicated parity disk. This + example uses three unpartitioned + ATA drives: + ada1 + and + ada2 + for data, and + ada3 + for parity. + + &prompt.root; graid3 label -v gr0 /dev/ada1 /dev/ada2 /dev/ada3 +Metadata value stored on /dev/ada1. +Metadata value stored on /dev/ada2. +Metadata value stored on /dev/ada3. +Done. + + + + Partition the newly created + gr0 device and put a UFS file + system on it: + + &prompt.root; gpart create -s GPT /dev/raid3/gr0 +&prompt.root; gpart add -t freebsd-ufs /dev/raid3/gr0 +&prompt.root; newfs -j /dev/raid3/gr0p1 + + Many numbers will glide across the screen, and after a + bit of time, the process will be complete. The volume has + been created and is ready to be mounted: + + &prompt.root; mount /dev/raid3/gr0p1 /multimedia/ + + The RAID3 array is now ready to + use. + + + + Additional configuration is needed to retain the above + setup across system reboots. + + + + The geom_raid3.ko module must be + loaded before the array can be mounted. To automatically + load the kernel module during system initialization, add + the following line to + /boot/loader.conf: + + geom_raid3_load="YES" + + + + The following volume information must be added to + /etc/fstab in order to + automatically mount the array's file system during + the system boot process: + + /dev/raid3/gr0p1 /multimedia ufs rw 2 2 + + + + + Software <acronym>RAID</acronym> Devices @@ -1153,179 +1326,6 @@ raid/r0 OPTIMAL ada0 (ACTIVE (ACTIVE)) - - - - <acronym>RAID</acronym>3 - Byte-level Striping with - Dedicated Parity - - - - - Mark - Gladman - - Written by - - - - - Daniel - Gerzo - - - - - - - - Tom - Rhodes - - Based on documentation by - - - - - Murray - Stokely - - - - - - - GEOM - - - RAID3 - - - RAID3 is a method used to combine several - disk drives into a single volume with a dedicated parity disk. - In a RAID3 system, data is split up into a - number of bytes that are written across all the drives in the - array except for one disk which acts as a dedicated parity disk. - This means that reading 1024KB from a - RAID3 implementation will access all disks in - the array. Performance can be enhanced by using multiple disk - controllers. The RAID3 array provides a - fault tolerance of 1 drive, while providing a capacity of 1 - - 1/n times the total capacity of all drives in the array, where n - is the number of hard drives in the array. Such a configuration - is mostly suitable for storing data of larger sizes such as - multimedia files. - - At least 3 physical hard drives are required to build a - RAID3 array. Each disk must be of the same - size, since I/O requests are interleaved to read or write to - multiple disks in parallel. Also, due to the nature of - RAID3, the number of drives must be - equal to 3, 5, 9, 17, and so on, or 2^n + 1. - - - Creating a Dedicated <acronym>RAID</acronym>3 - Array - - In &os;, support for RAID3 is - implemented by the &man.graid3.8; GEOM - class. Creating a dedicated - RAID3 array on &os; requires the following - steps. - - - While it is theoretically possible to boot from a - RAID3 array on &os;, that configuration - is uncommon and is not advised. - - - - - First, load the geom_raid3.ko - kernel module by issuing the following command: - - &prompt.root; graid3 load - - Alternatively, it is possible to manually load the - geom_raid3.ko module: - - &prompt.root; kldload geom_raid3.ko - - - - Create or ensure that a suitable mount point - exists: - - &prompt.root; mkdir /multimedia/ - - - - Determine the device names for the disks which will be - added to the array, and create the new - RAID3 device. The final device listed - will act as the dedicated parity disk. This - example uses three unpartitioned - ATA drives: - ada1 - and - ada2 - for data, and - ada3 - for parity. - - &prompt.root; graid3 label -v gr0 /dev/ada1 /dev/ada2 /dev/ada3 -Metadata value stored on /dev/ada1. -Metadata value stored on /dev/ada2. -Metadata value stored on /dev/ada3. -Done. - - - - Partition the newly created - gr0 device and put a UFS file - system on it: - - &prompt.root; gpart create -s GPT /dev/raid3/gr0 -&prompt.root; gpart add -t freebsd-ufs /dev/raid3/gr0 -&prompt.root; newfs -j /dev/raid3/gr0p1 - - Many numbers will glide across the screen, and after a - bit of time, the process will be complete. The volume has - been created and is ready to be mounted: - - &prompt.root; mount /dev/raid3/gr0p1 /multimedia/ - - The RAID3 array is now ready to - use. - - - - Additional configuration is needed to retain the above - setup across system reboots. - - - - The geom_raid3.ko module must be - loaded before the array can be mounted. To automatically - load the kernel module during system initialization, add - the following line to - /boot/loader.conf: - - geom_raid3_load="YES" - - - - The following volume information must be added to - /etc/fstab in order to - automatically mount the array's file system during - the system boot process: - - /dev/raid3/gr0p1 /multimedia ufs rw 2 2 - - - - - <acronym>GEOM</acronym> Gate Network Devices From owner-svn-doc-all@FreeBSD.ORG Fri Apr 25 13:47:44 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B24E7985; Fri, 25 Apr 2014 13:47:44 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9D73715D7; Fri, 25 Apr 2014 13:47:44 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3PDlixb053703; Fri, 25 Apr 2014 13:47:44 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3PDliDi053702; Fri, 25 Apr 2014 13:47:44 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201404251347.s3PDliDi053702@svn.freebsd.org> From: Ryusuke SUZUKI Date: Fri, 25 Apr 2014 13:47:44 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44658 - head/ja_JP.eucJP/books/handbook/ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Fri, 25 Apr 2014 15:52:48 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Apr 2014 13:47:44 -0000 Author: ryusuke Date: Fri Apr 25 13:47:44 2014 New Revision: 44658 URL: http://svnweb.freebsd.org/changeset/doc/44658 Log: - Merge the following from the English version: r42904 -> r42918 head/ja_JP.eucJP/books/handbook/ports/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/ports/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/ports/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/ports/chapter.xml Fri Apr 25 11:06:16 2014 (r44657) +++ head/ja_JP.eucJP/books/handbook/ports/chapter.xml Fri Apr 25 13:47:44 2014 (r44658) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r42904 + Original revision: r42918 $FreeBSD$ --> @@ -1227,11 +1227,11 @@ Deinstalling ca_root_nss-3.15.1_1... don security/gpgmemail/sylpheed-claws などがあります。 - port に利用可能なオプションがある場合には、 + port が他のカスタマイズ可能なオプションを持つ ports に依存する場合には、 デフォルトでは、ユーザに port のオプションをメニューから選択させる設定のため、 何度もユーザとの対話が起こり待たされることがあります。 - これを避けるには、まず最初に + これを避けるには、まず最初に port スケルトンで make config-recursive を実行して設定を一括で行い、その後 make install [clean] @@ -1373,94 +1373,40 @@ The deinstallation will free 229 kB ports アップグレード - まず最初に &man.pkg.version.1; コマンドを使って、 - 古くなってしまった ports - の中で新しいバージョンにアップデート可能なものを - Ports Collection からリストアップしてください。 - &prompt.root; pkg_version -v + 時間が経つと、Ports Collection + で新しいバージョンのソフトウェアを利用できるようになります。 + この章では、アップグレードする必要のあるソフトウェアを判断したり、 + どのようにアップグレードするかについて説明します。 + + インストールされている ports + に新しいバージョンが利用できるかを知るには、 + 最新の ports ツリーがインストールされているかを確認してください。 + これには、手順の 5.1 もしくは 5.2 + で書かれているアップデートのコマンドを使ってください。 + その後、以下のコマンドを実行して、現在利用可能なバージョンよりも古い + ports の一覧を得てください。 - - <filename>/usr/ports/UPDATING</filename> を読む + &prompt.root; pkg_version -l "<" - Ports Collection を更新したら、port をアップグレードする前に + + アップグレードする前に /usr/ports/UPDATING - ファイルに目を通してください。 + を、ファイルの頭から、ports を最後にアップデートした日、 + もしくはシステムをインストールをした最も近い日まで目を通してください このファイルには port をアップグレードする際にユーザが遭遇するであろう問題や、 追加で必要な作業などが記述されています。 例えば、ファイル形式の変更や設定ファイルの場所の変更、 - 前のバージョンと互換性がなくなったことなどが書かれています。 - - もし、この節に書いてあることと - UPDATING に書かれていることが矛盾している場合には、 - UPDATING を優先してください。 - - - - portupgrade を用いた ports のアップグレード - - - portupgrade - - - portupgrade は、 - インストールした ports - のアップグレードを簡単に行なうためのユーティリティです。 - ports-mgmt/portupgrade - port から利用できます。 - 他の port と同じように make install - clean でインストールしてください。 - - &prompt.root; cd /usr/ports/ports-mgmt/portupgrade -&prompt.root; make install clean - - pkgdb -F を使って、 - インストールされている ports を調べてください。 - 矛盾が検出された場合には修復してください。 - アプリケーションをアップデートする前には、 - この作業を定期的に行なうとよいでしょう。 - - システムにインストールされている port - の中で古くなったものをすべてアップデートするには - portupgrade -a を実行してください。 - もし、すべての ports - に対して個別にアップグレードするかどうかを確認したいのであれば、 - を追加してください。 - - &prompt.root; portupgrade -ai - - ports で利用可能なすべてのアプリケーションではなく、 - ある特定のアプリケーションだけを更新したいのであれば、 - portupgrade pkgname - を実行してください。 - アップグレードするアプリケーションが依存しているすべての - ports をまず先に更新したい場合には、 - を使ってください。 - - &prompt.root; portupgrade -R firefox - - ports ではなく packages を用いてインストールを行ないたい場合には、 - オプションを使ってください。 - このオプションを使うと、portupgrade は - PKG_PATH に登録されているローカルディレクトリを検索し、 - ローカルに packages が見つからなければ、 - リモートサイトからダウンロードを試みます。 - packages をローカルに見つけることができず、 - リモートサイトからもダウンロードできない場合には、 - portupgrade - は ports からインストールを行ないます。 - ports を使用したくなければ、 - オプションを指定してください。 - - &prompt.root; portupgrade -PP gnome2 + 前のバージョンと互換性がなくなったことなどが書かれています。 + アップグレードする必要のある ports に関連した手順に注意し、 + アップグレードする際にはこれらの手順に従ってください。 + - また、ビルドやインストールを行なわず、 - distfiles ( が指定されている場合は packages) - だけをダウンロードしたければ、 - オプションを指定してください。 - 詳細は &man.portupgrade.1; を参照してください。 - + 実際にアップグレードを行うには、 + Portmaster もしくは + Portupgrade + を使ってください。 <application>portmaster</application> @@ -1470,8 +1416,9 @@ The deinstallation will free 229 kB <primary>portmaster</primary> </indexterm> - <para>インストールした ports - のアップグレードを行うためのもう一つのユーティリティが <package>ports-mgmt/portmaster</package> です。 + <para><package>ports-mgmt/portmaster</package> package または port は、 + &os; と共にインストールされているツールだけを使うので、 + インストールされている ports のアップグレードに推奨されるツールです。 <application>portmaster</application> は、 他の ports に依存せずに、<quote>base</quote> システムのツールのみを使うように設計されています。 @@ -1479,30 +1426,38 @@ The deinstallation will free 229 kB どの ports をアップグレードすべきかの判断を、 <filename>/var/db/pkg/</filename> の情報を使って行います。 - port をインストールするには以下のようにしてください。</para> + port からこのユーティリティをインストールするには以下のようにしてください。</para> <screen>&prompt.root; <userinput>cd /usr/ports/ports-mgmt/portmaster</userinput> &prompt.root; <userinput>make install clean</userinput></screen> - <para><application>Portmaster</application> は、ports を 4 つのカテゴリに分類します。</para> + <para><application>Portmaster</application> は、 + ports を 4 つのカテゴリに分類します。</para> <itemizedlist> <listitem> - <para>Root ports: 他の port に依存せず、他の port からも依存されません。</para> - </listitem> + <para>Root ports: 他の port に依存せず、 + 他の port からも依存されません。</para> + </listitem> + <listitem> - <para>Trunk ports: 他の port に依存しませんが、他の port から依存されています。</para> - </listitem> + <para>Trunk ports: 他の port に依存しませんが、 + 他の port から依存されています。</para> + </listitem> + <listitem> - <para>Branch ports: 他の port に依存し、他の port からも依存されています。</para> - </listitem> + <para>Branch ports: 他の port に依存し、 + 他の port からも依存されています。</para> + </listitem> + <listitem> - <para>Leaf ports: 他の port に依存しますが、他の port からは依存されません。</para> - </listitem> + <para>Leaf ports: 他の port に依存しますが、 + 他の port からは依存されません。</para> + </listitem> </itemizedlist> - <para><option>-L</option> オプションを使うと、 - インストールした ports やアップデート可能な port の一覧が表示されます。</para> + <para>これらのカテゴリの一覧や、アップデート可能な + port の一覧を表示するには以下のようにしてください。</para> <screen>&prompt.root; <userinput>portmaster -L</userinput> ===>>> Root ports (No dependencies, not depended on) @@ -1524,35 +1479,110 @@ The deinstallation will free 229 kB ===>>> 32 leaf ports ===>>> 137 total installed ports - ===>>> 83 have new versions available -</screen> + ===>>> 83 have new versions available</screen> - <para>以下のコマンドを使って、 - インストールされているすべての ports をアップデートできます。</para> + <para>以下のコマンドを使うと、 + 古くなったすべての ports をアップデートします。</para> <screen>&prompt.root; <userinput>portmaster -a</userinput></screen> <note> - <para><application>portmaster</application> のデフォルトの設定では、 - インストールされている port を削除する前にバックアップ用の package が作成されます。 - このバックアップは、新しいバージョンのインストールに成功すると削除されます。 + <para><application>Portmaster</application> のデフォルトの設定では、 + インストールされている port を削除する前にバックアップ用の + package が作成されます。 + このバックアップは、 + 新しいバージョンのインストールに成功すると削除されます。 <option>-b</option> を使うと、 - <application>portmaster</application> はバックアップを自動的に削除しません。 + <application>Portmaster</application> + の自動的なバックアップの削除は行いません。 <option>-i</option> を追加すると、 - <application>portmaster</application> をインタラクティブモードで使用できます。 - このモードでは、各 port をアップグレードするかどうかの選択を対話的に行うことがでます。</para></note> + <application>Portmaster</application> をインタラクティブモードで使用できます。 + このモードでは、各 port + をアップグレードするかどうかの選択を対話的に行うことがでます。 + 多くのオプションが利用可能です。portmaster(8) のマニュアルページから、 + それらの使用方法に関する詳細な説明を読んでください。</para> + </note> <para>アップグレードの過程でエラーに遭遇した場合には、 - <option>-f</option> を使ってすべての ports のアップグレードや再構築を行なってください。</para> + <option>-f</option> を使ってすべての + ports のアップグレードや再構築を行なってください。</para> <screen>&prompt.root; <userinput>portmaster -af</userinput></screen> - <para><application>portmaster</application> を使ってシステムに新しい ports - をインストールしたり、新しい port のコンパイルやインストール前に依存するすべての port をアップグレードできます。</para> + <para><application>Portmaster</application> + を使ってシステムに新しい ports をインストールしたり、 + 新しい port のコンパイルやインストール前に依存するすべての + port をアップグレードできます。この機能を使うには、 + Ports Collection の位置を指定してください。</para> + + <screen>&prompt.root; <userinput>portmaster <replaceable>shells/bash</replaceable></userinput></screen> + </sect3> + + <sect3 xml:id="portupgrade"> + <title>Portupgrade を用いた ports のアップグレード + + + portupgrade + + + Portupgrade は、 + インストールした ports + のアップグレードを行なうためのもう一つのユーティリティです。 + ports-mgmt/portupgrade + package または port から利用できます。 + このユーティリティは ports を管理するために用いられるアプリケーションをインストールします。 + Ruby に依存します。port をインストールするには、以下を実行してください。 + + &prompt.root; cd /usr/ports/ports-mgmt/portupgrade +&prompt.root; make install clean + + このユーティリティを使ってアップグレードを行う前に、 + pkgdb -F を使って、 + インストールされている ports の一覧を調べてください。 + 矛盾が検出された場合には修復してください。 - &prompt.root; portmaster shells/bash + システムにインストールされている port + の中で古くなったものをすべてアップデートするには + portupgrade -a を実行してください。 + もし、すべての ports + に対して個別にアップグレードするかどうかを確認したいのであれば、 + を追加してください。 - 詳細については &man.portmaster.8; を参照してください。 + &prompt.root; portupgrade -ai + + ports で利用可能なすべてのアプリケーションではなく、 + ある特定のアプリケーションだけを更新したいのであれば、 + portupgrade pkgname + を実行してください。 + アップグレードするアプリケーションが依存しているすべての + ports をまず先に更新したい場合には、 + を使ってください。 + + &prompt.root; portupgrade -R firefox + + オプションを使うと、 + portupgrade は + PKG_PATH に登録されているローカルディレクトリから、 + 利用可能な package を探します。 + ローカルに利用可能な packages が見つからなければ、 + リモートサイトから package のダウンロードを試みます。 + packages をローカルに見つけることができず、 + リモートサイトからもダウンロードできない場合には、 + portupgrade + は ports からインストールを行ないます。 + ports を使用したくなければ、 + オプションを指定してください。 + この最後のオプションを設定すると、 + もし package が利用できなければ + Portupgrade は終了します。 + + &prompt.root; portupgrade -PP gnome2 + + また、ビルドやインストールを行なわず、 + distfiles または packages だけをダウンロードしたければ、 + オプションを指定してください。 + 利用可能なすべてのオプションについては、 + &man.portupgrade.1; のマニュアルを参照してください。 @@ -1567,32 +1597,48 @@ The deinstallation will free 229 kB Ports Collection を使い続けていると、 そのうちディスクを食いつぶしてしまうでしょう。 ports をビルドしてインストールした後、 - make clean - は作業用の work + ports スケルトンで make clean + を実行すると、作業用の work ディレクトリを削除します。 - 以下のコマンドで Ports Collection を掃除することができます。 + Portmaster を使って port + をインストールする場合には、 + を使わなければこのディレクトリは自動的に削除されます。 + Portupgrade + がインストールされている場合には、 + 以下のコマンドはローカルの Ports Collection + に見つかったすべての work + ディレクトリを削除します。 &prompt.root; portsclean -C - 時間が経つにつれ distfiles - ディレクトリには、古くなったソースファイルがたまっていきます。 + さらに、時間が経つにつれ + /usr/ports/distfiles + には、古くなったソースファイルがたまっていきます。 + Portupgrade + がインストールされている場合には、 次のコマンドで、どの ports からも使われていない distfiles を削除できます。 &prompt.root; portsclean -D - システムにインストールされている port から使われていない + Portupgrade + を使って、システムにインストールされている port から使われていない distfiles をすべて削除するには、以下のコマンドを使ってください。 &prompt.root; portsclean -DD - - portsclean ユーティリティは - ports-mgmt/portupgrade - ツール群の一部です。 - + もし Portmaster + がインストールされているのであれば、以下を実行してください。 + + &prompt.root; portmaster --clean-distfiles - ports-mgmt/pkg_cutleaves port は、 + デフォルトでは、このコマンドはインタラクティブに設定されているため、 + ユーザに対して distfile + を削除すべきかどうかを確認するプロンプトが表示されます。 + + これらのコマンドに加え、ports-mgmt/pkg_cutleaves + package または port は、 必要なくなった ports を削除する作業を自動化します。 @@ -1659,9 +1705,8 @@ The deinstallation will free 229 kB うまく動作しない ports に遭遇した場合には - うまくコンパイルできなかったりインストールできない - port に遭遇したら、 - あなたにできることは次のようなことしかありません。 + port をうまくコンパイルできなかったりインストールできない場合には、 + 以下を試してください。 @@ -1669,17 +1714,17 @@ The deinstallation will free 229 kB 障害報告 (Problem Report) データベース で調べてください。 もし提案されていれば、 - その修正によって問題を解決できるかもしれません。 + その提案されている修正によって問題を解決できるかもしれません。 port の保守担当者に対応してもらいましょう。 - make maintainer と入力するか、 - Makefile を直接読み、 - 保守担当者の電子メールアドレスを調べます。 - メールを送る際には、port 名とバージョン番号 - (Makefile の - $FreeBSD: 行)、 + port スケルトンで make maintainer と入力するか、 + port の Makefile を読み、 + 保守担当者の電子メールアドレスを調べてください。 + 保守担当者にメールを送る際には、port の + Makefile の + $FreeBSD: 行、 そしてエラーが出力されるまでの出力ログを忘れずに添付してください。 @@ -1689,24 +1734,26 @@ The deinstallation will free 229 kB そのような場合には、メールアドレスは freebsd-listname@FreeBSD.org のようになります。 - 質問する際には、このことに気をつけてください。 + メールを送る際には、このことに気をつけてください。 特に ports@FreeBSD.org - が保守している ports には、保守担当者が本当にいません。 + が保守している ports には、保守担当者がいません。 + そのかわり、 そのメーリングリストを購読する人々からなるコミュニティが、 修正や対応をおこなっています。 もっとボランティアが必要です! - 保守担当者から返信がなければ、&man.send-pr.1; - を使ってバグレポートを提出してください - ( - &os; 障害報告の書き方 をご覧ください)。 + メールに対して返信がなければ、 + + &os; 障害報告の書き方 に書かれている手順にしたがって、 + &man.send-pr.1; + を使ってバグレポートを提出してください。 自分で直しましょう! - Ports システムに関する詳細な情報は + ports システムに関する詳細な情報は port 作成者のためのハンドブック にあります。 このセクションを読むと、壊れてしまった port を直したり、 @@ -1714,8 +1761,9 @@ The deinstallation will free 229 kB - かわりに &man.pkg.add.1; を使って package - をインストールしてください。 + または に書かれている手順にしたがって、 + package をインストールしてください。 From owner-svn-doc-all@FreeBSD.ORG Fri Apr 25 16:10:59 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E15CA164; Fri, 25 Apr 2014 16:10:58 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CE4BF16C9; Fri, 25 Apr 2014 16:10:58 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3PGAwx1012722; Fri, 25 Apr 2014 16:10:58 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3PGAwMV012721; Fri, 25 Apr 2014 16:10:58 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404251610.s3PGAwMV012721@svn.freebsd.org> From: Dru Lavigne Date: Fri, 25 Apr 2014 16:10:58 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44664 - head/en_US.ISO8859-1/books/handbook/geom X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Apr 2014 16:10:59 -0000 Author: dru Date: Fri Apr 25 16:10:58 2014 New Revision: 44664 URL: http://svnweb.freebsd.org/changeset/doc/44664 Log: Editorial review of RAID3 chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Fri Apr 25 15:26:06 2014 (r44663) +++ head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Fri Apr 25 16:10:58 2014 (r44664) @@ -895,8 +895,8 @@ mountroot> In a RAID3 system, data is split up into a number of bytes that are written across all the drives in the array except for one disk which acts as a dedicated parity disk. - This means that reading 1024KB from a - RAID3 implementation will access all disks in + This means that disk reads from a + RAID3 implementation access all disks in the array. Performance can be enhanced by using multiple disk controllers. The RAID3 array provides a fault tolerance of 1 drive, while providing a capacity of 1 - @@ -907,10 +907,19 @@ mountroot> At least 3 physical hard drives are required to build a RAID3 array. Each disk must be of the same - size, since I/O requests are interleaved to read or write to + size, since I/O requests are interleaved to read or write to multiple disks in parallel. Also, due to the nature of RAID3, the number of drives must be equal to 3, 5, 9, 17, and so on, or 2^n + 1. + + This section demonstrates how to create a software + RAID3 on a &os; system. + + + While it is theoretically possible to boot from a + RAID3 array on &os;, that configuration + is uncommon and is not advised. + Creating a Dedicated <acronym>RAID</acronym>3 @@ -922,30 +931,24 @@ mountroot></screen> <acronym>RAID</acronym>3 array on &os; requires the following steps.</para> - <note> - <para>While it is theoretically possible to boot from a - <acronym>RAID</acronym>3 array on &os;, that configuration - is uncommon and is not advised.</para> - </note> - <procedure> <step> <para>First, load the <filename>geom_raid3.ko</filename> - kernel module by issuing the following command:</para> + kernel module by issuing one of the following commands:</para> <screen>&prompt.root; <userinput>graid3 load</userinput></screen> - <para>Alternatively, it is possible to manually load the - <filename>geom_raid3.ko</filename> module:</para> + <para>or:</para> - <screen>&prompt.root; <userinput>kldload geom_raid3.ko</userinput></screen> + <screen>&prompt.root; <userinput>kldload geom_raid3</userinput></screen> </step> <step> - <para>Create or ensure that a suitable mount point - exists:</para> + <para>Ensure that a suitable mount point + exists. This command creates a new directory to use as + the mount point:</para> - <screen>&prompt.root; <userinput>mkdir <replaceable>/multimedia/</replaceable></userinput></screen> + <screen>&prompt.root; <userinput>mkdir <replaceable>/multimedia</replaceable></userinput></screen> </step> <step> @@ -971,7 +974,7 @@ Done.</screen> <step> <para>Partition the newly created - <filename>gr0</filename> device and put a UFS file + <filename>gr0</filename> device and put a <acronym>UFS</acronym> file system on it:</para> <screen>&prompt.root; <userinput>gpart create -s GPT /dev/raid3/gr0</userinput> @@ -989,7 +992,7 @@ Done.</screen> </step> </procedure> - <para>Additional configuration is needed to retain the above + <para>Additional configuration is needed to retain this setup across system reboots.</para> <procedure> From owner-svn-doc-all@FreeBSD.ORG Fri Apr 25 14:02:17 2014 Return-Path: <owner-svn-doc-all@FreeBSD.ORG> Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4C68211D; Fri, 25 Apr 2014 14:02:17 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2C4E817DF; Fri, 25 Apr 2014 14:02:17 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3PE2HLa061361; Fri, 25 Apr 2014 14:02:17 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3PE2HJ1061360; Fri, 25 Apr 2014 14:02:17 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201404251402.s3PE2HJ1061360@svn.freebsd.org> From: Ryusuke SUZUKI <ryusuke@FreeBSD.org> Date: Fri, 25 Apr 2014 14:02:17 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44660 - head/ja_JP.eucJP/books/handbook/ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Fri, 25 Apr 2014 16:11:08 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" <svn-doc-all.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/svn-doc-all/> List-Post: <mailto:svn-doc-all@freebsd.org> List-Help: <mailto:svn-doc-all-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=subscribe> X-List-Received-Date: Fri, 25 Apr 2014 14:02:17 -0000 Author: ryusuke Date: Fri Apr 25 14:02:16 2014 New Revision: 44660 URL: http://svnweb.freebsd.org/changeset/doc/44660 Log: - Merge the following from the English version: r42918 -> r42919 head/ja_JP.eucJP/books/handbook/ports/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/ports/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/ports/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/ports/chapter.xml Fri Apr 25 13:49:12 2014 (r44659) +++ head/ja_JP.eucJP/books/handbook/ports/chapter.xml Fri Apr 25 14:02:16 2014 (r44660) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r42918 + Original revision: r42919 $FreeBSD$ --> <chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="ports"> @@ -1227,8 +1227,8 @@ Deinstalling ca_root_nss-3.15.1_1... don <filename role="package">security/gpgme</filename> や <filename role="package">mail/sylpheed-claws</filename> などがあります。 - port が他のカスタマイズ可能なオプションを持つ ports に依存する場合には、 - デフォルトでは、ユーザに port + port が他のカスタマイズ可能なオプションを持つ ports + に依存する場合には、デフォルトでは、ユーザに port のオプションをメニューから選択させる設定のため、 何度もユーザとの対話が起こり待たされることがあります。 これを避けるには、まず最初に port スケルトンで @@ -1403,10 +1403,9 @@ The deinstallation will free 229 kB アップグレードする際にはこれらの手順に従ってください。</para> </important> - <para>実際にアップグレードを行うには、 - <application>Portmaster</application> もしくは - <application>Portupgrade</application> - を使ってください。</para> + <para>実際にアップグレードを行うには、 + <application>Portmaster</application> もしくは + <application>Portupgrade</application> を使ってください。</para> <sect3 xml:id="portmaster"> <title><application>portmaster</application> @@ -1424,9 +1423,8 @@ The deinstallation will free 229 kB システムのツールのみを使うように設計されています。 このアプリケーションは、 どの ports をアップグレードすべきかの判断を、 - <filename>/var/db/pkg/</filename> - の情報を使って行います。 - port からこのユーティリティをインストールするには以下のようにしてください。</para> + <filename>/var/db/pkg/</filename> の情報を使って行います。port + からこのユーティリティをインストールするには以下のようにしてください。</para> <screen>&prompt.root; <userinput>cd /usr/ports/ports-mgmt/portmaster</userinput> &prompt.root; <userinput>make install clean</userinput></screen> @@ -1516,7 +1514,7 @@ The deinstallation will free 229 kB Ports Collection の位置を指定してください。</para> <screen>&prompt.root; <userinput>portmaster <replaceable>shells/bash</replaceable></userinput></screen> - </sect3> + </sect3> <sect3 xml:id="portupgrade"> <title>Portupgrade を用いた ports のアップグレード @@ -1525,58 +1523,60 @@ The deinstallation will free 229 kB portupgrade - Portupgrade は、 - インストールした ports - のアップグレードを行なうためのもう一つのユーティリティです。 - ports-mgmt/portupgrade - package または port から利用できます。 - このユーティリティは ports を管理するために用いられるアプリケーションをインストールします。 - Ruby に依存します。port をインストールするには、以下を実行してください。 + Portupgrade は、 + インストールした ports + のアップグレードを行なうためのもう一つのユーティリティです。 + ports-mgmt/portupgrade + package または port から利用できます。 + このユーティリティは ports + を管理するために用いられるアプリケーションをインストールします。 + Ruby に依存します。 + port をインストールするには、以下を実行してください。 - &prompt.root; cd /usr/ports/ports-mgmt/portupgrade + &prompt.root; cd /usr/ports/ports-mgmt/portupgrade &prompt.root; make install clean - このユーティリティを使ってアップグレードを行う前に、 - pkgdb -F を使って、 - インストールされている ports の一覧を調べてください。 - 矛盾が検出された場合には修復してください。 - - システムにインストールされている port - の中で古くなったものをすべてアップデートするには - portupgrade -a を実行してください。 - もし、すべての ports - に対して個別にアップグレードするかどうかを確認したいのであれば、 - を追加してください。 - - &prompt.root; portupgrade -ai - - ports で利用可能なすべてのアプリケーションではなく、 - ある特定のアプリケーションだけを更新したいのであれば、 - portupgrade pkgname - を実行してください。 - アップグレードするアプリケーションが依存しているすべての - ports をまず先に更新したい場合には、 - を使ってください。 - - &prompt.root; portupgrade -R firefox - - オプションを使うと、 - portupgrade は - PKG_PATH に登録されているローカルディレクトリから、 - 利用可能な package を探します。 - ローカルに利用可能な packages が見つからなければ、 - リモートサイトから package のダウンロードを試みます。 - packages をローカルに見つけることができず、 - リモートサイトからもダウンロードできない場合には、 - portupgrade - は ports からインストールを行ないます。 - ports を使用したくなければ、 - オプションを指定してください。 - この最後のオプションを設定すると、 - もし package が利用できなければ - Portupgrade は終了します。 + このユーティリティを使ってアップグレードを行う前に、 + pkgdb -F を使って、 + インストールされている ports の一覧を調べてください。 + 矛盾が検出された場合には修復してください。 + + システムにインストールされている port + の中で古くなったものをすべてアップデートするには + portupgrade -a を実行してください。 + もし、すべての ports + に対して個別にアップグレードするかどうかを確認したいのであれば、 + を追加してください。 + + &prompt.root; portupgrade -ai + + ports で利用可能なすべてのアプリケーションではなく、 + ある特定のアプリケーションだけを更新したいのであれば、 + portupgrade pkgname + を実行してください。 + アップグレードするアプリケーションが依存しているすべての + ports をまず先に更新したい場合には、 + を使ってください。 + + &prompt.root; portupgrade -R firefox + + オプションを使うと、 + portupgrade は + PKG_PATH に登録されているローカルディレクトリから、 + 利用可能な package を探します。 + ローカルに利用可能な packages が見つからなければ、 + リモートサイトから package のダウンロードを試みます。 + packages をローカルに見つけることができず、 + リモートサイトからもダウンロードできない場合には、 + portupgrade + は ports からインストールを行ないます。 + ports を使用したくなければ、 + オプションを指定してください。 + この最後のオプションを設定すると、 + もし package が利用できなければ + Portupgrade は終了します。 - &prompt.root; portupgrade -PP gnome2 + &prompt.root; portupgrade -PP gnome2 また、ビルドやインストールを行なわず、 distfiles または packages だけをダウンロードしたければ、 @@ -1619,7 +1619,7 @@ The deinstallation will free 229 kB 次のコマンドで、どの ports からも使われていない distfiles を削除できます。 - &prompt.root; portsclean -D + &prompt.root; portsclean -D Portupgrade を使って、システムにインストールされている port から使われていない From owner-svn-doc-all@FreeBSD.ORG Fri Apr 25 14:07:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D2D46294; Fri, 25 Apr 2014 14:07:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BD1B7183A; Fri, 25 Apr 2014 14:07:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3PE7gB9062012; Fri, 25 Apr 2014 14:07:42 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3PE7gEo062011; Fri, 25 Apr 2014 14:07:42 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201404251407.s3PE7gEo062011@svn.freebsd.org> From: Remko Lodder Date: Fri, 25 Apr 2014 14:07:42 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-translations@freebsd.org Subject: svn commit: r44661 - translations/nl_NL.ISO8859-1/books/handbook/security X-SVN-Group: doc-translations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Fri, 25 Apr 2014 16:12:00 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Apr 2014 14:07:42 -0000 Author: remko Date: Fri Apr 25 14:07:42 2014 New Revision: 44661 URL: http://svnweb.freebsd.org/changeset/doc/44661 Log: Update work in progress, this also builds again after making a few minor mistakes :-) Facilitated by: Snow B.V. Modified: translations/nl_NL.ISO8859-1/books/handbook/security/chapter.xml Modified: translations/nl_NL.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- translations/nl_NL.ISO8859-1/books/handbook/security/chapter.xml Fri Apr 25 14:02:16 2014 (r44660) +++ translations/nl_NL.ISO8859-1/books/handbook/security/chapter.xml Fri Apr 25 14:07:42 2014 (r44661) @@ -962,7 +962,6 @@ &unix; varianten, welke DES gebruikten. Het antwoord hierop was MD5, waarbij aangenomen werd dat deze veiliger is dan DES. - houden. Het crypt-mechanisme herkennen @@ -1126,7 +1125,7 @@ MOS MALL GOAT ARM AVID COED verzinnen (100 is wellicht een prima getal) en een eigen zaad bedenken of er een laten fabriceren. Over de onveilige verbinding, moet op de machine die geinitialiseerd wordt - &man.opiepasswd.;1 gebruikt worden: + &man.opiepasswd.1; gebruikt worden: &prompt.user; opiepasswd @@ -1198,12 +1197,12 @@ Password: &prompt.user; opiekey 498 to4268 Using the MD5 algorithm to compute response. -Reminder: Don't use opiekey from telnet or dial-in sessions. +Reminder: Do not use opiekey from telnet or dial-in sessions. Enter secret pass phrase: GAME GAG WELT OUT DOWN CHAT - Nu het eenmalige wachtwoord er is, kan het aanmelden - doorgang vinden. + Zodra het eenmalige wachtwoord gegenereerd is kan het + aanmelden verder doorgang vinden. @@ -1230,24 +1229,25 @@ Enter secret pass phrase: < laatste iteratiegetal moet zijn. Deze wachtwoorden worden weergegeven in omgekeerde volgorde voor gebruik. Als de gebruiker echt paranode bent kan hij ze - opschrijven of hij kan er ook voor kiezen ze af te drukken met - lpr. Op iedere regel staat dus de - iteratieteller en het eenmalige wachtwoord, maar misschien is - het toch handig om ze na gebruik af te strepen. + opschrijven of hij kan er ook voor kiezen ze af te drukken. + Elke regel toont zowel het iteratiegetal als het eenmalige + wachtwoord. Streep de gebruikte wachtwoorden door zodra deze + gebruikt zijn. Gebruik van &unix; wachtwoorden beperken - Met OPIE kan paal en perk gesteld worden aan het gebruik van - &unix; wachtwoorden op basis van het IP-adres - van een aanmeldsessie. Dat kan met het bestand - /etc/opieaccess dat standaard aanwezig is. - Bij &man.opieaccess.5; staat meer informatie over dit bestand en - welke beveiligingsoverwegingen bestaan bij het gebruik. + Met OPIE kan paal en perk gesteld + worden aan het gebruik van &unix; wachtwoorden op basis van + het IP-adres van een aanmeldsessie. Dat + kan met het bestand /etc/opieaccess dat + standaard aanwezig is. In &man.opieaccess.5; staat meer + informatie over dit bestand en welke beveiligingsmaatregelen + overwogen moeten worden wanneer deze gebruikt wordt. - Hieronder een voorbeeld voor een - opieaccess bestand: + Hier volgt een voorbeeld opieaccess + bestand: permit 192.168.0.0 255.255.0.0 @@ -1257,73 +1257,52 @@ Enter secret pass phrase: < masker altijd &unix; wachtwoorden mogen gebruiken. Als geen van de regels uit opieaccess - van toepassing is, worden standaard pogingen zonder OPIE - geweigerd. + van toepassing is, worden standaard pogingen zonder + OPIE geweigerd. TCP Wrappers - TomRhodesGeschreven door + + + Tom + Rhodes + + Geschreven door + - - - TCP Wrapper + TCP Wrappers - Iedereen die bekend is met &man.inetd.8; heeft waarschijnlijk - wel eens van TCP Wrappers gehoord. Maar - slechts weinigen lijken volledig te begrijpen hoe ze in een - netwerkomgeving toegepast kunnen worden. Het schijnt dat - iedereen een firewall wil hebben om netwerkverbindingen af te - handelen. Ondanks dat een firewall veel kan, zijn er toch dingen - die het niet kan, zoals tekst terugsturen naar de bron van een - verbinding. De TCP Wrappers software kan dat - en nog veel meer. In dit onderdeel worden de mogelijkheden van - TCP Wrappers besproken en, waar dat van - toepassing is, worden ook voorbeelden voor implementatie - gegeven. - - De TCP Wrappers software vergroot de - mogelijkheden van inetd door de - mogelijkheid al zijn serverdaemons te controleren. Met deze - methode is het mogelijk om te loggen, berichten te zenden naar - verbindingen, een daemon toe te staan alleen interne verbindingen - te accepteren, etc. Hoewel een aantal van deze mogelijkheden ook - ingesteld kunnen worden met een firewall, geeft deze manier niet - alleen een extra laag beveiliging, maar gaat dit ook verder dan - wat een firewall kan bieden. - - De toegevoegde waarde van TCP Wrappers - is niet dat het een goede firewall vervangt. - TCP Wrappers kunnen samen met een firewall en - andere beveiligingsinstellingen gebruikt worden om een extra laag - van beveiliging voor het systeem te bieden. - - Omdat dit een uitbreiding is op de instellingen van - inetd, wordt aangenomen dat de lezer - het onderdeel inetd configuratie heeft - gelezen. - - - Hoewel programma's die onder &man.inetd.8; draaien niet - echt daemons zijn, heten ze traditioneel wel zo. - Deze term wordt hier dus ook gebruikt. - + TCP Wrappers vergroot de mogelijkheden + van , om elke server daemon + onder zijn controle te kunnen bedienen. Het kan geconfigureerd + worden om loginformatie te leveren, berichten terug te sturen + bij het maken van verbindingen, en om een daemon alleen + interne verbindingen toe te staan. Ondanks dat een aantal van + deze features kunnen worden geleverd door het gebruik van een + firewall levert TCP Wrappers een extra + beveiligingslaag en gaat deze verder dan de controle die een + firewall kan leveren. + + + TCP Wrappers moet niet worden beschouwd + als een vervanging voor een goed geconfigureerde firewall. + TCP Wrappers moet worden gebruikt tegelijk + met een firewall en andere beveiligings toevoegingen. Voor het eerst instellen - De enige voorwaarde voor het gebruiken van - TCP Wrappers in &os; is ervoor te zorgen - dat de server inetd gestart wordt - vanuit rc.conf met de optie - ; dit is de standaardinstelling. Er wordt - vanuit gegaan dat /etc/hosts.allow juist is - ingesteld, maar als dat niet zo is, dan zal &man.syslogd.8; dat - melden. + Om TCP Wrappers in te schakelen op + &os; moet worden gezorgd dat &man.inetd.8; wordt gestart + vanuit /etc/rc.conf met de + optie. Hierna moet een goed + geconfigureerde /etc/hosts.allow + worden gemaakt. In tegenstelling tot bij andere implementaties van @@ -1337,37 +1316,33 @@ Enter secret pass phrase: < daemons toegestaan of geweigerd afhankelijk van de opties in /etc/hosts.allow. De standaardinstelling in &os; is verbindingen toe te staan naar iedere daemon die met - inetd is gestart. Na de - basisinstelling wordt aangegeven hoe dit gewijzigd kan worden. + inetd is gestart. De basisinstelling heeft meestal de vorm - daemon : adres : actie. + daemon : adres : actie, daemon is de daemonnaam die - inetd heeft gestart. Het + inetd heeft gestart, het adres kan een geldige hostnaam, een IP-adres of een IPv6-adres tussen - blokhaken ([ ]) zijn. Het veld actie - kan allow of deny zijn, - afhankelijk van of toegang toegestaan of geweigerd moet worden. - De instellingen werken zo dat ze worden doorlopen van onder naar - boven om te kijken welke regel als eerste van toepassing is. - Als een regel van toepassing is gevonden, dan stop het + blokhaken ([ ]) zijn en het veld actie + kan allow of deny zijn. + TCP Wrappers gebruikt het + de-eerste-regel-die-overeenkomt semantiek, wat betekent dat het + configuratie bestand gelezen wordt in de aflopende volgorde om + een overeenkomende regel te vinden. Wanneer er een + overeenkomst is gevonden wordt de regel toegepast en stopt het zoekproces. - Er zijn nog andere mogelijkheden, maar die worden elders - toegelicht. Een eenvoudige instelling kan al van met deze - informatie worden gemaakt. Om bijvoorbeeld - POP3 verbindingen toe te staan via de - mail/qpopper daemon, - zouden de volgende instellingen moeten worden toegevoegd aan - hosts.allow: + Om bijvoorbeeld POP3 connecties toe te + staan naar de mail/qpopper daemon, moeten + de volgende regels toegevoegd worden aan het + /etc/hosts.allow bestand: # Deze regel is nodig voor POP3-verbindingen qpopper : ALL : allow - Nadat deze regel is toegevoegd moet - inetd herstart worden door gebruik te maken - van &man.service.8;: + Na het toevoegen van deze regel moet &man.inetd.8; + herstart worden: &prompt.root; service inetd restart @@ -1376,7 +1351,7 @@ qpopper : ALL : allow Gevorderde instellingen TCP Wrappers hebben ook gevorderde - instellingen. Daarmee komt meer controle over de wijze waarop + instellingen, waarmee er meer controle komt over de wijze waarop er met verbindingen wordt omgegaan. Soms is het een goed idee om commentaar te sturen naar bepaalde hosts of daemonverbindingen. In andere gevallen moet misschien iets @@ -1384,8 +1359,7 @@ qpopper : ALL : allow beheerder gestuurd worden. Dit kan allemaal met instellingen die wildcards, uitbreidingskarakters (expansion characters) en het uitvoeren van externe commando's - heten. De volgende twee paragrafen beschrijven deze - mogelijkheden. + heten. Externe commando's @@ -1393,12 +1367,11 @@ qpopper : ALL : allow Stel dat zich de situatie voordoet waar een verbinding geweigerd moet worden, maar er een reden gestuurd moet worden naar het individu dat die verbinding probeerde op te - zetten. Hoe gaat dat? Dat is mogelijk door gebruik te - maken van de optie . Als er een - poging tot verbinding wordt gedaan, wordt er met - een shellcommando of script - uitgevoerd. Er staat al een voorbeeld in - hosts.allow: + zetten. Deze actie is mogelijk door gebruik te maken van de + optie . Als er een poging tot + verbinding wordt gedaan, wordt er met + een shellcommando of script uitgevoerd. Er is een voorbeeld + aanwezig in hosts.allow: # De andere daemons zijn beschermd. ALL : ALL \ @@ -1409,12 +1382,12 @@ ALL : ALL \ not allowed to use daemon from hostname. wordt teruggestuurd voor iedere daemon die niet al is ingesteld in het - toegangsbestand. Het is erg handig om een antwoord terug + toegangsbestand. Het is handig om een antwoord terug te sturen naar degene die een verbinding op heeft willen zetten meteen nadat een tot stand gekomen verbinding is - verbroken. Let wel dat alle berichten die gezonden worden - moeten staan tussen " - karakters. Hier zijn geen uitzonderingen op. + verbroken. Elk bericht wat wordt teruggezonden + moet worden omsloten door quotes + (") karakters. Het is mogelijk een ontzegging van dienst aanval uit @@ -1423,10 +1396,10 @@ ALL : ALL \ verbindingen te maken. - Het is ook mogelijk hier de optie - te gebruiken. Net als weigert - de optie impliciet de verbinding en kan - het gebruikt worden om shellcommando's of scripts uit te + Het is ook mogelijk hier te + gebruiken. Net als weigert + de optie impliciet de verbinding en + kan het gebruikt worden om shellcommando's of scripts uit te voeren. Anders dan bij stuurt geen bericht aan degene die de verbinding wilde maken. Zie bijvoorbeeld de volgende @@ -1438,44 +1411,35 @@ ALL : .example.com \ /var/log/connections.log) \ : deny - Hiermee worden alle verbindingen van het domein - *.example.com geweigerd. - Tegelijkertijd worden ook hostnaam, IP - adres en de daemon waarmee verbinding werd gemaakt naar - /var/log/connections.log - geschreven. - - Naast de vervangingskarakters die al zijn toegelicht, - zoals %a, bestaan er nog een paar andere. - In de handleiding van &man.hosts.access.5; staat een volledige - lijst. + Hiermee worden alle verbindingen vanaf + *.example.com + geweigerd, en worden de hostname het IP + adres en de betrokken daemon gelogd in + /var/log/connections.log. + + Dit voorbeeld maakt gebruik van de vervangingstekens + %a en %h. Bekijk + &man.hosts.access.5; voor de volledige lijst tekens. Wildcardopties - Tot nu toe is in ieder voorbeeld ALL - gebruikt. Er bestaan nog andere opties waarmee de - mogelijkheden nog verder gaan. Zo kan ALL - gebruikt worden om van toepassing te zijn op iedere instantie - van een daemon, domein of een IP adres. - Een andere wildcard die gebruikt kan worden is - PARANOID. Daarmee wordt iedere host die - een IP-adres geeft dat gefingeerd kan zijn - aangeduid. Met andere woorden: PARANOID - kan gebruikt worden om een actie aan te geven als er een + De ALL optie kan worden gebruikt om + alle daemons, domeinen of IP adressen te + matchen. Een andere wildcard is PARANOID + welke gebruikt kan worden om elke host te matchen waarvan het + IP adres mogelijk gefingeerd is. + PARANOID kan bijvoorbeeld gebruikt worden + om een actie aan te geven als er een IP-adres gebruikt wordt dat verschilt van - de hostnaam. Het volgende voorbeeld kan wat verheldering - brengen: + de hostnaam. In dit voorbeeld zullen alle connectie verzoeken + naar &man.sendmail.8; welke een IP-adres + heeft dat afwijkt van de hostnaam worden geweigerd: # Weiger mogelijke gespoofte verzoeken aan sendmail: sendmail : PARANOID : deny - In het voorgaande voorbeeld worden alle - verbindingsverzoeken aan sendmail met een - IP-adres dat verschilt van de hostnaam - geweigerd. - Het gebruik van de wildcard PARANOID kan nogal wat schade aanrichten als de clint of de @@ -1495,17 +1459,30 @@ sendmail : PARANOID : deny - <application>Kerberos5</application> + + + <application>Kerberos5</application> + - TillmanHodgsonBijgedragen door + + + Tillman + Hodgson + + Bijgedragen door + - MarkMurrayGebaseerd op een bijdrage van + + + Mark + Murray + + Gebaseerd op een bijdrage van + - - Kerberos is een netwerkdienst, protocol en systeem waarmee gebruikers zich kunnen aanmelden met behulp van een dienst op een veilige server. Diensten als From owner-svn-doc-all@FreeBSD.ORG Fri Apr 25 17:52:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9D84F629; Fri, 25 Apr 2014 17:52:12 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7D55812B9; Fri, 25 Apr 2014 17:52:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3PHqCQO057097; Fri, 25 Apr 2014 17:52:12 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3PHqCYw057096; Fri, 25 Apr 2014 17:52:12 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404251752.s3PHqCYw057096@svn.freebsd.org> From: Dru Lavigne Date: Fri, 25 Apr 2014 17:52:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44665 - head/en_US.ISO8859-1/books/handbook/geom X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Apr 2014 17:52:12 -0000 Author: dru Date: Fri Apr 25 17:52:12 2014 New Revision: 44665 URL: http://svnweb.freebsd.org/changeset/doc/44665 Log: Editorial review of ggate chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Fri Apr 25 16:10:58 2014 (r44664) +++ head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Fri Apr 25 17:52:12 2014 (r44665) @@ -1330,48 +1330,69 @@ raid/r0 OPTIMAL ada0 (ACTIVE (ACTIVE)) - <acronym>GEOM</acronym> Gate Network Devices + <acronym>GEOM</acronym> Gate Network - GEOM supports the remote use of devices, - such as disks, CD-ROMs, and files through the use of the gate - utilities. This is similar to NFS. - - To begin, an exports file must be created. This file - specifies who is permitted to access the exported resources and - what level of access they are offered. For example, to export - the fourth slice on the first SCSI disk, the - following /etc/gg.exports is more than - adequate: - - 192.168.1.0/24 RW /dev/da0s4d - - This allows all hosts inside the specified private network - access to the file system on the da0s4d - partition. + GEOM provides a simple mechanism for + providing remote access to devices such as disks, + CDs, and file systems through the use + of the GEOM Gate network daemon, + ggated. The system with the device + runs the server daemon which handles requests made by clients + using ggatec. The devices should not + contain any sensitive data as the connection between the client + and the server is not encrypted. + + Similar to NFS, which is discussed in + , ggated + is configured using an exports file. This file + specifies which systems are permitted to access the exported resources and + what level of access they are offered. For example, to give + the client 192.168.1.5 read and write + access to the fourth slice on the first SCSI + disk, create /etc/gg.exports with this + line: - To export this device, ensure it is not currently mounted, - and start the &man.ggated.8; server daemon: + 192.168.1.5 RW /dev/da0s4d - &prompt.root; ggated + Before exporting the device, ensure it is not currently mounted. + Then, start ggated: - To mount the device on the client - machine, issue the following commands: + &prompt.root; ggated + + Several options are available for specifying an alternate + listening port or changing the default location of the exports + file. Refer to &man.ggated.8; for details. + + To access the exported device on the client + machine, first use ggatec to specify the + IP address of the server and the device name + of the exported device. If successful, this command will display + a ggate device name to mount. Mount that + specified device name on a free mount point. This example + connects to the /dev/da0s4d partition on + 192.168.1.1, then mounts + /dev/ggate0 on /mnt: &prompt.root; ggatec create -o rw 192.168.1.1 /dev/da0s4d ggate0 &prompt.root; mount /dev/ggate0 /mnt - The device may now be accessed through the - /mnt mount point. + The device on the server may now be accessed through + /mnt on the client. For more + details about ggatec and a few usage + examples, refer to &man.ggatec.8;. - However, this will fail if the device is currently mounted - on either the server machine or any other machine on the - network. + The mount will fail if the device is currently mounted + on either the server or any other client on the + network. If simultaneous access is needed to network + resources, use NFS instead. When the device is no longer needed, unmount it with - &man.umount.8;, similar to any other disk device. + umount so that the resource is available to + other clients. From owner-svn-doc-all@FreeBSD.ORG Fri Apr 25 18:20:43 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C9F2AEEB; Fri, 25 Apr 2014 18:20:43 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B55091607; Fri, 25 Apr 2014 18:20:43 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3PIKh8j067509; Fri, 25 Apr 2014 18:20:43 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3PIKhdR067508; Fri, 25 Apr 2014 18:20:43 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404251820.s3PIKhdR067508@svn.freebsd.org> From: Dru Lavigne Date: Fri, 25 Apr 2014 18:20:43 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44666 - head/en_US.ISO8859-1/books/handbook/geom X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Apr 2014 18:20:43 -0000 Author: dru Date: Fri Apr 25 18:20:43 2014 New Revision: 44666 URL: http://svnweb.freebsd.org/changeset/doc/44666 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Fri Apr 25 17:52:12 2014 (r44665) +++ head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Fri Apr 25 18:20:43 2014 (r44666) @@ -273,12 +273,12 @@ Done. replace the failed drive without user interruption. Two common situations are illustrated in these examples. - The first creates a mirror out of two new drives and uses it - as a replacement for an existing single drive. The second - example creates a mirror on a single new drive, copies the old - drive's data to it, then inserts the old drive into the - mirror. While this procedure is slightly more complicated, it - only requires one new drive. + The first creates a mirror out of two new drives and uses it as + a replacement for an existing single drive. The second example + creates a mirror on a single new drive, copies the old drive's + data to it, then inserts the old drive into the mirror. While + this procedure is slightly more complicated, it only requires + one new drive. Traditionally, the two drives in a mirror are identical in model and capacity, but &man.gmirror.8; does not require that. @@ -295,8 +295,8 @@ Done. - While dump is used in these procedures to copy file - systems, it does not work on file systems with + While dump is used in these procedures + to copy file systems, it does not work on file systems with soft updates journaling. See &man.tunefs.8; for information on detecting and disabling soft updates journaling. @@ -307,19 +307,20 @@ Done. Many disk systems store metadata at the end of each disk. Old metadata should be erased before reusing the disk for a mirror. Most problems are caused by two particular types of - leftover metadata: GPT partition tables and old - metadata from a previous mirror. + leftover metadata: GPT partition tables and + old metadata from a previous mirror. - GPT metadata can be erased with gpart. This - example erases both primary and backup GPT partition tables - from disk ada8: + GPT metadata can be erased with + gpart. This example erases both primary + and backup GPT partition tables from disk + ada8: &prompt.root; gpart destroy -F ada8 A disk can be removed from an active mirror and the - metadata erased in one step using gmirror. Here, the example disk - ada8 is removed from the active - mirror gm4: + metadata erased in one step using gmirror. + Here, the example disk ada8 is removed + from the active mirror gm4: &prompt.root; gmirror remove gm4 ada8 @@ -329,12 +330,15 @@ Done. &prompt.root; gmirror clear ada8 - When gmirror is used, one block of metadata is stored at the end of - the disk. Because GPT partition schemes also store metadata - at the end of the disk, mirroring entire GPT disks with - gmirror is not recommended. MBR partitioning is used - here because it only stores a partition table at the start of - the disk and does not conflict with gmirror. + When gmirror is used, one block of + metadata is stored at the end of the disk. Because + GPT partition schemes also store metadata + at the end of the disk, mirroring entire + GPT disks with gmirror + is not recommended. MBR partitioning is + used here because it only stores a partition table at the + start of the disk and does not conflict with + gmirror. @@ -342,15 +346,14 @@ Done. In this example, &os; has already been installed on a single disk, ada0. Two new disks, - ada1 and - ada2, have been connected to the - system. A new mirror will be created on these two disks and - used to replace the old single disk. - - The - geom_mirror.ko kernel module must either be built into the - kernel or loaded at boot- or run-time. Manually load the - kernel module now: + ada1 and ada2, have + been connected to the system. A new mirror will be created on + these two disks and used to replace the old single + disk. + + The geom_mirror.ko kernel module must + either be built into the kernel or loaded at boot- or + run-time. Manually load the kernel module now: &prompt.root; gmirror load @@ -358,15 +361,16 @@ Done. &prompt.root; gmirror label -v gm0 /dev/ada1 /dev/ada2 - In this example, gm0 is a user-chosen device name - assigned to the new mirror. After the mirror has been - started, this device name will appear in + In this example, gm0 is a user-chosen + device name assigned to the new mirror. After the mirror has + been started, this device name will appear in /dev/mirror/. - MBR and bsdlabel partition tables can now be created on - the mirror with gpart. This example uses a traditional - file system layout, with partitions for - /, swap, /var, + MBR and + bsdlabel partition tables can now + be created on the mirror with gpart. This + example uses a traditional file system layout, with partitions + for /, swap, /var, /tmp, and /usr. A single / file system and a swap partition will also work. @@ -400,8 +404,9 @@ Done. 18874370 137426928 6 freebsd-ufs (65G) 156301298 1 - free - (512B) - Make the mirror bootable by installing bootcode in the MBR - and bsdlabel and setting the active slice: + Make the mirror bootable by installing bootcode in the + MBR and bsdlabel and setting the active + slice: &prompt.root; gpart bootcode -b /boot/mbr mirror/gm0 &prompt.root; gpart set -a active -i 1 mirror/gm0 @@ -415,9 +420,9 @@ Done. &prompt.root; newfs -U /dev/mirror/gm0s1e &prompt.root; newfs -U /dev/mirror/gm0s1f - File systems from the original - ada0 disk can now be copied onto the - mirror with dump and restore. + File systems from the original ada0 + disk can now be copied onto the mirror with + dump and restore. &prompt.root; mount /dev/mirror/gm0s1a /mnt &prompt.root; dump -C16 -b64 -0aL -f - / | (cd /mnt && restore -rf -) @@ -428,8 +433,8 @@ Done. &prompt.root; dump -C16 -b64 -0aL -f - /tmp | (cd /mnt/tmp && restore -rf -) &prompt.root; dump -C16 -b64 -0aL -f - /usr | (cd /mnt/usr && restore -rf -) - Next, edit /mnt/etc/fstab to - point to the new mirror file systems: + Next, edit /mnt/etc/fstab to point to + the new mirror file systems: # Device Mountpoint FStype Options Dump Pass# /dev/mirror/gm0s1a / ufs rw 1 1 @@ -438,23 +443,23 @@ Done. /dev/mirror/gm0s1e /tmp ufs rw 2 2 /dev/mirror/gm0s1f /usr ufs rw 2 2 - If the geom_mirror.ko kernel module has not been built - into the kernel, /mnt/boot/loader.conf is - edited to load the module at boot: + If the geom_mirror.ko kernel module + has not been built into the kernel, + /mnt/boot/loader.conf is edited to load + the module at boot: geom_mirror_load="YES" Reboot the system to test the new mirror and verify that - all data has been copied. The BIOS will see the mirror as two - individual drives rather than a mirror. Because the drives - are identical, it does not matter which is selected to - boot. - - See - if there are problems booting. Powering down and - disconnecting the original ada0 disk - will allow it to be kept as an offline backup. + all data has been copied. The BIOS will + see the mirror as two individual drives rather than a mirror. + Because the drives are identical, it does not matter which is + selected to boot. + + See if there are + problems booting. Powering down and disconnecting the + original ada0 disk will allow it to be + kept as an offline backup. In use, the mirror will behave just like the original single drive. @@ -465,16 +470,17 @@ Done. In this example, &os; has already been installed on a single disk, ada0. A new disk, - ada1, has been connected to the - system. A one-disk mirror will be created on the new disk, - the existing system copied onto it, and then the old disk will - be inserted into the mirror. This slightly complex procedure - is required because gmirror needs to put a 512-byte - block of metadata at the end of each disk, and the existing - ada0 has usually had all of its space - already allocated. + ada1, has been connected to the system. + A one-disk mirror will be created on the new disk, the + existing system copied onto it, and then the old disk will be + inserted into the mirror. This slightly complex procedure is + required because gmirror needs to put a + 512-byte block of metadata at the end of each disk, and the + existing ada0 has usually had all of its + space already allocated. - Load the geom_mirror.ko kernel module: + Load the geom_mirror.ko kernel + module: &prompt.root; gmirror load @@ -488,15 +494,16 @@ Done. Create a mirror on the new disk. To make certain that the mirror capacity is not any larger than the original drive, - gnop is used to create a fake drive of the exact same - size. This drive does not store any data, but is used only to - limit the size of the mirror. When gmirror creates - the mirror, it will restrict the capacity to the size of + gnop is used to create a fake drive of the + exact same size. This drive does not store any data, but is + used only to limit the size of the mirror. When + gmirror creates the mirror, it will + restrict the capacity to the size of gzero.nop, even if the new drive (ada1) has more space. Note that the 1000204821504 in the second line - should be equal to ada0's media size - as shown by diskinfo above. + should be equal to ada0's media size as + shown by diskinfo above. &prompt.root; geom zero load &prompt.root; gnop create -s 1000204821504 gzero @@ -504,22 +511,22 @@ Done. &prompt.root; gmirror forget gm0 Since gzero.nop does not store any - data, the mirror does not see it as connected. The mirror - is told to forget unconnected components, - removing references to gzero.nop. - The result is a mirror device containing only a single disk, + data, the mirror does not see it as connected. The mirror is + told to forget unconnected components, removing + references to gzero.nop. The result is a + mirror device containing only a single disk, ada1. After creating gm0, view the - partition table on ada0. This output is from a 1 TB drive. If there is some - unallocated space at the end of the drive, the contents may be - copied directly from ada0 to the new - mirror. + partition table on ada0. This output is + from a 1 TB drive. If there is some unallocated space at + the end of the drive, the contents may be copied directly from + ada0 to the new mirror. However, if the output shows that all of the space on the disk is allocated, like in the following listing, there is no - space available for the 512-byte mirror metadata at - the end of the disk. + space available for the 512-byte mirror metadata at the end of + the disk. &prompt.root; gpart show ada0 => 63 1953525105 ada0 MBR (931G) @@ -527,8 +534,8 @@ Done. In this case, the partition table must be edited to reduce the capacity by one sector on - mirror/gm0. The procedure will - be explained later. + mirror/gm0. The procedure will be + explained later. In either case, partition tables on the primary disk should be first copied using gpart backup @@ -589,9 +596,8 @@ BSD 8 gm0s1a for /, gm0s1d for /var, gm0s1e for /usr, - gm0s1f for - /data1, and - gm0s1g for + gm0s1f for /data1, + and gm0s1g for /data2. &prompt.root; gpart show mirror/gm0 @@ -612,8 +618,8 @@ BSD 8 Both the slice and the last partition should have some free space at the end of each disk. - Create file systems on these new partitions. The - number of partitions will vary, matching the partitions on the + Create file systems on these new partitions. The number + of partitions will vary, matching the partitions on the original disk, ada0. &prompt.root; newfs -U /dev/mirror/gm0s1a @@ -622,16 +628,17 @@ BSD 8 &prompt.root; newfs -U /dev/mirror/gm0s1f &prompt.root; newfs -U /dev/mirror/gm0s1g - Make the mirror bootable by installing bootcode in the MBR - and bsdlabel and setting the active slice: + Make the mirror bootable by installing bootcode in the + MBR and bsdlabel and setting the active + slice: &prompt.root; gpart bootcode -b /boot/mbr mirror/gm0 &prompt.root; gpart set -a active -i 1 mirror/gm0 &prompt.root; gpart bootcode -b /boot/boot mirror/gm0s1 - Adjust /etc/fstab to use the - new partitions on the mirror. Back up this file first by - copying it to /etc/fstab.orig. + Adjust /etc/fstab to use the new + partitions on the mirror. Back up this file first by copying + it to /etc/fstab.orig. &prompt.root; cp /etc/fstab /etc/fstab.orig @@ -647,16 +654,17 @@ BSD 8 /dev/mirror/gm0s1f /data1 ufs rw 2 2 /dev/mirror/gm0s1g /data2 ufs rw 2 2 - If the geom_mirror.ko kernel module has not been built - into the kernel, edit /boot/loader.conf - to load it: + If the geom_mirror.ko kernel module + has not been built into the kernel, edit + /boot/loader.conf to load it: geom_mirror_load="YES" File systems from the original disk can now be copied onto - the mirror with dump and restore. Note that - it may take some time to create a snapshot for each file system - dumped with dump -L. + the mirror with dump and + restore. Note that it may take some time + to create a snapshot for each file system dumped with + dump -L. &prompt.root; mount /dev/mirror/gm0s1a /mnt &prompt.root; dump -C16 -b64 -0aL -f - / | (cd /mnt && restore -rf -) @@ -671,11 +679,10 @@ BSD 8 Restart the system, booting from ada1. If everything is working, the - system will boot from mirror/gm0, - which now contains the same data as - ada0 had previously. See - - if there are problems booting. + system will boot from mirror/gm0, which + now contains the same data as ada0 had + previously. See if + there are problems booting. At this point, the mirror still consists of only the single ada1 disk. @@ -691,18 +698,19 @@ BSD 8 mirror/gm0 has the same contents as ada0 before adding ada0 to the mirror. If there is - something wrong with the contents copied by dump and - restore, revert /etc/fstab to - mount the file systems on ada0, - reboot, and try the whole procedure again. + something wrong with the contents copied by + dump and restore, + revert /etc/fstab to mount the file + systems on ada0, reboot, and try the + whole procedure again. &prompt.root; gmirror insert gm0 ada0 GEOM_MIRROR: Device gm0: rebuilding provider ada0 Synchronization between the two disks will start - immediately. Use gmirror status - to view the progress. + immediately. Use gmirror status to view + the progress. &prompt.root; gmirror status Name Status Components @@ -717,10 +725,10 @@ mirror/gm0 DEGRADED ada1 (ACTIVE) mirror/gm0 COMPLETE ada1 (ACTIVE) ada0 (ACTIVE) - The mirror, mirror/gm0, now consists of - the two disks ada0 and - ada1, and the contents are - automatically synchronized with each other. In use, + The mirror, mirror/gm0, now consists + of the two disks ada0 and + ada1, and the contents are automatically + synchronized with each other. In use, mirror/gm0 will behave just like the original single drive. @@ -729,14 +737,14 @@ mirror/gm0 COMPLETE ada1 (ACTIVE) Troubleshooting If the system no longer boots, BIOS - settings may have to be changed to boot from one - of the new mirrored drives. Either mirror drive can be - used for booting, as they contain identical data. + settings may have to be changed to boot from one of the new + mirrored drives. Either mirror drive can be used for booting, + as they contain identical data. - If the boot stops with this message, something is - wrong with the mirror device: + If the boot stops with this message, something is wrong + with the mirror device: - Mounting from ufs:/dev/mirror/gm0s1a failed with error 19. + Mounting from ufs:/dev/mirror/gm0s1a failed with error 19. Loader variables: vfs.root.mountfrom=ufs:/dev/mirror/gm0s1a @@ -758,38 +766,35 @@ Manual root filesystem specification: mountroot> - Forgetting to load the - geom_mirror.ko module in - /boot/loader.conf can cause this - problem. To fix it, boot from a &os; 9.0 or later - installation media and choose Shell at - the first prompt. Then load the mirror module and mount - the mirror device: + Forgetting to load the geom_mirror.ko + module in /boot/loader.conf can cause + this problem. To fix it, boot from a &os; 9.0 or later + installation media and choose Shell at the + first prompt. Then load the mirror module and mount the + mirror device: - &prompt.root; gmirror load + &prompt.root; gmirror load &prompt.root; mount /dev/mirror/gm0s1a /mnt - Edit /mnt/boot/loader.conf, - adding a line to load the mirror module: + Edit /mnt/boot/loader.conf, adding a + line to load the mirror module: - geom_mirror_load="YES" + geom_mirror_load="YES" - Save the file and reboot. + Save the file and reboot. - Other problems that cause error 19 - require more effort to fix. Although the system should boot from - ada0, another prompt to select a - shell will appear if /etc/fstab is - incorrect. Enter - ufs:/dev/ada0s1a at the boot loader - prompt and press Enter. Undo the - edits in - /etc/fstab then mount the file systems from - the original disk (ada0) instead - of the mirror. Reboot the system and try the procedure - again. + Other problems that cause error 19 + require more effort to fix. Although the system should boot + from ada0, another prompt to select a + shell will appear if /etc/fstab is + incorrect. Enter ufs:/dev/ada0s1a at the + boot loader prompt and press Enter. Undo the + edits in /etc/fstab then mount the file + systems from the original disk (ada0) + instead of the mirror. Reboot the system and try the + procedure again. - Enter full pathname of shell or RETURN for /bin/sh: + Enter full pathname of shell or RETURN for /bin/sh: &prompt.root; cp /etc/fstab.orig /etc/fstab &prompt.root; reboot @@ -799,9 +804,9 @@ mountroot> The benefit of disk mirroring is that an individual disk can fail without causing the mirror to lose any data. In the - above example, if ada0 fails, the - mirror will continue to work, providing data from the - remaining working drive, ada1. + above example, if ada0 fails, the mirror + will continue to work, providing data from the remaining + working drive, ada1. To replace the failed drive, shut down the system and physically replace the failed drive with a new drive of equal @@ -819,8 +824,9 @@ mountroot> &prompt.root; gmirror forget gm0 - Any old metadata should be cleared from the replacement disk using the instructions in - . Then the disk, + Any old metadata should be cleared from the replacement + disk using the instructions in . Then the disk, ada4 for this example, is inserted into the mirror: @@ -895,31 +901,31 @@ mountroot> In a RAID3 system, data is split up into a number of bytes that are written across all the drives in the array except for one disk which acts as a dedicated parity disk. - This means that disk reads from a - RAID3 implementation access all disks in - the array. Performance can be enhanced by using multiple disk - controllers. The RAID3 array provides a - fault tolerance of 1 drive, while providing a capacity of 1 - - 1/n times the total capacity of all drives in the array, where n - is the number of hard drives in the array. Such a configuration - is mostly suitable for storing data of larger sizes such as - multimedia files. + This means that disk reads from a RAID3 + implementation access all disks in the array. Performance can + be enhanced by using multiple disk controllers. The + RAID3 array provides a fault tolerance of 1 + drive, while providing a capacity of 1 - 1/n times the total + capacity of all drives in the array, where n is the number of + hard drives in the array. Such a configuration is mostly + suitable for storing data of larger sizes such as multimedia + files. At least 3 physical hard drives are required to build a RAID3 array. Each disk must be of the same - size, since I/O requests are interleaved to read or write to - multiple disks in parallel. Also, due to the nature of - RAID3, the number of drives must be + size, since I/O requests are interleaved to + read or write to multiple disks in parallel. Also, due to the + nature of RAID3, the number of drives must be equal to 3, 5, 9, 17, and so on, or 2^n + 1. - + This section demonstrates how to create a software RAID3 on a &os; system. - - While it is theoretically possible to boot from a - RAID3 array on &os;, that configuration - is uncommon and is not advised. - + + While it is theoretically possible to boot from a + RAID3 array on &os;, that configuration is + uncommon and is not advised. + Creating a Dedicated <acronym>RAID</acronym>3 @@ -927,14 +933,14 @@ mountroot></screen> <para>In &os;, support for <acronym>RAID</acronym>3 is implemented by the &man.graid3.8; <acronym>GEOM</acronym> - class. Creating a dedicated - <acronym>RAID</acronym>3 array on &os; requires the following - steps.</para> + class. Creating a dedicated <acronym>RAID</acronym>3 array on + &os; requires the following steps.</para> <procedure> <step> <para>First, load the <filename>geom_raid3.ko</filename> - kernel module by issuing one of the following commands:</para> + kernel module by issuing one of the following + commands:</para> <screen>&prompt.root; <userinput>graid3 load</userinput></screen> @@ -944,9 +950,9 @@ mountroot></screen> </step> <step> - <para>Ensure that a suitable mount point - exists. This command creates a new directory to use as - the mount point:</para> + <para>Ensure that a suitable mount point exists. This + command creates a new directory to use as the mount + point:</para> <screen>&prompt.root; <userinput>mkdir <replaceable>/multimedia</replaceable></userinput></screen> </step> @@ -955,15 +961,13 @@ mountroot></screen> <para>Determine the device names for the disks which will be added to the array, and create the new <acronym>RAID</acronym>3 device. The final device listed - will act as the dedicated parity disk. This - example uses three unpartitioned - <acronym>ATA</acronym> drives: - <filename><replaceable>ada1</replaceable></filename> - and - <filename><replaceable>ada2</replaceable></filename> - for data, and - <filename><replaceable>ada3</replaceable></filename> - for parity.</para> + will act as the dedicated parity disk. This example uses + three unpartitioned <acronym>ATA</acronym> drives: + <filename><replaceable>ada1</replaceable></filename> and + <filename><replaceable>ada2</replaceable></filename> for + data, and + <filename><replaceable>ada3</replaceable></filename> for + parity.</para> <screen>&prompt.root; <userinput>graid3 label -v gr0 /dev/ada1 /dev/ada2 /dev/ada3</userinput> Metadata value stored on /dev/ada1. @@ -973,9 +977,9 @@ Done.</screen> </step> <step> - <para>Partition the newly created - <filename>gr0</filename> device and put a <acronym>UFS</acronym> file - system on it:</para> + <para>Partition the newly created <filename>gr0</filename> + device and put a <acronym>UFS</acronym> file system on + it:</para> <screen>&prompt.root; <userinput>gpart create -s GPT /dev/raid3/gr0</userinput> &prompt.root; <userinput>gpart add -t freebsd-ufs /dev/raid3/gr0</userinput> @@ -992,8 +996,8 @@ Done.</screen> </step> </procedure> - <para>Additional configuration is needed to retain this - setup across system reboots.</para> + <para>Additional configuration is needed to retain this setup + across system reboots.</para> <procedure> <step> @@ -1009,8 +1013,8 @@ Done.</screen> <step> <para>The following volume information must be added to <filename>/etc/fstab</filename> in order to - automatically mount the array's file system during - the system boot process:</para> + automatically mount the array's file system during the + system boot process:</para> <programlisting>/dev/raid3/gr0p1 /multimedia ufs rw 2 2</programlisting> </step> @@ -1107,16 +1111,16 @@ raid/r0 OPTIMAL ada0 (ACTIVE (ACTIVE)) <para>The array device appears in <filename>/dev/raid/</filename>. The first array is called - <filename>r0</filename>. Additional arrays, if present, - will be <filename>r1</filename>, - <filename>r2</filename>, and so on.</para> + <filename>r0</filename>. Additional arrays, if present, will + be <filename>r1</filename>, <filename>r2</filename>, and so + on.</para> <para>The <acronym>BIOS</acronym> menu on some of these devices can create arrays with special characters in their names. To avoid problems with those special characters, arrays are given - simple numbered names like <filename>r0</filename>. To - show the actual labels, like <filename>gm0</filename> in - the example above, use &man.sysctl.8;:</para> + simple numbered names like <filename>r0</filename>. To show + the actual labels, like <filename>gm0</filename> in the + example above, use &man.sysctl.8;:</para> <screen>&prompt.root; <userinput>sysctl kern.geom.raid.name_format=1</userinput></screen> </sect2> @@ -1334,8 +1338,8 @@ raid/r0 OPTIMAL ada0 (ACTIVE (ACTIVE)) <para><acronym>GEOM</acronym> provides a simple mechanism for providing remote access to devices such as disks, - <acronym>CD</acronym>s, and file systems through the use - of the <acronym>GEOM</acronym> Gate network daemon, + <acronym>CD</acronym>s, and file systems through the use of the + <acronym>GEOM</acronym> Gate network daemon, <application>ggated</application>. The system with the device runs the server daemon which handles requests made by clients using <application>ggatec</application>. The devices should not @@ -1344,50 +1348,50 @@ raid/r0 OPTIMAL ada0 (ACTIVE (ACTIVE)) <para>Similar to <acronym>NFS</acronym>, which is discussed in <xref linkend="network-nfs"/>, <application>ggated</application> - is configured using an exports file. This file - specifies which systems are permitted to access the exported resources and - what level of access they are offered. For example, to give - the client <systemitem - class="ipaddress">192.168.1.5</systemitem> read and write - access to the fourth slice on the first <acronym>SCSI</acronym> - disk, create <filename>/etc/gg.exports</filename> with this - line:</para> + is configured using an exports file. This file specifies which + systems are permitted to access the exported resources and what + level of access they are offered. For example, to give the + client <systemitem class="ipaddress">192.168.1.5</systemitem> + read and write access to the fourth slice on the first + <acronym>SCSI</acronym> disk, create + <filename>/etc/gg.exports</filename> with this line:</para> <programlisting>192.168.1.5 RW /dev/da0s4d</programlisting> - <para>Before exporting the device, ensure it is not currently mounted. - Then, start <application>ggated</application>:</para> + <para>Before exporting the device, ensure it is not currently + mounted. Then, start <application>ggated</application>:</para> <screen>&prompt.root; <userinput>ggated</userinput></screen> - + <para>Several options are available for specifying an alternate listening port or changing the default location of the exports file. Refer to &man.ggated.8; for details.</para> - <para>To access the exported device on the client - machine, first use <command>ggatec</command> to specify the + <para>To access the exported device on the client machine, first + use <command>ggatec</command> to specify the <acronym>IP</acronym> address of the server and the device name - of the exported device. If successful, this command will display - a <literal>ggate</literal> device name to mount. Mount that - specified device name on a free mount point. This example + of the exported device. If successful, this command will + display a <literal>ggate</literal> device name to mount. Mount + that specified device name on a free mount point. This example connects to the <filename>/dev/da0s4d</filename> partition on <literal>192.168.1.1</literal>, then mounts - <filename>/dev/ggate0</filename> on <filename>/mnt</filename>:</para> + <filename>/dev/ggate0</filename> on + <filename>/mnt</filename>:</para> <screen>&prompt.root; <userinput>ggatec create -o rw 192.168.1.1 /dev/da0s4d</userinput> ggate0 &prompt.root; <userinput>mount /dev/ggate0 /mnt</userinput></screen> <para>The device on the server may now be accessed through - <filename>/mnt</filename> on the client. For more - details about <command>ggatec</command> and a few usage - examples, refer to &man.ggatec.8;.</para> + <filename>/mnt</filename> on the client. For more details about + <command>ggatec</command> and a few usage examples, refer to + &man.ggatec.8;.</para> <note> - <para>The mount will fail if the device is currently mounted - on either the server or any other client on the - network. If simultaneous access is needed to network - resources, use <acronym>NFS</acronym> instead.</para> + <para>The mount will fail if the device is currently mounted on + either the server or any other client on the network. If + simultaneous access is needed to network resources, use + <acronym>NFS</acronym> instead.</para> </note> <para>When the device is no longer needed, unmount it with From owner-svn-doc-all@FreeBSD.ORG Sat Apr 26 07:58:32 2014 Return-Path: <owner-svn-doc-all@FreeBSD.ORG> Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9B84B2BD; Sat, 26 Apr 2014 07:58:32 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7BAAE107B; Sat, 26 Apr 2014 07:58:32 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3Q7wWhE015056; Sat, 26 Apr 2014 07:58:32 GMT (envelope-from pi@svn.freebsd.org) Received: (from pi@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3Q7wVp6015050; Sat, 26 Apr 2014 07:58:31 GMT (envelope-from pi@svn.freebsd.org) Message-Id: <201404260758.s3Q7wVp6015050@svn.freebsd.org> From: Kurt Jaeger <pi@FreeBSD.org> Date: Sat, 26 Apr 2014 07:58:31 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44667 - in head/share: pgpkeys xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" <svn-doc-all.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/svn-doc-all/> List-Post: <mailto:svn-doc-all@freebsd.org> List-Help: <mailto:svn-doc-all-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=subscribe> X-List-Received-Date: Sat, 26 Apr 2014 07:58:32 -0000 Author: pi (ports committer) Date: Sat Apr 26 07:58:31 2014 New Revision: 44667 URL: http://svnweb.freebsd.org/changeset/doc/44667 Log: - Add news about new committer - add pgp key Added: head/share/pgpkeys/pi.key (contents, props changed) Modified: head/share/pgpkeys/pgpkeys-developers.xml head/share/pgpkeys/pgpkeys.ent head/share/xml/news.xml Modified: head/share/pgpkeys/pgpkeys-developers.xml ============================================================================== --- head/share/pgpkeys/pgpkeys-developers.xml Fri Apr 25 18:20:43 2014 (r44666) +++ head/share/pgpkeys/pgpkeys-developers.xml Sat Apr 26 07:58:31 2014 (r44667) @@ -801,6 +801,11 @@ &pgpkey.versus; </sect2> + <sect2 xmlns="http://docbook.org/ns/docbook" xml:id="pgpkey-pi"> + <title>&a.pi.email; + &pgpkey.pi; + + &a.weongyo.email; &pgpkey.weongyo; Modified: head/share/pgpkeys/pgpkeys.ent ============================================================================== --- head/share/pgpkeys/pgpkeys.ent Fri Apr 25 18:20:43 2014 (r44666) +++ head/share/pgpkeys/pgpkeys.ent Sat Apr 26 07:58:31 2014 (r44667) @@ -329,6 +329,7 @@ + Added: head/share/pgpkeys/pi.key ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/pgpkeys/pi.key Sat Apr 26 07:58:31 2014 (r44667) @@ -0,0 +1,64 @@ + + + +sub 4096R/2FC3A793B283D724 2014-04-24 [expires: 2016-04-23] + +]]> + Modified: head/share/xml/news.xml ============================================================================== --- head/share/xml/news.xml Fri Apr 25 18:20:43 2014 (r44666) +++ head/share/xml/news.xml Sat Apr 26 07:58:31 2014 (r44667) @@ -34,6 +34,14 @@ 4 + 24 + +

            New committer: + Kurt Jaeger (ports)

            +             +             + + 17 From owner-svn-doc-all@FreeBSD.ORG Sat Apr 26 14:24:14 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7B984822; Sat, 26 Apr 2014 14:24:14 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 67CDE117D; Sat, 26 Apr 2014 14:24:14 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3QEOEYo074788; Sat, 26 Apr 2014 14:24:14 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3QEOEtj074787; Sat, 26 Apr 2014 14:24:14 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201404261424.s3QEOEtj074787@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sat, 26 Apr 2014 14:24:14 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44668 - head/ja_JP.eucJP/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Apr 2014 14:24:14 -0000 Author: ryusuke Date: Sat Apr 26 14:24:13 2014 New Revision: 44668 URL: http://svnweb.freebsd.org/changeset/doc/44668 Log: - Merge the following from the English version: r44598 -> r44667 head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml ============================================================================== --- head/ja_JP.eucJP/share/xml/news.xml Sat Apr 26 07:58:31 2014 (r44667) +++ head/ja_JP.eucJP/share/xml/news.xml Sat Apr 26 14:24:13 2014 (r44668) @@ -20,7 +20,7 @@ the contents of will be preferred over <p>. $FreeBSD$ - Original revision: r44598 + Original revision: r44667 --> <news> <cvs:keyword xmlns:cvs="http://www.FreeBSD.org/XML/CVS"> @@ -34,6 +34,14 @@ <name>4</name> <day> + <name>24</name> + <event> + <p>新コミッタ就任: + <a href="mailto:pi@FreeBSD.org">Kurt Jaeger</a> (ports)</p> + </event> + </day> + + <day> <name>17</name> <event> From owner-svn-doc-all@FreeBSD.ORG Sat Apr 26 15:03:26 2014 Return-Path: <owner-svn-doc-all@FreeBSD.ORG> Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C997B705; Sat, 26 Apr 2014 15:03:26 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B5A5A14AE; Sat, 26 Apr 2014 15:03:26 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3QF3Q62091648; Sat, 26 Apr 2014 15:03:26 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3QF3Qie091647; Sat, 26 Apr 2014 15:03:26 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201404261503.s3QF3Qie091647@svn.freebsd.org> From: Ryusuke SUZUKI <ryusuke@FreeBSD.org> Date: Sat, 26 Apr 2014 15:03:26 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44669 - head/en_US.ISO8859-1/books/handbook/ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" <svn-doc-all.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/svn-doc-all/> List-Post: <mailto:svn-doc-all@freebsd.org> List-Help: <mailto:svn-doc-all-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=subscribe> X-List-Received-Date: Sat, 26 Apr 2014 15:03:26 -0000 Author: ryusuke Date: Sat Apr 26 15:03:26 2014 New Revision: 44669 URL: http://svnweb.freebsd.org/changeset/doc/44669 Log: o Use use -> Use Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Sat Apr 26 14:24:13 2014 (r44668) +++ head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Sat Apr 26 15:03:26 2014 (r44669) @@ -1751,8 +1751,7 @@ ports-mgmt/pkg </listitem> <listitem> - <para>Use - use <command>pkg info</command> to determine which files, + <para>Use <command>pkg info</command> to determine which files, man pages, and binaries were installed with the application.</para> </listitem> From owner-svn-doc-all@FreeBSD.ORG Sat Apr 26 15:14:56 2014 Return-Path: <owner-svn-doc-all@FreeBSD.ORG> Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CD71B8B5; Sat, 26 Apr 2014 15:14:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AE34F15AA; Sat, 26 Apr 2014 15:14:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3QFEuun095784; Sat, 26 Apr 2014 15:14:56 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3QFEu0P095783; Sat, 26 Apr 2014 15:14:56 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201404261514.s3QFEu0P095783@svn.freebsd.org> From: Ryusuke SUZUKI <ryusuke@FreeBSD.org> Date: Sat, 26 Apr 2014 15:14:56 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44670 - head/ja_JP.eucJP/books/handbook/ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" <svn-doc-all.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/svn-doc-all/> List-Post: <mailto:svn-doc-all@freebsd.org> List-Help: <mailto:svn-doc-all-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=subscribe> X-List-Received-Date: Sat, 26 Apr 2014 15:14:56 -0000 Author: ryusuke Date: Sat Apr 26 15:14:56 2014 New Revision: 44670 URL: http://svnweb.freebsd.org/changeset/doc/44670 Log: - Merge the following from the English version: r42919 -> r43747 head/ja_JP.eucJP/books/handbook/ports/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/ports/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/ports/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/ports/chapter.xml Sat Apr 26 15:03:26 2014 (r44669) +++ head/ja_JP.eucJP/books/handbook/ports/chapter.xml Sat Apr 26 15:14:56 2014 (r44670) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r42919 + Original revision: r43747 $FreeBSD$ --> <chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="ports"> @@ -34,11 +34,6 @@ </listitem> <listitem> - <para>伝統的な package システムによってバイナリ package - を管理する方法</para> - </listitem> - - <listitem> <para><application>pkgng</application> を用いてバイナリ package を管理する方法</para> </listitem> @@ -105,13 +100,9 @@ この文書を書いている時点では、&os.numports; を越えるサードパーティ製アプリケーションが利用可能です。</para> - <para>&os; は、あなたのかわりにこれらのインストールの手順を実行してくれる - 2 つの技術を提供しています。</para> - <para>&os; の package は、コンパイル済みのアプリケーションの全コマンド、 各種設定ファイルやドキュメントを含んでいます。 - &os; に用意されている &man.pkg.add.1; といった伝統的な package - 管理コマンド、または新しい <application>pkgng</application> + <application>pkgng</application> コマンドでは、<command>pkg install</command> といったコマンドで、 package を扱うことができます。</para> @@ -348,13 +339,13 @@ Info: Lists information about open fil </itemizedlist> </sect1> + <!-- <sect1 xml:id="packages-using"> -<!-- <info><title>バイナリ packages の利用 + バイナリ packages の利用 ChernLee寄稿: - - --> + バイナリ packages の利用 @@ -582,6 +573,7 @@ docbook = で始まるすべての packages が削除されます。             + --> <application>pkgng</application> によるバイナリ @@ -605,7 +597,7 @@ docbook = <sect2 xml:id="pkgng-initial-setup"> <title><application>pkgng</application> 入門 - &os; 9.1 以降では、 + &os; 8.4 以降では、 pkgng とマニュアルページをダウンロードし、 インストールするためのブートストラップユーティリティが用意されています。 @@ -997,7 +989,7 @@ Deinstalling ca_root_nss-3.15.1_1... don ports ツリーがなければ、package から Subversion をインストールできます。 - &prompt.root; pkg_add -r subversion + &prompt.root; pkg install subversion package の管理に pkgng を使っているのであれば、代わりに以下のようにして @@ -1338,12 +1330,8 @@ Deinstalling ca_root_nss-3.15.1_1... don インストールされた ports は、 - &man.pkg.delete.1; コマンドで削除できます。 - &os; システムが pkg - を使うように設定されているのであれば、 - pkg delete を使って port を削除してください。 - これらのコマンドの使用例は、 および pkg delete コマンドで削除できます。 + このコマンドの使用例は、 にあります。 あるいは、port のディレクトリにて @@ -1693,11 +1681,9 @@ The deinstallation will free 229 kB - 伝統的な package システムを使用しているシステムでは、 - &man.pkg.info.1; を使って、インストールされたファイル、 - マニュアルページ、およびバイナリを調べることができます。 - pkgng を使用しているシステムでは、 - かわりに pkg info を使ってください。 + pkg info + を使って、アプリケーションと共にインストールされたファイル、 + マニュアルページ、およびバイナリを調べることができます。 @@ -1761,8 +1747,7 @@ The deinstallation will free 229 kB - または に書かれている手順にしたがって、 + に書かれている手順にしたがって、 package をインストールしてください。 From owner-svn-doc-all@FreeBSD.ORG Sun Apr 27 13:57:31 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 832826CF; Sun, 27 Apr 2014 13:57:31 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 568961699; Sun, 27 Apr 2014 13:57:31 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3RDvVn9063002; Sun, 27 Apr 2014 13:57:31 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3RDvVSp063001; Sun, 27 Apr 2014 13:57:31 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201404271357.s3RDvVSp063001@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sun, 27 Apr 2014 13:57:31 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44671 - head/ja_JP.eucJP/books/handbook/ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Apr 2014 13:57:31 -0000 Author: ryusuke Date: Sun Apr 27 13:57:30 2014 New Revision: 44671 URL: http://svnweb.freebsd.org/changeset/doc/44671 Log: - Merge the following from the English version: r43747 -> r43775 head/ja_JP.eucJP/books/handbook/ports/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/ports/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/ports/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/ports/chapter.xml Sat Apr 26 15:14:56 2014 (r44670) +++ head/ja_JP.eucJP/books/handbook/ports/chapter.xml Sun Apr 27 13:57:30 2014 (r44671) @@ -930,14 +930,20 @@ Deinstalling ca_root_nss-3.15.1_1... don Portsnap を利用する方法 - Portsnap は Ports Collection + &os; のベースシステムには、Portsnap + が含まれています。 + これはは Ports Collection を取得するための速くて使いやすく、 - 多くのユーザに推奨されるツールです。 + 多くのユーザに推奨されるツールです。 + このユーティリティは、&os; のサイトに接続し、セキュリティキーを検証し、 + Ports Collection の最新版をダウンロードします。 + セキュリティキーは、 + ダウンロードしたすべてのファイルの検証に用いられます。 圧縮された Ports Collection のスナップショットを /var/db/portsnap - にダウンロードしてください。 + にダウンロードするには以下を実行してください。 &prompt.root; portsnap fetch @@ -959,6 +965,12 @@ Deinstalling ca_root_nss-3.15.1_1... don &prompt.root; portsnap fetch &prompt.root; portsnap update + + fetch を使う場合には、以下のよう + extract または update + を連続して行うことができます。 + + &prompt.root; portsnap fetch update From owner-svn-doc-all@FreeBSD.ORG Sun Apr 27 14:09:45 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6682B807; Sun, 27 Apr 2014 14:09:45 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3877D177D; Sun, 27 Apr 2014 14:09:45 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3RE9jGL067354; Sun, 27 Apr 2014 14:09:45 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3RE9jSu067353; Sun, 27 Apr 2014 14:09:45 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201404271409.s3RE9jSu067353@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sun, 27 Apr 2014 14:09:45 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44672 - head/ja_JP.eucJP/books/handbook/ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Apr 2014 14:09:45 -0000 Author: ryusuke Date: Sun Apr 27 14:09:44 2014 New Revision: 44672 URL: http://svnweb.freebsd.org/changeset/doc/44672 Log: - Merge the following from the English version: r43775 -> r43886 head/ja_JP.eucJP/books/handbook/ports/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/ports/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/ports/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/ports/chapter.xml Sun Apr 27 13:57:30 2014 (r44671) +++ head/ja_JP.eucJP/books/handbook/ports/chapter.xml Sun Apr 27 14:09:44 2014 (r44672) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43747 + Original revision: r43886 $FreeBSD$ --> @@ -998,13 +998,9 @@ Deinstalling ca_root_nss-3.15.1_1... don &prompt.root; cd /usr/ports/devel/subversion &prompt.root; make install clean - ports ツリーがなければ、package から - Subversion をインストールできます。 - - &prompt.root; pkg install subversion - - package の管理に pkgng - を使っているのであれば、代わりに以下のようにして + ports ツリーが利用できない場合や、 + package の管理に pkgng + を使っているのであれば、package から Subversion をインストールできます。 &prompt.root; pkg install subversion @@ -1019,7 +1015,7 @@ Deinstalling ca_root_nss-3.15.1_1... don ミラー の中から地理的に近い場所にあるミラーに置き換えてください。 - &prompt.root; svn checkout https://svn0.us-east.FreeBSD.org/ports/head /usr/ports + &prompt.root; svn checkout https://svn0.us-east.FreeBSD.org/ports/head /usr/ports From owner-svn-doc-all@FreeBSD.ORG Mon Apr 28 16:19:09 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A3D39190; Mon, 28 Apr 2014 16:19:09 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 840AF11BE; Mon, 28 Apr 2014 16:19:09 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3SGJ9Lw020277; Mon, 28 Apr 2014 16:19:09 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3SGJ9or020276; Mon, 28 Apr 2014 16:19:09 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404281619.s3SGJ9or020276@svn.freebsd.org> From: Dru Lavigne Date: Mon, 28 Apr 2014 16:19:09 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44673 - head/en_US.ISO8859-1/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Apr 2014 16:19:09 -0000 Author: dru Date: Mon Apr 28 16:19:09 2014 New Revision: 44673 URL: http://svnweb.freebsd.org/changeset/doc/44673 Log: Editorial review of section on Updating the Documentation Set. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Sun Apr 27 14:09:44 2014 (r44672) +++ head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Mon Apr 28 16:19:09 2014 (r44673) @@ -716,93 +716,39 @@ before running "/usr/sbin/freebsd-update Documentation is an integral part of the &os; operating - system. While an up-to-date version of the &os; Documentation - Set is always available on the - &os; web - site, some users might have slow or no permanent - network connectivity. There are several ways to update the - local copy of documentation with the latest &os; Documentation - Set. - - - Using <application>Subversion</application> to Update the - Documentation - - The &os; documentation sources can be obtained with - svn. This section - describes how to: + system. While an up-to-date version of the &os; documentation + is always available on the &os; web site + (http://www.freebsd.org/doc/), + it can be handy to have an up-to-date, local copy of the &os; + website, handbooks, FAQ, and articles. + + This section describes how to use either source or the &os; + Ports Collection to keep a local copy of the &os; documentation + up-to-date. - - - Install the documentation toolchain, the tools that - are required to rebuild the &os; documentation from its - source. - - - - Download a copy of the documentation source at - /usr/doc, using - svn. - - - - Rebuild the &os; documentation from its source, and - install it under - /usr/share/doc. - - - - Recognize some of the build options that are - supported by the build system of the documentation, such - as the options that build only some of the different - language translations of the documentation or the options - that select a specific output format. - - - + For information on editing and submitting corrections to + the documentation, refer to the &os; Documentation + Project Primer for New Contributors + (http://www.freebsd.org/doc/en_US.ISO8859-1/books/fdp-primer/). - - Installing <application>svn</application> and the - Documentation Toolchain + + Updating Documentation from Source Rebuilding the &os; documentation from source requires a - collection of tools which are not part of the &os; base system - due to the amount of disk space these tools use. They are - also not useful to all &os; users, only those users that are - actively writing new documentation for &os; or are frequently - updating their documentation from source. - - The required tools, including - svn, are available in the - textproc/docproj meta-port + collection of tools which are not part of the &os; base system. + The required tools, including + svn, can be installed from the + textproc/docproj package or port developed by the &os; Documentation Project. - - When no &postscript; or PDF documentation required, one - might consider installing the - textproc/docproj-nojadetex port instead. - This version of the documentation toolchain includes - everything except the teTeX - typesetting engine. teTeX is a - very large collection of tools, so it may be quite sensible - to omit its installation if PDF output is not really - necessary. - - - - - Updating the Documentation Sources - - In this example, svn is used to - fetch a clean copy of the documentation sources from the - western US mirror using the HTTPS protocol: + Once installed, use svn to + fetch a clean copy of the documentation source. Replace + https://svn0.us-west.FreeBSD.org + with the address of the closest geographic mirror from + : &prompt.root; svn checkout https://svn0.us-west.FreeBSD.org/doc/head /usr/doc - Select the closest mirror from the available - Subversion mirror - sites. - The initial download of the documentation sources may take a while. Let it run until it completes. @@ -811,24 +757,42 @@ before running "/usr/sbin/freebsd-update &prompt.root; svn update /usr/doc - After checking out the sources, an alternative way of - updating the documentation is supported by the - /usr/doc/Makefile by running the - following commands: + Once an up-to-date snapshot of the documentation sources + has been fetched to /usr/doc, everything + is ready for an update of the installed documentation. + + A full update of all available languages may be performed + by typing: &prompt.root; cd /usr/doc -&prompt.root; make update - +&prompt.root; make install clean - - Tunable Options of the Documentation Sources + If an update of only a specific language is desired, + make can be invoked in a language-specific + subdirectory of + /usr/doc: + + &prompt.root; cd /usr/doc/en_US.ISO8859-1 +&prompt.root; make install clean + + An alternative way of + updating the documentation is to run this + command from /usr/doc or + the desired language-specific subdirectory: + + &prompt.root; make update - The updating and build system of the &os; documentation - set supports a few options that ease the process of updating + The output formats that will be installed may be specified + by setting FORMATS: + + &prompt.root; cd /usr/doc +&prompt.root; make FORMATS='html html-split' install clean + + Several options are available to ease the process of updating only parts of the documentation, or the build of specific translations. These options can be set either as system-wide options in /etc/make.conf, or as - command-line options passed to &man.make.1;. + command-line options passed to make. The options include: @@ -850,8 +814,8 @@ before running "/usr/sbin/freebsd-update A single format or a list of output formats to be built. Currently, html, html-split, txt, - ps, pdf, - and rtf are supported. + ps, and pdf + are supported. @@ -868,50 +832,11 @@ before running "/usr/sbin/freebsd-update For more make variables supported as system-wide options in &os;, refer to &man.make.conf.5;. - - For more make variables supported by - the build system of the &os; documentation, refer to the - &os; - Documentation Project Primer for New - Contributors. - - - - Installing the &os; Documentation from Source - - Once an up-to-date snapshot of the documentation sources - has been fetched to /usr/doc, everything - is ready for an update of the installed documentation. - - A full update of all the languages defined in - DOC_LANG may be performed by typing: - - &prompt.root; cd /usr/doc -&prompt.root; make install clean - - If an update of only a specific language is desired, - &man.make.1; can be invoked in a language specific - subdirectory of - /usr/doc: - - &prompt.root; cd /usr/doc/en_US.ISO8859-1 -&prompt.root; make update install clean - - The output formats that will be installed may be specified - by setting FORMATS: - - &prompt.root; cd /usr/doc -&prompt.root; make FORMATS='html html-split' install clean - - For information on editing and submitting corrections to - the documentation, refer to the - &os; Documentation - Project Primer for New Contributors. - + - Using Documentation Ports + Updating Documentation from Ports @@ -934,95 +859,89 @@ before running "/usr/sbin/freebsd-update The previous section presented a method for updating the - &os; documentation from sources. Source based updates may not - be feasible or practical for all &os; systems as building the - documentation sources requires the documentation - toolchain, a certain level of familiarity with - svn and source checkouts from a - repository, and a few manual steps to build the checked out - sources. This section describes an alternative method which + &os; documentation from sources. This section describes an alternative method which uses the Ports Collection and makes it possible to: - Download and install pre-built snapshots of the + Install pre-built packages of the documentation, without having to locally build anything or install the documentation toolchain. - Download the documentation sources and build them + Build the documentation sources through the ports framework, making the checkout and build steps a bit easier. - These two methods of updating the &os; documentation are + This method of updating the &os; documentation is supported by a set of - documentation ports, updated by the + documentation ports and packages which are updated by the &a.doceng; on a monthly basis. These are listed in the &os; - Ports Collection, under the docs - category. - - - Building and Installing Documentation Ports - - The documentation ports use the ports building framework - to make documentation builds easier. They automate the - process of checking out the documentation source, running - &man.make.1; with the appropriate environment settings and - command-line options, and they make the installation or - deinstallation of documentation as easy as the installation - of any other &os; port or package. - - - As an extra feature, when the documentation ports are - built locally, they record a dependency to the - documentation toolchain ports, so - that they are also automatically installed. - + Ports Collection, under the docs category (http://www.freshports.org/docs/). Organization of the documentation ports is as follows: - The master port, - misc/freebsd-doc-en, which installs - all of the English documentation ports. + The + misc/freebsd-doc-en package or port installs + all of the English documentation. - The all in one port, - misc/freebsd-doc-all, builds and + The + misc/freebsd-doc-all meta-package or port installs all documentation in all available languages. - There is a slave port for each + There is a package and port for each translation, such as misc/freebsd-doc-hu for the - Hungarian-language documents. + Hungarian documentation. - For example, to build and install the English - documentation in split HTML format, - similar to the format used on http://www.FreeBSD.org, - to /usr/local/share/doc/freebsd, - install the following port + When binary packages are used, the &os; documentation + will be installed in all available + formats for the given language. For example, the following command will install the + latest package of the Hungarian + documentation: + + &prompt.root; pkg install hu-freebsd-doc + + + Packages use a format that differs from the + corresponding port's name: + lang-freebsd-doc, + where lang is the short format + of the language code, such as hu for + Hungarian, or zh_cn for Simplified + Chinese. + + + To specify the format of the documentation, build the + port instead of installing the package. For example, to build and install the English + documentation: &prompt.root; cd /usr/ports/misc/freebsd-doc-en &prompt.root; make install clean - - Common Knobs and Options + The port provides a configuration menu where the format + to build and install can be specified. By default, split + HTML, similar to the format used on http://www.FreeBSD.org, + and PDF are + selected. - There are many options for modifying the default - behavior of the documentation ports, including: + Alternately, several make options can be specified + when building a documentation port, including: @@ -1032,8 +951,7 @@ before running "/usr/sbin/freebsd-update Builds the HTML format with a single HTML file per document. The formatted documentation is saved to a file called article.html, - or book.html, as appropriate, - plus images. + or book.html. @@ -1041,11 +959,9 @@ before running "/usr/sbin/freebsd-update WITH_PDF - Builds the &adobe; Portable Document Format - (PDF). The formatted documentation is saved to a + The formatted documentation is saved to a file called article.pdf or - book.pdf, as - appropriate. + book.pdf. @@ -1056,78 +972,25 @@ before running "/usr/sbin/freebsd-update Specifies where to install the documentation. It defaults to /usr/local/share/doc/freebsd. - - - The default target directory differs from the - directory used svn. - This is because ports are usually installed within - /usr/local. - This can be overridden by using - PREFIX. - This example uses variables to install the Hungarian - documentation as a PDF: + documentation as a PDF in the specified + directory: &prompt.root; cd /usr/ports/misc/freebsd-doc-hu &prompt.root; make -DWITH_PDF DOCBASE=share/doc/freebsd/hu install clean - - - - - Using Documentation Packages - - Building the documentation ports from source, as - described in the previous section, requires a local - installation of the documentation toolchain and a bit of - disk space for the build of the ports. When resources are - not available to install the documentation toolchain, or - because the build from sources would take too much disk - space, it is still possible to install pre-built snapshots - of the documentation ports. - - The &a.doceng; prepares monthly snapshots of the &os; - documentation packages. These binary packages can be used - with any of the bundled package tools, like &man.pkg.add.1;, - &man.pkg.delete.1;, and so on. - - - When binary packages are used, the &os; documentation - will be installed in all available - formats for the given language. - - - For example, the following command will install the - latest pre-built package of the Hungarian - documentation: - - &prompt.root; pkg install hu-freebsd-doc - - - Packages use a format that differs from the - corresponding port's name: - lang-freebsd-doc, - where lang is the short format - of the language code, such as hu for - Hungarian, or zh_cn for Simplified - Chinese. - - - - - Updating Documentation Ports - Documentation ports can be updated like any other port. + Documentation packages or ports can be updated using the + instructions in . For example, the following command updates the installed Hungarian documentation using ports-mgmt/portmaster by using packages only: &prompt.root; portmaster -PP hu-freebsd-doc - From owner-svn-doc-all@FreeBSD.ORG Mon Apr 28 17:39:39 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6A801121; Mon, 28 Apr 2014 17:39:39 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5542A19CE; Mon, 28 Apr 2014 17:39:39 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3SHddhv053880; Mon, 28 Apr 2014 17:39:39 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3SHdd8W053879; Mon, 28 Apr 2014 17:39:39 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404281739.s3SHdd8W053879@svn.freebsd.org> From: Dru Lavigne Date: Mon, 28 Apr 2014 17:39:39 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44674 - head/en_US.ISO8859-1/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Apr 2014 17:39:39 -0000 Author: dru Date: Mon Apr 28 17:39:38 2014 New Revision: 44674 URL: http://svnweb.freebsd.org/changeset/doc/44674 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Mon Apr 28 16:19:09 2014 (r44673) +++ head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Mon Apr 28 17:39:38 2014 (r44674) @@ -423,7 +423,8 @@ MergeChanges /etc/ /var/named/etc/ /boot &prompt.root; cd /cdrom/X.Y-RELEASE/kernels &prompt.root; ./install.sh GENERIC - Replace X.Y-RELEASE + Replace X.Y-RELEASE with the actual version of the release being used. The GENERIC kernel will be installed in /boot/GENERIC by @@ -717,35 +718,35 @@ before running "/usr/sbin/freebsd-update Documentation is an integral part of the &os; operating system. While an up-to-date version of the &os; documentation - is always available on the &os; web site - (http://www.freebsd.org/doc/), + is always available on the &os; web site (http://www.freebsd.org/doc/), it can be handy to have an up-to-date, local copy of the &os; website, handbooks, FAQ, and articles. - + This section describes how to use either source or the &os; Ports Collection to keep a local copy of the &os; documentation up-to-date. - For information on editing and submitting corrections to - the documentation, refer to the &os; Documentation - Project Primer for New Contributors - (http://www.freebsd.org/doc/en_US.ISO8859-1/books/fdp-primer/). + For information on editing and submitting corrections to the + documentation, refer to the &os; Documentation Project Primer + for New Contributors (http://www.freebsd.org/doc/en_US.ISO8859-1/books/fdp-primer/). Updating Documentation from Source Rebuilding the &os; documentation from source requires a - collection of tools which are not part of the &os; base system. - The required tools, including + collection of tools which are not part of the &os; base + system. The required tools, including svn, can be installed from the - textproc/docproj package or port - developed by the &os; Documentation Project. + textproc/docproj package or port developed + by the &os; Documentation Project. Once installed, use svn to fetch a clean copy of the documentation source. Replace https://svn0.us-west.FreeBSD.org - with the address of the closest geographic mirror from - : + with the address of the closest geographic mirror from : &prompt.root; svn checkout https://svn0.us-west.FreeBSD.org/doc/head /usr/doc @@ -775,10 +776,9 @@ before running "/usr/sbin/freebsd-update &prompt.root; cd /usr/doc/en_US.ISO8859-1 &prompt.root; make install clean - An alternative way of - updating the documentation is to run this - command from /usr/doc or - the desired language-specific subdirectory: + An alternative way of updating the documentation is to run + this command from /usr/doc or the desired + language-specific subdirectory: &prompt.root; make update @@ -788,11 +788,12 @@ before running "/usr/sbin/freebsd-update &prompt.root; cd /usr/doc &prompt.root; make FORMATS='html html-split' install clean - Several options are available to ease the process of updating - only parts of the documentation, or the build of specific - translations. These options can be set either as system-wide - options in /etc/make.conf, or as - command-line options passed to make. + Several options are available to ease the process of + updating only parts of the documentation, or the build of + specific translations. These options can be set either as + system-wide options in /etc/make.conf, or + as command-line options passed to + make. The options include: @@ -814,8 +815,8 @@ before running "/usr/sbin/freebsd-update A single format or a list of output formats to be built. Currently, html, html-split, txt, - ps, and pdf - are supported. + ps, and pdf are + supported. @@ -859,138 +860,134 @@ before running "/usr/sbin/freebsd-update The previous section presented a method for updating the - &os; documentation from sources. This section describes an alternative method which - uses the Ports Collection and makes it possible to: + &os; documentation from sources. This section describes an + alternative method which uses the Ports Collection and makes + it possible to: - Install pre-built packages of the - documentation, without having to locally build anything - or install the documentation toolchain. + Install pre-built packages of the documentation, + without having to locally build anything or install the + documentation toolchain. - Build the documentation sources - through the ports framework, making the checkout and build - steps a bit easier. + Build the documentation sources through the ports + framework, making the checkout and build steps a bit + easier. This method of updating the &os; documentation is - supported by a set of - documentation ports and packages which are updated by the - &a.doceng; on a monthly basis. These are listed in the &os; - Ports Collection, under the docs category (http://www.freshports.org/docs/). - Organization of the documentation ports is as - follows: + Organization of the documentation ports is as + follows: - - - The - misc/freebsd-doc-en package or port installs - all of the English documentation. - + + + The misc/freebsd-doc-en package or + port installs all of the English documentation. + - - The - misc/freebsd-doc-all meta-package or port - installs all documentation in all available - languages. - + + The misc/freebsd-doc-all + meta-package or port installs all documentation in all + available languages. + - - There is a package and port for each - translation, such as - misc/freebsd-doc-hu for the - Hungarian documentation. - - + + There is a package and port for each translation, such + as misc/freebsd-doc-hu for the + Hungarian documentation. + + - When binary packages are used, the &os; documentation - will be installed in all available - formats for the given language. For example, the following command will install the - latest package of the Hungarian - documentation: + When binary packages are used, the &os; documentation will + be installed in all available formats for the given language. + For example, the following command will install the latest + package of the Hungarian documentation: - &prompt.root; pkg install hu-freebsd-doc + &prompt.root; pkg install hu-freebsd-doc - - Packages use a format that differs from the - corresponding port's name: - lang-freebsd-doc, - where lang is the short format - of the language code, such as hu for - Hungarian, or zh_cn for Simplified - Chinese. - + + Packages use a format that differs from the + corresponding port's name: + lang-freebsd-doc, + where lang is the short format of + the language code, such as hu for + Hungarian, or zh_cn for Simplified + Chinese. + - To specify the format of the documentation, build the - port instead of installing the package. For example, to build and install the English - documentation: + To specify the format of the documentation, build the port + instead of installing the package. For example, to build and + install the English documentation: - &prompt.root; cd /usr/ports/misc/freebsd-doc-en + &prompt.root; cd /usr/ports/misc/freebsd-doc-en &prompt.root; make install clean - The port provides a configuration menu where the format - to build and install can be specified. By default, split - HTML, similar to the format used on http://www.FreeBSD.org, - and PDF are - selected. - - Alternately, several make options can be specified - when building a documentation port, including: - - - - WITH_HTML - - - Builds the HTML format with a single HTML file - per document. The formatted documentation is saved - to a file called article.html, - or book.html. - - - - - WITH_PDF - - - The formatted documentation is saved to a - file called article.pdf or - book.pdf. - - - - - DOCBASE - - - Specifies where to install the documentation. - It defaults to - /usr/local/share/doc/freebsd. - - - - - This example uses variables to install the Hungarian - documentation as a PDF in the specified - directory: + The port provides a configuration menu where the format to + build and install can be specified. By default, split + HTML, similar to the format used on http://www.FreeBSD.org, + and PDF are selected. + + Alternately, several make options can + be specified when building a documentation port, + including: + + + + WITH_HTML + + + Builds the HTML format with a single HTML file per + document. The formatted documentation is saved to a + file called article.html, or + book.html. + + + + + WITH_PDF + + + The formatted documentation is saved to a file + called article.pdf or + book.pdf. + + + + + DOCBASE + + + Specifies where to install the documentation. It + defaults to + /usr/local/share/doc/freebsd. + + + + + This example uses variables to install the Hungarian + documentation as a PDF in the specified + directory: - &prompt.root; cd /usr/ports/misc/freebsd-doc-hu + &prompt.root; cd /usr/ports/misc/freebsd-doc-hu &prompt.root; make -DWITH_PDF DOCBASE=share/doc/freebsd/hu install clean - Documentation packages or ports can be updated using the - instructions in . - For example, the following command updates the installed - Hungarian documentation using - ports-mgmt/portmaster - by using packages only: + Documentation packages or ports can be updated using the + instructions in . For example, the + following command updates the installed Hungarian + documentation using ports-mgmt/portmaster + by using packages only: - &prompt.root; portmaster -PP hu-freebsd-doc + &prompt.root; portmaster -PP hu-freebsd-doc @@ -1605,139 +1602,132 @@ Script started, output file is /var/tmp/ &prompt.root; exit Script done, … - Do not save the output in - /tmp as this directory may be cleared - at next reboot. A better place to save the file is - /var/tmp or in - root's home - directory. + Do not save the output in + /tmp as this directory may be cleared at + next reboot. A better place to save the file is + /var/tmp or in root's home directory. - While in /usr/src - type: + While in /usr/src type: - &prompt.root; cd /usr/src + &prompt.root; cd /usr/src - - make - + + make + - To rebuild the world, use &man.make.1;. This command - reads instructions from the Makefile, - which describes how the programs that comprise &os; should - be built and the order in which they should be built. - - The general format of the command is as follows: - - &prompt.root; make -x -DVARIABLE target - - In this example, - is an option - passed to &man.make.1;. Refer to &man.make.1; for an - examples of available options. - - - passes a variable to the Makefile. The - behavior of the Makefile is controlled - by these variables. These are the same variables as are set - in /etc/make.conf, and this provides - another way of setting them. For example: - - &prompt.root; make -DNO_PROFILE target - - is another way of specifying that profiled libraries - should not be built, and corresponds with the - - NO_PROFILE= true # Avoid compiling profiled libraries - - line in /etc/make.conf. - - target tells &man.make.1; - what to do. Each Makefile defines a - number of different targets, and the choice - of target determines what happens. - - Some targets listed in the - Makefile are used by the build process - to break out the steps necessary to rebuild the system into - a number of sub-steps. - - Most of the time, no parameters need to be passed to - &man.make.1; and the command looks like this: - - &prompt.root; make target - - Where target is one of many - build options. The first target should always be - buildworld. - - As the names imply, - buildworld builds a complete new - tree under /usr/obj and - installworld installs this tree - on the current machine. - - Having separate options is useful for two reasons. - First, it allows for a self hosted build that - does not affect any components of a running system. Because - of this, buildworld can be run on - a machine running in multi-user mode with no fear of - ill-effects. It is still recommended that - installworld be run in part in - single user mode, though. - - Secondly, it allows NFS mounts to be used to upgrade - multiple machines on a network. If order to upgrade three - machines, A, - B and C, - run make buildworld and - make installworld on - A. B and - C should then NFS mount - /usr/src and - /usr/obj from - A, and run - make installworld to install the results - of the build on B and - C. - - Although the world target - still exists, users are strongly encouraged not to use - it. - - Instead, run: - - &prompt.root; make buildworld - - It is possible to specify which - will cause make to spawn several - simultaneous processes. This is most useful on multi-CPU - machines. However, since much of the compiling process is - I/O bound rather than CPU bound, it is also useful on single - CPU machines. - - On a typical single-CPU machine, run: - - &prompt.root; make -j4 buildworld - - &man.make.1; will then have up to 4 processes running at - any one time. Empirical evidence posted to the mailing - lists shows this generally gives the best performance - benefit. - - On a multi-CPU machine using an SMP configured kernel, - try values between 6 and 10 and see how they speed things - up. + To rebuild the world, use &man.make.1;. This command + reads instructions from the Makefile, + which describes how the programs that comprise &os; should be + built and the order in which they should be built. + + The general format of the command is as follows: + + &prompt.root; make -x -DVARIABLE target + + In this example, + is an option + passed to &man.make.1;. Refer to &man.make.1; for an examples + of available options. + + + passes a variable to the Makefile. The + behavior of the Makefile is controlled by + these variables. These are the same variables as are set in + /etc/make.conf, and this provides + another way of setting them. For example: + + &prompt.root; make -DNO_PROFILE target + + is another way of specifying that profiled libraries + should not be built, and corresponds with the + + NO_PROFILE= true # Avoid compiling profiled libraries + + line in /etc/make.conf. + + target tells &man.make.1; what + to do. Each Makefile defines a number of + different targets, and the choice of target + determines what happens. + + Some targets listed in the Makefile + are used by the build process to break out the steps + necessary to rebuild the system into a number of + sub-steps. + + Most of the time, no parameters need to be passed to + &man.make.1; and the command looks like this: + + &prompt.root; make target + + Where target is one of many + build options. The first target should always be + buildworld. + + As the names imply, buildworld + builds a complete new tree under /usr/obj + and installworld installs this tree + on the current machine. + + Having separate options is useful for two reasons. First, + it allows for a self hosted build that does not + affect any components of a running system. Because of this, + buildworld can be run on a machine + running in multi-user mode with no fear of ill-effects. It is + still recommended that installworld + be run in part in single user mode, though. + + Secondly, it allows NFS mounts to be used to upgrade + multiple machines on a network. If order to upgrade three + machines, A, + B and C, run + make buildworld and make + installworld on A. + B and C + should then NFS mount /usr/src and + /usr/obj from A, + and run make installworld to install the + results of the build on B and + C. + + Although the world target still + exists, users are strongly encouraged not to use it. + + Instead, run: + + &prompt.root; make buildworld + + It is possible to specify which will + cause make to spawn several simultaneous + processes. This is most useful on multi-CPU machines. + However, since much of the compiling process is I/O bound + rather than CPU bound, it is also useful on single CPU + machines. + + On a typical single-CPU machine, run: + + &prompt.root; make -j4 buildworld + + &man.make.1; will then have up to 4 processes running at + any one time. Empirical evidence posted to the mailing lists + shows this generally gives the best performance + benefit. + + On a multi-CPU machine using an SMP configured kernel, try + values between 6 and 10 and see how they speed things + up. - - rebuilding world - timings - + + rebuilding world + timings + - Many factors influence the build time, but fairly recent - machines may only take a one or two hours to build the - &os.stable; tree, with no tricks or shortcuts used during - the process. A &os.current; tree will take somewhat - longer. + Many factors influence the build time, but fairly recent + machines may only take a one or two hours to build the + &os.stable; tree, with no tricks or shortcuts used during the + process. A &os.current; tree will take somewhat + longer. @@ -2334,14 +2324,14 @@ Building everything.. class="directory">/usr with . - The file system holding - /usr/obj can be mounted or - remounted with so that disk + The file system holding /usr/obj can be mounted + or remounted with so that disk writes happen asynchronously. The write completes - immediately, and the data is written to the disk a - few seconds later. This allows writes to be - clustered together, and can provide a dramatic - performance boost. + immediately, and the data is written to the disk a few + seconds later. This allows writes to be clustered + together, and can provide a dramatic performance + boost. Keep in mind that this option makes the file @@ -2351,21 +2341,20 @@ Building everything.. machine restarts. If /usr/obj is the only - directory on this file system, this is not a - problem. If you have other, valuable data on the - same file system, ensure that there are verified - backups before enabling this option. + directory on this file system, this is not a problem. + If you have other, valuable data on the same file + system, ensure that there are verified backups before + enabling this option. Turn off profiling by setting NO_PROFILE=true in /etc/make.conf. - Pass - to - &man.make.1; to run multiple processes in parallel. - This usually helps on both single- and - multi-processor machines. + Pass + to &man.make.1; to run multiple processes in parallel. + This usually helps on both single- and multi-processor + machines. @@ -2428,16 +2417,15 @@ Building everything.. Preliminaries - First, identify a set of machines which will run the - same set of binaries, known as a build - set. Each machine can have a custom kernel, but - will run the same userland binaries. From that set, choose a - machine to be the build machine that the - world and kernel are built on. Ideally, this is a fast - machine that has sufficient spare CPU to run - make buildworld and - make buildkernel. Select a machine to be - the test machine, which will test + First, identify a set of machines which will run the same + set of binaries, known as a build set. + Each machine can have a custom kernel, but will run the same + userland binaries. From that set, choose a machine to be the + build machine that the world and kernel + are built on. Ideally, this is a fast machine that has + sufficient spare CPU to run make buildworld + and make buildkernel. Select a machine to + be the test machine, which will test software updates before they are put into production. This must be a machine that can afford to be down for an extended period of time. It can be the build @@ -2445,13 +2433,12 @@ Building everything.. All the machines in this build set need to mount /usr/obj and - /usr/src from the same - machine, and at the same point. Ideally, those directories - are on two different drives on the build machine, but they can - be NFS mounted on that machine as well. For multiple - build sets, /usr/src - should be on one build machine, and NFS mounted on the - rest. + /usr/src from the same machine, and at + the same point. Ideally, those directories are on two + different drives on the build machine, but they can be NFS + mounted on that machine as well. For multiple build sets, + /usr/src should be on one build machine, + and NFS mounted on the rest. Finally, ensure that /etc/make.conf and /etc/src.conf on all the machines in @@ -2463,8 +2450,8 @@ Building everything.. /etc/make.conf, and the build machine should list them all in KERNCONF, listing its own kernel first. The build machine must have the kernel - configuration files for each machine in - /usr/src/sys/arch/conf + configuration files for each machine in /usr/src/sys/arch/conf if it is going to build their kernels. @@ -2472,18 +2459,18 @@ Building everything.. The Base System On the build machine, build the kernel and world as - described in , but do - not install anything. After the build has finished, go to the + described in , but do not + install anything. After the build has finished, go to the test machine, and install the built kernel. If this machine mounts /usr/src and - /usr/obj via NFS, - enable the network and mount these directories after rebooting - to single user mode. The easiest way to do this is to boot to - multi-user, then run shutdown now to go to - single user mode. Once there, install the new kernel and - world and run mergemaster as usual. When - done, reboot to return to normal multi-user operations for - this machine. + /usr/obj via NFS, enable the network and + mount these directories after rebooting to single user mode. + The easiest way to do this is to boot to multi-user, then run + shutdown now to go to single user mode. + Once there, install the new kernel and world and run + mergemaster as usual. When done, reboot to + return to normal multi-user operations for this + machine. After verifying that everything on the test machine is working properly, use the same procedure to install the new From owner-svn-doc-all@FreeBSD.ORG Mon Apr 28 17:44:14 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4B7673B9; Mon, 28 Apr 2014 17:44:14 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 380501A82; Mon, 28 Apr 2014 17:44:14 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3SHiEaW057351; Mon, 28 Apr 2014 17:44:14 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3SHiE0j057350; Mon, 28 Apr 2014 17:44:14 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404281744.s3SHiE0j057350@svn.freebsd.org> From: Dru Lavigne Date: Mon, 28 Apr 2014 17:44:14 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44675 - head/en_US.ISO8859-1/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Apr 2014 17:44:14 -0000 Author: dru Date: Mon Apr 28 17:44:13 2014 New Revision: 44675 URL: http://svnweb.freebsd.org/changeset/doc/44675 Log: Fix grammo. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Mon Apr 28 17:39:38 2014 (r44674) +++ head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Mon Apr 28 17:44:13 2014 (r44675) @@ -1627,8 +1627,8 @@ Script done, … In this example, is an option - passed to &man.make.1;. Refer to &man.make.1; for an examples - of available options. + passed to &man.make.1;. Refer to &man.make.1; for examples + of the available options. passes a variable to the Makefile. The From owner-svn-doc-all@FreeBSD.ORG Mon Apr 28 19:34:33 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4986C891; Mon, 28 Apr 2014 19:34:33 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 299B11730; Mon, 28 Apr 2014 19:34:33 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3SJYX1F003280; Mon, 28 Apr 2014 19:34:33 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3SJYX0D003279; Mon, 28 Apr 2014 19:34:33 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404281934.s3SJYX0D003279@svn.freebsd.org> From: Warren Block Date: Mon, 28 Apr 2014 19:34:32 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44676 - head/en_US.ISO8859-1/articles/freebsd-update-server X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Apr 2014 19:34:33 -0000 Author: wblock Date: Mon Apr 28 19:34:32 2014 New Revision: 44676 URL: http://svnweb.freebsd.org/changeset/doc/44676 Log: Restore lost tags. Modified: head/en_US.ISO8859-1/articles/freebsd-update-server/article.xml Modified: head/en_US.ISO8859-1/articles/freebsd-update-server/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/freebsd-update-server/article.xml Mon Apr 28 17:44:13 2014 (r44675) +++ head/en_US.ISO8859-1/articles/freebsd-update-server/article.xml Mon Apr 28 19:34:32 2014 (r44676) @@ -289,7 +289,7 @@ Verifying - enter aes-256-cbc encryption &prompt.root; cd /usr/local/freebsd-update-server -&prompt.root; sh scripts/init.sh amd64 7.2-RELEASE +&prompt.root; sh scripts/init.sh amd64 7.2-RELEASE What follows is a sample of an initial build @@ -441,7 +441,7 @@ Wed Aug 26 12:50:07 PDT 2009 Cleaning st &prompt.root; cd /usr/local/freebsd-update-server -&prompt.root; sh scripts/upload.sh amd64 7.2-RELEASE +&prompt.root; sh scripts/upload.sh amd64 7.2-RELEASE @@ -451,8 +451,8 @@ Wed Aug 26 12:50:07 PDT 2009 Cleaning st uploaded file. - &prompt.root; cd /usr/local/freebsd-update-server/pub/7.2-RELEASE/amd64 -&prompt.root; touch -t 200801010101.01 uploaded + &prompt.root; cd /usr/local/freebsd-update-server/pub/7.2-RELEASE/amd64 +&prompt.root; touch -t 200801010101.01 uploaded @@ -584,7 +584,7 @@ Wed Aug 26 12:50:07 PDT 2009 Cleaning st &prompt.root; cd /usr/local/freebsd-update-server -&prompt.root; sh scripts/diff.sh amd64 7.1-RELEASE 7 +&prompt.root; sh scripts/diff.sh amd64 7.1-RELEASE 7 What follows is a sample of a differential @@ -701,7 +701,7 @@ the new builds. &prompt.root; cd /usr/local/freebsd-update-server -&prompt.root; sh scripts/upload.sh amd64 7.1-RELEASE +&prompt.root; sh scripts/upload.sh amd64 7.1-RELEASE For reference, the entire run of From owner-svn-doc-all@FreeBSD.ORG Mon Apr 28 19:36:49 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D2C539F5; Mon, 28 Apr 2014 19:36:49 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BF5291752; Mon, 28 Apr 2014 19:36:49 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3SJanSQ003638; Mon, 28 Apr 2014 19:36:49 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3SJana4003637; Mon, 28 Apr 2014 19:36:49 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404281936.s3SJana4003637@svn.freebsd.org> From: Warren Block Date: Mon, 28 Apr 2014 19:36:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44677 - head/en_US.ISO8859-1/books/design-44bsd X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Apr 2014 19:36:49 -0000 Author: wblock Date: Mon Apr 28 19:36:49 2014 New Revision: 44677 URL: http://svnweb.freebsd.org/changeset/doc/44677 Log: Restore lost tags. Modified: head/en_US.ISO8859-1/books/design-44bsd/book.xml Modified: head/en_US.ISO8859-1/books/design-44bsd/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/design-44bsd/book.xml Mon Apr 28 19:34:32 2014 (r44676) +++ head/en_US.ISO8859-1/books/design-44bsd/book.xml Mon Apr 28 19:36:49 2014 (r44677) @@ -1961,7 +1961,7 @@ in addition to the natural desire of users to give files long descriptive names, a common way of forming filenames is as - basename.extension, + basename.extension, where the extension (indicating the kind of file, such as .c for C source or From owner-svn-doc-all@FreeBSD.ORG Mon Apr 28 20:13:09 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 00CF6508; Mon, 28 Apr 2014 20:13:08 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DEBFF1C42; Mon, 28 Apr 2014 20:13:08 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3SKD8GH019695; Mon, 28 Apr 2014 20:13:08 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3SKD7Wp019688; Mon, 28 Apr 2014 20:13:07 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404282013.s3SKD7Wp019688@svn.freebsd.org> From: Warren Block Date: Mon, 28 Apr 2014 20:13:07 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44678 - in head/en_US.ISO8859-1/books/developers-handbook: kernelbuild kerneldebug l10n policies testing tools x86 X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Apr 2014 20:13:09 -0000 Author: wblock Date: Mon Apr 28 20:13:07 2014 New Revision: 44678 URL: http://svnweb.freebsd.org/changeset/doc/44678 Log: Restore lost tags. Modified: head/en_US.ISO8859-1/books/developers-handbook/kernelbuild/chapter.xml head/en_US.ISO8859-1/books/developers-handbook/kerneldebug/chapter.xml head/en_US.ISO8859-1/books/developers-handbook/l10n/chapter.xml head/en_US.ISO8859-1/books/developers-handbook/policies/chapter.xml head/en_US.ISO8859-1/books/developers-handbook/testing/chapter.xml head/en_US.ISO8859-1/books/developers-handbook/tools/chapter.xml head/en_US.ISO8859-1/books/developers-handbook/x86/chapter.xml Modified: head/en_US.ISO8859-1/books/developers-handbook/kernelbuild/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/developers-handbook/kernelbuild/chapter.xml Mon Apr 28 19:36:49 2014 (r44677) +++ head/en_US.ISO8859-1/books/developers-handbook/kernelbuild/chapter.xml Mon Apr 28 20:13:07 2014 (r44678) @@ -49,7 +49,7 @@ Run &man.config.8; to generate the kernel source code: - &prompt.root; /usr/sbin/config MYKERNEL + &prompt.root; /usr/sbin/config MYKERNEL @@ -57,7 +57,7 @@ print the name of this directory after being run as above. - &prompt.root; cd ../compile/MYKERNEL + &prompt.root; cd ../compile/MYKERNEL Modified: head/en_US.ISO8859-1/books/developers-handbook/kerneldebug/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/developers-handbook/kerneldebug/chapter.xml Mon Apr 28 19:36:49 2014 (r44677) +++ head/en_US.ISO8859-1/books/developers-handbook/kerneldebug/chapter.xml Mon Apr 28 20:13:07 2014 (r44678) @@ -153,8 +153,8 @@ the crash dump, locate the debug version of your kernel (normally called kernel.debug) and the path to the source files used to build your kernel (normally - /usr/obj/usr/src/sys/KERNCONF, - where KERNCONF + /usr/obj/usr/src/sys/KERNCONF, + where KERNCONF is the ident specified in a kernel &man.config.5;). With those two pieces of info, let the debugging commence! @@ -162,7 +162,7 @@ To enter into the debugger and begin getting information from the dump, the following steps are required at a minimum: - &prompt.root; cd /usr/obj/usr/src/sys/KERNCONF + &prompt.root; cd /usr/obj/usr/src/sys/KERNCONF &prompt.root; kgdb kernel.debug /var/crash/vmcore.0 You can debug the crash dump using the kernel sources just like @@ -180,7 +180,7 @@ your patch winds its way into the source tree via a problem report, mailing lists, or by being able to commit it! - 1:&prompt.root; cd /usr/obj/usr/src/sys/KERNCONF + 1:&prompt.root; cd /usr/obj/usr/src/sys/KERNCONF 2:&prompt.root; kgdb kernel.debug /var/crash/vmcore.0 3:GNU gdb 5.2.1 (FreeBSD) 4:Copyright 2002 Free Software Foundation, Inc. @@ -901,7 +901,7 @@ hw.firewire.dcons_crom.force_console=1Run &man.dconschat.8;, with: - &prompt.root; dconschat -e \# -br -G 12345 -t 00-11-22-33-44-55-66-77 + &prompt.root; dconschat -e \# -br -G 12345 -t 00-11-22-33-44-55-66-77 The following key combinations can be used once &man.dconschat.8; is running: Modified: head/en_US.ISO8859-1/books/developers-handbook/l10n/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/developers-handbook/l10n/chapter.xml Mon Apr 28 19:36:49 2014 (r44677) +++ head/en_US.ISO8859-1/books/developers-handbook/l10n/chapter.xml Mon Apr 28 20:13:07 2014 (r44678) @@ -122,8 +122,8 @@ program is used, such as grep. This name will be used when looking for the compiled catalog file. The &man.catopen.3; call looks for this file - in /usr/share/nls/locale/catname - and in /usr/local/share/nls/locale/catname, + in /usr/share/nls/locale/catname + and in /usr/local/share/nls/locale/catname, where locale is the locale set and catname is the catalog name being discussed. The second parameter is a constant, which can have Modified: head/en_US.ISO8859-1/books/developers-handbook/policies/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/developers-handbook/policies/chapter.xml Mon Apr 28 19:36:49 2014 (r44677) +++ head/en_US.ISO8859-1/books/developers-handbook/policies/chapter.xml Mon Apr 28 20:13:07 2014 (r44678) @@ -167,13 +167,13 @@ SVN, vendor branches were imported with the same layout as the main tree. For example, the foo vendor sources ended up in - vendor/foo/dist/contrib/foo, + vendor/foo/dist/contrib/foo, but it is pointless and rather inconvenient. What we really want is to have the vendor source directly in - vendor/foo/dist, + vendor/foo/dist, like this: - &prompt.user; cd vendor/foo/dist/contrib/foo + &prompt.user; cd vendor/foo/dist/contrib/foo &prompt.user; svn move $(svn list) ../.. &prompt.user; cd ../.. &prompt.user; svn remove contrib @@ -207,8 +207,8 @@ that corresponds to the last change was made to the vendor tree prior to importing new sources is also needed: - &prompt.user; cd head/contrib/foo -&prompt.user; svn merge --record-only svn_base/vendor/foo/dist@12345678 . + &prompt.user; cd head/contrib/foo +&prompt.user; svn merge --record-only svn_base/vendor/foo/dist@12345678 . &prompt.user; svn commit where svn_base is the base @@ -231,30 +231,30 @@ sorted lists of the contents of the vendor tree and of the sources you are about to import: - &prompt.user; cd vendor/foo/dist -&prompt.user; svn list -R | grep -v '/$' | sort > ../old -&prompt.user; cd ../foo-9.9 -&prompt.user; find . -type f | cut -c 3- | sort > ../new + &prompt.user; cd vendor/foo/dist +&prompt.user; svn list -R | grep -v '/$' | sort > ../old +&prompt.user; cd ../foo-9.9 +&prompt.user; find . -type f | cut -c 3- | sort > ../new With these two files, the following command will list list removed files (files only in - old): + old): - &prompt.user; comm -23 ../old ../new + &prompt.user; comm -23 ../old ../new While the command below will list added files (files only in - new): + new): - &prompt.user; comm -13 ../old ../new + &prompt.user; comm -13 ../old ../new Let's put this together: - &prompt.user; cd vendor/foo/foo-9.9 + &prompt.user; cd vendor/foo/foo-9.9 &prompt.user; tar cf - . | tar xf - -C ../dist &prompt.user; cd ../dist -&prompt.user; comm -23 ../old ../new | xargs svn remove -&prompt.user; comm -13 ../old ../new | xargs svn add +&prompt.user; comm -23 ../old ../new | xargs svn remove +&prompt.user; comm -13 ../old ../new | xargs svn add If there are new directories in the new @@ -303,11 +303,11 @@ should tag it for future reference. The best and quickest way is to do it directly in the repository: - &prompt.user; svn copy svn_base/vendor/foo/dist svn_base/vendor/foo/9.9 + &prompt.user; svn copy svn_base/vendor/foo/dist svn_base/vendor/foo/9.9 To get the new tag, you can update your working copy of - vendor/foo. + vendor/foo. If you choose to do the copy in the checkout @@ -325,9 +325,9 @@ SVN not to handle merge conflicts yet, because they will be taken care of manually: - &prompt.user; cd head/contrib/foo + &prompt.user; cd head/contrib/foo &prompt.user; svn update -&prompt.user; svn merge --accept=postpone svn_base/vendor/foo/dist +&prompt.user; svn merge --accept=postpone svn_base/vendor/foo/dist Resolve any conflicts, and make sure that any files that were added or removed in the vendor tree have been @@ -335,7 +335,7 @@ a good idea to check differences against the vendor branch: - &prompt.user; svn diff --no-diff-deleted --old=svn_base/vendor/foo/dist --new=. + &prompt.user; svn diff --no-diff-deleted --old=svn_base/vendor/foo/dist --new=. The option tells SVN not to check files that are in the @@ -418,7 +418,7 @@ Object files are named - arch/filename.o.uu>. + arch/filename.o.uu>. Modified: head/en_US.ISO8859-1/books/developers-handbook/testing/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/developers-handbook/testing/chapter.xml Mon Apr 28 19:36:49 2014 (r44677) +++ head/en_US.ISO8859-1/books/developers-handbook/testing/chapter.xml Mon Apr 28 20:13:07 2014 (r44678) @@ -363,11 +363,11 @@ have rank 9999. - RELENG_x + RELENG_x has rank xx99. - RELENG_x_y + RELENG_x_y has rank xxyy. Modified: head/en_US.ISO8859-1/books/developers-handbook/tools/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/developers-handbook/tools/chapter.xml Mon Apr 28 19:36:49 2014 (r44677) +++ head/en_US.ISO8859-1/books/developers-handbook/tools/chapter.xml Mon Apr 28 20:13:07 2014 (r44678) @@ -600,7 +600,7 @@ compiler to add it. The rule is that if the library is called - libsomething.a, + libsomething.a, you give cc the argument . For example, the math library is @@ -996,7 +996,7 @@ free(foo); to find out the process ID of your program, and do - &prompt.user; kill -ABRT pid + &prompt.user; kill -ABRT pid where @@ -1147,7 +1147,7 @@ install: We can tell make which target we want to make by typing: - &prompt.user; make target + &prompt.user; make target make will then only look at that target and ignore any others. For example, if we type @@ -1376,12 +1376,12 @@ DISTFILES= scheme-microcode+dist-7. gdb (GNU debugger). You start it up by typing - &prompt.user; gdb progname + &prompt.user; gdb progname although many people prefer to run it inside Emacs. You can do this by: - M-x gdb RET progname RET + M-x gdb RET progname RET Using a debugger allows you to run the program under more controlled circumstances. Typically, you can step through the @@ -1543,7 +1543,7 @@ main() { listings of core files and sweat over machine code manuals, but now life is a bit easier. Incidentally, under FreeBSD and other 4.4BSD systems, a core file is called - progname.core instead of just + progname.core instead of just core, to make it clearer which program a core file belongs to. @@ -1551,7 +1551,7 @@ main() { the usual way. Instead of typing break or run, type - (gdb) core progname.core + (gdb) core progname.core If you are not in the same directory as the core file, you will have to do dir @@ -1609,7 +1609,7 @@ Cannot access memory at address 0x702079 use ps to find the process ID for the child, and do - (gdb) attach pid + (gdb) attach pid in gdb, and then debug as usual. @@ -1851,7 +1851,7 @@ else if (pid == 0) { /* child */ if you are doing something outside Emacs and you want to edit a file, you can just type in - &prompt.user; emacsclient filename + &prompt.user; emacsclient filename and then you can edit the file in your Modified: head/en_US.ISO8859-1/books/developers-handbook/x86/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/developers-handbook/x86/chapter.xml Mon Apr 28 19:36:49 2014 (r44677) +++ head/en_US.ISO8859-1/books/developers-handbook/x86/chapter.xml Mon Apr 28 20:13:07 2014 (r44678) @@ -249,7 +249,7 @@ the system know about it. After your pro linked, you need to brand the executable: -&prompt.user; brandelf -t Linux filename +&prompt.user; brandelf -t Linux filename @@ -870,7 +870,7 @@ If you do not have nasm &prompt.user; su -Password:your root password +Password:your root password &prompt.root; cd /usr/ports/devel/nasm &prompt.root; make install &prompt.root; exit @@ -2313,15 +2313,15 @@ to send the output to a different file. I end up using it like this: -&prompt.user; tuc myfile tempfile -&prompt.user; mv tempfile myfile +&prompt.user; tuc myfile tempfile +&prompt.user; mv tempfile myfile It would be nice to have a ftuc, i.e., fast tuc, and use it like this: -&prompt.user; ftuc myfile +&prompt.user; ftuc myfile In this chapter, then, we will write @@ -3343,7 +3343,7 @@ specified. To get the 11th field of each record, I can now do: -&prompt.user; csv '-t;' data.csv | awk '-F;' '{print $11}' +&prompt.user; csv '-t;' data.csv | awk '-F;' '{print $11}' The code stores the options (except for the file descriptors) From owner-svn-doc-all@FreeBSD.ORG Mon Apr 28 20:16:30 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9E0CE69E; Mon, 28 Apr 2014 20:16:30 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8B7421C7A; Mon, 28 Apr 2014 20:16:30 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3SKGUHD020201; Mon, 28 Apr 2014 20:16:30 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3SKGU56020199; Mon, 28 Apr 2014 20:16:30 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201404282016.s3SKGU56020199@svn.freebsd.org> From: Gabor Pali Date: Mon, 28 Apr 2014 20:16:30 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44679 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Apr 2014 20:16:30 -0000 Author: pgj Date: Mon Apr 28 20:16:30 2014 New Revision: 44679 URL: http://svnweb.freebsd.org/changeset/doc/44679 Log: - Hook dvl's PGP key into the build so it can be added to the keyring Modified: head/share/pgpkeys/pgpkeys-other.xml Modified: head/share/pgpkeys/pgpkeys-other.xml ============================================================================== --- head/share/pgpkeys/pgpkeys-other.xml Mon Apr 28 20:13:07 2014 (r44678) +++ head/share/pgpkeys/pgpkeys-other.xml Mon Apr 28 20:16:30 2014 (r44679) @@ -28,12 +28,12 @@ &a.bk; &pgpkey.bk; - + &a.dhw; &pgpkey.dhw; From owner-svn-doc-all@FreeBSD.ORG Mon Apr 28 20:17:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 72046703; Mon, 28 Apr 2014 20:17:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5E8C41C7E; Mon, 28 Apr 2014 20:17:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3SKHAdc020309; Mon, 28 Apr 2014 20:17:10 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3SKHAVk020308; Mon, 28 Apr 2014 20:17:10 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404282017.s3SKHAVk020308@svn.freebsd.org> From: Warren Block Date: Mon, 28 Apr 2014 20:17:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44680 - head/en_US.ISO8859-1/articles/nanobsd X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Apr 2014 20:17:10 -0000 Author: wblock Date: Mon Apr 28 20:17:09 2014 New Revision: 44680 URL: http://svnweb.freebsd.org/changeset/doc/44680 Log: Restore lost tags. Modified: head/en_US.ISO8859-1/articles/nanobsd/article.xml Modified: head/en_US.ISO8859-1/articles/nanobsd/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/nanobsd/article.xml Mon Apr 28 20:16:30 2014 (r44679) +++ head/en_US.ISO8859-1/articles/nanobsd/article.xml Mon Apr 28 20:17:09 2014 (r44680) @@ -151,7 +151,7 @@ A NanoBSD image is built using a simple nanobsd.sh shell script, which can be found in the - /usr/src/tools/tools/nanobsd + /usr/src/tools/tools/nanobsd directory. This script creates an image, which can be copied on the storage medium using the &man.dd.1; utility. @@ -479,7 +479,7 @@ get _.disk.image "| sh updatep1"At first, open a TCP listener on host serving the image and make it send the image to client: - myhost&prompt.root; nc -l 2222 < _.disk.image + myhost&prompt.root; nc -l 2222 < _.disk.image Make sure that the used port is not blocked to @@ -492,7 +492,7 @@ get _.disk.image "| sh updatep1"Connect to the host serving new image and execute updatep1 script: - &prompt.root; nc myhost 2222 | sh updatep1 + &prompt.root; nc myhost 2222 | sh updatep1 From owner-svn-doc-all@FreeBSD.ORG Mon Apr 28 20:19:20 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EB9EE782; Mon, 28 Apr 2014 20:19:20 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D87521C90; Mon, 28 Apr 2014 20:19:20 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3SKJKKH020575; Mon, 28 Apr 2014 20:19:20 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3SKJKtG020574; Mon, 28 Apr 2014 20:19:20 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404282019.s3SKJKtG020574@svn.freebsd.org> From: Warren Block Date: Mon, 28 Apr 2014 20:19:20 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44681 - head/en_US.ISO8859-1/articles/filtering-bridges X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Apr 2014 20:19:21 -0000 Author: wblock Date: Mon Apr 28 20:19:20 2014 New Revision: 44681 URL: http://svnweb.freebsd.org/changeset/doc/44681 Log: Restore lost tags. Modified: head/en_US.ISO8859-1/articles/filtering-bridges/article.xml Modified: head/en_US.ISO8859-1/articles/filtering-bridges/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/filtering-bridges/article.xml Mon Apr 28 20:17:09 2014 (r44680) +++ head/en_US.ISO8859-1/articles/filtering-bridges/article.xml Mon Apr 28 20:19:20 2014 (r44681) @@ -211,7 +211,7 @@ firewall_logging="YES" At this point you should be able to insert the machine between two sets of hosts without compromising any communication abilities between them. If so, the next step is to add the - net.link.ether.bridge.[blah]=[blah] + net.link.ether.bridge.[blah]=[blah] portions of these rows to the /etc/sysctl.conf file, in order to have them execute at startup. From owner-svn-doc-all@FreeBSD.ORG Mon Apr 28 20:21:24 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1C98B806; Mon, 28 Apr 2014 20:21:24 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0872C1D13; Mon, 28 Apr 2014 20:21:24 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3SKLNU8023413; Mon, 28 Apr 2014 20:21:23 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3SKLNRa023412; Mon, 28 Apr 2014 20:21:23 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404282021.s3SKLNRa023412@svn.freebsd.org> From: Warren Block Date: Mon, 28 Apr 2014 20:21:23 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44682 - head/en_US.ISO8859-1/articles/cvs-freebsd X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Apr 2014 20:21:24 -0000 Author: wblock Date: Mon Apr 28 20:21:23 2014 New Revision: 44682 URL: http://svnweb.freebsd.org/changeset/doc/44682 Log: Restore lost tags. Modified: head/en_US.ISO8859-1/articles/cvs-freebsd/article.xml Modified: head/en_US.ISO8859-1/articles/cvs-freebsd/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/cvs-freebsd/article.xml Mon Apr 28 20:19:20 2014 (r44681) +++ head/en_US.ISO8859-1/articles/cvs-freebsd/article.xml Mon Apr 28 20:21:23 2014 (r44682) @@ -72,7 +72,7 @@ The first thing to do when setting up a new repository is to tell CVS to initialize it: - &prompt.user; cvs -d path-to-repository init + &prompt.user; cvs -d path-to-repository init This tells CVS to create the CVSROOT administrative directory, where all the @@ -87,12 +87,12 @@ repository. We will assume the FreeBSD default of ncvs for this group. - &prompt.root; pw groupadd ncvs + &prompt.root; pw groupadd ncvs Next, you should &man.chown.8; the directory to the group you just added: - &prompt.root; chown -R :ncvs path-to-your-repository + &prompt.root; chown -R :ncvs path-to-your-repository This ensures that no one can write to the repository without proper group permissions. @@ -128,7 +128,7 @@ CVSROOT and copy the FreeBSD files over your local (untouched) copies: - &prompt.user; cvs -d path-to-your-repository checkout CVSROOT + &prompt.user; cvs -d path-to-your-repository checkout CVSROOT &prompt.user; cd CVSROOT &prompt.user; cp ../CVSROOT-freebsd/* . &prompt.user; cvs add * @@ -541,7 +541,7 @@ will lock yourself out. So make sure everything is as you intend, and then do the following: - &prompt.user; cvs commit -m '- Initial FreeBSD scripts commit' + &prompt.user; cvs commit -m '- Initial FreeBSD scripts commit' @@ -551,7 +551,7 @@ avail file, to make sure everything works as expected. - &prompt.user; cvs commit -f -m 'Forced commit to test the new CVSROOT scripts' avail + &prompt.user; cvs commit -f -m 'Forced commit to test the new CVSROOT scripts' avail If everything works, congratulations! You now have a working setup of the FreeBSD scripts for your repository. If @@ -646,7 +646,7 @@ &prompt.root; mv /usr/bin/cvs /usr/bin/ncvs &prompt.root; mv cvs /usr/bin/cvs -&prompt.root; chown root:ncvs /usr/bin/cvs /usr/bin/ncvs +&prompt.root; chown root:ncvs /usr/bin/cvs /usr/bin/ncvs &prompt.root; chmod o-rx /usr/bin/ncvs &prompt.root; chmod u-w,g+s /usr/bin/cvs @@ -669,7 +669,7 @@ Your wrapper should now be setup. You can of course test this by making a forced commit to the access file: - &prompt.user; cvs commit -f -m 'Forced commit to test the new CVSROOT scripts' access + &prompt.user; cvs commit -f -m 'Forced commit to test the new CVSROOT scripts' access Again, if this fails, check to see whether all of the above steps have been executed correctly. From owner-svn-doc-all@FreeBSD.ORG Mon Apr 28 20:23:09 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 60365880; Mon, 28 Apr 2014 20:23:09 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BB1E1D1F; Mon, 28 Apr 2014 20:23:09 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3SKN9NZ024036; Mon, 28 Apr 2014 20:23:09 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3SKN9B7024035; Mon, 28 Apr 2014 20:23:09 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404282023.s3SKN9B7024035@svn.freebsd.org> From: Warren Block Date: Mon, 28 Apr 2014 20:23:09 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44683 - head/en_US.ISO8859-1/articles/custom-gcc X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Apr 2014 20:23:09 -0000 Author: wblock Date: Mon Apr 28 20:23:08 2014 New Revision: 44683 URL: http://svnweb.freebsd.org/changeset/doc/44683 Log: Restore lost tags. Modified: head/en_US.ISO8859-1/articles/custom-gcc/article.xml Modified: head/en_US.ISO8859-1/articles/custom-gcc/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/custom-gcc/article.xml Mon Apr 28 20:21:23 2014 (r44682) +++ head/en_US.ISO8859-1/articles/custom-gcc/article.xml Mon Apr 28 20:23:08 2014 (r44683) @@ -86,7 +86,7 @@ GCC ports, run the following command: - &prompt.root; cd /usr/ports/lang/gcc44 && make install + &prompt.root; cd /usr/ports/lang/gcc44 && make install From owner-svn-doc-all@FreeBSD.ORG Mon Apr 28 20:25:05 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BCE989D9; Mon, 28 Apr 2014 20:25:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 907401D35; Mon, 28 Apr 2014 20:25:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3SKP5af024357; Mon, 28 Apr 2014 20:25:05 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3SKP5qe024356; Mon, 28 Apr 2014 20:25:05 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404282025.s3SKP5qe024356@svn.freebsd.org> From: Warren Block Date: Mon, 28 Apr 2014 20:25:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44684 - head/en_US.ISO8859-1/articles/fbsd-from-scratch X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Apr 2014 20:25:05 -0000 Author: wblock Date: Mon Apr 28 20:25:05 2014 New Revision: 44684 URL: http://svnweb.freebsd.org/changeset/doc/44684 Log: Restore lost tags. Modified: head/en_US.ISO8859-1/articles/fbsd-from-scratch/article.xml Modified: head/en_US.ISO8859-1/articles/fbsd-from-scratch/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/fbsd-from-scratch/article.xml Mon Apr 28 20:23:08 2014 (r44683) +++ head/en_US.ISO8859-1/articles/fbsd-from-scratch/article.xml Mon Apr 28 20:25:05 2014 (r44684) @@ -233,7 +233,7 @@ argument, like - &prompt.root; ./stage_1.sh default + &prompt.root; ./stage_1.sh default will read its configuration from @@ -306,7 +306,7 @@ successfully completed make buildkernel - KERNCONF=whatever + KERNCONF=whatever @@ -426,7 +426,7 @@ Do you wish to delete what is left of /v with exactly one argument to denote a config file, e.g. - &prompt.root; ./stage_2.sh default + &prompt.root; ./stage_2.sh default which will read the list of ports from @@ -498,7 +498,7 @@ news inn-stable CONFIGURE_ARGS="-- what you want to configure simply by running: - &prompt.root; make -f stage_3.mk target + &prompt.root; make -f stage_3.mk target As with stage_2.sh make sure you have From owner-svn-doc-all@FreeBSD.ORG Mon Apr 28 20:29:02 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B5EFFB51; Mon, 28 Apr 2014 20:29:02 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 88DC11D5C; Mon, 28 Apr 2014 20:29:02 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3SKT2uW024904; Mon, 28 Apr 2014 20:29:02 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3SKT2LS024903; Mon, 28 Apr 2014 20:29:02 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404282029.s3SKT2LS024903@svn.freebsd.org> From: Warren Block Date: Mon, 28 Apr 2014 20:29:02 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44685 - head/en_US.ISO8859-1/articles/console-server X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Apr 2014 20:29:02 -0000 Author: wblock Date: Mon Apr 28 20:29:02 2014 New Revision: 44685 URL: http://svnweb.freebsd.org/changeset/doc/44685 Log: Restore lost tags. Modified: head/en_US.ISO8859-1/articles/console-server/article.xml Modified: head/en_US.ISO8859-1/articles/console-server/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/console-server/article.xml Mon Apr 28 20:25:05 2014 (r44684) +++ head/en_US.ISO8859-1/articles/console-server/article.xml Mon Apr 28 20:29:02 2014 (r44685) @@ -377,7 +377,7 @@ Change into the port directory and (as root) type: - &prompt.root; make DEFAULTHOST=consolehost install + &prompt.root; make DEFAULTHOST=consolehost install where consolehost is the name of the machine running the console server. Specifying this when the binary @@ -457,24 +457,24 @@ trusted: 127.0.0.1 buzz/var/log/consoles directory. The & in each line says the log file for that machine will be - /var/log/consoles/machine. + /var/log/consoles/machine. The next three lines show three machines to which we need to connect. We use the - cuaEx devices + cuaEx devices rather than the - ttyEx + ttyEx devices because console ports typically do not show carrier. This means that opening - ttyEx would hang + ttyEx would hang and conserver would never connect. Using the - cuaEx + cuaEx device avoids this problem. Another solution would be to use the - ttyEx + ttyEx devices and enable soft carrier on these ports, perhaps by setting this using the - ttyiEx + ttyiEx device in the /etc/rc.serial file. See the comments in this file for more details. Also see &man.sio.4; for information on the initial-state and locked-state devices. (The From owner-svn-doc-all@FreeBSD.ORG Mon Apr 28 20:30:15 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8C0EABE4; Mon, 28 Apr 2014 20:30:15 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 765BC1D76; Mon, 28 Apr 2014 20:30:15 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3SKUFro025227; Mon, 28 Apr 2014 20:30:15 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3SKUFW8025226; Mon, 28 Apr 2014 20:30:15 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404282030.s3SKUFW8025226@svn.freebsd.org> From: Dru Lavigne Date: Mon, 28 Apr 2014 20:30:15 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44686 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Apr 2014 20:30:15 -0000 Author: dru Date: Mon Apr 28 20:30:14 2014 New Revision: 44686 URL: http://svnweb.freebsd.org/changeset/doc/44686 Log: Editorial review of gbde section. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Mon Apr 28 20:29:02 2014 (r44685) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Mon Apr 28 20:30:14 2014 (r44686) @@ -2524,7 +2524,7 @@ Quotas for user test: geli cryptographic subsystems in &os; are able to protect the data on the computer's file systems against even highly-motivated attackers with significant resources. - Unlike cumbersome encryption methods that encrypt only + Unlike encryption methods that encrypt individual files, gbde and geli transparently encrypt entire file systems. No cleartext ever touches the hard drive's @@ -2534,25 +2534,26 @@ Quotas for user test: Disk Encryption with <application>gbde</application> - gbde encrypts the sector - payload using 128-bit AES in CBC mode. Each sector on the - disk is encrypted with a different AES key. For more + The objective of the &man.gbde.4; facility is to provide a + formidable challenge for an attacker to gain access to the + contents of a cold storage device. + However, if the computer is compromised while up and running + and the storage device is actively attached, or the attacker + has access to a valid passphrase, it offers no protection to + the contents of the storage device. Thus, it is important to + provide physical security while the system is running and to + protect the passphrase used by the encryption + mechanism. + + This facility provides several barriers to protect the data + stored in each disk sector. It encrypts the contents of a + disk sector using 128-bit AES in + CBC mode. Each sector on the + disk is encrypted with a different AES key. For more information on the cryptographic design, including how the sector keys are derived from the user-supplied passphrase, refer to &man.gbde.4;. - - &man.sysinstall.8; is incompatible with - gbde-encrypted devices. All - *.bde - devices must be detached from the kernel before starting - &man.sysinstall.8; or it will crash during its initial - probing for devices. To detach the encrypted device used in - the example, use the following command: - - &prompt.root; gbde detach /dev/ad4s1c - - &os; provides a kernel module for gbde which can be loaded with this command: @@ -2565,15 +2566,13 @@ Quotas for user test: options GEOM_BDE The following example demonstrates adding a new hard - drive to a system that will hold a single encrypted partition. - This partition will be mounted as - /private. - gbde can also be used to encrypt - /home and /var/mail, - but this requires more complex instructions which exceed the - scope of this introduction. + drive to a system that will hold a single encrypted partition + that will be mounted as + /private. + Encrypting a Partition with <application>gbde</application> + Add the New Hard Drive @@ -2612,15 +2611,12 @@ Quotas for user test: A gbde partition must be initialized before it can be used. This initialization - needs to be performed only once: - - &prompt.root; gbde init /dev/ad4s1c -i -L /etc/gbde/ad4s1c.lock - - &man.gbde.8; will open the default editor, in order to + needs to be performed only once. This command will open the default editor, in order to set various configuration options in a template. For use - with UFS1 or UFS2, set the sector_size to 2048: + with the UFS file system, set the + sector_size to 2048: - # $FreeBSD: src/sbin/gbde/template.txt,v 1.1.36.1 2009/08/03 08:13:06 kensmith Exp $ + &prompt.root; gbde init /dev/ad4s1c -i -L /etc/gbde/ad4s1c.lock# $FreeBSD: src/sbin/gbde/template.txt,v 1.1.36.1 2009/08/03 08:13:06 kensmith Exp $ # # Sector size is the smallest unit of data which can be read or written. # Making it too small decreases performance and decreases available space. @@ -2628,38 +2624,32 @@ Quotas for user test: # minimum and always safe. For UFS, use the fragment size # sector_size = 2048 -[...] +[...] - &man.gbde.8; will ask the user twice to type the + Once the edit is saved, the user will be asked twice to type the passphrase used to secure the data. The passphrase must be the same both times. The ability of gbde to protect data depends entirely on the quality of the passphrase. For tips on how to select a secure passphrase that is easy to - remember, see the Diceware - Passphrase website. + remember, see http://world.std.com/~reinhold/diceware.htm. - gbde initcreates a lock file for + This initialization creates a lock file for the gbde partition. In this example, it is stored as /etc/gbde/ad4s1c.lock. - gbde lock files must end in + Lock files must end in .lock in order to be correctly detected by the /etc/rc.d/gbde start up script. - gbde lock files + Lock files must be backed up together with - the contents of any encrypted partitions. While - deleting a lock file alone cannot prevent a determined - attacker from decrypting a - gbde partition, without the + the contents of any encrypted partitions. Without the lock file, the legitimate owner will be unable to - access the data on the encrypted partition without a - significant amount of work that is totally unsupported - by &man.gbde.8;. + access the data on the encrypted partition. @@ -2686,40 +2676,32 @@ sector_size = 2048 Device Once the encrypted device has been attached to the - kernel, a file system can be created on the device using - &man.newfs.8;. This example creates a UFS2 file - system with soft updates enabled. + kernel, a file system can be created on the device. + This example creates a UFS file + system with soft updates enabled. Be sure to specify the + partition which has a + *.bde + extension: &prompt.root; newfs -U /dev/ad4s1c.bde - - - &man.newfs.8; must be performed on an attached - gbde partition which is - identified by a - *.bde - extension to the device name. - Mount the Encrypted Partition - Create a mount point for the encrypted file + Create a mount point and mount the encrypted file system: - &prompt.root; mkdir /private - - Mount the encrypted file system: - - &prompt.root; mount /dev/ad4s1c.bde /private + &prompt.root; mkdir /private +&prompt.root; mount /dev/ad4s1c.bde /private Verify That the Encrypted File System is Available - The encrypted file system should now be visible to - &man.df.1; and be available for use. + The encrypted file system should now be visible + and available for use: &prompt.user; df -H Filesystem Size Used Avail Capacity Mounted on @@ -2732,70 +2714,37 @@ Filesystem Size Used Avail Cap - - Mounting Existing Encrypted File Systems - After each boot, any encrypted file systems must be - re-attached to the kernel, checked for errors, and mounted, - before the file systems can be used. The required commands - must be executed as - root. - - - - Attach the <command>gbde</command> Partition to the - Kernel - - &prompt.root; gbde attach /dev/ad4s1c -l /etc/gbde/ad4s1c.lock - - This command will prompt for the passphrase that was - selected during initialization of the encrypted - gbde partition. - - - - Check the File System for Errors - - Since encrypted file systems cannot yet be listed in - /etc/fstab for automatic mounting, - the file systems must be checked for errors by running - &man.fsck.8; manually before mounting: - - &prompt.root; fsck -p -t ffs /dev/ad4s1c.bde - - - - Mount the Encrypted File System - - &prompt.root; mount /dev/ad4s1c.bde /private - - The encrypted file system is now available for - use. - - - - It is possible to create a script to automatically - attach, check, and mount an encrypted partition, but for - security reasons the script should not contain the - &man.gbde.8; password. Instead, it is recommended that - such scripts be run manually while providing the password - via the console or &man.ssh.1;. - - As an alternative, an rc.d script - is provided. Arguments for this script can be passed via - &man.rc.conf.5;: + manually re-attached to the kernel, checked for errors, and mounted, + before the file systems can be used. To configure these + steps, add the following lines to /etc/rc.conf: gbde_autoattach_all="YES" -gbde_devices="ad4s1c" +gbde_devices="ad4s1c" gbde_lockdir="/etc/gbde" This requires that the - gbde passphrase be entered at + passphrase be entered at the console boot time. After typing the correct passphrase, the - gbde encrypted partition will be - mounted automatically. This can be useful when using - gbde on laptops. - + encrypted partition will be + mounted automatically. Additional + gbde boot options are available + and listed in &man.rc.conf.5;. + + + + sysinstall is incompatible with + gbde-encrypted devices. All + *.bde + devices must be detached from the kernel before starting + sysinstall or it will crash during its initial + probing for devices. To detach the encrypted device used in + the example, use the following command: + + &prompt.root; gbde detach /dev/ad4s1c + From owner-svn-doc-all@FreeBSD.ORG Mon Apr 28 20:30:29 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 52E25C4A; Mon, 28 Apr 2014 20:30:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4034B1D79; Mon, 28 Apr 2014 20:30:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3SKUTQa025283; Mon, 28 Apr 2014 20:30:29 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3SKUTRi025282; Mon, 28 Apr 2014 20:30:29 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404282030.s3SKUTRi025282@svn.freebsd.org> From: Warren Block Date: Mon, 28 Apr 2014 20:30:29 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44687 - head/en_US.ISO8859-1/articles/cups X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Apr 2014 20:30:29 -0000 Author: wblock Date: Mon Apr 28 20:30:28 2014 New Revision: 44687 URL: http://svnweb.freebsd.org/changeset/doc/44687 Log: Restore lost tags. Modified: head/en_US.ISO8859-1/articles/cups/article.xml Modified: head/en_US.ISO8859-1/articles/cups/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/cups/article.xml Mon Apr 28 20:30:14 2014 (r44686) +++ head/en_US.ISO8859-1/articles/cups/article.xml Mon Apr 28 20:30:28 2014 (r44687) @@ -100,7 +100,7 @@ add path 'usb/X/dev/usb directory that corresponds to the printer. To find the correct device, examine the output of &man.dmesg.8;, where - ugenX.Y + ugenX.Y lists the printer device, which is a symbolic link to a USB device in /dev/usb. From owner-svn-doc-all@FreeBSD.ORG Mon Apr 28 20:42:28 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A7825446; Mon, 28 Apr 2014 20:42:28 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8798C1065; Mon, 28 Apr 2014 20:42:28 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3SKgSql032707; Mon, 28 Apr 2014 20:42:28 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3SKgSth032706; Mon, 28 Apr 2014 20:42:28 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404282042.s3SKgSth032706@svn.freebsd.org> From: Dru Lavigne Date: Mon, 28 Apr 2014 20:42:28 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44688 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Apr 2014 20:42:28 -0000 Author: dru Date: Mon Apr 28 20:42:28 2014 New Revision: 44688 URL: http://svnweb.freebsd.org/changeset/doc/44688 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Mon Apr 28 20:30:28 2014 (r44687) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Mon Apr 28 20:42:28 2014 (r44688) @@ -2509,8 +2509,8 @@ Quotas for user test: &os; offers excellent online protections against - unauthorized data access. File permissions and - Mandatory Access Control (MAC) help + unauthorized data access. File permissions and Mandatory Access Control (MAC) help prevent unauthorized users from accessing data while the operating system is active and the computer is powered up. However, the permissions enforced by the operating system are @@ -2524,11 +2524,10 @@ Quotas for user test: geli cryptographic subsystems in &os; are able to protect the data on the computer's file systems against even highly-motivated attackers with significant resources. - Unlike encryption methods that encrypt - individual files, gbde and - geli transparently encrypt entire file - systems. No cleartext ever touches the hard drive's - platter. + Unlike encryption methods that encrypt individual files, + gbde and geli + transparently encrypt entire file systems. No cleartext ever + touches the hard drive's platter. Disk Encryption with @@ -2545,13 +2544,13 @@ Quotas for user test: protect the passphrase used by the encryption mechanism.</para> - <para>This facility provides several barriers to protect the data - stored in each disk sector. It encrypts the contents of a - disk sector using 128-bit <acronym>AES</acronym> in - <acronym>CBC</acronym> mode. Each sector on the - disk is encrypted with a different <acronym>AES</acronym> key. For more - information on the cryptographic design, including how the - sector keys are derived from the user-supplied passphrase, + <para>This facility provides several barriers to protect the + data stored in each disk sector. It encrypts the contents of + a disk sector using 128-bit <acronym>AES</acronym> in + <acronym>CBC</acronym> mode. Each sector on the disk is + encrypted with a different <acronym>AES</acronym> key. For + more information on the cryptographic design, including how + the sector keys are derived from the user-supplied passphrase, refer to &man.gbde.4;.</para> <para>&os; provides a kernel module for @@ -2565,13 +2564,13 @@ Quotas for user test: <para><literal>options GEOM_BDE</literal></para> - <para>The following example demonstrates adding a new hard - drive to a system that will hold a single encrypted partition - that will be mounted as - <filename>/private</filename>.</para> + <para>The following example demonstrates adding a new hard drive + to a system that will hold a single encrypted partition that + will be mounted as <filename>/private</filename>.</para> <procedure> - <title>Encrypting a Partition with <application>gbde</application> + Encrypting a Partition with + <application>gbde</application> Add the New Hard Drive @@ -2611,10 +2610,11 @@ Quotas for user test: A gbde partition must be initialized before it can be used. This initialization - needs to be performed only once. This command will open the default editor, in order to - set various configuration options in a template. For use - with the UFS file system, set the - sector_size to 2048: + needs to be performed only once. This command will open + the default editor, in order to set various configuration + options in a template. For use with the + UFS file system, set the sector_size to + 2048: &prompt.root; gbde init /dev/ad4s1c -i -L /etc/gbde/ad4s1c.lock# $FreeBSD: src/sbin/gbde/template.txt,v 1.1.36.1 2009/08/03 08:13:06 kensmith Exp $ # @@ -2626,30 +2626,29 @@ Quotas for user test: sector_size = 2048 [...] - Once the edit is saved, the user will be asked twice to type the - passphrase used to secure the data. The passphrase must - be the same both times. The ability of + Once the edit is saved, the user will be asked twice + to type the passphrase used to secure the data. The + passphrase must be the same both times. The ability of gbde to protect data depends entirely on the quality of the passphrase. For tips on how to select a secure passphrase that is easy to remember, see http://world.std.com/~reinhold/diceware.htm. - This initialization creates a lock file for - the gbde partition. In this + This initialization creates a lock file for the + gbde partition. In this example, it is stored as - /etc/gbde/ad4s1c.lock. - Lock files must end in - .lock in order to be correctly detected by - the /etc/rc.d/gbde start up - script. + /etc/gbde/ad4s1c.lock. Lock files + must end in .lock in order to be correctly + detected by the /etc/rc.d/gbde start + up script. - Lock files - must be backed up together with - the contents of any encrypted partitions. Without the - lock file, the legitimate owner will be unable to - access the data on the encrypted partition. + Lock files must be backed up + together with the contents of any encrypted partitions. + Without the lock file, the legitimate owner will be + unable to access the data on the encrypted + partition. @@ -2659,10 +2658,10 @@ sector_size = 2048 &prompt.root; gbde attach /dev/ad4s1c -l /etc/gbde/ad4s1c.lock - This command will prompt to input the passphrase - that was selected during the initialization of the - encrypted partition. The new encrypted device will - appear in /dev as + This command will prompt to input the passphrase that + was selected during the initialization of the encrypted + partition. The new encrypted device will appear in + /dev as /dev/device_name.bde: &prompt.root; ls /dev/ad* @@ -2676,10 +2675,10 @@ sector_size = 2048 Device Once the encrypted device has been attached to the - kernel, a file system can be created on the device. - This example creates a UFS file - system with soft updates enabled. Be sure to specify the - partition which has a + kernel, a file system can be created on the device. This + example creates a UFS file system with + soft updates enabled. Be sure to specify the partition + which has a *.bde extension: @@ -2700,8 +2699,8 @@ sector_size = 2048 Verify That the Encrypted File System is Available - The encrypted file system should now be visible - and available for use: + The encrypted file system should now be visible and + available for use: &prompt.user; df -H Filesystem Size Used Avail Capacity Mounted on @@ -2714,34 +2713,33 @@ Filesystem Size Used Avail Cap - After each boot, any encrypted file systems must be - manually re-attached to the kernel, checked for errors, and mounted, - before the file systems can be used. To configure these - steps, add the following lines to /etc/rc.conf: + After each boot, any encrypted file systems must be + manually re-attached to the kernel, checked for errors, and + mounted, before the file systems can be used. To configure + these steps, add the following lines to + /etc/rc.conf: - gbde_autoattach_all="YES" + gbde_autoattach_all="YES" gbde_devices="ad4s1c" gbde_lockdir="/etc/gbde" - This requires that the - passphrase be entered at the console - boot time. After typing the correct passphrase, the - encrypted partition will be - mounted automatically. Additional - gbde boot options are available - and listed in &man.rc.conf.5;. + This requires that the passphrase be entered at the + console boot time. After typing the correct passphrase, the + encrypted partition will be mounted automatically. Additional + gbde boot options are available and + listed in &man.rc.conf.5;. - - sysinstall is incompatible with - gbde-encrypted devices. All - *.bde - devices must be detached from the kernel before starting - sysinstall or it will crash during its initial - probing for devices. To detach the encrypted device used in - the example, use the following command: + + sysinstall is incompatible + with gbde-encrypted devices. All + *.bde devices must be detached from the + kernel before starting sysinstall + or it will crash during its initial probing for devices. To + detach the encrypted device used in the example, use the + following command: &prompt.root; gbde detach /dev/ad4s1c From owner-svn-doc-all@FreeBSD.ORG Mon Apr 28 20:44:26 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8896B4C2; Mon, 28 Apr 2014 20:44:26 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 75A22107E; Mon, 28 Apr 2014 20:44:26 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3SKiQdW033003; Mon, 28 Apr 2014 20:44:26 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3SKiQVq033002; Mon, 28 Apr 2014 20:44:26 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404282044.s3SKiQVq033002@svn.freebsd.org> From: Dru Lavigne Date: Mon, 28 Apr 2014 20:44:26 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44689 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Apr 2014 20:44:26 -0000 Author: dru Date: Mon Apr 28 20:44:25 2014 New Revision: 44689 URL: http://svnweb.freebsd.org/changeset/doc/44689 Log: Fix grammo. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Mon Apr 28 20:42:28 2014 (r44688) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Mon Apr 28 20:44:25 2014 (r44689) @@ -2724,7 +2724,7 @@ gbde_devices="ad4s1c This requires that the passphrase be entered at the - console boot time. After typing the correct passphrase, the + console at boot time. After typing the correct passphrase, the encrypted partition will be mounted automatically. Additional gbde boot options are available and listed in &man.rc.conf.5;. From owner-svn-doc-all@FreeBSD.ORG Tue Apr 29 02:41:29 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 54E01F17; Tue, 29 Apr 2014 02:41:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 35A611D2; Tue, 29 Apr 2014 02:41:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3T2fTMw079406; Tue, 29 Apr 2014 02:41:29 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3T2fT5m079405; Tue, 29 Apr 2014 02:41:29 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404290241.s3T2fT5m079405@svn.freebsd.org> From: Warren Block Date: Tue, 29 Apr 2014 02:41:29 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44690 - head/en_US.ISO8859-1/articles/new-users X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Apr 2014 02:41:29 -0000 Author: wblock Date: Tue Apr 29 02:41:28 2014 New Revision: 44690 URL: http://svnweb.freebsd.org/changeset/doc/44690 Log: Restore lost tags. Modified: head/en_US.ISO8859-1/articles/new-users/article.xml Modified: head/en_US.ISO8859-1/articles/new-users/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/new-users/article.xml Mon Apr 28 20:44:25 2014 (r44689) +++ head/en_US.ISO8859-1/articles/new-users/article.xml Tue Apr 29 02:41:28 2014 (r44690) @@ -229,7 +229,7 @@ view - filename + filename Lets you look at a file (named @@ -242,7 +242,7 @@ cat - filename + filename Displays filename on @@ -280,7 +280,7 @@ apropos - text + text Everything containing string @@ -291,7 +291,7 @@ man - text + text The manual page for text. The @@ -310,7 +310,7 @@ which - text + text Tells you where in the user's path the command @@ -320,7 +320,7 @@ locate - text + text All the paths where the string @@ -330,7 +330,7 @@ whatis - text + text Tells you what the command @@ -342,7 +342,7 @@ whereis - text + text Finds the file text, giving @@ -360,7 +360,7 @@ script. more lets you read a page at a time as it does in DOS, e.g., ls -l | more or more - filename. The + filename. The * works as a wildcard—e.g., ls w* will show you files beginning with w. @@ -457,7 +457,7 @@ To edit a file, type - &prompt.root; vi filename + &prompt.root; vi filename Move through the text with the arrow keys. @@ -530,11 +530,11 @@ - /text + /text to move the cursor to text; - /Enter (the enter key) + /Enter (the enter key) to find the next instance of text. @@ -549,7 +549,7 @@ - nG + nG to go to line n in the @@ -579,7 +579,7 @@ Practice with vi in your home directory by creating a new file with vi - filename and adding and + filename and adding and deleting text, saving the file, and calling it up again. vi delivers some surprises because it is really quite complex, and sometimes you will inadvertently issue a @@ -712,7 +712,7 @@ - rm filename + rm filename remove filename. @@ -720,7 +720,7 @@ - rm -R dir + rm -R dir removes a directory dir and all @@ -763,7 +763,7 @@ with - &prompt.user; find /usr -name "filename" + &prompt.user; find /usr -name "filename" You can use * as a wildcard in @@ -790,7 +790,7 @@ wide variety of packages and ports are on the CDROM as well as the web site. The handbook tells you more about how to use them (get the package if it exists, with pkg_add - /cdrom/packages/All/packagename, + /cdrom/packages/All/packagename, where packagename is the filename of the package). The CDROM has lists of the packages and ports with brief descriptions in From owner-svn-doc-all@FreeBSD.ORG Tue Apr 29 02:43:40 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9202CF88; Tue, 29 Apr 2014 02:43:40 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7EADA249; Tue, 29 Apr 2014 02:43:40 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3T2heDv081353; Tue, 29 Apr 2014 02:43:40 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3T2heQ9081352; Tue, 29 Apr 2014 02:43:40 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404290243.s3T2heQ9081352@svn.freebsd.org> From: Warren Block Date: Tue, 29 Apr 2014 02:43:40 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44691 - head/en_US.ISO8859-1/articles/mh X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Apr 2014 02:43:40 -0000 Author: wblock Date: Tue Apr 29 02:43:40 2014 New Revision: 44691 URL: http://svnweb.freebsd.org/changeset/doc/44691 Log: Restore lost tags. Modified: head/en_US.ISO8859-1/articles/mh/article.xml Modified: head/en_US.ISO8859-1/articles/mh/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/mh/article.xml Tue Apr 29 02:41:28 2014 (r44690) +++ head/en_US.ISO8859-1/articles/mh/article.xml Tue Apr 29 02:43:40 2014 (r44691) @@ -149,7 +149,7 @@ command line arguments. - &prompt.user; inc -host mail.pop.org -user username -norpop + &prompt.user; inc -host mail.pop.org -user username -norpop That tells inc to go to @@ -228,7 +228,7 @@ have it read from a file. If you want to scan your incoming mailbox on FreeBSD without having to inc it you can do scan -file - /var/mail/username. This can be used + /var/mail/username. This can be used with any file that is in the mbox format. @@ -562,7 +562,7 @@ which I am probably the guilty party).folder program is used to switch between folders, pack them, and list them. At its simplest level you can do a folder - +newfolder and you will + +newfolder and you will be switched into newfolder. From there on out all your MH commands like comp, repl, From owner-svn-doc-all@FreeBSD.ORG Tue Apr 29 02:46:48 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E05791B2; Tue, 29 Apr 2014 02:46:48 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CDA2226D; Tue, 29 Apr 2014 02:46:48 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3T2kmYe081791; Tue, 29 Apr 2014 02:46:48 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3T2kmjK081790; Tue, 29 Apr 2014 02:46:48 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404290246.s3T2kmjK081790@svn.freebsd.org> From: Warren Block Date: Tue, 29 Apr 2014 02:46:48 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44692 - head/en_US.ISO8859-1/articles/serial-uart X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Apr 2014 02:46:48 -0000 Author: wblock Date: Tue Apr 29 02:46:48 2014 New Revision: 44692 URL: http://svnweb.freebsd.org/changeset/doc/44692 Log: Restore lost tags. Modified: head/en_US.ISO8859-1/articles/serial-uart/article.xml Modified: head/en_US.ISO8859-1/articles/serial-uart/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/serial-uart/article.xml Tue Apr 29 02:43:40 2014 (r44691) +++ head/en_US.ISO8859-1/articles/serial-uart/article.xml Tue Apr 29 02:46:48 2014 (r44692) @@ -2050,7 +2050,7 @@ device sio11 at isa? port 0x1 Where the current device - sion lines are, you + sion lines are, you will need to add 16 more devices. The following example is for a Boca Board with an interrupt of 3, and a base IO address 100h. The IO address for @@ -2413,7 +2413,7 @@ ttyc7 "/usr/libexec/getty std.38400" you have and type: &prompt.root; cd /dev -&prompt.root; ./MAKEDEV ttyAnn cuaAnn +&prompt.root; ./MAKEDEV ttyAnn cuaAnn (where nn is the number of ports) From owner-svn-doc-all@FreeBSD.ORG Tue Apr 29 02:50:32 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 240B73C6; Tue, 29 Apr 2014 02:50:32 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 04D17282; Tue, 29 Apr 2014 02:50:32 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3T2oVEg083087; Tue, 29 Apr 2014 02:50:31 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3T2oVBH083086; Tue, 29 Apr 2014 02:50:31 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404290250.s3T2oVBH083086@svn.freebsd.org> From: Warren Block Date: Tue, 29 Apr 2014 02:50:31 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44693 - head/en_US.ISO8859-1/articles/solid-state X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Apr 2014 02:50:32 -0000 Author: wblock Date: Tue Apr 29 02:50:31 2014 New Revision: 44693 URL: http://svnweb.freebsd.org/changeset/doc/44693 Log: Restore lost tags. Modified: head/en_US.ISO8859-1/articles/solid-state/article.xml Modified: head/en_US.ISO8859-1/articles/solid-state/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/solid-state/article.xml Tue Apr 29 02:46:48 2014 (r44692) +++ head/en_US.ISO8859-1/articles/solid-state/article.xml Tue Apr 29 02:50:31 2014 (r44693) @@ -203,11 +203,11 @@ pseudo-device md # memory mounted read-only with /etc/fstab can be made read-write at any time by issuing the command: - &prompt.root; /sbin/mount -uw partition + &prompt.root; /sbin/mount -uw partition and can be toggled back to read-only with the command: - &prompt.root; /sbin/mount -ur partition + &prompt.root; /sbin/mount -ur partition @@ -452,14 +452,14 @@ pseudo-device md # memory It is now assumed that Apache keeps its log files in a - directory apache_log_dir + directory apache_log_dir outside of /var. When this directory lives on a read-only filesystem, Apache will not be able to save any log files, and may have problems working. If so, it is necessary to add a new directory to the list of directories in /etc/rc.d/var to create in /var, and to link - apache_log_dir + apache_log_dir to /var/log/apache. It is also necessary to set permissions and ownership on this new directory. @@ -474,11 +474,11 @@ pseudo-device md # memory &prompt.root; chmod 0774 /var/log/apache &prompt.root; chown nobody:nobody /var/log/apache - Finally, remove the existing apache_log_dir + Finally, remove the existing apache_log_dir directory, and replace it with a link: - &prompt.root; rm -rf apache_log_dir -&prompt.root; ln -s /var/log/apache apache_log_dir + &prompt.root; rm -rf apache_log_dir +&prompt.root; ln -s /var/log/apache apache_log_dir From owner-svn-doc-all@FreeBSD.ORG Tue Apr 29 15:23:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CF3FB852; Tue, 29 Apr 2014 15:23:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AF08D1329; Tue, 29 Apr 2014 15:23:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3TFNurH097335; Tue, 29 Apr 2014 15:23:56 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3TFNugF097334; Tue, 29 Apr 2014 15:23:56 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404291523.s3TFNugF097334@svn.freebsd.org> From: Dru Lavigne Date: Tue, 29 Apr 2014 15:23:56 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44694 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Apr 2014 15:23:56 -0000 Author: dru Date: Tue Apr 29 15:23:56 2014 New Revision: 44694 URL: http://svnweb.freebsd.org/changeset/doc/44694 Log: Editorial review of geli section. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Tue Apr 29 02:50:31 2014 (r44693) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Tue Apr 29 15:23:56 2014 (r44694) @@ -2519,16 +2519,20 @@ Quotas for user test: analyze the data. Regardless of how an attacker may have come into possession - of a hard drive or powered-down computer, both the GEOM Based - Disk Encryption (gbde) and - geli cryptographic subsystems in &os; are + of a hard drive or powered-down computer, the GEOM-based + cryptographic subsystems built into &os; are able to protect the data on the computer's file systems against even highly-motivated attackers with significant resources. - Unlike encryption methods that encrypt individual files, - gbde and geli + Unlike encryption methods that encrypt individual files, the built-in + gbde and geli utilities can be used to transparently encrypt entire file systems. No cleartext ever touches the hard drive's platter. + This chapter demonstrates how to create an encrypted file + system on &os;. It first demonstrates the process using + gbde and then demonstrates the same example + using geli. + Disk Encryption with <application>gbde</application> @@ -2760,23 +2764,21 @@ What about bsdinstall? - An alternative cryptographic GEOM class is available - through &man.geli.8;. geli differs from - gbde; offers different features, and uses - a different scheme for doing cryptographic work. - - &man.geli.8; provides the following features: + An alternative cryptographic GEOM class is available + using geli. This control utility adds + some features and uses + a different scheme for doing cryptographic work. It provides + the following features: - Utilizes the &man.crypto.9; framework and, when - cryptographic hardware is available, - geli uses it automatically. + Utilizes the &man.crypto.9; framework and automatically uses + cryptographic hardware when it is available. Supports multiple cryptographic algorithms such as - AES, Blowfish, and 3DES. + AES, Blowfish, and 3DES. @@ -2786,13 +2788,11 @@ What about bsdinstall? - Allows the use of two independent keys such as a - key and a - company key. + Allows the use of two independent keys. - geli is fast as it performs simple + It is fast as it performs simple sector-to-sector encryption. @@ -2809,61 +2809,57 @@ What about bsdinstall? - More geli features can be found in + More features and usage examples can be found in &man.geli.8;. - This section describes how to enable support for - geli in the &os; kernel and explains how - to create and use a geli encryption - provider. - - Superuser privileges are required since modifications - to the kernel are necessary. + The following example describes how to generate a + key file which will be used as part of the master key for + the encrypted provider mounted under + /private. The key + file will provide some random data used to encrypt the + master key. The master key will also be protected by a + passphrase. The provider's sector size will be 4kB. + The example describes how to attach to the + geli provider, create a file system on + it, mount it, work with it, and finally, how to detach + it. + Encrypting a Partition with + <command>geli</command> + - Adding <command>geli</command> Support to the - Kernel + Load <command>geli</command> Support + + Support for geli is built into the + GENERIC kernel. To configure the + system to automatically load the module + at boot time, add the following line to + /boot/loader.conf: + + geom_eli_load="YES" + + To load the kernel module now: + + &prompt.root; kldload geom_eli For a custom kernel, ensure the kernel configuration file contains these lines: options GEOM_ELI device crypto - - Alternatively, the geli module can - be loaded at boot time by adding the following line to - /boot/loader.conf: - - geom_eli_load="YES" - - &man.geli.8; should now be supported by the - kernel. - Generating the Master Key + Generate the Master Key - The following example describes how to generate a - key file which will be used as part of the master key for - the encrypted provider mounted under - /private. The key - file will provide some random data used to encrypt the - master key. The master key will also be protected by a - passphrase. The provider's sector size will be 4kB. - The example will describe how to attach to the - geli provider, create a file system on - it, mount it, work with it, and finally, how to detach - it. - - It is recommended to use a bigger sector size, such as - 4kB, for better performance. - - The master key will be protected with a passphrase and - the data source for the key file will be - /dev/random. The sector size of - the provider /dev/da2.eli will be - 4kB. + The following commands generate a master key + (/root/da2.key) that is protected with a passphrase. + The data source for the key file is + /dev/random and the sector size of + the provider (/dev/da2.eli) is + 4kB as a bigger sector size provides + better performance: &prompt.root; dd if=/dev/random of=/root/da2.key bs=64 count=1 &prompt.root; geli init -s 4096 -K /root/da2.key /dev/da2 @@ -2875,34 +2871,41 @@ Reenter new passphrase: used in isolation. If the key file is given as -, standard - input will be used. This example shows how more than one - key file can be used: + input will be used. For example, this command generates three + key files: &prompt.root; cat keyfile1 keyfile2 keyfile3 | geli init -K - /dev/da2 - Attaching the Provider with the Generated Key + Attach the Provider with the Generated Key + + To attach the provider, specify the key file, the name + of the disk, and the passphrase: &prompt.root; geli attach -k /root/da2.key /dev/da2 Enter passphrase: - The new plaintext device will be named - /dev/da2.eli. + This creates a new device with an + .eli extension: &prompt.root; ls /dev/da2* /dev/da2 /dev/da2.eli - Creating the New File System + Create the New File System + + Next, format the device with the + UFS file system and mount it on an + existing mount point: &prompt.root; dd if=/dev/random of=/dev/da2.eli bs=1m &prompt.root; newfs /dev/da2.eli -&prompt.root; mount /dev/da2.eli /private +&prompt.root; mount /dev/da2.eli /private - The encrypted file system should now be visible to - &man.df.1; and be available for use: + The encrypted file system should now be available for + use: &prompt.root; df -H Filesystem Size Used Avail Capacity Mounted on @@ -2913,72 +2916,43 @@ Filesystem Size Used Avail Capaci /dev/ad0s1e 3.9G 1.3G 2.3G 35% /var /dev/da2.eli 150G 4.1K 138G 0% /private - - - Unmounting and Detaching the Provider + Once the work on the encrypted partition is done, and the /private - partition is no longer needed, it is prudent to consider + partition is no longer needed, it is prudent to put the + device into cold storage by unmounting and detaching the geli encrypted partition from the kernel: &prompt.root; umount /private &prompt.root; geli detach da2.eli - - - - More information about the use of &man.geli.8; can be - found in its manual page. - - - Using the <filename>geli</filename> - <filename>rc.d</filename> Script - geli comes with a - rc.d script which can be used to - simplify the usage of geli. An example - of configuring geli through - &man.rc.conf.5; follows: + An + rc.d script is provided to + simplify the mounting of geli-encrypted + devices at boot time. For this example, add these lines to + /etc/rc.conf: - geli_devices="da2" -geli_da2_flags="-p -k /root/da2.key" + geli_devices="da2" +geli_da2_flags="-p -k /root/da2.key" This configures /dev/da2 as a geli provider with a master key - file of /root/da2.key. - geli will not use a passphrase when - attaching to the provider if - was given during the - geli init phase. The system will detach - the geli provider from the kernel before - the system shuts down. - - - During the startup process, scripts prompt for the - passphrase before attaching the GELI + of /root/da2.key. + The system will automatically detach + the provider from the kernel before + the system shuts down. During the startup process, the script will prompt for the + passphrase before attaching the provider. Other kernel messages might be shown before and after the password prompt. If the boot process seems to stall, look carefully for the password prompt among the - other messages. - - When the correct password is given, the provider is - attached. A consumer, like a file system, is then mounted - on the provider, typically by an entry in - /etc/fstab (see - &man.fstab.5;). - - Later in the startup process, &os; configures - GELI providers to automatically detach. - GELI providers without any consumers - will detach at that time. - - - More information about configuring - rc.d is provided in the - rc.d section of the - Handbook. - + other messages. Once the correct passphrase is entered, the provider is + attached. The file system is then mounted, + typically by an entry in + /etc/fstab. Refer to for instructions on how to + configure a file system to mount at boot time. From owner-svn-doc-all@FreeBSD.ORG Tue Apr 29 16:01:18 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D280C300; Tue, 29 Apr 2014 16:01:18 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B302417D2; Tue, 29 Apr 2014 16:01:18 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3TG1IU4012684; Tue, 29 Apr 2014 16:01:18 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3TG1IpJ012681; Tue, 29 Apr 2014 16:01:18 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404291601.s3TG1IpJ012681@svn.freebsd.org> From: Dru Lavigne Date: Tue, 29 Apr 2014 16:01:18 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44695 - in head/en_US.ISO8859-1/books/handbook: basics disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Apr 2014 16:01:18 -0000 Author: dru Date: Tue Apr 29 16:01:17 2014 New Revision: 44695 URL: http://svnweb.freebsd.org/changeset/doc/44695 Log: Move contents of 18.1 to Table 4.3. The contents were duplicate and belong in the Basics section. Remove diskonchip flash entry as it is no longer included in a supported version. The page holding Table 4.3 still needs a tech review as it is outdated. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/basics/chapter.xml head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/basics/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Tue Apr 29 15:23:56 2014 (r44694) +++ head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Tue Apr 29 16:01:17 2014 (r44695) @@ -2532,7 +2532,7 @@ root 5211 0.0 0.2 3620 1724 2 starts with a code that indicates the type of disk, and then a number, indicating which disk it is. Unlike slices, disk numbering starts at 0. Common codes are listed in - . + . When referring to a partition, include the disk name, s, the slice number, and then the partition @@ -2547,8 +2547,8 @@ root 5211 0.0 0.2 3620 1724 2 system or swap space in each partition, and decide where each file system will be mounted. - - Disk Device Codes +
            + Disk Device Names @@ -2556,35 +2556,70 @@ root 5211 0.0 0.2 3620 1724 2 - Code - Meaning + Drive Type + Drive Device Name - ad - ATAPI (IDE) disk + IDE and SATA hard drives + ad or + ada - da - SCSI direct access disk + SCSI hard drives and + USB storage + devices + da - acd - ATAPI (IDE) CDROM + IDE and SATA CD-ROM + drives + acd or + cd - cd - SCSI CDROM + SCSI CD-ROM + drives + cd - fd - Floppy disk + Floppy drives + fd + + + + Assorted non-standard CD-ROM + drives + mcd for Mitsumi + CD-ROM and + scd for Sony + CD-ROM devices + + + + SCSI tape drives + sa + + + + IDE tape drives + ast + + + + RAID drives + Examples include aacd for &adaptec; AdvancedRAID, + mlxd and mlyd + for &mylex;, + amrd for AMI &megaraid;, + idad for Compaq Smart RAID, + twed for &tm.3ware; RAID. Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Tue Apr 29 15:23:56 2014 (r44694) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Tue Apr 29 16:01:17 2014 (r44695) @@ -24,11 +24,6 @@ - The terminology &os; uses to describe the organization - of data on a physical disk. - - - How to add additional hard disks to a &os; system. @@ -87,107 +82,6 @@ - - Device Names - - The following is a list of physical storage devices - supported in &os; and their associated device names. - -
            - Physical Disk Naming Conventions - - - - - Drive type - Drive device name - - - - - - IDE hard drives - ad or - ada - - - - IDE CD-ROM - drives - acd or - cd - - - - SATA hard drives - ad or - ada - - - - SATA CD-ROM - drives - acd or - cd - - - - SCSI hard drives and - USB Mass storage - devices - da - - - - SCSI CD-ROM - drives - cd - - - - Assorted non-standard CD-ROM - drives - mcd for Mitsumi - CD-ROM and - scd for Sony - CD-ROM devices - - - - Floppy drives - fd - - - - SCSI tape drives - sa - - - - IDE tape drives - ast - - - - Flash drives - fla for &diskonchip; Flash - device - - - - RAID drives - aacd for &adaptec; AdvancedRAID, - mlxd and mlyd - for &mylex;, - amrd for AMI &megaraid;, - idad for Compaq Smart RAID, - twed for &tm.3ware; RAID. - - - -
            - - Adding Disks From owner-svn-doc-all@FreeBSD.ORG Tue Apr 29 16:06:45 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8D5CC3E6; Tue, 29 Apr 2014 16:06:45 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 608B21826; Tue, 29 Apr 2014 16:06:45 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3TG6jGG013962; Tue, 29 Apr 2014 16:06:45 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3TG6jG3013961; Tue, 29 Apr 2014 16:06:45 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404291606.s3TG6jG3013961@svn.freebsd.org> From: Dru Lavigne Date: Tue, 29 Apr 2014 16:06:45 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44696 - head/en_US.ISO8859-1/books/handbook/basics X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Apr 2014 16:06:45 -0000 Author: dru Date: Tue Apr 29 16:06:44 2014 New Revision: 44696 URL: http://svnweb.freebsd.org/changeset/doc/44696 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/basics/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Tue Apr 29 16:01:17 2014 (r44695) +++ head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Tue Apr 29 16:06:44 2014 (r44696) @@ -2563,21 +2563,21 @@ root 5211 0.0 0.2 3620 1724 2 - IDE and SATA hard drives + IDE and SATA + hard drives ad or ada SCSI hard drives and - USB storage - devices + USB storage devices da - IDE and SATA CD-ROM - drives + IDE and SATA + CD-ROM drives acd or cd @@ -2597,9 +2597,8 @@ root 5211 0.0 0.2 3620 1724 2 Assorted non-standard CD-ROM drives mcd for Mitsumi - CD-ROM and - scd for Sony - CD-ROM devices + CD-ROM and scd for + Sony CD-ROM devices             @@ -2614,9 +2613,9 @@ root 5211 0.0 0.2 3620 1724 2 RAID drives - Examples include aacd for &adaptec; AdvancedRAID, - mlxd and mlyd - for &mylex;, + Examples include aacd for + &adaptec; AdvancedRAID, mlxd and + mlyd for &mylex;, amrd for AMI &megaraid;, idad for Compaq Smart RAID, twed for &tm.3ware; RAID. From owner-svn-doc-all@FreeBSD.ORG Tue Apr 29 16:58:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8EB593DF; Tue, 29 Apr 2014 16:58:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6F06F1D19; Tue, 29 Apr 2014 16:58:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3TGwgmY034844; Tue, 29 Apr 2014 16:58:42 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3TGwg6o034843; Tue, 29 Apr 2014 16:58:42 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404291658.s3TGwg6o034843@svn.freebsd.org> From: Dru Lavigne Date: Tue, 29 Apr 2014 16:58:42 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44697 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Apr 2014 16:58:42 -0000 Author: dru Date: Tue Apr 29 16:58:41 2014 New Revision: 44697 URL: http://svnweb.freebsd.org/changeset/doc/44697 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Tue Apr 29 16:06:44 2014 (r44696) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Tue Apr 29 16:58:41 2014 (r44697) @@ -2413,19 +2413,20 @@ Quotas for user test: analyze the data. Regardless of how an attacker may have come into possession - of a hard drive or powered-down computer, the GEOM-based - cryptographic subsystems built into &os; are - able to protect the data on the computer's file systems against - even highly-motivated attackers with significant resources. - Unlike encryption methods that encrypt individual files, the built-in - gbde and geli utilities can be used to - transparently encrypt entire file systems. No cleartext ever - touches the hard drive's platter. - - This chapter demonstrates how to create an encrypted file - system on &os;. It first demonstrates the process using - gbde and then demonstrates the same example - using geli. + of a hard drive or powered-down computer, the + GEOM-based cryptographic subsystems built + into &os; are able to protect the data on the computer's file + systems against even highly-motivated attackers with significant + resources. Unlike encryption methods that encrypt individual + files, the built-in gbde and + geli utilities can be used to transparently + encrypt entire file systems. No cleartext ever touches the hard + drive's platter. + + This chapter demonstrates how to create an encrypted file + system on &os;. It first demonstrates the process using + gbde and then demonstrates the same example + using geli. Disk Encryption with @@ -2622,10 +2623,10 @@ gbde_devices="<replaceable>ad4s1c</repla gbde_lockdir="/etc/gbde"</programlisting> <para>This requires that the passphrase be entered at the - console at boot time. After typing the correct passphrase, the - encrypted partition will be mounted automatically. Additional - <application>gbde</application> boot options are available and - listed in &man.rc.conf.5;.</para> + console at boot time. After typing the correct passphrase, + the encrypted partition will be mounted automatically. + Additional <application>gbde</application> boot options are + available and listed in &man.rc.conf.5;.</para> <!-- What about bsdinstall? @@ -2658,21 +2659,23 @@ What about bsdinstall? </authorgroup> </info> - <para>An alternative cryptographic <acronym>GEOM</acronym> class is available - using <command>geli</command>. This control utility adds - some features and uses - a different scheme for doing cryptographic work. It provides - the following features:</para> + <para>An alternative cryptographic <acronym>GEOM</acronym> class + is available using <command>geli</command>. This control + utility adds some features and uses a different scheme for + doing cryptographic work. It provides the following + features:</para> <itemizedlist> <listitem> - <para>Utilizes the &man.crypto.9; framework and automatically uses - cryptographic hardware when it is available.</para> + <para>Utilizes the &man.crypto.9; framework and + automatically uses cryptographic hardware when it is + available.</para> </listitem> <listitem> <para>Supports multiple cryptographic algorithms such as - <acronym>AES</acronym>, Blowfish, and <acronym>3DES</acronym>.</para> + <acronym>AES</acronym>, Blowfish, and + <acronym>3DES</acronym>.</para> </listitem> <listitem> @@ -2686,14 +2689,14 @@ What about bsdinstall? </listitem> <listitem> - <para>It is fast as it performs simple - sector-to-sector encryption.</para> + <para>It is fast as it performs simple sector-to-sector + encryption.</para> </listitem> <listitem> <para>Allows backup and restore of master keys. If a user - destroys their keys, it is still possible to get access - to the data by restoring keys from the backup.</para> + destroys their keys, it is still possible to get access to + the data by restoring keys from the backup.</para> </listitem> <listitem> @@ -2706,17 +2709,15 @@ What about bsdinstall? <para>More features and usage examples can be found in &man.geli.8;.</para> - <para>The following example describes how to generate a - key file which will be used as part of the master key for - the encrypted provider mounted under - <filename>/private</filename>. The key - file will provide some random data used to encrypt the - master key. The master key will also be protected by a - passphrase. The provider's sector size will be 4kB. - The example describes how to attach to the - <command>geli</command> provider, create a file system on - it, mount it, work with it, and finally, how to detach - it.</para> + <para>The following example describes how to generate a key file + which will be used as part of the master key for the encrypted + provider mounted under <filename>/private</filename>. The key + file will provide some random data used to encrypt the master + key. The master key will also be protected by a passphrase. + The provider's sector size will be 4kB. The example describes + how to attach to the <command>geli</command> provider, create + a file system on it, mount it, work with it, and finally, how + to detach it.</para> <procedure> <title>Encrypting a Partition with @@ -2748,12 +2749,11 @@ device crypto</programlisting> <title>Generate the Master Key The following commands generate a master key - (/root/da2.key) that is protected with a passphrase. - The data source for the key file is + (/root/da2.key) that is protected + with a passphrase. The data source for the key file is /dev/random and the sector size of - the provider (/dev/da2.eli) is - 4kB as a bigger sector size provides - better performance: + the provider (/dev/da2.eli) is 4kB as + a bigger sector size provides better performance: &prompt.root; dd if=/dev/random of=/root/da2.key bs=64 count=1 &prompt.root; geli init -s 4096 -K /root/da2.key /dev/da2 @@ -2765,8 +2765,8 @@ Reenter new passphrase: used in isolation. If the key file is given as -, standard - input will be used. For example, this command generates three - key files: + input will be used. For example, this command generates + three key files: &prompt.root; cat keyfile1 keyfile2 keyfile3 | geli init -K - /dev/da2 @@ -2812,41 +2812,37 @@ Filesystem Size Used Avail Capaci - Once the work on the encrypted partition is done, and - the /private - partition is no longer needed, it is prudent to put the - device into cold storage by - unmounting and detaching the geli - encrypted partition from the kernel: + Once the work on the encrypted partition is done, and the + /private partition is no longer needed, + it is prudent to put the device into cold storage by + unmounting and detaching the geli encrypted + partition from the kernel: - &prompt.root; umount /private + &prompt.root; umount /private &prompt.root; geli detach da2.eli - An - rc.d script is provided to - simplify the mounting of geli-encrypted - devices at boot time. For this example, add these lines to - /etc/rc.conf: + An rc.d script is provided to + simplify the mounting of geli-encrypted + devices at boot time. For this example, add these lines to + /etc/rc.conf: - geli_devices="da2" + geli_devices="da2" geli_da2_flags="-p -k /root/da2.key" - This configures /dev/da2 as a - geli provider with a master key - of /root/da2.key. - The system will automatically detach - the provider from the kernel before - the system shuts down. During the startup process, the script will prompt for the - passphrase before attaching the - provider. Other kernel messages might be shown before and - after the password prompt. If the boot process seems to - stall, look carefully for the password prompt among the - other messages. Once the correct passphrase is entered, the provider is - attached. The file system is then mounted, - typically by an entry in - /etc/fstab. Refer to for instructions on how to - configure a file system to mount at boot time. + This configures /dev/da2 as a + geli provider with a master key of + /root/da2.key. The system will + automatically detach the provider from the kernel before the + system shuts down. During the startup process, the script + will prompt for the passphrase before attaching the provider. + Other kernel messages might be shown before and after the + password prompt. If the boot process seems to stall, look + carefully for the password prompt among the other messages. + Once the correct passphrase is entered, the provider is + attached. The file system is then mounted, typically by an + entry in /etc/fstab. Refer to for instructions on how to + configure a file system to mount at boot time. From owner-svn-doc-all@FreeBSD.ORG Tue Apr 29 16:59:28 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E0EB945A; Tue, 29 Apr 2014 16:59:28 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CE1CD1D27; Tue, 29 Apr 2014 16:59:28 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3TGxSVO035071; Tue, 29 Apr 2014 16:59:28 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3TGxSxF035070; Tue, 29 Apr 2014 16:59:28 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404291659.s3TGxSxF035070@svn.freebsd.org> From: Dru Lavigne Date: Tue, 29 Apr 2014 16:59:28 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44698 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Apr 2014 16:59:28 -0000 Author: dru Date: Tue Apr 29 16:59:28 2014 New Revision: 44698 URL: http://svnweb.freebsd.org/changeset/doc/44698 Log: Fix grammo. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Tue Apr 29 16:58:41 2014 (r44697) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Tue Apr 29 16:59:28 2014 (r44698) @@ -2821,7 +2821,7 @@ Filesystem Size Used Avail Capaci &prompt.root; umount /private &prompt.root; geli detach da2.eli - An rc.d script is provided to + A rc.d script is provided to simplify the mounting of geli-encrypted devices at boot time. For this example, add these lines to /etc/rc.conf: From owner-svn-doc-all@FreeBSD.ORG Tue Apr 29 17:45:18 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E089F220; Tue, 29 Apr 2014 17:45:17 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CC344323; Tue, 29 Apr 2014 17:45:17 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3THjHxu055270; Tue, 29 Apr 2014 17:45:17 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3THjHUL055269; Tue, 29 Apr 2014 17:45:17 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404291745.s3THjHUL055269@svn.freebsd.org> From: Dru Lavigne Date: Tue, 29 Apr 2014 17:45:17 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44699 - head/en_US.ISO8859-1/books/handbook/geom X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Apr 2014 17:45:18 -0000 Author: dru Date: Tue Apr 29 17:45:17 2014 New Revision: 44699 URL: http://svnweb.freebsd.org/changeset/doc/44699 Log: Editorial review of gjournal section. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Tue Apr 29 16:59:28 2014 (r44698) +++ head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Tue Apr 29 17:45:17 2014 (r44699) @@ -1618,10 +1618,14 @@ ufsid/486b6fc16926168e N/A ad4s1fJournaling - Beginning with &os; 7.0, support for UFS journals is + Beginning with &os; 7.0, support for journals on + UFS file systems is available. The implementation is provided through the GEOM subsystem and is configured using - &man.gjournal.8;. + gjournal. Unlike other file system journaling implementations, the + gjournal method is block based and not + implemented as part of the file system. It is a + GEOM extension. Journaling stores a log of file system transactions, such as changes that make up a complete disk write operation, before @@ -1633,55 +1637,44 @@ ufsid/486b6fc16926168e N/A ad4s1f - - Unlike other file system journaling implementations, the - gjournal method is block based and not - implemented as part of the file system. It is a - GEOM extension. + stored in disk space specifically for this task. For better + performance, the journal may be stored on another + disk. In this configuration, the journal provider or storage + device should be listed after the device to enable journaling + on. - To enable support for gjournal, the - &os; kernel must have the following option which is the - default on &os; 7.0 and later: - - options UFS_GJOURNAL - - If journaled volumes need to be mounted during startup, the - geom_journal.ko kernel module needs to be - loaded, by adding the following line to + The GENERIC kernel provides support + for gjournal. To automatically load the + geom_journal.ko kernel module at boot time, + add the following line to /boot/loader.conf: geom_journal_load="YES" - Alternatively, this function can be built into a custom - kernel, by adding the following line in the kernel configuration + If a custom + kernel is used, ensure the following line is in the kernel configuration file: options GEOM_JOURNAL - Creating a journal on a free file system may now be done + Once the module is loaded, a journal can be created on a new + file system using the following steps. In this example, da4 is a new SCSI disk: &prompt.root; gjournal load -&prompt.root; gjournal label /dev/da4 - - At this point, there should be a - /dev/da4 device node and a - /dev/da4.journal device node. - A file system may now be created on this device: +&prompt.root; gjournal label /dev/da4 - &prompt.root; newfs -O 2 -J /dev/da4.journal + This will load the module and create a /dev/da4.journal + device node on + /dev/da4. - This command will create a UFS2 file - system on the journaled device. + A UFS file system may now be created on the + journaled device, then mounted on an existing mount point: - mount the device at the desired point - with: - - &prompt.root; mount /dev/da4.journal /mnt + &prompt.root; newfs -O 2 -J /dev/da4.journal +&prompt.root; mount /dev/da4.journal /mnt In the case of several slices, a journal will be created @@ -1693,18 +1686,17 @@ ufsid/486b6fc16926168e N/A ad4s1fad4s2.journal. - For better performance, the journal may be kept on another - disk. In this configuration, the journal provider or storage - device should be listed after the device to enable journaling - on. Journaling may also be enabled on current file systems by + Journaling may also be enabled on current file systems by using tunefs. However, always make a backup before attempting to - alter a file system. In most cases, gjournal + alter an existing file system. In most cases, gjournal will fail if it is unable to create the journal, but this does not protect against data loss incurred as a result of misusing - tunefs. + tunefs. Refer to &man.gjournal.8; and + &man.tunefs.8; for more information about these + commands. - It is also possible to journal the boot disk of a &os; + It is possible to journal the boot disk of a &os; system. Refer to the article Implementing UFS Journaling on a Desktop PC for detailed From owner-svn-doc-all@FreeBSD.ORG Tue Apr 29 17:51:24 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CAA6A417; Tue, 29 Apr 2014 17:51:24 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AB2EA3D6; Tue, 29 Apr 2014 17:51:24 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3THpOv4058913; Tue, 29 Apr 2014 17:51:24 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3THpOUY058912; Tue, 29 Apr 2014 17:51:24 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404291751.s3THpOUY058912@svn.freebsd.org> From: Dru Lavigne Date: Tue, 29 Apr 2014 17:51:24 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44700 - head/en_US.ISO8859-1/books/handbook/geom X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Apr 2014 17:51:25 -0000 Author: dru Date: Tue Apr 29 17:51:24 2014 New Revision: 44700 URL: http://svnweb.freebsd.org/changeset/doc/44700 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Tue Apr 29 17:45:17 2014 (r44699) +++ head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Tue Apr 29 17:51:24 2014 (r44700) @@ -1619,10 +1619,10 @@ ufsid/486b6fc16926168e N/A ad4s1f Beginning with &os; 7.0, support for journals on - UFS file systems is - available. The implementation is provided through the - GEOM subsystem and is configured using - gjournal. Unlike other file system journaling implementations, the + UFS file systems is available. The + implementation is provided through the GEOM + subsystem and is configured using gjournal. + Unlike other file system journaling implementations, the gjournal method is block based and not implemented as part of the file system. It is a GEOM extension. @@ -1638,40 +1638,38 @@ ufsid/486b6fc16926168e N/A ad4s1f + performance, the journal may be stored on another disk. In this + configuration, the journal provider or storage device should be + listed after the device to enable journaling on. - The GENERIC kernel provides support - for gjournal. To automatically load the + The GENERIC kernel provides support for + gjournal. To automatically load the geom_journal.ko kernel module at boot time, add the following line to /boot/loader.conf: geom_journal_load="YES" - If a custom - kernel is used, ensure the following line is in the kernel configuration - file: + If a custom kernel is used, ensure the following line is in + the kernel configuration file: options GEOM_JOURNAL Once the module is loaded, a journal can be created on a new - file system - using the following steps. In this example, + file system using the following steps. In this example, da4 is a new SCSI disk: &prompt.root; gjournal load &prompt.root; gjournal label /dev/da4 - This will load the module and create a /dev/da4.journal - device node on + This will load the module and create a + /dev/da4.journal device node on /dev/da4. - A UFS file system may now be created on the - journaled device, then mounted on an existing mount point: + A UFS file system may now be created on + the journaled device, then mounted on an existing mount + point: &prompt.root; newfs -O 2 -J /dev/da4.journal &prompt.root; mount /dev/da4.journal /mnt @@ -1679,9 +1677,8 @@ ufsid/486b6fc16926168e N/A ad4s1f In the case of several slices, a journal will be created for each individual slice. For instance, if - ad4s1 and - ad4s2 are both slices, then - gjournal will create + ad4s1 and ad4s2 are + both slices, then gjournal will create ad4s1.journal and ad4s2.journal. @@ -1689,15 +1686,15 @@ ufsid/486b6fc16926168e N/A ad4s1fJournaling may also be enabled on current file systems by using tunefs. However, always make a backup before attempting to - alter an existing file system. In most cases, gjournal - will fail if it is unable to create the journal, but this does - not protect against data loss incurred as a result of misusing - tunefs. Refer to &man.gjournal.8; and - &man.tunefs.8; for more information about these - commands. + alter an existing file system. In most cases, + gjournal will fail if it is unable to create + the journal, but this does not protect against data loss + incurred as a result of misusing tunefs. + Refer to &man.gjournal.8; and &man.tunefs.8; for more + information about these commands. - It is possible to journal the boot disk of a &os; - system. Refer to the article It is possible to journal the boot disk of a &os; system. + Refer to the article Implementing UFS Journaling on a Desktop PC for detailed instructions. From owner-svn-doc-all@FreeBSD.ORG Tue Apr 29 19:36:03 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CCB9B19F; Tue, 29 Apr 2014 19:36:03 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B76681182; Tue, 29 Apr 2014 19:36:03 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3TJa3b1001107; Tue, 29 Apr 2014 19:36:03 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3TJa3tx001106; Tue, 29 Apr 2014 19:36:03 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404291936.s3TJa3tx001106@svn.freebsd.org> From: Dru Lavigne Date: Tue, 29 Apr 2014 19:36:03 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44701 - head/en_US.ISO8859-1/books/handbook/x11 X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Apr 2014 19:36:03 -0000 Author: dru Date: Tue Apr 29 19:36:03 2014 New Revision: 44701 URL: http://svnweb.freebsd.org/changeset/doc/44701 Log: Fix pkg install command for kde4 meta-port, in prep for closing PR189065. Note that this whole chapter still needs its tech and editorial review. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/x11/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/x11/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/x11/chapter.xml Tue Apr 29 17:51:24 2014 (r44700) +++ head/en_US.ISO8859-1/books/handbook/x11/chapter.xml Tue Apr 29 19:36:03 2014 (r44701) @@ -1286,7 +1286,7 @@ DisplayManager.requestPort: 0To install the KDE4 package, type: - &prompt.root; pkg install kde4 + &prompt.root; pkg install x11/kde4 To build KDE from source, use the ports tree: From owner-svn-doc-all@FreeBSD.ORG Tue Apr 29 19:49:33 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F20E94A4; Tue, 29 Apr 2014 19:49:32 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DF6C01279; Tue, 29 Apr 2014 19:49:32 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3TJnWXD005531; Tue, 29 Apr 2014 19:49:32 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3TJnWsA005530; Tue, 29 Apr 2014 19:49:32 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404291949.s3TJnWsA005530@svn.freebsd.org> From: Dru Lavigne Date: Tue, 29 Apr 2014 19:49:32 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44702 - head/en_US.ISO8859-1/books/handbook/config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Apr 2014 19:49:33 -0000 Author: dru Date: Tue Apr 29 19:49:32 2014 New Revision: 44702 URL: http://svnweb.freebsd.org/changeset/doc/44702 Log: Clarify how to review boot messages in prep for closing PR160460. Note that this entire section still needs its editorial and tech review. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/config/chapter.xml Tue Apr 29 19:36:03 2014 (r44701) +++ head/en_US.ISO8859-1/books/handbook/config/chapter.xml Tue Apr 29 19:49:32 2014 (r44702) @@ -658,8 +658,11 @@ ifconfig_fxp0="inet 10.1.1.1/8"The drivers for common NICs are already present in the GENERIC kernel, - meaning the NIC should show up during boot. - In this example, two NICs using the + meaning the NIC should be probed during boot. + The system's boot messages can be viewed by typing + more /var/run/dmesg.boot and using the + spacebar to scroll through the text. In this example, two + Ethernet NICs using the &man.dc.4; driver are present on the system: dc0: <82c169 PNIC 10/100BaseTX> port 0xa000-0xa0ff mem 0xd3800000-0xd38 From owner-svn-doc-all@FreeBSD.ORG Tue Apr 29 21:06:08 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 353E2B9D; Tue, 29 Apr 2014 21:06:08 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E80B91974; Tue, 29 Apr 2014 21:06:07 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3TL67ET039542; Tue, 29 Apr 2014 21:06:07 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3TL67o2039541; Tue, 29 Apr 2014 21:06:07 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404292106.s3TL67o2039541@svn.freebsd.org> From: Warren Block Date: Tue, 29 Apr 2014 21:06:07 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44703 - head/en_US.ISO8859-1/articles/ipsec-must X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Apr 2014 21:06:08 -0000 Author: wblock Date: Tue Apr 29 21:06:07 2014 New Revision: 44703 URL: http://svnweb.freebsd.org/changeset/doc/44703 Log: Restore lost tags. Modified: head/en_US.ISO8859-1/articles/ipsec-must/article.xml Modified: head/en_US.ISO8859-1/articles/ipsec-must/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/ipsec-must/article.xml Tue Apr 29 19:49:32 2014 (r44702) +++ head/en_US.ISO8859-1/articles/ipsec-must/article.xml Tue Apr 29 21:06:07 2014 (r44703) @@ -88,7 +88,7 @@ The command: - tcpdump -c 4000 -s 10000 -w dumpfile.bin + tcpdump -c 4000 -s 10000 -w dumpfile.bin will capture 4000 raw packets to dumpfile.bin. Up to 10,000 bytes per @@ -127,8 +127,8 @@ the normal connection has 29% (2.1) of the expected value. - &prompt.user; tcpdump -c 4000 -s 10000 -w ipsecdemo.bin -&prompt.user; uliscan ipsecdemo.bin + &prompt.user; tcpdump -c 4000 -s 10000 -w ipsecdemo.bin +&prompt.user; uliscan ipsecdemo.bin Uliscan 21 Dec 98 L=8 256 258560 From owner-svn-doc-all@FreeBSD.ORG Tue Apr 29 21:08:26 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0BA81DC8; Tue, 29 Apr 2014 21:08:26 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id ECBC019AD; Tue, 29 Apr 2014 21:08:25 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3TL8PQu039805; Tue, 29 Apr 2014 21:08:25 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3TL8PVu039804; Tue, 29 Apr 2014 21:08:25 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404292108.s3TL8PVu039804@svn.freebsd.org> From: Warren Block Date: Tue, 29 Apr 2014 21:08:25 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44704 - head/en_US.ISO8859-1/articles/fonts X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Apr 2014 21:08:26 -0000 Author: wblock Date: Tue Apr 29 21:08:25 2014 New Revision: 44704 URL: http://svnweb.freebsd.org/changeset/doc/44704 Log: Restore lost tags. Modified: head/en_US.ISO8859-1/articles/fonts/article.xml Modified: head/en_US.ISO8859-1/articles/fonts/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/fonts/article.xml Tue Apr 29 21:06:07 2014 (r44703) +++ head/en_US.ISO8859-1/articles/fonts/article.xml Tue Apr 29 21:08:25 2014 (r44704) @@ -738,7 +738,7 @@ EOF Create the .afm file by typing: - % gs -dNODISPLAY -q -- ttf2pf.ps TTF_name PS_font_name AFM_name + % gs -dNODISPLAY -q -- ttf2pf.ps TTF_name PS_font_name AFM_name Where, TTF_name is your @@ -792,7 +792,7 @@ Converting 3of9.ttf to A.pfa and B.afm. directory.) % afmtodit -d DESC -e text.enc file.afm \ - generate/textmap PS_font_name + generate/textmap PS_font_name Where, file.afm is the From owner-svn-doc-all@FreeBSD.ORG Tue Apr 29 21:09:34 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 49890F21; Tue, 29 Apr 2014 21:09:34 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3720519BC; Tue, 29 Apr 2014 21:09:34 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3TL9Yjs040026; Tue, 29 Apr 2014 21:09:34 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3TL9YKg040025; Tue, 29 Apr 2014 21:09:34 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404292109.s3TL9YKg040025@svn.freebsd.org> From: Warren Block Date: Tue, 29 Apr 2014 21:09:34 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44705 - head/en_US.ISO8859-1/articles/geom-class X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Apr 2014 21:09:34 -0000 Author: wblock Date: Tue Apr 29 21:09:33 2014 New Revision: 44705 URL: http://svnweb.freebsd.org/changeset/doc/44705 Log: Restore lost tags. Modified: head/en_US.ISO8859-1/articles/geom-class/article.xml Modified: head/en_US.ISO8859-1/articles/geom-class/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/geom-class/article.xml Tue Apr 29 21:08:25 2014 (r44704) +++ head/en_US.ISO8859-1/articles/geom-class/article.xml Tue Apr 29 21:09:33 2014 (r44705) @@ -442,7 +442,7 @@ KMOD=geom_journal the utility figures out which geom class it is supposed to handle and searches for - geom_CLASSNAME.so + geom_CLASSNAME.so library (usually in /lib/geom). From owner-svn-doc-all@FreeBSD.ORG Tue Apr 29 21:14:52 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DF6F5A49; Tue, 29 Apr 2014 21:14:52 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B22D11A75; Tue, 29 Apr 2014 21:14:52 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3TLEqKY044608; Tue, 29 Apr 2014 21:14:52 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3TLEq5N044607; Tue, 29 Apr 2014 21:14:52 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404292114.s3TLEq5N044607@svn.freebsd.org> From: Warren Block Date: Tue, 29 Apr 2014 21:14:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44706 - head/en_US.ISO8859-1/articles/linux-users X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Apr 2014 21:14:53 -0000 Author: wblock Date: Tue Apr 29 21:14:52 2014 New Revision: 44706 URL: http://svnweb.freebsd.org/changeset/doc/44706 Log: Restore lost tags. Modified: head/en_US.ISO8859-1/articles/linux-users/article.xml Modified: head/en_US.ISO8859-1/articles/linux-users/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/linux-users/article.xml Tue Apr 29 21:09:33 2014 (r44705) +++ head/en_US.ISO8859-1/articles/linux-users/article.xml Tue Apr 29 21:14:52 2014 (r44706) @@ -134,7 +134,7 @@ the following command installs Apache 2.4: - &prompt.root; pkg install apache24 + &prompt.root; pkg install apache24 For more information on packages refer to section 5.4 of the &os; Handbook: /etc/rc.conf, it can be started without rebooting the system: - &prompt.root; service sshd start + &prompt.root; service sshd start &prompt.root; service apache24 start If a service has not been enabled, it can be started from the command line using : - &prompt.root; service sshd onestart + &prompt.root; service sshd onestart @@ -440,16 +440,16 @@ net.inet.ip.forwarding: 0 - yum install package / - apt-get install package - pkg install package + yum install package / + apt-get install package + pkg install package Install package from remote repository - rpm -ivh package - / dpkg -i package - pkg add package + rpm -ivh package + / dpkg -i package + pkg add package Install local package From owner-svn-doc-all@FreeBSD.ORG Tue Apr 29 21:16:48 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 71D3DC2A; Tue, 29 Apr 2014 21:16:48 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 448C81A8B; Tue, 29 Apr 2014 21:16:48 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3TLGmiR044964; Tue, 29 Apr 2014 21:16:48 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3TLGmEC044963; Tue, 29 Apr 2014 21:16:48 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404292116.s3TLGmEC044963@svn.freebsd.org> From: Warren Block Date: Tue, 29 Apr 2014 21:16:48 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44707 - head/en_US.ISO8859-1/articles/remote-install X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Apr 2014 21:16:48 -0000 Author: wblock Date: Tue Apr 29 21:16:47 2014 New Revision: 44707 URL: http://svnweb.freebsd.org/changeset/doc/44707 Log: Restore lost tags. Modified: head/en_US.ISO8859-1/articles/remote-install/article.xml Modified: head/en_US.ISO8859-1/articles/remote-install/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/remote-install/article.xml Tue Apr 29 21:14:52 2014 (r44706) +++ head/en_US.ISO8859-1/articles/remote-install/article.xml Tue Apr 29 21:16:47 2014 (r44707) @@ -148,8 +148,8 @@ mfsBSD scripts will reside: &prompt.root; fetch http://people.freebsd.org/~mm/mfsbsd/mfsbsd-latest.tar.gz -&prompt.root; tar xvzf mfsbsd-1.0-beta1.tar.gz -&prompt.root; cd mfsbsd-1.0-beta1/ +&prompt.root; tar xvzf mfsbsd-1.0-beta1.tar.gz +&prompt.root; cd mfsbsd-1.0-beta1/ Configuration of <application>mfsBSD</application> @@ -227,13 +227,13 @@ ifconfig_re0="inet 192.168.0.2 netmask 2 the /cdrom directory is easy with the &man.mdconfig.8; utility: - &prompt.root; mdconfig -a -t vnode -u 10 -f 7.0-RELEASE-amd64-disc1.iso + &prompt.root; mdconfig -a -t vnode -u 10 -f 7.0-RELEASE-amd64-disc1.iso &prompt.root; mount_cd9660 /dev/md10 /cdrom Next, build the bootable mfsBSD image: - &prompt.root; make BASE=/cdrom/7.0-RELEASE + &prompt.root; make BASE=/cdrom/7.0-RELEASE The above make command has to be run @@ -294,7 +294,7 @@ ifconfig_re0="inet 192.168.0.2 netmask 2 At the start, mark all system disks as empty. Repeat the following command for each hard drive: - &prompt.root; dd if=/dev/zero of=/dev/ad0 count=2 + &prompt.root; dd if=/dev/zero of=/dev/ad0 count=2 Next, create slices and label them with your preferred tool. While it is considered easier to use From owner-svn-doc-all@FreeBSD.ORG Tue Apr 29 21:38:02 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4D1E6FC0; Tue, 29 Apr 2014 21:38:02 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3880F1C7E; Tue, 29 Apr 2014 21:38:02 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3TLc2rl053114; Tue, 29 Apr 2014 21:38:02 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3TLc23J053113; Tue, 29 Apr 2014 21:38:02 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201404292138.s3TLc23J053113@svn.freebsd.org> From: Warren Block Date: Tue, 29 Apr 2014 21:38:02 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44708 - head/en_US.ISO8859-1/articles/portbuild X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Apr 2014 21:38:02 -0000 Author: wblock Date: Tue Apr 29 21:38:01 2014 New Revision: 44708 URL: http://svnweb.freebsd.org/changeset/doc/44708 Log: Restore lost tags. 100 of them. Modified: head/en_US.ISO8859-1/articles/portbuild/article.xml Modified: head/en_US.ISO8859-1/articles/portbuild/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/portbuild/article.xml Tue Apr 29 21:16:47 2014 (r44707) +++ head/en_US.ISO8859-1/articles/portbuild/article.xml Tue Apr 29 21:38:01 2014 (r44708) @@ -236,29 +236,29 @@ Package builds are performed by the clients in a jail populated by the portbuild script using the - ${arch}/${branch}/builds/${buildid}/bindist.tar + ${arch}/${branch}/builds/${buildid}/bindist.tar file. On the server, use the makeworld command to build a world from the - ${arch}/${branch}/builds/${buildid}/src/ + ${arch}/${branch}/builds/${buildid}/src/ tree and install it into - ${arch}/${branch}/builds/${buildid}/bindist.tar. + ${arch}/${branch}/builds/${buildid}/bindist.tar. The tree will be updated first unless -novcs is specified. - &prompt.root; /a/portbuild/admin/scripts/makeworld ${arch} ${branch} ${buildid} [-novcs] + &prompt.root; /a/portbuild/admin/scripts/makeworld ${arch} ${branch} ${buildid} [-novcs] Similiarly on the server, the bindist.tar tarball is created from the previously installed world by the mkbindist script. - &prompt.root; /a/portbuild/admin/scripts/mkbindist ${arch} ${branch} ${buildid} + &prompt.root; /a/portbuild/admin/scripts/mkbindist ${arch} ${branch} ${buildid} The per-machine tarballs are located on the server in - ${arch}/clients. + ${arch}/clients. The bindist.tar file is extracted onto each client at client boot time, and at the start of @@ -287,37 +287,37 @@ make.conf and/or src.conf, named - ${arch}/${branch}/builds/${buildid}/make.conf.server + ${arch}/${branch}/builds/${buildid}/make.conf.server and - ${arch}/${branch}/builds/${buildid}/src.conf.server, + ${arch}/${branch}/builds/${buildid}/src.conf.server, respectively. These will be used in lieu of the default-named files on the server side. Similarly, if you wish to also affect the client-side make.conf, you may use - ${arch}/${branch}/builds/${buildid}/make.conf.client. + ${arch}/${branch}/builds/${buildid}/make.conf.client. Due to the fact that individual clients may each have their own per-host make.conf, the contents of - ${arch}/${branch}/builds/${buildid}/make.conf.client + ${arch}/${branch}/builds/${buildid}/make.conf.client will be appended to that make.conf, not supplant it, as is done for - ${arch}/${branch}/builds/${buildid}/make.conf.server. + ${arch}/${branch}/builds/${buildid}/make.conf.server. There is no similar functionality for - ${arch}/${branch}/builds/${buildid}/src.conf.client + ${arch}/${branch}/builds/${buildid}/src.conf.client (what effect would it have?). Sample - <filename>make.conf.target</filename> + <filename>make.conf.<replaceable>target</replaceable></filename> to test new default <application>ruby</application> version @@ -329,7 +329,7 @@ Sample - <filename>make.conf.target</filename> + <filename>make.conf.<replaceable>target</replaceable></filename> for <application>clang</application> builds (For this case, the contents are also identical for both @@ -378,7 +378,7 @@ PKG_BIN=/usr/local/sbin/pkgSeparate builds for various combinations of architecture and branch are supported. All data private to a build (ports tree, src tree, packages, distfiles, log files, bindist, Makefile, etc) are located under the - ${arch}/${branch}/builds/${buildid}/ + ${arch}/${branch}/builds/${buildid}/ directory. The most recently created build can be alternatively referenced using buildid latest, and the one before using @@ -393,7 +393,7 @@ PKG_BIN=/usr/local/sbin/pkgThe scripts/dopackages.wrapper script is used to perform the builds. - &prompt.root; dopackages.wrapper ${arch} ${branch} ${buildid} [-options] + &prompt.root; dopackages.wrapper ${arch} ${branch} ${buildid} [-options] Most often, you will be using latest for the value of buildid. @@ -570,7 +570,7 @@ PKG_BIN=/usr/local/sbin/pkg-nocleanup, you need to clean up clients by running - &prompt.user; build cleanup ${arch} ${branch} ${buildid} -full + &prompt.user; build cleanup ${arch} ${branch} ${buildid} -full When a new build is created, the directories errors/, logs/, packages/, and so @@ -608,7 +608,7 @@ PKG_BIN=/usr/local/sbin/pkg${arch}/${branch}/journal: + ${arch}/${branch}/journal: don't know how to make dns-all(continuing) @@ -656,34 +656,34 @@ PKG_BIN=/usr/local/sbin/pkg - build create arch - branch - [newid] - Creates + build create arch + branch + [newid] - Creates newid (or a datestamp if not specified). Only needed when bringing up a new branch or a new architecture. - build clone arch - branch oldid - [newid] - Clones + build clone arch + branch oldid + [newid] - Clones oldid to newid (or a datestamp if not specified). - build srcupdate arch - branch - buildid - Replaces the src + build srcupdate arch + branch + buildid - Replaces the src tree with a new ZFS snapshot. Do not forget to use -nosrc flag to dopackages later! - build portsupdate arch - branch - buildid - Replaces the ports + build portsupdate arch + branch + buildid - Replaces the ports tree with a new ZFS snapshot. Do not forget to use -noports flag to dopackages later! @@ -698,7 +698,7 @@ PKG_BIN=/usr/local/sbin/pkg - &prompt.root; path/qmanager/packagebuild amd64 7-exp 20080904212103 aclock-0.2.3_2.tbz + &prompt.root; path/qmanager/packagebuild amd64 7-exp 20080904212103 aclock-0.2.3_2.tbz @@ -714,7 +714,7 @@ PKG_BIN=/usr/local/sbin/pkgAn update of the current ports tree from the ZFS snapshot Status of these steps can be found in - ${arch}/${branch}/build.log + ${arch}/${branch}/build.log as well as on stderr of the tty running the dopackages command. @@ -753,12 +753,12 @@ PKG_BIN=/usr/local/sbin/pkg Builds packages (phase 1)Status of these steps can be found in - ${arch}/${branch}/journal. + ${arch}/${branch}/journal. Individual ports will write their build logs to - ${arch}/${branch}/logs/ + ${arch}/${branch}/logs/ and their error logs to - ${arch}/${branch}/errors/. + ${arch}/${branch}/errors/. @@ -882,7 +882,7 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5 After you have done all the above, remove the - ${arch}/lock + ${arch}/lock file before trying to restart the build. If you do not, dopackages will simply exit. @@ -900,14 +900,14 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5 - build destroy arch - branch - Destroy the + build destroy arch + branch - Destroy the build id. - build list arch - branch - Shows the current set + build list arch + branch - Shows the current set of build ids. @@ -920,11 +920,11 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5 You can use qclient command to monitor the status of build nodes, and to list the currently scheduled jobs: - &prompt.user; python path/qmanager/qclient jobs -&prompt.user; python path/qmanager/qclient status + &prompt.user; python path/qmanager/qclient jobs +&prompt.user; python path/qmanager/qclient status The - scripts/stats ${branch} + scripts/stats ${branch} command shows the number of packages already built. Running cat /a/portbuild/*/loads/* @@ -942,7 +942,7 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5 idle node. - Running tail -f ${arch}/${branch}/build.log + Running tail -f ${arch}/${branch}/build.log shows the overall build progress. If a port build is failing, and it is not immediately obvious @@ -952,7 +952,7 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5 directory. The next time the cluster tries to build this port, it will tar, compress, and copy the WRKDIR to - ${arch}/${branch}/wrkdirs/. + ${arch}/${branch}/wrkdirs/. If you find that the system is looping trying to build the same package over and over again, you may be able to fix the @@ -1027,7 +1027,7 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5 the emailed logs and sort them to a folder, so you can maintain a running list of current failures and detect new ones easily. To do this, add an email address to - ${branch}/portbuild.conf. + ${branch}/portbuild.conf. You can easily bounce the new ones to maintainers. After a port appears broken on every build combination @@ -1066,8 +1066,8 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5 build is post-processed, take an inventory of the list of files fetched: - &prompt.user; cd ${arch}/${branch} -&prompt.user; find distfiles > distfiles-${release} + &prompt.user; cd ${arch}/${branch} +&prompt.user; find distfiles > distfiles-${release} You should use that output to periodically clean out the distfiles from ftp-master. When space @@ -1077,12 +1077,12 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5 Once the distfiles have been uploaded (see below), the final release package set must be created. Just to be on the safe side, run the - ${arch}/${branch}/cdrom.sh + ${arch}/${branch}/cdrom.sh script by hand to make sure all the CD-ROM restricted packages and distfiles have been pruned. Then, copy the - ${arch}/${branch}/packages + ${arch}/${branch}/packages directory to - ${arch}/${branch}/packages-${release}. + ${arch}/${branch}/packages-${release}. Once the packages are safely moved off, contact the &a.re; and inform them of the release package location. @@ -1180,13 +1180,13 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5 a new release), copy packages to the staging area on ftp-master with something like the following: - &prompt.root; cd /a/portbuild/${arch}/${branch} -&prompt.root; tar cfv - packages/ | ssh portmgr@ftp-master tar xfC - w/ports/${arch}/tmp/${subdir} + &prompt.root; cd /a/portbuild/${arch}/${branch} +&prompt.root; tar cfv - packages/ | ssh portmgr@ftp-master tar xfC - w/ports/${arch}/tmp/${subdir} Then log into ftp-master, verify that the package set was transferred successfully, remove the package set that the new package set is to replace (in - ~/w/ports/${arch}), + ~/w/ports/${arch}), and move the new set into place. (w/ is merely a shortcut.) @@ -1203,12 +1203,12 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5 Example rsync command for incremental package upload: - &prompt.root; rsync -n -r -v -l -t -p --delete packages/ portmgr@ftp-master:w/ports/${arch}/${subdir}/ | tee log + &prompt.root; rsync -n -r -v -l -t -p --delete packages/ portmgr@ftp-master:w/ports/${arch}/${subdir}/ | tee log Distfiles should be transferred with the cpdistfiles script: - &prompt.root; /a/portbuild/scripts/cpdistfiles ${arch} ${branch} ${buildid} [-yesreally] | tee log2 + &prompt.root; /a/portbuild/scripts/cpdistfiles ${arch} ${branch} ${buildid} [-yesreally] | tee log2 Doing it by hand is deprecated. @@ -1523,7 +1523,7 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5 directory to contain the install bits. You will probably want to use a subdirectory of /pxeroot, e.g., - /pxeroot/${arch}-${branch}. + /pxeroot/${arch}-${branch}. Export that as DESTDIR. @@ -1584,8 +1584,8 @@ options NFSSERVER As root, do the usual build steps, e.g.: &prompt.root; make -j4 buildworld -&prompt.root; make buildkernel KERNCONF=${kernconf} -&prompt.root; make installkernel KERNCONF=${kernconf} +&prompt.root; make buildkernel KERNCONF=${kernconf} +&prompt.root; make installkernel KERNCONF=${kernconf} &prompt.root; make installworld The install steps use DESTDIR. @@ -1599,15 +1599,15 @@ options NFSSERVER If you are using pxeboot: create a subdirectory of - ${DESTDIR} + ${DESTDIR} called conf/. Create one subdirectory default/etc/, and (if your site will host multiple nodes), subdirectories - ${ip-address}/etc/ + ${ip-address}/etc/ to contain override files for individual hosts. (You may find it handy to symlink each of those directories to a hostname.) Copy the entire contents of - ${DESTDIR}/etc/ + ${DESTDIR}/etc/ to default/etc/; that is where you will edit your files. The by-ip-address etc/ directories will probably only need @@ -1702,8 +1702,8 @@ sshd_program="/usr/local/sbin/sshd" squid_enable="YES" -squid_chdir="/a/squid/logs" -squid_pidfile="/a/squid/logs/squid.pid" +squid_chdir="/a/squid/logs" +squid_pidfile="/a/squid/logs/squid.pid" Required entries for VMWare-based nodes: vmware_guest_vmmemctl_enable="YES" @@ -1724,8 +1724,8 @@ sshd_program="/usr/local/sbin/sshd" gmond_enable="YES" squid_enable="YES" -squid_chdir="/a/squid/logs" -squid_pidfile="/a/squid/logs/squid.pid" +squid_chdir="/a/squid/logs" +squid_pidfile="/a/squid/logs/squid.pid" &man.ntpd.8; should not be enabled for VMWare instances. @@ -1733,7 +1733,7 @@ squid_pidfile="/a/squid/logs/s Also, it may be possible to leave squid disabled by default so as to not have - /a + /a persistent (which should save instantiation time.) Work is still ongoing. @@ -1748,7 +1748,7 @@ squid_pidfile="/a/squid/logs/s Modify etc/sysctl.conf: 9a10,30 -> kern.corefile=/a/%N.core +> kern.corefile=/a/%N.core > kern.sugid_coredump=1 > #debug.witness_ddb=0 > #debug.witness_watch=0 @@ -1856,7 +1856,7 @@ security/sudo # # Configure a package build system post-boot -scratchdir=/a +scratchdir=/a ln -sf ${scratchdir}/portbuild /var/ @@ -1895,7 +1895,7 @@ touch /tmp/.boot_finished Also, change usr/local - to usr2 in + to usr2 in cache_dir, access_log, cache_log, @@ -1940,7 +1940,7 @@ portbuild ALL=(ALL) NOPASSWD: ALL

            Change into the port/package directory you picked above, e.g., - cd /usr2. + cd /usr2.             @@ -2010,7 +2010,7 @@ portbuild ALL=(ALL) NOPASSWD: ALL

            Create - /a/portbuild/${arch}/clients/bindist-${hostname}.tar. + /a/portbuild/${arch}/clients/bindist-${hostname}.tar.             @@ -2055,15 +2055,15 @@ MASTER_SITE_OVERRIDE= \ Create -/a/portbuild/${arch}/portbuild-${hostname} +/a/portbuild/${arch}/portbuild-${hostname} using one of the existing ones as a guide. This file contains overrides to -/a/portbuild/${arch}/portbuild.conf. +/a/portbuild/${arch}/portbuild.conf. Suggested values: disconnected=1 -scratchdir=/usr2/pkgbuild +scratchdir=/usr2/pkgbuild client_user=portbuild sudo_cmd="sudo -H" rsync_gzip=-z @@ -2075,7 +2075,7 @@ infoseek_port=${tunelled-tc on the client: http_proxy="http://localhost:3128/" -squid_dir=/usr2/squid +squid_dir=/usr2/squid If, instead, you will be using squid on the server: @@ -2125,7 +2125,7 @@ ssh_cmd="/usr/local/bin/ssh" Ensure that ssh to the client is working by executing - ssh hostname uname -a. + ssh hostname uname -a. The actual command is not important; what is important is to confirm the setup, and also add an entry into known_hosts, once you have confirmed the @@ -2135,13 +2135,13 @@ ssh_cmd="/usr/local/bin/ssh" Populate the client's copy of /var/portbuild/scripts/ by something like - /a/portbuild/scripts/dosetupnode arch major latest hostname. + /a/portbuild/scripts/dosetupnode arch major latest hostname. Verify that you now have files in that directory. Test the other TCP ports by executing - telnet hostname portnumber. + telnet hostname portnumber. 414 (or its tunnel) should give you a few lines of status information including arch and osversion; 8649 should @@ -2157,17 +2157,17 @@ ssh_cmd="/usr/local/bin/ssh" Tell qmanager about the node. Example: - python path/qmanager/qclient add - name=uniquename - arch=arch - osversion=osversion - numcpus=number + python path/qmanager/qclient add + name=uniquename + arch=arch + osversion=osversion + numcpus=number haszfs=0 online=1 - domain=domain + domain=domain primarypool=package pools="package all" maxjobs=1 - acl="ports-arch,deny_all" + acl="ports-arch,deny_all" @@ -2180,7 +2180,7 @@ ssh_cmd="/usr/local/bin/ssh"Once you are sure that the client is working, tell pollmachine about it by adding it to - /a/portbuild/${arch}/mlist. + /a/portbuild/${arch}/mlist. @@ -2216,7 +2216,7 @@ ssh_cmd="/usr/local/bin/ssh" For what was previously head, change SRC_BRANCH_branch_SUBDIR to - releng/branch.0 + releng/branch.0 (literal zero). @@ -2301,22 +2301,22 @@ zfs destroy -r a/snap/src-o Files named - *-old_branch-failure.html + *-old_branch-failure.html Files named - buildlogs_*-old_branch-*-logs.txt + buildlogs_*-old_branch-*-logs.txt Symlinks named - *-old_branch-previous* + *-old_branch-previous* Symlinks named - *-old_branch-latest* + *-old_branch-latest* @@ -2430,7 +2430,7 @@ zfs destroy -r a/snap/src-o It is possible that /dumpster/pointyhat will not have enough space. In that case, create the archive directory as - /dumpster/pointyhat/arch/archive + /dumpster/pointyhat/arch/archive and symlink to that. @@ -2448,7 +2448,7 @@ zfs destroy -r a/snap/src-o Create customized - portbuild.machinename.conf + portbuild.machinename.conf files as appropriate. @@ -2763,7 +2763,7 @@ sh -x ./tmp/mkportbuild Pick a mountpoint and export it. We have used - /a so far to date. + /a so far to date. &prompt.root; export ZFS_MOUNTPOINT=/a @@ -2859,7 +2859,7 @@ sh -x ./tmp/mkportbuild Configure the server by making the following changes to - /a/portbuild/admin/conf/admin.conf: + /a/portbuild/admin/conf/admin.conf: @@ -2906,7 +2906,7 @@ sh -x ./tmp/mkportbuild Configure how build slaves will talk to your server by making the following changes to - /a/portbuild/conf/client.conf: + /a/portbuild/conf/client.conf: @@ -2932,14 +2932,14 @@ sh -x ./tmp/mkportbuild Most of the default values in - /a/portbuild/conf/common.conf + /a/portbuild/conf/common.conf should be fine. This file holds definitions used by both the server and all its clients. Configure the server by making the following changes to - /a/portbuild/conf/server.conf: + /a/portbuild/conf/server.conf: @@ -72,8 +72,8 @@ - この章で表示されているすべてのコマンドは、 - root 権限で実行する必要があります。 + この章で表示されているすべてのコマンドは、root 権限で実行する必要があります。 @@ -381,7 +381,8 @@ options IPDIVERT 利用可能なすべてのオプションを含むファイルを構築するには、 - 以下のコマンドを root 権限で実行してください。 + 以下のコマンドを root 権限で実行してください。 &prompt.root; cd /usr/src/sys/arch/conf && make LINT @@ -1116,7 +1117,7 @@ device fwe # Ethernet /usr/src/sys/arch/conf/NOTES を参照して下さい。 --> - + @@ -320,6 +320,17 @@ ath_hal(4) - Atheros Hardw 理解していない行に対しては、# を追加したり削除しないでください。 + + デバイスやオプションのサポートを外すことは簡単で、 + その結果、カーネルを壊すことがあります。 + たとえば &man.ata.4; + ドライバをカーネルコンフィグレーションファイルから除くと、 + ATA + ディスクドライバを用いているシステムは起動しません。 + 確信が持てないものについては、 + カーネルにサポートを残したままにしてください。 + + このファイルで与えられる説明の他に、 そのアーキテクチャの GENERIC と同じディレクトリにある @@ -1194,30 +1205,8 @@ device fwe # Ethernet カスタムカーネルの構築とインストール - 編集した内容を保存したら、 - カーネルのソースコードをコンパイルしてください。 - - - 最新のソースと ソースツリーを同期 したら、 - 何らかのアップデートを行う前に、必ず - /usr/src/UPDATING - をチェックしてください。 - このファイルには、 - アップデートされたソースコードに関する重要な問題や特別に注意すべき点がすべて書かれています。 - /usr/src/UPDATING は常に &os; - のソースのバージョンと同期しているので、 - ハンドブックの記述よりも新しい内容を含んでいます。 - - - - デバイスやオプションのサポートを外すことは簡単で、 - その結果、カーネルを壊すことがあります。 - たとえば、&man.ata.4; - ドライバをカーネルコンフィグレーションファイルから除くと、 - ATA ディスクドライバを用いるシステムは起動しません。 - 確信が持てないものについては、 - カーネルにサポートを残したままにしてください。 - + 編集したカスタムコンフィグレーションファイルを保存したら、 + カーネルのソースコードを以下の手順でコンパイルしてください。 カーネルの構築 @@ -1226,12 +1215,8 @@ device fwe # Ethernet 構築 / インストール - - カーネルを構築するには、&os; のすべてのソースファイルが必要です。 - - - cd を用いて /usr/src に移動してください。 + 以下のディレクトリに移動してください。 &prompt.root; cd /usr/src @@ -1239,61 +1224,51 @@ device fwe # Ethernet カスタムコンフィグレーションファイルの名前を指定して新しいカーネルをコンパイルします。 - &prompt.root; make buildkernel KERNCONF=MYKERNEL + &prompt.root; make buildkernel KERNCONF=MYKERNEL - 新しいカーネルをインストールします。 + 指定したカーネルコンフィグレーションファイルで作成された新しいカーネルをインストールします。 + 以下のコマンドは、新しいカーネルを + /boot/kernel/kernel に、 + 今までのカーネルを /boot/kernel.old/kernel + という名前で保存します。 - &prompt.root; make installkernel KERNCONF=MYKERNEL + &prompt.root; make installkernel KERNCONF=MYKERNEL + + + + 新しいカーネルを使うために、 + システムをシャットダウンして再起動してください。 + うまく行かない場合は、 + を参照してください。 - - デフォルトでは、カスタムカーネルを構築すると - すべて のカーネルモジュールが再構築されます。 + デフォルトでは、カスタムカーネルを構築すると、 + すべてのカーネルモジュールが再構築されます。 カーネルのアップデートをより早く行いたい、または、 カスタムモジュールのみを構築したいといった場合は、 カーネルの構築を開始する前に、以下のように /etc/make.conf を編集してください。 - MODULES_OVERRIDE = linux acpi sound/sound sound/driver/ds1 ntfs - - この変数は、 - すべてのモジュールを構築するというデフォルトの設定にかわり、 + 例として、以下の変数は、 + デフォルトのすべてのモジュールを構築する設定を変更し、 構築するモジュール一覧を指定します。 + MODULES_OVERRIDE = linux acpi ntfs + + また、以下の変数は、 + 構築を行わないトップレベルのモジュールを指定します。 + WITHOUT_MODULES = linux acpi sound ntfs - この変数は、構築を行わないトップレベルのモジュールを指定します。 - 他の変数については、&man.make.conf.5; を参照してください。 - + 他の変数については、&man.make.conf.5; を参照してください。 /boot/kernel.old - - 新しいカーネルは /boot/kernel に - /boot/kernel/kernel という名前でコピーされ、 - 今までのカーネルは /boot/kernel.old/kernel - という名前へ変更されます。 - では、新しいカーネルを使うために、システムをシャットダウンして再起動してください。 - うまく行かない場合は、 - 問題が起きた場合には - や、新しいカーネルが - 起動しない - 場合のリカバリの方法を参照してください。 - - - ブートローダ (&man.loader.8;) - や設定などのブートプロセスに関係する他のファイルは、 - /boot に置かれます。 - サードパーティ製やカスタムモジュールを - /boot/kernel に置くこともできますが、 - コンパイルしたカーネルとモジュールを同期しておく必要があります。 - コンパイルしたカーネルとモジュールが対応していないと、 - システムが不安定になる可能性があります。 - @@ -1307,25 +1282,25 @@ device fwe # Ethernet config コマンドの失敗 - &man.config.8; が失敗したのであれば、 - おそらく単純なエラーです。 - さいわい、&man.config.8; - はトラブルの起きた行番号を出力します。 - 例えば、次のように出力された場合 + config で失敗した時には、 + トラブルの起きた行番号が出力されます。 + たとえば、次のように出力された場合には、 + 17 行目が正しく入力されているかどうか、 + GENERICNOTES + と比較して修正してください。 config: line 17: syntax error - - 17 行目のキーワードが正しく入力されているかどうか、 - GENERIC カーネルのファイルや、 - 他のリファレンスと比較して注意深く修正してください。 - make コマンドの失敗 + + make コマンドの失敗 + make が失敗した場合には、 - カーネル設定で &man.config.8; - がとらえられなかったような間違いをしていることが多いようです。 + 通常、カーネルコンフィグレーションファイルにおいて、 + config + がとらえられなかったような間違いをしています。 コンフィグレーションファイルを見直してください。 それでも問題を解決することができなければ、 &a.questions; @@ -1335,6 +1310,7 @@ device fwe # Ethernet カーネルが起動しない + 新しいカーネルが起動しなかったり、 デバイスの認識をしない場合でもあわてないでください! @@ -1346,10 +1322,7 @@ device fwe # Ethernet オプションを選択するとアクセスできます。 プロンプトで boot kernel.old - か他の正常に起動するカーネルを入力してください。 - カーネルの再設定をおこなう場合にはいつも、 - 確実に動くことが分かっているカーネルを用意しておくようにすると良いでしょう。 - + か他の正常に起動するカーネルを入力してください。 問題のないカーネルで起動した後、 コンフィグレー ションファイルを調べ、 @@ -1360,16 +1333,17 @@ device fwe # Ethernet &man.dmesg.8; は現在の起動時のカーネルメッセージを出力します。 - カーネルの構築中にトラブルが起きた時に使うために、 - GENERIC や他のカーネルを次回の構築で消されないよう別の名前で保存するようにしてください。kernel.old + カーネルの構築中にトラブルが起きた時には、 + 次回の構築で消されないように、 + GENERIC + のコピーや他の正常に起動するカーネルを別の名前で保存するようにしてください。 + kernel.old は新しいカーネルをインストールする時に、 その一つ前にインストールした、 - うまく動かないかもしれないカーネルで上書きされてしまうので当てにできません。 - できる限り早く動作しているカーネルを本来の - /boot/kernel の位置に移動させてください。 - そうしないと - &man.ps.1; のようなコマンドが正しく動きません。これを行うには、 - 以下のように正しく起動するカーネルを含むディレクトリ名に変更するだけです。 + うまく動かないかもしれないカーネルで上書きされてしまうため、 + 起動するカーネルを保存しておくことは重要です。 + できる限り早く以下のようにして、 + 正しく起動するカーネルを含むディレクトリ名に変更してください。 &prompt.root; mv /boot/kernel /boot/kernel.bad &prompt.root; mv /boot/kernel.good /boot/kernel @@ -1383,13 +1357,14 @@ device fwe # Ethernet システムユーティリティの構築されたバージョンと異るバージョンのカーネルをインストールした場合、 - 例えば -CURRENT のカーネルを -RELEASE 上にインストールするような場合、 + たとえば -CURRENT のソースから構築したカーネルを + -RELEASE システム上にインストールするような場合には、 &man.ps.1; や &man.vmstat.8; のような多くのシステムステータスコマンドは動かなくなります。 修正するには、カーネルと同じバージョンのソースツリーで world を再構築し、インストール してください。 - これは、カーネルとそれ以外で異なるバージョンを組み合わせてオペレーティングシステムを使用することが推奨されない理由の一つとなっています。 + これは、カーネルとそれ以外で異なるバージョンを組み合わせてオペレーティングシステムを使用することは推奨されていません。 From owner-svn-doc-all@FreeBSD.ORG Wed Apr 30 14:45:09 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BB404AD4; Wed, 30 Apr 2014 14:45:09 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A6A0B1A35; Wed, 30 Apr 2014 14:45:09 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3UEj9cb080621; Wed, 30 Apr 2014 14:45:09 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3UEj9ug080619; Wed, 30 Apr 2014 14:45:09 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404301445.s3UEj9ug080619@svn.freebsd.org> From: Dru Lavigne Date: Wed, 30 Apr 2014 14:45:09 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44718 - in head/en_US.ISO8859-1/books/handbook: basics security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Apr 2014 14:45:09 -0000 Author: dru Date: Wed Apr 30 14:45:09 2014 New Revision: 44718 URL: http://svnweb.freebsd.org/changeset/doc/44718 Log: Move 4.3.3 Limiting Users to a subsection of 14.13 Resource Limits. The next commit will do a tech/editorial review of the moved subsection. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/basics/chapter.xml head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/basics/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Wed Apr 30 10:53:40 2014 (r44717) +++ head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Wed Apr 30 14:45:09 2014 (r44718) @@ -999,317 +999,6 @@ passwd: done - - Limiting Users - - - limiting users - - - accounts - limiting - - - &os; provides several methods for an administrator to - limit the amount of system resources an individual may use. - These limits are discussed in two sections: disk quotas and - other resource limits. - - - quotas - - - limiting users - quotas - - - disk quotas - - - Disk quotas limit the amount of disk space available to - users and provide a way to quickly check that usage without - calculating it every time. Quotas are discussed in - . - - The other resource limits include ways to limit the amount - of CPU, memory, and other resources a user may consume. These - are defined using login classes and are discussed here. - - - /etc/login.conf - - - Login classes are defined in - /etc/login.conf and are described in - detail in &man.login.conf.5;. Each user account is assigned - to a login class, default by default, and - each login class has a set of login capabilities associated - with it. A login capability is a - name=value - pair, where name is a well-known - identifier and value is an - arbitrary string which is processed accordingly depending on - the name. Setting up login classes - and capabilities is rather straightforward and is also - described in &man.login.conf.5;. - - - &os; does not normally read the configuration in - /etc/login.conf directly, but instead - reads the /etc/login.conf.db database - which provides faster lookups. Whenever - /etc/login.conf is edited, the - /etc/login.conf.db must be updated by - executing the following command: - - &prompt.root; cap_mkdb /etc/login.conf - - - Resource limits differ from the default login capabilities - in two ways. First, for every limit, there is a soft - (current) and hard limit. A soft limit may be adjusted by the - user or application, but may not be set higher than the hard - limit. The hard limit may be lowered by the user, but can - only be raised by the superuser. Second, most resource limits - apply per process to a specific user, not to the user as a - whole. These differences are mandated by the specific - handling of the limits, not by the implementation of the login - capability framework. - - Below are the most commonly used resource limits. The - rest of the limits, along with all the other login - capabilities, can be found in &man.login.conf.5;. - - - - coredumpsize - - - The limit on the size of a core file - - coredumpsize - - generated by a program is subordinate to other limits - - limiting users - coredumpsize - - on disk usage, such as filesize, or - disk quotas. This limit is often used as a less-severe - method of controlling disk space consumption. Since - users do not generate core files themselves, and often - do not delete them, setting this may save them from - running out of disk space should a large program - crash. - - - - - cputime - - - The maximum amount of CPU - - cputime - - - limiting users - cputime - - time a user's process may consume. Offending processes - will be killed by the kernel. - - - This is a limit on CPU time - consumed, not percentage of the CPU as displayed in - some fields by &man.top.1; and &man.ps.1;. - - - - - - filesize - - - The maximum size of a file - - filesize - - - limiting users - filesize - - the user may own. Unlike - disk quotas, this limit is - enforced on individual files, not the set of all files a - user owns. - - - - - maxproc - - - The maximum number of processes - - maxproc - - - limiting users - maxproc - - a user can run. This includes foreground and background - processes. This limit may not be larger than the system - limit specified by the kern.maxproc - &man.sysctl.8;. Setting this limit too small may hinder - a user's productivity as it is often useful to be logged - in multiple times or to execute pipelines. Some tasks, - such as compiling a large program, start lots of - processes. - - - - - memorylocked - - - The maximum amount of memory - - memorylocked - - - limiting users - memorylocked - - a process may request to be locked into main memory - using &man.mlock.2;. Some system-critical programs, - such as &man.amd.8;, lock into main memory so that if - the system begins to swap, they do not contribute to - disk thrashing. - - - - - memoryuse - - - The maximum amount of memory - - memoryuse - - - limiting users - memoryuse - - a process may consume at any given time. It includes - both core memory and swap usage. This is not a - catch-all limit for restricting memory consumption, but - is a good start. - - - - - openfiles - - - The maximum number of files a process may have open - - openfiles - - - limiting users - openfiles - . - In &os;, files are used to represent sockets and IPC - channels, so be careful not to set this too low. The - system-wide limit for this is defined by the - kern.maxfiles &man.sysctl.8;. - - - - - sbsize - - - The limit on the amount of network memory, and - thus mbufs - - sbsize - - - limiting users - sbsize - , - a user may consume. This can be generally used to limit - network communications. - - - - - stacksize - - - The maximum size of a process stack - - stacksize - - - limiting users - stacksize - . - This alone is not sufficient to limit the amount of - memory a program may use so it should be used in - conjunction with other limits. - - - - - There are a few other things to remember when setting - resource limits. Following are some general tips, - suggestions, and miscellaneous comments. - - - - Processes started at system startup by - /etc/rc are assigned to the - daemon login class. - - - - Although the /etc/login.conf that - comes with the system is a good source of reasonable - values for most limits, they may not be appropriate for - every system. Setting a limit too high may open the - system up to abuse, while setting it too low may put a - strain on productivity. - - - - Users of &xorg; should - probably be granted more resources than other users. - &xorg; by itself takes a lot of - resources, but it also encourages users to run more - programs simultaneously. - - - - Many limits apply to individual processes, not the - user as a whole. For example, setting - openfiles to 50 means that each process - the user runs may open up to 50 files. The total amount - of files a user may open is the value of - openfiles multiplied by the value of - maxproc. This also applies to memory - consumption. - - - - For further information on resource limits and login - classes and capabilities in general, refer to - &man.cap.mkdb.1;, &man.getrlimit.2;, and - &man.login.conf.5;. - - Managing Groups Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Wed Apr 30 10:53:40 2014 (r44717) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Wed Apr 30 14:45:09 2014 (r44718) @@ -90,8 +90,8 @@ - Understand the resource limits database and how to - utilize it to control user resources. + How to control user resources using login classes or the + resource limits database. @@ -3539,6 +3539,320 @@ UWWemqWuz3lAZuORQ9KX and to set rules on system initialization using a configuration file. + This section demonstrates both methods for controlling + resources. + + + Login Classes + + + limiting users + + + accounts + limiting + + + &os; provides several methods for an administrator to + limit the amount of system resources an individual may use. + These limits are discussed in two sections: disk quotas and + other resource limits. + + + quotas + + + limiting users + quotas + + + disk quotas + + + Disk quotas limit the amount of disk space available to + users and provide a way to quickly check that usage without + calculating it every time. Quotas are discussed in + . + + The other resource limits include ways to limit the amount + of CPU, memory, and other resources a user may consume. These + are defined using login classes and are discussed here. + + + /etc/login.conf + + + Login classes are defined in + /etc/login.conf and are described in + detail in &man.login.conf.5;. Each user account is assigned + to a login class, default by default, and + each login class has a set of login capabilities associated + with it. A login capability is a + name=value + pair, where name is a well-known + identifier and value is an + arbitrary string which is processed accordingly depending on + the name. Setting up login classes + and capabilities is rather straightforward and is also + described in &man.login.conf.5;. + + + &os; does not normally read the configuration in + /etc/login.conf directly, but instead + reads the /etc/login.conf.db database + which provides faster lookups. Whenever + /etc/login.conf is edited, the + /etc/login.conf.db must be updated by + executing the following command: + + &prompt.root; cap_mkdb /etc/login.conf + + + Resource limits differ from the default login capabilities + in two ways. First, for every limit, there is a soft + (current) and hard limit. A soft limit may be adjusted by the + user or application, but may not be set higher than the hard + limit. The hard limit may be lowered by the user, but can + only be raised by the superuser. Second, most resource limits + apply per process to a specific user, not to the user as a + whole. These differences are mandated by the specific + handling of the limits, not by the implementation of the login + capability framework. + + Below are the most commonly used resource limits. The + rest of the limits, along with all the other login + capabilities, can be found in &man.login.conf.5;. + + + + coredumpsize + + + The limit on the size of a core file + + coredumpsize + + generated by a program is subordinate to other limits + + limiting users + coredumpsize + + on disk usage, such as filesize, or + disk quotas. This limit is often used as a less-severe + method of controlling disk space consumption. Since + users do not generate core files themselves, and often + do not delete them, setting this may save them from + running out of disk space should a large program + crash. + + + + + cputime + + + The maximum amount of CPU + + cputime + + + limiting users + cputime + + time a user's process may consume. Offending processes + will be killed by the kernel. + + + This is a limit on CPU time + consumed, not percentage of the CPU as displayed in + some fields by &man.top.1; and &man.ps.1;. + + + + + + filesize + + + The maximum size of a file + + filesize + + + limiting users + filesize + + the user may own. Unlike + disk quotas, this limit is + enforced on individual files, not the set of all files a + user owns. + + + + + maxproc + + + The maximum number of processes + + maxproc + + + limiting users + maxproc + + a user can run. This includes foreground and background + processes. This limit may not be larger than the system + limit specified by the kern.maxproc + &man.sysctl.8;. Setting this limit too small may hinder + a user's productivity as it is often useful to be logged + in multiple times or to execute pipelines. Some tasks, + such as compiling a large program, start lots of + processes. + + + + + memorylocked + + + The maximum amount of memory + + memorylocked + + + limiting users + memorylocked + + a process may request to be locked into main memory + using &man.mlock.2;. Some system-critical programs, + such as &man.amd.8;, lock into main memory so that if + the system begins to swap, they do not contribute to + disk thrashing. + + + + + memoryuse + + + The maximum amount of memory + + memoryuse + + + limiting users + memoryuse + + a process may consume at any given time. It includes + both core memory and swap usage. This is not a + catch-all limit for restricting memory consumption, but + is a good start. + + + + + openfiles + + + The maximum number of files a process may have open + + openfiles + + + limiting users + openfiles + . + In &os;, files are used to represent sockets and IPC + channels, so be careful not to set this too low. The + system-wide limit for this is defined by the + kern.maxfiles &man.sysctl.8;. + + + + + sbsize + + + The limit on the amount of network memory, and + thus mbufs + + sbsize + + + limiting users + sbsize + , + a user may consume. This can be generally used to limit + network communications. + + + + + stacksize + + + The maximum size of a process stack + + stacksize + + + limiting users + stacksize + . + This alone is not sufficient to limit the amount of + memory a program may use so it should be used in + conjunction with other limits. + + + + + There are a few other things to remember when setting + resource limits. Following are some general tips, + suggestions, and miscellaneous comments. + + + + Processes started at system startup by + /etc/rc are assigned to the + daemon login class. + + + + Although the /etc/login.conf that + comes with the system is a good source of reasonable + values for most limits, they may not be appropriate for + every system. Setting a limit too high may open the + system up to abuse, while setting it too low may put a + strain on productivity. + + + + Users of &xorg; should + probably be granted more resources than other users. + &xorg; by itself takes a lot of + resources, but it also encourages users to run more + programs simultaneously. + + + + Many limits apply to individual processes, not the + user as a whole. For example, setting + openfiles to 50 means that each process + the user runs may open up to 50 files. The total amount + of files a user may open is the value of + openfiles multiplied by the value of + maxproc. This also applies to memory + consumption. + + + + For further information on resource limits and login + classes and capabilities in general, refer to + &man.cap.mkdb.1;, &man.getrlimit.2;, and + &man.login.conf.5;. + + Enabling and Configuring Resource Limits From owner-svn-doc-all@FreeBSD.ORG Wed Apr 30 16:17:17 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9D684185; Wed, 30 Apr 2014 16:17:17 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 88D1B14A6; Wed, 30 Apr 2014 16:17:17 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3UGHHwO018370; Wed, 30 Apr 2014 16:17:17 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3UGHHxD018369; Wed, 30 Apr 2014 16:17:17 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404301617.s3UGHHxD018369@svn.freebsd.org> From: Dru Lavigne Date: Wed, 30 Apr 2014 16:17:17 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44719 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Apr 2014 16:17:17 -0000 Author: dru Date: Wed Apr 30 16:17:17 2014 New Revision: 44719 URL: http://svnweb.freebsd.org/changeset/doc/44719 Log: Editorial review of Login Classes section. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Wed Apr 30 14:45:09 2014 (r44718) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Wed Apr 30 16:17:17 2014 (r44719) @@ -3517,33 +3517,46 @@ UWWemqWuz3lAZuORQ9KX Resource limits - Traditionally, &os; used a resource limits database - controlled through a flat file, + &os; provides several methods for an administrator to + limit the amount of system resources an individual may use. + Disk quotas limit the amount of disk space available to + users. Quotas are discussed in + . + + + quotas + + + limiting users + quotas + + + disk quotas + + + Limits to other resources, such as CPU + and memory, can be set using either a flat + file or a command to configure a resource limits database. The + traditional method defines login classes by editing /etc/login.conf. While this method is still supported, any changes require a multi-step process of - editing this file in order to divide users into various group - labels known as classes, rebuilding the resource database using - cap_mkdb, making necessary changes to + editing this file, rebuilding the resource database, making necessary changes to /etc/master.passwd, and rebuilding the - password database using pwd_mkdb. This - could be time consuming, depending upon the number of users to + password database. This + can become time consuming, depending upon the number of users to configure. Beginning with &os; 9.0-RELEASE, rctl can be used to provide a more - fine-grained method of controlling resources limits for users. - This command supports much more than users as it can be used to - set resource constraints on processes, jails, and the original - login class. These advanced features provide administrators and - users with methods to control resources through the command line - and to set rules on system initialization using a configuration - file. + fine-grained method for controlling resource limits. + This command supports more than user limits as it can also be used to + set resource constraints on processes and jails. This section demonstrates both methods for controlling - resources. + resources, beginning with the traditional method. - Login Classes + Configuring Login Classes limiting users @@ -3552,55 +3565,24 @@ UWWemqWuz3lAZuORQ9KX accounts limiting - - &os; provides several methods for an administrator to - limit the amount of system resources an individual may use. - These limits are discussed in two sections: disk quotas and - other resource limits. - - - quotas - - - limiting users - quotas - - - disk quotas - - - Disk quotas limit the amount of disk space available to - users and provide a way to quickly check that usage without - calculating it every time. Quotas are discussed in - . - - The other resource limits include ways to limit the amount - of CPU, memory, and other resources a user may consume. These - are defined using login classes and are discussed here. - /etc/login.conf - Login classes are defined in - /etc/login.conf and are described in - detail in &man.login.conf.5;. Each user account is assigned - to a login class, default by default, and - each login class has a set of login capabilities associated + In the traditional method, login classes and the resource + limits to apply to a login class are defined in + /etc/login.conf. Each user account can be assigned + to a login class, where default is the default + login class. Each login class has a set of login capabilities associated with it. A login capability is a name=value pair, where name is a well-known identifier and value is an arbitrary string which is processed accordingly depending on - the name. Setting up login classes - and capabilities is rather straightforward and is also - described in &man.login.conf.5;. + the name. - &os; does not normally read the configuration in - /etc/login.conf directly, but instead - reads the /etc/login.conf.db database - which provides faster lookups. Whenever + Whenever /etc/login.conf is edited, the /etc/login.conf.db must be updated by executing the following command: @@ -3609,207 +3591,159 @@ UWWemqWuz3lAZuORQ9KX Resource limits differ from the default login capabilities - in two ways. First, for every limit, there is a soft - (current) and hard limit. A soft limit may be adjusted by the + in two ways. First, for every limit, there is a soft + and hard limit. A soft limit may be adjusted by the user or application, but may not be set higher than the hard limit. The hard limit may be lowered by the user, but can only be raised by the superuser. Second, most resource limits - apply per process to a specific user, not to the user as a - whole. These differences are mandated by the specific - handling of the limits, not by the implementation of the login - capability framework. - - Below are the most commonly used resource limits. The - rest of the limits, along with all the other login - capabilities, can be found in &man.login.conf.5;. - - - - coredumpsize + apply per process to a specific user. + + lists the most commonly + used resource limits. All of the available + resource limits and capabilities are described in + detail in &man.login.conf.5;. - - The limit on the size of a core file - - coredumpsize - - generated by a program is subordinate to other limits limiting users coredumpsize - on disk usage, such as filesize, or - disk quotas. This limit is often used as a less-severe - method of controlling disk space consumption. Since - users do not generate core files themselves, and often - do not delete them, setting this may save them from - running out of disk space should a large program - crash. - - - - - cputime - - - The maximum amount of CPU - cputime + limiting users + cputime limiting users - cputime + filesize - time a user's process may consume. Offending processes - will be killed by the kernel. - - - This is a limit on CPU time - consumed, not percentage of the CPU as displayed in - some fields by &man.top.1; and &man.ps.1;. - - - - - - filesize - - - The maximum size of a file - filesize + limiting users + maxproc limiting users - filesize + memorylocked - the user may own. Unlike - disk quotas, this limit is - enforced on individual files, not the set of all files a - user owns. - - - - - maxproc - - - The maximum number of processes - maxproc + limiting users + memoryuse limiting users - maxproc + openfiles - a user can run. This includes foreground and background - processes. This limit may not be larger than the system - limit specified by the kern.maxproc - &man.sysctl.8;. Setting this limit too small may hinder - a user's productivity as it is often useful to be logged - in multiple times or to execute pipelines. Some tasks, - such as compiling a large program, start lots of - processes. - - - - - memorylocked - - - The maximum amount of memory - memorylocked + limiting users + sbsize limiting users - memorylocked + stacksize + + + Login Class Resource Limits + + + + + Resource Limit + Description + + + + + + coredumpsize + The limit on the size of a core file + generated by a program is subordinate to other limits + on disk usage, such as filesize or + disk quotas. This limit is often used as a less severe + method of controlling disk space consumption. Since + users do not generate core files and often + do not delete them, this setting may save them from + running out of disk space should a large program + crash. + + + + cputime + The maximum amount of CPU + time a user's process may consume. Offending processes + will be killed by the kernel. This is a limit on + CPU time + consumed, not the percentage of the CPU as displayed in + some of the fields generated by top + and ps. + + + + filesize + The maximum size of a file + the user may own. Unlike disk quotas + (), this limit is + enforced on individual files, not the set of all files a + user owns. + + + + maxproc + The maximum number of foreground and background processes + a user can run. This limit may not be larger than the system + limit specified by kern.maxproc. + Setting this limit too small may hinder + a user's productivity as some tasks, + such as compiling a large program, start lots of + processes. + + + + memorylocked + The maximum amount of memory a process may request to be locked into main memory using &man.mlock.2;. Some system-critical programs, such as &man.amd.8;, lock into main memory so that if the system begins to swap, they do not contribute to - disk thrashing. - - - - - memoryuse + disk thrashing. + - - The maximum amount of memory - - memoryuse - - - limiting users - memoryuse - + + memoryuse + The maximum amount of memory a process may consume at any given time. It includes both core memory and swap usage. This is not a catch-all limit for restricting memory consumption, but - is a good start. - - - - - openfiles + is a good start. + - - The maximum number of files a process may have open - - openfiles - - - limiting users - openfiles - . - In &os;, files are used to represent sockets and IPC + + openfiles + The maximum number of files a process may have open. + In &os;, files are used to represent sockets and IPC channels, so be careful not to set this too low. The - system-wide limit for this is defined by the - kern.maxfiles &man.sysctl.8;. - - - - - sbsize - - - The limit on the amount of network memory, and - thus mbufs - - sbsize - - - limiting users - sbsize - , + system-wide limit for this is defined by + kern.maxfiles. + + + + sbsize + The limit on the amount of network memory a user may consume. This can be generally used to limit - network communications. - - + network communications. + - - stacksize - - - The maximum size of a process stack - - stacksize - - - limiting users - stacksize - . + + stacksize + The maximum size of a process stack. This alone is not sufficient to limit the amount of - memory a program may use so it should be used in - conjunction with other limits. - - - + memory a program may use, so it should be used in + conjunction with other limits. + + + +
            There are a few other things to remember when setting - resource limits. Following are some general tips, - suggestions, and miscellaneous comments. + resource limits:             @@ -3819,8 +3753,8 @@ UWWemqWuz3lAZuORQ9KX - Although the /etc/login.conf that - comes with the system is a good source of reasonable + Although the default /etc/login.conf + is a good source of reasonable values for most limits, they may not be appropriate for every system. Setting a limit too high may open the system up to abuse, while setting it too low may put a @@ -3828,18 +3762,16 @@ UWWemqWuz3lAZuORQ9KX - Users of &xorg; should - probably be granted more resources than other users. - &xorg; by itself takes a lot of - resources, but it also encourages users to run more + &xorg; takes a lot of + resources and encourages users to run more programs simultaneously. Many limits apply to individual processes, not the user as a whole. For example, setting - openfiles to 50 means that each process - the user runs may open up to 50 files. The total amount + openfiles to 50 means that each process + the user runs may open up to 50 files. The total amount of files a user may open is the value of openfiles multiplied by the value of maxproc. This also applies to memory From owner-svn-doc-all@FreeBSD.ORG Wed Apr 30 17:14:29 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C189943B; Wed, 30 Apr 2014 17:14:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AE8D01AD9; Wed, 30 Apr 2014 17:14:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3UHET1j042628; Wed, 30 Apr 2014 17:14:29 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3UHETSF042627; Wed, 30 Apr 2014 17:14:29 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201404301714.s3UHETSF042627@svn.freebsd.org> From: Glen Barber Date: Wed, 30 Apr 2014 17:14:29 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44720 - head/en_US.ISO8859-1/htdocs/internal X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Apr 2014 17:14:29 -0000 Author: gjb Date: Wed Apr 30 17:14:29 2014 New Revision: 44720 URL: http://svnweb.freebsd.org/changeset/doc/44720 Log: Remove nova. It has suffered hardware from more hardware failure than is reasonably feasible to restore the machine to a working state. If it were a horse, it would have been turned into glue years ago. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/internal/machines.xml Modified: head/en_US.ISO8859-1/htdocs/internal/machines.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/internal/machines.xml Wed Apr 30 16:17:17 2014 (r44719) +++ head/en_US.ISO8859-1/htdocs/internal/machines.xml Wed Apr 30 17:14:29 2014 (r44720) @@ -60,13 +60,6 @@ this file.

            -nova -11-CURRENT -sparc64 -Reference machine. - - - pluto 10-STABLE ia64 From owner-svn-doc-all@FreeBSD.ORG Wed Apr 30 17:59:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 201E85B4; Wed, 30 Apr 2014 17:59:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0BD111108; Wed, 30 Apr 2014 17:59:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3UHxsDJ059959; Wed, 30 Apr 2014 17:59:54 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3UHxs3M059958; Wed, 30 Apr 2014 17:59:54 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404301759.s3UHxs3M059958@svn.freebsd.org> From: Dru Lavigne Date: Wed, 30 Apr 2014 17:59:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44721 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Apr 2014 17:59:55 -0000 Author: dru Date: Wed Apr 30 17:59:54 2014 New Revision: 44721 URL: http://svnweb.freebsd.org/changeset/doc/44721 Log: Editorial review of first 1/3 of Security Introduction. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Wed Apr 30 17:14:29 2014 (r44720) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Wed Apr 30 17:59:54 2014 (r44721) @@ -114,155 +114,124 @@ Security is everyone's responsibility. A weak entry point in any system could allow intruders to gain access to critical - information and cause havoc on an entire network. In most - security training, they discuss the security triad - CIA which stands for the confidentiality, - integrity, and availability of information systems. + information and cause havoc on an entire network. One of the + core principles of information security is the + CIA triad, which stands for the Confidentiality, + Integrity, and Availability of information systems.             The CIA triad is a bedrock concept of - computer security, customers and end users expect privacy of - their data. They expect orders they place to not be changed or - their information altered behind the scenes. They also expect - access to information at all times. Together they make up the - confidentiality, integrity, and availability of the - system. + computer security as customers and users expect their data to be + protected. For example, a customer expects that their credit card + information is securely stored (confidentiality), that their + orders are not changed behind the scenes (integrity), and that they have + access to their order information at all times (availablility). - To protect CIA, security professionals + To provide CIA, security professionals apply a defense in depth strategy. The idea of defense in depth is to add several layers of security to prevent one single - layer failing and the entire security system collapsing. A - systems administrator cannot simply turn on a firewall and - consider the network or system secure, they must audit accounts, + layer failing and the entire security system collapsing. For example, a + system administrator cannot simply turn on a firewall and + consider the network or system secure. One must also audit accounts, check the integrity of binaries, and ensure malicious tools are - not installed. To do this, they must understand what the - threats are. + not installed. To implement an effective security strategy, one must understand + threats and how to defend against them. - - Threats - - What is a threat as pertaining to computer security? For - years it was assumed that threats are remote attackers, people - whom will attempt to access the system without permission, - from a remote location. In today's world, this definition has - been expanded to include employees, malicious software, rogue + What is a threat as it pertains to computer security? Threats + are not limited to remote attackers who + attempt to access a system without permission + from a remote location. Threats also include + employees, malicious software, unauthorized network devices, natural disasters, security vulnerabilities, and even competing corporations. - Every day thousands of systems and networks are attacked - and several hundred are accessed without permission. - Sometimes by simple accident, others by remote attackers, and - in some cases, corporate espionage or former employees. As a - system user, it is important to prepare for and admit when a + Systems and networks can be + accessed without permission, + sometimes by accident, or by remote attackers, and + in some cases, via corporate espionage or former employees. As a + user, it is important to prepare for and admit when a mistake has lead to a security breach and report possible issues to the security team. As an administrator, it is important to know of the threats and be prepared to mitigate them. - - - A Ground Up Approach - - In security, it is sometimes best to take a ground up - approach, whereas the administrator begins with the basic - accounts, system configuration, and then begins to work with - third party utilities and work up to the network layer. It - is in these latter configuration aspects that system policy - and procedures should take place. - - Many places of business already have a security policy - that covers the configuration technology devices in use. They - should contain, at minimal, the security configuration of end - user workstations and desktops, mobile devices such as phones - and laptops, and both production and development servers. In - many cases, when applying computer security, standard + When applying security to systems, it is recommended to + start by securing the basic + accounts and system configuration, and then to secure + the network layer so that it adheres to the system policy + and the organization's security procedures. Many organizations already have a security policy + that covers the configuration of technology devices. The policy + should include the security configuration of + workstations, desktops, mobile devices, phones, + production servers, and development servers. In + many cases, standard operating procedures (SOPs) already exist. When in doubt, ask the security team. - + + The rest of this introduction describes how some of these + basic security configurations are performed on a &os; system. + The rest of this chapter describes some specific tools which can + be used when implementing a security policy on a &os; system. - System and User Accounts + Preventing Logins - In securing a system, the best starting point is auditing - accounts. Ensure that the root account has a strong password, - disable accounts that do not need shell access, for users who - need to augment their privileges, install the - security/sudo and only allow them access - to applications they need. The root user password should - never be shared. - - To deny access to accounts, two methods exist. The first - one is to lock an account, for example, to lock the toor - account: + In securing a system, a good starting point is an audit of + accounts. Ensure that root has a strong password and + that this password is not shared. + Disable any accounts that do not need login access. + + To deny login access to accounts, two methods exist. The first + is to lock the account. This example locks the toor account: &prompt.root; pw lock toor - This command will change the account from this - toor:*:0:0::0:0:Bourne-again Superuser:/root: - to toor:*LOCKED**:0:0::0:0:Bourne-again - Superuser:/root: - - In some cases, this is not possible, perhaps because of - an additional service. In those cases, login access - could be prevented by changing the shell to /sbin/nologin - like in this example: - - &prompt.root; chsh -s /usr/sbin/nologin toor - - - Only super users are able to change the shell for - other users. Attempting to perform this as a regular user - will fail. - - - The account structure will now look like this, with - the nologin shell as the last entry: - - toor:*:0:0::0:0:Bourne-again Superuser:/root:/usr/sbin/nologin - - The /usr/sbin/nologin shell will - block the &man.login.1; command from assigning a shell to this - user. + The second method is to prevent login access + by changing the shell to /sbin/nologin. + Only the superuser can change the shell for other users: + + &prompt.root; chsh -s /usr/sbin/nologin toor + + The /usr/sbin/nologin shell prevents + the system from assigning a shell to the + user when they attempt to login. Permitted Account Escalation - In some cases, system administration access needs to be + In some cases, system administration needs to be shared with other users. &os; has two methods to handle this. The first one, which is not recommended, is a shared root - password and adding users to the wheel group. To achieve - this, edit the /etc/group and add the - user to the end of the first group. This user must be - separated by a comma character. - - The correct way to permit this privilege escalation is - using the security/sudo port which will - provide additional auditing, more fine grained user control, - and even lock users into running only single, privileged - commands such as &man.service.8; - - After installation, edit - /usr/local/etc/sudoers using - the visudo interface. In this example, - a new webadmin group will be added, the user trhodes to that group, and - then give the user access to restart - apache24, the following procedure may be - followed: - - &prompt.root; pw groupadd webadmin -M trhodes -g 6000 - - &prompt.root; visudo - - %webadmin ALL=(ALL) /usr/sbin/service apache24 * - - The security/sudo provides an - invaluable resource when it comes to local user management. - It is also possible to not require passwords and just default - to the &man.ssh.1; key method. To disable password login - via &man.sshd.8; and only use local passwords for - sudo, see . + password used by members of the wheel group. With this method, + a user types su and enters the password for + wheel whenever + superuser access is needed. The user should then type + exit to leave privileged access after + finishing the commands that required administrative access. To add a user + to this group, edit /etc/group and add the + user to the end of the wheel entry. The user must be + separated by a comma character with no space. + + The second, and recommended, method to permit privilege escalation is + to install the security/sudo package or port. + This software provides additional auditing, more fine-grained user control, + and can be configured to lock users into running only the specified privileged + commands. + + After installation, use visudo to edit + /usr/local/etc/sudoers. + This example creates + a new webadmin group, adds the trhodes account to that group, and + configures that group access to restart + apache24: + + &prompt.root; pw groupadd webadmin -M trhodes -g 6000 +&prompt.root; visudo +%webadmin ALL=(ALL) /usr/sbin/service apache24 * From owner-svn-doc-all@FreeBSD.ORG Wed Apr 30 18:29:20 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5D6B9328; Wed, 30 Apr 2014 18:29:20 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4B0271410; Wed, 30 Apr 2014 18:29:20 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3UITKLd072723; Wed, 30 Apr 2014 18:29:20 GMT (envelope-from flo@svn.freebsd.org) Received: (from flo@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3UITK0F072722; Wed, 30 Apr 2014 18:29:20 GMT (envelope-from flo@svn.freebsd.org) Message-Id: <201404301829.s3UITK0F072722@svn.freebsd.org> From: Florian Smeets Date: Wed, 30 Apr 2014 18:29:20 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44722 - head/en_US.ISO8859-1/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Apr 2014 18:29:20 -0000 Author: flo (ports committer) Date: Wed Apr 30 18:29:19 2014 New Revision: 44722 URL: http://svnweb.freebsd.org/changeset/doc/44722 Log: Remove jmb from the postmaster team. He hasn't been active for a while. Thank you for your work in the past! Discussed with: jmb Approved by: gjb Modified: head/en_US.ISO8859-1/htdocs/administration.xml Modified: head/en_US.ISO8859-1/htdocs/administration.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/administration.xml Wed Apr 30 17:59:54 2014 (r44721) +++ head/en_US.ISO8859-1/htdocs/administration.xml Wed Apr 30 18:29:19 2014 (r44722) @@ -451,7 +451,6 @@ services, such as having troll-, spam- and virus-filters.

              -
            • &a.jmb.email;
            • &a.brd.email;
            • &a.flo.email;
            • &a.sahil.email;
              • From owner-svn-doc-all@FreeBSD.ORG Wed Apr 30 19:05:35 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 93FB8C40; Wed, 30 Apr 2014 19:05:35 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 72186183E; Wed, 30 Apr 2014 19:05:35 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3UJ5ZFj090174; Wed, 30 Apr 2014 19:05:35 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3UJ5ZxD090173; Wed, 30 Apr 2014 19:05:35 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201404301905.s3UJ5ZxD090173@svn.freebsd.org> From: Xin LI Date: Wed, 30 Apr 2014 19:05:35 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44723 - head/share/security/advisories X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Apr 2014 19:05:35 -0000 Author: delphij Date: Wed Apr 30 19:05:34 2014 New Revision: 44723 URL: http://svnweb.freebsd.org/changeset/doc/44723 Log: Revise the advisory to include patch procedure. Noticed by: Lukasz Modified: head/share/security/advisories/FreeBSD-SA-14:09.openssl.asc Modified: head/share/security/advisories/FreeBSD-SA-14:09.openssl.asc ============================================================================== --- head/share/security/advisories/FreeBSD-SA-14:09.openssl.asc Wed Apr 30 18:29:19 2014 (r44722) +++ head/share/security/advisories/FreeBSD-SA-14:09.openssl.asc Wed Apr 30 19:05:34 2014 (r44723) @@ -19,6 +19,11 @@ For general information regarding FreeBS including descriptions of the fields above, security branches, and the following sections, please visit . +0. Revision History + +v1.0 2014-04-30 Initial release. +v1.1 2014-04-30 Added patch applying step in Solutions section. + I. Background FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is @@ -73,6 +78,14 @@ detached PGP signature using your PGP ut # fetch http://security.FreeBSD.org/patches/SA-14:09/openssl.patch.asc # gpg --verify openssl.patch.asc +b) Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +Recompile the operating system using buildworld and installworld as +described in . + Restart all deamons using the library, or reboot the system. 3) To update your vulnerable system via a binary patch: @@ -117,17 +130,17 @@ The latest revision of this advisory is -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) -iQIcBAEBCgAGBQJTYHsHAAoJEO1n7NZdz2rn2EsP+wYlobS4EiYtgspXAFgKLha1 -0aeA7UokUs21QRTV9tIiFD0Se5HwdmHdh94bRJMRFraU22QYbAelG5GPsZPdRCt4 -0ECLKUBDK6ng2M7UNyKhkstsL0+wBq6y5dzKjpR49QX4Vh2zEUYw5BcC5vrIk+YK -Qazq8l1t5bl9ebm9rIDmd2uCv/Qe1MgnMlAczeH9HckfzMiH6NhnAuiYpP7K0mIL -By6gpSxsHPeQShgJN/5kJjVGkdQK1/A1q0KnNf5r/itQdSC96NazKpCCpkud6RMm -k9aPxI5As5Scl70zuCUDAS6vbNI3dvzCU46k8t65/FTeYQO2lxje0QZpqaDiB3+2 -tbN5kDviQdWHlJyygCeNK3jxdv0H3+zUZidjPuo158Zcbhb4ckTEZtMtgTn0fRoY -alG8qLn3hLj51fPHQK3Ff96xL+1DrhT+3D18OYIbjx7LKtsJJbnorB3jrbW68Ggr -h0bW+8yAm1jDFM4kPQw6gcrmtyjxNhnVRLoeoBPSIkmS9cm+12YcXufbSyLm/WqG -hkpPCrvUXibZmLi0CDlRMhLkjaOUhEXQsV3OR0gCmuFtN52gncyrIoPaxs79HZ1A -g2JxLp7b56B2XOyakEmNc+rqJJkzi+LV8HTp5DcrbXjAunYk9ipfxPakqXFDD6jV -L3ElC6aFDJ2UchtmjBRk -=Y+tE +iQIcBAEBCgAGBQJTYUi5AAoJEO1n7NZdz2rnk/8QAMUvAUQzbd0PE8QYH2ZlnHuO +fhY8xeIxXzK7/e4WOpXDmC68phxLcGQF4YRtX7Wu/yEchIk7cJPocx6kkht8CpCG +t7BpgQOyWY7QRHkIg+hzcooWJFK8nS9miXrwI0vOgWNIbI+iNaSZwNcBsrqF45hI +U1/Z6EWFqmEq+VJBtzpp6F7etYYn8OomBF0XFj13Dtr1UnuG+QqOF0c7FH4o0oiL ++LpTPlgpubOR1wIx/7nR4j5VeXUwHK3Lrv9X5395YmLVca6pHzeG3pFjGuJJMf8E +9t4Y13EfnetO1AEX7Up86i2h28P8nTqmse+m60LAAwMuHpTRvzruQNvzBguv5Nb7 +kVoZKbHb8Ji2rrUEQ//tEYcp57iry0ukvP3uzyvA8q17FeGvx/aJl9Wcc6s+Untd +n2WbVvYLnGGNWWI35Yi5eo7TCKcj8z/s0Wgb0omWh7cz7YCjveoG/2x9BHwVGunf +VxEmhXPW8HKSEVf/w/yEIAJIechpRv3q9y+Yh5vgMzVqwoP3nXESuQxpzm6Bx/2P +0ZV+IQNAGRXIBQWqjDqC0yZJ/8QNkp+NDRE8ZZHjxnJeQZCayCaEBmjQZcU9qRHP +Y2eHu+AiDSi5j2hKyWwY59xlUJ+hBCejzSc0kGiuNq1GWIKltGZ48dnN+H4d4Z6C +ZYF6H9F0ykvTxWFfVlFx +=H1mN -----END PGP SIGNATURE----- From owner-svn-doc-all@FreeBSD.ORG Wed Apr 30 19:31:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E37F79D2; Wed, 30 Apr 2014 19:31:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D00571C90; Wed, 30 Apr 2014 19:31:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3UJVuk8005285; Wed, 30 Apr 2014 19:31:56 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3UJVuNK005284; Wed, 30 Apr 2014 19:31:56 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404301931.s3UJVuNK005284@svn.freebsd.org> From: Dru Lavigne Date: Wed, 30 Apr 2014 19:31:56 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44724 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Apr 2014 19:31:57 -0000 Author: dru Date: Wed Apr 30 19:31:56 2014 New Revision: 44724 URL: http://svnweb.freebsd.org/changeset/doc/44724 Log: Editorial review of 14.2.3 Password Hashes. Add example of how to view and change the password hash. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Wed Apr 30 19:05:34 2014 (r44723) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Wed Apr 30 19:31:56 2014 (r44724) @@ -235,48 +235,84 @@ - Passwords + Password Hashes - Passwords are a necessary evil of technology. In the - cases they must be used, not only should the password be - extremely complex, but also use a powerful hash mechanism to - protect it. At the time of this writing, &os; supports - DES, MD5, Blowfish, - SHA256, and SHA512 in - the crypt() library. The default is - SHA512 and should not be changed backwards; - however, some users like to use the Blowfish option. Each - mechanism, aside from DES, has a unique - beginning to designate the hash mechanism assigned. For the - MD5 mechanism, the symbol is a - $ sign. For the SHA256 or - SHA512, the symbol is $6$ - and Blowfish uses $2a$. Any weaker passwords - should be re-hashed by asking the user to run &man.passwd.1; - during their next login. + Passwords are a necessary evil of technology. When + they must be used, they should be + complex and a powerful hash mechanism should be used to + encrypt the version that is stored in the password database. &os; supports the + DES, MD5, + SHA256, SHA512, and Blowfish hash algorithms in its + crypt() library. The default of + SHA512 should not be changed to a less + secure hashing algorithm, but can be changed to the more secure + Blowfish algorithm. - At the time of this writing, Blowfish is not part of - AES nor is it considered compliant with - any FIPS (Federal Information - Processing Standards) standard and its use may not be + Blowfish is not part of + AES and is not considered compliant with + any Federal Information + Processing Standards (FIPS). Its use may not be permitted in some environments. - For any system connected to the network, two factor - authentication should be used. This is normally considered - something you have and something you know. With - OpenSSH being part of the &os; - base system and the use of ssh-keys being available for some - time, all network logins should avoid the use of passwords in - exchange for this two factor authentication method. For - more information see the section of - the handbook. Kerberos users may need to make additional + To determine which hash algorithm is used to encrypt a + user's password, the superuser can view the hash for the user + in the &os; password database. Each hash + starts with a symbol which indicates the type of hash + mechanism used to encrypt the password. If + DES is used, there is no beginning symbol. + For + MD5, the symbol is + $. For SHA256 and + SHA512, the symbol is $6$. + For Blowfish, the symbol is $2a$. In this + example, the password for dru is hashed using the default + SHA512 algorithm as the hash starts with + $6$. Note that the encrypted hash, not the password + itself, is stored in the password database: + + &prompt.root; grep dru /etc/master.passwd +dru:$6$pzIjSvCAn.PBYQBA$PXpSeWPx3g5kscj3IMiM7tUEUSPmGexxta.8Lt9TGSi2lNQqYGKszsBPuGME0:1001:1001::0:0:dru:/usr/home/dru:/bin/csh + + + The hash mechanism is set in the user's login class. For + this example, the user is in the default + login class and the hash algorithm is set with this line in + /etc/login.conf: + + :passwd_format=sha512:\ + + To change the algorithm to Blowfish, modify that line to + look like this: + + :passwd_format=blf:\ + + Then run cap_mkdb /etc/login.conf as + described in . Note that this + change will not affect any existing password hashes. This + means that all passwords should + be re-hashed by asking users to run passwd + in order to change their password. + + For remote logins, two-factor + authentication should be used. An example of two-factor authentication is + something you have, such as a key, and + something you know, such as the passphrase for that key. Since + OpenSSH is part of the &os; + base system, all network logins should be over an encrypted + connection and use key-based authentication instead of passwords. + For + more information, refer to . + Kerberos users may need to make additional changes to implement OpenSSH in - their network. + their network. These changes are described in . + - - Password Policy and Enforcement + + Password Policy Enforcement Enforcing a strong password policy for local accounts is a fundamental aspect of local system security and policy. @@ -358,7 +394,6 @@ Enter new password: As seen here, an expiration date is set in the form of day, month, year. For more information, see &man.pw.8; - From owner-svn-doc-all@FreeBSD.ORG Wed Apr 30 20:50:57 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D2D2D525; Wed, 30 Apr 2014 20:50:57 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B402B153B; Wed, 30 Apr 2014 20:50:57 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3UKovnn044271; Wed, 30 Apr 2014 20:50:57 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3UKov1D044270; Wed, 30 Apr 2014 20:50:57 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404302050.s3UKov1D044270@svn.freebsd.org> From: Dru Lavigne Date: Wed, 30 Apr 2014 20:50:57 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44725 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Apr 2014 20:50:57 -0000 Author: dru Date: Wed Apr 30 20:50:57 2014 New Revision: 44725 URL: http://svnweb.freebsd.org/changeset/doc/44725 Log: Editorial review of password policy section. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Wed Apr 30 19:31:56 2014 (r44724) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Wed Apr 30 20:50:57 2014 (r44725) @@ -315,48 +315,55 @@ dru:$6$pzIjSvCAn.PBYQBA$PXpSeWPx3g5kscj3 Password Policy Enforcement Enforcing a strong password policy for local accounts - is a fundamental aspect of local system security and policy. - During password enforcement, things like password length, - password strength, and the likelihood the password could be - guessed or cracked can be implemented through the system - &man.pam.8; modules. - - The PAM system, or Pluggable - Authentication Modules, will enforce the password policy by - setting a minimum and maximum password length. They will - also enforce mixed characters. In particular the - &man.pam.passwdqc.8; will be discussed. - - To proceed, add the following line to - /etc/pam.d/passwd: - - password requisite pam_passwdqc.so min=disabled,disabled,disabled,12,10 similar=deny retry=3 enforce=users - - There is already a commented out line for this module - and it may be altered to the version above. This statement - basically sets several requirements. First, a minimal - password length is disabled, allowing for a password of any - length. Using only two character classes are disabled, - which means that all classes, including special, will be - considered valid. The next entry requires that passwords - be twelve characters in length with characters from three - classes or ten byte (or more) passwords with characters from - four character classes. This also denies passwords that - are similar to the previously used password. A user is - provided three opportunities to enter a new password and - finally only enforce this requirement on users. That is, - exempt super users. This statement is probably confusing - so reading the manual page is highly recommended, in - particular to understand what character classes are. + is a fundamental aspect of system security. + In &os;, password length, + password strength, and password complexity + can be implemented using built-in Pluggable Authentication + Modules (PAM). + + This section demonstrates how to configure the minimum + and maximum password length and the + enforcement of mixed characters using the + pam_passwdqc.so module. This module is enforced when + a user changes their password. + + To configure this module, become the superuser and uncomment the line containing + pam_passwdqc.so in + /etc/pam.d/passwd. Then, edit that + line to match the password policy: + + password requisite pam_passwdqc.so min=disabled,disabled,disabled,12,10 similar=deny retry=3 enforce=users + + This example + sets several requirements for new passwords. The min + setting controls the minimum + password length. It has five values because this module + defines five different types of passwords based on their + complexity. Complexity is defined by the type of characters + that must exist in a password, such as letters, numbers, + symbols, and case. The types of passwords are described in + &man.pam.passwdqc.8;. In this example, the first three + types of passwords are disabled, meaning that passwords that + meet those complexity requirements will not be accepted, + regardless of their length. + The 12 sets a minimum password policy of + at least twelve characters, if the password also contains + characters with three types of complexity. The + 10 sets the password policy to also allow + passwords of at least ten characters, if the password + contains characters with four types of complexity. + + The similar setting denies passwords that + are similar to the user's previous password. The + retry setting provides a user with + three opportunities to enter a new password. - After this change is made and the file saved, any user + Once this file is saved, a user changing their password will see a message similar to the - following. This message might also clear up some confusion - about the configuration. + following: - &prompt.user; passwd - - Changing local password for trhodes + &prompt.user; passwd +Changing local password for trhodes Old Password: You can now choose the new password. @@ -368,32 +375,34 @@ classes. Characters that form a common the check. Alternatively, if noone else can see your terminal now, you can pick this as your password: "trait-useful&knob". -Enter new password: +Enter new password: - If a weak password is entered, it will be rejected with + If a password that does not match the policy is entered, it will be rejected with a warning and the user will have an opportunity to try - again - - In most password policies, a password aging requirement - is normally set. This means that a every password must - expire after so many days after it has been set. To set a - password age time in &os;, set the - in - /etc/login.conf. Most users when added - to the system just fall into the - default group which is where this variable could be added - and the database rebuilt using: - - &prompt.root; cap_mkdb /etc/login.conf + again, up to the configured number of retries. - To set the expiration on individual users, provide a day - count to &man.pw.8; and a username like: + Most password policies require passwords to + expire after so many days. To set a + password age time in &os;, set + for the user's login class in + /etc/login.conf. The + default login class contains an example: + + # :passwordtime=90d:\ + + So, to set an expiry of 90 days for this login class, + remove the comment symbol (#), save the + edit, and run cap_mkdb /etc/login.conf. + + To set the expiration on individual users, pass an + expiration date or the number of days to expiry + and a username to pw: - &prompt.root; pw usermod -p 30-apr-2014 -n trhodes + &prompt.root; pw usermod -p 30-apr-2015 -n trhodes As seen here, an expiration date is set in the form of - day, month, year. For more information, see - &man.pw.8; + day, month, and year. For more information, see + &man.pw.8;. From owner-svn-doc-all@FreeBSD.ORG Wed Apr 30 21:29:04 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6F05A494; Wed, 30 Apr 2014 21:29:04 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5A5E318C0; Wed, 30 Apr 2014 21:29:04 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3ULT4of061275; Wed, 30 Apr 2014 21:29:04 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3ULT4iu061274; Wed, 30 Apr 2014 21:29:04 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404302129.s3ULT4iu061274@svn.freebsd.org> From: Dru Lavigne Date: Wed, 30 Apr 2014 21:29:04 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44726 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Apr 2014 21:29:04 -0000 Author: dru Date: Wed Apr 30 21:29:03 2014 New Revision: 44726 URL: http://svnweb.freebsd.org/changeset/doc/44726 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Wed Apr 30 20:50:57 2014 (r44725) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Wed Apr 30 21:29:03 2014 (r44726) @@ -116,61 +116,61 @@ in any system could allow intruders to gain access to critical information and cause havoc on an entire network. One of the core principles of information security is the - CIA triad, which stands for the Confidentiality, - Integrity, and Availability of information systems. + CIA triad, which stands for the + Confidentiality, Integrity, and Availability of information + systems. The CIA triad is a bedrock concept of computer security as customers and users expect their data to be - protected. For example, a customer expects that their credit card - information is securely stored (confidentiality), that their - orders are not changed behind the scenes (integrity), and that they have - access to their order information at all times (availablility). + protected. For example, a customer expects that their credit + card information is securely stored (confidentiality), that + their orders are not changed behind the scenes (integrity), and + that they have access to their order information at all times + (availablility). To provide CIA, security professionals - apply a defense in depth strategy. The idea of defense in - depth is to add several layers of security to prevent one single - layer failing and the entire security system collapsing. For example, a - system administrator cannot simply turn on a firewall and - consider the network or system secure. One must also audit accounts, - check the integrity of binaries, and ensure malicious tools are - not installed. To implement an effective security strategy, one must understand - threats and how to defend against them. - - What is a threat as it pertains to computer security? Threats - are not limited to remote attackers who - attempt to access a system without permission - from a remote location. Threats also include - employees, malicious software, unauthorized - network devices, natural disasters, security vulnerabilities, - and even competing corporations. - - Systems and networks can be - accessed without permission, - sometimes by accident, or by remote attackers, and - in some cases, via corporate espionage or former employees. As a - user, it is important to prepare for and admit when a - mistake has lead to a security breach and report possible - issues to the security team. As an administrator, it is - important to know of the threats and be prepared to mitigate - them. - - When applying security to systems, it is recommended to - start by securing the basic - accounts and system configuration, and then to secure - the network layer so that it adheres to the system policy - and the organization's security procedures. Many organizations already have a security policy - that covers the configuration of technology devices. The policy - should include the security configuration of - workstations, desktops, mobile devices, phones, - production servers, and development servers. In - many cases, standard - operating procedures (SOPs) already exist. - When in doubt, ask the security team. + apply a defense in depth strategy. The idea of defense in depth + is to add several layers of security to prevent one single layer + failing and the entire security system collapsing. For example, + a system administrator cannot simply turn on a firewall and + consider the network or system secure. One must also audit + accounts, check the integrity of binaries, and ensure malicious + tools are not installed. To implement an effective security + strategy, one must understand threats and how to defend against + them. + + What is a threat as it pertains to computer security? + Threats are not limited to remote attackers who attempt to + access a system without permission from a remote location. + Threats also include employees, malicious software, unauthorized + network devices, natural disasters, security vulnerabilities, + and even competing corporations. + + Systems and networks can be accessed without permission, + sometimes by accident, or by remote attackers, and in some + cases, via corporate espionage or former employees. As a user, + it is important to prepare for and admit when a mistake has lead + to a security breach and report possible issues to the security + team. As an administrator, it is important to know of the + threats and be prepared to mitigate them. + + When applying security to systems, it is recommended to + start by securing the basic accounts and system configuration, + and then to secure the network layer so that it adheres to the + system policy and the organization's security procedures. Many + organizations already have a security policy that covers the + configuration of technology devices. The policy should include + the security configuration of workstations, desktops, mobile + devices, phones, production servers, and development servers. + In many cases, standard operating procedures + (SOPs) already exist. When in doubt, ask the + security team. The rest of this introduction describes how some of these basic security configurations are performed on a &os; system. The rest of this chapter describes some specific tools which can - be used when implementing a security policy on a &os; system. + be used when implementing a security policy on a &os; + system. Preventing Logins @@ -178,55 +178,57 @@ In securing a system, a good starting point is an audit of accounts. Ensure that root has a strong password and - that this password is not shared. - Disable any accounts that do not need login access. + that this password is not shared. Disable any accounts that + do not need login access. - To deny login access to accounts, two methods exist. The first - is to lock the account. This example locks the toor account: + To deny login access to accounts, two methods exist. The + first is to lock the account. This example locks the + toor account: &prompt.root; pw lock toor - The second method is to prevent login access - by changing the shell to /sbin/nologin. - Only the superuser can change the shell for other users: + The second method is to prevent login access by changing + the shell to /sbin/nologin. Only the + superuser can change the shell for other users: &prompt.root; chsh -s /usr/sbin/nologin toor The /usr/sbin/nologin shell prevents - the system from assigning a shell to the - user when they attempt to login. + the system from assigning a shell to the user when they + attempt to login. Permitted Account Escalation - In some cases, system administration needs to be - shared with other users. &os; has two methods to handle this. - The first one, which is not recommended, is a shared root - password used by members of the wheel group. With this method, - a user types su and enters the password for - wheel whenever - superuser access is needed. The user should then type - exit to leave privileged access after - finishing the commands that required administrative access. To add a user - to this group, edit /etc/group and add the - user to the end of the wheel entry. The user must be + In some cases, system administration needs to be shared + with other users. &os; has two methods to handle this. The + first one, which is not recommended, is a shared root password + used by members of the wheel group. With this + method, a user types su and enters the + password for wheel + whenever superuser access is needed. The user should then + type exit to leave privileged access after + finishing the commands that required administrative access. + To add a user to this group, edit + /etc/group and add the user to the end of + the wheel entry. The user must be separated by a comma character with no space. - The second, and recommended, method to permit privilege escalation is - to install the security/sudo package or port. - This software provides additional auditing, more fine-grained user control, - and can be configured to lock users into running only the specified privileged + The second, and recommended, method to permit privilege + escalation is to install the security/sudo + package or port. This software provides additional auditing, + more fine-grained user control, and can be configured to lock + users into running only the specified privileged commands. After installation, use visudo to edit - /usr/local/etc/sudoers. - This example creates - a new webadmin group, adds the trhodes account to that group, and - configures that group access to restart + /usr/local/etc/sudoers. This example + creates a new webadmin group, adds the + trhodes account to + that group, and configures that group access to restart apache24: &prompt.root; pw groupadd webadmin -M trhodes -g 6000 @@ -237,45 +239,42 @@ Password Hashes - Passwords are a necessary evil of technology. When - they must be used, they should be - complex and a powerful hash mechanism should be used to - encrypt the version that is stored in the password database. &os; supports the + Passwords are a necessary evil of technology. When they + must be used, they should be complex and a powerful hash + mechanism should be used to encrypt the version that is stored + in the password database. &os; supports the DES, MD5, - SHA256, SHA512, and Blowfish hash algorithms in its - crypt() library. The default of - SHA512 should not be changed to a less - secure hashing algorithm, but can be changed to the more secure - Blowfish algorithm. + SHA256, SHA512, and + Blowfish hash algorithms in its crypt() + library. The default of SHA512 should not + be changed to a less secure hashing algorithm, but can be + changed to the more secure Blowfish algorithm. - Blowfish is not part of - AES and is not considered compliant with - any Federal Information - Processing Standards (FIPS). Its use may not be - permitted in some environments. + Blowfish is not part of AES and is + not considered compliant with any Federal Information + Processing Standards (FIPS). Its use may + not be permitted in some environments. To determine which hash algorithm is used to encrypt a user's password, the superuser can view the hash for the user - in the &os; password database. Each hash - starts with a symbol which indicates the type of hash - mechanism used to encrypt the password. If - DES is used, there is no beginning symbol. - For - MD5, the symbol is + in the &os; password database. Each hash starts with a symbol + which indicates the type of hash mechanism used to encrypt the + password. If DES is used, there is no + beginning symbol. For MD5, the symbol is $. For SHA256 and - SHA512, the symbol is $6$. - For Blowfish, the symbol is $2a$. In this - example, the password for dru is hashed using the default - SHA512 algorithm as the hash starts with - $6$. Note that the encrypted hash, not the password - itself, is stored in the password database: + SHA512, the symbol is + $6$. For Blowfish, the symbol is + $2a$. In this example, the password for + dru is hashed using + the default SHA512 algorithm as the hash + starts with $6$. Note that the encrypted + hash, not the password itself, is stored in the password + database: &prompt.root; grep dru /etc/master.passwd -dru:$6$pzIjSvCAn.PBYQBA$PXpSeWPx3g5kscj3IMiM7tUEUSPmGexxta.8Lt9TGSi2lNQqYGKszsBPuGME0:1001:1001::0:0:dru:/usr/home/dru:/bin/csh - +dru:$6$pzIjSvCAn.PBYQBA$PXpSeWPx3g5kscj3IMiM7tUEUSPmGexxta.8Lt9TGSi2lNQqYGKszsBPuGME0:1001:1001::0:0:dru:/usr/home/dru:/bin/csh The hash mechanism is set in the user's login class. For this example, the user is in the default @@ -286,83 +285,79 @@ dru:$6$pzIjSvCAn.PBYQBA$PXpSeWPx3g5kscj3 To change the algorithm to Blowfish, modify that line to look like this: - - :passwd_format=blf:\ - - Then run cap_mkdb /etc/login.conf as + + :passwd_format=blf:\ + + Then run cap_mkdb /etc/login.conf as described in . Note that this change will not affect any existing password hashes. This - means that all passwords should - be re-hashed by asking users to run passwd - in order to change their password. + means that all passwords should be re-hashed by asking users + to run passwd in order to change their + password. - For remote logins, two-factor - authentication should be used. An example of two-factor authentication is + For remote logins, two-factor authentication should be + used. An example of two-factor authentication is something you have, such as a key, and - something you know, such as the passphrase for that key. Since - OpenSSH is part of the &os; - base system, all network logins should be over an encrypted - connection and use key-based authentication instead of passwords. - For - more information, refer to . - Kerberos users may need to make additional - changes to implement OpenSSH in - their network. These changes are described in . - - - - Password Policy Enforcement - - Enforcing a strong password policy for local accounts - is a fundamental aspect of system security. - In &os;, password length, - password strength, and password complexity - can be implemented using built-in Pluggable Authentication - Modules (PAM). - - This section demonstrates how to configure the minimum - and maximum password length and the - enforcement of mixed characters using the - pam_passwdqc.so module. This module is enforced when - a user changes their password. - - To configure this module, become the superuser and uncomment the line containing - pam_passwdqc.so in - /etc/pam.d/passwd. Then, edit that - line to match the password policy: - - password requisite pam_passwdqc.so min=disabled,disabled,disabled,12,10 similar=deny retry=3 enforce=users - - This example - sets several requirements for new passwords. The min - setting controls the minimum - password length. It has five values because this module - defines five different types of passwords based on their - complexity. Complexity is defined by the type of characters - that must exist in a password, such as letters, numbers, - symbols, and case. The types of passwords are described in - &man.pam.passwdqc.8;. In this example, the first three - types of passwords are disabled, meaning that passwords that - meet those complexity requirements will not be accepted, - regardless of their length. - The 12 sets a minimum password policy of - at least twelve characters, if the password also contains - characters with three types of complexity. The - 10 sets the password policy to also allow - passwords of at least ten characters, if the password - contains characters with four types of complexity. - - The similar setting denies passwords that - are similar to the user's previous password. The - retry setting provides a user with - three opportunities to enter a new password. - - Once this file is saved, a user - changing their password will see a message similar to the - following: + something you know, such as the passphrase for + that key. Since OpenSSH is part of + the &os; base system, all network logins should be over an + encrypted connection and use key-based authentication instead + of passwords. For more information, refer to . Kerberos users may need to make + additional changes to implement + OpenSSH in their network. These + changes are described in . + + + + Password Policy Enforcement + + Enforcing a strong password policy for local accounts is a + fundamental aspect of system security. In &os;, password + length, password strength, and password complexity can be + implemented using built-in Pluggable Authentication Modules + (PAM). + + This section demonstrates how to configure the minimum and + maximum password length and the enforcement of mixed + characters using the pam_passwdqc.so + module. This module is enforced when a user changes their + password. - &prompt.user; passwd + To configure this module, become the superuser and + uncomment the line containing + pam_passwdqc.so in + /etc/pam.d/passwd. Then, edit that line + to match the password policy: + + password requisite pam_passwdqc.so min=disabled,disabled,disabled,12,10 similar=deny retry=3 enforce=users + + This example sets several requirements for new passwords. + The min setting controls the minimum + password length. It has five values because this module + defines five different types of passwords based on their + complexity. Complexity is defined by the type of characters + that must exist in a password, such as letters, numbers, + symbols, and case. The types of passwords are described in + &man.pam.passwdqc.8;. In this example, the first three types + of passwords are disabled, meaning that passwords that meet + those complexity requirements will not be accepted, regardless + of their length. The 12 sets a minimum + password policy of at least twelve characters, if the password + also contains characters with three types of complexity. The + 10 sets the password policy to also allow + passwords of at least ten characters, if the password contains + characters with four types of complexity. + + The similar setting denies passwords + that are similar to the user's previous password. The + retry setting provides a user with three + opportunities to enter a new password. + + Once this file is saved, a user changing their password + will see a message similar to the following: + + &prompt.user; passwd Changing local password for trhodes Old Password: @@ -377,32 +372,34 @@ Alternatively, if noone else can see you pick this as your password: "trait-useful&knob". Enter new password: - If a password that does not match the policy is entered, it will be rejected with - a warning and the user will have an opportunity to try - again, up to the configured number of retries. - - Most password policies require passwords to - expire after so many days. To set a - password age time in &os;, set - for the user's login class in - /etc/login.conf. The - default login class contains an example: - - # :passwordtime=90d:\ - - So, to set an expiry of 90 days for this login class, - remove the comment symbol (#), save the - edit, and run cap_mkdb /etc/login.conf. - - To set the expiration on individual users, pass an - expiration date or the number of days to expiry - and a username to pw: - - &prompt.root; pw usermod -p 30-apr-2015 -n trhodes - - As seen here, an expiration date is set in the form of - day, month, and year. For more information, see - &man.pw.8;. + If a password that does not match the policy is entered, + it will be rejected with a warning and the user will have an + opportunity to try again, up to the configured number of + retries. + + Most password policies require passwords to expire after + so many days. To set a password age time in &os;, set + for the user's login class in + /etc/login.conf. The + default login class contains an + example: + + # :passwordtime=90d:\ + + So, to set an expiry of 90 days for this login class, + remove the comment symbol (#), save the + edit, and run cap_mkdb + /etc/login.conf. + + To set the expiration on individual users, pass an + expiration date or the number of days to expiry and a username + to pw: + + &prompt.root; pw usermod -p 30-apr-2015 -n trhodes + + As seen here, an expiration date is set in the form of + day, month, and year. For more information, see + &man.pw.8;. @@ -2053,18 +2050,18 @@ Connection closed by foreign host. Encapsulated Security Payload - (ESP): this protocol protects - the IP packet data from third party - interference by encrypting the contents using symmetric - cryptography algorithms such as Blowfish and + (ESP): this protocol + protects the IP packet data from third + party interference by encrypting the contents using + symmetric cryptography algorithms such as Blowfish and 3DES. Authentication Header - (AH)): this protocol protects - the IP packet header from third party - interference and spoofing by computing a cryptographic + (AH)): this protocol + protects the IP packet header from third + party interference and spoofing by computing a cryptographic checksum and hashing the IP packet header fields with a secure hashing function. This is then followed by an additional header that contains the hash, to @@ -2074,9 +2071,9 @@ Connection closed by foreign host. IP Payload Compression Protocol - (IPComp): this protocol tries - to increase communication performance by compressing the - IP payload in order ro reduce the + (IPComp): this protocol + tries to increase communication performance by compressing + the IP payload in order ro reduce the amount of data sent. @@ -3532,9 +3529,8 @@ UWWemqWuz3lAZuORQ9KX &os; provides several methods for an administrator to limit the amount of system resources an individual may use. - Disk quotas limit the amount of disk space available to - users. Quotas are discussed in - . + Disk quotas limit the amount of disk space available to users. + Quotas are discussed in . quotas @@ -3548,21 +3544,21 @@ UWWemqWuz3lAZuORQ9KX Limits to other resources, such as CPU - and memory, can be set using either a flat - file or a command to configure a resource limits database. The - traditional method defines login classes by editing - /etc/login.conf. While this method - is still supported, any changes require a multi-step process of - editing this file, rebuilding the resource database, making necessary changes to - /etc/master.passwd, and rebuilding the - password database. This - can become time consuming, depending upon the number of users to + and memory, can be set using either a flat file or a command to + configure a resource limits database. The traditional method + defines login classes by editing + /etc/login.conf. While this method is + still supported, any changes require a multi-step process of + editing this file, rebuilding the resource database, making + necessary changes to /etc/master.passwd, + and rebuilding the password database. This can become time + consuming, depending upon the number of users to configure. Beginning with &os; 9.0-RELEASE, rctl can be used to provide a more - fine-grained method for controlling resource limits. - This command supports more than user limits as it can also be used to + fine-grained method for controlling resource limits. This + command supports more than user limits as it can also be used to set resource constraints on processes and jails. This section demonstrates both methods for controlling @@ -3584,10 +3580,11 @@ UWWemqWuz3lAZuORQ9KX In the traditional method, login classes and the resource limits to apply to a login class are defined in - /etc/login.conf. Each user account can be assigned - to a login class, where default is the default - login class. Each login class has a set of login capabilities associated - with it. A login capability is a + /etc/login.conf. Each user account can + be assigned to a login class, where default + is the default login class. Each login class has a set of + login capabilities associated with it. A login capability is + a name=value pair, where name is a well-known identifier and value is an @@ -3595,63 +3592,63 @@ UWWemqWuz3lAZuORQ9KX the name. - Whenever - /etc/login.conf is edited, the - /etc/login.conf.db must be updated by - executing the following command: + Whenever /etc/login.conf is edited, + the /etc/login.conf.db must be updated + by executing the following command: &prompt.root; cap_mkdb /etc/login.conf Resource limits differ from the default login capabilities - in two ways. First, for every limit, there is a soft - and hard limit. A soft limit may be adjusted by the - user or application, but may not be set higher than the hard - limit. The hard limit may be lowered by the user, but can - only be raised by the superuser. Second, most resource limits - apply per process to a specific user. + in two ways. First, for every limit, there is a + soft and hard + limit. A soft limit may be adjusted by the user or + application, but may not be set higher than the hard limit. + The hard limit may be lowered by the user, but can only be + raised by the superuser. Second, most resource limits apply + per process to a specific user. lists the most commonly - used resource limits. All of the available - resource limits and capabilities are described in - detail in &man.login.conf.5;. - - - limiting users - coredumpsize - - - limiting users - cputime - - - limiting users - filesize - - - limiting users - maxproc - - - limiting users - memorylocked - - - limiting users - memoryuse - - - limiting users - openfiles - - - limiting users - sbsize - - - limiting users - stacksize - + used resource limits. All of the available resource limits + and capabilities are described in detail in + &man.login.conf.5;. + + + limiting users + coredumpsize + + + limiting users + cputime + + + limiting users + filesize + + + limiting users + maxproc + + + limiting users + memorylocked + + + limiting users + memoryuse + + + limiting users + openfiles + + + limiting users + sbsize + + + limiting users + stacksize + Login Class Resource Limits @@ -3666,93 +3663,94 @@ UWWemqWuz3lAZuORQ9KX - coredumpsize - The limit on the size of a core file - generated by a program is subordinate to other limits - on disk usage, such as filesize or - disk quotas. This limit is often used as a less severe - method of controlling disk space consumption. Since - users do not generate core files and often - do not delete them, this setting may save them from - running out of disk space should a large program - crash. - - - - cputime - The maximum amount of CPU - time a user's process may consume. Offending processes - will be killed by the kernel. This is a limit on - CPU time - consumed, not the percentage of the CPU as displayed in - some of the fields generated by top - and ps. + coredumpsize + The limit on the size of a core file generated by + a program is subordinate to other limits on disk + usage, such as filesize or disk + quotas. This limit is often used as a less severe + method of controlling disk space consumption. Since + users do not generate core files and often do not + delete them, this setting may save them from running + out of disk space should a large program + crash. + + + + cputime + The maximum amount of CPU time + a user's process may consume. Offending processes + will be killed by the kernel. This is a limit on + CPU time + consumed, not the percentage of the + CPU as displayed in some of the + fields generated by top and + ps. + + + + filesize + The maximum size of a file the user may own. + Unlike disk quotas (), this + limit is enforced on individual files, not the set of + all files a user owns. + + + + maxproc + The maximum number of foreground and background + processes a user can run. This limit may not be + larger than the system limit specified by + kern.maxproc. Setting this limit + too small may hinder a user's productivity as some + tasks, such as compiling a large program, start lots + of processes. - - filesize - The maximum size of a file - the user may own. Unlike disk quotas - (), this limit is - enforced on individual files, not the set of all files a - user owns. - - - - maxproc - The maximum number of foreground and background processes - a user can run. This limit may not be larger than the system - limit specified by kern.maxproc. - Setting this limit too small may hinder - a user's productivity as some tasks, - such as compiling a large program, start lots of - processes. - - - - memorylocked - The maximum amount of memory - a process may request to be locked into main memory - using &man.mlock.2;. Some system-critical programs, - such as &man.amd.8;, lock into main memory so that if - the system begins to swap, they do not contribute to - disk thrashing. - - - - memoryuse - The maximum amount of memory - a process may consume at any given time. It includes - both core memory and swap usage. This is not a - catch-all limit for restricting memory consumption, but - is a good start. - - - - openfiles - The maximum number of files a process may have open. - In &os;, files are used to represent sockets and IPC - channels, so be careful not to set this too low. The - system-wide limit for this is defined by - kern.maxfiles. - - - - sbsize - The limit on the amount of network memory - a user may consume. This can be generally used to limit - network communications. - - - - stacksize - The maximum size of a process stack. - This alone is not sufficient to limit the amount of - memory a program may use, so it should be used in - conjunction with other limits. - - - + + memorylocked + The maximum amount of memory a process may + request to be locked into main memory using + &man.mlock.2;. Some system-critical programs, such as + &man.amd.8;, lock into main memory so that if the + system begins to swap, they do not contribute to disk + thrashing. + + + + memoryuse + The maximum amount of memory a process may + consume at any given time. It includes both core + memory and swap usage. This is not a catch-all limit + for restricting memory consumption, but is a good + start. + + + + openfiles + The maximum number of files a process may have + open. In &os;, files are used to represent sockets + and IPC channels, so be careful not + to set this too low. The system-wide limit for this + is defined by + kern.maxfiles. + + + + sbsize + The limit on the amount of network memory a user + may consume. This can be generally used to limit + network communications. + + + + stacksize + The maximum size of a process stack. This alone + is not sufficient to limit the amount of memory a + program may use, so it should be used in conjunction + with other limits. + + +
              There are a few other things to remember when setting @@ -3766,29 +3764,29 @@ UWWemqWuz3lAZuORQ9KX - Although the default /etc/login.conf - is a good source of reasonable - values for most limits, they may not be appropriate for - every system. Setting a limit too high may open the - system up to abuse, while setting it too low may put a - strain on productivity. + Although the default + /etc/login.conf is a good source of + reasonable values for most limits, they may not be + appropriate for every system. Setting a limit too high + may open the system up to abuse, while setting it too low + may put a strain on productivity. &xorg; takes a lot of - resources and encourages users to run more - programs simultaneously. + resources and encourages users to run more programs + simultaneously. Many limits apply to individual processes, not the user as a whole. For example, setting - openfiles to 50 means that each process - the user runs may open up to 50 files. The total amount - of files a user may open is the value of - openfiles multiplied by the value of - maxproc. This also applies to memory - consumption. + openfiles to 50 + means that each process the user runs may open up to + 50 files. The total amount of files a + user may open is the value of openfiles + multiplied by the value of maxproc. + This also applies to memory consumption. From owner-svn-doc-all@FreeBSD.ORG Thu May 1 10:30:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BA3526B; Thu, 1 May 2014 10:30:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A760F1925; Thu, 1 May 2014 10:30:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s41AUANZ084576; Thu, 1 May 2014 10:30:10 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s41AUAlf084574; Thu, 1 May 2014 10:30:10 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405011030.s41AUAlf084574@svn.freebsd.org> From: Ryusuke SUZUKI Date: Thu, 1 May 2014 10:30:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44727 - head/ja_JP.eucJP/books/handbook/kernelconfig X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 May 2014 10:30:10 -0000 Author: ryusuke Date: Thu May 1 10:30:10 2014 New Revision: 44727 URL: http://svnweb.freebsd.org/changeset/doc/44727 Log: - Merge the following from the English version: r44289 -> r44620 head/ja_JP.eucJP/books/handbook/kernelconfig/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/kernelconfig/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/kernelconfig/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/kernelconfig/chapter.xml Wed Apr 30 21:29:03 2014 (r44726) +++ head/ja_JP.eucJP/books/handbook/kernelconfig/chapter.xml Thu May 1 10:30:10 2014 (r44727) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r44289 + Original revision: r44620 $FreeBSD$ --> @@ -290,12 +290,11 @@ ath_hal(4) - Atheros Hardw amd64 アーキテクチャ用の GENERIC コンフィグレーションファイルのコピーを作成します。 - &prompt.root; cd /usr/src/sys/amd64/conf -&prompt.root; cp GENERIC MYKERNEL + &prompt.root; cd /usr/src/sys/amd64/conf +&prompt.root; cp GENERIC MYKERNEL - これで、コンフィグレーションファイル - MYKERNEL - を ASCII テキストエディタで編集できます。 + これで、MYKERNEL + を ASCII テキストエディタで編集できます。 初心者に対してより簡単なエディタである ee も &os; とともにインストールされていますが、 @@ -398,7 +397,7 @@ This is outdated and specific to one arc ident GENERIC これはカーネルの識別名です。 - たとえば、MYKERNEL + たとえば、MYKERNEL のように、新しいカーネルに付けたい名前に書き換えて下さい。 ident に書いた値はカーネルを起動する時に表示されます。 @@ -1258,12 +1257,12 @@ device fwe # Ethernet デフォルトのすべてのモジュールを構築する設定を変更し、 構築するモジュール一覧を指定します。 - MODULES_OVERRIDE = linux acpi ntfs + MODULES_OVERRIDE = linux acpi また、以下の変数は、 構築を行わないトップレベルのモジュールを指定します。 - WITHOUT_MODULES = linux acpi sound ntfs + WITHOUT_MODULES = linux acpi sound 他の変数については、&man.make.conf.5; を参照してください。 @@ -1309,9 +1308,8 @@ device fwe # Ethernet - - カーネルが起動しない + + カーネルが起動しない 新しいカーネルが起動しなかったり、 @@ -1323,7 +1321,7 @@ device fwe # Ethernet Escape to a loader prompt オプションを選択するとアクセスできます。 プロンプトで - boot kernel.old + boot kernel.old か他の正常に起動するカーネルを入力してください。 問題のないカーネルで起動した後、 @@ -1347,8 +1345,8 @@ device fwe # Ethernet できる限り早く以下のようにして、 正しく起動するカーネルを含むディレクトリ名に変更してください。 - &prompt.root; mv /boot/kernel /boot/kernel.bad -&prompt.root; mv /boot/kernel.good /boot/kernel + &prompt.root; mv /boot/kernel /boot/kernel.bad +&prompt.root; mv /boot/kernel.good /boot/kernel From owner-svn-doc-all@FreeBSD.ORG Thu May 1 10:36:15 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4EAF1420; Thu, 1 May 2014 10:36:15 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3C3CD1A05; Thu, 1 May 2014 10:36:15 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s41AaFD4088187; Thu, 1 May 2014 10:36:15 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s41AaF2C088186; Thu, 1 May 2014 10:36:15 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405011036.s41AaF2C088186@svn.freebsd.org> From: Ryusuke SUZUKI Date: Thu, 1 May 2014 10:36:15 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44728 - head/ja_JP.eucJP/htdocs/internal X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 May 2014 10:36:15 -0000 Author: ryusuke Date: Thu May 1 10:36:14 2014 New Revision: 44728 URL: http://svnweb.freebsd.org/changeset/doc/44728 Log: - Merge the following from the English version: r44116 -> r44720 head/ja_JP.eucJP/htdocs/internal/machines.xml Modified: head/ja_JP.eucJP/htdocs/internal/machines.xml Modified: head/ja_JP.eucJP/htdocs/internal/machines.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/internal/machines.xml Thu May 1 10:30:10 2014 (r44727) +++ head/ja_JP.eucJP/htdocs/internal/machines.xml Thu May 1 10:36:14 2014 (r44728) @@ -4,7 +4,7 @@ ]> - + @@ -60,13 +60,6 @@ -nova -11-CURRENT -sparc64 -リファレンスマシン - - - pluto 10-STABLE ia64 From owner-svn-doc-all@FreeBSD.ORG Thu May 1 14:34:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 05C38871; Thu, 1 May 2014 14:34:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E529F129A; Thu, 1 May 2014 14:34:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s41EYsn2087314; Thu, 1 May 2014 14:34:54 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s41EYsgr087313; Thu, 1 May 2014 14:34:54 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405011434.s41EYsgr087313@svn.freebsd.org> From: Dru Lavigne Date: Thu, 1 May 2014 14:34:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44729 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 May 2014 14:34:55 -0000 Author: dru Date: Thu May 1 14:34:54 2014 New Revision: 44729 URL: http://svnweb.freebsd.org/changeset/doc/44729 Log: Editorial review of Rootkit and Binary Verification sections. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu May 1 10:36:14 2014 (r44728) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu May 1 14:34:54 2014 (r44729) @@ -403,25 +403,27 @@ Enter new password:               - Backdoors and Rootkits + Detecting Rootkits - Backdoors and rootkits are only a threat after they have - been installed. Once installed, this malicious software will + A rootkit is any unauthorized + software that attempts to gain root access to a system. + Once installed, this malicious software will normally open up another avenue of entry for an attacker. - Realistically, once a system has been compromised, and an - investigation has been performed, it should be erased. There + Realistically, once a system has been compromised by a rootkit and an + investigation has been performed, the system should be reinstalled from scratch. There is tremendous risk that even the most prudent security or systems engineer will miss something an attacker left behind. - A backdoor or rootkit software does do one thing useful - for administrators - once detected, it is a sign that a - compromise happened at some point. But normally these types - of applications are hidden very well. Tools do exist - to detect backdoors and rootkits, one of them is + A rootkit does do one thing useful + for administrators: once detected, it is a sign that a + compromise happened at some point. But, these types + of applications tend to be very well hidden. This section demonstrates a tool + that can be used to detect rootkits, security/rkhunter. - After installation, the system may be checked using the + After installation of this package or port, the system may be checked using the following command. It will produce a lot of information and will require some manual pressing of the ENTER key: @@ -434,19 +436,19 @@ Enter new password: more. During the check, some generic security warnings may be produced about hidden files, the OpenSSH protocol selection, and - occasionally known vulnerable versions of installed software. - These can be handled now or later after a more detailed + known vulnerable versions of installed software. + These can be handled now or after a more detailed analysis has been performed. Every administrator should know what is running on the - systems they are responsible for. Using tools like - rkhunter, - lsof and native commands such - as &man.netstat.1; and &man.ps.1; can show a great deal of + systems they are responsible for. Third-party tools like + rkhunter and + sysutils/lsof, and native commands such + as netstat and ps, can show a great deal of information on the system. Take notes on what is normal, - ask questions when something seems out of place and be - paranoid. And remember, preventing a compromise is ideal - but detecting a compromise is a must. + ask questions when something seems out of place, and be + paranoid. While preventing a compromise is ideal, + detecting a compromise is a must. @@ -454,39 +456,44 @@ Enter new password: Verification of system files and binaries is important because it provides the system administration and security - team with information about system changes. In any system, - no internal command or application should change without - the system admin team knowing. A software application that + teams information about system changes. A software application that monitors the system for changes is called an Intrusion - Detection System or IDS. + Detection System (IDS). &os; provides native support for a basic - IDS system. In fact, as part of the - nightly &man.periodic.8; security emails will notify an - administrator of changes. Since the information is stored - locally, there is a chance a malicious user could modify and - spoof the information. As such, it is + IDS system. While the + nightly security emails will notify an + administrator of changes, the information is stored + locally and there is a chance that a malicious user could modify + this information in order to hide their changes to the system. As such, it is recommended to create a separate set of binary signatures and - store them on a read only, root owned directory or, - preferably, off system such as a USB disk - or rsync server. - - To being, a seed needs to be generated. This is a numeric - constant that will be used as to help generate the hash values - and to check the hash values. Lacking this seed value will - make faking or checking the checksum values of files difficult - it not impossible. In the following example, the key will be - passed with the flag. First, generate a - set of hashes and checksums for /bin - using the following command: + store them on a read-only, root-owned directory or, + preferably, on a removable USB disk + or remote rsync server. + + The built-in mtree utility can be used + to generate a specification of the contents of a directory. A + seed, or a numeric constant, is used to generate the + specification and is required to check that the specification + has not changed. This makes it possible to determine if a file + or binary has been modified. + Since the seed value is unknown by an attacker, + faking or checking the checksum values of files will be difficult + to impossible. The following example generates a + set of SHA256 hashes, one for each system binary in + /bin, and saves those values to a hidden + file in root's home directory, + /root/.bin_chksum_mtree: - &prompt.root; mtree -s 3483151339707503 -c -K cksum,sha256digest -p /bin > bin_chksum_mtree + &prompt.root; mtree -s 3483151339707503 -c -K cksum,sha256digest -p /bin > /root/.bin_chksum_mtree +&prompt.root; mtree: /bin checksum: 3427012225 - This should have produced something similar to: + The 3483151339707503 represents + the seed. This value should be remembered, but not shared. - &prompt.root; mtree: /bin checksum: 3427012225 - Viewing bin_cksum_mtree + Viewing /root/.bin_cksum_mtree should yield output similar to the following: # user: root @@ -510,41 +517,52 @@ Enter new password: chmod size=8640 time=1380277975.000000000 cksum=2214429708 \ sha256digest=a435972263bf814ad8df082c0752aa2a7bdd8b74ff01431ccbd52ed1e490bbe7 - Notice the machine's hostname, the current date and time, - and the user who executed &man.mtree.8; are all included in - this report. There is also a checksum, size, time and - SHA256 digest for each binary that was - found. - - To verify binary signatures, the following command will - read in the current list of signatures and provide an - output: + The machine's hostname, the date and time the specification was created, + and the name of the user who created the specification are included in + this report. There is a checksum, size, time, and + SHA256 digest for each binary in + the directory. + + To verify that the binary signatures have not changed, + compare the current contents of the directory to the + previously generated specification, and save the results to a file. + This command requires the seed that was used to generate the + original specification: - &prompt.root; mtree -s 3483151339707503 -p /bin < bin_chksum_mtree >> bin_chksum_output + &prompt.root; mtree -s 3483151339707503 -p /bin < /root/.bin_chksum_mtree >> /root/.bin_chksum_output +&prompt.root; mtree: /bin checksum: 3427012225 This should produce the same checksum for - /bin that was produced when the command - was originally ran. Since no changes occurred in the time - these commands were ran, the - bin_chksum_output output will be empty. + /bin that was produced when the specification + was created. If no changes have occurred to the binaries in this directory, + the + /root/.bin_chksum_output output file will be empty. To simulate a change, change the date on - /bin/cat using &man.touch.1; and run + /bin/cat using touch and run the verification command again: - &prompt.root; touch /bin/cat - - &prompt.root; mtree -s 3483151339707503 -p /bin < bin_chksum_mtree >> bin_chksum_output - - &prompt.root; cat bin_chksum_output - - cat changed - modification time expected Fri Sep 27 06:32:55 2013 found Mon Feb 3 10:28:43 2014 + &prompt.root; touch /bin/cat +&prompt.root; mtree -s 3483151339707503 -p /bin < /root/.bin_chksum_mtree >> /root/.bin_chksum_output +&prompt.root; more /root/.bin_chksum_output +cat changed + modification time expected Fri Sep 27 06:32:55 2013 found Mon Feb 3 10:28:43 2014 + + It is recommended to create specifications for the + directories which contain binaries and configuration files, as + well as any directories containing sensitive data. Typically, + specifications are created for /bin, + /sbin, /usr/bin, + /usr/sbin, + /usr/local/bin, + /etc, and + /usr/local/etc. More advanced IDS systems exist, such - as security/aide but in most cases, - &man.mtree.8; provides the functionality administrators need. + as security/aide. In most cases, + mtree provides the functionality administrators need. It is important to keep the seed value and the checksum output - hidden from malicious users. + hidden from malicious users. More information about + mtree can be found in &man.mtree.8;. From owner-svn-doc-all@FreeBSD.ORG Thu May 1 15:27:35 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 752643A1; Thu, 1 May 2014 15:27:35 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 60F62181F; Thu, 1 May 2014 15:27:35 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s41FRZCt008567; Thu, 1 May 2014 15:27:35 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s41FRZdh008566; Thu, 1 May 2014 15:27:35 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405011527.s41FRZdh008566@svn.freebsd.org> From: Dru Lavigne Date: Thu, 1 May 2014 15:27:35 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44730 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 May 2014 15:27:35 -0000 Author: dru Date: Thu May 1 15:27:34 2014 New Revision: 44730 URL: http://svnweb.freebsd.org/changeset/doc/44730 Log: Editorial review of System Tuning for Security. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu May 1 14:34:54 2014 (r44729) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu May 1 15:27:34 2014 (r44730) @@ -568,32 +568,36 @@ cat changed System Tuning for Security - Many of the systems features may be tuned through the use - of &man.sysctl.8;. This is also true for a few security - features which could be used to prevent denial of service - (DOS) style attacks. Some of the more - important will be covered here. Any time a setting is changed - with &man.sysctl.8;, the chance to cause undesired harm is - increased affecting the availability of the system. - Considering the CIA of the system should be - done during any system-wide configuration change. + In &os;, many system features can be tuned using + sysctl. A few of the security + features which can be tuned to prevent Denial of Service + (DoS) attacks + will be covered in this section. More information about using + sysctl, including how to temporarily change + values and how to make the changes permanent after testing, + can be found in . - The following is a list of &man.sysctl.8;'s and a short - description of what effects the changes will have on the - system. + + Any time a setting is changed + with sysctl, the chance to cause undesired harm is + increased, affecting the availability of the system. All changes + should be monitored and, if possible, tried on a testing + system before being used on a production system. + By default, the &os; kernel boots with a security level of - -1. This is called insecure mode because + -1. This is called insecure mode because immutable file flags may be turned off and all devices may be - read from or written to. The security level will remain at -1 - unless it is altered, either by the administrator or by - &man.init.8;, because of a setting in the startup scripts. - The security level may be raised during system startup by + read from or written to. The security level will remain at -1 + unless it is altered through sysctl or by + a setting in the startup scripts. + The security level may be increased during system startup by setting kern_securelevel_enable to YES in /etc/rc.conf, and the value of kern_securelevel to the desired security level. See &man.security.7; and &man.init.8; - for more information on these settings. + for more information on these settings and the available security levels. Increasing the securelevel can break @@ -601,45 +605,46 @@ cat changed prepared to do some debugging. - Next &man.sysctl.8;s to change is the - net.inet.tcp.blackhole and net.inet.udp.blackhole. When these - are set, incoming SYN packets on closed - ports will be dropped with no return RST - response. The normal behavior is to return an - RST to show a port is closed. These will - provide some level of protection against - stealth scans against a system. Set the - net.inet.tcp.blackhole to 2 and the - net.inet.udp.blackhole to 1 and review the - information in &man.blackhole.4; for more information. - - Additionally the net.inet.icmp.drop_redirect and - net.inet.ip.redirect should be set as well. These two - &man.sysctl.8;s will help prevent against what are called - redirect attacks. Redirect attacks are the purposeful mass - issuing of ICMP type 5 packets which should - not be required in a normal network. As such, set - net.inet.icmp.drop_redirect to 1 and set - net.inet.ip.redirect to 0. + The net.inet.tcp.blackhole and + net.inet.udp.blackhole settings can be used + to drop incoming SYN packets on closed + ports without sending a return RST + response. The default behavior is to return an + RST to show a port is closed. Changing the default + provides some level of protection against + ports scans, which are used to determine + which applications are running on a system. Set + net.inet.tcp.blackhole to 2 and + net.inet.udp.blackhole to 1. + Refer to &man.blackhole.4; for more information about these settings. + + The net.inet.icmp.drop_redirect and + net.inet.ip.redirect settings + help prevent against + redirect attacks. A redirect attack is a type of DoS which sends mass + numbers of ICMP type 5 packets. Since these packets + are not required, set + net.inet.icmp.drop_redirect to 1 and set + net.inet.ip.redirect to 0. - Source routing is method of detecting and accessing + Source routing is a method for detecting and accessing non-routable addresses on the internal network. This should - probably be disabled as non-routable addresses are normally + be disabled as non-routable addresses are normally not routable on purpose. To disable this feature, set - net.inet.ip.sourceroute and net.inet.ip.accept_sourceroute - to 0. + net.inet.ip.sourceroute and + net.inet.ip.accept_sourceroute + to 0. + + When a machine on the network needs to + send messages to all hosts on a subnet, an + ICMP echo request message is sent + to the broadcast address. However, there is no reason for an external + host to perform such an action. To reject + all external broadcast requests, set + net.inet.icmp.bmcastecho to 0. - Drop all ICMP echo requests to the - broadcast address. When machine on the network need to - send messages to all hosts on a subnet, the message is sent - to the broadcast address. There is no reason an external - host should need to perform such an action so set - net.inet.icmp.bmcastecho to 0 to reject - all external broadcast requests. - - Some additional &man.sysctl.8;s are documented in - &man.security.7; and it is recommended it be consulted for - additional information. + Some additional settings are documented in + &man.security.7;. From owner-svn-doc-all@FreeBSD.ORG Thu May 1 15:44:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 88A2D7D5; Thu, 1 May 2014 15:44:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7421519B8; Thu, 1 May 2014 15:44:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s41FiNbF016347; Thu, 1 May 2014 15:44:23 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s41FiNEO016346; Thu, 1 May 2014 15:44:23 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405011544.s41FiNEO016346@svn.freebsd.org> From: Dru Lavigne Date: Thu, 1 May 2014 15:44:23 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44731 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 May 2014 15:44:23 -0000 Author: dru Date: Thu May 1 15:44:23 2014 New Revision: 44731 URL: http://svnweb.freebsd.org/changeset/doc/44731 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu May 1 15:27:34 2014 (r44730) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu May 1 15:44:23 2014 (r44731) @@ -407,48 +407,47 @@ Enter new password: A rootkit is any unauthorized software that attempts to gain root access to a system. - Once installed, this malicious software will - normally open up another avenue of entry for an attacker. - Realistically, once a system has been compromised by a rootkit and an - investigation has been performed, the system should be reinstalled from scratch. There - is tremendous risk that even the most prudent security or - systems engineer will miss something an attacker left - behind. - - A rootkit does do one thing useful - for administrators: once detected, it is a sign that a - compromise happened at some point. But, these types - of applications tend to be very well hidden. This section demonstrates a tool - that can be used to detect rootkits, - security/rkhunter. - - After installation of this package or port, the system may be checked using the - following command. It will produce a lot of - information and will require some manual - pressing of the ENTER key: + class="username">root access to a system. Once + installed, this malicious software will normally open up + another avenue of entry for an attacker. Realistically, once + a system has been compromised by a rootkit and an + investigation has been performed, the system should be + reinstalled from scratch. There is tremendous risk that even + the most prudent security or systems engineer will miss + something an attacker left behind. + + A rootkit does do one thing usefulfor administrators: once + detected, it is a sign that a compromise happened at some + point. But, these types of applications tend to be very well + hidden. This section demonstrates a tool that can be used to + detect rootkits, security/rkhunter. + + After installation of this package or port, the system may + be checked using the following command. It will produce a lot + of information and will require some manual pressing of the + ENTER key: &prompt.root; rkhunter -c - After the process completes, a status message - will be printed to the screen. This message will include the - amount of files checked, suspect files, possible rootkits, and - more. During the check, some generic security warnings may + After the process completes, a status message will be + printed to the screen. This message will include the amount + of files checked, suspect files, possible rootkits, and more. + During the check, some generic security warnings may be produced about hidden files, the OpenSSH protocol selection, and - known vulnerable versions of installed software. - These can be handled now or after a more detailed - analysis has been performed. + known vulnerable versions of installed software. These can be + handled now or after a more detailed analysis has been + performed. Every administrator should know what is running on the systems they are responsible for. Third-party tools like rkhunter and sysutils/lsof, and native commands such - as netstat and ps, can show a great deal of - information on the system. Take notes on what is normal, - ask questions when something seems out of place, and be - paranoid. While preventing a compromise is ideal, - detecting a compromise is a must. + as netstat and ps, can + show a great deal of information on the system. Take notes on + what is normal, ask questions when something seems out of + place, and be paranoid. While preventing a compromise is + ideal, detecting a compromise is a must. @@ -456,33 +455,32 @@ Enter new password: Verification of system files and binaries is important because it provides the system administration and security - teams information about system changes. A software application that - monitors the system for changes is called an Intrusion - Detection System (IDS). + teams information about system changes. A software + application that monitors the system for changes is called an + Intrusion Detection System (IDS). &os; provides native support for a basic - IDS system. While the - nightly security emails will notify an - administrator of changes, the information is stored - locally and there is a chance that a malicious user could modify - this information in order to hide their changes to the system. As such, it is - recommended to create a separate set of binary signatures and - store them on a read-only, root-owned directory or, - preferably, on a removable USB disk - or remote rsync server. + IDS system. While the nightly security + emails will notify an administrator of changes, the + information is stored locally and there is a chance that a + malicious user could modify this information in order to hide + their changes to the system. As such, it is recommended to + create a separate set of binary signatures and store them on a + read-only, root-owned directory or, preferably, on a removable + USB disk or remote + rsync server. The built-in mtree utility can be used to generate a specification of the contents of a directory. A seed, or a numeric constant, is used to generate the specification and is required to check that the specification - has not changed. This makes it possible to determine if a file - or binary has been modified. - Since the seed value is unknown by an attacker, - faking or checking the checksum values of files will be difficult - to impossible. The following example generates a - set of SHA256 hashes, one for each system binary in - /bin, and saves those values to a hidden - file in SHA256 hashes, + one for each system binary in /bin, and + saves those values to a hidden file in root's home directory, /root/.bin_chksum_mtree: @@ -490,11 +488,11 @@ Enter new password: &prompt.root; mtree: /bin checksum: 3427012225 The 3483151339707503 represents - the seed. This value should be remembered, but not shared. + the seed. This value should be remembered, but not + shared. - - Viewing /root/.bin_cksum_mtree - should yield output similar to the following: + Viewing /root/.bin_cksum_mtree should + yield output similar to the following: # user: root # machine: dreadnaught @@ -517,29 +515,29 @@ Enter new password: chmod size=8640 time=1380277975.000000000 cksum=2214429708 \ sha256digest=a435972263bf814ad8df082c0752aa2a7bdd8b74ff01431ccbd52ed1e490bbe7 - The machine's hostname, the date and time the specification was created, - and the name of the user who created the specification are included in - this report. There is a checksum, size, time, and - SHA256 digest for each binary in - the directory. + The machine's hostname, the date and time the + specification was created, and the name of the user who + created the specification are included in this report. There + is a checksum, size, time, and SHA256 + digest for each binary in the directory. To verify that the binary signatures have not changed, compare the current contents of the directory to the - previously generated specification, and save the results to a file. - This command requires the seed that was used to generate the - original specification: + previously generated specification, and save the results to a + file. This command requires the seed that was used to + generate the original specification: - &prompt.root; mtree -s 3483151339707503 -p /bin < /root/.bin_chksum_mtree >> /root/.bin_chksum_output + &prompt.root; mtree -s 3483151339707503 -p /bin < /root/.bin_chksum_mtree >> /root/.bin_chksum_output &prompt.root; mtree: /bin checksum: 3427012225 This should produce the same checksum for - /bin that was produced when the specification - was created. If no changes have occurred to the binaries in this directory, - the - /root/.bin_chksum_output output file will be empty. - To simulate a change, change the date on - /bin/cat using touch and run - the verification command again: + /bin that was produced when the + specification was created. If no changes have occurred to the + binaries in this directory, the + /root/.bin_chksum_output output file will + be empty. To simulate a change, change the date on + /bin/cat using touch + and run the verification command again: &prompt.root; touch /bin/cat &prompt.root; mtree -s 3483151339707503 -p /bin < /root/.bin_chksum_mtree >> /root/.bin_chksum_output @@ -559,45 +557,49 @@ cat changed More advanced IDS systems exist, such as security/aide. In most cases, - mtree provides the functionality administrators need. - It is important to keep the seed value and the checksum output - hidden from malicious users. More information about - mtree can be found in &man.mtree.8;. + mtree provides the functionality + administrators need. It is important to keep the seed value + and the checksum output hidden from malicious users. More + information about mtree can be found in + &man.mtree.8;. System Tuning for Security In &os;, many system features can be tuned using - sysctl. A few of the security - features which can be tuned to prevent Denial of Service - (DoS) attacks - will be covered in this section. More information about using + sysctl. A few of the security features + which can be tuned to prevent Denial of Service + (DoS) attacks will be covered in this + section. More information about using sysctl, including how to temporarily change values and how to make the changes permanent after testing, can be found in . - Any time a setting is changed - with sysctl, the chance to cause undesired harm is - increased, affecting the availability of the system. All changes - should be monitored and, if possible, tried on a testing - system before being used on a production system. + Any time a setting is changed with + sysctl, the chance to cause undesired + harm is increased, affecting the availability of the system. + All changes should be monitored and, if possible, tried on a + testing system before being used on a production + system. By default, the &os; kernel boots with a security level of - -1. This is called insecure mode because - immutable file flags may be turned off and all devices may be - read from or written to. The security level will remain at -1 - unless it is altered through sysctl or by - a setting in the startup scripts. - The security level may be increased during system startup by - setting kern_securelevel_enable to + -1. This is called insecure + mode because immutable file flags may be turned off + and all devices may be read from or written to. The security + level will remain at -1 unless it is + altered through sysctl or by a setting in + the startup scripts. The security level may be increased + during system startup by setting + kern_securelevel_enable to YES in /etc/rc.conf, and the value of kern_securelevel to the desired security level. See &man.security.7; and &man.init.8; - for more information on these settings and the available security levels. + for more information on these settings and the available + security levels. Increasing the securelevel can break @@ -610,38 +612,41 @@ cat changed to drop incoming SYN packets on closed ports without sending a return RST response. The default behavior is to return an - RST to show a port is closed. Changing the default - provides some level of protection against - ports scans, which are used to determine - which applications are running on a system. Set - net.inet.tcp.blackhole to 2 and - net.inet.udp.blackhole to 1. - Refer to &man.blackhole.4; for more information about these settings. + RST to show a port is closed. Changing the + default provides some level of protection against ports scans, + which are used to determine which applications are running on + a system. Set net.inet.tcp.blackhole to + 2 and + net.inet.udp.blackhole to + 1. Refer to &man.blackhole.4; for more + information about these settings. The net.inet.icmp.drop_redirect and - net.inet.ip.redirect settings - help prevent against - redirect attacks. A redirect attack is a type of DoS which sends mass - numbers of ICMP type 5 packets. Since these packets - are not required, set - net.inet.icmp.drop_redirect to 1 and set - net.inet.ip.redirect to 0. + net.inet.ip.redirect settings help prevent + against redirect attacks. A redirect + attack is a type of DoS which sends mass + numbers of ICMP type 5 packets. Since + these packets are not required, set + net.inet.icmp.drop_redirect to + 1 and set + net.inet.ip.redirect to + 0. Source routing is a method for detecting and accessing non-routable addresses on the internal network. This should - be disabled as non-routable addresses are normally - not routable on purpose. To disable this feature, set + be disabled as non-routable addresses are normally not + routable on purpose. To disable this feature, set net.inet.ip.sourceroute and - net.inet.ip.accept_sourceroute - to 0. + net.inet.ip.accept_sourceroute to + 0. - When a machine on the network needs to - send messages to all hosts on a subnet, an - ICMP echo request message is sent - to the broadcast address. However, there is no reason for an external - host to perform such an action. To reject - all external broadcast requests, set - net.inet.icmp.bmcastecho to 0. + When a machine on the network needs to send messages to + all hosts on a subnet, an ICMP echo request + message is sent to the broadcast address. However, there is + no reason for an external host to perform such an action. To + reject all external broadcast requests, set + net.inet.icmp.bmcastecho to + 0. Some additional settings are documented in &man.security.7;. From owner-svn-doc-all@FreeBSD.ORG Thu May 1 17:21:50 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 21D5CDBF; Thu, 1 May 2014 17:21:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0DD3115E0; Thu, 1 May 2014 17:21:50 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s41HLnED057799; Thu, 1 May 2014 17:21:49 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s41HLnl8057798; Thu, 1 May 2014 17:21:49 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405011721.s41HLnl8057798@svn.freebsd.org> From: Dru Lavigne Date: Thu, 1 May 2014 17:21:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44732 - head/en_US.ISO8859-1/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 May 2014 17:21:50 -0000 Author: dru Date: Thu May 1 17:21:49 2014 New Revision: 44732 URL: http://svnweb.freebsd.org/changeset/doc/44732 Log: Editorial review of Tracking for Multiple Machines. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Thu May 1 15:44:23 2014 (r44731) +++ head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Thu May 1 17:21:49 2014 (r44732) @@ -2408,24 +2408,25 @@ Building everything.. When multiple machines need to track the same source tree, - it is a waste of disk space, network bandwidth, and CPU cycles + it is a waste of disk space, network bandwidth, and CPU cycles to have each system download the sources and rebuild everything. The solution is to have one machine do most of the work, while - the rest of the machines mount that work via NFS. This section - outlines a method of doing so. - - - Preliminaries + the rest of the machines mount that work via NFS. This section + outlines a method of doing so. For more information about using + NFS, refer to . First, identify a set of machines which will run the same - set of binaries, known as a build set. + set of binaries, known as a build set. Each machine can have a custom kernel, but will run the same userland binaries. From that set, choose a machine to be the - build machine that the world and kernel + build machine that the world and kernel are built on. Ideally, this is a fast machine that has - sufficient spare CPU to run make buildworld - and make buildkernel. Select a machine to - be the test machine, which will test + sufficient spare CPU to run make buildworld + and make buildkernel. + + Select a machine to + be the test machine, which will test software updates before they are put into production. This must be a machine that can afford to be down for an extended period of time. It can be the build @@ -2433,14 +2434,12 @@ Building everything.. All the machines in this build set need to mount /usr/obj and - /usr/src from the same machine, and at - the same point. Ideally, those directories are on two - different drives on the build machine, but they can be NFS - mounted on that machine as well. For multiple build sets, + /usr/src from the build machine via + NFS. For multiple build sets, /usr/src should be on one build machine, - and NFS mounted on the rest. + and NFS mounted on the rest. - Finally, ensure that /etc/make.conf + Ensure that /etc/make.conf and /etc/src.conf on all the machines in the build set agree with the build machine. That means that the build machine must build all the parts of the base system @@ -2448,51 +2447,40 @@ Building everything.. each build machine should have its kernel name set with KERNCONF in /etc/make.conf, and the build machine - should list them all in KERNCONF, listing + should list them all in its KERNCONF, listing its own kernel first. The build machine must have the kernel - configuration files for each machine in /usr/src/sys/arch/conf - if it is going to build their kernels. - - - - The Base System + configuration files for each machine in its /usr/src/sys/arch/conf. On the build machine, build the kernel and world as - described in , but do not - install anything. After the build has finished, go to the - test machine, and install the built kernel. If this machine - mounts /usr/src and - /usr/obj via NFS, enable the network and - mount these directories after rebooting to single user mode. - The easiest way to do this is to boot to multi-user, then run - shutdown now to go to single user mode. - Once there, install the new kernel and world and run + described in , but do not + install anything on the build machine. Instead, install the built kernel + on the test machine. On the test machine, mount + /usr/src and + /usr/obj via NFS. Then, run + shutdown now to go to single-user mode in order to + install the new kernel and world and run mergemaster as usual. When done, reboot to - return to normal multi-user operations for this - machine. + return to normal multi-user operations. After verifying that everything on the test machine is working properly, use the same procedure to install the new software on each of the other machines in the build set. - - - - Ports - The same ideas can be used for the ports tree. The first - critical step is to mount /usr/ports from - the same machine to all the machines in the build set. Then, - configure /etc/make.conf properly to - share distfiles. Set DISTDIR to a common + The same methodology can be used for the ports tree. The first + step is to share /usr/ports via + NFS to all the machines in the build set. To + configure /etc/make.conf to + share distfiles, set DISTDIR to a common shared directory that is writable by whichever user root is mapped to by - the NFS mounts. Each machine should set - WRKDIRPREFIX to a local build directory. - Finally, if the system is to build and distribute packages, - set PACKAGES to a directory similar to + the NFS mount. Each machine should set + WRKDIRPREFIX to a local build directory, if + ports are to be built locally. + Alternately, if the build system is to build and distribute + packages to the machines in the build set, + set PACKAGES on the build system to a directory similar to DISTDIR. - From owner-svn-doc-all@FreeBSD.ORG Thu May 1 18:12:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 21A4A8A8; Thu, 1 May 2014 18:12:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0D7201A7A; Thu, 1 May 2014 18:12:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s41ICMU4078662; Thu, 1 May 2014 18:12:22 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s41ICMa0078661; Thu, 1 May 2014 18:12:22 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405011812.s41ICMa0078661@svn.freebsd.org> From: Dru Lavigne Date: Thu, 1 May 2014 18:12:22 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44733 - head/en_US.ISO8859-1/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 May 2014 18:12:23 -0000 Author: dru Date: Thu May 1 18:12:22 2014 New Revision: 44733 URL: http://svnweb.freebsd.org/changeset/doc/44733 Log: Begin to incorporate repeated info within the Rebuilding World chapter. Fix some xrefs. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Thu May 1 17:21:49 2014 (r44732) +++ head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Thu May 1 18:12:22 2014 (r44733) @@ -1109,7 +1109,7 @@ before running "/usr/sbin/freebsd-update compiling , read /usr/src/Makefile very carefully and follow the instructions in - Rebuilding "world". + . Read the &a.current; and /usr/src/UPDATING to stay up-to-date on other bootstrapping procedures that @@ -1216,8 +1216,8 @@ before running "/usr/sbin/freebsd-update -STABLE compiling , read /usr/src/Makefile - carefully and follow the instructions in Rebuilding "world". Read + carefully and follow the instructions in . Read &a.stable; and /usr/src/UPDATING to keep up-to-date on other bootstrapping procedures that sometimes become necessary on the road to the next @@ -1290,7 +1290,7 @@ before running "/usr/sbin/freebsd-update - Rebuilding <quote>world</quote> + Rebuilding World Rebuilding world @@ -1333,12 +1333,12 @@ before running "/usr/sbin/freebsd-update Read /usr/src/UPDATING for any - pre-buildworld steps necessary for that version of the + extra steps necessary for that version of the source. This file contains important information about potential problems and may specify the order to run certain commands. Many upgrades require specific additional steps such as renaming or deleting specific files prior to - installworld. These will be listed at the end of this file + installing the new world. These will be listed at the end of this file where the currently recommended upgrade sequence is explicitly spelled out. If UPDATING contradicts any steps in this @@ -1430,20 +1430,32 @@ before running "/usr/sbin/freebsd-update Use the new compiler residing in /usr/obj to build the new kernel, in order to protect against compiler-kernel - mismatches: + mismatches. This is necessary, as certain memory + structures may have changed, and programs like + ps and top will fail + to work if the kernel and source code versions are not the + same. &prompt.root; make buildkernel Install the new kernel and kernel modules, making it - possible to boot with the newly updated kernel: + possible to boot with the newly updated kernel. If + kern.securelevel has been raised above + 1 and + noschg or have been set on the kernel + binary, drop the system into single-user mode first. + Otherwise, this command can be run from multi-user mode + without problems. See &man.init.8; for details about + kern.securelevel and &man.chflags.1; + for details about the various file flags. &prompt.root; make installkernel - Drop the system into single user mode in order to + Drop the system into single-user mode in order to minimize problems from updating any binaries that are already running. It also minimizes any problems from running the old world on a new kernel. @@ -1475,7 +1487,11 @@ before running "/usr/sbin/freebsd-update - Next, perform some initial configuration file updates + Remaking the world will not update certain + directories, such as /etc, + /var and /usr, + with new or changed configuration files. The next step is + to perform some initial configuration file updates to /etc in preparation for the new world. The following command compares only those files that are essential for the @@ -1485,13 +1501,14 @@ before running "/usr/sbin/freebsd-update last update. This is necessary so that the installworld step will be able to use any new system accounts, groups, and - scripts. + scripts. Refer to for more + detailed instructions about this command: &prompt.root; mergemaster -p - Install the new world from Install the new world and system binaries from /usr/obj. &prompt.root; cd /usr/src @@ -1532,9 +1549,9 @@ before running "/usr/sbin/freebsd-update single-user mode If the system can have a window of down-time, consider - compiling the system in single user mode instead of compiling + compiling the system in single-user mode instead of compiling the system in multi-user mode, and then dropping into - single user mode for the installation. Reinstalling the + single-user mode for the installation. Reinstalling the system touches a lot of important system files, all the standard system binaries, libraries, and include files. Changing these on a running system, particularly one with @@ -1548,20 +1565,18 @@ before running "/usr/sbin/freebsd-update make.conf - This section describes the configuration files used by the - build world process. + This build world process uses several configuration + files. - The options available to &man.make.1; are described in + The options available to make are described in &man.make.conf.5; and some common examples are included in /usr/share/examples/etc/make.conf. Any options which are added to /etc/make.conf - will control the way &man.make.1; runs and how it builds - programs. Such options take effect every time &man.make.1; is + will control the how make runs and builds + programs. These options take effect every time make is used, including compiling applications from the Ports Collection, compiling custom C programs, or building the &os; - operating system. - - Changes to some settings can have far-reaching and + operating system. Changes to some settings can have far-reaching and potentially surprising effects. Read the comments in both locations and keep in mind that the defaults have been chosen for a combination of performance and safety. @@ -1676,7 +1691,7 @@ Script done, … buildworld can be run on a machine running in multi-user mode with no fear of ill-effects. It is still recommended that installworld - be run in part in single user mode, though. + be run in part in single-user mode, though. Secondly, it allows NFS mounts to be used to upgrade multiple machines on a network. If order to upgrade three @@ -1728,69 +1743,6 @@ Script done, … &os.stable; tree, with no tricks or shortcuts used during the process. A &os.current; tree will take somewhat longer. - - - - Compile and Install a New Kernel - - - kernel - compiling - - - To take full advantage of the new system, recompile the - kernel. This is practically a necessity, as certain memory - structures may have changed, and programs like &man.ps.1; and - &man.top.1; will fail to work until the kernel and source code - versions are the same. - - The simplest, safest way to do this is to build and - install a kernel based on GENERIC. While - GENERIC may not have all the necessary - devices for the system, it should contain everything necessary - to boot the system back to single user mode. This is a good - test that the new system works properly. After booting from - GENERIC and verifying that the system - works, a new kernel can be built based on a custom kernel - configuration file. - - On &os; it is important to - build world before - building a new kernel. - - - To build a custom kernel with an existing customized - configuration file, use - KERNCONF=MYKERNEL: - - &prompt.root; cd /usr/src -&prompt.root; make buildkernel KERNCONF=MYKERNEL -&prompt.root; make installkernel KERNCONF=MYKERNEL - - - - If kern.securelevel has been raised - above 1 and noschg or - similar flags have been set on the kernel binary, drop into - single user mode to use - installkernel. Otherwise, both - these commands can be run from multi user mode without - problems. See &man.init.8; for details about - kern.securelevel and &man.chflags.1; for - details about the various file flags. - - Reboot into single user mode to test that the new kernel - works. - - - - Install the New System Binaries - - Next, use installworld to - install the new system binaries: - - &prompt.root; cd /usr/src -&prompt.root; make installworld If variables were specified to @@ -1813,24 +1765,9 @@ Script done, … - - Update Files Not Updated by - <command>make installworld</command> - - Remaking the world will not update certain directories, - such as /etc, - /var and - /usr, with - new or changed configuration files. - - The simplest way to update the files in these directories - is to use &man.mergemaster.8;. Be sure to first make a backup - of /etc in case anything goes - wrong. - - + - <command>mergemaster</command> + Merging Configuration Files @@ -1909,10 +1846,6 @@ Script done, … it will prompt for other options. &man.mergemaster.8; may prompt to rebuild the password file and will finish up with an option to remove left-over temporary files. - - - - Manual Update To perform the update manually instead, do not just copy over the files from @@ -2066,7 +1999,6 @@ Script done, … &prompt.root; mkdir /var/tmp/root-`date "+%Y%m%d"` - From owner-svn-doc-all@FreeBSD.ORG Thu May 1 18:50:45 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 57F485D7; Thu, 1 May 2014 18:50:45 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 390971E63; Thu, 1 May 2014 18:50:45 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s41IojNW091858; Thu, 1 May 2014 18:50:45 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s41Iojk5091857; Thu, 1 May 2014 18:50:45 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405011850.s41Iojk5091857@svn.freebsd.org> From: Dru Lavigne Date: Thu, 1 May 2014 18:50:45 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44734 - head/en_US.ISO8859-1/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 May 2014 18:50:45 -0000 Author: dru Date: Thu May 1 18:50:44 2014 New Revision: 44734 URL: http://svnweb.freebsd.org/changeset/doc/44734 Log: Editorial review of Variables and Targets section. Move note on scripting the process to above the process. More commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Thu May 1 18:12:22 2014 (r44733) +++ head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Thu May 1 18:50:44 2014 (r44734) @@ -1396,6 +1396,25 @@ before running "/usr/sbin/freebsd-update sequence described in the following procedure. + + It is a good idea to save the output from running + make to a file. If something goes wrong, a copy of + the error message can be posted to one of the &os; mailing + lists. + + The easiest way to do this is to use script with a + parameter that specifies the name of the file to save all + output to. Do not save the output to + /tmp as this directory may be cleared at + next reboot. A better place to save the file is + /var/tmp. Run this command immediately before rebuilding + the world, and then type exit when the + process has finished: + + &prompt.root; script /var/tmp/mw.out +Script started, output file is /var/tmp/mw.out + + Overview of Build World Process @@ -1568,6 +1587,10 @@ before running "/usr/sbin/freebsd-update This build world process uses several configuration files. + The Makefile located in /usr/src + describes how the programs that comprise &os; should be + built and the order in which they should be built. + The options available to make are described in &man.make.conf.5; and some common examples are included in /usr/share/examples/etc/make.conf. Any @@ -1597,140 +1620,70 @@ before running "/usr/sbin/freebsd-update - Recompile the Base System - - It is a good idea to save the output from running - &man.make.1; to a file. If something goes wrong, a copy of - the error message can be posted to one of the &os; mailing - lists. - - The easiest way to do this is to use &man.script.1; with a - parameter that specifies the name of the file to save all - output to. Run this command immediately before rebuilding - the world, and then type exit when the - process has finished: - - &prompt.root; script /var/tmp/mw.out -Script started, output file is /var/tmp/mw.out -&prompt.root; make TARGET -… compile, compile, compile … -&prompt.root; exit -Script done, … + Variables and Targets - Do not save the output in - /tmp as this directory may be cleared at - next reboot. A better place to save the file is - /var/tmp or in root's home directory. - - While in /usr/src type: - - &prompt.root; cd /usr/src - - - make - - - To rebuild the world, use &man.make.1;. This command - reads instructions from the Makefile, - which describes how the programs that comprise &os; should be - built and the order in which they should be built. - - The general format of the command is as follows: + The general format for using make is as + follows: &prompt.root; make -x -DVARIABLE target In this example, is an option - passed to &man.make.1;. Refer to &man.make.1; for examples + passed to make. Refer to &man.make.1; for examples of the available options. - - passes a variable to the Makefile. The + To pass a variable, specify the variable name with . + The behavior of the Makefile is controlled by - these variables. These are the same variables as are set in - /etc/make.conf, and this provides - another way of setting them. For example: + variables. These can either be set in + /etc/make.conf or they can be specified + when using make. For example, this + variable specifies that profiled libraries + should not be built: &prompt.root; make -DNO_PROFILE target - is another way of specifying that profiled libraries - should not be built, and corresponds with the + It corresponds with this setting in + /etc/make.conf: NO_PROFILE= true # Avoid compiling profiled libraries - line in /etc/make.conf. - - target tells &man.make.1; what - to do. Each Makefile defines a number of - different targets, and the choice of target - determines what happens. - - Some targets listed in the Makefile + The target tells make what + to do and the Makefile defines the + available targets. Some targets are used by the build process to break out the steps necessary to rebuild the system into a number of sub-steps. - Most of the time, no parameters need to be passed to - &man.make.1; and the command looks like this: - - &prompt.root; make target - - Where target is one of many - build options. The first target should always be - buildworld. - - As the names imply, buildworld - builds a complete new tree under /usr/obj - and installworld installs this tree - on the current machine. - Having separate options is useful for two reasons. First, - it allows for a self hosted build that does not + it allows for a build that does not affect any components of a running system. Because of this, - buildworld can be run on a machine - running in multi-user mode with no fear of ill-effects. It is + buildworld can be safely run on a machine + running in multi-user mode. It is still recommended that installworld be run in part in single-user mode, though. - Secondly, it allows NFS mounts to be used to upgrade - multiple machines on a network. If order to upgrade three - machines, A, - B and C, run - make buildworld and make - installworld on A. - B and C - should then NFS mount /usr/src and - /usr/obj from A, - and run make installworld to install the - results of the build on B and - C. - - Although the world target still - exists, users are strongly encouraged not to use it. - - Instead, run: - - &prompt.root; make buildworld + Secondly, it allows NFS mounts to be used to upgrade + multiple machines on a network, as described in . It is possible to specify which will cause make to spawn several simultaneous - processes. This is most useful on multi-CPU machines. - However, since much of the compiling process is I/O bound - rather than CPU bound, it is also useful on single CPU - machines. + processes. + Since much of the compiling process is I/O-bound + rather than CPU-bound, this is useful on both single CPU + and multi-CPU machines. - On a typical single-CPU machine, run: - - &prompt.root; make -j4 buildworld - - &man.make.1; will then have up to 4 processes running at + On a single-CPU machine, run + the following command to have up to 4 processes running at any one time. Empirical evidence posted to the mailing lists shows this generally gives the best performance benefit. - On a multi-CPU machine using an SMP configured kernel, try - values between 6 and 10 and see how they speed things + &prompt.root; make -j4 buildworld + + On a multi-CPU machine, try + values between 6 and 10 to see how they speed things up. @@ -1738,28 +1691,22 @@ Script done, … timings - Many factors influence the build time, but fairly recent - machines may only take a one or two hours to build the - &os.stable; tree, with no tricks or shortcuts used during the - process. A &os.current; tree will take somewhat - longer. - - If variables were specified to + If any variables were specified to make buildworld, specify the same variables to make installworld. However, - must never be used with + must never be used with installworld. - For example, if you ran: + For example, if this command was used: &prompt.root; make -DNO_PROFILE buildworld - install the results with: + Install the results with: &prompt.root; make -DNO_PROFILE installworld - otherwise, the command will try to install profiled + Otherwise, the second command will try to install profiled libraries that were not built during the make buildworld phase. From owner-svn-doc-all@FreeBSD.ORG Thu May 1 19:38:05 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4587E25D; Thu, 1 May 2014 19:38:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 31EA7147B; Thu, 1 May 2014 19:38:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s41Jc4hT012092; Thu, 1 May 2014 19:38:04 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s41Jc4Bx012091; Thu, 1 May 2014 19:38:04 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405011938.s41Jc4Bx012091@svn.freebsd.org> From: Dru Lavigne Date: Thu, 1 May 2014 19:38:04 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44735 - head/en_US.ISO8859-1/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 May 2014 19:38:05 -0000 Author: dru Date: Thu May 1 19:38:04 2014 New Revision: 44735 URL: http://svnweb.freebsd.org/changeset/doc/44735 Log: Finish editorial review of Rebuilding World chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Thu May 1 18:50:44 2014 (r44734) +++ head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Thu May 1 19:38:04 2014 (r44735) @@ -1559,7 +1559,8 @@ Script started, output file is /var/tmp/ rebuilt before old libraries are removed using the instructions in . When finished, remove any obsolete libraries to avoid conflicts - with newer ones. + with newer ones. For a more detailed description of this + step, refer to . &prompt.root; make delete-old-libs @@ -1733,40 +1734,48 @@ Script started, output file is /var/tmp/ - &man.mergemaster.8; is a Bourne script to aid in + &os; provides the &man.mergemaster.8; Bourne script to aid in determining the differences between the configuration files in /etc, and the configuration files in - the source tree /usr/src/etc. This is + /usr/src/etc. This is the recommended solution for keeping the system configuration files up to date with those located in the source tree. + + Before using mergemaster, it is recommended to first copy the existing + /etc somewhere + safe. Include which does a recursive copy and + which preserves times and the ownerships on + files: + + &prompt.root; cp -Rp /etc /etc.old - To begin, type mergemaster and it - will build a temporary root environment, from - / down, and populate it with various + When run, mergemaster + builds a temporary root environment, from + / down, and populates it with various system configuration files. Those files are then compared to the ones currently installed in the system. Files that differ will be shown in &man.diff.1; format, with the sign representing added or modified lines, and representing lines that will - be either removed completely, or replaced with a new file. - Refer to &man.diff.1; for more information about the - &man.diff.1; syntax and how file differences are + be either removed completely or replaced with a new file. + Refer to &man.diff.1; for more information about + how file differences are shown. - &man.mergemaster.8; will then display each file that - differs, and present the options of either deleting the new - file, referred to as the temporary file, installing the - temporary file in its unmodified state, merging the - temporary file with the currently installed file, or viewing - the &man.diff.1; results again. + Next, mergemaster will display each file that + differs, and present options to: delete the new + file, referred to as the temporary file, install the + temporary file in its unmodified state, merge the + temporary file with the currently installed file, or view + the results again. Choosing to delete the temporary file will tell - &man.mergemaster.8; to keep the current file unchanged and - to delete the new version. This option is not recommended, - unless there is no reason to change the current file. To + mergemaster to keep the current file unchanged and + to delete the new version. This option is not recommended. + To get help at any time, type ? at the - &man.mergemaster.8; prompt. If the user chooses to skip a + mergemaster prompt. If the user chooses to skip a file, it will be presented again after all other files have been dealt with. @@ -1785,90 +1794,16 @@ Script started, output file is /var/tmp/ option is customarily used for files where settings have been modified by the user. - Choosing to view the &man.diff.1; results again will - display the file differences just like &man.mergemaster.8; - did before prompting an option. + Choosing to view the results again will + redisplay the file differences. - After &man.mergemaster.8; is done with the system files, - it will prompt for other options. &man.mergemaster.8; may + After mergemaster is done with the system files, + it will prompt for other options. It may prompt to rebuild the password file and will finish up with an option to remove left-over temporary files. - - To perform the update manually instead, do not just copy - over the files from - /usr/src/etc to - /etc and expect it to - work. Some files must be installed first as - /usr/src/etc - is not a copy of what - /etc should look - like. In addition, some files that should be in - /etc are not in - /usr/src/etc. - - The simplest way to merge files by hand is to install - the files into a new directory, and then work through them - looking for differences. - - - Backup Your Existing - <filename>/etc</filename> - - It is recommended to first copy the existing - /etc somewhere - safe, like so: - - &prompt.root; cp -Rp /etc /etc.old - - where does a recursive copy and - preserves times and the ownerships on - files. - - - Build a temporary set of directories into which the new - /etc and other files - can be installed: - - &prompt.root; mkdir /var/tmp/root -&prompt.root; cd /usr/src/etc -&prompt.root; make DESTDIR=/var/tmp/root distrib-dirs distribution - - This will build the necessary directory structure and - install the files. A lot of the subdirectories that have - been created under /var/tmp/root are - empty and should be deleted. The simplest way to do this is - to: - - &prompt.root; cd /var/tmp/root -&prompt.root; find -d . -type d | xargs rmdir 2>/dev/null - - This will remove all empty directories while redirecting - standard error to /dev/null to prevent - the warnings about the directories that are not - empty. - - /var/tmp/root now - contains all the files that should be placed in appropriate - locations below /. - Go through each of these files, determining how they differ - from the system's existing files. - - Some of the files installed into - /var/tmp/root have a leading - .. Make sure to use - ls -a in order to catch them. - - The simplest way to compare files is to use - &man.diff.1;: - - &prompt.root; diff /etc/shells /var/tmp/root/etc/shells - - This command will show the differences between the - existing /etc/shells and the new - /var/tmp/root/etc/shells. Review the - differences to decide whether to merge in custom changes - or to replace the existing file with the new one. - + - Deleting Obsolete Files and Directories + Deleting Obsolete Files and Libraries @@ -1971,9 +1907,9 @@ Script started, output file is /var/tmp/ their contents occasionally become obsolete. This may be because functionality is implemented elsewhere, the version number of the library has changed, or it was removed from the - system entirely. This includes old files, libraries, and - directories, which should be removed when updating the system. - The benefit is that the system is not cluttered with old files + system entirely. These obsoleted files, libraries, and + directories should be removed when updating the system. + This ensures that the system is not cluttered with old files which take up unnecessary space on the storage and backup media. Additionally, if the old library has a security or stability issue, the system should be updated to the newer @@ -1987,8 +1923,7 @@ Script started, output file is /var/tmp/ After the make installworld and the subsequent mergemaster have - finished successfully, check for obsolete files and libraries - as follows: + finished successfully, check for obsolete files and libraries: &prompt.root; cd /usr/src &prompt.root; make check-old @@ -1998,11 +1933,6 @@ Script started, output file is /var/tmp/ &prompt.root; make delete-old - - Refer to /usr/src/Makefile - for more targets of interest. - - A prompt is displayed before deleting each obsolete file. To skip the prompt and let the system remove these files automatically, use @@ -2014,10 +1944,6 @@ Script started, output file is /var/tmp/ through yes: &prompt.root; yes|make delete-old - - - - Deleting obsolete libraries Warning @@ -2031,9 +1957,8 @@ Script started, output file is /var/tmp/ executed. - Utilities for checking shared library dependencies are - available from the Ports Collection in - sysutils/libchk or + Utilities for checking shared library dependencies include + sysutils/libchk and sysutils/bsdadminscripts. Obsolete shared libraries can conflict with newer @@ -2050,22 +1975,19 @@ Script started, output file is /var/tmp/ &prompt.root; pkg which /usr/local/lib/libXext.so /usr/local/lib/libXext.so was installed by package libXext-1.1.1,1 - Then deinstall, rebuild, and reinstall the port. + Then deinstall, rebuild, and reinstall the port. To automate this process, ports-mgmt/portmaster can - be used to automate this process. After all ports are rebuilt + be used. After all ports are rebuilt and no longer use the old libraries, delete the old libraries using the following command: &prompt.root; make delete-old-libs - You should now have successfully upgraded the &os; - system. Congratulations. - - If things went slightly wrong, it is easy to rebuild a + If something goes wrong, it is easy to rebuild a particular piece of the system. For example, if /etc/magic was accidentally deleted as part of the upgrade or merge of /etc, - &man.file.1; will stop working. To fix this, run: + file will stop working. To fix this, run: &prompt.root; cd /usr/src/usr.bin/file &prompt.root; make all install From owner-svn-doc-all@FreeBSD.ORG Thu May 1 20:09:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2588E84E; Thu, 1 May 2014 20:09:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 116FF1703; Thu, 1 May 2014 20:09:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s41K9tw8024386; Thu, 1 May 2014 20:09:55 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s41K9tQD024385; Thu, 1 May 2014 20:09:55 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405012009.s41K9tQD024385@svn.freebsd.org> From: Dru Lavigne Date: Thu, 1 May 2014 20:09:55 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44736 - head/en_US.ISO8859-1/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 May 2014 20:09:55 -0000 Author: dru Date: Thu May 1 20:09:54 2014 New Revision: 44736 URL: http://svnweb.freebsd.org/changeset/doc/44736 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Thu May 1 19:38:04 2014 (r44735) +++ head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Thu May 1 20:09:54 2014 (r44736) @@ -176,11 +176,11 @@ the release. Release announcements are available from http://www.FreeBSD.org/releases/. - - If a crontab utilizing the features - of &man.freebsd-update.8; exists, it must be disabled before - upgrading the operating system. - + + If a crontab utilizing the features of + &man.freebsd-update.8; exists, it must be disabled before + upgrading the operating system. + This section describes the configuration file used by freebsd-update, demonstrates how to apply a @@ -246,9 +246,9 @@ MergeChanges /etc/ /var/named/etc/ /boot similar to &man.mergemaster.8;, but with fewer options. Merges are either accepted, open an editor, or cause freebsd-update to abort. When in doubt, - backup /etc and just - accept the merges. See for more - information about mergemaster. + backup /etc and just accept the merges. + See for more information about + mergemaster. # Directory in which to store downloaded updates and temporary # files used by &os; Update. @@ -1276,11 +1276,11 @@ before running "/usr/sbin/freebsd-update verify, and apply the changes to the user's copy of the sources. This process is more efficient than Subversion and places less strain on - server resources since it is a push - rather than a pull model. + server resources since it is a push rather + than a pull model. - There are other trade-offs. If a user inadvertently - wipes out portions of the local archive, + There are other trade-offs. If a user inadvertently wipes + out portions of the local archive, Subversion will detect and rebuild the damaged portions. CTM will not do this, and if a user deletes some portion of the source tree @@ -1333,29 +1333,29 @@ before running "/usr/sbin/freebsd-update Read /usr/src/UPDATING for any - extra steps necessary for that version of the - source. This file contains important information about - potential problems and may specify the order to run certain - commands. Many upgrades require specific additional steps - such as renaming or deleting specific files prior to - installing the new world. These will be listed at the end of this file - where the currently recommended upgrade sequence is - explicitly spelled out. If - UPDATING contradicts any steps in this - chapter, the instructions in UPDATING - take precedence and should be followed. + extra steps necessary for that version of the source. This + file contains important information about potential problems + and may specify the order to run certain commands. Many + upgrades require specific additional steps such as renaming + or deleting specific files prior to installing the new + world. These will be listed at the end of this file where + the currently recommended upgrade sequence is explicitly + spelled out. If UPDATING contradicts + any steps in this chapter, the instructions in + UPDATING take precedence and should be + followed. Do Not Use <command>make world</command> - Some older documentation recommends using - make world. However, that command skips - some important steps and should only be used by experts. For - almost all circumstances make world is the - wrong thing to do, and the procedure described here should be - used instead. + Some older documentation recommends using make + world. However, that command skips some important + steps and should only be used by experts. For almost all + circumstances make world is the wrong thing + to do, and the procedure described here should be used + instead. @@ -1363,8 +1363,8 @@ before running "/usr/sbin/freebsd-update The build world process assumes an upgrade from an older &os; version using the source of a newer version that was - obtained using the instructions in - . + obtained using the instructions in . In &os;, the term world includes the kernel, core system binaries, libraries, programming files, @@ -1393,25 +1393,25 @@ before running "/usr/sbin/freebsd-update step to do so. These concerns have led to the recommended upgrade - sequence described in - the following procedure. + sequence described in the following procedure. - It is a good idea to save the output from running - make to a file. If something goes wrong, a copy of - the error message can be posted to one of the &os; mailing - lists. - - The easiest way to do this is to use script with a - parameter that specifies the name of the file to save all - output to. Do not save the output to - /tmp as this directory may be cleared at - next reboot. A better place to save the file is - /var/tmp. Run this command immediately before rebuilding - the world, and then type exit when the - process has finished: + It is a good idea to save the output from running + make to a file. If something goes wrong, + a copy of the error message can be posted to one of the &os; + mailing lists. + + The easiest way to do this is to use + script with a parameter that specifies + the name of the file to save all output to. Do not save the + output to /tmp as this directory may be + cleared at next reboot. A better place to save the file is + /var/tmp. Run this command immediately + before rebuilding the world, and then type + exit when the process has + finished: - &prompt.root; script /var/tmp/mw.out + &prompt.root; script /var/tmp/mw.out Script started, output file is /var/tmp/mw.out @@ -1519,16 +1519,16 @@ Script started, output file is /var/tmp/ or startup scripts which have been added to &os; since the last update. This is necessary so that the installworld step will be able - to use any new system accounts, groups, and - scripts. Refer to for more - detailed instructions about this command: + to use any new system accounts, groups, and scripts. + Refer to for more detailed + instructions about this command: &prompt.root; mergemaster -p - Install the new world and system binaries from /usr/obj. + Install the new world and system binaries from + /usr/obj. &prompt.root; cd /usr/src &prompt.root; make installworld @@ -1588,22 +1588,25 @@ Script started, output file is /var/tmp/ This build world process uses several configuration files. - The Makefile located in /usr/src - describes how the programs that comprise &os; should be - built and the order in which they should be built. - - The options available to make are described in - &man.make.conf.5; and some common examples are included in + The Makefile located in + /usr/src describes how the programs that + comprise &os; should be built and the order in which they + should be built. + + The options available to make are + described in &man.make.conf.5; and some common examples are + included in /usr/share/examples/etc/make.conf. Any options which are added to /etc/make.conf will control the how make runs and builds - programs. These options take effect every time make is - used, including compiling applications from the Ports - Collection, compiling custom C programs, or building the &os; - operating system. Changes to some settings can have far-reaching and - potentially surprising effects. Read the comments in both - locations and keep in mind that the defaults have been chosen - for a combination of performance and safety. + programs. These options take effect every time + make is used, including compiling + applications from the Ports Collection, compiling custom C + programs, or building the &os; operating system. Changes to + some settings can have far-reaching and potentially surprising + effects. Read the comments in both locations and keep in mind + that the defaults have been chosen for a combination of + performance and safety. src.conf @@ -1630,17 +1633,17 @@ Script started, output file is /var/tmp/ In this example, is an option - passed to make. Refer to &man.make.1; for examples - of the available options. + passed to make. Refer to &man.make.1; for + examples of the available options. - To pass a variable, specify the variable name with . - The + To pass a variable, specify the variable name with + . The behavior of the Makefile is controlled by variables. These can either be set in /etc/make.conf or they can be specified when using make. For example, this - variable specifies that profiled libraries - should not be built: + variable specifies that profiled libraries should not be + built: &prompt.root; make -DNO_PROFILE target @@ -1649,43 +1652,43 @@ Script started, output file is /var/tmp/ NO_PROFILE= true # Avoid compiling profiled libraries - The target tells make what - to do and the Makefile defines the - available targets. Some targets - are used by the build process to break out the steps - necessary to rebuild the system into a number of + The target tells + make what to do and the + Makefile defines the available targets. + Some targets are used by the build process to break out the + steps necessary to rebuild the system into a number of sub-steps. Having separate options is useful for two reasons. First, - it allows for a build that does not - affect any components of a running system. Because of this, - buildworld can be safely run on a machine - running in multi-user mode. It is - still recommended that installworld - be run in part in single-user mode, though. - - Secondly, it allows NFS mounts to be used to upgrade - multiple machines on a network, as described in . + it allows for a build that does not affect any components of a + running system. Because of this, + buildworld can be safely run on a + machine running in multi-user mode. It is still recommended + that installworld be run in part in + single-user mode, though. + + Secondly, it allows NFS mounts to be + used to upgrade multiple machines on a network, as described + in . It is possible to specify which will cause make to spawn several simultaneous - processes. - Since much of the compiling process is I/O-bound - rather than CPU-bound, this is useful on both single CPU - and multi-CPU machines. - - On a single-CPU machine, run - the following command to have up to 4 processes running at - any one time. Empirical evidence posted to the mailing lists - shows this generally gives the best performance - benefit. + processes. Since much of the compiling process is + I/O-bound rather than + CPU-bound, this is useful on both single + CPU and multi-CPU + machines. + + On a single-CPU machine, run the + following command to have up to 4 processes running at any one + time. Empirical evidence posted to the mailing lists shows + this generally gives the best performance benefit. &prompt.root; make -j4 buildworld - On a multi-CPU machine, try - values between 6 and 10 to see how they speed things - up. + On a multi-CPU machine, try values + between 6 and 10 to see + how they speed things up. rebuilding world @@ -1693,11 +1696,11 @@ Script started, output file is /var/tmp/ - If any variables were specified to - make buildworld, specify the same - variables to make installworld. However, - must never be used with - installworld. + If any variables were specified to make + buildworld, specify the same variables to + make installworld. However, + must never be used + with installworld. For example, if this command was used: @@ -1707,15 +1710,15 @@ Script started, output file is /var/tmp/ &prompt.root; make -DNO_PROFILE installworld - Otherwise, the second command will try to install profiled - libraries that were not built during the + Otherwise, the second command will try to install + profiled libraries that were not built during the make buildworld phase. - - - Merging Configuration Files + + + Merging Configuration Files @@ -1734,73 +1737,71 @@ Script started, output file is /var/tmp/ - &os; provides the &man.mergemaster.8; Bourne script to aid in - determining the differences between the configuration files - in /etc, and the configuration files in - /usr/src/etc. This is - the recommended solution for keeping the system - configuration files up to date with those located in the - source tree. - - Before using mergemaster, it is recommended to first copy the existing - /etc somewhere - safe. Include which does a recursive copy and - which preserves times and the ownerships on - files: - - &prompt.root; cp -Rp /etc /etc.old - - When run, mergemaster - builds a temporary root environment, from - / down, and populates it with various - system configuration files. Those files are then compared - to the ones currently installed in the system. Files that - differ will be shown in &man.diff.1; format, with the - sign representing added or modified - lines, and representing lines that will - be either removed completely or replaced with a new file. - Refer to &man.diff.1; for more information about - how file differences are - shown. - - Next, mergemaster will display each file that - differs, and present options to: delete the new - file, referred to as the temporary file, install the - temporary file in its unmodified state, merge the - temporary file with the currently installed file, or view - the results again. - - Choosing to delete the temporary file will tell - mergemaster to keep the current file unchanged and - to delete the new version. This option is not recommended. - To - get help at any time, type ? at the - mergemaster prompt. If the user chooses to skip a - file, it will be presented again after all other files have - been dealt with. - - Choosing to install the unmodified temporary file will - replace the current file with the new one. For most - unmodified files, this is the best option. - - Choosing to merge the file will present a text editor, - and the contents of both files. The files can be merged - by reviewing both files side by side on the screen, and - choosing parts from both to create a finished product. When - the files are compared side by side, l - selects the left contents and r selects - contents from the right. The final output will be a file - consisting of both parts, which can then be installed. This - option is customarily used for files where settings have - been modified by the user. - - Choosing to view the results again will - redisplay the file differences. - - After mergemaster is done with the system files, - it will prompt for other options. It may - prompt to rebuild the password file and will finish up with - an option to remove left-over temporary files. + &os; provides the &man.mergemaster.8; Bourne script to aid + in determining the differences between the configuration files + in /etc, and the configuration files in + /usr/src/etc. This is the recommended + solution for keeping the system configuration files up to date + with those located in the source tree. + + Before using mergemaster, it is + recommended to first copy the existing + /etc somewhere safe. Include + which does a recursive copy and + which preserves times and the ownerships + on files: + + &prompt.root; cp -Rp /etc /etc.old + + When run, mergemaster builds a + temporary root environment, from / down, + and populates it with various system configuration files. + Those files are then compared to the ones currently installed + in the system. Files that differ will be shown in + &man.diff.1; format, with the sign + representing added or modified lines, and + representing lines that will be either removed completely or + replaced with a new file. Refer to &man.diff.1; for more + information about how file differences are shown. + + Next, mergemaster will display each + file that differs, and present options to: delete the new + file, referred to as the temporary file, install the temporary + file in its unmodified state, merge the temporary file with + the currently installed file, or view the results + again. + + Choosing to delete the temporary file will tell + mergemaster to keep the current file + unchanged and to delete the new version. This option is not + recommended. To get help at any time, type + ? at the mergemaster + prompt. If the user chooses to skip a file, it will be + presented again after all other files have been dealt + with. + + Choosing to install the unmodified temporary file will + replace the current file with the new one. For most + unmodified files, this is the best option. + + Choosing to merge the file will present a text editor, and + the contents of both files. The files can be merged by + reviewing both files side by side on the screen, and choosing + parts from both to create a finished product. When the files + are compared side by side, l selects the left + contents and r selects contents from the + right. The final output will be a file consisting of both + parts, which can then be installed. This option is + customarily used for files where settings have been modified + by the user. + + Choosing to view the results again will redisplay the file + differences. + + After mergemaster is done with the + system files, it will prompt for other options. It may prompt + to rebuild the password file and will finish up with an option + to remove left-over temporary files. - - --> - - Desktop Environments + - This section describes the different desktop environments - available for X on FreeBSD. A - desktop environment can mean anything ranging + This section describes how to install three popular + desktop environments on a &os; system. A + desktop environment can range from a simple window manager to a complete suite of desktop - applications, such as KDE or - GNOME. + applications. Over a hundred desktop environments are + available in the x11-wm category of the + Ports Collection. GNOME - - About GNOME - GNOME GNOME is a user-friendly - desktop environment that enables users to easily use and - configure their computers. GNOME - includes a panel (for starting applications and displaying - status), a desktop (where data and applications can be - placed), a set of standard desktop tools and applications, - anda set of conventions that make it easy for applications - to cooperate and be consistent with each other. Users of - other operating systems or environments should feel right at - home using the powerful graphics-driven environment that - GNOME provides. More information - regarding GNOME on FreeBSD can be - found on the FreeBSD GNOME - Project's web site. The web site also contains - fairly comprehensive FAQs about installing, configuring, and - managing GNOME. - - - - Installing GNOME + desktop environment. It + includes a panel for starting applications and displaying + status, a desktop, a set of tools and applications, + and a set of conventions that make it easy for applications + to cooperate and be consistent with each other. More information + regarding GNOME on &os; can be + found at http://www.FreeBSD.org/gnome. + That web site contains additional documentation + about installing, configuring, and + managing GNOME on &os;. - The software can be easily installed from a package - or the Ports Collection: - - To install the GNOME package, - type: + This desktop environment can be installed from a package: &prompt.root; pkg install gnome2 - To build GNOME from source, - use the ports tree: + To instead build GNOME from + ports: &prompt.root; cd /usr/ports/x11/gnome2 &prompt.root; make install clean For proper operation, GNOME - requires the /proc filesystem to be - mounted. Add + requires the /proc file system to be + mounted. Add this line to /etc/fstab to mount + this file system automatically during system + startup: proc /proc procfs rw 0 0 - to /etc/fstab to mount - &man.procfs.5; automatically during - startup. - Once GNOME is installed, - the X server must be told to start - GNOME instead of a default window - manager. - - The easiest way to start - GNOME is with - GDM, the GNOME Display Manager. - GDM is installed as part - of the GNOME desktop, although - it is disabled by default. It can be enabled by adding this + configure &xorg; to start + GNOME. The easiest way to do this + is to enable the GNOME Display Manager, + GDM, + which is installed as part + of the GNOME package or port. + It can be enabled by adding this line to /etc/rc.conf: gdm_enable="YES" - Once you have rebooted, GDM - will start automatically. - - It is often desirable to start all - GNOME services together with - GDM. To achieve this, add the - following line to /etc/rc.conf: + It is often desirable to also start all + GNOME services. To achieve this, add + a second line to /etc/rc.conf: gnome_enable="YES" - GNOME may also be started - from the command-line by properly configuring a file named - .xinitrc. If a custom - .xinitrc is already in place, simply + GDM + will now start automatically when the system boots. + + A second method for starting + GNOME is to type startx + from the command-line after configuring + ~/.xinitrc. If this file already exists, replace the line that starts the current window manager with one that starts - /usr/local/bin/gnome-session - instead. If nothing special has been done to the - configuration file, then it is enough simply to type: + /usr/local/bin/gnome-session. If + this file does not exist, create it with this command: &prompt.user; echo "/usr/local/bin/gnome-session" > ~/.xinitrc - Next, type startx, and the - GNOME desktop environment will - be started. - - - If an older display manager, like - XDM, is being used, this will - not work. Instead, create an executable - .xsession file with the same command - in it. To do this, edit the file and replace the existing - window manager command with - /usr/local/bin/gnome-session: - + A third method is to use + XDM as the display manager. In this case, + create an executable + ~/.xsession: &prompt.user; echo "#!/bin/sh" > ~/.xsession &prompt.user; echo "/usr/local/bin/gnome-session" >> ~/.xsession &prompt.user; chmod +x ~/.xsession - - Yet another option is to configure the display manager - to allow choosing the window manager at login time; the - section on - KDE details - explains how to do this for KDM, - the display manager of - KDE. - KDE KDE - - About KDE KDE is an easy to use contemporary desktop environment. Some of the things that @@ -1274,10 +1231,6 @@ DisplayManager.requestPort: 0KDE, consult the KDE/FreeBSD initiative's website. - - - - Installing KDE Just as with GNOME or any other desktop environment, the software can be easily @@ -1319,11 +1272,6 @@ DisplayManager.requestPort: 0.xsession file instead. Instructions for KDM are described later in this chapter. - - - - - More Details on KDE Now that KDE is installed on the system, most things can be discovered through the help @@ -1368,9 +1316,6 @@ DisplayManager.requestPort: 0 Xfce - - About Xfce - Xfce is a desktop environment based on the GTK+ toolkit used by GNOME, but is much more @@ -1416,10 +1361,6 @@ DisplayManager.requestPort: 0More information on Xfce can be found on the Xfce website. - - - - Installing Xfce To install Xfce, type: @@ -1441,13 +1382,12 @@ DisplayManager.requestPort: 0Xfce will be the desktop. As before, if a display manager like XDM is being used, create an - .xsession, as described in the section - on GNOME, but with the + .xsession, as described in + , but with the /usr/local/bin/startxfce4 command; or, configure the display manager to allow choosing a desktop at - login time, as explained in the section on - kdm. - + login time, as explained in + . From owner-svn-doc-all@FreeBSD.ORG Fri May 2 16:57:25 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C8D97678; Fri, 2 May 2014 16:57:25 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B50E6128C; Fri, 2 May 2014 16:57:25 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s42GvPOX048274; Fri, 2 May 2014 16:57:25 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s42GvP1X048273; Fri, 2 May 2014 16:57:25 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405021657.s42GvP1X048273@svn.freebsd.org> From: Dru Lavigne Date: Fri, 2 May 2014 16:57:25 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44739 - head/en_US.ISO8859-1/books/handbook/x11 X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 May 2014 16:57:25 -0000 Author: dru Date: Fri May 2 16:57:25 2014 New Revision: 44739 URL: http://svnweb.freebsd.org/changeset/doc/44739 Log: Editorial review of KDE section. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/x11/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/x11/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/x11/chapter.xml Fri May 2 15:30:23 2014 (r44738) +++ head/en_US.ISO8859-1/books/handbook/x11/chapter.xml Fri May 2 16:57:25 2014 (r44739) @@ -1113,7 +1113,10 @@ DisplayManager.requestPort: 0&prompt.root; pkg install gnome2 To instead build GNOME from - ports: + ports, use the following command. + GNOME is a large application + and will take some time to compile, even on a fast + computer. &prompt.root; cd /usr/ports/x11/gnome2 &prompt.root; make install clean @@ -1173,144 +1176,73 @@ DisplayManager.requestPort: 0KDE - KDE is an easy to use - contemporary desktop environment. Some of the things that - KDE brings to the user - are: - - - - A beautiful contemporary desktop - - - - A desktop exhibiting complete network - transparency - - - - An integrated help system allowing for convenient, - consistent access to help on the use of the - KDE desktop and its - applications - - - - Consistent look and feel of all - KDE applications - - - - Standardized menu and toolbars, keybindings, - color-schemes, etc. - - - - Internationalization: KDE - is available in more than 55 languages - - - - Centralized, consistent, dialog-driven desktop - configuration - + KDE is another easy-to-use + desktop environment. This desktop provides a suite of + applications with a consistent look and feel, a standardized + menu and toolbars, keybindings, color-schemes, + internationalization, and a centralized, dialog-driven + desktop configuration. More information on + KDE can be found at + http://www.kde.org/. + For &os;-specific information, consult http://freebsd.kde.org. - - A great number of useful - KDE applications - - - - KDE comes with a web - browser called Konqueror, which - is a solid competitor to other existing web browsers on - &unix; systems. More information on - KDE can be found on the - KDE website. - For FreeBSD specific information and resources on - KDE, consult the - KDE/FreeBSD - initiative's website. - - Just as with GNOME or any - other desktop environment, the software can be easily - installed from a package or the Ports Collection: - - To install the KDE4 package, + To install the KDE package, type: &prompt.root; pkg install x11/kde4 - To build KDE from source, - use the ports tree: + To instead build the KDE + port, use the following command. Installing the port will + provide a menu for selecting which components to + install. KDE is a large application + and will take some time to compile, even on a fast + computer. &prompt.root; cd /usr/ports/x11/kde4 &prompt.root; make install clean - The first time the port is installed, a menu will be - shown for selecting options. Accepting the defaults is - recommended. - - KDE 4 is a large application, - and will take quite some time to compile even on a fast - computer. - - After KDE has been installed, - the X server must be told to launch this application - instead of the default window manager. This is accomplished - by editing the .xinitrc file: - - &prompt.user; echo "exec /usr/local/kde4/bin/startkde" > ~/.xinitrc - - Now, whenever the X Window System is invoked with - startx, KDE - will be the desktop. - - If a display manager such as - XDM is being used, the - configuration is slightly different. Edit the - .xsession file instead. Instructions - for KDM are described later in - this chapter. - - Now that KDE is installed on - the system, most things can be discovered through the help - pages, or just by pointing and clicking at various menus. - &windows; or &mac; users will feel quite at home. - - The best reference for KDE is - the on-line documentation. KDE - comes with its own web browser, - Konqueror, dozens of useful - applications, and extensive documentation. The remainder of - this section discusses the technical items that are difficult - to learn by random exploration. - - - The KDE Display Manager - KDE display manager - An administrator of a multi-user system may wish to have - a graphical login screen to welcome users. - XDM can be used, as described - earlier. However, KDE includes - an alternative, KDM, which is - designed to look more attractive and include more login-time - options. In particular, users can easily choose (via a - menu) which desktop environment - (KDE, - GNOME, or something else) to run - after logging on. - KDE 4 requires that - &man.procfs.5; be mounted, and this line must be added to + KDE requires the + /proc file system to be mounted. Add + this line to /etc/fstab to mount this + file system automatically during system startup: + + proc /proc procfs rw 0 0 + + The installation of KDE + includes the KDE Display Manager, + KDM. To enable this display + manager, add this line to /etc/rc.conf: kdm4_enable="YES" - + + A second method for launching + KDE is to type + startx from the command line. For this + to work, the following line is needed in + ~/.xinitrc: + + exec /usr/local/kde4/bin/startkde + + A third method for starting + KDE is through + XDM. To do so, create an + executable ~/.xsession as + follows: + + &prompt.user; echo "#!/bin/sh" > ~/.xsession +&prompt.user; echo "/usr/local/kde4/bin/startkde" >> ~/.xsession +&prompt.user; chmod +x ~/.xsession + + Once KDE is started, + refer to its built-in help system for more information on how + to use its various menus and applications. @@ -1384,10 +1316,7 @@ DisplayManager.requestPort: 0XDM is being used, create an .xsession, as described in , but with the - /usr/local/bin/startxfce4 command; or, - configure the display manager to allow choosing a desktop at - login time, as explained in - . + /usr/local/bin/startxfce4. From owner-svn-doc-all@FreeBSD.ORG Fri May 2 17:37:05 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 71B75297; Fri, 2 May 2014 17:37:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5EABA162E; Fri, 2 May 2014 17:37:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s42Hb5b6065210; Fri, 2 May 2014 17:37:05 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s42Hb5FH065209; Fri, 2 May 2014 17:37:05 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405021737.s42Hb5FH065209@svn.freebsd.org> From: Dru Lavigne Date: Fri, 2 May 2014 17:37:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44740 - head/en_US.ISO8859-1/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 May 2014 17:37:05 -0000 Author: dru Date: Fri May 2 17:37:04 2014 New Revision: 44740 URL: http://svnweb.freebsd.org/changeset/doc/44740 Log: Fix missing words. Submitted by: bjk Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Fri May 2 16:57:25 2014 (r44739) +++ head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Fri May 2 17:37:04 2014 (r44740) @@ -1463,7 +1463,7 @@ Script started, output file is /var/tmp/ possible to boot with the newly updated kernel. If kern.securelevel has been raised above 1 and - noschg or have been set on the kernel + noschg or similar flags have been set on the kernel binary, drop the system into single-user mode first. Otherwise, this command can be run from multi-user mode without problems. See &man.init.8; for details about From owner-svn-doc-all@FreeBSD.ORG Fri May 2 17:55:14 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E65CB99B; Fri, 2 May 2014 17:55:14 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C6D5C17CC; Fri, 2 May 2014 17:55:14 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s42HtET7073175; Fri, 2 May 2014 17:55:14 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s42HtERq073174; Fri, 2 May 2014 17:55:14 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405021755.s42HtERq073174@svn.freebsd.org> From: Dru Lavigne Date: Fri, 2 May 2014 17:55:14 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44741 - head/en_US.ISO8859-1/books/handbook/x11 X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 May 2014 17:55:15 -0000 Author: dru Date: Fri May 2 17:55:14 2014 New Revision: 44741 URL: http://svnweb.freebsd.org/changeset/doc/44741 Log: Finish editorial review of Desktop Environments. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/x11/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/x11/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/x11/chapter.xml Fri May 2 17:37:04 2014 (r44740) +++ head/en_US.ISO8859-1/books/handbook/x11/chapter.xml Fri May 2 17:55:14 2014 (r44741) @@ -1077,8 +1077,8 @@ DisplayManager.requestPort: 0Valentino Vaschetto - + Contributed by + @@ -1236,7 +1236,7 @@ DisplayManager.requestPort: 0~/.xsession as follows: - &prompt.user; echo "#!/bin/sh" > ~/.xsession + &prompt.user; echo "#!/bin/sh" > ~/.xsession &prompt.user; echo "/usr/local/kde4/bin/startkde" >> ~/.xsession &prompt.user; chmod +x ~/.xsession @@ -1250,73 +1250,43 @@ DisplayManager.requestPort: 0Xfce is a desktop environment based on the GTK+ toolkit used by - GNOME, but is much more - lightweight and meant for those who want a simple, efficient - desktop which is nevertheless easy to use and configure. - Visually, it looks very much like - CDE, found on commercial &unix; - systems. Some of Xfce's features - are: - - - - A simple, easy-to-handle desktop - - - - Fully configurable via mouse, with drag and drop, - etc. - - - - Main panel similar to - CDE, with menus, applets and - applications launchers - - - - Integrated window manager, file manager, sound - manager, GNOME compliance - module, and more - - - - Themeable (since it uses GTK+) - + GNOME. However, it is more + lightweight and provides a simple, efficient, easy-to-use + desktop. It is fully configurable, has a main panel with menus, applets, and + application launchers, provides a file manager and sound manager, + and is themeable. Since it is fast, light, and efficient, + it is ideal for older or slower machines with memory + limitations. More information on Xfce + can be found at http://www.xfce.org. - - Fast, light and efficient: ideal for older/slower - machines or machines with memory limitations - - - - More information on Xfce - can be found on the Xfce website. - - To install Xfce, type: + To install the Xfce package: &prompt.root; pkg install xfce - Alternatively, to build from source, use the - Ports Collection: + Alternatively, to build the port: &prompt.root; cd /usr/ports/x11-wm/xfce4 &prompt.root; make install clean - Now, tell the X server to launch - Xfce the next time X is started. - Simply type this: + Unlike GNOME or + KDE, + Xfce does not provide its own + login manager. In order to start Xfce + from the command line by typing startx, + first add its entry to + ~/.xinitrc: &prompt.user; echo "/usr/local/bin/startxfce4" > ~/.xinitrc - The next time X is started, - Xfce will be the desktop. As - before, if a display manager like - XDM is being used, create an - .xsession, as described in - , but with the - /usr/local/bin/startxfce4. + An alternate method is to use + XDM. To configure this method, + create an executable + ~/.xsession: + + &prompt.user; echo "#!/bin/sh" > ~/.xsession +&prompt.user; echo "/usr/local/bin/startxfce4" >> ~/.xsession +&prompt.user; chmod +x ~/.xsession From owner-svn-doc-all@FreeBSD.ORG Fri May 2 19:10:09 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 265D9C74; Fri, 2 May 2014 19:10:09 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id ECFFD1FEF; Fri, 2 May 2014 19:10:08 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s42JA8K2005715; Fri, 2 May 2014 19:10:08 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s42JA8aL005714; Fri, 2 May 2014 19:10:08 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405021910.s42JA8aL005714@svn.freebsd.org> From: Dru Lavigne Date: Fri, 2 May 2014 19:10:08 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44742 - head/en_US.ISO8859-1/books/handbook/x11 X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 May 2014 19:10:09 -0000 Author: dru Date: Fri May 2 19:10:08 2014 New Revision: 44742 URL: http://svnweb.freebsd.org/changeset/doc/44742 Log: Editorial review of XDM section. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/x11/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/x11/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/x11/chapter.xml Fri May 2 17:55:14 2014 (r44741) +++ head/en_US.ISO8859-1/books/handbook/x11/chapter.xml Fri May 2 19:10:08 2014 (r44742) @@ -804,91 +804,66 @@ dbus_enable="YES" - - The X Display Manager - - - Overview + X Display Manager - The X Display Manager (XDM) - is an optional part of the X Window System that is used for - login session management. This is useful for several types - of situations, including minimal X Terminals, - desktops, and large network display servers. Since the X - Window System is network and protocol independent, there are - a wide variety of possible configurations for running X - clients and servers on different machines connected by a - network. XDM provides a graphical - interface for choosing which display server to connect to, - and entering authorization information such as a login and + &xorg; provides an X Display + Manager, XDM, which can be used for + login session management. XDM provides a graphical + interface for choosing which display server to connect to + and for entering authorization information such as a login and password combination. - Think of XDM as providing the - same functionality to the user as the &man.getty.8; utility - (see for details). That is, it - performs system logins to the display being connected to and - then runs a session manager on behalf of the user (usually an - X window manager). XDM then waits - for this program to exit, signaling that the user is done and - should be logged out of the display. At this point, - XDM can display the login and - display chooser screens for the next user to login. - + This section demonstrates how to configure the X Display + Manager on &os;. Some desktop environments provide their own + graphical login manager. Refer to for instructions on how to + configure the GNOME Display Manager and for instructions on how to configure + the KDE Display Manager. - Using XDM + Configuring <application>XDM</application> - To start using XDM, install - the x11/xdm port (it is not installed by - default in recent versions of - &xorg;). The - XDM daemon program may then be - found in /usr/local/bin/xdm. This - program can be run at any time as root and it will start - managing the X display on the local machine. If - XDM is to be run every time the - machine boots up, a convenient way to do this is by adding an - entry to /etc/ttys. For more information - about the format and usage of this file, see . There is a line in the default - /etc/ttys file for running the - XDM daemon on a virtual - terminal: + To install XDM, use the + x11/xdm package or port. Once installed, + XDM can be configured to run when the + machine boots up by editing this + entry in /etc/ttys: ttyv8 "/usr/local/bin/xdm -nodaemon" xterm off secure - By default this entry is disabled; in order to enable it - change field 5 from off to - on and restart &man.init.8; using the - directions in . The first field, - the name of the terminal this program will manage, is - ttyv8. This means that - XDM will start running on the 9th + Change the off to + on and save the edit. The + ttyv8 in this entry indicates that + XDM will run on the ninth virtual terminal. - - - - Configuring XDM The XDM configuration directory - is located in /usr/local/lib/X11/xdm. In - this directory there are several files used to change the - behavior and appearance of XDM. - Typically these files will be found: + is located in /usr/local/lib/X11/xdm. + This directory contains several files used to change the + behavior and appearance of XDM, as + well as a few scripts and programs used to set up the desktop + when XDM is running. summarizes the function of + each of these files. The exact syntax and usage of these + files is described in &man.xdm.1;. + + + XDM Configuration Files - @@ -900,29 +875,54 @@ dbus_enable="YES" Xaccess - Client authorization ruleset. + The protocol for connecting to + XDM is called the X Display + Manager Connection Protocol (XDMCP) + This file is a client authorization ruleset for + controlling XDMCP connections from + remote machines. By default, this file does not allow + any remote clients to connect. Xresources - Default X resource values. + This file controls the look and feel of the + XDM display chooser and + login screens. The default configuration is a simple + rectangular login window with the hostname of the + machine displayed at the top in a large font and + Login: and Password: + prompts below. The format of this file is identical + to the app-defaults file described in the + &xorg; + documentation. Xservers - List of remote and local displays to - manage. + The list of local and remote displays the chooser + should provide as login choices. Xsession - Default session script for logins. + Default session script for logins which is run by + XDM after a user has logged + in. Normally each user will have a customized session + script in ~/.xsession that + overrides this script Xsetup_* - Script to launch applications before the login - interface. + Script to automatically launch applications + before displaying the chooser or login interfaces. + There is a script for each display being used, named + Xsetup_*, where + * is the local display number. + Typically these scripts run one or two programs in the + background such as + xconsole. @@ -933,137 +933,47 @@ dbus_enable="YES" xdm-errors - Errors generated by the server program. + Contains errors generated by the server program. + If a display that XDM is + trying to start hangs, look at this file for error + messages. These messages are also written to the + user's ~/.xsession-errors file on + a per-session basis. xdm-pid - The process ID of the currently running - XDM. + The running process ID of + XDM. - - - Also in this directory are a few scripts and programs - used to set up the desktop when XDM - is running. The purpose of each of these files will be - briefly described. The exact syntax and usage of all of these - files is described in &man.xdm.1;. - - The default configuration is a simple rectangular login - window with the hostname of the machine displayed at the top - in a large font and Login: and - Password: prompts below. This is a good - starting point for changing the look and feel of - XDM screens. - - - Xaccess - - The protocol for connecting to - XDM-controlled displays is - called the X Display Manager Connection Protocol (XDMCP). - This file is a ruleset for controlling XDMCP connections - from remote machines. It is ignored unless the - xdm-config is changed to listen for - remote connections. By default, it does not allow any - clients to connect. - - - - Xresources - - This is an application-defaults file for the display - chooser and login screens. In it, the appearance - of the login program can be modified. The format is - identical to the app-defaults file described in the - &xorg; documentation. - - - - Xservers - - This is a list of the remote displays the chooser should - provide as choices. - - - - Xsession - - This is the default session script for - XDM to run after a user has - logged in. Normally each user will have a customized - session script in ~/.xsession that - overrides this script. - - - - Xsetup_* - - These will be run automatically before displaying the - chooser or login interfaces. There is a script for each - display being used, named Xsetup_ - followed by the local display number (for instance - Xsetup_0). Typically these scripts - will run one or two programs in the background such as - xconsole. - - - - xdm-config - - This contains settings in the form of app-defaults - that are applicable to every display that this installation - manages. - - - - xdm-errors - - This contains the output of the X servers that - XDM is trying to run. If a - display that XDM is trying to - start hangs for some reason, this is a good place to look - for error messages. These messages are also written to the - user's ~/.xsession-errors file on a - per-session basis. - +
              - Running a Network Display Server + Configuring Remote Access - In order for other clients to connect to the display - server, you must edit the access control rules and enable - the connection listener. By default these are set to - conservative values. To make XDM - listen for connections, first comment out a line in the - xdm-config file: + By default, only users on the same system can login using + XDM. To enable users on + other systems to connect to the display + server, edit the access control rules and enable + the connection listener. + + To configure XDM to + listen for any remote connection, comment out the + DisplayManager.requestPort line in + /usr/local/lib/X11/xdm/xdm-config by + putting a ! in front of it: ! SECURITY: do not listen for XDMCP or Chooser requests ! Comment out this line if you want to manage X terminals with xdm DisplayManager.requestPort: 0 - and then restart XDM. - Remember that comments in app-defaults files begin with a - ! character, not the usual #. - More strict access controls may be desired — look at the - example entries in Xaccess, and refer to - the &man.xdm.1; manual page for further information. - - - - Replacements for XDM - - Several replacements for the default - XDM program exist. One of them, - KDM (bundled with - KDE) is described later in this - chapter. The KDM display manager - offers many visual improvements and cosmetic frills, as well - as the functionality to allow users to choose their window - manager of choice at login time. + Save the edits and restart XDM. + To restrict remote access, look at the + example entries in /usr/local/lib/X11/xdm/Xaccess and refer to + &man.xdm.1; for further information.               From owner-svn-doc-all@FreeBSD.ORG Fri May 2 19:31:31 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E2A431FF; Fri, 2 May 2014 19:31:31 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CF1FC1203; Fri, 2 May 2014 19:31:31 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s42JVVfX013529; Fri, 2 May 2014 19:31:31 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s42JVV2w013528; Fri, 2 May 2014 19:31:31 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405021931.s42JVV2w013528@svn.freebsd.org> From: Dru Lavigne Date: Fri, 2 May 2014 19:31:31 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44743 - head/en_US.ISO8859-1/books/handbook/x11 X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 May 2014 19:31:32 -0000 Author: dru Date: Fri May 2 19:31:31 2014 New Revision: 44743 URL: http://svnweb.freebsd.org/changeset/doc/44743 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/x11/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/x11/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/x11/chapter.xml Fri May 2 19:10:08 2014 (r44742) +++ head/en_US.ISO8859-1/books/handbook/x11/chapter.xml Fri May 2 19:31:31 2014 (r44743) @@ -550,8 +550,8 @@ dbus_enable="YES" ~/.xsession when logging in through a graphical login manager like XDM). A third way is to use the new - /usr/local/etc/fonts/local.conf file as demonstrated in - . + /usr/local/etc/fonts/local.conf file as + demonstrated in .               @@ -661,8 +661,7 @@ dbus_enable="YES" definition, and then the <fontconfig> tag: - - <?xml version="1.0"?> + <?xml version="1.0"?> <!DOCTYPE fontconfig SYSTEM "fonts.dtd"> <fontconfig> @@ -783,8 +782,7 @@ dbus_enable="YES" dramatic. To enable this, add the line somewhere in the local.conf file: - - <match target="font"> + <match target="font"> <test qual="all" name="rgba"> <const>unknown</const> </test> @@ -818,48 +816,46 @@ dbus_enable="YES" - X Display Manager - &xorg; provides an X Display - Manager, XDM, which can be used for - login session management. XDM provides a graphical - interface for choosing which display server to connect to - and for entering authorization information such as a login and - password combination. - - This section demonstrates how to configure the X Display - Manager on &os;. Some desktop environments provide their own - graphical login manager. Refer to for instructions on how to - configure the GNOME Display Manager and for instructions on how to configure - the KDE Display Manager. + X Display Manager + &xorg; provides an X Display + Manager, XDM, which can be used for + login session management. XDM + provides a graphical interface for choosing which display server + to connect to and for entering authorization information such as + a login and password combination. + + This section demonstrates how to configure the X Display + Manager on &os;. Some desktop environments provide their own + graphical login manager. Refer to for instructions on how to configure + the GNOME Display Manager and for + instructions on how to configure the KDE Display Manager. Configuring <application>XDM</application> To install XDM, use the x11/xdm package or port. Once installed, - XDM can be configured to run when the - machine boots up by editing this - entry in /etc/ttys: + XDM can be configured to run when + the machine boots up by editing this entry in + /etc/ttys: ttyv8 "/usr/local/bin/xdm -nodaemon" xterm off secure - Change the off to - on and save the edit. The - ttyv8 in this entry indicates that - XDM will run on the ninth - virtual terminal. + Change the off to on + and save the edit. The ttyv8 in this entry + indicates that XDM will run on the + ninth virtual terminal. The XDM configuration directory is located in /usr/local/lib/X11/xdm. This directory contains several files used to change the behavior and appearance of XDM, as well as a few scripts and programs used to set up the desktop - when XDM is running. summarizes the function of - each of these files. The exact syntax and usage of these - files is described in &man.xdm.1;. + when XDM is running. summarizes the function of each + of these files. The exact syntax and usage of these files is + described in &man.xdm.1;. XDM Configuration Files @@ -890,7 +886,7 @@ dbus_enable="YES"XDM display chooser and login screens. The default configuration is a simple rectangular login window with the hostname of the - machine displayed at the top in a large font and + machine displayed at the top in a large font and Login: and Password: prompts below. The format of this file is identical to the app-defaults file described in the @@ -955,13 +951,12 @@ dbus_enable="YES"Configuring Remote AccessBy default, only users on the same system can login using - XDM. To enable users on - other systems to connect to the display - server, edit the access control rules and enable - the connection listener. + XDM. To enable users on other + systems to connect to the display server, edit the access + control rules and enable the connection listener. - To configure XDM to - listen for any remote connection, comment out the + To configure XDM to listen for + any remote connection, comment out the DisplayManager.requestPort line in /usr/local/lib/X11/xdm/xdm-config by putting a ! in front of it: @@ -971,9 +966,9 @@ dbus_enable="YES" DisplayManager.requestPort: 0 Save the edits and restart XDM. - To restrict remote access, look at the - example entries in /usr/local/lib/X11/xdm/Xaccess and refer to - &man.xdm.1; for further information. + To restrict remote access, look at the example entries in + /usr/local/lib/X11/xdm/Xaccess and refer + to &man.xdm.1; for further information. @@ -993,9 +988,8 @@ DisplayManager.requestPort: 0 - This section describes how to install three popular - desktop environments on a &os; system. A - desktop environment can range + This section describes how to install three popular desktop + environments on a &os; system. A desktop environment can range from a simple window manager to a complete suite of desktop applications. Over a hundred desktop environments are available in the x11-wm category of the @@ -1004,79 +998,78 @@ DisplayManager.requestPort: 0 GNOME - GNOME - GNOME is a user-friendly - desktop environment. It - includes a panel for starting applications and displaying - status, a desktop, a set of tools and applications, - and a set of conventions that make it easy for applications - to cooperate and be consistent with each other. More information - regarding GNOME on &os; can be - found at GNOME + GNOME is a user-friendly + desktop environment. It includes a panel for starting + applications and displaying status, a desktop, a set of tools + and applications, and a set of conventions that make it easy + for applications to cooperate and be consistent with each + other. More information regarding + GNOME on &os; can be found at http://www.FreeBSD.org/gnome. - That web site contains additional documentation - about installing, configuring, and - managing GNOME on &os;. + That web site contains additional documentation about + installing, configuring, and managing + GNOME on &os;. + + This desktop environment can be installed from a + package: + + &prompt.root; pkg install gnome2 + + To instead build GNOME from + ports, use the following command. + GNOME is a large application and + will take some time to compile, even on a fast + computer. - This desktop environment can be installed from a package: - - &prompt.root; pkg install gnome2 - - To instead build GNOME from - ports, use the following command. - GNOME is a large application - and will take some time to compile, even on a fast - computer. - - &prompt.root; cd /usr/ports/x11/gnome2 + &prompt.root; cd /usr/ports/x11/gnome2 &prompt.root; make install clean - For proper operation, GNOME - requires the /proc file system to be - mounted. Add this line to /etc/fstab to mount - this file system automatically during system - startup: - - proc /proc procfs rw 0 0 - - Once GNOME is installed, - configure &xorg; to start - GNOME. The easiest way to do this - is to enable the GNOME Display Manager, - GDM, - which is installed as part - of the GNOME package or port. - It can be enabled by adding this - line to /etc/rc.conf: - - gdm_enable="YES" - - It is often desirable to also start all - GNOME services. To achieve this, add - a second line to /etc/rc.conf: - - gnome_enable="YES" - - GDM - will now start automatically when the system boots. - - A second method for starting - GNOME is to type startx - from the command-line after configuring - ~/.xinitrc. If this file already exists, - replace the line that starts the current window manager with - one that starts - /usr/local/bin/gnome-session. If - this file does not exist, create it with this command: - - &prompt.user; echo "/usr/local/bin/gnome-session" > ~/.xinitrc - - A third method is to use - XDM as the display manager. In this case, - create an executable - ~/.xsession: + For proper operation, GNOME + requires the /proc file system to be + mounted. Add this line to /etc/fstab to + mount this file system automatically during system + startup: + + proc /proc procfs rw 0 0 + + Once GNOME is installed, + configure &xorg; to start + GNOME. The easiest way to do this + is to enable the GNOME Display Manager, + GDM, which is installed as part of + the GNOME package or port. It can + be enabled by adding this line to + /etc/rc.conf: + + gdm_enable="YES" + + It is often desirable to also start all + GNOME services. To achieve this, + add a second line to + /etc/rc.conf: + + gnome_enable="YES" + + GDM will now start + automatically when the system boots. + + A second method for starting + GNOME is to type + startx from the command-line after + configuring ~/.xinitrc. If this file + already exists, replace the line that starts the current + window manager with one that starts + /usr/local/bin/gnome-session. If this + file does not exist, create it with this command: + + &prompt.user; echo "/usr/local/bin/gnome-session" > ~/.xinitrc + + A third method is to use XDM as + the display manager. In this case, create an executable + ~/.xsession: - &prompt.user; echo "#!/bin/sh" > ~/.xsession + &prompt.user; echo "#!/bin/sh" > ~/.xsession &prompt.user; echo "/usr/local/bin/gnome-session" >> ~/.xsession &prompt.user; chmod +x ~/.xsession @@ -1086,115 +1079,112 @@ DisplayManager.requestPort: 0KDE - KDE is another easy-to-use - desktop environment. This desktop provides a suite of - applications with a consistent look and feel, a standardized - menu and toolbars, keybindings, color-schemes, - internationalization, and a centralized, dialog-driven - desktop configuration. More information on - KDE can be found at - http://www.kde.org/. - For &os;-specific information, consult http://freebsd.kde.org. - - To install the KDE package, - type: - - &prompt.root; pkg install x11/kde4 - - To instead build the KDE - port, use the following command. Installing the port will - provide a menu for selecting which components to - install. KDE is a large application - and will take some time to compile, even on a fast - computer. + KDE is another easy-to-use + desktop environment. This desktop provides a suite of + applications with a consistent look and feel, a standardized + menu and toolbars, keybindings, color-schemes, + internationalization, and a centralized, dialog-driven desktop + configuration. More information on + KDE can be found at http://www.kde.org/. + For &os;-specific information, consult http://freebsd.kde.org. + + To install the KDE package, + type: + + &prompt.root; pkg install x11/kde4 + + To instead build the KDE port, + use the following command. Installing the port will provide a + menu for selecting which components to install. + KDE is a large application and will + take some time to compile, even on a fast computer. - &prompt.root; cd /usr/ports/x11/kde4 + &prompt.root; cd /usr/ports/x11/kde4 &prompt.root; make install clean - - KDE - display manager - + + KDE + display manager + - KDE requires the - /proc file system to be mounted. Add - this line to /etc/fstab to mount this - file system automatically during system startup: - - proc /proc procfs rw 0 0 - - The installation of KDE - includes the KDE Display Manager, - KDM. To enable this display - manager, add this line to - /etc/rc.conf: - - kdm4_enable="YES" - - A second method for launching - KDE is to type - startx from the command line. For this - to work, the following line is needed in - ~/.xinitrc: - - exec /usr/local/kde4/bin/startkde - - A third method for starting - KDE is through - XDM. To do so, create an - executable ~/.xsession as - follows: + KDE requires the + /proc file system to be mounted. Add + this line to /etc/fstab to mount this + file system automatically during system startup: + + proc /proc procfs rw 0 0 + + The installation of KDE + includes the KDE Display Manager, + KDM. To enable this display + manager, add this line to + /etc/rc.conf: + + kdm4_enable="YES" + + A second method for launching + KDE is to type + startx from the command line. For this to + work, the following line is needed in + ~/.xinitrc: + + exec /usr/local/kde4/bin/startkde + + A third method for starting KDE + is through XDM. To do so, create + an executable ~/.xsession as + follows: - &prompt.user; echo "#!/bin/sh" > ~/.xsession + &prompt.user; echo "#!/bin/sh" > ~/.xsession &prompt.user; echo "/usr/local/kde4/bin/startkde" >> ~/.xsession &prompt.user; chmod +x ~/.xsession - Once KDE is started, - refer to its built-in help system for more information on how - to use its various menus and applications. + Once KDE is started, refer to + its built-in help system for more information on how to use + its various menus and applications. Xfce - Xfce is a desktop environment - based on the GTK+ toolkit used by - GNOME. However, it is more - lightweight and provides a simple, efficient, easy-to-use - desktop. It is fully configurable, has a main panel with menus, applets, and - application launchers, provides a file manager and sound manager, - and is themeable. Since it is fast, light, and efficient, - it is ideal for older or slower machines with memory - limitations. More information on Xfce - can be found at http://www.xfce.org. + Xfce is a desktop environment + based on the GTK+ toolkit used by + GNOME. However, it is more + lightweight and provides a simple, efficient, easy-to-use + desktop. It is fully configurable, has a main panel with + menus, applets, and application launchers, provides a file + manager and sound manager, and is themeable. Since it is + fast, light, and efficient, it is ideal for older or slower + machines with memory limitations. More information on + Xfce can be found at http://www.xfce.org. - To install the Xfce package: + To install the Xfce + package: - &prompt.root; pkg install xfce + &prompt.root; pkg install xfce - Alternatively, to build the port: + Alternatively, to build the port: - &prompt.root; cd /usr/ports/x11-wm/xfce4 + &prompt.root; cd /usr/ports/x11-wm/xfce4 &prompt.root; make install clean - Unlike GNOME or - KDE, - Xfce does not provide its own - login manager. In order to start Xfce - from the command line by typing startx, - first add its entry to - ~/.xinitrc: - - &prompt.user; echo "/usr/local/bin/startxfce4" > ~/.xinitrc - - An alternate method is to use - XDM. To configure this method, - create an executable - ~/.xsession: + Unlike GNOME or + KDE, + Xfce does not provide its own login + manager. In order to start Xfce + from the command line by typing startx, + first add its entry to ~/.xinitrc: + + &prompt.user; echo "/usr/local/bin/startxfce4" > ~/.xinitrc + + An alternate method is to use + XDM. To configure this method, + create an executable ~/.xsession: - &prompt.user; echo "#!/bin/sh" > ~/.xsession + &prompt.user; echo "#!/bin/sh" > ~/.xsession &prompt.user; echo "/usr/local/bin/startxfce4" >> ~/.xsession &prompt.user; chmod +x ~/.xsession From owner-svn-doc-all@FreeBSD.ORG Fri May 2 21:00:24 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 06D4D82E; Fri, 2 May 2014 21:00:24 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E81411A46; Fri, 2 May 2014 21:00:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s42L0NbJ050659; Fri, 2 May 2014 21:00:23 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s42L0N6s050657; Fri, 2 May 2014 21:00:23 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201405022100.s42L0N6s050657@svn.freebsd.org> From: Xin LI Date: Fri, 2 May 2014 21:00:23 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44744 - head/en_US.ISO8859-1/htdocs/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 May 2014 21:00:24 -0000 Author: delphij Date: Fri May 2 21:00:23 2014 New Revision: 44744 URL: http://svnweb.freebsd.org/changeset/doc/44744 Log: 8.3-RELEASE is EoL'ed. Modified: head/en_US.ISO8859-1/htdocs/security/security.xml head/en_US.ISO8859-1/htdocs/security/unsupported.xml Modified: head/en_US.ISO8859-1/htdocs/security/security.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/security/security.xml Fri May 2 19:31:31 2014 (r44743) +++ head/en_US.ISO8859-1/htdocs/security/security.xml Fri May 2 21:00:23 2014 (r44744) @@ -80,13 +80,6 @@ - - - - - - - Modified: head/en_US.ISO8859-1/htdocs/security/unsupported.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/security/unsupported.xml Fri May 2 19:31:31 2014 (r44743) +++ head/en_US.ISO8859-1/htdocs/security/unsupported.xml Fri May 2 21:00:23 2014 (r44744) @@ -172,6 +172,13 @@ + + + + + + + From owner-svn-doc-all@FreeBSD.ORG Fri May 2 21:15:41 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7A389DC8; Fri, 2 May 2014 21:15:41 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 665901BC2; Fri, 2 May 2014 21:15:41 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s42LFfeY058733; Fri, 2 May 2014 21:15:41 GMT (envelope-from brueffer@svn.freebsd.org) Received: (from brueffer@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s42LFf3U058732; Fri, 2 May 2014 21:15:41 GMT (envelope-from brueffer@svn.freebsd.org) Message-Id: <201405022115.s42LFf3U058732@svn.freebsd.org> From: Christian Brueffer Date: Fri, 2 May 2014 21:15:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44745 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 May 2014 21:15:41 -0000 Author: brueffer Date: Fri May 2 21:15:40 2014 New Revision: 44745 URL: http://svnweb.freebsd.org/changeset/doc/44745 Log: Add an entity for mpr(4). Modified: head/share/xml/man-refs.ent Modified: head/share/xml/man-refs.ent ============================================================================== --- head/share/xml/man-refs.ent Fri May 2 21:00:23 2014 (r44744) +++ head/share/xml/man-refs.ent Fri May 2 21:15:40 2014 (r44745) @@ -3606,6 +3606,7 @@ mod_cc4"> mouse4"> mpi4"> +mpr4"> mps4"> mpt4"> mse4"> From owner-svn-doc-all@FreeBSD.ORG Sat May 3 09:25:09 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3661A761; Sat, 3 May 2014 09:25:09 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 095E91895; Sat, 3 May 2014 09:25:09 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s439P8au066846; Sat, 3 May 2014 09:25:08 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s439P80R066844; Sat, 3 May 2014 09:25:08 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201405030925.s439P80R066844@svn.freebsd.org> From: Eitan Adler Date: Sat, 3 May 2014 09:25:08 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44746 - in head/en_US.ISO8859-1/htdocs: releases releng X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 May 2014 09:25:09 -0000 Author: eadler Date: Sat May 3 09:25:08 2014 New Revision: 44746 URL: http://svnweb.freebsd.org/changeset/doc/44746 Log: Update the status of 8.3 on /releases/ and /releng/ See also: http://www.freebsd.org/security/unsupported.html and http://www.freebsd.org/security/security.html Reported by: dbn Modified: head/en_US.ISO8859-1/htdocs/releases/index.xml head/en_US.ISO8859-1/htdocs/releng/index.xml Modified: head/en_US.ISO8859-1/htdocs/releases/index.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/index.xml Fri May 2 21:15:40 2014 (r44745) +++ head/en_US.ISO8859-1/htdocs/releases/index.xml Sat May 3 09:25:08 2014 (r44746) @@ -102,17 +102,6 @@ Errata - -
            • 8.3 (April 2012) - - Announcement: - Release Notes: - Installation Instructions: - Hardware Notes: - Readme: - Errata - -
              • @@ -127,6 +116,17 @@ Information page.

                +
              • 8.3 (April 2012) + + Announcement: + Release Notes: + Installation Instructions: + Hardware Notes: + Readme: + Errata + +
                • +
              • 9.0 (January 2012) Announcement: Modified: head/en_US.ISO8859-1/htdocs/releng/index.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/releng/index.xml Fri May 2 21:15:40 2014 (r44745) +++ head/en_US.ISO8859-1/htdocs/releng/index.xml Sat May 3 09:25:08 2014 (r44746) @@ -140,7 +140,7 @@
              - + From owner-svn-doc-all@FreeBSD.ORG Sat May 3 11:12:07 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C9D05E14; Sat, 3 May 2014 11:12:07 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AA83511DF; Sat, 3 May 2014 11:12:07 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s43BC7xS014029; Sat, 3 May 2014 11:12:07 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s43BC7GF014026; Sat, 3 May 2014 11:12:07 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405031112.s43BC7GF014026@svn.freebsd.org> From: Benedict Reuschling Date: Sat, 3 May 2014 11:12:07 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44747 - in head/de_DE.ISO8859-1/books/handbook: advanced-networking jails X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 May 2014 11:12:07 -0000 Author: bcr Date: Sat May 3 11:12:06 2014 New Revision: 44747 URL: http://svnweb.freebsd.org/changeset/doc/44747 Log: Update to r43920: Add some missing author entries. Submitted by: Bjoern Heidotting Obtained from: The FreeBSD German Documentation Project Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml head/de_DE.ISO8859-1/books/handbook/jails/chapter.xml Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Sat May 3 09:25:08 2014 (r44746) +++ head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Sat May 3 11:12:06 2014 (r44747) @@ -5,9 +5,12 @@ $FreeBSD$ $FreeBSDde:$ - basiert auf: r43918 + basiert auf: r43920 --> - + + Weiterfhrende Netzwerkthemen JohannKoisbersetzt von @@ -100,14 +103,20 @@ - Gateways und Routen + + Gateways und Routen + - CoranthGryphonBeigetragen von + + + Coranth + Gryphon + + Beigetragen von + - - Routing @@ -2307,32 +2316,29 @@ wpa_pairwise=CCMP TKIP . Es ist mglich - zu sehen, welche Stationen mit dem AP verbunden sind. - Dazu geben Sie den Befehl - ifconfig wlan0 list sta - ein. - + Der Access Point luft nun, die Clients knnen mit ihm + verbunden werden. Weitere Informationen finden Sie im + . Es ist mglich zu + sehen, welche Stationen mit dem AP verbunden sind. Dazu + geben Sie den Befehl ifconfig wlan0 list + sta ein. + - WEP hostbasierender Access Point + WEP hostbasierender Access Point - Es ist nicht empfehlenswert, einen Access Point mit - WEP zu konfigurieren, da es keine - Authentifikationsmechanismen gibt und WEP leicht zu - knacken ist. Einige ltere WLAN-Karten - untersttzen nur WEP als Sicherheitsprotokoll. Fr - solche Karten ist es notwendig den AP ohne - Authentifikation, Verschlsselung oder mit dem - WEP-Protokoll zu konfigurieren. - - Das Wireless-Gert kann nun in den hostap-Modus - versetzt werden und mit der korrekten SSID und IP-Adresse - konfiguriert werden: + Es ist nicht empfehlenswert, einen Access Point mit + WEP zu konfigurieren, da es keine + Authentifikationsmechanismen gibt und WEP leicht zu + knacken ist. Einige ltere WLAN-Karten untersttzen nur + WEP als Sicherheitsprotokoll. Fr solche Karten ist es + notwendig den AP ohne Authentifikation, Verschlsselung + oder mit dem WEP-Protokoll zu konfigurieren. + + Das Wireless-Gert kann nun in den hostap-Modus + versetzt werden und mit der korrekten SSID und IP-Adresse + konfiguriert werden: &prompt.root; ifconfig wlan0 create wlandev ath0 wlanmode hostap &prompt.root; ifconfig wlan0 inet 192.168.0.1 netmask 255.255.255.0 \ @@ -2518,16 +2524,25 @@ freebsdap 00:11:95:c3:0d:ac 1 - Bluetooth + + Bluetooth + - PavLucistnikBeigetragen von -
              pav@FreeBSD.org
              -               + + + Pav + Lucistnik + + Beigetragen von + +
              + pav@FreeBSD.org +
              +               +               - - Bluetooth @@ -2898,7 +2913,7 @@ hcsecd[16484]: Sending PIN_Code_Reply to Eintrag beschreibt jeweils einen einzigen Serverdienst. Ein Client kann diese Informationen durch eine SDP-Anforderung vom SDP-Server beziehen. Wenn der Client oder eine Anwendung - des Clients einen Dienst nutzen will, muss eine seperate + des Clients einen Dienst nutzen will, muss eine separate Verbindung mit dem Dienstanbieter aufgebaut werden. SDP bietet einen Mechanismus zum Auffinden von Diensten und deren Eigenschaften an, es bietet aber keine Mechanismen zur Verwendung @@ -6124,22 +6139,38 @@ round-trip min/avg/max/stddev = 2.530/2.               - IPv6 – Internet Protocol Version 6 + + IPv6 – Internet Protocol Version 6 + - AaronKaplanBeigetragen von + + + Aaron + Kaplan + + Beigetragen von + - - TomRhodesberarbeitet und erweitert von + + + Tom + Rhodes + + berarbeitet und erweitert von + - - BradDavisErweitert von + + + Brad + Davis + + Erweitert von + - - Bei IPv6 (auch als IPng oder IP next generation bekannt) handelt es sich um die neueste Version des bekannten @@ -6770,14 +6801,26 @@ route_hostD="192.168.173.4 hatm0 0 102 l --> CARP - Common Address Redundancy Protocol + - TomRhodesBeigetragen von - AllanJudeAktualisiert von + + + Tom + Rhodes + + Beigetragen von + + + + + Allan + Jude + + Aktualisiert von + - - CARP Common Address Redundancy Protocol (CARP) Modified: head/de_DE.ISO8859-1/books/handbook/jails/chapter.xml ============================================================================== --- head/de_DE.ISO8859-1/books/handbook/jails/chapter.xml Sat May 3 09:25:08 2014 (r44746) +++ head/de_DE.ISO8859-1/books/handbook/jails/chapter.xml Sat May 3 11:12:06 2014 (r44747) @@ -29,8 +29,8 @@ Dieses Kapitel erklrt, was &os;-Jails sind und wie man sie einsetzt. Jails, manchmal als Ersatz fr chroot-Umgebungen bezeichnet, sind ein sehr - mchtiges Werkzeug fr Systemadministratoren, jedoch kann - deren grundlegende Verwendung auch fr fortgeschrittene Anwender + mchtiges Werkzeug fr Systemadministratoren, jedoch kann deren + grundlegende Verwendung auch fr fortgeschrittene Anwender ntzlich sein. Nachdem Sie dieses Kapitel gelesen haben, werden Sie @@ -65,11 +65,11 @@ Den Mailinglisten und deren Archive. Die Archive der Mailingliste &a.questions; und anderen Mailinglisten, welche - vom &a.mailman.lists; bereitgestellt werden, beinhalten bereits - umfangreiche Informationen zu Jails. Daher ist es sinnvoll, - bei Problemen mit Jails zuerst die Archive der Mailinglisten - zu durchsuchen, bevor Sie eine neue Anfrage auf der - Mailingliste &a.questions.name; stellen. + vom &a.mailman.lists; bereitgestellt werden, beinhalten + bereits umfangreiche Informationen zu Jails. Daher ist es + sinnvoll, bei Problemen mit Jails zuerst die Archive der + Mailinglisten zu durchsuchen, bevor Sie eine neue Anfrage + auf der Mailingliste &a.questions.name; stellen. From owner-svn-doc-all@FreeBSD.ORG Sat May 3 11:36:29 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D1C766BB; Sat, 3 May 2014 11:36:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BE876136E; Sat, 3 May 2014 11:36:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s43BaTVb023067; Sat, 3 May 2014 11:36:29 GMT (envelope-from brueffer@svn.freebsd.org) Received: (from brueffer@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s43BaTkx023066; Sat, 3 May 2014 11:36:29 GMT (envelope-from brueffer@svn.freebsd.org) Message-Id: <201405031136.s43BaTkx023066@svn.freebsd.org> From: Christian Brueffer Date: Sat, 3 May 2014 11:36:29 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44748 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 May 2014 11:36:29 -0000 Author: brueffer Date: Sat May 3 11:36:29 2014 New Revision: 44748 URL: http://svnweb.freebsd.org/changeset/doc/44748 Log: Add rsu(4). Modified: head/share/xml/man-refs.ent Modified: head/share/xml/man-refs.ent ============================================================================== --- head/share/xml/man-refs.ent Sat May 3 11:12:06 2014 (r44747) +++ head/share/xml/man-refs.ent Sat May 3 11:36:29 2014 (r44748) @@ -3748,6 +3748,7 @@ route4"> rp4"> rr232x4"> +rsu4"> rtc4"> rue4"> rum4"> From owner-svn-doc-all@FreeBSD.ORG Sat May 3 15:28:25 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0CA0681F; Sat, 3 May 2014 15:28:25 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id ED8B916FD; Sat, 3 May 2014 15:28:24 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s43FSOjd019407; Sat, 3 May 2014 15:28:24 GMT (envelope-from brueffer@svn.freebsd.org) Received: (from brueffer@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s43FSOZ8019406; Sat, 3 May 2014 15:28:24 GMT (envelope-from brueffer@svn.freebsd.org) Message-Id: <201405031528.s43FSOZ8019406@svn.freebsd.org> From: Christian Brueffer Date: Sat, 3 May 2014 15:28:24 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44749 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 May 2014 15:28:25 -0000 Author: brueffer Date: Sat May 3 15:28:24 2014 New Revision: 44749 URL: http://svnweb.freebsd.org/changeset/doc/44749 Log: Add urtwn(4). Modified: head/share/xml/man-refs.ent Modified: head/share/xml/man-refs.ent ============================================================================== --- head/share/xml/man-refs.ent Sat May 3 11:36:29 2014 (r44748) +++ head/share/xml/man-refs.ent Sat May 3 15:28:24 2014 (r44749) @@ -3908,6 +3908,7 @@ ural4"> urio4"> urtw4"> +urtwn4"> usb4"> uscanner4"> uslcom4"> From owner-svn-doc-all@FreeBSD.ORG Sun May 4 00:59:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4B1821F1; Sun, 4 May 2014 00:59:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 38657190E; Sun, 4 May 2014 00:59:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s440xaj8074493; Sun, 4 May 2014 00:59:36 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s440xaiM074492; Sun, 4 May 2014 00:59:36 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201405040059.s440xaiM074492@svn.freebsd.org> From: Glen Barber Date: Sun, 4 May 2014 00:59:36 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44750 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 May 2014 00:59:36 -0000 Author: gjb Date: Sun May 4 00:59:35 2014 New Revision: 44750 URL: http://svnweb.freebsd.org/changeset/doc/44750 Log: Add full(4). Sponsored by: The FreeBSD Foundation Modified: head/share/xml/man-refs.ent Modified: head/share/xml/man-refs.ent ============================================================================== --- head/share/xml/man-refs.ent Sat May 3 15:28:24 2014 (r44749) +++ head/share/xml/man-refs.ent Sun May 4 00:59:35 2014 (r44750) @@ -3458,6 +3458,7 @@ filemon4"> fla4"> fpa4"> +full4"> fwe4"> fwip4"> fwohci4"> From owner-svn-doc-all@FreeBSD.ORG Sun May 4 08:34:21 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0831CC83; Sun, 4 May 2014 08:34:21 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E982A1CEF; Sun, 4 May 2014 08:34:20 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s448YKau066727; Sun, 4 May 2014 08:34:20 GMT (envelope-from jkois@svn.freebsd.org) Received: (from jkois@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s448YK9h066726; Sun, 4 May 2014 08:34:20 GMT (envelope-from jkois@svn.freebsd.org) Message-Id: <201405040834.s448YK9h066726@svn.freebsd.org> From: Johann Kois Date: Sun, 4 May 2014 08:34:20 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44751 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 May 2014 08:34:21 -0000 Author: jkois Date: Sun May 4 08:34:20 2014 New Revision: 44751 URL: http://svnweb.freebsd.org/changeset/doc/44751 Log: PR: www/188976 Add CoBUG (The Colorado BSD User Group) to the list. Requested by: Aaron Bieber Modified: head/share/xml/usergroups.xml Modified: head/share/xml/usergroups.xml ============================================================================== --- head/share/xml/usergroups.xml Sun May 4 00:59:35 2014 (r44750) +++ head/share/xml/usergroups.xml Sun May 4 08:34:20 2014 (r44751) @@ -595,6 +595,15 @@ The country codes are precise ISO3166 co + + The Colorado BSD Users Group (CoBUG) + http://cobug.org + Created in 2014, CoBUG is a completely open BSD community, + established with the intention of spreading love for the BSDs. + Located in Colorado. + + + Kansas Unix & Linux Users Association (KULUA) http://kulua.org From owner-svn-doc-all@FreeBSD.ORG Sun May 4 09:03:20 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 541F0169; Sun, 4 May 2014 09:03:20 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4117C1076; Sun, 4 May 2014 09:03:20 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4493KCe079293; Sun, 4 May 2014 09:03:20 GMT (envelope-from jkois@svn.freebsd.org) Received: (from jkois@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4493KDs079292; Sun, 4 May 2014 09:03:20 GMT (envelope-from jkois@svn.freebsd.org) Message-Id: <201405040903.s4493KDs079292@svn.freebsd.org> From: Johann Kois Date: Sun, 4 May 2014 09:03:20 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44752 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 May 2014 09:03:20 -0000 Author: jkois Date: Sun May 4 09:03:19 2014 New Revision: 44752 URL: http://svnweb.freebsd.org/changeset/doc/44752 Log: PR: www/188140 Add polarhome.com to the ISP list (they offer shell account access to multiple OSes). Requested by: Zoltan Arpadffy Modified: head/share/xml/commercial.isp.xml Modified: head/share/xml/commercial.isp.xml ============================================================================== --- head/share/xml/commercial.isp.xml Sun May 4 08:34:20 2014 (r44751) +++ head/share/xml/commercial.isp.xml Sun May 4 09:03:19 2014 (r44752) @@ -436,6 +436,20 @@ + + polarhome.com + http://www.polarhome.com/ + polarhome.com is a non commercial, educational effort + for popularization of shell enabled operating systems and internet + services, offering shell accounts, development environment, mail + and other online services on all available systems (currently on + different flavours of Linux, OpenVMS, Solaris, OpenIndiana, AIX, + QNX, IRIX, HP-UX, Tru64, SCO OpenServer, UnixWare, FreeBSD, + OpenBSD, NetBSD, DragonFly/BSD, MirBSD, Ultrix, Minix, GNU Hurd + and OPENSTEP). + + + MultaCom Corporation http://www.multacom.com/ From owner-svn-doc-all@FreeBSD.ORG Sun May 4 15:28:38 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9CB38BEC; Sun, 4 May 2014 15:28:38 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 718341DD2; Sun, 4 May 2014 15:28:38 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s44FSc8S040110; Sun, 4 May 2014 15:28:38 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s44FSckd040106; Sun, 4 May 2014 15:28:38 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405041528.s44FSckd040106@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sun, 4 May 2014 15:28:38 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44753 - head/ja_JP.eucJP/htdocs/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 May 2014 15:28:38 -0000 Author: ryusuke Date: Sun May 4 15:28:37 2014 New Revision: 44753 URL: http://svnweb.freebsd.org/changeset/doc/44753 Log: - Merge the following from the English version: r43705 -> r44744 head/ja_JP.eucJP/htdocs/security/security.xml r44161 -> r44744 head/ja_JP.eucJP/htdocs/security/unsupported.xml Modified: head/ja_JP.eucJP/htdocs/security/security.xml head/ja_JP.eucJP/htdocs/security/unsupported.xml Modified: head/ja_JP.eucJP/htdocs/security/security.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/security/security.xml Sun May 4 09:03:19 2014 (r44752) +++ head/ja_JP.eucJP/htdocs/security/security.xml Sun May 4 15:28:37 2014 (r44753) @@ -6,7 +6,7 @@ ]> - + @@ -79,13 +79,6 @@               - - - - - - - Modified: head/ja_JP.eucJP/htdocs/security/unsupported.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/security/unsupported.xml Sun May 4 09:03:19 2014 (r44752) +++ head/ja_JP.eucJP/htdocs/security/unsupported.xml Sun May 4 15:28:37 2014 (r44753) @@ -5,7 +5,7 @@ ]> - + @@ -174,6 +174,13 @@ + + + + + + + From owner-svn-doc-all@FreeBSD.ORG Sun May 4 15:32:16 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 40478F2C; Sun, 4 May 2014 15:32:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 153501FB0; Sun, 4 May 2014 15:32:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s44FWFAi043952; Sun, 4 May 2014 15:32:15 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s44FWFN5043951; Sun, 4 May 2014 15:32:15 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405041532.s44FWFN5043951@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sun, 4 May 2014 15:32:15 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44754 - head/ja_JP.eucJP/htdocs/releases X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 May 2014 15:32:16 -0000 Author: ryusuke Date: Sun May 4 15:32:15 2014 New Revision: 44754 URL: http://svnweb.freebsd.org/changeset/doc/44754 Log: - Merge the following from the English version: r43583 -> r44746 head/ja_JP.eucJP/htdocs/releases/index.xml Modified: head/ja_JP.eucJP/htdocs/releases/index.xml Modified: head/ja_JP.eucJP/htdocs/releases/index.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/releases/index.xml Sun May 4 15:28:37 2014 (r44753) +++ head/ja_JP.eucJP/htdocs/releases/index.xml Sun May 4 15:32:15 2014 (r44754) @@ -5,7 +5,7 @@ ]> - + @@ -102,17 +102,6 @@ Errata (正誤表) - -
            • 8.3 (2012 年 4 月) - - アナウンス: - リリースノート: - インストールガイド: - ハードウェアノート - README: - Errata (正誤表) - -
              • @@ -125,6 +114,17 @@ にまとめられています。

                +
              • 8.3 (2012 年 4 月) + + アナウンス: + リリースノート: + インストールガイド: + ハードウェアノート + README: + Errata (正誤表) + +
                • +
              • 9.0 (2012 年 1 月) アナウンス: From owner-svn-doc-all@FreeBSD.ORG Sun May 4 19:29:54 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E3537D02; Sun, 4 May 2014 19:29:54 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CFF9716ED; Sun, 4 May 2014 19:29:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s44JTsUc041897; Sun, 4 May 2014 19:29:54 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s44JTsfs041896; Sun, 4 May 2014 19:29:54 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405041929.s44JTsfs041896@svn.freebsd.org> From: Benedict Reuschling Date: Sun, 4 May 2014 19:29:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44755 - head/en_US.ISO8859-1/books/faq X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 May 2014 19:29:55 -0000 Author: bcr Date: Sun May 4 19:29:54 2014 New Revision: 44755 URL: http://svnweb.freebsd.org/changeset/doc/44755 Log: Update ZFS TRIM section to reflect that support was added to STABLE branches as well. Provide the revision numbers from the PR. PR: 189072 Submitted by: xmj Modified: head/en_US.ISO8859-1/books/faq/book.xml Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Sun May 4 15:32:15 2014 (r44754) +++ head/en_US.ISO8859-1/books/faq/book.xml Sun May 4 19:29:54 2014 (r44755) @@ -3733,8 +3733,9 @@ C:\="DOS" ZFS TRIM support was added to &os; 10-CURRENT with revision r240868. ZFS TRIM - support is not yet available on the -STABLE - branches. + support was added to all &os;-STABLE branches in + r252162 and + r251419, respectively. ZFS TRIM is enabled by default, and can be turned off by adding this line to From owner-svn-doc-all@FreeBSD.ORG Sun May 4 19:59:39 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 497A7F19; Sun, 4 May 2014 19:59:39 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3618C18E3; Sun, 4 May 2014 19:59:39 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s44Jxdix054322; Sun, 4 May 2014 19:59:39 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s44Jxd7d054321; Sun, 4 May 2014 19:59:39 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405041959.s44Jxd7d054321@svn.freebsd.org> From: Benedict Reuschling Date: Sun, 4 May 2014 19:59:39 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44756 - head/en_US.ISO8859-1/books/handbook/ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 May 2014 19:59:39 -0000 Author: bcr Date: Sun May 4 19:59:38 2014 New Revision: 44756 URL: http://svnweb.freebsd.org/changeset/doc/44756 Log: Add a section on how to search for ports using pkg search. I've updated the submitted patch slightly by wrapping the version numbers of the resulting ports in the example in s so that people know that they might have a different output as time goes by. I also rephrased a paragraph so that it does not start with a tag. PR: 187351 Submitted by: Allan Jude Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/ports/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Sun May 4 19:29:54 2014 (r44755) +++ head/en_US.ISO8859-1/books/handbook/ports/chapter.xml Sun May 4 19:59:38 2014 (r44756) @@ -202,7 +202,9 @@ for security issues related to the application or install ports-mgmt/portaudit. Once installed, type portaudit -F -a to check all installed - applications for known vulnerabilities. + applications for known vulnerabilities. If you are using + pkg, the audit functionality is + built in. Simply run: pkg audit -F. The remainder of this chapter explains how to use packages @@ -249,6 +251,61 @@ + + pkg + search + + + To search the binary package + repository for an application: + + &prompt.root; pkg search subversion +git-subversion-1.9.2 +java-subversion-1.8.8_2 +p5-subversion-1.8.8_2 +py27-hgsubversion-1.6 +py27-subversion-1.8.8_2 +ruby-subversion-1.8.8_2 +subversion-1.8.8_2 +subversion-book-4515 +subversion-static-1.8.8_2 +subversion16-1.6.23_4 +subversion17-1.7.16_2 + + Package names include the version number and in case of + ports based on python, the version number of the version of + python the package was built with. Some ports also have + multiple versions available. In case of + subversion there are different + versions available, as well as different compile options. + In this case, the staticly linked version of + subversion. When indicating + which package to install, it is best to specify the + application by the port origin, which is the path in the + ports tree. Repeat the pkg search with + to list the origin of each + package: + + &prompt.root; pkg search -o subversion +devel/git-subversion +java/java-subversion +devel/p5-subversion +devel/py-hgsubversion +devel/py-subversion +devel/ruby-subversion +devel/subversion16 +devel/subversion17 +devel/subversion +devel/subversion-book +devel/subversion-static + + Searching by shell globs, regular expressions, exact + match, by description, or any other field in the repository + database is also supported by pkg search. + See &man.pkg-search.8; for more details. + + + If the Ports Collection is already installed, there are several methods to query the local version of the ports tree. To find out which category a port is in, type From owner-svn-doc-all@FreeBSD.ORG Sun May 4 22:50:47 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6B68B8DD; Sun, 4 May 2014 22:50:47 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 26C2D181C; Sun, 4 May 2014 22:33:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s44MXrja068577; Sun, 4 May 2014 22:33:53 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s44MXrn5068576; Sun, 4 May 2014 22:33:53 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201405042233.s44MXrn5068576@svn.freebsd.org> From: Warren Block Date: Sun, 4 May 2014 22:33:53 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44757 - head/en_US.ISO8859-1/books/handbook/printing X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 May 2014 22:50:47 -0000 Author: wblock Date: Sun May 4 22:33:53 2014 New Revision: 44757 URL: http://svnweb.freebsd.org/changeset/doc/44757 Log: Add the -dBATCH parameter to the Ghostscript filter. Modified: head/en_US.ISO8859-1/books/handbook/printing/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/printing/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/printing/chapter.xml Sun May 4 19:59:38 2014 (r44756) +++ head/en_US.ISO8859-1/books/handbook/printing/chapter.xml Sun May 4 22:33:53 2014 (r44757) @@ -748,7 +748,7 @@ CR=`/usr/bin/printf "\r"` with these contents: #!/bin/sh -/usr/local/bin/gs -dSAFER -dNOPAUSE -q -sDEVICE=ljet4 -sOutputFile=- - +/usr/local/bin/gs -dSAFER -dNOPAUSE -dBATCH -q -sDEVICE=ljet4 -sOutputFile=- - Set the permissions and make it executable: From owner-svn-doc-all@FreeBSD.ORG Mon May 5 11:29:15 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5181CE56; Mon, 5 May 2014 11:29:15 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3D23711FE; Mon, 5 May 2014 11:29:15 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s45BTFuX045865; Mon, 5 May 2014 11:29:15 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s45BTFqw045864; Mon, 5 May 2014 11:29:15 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201405051129.s45BTFqw045864@svn.freebsd.org> From: Glen Barber Date: Mon, 5 May 2014 11:29:15 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44758 - head/en_US.ISO8859-1/htdocs/internal X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 May 2014 11:29:15 -0000 Author: gjb Date: Mon May 5 11:29:14 2014 New Revision: 44758 URL: http://svnweb.freebsd.org/changeset/doc/44758 Log: Disconnect statistic.xml from the build. The page is horribly outdated, and two of the internal links return 404 for data that likely will not be returning anytime soon. Submitted by: erwin Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/internal/Makefile Modified: head/en_US.ISO8859-1/htdocs/internal/Makefile ============================================================================== --- head/en_US.ISO8859-1/htdocs/internal/Makefile Sun May 4 22:33:53 2014 (r44757) +++ head/en_US.ISO8859-1/htdocs/internal/Makefile Mon May 5 11:29:14 2014 (r44758) @@ -27,7 +27,6 @@ DOCS+= proposing-committers.xml DOCS+= releng.xml DOCS+= resources.xml DOCS+= software-license.xml -DOCS+= statistic.xml DOCS+= working-with-hats.xml INDEXLINK= internal.html From owner-svn-doc-all@FreeBSD.ORG Mon May 5 11:36:40 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 72B85399; Mon, 5 May 2014 11:36:40 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4742012CC; Mon, 5 May 2014 11:36:40 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s45BaepH050028; Mon, 5 May 2014 11:36:40 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s45BaerD050027; Mon, 5 May 2014 11:36:40 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201405051136.s45BaerD050027@svn.freebsd.org> From: Glen Barber Date: Mon, 5 May 2014 11:36:40 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44759 - head/en_US.ISO8859-1/htdocs/internal X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 May 2014 11:36:40 -0000 Author: gjb Date: Mon May 5 11:36:39 2014 New Revision: 44759 URL: http://svnweb.freebsd.org/changeset/doc/44759 Log: Remove statistic.xml in followup to r44758. Sponsored by: The FreeBSD Foundation Deleted: head/en_US.ISO8859-1/htdocs/internal/statistic.xml From owner-svn-doc-all@FreeBSD.ORG Mon May 5 13:22:26 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8110F357; Mon, 5 May 2014 13:22:26 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6DCF31CA4; Mon, 5 May 2014 13:22:26 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s45DMQ5l097444; Mon, 5 May 2014 13:22:26 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s45DMQWI097443; Mon, 5 May 2014 13:22:26 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405051322.s45DMQWI097443@svn.freebsd.org> From: Dru Lavigne Date: Mon, 5 May 2014 13:22:26 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44760 - head/en_US.ISO8859-1/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 May 2014 13:22:26 -0000 Author: dru Date: Mon May 5 13:22:25 2014 New Revision: 44760 URL: http://svnweb.freebsd.org/changeset/doc/44760 Log: Add new retailer. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Mon May 5 11:36:39 2014 (r44759) +++ head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Mon May 5 13:22:25 2014 (r44760) @@ -30,6 +30,18 @@ +
                Getlinux + 78 Rue de la Croix Rochopt + pinay-sous-Snart + 91860 + France + Email: contact@getlinux.fr + WWW: http://www.getlinux.fr/ +
                +                 + +
                Dr. Hinner EDV Kochelseestr. 11 D-81371 München From owner-svn-doc-all@FreeBSD.ORG Mon May 5 15:48:08 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3D23D7B0; Mon, 5 May 2014 15:48:08 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 291F11B6F; Mon, 5 May 2014 15:48:08 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s45Fm80J061052; Mon, 5 May 2014 15:48:08 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s45Fm8P4061050; Mon, 5 May 2014 15:48:08 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405051548.s45Fm8P4061050@svn.freebsd.org> From: Dru Lavigne Date: Mon, 5 May 2014 15:48:08 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44761 - head/en_US.ISO8859-1/books/handbook/config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 May 2014 15:48:08 -0000 Author: dru Date: Mon May 5 15:48:07 2014 New Revision: 44761 URL: http://svnweb.freebsd.org/changeset/doc/44761 Log: Editorial review of cron section. This probably belongs in Basics chapter. Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/config/chapter.xml Mon May 5 13:22:25 2014 (r44760) +++ head/en_US.ISO8859-1/books/handbook/config/chapter.xml Mon May 5 15:48:07 2014 (r44761) @@ -232,53 +232,41 @@ run_rc_command "$1" configuration - One of the most useful utilities in &os; is &man.cron.8;. + One of the most useful utilities in &os; is cron. This utility runs in the background and regularly checks /etc/crontab for tasks to execute and searches /var/cron/tabs for custom - &man.crontab.5; files. These files store information about - specific functions which &man.cron.8; is supposed to perform at - certain times. - - Two different types of configuration files are used by - &man.cron.8;: the system crontab and user - crontabs. These formats only differ in the - sixth field and later. In the system - crontab, &man.cron.8; runs the command as - the user specified in the sixth field. In a user - crontab, all commands run as the user who - created the crontab, so the sixth field is - the last field; this is an important security feature. The - final field is always the command to run. + crontab files. These files are used to schedule + tasks which cron runs at the + specified times. Each entry in a crontab defines a task to run + and is known as a cron job. + + Two different types of configuration files are used: + the system crontab, which should not be modified, and user + crontabs, which can be created and edited as needed. The format + used by these files is documented in &man.crontab.5;. The + format of the system crontab, /etc/crontab + includes a who column which does not exist in + user crontabs. In the system crontab, + cron runs the command as + the user specified in this column. In a user + crontab, all commands run as the user who + created the crontab. + + User crontabs allow + individual users to schedule their own tasks. The root user + can also have a user crontab which can be + used to schedule tasks that do not exist in the system + crontab. - - User crontabs allow individual users to schedule tasks - without the need for - root privileges. - Commands in a user's crontab run with the permissions of the - user who owns the crontab. - - The root user - can have a user crontab just like any - other user. The - root user - crontab is separate from the system - crontab, - /etc/crontab. Because the system - crontab invokes the specified commands as - root, there is - usually no need to create a user crontab - for root. - - - Here is a sample entry from + Here is a sample entry from the system crontab, /etc/crontab: # /etc/crontab - root's crontab for FreeBSD # # $FreeBSD$ # -# SHELL=/bin/sh PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin # @@ -288,7 +276,7 @@ PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin - Like most &os; configuration files, lines that begin + Lines that begin with the # character are comments. A comment can be placed in the file as a reminder of what and why a desired action is performed. Comments cannot be on @@ -302,91 +290,101 @@ PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin define any environment settings. In this example, it is used to define the SHELL and PATH. If the SHELL is - omitted, &man.cron.8; will use the default of &man.sh.1;. - If the PATH is omitted, no default will be - used and file locations will need to be absolute. + omitted, cron will use the default Bourne shell. + If the PATH is omitted, the full path must be given to the + command or script to run. - This line defines a total of seven fields: + This line defines the seven fields used in a system crontab: minute, hour, mday, month, wday, who, and command. - These are almost all self explanatory. - minute is the time in minutes when the - specified command will be run. hour is - the hour when the specified command will be run. - mday stands for day of the month and - month designates the month. The - wday option stands for day of the week. + The + minute field is the time in minutes when the + specified command will be run, the hour is + the hour when the specified command will be run, the + mday is the day of the month, + month is the month, and + wday is the day of the week. These fields must be numeric values, representing the twenty-four hour clock, or a *, representing all values for that field. The who field only exists in the system - crontab. This field specifies which user the command + crontab and specifies which user the command should be run as. The last field is the command to be executed. - This last line defines the values discussed above. - This example has a */5 listing,followed - by several more * characters. These - * characters mean - first-last, and can be interpreted as - every time. In this example, - &man.atrun.8; is invoked by + This entry defines the values for this cron job. + The */5, followed + by several more * characters, specifies that + /usr/libexec/atrun is invoked by root every five - minutes, regardless of the day or month. + minutes of every hour, of every day and day of the week, of + every month. - Commands can have any number of flags passed to them; - however, commands which extend to multiple lines need to be + Commands can include any number of switches. + However, commands which extend to multiple lines need to be broken with the backslash \ continuation character. - This is the basic setup for every &man.crontab.5;. - However, field number six, which specifies the username, only - exists in the system &man.crontab.5;. This field should be - omitted for individual user &man.crontab.5; files. - - Installing a Crontab + Creating a User Crontab - - Do not use the procedure described here to edit and - install the system crontab, - /etc/crontab. Instead, use an editor - and &man.cron.8; will notice that the file has changed and - immediately begin using the updated version. See this - FAQ entry for more information. - + To create a user crontab, invoke + crontab in editor mode: - To install a freshly written user &man.crontab.5;, use - an editor to create and save a file in the proper format. - Then, specify the file name with &man.crontab.1;: - - &prompt.user; crontab crontab-file - - In this example, crontab-file is the - filename of a &man.crontab.5; that was previously - created. - - To list installed &man.crontab.5; files, pass - to &man.crontab.1;. - - Users who wish to begin their own - crontab file from scratch, without the - use of a template, can use crontab -e. - This will invoke the default editor with an empty file. When - this file is saved, it will be automatically installed by - &man.crontab.1;. + &prompt.user; crontab -e - In order to remove a user &man.crontab.5; completely, - use crontab -r. + This will open the user's crontab using the default text + editor. The first time a user runs this command, it will open + an empty file. Once a user creates a crontab, this command + will open that file for editing. + + It is useful to add these lines to the top of the crontab + file in order to set the environment variables and to remember + the meanings of the fields in the crontab: + + SHELL=/bin/sh +PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin +# Order of crontab fields +# minute hour mday month wday command + + Then add a line for each command or script to run, + specifying the time to run the command. This example runs the + specified custom Bourne shell script every day at two in the + afternoon. Since the path to the script is not specified in + PATH, the full path to the script is + given: + + 0 14 * * * /usr/home/dru/bin/mycustomscript.sh + + + Before using a custom script, make sure it is executable + and test that it works as intended from the command line. + This is especially important if the script includes any + commands that deletes files using wildcards. + + + When finished editing the crontab, save the file. It + will automatically be installed and + cron will read the crontab and run + its cron jobs at their specified times. To list the cron jobs + in a crontab, use this command: + + &prompt.user; crontab -l +0 14 * * * /usr/home/dru/bin/mycustomscript.sh + + To remove all of the cron jobs in a user crontab: + + &prompt.user; crontab -l +remove crontab for dru? y + From owner-svn-doc-all@FreeBSD.ORG Mon May 5 16:03:31 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 433C3CEE; Mon, 5 May 2014 16:03:31 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2ED101D81; Mon, 5 May 2014 16:03:31 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s45G3VCa069275; Mon, 5 May 2014 16:03:31 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s45G3VOG069274; Mon, 5 May 2014 16:03:31 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405051603.s45G3VOG069274@svn.freebsd.org> From: Dru Lavigne Date: Mon, 5 May 2014 16:03:31 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44762 - head/en_US.ISO8859-1/books/handbook/virtualization X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 May 2014 16:03:31 -0000 Author: dru Date: Mon May 5 16:03:30 2014 New Revision: 44762 URL: http://svnweb.freebsd.org/changeset/doc/44762 Log: Add section on bhyve to Virtualization chapter in prep for closing PR189216. Editorial review to follow. Submitted by: Allan Jude Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/virtualization/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/virtualization/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/virtualization/chapter.xml Mon May 5 15:48:07 2014 (r44761) +++ head/en_US.ISO8859-1/books/handbook/virtualization/chapter.xml Mon May 5 16:03:30 2014 (r44762) @@ -20,6 +20,16 @@ Contributed by + + + + + Allan + Jude + + bhyve section by + + @@ -1110,8 +1120,8 @@ EndSection - - &os; as a Host + + &os; as a Host with <application>VirtualBox</application> &virtualbox; is an actively developed, complete virtualization package, that is available @@ -1273,7 +1283,310 @@ perm pass* 0660 &prompt.root; service devfs restart + + + + &os; as a Host with + <application>bhyve</application> + + Starting with &os; 10.0-RELEASE the BSD licensed hypervisor + bhyve is part of the base system. + bhyve supports a number of guests + including &os;, OpenBSD, and many flavors of &linux;. + bhyve currently only supports a + serial console and does not emulate a graphical console. + bhyve is a legacy-free hypervisor, + meaning that instead of translating instructions, and manually + managing memory mappings, it relies on the virtualization + offload features of newer CPUs. + bhyve also avoids emulating + compatible hardware for the guest, and instead relies on the + paravirtualization drivers, called + VirtIO. + + Due to the design of bhyve, it is + only possible to use bhyve on + computers with newer processors that support &intel; + EPT (Extended Page Tables) or &amd; + RVI (Rapid Virtualization Indexing, also know + as NPT or Nested Page Tables). Most newer + processors, specifically the &intel; &core; i3/i5/i7 and + &intel; &xeon; E3/E5/E7 support this feature, for a + complete list of &intel; processors that support + EPT see the &intel; + ARK. RVI is found on the 3rd + generation and later of the &amd.opteron; (Barcelona) + processors. The easiest way to check for support of + EPT or RVI on a system is + to look for the POPCNT processor feature flag + on the Features2 line in + dmesg or + /var/run/dmesg.boot. + + + Preparing the Host + + The first step to creating a virtual machine in + bhyve is configuring the host + system. Load the bhyve kernel + module called vmm. Create a tap + interface for the network device in the virtual machine to + attach to. Optionally create a bridge interface and add the + tap interface as well as the physical + interface as members to allow the virtual machine to have + access to the network. + + &prompt.root; kldload vmm +&prompt.root; kldload nmdm +&prompt.root; ifconfig tap0 create +&prompt.root; sysctl net.link.tap.up_on_open=1 +net.link.tap.up_on_open: 0 -> 1 +&prompt.root; ifconfig bridge0 create +&prompt.root; ifconfig bridge0 addm igb0 addm tap0 +&prompt.root; ifconfig bridge0 up + + + + + Creating a FreeBSD Guest + + Create a file to use as the virtual disk for the guest + machine. + + &prompt.root; truncate -s 16G guest.img + + Download an installation image of &os; to install: + + &prompt.root; fetch ftp://ftp.freebsd.org/pub/FreeBSD/ISO-IMAGES-amd64/10.0/FreeBSD-10.0-RELEASE-amd64-bootonly.iso +FreeBSD-10.0-RELEASE-amd64-bootonly.iso 100% of 209 MB 570 kBps 06m17s + + &os; comes with an example script for running a virtual + machine in bhyve. The script will + start the virtual machine and run it in a loop, so it will + automatically restart if it crashes. The script takes a + number of options to control the configuration of the machine. + controls the number of virtual CPUs. + limits the amount of memory available to + the guest. defines which + tap device to use. + indicates which disk image to use. tells + bhyve to boot from the CD image + instead of the disk, and defines which CD + image to use. Finally the last parameter is the name of the + virtual machine, used to track the running machines. Start + the virtual machine in installation mode: + + &prompt.root; sh /usr/share/examples/bhyve/vmrun.sh -c 4 -m 1024M -t tap0 -d guest.img -i -I FreeBSD-10.0-RELEASE-amd64-bootonly.iso guestname + + The system will boot and start the installer. After + installing a system in the virtual machine, when the system + asks about dropping in to a shell at the end of the + installation, choose Yes. A small + change needs to be made to make the system start with a serial + console. Edit /etc/ttys and replace the + existing console line with: + + console "/usr/libexec/getty std.9600" xterm on secure + + Reboot the virtual machine. Rebooting the virtual machine + causes bhyve to exit. However the + vmrun.sh script runs + bhyve in a loop and will automatically + restart it. When this happens, choose the reboot option from + the boot loader menu, and this will escape the loop. Now the + guest can be started from the virtual disk: + + &prompt.root; sh /usr/share/examples/bhyve/vmrun.sh -c 4 -m 1024M -t tap0 -d guest.img guestname + + + + Creating a &linux; Guest + + bhyve requires + sysutils/grub2-bhyve in order to boot + operating systems other than &os;. + + Create a file to use as the virtual disk for the guest + machine. + + &prompt.root; truncate -s 16G linux.img + + Starting a virtual machine with + bhyve is a two step process. First + a kernel must be loaded, then the guest can be started. + sysutils/grub2-bhyve is used to load the + &linux; kernel. Create a device.map that + grub will use to map the virtual + devices to the files on the host system: + + (hd0) ./linux.img +(cd0) ./somelinux.iso + + Use sysutils/grub2-bhyve to load the + &linux; kernel from the ISO image: + + &prompt.root; grub-bhyve -m device.map -r cd0 -M 1024M linuxguest + + This will start grub. If the installation CD contains a + grub.cfg then a menu will be displayed. + If not, the vmlinuz and + initrd files must be located and loaded + manually: + + grub> ls +(hd0) (cd0) (cd0,msdos1) (host) +grub> ls (cd0)/isolinux +boot.cat boot.msg grub.conf initrd.img isolinux.bin isolinux.cfg memtest +splash.jpg TRANS.TBL vesamenu.c32 vmlinuz +grub> linux (cd0)/isolinux/vmlinuz +grub> initrd (cd0)/isolinux/initrd.img +grub> boot + + Now that the &linux; kernel is loaded, the guest can be + started: + + &prompt.root; bhyve -AI -H -P \ +-s 0:0,hostbridge \ +-s 1:0,lpc \ +-s 2:0,virtio-net,tap1 \ +-s 3:0,virtio-blk,./linux.img \ +-s 4:0,ahci-cd,./somelinux.iso \ +-l com1,stdio \ +-c 4 -m 1024M linuxguest + + The system will boot and start the installer. After + installing a system in the virtual machine, reboot the virtual + machine. This will cause bhyve to + exit. The instance of the virtual machine needs to be + destroyed before it can be started again: + + &prompt.root; bhyvectl --destroy --vm=linuxguest + + Now the guest can be started directly from the virtual + disk. Load the kernel: + + &prompt.root; grub-bhyve -m device.map -r hd0,msdos1 -M 1024M linuxguest +grub> ls +(hd0) (hd0,msdos2) (hd0,msdos1) (cd0) (cd0,msdos1) (host) +(lvm/VolGroup-lv_swap) (lvm/VolGroup-lv_root) +grub> ls (hd0,msdos1)/ +lost+found/ grub/ efi/ System.map-2.6.32-431.el6.x86_64 config-2.6.32-431.el6.x +86_64 symvers-2.6.32-431.el6.x86_64.gz vmlinuz-2.6.32-431.el6.x86_64 +initramfs-2.6.32-431.el6.x86_64.img +grub> linux (hd0,msdos1)/vmlinuz-2.6.32-431.el6.x86_64 root=/dev/mapper/VolGroup-lv_root +grub> initrd (hd0,msdos1)/initramfs-2.6.32-431.el6.x86_64.img +grub> boot + + Boot the virtual machine: + + &prompt.root; bhyve -AI -H -P \ +-s 0:0,hostbridge \ +-s 1:0,lpc \ +-s 2:0,virtio-net,tap1 \ +-s 3:0,virtio-blk,./linux.img \ +-l com1,stdio \ +-c 4 -m 1024M linuxguest + + &linux; will now boot in the virtual machine and + eventually present you with the login prompt. Login and use + the virtual machine. When you are finished, reboot the + virtual machine to exit bhyve. + Destroy the virtual machine instance: + + &prompt.root; bhyvectl --destroy --vm=linuxguest + + + + Virtual Machines Consoles + + It is advantageous to wrap the + bhyve console in a session + management tool such as sysutils/tmux or + sysutils/screen in order to detach and + reattach to the console. It is also possible to have the + console of bhyve be a null modem + device that can be accessed with cu. Load + the nmdm kernel module, and replace + with + . The + /dev/nmdm devices are created + automatically as needed, each is a pair, + /dev/nmdm1A and + /dev/nmdm1B corresponding to the two ends + of the null modem cable. See &man.nmdm.4; for more + information. + + &prompt.root; bhyve -AI -H -P \ +-s 0:0,hostbridge \ +-s 1:0,lpc \ +-s 2:0,virtio-net,tap1 \ +-s 3:0,virtio-blk,./linux.img \ +-l com1,/dev/nmdm0A \ +-c 4 -m 1024M linuxguest +&prompt.root; cu -l /dev/nmdm0B -s 9600 +Connected + +Ubuntu 13.10 handbook ttyS0 + +handbook login: + + + + Managing Virtual Machines + + A device node is created in /dev/vmm for each virtual + machine. This allows the administrator to easily see a list + of the running virtual machines: + + &prompt.root; ls -al /dev/vmm +total 1 +dr-xr-xr-x 2 root wheel 512 Mar 17 12:19 ./ +dr-xr-xr-x 14 root wheel 512 Mar 17 06:38 ../ +crw------- 1 root wheel 0x1a2 Mar 17 12:20 guestname +crw------- 1 root wheel 0x19f Mar 17 12:19 linuxguest +crw------- 1 root wheel 0x1a1 Mar 17 12:19 otherguest + + Virtual machines can be destroyed using + bhyvectl: + + &prompt.root; bhyvectl --destroy --vm=guestname + + + + Persistent Configuration + + In order to make the system able to start + bhyve guests at boot time, the + following configurations must be made in the specified + files: + + + + <filename>/etc/sysctl.conf</filename> + + net.link.tap.up_on_open=1 + + + + <filename>/boot/loader.conf</filename> + + vmm_load="YES" +nmdm_load="YES" +if_bridge_load="YES" +if_tap_load="YES" + + + + <filename>/etc/rc.conf</filename> + + cloned_interfaces="bridge0 tap0" +ifconfig_bridge0="addm igb0 addm tap0" + + + @@ -37,7 +37,8 @@ FreeBSD の 仮想コンソール の使い方 - &unix; のファイルの許可属性の仕組み + &unix; のファイルの許可属性の仕組みと + &os; のファイルフラグについて &os; のファイルシステムの構成 @@ -594,6 +595,60 @@ total 530 属性を足したり取り除いたりするというものではありません。 --> + + + + &os; のファイルフラグ + + + + Tom + Rhodes + + 寄稿: + + + + + 先ほど説明したファイルの許可属性に加え、 + &os; では ファイルフラグ を使えます。 + これはファイルにセキュリティや管理上の属性を追加するものですが、 + ディレクトリには追加しません。 + + これらのファイルフラグはファイルに管理上の属性を追加し、 + root + ユーザでさえ誤ってファイルを消去、変更してしまうことを防ぎます。 + + ファイルフラグは、&man.chflags.1; + を使って、簡単なインタフェースで設定できます。 + 例えば、file1 + というファイルにシステムレベルで消去不可のフラグを設定するには、 + 以下のコマンドを実行してください。 + + &prompt.root; chflags sunlink file1 + + また、消去不可のフラグを削除するには、 + 以下のように先ほどのコマンドの の前に + no をつけるだけです。 + + &prompt.root; chflags nosunlink file1 + + ファイルにどのフラグが設定されているのかを見るには、&man.ls.1; + を オプションと一緒に使ってください。 + + &prompt.root; ls -lo file1 + + + 出力は以下のようになります。 + + -rw-r--r-- 1 trhodes trhodes sunlnk 0 Mar 1 05:54 file1 + + いくつかのフラグの追加、削除は + root ユーザしかできません。 + 他のフラグは、ファイルの所有者が変更できます。 + システム管理者は &man.chflags.1; と &man.chflags.2; から、 + より詳細な情報を得ることをおすすめします。 + From owner-svn-doc-all@FreeBSD.ORG Tue May 6 13:38:07 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1CF3FC48; Tue, 6 May 2014 13:38:07 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0A2D9EE8; Tue, 6 May 2014 13:38:07 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s46Dc6tW017384; Tue, 6 May 2014 13:38:06 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s46Dc6RO017383; Tue, 6 May 2014 13:38:06 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405061338.s46Dc6RO017383@svn.freebsd.org> From: Dru Lavigne Date: Tue, 6 May 2014 13:38:06 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44769 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2014 13:38:07 -0000 Author: dru Date: Tue May 6 13:38:06 2014 New Revision: 44769 URL: http://svnweb.freebsd.org/changeset/doc/44769 Log: Fix incorrect package name. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Tue May 6 12:14:13 2014 (r44768) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Tue May 6 13:38:06 2014 (r44769) @@ -925,7 +925,7 @@ scsibus1: Duplicating an Audio <acronym>CD</acronym> - The sysutils/cdrecord package or + The sysutils/cdrtools package or port installs cdda2wav. This command can be used to extract all of the audio tracks, with each track written to a separate WAV file in From owner-svn-doc-all@FreeBSD.ORG Tue May 6 14:18:28 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 97854E80; Tue, 6 May 2014 14:18:28 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 840DA6D1; Tue, 6 May 2014 14:18:28 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s46EISjh036097; Tue, 6 May 2014 14:18:28 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s46EISgd036096; Tue, 6 May 2014 14:18:28 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405061418.s46EISgd036096@svn.freebsd.org> From: Dru Lavigne Date: Tue, 6 May 2014 14:18:28 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44770 - head/en_US.ISO8859-1/books/handbook/config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2014 14:18:28 -0000 Author: dru Date: Tue May 6 14:18:28 2014 New Revision: 44770 URL: http://svnweb.freebsd.org/changeset/doc/44770 Log: Editorial review of Swap Space section. This really belongs in the Storage chapter and should have a reference for ZFS swap. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/config/chapter.xml Tue May 6 13:38:06 2014 (r44769) +++ head/en_US.ISO8859-1/books/handbook/config/chapter.xml Tue May 6 14:18:28 2014 (r44770) @@ -2703,9 +2703,9 @@ kern.maxvnodes: 100000 Adding Swap Space - Sometimes a system requires more swap space. There are - three ways to increase swap space: add a new hard drive, - enable swap over NFS, or create a swap file + Sometimes a system requires more swap space. This section + describes two methods to increase swap space: adding swap to an + existing partition or new hard drive, and creating a swap file on an existing partition. For information on how to encrypt swap space, which options @@ -2713,16 +2713,16 @@ kern.maxvnodes: 100000 . - Swap on a New or Existing Hard Drive + Swap on a New Hard Drive or Existing Partition Adding a new hard drive for swap gives better performance - than adding a partition on an existing drive. Setting up + than using a partition on an existing drive. Setting up partitions and hard drives is explained in while discusses partition layouts and swap partition size considerations. - Use &man.swapon.8; to add a swap partition to the system. + Use swapon to add a swap partition to the system. For example: &prompt.root; swapon /dev/ada1s1b @@ -2730,10 +2730,10 @@ kern.maxvnodes: 100000 It is possible to use any partition not currently mounted, even if it already contains data. Using - &man.swapon.8; on a partition that contains data will + swapon on a partition that contains data will overwrite and destroy that data. Make sure that the partition to be added as swap is really the intended - partition before running &man.swapon.8;. + partition before running swapon. To automatically add this swap partition on boot, add an @@ -2742,34 +2742,26 @@ kern.maxvnodes: 100000 /dev/ada1s1b none swap sw 0 0 See &man.fstab.5; for an explanation of the entries in - /etc/fstab. - - - - Swapping over <literal>NFS</literal> - - Swapping over NFS is only recommended - when there is no local hard disk to swap to. - NFS swapping will be limited by the - available network bandwidth and puts an additional burden - on &man.nfsd.8;. + /etc/fstab. More information about + swapon can be found in + &man.swapon.8;. - Swapfiles + Creating a Swap File - To create a swap file, specify its size. The following + To instead create a swap file, specify its size. The following example creates a 64MB file named /usr/swap0. - Creating a Swapfile on &os; + Creating a Swap File on &os; The GENERIC kernel already - includes the memory disk driver (&man.md.4;) required - for this operation. When building a custom kernel, + includes the required memory disk driver. + When building a custom kernel, make sure to include the following line in the custom configuration file: @@ -2780,31 +2772,33 @@ kern.maxvnodes: 100000 - First, create the swapfile + Create the swap file, /usr/swap0: - &prompt.root; dd if=/dev/zero of=/usr/swap0 bs=1024k count=64 + &prompt.root; dd if=/dev/zero of=/usr/swap0 bs=1024k count=64 Then, set proper permissions on /usr/swap0: - &prompt.root; chmod 0600 /usr/swap0 + &prompt.root; chmod 0600 /usr/swap0 Enable the swap file in /etc/rc.conf: - swapfile="/usr/swap0" # Set to name of swapfile if aux swapfile desired. + swapfile="/usr/swap0" # Set to name of swap file - Reboot the machine or, to enable the swap file - immediately, type: + To enable the swap file + immediately, specify a free memory device. Refer to + for more information + about memory devices. - &prompt.root; mdconfig -a -t vnode -f /usr/swap0 -u 0 && swapon /dev/md0 + &prompt.root; mdconfig -a -t vnode -f /usr/swap0 -u 0 && swapon /dev/md0 From owner-svn-doc-all@FreeBSD.ORG Tue May 6 14:34:24 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 43865507; Tue, 6 May 2014 14:34:24 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3069F9C1; Tue, 6 May 2014 14:34:24 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s46EYOLN046522; Tue, 6 May 2014 14:34:24 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s46EYOlH046521; Tue, 6 May 2014 14:34:24 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405061434.s46EYOlH046521@svn.freebsd.org> From: Dru Lavigne Date: Tue, 6 May 2014 14:34:24 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44771 - head/en_US.ISO8859-1/books/handbook/config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2014 14:34:24 -0000 Author: dru Date: Tue May 6 14:34:23 2014 New Revision: 44771 URL: http://svnweb.freebsd.org/changeset/doc/44771 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/config/chapter.xml Tue May 6 14:18:28 2014 (r44770) +++ head/en_US.ISO8859-1/books/handbook/config/chapter.xml Tue May 6 14:34:23 2014 (r44771) @@ -2709,29 +2709,29 @@ kern.maxvnodes: 100000 on an existing partition. For information on how to encrypt swap space, which options - exist, and why it should be done, refer to - . + exist, and why it should be done, refer to . Swap on a New Hard Drive or Existing Partition Adding a new hard drive for swap gives better performance than using a partition on an existing drive. Setting up - partitions and hard drives is explained in - while - discusses partition - layouts and swap partition size considerations. + partitions and hard drives is explained in while discusses partition layouts + and swap partition size considerations. - Use swapon to add a swap partition to the system. - For example: + Use swapon to add a swap partition to + the system. For example: &prompt.root; swapon /dev/ada1s1b It is possible to use any partition not currently mounted, even if it already contains data. Using - swapon on a partition that contains data will - overwrite and destroy that data. Make sure that the + swapon on a partition that contains data + will overwrite and destroy that data. Make sure that the partition to be added as swap is really the intended partition before running swapon. @@ -2750,8 +2750,8 @@ kern.maxvnodes: 100000 Creating a Swap File - To instead create a swap file, specify its size. The following - example creates a 64MB file named + To instead create a swap file, specify its size. The + following example creates a 64MB file named /usr/swap0. @@ -2760,10 +2760,9 @@ kern.maxvnodes: 100000 The GENERIC kernel already - includes the required memory disk driver. - When building a custom kernel, - make sure to include the following line in the custom - configuration file: + includes the required memory disk driver. When building + a custom kernel, make sure to include the following line + in the custom configuration file: device md @@ -2793,10 +2792,9 @@ kern.maxvnodes: 100000 - To enable the swap file - immediately, specify a free memory device. Refer to - for more information - about memory devices. + To enable the swap file immediately, specify a free + memory device. Refer to + for more information about memory devices. &prompt.root; mdconfig -a -t vnode -f /usr/swap0 -u 0 && swapon /dev/md0 From owner-svn-doc-all@FreeBSD.ORG Tue May 6 15:23:20 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6BE30FFC; Tue, 6 May 2014 15:23:20 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4C86CE2D; Tue, 6 May 2014 15:23:20 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s46FNKmN071596; Tue, 6 May 2014 15:23:20 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s46FNKns071595; Tue, 6 May 2014 15:23:20 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405061523.s46FNKns071595@svn.freebsd.org> From: Dru Lavigne Date: Tue, 6 May 2014 15:23:20 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44772 - head/en_US.ISO8859-1/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2014 15:23:20 -0000 Author: dru Date: Tue May 6 15:23:19 2014 New Revision: 44772 URL: http://svnweb.freebsd.org/changeset/doc/44772 Log: Editorial review of Applying Security Patches and Major/Minor Version sections. Clarify the portmaster switch used to disable config screens, in prep for closing PR147946. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Tue May 6 14:34:23 2014 (r44771) +++ head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Tue May 6 15:23:19 2014 (r44772) @@ -275,47 +275,58 @@ MergeChanges /etc/ /var/named/etc/ /boot - Security Patches + Applying Security Patches + + The process of applying &os; security patches has been + simplified, allowing an administrator to keep a system fully + patched using freebsd-update. More + information about &os; security advisories can be found in + . &os; security patches may be downloaded and installed - using the following command: + using the following commands. The first command will + determine if any outstanding patches are available, and if so, + will list the files that will be modifed if the patches are + applied. The second command will apply the patches. &prompt.root; freebsd-update fetch &prompt.root; freebsd-update install - If the update applied any kernel patches, the system will + If the update applies any kernel patches, the system will need a reboot in order to boot into the patched kernel. - Otherwise, the system should be patched and - freebsd-update may be run as a nightly - &man.cron.8; job by adding this entry to + If the patch was applied to any running binaries, the affected + applications should be restarted so that the patched version + of the binary is used. + + The system can be configured to automatically check for + updates once every day by adding this entry to /etc/crontab: @daily root freebsd-update cron - This entry states that freebsd-update - will run once every day. When run with , - freebsd-update will only check if updates - exist. If patches exist, they will automatically be - downloaded to the local disk but will not be applied. The + If patches exist, they will automatically be + downloaded but will not be applied. The root user will be - sent an email so that they may be reviewed and manually - installed. + sent an email so that the patches may be reviewed and manually + installed with + freebsd-update install. If anything goes wrong, freebsd-update has the ability to roll back the last set of changes with the following command: - &prompt.root; freebsd-update rollback + &prompt.root; freebsd-update rollback +Uninstalling updates... done. - Once complete, the system should be restarted if the - kernel or any kernel modules were modified. This will allow - &os; to load the new binaries into memory. + Again, the system should be restarted if the + kernel or any kernel modules were modified and any affected + binaries should be restarted. Only the GENERIC kernel can be automatically updated by freebsd-update. If a custom kernel is installed, it will have to be rebuilt and reinstalled after freebsd-update - finishes installing the rest of the updates. However, + finishes installing the updates. However, freebsd-update will detect and update the GENERIC kernel if /boot/GENERIC exists, @@ -326,7 +337,7 @@ MergeChanges /etc/ /var/named/etc/ /boot It is a good idea to always keep a copy of the GENERIC kernel in /boot/GENERIC. It - will be helpful in diagnosing a variety of problems, and in + will be helpful in diagnosing a variety of problems and in performing version upgrades using freebsd-update as described in . @@ -339,23 +350,21 @@ MergeChanges /etc/ /var/named/etc/ /boot Rebuilding and reinstalling a new custom kernel can then be performed in the usual way. - The updates distributed by freebsd-update do not always involve the kernel. It is not necessary to rebuild a custom kernel if - the kernel sources have not been modified by the execution - of freebsd-update install. + the kernel sources have not been modified by + freebsd-update install. However, freebsd-update will always update /usr/src/sys/conf/newvers.sh. The current patch level, as indicated by the -p number reported by uname -r, is obtained from this file. Rebuilding a custom kernel, even if nothing else changed, - allows &man.uname.1; to accurately report the current + allows uname to accurately report the current patch level of the system. This is particularly helpful when maintaining multiple systems, as it allows for a quick assessment of the updates installed in each one. - @@ -369,23 +378,22 @@ MergeChanges /etc/ /var/named/etc/ /boot Major version upgrades occur when &os; is upgraded from one major version to another, like from - &os; 8.X to &os; 9.X. Major version upgrades remove - old object files and libraries which will break most third - party applications. It is recommended that all installed - ports either be removed and re-installed or upgraded after a - major version upgrade using a utility such as + &os; 9.X to &os; 10.X. Major versions use different + Application Binary Interfaces (ABIs), which + which will break most third-party + applications. After a + major version upgrade, all installed packages and + ports need to be upgraded using a utility such as ports-mgmt/portmaster. A - brute-force rebuild of all installed applications can be + rebuild of all installed applications can be accomplished with this command: &prompt.root; portmaster -af - This will ensure everything will be re-installed - correctly. Note that setting the - BATCH environment variable to - yes will answer yes to - any prompts during this process, removing the need for - manual intervention during the build process. + This command will display the configuration screens for + each application that has configurable options and wait for the user to interact with those + screens. To prevent this behavior, and use only the default + options, include in the above command. Dealing with Custom Kernels From owner-svn-doc-all@FreeBSD.ORG Tue May 6 15:46:15 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A1DA8DA6; Tue, 6 May 2014 15:46:15 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8F296B3; Tue, 6 May 2014 15:46:15 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s46FkFlJ081284; Tue, 6 May 2014 15:46:15 GMT (envelope-from sbruno@svn.freebsd.org) Received: (from sbruno@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s46FkFwg081283; Tue, 6 May 2014 15:46:15 GMT (envelope-from sbruno@svn.freebsd.org) Message-Id: <201405061546.s46FkFwg081283@svn.freebsd.org> From: Sean Bruno Date: Tue, 6 May 2014 15:46:15 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44773 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2014 15:46:15 -0000 Author: sbruno (src committer) Date: Tue May 6 15:46:15 2014 New Revision: 44773 URL: http://svnweb.freebsd.org/changeset/doc/44773 Log: Update and refresh my current public key Modified: head/share/pgpkeys/sbruno.key Modified: head/share/pgpkeys/sbruno.key ============================================================================== --- head/share/pgpkeys/sbruno.key Tue May 6 15:23:19 2014 (r44772) +++ head/share/pgpkeys/sbruno.key Tue May 6 15:46:15 2014 (r44773) @@ -1,42 +1,43 @@ -sub 2048R/BCC23981 2012-10-15 +pub 2048R/1201EFCA1E727E64 2014-05-06 [expires: 2017-05-05] + Key fingerprint = BAAD 4632 E712 1DE8 D209 97DD 1201 EFCA 1E72 7E64 +uid Sean Bruno (FreeBSD Committer and Clusteradm) +sub 2048R/E1703D6B0E4E4A20 2014-05-06 [expires: 2017-05-05] + ]]> From owner-svn-doc-all@FreeBSD.ORG Tue May 6 16:47:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 395B4E46; Tue, 6 May 2014 16:47:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1A1B3917; Tue, 6 May 2014 16:47:13 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s46GlCn5011141; Tue, 6 May 2014 16:47:12 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s46GlCqU011140; Tue, 6 May 2014 16:47:12 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405061647.s46GlCqU011140@svn.freebsd.org> From: Dru Lavigne Date: Tue, 6 May 2014 16:47:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44774 - head/en_US.ISO8859-1/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2014 16:47:13 -0000 Author: dru Date: Tue May 6 16:47:12 2014 New Revision: 44774 URL: http://svnweb.freebsd.org/changeset/doc/44774 Log: Some shuffling to remove redundancy in Upgrade Major/Minor sections. Put 9.x instructions before 8.x instructions. More commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Tue May 6 15:46:15 2014 (r44773) +++ head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Tue May 6 16:47:12 2014 (r44774) @@ -368,154 +368,18 @@ Uninstalling updates... done. - Major and Minor Version Upgrades + Performing Major and Minor Version Upgrades Upgrades from one minor version of &os; to another, like from &os; 9.0 to &os; 9.1, are called - minor version upgrades. Generally, - installed applications will continue to work without problems - after minor version upgrades. - - Major version upgrades occur when + minor version upgrades. + Major version upgrades occur when &os; is upgraded from one major version to another, like from - &os; 9.X to &os; 10.X. Major versions use different - Application Binary Interfaces (ABIs), which - which will break most third-party - applications. After a - major version upgrade, all installed packages and - ports need to be upgraded using a utility such as - ports-mgmt/portmaster. A - rebuild of all installed applications can be - accomplished with this command: - - &prompt.root; portmaster -af - - This command will display the configuration screens for - each application that has configurable options and wait for the user to interact with those - screens. To prevent this behavior, and use only the default - options, include in the above command. - - - Dealing with Custom Kernels - - If a custom kernel is in use, the upgrade process is - slightly more involved, and the procedure varies depending - on the version of &os;. - - - Custom Kernels with &os; 8.X - - A copy of the GENERIC kernel is - needed, and should be placed in - /boot/GENERIC. If the - GENERIC kernel is not present in the - system, it may be obtained using one of the following - methods: - - - - If a custom kernel has only been built once, the - kernel in /boot/kernel.old is - actually GENERIC. Rename this - directory to - /boot/GENERIC. - - - - Assuming physical access to the machine is - possible, a copy of the GENERIC - kernel can be installed from the installation media - using the following commands: - - &prompt.root; mount /cdrom -&prompt.root; cd /cdrom/X.Y-RELEASE/kernels -&prompt.root; ./install.sh GENERIC - - Replace X.Y-RELEASE - with the actual version of the release being used. - The GENERIC kernel will be - installed in /boot/GENERIC by - default. - - - - Failing all the above, the - GENERIC kernel may be rebuilt and - installed from source: - - &prompt.root; cd /usr/src -&prompt.root; env DESTDIR=/boot/GENERIC make kernel __MAKE_CONF=/dev/null SRCCONF=/dev/null -&prompt.root; mv /boot/GENERIC/boot/kernel/* /boot/GENERIC -&prompt.root; rm -rf /boot/GENERIC/boot - - For this kernel to be picked up as - GENERIC by - freebsd-update, the - GENERIC configuration file must - not have been modified in any way. It is also - suggested that it is built without any other special - options. - - - - Rebooting to the GENERIC kernel - is not required at this stage. - - - - Custom Kernels with &os; 9.X and Later - - - - If a custom kernel has only been built once, the - kernel in /boot/kernel.old is - actually the GENERIC kernel. - Rename this directory to - /boot/kernel. - - - - If physical access to the machine is available, a - copy of the GENERIC kernel can be - installed from the installation media using these - commands: - - &prompt.root; mount /cdrom -&prompt.root; cd /cdrom/usr/freebsd-dist -&prompt.root; tar -C/ -xvf kernel.txz boot/kernel/kernel - - - - If the options above cannot be used, the - GENERIC kernel may be rebuilt and - installed from source: - - &prompt.root; cd /usr/src -&prompt.root; make kernel __MAKE_CONF=/dev/null SRCCONF=/dev/null - - For this kernel to be identified as the - GENERIC kernel by - freebsd-update, the - GENERIC configuration file must - not have been modified in any way. It is also - suggested that the kernel is built without any other - special options. - - - - Rebooting to the GENERIC kernel - is not required at this stage. - - - - - Performing the Upgrade - - Major and minor version upgrades may be performed by - providing freebsd-update with a release - version target. The following command will update to - &os; 9.1: + &os; 9.X to &os; 10.X. Both types of upgrades can + be performed by providing freebsd-update + with a release version target. The following command, when + run on a &os; 9.0 system, will upgrade it to + &os; 9.1: &prompt.root; freebsd-update -r 9.1-RELEASE upgrade @@ -541,7 +405,7 @@ The following components of FreeBSD do n kernel/generic world/catpages world/dict world/doc world/games world/proflibs -Does this look reasonable (y/n)? y +Does this look reasonable (y/n)? y At this point, freebsd-update will attempt to download all files required for the upgrade. In @@ -628,19 +492,142 @@ before running "/usr/sbin/freebsd-update were bumped, there may only be two install phases instead of three. + + The upgrade is now complete. If this was a major + version upgrade, reinstall all ports and packages as + described in . + If the system uses a custom kernel, refer to either or for + instructions on how to upgrade the custom kernel. + + + Custom Kernels with &os; 9.X and Later + + + + If a custom kernel has only been built once, the + kernel in /boot/kernel.old is + actually the GENERIC kernel. + Rename this directory to + /boot/kernel. + + + + If physical access to the machine is available, a + copy of the GENERIC kernel can be + installed from the installation media using these + commands: + + &prompt.root; mount /cdrom +&prompt.root; cd /cdrom/usr/freebsd-dist +&prompt.root; tar -C/ -xvf kernel.txz boot/kernel/kernel + + + + If the options above cannot be used, the + GENERIC kernel may be rebuilt and + installed from source: + + &prompt.root; cd /usr/src +&prompt.root; make kernel __MAKE_CONF=/dev/null SRCCONF=/dev/null + + For this kernel to be identified as the + GENERIC kernel by + freebsd-update, the + GENERIC configuration file must + not have been modified in any way. It is also + suggested that the kernel is built without any other + special options. + + + + Rebooting to the GENERIC kernel + is not required at this stage. + + Custom Kernels with &os; 8.X + + A copy of the GENERIC kernel is + needed, and should be placed in + /boot/GENERIC. If the + GENERIC kernel is not present in the + system, it may be obtained using one of the following + methods: + + + + If a custom kernel has only been built once, the + kernel in /boot/kernel.old is + actually GENERIC. Rename this + directory to + /boot/GENERIC. + + + + Assuming physical access to the machine is + possible, a copy of the GENERIC + kernel can be installed from the installation media + using the following commands: + + &prompt.root; mount /cdrom +&prompt.root; cd /cdrom/X.Y-RELEASE/kernels +&prompt.root; ./install.sh GENERIC + + Replace X.Y-RELEASE + with the actual version of the release being used. + The GENERIC kernel will be + installed in /boot/GENERIC by + default. + + + + Failing all the above, the + GENERIC kernel may be rebuilt and + installed from source: + + &prompt.root; cd /usr/src +&prompt.root; env DESTDIR=/boot/GENERIC make kernel __MAKE_CONF=/dev/null SRCCONF=/dev/null +&prompt.root; mv /boot/GENERIC/boot/kernel/* /boot/GENERIC +&prompt.root; rm -rf /boot/GENERIC/boot + + For this kernel to be picked up as + GENERIC by + freebsd-update, the + GENERIC configuration file must + not have been modified in any way. It is also + suggested that it is built without any other special + options. + + + + Rebooting to the GENERIC kernel + is not required at this stage. + + Rebuilding Ports After a Major Version Upgrade - After a major version upgrade, all third party software - needs to be rebuilt and re-installed. This is required as - installed software may depend on libraries which have been - removed during the upgrade process. This process can be - automated using - ports-mgmt/portmaster: + Generally, + installed applications will continue to work without problems + after minor version upgrades. Major versions use different + Application Binary Interfaces (ABIs), which + which will break most third-party + applications. After a + major version upgrade, all installed packages and + ports need to be upgraded using a utility such as + ports-mgmt/portmaster. A + rebuild of all installed applications can be + accomplished with this command: + + &prompt.root; portmaster -af - &prompt.root; portmaster -af + This command will display the configuration screens for + each application that has configurable options and wait for the user to interact with those + screens. To prevent this behavior, and use only the default + options, include in the above command. Once this has completed, finish the upgrade process with a final call to freebsd-update in order From owner-svn-doc-all@FreeBSD.ORG Tue May 6 17:43:53 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B8DDED59; Tue, 6 May 2014 17:43:53 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 99537E61; Tue, 6 May 2014 17:43:53 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s46HhrU3038784; Tue, 6 May 2014 17:43:53 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s46HhrK3038783; Tue, 6 May 2014 17:43:53 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405061743.s46HhrK3038783@svn.freebsd.org> From: Dru Lavigne Date: Tue, 6 May 2014 17:43:53 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44775 - head/en_US.ISO8859-1/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2014 17:43:53 -0000 Author: dru Date: Tue May 6 17:43:53 2014 New Revision: 44775 URL: http://svnweb.freebsd.org/changeset/doc/44775 Log: Finish editorial review of FreeBSD Update chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Tue May 6 16:47:12 2014 (r44774) +++ head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Tue May 6 17:43:53 2014 (r44775) @@ -334,13 +334,15 @@ Uninstalling updates... done. system. - It is a good idea to always keep a copy of the + Always keep a copy of the GENERIC kernel in /boot/GENERIC. It will be helpful in diagnosing a variety of problems and in - performing version upgrades using - freebsd-update as described in - . + performing version upgrades. Refer to either or for + instructions on how to get a copy of the + GENERIC kernel. Unless the default configuration in @@ -377,7 +379,20 @@ Uninstalling updates... done. &os; is upgraded from one major version to another, like from &os; 9.X to &os; 10.X. Both types of upgrades can be performed by providing freebsd-update - with a release version target. The following command, when + with a release version target. + + + If the system is running a custom kernel, make sure that + a copy of the GENERIC kernel exists in + /boot/GENERIC before starting the + upgrade. Refer to either or for + instructions on how to get a copy of the + GENERIC kernel. + + + The following command, when run on a &os; 9.0 system, will upgrade it to &os; 9.1: @@ -450,8 +465,8 @@ before running "/usr/sbin/freebsd-update - The kernel and kernel modules will be patched first. At - this point, the machine must be rebooted. If the system is + The kernel and kernel modules will be patched first. If + the system is running with a custom kernel, use &man.nextboot.8; to set the kernel for the next boot to the updated /boot/GENERIC: @@ -480,9 +495,10 @@ before running "/usr/sbin/freebsd-update Once the system has come back online, restart freebsd-update using the following - command. The state of the process has been saved and thus, + command. Since the state of the process has been saved, freebsd-update will not start from the - beginning, but will remove all old shared libraries and + beginning, but will instead move on to the next phase and + remove all old shared libraries and object files. &prompt.root; freebsd-update install @@ -495,37 +511,34 @@ before running "/usr/sbin/freebsd-update The upgrade is now complete. If this was a major version upgrade, reinstall all ports and packages as - described in . - If the system uses a custom kernel, refer to either or for - instructions on how to upgrade the custom kernel. + described in . Custom Kernels with &os; 9.X and Later - - - If a custom kernel has only been built once, the + Before using freebsd-update, ensure + that a copy of the GENERIC kernel + exists in /boot/GENERIC. If a custom + kernel has only been built once, the kernel in /boot/kernel.old is - actually the GENERIC kernel. - Rename this directory to + the GENERIC kernel. + Simply rename this directory to /boot/kernel. - - - If physical access to the machine is available, a + If a custom kernel has been built more than once + or if it is unknown how many times the custom kernel + has been built, obtain a copy of the + GENERIC kernel that matches the + current version of the operating system. If physical + access to the system is available, a copy of the GENERIC kernel can be - installed from the installation media using these - commands: + installed from the installation media: &prompt.root; mount /cdrom &prompt.root; cd /cdrom/usr/freebsd-dist &prompt.root; tar -C/ -xvf kernel.txz boot/kernel/kernel - - - If the options above cannot be used, the + Alternately, the GENERIC kernel may be rebuilt and installed from source: @@ -539,33 +552,19 @@ before running "/usr/sbin/freebsd-update not have been modified in any way. It is also suggested that the kernel is built without any other special options. - - - Rebooting to the GENERIC kernel - is not required at this stage. + Rebooting into the GENERIC kernel + is not required as freebsd-update only + needs /boot/GENERIC to exist. Custom Kernels with &os; 8.X - A copy of the GENERIC kernel is - needed, and should be placed in - /boot/GENERIC. If the - GENERIC kernel is not present in the - system, it may be obtained using one of the following - methods: - - - - If a custom kernel has only been built once, the - kernel in /boot/kernel.old is - actually GENERIC. Rename this - directory to - /boot/GENERIC. - + On an &os; 8.X system, the instructions for + obtaining or building a + GENERIC kernel differ slightly. - Assuming physical access to the machine is possible, a copy of the GENERIC kernel can be installed from the installation media @@ -577,16 +576,13 @@ before running "/usr/sbin/freebsd-update Replace X.Y-RELEASE - with the actual version of the release being used. + with the version of the release being used. The GENERIC kernel will be installed in /boot/GENERIC by default. - - - Failing all the above, the - GENERIC kernel may be rebuilt and - installed from source: + To instead build the + GENERIC kernel from source: &prompt.root; cd /usr/src &prompt.root; env DESTDIR=/boot/GENERIC make kernel __MAKE_CONF=/dev/null SRCCONF=/dev/null @@ -600,11 +596,9 @@ before running "/usr/sbin/freebsd-update not have been modified in any way. It is also suggested that it is built without any other special options. - - - Rebooting to the GENERIC kernel - is not required at this stage. + Rebooting into the GENERIC kernel + is not required. @@ -629,7 +623,7 @@ before running "/usr/sbin/freebsd-update screens. To prevent this behavior, and use only the default options, include in the above command. - Once this has completed, finish the upgrade process with + Once the software upgrades are complete, finish the upgrade process with a final call to freebsd-update in order to tie up all the loose ends in the upgrade process: @@ -637,43 +631,49 @@ before running "/usr/sbin/freebsd-update If the GENERIC kernel was temporarily used, this is the time to build and install a - new custom kernel in the usual way. + new custom kernel using the instructions in . - Reboot the machine into the new &os; version. The - process is complete. + Reboot the machine into the new &os; version. The upgrade + process is now complete. System State Comparison - freebsd-update can be used to test the - state of the installed &os; version against a known good copy. - This option evaluates the current version of system utilities, - libraries, and configuration files. To begin the comparison, - issue the following command: - - &prompt.root; freebsd-update IDS >> outfile.ids + The state of the installed &os; version against a known + good copy can be tested using freebsd-update IDS. + This command evaluates the current version of system utilities, + libraries, and configuration files and can be used as a + built-in Intrusion Detection System (IDS). - While the command name is IDS it is - not a replacement for a real intrusion detection system such + This command is + not a replacement for a real IDS such as security/snort. As freebsd-update stores data on disk, the possibility of tampering is evident. While this possibility may be reduced using kern.securelevel and by storing the freebsd-update data on a - read only file system when not in use, a better solution + read-only file system when not in use, a better solution would be to compare the system against a secure disk, such as a DVD or securely stored external - USB disk device. + USB disk device. An alternative method + for providing IDS functionality using a + built-in utility is described in - The system will now be inspected, and a lengthy listing of - files, along with the &man.sha256.1; hash values for both the + To begin the comparison, + specify the output file to save the results to: + + &prompt.root; freebsd-update IDS >> outfile.ids + + The system will now be inspected and a lengthy listing of + files, along with the SHA256 hash values for both the known value in the release and the current installation, will - be sent to the specified - outfile.ids file. + be sent to the specified output file. The entries in the listing are extremely long, but the output format may be easily parsed. For instance, to obtain a @@ -688,16 +688,13 @@ before running "/usr/sbin/freebsd-update This sample output has been truncated as many more files exist. Some files have natural modifications. For example, - /etc/passwd has been modified because - users have been added to the system. Other files, such as - kernel modules, may differ as + /etc/passwd will be modified if + users have been added to the system. + Kernel modules may differ as freebsd-update may have updated them. To exclude specific files or directories, add them to the IDSIgnorePaths option in /etc/freebsd-update.conf. - - This system may be used as part of an elaborate upgrade - method, aside from the previously discussed version. From owner-svn-doc-all@FreeBSD.ORG Tue May 6 18:10:38 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 246D64BD; Tue, 6 May 2014 18:10:38 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 108E4B3; Tue, 6 May 2014 18:10:38 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s46IAbqT049280; Tue, 6 May 2014 18:10:37 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s46IAbGo049279; Tue, 6 May 2014 18:10:37 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405061810.s46IAbGo049279@svn.freebsd.org> From: Dru Lavigne Date: Tue, 6 May 2014 18:10:37 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44776 - head/en_US.ISO8859-1/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2014 18:10:38 -0000 Author: dru Date: Tue May 6 18:10:37 2014 New Revision: 44776 URL: http://svnweb.freebsd.org/changeset/doc/44776 Log: Finish editorial review of Updating chapter. Fix some links. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Tue May 6 17:43:53 2014 (r44775) +++ head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Tue May 6 18:10:37 2014 (r44776) @@ -993,7 +993,7 @@ before running "/usr/sbin/freebsd-update &os.stable;. This section provides an explanation of each branch and its - intended audience as well as how to keep a system up-to-date + intended audience, as well as how to keep a system up-to-date with each respective branch. @@ -1077,11 +1077,11 @@ before running "/usr/sbin/freebsd-update Synchronize with the &os.current; sources. Typically, svn is used to check out the -CURRENT code from the head branch of - one of the Subversion mirror - sites. + one of the Subversion mirror + sites listed in . Users with very slow or limited Internet connectivity - can instead use CTM, but it is + can instead use CTM as described in , but it is not as reliable as svn and svn is the recommended method for synchronizing source. @@ -1182,7 +1182,7 @@ before running "/usr/sbin/freebsd-update recent &os.stable; release from the &os; mirror sites or use a monthly snapshot built from &os.stable;. Refer to Snapshots for + xlink:href="&url.base;/snapshots/">www.freebsd.org/snapshots for more information about snapshots. To compile or upgrade to an existing &os; system to @@ -1191,14 +1191,10 @@ before running "/usr/sbin/freebsd-update Subversion to check out the source for the desired branch. Branch names, such as - stable/9, are identified in the release - engineering page. CTM can be used - - -STABLE - syncing with CTM - if a reliable Internet connection is not + stable/9, are listed at www.freebsd.org/releng. + CTM () can be used if a reliable + Internet connection is not available. @@ -1222,11 +1218,11 @@ before running "/usr/sbin/freebsd-update Synchronizing Source - There are various ways of using an Internet or email - connection to stay up-to-date with any given area, or all areas, - of the &os; project sources. The primary services are - Subversion and - CTM. + There are various methods for + staying up-to-date with the + &os; sources. This section compares the primary services, + Subversion and + CTM. While it is possible to update only parts of the source @@ -1246,12 +1242,15 @@ before running "/usr/sbin/freebsd-update Subversion uses the pull model of updating sources. The user, or a cron script, invokes the - svn program, and it brings files up-to-date. - Subversion is the preferred means of - updating local source trees. The updates are up-to-the-minute - and the user controls when they are downloaded. It is easy to + svn program which updates the local version of the source. + Subversion is the preferred method for + updating local source trees as updates are up-to-the-minute + and the user controls when updates are downloaded. It is easy to restrict updates to specific files or directories and the - requested updates are generated on the fly by the server. + requested updates are generated on the fly by the server. How + to synchronize source using + Subversion is described in . CTM @@ -1262,22 +1261,24 @@ before running "/usr/sbin/freebsd-update changes in files since its previous run is executed several times a day on the master CTM machine. Any detected changes are compressed, stamped with a sequence-number, and encoded for - transmission over email in printable ASCII only. Once received, - these CTM deltas can then be handed to the - &man.ctm.rmail.1; utility which will automatically decode, + transmission over email in printable ASCII only. Once downloaded, + these deltas can be run through + ctm.rmail which will automatically decode, verify, and apply the changes to the user's copy of the sources. This process is more efficient than Subversion and places less strain on - server resources since it is a push rather - than a pull model. + server resources since it is a push, rather + than a pull, model. Instructions for using + CTM to synchronize source can be + found at . - There are other trade-offs. If a user inadvertently wipes + If a user inadvertently wipes out portions of the local archive, Subversion will detect and rebuild - the damaged portions. CTM will not - do this, and if a user deletes some portion of the source tree + the damaged portions. CTM will not, + and if a user deletes some portion of the source tree and does not have a backup, they will have to start from scratch - from the most recent CTM base delta and rebuild + from the most recent base delta and rebuild it all with CTM. From owner-svn-doc-all@FreeBSD.ORG Tue May 6 18:40:54 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BD9D684E; Tue, 6 May 2014 18:40:54 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A868B38F; Tue, 6 May 2014 18:40:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s46IesAg065049; Tue, 6 May 2014 18:40:54 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s46Ies7N065048; Tue, 6 May 2014 18:40:54 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405061840.s46Ies7N065048@svn.freebsd.org> From: Dru Lavigne Date: Tue, 6 May 2014 18:40:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44777 - head/en_US.ISO8859-1/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2014 18:40:54 -0000 Author: dru Date: Tue May 6 18:40:54 2014 New Revision: 44777 URL: http://svnweb.freebsd.org/changeset/doc/44777 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Tue May 6 18:10:37 2014 (r44776) +++ head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Tue May 6 18:40:54 2014 (r44777) @@ -293,10 +293,10 @@ MergeChanges /etc/ /var/named/etc/ /boot &prompt.root; freebsd-update install If the update applies any kernel patches, the system will - need a reboot in order to boot into the patched kernel. - If the patch was applied to any running binaries, the affected + need a reboot in order to boot into the patched kernel. If + the patch was applied to any running binaries, the affected applications should be restarted so that the patched version - of the binary is used. + of the binary is used. The system can be configured to automatically check for updates once every day by adding this entry to @@ -304,23 +304,23 @@ MergeChanges /etc/ /var/named/etc/ /boot @daily root freebsd-update cron - If patches exist, they will automatically be - downloaded but will not be applied. The - root user will be - sent an email so that the patches may be reviewed and manually + If patches exist, they will automatically be downloaded + but will not be applied. The root user will be sent an + email so that the patches may be reviewed and manually installed with freebsd-update install. If anything goes wrong, freebsd-update - has the ability to roll back the last set of changes with - the following command: + has the ability to roll back the last set of changes with the + following command: &prompt.root; freebsd-update rollback Uninstalling updates... done. - Again, the system should be restarted if the - kernel or any kernel modules were modified and any affected - binaries should be restarted. + Again, the system should be restarted if the kernel or any + kernel modules were modified and any affected binaries should + be restarted. Only the GENERIC kernel can be automatically updated by freebsd-update. @@ -329,15 +329,13 @@ Uninstalling updates... done. finishes installing the updates. However, freebsd-update will detect and update the GENERIC kernel if - /boot/GENERIC exists, - even if it is not the current running kernel of the - system. + /boot/GENERIC exists, even if it is not + the current running kernel of the system. - Always keep a copy of the - GENERIC kernel in - /boot/GENERIC. It - will be helpful in diagnosing a variety of problems and in + Always keep a copy of the GENERIC + kernel in /boot/GENERIC. It will be + helpful in diagnosing a variety of problems and in performing version upgrades. Refer to either or for @@ -352,21 +350,21 @@ Uninstalling updates... done. Rebuilding and reinstalling a new custom kernel can then be performed in the usual way. - The updates distributed by - freebsd-update do not always involve the - kernel. It is not necessary to rebuild a custom kernel if - the kernel sources have not been modified by - freebsd-update install. - However, freebsd-update will always - update /usr/src/sys/conf/newvers.sh. - The current patch level, as indicated by the - -p number reported by - uname -r, is obtained from this file. - Rebuilding a custom kernel, even if nothing else changed, - allows uname to accurately report the current - patch level of the system. This is particularly helpful - when maintaining multiple systems, as it allows for a quick - assessment of the updates installed in each one. + The updates distributed by + freebsd-update do not always involve the + kernel. It is not necessary to rebuild a custom kernel if the + kernel sources have not been modified by + freebsd-update install. However, + freebsd-update will always update + /usr/src/sys/conf/newvers.sh. The + current patch level, as indicated by the -p + number reported by uname -r, is obtained + from this file. Rebuilding a custom kernel, even if nothing + else changed, allows uname to accurately + report the current patch level of the system. This is + particularly helpful when maintaining multiple systems, as it + allows for a quick assessment of the updates installed in each + one. @@ -375,8 +373,8 @@ Uninstalling updates... done. Upgrades from one minor version of &os; to another, like from &os; 9.0 to &os; 9.1, are called minor version upgrades. - Major version upgrades occur when - &os; is upgraded from one major version to another, like from + Major version upgrades occur when &os; + is upgraded from one major version to another, like from &os; 9.X to &os; 10.X. Both types of upgrades can be performed by providing freebsd-update with a release version target. @@ -392,20 +390,19 @@ Uninstalling updates... done. GENERIC kernel. - The following command, when - run on a &os; 9.0 system, will upgrade it to - &os; 9.1: - - &prompt.root; freebsd-update -r 9.1-RELEASE upgrade - - After the command has been received, - freebsd-update will evaluate the - configuration file and current system in an attempt to - gather the information necessary to perform the upgrade. A - screen listing will display which components have and have - not been detected. For example: + The following command, when run on a &os; 9.0 system, + will upgrade it to &os; 9.1: + + &prompt.root; freebsd-update -r 9.1-RELEASE upgrade + + After the command has been received, + freebsd-update will evaluate the + configuration file and current system in an attempt to gather + the information necessary to perform the upgrade. A screen + listing will display which components have and have not been + detected. For example: - Looking up update.FreeBSD.org mirrors... 1 mirrors found. + Looking up update.FreeBSD.org mirrors... 1 mirrors found. Fetching metadata signature for 9.0-RELEASE from update1.FreeBSD.org... done. Fetching metadata index... done. Inspecting system... done. @@ -422,210 +419,201 @@ world/proflibs Does this look reasonable (y/n)? y - At this point, freebsd-update will - attempt to download all files required for the upgrade. In - some cases, the user may be prompted with questions - regarding what to install or how to proceed. + At this point, freebsd-update will + attempt to download all files required for the upgrade. In + some cases, the user may be prompted with questions regarding + what to install or how to proceed. - When using a custom kernel, the above step will produce - a warning similar to the following: + When using a custom kernel, the above step will produce a + warning similar to the following: - WARNING: This system is running a "MYKERNEL" kernel, which is not a + WARNING: This system is running a "MYKERNEL" kernel, which is not a kernel configuration distributed as part of FreeBSD 9.0-RELEASE. This kernel will not be updated: you MUST update the kernel manually before running "/usr/sbin/freebsd-update install" - This warning may be safely ignored at this point. The - updated GENERIC kernel will be used as - an intermediate step in the upgrade process. - - Once all the patches have been downloaded to the local - system, they will be applied. This process may take a - while, depending on the speed and workload of the machine. - Configuration files will then be merged. The merging - process requires some user intervention as a file may be - merged or an editor may appear on screen for a manual merge. - The results of every successful merge will be shown to the - user as the process continues. A failed or ignored merge - will cause the process to abort. Users may wish to make a - backup of /etc and - manually merge important files, such as - master.passwd or - group at a later time. - - - The system is not being altered yet as all patching - and merging is happening in another directory. Once all - patches have been applied successfully, all configuration - files have been merged and it seems the process will go - smoothly, the changes can be committed to disk by the - user using the following command: + This warning may be safely ignored at this point. The + updated GENERIC kernel will be used as an + intermediate step in the upgrade process. + + Once all the patches have been downloaded to the local + system, they will be applied. This process may take a while, + depending on the speed and workload of the machine. + Configuration files will then be merged. The merging process + requires some user intervention as a file may be merged or an + editor may appear on screen for a manual merge. The results + of every successful merge will be shown to the user as the + process continues. A failed or ignored merge will cause the + process to abort. Users may wish to make a backup of + /etc and manually merge important files, + such as master.passwd or + group at a later time. + + + The system is not being altered yet as all patching and + merging is happening in another directory. Once all patches + have been applied successfully, all configuration files have + been merged and it seems the process will go smoothly, the + changes can be committed to disk by the user using the + following command: &prompt.root; freebsd-update install + - + The kernel and kernel modules will be patched first. If + the system is running with a custom kernel, use + &man.nextboot.8; to set the kernel for the next boot to the + updated /boot/GENERIC: - The kernel and kernel modules will be patched first. If - the system is - running with a custom kernel, use &man.nextboot.8; to set - the kernel for the next boot to the updated - /boot/GENERIC: - - &prompt.root; nextboot -k GENERIC - - - Before rebooting with the GENERIC - kernel, make sure it contains all the drivers required for - the system to boot properly and connect to the network, - if the machine being updated is accessed remotely. In - particular, if the running custom kernel contains built-in - functionality usually provided by kernel modules, make - sure to temporarily load these modules into the - GENERIC kernel using the - /boot/loader.conf facility. - It is recommended to disable non-essential services as - well as any disk and network mounts until the upgrade - process is complete. - - - The machine should now be restarted with the updated - kernel: - - &prompt.root; shutdown -r now - - Once the system has come back online, restart - freebsd-update using the following - command. Since the state of the process has been saved, - freebsd-update will not start from the - beginning, but will instead move on to the next phase and - remove all old shared libraries and - object files. + &prompt.root; nextboot -k GENERIC - &prompt.root; freebsd-update install + + Before rebooting with the GENERIC + kernel, make sure it contains all the drivers required for + the system to boot properly and connect to the network, if + the machine being updated is accessed remotely. In + particular, if the running custom kernel contains built-in + functionality usually provided by kernel modules, make sure + to temporarily load these modules into the + GENERIC kernel using the + /boot/loader.conf facility. It is + recommended to disable non-essential services as well as any + disk and network mounts until the upgrade process is + complete. + + + The machine should now be restarted with the updated + kernel: - - Depending upon whether any library version numbers - were bumped, there may only be two install phases instead - of three. - - - The upgrade is now complete. If this was a major - version upgrade, reinstall all ports and packages as - described in . - - - Custom Kernels with &os; 9.X and Later - - Before using freebsd-update, ensure - that a copy of the GENERIC kernel - exists in /boot/GENERIC. If a custom - kernel has only been built once, the - kernel in /boot/kernel.old is - the GENERIC kernel. - Simply rename this directory to - /boot/kernel. - - If a custom kernel has been built more than once - or if it is unknown how many times the custom kernel - has been built, obtain a copy of the - GENERIC kernel that matches the - current version of the operating system. If physical - access to the system is available, a - copy of the GENERIC kernel can be - installed from the installation media: + &prompt.root; shutdown -r now - &prompt.root; mount /cdrom + Once the system has come back online, restart + freebsd-update using the following command. + Since the state of the process has been saved, + freebsd-update will not start from the + beginning, but will instead move on to the next phase and + remove all old shared libraries and object files. + + &prompt.root; freebsd-update install + + + Depending upon whether any library version numbers were + bumped, there may only be two install phases instead of + three. + + + The upgrade is now complete. If this was a major version + upgrade, reinstall all ports and packages as described in + . + + + Custom Kernels with &os; 9.X and Later + + Before using freebsd-update, ensure + that a copy of the GENERIC kernel + exists in /boot/GENERIC. If a custom + kernel has only been built once, the kernel in + /boot/kernel.old is the + GENERIC kernel. Simply rename this + directory to /boot/kernel. + + If a custom kernel has been built more than once or if + it is unknown how many times the custom kernel has been + built, obtain a copy of the GENERIC + kernel that matches the current version of the operating + system. If physical access to the system is available, a + copy of the GENERIC kernel can be + installed from the installation media: + + &prompt.root; mount /cdrom &prompt.root; cd /cdrom/usr/freebsd-dist &prompt.root; tar -C/ -xvf kernel.txz boot/kernel/kernel - Alternately, the - GENERIC kernel may be rebuilt and - installed from source: + Alternately, the GENERIC kernel may + be rebuilt and installed from source: - &prompt.root; cd /usr/src + &prompt.root; cd /usr/src &prompt.root; make kernel __MAKE_CONF=/dev/null SRCCONF=/dev/null - For this kernel to be identified as the - GENERIC kernel by - freebsd-update, the - GENERIC configuration file must - not have been modified in any way. It is also - suggested that the kernel is built without any other - special options. - - Rebooting into the GENERIC kernel - is not required as freebsd-update only - needs /boot/GENERIC to exist. + For this kernel to be identified as the + GENERIC kernel by + freebsd-update, the + GENERIC configuration file must not + have been modified in any way. It is also suggested that + the kernel is built without any other special + options. + + Rebooting into the GENERIC kernel + is not required as freebsd-update only + needs /boot/GENERIC to exist. - - Custom Kernels with &os; 8.X + + Custom Kernels with &os; 8.X - On an &os; 8.X system, the instructions for - obtaining or building a - GENERIC kernel differ slightly. - - Assuming physical access to the machine is - possible, a copy of the GENERIC - kernel can be installed from the installation media - using the following commands: + On an &os; 8.X system, the instructions for + obtaining or building a GENERIC kernel + differ slightly. + + Assuming physical access to the machine is possible, a + copy of the GENERIC kernel can be + installed from the installation media using the following + commands: - &prompt.root; mount /cdrom + &prompt.root; mount /cdrom &prompt.root; cd /cdrom/X.Y-RELEASE/kernels &prompt.root; ./install.sh GENERIC - Replace X.Y-RELEASE - with the version of the release being used. - The GENERIC kernel will be - installed in /boot/GENERIC by - default. + Replace X.Y-RELEASE + with the version of the release being used. The + GENERIC kernel will be installed in + /boot/GENERIC by default. - To instead build the - GENERIC kernel from source: + To instead build the GENERIC kernel + from source: - &prompt.root; cd /usr/src + &prompt.root; cd /usr/src &prompt.root; env DESTDIR=/boot/GENERIC make kernel __MAKE_CONF=/dev/null SRCCONF=/dev/null &prompt.root; mv /boot/GENERIC/boot/kernel/* /boot/GENERIC &prompt.root; rm -rf /boot/GENERIC/boot - For this kernel to be picked up as - GENERIC by - freebsd-update, the - GENERIC configuration file must - not have been modified in any way. It is also - suggested that it is built without any other special - options. - - Rebooting into the GENERIC kernel - is not required. - + For this kernel to be picked up as + GENERIC by + freebsd-update, the + GENERIC configuration file must not + have been modified in any way. It is also suggested that it + is built without any other special options. + + Rebooting into the GENERIC kernel + is not required. + Rebuilding Ports After a Major Version Upgrade - Generally, - installed applications will continue to work without problems - after minor version upgrades. Major versions use different - Application Binary Interfaces (ABIs), which - which will break most third-party - applications. After a - major version upgrade, all installed packages and - ports need to be upgraded using a utility such as - ports-mgmt/portmaster. A - rebuild of all installed applications can be - accomplished with this command: - - &prompt.root; portmaster -af - - This command will display the configuration screens for - each application that has configurable options and wait for the user to interact with those - screens. To prevent this behavior, and use only the default - options, include in the above command. - - Once the software upgrades are complete, finish the upgrade process with - a final call to freebsd-update in order - to tie up all the loose ends in the upgrade process: + Generally, installed applications will continue to work + without problems after minor version upgrades. Major + versions use different Application Binary Interfaces + (ABIs), which which will break most + third-party applications. After a major version upgrade, + all installed packages and ports need to be upgraded using a + utility such as ports-mgmt/portmaster. A + rebuild of all installed applications can be accomplished + with this command: + + &prompt.root; portmaster -af + + This command will display the configuration screens for + each application that has configurable options and wait for + the user to interact with those screens. To prevent this + behavior, and use only the default options, include + in the above command. + + Once the software upgrades are complete, finish the + upgrade process with a final call to + freebsd-update in order to tie up all the + loose ends in the upgrade process: &prompt.root; freebsd-update install @@ -634,8 +622,8 @@ before running "/usr/sbin/freebsd-update new custom kernel using the instructions in . - Reboot the machine into the new &os; version. The upgrade - process is now complete. + Reboot the machine into the new &os; version. The + upgrade process is now complete. @@ -643,15 +631,16 @@ before running "/usr/sbin/freebsd-update System State Comparison The state of the installed &os; version against a known - good copy can be tested using freebsd-update IDS. - This command evaluates the current version of system utilities, - libraries, and configuration files and can be used as a - built-in Intrusion Detection System (IDS). + good copy can be tested using + freebsd-update IDS. This command evaluates + the current version of system utilities, libraries, and + configuration files and can be used as a built-in Intrusion + Detection System (IDS). - This command is - not a replacement for a real IDS such - as security/snort. As + This command is not a replacement for a real + IDS such as + security/snort. As freebsd-update stores data on disk, the possibility of tampering is evident. While this possibility may be reduced using kern.securelevel and @@ -665,15 +654,16 @@ before running "/usr/sbin/freebsd-update linkend="security-ids"/> - To begin the comparison, - specify the output file to save the results to: + To begin the comparison, specify the output file to save + the results to: &prompt.root; freebsd-update IDS >> outfile.ids The system will now be inspected and a lengthy listing of - files, along with the SHA256 hash values for both the - known value in the release and the current installation, will - be sent to the specified output file. + files, along with the SHA256 hash values + for both the known value in the release and the current + installation, will be sent to the specified output + file. The entries in the listing are extremely long, but the output format may be easily parsed. For instance, to obtain a @@ -688,11 +678,10 @@ before running "/usr/sbin/freebsd-update This sample output has been truncated as many more files exist. Some files have natural modifications. For example, - /etc/passwd will be modified if - users have been added to the system. - Kernel modules may differ as - freebsd-update may have updated them. - To exclude specific files or directories, add them to the + /etc/passwd will be modified if users + have been added to the system. Kernel modules may differ as + freebsd-update may have updated them. To + exclude specific files or directories, add them to the IDSIgnorePaths option in /etc/freebsd-update.conf. @@ -1081,8 +1070,9 @@ before running "/usr/sbin/freebsd-update sites listed in . Users with very slow or limited Internet connectivity - can instead use CTM as described in , but it is - not as reliable as svn and + can instead use CTM as described in , + but it is not as reliable as + svn and svn is the recommended method for synchronizing source. @@ -1182,8 +1172,8 @@ before running "/usr/sbin/freebsd-update recent &os.stable; release from the &os; mirror sites or use a monthly snapshot built from &os.stable;. Refer to www.freebsd.org/snapshots for - more information about snapshots. + xlink:href="&url.base;/snapshots/">www.freebsd.org/snapshots + for more information about snapshots. To compile or upgrade to an existing &os; system to &os.stable;, use svn @@ -1194,8 +1184,7 @@ before running "/usr/sbin/freebsd-update stable/9, are listed at www.freebsd.org/releng. CTM () can be used if a reliable - Internet connection is not - available. + Internet connection is not available. @@ -1205,11 +1194,10 @@ before running "/usr/sbin/freebsd-update compiling , read /usr/src/Makefile carefully and follow the instructions in . Read - &a.stable; and /usr/src/UPDATING to - keep up-to-date on other bootstrapping procedures that - sometimes become necessary on the road to the next - release. + linkend="makeworld"/>. Read &a.stable; and + /usr/src/UPDATING to keep up-to-date + on other bootstrapping procedures that sometimes become + necessary on the road to the next release. @@ -1218,8 +1206,7 @@ before running "/usr/sbin/freebsd-update Synchronizing Source - There are various methods for - staying up-to-date with the + There are various methods for staying up-to-date with the &os; sources. This section compares the primary services, Subversion and CTM. @@ -1242,13 +1229,13 @@ before running "/usr/sbin/freebsd-update Subversion uses the pull model of updating sources. The user, or a cron script, invokes the - svn program which updates the local version of the source. - Subversion is the preferred method for - updating local source trees as updates are up-to-the-minute - and the user controls when updates are downloaded. It is easy to - restrict updates to specific files or directories and the - requested updates are generated on the fly by the server. How - to synchronize source using + svn program which updates the local version + of the source. Subversion is the + preferred method for updating local source trees as updates are + up-to-the-minute and the user controls when updates are + downloaded. It is easy to restrict updates to specific files or + directories and the requested updates are generated on the fly + by the server. How to synchronize source using Subversion is described in . @@ -1261,25 +1248,24 @@ before running "/usr/sbin/freebsd-update changes in files since its previous run is executed several times a day on the master CTM machine. Any detected changes are compressed, stamped with a sequence-number, and encoded for - transmission over email in printable ASCII only. Once downloaded, - these deltas can be run through - ctm.rmail which will automatically decode, - verify, and apply the changes to the user's copy of the sources. - This process is more efficient than + transmission over email in printable ASCII + only. Once downloaded, these deltas can + be run through ctm.rmail which will + automatically decode, verify, and apply the changes to the + user's copy of the sources. This process is more efficient than Subversion and places less strain on server resources since it is a push, rather than a pull, model. Instructions for using CTM to synchronize source can be found at . - If a user inadvertently wipes - out portions of the local archive, - Subversion will detect and rebuild - the damaged portions. CTM will not, - and if a user deletes some portion of the source tree + If a user inadvertently wipes out portions of the local + archive, Subversion will detect and + rebuild the damaged portions. CTM + will not, and if a user deletes some portion of the source tree and does not have a backup, they will have to start from scratch - from the most recent base delta and rebuild - it all with CTM. + from the most recent base delta and + rebuild it all with CTM. @@ -1456,12 +1442,13 @@ Script started, output file is /var/tmp/ possible to boot with the newly updated kernel. If kern.securelevel has been raised above 1 and - noschg or similar flags have been set on the kernel - binary, drop the system into single-user mode first. - Otherwise, this command can be run from multi-user mode - without problems. See &man.init.8; for details about - kern.securelevel and &man.chflags.1; - for details about the various file flags. + noschg or similar flags have been set + on the kernel binary, drop the system into single-user + mode first. Otherwise, this command can be run from + multi-user mode without problems. See &man.init.8; for + details about kern.securelevel and + &man.chflags.1; for details about the various file + flags. &prompt.root; make installkernel From owner-svn-doc-all@FreeBSD.ORG Tue May 6 18:41:57 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 127828C0; Tue, 6 May 2014 18:41:57 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F323239C; Tue, 6 May 2014 18:41:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s46Ifuiq065911; Tue, 6 May 2014 18:41:56 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s46IfuH7065910; Tue, 6 May 2014 18:41:56 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405061841.s46IfuH7065910@svn.freebsd.org> From: Dru Lavigne Date: Tue, 6 May 2014 18:41:56 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44778 - head/en_US.ISO8859-1/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2014 18:41:57 -0000 Author: dru Date: Tue May 6 18:41:56 2014 New Revision: 44778 URL: http://svnweb.freebsd.org/changeset/doc/44778 Log: Fix grammo. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Tue May 6 18:40:54 2014 (r44777) +++ head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Tue May 6 18:41:56 2014 (r44778) @@ -595,7 +595,7 @@ before running "/usr/sbin/freebsd-update Generally, installed applications will continue to work without problems after minor version upgrades. Major versions use different Application Binary Interfaces - (ABIs), which which will break most + (ABIs), which will break most third-party applications. After a major version upgrade, all installed packages and ports need to be upgraded using a utility such as ports-mgmt/portmaster. A From owner-svn-doc-all@FreeBSD.ORG Tue May 6 19:45:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 20E3A806; Tue, 6 May 2014 19:45:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 00507B9B; Tue, 6 May 2014 19:45:13 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s46JjCFE095240; Tue, 6 May 2014 19:45:12 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s46JjCIJ095239; Tue, 6 May 2014 19:45:12 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405061945.s46JjCIJ095239@svn.freebsd.org> From: Dru Lavigne Date: Tue, 6 May 2014 19:45:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44779 - head/en_US.ISO8859-1/books/handbook/serialcomms X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2014 19:45:13 -0000 Author: dru Date: Tue May 6 19:45:12 2014 New Revision: 44779 URL: http://svnweb.freebsd.org/changeset/doc/44779 Log: Editorial review of intro to Terminals. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Tue May 6 18:41:56 2014 (r44778) +++ head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Tue May 6 19:45:12 2014 (r44779) @@ -619,18 +619,20 @@ - - - --> - Terminals + terminals @@ -653,8 +655,8 @@ Many terminals can be attached to a &os; system. An older spare computer can be used as a terminal wired into a more powerful computer running &os;. This can turn what might - otherwise be a single-user computer into a powerful multiple - user system. + otherwise be a single-user computer into a powerful + multiple-user system. &os; supports three types of terminals: @@ -666,9 +668,8 @@ to computers over serial lines. They are called dumb because they have only enough computational power to display, send, and receive text. - No programs can be run on these devices. Dumb terminals - connect to a computer that has all the power to run text - editors, compilers, email, games, and so forth. + No programs can be run on these devices. Instead, dumb terminals + connect to a computer that runs the needed programs. There are hundreds of kinds of dumb terminals made by many manufacturers, and just about any kind will work @@ -685,11 +686,11 @@ Computers Acting as Terminals - If a dumb terminal has just enough ability to + Since a dumb terminal has just enough ability to display, send, and receive text, any spare computer can be a dumb terminal. All that is needed is the proper - cable and some terminal - emulation software to run on the + cable and some terminal + emulation software to run on the computer. This configuration can be useful. For example, if one @@ -702,29 +703,24 @@ &os; that can be used to work through a serial connection: &man.cu.1; and &man.tip.1;. - To connect from a client system that runs &os; to the - serial connection of another system, use: + For example, to connect from a client system that runs &os; to the + serial connection of another system: &prompt.root; cu -l serial-port-device - Where serial-port-device is the name of - a special device file denoting a serial port on the - system. These device files are called - /dev/cuauN. - - The N-part of a device name is the - serial port number. - - - Note that device numbers in &os; start from zero and - not one. This means that COM1 + Replace serial-port-device with the device name of + the connected serial port. These device files are called + /dev/cuauN + on &os; versions 8.x and lower and + /dev/cuadN + on &os; versions 9.x and higher. In either case, + N is the + serial port number, starting from zero. + This means that COM1 is /dev/cuau0 in &os;. - - - Some people prefer to use other programs available + Additional programs are available through the Ports Collection, such as comms/minicom. - @@ -735,9 +731,9 @@ terminal available. Instead of connecting to a serial port, they usually connect to a network like Ethernet. Instead of being relegated to text-only applications, they - can display any X application. + can display any &xorg; application. - This chapter does not cover the + This chapter does not cover the setup, configuration, or use of X terminals. From owner-svn-doc-all@FreeBSD.ORG Tue May 6 19:47:58 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 16BA1933; Tue, 6 May 2014 19:47:58 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 02B23BBC; Tue, 6 May 2014 19:47:58 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s46JlvBd095630; Tue, 6 May 2014 19:47:57 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s46JlvcR095628; Tue, 6 May 2014 19:47:57 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405061947.s46JlvcR095628@svn.freebsd.org> From: Dru Lavigne Date: Tue, 6 May 2014 19:47:57 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44780 - head/en_US.ISO8859-1/books/handbook/serialcomms X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2014 19:47:58 -0000 Author: dru Date: Tue May 6 19:47:57 2014 New Revision: 44780 URL: http://svnweb.freebsd.org/changeset/doc/44780 Log: Add missing cuad reference. Make note in editorial doc to chase all cuau references in this chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Tue May 6 19:45:12 2014 (r44779) +++ head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Tue May 6 19:47:57 2014 (r44780) @@ -717,7 +717,8 @@ N is the serial port number, starting from zero. This means that COM1 - is /dev/cuau0 in &os;. + is /dev/cuau0 or + /dev/cuad0 in &os;. Additional programs are available through the Ports Collection, such as comms/minicom. From owner-svn-doc-all@FreeBSD.ORG Tue May 6 20:34:50 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 04A5C3CE; Tue, 6 May 2014 20:34:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D83BDA6; Tue, 6 May 2014 20:34:49 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s46KYn4p018743; Tue, 6 May 2014 20:34:49 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s46KYnwS018742; Tue, 6 May 2014 20:34:49 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405062034.s46KYnwS018742@svn.freebsd.org> From: Dru Lavigne Date: Tue, 6 May 2014 20:34:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44781 - head/en_US.ISO8859-1/books/handbook/serialcomms X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2014 20:34:50 -0000 Author: dru Date: Tue May 6 20:34:49 2014 New Revision: 44781 URL: http://svnweb.freebsd.org/changeset/doc/44781 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Tue May 6 19:47:57 2014 (r44780) +++ head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Tue May 6 20:34:49 2014 (r44781) @@ -63,441 +63,435 @@ bps - - Bits per - Secondbits-per-second - (bps) is the rate at which data is - transmitted. - - + + Bits per + Secondbits-per-second + (bps) is the rate at which data is + transmitted. + + - - DTE - - Data Terminal - EquipmentDTE - (DTE) is one of two endpoints in a - serial communication. An example would be a - computer. - - + + DTE + + Data Terminal + EquipmentDTE + (DTE) is one of two endpoints in a + serial communication. An example would be a + computer. + + - - DCE - - Data Communications - EquipmentDCE - (DTE) is the other endpoint in a - serial communication. Typically, it is a modem. - - + + DCE + + Data Communications + EquipmentDCE + (DTE) is the other endpoint in a + serial communication. Typically, it is a modem. + + - - RS-232 + + RS-232 + + The original standard which defined hardware serial + communications. It has since been renamed to + TIA-232RS-232C + cables. + + + - - The original standard which defined hardware serial - communications. It has since been renamed to - TIA-232RS-232C - cables. - - - + When talking about communications data rates, this section + does not use the term baud. Baud refers to the + number of electrical state transitions that may be made in a + period of time, while bps is the + correct term to use. + + To connect a modem or serial terminal to a &os; system, a + serial port on the computer and the proper cable to connect to + the serial device are needed. Users who are already familiar + with serial hardware and cabling can safely skip this + section. + + + Serial Cables and Ports + + There are several different kinds of serial cables. The + two most common types are null-modem cables and standard + RS-232 cables. The documentation for the hardware should + describe the type of cable required. - When talking about communications data rates, this section - does not use the term baud. Baud refers to the - number of electrical state transitions that may be made in a - period of time, while bps is the - correct term to use. - - To connect a modem or serial terminal to a &os; system, a - serial port on the computer and the proper cable to connect to - the serial device are needed. Users who are already familiar - with serial hardware and cabling can safely skip this - section. - - - Serial Cables and Ports - - There are several different kinds of serial cables. The - two most common types are null-modem cables and standard - RS-232 cables. The documentation for the hardware should - describe the type of cable required. + + null-modem cable + - - null-modem cable - + A null-modem cable passes some signals, such as + Signal Ground, straight through, but switches + other signals. For example, the Transmitted + Data pin on one end goes to the Received + Data pin on the other end. + + A null-modem cable can be constructed for use with + terminals. The following table shows the RS-232C signal names and + the pin numbers on a DB-25 connector. While the standard + calls for a straight-through pin 1 to pin 1 + Protective Ground line, it is often + omitted. Some terminals work using only pins 2, 3, and 7, + while others require different configurations than the + examples shown below. - A null-modem cable passes some signals, such as - Signal Ground, straight through, but - switches other signals. For example, the - Transmitted Data pin on one end goes to the - Received Data pin on the other end. - - A null-modem cable can be constructed for use with - terminals. The following table shows the RS-232C signal names - and the pin numbers on a DB-25 connector. While the - standard calls for a straight-through pin 1 to pin 1 - Protective Ground line, it is often - omitted. Some terminals work using only pins 2, 3, and - 7, while others require different configurations than - the examples shown below. - -
              June 30, 2015
              releng/8.38.3-RELEASEExtendedApril 18, 2012April 30, 2014
              releng/8.4 8.4-RELEASE ExtendedFebruary 24, 2011 July 31, 2012
              releng/8.38.3-RELEASEExtendedApril 18, 2012April 30, 2014
              releng/9.0 9.0-RELEASEreleng/8.3 Frozen &contact.so;FreeBSD 8.3 supported errata fix branch.FreeBSD 8.3 errata fix branch (not officially supported).
              2015 年 6 月 30 日
              releng/8.38.3-RELEASEExtended2012 年 4 月 18 日2014 年 4 月 30 日
              releng/8.4 8.4-RELEASE Extended2012 年 7 月 31 日
              releng/8.38.3-RELEASEExtended2012 年 4 月 18 日2014 年 4 月 30 日
              releng/9.0 9.0-RELEASE Normal
              - DB-25 to DB-25 Null-Modem Cable - - - - - Signal - Pin # - - Pin # - Signal - - - - - - SG - 7 - connects to - 7 - SG - - - - TD - 2 - connects to - 3 - RD - - - - RD - 3 - connects to - 2 - TD - - - - RTS - 4 - connects to - 5 - CTS - - - - CTS - 5 - connects to - 4 - RTS - - - - DTR - 20 - connects to - 6 - DSR - - - - DTR - 20 - connects to - 8 - DCD - - - - DSR - 6 - connects to - 20 - DTR - - - - DCD - 8 - connects to - 20 - DTR - - - -
              - - The next two tables show two other common - schemes. - - - DB-9 to DB-9 Null-Modem Cable - - - - - Signal - Pin # - - Pin # - Signal - - - - - - RD - 2 - connects to - 3 - TD - - - - TD - 3 - connects to - 2 - RD - - - - DTR - 4 - connects to - 6 - DSR - - - - DTR - 4 - connects to - 1 - DCD - - - - SG - 5 - connects to - 5 - SG - - - - DSR - 6 - connects to - 4 - DTR - - - - DCD - 1 - connects to - 4 - DTR - - - - RTS - 7 - connects to - 8 - CTS - - - - CTS - 8 - connects to - 7 - RTS - - - -
              - - - DB-9 to DB-25 Null-Modem Cable - - - - - Signal - Pin # - - Pin # - Signal - - - - - - RD - 2 - connects to - 2 - TD - - - - TD - 3 - connects to - 3 - RD - - - - DTR - 4 - connects to - 6 - DSR - - - - DTR - 4 - connects to - 8 - DCD - - - - SG - 5 - connects to - 7 - SG - - - - DSR - 6 - connects to - 20 - DTR - - - - DCD - 1 - connects to - 20 - DTR - - - - RTS - 7 - connects to - 5 - CTS - - - - CTS - 8 - connects to - 4 - RTS - - - -
              + + DB-25 to DB-25 Null-Modem Cable - - When one pin at one end connects to a pair of pins - at the other end, it is usually implemented with one - short wire between the pair of pins in their connector - and a long wire to the other single pin. - + + + + Signal + Pin # + + Pin # + Signal + + - The above designs seem to be the most popular. In - another variation, SG connects to SG, TD connects to RD, - RTS and CTS connect to DCD, DTR connects to DSR, and - vice-versa. - - RS-232C cables - - A standard serial cable passes all of the RS-232C - signals straight through. The Transmitted - Data pin on one end of the cable goes to the - Transmitted Data pin on the other end. - This is the type of cable used to connect a modem to - the &os; system, and is also appropriate for some - terminals. - - Serial ports are the devices through which data is - transferred between the &os; host computer and the - terminal. This section describes the kinds of ports that - exist and how they are addressed in &os;. - - Several kinds of serial ports exist. Before - purchasing or constructing a cable, make sure it will - fit the ports on the terminal and on the &os; - system. - - Most terminals have DB-25 ports. Personal computers - may have DB-25 or DB-9 ports. A multiport serial card may - have RJ-12 or RJ-45 ports. - - See the documentation that accompanied the hardware - for specifications on the kind of port or visually verify - the type of port. - - In &os;, each serial port is accessed through an - entry in /dev. - There are two different kinds of entries: + + + SG + 7 + connects to + 7 + SG + - - - Call-in ports are named - /dev/ttyuN - where N is the port number, - starting from zero. Generally, the call-in port is - used for terminals. Call-in ports require that the - serial line assert the Data Carrier Detect - (DCD) signal to work - correctly. - + + TD + 2 + connects to + 3 + RD + - - Call-out ports are named - /dev/cuauN. - Call-out ports are usually not used for terminals, but - are used for modems. The call-out port can be used if - the serial cable or the terminal does not support the - carrier detect signal. - - + + RD + 3 + connects to + 2 + TD + + + + RTS + 4 + connects to + 5 + CTS + + + + CTS + 5 + connects to + 4 + RTS + + + + DTR + 20 + connects to + 6 + DSR + + + + DTR + 20 + connects to + 8 + DCD + + + + DSR + 6 + connects to + 20 + DTR + + + + DCD + 8 + connects to + 20 + DTR + + + +
              + + The next two tables show two other common schemes. + + + DB-9 to DB-9 Null-Modem Cable + + + + + Signal + Pin # + + Pin # + Signal + + + + + + RD + 2 + connects to + 3 + TD + - If a terminal is connected to the first serial - port(COM1), use - /dev/ttyu0 to refer to the - terminal. If the terminal is on the second serial port - (COM2), use - /dev/ttyu1, and so forth. - + + TD + 3 + connects to + 2 + RD + + + + DTR + 4 + connects to + 6 + DSR + + + + DTR + 4 + connects to + 1 + DCD + + + + SG + 5 + connects to + 5 + SG + + + + DSR + 6 + connects to + 4 + DTR + + + + DCD + 1 + connects to + 4 + DTR + + + + RTS + 7 + connects to + 8 + CTS + + + + CTS + 8 + connects to + 7 + RTS + + + +
              + + + DB-9 to DB-25 Null-Modem Cable + + + + + Signal + Pin # + + Pin # + Signal + + + + + + RD + 2 + connects to + 2 + TD + + + + TD + 3 + connects to + 3 + RD + + + + DTR + 4 + connects to + 6 + DSR + + + + DTR + 4 + connects to + 8 + DCD + + + + SG + 5 + connects to + 7 + SG + + + + DSR + 6 + connects to + 20 + DTR + + + + DCD + 1 + connects to + 20 + DTR + + + + RTS + 7 + connects to + 5 + CTS + + + + CTS + 8 + connects to + 4 + RTS + + + +
              + + + When one pin at one end connects to a pair of pins at + the other end, it is usually implemented with one short wire + between the pair of pins in their connector and a long wire + to the other single pin. + + + The above designs seem to be the most popular. In + another variation, SG connects to SG, TD connects to RD, RTS + and CTS connect to DCD, DTR connects to DSR, and + vice-versa. + + RS-232C cables + + A standard serial cable passes all of the RS-232C signals + straight through. The Transmitted Data pin on + one end of the cable goes to the Transmitted + Data pin on the other end. This is the type of + cable used to connect a modem to the &os; system, and is also + appropriate for some terminals. + + Serial ports are the devices through which data is + transferred between the &os; host computer and the terminal. + This section describes the kinds of ports that exist and how + they are addressed in &os;. + + Several kinds of serial ports exist. Before purchasing or + constructing a cable, make sure it will fit the ports on the + terminal and on the &os; system. + + Most terminals have DB-25 ports. Personal computers may + have DB-25 or DB-9 ports. A multiport serial card may have + RJ-12 or RJ-45 ports. + + See the documentation that accompanied the hardware for + specifications on the kind of port or visually verify the type + of port. + + In &os;, each serial port is accessed through an entry in + /dev. There are two different kinds of + entries: + + + + Call-in ports are named + /dev/ttyuN + where N is the port number, + starting from zero. Generally, the call-in port is used + for terminals. Call-in ports require that the serial line + assert the Data Carrier Detect (DCD) + signal to work correctly. + + + + Call-out ports are named + /dev/cuauN. + Call-out ports are usually not used for terminals, but are + used for modems. The call-out port can be used if the + serial cable or the terminal does not support the carrier + detect signal. + + + + If a terminal is connected to the first serial port + (COM1), use + /dev/ttyu0 to refer to the terminal. If + the terminal is on the second serial port + (COM2), use + /dev/ttyu1, and so forth. +               Kernel Configuration &os; supports four serial ports by default. In the - &ms-dos; world, these are known as - COM1, - COM2, - COM3, and + &ms-dos; world, these are known as COM1, + COM2, COM3, and COM4. &os; currently supports dumb multiport serial interface cards, such as the BocaBoard 1008 and 2016, as well as more intelligent @@ -505,19 +499,18 @@ Technologies. However, the default kernel only looks for the standard COM ports. - To see if the kernel recognizes the serial ports, - watch for messages while the kernel is booting, or use - /sbin/dmesg to replay the kernel's - boot messages. Look for messages that start with the - characters uart: + To see if the kernel recognizes the serial ports, watch + for messages while the kernel is booting, or use + /sbin/dmesg to replay the kernel's boot + messages. Look for messages that start with the characters + uart: &prompt.root; /sbin/dmesg | grep 'uart' - If the kernel does not recognize all of the serial - ports, configure /boot/device.hints. - When editing this file, one can comment out or completely - remove lines for devices that do not exist on the - system. + If the kernel does not recognize all of the serial ports, + configure /boot/device.hints. When + editing this file, one can comment out or completely remove + lines for devices that do not exist on the system. port IO_COM1 is a substitution for @@ -528,11 +521,10 @@ addresses for their respective serial ports and interrupts 4, 3, 5, and 9 are fairly common interrupt request lines. Regular serial ports cannot share - interrupts on ISA-bus PCs. Multiport boards have - on-board electronics that allow all the 16550A's on the - board to share one or two interrupt request lines. + interrupts on ISA-bus PCs. Multiport boards have on-board + electronics that allow all the 16550A's on the board to + share one or two interrupt request lines. - @@ -614,7 +606,8 @@ of the port will be stuck with 57600 bps. The initial state and lock state devices should only be - writable by root. + writable by root. @@ -641,9 +634,9 @@ connected network. This section describes how to use terminals with &os;. - The original &unix; systems did not have consoles. - Instead, users logged in and ran programs through terminals - that were connected to the computer's serial ports. + The original &unix; systems did not have consoles. Instead, + users logged in and ran programs through terminals that were + connected to the computer's serial ports. The ability to establish a login session on a serial port still exists in nearly every &unix;-like operating system @@ -668,17 +661,18 @@ to computers over serial lines. They are called dumb because they have only enough computational power to display, send, and receive text. - No programs can be run on these devices. Instead, dumb terminals - connect to a computer that runs the needed programs. - - There are hundreds of kinds of dumb terminals made - by many manufacturers, and just about any kind will work - with &os;. Some high-end terminals can even display - graphics, but only certain software packages can take - advantage of these advanced features. + No programs can be run on these devices. Instead, dumb + terminals connect to a computer that runs the needed + programs. + + There are hundreds of kinds of dumb terminals made by + many manufacturers, and just about any kind will work with + &os;. Some high-end terminals can even display graphics, + but only certain software packages can take advantage of + these advanced features. - Dumb terminals are popular in work environments - where workers do not need access to graphical + Dumb terminals are popular in work environments where + workers do not need access to graphical applications. @@ -689,9 +683,8 @@ Since a dumb terminal has just enough ability to display, send, and receive text, any spare computer can be a dumb terminal. All that is needed is the proper - cable and some terminal - emulation software to run on the - computer. + cable and some terminal emulation + software to run on the computer. This configuration can be useful. For example, if one user is busy working at the &os; system's console, another @@ -703,25 +696,27 @@ &os; that can be used to work through a serial connection: &man.cu.1; and &man.tip.1;. - For example, to connect from a client system that runs &os; to the - serial connection of another system: + For example, to connect from a client system that runs + &os; to the serial connection of another system: &prompt.root; cu -l serial-port-device - Replace serial-port-device with the device name of - the connected serial port. These device files are called + Replace serial-port-device + with the device name of the connected serial port. These + device files are called /dev/cuauN on &os; versions 8.x and lower and /dev/cuadN on &os; versions 9.x and higher. In either case, - N is the - serial port number, starting from zero. - This means that COM1 - is /dev/cuau0 or - /dev/cuad0 in &os;. - - Additional programs are available - through the Ports Collection, such as comms/minicom. + N is the serial port number, + starting from zero. This means that + COM1 is + /dev/cuau0 or + /dev/cuad0 in &os;. + + Additional programs are available through the Ports + Collection, such as *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Tue May 6 20:54:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 174C8E44; Tue, 6 May 2014 20:54:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 04165268; Tue, 6 May 2014 20:54:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s46KsfvK027620; Tue, 6 May 2014 20:54:41 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s46Ksfks027619; Tue, 6 May 2014 20:54:41 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405062054.s46Ksfks027619@svn.freebsd.org> From: Dru Lavigne Date: Tue, 6 May 2014 20:54:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44782 - head/en_US.ISO8859-1/books/handbook/serialcomms X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2014 20:54:42 -0000 Author: dru Date: Tue May 6 20:54:41 2014 New Revision: 44782 URL: http://svnweb.freebsd.org/changeset/doc/44782 Log: Fix cuau/cuad explanation. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Tue May 6 20:34:49 2014 (r44781) +++ head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Tue May 6 20:54:41 2014 (r44782) @@ -705,9 +705,9 @@ with the device name of the connected serial port. These device files are called /dev/cuauN - on &os; versions 8.x and lower and + on &os; versions 10.x and higher and /dev/cuadN - on &os; versions 9.x and higher. In either case, + on &os; versions 9.x and lower. In either case, N is the serial port number, starting from zero. This means that COM1 is From owner-svn-doc-all@FreeBSD.ORG Wed May 7 03:09:35 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D73B7617; Wed, 7 May 2014 03:09:34 +0000 (UTC) Received: from dmz-mailsec-scanner-6.mit.edu (dmz-mailsec-scanner-6.mit.edu [18.7.68.35]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DDF5C6AC; Wed, 7 May 2014 03:09:33 +0000 (UTC) X-AuditID: 12074423-f79916d000000c54-1b-5369a3e58c9f Received: from mailhub-auth-4.mit.edu ( [18.7.62.39]) (using TLS with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-6.mit.edu (Symantec Messaging Gateway) with SMTP id 7C.5B.03156.5E3A9635; Tue, 6 May 2014 23:09:26 -0400 (EDT) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id s4739Ogi019622; Tue, 6 May 2014 23:09:25 -0400 Received: from multics.mit.edu (system-low-sipb.mit.edu [18.187.2.37]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id s4739MiE021703 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 6 May 2014 23:09:24 -0400 Received: (from kaduk@localhost) by multics.mit.edu (8.12.9.20060308) id s4739LGj028190; Tue, 6 May 2014 23:09:21 -0400 (EDT) Date: Tue, 6 May 2014 23:09:21 -0400 (EDT) From: Benjamin Kaduk To: Dru Lavigne Subject: Re: svn commit: r44734 - head/en_US.ISO8859-1/books/handbook/cutting-edge In-Reply-To: <201405011850.s41Iojk5091857@svn.freebsd.org> Message-ID: References: <201405011850.s41Iojk5091857@svn.freebsd.org> User-Agent: Alpine 1.10 (GSO 962 2008-03-14) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrEIsWRmVeSWpSXmKPExsUixG6nrvtscWawQV+6xY+Ph5gsuppULfYs /81ocWPRfiaL3f29zA6sHjM+zWcJYIzisklJzcksSy3St0vgylh1po214KxyxeudTYwNjA9l uhg5OSQETCTaTncwQ9hiEhfurWfrYuTiEBKYzSRxetpbKGcDo8SMnpNMEM5BJokX//6wdDFy ADn1ErNXKoF0swhoSTxc0c4GYrMJqEjMfLMRzBYRUJR4+nUvI0g5s0C2xMnrISBhYYEQiY8r ZzCC2JwCVhK7T2xhAinhFXCQmDiFHyQsJGAp8b53OyuILSqgI7F6/xQWEJtXQFDi5MwnYDYz UM25P9fZJjAKzkKSmoUktYCRaRWjbEpulW5uYmZOcWqybnFyYl5eapGumV5uZoleakrpJkZw 0Loo72D8c1DpEKMAB6MSD2/Hi4xgIdbEsuLK3EOMkhxMSqK8lT2ZwUJ8SfkplRmJxRnxRaU5 qcWHGCU4mJVEeG/qAuV4UxIrq1KL8mFS0hwsSuK8b62tgoUE0hNLUrNTUwtSi2CyMhwcShK8 E4DRKSRYlJqeWpGWmVOCkGbi4AQZzgM0nAmkhre4IDG3ODMdIn+KUVFKnDdqEVBCACSRUZoH 1wtLKq8YxYFeEeZ1BWnnASYkuO5XQIOZgAZzGaeDDC5JREhJNTBu/mmc5f9qok9Wqo1+QPYX yffuHEt37mYzLfA+H6DGu/tsWvhWN9HcndxLeA0jNW0LVv4ze8wh5rz2V7vGU/Melne/ljHU Kb9vCHhXXXNJaWHp3pAtDwXun6pMT+zXrjVVkwxvWi87l687Q4bTtPzy26BFTBf28qnOmBW+ K8vnYf37m1ZOH5RYijMSDbWYi4oTAblHM9cFAwAA Cc: svn-doc-head@freebsd.org, svn-doc-all@freebsd.org, doc-committers@freebsd.org, imp@freebsd.org X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 May 2014 03:09:35 -0000 Warner, can you please double-check the facts about make variables? I am not confident I have the new world order correct. On Thu, 1 May 2014, Dru Lavigne wrote: > > Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml > ============================================================================== > --- head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Thu May 1 18:12:22 2014 (r44733) > +++ head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Thu May 1 18:50:44 2014 (r44734) > @@ -1396,6 +1396,25 @@ before running "/usr/sbin/freebsd-update > sequence described in > the following procedure. > > + > + It is a good idea to save the output from running > + make to a file. If something goes wrong, a copy of > + the error message can be posted to one of the &os; mailing > + lists. > + > + The easiest way to do this is to use script with a > + parameter that specifies the name of the file to save all > + output to. Do not save the output to > + /tmp as this directory may be cleared at > + next reboot. A better place to save the file is > + /var/tmp. Run this command immediately before rebuilding > + the world, and then type exit when the > + process has finished: > + > + &prompt.root; script /var/tmp/mw.out > +Script started, output file is /var/tmp/mw.out > + > + (I mentioned on IRC that this could be "script /var/tmp/mw.out make buildworld", but only on BSD boxes -- Linux's script(1) has a different syntax. This is more portable as-is, so I don't think we should change it.) > @@ -1597,140 +1620,70 @@ before running "/usr/sbin/freebsd-update > behavior of the Makefile is controlled by > - these variables. These are the same variables as are set in > - /etc/make.conf, and this provides > - another way of setting them. For example: > + variables. These can either be set in > + /etc/make.conf or they can be specified I think we must also mention /etc/src.conf here, in the file entitled "makeworld". > + when using make. For example, this > + variable specifies that profiled libraries > + should not be built: > > &prompt.root; make -DNO_PROFILE target Using the NO_FOO form of variables is highly deprecated at this point, at least in HEAD. (I think we're trying to deprecate it on the other branches, too.) While reviewing some of Warner's commits to look at the current state of things, I saw a comment in src.opts.mk that "Old instances [of NO_FOO] should be removed since they were just to bridge the gap between FreeBSD 4 and FreeBSD 5." The normal way to disable the building of profiled libraries would be to set WITHOUT_PROFILE in /etc/src.conf; I think that -DWITHOUT_PROFILE on the command line should also work, but would like confirmation from Warner. > - is another way of specifying that profiled libraries > - should not be built, and corresponds with the > + It corresponds with this setting in > + /etc/make.conf: > > NO_PROFILE= true # Avoid compiling profiled libraries (Per the above, this is WITHOUT_PROFILE=true in /etc/src.conf. Maybe we should note that it doesn't matter if it's set to true or false of arglebarglepants; the fact that it's set is the only thing that matters. The inverse of WITHOUT_PROFILE is setting WITH_PROFILE explicitly.) > - line in /etc/make.conf. > - [...] > - On a multi-CPU machine using an SMP configured kernel, try > - values between 6 and 10 and see how they speed things > + &prompt.root; make -j4 buildworld > + > + On a multi-CPU machine, try > + values between 6 and 10 to see how they speed things -j10 is suboptimal on a 32-core machine, surely. The last advice I remember seeing on the mailing lists was that the limit was about 1.5 times the number of cores. -Ben > up. > > From owner-svn-doc-all@FreeBSD.ORG Wed May 7 14:02:30 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 31D357D8; Wed, 7 May 2014 14:02:30 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 13089C3E; Wed, 7 May 2014 14:02:30 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s47E2TNo098573; Wed, 7 May 2014 14:02:29 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s47E2TVw098572; Wed, 7 May 2014 14:02:29 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405071402.s47E2TVw098572@svn.freebsd.org> From: Dru Lavigne Date: Wed, 7 May 2014 14:02:29 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44783 - head/en_US.ISO8859-1/books/handbook/x11 X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 May 2014 14:02:30 -0000 Author: dru Date: Wed May 7 14:02:29 2014 New Revision: 44783 URL: http://svnweb.freebsd.org/changeset/doc/44783 Log: Insert missing "exec"s. Submitted by: bjk Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/x11/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/x11/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/x11/chapter.xml Tue May 6 20:54:41 2014 (r44782) +++ head/en_US.ISO8859-1/books/handbook/x11/chapter.xml Wed May 7 14:02:29 2014 (r44783) @@ -1063,14 +1063,14 @@ DisplayManager.requestPort: 0/usr/local/bin/gnome-session. If this file does not exist, create it with this command: - &prompt.user; echo "/usr/local/bin/gnome-session" > ~/.xinitrc + &prompt.user; echo "exec /usr/local/bin/gnome-session" > ~/.xinitrc A third method is to use XDM as the display manager. In this case, create an executable ~/.xsession: &prompt.user; echo "#!/bin/sh" > ~/.xsession -&prompt.user; echo "/usr/local/bin/gnome-session" >> ~/.xsession +&prompt.user; echo "exec /usr/local/bin/gnome-session" >> ~/.xsession &prompt.user; chmod +x ~/.xsession               @@ -1138,7 +1138,7 @@ DisplayManager.requestPort: 0 &prompt.user; echo "#!/bin/sh" > ~/.xsession -&prompt.user; echo "/usr/local/kde4/bin/startkde" >> ~/.xsession +&prompt.user; echo "exec /usr/local/kde4/bin/startkde" >> ~/.xsession &prompt.user; chmod +x ~/.xsession Once KDE is started, refer to @@ -1178,14 +1178,14 @@ DisplayManager.requestPort: 0startx, first add its entry to ~/.xinitrc: - &prompt.user; echo "/usr/local/bin/startxfce4" > ~/.xinitrc + &prompt.user; echo "exec /usr/local/bin/startxfce4" > ~/.xinitrc An alternate method is to use XDM. To configure this method, create an executable ~/.xsession: &prompt.user; echo "#!/bin/sh" > ~/.xsession -&prompt.user; echo "/usr/local/bin/startxfce4" >> ~/.xsession +&prompt.user; echo "exec /usr/local/bin/startxfce4" >> ~/.xsession &prompt.user; chmod +x ~/.xsession From owner-svn-doc-all@FreeBSD.ORG Wed May 7 15:22:52 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8A21AC45; Wed, 7 May 2014 15:22:52 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 769A76D7; Wed, 7 May 2014 15:22:52 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s47FMqox034401; Wed, 7 May 2014 15:22:52 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s47FMqdV034400; Wed, 7 May 2014 15:22:52 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405071522.s47FMqdV034400@svn.freebsd.org> From: Dru Lavigne Date: Wed, 7 May 2014 15:22:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44784 - head/en_US.ISO8859-1/books/handbook/serialcomms X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 May 2014 15:22:52 -0000 Author: dru Date: Wed May 7 15:22:51 2014 New Revision: 44784 URL: http://svnweb.freebsd.org/changeset/doc/44784 Log: Editorial review of Serial Terminology and Hardware. Move signal name table into this section. Add xml ids to the tables in this section. More commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Wed May 7 14:02:29 2014 (r44783) +++ head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Wed May 7 15:22:51 2014 (r44784) @@ -88,28 +88,28 @@ Data Communications EquipmentDCE (DTE) is the other endpoint in a - serial communication. Typically, it is a modem. + serial communication. Typically, it is a modem or serial + terminal. - RS-232 + RS-232 The original standard which defined hardware serial communications. It has since been renamed to - TIA-232RS-232C - cables. + TIA-232. - When talking about communications data rates, this section - does not use the term baud. Baud refers to the - number of electrical state transitions that may be made in a + When referring to communication data rates, this section + does not use the term baud. Baud refers to the + number of electrical state transitions made in a period of time, while bps is the - correct term to use. + correct term to use. - To connect a modem or serial terminal to a &os; system, a + To connect a serial terminal to a &os; system, a serial port on the computer and the proper cable to connect to the serial device are needed. Users who are already familiar with serial hardware and cabling can safely skip this @@ -120,30 +120,98 @@ There are several different kinds of serial cables. The two most common types are null-modem cables and standard - RS-232 cables. The documentation for the hardware should + RS-232 cables. The documentation for the hardware should describe the type of cable required. + These two types of cables differ in how the wires are + connected to the connector. Each wire represents a signal, + with the defined signals summarized in . A standard serial + cable passes all of the RS-232C signals + straight through. For example, the Transmitted Data pin on + one end of the cable goes to the Transmitted + Data pin on the other end. This is the type of + cable used to connect a modem to the &os; system, and is also + appropriate for some terminals. + + A null-modem cable + switches the Transmitted Data pin of the + connector on one end with the Received + Data pin on the other end. The connector can be + either a DB-25 or a + DB-9. + + A null-modem cable can be constructed + using the pin connections summarized in , , and . While the standard + calls for a straight-through pin 1 to pin 1 + Protective Ground line, it is often + omitted. Some terminals work using only pins 2, 3, and 7, + while others require different configurations. When in doubt, + refer to the documentation for the hardware. + null-modem cable - A null-modem cable passes some signals, such as - Signal Ground, straight through, but switches - other signals. For example, the Transmitted - Data pin on one end goes to the Received - Data pin on the other end. - - A null-modem cable can be constructed for use with - terminals. The following table shows the RS-232C signal names and - the pin numbers on a DB-25 connector. While the standard - calls for a straight-through pin 1 to pin 1 - Protective Ground line, it is often - omitted. Some terminals work using only pins 2, 3, and 7, - while others require different configurations than the - examples shown below. + + <acronym>RS-232C</acronym> Signal Names -
              + + + + Acronyms + Names + + + + + + RD + Received Data + + + + TD + Transmitted Data + + + + DTR + Data Terminal Ready + + + + DSR + Data Set Ready + + + + DCD + Data Carrier Detect + + + + SG + Signal Ground + + + + RTS + Request to Send + + + + CTS + Clear to Send + + + +
              + + DB-25 to DB-25 Null-Modem Cable @@ -151,7 +219,7 @@ Signal Pin # - + Pin # Signal @@ -233,9 +301,7 @@
              - The next two tables show two other common schemes. - - +
              DB-9 to DB-9 Null-Modem Cable @@ -243,7 +309,7 @@ Signal Pin # - + Pin # Signal @@ -325,7 +391,7 @@
              - +
              DB-9 to DB-25 Null-Modem Cable @@ -333,7 +399,7 @@ Signal Pin # - + Pin # Signal @@ -422,34 +488,17 @@ to the other single pin. - The above designs seem to be the most popular. In - another variation, SG connects to SG, TD connects to RD, RTS - and CTS connect to DCD, DTR connects to DSR, and - vice-versa. - - RS-232C cables - - A standard serial cable passes all of the RS-232C signals - straight through. The Transmitted Data pin on - one end of the cable goes to the Transmitted - Data pin on the other end. This is the type of - cable used to connect a modem to the &os; system, and is also - appropriate for some terminals. - Serial ports are the devices through which data is transferred between the &os; host computer and the terminal. - This section describes the kinds of ports that exist and how - they are addressed in &os;. - - Several kinds of serial ports exist. Before purchasing or + Several kinds of serial ports exist. Before purchasing or constructing a cable, make sure it will fit the ports on the terminal and on the &os; system. - Most terminals have DB-25 ports. Personal computers may - have DB-25 or DB-9 ports. A multiport serial card may have - RJ-12 or RJ-45 ports. - - See the documentation that accompanied the hardware for + Most terminals have DB-25 ports. Personal computers may + have DB-25 or DB-9 + ports. A multiport serial card may have + RJ-12 or RJ-45/ ports. + See the documentation that accompanied the hardware for specifications on the kind of port or visually verify the type of port. @@ -462,28 +511,29 @@ Call-in ports are named /dev/ttyuN where N is the port number, - starting from zero. Generally, the call-in port is used + starting from zero. If a terminal is connected to the + first serial port (COM1), use + /dev/ttyu0 to refer to the terminal. + If the terminal is on the second serial port + (COM2), use + /dev/ttyu1, and so forth. Generally, the call-in port is used for terminals. Call-in ports require that the serial line - assert the Data Carrier Detect (DCD) + assert the Data Carrier Detect signal to work correctly. Call-out ports are named - /dev/cuauN. + /dev/cuauN + on &os; versions 10.x and higher and + /dev/cuadN + on &os; versions 9.x and lower. Call-out ports are usually not used for terminals, but are used for modems. The call-out port can be used if the - serial cable or the terminal does not support the carrier - detect signal. + serial cable or the terminal does not support the Data Carrier Detect + signal. - - If a terminal is connected to the first serial port - (COM1), use - /dev/ttyu0 to refer to the terminal. If - the terminal is on the second serial port - (COM2), use - /dev/ttyu1, and so forth. @@ -1066,64 +1116,7 @@ ttyu5 "/usr/libexec/getty std.19200" modem When using an external modem, a proper cable is needed. A - standard RS-232C serial cable should suffice as long as all of - the normal signals are wired: - -
              - Signal Names - - - - - Acronyms - Names - - - - - - RD - Received Data - - - - TD - Transmitted Data - - - - DTR - Data Terminal Ready - - - - DSR - Data Set Ready - - - - DCD - Data Carrier Detect (RS-232's Received Line - Signal Detector) - - - - SG - Signal Ground - - - - RTS - Request to Send - - - - CTS - Clear to Send - - - -
              + standard RS-232C serial cable should suffice.               &os; needs the RTS and CTS signals for flow control at speeds From owner-svn-doc-all@FreeBSD.ORG Wed May 7 16:22:53 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6588E704; Wed, 7 May 2014 16:22:53 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 46878D71; Wed, 7 May 2014 16:22:53 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s47GMr9H061022; Wed, 7 May 2014 16:22:53 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s47GMrhc061021; Wed, 7 May 2014 16:22:53 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405071622.s47GMrhc061021@svn.freebsd.org> From: Dru Lavigne Date: Wed, 7 May 2014 16:22:53 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44785 - head/en_US.ISO8859-1/books/handbook/serialcomms X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 May 2014 16:22:53 -0000 Author: dru Date: Wed May 7 16:22:52 2014 New Revision: 44785 URL: http://svnweb.freebsd.org/changeset/doc/44785 Log: Editorial review of Serial Port Configuration. Minor shuffling to remove redundancy. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Wed May 7 15:22:51 2014 (r44784) +++ head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Wed May 7 16:22:52 2014 (r44785) @@ -534,68 +534,19 @@ signal. - - - - Kernel Configuration - - &os; supports four serial ports by default. In the - &ms-dos; world, these are known as COM1, - COM2, COM3, and - COM4. &os; currently supports - dumb multiport serial interface cards, such as - the BocaBoard 1008 and 2016, as well as more intelligent - multi-port cards such as those made by Digiboard and Stallion - Technologies. However, the default kernel only looks for the - standard COM ports. - - To see if the kernel recognizes the serial ports, watch - for messages while the kernel is booting, or use - /sbin/dmesg to replay the kernel's boot - messages. Look for messages that start with the characters - uart: - &prompt.root; /sbin/dmesg | grep 'uart' - - If the kernel does not recognize all of the serial ports, - configure /boot/device.hints. When - editing this file, one can comment out or completely remove - lines for devices that do not exist on the system. - - - port IO_COM1 is a substitution for - port 0x3f8, IO_COM2 is - 0x2f8, IO_COM3 is - 0x3e8, and IO_COM4 is - 0x2e8. These are fairly common port - addresses for their respective serial ports and interrupts - 4, 3, 5, and 9 are fairly common interrupt request lines. - Regular serial ports cannot share - interrupts on ISA-bus PCs. Multiport boards have on-board - electronics that allow all the 16550A's on the board to - share one or two interrupt request lines. - - - - - Device Special Files - - Most devices in the kernel are accessed through - device special files which are located in - /dev. The - sio devices are accessed through the - /dev/ttyuN - (dial-in) and - /dev/cuauN - (call-out) devices. &os; also provides initialization + &os; also provides initialization devices - (/dev/ttyuN.init - and - /dev/cuauN.init) + (/dev/ttyuN.init and + /dev/cuauN.init + or + /dev/cuadN.init) and locking devices (/dev/ttyuN.lock and - /dev/cuauN.lock). + /dev/cuauN.lock + or + /dev/cuadN.lock). The initialization devices are used to initialize communications port parameters each time a port is opened, such as crtscts for modems which use @@ -607,28 +558,56 @@ devices, and setting terminal options, respectively. - Serial Port Configuration + By default, &os; supports four serial ports which are + commonly known as COM1, + COM2, COM3, and + COM4. &os; also supports + dumb multi-port serial interface cards, such as + the BocaBoard 1008 and 2016, as well as more intelligent + multi-port cards such as those made by Digiboard. However, + the default kernel only looks for the + standard COM ports. + + To see if the system recognizes the serial ports, look for + system boot messages that start with + uart: + + &prompt.root; grep uart /var/run/dmesg.boot + + If the system does not recognize all of the needed serial ports, + additional entries can be added to + /boot/device.hints. This file already + contains hint.uart.0.* entries for + COM1 and hint.uart.1.* entries + for COM2. When adding a port entry for + COM3 use + 0x3E8, and for COM4 use + 0x2E8. Common IRQ addresses + are 5 for COM3 and + 9 for COM4. + ttyu cuau - The - ttyuN (or - cuauN) - is the regular device to open for applications. When a - process opens the device, it will have a default set of - terminal I/O settings. These settings can be viewed with the - command: + To determine the default set of terminal + I/O settings used by the port, specify its + device name. This example determines the settings for the + call-in port on COM2: - &prompt.root; stty -a -f /dev/ttyu1 + &prompt.root; stty -a -f /dev/ttyu1 - When the settings are changed for a device, the settings - are in effect until the device is closed. When the device is + System-wide initialization of serial devices is + controlled by /etc/rc.d/serial. This + file affects the default settings of serial devices. To + change the settings for a device, use stty. + By default, the changed settings + are in effect until the device is closed and when the device is reopened, it goes back to the default set. To permanently change the default set, open and adjust the settings of the - initial state device. For example, to turn on + initialization device. For example, to turn on mode, 8 bit communication, and flow control for ttyu5, type: @@ -640,24 +619,16 @@ rc.serial - System-wide initialization of serial devices is - controlled by /etc/rc.d/serial. This - file affects the default settings of serial devices. - To prevent certain settings from being changed by an - application, make adjustments to the lock state + application, make adjustments to the locking device. For example, to lock the speed of ttyu5 to 57600 bps, type: &prompt.root; stty -f /dev/ttyu5.lock 57600 - Now, an application that opens + Now, any application that opens ttyu5 and tries to change the speed of the port will be stuck with 57600 bps. - - The initial state and lock state devices should only be - writable by root. From owner-svn-doc-all@FreeBSD.ORG Wed May 7 17:57:58 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C4977BA for ; Wed, 7 May 2014 17:57:58 +0000 (UTC) Received: from mail-pd0-f180.google.com (mail-pd0-f180.google.com [209.85.192.180]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 912438F7 for ; Wed, 7 May 2014 17:57:58 +0000 (UTC) Received: by mail-pd0-f180.google.com with SMTP id y10so1357238pdj.11 for ; Wed, 07 May 2014 10:57:52 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:sender:content-type:mime-version:subject:from :in-reply-to:date:cc:message-id:references:to; bh=ZNTTQl98f3/T4bhR9IMFnZykoju+kW9SL6hpqpazbK8=; b=B1QV4X7bNf3TJ+qbuIHShsm3cyu4zKXPanilgrGELZHaoxzalqyJEA8b4iq/QD30zY b7ZPYGSLDNSGCERCyYwZa3DfiBqtuqpj5g9XoPV9cyJ1LD17RJNqCpHIhN2EGJixFMwb pQDndmPTtnUj+fzmTT43KDK+nMD6qzZAem4U97BDQmdBnBUBP6OMMs+QSq8yCuj8JQQ6 YFfJvkEJuXOITk4u1COuLjs4We3LKm+LoKasub3l21DpjRGlvbD5rpDfTp7Ms5PywADg iilWZnvmvN5jf5p8n4zYZWw5FeVtYhd8lN2AVFgHbVzVJTTgdCVKMlgAE8Q3TH1v9Uc3 0shA== X-Gm-Message-State: ALoCoQmrlHUq7l6OqNKa32GKcR3L7CF6OYR/yaWOlO+7BFvBqIaKYG4XBsH0k+p97W0Ut8b9l91p X-Received: by 10.66.216.137 with SMTP id oq9mr21333165pac.97.1399485472333; Wed, 07 May 2014 10:57:52 -0700 (PDT) Received: from bsdimp.corp.netflix.com ([69.53.237.72]) by mx.google.com with ESMTPSA id yq4sm117159735pab.34.2014.05.07.10.57.50 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 07 May 2014 10:57:51 -0700 (PDT) Sender: Warner Losh Content-Type: multipart/signed; boundary="Apple-Mail=_128A5961-6794-45E7-B6E4-2B0BD890579C"; protocol="application/pgp-signature"; micalg=pgp-sha512 Mime-Version: 1.0 (Mac OS X Mail 7.2 \(1874\)) Subject: Re: svn commit: r44734 - head/en_US.ISO8859-1/books/handbook/cutting-edge From: Warner Losh In-Reply-To: Date: Wed, 7 May 2014 10:57:49 -0700 Message-Id: <4D3E993B-0C34-40AB-B0B3-7D1C900B862A@bsdimp.com> References: <201405011850.s41Iojk5091857@svn.freebsd.org> To: Benjamin Kaduk X-Mailer: Apple Mail (2.1874) Cc: svn-doc-head@freebsd.org, Dru Lavigne , svn-doc-all@freebsd.org, doc-committers@freebsd.org, Warner Losh X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 May 2014 17:57:58 -0000 --Apple-Mail=_128A5961-6794-45E7-B6E4-2B0BD890579C Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=windows-1252 On May 6, 2014, at 9:09 PM, Benjamin Kaduk wrote: > Warner, can you please double-check the facts about make variables? > I am not confident I have the new world order correct. >=20 > On Thu, 1 May 2014, Dru Lavigne wrote: >=20 >>=20 >> Modified: = head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml >> = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D >> --- head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml = Thu May 1 18:12:22 2014 (r44733) >> +++ head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml = Thu May 1 18:50:44 2014 (r44734) >> @@ -1396,6 +1396,25 @@ before running "/usr/sbin/freebsd-update >> sequence described in >> the following procedure.               >>=20 >> + >> + It is a good idea to save the output from running >> + make to a file. If something goes wrong, a = copy of >> + the error message can be posted to one of the &os; mailing >> + lists. >> + >> + The easiest way to do this is to use = script with a >> + parameter that specifies the name of the file to save all >> + output to. Do not save the output to >> + /tmp as this directory may be cleared at >> + next reboot. A better place to save the file is >> + /var/tmp. Run this command immediately = before rebuilding >> + the world, and then type exit when the >> + process has finished: >> + >> + &prompt.root; script = /var/tmp/mw.out >> +Script started, output file is /var/tmp/mw.out >> + >> + >=20 > (I mentioned on IRC that this could be "script /var/tmp/mw.out make = buildworld", but only on BSD boxes -- Linux's script(1) has a different = syntax. This is more portable as-is, so I don't think we should change = it.) make buildworld |& tee foo.log is what I use, but that=92s csh/tcsh syntax and only catches one = command. when I have to do multiples, I=92ll add -a to the tee command. = Sometimes I use emacs=92 shell to get the same effect. >> @@ -1597,140 +1620,70 @@ before running "/usr/sbin/freebsd-update >> behavior of the Makefile is controlled by >> - these variables. These are the same variables as are set in >> - /etc/make.conf, and this provides >> - another way of setting them. For example: >> + variables. These can either be set in >> + /etc/make.conf or they can be specified >=20 > I think we must also mention /etc/src.conf here, in the file entitled = "make world=94. src.conf is used for all builds in /usr/src (no matter where /usr/src is = located). If you are building things like ls from hand, you=92ll need to = also define MAKESYSPATH to be/have =93=85/share/mk=94 in it. >> + when using make. For example, this >> + variable specifies that profiled libraries >> + should not be built: >>=20 >> &prompt.root; make -DNO_PROFILE = target >=20 > Using the NO_FOO form of variables is highly deprecated at this point, = at least in HEAD. (I think we're trying to deprecate it on the other = branches, too.) While reviewing some of Warner's commits to look at the = current state of things, I saw a comment in src.opts.mk that "Old = instances [of NO_FOO] should be removed since they were just to bridge = the gap between FreeBSD 4 and FreeBSD 5." The normal way to disable the = building of profiled libraries would be to set WITHOUT_PROFILE in = /etc/src.conf; I think that -DWITHOUT_PROFILE on the command line should = also work, but would like confirmation from Warner. In 11 and forward, his is correct. Set WITHOUT_PROFILE=3Dyes somewhere = and all profiling is disabled. In some rare cases you may need to set = MK_PROFILE=3Dno. This replaces the NO_FOO syntax that was supposed to be = a stop-gap measure between 4 and 5, but the gap never stopped. NO_FOO is = limited to CTF, DEBUG_FILES, INSTALLLIB, MAN and profile, and so was = irregular with the rest of things. A few more NO items may be added to = the list in my next round of changes, but that=92s likely a ways away. WITHOUT_PROFILE should work in 10 and earlier too, but that should be = tested. I don=92t plan on MFCing the NO_foo deprecation warning, and in = fact realize that it is premature in head. >> - is another way of specifying that profiled libraries >> - should not be built, and corresponds with the >> + It corresponds with this setting in >> + /etc/make.conf: >>=20 >> NO_PROFILE=3D true # Avoid compiling = profiled libraries >=20 > (Per the above, this is WITHOUT_PROFILE=3Dtrue in /etc/src.conf. = Maybe we should note that it doesn't matter if it's set to true or false = of arglebarglepants; the fact that it's set is the only thing that = matters. The inverse of WITHOUT_PROFILE is setting WITH_PROFILE = explicitly.) Yes. >> - line in /etc/make.conf. >> - > [...] >> - On a multi-CPU machine using an SMP configured kernel, = try >> - values between 6 and 10 and see how they speed things >> + &prompt.root; make -j4 = buildworld >> + >> + On a multi-CPU machine, try >> + values between 6 and 10 to = see how they speed things >=20 > -j10 is suboptimal on a 32-core machine, surely. The last advice I = remember seeing on the mailing lists was that the limit was about 1.5 = times the number of cores. Somewhere between 1.5x and 2.0x is where we saturate. 10 used to be a = very optimistic number, in that the typical parallelism rarely got above = 5 jobs running at any time. Now, however, running around #CPUs jobs = tends to approach optimal, although some small but worthwhile gains can = be had at 1.5 to 2.0 times the number of CPUs, especially if hyper = threading is disabled. However, this massive parallelism is relatively = recent, and problems exist starting in the -j 15-20 range and getting = really bad in the 30 and up range. I=92ll be hacking a bit in this area for some time to come, so maybe it = would be good to do a review when I=92m done? Warner > -Ben >=20 >> up. >>=20 >> --Apple-Mail=_128A5961-6794-45E7-B6E4-2B0BD890579C Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJTanQeAAoJEGwc0Sh9sBEAgQoQAKNQfLWnfCYdMhi2rTYsUl3A 0ZJN8H0P+VlMYBDB5Kgs+SykFo4VL3urA11Fpjsb3Lqscq48JKTvjhhndrlOHWD1 IFnhNDcAWQell5WA4tVfjjHn7j4zSdKsWdaV+e3B3Ipy/udrX+HhtqwAz/9LLP52 fEzYVYNbNjitc6NCKX8AW+DOKzya3pN6JBVWI6o1LbPaoZr5fMROxNpdqy7r0L3T GXcwbcEC6Oe+aYP0q8uud4mQSY/29WoT3DDzZBjmybfDF1H0VWjfH/dbMTfrygwi 0+wdje+CBbbEXxvhdDhvHU/AmJXTFAOgkHmySdH8SOf6TmEAhb379NWhnB9kqOIh ye3oAGsveVK0ePjPgMtliEXPkTRFPKLrKkBS7exNjABevco1pVy/Xc18wbI8d65h D2kHWNvIMGhqQ2O94Ts0Qsa3xE1G7kOq0E0Xwpt5IsM07i+VwPBBnF5K4Tmz7ImJ ITKUMhzEWpP1jt02Wn4FDUHXOFT3pRSmN/MrvgE6ayKL2tGHw6HoxSuOj8KFjRXB JWXejCCenk4arl9KQ80FWQfXEE90Ta2W6MGuRZjgYVEDwTe4LeJCcPkik5fuRanO iWlSrMbufvV6PLb6MD391QCJ5cvYAsLoAvpLrWk79xDI44xjzOF3XBzRbONWj0pk v55FogfRUg7u0uS2Bm2F =6SQ+ -----END PGP SIGNATURE----- --Apple-Mail=_128A5961-6794-45E7-B6E4-2B0BD890579C-- From owner-svn-doc-all@FreeBSD.ORG Wed May 7 18:12:22 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8D4CD7A6; Wed, 7 May 2014 18:12:22 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5F47CA9E; Wed, 7 May 2014 18:12:22 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s47ICM3O010441; Wed, 7 May 2014 18:12:22 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s47ICMpD010440; Wed, 7 May 2014 18:12:22 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405071812.s47ICMpD010440@svn.freebsd.org> From: Dru Lavigne Date: Wed, 7 May 2014 18:12:22 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44786 - head/en_US.ISO8859-1/books/handbook/serialcomms X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 May 2014 18:12:22 -0000 Author: dru Date: Wed May 7 18:12:21 2014 New Revision: 44786 URL: http://svnweb.freebsd.org/changeset/doc/44786 Log: Finish editorial review of Terminals. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Wed May 7 16:22:52 2014 (r44785) +++ head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Wed May 7 18:12:21 2014 (r44786) @@ -758,171 +758,112 @@ - Configuration + Terminal Configuration This section describes how to configure a &os; system to - enable a login session on a terminal. It assumes that the - kernel is configured to support the serial port to which the + enable a login session on a serial terminal. It assumes that the + system recognizes the serial port to which the terminal is connected and that the terminal is - connected. + connected with the correct cable. - The init process is responsible for all - process control and initialization at system startup. One of - the tasks performed by init is to read - /etc/ttys and start a + In &os;, init reads + /etc/ttys and starts a getty process on the available terminals. The getty process is responsible for reading a login name and starting the login - program. - - To configure terminals for a &os; system, the following - steps should be taken as root: - - - - Add a line to /etc/ttys for the - entry in /dev for the serial port if - it is not already there. - - - - Specify that /usr/libexec/getty - be run on the port, and specify the appropriate - getty type from - /etc/gettytab. - - - - Specify the default terminal type. - - - - Set the port to on. - - - - Specify whether the port should be - secure. - - - - Force init to reread - /etc/ttys. - - - - As an optional step, create a custom - getty type for use in step 2 by - making an entry in /etc/gettytab. For - more information, refer to &man.gettytab.5; and - &man.getty.8;. - - - Adding an Entry to - <filename>/etc/ttys</filename> - - /etc/ttys lists all of the ports - on the &os; system which allow logins. For example, the - first virtual console, ttyv0, has an - entry in this file, allowing logins on the console. This - file also contains entries for the other virtual consoles, - serial ports, and pseudo-ttys. For a hardwired terminal, - list the serial port's /dev entry - without the /dev part. For example, - /dev/ttyv0 would be listed as - ttyv0. - - A default &os; install includes an - /etc/ttys with support for the first - four serial ports: ttyu0 through - ttyu3. When attaching a terminal to - one of those ports, this file does not need to be - edited. - - - Adding Terminal Entries to - <filename>/etc/ttys</filename> - - This example configures two terminals: a Wyse-50 and - an old 286 IBM PC running + program. The ports on the &os; system which allow logins are + listed in /etc/ttys. For example, the + first virtual console, ttyv0, has an + entry in this file, allowing logins on the console. This + file also contains entries for the other virtual consoles, + serial ports, and pseudo-ttys. For a hardwired terminal, + the serial port's /dev entry is listed + without the /dev part. For example, + /dev/ttyv0 is listed as + ttyv0. + + The default + /etc/ttys configures support for the first + four serial ports, ttyu0 through + ttyu3: + + ttyu0 "/usr/libexec/getty std.9600" dialup off secure +ttyu1 "/usr/libexec/getty std.9600" dialup off secure +ttyu2 "/usr/libexec/getty std.9600" dialup off secure +ttyu3 "/usr/libexec/getty std.9600" dialup off secure + + When attaching a terminal to + one of those ports, modify the default entry to set the + required speed and terminal type, to turn the device + on and, if needed, to change the port's + secure setting. If the terminal is + connected to another port, add an entry for the port. + + configures two + terminals in /etc/ttys. The first + entry configures a Wyse-50 + connected to COM2. The second entry + configures an old computer running Procomm terminal software - emulating a VT-100 terminal. The Wyse is connected to the - second serial port and the 286 to the sixth serial port on - a multiport serial card. The corresponding entries in - /etc/ttys would look like - this: + emulating a VT-100 terminal. The computer is connected + to the sixth serial port on + a multi-port serial card. + + + Configuring Terminal Entries ttyu1 "/usr/libexec/getty std.38400" wy50 on insecure ttyu5 "/usr/libexec/getty std.19200" vt100 on insecure - The first field normally specifies the name of - the terminal special file as it is found in - /dev. + The first field specifies the device name of + the serial terminal. - The second field is the command to execute for - this line, which is usually &man.getty.8;. - getty initializes and opens the - line, sets the speed, prompts for a user name, and - then executes &man.login.1;. - - The getty program accepts one - (optional) parameter on its command line, the - getty type. A - getty type configures + The second field tells + getty to initialize and open the + line, set the line speed, prompt for a user name, and + then execute the login program. The optional + getty type configures characteristics on the terminal line, like - bps rate and parity. - getty reads these characteristics - from /etc/gettytab. - - /etc/gettytab contains many - entries for terminal lines, both old and new. In - almost all cases, the entries that start with the - text std will work for hardwired + bps rate and parity. The available + getty types are listed in + /etc/gettytab. In + almost all cases, the getty types that start with + std will work for hardwired terminals as these entries ignore parity. There is a std entry for each - bps rate from 110 to 115200. - &man.gettytab.5; provides more information. - - When setting the getty - type in /etc/ttys, make sure - that the communications settings on the terminal - match. + bps rate from 110 to 115200. Refer to + &man.gettytab.5; for more information. - For this example, the Wyse-50 uses no parity and - connects at 38400 bps. The 286 PC uses no + When setting the getty + type, make sure to match + the communications settings used by the terminal. For + this example, the Wyse-50 uses no parity and + connects at 38400 bps. The computer uses no parity and connects at 19200 bps. - The third field is the type of terminal usually - connected to that terminal line. For dial-up ports, + The third field is the type of terminal. For dial-up ports, unknown or dialup is typically used since users may dial up with practically any type of terminal or software. Since the terminal type does not change for hardwired terminals, a real terminal - type from &man.termcap.5; can be used in this - field. - - For this example, the Wyse-50 uses the real - terminal type while the 286 PC running - Procomm will be set to - emulate at VT-100. + type from /etc/termcap can be specified. + For this example, the Wyse-50 uses the real + terminal type while the computer running + Procomm is set to + emulate a VT-100. The fourth field specifies if the port should be - enabled. If set to on, the - init process will start the program - in the second field, getty. If - this field is set to off, there - will be no getty, and hence no - logins on the port. + enabled. To enable logins on this port, this + field must be set to on. @@ -930,27 +871,18 @@ ttyu5 "/usr/libexec/getty std.19200" port is secure. Marking a port as secure means that it is trusted enough to allow root, or any account - with a UID of 0, to login from that + class="username">root to login from that port. Insecure ports do not allow root logins. On an insecure port, users must login from unprivileged - accounts and then use &man.su.1; or a similar - mechanism to gain superuser privileges. - - It is highly recommended to use - insecure, even for terminals that - are behind locked doors. It is quite easy to login - and use su when superuser - privileges are needed. + accounts and then use su or a similar + mechanism to gain superuser privileges, as described + in . For security reasons, + it is recommended to change this setting to + insecure. - - - - Force <command>init</command> to Reread - <filename>/etc/ttys</filename> After making any changes to /etc/ttys, send a SIGHUP (hangup) @@ -959,18 +891,15 @@ ttyu5 "/usr/libexec/getty std.19200" &prompt.root; kill -HUP 1 - - init is always the first process - run on a system, therefore it will always have a process - ID of 1. - + Since init is always the first process + run on a system, it always has a process + ID of 1. If everything is set up correctly, all cables are in - place, and the terminals are powered up, then a - getty process should be running on each + place, and the terminals are powered up, a + getty process should now be running on each terminal and login prompts should be available on each terminal. - @@ -996,20 +925,16 @@ ttyu5 "/usr/libexec/getty std.19200" controls are turned up. If it is a printing terminal, make sure paper and ink are in good supply. - Make sure that a getty process is - running and serving the terminal. For example, to get a list - of running getty processes with - ps, type: - - &prompt.root; ps -axww|grep getty - - There should be an entry for the terminal. For example, - the following display shows that a getty is + Use ps to make sure that a + getty process is + running and serving the terminal. For example, + the following listing shows that a getty is running on the second serial port, ttyu1, and is using the std.38400 entry in /etc/gettytab: - 22189 d1 Is+ 0:00.03 /usr/libexec/getty std.38400 ttyu1 + &prompt.root; ps -axww|grep ttyu +22189 d1 Is+ 0:00.03 /usr/libexec/getty std.38400 ttyu1 If no getty process is running, make sure the port is enabled in /etc/ttys. From owner-svn-doc-all@FreeBSD.ORG Wed May 7 18:25:54 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8B61F410; Wed, 7 May 2014 18:25:54 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 787A7BBF; Wed, 7 May 2014 18:25:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s47IPsw2015858; Wed, 7 May 2014 18:25:54 GMT (envelope-from brueffer@svn.freebsd.org) Received: (from brueffer@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s47IPskO015857; Wed, 7 May 2014 18:25:54 GMT (envelope-from brueffer@svn.freebsd.org) Message-Id: <201405071825.s47IPskO015857@svn.freebsd.org> From: Christian Brueffer Date: Wed, 7 May 2014 18:25:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44787 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 May 2014 18:25:54 -0000 Author: brueffer Date: Wed May 7 18:25:53 2014 New Revision: 44787 URL: http://svnweb.freebsd.org/changeset/doc/44787 Log: Add mrsas(4). Modified: head/share/xml/man-refs.ent Modified: head/share/xml/man-refs.ent ============================================================================== --- head/share/xml/man-refs.ent Wed May 7 18:12:21 2014 (r44786) +++ head/share/xml/man-refs.ent Wed May 7 18:25:53 2014 (r44787) @@ -3610,6 +3610,7 @@ mpr4"> mps4"> mpt4"> +mrsas4"> mse4"> msk4"> mtio4"> From owner-svn-doc-all@FreeBSD.ORG Wed May 7 18:57:41 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 052DBA03; Wed, 7 May 2014 18:57:41 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E5A70EC6; Wed, 7 May 2014 18:57:40 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s47IveLe028920; Wed, 7 May 2014 18:57:40 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s47Ive7e028918; Wed, 7 May 2014 18:57:40 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201405071857.s47Ive7e028918@svn.freebsd.org> From: Glen Barber Date: Wed, 7 May 2014 18:57:40 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44788 - in head/share: misc xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 May 2014 18:57:41 -0000 Author: gjb Date: Wed May 7 18:57:40 2014 New Revision: 44788 URL: http://svnweb.freebsd.org/changeset/doc/44788 Log: Add a few elements to the db.common.attributes definition: - vendorurl - sponsor - sponsorurl - contrib This will allow attribution for sponsored or contributed work on FreeBSD in the release notes. This is a prerequisite to additional upcoming changes. While here, modify docbook.css to recognize a new 'contrib' class. Also, set FreeBSD=%H on docbook50.dtd to allow the commit to go through. Sponsored by: The FreeBSD Foundation Modified: head/share/misc/docbook.css head/share/xml/docbook50.dtd Modified: head/share/misc/docbook.css ============================================================================== --- head/share/misc/docbook.css Wed May 7 18:25:53 2014 (r44787) +++ head/share/misc/docbook.css Wed May 7 18:57:40 2014 (r44788) @@ -394,3 +394,8 @@ pre.screen strong { line-height: 1.2; margin: 0 0 0 -1em; } + +span.contrib { + font-size: small; + font-style: italic; +} Modified: head/share/xml/docbook50.dtd ============================================================================== --- head/share/xml/docbook50.dtd Wed May 7 18:25:53 2014 (r44787) +++ head/share/xml/docbook50.dtd Wed May 7 18:57:40 2014 (r44788) @@ -1,3 +1,6 @@ + Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B67AD158; Wed, 7 May 2014 19:51:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A2407686; Wed, 7 May 2014 19:51:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s47Jp5o7051864; Wed, 7 May 2014 19:51:05 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s47Jp5cu051863; Wed, 7 May 2014 19:51:05 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405071951.s47Jp5cu051863@svn.freebsd.org> From: Dru Lavigne Date: Wed, 7 May 2014 19:51:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44789 - head/en_US.ISO8859-1/books/handbook/serialcomms X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 May 2014 19:51:05 -0000 Author: dru Date: Wed May 7 19:51:05 2014 New Revision: 44789 URL: http://svnweb.freebsd.org/changeset/doc/44789 Log: Editorial review of first 1/2 of Dial-in Service. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Wed May 7 18:57:40 2014 (r44788) +++ head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Wed May 7 19:51:05 2014 (r44789) @@ -971,48 +971,51 @@ ttyu5 "/usr/libexec/getty std.19200" - - Dial-in Service + dial-in service Configuring a &os; system for dial-in service is similar - to connecting terminals except that modems are used instead of + to configuring terminals, except that modems are used instead of terminal devices. &os; supports both external and internal modems. - External modems are more convenient for dial-up because - they often can be semi-permanently configured via parameters - stored in non-volatile RAM and they usually provide lighted - indicators that display the state of important RS-232 signals, + External modems are more convenient because + they often can be configured via parameters + stored in non-volatile RAM and they usually provide lighted + indicators that display the state of important RS-232 signals, indicating whether the modem is operating properly. - Internal modems usually lack non-volatile RAM, so their - configuration may be limited to setting DIP switches. If the + Internal modems usually lack non-volatile RAM, so their + configuration may be limited to setting DIP switches. If the internal modem has any signal indicator lights, they are difficult to view when the system's cover is in place. modem When using an external modem, a proper cable is needed. A - standard RS-232C serial cable should suffice. + standard RS-232C serial cable should suffice. &os; needs the RTS and CTS signals for flow control at speeds @@ -1022,7 +1025,8 @@ ttyu5 "/usr/libexec/getty std.19200" after a session is complete. Some cables are wired without all of the needed signals, so if a login session does not go away when the line hangs up, there may be a problem with the - cable. + cable. Refer to for more + information about these signals. Like other &unix;-like operating systems, &os; uses the hardware signals to find out when a call has been answered or a @@ -1030,78 +1034,57 @@ ttyu5 "/usr/libexec/getty std.19200" call. &os; avoids sending commands to the modem or watching for status reports from the modem. - - Serial Interface Considerations - - &os; supports the NS8250-, NS16450-, NS16550-, and - NS16550A-based EIA RS-232C (CCITT V.24) communications + &os; supports the NS8250, + NS16450, NS16550, and + NS16550A-based RS-232C + (CCITT V.24) communications interfaces. The 8250 and 16450 devices have single-character buffers. The 16550 device provides a 16-character buffer, which allows for better system performance. Bugs in plain - 16550's prevent the use of the 16-character buffer, so use - 16550A's if possible. Because single-character-buffer + 16550 devices prevent the use of the 16-character buffer, so use + 16550A devices if possible. Because single-character-buffer devices require more work by the operating system than the 16-character-buffer devices, 16550A-based serial interface cards are preferred. If the system has many active serial ports or will have a heavy load, 16550A-based cards are better for low-error-rate communications. - - - Quick Overview + The rest of this section demonstrates how to configure a + modem to receive incoming connections, how to communicate + with the modem, and offers some troubleshooting tips. + + + Modem Configuration getty As with terminals, init spawns a getty process for each configured serial - port for dial-in connections. For example, if a modem is - attached to /dev/ttyu0, - ps ax might show this: - - 4850 ?? I 0:00.09 /usr/libexec/getty V19200 ttyu0 - - When a user dials the modem's line and the modems connect, - the Carrier Detect (CD) line is reported by + port used for dial-in connections. When a user dials the + modem's line and the modems connect, + the Carrier Detect signal is reported by the modem. The kernel notices that the carrier has been detected and instructs getty to open the - port. getty sends a + port and display a login: prompt at the specified initial line - speed. getty watches to see if legitimate - characters are received, and, in a typical configuration, if - it finds junk (probably due to the modem's connection speed - being different than getty's speed), + speed. In a typical configuration, if garbage characters are + received, usually due to the modem's connection speed + being different than the configured speed, getty tries adjusting the line speeds until - it receives reasonable characters. - - - /usr/bin/login - - After the user enters their login name, + it receives reasonable characters. After the user enters their login name, getty executes - /usr/bin/login, which completes the login + login, which completes the login process by asking for the user's password and then starting the user's shell. - - - - Configuration Files - - There are three system configuration files in - /etc that probably - need to be edited to allow dial-up access to the &os; system. - /etc/gettytab contains configuration - information for the /usr/libexec/getty - daemon. /etc/ttys holds information that - tells init which - ttys should have - getty processes running on them. Lastly, - port initialization commands can be placed in - /etc/rc.d/serial. + + /usr/bin/login + - There are two schools of thought regarding dial-up modems - on &unix;. One group likes to configure their modems and + There are two schools of thought regarding dial-up modems. + One confiuration method is to set the modems and systems so that no matter at what speed a remote user dials - in, the local computer-to-modem RS-232 interface runs at a + in, the dial-in RS-232 + interface runs at a locked speed. The benefit of this configuration is that the remote user always sees a system login prompt immediately. The downside is that the system does not know what a user's @@ -1110,68 +1093,44 @@ ttyu5 "/usr/libexec/getty std.19200" screen-painting methods to make their response better for slower connections. - The other group configures their modems' RS-232 interface + The second method is to configure the RS-232 interface to vary its speed based on the remote user's connection speed. - For example, V.32bis (14.4 Kbps) connections to the modem - might make the modem run its RS-232 interface at - 19.2 Kbps, while 2400 bps connections make the - modem's RS-232 interface run at 2400 bps. Because + Because getty does not understand any particular - modem's connection speed reporting, getty + modem's connection speed reporting, it gives a login: message at an initial speed and watches the characters that come back in response. If the - user sees junk, it is assumed that they know they should press + user sees junk, they should press Enter until they see a recognizable prompt. If the data rates do not match, getty sees - anything the user types as junk, tries going to - the next speed and gives the login: prompt + anything the user types as junk, tries + the next speed, and gives the login: prompt again. This procedure normally only takes a keystroke or two before the user sees a good prompt. This login sequence does - not look as clean as the locked-speed method, + not look as clean as the locked-speed method, but a user on a low-speed connection should receive better interactive response from full-screen programs. - This section will try to give balanced configuration - information, but is biased towards having the modem's data - rate follow the connection rate. - - - <filename>/etc/gettytab</filename> - - - /etc/gettytab - - /etc/gettytab is a - &man.termcap.5;-style file of configuration information for - &man.getty.8;. Refer to &man.gettytab.5; for complete - information on the format of the file and the list of - capabilities. - When locking a modem's data communications rate at a particular speed, no changes to - /etc/gettytab should be needed. - - However, a change is needed to create a matching-speed - configuration. Create an entry in - /etc/gettytab to give - getty information about the speeds to use - for the modem. For a 2400 bps modem, use the existing - D2400 entry. - - # -# Fast dialup terminals, 2400/1200/300 rotary (can start either way) -# -D2400|d2400|Fast-Dial-2400:\ - :nx=D1200:tc=2400-baud: -3|D1200|Fast-Dial-1200:\ - :nx=D300:tc=1200-baud: -5|D300|Fast-Dial-300:\ - :nx=D2400:tc=300-baud: - - For a higher speed modem, add an entry in - /etc/gettytab. This entry is for a + /etc/gettytab should be needed. + However, for a matching-speed + configuration, additional entries may be required in + order to define the speeds to use + for the modem. This example configures a 14.4 Kbps modem with a top interface speed of - 19.2 Kbps: + 19.2 Kbps using 8-bit, no parity connections. It + configures getty to start the + communications rate for a V.32bis connection at + 19.2 Kbps, then cycles + through 9600 bps, 2400 bps, + 1200 bps, 300 bps, and back to 19.2 Kbps. + Communications rate cycling is implemented with the + nx= (next table) + capability. Each line uses a + tc= (table continuation) + entry to pick up the rest of the + settings for a particular data rate. # # Additions for a V.32bis Modem @@ -1187,24 +1146,9 @@ up|V9600|High Speed Modem at 9600,8-bit: uq|V19200|High Speed Modem at 19200,8-bit:\ :nx=V9600:tc=std.19200: - This will result in 8-bit, no parity connections. - - The example above starts the communications rate at - 19.2 Kbps (for a V.32bis connection), then cycles - through 9600 bps (for V.32), 2400 bps, - 1200 bps, 300 bps, and back to 19.2 Kbps. - Communications rate cycling is implemented with the - nx= (next table) - capability. Each of the lines uses a - tc= (table continuation) - entry to pick up the rest of the standard - settings for a particular data rate. - - For a 28.8 Kbps modem or to take advantage of + For a 28.8 Kbps modem, or to take advantage of compression on a 14.4 Kbps modem, use a higher - communications rate than 19.2 Kbps. Here is an - example of a gettytab entry starting - a 57.6 Kbps: + communications rate, as seen in this example: # # Additions for a V.32bis or V.34 Modem @@ -1221,116 +1165,71 @@ vp|VH9600|Very High Speed Modem at 9600, vq|VH57600|Very High Speed Modem at 57600,8-bit:\ :nx=VH9600:tc=std.57600: - For a slow CPU or a heavily loaded system without - 16550A-based serial ports, there may be + For a slow CPU or a heavily loaded system without + 16550A-based serial ports, this configuration may produce sio silo errors at 57.6 Kbps. - - - - <filename>/etc/ttys</filename> /etc/ttys - Configuration of /etc/ttys - is covered in . - Configuration for modems is similar, but a different - argument is passed to getty and a - different terminal type is specified. The general format - for both locked-speed and matching-speed configurations - is: + The configuration of /etc/ttys + is similar to , + but a different + argument is passed to getty and + dialup is used for the terminal type. + Replace + xxx with the process + init will run on the device: ttyu0 "/usr/libexec/getty xxx" dialup on - The first item in the above line is the device special - file for this entry. ttyu0 indicates - that getty is watching - /dev/ttyu0. The - xxx will replace the initial - gettytab capability and is the process - init will run on the device. The third - item, dialup, is the default terminal - type. The fourth parameter, on, - indicates to init that the line is - operational. There can be a fifth parameter, - secure, but it should only be used for - terminals which are physically secure, such as the system - console. - - The default terminal type, dialup in - this example, may depend on local preferences. - dialup is the traditional default - terminal type on dial-up lines so that users may customize - their login scripts to notice when the terminal is - dialup and automatically adjust their - terminal type. Setting vt102 as the - default terminal type allows users to use VT102 emulation on + The dialup terminal type can be + changed. For example, setting vt102 as the + default terminal type allows users to use VT102 emulation on their remote systems. - After editing /etc/ttys, send the - init process a HUP - signal to re-read the file: - - &prompt.root; kill -HUP 1 - - Wait until the modem is properly configured and - connected before signaling init. - - For a locked-speed configuration, the - ttys entry needs to have a - fixed-speed entry provided to getty. - For a modem whose port speed is locked at 19.2 Kbps, - the ttys entry might look like - this: - - ttyu0 "/usr/libexec/getty std.19200" dialup on - - If the modem is locked at a different data rate, - substitute the appropriate value for - std.speed - instead of std.19200. Make sure to use + For a locked-speed configuration, specify the speed with a valid type listed in - /etc/gettytab. + /etc/gettytab. + This example is for a modem whose port speed is locked at + 19.2 Kbps: + + ttyu0 "/usr/libexec/getty std.19200" dialup on In a matching-speed configuration, the - ttys entry needs to reference the + entry needs to reference the appropriate beginning auto-baud entry in - /etc/gettytab. For example, for the - above suggested entry for a matching-speed modem that - starts at 19.2 Kbps, the - /etc/ttys entry might look like - this: + /etc/gettytab. To continue the example + for a matching-speed modem that + starts at 19.2 Kbps, use this entry: ttyu0 "/usr/libexec/getty V19200" dialup on - - - <filename>/etc/rc.d/serial</filename> + After editing /etc/ttys, wait until + the modem is properly configured and + connected before signaling init: + + &prompt.root; kill -HUP 1 rc files rc.serial - High-speed modems, like V.32, V.32bis, and V.34 modems, - need to use hardware (RTS/CTS) flow - control. stty can be used to set the - hardware flow control flag in the &os; kernel for the modem - ports. - - For example, to set the termios flag - crtscts on + High-speed modems, like V.32, + V.32bis, and V.34 modems, + use hardware (RTS/CTS) flow + control. Use stty to set the + hardware flow control flag for the modem + port. This example sets the + crtscts flag on COM2's dial-in and dial-out - initialization devices, the following lines could be added - to /etc/rc.d/serial: + initialization devices: - # Serial port initial configuration -stty -f /dev/ttyu1.init crtscts -stty -f /dev/cuau1.init crtscts - - + &prompt.root; stty -f /dev/ttyu1.init crtscts +&prompt.root; stty -f /dev/cuau1.init crtscts @@ -1462,9 +1361,6 @@ AT&B1&W ATZ AT&B2&W - - Checking the Modem's Configuration - Most high-speed modems provide commands to view the modem's current operating parameters in a somewhat human-readable fashion. On the &usrobotics; &sportster; @@ -1477,7 +1373,6 @@ AT&B2&W For a different brand of modem, check the modem's manual to see how to double-check the modem's configuration parameters. - From owner-svn-doc-all@FreeBSD.ORG Wed May 7 20:37:49 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 359DB460; Wed, 7 May 2014 20:37:49 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 21202BB5; Wed, 7 May 2014 20:37:49 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s47KbnDQ073821; Wed, 7 May 2014 20:37:49 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s47Kbnhw073820; Wed, 7 May 2014 20:37:49 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405072037.s47Kbnhw073820@svn.freebsd.org> From: Dru Lavigne Date: Wed, 7 May 2014 20:37:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44790 - head/en_US.ISO8859-1/books/handbook/serialcomms X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 May 2014 20:37:49 -0000 Author: dru Date: Wed May 7 20:37:48 2014 New Revision: 44790 URL: http://svnweb.freebsd.org/changeset/doc/44790 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Wed May 7 19:51:05 2014 (r44789) +++ head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Wed May 7 20:37:48 2014 (r44790) @@ -104,112 +104,110 @@ When referring to communication data rates, this section - does not use the term baud. Baud refers to the - number of electrical state transitions made in a - period of time, while bps is the - correct term to use. - - To connect a serial terminal to a &os; system, a - serial port on the computer and the proper cable to connect to - the serial device are needed. Users who are already familiar - with serial hardware and cabling can safely skip this - section. + does not use the term baud. Baud refers + to the number of electrical state transitions made in a period + of time, while bps is the correct term to + use. + + To connect a serial terminal to a &os; system, a serial port + on the computer and the proper cable to connect to the serial + device are needed. Users who are already familiar with serial + hardware and cabling can safely skip this section. Serial Cables and Ports There are several different kinds of serial cables. The two most common types are null-modem cables and standard - RS-232 cables. The documentation for the hardware should - describe the type of cable required. + RS-232 cables. The documentation for the + hardware should describe the type of cable required. These two types of cables differ in how the wires are connected to the connector. Each wire represents a signal, with the defined signals summarized in . A standard serial cable passes all of the RS-232C signals - straight through. For example, the Transmitted Data pin on - one end of the cable goes to the Transmitted - Data pin on the other end. This is the type of - cable used to connect a modem to the &os; system, and is also - appropriate for some terminals. - - A null-modem cable - switches the Transmitted Data pin of the - connector on one end with the Received - Data pin on the other end. The connector can be - either a DB-25 or a + straight through. For example, the Transmitted + Data pin on one end of the cable goes to the + Transmitted Data pin on the other end. This is + the type of cable used to connect a modem to the &os; system, + and is also appropriate for some terminals. + + A null-modem cable switches the Transmitted + Data pin of the connector on one end with the + Received Data pin on the other end. The + connector can be either a DB-25 or a DB-9. - A null-modem cable can be constructed - using the pin connections summarized in , , and . While the standard - calls for a straight-through pin 1 to pin 1 - Protective Ground line, it is often - omitted. Some terminals work using only pins 2, 3, and 7, - while others require different configurations. When in doubt, - refer to the documentation for the hardware. + A null-modem cable can be constructed using the pin + connections summarized in , + , and . While the standard calls for + a straight-through pin 1 to pin 1 Protective + Ground line, it is often omitted. Some terminals + work using only pins 2, 3, and 7, while others require + different configurations. When in doubt, refer to the + documentation for the hardware. null-modem cable - - <acronym>RS-232C</acronym> Signal Names +
              + <acronym>RS-232C</acronym> Signal Names - - - - Acronyms - Names - - - - - - RD - Received Data - - - - TD - Transmitted Data - - - - DTR - Data Terminal Ready - - - - DSR - Data Set Ready - - - - DCD - Data Carrier Detect - - - - SG - Signal Ground - - - - RTS - Request to Send - - - - CTS - Clear to Send - - - -
              + + + + Acronyms + Names + + + + + + RD + Received Data + + + + TD + Transmitted Data + + + + DTR + Data Terminal Ready + + + + DSR + Data Set Ready + + + + DCD + Data Carrier Detect + + + + SG + Signal Ground + + + + RTS + Request to Send + + + + CTS + Clear to Send + + + + DB-25 to DB-25 Null-Modem Cable @@ -494,13 +492,13 @@ constructing a cable, make sure it will fit the ports on the terminal and on the &os; system. - Most terminals have DB-25 ports. Personal computers may - have DB-25 or DB-9 - ports. A multiport serial card may have - RJ-12 or RJ-45/ ports. - See the documentation that accompanied the hardware for - specifications on the kind of port or visually verify the type - of port. + Most terminals have DB-25 ports. + Personal computers may have DB-25 or + DB-9 ports. A multiport serial card may + have RJ-12 or RJ-45/ + ports. See the documentation that accompanied the hardware + for specifications on the kind of port or visually verify the + type of port.In &os;, each serial port is accessed through an entry in /dev. There are two different kinds of @@ -516,10 +514,10 @@ /dev/ttyu0 to refer to the terminal. If the terminal is on the second serial port (COM2), use - /dev/ttyu1, and so forth. Generally, the call-in port is used - for terminals. Call-in ports require that the serial line - assert the Data Carrier Detect - signal to work correctly. + /dev/ttyu1, and so forth. Generally, + the call-in port is used for terminals. Call-in ports + require that the serial line assert the Data + Carrier Detect signal to work correctly. @@ -527,17 +525,17 @@ /dev/cuauN on &os; versions 10.x and higher and /dev/cuadN - on &os; versions 9.x and lower. - Call-out ports are usually not used for terminals, but are - used for modems. The call-out port can be used if the - serial cable or the terminal does not support the Data Carrier Detect - signal. + on &os; versions 9.x and lower. Call-out ports are + usually not used for terminals, but are used for modems. + The call-out port can be used if the serial cable or the + terminal does not support the Data Carrier + Detect signal. - &os; also provides initialization - devices - (/dev/ttyuN.init and + &os; also provides initialization devices + (/dev/ttyuN.init + and /dev/cuauN.init or /dev/cuadN.init) @@ -553,9 +551,9 @@ RTS/CTS signaling for flow control. The locking devices are used to lock flags on ports to prevent users or programs changing certain parameters. Refer to - &man.termios.4;, &man.sio.4;, and &man.stty.1; for - information on terminal settings, locking and initializing - devices, and setting terminal options, respectively. + &man.termios.4;, &man.sio.4;, and &man.stty.1; for information + on terminal settings, locking and initializing devices, and + setting terminal options, respectively. @@ -564,12 +562,11 @@ By default, &os; supports four serial ports which are commonly known as COM1, COM2, COM3, and - COM4. &os; also supports - dumb multi-port serial interface cards, such as - the BocaBoard 1008 and 2016, as well as more intelligent - multi-port cards such as those made by Digiboard. However, - the default kernel only looks for the - standard COM ports. + COM4. &os; also supports dumb multi-port + serial interface cards, such as the BocaBoard 1008 and 2016, + as well as more intelligent multi-port cards such as those + made by Digiboard. However, the default kernel only looks for + the standard COM ports. To see if the system recognizes the serial ports, look for system boot messages that start with @@ -577,17 +574,18 @@ &prompt.root; grep uart /var/run/dmesg.boot - If the system does not recognize all of the needed serial ports, - additional entries can be added to + If the system does not recognize all of the needed serial + ports, additional entries can be added to /boot/device.hints. This file already contains hint.uart.0.* entries for - COM1 and hint.uart.1.* entries - for COM2. When adding a port entry for - COM3 use - 0x3E8, and for COM4 use - 0x2E8. Common IRQ addresses - are 5 for COM3 and - 9 for COM4. + COM1 and hint.uart.1.* + entries for COM2. When adding a port + entry for COM3 use + 0x3E8, and for COM4 + use 0x2E8. Common IRQ + addresses are 5 for + COM3 and 9 for + COM4. ttyu cuau @@ -599,20 +597,19 @@ &prompt.root; stty -a -f /dev/ttyu1 - System-wide initialization of serial devices is - controlled by /etc/rc.d/serial. This - file affects the default settings of serial devices. To - change the settings for a device, use stty. - By default, the changed settings - are in effect until the device is closed and when the device is - reopened, it goes back to the default set. To permanently - change the default set, open and adjust the settings of the - initialization device. For example, to turn on - mode, 8 bit communication, and - flow control for + System-wide initialization of serial devices is controlled + by /etc/rc.d/serial. This file affects + the default settings of serial devices. To change the + settings for a device, use stty. By + default, the changed settings are in effect until the device + is closed and when the device is reopened, it goes back to the + default set. To permanently change the default set, open and + adjust the settings of the initialization device. For + example, to turn on mode, 8 bit + communication, and flow control for ttyu5, type: - &prompt.root; stty -f /dev/ttyu5.init clocal cs8 ixon ixoff + &prompt.root; stty -f /dev/ttyu5.init clocal cs8 ixon ixoff rc files @@ -620,15 +617,15 @@ To prevent certain settings from being changed by an - application, make adjustments to the locking - device. For example, to lock the speed of - ttyu5 to 57600 bps, type: - - &prompt.root; stty -f /dev/ttyu5.lock 57600 - - Now, any application that opens - ttyu5 and tries to change the speed - of the port will be stuck with 57600 bps. + application, make adjustments to the locking device. For + example, to lock the speed of ttyu5 to + 57600 bps, type: + + &prompt.root; stty -f /dev/ttyu5.lock 57600 + + Now, any application that opens ttyu5 + and tries to change the speed of the port will be stuck with + 57600 bps. @@ -761,10 +758,10 @@ Terminal ConfigurationThis section describes how to configure a &os; system to - enable a login session on a serial terminal. It assumes that the - system recognizes the serial port to which the - terminal is connected and that the terminal is - connected with the correct cable. + enable a login session on a serial terminal. It assumes that + the system recognizes the serial port to which the terminal is + connected and that the terminal is connected with the correct + cable.In &os;, init reads /etc/ttys and starts a @@ -774,132 +771,128 @@ program. The ports on the &os; system which allow logins are listed in /etc/ttys. For example, the first virtual console, ttyv0, has an - entry in this file, allowing logins on the console. This - file also contains entries for the other virtual consoles, - serial ports, and pseudo-ttys. For a hardwired terminal, - the serial port's /dev entry is listed - without the /dev part. For example, + entry in this file, allowing logins on the console. This file + also contains entries for the other virtual consoles, serial + ports, and pseudo-ttys. For a hardwired terminal, the serial + port's /dev entry is listed without the + /dev part. For example, /dev/ttyv0 is listed as ttyv0. - The default - /etc/ttys configures support for the first - four serial ports, ttyu0 through - ttyu3: + The default /etc/ttys configures + support for the first four serial ports, + ttyu0 through + ttyu3: - ttyu0 "/usr/libexec/getty std.9600" dialup off secure + ttyu0 "/usr/libexec/getty std.9600" dialup off secure ttyu1 "/usr/libexec/getty std.9600" dialup off secure ttyu2 "/usr/libexec/getty std.9600" dialup off secure ttyu3 "/usr/libexec/getty std.9600" dialup off secure - When attaching a terminal to - one of those ports, modify the default entry to set the - required speed and terminal type, to turn the device - on and, if needed, to change the port's - secure setting. If the terminal is - connected to another port, add an entry for the port. - - configures two - terminals in /etc/ttys. The first - entry configures a Wyse-50 - connected to COM2. The second entry - configures an old computer running - Procomm terminal software - emulating a VT-100 terminal. The computer is connected - to the sixth serial port on - a multi-port serial card. - - - Configuring Terminal Entries + When attaching a terminal to one of those ports, modify + the default entry to set the required speed and terminal type, + to turn the device on and, if needed, to + change the port's secure setting. If the + terminal is connected to another port, add an entry for the + port. + + configures two terminals in + /etc/ttys. The first entry configures a + Wyse-50 connected to COM2. The second + entry configures an old computer running + Procomm terminal software emulating + a VT-100 terminal. The computer is connected to the sixth + serial port on a multi-port serial card. + + + Configuring Terminal Entries - ttyu1 "/usr/libexec/getty std.38400" wy50 on insecure + ttyu1 "/usr/libexec/getty std.38400" wy50 on insecure ttyu5 "/usr/libexec/getty std.19200" vt100 on insecure - - - The first field specifies the device name of - the serial terminal. - - - - The second field tells - getty to initialize and open the - line, set the line speed, prompt for a user name, and - then execute the login program. The optional - getty type configures - characteristics on the terminal line, like - bps rate and parity. The available - getty types are listed in - /etc/gettytab. In - almost all cases, the getty types that start with - std will work for hardwired - terminals as these entries ignore parity. There is - a std entry for each - bps rate from 110 to 115200. Refer to - &man.gettytab.5; for more information. - - When setting the getty - type, make sure to match - the communications settings used by the terminal. For - this example, the Wyse-50 uses no parity and - connects at 38400 bps. The computer uses no - parity and connects at 19200 bps. - - - - The third field is the type of terminal. For dial-up ports, - unknown or - dialup is typically used since - users may dial up with practically any type of - terminal or software. Since the terminal type does - not change for hardwired terminals, a real terminal - type from /etc/termcap can be specified. - For this example, the Wyse-50 uses the real - terminal type while the computer running - Procomm is set to - emulate a VT-100. - - - - The fourth field specifies if the port should be - enabled. To enable logins on this port, this - field must be set to on. - - - - The final field is used to specify whether the - port is secure. Marking a port as - secure means that it is trusted - enough to allow root to login from that - port. Insecure ports do not allow root logins. On an - insecure port, users must login from unprivileged - accounts and then use su or a similar - mechanism to gain superuser privileges, as described - in . For security reasons, - it is recommended to change this setting to - insecure. - - - - - After making any changes to - /etc/ttys, send a SIGHUP (hangup) - signal to the init process to force it to - re-read its configuration file: - - &prompt.root; kill -HUP 1 - - Since init is always the first process - run on a system, it always has a process - ID of 1. - - If everything is set up correctly, all cables are in - place, and the terminals are powered up, a - getty process should now be running on each - terminal and login prompts should be available on each - terminal. + + + The first field specifies the device name of the + serial terminal. + + + + The second field tells getty to + initialize and open the line, set the line speed, prompt + for a user name, and then execute the + login program. The optional + getty type configures + characteristics on the terminal line, like + bps rate and parity. The available + getty types are listed in + /etc/gettytab. In almost all + cases, the getty types that start with + std will work for hardwired terminals + as these entries ignore parity. There is a + std entry for each + bps rate from 110 to 115200. Refer + to &man.gettytab.5; for more information. + + When setting the getty type, make sure to match the + communications settings used by the terminal. For this + example, the Wyse-50 uses no parity and connects at + 38400 bps. The computer uses no parity and + connects at 19200 bps. + + + + The third field is the type of terminal. For + dial-up ports, unknown or + dialup is typically used since users + may dial up with practically any type of terminal or + software. Since the terminal type does not change for + hardwired terminals, a real terminal type from + /etc/termcap can be specified. For + this example, the Wyse-50 uses the real terminal type + while the computer running + Procomm is set to emulate a + VT-100. + + + + The fourth field specifies if the port should be + enabled. To enable logins on this port, this field must + be set to on. + + + + The final field is used to specify whether the port + is secure. Marking a port as secure + means that it is trusted enough to allow root to login from that + port. Insecure ports do not allow root logins. On an + insecure port, users must login from unprivileged + accounts and then use su or a similar + mechanism to gain superuser privileges, as described in + . For security + reasons, it is recommended to change this setting to + insecure. + + + + + After making any changes to + /etc/ttys, send a SIGHUP (hangup) signal + to the init process to force it to re-read + its configuration file: + + &prompt.root; kill -HUP 1 + + Since init is always the first process + run on a system, it always has a process ID + of 1. + + If everything is set up correctly, all cables are in + place, and the terminals are powered up, a + getty process should now be running on each + terminal and login prompts should be available on each + terminal. @@ -916,8 +909,8 @@ ttyu5 "/usr/libexec/getty std.19200" emulation software on the correct serial port. Make sure the cable is connected firmly to both the - terminal and the &os; computer. Make sure it is the - right kind of cable. + terminal and the &os; computer. Make sure it is the right + kind of cable. Make sure the terminal and &os; agree on the bps rate and parity settings. For a video @@ -926,11 +919,11 @@ ttyu5 "/usr/libexec/getty std.19200" sure paper and ink are in good supply. Use ps to make sure that a - getty process is - running and serving the terminal. For example, - the following listing shows that a getty is - running on the second serial port, ttyu1, - and is using the std.38400 entry in + getty process is running and serving the + terminal. For example, the following listing shows that a + getty is running on the second serial port, + ttyu1, and is using the + std.38400 entry in /etc/gettytab: &prompt.root; ps -axww|grep ttyu @@ -996,37 +989,40 @@ ttyu5 "/usr/libexec/getty std.19200" dial-in service - Configuring a &os; system for dial-in service is similar - to configuring terminals, except that modems are used instead of + Configuring a &os; system for dial-in service is similar to + configuring terminals, except that modems are used instead of terminal devices. &os; supports both external and internal modems. - External modems are more convenient because - they often can be configured via parameters - stored in non-volatile RAM and they usually provide lighted - indicators that display the state of important RS-232 signals, - indicating whether the modem is operating properly. - - Internal modems usually lack non-volatile RAM, so their - configuration may be limited to setting DIP switches. If the - internal modem has any signal indicator lights, they are - difficult to view when the system's cover is in place. + External modems are more convenient because they often can + be configured via parameters stored in non-volatile + RAM and they usually provide lighted + indicators that display the state of important + RS-232 signals, indicating whether the modem + is operating properly. + + Internal modems usually lack non-volatile + RAM, so their configuration may be limited to + setting DIP switches. If the internal modem + has any signal indicator lights, they are difficult to view when + the system's cover is in place. modem When using an external modem, a proper cable is needed. A - standard RS-232C serial cable should suffice. + standard RS-232C serial cable should + suffice. &os; needs the RTS and - CTS signals for flow control at speeds - above 2400 bps, the CD signal to - detect when a call has been answered or the line has been hung - up, and the DTR signal to reset the modem - after a session is complete. Some cables are wired without all - of the needed signals, so if a login session does not go away - when the line hangs up, there may be a problem with the - cable. Refer to for more - information about these signals. + CTS signals for flow control at speeds above + 2400 bps, the CD signal to detect when a + call has been answered or the line has been hung up, and the + DTR signal to reset the modem after a session + is complete. Some cables are wired without all of the needed + signals, so if a login session does not go away when the line + hangs up, there may be a problem with the cable. Refer to for more information about these + signals. Like other &unix;-like operating systems, &os; uses the hardware signals to find out when a call has been answered or a @@ -1034,24 +1030,24 @@ ttyu5 "/usr/libexec/getty std.19200" call. &os; avoids sending commands to the modem or watching for status reports from the modem. - &os; supports the NS8250, - NS16450, NS16550, and - NS16550A-based RS-232C - (CCITT V.24) communications - interfaces. The 8250 and 16450 devices have single-character - buffers. The 16550 device provides a 16-character buffer, - which allows for better system performance. Bugs in plain - 16550 devices prevent the use of the 16-character buffer, so use - 16550A devices if possible. Because single-character-buffer - devices require more work by the operating system than the - 16-character-buffer devices, 16550A-based serial interface - cards are preferred. If the system has many active serial - ports or will have a heavy load, 16550A-based cards are better - for low-error-rate communications. - - The rest of this section demonstrates how to configure a - modem to receive incoming connections, how to communicate - with the modem, and offers some troubleshooting tips. + &os; supports the NS8250, + NS16450, NS16550, and + NS16550A-based RS-232C + (CCITT V.24) communications interfaces. The + 8250 and 16450 devices have single-character buffers. The 16550 + device provides a 16-character buffer, which allows for better + system performance. Bugs in plain 16550 devices prevent the use + of the 16-character buffer, so use 16550A devices if possible. + Because single-character-buffer devices require more work by the + operating system than the 16-character-buffer devices, + 16550A-based serial interface cards are preferred. If the + system has many active serial ports or will have a heavy load, + 16550A-based cards are better for low-error-rate + communications. + + The rest of this section demonstrates how to configure a + modem to receive incoming connections, how to communicate with + the modem, and offers some troubleshooting tips. Modem Configuration @@ -1060,79 +1056,72 @@ ttyu5 "/usr/libexec/getty std.19200" As with terminals, init spawns a getty process for each configured serial port used for dial-in connections. When a user dials the - modem's line and the modems connect, - the Carrier Detect signal is reported by - the modem. The kernel notices that the carrier has been - detected and instructs getty to open the - port and display a + modem's line and the modems connect, the Carrier + Detect signal is reported by the modem. The kernel + notices that the carrier has been detected and instructs + getty to open the port and display a login: prompt at the specified initial line speed. In a typical configuration, if garbage characters are - received, usually due to the modem's connection speed - being different than the configured speed, - getty tries adjusting the line speeds until - it receives reasonable characters. After the user enters their login name, - getty executes - login, which completes the login process - by asking for the user's password and then starting the user's - shell. + received, usually due to the modem's connection speed being + different than the configured speed, getty + tries adjusting the line speeds until it receives reasonable + characters. After the user enters their login name, + getty executes login, + which completes the login process by asking for the user's + password and then starting the user's shell. /usr/bin/login There are two schools of thought regarding dial-up modems. - One confiuration method is to set the modems and - systems so that no matter at what speed a remote user dials - in, the dial-in RS-232 - interface runs at a - locked speed. The benefit of this configuration is that the - remote user always sees a system login prompt immediately. - The downside is that the system does not know what a user's - true data rate is, so full-screen programs like + One confiuration method is to set the modems and systems so + that no matter at what speed a remote user dials in, the + dial-in RS-232 interface runs at a locked + speed. The benefit of this configuration is that the remote + user always sees a system login prompt immediately. The + downside is that the system does not know what a user's true + data rate is, so full-screen programs like Emacs will not adjust their screen-painting methods to make their response better for slower connections. - The second method is to configure the RS-232 interface - to vary its speed based on the remote user's connection speed. - Because + The second method is to configure the + RS-232 interface to vary its speed based on + the remote user's connection speed. Because getty does not understand any particular - modem's connection speed reporting, it - gives a login: message at an initial speed - and watches the characters that come back in response. If the - user sees junk, they should press - Enter until they see a recognizable prompt. - If the data rates do not match, getty sees - anything the user types as junk, tries - the next speed, and gives the login: prompt - again. This procedure normally only takes a keystroke or two - before the user sees a good prompt. This login sequence does - not look as clean as the locked-speed method, - but a user on a low-speed connection should receive better - interactive response from full-screen programs. - - When locking a modem's data communications rate at a - particular speed, no changes to - /etc/gettytab should be needed. - However, for a matching-speed - configuration, additional entries may be required in - order to define the speeds to use - for the modem. This example configures a - 14.4 Kbps modem with a top interface speed of - 19.2 Kbps using 8-bit, no parity connections. It - configures getty to start the - communications rate for a V.32bis connection at - 19.2 Kbps, then cycles - through 9600 bps, 2400 bps, - 1200 bps, 300 bps, and back to 19.2 Kbps. - Communications rate cycling is implemented with the - nx= (next table) - capability. Each line uses a - tc= (table continuation) - entry to pick up the rest of the - settings for a particular data rate. + modem's connection speed reporting, it gives a + login: message at an initial speed and + watches the characters that come back in response. If the + user sees junk, they should press Enter until + they see a recognizable prompt. If the data rates do not + match, getty sees anything the user types + as junk, tries the next speed, and gives the + login: prompt again. This procedure normally + only takes a keystroke or two before the user sees a good + prompt. This login sequence does not look as clean as the + locked-speed method, but a user on a low-speed connection + should receive better interactive response from full-screen + programs. + + When locking a modem's data communications rate at a + particular speed, no changes to + /etc/gettytab should be needed. However, + for a matching-speed configuration, additional entries may be + required in order to define the speeds to use for the modem. + This example configures a 14.4 Kbps modem with a top + interface speed of 19.2 Kbps using 8-bit, no parity + connections. It configures getty to start + the communications rate for a V.32bis connection at + 19.2 Kbps, then cycles through 9600 bps, + 2400 bps, 1200 bps, 300 bps, and back to + 19.2 Kbps. Communications rate cycling is implemented + with the nx= (next table) capability. Each + line uses a tc= (table continuation) entry + to pick up the rest of the settings for a particular data + rate. - # + # # Additions for a V.32bis Modem # um|V300|High Speed Modem at 300,8-bit:\ @@ -1146,11 +1135,11 @@ up|V9600|High Speed Modem at 9600,8-bit: uq|V19200|High Speed Modem at 19200,8-bit:\ :nx=V9600:tc=std.19200: - For a 28.8 Kbps modem, or to take advantage of - compression on a 14.4 Kbps modem, use a higher - communications rate, as seen in this example: + For a 28.8 Kbps modem, or to take advantage of + compression on a 14.4 Kbps modem, use a higher + communications rate, as seen in this example: - # + # # Additions for a V.32bis or V.34 Modem # Starting at 57.6 Kbps # @@ -1165,70 +1154,65 @@ vp|VH9600|Very High Speed Modem at 9600, vq|VH57600|Very High Speed Modem at 57600,8-bit:\ :nx=VH9600:tc=std.57600: - For a slow CPU or a heavily loaded system without - 16550A-based serial ports, this configuration may produce - sio - silo errors at 57.6 Kbps. - - - /etc/ttys - - - The configuration of /etc/ttys - is similar to , - but a different - argument is passed to getty and - dialup is used for the terminal type. - Replace - xxx with the process - init will run on the device: - - ttyu0 "/usr/libexec/getty xxx" dialup on - - The dialup terminal type can be - changed. For example, setting vt102 as the - default terminal type allows users to use VT102 emulation on - their remote systems. - - For a locked-speed configuration, specify the speed with - a valid type listed in - /etc/gettytab. - This example is for a modem whose port speed is locked at - 19.2 Kbps: - - ttyu0 "/usr/libexec/getty std.19200" dialup on - - In a matching-speed configuration, the - entry needs to reference the - appropriate beginning auto-baud entry in - /etc/gettytab. To continue the example - for a matching-speed modem that - starts at 19.2 Kbps, use this entry: - - ttyu0 "/usr/libexec/getty V19200" dialup on - - After editing /etc/ttys, wait until - the modem is properly configured and - connected before signaling init: - - &prompt.root; kill -HUP 1 - - - rc files - rc.serial - - - High-speed modems, like V.32, - V.32bis, and V.34 modems, - use hardware (RTS/CTS) flow - control. Use stty to set the - hardware flow control flag for the modem - port. This example sets the - crtscts flag on - COM2's dial-in and dial-out - initialization devices: + For a slow CPU or a heavily loaded + system without 16550A-based serial ports, this configuration + may produce sio + silo errors at 57.6 Kbps. + + + /etc/ttys + + + The configuration of /etc/ttys is + similar to , but a different + argument is passed to getty and + dialup is used for the terminal type. + Replace xxx with the process + init will run on the device: + *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Wed May 7 21:57:46 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3F5F0A8A; Wed, 7 May 2014 21:57:46 +0000 (UTC) Received: from server.mypc.hu (server.mypc.hu [87.229.73.95]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "mail.t-hosting.hu", Issuer "mail.t-hosting.hu" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id EB52D335; Wed, 7 May 2014 21:57:45 +0000 (UTC) Received: from server.mypc.hu (localhost [127.0.0.1]) by server.mypc.hu (Postfix) with ESMTP id 5BF2E14D2538; Wed, 7 May 2014 23:49:34 +0200 (CEST) X-Virus-Scanned: amavisd-new at !change-mydomain-variable!.example.com Received: from server.mypc.hu ([127.0.0.1]) by server.mypc.hu (server.mypc.hu [127.0.0.1]) (amavisd-new, port 10024) with LMTP id erZPyCSNwg1G; Wed, 7 May 2014 23:49:26 +0200 (CEST) Received: from [192.168.0.10] (54034B4D.catv.pool.telekom.hu [84.3.75.77]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by server.mypc.hu (Postfix) with ESMTPSA id D923F14D2510; Wed, 7 May 2014 23:49:25 +0200 (CEST) Message-ID: <536AAA54.5000104@FreeBSD.org> Date: Wed, 07 May 2014 23:49:08 +0200 From: Gabor Kovesdan User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: Glen Barber , doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: Re: svn commit: r44788 - in head/share: misc xml References: <201405071857.s47Ive7e028918@svn.freebsd.org> In-Reply-To: <201405071857.s47Ive7e028918@svn.freebsd.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 May 2014 21:57:46 -0000 On 2014.05.07. 20:57, Glen Barber wrote: > Author: gjb > Date: Wed May 7 18:57:40 2014 > New Revision: 44788 > URL:http://svnweb.freebsd.org/changeset/doc/44788 > > Log: > Add a few elements to the db.common.attributes definition: > - vendorurl > - sponsor > - sponsorurl > - contrib > > This will allow attribution for sponsored or contributed > work on FreeBSD in the release notes. I don't think this is a good solution. We should first check what elements are available and evaluate if they are appropriate for such use. Please revert it for now until it is discussed. Thanks, -- Gabor Kovesdan From owner-svn-doc-all@FreeBSD.ORG Wed May 7 22:02:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from hub.FreeBSD.org (hub.freebsd.org [IPv6:2001:1900:2254:206c::16:88]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0402CDB3; Wed, 7 May 2014 22:02:11 +0000 (UTC) Date: Wed, 7 May 2014 18:02:08 -0400 From: Glen Barber To: Gabor Kovesdan Subject: Re: svn commit: r44788 - in head/share: misc xml Message-ID: <20140507220208.GI69199@hub.FreeBSD.org> References: <201405071857.s47Ive7e028918@svn.freebsd.org> <536AAA54.5000104@FreeBSD.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="gTY1JhLGodeuSBqf" Content-Disposition: inline In-Reply-To: <536AAA54.5000104@FreeBSD.org> X-Operating-System: FreeBSD 11.0-CURRENT amd64 X-SCUD-Definition: Sudden Completely Unexpected Dataloss X-SULE-Definition: Sudden Unexpected Learning Event User-Agent: Mutt/1.5.23 (2014-03-12) Cc: svn-doc-head@freebsd.org, svn-doc-all@freebsd.org, doc-committers@freebsd.org X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 May 2014 22:02:12 -0000 --gTY1JhLGodeuSBqf Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, May 07, 2014 at 11:49:08PM +0200, Gabor Kovesdan wrote: > On 2014.05.07. 20:57, Glen Barber wrote: > >Author: gjb > >Date: Wed May 7 18:57:40 2014 > >New Revision: 44788 > >URL:http://svnweb.freebsd.org/changeset/doc/44788 > > > >Log: > > Add a few elements to the db.common.attributes definition: > > - vendorurl > > - sponsor > > - sponsorurl > > - contrib > > > > This will allow attribution for sponsored or contributed > > work on FreeBSD in the release notes. >=20 > I don't think this is a good solution. We should first check what elements > are available and evaluate if they are appropriate for such use. Please > revert it for now until it is discussed. >=20 I'm happy to discuss this if you feel this is not an appropriate solution, but reverting this change would also require reverting several commits in src/, which I would prefer not to do unless it is absolutely necessary. Glen --gTY1JhLGodeuSBqf Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) iQIcBAEBCAAGBQJTaq1gAAoJELls3eqvi17QAokP/ApozpstT2s6+r6gCmT1nOZ0 sWV2sh/D0htYQ2F5DPUyl16Sl8N7T2skP9NT9dNDB7McSg+A6sm33H2m+KtIY973 j6Pm5gdGp8w5JIoGGE72KVC3YTiFSe6WYI/JXiePzOuuURoNptVc5T9MGA2Cn3WJ v7FCEuSo/1/K/gwhsxLxSnoMDXSs37Epk4xDlsZX1nQtHJoUnUWYrvpD07Xof9ep K12S0p6p+6YPHLNdhW1Czg4gfUf1thDZjAA7DI2LnLIPNvG8fEQbOYYiWqCwYrFn 4NbjoYFcBy0efihZV4agspA02IAtW6xXLlMsjVEFWx3Ex9b/1nHIz5jIIjDjyQkD 6iZALO/2U61R2k3UjlAp9sa+HChMFgQbZrNbvbg39sMw6+bFbxwL5kNG4hweHEFy XHVTSeG2rBcMZ0qilStr30uHNUB11jzao9G9HvcLYeKX623xX3yYBF1fNhjlqdXj pnEYhkUabjxNXFmELNtgMx7F7c7435YwNjlREAFxScogoAVeTP+H4TLnTg7KGiZ1 YSt25KxPdpRzt1NU+OiEZUnVRkLYXhcH8sTeCD4PUCISFzgFPrxNy9KRabR55A4/ 91FxfXnCCRddyrKYUkB6lcaaVzb12VXdZ8WaUpSIXKSJtr4pF2VUCikbVpIeRve+ fhTciVMBOKxbRr0UzgMq =zykr -----END PGP SIGNATURE----- --gTY1JhLGodeuSBqf-- From owner-svn-doc-all@FreeBSD.ORG Thu May 8 05:35:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 23E841C9; Thu, 8 May 2014 05:35:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 11866CDC; Thu, 8 May 2014 05:35:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s485ZfF6011382; Thu, 8 May 2014 05:35:41 GMT (envelope-from peter@svn.freebsd.org) Received: (from peter@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s485Zfri011381; Thu, 8 May 2014 05:35:41 GMT (envelope-from peter@svn.freebsd.org) Message-Id: <201405080535.s485Zfri011381@svn.freebsd.org> From: Peter Wemm Date: Thu, 8 May 2014 05:35:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44791 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 May 2014 05:35:42 -0000 Author: peter (src committer) Date: Thu May 8 05:35:41 2014 New Revision: 44791 URL: http://svnweb.freebsd.org/changeset/doc/44791 Log: Generate new key - mostly because the old one is aged and weak. Modified: head/share/pgpkeys/peter.key Modified: head/share/pgpkeys/peter.key ============================================================================== --- head/share/pgpkeys/peter.key Wed May 7 20:37:48 2014 (r44790) +++ head/share/pgpkeys/peter.key Thu May 8 05:35:41 2014 (r44791) @@ -1,113 +1,54 @@ - Key fingerprint = 622B 2282 E92B 3BAB 57D1 A417 1512 AE52 7277 717F -uid Peter Wemm -sub 1024g/8B40D9D1 2003-12-14 -pub 1024R/D89CE319 1995-04-02 Peter Wemm - Key fingerprint = 47 05 04 CA 4C EE F8 93 F6 DB 02 92 6D F5 58 8A -uid Peter Wemm -uid Peter Wemm +pub 2048R/35D69709EC809E04 2014-05-08 [expires: 2024-05-05] + Key fingerprint = 060A C0D1 5AFF BDF3 55B8 FA14 35D6 9709 EC80 9E04 +uid Peter Wemm +uid Peter Wemm +sub 2048R/B5D591B339B03C75 2014-05-08 [expires: 2024-05-05] + ]]> From owner-svn-doc-all@FreeBSD.ORG Thu May 8 10:46:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 80094F01; Thu, 8 May 2014 10:46:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6D05FCA9; Thu, 8 May 2014 10:46:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s48AkNfK046277; Thu, 8 May 2014 10:46:23 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s48AkNbt046276; Thu, 8 May 2014 10:46:23 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405081046.s48AkNbt046276@svn.freebsd.org> From: Ryusuke SUZUKI Date: Thu, 8 May 2014 10:46:23 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44792 - head/ja_JP.eucJP/books/handbook/kernelconfig X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Thu, 08 May 2014 11:32:30 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 May 2014 10:46:23 -0000 Author: ryusuke Date: Thu May 8 10:46:22 2014 New Revision: 44792 URL: http://svnweb.freebsd.org/changeset/doc/44792 Log: o Refine Translation. o Rewrap line. o Correct typo. o Whitespace cleanup. Modified: head/ja_JP.eucJP/books/handbook/kernelconfig/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/kernelconfig/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/kernelconfig/chapter.xml Thu May 8 05:35:41 2014 (r44791) +++ head/ja_JP.eucJP/books/handbook/kernelconfig/chapter.xml Thu May 8 10:46:22 2014 (r44792) @@ -23,7 +23,7 @@ ---> + --> FreeBSD カーネルのコンフィグレーション @@ -41,7 +41,7 @@ カーネルは &os; オペレーティングシステムの中核をなすものです。 カーネルは、メモリ管理、セキュリティ制御の強制、ネットワーク、 ディスクアクセスなどを担っています。 - &os; は動的に構成することができるようになっていますが、 + &os; の大部分は動的に構成することができるようになっていますが、 まだ、時にはカスタムカーネルを設定してコンパイルする必要があります。 この章では、以下のことを扱っています。 @@ -89,15 +89,17 @@ 今日では、&os; カーネルのかなりの機能はモジュールに含まれるようになり、 必要に応じて動的にカーネルに組み込んだり外したりできるようになりました。 - この移行により、動いているカーネルが新しいハードウェアに迅速に対応したり、 + この移行により、 + 動作しているカーネルが新しいハードウェアに迅速に対応したり、 カーネルに新たな機能を取り入れられるようになります。 - このようなカーネルは、モジュラ (modular) - カーネルと呼ばれます。 + このようなカーネルは、モジュラ (modular) カーネルと呼ばれます。 - しかしながら、いまだにいくらかは静的にカーネルを構成する必要があります。 + しかしながら、 + いまだにいくらかは静的にカーネルを構成する必要があります。 機能がカーネルとあまりに密接に結びついているため、 動的に組み込むことができない場合があるためです。 - セキュリティ的に、カーネルモジュールを読み込んだり外すことができず、 + 環境によっては、セキュリティの観点から、 + カーネルモジュールを読み込んだり外すことができず、 必要となる機能を静的にカーネルにコンパイルしなければならない場合もあります。 システムに合わせたカーネルを構築することは、多くの場合、 @@ -106,7 +108,7 @@ システムに利益をもたらします。 広範囲のハードウェアをサポートしなければならない GENERIC カーネルとは異なり、カスタムカーネルは、 - 使用しているコンピュータのハードウェアのみをポートするように、 + 使用しているコンピュータのハードウェアのみをサポートするように、 必要のない機能を省くことができます。これは、 次にあげるような利益をもたらします。 @@ -160,7 +162,8 @@ following line in &man.loader.conf.5;: if_ath_load="YES" を追加すると、 起動時にモジュールが読み込まれるようになります。 - 対応するモジュールが /boot/kernel に存在しないこともあります。 + 対応するモジュールが /boot/kernel + に存在しないこともあります。 特定のサブシステムでは、ほとんど多くの場合存在しません。 @@ -175,7 +178,7 @@ following line in &man.loader.conf.5;: ---> + --> システムのハードウェアについて知る カーネルコンフィグレーションファイルの編集を始める前に、 @@ -192,7 +195,6 @@ following line in &man.loader.conf.5;: システム アイコンを使って、 デバイスマネージャ にアクセスできます。 - インストールされているオペレーティングシステムが &os; @@ -259,30 +261,35 @@ ath_hal(4) - Atheros Hardw --> コンフィグレーションファイル - カスタムカーネルのコンフィグレーションファイルを作成し、 - カスタムカーネルを構築するのであれば、 + カスタムカーネルのコンフィグレーションファイルを作成し、 + カスタムカーネルを構築するには、 &os; の全ソースツリーがまずインストールされている必要があります。 - もし、/usr/src/ + もし /usr/src/ が存在していなかったり、空であれば、 カーネルのソースはインストールされていません。 で説明した Subversion - を使ってソースをインストールできます。 + を使ってソースをインストールしてください。 ソースをインストールしたら、 /usr/src/sys を確認して下さい。 - このディレクトリには、サブディレクトリがいくつもあります。 - その中には、サポートされている各アーキテクチャである、amd64, i386, ia64, pc98, powerpc および sparc64 のサブディレクトリがあります。 + このディレクトリには、いくつものサブディレクトリがあります。 + その中には、サポートされている各アーキテクチャ + amd64, + i386, ia64, + pc98, powerpc および + sparc64 のサブディレクトリがあります。 各アーキテクチャのディレクトリ内部にあるファイルはすべてそのアーキテクチャでのみ使用されます。 残りのコードは、アーキテクチャに依存しない、 すべてのプラットフォームで共有されるコードです。 - サポートされている各アーキテクチャには、conf サブディレクトリがあり、 + サポートされている各アーキテクチャには、 + conf サブディレクトリがあり、 そのアーキテクチャ用の GENERIC カーネルコンフィグレーションファイルが用意されています。 この GENERIC は編集しないでください。 - このファイルを別名でコピーし、コピーを編集してください。 + かわりに、このファイルを別名でコピーし、コピーを編集してください。 慣習として、この名前はすべて大文字でつづられます。もし、 いくつかの異なるハードウェアの &os; マシンを扱うなら、 この名前にホスト名を含めるとよいでしょう。ここでは、例として @@ -330,7 +337,7 @@ ath_hal(4) - Atheros Hardw カーネルにサポートを残したままにしてください。 - このファイルで与えられる説明の他に、 + このファイルで与えられる説明の他に、 そのアーキテクチャの GENERIC と同じディレクトリにある NOTES にも説明があります。 @@ -342,7 +349,7 @@ ath_hal(4) - Atheros Hardw ファイルのバックアップを /usr/src 以外の場所に保存してください。 - もしくは、カーネルコンフィグレーションファイルは他の場所において、 + または、カーネルコンフィグレーションファイルは他の場所において、 シンボリックリンクを張る方法もあります。 &prompt.root; cd /usr/src/sys/amd64/conf @@ -354,10 +361,10 @@ ath_hal(4) - Atheros Hardw コンフィグレーションファイルでは include ディレクティブを利用できます。 コンフィグレーションファイルに他のファイルを取り込むことができるので、 - すでに存在するファイルに対する小さな変更を簡単に維持できます。 + すでに存在するファイルに対する小さな変更の管理が簡単にできます。 オプションやドライバの追加が少しだけの場合には、 以下の例のように GENERIC - からの差分だけの管理が可能になります。 + からの差分による管理が可能になります。 include GENERIC ident MYKERNEL @@ -365,8 +372,7 @@ ident MYKERNEL options IPFIREWALL options DUMMYNET options IPFIREWALL_DEFAULT_TO_ACCEPT -options IPDIVERT - +options IPDIVERT この方法では、ローカルのコンフィグレーションファイルには、 ローカルにある GENERIC @@ -1205,7 +1211,7 @@ device fwe # Ethernet カスタムカーネルの構築とインストール - 編集したカスタムコンフィグレーションファイルを保存したら、 + カスタムコンフィグレーションファイルを編集して保存したら、 カーネルのソースコードを以下の手順でコンパイルしてください。 @@ -1228,11 +1234,11 @@ device fwe # Ethernet - 指定したカーネルコンフィグレーションファイルで作成された新しいカーネルをインストールします。 - 以下のコマンドは、新しいカーネルを - /boot/kernel/kernel に、 - 今までのカーネルを /boot/kernel.old/kernel - という名前で保存します。 + 指定したカーネルコンフィグレーションファイルでコンパイルされた新しいカーネルをインストールします。 + 以下のコマンドは、新しいカーネルを + /boot/kernel/kernel に、 + 今までのカーネルを /boot/kernel.old/kernel + という名前で保存します。 &prompt.root; make installkernel KERNCONF=MYKERNEL @@ -1259,8 +1265,7 @@ device fwe # Ethernet MODULES_OVERRIDE = linux acpi - また、以下の変数は、 - 構築を行わないトップレベルのモジュールを指定します。 + また、以下の変数は、構築を行わないモジュールを指定します。 WITHOUT_MODULES = linux acpi sound @@ -1274,7 +1279,7 @@ device fwe # Ethernet 問題が起きた場合には - カスタムカーネルを作る場合に起きるトラブルは、 + カスタムカーネルを作る際に起こりうるトラブルは、 次の 4 種類に分けられます。 @@ -1301,10 +1306,10 @@ device fwe # Ethernet 通常、カーネルコンフィグレーションファイルにおいて、 config がとらえられなかったような間違いをしています。 - コンフィグレーションファイルを見直してください。 - それでも問題を解決することができなければ、 - &a.questions; - へカーネルコンフィグレーションファイルをつけてメールしてください。 + コンフィグレーションファイルを見直してください。 + それでも問題を解決することができなければ、 + &a.questions; + へカーネルコンフィグレーションファイルを添付して送ってください。 @@ -1329,7 +1334,7 @@ device fwe # Ethernet 再び構築を試みてください。 /var/log/messages にはすべての成功した起動時のカーネルメッセージの記録があり、 - これは助けになる情報の一つでしょう。また、 + これは問題を解決するための助けになる情報の一つでしょう。また、 &man.dmesg.8; は現在の起動時のカーネルメッセージを出力します。 @@ -1363,7 +1368,7 @@ device fwe # Ethernet 修正するには、カーネルと同じバージョンのソースツリーで world を再構築し、インストール してください。 - これは、カーネルとそれ以外で異なるバージョンを組み合わせてオペレーティングシステムを使用することは推奨されていません。 + カーネルとそれ以外で異なるバージョンを組み合わせてオペレーティングシステムを使用することは推奨されていません。 From owner-svn-doc-all@FreeBSD.ORG Thu May 8 16:09:19 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5A9B4E5E; Thu, 8 May 2014 16:09:19 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4670B1F8; Thu, 8 May 2014 16:09:19 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s48G9J7t007476; Thu, 8 May 2014 16:09:19 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s48G9IfU007455; Thu, 8 May 2014 16:09:18 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405081609.s48G9IfU007455@svn.freebsd.org> From: Dru Lavigne Date: Thu, 8 May 2014 16:09:18 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44793 - in head: en_US.ISO8859-1/books/handbook/serialcomms share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 May 2014 16:09:19 -0000 Author: dru Date: Thu May 8 16:09:18 2014 New Revision: 44793 URL: http://svnweb.freebsd.org/changeset/doc/44793 Log: Editorial review and updating of Serial Console chapter. Still need to review Tips section (next commit). Update addresses PRs 101271 and 169544. Add entity for boot.config(5). Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml head/share/xml/man-refs.ent Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Thu May 8 10:46:22 2014 (r44792) +++ head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Thu May 8 16:09:18 2014 (r44793) @@ -1739,25 +1739,28 @@ raisechar=^^ - - Setting Up the Serial Console + serial console @@ -1781,10 +1784,13 @@ raisechar=^^ Quick Serial Console Configuration - This section assumes the default setup and provides a fast - overview of setting up the serial console. + This section provides a fast overview of setting up the + serial console. This procedure can be used when the dumb + terminal is connected to COM1. + Configuring a Serial Console on + <filename>COM1</filename> Connect the serial cable to @@ -1793,7 +1799,7 @@ raisechar=^^ - To see all the boot messages on the serial console, + To configure boot messages to display on the serial console, issue the following command as the superuser: &prompt.root; echo 'console="comconsole"' >> /boot/loader.conf @@ -1822,7 +1828,12 @@ raisechar=^^ In-Depth Serial Console Configuration + This section provides a more detailed explanation of the + steps needed to setup a serial console in &os;. + + Configuring a Serial Console + Prepare a serial cable. @@ -1837,7 +1848,7 @@ raisechar=^^ Unplug the keyboard. - Many PC systems probe for the keyboard during the + Many systems probe for the keyboard during the Power-On Self-Test (POST) and will generate an error if the keyboard is not detected. Some machines will refuse to boot until the keyboard is plugged @@ -1847,114 +1858,42 @@ raisechar=^^ anyway, no further configuration is needed. If the computer refuses to boot without a keyboard - attached, the BIOS needs to be configured so that it - ignores this error (if it can). Consult the motherboard's + attached, configure the BIOS so that it + ignores this error. Consult the motherboard's manual for details on how to do this. Try setting the keyboard to Not - installed in the BIOS. The keyboard can still - be used as this setting just tells the BIOS not to probe - for a keyboard at power-on. The BIOS should not - complain if the keyboard is absent. You can leave the - keyboard plugged in even with this flag set to - Not installed and the keyboard will still - work. If the above option is not present in the BIOS, + installed in the BIOS. This + setting tells the BIOS not to probe + for a keyboard at power-on so it should not + complain if the keyboard is absent. If that option is not present in the BIOS, look for an Halt on Error option instead. - Setting this to All but Keyboard or even - to No Errors, will have the same + Setting this to All but Keyboard or + to No Errors will have the same effect. - - If the system has a &ps2; mouse, chances are good - that both the mouse and keyboard need to be unplugged. - This is because &ps2; mice share some hardware with the + If the system has a &ps2; mouse, unplug it as well. + &ps2; mice share some hardware with the keyboard and leaving the mouse plugged in can fool the keyboard probe into thinking the keyboard is still there. - - Plug a dumb terminal into - COM1 - (sio0). - - If a dumb terminal is not available, use an old + Plug a dumb terminal, an old computer with a modem program, or the serial port on - another &unix; box. If there is no - COM1 - (sio0), get one. At this time, - there is no way to select a port other than - COM1 for the boot blocks without - recompiling the boot blocks. If - COM1 is being used by another - device, temporarily remove that device and install a new - boot block and kernel once &os; is up and running. + another &unix; box into the serial port. - Make sure the configuration file of the custom kernel - has appropriate flags set for - COM1 - (sio0). - - Relevant flags are: - - - - 0x10 - - - Enables console support for this unit. The - other console flags are ignored unless this is set. - Currently, at most one unit can have console - support. The first one, in config file order, with - this flag set is preferred. This option alone will - not make the serial port the console. Set the - following flag or use as - described below, together with this flag. - - - - - 0x20 - - - Forces this unit to be the console, unless there - is another higher priority console, regardless of - as discussed below. The flag - 0x20 must be used together with - the flag. - - - - - 0x40 - - - Reserves this unit (in conjunction with - 0x10) and makes the unit - unavailable for normal access. This flag should - not be set to the serial port to use as the serial - console. The only use of this flag is to designate - the unit for kernel remote debugging. See The - Developer's Handbook for more information on - remote debugging. - - - - - Here is an example setting: - - device sio0 flags 0x10 - - Refer to &man.sio.4; for more details. - - If the flags were not set, run UserConfig on a - different console or recompile the kernel. + Add the appropriate hint.sio.* + entries to /boot/device.hints for the + serial port. Some multi-port cards also require kernel + configuration options. Refer to &man.sio.4; for the + required options and device hints for each supported + serial port. @@ -2024,18 +1963,16 @@ raisechar=^^ not be detected. Keyboards on some laptops may not be properly found because of this limitation. If this is the case, do not use - . Unfortunately there is no - workaround for this problem. + . Use either to select the - console automatically, or to - activate the serial console. - - Other options are described in &man.boot.8;. + console automatically or to + activate the serial console. Refer to &man.boot.8; and &man.boot.config.5; for more + details. The options, except for , are passed to the boot loader. The boot loader will @@ -2065,7 +2002,7 @@ Keyboard: no presence or absence of the keyboard. These messages go to either the serial or internal console, or both, depending on the option in - /boot.config. + /boot.config: @@ -2149,133 +2086,6 @@ boot: information. - - Summary - - The following tables provide a summary of the various - settings discussed in this section. - -
              - Case 1: Set the Flags to 0x10 for - <filename>sio0</filename> - - - - - Options in /boot.config - Console during boot blocks - Console during boot loader - Console in kernel - - - - - - nothing - internal - internal - internal - - - - - serial - serial - serial - - - - - serial and internal - internal - internal - - - - - serial and internal - serial - serial - - - - , keyboard present - internal - internal - internal - - - - , keyboard absent - serial and internal - serial - serial - - - -
              - - - Case 2: Set the Flags to 0x30 for - <filename>sio0</filename> - - - - - Options in /boot.config - Console during boot blocks - Console during boot loader - Console in kernel - - - - - - nothing - internal - internal - serial - - - - - serial - serial - serial - - - - - serial and internal - internal - serial - - - - - serial and internal - serial - serial - - - - , keyboard present - internal - internal - serial - - - - , keyboard absent - serial and internal - serial - serial - - - -
              -               - Tips for the Serial Console @@ -2290,9 +2100,7 @@ boot: Recompile the boot blocks with BOOT_COMCONSOLE_SPEED set to the new - console speed. See - for detailed instructions about building and installing - new boot blocks. + console speed. If the serial console is configured in some other way than by booting with , or if the @@ -2330,69 +2138,6 @@ console="comconsole,vidconsole" - - Using a Serial Port Other Than - <filename>sio0</filename> for the Console - - Using a port other than sio0 as - the console requires the boot blocks, the boot loader, and - the kernel to be recompiled as follows. - - - - Get the kernel source as described in . - - - - Edit /etc/make.conf and set - BOOT_COMCONSOLE_PORT to the address - of the port to use: 0x3F8, 0x2F8, 0x3E8 or 0x2E8. Only - sio0 through - sio3 - (COM1 through - COM4) can be used as multiport - serial cards will not work. No interrupt setting is - needed. - - - - Create a custom kernel configuration file and add - appropriate flags for the serial port to use. For - example, to make sio1 - (COM2) the console: - - device sio1 flags 0x10 - - or - - device sio1 flags 0x30 - - The console flags for the other serial ports should - not be set. - - - - Recompile and install the boot blocks and the boot - loader: - - &prompt.root; cd /sys/boot -&prompt.root; make clean -&prompt.root; make -&prompt.root; make install - - - - Rebuild and install the kernel. - - - - Write the boot blocks to the boot disk with - &man.bsdlabel.8; and boot from the new kernel. - - - - Entering the DDB Debugger from the Serial Line @@ -2444,27 +2189,14 @@ ttyu3 "/usr/libexec/getty std.9600" unkn Changing Console from the Boot Loader - Previous sections described how to set up the serial - console by tweaking the boot block. This section shows how to - specify the console by entering some commands and - environment variables in the boot loader. As the boot loader - is invoked at the third stage of the boot process, the - settings in the boot loader will override the settings in the - boot block. - - - Setting Up the Serial Console - - The boot loader and the kernel to use the serial console - can be specified by writing one line in - /boot/loader.conf: + This line in /boot/loader.conf + configures the boot loader and the kernel to use the serial + console: console="comconsole" This will take effect regardless of the settings in the - boot block discussed in the previous section. - - This line should be the first line of + boot block discussed in the previous section. This line should be the first line of /boot/loader.conf so as to see boot messages on the serial console as early as possible. @@ -2490,17 +2222,6 @@ ttyu3 "/usr/libexec/getty std.9600" unkn console and the serial console based on the presence of the keyboard. - - - - Using a Serial Port Other Than - <filename>sio0</filename> for the Console - - The boot loader needs to be compiled in order to use a - serial port other than sio0 for the - serial console. Follow the procedure described in . - Modified: head/share/xml/man-refs.ent ============================================================================== --- head/share/xml/man-refs.ent Thu May 8 10:46:22 2014 (r44792) +++ head/share/xml/man-refs.ent Thu May 8 16:09:18 2014 (r44793) @@ -3992,6 +3992,7 @@ audit_warn5"> auth.conf5"> bluetooth.conf5"> +boot.config5"> bootparams5"> bootptab5"> cached.conf5"> From owner-svn-doc-all@FreeBSD.ORG Thu May 8 19:40:48 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C0092E85; Thu, 8 May 2014 19:40:48 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A0B4EB07; Thu, 8 May 2014 19:40:48 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s48JemfF042704; Thu, 8 May 2014 19:40:48 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s48Jem7K042703; Thu, 8 May 2014 19:40:48 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405081940.s48Jem7K042703@svn.freebsd.org> From: Dru Lavigne Date: Thu, 8 May 2014 19:40:48 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44794 - head/en_US.ISO8859-1/books/handbook/serialcomms X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 May 2014 19:40:48 -0000 Author: dru Date: Thu May 8 19:40:48 2014 New Revision: 44794 URL: http://svnweb.freebsd.org/changeset/doc/44794 Log: Finish editorial review of Serial Console section. Some reshuffling to avoid redundancy. Should undergo a tech review to make sure all the details are correct and updated for the supported versions of FreeBSD. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Thu May 8 16:09:18 2014 (r44793) +++ head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Thu May 8 19:40:48 2014 (r44794) @@ -1879,6 +1879,19 @@ raisechar=^^ keyboard and leaving the mouse plugged in can fool the keyboard probe into thinking the keyboard is still there. + + + While most systems will boot without a keyboard, quite a + few will not boot without a graphics adapter. Some systems + can be configured to boot with no graphics adapter + by changing the graphics adapter + setting in the BIOS configuration to Not + installed. Other systems do not support this option and will + refuse to boot if there is no display hardware in the system. + With these machines, leave some kind of graphics card plugged + in, even if it is just a junky mono board. A monitor does not + need to be attached. + @@ -2082,164 +2095,108 @@ boot: During the third stage of the boot process, one can still switch between the internal console and the serial console by setting appropriate environment variables in the boot loader. - See for more + See &man.loader.8; for more information. - - - Tips for the Serial Console + + This line in /boot/loader.conf or + /boot/loader.conf.local + configures the boot loader and the kernel to send their boot messages to the serial + console, regardless of the options in /boot.config: + + console="comconsole" - + That line should be the first line of + /boot/loader.conf so that boot + messages are displayed on the serial console as early as possible. + + If that line does not exist, or if it is set to + console="vidconsole", the boot loader and + the kernel will use whichever console is + indicated by in the boot block. See + &man.loader.conf.5; for more information. + + At the moment, the boot loader has no option + equivalent to in the boot block, and + there is no provision to automatically select the internal + console and the serial console based on the presence of + the keyboard. + + + + While it is not required, it is possible to provide a + login prompt over the serial line. To + configure this, edit the entry for the serial port in + /etc/ttys using the instructions in + . If the speed of the serial port has been + changed, change std.9600 to match the + new setting. + + + + Setting a Faster Serial Port Speed By default, the serial port settings are 9600 baud, 8 bits, no parity, and 1 stop bit. To change the default - console speed, the following options are available: + console speed, use one of the following options: - Recompile the boot blocks with - BOOT_COMCONSOLE_SPEED set to the new - console speed. + Edit /etc/make.conf and set + BOOT_COMCONSOLE_SPEED to the new + console speed. Then, recompile and install the boot + blocks and the boot loader: + + &prompt.root; cd /sys/boot +&prompt.root; make clean +&prompt.root; make +&prompt.root; make install If the serial console is configured in some other way than by booting with , or if the serial console used by the kernel is different from the - one used by the boot blocks, add the following option + one used by the boot blocks, add the following option, with the desired speed, to a custom kernel configuration file and compile a new kernel: - options CONSPEED=19200 + options CONSPEED=19200 - Add the boot option to - /boot.config. See &man.boot.8; for - a description of how to add options to - /boot.config and a list of the - supported options. + Add the boot option to + /boot.config, replacing + 19200 with the speed to use. - Enable comconsole_speed in - /boot/loader.conf. This option - depends on console, - boot_serial, and - boot_multicons being set in - /boot/loader.conf too. An example - of using comconsole_speed to change - the serial console speed is: + Add the following options to + /boot/loader.conf. Replace + 115200 with the speed to + use. boot_multicons="YES" boot_serial="YES" -comconsole_speed="115200" +comconsole_speed="115200" console="comconsole,vidconsole" - + - + Entering the DDB Debugger from the Serial Line - To drop into the kernel debugger from the serial - console, compile a custom kernel with the following options. + To configure the ability to drop into the kernel debugger from the serial + console, add the following options to a custom kernel + configuration file and compile the kernel using the + instructions in . Note that while this is useful for remote diagnostics, it is also dangerous if a spurious BREAK is generated on the - serial port. + serial port. Refer to &man.ddb.4; and &man.ddb.8; for more + information about the kernel debugger. options BREAK_TO_DEBUGGER options DDB - - - - Getting a Login Prompt on the Serial Console - - While this is not required, it is possible to get a - login prompt over the serial line. - First, make sure that the boot messages are displayed and it - is possible to enter the kernel debugging session through - the serial console. - - Open /etc/ttys with a text editor - and locate the lines: - - ttyu0 "/usr/libexec/getty std.9600" unknown off secure -ttyu1 "/usr/libexec/getty std.9600" unknown off secure -ttyu2 "/usr/libexec/getty std.9600" unknown off secure -ttyu3 "/usr/libexec/getty std.9600" unknown off secure - - ttyu0 through - ttyu3 correspond to - COM1 through - COM4. Change - off to on for the - desired port. If the speed of the serial port has been - changed, change std.9600 to match the - new setting. - - The terminal type can also be changed from - unknown to the actual type of the serial - terminal. - - After editing the file, type kill -HUP - 1 to make this change take effect. - - - - - Changing Console from the Boot Loader - - This line in /boot/loader.conf - configures the boot loader and the kernel to use the serial - console: - - console="comconsole" - - This will take effect regardless of the settings in the - boot block discussed in the previous section. This line should be the first line of - /boot/loader.conf so as to see boot - messages on the serial console as early as possible. - - Likewise, to specify the internal console: - - console="vidconsole" - - If the boot loader environment variable - console is not set, the boot loader, and - subsequently the kernel, will use whichever console is - indicated by in the boot block. - - The console can be specified in - /boot/loader.conf.local or in - /boot/loader.conf. - - See &man.loader.conf.5; for more information. - - - At the moment, the boot loader has no option - equivalent to in the boot block, and - there is no provision to automatically select the internal - console and the serial console based on the presence of - the keyboard. - - - - - Caveats - - While most systems will boot without a keyboard, quite a - few will not boot without a graphics adapter. Machines with - AMI BIOSes can be configured to boot with no graphics adapter - installed by changing the graphics adapter - setting in the CMOS configuration to Not - installed. - - However, many machines do not support this option and will - refuse to boot if there is no display hardware in the system. - With these machines, leave some kind of graphics card plugged - in, even if it is just a junky mono board. A monitor does not - need to be attached. One might also try installing an AMI - BIOS. - + From owner-svn-doc-all@FreeBSD.ORG Thu May 8 20:30:44 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CC9C271F; Thu, 8 May 2014 20:30:44 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9E9816F; Thu, 8 May 2014 20:30:44 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s48KUir1082604; Thu, 8 May 2014 20:30:44 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s48KUic8082602; Thu, 8 May 2014 20:30:44 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405082030.s48KUic8082602@svn.freebsd.org> From: Dru Lavigne Date: Thu, 8 May 2014 20:30:44 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44795 - head/en_US.ISO8859-1/books/handbook/serialcomms X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 May 2014 20:30:45 -0000 Author: dru Date: Thu May 8 20:30:44 2014 New Revision: 44795 URL: http://svnweb.freebsd.org/changeset/doc/44795 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Thu May 8 19:40:48 2014 (r44794) +++ head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Thu May 8 20:30:44 2014 (r44795) @@ -1799,8 +1799,9 @@ raisechar=^^ - To configure boot messages to display on the serial console, - issue the following command as the superuser: + To configure boot messages to display on the serial + console, issue the following command as the + superuser: &prompt.root; echo 'console="comconsole"' >> /boot/loader.conf @@ -1859,45 +1860,45 @@ raisechar=^^ If the computer refuses to boot without a keyboard attached, configure the BIOS so that it - ignores this error. Consult the motherboard's - manual for details on how to do this. + ignores this error. Consult the motherboard's manual for + details on how to do this. Try setting the keyboard to Not - installed in the BIOS. This - setting tells the BIOS not to probe - for a keyboard at power-on so it should not - complain if the keyboard is absent. If that option is not present in the BIOS, - look for an Halt on Error option instead. - Setting this to All but Keyboard or - to No Errors will have the same - effect. + installed in the BIOS. + This setting tells the BIOS not to + probe for a keyboard at power-on so it should not + complain if the keyboard is absent. If that option is + not present in the BIOS, look for an + Halt on Error option instead. Setting + this to All but Keyboard or to No + Errors will have the same effect. - If the system has a &ps2; mouse, unplug it as well. - &ps2; mice share some hardware with the - keyboard and leaving the mouse plugged in can fool the - keyboard probe into thinking the keyboard is still - there. - - - While most systems will boot without a keyboard, quite a - few will not boot without a graphics adapter. Some systems - can be configured to boot with no graphics adapter - by changing the graphics adapter - setting in the BIOS configuration to Not - installed. Other systems do not support this option and will - refuse to boot if there is no display hardware in the system. - With these machines, leave some kind of graphics card plugged - in, even if it is just a junky mono board. A monitor does not - need to be attached. + If the system has a &ps2; mouse, unplug it as well. + &ps2; mice share some hardware with the keyboard and + leaving the mouse plugged in can fool the keyboard probe + into thinking the keyboard is still there. + + + While most systems will boot without a keyboard, + quite a few will not boot without a graphics adapter. + Some systems can be configured to boot with no graphics + adapter by changing the graphics adapter + setting in the BIOS configuration to + Not installed. Other systems do not + support this option and will refuse to boot if there is + no display hardware in the system. With these machines, + leave some kind of graphics card plugged in, even if it + is just a junky mono board. A monitor does not need to + be attached. - Plug a dumb terminal, an old - computer with a modem program, or the serial port on - another &unix; box into the serial port. + Plug a dumb terminal, an old computer with a modem + program, or the serial port on another &unix; box into the + serial port. @@ -1915,9 +1916,9 @@ raisechar=^^ boot drive. This file instructs the boot block code how to boot - the system. In order to activate the serial console, - one or more of the following options are needed. When - using multiple options, include them all on the same + the system. In order to activate the serial console, one + or more of the following options are needed. When using + multiple options, include them all on the same line: @@ -1969,35 +1970,33 @@ raisechar=^^ Due to space constraints in the current - version of the boot blocks, - is capable of detecting - extended keyboards only. Keyboards with less - than 101 keys and without F11 and F12 keys may - not be detected. Keyboards on some laptops - may not be properly found because of this - limitation. If this is the case, do not use + version of the boot blocks, is + capable of detecting extended keyboards only. + Keyboards with less than 101 keys and without F11 + and F12 keys may not be detected. Keyboards on + some laptops may not be properly found because of + this limitation. If this is the case, do not use . - Use either to select the - console automatically or to - activate the serial console. Refer to &man.boot.8; and &man.boot.config.5; for more - details. + Use either to select the console + automatically or to activate the + serial console. Refer to &man.boot.8; and + &man.boot.config.5; for more details. The options, except for , are passed to the boot loader. The boot loader will determine whether the internal video or the serial port should become the console by examining the state of . This means that if - is specified but - is not specified in - /boot.config, the serial port can - be used as the console only during the boot block as the - boot loader will use the internal video display as the - console. + is specified but + is not specified in /boot.config, the + serial port can be used as the console only during the + boot block as the boot loader will use the internal video + display as the console. @@ -2100,103 +2099,107 @@ boot: This line in /boot/loader.conf or - /boot/loader.conf.local - configures the boot loader and the kernel to send their boot messages to the serial - console, regardless of the options in /boot.config: + /boot/loader.conf.local configures the + boot loader and the kernel to send their boot messages to + the serial console, regardless of the options in + /boot.config: console="comconsole" That line should be the first line of - /boot/loader.conf so that boot - messages are displayed on the serial console as early as possible. + /boot/loader.conf so that boot messages + are displayed on the serial console as early as + possible. If that line does not exist, or if it is set to console="vidconsole", the boot loader and - the kernel will use whichever console is - indicated by in the boot block. See + the kernel will use whichever console is indicated by + in the boot block. See &man.loader.conf.5; for more information. - At the moment, the boot loader has no option - equivalent to in the boot block, and - there is no provision to automatically select the internal - console and the serial console based on the presence of - the keyboard. - + At the moment, the boot loader has no option + equivalent to in the boot block, and + there is no provision to automatically select the internal + console and the serial console based on the presence of the + keyboard. + While it is not required, it is possible to provide a login prompt over the serial line. To configure this, edit the entry for the serial port in /etc/ttys using the instructions in - . If the speed of the serial port has been - changed, change std.9600 to match the - new setting. + . If the speed of the serial + port has been changed, change std.9600 to + match the new setting. - - Setting a Faster Serial Port Speed + + Setting a Faster Serial Port Speed - By default, the serial port settings are 9600 baud, 8 - bits, no parity, and 1 stop bit. To change the default - console speed, use one of the following options: - - - - Edit /etc/make.conf and set - BOOT_COMCONSOLE_SPEED to the new - console speed. Then, recompile and install the boot - blocks and the boot loader: + By default, the serial port settings are 9600 baud, 8 + bits, no parity, and 1 stop bit. To change the default + console speed, use one of the following options: + + + + Edit /etc/make.conf and set + BOOT_COMCONSOLE_SPEED to the new + console speed. Then, recompile and install the boot + blocks and the boot loader: - &prompt.root; cd /sys/boot + &prompt.root; cd /sys/boot &prompt.root; make clean &prompt.root; make &prompt.root; make install - If the serial console is configured in some other - way than by booting with , or if the - serial console used by the kernel is different from the - one used by the boot blocks, add the following option, with the desired speed, - to a custom kernel configuration file and compile a - new kernel: - - options CONSPEED=19200 - - - - Add the boot option to - /boot.config, replacing - 19200 with the speed to use. - - - - Add the following options to - /boot/loader.conf. Replace - 115200 with the speed to - use. + If the serial console is configured in some other way + than by booting with , or if the serial + console used by the kernel is different from the one used + by the boot blocks, add the following option, with the + desired speed, to a custom kernel configuration file and + compile a new kernel: + + options CONSPEED=19200 + + + + Add the boot option to + /boot.config, replacing + 19200 with the speed to + use. + + + + Add the following options to + /boot/loader.conf. Replace + 115200 with the speed to + use. - boot_multicons="YES" + boot_multicons="YES" boot_serial="YES" comconsole_speed="115200" console="comconsole,vidconsole" - - - - - - Entering the DDB Debugger from the Serial Line - - To configure the ability to drop into the kernel debugger from the serial - console, add the following options to a custom kernel - configuration file and compile the kernel using the - instructions in . - Note that while this is useful for remote diagnostics, it is - also dangerous if a spurious BREAK is generated on the - serial port. Refer to &man.ddb.4; and &man.ddb.8; for more - information about the kernel debugger. + + + + + + Entering the DDB Debugger from the Serial Line - options BREAK_TO_DEBUGGER + To configure the ability to drop into the kernel debugger + from the serial console, add the following options to a custom + kernel configuration file and compile the kernel using the + instructions in . Note that + while this is useful for remote diagnostics, it is also + dangerous if a spurious BREAK is generated on the serial port. + Refer to &man.ddb.4; and &man.ddb.8; for more information + about the kernel debugger. + + options BREAK_TO_DEBUGGER options DDB - + From owner-svn-doc-all@FreeBSD.ORG Fri May 9 04:40:52 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 77E57509; Fri, 9 May 2014 04:40:52 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6516B14D; Fri, 9 May 2014 04:40:52 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s494eqQc096299; Fri, 9 May 2014 04:40:52 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s494eqnG096298; Fri, 9 May 2014 04:40:52 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201405090440.s494eqnG096298@svn.freebsd.org> From: Glen Barber Date: Fri, 9 May 2014 04:40:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44796 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 May 2014 04:40:52 -0000 Author: gjb Date: Fri May 9 04:40:51 2014 New Revision: 44796 URL: http://svnweb.freebsd.org/changeset/doc/44796 Log: Note that the code slush is in effect as of r265735. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Thu May 8 20:30:44 2014 (r44795) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Fri May 9 04:40:51 2014 (r44796) @@ -59,7 +59,7 @@ Code slush begins 9 May 2014 - - + 9 May 2014 Release Engineers announce that all further commits to the &local.branch.stable; branch will not require explicit approval, however new features should be avoided. From owner-svn-doc-all@FreeBSD.ORG Fri May 9 12:25:19 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 03147C60; Fri, 9 May 2014 12:25:19 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D85ABE2A; Fri, 9 May 2014 12:25:18 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s49CPIMv032957; Fri, 9 May 2014 12:25:18 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s49CPIAg032956; Fri, 9 May 2014 12:25:18 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405091225.s49CPIAg032956@svn.freebsd.org> From: Ryusuke SUZUKI Date: Fri, 9 May 2014 12:25:18 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44797 - head/ja_JP.eucJP/books/handbook/ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Fri, 09 May 2014 12:34:02 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 May 2014 12:25:19 -0000 Author: ryusuke Date: Fri May 9 12:25:18 2014 New Revision: 44797 URL: http://svnweb.freebsd.org/changeset/doc/44797 Log: Refine translation. Modified: head/ja_JP.eucJP/books/handbook/ports/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/ports/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/ports/chapter.xml Fri May 9 04:40:51 2014 (r44796) +++ head/ja_JP.eucJP/books/handbook/ports/chapter.xml Fri May 9 12:25:18 2014 (r44797) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43886 + Original revision: r44016 $FreeBSD$ --> @@ -1370,18 +1370,19 @@ The deinstallation will free 229 kB アップグレード - 時間が経つと、Ports Collection + ports のインストール後、時間が経過すると、Ports Collection で新しいバージョンのソフトウェアを利用できるようになります。 - この章では、アップグレードする必要のあるソフトウェアを判断したり、 - どのようにアップグレードするかについて説明します。 + この章では、 + どのようにしてアップグレードする必要のあるソフトウェアを判断するか、 + そしてアップグレードの方法について説明します。 インストールされている ports - に新しいバージョンが利用できるかを知るには、 - 最新の ports ツリーがインストールされているかを確認してください。 + の新しいバージョンを利用できるかどうかを知るには、まず、 + 最新の ports ツリーがインストールされていることを確認してください。 これには、手順の 5.1 もしくは 5.2 で書かれているアップデートのコマンドを使ってください。 - その後、以下のコマンドを実行して、現在利用可能なバージョンよりも古い - ports の一覧を得てください。 + その後、以下のコマンドを実行すると、現在利用可能なバージョンよりも古い + ports の一覧が表示されます。 &prompt.root; pkg_version -l "<" @@ -1389,7 +1390,7 @@ The deinstallation will free 229 kB アップグレードする前に /usr/ports/UPDATING を、ファイルの頭から、ports を最後にアップデートした日、 - もしくはシステムをインストールをした最も近い日まで目を通してください + もしくはシステムをインストールをした日に最も近い日まで目を通してください このファイルには port をアップグレードする際にユーザが遭遇するであろう問題や、 追加で必要な作業などが記述されています。 @@ -1413,7 +1414,7 @@ The deinstallation will free 229 kB ports-mgmt/portmaster package または port は、 &os; と共にインストールされているツールだけを使うので、 - インストールされている ports のアップグレードに推奨されるツールです。 + インストールされている ports のアップグレードに推奨されているツールです。 portmaster は、 他の ports に依存せずに、base システムのツールのみを使うように設計されています。 @@ -1431,22 +1432,22 @@ The deinstallation will free 229 kB Root ports: 他の port に依存せず、 - 他の port からも依存されません。 + 他の port からも依存されない ports。 - Trunk ports: 他の port に依存しませんが、 - 他の port から依存されています。 + Trunk ports: 他の port には依存しないが、 + 他の port から依存されている ports。 Branch ports: 他の port に依存し、 - 他の port からも依存されています。 + 他の port からも依存されている ports。 - Leaf ports: 他の port に依存しますが、 - 他の port からは依存されません。 + Leaf ports: 他の port に依存するが、 + 他の port からは依存されない ports。 @@ -1476,7 +1477,7 @@ The deinstallation will free 229 kB ===>>> 83 have new versions available 以下のコマンドを使うと、 - 古くなったすべての ports をアップデートします。 + 古くなった ports をすべてアップデートします。 &prompt.root; portmaster -a @@ -1506,8 +1507,8 @@ The deinstallation will free 229 kB Portmaster を使ってシステムに新しい ports をインストールしたり、 新しい port のコンパイルやインストール前に依存するすべての - port をアップグレードできます。この機能を使うには、 - Ports Collection の位置を指定してください。 + port をアップグレードできます。この機能を使う時には、 + Ports Collection の場所を指定してください。 &prompt.root; portmaster shells/bash From owner-svn-doc-all@FreeBSD.ORG Fri May 9 16:17:58 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B191FAF4; Fri, 9 May 2014 16:17:58 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 847E47A5; Fri, 9 May 2014 16:17:58 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s49GHwe6041409; Fri, 9 May 2014 16:17:58 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s49GHwYU041408; Fri, 9 May 2014 16:17:58 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405091617.s49GHwYU041408@svn.freebsd.org> From: Dru Lavigne Date: Fri, 9 May 2014 16:17:58 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44798 - head/en_US.ISO8859-1/books/handbook/mail X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 May 2014 16:17:58 -0000 Author: dru Date: Fri May 9 16:17:58 2014 New Revision: 44798 URL: http://svnweb.freebsd.org/changeset/doc/44798 Log: Rename Using Electronic Email to Mail Components. Format as a variable list, clean up the wording, and add references. Many more commits in this chapter to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mail/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Fri May 9 12:25:18 2014 (r44797) +++ head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Fri May 9 16:17:58 2014 (r44798) @@ -114,37 +114,11 @@ - Using Electronic Mail + Mail Components POP IMAP DNS - - There are five major parts involved in an email exchange: - the Mail User Agent - MUA>, the - Mail Transfer AgentMTA, DNS, a remote or local mailbox, and - the mail host. - - - The Mail User Agent - - This includes command line programs such as - mutt, - alpine, - elm, and - mail, GUI programs such - as balsa or - xfmail, and web mail programs - which can be accessed from a web browser. User programs pass - the email transactions to the local mail host, either - by a MTA, or by - delivering it over TCP. - - - - The Mail Transfer Agent - mail server daemons Sendmail @@ -161,180 +135,94 @@ mail server daemons Exim + + email + receiving + + MX record + mail host - &os; ships with Sendmail as the - default MTA, but it also supports numerous - other mail server daemons, including: - - + There are five major parts involved in an email exchange: + the Mail User Agent (MUA), the Mail Transfer + Agent (MTA), a mail host, a remote + or local mailbox, and DNS. This section provides an + overview of these components. + + + + Mail User Agent (MUA) - Exim; - + The Mail User Agent (MUA) is an + application which is used to compose, send, and receive + emails. This application can be a command line program, such as + the built-in mail utility or a third-party + application from the Ports Collection, such as + mutt, + alpine, or + elm. + Dozens of graphical programs are also available in the Ports Collection, including + Claws Mail, Evolution, and + Thunderbird. Some organizations provide a web mail program + which can be accessed through a web browser. More information + about installing and using a MUA on &os; can be + found in . + + + + Mail Transfer Agent (MTA) - Postfix; - + The Mail Transfer Agent (MTA) is + responsible for receiving incoming mail and delivering + outgoing mail. &os; ships with Sendmail as the + default MTA, but it also supports numerous + other mail server daemons, including Exim, + Postfix, and + qmail. + Sendmail configuration is described + in . If another + MTA is installed using the Ports + Collection, refer to its post-installation message for + &os;-specific configuration details and the application's + website for more general configuration instructions. + + + + Mail Host and Mailboxes - qmail. - - - - The MTA usually has two functions. It - is responsible for receiving incoming mail as well as - delivering outgoing mail. It is not - responsible for the collection of mail using protocols such as - POP or IMAP, nor does it - allow connecting to local mbox or Maildir - mailboxes. An additional daemon may be required for - these functions. - - - Older versions of Sendmail - contain serious security issues which may result in an - attacker gaining local or remote access to the system. - Run a current version to &os; to avoid these problems. - Optionally, install an alternative MTA - from the &os; Ports - Collection. - - - - - Email and DNS - - The Domain Name System (DNS) and its - daemon named play a large role in the - delivery of email. In order to deliver mail from one site to - another, the MTA will look up the remote - site in DNS to determine which host will - receive mail for the destination. This process also occurs - when mail is sent from a remote host to the - MTA. - - - MX record - - - DNS is responsible for mapping - hostnames to IP addresses, as well as for storing information - specific to mail delivery, known as Mail eXchanger - MX records. The MX - record specifies which host, or hosts, will receive mail for a - particular domain. If there is no MX - record for the hostname or domain, the mail will be delivered - directly to the host, provided there is an - A record pointing the hostname to the IP - address. - - To view the MX records for a domain, - specify the type of record using &man.host.1;, as seen in the - example below: - - &prompt.user; host -t mx FreeBSD.org -FreeBSD.org mail is handled by 10 mx1.FreeBSD.org - - - - Receiving Mail - - - email - receiving - - - Receiving mail for a domain is done by the mail host. - It will collect all mail sent to the domain and store it + The mail host is a server that is responsible for + delivering and receiving mail for a host or a network. The + mail host collects all mail sent to the domain and stores it either in the default mbox or the alternative Maildir format, depending on the configuration. Once mail has been stored, it may either be read locally using - a MUA, or remotely accessed and collected + a MUA or remotely accessed and collected using protocols such as POP or - IMAP. In order to read mail locally, + IMAP. If mail is read locally, a POP or IMAP server does not need to be installed. - - Accessing Remote Mailboxes Using <acronym>POP</acronym> - and <acronym>IMAP</acronym> - - POP - IMAP - To access mailboxes remotely, access to a + To access mailboxes remotely, a POP or IMAP server is - required. These protocols allow users to connect to their - mailboxes from remote locations. Though both - POP and IMAP allow - users to remotely access mailboxes, IMAP - offers many advantages, including: - - - - IMAP can store messages on a - remote server as well as fetch them. - - - - IMAP supports concurrent - updates. - - - - IMAP can be useful over + required as these protocols allow users to connect to their + mailboxes from remote locations. IMAP offers + several advantages over POP. These + include the ability to store a copy of messages on a + remote server after they are downloaded and concurrent + updates. IMAP can be useful over low-speed links as it allows users to fetch the structure of messages without downloading them. It can also perform tasks such as searching on the server in order to minimize data transfer between clients and servers. - - - - In order to install a POP or - IMAP server, the following steps should - be performed: - - - - Use the Ports Collection to install an - IMAP or POP - server. The following POP and - IMAP servers are well known: - - - - mail/qpopper - - - - mail/teapop - - - - mail/imap-uw - - - - mail/courier-imap - - - - mail/dovecot2 - - - - - - - Where required, use the startup script that came - with the application to load the POP - or IMAP server. Those programs will - also provide a variable which can be added to - /etc/rc.conf to automate the - startup of the application's daemon whenever the system - boots. - - + Several POP and + IMAP servers are available in the Ports + Collection. These include mail/qpopper, + mail/imap-uw, + mail/courier-imap, and + mail/dovecot2. It should be noted that both POP @@ -343,29 +231,43 @@ FreeBSD.org mail is handled by 10 mx1.Fr clear-text. To secure the transmission of information across these protocols, consider tunneling sessions over &man.ssh.1; () or - using SSL (). + using SSL (). - + + - - Accessing Local Mailboxes + + Domain Name System (DNS) + + The Domain Name System (DNS) and its + daemon named play a large role in the + delivery of email. In order to deliver mail from one site to + another, the MTA will look up the remote + site in DNS to determine which host will + receive mail for the destination. This process also occurs + when mail is sent from a remote host to the + MTA. - Mailboxes may be accessed locally by directly using an - MUA on the server on which the mailbox - resides. This can be done using a built-in application - such as &man.mail.1; or by installing a - MUA from the Ports Collection.. - - + In addition to mapping hostnames to IP + addresses, DNS is responsible for storing information + specific to mail delivery, known as Mail eXchanger + MX records. The MX + record specifies which hosts will receive mail for a + particular domain. - - The Mail Host + To view the MX records for a domain, + specify the type of record. Refer to &man.host.1;, for more + details about this command: - mail host + &prompt.user; host -t mx FreeBSD.org +FreeBSD.org mail is handled by 10 mx1.FreeBSD.org - The mail host is a server that is responsible for - delivering and receiving mail for a host, or a network. - + Refer to for more + information about DNS and its + configuration. + + + From owner-svn-doc-all@FreeBSD.ORG Fri May 9 17:02:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6E7C81B0; Fri, 9 May 2014 17:02:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5A499B66; Fri, 9 May 2014 17:02:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s49H2tFd066280; Fri, 9 May 2014 17:02:55 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s49H2tjM066279; Fri, 9 May 2014 17:02:55 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405091702.s49H2tjM066279@svn.freebsd.org> From: Dru Lavigne Date: Fri, 9 May 2014 17:02:55 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44799 - head/en_US.ISO8859-1/books/handbook/mail X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 May 2014 17:02:55 -0000 Author: dru Date: Fri May 9 17:02:54 2014 New Revision: 44799 URL: http://svnweb.freebsd.org/changeset/doc/44799 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mail/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Fri May 9 16:17:58 2014 (r44798) +++ head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Fri May 9 17:02:54 2014 (r44799) @@ -5,30 +5,31 @@ $FreeBSD$ --> - Electronic Mail + + Electronic Mail + - BillLloydOriginal work by + BillLloydOriginal + work by - JimMockRewritten by + JimMockRewritten + by - - Synopsis email Electronic Mail, better known as email, is - one of the most widely used forms of communication today. - This chapter provides a basic introduction to running a mail - server on &os;, as well as an introduction to sending and - receiving email using &os;. - For more complete coverage of this subject, - refer to the books listed in - . + one of the most widely used forms of communication today. This + chapter provides a basic introduction to running a mail server + on &os;, as well as an introduction to sending and receiving + email using &os;. For more complete coverage of this subject, + refer to the books listed in . After reading this chapter, you will know: @@ -49,8 +50,8 @@ - How to block spammers from illegally using a mail - server as a relay. + How to block spammers from illegally using a mail server + as a relay. @@ -98,7 +99,8 @@ - Properly set up a network connection (). + Properly set up a network connection (). @@ -135,7 +137,7 @@ mail server daemons Exim - + email receiving @@ -144,139 +146,149 @@ There are five major parts involved in an email exchange: the Mail User Agent (MUA), the Mail Transfer - Agent (MTA), a mail host, a remote - or local mailbox, and DNS. This section provides an + Agent (MTA), a mail host, a remote or local + mailbox, and DNS. This section provides an overview of these components. - + Mail User Agent (MUA) The Mail User Agent (MUA) is an - application which is used to compose, send, and receive - emails. This application can be a command line program, such as - the built-in mail utility or a third-party - application from the Ports Collection, such as - mutt, - alpine, or - elm. - Dozens of graphical programs are also available in the Ports Collection, including - Claws Mail, Evolution, and - Thunderbird. Some organizations provide a web mail program - which can be accessed through a web browser. More information - about installing and using a MUA on &os; can be - found in . - - + application which is used to compose, send, and receive + emails. This application can be a command line program, + such as the built-in mail utility or a + third-party application from the Ports Collection, such as + mutt, + alpine, or + elm. Dozens of graphical + programs are also available in the Ports Collection, + including Claws Mail, + Evolution, and + Thunderbird. Some + organizations provide a web mail program which can be + accessed through a web browser. More information about + installing and using a MUA on &os; can + be found in . + + - + Mail Transfer Agent (MTA) - The Mail Transfer Agent (MTA) is - responsible for receiving incoming mail and delivering - outgoing mail. &os; ships with Sendmail as the - default MTA, but it also supports numerous - other mail server daemons, including Exim, - Postfix, and - qmail. - Sendmail configuration is described - in . If another - MTA is installed using the Ports - Collection, refer to its post-installation message for - &os;-specific configuration details and the application's - website for more general configuration instructions. - - + The Mail Transfer Agent (MTA) is + responsible for receiving incoming mail and delivering + outgoing mail. &os; ships with + Sendmail as the default + MTA, but it also supports numerous + other mail server daemons, including + Exim, + Postfix, and + qmail. + Sendmail configuration is + described in . If another + MTA is installed using the Ports + Collection, refer to its post-installation message for + &os;-specific configuration details and the application's + website for more general configuration + instructions. + + - + Mail Host and Mailboxes - The mail host is a server that is responsible for - delivering and receiving mail for a host or a network. The - mail host collects all mail sent to the domain and stores it - either in the default mbox or the - alternative Maildir format, depending on the configuration. - Once mail has been stored, it may either be read locally using - a MUA or remotely accessed and collected - using protocols such as POP or - IMAP. If mail is read locally, - a POP or IMAP server - does not need to be installed. - - To access mailboxes remotely, a - POP or IMAP server is - required as these protocols allow users to connect to their - mailboxes from remote locations. IMAP offers - several advantages over POP. These - include the ability to store a copy of messages on a - remote server after they are downloaded and concurrent - updates. IMAP can be useful over - low-speed links as it allows users to fetch the - structure of messages without downloading them. It can - also perform tasks such as searching on the server in - order to minimize data transfer between clients and - servers. - - Several POP and - IMAP servers are available in the Ports - Collection. These include mail/qpopper, - mail/imap-uw, - mail/courier-imap, and - mail/dovecot2. - - - It should be noted that both POP - and IMAP transmit information, - including username and password credentials, in - clear-text. To secure the transmission of information - across these protocols, consider tunneling sessions over - &man.ssh.1; () or - using SSL (). - - - + The mail host is a server that is responsible for + delivering and receiving mail for a host or a network. + The mail host collects all mail sent to the domain and + stores it either in the default mbox + or the alternative Maildir format, depending on the + configuration. Once mail has been stored, it may either + be read locally using a MUA or remotely + accessed and collected using protocols such as + POP or IMAP. If + mail is read locally, a POP or + IMAP server does not need to be + installed. + + To access mailboxes remotely, a POP + or IMAP server is required as these + protocols allow users to connect to their mailboxes from + remote locations. IMAP offers several + advantages over POP. These include the + ability to store a copy of messages on a remote server + after they are downloaded and concurrent updates. + IMAP can be useful over low-speed links + as it allows users to fetch the structure of messages + without downloading them. It can also perform tasks such + as searching on the server in order to minimize data + transfer between clients and servers. + + Several POP and + IMAP servers are available in the Ports + Collection. These include + mail/qpopper, + mail/imap-uw, + mail/courier-imap, and + mail/dovecot2. + + + It should be noted that both POP + and IMAP transmit information, + including username and password credentials, in + clear-text. To secure the transmission of information + across these protocols, consider tunneling sessions over + &man.ssh.1; () + or using SSL (). + + + - + Domain Name System (DNS) - The Domain Name System (DNS) and its - daemon named play a large role in the - delivery of email. In order to deliver mail from one site to - another, the MTA will look up the remote - site in DNS to determine which host will - receive mail for the destination. This process also occurs - when mail is sent from a remote host to the - MTA. - - In addition to mapping hostnames to IP - addresses, DNS is responsible for storing information - specific to mail delivery, known as Mail eXchanger - MX records. The MX - record specifies which hosts will receive mail for a - particular domain. - - To view the MX records for a domain, - specify the type of record. Refer to &man.host.1;, for more - details about this command: + The Domain Name System (DNS) and + its daemon named play a large role in + the delivery of email. In order to deliver mail from one + site to another, the MTA will look up + the remote site in DNS to determine + which host will receive mail for the destination. This + process also occurs when mail is sent from a remote host + to the MTA. + + In addition to mapping hostnames to + IP addresses, DNS is + responsible for storing information specific to mail + delivery, known as Mail eXchanger + MX records. The MX + record specifies which hosts will receive mail for a + particular domain. + + To view the MX records for a + domain, specify the type of record. Refer to + &man.host.1;, for more details about this command: - &prompt.user; host -t mx FreeBSD.org + &prompt.user; host -t mx FreeBSD.org FreeBSD.org mail is handled by 10 mx1.FreeBSD.org - Refer to for more - information about DNS and its - configuration. - - - + Refer to for more + information about DNS and its + configuration. + + + - <application>Sendmail</application> Configuration + + <application>Sendmail</application> Configuration + - ChristopherShumwayContributed by + ChristopherShumwayContributed + by - Sendmail @@ -408,17 +420,19 @@ okay.cyberspammer.com OK routine. The message is sent to the remote host when a mail matches the left side of the table. The third entry rejects mail from a specific host on the Internet, - another.source.of.spam. The fourth entry - accepts mail connections from okay.cyberspammer.com, which is - more specific than the cyberspammer.com line above. - More specific matches override less exact matches. The last - entry allows relaying of email from hosts with an IP address - that begins with 128.32. These hosts can - send mail through this mail server that is destined for other - mail servers. + another.source.of.spam. The fourth + entry accepts mail connections from okay.cyberspammer.com, + which is more specific than the cyberspammer.com line + above. More specific matches override less exact matches. + The last entry allows relaying of email from hosts with an IP + address that begins with 128.32. + These hosts can send mail through this mail server that is + destined for other mail servers. - Whenever this file is updated, run - make in /etc/mail/ to update the + Whenever this file is updated, run make + in /etc/mail/ to update the database. @@ -441,24 +455,27 @@ procmail: "|/usr/local/bin/procmail"The mailbox name on the left side of the colon is expanded to the target(s) on the right. The first entry expands the - mailbox root to the mailbox - localuser, which is then looked up again - in the aliases database. If no match is - found, the message is delivered to - localuser. The second entry shows a - mail list. Mail to the mailbox ftp-bugs - is expanded to the three local mailboxes - joe, eric, and - paul. A remote mailbox could be - specified as user@example.com. The third + mailbox root to the + mailbox localuser, + which is then looked up again in the + aliases database. If no match is found, + the message is delivered to localuser. The second entry + shows a mail list. Mail to the mailbox ftp-bugs is expanded to the + three local mailboxes joe, eric, and paul. A remote mailbox could + be specified as user@example.com. The third entry shows how to write mail to a file, in this case /dev/null. The last entry demonstrates how to send mail to a program, /usr/local/bin/procmail, through a &unix; pipe. - Whenever this file is updated, run - make in /etc/mail/ to update the + Whenever this file is updated, run make + in /etc/mail/ to update the database. @@ -466,11 +483,13 @@ procmail: "|/usr/local/bin/procmail"This is a list of hostnames &man.sendmail.8; is to accept as the local host name. Place any domains or hosts that - Sendmail will receive mail - for. For example, to configure a mail server to accept mail - for the domain example.com - and the host mail.example.com, - add these entries to + Sendmail will receive mail for. + For example, to configure a mail server to accept mail for the + domain example.com and the host + mail.example.com, add + these entries to local-host-names: example.com @@ -478,7 +497,6 @@ mail.example.com Whenever this file is updated, &man.sendmail.8; needs to be restarted so that it will read the changes. - @@ -521,32 +539,38 @@ postmaster@example.com postmast The above example contains a mapping for the domain - example.com. This file - is processed in a first match order. The first item maps - root@example.com to the local mailbox - root. The second entry maps - postmaster@example.com to the mailbox - postmaster on the host noc.example.net. Finally, if - nothing from example.com - has matched so far, it will match the last mapping, which - matches every other mail message addressed to someone at - example.com to the local + example.com. + This file is processed in a first match order. The first item + maps root@example.com to the local mailbox + root. The second + entry maps postmaster@example.com to the + mailbox postmaster + on the host noc.example.net. Finally, + if nothing from example.com has matched so + far, it will match the last mapping, which matches every other + mail message addressed to someone at example.com to the local mailbox joe. - Changing the Mail Transfer Agent + + Changing the Mail Transfer Agent + - AndrewBoothmanWritten by + AndrewBoothmanWritten + by - GregoryNeil ShapiroInformation taken from emails written - by + GregoryNeil + ShapiroInformation taken + from emails written by - email @@ -568,7 +592,8 @@ postmaster@example.com postmast Install a New <acronym>MTA</acronym> A wide choice of MTAs is available - from the mail category of the &os; Ports Collection. + from the mail category of the &os; Ports Collection. Once a new MTA is installed, configure the new software and decide if it really fulfills your needs @@ -681,7 +706,6 @@ mailq /usr/local/supermailer/bin/mailq- newaliases /usr/local/supermailer/bin/newaliases-compat hoststat /usr/local/supermailer/bin/hoststat-compat purgestat /usr/local/supermailer/bin/purgestat-compat - @@ -693,7 +717,6 @@ purgestat /usr/local/supermailer/bin/pur reboot. Rebooting provides the opportunity to ensure that the system is correctly configured to start the new MTA automatically on boot. - @@ -714,10 +737,15 @@ purgestat /usr/local/supermailer/bin/pur The host may actually be in a different domain. - For example, in order for a host in foo.bar.edu to reach a host - called mumble in the bar.edu domain, refer to - it by the Fully-Qualified Domain Name - FQDN, mumble.bar.edu, instead of just + For example, in order for a host in foo.bar.edu to + reach a host called mumble in + the bar.edu domain, + refer to it by the Fully-Qualified Domain Name + FQDN, mumble.bar.edu, + instead of just mumble. This is because the version of @@ -726,14 +754,17 @@ purgestat /usr/local/supermailer/bin/pur &os; no longer provides default abbreviations for non-FQDNs other than the local domain. An unqualified host such as - mumble must either be found as - mumble.foo.bar.edu, + mumble must either be found + as mumble.foo.bar.edu, or it will be searched for in the root domain. In older versions of - BIND, - the search continued across mumble.bar.edu, and - mumble.edu. RFC + BIND, the search continued + across mumble.bar.edu, + and mumble.edu. RFC 1535 details why this is considered bad practice or even a security hole. @@ -759,7 +790,8 @@ purgestat /usr/local/supermailer/bin/pur - This is answered in the Sendmail + This is answered in the Sendmail FAQ as follows. This FAQ is recommended reading when tweaking the mail setup. @@ -794,8 +826,10 @@ to /etc/mail/sendmail.cf.One way to do this is to get a full-time Internet server to provide secondary MX MX record services for the - domain. In this example, the domain is example.com and the ISP has - configured example.net to provide + domain. In this example, the domain is example.com and the ISP + has configured example.net to provide secondary MX services to the domain: @@ -805,21 +839,23 @@ to /etc/mail/sendmail.cf.Only one host should be specified as the final recipient. For Sendmail, add Cw example.com in - /etc/mail/sendmail.cf on - example.com. + /etc/mail/sendmail.cf on example.com. When the sending MTA attempts to deliver mail, it will try to connect to the system, - example.com, over the PPP - link. This will time out if the destination is offline. - The MTA will automatically deliver it to - the secondary MX site at the Internet - Service Provider (ISP), example.net. The secondary - MX site will periodically try to connect - to the primary MX host, example.com. + example.com, + over the PPP link. This will time out if the destination is + offline. The MTA will automatically + deliver it to the secondary MX site at + the Internet Service Provider (ISP), + example.net. + The secondary MX site will periodically + try to connect to the primary MX host, + example.com. - Use something like this as a login - script: + Use something like this as a login script: #!/bin/sh # Put me in /usr/local/bin/pppmyisp @@ -828,8 +864,9 @@ to /etc/mail/sendmail.cf.When creating a separate login script for users, instead use sendmail -qRexample.com in the script - above. This will force all mail in the queue for example.com to be processed - immediately. + above. This will force all mail in the queue for + example.com to + be processed immediately. A further refinement of the situation can be seen from this example from the &a.isp;: @@ -956,7 +993,8 @@ www.example.org Make sure that the lowest-numbered - MXMX record record in + MXMX + record record in DNS points to the host's static IP address. @@ -977,10 +1015,12 @@ example.FreeBSD.org &prompt.root; host example.FreeBSD.org example.FreeBSD.org has address 204.216.27.XX - In this example, mail sent directly to yourlogin@example.FreeBSD.org - should work without problems, assuming + In this example, mail sent directly to yourlogin@example.FreeBSD.org should + work without problems, assuming Sendmail is running correctly on - example.FreeBSD.org. + example.FreeBSD.org. For this example: @@ -988,9 +1028,10 @@ example.FreeBSD.org has address 204.216. example.FreeBSD.org has address 204.216.27.XX example.FreeBSD.org mail is handled (pri=10) by hub.FreeBSD.org - All mail sent to example.FreeBSD.org will be - collected on hub under the same username - instead of being sent directly to your host. + All mail sent to example.FreeBSD.org will + be collected on hub under the same + username instead of being sent directly to your host. The above information is handled by the DNS server. The DNS @@ -999,20 +1040,22 @@ example.FreeBSD.org mail is handled (pri record exists, mail will be delivered directly to the host by way of its IP address. - The MX entry for freefall.FreeBSD.org at one time looked - like this: + The MX entry for freefall.FreeBSD.org at + one time looked like this: freefall MX 30 mail.crl.net freefall MX 40 agora.rdrop.com freefall MX 10 freefall.FreeBSD.org freefall MX 20 who.cdrom.com - freefall had many MX - entries. The lowest MX number is the host - that receives mail directly, if available. If it is not - accessible for some reason, the next lower-numbered host will - accept messages temporarily, and pass it along when a - lower-numbered host becomes available. + freefall had many + MX entries. The lowest + MX number is the host that receives mail + directly, if available. If it is not accessible for some + reason, the next lower-numbered host will accept messages + temporarily, and pass it along when a lower-numbered host + becomes available. Alternate MX sites should have separate Internet connections in order to be most useful. Your @@ -1053,18 +1096,24 @@ freefall MX 20 who.cdrom.com The following is an example of virtual email hosting. - Consider a customer with the domain customer1.org, where all the mail - for customer1.org should be - sent to mail.myhost.com. The + Consider a customer with the domain customer1.org, where all + the mail for customer1.org should be + sent to mail.myhost.com. The DNS entry should look like this: customer1.org MX 10 mail.myhost.com An A> record is - not needed for customer1.org in order to only - handle email for that domain. However, running - ping against customer1.org will not work - unless an A record exists for it. + not needed for customer1.org in order to + only handle email for that domain. However, running + ping against customer1.org will not + work unless an A record exists for + it. Tell the MTA which domains and/or hostnames it should accept mail for. Either of the following @@ -1074,10 +1123,10 @@ freefall MX 20 who.cdrom.com Add the hosts to /etc/mail/local-host-names when - using the FEATURE(use_cw_file). - For versions of - Sendmail earlier than 8.10, - edit /etc/sendmail.cw instead. + using the FEATURE(use_cw_file). For + versions of Sendmail earlier + than 8.10, edit /etc/sendmail.cw + instead. @@ -1092,14 +1141,15 @@ freefall MX 20 who.cdrom.com - Setting Up to Send Only + + Setting Up to Send Only + - BillMoranContributed by + BillMoranContributed + by - - There are many instances where one may only want to send mail through a relay. Some examples are: @@ -1133,7 +1183,8 @@ freefall MX 20 who.cdrom.com&prompt.root; cd /usr/ports/mail/ssmtp &prompt.root; make install replace clean - Once installed, mail/ssmtp can be configured with + Once installed, mail/ssmtp can be + configured with /usr/local/etc/ssmtp/ssmtp.conf: root=yourrealemail@example.com @@ -1141,19 +1192,19 @@ mailhub=mail.example.com rewriteDomain=example.com hostname=_HOSTNAME_ - Use the real email address for root. - Enter the ISP's outgoing mail relay in place - of mail.example.com. Some - ISPs call this the outgoing mail + Use the real email address for root. Enter the + ISP's outgoing mail relay in place of + mail.example.com. + Some ISPs call this the outgoing mail server or SMTP server). - Make sure to disable - Sendmail, including the outgoing mail - service. See for - details. + Make sure to disable Sendmail, + including the outgoing mail service. See for details. - mail/ssmtp has some - other options available. Refer to the examples in + mail/ssmtp has some other options + available. Refer to the examples in /usr/local/etc/ssmtp or the manual page of ssmtp for more information. @@ -1175,14 +1226,18 @@ hostname=_HOSTNAME_ When using a dynamically assigned IP address and a dialup PPP connection to the Internet, one usually has a mailbox on the ISP's mail server. In this example, the - ISP's domain is example.net, the user name is - user, the hostname is bsd.home, and the ISP - has allowed relay.example.net as a mail relay. + ISP's domain is example.net, the user name + is user, the hostname + is bsd.home, and + the ISP has allowed relay.example.net as a mail + relay. In order to retrieve mail from the ISP's mailbox, install a retrieval agent from the Ports Collection. - mail/fetchmail is a good - choice as it supports many different protocols. Usually, the + mail/fetchmail is a good choice as it + supports many different protocols. Usually, the ISP will provide POP. When using user PPP, email can be automatically fetched when an Internet connection is established @@ -1202,23 +1257,26 @@ hostname=_HOSTNAME_ !bg su user -c "sendmail -q" In this example, there is an account for - user on bsd.home. In the home directory of - user on bsd.home, create a + user on bsd.home. In the home + directory of user on + bsd.home, create a .fetchmailrc which contains this line: poll example.net protocol pop3 fetchall pass MySecret This file should not be readable by anyone except - user as it contains the password - MySecret. + user as it contains + the password MySecret. In order to send mail with the correct from: header, configure Sendmail to use - user@example.net rather than user@bsd.home and to send all mail - via relay.example.net, allowing - quicker mail transmission. + user@example.net rather than user@bsd.home and to send all mail via + relay.example.net, + allowing quicker mail transmission. The following .mc file should suffice: @@ -1241,21 +1299,21 @@ define(`confDOMAIN_NAME',`bsd.home')dnl define(`confDELIVERY_MODE',`deferred')dnl Refer to the previous section for details of how to convert - this file into the - sendmail.cf format. Do not forget to - restart Sendmail after updating - sendmail.cf. + this file into the sendmail.cf format. Do + not forget to restart Sendmail after + updating sendmail.cf. - SMTP Authentication + + SMTP Authentication + - JamesGorhamWritten by + JamesGorhamWritten + by - - Configuring SMTP authentication on the MTA provides a number of benefits. SMTP authentication adds a layer @@ -1275,8 +1333,8 @@ define(`confDELIVERY_MODE',`deferred')dn - After installing security/cyrus-sasl2, - edit + After installing + security/cyrus-sasl2, edit /usr/local/lib/sasl2/Sendmail.conf, or create it if it does not exist, and add the following line: @@ -1285,9 +1343,10 @@ define(`confDELIVERY_MODE',`deferred')dn - Next, install security/cyrus-sasl2-saslauthd - and add the following line to - /etc/rc.conf: + Next, install + security/cyrus-sasl2-saslauthd and add + the following line to + /etc/rc.conf: saslauthd_enable="YES" @@ -1297,11 +1356,10 @@ define(`confDELIVERY_MODE',`deferred')dn This daemon serves as a broker for sendmail to authenticate against - the &os; &man.passwd.5; database. This - saves the trouble of creating a new set of usernames and - passwords for each user that needs to use - SMTP authentication, and keeps the login - and mail password the same. + the &os; &man.passwd.5; database. This saves the trouble of + creating a new set of usernames and passwords for each user + that needs to use SMTP authentication, + and keeps the login and mail password the same. @@ -1312,10 +1370,10 @@ define(`confDELIVERY_MODE',`deferred')dn SENDMAIL_LDFLAGS=-L/usr/local/lib SENDMAIL_LDADD=-lsasl2 - These lines provide - Sendmail the proper configuration - options for linking to cyrus-sasl2 at compile time. - Make sure that cyrus-sasl2 has been installed + These lines provide Sendmail + the proper configuration options for linking to + cyrus-sasl2 at compile time. Make sure + that cyrus-sasl2 has been installed before recompiling Sendmail. @@ -1332,9 +1390,8 @@ SENDMAIL_LDADD=-lsasl2 &prompt.root; make cleandir && make obj && make && make install This compile should not have any problems if - /usr/src has not - changed extensively and the shared libraries it needs are - available. + /usr/src has not changed extensively + and the shared libraries it needs are available. @@ -1358,8 +1415,9 @@ define(`confAUTH_MECHANISMS', `GSSAPI DI - Finally, run &man.make.1; while in /etc/mail. That will run the - new .mc and create a + Finally, run &man.make.1; while in + /etc/mail. That will run the new + .mc and create a .cf named either freebsd.cf or the name used for the local .mc. Then, run make @@ -1377,17 +1435,20 @@ define(`confAUTH_MECHANISMS', `GSSAPI DI to 13 and watch /var/log/maillog for any errors. - For more information, refer to + For more information, refer to SMTP authentication. - Mail User Agents + + Mail User Agents + - MarcSilverContributed by + MarcSilverContributed + by - Mail User Agents @@ -1427,9 +1488,10 @@ define(`confAUTH_MECHANISMS', `GSSAPI DI &prompt.user; mail *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Fri May 9 17:39:33 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6499D876; Fri, 9 May 2014 17:39:33 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 51C76DDE; Fri, 9 May 2014 17:39:33 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s49HdWCM080248; Fri, 9 May 2014 17:39:32 GMT (envelope-from emaste@svn.freebsd.org) Received: (from emaste@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s49HdWS3080247; Fri, 9 May 2014 17:39:32 GMT (envelope-from emaste@svn.freebsd.org) Message-Id: <201405091739.s49HdWS3080247@svn.freebsd.org> From: Ed Maste Date: Fri, 9 May 2014 17:39:32 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44800 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 May 2014 17:39:33 -0000 Author: emaste (src committer) Date: Fri May 9 17:39:32 2014 New Revision: 44800 URL: http://svnweb.freebsd.org/changeset/doc/44800 Log: UFS snapshots are read-only Change the snapshot example to show creating the md(4) read-only, in order to avoid a warning. Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Fri May 9 17:02:54 2014 (r44799) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Fri May 9 17:39:32 2014 (r44800) @@ -2123,7 +2123,7 @@ Filesystem 1K-blocks Used Avail Capacity file system. To &man.mount.8; the snapshot /var/snapshot/snap run: - &prompt.root; mdconfig -a -t vnode -f /var/snapshot/snap -u 4 + &prompt.root; mdconfig -a -t vnode -o readonly -f /var/snapshot/snap -u 4 &prompt.root; mount -r /dev/md4 /mnt From owner-svn-doc-all@FreeBSD.ORG Fri May 9 18:27:08 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 58EC0D55; Fri, 9 May 2014 18:27:08 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 39C5A29A; Fri, 9 May 2014 18:27:08 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s49IR8V5002929; Fri, 9 May 2014 18:27:08 GMT (envelope-from lstewart@svn.freebsd.org) Received: (from lstewart@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s49IR7PB002926; Fri, 9 May 2014 18:27:07 GMT (envelope-from lstewart@svn.freebsd.org) Message-Id: <201405091827.s49IR7PB002926@svn.freebsd.org> From: Lawrence Stewart Date: Fri, 9 May 2014 18:27:07 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44801 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 May 2014 18:27:08 -0000 Author: lstewart (src committer) Date: Fri May 9 18:27:07 2014 New Revision: 44801 URL: http://svnweb.freebsd.org/changeset/doc/44801 Log: Add my PGP key. Added: head/share/pgpkeys/lstewart.key (contents, props changed) Modified: head/share/pgpkeys/pgpkeys-developers.xml head/share/pgpkeys/pgpkeys.ent Added: head/share/pgpkeys/lstewart.key ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/pgpkeys/lstewart.key Fri May 9 18:27:07 2014 (r44801) @@ -0,0 +1,106 @@ + + + +uid Lawrence A. Stewart +uid Lawrence A. Stewart +uid Lawrence A. Stewart +sub 4096R/ACCB4CCFAB4EDC2D 2014-05-08 [expires: 2024-05-05] + +]]> + Modified: head/share/pgpkeys/pgpkeys-developers.xml ============================================================================== --- head/share/pgpkeys/pgpkeys-developers.xml Fri May 9 17:39:32 2014 (r44800) +++ head/share/pgpkeys/pgpkeys-developers.xml Fri May 9 18:27:07 2014 (r44801) @@ -1816,6 +1816,11 @@ &pgpkey.zi; + + &a.lstewart.email; + &pgpkey.lstewart; + + &a.rrs.email; &pgpkey.rrs; Modified: head/share/pgpkeys/pgpkeys.ent ============================================================================== --- head/share/pgpkeys/pgpkeys.ent Fri May 9 17:39:32 2014 (r44800) +++ head/share/pgpkeys/pgpkeys.ent Fri May 9 18:27:07 2014 (r44801) @@ -242,6 +242,7 @@ + From owner-svn-doc-all@FreeBSD.ORG Fri May 9 18:42:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9CBA551C; Fri, 9 May 2014 18:42:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7D91B600; Fri, 9 May 2014 18:42:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s49IgauG011347; Fri, 9 May 2014 18:42:36 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s49IgaB7011346; Fri, 9 May 2014 18:42:36 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405091842.s49IgaB7011346@svn.freebsd.org> From: Dru Lavigne Date: Fri, 9 May 2014 18:42:36 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44802 - head/en_US.ISO8859-1/books/handbook/mail X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 May 2014 18:42:36 -0000 Author: dru Date: Fri May 9 18:42:36 2014 New Revision: 44802 URL: http://svnweb.freebsd.org/changeset/doc/44802 Log: Start to modernize the Sendmail configuration file section. More commits to come Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mail/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Fri May 9 18:27:07 2014 (r44801) +++ head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Fri May 9 18:42:36 2014 (r44802) @@ -282,7 +282,8 @@ FreeBSD.org mail is handled by 10 mx1.Fr - <application>Sendmail</application> Configuration + <application>Sendmail</application> Configuration + Files ChristopherShumwayContributed @@ -294,17 +295,18 @@ FreeBSD.org mail is handled by 10 mx1.Fr Sendmail - &man.sendmail.8; is the default MTA - which is installed with &os;. - Sendmail accepts mail from + Sendmail is the default + MTA installed with &os;. + It accepts mail from MUAs and delivers it to the appropriate - mailer as defined by its configuration file. + mail host, as defined by its configuration. Sendmail can also accept network connections and deliver mail to local mailboxes or to another program. - Sendmail uses the following - configuration files. This section describes these files in more + The configuration files for + Sendmail are located in + /etc/mail. This section describes these files in more detail. @@ -328,117 +330,69 @@ FreeBSD.org mail is handled by 10 mx1.Fr /etc/mail/virtusertable - - - - - Filename - Function - - - - - - /etc/mail/access - Sendmail access database - file. - - - - - /etc/mail/aliases - Mailbox aliases - - - - - /etc/mail/local-host-names - Lists of hosts Sendmail - accepts mail for. - - - - - /etc/mail/mailer.conf - Mailer program configuration. - - - - - /etc/mail/mailertable - Mailer delivery table. - - - - - /etc/mail/sendmail.cf - Sendmail master - configuration file. - - - - - /etc/mail/virtusertable - Virtual users and domain tables. - - - - - - <filename>/etc/mail/access</filename> - - This database defines which host(s) or IP addresses + + + /etc/mail/access + + This access database file defines which hosts or IP addresses have access to the local mail server and what kind of access - they have. Hosts can be listed as , - , or , or can be - passed to Sendmail's error - handling routine with a given mailer error. Hosts that - are listed as , which is the default - option, are allowed to send mail to this host as long as the - mail's final destination is the local machine. Hosts that are + they have. Hosts listed as , which is the + default option, are allowed to send mail to this host as long + as the mail's final destination is the local machine. Hosts listed as are rejected for all mail - connections. Hosts that are listed as - are allowed to send mail for any - destination using this mail server. - - - Configuring the <application>Sendmail</application> - Access Database - - cyberspammer.com 550 We do not accept mail from spammers -FREE.STEALTH.MAILER@ 550 We do not accept mail from spammers -another.source.of.spam REJECT -okay.cyberspammer.com OK -128.32 RELAY - - - This example shows five entries. Mail senders that match + connections. Hosts listed as are + allowed to send mail for any destination using this mail + server. Hosts listed as will have their mail returned with + the specified mail error. If a host is listed + as , Sendmail + will abort the current search for this entry without accepting + or rejecting the mail. Hosts listed + as will have their messages held and will receive the + specified text as the reason for the hold. + + Examples of using these options for both + IPv4 and IPv6 + addresses can be found in the &os; sample configuration, + /etc/mail/access.sample: + + # $FreeBSD$ +# +# Mail relay access control list. Default is to reject mail unless the +# destination is local, or listed in /etc/mail/local-host-names +# +## Examples (commented out for safety) +#From:cyberspammer.com ERROR:"550 We don't accept mail from spammers" +#From:okay.cyberspammer.com OK +#Connect:sendmail.org RELAY +#To:sendmail.org RELAY +#Connect:128.32 RELAY +#Connect:128.32.2 SKIP +#Connect:IPv6:1:2:3:4:5:6:7 RELAY +#Connect:suspicious.example.com QUARANTINE:Mail from suspicious host +#Connect:[127.0.0.3] OK +#Connect:[IPv6:1:2:3:4:5:6:7:8] OK + + To configure the access database, use the format shown in + the sample to make entries in + /etc/mail/access, but do not put a + comment symbol (#) in front of the entries. Create + an entry for each host or network whose access should be + configured. Mail senders that match the left side of the table are affected by the action on the - right side of the table. The first two examples give an error - code to Sendmail's error handling - routine. The message is sent to the remote host when a mail - matches the left side of the table. The third entry rejects - mail from a specific host on the Internet, - another.source.of.spam. The fourth - entry accepts mail connections from okay.cyberspammer.com, - which is more specific than the cyberspammer.com line - above. More specific matches override less exact matches. - The last entry allows relaying of email from hosts with an IP - address that begins with 128.32. - These hosts can send mail through this mail server that is - destined for other mail servers. + right side of the table. - Whenever this file is updated, run make - in /etc/mail/ to update the - database. + Whenever this file is updated, update its database and + restart Sendmail: - - - <filename>/etc/mail/aliases</filename> + &prompt.root; makemap hash /etc/mail/access < /etc/mail/access +&prompt.root; service sendmail restart + + + + /etc/mail/aliases + This database contains a list of virtual mailboxes that are expanded to other user(s), files, programs, or other aliases. Here are a few examples to illustrate the @@ -477,11 +431,13 @@ procmail: "|/usr/local/bin/procmail"Whenever this file is updated, run make in /etc/mail/ to update the database. - - - <filename>/etc/mail/local-host-names</filename> + + - This is a list of hostnames &man.sendmail.8; is to accept + + /etc/mail/local-host-names + + This is a list of hostnames Sendmail will accept as the local host name. Place any domains or hosts that Sendmail will receive mail for. For example, to configure a mail server to accept mail for the @@ -497,11 +453,12 @@ mail.example.com Whenever this file is updated, &man.sendmail.8; needs to be restarted so that it will read the changes. - - - - <filename>/etc/mail/sendmail.cf</filename> + + + + /etc/mail/sendmail.cf + This is the master configuration file for Sendmail. It controls the overall behavior of Sendmail, including @@ -520,13 +477,14 @@ mail.example.com Whenever changes to this file are made, Sendmail needs to be restarted for the changes to take effect. + + - - - <filename>/etc/mail/virtusertable</filename> - + + /etc/mail/virtusertable + The virtusertable maps mail addresses - for virtual domains and mailboxes to real mailboxes. These + for virtual domains and users to real mailboxes. These mailboxes can be local, remote, aliases defined in /etc/mail/aliases, or files. @@ -553,8 +511,9 @@ postmaster@example.com postmast mail message addressed to someone at example.com to the local mailbox joe. - - + + + From owner-svn-doc-all@FreeBSD.ORG Fri May 9 20:05:34 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 23ED67A6; Fri, 9 May 2014 20:05:34 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 10F22DEA; Fri, 9 May 2014 20:05:34 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s49K5XVg048514; Fri, 9 May 2014 20:05:33 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s49K5XnT048513; Fri, 9 May 2014 20:05:33 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405092005.s49K5XnT048513@svn.freebsd.org> From: Dru Lavigne Date: Fri, 9 May 2014 20:05:33 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44803 - head/en_US.ISO8859-1/books/handbook/mail X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 May 2014 20:05:34 -0000 Author: dru Date: Fri May 9 20:05:33 2014 New Revision: 44803 URL: http://svnweb.freebsd.org/changeset/doc/44803 Log: Finish initial editorial review of Sendmail Configuration Files. Comment out local-host-names for now until instructions for building its needed .mc feature are added. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mail/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Fri May 9 18:42:36 2014 (r44802) +++ head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Fri May 9 20:05:33 2014 (r44803) @@ -383,7 +383,7 @@ FreeBSD.org mail is handled by 10 mx1.Fr right side of the table. Whenever this file is updated, update its database and - restart Sendmail: + restart Sendmail: &prompt.root; makemap hash /etc/mail/access < /etc/mail/access &prompt.root; service sendmail restart @@ -393,47 +393,49 @@ FreeBSD.org mail is handled by 10 mx1.Fr /etc/mail/aliases - This database contains a list of virtual mailboxes that - are expanded to other user(s), files, programs, or other - aliases. Here are a few examples to illustrate the + This database file contains a list of virtual mailboxes that + are expanded to users, files, programs, or other + aliases. Here are a few entries to illustrate the file format: - - Mail Aliases - root: localuser ftp-bugs: joe,eric,paul bit.bucket: /dev/null procmail: "|/usr/local/bin/procmail" - The mailbox name on the left side of the colon is expanded to the target(s) on the right. The first entry expands the - mailbox root to the - mailbox localuser, - which is then looked up again in the - aliases database. If no match is found, + root mailbox to the + localuser mailbox, + which is then looked up in the + /etc/mail/aliases database. If no match is found, the message is delivered to localuser. The second entry - shows a mail list. Mail to the mailbox ftp-bugs is expanded to the three local mailboxes joe, eric, and paul. A remote mailbox could - be specified as user@example.com. The third + be specified as user@example.com. The third entry shows how to write mail to a file, in this case /dev/null. The last entry demonstrates how to send mail to a program, /usr/local/bin/procmail, through a &unix; - pipe. + pipe. Refer to &man.aliases.5; for more information about the + format of this file. - Whenever this file is updated, run make - in /etc/mail/ to update the + Whenever this file is updated, run newaliases + to update and initialize the aliases database. - + /etc/mail/sendmail.cf @@ -483,34 +485,37 @@ mail.example.com /etc/mail/virtusertable - The virtusertable maps mail addresses + This database file maps mail addresses for virtual domains and users to real mailboxes. These mailboxes can be local, remote, aliases defined in - /etc/mail/aliases, or files. + /etc/mail/aliases, or files. This allows + multiple virtual domains to be hosted on one machine. - - Example Virtual Domain Mail Map + &os; provides a sample configuration file in + /etc/mail/virtusertable.sample to + further demonstrate its format. The following example demonstrates how + to create custom entries using that format: root@example.com root postmaster@example.com postmaster@noc.example.net @example.com joe - - The above example contains a mapping for the domain - example.com. - This file is processed in a first match order. The first item - maps root@example.com to the local mailbox - root. The second - entry maps postmaster@example.com to the - mailbox postmaster - on the host noc.example.net. Finally, - if nothing from example.com has matched so - far, it will match the last mapping, which matches every other - mail message addressed to someone at example.com to the local - mailbox joe. + This file is processed in a first match order. When an + email address matches the address on the left, it is mapped to + the local mailbox listed on the right. The format of the first entry in + this example maps a specific email address to a local mailbox, + whereas the format of the second entry maps a specific email + address to a remote mailbox. Finally, any email address + from example.com which has not matched any of the previous entries + will match the last mapping and be sent to the local mailbox + joe. When creating custom entries, use + this format and add them to + /etc/mail/virtusertable. Whenever this + file is edited, update its database and restart + Sendmail: + + &prompt.root; makemap hash /etc/mail/virtusertable < /etc/mail/virtusertable +&prompt.root; service sendmail restart From owner-svn-doc-all@FreeBSD.ORG Fri May 9 20:25:28 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CDA4AF11; Fri, 9 May 2014 20:25:28 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B9BAAF9C; Fri, 9 May 2014 20:25:28 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s49KPSOC057500; Fri, 9 May 2014 20:25:28 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s49KPSbe057499; Fri, 9 May 2014 20:25:28 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405092025.s49KPSbe057499@svn.freebsd.org> From: Dru Lavigne Date: Fri, 9 May 2014 20:25:28 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44804 - head/en_US.ISO8859-1/books/handbook/mail X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 May 2014 20:25:28 -0000 Author: dru Date: Fri May 9 20:25:28 2014 New Revision: 44804 URL: http://svnweb.freebsd.org/changeset/doc/44804 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mail/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Fri May 9 20:05:33 2014 (r44803) +++ head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Fri May 9 20:25:28 2014 (r44804) @@ -296,9 +296,8 @@ FreeBSD.org mail is handled by 10 mx1.Fr Sendmail is the default - MTA installed with &os;. - It accepts mail from - MUAs and delivers it to the appropriate + MTA installed with &os;. It accepts mail + from MUAs and delivers it to the appropriate mail host, as defined by its configuration. Sendmail can also accept network connections and deliver mail to local mailboxes or to another @@ -306,8 +305,8 @@ FreeBSD.org mail is handled by 10 mx1.Fr The configuration files for Sendmail are located in - /etc/mail. This section describes these files in more - detail. + /etc/mail. This section describes these + files in more detail. /etc/mail/access @@ -333,30 +332,32 @@ FreeBSD.org mail is handled by 10 mx1.Fr - /etc/mail/access - - This access database file defines which hosts or IP addresses - have access to the local mail server and what kind of access - they have. Hosts listed as , which is the - default option, are allowed to send mail to this host as long - as the mail's final destination is the local machine. Hosts - listed as are rejected for all mail - connections. Hosts listed as are - allowed to send mail for any destination using this mail - server. Hosts listed as will have their mail returned with - the specified mail error. If a host is listed - as , Sendmail - will abort the current search for this entry without accepting - or rejecting the mail. Hosts listed - as will have their messages held and will receive the - specified text as the reason for the hold. - - Examples of using these options for both - IPv4 and IPv6 - addresses can be found in the &os; sample configuration, - /etc/mail/access.sample: + /etc/mail/access + + This access database file defines which hosts or + IP addresses have access to the local + mail server and what kind of access they have. Hosts + listed as , which is the default + option, are allowed to send mail to this host as long as + the mail's final destination is the local machine. Hosts + listed as are rejected for all + mail connections. Hosts listed as + are allowed to send mail for any destination using this + mail server. Hosts listed as will + have their mail returned with the specified mail error. + If a host is listed as , + Sendmail will abort the current + search for this entry without accepting or rejecting the + mail. Hosts listed as will + have their messages held and will receive the specified + text as the reason for the hold. + + Examples of using these options for both + IPv4 and IPv6 + addresses can be found in the &os; sample configuration, + /etc/mail/access.sample: - # $FreeBSD$ + # $FreeBSD$ # # Mail relay access control list. Default is to reject mail unless the # destination is local, or listed in /etc/mail/local-host-names @@ -373,63 +374,65 @@ FreeBSD.org mail is handled by 10 mx1.Fr #Connect:[127.0.0.3] OK #Connect:[IPv6:1:2:3:4:5:6:7:8] OK - To configure the access database, use the format shown in - the sample to make entries in - /etc/mail/access, but do not put a - comment symbol (#) in front of the entries. Create - an entry for each host or network whose access should be - configured. Mail senders that match - the left side of the table are affected by the action on the - right side of the table. + To configure the access database, use the format shown + in the sample to make entries in + /etc/mail/access, but do not put a + comment symbol (#) in front of the + entries. Create an entry for each host or network whose + access should be configured. Mail senders that match the + left side of the table are affected by the action on the + right side of the table. - Whenever this file is updated, update its database and - restart Sendmail: + Whenever this file is updated, update its database and + restart Sendmail: - &prompt.root; makemap hash /etc/mail/access < /etc/mail/access + &prompt.root; makemap hash /etc/mail/access < /etc/mail/access &prompt.root; service sendmail restart - - + + - - /etc/mail/aliases - - This database file contains a list of virtual mailboxes that - are expanded to users, files, programs, or other - aliases. Here are a few entries to illustrate the - file format: + + /etc/mail/aliases + + This database file contains a list of virtual + mailboxes that are expanded to users, files, programs, or + other aliases. Here are a few entries to illustrate the + file format: - root: localuser + root: localuser ftp-bugs: joe,eric,paul bit.bucket: /dev/null procmail: "|/usr/local/bin/procmail" - The mailbox name on the left side of the colon is expanded - to the target(s) on the right. The first entry expands the - root mailbox to the - localuser mailbox, - which is then looked up in the - /etc/mail/aliases database. If no match is found, - the message is delivered to localuser. The second entry - shows a mail list. Mail to ftp-bugs is expanded to the - three local mailboxes joe, eric, and paul. A remote mailbox could - be specified as user@example.com. The third - entry shows how to write mail to a file, in this case - /dev/null. The last entry demonstrates - how to send mail to a program, - /usr/local/bin/procmail, through a &unix; - pipe. Refer to &man.aliases.5; for more information about the - format of this file. - - Whenever this file is updated, run newaliases - to update and initialize the aliases - database. - - + The mailbox name on the left side of the colon is + expanded to the target(s) on the right. The first entry + expands the root + mailbox to the localuser mailbox, which + is then looked up in the + /etc/mail/aliases database. If no + match is found, the message is delivered to localuser. The second + entry shows a mail list. Mail to ftp-bugs is expanded to + the three local mailboxes joe, eric, and paul. A remote mailbox + could be specified as + user@example.com. The third + entry shows how to write mail to a file, in this case + /dev/null. The last entry + demonstrates how to send mail to a program, + /usr/local/bin/procmail, through a + &unix; pipe. Refer to &man.aliases.5; for more + information about the format of this file. + + Whenever this file is updated, run + newaliases to update and initialize the + aliases database. + + - - /etc/mail/sendmail.cf - - This is the master configuration file for - Sendmail. It controls the overall - behavior of Sendmail, including - everything from rewriting email addresses to printing rejection - messages to remote mail servers. Accordingly, this - configuration file is quite complex. Fortunately, this file - rarely needs to be changed for standard mail servers. - - The master Sendmail configuration - file can be built from &man.m4.1; macros that define the - features and behavior of Sendmail. - Refer to - /usr/src/contrib/sendmail/cf/README for - some of the details. - - Whenever changes to this file are made, - Sendmail needs to be restarted for - the changes to take effect. - - + + /etc/mail/sendmail.cf + + This is the master configuration file for + Sendmail. It controls the + overall behavior of Sendmail, + including everything from rewriting email addresses to + printing rejection messages to remote mail servers. + Accordingly, this configuration file is quite complex. + Fortunately, this file rarely needs to be changed for + standard mail servers. + + The master Sendmail + configuration file can be built from &man.m4.1; macros + that define the features and behavior of + Sendmail. Refer to + /usr/src/contrib/sendmail/cf/README + for some of the details. + + Whenever changes to this file are made, + Sendmail needs to be restarted + for the changes to take effect. + + - - /etc/mail/virtusertable - - This database file maps mail addresses - for virtual domains and users to real mailboxes. These - mailboxes can be local, remote, aliases defined in - /etc/mail/aliases, or files. This allows - multiple virtual domains to be hosted on one machine. - - &os; provides a sample configuration file in - /etc/mail/virtusertable.sample to - further demonstrate its format. The following example demonstrates how - to create custom entries using that format: + + /etc/mail/virtusertable + + This database file maps mail addresses for virtual + domains and users to real mailboxes. These mailboxes can + be local, remote, aliases defined in + /etc/mail/aliases, or files. This + allows multiple virtual domains to be hosted on one + machine. + + &os; provides a sample configuration file in + /etc/mail/virtusertable.sample to + further demonstrate its format. The following example + demonstrates how to create custom entries using that + format: - root@example.com root + root@example.com root postmaster@example.com postmaster@noc.example.net @example.com joe - This file is processed in a first match order. When an - email address matches the address on the left, it is mapped to - the local mailbox listed on the right. The format of the first entry in - this example maps a specific email address to a local mailbox, - whereas the format of the second entry maps a specific email - address to a remote mailbox. Finally, any email address - from example.com which has not matched any of the previous entries - will match the last mapping and be sent to the local mailbox - joe. When creating custom entries, use - this format and add them to - /etc/mail/virtusertable. Whenever this - file is edited, update its database and restart - Sendmail: + This file is processed in a first match order. When + an email address matches the address on the left, it is + mapped to the local mailbox listed on the right. The + format of the first entry in this example maps a specific + email address to a local mailbox, whereas the format of + the second entry maps a specific email address to a remote + mailbox. Finally, any email address from + example.com which has not matched any + of the previous entries will match the last mapping and be + sent to the local mailbox joe. When + creating custom entries, use this format and add them to + /etc/mail/virtusertable. Whenever + this file is edited, update its database and restart + Sendmail: - &prompt.root; makemap hash /etc/mail/virtusertable < /etc/mail/virtusertable + &prompt.root; makemap hash /etc/mail/virtusertable < /etc/mail/virtusertable &prompt.root; service sendmail restart - - - + + + From owner-svn-doc-all@FreeBSD.ORG Fri May 9 21:22:29 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6BF7E5B7; Fri, 9 May 2014 21:22:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 59125812; Fri, 9 May 2014 21:22:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s49LMTLE084310; Fri, 9 May 2014 21:22:29 GMT (envelope-from bjk@svn.freebsd.org) Received: (from bjk@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s49LMTU4084309; Fri, 9 May 2014 21:22:29 GMT (envelope-from bjk@svn.freebsd.org) Message-Id: <201405092122.s49LMTU4084309@svn.freebsd.org> From: Benjamin Kaduk Date: Fri, 9 May 2014 21:22:29 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44805 - head/en_US.ISO8859-1/books/handbook/config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 May 2014 21:22:29 -0000 Author: bjk Date: Fri May 9 21:22:28 2014 New Revision: 44805 URL: http://svnweb.freebsd.org/changeset/doc/44805 Log: Note that cron scripts run in a limited environment, and give an example for how to test scripts in such an environment. Approved by: hrs (mentor) Discussed with: dru Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/config/chapter.xml Fri May 9 20:25:28 2014 (r44804) +++ head/en_US.ISO8859-1/books/handbook/config/chapter.xml Fri May 9 21:22:28 2014 (r44805) @@ -362,9 +362,16 @@ PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin Before using a custom script, make sure it is executable - and test that it works as intended from the command line. - This is especially important if the script includes any - commands that deletes files using wildcards. + and test it with the limited set of environment variables set + by cron. To replicate the environment that would be used to + run the above cron entry, use: + + env -i SHELL=/bin/sh PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin HOME=/home/dru LOGNAME=dru /usr/home/dru/bin/mycustomscript.sh + + The environment set by cron is discussed in &man.crontab.5;. + Checking that scripts operate correctly in a cron environment + is especially important if they include any commands that delete + files using wildcards. When finished editing the crontab, save the file. It From owner-svn-doc-all@FreeBSD.ORG Fri May 9 22:00:37 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7C1A33D2; Fri, 9 May 2014 22:00:37 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5CD7CABB; Fri, 9 May 2014 22:00:37 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s49M0bM8099136; Fri, 9 May 2014 22:00:37 GMT (envelope-from peter@svn.freebsd.org) Received: (from peter@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s49M0b8Y099135; Fri, 9 May 2014 22:00:37 GMT (envelope-from peter@svn.freebsd.org) Message-Id: <201405092200.s49M0b8Y099135@svn.freebsd.org> From: Peter Wemm Date: Fri, 9 May 2014 22:00:37 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44806 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 May 2014 22:00:37 -0000 Author: peter (src committer) Date: Fri May 9 22:00:36 2014 New Revision: 44806 URL: http://svnweb.freebsd.org/changeset/doc/44806 Log: Sign my new key with my old keys. Modified: head/share/pgpkeys/peter.key Modified: head/share/pgpkeys/peter.key ============================================================================== --- head/share/pgpkeys/peter.key Fri May 9 21:22:28 2014 (r44805) +++ head/share/pgpkeys/peter.key Fri May 9 22:00:36 2014 (r44806) @@ -18,37 +18,50 @@ VdJ4XG7LVftGIOFR1cJRKVvaLi/YWL1xvJLrTcZD V6xDOiCeqUSnAFRIofSFlfbTTa1khaY1kZqUAwBNcB0bKWlpjgolMMJKHZ7J3ovY KPtcWFHz+Z+4naCaNFshyMf8pdRZTtg9CLu9cnhdOZBbvau1fIAWNw9ReSNGQifV 3Btf5kTNtd6PTsNUYCIklD1oq0LzIuyS38ZopExImaEpT04BKHmzVaBxcqIh8x3J -AJ1o2cV2U+aR/M349D/j6fw+i8I7WqJhMVEBABEBAAG0HlBldGVyIFdlbW0gPHBl -dGVyQEZyZWVCU0Qub3JnPokBPwQTAQIAKQUCU2sVsgIbAwUJEswDAAcLCQgHAwIB -BhUIAgkKCwQWAgMBAh4BAheAAAoJEDXWlwnsgJ4EYUoIANjH/CJZpiD4arpHeK7E -aX2iJVVfSTeQ8jjLBwio+cIUic+Aef4K7tweKTPCgf6ZZ56Eua3AYE4kv5YSMNvC -qMZfFXuEYjwEsKma7YWO1n1o0eRs7KhU/+w50GNyE1QG6u56GzML5QIfD0AUDWqo -9grjjOq5afp5xuyLK/lh21wViwpr6ckpYtuITV7gF/UWeOAiIdXxbvhNLrkSJVC3 -E4DkubvKQQor44p5of+lTI1P3aXnW+z1VReHm17fJk+ZaXUu/AeuXM+4TH6lFwr7 -o9xzeqFJZRFg4ThLv6p5pSsZpBaLJnIA9vGDFF6yA38M1ihamlhvYZhDPrito2xE -h3iIRgQQEQIABgUCU2sVywAKCRAVEq5ScndxfzRZAJ9oHdEvxqJPtImy+e5LCK/a -W43H/ACfcDepfQLzPM4UqJ+m2VRkfA5Ksum0G1BldGVyIFdlbW0gPHBldGVyQHdl -bW0ub3JnPokBQgQTAQIALAIbAwUJEswDAAcLCQgHAwIBBhUIAgkKCwQWAgMBAh4B -AheABQJTaxbYAhkBAAoJEDXWlwnsgJ4EWewH/Rfv+NyDw0FEENhbe8jc6tgRak0q -qvP59X+3yeS0faufGtvc0zhw52kPJIWMihVh8nbtHVjhvkhh0KsJRr/DdOwh95zs -/r79zFadlELv6YsvhQbPK40tqo9dLJyH10p1u/kVciFMFRQndfLpVsx+lRP3BI4X -QqcxuJfsjwg35NKf1AyUvT0hr1tk+L+65DLGsK3jYkF49x5Ktz37dn9qozd5QJJj -0xjQ5G5TD5ZoL21Is7Tl8f60va1MhjHkto3w52YFzmrxmgDUXYFtM8B1CVp50nFp -NdZMag9w+c07uLhwrBi7tA5JYL5ZDuU6Rt8UHD6z3V6QjqrVPbY6H0zamieIRgQQ -EQIABgUCU2sT4gAKCRAVEq5Scndxf4eAAKCQwHmctA4/C08m1nYfvzs4ggyr5wCg -myTarImZd1mlwJ9EeEETeYPGfUG5AQ0EU2sTmAEIALrAA7EBl8qzs2+cQRu5WruN -Llg9b70Tq6jV6gjVYLXcSjnbuOaVmPaK8m00+eV4oef3TfXFSVDZg2/3SL6NbQSG -MxQtbyqKfM3RmURrN5zY/j84fkgRuvDOBidyZ/1aKX9O9I3EpPikR0su9qRK1dD5 -dUFhn+gXb6yPDD0XohWqoKVn2mTgt6OgXzLGdeIBSmdt4G8IgUo95gIDxlkYKCR9 -1lmgfSvGh5GfVtFmTXNXr1uxqv1tX9+LjMmJoiD350lo6NfkEVASOZfXXkU3IOcx -0nd4TB/cT84PqfiZpUNFAgb/10XPCS5TfkabkgaqKw8PBnl4xAHfMjp0VZqK2osA -EQEAAYkBJQQYAQIADwUCU2sTmAIbDAUJEswDAAAKCRA11pcJ7ICeBGlBB/9YTFrK -vY9T/1/TW0LUYHCIcnGP/VNOUKvJAAIYZIyB60XgP2DQwM6uUAwq81hIHDUqC38g -16oOJ7IMraYjeKP3ynQUVHX43I16uXJ0hgJ6W6jaCdZ1U0rjeOS4L/Y99yOAJq5E -9zVIURAxpqPBsXDGYbGor1/ADWqTHg7CgkiKGRf7sk0eW0SuvdObv9NqcZhXTESj -KiAB0TYqTJu28JOxT4aRrMWrkiVGO+5k6hDa+vekvkPaL5dQl1pUrJQ4CRf6V9xS -JIioOz+q1AFClULax5jXgZx3qbmrSmex5frqIdnBLe/8/6/KJuqk7uuN0kxgNhjU -ouDkLE5GorG4wlkP -=HeFo +AJ1o2cV2U+aR/M349D/j6fw+i8I7WqJhMVEBABEBAAG0G1BldGVyIFdlbW0gPHBl +dGVyQHdlbW0ub3JnPokBQgQTAQIALAIbAwUJEswDAAcLCQgHAwIBBhUIAgkKCwQW +AgMBAh4BAheABQJTaxbYAhkBAAoJEDXWlwnsgJ4EWewH/Rfv+NyDw0FEENhbe8jc +6tgRak0qqvP59X+3yeS0faufGtvc0zhw52kPJIWMihVh8nbtHVjhvkhh0KsJRr/D +dOwh95zs/r79zFadlELv6YsvhQbPK40tqo9dLJyH10p1u/kVciFMFRQndfLpVsx+ +lRP3BI4XQqcxuJfsjwg35NKf1AyUvT0hr1tk+L+65DLGsK3jYkF49x5Ktz37dn9q +ozd5QJJj0xjQ5G5TD5ZoL21Is7Tl8f60va1MhjHkto3w52YFzmrxmgDUXYFtM8B1 +CVp50nFpNdZMag9w+c07uLhwrBi7tA5JYL5ZDuU6Rt8UHD6z3V6QjqrVPbY6H0za +mieIRgQQEQIABgUCU2sT4gAKCRAVEq5Scndxf4eAAKCQwHmctA4/C08m1nYfvzs4 +ggyr5wCgmyTarImZd1mlwJ9EeEETeYPGfUGJAT8EEwECACkFAlNrE5gCGwMFCRLM +AwAHCwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRA11pcJ7ICeBJ/QCAC713CO +IVCoWx4Jxhi36LpBaqE+vs4FsFmxDbhre0AQ75r883aatWwZ3gy9f1UR/1gpwy44 +4UbWYTAHM/8yUpEFfOBksUdreIpEk0jsza78Aj39dj5W6rI2RkIyDuCm6Epznq0Z +7YrqUfGJyCmKRsHqGuYhHkYDGDVdE1Y8xw+NOt8PoptdXit9PLYSTyPZ5jnimESR +RwLIeu+nRgP2Dlg1tuKa7Ki5ISk41HSeRPVPPFY2G6YNablXiWOqdf9EuGooF3TV +Zfg8NLDjSkl/zLZF1nKHSItAn0gjHRgNyvaHcPZWInonfE+OEYeyqsF6l0HqgxT9 +KM4Fd98OxeORPGhSiJwEEAECAAYFAlNtTeUACgkQSoY3Ydic4xlChwQAiQnU0mqx +teypjw59QSeGPr8xA+P0RFDkUdHuo+Yn1l+7BJ6YVHybEucotB1+yplc4Qhcso8a +kVbNTRQQSdefCFSkEM06ZkxHMncy5hE1ST5/z2bxsy6b5bJYGlRvrizYYWLc38Ml +VBwb3Xy2jAunenEliNQtfI1nKjRTJ50cawS0HlBldGVyIFdlbW0gPHBldGVyQEZy +ZWVCU0Qub3JnPokBPwQTAQIAKQUCU2sVsgIbAwUJEswDAAcLCQgHAwIBBhUIAgkK +CwQWAgMBAh4BAheAAAoJEDXWlwnsgJ4EYUoIANjH/CJZpiD4arpHeK7EaX2iJVVf +STeQ8jjLBwio+cIUic+Aef4K7tweKTPCgf6ZZ56Eua3AYE4kv5YSMNvCqMZfFXuE +YjwEsKma7YWO1n1o0eRs7KhU/+w50GNyE1QG6u56GzML5QIfD0AUDWqo9grjjOq5 +afp5xuyLK/lh21wViwpr6ckpYtuITV7gF/UWeOAiIdXxbvhNLrkSJVC3E4DkubvK +QQor44p5of+lTI1P3aXnW+z1VReHm17fJk+ZaXUu/AeuXM+4TH6lFwr7o9xzeqFJ +ZRFg4ThLv6p5pSsZpBaLJnIA9vGDFF6yA38M1ihamlhvYZhDPrito2xEh3iIRgQQ +EQIABgUCU2sVywAKCRAVEq5ScndxfzRZAJ9oHdEvxqJPtImy+e5LCK/aW43H/ACf +cDepfQLzPM4UqJ+m2VRkfA5KsumInAQQAQIABgUCU21N6AAKCRBKhjdh2JzjGXqa +A/4h0TFcVs0o8Gn/OSmwQLrIcu5yvuXbrl3yz4ldJDdtz90PwYbRtWe8LPcKK52V +v4r87obXKGbWjpPZLzES2CtTtsSRBZATTvuicdE7XE1xdq+lQbp4gJu588+Ti6R7 +TBVtKuL0Bu8Lkfu/0JFJxi8E6pXgCWDw75OzA0v1MSHx0bkBDQRTaxOYAQgAusAD +sQGXyrOzb5xBG7lau40uWD1vvROrqNXqCNVgtdxKOdu45pWY9orybTT55Xih5/dN +9cVJUNmDb/dIvo1tBIYzFC1vKop8zdGZRGs3nNj+Pzh+SBG68M4GJ3Jn/Vopf070 +jcSk+KRHSy72pErV0Pl1QWGf6BdvrI8MPReiFaqgpWfaZOC3o6BfMsZ14gFKZ23g +bwiBSj3mAgPGWRgoJH3WWaB9K8aHkZ9W0WZNc1evW7Gq/W1f34uMyYmiIPfnSWjo +1+QRUBI5l9deRTcg5zHSd3hMH9xPzg+p+JmlQ0UCBv/XRc8JLlN+RpuSBqorDw8G +eXjEAd8yOnRVmoraiwARAQABiQElBBgBAgAPBQJTaxOYAhsMBQkSzAMAAAoJEDXW +lwnsgJ4EaUEH/1hMWsq9j1P/X9NbQtRgcIhycY/9U05Qq8kAAhhkjIHrReA/YNDA +zq5QDCrzWEgcNSoLfyDXqg4nsgytpiN4o/fKdBRUdfjcjXq5cnSGAnpbqNoJ1nVT +SuN45Lgv9j33I4AmrkT3NUhREDGmo8GxcMZhsaivX8ANapMeDsKCSIoZF/uyTR5b +RK6905u/02pxmFdMRKMqIAHRNipMm7bwk7FPhpGsxauSJUY77mTqENr696S+Q9ov +l1CXWlSslDgJF/pX3FIkiKg7P6rUAUKVQtrHmNeBnHepuatKZ7Hl+uoh2cEt7/z/ +r8om6qTu643STGA2GNSi4OQsTkaisbjCWQ8= +=kdWX -----END PGP PUBLIC KEY BLOCK----- ]]> From owner-svn-doc-all@FreeBSD.ORG Sat May 10 11:44:25 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 20F63825; Sat, 10 May 2014 11:44:25 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0D956381; Sat, 10 May 2014 11:44:25 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4ABiPhj078065; Sat, 10 May 2014 11:44:25 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4ABiO1D078064; Sat, 10 May 2014 11:44:24 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405101144.s4ABiO1D078064@svn.freebsd.org> From: Benedict Reuschling Date: Sat, 10 May 2014 11:44:24 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44807 - head/de_DE.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 May 2014 11:44:25 -0000 Author: bcr Date: Sat May 10 11:44:24 2014 New Revision: 44807 URL: http://svnweb.freebsd.org/changeset/doc/44807 Log: Update to r43975: Whitespace fixes only. Submitted by: Bjoern Heidotting Obtained from: The FreeBSD German Documentation Project Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Fri May 9 22:00:36 2014 (r44806) +++ head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Sat May 10 11:44:24 2014 (r44807) @@ -5,7 +5,7 @@ $FreeBSD$ $FreeBSDde:$ - basiert auf: r43920 + basiert auf: r43975 --> Weiterfhrende Netzwerkthemen - JohannKoisbersetzt von + + + Johann + Kois + + bersetzt von + @@ -546,9 +552,15 @@ host2.example.com link#1 unterbrechen wollen, knnen Sie die Variable auf 0 setzen. - BGP - RIP - OSPF + + BGP + + + RIP + + + OSPF + Ihr neuer Router bentigt nun noch Routen, um zu wissen, wohin er den Verkehr senden soll. Haben Sie ein @@ -565,7 +577,13 @@ host2.example.com link#1 Statische Routen einrichten - AlHoangBeigetragen von + + + Al + Hoang + + Beigetragen von + @@ -806,17 +824,33 @@ route_net2="-net 192.168.1.0/24 192.168. Drahtlose Netzwerke - Loader + + + Loader + + - MarcFonvieille + + + Marc + Fonvieille + + - MurrayStokely + + + Murray + Stokely + + - Netzwerke, drahtlos + + Netzwerke, drahtlos + 802.11 drahtlose Netzwerke @@ -2501,7 +2535,9 @@ freebsdap 00:11:95:c3:0d:ac 1 USB Tethering - tether + + tether + Viele Mobiltelefone bieten die Mglichkeit, ihre Datenverbindung ber USB (oft "Tethering" genannt) zu @@ -2534,16 +2570,14 @@ freebsdap 00:11:95:c3:0d:ac 1 Lucistnik Beigetragen von - -
              - pav@FreeBSD.org -
              -               + pav@FreeBSD.org - Bluetooth + + Bluetooth + bersicht @@ -2622,7 +2656,9 @@ Number of SCO packets: 8 Das Host Controller Interface (HCI) - HCI + + HCI + Das Host Controller Interface (HCI) bietet eine Befehlsschnittstelle zum Basisbandcontroller @@ -2716,7 +2752,9 @@ Reason: Connection terminated by local h Das Logical Link Control and Adaptation Protocol (L2CAP) - L2CAP + + L2CAP + Das Logical Link Control and Adaptation Protocol (L2CAP) bietet @@ -2793,7 +2831,9 @@ c2e8bc80 0 250 00:02:72:00:d4:1a Das RFCOMM-Protokoll - RFCOMM + + RFCOMM + Das RFCOMM-Protokoll emuliert serielle Verbindungen ber das L2CAP-Protokoll. Es basiert auf dem ETSI-Standard @@ -2827,7 +2867,9 @@ c2e8bc80 0 250 00:02:72:00:d4:1a Bluetooth-Gerten (Pairing) - Pairing + + Pairing + In der Voreinstellung nutzt Bluetooth keine Authentifizierung, daher kann sich jedes Bluetoothgert mit @@ -2898,7 +2940,9 @@ hcsecd[16484]: Sending PIN_Code_Reply to Das Service Discovery Protocol (SDP) - SDP + + SDP + Das Service Discovery Protocol (SDP) erlaubt es Clientanwendungen, von Serveranwendungen @@ -3074,7 +3118,9 @@ Bluetooth Profile Descriptor List: Das Profil OBEX-Push (OPUSH) - OBEX + + OBEX + OBEX ist ein hufig verwendetes Protokoll fr den Dateitransfer zwischen Mobilgerten. Sein Hauptzweck ist @@ -3189,7 +3235,13 @@ rfcomm_sppd[94692]: Starting on /dev/tty LAN-Kopplung mit einer Bridge - AndrewThompsonGeschrieben von + + + Andrew + Thompson + + Geschrieben von + @@ -3198,8 +3250,12 @@ rfcomm_sppd[94692]: Starting on /dev/tty Einfhrung - Subnetz - Bridge + + Subnetz + + + Bridge + Manchmal ist es ntzlich, ein physikalisches Netzwerk (wie ein Ethernetsegment) in zwei separate Netzwerke @@ -3246,8 +3302,12 @@ rfcomm_sppd[94692]: Starting on /dev/tty Filtering/Traffic Shaping Firewall - Firewall - NAT + + Firewall + + + NAT + Hufig kommt es vor, dass Firewallfunktionen bentigt werden, ohne dass Routing oder @@ -3261,9 +3321,15 @@ rfcomm_sppd[94692]: Starting on /dev/tty ist der Einsatz von Subnetzen sowie einer routerbasierten Firewall schwierig. - Router - DSL - ISDN + + Router + + + DSL + + + ISDN + Eine brigdebasierte Firewall kann konfiguriert und in den ISDN/DSL-Downstreampfad ihres Routers eingebunden werden, ohne @@ -3402,7 +3468,9 @@ ifconfig_fxp1="up" Firewalls - firewall + + firewall + Nachdem ein Paketfilter aktiviert wurde, knnen Datenpakete, die von den Schnittstellen der gekoppelten @@ -3718,22 +3786,52 @@ BEGEMOT-BRIDGE-MIB::begemotBridgeDefault Link-Aggregation und Failover - AndrewThompsonGeschrieben von + + + Andrew + Thompson + + Geschrieben von + - BenedictReuschlingbersetzt von - SharonBahagi + + + Benedict + Reuschling + + bersetzt von + + + + + Sharon + Bahagi + + - lagg - failover - fec - lacp - loadbalance - roundrobin + + lagg + + + failover + + + fec + + + lacp + + + loadbalance + + + roundrobin + Die von &os; untersttzte &man.lagg.4;-Schnittstelle erlaubt die Gruppierung von mehreren Netzwerkadaptern als eine @@ -4101,11 +4199,23 @@ DHCP" Start und Betrieb von &os; ber ein Netzwerk - Jean-FrançoisDockèsAktualisiert von + + + Jean-François + Dockès + + Aktualisiert von + - AlexDupreReorganisiert und erweitert von + + + Alex + Dupre + + Reorganisiert und erweitert von + @@ -5207,7 +5317,13 @@ Received 264951 bytes in 0.1 seconds ISDN-Karten - HellmuthMichaelisBeigetragen von + + + Hellmuth + Michaelis + + Beigetragen von + @@ -5539,7 +5655,12 @@ ISDN BRI Verbindung NAT - Network Address Translation - ChernLeeBeigetragen von + + + Chern + Lee + Beigetragen von + @@ -5560,9 +5681,13 @@ ISDN BRI Verbindung ursprngliche Sender wieder bestimmt und die Daten an ihn weitergeleitet werden knnen. - Internet connection sharing + + Internet connection sharing + - NAT + + NAT + Der hufigste Grund fr die Verwendung von NAT ist die gemeinsame Nutzung einer Internetverbindung. @@ -5832,7 +5957,9 @@ redirect_port tcp 192.168.0.3:80 80 Adressen umleiten - address redirection + + address redirection + Die Umleitung von Adressen ist ntzlich, wenn mehrere IP-Adressen verfgbar sind, die aber alle auf einem Rechner @@ -6810,7 +6937,8 @@ route_hostD="192.168.173.4 hatm0 0 102 l Beigetragen von - + + Allan @@ -6821,8 +6949,12 @@ route_hostD="192.168.173.4 hatm0 0 102 l - CARP - Common Address Redundancy Protocol (CARP) + + CARP + + + Common Address Redundancy Protocol (CARP) + Das Common Address Redundancy Protocol (CARP) erlaubt es, From owner-svn-doc-all@FreeBSD.ORG Sun May 11 15:21:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 40C2FD3C; Sun, 11 May 2014 15:21:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2D7572B78; Sun, 11 May 2014 15:21:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4BFLt6g032797; Sun, 11 May 2014 15:21:55 GMT (envelope-from rene@svn.freebsd.org) Received: (from rene@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4BFLtF0032796; Sun, 11 May 2014 15:21:55 GMT (envelope-from rene@svn.freebsd.org) Message-Id: <201405111521.s4BFLtF0032796@svn.freebsd.org> From: Rene Ladan Date: Sun, 11 May 2014 15:21:55 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44808 - head/en_US.ISO8859-1/books/porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 May 2014 15:21:55 -0000 Author: rene Date: Sun May 11 15:21:54 2014 New Revision: 44808 URL: http://svnweb.freebsd.org/changeset/doc/44808 Log: Remove a section on WITH_ and WITHOUT_ knobs. The text referred to ^/KNOBS in the Ports repository which has been removed for a while. The options framework should be used instead. Prodded by: Barnerd on #bsddocs Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Sat May 10 11:44:24 2014 (r44807) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Sun May 11 15:21:54 2014 (r44808) @@ -3447,95 +3447,6 @@ MASTERDIR= ${.CURDIR}/../xdvi300 options properly will make users happy, and effectively provide two or more ports for the price of one. - - Knobs - - - <varname>WITH_<replaceable>*</replaceable></varname> - and - <varname>WITHOUT_<replaceable>*</replaceable></varname> - - These variables are designed to be set by the system - administrator. There are many that are standardized in the - ports/KNOBS - file. - - When creating a port, do not make knob names specific to - a given application. For example in Avahi port, use - WITHOUT_MDNS instead of - WITHOUT_AVAHI_MDNS. - - - You should not assume that a - WITH_* - necessarily has a corresponding - WITHOUT_* - variable and vice versa. In general, the default is - simply assumed. - - - - Unless otherwise specified, these variables are only - tested for being set or not set, rather than being set to - a specific value such as YES or - NO. - - - - Common - <varname>WITH_<replaceable>*</replaceable></varname> and - <varname>WITHOUT_<replaceable>*</replaceable></varname> - Variables - - - - - Variable - Means - - - - - - WITH_OPENSSL_BASE - Use the version of OpenSSL in the base - system. - - - - WITH_OPENSSL_PORT - Installs the version of OpenSSL from - security/openssl, - even if the base is up to date. - - - -
              -               - - - Knob Naming - - Porters should use like-named knobs, both for the - benefit of end-users and to help keep the number of knob - names down. A list of popular knob names can be found in - the KNOBS - file. - - Knob names should reflect what the knob is and does. - When a port has a lib-prefix in the - PORTNAME the lib-prefix should be - dropped in knob naming. - - - Knob names should be always be in all - uppercase. - - -               - <varname>OPTIONS</varname> From owner-svn-doc-all@FreeBSD.ORG Sun May 11 15:45:44 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F2B334F5; Sun, 11 May 2014 15:45:43 +0000 (UTC) Received: from prod2.absolight.net (mx3.absolight.net [IPv6:2a01:678:2:100::25]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "plouf.absolight.net", Issuer "CAcert Class 3 Root" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id B3D642D34; Sun, 11 May 2014 15:45:43 +0000 (UTC) Received: from prod2.absolight.net (localhost [127.0.0.1]) by prod2.absolight.net (Postfix) with ESMTP id 06A57BDC3E; Sun, 11 May 2014 17:45:42 +0200 (CEST) Received: from atuin.in.mat.cc (atuin.in.mat.cc [79.143.241.205]) by prod2.absolight.net (Postfix) with ESMTPA id DAC64BDC25; Sun, 11 May 2014 17:45:41 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by atuin.in.mat.cc (Postfix) with ESMTP id DB00659A119; Sun, 11 May 2014 17:45:41 +0200 (CEST) Date: Sun, 11 May 2014 17:45:41 +0200 From: Mathieu Arnold To: Rene Ladan , doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: Re: svn commit: r44808 - head/en_US.ISO8859-1/books/porters-handbook/makefiles Message-ID: In-Reply-To: <201405111521.s4BFLtF0032796@svn.freebsd.org> References: <201405111521.s4BFLtF0032796@svn.freebsd.org> X-Mailer: Mulberry/4.0.8 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 May 2014 15:45:44 -0000 +--On 11 mai 2014 15:21:55 +0000 Rene Ladan wrote: | Author: rene | Date: Sun May 11 15:21:54 2014 | New Revision: 44808 | URL: http://svnweb.freebsd.org/changeset/doc/44808 | | Log: | Remove a section on WITH_ and WITHOUT_ knobs. The text referred | to ^/KNOBS in the Ports repository which has been removed for a while. | | The options framework should be used instead. Removing all this is *wrong*. While I agree that the KNOBS file is gone and the link should not be there any more, things, like WITH_OPENSSL_BASE/PORT should stay there, or at least, stay somewhere. -- Mathieu Arnold From owner-svn-doc-all@FreeBSD.ORG Sun May 11 16:48:54 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E6DCE1F3; Sun, 11 May 2014 16:48:54 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C7CFF21B3; Sun, 11 May 2014 16:48:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4BGmspe071088; Sun, 11 May 2014 16:48:54 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4BGms31071087; Sun, 11 May 2014 16:48:54 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405111648.s4BGms31071087@svn.freebsd.org> From: Dru Lavigne Date: Sun, 11 May 2014 16:48:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44809 - head/en_US.ISO8859-1/books/handbook/mail X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 May 2014 16:48:55 -0000 Author: dru Date: Sun May 11 16:48:54 2014 New Revision: 44809 URL: http://svnweb.freebsd.org/changeset/doc/44809 Log: Editorial review of Replacing MTA chapter. Add needed periodic.conf entries and update mailer.conf with Postfix example. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mail/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Sun May 11 15:21:54 2014 (r44808) +++ head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Sun May 11 16:48:54 2014 (r44809) @@ -539,7 +539,7 @@ postmaster@example.com postmast GregoryNeil ShapiroInformation taken - from emails written by + from emails written by @@ -550,30 +550,22 @@ postmaster@example.com postmast &os; comes with Sendmail already installed as the MTA which is in charge of - outgoing and incoming mail. - - However, the system administrator can change the system's - MTA. The reasons for doing so range from - wanting to try out another MTA to needing a - specific feature or package which relies on another - MTA. Whatever the reason, &os; makes it - easy to make the change. - - - Install a New <acronym>MTA</acronym> - - A wide choice of MTAs is available - from the mail category of the &os; Ports Collection. - - Once a new MTA is installed, configure - the new software and decide if it really fulfills your needs - before replacing Sendmail. - - Refer to the new chosen MTA's - documentation for information on how to configure the - software. - + outgoing and incoming mail. However, the system administrator + can change the system's MTA. A wide choice + of alternative MTAs is available from the + mail category of the &os; Ports + Collection.               + + Once a new MTA is installed, configure + and test the new software before replacing + Sendmail. Refer to the documentation + of the new MTA for information on how to + configure the software. + + Once the new MTA is working, use the + instructions in this section to disable + Sendmail and configure &os; to use + the replacement MTA. Disable <application>Sendmail</application> @@ -586,14 +578,13 @@ postmaster@example.com postmast their results by email. Many parts of the system expect a functional MTA. If applications continue to use Sendmail's binaries to try - to send email they are disabled, mail could go into an - inactive Sendmail queue, and + to send email after they are disabled, mail could go into an + inactive Sendmail queue and never be delivered.               In order to completely disable - Sendmail, including the outgoing - mail service, add or edit the following lines in + Sendmail, add or edit the following lines in /etc/rc.conf: sendmail_enable="NO" @@ -602,90 +593,99 @@ sendmail_outbound_enable="NO" sendmail_msp_queue_enable="NO" To only disable Sendmail's - incoming mail service, set + incoming mail service, use only this entry in + /etc/rc.conf:               sendmail_enable="NO" - in /etc/rc.conf. More information + More information on Sendmail's startup options is available in &man.rc.sendmail.8;.               - Running the New <acronym>MTA</acronym> on Boot + Replace the Default <acronym>MTA</acronym> - The new MTA can be started during - boot by adding a configuration line to - /etc/rc.conf. This example enables the + When a new MTA is installed using the + Ports Collection, its startup script is also installed and + startup instructions are mentioned in its package message. + Before starting the new MTA, stop the + running Sendmail processes. This + example stops all of these services, then starts the + Postfix service: + + &prompt.root; service sendmail stop +&prompt.root; service postfix start + + To start the replacement MTA at system boot, + add its configuration line to + /etc/rc.conf. This entry enables the Postfix MTA: - &prompt.root; echo -'postfix_enable=YES' ->> /etc/rc.conf + postfix_enable="YES" - The specified MTA will now be - automatically started during boot. - + Some extra configuration is needed as + Sendmail is so ubiquitous that some software assumes + it is already installed and configured. Check + /etc/periodic.conf and make sure that + these values are set to NO. If this file + does not exist, create it with these entries: + + daily_clean_hoststat_enable="NO" +daily_status_mail_rejects_enable="NO" +daily_status_include_submit_mailq="NO" +daily_submit_queuerun="NO" - - Replacing <application>Sendmail</application> as - the System's Default Mailer - - Sendmail is so ubiquitous as - standard software on &unix; systems that some software assumes - it is already installed and configured. For this reason, many - alternative MTAs provide their own + Some alternative MTAs provide their own compatible implementations of the Sendmail command-line interface in - order to facilitate using them as drop-in - replacements for Sendmail. + order to facilitate using them as drop-in + replacements for Sendmail. + However, some MUAs may + try to execute standard + Sendmail binaries instead of the + new MTA's binaries. &os; uses + /etc/mail/mailer.conf to map the expected + Sendmail binaries to the location of the new + binaries. More information about this mapping can be found in + &man.mailwrapper.8;. - When using an alternative MTA, - make sure that software trying to execute standard - Sendmail binaries, such as - /usr/bin/sendmail, actually execute - the chosen mailer instead. Fortunately, &os; provides a - system called &man.mailwrapper.8; for this purpose. - - When Sendmail is operating - as installed, - /etc/mail/mailer.conf will look like + The default + /etc/mail/mailer.conf looks like this: - sendmail /usr/libexec/sendmail/sendmail -send-mail /usr/libexec/sendmail/sendmail -mailq /usr/libexec/sendmail/sendmail -newaliases /usr/libexec/sendmail/sendmail -hoststat /usr/libexec/sendmail/sendmail -purgestat /usr/libexec/sendmail/sendmail + # $FreeBSD$ +# +# Execute the "real" sendmail program, named /usr/libexec/sendmail/sendmail +# +sendmail /usr/libexec/sendmail/sendmail +send-mail /usr/libexec/sendmail/sendmail +mailq /usr/libexec/sendmail/sendmail +newaliases /usr/libexec/sendmail/sendmail +hoststat /usr/libexec/sendmail/sendmail +purgestat /usr/libexec/sendmail/sendmail When any of the commands listed on the left are run, the system actually executes the associated command shown on - the right instead. This system makes it easy to change what + the right. This system makes it easy to change what binaries are executed when these default - Sendmail functions are invoked. - - As an example, to run - /usr/local/supermailer/bin/sendmail-compat - instead of Sendmail, specify the - paths to the installed applications in - /etc/mail/mailer.conf: - - sendmail /usr/local/supermailer/bin/sendmail-compat -send-mail /usr/local/supermailer/bin/sendmail-compat -mailq /usr/local/supermailer/bin/mailq-compat -newaliases /usr/local/supermailer/bin/newaliases-compat -hoststat /usr/local/supermailer/bin/hoststat-compat -purgestat /usr/local/supermailer/bin/purgestat-compat - + binaries are invoked.               - - Finishing + Some MTAs, when installed using the + Ports Collection, will prompt to update this file for the new + binaries. For example, Postfix + will update the file like this: + + # +# Execute the Postfix sendmail program, named /usr/local/sbin/sendmail +# +sendmail /usr/local/sbin/sendmail +send-mail /usr/local/sbin/sendmail +mailq /usr/local/sbin/sendmail +newaliases /usr/local/sbin/sendmail - Once everything is configured, either kill the - unneeded sendmail processes and - start the processes belonging to the new software, or - reboot. Rebooting provides the opportunity to ensure that + Once everything is configured, it is recommended to + reboot the system. Rebooting provides the opportunity to ensure that the system is correctly configured to start the new MTA automatically on boot. From owner-svn-doc-all@FreeBSD.ORG Sun May 11 18:49:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 858BB38A; Sun, 11 May 2014 18:49:13 +0000 (UTC) Received: from mail-ee0-x232.google.com (mail-ee0-x232.google.com [IPv6:2a00:1450:4013:c00::232]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 94C382A5F; Sun, 11 May 2014 18:49:12 +0000 (UTC) Received: by mail-ee0-f50.google.com with SMTP id e51so4026855eek.23 for ; Sun, 11 May 2014 11:49:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:message-id:date:from:user-agent:mime-version:to:subject :references:in-reply-to:content-type; bh=xd7Hm6l+rXQvLtiGSLzzxt4nAlT76D1kDVA8jnkyPZ0=; b=dcUn0W/QM8cc5qqHogPs0C+6mM3TK+2JSzm22IP23ggZngsgNFDShACtCXKGpaJz2h htQ9AfsBIt3ZT49Fso1WsF2Wcc4v3DHiwRi32JVWlz6Niyt5et1kTkXJwUPS2FPGEepk D/WiEyABkz9HjTds4NoODYYAhBQH+bH6eb1ye4A6ekK1WLe/oQcqTvz82GuHdWXG5SIZ 3W1g57ZSPTZw/dXVzU8SE+oDtKUl4H4rMAgm2xBEWiKG5+p4l7CuVj8jgyHxALV4XLXp yVtQnkVFHZGV8YDFjfoapHo/Hcyv+Z2PtyRjcxipHJQckdUyPceg37v65t9VU4rANm82 B7NA== X-Received: by 10.14.109.201 with SMTP id s49mr27331111eeg.88.1399834150729; Sun, 11 May 2014 11:49:10 -0700 (PDT) Received: from [192.168.178.20] (a82-161-212-209.adsl.xs4all.nl. [82.161.212.209]) by mx.google.com with ESMTPSA id u1sm27280042eex.31.2014.05.11.11.49.09 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sun, 11 May 2014 11:49:09 -0700 (PDT) Sender: =?UTF-8?Q?Ren=C3=A9_Ladan?= Message-ID: <536FC624.1090508@freebsd.org> Date: Sun, 11 May 2014 20:49:08 +0200 From: =?ISO-8859-1?Q?Ren=E9_Ladan?= User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: Mathieu Arnold , doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: Re: svn commit: r44808 - head/en_US.ISO8859-1/books/porters-handbook/makefiles References: <201405111521.s4BFLtF0032796@svn.freebsd.org> In-Reply-To: X-Enigmail-Version: 1.6 Content-Type: multipart/mixed; boundary="------------070804010909000303070703" X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 May 2014 18:49:13 -0000 This is a multi-part message in MIME format. --------------070804010909000303070703 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 05/11/2014 17:45, Mathieu Arnold wrote: > +--On 11 mai 2014 15:21:55 +0000 Rene Ladan wrote: > | Author: rene > | Date: Sun May 11 15:21:54 2014 > | New Revision: 44808 > | URL: http://svnweb.freebsd.org/changeset/doc/44808 > | > | Log: > | Remove a section on WITH_ and WITHOUT_ knobs. The text referred > | to ^/KNOBS in the Ports repository which has been removed for a while. > | > | The options framework should be used instead. > > Removing all this is *wrong*. > > While I agree that the KNOBS file is gone and the link should not be there > any more, things, like WITH_OPENSSL_BASE/PORT should stay there, or at > least, stay somewhere. > What about the attached patch? Ren -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQJ8BAEBCgBmBQJTb8YjXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQxMDFBNzE2QjE2MkIwMEU1NUJFREVBMDVB REJCRjg2MTBBMzc4OUI3AAoJEK27+GEKN4m3BHsP/1AdvB8rmuZd5qib48JPqPFr LTvo50UWzNn46uUBOqVyB+fOMuFPXc2o1jaCqmQSwolbFuzwX/jLVOfaBotSd5y1 78hqJxw7QMK2Yrj3D9e6H5v+LVEAZNmGmQs9LN1VtaW1aOA/bRoiDOQelJdfPwWU 9cs+A1uadcFOGjdjCZS3L/ZL4ludaVycsWmPSb2aikRC1IaVODoKrWkFShfYiSeU bQ85SAEhhwcnuufRwwtJ7CB7ZTXDAB24SEr7lRWcPTAa8zSd+WLclauRbdGYDScL yREicZYaT9ECYZM+9FHGSGzDRr7WtyditQ9xNmohSFMX1qKgNtXdUg1QObg/3ZqH T2RNBFU5wIMN+O+hZvmVXHDp5oh6aOw9qfvtaIuqyiw/1yvrK8PqYxtNQjPRRyux eslAwjH7hWW/YVhPt/s/SPA9uqYKy8dfXTgUW6DDled+zff6qj6FC/MwSoNDuJgf SooOAyQqwXIwELqOTwO6iTl72dTTIgtSXvlreTy9vNTxFFZkgD+gY/6oOJx7QIkh LmLMFzES/bERfQiapghu8TV+9omlu+EzuHt3oa3tBYKZGjQC/CRNquOt+U7f4y9x 9aaOVmyDyRQ5e4z3lTJFQf2deYyGlXG+SU5SvUXkW980yWj2T+e/dFQK7t47Qi44 Egd912gqoyRxIju7bGew =68S5 -----END PGP SIGNATURE----- --------------070804010909000303070703 Content-Type: text/x-patch; name="doc.diff" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="doc.diff" Index: en_US.ISO8859-1/books/handbook/security/chapter.xml =================================================================== --- en_US.ISO8859-1/books/handbook/security/chapter.xml (revision 44809) +++ en_US.ISO8859-1/books/handbook/security/chapter.xml (working copy) @@ -1825,13 +1825,28 @@ www/apache24 and databases/postgresql91-server, include a compile option for building with - OpenSSL. If selected, the port will - add support using the security/openssl port. - To instead have the port compile against the built in version of - OpenSSL, include - WITH_OPENSSL_BASE when compiling in - OpenSSL support.               + OpenSSL.               + &os; provides two versions of + OpenSSL: one in the base system and + one in the Ports Collection. Users can choose which version to + use by default for other ports using the following knobs: + + + + WITH_OPENSSL_PORT: when set, the port will use + OpenSSL from the + security/openssl port, even if the + version in the base system is up to date or newer. + + + + WITH_OPENSSL_BASE: when set, the port will compile + against OpenSSL provided by the + base system. + + + Another common use of OpenSSL is to provide certificates for use with software applications. Certificates can be used to verify the credentials of a company --------------070804010909000303070703 Content-Type: application/octet-stream; name="doc.diff.sig" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="doc.diff.sig" iQJ8BAABCgBmBQJTb8YkXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9wZW5wZ3Au ZmlmdGhob3JzZW1hbi5uZXQxMDFBNzE2QjE2MkIwMEU1NUJFREVBMDVBREJCRjg2MTBBMzc4 OUI3AAoJEK27+GEKN4m3y5IQAKYZc95VxEKGRxWF9wEEMjXzWlwTRLfWBzvbsyWN8qLBj+OZ ZxwBZRSfywzsTrzxYp3AbIlc/xSxZTBarA+Xna3qWlYyANPjuCIZyLyu6rKFxfM8rn/VPSUJ SD/HEh1YlJk9RoGjp8MZUqe/IqmgsDva295I4uvRAKeoyumSBpcwRwzguU9wF36M3YQGdNIA ls2LUYT5E9D9yLtWxdZy3l3sX4Yb++xCOFeIWKCQ3jY+BkYX50ZPTMNw1VmOF5XE9zcMLsdz vlj/ys8JH2+0JWVwpnWGBtUwhdGyIF7xlKmUHeLO3SoTsGECtJf3r41fOCSDDUNo7v1eglh2 Q7pEToHIPzE5XRvwpGL8Q4WroiWbA0O9VR8CAxENLtG1E8oHqXjFpJsHVsehJtanQycSI6eU R0nsovnIojZmJoku41piEUbHGydMG+lYDw77Opi3xs0rTeT08JCLg/wzN4Y85WABMMcBvJQm oBk1pZ4JnCEZpw+nQNzWqxTSx9fJ6PC2dhCZfKzmasb/vzCqF9Sn7mJVXXRpxYQgRMhGSeXk 3+tXDmUBFb8c+mAE2kH3k4H0ZSEVLVTSZ1GJ+q3s87aIhNUmxDRUoA1rCW6lPHqe5NWa7bPB +bxdwfI4t90jhHPcuJGeCk9O+r6WHUZBF1LCbnA4aiZmaE1iiNxeuvXFDzmX --------------070804010909000303070703-- From owner-svn-doc-all@FreeBSD.ORG Sun May 11 23:51:22 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5F3695B1; Sun, 11 May 2014 23:51:22 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 409EB219C; Sun, 11 May 2014 23:51:22 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4BNpMpJ069104; Sun, 11 May 2014 23:51:22 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4BNpMdk069103; Sun, 11 May 2014 23:51:22 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405112351.s4BNpMdk069103@svn.freebsd.org> From: Dru Lavigne Date: Sun, 11 May 2014 23:51:22 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44810 - head/en_US.ISO8859-1/books/handbook/mail X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 May 2014 23:51:22 -0000 Author: dru Date: Sun May 11 23:51:21 2014 New Revision: 44810 URL: http://svnweb.freebsd.org/changeset/doc/44810 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mail/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Sun May 11 16:48:54 2014 (r44809) +++ head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Sun May 11 23:51:21 2014 (r44810) @@ -584,52 +584,51 @@ postmaster@example.com postmast In order to completely disable - Sendmail, add or edit the following lines in - /etc/rc.conf: + Sendmail, add or edit the following + lines in /etc/rc.conf: sendmail_enable="NO" sendmail_submit_enable="NO" sendmail_outbound_enable="NO" sendmail_msp_queue_enable="NO" - To only disable Sendmail's - incoming mail service, use only this entry in - /etc/rc.conf: + To only disable Sendmail's + incoming mail service, use only this entry in + /etc/rc.conf: + + sendmail_enable="NO" + + More information on Sendmail's + startup options is available in &man.rc.sendmail.8;. +               - sendmail_enable="NO" + + Replace the Default <acronym>MTA</acronym> - More information - on Sendmail's startup options - is available in &man.rc.sendmail.8;. - - - - Replace the Default <acronym>MTA</acronym> - - When a new MTA is installed using the - Ports Collection, its startup script is also installed and - startup instructions are mentioned in its package message. - Before starting the new MTA, stop the - running Sendmail processes. This - example stops all of these services, then starts the - Postfix service: + When a new MTA is installed using the + Ports Collection, its startup script is also installed and + startup instructions are mentioned in its package message. + Before starting the new MTA, stop the + running Sendmail processes. This + example stops all of these services, then starts the + Postfix service: - &prompt.root; service sendmail stop + &prompt.root; service sendmail stop &prompt.root; service postfix start - To start the replacement MTA at system boot, - add its configuration line to - /etc/rc.conf. This entry enables the - Postfix MTA: + To start the replacement MTA at system + boot, add its configuration line to + /etc/rc.conf. This entry enables the + Postfix MTA: postfix_enable="YES" Some extra configuration is needed as - Sendmail is so ubiquitous that some software assumes - it is already installed and configured. Check - /etc/periodic.conf and make sure that - these values are set to NO. If this file - does not exist, create it with these entries: + Sendmail is so ubiquitous that some + software assumes it is already installed and configured. + Check /etc/periodic.conf and make sure + that these values are set to NO. If this + file does not exist, create it with these entries:               daily_clean_hoststat_enable="NO" daily_status_mail_rejects_enable="NO" @@ -639,20 +638,18 @@ daily_submit_queuerun="NO"Some alternative MTAs provide their own compatible implementations of the Sendmail command-line interface in - order to facilitate using them as drop-in - replacements for Sendmail. - However, some MUAs may - try to execute standard + order to facilitate using them as drop-in replacements for + Sendmail. However, some + MUAs may try to execute standard Sendmail binaries instead of the new MTA's binaries. &os; uses /etc/mail/mailer.conf to map the expected - Sendmail binaries to the location of the new - binaries. More information about this mapping can be found in - &man.mailwrapper.8;.               - - The default - /etc/mail/mailer.conf looks like - this: + Sendmail binaries to the location + of the new binaries. More information about this mapping can + be found in &man.mailwrapper.8;.               + + The default /etc/mail/mailer.conf + looks like this: # $FreeBSD$ # @@ -665,11 +662,10 @@ newaliases /usr/libexec/sendmail/se hoststat /usr/libexec/sendmail/sendmail purgestat /usr/libexec/sendmail/sendmail - When any of the commands listed on the left are run, - the system actually executes the associated command shown on - the right. This system makes it easy to change what - binaries are executed when these default - binaries are invoked. + When any of the commands listed on the left are run, the + system actually executes the associated command shown on the + right. This system makes it easy to change what binaries are + executed when these default binaries are invoked. Some MTAs, when installed using the Ports Collection, will prompt to update this file for the new @@ -684,62 +680,57 @@ send-mail /usr/local/sbin/sendmail mailq /usr/local/sbin/sendmail newaliases /usr/local/sbin/sendmail - Once everything is configured, it is recommended to - reboot the system. Rebooting provides the opportunity to ensure that - the system is correctly configured to start the new - MTA automatically on boot. -               -               - - - Troubleshooting - - - email - troubleshooting - - - - - - Why do I have to use the FQDN for hosts on my - site? - - - - The host may actually be in a different domain. - For example, in order for a host in foo.bar.edu to - reach a host called mumble in - the bar.edu domain, - refer to it by the Fully-Qualified Domain Name - FQDN, mumble.bar.edu, - instead of just - mumble. - - This is because the version of - BIND - BIND which ships with - &os; no longer provides default abbreviations - for non-FQDNs other than the local domain. An - unqualified host such as - mumble must either be found - as mumble.foo.bar.edu, - or it will be searched for in the root domain. - - In older versions of - BIND, the search continued - across mumble.bar.edu, - and mumble.edu. RFC - 1535 details why this is considered bad practice or - even a security hole. + Once everything is configured, it is recommended to reboot + the system. Rebooting provides the opportunity to ensure that + the system is correctly configured to start the new + MTA automatically on boot. + + + + + Troubleshooting + + + email + troubleshooting + + + + + + Why do I have to use the FQDN for hosts on my + site? + + + + The host may actually be in a different domain. For + example, in order for a host in foo.bar.edu to reach a + host called mumble in the + bar.edu + domain, refer to it by the Fully-Qualified Domain Name + FQDN, mumble.bar.edu, + instead of just mumble. + + This is because the version of + BIND + BIND which ships with &os; + no longer provides default abbreviations for non-FQDNs + other than the local domain. An unqualified host such as + mumble must either be found as + mumble.foo.bar.edu, or + it will be searched for in the root domain. + + In older versions of BIND, + the search continued across mumble.bar.edu, and + mumble.edu. + RFC 1535 details why this is considered bad practice or + even a security hole. - As a good workaround, place the line: + As a good workaround, place the line: search foo.bar.edu bar.edu @@ -747,9 +738,9 @@ newaliases /usr/local/sbin/sendmail domain foo.bar.edu - into /etc/resolv.conf. - However, make sure that the search order does not go - beyond the boundary between local and public + into /etc/resolv.conf. However, + make sure that the search order does not go beyond the + boundary between local and public administration, as RFC 1535 calls it. @@ -1168,7 +1159,7 @@ hostname=_HOSTNAME_ ISP's outgoing mail relay in place of mail.example.com. Some ISPs call this the outgoing mail - server or SMTP server). + server or SMTP server). Make sure to disable Sendmail, including the outgoing mail service. See Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A82446FB; Mon, 12 May 2014 11:17:22 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 94FF92980; Mon, 12 May 2014 11:17:22 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4CBHMkZ077410; Mon, 12 May 2014 11:17:22 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4CBHMeS077409; Mon, 12 May 2014 11:17:22 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405121117.s4CBHMeS077409@svn.freebsd.org> From: Ryusuke SUZUKI Date: Mon, 12 May 2014 11:17:22 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44811 - head/ja_JP.eucJP/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Mon, 12 May 2014 11:41:59 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 May 2014 11:17:22 -0000 Author: ryusuke Date: Mon May 12 11:17:22 2014 New Revision: 44811 URL: http://svnweb.freebsd.org/changeset/doc/44811 Log: - Merge the following from the English version: r43771 -> r43885 head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Sun May 11 23:51:21 2014 (r44810) +++ head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Mon May 12 11:17:22 2014 (r44811) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43771 + Original revision: r43885 $FreeBSD$ --> @@ -83,9 +83,9 @@ - FTP サイト + <acronym>FTP</acronym> サイト - &os; の公式な情報は anonymous FTP + &os; の公式な情報は anonymous FTP によって世界中のミラーサイトより入手できます。 ftp://ftp.FreeBSD.org/pub/FreeBSD/ サイトは接続が良く、大規模な接続を受け付けていますが、 @@ -93,8 +93,8 @@ ミラーサイトを探した方が良いでしょう (特にミラーサイトのようなものを構築しようとした場合はこれに該当します)。 - さらに、&os; は以下のミラーサイトから anonymous FTP - によって入手できます。もし &os; を anonymous FTP + さらに、&os; は以下のミラーサイトから anonymous FTP + によって入手できます。もし &os; を anonymous FTP によって手にいれる場合は、 近くのサイトを利用するようにしてください。 一次ミラーサイト としてあげられているサイトには、 @@ -104,7 +104,7 @@ 各国のミラーサイトには、 人気のあるアーキテクチャの最新のバージョンが置いてありますが、 &os; のアーカイブ全体はもしかするとないかもしれません。 - すべてのサイトは anonymous FTP によるアクセスを提供していますが、 + すべてのサイトは anonymous FTP 別の方法によるアクセスを提供しているサイトもあります。 各サイトで提供しているアクセス方法は、 ホスト名に続く括弧の中に記載されています。 @@ -140,106 +140,123 @@ 訳: &a.hanai;、1997 年 9 月 13 日 - CTM - はリモートのディレクトリツリーを中央のツリーに同期させるための - 手段です。 - これは &os; のソースツリーの配布を行なうために開発されまし - たが、時が経つにつれて別の目的にも有用であることがわかるかも - しれません。 - デルタを作り出す処理に関するドキュメントは現在ほとんど - ありません。従って、もしあなたがCTM - を他のことに使いたいなら - &a.ctm-users.name; メーリングリストにさらなる情報を問い合わせてください。 + CTM は、 + リモートのディレクトリツリーを中央のツリーに同期させるための手段です。 + &os; システムに組み込まれており、&os; + のソースリポジトリとの同期に使うことができます。 + リポジトリ全体の同期や特定のブランチの同期に用いることができます。 + + CTM は、 + 特にお粗末な TCP/IP 接続しか持っていなかったり、 + TCP/IP 接続が行なえない環境での利用を想定して設計されています。 + 変更点を自動的にメールで送られてくるように設定することができます。 + アクティブなブランチでは 1 + 日に最大三つまでのデルタを受け取る必要があります。 + デルタのサイズは常にできるだけ小さく保たれています。 + 大抵の場合 5KB よりも小さく、 + たまに (10 回に 1 回程度) 10-50KB になり、 + ときおり 100KB 以上のサイズになります。 + + CTM を使って &os; + の開発を追いかける時には、 + あらかじめパッケージ化されたリリースとは異なり、 + 開発ソースの作業ディレクトリに関連した注意点に気をつけてください。 + これに関しては、 + 開発ブランチを追いかける + の章を参照してください。 + + デルタを作り出す過程や CTM + を他の目的に使うためのドキュメントは現在ほとんどありません。 + CTM に関連した質問については、 + &a.ctm-users.name; メーリングリストに相談してください。 - - なぜ <application>CTM</application> を使うの? - - CTM を使うことにより &os; - ソースツリーのローカルコピーを手にいれることができます。 - ソースツリーが使えることの魅力は数多くあります。完全な cvs - ツリーを追いかけるにしても、ひとつのブランチを追いかける - にしても CTM - は必要な情報を与えてくれます。 - もしあなたが &os; のアクティブな開発者であるにもかかわらず - お粗末な TCP/IP 接続しか持っていなかったり、または TCP/IP 接続が - 行なえないとしたら、あるいは単に変更が自動的に送られてきて - ほしいというのであれば CTM - はそんなあなたのために 作られたのです。 - アクティブなブランチでは 1 - 日に最大三つまでのデルタを受け取る必要があります。 - これが自動的に e-mail で送られてくるという方法を - ぜひ検討してみてください。 - デルタのサイズは常にできるだけ小さく保たれています。 - 大抵の場合 5KB よりも小さく、 - たまに (10 回に 1 回程度) 10-50KB になり、 - ときおり 100KB かもっと大きくなるでしょう。 - - 開発ソースから直接に得られたものを使うことについては、 - あらかじめパッケージにされたリリースとは違い、 - いろいろと注意することが あります。これは特に - current のソースを選んでいるときは重要です。 - 最新の &os; - を追いかけるを読むことをお勧めします。 - - - - <application>CTM</application>を使うには何が必要? - - 二つのものが必要でしょう: CTM - プログラムとそれに与える (current - レベルを得るための) 最初のデルタです。 + + デルタを入手する - CTM - プログラムはバージョン 2.0 のリリース以来 &os; の一部になりました。 - もしソースのコピーを持っているなら - /usr/src/usr.sbin/ctmにあります。 + CTM が用いる デルタ + は、anonymous FTP + もしくはメールで入手できます。 + + FTP + のデルタは以下のミラーサイトから入手できます。 + 関連したディレクトリをダウンロードし、 + README を読んでください。 + もし anonymous FTP を使って + CTM のデルタを手にいれる場合は、 + 近くのミラーを利用するようにしてください。 + 何か問題がある場合は、&a.ctm-users.name; + メーリングリストに相談してください。 - から入手できます。CTM - に与える デルタ は二つの方法、FTP または e-mail、 - で得ること ができます。 - もしインターネットに FTP アクセスできるなら、 - 次の FTP サイト: + + カリフォルニア、サンフランシスコ近辺、 + 公式なソース + + + + ftp://ftp.FreeBSD.org/pub/FreeBSD/development/CTM/ + + + ftp://ftp.FreeBSD.org/pub/FreeBSD/CTM/ + + + + - ftp://ftp.FreeBSD.org/pub/FreeBSD/CTM/ + 南アフリカ、 + 古い差分ファイルのバックアップサーバ + + + + ftp://ftp.za.FreeBSD.org/pub/FreeBSD/CTM/ + + + + - または、そのミラーサイトが - CTM へのアクセスをサポートします。 + 台湾/中華民国 + + + + ftp://ctm.tw.FreeBSD.org/pub/FreeBSD/development/CTM/ + - 適切なディレクトリに FTP して README - ファイルを入手し、そこからスタートしてください。 + + ftp://ctm2.tw.FreeBSD.org/pub/FreeBSD/development/CTM/ + - e-mail によってデルタを得たいという場合は: + + ftp://ctm3.tw.FreeBSD.org/pub/FreeBSD/development/CTM/ + + + + + - CTM + メールでデルタを得たいという場合は、 + CTM 配布メーリングリストのいずれかに参加してください。 - &a.ctm-src-cur.name; は完全な Subversion ツリー、 + &a.ctm-src-cur.name; は完全なソースツリー、 &a.ctm-src-cur.name; は開発先端ブランチに対応しています。&a.ctm-src-9.name; - は 9.X リリースのブランチに対応したものです - (もし参加方法が分からない場合は、メーリングリスト名をクリックするか、 - &a.mailman.lists.link; に行って参加したいメーリングリストをクリックしてください。 - このページには、参加手順が詳しく書かれています)。 + は 9.X リリースのブランチに対応したものです メールで CTM - による更新ファイルを受け取り始めると、中身を取り出して使用 - するために ctm_rmail - プログラムを使うかもしれません。それを完全 - に自動で行ないたいなら、/etc/aliases - から ctm_rmailプロ - グラムを直接使うこともできます。 - さらに詳しいことは ctm_rmail - manページを御覧ください。 + の更新ファイルを受け取り始めたら、 + 中身を取り出して使用するために + ctm_rmail を使ってください。 + このプロセスを自動で行ないたいのであれば、 + このコマンドを /etc/aliases + から直接実行することもできます。 + さらに詳しいことは &man.ctm.rmail.1; をご覧ください。 - どの方法を使って CTM - デルタを入手していたとしても、 + どの方法を使ってデルタを入手していたとしても、 + CTM のユーザは &a.ctm-announce.name; - メーリングリストには参加しておくといいでしょう。 - このメーリングリストは将来的には - CTM システムの操作に関する - アナウンスがポストされる唯一の場になるでしょう。 - メーリングリストに参加するには、上のメーリングリスト名をクリックして、 - 参加手順に従ってください。 + メーリングリストを購読するようにしてください。 + このメーリングリストは、 + CTM + システムの操作に関するアナウンスが投稿される唯一の場所です。 @@ -247,21 +264,8 @@ はじめて <application>CTM</application> を使い始める CTM - デルタを使い始めるためには、これは以降作られる全ての - デルタの出発点を手にいれる必要があります。 - - 最初にあなたが何をすでに持っているかをはっきりさせましょう。 - すべての人は - のディレクトリから始めなければなりません。 - ツリーをサポートしてるあなたの - CTM を稼働するためには - 指定した - のデルタを使う必要があります。いくつかの分岐点 - では、あなたの都合により CD - 内に分配されている スタータ - デルタを使用できるようになっています。しかしながら、これは - 頻繁に行われることではありません。 - + デルタを使い始めるためには、 + のディレクトリからデルタの出発点を作成する必要があります。 適切な出発点が決まれば、その出発点を CTM が @@ -431,71 +435,10 @@ 直観に反したものになります。 - - - - その他 ports コレクションに対するデルタもあるのですが、 これに興味を持っている人はまだ少ないようです。 - - - CTM サイト - - CTM/&os; - は以下のミラーサイトから anonymous FTP によって入手できます。 - もし CTM を anonymous FTP によって手にいれる場合は、 - 近くのサイトを利用するようにしてください。 - - 何か問題がある場合は、&a.ctm-users.name; メーリングリストに相談してください。 - - - カリフォルニア、サンフランシスコ近辺、 - 公式なソース - - - - ftp://ftp.FreeBSD.org/pub/FreeBSD/development/CTM/ - - - - - - 南アフリカ、ctm、sup、 - CVSupなどの古い差分ファイルのバックアップサーバ - - - - ftp://ftp.za.FreeBSD.org/pub/FreeBSD/CTM/ - - - - - - 台湾/中華民国 - - - - ftp://ctm.tw.FreeBSD.org/pub/FreeBSD/development/CTM/ - - - - ftp://ctm2.tw.FreeBSD.org/pub/FreeBSD/development/CTM/ - - - - ftp://ctm3.tw.FreeBSD.org/pub/FreeBSD/development/CTM/ - - - - - - - 近くにミラーサイトがない場合やミラーが不完全な場合は、 - alltheweb - のような検索エンジンを使ってみてください。 - @@ -2534,7 +2477,8 @@ usr.bin/ こちらの方が豊富なオプションを備え、送り側と受け側の差分だけを 転送するという rsync リモート更新プロトコルを使用するという点が異なります。 rsync を使うと、ネットワーク経由での同期を非常に高速に行なうことが可能です。 - 特に、&os; FTP サーバや CVS リポジトリのミラーサイトを作成する時に便利でしょう。 + 特に、&os; FTP サーバや CVS + リポジトリのミラーサイトを作成する時に便利でしょう。 rsync は、多くのオペレーティングシステムで 利用することができます。&os; 版は、 net/rsync の @@ -2549,8 +2493,14 @@ usr.bin/ 提供しているコレクション: - ftp: &os; FTP サーバの部分ミラー - &os;: &os; FTP サーバの全体ミラー + + ftp: &os; FTP + サーバの部分ミラー + + + &os;: &os; FTP + サーバの全体ミラー + @@ -2564,7 +2514,10 @@ usr.bin/ 提供しているコレクション: - &os;: &os; FTP サーバの全体ミラー + + &os;: &os; FTP + サーバの全体ミラー + @@ -2577,11 +2530,18 @@ usr.bin/ 提供しているコレクション: - &os;: &os; FTP サーバの全体ミラー - &os;-gnats: GNATS バグトラッキングデータベース - - &os;-Archive: &os; アーカイブ FTP サーバのミラー + &os;: &os; FTP + サーバの全体ミラー + + + + &os;-gnats: GNATS バグトラッキングデータベース + + + + &os;-Archive: &os; アーカイブ FTP + サーバのミラー @@ -2595,7 +2555,10 @@ usr.bin/ 提供しているコレクション: - &os;: &os; FTP サーバの全体ミラー + + &os;: &os; FTP + サーバの全体ミラー + @@ -2610,7 +2573,10 @@ usr.bin/ 提供しているコレクション: - &os;: &os; FTP サーバの全体ミラー + + &os;: &os; FTP + サーバの全体ミラー + @@ -2624,7 +2590,10 @@ usr.bin/ 提供しているコレクション: - ftp.freebsd.org: &os; FTP サーバの全体ミラー + + ftp.freebsd.org: &os; FTP + サーバの全体ミラー + @@ -2640,8 +2609,14 @@ usr.bin/ 提供しているコレクション: - &os;: &os; FTP サーバのマスタアーカイブ - acl: The &os; マスタ ACL リスト + + &os;: &os; FTP + サーバのマスタアーカイブ + + + + acl: The &os; マスタ ACL リスト + rsync://ftp13.FreeBSD.org/ @@ -2649,7 +2624,10 @@ usr.bin/ 提供しているコレクション: - &os;: &os; FTP サーバの全体ミラー + + &os;: &os; FTP + サーバの全体ミラー + From owner-svn-doc-all@FreeBSD.ORG Mon May 12 13:17:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0177236D; Mon, 12 May 2014 13:17:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E256624E4; Mon, 12 May 2014 13:17:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4CDHt8J031794; Mon, 12 May 2014 13:17:55 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4CDHtiU031793; Mon, 12 May 2014 13:17:55 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405121317.s4CDHtiU031793@svn.freebsd.org> From: Dru Lavigne Date: Mon, 12 May 2014 13:17:55 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44812 - head/en_US.ISO8859-1/books/handbook/mail X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 May 2014 13:17:56 -0000 Author: dru Date: Mon May 12 13:17:55 2014 New Revision: 44812 URL: http://svnweb.freebsd.org/changeset/doc/44812 Log: Move relay-domains section from Troubleshooting to Sendmail Config Files. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mail/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Mon May 12 11:17:22 2014 (r44811) +++ head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Mon May 12 13:17:55 2014 (r44812) @@ -525,6 +525,42 @@ postmaster@example.com postmast &prompt.root; service sendmail restart + + + /etc/mail/relay-domains + + In a default &os; installation, + Sendmail is configured to only + send mail from the host it is running on. For example, + if a POP server is available, users + will be able to check mail from remote locations but they + will not be able to send outgoing emails from outside + locations. Typically, a few moments after the attempt, an + email will be sent from MAILER-DAEMON + with a 5.7 Relaying Denied message. + + The most straightforward solution is to add the + ISP's FQDN to + /etc/mail/relay-domains. If multiple + addresses are needed, add them one per + line: + + your.isp.example.com +other.isp.example.net +users-isp.example.org +www.example.org + + After creating or editing this file, restart + Sendmail with + service sendmail restart. + + Now any mail sent through the system by any host in + this list, provided the user has an account on the system, + will succeed. This allows users to send mail from the + system remotely without opening the system up to relaying + SPAM from the Internet. + + @@ -862,54 +898,6 @@ machine customer.com as w the DNS for customer.com. - - - - Why do I keep getting Relaying - Denied errors when sending mail from other - hosts? - - - - In a default &os; installation, - Sendmail is configured to only - send mail from the host it is running on. For example, - if a POP server is available, users - will be able to check mail from remote locations but they - will not be able to send outgoing emails from outside - locations. Typically, a few moments after the attempt, an - email will be sent from MAILER-DAEMON - with a 5.7 Relaying Denied. - - The most straightforward solution is to add the ISP's - FQDN to /etc/mail/relay-domains, as - seen in this example: - - &prompt.root; echo "your.isp.example.com" > /etc/mail/relay-domains - - After creating or editing this file, restart - Sendmail. This works great if - the server administrator does not wish to send mail - locally, would like to use a MUA on a - remote machine, or would like to use another - ISP for remote connections. It is also - useful when there is only one or two email accounts. If - there are a large number of addresses, add them one per - line: - - your.isp.example.com -other.isp.example.net -users-isp.example.org -www.example.org - - Now any mail sent through the system by any host in - this list, provided the user has an account on the system, - will succeed. This allows users to send mail from the - system remotely without opening the system up to relaying - SPAM from the Internet. - - - From owner-svn-doc-all@FreeBSD.ORG Mon May 12 13:27:38 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BA8194E8; Mon, 12 May 2014 13:27:38 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9C18B25CF; Mon, 12 May 2014 13:27:38 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4CDRcsb036042; Mon, 12 May 2014 13:27:38 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4CDRcTh036040; Mon, 12 May 2014 13:27:38 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405121327.s4CDRcTh036040@svn.freebsd.org> From: Dru Lavigne Date: Mon, 12 May 2014 13:27:38 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44813 - in head/en_US.ISO8859-1/books: faq handbook/mail X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 May 2014 13:27:38 -0000 Author: dru Date: Mon May 12 13:27:37 2014 New Revision: 44813 URL: http://svnweb.freebsd.org/changeset/doc/44813 Log: Move loops back to itself Q/A from Troubleshooting to the FAQ. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/faq/book.xml head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Mon May 12 13:17:55 2014 (r44812) +++ head/en_US.ISO8859-1/books/faq/book.xml Mon May 12 13:27:37 2014 (r44813) @@ -2057,8 +2057,25 @@ bindkey ^[[3~ delete-char # for xterm

              - You can find a detailed answer for this question in the - Handbook. + This is answered in the Sendmail + FAQ as follows. This FAQ is recommended reading + when tweaking the mail setup. + + I'm getting these error messages: + +553 MX list for domain.net points back to relay.domain.net +554 <user@domain.net>... Local configuration error + +How can I solve this problem? + +You have asked mail to the domain (e.g., domain.net) to be +forwarded to a specific host (in this case, relay.domain.net) +by using an MX record, but the relay machine does not recognize +itself as domain.net. Add domain.net to /etc/mail/local-host-names +[known as /etc/sendmail.cw prior to version 8.10] +(if you are using FEATURE(use_cw_file)) or add Cw domain.net +to /etc/mail/sendmail.cf. Modified: head/en_US.ISO8859-1/books/handbook/mail/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Mon May 12 13:17:55 2014 (r44812) +++ head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Mon May 12 13:27:37 2014 (r44813) @@ -781,36 +781,6 @@ newaliases /usr/local/sbin/sendmail - - - Sendmail says - mail loops back to myself. - - - - This is answered in the Sendmail - FAQ as follows. This FAQ is recommended reading - when tweaking the mail setup. - - I'm getting these error messages: - -553 MX list for domain.net points back to relay.domain.net -554 <user@domain.net>... Local configuration error - -How can I solve this problem? - -You have asked mail to the domain (e.g., domain.net) to be -forwarded to a specific host (in this case, relay.domain.net) -by using an MX record, but the relay machine does not recognize -itself as domain.net. Add domain.net to /etc/mail/local-host-names -[known as /etc/sendmail.cw prior to version 8.10] -(if you are using FEATURE(use_cw_file)) or add Cw domain.net -to /etc/mail/sendmail.cf. - - - - How can I run a mail server on a dial-up PPP From owner-svn-doc-all@FreeBSD.ORG Mon May 12 14:18:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 397A8969; Mon, 12 May 2014 14:18:12 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2450B2A50; Mon, 12 May 2014 14:18:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4CEICUZ058839; Mon, 12 May 2014 14:18:12 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4CEICAc058838; Mon, 12 May 2014 14:18:12 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405121418.s4CEICAc058838@svn.freebsd.org> From: Dru Lavigne Date: Mon, 12 May 2014 14:18:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44814 - head/en_US.ISO8859-1/books/faq X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 May 2014 14:18:12 -0000 Author: dru Date: Mon May 12 14:18:11 2014 New Revision: 44814 URL: http://svnweb.freebsd.org/changeset/doc/44814 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/faq/book.xml Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Mon May 12 13:27:37 2014 (r44813) +++ head/en_US.ISO8859-1/books/faq/book.xml Mon May 12 14:18:11 2014 (r44814) @@ -21,8 +21,7 @@ ]> Frequently Asked Questions for &os; - &rel3.relx;, &rel2.relx; and &rel.relx; - + &rel3.relx;, &rel2.relx; and &rel.relx; The &os; Documentation Project @@ -70,16 +69,19 @@ $FreeBSD$ - This is the FAQ for &os; versions &rel3.relx;, &rel2.relx; and - &rel.relx;. Every effort has been made to make this FAQ as - informative as possible; if you have any suggestions as to how - it may be improved, please feel free to mail them to the + This is the FAQ for &os; versions &rel3.relx;, &rel2.relx; + and &rel.relx;. Every effort has been made to make this FAQ + as informative as possible; if you have any suggestions as to + how it may be improved, please feel free to mail them to the &a.doc;. - The latest version of - this document is always available from the &os; website. - It may also be downloaded as one large HTML file with HTTP or as a variety - of other formats from the &os; FTP + The latest version of this document is always available + from the &os; + website. It may also be downloaded as one large + HTML file with HTTP or as + a variety of other formats from the &os; FTP server. @@ -95,24 +97,26 @@ &os; is a modern operating system for desktops, - laptops, servers, and embedded systems with - support for a large number of platforms. - - It is based on U.C. - Berkeley's 4.4BSD-Lite release, with some - 4.4BSD-Lite2 enhancements. It is also based - indirectly on William Jolitz's port of U.C. Berkeley's - Net/2 to the &i386;, known as - 386BSD, though very little of the 386BSD code - remains. + laptops, servers, and embedded systems with support for a + large number of platforms. + + It is based on U.C. Berkeley's + 4.4BSD-Lite release, with some + 4.4BSD-Lite2 enhancements. It is also + based indirectly on William Jolitz's port of U.C. + Berkeley's Net/2 to the &i386;, known as + 386BSD, though very little of the 386BSD + code remains. &os; is used by companies, Internet Service Providers, - researchers, computer professionals, students and home users - all over the world in their work, education and + researchers, computer professionals, students and home + users all over the world in their work, education and recreation. For more detailed information on &os;, please see the - &os; Handbook. + &os; + Handbook. @@ -122,11 +126,9 @@ - The goal of the &os; Project is to provide a - stable and fast general purpose - operating system that may - be used for any purpose - without strings attached. + The goal of the &os; Project is to provide a stable + and fast general purpose operating system that may be used + for any purpose without strings attached. @@ -136,9 +138,11 @@ - Yes. Those restrictions do not control how you use the - code, merely how you treat the &os; Project itself. If you - have serious license concerns, read the actual license. + Yes. Those restrictions do not control how you use + the code, merely how you treat the &os; Project itself. + If you have serious license concerns, read the actual + license. For the simply curious, the license can be summarized like this. @@ -157,29 +161,29 @@ Many of us have a significant investment in the - project - and would certainly not mind a little financial + project and would certainly not mind a little financial compensation now and then, but we definitely do not insist on it. We believe that our first and foremost mission is to provide code to any and all comers, and for whatever purpose, so that the code gets - the - widest possible use and provides the widest possible - benefit. This, we believe, is one of the most - fundamental + the widest possible use and provides the widest possible + benefit. This, we believe, is one of the most fundamental goals of Free Software and one that we enthusiastically support. - Code in our source tree which falls under the - GNU General Public License (GPL) - or GNU Library General Public License (LGPL) - comes with slightly more strings attached, though at least - on the side of enforced access rather than the usual - opposite. Due to the additional complexities that can - evolve in the commercial use of GPL software, we do, - however, endeavor to replace such software with submissions - under the more relaxed &os; license - whenever possible. + Code in our source tree which falls under the GNU + General Public License (GPL) or GNU + Library General Public License (LGPL) comes with + slightly more strings attached, though at least on the + side of enforced access rather than the usual opposite. + Due to the additional complexities that can evolve in the + commercial use of GPL software, we do, however, endeavor + to replace such software with submissions under the more + relaxed &os; + license whenever possible. @@ -193,36 +197,39 @@ that cut-and-dried. Most people do not actually use an operating system. - They use applications. The applications are what really use - the operating system. &os; is designed to provide a robust - and full-featured environment for applications. It supports - a wide variety of web browsers, office suites, email - readers, graphics programs, programming environments, - network servers, and just about everything else you might - want. Most of these applications can be managed through the - Ports Collection. - - If you need to use an application that is only available - on one operating system, you simply cannot replace that - operating system. Chances are there is a very similar - application on &os;, however. If you want a solid office or - Internet server, a reliable workstation, or just the ability - to do your job without interruptions, &os; will almost - certainly do everything you need. Many computer users - across the world, including both novices and experienced - &unix; administrators, use &os; as their only desktop - operating system. + They use applications. The applications are what really + use the operating system. &os; is designed to provide a + robust and full-featured environment for applications. It + supports a wide variety of web browsers, office suites, + email readers, graphics programs, programming + environments, network servers, and just about everything + else you might want. Most of these applications can be + managed through the Ports + Collection. + + If you need to use an application that is only + available on one operating system, you simply cannot + replace that operating system. Chances are there is a + very similar application on &os;, however. If you want a + solid office or Internet server, a reliable workstation, + or just the ability to do your job without interruptions, + &os; will almost certainly do everything you need. Many + computer users across the world, including both novices + and experienced &unix; administrators, use &os; as their + only desktop operating system. If you are migrating to &os; from some other &unix; - environment, you already know most of what you need to. If - your background is in graphic-driven operating systems such - as &windows; and &macos;, you may be interested in using - PC-BSD, a &os; based - distribution, instead. If you have not used &unix; before - expect to invest - additional time learning the &unix; way of doing things. - This FAQ and the &os; Handbook - are excellent places to start. + environment, you already know most of what you need to. + If your background is in graphic-driven operating systems + such as &windows; and &macos;, you may be interested in + using PC-BSD, a &os; + based distribution, instead. If you have not used &unix; + before expect to invest additional time learning the + &unix; way of doing things. This FAQ and the &os; + Handbook are excellent places to start. @@ -241,54 +248,59 @@ Full source for the operating system is freely available, and the minimum possible restrictions have - been placed upon its use, distribution and incorporation - into other work (commercial or non-commercial). + been placed upon its use, distribution and + incorporation into other work (commercial or + non-commercial). - Anyone who has an improvement or bug fix is free to - submit their code and have it added to the source tree - (subject to one or two obvious provisions). + Anyone who has an improvement or bug fix is free + to submit their code and have it added to the source + tree (subject to one or two obvious + provisions). It is worth pointing out that the word free is being used in two ways here, one meaning at no cost, the other meaning - you can do whatever you like. Apart from one - or two things you cannot do with the - &os; code, for example pretending you wrote it, you can - really do whatever you like with it. + you can do whatever you like. Apart from + one or two things you cannot do with + the &os; code, for example pretending you wrote it, you + can really do whatever you like with it. What are the differences between &os; and NetBSD, - OpenBSD, and other open source BSD operating systems? + OpenBSD, and other open source BSD operating + systems? - James Howard wrote a good explanation of the history and - differences between the various projects, - called The BSD Family Tree - which goes a fair way to answering this question. - Some of the information is out of date, but the history - portion in particular remains accurate. + James Howard wrote a good explanation of the history + and differences between the various projects, called The + BSD Family Tree which goes a fair way to + answering this question. Some of the information is out + of date, but the history portion in particular remains + accurate. Most of the BSDs share patches and code, even today. All of the BSDs have common ancestry. - The design goals of &os; are described in - , above. The design goals - of the other most popular BSDs may be summarized as + The design goals of &os; are described in , above. The design goals of + the other most popular BSDs may be summarized as follows: OpenBSD aims for operating system security above all else. The OpenBSD team wrote &man.ssh.1; and - &man.pf.4;, which have both been ported to &os;. + &man.pf.4;, which have both been ported to + &os;. @@ -297,9 +309,9 @@ - DragonFly BSD is a fork of &os; 4.8 that has - since developed many interesting features of its own, - including the HAMMER file system and support for + DragonFly BSD is a fork of &os; 4.8 that + has since developed many interesting features of its + own, including the HAMMER file system and support for user-mode vkernels. @@ -313,48 +325,51 @@ At any point in the development of &os;, there can be - multiple parallel branches. &rel.relx; releases are - made from the &rel.stable; branch, and &rel2.relx; - releases are made from the &rel2.stable; branch. - - Up until the release of 9.0, the - &rel2.relx; series was the one known as - -STABLE. However, as of - &rel.head.relx;, the - &rel2.relx; branch will be designated for - an extended support status and receive only - fixes for major problems, such as security-related fixes. + multiple parallel branches. &rel.relx; releases are made + from the &rel.stable; branch, and &rel2.relx; releases are + made from the &rel2.stable; branch. + + Up until the release of 9.0, the &rel2.relx; series + was the one known as -STABLE. + However, as of &rel.head.relx;, the &rel2.relx; branch + will be designated for an extended support + status and receive only fixes for major problems, such as + security-related fixes. - Version &rel.current; - is the latest release from the &rel.stable; - branch; it was released in &rel.current.date;. Version - &rel2.current; - is the latest release from the &rel2.stable; - branch; it was released in &rel2.current.date;. + Version &rel.current; + is the latest release from the &rel.stable; branch; it was + released in &rel.current.date;. Version &rel2.current; + is the latest release from the &rel2.stable; branch; it + was released in &rel2.current.date;. Briefly, -STABLE is aimed at the ISP, corporate user, or any user who wants stability and a - minimal number of changes compared to the new (and possibly - unstable) features of the latest + minimal number of changes compared to the new (and + possibly unstable) features of the latest -CURRENT snapshot. Releases can come - from either branch, but -CURRENT should - only be used if you are prepared for its increased + from either branch, but -CURRENT + should only be used if you are prepared for its increased volatility (relative to -STABLE, that is). - Releases are made every few months. While - many people stay more up-to-date with the &os; sources (see - the questions on &os.current; and &os.stable;) than that, doing so + Releases are made every + few months. While many people stay more + up-to-date with the &os; sources (see the questions on + &os.current; and &os.stable;) than that, doing so is more of a commitment, as the sources are a moving target. More information on &os; releases can be found on the - Release Engineering page - and in &man.release.7;. + Release + Engineering page and in &man.release.7;. @@ -364,22 +379,26 @@ - &os.current; + &os.current; is the development version of the operating system, which will in due course become the new &os.stable; branch. As - such, it is really only of interest to developers working on - the system and die-hard hobbyists. See the relevant section - in the Handbook for - details on running -CURRENT. + such, it is really only of interest to developers working + on the system and die-hard hobbyists. See the relevant + section in the Handbook + for details on running + -CURRENT. - If you are not familiar with &os; - you should not use + If you are not familiar with &os; you should not use &os.current;. This branch sometimes evolves quite quickly - and due to mistake can be un-buildable at times. - People that use &os.current; are expected to be able to - analyze, debug, and report problems. + and due to mistake can be un-buildable at times. People + that use &os.current; are expected to be able to analyze, + debug, and report problems. - &os; snapshot + &os; snapshot releases are made based on the current state of the -CURRENT and -STABLE branches. The goals behind @@ -395,32 +414,34 @@ To give people who would like to run -CURRENT or -STABLE but who do not have the - time or bandwidth to follow it on a day-to-day basis an - easy way of bootstrapping it onto their systems. + time or bandwidth to follow it on a day-to-day basis + an easy way of bootstrapping it onto their + systems. - To preserve a fixed reference point for the code in - question, just in case we break something really badly - later. (Although Subversion normally prevents anything - horrible like this happening.) + To preserve a fixed reference point for the code + in question, just in case we break something really + badly later. (Although Subversion normally prevents + anything horrible like this happening.) - To ensure that all new features and fixes in need of - testing have the greatest possible number of potential - testers. + To ensure that all new features and fixes in need + of testing have the greatest possible number of + potential testers. No claims are made that any -CURRENT snapshot can be considered production quality for any purpose. If you - want to run a stable and fully tested system, you will have - to stick to full releases, or use the + want to run a stable and fully tested system, you will + have to stick to full releases, or use the -STABLE snapshots. - Snapshot releases are directly available from snapshot. + Snapshot releases are directly available from snapshot. Official snapshots are generated on a regular basis for all actively developed branches. @@ -434,30 +455,38 @@ - Back when &os; 2.0.5 was released, &os; development - branched in two. One branch was named -STABLE, - one -CURRENT. + Back when &os; 2.0.5 was released, &os; + development branched in two. One branch was named -STABLE, + one -CURRENT. &os;-STABLE is intended for Internet - Service Providers and other commercial enterprises for whom - sudden shifts or experimental features are quite + Service Providers and other commercial enterprises for + whom sudden shifts or experimental features are quite undesirable. It receives only well-tested bug fixes and other small incremental enhancements. &os;-CURRENT, on the other hand, has been one unbroken line since 2.0 was released, leading - towards &rel.current;-RELEASE and beyond. For more detailed - information on branches see &os; Release Engineering: Creating the Release Branch, - the status of the branches and the upcoming release schedule - can be found on the Release Engineering Information page. + towards &rel.current;-RELEASE and beyond. For more + detailed information on branches see &os; + Release Engineering: Creating the Release + Branch, the status of the branches and + the upcoming release schedule can be found on the Release + Engineering Information page. &rel.current;-STABLE is the actively developed - -STABLE branch. The latest release on - the &rel.current;-STABLE branch is &rel.current;-RELEASE, - which was released in &rel.current.date;. + -STABLE branch. The latest release + on the &rel.current;-STABLE branch is + &rel.current;-RELEASE, which was released in + &rel.current.date;. The &rel.head; branch is the actively developed -CURRENT branch toward the next - generation of &os;. See What is &os;-CURRENT? for more - information on this branch. + generation of &os;. See What is + &os;-CURRENT? for more information on this + branch. @@ -468,24 +497,26 @@ The &a.re; releases a new major version of &os; about - every 18 months and a new minor version about every 8 months, - on average. Release dates are announced well in advance, so - that the people working on the system know when their - projects need to be finished and tested. A testing period - precedes each release, to ensure that the addition - of new features does not compromise the stability of the - release. Many users regard this caution as one of the best - things about &os;, even though waiting for all the latest - goodies to reach -STABLE can be a - little frustrating. + every 18 months and a new minor version about every 8 + months, on average. Release dates are announced well in + advance, so that the people working on the system know + when their projects need to be finished and tested. A + testing period precedes each release, to ensure that the + addition of new features does not compromise the stability + of the release. Many users regard this caution as one of + the best things about &os;, even though waiting for all + the latest goodies to reach -STABLE + can be a little frustrating. More information on the release engineering process - (including a schedule of upcoming releases) can be found on - the release engineering - pages on the &os; Web site. + (including a schedule of upcoming releases) can be found + on the release + engineering pages on the &os; Web site. For people who need or want a little more excitement, - binary snapshots are made weekly as discussed above. + binary snapshots are made weekly as discussed + above. @@ -497,16 +528,18 @@ The key decisions concerning the &os; project, such as the overall direction of the project and who is allowed to - add code to the source tree, are made by a core team of - 9 people. There is a much larger team of more than 350 - committers + add code to the source tree, are made by a core + team of 9 people. There is a much larger team of + more than 350 committers who are authorized to make changes directly to the &os; source tree. However, most non-trivial changes are discussed in - advance in the mailing lists, - and there are no restrictions on who may take part in the - discussion. + advance in the mailing + lists, and there are no restrictions on who may + take part in the discussion. @@ -517,29 +550,40 @@ Every significant release of &os; is available via - anonymous FTP from the &os; FTP site: + anonymous FTP from the &os; + FTP site: - The latest &rel.stable; release, &rel.current;-RELEASE - can be found in the &rel.current;-RELEASE directory. + The latest &rel.stable; release, + &rel.current;-RELEASE can be found in the &rel.current;-RELEASE + directory. - Snapshot - releases are made monthly for the -CURRENT and -STABLE branch, these being of - service purely to bleeding-edge testers and + Snapshot + releases are made monthly for the -CURRENT and -STABLE branch, these being + of service purely to bleeding-edge testers and developers. - The latest &rel2.stable; release, &rel2.current;-RELEASE - can be found in the &rel2.current;-RELEASE directory. + The latest &rel2.stable; release, + &rel2.current;-RELEASE can be found in the &rel2.current;-RELEASE + directory. Information about obtaining &os; on CD, DVD, and other - media can be found in the Handbook. + media can be found in the + Handbook. @@ -549,18 +593,22 @@ - The Problem Report database of all user change requests - may be queried by using our web-based PR query + The Problem Report database of all user change + requests may be queried by using our web-based PR query interface. The &man.send-pr.1; command can be used to submit problem reports and change requests via electronic mail. - Alternatively, the web-based problem report submission interface - can be used to submit problem reports through a web - browser. - - Before submitting a problem report, please read Writing &os; Problem Reports, - an article on how to write good problem reports. + Alternatively, the web-based + problem report submission interface can be used + to submit problem reports through a web browser. + + Before submitting a problem report, please read Writing + &os; Problem Reports, an article on how to write + good problem reports. @@ -577,22 +625,28 @@ The project produces a wide range of documentation, - available online from this link: http://www.FreeBSD.org/docs.html. In addition, the Bibliography at the end of this - FAQ, and the one in the Handbook - reference other recommended books. + available online from this link: http://www.FreeBSD.org/docs.html. + In addition, the Bibliography at the + end of this FAQ, and the + one in the Handbook reference other recommended + books. - Is the documentation available in other formats, such as - plain text (ASCII), or &postscript;? + Is the documentation available in other formats, such + as plain text (ASCII), or &postscript;? Yes. The documentation is available in a number of different formats and compression schemes on the &os; FTP - site, in the /pub/FreeBSD/doc/ + site, in the /pub/FreeBSD/doc/ directory. The documentation is categorized in a number of @@ -600,8 +654,9 @@ - The document's name, such as faq, - or handbook. + The document's name, such as + faq, or + handbook. @@ -685,7 +740,8 @@ mn_MN.UTF-8 - Mongolian (Mongolia, UTF-8 encoding) + Mongolian (Mongolia, UTF-8 + encoding) @@ -740,7 +796,8 @@ zh_TW.Big5 - Traditional Chinese (Taiwan, Big5 encoding) + Traditional Chinese (Taiwan, Big5 + encoding) @@ -753,16 +810,17 @@ - The document's format. We produce the documentation - in a number of different output formats. Each format - has its own advantages and disadvantages. Some formats - are better suited for online reading, while others are - meant to be aesthetically pleasing when printed on - paper. Having the documentation available in any of - these formats ensures that our readers will be able to - read the parts they are interested in, either on their - monitor, or on paper after printing the documents. The - currently available formats are: + The document's format. We produce the + documentation in a number of different output formats. + Each format has its own advantages and disadvantages. + Some formats are better suited for online reading, + while others are meant to be aesthetically pleasing + when printed on paper. Having the documentation + available in any of these formats ensures that our + readers will be able to read the parts they are + interested in, either on their monitor, or on paper + after printing the documents. The currently available + formats are: @@ -818,8 +876,10 @@ Page numbers are not automatically updated when - loading Rich Text Format into Word. Press CtrlA, - CtrlEnd, + loading Rich Text Format into Word. Press CtrlA, + CtrlEnd, F9 after loading the document, to update the page numbers. @@ -831,17 +891,17 @@ Where the format is - html-split, the files are bundled - up using &man.tar.1;. The resulting + html-split, the files are + bundled up using &man.tar.1;. The resulting .tar file is then compressed using the compression schemes detailed in the next point. - All the other formats generate one file, called - type.format - (i.e., article.pdf, + All the other formats generate one file, + called type.format (i.e., + article.pdf, book.html, and so on). These files are then compressed using either @@ -851,24 +911,25 @@ files. So the &postscript; version of the Handbook, - compressed using bzip2 will be stored in a file - called book.ps.bz2 in the + compressed using bzip2 will be + stored in a file called + book.ps.bz2 in the handbook/ directory. - After choosing the format and compression mechanism that - you want to download, you will have to download the compressed - files yourself, uncompress them, and then copy the - appropriate documents into place. + After choosing the format and compression mechanism + that you want to download, you will have to download the + compressed files yourself, uncompress them, and then copy + the appropriate documents into place. For example, the split HTML version of the FAQ, compressed using &man.bzip2.1;, can be found in doc/en_US.ISO8859-1/books/faq/book.html-split.tar.bz2 - To download and uncompress that file you would have - to do this: + To download and uncompress that file you would have to do + this: &prompt.root; fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/doc/en_US.ISO8859-1/books/faq/book.html-split.tar.bz2 &prompt.root; tar xvf book.html-split.tar.bz2 @@ -887,13 +948,16 @@ - Where do I find info on the &os; mailing lists? - What &os; news groups are available? + Where do I find info on the &os; mailing lists? What + &os; news groups are available? - You can find full information in the Handbook entry on mailing-lists - and the Handbook entry on newsgroups. + You can find full information in the Handbook + entry on mailing-lists and the Handbook + entry on newsgroups. @@ -909,70 +973,79 @@ - Channel #FreeBSDhelp on EFNet is - a channel dedicated to helping &os; users. They are - much more sympathetic to questions than + Channel #FreeBSDhelp on EFNet + is a channel dedicated to helping &os; users. They + are much more sympathetic to questions than #FreeBSD is. - Channel #FreeBSD on Freenode is a - general help channel with many users at any time. - The conversations have been known to run off-topic for a - while, but priority is given to users with &os; - questions. We are good about helping you understand the - basics, referring to the Handbook whenever possible, and - directing you where to learn more about the topic you - need help with. We are a primarily English speaking - channel, though we have users from all over the world. - If you would like to speak in your native language, try - to ask the question in English and then relocate to - another channel - ##freebsd-lang - as appropriate. + Channel #FreeBSD on Freenode is + a general help channel with many users at any time. + The conversations have been known to run off-topic for + a while, but priority is given to users with &os; + questions. We are good about helping you understand + the basics, referring to the Handbook whenever + possible, and directing you where to learn more about + the topic you need help with. We are a primarily + English speaking channel, though we have users from + all over the world. If you would like to speak in + your native language, try to ask the question in + English and then relocate to another channel + ##freebsd-lang as + appropriate. - Channel #FreeBSD on DALNET is available at - irc.dal.net in the US and - irc.eu.dal.net in Europe. + Channel #FreeBSD on DALNET is + available at irc.dal.net in + the US and irc.eu.dal.net in + Europe. - Channel #FreeBSD on UNDERNET is - available at us.undernet.org in the US - and eu.undernet.org in Europe. Since - it is a help channel, be prepared to read the documents - you are referred to. + Channel #FreeBSD on UNDERNET + is available at + us.undernet.org in the US and + eu.undernet.org in Europe. + Since it is a help channel, be prepared to read the + documents you are referred to. - Channel #FreeBSD on - RUSNET - is a russian-language oriented channel dedicated - to helping &os; users. This is also good place - for non-technical discussions. + Channel #FreeBSD on RUSNET + is a russian-language oriented channel dedicated to + helping &os; users. This is also good place for + non-technical discussions. - Channel #bsdchat on Freenode is a - Traditional-Chinese (UTF-8 encoding) language oriented - channel dedicated to helping &os; users. This is also - good place for non-technical discussions. + Channel #bsdchat on Freenode is + a Traditional-Chinese (UTF-8 encoding) language + oriented channel dedicated to helping &os; users. + This is also good place for non-technical + discussions. - The &os; wiki has a good list - of IRC channels. + The &os; wiki has a good + list of IRC channels. Each of these channels are distinct and are not - connected to each other. Their chat styles also differ, so - you may need to try each to find one suited to your chat - style. As with all types of IRC - traffic, if you are easily offended or cannot deal with lots - of young people (and more than a few older ones) doing the - verbal equivalent of jello wrestling, do not even bother - with it. + connected to each other. Their chat styles also differ, + so you may need to try each to find one suited to your + chat style. As with all types of IRC + traffic, if you are easily offended or cannot deal with + lots of young people (and more than a few older ones) + doing the verbal equivalent of jello wrestling, do not + even bother with it. @@ -981,7 +1054,8 @@ Are there any web based forums to discuss &os;? - The official &os; forums are located at http://forums.FreeBSD.org/. + The official &os; forums are located at http://forums.FreeBSD.org/. @@ -992,14 +1066,21 @@ *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Mon May 12 14:41:46 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 901C6F21; Mon, 12 May 2014 14:41:46 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 623872CBD; Mon, 12 May 2014 14:41:46 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4CEfkkY070924; Mon, 12 May 2014 14:41:46 GMT (envelope-from rene@svn.freebsd.org) Received: (from rene@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4CEfkMX070923; Mon, 12 May 2014 14:41:46 GMT (envelope-from rene@svn.freebsd.org) Message-Id: <201405121441.s4CEfkMX070923@svn.freebsd.org> From: Rene Ladan Date: Mon, 12 May 2014 14:41:46 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44815 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 May 2014 14:41:46 -0000 Author: rene Date: Mon May 12 14:41:45 2014 New Revision: 44815 URL: http://svnweb.freebsd.org/changeset/doc/44815 Log: Mention that OpenSSL is provided both by the base system and as a port, describe the knobs to set to select either version. This was formerly part of a section in the Porters Handbook about knobs, which was removed in r44808 Reviewed by: mat Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Mon May 12 14:18:11 2014 (r44814) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Mon May 12 14:41:45 2014 (r44815) @@ -1825,12 +1825,27 @@ kadmind5_server_enable="YES"www/apache24 and databases/postgresql91-server, include a compile option for building with - OpenSSL. If selected, the port will - add support using the security/openssl port. - To instead have the port compile against the built in version of - OpenSSL, include - WITH_OPENSSL_BASE when compiling in - OpenSSL support. + OpenSSL. + + &os; provides two versions of + OpenSSL: one in the base system and + one in the Ports Collection. Users can choose which version to + use by default for other ports using the following knobs: + + + + WITH_OPENSSL_PORT: when set, the port will use + OpenSSL from the + security/openssl port, even if the + version in the base system is up to date or newer. + + + + WITH_OPENSSL_BASE: when set, the port will compile + against OpenSSL provided by the + base system. + + Another common use of OpenSSL is to provide certificates for use with software applications. From owner-svn-doc-all@FreeBSD.ORG Mon May 12 15:15:45 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 16BD68A4; Mon, 12 May 2014 15:15:45 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0238B2004; Mon, 12 May 2014 15:15:45 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4CFFiuJ085144; Mon, 12 May 2014 15:15:44 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4CFFi6q085143; Mon, 12 May 2014 15:15:44 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405121515.s4CFFi6q085143@svn.freebsd.org> From: Dru Lavigne Date: Mon, 12 May 2014 15:15:44 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44816 - head/en_US.ISO8859-1/books/faq X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 May 2014 15:15:45 -0000 Author: dru Date: Mon May 12 15:15:44 2014 New Revision: 44816 URL: http://svnweb.freebsd.org/changeset/doc/44816 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/faq/book.xml Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Mon May 12 14:41:45 2014 (r44815) +++ head/en_US.ISO8859-1/books/faq/book.xml Mon May 12 15:15:44 2014 (r44816) @@ -1090,7 +1090,8 @@               - Installation + + Installation NikClayton
              nik@FreeBSD.org
              @@ -1409,12 +1410,14 @@ Memory limits depend on the platform used. On a standard &i386; install, the limit is 4 GB but more - memory can be supported through &man.pae.4;. See instructions for using 4 GB or more memory on &i386;. + memory can be supported through &man.pae.4;. See instructions for using + 4 GB or more memory on &i386;. &os;/pc98 has a limit of 4 GB memory, and PAE can - not be used with it. Other architectures supported by &os; - have much higher theoretical limits on maximum memory (many - terabytes). + not be used with it. Other architectures supported by + &os; have much higher theoretical limits on maximum memory + (many terabytes). @@ -1424,44 +1427,47 @@ - For FFS file systems, the largest file system is practically - limited by the amount of memory required to &man.fsck.8; the file - system. &man.fsck.8; requires one bit per fragment, which with - the default fragment size of 4 KB equates to 32 MB - of memory per TB of disk. This does mean that on architectures - which limit userland processes to 2 GB (e.g., &i386;), - the maximum &man.fsck.8;'able filesystem is ~60 TB. - - If there was not a &man.fsck.8; memory limit the maximum - filesystem size would be 2 ^ 64 (blocks) * 32 KB - => 16 Exa * 32 KB => 512 ZettaBytes. + For FFS file systems, the largest file system is + practically limited by the amount of memory required to + &man.fsck.8; the file system. &man.fsck.8; requires one + bit per fragment, which with the default fragment size of + 4 KB equates to 32 MB of memory per TB of disk. + This does mean that on architectures which limit userland + processes to 2 GB (e.g., &i386;), the maximum + &man.fsck.8;'able filesystem is ~60 TB. + + If there was not a &man.fsck.8; memory limit the + maximum filesystem size would be 2 ^ 64 (blocks) + * 32 KB => 16 Exa * 32 KB => 512 + ZettaBytes. The maximum size of a single FFS file is approximately 2 PB with the default block size of 32 KB. Each 32 KB block can point to 4096 blocks. With triple indirect blocks, the calculation is 32 KB * 12 + 32 KB * 4096 + 32 KB * 4096^2 + 32 KB * - 4096^3. Increasing the block size to 64 KB will increase - the max file size by a factor of 16. + 4096^3. Increasing the block size to 64 KB will + increase the max file size by a factor of 16. - Why do I get an error message, - readin failed after compiling - and booting a new kernel? + Why do I get an error message, readin + failed after compiling and booting a new + kernel? - Because your world and kernel are out of sync. This is - not supported. Be sure you use make buildworld - and make buildkernel - to update your kernel. + Because your world and kernel are out of sync. This + is not supported. Be sure you use make + buildworld and make + buildkernel to update your kernel. You can boot by specifying the kernel directly at the - second stage, pressing any key when the | - shows up before loader is started. + second stage, pressing any key when the + | shows up before loader is + started. @@ -1491,8 +1497,8 @@ - I want to get a piece of hardware for my &os; system. - Which model/brand/type is best? + I want to get a piece of hardware for my &os; + system. Which model/brand/type is best? @@ -1500,36 +1506,41 @@ lists. Since hardware changes so quickly, however, we expect this. We still strongly recommend that you read through the Hardware Notes - for &os; &rel.current; or - &rel2.current; and - search the mailing list archives + for &os; &rel.current; + or &rel2.current; + and search the mailing list archives before asking about the latest and greatest hardware. Chances are a discussion about the type of hardware you are looking for took place just last week. - If you are looking for a laptop, check the &a.mobile; - archives. Otherwise, you probably want the archives for - the &a.questions;, or possibly a specific mailing list for - a particular hardware type. + If you are looking for a laptop, check the + &a.mobile; archives. Otherwise, you probably want the + archives for the &a.questions;, or possibly a specific + mailing list for a particular hardware type. - Does &os; support more than 4 GB of memory (RAM)? - More than 16 GB? More than 48 GB? + Does &os; support more than 4 GB of memory + (RAM)? More than 16 GB? More than + 48 GB? Yes. &os; as an operating system generally supports - as much physical memory (RAM) as the platform it is running - on does. Keep in mind that different platforms have - different limits for memory; for example &i386; without - PAE supports at most 4 GB of - memory (and usually less than that because of PCI address - space) and &i386; with PAE supports at most 64 GB - memory. AMD64 platforms currently deployed support up to - 1 TB of physical memory. + as much physical memory (RAM) as the platform it is + running on does. Keep in mind that different platforms + have different limits for memory; for example &i386; + without PAE supports at most + 4 GB of memory (and usually less than that because + of PCI address space) and &i386; with PAE supports at + most 64 GB memory. AMD64 platforms currently + deployed support up to 1 TB of physical + memory. @@ -1540,53 +1551,55 @@ - The total address space on &i386; machines is 32-bit, - meaning that at most 4 GB of memory is addressable (can - be accessed). Furthermore, some addresses in this range - are reserved by hardware for different purposes, for - example for using and controlling PCI devices, for - accessing video memory, and so on. Therefore, the total - amount of memory usable by the operating system for its - kernel and applications is limited to significantly less - than 4 GB. Usually, 3.2 GB to 3.7 GB is - the maximum usable physical memory in this - configuration. + The total address space on &i386; machines is + 32-bit, meaning that at most 4 GB of memory is + addressable (can be accessed). Furthermore, some + addresses in this range are reserved by hardware for + different purposes, for example for using and + controlling PCI devices, for accessing video memory, and + so on. Therefore, the total amount of memory usable by + the operating system for its kernel and applications is + limited to significantly less than 4 GB. Usually, + 3.2 GB to 3.7 GB is the maximum usable + physical memory in this configuration. To access more than 3.2 GB to 3.7 GB of - installed memory (meaning up to 4 GB but also more than - 4 GB), a special tweak called PAE - must be used. PAE stands for Physical Address Extension - and is a way for 32-bit x86 CPUs to address more than - 4 GB of memory. It remaps the memory that would - otherwise be overlaid by address reservations for - hardware devices above the 4 GB range and uses it as - additional physical memory (see &man.pae.4;). Using PAE - has some drawbacks; this mode of memory access is a little - bit slower than the normal (without PAE) mode and loadable - modules (see &man.kld.4;) are not supported. This means - all drivers must be compiled into the kernel. + installed memory (meaning up to 4 GB but also more + than 4 GB), a special tweak called + PAE must be used. PAE stands for + Physical Address Extension and is a way for 32-bit x86 + CPUs to address more than 4 GB of memory. It + remaps the memory that would otherwise be overlaid by + address reservations for hardware devices above the + 4 GB range and uses it as additional physical + memory (see &man.pae.4;). Using PAE has some drawbacks; + this mode of memory access is a little bit slower than + the normal (without PAE) mode and loadable modules (see + &man.kld.4;) are not supported. This means all drivers + must be compiled into the kernel. The most common way to enable PAE is to build a new - kernel with the special ready-provided kernel configuration - file called PAE, which is already - configured to build a safe kernel. Note that some entries - in this kernel configuration file are too conservative and - some drivers marked as unready to be used with PAE are - actually usable. A rule of thumb is that if the driver is - usable on 64-bit architectures (like AMD64), it is also - usable with PAE. If you wish to create your own kernel - configuration file, you can enable PAE by adding the - following line to your configuration: + kernel with the special ready-provided kernel + configuration file called PAE, + which is already configured to build a safe kernel. + Note that some entries in this kernel configuration file + are too conservative and some drivers marked as unready + to be used with PAE are actually usable. A rule of + thumb is that if the driver is usable on 64-bit + architectures (like AMD64), it is also usable with PAE. + If you wish to create your own kernel configuration + file, you can enable PAE by adding the following line to + your configuration: options PAE PAE is not much used nowadays because most new x86 hardware also supports running in 64-bit mode, known as AMD64 or &intel; 64. It has a much larger address - space and does not need such tweaks. &os; supports AMD64 - and it is recommended that this version of &os; be used - instead of the &i386; version if 4 GB or more memory - is required. + space and does not need such tweaks. &os; supports + AMD64 and it is recommended that this version of &os; be + used instead of the &i386; version if 4 GB or more + memory is required. @@ -1604,15 +1617,17 @@ Yes. &os; divides support into multiple tiers. - Tier 1 architectures, such as i386 or amd64; are - fully supported. Tiers 2 and 3 are supported on an + Tier 1 architectures, such as i386 or amd64; are fully + supported. Tiers 2 and 3 are supported on an if-possible basis. A full explanation of the tier - system is available in the - Committer's Guide. + system is available in the Committer's + Guide. A complete list of supported architectures can be - found on the - platforms page. + found on the platforms + page. @@ -1625,11 +1640,11 @@ &os; supports symmetric multi-processor (SMP) on all non-embedded platforms (e.g, &arch.i386;, &arch.amd64;, - etc.). SMP is also - supported in arm and MIPS kernels, although some CPUs - may not support this. &os;'s SMP implementation uses - fine-grained locking, and performance scales nearly - linearly with number of CPUs. + etc.). SMP is also supported in arm and MIPS kernels, + although some CPUs may not support this. &os;'s SMP + implementation uses fine-grained locking, and + performance scales nearly linearly with number of + CPUs. &man.smp.4; has more details. @@ -1644,10 +1659,12 @@ Microcode is a method of programmatically implementing hardware level instructions. This allows - for CPU bugs to be fixed without replacing the on board chip. + for CPU bugs to be fixed without replacing the on board + chip. Install sysutils/devcpu-data, then add: + microcode_update_enable="YES" to /etc/rc.conf @@ -1666,12 +1683,13 @@ - &os; supports EIDE, SATA, SCSI, and SAS drives (with a - compatible controller; see the next section), and all + &os; supports EIDE, SATA, SCSI, and SAS drives (with + a compatible controller; see the next section), and all drives using the original Western Digital - interface (MFM, RLL, ESDI, and of course IDE). A few ESDI - controllers that use proprietary interfaces may not work: - stick to WD1002/3/6/7 interfaces and clones. + interface (MFM, RLL, ESDI, and of course IDE). A few + ESDI controllers that use proprietary interfaces may not + work: stick to WD1002/3/6/7 interfaces and + clones. @@ -1682,8 +1700,10 @@ See the complete list in the Hardware Notes for &os; - &rel.current; - or &rel2.current;. + &rel.current; + or &rel2.current;. @@ -1693,7 +1713,8 @@ - &os; supports all standard SCSI tape interfaces. + &os; supports all standard SCSI tape + interfaces. @@ -1703,17 +1724,18 @@ - &os; supports SCSI changers using the &man.ch.4; device - and the &man.chio.1; command. The details of how you - actually control the changer can be found in the + &os; supports SCSI changers using the &man.ch.4; + device and the &man.chio.1; command. The details of how + you actually control the changer can be found in the &man.chio.1; manual page. - If you are not using AMANDA - or some other product that already understands changers, - remember that they only know how to move a tape from one - point to another, so you need to keep track of which slot a - tape is in, and which slot the tape currently in the drive - needs to go back to. + If you are not using + AMANDA or some other product + that already understands changers, remember that they + only know how to move a tape from one point to another, + so you need to keep track of which slot a tape is in, + and which slot the tape currently in the drive needs to + go back to. @@ -1723,8 +1745,8 @@ - Any SCSI drive connected to a supported controller is - supported. Most ATAPI compatible IDE CD-ROMs are + Any SCSI drive connected to a supported controller + is supported. Most ATAPI compatible IDE CD-ROMs are supported. @@ -1739,10 +1761,10 @@ drive. See &man.burncd.8; for details. &os; also supports any SCSI CD-R or CD-RW drives. - Install and use cdrecord - from the ports or packages system, and make sure that you - have the pass device compiled in - your kernel. + Install and use cdrecord from the + ports or packages system, and make sure that you have + the pass device compiled in your + kernel. @@ -1754,8 +1776,8 @@ - Is it possible to use a mouse in any way outside the X - Window system? + Is it possible to use a mouse in any way outside the + X Window system? @@ -1774,8 +1796,8 @@ automatically determine the protocol type of most mice, except old serial mice. Specify the auto protocol to invoke automatic - detection. If automatic detection does not work, see the - &man.moused.8; manual page for a list of supported + detection. If automatic detection does not work, see + the &man.moused.8; manual page for a list of supported protocol types. If you have a PS/2 mouse, just add @@ -1783,14 +1805,15 @@ /etc/rc.conf to start the mouse daemon at boot-time. Additionally, if you would like to use the mouse daemon on all virtual terminals instead of - just the console, add - allscreens_flags="-m on" to + just the console, add allscreens_flags="-m + on" to /etc/rc.conf. - When the mouse daemon is running, access to the mouse - must be coordinated between the mouse daemon and other - programs such as X Windows. Refer to the FAQ Why does my mouse not work with X? - for more details on this issue. + When the mouse daemon is running, access to the + mouse must be coordinated between the mouse daemon and + other programs such as X Windows. Refer to the FAQ + Why does my mouse not work + with X? for more details on this issue. @@ -1804,14 +1827,13 @@ It is not possible to remove data using the mouse. However, it is possible to copy and paste. - Once you get the mouse daemon running (see the - previous question) - hold down - button 1 (left button) and move the mouse to select a region - of text. Then, press button 2 (middle button) to paste - it at the text cursor. Pressing button 3 (right button) - will extend the selected region of - text. + Once you get the mouse daemon running (see the previous question) hold down + button 1 (left button) and move the mouse to select a + region of text. Then, press button 2 (middle button) to + paste it at the text cursor. Pressing button 3 (right + button) will extend the selected region + of text. If your mouse does not have a middle button, you may wish to emulate one or remap buttons using mouse daemon @@ -1835,7 +1857,8 @@ two, or three button mouse. For the possible usage of wheels in the X Window - environment, refer to that section. + environment, refer to that section. @@ -1847,20 +1870,22 @@ For the Bourne Shell, add - the following lines to your .shrc. See - &man.sh.1; and &man.editrc.5;. + the following lines to your .shrc. + See &man.sh.1; and &man.editrc.5;. bind ^? ed-delete-next-char # for console bind ^[[3~ ed-delete-next-char # for xterm For the C Shell, add the - following lines to your .cshrc. See - &man.csh.1;. + following lines to your .cshrc. + See &man.csh.1;. bindkey ^? delete-char # for console bindkey ^[[3~ delete-char # for xterm - For more information, see this page. + For more information, see this + page. @@ -1877,9 +1902,9 @@ bindkey ^[[3~ delete-char # for xterm

              - Some sound cards set their output volume to 0 at every - boot. Run the following command every time the machine - boots: + Some sound cards set their output volume to 0 at + every boot. Run the following command every time the + machine boots: &prompt.root; mixer pcm 100 vol 100 cd 100 @@ -1892,9 +1917,9 @@ bindkey ^[[3~ delete-char # for xterm

              - &os; supports the ACPI - features found in modern hardware. Further - information can be found in &man.acpi.4;. + &os; supports the ACPI features + found in modern hardware. Further information can be + found in &man.acpi.4;. @@ -1907,44 +1932,47 @@ bindkey ^[[3~ delete-char # for xterm

              - Why is &os; finding the wrong amount of memory on &i386; - hardware? + Why is &os; finding the wrong amount of memory on + &i386; hardware? The most likely reason is the difference between physical memory addresses and virtual addresses. - The convention for most PC hardware is to use the memory - area between 3.5 GB and 4 GB for a special purpose - (usually for PCI). This address space is used to access PCI - hardware. As a result real, physical memory can not be - accessed by that address space. + The convention for most PC hardware is to use the + memory area between 3.5 GB and 4 GB for a + special purpose (usually for PCI). This address space is + used to access PCI hardware. As a result real, physical + memory can not be accessed by that address space. What happens to the memory that should appear in that - location is dependent on your hardware. Unfortunately, some - hardware does nothing and the ability to use that last - 500 MB of RAM is entirely lost. + location is dependent on your hardware. Unfortunately, + some hardware does nothing and the ability to use that + last 500 MB of RAM is entirely lost. Luckily, most hardware remaps the memory to a higher location so that it can still be used. However, this can - cause some confusion if you watch the boot messages. + cause some confusion if you watch the boot + messages. - On a 32-bit version of &os;, the memory appears - lost, since it will be remapped above 4 GB, which a - 32-bit kernel is unable to access. In this case, the - solution is to build a PAE enabled kernel. See the entry on memory limits - and about different - memory limits on different platforms for more + On a 32-bit version of &os;, the memory appears lost, + since it will be remapped above 4 GB, which a 32-bit + kernel is unable to access. In this case, the solution is + to build a PAE enabled kernel. See the entry on memory + limits and about different memory + limits on different platforms for more information. On a 64-bit version of &os;, or when running a - PAE-enabled kernel, &os; will correctly detect and remap the - memory so it is usable. During boot, however, it may seem - as if &os; is detecting more memory than the system really - has, due to the described remapping. This is normal and the - available memory will be corrected as the boot process - completes. + PAE-enabled kernel, &os; will correctly detect and remap + the memory so it is usable. During boot, however, it may + seem as if &os; is detecting more memory than the system + really has, due to the described remapping. This is + normal and the available memory will be corrected as the + boot process completes. @@ -1956,10 +1984,10 @@ bindkey ^[[3~ delete-char # for xterm

              Signal 11 errors are caused when your process has - attempted to access memory which the operating system has not - granted it access to. If something like this is happening - at seemingly random intervals then you need to start - investigating things very carefully. + attempted to access memory which the operating system has + not granted it access to. If something like this is + happening at seemingly random intervals then you need to + start investigating things very carefully. These problems can usually be attributed to either: @@ -1973,34 +2001,34 @@ bindkey ^[[3~ delete-char # for xterm

              If it is a problem with part of the base &os; - system, it may also be buggy code, but more often than not - these problems are found and fixed long before us - general FAQ readers get to use these bits of code (that - is what -CURRENT is for). + system, it may also be buggy code, but more often than + not these problems are found and fixed long before us + general FAQ readers get to use these bits of code + (that is what -CURRENT is for). In particular, a dead giveaway that this is not a &os; bug is if you see the problem when you are compiling a program, but the activity - that the compiler is carrying out changes each time. + that the compiler is carrying out changes each + time. - For example, suppose you are running - make buildworld, - and the compile fails while trying to compile - ls.c into ls.o. - If you then run - make buildworld - again, and the compile fails in the same place then this is - a broken build — try updating your sources and try - again. If the compile fails elsewhere then this is almost - certainly hardware. + For example, suppose you are running make + buildworld, and the compile fails while trying + to compile ls.c into + ls.o. If you then run make + buildworld again, and the compile fails in the + same place then this is a broken build — try + updating your sources and try again. If the compile fails + elsewhere then this is almost certainly hardware. What you should do: In the first case you can use a debugger e.g., &man.gdb.1; to find the point in the program which is - attempting to access a bogus address and then fix it. + attempting to access a bogus address and then fix + it. In the second case you need to verify that it is not your hardware at fault. @@ -2009,76 +2037,81 @@ bindkey ^[[3~ delete-char # for xterm

              - Your hard disks might be overheating: Check the fans - in your case are still working, as your disk (and perhaps - other hardware might be overheating). + Your hard disks might be overheating: Check the + fans in your case are still working, as your disk (and + perhaps other hardware might be overheating). - The processor running is overheating: This might be - because the processor has been overclocked, or the fan - on the processor might have died. In either case you - need to ensure that you have hardware running at what it - is specified to run at, at least while trying to solve - this problem (in other words, clock it back to the default - settings.) + The processor running is overheating: This might + be because the processor has been overclocked, or the + fan on the processor might have died. In either case + you need to ensure that you have hardware running at + what it is specified to run at, at least while trying + to solve this problem (in other words, clock it back + to the default settings.) If you are overclocking then note that it is far cheaper to have a slow system than a fried system that - needs replacing! Also the wider community is not often - sympathetic to problems on overclocked systems, whether - you believe it is safe or not. + needs replacing! Also the wider community is not + often sympathetic to problems on overclocked systems, + whether you believe it is safe or not. Dodgy memory: If you have multiple memory SIMMS/DIMMS installed then pull them all out and try - running the machine with each SIMM or DIMM individually - and narrow the problem down to either the problematic - DIMM/SIMM or perhaps even a combination. + running the machine with each SIMM or DIMM + individually and narrow the problem down to either the + problematic DIMM/SIMM or perhaps even a + combination. Over-optimistic Motherboard settings: In your BIOS - settings, and some motherboard jumpers you have options - to set various timings, mostly the defaults will be - sufficient, but sometimes, setting the wait states on - RAM too low, or setting the RAM Speed: - Turbo option, or similar in the BIOS will cause - strange behavior. A possible idea is to set to BIOS - defaults, but it might be worth noting down your - settings first! + settings, and some motherboard jumpers you have + options to set various timings, mostly the defaults + will be sufficient, but sometimes, setting the wait + states on RAM too low, or setting the RAM + Speed: Turbo option, or similar in the BIOS + will cause strange behavior. A possible idea is to + set to BIOS defaults, but it might be worth noting + down your settings first! Unclean or insufficient power to the motherboard. - If you have any unused I/O boards, hard disks, or CD-ROMs - in your system, try temporarily removing them or - disconnecting the power cable from them, to see if your - power supply can manage a smaller load. Or try another - power supply, preferably one with a little more power - (for instance, if your current power supply is rated at - 250 Watts try one rated at 300 Watts). + If you have any unused I/O boards, hard disks, or + CD-ROMs in your system, try temporarily removing them + or disconnecting the power cable from them, to see if + your power supply can manage a smaller load. Or try + another power supply, preferably one with a little + more power (for instance, if your current power supply + is rated at 250 Watts try one rated at + 300 Watts). - You should also read the SIG11 FAQ (listed below) which - has excellent explanations of all these problems, albeit from - a &linux; viewpoint. It also discusses how memory testing - software or hardware can still pass faulty memory. - - Finally, if none of this has helped it is possible that - you have just found a bug in &os;, and you should follow the - instructions to send a problem report. - - There is an extensive FAQ on this at the SIG11 problem FAQ. + You should also read the SIG11 FAQ (listed below) + which has excellent explanations of all these problems, + albeit from a &linux; viewpoint. It also discusses how + memory testing software or hardware can still pass faulty + memory. + + Finally, if none of this has helped it is possible + that you have just found a bug in &os;, and you should + follow the instructions to send a problem report. + + There is an extensive FAQ on this at the SIG11 + problem FAQ. - My system crashes with either Fatal trap 12: - page fault in kernel mode, or + My system crashes with either Fatal trap + 12: page fault in kernel mode, or panic:, and spits out a bunch of information. What should I do? @@ -2087,10 +2120,12 @@ bindkey ^[[3~ delete-char # for xterm

              The &os; developers are very interested in these errors, but need some more information than just the error you see. Copy your full crash message. Then consult the - FAQ section on kernel panics, - build a debugging kernel, and get a backtrace. This might - sound difficult, but you do not need any programming skills; - you just have to follow the instructions. + FAQ section on kernel + panics, build a debugging kernel, and get a + backtrace. This might sound difficult, but you do not + need any programming skills; you just have to follow the + instructions.               @@ -2103,19 +2138,21 @@ bindkey ^[[3~ delete-char # for xterm

              The &os; kernel will only allow a certain number of - processes to exist at one time. The number is based on the - kern.maxusers &man.sysctl.8; variable. - kern.maxusers also affects various other - in-kernel limits, such as network buffers. - If your machine is heavily loaded, you probably - want to increase kern.maxusers. This - will increase these other system limits in addition to the + processes to exist at one time. The number is based on + the kern.maxusers &man.sysctl.8; + variable. kern.maxusers also affects + various other in-kernel limits, such as network buffers. + If your machine is heavily loaded, you probably want to + increase kern.maxusers. This will + increase these other system limits in addition to the maximum number of processes. To adjust your kern.maxusers value, - see the File/Process Limits - section of the Handbook. (While that section refers to open - files, the same limits apply to processes.) + see the File/Process + Limits section of the Handbook. (While that + section refers to open files, the same limits apply to + processes.) If your machine is lightly loaded, and you are simply running a very large number of processes, you can adjust @@ -2124,25 +2161,25 @@ bindkey ^[[3~ delete-char # for xterm

              /boot/loader.conf. The tunable will not get adjusted until the system is rebooted. For more information about tuning tunables, see - &man.loader.conf.5;. - If these processes are being run by a single user, you will - also need to adjust kern.maxprocperuid to - be one less than your new kern.maxproc - value. (It must be at least one less because one system - program, &man.init.8;, must always be running.)               + &man.loader.conf.5;. If these processes are being run by + a single user, you will also need to adjust + kern.maxprocperuid to be one less than + your new kern.maxproc value. (It must + be at least one less because one system program, + &man.init.8;, must always be running.) - Why does sendmail give me an - error reading mail loops back to + Why does sendmail give me + an error reading mail loops back to myself? This is answered in the Sendmail + xlink:href="http://www.sendmail.org/faq/">Sendmail FAQ as follows. This FAQ is recommended reading when tweaking the mail setup. @@ -2170,9 +2207,9 @@ to /etc/mail/sendmail.cf. - The remote machine may be setting your terminal type to - something other than the cons25 terminal - type required by the &os; console. + The remote machine may be setting your terminal type + to something other than the cons25 + terminal type required by the &os; console. There are a number of possible work-arounds for this problem: @@ -2207,11 +2244,12 @@ to /etc/mail/sendmail.cf. - Fire up an X server at the &os; end and login to the - remote machine using an X based terminal emulator such - as xterm or rxvt. - The TERM variable at the remote host - should be set to xterm or + Fire up an X server at the &os; end and login to + the remote machine using an X based terminal emulator + such as xterm or + rxvt. The TERM + variable at the remote host should be set to + xterm or vt100. @@ -2221,46 +2259,48 @@ to /etc/mail/sendmail.cf. Why does it take so long to connect to my computer via - ssh or telnet? + ssh or + telnet? - The symptom: there is a long delay between the time the - TCP connection is established and the time when the client - software asks for a password (or, in &man.telnet.1;'s case, - when a login prompt appears). + The symptom: there is a long delay between the time + the TCP connection is established and the time when the + client software asks for a password (or, in + &man.telnet.1;'s case, when a login prompt + appears). The problem: more likely than not, the delay is caused by the server software trying to resolve the client's IP address into a hostname. Many servers, including the Telnet and - SSH servers that come with &os;, - do this to store the hostname - in a log file for future reference by the - administrator. + SSH servers that come with + &os;, do this to store the hostname in a log file for + future reference by the administrator. The remedy: if the problem occurs whenever you connect - from your computer (the client) to any server, the problem is - with the client; likewise, if the problem only occurs when - someone connects to your computer (the server) the problem - is with the server. - - If the problem is with the client, the only remedy is to - fix the DNS so the server can resolve it. If this is on a - local network, consider it a server problem and keep - reading; conversely, if this is on the global Internet, you - will most likely need to contact your ISP and ask them to - fix it for you. + from your computer (the client) to any server, the problem + is with the client; likewise, if the problem only occurs + when someone connects to your computer (the server) the + problem is with the server. + + If the problem is with the client, the only remedy is + to fix the DNS so the server can resolve it. If this is + on a local network, consider it a server problem and keep + reading; conversely, if this is on the global Internet, + you will most likely need to contact your ISP and ask them + to fix it for you. If the problem is with the server, and this is on a - local network, you need to configure the server to be able to - resolve address-to-hostname queries for your local address - range. See the &man.hosts.5; and &man.named.8; manual pages - for more information. If this is on the global Internet, - the problem may be that your server's resolver is not - functioning correctly. To check, try to look up another - host — say, www.yahoo.com. If it - does not work, that is your problem. + local network, you need to configure the server to be able + to resolve address-to-hostname queries for your local + address range. See the &man.hosts.5; and &man.named.8; + manual pages for more information. If this is on the + global Internet, the problem may be that your server's + resolver is not functioning correctly. To check, try to + look up another host — say, + www.yahoo.com. If it does not + work, that is your problem. Following a fresh install of &os;, it is also possible that domain and name server information is missing from @@ -2268,10 +2308,10 @@ to /etc/mail/sendmail.cf. Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CDD4DEA2; Mon, 12 May 2014 18:42:03 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B85D02324; Mon, 12 May 2014 18:42:03 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4CIg3OS091890; Mon, 12 May 2014 18:42:03 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4CIg3x2091889; Mon, 12 May 2014 18:42:03 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405121842.s4CIg3x2091889@svn.freebsd.org> From: Dru Lavigne Date: Mon, 12 May 2014 18:42:03 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44817 - head/en_US.ISO8859-1/books/faq X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 May 2014 18:42:03 -0000 Author: dru Date: Mon May 12 18:42:03 2014 New Revision: 44817 URL: http://svnweb.freebsd.org/changeset/doc/44817 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/faq/book.xml Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Mon May 12 15:15:44 2014 (r44816) +++ head/en_US.ISO8859-1/books/faq/book.xml Mon May 12 18:42:03 2014 (r44817) @@ -2895,8 +2895,9 @@ kern.timecounter.hardware: TSC -> i82 xlink:href="&url.books.handbook;/kernelconfig-building.html">build and install your new kernel. - Most kernels (/boot/kernel/kernel) - tend to be around 12 MB to 16 MB. + Most kernels + (/boot/kernel/kernel) tend to be + around 12 MB to 16 MB. @@ -2907,48 +2908,46 @@ kern.timecounter.hardware: TSC -> i82 - There are a number of possible causes for this problem. - They are, in no particular order: + There are a number of possible causes for this + problem. They are, in no particular order: - You are not using the - make buildkernel and - make installkernel - targets, and your source tree is different from the one - used to build the currently running system (e.g., you - are compiling &rel.current;-RELEASE on a - &rel2.current;-RELEASE system). If you are attempting - an upgrade, please read - /usr/src/UPDATING, paying - particular attention to the COMMON ITEMS - section at the end. + You are not using the make + buildkernel and make + installkernel targets, and your source + tree is different from the one used to build the + currently running system (e.g., you are compiling + &rel.current;-RELEASE on a &rel2.current;-RELEASE + system). If you are attempting an upgrade, please + read /usr/src/UPDATING, paying + particular attention to the COMMON + ITEMS section at the end. - You are using the - make buildkernel - and - make installkernel - targets, but you failed to assert the completion of the - make buildworld - target. The - make buildkernel - target relies on files generated by the - make buildworld + You are using the make + buildkernel and make + installkernel targets, but you failed to + assert the completion of the make + buildworld target. The make + buildkernel target relies on files + generated by the make buildworld target to complete its job correctly. - Even if you are trying to build &os;-STABLE, it is possible that - you fetched the source tree at a time when it was either - being modified, or broken for other reasons; only - releases are absolutely guaranteed to be buildable, - although &os;-STABLE - builds fine the majority of the time. If you have not - already done so, try re-fetching the source tree and see - if the problem goes away. Try using a different server - in case the one you are using is having problems. + Even if you are trying to build &os;-STABLE, it is possible + that you fetched the source tree at a time when it was + either being modified, or broken for other reasons; + only releases are absolutely guaranteed to be + buildable, although &os;-STABLE builds fine the + majority of the time. If you have not already done + so, try re-fetching the source tree and see if the + problem goes away. Try using a different server in + case the one you are using is having problems. @@ -2956,8 +2955,8 @@ kern.timecounter.hardware: TSC -> i82 - How can I verify which scheduler is in use on a running - system? + How can I verify which scheduler is in use on a + running system? @@ -2990,53 +2989,57 @@ kern.sched.name: ULE - How can I add my new hard disk to my &os; system? + How can I add my new hard disk to my &os; + system? - See the Adding Disks - section in the &os; Handbook. + See the Adding + Disks section in the &os; Handbook. - How do I move my system over to my huge new disk? + How do I move my system over to my huge new + disk? The best way is to reinstall the OS on the new disk, - then move the user data over. This is highly recommended if - you have been tracking -STABLE for more - than one release, or have updated a release instead of - installing a new one. You can install booteasy on both + then move the user data over. This is highly recommended + if you have been tracking -STABLE for + more than one release, or have updated a release instead + of installing a new one. You can install booteasy on both disks with &man.boot0cfg.8;, and dual boot them until you are happy with the new configuration. Skip the next paragraph to find out how to move the data after doing this. - Alternatively, partition and label the new disk with either - &man.sade.8; or &man.gpart.8;. If the disks are MBR-formatted, - you can also install booteasy on both disks with - &man.boot0cfg.8;, so that you can dual boot to the old or - new system after the copying is done. - - Now you have the new disk set up, and are ready to move - the data. Unfortunately, you cannot just blindly copy the - data. Things like device files (in + Alternatively, partition and label the new disk with + either &man.sade.8; or &man.gpart.8;. If the disks are + MBR-formatted, you can also install booteasy on both disks + with &man.boot0cfg.8;, so that you can dual boot to the + old or new system after the copying is done. + + Now you have the new disk set up, and are ready to + move the data. Unfortunately, you cannot just blindly + copy the data. Things like device files (in /dev), flags, and links tend to screw that up. You need to use tools that understand these - things, which means &man.dump.8;. Although it is suggested - that you move the data in single user mode, it is not - required. + things, which means &man.dump.8;. Although it is + suggested that you move the data in single user mode, it + is not required. You should never use anything but &man.dump.8; and &man.restore.8; to move the root file system. The - &man.tar.1; command may work — then again, it may not. - You should also use &man.dump.8; and &man.restore.8; if you - are moving a single partition to another empty partition. - The sequence of steps to use dump to move - a partitions data to a new partition is: + &man.tar.1; command may work — then again, it may + not. You should also use &man.dump.8; and &man.restore.8; + if you are moving a single partition to another empty + partition. The sequence of steps to use + dump to move a partitions data to a new + partition is: @@ -3059,21 +3062,22 @@ kern.sched.name: ULE For example, if you are going to move root to - /dev/ada1s1a, - with /mnt as - the temporary mount point, it is: + /dev/ada1s1a, with + /mnt as the temporary mount point, it + is: &prompt.root; newfs /dev/ada1s1a &prompt.root; mount /dev/ada1s1a /mnt &prompt.root; cd /mnt &prompt.root; dump 0af - / | restore rf - - Rearranging your partitions with dump - takes a bit more work. To merge a partition like - /var into its parent, create the new - partition large enough for both, move the parent partition - as described above, then move the child partition into the - empty directory that the first move created: + Rearranging your partitions with + dump takes a bit more work. To merge a + partition like /var into its parent, + create the new partition large enough for both, move the + parent partition as described above, then move the child + partition into the empty directory that the first move + created: &prompt.root; newfs /dev/ada1s1a &prompt.root; mount /dev/ada1s1a /mnt @@ -3096,72 +3100,69 @@ kern.sched.name: ULE &prompt.root; cd /mnt &prompt.root; dump 0af - / | restore rf - - You might prefer &man.cpio.1;, &man.pax.1;, &man.tar.1; - to &man.dump.8; for user data. At the time of this writing, - these are known to lose file flag information, so use them - with caution. + You might prefer &man.cpio.1;, &man.pax.1;, + &man.tar.1; to &man.dump.8; for user data. At the time of + this writing, these are known to lose file flag + information, so use them with caution. Which partitions can safely use Soft Updates? I have - heard that Soft Updates on / can cause - problems. What about Journaled Soft Updates? + heard that Soft Updates on / can + cause problems. What about Journaled Soft Updates? - Short answer: you can usually use Soft Updates safely on - all partitions. + Short answer: you can usually use Soft Updates safely + on all partitions. - Long answer: Soft Updates has two - characteristics that may be undesirable on certain - partitions. First, a Soft Updates - partition has a small chance of losing data during a system - crash. (The partition will not be corrupted; the data will - simply be lost.) Second, Soft Updates can cause temporary - space shortages. + Long answer: Soft Updates has two characteristics + that may be undesirable on certain partitions. First, a + Soft Updates partition has a small chance of losing data + during a system crash. (The partition will not be + corrupted; the data will simply be lost.) Second, Soft + Updates can cause temporary space shortages. When using Soft Updates, the kernel can take up to - thirty seconds to write changes to the physical - disk. When a large file is deleted the file still - resides on - disk until the kernel actually performs the deletion. This - can cause a very simple race condition. Suppose you delete - one large file and immediately create another large file. - The first large file is not yet actually removed from the - physical disk, so the disk might not have enough room for - the second large file. You get an error that the partition - does not have enough space, although you know perfectly well - that you just released a large chunk of space! When you try - again mere seconds later, the file creation works as you - expect. This has left more than one user scratching his - head and doubting his sanity, the &os; file system, or - both. + thirty seconds to write changes to the physical disk. + When a large file is deleted the file still resides on + disk until the kernel actually performs the deletion. + This can cause a very simple race condition. Suppose you + delete one large file and immediately create another large + file. The first large file is not yet actually removed + from the physical disk, so the disk might not have enough + room for the second large file. You get an error that the + partition does not have enough space, although you know + perfectly well that you just released a large chunk of + space! When you try again mere seconds later, the file + creation works as you expect. This has left more than one + user scratching his head and doubting his sanity, the &os; + file system, or both. If a system should crash after the kernel accepts a chunk of data for writing to disk, but before that data is - actually written out, data could be lost. This - risk is extremely small, but generally manageable. + actually written out, data could be lost. This risk is + extremely small, but generally manageable. These issues affect all partitions using Soft Updates. So, what does this mean for the root partition? Vital information on the root partition changes very - rarely. If the - system crashed during the thirty-second window after such a - change is made, it is possible that data could be lost. - This risk is negligible for most applications, but you - should be aware that it exists. If your system cannot - tolerate this much risk, do not use Soft Updates on the root - file system! + rarely. If the system crashed during the thirty-second + window after such a change is made, it is possible that + data could be lost. This risk is negligible for most + applications, but you should be aware that it exists. If + your system cannot tolerate this much risk, do not use + Soft Updates on the root file system! / is traditionally one of the smallest partitions. If you put the /tmp directory on / and you have a busy - /tmp, you might see intermittent space - problems. Symlinking /tmp to + /tmp, you might see intermittent + space problems. Symlinking /tmp to /var/tmp will solve this problem. @@ -3188,8 +3189,8 @@ kern.sched.name: ULE UFS CD-ROMs can be mounted directly on &os;. Mounting disk partitions from Digital UNIX and other systems that support UFS may be more complex, - depending on the details of the disk partitioning for - the operating system in question. + depending on the details of the disk partitioning + for the operating system in question. @@ -3208,8 +3209,9 @@ kern.sched.name: ULE FUSE based NTFS support is available as a port - (sysutils/fusefs-ntfs). - For more information see ntfs-3g. + (sysutils/fusefs-ntfs). For more + information see ntfs-3g. @@ -3226,19 +3228,20 @@ kern.sched.name: ULE ZFS - &os; includes a port of - &sun;'s ZFS driver. The current recommendation is to - use it only on &arch.amd64; platforms with sufficient - memory. For more information, see &man.zfs.8;. + &os; includes a port of &sun;'s ZFS driver. The + current recommendation is to use it only on + &arch.amd64; platforms with sufficient memory. For + more information, see &man.zfs.8;. - &os; also supports network file systems such as NFS (see - &man.mount.nfs.8;), NetWare (see &man.mount.nwfs.8;), and - Microsoft-style SMB file systems (see &man.mount.smbfs.8;). - You can find ports based on FUSE (sysutils/fusefs-kmod) for many - other file systems. + &os; also supports network file systems such as NFS + (see &man.mount.nfs.8;), NetWare (see &man.mount.nwfs.8;), + and Microsoft-style SMB file systems (see + &man.mount.smbfs.8;). You can find ports based on FUSE + (sysutils/fusefs-kmod) for many other + file systems. @@ -3251,8 +3254,8 @@ kern.sched.name: ULE The secondary DOS partitions are found after all the primary partitions. For example, if you have an E partition as the - second DOS partition on the second SCSI drive, there will be - a device file for slice 5 in + second DOS partition on the second SCSI drive, there will + be a device file for slice 5 in /dev, so simply mount it: &prompt.root; mount -t msdosfs /dev/da1s5 /dos/e @@ -3266,8 +3269,10 @@ kern.sched.name: ULE Yes. You can use either &man.gbde.8; or &man.geli.8;, - see the Encrypting Disk Partitions - section of the &os; Handbook. + see the Encrypting + Disk Partitions section of the &os; + Handbook. @@ -3282,9 +3287,9 @@ kern.sched.name: ULE your native root &os; partition into a file in the DOS/&windowsnt; partition. Assuming you name that file something like c:\bootsect.bsd - (inspired by c:\bootsect.dos), you can - then edit c:\boot.ini to come - up with something like this: + (inspired by c:\bootsect.dos), you + can then edit c:\boot.ini to come up + with something like this: [boot loader] timeout=30 @@ -3294,20 +3299,22 @@ multi(0)disk(0)rdisk(0)partition(1)\WIND C:\BOOTSECT.BSD="&os;" C:\="DOS" - If &os; is installed on the same disk as the &windowsnt; - boot partition simply copy /boot/boot1 to + If &os; is installed on the same disk as the + &windowsnt; boot partition simply copy + /boot/boot1 to C:\BOOTSECT.BSD. However, if &os; is installed on a different disk /boot/boot1 will not work, /boot/boot0 is needed. /boot/boot0 needs to be installed - using &man.sysinstall.8; by selecting the &os; boot manager - on the screen which asks if you wish to use a boot manager. - This is because /boot/boot0 has the - partition table area filled with NULL characters but - &man.sysinstall.8; copies the partition table before copying - /boot/boot0 to the MBR. + using &man.sysinstall.8; by selecting the &os; boot + manager on the screen which asks if you wish to use a boot + manager. This is because /boot/boot0 + has the partition table area filled with NULL characters + but &man.sysinstall.8; copies the partition table before + copying /boot/boot0 to the + MBR. Do not simply copy @@ -3322,9 +3329,9 @@ C:\="DOS" entry for that OS and then writes the whole 512-bytes of itself back to the MBR so if you just copy /boot/boot0 to - C:\BOOTSECT.BSD then it writes an empty - partition table, with the active flag set on one entry, to - the MBR. + C:\BOOTSECT.BSD then it writes an + empty partition table, with the active flag set on one + entry, to the MBR. @@ -3349,7 +3356,8 @@ C:\="DOS" (the above assumes that your &os; slice is known to &linux; as /dev/hda2; tailor to suit your setup). Then, run lilo as - root and you should be done. + root and you + should be done. If &os; resides on another disk, you need to add loader=/boot/chain.b to the LILO entry. @@ -3361,19 +3369,20 @@ C:\="DOS" label=&os; In some cases you may need to specify the BIOS drive - number to the &os; boot loader to successfully boot off the - second disk. For example, if your &os; SCSI disk is probed - by BIOS as BIOS disk 1, at the &os; boot loader prompt you - need to specify: + number to the &os; boot loader to successfully boot off + the second disk. For example, if your &os; SCSI disk is + probed by BIOS as BIOS disk 1, at the &os; boot loader + prompt you need to specify: Boot: 1:da(0,a)/boot/kernel/kernel - You can configure &man.boot.8; to automatically do this - for you at boot time. + You can configure &man.boot.8; to automatically do + this for you at boot time. - The &linux;+&os; mini-HOWTO - is a good reference for &os; and &linux; interoperability - issues. + The &linux;+&os; + mini-HOWTO is a good reference for &os; and + &linux; interoperability issues. @@ -3397,8 +3406,8 @@ C:\="DOS" root partition on the first disk. If you need to specify which slice number should be used, use something like this (hd0,2,a). By default, if the - slice number is omitted, GRUB searches the first slice which - has a partition. + slice number is omitted, GRUB searches the first slice + which has a partition. @@ -3409,29 +3418,31 @@ C:\="DOS" - Install LILO at the start of your &linux; boot partition - instead of in the Master Boot Record. You can then boot - LILO from BootEasy. + Install LILO at the start of your &linux; boot + partition instead of in the Master Boot Record. You can + then boot LILO from + BootEasy. If you are running &windows; and &linux; this is - recommended anyway, to make it simpler to get &linux; booting - again if you should need to reinstall &windows; (which is a - Jealous Operating System, and will bear no other Operating - Systems in the Master Boot Record). + recommended anyway, to make it simpler to get &linux; + booting again if you should need to reinstall &windows; + (which is a Jealous Operating System, and will bear no + other Operating Systems in the Master Boot Record). How do I change the boot prompt from - ??? to something more meaningful? + ??? to something more + meaningful? You can not do that with the standard boot manager without rewriting it. There are a number of other boot - managers in the sysutils ports category - that provide this functionality. + managers in the sysutils ports + category that provide this functionality. @@ -3441,19 +3452,17 @@ C:\="DOS" - If the drive already has a - file system on it, you can use a command like this: + If the drive already has a file system on it, you can + use a command like this: &prompt.root; mount -t msdosfs /dev/da0s1 /mnt - If the drive will only be used with &os; - systems it is better idea to - stick a BSD file system on it, like UFS or ZFS. - You will get long filename - support, at least a 2X improvement in performance, - and a lot more stability. If the drive will be - used by other operating systems a more portable - choice, such as msdosfs, is better. + If the drive will only be used with &os; systems it is + better idea to stick a BSD file system on it, like UFS or + ZFS. You will get long filename support, at least a 2X + improvement in performance, and a lot more stability. If + the drive will be used by other operating systems a more + portable choice, such as msdosfs, is better. &prompt.root; dd if=/dev/zero of=/dev/da0 count=2 &prompt.root; gpart create -s GPT /dev/da0 @@ -3467,9 +3476,9 @@ C:\="DOS" &prompt.root; mount /dev/da0s1 /mnt - It is a good idea to add a line - to /etc/fstab (see &man.fstab.5;) so - you can just type mount /mnt in the + It is a good idea to add a line to + /etc/fstab (see &man.fstab.5;) so you + can just type mount /mnt in the future: /dev/da0p1 /mnt ufs rw,noauto 0 0 @@ -3484,8 +3493,12 @@ C:\="DOS" You have to tell &man.mount.8; the type of the device - that you want to mount. This is described in the Handbook section on optical media, - specifically the section Using Data CDs. + that you want to mount. This is described in the Handbook + section on optical media, specifically the + section Using + Data CDs. @@ -3498,9 +3511,10 @@ C:\="DOS" This generally means that there is no CD-ROM in the CD-ROM drive, or the drive is not visible on the bus. - Please see the Using Data CDs - section of the Handbook for a detailed discussion of this - issue. + Please see the Using + Data CDs section of the Handbook for a detailed + discussion of this issue. @@ -3514,22 +3528,30 @@ C:\="DOS" Your CD-ROM probably uses the Joliet extension for storing information about files and directories. This is discussed in the Handbook chapter on - creating and using CD-ROMs, - specifically the section on Using Data CD-ROMs. + creating + and using CD-ROMs, specifically the section on + Using + Data CD-ROMs. - I burned a CD under &os; and now I can not read it under - any other operating system. Why? + I burned a CD under &os; and now I can not read it + under any other operating system. Why? You most likely burned a raw file to your CD, rather - than creating an ISO 9660 file system. Take a look at - the Handbook chapter on creating CD-ROMs, - particularly the section on Using Data CDs. + than creating an ISO 9660 file system. Take a look + at the Handbook + chapter on creating CD-ROMs, particularly the + section on Using + Data CDs. @@ -3539,9 +3561,13 @@ C:\="DOS" - This is discussed in the Handbook section on Writing Data to an ISO File System. - For more on working with CD-ROMs, see the Creating CDs Section - in the Storage chapter in the Handbook. + This is discussed in the Handbook section on Writing + Data to an ISO File System. + For more on working with CD-ROMs, see the Creating + CDs Section in the Storage chapter in the + Handbook. @@ -3554,10 +3580,11 @@ C:\="DOS" If you try to mount an audio CD, you will get an error like cd9660: /dev/acd0c: Invalid - argument. This is because - mount only works on file systems. Audio - CDs do not have file systems; they just have data. You need - a program that reads audio CDs, such as the audio/xmcd port. + argument. This is because + mount only works on file systems. + Audio CDs do not have file systems; they just have data. + You need a program that reads audio CDs, such as the + audio/xmcd port. @@ -3568,11 +3595,11 @@ C:\="DOS" - By default, &man.mount.8; will attempt to mount the last - data track (session) of a CD. If you would like to load an - earlier session, you must use the - command line argument. Please see &man.mount.cd9660.8; for - specific examples. + By default, &man.mount.8; will attempt to mount the + last data track (session) of a CD. If you would like to + load an earlier session, you must use the + command line argument. Please see + &man.mount.cd9660.8; for specific examples. @@ -3583,16 +3610,16 @@ C:\="DOS" - As root set the sysctl variable - vfs.usermount to + As root set + the sysctl variable vfs.usermount to 1. &prompt.root; sysctl vfs.usermount=1 To make this persist across reboots, add the line vfs.usermount=1 to - /etc/sysctl.conf so that - it is reset at system boot time. + /etc/sysctl.conf so that it is reset + at system boot time. Users can only mount devices they have read permissions to. To allow users to mount a device @@ -3606,8 +3633,8 @@ C:\="DOS" own /dev/da0 root:operator perm /dev/da0 0666 - All users can now mount devices they could read - onto a directory that they own: + All users can now mount devices they could read onto a + directory that they own: &prompt.user; mkdir ~/my-mount-point &prompt.user; mount -t msdosfs /dev/da0 ~/my-mount-point @@ -3616,14 +3643,15 @@ C:\="DOS" &prompt.user; umount ~/my-mount-point - Enabling vfs.usermount, however, has - negative security implications. A better way to access - &ms-dos; formatted media is to use the emulators/mtools package in the - Ports Collection. + Enabling vfs.usermount, however, + has negative security implications. A better way to + access &ms-dos; formatted media is to use the + emulators/mtools package in the Ports + Collection. - The device name used in the previous examples must be - changed according to your configuration. + The device name used in the previous examples must + be changed according to your configuration. @@ -3637,19 +3665,19 @@ C:\="DOS" You need to understand what du and - df really do. du goes - through the directory tree, measures how large each file is, - and presents the totals. df just asks - the file system how much space it has left. They seem to be - the same thing, but a file without a directory entry will - affect df but not + df really do. du + goes through the directory tree, measures how large each + file is, and presents the totals. df + just asks the file system how much space it has left. + They seem to be the same thing, but a file without a + directory entry will affect df but not du. - When a program is using a file, and you delete the file, - the file is not really removed from the file system until - the program stops using it. The file is immediately deleted - from the directory listing, however. You can see this - easily enough with a program such as + When a program is using a file, and you delete the + file, the file is not really removed from the file system + until the program stops using it. The file is immediately + deleted from the directory listing, however. You can see + this easily enough with a program such as more. Assume you have a file large enough that its presence affects the output of du and df. (Since @@ -3657,21 +3685,22 @@ C:\="DOS" very large file!) If you delete this file while using more on it, more does not immediately choke and - complain that it cannot view the file. The entry is simply - removed from the directory so no other program or user can - access it. du shows that it is gone - — it has walked the directory tree and the file is not - listed. df shows that it is still there, - as the file system knows that more is - still using that space. Once you end the - more session, du and - df will agree. + complain that it cannot view the file. The entry is + simply removed from the directory so no other program or + user can access it. du shows that it + is gone — it has walked the directory tree and the + file is not listed. df shows that it + is still there, as the file system knows that + more is still using that space. Once + you end the more session, + du and df will + agree. This situation is common on web servers. Many people - set up a &os; web server and forget to rotate the log files. - The access log fills up /var. The new - administrator deletes the file, but the system still - complains that the partition is full. Stopping and + set up a &os; web server and forget to rotate the log + files. The access log fills up /var. + The new administrator deletes the file, but the system + still complains that the partition is full. Stopping and restarting the web server program would free the file, allowing the system to release the disk space. To prevent this from happening, set up &man.newsyslog.8;. @@ -3688,8 +3717,11 @@ C:\="DOS" - In the Configuration and Tuning - section of the Handbook, you will find a section + In the Configuration + and Tuning section of the Handbook, you will find + a section describing how to do this. @@ -3705,32 +3737,34 @@ C:\="DOS" bytes each, whereas &os; calculates them as 1,073,741,824 bytes each. This explains why, for example, &os;'s boot messages will report a disk that - supposedly has 80 GB as holding 76,319 MB. + supposedly has 80 GB as holding + 76,319 MB. - Also note that &os; will (by default) reserve 8% of the disk - space. + Also note that &os; will (by default) reserve 8% of the + disk space. - How is it possible for a partition to be more than 100% - full? + How is it possible for a partition to be more than + 100% full? A portion of each UFS partition (8%, by default) is reserved for use by the operating system and the - root user. &man.df.1; does not count - that space when calculating the Capacity - column, so it can exceed 100%. Also, you will notice that - the Blocks column is always greater than - the sum of the Used and - Avail columns, usually by a factor of - 8%. + root user. + &man.df.1; does not count that space when calculating the + Capacity column, so it can exceed 100%. + Also, you will notice that the Blocks + column is always greater than the sum of the + Used and Avail + columns, usually by a factor of 8%. - For more details, look up - in &man.tunefs.8;. + For more details, look up in + &man.tunefs.8;. @@ -3744,10 +3778,9 @@ C:\="DOS" &os; does a short memory test early in the boot process. This test usually only takes several seconds, however if the system has many 10s or 100s of gigabytes - of memory it can take up to a few minutes. This test - can be disabled by setting - hw.memtest.tests to - 0 in + of memory it can take up to a few minutes. This test can + be disabled by setting hw.memtest.tests + to 0 in /boot/loader.conf. For more details, see &man.loader.conf.5;. @@ -3780,16 +3813,16 @@ C:\="DOS" The ZIL ((ZFS intent log) is a write log used to implement posix write commitment semantics across crashes. Normally writes - are bundled up into transaction groups - and written to disk when filled (Transaction Group + are bundled up into transaction groups and written to + disk when filled (Transaction Group Commit). However syscalls like &man.fsync.2; require a commitment that the data is written to stable - storage before returning. - The ZIL is needed for writes that have been acknowledged - as written but which are not yet on disk as part of a - transaction. The transaction groups are timestamped. - In the event of a crash the last valid timestamp is - found and missing data is merged in from the ZIL. + storage before returning. The ZIL is needed for writes + that have been acknowledged as written but which are not + yet on disk as part of a transaction. The transaction + groups are timestamped. In the event of a crash the + last valid timestamp is found and missing data is merged + in from the ZIL. @@ -3816,17 +3849,16 @@ C:\="DOS" The L2ARC is a read cache stored on a fast device such as an SSD. - This cache is not persistent across - reboots. Note that RAM is used as the first layer - of cache and the L2ARC is only needed if there is - insufficient RAM. + This cache is not persistent across reboots. Note that + RAM is used as the first layer of cache and the L2ARC is + only needed if there is insufficient RAM. L2ARC needs space in the ARC to index it. So, perversely, a working set that fits perfectly in the ARC will not fit perfectly any more if a L2ARC is used because part of the ARC is holding the L2ARC index, - pushing part of the working set into the - L2ARC which is slower than RAM. + pushing part of the working set into the L2ARC which is + slower than RAM. @@ -3838,20 +3870,20 @@ C:\="DOS" Generally speaking, no. - Deduplication takes up a significant amount - of RAM and may slow down read and write - disk access times. Unless one is storing data that is - very heavily duplicated (such as virtual machine images, - or user backups) it is possible that deduplication will - do more harm than good. Another consideration is the - inability to revert deduplication status. If data is - written when deduplication is enabled, disabling dedup - will not cause those blocks which were deduplicated to - be replicated until they are next modified. + Deduplication takes up a significant amount of RAM + and may slow down read and write disk access times. + Unless one is storing data that is very heavily + duplicated (such as virtual machine images, or user + backups) it is possible that deduplication will do more + harm than good. Another consideration is the inability + to revert deduplication status. If data is written when + deduplication is enabled, disabling dedup will not cause + those blocks which were deduplicated to be replicated + until they are next modified. Deduplication can also lead to some unexpected - situations. In particular deleting files may become much - slower. + situations. In particular deleting files may become + much slower. @@ -3863,20 +3895,20 @@ C:\="DOS" This could happen because the pool is 100% full. - ZFS requires space on the disk to write - transaction metadata. To restore the pool *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Tue May 13 03:34:53 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 05CF27E2; Tue, 13 May 2014 03:34:53 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E615D24DC; Tue, 13 May 2014 03:34:52 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4D3Yqjb028154; Tue, 13 May 2014 03:34:52 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4D3YqK1028153; Tue, 13 May 2014 03:34:52 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405130334.s4D3YqK1028153@svn.freebsd.org> From: Dru Lavigne Date: Tue, 13 May 2014 03:34:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44818 - head/en_US.ISO8859-1/books/faq X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 May 2014 03:34:53 -0000 Author: dru Date: Tue May 13 03:34:52 2014 New Revision: 44818 URL: http://svnweb.freebsd.org/changeset/doc/44818 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/faq/book.xml Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Mon May 12 18:42:03 2014 (r44817) +++ head/en_US.ISO8859-1/books/faq/book.xml Tue May 13 03:34:52 2014 (r44818) @@ -4247,32 +4247,36 @@ options SYSVMSG # enable for - The sendmail - server is the default mail-server software for &os;, but you - can easily replace it with one of the other MTA (for + The sendmail + server is the default mail-server software for &os;, but + you can easily replace it with one of the other MTA (for instance, an MTA installed from the ports). There are various alternative MTAs in the ports tree already, with mail/exim, - mail/postfix, mail/qmail, and mail/zmailer being some of the - most popular choices. + mail/postfix, + mail/qmail, and + mail/zmailer being some of the most + popular choices. Diversity is nice, and the fact that you have many different mail-servers to chose from is considered a good thing; therefore try to avoid asking questions like Is sendmail better than qmail? in the mailing - lists. If you do feel like asking, first check the mailing - list archives. The advantages and disadvantages of each and - every one of the available MTAs have already been discussed - a few times. + lists. If you do feel like asking, first check the + mailing list archives. The advantages and disadvantages + of each and every one of the available MTAs have already + been discussed a few times. - I have forgotten the root password! - What do I do? + I have forgotten the root password! What do I + do? @@ -4281,27 +4285,29 @@ options SYSVMSG # enable for Boot: prompt to enter Single User mode. At the question about the shell to use, hit Enter. You will be dropped to a - &prompt.root; prompt. Enter mount -urw / - to remount your root file system read/write, then run - mount -a to remount all the file systems. - Run passwd root to change the - root password then run &man.exit.1; to - continue booting. + &prompt.root; prompt. Enter mount + -urw / to remount your root file system + read/write, then run mount -a to + remount all the file systems. Run passwd + root to change the root password then run + &man.exit.1; to continue booting. - If you are still prompted to give the - root password when entering the - Single User mode, it means that the console has been - marked as insecure in + If you are still prompted to give the root password when + entering the Single User mode, it means that the console + has been marked as insecure in /etc/ttys. In this case it will be required to boot from a &os; installation disk, choose the Live CD or - Shell at the beginning of the install - process and issue the commands mentioned above. You will need to - mount the specific partition in this case and then chroot to it, - i.e., replace mount -urw / by - mount /dev/ada0p1 /mnt; chroot /mnt for - a system on ada0p1. + Shell at the beginning of the + install process and issue the commands mentioned above. + You will need to mount the specific partition in this + case and then chroot to it, i.e., replace mount + -urw / by mount /dev/ada0p1 /mnt; + chroot /mnt for a system on + ada0p1. @@ -4310,21 +4316,23 @@ options SYSVMSG # enable for encrypted and it is impossible to mount them without the access keys. Your chances depend on the chosen implementation. For more information see the section - about encrypted disks in the &os; Handbook. + about encrypted disks in the &os; Handbook. - How do I keep ControlAltDelete + How do I keep ControlAltDelete from rebooting the system? If you are using &man.syscons.4; (the default console - driver) build and install a new kernel with the line in the - configuration file: + driver) build and install a new kernel with the line in + the configuration file: options SC_DISABLE_REBOOT @@ -4335,16 +4343,18 @@ options SYSVMSG # enable for &prompt.root; sysctl hw.syscons.kbd_reboot=0 - The above two methods are exclusive: The &man.sysctl.8; - does not exist if you compile your kernel with the - SC_DISABLE_REBOOT option. + The above two methods are exclusive: The + &man.sysctl.8; does not exist if you compile your kernel + with the SC_DISABLE_REBOOT + option. - How do I reformat DOS text files to &unix; ones? + How do I reformat DOS text files to &unix; + ones? @@ -4352,25 +4362,26 @@ options SYSVMSG # enable for &prompt.user; perl -i.bak -npe 's/\r\n/\n/g' file(s) - where file(s) is one or more - files to process. The modification is done in-place, with the - original file stored with a .bak - extension. + where file(s) is one or + more files to process. The modification is done in-place, + with the original file stored with a + .bak extension. - Alternatively you can use the &man.tr.1; command: + Alternatively you can use the &man.tr.1; + command: &prompt.user; tr -d '\r' < dos-text-file > unix-file dos-text-file is the file containing DOS text while unix-file will contain the - converted output. This can be quite a bit faster than using - perl. + converted output. This can be quite a bit faster than + using perl. - Yet another way to reformat DOS text files is to use the - converters/dosunix port - from the Ports Collection. Consult its documentation about - the details. + Yet another way to reformat DOS text files is to use + the converters/dosunix port from the + Ports Collection. Consult its documentation about the + details. @@ -4411,73 +4422,77 @@ options SYSVMSG # enable for -STABLE, but got -BETAx, -RC or - -PRERELEASE! What is going on? + -PRERELEASE! What is going + on? Short answer: it is just a name. RC stands for Release - Candidate. It signifies that a release is imminent. - In &os;, -PRERELEASE is typically - synonymous with the code freeze before a release. (For some - releases, the -BETA label was used in - the same way as -PRERELEASE.) + Candidate. It signifies that a release is + imminent. In &os;, -PRERELEASE is + typically synonymous with the code freeze before a + release. (For some releases, the + -BETA label was used in the same way + as -PRERELEASE.) Long answer: &os; derives its releases from one of two places. Major, dot-zero, releases, such as 9.0-RELEASE - are branched from the head of the development - stream, commonly referred to as -CURRENT. Minor releases, such as - 6.3-RELEASE or 5.2-RELEASE, have been snapshots of the + are branched from the head of the development stream, + commonly referred to as -CURRENT. Minor releases, such + as 6.3-RELEASE or 5.2-RELEASE, have been snapshots of the active -STABLE branch. - Starting with 4.3-RELEASE, each release also now has its own - branch which can be tracked by people requiring an extremely - conservative rate of development (typically only security - advisories). + Starting with 4.3-RELEASE, each release also now has its + own branch which can be tracked by people requiring an + extremely conservative rate of development (typically only + security advisories). When a release is about to be made, the branch from which it will be derived from has to undergo a certain process. Part of this process is a code freeze. When a - code freeze is initiated, the name of the branch is changed - to reflect that it is about to become a release. For - example, if the branch used to be called 6.2-STABLE, its - name will be changed to 6.3-PRERELEASE to signify the code - freeze and signify that extra pre-release testing should be - happening. Bug fixes can still be committed to be part of - the release. When the source code is in shape for the - release the name will be changed to 6.3-RC to signify that a - release is about to be made from it. Once in the RC stage, - only the most critical bugs found can be fixed. Once the - release (6.3-RELEASE in this example) and release branch - have been made, the branch will be renamed to - 6.3-STABLE. - - For more information on version numbers and the various - Subversion branches, refer to the Release Engineering - article. + code freeze is initiated, the name of the branch is + changed to reflect that it is about to become a release. + For example, if the branch used to be called 6.2-STABLE, + its name will be changed to 6.3-PRERELEASE to signify the + code freeze and signify that extra pre-release testing + should be happening. Bug fixes can still be committed to + be part of the release. When the source code is in shape + for the release the name will be changed to 6.3-RC to + signify that a release is about to be made from it. Once + in the RC stage, only the most critical bugs found can be + fixed. Once the release (6.3-RELEASE in this example) and + release branch have been made, the branch will be renamed + to 6.3-STABLE. + + For more information on version numbers and the + various Subversion branches, refer to the Release + Engineering article. - I tried to install a new kernel, and the &man.chflags.1; - failed. How do I get around this? + I tried to install a new kernel, and the + &man.chflags.1; failed. How do I get around this? - Short answer: You are probably at security level greater - than 0. Reboot directly to Single User mode to install the - kernel. + Short answer: You are probably at security level + greater than 0. Reboot directly to Single User mode to + install the kernel. Long answer: &os; disallows changing system flags at - security levels greater than 0. You can check your security - level with the command: + security levels greater than 0. You can check your + security level with the command: &prompt.root; sysctl kern.securelevel - You cannot lower the security level; you have to boot to - Single Mode to install the kernel, or change the security - level in /etc/rc.conf then reboot. See - the &man.init.8; manual page for details on + You cannot lower the security level; you have to boot + to Single Mode to install the kernel, or change the + security level in /etc/rc.conf then + reboot. See the &man.init.8; manual page for details on securelevel, and see /etc/defaults/rc.conf and the &man.rc.conf.5; manual page for more information on @@ -4492,20 +4507,20 @@ options SYSVMSG # enable for - Short answer: You are probably at security level greater - than 1. Reboot directly to Single User mode to change the - date. + Short answer: You are probably at security level + greater than 1. Reboot directly to Single User mode to + change the date. Long answer: &os; disallows changing the time by more - that one second at security levels greater than 1. You can - check your security level with the command: + that one second at security levels greater than 1. You + can check your security level with the command: &prompt.root; sysctl kern.securelevel - You cannot lower the security level; you have to boot to - Single User mode to change the date, or change the security - level in /etc/rc.conf then reboot. See - the &man.init.8; manual page for details on + You cannot lower the security level; you have to boot + to Single User mode to change the date, or change the + security level in /etc/rc.conf then + reboot. See the &man.init.8; manual page for details on securelevel, and see /etc/defaults/rc.conf and the &man.rc.conf.5; manual page for more information on @@ -4515,8 +4530,8 @@ options SYSVMSG # enable for - Why is rpc.statd using 256 MB of - memory? + Why is rpc.statd using 256 MB + of memory? @@ -4524,17 +4539,17 @@ options SYSVMSG # enable for 256 MB of memory. For convenience, rpc.statd maps an obscene amount of memory into its address space. There is nothing terribly - wrong with this from a technical standpoint; it just throws - off things like &man.top.1; and &man.ps.1;. + wrong with this from a technical standpoint; it just + throws off things like &man.top.1; and &man.ps.1;. &man.rpc.statd.8; maps its status file (resident on /var) into its address space; to save - worrying about remapping it later when it needs to grow, it - maps it with a generous size. This is very evident from the - source code, where one can see that the length argument to - &man.mmap.2; is 0x10000000, or one - sixteenth of the address space on an IA32, or exactly - 256 MB. + worrying about remapping it later when it needs to grow, + it maps it with a generous size. This is very evident + from the source code, where one can see that the length + argument to &man.mmap.2; is 0x10000000, + or one sixteenth of the address space on an IA32, or + exactly 256 MB. @@ -4546,9 +4561,9 @@ options SYSVMSG # enable for You are running at an elevated (i.e., greater than 0) - securelevel. Lower the securelevel and try again. For more - information, see the FAQ entry - on securelevel and the &man.init.8; manual + securelevel. Lower the securelevel and try again. For + more information, see the FAQ + entry on securelevel and the &man.init.8; manual page. @@ -4556,17 +4571,17 @@ options SYSVMSG # enable for Why does SSH authentication - through .shosts not work by default in - recent versions of &os;? + through .shosts not work by default + in recent versions of &os;? The reason why .shosts authentication does not work by default in more recent versions of &os; is because &man.ssh.1; is not installed - suid root by default. To - fix this, you can do one of the - following: + suid root by + default. To fix this, you can do one of + the following: @@ -4580,9 +4595,9 @@ options SYSVMSG # enable for As a temporary fix, change the mode on /usr/bin/ssh to - 4555 by running - chmod 4555 /usr/bin/ssh as - root. + 4555 by running chmod 4555 + /usr/bin/ssh as root. @@ -4595,10 +4610,10 @@ options SYSVMSG # enable for vnlru flushes and frees vnodes when - the system hits the kern.maxvnodes limit. - This kernel thread sits mostly idle, and only activates if - you have a huge amount of RAM and are accessing tens of - thousands of tiny files. + the system hits the kern.maxvnodes + limit. This kernel thread sits mostly idle, and only + activates if you have a huge amount of RAM and are + accessing tens of thousands of tiny files. @@ -4624,49 +4639,51 @@ options SYSVMSG # enable for Cache: (most often) pages that have percolated from inactive to a status where they - maintain their data, but can often be immediately reused - (either with their old association, or reused with a new - association). There can be certain immediate transitions - from active to - cache state if the page is known to - be clean (unmodified), but that transition is a matter - of policy, depending upon the algorithm choice of the VM - system maintainer. + maintain their data, but can often be immediately + reused (either with their old association, or reused + with a new association). There can be certain + immediate transitions from active + to cache state if the page is known + to be clean (unmodified), but that transition is a + matter of policy, depending upon the algorithm choice + of the VM system maintainer. - Free: pages without data content, - and can be immediately used in certain circumstances - where cache pages might be ineligible. Free pages can - be reused at interrupt or process + Free: pages without data + content, and can be immediately used in certain + circumstances where cache pages might be ineligible. + Free pages can be reused at interrupt or process state. - Wired: pages that are fixed into - memory, usually for kernel purposes, but also sometimes - for special use in processes. + Wired: pages that are fixed + into memory, usually for kernel purposes, but also + sometimes for special use in processes. - Pages are most often written to disk (sort of a VM sync) - when they are in the inactive state, but active pages can - also be synced. This depends upon the CPU tracking of the - modified bit being available, and in certain situations - there can be an advantage for a block of VM pages to be - synced, whether they are active or inactive. In most common - cases, it is best to think of the inactive queue to be a - queue of relatively unused pages that might or might not be - in the process of being written to disk. Cached pages are - already synced, not mapped, but available for immediate - process use with their old association or with a new - association. Free pages are available at interrupt level, - but cached or free pages can be used at process state for - reuse. Cache pages are not adequately locked to be - available at interrupt level. + Pages are most often written to disk (sort of a VM + sync) when they are in the inactive state, but active + pages can also be synced. This depends upon the CPU + tracking of the modified bit being available, and in + certain situations there can be an advantage for a block + of VM pages to be synced, whether they are active or + inactive. In most common cases, it is best to think of + the inactive queue to be a queue of relatively unused + pages that might or might not be in the process of being + written to disk. Cached pages are already synced, not + mapped, but available for immediate process use with their + old association or with a new association. Free pages are + available at interrupt level, but cached or free pages can + be used at process state for reuse. Cache pages are not + adequately locked to be available at interrupt + level. There are some other flags (e.g., busy flag or busy - count) that might modify some of the described rules. + count) that might modify some of the described + rules. @@ -4680,16 +4697,16 @@ options SYSVMSG # enable for There are a couple of kinds of free memory. One kind is the amount of memory immediately available without paging anything else out. - That is approximately the size of cache queue + size of free - queue (with a derating factor, depending upon system - tuning). Another kind of free memory is the - total amount of VM space. That can be - complex, but is dependent upon the amount of swap space and - memory. Other kinds of free memory - descriptions are also possible, but it is relatively useless - to define these, but rather it is important to make sure - that the paging rate is kept low, and to avoid running out - of swap space. + That is approximately the size of cache queue + size of + free queue (with a derating factor, depending upon system + tuning). Another kind of free memory is + the total amount of VM space. That can + be complex, but is dependent upon the amount of swap space + and memory. Other kinds of free memory + descriptions are also possible, but it is relatively + useless to define these, but rather it is important to + make sure that the paging rate is kept low, and to avoid + running out of swap space. @@ -4700,24 +4717,26 @@ options SYSVMSG # enable for - /var/empty is a directory that the - &man.sshd.8; program uses when performing privilege separation. - The /var/empty directory is empty, owned by - root and has the schg - flag set. - - Although it is not recommended to delete this directory, to - do so you will need to unset the schg flag - first. See the &man.chflags.1; manual page for more information - (and bear in mind the answer to - the question on unsetting the schg flag). + /var/empty is a directory that + the &man.sshd.8; program uses when performing privilege + separation. The /var/empty + directory is empty, owned by root and has the + schg flag set. + + Although it is not recommended to delete this + directory, to do so you will need to unset the + schg flag first. See the + &man.chflags.1; manual page for more information (and bear + in mind the answer to the + question on unsetting the schg flag). I just changed - /etc/newsyslog.conf. How can I check + /etc/newsyslog.conf. How can I check if it does what I expect? @@ -4752,14 +4771,16 @@ options SYSVMSG # enable for - The X Window System (commonly X11) is - the most widely available windowing system capable of running - on &unix; or &unix; like systems, including &os;. - The X.Org Foundation - administers the X protocol standards, - with the current reference implementation, version 11 - release &xorg.version;, so you will often see references - shortened to X11. + The X Window System (commonly X11) + is the most widely available windowing system capable of + running on &unix; or &unix; like systems, including + &os;. The X.Org + Foundation administers the X + protocol standards, with the current reference + implementation, version 11 release &xorg.version;, so you + will often see references shortened to + X11. Many implementations are available for different architectures and operating systems. An implementation of @@ -4787,13 +4808,16 @@ options SYSVMSG # enable for &prompt.root; pkg_add -r xorg - or on systems using pkg: + or on systems using + pkg: &prompt.root; pkg install xorg - After the installation of &xorg;, follow - the instructions from the X11 Configuration section of - the &os; Handbook. + After the installation of &xorg;, follow the + instructions from the X11 + Configuration section of the &os; + Handbook. @@ -4801,27 +4825,24 @@ options SYSVMSG # enable for I tried to run X, but I get a No devices detected. error when I - type - startx. What do I do now? + type startx. What do I do now? Your system is probably running at a raised - securelevel. It is not possible to start X - at a raised securelevel because X - requires write access to &man.io.4;. For more information, - see at the &man.init.8; manual page. + securelevel. It is not possible to + start X at a raised securelevel because + X requires write access to &man.io.4;. For more + information, see at the &man.init.8; manual page. - There are two solutions to the problem: - Set your + There are two solutions to the problem: Set your securelevel back down to zero (usually in /etc/rc.conf), or run &man.xdm.1; - (or an alternative display manager) - at boot time (before the securelevel is - raised). + (or an alternative display manager) at boot time (before + the securelevel is raised). - See for more information about - running &man.xdm.1; at boot time. + See for more information + about running &man.xdm.1; at boot time. @@ -4832,14 +4853,15 @@ options SYSVMSG # enable for If you are using &man.syscons.4; (the default console - driver), you can configure &os; to support a mouse pointer on - each virtual screen. To avoid conflicting with X, + driver), you can configure &os; to support a mouse pointer + on each virtual screen. To avoid conflicting with X, &man.syscons.4; supports a virtual device called /dev/sysmouse. All mouse events received from the real mouse device are written to the &man.sysmouse.4; device via &man.moused.8;. To use your mouse on one or more virtual consoles, - and use X, see and set up + and use X, see and set up &man.moused.8;. Then edit /etc/X11/xorg.conf and @@ -4853,9 +4875,9 @@ options SYSVMSG # enable for Starting with &xorg; version 7.4, the InputDevice sections in xorg.conf are ignored in favor of - autodetected devices. To restore the old behavior, add the - following line to the ServerLayout or - ServerFlags section: + autodetected devices. To restore the old behavior, add + the following line to the ServerLayout + or ServerFlags section: Option "AutoAddDevices" "false" @@ -4870,8 +4892,8 @@ options SYSVMSG # enable for link sysmouse mouse This link can be created by restarting &man.devfs.5; - with the following command (as - root): + with the following command (as root): &prompt.root; service devfs restart @@ -4890,12 +4912,12 @@ options SYSVMSG # enable for and ZAxisMapping 4 5 to the InputDevice section of /etc/X11/xorg.conf. For example, you - might have the following InputDevice section - in /etc/X11/xorg.conf. + might have the following InputDevice + section in /etc/X11/xorg.conf. - <quote>InputDevice</quote> Section for Wheeled Mouse - in &xorg; Configuration File + <quote>InputDevice</quote> Section for Wheeled + Mouse in &xorg; Configuration File Section "InputDevice" Identifier "Mouse1" @@ -4920,18 +4942,18 @@ EndSection - My laptop has a Synaptics touchpad. Can I use - it in X? + My laptop has a Synaptics touchpad. Can I use it in + X? - Yes, you will have to configure a few things to - make it work. + Yes, you will have to configure a few things to make + it work. If you plan to use the Xorg synaptics driver you must remove moused_enable from - rc.conf. Xorg can not use - the synaptics mouse if the moused already sits on + rc.conf. Xorg can not use the + synaptics mouse if the moused already sits on /dev/psm0. To enable synaptics in the &man.psm.4; driver you need @@ -4976,35 +4998,43 @@ EndSection - What is a virtual console and how do I make more? + What is a virtual console and how do I make + more? - Virtual consoles, put simply, enable you to have several - simultaneous sessions on the same machine without doing - anything complicated like setting up a network or running - X. + Virtual consoles, put simply, enable you to have + several simultaneous sessions on the same machine without + doing anything complicated like setting up a network or + running X. When the system starts, it will display a login prompt - on the monitor after displaying all the boot messages. You - can then type in your login name and password and start - working (or playing!) on the first virtual console. + on the monitor after displaying all the boot messages. + You can then type in your login name and password and + start working (or playing!) on the first virtual + console. At some point, you will probably wish to start another - session, perhaps to look at documentation for a program you - are running or to read your mail while waiting for an FTP - transfer to finish. Just do AltF2 + session, perhaps to look at documentation for a program + you are running or to read your mail while waiting for an + FTP transfer to finish. Just do AltF2 (hold down Alt and press F2), and you will find a login prompt waiting for you on the second virtual - console! When you want to go back to the original - session, do AltF1. - - The default &os; installation has eight virtual consoles - enabled. AltF1, - AltF2, - AltF3, - and so on will switch between these virtual consoles. + console! When you want to go back to the + original session, do AltF1. + + The default &os; installation has eight virtual + consoles enabled. AltF1, + AltF2, + AltF3, + and so on will switch between these virtual + consoles. To enable more of them, edit /etc/ttys (see &man.ttys.5;) and add @@ -5021,8 +5051,8 @@ ttyvb "/usr/libexec/getty Pc" Use as many or as few as you want. The more virtual terminals you have, the more resources that are used; this - can be important if you have 8 MB RAM or less. You may - also want to change the secure to + can be important if you have 8 MB RAM or less. You + may also want to change the secure to insecure. @@ -5036,11 +5066,12 @@ ttyvb "/usr/libexec/getty Pc" If you want to run an X server you must leave at least one virtual - terminal unused (or turned off) for it to use. That is to - say that if you want to have a login prompt pop up for all - twelve of your Alt-function keys, you are out of luck - — you can only do this for eleven of them if you - also want to run an X server on the same machine. + terminal unused (or turned off) for it to use. That is + to say that if you want to have a login prompt pop up + for all twelve of your Alt-function keys, you are out of + luck — you can only do this for eleven of them if + you also want to run an X server on the same + machine. The easiest way to disable a console is by turning it @@ -5066,14 +5097,15 @@ ttyvb "/usr/libexec/getty Pc" Next, the easiest (and cleanest) way to activate the virtual consoles is to reboot. However, if you really do not want to reboot, you can just shut down the X Window - system and execute (as root): + system and execute (as root): &prompt.root; kill -HUP 1 - It is imperative that you completely shut down X Window - if it is running, before running this command. If you do not, - your system will probably appear to hang or lock up after - executing kill. + It is imperative that you completely shut down X + Window if it is running, before running this command. If + you do not, your system will probably appear to hang or + lock up after executing kill. @@ -5083,21 +5115,25 @@ ttyvb "/usr/libexec/getty Pc" - Use CtrlAltFn - to switch back to a virtual console. CtrlAltF1 + Use CtrlAltFn + to switch back to a virtual console. CtrlAltF1 would return you to the first virtual console. Once you are back to a text console, you can then use - AltFn + AltFn as normal to move between them. To return to the X session, you must switch to the virtual console running X. If you invoked X from the command line, (e.g., using startx) then the X session will attach to the next unused virtual - console, not the text console from which it was invoked. If - you have eight active virtual terminals then X will be - running on the ninth, and you would use AltF9 + console, not the text console from which it was invoked. + If you have eight active virtual terminals then X will be + running on the ninth, and you would use AltF9 to return. @@ -5110,32 +5146,32 @@ ttyvb "/usr/libexec/getty Pc" There are two schools of thought on how to start - &man.xdm.1;. One school starts xdm from - /etc/ttys (see &man.ttys.5;) using the - supplied example, while the other simply runs + &man.xdm.1;. One school starts xdm + from /etc/ttys (see &man.ttys.5;) + using the supplied example, while the other simply runs xdm from rc.local (see &man.rc.8;) or from an X script in - /usr/local/etc/rc.d. Both are equally - valid, and one may work in situations where the other does - not. In both cases the result is the same: X will pop up a - graphical login prompt. - - The &man.ttys.5; method has the advantage of documenting - which vty X will start on and passing the responsibility of - restarting the X server on logout to &man.init.8;. The - &man.rc.8; method makes it easy to kill - xdm if there is a problem starting the X - server. - - If loaded from &man.rc.8;, xdm should - be started without any arguments (i.e., as a daemon). - xdm must start + /usr/local/etc/rc.d. Both are + equally valid, and one may work in situations where the + other does not. In both cases the result is the same: X + will pop up a graphical login prompt. + + The &man.ttys.5; method has the advantage of + documenting which vty X will start on and passing the + responsibility of restarting the X server on logout to + &man.init.8;. The &man.rc.8; method makes it easy to + kill xdm if there is + a problem starting the X server. + + If loaded from &man.rc.8;, xdm + should be started without any arguments (i.e., as a + daemon). xdm must start after &man.getty.8; runs, or else getty and xdm will - conflict, locking out the console. The best way around this - is to have the script sleep 10 seconds or so then launch - xdm. + conflict, locking out the console. The best way around + this is to have the script sleep 10 seconds or so then + launch xdm. If you are to start xdm from /etc/ttys, there still is a chance of @@ -5175,8 +5211,8 @@ ttyvb "/usr/libexec/getty Pc" machine with a VTY, the &man.fbtab.5; file exists to solve such problems. - In a nutshell, make sure an uncommented line of the form - is in /etc/fbtab (see + In a nutshell, make sure an uncommented line of the + form is in /etc/fbtab (see &man.fbtab.5;): /dev/ttyv0 0600 /dev/console @@ -5193,8 +5229,8 @@ ttyvb "/usr/libexec/getty Pc" - Your mouse and the mouse driver may have somewhat become - out of synchronization. + Your mouse and the mouse driver may have somewhat + become out of synchronization. In rare cases the driver may erroneously report synchronization problem and you may see the kernel @@ -5205,15 +5241,16 @@ ttyvb "/usr/libexec/getty Pc" and notice that your mouse does not work properly. - If this happens, disable the synchronization check code - by setting the driver flags for the PS/2 mouse driver to - 0x100. This can be easiest achieved + If this happens, disable the synchronization check + code by setting the driver flags for the PS/2 mouse driver + to 0x100. This can be easiest achieved by adding hint.psm.0.flags="0x100" to - /boot/loader.conf and rebooting. + /boot/loader.conf and + rebooting. @@ -5240,8 +5277,10 @@ ttyvb "/usr/libexec/getty Pc" The detailed answer for this question can be found in - the Boot Time Splash Screens *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Tue May 13 15:39:11 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B576854C; Tue, 13 May 2014 15:39:11 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A112E2251; Tue, 13 May 2014 15:39:11 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4DFdBMn045776; Tue, 13 May 2014 15:39:11 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4DFdB84045775; Tue, 13 May 2014 15:39:11 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405131539.s4DFdB84045775@svn.freebsd.org> From: Dru Lavigne Date: Tue, 13 May 2014 15:39:11 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44819 - head/en_US.ISO8859-1/books/faq X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 May 2014 15:39:11 -0000 Author: dru Date: Tue May 13 15:39:11 2014 New Revision: 44819 URL: http://svnweb.freebsd.org/changeset/doc/44819 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/faq/book.xml Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Tue May 13 03:34:52 2014 (r44818) +++ head/en_US.ISO8859-1/books/faq/book.xml Tue May 13 15:39:11 2014 (r44819) @@ -6141,8 +6141,8 @@ Key F15 A A Menu Wo This command may be typed at the &man.ppp.8; command prompt or it may be entered in the /etc/ppp/ppp.conf configuration file - (the start of the default section is the - best place to put it). Make sure that + (the start of the default section is + the best place to put it). Make sure that /etc/syslog.conf (see &man.syslog.conf.5;) contains the lines below and the file /var/log/ppp.log exists: @@ -6500,11 +6500,11 @@ deny pred1 deflate deflate24 protocomp a set openmode active 3 - This tells &man.ppp.8; to be passive for 3 seconds, and - then to start sending LCP requests. If the peer starts - sending requests during this period, &man.ppp.8; will - immediately respond rather than waiting for the full 3 - second period. + This tells &man.ppp.8; to be passive for 3 seconds, + and then to start sending LCP requests. If the peer + starts sending requests during this period, &man.ppp.8; + will immediately respond rather than waiting for the full + 3 second period. @@ -6516,38 +6516,44 @@ deny pred1 deflate deflate24 protocomp a There is currently an implementation mis-feature in - &man.ppp.8; where it does not associate LCP, CCP & IPCP - responses with their original requests. As a result, if one - PPP implementation is more than 6 seconds slower than the - other side, the other side will send two additional LCP - configuration requests. This is fatal. - - Consider two implementations, A and - B. A starts sending LCP - requests immediately after connecting and B - takes 7 seconds to start. When B starts, - A has sent 3 LCP REQs. We are assuming the - line has ECHO switched off, otherwise we would see magic - number problems as described in the previous section. - B sends a REQ, then an ACK to the first of - A's REQs. This results in - A entering the OPENED - state and sending and ACK (the first) back to - B. In the meantime, B - sends back two more ACKs in response to the two additional - REQs sent by A before B - started up. B then receives the first ACK + &man.ppp.8; where it does not associate LCP, CCP & + IPCP responses with their original requests. As a result, + if one PPP implementation is more than 6 seconds slower + than the other side, the other side will send two + additional LCP configuration requests. This is + fatal. + + Consider two implementations, + A and B. + A starts sending LCP requests + immediately after connecting and + B takes 7 seconds to start. When + B starts, + A has sent 3 LCP REQs. We are + assuming the line has ECHO switched off, otherwise we + would see magic number problems as described in the + previous section. B sends a REQ, + then an ACK to the first of A's + REQs. This results in A entering + the OPENED state and sending and ACK + (the first) back to B. In the + meantime, B sends back two more + ACKs in response to the two additional REQs sent by + A before + B started up. + B then receives the first ACK from A and enters the - OPENED state. A - receives the second ACK from B and goes - back to the REQ-SENT state, sending - another (forth) REQ as per the RFC. It then receives the - third ACK and enters the OPENED state. - In the meantime, B receives the forth REQ - from A, resulting in it reverting to the - ACK-SENT state and sending another - (second) REQ and (forth) ACK as per the RFC. - A gets the REQ, goes into + OPENED state. + A receives the second ACK from + B and goes back to the + REQ-SENT state, sending another (forth) + REQ as per the RFC. It then receives the third ACK and + enters the OPENED state. In the + meantime, B receives the forth + REQ from A, resulting in it + reverting to the ACK-SENT state and + sending another (second) REQ and (forth) ACK as per the + RFC. A gets the REQ, goes into REQ-SENT and sends another REQ. It immediately receives the following ACK and enters OPENED. @@ -6556,15 +6562,16 @@ deny pred1 deflate deflate24 protocomp a getting nowhere and gives up. The best way to avoid this is to configure one side to - be passive — that is, make one side - wait for the other to start negotiating. This can be done - with the following command: + be passive — that is, make one + side wait for the other to start negotiating. This can be + done with the following command: set openmode passive - Care should be taken with this option. You should also - use this command to limit the amount of time that - &man.ppp.8; waits for the peer to begin negotiations: + Care should be taken with this option. You should + also use this command to limit the amount of time that + &man.ppp.8; waits for the peer to begin + negotiations: set stopped N @@ -6596,8 +6603,8 @@ deny pred1 deflate deflate24 protocomp a waiting for the command to complete. To execute commands like this, use - !bg instead. This will execute - the given command in the background, and &man.ppp.8; can + !bg instead. This will execute the + given command in the background, and &man.ppp.8; can continue to service the link. @@ -6639,14 +6646,15 @@ deny pred1 deflate deflate24 protocomp a This will log all traffic through the connection. The next time the line comes up unexpectedly, you will see the - reason logged with a convenient timestamp next to it. + reason logged with a convenient timestamp next to + it. You can now disable dialing under these circumstances. - Usually, this sort of problem arises due to DNS lookups. To - prevent DNS lookups from establishing a connection (this - will not prevent &man.ppp.8; from - passing the packets through an established connection), use - the following: + Usually, this sort of problem arises due to DNS lookups. + To prevent DNS lookups from establishing a connection + (this will not prevent &man.ppp.8; + from passing the packets through an established + connection), use the following: set dfilter 1 deny udp src eq 53 set dfilter 2 deny udp dst eq 53 @@ -6658,21 +6666,23 @@ set dfilter 3 permit 0/0 0/0 In the DNS case, you should try to determine what is - actually trying to resolve a host name. A lot of the time, - &man.sendmail.8; is the culprit. You should make sure that - you tell sendmail not to do any - DNS lookups in its configuration file. See the section on - using email with a dialup connection - in the &os; Handbook for details on how to create your own - configuration file and what should go into it. You may also - want to add the following line to + actually trying to resolve a host name. A lot of the + time, &man.sendmail.8; is the culprit. You should make + sure that you tell sendmail not + to do any DNS lookups in its configuration file. See the + section on using + email with a dialup connection in the &os; + Handbook for details on how to create your own + configuration file and what should go into it. You may + also want to add the following line to .mc: define(`confDELIVERY_MODE', `d')dnl - This will make sendmail queue - everything until the queue is run (usually, sendmail is - run with , telling it to run + This will make sendmail + queue everything until the queue is run (usually, sendmail + is run with , telling it to run the queue every 30 minutes) or until a sendmail -q is done (perhaps from your ppp.linkup). @@ -6703,7 +6713,8 @@ CCP: Received Terminate Ack (1) state = - Why does &man.ppp.8; not log my connection speed? + Why does &man.ppp.8; not log my connection + speed? @@ -6716,13 +6727,13 @@ CCP: Received Terminate Ack (1) state = This will make &man.ppp.8; log everything up until the last requested expect string. - If you wish to see your connect speed and are using PAP - or CHAP (and therefore do not have anything to + If you wish to see your connect speed and are using + PAP or CHAP (and therefore do not have anything to chat after the CONNECT in the dial script — no set login script), you must make sure that you instruct &man.ppp.8; to - expect the whole CONNECT line, something like - this: + expect the whole CONNECT line, something + like this: set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 4 \ \"\" ATZ OK-ATZ-OK ATDT\\T TIMEOUT 60 CONNECT \\c \\n" @@ -6742,18 +6753,18 @@ CCP: Received Terminate Ack (1) state = The ppp utility parses each line in your config files so that it can interpret strings - such as set phone "123 456 789" correctly - and realize that the number is actually only + such as set phone "123 456 789" + correctly and realize that the number is actually only one argument. To specify a " character, you must escape it using a backslash (\). When the chat interpreter parses each argument, it - re-interprets the argument to find any special - escape sequences such as \P or - \T (see the manual page). As a result of - this double-parsing, you must remember to use the correct - number of escapes. + re-interprets the argument to find any special escape + sequences such as \P or + \T (see the manual page). As a result + of this double-parsing, you must remember to use the + correct number of escapes. If you wish to actually send a \ character to (say) your modem, you would need something @@ -6789,17 +6800,18 @@ ATDT1234567 - The ppp utility (or any other - program for that matter) should never dump core. Because - &man.ppp.8; runs setuid (with an effective user ID of - 0), the operating system will not write - core image of &man.ppp.8; to disk before terminating it. - If, however &man.ppp.8; is actually terminating due to a - segmentation violation or some other signal that normally - causes core to be dumped, and you are - sure you are using the latest version (see the start of this - section), then you should install the system sources and do - the following: + The ppp utility (or any + other program for that matter) should never dump core. + Because &man.ppp.8; runs setuid (with an effective + user ID of 0), the operating + system will not write core image of &man.ppp.8; to disk + before terminating it. If, however &man.ppp.8; is + actually terminating due to a segmentation violation or + some other signal that normally causes core to be dumped, + and you are sure you are using the + latest version (see the start of this section), then you + should install the system sources and do the + following: &prompt.root; cd /usr/src/usr.sbin/ppp &prompt.root; echo STRIP= >> /etc/make.conf @@ -6807,10 +6819,11 @@ ATDT1234567 &prompt.root; make install clean You will now have a debuggable version of &man.ppp.8; - installed. You will have to be root to - run &man.ppp.8; as all of its privileges have been revoked. - When you start &man.ppp.8;, take a careful note of what your - current directory was at the time. + installed. You will have to be root to run &man.ppp.8; as + all of its privileges have been revoked. When you start + &man.ppp.8;, take a careful note of what your current + directory was at the time. Now, if and when &man.ppp.8; receives the segmentation violation, it will dump a core file called @@ -6829,12 +6842,13 @@ ATDT1234567 ..... All of this information should be given alongside your - question, making it possible to diagnose the problem. + question, making it possible to diagnose the + problem. If you are familiar with &man.gdb.1;, you may wish to find out some other bits and pieces such as what actually - caused the dump or the addresses and values of the relevant - variables. + caused the dump or the addresses and values of the + relevant variables. @@ -6847,61 +6861,64 @@ ATDT1234567 This was a known problem with &man.ppp.8; set up to negotiate a dynamic local IP number with the peer in - mode. It has been fixed a long time - ago — search the manual page for + mode. It has been fixed a long + time ago — search the manual page for iface. The problem was that when that initial program calls - &man.connect.2;, the IP number of the &man.tun.4; interface - is assigned to the socket endpoint. The kernel creates the - first outgoing packet and writes it to the &man.tun.4; - device. &man.ppp.8; then reads the packet and establishes a - connection. If, as a result of &man.ppp.8;'s dynamic IP - assignment, the interface address is changed, the original - socket endpoint will be invalid. Any subsequent packets - sent to the peer will usually be dropped. Even if they are - not, any responses will not route back to the originating - machine as the IP number is no longer owned by that - machine. + &man.connect.2;, the IP number of the &man.tun.4; + interface is assigned to the socket endpoint. The kernel + creates the first outgoing packet and writes it to the + &man.tun.4; device. &man.ppp.8; then reads the packet and + establishes a connection. If, as a result of + &man.ppp.8;'s dynamic IP assignment, the interface address + is changed, the original socket endpoint will be invalid. + Any subsequent packets sent to the peer will usually be + dropped. Even if they are not, any responses will not + route back to the originating machine as the IP number is + no longer owned by that machine. There are several theoretical ways to approach this - problem. It would be nicest if the peer would re-assign the - same IP number if possible. The current version of + problem. It would be nicest if the peer would re-assign + the same IP number if possible. The current version of &man.ppp.8; does this, but most other implementations do not. The easiest method from our side would be to never change the &man.tun.4; interface IP number, but instead to - change all outgoing packets so that the source IP number is - changed from the interface IP to the negotiated IP on the - fly. This is essentially what the - iface-alias option in the latest version - of &man.ppp.8; is doing (with the help of &man.libalias.3; - and &man.ppp.8;'s switch) — it - is maintaining all previous interface addresses and NATing - them to the last negotiated address. + change all outgoing packets so that the source IP number + is changed from the interface IP to the negotiated IP on + the fly. This is essentially what the + iface-alias option in the latest + version of &man.ppp.8; is doing (with the help of + &man.libalias.3; and &man.ppp.8;'s + switch) — it is maintaining all previous interface + addresses and NATing them to the last negotiated + address. Another alternative (and probably the most reliable) would be to implement a system call that changes all bound - sockets from one IP to another. &man.ppp.8; would use this - call to modify the sockets of all existing programs when a - new IP number is negotiated. The same system call could be - used by DHCP clients when they are forced - to call the bind() function for their - sockets. + sockets from one IP to another. &man.ppp.8; would use + this call to modify the sockets of all existing programs + when a new IP number is negotiated. The same system call + could be used by DHCP clients when they + are forced to call the bind() + function for their sockets. Yet another possibility is to allow an interface to be - brought up without an IP number. Outgoing packets would be - given an IP number of 255.255.255.255 up until the first - SIOCAIFADDR &man.ioctl.2; is done. This - would result in fully binding the socket. It would be up to - &man.ppp.8; to change the source IP number, but only if it - is set to 255.255.255.255, - and only the IP number and IP checksum would need to change. - This, however is a bit of a hack as the kernel would be - sending bad packets to an improperly configured interface, - on the assumption that some other mechanism is capable of - fixing things retrospectively. + brought up without an IP number. Outgoing packets would + be given an IP number of 255.255.255.255 up until + the first SIOCAIFADDR &man.ioctl.2; is + done. This would result in fully binding the socket. It + would be up to &man.ppp.8; to change the source IP number, + but only if it is set to 255.255.255.255, and only + the IP number and IP checksum would need to change. This, + however is a bit of a hack as the kernel would be sending + bad packets to an improperly configured interface, on the + assumption that some other mechanism is capable of fixing + things retrospectively. @@ -6913,26 +6930,27 @@ ATDT1234567 The reason games and the like do not work when - &man.libalias.3; is in use is that the machine on the outside - will try to open a connection or send (unsolicited) UDP - packets to the machine on the inside. The NAT software does - not know that it should send these packets to the interior - machine. + &man.libalias.3; is in use is that the machine on the + outside will try to open a connection or send + (unsolicited) UDP packets to the machine on the inside. + The NAT software does not know that it should send these + packets to the interior machine. To make things work, make sure that the only thing running is the software that you are having problems with, - then either run &man.tcpdump.1; on the &man.tun.4; interface - of the gateway or enable &man.ppp.8; TCP/IP logging - (set log +tcp/ip) on the gateway. + then either run &man.tcpdump.1; on the &man.tun.4; + interface of the gateway or enable &man.ppp.8; TCP/IP + logging (set log +tcp/ip) on the + gateway. When you start the offending software, you should see - packets passing through the gateway machine. When something - comes back from the outside, it will be dropped (that is the - problem). Note the port number of these packets then shut - down the offending software. Do this a few times to see if - the port numbers are consistent. If they are, then the - following line in the relevant section of - /etc/ppp/ppp.conf will make the + packets passing through the gateway machine. When + something comes back from the outside, it will be dropped + (that is the problem). Note the port number of these + packets then shut down the offending software. Do this a + few times to see if the port numbers are consistent. If + they are, then the following line in the relevant section + of /etc/ppp/ppp.conf will make the software functional: nat port proto internalmachine:port port @@ -6945,26 +6963,27 @@ ATDT1234567 number of the packets. You will not be able to use the software on other - machines without changing the above command, and running the - software on two internal machines at the same time is out of - the question — after all, the outside world is seeing - your entire internal network as being just a single - machine. + machines without changing the above command, and running + the software on two internal machines at the same time is + out of the question — after all, the outside world + is seeing your entire internal network as being just a + single machine. - If the port numbers are not consistent, there are three - more options: + If the port numbers are not consistent, there are + three more options: Submit support in &man.libalias.3;. Examples of special cases can be found in /usr/src/sys/netinet/libalias/alias_*.c - (alias_ftp.c is a good prototype). - This usually involves reading certain recognized - outgoing packets, identifying the instruction that tells - the outside machine to initiate a connection back to the - internal machine on a specific (random) port and setting - up a route in the alias table so that the + (alias_ftp.c is a good + prototype). This usually involves reading certain + recognized outgoing packets, identifying the + instruction that tells the outside machine to initiate + a connection back to the internal machine on a + specific (random) port and setting up a + route in the alias table so that the subsequent packets know where to go. This is the most difficult solution, but it is the @@ -6974,8 +6993,7 @@ ATDT1234567 Use a proxy. The application may support - socks5 for example, or - may have a + socks5 for example, or may have a passive option that avoids ever requesting that the peer open connections back to the local machine. @@ -6983,8 +7001,8 @@ ATDT1234567 Redirect everything to the internal machine using - nat addr. This is the sledge-hammer - approach. + nat addr. This is the + sledge-hammer approach. @@ -6996,12 +7014,12 @@ ATDT1234567 - FCS stands for Frame Check Sequence. Each - PPP packet has a checksum attached to ensure that the data - being received is the data being sent. If the FCS of an - incoming packet is incorrect, the packet is dropped and the - HDLC FCS count is increased. The HDLC error values can be - displayed using the show hdlc + FCS stands for Frame Check Sequence. Each PPP packet + has a checksum attached to ensure that the data being + received is the data being sent. If the FCS of an + incoming packet is incorrect, the packet is dropped and + the HDLC FCS count is increased. The HDLC error values + can be displayed using the show hdlc command. If your link is bad (or if your serial driver is @@ -7013,27 +7031,27 @@ ATDT1234567 problem. If your link freezes as soon as you have connected and - you see a large number of FCS errors, this may be because your - link is not 8-bit clean. Make sure your modem is not using - software flow control (XON/XOFF). If your datalink - must use software flow control, use the - command set accmap 0x000a0000 to tell - &man.ppp.8; to escape the ^Q and + you see a large number of FCS errors, this may be because + your link is not 8-bit clean. Make sure your modem is not + using software flow control (XON/XOFF). If your datalink + must use software flow control, use + the command set accmap 0x000a0000 to + tell &man.ppp.8; to escape the ^Q and ^S characters. Another reason for seeing too many FCS errors may be that the remote end has stopped talking PPP. You may want to enable - async logging at this point to determine - if the incoming data is actually a login or shell prompt. - If you have a shell prompt at the remote end, it is possible - to terminate &man.ppp.8; without dropping the line by using - close lcp (a following - term) will reconnect you to the - shell on the remote machine. + async logging at this point to + determine if the incoming data is actually a login or + shell prompt. If you have a shell prompt at the remote + end, it is possible to terminate &man.ppp.8; without + dropping the line by using close lcp (a + following term) will reconnect you to + the shell on the remote machine. - If nothing in your log file indicates why the link might - have been terminated, you should ask the remote + If nothing in your log file indicates why the link + might have been terminated, you should ask the remote administrator (your ISP?) why the session was terminated. @@ -7046,13 +7064,12 @@ ATDT1234567 - If all else fails, send as much information as you can, - including your config files, how you are starting + If all else fails, send as much information as you + can, including your config files, how you are starting &man.ppp.8;, the relevant parts of your log file and the - output of netstat -rn (before - and after connecting) to the &a.questions; - and someone should point you in the right - direction. + output of netstat -rn (before and after + connecting) to the &a.questions; and someone should point + you in the right direction. @@ -7062,7 +7079,8 @@ ATDT1234567 Serial Communications This section answers common questions about serial - communications with &os;. PPP is covered in the Networking section. + communications with &os;. PPP is covered in the Networking section. @@ -7072,8 +7090,9 @@ ATDT1234567 - There is a list of these in the Serial Communications - chapter of the handbook. + There is a list of these in the Serial + Communications chapter of the handbook. Most multi-port PCI cards that are based on 16550 or clones are supported with no extra effort. @@ -7093,7 +7112,9 @@ ATDT1234567 - See this section of the handbook. + See this + section of the handbook. @@ -7106,8 +7127,8 @@ ATDT1234567 As the &os; kernel boots, it will probe for the serial ports in your system for which the kernel was configured. - You can either watch your system closely for the messages it - prints or run this command after your system is up and + You can either watch your system closely for the messages + it prints or run this command after your system is up and running: &prompt.user; dmesg | grep -E "^sio[0-9]" @@ -7121,20 +7142,23 @@ sio1: <16550A-compatible COM port> sio1: type 16550A This shows two serial ports. The first is on - IRQ 4, is using port address 0x3f8, - and has a 16550A-type UART chip. The second uses the same - kind of chip but is on IRQ 3 and is at port address - 0x2f8. Internal modem cards are treated - just like serial ports — except that they always have - a modem attached to the port. - - The GENERIC kernel includes support - for two serial ports using the same IRQ and port address - settings in the above example. If these settings are not - right for your system, or if you have added modem cards or - have more serial ports than your kernel is configured for, - just reconfigure your kernel. See section about building a kernel for - more details. + IRQ 4, is using port address + 0x3f8, and has a 16550A-type UART chip. + The second uses the same kind of chip but is on + IRQ 3 and is at port address + 0x2f8. Internal modem cards are + treated just like serial ports — except that they + always have a modem attached to the + port. + + The GENERIC kernel includes + support for two serial ports using the same IRQ and port + address settings in the above example. If these settings + are not right for your system, or if you have added modem + cards or have more serial ports than your kernel is + configured for, just reconfigure your kernel. See section + about building a kernel + for more details. @@ -7144,34 +7168,30 @@ sio1: type 16550A - The third serial port, sio2 - (see &man.sio.4;, known as COM3 in - DOS), is on /dev/cuad2 for dial-out + The third serial port, sio2 (see + &man.sio.4;, known as COM3 in DOS), + is on /dev/cuad2 for dial-out devices, and on /dev/ttyd2 for dial-in devices. What is the difference between these two classes of devices? - You use - ttydX - for dial-ins. When opening - /dev/ttydX - in blocking mode, a process will wait for the corresponding + You use ttydX for dial-ins. When + opening /dev/ttydX in blocking mode, + a process will wait for the corresponding cuadX device to become inactive, and then wait for the carrier detect line to go active. When you open the - cuadX - device, it makes sure the serial port is not already in use - by the - ttydX - device. If the port is available, it steals - it from the + cuadX device, it makes sure the + serial port is not already in use by the ttydX - device. Also, the - cuadX - device does not care about carrier detect. With this scheme - and an auto-answer modem, you can have remote users log in - and you can still dial out with the same modem and the - system will take care of all the conflicts. + device. If the port is available, it + steals it from the + ttydX device. Also, the + cuadX device does not care about + carrier detect. With this scheme and an auto-answer + modem, you can have remote users log in and you can still + dial out with the same modem and the system will take care + of all the conflicts. @@ -7183,13 +7203,14 @@ sio1: type 16550A Again, the section on kernel configuration provides - information about configuring your kernel. For a multiport - serial card, place an &man.sio.4; line for each serial port - on the card in the &man.device.hints.5; file. But place the - IRQ specifiers on only one of the entries. All of the ports - on the card should share one IRQ. For consistency, use the - last serial port to specify the IRQ. Also, specify the - following option in the kernel configuration file: + information about configuring your kernel. For a + multiport serial card, place an &man.sio.4; line for each + serial port on the card in the &man.device.hints.5; file. + But place the IRQ specifiers on only one of the entries. + All of the ports on the card should share one IRQ. For + consistency, use the last serial port to specify the IRQ. + Also, specify the following option in the kernel + configuration file: options COM_MULTIPORT @@ -7211,9 +7232,10 @@ hint.sio.7.port="0x2b8" hint.sio.7.flags="0x701" hint.sio.7.irq="12" - The flags indicate that the master port has minor number - 7 (0x700), and all the - ports share an IRQ (0x001). + The flags indicate that the master port has minor + number 7 (0x700), + and all the ports share an IRQ + (0x001). @@ -7224,8 +7246,10 @@ hint.sio.7.irq="12" - See the Serial Communications - section in the &os; Handbook. + See the Serial + Communications section in the &os; + Handbook. @@ -7235,18 +7259,21 @@ hint.sio.7.irq="12" - Please read the section about Dial-in Services - in the &os; Handbook. + Please read the section about Dial-in + Services in the &os; Handbook. - How can I connect a dumb terminal to my &os; box? + How can I connect a dumb terminal to my &os; + box? - You can find this information in the Terminals + You can find this information in the Terminals section of the &os; Handbook. @@ -7258,13 +7285,16 @@ hint.sio.7.irq="12" - On your system, the programs &man.tip.1; and &man.cu.1; - can only access the /var/spool/lock - directory via user uucp and group - dialer. You can use the group - dialer to control who has access to - your modem or remote systems. Just add yourself to group - dialer. + On your system, the programs &man.tip.1; and + &man.cu.1; can only access the + /var/spool/lock directory via user + uucp and group + dialer. You + can use the group dialer to control who has + access to your modem or remote systems. Just add yourself + to group dialer. Alternatively, you can let everyone on your system run &man.tip.1; and &man.cu.1; by typing: @@ -7282,22 +7312,22 @@ hint.sio.7.irq="12" - &os; uses a lot of swap space even when the computer has - free memory left. Why? + &os; uses a lot of swap space even when the computer + has free memory left. Why? - &os; will proactively - move entirely idle, unused pages of main memory into swap in - order to make more main memory available for active use. - This heavy use of swap is balanced by using the extra free - memory for cacheing. + &os; will proactively move entirely idle, unused pages + of main memory into swap in order to make more main memory + available for active use. This heavy use of swap is + balanced by using the extra free memory for + cacheing. Note that while &os; is proactive in this regard, it - does not arbitrarily decide to swap pages when the system is - truly idle. Thus you will not find your system all paged - out when you get up in the morning after leaving it idle - overnight. + does not arbitrarily decide to swap pages when the system + is truly idle. Thus you will not find your system all + paged out when you get up in the morning after leaving it + idle overnight. @@ -7308,17 +7338,18 @@ hint.sio.7.irq="12" - The simple answer is that free memory is wasted memory. - Any memory that your programs do not actively allocate is - used within the &os; kernel as disk cache. The values shown - by &man.top.1; labeled as Inact, - Cache, and Buf are all - cached data at different aging levels. This cached data - means the system does not have to access a slow disk again - for data it has accessed recently, thus increasing overall - performance. In general, a low value shown for - Free memory in &man.top.1; is good, - provided it is not very low. + The simple answer is that free memory is wasted + memory. Any memory that your programs do not actively + allocate is used within the &os; kernel as disk cache. + The values shown by &man.top.1; labeled as + Inact, Cache, and + Buf are all cached data at different + aging levels. This cached data means the system does not + have to access a slow disk again for data it has accessed + recently, thus increasing overall performance. In + general, a low value shown for Free + memory in &man.top.1; is good, provided it is not + very low. @@ -7331,41 +7362,41 @@ hint.sio.7.irq="12" Symlinks do not have permissions, and by default, &man.chmod.1; will follow symlinks to change the - permissions on the source file, if possible. So if you have a file, - foo, and a symlink to that file, - bar, then this command will always - succeed. + permissions on the source file, if possible. So if you + have a file, foo, and a symlink to + that file, bar, then this command + will always succeed. &prompt.user; chmod g-w bar However, the permissions on bar will not have changed. - When changing modes of the file hierarchies rooted in the - files instead of the files themselves, - you have to use either or - together with - to make this work. See &man.chmod.1; and - &man.symlink.7; for more information. + When changing modes of the file hierarchies rooted in + the files instead of the files themselves, you have to use + either or together + with to make this work. See + &man.chmod.1; and &man.symlink.7; for more + information. does a - recursive &man.chmod.1;. Be careful - about specifying directories or symlinks to directories to - &man.chmod.1;. If you want to change the permissions of a - directory referenced by a symlink, use &man.chmod.1; - without any options and follow the symlink with a trailing - slash (/). For example, if - foo is a symlink to directory - bar, and you want to change the - permissions of foo (actually - bar), you would do something - like: + recursive &man.chmod.1;. Be + careful about specifying directories or symlinks to + directories to &man.chmod.1;. If you want to change the + permissions of a directory referenced by a symlink, use + &man.chmod.1; without any options and follow the symlink + with a trailing slash (/). For + example, if foo is a symlink to + directory bar, and you want to + change the permissions of foo + (actually bar), you would do + something like: &prompt.user; chmod 555 foo/ - With the trailing slash, &man.chmod.1; will follow the - symlink, foo, to change the + With the trailing slash, &man.chmod.1; will follow + the symlink, foo, to change the permissions of the directory, bar. @@ -7378,19 +7409,20 @@ hint.sio.7.irq="12" - Yes, you can use emulators/doscmd, a DOS - emulation program, available in the &os; Ports + Yes, you can use emulators/doscmd, + a DOS emulation program, available in the &os; Ports Collection. If doscmd will not suffice, - the add-on utility emulators/pcemu emulates an 8088 - and enough BIOS services to run many DOS text mode - applications. It requires the X Window System. - - You may also try emulators/dosbox from the &os; - Ports Collection. The main focus of this application is - emulating old DOS games using the local file system for - files. + the add-on utility emulators/pcemu + emulates an 8088 and enough BIOS services to run many DOS + text mode applications. It requires the X Window + System. + + You may also try emulators/dosbox + from the &os; Ports Collection. The main focus of this + application is emulating old DOS games using the local + file system for files. @@ -7401,29 +7433,34 @@ hint.sio.7.irq="12" *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Tue May 13 15:49:59 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D8171975; Tue, 13 May 2014 15:49:59 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C57AB2356; Tue, 13 May 2014 15:49:59 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4DFnxM8050243; Tue, 13 May 2014 15:49:59 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4DFnxnV050242; Tue, 13 May 2014 15:49:59 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405131549.s4DFnxnV050242@svn.freebsd.org> From: Dru Lavigne Date: Tue, 13 May 2014 15:49:59 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44820 - head/en_US.ISO8859-1/books/handbook/mail X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 May 2014 15:49:59 -0000 Author: dru Date: Tue May 13 15:49:59 2014 New Revision: 44820 URL: http://svnweb.freebsd.org/changeset/doc/44820 Log: Add mailer.conf example for ssmtp. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mail/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Tue May 13 15:39:11 2014 (r44819) +++ head/en_US.ISO8859-1/books/handbook/mail/chapter.xml Tue May 13 15:49:59 2014 (r44820) @@ -716,6 +716,20 @@ send-mail /usr/local/sbin/sendmail mailq /usr/local/sbin/sendmail newaliases /usr/local/sbin/sendmail + If the installation of the MTA does + not automatically update + /etc/mail/mailer.conf, edit this file in + a text editor so that it points to the new binaries. This + example points to the binaries installed by + mail/ssmtp: + + sendmail /usr/local/sbin/ssmtp +send-mail /usr/local/sbin/ssmtp +mailq /usr/libexec/sendmail/sendmail +newaliases /usr/libexec/sendmail/sendmail +hoststat /usr/libexec/sendmail/sendmail +purgestat /usr/libexec/sendmail/sendmail + Once everything is configured, it is recommended to reboot the system. Rebooting provides the opportunity to ensure that the system is correctly configured to start the new From owner-svn-doc-all@FreeBSD.ORG Tue May 13 22:06:11 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 67658387; Tue, 13 May 2014 22:06:11 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 553D823CC; Tue, 13 May 2014 22:06:11 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4DM6B2P022919; Tue, 13 May 2014 22:06:11 GMT (envelope-from hiren@svn.freebsd.org) Received: (from hiren@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4DM6BsL022918; Tue, 13 May 2014 22:06:11 GMT (envelope-from hiren@svn.freebsd.org) Message-Id: <201405132206.s4DM6BsL022918@svn.freebsd.org> From: Hiren Panchasara Date: Tue, 13 May 2014 22:06:11 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44821 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 May 2014 22:06:11 -0000 Author: hiren (src committer) Date: Tue May 13 22:06:10 2014 New Revision: 44821 URL: http://svnweb.freebsd.org/changeset/doc/44821 Log: Update my PGP key. Modified: head/share/pgpkeys/hiren.key Modified: head/share/pgpkeys/hiren.key ============================================================================== --- head/share/pgpkeys/hiren.key Tue May 13 15:49:59 2014 (r44820) +++ head/share/pgpkeys/hiren.key Tue May 13 22:06:10 2014 (r44821) @@ -1,39 +1,42 @@ +pub 2048R/8B9250E1563EDFE5 2014-05-13 [expires: 2017-05-12] + Key fingerprint = A4E2 0FA1 D878 8F3F 17E6 6F02 8B92 50E1 563E DFE5 +uid hiren panchasara +sub 2048R/EAF1BEDEBEEA242B 2014-05-13 [expires: 2017-05-12] + ]]> From owner-svn-doc-all@FreeBSD.ORG Tue May 13 23:55:53 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DD275FFC; Tue, 13 May 2014 23:55:53 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C72602C45; Tue, 13 May 2014 23:55:53 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4DNtrDq074002; Tue, 13 May 2014 23:55:53 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4DNtqSZ073994; Tue, 13 May 2014 23:55:52 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201405132355.s4DNtqSZ073994@svn.freebsd.org> From: Xin LI Date: Tue, 13 May 2014 23:55:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44822 - in head/share: security/advisories security/patches/EN-14:03 security/patches/EN-14:04 security/patches/EN-14:05 security/patches/SA-14:10 xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 May 2014 23:55:54 -0000 Author: delphij Date: Tue May 13 23:55:52 2014 New Revision: 44822 URL: http://svnweb.freebsd.org/changeset/doc/44822 Log: Add the latest advisory and 3 new errata notices: Fix OpenSSL NULL pointer deference vulnerability. [SA-14:09] Add pkg bootstrapping, configuration and public keys. [EN-14:03] Improve build repeatability for kldxref(8). [EN-14:04] Fix data corruption with ciss(4). [EN-14:05] Added: head/share/security/advisories/FreeBSD-EN-14:03.pkg.asc (contents, props changed) head/share/security/advisories/FreeBSD-EN-14:04.kldxref.asc (contents, props changed) head/share/security/advisories/FreeBSD-EN-14:05.ciss.asc (contents, props changed) head/share/security/advisories/FreeBSD-SA-14:10.openssl.asc (contents, props changed) head/share/security/patches/EN-14:03/ head/share/security/patches/EN-14:03/pkg-en-releng-8.4.patch (contents, props changed) head/share/security/patches/EN-14:03/pkg-en-releng-8.4.patch.asc (contents, props changed) head/share/security/patches/EN-14:03/pkg-en-releng-9.1.patch (contents, props changed) head/share/security/patches/EN-14:03/pkg-en-releng-9.1.patch.asc (contents, props changed) head/share/security/patches/EN-14:03/pkg-en-releng-9.2.patch (contents, props changed) head/share/security/patches/EN-14:03/pkg-en-releng-9.2.patch.asc (contents, props changed) head/share/security/patches/EN-14:04/ head/share/security/patches/EN-14:04/kldxref.patch (contents, props changed) head/share/security/patches/EN-14:04/kldxref.patch.asc (contents, props changed) head/share/security/patches/EN-14:05/ head/share/security/patches/EN-14:05/ciss.patch (contents, props changed) head/share/security/patches/EN-14:05/ciss.patch.asc (contents, props changed) head/share/security/patches/SA-14:10/ head/share/security/patches/SA-14:10/openssl.patch (contents, props changed) head/share/security/patches/SA-14:10/openssl.patch.asc (contents, props changed) Modified: head/share/xml/advisories.xml head/share/xml/notices.xml Added: head/share/security/advisories/FreeBSD-EN-14:03.pkg.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-EN-14:03.pkg.asc Tue May 13 23:55:52 2014 (r44822) @@ -0,0 +1,180 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-14:03.pkg Errata Notice + The FreeBSD Project + +Topic: pkg bootstrapping, configuration and public keys + +Category: core, packages +Module: pkg +Announced: 2014-05-13 +Credits: Baptiste Daroussin, Bryan Drewery +Affects: All versions of FreeBSD prior to 10.0-RELEASE +Corrected: 2014-04-15 23:40:47 UTC (stable/8, 8.4-STABLE) + 2014-05-13 23:24:32 UTC (releng/8.4, 8.4-RELEASE-p10) + 2014-03-11 14:48:44 UTC (stable/9, 9.2-STABLE) + 2014-05-13 23:24:14 UTC (releng/9.2, 9.2-RELEASE-p6) + 2014-05-13 23:24:14 UTC (releng/9.1, 9.1-RELEASE-p13) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +. + +I. Background + +The pkg(7) utility is the new package management tool for FreeBSD. The +FreeBSD project has provided official pkg(7) packages since October 2013 +and signed packages since the pkg-1.2 release in November 2013. The +signature checking requires known public keys to be installed locally. +The repository configuration must be installed as well. + +The base system also includes a pkg(7) bootstrap tool that installs the +latest real pkg(7) package. The bootstrap tool knows where to find the +official pkg(7) package but once that is installed the real pkg(7) will +not know where to find official packages, nor have the known public key +for signature checking. + +The bootstrap tool was also improved in 10.0-RELEASE to check the +signature on the pkg(7) package it is installing. + +II. Problem Description + +Only FreeBSD 10.0 has been released with the official repository +configuration, known public keys, and a bootstrap tool that checks the +signature of the pkg(7) package it is installing. + +To allow packages to be used on a system, the configuration must be +manually setup and keys securely fetched and installed to the proper +location. + +III. Impact + +Releases before 10.0 require manual configuration. Manually configuring the +pkg(7) signatures could result in insecurely installing the keys or leaving +the signature checking disabled. + +The bootstrap tool is not secure on releases prior to 10.0 due to not checking +the signature and could result in having an unofficial pkg(7) installed due to +MITM attacks. + +IV. Workaround + +To securely install pkg(7) on releases prior to 10.0, install it from ports +obtained from a secure portsnap checkout: + +# portsnap fetch extract +# echo "WITH_PKGNG=yes" >> /etc/make.conf +# make -C /usr/ports/ports-mgmt/pkg install clean + +If this is an existing system it may be converted to pkg(7) as well by running: + +# pkg2ng + +After this is done /usr/ports may be removed if no longer required. + +To workaround the configuration and keys being missed, apply the solution in +this Errata. + +V. Solution + +No solution is provided for pkg(7) bootstrap signature checking on releases prior +to 10.0. Upgrading to 10.0 or stable/9 after r263038 will suffice. + +To install the configuration and public key in a secure means, perform one of +the following: + +1) Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date. + +2) To update your present system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +[FreeBSD 9.2] +# fetch http://security.FreeBSD.org/patches/EN-14:03/pkg-en-releng-9.2.patch +# fetch http://security.FreeBSD.org/patches/EN-14:10/pkg-en-releng-9.2.patch.asc +# gpg --verify pkg-en-releng-9.2.patch.asc + +[FreeBSD 9.1] +# fetch http://security.FreeBSD.org/patches/EN-14:03/pkg-en-releng-9.1.patch +# fetch http://security.FreeBSD.org/patches/EN-14:10/pkg-en-releng-9.1.patch.asc +# gpg --verify pkg-en-releng-9.1.patch.asc + +[FreeBSD 8.4] +# fetch http://security.FreeBSD.org/patches/EN-14:03/pkg-en-releng-8.4.patch +# fetch http://security.FreeBSD.org/patches/EN-14:03/pkg-en-releng-8.4.patch.asc +# gpg --verify pkg-en-releng-8.4.patch.asc + +b) Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch +# cd /usr/src/etc/pkg +# mkdir -p /etc/pkg /usr/share/keys/pkg/trusted /usr/share/keys/pkg/revoked +# make install +# cd /usr/src/share/keys/pkg +# make install + +3) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +VI. Correction details + +The following list contains the revision numbers of each file that was +corrected in FreeBSD. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/8/ r264519 +releng/8.4/ r265989 +stable/9/ r263937 (*) +releng/9.1/ r265988 +releng/9.2/ r265988 +- ------------------------------------------------------------------------- + +(*) The actual required changeset consists a series of changes, including +r263023,r258550,r263050,r263053 and r263937. + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + +The latest revision of this Errata Notice is available at +http://security.FreeBSD.org/advisories/FreeBSD-EN-14:03.pkg.asc +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (FreeBSD) + +iQIcBAEBCgAGBQJTcq5IAAoJEO1n7NZdz2rnPgsP/i1EV9g4qXg9v6HvakiFFKrv +51810uJe/Eo9iujDT1TpwuYJuFQPzkW+h4JRvapaSLAMxeLsYqxj8WDuKz0eU6sW +WjaPv6LZWUG91jHbFr3uEAgLLvkc86kMI/hfSmzq5FY7gsisEKoyfdraR2E63jtp +BFARxAq9hnddck5zZiX7wCOMtvCVrvrSsozft1p885AUra+Tg9F1RuUloS0CYddD +FtUb1dPMshkHlqHqC1wGzRfBVFgX7NnXfnxIi2St1ft0tEDKIL+HQgnjU2CwKbK7 +S9ioLYbbUhyo6edpS/4+y5gJ1kVLvlelY4myBHUkSOMJrsxoIBCTuXjdnO9PL5gr +qpS9R6TQEMF5auEG5aIOwfu5t8wqczAfC4zVzbm4UPakRYPFS0NfvkDGW2Gno7Yh +iOur/JFLUOqbV9i8UwssS8OzG0cr8EzbZ3iLkVPqt1Cxuxxpx8+NYiYV3F0PMxB8 +iImoOD1BY0lS3x0gqgeZb5ssBk988aVq1cmbrUuriHuKLK/uvSaFHlGXprQyQmTn +4FEFmMNTCSMbYy3J2daEajUroiZVcBEjORPFR8QYtncRgbzB6u/AjVIo+3Uk/0hj +paC8dvBikmT7ity3b7YoOvJIJn62XVqrq9srkYowkDuLJ1E8zQqmR2eZUOmf5vG1 +u3zAXa3xup1ginA9Wi6O +=UI84 +-----END PGP SIGNATURE----- Added: head/share/security/advisories/FreeBSD-EN-14:04.kldxref.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-EN-14:04.kldxref.asc Tue May 13 23:55:52 2014 (r44822) @@ -0,0 +1,127 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-14:04.kldxref Errata Notice + The FreeBSD Project + +Topic: Build repeatability for kldxref(8) + +Category: core +Module: kldxref +Announced: 2014-05-13 +Credits: Jilles Tjoelker +Affects: All versions of FreeBSD prior to 10.0-RELEASE. +Corrected: 2014-05-13 23:35:29 UTC (stable/8, 8.4-STABLE) + 2014-05-13 23:24:32 UTC (releng/8.4, 8.4-RELEASE-p10) + 2013-12-23 22:38:41 UTC (stable/9, 9.2-STABLE) + 2014-05-13 23:24:14 UTC (releng/9.2, 9.2-RELEASE-p6) + 2014-05-13 23:24:14 UTC (releng/9.1, 9.1-RELEASE-p13) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +. + +I. Background + +The kldxref utility is used to generate hint files which list modules, their +version numbers, and the files that contain them. These hints are used by +the kernel loader to determine where to find a particular KLD module. + +II. Problem Description + +Previous versions of kldxref(8) do not use an ordered list of files when +generating the hints file. The result of kldxref(8) is equivalent but not +the same if file system layout have been changed. + +III. Impact + +The generated hint files can be different across different builds, making +unnecessary downloads for binary patch files. + +IV. Workaround + +No workaround is available. + +V. Solution + +Perform one of the following: + +1) Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date. + +2) To update your present system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch http://security.FreeBSD.org/patches/EN-14:04/kldxref.patch +# fetch http://security.FreeBSD.org/patches/EN-14:04/kldxref.patch.asc +# gpg --verify kldxref.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile the operating system using buildworld and installworld as +described in . + +3) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +VI. Correction details + +The following list contains the revision numbers of each file that was +corrected in FreeBSD. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/8/ r265990 +releng/8.4/ r265989 +stable/9/ r259799 +releng/9.1/ r265988 +releng/9.2/ r265988 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + +The latest revision of this Errata Notice is available at +http://security.FreeBSD.org/advisories/FreeBSD-EN-14:04.kldxref.asc + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (FreeBSD) + +iQIcBAEBCgAGBQJTcq5IAAoJEO1n7NZdz2rnmPgP/iPAKX2lIGwRXkrYFbNPEBSz ++Tehkgw/ReNG0iaAJql/p0LrxyGUoCwE2rpTJxxC8KB9X8Eq74DhjSNpdYaE12E2 +YFMyIyAb1b6wqU34Q7DsR9oPhqIcb9yET2dEg+s5NVSWfC7AMWdvvaJjjxtLgG4L +M9yksDAKs3AJOHEVEtluy7Do8A5W/6b5SHXENbG+AUUBtwnDBKcs9riXic/TQ1WB +vJzHwAJVznQ03bnxqjuG+gZoej6xUHusX+ih87ioKiJrcZ/5szq2C6LIUnRnAA66 +6b/szBJ3gRBweOKeopESIcZfwaLCd53EX9/r9vqAfXK6+3uqoIXzkZCyzo+cgSwa ++88SmZ3/4dao24JPoLbVupIyU0CJjmoLsV9jVCrC/fbkUFTxq7Cgbxeai3rmrpXC +p11FXPJd4cOgwuQYUw3rowtoq8z8Wn3PI073SzwT2OZg4SgXRUn+FzGpMWwqbWoa +1idQ9KSM/pFkoa7bdK5S7mYtp7jU9HQeiTXZYYF1S3URr2XpE1vyUFVOuDJpGkkW +KIT/hdy02wGzPPGjQoFkSR2KpUmJr2zHhVSUdt7a8vvYhbZBR21sBIUNKSoWkYtC +2CQXF4pFBHO/i79RiEU+2E1CKWpsqoHnvnKNRq3Bp54aaU9xa4YcRwRJ7lj9RALm ++igNrZJMo3yw3gs89uGp +=W4to +-----END PGP SIGNATURE----- Added: head/share/security/advisories/FreeBSD-EN-14:05.ciss.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-EN-14:05.ciss.asc Tue May 13 23:55:52 2014 (r44822) @@ -0,0 +1,127 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-14:05.ciss Errata Notice + The FreeBSD Project + +Topic: data corruption with ciss(4) + +Category: core +Module: ciss +Announced: 2014-05-13 +Credits: Sean Bruno +Affects: FreeBSD 10.x and FreeBSD 9.x +Corrected: 2014-04-15 17:52:22 UTC (stable/9, 9.2-STABLE) + 2014-05-13 23:24:14 UTC (releng/9.2, 9.2-RELEASE-p6) + 2014-05-13 23:24:14 UTC (releng/9.1, 9.1-RELEASE-p13) + 2014-04-15 17:49:47 UTC (stable/10, 10.0-STABLE) + 2014-05-13 23:22:28 UTC (releng/10.0, 10.0-RELEASE-p3) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +. + +I. Background + +The ciss driver supports HP Smart Array line of hardware RAID controllers. + +II. Problem Description + +There is a programming error discovered in the ciss(4) driver, where a missing +lock can trigger a failed assertion when the volume state changes, such as +disk failure or a disk rebuild. + +III. Impact + +Systems using the ciss(4) driver may experience system crashes or data +corruption when the volume state change. + +IV. Workaround + +No workaround is available, but systems that do not use ciss(4) devices are +not affected. + +V. Solution + +Perform one of the following: + +1) Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date. + +2) To update your present system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch http://security.FreeBSD.org/patches/EN-14:05/ciss.patch +# fetch http://security.FreeBSD.org/patches/EN-14:05/ciss.patch.asc +# gpg --verify ciss-10.patch.asc + +b) Apply the patch. + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile your kernel as described in + and reboot the +system. + +3) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +VI. Correction details + +The following list contains the revision numbers of each file that was +corrected in FreeBSD. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/9/ r264511 +releng/9.1/ r265988 +releng/9.2/ r265988 +stable/10/ r264510 +releng/10.0/ r265987 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + +The latest revision of this Errata Notice is available at +http://security.FreeBSD.org/advisories/FreeBSD-EN-14:05.ciss.asc + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (FreeBSD) + +iQIcBAEBCgAGBQJTcq5IAAoJEO1n7NZdz2rnNqAQAJCfdCBubWSDRO/dsSaqK6yT +bnPY4Xly523ABRCQySe0vajSIK1qqfE0bAmhYa/7BTMqyJKz0BRhx819D8SiWNS9 +Hdy4yU/hOjBkbT6KAtpBaSUNXX4ODWaNbd78c+uDSvj9UeQgrunAQC7OJR6iYWuq +25fBUXgovSr4g9puNyBs8sH+c7IzbG4HvhoPrjRDwdasEyCBzx6RggpnxusfVsd9 +91Eg/WPG3hIJW6kaHOWWeVwz4vCRZjv0u7myeJBcAa7gcwDX/J2DHeDrG60O3BNY +/fZT2UcfDxE0rEVuVnV3Vc0XkIQjuNk7G9SkGjH4Zdx+I34UT05cxU5ZrdpKNiGL +fjbo4H/KBML4agRGAPzeo3KU3rxOUmss+mh7Mu+CVoZP5uQUr1sEUkfQ+FkJjjbv +es47Ij6ZmfGyUPuVKVCW34bXm6Ieyc0QZ10kRv8paOmPsWBA+WYWGibEhvwp5v0p +AHdlGGO/FpOac4h/YEqOh6ryN8QldjCI+SCqkfs38DjeTX5IWecgax586oH7BpJm +RGc/fgx3YSO8tmMaTwKZm5VVlujsld6t95XrA2dGWOhiWcRsoWGs+SaUTNf5Y0Te +k2vD7tMsk37PG4jbp7pk4FH2Mfb9KRHe82ebdOnkOj4C5kWIB8FwYJyMIjDl3C4r +OdXZDrbyKh/swjJZJIuP +=orSF +-----END PGP SIGNATURE----- Added: head/share/security/advisories/FreeBSD-SA-14:10.openssl.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-SA-14:10.openssl.asc Tue May 13 23:55:52 2014 (r44822) @@ -0,0 +1,140 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-SA-14:10.openssl Security Advisory + The FreeBSD Project + +Topic: OpenSSL NULL pointer deference vulnerability + +Category: contrib +Module: openssl +Announced: 2014-05-13 +Affects: FreeBSD 10.x. +Corrected: 2014-05-13 23:19:16 UTC (stable/10, 10.0-STABLE) + 2014-05-13 23:22:28 UTC (releng/10.0, 10.0-RELEASE-p3) +CVE Name: CVE-2014-0198 + +For general information regarding FreeBSD Security Advisories, +including descriptions of the fields above, security branches, and the +following sections, please visit . + +I. Background + +FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is +a collaborative effort to develop a robust, commercial-grade, full-featured +Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) +and Transport Layer Security (TLS v1) protocols as well as a full-strength +general purpose cryptography library. + +The TLS protocol supports an alert protocol which can be used to signal the +other party with certain failures in the protocol context that may require +immediate termination of the connection. + +II. Problem Description + +An attacker can trigger generation of an SSL alert which could cause a null +pointer deference. + +III. Impact + +An attacker may be able to cause a service process that uses OpenSSL to crash, +which can be used in a denial-of-service attack. + +IV. Workaround + +No workaround is available, but systems that do not use OpenSSL to implement +the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) +protocols, or not using SSL_MODE_RELEASE_BUFFERS and use the same process +to handle multiple SSL connections, are not vulnerable. + +The FreeBSD base system service daemons and utilities do not use the +SSL_MODE_RELEASE_BUFFERS mode. However, many third party software uses this +mode to reduce their memory footprint and may therefore be affected by this +issue. + +V. Solution + +Perform one of the following: + +1) Upgrade your vulnerable system to a supported FreeBSD stable or +release / security branch (releng) dated after the correction date. + +2) To update your vulnerable system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch http://security.FreeBSD.org/patches/SA-14:10/openssl.patch +# fetch http://security.FreeBSD.org/patches/SA-14:10/openssl.patch.asc +# gpg --verify openssl.patch.asc + +b) Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +Recompile the operating system using buildworld and installworld as +described in . + +Restart all deamons using the library, or reboot the system. + +3) To update your vulnerable system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +VI. Correction details + +The following list contains the correction revision numbers for each +affected branch. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/10/ r265986 +releng/10.0/ r265987 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + + + + + + + +The latest revision of this advisory is available at + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (FreeBSD) + +iQIcBAEBCgAGBQJTcq5IAAoJEO1n7NZdz2rnNb4QAODp1Pxk3GlTwlptWQkC+DJb +bwd2RRtkvkz677JIbdtyM7b5POgUih/NtAF9Yyy/pg8IJcSRiv0f7F5L+maV9nee +KGb27zizWOgIqor6HhRAv2OniVN271OfoyCkt0xRmigBR6dQ80iBVuCk6McvxvjL +5Yfw8wtfF8zAo5p1d4V3EEPOIVPwgJ31YnB/sVv+SyV6Ldl5DS0Gp1Cm9KjvaJUI +CUIljIaH6AFuzs671V4DpuFPtFPIsvGUhEdpf6+ypVJN1J/D+BNRvoIX1zxou4Kf +34qB6cs/LlyBKCPctK/qLU7UScNsuUItpWrw5ESHFHdgsTr8XA9POxU72wlCRCoQ +T2A6zIqPQRgCWfrPnmJNwLN9riMQGc2oFBXd19iITyc8/7OcXAFnzIy+zu++jZp6 +rMwGIUCg5UKkSGVWnoYyS/1SQRYqi4MzUqC/AwpQHKoE5CqUzVCJ7zGTFcsie0o4 +wfWoFlkgbNl0Attn4HLuXncjvGVCMeWqUERKBU7xIxC1D5PKXF5QmCUqlZrddBaw +ATIFsPEopu2bX/+sbgcGKSF5WAWwdT92vIgarjW3UkKDYihRNKusrOwp3sue7Iw+ +QIweOaJLqpSnfQ3me62I3fWYjRwceeASeTx7dYdxrK1Dx5DnlN8gGwwhl/7cvoWe +Xm6DqYXeQRsIxZ7Ng/PO +=4EYM +-----END PGP SIGNATURE----- Added: head/share/security/patches/EN-14:03/pkg-en-releng-8.4.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-14:03/pkg-en-releng-8.4.patch Tue May 13 23:55:52 2014 (r44822) @@ -0,0 +1,232 @@ +Index: etc/Makefile +=================================================================== +--- etc/Makefile (revision 265457) ++++ etc/Makefile (working copy) +@@ -172,6 +172,7 @@ distribution: + ${_+_}cd ${.CURDIR}/devd; ${MAKE} install + ${_+_}cd ${.CURDIR}/gss; ${MAKE} install + ${_+_}cd ${.CURDIR}/periodic; ${MAKE} install ++ ${_+_}cd ${.CURDIR}/pkg; ${MAKE} install + ${_+_}cd ${.CURDIR}/rc.d; ${MAKE} install + ${_+_}cd ${.CURDIR}/../gnu/usr.bin/send-pr; ${MAKE} etc-gnats-freefall + ${_+_}cd ${.CURDIR}/../share/termcap; ${MAKE} etc-termcap +Index: etc/mtree/BSD.root.dist +=================================================================== +--- etc/mtree/BSD.root.dist (revision 265457) ++++ etc/mtree/BSD.root.dist (working copy) +@@ -52,6 +52,8 @@ + weekly + .. + .. ++ pkg ++ .. + ppp + .. + rc.d +Index: etc/mtree/BSD.usr.dist +=================================================================== +--- etc/mtree/BSD.usr.dist (revision 265457) ++++ etc/mtree/BSD.usr.dist (working copy) +@@ -340,6 +340,14 @@ + .. + info + .. ++ keys ++ pkg ++ revoked ++ .. ++ trusted ++ .. ++ .. ++ .. + locale + UTF-8 + .. +Index: etc/pkg/FreeBSD.conf +=================================================================== +--- etc/pkg/FreeBSD.conf (revision 0) ++++ etc/pkg/FreeBSD.conf (working copy) +@@ -0,0 +1,16 @@ ++# $FreeBSD$ ++# ++# To disable this repository, instead of modifying or removing this file, ++# create a /usr/local/etc/pkg/repos/FreeBSD.conf file: ++# ++# mkdir -p /usr/local/etc/pkg/repos ++# echo "FreeBSD: { enabled: no }" > /usr/local/etc/pkg/repos/FreeBSD.conf ++# ++ ++FreeBSD: { ++ url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest", ++ mirror_type: "srv", ++ signature_type: "fingerprints", ++ fingerprints: "/usr/share/keys/pkg", ++ enabled: yes ++} +Index: etc/pkg/Makefile +=================================================================== +--- etc/pkg/Makefile (revision 0) ++++ etc/pkg/Makefile (working copy) +@@ -0,0 +1,10 @@ ++# $FreeBSD$ ++ ++NO_OBJ= ++ ++FILES= FreeBSD.conf ++ ++FILESDIR= /etc/pkg ++FILESMODE= 644 ++ ++.include +Index: share/Makefile +=================================================================== +--- share/Makefile (revision 265457) ++++ share/Makefile (working copy) +@@ -9,6 +9,7 @@ SUBDIR= ${_colldef} \ + ${_dict} \ + ${_doc} \ + ${_examples} \ ++ keys \ + ${_man} \ + ${_me} \ + misc \ +Index: share/keys/Makefile +=================================================================== +--- share/keys/Makefile (revision 0) ++++ share/keys/Makefile (working copy) +@@ -0,0 +1,5 @@ ++# $FreeBSD$ ++ ++SUBDIR= pkg ++ ++.include +Index: share/keys/pkg/Makefile +=================================================================== +--- share/keys/pkg/Makefile (revision 0) ++++ share/keys/pkg/Makefile (working copy) +@@ -0,0 +1,5 @@ ++# $FreeBSD$ ++ ++SUBDIR= trusted ++ ++.include +Index: share/keys/pkg/trusted/Makefile +=================================================================== +--- share/keys/pkg/trusted/Makefile (revision 0) ++++ share/keys/pkg/trusted/Makefile (working copy) +@@ -0,0 +1,10 @@ ++# $FreeBSD$ ++ ++NO_OBJ= ++ ++FILES= pkg.freebsd.org.2013102301 ++ ++FILESDIR= /usr/share/keys/pkg/trusted ++FILESMODE= 644 ++ ++.include +Index: share/keys/pkg/trusted/pkg.freebsd.org.2013102301 +=================================================================== +--- share/keys/pkg/trusted/pkg.freebsd.org.2013102301 (revision 0) ++++ share/keys/pkg/trusted/pkg.freebsd.org.2013102301 (working copy) +@@ -0,0 +1,4 @@ ++# $FreeBSD$ ++ ++function: "sha256" ++fingerprint: "b0170035af3acc5f3f3ae1859dc717101b4e6c1d0a794ad554928ca0cbb2f438" +Index: share/man/man7/hier.7 +=================================================================== +--- share/man/man7/hier.7 (revision 265457) ++++ share/man/man7/hier.7 (working copy) +@@ -32,7 +32,7 @@ + .\" @(#)hier.7 8.1 (Berkeley) 6/5/93 + .\" $FreeBSD$ + .\" +-.Dd May 25, 2008 ++.Dd October 29, 2013 + .Dt HIER 7 + .Os + .Sh NAME +@@ -546,6 +546,16 @@ ASCII text files used by various games + device description file for device name + .It Pa info/ + GNU Info hypertext system ++.It Pa keys/ ++known trusted and revoked keys. ++.Bl -tag -width ".Pa keys/pkg/" -compact ++.It Pa keys/pkg/ ++fingerprints for ++.Xr pkg 7 ++and ++.Xr pkg 8 ++.El ++.Pp + .It Pa locale/ + localization files; + see +Index: usr.sbin/pkg/pkg.c +=================================================================== +--- usr.sbin/pkg/pkg.c (revision 265457) ++++ usr.sbin/pkg/pkg.c (working copy) +@@ -284,13 +284,10 @@ bootstrap_pkg(void) + { + struct url *u; + FILE *remote; +- FILE *config; +- char *site; + struct dns_srvinfo *mirrors, *current; + /* To store _https._tcp. + hostname + \0 */ + char zone[MAXHOSTNAMELEN + 13]; + char url[MAXPATHLEN]; +- char conf[MAXPATHLEN]; + char abi[BUFSIZ]; + char tmppkg[MAXPATHLEN]; + char buf[10240]; +@@ -306,7 +303,6 @@ bootstrap_pkg(void) + max_retry = 3; + ret = -1; + remote = NULL; +- config = NULL; + current = mirrors = NULL; + + printf("Bootstrapping pkg please wait\n"); +@@ -387,26 +383,6 @@ bootstrap_pkg(void) + if ((ret = extract_pkg_static(fd, pkgstatic, MAXPATHLEN)) == 0) + ret = install_pkg_static(pkgstatic, tmppkg); + +- snprintf(conf, MAXPATHLEN, "%s/etc/pkg.conf", +- getenv("LOCALBASE") ? getenv("LOCALBASE") : _LOCALBASE); +- +- if (access(conf, R_OK) == -1) { +- site = strrchr(url, '/'); +- if (site == NULL) +- goto cleanup; +- site[0] = '\0'; +- site = strrchr(url, '/'); +- if (site == NULL) +- goto cleanup; +- site[0] = '\0'; +- +- config = fopen(conf, "w+"); +- if (config == NULL) +- goto cleanup; +- fprintf(config, "packagesite: %s\n", url); +- fclose(config); +- } +- + goto cleanup; + + fetchfail: +@@ -423,7 +399,11 @@ cleanup: + + static const char confirmation_message[] = + "The package management tool is not yet installed on your system.\n" +-"Do you want to fetch and install it now? [y/N]: "; ++"The mechanism for doing this is not secure on FreeBSD 8. To securely install\n" ++"pkg(8), use ports from a portsnap checkout:\n" ++" # portsnap fetch extract\n" ++" # make -C /usr/ports/ports-mgmt/pkg install clean\n" ++"Do you still want to fetch and install it now? [y/N]: "; + + static int + pkg_query_yes_no(void) Added: head/share/security/patches/EN-14:03/pkg-en-releng-8.4.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-14:03/pkg-en-releng-8.4.patch.asc Tue May 13 23:55:52 2014 (r44822) @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (FreeBSD) + +iQIcBAABCgAGBQJTcq56AAoJEO1n7NZdz2rn7uAP/Aj/qkmd/B1E5OcnVndzFdVV +wk7qiDIfo3SckWu0Mz3j45qKgZLYvPgnY4ensL8IuOT2RzLVj9PP9Bqy3aEZquPf +6kYCOGDI8B2wZm8o6aRYPlRAY97OvrEucGFWk6kQCCpak4HmntqvIBmaTqeZ7tKV +lohRBdVNBvYdO89IK3K4hbVReVP2D2qg6U6lZuj0RNLKjVTD8NtUqJMkwQQJTYK9 +3BAsiqZM7QFo/E85aP11/Ox14SYov4VQ5zONl2OhshbL4dANrVUGZxh2/ecaN2pv +k+TGCHzd/o6fdopTawZTUqBLRt+Pbj5VCCVWqxszoA5xfIsLmFt9hNTGtzNnevVZ +WjKDba4nyzQoEwig58jbMIKV0eKjvOOmvOAK80EBd9gAOftcsNiFMIuDBkAy0z6j +1mHlQZJXcg4PjOgmzGgZjQrTOiwfGpsisbBnmOhMuBPhrglv7n5QCg5k91i8EBqQ +AWpTY+UcxuFKn2CkEjubppwxf9kqBvK7ClO8gpsJxERjCVPkop8hJfiw9EG+Jzkp +fp4pIeajT+Dj6pAS+Y64tjkClPVTDKEK0H2Ut3d44DO8RUrAgXSWwgqRWNeQQvcM +U4HIuY8+Qt4Ue8NECGYlpJ/RvsoKROiM0hcQH7auGOqsUkdr9k9kA4ICABy43SK6 +KO7yxSd7x7hFFuUVMpV3 +=pIs3 +-----END PGP SIGNATURE----- Added: head/share/security/patches/EN-14:03/pkg-en-releng-9.1.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-14:03/pkg-en-releng-9.1.patch Tue May 13 23:55:52 2014 (r44822) @@ -0,0 +1,229 @@ +Index: etc/Makefile +=================================================================== +--- etc/Makefile (revision 265457) ++++ etc/Makefile (working copy) +@@ -205,6 +205,7 @@ distribution: + ${_+_}cd ${.CURDIR}/devd; ${MAKE} install + ${_+_}cd ${.CURDIR}/gss; ${MAKE} install + ${_+_}cd ${.CURDIR}/periodic; ${MAKE} install ++ ${_+_}cd ${.CURDIR}/pkg; ${MAKE} install + ${_+_}cd ${.CURDIR}/rc.d; ${MAKE} install + ${_+_}cd ${.CURDIR}/../gnu/usr.bin/send-pr; ${MAKE} etc-gnats-freefall + ${_+_}cd ${.CURDIR}/../share/termcap; ${MAKE} etc-termcap +Index: etc/mtree/BSD.root.dist +=================================================================== +--- etc/mtree/BSD.root.dist (revision 265457) ++++ etc/mtree/BSD.root.dist (working copy) +@@ -52,6 +52,8 @@ + weekly + .. + .. ++ pkg ++ .. + ppp + .. + rc.d +Index: etc/mtree/BSD.usr.dist +=================================================================== +--- etc/mtree/BSD.usr.dist (revision 265457) ++++ etc/mtree/BSD.usr.dist (working copy) +@@ -398,6 +398,14 @@ + .. + .. + .. ++ keys ++ pkg ++ revoked ++ .. ++ trusted ++ .. ++ .. ++ .. + locale + UTF-8 + .. +Index: etc/pkg/FreeBSD.conf +=================================================================== +--- etc/pkg/FreeBSD.conf (revision 0) ++++ etc/pkg/FreeBSD.conf (working copy) +@@ -0,0 +1,16 @@ ++# $FreeBSD$ ++# ++# To disable this repository, instead of modifying or removing this file, ++# create a /usr/local/etc/pkg/repos/FreeBSD.conf file: ++# ++# mkdir -p /usr/local/etc/pkg/repos ++# echo "FreeBSD: { enabled: no }" > /usr/local/etc/pkg/repos/FreeBSD.conf ++# ++ ++FreeBSD: { ++ url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest", ++ mirror_type: "srv", ++ signature_type: "fingerprints", ++ fingerprints: "/usr/share/keys/pkg", ++ enabled: yes ++} +Index: etc/pkg/Makefile +=================================================================== +--- etc/pkg/Makefile (revision 0) ++++ etc/pkg/Makefile (working copy) +@@ -0,0 +1,10 @@ ++# $FreeBSD$ ++ ++NO_OBJ= ++ ++FILES= FreeBSD.conf ++ ++FILESDIR= /etc/pkg ++FILESMODE= 644 ++ ++.include +Index: share/Makefile +=================================================================== +--- share/Makefile (revision 265457) ++++ share/Makefile (working copy) +@@ -10,6 +10,7 @@ SUBDIR= ${_colldef} \ + ${_doc} \ + ${_examples} \ + ${_i18n} \ ++ keys \ + ${_man} \ + ${_me} \ + misc \ +Index: share/keys/Makefile +=================================================================== +--- share/keys/Makefile (revision 0) ++++ share/keys/Makefile (working copy) +@@ -0,0 +1,5 @@ ++# $FreeBSD$ ++ ++SUBDIR= pkg ++ ++.include +Index: share/keys/pkg/Makefile +=================================================================== +--- share/keys/pkg/Makefile (revision 0) ++++ share/keys/pkg/Makefile (working copy) +@@ -0,0 +1,5 @@ ++# $FreeBSD$ ++ ++SUBDIR= trusted ++ ++.include +Index: share/keys/pkg/trusted/Makefile +=================================================================== +--- share/keys/pkg/trusted/Makefile (revision 0) ++++ share/keys/pkg/trusted/Makefile (working copy) +@@ -0,0 +1,10 @@ ++# $FreeBSD$ ++ ++NO_OBJ= ++ ++FILES= pkg.freebsd.org.2013102301 ++ ++FILESDIR= /usr/share/keys/pkg/trusted ++FILESMODE= 644 ++ ++.include +Index: share/keys/pkg/trusted/pkg.freebsd.org.2013102301 +=================================================================== +--- share/keys/pkg/trusted/pkg.freebsd.org.2013102301 (revision 0) ++++ share/keys/pkg/trusted/pkg.freebsd.org.2013102301 (working copy) +@@ -0,0 +1,4 @@ ++# $FreeBSD$ ++ ++function: "sha256" ++fingerprint: "b0170035af3acc5f3f3ae1859dc717101b4e6c1d0a794ad554928ca0cbb2f438" +Index: share/man/man7/hier.7 +=================================================================== +--- share/man/man7/hier.7 (revision 265457) ++++ share/man/man7/hier.7 (working copy) +@@ -32,7 +32,7 @@ + .\" @(#)hier.7 8.1 (Berkeley) 6/5/93 + .\" $FreeBSD$ + .\" +-.Dd May 25, 2008 ++.Dd October 29, 2013 + .Dt HIER 7 + .Os + .Sh NAME +@@ -546,6 +546,16 @@ ASCII text files used by various games + device description file for device name + .It Pa info/ + GNU Info hypertext system ++.It Pa keys/ ++known trusted and revoked keys. ++.Bl -tag -width ".Pa keys/pkg/" -compact *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Wed May 14 00:03:54 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 673C6E47; Wed, 14 May 2014 00:03:54 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 54F7F2E65; Wed, 14 May 2014 00:03:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4E03sW3079247; Wed, 14 May 2014 00:03:54 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4E03sbM079246; Wed, 14 May 2014 00:03:54 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201405140003.s4E03sbM079246@svn.freebsd.org> From: Xin LI Date: Wed, 14 May 2014 00:03:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44823 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 May 2014 00:03:54 -0000 Author: delphij Date: Wed May 14 00:03:53 2014 New Revision: 44823 URL: http://svnweb.freebsd.org/changeset/doc/44823 Log: Correct last advisory's name. Modified: head/share/xml/advisories.xml Modified: head/share/xml/advisories.xml ============================================================================== --- head/share/xml/advisories.xml Tue May 13 23:55:52 2014 (r44822) +++ head/share/xml/advisories.xml Wed May 14 00:03:53 2014 (r44823) @@ -14,7 +14,7 @@ 13 - FreeBSD-SA-14:09.openssl + FreeBSD-SA-14:10.openssl From owner-svn-doc-all@FreeBSD.ORG Wed May 14 02:50:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3CE82C83; Wed, 14 May 2014 02:50:12 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 28CBD2B05; Wed, 14 May 2014 02:50:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4E2oCo7053158; Wed, 14 May 2014 02:50:12 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4E2oCDO053157; Wed, 14 May 2014 02:50:12 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405140250.s4E2oCDO053157@svn.freebsd.org> From: Dru Lavigne Date: Wed, 14 May 2014 02:50:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44824 - head/en_US.ISO8859-1/books/faq X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 May 2014 02:50:12 -0000 Author: dru Date: Wed May 14 02:50:11 2014 New Revision: 44824 URL: http://svnweb.freebsd.org/changeset/doc/44824 Log: Fix some grammos noticed in previous whitespace fixes. Reword to remove i.e., simply, and please. This whole document needs a thorough editorial review and a tech review to remove outdated material. Much of this material belongs in, or is already in, the Handbook. Many more commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/faq/book.xml Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Wed May 14 00:03:53 2014 (r44823) +++ head/en_US.ISO8859-1/books/faq/book.xml Wed May 14 02:50:11 2014 (r44824) @@ -72,7 +72,7 @@ This is the FAQ for &os; versions &rel3.relx;, &rel2.relx; and &rel.relx;. Every effort has been made to make this FAQ as informative as possible; if you have any suggestions as to - how it may be improved, please feel free to mail them to the + how it may be improved, send them to the &a.doc;. The latest version of this document is always available @@ -114,7 +114,7 @@ users all over the world in their work, education and recreation. - For more detailed information on &os;, please see the + For more detailed information on &os;, refer to the &os; Handbook. @@ -143,8 +143,8 @@ If you have serious license concerns, read the actual license. - For the simply curious, the license can be summarized like - this. + The license can be summarized like + this: @@ -605,7 +605,7 @@ problem report submission interface can be used to submit problem reports through a web browser. - Before submitting a problem report, please read Before submitting a problem report, read Writing &os; Problem Reports, an article on how to write good problem reports. @@ -899,10 +899,10 @@ - All the other formats generate one file, - called type.format (i.e., + All the other formats generate one file. For + example, article.pdf, - book.html, and so on). + book.html, and so on. These files are then compressed using either the zip or @@ -1019,7 +1019,7 @@ Channel #FreeBSD on RUSNET - is a russian-language oriented channel dedicated to + is a Russian language channel dedicated to helping &os; users. This is also good place for non-technical discussions. @@ -1027,8 +1027,8 @@ Channel #bsdchat on Freenode is - a Traditional-Chinese (UTF-8 encoding) language - oriented channel dedicated to helping &os; users. + a Traditional Chinese (UTF-8 encoding) language + channel dedicated to helping &os; users. This is also good place for non-technical discussions. @@ -1077,7 +1077,7 @@ BSD Certification Group, Inc. provides system administration certifications for DragonFly BSD, - &os;, NetBSD, OpenBSD. If you are interested in them, + &os;, NetBSD, and OpenBSD. If you are interested in them, visit their site. @@ -1827,8 +1827,8 @@ It is not possible to remove data using the mouse. However, it is possible to copy and paste. - Once you get the mouse daemon running (see the previous question) hold down + Once you get the mouse daemon running as described in the previous question, hold down button 1 (left button) and move the mouse to select a region of text. Then, press button 2 (middle button) to paste it at the text cursor. Pressing button 3 (right @@ -2154,7 +2154,7 @@ bindkey ^[[3~ delete-char # for xterm

              - If your machine is lightly loaded, and you are simply + If the machine is lightly loaded and you are running a very large number of processes, you can adjust this with the kern.maxproc tunable. If this tunable needs adjustment it needs to be defined in @@ -2327,7 +2327,7 @@ to /etc/mail/sendmail.cf. This error message indicates you have exhausted the number of available file descriptors on your system. - Please see the kern.maxfiles section of the Tuning @@ -2504,9 +2504,9 @@ kern.timecounter.hardware: TSC -> i82 This error does not mean that the &man.touch.1; utility is missing. The error is instead probably due to the dates of the files being set sometime in the future. - If your CMOS-clock is set to local time you need to run - the command adjkerntz -i to adjust - the kernel clock when booting into single user + If your CMOS-clock is set to local time, run + adjkerntz -i to adjust + the kernel clock when booting into single-user mode.               @@ -2523,7 +2523,7 @@ kern.timecounter.hardware: TSC -> i82 - Please take a look at Refer to the ports page for info on software packages ported to &os;. The list currently tops &os.numports; and is @@ -2589,8 +2589,9 @@ kern.timecounter.hardware: TSC -> i82 - Yes. Please see http://www.FreeBSD.org/java/. + Yes. Refer to http://www.FreeBSD.org/java/ + for more information. @@ -2611,8 +2612,8 @@ kern.timecounter.hardware: TSC -> i82 information on how to do this. If you are up to date, then someone might have committed a change to the port which works for -CURRENT but which - broke the port for -STABLE. Please - submit a bug report on this with the &man.send-pr.1; + broke the port for -STABLE. + Submit a bug report with the &man.send-pr.1; command, since the Ports Collection is supposed to work for both the -CURRENT and -STABLE branches. @@ -2637,7 +2638,7 @@ kern.timecounter.hardware: TSC -> i82 WITH_* or WITHOUT_* variables being set in make.conf. If - you suspect that this is the case, please try to make + you suspect that this is the case, try to make INDEX with those make variables turned off before reporting it to &a.ports;. @@ -2764,7 +2765,7 @@ kern.timecounter.hardware: TSC -> i82 - The open-source Apache + The open source Apache OpenOffice and LibreOffice office suites work natively on &os;. @@ -2919,7 +2920,7 @@ kern.timecounter.hardware: TSC -> i82 tree is different from the one used to build the currently running system (e.g., you are compiling &rel.current;-RELEASE on a &rel2.current;-RELEASE - system). If you are attempting an upgrade, please + system). If you are attempting an upgrade, read /usr/src/UPDATING, paying particular attention to the COMMON ITEMS section at the end. @@ -3029,7 +3030,7 @@ kern.sched.name: ULE /dev), flags, and links tend to screw that up. You need to use tools that understand these things, which means &man.dump.8;. Although it is - suggested that you move the data in single user mode, it + suggested that you move the data in single-user mode, it is not required. You should never use anything but &man.dump.8; and @@ -3121,8 +3122,8 @@ kern.sched.name: ULE Long answer: Soft Updates has two characteristics that may be undesirable on certain partitions. First, a Soft Updates partition has a small chance of losing data - during a system crash. (The partition will not be - corrupted; the data will simply be lost.) Second, Soft + during a system crash. The partition will not be + corrupted as the data will simply be lost. Second, Soft Updates can cause temporary space shortages. When using Soft Updates, the kernel can take up to @@ -3236,11 +3237,9 @@ kern.sched.name: ULE - &os; also supports network file systems such as NFS - (see &man.mount.nfs.8;), NetWare (see &man.mount.nwfs.8;), - and Microsoft-style SMB file systems (see - &man.mount.smbfs.8;). You can find ports based on FUSE - (sysutils/fusefs-kmod) for many other + &os; includes the Network File System NFS and + the &os; Ports Collection provides several FUSE applications + to support many other file systems. @@ -3256,7 +3255,7 @@ kern.sched.name: ULE example, if you have an E partition as the second DOS partition on the second SCSI drive, there will be a device file for slice 5 in - /dev, so simply mount it: + /dev, so mount it: &prompt.root; mount -t msdosfs /dev/da1s5 /dos/e @@ -3300,7 +3299,7 @@ C:\BOOTSECT.BSD="&os;" C:\="DOS" If &os; is installed on the same disk as the - &windowsnt; boot partition simply copy + &windowsnt; boot partition, copy /boot/boot1 to C:\BOOTSECT.BSD. However, if &os; is installed on a different disk @@ -3317,11 +3316,11 @@ C:\="DOS" MBR. - Do not simply copy + Do not copy /boot/boot0 instead of - /boot/boot1; you will overwrite - your partition table and render your computer - un-bootable! + /boot/boot1 as this will overwrite + the partition table and render the computer + unbootable! When the &os; boot manager runs it records the last OS @@ -3511,7 +3510,7 @@ C:\="DOS" This generally means that there is no CD-ROM in the CD-ROM drive, or the drive is not visible on the bus. - Please see the Using Data CDs section of the Handbook for a detailed discussion of this issue. @@ -3598,7 +3597,7 @@ C:\="DOS" By default, &man.mount.8; will attempt to mount the last data track (session) of a CD. If you would like to load an earlier session, you must use the - command line argument. Please see + command line argument. Refer to &man.mount.cd9660.8; for specific examples. @@ -3686,7 +3685,7 @@ C:\="DOS" file while using more on it, more does not immediately choke and complain that it cannot view the file. The entry is - simply removed from the directory so no other program or + removed from the directory so no other program or user can access it. du shows that it is gone — it has walked the directory tree and the file is not listed. df shows that it @@ -3873,8 +3872,8 @@ C:\="DOS" Deduplication takes up a significant amount of RAM and may slow down read and write disk access times. Unless one is storing data that is very heavily - duplicated (such as virtual machine images, or user - backups) it is possible that deduplication will do more + duplicated, such as virtual machine images or user + backups, it is possible that deduplication will do more harm than good. Another consideration is the inability to revert deduplication status. If data is written when deduplication is enabled, disabling dedup will not cause @@ -3882,7 +3881,7 @@ C:\="DOS" until they are next modified. Deduplication can also lead to some unexpected - situations. In particular deleting files may become + situations. In particular, deleting files may become much slower. @@ -3995,7 +3994,7 @@ C:\="DOS" Why do I keep getting messages like root: not found after editing - /etc/crontab + /etc/crontab? @@ -4010,7 +4009,7 @@ C:\="DOS" which &man.crontab.1; updates (the &man.crontab.5; manual page explains the differences in more detail). - If this is what you did, the extra crontab is simply a + If this is what you did, the extra crontab is a copy of /etc/crontab in the wrong format it. Delete it with the command: @@ -4065,10 +4064,10 @@ C:\="DOS" class="groupname">wheel. To allow someone to su to - root, simply put + root, put them in the wheel group. Use - &man.pw.8; for this purpose. + class="groupname">wheel group using + pw: &prompt.root; pw groupmod wheel -m lisa @@ -4087,9 +4086,9 @@ C:\="DOS" Restart the system using boot - -s at the loader prompt to enter Single User - mode. When prompted for a shell pathname, simply press - Enter, and run mount + -s at the loader prompt to enter single-user + mode. When prompted for a shell pathname, press + Enter and run mount -urw / to re-mount the root file system in read/write mode. You may also need to run mount -a -t ufs to mount the file system where your @@ -4143,7 +4142,7 @@ C:\="DOS" - Please see the Handbook section on Refer to the Handbook section on using localization, specifically the section on console @@ -4166,7 +4165,7 @@ C:\="DOS" options QUOTA - Please read the Refer to the Handbook entry on quotas for full details. @@ -4178,7 +4177,7 @@ C:\="DOS" Put the quota file on the file system that the - quotas are to be enforced on, i.e.: + quotas are to be enforced on: @@ -4282,7 +4281,7 @@ options SYSVMSG # enable for Do not panic! Restart the system, type boot -s at the - Boot: prompt to enter Single User mode. + Boot: prompt to enter single-user mode. At the question about the shell to use, hit Enter. You will be dropped to a &prompt.root; prompt. Enter mount @@ -4296,7 +4295,7 @@ options SYSVMSG # enable for If you are still prompted to give the root password when - entering the Single User mode, it means that the console + entering the single-user mode, it means that the console has been marked as insecure in /etc/ttys. In this case it will be required to boot from a &os; installation disk, choose @@ -4304,15 +4303,15 @@ options SYSVMSG # enable for Shell at the beginning of the install process and issue the commands mentioned above. You will need to mount the specific partition in this - case and then chroot to it, i.e., replace mount - -urw / by mount /dev/ada0p1 /mnt; + case and then chroot to it. For example, replace mount + -urw / with mount /dev/ada0p1 /mnt; chroot /mnt for a system on ada0p1. - If you cannot mount your root partition from Single - User mode, it is possible that the partitions are + If you cannot mount your root partition from + single-user mode, it is possible that the partitions are encrypted and it is impossible to mount them without the access keys. Your chances depend on the chosen implementation. For more information see the section @@ -4403,14 +4402,10 @@ options SYSVMSG # enable for - Go into single user mode and then back to multi user - mode. - - On the console do: + Go into single-user mode and then back to multi-user + mode: &prompt.root; shutdown now -(Note: without -r or -h) - &prompt.root; return &prompt.root; exit @@ -4480,7 +4475,7 @@ options SYSVMSG # enable for Short answer: You are probably at security level - greater than 0. Reboot directly to Single User mode to + greater than 0. Reboot directly to single-user mode to install the kernel. Long answer: &os; disallows changing system flags at @@ -4490,7 +4485,7 @@ options SYSVMSG # enable for &prompt.root; sysctl kern.securelevel You cannot lower the security level; you have to boot - to Single Mode to install the kernel, or change the + to single-user mode to install the kernel, or change the security level in /etc/rc.conf then reboot. See the &man.init.8; manual page for details on securelevel, and see @@ -4508,7 +4503,7 @@ options SYSVMSG # enable for Short answer: You are probably at security level - greater than 1. Reboot directly to Single User mode to + greater than 1. Reboot directly to single-user mode to change the date. Long answer: &os; disallows changing the time by more @@ -4518,7 +4513,7 @@ options SYSVMSG # enable for &prompt.root; sysctl kern.securelevel You cannot lower the security level; you have to boot - to Single User mode to change the date, or change the + to single-user mode to change the date, or change the security level in /etc/rc.conf then reboot. See the &man.init.8; manual page for details on securelevel, and see @@ -4560,8 +4555,8 @@ options SYSVMSG # enable for - You are running at an elevated (i.e., greater than 0) - securelevel. Lower the securelevel and try again. For + You are running a securelevel greater than 0. + Lower the securelevel and try again. For more information, see the FAQ entry on securelevel and the &man.init.8; manual page. @@ -4835,11 +4830,10 @@ options SYSVMSG # enable for X requires write access to &man.io.4;. For more information, see at the &man.init.8; manual page. - There are two solutions to the problem: Set your - securelevel back down to zero (usually - in /etc/rc.conf), or run &man.xdm.1; - (or an alternative display manager) at boot time (before - the securelevel is raised). + There are two solutions to the problem: set the + securelevel back down to zero or run &man.xdm.1; + (or an alternative display manager) at boot time before + the securelevel is raised. See for more information about running &man.xdm.1; at boot time. @@ -4908,7 +4902,7 @@ options SYSVMSG # enable for Yes. You need to tell X that you have a 5 button mouse. To - do this, simply add the lines Buttons 5 + do this, add the lines Buttons 5 and ZAxisMapping 4 5 to the InputDevice section of /etc/X11/xorg.conf. For example, you @@ -4988,7 +4982,7 @@ EndSection For security reasons, the default setting is to not allow a machine to remotely open a window. - To enable this feature, simply start + To enable this feature, start X with the optional argument: @@ -5003,7 +4997,7 @@ EndSection - Virtual consoles, put simply, enable you to have + Virtual consoles enable you to have several simultaneous sessions on the same machine without doing anything complicated like setting up a network or running X. @@ -5148,7 +5142,7 @@ ttyvb "/usr/libexec/getty Pc" There are two schools of thought on how to start &man.xdm.1;. One school starts xdm from /etc/ttys (see &man.ttys.5;) - using the supplied example, while the other simply runs + using the supplied example, while the other runs xdm from rc.local (see &man.rc.8;) or from an X script in @@ -5165,8 +5159,8 @@ ttyvb "/usr/libexec/getty Pc" a problem starting the X server. If loaded from &man.rc.8;, xdm - should be started without any arguments (i.e., as a - daemon). xdm must start + should be started without any arguments. + xdm must start after &man.getty.8; runs, or else getty and xdm will conflict, locking out the console. The best way around @@ -5244,11 +5238,7 @@ ttyvb "/usr/libexec/getty Pc" If this happens, disable the synchronization check code by setting the driver flags for the PS/2 mouse driver to 0x100. This can be easiest achieved - by adding - - hint.psm.0.flags="0x100" - - to + by adding hint.psm.0.flags="0x100" to /boot/loader.conf and rebooting. @@ -5435,7 +5425,7 @@ Key F15 A A Menu Wo Diskless booting means that the &os; box is booted over a network, and reads the necessary files from a server instead of its hard disk. For full - details, please read the Handbook entry on diskless booting. @@ -5448,7 +5438,7 @@ Key F15 A A Menu Wo - Yes. Please see the Handbook entry on Yes. Refer to the Handbook entry on advanced networking, specifically the section on routing @@ -5475,15 +5465,15 @@ Key F15 A A Menu Wo and set gateway_enable to YES in /etc/rc.conf. For more information, - please see the &man.ppp.8; manual page or the Handbook entry on user PPP. If you are using kernel-mode PPP or have an Ethernet connection to the Internet, you need to use &man.natd.8;. - Please look at the natd - section of the Handbook for a tutorial. + section of the Handbook. @@ -5496,7 +5486,7 @@ Key F15 A A Menu Wo Yes. &man.ppp.8; provides support for both incoming and outgoing connections. - For more information on how to use this, please see + For more information on how to use this, refer to the Handbook chapter on PPP. @@ -5510,10 +5500,10 @@ Key F15 A A Menu Wo Yes. If you want to use NAT over a user PPP - connection, please see the Handbook entry on user PPP. If you want to use NAT over - some other sort of network connection, please look at the + some other sort of network connection, look at the natd section of the Handbook. @@ -5568,7 +5558,7 @@ Key F15 A A Menu Wo The most frequent problem is not understanding the correct format of /etc/exports. - Please review &man.exports.5; and the NFS entry in the Handbook, especially the section on configuring @@ -5691,8 +5681,8 @@ Key F15 A A Menu Wo You can redirect FTP (and other service) request with - the sysutils/socket port. Simply - replace the service's command line to call + the sysutils/socket port. + Replace the service's command line to call socket instead, like so: ftp stream tcp nowait nobody /usr/local/bin/socket socket ftp.example.com ftp @@ -5896,7 +5886,7 @@ Key F15 A A Menu Wo The most common way to accomplish this is to build a simulated environment in a subdirectory and then run - the processes in that directory chrooted (i.e., + the processes in that directory chrooted so that / for that process is this directory, not the real / of the system). @@ -5940,7 +5930,7 @@ Key F15 A A Menu Wo securelevel is a security mechanism implemented in the kernel. When the securelevel is positive, the kernel restricts certain tasks; not even - the superuser (i.e., root) is allowed to do them. The securelevel mechanism limits the ability to: @@ -5968,12 +5958,12 @@ Key F15 A A Menu Wo To check the status of the securelevel on a running - system, simply execute the following command: + system: &prompt.root; sysctl -n kern.securelevel The output contains the current value of the - securelevel. If it is positive (i.e., greater than 0), at + securelevel. If it is greater than 0, at least some of the securelevel's protections are enabled. @@ -5989,8 +5979,7 @@ Key F15 A A Menu Wo reboot. For more information on securelevel and the specific - things all the levels do, please consult the &man.init.8; - manual page. + things all the levels do, consult &man.init.8;. Securelevel is not a silver bullet; it has many @@ -6013,8 +6002,8 @@ Key F15 A A Menu Wo file. This point and others are often discussed on the - mailing lists, particularly the &a.security;. Please - search the archives here for an extensive discussion. A more fine-grained mechanism is preferred. @@ -6099,7 +6088,7 @@ Key F15 A A Menu Wo mounted for some reason, root will not be able to log in to fix a problem (although if you reboot into - single user mode you will be prompted for the path to a + single-user mode you will be prompted for the path to a shell). Some people use root tasks with a non-standard shell, leaving root, with a standard - shell, for single user mode or emergencies. By default + shell, for single-user mode or emergencies. By default you cannot log in using toor as it does not have a password, so log in as You should first read the &man.ppp.8; manual page and the PPP - section of the handbook. Enable logging with the + section of the Handbook. Enable logging with the following command: set log Phase Chat Connect Carrier lcp ipcp ccp command @@ -6168,14 +6157,14 @@ Key F15 A A Menu Wo /etc/hosts is consulted by your resolver first by editing /etc/host.conf and putting the - hosts line first. Then, simply put an + hosts line first. Then, put an entry in /etc/hosts for your local machine. If you have no local network, change your localhost line: 127.0.0.1 foo.example.com foo localhost - Otherwise, simply add another entry for your host. + Otherwise, add another entry for your host. Consult the relevant manual pages for more details. You should be able to successfully ping -c1 @@ -6200,7 +6189,7 @@ default 10.0.0.2 UG 10.0.0.2 10.0.0.1 UH 0 0 tun0 This is assuming that you have used the addresses from - the handbook, the manual page, or from + the Handbook, the manual page, or from ppp.conf.sample. If you do not have a default route, it may be because you forgot to add the HISADDR line to @@ -6217,7 +6206,7 @@ default 10.0.0.2 UG If this is the case, go back to the Final System Configuration section of the - handbook. + Handbook. @@ -6248,7 +6237,7 @@ add 0 0 HISADDR Refer to the PPP - and Dynamic IP addresses section of the handbook + and Dynamic IP addresses section of the Handbook for further details. @@ -6323,7 +6312,7 @@ add 0 0 HISADDR apparent explanation. The first thing to establish is which side of the link is hung. - If you are using an external modem, you can simply try + If you are using an external modem, try using &man.ping.8; to see if the TD light is flashing when you transmit data. If it flashes (and the RD light does not), the @@ -7092,7 +7081,7 @@ ATDT1234567 There is a list of these in the Serial - Communications chapter of the handbook. + Communications chapter of the Handbook. Most multi-port PCI cards that are based on 16550 or clones are supported with no extra effort. @@ -7114,7 +7103,7 @@ ATDT1234567 See this - section of the handbook. + section of the Handbook. @@ -7259,7 +7248,7 @@ hint.sio.7.irq="12" - Please read the section about Refer to the section about Dial-in Services in the &os; Handbook. @@ -7584,7 +7573,7 @@ hint.sio.7.irq="12" - Please see the Refer to the &os; Glossary. @@ -7964,7 +7953,7 @@ hint.sio.7.irq="12" - Please see the article on See the article on Contributing to &os; for specific advice on how to do this. Assistance is more than welcome! @@ -8007,10 +7996,10 @@ hint.sio.7.irq="12" - HEAD is not an actual branch tag, - like the others; it is simply a symbolic constant for - the current, non-branched development - stream which we simply refer to as + HEAD is not an actual branch tag. + It is a symbolic constant for + the current, non-branched development + stream known as -CURRENT. Right now, -CURRENT is the @@ -8043,7 +8032,7 @@ hint.sio.7.irq="12" - Please take a look at the article on Take a look at the article on Contributing to &os; to learn how to submit code. @@ -8109,7 +8098,7 @@ panic: page fault the instruction pointer address will be somewhere inside a function, not at the start. If you do not get an exact match, omit the last digit from the - instruction pointer value and try again, i.e.: + instruction pointer value and try again: &prompt.user; nm -n kernel.that.caused.the.panic | grep f0xxxxx From owner-svn-doc-all@FreeBSD.ORG Wed May 14 02:56:14 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 569E22FE; Wed, 14 May 2014 02:56:14 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 441252BEA; Wed, 14 May 2014 02:56:14 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4E2uEwc056578; Wed, 14 May 2014 02:56:14 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4E2uERR056577; Wed, 14 May 2014 02:56:14 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405140256.s4E2uERR056577@svn.freebsd.org> From: Dru Lavigne Date: Wed, 14 May 2014 02:56:14 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44825 - head/en_US.ISO8859-1/books/faq X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 May 2014 02:56:14 -0000 Author: dru Date: Wed May 14 02:56:13 2014 New Revision: 44825 URL: http://svnweb.freebsd.org/changeset/doc/44825 Log: Comment out the Funnies. Yes, these are funny for those of us who have been around for a while, but it does not match the intended audience or belong in the FAQ. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/faq/book.xml Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Wed May 14 02:50:11 2014 (r44824) +++ head/en_US.ISO8859-1/books/faq/book.xml Wed May 14 02:56:13 2014 (r44825) @@ -7660,7 +7660,7 @@ hint.sio.7.irq="12"               - + Advanced Topics From owner-svn-doc-all@FreeBSD.ORG Wed May 14 09:58:22 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 600AE3AD; Wed, 14 May 2014 09:58:22 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 41C772EF9; Wed, 14 May 2014 09:58:22 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4E9wM1j043631; Wed, 14 May 2014 09:58:22 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4E9wMm6043630; Wed, 14 May 2014 09:58:22 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405140958.s4E9wMm6043630@svn.freebsd.org> From: Ryusuke SUZUKI Date: Wed, 14 May 2014 09:58:22 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44826 - head/ja_JP.eucJP/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Wed, 14 May 2014 11:13:22 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 May 2014 09:58:22 -0000 Author: ryusuke Date: Wed May 14 09:58:21 2014 New Revision: 44826 URL: http://svnweb.freebsd.org/changeset/doc/44826 Log: o White space fix. o Delete www CVSup collection entry. Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Wed May 14 02:56:13 2014 (r44825) +++ head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Wed May 14 09:58:21 2014 (r44826) @@ -17,68 +17,70 @@ &os; の CD/DVD セットは以下のオンライン業者から入手できます。 - - -
              - &os; Mall, Inc. - 2420 Sand Creek Rd C-1 #347 - Brentwood, CA 94513 - USA - 電話: +1 925 240-6652 - Fax: +1 925 674-0821 - Email: info@freebsdmall.com - WWW: http://www.freebsdmall.com/ -
              -               - - -
              - Dr. Hinner EDV - Kochelseestr. 11 - D-81371 München - Germany - 電話: (0177) 428 419 0 - WWW: http://www.hinner.de/linux/freebsd.html -
              -               - - -
              - Linux Distro UK - 42 Wharfedale Road - Margate - CT9 2TB - United Kingdom - WWW: https://linux-distro.co.uk/ -
              -               - - -
              - The Linux Emporium - The Techno Centre, Puma Way - Parkside - CV1 2TT - United Kingdom - 電話: +44 (0)247 615 8121 - Fax: +44 1491 837016 - WWW: http://www.linuxemporium.co.uk/products/bsd/ -
              -               - - -
              - LinuxCenter.Ru - Galernaya Street, 55 - Saint-Petersburg - 190000 - Russia - 電話: +7-812-3125208 - Email: info@linuxcenter.ru - WWW: http://linuxcenter.ru/shop/freebsd -
              -               -               + + +
              + &os; Mall, Inc. + 2420 Sand Creek Rd C-1 #347 + Brentwood, + CA + 94513 + USA + 電話: +1 925 240-6652 + Fax: +1 925 674-0821 + Email: info@freebsdmall.com + WWW: http://www.freebsdmall.com/ +
              +               + + +
              + Dr. Hinner EDV + Kochelseestr. 11 + D-81371 München + Germany + 電話: (0177) 428 419 0 + WWW: http://www.hinner.de/linux/freebsd.html +
              +               + + +
              + Linux Distro UK + 42 Wharfedale Road + Margate + CT9 2TB + United Kingdom + WWW: https://linux-distro.co.uk/ +
              +               + + +
              + The Linux Emporium + The Techno Centre, Puma Way + Parkside + CV1 2TT + United Kingdom + 電話: +44 (0)247 615 8121 + Fax: +44 1491 837016 + WWW: http://www.linuxemporium.co.uk/products/bsd/ +
              +               + + +
              + LinuxCenter.Ru + Galernaya Street, 55 + Saint-Petersburg + 190000 + Russia + 電話: +7-812-3125208 + Email: info@linuxcenter.ru + WWW: http://linuxcenter.ru/shop/freebsd +
              +               +               @@ -134,9 +136,9 @@ CTM を使う - - CTM - + + CTM + 訳: &a.hanai;、1997 年 9 月 13 日 @@ -188,8 +190,8 @@ メーリングリストに相談してください。 - カリフォルニア、サンフランシスコ近辺、 - 公式なソース + + カリフォルニア、サンフランシスコ近辺、公式なソース @@ -202,8 +204,8 @@ - 南アフリカ、 - 古い差分ファイルのバックアップサーバ + + 南アフリカ、古い差分ファイルのバックアップサーバ @@ -213,7 +215,9 @@ - 台湾/中華民国 + + 台湾/中華民国 + @@ -521,7 +525,7 @@ すでに存在するファイルと、 リポジトリから持ってきたファイルとの間で衝突が起きてしまいます。 - + 以下のように入力して、リポジトリからチェックアウトしてください。 &prompt.root; svn checkout svn-mirror/repository/branch lwcdir @@ -564,7 +568,8 @@ 指定したブランチの中身が置かれるターゲットのディレクトリです。 通常 ports/usr/portsbase/usr/src、 - そして doc では /usr/doc と指定します。 + そして doc では + /usr/doc と指定します。 @@ -648,10 +653,10 @@ - - - - + + + + 名前 @@ -816,14 +821,14 @@ Certificate information: Modula-3 システムに依存していて、構築にかかる時間、 ディスクスペースは比較的大きくなります。 - - たとえばサーバのような &xorg; + + たとえばサーバのような &xorg; がインストールされていない計算機で CVSup を使おうとしているのであれば、必ず CVSup GUI が含まれていない net/cvsup-without-gui を使ってください。 - + @@ -833,8 +838,7 @@ Certificate information: と呼ばれるコンフィグレーションファイルで制御します。 supfile のサンプルは、ディレクトリ /usr/share/examples/cvsup/ - の下にあります。 - + の下にあります。 supfile には以下の CVSup に関する質問への答えを記述します: @@ -1147,7 +1151,7 @@ Certificate information: *default release=cvs delete use-rel-suffix compress src-all - + @@ -1289,58 +1293,62 @@ usr.bin/ src-all です。 - - cvs-all release=cvs + + cvs-all release=cvs + + + メインの &os; CVS リポジトリであり、 + 暗号のコードを含んでいます。 + + + + distrib release=cvs - - メインの &os; CVS リポジトリであり、 - 暗号のコードを含んでいます。 - - - - distrib release=cvs - - - &os; - の配布とミラーに関連するファイルです。 - - + + &os; + の配布とミラーに関連するファイルです。 + + + + + + projects-all release=cvs + - - projects-all release=cvs &os; プロジェクトのリポジトリのソース。 - src-all release=cvs + src-all release=cvs - + メインの &os; ソース群であり、 暗号のコードを含んでいます。 - - - src-base release=cvs - - - /usr/src - のトップにあるその他のファイル。 - - - - - src-bin release=cvs - - - シングルユーザモードで必要な - ユーザユーティリティ - (/usr/src/bin)。 - - + + + src-base + release=cvs - + + /usr/src + のトップにあるその他のファイル。 + + + + + src-bin + release=cvs + + + シングルユーザモードで必要なユーザユーティリティ + (/usr/src/bin)。 + + + + src-cddl release=cvs @@ -1351,120 +1359,134 @@ usr.bin/ - src-contrib release=cvs + src-contrib + release=cvs - - &os; プロジェクト外部からの - ユーティリティおよびライブラリ、 - 比較的無修正 - (/usr/src/contrib)。 - - + + &os; + プロジェクト外部からのユーティリティおよびライブラリ、 + 比較的無修正 + (/usr/src/contrib)。 + + - src-crypto release=cvs + + src-crypto release=cvs + - &os; プロジェクトの外部で開発された暗号ユーティリティとライブラリで、 - ほとんどそのままの形で使われます - (/usr/src/crypto)。 - + &os; + プロジェクトの外部で開発された暗号ユーティリティとライブラリで、 + ほとんどそのままの形で使われます + (/usr/src/crypto)。 + - src-eBones release=cvs + + src-eBones release=cvs + - Kerberos と DES - (/usr/src/eBones) のこと。 - 現在の &os; リリースでは使われていません。 + Kerberos と DES + (/usr/src/eBones) のこと。 + 現在の &os; リリースでは使われていません。 - - src-etc release=cvs - - - システムコンフィグレーションファイル - (/usr/src/etc)。 - - + + src-etc + release=cvs + + システムコンフィグレーションファイル + (/usr/src/etc)。 + + - - src-games release=cvs + + src-games + release=cvs - - ゲーム - (/usr/src/games)。 - - + + ゲーム + (/usr/src/games)。 + + - - src-gnu release=cvs + + src-gnu + release=cvs - - GNU Public License - 下にあるユーティリティ - (/usr/src/gnu)。 - - + + GNU Public License + 下にあるユーティリティ + (/usr/src/gnu)。 + + - - src-include release=cvs + + src-include + release=cvs - - ヘッダファイル - (/usr/src/include)。 - - + + ヘッダファイル + (/usr/src/include)。 + + - - src-kerberos5 release=cvs + + src-kerberos5 + release=cvs - - Kerberos5 セキュリティパッケージ - (/usr/src/kerberos5)。 - - + + Kerberos5 セキュリティパッケージ + (/usr/src/kerberos5)。 + + - - src-kerberosIV release=cvs + + src-kerberosIV + release=cvs - - KerberosIV セキュリティパッケージ - (/usr/src/kerberosIV)。 - - + + KerberosIV セキュリティパッケージ + (/usr/src/kerberosIV)。 + + - - src-lib release=cvs + + src-lib + release=cvs - - ライブラリ - (/usr/src/lib)。 - - + + ライブラリ + (/usr/src/lib)。 + + - - src-libexec release=cvs + + src-libexec + release=cvs - - システムプログラムであり、 - 通常は他のプログラムから実行される - (/usr/src/libexec)。 - - + + システムプログラムであり、 + 通常は他のプログラムから実行される + (/usr/src/libexec)。 + + - - src-release release=cvs + + src-release + release=cvs - + &os; の release - を構築するために必要なファイル - (/usr/src/release)。 - - + を構築するために必要なファイル + (/usr/src/release)。 + + src-rescue @@ -1477,47 +1499,51 @@ usr.bin/ - - src-sbin release=cvs + + + src-sbin release=cvs + - - シングルユーザモード用の - システムユーティリティ - (/usr/src/sbin)。 - - + + シングルユーザモード用の + システムユーティリティ + (/usr/src/sbin)。 + + - + src-secure - release=cvs + release=cvs - + 暗号化ライブラリとコマンド (/usr/src/secure)。 - - + + - - src-share release=cvs + + src-share + release=cvs + + + 多様なシステム間で共有可能なファイル + (/usr/src/share)。 + + - - 多様なシステム間で共有可能なファイル - (/usr/src/share)。 - - - - - src-sys release=cvs - - - カーネル - (/usr/src/sys)。 - - + + src-sys + release=cvs + + + カーネル + (/usr/src/sys)。 + + src-sys-crypto - release=cvs + release=cvs カーネル用の暗号コード @@ -1525,70 +1551,67 @@ usr.bin/ - - src-tools release=cvs + + src-tools + release=cvs - + &os; の保守用の色々なツール - (/usr/src/tools)。 - - - - - src-usrbin release=cvs - - - ユーザユーティリティ - (/usr/src/usr.bin)。 - - - - - src-usrsbin release=cvs - - - システムユーティリティ - (/usr/src/usr.sbin)。 - - - - - - - - www release=cvs - - - &os; WWW サイトのソースです。 - - - - - - - distrib release=self - - CVSup - サーバ自身のコンフィグレーションファイルです。CVSup - ミラーサイトが使用します。 - - + (/usr/src/tools)。 + + + + + src-usrbin + release=cvs + + + ユーザユーティリティ + (/usr/src/usr.bin)。 + + + + + src-usrsbin + release=cvs + + + システムユーティリティ + (/usr/src/usr.sbin)。 + + + + + + + + + + + distrib release=self + + + CVSup + サーバ自身のコンフィグレーションファイルです。CVSup + ミラーサイトが使用します。 + + - - gnats release=current + + gnats release=current - + GNATS バグトラッキングデータベースです。 - - + + - - mail-archive release=current + + mail-archive release=current - + &os; 関連メーリングリストのアーカイブ。 - - + + @@ -1607,7 +1630,7 @@ usr.bin/ CVSup に関する質問やバグ報告については - CVSup FAQ をご覧ください。 + CVSup FAQ をご覧ください。 @@ -1621,6 +1644,7 @@ usr.bin/ &chap.mirrors.lastmod.inc; &chap.mirrors.cvsup.inc; + From owner-svn-doc-all@FreeBSD.ORG Wed May 14 11:59:37 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5B7EE543; Wed, 14 May 2014 11:59:37 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 47A742825; Wed, 14 May 2014 11:59:37 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4EBxb5g096676; Wed, 14 May 2014 11:59:37 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4EBxbak096675; Wed, 14 May 2014 11:59:37 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405141159.s4EBxbak096675@svn.freebsd.org> From: Dru Lavigne Date: Wed, 14 May 2014 11:59:37 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44827 - head/en_US.ISO8859-1/books/faq X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 May 2014 11:59:37 -0000 Author: dru Date: Wed May 14 11:59:36 2014 New Revision: 44827 URL: http://svnweb.freebsd.org/changeset/doc/44827 Log: Put acronym tags around FAQ. Start to remove "you/we" usage. Many more commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/faq/book.xml Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Wed May 14 09:58:21 2014 (r44826) +++ head/en_US.ISO8859-1/books/faq/book.xml Wed May 14 11:59:36 2014 (r44827) @@ -69,8 +69,9 @@ $FreeBSD$ - This is the FAQ for &os; versions &rel3.relx;, &rel2.relx; - and &rel.relx;. Every effort has been made to make this FAQ + This is the Frequently Asked Questions + FAQ for &os; versions &rel3.relx;, &rel2.relx; + and &rel.relx;. Every effort has been made to make this FAQ as informative as possible; if you have any suggestions as to how it may be improved, send them to the &a.doc;. @@ -138,12 +139,12 @@ - Yes. Those restrictions do not control how you use - the code, merely how you treat the &os; Project itself. - If you have serious license concerns, read the actual + Yes. Those restrictions do not control how + the code is used, but how to treat the &os; Project itself. + The license itself is available at license. - The license can be summarized like + xlink:href="http://www.FreeBSD.org/copyright/freebsd-license.html">license + and can be summarized like this: @@ -202,15 +203,15 @@ robust and full-featured environment for applications. It supports a wide variety of web browsers, office suites, email readers, graphics programs, programming - environments, network servers, and just about everything - else you might want. Most of these applications can be + environments, network servers, and much more. + Most of these applications can be managed through the Ports Collection. - If you need to use an application that is only - available on one operating system, you simply cannot - replace that operating system. Chances are there is a + If an application is only + available on one operating system, you cannot just + replace that operating system. Chances are, there is a very similar application on &os;, however. If you want a solid office or Internet server, a reliable workstation, or just the ability to do your job without interruptions, @@ -219,15 +220,14 @@ and experienced &unix; administrators, use &os; as their only desktop operating system. - If you are migrating to &os; from some other &unix; - environment, you already know most of what you need to. - If your background is in graphic-driven operating systems - such as &windows; and &macos;, you may be interested in + Users migrating to &os; from another &unix;-like + environment will find &os; to be similar. + &windows; and &macos; users may be interested in instead using PC-BSD, a &os; - based distribution, instead. If you have not used &unix; - before expect to invest additional time learning the - &unix; way of doing things. This FAQ and the PC-BSD, a + &os;-based desktop distribution. Non-&unix; users should + expect to invest some additional time learning the + &unix; way of doing things. This FAQ and the &os; Handbook are excellent places to start. @@ -262,9 +262,9 @@ It is worth pointing out that the word - free is being used in two ways here, one - meaning at no cost, the other meaning - you can do whatever you like. Apart from + free is being used in two ways here: one + meaning at no cost and the other meaning + do whatever you like. Apart from one or two things you cannot do with the &os; code, for example pretending you wrote it, you can really do whatever you like with it. @@ -354,9 +354,8 @@ possibly unstable) features of the latest -CURRENT snapshot. Releases can come from either branch, but -CURRENT - should only be used if you are prepared for its increased - volatility (relative to -STABLE, that - is). + is meant for users who are prepared for its increased + volatility, relative to -STABLE. Releases are made every few months. While many people stay more @@ -391,7 +390,7 @@ for details on running -CURRENT. - If you are not familiar with &os; you should not use + Users not familiar with &os; should not use &os.current;. This branch sometimes evolves quite quickly and due to mistake can be un-buildable at times. People that use &os.current; are expected to be able to analyze, @@ -435,9 +434,9 @@ No claims are made that any -CURRENT snapshot can be considered - production quality for any purpose. If you - want to run a stable and fully tested system, you will - have to stick to full releases, or use the + production quality for any purpose. + If a stable and fully tested system is needed, + stick to full releases or use the -STABLE snapshots. Snapshot releases are directly available from http://www.FreeBSD.org/docs.html. In addition, the Bibliography at the - end of this FAQ, and FAQ, and the one in the Handbook reference other recommended books. @@ -661,10 +660,10 @@ The document's language and encoding. These are - based on the locale names you will find under - /usr/share/locale on your &os; - system. The current languages and encodings that we - have for documentation are as follows: + based on the locale names found under + /usr/share/locale on a &os; + system. The current languages and encodings + are as follows: @@ -920,16 +919,15 @@ - After choosing the format and compression mechanism - that you want to download, you will have to download the - compressed files yourself, uncompress them, and then copy + After choosing the format and compression mechanism, + download the + compressed files, uncompress them, and then copy the appropriate documents into place. - For example, the split HTML version of the FAQ, + For example, the split HTML version of the FAQ, compressed using &man.bzip2.1;, can be found in doc/en_US.ISO8859-1/books/faq/book.html-split.tar.bz2 - To download and uncompress that file you would have to do - this: + To download and uncompress that file, type: &prompt.root; fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/doc/en_US.ISO8859-1/books/faq/book.html-split.tar.bz2 &prompt.root; tar xvf book.html-split.tar.bz2 @@ -986,14 +984,14 @@ a general help channel with many users at any time. The conversations have been known to run off-topic for a while, but priority is given to users with &os; - questions. We are good about helping you understand + questions. Other users can help you understand the basics, referring to the Handbook whenever - possible, and directing you where to learn more about - the topic you need help with. We are a primarily - English speaking channel, though we have users from - all over the world. If you would like to speak in - your native language, try to ask the question in - English and then relocate to another channel + possible and providing links for learning more about + the topic you need help with. This is primarily an + English speaking channel, though it does have users from + all over the world. Non-native English speakers should + try to ask the question in + English first and then relocate to ##freebsd-lang as appropriate. @@ -1039,13 +1037,9 @@ list of IRC channels. Each of these channels are distinct and are not - connected to each other. Their chat styles also differ, - so you may need to try each to find one suited to your - chat style. As with all types of IRC - traffic, if you are easily offended or cannot deal with - lots of young people (and more than a few older ones) - doing the verbal equivalent of jello wrestling, do not - even bother with it. + connected to each other. Since their chat styles differ, + try each to find one suited to your + chat style. @@ -1077,10 +1071,9 @@ BSD Certification Group, Inc. provides system administration certifications for DragonFly BSD, - &os;, NetBSD, and OpenBSD. If you are interested in them, - visit their - site. + site for more information. Any other organizations providing training and support should contact the Project to be listed here. @@ -1111,10 +1104,9 @@ &arch.amd64; is the term &os; uses for 64-bit compatible x86 architectures (also known as "x86-64" or "x64"). Most modern computers should use &arch.amd64;. - Older hardware should use &arch.i386;. If you are - installing on a non-x86-compatible architecture select the - platform which best matches the architecture you are - using. + Older hardware should use &arch.i386;. When + installing on a non-x86-compatible architecture, select the + platform which best matches the hardware. @@ -1126,8 +1118,8 @@ On the Getting - &os; page select [iso] next to - the architecture you want to use. + &os; page, select [iso] next to + the architecture that matches the hardware. Any of the following can be used: @@ -1258,8 +1250,8 @@ - For &os; you will need a 486 or better PC, with - 64 MB or more of RAM and at least 1 GB of hard + &os; requires a 486 or better PC, + 64 MB or more of RAM, and at least 1 GB of hard disk space. See also . @@ -1289,8 +1281,8 @@ If &windows; is installed first, then yes. &os;'s boot manager will then manage to boot &windows; and &os;. - If you install &windows; second, it will boorishly - overwrite your boot manager without even asking. If that + If &windows; is installed afterwards, it will + overwrite the boot manager. If that happens, see the next section. @@ -1302,9 +1294,8 @@ - This depends on what boot manager you have installed. - The &os; boot selection menu (likely what you are using - if you end up in this situation) can be reinstalled using + This depends upon the boot manager. + The &os; boot selection menu can be reinstalled using &man.boot0cfg.8;. For example, to restore the boot menu onto the disk ada0: @@ -1337,7 +1328,7 @@ see the CD-ROM to boot from it, but why &os; cannot see it to complete the install. - Reconfigure your system so that the CD-ROM is either + Reconfigure the system so that the CD-ROM is either the master device on the IDE controller it is attached to, or make sure that it is the slave on an IDE controller that also has a master device. @@ -1388,10 +1379,10 @@ default. These are believed to be more secure than the traditional &unix; password format, which used a scheme based on the DES algorithm. DES - passwords are still available if you need to share your - password file with legacy operating systems which still - use the less secure password format. &os; also allows you - to use the Blowfish and MD5 password formats. Which + passwords are still available for backwards compatibility + with legacy operating systems which still + use the less secure password format. &os; also supports + the Blowfish and MD5 password formats. Which password format to use for new passwords is controlled by the passwd_format login capability in /etc/login.conf, which takes values @@ -1459,12 +1450,12 @@ - Because your world and kernel are out of sync. This - is not supported. Be sure you use make + The world and kernel are out of sync. This + is not supported. Be sure to use make buildworld and make - buildkernel to update your kernel. + buildkernel to update the kernel. - You can boot by specifying the kernel directly at the + Boot the system by specifying the kernel directly at the second stage, pressing any key when the | shows up before loader is started. @@ -1503,9 +1494,8 @@ This is discussed continually on the &os; mailing - lists. Since hardware changes so quickly, however, we - expect this. We still strongly - recommend that you read through the Hardware Notes + lists but is to be expected since hardware changes so quickly. + Read through the Hardware Notes for &os; &rel.current; or archives before asking about the latest and greatest hardware. - Chances are a discussion about the type of hardware you - are looking for took place just last week. + Chances are a discussion about that type of hardware + took place just last week. - If you are looking for a laptop, check the - &a.mobile; archives. Otherwise, you probably want the - archives for the &a.questions;, or possibly a specific + Before purchasing a laptop, check the archives for + &a.mobile; and &a.questions;, or possibly a specific mailing list for a particular hardware type. @@ -1587,9 +1576,8 @@ to be used with PAE are actually usable. A rule of thumb is that if the driver is usable on 64-bit architectures (like AMD64), it is also usable with PAE. - If you wish to create your own kernel configuration - file, you can enable PAE by adding the following line to - your configuration: + When creating a custom kernel configuration + file, PAE can be enabled by adding the following line: options PAE @@ -1729,11 +1717,11 @@ you actually control the changer can be found in the &man.chio.1; manual page. - If you are not using - AMANDA or some other product - that already understands changers, remember that they - only know how to move a tape from one point to another, - so you need to keep track of which slot a tape is in, + While + AMANDA and some other products + already understands changers, other applications + only know how to move a tape from one point to another/ + In this case, keep track of which slot a tape is in and which slot the tape currently in the drive needs to go back to. @@ -1811,7 +1799,7 @@ When the mouse daemon is running, access to the mouse must be coordinated between the mouse daemon and - other programs such as X Windows. Refer to the FAQ + other programs such as X Windows. Refer to the FAQ Why does my mouse not work with X? for more details on this issue. @@ -2003,7 +1991,7 @@ bindkey ^[[3~ delete-char # for xterm

              If it is a problem with part of the base &os; system, it may also be buggy code, but more often than not these problems are found and fixed long before us - general FAQ readers get to use these bits of code + general FAQ readers get to use these bits of code (that is what -CURRENT is for). @@ -2092,7 +2080,7 @@ bindkey ^[[3~ delete-char # for xterm

              - You should also read the SIG11 FAQ (listed below) + You should also read the SIG11 FAQ (listed below) which has excellent explanations of all these problems, albeit from a &linux; viewpoint. It also discusses how memory testing software or hardware can still pass faulty @@ -2102,9 +2090,9 @@ bindkey ^[[3~ delete-char # for xterm

              - There is an extensive FAQ on this at There is an extensive FAQ on this at the SIG11 - problem FAQ. + problem FAQ.               @@ -2120,7 +2108,7 @@ bindkey ^[[3~ delete-char # for xterm

              The &os; developers are very interested in these errors, but need some more information than just the error you see. Copy your full crash message. Then consult the - FAQ section on FAQ section on kernel panics, build a debugging kernel, and get a backtrace. This might sound difficult, but you do not @@ -2180,7 +2168,8 @@ bindkey ^[[3~ delete-char # for xterm

              This is answered in the Sendmail - FAQ as follows. This FAQ is recommended reading + FAQ as follows. This + FAQ is recommended reading when tweaking the mail setup. I'm getting these error messages: @@ -4557,7 +4546,7 @@ options SYSVMSG # enable for You are running a securelevel greater than 0. Lower the securelevel and try again. For - more information, see the FAQ + more information, see the FAQ entry on securelevel and the &man.init.8; manual page. @@ -5665,7 +5654,7 @@ Key F15 A A Menu Wo way the user expects. This behavior is a feature and not a bug.               - See the FAQ about + See the FAQ about redirecting services, the &man.natd.8; manual, or one of the several port redirecting utilities in the Ports @@ -7424,7 +7413,7 @@ hint.sio.7.irq="12" See the Translation - FAQ in the &os; Documentation Project + FAQ in the &os; Documentation Project Primer. @@ -8301,7 +8290,7 @@ panic: page fault We wish to thank every one of the people responsible, and we encourage you to join - them in making this FAQ even better. + them in making this FAQ even better.               &bibliography; From owner-svn-doc-all@FreeBSD.ORG Wed May 14 13:11:29 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 54DE1B43; Wed, 14 May 2014 13:11:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4017C2DF3; Wed, 14 May 2014 13:11:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4EDBTxq031820; Wed, 14 May 2014 13:11:29 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4EDBSjn031817; Wed, 14 May 2014 13:11:28 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405141311.s4EDBSjn031817@svn.freebsd.org> From: Benedict Reuschling Date: Wed, 14 May 2014 13:11:28 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44828 - in head/de_DE.ISO8859-1/books/handbook: advanced-networking introduction X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 May 2014 13:11:29 -0000 Author: bcr Date: Wed May 14 13:11:28 2014 New Revision: 44828 URL: http://svnweb.freebsd.org/changeset/doc/44828 Log: Update to r44011: Switch command tags in screen elements to userinput. Submitted by: Bjoern Heidotting Obtained from: The FreeBSD German Documentation Project Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml head/de_DE.ISO8859-1/books/handbook/introduction/chapter.xml Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed May 14 11:59:36 2014 (r44827) +++ head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed May 14 13:11:28 2014 (r44828) @@ -5,7 +5,7 @@ $FreeBSD$ $FreeBSDde:$ - basiert auf: r43975 + basiert auf: r44011 --> 192.168.1.51IP-Adresse wieder an den Master-Server zurckzugeben: - &prompt.root; ifconfig em0 vhid 1 state -backup + &prompt.root; ifconfig em0 vhid 1 state +backup An dieser Stelle muss entweder das Netzwerk neu gestartet, oder die Machine neu gebootet werden, um @@ -7132,8 +7132,8 @@ backup Die CARP-Schnittstellen selbst knnen mittels &man.ifconfig.8; erstellt werden: - &prompt.root; ifconfig carp0 create - + &prompt.root; ifconfig carp0 +create Konfigurieren Sie Hostnamen, IP-Management-Adresse, die gemeinsam @@ -7172,7 +7172,7 @@ class="ipaddress">192.168.1.51IP-Adresse wieder an den Master-Server zurckzugeben: - &prompt.root; ifconfig carp0 down && ifconfig carp0 up + &prompt.root; ifconfig carp0 down && ifconfig carp0 up Dieser Befehl muss auf dem carp-Gert ausgefhrt werden, dass dem Modified: head/de_DE.ISO8859-1/books/handbook/introduction/chapter.xml ============================================================================== --- head/de_DE.ISO8859-1/books/handbook/introduction/chapter.xml Wed May 14 11:59:36 2014 (r44827) +++ head/de_DE.ISO8859-1/books/handbook/introduction/chapter.xml Wed May 14 13:11:28 2014 (r44828) @@ -29,12 +29,12 @@ Überblick - Herzlichen Dank für Ihr Interesse an &os;! Das folgende + Herzlichen Dank fr Ihr Interesse an &os;! Das folgende Kapitel behandelt verschiedene Aspekte des &os; Projekts wie dessen geschichtliche Entwicklung, seine Ziele oder das Entwicklungsmodell. - Nach dem Durcharbeiten des Kapitels wissen Sie über + Nach dem Durcharbeiten des Kapitels wissen Sie ber folgende Punkte Bescheid: @@ -56,7 +56,7 @@ - Und natürlich woher der Name &os; + Und natrlich woher der Name &os; kommt. @@ -67,16 +67,16 @@ 4.4BSD-Lite - &os; ist ein auf 4.4BSD-Lite basierendes Betriebssystem - für Intel (x86 und &itanium;), AMD64 und Sun &ultrasparc; - Rechner. An Portierungen zu anderen Architekturen wird derzeit + &os; ist ein auf 4.4BSD-Lite basierendes Betriebssystem fr + Intel (x86 und &itanium;), AMD64 und Sun &ultrasparc; Rechner. + An Portierungen zu anderen Architekturen wird derzeit gearbeitet. Mehr zur Geschichte von &os; erfahren Sie in die Geschichte von &os; oder aus den aktuellen Release-Informationen. - Falls Sie das &os; Projekt unterstützen wollen (z.B. mit + Falls Sie das &os; Projekt untersttzen wollen (z.B. mit Quellcode, Hardware- oder Geldspenden), lesen Sie den &os; - unterstützen Artikel. + untersttzen Artikel. Was kann &os;? @@ -86,10 +86,10 @@ - Präemptives Multitasking + Premptives Multitasking - Präemptives Multitasking - mit dynamischer Prioritätsanpassung zum + Premptives Multitasking + mit dynamischer Priorittsanpassung zum reibungslosen und ausgeglichenen Teilen der Systemressourcen zwischen Anwendungen und Anwendern, selbst unter schwerster Last. @@ -100,108 +100,105 @@ Mehrbenutzerbetrieb erlaubt es, viele &os;-Anwender gleichzeitig am System mit verschiedenen Aufgaben arbeiten zu lassen. Beispielsweise - können Geräte wie Drucker oder Bandlaufwerke, - die sich nur schwerlich unter allen Anwendern des Systems - oder im Netzwerk teilen lassen, durch setzen von - Beschränkungen auf Benutzer oder Gruppen wichtige - Systemressourcen vor Überbeanspruchung geschützt - werden. + knnen Gerte wie Drucker oder Bandlaufwerke, die sich + nur schwerlich unter allen Anwendern des Systems oder im + Netzwerk teilen lassen, durch setzen von Beschrnkungen + auf Benutzer oder Gruppen wichtige Systemressourcen vor + Überbeanspruchung geschtzt werden. - StarkeTCP/IP-Netzwerkfähigkeit - TCP/IP-Netzwerkfähigkeit - mit Unterstützung von - Industriestandards wie SCTP, DHCP, NFS, NIS, PPP, - SLIP, IPsec und IPv6. Das bedeutet, Ihr &os;-System kann - in einfachster Weise mit anderen Systemen - interagieren. Zudem kann es als Server-System im - Unternehmen wichtige Aufgaben übernehmen, - beispielsweise als NFS- oder E-Mail-Server oder es kann - Ihren Betrieb durch HTTP- und FTP-Server beziehungsweise - durch Routing und Firewalling Internetfähig - machen. + StarkeTCP/IP-Netzwerkfhigkeit + TCP/IP-Netzwerkfhigkeit + mit Untersttzung von Industriestandards wie + SCTP, DHCP, NFS, NIS, PPP, SLIP, IPsec und IPv6. Das + bedeutet, Ihr &os;-System kann in einfachster Weise mit + anderen Systemen interagieren. Zudem kann es als + Server-System im Unternehmen wichtige Aufgaben + bernehmen, beispielsweise als NFS- oder E-Mail-Server + oder es kann Ihren Betrieb durch HTTP- und FTP-Server + beziehungsweise durch Routing und Firewalling + Internetfhig machen. Speicherschutz Speicherschutz stellt - sicher, dass Anwendungen (oder Anwender) sich - nicht gegenseitig stören. Stürzt eine Anwendung - ab, hat das keine Auswirkung auf andere Prozesse. + sicher, dass Anwendungen (oder Anwender) sich nicht + gegenseitig stren. Strzt eine Anwendung ab, hat das + keine Auswirkung auf andere Prozesse. Der Industriestandard X-Window-System X-Window-System (X11R7) als Industriestandard bietet eine grafische - Benutzeroberfläche (GUI). Minimale Voraussetzung - zur Verwendung ist lediglich eine Grafikkarte und ein + Benutzeroberflche (GUI). Minimale Voraussetzung zur + Verwendung ist lediglich eine Grafikkarte und ein Bildschirm, die beide den VGA-Modus - unterstützen. + untersttzen. - Binärkompatibilität + Binrkompatibilitt Linux - Binärkompatibilität + Binrkompatibilitt SCO - Binärkompatibilität + Binrkompatibilitt SVR4 - Binärkompatibilität + Binrkompatibilitt BSD/OS - Binärkompatibilität + Binrkompatibilitt NetBSD - Binärkompatibilität mit - vielen auf anderen Betriebssystemen erstellten - Programmen wie Linux, SCO, SVR4, BSDI und NetBSD. + Binrkompatibilitt mit vielen auf + anderen Betriebssystemen erstellten Programmen wie Linux, + SCO, SVR4, BSDI und NetBSD. - Tausende zusätzliche leicht zu - portierende Anwendungen sind über die &os; + Tausende zustzliche leicht zu + portierende Anwendungen sind ber die &os; Ports und - Paket-Sammlung verfügbar. Warum - mühselig im Netz nach Software suchen, wenn diese - bereits vorhanden ist? + Paket-Sammlung verfgbar. Warum + mhselig im Netz nach Software suchen, wenn diese bereits + vorhanden ist? + - Tausende zusätzliche leicht zu - portierende Anwendungen sind über das - Internet zu beziehen. &os; ist Quellcode-kompatibel - mit den meisten kommerziellen &unix; Systemen. Daher - bedürfen Anwendungen häufig nur geringer oder - gar keiner Anpassung, um auf einem &os;-System zu - kompilieren. + Tausende zustzliche leicht zu + portierende Anwendungen sind ber das + Internet zu beziehen. &os; ist Quellcode-kompatibel mit + den meisten kommerziellen &unix; Systemen. Daher + bedrfen Anwendungen hufig nur geringer oder gar keiner + Anpassung, um auf einem &os;-System zu kompilieren. Seitenweise anforderbarer virtueller Speicher virtueller - Speicher - und merged VM/buffer cache - -Entwurf bedient effektiv den großen - Speicherhunger mancher Anwendungen bei gleichzeitigem - Aufrechterhalten der Bedienbarkeit des Systems für - weitere Benutzer. + Speicher und merged + VM/buffer cache -Entwurf bedient effektiv den + großen Speicherhunger mancher Anwendungen bei + gleichzeitigem Aufrechterhalten der Bedienbarkeit des + Systems fr weitere Benutzer. SMP Symmetrisches Multi-Processing (SMP) - -Unterstützung für Systeme mit - mehreren CPUs. + -Untersttzung fr Systeme mit mehreren + CPUs. @@ -216,20 +213,20 @@ Ein voller Satz von C und C++ Entwicklungswerkzeugen. Viele - zusätzliche Programmiersprachen für höhere - Wissenschaft und Entwicklung sind in der Ports- und - Packages-Sammlung verfügbar. + zustzliche Programmiersprachen fr hhere Wissenschaft + und Entwicklung sind in der Ports- und Packages-Sammlung + verfgbar. Quellcode Quellcode - für das gesamte System bedeutet - größtmögliche Kontrolle über Ihre - Umgebung. Warum sollte man sich durch proprietäre - Lösungen knebeln und sich auf Gedeih und Verderb der - Gnade eines Herstellers ausliefern, wenn man doch ein - wahrhaft offenes System haben kann? + fr das gesamte System bedeutet + grßtmgliche Kontrolle ber Ihre Umgebung. + Warum sollte man sich durch proprietre Lsungen knebeln + und sich auf Gedeih und Verderb der Gnade eines + Herstellers ausliefern, wenn man doch ein wahrhaft offenes + System haben kann? @@ -247,50 +244,48 @@ Release der Computer Systems Research Group (CSRG) Computer Systems Research Group (CSRG) - der Universität von Kalifornien in - Berkeley und führt die namhafte Tradition der - Entwicklung von BSD-Systemen fort. Zusätzlich zu der - herausragenden Arbeit der CSRG hat das &os; Projekt tausende - weitere Arbeitsstunden investiert, um das System zu - verfeinern und maximale Leistung und Zuverlässigkeit - bei Alltagslast zu bieten. Während viele + der Universitt vn Kalifornien in Berkeley und + fhrt die namhafte Tradition der Entwicklung von BSD-Systemen + fort. Zustzlich zu der herausragenden Arbeit der CSRG hat + das &os; Projekt tausende weitere Arbeitsstunden investiert, + um das System zu verfeinern und maximale Leistung und + Zuverlssigkeit bei Alltagslast zu bieten. Whrend viele kommerzielle Riesen Probleme damit haben, PC-Betriebssysteme mit derartigen Funktionen, Leistungspotential und - Zuverlässigkeit anzubieten, kann &os; damit schon jetzt + Zuverlssigkeit anzubieten, kann &os; damit schon jetzt aufwarten! - Die Anwendungsmöglichkeiten von &os; werden nur - durch Ihre Vorstellungskraft begrenzt. Von - Software-Entwicklung bis zu Produktionsautomatisierung, von - Lagerverwaltung über Abweichungskorrektur bei Satelliten; - Falls etwas mit kommerziellen &unix; Produkten machbar ist, - dann ist es höchstwahrscheinlich auch mit &os; - möglich. &os; profitiert stark von tausenden - hochwertigen Anwendungen aus wissenschaftlichen Instituten und - Universitäten in aller Welt. Häufig sind diese - für wenig Geld oder sogar kostenlos zu bekommen. - Kommerzielle Anwendungen sind ebenso verfügbar und es - werden täglich mehr. - - Durch den freien Zugang zum Quellcode von &os; ist es - in unvergleichbarer Weise möglich, das System für - spezielle Anwendungen oder Projekte anzupassen. Dies ist - mit den meisten kommerziellen Betriebssystemen einfach nicht - möglich. Beispiele für Anwendungen, die unter - &os; laufen, sind: + Die Anwendungsmglichkeiten von &os; werden nur durch + Ihre Vorstellungskraft begrenzt. Von Software-Entwicklung bis + zu Produktionsautomatisierung, von Lagerverwaltung ber + Abweichungskorrektur bei Satelliten; Falls etwas mit + kommerziellen &unix; Produkten machbar ist, dann ist es + hchstwahrscheinlich auch mit &os; mglich. &os; profitiert + stark von tausenden hochwertigen Anwendungen aus + wissenschaftlichen Instituten und Universitten in aller + Welt. Hufig sind diese fr wenig Geld oder sogar kostenlos + zu bekommen. Kommerzielle Anwendungen sind ebenso verfgbar + und es werden tglich mehr. + + Durch den freien Zugang zum Quellcode von &os; ist es in + unvergleichbarer Weise mglich, das System fr spezielle + Anwendungen oder Projekte anzupassen. Dies ist mit den + meisten kommerziellen Betriebssystemen einfach nicht mglich. + Beispiele fr Anwendungen, die unter &os; laufen, + sind: Internet-Dienste: Die robuste - TCP/IP-Implementierung in &os; macht es zu einer - idealen Plattform für verschiedenste - Internet-Dienste, wie zum Beispiel: + TCP/IP-Implementierung in &os; macht es zu einer idealen + Plattform fr verschiedenste Internet-Dienste, wie zum + Beispiel: HTTP-Server Webserver (Standard - oder mit SSL-Verschlüsselung) + oder mit SSL-Verschlsselung) @@ -334,33 +329,30 @@ Bildung: Sind Sie Informatikstudent oder Student eines verwandten Studiengangs? Die praktischen Einblicke in &os; sind die - beste Möglichkeit etwas über Betriebssysteme, + beste Mglichkeit etwas ber Betriebssysteme, Rechnerarchitektur und Netzwerke zu lernen. Einige frei - erhältliche CAD-, mathematische und grafische - Anwendungen sind sehr nützlich, gerade für - diejenigen, deren Hauptinteresse in einem Computer darin - besteht, andere Arbeit zu - erledigen! + erhltliche CAD-, mathematische und grafische Anwendungen + sind sehr ntzlich, gerade fr diejenigen, deren + Hauptinteresse in einem Computer darin besteht, + andere Arbeit zu erledigen! Forschung: Mit dem frei - verfügbaren Quellcode für das gesamte System - bildet &os; ein exzellentes Studienobjekt in der - Disziplin der Betriebssysteme, wie auch in anderen Zweigen - der Informatik. Es ist beispielsweise denkbar, das - räumlich getrennte Gruppen gemeinsam an einer Idee - oder Entwicklung arbeiten. Das Konzept der freien - Verfügbarkeit und -nutzung von &os; - ermöglicht so die freie Verwendung, ohne sich - groß Gedanken über Lizenzbedingungen zu machen - oder aufgrund von Beschränkungen evtl. in einem - offenen Forum bestimmte Dinge nicht diskutieren zu - dürfen. + verfgbaren Quellcode fr das gesamte System bildet &os; + ein exzellentes Studienobjekt in der Disziplin der + Betriebssysteme, wie auch in anderen Zweigen der + Informatik. Es ist beispielsweise denkbar, das rumlich + getrennte Gruppen gemeinsam an einer Idee oder Entwicklung + arbeiten. Das Konzept der freien Verfgbarkeit und + -nutzung von &os; ermglicht so die freie Verwendung, + ohne sich gross Gedanken ber Lizenzbedingungen zu machen + oder aufgrund von Beschrnkungen evtl. in einem offenen + Forum bestimmte Dinge nicht diskutieren zu drfen. - Netzwerkfähigkeit: Brauchen + Netzwerkfhigkeit: Brauchen Sie einen neuen Router? Router Oder einen Name-Server (DNS)? @@ -368,22 +360,21 @@ Eine Firewall zum Schutze Ihres Intranets vor Fremdzugriff? &os; macht aus dem in der Ecke verstaubenden - 386- oder 486-PC im Handumdrehen einen - leistungsfähigen Router mit anspruchsvollen - Paketfilter-Funktionen. + 386- oder 486-PC im Handumdrehen einen leistungsfhigen + Router mit anspruchsvollen Paketfilter-Funktionen. Embedded: &os; ist eine exzellente Plattform, um auf embedded Systemen aufzubauen. embedded - Mit der Unterstützung für die - &arm;-, &mips;- und &powerpc;-Plattformen, verbunden mit - dem robusten Netzwerkstack, aktuellen Neuerungen und der - freizügigen Mit der Untersttzung fr die &arm;-, + &mips;- und &powerpc;-Plattformen, verbunden mit dem + robusten Netzwerkstack, aktuellen Neuerungen und der + freizgigen BSD-Lizenz - stellt &os; eine ausgezeichnete Basis für embedded - Router, Firewalls und andere Geräte dar. + stellt &os; eine ausgezeichnete Basis fr embedded + Router, Firewalls und andere Gerte dar. @@ -397,14 +388,14 @@ KDE - Desktop: &os; ist eine gute Wahl - für kostengünstige X-Terminals mit dem frei - verfügbaren X11-Server. &os; bietet die Auswahl aus - vielen Open Source Desktop Umgebungen, dazu gehören - auch die GNOME und + Desktop: &os; ist eine gute Wahl fr + kostengnstige X-Terminals mit dem frei verfgbaren + X11-Server. &os; bietet die Auswahl aus vielen Open Source + Desktop Umgebungen, dazu gehren auch die + GNOME und KDE GUIs. &os; kann sogar plattenlos booten, was einzelne - Workstations sogar noch günstiger macht und die + Workstations sogar noch gnstiger macht und die Verwaltung erleichtert. @@ -412,20 +403,18 @@ Software-Entwicklung: Das Standard-&os;-System wird mit einem kompletten Satz an Entwicklungswerkzeugen bereitgestellt, unter anderem einem - vollständigen C/C++-Compiler und - -Debugger. Compiler - Entwicklungswerkzeugen. Viele - zusätzliche Programmiersprachen für Wissenschaft - und Entwicklung sind aus der Ports- und Packages-Sammlung - zu haben. + vollstndigen C/C++-Compiler und -Debugger. + Compiler + Entwicklungswerkzeugen. Viele zustzliche + Programmiersprachen fr Wissenschaft und Entwicklung sind + aus der Ports- und Packages-Sammlung zu haben. &os; ist sowohl in Form von Quellcode als auch in - Binärform auf CD-ROM, DVD und über Anonymus FTP - erhältlich. Lesen Sie dazu , - um weitere Informationen zum Bezug von &os; zu - erhalten. + Binrform auf CD-ROM, DVD und ber Anonymus FTP erhltlich. + Lesen Sie dazu , um weitere + Informationen zum Bezug von &os; zu erhalten. Wer verwendet &os;? @@ -435,12 +424,12 @@ Grosse, bekannte &os;-Anwender - &os;s fortgeschrittene Eigenschaften, bewährte - Sicherheit und vorhersehbare Release-Zyklen, genauso wie seine - tolerante Lizenz haben dazu geführt, dass es als - Plattform zum Aufbau vieler kommerzieller und quelloffener - Geräte und Produkte verwendet wird, dazu gehören ein - paar der weltgrössten IT-Unternehmen: + &os;s fortgeschrittene Eigenschaften, bewhrte Sicherheit + und vorhersehbare Release-Zyklen, genauso wie seine tolerante + Lizenz haben dazu gefhrt, dass es als Plattform zum Aufbau + vieler kommerzieller und quelloffener Gerte und Produkte + verwendet wird, dazu gehren ein paar der weltgrssten + IT-Unternehmen: @@ -449,12 +438,11 @@ xlink:href="http://www.apache.org/">Apache Apache - - Die Apache Software Foundation lässt - den Grossteil seiner der Öffentlichkeit - zugänglichen Infrastruktur, inklusive des - möglicherweise grössten SVN-Repositories der - Welt mit über 1,4 Millionen Commits, auf &os; - laufen. + - Die Apache Software Foundation lsst den + Grossteil seiner der Öffentlichkeit zugnglichen + Infrastruktur, inklusive des mglicherweise grssten + SVN-Repositories der Welt mit ber 1,4 Millionen Commits, + auf &os; laufen. @@ -464,9 +452,10 @@ Apple - OS X verwendet viel von &os;s eigenem Netzwerkstack, virtuellem Dateisystem und den - Benutzerumgebungskomponenten für sein eigenes System. + Benutzerumgebungskomponenten fr sein eigenes System. Apple iOS nutzt ebenso Elemente, die es von &os; - übernommen hat. + bernommen hat + + mit der Mchtigkeit der &os;-Shell. Dell KACE Dell KACE - Die KACE Systemmanagement-Appliances nutzen - &os; wegen seiner Zuverlässigkeit, Skalierbarkeit und - Gemeinschaft, welche deren zukünftige - Weiterentwicklung fördert. + &os; wegen seiner Zuverlssigkeit, Skalierbarkeit und + Gemeinschaft, welche deren zuknftige Weiterentwicklung + frdert. @@ -504,11 +493,11 @@ Exchange Experts Exchange - - Alle öffentlich zugänglichen - Webserver werden von &os; betrieben und machen starken - Gebrauch von Jails, ohne den Überhang von - Virtualisierung, um Entwicklungs- und Testumgebung - voneinander zu isolieren. + - Alle ffentlich zugnglichen Webserver + werden von &os; betrieben und machen starken Gebrauch von + Jails, ohne den Überhang von Virtualisierung, um + Entwicklungs- und Testumgebung voneinander zu + isolieren. @@ -529,9 +518,9 @@ xlink:href="http://www.ixsystems.com/">iXsystems iXsystems - Die TrueNAS-Linie von vereinheitlichten - Speicherappliances beruht auf &os;. Zusätzlich zu - deren kommerziellen Produkten, managed iXsystems auch noch - die beiden Open Source Projekte PC-BSD und FreeNAS. + Speicherappliances beruht auf &os;. Zustzlich zu deren + kommerziellen Produkten, managed iXsystems auch noch die + beiden Open Source Projekte PC-BSD und FreeNAS. @@ -539,16 +528,16 @@ xlink:href="http://www.juniper.net/">Juniper Juniper - Das JunOS - Betriebssystem, welches alle Juniper Netzwerkgeräte + Betriebssystem, welches alle Juniper Netzwerkgerte (inklusive Router, Switche, Sicherheits- und Netzwerkappliances) antreibt, verwendet &os; Juniper ist einer der vielen Hersteller, welcher das symbolische - Verhältnis zwischen dem Projekt und dem Hersteller - von kommerziellen Produkten darstellt. Verbesserungen, die + Verhltnis zwischen dem Projekt und dem Hersteller von + kommerziellen Produkten darstellt. Verbesserungen, die Juniper entwickelt hat, werden ebenso in &os; aufgenommen, - um die Komplexität der Integration neuer - Eigenschaften von &os; zurück in zukünftige - JunOS Versionen zu vereinfachen. + um die Komplexitt der Integration neuer Eigenschaften + von &os; zurck in zuknftige JunOS Versionen zu + vereinfachen. @@ -567,7 +556,7 @@ NetApp - Die Data ONTAP GX Reihe von - Speicherappliances basieren auf &os;. Zusätzlich hat + Speicherappliances basieren auf &os;. Zustzlich hat NetApp viele Neuheiten beigesteuert, inklusive des neuen BSD-lizensierten Hypervisors bhyve. @@ -579,12 +568,12 @@ Netflix - Die OpenConnect-Appliance, die Netflix verwendet, um Filme zu seinen Kunden zu streamen basiert - auf &os;. Netflix hat weitreichende Beiträge zum + auf &os;. Netflix hat weitreichende Beitrge zum Quellcode von &os; beigetragen und arbeitet daran, ein - möglichst geringes Delta zur normalen Version - beizubehalten. Netflix OpenConnect-Appliances sind - für mehr als 32% vom gesamten Internetverkehr in - Nordamerika verantwortlich. + mglichst geringes Delta zur normalen Version + beizubehalten. Netflix OpenConnect-Appliances sind fr + mehr als 32% vom gesamten Internetverkehr in Nordamerika + verantwortlich. @@ -592,9 +581,9 @@ xlink:href="http://www.sandvine.com/">Sandvine Sandvine - - Sandvine nutzt &os; as die Basis für - deren Echtzeit Hochgeschwindigkeits-Netzwerkplattform, - welche den Kern deren intelligenter + - Sandvine nutzt &os; as die Basis fr deren + Echtzeit Hochgeschwindigkeits-Netzwerkplattform, welche + den Kern deren intelligenter Netzwerkpolicy-Kontrollprodukte darstellt. @@ -614,10 +603,9 @@ Sophos - Das Sophos Email-Appliance Produkt basiert auf einem abgesicherten &os; und scannt eingehende E-Mail - auf Spam und Viren, während es gleichzeitig - ausgehende Mail auf Schadsoftware und versehentlichen - Versand von vertraulichen Informationen - überwacht. + auf Spam und Viren, whrend es gleichzeitig ausgehende + Mail auf Schadsoftware und versehentlichen Versand von + vertraulichen Informationen berwacht. @@ -625,7 +613,7 @@ xlink:href="http://www.spectralogic.com/">Spectra Logic Spectra Logic - Die nTier Reihe von - archivspeicherfähigen Appliances nutzt &os; und + archivspeicherfhigen Appliances nutzt &os; und OpenZFS. @@ -636,9 +624,9 @@ - Die IntelliStar Appliance, welche am Kopfende eines jeden Kabelversorgers installiert ist und - für das Einspeisen von lokalen Wettervorhersagen in - das Kabelfernsehprogramm verantwortlich ist, läuft - auf &os;. + fr das Einspeisen von lokalen Wettervorhersagen in das + Kabelfernsehprogramm verantwortlich ist, luft auf + &os;. @@ -647,13 +635,13 @@ Verisign - - Verisign ist für den Betrieb der .com - und .net Root-Domainregistries genauso verantwortlich wie - für die dazugehörige DNS-Infrastruktur. Sie - verlassen sich auf einen Reihe von verschiedenen - Netzwerkbetriebssystemen inklusive &os;, um zu - gewährleisten, dass es keine gemeinsame Fehlerstelle - in deren Infrastruktur gibt. + - Verisign ist fr den Betrieb der .com und + .net Root-Domainregistries genauso verantwortlich wie fr + die dazugehrige DNS-Infrastruktur. Sie verlassen sich + auf einen Reihe von verschiedenen Netzwerkbetriebssystemen + inklusive &os;, um zu gewhrleisten, dass es keine + gemeinsame Fehlerstelle in deren Infrastruktur + gibt. @@ -661,11 +649,11 @@ xlink:href="http://www.whatsapp.com/">WhatsApp WhatsApp - - Als WhatsApp eine Plattform benötigte, - die in der Lage ist, mehr als 1 Million gleichzeitiger + - Als WhatsApp eine Plattform bentigte, die + in der Lage ist, mehr als 1 Million gleichzeitiger TCP-Verbindungen pro Server abzuarbeiten, entschied man - sich für &os;. Anschliessend fuhren Sie damit fort, - auf 2,5 Millionen Verbindungen pro Server + sich fr &os;. Anschliessend fuhren Sie damit fort, auf + 2,5 Millionen Verbindungen pro Server hochzuskalieren. @@ -676,11 +664,11 @@ - Die FUDO Sicherheitsappliance erlaubt es Unternehmen, Vertragspartner und Administratoren, die - anderen Systemen arbeiten durchführen, zu - überwachen, zu kontrollieren, aufzuzeichnen und zu - begutachten. Dies basiert auf all den besten - Sicherheitseigenschaften von &os;, inklusive ZFS, GELI, - Capsicum, HAST und auditdistd. + anderen Systemen arbeiten durchfhren, zu berwachen, zu + kontrollieren, aufzuzeichnen und zu begutachten. Dies + basiert auf all den besten Sicherheitseigenschaften von + &os;, inklusive ZFS, GELI, Capsicum, HAST und + auditdistd. @@ -692,7 +680,7 @@ BSD Router BSD Router - - Einen &os;-basierten Ersatz für grosse + - Einen &os;-basierten Ersatz fr grosse Unternehmensrouter, der entwickelt wurde, um auf Standard PC-Hardware zu laufen. @@ -702,14 +690,13 @@ xlink:href="http://www.freenas.org/">FreeNAS FreeNAS - - Ein eigens dafür entworfenes &os; - für den Zweck als Netzwerk-Dateiserver Appliance zu - fungieren. Es enthält eine Python-basierte - Webschnittstelle, um das Management von sowohl UFS- als - auch ZFS-Systemen zu vereinfachen. Enthalten sind NFS, - SMB/CIFS, AFP, FTP und iSCSI. Ebenfalls enthalten ist ein - erweiterteres Plugin-System basierend auf - &os;-Jails. + - Ein eigens dafr entworfenes &os; fr den + Zweck als Netzwerk-Dateiserver Appliance zu fungieren. Es + enthlt eine Python-basierte Webschnittstelle, um das + Management von sowohl UFS- als auch ZFS-Systemen zu + vereinfachen. Enthalten sind NFS, SMB/CIFS, AFP, FTP und + iSCSI. Ebenfalls enthalten ist ein erweiterteres + Plugin-System basierend auf &os;-Jails. @@ -729,7 +716,7 @@ mfsBSD - Eine Sammlung von Werkzeugen zum Erstellen von &os;-Systemimages, welches ausschliesslich im - Hauptspeicher läuft. + Hauptspeicher luft. @@ -748,10 +735,9 @@ PC-BSD - Eine massgeschneiderte Version von &os;, die sich an - Desktop-Benutzern mit graphischen - Oberflächenwerkzeugen orientiert, um die - Mächtigkeit von &os; allen Benutzern zur - Verfügung zu stellen. Entwickelt wurde sie mit dem + Desktop-Benutzern mit graphischen Oberflchenwerkzeugen + orientiert, um die Mchtigkeit von &os; allen Benutzern + zur Verfgung zu stellen. Entwickelt wurde sie mit dem Ziel, den Übergang von Windows- und OS X-Benutzern zu erleichtern. @@ -762,8 +748,8 @@ pfSense - Eine Firewalldistribution basierend auf &os; mit eine grossen - Menge von Fähigkeiten und ausgedehnter - IPv6-Unterstützung. + Menge von Fhigkeiten und ausgedehnter + IPv6-Untersttzung. @@ -781,16 +767,15 @@ ZRouter ZRouter - Eine Open - Source Firmware-Alternative für eingebettete - Geräte, die auf &os; basiert. Entwickelt wurde sie, - um die proprietäre Firmware von Standard-Routern zu + Source Firmware-Alternative fr eingebettete Gerte, die + auf &os; basiert. Entwickelt wurde sie, um die + proprietre Firmware von Standard-Routern zu ersetzen. - &os; wird auch dazu eingesetzt, um einige der - grössten Webseiten des Internets zu betreiben. Dazu - gehören: + &os; wird auch dazu eingesetzt, um einige der grssten + Webseiten des Internets zu betreiben. Dazu gehren: @@ -885,9 +870,9 @@ Über das &os; Projekt Der folgende Abschnitt bietet einige - Hintergrundinformationen zum &os; Projekt, - einschließlich einem kurzen geschichtlichen Abriss, - den Projektzielen und dem Entwicklungsmodell. + Hintergrundinformationen zum &os; Projekt, einschließlich + einem kurzen geschichtlichen Abriss, den Projektzielen und dem + Entwicklungsmodell. Kurzer geschichtlicher Abriss zu &os; @@ -901,76 +886,75 @@ Geschichte - Das &os; Projekt erblickte das Licht der Welt Anfang - 1993 teils als Auswuchs des Unofficial 386BSD + Das &os; Projekt erblickte das Licht der Welt Anfang 1993 + teils als Auswuchs des Unofficial 386BSD Patchkit unter der Regie der letzten drei Koordinatoren des Patchkits: Nate Williams, Rod Grimes und Jordan Hubbard. 386BSD - Das ursprüngliche Ziel war es, einen - zwischenzeitlichen Abzug von 386BSD zu erstellen, um ein - paar Probleme zu beseitigen, die das Patchkit-Verfahren - nicht lösen konnte. Der frühe Arbeitstitel - für das Projekt war 386BSD 0.5 oder - 386BSD Interim als Referenz darauf. + Das ursprngliche Ziel war es, einen zwischenzeitlichen + Abzug von 386BSD zu erstellen, um ein paar Probleme zu + beseitigen, die das Patchkit-Verfahren nicht lsen + konnte. Der frhe Arbeitstitel fr das Projekt war + 386BSD 0.5 oder 386BSD Interim + als Referenz darauf. Jolitz, Bill 386BSD war das Betriebssystem von Bill Jolitz, welches bis - zu diesem Zeitpunkt heftig unter fast einjähriger - Vernachlässigung litt. Als das Patchkit mit jedem - Tag anschwoll und unhandlicher wurde, entschied man sich, Bill - Jolitz zu helfen, indem ein übergangsweise - bereinigter Abzug zur Verfügung - gestellt wurde. Diese Pläne wurden durchkreuzt, als Bill - Jolitz plötzlich seine Zustimmung zu diesem Projekt - zurückzog, ohne einen Hinweis darauf, was - stattdessen geschehen sollte. + zu diesem Zeitpunkt heftig unter fast einjhriger + Vernachlssigung litt. Als das Patchkit mit jedem Tag + anschwoll und unhandlicher wurde, entschied man sich, Bill + Jolitz zu helfen, indem ein bergangsweise + bereinigter Abzug zur Verfgung gestellt + wurde. Diese Plne wurden durchkreuzt, als Bill Jolitz + pltzlich seine Zustimmung zu diesem Projekt zurckzog, + ohne einen Hinweis darauf, was stattdessen geschehen + sollte. Greenman, David Walnut Creek CDROM Das Trio entschied, dass das Ziel sich weiterhin lohnen - würde, selbst ohne die Unterstützung von Bill und so - wurde entschieden, den Namen &os; zu verwenden, der von David - Greenman geprägt wurde. Die anfänglichen Ziele - wurden festgelegt, nachdem man sich mit den momentanen - Benutzern des Systems besprach und abzusehen war, dass das - Projekt die Chance hatte, Realität zu werden, - kontaktierte Jordan Walnut Creek CDROM mit dem Vorhaben, &os;s - Verteilung auch auf diejenigen auszuweiten, die noch keinen - Internetzugang besaßen. Walnut Creek CDROM - unterstützte nicht nur die Idee durch die Verbreitung von - &os; auf CD, sondern ging auch so weit dass es dem Projekt - eine Maschine mit schneller Internetverbindung zur - Verfügung stellte, um damit zu arbeiten. Ohne den von - Walnut Creek bisher nie dagewesenen Grad von Vertrauen in ein, - zur damaligen Zeit, komplett unbekanntes Projekt, wäre es - unwahrscheinlich, dass &os; so weit gekommen wäre, wie es - heute ist. + wrde, selbst ohne die Untersttzung von Bill und so wurde + entschieden, den Namen &os; zu verwenden, der von David + Greenman geprgt wurde. Die anfnglichen Ziele wurden + festgelegt, nachdem man sich mit den momentanen Benutzern des + Systems besprach und abzusehen war, dass das Projekt die + Chance hatte, Realitt zu werden, kontaktierte Jordan Walnut + Creek CDROM mit dem Vorhaben, &os;s Verteilung auch auf + diejenigen auszuweiten, die noch keinen Internetzugang + besaßen. Walnut Creek CDROM untersttzte nicht nur die + Idee durch die Verbreitung von &os; auf CD, sondern ging auch + so weit dass es dem Projekt eine Maschine mit schneller + Internetverbindung zur Verfgung stellte, um damit zu + arbeiten. Ohne den von Walnut Creek bisher nie dagewesenen + Grad von Vertrauen in ein, zur damaligen Zeit, komplett + unbekanntes Projekt, wre es unwahrscheinlich, dass &os; so + weit gekommen wre, wie es heute ist. 4.3BSD-Lite Net/2 U.C. Berkeley 386BSD Free Software Foundation - Die erste auf CD-ROM (und netzweit) verfügbare - Veröffentlichung war &os; 1.0 im Dezember 1993. - Diese basierte auf dem Band der 4.3BSD-Lite - (Net/2) der Universität von Kalifornien in - Berkeley. Viele Teile stammten aus 386BSD und von der Free - Software Foundation. Gemessen am ersten Angebot, war das - ein ziemlicher Erfolg und Sie ließen dem das extrem - erfolgreiche &os; 1.1 im Mai 1994 folgen. + Die erste auf CD-ROM (und netzweit) verfgbare + Verffentlichung war &os; 1.0 im Dezember 1993. Diese + basierte auf dem Band der 4.3BSD-Lite (Net/2) + der Universitt von Kalifornien in Berkeley. Viele Teile + stammten aus 386BSD und von der Free Software Foundation. + Gemessen am ersten Angebot, war das ein ziemlicher Erfolg und + Sie ließen dem das extrem erfolgreiche &os; 1.1 im + Mai 1994 folgen. Novell U.C. Berkeley Net/2 AT&T Zu dieser Zeit formierten sich unerwartete Gewitterwolken - am Horizont, als Novell und die Universität von + am Horizont, als Novell und die Universitt von Kalifornien in Berkeley (UCB) ihren langen Rechtsstreit - über den rechtlichen Status des Berkeley Net/2-Bandes + ber den rechtlichen Status des Berkeley Net/2-Bandes mit einem Vergleich beilegten. Eine Bedingung dieser Einigung war es, dass die UCB große Teile des Net/2-Quellcodes als belastet zugestehen @@ -978,45 +962,43 @@ Code selbst einige Zeit vorher von AT&T bezogen hatte. Im Gegenzug bekam die UCB den Segen von Novell, dass sich das 4.4BSD-Lite-Release bei seiner - endgültigen Veröffentlichung als unbelastet - bezeichnen darf. Alle Net/2-Benutzer sollten auf das neue - Release wechseln. Das betraf auch &os;. Dem Projekt wurde - eine Frist bis Ende Juli 1994 eingeräumt, das auf + endgltigen Verffentlichung als unbelastet bezeichnen + darf. Alle Net/2-Benutzer sollten auf das neue Release + wechseln. Das betraf auch &os;. Dem Projekt wurde eine + Frist bis Ende Juli 1994 eingerumt, das auf Net/2-basierende Produkt nicht mehr zu vertreiben. Unter - den Bedingungen dieser Übereinkunft war es dem - Projekt noch erlaubt ein letztes Release vor diesem - festgesetzten Zeitpunkt herauszugeben. Das war - &os; 1.1.5.1. + den Bedingungen dieser Übereinkunft war es dem Projekt + noch erlaubt ein letztes Release vor diesem festgesetzten + Zeitpunkt herauszugeben. Das war &os; 1.1.5.1. &os; machte sich dann an die beschwerliche Aufgabe, sich - Stück für Stück aus einem neuen und *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Wed May 14 14:16:01 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5819E7C0; Wed, 14 May 2014 14:16:01 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 435A82420; Wed, 14 May 2014 14:16:01 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4EEG1kY060302; Wed, 14 May 2014 14:16:01 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4EEG1oC060301; Wed, 14 May 2014 14:16:01 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405141416.s4EEG1oC060301@svn.freebsd.org> From: Dru Lavigne Date: Wed, 14 May 2014 14:16:01 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44829 - head/en_US.ISO8859-1/books/faq X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 May 2014 14:16:01 -0000 Author: dru Date: Wed May 14 14:16:00 2014 New Revision: 44829 URL: http://svnweb.freebsd.org/changeset/doc/44829 Log: Some more rewording around "you", more to come. Remove booting with NTloader and LILO entries. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/faq/book.xml Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Wed May 14 13:11:28 2014 (r44828) +++ head/en_US.ISO8859-1/books/faq/book.xml Wed May 14 14:16:00 2014 (r44829) @@ -210,11 +210,10 @@ Collection. If an application is only - available on one operating system, you cannot just - replace that operating system. Chances are, there is a - very similar application on &os;, however. If you want a - solid office or Internet server, a reliable workstation, - or just the ability to do your job without interruptions, + available on one operating system, + that operating system cannot just be replaced. Chances are, there is a + very similar application on &os;, however. As a + solid office or Internet server or a reliable workstation, &os; will almost certainly do everything you need. Many computer users across the world, including both novices and experienced &unix; administrators, use &os; as their @@ -984,7 +983,7 @@ a general help channel with many users at any time. The conversations have been known to run off-topic for a while, but priority is given to users with &os; - questions. Other users can help you understand + questions. Other users can help with the basics, referring to the Handbook whenever possible and providing links for learning more about the topic you need help with. This is primarily an @@ -1714,8 +1713,8 @@ &os; supports SCSI changers using the &man.ch.4; device and the &man.chio.1; command. The details of how - you actually control the changer can be found in the - &man.chio.1; manual page. + to control the changer can be found in + &man.chio.1;. While AMANDA and some other products @@ -1749,10 +1748,8 @@ drive. See &man.burncd.8; for details. &os; also supports any SCSI CD-R or CD-RW drives. - Install and use cdrecord from the - ports or packages system, and make sure that you have - the pass device compiled in your - kernel. + Install the sysutils/cdrtools + port or package, then use cdrecord. @@ -1769,8 +1766,8 @@ - If you are using the default console driver, - &man.syscons.4;, you can use a mouse pointer in text + The default console driver, + &man.syscons.4;, provides the ability to use a mouse pointer in text consoles to cut & paste text. Run the mouse daemon, &man.moused.8;, and turn on the mouse pointer in the virtual console: @@ -1788,10 +1785,10 @@ the &man.moused.8; manual page for a list of supported protocol types. - If you have a PS/2 mouse, just add + For a PS/2 mouse, add moused_enable="YES" to /etc/rc.conf to start the mouse - daemon at boot-time. Additionally, if you would like to + daemon at boot time. Additionally, to use the mouse daemon on all virtual terminals instead of just the console, add allscreens_flags="-m on" to @@ -1813,9 +1810,9 @@ It is not possible to remove data using the mouse. - However, it is possible to copy and - paste. - Once you get the mouse daemon running as described in the previous question, hold down button 1 (left button) and move the mouse to select a region of text. Then, press button 2 (middle button) to @@ -1823,8 +1820,8 @@ button) will extend the selected region of text. - If your mouse does not have a middle button, you may - wish to emulate one or remap buttons using mouse daemon + If the mouse does not have a middle button, it is possible + to emulate one or remap buttons using mouse daemon options. See the &man.moused.8; manual page for details. @@ -1858,14 +1855,14 @@ For the Bourne Shell, add - the following lines to your .shrc. + the following lines to ~/.shrc. See &man.sh.1; and &man.editrc.5;. bind ^? ed-delete-next-char # for console bind ^[[3~ ed-delete-next-char # for xterm For the C Shell, add the - following lines to your .cshrc. + following lines to ~/.cshrc. See &man.csh.1;. bindkey ^? delete-char # for console @@ -1935,13 +1932,13 @@ bindkey ^[[3~ delete-char # for xterm

              What happens to the memory that should appear in that - location is dependent on your hardware. Unfortunately, + location is hardware dependent. Unfortunately, some hardware does nothing and the ability to use that last 500 MB of RAM is entirely lost. Luckily, most hardware remaps the memory to a higher location so that it can still be used. However, this can - cause some confusion if you watch the boot + cause some confusion when watching the boot messages. On a 32-bit version of &os;, the memory appears lost, @@ -1971,11 +1968,11 @@ bindkey ^[[3~ delete-char # for xterm

              - Signal 11 errors are caused when your process has + Signal 11 errors are caused when a process has attempted to access memory which the operating system has not granted it access to. If something like this is - happening at seemingly random intervals then you need to - start investigating things very carefully. + happening at seemingly random intervals, + start investigating the cause. These problems can usually be attributed to either: @@ -1983,8 +1980,8 @@ bindkey ^[[3~ delete-char # for xterm

              If the problem is occurring only in a specific - application that you are developing yourself it is - probably a bug in your code. + custom application, it is + probably a bug in the code.                             @@ -1996,103 +1993,97 @@ bindkey ^[[3~ delete-char # for xterm

              - In particular, a dead giveaway that this is - not a &os; bug is if you see the - problem when you are compiling a program, but the activity + It is probably + not a &os; bug if the + problem occurs compiling a program, but the activity that the compiler is carrying out changes each time. - For example, suppose you are running make - buildworld, and the compile fails while trying + For example, if make + buildworld fails while trying to compile ls.c into - ls.o. If you then run make - buildworld again, and the compile fails in the - same place then this is a broken build — try - updating your sources and try again. If the compile fails - elsewhere then this is almost certainly hardware. - - What you should do: + ls.o and, when run again, it fails in the + same place, this is a broken build. Try + updating source and try again. If the compile fails + elsewhere, it is almost certainly due to hardware. - In the first case you can use a debugger e.g., + In the first case, use a debugger such as &man.gdb.1; to find the point in the program which is - attempting to access a bogus address and then fix + attempting to access a bogus address and fix it. - In the second case you need to verify that it is not - your hardware at fault. + In the second case, verify which piece of + hardware is at fault. Common causes of this include: - Your hard disks might be overheating: Check the - fans in your case are still working, as your disk (and - perhaps other hardware might be overheating). + The hard disks might be overheating: Check that the + fans are still working, as the disk and + other hardware might be overheating. The processor running is overheating: This might be because the processor has been overclocked, or the - fan on the processor might have died. In either case - you need to ensure that you have hardware running at + fan on the processor might have died. In either case, + ensure that the hardware is running at what it is specified to run at, at least while trying - to solve this problem (in other words, clock it back + to solve this problem. If it is not, clock it back to the default settings.) - If you are overclocking then note that it is far + Regarding overclocking, it is far cheaper to have a slow system than a fried system that - needs replacing! Also the wider community is not - often sympathetic to problems on overclocked systems, - whether you believe it is safe or not. + needs replacing! Also the community is not + sympathetic to problems on overclocked systems. - Dodgy memory: If you have multiple memory - SIMMS/DIMMS installed then pull them all out and try + Dodgy memory: if multiple memory + SIMMS/DIMMS are installed, pull them all out and try running the machine with each SIMM or DIMM - individually and narrow the problem down to either the + individually to narrow the problem down to either the problematic DIMM/SIMM or perhaps even a combination. - Over-optimistic Motherboard settings: In your BIOS - settings, and some motherboard jumpers you have - options to set various timings, mostly the defaults - will be sufficient, but sometimes, setting the wait + Over-optimistic motherboard settings: the BIOS + settings, and some motherboard jumpers, provide + options to set various timings. The defaults + are often sufficient, but sometimes setting the wait states on RAM too low, or setting the RAM - Speed: Turbo option, or similar in the BIOS + Speed: Turbo option will cause strange behavior. A possible idea is to - set to BIOS defaults, but it might be worth noting - down your settings first! + set to BIOS defaults, after noting + the current settings first. Unclean or insufficient power to the motherboard. - If you have any unused I/O boards, hard disks, or - CD-ROMs in your system, try temporarily removing them - or disconnecting the power cable from them, to see if - your power supply can manage a smaller load. Or try + Remove any unused I/O boards, hard disks, or + CD-ROMs, + or disconnect the power cable from them, to see if + the power supply can manage a smaller load. Or try another power supply, preferably one with a little - more power (for instance, if your current power supply - is rated at 250 Watts try one rated at - 300 Watts). + more power. For instance, if the current power supply + is rated at 250 Watts, try one rated at + 300 Watts.               - You should also read the SIG11 FAQ (listed below) - which has excellent explanations of all these problems, - albeit from a &linux; viewpoint. It also discusses how + Read the section on Signal 11 + for a further explanation and a discussion on how memory testing software or hardware can still pass faulty - memory. - - Finally, if none of this has helped it is possible - that you have just found a bug in &os;, and you should - follow the instructions to send a problem report. - - There is an extensive FAQ on this at FAQ on this at the SIG11 problem FAQ. + + Finally, if none of this has helped, it is possibly + a bug in &os;. + Follow these instructions + to send a problem report. @@ -2105,21 +2096,21 @@ bindkey ^[[3~ delete-char # for xterm

              - The &os; developers are very interested in these - errors, but need some more information than just the error - you see. Copy your full crash message. Then consult the + The &os; developers are interested in these + errors, but need more information than just the error + message. Copy the full crash message. Then consult the FAQ section on kernel panics, build a debugging kernel, and get a - backtrace. This might sound difficult, but you do not - need any programming skills; you just have to follow the + backtrace. This might sound difficult, but does not require + any programming skills. Just follow the instructions. - Why do I get the error maxproc limit + What is the meaning of the error maxproc limit exceeded by uid %i, please see tuning(7) and login.conf(5)? @@ -2130,31 +2121,30 @@ bindkey ^[[3~ delete-char # for xterm

              kern.maxusers &man.sysctl.8; variable. kern.maxusers also affects various other in-kernel limits, such as network buffers. - If your machine is heavily loaded, you probably want to + If the machine is heavily loaded, increase kern.maxusers. This will increase these other system limits in addition to the maximum number of processes.               - To adjust your kern.maxusers value, + To adjust the kern.maxusers value, see the File/Process - Limits section of the Handbook. (While that + Limits section of the Handbook. While that section refers to open files, the same limits apply to - processes.) + processes. - If the machine is lightly loaded and you are - running a very large number of processes, you can adjust - this with the kern.maxproc tunable. If - this tunable needs adjustment it needs to be defined in + If the machine is lightly loaded but + running a very large number of processes, adjust + the kern.maxproc tunable by defining it in /boot/loader.conf. The tunable will not get adjusted until the system is rebooted. For more information about tuning tunables, see &man.loader.conf.5;. If these processes are being run by - a single user, you will also need to adjust + a single user, adjust kern.maxprocperuid to be one less than - your new kern.maxproc value. (It must + the new kern.maxproc value. It must be at least one less because one system program, - &man.init.8;, must always be running.) + &man.init.8;, must always be running. @@ -2196,7 +2186,7 @@ to /etc/mail/sendmail.cf. - The remote machine may be setting your terminal type + The remote machine may be setting the terminal type to something other than the cons25 terminal type required by the &os; console. @@ -2215,9 +2205,9 @@ to /etc/mail/sendmail.cf. Use a VT100 emulator like screen at the &os; console. - screen offers you the + screen provides the ability to run multiple concurrent sessions from one - terminal, and is a neat program in its own right. + terminal. Each screen window behaves like a VT100 terminal, so the TERM variable at the remote end should be set to @@ -2228,8 +2218,8 @@ to /etc/mail/sendmail.cf.Install the cons25 terminal database entry on the remote machine. The way to do this depends on the operating system on the remote - machine. The system administration manuals for the - remote system should be able to help you here. + machine. Refer to the system administration manuals for the + remote system. @@ -2267,29 +2257,28 @@ to /etc/mail/sendmail.cf. - The remedy: if the problem occurs whenever you connect - from your computer (the client) to any server, the problem - is with the client; likewise, if the problem only occurs - when someone connects to your computer (the server) the + The remedy: if the problem occurs whenever connecting + the client computer to any server, the problem + is with the client. If the problem only occurs + when someone connects to the server computer, the problem is with the server. If the problem is with the client, the only remedy is to fix the DNS so the server can resolve it. If this is on a local network, consider it a server problem and keep - reading; conversely, if this is on the global Internet, - you will most likely need to contact your ISP and ask them - to fix it for you. - - If the problem is with the server, and this is on a - local network, you need to configure the server to be able - to resolve address-to-hostname queries for your local - address range. See the &man.hosts.5; and &man.named.8; - manual pages for more information. If this is on the - global Internet, the problem may be that your server's + reading. If this is on the Internet, + contact your ISP. + + If the problem is with the server on a + local network, configure the server + to resolve address-to-hostname queries for the local + address range. See &man.hosts.5; and &man.named.8; + for more information. If this is on the + Internet, the problem may be that the local server's resolver is not functioning correctly. To check, try to - look up another host — say, + look up another host such as www.yahoo.com. If it does not - work, that is your problem. + work, that is the problem. Following a fresh install of &os;, it is also possible that domain and name server information is missing from @@ -2298,7 +2287,7 @@ to /etc/mail/sendmail.cf.UseDNS is set to yes by default in /etc/ssh/sshd_config. If this is - causing the problem, you will either need to fill in the + causing the problem, either fill in the missing information in /etc/resolv.conf or set UseDNS to no in @@ -2314,8 +2303,8 @@ to /etc/mail/sendmail.cf. - This error message indicates you have exhausted the - number of available file descriptors on your system. + This error message indicates that the + number of available file descriptors have been exhausted on the system. Refer to the kern.maxfiles section of the /var/log/messages and in the output - of dmesg. Otherwise, check your cables + of dmesg. Otherwise, check the cables and connections. @@ -2434,8 +2423,8 @@ kern.timecounter.hardware: TSC -> i82 &man.witness.4; is conservative. A true positive report does not mean that a system is dead-locked; instead it should be understood as a warning - of the form if you were unlucky, a deadlock would - have happened here. + that a deadlock could + have happened here. Problematic LORs tend to get @@ -2493,7 +2482,7 @@ kern.timecounter.hardware: TSC -> i82 This error does not mean that the &man.touch.1; utility is missing. The error is instead probably due to the dates of the files being set sometime in the future. - If your CMOS-clock is set to local time, run + If the CMOS clock is set to local time, run adjkerntz -i to adjust the kernel clock when booting into single-user mode. @@ -2526,21 +2515,11 @@ kern.timecounter.hardware: TSC -> i82 of release in also included in the ports/ directory. - We also support the concept of a - package, essentially no more than a - compressed binary distribution with a little extra - intelligence embedded in it for doing whatever custom - installation work is required. A package can be installed - and uninstalled again easily without having to know the - gory details of which files it includes. - - Use &man.pkg.7; on the specific package files you are - interested in installing. Package files can usually be - identified by their .txz suffix and - CD-ROM distribution people will have a - packages/All directory on their CD - which contains such files. They can also be downloaded - over the net for various versions of &os;. + &os; supports + packages, which provide a + compressed binary distribution. Package can be installed + and uninstalled again easily. On &os;, + &man.pkg.7; to install packages. @@ -2555,20 +2534,24 @@ kern.timecounter.hardware: TSC -> i82 - Use portsnap for most use cases. - - - Use SVN directly if you need custom patches to the - ports tree. - - - Use CTM if you prefer getting patches by email - (this is a rarer use case). + Use portsnap for most use cases. Refer to Using + the Ports Collection for instructions on how to + use this tool. + + + Use SVN if custom patches to the + ports tree are needed. Refer to Using + Subversion for details. + + + Use CTM, as described in Using + CTM to receive patches by + email over an unreliable Internet connection. - - Any other method should be considered a legacy method. - If you do not already use them, do not start. @@ -2592,14 +2575,13 @@ kern.timecounter.hardware: TSC -> i82 - If you are running a &os; version that lags + If the installed &os; version lags significantly behind -CURRENT or - -STABLE, you may need to update your - Ports Collection; see the Keeping - Up section of the Porter's Handbook for further - information on how to do this. If you are up to date, - then someone might have committed a change to the port + -STABLE, update the + Ports Collection using the instructions in Using + the Ports Collection. If the system is up-to-date, + someone might have committed a change to the port which works for -CURRENT but which broke the port for -STABLE. Submit a bug report with the &man.send-pr.1; @@ -2616,8 +2598,8 @@ kern.timecounter.hardware: TSC -> i82 - First, always make sure that you have a complete - up-to-date Ports Collection. Errors that affect building + First, make sure that the + Ports Collection is up-to-date. Errors that affect building INDEX from an up-to-date copy of the Ports Collection are high-visibility and are thus almost always fixed immediately. @@ -2656,11 +2638,10 @@ kern.timecounter.hardware: TSC -> i82 - By all means! While a recent system will run with - software compiled under an older release, you will end up - with things randomly crashing and failing to work once you - start installing other ports or updating a portion of what - you already have. + Yes! While a recent system will run with + software compiled under an older release, + things will randomly crash and fail to work once + other ports are installed or updated. When the system is upgraded, various shared libraries, loadable modules, and other parts of the system will be @@ -2717,10 +2698,10 @@ kern.timecounter.hardware: TSC -> i82 shells have. That is why other more featureful shells like bash, scsh, &man.tcsh.1;, and zsh are available. - (You can compare for yourself the memory utilization of - all these shells by looking at the VSZ and + You can compare the memory utilization of + these shells by looking at the VSZ and RSS columns in a ps -u - listing.) + listing. @@ -2772,13 +2753,12 @@ kern.timecounter.hardware: TSC -> i82 - Short answer: it is not possible. + Short answer: no. - Longer answer: if you have made any changes using - pkg converting back is non-trivial and + Longer answer: converting back is non-trivial and requires lots of manual editing of internal package - database files. However, if you have just run - pkg2ng then you may remove + database files. However, if + pkg2ng has just been run, remove /var/db/pkg/local.sqlite and extract /var/backups/pkgdb.bak.tbz. @@ -2806,9 +2786,9 @@ kern.timecounter.hardware: TSC -> i82 installed to the /boot/kernel directory along with its modules, while the old kernel and its modules will be moved to the - /boot/kernel.old directory, so if - you make a mistake the next time you play with your - configuration you can boot the previous version of your + /boot/kernel.old directory. If + a mistake is made in the + configuration, simply boot the previous version of the kernel. @@ -2829,12 +2809,12 @@ kern.timecounter.hardware: TSC -> i82 running a debug kernel, and it is useful to keep one around in case of a system panic. - However, if you are running low on disk space, there + However, when running low on disk space, there are different options to reduce the size of /boot/kernel/. - If you do not want the symbol files to be installed, - make sure you have the following line present in + To not install the symbol files, + make sure the following line exists in /etc/src.conf: WITHOUT_KERNEL_SYMBOLS=yes @@ -2846,44 +2826,42 @@ kern.timecounter.hardware: TSC -> i82 - You do not have a line in your kernel - configuration file that reads: + This line does not exist in the kernel + configuration file: makeoptions DEBUG=-g - You are not running &man.config.8; with + Do not run &man.config.8; with . - Either of the above settings will cause your kernel to - be built in debug mode. As long as you make sure you - follow the steps above, you can build your kernel - normally. + Either of the above settings will cause the kernel to + be built in debug mode. - If you want only the modules you use to be built and - installed, make sure you have a line like below in + To build and install only the specified modules, list + them in /etc/make.conf: MODULES_OVERRIDE= accf_http ipfw Replace accf_httpd ipfw with a - list of modules you need. Only these modules will be - built. This does not only reduce the size of the kernel - directory but also decreases the amount of time needed to - build your kernel. For more information see + list of needed modules. Only the listed modules will be + built. This reduces the size of the kernel + directory and decreases the amount of time needed to + build the kernel. For more information, read /usr/share/examples/etc/make.conf. - You can also remove unneeded devices from your kernel + Unneeded devices can be removed from the kernel to further reduce the size. See for more information. - To put any of these options into effect you will have + To put any of these options into effect, follow the instructions to build - and install your new kernel. + and install the new kernel. Most kernels (/boot/kernel/kernel) tend to be @@ -2899,45 +2877,38 @@ kern.timecounter.hardware: TSC -> i82 There are a number of possible causes for this - problem. They are, in no particular order: + problem: - You are not using the make - buildkernel and make - installkernel targets, and your source + The source tree is different from the one used to build the - currently running system (e.g., you are compiling - &rel.current;-RELEASE on a &rel2.current;-RELEASE - system). If you are attempting an upgrade, + currently running system. When attempting an upgrade, read /usr/src/UPDATING, paying particular attention to the COMMON ITEMS section at the end. - You are using the make - buildkernel and make - installkernel targets, but you failed to - assert the completion of the make - buildworld target. The make + The make + buildkernel command did not complete + successfuly. The make buildkernel target relies on files generated by the make buildworld target to complete its job correctly. - Even if you are trying to build Even when building &os;-STABLE, it is possible - that you fetched the source tree at a time when it was - either being modified, or broken for other reasons; - only releases are absolutely guaranteed to be + that the source tree was fetched at a time when it was + either being modified or it was broken. + Only releases are guaranteed to be buildable, although &os;-STABLE builds fine the - majority of the time. If you have not already done - so, try re-fetching the source tree and see if the - problem goes away. Try using a different server in - case the one you are using is having problems. + majority of the time. Try re-fetching the source tree and see if the + problem goes away. Try using a different mirror in + case the previous one is having problems.               @@ -2945,7 +2916,7 @@ kern.timecounter.hardware: TSC -> i82 - How can I verify which scheduler is in use on a + Which scheduler is in use on a running system? @@ -2997,38 +2968,37 @@ kern.sched.name: ULE - The best way is to reinstall the OS on the new disk, + The best way is to reinstall the operating system on the new disk, then move the user data over. This is highly recommended - if you have been tracking -STABLE for - more than one release, or have updated a release instead - of installing a new one. You can install booteasy on both - disks with &man.boot0cfg.8;, and dual boot them until you + when tracking -STABLE for + more than one release or when updating a release instead + of installing a new one. Install booteasy on both + disks with &man.boot0cfg.8; and dual boot until you are happy with the new configuration. Skip the next paragraph to find out how to move the data after doing this. Alternatively, partition and label the new disk with either &man.sade.8; or &man.gpart.8;. If the disks are - MBR-formatted, you can also install booteasy on both disks - with &man.boot0cfg.8;, so that you can dual boot to the + MBR-formatted, booteasy can be installed on both disks + with &man.boot0cfg.8; so that the computer can dual boot to the old or new system after the copying is done. - Now you have the new disk set up, and are ready to - move the data. Unfortunately, you cannot just blindly - copy the data. Things like device files (in - /dev), flags, and links tend to screw - that up. You need to use tools that understand these - things, which means &man.dump.8;. Although it is - suggested that you move the data in single-user mode, it + Once the new disk set up, + the data cannot just be copied. Instead, use tools that + understand device files and syste flags, such as + &man.dump.8;. Although it is recommended + to move the data while in single-user mode, it is not required. - You should never use anything but &man.dump.8; and - &man.restore.8; to move the root file system. The - &man.tar.1; command may work — then again, it may - not. You should also use &man.dump.8; and &man.restore.8; - if you are moving a single partition to another empty + When the disks are formatted with + UFS, never use anything but &man.dump.8; and + &man.restore.8; to move the root file system. These + commands should also be used when + moving a single partition to another empty partition. The sequence of steps to use - dump to move a partitions data to a new + dump to move the data from one + UFS partitions to a new partition is: @@ -3051,17 +3021,16 @@ kern.sched.name: ULE - For example, if you are going to move root to - /dev/ada1s1a, with - /mnt as the temporary mount point, it - is: + For example, to move + /dev/ada1s1a with + /mnt as the temporary mount point, type: &prompt.root; newfs /dev/ada1s1a &prompt.root; mount /dev/ada1s1a /mnt &prompt.root; cd /mnt &prompt.root; dump 0af - / | restore rf - - Rearranging your partitions with + Rearranging partitions with dump takes a bit more work. To merge a partition like /var into its parent, create the new partition large enough for both, move the @@ -3105,7 +3074,7 @@ kern.sched.name: ULE - Short answer: you can usually use Soft Updates safely + Short answer: Soft Updates can usually be safely used on all partitions. Long answer: Soft Updates has two characteristics @@ -3119,17 +3088,15 @@ kern.sched.name: ULE thirty seconds to write changes to the physical disk. When a large file is deleted the file still resides on disk until the kernel actually performs the deletion. - This can cause a very simple race condition. Suppose you - delete one large file and immediately create another large - file. The first large file is not yet actually removed + This can cause a very simple race condition. Suppose + one large file is deleted and another large file is immediately created. + The first large file is not yet actually removed from the physical disk, so the disk might not have enough - room for the second large file. You get an error that the - partition does not have enough space, although you know - perfectly well that you just released a large chunk of - space! When you try again mere seconds later, the file - creation works as you expect. This has left more than one - user scratching his head and doubting his sanity, the &os; - file system, or both. + room for the second large file. This will produce an error that the + partition does not have enough space, even though + a large chunk of + space has just been released. A few seconds later, the file + creation works as expected. If a system should crash after the kernel accepts a chunk of data for writing to disk, but before that data is @@ -3143,15 +3110,14 @@ kern.sched.name: ULE rarely. If the system crashed during the thirty-second window after such a change is made, it is possible that data could be lost. This risk is negligible for most - applications, but you should be aware that it exists. If - your system cannot tolerate this much risk, do not use + applications, but be aware that it exists. If + the system cannot tolerate this much risk, do not use Soft Updates on the root file system! / is traditionally one of the - smallest partitions. If you put the - /tmp directory on - / and you have a busy - /tmp, you might see intermittent + smallest partitions. If + /tmp is on + /, there may be intermittent space problems. Symlinking /tmp to /var/tmp will solve this problem. @@ -3241,10 +3207,10 @@ kern.sched.name: ULE The secondary DOS partitions are found after all the primary partitions. For - example, if you have an E partition as the + example, if E is the second DOS partition on the second SCSI drive, there will be a device file for slice 5 in - /dev, so mount it: + /dev. To mount it: &prompt.root; mount -t msdosfs /dev/da1s5 /dos/e @@ -3256,8 +3222,8 @@ kern.sched.name: ULE - Yes. You can use either &man.gbde.8; or &man.geli.8;, - see the Yes, &man.gbde.8; and &man.geli.8;. + See the Encrypting Disk Partitions section of the &os; Handbook. @@ -3265,116 +3231,6 @@ kern.sched.name: ULE - - How can I use the &windowsnt; loader to boot - &os;? - - - - The general idea is that you copy the first sector of - your native root &os; partition into a file in the - DOS/&windowsnt; partition. Assuming you name that file - something like c:\bootsect.bsd - (inspired by c:\bootsect.dos), you - can then edit c:\boot.ini to come up - with something like this: - - [boot loader] -timeout=30 -default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS -[operating systems] -multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows NT" -C:\BOOTSECT.BSD="&os;" -C:\="DOS" - - If &os; is installed on the same disk as the - &windowsnt; boot partition, copy - /boot/boot1 to - C:\BOOTSECT.BSD. However, if &os; is - installed on a different disk - /boot/boot1 will not work, *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Wed May 14 15:19:15 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 198FACC3; Wed, 14 May 2014 15:19:15 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 054DC29FB; Wed, 14 May 2014 15:19:15 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4EFJESd087862; Wed, 14 May 2014 15:19:14 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4EFJEVJ087861; Wed, 14 May 2014 15:19:14 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405141519.s4EFJEVJ087861@svn.freebsd.org> From: Dru Lavigne Date: Wed, 14 May 2014 15:19:14 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44830 - head/en_US.ISO8859-1/books/faq X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 May 2014 15:19:15 -0000 Author: dru Date: Wed May 14 15:19:14 2014 New Revision: 44830 URL: http://svnweb.freebsd.org/changeset/doc/44830 Log: More rewording around "you" usage. Remove question about shosts. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/faq/book.xml Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Wed May 14 14:16:00 2014 (r44829) +++ head/en_US.ISO8859-1/books/faq/book.xml Wed May 14 15:19:14 2014 (r44830) @@ -933,13 +933,12 @@ If the file is compressed, tar will automatically - detect the appropriate format and decompress it correctly. - You will be left with a collection of + detect the appropriate format and decompress it correctly, + resulting in a collection of .html files. The main one is called index.html, which will contain the table of contents, introductory material, and links to the - other parts of the document. You can then copy or move - these to their final location as necessary. + other parts of the document. @@ -950,7 +949,7 @@ - You can find full information in the Refer to the Handbook entry on mailing-lists and the Handbook @@ -986,7 +985,7 @@ questions. Other users can help with the basics, referring to the Handbook whenever possible and providing links for learning more about - the topic you need help with. This is primarily an + a particular topic. This is primarily an English speaking channel, though it does have users from all over the world. Non-native English speakers should try to ask the question in @@ -1208,18 +1207,18 @@ - Using the DOS copy command (or - equivalent GUI tool) to transfer the boot image to + Using the DOS copy command or + equivalent GUI tool to transfer the boot image to floppy. Programs like copy will not work as the boot image has been created to be booted into directly. The image has the complete content of the floppy, track for track, and is not meant to be - placed on the floppy as a regular file. You have to - transfer it to the floppy raw, using - the low-level tools (e.g., fdimage - or rawrite) described in the raw, using + fdimage + or rawrite as described in the installation guide to &os;. @@ -2195,7 +2194,7 @@ to /etc/mail/sendmail.cf. - After logging on to the remote machine, set your + After logging on to the remote machine, set the TERM shell variable to ansi or sco if the remote machine knows about these terminal @@ -2321,7 +2320,7 @@ to /etc/mail/sendmail.cf. - Your computer has two or more clocks, and &os; has + The computer has two or more clocks, and &os; has chosen to use the wrong one. Run &man.dmesg.8;, and check for lines that contain @@ -2334,7 +2333,7 @@ Timecounter "ACPI-fast" frequency 357954 Timecounter "TSC" frequency 2998570050 Hz quality 800 Timecounters tick every 1.000 msec - You can confirm this by checking the + Confirm this by checking the kern.timecounter.hardware &man.sysctl.3;. @@ -2361,7 +2360,7 @@ kern.timecounter.hardware: ACPI-fast&prompt.root; sysctl kern.timecounter.hardware=i8254 kern.timecounter.hardware: TSC -> i8254 - Your computer should now start keeping more accurate + The computer should now start keeping more accurate time. To have this change automatically run at boot time, @@ -2624,8 +2623,8 @@ kern.timecounter.hardware: TSC -> i82 &os; does not include a port upgrading tool, but it does have some tools to make the upgrade process somewhat - easier. You can also install additional tools to simplify - port handling, see the Upgrading Ports section in the &os; Handbook. @@ -2698,7 +2697,7 @@ kern.timecounter.hardware: TSC -> i82 shells have. That is why other more featureful shells like bash, scsh, &man.tcsh.1;, and zsh are available. - You can compare the memory utilization of + Compare the memory utilization of these shells by looking at the VSZ and RSS columns in a ps -u listing. @@ -3059,9 +3058,8 @@ kern.sched.name: ULE &prompt.root; cd /mnt &prompt.root; dump 0af - / | restore rf - - You might prefer &man.cpio.1;, &man.pax.1;, - &man.tar.1; to &man.dump.8; for user data. At the time of - this writing, these are known to lose file flag + The &man.cpio.1; and &man.pax.1; utilities are also available + for moving user data. These are known to lose file flag information, so use them with caution. @@ -3232,26 +3230,28 @@ kern.sched.name: ULE - How do I boot &os; and &linux; using GRUB? + How do I boot &os; and &linux; using + GRUB? - Booting &os; using GRUB is very simple. Just add the - following to your configuration file - /boot/grub/menu.lst (or - /boot/grub/grub.conf in some systems, - e.g., Red Hat Linux and its derivatives). + To boot &os; using GRUB, add the + following to either + /boot/grub/menu.lst or + /boot/grub/grub.conf, depending upon + which is used by the &linux; distribution. - title &os; 6.1 + title &os; 9.1 root (hd0,a) kernel /boot/loader - Where hd0,a points to your - root partition on the first disk. If you need to specify - which slice number should be used, use something like this + Where hd0,a points to the + root partition on the first disk. To specify + the slice number, use something like this (hd0,2,a). By default, if the - slice number is omitted, GRUB searches the first slice - which has a partition. + slice number is omitted, GRUB + searches the first slice + which has the a partition. @@ -3267,11 +3267,9 @@ kern.sched.name: ULE then boot LILO from BootEasy. - If you are running &windows; and &linux; this is - recommended anyway, to make it simpler to get &linux; - booting again if you should need to reinstall &windows; - (which is a Jealous Operating System, and will bear no - other Operating Systems in the Master Boot Record). + This is recommended when running &windows; and &linux; as it + makes it simpler to get &linux; + booting again if &windows; is reinstalled. @@ -3283,29 +3281,29 @@ kern.sched.name: ULE - You can not do that with the standard boot manager + This can not be accomplished with the standard boot manager without rewriting it. There are a number of other boot - managers in the sysutils ports - category that provide this functionality. + managers in the sysutils category of the Ports + Collection. - I have a new removable drive, how do I use it? + How do I use a new removable drive? - If the drive already has a file system on it, you can + If the drive already has a file system on it, use a command like this: &prompt.root; mount -t msdosfs /dev/da0s1 /mnt - If the drive will only be used with &os; systems it is - better idea to stick a BSD file system on it, like UFS or - ZFS. You will get long filename support, at least a 2X - improvement in performance, and a lot more stability. If - the drive will be used by other operating systems a more + If the drive will only be used with &os; systems, + partition it with UFS or + ZFS. This will provide long filename support, + improvement in performance, and stability. If + the drive will be used by other operating systems, a more portable choice, such as msdosfs, is better. &prompt.root; dd if=/dev/zero of=/dev/da0 count=2 @@ -3332,15 +3330,13 @@ kern.sched.name: ULE Why do I get Incorrect super - block when mounting a CD-ROM? + block when mounting a CD? - You have to tell &man.mount.8; the type of the device - that you want to mount. This is described in the Handbook - section on optical media, specifically the - section The type of device + to mount must be specified. This is described in the Handbook + section on Using Data CDs. @@ -3349,12 +3345,12 @@ kern.sched.name: ULE Why do I get Device not - configured when mounting a CD-ROM? + configured when mounting a CD? - This generally means that there is no CD-ROM in the - CD-ROM drive, or the drive is not visible on the bus. + This generally means that there is no CD in the + drive, or the drive is not visible on the bus. Refer to the Using Data CDs section of the Handbook for a detailed @@ -3369,12 +3365,9 @@ kern.sched.name: ULE - Your CD-ROM probably uses the Joliet + The CD probably uses the Joliet extension for storing information about files and - directories. This is discussed in the Handbook chapter on - creating - and using CD-ROMs, specifically the section on + directories. This is discussed in the Handbook section on Using Data CD-ROMs. @@ -3383,17 +3376,14 @@ kern.sched.name: ULE - I burned a CD under &os; and now I can not read it + A CD burned under &os; can not be read under any other operating system. Why? - You most likely burned a raw file to your CD, rather + This means a raw file was burned to the CD, rather than creating an ISO 9660 file system. Take a look - at the Handbook - chapter on creating CD-ROMs, particularly the - section on Using Data CDs. @@ -3422,13 +3412,13 @@ kern.sched.name: ULE - If you try to mount an audio CD, you will get an error + Trying to mount an audio CD will produce an error like cd9660: /dev/acd0c: Invalid argument. This is because mount only works on file systems. Audio CDs do not have file systems; they just have data. - You need a program that reads audio CDs, such as the - audio/xmcd port. + Instead, use a program that reads audio CDs, such as the + audio/xmcd package or port. @@ -3440,8 +3430,8 @@ kern.sched.name: ULE By default, &man.mount.8; will attempt to mount the - last data track (session) of a CD. If you would like to - load an earlier session, you must use the + last data track (session) of a CD. To + load an earlier session, use the command line argument. Refer to &man.mount.cd9660.8; for specific examples. @@ -3495,7 +3485,7 @@ kern.sched.name: ULE The device name used in the previous examples must - be changed according to your configuration. + be changed according to the configuration. @@ -3508,8 +3498,7 @@ kern.sched.name: ULE - You need to understand what du and - df really do. du + This is due to how these commands actually work. du goes through the directory tree, measures how large each file is, and presents the totals. df just asks the file system how much space it has left. @@ -3517,26 +3506,23 @@ kern.sched.name: ULE directory entry will affect df but not du. - When a program is using a file, and you delete the - file, the file is not really removed from the file system + When a program is using a file, and the file is deleted, + the file is not really removed from the file system until the program stops using it. The file is immediately - deleted from the directory listing, however. You can see - this easily enough with a program such as - more. Assume you have a file large + deleted from the directory listing, however. As an example, + consider a file that is large enough that its presence affects the output of - du and df. (Since - disks can be so large today, this might be a - very large file!) If you delete this - file while using more on it, + du and df. If this file is deleted + while using more on it, more does not immediately choke and complain that it cannot view the file. The entry is removed from the directory so no other program or - user can access it. du shows that it - is gone — it has walked the directory tree and the + user can access it. However, du shows that it + is gone as it has walked the directory tree and the file is not listed. df shows that it is still there, as the file system knows that more is still using that space. Once - you end the more session, + the more session ends, du and df will agree. @@ -3550,8 +3536,8 @@ kern.sched.name: ULE this from happening, set up &man.newsyslog.8;. Note that Soft Updates can delay the freeing of disk - space; you might need to wait up to 30 seconds for the - change to be visible! + space and it can take up to 30 seconds for the + change to be visible. @@ -3561,12 +3547,9 @@ kern.sched.name: ULE - In the Configuration - and Tuning section of the Handbook, you will find - a section - describing how to do this. + This sectionof the Handbook + describes how to do this. @@ -3602,7 +3585,7 @@ kern.sched.name: ULE root user. &man.df.1; does not count that space when calculating the Capacity column, so it can exceed 100%. - Also, you will notice that the Blocks + Notice that the Blocks column is always greater than the sum of the Used and Avail columns, usually by a factor of 8%. @@ -3677,7 +3660,7 @@ kern.sched.name: ULE By default, ZFS stores the ZIL in the pool with all - the data. If your application has a heavy write load, + the data. If an application has a heavy write load, storing the ZIL in a separate device that has very fast synchronous, sequential write performance can improve overall system. For other workloads, a SSD is unlikely @@ -3741,7 +3724,7 @@ kern.sched.name: ULE This could happen because the pool is 100% full. ZFS requires space on the disk to write transaction metadata. To restore the pool to a usable state, - truncate a file you want to delete. + truncate the file to delete: &prompt.user; truncate -s 0 unimportant-file @@ -3798,19 +3781,18 @@ kern.sched.name: ULE The primary configuration file is - /etc/defaults/rc.conf (see - &man.rc.conf.5;). System startup scripts such as + /etc/defaults/rc.conf which is described in + &man.rc.conf.5;. System startup scripts such as /etc/rc and - /etc/rc.d (see &man.rc.8;) just + /etc/rc.d, which are described in &man.rc.8;, include this file. Do not edit this - file! Instead, if there is any entry in - /etc/defaults/rc.conf that you want - to change, you should copy the line into + file! Instead, to edit an entry in + /etc/defaults/rc.conf, copy the line into /etc/rc.conf and change it there. - For example, if you wish to start &man.named.8;, the - included DNS server, all you need to do is: + For example, if to start &man.named.8;, the + included DNS server: &prompt.root; echo 'named_enable="YES"' >> /etc/rc.conf @@ -3843,46 +3825,18 @@ kern.sched.name: ULE - This is normally caused by editing the system crontab - (/etc/crontab) and then using - &man.crontab.1; to install it: - - &prompt.root; crontab /etc/crontab - - This is not the correct way to do things. The system - crontab has a different format to the per-user crontabs - which &man.crontab.1; updates (the &man.crontab.5; manual - page explains the differences in more detail). - - If this is what you did, the extra crontab is a - copy of /etc/crontab in the wrong - format it. Delete it with the command: - - &prompt.root; crontab -r + This is normally caused by editing the system crontab. + This is not the correct way to do things as the system + crontab has a different format to the per-user crontabs. + The system + crontab has an extra field, specifying which user to run + the command as. &man.cron.8; assumes this user is the + first word of the command to execute. Since no such + command exists, this error message is displayed. - Next time, when you edit - /etc/crontab, you should not do - anything to inform &man.cron.8; of the changes, since it - will notice them automatically. - - If you want something to be run once per day, week, or - month, it is probably better to add shell scripts - /usr/local/etc/periodic, and let the - &man.periodic.8; command run from the system - cron schedule it with the other - periodic system tasks. + To delete the extra, incorrect crontab: - The actual reason for the error is that the system - crontab has an extra field, specifying which user to run - the command as. In the default system crontab provided - with &os;, this is root for all entries. - When this crontab is used as the root user's crontab (which - is not the same as the system - crontab), &man.cron.8; assumes the string - root is the first word of the command - to execute, but no such command exists. + &prompt.root; crontab -r @@ -3895,18 +3849,14 @@ kern.sched.name: ULE - This is a security feature. To su - to root (or any - other account with superuser privileges), you must be in + This is a security feature. In order to su + to root, or any + other account with superuser privileges, the user account must be a member of the wheel group. If this feature were not there, anybody with an account on a system who also found out root's password would be - able to gain superuser level access to the system. With - this feature, this is not strictly true; &man.su.1; will - prevent them from even trying to enter the password if - they are not in wheel. + able to gain superuser level access to the system. To allow someone to su to root, put @@ -3937,23 +3887,23 @@ kern.sched.name: ULE -urw / to re-mount the root file system in read/write mode. You may also need to run mount -a -t ufs to mount the file system where your - favorite editor is defined. If your favorite editor is on - a network file system, you will need to either configure - the network manually before you can mount network file + favorite editor is defined. If that editor is on + a network file system, either configure + the network manually before you mounting the network file systems, or use an editor which resides on a local file system, such as &man.ed.1;. - If you intend to use a full screen editor such as - &man.vi.1; or &man.emacs.1;, you may also need to run + In order to use a full screen editor such as + &man.vi.1; or &man.emacs.1;, run export TERM=xterm on &os; 9.0+, or export TERM=cons25 on &os; 8.X so that these editors can load the correct data from the &man.termcap.5; database. - Once you have performed these steps, you can edit - /etc/rc.conf as you usually would to + After performing these steps, edit + /etc/rc.conf to fix the syntax error. The error message displayed - immediately after the kernel boot messages should tell you + immediately after the kernel boot messages should indicate the number of the line in the file which is at fault. @@ -3967,16 +3917,7 @@ kern.sched.name: ULE See the Handbook - entry on printing. It should cover most of your - problem. - - Some printers require a host-based driver to do any - kind of printing. These so-called - WinPrinters are not natively supported by - &os;. If your printer does not work in DOS or &windows;, - it is probably a WinPrinter. Your only hope of getting - one of these to work is to check if the - print/pnm2ppa port supports it. + entry on printing for troubleshooting tips. @@ -4003,10 +3944,10 @@ kern.sched.name: ULE - It is possible that your kernel is not configured - to use quotas. If this is the case, you will need to - add the following line to your kernel configuration - file and recompile: + It is possible that the kernel is not configured + to use quotas. In this case, + add the following line to the kernel configuration + file and recompile the kernel: options QUOTA @@ -4074,13 +4015,13 @@ kern.sched.name: ULE sysvsem.ko and sysvmsg.ko kernel modules, or enabled in the custom kernel by adding the following lines - to your kernel config: + to the kernel configuration file: options SYSVSHM # enable shared memory options SYSVSEM # enable for semaphores options SYSVMSG # enable for messaging - Recompile and install your kernel. + Recompile and install the kernel. @@ -4094,25 +4035,13 @@ options SYSVMSG # enable for The sendmail server is the default mail-server software for &os;, but - you can easily replace it with one of the other MTA (for - instance, an MTA installed from the ports). - - There are various alternative MTAs in the ports tree - already, with mail/exim, - mail/postfix, - mail/qmail, and - mail/zmailer being some of the most - popular choices. - - Diversity is nice, and the fact that you have many - different mail-servers to chose from is considered a good - thing; therefore try to avoid asking questions like - Is sendmail better than - qmail? in the mailing - lists. If you do feel like asking, first check the - mailing list archives. The advantages and disadvantages - of each and every one of the available MTAs have already - been discussed a few times. + it can be replaced with another + MTA installed from the Ports Collection. Available ports + include mail/exim, + mail/postfix, and + mail/qmail. Search the mailing lists + for discussions regarding the advantages and disadvantages + of the available MTAs. @@ -4128,9 +4057,9 @@ options SYSVMSG # enable for boot -s at the Boot: prompt to enter single-user mode. At the question about the shell to use, hit - Enter. You will be dropped to a + Enter which will display a &prompt.root; prompt. Enter mount - -urw / to remount your root file system + -urw / to remount the root file system read/write, then run mount -a to remount all the file systems. Run passwd root to change the root password when entering the single-user mode, it means that the console has been marked as insecure in - /etc/ttys. In this case it will be + /etc/ttys. In this case, it will be required to boot from a &os; installation disk, choose the Live CD or Shell at the beginning of the install process and issue the commands mentioned above. - You will need to mount the specific partition in this + Mount the specific partition in this case and then chroot to it. For example, replace mount -urw / with mount /dev/ada0p1 /mnt; chroot /mnt for a system on @@ -4155,11 +4084,10 @@ options SYSVMSG # enable for - If you cannot mount your root partition from + If the root partition can not be mounted from single-user mode, it is possible that the partitions are encrypted and it is impossible to mount them without the - access keys. Your chances depend on the chosen - implementation. For more information see the section + access keys. For more information see the section about encrypted disks in the &os; Handbook. @@ -4174,8 +4102,8 @@ options SYSVMSG # enable for - If you are using &man.syscons.4; (the default console - driver) build and install a new kernel with the line in + When using &man.syscons.4;, the default console + driver, build and install a new kernel with this line in the configuration file: options SC_DISABLE_REBOOT @@ -4188,9 +4116,8 @@ options SYSVMSG # enable for The above two methods are exclusive: The - &man.sysctl.8; does not exist if you compile your kernel - with the SC_DISABLE_REBOOT - option. + &man.sysctl.8; does not exist if the kernel is compiled + with SC_DISABLE_REBOOT. @@ -4211,8 +4138,7 @@ options SYSVMSG # enable for with the original file stored with a .bak extension. - Alternatively you can use the &man.tr.1; - command: + Alternatively, use &man.tr.1;: &prompt.user; tr -d '\r' < dos-text-file > unix-file @@ -4319,17 +4245,17 @@ options SYSVMSG # enable for - Short answer: You are probably at security level + Short answer: the security level is greater than 0. Reboot directly to single-user mode to install the kernel. Long answer: &os; disallows changing system flags at - security levels greater than 0. You can check your - security level with the command: + security levels greater than 0. To check the current + security level: &prompt.root; sysctl kern.securelevel - You cannot lower the security level; you have to boot + The security level can not be lowered in multi-user mode, so boot to single-user mode to install the kernel, or change the security level in /etc/rc.conf then reboot. See the &man.init.8; manual page for details on @@ -4347,19 +4273,19 @@ options SYSVMSG # enable for - Short answer: You are probably at security level + Short answer: the system is at a security level greater than 1. Reboot directly to single-user mode to change the date. Long answer: &os; disallows changing the time by more - that one second at security levels greater than 1. You - can check your security level with the command: + that one second at security levels greater than 1. To + check the security level: &prompt.root; sysctl kern.securelevel - You cannot lower the security level; you have to boot - to single-user mode to change the date, or change the - security level in /etc/rc.conf then + The security level can not be lowered in multi-user mode. Either boot + to single-user mode to change the date or change the + security level in /etc/rc.conf and reboot. See the &man.init.8; manual page for details on securelevel, and see /etc/defaults/rc.conf and the @@ -4400,7 +4326,7 @@ options SYSVMSG # enable for - You are running a securelevel greater than 0. + The system is running a securelevel greater than 0. Lower the securelevel and try again. For more information, see the FAQ entry on securelevel and the &man.init.8; manual @@ -4409,41 +4335,6 @@ options SYSVMSG # enable for - - Why does SSH authentication - through .shosts not work by default - in recent versions of &os;? - - - - The reason why .shosts - authentication does not work by default in more recent - versions of &os; is because &man.ssh.1; is not installed - suid root by - default. To fix this, you can do one of - the following: - - - - As a permanent fix, set - ENABLE_SUID_SSH to - true in - /etc/make.conf then rebuild and - reinstall &man.ssh.1;. - - - - As a temporary fix, change the mode on - /usr/bin/ssh to - 4555 by running chmod 4555 - /usr/bin/ssh as root. - - - - - - What is vnlru? From owner-svn-doc-all@FreeBSD.ORG Wed May 14 15:52:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9E374E98; Wed, 14 May 2014 15:52:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 804152D8F; Wed, 14 May 2014 15:52:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4EFqNfj005778; Wed, 14 May 2014 15:52:23 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4EFqN8e005777; Wed, 14 May 2014 15:52:23 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405141552.s4EFqN8e005777@svn.freebsd.org> From: Dru Lavigne Date: Wed, 14 May 2014 15:52:23 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44831 - head/en_US.ISO8859-1/books/faq X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 May 2014 15:52:23 -0000 Author: dru Date: Wed May 14 15:52:23 2014 New Revision: 44831 URL: http://svnweb.freebsd.org/changeset/doc/44831 Log: More rewording around "you". Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/faq/book.xml Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Wed May 14 15:19:14 2014 (r44830) +++ head/en_US.ISO8859-1/books/faq/book.xml Wed May 14 15:52:23 2014 (r44831) @@ -3262,7 +3262,7 @@ kern.sched.name: ULE - Install LILO at the start of your &linux; boot + Install LILO at the start of the &linux; boot partition instead of in the Master Boot Record. You can then boot LILO from BootEasy. @@ -3889,7 +3889,7 @@ kern.sched.name: ULE -a -t ufs to mount the file system where your favorite editor is defined. If that editor is on a network file system, either configure - the network manually before you mounting the network file + the network manually before mounting the network file systems, or use an editor which resides on a local file system, such as &man.ed.1;. @@ -4343,7 +4343,7 @@ options SYSVMSG # enable for vnlru flushes and frees vnodes when the system hits the kern.maxvnodes limit. This kernel thread sits mostly idle, and only - activates if you have a huge amount of RAM and are + activates when there is a huge amount of RAM and users are accessing tens of thousands of tiny files. @@ -4443,8 +4443,7 @@ options SYSVMSG # enable for - What is /var/empty? I can not - delete it! + What is /var/empty? @@ -4453,14 +4452,8 @@ options SYSVMSG # enable for separation. The /var/empty directory is empty, owned by root and has the - schg flag set. - - Although it is not recommended to delete this - directory, to do so you will need to unset the - schg flag first. See the - &man.chflags.1; manual page for more information (and bear - in mind the answer to the - question on unsetting the schg flag). + schg flag set. This directory should + not be deleted. @@ -4472,7 +4465,7 @@ options SYSVMSG # enable for - To see what &man.newsyslog.8; will do use the + To see what &man.newsyslog.8; will do, use the following: &prompt.user; newsyslog -nrvv @@ -4509,8 +4502,8 @@ options SYSVMSG # enable for Foundation administers the X protocol standards, with the current reference - implementation, version 11 release &xorg.version;, so you - will often see references shortened to + implementation, version 11 release &xorg.version;, so + references are often shortened to X11. Many implementations are available for different @@ -4560,7 +4553,7 @@ options SYSVMSG # enable for - Your system is probably running at a raised + The system is probably running at a raised securelevel. It is not possible to start X at a raised securelevel because X requires write access to &man.io.4;. For more @@ -4582,20 +4575,20 @@ options SYSVMSG # enable for - If you are using &man.syscons.4; (the default console - driver), you can configure &os; to support a mouse pointer + When using &man.syscons.4;, the default console + driver, &os; can be configured to support a mouse pointer on each virtual screen. To avoid conflicting with X, &man.syscons.4; supports a virtual device called /dev/sysmouse. All mouse events received from the real mouse device are written to the - &man.sysmouse.4; device via &man.moused.8;. To use your + &man.sysmouse.4; device via &man.moused.8;. To use the mouse on one or more virtual consoles, and use X, see and set up &man.moused.8;. Then edit /etc/X11/xorg.conf and - make sure you have the following lines: + make sure the following lines exist: Section "InputDevice" Option "Protocol" "SysMouse" @@ -4635,19 +4628,12 @@ options SYSVMSG # enable for - Yes. - - You need to tell X that you have a 5 button mouse. To + Yes, if you configure X for a 5 button mouse. To do this, add the lines Buttons 5 and ZAxisMapping 4 5 to the InputDevice section of - /etc/X11/xorg.conf. For example, you - might have the following InputDevice - section in /etc/X11/xorg.conf. - - - <quote>InputDevice</quote> Section for Wheeled - Mouse in &xorg; Configuration File + /etc/X11/xorg.conf, as seen in this + example: Section "InputDevice" Identifier "Mouse1" @@ -4657,16 +4643,14 @@ options SYSVMSG # enable for Option "Buttons" "5" Option "ZAxisMapping" "4 5" EndSection - - - <quote>.emacs</quote> Example for Naive Page - Scrolling with Wheeled Mouse (optional) + To use the mouse in + Emacs, also add the following + lines to~/.emacs: ;; wheel mouse (global-set-key [mouse-4] 'scroll-down) (global-set-key [mouse-5] 'scroll-up) - @@ -4677,23 +4661,20 @@ EndSection - Yes, you will have to configure a few things to make + Yes, after configuring a few things to make it work. - If you plan to use the Xorg synaptics driver you - must remove moused_enable from - rc.conf. Xorg can not use the - synaptics mouse if the moused already sits on - /dev/psm0. + In order to use the Xorg synaptics driver, + first remove moused_enable from + rc.conf. - To enable synaptics in the &man.psm.4; driver you need - to add the following into + To enable synaptics, add the following line to /boot/loader.conf: hw.psm.synaptics_support="1" - You also need the following into - xorg.conf: + Add the following to + /etc/X11/xorg.conf: Section "InputDevice" Identifier "Touchpad0" @@ -4733,27 +4714,26 @@ EndSection - Virtual consoles enable you to have + Virtual consoles provide several simultaneous sessions on the same machine without doing anything complicated like setting up a network or running X. When the system starts, it will display a login prompt on the monitor after displaying all the boot messages. - You can then type in your login name and password and - start working (or playing!) on the first virtual + Type in your login name and password to + start working on the first virtual console. - At some point, you will probably wish to start another + To start another session, perhaps to look at documentation for a program - you are running or to read your mail while waiting for an - FTP transfer to finish. Just do AltF2 - (hold down Alt and press - F2), and you will find a login prompt - waiting for you on the second virtual - console! When you want to go back to the - original session, do Alt and press + F2. This will display the login prompt + for the second virtual + console. To go back to the + original session, press AltF1. The default &os; installation has eight virtual @@ -4766,10 +4746,10 @@ EndSection and so on will switch between these virtual consoles. - To enable more of them, edit + To enable more of virtual consoles, edit /etc/ttys (see &man.ttys.5;) and add entries for ttyv8 to - ttyvc after the comment on + ttyvc, after the comment on Virtual terminals: # Edit the existing entry for ttyv8 in /etc/ttys and change @@ -4779,63 +4759,34 @@ ttyv9 "/usr/libexec/getty Pc" ttyva "/usr/libexec/getty Pc" xterm on secure ttyvb "/usr/libexec/getty Pc" xterm on secure - Use as many or as few as you want. The more virtual - terminals you have, the more resources that are used; this - can be important if you have 8 MB RAM or less. You - may also want to change the secure to + The more virtual + terminals, the more resources that are used. This can be + problematic on systems with 8 MB RAM or less. Consider + changing secure to insecure. Versions of &os; prior to 9.0 used the cons25 terminal type, and not - xterm. Existing entries in - /etc/ttys can be used on which to - base new additions. + xterm. Use the format of existing entries in + when adding entries to /etc/ttys. - If you want to run an X server you - must leave at least one virtual - terminal unused (or turned off) for it to use. That is - to say that if you want to have a login prompt pop up - for all twelve of your Alt-function keys, you are out of - luck — you can only do this for eleven of them if - you also want to run an X server on the same - machine. + In order to run an X server, at least one virtual + terminal must be left to off for it to use. This + means that only eleven of the Alt-function keys can be + used as virtual consoles so that one is left for the + X server. - The easiest way to disable a console is by turning it - off. For example, if you had the full 12 terminal - allocation mentioned above and you wanted to run X, you - would change settings for virtual terminal 12 from: - - ttyvb "/usr/libexec/getty Pc" xterm on secure - - to: + For example, to run X and eleven virtual consoles, the + setting for virtual terminal 12 should be: ttyvb "/usr/libexec/getty Pc" xterm off secure - If your keyboard has only ten function keys, you would - end up with: - - ttyv9 "/usr/libexec/getty Pc" xterm off secure -ttyva "/usr/libexec/getty Pc" xterm off secure -ttyvb "/usr/libexec/getty Pc" xterm off secure - - (You could also just delete these lines.) - - Next, the easiest (and cleanest) way to activate the - virtual consoles is to reboot. However, if you really do - not want to reboot, you can just shut down the X Window - system and execute (as root): - - &prompt.root; kill -HUP 1 - - It is imperative that you completely shut down X - Window if it is running, before running this command. If - you do not, your system will probably appear to hang or - lock up after executing kill. + The easiest way to activate the + virtual consoles is to reboot. @@ -4851,20 +4802,19 @@ ttyvb "/usr/libexec/getty Pc" action="simul">CtrlAltF1 would return you to the first virtual console. - Once you are back to a text console, you can then use + Once at a text console, use AltFn - as normal to move between them. + to move between them. - To return to the X session, you must switch to the - virtual console running X. If you invoked X from the - command line, (e.g., using startx) then + To return to the X session, switch to the + virtual console running X. If X was started from the + command line using startx, the X session will attach to the next unused virtual console, not the text console from which it was invoked. - If you have eight active virtual terminals then X will be - running on the ninth, and you would use AltF9 - to return. + For eight active virtual terminals, X will + run on the ninth, so use AltF9. @@ -4903,12 +4853,12 @@ ttyvb "/usr/libexec/getty Pc" this is to have the script sleep 10 seconds or so then launch xdm. - If you are to start xdm from + When starting xdm from /etc/ttys, there still is a chance of conflict between xdm and &man.getty.8;. One way to avoid this is to add the vt number in - /usr/local/lib/X11/xdm/Xservers + /usr/local/lib/X11/xdm/Xservers: :0 local /usr/local/bin/X vt4 @@ -4927,7 +4877,7 @@ ttyvb "/usr/libexec/getty Pc" - If you start X with + When X is started with startx, the permissions on /dev/console will not get changed, resulting in things @@ -4959,18 +4909,12 @@ ttyvb "/usr/libexec/getty Pc" - Your mouse and the mouse driver may have somewhat - become out of synchronization. - - In rare cases the driver may erroneously report - synchronization problem and you may see the kernel - message: + The mouse and the mouse driver may have + become out of synchronization. In rare cases, the driver may also erroneously report + synchronization errors: psmintr: out of sync (xxxx != yyyy) - and notice that your mouse does not work - properly. - If this happens, disable the synchronization check code by setting the driver flags for the PS/2 mouse driver to 0x100. This can be easiest achieved @@ -4986,11 +4930,10 @@ ttyvb "/usr/libexec/getty Pc" - Run the command - xmodmap -e "pointer = 3 2 1". - You add the above command to - .xinitrc or - .xsession to make it happen + Type + xmodmap -e "pointer = 3 2 1". Add this command to + ~/.xinitrc or + ~/.xsession to make it happen automatically. @@ -5017,11 +4960,11 @@ ttyvb "/usr/libexec/getty Pc" - Yes. All you need to do is use &man.xmodmap.1; to - define what function you wish them to perform. + Yes. Use &man.xmodmap.1; to + define which functions the keys should perform. - Assuming all Windows keyboards are - standard then the keycodes for these three keys are the + Assuming all Windows keyboards are + standard, the keycodes for these three keys are the following: @@ -5051,7 +4994,7 @@ ttyvb "/usr/libexec/getty Pc" &prompt.root; xmodmap -e "keycode 115 = comma" To have the Windows key-mappings - enabled automatically every time you start X either put + enabled automatically every time X is started, either put the xmodmap commands in ~/.xinitrc or, preferably, create a ~/.xmodmaprc and include the @@ -5061,31 +5004,29 @@ ttyvb "/usr/libexec/getty Pc" xmodmap $HOME/.xmodmaprc - For example, you could map the 3 keys to be + For example, to map the 3 keys to be F13, F14, and F15, respectively. This would make it easy to map them to useful functions within applications - or your window manager, as demonstrated further - down. + or the window manager. - To do this put the following in + To do this, put the following in ~/.xmodmaprc. keycode 115 = F13 keycode 116 = F14 keycode 117 = F15 - If you use the x11-wm/fvwm2 port, - for example, you could map the keys so that - F13 iconifies (or de-iconifies) the + For the x11-wm/fvwm2 desktop manager, + one could map the keys so that + F13 iconifies or de-iconifies the window the cursor is in, F14 brings the window the cursor is in to the front or, if it is already at the front, pushes it to the back, and F15 pops up the main Workplace - (application) menu even if the cursor is not on the - desktop, which is useful if you do not have any part of - the desktop visible (and the logo on the key matches its - functionality). + menu even if the cursor is not on the + desktop, which is useful when no part of + the desktop is visible. The following entries in ~/.fvwmrc implement the @@ -5105,8 +5046,8 @@ Key F15 A A Menu Wo The availability of 3D acceleration depends on the - version of &xorg; that you are using and the type of video - chip you have. If you have an nVidia chip, you can use + version of &xorg; and the type of video + chip. For an nVidia chip, use the binary drivers provided for &os; by installing one of the following ports: From owner-svn-doc-all@FreeBSD.ORG Wed May 14 19:58:51 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6EBEB24D; Wed, 14 May 2014 19:58:51 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5A9C32459; Wed, 14 May 2014 19:58:51 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4EJwpuf024028; Wed, 14 May 2014 19:58:51 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4EJwp64024027; Wed, 14 May 2014 19:58:51 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405141958.s4EJwp64024027@svn.freebsd.org> From: Dru Lavigne Date: Wed, 14 May 2014 19:58:51 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44832 - head/en_US.ISO8859-1/books/faq X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 May 2014 19:58:51 -0000 Author: dru Date: Wed May 14 19:58:50 2014 New Revision: 44832 URL: http://svnweb.freebsd.org/changeset/doc/44832 Log: More rewording around "you". Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/faq/book.xml Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Wed May 14 15:52:23 2014 (r44831) +++ head/en_US.ISO8859-1/books/faq/book.xml Wed May 14 19:58:50 2014 (r44832) @@ -4628,7 +4628,7 @@ options SYSVMSG # enable for - Yes, if you configure X for a 5 button mouse. To + Yes, if X is configured for a 5 button mouse. To do this, add the lines Buttons 5 and ZAxisMapping 4 5 to the InputDevice section of @@ -5146,8 +5146,8 @@ Key F15 A A Menu Wo xlink:href="&url.books.handbook;/userppp.html">Handbook entry on user PPP. - If you are using kernel-mode PPP or have an Ethernet - connection to the Internet, you need to use &man.natd.8;. + If the + connection to the Internet is over Ethernet, use &man.natd.8;. A tutorial can be found in the natd section of the Handbook. @@ -5176,10 +5176,10 @@ Key F15 A A Menu Wo - Yes. If you want to use NAT over a user PPP + Yes. For instructions on how to use NAT over a PPP connection, see the Handbook - entry on user PPP. If you want to use NAT over + entry on PPP. To use NAT over some other sort of network connection, look at the natd @@ -5205,7 +5205,7 @@ Key F15 A A Menu Wo &prompt.root; ifconfig ed0 alias 172.16.141.5 netmask 0xffffff00 - You can read more about this in the &os; More information can be found in the &os; Handbook. @@ -5249,23 +5249,11 @@ Key F15 A A Menu Wo - &os; supports multicast host operations by default. - If you want your box to run as a multicast router, you - need to recompile your kernel with the - MROUTING option and run - &man.mrouted.8;. &os; will start &man.mrouted.8; at boot - time if the flag mrouted_enable is set - to YES in - /etc/rc.conf. - - - In recent &os; releases, the &man.mrouted.8; - multicast routing daemon, the &man.map-mbone.8; and - &man.mrinfo.8; utilities have been removed from the base - system. These programs are now available in the &os; - Ports Collection as - net/mrouted. - + Install the net/mrouted package + or port and add + mrouted_enable="YES" to + /etc/rc.conf start this service at + boot time. @@ -5289,25 +5277,25 @@ Key F15 A A Menu Wo - If you have compiled your kernel with the - IPFIREWALL option, you need to be aware + If the kernel is compiled with the + IPFIREWALL option, be aware that the default policy is to deny all packets that are not explicitly allowed. - If you had unintentionally misconfigured your system - for firewalling, you can restore network operability by - typing the following while logged in as If the firewall is unintentionally misconfigured, + restore network operability by + typing the following as root: &prompt.root; ipfw add 65534 allow all from any to any - You can also set + Consider setting firewall_type="open" in /etc/rc.conf. - For further information on configuring a &os; + For further information on configuring this firewall, see the Handbook + xlink:href="&url.books.handbook;/firewalls-ipfw.html">Handbook chapter. @@ -5320,11 +5308,11 @@ Key F15 A A Menu Wo - Possibly because you want to do network address - translation (NAT) and not just forward packets. A - fwd rule does exactly what it says; it - forwards packets. It does not actually change the data - inside the packet. Say we have a rule like: + Possibly because network address + translation (NAT) is needed instead of just forwarding packets. A + fwd rule only + forwards packets, it does not actually change the data + inside the packet. Consider this rule: 01000 fwd 10.0.0.1 from any to foo 21 @@ -5332,9 +5320,9 @@ Key F15 A A Menu Wo foo arrives at the machine with this rule, the packet is forwarded to 10.0.0.1, but it still has the - destination address of foo! + destination address of foo. The destination address of the packet is - not changed to + not changed to 10.0.0.1. Most machines would probably drop a packet that they receive with a destination address that is not their own. Therefore, @@ -5357,10 +5345,11 @@ Key F15 A A Menu Wo - You can redirect FTP (and other service) request with - the sysutils/socket port. - Replace the service's command line to call - socket instead, like so: + FTP and other service requests can be redirected with + the sysutils/socket package or port. + Replace the entry for the service in /etc/inetd.conf to call + socket, as seen in this example for + ftpd: ftp stream tcp nowait nobody /usr/local/bin/socket socket ftp.example.com ftp @@ -5394,9 +5383,9 @@ Key F15 A A Menu Wo - You are running a program that requires the Berkeley - Packet Filter (&man.bpf.4;), but it is not in your kernel. - Add this to your kernel config file and build a new + The running application requires the Berkeley + Packet Filter (&man.bpf.4;), but it was removed from a custom kernel. + Add this to the kernel config file and build a new kernel: device bpf # Berkeley Packet Filter @@ -5426,9 +5415,9 @@ Key F15 A A Menu Wo - This is the kernel telling you that some activity is - provoking it to send more ICMP or TCP reset (RST) - responses than it thinks it should. ICMP responses are + This kernel message indicates that some activity is + provoking it to send a large amount of ICMP or TCP reset (RST) + responses. ICMP responses are often generated as a result of attempted connections to unused UDP ports. TCP resets are generated as a result of attempted connections to unopened TCP ports. Among @@ -5449,27 +5438,26 @@ Key F15 A A Menu Wo - The first number in the message tells you how many + The first number in the message indicates how many packets the kernel would have sent if the limit was not in - place, and the second number tells you the limit. You can - control the limit using the - net.inet.icmp.icmplim sysctl variable - like this, where 300 is the limit in + place, and the second indicates the limit. This limit + is controlled using + net.inet.icmp.icmplim. This example + sets the limit to 300 packets per second: &prompt.root; sysctl net.inet.icmp.icmplim=300 - If you do not want to see messages about this in your - log files, but you still want the kernel to do response - limiting, you can use the - net.inet.icmp.icmplim_output sysctl - variable to disable the output like this: + To disable these messages + without disabling response + limiting, use + net.inet.icmp.icmplim_output + to disable the output: &prompt.root; sysctl net.inet.icmp.icmplim_output=0 - Finally, if you want to disable response limiting, you - can set the net.inet.icmp.icmplim - sysctl variable (see above for an example) to + Finally, to disable response limiting completely, + set net.inet.icmp.icmplim to 0. Disabling response limiting is discouraged for the reasons listed above. @@ -5482,13 +5470,13 @@ Key F15 A A Menu Wo - This means that some device on your local Ethernet is + This means that some device on the local Ethernet is using a MAC address in a format that &os; does not recognize. This is probably caused by someone experimenting with an Ethernet card somewhere else on the - network. You will see this most commonly on cable modem + network. This is most commonly seen on cable modem networks. It is harmless, and should not affect the - performance of your &os; machine. + performance of the &os; system. @@ -5529,14 +5517,14 @@ Key F15 A A Menu Wo into the process from being able to break into the wider system. - The process is said to be able to - play inside the walls. That is, - nothing the process does in regards to executing code - is supposed to be able to breech the walls so you do - not have to do a detailed audit of its code to be able + The process is be able to + run inside the walls. + Since nothing the process does in regards to executing code + is supposed to be able to breech the walls, + a detailed audit of its code is not needed in order to be able to say certain things about its security. - The walls might be a user ID, for example. + The walls might be a user ID, for example. This is the definition used in the &man.security.7; and &man.named.8; man pages. @@ -5645,14 +5633,11 @@ Key F15 A A Menu Wo enabled. The securelevel of a running system can not be - lowered as this would defeat its purpose. If you need - to do a task that requires that the securelevel be - non-positive (e.g., an - installworld or changing the - date), you will have to change the securelevel setting in - /etc/rc.conf (you want to look for - the kern_securelevel and - kern_securelevel_enable variables) and + lowered as this would defeat its purpose. If a task + requires that the securelevel be + non-positive, change the kern_securelevel and + kern_securelevel_enable variables in + /etc/rc.conf and reboot. For more information on securelevel and the specific @@ -5699,8 +5684,8 @@ Key F15 A A Menu Wo queries. Recent versions of it choose a new, random UDP port for each query. This may cause problems for some network configurations, especially if a firewall blocks - incoming UDP packets on particular ports. If you want to - get past that firewall, you can try the + incoming UDP packets on particular ports. To + get past that firewall, try the avoid-v4-udp-ports and avoid-v6-udp-ports options to avoid selecting random port numbers within a blocked @@ -5717,7 +5702,7 @@ Key F15 A A Menu Wo Congratulations, by the way. It is good practice to - read your &man.sockstat.1; output and notice odd + read &man.sockstat.1; output and notice odd things! @@ -5747,39 +5732,37 @@ Key F15 A A Menu Wo Do not worry. toor is an - alternative superuser account (toor is root - spelt backwards). Previously it was created when the - &man.bash.1; shell was installed but now it is created by - default. It is intended to be used with a non-standard - shell so you do not have to change root's default shell. + alternative superuser account, where toor is root + spelled backwards. It is intended to be used with a non-standard + shell so the default shell for root does not need to change. This is important as shells which are not part of the base - distribution (for example a shell installed from ports or - packages) are likely to be installed in + distribution, but are instead installed from ports or + packages, are installed in /usr/local/bin which, by default, resides on a different file system. If root's shell is located in - /usr/local/bin and - /usr (or whatever file system - contains /usr/local/bin) is not - mounted for some reason, /usr/local/bin and the + file system + containing /usr/local/bin) is not + mounted, root will not be able to - log in to fix a problem (although if you reboot into - single-user mode you will be prompted for the path to a - shell). + log in to fix a problem and will have to reboot into + single-user mode in order to enter the path to a + shell. Some people use toor for day-to-day root tasks with a non-standard shell, leaving root, with a standard - shell, for single-user mode or emergencies. By default - you cannot log in using toor as it does not have a password, so log in as root and set a password - for toor if you - want to use it. + for toor before + using it to login. @@ -5796,30 +5779,28 @@ Key F15 A A Menu Wo - You should first read the &man.ppp.8; manual page and + First, read &man.ppp.8; and the PPP - section of the Handbook. Enable logging with the + section of the Handbook. To assist in + troubleshooting, enable logging with the following command: set log Phase Chat Connect Carrier lcp ipcp ccp command This command may be typed at the &man.ppp.8; command - prompt or it may be entered in the - /etc/ppp/ppp.conf configuration file - (the start of the default section is - the best place to put it). Make sure that - /etc/syslog.conf (see - &man.syslog.conf.5;) contains the lines below and the file + prompt or it may be entered at the start of the + default section + in /etc/ppp/ppp.conf. Make sure that + /etc/syslog.conf contains the lines below and the file /var/log/ppp.log exists: !ppp *.* /var/log/ppp.log - You can now find out a lot about what is going on from - the log file. Do not worry if it does not all make sense. - If you need to get help from someone, it may make sense to - them. + A lot about what is going can be learned from + the log file. Do not worry if it does not all make sense as + it may make sense to someone else. @@ -5829,23 +5810,22 @@ Key F15 A A Menu Wo - This is usually because your hostname will not + This is usually because the hostname will not resolve. The best way to fix this is to make sure that - /etc/hosts is consulted by your - resolver first by editing - /etc/host.conf and putting the - hosts line first. Then, put an - entry in /etc/hosts for your local - machine. If you have no local network, change your + /etc/hosts is read first by the + by ensuring that the hosts line is listed first in + /etc/host.conf. Then, put an + entry in /etc/hosts for the local + machine. If there is no local network, change the localhost line: 127.0.0.1 foo.example.com foo localhost - Otherwise, add another entry for your host. + Otherwise, add another entry for the host. Consult the relevant manual pages for more details. - You should be able to successfully ping -c1 - `hostname` when you are done. + When finished, verify that this command is successful: + ping -c1 `hostname`. @@ -5856,27 +5836,23 @@ Key F15 A A Menu Wo - First, check that you have got a default route. By - running netstat -rn (see - &man.netstat.1;), you should see two entries like - this: + First, check that a default route exists. This command + should display two entries: Destination Gateway Flags Refs Use Netif Expire default 10.0.0.2 UGSc 0 0 tun0 10.0.0.2 10.0.0.1 UH 0 0 tun0 - This is assuming that you have used the addresses from - the Handbook, the manual page, or from - ppp.conf.sample. If you do not have - a default route, it may be because you forgot to add the - HISADDR line to - ppp.conf. + If + a default route is not listed, make sure that the + HISADDR line has been added to + /etc/ppp/ppp.conf. Another reason for the default route line being - missing is that you have mistakenly set up a default - router in your /etc/rc.conf (see - &man.rc.conf.5;) file and you have omitted the line below - from ppp.conf: + missing is that a default + route has been added to /etc/rc.conf + and this line is missing + from /etc/ppp/ppp.conf: delete ALL @@ -5894,20 +5870,20 @@ default 10.0.0.2 UG - This error is usually due that the following section - is missing in your + This error is usually because the following section + is missing in /etc/ppp/ppp.linkup: MYADDR: delete ALL add 0 0 HISADDR - This is only necessary if you have a dynamic IP - address or do not know the address of your gateway. If - you are using interactive mode, you can type the following - after entering packet mode (packet mode + This is only necessary for a dynamic IP + address or when the address of the default gateway is unknown. When + using interactive mode, the following can be typed in + after entering packet mode. Packet mode is indicated by the capitalized PPP in - the prompt): + the prompt: delete ALL add 0 0 HISADDR @@ -5950,10 +5926,10 @@ add 0 0 HISADDR - If you have Link Quality Reporting (LQR) configured, - it is possible that too many LQR packets are lost between + If Link Quality Reporting (LQR) is configured, + it is possible that too many LQR packets are lost between your machine and the peer. &man.ppp.8; deduces that the - line must therefore be bad, and disconnects. LQR is + line must therefore be bad, and disconnects. LQR is disabled by default and can be enabled with the following line: @@ -5969,8 +5945,8 @@ add 0 0 HISADDR Sometimes, on a noisy phone line or even on a line - with call waiting enabled, your modem may hang up because - it thinks (incorrectly) that it lost carrier. + with call waiting enabled, the modem may hang up because + it incorrectly thinks that it lost carrier. There is a setting on most modems for determining how tolerant it should be to temporary losses of carrier. @@ -5989,30 +5965,30 @@ add 0 0 HISADDR apparent explanation. The first thing to establish is which side of the link is hung. - If you are using an external modem, try + When using an external modem, try using &man.ping.8; to see if the TD - light is flashing when you transmit data. If it flashes - (and the RD light does not), the + light is flashing when data is transmitted. If it flashes + but the RD light does not, the problem is with the remote end. If TD does not flash, the problem is local. With an internal - modem, you will need to use the set + modem, use the set server command in ppp.conf. When the hang occurs, - connect to &man.ppp.8; using &man.pppctl.8;. If your - network connection suddenly revives (PPP was revived due - to the activity on the diagnostic socket) or if you cannot - connect (assuming the set socket - command succeeded at startup time), the problem is local. - If you can connect and things are still hung, enable local - async logging with set log local async + connect to &man.ppp.8; using &man.pppctl.8;. If the + network connection suddenly revives due + to the activity on the diagnostic socket, or if it will not + connect but the set socket + command succeeded at startup time, the problem is local. + If it can connect but things are still hung, enable local + logging with set log local async and use &man.ping.8; from another window or terminal to - make use of the link. The async logging will show you the + make use of the link. The async logging will show the data being transmitted and received on the link. If data is going out and not coming back, the problem is remote. Having established whether the problem is local or - remote, you now have two possibilities: + remote, there are now two possibilities: @@ -6035,17 +6011,15 @@ add 0 0 HISADDR - There is very little you can do about this. Most ISPs - will refuse to help if you are not running a µsoft; - OS. You can enable lqr in your - ppp.conf, allowing &man.ppp.8; to + There is very little that can be done about this. Many ISPs + will refuse to help users not running a µsoft; + OS. You can enable lqr in + /etc/ppp/ppp.conf, allowing &man.ppp.8; to detect the remote failure and hang up, but this detection - is relatively slow and therefore not that useful. You may - want to avoid telling your ISP that you are running - user-PPP. + is relatively slow and therefore not that useful. First, try disabling all local compression by adding - the following to your configuration: + the following to the configuration: disable pred1 deflate deflate24 protocomp acfcomp shortseq vj deny pred1 deflate deflate24 protocomp acfcomp shortseq vj @@ -6053,12 +6027,11 @@ deny pred1 deflate deflate24 protocomp a Then reconnect to ensure that this makes no difference. If things improve or if the problem is solved completely, determine which setting makes the difference - through trial and error. This will provide good - ammunition when you contact your ISP (although it may make - it apparent that you are not running a µsoft; - product). + through trial and error. This is good information for + the ISP, although it may make + it apparent that it is not a µsoft; system. - Before contacting your ISP, enable async logging + Before contacting the ISP, enable async logging locally and wait until the connection hangs again. This may use up quite a bit of disk space. The last data read from the port may be of interest. It is usually ASCII @@ -6066,9 +6039,9 @@ deny pred1 deflate deflate24 protocomp a fault, Core dumped). - If your ISP is helpful, they should be able to enable + If the ISP is helpful, they should be able to enable logging on their end, then when the next link drop occurs, - they may be able to tell you why their side is having a + they may be able to tell why their side is having a problem. @@ -6079,18 +6052,18 @@ deny pred1 deflate deflate24 protocomp a - Your best bet here is to rebuild &man.ppp.8; with + In this case, rebuild &man.ppp.8; with debugging information, and then use &man.gdb.1; to grab a stack trace from the ppp process that is stuck. To rebuild the ppp utility with debugging - information, you can type: + information, type: &prompt.root; cd /usr/src/usr.sbin/ppp &prompt.root; env DEBUG_FLAGS='-g' make clean &prompt.root; env DEBUG_FLAGS='-g' make install - Then you should restart ppp + Then, restart ppp and wait until it hangs again. When the debug build of ppp hangs, start gdb on the stuck process by @@ -6098,9 +6071,9 @@ deny pred1 deflate deflate24 protocomp a &prompt.root; gdb ppp `pgrep ppp` - At the gdb prompt, you can + At the gdb prompt, use the bt or where - commands to get a stack trace. Save the output of your + commands to get a stack trace. Save the output of the gdb session, and detach from the running process by typing quit. @@ -6114,12 +6087,12 @@ deny pred1 deflate deflate24 protocomp a - Occasionally, just after connecting, you may see + Occasionally, just after connecting, there may be messages in the log that say Magic is same. Sometimes, these messages are harmless, and sometimes one side or the other exits. Most PPP implementations cannot survive this problem, and even - if the link seems to come up, you will see repeated + if the link seems to come up, there will be repeated configure requests and configure acknowledgments in the log file until &man.ppp.8; eventually gives up and closes the connection. From owner-svn-doc-all@FreeBSD.ORG Wed May 14 20:33:47 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 12EA9CFF; Wed, 14 May 2014 20:33:47 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E882E2790; Wed, 14 May 2014 20:33:46 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4EKXkG0041610; Wed, 14 May 2014 20:33:46 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4EKXkQ8041609; Wed, 14 May 2014 20:33:46 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201405142033.s4EKXkQ8041609@svn.freebsd.org> From: Warren Block Date: Wed, 14 May 2014 20:33:46 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44833 - head/en_US.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 May 2014 20:33:47 -0000 Author: wblock Date: Wed May 14 20:33:46 2014 New Revision: 44833 URL: http://svnweb.freebsd.org/changeset/doc/44833 Log: Add an initial quick start for the wireless networking section. Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed May 14 19:58:50 2014 (r44832) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed May 14 20:33:46 2014 (r44833) @@ -715,6 +715,71 @@ route_net2="-net 192.168.1.0/24 192.168. supported for a limited set of wireless devices. + + Quick Start + + Connecting a computer to an existing wireless network is + a very common situation. This procedure shows the steps + required. + + + + Obtain the SSID (Service Set + Identifier) and PSK (Pre-Shared Key) for + the wireless network from the network administrator. + + + + Identify the wireless adapter. The &os; + GENERIC kernel includes drivers for + many common wireless adapters. If the wireless adapter is + one of those models, it will be shown in the output from + &man.ifconfig.8;: + + &prompt.user; ifconfig | grep -A4 -i wireless + + If a wireless adapter is not listed, an additional + kernel module might be required, or it might be a model + not supported by &os;. + + + This example shows the Atheros ath0 + wireless adapter. + + + + Add an entry for this network to + /etc/wpa_supplicant.conf. If the + file does not exist, create it. Replace + myssid and + mypsk with the + SSID and PSK + provided by the network administrator. + + network={ + ssid="myssid" + psk="mypsk" +} + + + + Add entries to /etc/rc.conf to + configure the network on startup: + + wlans_ath0="wlan0" +ifconfig_wlan0="WPA SYNCDHCP" + + + + Restart the computer, or restart the network service + to connect to the network: + + &prompt.root; service netif restart + + + + Basic Setup From owner-svn-doc-all@FreeBSD.ORG Wed May 14 21:23:57 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 50770B3D; Wed, 14 May 2014 21:23:57 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3C6A82BE1; Wed, 14 May 2014 21:23:57 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4ELNv9S063883; Wed, 14 May 2014 21:23:57 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4ELNvni063882; Wed, 14 May 2014 21:23:57 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405142123.s4ELNvni063882@svn.freebsd.org> From: Dru Lavigne Date: Wed, 14 May 2014 21:23:57 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44834 - head/en_US.ISO8859-1/books/faq X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 May 2014 21:23:57 -0000 Author: dru Date: Wed May 14 21:23:56 2014 New Revision: 44834 URL: http://svnweb.freebsd.org/changeset/doc/44834 Log: Fix some use of "you". As per discussion at BSDCan, remove section on how to debug a version of PPP that dumps core. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/faq/book.xml Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Wed May 14 20:33:46 2014 (r44833) +++ head/en_US.ISO8859-1/books/faq/book.xml Wed May 14 21:23:56 2014 (r44834) @@ -4798,9 +4798,9 @@ ttyvb "/usr/libexec/getty Pc" Use CtrlAltFn - to switch back to a virtual console. CtrlAltF1 - would return you to the first virtual console. + to return to the first virtual console. Once at a text console, use If the alias is on the same subnet as an address - already configured on the interface, then add - netmask 0xffffffff to your - &man.ifconfig.8; command-line, as in the following: + already configured on the interface, add + netmask 0xffffffff to this command: - &prompt.root; ifconfig ed0 alias 192.0.2.2 netmask 0xffffffff + &prompt.root; ifconfig ed0 alias 192.0.2.2 netmask 0xffffffff - Otherwise, just specify the network address and + Otherwise, specify the network address and netmask as usual: - &prompt.root; ifconfig ed0 alias 172.16.141.5 netmask 0xffffff00 + &prompt.root; ifconfig ed0 alias 172.16.141.5 netmask 0xffffff00 More information can be found in the &os; Handbook. @@ -5928,7 +5927,7 @@ add 0 0 HISADDR If Link Quality Reporting (LQR) is configured, it is possible that too many LQR packets are lost between - your machine and the peer. &man.ppp.8; deduces that the + the &os; system and the peer. &man.ppp.8; deduces that the line must therefore be bad, and disconnects. LQR is disabled by default and can be enabled with the following line: @@ -6013,9 +6012,9 @@ add 0 0 HISADDR There is very little that can be done about this. Many ISPs will refuse to help users not running a µsoft; - OS. You can enable lqr in + OS. Add enable lqr to /etc/ppp/ppp.conf, allowing &man.ppp.8; to - detect the remote failure and hang up, but this detection + detect the remote failure and hang up. This detection is relatively slow and therefore not that useful. First, try disabling all local compression by adding @@ -6134,7 +6133,7 @@ deny pred1 deflate deflate24 protocomp a This tells &man.ppp.8; to wait for the server to initiate LCP negotiations. Some servers however may never - initiate negotiations. If this is the case, you can do + initiate negotiations. In this case, try something like: set openmode active 3 @@ -6207,8 +6206,8 @@ deny pred1 deflate deflate24 protocomp a set openmode passive - Care should be taken with this option. You should - also use this command to limit the amount of time that + Care should be taken with this option. + This command can also be used to limit the amount of time that &man.ppp.8; waits for the peer to begin negotiations: @@ -6231,14 +6230,13 @@ deny pred1 deflate deflate24 protocomp a - When you execute the shell or - ! command, &man.ppp.8; executes a shell - (or if you have passed any arguments, &man.ppp.8; will - execute those arguments). The + When using shell or + !, &man.ppp.8; executes a shell + or the passed arguments. The ppp program will wait for the - command to complete before continuing. If you attempt to - use the PPP link while running the command, the link will - appear to have frozen. This is because &man.ppp.8; is + command to complete before continuing. Any attempt to + use the PPP link while running the command will appear as + a frozen link. This is because &man.ppp.8; is waiting for the command to complete. To execute commands like this, use @@ -6275,8 +6273,8 @@ deny pred1 deflate deflate24 protocomp a - If &man.ppp.8; is dialing unexpectedly, you must - determine the cause, and set up Dial filters (dfilters) to + If &man.ppp.8; is dialing unexpectedly, + determine the cause, and set up dial filters to prevent such dialing. To determine the cause, use the following line: @@ -6284,11 +6282,11 @@ deny pred1 deflate deflate24 protocomp a set log +tcp/ip This will log all traffic through the connection. The - next time the line comes up unexpectedly, you will see the - reason logged with a convenient timestamp next to + next time the line comes up unexpectedly, the + reason will be logged with a convenient timestamp next to it. - You can now disable dialing under these circumstances. + Next, disable dialing under these circumstances. Usually, this sort of problem arises due to DNS lookups. To prevent DNS lookups from establishing a connection (this will not prevent &man.ppp.8; @@ -6300,31 +6298,29 @@ set dfilter 2 deny udp dst eq 53 set dfilter 3 permit 0/0 0/0 This is not always suitable, as it will effectively - break your demand-dial capabilities — most programs + break demand-dial capabilities. Most programs will need a DNS lookup before doing any other network related things. - In the DNS case, you should try to determine what is + In the DNS case, try to determine what is actually trying to resolve a host name. A lot of the - time, &man.sendmail.8; is the culprit. You should make - sure that you tell sendmail not + time, &man.sendmail.8; is the culprit. Make + sure to configure sendmail not to do any DNS lookups in its configuration file. See the section on using email with a dialup connection in the &os; - Handbook for details on how to create your own - configuration file and what should go into it. You may + Handbook for details. You may also want to add the following line to .mc: define(`confDELIVERY_MODE', `d')dnl This will make sendmail - queue everything until the queue is run (usually, sendmail - is run with , telling it to run - the queue every 30 minutes) or until a sendmail - -q is done (perhaps from your - ppp.linkup). + queue everything until the queue is run, usually, + every 30 minutes, or until a sendmail + -q is done, perhaps from + /etc/ppp/ppp.linkup. @@ -6343,8 +6339,7 @@ CCP: Received Terminate Ack (1) state = This is because &man.ppp.8; is trying to negotiate Predictor1 compression, and the peer does not want to negotiate any compression at all. The messages are - harmless, but if you wish to remove them, you can disable - Predictor1 compression locally too: + harmless, but can be disabled with: disable pred1 @@ -6357,8 +6352,8 @@ CCP: Received Terminate Ack (1) state = - To log all lines of your modem - conversation, you must enable the + To log all lines of the modem + conversation, enable the following: set log +connect @@ -6366,18 +6361,16 @@ CCP: Received Terminate Ack (1) state = This will make &man.ppp.8; log everything up until the last requested expect string. - If you wish to see your connect speed and are using - PAP or CHAP (and therefore do not have anything to - chat after the CONNECT in the dial script - — no set login script), you must - make sure that you instruct &man.ppp.8; to - expect the whole CONNECT line, something + To seether connect speed when using + PAP or CHAP, + make sure to configure &man.ppp.8; to + expect the whole CONNECT line, using something like this: set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 4 \ \"\" ATZ OK-ATZ-OK ATDT\\T TIMEOUT 60 CONNECT \\c \\n" - Here, we get our CONNECT, send nothing, then expect a + This gets the CONNECT, sends nothing, then expects a line-feed, forcing &man.ppp.8; to read the whole CONNECT response. @@ -6391,22 +6384,22 @@ CCP: Received Terminate Ack (1) state = The ppp utility parses each - line in your config files so that it can interpret strings + line in its configuration files so that it can interpret strings such as set phone "123 456 789" correctly and realize that the number is actually only - one argument. To specify a - " character, you must escape it + one argument. To specify a + " character, escape it using a backslash (\). When the chat interpreter parses each argument, it re-interprets the argument to find any special escape sequences such as \P or - \T (see the manual page). As a result - of this double-parsing, you must remember to use the + \T. As a result + of this double-parsing, remember to use the correct number of escapes. - If you wish to actually send a \ - character to (say) your modem, you would need something + To actually send a \ + character, do something like: set dial "\"\" ATZ OK-ATZ-OK AT\\\\X OK" @@ -6432,136 +6425,6 @@ ATDT1234567 - - Why does &man.ppp.8; get a Segmentation - fault, but I see no - ppp.core - - - - The ppp utility (or any - other program for that matter) should never dump core. - Because &man.ppp.8; runs setuid (with an effective - user ID of 0), the operating - system will not write core image of &man.ppp.8; to disk - before terminating it. If, however &man.ppp.8; is - actually terminating due to a segmentation violation or - some other signal that normally causes core to be dumped, - and you are sure you are using the - latest version (see the start of this section), then you - should install the system sources and do the - following: - - &prompt.root; cd /usr/src/usr.sbin/ppp -&prompt.root; echo STRIP= >> /etc/make.conf -&prompt.root; echo CFLAGS+=-g >> /etc/make.conf -&prompt.root; make install clean - - You will now have a debuggable version of &man.ppp.8; - installed. You will have to be root to run &man.ppp.8; as - all of its privileges have been revoked. When you start - &man.ppp.8;, take a careful note of what your current - directory was at the time. - - Now, if and when &man.ppp.8; receives the segmentation - violation, it will dump a core file called - ppp.core. You should then do the - following: - - &prompt.user; su -&prompt.root; gdb /usr/sbin/ppp ppp.core -(gdb) bt -..... -(gdb) f 0 -.... -(gdb) i args -.... -(gdb) l -..... - - All of this information should be given alongside your - question, making it possible to diagnose the - problem. - - If you are familiar with &man.gdb.1;, you may wish to - find out some other bits and pieces such as what actually - caused the dump or the addresses and values of the - relevant variables. - - - - - - Why does the process that forces a dial in - mode never connect? - - - - This was a known problem with &man.ppp.8; set up to - negotiate a dynamic local IP number with the peer in - mode. It has been fixed a long - time ago — search the manual page for - iface. - - The problem was that when that initial program calls - &man.connect.2;, the IP number of the &man.tun.4; - interface is assigned to the socket endpoint. The kernel - creates the first outgoing packet and writes it to the - &man.tun.4; device. &man.ppp.8; then reads the packet and - establishes a connection. If, as a result of - &man.ppp.8;'s dynamic IP assignment, the interface address - is changed, the original socket endpoint will be invalid. - Any subsequent packets sent to the peer will usually be - dropped. Even if they are not, any responses will not - route back to the originating machine as the IP number is - no longer owned by that machine. - - There are several theoretical ways to approach this - problem. It would be nicest if the peer would re-assign - the same IP number if possible. The current version of - &man.ppp.8; does this, but most other implementations do - not. - - The easiest method from our side would be to never - change the &man.tun.4; interface IP number, but instead to - change all outgoing packets so that the source IP number - is changed from the interface IP to the negotiated IP on - the fly. This is essentially what the - iface-alias option in the latest - version of &man.ppp.8; is doing (with the help of - &man.libalias.3; and &man.ppp.8;'s - switch) — it is maintaining all previous interface - addresses and NATing them to the last negotiated - address. - - Another alternative (and probably the most reliable) - would be to implement a system call that changes all bound - sockets from one IP to another. &man.ppp.8; would use - this call to modify the sockets of all existing programs - when a new IP number is negotiated. The same system call - could be used by DHCP clients when they - are forced to call the bind() - function for their sockets. - - Yet another possibility is to allow an interface to be - brought up without an IP number. Outgoing packets would - be given an IP number of 255.255.255.255 up until - the first SIOCAIFADDR &man.ioctl.2; is - done. This would result in fully binding the socket. It - would be up to &man.ppp.8; to change the source IP number, - but only if it is set to 255.255.255.255, and only - the IP number and IP checksum would need to change. This, - however is a bit of a hack as the kernel would be sending - bad packets to an improperly configured interface, on the - assumption that some other mechanism is capable of fixing - things retrospectively. - - - - Why do most games not work with the switch? From owner-svn-doc-all@FreeBSD.ORG Wed May 14 21:35:25 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 93C32D28; Wed, 14 May 2014 21:35:25 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 80A102CC4; Wed, 14 May 2014 21:35:25 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4ELZPMK068398; Wed, 14 May 2014 21:35:25 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4ELZPR5068397; Wed, 14 May 2014 21:35:25 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405142135.s4ELZPR5068397@svn.freebsd.org> From: Dru Lavigne Date: Wed, 14 May 2014 21:35:25 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44835 - head/en_US.ISO8859-1/books/faq X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 May 2014 21:35:25 -0000 Author: dru Date: Wed May 14 21:35:25 2014 New Revision: 44835 URL: http://svnweb.freebsd.org/changeset/doc/44835 Log: Remove entry for games through PPP NAT. This has not been true for some time. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/faq/book.xml Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Wed May 14 21:23:56 2014 (r44834) +++ head/en_US.ISO8859-1/books/faq/book.xml Wed May 14 21:35:25 2014 (r44835) @@ -6425,92 +6425,6 @@ ATDT1234567 - - Why do most games not work with the - switch? - - - - The reason games and the like do not work when - &man.libalias.3; is in use is that the machine on the - outside will try to open a connection or send - (unsolicited) UDP packets to the machine on the inside. - The NAT software does not know that it should send these - packets to the interior machine. - - To make things work, make sure that the only thing - running is the software that you are having problems with, - then either run &man.tcpdump.1; on the &man.tun.4; - interface of the gateway or enable &man.ppp.8; TCP/IP - logging (set log +tcp/ip) on the - gateway. - - When you start the offending software, you should see - packets passing through the gateway machine. When - something comes back from the outside, it will be dropped - (that is the problem). Note the port number of these - packets then shut down the offending software. Do this a - few times to see if the port numbers are consistent. If - they are, then the following line in the relevant section - of /etc/ppp/ppp.conf will make the - software functional: - - nat port proto internalmachine:port port - - where proto is either - tcp or udp, - internalmachine is the machine - that you want the packets to be sent to and - port is the destination port - number of the packets. - - You will not be able to use the software on other - machines without changing the above command, and running - the software on two internal machines at the same time is - out of the question — after all, the outside world - is seeing your entire internal network as being just a - single machine. - - If the port numbers are not consistent, there are - three more options: - - - - Submit support in &man.libalias.3;. Examples of - special cases can be found in - /usr/src/sys/netinet/libalias/alias_*.c - (alias_ftp.c is a good - prototype). This usually involves reading certain - recognized outgoing packets, identifying the - instruction that tells the outside machine to initiate - a connection back to the internal machine on a - specific (random) port and setting up a - route in the alias table so that the - subsequent packets know where to go. - - This is the most difficult solution, but it is the - best and will make the software work with multiple - machines. - - - - Use a proxy. The application may support - socks5 for example, or may have a - passive option that avoids ever - requesting that the peer open connections back to the - local machine. - - - - Redirect everything to the internal machine using - nat addr. This is the - sledge-hammer approach. - - - - - - What are FCS errors? From owner-svn-doc-all@FreeBSD.ORG Wed May 14 21:43:44 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 14160236; Wed, 14 May 2014 21:43:44 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 011CE2DA9; Wed, 14 May 2014 21:43:44 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4ELhh2T072559; Wed, 14 May 2014 21:43:43 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4ELhhTg072558; Wed, 14 May 2014 21:43:43 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405142143.s4ELhhTg072558@svn.freebsd.org> From: Dru Lavigne Date: Wed, 14 May 2014 21:43:43 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44836 - head/en_US.ISO8859-1/books/handbook/config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 May 2014 21:43:44 -0000 Author: dru Date: Wed May 14 21:43:43 2014 New Revision: 44836 URL: http://svnweb.freebsd.org/changeset/doc/44836 Log: Fix grammo. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/config/chapter.xml Wed May 14 21:35:25 2014 (r44835) +++ head/en_US.ISO8859-1/books/handbook/config/chapter.xml Wed May 14 21:43:43 2014 (r44836) @@ -385,7 +385,7 @@ PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin To remove all of the cron jobs in a user crontab: - &prompt.user; crontab -l + &prompt.user; crontab -r remove crontab for dru? y From owner-svn-doc-all@FreeBSD.ORG Wed May 14 21:45:29 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5B45D4F4; Wed, 14 May 2014 21:45:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 485A12DC4; Wed, 14 May 2014 21:45:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4ELjTY7073019; Wed, 14 May 2014 21:45:29 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4ELjTVI073018; Wed, 14 May 2014 21:45:29 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201405142145.s4ELjTVI073018@svn.freebsd.org> From: Gavin Atkinson Date: Wed, 14 May 2014 21:45:29 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44837 - head/en_US.ISO8859-1/books/handbook/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 May 2014 21:45:29 -0000 Author: gavin Date: Wed May 14 21:45:28 2014 New Revision: 44837 URL: http://svnweb.freebsd.org/changeset/doc/44837 Log: Be explicit in only linking to the copy of the PGP keyring served over https. Modified: head/en_US.ISO8859-1/books/handbook/pgpkeys/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/pgpkeys/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/pgpkeys/chapter.xml Wed May 14 21:43:43 2014 (r44836) +++ head/en_US.ISO8859-1/books/handbook/pgpkeys/chapter.xml Wed May 14 21:45:28 2014 (r44837) @@ -27,7 +27,7 @@ PGP Keys article. The complete keyring can be downloaded at http://www.FreeBSD.org/doc/pgpkeyring.txt. + xlink:href="https://www.FreeBSD.org/doc/pgpkeyring.txt">https://www.FreeBSD.org/doc/pgpkeyring.txt. Officers From owner-svn-doc-all@FreeBSD.ORG Thu May 15 00:14:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6B7414FC; Thu, 15 May 2014 00:14:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5771D293D; Thu, 15 May 2014 00:14:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4F0EAQ6041001; Thu, 15 May 2014 00:14:10 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4F0EAml041000; Thu, 15 May 2014 00:14:10 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405150014.s4F0EAml041000@svn.freebsd.org> From: Dru Lavigne Date: Thu, 15 May 2014 00:14:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44838 - head/en_US.ISO8859-1/books/faq X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 May 2014 00:14:10 -0000 Author: dru Date: Thu May 15 00:14:09 2014 New Revision: 44838 URL: http://svnweb.freebsd.org/changeset/doc/44838 Log: Remove most of the leftover instances of "you". Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/faq/book.xml Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Wed May 14 21:45:28 2014 (r44837) +++ head/en_US.ISO8859-1/books/faq/book.xml Thu May 15 00:14:09 2014 (r44838) @@ -6438,37 +6438,33 @@ ATDT1234567 can be displayed using the show hdlc command. - If your link is bad (or if your serial driver is - dropping packets), you will see the occasional FCS error. + If the link is bad or if the serial driver is + dropping packets, it will produce the occasional FCS error. This is not usually worth worrying about although it does - slow down the compression protocols substantially. If you - have an external modem, make sure your cable is properly - shielded from interference — this may eradicate the - problem. - - If your link freezes as soon as you have connected and - you see a large number of FCS errors, this may be because - your link is not 8-bit clean. Make sure your modem is not - using software flow control (XON/XOFF). If your datalink - must use software flow control, use - the command set accmap 0x000a0000 to + slow down the compression protocols substantially. + + If the link freezes as soon as it connects and + produces a large number of FCS errors, make sure the modem is not + using software flow control (XON/XOFF). If the link + must use software flow control, use + set accmap 0x000a0000 to tell &man.ppp.8; to escape the ^Q and ^S characters. - Another reason for seeing too many FCS errors may be + Another reason for too many FCS errors may be that the remote end has stopped talking - PPP. You may want to enable - async logging at this point to + PPP. In this case, enable + async logging to determine if the incoming data is actually a login or - shell prompt. If you have a shell prompt at the remote + shell prompt. If it is a shell prompt at the remote end, it is possible to terminate &man.ppp.8; without - dropping the line by using close lcp (a - following term) will reconnect you to + dropping the line by using close lcp followed by + term) to reconnect to the shell on the remote machine. - If nothing in your log file indicates why the link - might have been terminated, you should ask the remote - administrator (your ISP?) why the session was + If nothing in the log file indicates why the link + was terminated, ask the remote + administrator or ISP why the session was terminated. @@ -6480,12 +6476,11 @@ ATDT1234567 - If all else fails, send as much information as you - can, including your config files, how you are starting - &man.ppp.8;, the relevant parts of your log file and the - output of netstat -rn (before and after - connecting) to the &a.questions; and someone should point - you in the right direction. + If all else fails, send the details of the error, the + configuration files, how + &man.ppp.8; is being started, the relevant parts of the log file, and the + output of netstat -rn, before and after + connecting, to the &a.questions;. @@ -6542,38 +6537,34 @@ ATDT1234567 As the &os; kernel boots, it will probe for the serial - ports in your system for which the kernel was configured. - You can either watch your system closely for the messages - it prints or run this command after your system is up and + ports for which the kernel is configured. + Either watch the boot messages closely + or run this command after the system is up and running: - &prompt.user; dmesg | grep -E "^sio[0-9]" - - Here is some example output from the above - command: - - sio0: <16550A-compatible COM port> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0 + &prompt.user; dmesg | grep -E "^sio[0-9]" +sio0: <16550A-compatible COM port> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0 sio0: type 16550A sio1: <16550A-compatible COM port> port 0x2f8-0x2ff irq 3 on acpi0 -sio1: type 16550A +sio1: type 16550A - This shows two serial ports. The first is on - IRQ 4, is using port address + This example shows two serial ports. The first is on + IRQ4, port address 0x3f8, and has a 16550A-type UART chip. The second uses the same kind of chip but is on - IRQ 3 and is at port address + IRQ3 and is at port address 0x2f8. Internal modem cards are - treated just like serial ports — except that they - always have a modem attached to the + treated just like serial ports, except that they + always have a modem attached to the port. The GENERIC kernel includes support for two serial ports using the same IRQ and port address settings in the above example. If these settings - are not right for your system, or if you have added modem - cards or have more serial ports than your kernel is - configured for, just reconfigure your kernel. See section - about building a kernel + are not right for the system, or if there are more modem + cards or serial ports than the kernel is + configured for, reconfigure using the instructions in + building a kernel for more details. @@ -6584,28 +6575,28 @@ sio1: type 16550A - The third serial port, sio2 (see - &man.sio.4;, known as COM3 in DOS), + The third serial port, sio2, + or COM3, is on /dev/cuad2 for dial-out devices, and on /dev/ttyd2 for dial-in devices. What is the difference between these two classes of devices? - You use ttydX for dial-ins. When + When opening /dev/ttydX in blocking mode, a process will wait for the corresponding cuadX device to become inactive, and then wait for the carrier - detect line to go active. When you open the - cuadX device, it makes sure the + detect line to go active. When the + cuadX device is opened, it makes sure the serial port is not already in use by the ttydX device. If the port is available, it - steals it from the + steals it from the ttydX device. Also, the cuadX device does not care about carrier detect. With this scheme and an auto-answer - modem, you can have remote users log in and you can still + modem, remote users can log in and local users can still dial out with the same modem and the system will take care of all the conflicts. @@ -6613,14 +6604,14 @@ sio1: type 16550A - How do I enable support for a multiport serial + How do I enable support for a multi-port serial card? - Again, the section on kernel configuration provides - information about configuring your kernel. For a - multiport serial card, place an &man.sio.4; line for each + The section on kernel configuration provides + information about configuring the kernel. For a + multi-port serial card, place an &man.sio.4; line for each serial port on the card in the &man.device.hints.5; file. But place the IRQ specifiers on only one of the entries. All of the ports on the card should share one IRQ. For @@ -6688,7 +6679,7 @@ hint.sio.7.irq="12" - You can find this information in the This information is in the Terminals section of the &os; Handbook. @@ -6701,18 +6692,18 @@ hint.sio.7.irq="12" - On your system, the programs &man.tip.1; and - &man.cu.1; can only access the + The built-in &man.tip.1; and + &man.cu.1; utilities can only access the /var/spool/lock directory via user uucp and group - dialer. You - can use the group dialer to control who has - access to your modem or remote systems. Just add yourself - to group dialer. + Use the dialer group to control who has + access to the modem or remote systems by adding user accounts + to dialer. - Alternatively, you can let everyone on your system run + Alternatively, everyone can be configured to run &man.tip.1; and &man.cu.1; by typing: &prompt.root; chmod 4511 /usr/bin/cu @@ -6741,8 +6732,8 @@ hint.sio.7.irq="12" Note that while &os; is proactive in this regard, it does not arbitrarily decide to swap pages when the system - is truly idle. Thus you will not find your system all - paged out when you get up in the morning after leaving it + is truly idle. Thus, the system will not be all + paged out after leaving it idle overnight. @@ -6755,7 +6746,7 @@ hint.sio.7.irq="12" The simple answer is that free memory is wasted - memory. Any memory that your programs do not actively + memory. Any memory that programs do not actively allocate is used within the &os; kernel as disk cache. The values shown by &man.top.1; labeled as Inact, Cache, and @@ -6778,9 +6769,9 @@ hint.sio.7.irq="12" Symlinks do not have permissions, and by default, &man.chmod.1; will follow symlinks to change the - permissions on the source file, if possible. So if you - have a file, foo, and a symlink to - that file, bar, then this command + permissions on the source file, if possible. For + the file, foo with a symlink named + bar, this command will always succeed. &prompt.user; chmod g-w bar @@ -6789,7 +6780,7 @@ hint.sio.7.irq="12" will not have changed. When changing modes of the file hierarchies rooted in - the files instead of the files themselves, you have to use + the files instead of the files themselves, use either or together with to make this work. See &man.chmod.1; and &man.symlink.7; for more @@ -6799,14 +6790,14 @@ hint.sio.7.irq="12" does a recursive &man.chmod.1;. Be careful about specifying directories or symlinks to - directories to &man.chmod.1;. If you want to change the + directories to &man.chmod.1;. To change the permissions of a directory referenced by a symlink, use &man.chmod.1; without any options and follow the symlink with a trailing slash (/). For example, if foo is a symlink to - directory bar, and you want to + directory bar, to change the permissions of foo - (actually bar), you would do + (actually bar), do something like: &prompt.user; chmod 555 foo/ @@ -6825,18 +6816,18 @@ hint.sio.7.irq="12" - Yes, you can use emulators/doscmd, - a DOS emulation program, available in the &os; Ports + Yes. A DOS emulation program, emulators/doscmd, + is available in the &os; Ports Collection. If doscmd will not suffice, - the add-on utility emulators/pcemu + emulators/pcemu emulates an 8088 and enough BIOS services to run many DOS - text mode applications. It requires the X Window + text-mode applications. It requires the X Window System. - You may also try emulators/dosbox - from the &os; Ports Collection. The main focus of this + The Ports Collection also has emulators/dosbox. + The main focus of this application is emulating old DOS games using the local file system for files. @@ -6886,7 +6877,7 @@ hint.sio.7.irq="12" - Other advice to help your mail reach its destination + Other advice to help mail reach its destination include: @@ -6904,7 +6895,7 @@ hint.sio.7.irq="12" If you still have trouble with email infrastructure at - FreeBSD.org + FreeBSD.org, send a note with the details to postmaster@freebsd.org; Include a date/time interval so that logs may be reviewed — @@ -6953,7 +6944,7 @@ hint.sio.7.irq="12" beastie is pronounced BSD. - You can learn more about the BSD daemon on his More about the BSD daemon is available on his home page. @@ -6966,15 +6957,15 @@ hint.sio.7.irq="12" Perhaps. The BSD daemon is copyrighted by Marshall - Kirk McKusick. You will want to check his Statement on the Use of the BSD Daemon Figure for detailed usage terms. - In summary, you are free to use the image in a + In summary, the image can be used in a tasteful manner, for personal use, so long as appropriate - credit is given. If you want to use him commercially, you - must contact &a.mckusick.email;. More details are + credit is given. Before using the logo commercially, + contact &a.mckusick.email; for permission. More details are available on the BSD Daemon's home page. @@ -6987,7 +6978,7 @@ hint.sio.7.irq="12" - You will find eps and Xfig drawings under + Xfig and eps drawings are available under /usr/share/examples/BSD_daemon/. @@ -7005,7 +6996,9 @@ hint.sio.7.irq="12" Glossary. - + +               + + + Als eerste is een kopie van het instellingenbestand van Kerberos nodig, /etc/krb5.conf. Dit bestand kan From owner-svn-doc-all@FreeBSD.ORG Thu May 15 19:23:49 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 99501DB2; Thu, 15 May 2014 19:23:49 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 866F52ABD; Thu, 15 May 2014 19:23:49 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4FJNnTZ059867; Thu, 15 May 2014 19:23:49 GMT (envelope-from bjk@svn.freebsd.org) Received: (from bjk@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4FJNnLT059866; Thu, 15 May 2014 19:23:49 GMT (envelope-from bjk@svn.freebsd.org) Message-Id: <201405151923.s4FJNnLT059866@svn.freebsd.org> From: Benjamin Kaduk Date: Thu, 15 May 2014 19:23:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44842 - head/en_US.ISO8859-1/books/faq X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 May 2014 19:23:49 -0000 Author: bjk Date: Thu May 15 19:23:49 2014 New Revision: 44842 URL: http://svnweb.freebsd.org/changeset/doc/44842 Log: Fix a typo and a minor grammar nit in the FAQ Approved by: hrs (mentor) Modified: head/en_US.ISO8859-1/books/faq/book.xml Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Thu May 15 14:13:12 2014 (r44841) +++ head/en_US.ISO8859-1/books/faq/book.xml Thu May 15 19:23:49 2014 (r44842) @@ -6310,9 +6310,9 @@ set dfilter 3 permit 0/0 0/0 This is because &man.ppp.8; is trying to negotiate - Predictor1 compression, and the peer does not want to + Predictor1 compression, but the peer does not want to negotiate any compression at all. The messages are - harmless, but can be disabled with: + harmless, but can be silenced by disabling the compression: disable pred1 @@ -6334,7 +6334,7 @@ CCP: Received Terminate Ack (1) state = This will make &man.ppp.8; log everything up until the last requested expect string. - To seether connect speed when using + To see the connect speed when using PAP or CHAP, make sure to configure &man.ppp.8; to expect the whole CONNECT line, using something From owner-svn-doc-all@FreeBSD.ORG Fri May 16 00:14:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 49AA55EA; Fri, 16 May 2014 00:14:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3709221EB; Fri, 16 May 2014 00:14:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4G0Egg5091591; Fri, 16 May 2014 00:14:42 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4G0EgI7091590; Fri, 16 May 2014 00:14:42 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201405160014.s4G0EgI7091590@svn.freebsd.org> From: Xin LI Date: Fri, 16 May 2014 00:14:42 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44843 - head/en_US.ISO8859-1/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 May 2014 00:14:42 -0000 Author: delphij Date: Fri May 16 00:14:41 2014 New Revision: 44843 URL: http://svnweb.freebsd.org/changeset/doc/44843 Log: Warner (imp@) has kindly volunteered to join secteam. Modified: head/en_US.ISO8859-1/htdocs/administration.xml Modified: head/en_US.ISO8859-1/htdocs/administration.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/administration.xml Thu May 15 19:23:49 2014 (r44842) +++ head/en_US.ISO8859-1/htdocs/administration.xml Fri May 16 00:14:41 2014 (r44843) @@ -245,6 +245,7 @@
            • &a.delphij.email; (Officer Deputy)
            • &a.des.email; (Officer)
            • &a.gavin.email; (Core Team Liaison)
              • +
            • &a.imp.email;
            • &a.jonathan.email;
            • &a.philip.email;
            • &a.qingli.email;
              • From owner-svn-doc-all@FreeBSD.ORG Fri May 16 01:54:25 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 69721AF5; Fri, 16 May 2014 01:54:25 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 569C928EB; Fri, 16 May 2014 01:54:25 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4G1sPFa035173; Fri, 16 May 2014 01:54:25 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4G1sPY0035172; Fri, 16 May 2014 01:54:25 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405160154.s4G1sPY0035172@svn.freebsd.org> From: Dru Lavigne Date: Fri, 16 May 2014 01:54:25 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44844 - head/en_US.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 May 2014 01:54:25 -0000 Author: dru Date: Fri May 16 01:54:24 2014 New Revision: 44844 URL: http://svnweb.freebsd.org/changeset/doc/44844 Log: Remove Xserves from Install chapter. PR: 189847 Submitted by: David Croal, Sentex Communications Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Fri May 16 00:14:41 2014 (r44843) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Fri May 16 01:54:24 2014 (r44844) @@ -745,10 +745,6 @@ Loading /boot/defaults/loader.conf prompt, enter               boot cd:,\ppc\loader cd:0 - - For Xserves without keyboards, refer to http://support.apple.com/kb/TA26930 - about booting into Open Firmware. From owner-svn-doc-all@FreeBSD.ORG Fri May 16 12:24:04 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 83D87172; Fri, 16 May 2014 12:24:04 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 650B228F9; Fri, 16 May 2014 12:24:04 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4GCO4GB013079; Fri, 16 May 2014 12:24:04 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4GCO4UP013078; Fri, 16 May 2014 12:24:04 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405161224.s4GCO4UP013078@svn.freebsd.org> From: Ryusuke SUZUKI Date: Fri, 16 May 2014 12:24:04 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44845 - head/ja_JP.eucJP/books/handbook/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 May 2014 12:24:04 -0000 Author: ryusuke Date: Fri May 16 12:24:03 2014 New Revision: 44845 URL: http://svnweb.freebsd.org/changeset/doc/44845 Log: - Merge the following from the English version: r43126 -> r44837 head/ja_JP.eucJP/books/handbook/pgpkeys/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/pgpkeys/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/pgpkeys/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/pgpkeys/chapter.xml Fri May 16 01:54:24 2014 (r44844) +++ head/ja_JP.eucJP/books/handbook/pgpkeys/chapter.xml Fri May 16 12:24:03 2014 (r44845) @@ -3,41 +3,38 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43126 + Original revision: r44837 $FreeBSD$ --> - - PGP 公開鍵 - - pgp公開鍵 - これらは、署名を検証したり、 - 開発者やオフィサに暗号メールを送る必要がある場合に、 - 自由に使用できる PGP 公開鍵です。また、 - http://www.FreeBSD.org/doc/pgpkeyring.txt - から FreeBSD.org - ユーザの完全なキーリングをダウンロードすることも可能です。 + + + <acronym>PGP</acronym> 公開鍵 - - 開発者 + pgp公開鍵 - §ion.pgpkeys-developers; - + FreeBSD.org + オフィサの PGP 公開鍵を以下に示します。 + これらの公開鍵は、署名を検証したり、 + オフィサに暗号メールを送る必要がある場合に使用できます。 + すべての &os; 公開鍵の一覧は、 + PGP + Keys にあります。 + また、完全なキーリングは + https://www.FreeBSD.org/doc/pgpkeyring.txt からダウンロードできます。 - - 他のクラスタアカウント所有者 + + オフィサ - §ion.pgpkeys-other; + §ion.pgpkeys-officers; From owner-svn-doc-all@FreeBSD.ORG Fri May 16 12:32:45 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CDDEB427; Fri, 16 May 2014 12:32:45 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BAC9329B1; Fri, 16 May 2014 12:32:45 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4GCWjWd017398; Fri, 16 May 2014 12:32:45 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4GCWjYT017397; Fri, 16 May 2014 12:32:45 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405161232.s4GCWjYT017397@svn.freebsd.org> From: Ryusuke SUZUKI Date: Fri, 16 May 2014 12:32:45 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44846 - head/ja_JP.eucJP/htdocs/docs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 May 2014 12:32:45 -0000 Author: ryusuke Date: Fri May 16 12:32:45 2014 New Revision: 44846 URL: http://svnweb.freebsd.org/changeset/doc/44846 Log: - Merge the following from the English version: r44033 -> r44243 head/ja_JP.eucJP/htdocs/docs/books.xml Modified: head/ja_JP.eucJP/htdocs/docs/books.xml Modified: head/ja_JP.eucJP/htdocs/docs/books.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/docs/books.xml Fri May 16 12:24:03 2014 (r44845) +++ head/ja_JP.eucJP/htdocs/docs/books.xml Fri May 16 12:32:45 2014 (r44846) @@ -9,7 +9,7 @@ ]> - + @@ -253,6 +253,10 @@ Authentication Modules (pam) (英語版のみ)
              FreeBSD における PAM システムとモジュールについての入門書です。

              +

              OpenPGP 鍵 + (pgpkeys)
              + &os; のすべての OpenPGP 鍵があります。

              +

              Port Mentor Guidelines (port-mentor-guidelines) (英語版のみ)
              新しく port のメンターやメンティーになられる方、もしくは、 From owner-svn-doc-all@FreeBSD.ORG Fri May 16 19:28:27 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 629D7F36; Fri, 16 May 2014 19:28:27 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 50AF22029; Fri, 16 May 2014 19:28:27 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4GJSR5P050273; Fri, 16 May 2014 19:28:27 GMT (envelope-from tabthorpe@svn.freebsd.org) Received: (from tabthorpe@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4GJSRDj050272; Fri, 16 May 2014 19:28:27 GMT (envelope-from tabthorpe@svn.freebsd.org) Message-Id: <201405161928.s4GJSRDj050272@svn.freebsd.org> From: Thomas Abthorpe Date: Fri, 16 May 2014 19:28:27 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44848 - head/en_US.ISO8859-1/htdocs/portmgr X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 May 2014 19:28:27 -0000 Author: tabthorpe (ports committer) Date: Fri May 16 19:28:26 2014 New Revision: 44848 URL: http://svnweb.freebsd.org/changeset/doc/44848 Log: - Congrats culot@, you are the new portmgr-secretary@ Approved by: gjb Modified: head/en_US.ISO8859-1/htdocs/portmgr/index.xml Modified: head/en_US.ISO8859-1/htdocs/portmgr/index.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/portmgr/index.xml Fri May 16 14:10:39 2014 (r44847) +++ head/en_US.ISO8859-1/htdocs/portmgr/index.xml Fri May 16 19:28:26 2014 (r44848) @@ -55,7 +55,7 @@ and

              portmgr@FreeBSD.org: &a.portmgr.members;

              -

              Secretary: &a.tabthorpe; (Secretary: &a.culot; (portmgr-secretary@FreeBSD.org)

              Resources Of Interest To FreeBSD Contributors and Developers

              From owner-svn-doc-all@FreeBSD.ORG Sat May 17 02:50:17 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D26D38E7; Sat, 17 May 2014 02:50:17 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B38EA22ED; Sat, 17 May 2014 02:50:17 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4H2oHjs018828; Sat, 17 May 2014 02:50:17 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4H2oHex018827; Sat, 17 May 2014 02:50:17 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201405170250.s4H2oHex018827@svn.freebsd.org> From: Gavin Atkinson Date: Sat, 17 May 2014 02:50:17 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44849 - head/en_US.ISO8859-1/articles/hubs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 May 2014 02:50:17 -0000 Author: gavin Date: Sat May 17 02:50:17 2014 New Revision: 44849 URL: http://svnweb.freebsd.org/changeset/doc/44849 Log: Start to bring this up-to-date: - Drop all references to providing CVSup mirrors - Drop all references to providing anonymous CVS mirrors - Drop all references to mirroring using CVSup, instead use rsync - Update the recommended arguments to rsync in the examples - Updatre size estimates for the individual parts - Change one reference to CVS to instead mention SVN Note that we are still not accepting applications for new mirrors of this style. Modified: head/en_US.ISO8859-1/articles/hubs/article.xml Modified: head/en_US.ISO8859-1/articles/hubs/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/hubs/article.xml Fri May 16 19:28:26 2014 (r44848) +++ head/en_US.ISO8859-1/articles/hubs/article.xml Sat May 17 02:50:17 2014 (r44849) @@ -57,7 +57,7 @@ and degree of completeness you want to mirror, a huge amount of disk space may be consumed. Also keep in mind that official mirrors are probably required to be - complete. The CVS repository and the web pages should + complete. The web pages should always be mirrored completely. Also note that the numbers stated here are reflecting the current state (at &rel2.current;-RELEASE/&rel.current;-RELEASE). Further development and @@ -67,10 +67,9 @@ Here are some approximate figures:               - Full FTP Distribution: 1.1 TB - CVS repository: 5.4 GB - CTM deltas: 3.2 GB - Web pages: 463 MB + Full FTP Distribution: 1.4 TB + CTM deltas: 10 GB + Web pages: 1GB The current disk usage of FTP Distribution can be found at @@ -113,7 +112,7 @@ For a moderately visited site that offers - Rsync, you might + rsync, you might consider a current CPU with around 800MHz - 1 GHz, and at least 512MB RAM. This is probably the minimum you want for an official @@ -127,7 +126,7 @@ You also want to consider a fast disk subsystem. - Operations on the CVS repository require a fast + Operations on the SVN repository require a fast disk subsystem (RAID is highly advised). A SCSI controller that has a cache of its own can also speed up things since most of these services incur a @@ -181,17 +180,9 @@ ftp/twoftpd: As above. ftp/vsftpd: The very secure ftpd. - - ftp/wu-ftpd: The ftpd from Washington - University. It has become infamous, because of the huge - amount of security issues that have been found in it. - If you do choose to use this software be sure to - keep it up to date. - - - FreeBSD's ftpd, proftpd, - wu-ftpd and maybe ncftpd + FreeBSD's ftpd, proftpd + and maybe ncftpd are among the most commonly used FTPds. The others do not have a large userbase among mirror sites. One thing to consider is that you may need flexibility in limiting @@ -260,109 +251,6 @@ - - CVSup (desired for CVS repository) - - CVSup is a very efficient way of distributing files. - It works similar to rsync, but was specially designed for - use with CVS repositories. If you want to offer the - FreeBSD CVS repository, you really want to consider - offering it via CVSup. It is possible to offer - the CVS repository via AnonCVS, FTP, - rsync or HTTP, but - people would benefit much more from CVSup access. - CVSup was developed by &a.jdp.email;. - It is a bit tricky to install on non-FreeBSD platforms, - since it is written in Modula-3 and therefore requires - a Modula-3 environment. &a.jdp; has built a - stripped down version of M3 that is sufficient to - run CVSup, and can be installed much easier. - See Ezm3 - for details. Related ports are: - - - - net/cvsup: The native CVSup port (client and server) - which requires lang/ezm3 now. - - - net/cvsup-mirror: The CVSup mirror kit, which requires - net/cvsup-without-gui, and configures it mirror-ready. Some - site administrators may want a different setup though. - - - - - There are a few more like - net/cvsup-without-gui you might want to have - a look at. If you prefer a static binary package, take a look - here. - This page still refers to the S1G bug that was present - in CVSup. Maybe - John will set up a generic download-site to get - static binaries for various platforms. - - - It is possible to use CVSup to offer - any kind of fileset, not just CVS repositories, - but configuration can be complex. - CVSup is known to eat some CPU on both the server and the - client, since it needs to compare lots of files. - - - - AnonCVS (optional for CVS repository) - - If you have the CVS repository, you may want to offer - anonymous CVS access. A short warning first: - There is not much demand for it, - it requires some experience, and you need to know - what you are doing. - - - Generally there are two ways - to access a CVS repository remotely: via - pserver or via ssh - (we do not consider rsh). - For anonymous access, pserver is - very well suited, but some still offer ssh - access as well. There is a custom crafted - wrapper - in the CVS repository, to be used as a login-shell for the - anonymous ssh account. It does a chroot, and therefore - requires the CVS repository to be available under the - anonymous user's home-directory. This may not be possible - for all sites. If you just offer pserver - this restriction does not apply, but you may run with - more security risks. You do not need to install any special - software, since &man.cvs.1; comes with - FreeBSD. You need to enable access via inetd, - so add an entry into your /etc/inetd.conf - like this: - -cvspserver stream tcp nowait root /usr/bin/cvs cvs -f -l -R -T /anoncvstmp --allow-root=/home/ncvs pserver - - See the manpage for details of the options. Also see the CVS info - page about additional ways to make sure access is read-only. - It is advised that you create an unprivileged account, - preferably called anoncvs. - Also you need to create a file passwd - in your /home/ncvs/CVSROOT and assign a - CVS password (empty or anoncvs) to that user. - The directory /anoncvstmp is a special - purpose memory based file system. It is not required but - advised since &man.cvs.1; creates a shadow directory - structure in your /tmp which is - not used after the operation but slows things - dramatically if real disk operations are required. - Here is an excerpt from /etc/fstab, - how to set up such a MFS: - -/dev/da0s1b /anoncvstmp mfs rw,-s=786432,-b=4096,-f=512,-i=560,-c=3,-m=0,nosuid 0 0 - - This is (of course) tuned a lot, and was suggested by &a.jdp.email;. - - @@ -374,8 +262,8 @@ cvspserver stream tcp nowait root /usr/b the various parts of FreeBSD, what tools to use, and where to mirror from. - - FTP + + Mirroring the FTP site The FTP area is the largest amount of data that needs to be mirrored. It includes the distribution @@ -388,39 +276,8 @@ cvspserver stream tcp nowait root /usr/b for various FreeBSD versions, and various architectures. - - With FTP mirror - You can use a FTP mirror - program to get the files. Some of the most commonly used are: - - ftp/mirror - ftp/ftpmirror - ftp/emirror - ftp/spegla - ftp/omi - ftp/wget - - - ftp/mirror was very popular, but seemed - to have some drawbacks, as it is written in &man.perl.1;, - and had real problems with mirroring large - directories like a FreeBSD site. There are rumors that - the current version has fixed this by allowing - a different algorithm for comparing - the directory structure to be specified. - - - In general FTP is not really good for mirroring. It transfers - the whole file if it has changed, and does - not create a single data stream which would benefit from - a large TCP congestion window. - - - - With rsync - - A better way to mirror the FTP area is rsync. + The best way to mirror the FTP area is rsync. You can install the port net/rsync and then use rsync to sync with your upstream host. rsync is already mentioned @@ -440,7 +297,7 @@ cvspserver stream tcp nowait root /usr/b A command line to mirror FreeBSD might look like: - &prompt.user; rsync -vaz --delete ftp4.de.FreeBSD.org::FreeBSD/ /pub/FreeBSD/ + &prompt.user; rsync -vaHz --delete rsync://ftp4.de.FreeBSD.org/FreeBSD/ /pub/FreeBSD/ Consult the documentation for rsync, which is also available at @@ -453,188 +310,15 @@ cvspserver stream tcp nowait root /usr/b want to set up a script framework that calls such a command via &man.cron.8;. - - - With CVSup - - A few sites, including the one-and-only ftp-master.FreeBSD.org - even offer CVSup to mirror the contents of - the FTP space. You need to install a CVSup - client, preferably from the port net/cvsup. - (Also reread .) - A sample supfile suitable for ftp-master.FreeBSD.org - looks like this: - - # - # FreeBSD archive supfile from master server - # - *default host=ftp-master.FreeBSD.org - *default base=/usr - *default prefix=/pub - #*default release=all - *default delete use-rel-suffix - *default umask=002 - - # If your network link is a T1 or faster, comment out the following line. - #*default compress - - FreeBSD-archive release=all preserve - - - It seems CVSup would be the best - way to mirror the archive in terms of efficiency, but - it is only available from few sites. - - - Please have look at the CVSup documentation - like &man.cvsup.1; and consider using the - option. This reduces I/O operations by assuming the - recorded information about each file is correct. - - - - - Mirroring the CVS repository - There are various ways to mirror the CVS repository. - CVSup is the most common method. - - - Using CVSup - - CVSup is described in some - detail in and . - - It is very easy to setup a - CVSup mirror. Installing - net/cvsup-mirror will - make sure all of the needed programs are installed and then - gather all the needed information to configure the mirror. - - - Please do not forget to consider the hint - mentioned in this note - above. - - - - - Using other methods - - Using other methods than CVSup is - generally not recommended. We describe them in short here - anyway. Since most sites offer the CVS repository as - part of the FTP fileset under the path - /pub/FreeBSD/development/FreeBSD-CVS, - the following methods could be used. - - FTP - Rsync - HTTP - - - - AnonCVS cannot be used to mirror the CVS repository - since CVS does not allow you to access the repository - itself, only checked out versions of the modules. - - Mirroring the WWW pages - The best way is to check out the www - distribution from CVS. If you have a local mirror of the - CVS repository, it is as easy as: - &prompt.user; cvs -d /home/ncvs co www - and a cronjob, that calls cvs up -d -P - on a regular basis, maybe just after your repository was updated. - Of course, the files need to remain in a directory available - for public WWW access. The installation and configuration of a - web server is not discussed here. - - - - If you do not have a local repository, you can use - CVSup to maintain an up to date copy - of the www pages. A sample supfile can be found in - /usr/share/examples/cvsup/www-supfile and - could look like this: - - # - # WWW module supfile for FreeBSD - # - *default host=cvsup3.de.FreeBSD.org - *default base=/usr - *default prefix=/usr/local - *default release=cvs tag=. - *default delete use-rel-suffix - - # If your network link is a T1 or faster, comment out the following line. - *default compress - - # This collection retrieves the www/ tree of the FreeBSD repository - www - - - Using ftp/wget or other web-mirror tools is - not recommended. - - - Mirroring the FreeBSD documentation - - Since the documentation is referenced a lot from the - web pages, it is recommended that you mirror the - FreeBSD documentation as well. However, this is not - as trivial as the www-pages alone. - - - First of all, you should get the doc sources, - again preferably via CVSup. - Here is a corresponding sample supfile: - - # - # FreeBSD documentation supfile - # - *default host=cvsup3.de.FreeBSD.org - *default base=/usr - *default prefix=/usr/share - *default release=cvs tag=. - *default delete use-rel-suffix - - # If your network link is a T1 or faster, comment out the following line. - #*default compress - - # This will retrieve the entire doc branch of the FreeBSD repository. - # This includes the handbook, FAQ, and translations thereof. - doc-all - - - Then you need to install a couple of ports. - You are lucky, there is a meta-port: - textproc/docproj to do the work - for you. You need to set up some - environment variables, like - SGML_CATALOG_FILES. - Also have a look at your /etc/make.conf - (copy /usr/share/examples/etc/make.conf if - you do not have one), and look at the - DOC_LANG variable. - Now you are probably ready to run make - in your doc directory (/usr/share/doc - by default) and build the documentation. - Again you need to make it accessible for your web server - and make sure the links point to the right location. - - - The building of the documentation, as well as lots - of side issues, is documented itself in the - &os; Documentation - Project Primer. - Please read this piece of documentation, especially if you - have problems building the documentation. - - - + The FreeBSD website should only be mirrored via + rsync. + A command line to mirror the FreeBSD web site might look like: + &prompt.user; rsync -vaHz --delete rsync://bit0.us-west.freebsd.org/FreeBSD-www-data/ /usr/local/www/ + How often should I mirror? @@ -683,7 +367,6 @@ cvspserver stream tcp nowait root /usr/b Here are some recommended schedules: FTP fileset: daily - CVS repository: hourly WWW pages: daily @@ -708,7 +391,7 @@ cvspserver stream tcp nowait root /usr/b N is a number, telling that the host would be the Nth mirror in that country. - (Same applies to cvsupN.CC.FreeBSD.org, + (Same applies to wwwN.CC.FreeBSD.org, etc.) There are mirrors with no CC part. These are the mirror sites that are very well connected and @@ -812,9 +495,7 @@ cvspserver stream tcp nowait root /usr/b that.               - There are three master sites for the FTP fileset and - one for the CVS repository (the web pages and docs are - obtained from CVS, so there is no need for master). + There is one master site for the FTP fileset. ftp-master.FreeBSD.org @@ -823,11 +504,9 @@ cvspserver stream tcp nowait root /usr/b ftp-master.FreeBSD.org provides - rsync and CVSup + rsync access, in addition to FTP. - Refer to and - how to access - via these protocols. + Refer to . Mirrors are also encouraged to allow rsync @@ -835,32 +514,6 @@ cvspserver stream tcp nowait root /usr/b Tier-1-mirrors. - - cvsup-master.FreeBSD.org - - This is the master site for the CVS repository. - - - cvsup-master.FreeBSD.org provides - CVSup access only. - See for details. - - - To get access, you need to contact the &a.cvsup-master;. - Make sure you read the - FreeBSD CVSup Access Policy - first! - - - Set up the required authentication by following - these - instructions. Make sure you specify the server as - freefall.FreeBSD.org on the cvpasswd - command line, as described in this document, - even when you are contacting - cvsup-master.FreeBSD.org - - @@ -897,14 +550,6 @@ cvspserver stream tcp nowait root /usr/b what official tier-1 mirrors are required to. All other official mirrors can consider this a big should. - - - The following applies mainly to the FTP fileset, - since a CVS repository should always be mirrored - completely, and the web pages are a case of - its own. - - Tier-1 mirrors are required to: From owner-svn-doc-all@FreeBSD.ORG Sat May 17 14:05:20 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 98B2C2B6; Sat, 17 May 2014 14:05:20 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8601524B4; Sat, 17 May 2014 14:05:20 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4HE5Kdh032877; Sat, 17 May 2014 14:05:20 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4HE5KUp032876; Sat, 17 May 2014 14:05:20 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405171405.s4HE5KUp032876@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sat, 17 May 2014 14:05:20 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44852 - head/ja_JP.eucJP/books/handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 May 2014 14:05:20 -0000 Author: ryusuke Date: Sat May 17 14:05:20 2014 New Revision: 44852 URL: http://svnweb.freebsd.org/changeset/doc/44852 Log: - Merge the following from the English version: r43687 -> r44332 head/ja_JP.eucJP/books/handbook/book.xml Modified: head/ja_JP.eucJP/books/handbook/book.xml Modified: head/ja_JP.eucJP/books/handbook/book.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/book.xml Sat May 17 04:28:44 2014 (r44851) +++ head/ja_JP.eucJP/books/handbook/book.xml Sat May 17 14:05:20 2014 (r44852) @@ -5,7 +5,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43687 + Original revision: r44332 $FreeBSD$ --> @@ -93,7 +93,9 @@ FreeBSD へようこそ! - このハンドブックは FreeBSD &rel2.current;-RELEASE + このハンドブックは + FreeBSD &rel3.current;-RELEASE, + FreeBSD &rel2.current;-RELEASEFreeBSD &rel.current;-RELEASE のインストールおよび、日常での使い方について記述したものです。 本ハンドブックは改編作業中であり、 From owner-svn-doc-all@FreeBSD.ORG Sat May 17 16:38:30 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2D960A96; Sat, 17 May 2014 16:38:30 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1B10822E1; Sat, 17 May 2014 16:38:30 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4HGcTDx025915; Sat, 17 May 2014 16:38:29 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4HGcT2T025914; Sat, 17 May 2014 16:38:29 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201405171638.s4HGcT2T025914@svn.freebsd.org> From: Gavin Atkinson Date: Sat, 17 May 2014 16:38:29 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44853 - head/en_US.ISO8859-1/htdocs/docs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 May 2014 16:38:30 -0000 Author: gavin Date: Sat May 17 16:38:29 2014 New Revision: 44853 URL: http://svnweb.freebsd.org/changeset/doc/44853 Log: We no longer document how to mirror using CVSup. Modified: head/en_US.ISO8859-1/htdocs/docs/books.xml Modified: head/en_US.ISO8859-1/htdocs/docs/books.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/docs/books.xml Sat May 17 14:05:20 2014 (r44852) +++ head/en_US.ISO8859-1/htdocs/docs/books.xml Sat May 17 16:38:29 2014 (r44853) @@ -194,8 +194,8 @@

              Mirroring FreeBSD (hubs)
              - The all in one guide for mirroring the FreeBSD website, CVSup - servers, FTP servers, and more.

              + The all in one guide for mirroring the FreeBSD website, + FTP servers, and more.

              Independent Verification of IPsec Functionality in FreeBSD From owner-svn-doc-all@FreeBSD.ORG Sat May 17 16:47:43 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D387C2FC; Sat, 17 May 2014 16:47:43 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C0D9D23B2; Sat, 17 May 2014 16:47:43 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4HGlhf1032503; Sat, 17 May 2014 16:47:43 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4HGlhiF032502; Sat, 17 May 2014 16:47:43 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201405171647.s4HGlhiF032502@svn.freebsd.org> From: Gavin Atkinson Date: Sat, 17 May 2014 16:47:43 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44854 - head/en_US.ISO8859-1/htdocs/internal X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 May 2014 16:47:43 -0000 Author: gavin Date: Sat May 17 16:47:43 2014 New Revision: 44854 URL: http://svnweb.freebsd.org/changeset/doc/44854 Log: Remove another reference to CVSup, replace with a pointer to rsync. Modified: head/en_US.ISO8859-1/htdocs/internal/mirror.xml Modified: head/en_US.ISO8859-1/htdocs/internal/mirror.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/internal/mirror.xml Sat May 17 16:38:29 2014 (r44853) +++ head/en_US.ISO8859-1/htdocs/internal/mirror.xml Sat May 17 16:47:43 2014 (r44854) @@ -16,27 +16,19 @@

              It is possible to mirror the FreeBSD web pages www.FreeBSD.org. -This can be done using a program called csup. +This can be done using a program called rsync. -csup is a software package in the base system for +rsync is a software package in the Ports Collection for distributing and updating collections of files across a network.

              -

              Running csup

              +

              Running rsync

              If you keep your mirrored FreeBSD web pages in the directory /usr/FreeBSD-mirror and are owned by the user `fred', then run the following command as user `fred':

              -     $ csup supfile-www
-
              - -The file supfile-www contain: -
              -       *default host=cvsup.FreeBSD.org
-       *default prefix=/usr/FreeBSD-mirror
-       *default base=/usr/local/etc/cvsup
-       www release="current" delete use-rel-suffix compress
+     $ rsync -vaHz --delete rsync://bit0.us-west.freebsd.org/FreeBSD-www-data/ /usr/FreeBSD-mirror/

              This will mirror the FreeBSD web pages into From owner-svn-doc-all@FreeBSD.ORG Sat May 17 16:50:06 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 841A336C; Sat, 17 May 2014 16:50:06 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 71E6223C2; Sat, 17 May 2014 16:50:06 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4HGo6tK033077; Sat, 17 May 2014 16:50:06 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4HGo6mU033076; Sat, 17 May 2014 16:50:06 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201405171650.s4HGo6mU033076@svn.freebsd.org> From: Gavin Atkinson Date: Sat, 17 May 2014 16:50:06 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44855 - head/en_US.ISO8859-1/articles/hubs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 May 2014 16:50:06 -0000 Author: gavin Date: Sat May 17 16:50:05 2014 New Revision: 44855 URL: http://svnweb.freebsd.org/changeset/doc/44855 Log: Remove another CVSup reference. Modified: head/en_US.ISO8859-1/articles/hubs/article.xml Modified: head/en_US.ISO8859-1/articles/hubs/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/hubs/article.xml Sat May 17 16:47:43 2014 (r44854) +++ head/en_US.ISO8859-1/articles/hubs/article.xml Sat May 17 16:50:05 2014 (r44855) @@ -445,8 +445,7 @@ Check for those which provide fastest access (number of hops, round-trip-times) and offer the services you intend to - use (like rsync - or CVSup). + use (like rsync). From owner-svn-doc-all@FreeBSD.ORG Sat May 17 16:52:57 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 355983F3; Sat, 17 May 2014 16:52:57 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 22D2A244E; Sat, 17 May 2014 16:52:57 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4HGqvuG037892; Sat, 17 May 2014 16:52:57 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4HGquDp037891; Sat, 17 May 2014 16:52:56 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201405171652.s4HGquDp037891@svn.freebsd.org> From: Gavin Atkinson Date: Sat, 17 May 2014 16:52:56 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44856 - head/en_US.ISO8859-1/htdocs/docproj X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 May 2014 16:52:57 -0000 Author: gavin Date: Sat May 17 16:52:56 2014 New Revision: 44856 URL: http://svnweb.freebsd.org/changeset/doc/44856 Log: Replace a reference to CVSup with SVN. Note that this whle file desperately needs gutting and rewriting from scratch. Modified: head/en_US.ISO8859-1/htdocs/docproj/submitting.xml Modified: head/en_US.ISO8859-1/htdocs/docproj/submitting.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/docproj/submitting.xml Sat May 17 16:50:05 2014 (r44855) +++ head/en_US.ISO8859-1/htdocs/docproj/submitting.xml Sat May 17 16:52:56 2014 (r44856) @@ -30,7 +30,7 @@ If you do this, please only send plain-text documents.

              You should probably cc: this request for comments to other appropriate - mailing lists. For example, something that relates to how to use CVSup to + mailing lists. For example, something that relates to how to use SVN to keep your source tree up to date would be of interest to the subscribers of the FreeBSD-current and FreeBSD-stable mailing lists.

              From owner-svn-doc-all@FreeBSD.ORG Sat May 17 17:10:11 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CC85FB50; Sat, 17 May 2014 17:10:11 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B9F362554; Sat, 17 May 2014 17:10:11 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4HHABG7046985; Sat, 17 May 2014 17:10:11 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4HHAB3d046984; Sat, 17 May 2014 17:10:11 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201405171710.s4HHAB3d046984@svn.freebsd.org> From: Gavin Atkinson Date: Sat, 17 May 2014 17:10:11 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44857 - head/en_US.ISO8859-1/articles/pr-guidelines X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 May 2014 17:10:11 -0000 Author: gavin Date: Sat May 17 17:10:11 2014 New Revision: 44857 URL: http://svnweb.freebsd.org/changeset/doc/44857 Log: Remove another reference to cvsup, and update a paragraph that hasn't been fully true for a long time. Modified: head/en_US.ISO8859-1/articles/pr-guidelines/article.xml Modified: head/en_US.ISO8859-1/articles/pr-guidelines/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/pr-guidelines/article.xml Sat May 17 16:52:56 2014 (r44856) +++ head/en_US.ISO8859-1/articles/pr-guidelines/article.xml Sat May 17 17:10:11 2014 (r44857) @@ -1046,13 +1046,9 @@ This was misfiled because the subject di               - Junk PRs are not - backed up, so filing spam mail under this category makes it - obvious that we do not care to keep it around or waste disk - space for it. If you merely close them without changing the - category, they remain both in the master database and in - any copies of the database mirrored through - cvsup. + Setting the category to junk makes it + obvious that there is no useful content within the PR, and + helps to reduce the clutter within the main categories. From owner-svn-doc-all@FreeBSD.ORG Sat May 17 17:12:58 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2CB6CBBB; Sat, 17 May 2014 17:12:58 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F401925CA; Sat, 17 May 2014 17:12:57 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4HHCvwK052113; Sat, 17 May 2014 17:12:57 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4HHCvkI052112; Sat, 17 May 2014 17:12:57 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201405171712.s4HHCvkI052112@svn.freebsd.org> From: Gavin Atkinson Date: Sat, 17 May 2014 17:12:57 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44858 - head/en_US.ISO8859-1/articles/p4-primer X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 May 2014 17:12:58 -0000 Author: gavin Date: Sat May 17 17:12:57 2014 New Revision: 44858 URL: http://svnweb.freebsd.org/changeset/doc/44858 Log: It is no longer possible to export parts of the Perforce tree to the CVSup mirror network. Modified: head/en_US.ISO8859-1/articles/p4-primer/article.xml Modified: head/en_US.ISO8859-1/articles/p4-primer/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/p4-primer/article.xml Sat May 17 17:10:11 2014 (r44857) +++ head/en_US.ISO8859-1/articles/p4-primer/article.xml Sat May 17 17:12:57 2014 (r44858) @@ -15,7 +15,6 @@ &tm-attrib.freebsd; - &tm-attrib.cvsup; &tm-attrib.general; @@ -58,9 +57,7 @@ The &os; Perforce server is hosted on perforce.freebsd.org, port 1666. The repository is browsable - online at http://p4web.freebsd.org. - Some portions of the repository are also automatically exported - to a number of legacy CVSup servers. + online at http://p4web.freebsd.org. @@ -808,12 +805,7 @@ The bridge between Subversion and Perforce is one-way; changes to Subversion will be reflected in Perforce, but changes in Perforce will - not be reflected in Subversion. On request, some parts of the - Perforce repo can be exported to - CVSup and made available for - distribution that way. Contact the &os; - Perforce administrators if this is - something that you are interested in. + not be reflected in Subversion. @@ -823,7 +815,7 @@ assumes that network access to the server is always available. Most state, history, and metadata is saved on the server, and there is no provision for replicating the server like there is - with CVS/CVSup. It is possible to run + with SVN. It is possible to run a proxy server, but it only provides very limited utility for offline operation. From owner-svn-doc-all@FreeBSD.ORG Sat May 17 19:52:19 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 31A512A0; Sat, 17 May 2014 19:52:19 +0000 (UTC) Received: from mail-gw14.york.ac.uk (mail-gw14.york.ac.uk [144.32.129.164]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EB18D21FD; Sat, 17 May 2014 19:52:18 +0000 (UTC) Received: from ury.york.ac.uk ([144.32.64.162]:17947) by mail-gw14.york.ac.uk with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.76) (envelope-from ) id 1WlkXy-0001GN-E8; Sat, 17 May 2014 20:45:30 +0100 Date: Sat, 17 May 2014 20:45:30 +0100 (BST) From: Gavin Atkinson X-X-Sender: gavin@ury.york.ac.uk To: Dru Lavigne Subject: Re: svn commit: r44770 - head/en_US.ISO8859-1/books/handbook/config In-Reply-To: <201405061418.s46EISgd036096@svn.freebsd.org> Message-ID: References: <201405061418.s46EISgd036096@svn.freebsd.org> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Cc: svn-doc-head@freebsd.org, svn-doc-all@freebsd.org, doc-committers@freebsd.org X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 May 2014 19:52:19 -0000 On Tue, 6 May 2014, Dru Lavigne wrote: > Author: dru > Date: Tue May 6 14:18:28 2014 > New Revision: 44770 > URL: http://svnweb.freebsd.org/changeset/doc/44770 > > Log: > Editorial review of Swap Space section. > This really belongs in the Storage chapter and should have a reference for ZFS swap. We generally recommend against using swap on ZFS, as it can currently be unstable under low-memory or high-activity situations. This will likely be fixed in the future though. Generally, I'll create a separate gmirror partition or similar for swap, and use the rest of the disks for the ZFS partiton. Gavin > > Sponsored by: iXsystems > > Modified: > head/en_US.ISO8859-1/books/handbook/config/chapter.xml > > Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml > ============================================================================== > --- head/en_US.ISO8859-1/books/handbook/config/chapter.xml Tue May 6 13:38:06 2014 (r44769) > +++ head/en_US.ISO8859-1/books/handbook/config/chapter.xml Tue May 6 14:18:28 2014 (r44770) > @@ -2703,9 +2703,9 @@ kern.maxvnodes: 100000 > > Adding Swap Space > > - Sometimes a system requires more swap space. There are > - three ways to increase swap space: add a new hard drive, > - enable swap over NFS, or create a swap file > + Sometimes a system requires more swap space. This section > + describes two methods to increase swap space: adding swap to an > + existing partition or new hard drive, and creating a swap file > on an existing partition. > > For information on how to encrypt swap space, which options > @@ -2713,16 +2713,16 @@ kern.maxvnodes: 100000 > . > > > - Swap on a New or Existing Hard Drive > + Swap on a New Hard Drive or Existing Partition > > Adding a new hard drive for swap gives better performance > - than adding a partition on an existing drive. Setting up > + than using a partition on an existing drive. Setting up > partitions and hard drives is explained in > while > discusses partition > layouts and swap partition size considerations. > > - Use &man.swapon.8; to add a swap partition to the system. > + Use swapon to add a swap partition to the system. > For example: > > &prompt.root; swapon /dev/ada1s1b > @@ -2730,10 +2730,10 @@ kern.maxvnodes: 100000 > > It is possible to use any partition not currently > mounted, even if it already contains data. Using > - &man.swapon.8; on a partition that contains data will > + swapon on a partition that contains data will > overwrite and destroy that data. Make sure that the > partition to be added as swap is really the intended > - partition before running &man.swapon.8;. > + partition before running swapon. > > > To automatically add this swap partition on boot, add an > @@ -2742,34 +2742,26 @@ kern.maxvnodes: 100000 > /dev/ada1s1b none swap sw 0 0 > > See &man.fstab.5; for an explanation of the entries in > - /etc/fstab. > - > - > - > - Swapping over <literal>NFS</literal> > - > - Swapping over NFS is only recommended > - when there is no local hard disk to swap to. > - NFS swapping will be limited by the > - available network bandwidth and puts an additional burden > - on &man.nfsd.8;. > + /etc/fstab. More information about > + swapon can be found in > + &man.swapon.8;. > > > > - Swapfiles > + Creating a Swap File > > - To create a swap file, specify its size. The following > + To instead create a swap file, specify its size. The following > example creates a 64MB file named > /usr/swap0. > > > - Creating a Swapfile on &os; > + Creating a Swap File on &os; > > > > The GENERIC kernel already > - includes the memory disk driver (&man.md.4;) required > - for this operation. When building a custom kernel, > + includes the required memory disk driver. > + When building a custom kernel, > make sure to include the following line in the custom > configuration file: > > @@ -2780,31 +2772,33 @@ kern.maxvnodes: 100000 > > > > - First, create the swapfile > + Create the swap file, > /usr/swap0: > > - &prompt.root; dd if=/dev/zero of=/usr/swap0 bs=1024k count=64 > + &prompt.root; dd if=/dev/zero of=/usr/swap0 bs=1024k count=64 > > > > Then, set proper permissions on > /usr/swap0: > > - &prompt.root; chmod 0600 /usr/swap0 > + &prompt.root; chmod 0600 /usr/swap0 > > > > Enable the swap file in > /etc/rc.conf: > > - swapfile="/usr/swap0" # Set to name of swapfile if aux swapfile desired. > + swapfile="/usr/swap0" # Set to name of swap file > > > > - Reboot the machine or, to enable the swap file > - immediately, type: > + To enable the swap file > + immediately, specify a free memory device. Refer to > + for more information > + about memory devices. > > - &prompt.root; mdconfig -a -t vnode -f /usr/swap0 -u 0 && swapon /dev/md0 > + &prompt.root; mdconfig -a -t vnode -f /usr/swap0 -u 0 && swapon /dev/md0 > > > > > From owner-svn-doc-all@FreeBSD.ORG Sat May 17 19:58:40 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9B5E549A; Sat, 17 May 2014 19:58:40 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6FFF32224; Sat, 17 May 2014 19:58:40 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4HJweWv052218; Sat, 17 May 2014 19:58:40 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4HJweiZ052217; Sat, 17 May 2014 19:58:40 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201405171958.s4HJweiZ052217@svn.freebsd.org> From: Gavin Atkinson Date: Sat, 17 May 2014 19:58:40 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44859 - head/en_US.ISO8859-1/htdocs/projects X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 May 2014 19:58:40 -0000 Author: gavin Date: Sat May 17 19:58:39 2014 New Revision: 44859 URL: http://svnweb.freebsd.org/changeset/doc/44859 Log: Delete the 2011-freebsd-gsoc.jpg image, it is unused. Deleted: head/en_US.ISO8859-1/htdocs/projects/2011-freebsd-gsoc.jpg From owner-svn-doc-all@FreeBSD.ORG Sat May 17 20:07:17 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1BDF278E; Sat, 17 May 2014 20:07:17 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 08D4622F7; Sat, 17 May 2014 20:07:17 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4HK7GBW058594; Sat, 17 May 2014 20:07:16 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4HK7Gij058593; Sat, 17 May 2014 20:07:16 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201405172007.s4HK7Gij058593@svn.freebsd.org> From: Gavin Atkinson Date: Sat, 17 May 2014 20:07:16 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44860 - head/en_US.ISO8859-1/htdocs/projects X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 May 2014 20:07:17 -0000 Author: gavin Date: Sat May 17 20:07:16 2014 New Revision: 44860 URL: http://svnweb.freebsd.org/changeset/doc/44860 Log: Remove Summer of Code posters from 2009-2013, keeping only the one from 2014. They are no longer linked to from anywhere so there is no point in installing them. If requred, they will still exist in the repo history. Deleted: head/en_US.ISO8859-1/htdocs/projects/2009-freebsd-gsoc-thumbnail.jpg head/en_US.ISO8859-1/htdocs/projects/2009-freebsd-gsoc.pdf head/en_US.ISO8859-1/htdocs/projects/2010-freebsd-gsoc-thumbnail.jpg head/en_US.ISO8859-1/htdocs/projects/2010-freebsd-gsoc.pdf head/en_US.ISO8859-1/htdocs/projects/2011-freebsd-gsoc-thumbnail.jpg head/en_US.ISO8859-1/htdocs/projects/2011-freebsd-gsoc.pdf head/en_US.ISO8859-1/htdocs/projects/2013-freebsd-gsoc-thumbnail.jpg head/en_US.ISO8859-1/htdocs/projects/2013-freebsd-gsoc.pdf Modified: head/en_US.ISO8859-1/htdocs/projects/Makefile Modified: head/en_US.ISO8859-1/htdocs/projects/Makefile ============================================================================== --- head/en_US.ISO8859-1/htdocs/projects/Makefile Sat May 17 19:58:39 2014 (r44859) +++ head/en_US.ISO8859-1/htdocs/projects/Makefile Sat May 17 20:07:16 2014 (r44860) @@ -16,15 +16,7 @@ DOCS+= summerofcode-2006.xml DOCS+= summerofcode-2007.xml DOCS+= summerofcode-2008.xml -DATA= 2009-freebsd-gsoc-thumbnail.jpg -DATA+= 2009-freebsd-gsoc.pdf -DATA+= 2010-freebsd-gsoc-thumbnail.jpg -DATA+= 2010-freebsd-gsoc.pdf -DATA+= 2011-freebsd-gsoc-thumbnail.jpg -DATA+= 2011-freebsd-gsoc.pdf -DATA+= 2013-freebsd-gsoc-thumbnail.jpg -DATA+= 2013-freebsd-gsoc.pdf -DATA+= 2014-freebsd-gsoc-thumbnail.jpg +DATA= 2014-freebsd-gsoc-thumbnail.jpg DATA+= 2014-freebsd-gsoc.pdf INDEXLINK= projects.html From owner-svn-doc-all@FreeBSD.ORG Sun May 18 01:09:43 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CEF02AD6; Sun, 18 May 2014 01:09:43 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BC915298C; Sun, 18 May 2014 01:09:43 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4I19hBD046258; Sun, 18 May 2014 01:09:43 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4I19hK9046254; Sun, 18 May 2014 01:09:43 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405180109.s4I19hK9046254@svn.freebsd.org> From: Benedict Reuschling Date: Sun, 18 May 2014 01:09:43 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-svnadmin@freebsd.org Subject: svn commit: r44861 - svnadmin/conf X-SVN-Group: doc-svnadmin MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 May 2014 01:09:43 -0000 Author: bcr Date: Sun May 18 01:09:42 2014 New Revision: 44861 URL: http://svnweb.freebsd.org/changeset/doc/44861 Log: Please welcome Allan Jude to the ranks of documentation committers, He has been sending patches to us for far too long, so it is time to punish him as we always do in this situation. To help him learn, wblock@ and eadler@ will help me. Congratulations, Allan! Approved by: doceng (gjb) Modified: svnadmin/conf/access svnadmin/conf/mentors Modified: svnadmin/conf/access ============================================================================== --- svnadmin/conf/access Sat May 17 20:07:16 2014 (r44860) +++ svnadmin/conf/access Sun May 18 01:09:42 2014 (r44861) @@ -18,6 +18,7 @@ # use "Approved by: doceng (implicit)" to that type of commits. # ale +allanjude bcr bjk blackend Modified: svnadmin/conf/mentors ============================================================================== --- svnadmin/conf/mentors Sat May 17 20:07:16 2014 (r44860) +++ svnadmin/conf/mentors Sun May 18 01:09:42 2014 (r44861) @@ -10,6 +10,7 @@ # Sort by mentee login name. # Mentee Mentor Optional comment +allanjude bcr co-mentor: wblock, eadler bjk hrs des gjb backup mentor: gabor ebrandi gabor From owner-svn-doc-all@FreeBSD.ORG Sun May 18 04:19:29 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E5EDC389; Sun, 18 May 2014 04:19:28 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C49F12638; Sun, 18 May 2014 04:19:28 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4I4JScG063237; Sun, 18 May 2014 04:19:28 GMT (envelope-from allanjude@svn.freebsd.org) Received: (from allanjude@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4I4JRJX063227; Sun, 18 May 2014 04:19:27 GMT (envelope-from allanjude@svn.freebsd.org) Message-Id: <201405180419.s4I4JRJX063227@svn.freebsd.org> From: Allan Jude Date: Sun, 18 May 2014 04:19:27 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44862 - in head: en_US.ISO8859-1/articles/contributors share/pgpkeys share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 May 2014 04:19:29 -0000 Author: allanjude Date: Sun May 18 04:19:27 2014 New Revision: 44862 URL: http://svnweb.freebsd.org/changeset/doc/44862 Log: Add myself as a committer and import my GPG key. Approved by: bcr (mentor) Added: head/share/pgpkeys/allanjude.key (contents, props changed) Modified: head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml head/share/pgpkeys/pgpkeys-developers.xml head/share/pgpkeys/pgpkeys.ent head/share/xml/authors.ent Modified: head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Sun May 18 01:09:42 2014 (r44861) +++ head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Sun May 18 04:19:27 2014 (r44862) @@ -528,11 +528,6 @@ - Allan Jude - freebsd@allanjude.com - - - Allan Saddi asaddi@philosophysw.com Modified: head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Sun May 18 01:09:42 2014 (r44861) +++ head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Sun May 18 04:19:27 2014 (r44862) @@ -567,6 +567,10 @@ + &a.allanjude.email; + + + &a.tj.email; Added: head/share/pgpkeys/allanjude.key ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/pgpkeys/allanjude.key Sun May 18 04:19:27 2014 (r44862) @@ -0,0 +1,254 @@ + + + +uid [Near Source IT] Allan Jude (Vice President - 7065213 Canada Limited) +uid Allan Jude +uid Allan Jude (FreeBSD) +sub 4096R/374364F98C697BF2 2012-06-06 + +]]> + Modified: head/share/pgpkeys/pgpkeys-developers.xml ============================================================================== --- head/share/pgpkeys/pgpkeys-developers.xml Sun May 18 01:09:42 2014 (r44861) +++ head/share/pgpkeys/pgpkeys-developers.xml Sun May 18 04:19:27 2014 (r44862) @@ -836,6 +836,11 @@ &pgpkey.trevor; + + &a.allanjude.email; + &pgpkey.allanjude; + + &a.tj.email; &pgpkey.tj; Modified: head/share/pgpkeys/pgpkeys.ent ============================================================================== --- head/share/pgpkeys/pgpkeys.ent Sun May 18 01:09:42 2014 (r44861) +++ head/share/pgpkeys/pgpkeys.ent Sun May 18 04:19:27 2014 (r44862) @@ -15,6 +15,7 @@ + Modified: head/share/xml/authors.ent ============================================================================== --- head/share/xml/authors.ent Sun May 18 01:09:42 2014 (r44861) +++ head/share/xml/authors.ent Sun May 18 04:19:27 2014 (r44862) @@ -87,6 +87,9 @@ alfred@FreeBSD.org"> + +allanjude@FreeBSD.org"> + alm@FreeBSD.org"> From owner-svn-doc-all@FreeBSD.ORG Sun May 18 13:36:45 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F222C16F; Sun, 18 May 2014 13:36:44 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DF2A42A9F; Sun, 18 May 2014 13:36:44 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4IDaiA2005232; Sun, 18 May 2014 13:36:44 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4IDai3v005231; Sun, 18 May 2014 13:36:44 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405181336.s4IDai3v005231@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sun, 18 May 2014 13:36:44 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44863 - head/ja_JP.eucJP/htdocs/docproj X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 May 2014 13:36:45 -0000 Author: ryusuke Date: Sun May 18 13:36:44 2014 New Revision: 44863 URL: http://svnweb.freebsd.org/changeset/doc/44863 Log: - Merge the following from the English version: r28473 -> r44856 head/ja_JP.eucJP/htdocs/docproj/submitting.xml Modified: head/ja_JP.eucJP/htdocs/docproj/submitting.xml Modified: head/ja_JP.eucJP/htdocs/docproj/submitting.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/docproj/submitting.xml Sun May 18 04:19:27 2014 (r44862) +++ head/ja_JP.eucJP/htdocs/docproj/submitting.xml Sun May 18 13:36:44 2014 (r44863) @@ -5,7 +5,7 @@ ]> - + @@ -36,7 +36,7 @@

              そのメッセージを他の適切なメーリングリストに cc: した方がよい場合も多いでしょう。 例えば、そのドキュメンテーションが、 - ソースツリーを最新の状態に保つための CVSup + ソースツリーを最新の状態に保つための SVN の使用法について言及しているなら、 その内容は FreeBSD-currentFreeBSD-stable メーリングリストの講読者にとっても興味あるものでしょう。

              From owner-svn-doc-all@FreeBSD.ORG Sun May 18 13:49:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C62B65EA; Sun, 18 May 2014 13:49:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9AC782B7A; Sun, 18 May 2014 13:49:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4IDnaFL012054; Sun, 18 May 2014 13:49:36 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4IDna66012053; Sun, 18 May 2014 13:49:36 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405181349.s4IDna66012053@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sun, 18 May 2014 13:49:36 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44864 - head/ja_JP.eucJP/htdocs/internal X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 May 2014 13:49:36 -0000 Author: ryusuke Date: Sun May 18 13:49:36 2014 New Revision: 44864 URL: http://svnweb.freebsd.org/changeset/doc/44864 Log: - Merge the following from the English version: r41110 -> r44854 head/ja_JP.eucJP/htdocs/internal/mirror.xml Modified: head/ja_JP.eucJP/htdocs/internal/mirror.xml Modified: head/ja_JP.eucJP/htdocs/internal/mirror.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/internal/mirror.xml Sun May 18 13:36:44 2014 (r44863) +++ head/ja_JP.eucJP/htdocs/internal/mirror.xml Sun May 18 13:49:36 2014 (r44864) @@ -1,10 +1,10 @@ ]> - + @@ -18,27 +18,19 @@

              www.FreeBSD.org にある FreeBSD の Web ページをミラーすることができます。 -ミラーは、csup というプログラムを使って行うことができます。 +ミラーは、rsync というプログラムを使って行うことができます。 -csup は、 -ネットワークを通じてファイル群を配布・アップデートするためのソフトウェアパッケージで、ベースシステムに用意されています。

              +rsync は、 +ネットワークを通じてファイル群を配布・アップデートするためのソフトウェアパッケージで、Ports Collection に用意されています。

              -

              csup を走らせる

              +

              rsync を走らせる

              ミラーする FreeBSD の web ページを /usr/FreeBSD-mirror に置き、ユーザ `fred' に所有させたい場合、ユーザ `fred' になって以下のコマンドを実行してください。

              -     $ csup supfile-www
-
              - -supfile-www ファイルには以下のような記述が含まれています。 -
              -       *default host=cvsup.FreeBSD.org
-       *default prefix=/usr/FreeBSD-mirror
-       *default base=/usr/local/etc/cvsup
-       www release=current delete use-rel-suffix compress
+     $ rsync -vaHz --delete rsync://bit0.us-west.freebsd.org/FreeBSD-www-data/ /usr/FreeBSD-mirror/

              こうすれば FreeBSD の web ページを /usr/FreeBSD-mirror From owner-svn-doc-all@FreeBSD.ORG Sun May 18 14:59:07 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6425562F; Sun, 18 May 2014 14:59:07 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 510792083; Sun, 18 May 2014 14:59:07 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4IEx7bZ057676; Sun, 18 May 2014 14:59:07 GMT (envelope-from gnn@svn.freebsd.org) Received: (from gnn@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4IEx75c057675; Sun, 18 May 2014 14:59:07 GMT (envelope-from gnn@svn.freebsd.org) Message-Id: <201405181459.s4IEx75c057675@svn.freebsd.org> From: "George V. Neville-Neil" Date: Sun, 18 May 2014 14:59:07 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44865 - head/en_US.ISO8859-1/books/fdp-primer/overview X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 May 2014 14:59:07 -0000 Author: gnn Date: Sun May 18 14:59:06 2014 New Revision: 44865 URL: http://svnweb.freebsd.org/changeset/doc/44865 Log: Remove location specific component of SVN repository from the example. Approved by: gjb (mentor) Modified: head/en_US.ISO8859-1/books/fdp-primer/overview/chapter.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/overview/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/overview/chapter.xml Sun May 18 13:49:36 2014 (r44864) +++ head/en_US.ISO8859-1/books/fdp-primer/overview/chapter.xml Sun May 18 14:59:06 2014 (r44865) @@ -156,7 +156,7 @@ ~/doc (see ). - &prompt.user; svn checkout https://svn0.us-west.FreeBSD.org/doc/head ~/doc + &prompt.user; svn checkout https://svn.FreeBSD.org/doc/head ~/doc From owner-svn-doc-all@FreeBSD.ORG Sun May 18 17:13:27 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 652252A2; Sun, 18 May 2014 17:13:27 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 45AF42A6E; Sun, 18 May 2014 17:13:27 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4IHDRu6048782; Sun, 18 May 2014 17:13:27 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4IHDRcm048781; Sun, 18 May 2014 17:13:27 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405181713.s4IHDRcm048781@svn.freebsd.org> From: Dru Lavigne Date: Sun, 18 May 2014 17:13:27 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44866 - head/en_US.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 May 2014 17:13:27 -0000 Author: dru Date: Sun May 18 17:13:26 2014 New Revision: 44866 URL: http://svnweb.freebsd.org/changeset/doc/44866 Log: Modernize the min hardware requirements to match recent Hardware Notes. Format architectures as a variablelist. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Sun May 18 14:59:06 2014 (r44865) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Sun May 18 17:13:26 2014 (r44866) @@ -24,18 +24,17 @@ by - + @@ -72,14 +71,13 @@ installation - &os; comes with a text-based, easy to use installation - program. &os; 9.0-RELEASE and later use an installation - program called bsdinstall, while - releases prior to &os; 9.0-RELEASE using - sysinstall for installation. This - chapter describes the use of + Beginning with &os; 9.0-RELEASE, &os; provides an easy + to use, text-based installation + program named bsdinstall. This + chapter describes how to install &os; using bsdinstall. The use of - sysinstall is covered in sysinstall, which is the installation + program used by &os; 8.x, is covered in . After reading this chapter, you will know: @@ -89,10 +87,10 @@ How to create the &os; installation media. + How &os; subdivides and refers to hard disks. - + --> How to start @@ -127,98 +125,130 @@ - Hardware Requirements - - - Minimal Configuration - - The minimal configuration to install &os; varies with the - &os; version and the hardware architecture. - - A summary of this information is given in the following - sections. Depending upon the method chosen to install &os;, - a supported CD drive and, in some cases, a - network adapter may be needed. This will be covered by - . - - - &os;/&arch.i386; - - &os;/&arch.i386; requires a 486 or better processor and - at least 64 MB of RAM. At least - 1.1 GB of free hard drive space is needed for the most - minimal installation. - - - On old computers, increasing RAM - and hard drive space is usually more effective at - improving performance than installing a faster - processor. - - + Minimum Hardware Requirements - - &os;/&arch.amd64; + The hardware requirements to install &os; vary by the + &os; version and the hardware architecture. Hardware + architectures and devices supported by a &os; + release are listed in the Hardware Notes file. Usually named + HARDWARE.TXT, the file is located in the + root directory of the release media. Copies of the supported + hardware list are also available on the Release Information + page of the &os; web site (http://www.FreeBSD.org/releases/index.html). + A &os; installation will require at least 64 MB of + RAM and 1.1 GB of free hard drive + space for the most minimal installation. It is recommended to + increase RAM and hard drive space to meet + the needs of the applications that will be used and the amount + of data that will be stored. The processor requirements for + each architecture can be summarized as follows: + + + + &arch.amd64; + There are two classes of processors capable of running - &os;/&arch.amd64;. The first are AMD64 processors, - including the &amd.athlon;64, &amd.athlon;64-FX, - &amd.opteron; or better processors. + &arch.amd64;. The first are AMD64 processors, + including the &amd.athlon;64 and + &amd.opteron; processors. - The second class of processors that can use - &os;/&arch.amd64; includes those using the + The second class of processors includes those using the &intel; EM64T architecture. Examples of these - processors include the &intel; &core; 2 Duo, Quad, - Extreme processor families, the &intel; &xeon; 3000, - 5000, and 7000 sequences of processors, the - &intel; &xeon; E3, E5 and E7 processors, and the - &intel; &core; i3, i5 and i7 processors. - - If the system is based on an nVidia nForce3 Pro-150, the - IO APIC - must be disabled in the - BIOS setup. If this - BIOS option does not exist, disable - ACPI instead. - + processors include all multi-core &intel; &xeon; + processors except Sossaman, the single-core + &intel; &xeon; processors Nocona, Irwindale, Potomac, + and Cranford, the &intel; &core; 2 (not Core Duo) + and later processors, all &intel; &pentium; D processors, the + &intel; &pentium; 4s and Celeron Ds using the Cedar + Mill core, and some &intel; &pentium; 4s and Celeron Ds + using the Prescott core. - - &os;/&arch.powerpc; &apple; &macintosh; + Both Uniprocessor (UP) and Symmetric + Multi-processor (SMP) configurations are + supported. + + + + + &arch.i386; + + Almost all i386-compatible processors with a floating + point unit are supported. All &intel; processors + 486 or higher are supported. + + &os; will take advantage of Physical Address Extensions + (PAE) support on CPUs + that support this feature. A kernel with the + PAE feature enabled will detect memory + above 4 GB and allow it to be used by the system. + This feature places constraints on the device drivers and + other features of &os; which may be used; refer to + &man.pae.4; for details. + + + + + + ia64 + + Currently supported processors are the &itanium; and the + &itanium; 2. Supported chipsets include the HP zx1, &intel; + 460GX, and &intel; E8870. Both Uniprocessor + (UP) and Symmetric Multi-processor + (SMP) configurations are supported. + + + + + pc98 + + NEC PC-9801/9821 series with almost all i386-compatible + processors, including 80486, &pentium;, &pentium; Pro, and + &pentium; II, are all supported. All i386-compatible processors + by AMD, Cyrix, IBM, and IDT are also supported. EPSON + PC-386/486/586 series, which are compatible with NEC PC-9801 + series, are supported. The NEC FC-9801/9821 and NEC SV-98 + series should be supported. + + High-resolution mode is not supported. NEC + PC-98XA/XL/RL/XL^2, and NEC PC-H98 series are supported in + normal (PC-9801 compatible) mode only. The + SMP-related features of &os; are not + supported. The New Extend Standard Architecture + (NESA) bus used in the PC-H98, SV-H98, + and FC-H98 series, is not supported. + + - All New World &apple; &macintosh; systems with built-in + + &arch.powerpc; + + All New World ROM &apple; &macintosh; systems with built-in USB are supported. SMP is supported on machines with multiple CPUs. A 32-bit kernel can only use the first 2 GB of - RAM. &firewire; is not supported on the - Blue & White PowerMac G3. - - - - &os;/&arch.sparc64; + RAM. + + + + &arch.sparc64; + Systems supported by &os;/&arch.sparc64; are listed at the FreeBSD/sparc64 Project (http://www.freebsd.org/platforms/sparc.html). - A dedicated disk is required for &os;/&arch.sparc64;. - It is not possible to share a disk with another operating + SMP is supported on all systems with + more than 1 processor. A dedicated disk is required as + it is not possible to share a disk with another operating system at this time. - - - - - Supported Hardware - - Hardware architectures and devices supported by a &os; - release are listed in the Hardware Notes file. Usually named - HARDWARE.TXT, the file is located in the - root directory of the release media. Copies of the supported - hardware list are also available on the Release Information - page of the &os; web site (http://www.FreeBSD.org/releases/index.html). - + + + From owner-svn-doc-all@FreeBSD.ORG Sun May 18 18:18:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 588B3E17; Sun, 18 May 2014 18:18:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 459792F56; Sun, 18 May 2014 18:18:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4IIIAxM088510; Sun, 18 May 2014 18:18:10 GMT (envelope-from wosch@svn.freebsd.org) Received: (from wosch@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4IIIAZl088509; Sun, 18 May 2014 18:18:10 GMT (envelope-from wosch@svn.freebsd.org) Message-Id: <201405181818.s4IIIAZl088509@svn.freebsd.org> From: Wolfram Schneider Date: Sun, 18 May 2014 18:18:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44867 - head/en_US.ISO8859-1/htdocs/cgi X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 May 2014 18:18:10 -0000 Author: wosch Date: Sun May 18 18:18:09 2014 New Revision: 44867 URL: http://svnweb.freebsd.org/changeset/doc/44867 Log: Add 'FreeBSD Ports 8.4-RELEASE' and 'FreeBSD Ports 9.2-RELEASE' manual pages Modified: head/en_US.ISO8859-1/htdocs/cgi/man.cgi Modified: head/en_US.ISO8859-1/htdocs/cgi/man.cgi ============================================================================== --- head/en_US.ISO8859-1/htdocs/cgi/man.cgi Sun May 18 17:13:26 2014 (r44866) +++ head/en_US.ISO8859-1/htdocs/cgi/man.cgi Sun May 18 18:18:09 2014 (r44867) @@ -248,6 +248,7 @@ $manPathDefault = 'FreeBSD 10.0-RELEASE' "$manLocalDir/FreeBSD-9.1-RELEASE/man:$manLocalDir/FreeBSD-9.1-RELEASE/openssl/man", 'FreeBSD 9.0-RELEASE', "$manLocalDir/FreeBSD-9.0-RELEASE/man:$manLocalDir/FreeBSD-9.0-RELEASE/openssl/man", + 'FreeBSD Ports 9.2-RELEASE', "$manLocalDir/FreeBSD-ports-9.2-RELEASE/man:$manLocalDir/FreeBSD-ports-9.2-RELEASE/misc", 'FreeBSD Ports 9.0-RELEASE', "$manLocalDir/FreeBSD-ports-9.0-RELEASE/man:$manLocalDir/FreeBSD-ports-9.0-RELEASE/lib-perl5-perl-5.12.4-man:$manLocalDir/FreeBSD-ports-9.0-RELEASE/misc", 'FreeBSD 8.4-stable', @@ -265,6 +266,7 @@ $manPathDefault = 'FreeBSD 10.0-RELEASE' 'FreeBSD 8.0-RELEASE', "$manLocalDir/FreeBSD-8.0-RELEASE/man:$manLocalDir/FreeBSD-8.0-RELEASE/openssl/man", + 'FreeBSD Ports 8.4-RELEASE', "$manLocalDir/FreeBSD-ports-8.4-RELEASE/man:$manLocalDir/FreeBSD-ports-8.4-RELEASE/misc", 'FreeBSD Ports 8.1-RELEASE', "$manLocalDir/FreeBSD-ports-8.1-RELEASE", 'FreeBSD Ports 8.0-RELEASE', "$manLocalDir/FreeBSD-ports-8.0-RELEASE", From owner-svn-doc-all@FreeBSD.ORG Sun May 18 18:20:29 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 81810E86; Sun, 18 May 2014 18:20:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6EEAB2F68; Sun, 18 May 2014 18:20:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4IIKTIe091809; Sun, 18 May 2014 18:20:29 GMT (envelope-from wosch@svn.freebsd.org) Received: (from wosch@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4IIKTAF091808; Sun, 18 May 2014 18:20:29 GMT (envelope-from wosch@svn.freebsd.org) Message-Id: <201405181820.s4IIKTAF091808@svn.freebsd.org> From: Wolfram Schneider Date: Sun, 18 May 2014 18:20:29 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44868 - head/en_US.ISO8859-1/htdocs/cgi X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 May 2014 18:20:29 -0000 Author: wosch Date: Sun May 18 18:20:28 2014 New Revision: 44868 URL: http://svnweb.freebsd.org/changeset/doc/44868 Log: freebsd-stable9 points to 9.2-stable Modified: head/en_US.ISO8859-1/htdocs/cgi/man.cgi Modified: head/en_US.ISO8859-1/htdocs/cgi/man.cgi ============================================================================== --- head/en_US.ISO8859-1/htdocs/cgi/man.cgi Sun May 18 18:18:09 2014 (r44867) +++ head/en_US.ISO8859-1/htdocs/cgi/man.cgi Sun May 18 18:20:28 2014 (r44868) @@ -240,8 +240,8 @@ $manPathDefault = 'FreeBSD 10.0-RELEASE' 'FreeBSD 10.0-stable', "$manLocalDir/FreeBSD-10.0-stable/man:$manLocalDir/FreeBSD-10.0-stable/openssl/man", - 'FreeBSD 9.1-stable', -"$manLocalDir/FreeBSD-9.1-stable/man:$manLocalDir/FreeBSD-9.1-stable/openssl/man", + 'FreeBSD 9.2-stable', +"$manLocalDir/FreeBSD-9.2-stable/man:$manLocalDir/FreeBSD-9.2-stable/openssl/man", 'FreeBSD 9.2-RELEASE', "$manLocalDir/FreeBSD-9.2-RELEASE/man:$manLocalDir/FreeBSD-9.2-RELEASE/openssl/man", 'FreeBSD 9.1-RELEASE', @@ -639,7 +639,7 @@ while ( ( $key, $val ) = each %manPath ) 'freebsd-stable', 'FreeBSD 10.0-stable', 'freebsd-stable10', 'FreeBSD 10.0-stable', - 'freebsd-stable9', 'FreeBSD 9.1-stable', + 'freebsd-stable9', 'FreeBSD 9.2-stable', 'freebsd-stable8', 'FreeBSD 8.3-stable', 'freebsd-stable7', 'FreeBSD 7.4-stable', 'freebsd-stable6', 'FreeBSD 6.4-stable', From owner-svn-doc-all@FreeBSD.ORG Sun May 18 18:21:19 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4C6A7EE3; Sun, 18 May 2014 18:21:19 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3A13E2FD6; Sun, 18 May 2014 18:21:19 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4IILJwc092986; Sun, 18 May 2014 18:21:19 GMT (envelope-from wosch@svn.freebsd.org) Received: (from wosch@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4IILJcq092985; Sun, 18 May 2014 18:21:19 GMT (envelope-from wosch@svn.freebsd.org) Message-Id: <201405181821.s4IILJcq092985@svn.freebsd.org> From: Wolfram Schneider Date: Sun, 18 May 2014 18:21:19 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44869 - head/en_US.ISO8859-1/htdocs/cgi X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 May 2014 18:21:19 -0000 Author: wosch Date: Sun May 18 18:21:18 2014 New Revision: 44869 URL: http://svnweb.freebsd.org/changeset/doc/44869 Log: freebsd-stable8 points to FreeBSD 8.4-stable Modified: head/en_US.ISO8859-1/htdocs/cgi/man.cgi Modified: head/en_US.ISO8859-1/htdocs/cgi/man.cgi ============================================================================== --- head/en_US.ISO8859-1/htdocs/cgi/man.cgi Sun May 18 18:20:28 2014 (r44868) +++ head/en_US.ISO8859-1/htdocs/cgi/man.cgi Sun May 18 18:21:18 2014 (r44869) @@ -640,7 +640,7 @@ while ( ( $key, $val ) = each %manPath ) 'freebsd-stable', 'FreeBSD 10.0-stable', 'freebsd-stable10', 'FreeBSD 10.0-stable', 'freebsd-stable9', 'FreeBSD 9.2-stable', - 'freebsd-stable8', 'FreeBSD 8.3-stable', + 'freebsd-stable8', 'FreeBSD 8.4-stable', 'freebsd-stable7', 'FreeBSD 7.4-stable', 'freebsd-stable6', 'FreeBSD 6.4-stable', From owner-svn-doc-all@FreeBSD.ORG Sun May 18 18:24:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 609DDFF1; Sun, 18 May 2014 18:24:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4E1A82002; Sun, 18 May 2014 18:24:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4IIOuk9094379; Sun, 18 May 2014 18:24:56 GMT (envelope-from wosch@svn.freebsd.org) Received: (from wosch@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4IIOuG3094378; Sun, 18 May 2014 18:24:56 GMT (envelope-from wosch@svn.freebsd.org) Message-Id: <201405181824.s4IIOuG3094378@svn.freebsd.org> From: Wolfram Schneider Date: Sun, 18 May 2014 18:24:56 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44870 - head/en_US.ISO8859-1/htdocs/cgi X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 May 2014 18:24:56 -0000 Author: wosch Date: Sun May 18 18:24:55 2014 New Revision: 44870 URL: http://svnweb.freebsd.org/changeset/doc/44870 Log: add FreeBSD 9.2-RELEASE and Ports Modified: head/en_US.ISO8859-1/htdocs/cgi/man.cgi Modified: head/en_US.ISO8859-1/htdocs/cgi/man.cgi ============================================================================== --- head/en_US.ISO8859-1/htdocs/cgi/man.cgi Sun May 18 18:21:18 2014 (r44869) +++ head/en_US.ISO8859-1/htdocs/cgi/man.cgi Sun May 18 18:24:55 2014 (r44870) @@ -212,6 +212,8 @@ $manLocalDir = '/usr/local/www/bsddoc $manPathDefault = 'FreeBSD 10.0-RELEASE'; %manPath = ( + 'FreeBSD 9.2-RELEASE and Ports', +"$manLocalDir/FreeBSD-9.2-RELEASE/man:$manLocalDir/FreeBSD-9.2-RELEASE/openssl/man:$manLocalDir/FreeBSD-ports-9.2-RELEASE/man:$manLocalDir/FreeBSD-ports-9.2-RELEASE/misc", 'FreeBSD 9.0-RELEASE and Ports', "$manLocalDir/FreeBSD-9.0-RELEASE/man:$manLocalDir/FreeBSD-9.0-RELEASE/openssl/man:$manLocalDir/FreeBSD-ports-9.0-RELEASE/man:$manLocalDir/FreeBSD-ports-9.0-RELEASE/lib-perl5-perl-5.12.4-man:$manLocalDir/FreeBSD-ports-9.0-RELEASE/misc", 'FreeBSD 8.4-RELEASE and Ports', From owner-svn-doc-all@FreeBSD.ORG Sun May 18 18:26:25 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4BCD416B; Sun, 18 May 2014 18:26:25 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 39221201A; Sun, 18 May 2014 18:26:25 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4IIQPP1094686; Sun, 18 May 2014 18:26:25 GMT (envelope-from wosch@svn.freebsd.org) Received: (from wosch@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4IIQPK5094685; Sun, 18 May 2014 18:26:25 GMT (envelope-from wosch@svn.freebsd.org) Message-Id: <201405181826.s4IIQPK5094685@svn.freebsd.org> From: Wolfram Schneider Date: Sun, 18 May 2014 18:26:25 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44871 - head/en_US.ISO8859-1/htdocs/cgi X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 May 2014 18:26:25 -0000 Author: wosch Date: Sun May 18 18:26:24 2014 New Revision: 44871 URL: http://svnweb.freebsd.org/changeset/doc/44871 Log: fix 'FreeBSD 8.4-RELEASE and Ports' Modified: head/en_US.ISO8859-1/htdocs/cgi/man.cgi Modified: head/en_US.ISO8859-1/htdocs/cgi/man.cgi ============================================================================== --- head/en_US.ISO8859-1/htdocs/cgi/man.cgi Sun May 18 18:24:55 2014 (r44870) +++ head/en_US.ISO8859-1/htdocs/cgi/man.cgi Sun May 18 18:26:24 2014 (r44871) @@ -217,7 +217,7 @@ $manPathDefault = 'FreeBSD 10.0-RELEASE' 'FreeBSD 9.0-RELEASE and Ports', "$manLocalDir/FreeBSD-9.0-RELEASE/man:$manLocalDir/FreeBSD-9.0-RELEASE/openssl/man:$manLocalDir/FreeBSD-ports-9.0-RELEASE/man:$manLocalDir/FreeBSD-ports-9.0-RELEASE/lib-perl5-perl-5.12.4-man:$manLocalDir/FreeBSD-ports-9.0-RELEASE/misc", 'FreeBSD 8.4-RELEASE and Ports', -"$manLocalDir/FreeBSD-8.4-RELEASE/man:$manLocalDir/FreeBSD-8.4-RELEASE/openssl/man:$manLocalDir/FreeBSD-ports-8.4-RELEASE", +"$manLocalDir/FreeBSD-8.4-RELEASE/man:$manLocalDir/FreeBSD-8.4-RELEASE/openssl/man:$manLocalDir/FreeBSD-ports-8.4-RELEASE/man:$manLocalDir/FreeBSD-ports-8.4-RELEASE/misc", 'FreeBSD 8.3-RELEASE and Ports', "$manLocalDir/FreeBSD-8.3-RELEASE/man:$manLocalDir/FreeBSD-8.3-RELEASE/openssl/man:$manLocalDir/FreeBSD-ports-8.3-RELEASE", 'FreeBSD 8.2-RELEASE and Ports', From owner-svn-doc-all@FreeBSD.ORG Sun May 18 18:33:48 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 263F5377; Sun, 18 May 2014 18:33:48 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1394820C3; Sun, 18 May 2014 18:33:48 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4IIXlTr000735; Sun, 18 May 2014 18:33:47 GMT (envelope-from wosch@svn.freebsd.org) Received: (from wosch@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4IIXljo000734; Sun, 18 May 2014 18:33:47 GMT (envelope-from wosch@svn.freebsd.org) Message-Id: <201405181833.s4IIXljo000734@svn.freebsd.org> From: Wolfram Schneider Date: Sun, 18 May 2014 18:33:47 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44872 - head/en_US.ISO8859-1/htdocs/cgi X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 May 2014 18:33:48 -0000 Author: wosch Date: Sun May 18 18:33:47 2014 New Revision: 44872 URL: http://svnweb.freebsd.org/changeset/doc/44872 Log: configure arch for FreeBSD 8.4-RELEASE Modified: head/en_US.ISO8859-1/htdocs/cgi/man.cgi Modified: head/en_US.ISO8859-1/htdocs/cgi/man.cgi ============================================================================== --- head/en_US.ISO8859-1/htdocs/cgi/man.cgi Sun May 18 18:26:24 2014 (r44871) +++ head/en_US.ISO8859-1/htdocs/cgi/man.cgi Sun May 18 18:33:47 2014 (r44872) @@ -605,6 +605,7 @@ my %arch = ( 'FreeBSD 9.2-RELEASE' => { 'default' => 'i386', 'arch' => [qw/amd64 arm i386 powerpc sparc64/] } , 'FreeBSD 9.1-RELEASE' => { 'default' => 'i386', 'arch' => [qw/amd64 arm i386 powerpc sparc64/] } , 'FreeBSD 9.0-RELEASE' => { 'default' => 'i386', 'arch' => [qw/amd64 arm i386 powerpc sparc64/] } , +'FreeBSD 8.4-RELEASE' => { 'default' => 'i386', 'arch' => [qw/amd64 arm i386 powerpc sparc64/] } , 'FreeBSD 8.3-RELEASE' => { 'default' => 'i386', 'arch' => [qw/amd64 arm i386 powerpc sparc64/] } , 'FreeBSD 8.2-RELEASE' => { 'default' => 'i386', 'arch' => [qw/amd64 arm i386 powerpc sparc64/] } , 'NetBSD 5.1' => { 'arch' => [qw/acorn26 acorn32 alpha amiga arc atari cobalt dreamcast evbarm evbmips evbppc hp300 hp700 hpcarm hpcmips hpcsh i386 mac68k macppc mvme68k pmax prep sgimips sparc sparc64 sun2 sun3 vax x68k/] } , From owner-svn-doc-all@FreeBSD.ORG Sun May 18 18:34:28 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3E7BA4BA; Sun, 18 May 2014 18:34:28 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2C16F20CA; Sun, 18 May 2014 18:34:28 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4IIYSL5001047; Sun, 18 May 2014 18:34:28 GMT (envelope-from wosch@svn.freebsd.org) Received: (from wosch@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4IIYSdF001046; Sun, 18 May 2014 18:34:28 GMT (envelope-from wosch@svn.freebsd.org) Message-Id: <201405181834.s4IIYSdF001046@svn.freebsd.org> From: Wolfram Schneider Date: Sun, 18 May 2014 18:34:28 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44873 - head/en_US.ISO8859-1/htdocs/cgi X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 May 2014 18:34:28 -0000 Author: wosch Date: Sun May 18 18:34:27 2014 New Revision: 44873 URL: http://svnweb.freebsd.org/changeset/doc/44873 Log: update freebsd-release-ports alias Modified: head/en_US.ISO8859-1/htdocs/cgi/man.cgi Modified: head/en_US.ISO8859-1/htdocs/cgi/man.cgi ============================================================================== --- head/en_US.ISO8859-1/htdocs/cgi/man.cgi Sun May 18 18:33:47 2014 (r44872) +++ head/en_US.ISO8859-1/htdocs/cgi/man.cgi Sun May 18 18:34:27 2014 (r44873) @@ -648,7 +648,7 @@ while ( ( $key, $val ) = each %manPath ) 'freebsd-stable6', 'FreeBSD 6.4-stable', 'freebsd-current', 'FreeBSD 11-current', - 'freebsd-release-ports', 'FreeBSD 9.0-RELEASE and Ports', + 'freebsd-release-ports', 'FreeBSD 9.2-RELEASE and Ports', 'slackware', 'Linux Slackware 3.1', 'redhat', 'Red Hat Linux/i386 9', From owner-svn-doc-all@FreeBSD.ORG Mon May 19 01:37:28 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2A62293D; Mon, 19 May 2014 01:37:28 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 17D0D2F3D; Mon, 19 May 2014 01:37:28 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4J1bROF078980; Mon, 19 May 2014 01:37:27 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4J1bR9w078978; Mon, 19 May 2014 01:37:27 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201405190137.s4J1bR9w078978@svn.freebsd.org> From: Glen Barber Date: Mon, 19 May 2014 01:37:27 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44874 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 May 2014 01:37:28 -0000 Author: gjb Date: Mon May 19 01:37:27 2014 New Revision: 44874 URL: http://svnweb.freebsd.org/changeset/doc/44874 Log: Add PGP key for Peter Losher (plosher@), signed with my key, verified in person (passport) curtosy of YOW airport. Sponsored by: The FreeBSD Foundation Added: head/share/pgpkeys/plosher.key (contents, props changed) Modified: head/share/pgpkeys/pgpkeys.ent Modified: head/share/pgpkeys/pgpkeys.ent ============================================================================== --- head/share/pgpkeys/pgpkeys.ent Sun May 18 18:34:27 2014 (r44873) +++ head/share/pgpkeys/pgpkeys.ent Mon May 19 01:37:27 2014 (r44874) @@ -334,6 +334,7 @@ + Added: head/share/pgpkeys/plosher.key ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/pgpkeys/plosher.key Mon May 19 01:37:27 2014 (r44874) @@ -0,0 +1,102 @@ + + + +uid Peter Losher +sub 2048g/5E63FAAB8C6651F2 2002-03-16 [expires: 2014-12-24] +sub 4096R/53B9AAA98C273E2E 2014-05-18 [expires: 2019-05-17] +sub 4096R/CDABAB7A88F51686 2014-05-18 [expires: 2019-05-17] + +]]> + From owner-svn-doc-all@FreeBSD.ORG Mon May 19 02:02:00 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B9DCFFE5; Mon, 19 May 2014 02:02:00 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A63732137; Mon, 19 May 2014 02:02:00 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4J2206k096732; Mon, 19 May 2014 02:02:00 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4J2200Q096731; Mon, 19 May 2014 02:02:00 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201405190202.s4J2200Q096731@svn.freebsd.org> From: Glen Barber Date: Mon, 19 May 2014 02:02:00 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44875 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 May 2014 02:02:00 -0000 Author: gjb Date: Mon May 19 02:02:00 2014 New Revision: 44875 URL: http://svnweb.freebsd.org/changeset/doc/44875 Log: Hook plosher@ key to the build. Sponsored by: The FreeBSD Foundation Modified: head/share/pgpkeys/pgpkeys-other.xml Modified: head/share/pgpkeys/pgpkeys-other.xml ============================================================================== --- head/share/pgpkeys/pgpkeys-other.xml Mon May 19 01:37:27 2014 (r44874) +++ head/share/pgpkeys/pgpkeys-other.xml Mon May 19 02:02:00 2014 (r44875) @@ -34,6 +34,11 @@ &pgpkey.dvl; + + &a.plosher; + &pgpkey.plosher; + + &a.dhw; &pgpkey.dhw; From owner-svn-doc-all@FreeBSD.ORG Mon May 19 05:40:51 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 182447D9; Mon, 19 May 2014 05:40:51 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 063DE214B; Mon, 19 May 2014 05:40:51 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4J5eo0A038592; Mon, 19 May 2014 05:40:50 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4J5eoSD038591; Mon, 19 May 2014 05:40:50 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201405190540.s4J5eoSD038591@svn.freebsd.org> From: Glen Barber Date: Mon, 19 May 2014 05:40:50 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44876 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 May 2014 05:40:51 -0000 Author: gjb Date: Mon May 19 05:40:50 2014 New Revision: 44876 URL: http://svnweb.freebsd.org/changeset/doc/44876 Log: Add plosher@ entity to fix build. Pointyhat: gjb Modified: head/share/xml/authors.ent Modified: head/share/xml/authors.ent ============================================================================== --- head/share/xml/authors.ent Mon May 19 02:02:00 2014 (r44875) +++ head/share/xml/authors.ent Mon May 19 05:40:50 2014 (r44876) @@ -1671,6 +1671,9 @@ pjd@FreeBSD.org"> + +plosher@FreeBSD.org"> + pluknet@FreeBSD.org"> From owner-svn-doc-all@FreeBSD.ORG Mon May 19 11:14:48 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 990C6C63; Mon, 19 May 2014 11:14:48 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 863642FE7; Mon, 19 May 2014 11:14:48 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4JBEmtJ052996; Mon, 19 May 2014 11:14:48 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4JBEm3u052995; Mon, 19 May 2014 11:14:48 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405191114.s4JBEm3u052995@svn.freebsd.org> From: Ryusuke SUZUKI Date: Mon, 19 May 2014 11:14:48 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44877 - head/ja_JP.eucJP/htdocs/docs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 May 2014 11:14:48 -0000 Author: ryusuke Date: Mon May 19 11:14:47 2014 New Revision: 44877 URL: http://svnweb.freebsd.org/changeset/doc/44877 Log: - Merge the following from the English version: r44243 -> r44853 head/ja_JP.eucJP/htdocs/docs/books.xml Modified: head/ja_JP.eucJP/htdocs/docs/books.xml Modified: head/ja_JP.eucJP/htdocs/docs/books.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/docs/books.xml Mon May 19 05:40:50 2014 (r44876) +++ head/ja_JP.eucJP/htdocs/docs/books.xml Mon May 19 11:14:47 2014 (r44877) @@ -9,7 +9,7 @@ ]> - + @@ -192,7 +192,7 @@

              Mirroring FreeBSD (hubs) (英語版のみ)
              - FreeBSD のウェブサイト、CVSup サーバ、FTP + FreeBSD のウェブサイト、FTP サーバなどのミラーサーバの作り方をまとめて紹介します。

              FreeBSD From owner-svn-doc-all@FreeBSD.ORG Mon May 19 13:57:35 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1223EE6; Mon, 19 May 2014 13:57:35 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F38912ECE; Mon, 19 May 2014 13:57:34 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4JDvYql055538; Mon, 19 May 2014 13:57:34 GMT (envelope-from gahr@svn.freebsd.org) Received: (from gahr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4JDvYsQ055537; Mon, 19 May 2014 13:57:34 GMT (envelope-from gahr@svn.freebsd.org) Message-Id: <201405191357.s4JDvYsQ055537@svn.freebsd.org> From: Pietro Cerutti Date: Mon, 19 May 2014 13:57:34 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44878 - head/en_US.ISO8859-1/htdocs/donations X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 May 2014 13:57:35 -0000 Author: gahr (ports committer) Date: Mon May 19 13:57:34 2014 New Revision: 44878 URL: http://svnweb.freebsd.org/changeset/doc/44878 Log: - Document the donation of a Dual PowerPC Mac G5 from Michael Shirk to marcel@ Modified: head/en_US.ISO8859-1/htdocs/donations/donors.xml Modified: head/en_US.ISO8859-1/htdocs/donations/donors.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/donations/donors.xml Mon May 19 11:14:47 2014 (r44877) +++ head/en_US.ISO8859-1/htdocs/donations/donors.xml Mon May 19 13:57:34 2014 (r44878) @@ -2980,13 +2980,20 @@ - Roger Ehrlich <rehrlich@ryerson.ca> + Roger Ehrlich <rehrlich@ryerson.ca> 2x IBM Power PC, POWER4 CHRP Model 7028-6C4; Serial #108D21C & 108D1EC.
              3x Sun V490 FreeBSD.org cluster received + + + Michael Shirk <shirkdog@gmail.com> + Mac G5 Dual PowerPC + marcel + received + From owner-svn-doc-all@FreeBSD.ORG Mon May 19 15:26:02 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6D7A2BC; Mon, 19 May 2014 15:26:02 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5ADCA26A3; Mon, 19 May 2014 15:26:02 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4JFQ2ae017063; Mon, 19 May 2014 15:26:02 GMT (envelope-from allanjude@svn.freebsd.org) Received: (from allanjude@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4JFQ2kc017062; Mon, 19 May 2014 15:26:02 GMT (envelope-from allanjude@svn.freebsd.org) Message-Id: <201405191526.s4JFQ2kc017062@svn.freebsd.org> From: Allan Jude Date: Mon, 19 May 2014 15:26:02 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44879 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 May 2014 15:26:02 -0000 Author: allanjude Date: Mon May 19 15:26:01 2014 New Revision: 44879 URL: http://svnweb.freebsd.org/changeset/doc/44879 Log: add BSDCam (Cambridge DevSummit) and a description of said to the events section of the front page Reviewed by: theraven (event organizer) Approved by: bcr (mentor), eadler (mentor) Modified: head/share/xml/events2014.xml Modified: head/share/xml/events2014.xml ============================================================================== --- head/share/xml/events2014.xml Mon May 19 13:57:34 2014 (r44878) +++ head/share/xml/events2014.xml Mon May 19 15:26:01 2014 (r44879) @@ -119,6 +119,34 @@ immediately by PGCon at the same location. + + BSDCam 2014 + http://bsdcam.cl.cam.ac.uk/ + + 2014 + 7 + 9 + + + 2014 + 7 + 12 + + + United Kingdom + Cambridge + University of Cambridge + + The Cambridge FreeBSD Developers Summit is an annual + invite-only event focused on bringing together developers and + vendors to discuss and build the future of the FreeBSD project. + This years topics will include the desired feature set of + FreeBSD 11, implementing the new release strategy for the + 9 and 10 branches, packaging the base system, and building the + infrastructure and tools to attract more embedded vendors to + FreeBSD. + + EuroBSDCon 2014 http://2014.eurobsdcon.org/ From owner-svn-doc-all@FreeBSD.ORG Mon May 19 16:00:48 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EB930B2A; Mon, 19 May 2014 16:00:48 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D92EB29E2; Mon, 19 May 2014 16:00:48 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4JG0mLc038679; Mon, 19 May 2014 16:00:48 GMT (envelope-from allanjude@svn.freebsd.org) Received: (from allanjude@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4JG0mfP038678; Mon, 19 May 2014 16:00:48 GMT (envelope-from allanjude@svn.freebsd.org) Message-Id: <201405191600.s4JG0mfP038678@svn.freebsd.org> From: Allan Jude Date: Mon, 19 May 2014 16:00:48 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44880 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 May 2014 16:00:49 -0000 Author: allanjude Date: Mon May 19 16:00:48 2014 New Revision: 44880 URL: http://svnweb.freebsd.org/changeset/doc/44880 Log: Announce the newest doc commiter Approved by: eadler (mentor) Modified: head/share/xml/news.xml Modified: head/share/xml/news.xml ============================================================================== --- head/share/xml/news.xml Mon May 19 15:26:01 2014 (r44879) +++ head/share/xml/news.xml Mon May 19 16:00:48 2014 (r44880) @@ -31,6 +31,18 @@ 2014 + 5 + + + 17 + +

              New committer: + Allan Jude (doc)

              + + + + + 4 From owner-svn-doc-all@FreeBSD.ORG Tue May 20 09:13:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B6F429C5; Tue, 20 May 2014 09:13:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A30232F45; Tue, 20 May 2014 09:13:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4K9DaMP086710; Tue, 20 May 2014 09:13:36 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4K9Da6X086709; Tue, 20 May 2014 09:13:36 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405200913.s4K9Da6X086709@svn.freebsd.org> From: Ryusuke SUZUKI Date: Tue, 20 May 2014 09:13:36 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44881 - head/ja_JP.eucJP/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Tue, 20 May 2014 11:37:31 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 May 2014 09:13:36 -0000 Author: ryusuke Date: Tue May 20 09:13:36 2014 New Revision: 44881 URL: http://svnweb.freebsd.org/changeset/doc/44881 Log: - Merge the following from the English version: r44366 -> r44673 head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Mon May 19 16:00:48 2014 (r44880) +++ head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Tue May 20 09:13:36 2014 (r44881) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r44366 + Original revision: r44673 $FreeBSD$ --> ドキュメントは、&os; オペレーティングシステムの必須要素です。 - &os; ドキュメントセットの最新バージョンは、 - &os; ウェブサイト + &os; ドキュメントの最新バージョンは、&os; ウェブサイト + (http://www.freebsd.org/doc/) から入手できますが、 - ネットワーク接続が遅い、もしくはまったく接続できないユーザもいます。 - ローカルのドキュメントを最新の &os; - ドキュメントセットにアップデートする方法がいくつも用意されています。 - - - <application>Subversion</application> - を用いたドキュメントのアップデート方法 - - &os; のドキュメントのソースは、 - svn を用いて入手できます。 - この節では以下について説明します。 + &os; ウェブサイト、ハンドブック、FAQ + および文書の最新版をローカルに用意しておくと便利です。 - - - ドキュメントツールチェインのインストール方法。 - このツールは、&os; - のドキュメントをソースから再構築するのに必要です。 - - - - svn を用いて、 - ドキュメントのソースを - /usr/doc - 以下にダウンロードする方法。 - - - - &os; ドキュメントをソースから再構築し、 - /usr/share/doc - 以下にインストールする方法。 - - - - ドキュメントのビルドシステムにおいてサポートされているビルドオプションの説明。 - たとえば、翻訳されたドキュメンテーションのみを構築するオプションや、 - ある特定の出力フォーマットを指定するようなオプションについて説明します。 - - - + この章では、ソースまたは Ports Collection を使って、 + ローカルの &os; ドキュメントを最新に保つ方法を説明します。 - - <application>svn</application> - およびドキュメントツールチェインのインストール - - &os; のドキュメントをソースから再構築するには、 - ツールのコレクションが必要です。 - これらのツールは多くのディスク容量を使用するため、 - &os; ベースシステムの一部ではありません。 - また、すべての &os; ユーザにとって有用というわけではなく、&os; - のために新しいドキュメントを活発に執筆している方や、 - 頻繁にドキュメントをソースからアップデートする方に向けたものです。 - - svn を含め必要なツールは、 - textproc/docproj メタ port - からインストールできます。この port は、 - &os; ドキュメンテーションプロジェクトにより開発されています。 + ドキュメントを編集したり、 + ドキュメントの誤りを報告する方法については、 + 新しい貢献者のための &os; ドキュメンテーションプロジェクト入門 + (http://www.freebsd.org/doc/en_US.ISO8859-1/books/fdp-primer/) をご覧ください。 - - ドキュメントの &postscript; や PDF 版が必要なければ、かわりに - textproc/docproj-nojadetex - をインストールすることも考えてよいでしょう。 - このドキュメンテーションのツールチェインは、 - teTeX - と呼ばれる組版エンジンを除いたすべてをインストールします。 - teTeX は大きなツールのコレクションです。 - そのため、もし PDF 出力を本当に必要としなければ、 - このツールをインストールしないことはとても賢明です。 - - - - - ドキュメントのソースをアップデートする + + ソースから &os; ドキュメントをインストールする - 以下の例では、svn を使って - western US ミラーから HTTPS プロトコルを用いて、 - ドキュメントのソースをダウンロードします。 + ソースから &os; ドキュメントを構築するのに必要なツールは、 + &os; のベースシステムには含まれてはいません。 + svn などの必要なツールは、 + &os; ドキュメンテーションプロジェクトが開発している + textproc/docproj package または port + からインストールできます。 + + インストールしたら、svn + を使って、ドキュメントのソースをダウンロードしてください。 + 以下の例で、 + https://svn0.us-west.FreeBSD.org + を + の中からもっとも近いミラーのアドレスに変更してください。 &prompt.root; svn checkout https://svn0.us-west.FreeBSD.org/doc/head /usr/doc - 利用可能な - Subversion ミラーサイト - の中からもっとも近いミラーを使ってください。 - 最初にドキュメントのソースをダウンロードするには少し時間がかかります。 ダウンロードが終わるまでお待ちください。 @@ -819,22 +766,40 @@ before running "/usr/sbin/freebsd-update &prompt.root; svn update /usr/doc - ソースを入手したら、 - /usr/doc/Makefile を使い、 - 以下のようにドキュメントをアップデートすることもできます。 + 最新のドキュメントのソースのスナップショットを + /usr/doc に用意できたら、 + インストールされているドキュメントをアップデートする準備はすべて整いました。 + + 利用可能なすべての言語のドキュメントをアップデートするには、 + 以下のように入力してください。 &prompt.root; cd /usr/doc -&prompt.root; make update - +&prompt.root; make install clean + + もし、ある特定の言語のみをアップデートしたいのであれば、 + /usr/doc + の下にある各言語のサブディレクトリで make + を実行してください。 + + &prompt.root; cd /usr/doc/en_US.ISO8859-1 +&prompt.root; make install clean + + ドキュメントをアップデートする別の方法は、 + /usr/doc + または各言語のサブディレクトリで以下のコマンドを実行してください。 - - ドキュメントのソースの調整可能なオプション + &prompt.root; make update + + FORMATS を設定して、 + 以下のようにインストールする出力形式を指定できます。 + + &prompt.root; cd /usr/doc +&prompt.root; make FORMATS='html html-split' install clean - &os; のドキュメントセットのアップデートとビルドシステムは、 - ドキュメンテーションの一部のアップデートを簡単にするオプションや、 - 特定の翻訳のビルドに対応しています。 + ドキュメンテーションの一部のアップデートを簡単にするオプションや、 + 特定の翻訳のビルドを行うためのオプションが用意されています。 これらのオプションは、システム全般のオプションである - /etc/make.conf や、&man.make.1; + /etc/make.conf や、make に与えるコマンドラインオプションで設定できます。 オプションには以下のようなものがあります。 @@ -857,8 +822,8 @@ before running "/usr/sbin/freebsd-update ビルドを行うフォーマット、または出力フォーマットの一覧。 現在は html, html-split, txt, - ps, pdf, - そして rtf に対応しています。 + ps そして pdf + に対応しています。 @@ -875,47 +840,11 @@ before running "/usr/sbin/freebsd-update &os; のシステム全般のオプションに関連するもっと多くの make 変数については、 &man.make.conf.5; をご覧ください。 - - &os; ドキュメントのビルドシステムで対応しているさらなる - make の変数に関しては、 - 新しい貢献者のための &os; ドキュメンテーションプロジェクト入門 を参照してください。 - - - - ソースから &os; ドキュメントをインストールする - - ドキュメントのソースの最新スナップショットを - /usr/doc にダウンロードしたら、 - インストールされているドキュメントをアップデートする準備がすべて整いました。 - - DOC_LANG - で定義されているすべての言語を完全にアップデートするには、 - 以下のように入力してください。 - - &prompt.root; cd /usr/doc -&prompt.root; make install clean - - もし、ある特定の言語のみをアップデートしたいのであれば、 - /usr/doc - サブディレクトリで以下のように &man.make.1; を実行してください。 - - &prompt.root; cd /usr/doc/en_US.ISO8859-1 -&prompt.root; make update install clean - - FORMATS を設定して、 - 以下のようにインストールする出力形式を指定できます。 - - &prompt.root; cd /usr/doc -&prompt.root; make FORMATS='html html-split' install clean - - ドキュメントを編集したり、訂正したものを提出する方法については、 - 新しい貢献者のための &os; - ドキュメンテーションプロジェクト入門 をご覧ください。 - + - ドキュメンテーション ports + ports を用いたドキュメンテーションのアップデート @@ -939,17 +868,6 @@ before running "/usr/sbin/freebsd-update これまでのセクションでは、ソースコードを用いた &os; ドキュメントのアップデート方法について説明してきました。 - すべての &os; システムで、 - ソースからドキュメントをアップデートすることは難しいかも知れませんし、 - できたとしても現実的ではないこともあります。 - ドキュメントをソースから構築するには、 - かなり大きなツールとユーティリティから構成される - ドキュメンテーションツールチェイン - が必要なためです。 - また、svn - リポジトリからソースをチェックアウトし、 - チェックアウトしたソースからドキュメントを手動で構築する方法について、 - それなりに熟知している必要もあります。 この節では、インストールされている &os; のドキュメントをアップデートするもう一つの方法である、 Ports Collection を用いた方法について説明し、 @@ -957,84 +875,81 @@ before running "/usr/sbin/freebsd-update - 構築済のドキュメントのスナップショットをダウンロードしてインストールする方法。 + 構築済のドキュメントの packages をインストールする方法。 ローカルでの構築作業やドキュメンテーションツールチェインをインストールする必要はありません。 - ドキュメントのソースをダウンロードし、ports - フレームワークを使って構築する方法です。 + ports フレームワークを使ったドキュメントのソースの構築方法。 チェックアウトおよび構築作業が簡単になります。 &os; のドキュメントをアップデートするこれらの方法は、 &a.doceng; が毎月アップデートしている - ドキュメンテーション ports + ドキュメンテーション ports および packages によりサポートされています。 - これらの ports は、&os; Ports Collection の docs - カテゴリにまとめられています。 - - - ドキュメンテーション ports の構築とインストール - - ドキュメンテーション ports では、 - ports の構築フレームワークが用いられるので、 - ドキュメントを簡単に構築できます。 - この ports は、ドキュメントのソースを自動的にチェックアウトし、 - 環境変数やコマンドラインオプションを適切に設定して &man.make.1; - を実行します。 - また、他の &os; port, package のインストールと同様に簡単な方法で、 - ドキュメントのインストールやアンインストールを行うことができます。 - - - 追加の機能として、この ports は - ドキュメンテーションツールチェイン ports - への依存を理解しているので、 - 構築時にはドキュメンテーションツールチェインも自動的にインストールされます。 - + これらの ports は、&os; Ports Collection の + docs カテゴリ (http://www.freshports.org/docs/) + にまとめられています。 ドキュメンテーション ports の構成は以下の通りです。 - マスタ port, - misc/freebsd-doc-en。 - すべての英語文書の ports をインストールします。 + misc/freebsd-doc-en package または portは、 + すべての英語文書をインストールします。 - すべてのドキュメントの port, - misc/freebsd-doc-all。これは、 + misc/freebsd-doc-all メタ package + もしくは port は、 すべての利用可能な言語のすべてのドキュメントを構築します。 - 各言語のために スレーブ port + 各言語のために package または port が用意されています。たとえば、 misc/freebsd-doc-hu はハンガリー語のドキュメンテーション port です。 - たとえば、http://www.FreeBSD.org - と同じ形式である、 - 英語版の分割された HTML 形式を構築し、 - /usr/local/share/doc/freebsd - にインストールするには以下の port をインストールしてください。 + バイナリ package を使うと、 + インストールする言語に用意されているすべての形式の + &os; ドキュメントがインストールされます。 + たとえば、以下のコマンドを実行すると、 + ハンガリー語のドキュメントの最新 package + がインストールされます。 + + &prompt.root; pkg install hu-freebsd-doc + + + ドキュメントの package は、対応する port 名とは異なり、 + lang-freebsd-doc + の形式で名前がつけられています。 + ここで、lang は言語コードの短縮形です。 + ハンガリー語の場合は hu、簡体字の場合には + zh_cn です。 + + + ドキュメントのフォーマットを指定する場合には、package ではなく + port から構築をしてください。 + たとえば、英語のドキュメントを構築してインストールするには以下のようにして下さい。 &prompt.root; cd /usr/ports/misc/freebsd-doc-en &prompt.root; make install clean - - 共通のオプション + この port には、 + 構築およびインストールするフォーマットを設定するメニューがあります。 + デフォルトでは、http://www.FreeBSD.org + と同じ形式である分割版の HTML 形式、 + PDF が選択されています。 - ドキュメンテーション ports - にはたくさんのオプションが用意されており、 - 以下のように - ports の振る舞いをデフォルトの設定から変更できます。 + 以下のように、ドキュメンテーション ports を構築する際の + make オプションが用意されています。 @@ -1045,8 +960,8 @@ before running "/usr/sbin/freebsd-update 各ドキュメントに対し、単一版の HTML ファイルが構築されます。 整形されたドキュメントは、 article.html や - book.html といった名前で、 - 必要に応じて画像とともにインストールされます。 + book.html + といった名前でインストールされます。 @@ -1054,8 +969,7 @@ before running "/usr/sbin/freebsd-update WITH_PDF - &adobe; Portable Document Format (PDF) を構築します。 - 整形されたドキュメントは、 + 整形されたドキュメントは、 article.pdfbook.pdf といった名前でインストールされます。 @@ -1070,78 +984,23 @@ before running "/usr/sbin/freebsd-update デフォルトのインストール先は /usr/local/share/doc/freebsd です。 - - - デフォルトのターゲットディレクトリは、 - svn - を用いる方法とは異なります。 - ports は通常 /usr/local - ディレクトリ以下にインストールされるためです。 - PREFIX 変数を使うことで、 - このディレクトリ以外にもインストールできます。 - 以下は、上記の変数を用いてハンガリー語のドキュメントを - PDF 形式でインストールする方法です。 + PDF 形式でインストールする方法です。 &prompt.root; cd /usr/ports/misc/freebsd-doc-hu &prompt.root; make -DWITH_PDF DOCBASE=share/doc/freebsd/hu install clean - - - - - ドキュメンテーション package の利用 - - 前節で説明した、 - ソースからドキュメンテーション port を構築する方法では、 - ドキュメンテーションツールチェインをローカルにインストールする必要があり、 - また、ports の構築のためにディスク容量を必要とします。 - ドキュメンテーションツールチェインをインストールするリソースがない場合や、 - ソースから構築する場合には多くのディスク容量を必要とするため、 - 構築済みのドキュメンテーション ports - のスナップショットが用意されています。 - - &a.doceng; は、毎月 &os; ドキュメンテーション package - のスナップショットをアップデートしています。 - これらのバイナリ package は、システムに用意されている - &man.pkg.add.1;, &man.pkg.delete.1; などの - package 管理ツールを用いて扱うことができます。 - - - バイナリ package を使うと、 - インストールする言語に用意されている - すべて の形式の - &os; ドキュメントがインストールされます。 - - - たとえば、以下のコマンドを実行すると、 - ハンガリー語のドキュメントの最新 package がインストールされます。 - - &prompt.root; pkg install hu-freebsd-doc - - ドキュメントの package は、対応する port 名とは異なり、 - lang-freebsd-doc - の形式で名前がつけられています。 - ここで、lang は言語コードの短縮形です。 - ハンガリー語の場合は hu、簡体字の場合には - zh_cn です。 - - - - - ドキュメンテーション ports のアップデート - - 他の port と同様に、ドキュメンテーション port + に書かれている手順を使って、 + ドキュメンテーション package または port をアップデートできます。 たとえば、以下のコマンドを実行すると、ports-mgmt/portupgrade から、package だけを使ってインストールされているハンガリー語のドキュメントをアップデートします。 &prompt.root; portmaster -PP hu-freebsd-doc -               @@ -1687,7 +1546,7 @@ before running "/usr/sbin/freebsd-update 新しいグループや新しいシステムアカウント、 もしくはスタートアップスクリプトがシステムに追加されることがあります。 - &prompt.root; mergemaster + &prompt.root; mergemaster -iF From owner-svn-doc-all@FreeBSD.ORG Tue May 20 09:43:34 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4B9F1F74; Tue, 20 May 2014 09:43:34 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 37A5721B9; Tue, 20 May 2014 09:43:34 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4K9hYR5005047; Tue, 20 May 2014 09:43:34 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4K9hYnP005046; Tue, 20 May 2014 09:43:34 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405200943.s4K9hYnP005046@svn.freebsd.org> From: Ryusuke SUZUKI Date: Tue, 20 May 2014 09:43:34 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44882 - head/ja_JP.eucJP/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Tue, 20 May 2014 11:38:21 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 May 2014 09:43:34 -0000 Author: ryusuke Date: Tue May 20 09:43:33 2014 New Revision: 44882 URL: http://svnweb.freebsd.org/changeset/doc/44882 Log: - Merge the following from the English version: r44673 -> r44674 head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Tue May 20 09:13:36 2014 (r44881) +++ head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Tue May 20 09:43:33 2014 (r44882) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r44673 + Original revision: r44674 $FreeBSD$ --> cd /cdrom/X.Y-RELEASE/kernels &prompt.root; ./install.sh GENERIC - ここで X.Y-RELEASE + ここで X.Y-RELEASE を実際のリリース番号に置き換えてください。 GENERIC は、デフォルトで /boot/GENERIC にインストールされます。 @@ -725,8 +726,8 @@ before running "/usr/sbin/freebsd-update ドキュメントは、&os; オペレーティングシステムの必須要素です。 - &os; ドキュメントの最新バージョンは、&os; ウェブサイト - (http://www.freebsd.org/doc/) + &os; ドキュメントの最新バージョンは、&os; ウェブサイト (http://www.freebsd.org/doc/) から入手できますが、 &os; ウェブサイト、ハンドブック、FAQ および文書の最新版をローカルに用意しておくと便利です。 @@ -736,8 +737,9 @@ before running "/usr/sbin/freebsd-update ドキュメントを編集したり、 ドキュメントの誤りを報告する方法については、 - 新しい貢献者のための &os; ドキュメンテーションプロジェクト入門 - (http://www.freebsd.org/doc/en_US.ISO8859-1/books/fdp-primer/) をご覧ください。 + 新しい貢献者のための &os; ドキュメンテーションプロジェクト入門 (http://www.freebsd.org/doc/en_US.ISO8859-1/books/fdp-primer/) + をご覧ください。 ソースから &os; ドキュメントをインストールする @@ -894,113 +896,115 @@ before running "/usr/sbin/freebsd-update xlink:href="http://www.freshports.org/docs/">http://www.freshports.org/docs/) にまとめられています。 - ドキュメンテーション ports の構成は以下の通りです。 + ドキュメンテーション ports の構成は以下の通りです。 - - - misc/freebsd-doc-en package または portは、 - すべての英語文書をインストールします。 - + + + misc/freebsd-doc-en package または portは、 + すべての英語文書をインストールします。 + - - misc/freebsd-doc-all メタ package - もしくは port は、 - すべての利用可能な言語のすべてのドキュメントを構築します。 - + + misc/freebsd-doc-all メタ package + もしくは port は、 + すべての利用可能な言語のすべてのドキュメントを構築します。 + - - 各言語のために package または port - が用意されています。たとえば、 - misc/freebsd-doc-hu - はハンガリー語のドキュメンテーション port です。 - - + + 各言語のために package または port + が用意されています。たとえば、 + misc/freebsd-doc-hu + はハンガリー語のドキュメンテーション port です。 + + - バイナリ package を使うと、 - インストールする言語に用意されているすべての形式の - &os; ドキュメントがインストールされます。 - たとえば、以下のコマンドを実行すると、 - ハンガリー語のドキュメントの最新 package - がインストールされます。 + バイナリ package を使うと、 + インストールする言語に用意されているすべての形式の + &os; ドキュメントがインストールされます。 + たとえば、以下のコマンドを実行すると、 + ハンガリー語のドキュメントの最新 package + がインストールされます。 - &prompt.root; pkg install hu-freebsd-doc + &prompt.root; pkg install hu-freebsd-doc - - ドキュメントの package は、対応する port 名とは異なり、 - lang-freebsd-doc - の形式で名前がつけられています。 - ここで、lang は言語コードの短縮形です。 - ハンガリー語の場合は hu、簡体字の場合には - zh_cn です。 - + + ドキュメントの package は、対応する port 名とは異なり、 + lang-freebsd-doc + の形式で名前がつけられています。 + ここで、lang は言語コードの短縮形です。 + ハンガリー語の場合は hu、簡体字の場合には + zh_cn です。 + - ドキュメントのフォーマットを指定する場合には、package ではなく - port から構築をしてください。 - たとえば、英語のドキュメントを構築してインストールするには以下のようにして下さい。 + ドキュメントのフォーマットを指定する場合には、package ではなく + port から構築をしてください。たとえば、 + 英語のドキュメントを構築してインストールするには以下のようにして下さい。 - &prompt.root; cd /usr/ports/misc/freebsd-doc-en + &prompt.root; cd /usr/ports/misc/freebsd-doc-en &prompt.root; make install clean - この port には、 - 構築およびインストールするフォーマットを設定するメニューがあります。 - デフォルトでは、http://www.FreeBSD.org - と同じ形式である分割版の HTML 形式、 - PDF が選択されています。 - - 以下のように、ドキュメンテーション ports を構築する際の - make オプションが用意されています。 - - - - WITH_HTML - - - HTML 形式を構築します。 - 各ドキュメントに対し、単一版の HTML ファイルが構築されます。 - 整形されたドキュメントは、 - article.html や - book.html - といった名前でインストールされます。 - - - - - WITH_PDF - - - 整形されたドキュメントは、 - article.pdf や - book.pdf - といった名前でインストールされます。 - - - - - DOCBASE - - - ドキュメントのインストール先を設定します。 - デフォルトのインストール先は - /usr/local/share/doc/freebsd - です。 - - - + この port には、 + 構築およびインストールするフォーマットを設定するメニューがあります。 + デフォルトでは、http://www.FreeBSD.org + と同じ形式である分割版の HTML 形式、 + PDF が選択されています。 + + 以下のように、ドキュメンテーション ports を構築する際の + make オプションが用意されています。 + + + + WITH_HTML + + + HTML 形式を構築します。 + 各ドキュメントに対し、単一版の HTML ファイルが構築されます。 + 整形されたドキュメントは、 + article.html や + book.html + といった名前でインストールされます。 + + + + + WITH_PDF + + + 整形されたドキュメントは、 + article.pdf や + book.pdf + といった名前でインストールされます。 + + + + + DOCBASE - 以下は、上記の変数を用いてハンガリー語のドキュメントを - PDF 形式でインストールする方法です。 + + ドキュメントのインストール先を設定します。 + デフォルトのインストール先は + /usr/local/share/doc/freebsd + です。 + + + - &prompt.root; cd /usr/ports/misc/freebsd-doc-hu + 以下は、上記の変数を用いてハンガリー語のドキュメントを + PDF 形式でインストールする方法です。 + + &prompt.root; cd /usr/ports/misc/freebsd-doc-hu &prompt.root; make -DWITH_PDF DOCBASE=share/doc/freebsd/hu install clean - に書かれている手順を使って、 - ドキュメンテーション package または port - をアップデートできます。 - たとえば、以下のコマンドを実行すると、ports-mgmt/portupgrade - から、package だけを使ってインストールされているハンガリー語のドキュメントをアップデートします。 + に書かれている手順を使って、 + ドキュメンテーション package または port + をアップデートできます。 + たとえば、以下のコマンドを実行すると、 + ports-mgmt/portupgrade + から、package + だけを使ってインストールされているハンガリー語のドキュメントをアップデートします。 - &prompt.root; portmaster -PP hu-freebsd-doc + &prompt.root; portmaster -PP hu-freebsd-doc               @@ -1665,173 +1669,173 @@ Script started, output file is /var/tmp/ &prompt.root; exit Script done, … - /tmp - に出力を保存してはいけません。 - このディレクトリは、次の再起動で削除されてしまう可能性があります。 - 出力の保存には、/var/tmp や - root - のホームディレクトリが適しています。 - - /usr/src にて、 - 次のように実行してください。 - - &prompt.root; cd /usr/src - - - make - - - world を再構築するには、&man.make.1; を使用してください。 - このコマンドは、Makefile から、 - &os; を構成するプログラムの再構築方法や、 - どういう順番でそれらを構築すべきかといったような指示を読み込みます。 - - コマンドラインの一般的な書式は、次のとおりです。 - - &prompt.root; make -x -DVARIABLE target - - この例では、 が - &man.make.1; に渡されるオプションになります。 - どのようなオプションが利用できるかについては、&man.make.1; - を参照してください。 - - - は、 - Makefile に渡される変数であり、 - この変数は Makefile の動作をコントロールします。 - また、/etc/make.conf で設定される変数も - 同様です。これは変数を設定するもう一つの方法として用意されています。 - たとえば以下の通りです。 - - &prompt.root; make -DNO_PROFILE target - - - は、プロファイル版のライブラリを構築しないことを指定する - もう一つの記法で、/etc/make.conf 中の - - NO_PROFILE= true # Avoid compiling profiled libraries - - の行に対応します。 - - target は、&man.make.1; に - どのように動作するのかを指示するためのものです。 - 各 Makefile には、数多くの異なる - ターゲット (target) が定義されていて、 - 指定されたターゲットによって動作が決まります。 - - - Makefile に書かれているターゲットには、 - システムの再構築に必要な段階を、 - 多くのさらに細かい段階に分割するため、 - 構築の過程で利用されるものがあります。 - - 大抵の場合、&man.make.1; にパラメータを指定する必要はないでしょうから、 - コマンドラインは次のようなものになります。 - - &prompt.root; make target - - ここで、target - は、多くのビルドオプションのどれかになります。 - 最初のターゲットはいつも buildworld - になるでしょう。 - - その名前が示すように、buildworld は - /usr/obj - 以下に新しい完全なディレクトリツリーを構築し、 - installworld は、そのツリーを - 現在のマシンにインストールします。 - - 選択肢が分けられていることは、二つの理由から有用です。 - まず第一に、構築作業は - 何にも依存せず独立して行なわれ、 - 稼働中のシステムにまったく影響を与えません。 - - そのため、マルチユーザモードで稼働中のシステムでも、何一つ - 悪影響を与えずに buildworld を - 実行することができます。 - ただし、installworld は - シングルユーザモードで行なうことをおすすめします。 - - 第二に、NFS マウントを利用することで、 - ネットワーク上の複数のマシンをアップグレードすることが可能な点があげられます。 - たとえば三台のマシン、 - A, - B, C - をアップグレードしたい場合には、まずマシン A - で make buildworld と - make installworld を実行します。 - それから、マシン B - とマシン C - でマシン A の - /usr/src/usr/obj を - NFS マウントし、make installworld - とすることで構築済みのシステムを各マシンにインストールできます。 - - world ターゲットも利用可能ですが、 - このターゲットの利用は推奨されていません。 - - そのかわり、次のコマンド - - &prompt.root; make buildworld - - を実行してください。ここで make に - をつけると、 - 同時に複数のプロセスを生成できます。 - この機能はマルチ CPU マシンで特に効果を発揮します。 - 構築過程の大部分では CPU 性能の限界より - I/O 性能の限界の方が問題となるため、シングル CPU - マシンにも効果があります。 - - 普通のシングル CPU マシンで以下のコマンド - - &prompt.root; make -j4 buildworld - - を実行すると、&man.make.1; は最大 4 個までのプロセスを同時に実行します。 - メーリングリストに投稿された経験的な報告によると、 - 4 個という指定が最も良いパフォーマンスを示すようです。 - - もし、複数の CPU を備えたマシンで SMP 設定が行なわれたカーネルを - 利用しているなら、6 から 10 の間の値を設定し、速度がどれくらい - 向上するか確認してみてください。 - - - world の再構築 - 時間 - - - 構築時間を決める要素はさまざまありますが、 - 十分新しいマシンであれば、 - トリックや近道を使わずに普通に構築した場合、&os.stable; - の構築には 1, 2 時間しかかからないでしょう。 - &os.current; の構築は、もう少し時間がかかります。 + /tmp + に出力を保存してはいけません。 + このディレクトリは、次の再起動で削除されてしまう可能性があります。 + 出力の保存には、/var/tmp や + root + のホームディレクトリが適しています。 + + /usr/src にて、 + 次のように実行してください。 + + &prompt.root; cd /usr/src + + + make + + + world を再構築するには、&man.make.1; を使用してください。 + このコマンドは、Makefile から、 + &os; を構成するプログラムの再構築方法や、 + どういう順番でそれらを構築すべきかといったような指示を読み込みます。 + + コマンドラインの一般的な書式は、次のとおりです。 + + &prompt.root; make -x -DVARIABLE target + + この例では、 が + &man.make.1; に渡されるオプションになります。 + どのようなオプションが利用できるかについては、&man.make.1; + を参照してください。 + + + は、Makefile に渡される変数であり、 + この変数は Makefile の動作をコントロールします。 + また、/etc/make.conf で設定される変数も + 同様です。これは変数を設定するもう一つの方法として用意されています。 + たとえば以下の通りです。 + + &prompt.root; make -DNO_PROFILE target + + は、プロファイル版のライブラリを構築しないことを指定する + もう一つの記法で、/etc/make.conf 中の + + NO_PROFILE= true # Avoid compiling profiled libraries + + の行に対応します。 + + target は、&man.make.1; に + どのように動作するのかを指示するためのものです。 + 各 Makefile には、数多くの異なる + ターゲット (target) が定義されていて、 + 指定されたターゲットによって動作が決まります。 + + Makefile に書かれているターゲットには、 + システムの再構築に必要な段階を、 + 多くのさらに細かい段階に分割するため、 + 構築の過程で利用されるものがあります。 + + 大抵の場合、&man.make.1; + にパラメータを指定する必要はないでしょうから、 + コマンドラインは次のようなものになります。 + + &prompt.root; make target + + ここで、target + は、多くのビルドオプションのどれかになります。 + 最初のターゲットはいつも buildworld + になるでしょう。 + + その名前が示すように、buildworld は + /usr/obj + 以下に新しい完全なディレクトリツリーを構築し、 + installworld は、そのツリーを + 現在のマシンにインストールします。 + + 選択肢が分けられていることは、二つの理由から有用です。 + まず第一に、構築作業は + 何にも依存せず独立して行なわれ、 + 稼働中のシステムにまったく影響を与えません。 + + そのため、マルチユーザモードで稼働中のシステムでも、何一つ + 悪影響を与えずに buildworld を + 実行することができます。 + ただし、installworld は + シングルユーザモードで行なうことをおすすめします。 + + 第二に、NFS マウントを利用することで、 + ネットワーク上の複数のマシンをアップグレードすることが可能な点があげられます。 + たとえば三台のマシン、 + A, + B, C + をアップグレードしたい場合には、まずマシン A + で make buildworld と + make installworld を実行します。 + それから、マシン B + とマシン C + でマシン A の + /usr/src/usr/obj を + NFS マウントし、make installworld + とすることで構築済みのシステムを各マシンにインストールできます。 + + world ターゲットも利用可能ですが、 + このターゲットの利用は推奨されていません。 + + そのかわり、次のコマンド + + &prompt.root; make buildworld + + を実行してください。ここで make に + をつけると、 + 同時に複数のプロセスを生成できます。 + この機能はマルチ CPU マシンで特に効果を発揮します。 + 構築過程の大部分では CPU 性能の限界より + I/O 性能の限界の方が問題となるため、シングル CPU + マシンにも効果があります。 + + 普通のシングル CPU マシンで以下のコマンド + + &prompt.root; make -j4 buildworld + + を実行すると、&man.make.1; + は最大 4 個までのプロセスを同時に実行します。 + メーリングリストに投稿された経験的な報告によると、 + 4 個という指定が最も良いパフォーマンスを示すようです。 + + もし、複数の CPU を備えたマシンで SMP + 設定が行なわれたカーネルを利用しているなら、 + 6 から 10 の間の値を設定し、 + 速度がどれくらい向上するか確認してみてください。 + + + world の再構築 + 時間 + + + 構築時間を決める要素はさまざまありますが、 + 十分新しいマシンであれば、 + トリックや近道を使わずに普通に構築した場合、&os.stable; + の構築には 1, 2 時間しかかからないでしょう。 + &os.current; の構築は、もう少し時間がかかります。 新しいカーネルの構築とインストール - カーネル (kernel) + カーネル (kernel) 構築、コンパイル 新しいシステムの全機能を完全に利用できるようにするには、 カーネルを再構築してください。 再構築は、ある種のメモリ構造体が変更された時には特に必須であり、 - &man.ps.1; や &man.top.1; のようなプログラムは、 - カーネルとソースコードのバージョンが一致しないと正常に動作しないでしょう。 + &man.ps.1; や &man.top.1; のようなプログラムは、 + カーネルとソースコードのバージョンが一致しないと正常に動作しないでしょう。 最も簡単で安全にカーネルの再構築を行なう方法は、 - GENERIC を使ったカーネルを構築・インストールすることです。 - GENERIC にはあなたが必要とするデバイスがすべて含まれていない - かも知れませんが、あなたのシステムをシングルユーザモードで - 起動させるのに必要なものはすべて入っています。 - これは新しいバージョンのシステムがきちんと動作するかどうか - 調べる良い方法の一つです。 + GENERIC + を使ったカーネルを構築・インストールすることです。 + GENERIC + にはあなたが必要とするデバイスがすべて含まれていないかも知れませんが、 + あなたのシステムをシングルユーザモードで + 起動させるのに必要なものはすべて入っています。 + これは新しいバージョンのシステムがきちんと動作するかどうか調べる良い方法の一つです。 GENERIC で起動して、 システムが正常に動作しているかどうかを確かめたら、 カスタムカーネルコンフィグレーションファイルを使って新しいカーネルを構築してください。 - &os; では、新しいカーネルを構築する前に build world を行うことが重要です。 - + &os; では、新しいカーネルを構築する前に build world を行うことが重要です。 既にあるコンフィグレーションファイルを使ってカスタムカーネルを構築するには、 @@ -2433,9 +2437,9 @@ Building everything.. 実際にデータがディスクに書き込まれるのは、その数秒後になります。 これによって、書き込み処理の一括化が可能になるため、 劇的なパフォーマンスの向上が期待できます。 - - + @@ -2537,7 +2541,8 @@ Building everything.. 更新されたソフトウェアを使う前にそのマシンでテストするのです。 テストマシンはかなり長い時間落ちていても だいじょうぶなマシンであったほうがいいでしょう。 - ビルドマシンでもかまいませんが、ビルドマシンである必要はありません。 + ビルドマシンでもかまいませんが、 + ビルドマシンである必要はありません。 このビルドセットのマシンはすべて /usr/obj と @@ -2562,8 +2567,8 @@ Building everything.. ビルドマシンは自分自身のカーネルから順に全部のカーネル名を KERNCONF にリストアップしてください。 各マシンのカーネルもビルドするのであれば、 - ビルドマシンは各マシンのカーネル設定ファイルを - /usr/src/sys/arch/conf + ビルドマシンは各マシンのカーネル設定ファイルを /usr/src/sys/arch/conf に持っていなければなりません。 @@ -2592,7 +2597,7 @@ Building everything.. テストマシンを再起動して通常のマルチユーザ動作に戻します。 テストマシンにあるものすべてがちゃんと動いている確信が得られたら、 - 同じ手順でビルドセットの他のマシンにも新しいソフトウェアをインストールします。 + 同じ手順でビルドセットの他のマシンにも新しいソフトウェアをインストールします。 @@ -2600,10 +2605,12 @@ Building everything.. ports ツリーにも同じアイデアが使えます。 最初に重要な点は、 - ビルドセットのすべてのマシンに同じマシンの /usr/ports をマウントすることです。 + ビルドセットのすべてのマシンに同じマシンの + /usr/ports をマウントすることです。 そして、distfiles を共有するように /etc/make.conf を適切に設定します。 - NFS マウントによってマップされる root + NFS マウントによってマップされる + root ユーザが何であれ、DISTDIR はそのユーザが書き込める共通の共有ディレクトリに設定する必要があります。 各マシンは WRKDIRPREFIX From owner-svn-doc-all@FreeBSD.ORG Tue May 20 14:35:01 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 32C14822; Tue, 20 May 2014 14:35:01 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1EFD22C00; Tue, 20 May 2014 14:35:01 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4KEZ1fN082499; Tue, 20 May 2014 14:35:01 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4KEZ1ZT082498; Tue, 20 May 2014 14:35:01 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405201435.s4KEZ1ZT082498@svn.freebsd.org> From: Dru Lavigne Date: Tue, 20 May 2014 14:35:01 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44883 - head/en_US.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 May 2014 14:35:01 -0000 Author: dru Date: Tue May 20 14:35:00 2014 New Revision: 44883 URL: http://svnweb.freebsd.org/changeset/doc/44883 Log: Move graphical installer note earlier in the chapter. Clean up the booting from various architecture sections. Need to confirm that powerpc instructions are correct for all supported media. Prepare section to describe boot menu. Next commit will describe this menu in detail. Start to clean up initial install menus. Need to test the components section more as the existing descriptions are not correct. Many more commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Tue May 20 09:43:33 2014 (r44882) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Tue May 20 14:35:00 2014 (r44883) @@ -80,6 +80,25 @@ program used by &os; 8.x, is covered in . + In general, the installation instructions in this chapter are written + for the &i386; and AMD64 architectures. + Where applicable, instructions specific to other + platforms will be listed. There may be minor differences + between the installer and what is shown here, so use this + chapter as a general guide rather than as a set of literal + instructions. + + + Users who prefer to install &os; using a graphical + installer may be interested in + pc-sysinstall, the installer used + by the + PC-BSD Project. It can be used to install either a graphical + desktop (PC-BSD) or a command line version of &os;. Refer to + the PC-BSD Users Handbook for details (http://wiki.pcbsd.org/index.php/PC-BSD%C2%AE_Users_Handbook/10.1). + + After reading this chapter, you will know: @@ -87,6 +106,11 @@ How to create the &os; installation media. + + The minimum hardware requirements and &os; supported + architectures. + + - - - - - - + + + + + + + + + + + + + + + News Home | Status Home From owner-svn-doc-all@FreeBSD.ORG Tue May 20 19:36:04 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BDEDDBB2; Tue, 20 May 2014 19:36:04 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A94EA293E; Tue, 20 May 2014 19:36:04 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4KJa4D4048389; Tue, 20 May 2014 19:36:04 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4KJa4qr048388; Tue, 20 May 2014 19:36:04 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405201936.s4KJa4qr048388@svn.freebsd.org> From: Dru Lavigne Date: Tue, 20 May 2014 19:36:04 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44888 - head/en_US.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 May 2014 19:36:04 -0000 Author: dru Date: Tue May 20 19:36:04 2014 New Revision: 44888 URL: http://svnweb.freebsd.org/changeset/doc/44888 Log: Editorial review of Pre-installation tasks. Format these tasks as a procedure. Move disk size recommendations to similar paragraph in minimum hardware section. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Tue May 20 19:25:43 2014 (r44887) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Tue May 20 19:36:04 2014 (r44888) @@ -153,10 +153,17 @@ A &os; installation will require at least 64 MB of RAM and 1.1 GB of free hard drive - space for the most minimal installation. It is recommended to + space for the most minimal installation. However, that is a + very minimal install, leaving almost no + free space. A more realistic minimum is 3 GB without a + graphical environment, and 5 GB or more if a graphical + user interface will be used. Third-party application + software requires more space. It is recommended to increase RAM and hard drive space to meet the needs of the applications that will be used and the amount - of data that will be stored. The processor requirements for + of data that will be stored. + + The processor requirements for each architecture can be summarized as follows: @@ -268,53 +275,50 @@ Pre-Installation Tasks - + Once it has been determined that the system meets the + minimum hardware requirements for installing &os;, the + installation file should be downloaded and the installation + media prepared. Before doing this, check that the system is + ready for an installation by verifying the items in this + checklist: + + + Back Up Important Data - Back up all important data on the target computer where - &os; will be installed. Test the backups before continuing. - The &os; installer will ask before making changes to the disk, - but once the process has started it cannot be undone. - + Before installing any operating system, + always backup all important data first. + Do not store the backup on the system being installed. + Instead, save the data to a removable disk such as a + USB drive, another system on the network, + or an online backup service. Test the backup before + starting the installation to make sure it contains all of the + needed files. Once the installer formats the system's disk, + all data stored on that disk will be lost. + - + Decide Where to Install &os; - If &os; will be the only operating system installed, and - will be allowed to use the entire hard disk, the rest of this - section can be skipped. But if &os; will share the disk with - other operating systems, an understanding of disk layout is - useful during the installation. - - - Disk Layouts for &os;/&arch.i386; and - &os;/&arch.amd64; - - Hard disks can be divided into multiple sections. These - sections are called - partitions. - - There are two ways of dividing a disk into partitions. - A traditional Master Boot Record + If &os; will be the only operating system installed, this + step can be skipped. But if &os; will share the disk with + another operating system, decide which disk or partition will + be used for &os;. + + In the &arch.i386; and &arch.amd64; architectures, disks + can be divided into multiple partitions using one of two + partitioning schemes. A traditional Master Boot Record (MBR) holds a partition table defining up to four primary partitions. For - historical reasons, &os; calls primary partitions - slices. A limit of only four - partitions is restrictive for large disks, so one of these + historical reasons, &os; calls these primary partitions + slices. One of these primary partitions can be made into an extended - partition. Multiple logical - partitions may then be created inside the - extended partition. This may sound a little unwieldy, and - it is. - - The GUID Partition Table + partition containing multiple logical + partitions. The GUID Partition Table (GPT) is a newer and simpler method of - partitioning a disk. GPT is far more - versatile than the traditional MBR - partition table. Common GPT + partitioning a disk. Common GPT implementations allow up to 128 partitions per disk, - eliminating the need for inconvenient workarounds like - logical partitions. + eliminating the need for logical partitions. Some older operating systems, like &windows; XP, @@ -324,111 +328,57 @@ partitioning is required. - &os;'s standard boot loader requires either a primary or - GPT partition. Refer to for more information about the &os; - booting process. If all of the primary or + The &os; boot loader requires either a primary or + GPT partition. If all of the primary or GPT partitions are already in use, one - must be freed for &os;. - - A minimal installation of &os; takes as little as - 1 GB of disk space. However, that is a - very minimal install, leaving almost no - free space. A more realistic minimum is 3 GB without a - graphical environment, and 5 GB or more if a graphical - user interface will be used. Third-party application - software requires more space. + must be freed for &os;. To create a partition without + deleting existing data, use a partition resizing tool to + shrink an existing partition and create a new partition + using the freed space. A variety of free and commercial partition resizing tools are listed at http://en.wikipedia.org/wiki/List_of_disk_partitioning_software. GParted Live (http://gparted.sourceforge.net/livecd.php) - is a free Live CD which includes the + is a free live CD which includes the GParted partition editor. GParted is also included with - many other Linux Live CD distributions. + many other Linux live CD distributions. - Disk partition applications can destroy data. Make a - full backup and verify its integrity before modifying disk + When used properly, disk shrinking utilities can + safely create space for creating a new partition. + Since the possibility of selecting the wrong partition + exists, always backup any important data + and verify the integrity of the backup before modifying disk partitions. - Resizing µsoft; Vista partitions can be - difficult. A Vista installation CD can - be useful when attempting such an operation. - - - Using an Existing Partition - - A &windows; computer has a single 40 GB disk that - has been split into two 20 GB partitions. &windows; - calls them C: and - D:. The C: - partition contains 10 GB of data, and the - D: partition contains 5 GB of - data. - - Moving the data from D: to - C: frees up the second partition to - be used for &os;. - - - - Shrinking an Existing Partition - - A &windows; computer has a single 40 GB disk and - one large partition using the whole disk. &windows; shows - this 40 GB partition as a single - C:. 15 GB of space is being - used. The goal is to end up with &windows; in a - 20 GB partition, and have another 20 GB - partition for &os;. - - There are two ways to do this: - - - - Back up any &windows; data. Then reinstall - &windows;, creating a 20 GB partition during the - install. - - - - Use a partition resizing tool like - GParted to shrink the - &windows; partition and create a new partition in the - freed space for &os;. - - - - Disk partitions containing different operating systems - make it possible to run any one of those operating systems - at a time. An alternative method that allows running - multiple operating systems at the same time is covered in - . - - + make it possible to install multiple operating systems on one computer. + An alternative is to use virtualization () which allows + multiple operating systems to run at the same time without + modifying any disk partitions. + - + Collect Network Information - Some &os; installation methods need a network connection - to download files. To connect to an Ethernet network (or - cable or DSL modem with an Ethernet - interface), the installer will request some information about - the network. + Some &os; installation methods require a network connection + in order to download the installation files. After any + installation, the installer will offer to setup the system's + network interfaces. - DHCP is commonly used to provide + If the network has a DHCP server, it can be used to provide automatic network configuration. If DHCP - is not available, this network information must be obtained - from the local network administrator or service + is not available, the follwoing network information for the system must be obtained + from the local network administrator or Internet service provider: - - Network Information + + Required Network Information IP @@ -440,21 +390,22 @@ - Default router IP address + IP address of default + gateway - Domain name of the local network + Domain name of the network - DNS - server IP address(es) + IP addresses of the network's + DNS servers - + - + Check for &os; Errata Although the &os; Project strives to ensure that each @@ -470,7 +421,8 @@ Information and errata for all the releases can be found on the release information section of the &os; web site (http://www.freebsd.org/releases/index.html). - + + Prepare the Installation Media From owner-svn-doc-all@FreeBSD.ORG Tue May 20 20:08:17 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D4CD3C08; Tue, 20 May 2014 20:08:17 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A629F2C71; Tue, 20 May 2014 20:08:17 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4KK8HVU062157; Tue, 20 May 2014 20:08:17 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4KK8HF5062156; Tue, 20 May 2014 20:08:17 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405202008.s4KK8HF5062156@svn.freebsd.org> From: Dru Lavigne Date: Tue, 20 May 2014 20:08:17 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44889 - in head: en_US.ISO8859-1/books/handbook en_US.ISO8859-1/books/handbook/bsdinstall share/images/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 May 2014 20:08:17 -0000 Author: dru Date: Tue May 20 20:08:17 2014 New Revision: 44889 URL: http://svnweb.freebsd.org/changeset/doc/44889 Log: Move last 2 added images to correct locations so that they show up in HTML build. Submitted by: hrs Sponsored by: iXsystems Added: head/share/images/books/handbook/bsdinstall/bsdinstall-boot-options-menu.png - copied unchanged from r44885, head/en_US.ISO8859-1/books/handbook/bsdinstall/bsdinstall-boot-options-menu.png head/share/images/books/handbook/bsdinstall/bsdinstall-newboot-loader-menu.png - copied unchanged from r44885, head/en_US.ISO8859-1/books/handbook/bsdinstall/bsdinstall-newboot-loader-menu.png Deleted: head/en_US.ISO8859-1/books/handbook/bsdinstall/bsdinstall-boot-options-menu.png head/en_US.ISO8859-1/books/handbook/bsdinstall/bsdinstall-newboot-loader-menu.png Modified: head/en_US.ISO8859-1/books/handbook/Makefile Modified: head/en_US.ISO8859-1/books/handbook/Makefile ============================================================================== --- head/en_US.ISO8859-1/books/handbook/Makefile Tue May 20 19:36:04 2014 (r44888) +++ head/en_US.ISO8859-1/books/handbook/Makefile Tue May 20 20:08:17 2014 (r44889) @@ -33,6 +33,8 @@ IMAGES_EN+= bsdinstall/bsdinstall-adduse IMAGES_EN+= bsdinstall/bsdinstall-adduser2.png IMAGES_EN+= bsdinstall/bsdinstall-adduser3.png IMAGES_EN+= bsdinstall/bsdinstall-boot-loader-menu.png +IMAGES_EN+= bsdinstall/bsdinstall-boot-options-menu.png +IMAGES_EN+= bsdinstall/bsdinstall-newboot-loader-menu.png IMAGES_EN+= bsdinstall/bsdinstall-choose-mode.png IMAGES_EN+= bsdinstall/bsdinstall-config-components.png IMAGES_EN+= bsdinstall/bsdinstall-config-hostname.png Copied: head/share/images/books/handbook/bsdinstall/bsdinstall-boot-options-menu.png (from r44885, head/en_US.ISO8859-1/books/handbook/bsdinstall/bsdinstall-boot-options-menu.png) ============================================================================== Binary file (source and/or target). No diff available. Copied: head/share/images/books/handbook/bsdinstall/bsdinstall-newboot-loader-menu.png (from r44885, head/en_US.ISO8859-1/books/handbook/bsdinstall/bsdinstall-newboot-loader-menu.png) ============================================================================== Binary file (source and/or target). No diff available. From owner-svn-doc-all@FreeBSD.ORG Tue May 20 20:46:30 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 585E3EB7; Tue, 20 May 2014 20:46:30 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 434172105; Tue, 20 May 2014 20:46:30 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4KKkUqe079609; Tue, 20 May 2014 20:46:30 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4KKkUIR079608; Tue, 20 May 2014 20:46:30 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405202046.s4KKkUIR079608@svn.freebsd.org> From: Dru Lavigne Date: Tue, 20 May 2014 20:46:30 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44890 - head/en_US.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 May 2014 20:46:30 -0000 Author: dru Date: Tue May 20 20:46:29 2014 New Revision: 44890 URL: http://svnweb.freebsd.org/changeset/doc/44890 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Tue May 20 20:08:17 2014 (r44889) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Tue May 20 20:46:29 2014 (r44890) @@ -80,22 +80,21 @@ program used by &os; 8.x, is covered in . - In general, the installation instructions in this chapter are written - for the &i386; and AMD64 architectures. - Where applicable, instructions specific to other - platforms will be listed. There may be minor differences - between the installer and what is shown here, so use this - chapter as a general guide rather than as a set of literal - instructions. + In general, the installation instructions in this chapter + are written for the &i386; and AMD64 + architectures. Where applicable, instructions specific to other + platforms will be listed. There may be minor differences + between the installer and what is shown here, so use this + chapter as a general guide rather than as a set of literal + instructions. Users who prefer to install &os; using a graphical - installer may be interested in + installer may be interested in pc-sysinstall, the installer used - by the - PC-BSD Project. It can be used to install either a graphical - desktop (PC-BSD) or a command line version of &os;. Refer to - the PC-BSD Users Handbook for details (http://wiki.pcbsd.org/index.php/PC-BSD%C2%AE_Users_Handbook/10.1). @@ -141,135 +140,136 @@ Minimum Hardware Requirements - The hardware requirements to install &os; vary by the - &os; version and the hardware architecture. Hardware - architectures and devices supported by a &os; - release are listed in the Hardware Notes file. Usually named - HARDWARE.TXT, the file is located in the - root directory of the release media. Copies of the supported - hardware list are also available on the Release Information - page of the &os; web site (http://www.FreeBSD.org/releases/index.html). - - A &os; installation will require at least 64 MB of - RAM and 1.1 GB of free hard drive - space for the most minimal installation. However, that is a - very minimal install, leaving almost no - free space. A more realistic minimum is 3 GB without a - graphical environment, and 5 GB or more if a graphical - user interface will be used. Third-party application - software requires more space. It is recommended to - increase RAM and hard drive space to meet - the needs of the applications that will be used and the amount - of data that will be stored. + The hardware requirements to install &os; vary by the &os; + version and the hardware architecture. Hardware architectures + and devices supported by a &os; release are listed in the + Hardware Notes file. Usually named + HARDWARE.TXT, the file is located in the + root directory of the release media. Copies of the supported + hardware list are also available on the Release Information page + of the &os; web site (http://www.FreeBSD.org/releases/index.html). + + A &os; installation will require at least 64 MB of + RAM and 1.1 GB of free hard drive space + for the most minimal installation. However, that is a + very minimal install, leaving almost no + free space. A more realistic minimum is 3 GB without a + graphical environment, and 5 GB or more if a graphical user + interface will be used. Third-party application software + requires more space. It is recommended to increase + RAM and hard drive space to meet the needs of + the applications that will be used and the amount of data that + will be stored. - The processor requirements for - each architecture can be summarized as follows: + The processor requirements for each architecture can be + summarized as follows: - + &arch.amd64; - There are two classes of processors capable of running - &arch.amd64;. The first are AMD64 processors, - including the &amd.athlon;64 and - &amd.opteron; processors. - - The second class of processors includes those using the - &intel; EM64T architecture. Examples of these - processors include all multi-core &intel; &xeon; - processors except Sossaman, the single-core - &intel; &xeon; processors Nocona, Irwindale, Potomac, - and Cranford, the &intel; &core; 2 (not Core Duo) - and later processors, all &intel; &pentium; D processors, the - &intel; &pentium; 4s and Celeron Ds using the Cedar - Mill core, and some &intel; &pentium; 4s and Celeron Ds - using the Prescott core. - - Both Uniprocessor (UP) and Symmetric - Multi-processor (SMP) configurations are - supported. - + There are two classes of processors capable of running + &arch.amd64;. The first are AMD64 + processors, including the &amd.athlon;64 and &amd.opteron; + processors. + + The second class of processors includes those using + the &intel; EM64T architecture. Examples of these + processors include all multi-core &intel; &xeon; + processors except Sossaman, the single-core + &intel; &xeon; processors Nocona, Irwindale, Potomac, + and Cranford, the &intel; &core; 2 (not Core + Duo) and later processors, all &intel; &pentium; D + processors, the &intel; &pentium; 4s and Celeron Ds + using the Cedar Mill core, and some &intel; &pentium; + 4s and Celeron Ds using the Prescott core. + + Both Uniprocessor (UP) and + Symmetric Multi-processor (SMP) + configurations are supported. + - - &arch.i386; - - Almost all i386-compatible processors with a floating - point unit are supported. All &intel; processors - 486 or higher are supported. - - &os; will take advantage of Physical Address Extensions - (PAE) support on CPUs - that support this feature. A kernel with the - PAE feature enabled will detect memory - above 4 GB and allow it to be used by the system. - This feature places constraints on the device drivers and - other features of &os; which may be used; refer to - &man.pae.4; for details. - + + &arch.i386; + + Almost all i386-compatible processors with a floating + point unit are supported. All &intel; processors 486 or + higher are supported. + + &os; will take advantage of Physical Address + Extensions (PAE) support on + CPUs that support this feature. A + kernel with the PAE feature enabled + will detect memory above 4 GB and allow it to be used + by the system. This feature places constraints on the + device drivers and other features of &os; which may be + used; refer to &man.pae.4; for details. ia64 - Currently supported processors are the &itanium; and the - &itanium; 2. Supported chipsets include the HP zx1, &intel; - 460GX, and &intel; E8870. Both Uniprocessor - (UP) and Symmetric Multi-processor - (SMP) configurations are supported. - + Currently supported processors are the &itanium; and + the &itanium; 2. Supported chipsets include the HP zx1, + &intel; 460GX, and &intel; E8870. Both Uniprocessor + (UP) and Symmetric Multi-processor + (SMP) configurations are + supported. + pc98 - NEC PC-9801/9821 series with almost all i386-compatible - processors, including 80486, &pentium;, &pentium; Pro, and - &pentium; II, are all supported. All i386-compatible processors - by AMD, Cyrix, IBM, and IDT are also supported. EPSON - PC-386/486/586 series, which are compatible with NEC PC-9801 - series, are supported. The NEC FC-9801/9821 and NEC SV-98 - series should be supported. - - High-resolution mode is not supported. NEC - PC-98XA/XL/RL/XL^2, and NEC PC-H98 series are supported in - normal (PC-9801 compatible) mode only. The - SMP-related features of &os; are not - supported. The New Extend Standard Architecture - (NESA) bus used in the PC-H98, SV-H98, - and FC-H98 series, is not supported. - + NEC PC-9801/9821 series with almost all + i386-compatible processors, including 80486, &pentium;, + &pentium; Pro, and &pentium; II, are all supported. All + i386-compatible processors by AMD, Cyrix, IBM, and IDT are + also supported. EPSON PC-386/486/586 series, which are + compatible with NEC PC-9801 series, are supported. The + NEC FC-9801/9821 and NEC SV-98 series should be + supported. + + High-resolution mode is not supported. NEC + PC-98XA/XL/RL/XL^2, and NEC PC-H98 series are supported in + normal (PC-9801 compatible) mode only. The + SMP-related features of &os; are not + supported. The New Extend Standard Architecture + (NESA) bus used in the PC-H98, SV-H98, + and FC-H98 series, is not supported. + &arch.powerpc; - All New World ROM &apple; &macintosh; systems with built-in - USB are supported. - SMP is supported on machines with - multiple CPUs. + All New World ROM &apple; + &macintosh; systems with built-in USB + are supported. SMP is supported on + machines with multiple CPUs. - A 32-bit kernel can only use the first 2 GB of - RAM. - + A 32-bit kernel can only use the first 2 GB of + RAM. + - + &arch.sparc64; - Systems supported by &os;/&arch.sparc64; are listed at - the FreeBSD/sparc64 Project (http://www.freebsd.org/platforms/sparc.html). - - SMP is supported on all systems with - more than 1 processor. A dedicated disk is required as - it is not possible to share a disk with another operating - system at this time. - - - + Systems supported by &os;/&arch.sparc64; are listed at + the FreeBSD/sparc64 Project (http://www.freebsd.org/platforms/sparc.html). + + SMP is supported on all systems + with more than 1 processor. A dedicated disk is required + as it is not possible to share a disk with another + operating system at this time. + + + @@ -283,38 +283,40 @@ checklist: - - Back Up Important Data + + Back Up Important Data - Before installing any operating system, - always backup all important data first. - Do not store the backup on the system being installed. - Instead, save the data to a removable disk such as a - USB drive, another system on the network, - or an online backup service. Test the backup before - starting the installation to make sure it contains all of the - needed files. Once the installer formats the system's disk, - all data stored on that disk will be lost. - - - - Decide Where to Install &os; - - If &os; will be the only operating system installed, this - step can be skipped. But if &os; will share the disk with - another operating system, decide which disk or partition will - be used for &os;. + Before installing any operating system, + always backup all important data first. + Do not store the backup on the system being installed. + Instead, save the data to a removable disk such as a + USB drive, another system on the network, + or an online backup service. Test the backup before + starting the installation to make sure it contains all of + the needed files. Once the installer formats the system's + disk, all data stored on that disk will be lost. + + + + Decide Where to Install &os; + + If &os; will be the only operating system installed, + this step can be skipped. But if &os; will share the disk + with another operating system, decide which disk or + partition will be used for &os;. In the &arch.i386; and &arch.amd64; architectures, disks can be divided into multiple partitions using one of two - partitioning schemes. A traditional Master Boot Record - (MBR) holds a partition table defining up - to four primary partitions. For - historical reasons, &os; calls these primary partitions - slices. One of these - primary partitions can be made into an extended - partition containing multiple logical - partitions. The GUID Partition Table + partitioning schemes. A traditional Master Boot + Record (MBR) holds a + partition table defining up to four primary + partitions. For historical reasons, &os; + calls these primary partition + slices. One of these primary + partitions can be made into an extended + partition containing multiple + logical partitions. The + GUID Partition Table (GPT) is a newer and simpler method of partitioning a disk. Common GPT implementations allow up to 128 partitions per disk, @@ -344,84 +346,86 @@ is a free live CD which includes the GParted partition editor. GParted is also included with - many other Linux live CD distributions. + many other Linux live CD + distributions. When used properly, disk shrinking utilities can - safely create space for creating a new partition. - Since the possibility of selecting the wrong partition - exists, always backup any important data - and verify the integrity of the backup before modifying disk - partitions. + safely create space for creating a new partition. Since + the possibility of selecting the wrong partition exists, + always backup any important data and verify the integrity + of the backup before modifying disk partitions. Disk partitions containing different operating systems - make it possible to install multiple operating systems on one computer. - An alternative is to use virtualization () which allows - multiple operating systems to run at the same time without - modifying any disk partitions. - - - - Collect Network Information - - Some &os; installation methods require a network connection - in order to download the installation files. After any - installation, the installer will offer to setup the system's - network interfaces. + make it possible to install multiple operating systems on + one computer. An alternative is to use virtualization + () which allows multiple + operating systems to run at the same time without modifying + any disk partitions. + + + + Collect Network Information + + Some &os; installation methods require a network + connection in order to download the installation files. + After any installation, the installer will offer to setup + the system's network interfaces. + + If the network has a DHCP server, it + can be used to provide automatic network configuration. If + DHCP is not available, the follwoing + network information for the system must be obtained from the + local network administrator or Internet service + provider: - If the network has a DHCP server, it can be used to provide - automatic network configuration. If DHCP - is not available, the follwoing network information for the system must be obtained - from the local network administrator or Internet service - provider: + + Required Network Information - - Required Network Information - - - IP - address - - - - Subnet mask - + + IP address + - - IP address of default - gateway - + + Subnet mask + - - Domain name of the network - + + IP address of default + gateway + - - IP addresses of the network's - DNS servers - - - + + Domain name of the network + - - Check for &os; Errata + + IP addresses of the network's + DNS servers + + + + + + Check for &os; Errata + + Although the &os; Project strives to ensure that + each release of &os; is as stable as possible, bugs + occasionally creep into the process. On very rare occasions + those bugs affect the installation process. As these + problems are discovered and fixed, they are noted in the + &os; Errata (http://www.freebsd.org/releases/&rel.current;R/errata.html) + on the &os; web site. Check the errata before installing to + make sure that there are no problems that might affect the + installation. - Although the &os; Project strives to ensure that each - release of &os; is as stable as possible, bugs occasionally - creep into the process. On very rare occasions those bugs - affect the installation process. As these problems are - discovered and fixed, they are noted in the &os; Errata (http://www.freebsd.org/releases/&rel.current;R/errata.html) - on the &os; web site. Check the errata before installing to - make sure that there are no problems that might affect the - installation. - - Information and errata for all the releases can be found - on the release information section of the &os; web site (http://www.freebsd.org/releases/index.html). - + Information and errata for all the releases can be found + on the release information section of the &os; web site + (http://www.freebsd.org/releases/index.html). + @@ -620,131 +624,125 @@ commit your changes? configure the system to boot from the inserted media depends upon the architecture. - - Booting on &i386; and &arch.amd64; + + Booting on &i386; and &arch.amd64; - These architectures provide a - BIOS menu for selecting the - boot device. Depending upon the installation media - being used, select the - CD/DVD or - USB device as the first boot device. - Most systems also - provide a key for selecting the boot device during - startup without having to enter the BIOS. - Typically, the key is either F10, - F11, F12, or - Escape. - - If the computer loads the - existing operating system instead of the &os; installer, then either: - - - - The installation media was not inserted early enough in the - boot process. Leave the media inserted and try restarting the - computer. - - - - The BIOS changes were incorrect or not saved. - Double-check that the right boot device - is selected as the first boot device. - - - - This system is too old to - support booting from the chosen media. In this case, the - Plop Boot Manager (http://www.plop.at/en/bootmanager.html) - can be used to boot the system from the selected - media. - - - - - - Booting on &powerpc; - - On most machines, holding C on the - keyboard during boot will boot from the - CD. Otherwise, hold - - Command - Option - O - F - , - or - - Windows - Alt - O - F - - on non-&apple; keyboards. At the 0 > - prompt, enter - - boot cd:,\ppc\loader cd:0 - - - - Booting on &sparc64; - - Most &sparc64; systems are set up to boot automatically - from disk. To install &os; - from a CD requires a break into the - PROM. - - To do this, reboot the system and wait until the boot - message appears. The message depends on the model, but should look - something like this: + These architectures provide a BIOS + menu for selecting the boot device. Depending upon the + installation media being used, select the + CD/DVD or + USB device as the first boot device. Most + systems also provide a key for selecting the boot device + during startup without having to enter the + BIOS. Typically, the key is either + F10, F11, + F12, or Escape. - Sun Blade 100 (UltraSPARC-IIe), Keyboard Present + If the computer loads the existing operating system + instead of the &os; installer, then either: + + + + The installation media was not inserted early enough + in the boot process. Leave the media inserted and try + restarting the computer. + + + + The BIOS changes were incorrect or + not saved. Double-check that the right boot device is + selected as the first boot device. + + + + This system is too old to support booting from the + chosen media. In this case, the Plop Boot + Manager (http://www.plop.at/en/bootmanager.html) + can be used to boot the system from the selected + media. + + + + + + Booting on &powerpc; + + On most machines, holding C on the + keyboard during boot will boot from the CD. + Otherwise, hold + Command + Option + O + F + , or + + Windows + Alt + O + F + on non-&apple; keyboards. At the + 0 > prompt, enter + + boot cd:,\ppc\loader cd:0 + + + + Booting on &sparc64; + + Most &sparc64; systems are set up to boot automatically + from disk. To install &os; from a CD + requires a break into the PROM. + + To do this, reboot the system and wait until the boot + message appears. The message depends on the model, but should + look something like this: + + Sun Blade 100 (UltraSPARC-IIe), Keyboard Present Copyright 1998-2001 Sun Microsystems, Inc. All rights reserved. OpenBoot 4.2, 128 MB memory installed, Serial #51090132. Ethernet address 0:3:ba:b:92:d4, Host ID: 830b92d4. - If the system proceeds to boot from disk at this point, - press L1A - or StopA - on the keyboard, or send a BREAK over the - serial console. When using tip - or cu, ~# will - issue a BREAK. The PROM prompt will be - ok on systems with one - CPU and ok {0} on SMP - systems, where the digit indicates the number of the active - CPU. - - At this point, place the CD into the - drive and type boot cdrom from the - PROM prompt. + If the system proceeds to boot from disk at this point, + press L1A + or StopA + on the keyboard, or send a BREAK over the + serial console. When using tip or + cu, ~# will + issue a BREAK. The PROM prompt will be + ok on systems with one + CPU and ok {0} on + SMP systems, where the digit indicates the + number of the active CPU. + + At this point, place the CD into the + drive and type boot cdrom from the + PROM prompt. &os; Boot Menu - Once the system boots from the installation media, - a menu similar to the following will be displayed: + Once the system boots from the installation media, a menu + similar to the following will be displayed: -
              - &os; Boot Loader Menu +
              + &os; Boot Loader Menu - - - - - -
              - - By default, the menu will wait ten seconds for user - input before booting into the &os; installer or, if &os; is - already installed, before booting into &os;. To pause the - boot timer in order to review the selections, press + + + + + +
              + + By default, the menu will wait ten seconds for user input + before booting into the &os; installer or, if &os; is already + installed, before booting into &os;. To pause the boot timer + in order to review the selections, press Space. To select an option, press its highlighted number, character, or key. The following options are available. @@ -784,18 +782,18 @@ Ethernet address 0:3:ba:b:92:d4, Host ID menu shown in, and described under, . -               + -
              - &os; Boot Options Menu +
              + &os; Boot Options Menu - - - - - -
              + + + + + +
              The boot options menu is divided into two sections. The first section can be used to either return to the main boot @@ -834,19 +832,19 @@ Ethernet address 0:3:ba:b:92:d4, Host ID Verbose: Toggle this option to On to see more detailed messages during - the boot process. This can be useful when troubleshooting + the boot process. This can be useful when troubleshooting a piece of hardware. - + After making the needed selections, press 1 or Backspace to return to - the main boot menu, then press Enter to - continue booting into &os;. A series of boot messages will - appear as &os; carries out its hardware device probes and - loads the installation program. Once the boot is complete, - the welcome menu shown in - will be displayed. + the main boot menu, then press Enter to + continue booting into &os;. A series of boot messages will + appear as &os; carries out its hardware device probes and + loads the installation program. Once the boot is complete, + the welcome menu shown in will be displayed.
              Welcome Menu @@ -859,10 +857,10 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
              Press Enter to select the default of - [ Install ] to - enter the installer. The rest of this chapter describes how - to use this installer. Otherwise, use the right or left arrows - or the colorized letter to select the desired menu item. The + [ Install ] to enter the + installer. The rest of this chapter describes how to use this + installer. Otherwise, use the right or left arrows or the + colorized letter to select the desired menu item. The [ Shell ] can be used to access a &os; shell in order to use command line utilities to prepare the disks before installation. The @@ -871,13 +869,14 @@ Ethernet address 0:3:ba:b:92:d4, Host ID is described in . - To review the boot messages, including the hardware device - probe, press the upper- or lower-case S and - then Enter to access a shell. At the shell - prompt, type more /var/run/dmesg.boot and - use the space bar to scroll through the messages. When - finished, type exit to return to the - welcome menu. + To review the boot messages, including the hardware + device probe, press the upper- or lower-case + S and then Enter to access + a shell. At the shell prompt, type more + /var/run/dmesg.boot and use the space bar to + scroll through the messages. When finished, type + exit to return to the welcome + menu.               @@ -889,9 +888,9 @@ Ethernet address 0:3:ba:b:92:d4, Host ID bsdinstall menus and the type of information that will be asked before the system is installed. Use the up and down arrows to highlight a menu option, then the - Space key to select or deselect a - menu item. Then, use Enter to save the selection - and move onto the next screen. + Space key to select or deselect a menu item. + Then, use Enter to save the selection and move + onto the next screen. Selecting the Keymap Menu @@ -979,8 +978,8 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - Type in a hostname that is unique for the network. It should be a fully-qualified hostname, - such as Type in a hostname that is unique for the network. It + should be a fully-qualified hostname, such as machine3.example.com.             @@ -1004,15 +1003,15 @@ Ethernet address 0:3:ba:b:92:d4, Host ID Deciding which components to install will depend largely on the intended use of the system and the amount of disk space available. The &os; kernel and userland, collectively known - as the base system, are always - installed. Depending on the architecture, some of these - components may not appear: + as the base system, are always installed. + Depending on the architecture, some of these components may + not appear: doc - Additional documentation, mostly of historical interest, to install into - /usr/share/doc. The documentation + /usr/share/doc. The documentation provided by the FreeBSD Documentation Project may be installed later using the instructions in . From owner-svn-doc-all@FreeBSD.ORG Tue May 20 21:11:31 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 48B507D5; Tue, 20 May 2014 21:11:31 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 35C412370; Tue, 20 May 2014 21:11:31 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4KLBVJu093776; Tue, 20 May 2014 21:11:31 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4KLBVXB093775; Tue, 20 May 2014 21:11:31 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405202111.s4KLBVXB093775@svn.freebsd.org> From: Dru Lavigne Date: Tue, 20 May 2014 21:11:31 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44891 - head/en_US.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 May 2014 21:11:31 -0000 Author: dru Date: Tue May 20 21:11:30 2014 New Revision: 44891 URL: http://svnweb.freebsd.org/changeset/doc/44891 Log: Fix typo. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Tue May 20 20:46:29 2014 (r44890) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Tue May 20 21:11:30 2014 (r44891) @@ -375,7 +375,7 @@ If the network has a DHCP server, it can be used to provide automatic network configuration. If - DHCP is not available, the follwoing + DHCP is not available, the following network information for the system must be obtained from the local network administrator or Internet service provider: From owner-svn-doc-all@FreeBSD.ORG Tue May 20 22:13:24 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AA453BE2; Tue, 20 May 2014 22:13:24 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8B11F2975; Tue, 20 May 2014 22:13:24 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4KMDOtw020435; Tue, 20 May 2014 22:13:24 GMT (envelope-from slm@svn.freebsd.org) Received: (from slm@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4KMDNc3020427; Tue, 20 May 2014 22:13:23 GMT (envelope-from slm@svn.freebsd.org) Message-Id: <201405202213.s4KMDNc3020427@svn.freebsd.org> From: Stephen McConnell Date: Tue, 20 May 2014 22:13:23 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44892 - in head: en_US.ISO8859-1/articles/contributors share/pgpkeys share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 May 2014 22:13:24 -0000 Author: slm (src committer) Date: Tue May 20 22:13:23 2014 New Revision: 44892 URL: http://svnweb.freebsd.org/changeset/doc/44892 Log: - Add myself as a committer - Add my PGP public key - Add my author entity - Add a news entry Approved by: ken/scottl (mentors) Added: head/share/pgpkeys/slm.key (contents, props changed) Modified: head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml head/share/pgpkeys/pgpkeys-developers.xml head/share/pgpkeys/pgpkeys.ent head/share/xml/authors.ent head/share/xml/news.xml Modified: head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Tue May 20 21:11:30 2014 (r44891) +++ head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Tue May 20 22:13:23 2014 (r44892) @@ -859,6 +859,10 @@ + &a.slm.email; + + + &a.mckay.email; Modified: head/share/pgpkeys/pgpkeys-developers.xml ============================================================================== --- head/share/pgpkeys/pgpkeys-developers.xml Tue May 20 21:11:30 2014 (r44891) +++ head/share/pgpkeys/pgpkeys-developers.xml Tue May 20 22:13:23 2014 (r44892) @@ -1261,6 +1261,11 @@ &pgpkey.sem; + + &a.slm.email; + &pgpkey.slm; + + &a.tmclaugh.email; &pgpkey.tmclaugh; Modified: head/share/pgpkeys/pgpkeys.ent ============================================================================== --- head/share/pgpkeys/pgpkeys.ent Tue May 20 21:11:30 2014 (r44891) +++ head/share/pgpkeys/pgpkeys.ent Tue May 20 22:13:23 2014 (r44892) @@ -389,6 +389,7 @@ + Added: head/share/pgpkeys/slm.key ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/pgpkeys/slm.key Tue May 20 22:13:23 2014 (r44892) @@ -0,0 +1,42 @@ + + + +sub 2048R/0A1BC20E46082DDE 2014-05-13 [expires: 2017-05-12] + +]]> + Modified: head/share/xml/authors.ent ============================================================================== --- head/share/xml/authors.ent Tue May 20 21:11:30 2014 (r44891) +++ head/share/xml/authors.ent Tue May 20 22:13:23 2014 (r44892) @@ -1926,6 +1926,9 @@ skv@FreeBSD.org"> + +slm@FreeBSD.org"> + smace@FreeBSD.org"> Modified: head/share/xml/news.xml ============================================================================== --- head/share/xml/news.xml Tue May 20 21:11:30 2014 (r44891) +++ head/share/xml/news.xml Tue May 20 22:13:23 2014 (r44892) @@ -40,6 +40,14 @@ Allan Jude (doc)

            + + + 7 + +

            New committer: + Stephen McConnell (src)

            +             +             From owner-svn-doc-all@FreeBSD.ORG Wed May 21 02:59:51 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D18D4626; Wed, 21 May 2014 02:59:51 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A53CE2ECB; Wed, 21 May 2014 02:59:51 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4L2xpHi040283; Wed, 21 May 2014 02:59:51 GMT (envelope-from allanjude@svn.freebsd.org) Received: (from allanjude@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4L2xpVv040282; Wed, 21 May 2014 02:59:51 GMT (envelope-from allanjude@svn.freebsd.org) Message-Id: <201405210259.s4L2xpVv040282@svn.freebsd.org> From: Allan Jude Date: Wed, 21 May 2014 02:59:51 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44893 - head/en_US.ISO8859-1/books/handbook/linuxemu X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 May 2014 02:59:51 -0000 Author: allanjude Date: Wed May 21 02:59:51 2014 New Revision: 44893 URL: http://svnweb.freebsd.org/changeset/doc/44893 Log: Move the instructions to load the linux.ko module to before the instruction to install the port, as the port depends on the module being loaded. PR: docs/188968 Submitted by: venture37 Approved by: eadler (mentor) Modified: head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml Tue May 20 22:13:23 2014 (r44892) +++ head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml Wed May 21 02:59:51 2014 (r44893) @@ -108,6 +108,18 @@ either be installed manually or from the &os; Ports Collection. + Before attempting to build the port, load the &linux; kernel + module otherwise the build will fail + + &prompt.root; kldload linux + + To verify that the module is loaded: + + &prompt.user; kldstat + Id Refs Address Size Name + 1 2 0xc0100000 16bdb8 kernel + 7 1 0xc24db000 d000 linux.ko + The emulators/linux-base-f10 package or port is the easiest way to install a base set of &linux; libraries and binaries on a &os; system. To install the @@ -116,18 +128,6 @@ &prompt.root; cd /usr/ports/emulators/linux_base-f10 &prompt.root; make install distclean - Once installed, enable &linux; binary compatibility by - loading the linux module: - - &prompt.root; kldload linux - - To verify that the module is loaded: - - &prompt.user; kldstat -Id Refs Address Size Name - 1 2 0xc0100000 16bdb8 kernel - 7 1 0xc24db000 d000 linux.ko - In order for &linux; compatibility to be enabled at boot time, add the following line to /etc/rc.conf: From owner-svn-doc-all@FreeBSD.ORG Wed May 21 03:03:39 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B511D839; Wed, 21 May 2014 03:03:39 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A2F9F2FF6; Wed, 21 May 2014 03:03:39 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4L33dWi044758; Wed, 21 May 2014 03:03:39 GMT (envelope-from allanjude@svn.freebsd.org) Received: (from allanjude@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4L33d4e044757; Wed, 21 May 2014 03:03:39 GMT (envelope-from allanjude@svn.freebsd.org) Message-Id: <201405210303.s4L33d4e044757@svn.freebsd.org> From: Allan Jude Date: Wed, 21 May 2014 03:03:39 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44894 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 May 2014 03:03:39 -0000 Author: allanjude Date: Wed May 21 03:03:39 2014 New Revision: 44894 URL: http://svnweb.freebsd.org/changeset/doc/44894 Log: Better explain how patchlevels (9.2-RELEASE-p4) work in the security advisory section of the handbook PR: docs/187465 Submitted by: Lowell Gilbert (original version) Approved by: eadler (mentor) Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Wed May 21 02:59:51 2014 (r44893) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Wed May 21 03:03:39 2014 (r44894) @@ -3383,7 +3383,15 @@ UWWemqWuz3lAZuORQ9KX The Corrected field indicates the date, time, time offset, and releases that were - corrected. + corrected. The section in parentheses shows each branch + to which the fix has been merged, and the version number + of the corresponding release from that branch. The + release identifier itself, includes the version number + and, if appropriate, the patch level. The patch level is + the letter p followed by a number, + indicating the sequence number of the patch, allowing + users to track which patches have already been applied to + the system. From owner-svn-doc-all@FreeBSD.ORG Wed May 21 09:23:53 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D2573550; Wed, 21 May 2014 09:23:53 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BEB40235F; Wed, 21 May 2014 09:23:53 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4L9Nr9H010028; Wed, 21 May 2014 09:23:53 GMT (envelope-from hrs@svn.freebsd.org) Received: (from hrs@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4L9Nr4b010026; Wed, 21 May 2014 09:23:53 GMT (envelope-from hrs@svn.freebsd.org) Message-Id: <201405210923.s4L9Nr4b010026@svn.freebsd.org> From: Hiroki Sato Date: Wed, 21 May 2014 09:23:53 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44895 - in head/en_US.ISO8859-1/books/fdp-primer: . docbook-markup X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 May 2014 09:23:53 -0000 Author: hrs Date: Wed May 21 09:23:53 2014 New Revision: 44895 URL: http://svnweb.freebsd.org/changeset/doc/44895 Log: - Add SCR and PIC as image format. - Bump copyright year. Modified: head/en_US.ISO8859-1/books/fdp-primer/book.xml head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/book.xml Wed May 21 03:03:39 2014 (r44894) +++ head/en_US.ISO8859-1/books/fdp-primer/book.xml Wed May 21 09:23:53 2014 (r44895) @@ -59,6 +59,7 @@ 2011 2012 2013 + 2014 DocEng Modified: head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Wed May 21 03:03:39 2014 (r44894) +++ head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Wed May 21 09:23:53 2014 (r44895) @@ -2072,24 +2072,68 @@ This is the file called 'foo2' Image Formats - Two image formats are currently supported. The type of - image determines which format to use. - - Images that are primarily vector based, such as network - diagrams, time lines, and similar, should be in - EPS (Encapsulated Postscript) format. - These images have a .eps - extension. - - For bitmaps, such as screen captures, use the - PNG (Portable Network Graphic) format. - These images have the .png - extension. + The following image formats are currently supported. An + image file will automatically be converted to bitmap or vector + image depending on the output document format. These are the only formats in which images should be committed to the documentation repository. + + + EPS (Encapsulated Postscript) + + + Images that are primarily vector based, such as + network diagrams, time lines, and similar, should be in + this format. These images have a + .eps extension. + + + + + PNG (Portable Network Graphic) + + + For bitmaps, such as screen captures, use this format. + These images have the .png + extension. + + + + + PIC (PIC graphics language) + + + PIC is a language for drawing + simple vector-based figures used in the &man.pic.1; + utility. These images have the + .pic extension. + + + + + SCR (SCReen capture) + + + This format is specific to screenshots of console + output. The following command generates an SCR file + shot.scr from video buffer of + /dev/ttyv0: + + &prompt.root; vidcontrol -p < /dev/ttyv0 > shot.scr + + This is preferable to PNG format + for screenshots because the SCR file + contains plain text of the command lines so that it can + be converted to a PNG image or a + plain text depending on the output document + format. + + + + Use the appropriate format for each image. Documentation will often have a mix of EPS and PNG images. The From owner-svn-doc-all@FreeBSD.ORG Wed May 21 09:40:01 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 072A9BA5; Wed, 21 May 2014 09:40:01 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DC4DE24A9; Wed, 21 May 2014 09:40:00 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4L9e05r015029; Wed, 21 May 2014 09:40:00 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4L9e0eg015027; Wed, 21 May 2014 09:40:00 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405210940.s4L9e0eg015027@svn.freebsd.org> From: Ryusuke SUZUKI Date: Wed, 21 May 2014 09:40:00 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44896 - head/ja_JP.eucJP/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Wed, 21 May 2014 11:35:18 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 May 2014 09:40:01 -0000 Author: ryusuke Date: Wed May 21 09:40:00 2014 New Revision: 44896 URL: http://svnweb.freebsd.org/changeset/doc/44896 Log: - Merge the following from the English version: r44674 -> r44732 head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Wed May 21 09:23:53 2014 (r44895) +++ head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Wed May 21 09:40:00 2014 (r44896) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r44674 + Original revision: r44732 $FreeBSD$ --> 複数のコンピュータで同じソースツリーを追いかけていて、 全部のマシンにソースをダウンロードして全部を再構築するのは、 - ディスクスペース、ネットワーク帯域、そして CPU サイクルの無駄使いです。 + ディスクスペース、ネットワーク帯域、 + そして CPU サイクルの無駄使いです。 解決策は 1 つのマシンに仕事のほとんどをさせ、 - 残りのマシンは NFS 経由でそれをマウントする、というものです。 - このセクションではそのやり方を概観します。 - - - 準備 + 残りのマシンは NFS + 経由でそれをマウントする、というものです。 + このセクションではそのやり方を概観します。 + NFS の使い方の詳細については、 をご覧下さい。 まず初めに、同じバイナリで動かそうとするマシンたちを決めます。 - このマシンたちのことをビルドセットと呼びます。 + このマシンたちのことをビルドセットと呼びます。 それぞれのマシンはカスタムカーネルを持っているかもしれませんが、 同じユーザランドバイナリを動かそうというのです。 このビルドセットから、 - ビルドマシンとなるマシンを 1 台選びます。 + ビルドマシンとなるマシンを 1 台選びます。 ベースシステムとカーネルを構築するのはこのマシンになります。 理想的には、このマシンは make buildworldmake buildkernel - を実行するのに十分な CPU を持った速いマシンであるべきです。 - テストマシンとなるべきマシンも選んでください。 + を実行するのに十分な CPU + を持った速いマシンであるべきです。 + + テストマシン + となるべきマシンも選んでください。 更新されたソフトウェアを使う前にそのマシンでテストするのです。 テストマシンはかなり長い時間落ちていても だいじょうぶなマシンであったほうがいいでしょう。 @@ -2547,77 +2551,65 @@ Building everything.. このビルドセットのマシンはすべて /usr/obj/usr/src - を同じマシンの同じ場所からマウントする必要があります。 - 理想的にはビルドマシンの 2 つの違うドライブ上にあるとよいのですが、 - ビルドマシンに NFS マウントされていてもかまいません。 + をビルドマシンから FTP + 経由でマウントする必要があります。 ビルドセット自体が複数ある場合は、 /usr/src はひとつのビルドマシン上にあるべきです。 - 他のマシンからはそれを NFS マウントするようにしましょう。 + 他のマシンからはそれを NFS + マウントするようにしましょう。 - 最後にビルドセットのすべてのマシン上の + ビルドセットのすべてのマシン上の /etc/make.conf/etc/src.conf - がビルドマシンと一致していることを確認してください。 - つまり、ビルドマシンはビルドセットのどのマシンもインストールしようとしている + がビルドマシンと一致していることを確認してください。つまり、 + ビルドマシンはビルドセットのどのマシンもインストールしようとしている ベースシステムを全部ビルドしなければならないということです。 また、各ビルドマシンは /etc/make.conf にそれぞれのビルドマシンのカーネル名を KERNCONF で指定し、 ビルドマシンは自分自身のカーネルから順に全部のカーネル名を KERNCONF にリストアップしてください。 - 各マシンのカーネルもビルドするのであれば、 ビルドマシンは各マシンのカーネル設定ファイルを /usr/src/sys/arch/conf に持っていなければなりません。 - - - - ベースシステム ビルドマシンにて、 - + に書いてあるようにカーネルとベースシステムを構築してください。 - でも、まだインストールしないでください。 - ビルドが終わったら、テストマシンに移り、 - ビルドしたカーネルをインストールしてください。 - テストマシンが NFS 経由で - /usr/src と - /usr/obj - をマウントしているなら、 - シングルユーザで再起動したときにネットワークを使えるようにして、 - これらのディレクトリをマウントするようにしてください。 - もっとも簡単な方法は、 - マルチユーザモードで起動して、shutdown now - を実行してシングルユーザモードに移行することです。 - そうしたら、カーネルとベースシステムをインストールし、 + でも、まだビルドマシンにはインストールしないでください。 + そのかわり、 + ビルドしたカーネルをテストマシンにインストールしてください。 + FTP 経由で + /usr/src および /usr/obj + をテストマシンにマウントしてください。 + その後、shutdown now + を実行してシングルユーザモードに移行し、 + 新しいカーネルとベースシステムをインストールし、 いつもするように mergemaster を実行してください。 - 終わったら、 - テストマシンを再起動して通常のマルチユーザ動作に戻します。 + 終わったら、再起動して通常のマルチユーザ動作に戻します。 テストマシンにあるものすべてがちゃんと動いている確信が得られたら、 同じ手順でビルドセットの他のマシンにも新しいソフトウェアをインストールします。 - - - Ports - - ports ツリーにも同じアイデアが使えます。 - 最初に重要な点は、 - ビルドセットのすべてのマシンに同じマシンの + ports ツリーにも同じ方法が使えます。 + 最初のステップは、 + ビルドセットのすべてのマシンが NFS 経由で /usr/ports をマウントすることです。 そして、distfiles を共有するように - /etc/make.conf を適切に設定します。 - NFS マウントによってマップされる + /etc/make.conf を設定します。 + NFS マウントによってマップされる root ユーザが何であれ、DISTDIR はそのユーザが書き込める共通の共有ディレクトリに設定する必要があります。 + ports をローカルでビルドする場合には、 各マシンは WRKDIRPREFIX を自分のマシンのビルドディレクトリに設定しなければなりません。 - 最後に、packages をビルドして配布するのであれば、 - DISTDIR と同じように - PACKAGES ディレクトリも設定してください。 - + また、ビルドシステムが packages + をビルドしてビルドセットのコンピュータに配布するのであれば、 + DISTDIR と同じようにビルドシステム上の + PACKAGES + ディレクトリも設定してください。 From owner-svn-doc-all@FreeBSD.ORG Wed May 21 09:55:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 659AFE60; Wed, 21 May 2014 09:55:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 396092649; Wed, 21 May 2014 09:55:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4L9tuXF022797; Wed, 21 May 2014 09:55:56 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4L9tus8022796; Wed, 21 May 2014 09:55:56 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405210955.s4L9tus8022796@svn.freebsd.org> From: Ryusuke SUZUKI Date: Wed, 21 May 2014 09:55:56 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44897 - head/ja_JP.eucJP/books/handbook/basics X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Wed, 21 May 2014 11:35:54 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 May 2014 09:55:56 -0000 Author: ryusuke Date: Wed May 21 09:55:55 2014 New Revision: 44897 URL: http://svnweb.freebsd.org/changeset/doc/44897 Log: - Merge the following from the English version: r25537 -> r25636 head/ja_JP.eucJP/books/handbook/basics/chapter.xml Submitted by: Yuta MASUMOTO Modified: head/ja_JP.eucJP/books/handbook/basics/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/basics/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/basics/chapter.xml Wed May 21 09:40:00 2014 (r44896) +++ head/ja_JP.eucJP/books/handbook/basics/chapter.xml Wed May 21 09:55:55 2014 (r44897) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r25537 + Original revision: r25636 $FreeBSD$ --> @@ -694,7 +694,7 @@ total 530 説明 - + / ファイルシステムのルートディレクトリ @@ -787,15 +787,19 @@ total 530 スタンドアロン環境で使われるプログラム - /tmp/ - 一時的なファイル、&man.mfs.8; メモリファイルシステムであることが多い - (普通 /tmp - の内容はシステムの再起動で失われる) + 一時的なファイル。 + 通常、/tmp + の内容はシステムの再起動で失われます。 + メモリファイルシステムはよく + /tmp + にマウントされます。 + 詳しくは &man.mdmfs.8; + (FreeBSD 4.X 系列であれば &man.mfs.8;) + を参照して下さい。 - /usr/ 大部分のユーザユーティリティとアプリケーション @@ -1221,7 +1225,7 @@ total 530 - + a @@ -1446,7 +1450,7 @@ total 530 | | > referred to as ad0s2b | | | | | :-----------------: ==: | Partition c, no -| | | Partition e, used as /var > filesystem, all +| | | Partition e, used as /var > file system, all | | > referred to as ad0s2e | of FreeBSD slice, | | | | ad0s2c :-----------------: ==: | From owner-svn-doc-all@FreeBSD.ORG Wed May 21 15:04:32 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 58D4BE26; Wed, 21 May 2014 15:04:32 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 45AB52F88; Wed, 21 May 2014 15:04:32 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4LF4V7C055014; Wed, 21 May 2014 15:04:31 GMT (envelope-from allanjude@svn.freebsd.org) Received: (from allanjude@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4LF4VxG055013; Wed, 21 May 2014 15:04:31 GMT (envelope-from allanjude@svn.freebsd.org) Message-Id: <201405211504.s4LF4VxG055013@svn.freebsd.org> From: Allan Jude Date: Wed, 21 May 2014 15:04:31 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44898 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 May 2014 15:04:32 -0000 Author: allanjude Date: Wed May 21 15:04:31 2014 New Revision: 44898 URL: http://svnweb.freebsd.org/changeset/doc/44898 Log: Fix grammer and remove a comma Submitted by: dru Approved by: eadler (mentor) Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Wed May 21 09:55:55 2014 (r44897) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Wed May 21 15:04:31 2014 (r44898) @@ -3384,9 +3384,9 @@ UWWemqWuz3lAZuORQ9KX The Corrected field indicates the date, time, time offset, and releases that were corrected. The section in parentheses shows each branch - to which the fix has been merged, and the version number + for which the fix has been merged, and the version number of the corresponding release from that branch. The - release identifier itself, includes the version number + release identifier itself includes the version number and, if appropriate, the patch level. The patch level is the letter p followed by a number, indicating the sequence number of the patch, allowing From owner-svn-doc-all@FreeBSD.ORG Wed May 21 15:13:37 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BF2B4F4F; Wed, 21 May 2014 15:13:37 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AC02D203F; Wed, 21 May 2014 15:13:37 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4LFDbWu059408; Wed, 21 May 2014 15:13:37 GMT (envelope-from allanjude@svn.freebsd.org) Received: (from allanjude@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4LFDbYr059407; Wed, 21 May 2014 15:13:37 GMT (envelope-from allanjude@svn.freebsd.org) Message-Id: <201405211513.s4LFDbYr059407@svn.freebsd.org> From: Allan Jude Date: Wed, 21 May 2014 15:13:37 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44899 - head/en_US.ISO8859-1/books/handbook/linuxemu X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 May 2014 15:13:37 -0000 Author: allanjude Date: Wed May 21 15:13:37 2014 New Revision: 44899 URL: http://svnweb.freebsd.org/changeset/doc/44899 Log: Add a missing comma and a trailing colon Submitted by: dru Approved by: eadler (mentor) Modified: head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml Wed May 21 15:04:31 2014 (r44898) +++ head/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml Wed May 21 15:13:37 2014 (r44899) @@ -109,7 +109,7 @@ Collection. Before attempting to build the port, load the &linux; kernel - module otherwise the build will fail + module, otherwise the build will fail: &prompt.root; kldload linux From owner-svn-doc-all@FreeBSD.ORG Wed May 21 15:17:22 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 42263FF2; Wed, 21 May 2014 15:17:22 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 233B62064; Wed, 21 May 2014 15:17:22 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4LFHMR9059904; Wed, 21 May 2014 15:17:22 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4LFHLrP059903; Wed, 21 May 2014 15:17:21 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405211517.s4LFHLrP059903@svn.freebsd.org> From: Dru Lavigne Date: Wed, 21 May 2014 15:17:21 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44900 - head/en_US.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 May 2014 15:17:22 -0000 Author: dru Date: Wed May 21 15:17:21 2014 New Revision: 44900 URL: http://svnweb.freebsd.org/changeset/doc/44900 Log: Editorial review of Prepare the Installation Media section. Describe the available installation files. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Wed May 21 15:13:37 2014 (r44899) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Wed May 21 15:17:21 2014 (r44900) @@ -431,116 +431,126 @@ Prepare the Installation Media - A &os; installation is started by booting the computer - with a &os; installation CD, - DVD, or USB memory - stick. The installer is not a program that can be run from - within another operating system. - - In addition to the standard installation media which - contains copies of all the &os; installation files, there is a - bootonly variant. Bootonly install media - does not have copies of the installation files, but downloads - them from the network during an install. The bootonly install - CD is consequently much smaller, and - reduces bandwidth usage during the install by only downloading - required files. + The &os; installer is not an application that can be run from + within another operating system. Instead, download a &os; + installation file, burn it to the media associated with its + file type and size (CD, + DVD, or USB), and boot + the system to install from the inserted media. - Copies of &os; installation media are available at &os; installation files are available at www.freebsd.org/where.html#download. - Also download CHECKSUM.SHA256 from the - same directory as the image file, and use it to check the + Each installation file's name includes the release version of + &os;, the architecture, and the type of file. For example, to + install &os; 10.0 on an &arch.amd64; system from a + DVD, download + FreeBSD-10.0-RELEASE-amd64-dvd1.iso, + burn this file to a DVD, and boot the + system with the DVD inserted. + + Several file types are available, though not all file + types are available for all architectures. The possible file + types are: + + + + -bootonly.iso: This is the smallest + installation file as it only contains the installer. A + working Internet connection is required during + installation as the installer will download the files it + needs to complete the &os; installation. This file should + be burned to a CD using a + CD burning application. + + + + -disc1.iso: This file contains all + of the files needed to install &os;, its source, and the + Ports Collection. It should be burned to a + CD using a CD + burning application. + + + + -dvd1.iso: This file contains all + of the files needed to install &os;, its source, and the + Ports Collection. It also contains a set of popular + binary packages for installing a window manager and some + applications so that a complete system can be installed + from media without requiring a connection to the Internet. + This file should be burned to a DVD + using a DVD burning application. + + + + -memstick.img: This file contains + all of the files needed to install &os;, its source, and + the Ports Collection. It should be burned to a + USB stick using the instructions + below. + + + + Also download CHECKSUM.SHA256 from the + same directory as the image file and use it to check the image file's integrity by calculating a - checksum. &os; provides &man.sha256.1; + checksum. &os; provides &man.sha256.1; for this, while other operating systems have similar programs. Compare the calculated checksum with the one shown in CHECKSUM.SHA256. The checksums must match exactly. If the checksums do not match, the file is - corrupt and should be discarded. + corrupt and should be downloaded again. - - If a copy of &os; already exists on - CD, DVD, or - USB memory stick, this section can be - skipped. - + + Burning an Image File to <acronym>USB</acronym> - &os; CD and DVD - images are bootable ISO files. Only one - CD or DVD is needed for - an install. Burn the ISO image to a - bootable CD or DVD using - the burning applications available with the current operating - system. On &os;, recording is provided by - cdrecord from - sysutils/cdrtools, installed from the Ports - Collection. - - To create a bootable memory stick, follow these - steps: - - - - Acquire the Memory Stick Image - - Memory stick images for &os; 9.0-RELEASE and - later can be downloaded from the - ISO-IMAGES/ - directory at - ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/arch/arch/ISO-IMAGES/version/&os;-version-RELEASE-arch-memstick.img. - Replace arch and - version with the architecture - and the version number to install, respectively. For - example, the memory stick images for - &os;/&arch.i386; 9.0-RELEASE are available from ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/&arch.i386;/&arch.i386;/ISO-IMAGES/9.0/&os;-9.0-RELEASE-&arch.i386;-memstick.img. - - - A different directory path is used for - &os; 8.X and earlier - versions. Details of download and installation of - &os; 8.X and earlier is - covered in . - - - The memory stick image has a .img - extension. The ISO-IMAGES/ directory - contains a number of different images, and the one needed - depends on the version of &os; being installed, and in - some cases, the target hardware. + Since the *.img file is an + image of the complete contents of a + memory stick, it cannot just be copied + to the target device. Several applications are available + for burning the *.img to a + USB stick. This section describes two + of these utilities. - Before proceeding, back up the - data on the USB stick, as this procedure will - erase it. + Before proceeding, back up any important + data on the USB stick as this procedure will + erase the existing data on the stick. - - - - Write the Image File to the Memory Stick - Using &os; to Write the Image + Using <command>dd</command> to Write the + Image - The example below shows + This example uses /dev/da0 as the target device - where the image will be written. Be very careful that - the correct device is used as the output target, as - this command will destroy existing data. + where the image will be written. Be very + careful that the correct device is used as + this command will destroy the existing data on the + specified target device. - Writing the Image with &man.dd.1; - - The .img file is - not a regular file. It is an - image of the complete contents of - the memory stick. It cannot be - copied like a regular file, but must be written - directly to the target device with &man.dd.1;: - - &prompt.root; dd if=&os;-9.0-RELEASE-&arch.i386;-memstick.img of=/dev/da0 bs=64k + The dd command-line utility is + included on BSD, Linux, and &macos; systems. To burn + the image using dd, insert the + USB stick and determine its device + name. Then, specify the name of the downloaded + installation file and the device name for the + USB stick. This example burns the + &arch.amd64; installation image to the first + USB device on an existing &os; + system. + + &prompt.root; dd if=FreeBSD-10.0-RELEASE-amd64-memstick.img of=/dev/da0 bs=64k + + Should this command fail, verify that the + USB stick is not mounted and that + the device name is for the disk, not a partition. + Depending upon the operating system, this command may + need to be issued using + sudo. @@ -549,7 +559,7 @@ Be sure to give the correct drive letter as the - output target, as existing data will be overwritten + existing data on the specified drive will be overwritten and destroyed. @@ -583,15 +593,9 @@ write the image file to the memory stick. - - - - - Installation from floppy disks is no longer - supported. - You are now ready to start installing &os;. + From owner-svn-doc-all@FreeBSD.ORG Wed May 21 17:52:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C2164491; Wed, 21 May 2014 17:52:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id ADCE32EBD; Wed, 21 May 2014 17:52:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4LHqNPk029045; Wed, 21 May 2014 17:52:23 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4LHqNJi029044; Wed, 21 May 2014 17:52:23 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405211752.s4LHqNJi029044@svn.freebsd.org> From: Dru Lavigne Date: Wed, 21 May 2014 17:52:23 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44901 - head/en_US.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 May 2014 17:52:23 -0000 Author: dru Date: Wed May 21 17:52:23 2014 New Revision: 44901 URL: http://svnweb.freebsd.org/changeset/doc/44901 Log: Editorial review of Allocating Disk Space and Committing to the Install sections. Ignore Designing the Partition Layout for now as it belongs elsewhere. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Wed May 21 15:17:21 2014 (r44900) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Wed May 21 17:52:23 2014 (r44901) @@ -891,9 +891,9 @@ Ethernet address 0:3:ba:b:92:d4, Host ID This section shows the order of the bsdinstall menus and the type of information that will be asked before the system is installed. - Use the up and down arrows to highlight a menu option, then the - Space key to select or deselect a menu item. - Then, use Enter to save the selection and move + Use the arrow keys to highlight a menu option, then the + Space key to select or deselect that menu item. + When finished, use Enter to save the selection and move onto the next screen. @@ -1007,7 +1007,7 @@ Ethernet address 0:3:ba:b:92:d4, Host ID Deciding which components to install will depend largely on the intended use of the system and the amount of disk space available. The &os; kernel and userland, collectively known - as the base system, are always installed. + as the base system, are always installed. Depending on the architecture, some of these components may not appear: @@ -1036,15 +1036,10 @@ Ethernet address 0:3:ba:b:92:d4, Host ID ports - The &os; Ports - Collection. - - The ports collection is an easy and convenient way to - install software. The Ports Collection does not contain - the source code necessary to compile the software. - Instead, it is a collection of files which automates the + Collection is a collection of files which automates the downloading, compiling and installation of third-party software packages. discusses how - to use the ports collection. + to use the Ports Collection. The installation program does not check for @@ -1056,30 +1051,29 @@ Ethernet address 0:3:ba:b:92:d4, Host ID - src - System source code. - - &os; comes with full source code for both the kernel + src - The complete &os; source code for both the kernel and the userland. Although not required for the majority - of applications, it may be required to build certain - software supplied as source (for example, device drivers - or kernel modules), or for developing &os; itself. - - The full source tree requires 1 GB of disk space, + of applications, it may be required to build + device drivers, kernel modules, or some applications from + the Ports Collection. It is also used for developing &os; + itself. The full source tree requires 1 GB of disk space and recompiling the entire &os; system requires an additional 5 GB of space.             - - + Installing from the Network - The bootonly installation media does - not hold copies of the installation files. When a - bootonly installation method is used, the - files must be retrieved over a network connection as they are - needed. + The menu shown in only appears when + installing from a -bootonly.iso + CD as this installation media does + not hold copies of the installation files. Since the installation + files must be retrieved over a network connection, this menu + indicates that the network interface must be first + configured.
            Installing from the Network @@ -1092,13 +1086,14 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - After the network connection has been configured as shown in - , a mirror site - is selected. Mirror sites cache copies of the &os; files. - Choose a mirror site located in the same region of the world as + To configure the network connection, press + Enter and follow the instructions in + . Once the + interface is configured, select a mirror site that is + located in the same region of the world as the computer on which &os; is being installed. Files can be retrieved more quickly when the mirror is close to the target - computer, and installation time will be reduced. + computer, reducing installation time.
            Choosing a Mirror @@ -1111,26 +1106,20 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - Installation will continue as if the installation files - were located on local media. + Installation will then continue as if the installation files + were located on the local installation media. +             Allocating Disk Space - There are four ways to allocate disk space for &os;. - Guided partitioning automatically sets up - disk partitions, while Manual partitioning - allows advanced users to create customized partitions. The - ZFS option, only available in &os; 10 and - later, will create an optionally encrypted root-on-ZFS system - with support for Boot Environments. Finally, there's the option - of starting a shell where command-line programs like - &man.gpart.8;, &man.fdisk.8;, and &man.bsdlabel.8; can be used - directly. + The next menu is used to determine the method for + allocating disk space. The options available in the menu + depend upon the version of &os; being installed.
            - Selecting Guided, Manual or Shell Partitioning + Partitioning Choices on &os; 9.x @@ -1141,8 +1130,7 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - Selecting Guided, Manual, Shell or - <acronym>ZFS</acronym> Partitioning + Partitioning Choices on &os; 10.x and Higher @@ -1151,9 +1139,19 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            + Guided partitioning automatically sets up + the disk partitions, Manual partitioning + allows advanced users to create customized partitions from menu + options, and Shell opens a shell prompt where + advanced users can create customized partitions using + command-line utilities like &man.gpart.8;, &man.fdisk.8;, and &man.bsdlabel.8;. + ZFS partitioning, only available in &os; 10 and + later, creates an optionally encrypted root-on-ZFS system + with support for boot environments. + This section describes what to consider when laying out the - disk partitions. It then demonstrates how to use both the - Guided Partitioning and Manual Partitioning screens. + disk partitions. It then demonstrates how to use the different + partitioning methods. Designing the Partition Layout @@ -1252,7 +1250,8 @@ Ethernet address 0:3:ba:b:92:d4, Host ID Guided Partitioning - If multiple disks are connected, choose the one where &os; + When this method is selected, a menu will display the + available disk(s). If multiple disks are connected, choose the one where &os; is to be installed.
            @@ -1266,13 +1265,14 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - The entire disk or a portion of it can be allocated to - &os;. If + Once the disk is selected, the next menu prompts to install + to either the entire disk or to create a partition using free space. + If [ Entire Disk ] is chosen, a general partition layout filling the whole disk is - created. Selecting + automatically created. Selecting [ Partition ] creates a - partition layout in unused space on the disk. + partition layout from the unused space on the disk.
            Selecting Entire Disk or Partition @@ -1285,12 +1285,12 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - After the partition layout has been created, review it - carefully for accuracy. If a mistake has been made, selecting + After the partition layout has been created, review it to + ensure it meets the needs of the installation. Selecting [ Revert ] will reset the - partitions as they were previously, or + partitions to their original values and pressing [ Auto ] will recreate the - automatic &os; partitions. Partitions can be manually + automatic &os; partitions. Partitions can also be manually created, modified, or deleted. When the partitioning is correct, select [ Finish ] to continue with the installation. @@ -1309,8 +1309,8 @@ Ethernet address 0:3:ba:b:92:d4, Host ID Manual Partitioning - Manual partitioning goes straight to the partition - editor. + Selecting this method opens the partition + editor:
            Manually Create Partitions @@ -1323,11 +1323,10 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - Highlighting a drive (ada0 in this - example) and selecting - [ Create ] displays a menu - for choosing the type of partitioning - scheme. + Highlight the installation drive (ada0 in this + example) and select + [ Create ] to display a menu + of available partition schemes:
            Manually Create Partitions @@ -1340,12 +1339,12 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - GPT partitioning is usually the most - appropriate choice for PC-compatible computers. Older PC - operating systems that are not compatible with - GPT may require MBR - partitioning instead. The other partitioning schemes are - generally used for uncommon or older computer systems. + GPT is usually the most + appropriate choice for &arch.amd64; computers. Older computers + that are not compatible with + GPT should use MBR. + The other partition schemes are + generally used for uncommon or older computers. Partitioning Schemes @@ -1361,16 +1360,15 @@ Ethernet address 0:3:ba:b:92:d4, Host ID APM - Apple Partition Map, used by &powerpc; - &macintosh; (http://support.apple.com/kb/TA21692). + Apple Partition Map, used by &powerpc;. BSD - BSD Labels without an MBR, sometimes called - dangerously dedicated mode. See - &man.bsdlabel.8;. + BSD label without an + MBR, sometimes called + dangerously dedicated mode as + non-BSD disk utilities may not recognize it. @@ -1387,7 +1385,7 @@ Ethernet address 0:3:ba:b:92:d4, Host ID PC98 - MBR ariant used by NEC PC-98 computers (MBR variant used by NEC PC-98 computers (http://en.wikipedia.org/wiki/Pc9801). @@ -1401,8 +1399,8 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            After the partitioning scheme has been selected and - created, selecting [ Create ] - again will create new partitions. + created, select [ Create ] + again to create the partitions.
            Manually Create Partitions @@ -1419,15 +1417,13 @@ Ethernet address 0:3:ba:b:92:d4, Host ID at least three partitions: - Standard &os; <acronym>GPT</acronym> Partitions - - freebsd-boot - &os; boot + freebsd-boot - Holds the &os; boot code. - freebsd-ufs - A &os; UFS file + freebsd-ufs - A &os; UFS file system. @@ -1439,48 +1435,48 @@ Ethernet address 0:3:ba:b:92:d4, Host ID Another partition type worth noting is freebsd-zfs, used for partitions that will - contain a &os; ZFS file system. . &man.gpart.8; shows more of + contain a &os; ZFS file system (). Refer to &man.gpart.8; for descriptions of the available GPT partition types. - Multiple file system partitions can be used, and some - people may prefer a traditional layout with separate + Multiple file system partitions can be created and some + people prefer a traditional layout with separate partitions for the /, /var, /tmp, and /usr file systems. See for an example. - Size may be entered with common abbreviations: + The Size may be entered with common abbreviations: K for kilobytes, M for megabytes, or G for gigabytes. Proper sector alignment provides the best performance, - and making partition sizes even multiples of 4K bytes helps + and making partition sizes even multiples of 4K-bytes helps to ensure alignment on drives with either 512-byte or 4K-byte sectors. Generally, using partition sizes that are even multiples of 1M or 1G is the easiest way to make sure - every partition starts at an even multiple of 4K. One - exception: at present, the freebsd-boot - partition should be no larger than 512K due to boot code + every partition starts at an even multiple of 4K. There is one + exception: the freebsd-boot + partition should be no larger than 512K due to current boot code limitations. - A mountpoint is needed if this partition will contain a - file system. If only a single UFS partition will be created, + A Mountpoint is needed if the partition will contain a + file system. If only a single UFS partition will be created, the mountpoint should be /. - A label is also requested. A label - is a name by which this partition will be known. Drive + The Label is + a name by which the partition will be known. Drive names or numbers can change if the drive is connected to a different controller or port, but the partition label does not change. Referring to labels instead of drive names and partition numbers in files like /etc/fstab makes the system more tolerant - of changing hardware. GPT labels appear in + to hardware changes. GPT labels appear in /dev/gpt/ when a disk is attached. Other - partitioning schemes have different label capabilities, and + partitioning schemes have different label capabilities and their labels appear in different directories in /dev/. @@ -1488,9 +1484,9 @@ Ethernet address 0:3:ba:b:92:d4, Host ID Use a unique label on every file system to avoid conflicts from identical labels. A few letters from the computer's name, use, or location can be added to the label. - For instance, labroot or - rootfs-lab for the UFS root partition on - the lab's computer. + For instance, use labroot or + rootfs-lab for the UFS root partition on + the computer named lab. @@ -1511,7 +1507,7 @@ Ethernet address 0:3:ba:b:92:d4, Host ID label values as described above. By default, &os;'s gptboot expects - the first UFS partition found to be the + the first UFS partition to be the / partition. @@ -1583,23 +1579,23 @@ Ethernet address 0:3:ba:b:92:d4, Host ID installations was added in &os; 10.0-RELEASE. This partitioning mode only works with whole disks and will erase the contents of the entire disk. The installer will - automatically create partitions aligned to 4k boundaries, as - well as force ZFS to use 4k sectors. This + automatically create partitions aligned to 4k boundaries and + force ZFS to use 4k sectors. This is safe even with 512 byte sector disks, and has the added benefit of ensuring that pools created on 512 byte disks will - be able to have 4k sector disks added to them in the future, - for additional storage space, or as replacements for failed - disks. The installer can also optionally employ GELI disk + be able to have 4k sector disks added in the future, either as + additional storage space or as replacements for failed + disks. The installer can also optionally employ GELI disk encryption as described in . - If encryption is enabled, a 2 GB unencrypted boot pool is - created that contains the /boot - directory, which holds the kernel and other files necessary + If encryption is enabled, a 2 GB unencrypted boot pool + containing the /boot + directory is created. It holds the kernel and other files necessary to boot the system. A swap partition of a user selectable size is also created, and all remaining space is used for the ZFS pool. - The main ZFS menu in the installer + The main ZFS configuration menu offers a number of options to control the creation of the pool. @@ -1613,8 +1609,9 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - The most important option is selecting the vdev type and - one or more disks that will make up the vdev that will + Select T to configure the Pool + Type and + the disk(s) that will constitute the pool. The automatic ZFS installer currently only supports the creation of a single top level vdev, except in stripe mode. To create more complex @@ -1624,9 +1621,10 @@ Ethernet address 0:3:ba:b:92:d4, Host ID including stripe (not recommended, no redundancy), mirror (best performance, least usable space), and RAID-Z 1, 2, and 3 (with the capability to withstand the concurrent failure of 1, - 2, and 3 disks, respectively). A tooltip across the bottom of - the screen while selecting the pool type provides advice about - the number of required disks for each type, and in the case of + 2, and 3 disks, respectively). while selecting the pool type, + a tooltip is displayed across the bottom of + the screen with advice about + the number of required disks, and in the case of RAID-Z, the optimal number of disks for each configuration. @@ -1640,10 +1638,10 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - Once a pool type has been selected, a list of available + Once a Pool Type has been selected, a list of available disks is displayed, and the user is prompted to select one or more disks to make up the pool. The configuration is then - validated, to ensure enough disks were selected. If not, + validated, to ensure enough disks are selected. If not, select <Change Selection> to return to the list of disks, or <Cancel> to change the pool @@ -1674,11 +1672,11 @@ Ethernet address 0:3:ba:b:92:d4, Host ID If one or more disks are missing from the list, or if disks were attached after the installer was started, select - Rescan Devices to repopulate the list - of available disks. To ensure that the correct disk is + of available disks. To ensure that the correct disks are selected, so as not to accidently destroy the wrong disks, the - Disk Info menu can be used to inspect - each disk, including its partition table, and various other - information, including the device model number and serial + each disk, including its partition table and various other + information such as the device model number and serial number, if available.
            @@ -1691,16 +1689,17 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - The menu also allows the user to enter a name for the - pool, disable forcing 4k sectors, enable or disable + The main ZFS configuration menu also + allows the user to enter a pool name, + disable forcing 4k sectors, enable or disable encryption, switch between GPT (recommended) and MBR partition table - types, and select the desired amount of swap space. Once all + types, and select the amount of swap space. Once all options have been set to the desired values, select the >>> Install option at the top of the menu. - If &man.geli.8; disk encryption was enabled, the + If GELI disk encryption was enabled, the installer will prompt twice for the passphrase to be used to encrypt the disks. @@ -1736,25 +1735,31 @@ Ethernet address 0:3:ba:b:92:d4, Host ID Shell Mode Partitioning - When creating advanced installations the basic interface - of bsdinstall may not provide the level of flexibility - required. Selecting the Shell option - from the partitioning menu will drop the user to a shell. The - user is expected to partition the drives and create the - desired file system(s), populate an &man.fstab.5; file in + When creating advanced installations, the + bsdinstall paritioning menus may + not provide the level of flexibility + required. Advanced users can select the Shell option + from the partitioning menu in order to + manually partition the drives, create the + file system(s), populate /tmp/bsdinstall_etc/fstab, and mount the file systems under /mnt. Once this is - done, running exit will return to - bsdinstall and continue the installation, starting with the - extraction of the distribution sets. + done, type exit to return to + bsdinstall and continue the installation. Committing to the Installation - This is the last chance for aborting the installation to - prevent changes to the hard drive. + Once the disks are configured, the next menu provides the + last chance to make changes before the selected + hard drive(s) are formatted. If changes need to be made, + select [ Back ] to return to + the main partitioning menu. + [ Revert & Exit ] + will exit the installer without making any changes to the hard + drive.
            Final Confirmation @@ -1767,27 +1772,18 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - Select [ Commit ] and press - Enter to proceed. If changes need to be made, - select [ Back ] to return to - the partition editor. - [ Revert & Exit ] - will exit the installer without making any changes to the hard - drive. + To instead start the actual installation, select + [ Commit ] and press + Enter. Installation time will vary depending on the distributions - chosen, installation media, and speed of the computer. There - will be a series of messages displayed indicating + chosen, installation media, and speed of the computer. A + series of messages will indicate the progress. - Firstly, the installer will write the partitions to the - disk, and perform a newfs to initialise the - partitions. - - If doing a network install, - bsdinstall will then proceed to - download the required distribution files. - + First, the installer formats the selected disk(s) and + initializes the partitions. Next, in the case of a bootonly + media, it downloads the selected components:
            Fetching Distribution Files @@ -1800,9 +1796,9 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - Next, the integrity of the distribution files is verified, + Next, the integrity of the distribution files is verified to ensure they have not been corrupted during download or - misread from the installation media. + misread from the installation media:
            Verifying Distribution Files @@ -1816,7 +1812,7 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            Finally, the verified distribution files are extracted to - the disk. + the disk:
            Extracting Distribution Files @@ -1830,9 +1826,9 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            Once all requested distribution files have been extracted, - bsdinstall will then drop straight - into the post-installation configuration tasks described in - . + bsdinstall displays the first + post-installation menu. This series of menus is described in + the next section.             From owner-svn-doc-all@FreeBSD.ORG Wed May 21 19:51:47 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BF32A24E; Wed, 21 May 2014 19:51:47 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AB43E29D7; Wed, 21 May 2014 19:51:47 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4LJplXN080567; Wed, 21 May 2014 19:51:47 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4LJpls9080566; Wed, 21 May 2014 19:51:47 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405211951.s4LJpls9080566@svn.freebsd.org> From: Dru Lavigne Date: Wed, 21 May 2014 19:51:47 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44902 - head/en_US.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 May 2014 19:51:47 -0000 Author: dru Date: Wed May 21 19:51:47 2014 New Revision: 44902 URL: http://svnweb.freebsd.org/changeset/doc/44902 Log: Editorial review of first 1/3 of Post-Installation Configuration. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Wed May 21 17:52:23 2014 (r44901) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Wed May 21 19:51:47 2014 (r44902) @@ -1827,24 +1827,32 @@ Ethernet address 0:3:ba:b:92:d4, Host ID Once all requested distribution files have been extracted, bsdinstall displays the first - post-installation menu. This series of menus is described in + post-installation configuration screen. The available + post-configuration options are described in the next section. Post-Installation - Configuration of various options follows a successful - installation of &os;. An option can be configured by - re-entering the configuration options from the final menu before - booting into the newly installed &os; system. + Once &os; is installed, + bsdinstall will prompt to configure + several options before booting into the newly installed system. + This section describes these configuration options. + + + Once the system has booted, + bsdconfig provides a menu-driven method for + configuring the system using these and additional + options. + Setting the <systemitem class="username">root</systemitem> Password - The root - password must be set. Note that while entering the password, + First, the root + password must be set. While entering the password, the characters being typed are not displayed on the screen. After the password has been entered, it must be entered again. This helps prevent typing errors. @@ -1860,23 +1868,20 @@ Ethernet address 0:3:ba:b:92:d4, Host ID - - After the password has been successfully entered, the - installation will continue. Configuring Network Interfaces + Next, a list of the network interfaces found on the computer + is shown. Select the interface to configure. + - Network configuration will be skipped if it has already - been done as part of a bootonly + The network configuration menus will be skipped if the network was previously + configured as part of a bootonly installation. - A list of all the network interfaces found on the computer - is shown next. Select one to be configured. -
            Choose a Network Interface @@ -1888,26 +1893,11 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - - Configuring a Wireless Network Interface - - If a wireless network interface is chosen, wireless - identification and security parameters must be entered to - allow it to connect to the network. - - Wireless networks are identified by a Service Set - Identifier, or SSID. The - SSID is a short, unique name given to - each network. - - Most wireless networks encrypt transmitted data to - protect information from unauthorized viewing. - WPA2 encryption is strongly recommended. - Older encryption types, like WEP, offer - very little security. - - The first step in connecting to a wireless network is to - scan for wireless access points. + If an Ethernet interface is selected, the installer will + skip ahead to the menu shown in . If a wireless + network interface is chosen, the system will instead scan + for wireless access points:
            Scanning for Wireless Access Points @@ -1920,7 +1910,9 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - SSIDs + Wireless networks are identified by a Service Set + Identifier (SSID), a short, unique name given to + each network. SSIDs found during the scan are listed, followed by a description of the encryption types available for that network. If the desired SSID does not appear in the list, @@ -1941,12 +1933,14 @@ Ethernet address 0:3:ba:b:92:d4, Host ID - The encryption information for connecting to the - selected wireless network is entered after selecting the - network. With WPA2, only a password - (also known as the Pre-Shared Key, or - PSK) is needed. Characters typed into - the input box are shown as asterisks for security. + Next, enter the encryption information for connecting to the + selected wireless network. + WPA2 encryption is strongly recommended as + older encryption types, like WEP, offer + little security. If the network uses WPA2, input the password, + also known as the Pre-Shared Key (PSK). + For security reasons, the characters typed into + the input box are displayed as asterisks.
            WPA2 Setup @@ -1959,20 +1953,12 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - Network configuration continues after selection of the - wireless network and entry of the connection - information. -             - - - Configuring IPv4 Networking - - Choose whether IPv4 networking is to - be used. This is the most common type of network - connection. + Next, choose whether or not an IPv4 + address should be configured on the Ethernet or wireless + interface:
            - Choose IPv4 Networking + Choose <acronym>IPv4</acronym> Networking @@ -1984,26 +1970,27 @@ Ethernet address 0:3:ba:b:92:d4, Host ID There are two methods of IPv4 configuration. - DHCP will - automatically configure the network interface correctly, and - is the preferred method. Static - configuration requires manual entry of network - information. + DHCP will + automatically configure the network interface correctly and + should be used if the network provides a + DHCP server. Otherwise, the addressing + information needs to be input manually as a static + configuration. - Do not enter random network information, as it will - not work. Obtain the information shown in Do not enter random network information as it will + not work. If a DHCP server is not + available, obtain the information listed in from - the network administrator or service provider. + the network administrator or Internet service provider. - - <acronym>IPv4</acronym> <acronym>DHCP</acronym> - Network Configuration - If a DHCP server is available, - select [ Yes ] to - automatically configure the network interface. + select [ Yes ] in the next menu to + automatically configure the network interface. The + installer will appear to pause for a minute or so as it + finds the DHCP server and obtains the + addressing information for the system.
            Choose <acronym>IPv4</acronym> @@ -2016,14 +2003,10 @@ Ethernet address 0:3:ba:b:92:d4, Host ID </imageobject> </mediaobject> </figure> - </sect4> - - <sect4 xml:id="bsdinstall-net-ipv4-static-config"> - <title><acronym>IPv4</acronym> Static Network - Configuration - Static configuration of the network interface requires - entry of some IPv4 information. + If a DHCP server is not available, + select [ No ] and input + the following addressing information in this menu:
            <acronym>IPv4</acronym> Static @@ -2040,35 +2023,26 @@ Ethernet address 0:3:ba:b:92:d4, Host ID <itemizedlist> <listitem> <para><literal>IP Address</literal> - The - manually-assigned <acronym>IPv4</acronym> address to - be assigned to this computer. This address must be + <acronym>IPv4</acronym> address + assigned to this computer. The address must be unique and not already in use by another piece of equipment on the local network.</para> </listitem> <listitem> <para><literal>Subnet Mask</literal> - The subnet mask - used for the local network. Typically, this is - <literal>255.255.255.0</literal>.</para> + for the network.</para> </listitem> <listitem> - <para><literal>Default Router</literal> - The IP address - of the default router on this network. Usually this - is the address of the router or other network - equipment that connects the local network to the - Internet. Also known as the - <emphasis>default gateway</emphasis>.</para> + <para><literal>Default Router</literal> - The <acronym>IP</acronym> address + of the network's default gateway.</para> </listitem> </itemizedlist> - </sect4> - </sect3> - - <sect3 xml:id="bsdinstall-ipv6"> - <title>Configuring IPv6 Networking - IPv6 is a newer method of network - configuration. If IPv6 is available and + The next screen will ask if the interface should be + configured for IPv6. + If IPv6 is available and desired, choose [ Yes ] to select it. @@ -2083,23 +2057,20 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - IPv6 also has two methods of configuration. - SLAAC , or - StateLess Address AutoConfiguration, - will automatically configure the network interface - correctly. Static configuration + IPv6 also has two methods of configuration. + StateLess Address AutoConfiguration (SLAAC) + will automatically request the correct configuration + information from a local router. Refer to http://tools.ietf.org/html/rfc4862 + for more information. Static configuration requires manual entry of network information. - - <acronym>IPv6</acronym> Stateless Address - Autoconfiguration - - SLAAC allows an - IPv6 network component to request - autoconfiguration information from a local router. See - http://tools.ietf.org/html/rfc4862 - for more information. + If an IPv6 router is available, + select [ Yes ] in the + next menu to automatically configure the network + interface. The installer will appear to pause for a + minute or so as it finds the router and obtains the + addressing information for the system.
            Choose IPv6 SLAAC Configuration @@ -2111,15 +2082,10 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            -             - - <acronym>IPv6</acronym> Static Network - Configuration - - Static configuration of the network interface requires - entry of the IPv6 configuration - information. + If an IPv6 router is not available, + select [ No ] and input the + following addressing information in this menu:
            IPv6 Static Configuration @@ -2135,36 +2101,27 @@ Ethernet address 0:3:ba:b:92:d4, Host ID IPv6 Address - The - manually-assigned IP address to be - assigned to this computer. This address must be + IPv6 address + assigned to this computer. The address must be unique and not already in use by another piece of equipment on the local network. - Default Router - The IPv6 - address of the default router on this network. - Usually this is the address of the router or other - network equipment that connects the local network to - the Internet. Also known as the default - gateway. + Default Router - The IPv6 + address of the network's default gateway. - - - - Configuring <acronym>DNS</acronym> - - The Domain Name System (DNS) resolver + The last network configuration menu is used to configure the Domain Name System (DNS) resolver, which converts hostnames to and from network addresses. If DHCP or SLAAC was used to autoconfigure the network interface, the Resolver Configuration values may already - be present. Otherwise, enter the local network's domain + be filled in. Otherwise, enter the local network's domain name in the Search field. DNS #1 and DNS #2 are - the IP addresses for the local + the IPv4 and/or IPv6 addresses of the DNS servers. At least one DNS server is required. @@ -2178,7 +2135,6 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - From owner-svn-doc-all@FreeBSD.ORG Wed May 21 20:39:01 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B172E3A2; Wed, 21 May 2014 20:39:01 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9D1D12D9E; Wed, 21 May 2014 20:39:01 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4LKd1Mc099642; Wed, 21 May 2014 20:39:01 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4LKd1wN099641; Wed, 21 May 2014 20:39:01 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405212039.s4LKd1wN099641@svn.freebsd.org> From: Dru Lavigne Date: Wed, 21 May 2014 20:39:01 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44903 - head/en_US.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 May 2014 20:39:01 -0000 Author: dru Date: Wed May 21 20:39:01 2014 New Revision: 44903 URL: http://svnweb.freebsd.org/changeset/doc/44903 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Wed May 21 19:51:47 2014 (r44902) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Wed May 21 20:39:01 2014 (r44903) @@ -431,11 +431,11 @@ Prepare the Installation Media - The &os; installer is not an application that can be run from - within another operating system. Instead, download a &os; - installation file, burn it to the media associated with its - file type and size (CD, - DVD, or USB), and boot + The &os; installer is not an application that can be run + from within another operating system. Instead, download a + &os; installation file, burn it to the media associated with + its file type and size (CD, + DVD, or USB), and boot the system to install from the inserted media. &os; installation files are available at DVD, download - FreeBSD-10.0-RELEASE-amd64-dvd1.iso, - burn this file to a DVD, and boot the - system with the DVD inserted. + FreeBSD-10.0-RELEASE-amd64-dvd1.iso, burn + this file to a DVD, and boot the system + with the DVD inserted. Several file types are available, though not all file types are available for all architectures. The possible file @@ -491,8 +491,8 @@ - Also download CHECKSUM.SHA256 from the - same directory as the image file and use it to check the + Also download CHECKSUM.SHA256 from + the same directory as the image file and use it to check the image file's integrity by calculating a checksum. &os; provides &man.sha256.1; for this, while other operating systems have similar programs. @@ -509,93 +509,90 @@ memory stick, it cannot just be copied to the target device. Several applications are available for burning the *.img to a - USB stick. This section describes two - of these utilities. + USB stick. This section describes two of + these utilities. - - Before proceeding, back up any important - data on the USB stick as this procedure will - erase the existing data on the stick. - - - - Using <command>dd</command> to Write the - Image - - - This example uses - /dev/da0 as the target device - where the image will be written. Be very - careful that the correct device is used as - this command will destroy the existing data on the - specified target device. - - - - The dd command-line utility is - included on BSD, Linux, and &macos; systems. To burn - the image using dd, insert the - USB stick and determine its device - name. Then, specify the name of the downloaded - installation file and the device name for the - USB stick. This example burns the - &arch.amd64; installation image to the first - USB device on an existing &os; - system. - - &prompt.root; dd if=FreeBSD-10.0-RELEASE-amd64-memstick.img of=/dev/da0 bs=64k - - Should this command fail, verify that the - USB stick is not mounted and that - the device name is for the disk, not a partition. - Depending upon the operating system, this command may - need to be issued using - sudo. - - - - - Using &windows; to Write the Image - - - Be sure to give the correct drive letter as the - existing data on the specified drive will be overwritten - and destroyed. - - - - Obtaining <application>Image Writer for - &windows;</application> - - Image Writer for - &windows; is a free application that - can correctly write an image file to a memory stick. - Download it from https://launchpad.net/win32-image-writer/ - and extract it into a folder. - - - - Writing the Image with Image Writer - - Double-click the - Win32DiskImager icon to - start the program. Verify that the drive letter shown - under Device is the - drive with the memory stick. Click the folder icon - and select the image to be written to the memory - stick. Click - [ Save ] to accept - the image file name. Verify that everything is - correct, and that no folders on the memory stick are - open in other windows. When everything is ready, - click [ Write ] to - write the image file to the memory stick. - - + + Before proceeding, back up any important data on the + USB stick as this procedure will erase + the existing data on the stick. + + + + Using <command>dd</command> to Write the + Image - You are now ready to start installing &os;. - + + This example uses /dev/da0 as + the target device where the image will be written. Be + very careful that the correct + device is used as this command will destroy the existing + data on the specified target device. + + + + The dd command-line utility is + included on BSD, Linux, and &macos; systems. To burn + the image using dd, insert the + USB stick and determine its device + name. Then, specify the name of the downloaded + installation file and the device name for the + USB stick. This example burns the + &arch.amd64; installation image to the first + USB device on an existing &os; + system. + + &prompt.root; dd if=FreeBSD-10.0-RELEASE-amd64-memstick.img of=/dev/da0 bs=64k + + Should this command fail, verify that the + USB stick is not mounted and that the + device name is for the disk, not a partition. Depending + upon the operating system, this command may need to be + issued using sudo. + + + + + Using &windows; to Write the Image + + + Be sure to give the correct drive letter as the + existing data on the specified drive will be overwritten + and destroyed. + + + + Obtaining <application>Image Writer for + &windows;</application> + + Image Writer for + &windows; is a free application that can + correctly write an image file to a memory stick. + Download it from https://launchpad.net/win32-image-writer/ + and extract it into a folder. + + + + Writing the Image with Image Writer + + Double-click the + Win32DiskImager icon to start + the program. Verify that the drive letter shown under + Device is the drive + with the memory stick. Click the folder icon and select + the image to be written to the memory stick. Click + [ Save ] to accept the + image file name. Verify that everything is correct, and + that no folders on the memory stick are open in other + windows. When everything is ready, click + [ Write ] to write the + image file to the memory stick. + + + + You are now ready to start installing &os;. + @@ -893,8 +890,8 @@ Ethernet address 0:3:ba:b:92:d4, Host ID information that will be asked before the system is installed. Use the arrow keys to highlight a menu option, then the Space key to select or deselect that menu item. - When finished, use Enter to save the selection and move - onto the next screen.             + When finished, use Enter to save the selection + and move onto the next screen. Selecting the Keymap Menu @@ -949,8 +946,8 @@ Ethernet address 0:3:ba:b:92:d4, Host ID In &os; 10.0-RELEASE and later, this menu has been enhanced. The full selection of keymaps is shown, with the default preselected. In addition, when selecting a different - keymap, a dialog is displayed that allows the user to try - the keymap and ensure it is correct before proceeding. + keymap, a dialog is displayed that allows the user to try the + keymap and ensure it is correct before proceeding.
            Enhanced Keymap Menu @@ -1007,9 +1004,9 @@ Ethernet address 0:3:ba:b:92:d4, Host ID Deciding which components to install will depend largely on the intended use of the system and the amount of disk space available. The &os; kernel and userland, collectively known - as the base system, are always installed. - Depending on the architecture, some of these components may - not appear: + as the base system, are always + installed. Depending on the architecture, some of these + components may not appear: @@ -1035,11 +1032,11 @@ Ethernet address 0:3:ba:b:92:d4, Host ID - ports - The &os; Ports - Collection is a collection of files which automates the - downloading, compiling and installation of third-party - software packages. discusses how - to use the Ports Collection. + ports - The &os; Ports Collection + is a collection of files which automates the downloading, + compiling and installation of third-party software + packages. discusses how to use + the Ports Collection. The installation program does not check for @@ -1051,64 +1048,64 @@ Ethernet address 0:3:ba:b:92:d4, Host ID - src - The complete &os; source code for both the kernel - and the userland. Although not required for the majority - of applications, it may be required to build - device drivers, kernel modules, or some applications from - the Ports Collection. It is also used for developing &os; - itself. The full source tree requires 1 GB of disk space - and recompiling the entire &os; system requires an - additional 5 GB of space. + src - The complete &os; source code + for both the kernel and the userland. Although not + required for the majority of applications, it may be + required to build device drivers, kernel modules, or some + applications from the Ports Collection. It is also used + for developing &os; itself. The full source tree requires + 1 GB of disk space and recompiling the entire &os; + system requires an additional 5 GB of space. - - Installing from the Network + + Installing from the Network - The menu shown in only appears when - installing from a -bootonly.iso - CD as this installation media does - not hold copies of the installation files. Since the installation - files must be retrieved over a network connection, this menu - indicates that the network interface must be first - configured. + The menu shown in only appears when + installing from a -bootonly.iso + CD as this installation media does not hold + copies of the installation files. Since the installation + files must be retrieved over a network connection, this menu + indicates that the network interface must be first + configured. -
            - Installing from the Network +
            + Installing from the Network - - - - - -
            + + + + + +
            - To configure the network connection, press - Enter and follow the instructions in - . Once the - interface is configured, select a mirror site that is - located in the same region of the world as - the computer on which &os; is being installed. Files can be - retrieved more quickly when the mirror is close to the target - computer, reducing installation time. + To configure the network connection, press + Enter and follow the instructions in . Once the + interface is configured, select a mirror site that is + located in the same region of the world as the computer on + which &os; is being installed. Files can be retrieved more + quickly when the mirror is close to the target computer, + reducing installation time. -
            - Choosing a Mirror +
            + Choosing a Mirror - - - - - -
            + + + + + +
            - Installation will then continue as if the installation files - were located on the local installation media. -             + Installation will then continue as if the installation + files were located on the local installation media. +             @@ -1144,10 +1141,11 @@ Ethernet address 0:3:ba:b:92:d4, Host ID allows advanced users to create customized partitions from menu options, and Shell opens a shell prompt where advanced users can create customized partitions using - command-line utilities like &man.gpart.8;, &man.fdisk.8;, and &man.bsdlabel.8;. - ZFS partitioning, only available in &os; 10 and - later, creates an optionally encrypted root-on-ZFS system - with support for boot environments. + command-line utilities like &man.gpart.8;, &man.fdisk.8;, and + &man.bsdlabel.8;. ZFS partitioning, only + available in &os; 10 and later, creates an optionally encrypted + root-on-ZFS system with support for boot + environments. This section describes what to consider when laying out the disk partitions. It then demonstrates how to use the different @@ -1251,8 +1249,8 @@ Ethernet address 0:3:ba:b:92:d4, Host ID Guided Partitioning When this method is selected, a menu will display the - available disk(s). If multiple disks are connected, choose the one where &os; - is to be installed. + available disk(s). If multiple disks are connected, choose + the one where &os; is to be installed.
            Selecting from Multiple Disks @@ -1265,9 +1263,9 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - Once the disk is selected, the next menu prompts to install - to either the entire disk or to create a partition using free space. - If + Once the disk is selected, the next menu prompts to + install to either the entire disk or to create a partition + using free space. If [ Entire Disk ] is chosen, a general partition layout filling the whole disk is automatically created. Selecting @@ -1309,8 +1307,7 @@ Ethernet address 0:3:ba:b:92:d4, Host ID Manual Partitioning - Selecting this method opens the partition - editor: + Selecting this method opens the partition editor:
            Manually Create Partitions @@ -1323,8 +1320,8 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - Highlight the installation drive (ada0 in this - example) and select + Highlight the installation drive + (ada0 in this example) and select [ Create ] to display a menu of available partition schemes: @@ -1339,11 +1336,10 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - GPT is usually the most - appropriate choice for &arch.amd64; computers. Older computers - that are not compatible with - GPT should use MBR. - The other partition schemes are + GPT is usually the most appropriate + choice for &arch.amd64; computers. Older computers that are + not compatible with GPT should use + MBR. The other partition schemes are generally used for uncommon or older computers. @@ -1368,7 +1364,8 @@ Ethernet address 0:3:ba:b:92:d4, Host ID BSD label without an MBR, sometimes called dangerously dedicated mode as - non-BSD disk utilities may not recognize it. + non-BSD disk utilities may not + recognize it. @@ -1385,7 +1382,8 @@ Ethernet address 0:3:ba:b:92:d4, Host ID PC98 - MBR variant used by NEC PC-98 computers (MBR variant used by NEC PC-98 + computers (http://en.wikipedia.org/wiki/Pc9801). @@ -1423,8 +1421,8 @@ Ethernet address 0:3:ba:b:92:d4, Host ID - freebsd-ufs - A &os; UFS file - system. + freebsd-ufs - A &os; + UFS file system. @@ -1436,20 +1434,22 @@ Ethernet address 0:3:ba:b:92:d4, Host ID Another partition type worth noting is freebsd-zfs, used for partitions that will contain a &os; ZFS file system (). Refer to &man.gpart.8; for descriptions of - the available GPT partition types. + linkend="filesystems-zfs"/>). Refer to &man.gpart.8; for + descriptions of the available GPT partition + types. Multiple file system partitions can be created and some - people prefer a traditional layout with separate - partitions for the /, - /var, /tmp, and - /usr file systems. See /, /var, + /tmp, and /usr file + systems. See for an example. - The Size may be entered with common abbreviations: - K for kilobytes, M - for megabytes, or G for gigabytes. + The Size may be entered with common + abbreviations: K for kilobytes, + M for megabytes, or + G for gigabytes. Proper sector alignment provides the best performance, @@ -1457,22 +1457,22 @@ Ethernet address 0:3:ba:b:92:d4, Host ID to ensure alignment on drives with either 512-byte or 4K-byte sectors. Generally, using partition sizes that are even multiples of 1M or 1G is the easiest way to make sure - every partition starts at an even multiple of 4K. There is one - exception: the freebsd-boot - partition should be no larger than 512K due to current boot code - limitations. + every partition starts at an even multiple of 4K. There is + one exception: the freebsd-boot + partition should be no larger than 512K due to current boot + code limitations. - A Mountpoint is needed if the partition will contain a - file system. If only a single UFS partition will be created, - the mountpoint should be /. - - The Label is - a name by which the partition will be known. Drive - names or numbers can change if the drive is connected to - a different controller or port, but the partition label does - not change. Referring to labels instead of drive names - and partition numbers in files like + A Mountpoint is needed if the partition + will contain a file system. If only a single + UFS partition will be created, the + mountpoint should be /. + + The Label is a name by which the + partition will be known. Drive names or numbers can change if + the drive is connected to a different controller or port, but + the partition label does not change. Referring to labels + instead of drive names and partition numbers in files like /etc/fstab makes the system more tolerant to hardware changes. GPT labels appear in /dev/gpt/ when a disk is attached. Other @@ -1485,8 +1485,9 @@ Ethernet address 0:3:ba:b:92:d4, Host ID conflicts from identical labels. A few letters from the computer's name, use, or location can be added to the label. For instance, use labroot or - rootfs-lab for the UFS root partition on - the computer named lab. + rootfs-lab for the UFS + root partition on the computer named + lab. @@ -1580,23 +1581,23 @@ Ethernet address 0:3:ba:b:92:d4, Host ID partitioning mode only works with whole disks and will erase the contents of the entire disk. The installer will automatically create partitions aligned to 4k boundaries and - force ZFS to use 4k sectors. This - is safe even with 512 byte sector disks, and has the added - benefit of ensuring that pools created on 512 byte disks will - be able to have 4k sector disks added in the future, either as - additional storage space or as replacements for failed - disks. The installer can also optionally employ GELI disk - encryption as described in ZFS to use 4k sectors. This is safe + even with 512 byte sector disks, and has the added benefit of + ensuring that pools created on 512 byte disks will be able to + have 4k sector disks added in the future, either as additional + storage space or as replacements for failed disks. The + installer can also optionally employ GELI + disk encryption as described in . If encryption is enabled, a 2 GB unencrypted boot pool - containing the /boot - directory is created. It holds the kernel and other files necessary - to boot the system. A swap partition of a user selectable - size is also created, and all remaining space is used for the + containing the /boot directory is + created. It holds the kernel and other files necessary to + boot the system. A swap partition of a user selectable size + is also created, and all remaining space is used for the ZFS pool. - The main ZFS configuration menu - offers a number of options to control the creation of the + The main ZFS configuration menu offers + a number of options to control the creation of the pool.
            @@ -1610,21 +1611,19 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            Select T to configure the Pool - Type and - the disk(s) that will - constitute the pool. The automatic ZFS - installer currently only supports the creation of a single - top level vdev, except in stripe mode. To create more complex - pools, use the instructions in to create the pool. The + Type and the disk(s) that will constitute the + pool. The automatic ZFS installer + currently only supports the creation of a single top level + vdev, except in stripe mode. To create more complex pools, + use the instructions in to create the pool. The installer supports the creation of various pool types, including stripe (not recommended, no redundancy), mirror (best performance, least usable space), and RAID-Z 1, 2, and 3 (with the capability to withstand the concurrent failure of 1, 2, and 3 disks, respectively). while selecting the pool type, - a tooltip is displayed across the bottom of - the screen with advice about - the number of required disks, and in the case of + a tooltip is displayed across the bottom of the screen with + advice about the number of required disks, and in the case of RAID-Z, the optimal number of disks for each configuration. @@ -1638,12 +1637,12 @@ Ethernet address 0:3:ba:b:92:d4, Host ID - Once a Pool Type has been selected, a list of available - disks is displayed, and the user is prompted to select one or - more disks to make up the pool. The configuration is then - validated, to ensure enough disks are selected. If not, - select <Change Selection> to - return to the list of disks, or + Once a Pool Type has been selected, a + list of available disks is displayed, and the user is prompted + to select one or more disks to make up the pool. The + configuration is then validated, to ensure enough disks are + selected. If not, select <Change + Selection> to return to the list of disks, or <Cancel> to change the pool type. @@ -1676,8 +1675,8 @@ Ethernet address 0:3:ba:b:92:d4, Host ID selected, so as not to accidently destroy the wrong disks, the - Disk Info menu can be used to inspect each disk, including its partition table and various other - information such as the device model number and serial - number, if available. + information such as the device model number and serial number, + if available.
            Analysing a Disk @@ -1690,18 +1689,18 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            The main ZFS configuration menu also - allows the user to enter a pool name, - disable forcing 4k sectors, enable or disable - encryption, switch between GPT - (recommended) and MBR partition table - types, and select the amount of swap space. Once all - options have been set to the desired values, select the + allows the user to enter a pool name, disable forcing 4k + sectors, enable or disable encryption, switch between + GPT (recommended) and + MBR partition table types, and select the + amount of swap space. Once all options have been set to the + desired values, select the >>> Install option at the top of the menu. - If GELI disk encryption was enabled, the - installer will prompt twice for the passphrase to be used to - encrypt the disks. + If GELI disk encryption was enabled, + the installer will prompt twice for the passphrase to be used + to encrypt the disks.
            Disk Encryption Password @@ -1737,15 +1736,15 @@ Ethernet address 0:3:ba:b:92:d4, Host ID When creating advanced installations, the bsdinstall paritioning menus may - not provide the level of flexibility - required. Advanced users can select the Shell option - from the partitioning menu in order to - manually partition the drives, create the - file system(s), populate + not provide the level of flexibility required. Advanced users + can select the Shell option from the + partitioning menu in order to manually partition the drives, + create the file system(s), populate /tmp/bsdinstall_etc/fstab, and mount the file systems under /mnt. Once this is done, type exit to return to - bsdinstall and continue the installation. + bsdinstall and continue the + installation. @@ -1753,10 +1752,10 @@ Ethernet address 0:3:ba:b:92:d4, Host ID Committing to the Installation Once the disks are configured, the next menu provides the - last chance to make changes before the selected - hard drive(s) are formatted. If changes need to be made, - select [ Back ] to return to - the main partitioning menu. + last chance to make changes before the selected hard drive(s) + are formatted. If changes need to be made, select + [ Back ] to return to the main + partitioning menu. [ Revert & Exit ] will exit the installer without making any changes to the hard drive. @@ -1777,9 +1776,8 @@ Ethernet address 0:3:ba:b:92:d4, Host ID Enter. Installation time will vary depending on the distributions - chosen, installation media, and speed of the computer. A - series of messages will indicate the - progress. + chosen, installation media, and speed of the computer. A series + of messages will indicate the progress. First, the installer formats the selected disk(s) and initializes the partitions. Next, in the case of a bootonly @@ -1828,8 +1826,8 @@ Ethernet address 0:3:ba:b:92:d4, Host ID Once all requested distribution files have been extracted, bsdinstall displays the first post-installation configuration screen. The available - post-configuration options are described in - the next section. + post-configuration options are described in the next + section. @@ -1839,7 +1837,7 @@ Ethernet address 0:3:ba:b:92:d4, Host ID bsdinstall will prompt to configure several options before booting into the newly installed system. This section describes these configuration options. - + Once the system has booted, bsdconfig provides a menu-driven method for @@ -1852,10 +1850,10 @@ Ethernet address 0:3:ba:b:92:d4, Host ID class="username">root Password First, the root - password must be set. While entering the password, - the characters being typed are not displayed on the screen. - After the password has been entered, it must be entered again. - This helps prevent typing errors. + password must be set. While entering the password, the + characters being typed are not displayed on the screen. After + the password has been entered, it must be entered again. This + helps prevent typing errors.
            Setting the <systemitem @@ -1873,13 +1871,13 @@ Ethernet address 0:3:ba:b:92:d4, Host ID <sect2 xml:id="bsdinstall-config-network-dev"> <title>Configuring Network Interfaces - Next, a list of the network interfaces found on the computer - is shown. Select the interface to configure. + Next, a list of the network interfaces found on the + computer is shown. Select the interface to configure. - The network configuration menus will be skipped if the network was previously - configured as part of a bootonly - installation. + The network configuration menus will be skipped if the + network was previously configured as part of a + bootonly installation.
            @@ -1893,248 +1891,245 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - If an Ethernet interface is selected, the installer will - skip ahead to the menu shown in . If a wireless - network interface is chosen, the system will instead scan - for wireless access points: - -
            - Scanning for Wireless Access Points - - - - - - -
            - - Wireless networks are identified by a Service Set - Identifier (SSID), a short, unique name given to - each network. SSIDs - found during the scan are listed, followed by a description - of the encryption types available for that network. If the - desired SSID does not appear in the list, - select [ Rescan ] to scan - again. If the desired network still does not appear, check - for problems with antenna connections or try moving the - computer closer to the access point. Rescan after each - change is made. - -
            - Choosing a Wireless Network - - - - - - -
            - - Next, enter the encryption information for connecting to the - selected wireless network. - WPA2 encryption is strongly recommended as - older encryption types, like WEP, offer - little security. If the network uses WPA2, input the password, - also known as the Pre-Shared Key (PSK). - For security reasons, the characters typed into - the input box are displayed as asterisks. - -
            - WPA2 Setup - - - - - - -
            - - Next, choose whether or not an IPv4 - address should be configured on the Ethernet or wireless - interface: - -
            - Choose <acronym>IPv4</acronym> Networking - - - - - - -
            - - There are two methods of IPv4 - configuration. - DHCP will - automatically configure the network interface correctly and - should be used if the network provides a - DHCP server. Otherwise, the addressing - information needs to be input manually as a static - configuration. - - - Do not enter random network information as it will - not work. If a DHCP server is not - available, obtain the information listed in from - the network administrator or Internet service provider. - - - If a DHCP server is available, - select [ Yes ] in the next menu to - automatically configure the network interface. The - installer will appear to pause for a minute or so as it - finds the DHCP server and obtains the - addressing information for the system. - -
            - Choose <acronym>IPv4</acronym> - <acronym>DHCP</acronym> Configuration - - - - - - -
            - - If a DHCP server is not available, - select [ No ] and input - the following addressing information in this menu: - -
            - <acronym>IPv4</acronym> Static - Configuration - - - - - - -
            - - - - IP Address - The - IPv4 address - assigned to this computer. The address must be - unique and not already in use by another piece of - equipment on the local network. - - - - Subnet Mask - The subnet mask - for the network. - - - - Default Router - The IP address - of the network's default gateway. - - - - The next screen will ask if the interface should be - configured for IPv6. - If IPv6 is available and - desired, choose [ Yes ] to - select it. - -
            - Choose IPv6 Networking - - - - - - -
            - - IPv6 also has two methods of configuration. - StateLess Address AutoConfiguration (SLAAC) - will automatically request the correct configuration - information from a local router. Refer to http://tools.ietf.org/html/rfc4862 - for more information. Static configuration - requires manual entry of network information. - - If an IPv6 router is available, - select [ Yes ] in the - next menu to automatically configure the network - interface. The installer will appear to pause for a - minute or so as it finds the router and obtains the - addressing information for the system. - -
            - Choose IPv6 SLAAC Configuration - - - - - - -
            - - If an IPv6 router is not available, - select [ No ] and input the - following addressing information in this menu: - -
            - IPv6 Static Configuration *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Thu May 22 05:05:51 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8DE8D90C; Thu, 22 May 2014 05:05:51 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 619A22542; Thu, 22 May 2014 05:05:51 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4M55pmY023506; Thu, 22 May 2014 05:05:51 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4M55pBR023505; Thu, 22 May 2014 05:05:51 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201405220505.s4M55pBR023505@svn.freebsd.org> From: Warren Block Date: Thu, 22 May 2014 05:05:51 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44904 - in head/en_US.ISO8859-1/books/fdp-primer: sgml-markup sgml-primer X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 May 2014 05:05:51 -0000 Author: wblock Date: Thu May 22 05:05:50 2014 New Revision: 44904 URL: http://svnweb.freebsd.org/changeset/doc/44904 Log: Remove leftover sgml-markup and sgml-primer chapters. Deleted: head/en_US.ISO8859-1/books/fdp-primer/sgml-markup/ head/en_US.ISO8859-1/books/fdp-primer/sgml-primer/ From owner-svn-doc-all@FreeBSD.ORG Thu May 22 10:45:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AF449754; Thu, 22 May 2014 10:45:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9CB84238B; Thu, 22 May 2014 10:45:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4MAjaRP079306; Thu, 22 May 2014 10:45:36 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4MAjadl079305; Thu, 22 May 2014 10:45:36 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405221045.s4MAjadl079305@svn.freebsd.org> From: Ryusuke SUZUKI Date: Thu, 22 May 2014 10:45:36 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44905 - head/ja_JP.eucJP/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 May 2014 10:45:36 -0000 Author: ryusuke Date: Thu May 22 10:45:36 2014 New Revision: 44905 URL: http://svnweb.freebsd.org/changeset/doc/44905 Log: - Merge the following from the English version: r44667 -> r44892 head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml ============================================================================== --- head/ja_JP.eucJP/share/xml/news.xml Thu May 22 05:05:50 2014 (r44904) +++ head/ja_JP.eucJP/share/xml/news.xml Thu May 22 10:45:36 2014 (r44905) @@ -20,7 +20,7 @@ the contents of will be preferred over <p>. $FreeBSD$ - Original revision: r44667 + Original revision: r44892 --> <news> <cvs:keyword xmlns:cvs="http://www.FreeBSD.org/XML/CVS"> @@ -31,6 +31,26 @@ <name>2014</name> <month> + <name>5</name> + + <day> + <name>17</name> + <event> + <p>新コミッタ就任: + <a href="mailto:allanjude@FreeBSD.org">Allan Jude</a> (doc)</p> + </event> + </day> + + <day> + <name>7</name> + <event> + <p>新コミッタ就任: + <a href="mailto:slm@FreeBSD.org">Stephen McConnell</a> (src)</p> + </event> + </day> + </month> + + <month> <name>4</name> <day> From owner-svn-doc-all@FreeBSD.ORG Thu May 22 12:54:22 2014 Return-Path: <owner-svn-doc-all@FreeBSD.ORG> Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A7D1CB61; Thu, 22 May 2014 12:54:22 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 880A12F2E; Thu, 22 May 2014 12:54:22 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4MCsMnR040175; Thu, 22 May 2014 12:54:22 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4MCsMGa040174; Thu, 22 May 2014 12:54:22 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405221254.s4MCsMGa040174@svn.freebsd.org> From: Dru Lavigne <dru@FreeBSD.org> Date: Thu, 22 May 2014 12:54:22 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44906 - head/en_US.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" <svn-doc-all.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/svn-doc-all/> List-Post: <mailto:svn-doc-all@freebsd.org> List-Help: <mailto:svn-doc-all-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=subscribe> X-List-Received-Date: Thu, 22 May 2014 12:54:22 -0000 Author: dru Date: Thu May 22 12:54:22 2014 New Revision: 44906 URL: http://svnweb.freebsd.org/changeset/doc/44906 Log: Editorial review of some more post-install config screens. More commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Thu May 22 10:45:36 2014 (r44905) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Thu May 22 12:54:22 2014 (r44906) @@ -2135,13 +2135,10 @@ Ethernet address 0:3:ba:b:92:d4, Host ID <sect2 xml:id="bsdinstall-timezone"> <title>Setting the Time Zone - Setting the time zone for the machine will allow it to - automatically correct for any regional time changes and - perform other time zone related functions properly. - - The example shown is for a machine located in the Eastern - time zone of the United States. The selections will vary - according to the geographical location. + The next menu asks if the system clock + uses UTC or local time. When in doubt, select + [ No ] to choose the more + commonly-used local time.
            Select Local or UTC Clock @@ -2154,13 +2151,16 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - Select [ Yes ] - or [ No ] according to how - the machine's clock is configured and press - Enter. If it is not known whether the system - uses UTC or local time, select - [ No ] to choose the more - commonly-used local time. + The next series of menus are used to determine the + correct local time by selecting the geographic region, country, + and time zone. Setting the time zone allows the system to + automatically correct for regional time changes, such as + daylight savings time, and + perform other time zone related functions properly. + + The example shown here is for a machine located in the Eastern + time zone of the United States. The selections will vary + according to the geographical location.
            Select a Region @@ -2215,15 +2215,17 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            Confirm the abbreviation for the time zone is correct. If - it looks okay, press Enter to continue with + it is, press Enter to continue with the post-installation configuration. - Selecting Services to Enable + Enabling Services - Additional system services which will be started at boot - can be enabled. All of these services are optional. + The next menu is used to configure which system services + will be started whenever the system boots. + All of these services are optional. Only start the services + that are needed for the system to function.
            Selecting Additional Services to Enable @@ -2236,24 +2238,30 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - - Additional Services + Here is a summary of the services which can be enabled in + this menu: + - sshd - Secure Shell - (SSH) daemon for secure remote - access. + sshd - The Secure Shell + (SSH) daemon is used to remotely + access a system over an encrypted connection. Only enable + this service if the system should be available for remote + logins. - moused - Provides mouse usage - within the system console. + moused - Enable this service if the + mouse will be used from the command-line system + console. - ntpd - Network Time Protocol + ntpd - The Network Time Protocol (NTP) daemon for automatic clock - synchronization. + synchronization. Enable this service if there is a + &windows;, Kerberos, or LDAP server on + the network. @@ -2266,13 +2274,10 @@ Ethernet address 0:3:ba:b:92:d4, Host ID Enabling Crash Dumps - bsdinstall will prompt if crash - dumps should be enabled on the target system. Enabling crash - dumps can be very useful in debugging issues with the system, - so users are encouraged to enable crash dumps whenever - possible. Select [ Yes ] to - enable crash dumps, or [ No ] - to proceed without crash dumps enabled. + The next menu is used to configure whether or not crash + dumps should be enabled. Enabling crash + dumps can be useful in debugging issues with the system, + so users are encouraged to enable crash dumps.
            Enabling Crash Dumps From owner-svn-doc-all@FreeBSD.ORG Thu May 22 15:18:46 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3A2AE664; Thu, 22 May 2014 15:18:46 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 264CA2C3F; Thu, 22 May 2014 15:18:46 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4MFIka8005716; Thu, 22 May 2014 15:18:46 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4MFIkFf005715; Thu, 22 May 2014 15:18:46 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405221518.s4MFIkFf005715@svn.freebsd.org> From: Dru Lavigne Date: Thu, 22 May 2014 15:18:46 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44907 - head/en_US.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 May 2014 15:18:46 -0000 Author: dru Date: Thu May 22 15:18:45 2014 New Revision: 44907 URL: http://svnweb.freebsd.org/changeset/doc/44907 Log: Finish editorial review of Post-Install and Troubleshooting sections. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Thu May 22 12:54:22 2014 (r44906) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Thu May 22 15:18:45 2014 (r44907) @@ -2294,8 +2294,9 @@ Ethernet address 0:3:ba:b:92:d4, Host ID Add Users - Adding at least one user during the installation allows - the system to be used without being logged in as The next menu prompts to create at least one user account. + It is recommended to login to the system using a user account + rather than as root. When logged in as root, there are essentially no limits or protection on what can be done. @@ -2314,7 +2315,10 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - Enter the information for the user to be added. + Follow the prompts and input the requested information for + the user account. The example shown in creates the asample user account.
            Enter User Information @@ -2326,18 +2330,21 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            - - User Information + Here is a summary of the information to input: + Username - The name the user will - enter to log in. Typically the first letter of their - first name combined with their last name. + enter to log in. A common convention is to use the first letter of the + first name combined with the last name, as long as each + username is unique for the system. The username is case + sensitive and should not contain any spaces. Full name - The user's full - name. + name. This can contain spaces and is used as a + description for the user account. @@ -2348,13 +2355,15 @@ Ethernet address 0:3:ba:b:92:d4, Host ID Login group - The user's group. - Typically left blank to accept the default. + Typically this is left blank to accept the default. Invite user into other groups? - Additional groups to which the - user will be added as a member. + user will be added as a member. If the user needs + administrative access, type wheel + here. @@ -2363,9 +2372,10 @@ Ethernet address 0:3:ba:b:92:d4, Host ID - Shell - The interactive shell for - this user. In the example, &man.csh.1; has been - chosen. + Shell - Type in one of the listed + values to set the interactive shell for + the user. Refer to for more + information about shells. @@ -2381,21 +2391,24 @@ Ethernet address 0:3:ba:b:92:d4, Host ID Use password-based authentication? - - Typically yes. + - Typically yes so that the user is + prompted to input their password at login. Use an empty password? - - Typically no. + Typically no as it is insecure to have + a blank password. Use a random password? - Typically - no. + no so that the user can set their own + password in the next prompt. - Enter password - The actual + Enter password - The password for this user. Characters typed will not show on the screen. @@ -2408,13 +2421,12 @@ Ethernet address 0:3:ba:b:92:d4, Host ID Lock out the account after creation? - Typically - no. + no so that the user can login. - After entering everything, a summary is shown, and the - system asks if it is correct. If a mistake was made during - entry, enter no and try again. If + After entering everything, a summary is shown for review. + If a mistake was made, enter no and try again. If everything is correct, enter yes to create the new user. @@ -2458,8 +2470,6 @@ Ethernet address 0:3:ba:b:92:d4, Host ID configuration before completing the installation. - Final Configuration Options - Add User - Described in . @@ -2497,7 +2507,7 @@ Ethernet address 0:3:ba:b:92:d4, Host ID After any final configuration is complete, select - Exit to leave the installation. + Exit.
            Manual Configuration @@ -2514,7 +2524,7 @@ Ethernet address 0:3:ba:b:92:d4, Host ID are any additional configuration that needs to be done before rebooting into the new system. Select [ Yes ] to exit to a shell - within the new system, or + within the new system or [ No ] to proceed to the last step of the installation. @@ -2529,170 +2539,47 @@ Ethernet address 0:3:ba:b:92:d4, Host ID
            If further configuration or special setup is needed, - selecting [ Live CD ] - will boot the install media into Live CD + select [ Live CD ] + to boot the install media into Live CD mode. - When the installation is complete, select + If the installation is complete, select [ Reboot ] to reboot the computer and start the new &os; system. Do not forget to - remove the &os; install CD, - DVD, or USB memory - stick, or the computer may boot from it again. -             - - - &os; Booting and Shutdown + remove the &os; install media + or the computer may boot from it again. - - &os;/&arch.i386; Booting - - As &os; boots, many informational messages are - displayed. Most will scroll off the screen; this is normal. + As &os; boots, informational messages are + displayed. After the system finishes booting, a login prompt is - displayed. Messages that scrolled off the screen can be + displayed. At the login: prompt, enter the + username added during the installation. + Avoid logging in as root. Refer to for instructions on how to + become the superuser when administrative access is + needed. + + The messages that appeared during boot can be reviewed by pressing Scroll-Lock to turn on - the scroll-back buffer. The + the scroll-back buffer. The PgUp, PgDn, and arrow keys - can be used to scroll back through the messages. Pressing - Scroll-Lock again unlocks the display and - returns to the normal screen. - - At the login: prompt, enter the - username added during the installation, asample in the example. - Avoid logging in as root except when - necessary. - - The scroll-back buffer examined above is limited in - size, so not all of the messages may have been visible. - After logging in, most of them can be seen from the command - line by typing dmesg | less at the + can be used to scroll back through the messages. When finished, press + Scroll-Lock again to unlock the display and + return to the console. To review these messages once the + system has been up for some time, type + less /var/run/dmesg.boot from a command prompt. Press q to return to the command line after viewing. - Typical boot messages (version information - omitted): + If sshd was enabled in , the first boot may be + a bit slower as the system will generate the RSA and + DSA keys. Subsequent boots will be + faster. The fingerprints of the keys will be displayed, as seen in + this example: - Copyright (c) 1992-2011 The FreeBSD Project. -Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 - The Regents of the University of California. All rights reserved. -FreeBSD is a registered trademark of The FreeBSD Foundation. - - root@farrell.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 -CPU: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz (3007.77-MHz K8-class CPU) - Origin = "GenuineIntel" Id = 0x10676 Family = 6 Model = 17 Stepping = 6 - Features=0x783fbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE,SSE2> - Features2=0x209<SSE3,MON,SSSE3> - AMD Features=0x20100800<SYSCALL,NX,LM> - AMD Features2=0x1<LAHF> -real memory = 536805376 (511 MB) -avail memory = 491819008 (469 MB) -Event timer "LAPIC" quality 400 -ACPI APIC Table: <VBOX VBOXAPIC> -ioapic0: Changing APIC ID to 1 -ioapic0 <Version 1.1> irqs 0-23 on motherboard -kbd1 at kbdmux0 -acpi0: <VBOX VBOXXSDT> on motherboard -acpi0: Power Button (fixed) -acpi0: Sleep Button (fixed) -Timecounter "ACPI-fast" frequency 3579545 Hz quality 900 -acpi_timer0: <32-bit timer at 3.579545MHz> port 0x4008-0x400b on acpi0 -cpu0: <ACPI CPU> on acpi0 -pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0 -pci0: <ACPI PCI bus> on pcib0 -isab0: <PCI-ISA bridge> at device 1.0 on pci0 -isa0: <ISA bus> on isab0 -atapci0: <Intel PIIX4 UDMA33 controller> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xd000-0xd00f at device 1.1 on pci0 -ata0: <ATA channel 0> on atapci0 -ata1: <ATA channel 1> on atapci0 -vgapci0: <VGA-compatible display> mem 0xe0000000-0xe0ffffff irq 18 at device 2.0 on pci0 -em0: <Intel(R) PRO/1000 Legacy Network Connection 1.0.3> port 0xd010-0xd017 mem 0xf0000000-0xf001ffff irq 19 at device 3.0 on pci0 -em0: Ethernet address: 08:00:27:9f:e0:92 -pci0: <base peripheral> at device 4.0 (no driver attached) -pcm0: <Intel ICH (82801AA)> port 0xd100-0xd1ff,0xd200-0xd23f irq 21 at device 5.0 on pci0 -pcm0: <SigmaTel STAC9700/83/84 AC97 Codec> -ohci0: <OHCI (generic) USB controller> mem 0xf0804000-0xf0804fff irq 22 at device 6.0 on pci0 -usbus0: <OHCI (generic) USB controller> on ohci0 -pci0: <bridge> at device 7.0 (no driver attached) -acpi_acad0: <AC Adapter> on acpi0 -atkbdc0: <Keyboard controller (i8042)> port 0x60,0x64 irq 1 on acpi0 -atkbd0: <AT Keyboard> irq 1 on atkbdc0 -kbd0 at atkbd0 -atkbd0: [GIANT-LOCKED] -psm0: <PS/2 Mouse> irq 12 on atkbdc0 -psm0: [GIANT-LOCKED] -psm0: model IntelliMouse Explorer, device ID 4 -attimer0: <AT timer> port 0x40-0x43,0x50-0x53 on acpi0 -Timecounter "i8254" frequency 1193182 Hz quality 0 -Event timer "i8254" frequency 1193182 Hz quality 100 -sc0: <System console> at flags 0x100 on isa0 -sc0: VGA <16 virtual consoles, flags=0x300> -vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0 -atrtc0: <AT realtime clock> at port 0x70 irq 8 on isa0 -Event timer "RTC" frequency 32768 Hz quality 0 -ppc0: cannot reserve I/O port range -Timecounters tick every 10.000 msec -pcm0: measured ac97 link rate at 485193 Hz -em0: link state changed to UP -usbus0: 12Mbps Full Speed USB v1.0 -ugen0.1: <Apple> at usbus0 -uhub0: <Apple OHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus0 -cd0 at ata1 bus 0 scbus1 target 0 lun 0 -cd0: <VBOX CD-ROM 1.0> Removable CD-ROM SCSI-0 device -cd0: 33.300MB/s transfers (UDMA2, ATAPI 12bytes, PIO 65534bytes) -cd0: Attempt to query device size failed: NOT READY, Medium not present -ada0 at ata0 bus 0 scbus0 target 0 lun 0 -ada0: <VBOX HARDDISK 1.0> ATA-6 device -ada0: 33.300MB/s transfers (UDMA2, PIO 65536bytes) -ada0: 12546MB (25694208 512 byte sectors: 16H 63S/T 16383C) -ada0: Previously was known as ad0 -Timecounter "TSC" frequency 3007772192 Hz quality 800 -Root mount waiting for: usbus0 -uhub0: 8 ports with 8 removable, self powered -Trying to mount root from ufs:/dev/ada0p2 [rw]... -Setting hostuuid: 1848d7bf-e6a4-4ed4-b782-bd3f1685d551. -Setting hostid: 0xa03479b2. -Entropy harvesting: interrupts ethernet point_to_point kickstart. -Starting file system checks: -/dev/ada0p2: FILE SYSTEM CLEAN; SKIPPING CHECKS -/dev/ada0p2: clean, 2620402 free (714 frags, 327461 blocks, 0.0% fragmentation) -Mounting local file systems:. -vboxguest0 port 0xd020-0xd03f mem 0xf0400000-0xf07fffff,0xf0800000-0xf0803fff irq 20 at device 4.0 on pci0 -vboxguest: loaded successfully -Setting hostname: machine3.example.com. -Starting Network: lo0 em0. -lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 - options=3<RXCSUM,TXCSUM> - inet6 ::1 prefixlen 128 - inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 - inet 127.0.0.1 netmask 0xff000000 - nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> -em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 - options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM> - ether 08:00:27:9f:e0:92 - nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> - media: Ethernet autoselect (1000baseT <full-duplex>) - status: active -Starting devd. -Starting Network: usbus0. -DHCPREQUEST on em0 to 255.255.255.255 port 67 -DHCPACK from 10.0.2.2 -bound to 192.168.1.142 -- renewal in 43200 seconds. -add net ::ffff:0.0.0.0: gateway ::1 -add net ::0.0.0.0: gateway ::1 -add net fe80::: gateway ::1 -add net ff02::: gateway ::1 -ELF ldconfig path: /lib /usr/lib /usr/lib/compat /usr/local/lib -32-bit compatibility ldconfig path: /usr/lib32 -Creating and/or trimming log files. -Starting syslogd. -No core dumps found. -Clearing /tmp (X related). -Updating motd:. -Configuring syscons: blanktime. -Generating public/private rsa1 key pair. + Generating public/private rsa1 key pair. Your identification has been saved in /etc/ssh/ssh_host_key. Your public key has been saved in /etc/ssh/ssh_host_key.pub. The key fingerprint is: @@ -2726,52 +2613,26 @@ The key's randomart image is: | . . o . | | .o. . | +-----------------+ -Starting sshd. -Starting cron. -Starting background file system checks in 60 seconds. - -Thu Oct 6 19:15:31 MDT 2011 - -FreeBSD/amd64 (machine3.example.com) (ttyv0) - -login: - - Generating the RSA and - DSA keys may take some time on slower - machines. This happens only on the initial boot-up of a new - installation, and only if sshd is - set to start automatically. Subsequent boots will be - faster. - - &os; does not install graphical environments by default, - but many are available. See for more - information. - - +Starting sshd. + + Refer to for more information + about fingerprints and SSH. - - &os; Shutdown + &os; does not install a graphical environment by default. + Refer to for more + information about installing and configuring a graphical + window manager. Proper shutdown of a &os; computer helps protect data and - even hardware from damage. Do not turn off the power before - the system has been properly shut down. If the user is a + hardware from damage. Do not turn off the power before + the system has been properly shut down! If the user is a member of the wheel group, become the superuser by typing su at the command line and entering the root password. Otherwise, log - in as root and use - shutdown -p now. The system will close - down cleanly and turn itself off. - - The - - Ctrl - Alt - Del - - key combination can be used to reboot the system, but is not - recommended during normal operation. + class="username">root password. Then, type + shutdown -p now and the system will shut + down cleanly, and if the hardware supports it, turn itself off. @@ -2782,27 +2643,18 @@ login: installation troubleshooting - The following section covers basic installation + This section covers basic installation troubleshooting, such as common problems people have reported. - - What to Do If Something Goes Wrong - - Due to various limitations of the PC architecture, it is - impossible for probing to be 100% reliable, however, there are - a few things to try if it fails. - Check the Hardware Notes (http://www.freebsd.org/releases/index.html) - document for the version of &os; to make sure your hardware is - supported. - - If the hardware is supported and lock-ups or other + document for the version of &os; to make sure the hardware is + supported. If the hardware is supported and lock-ups or other problems occur, build a custom kernel using the instructions in to add support for devices which are not present in the GENERIC - kernel. The kernel on the boot disks is configured assuming + kernel. The default kernel assumes that most hardware devices are in their factory default configuration in terms of IRQs, I/O addresses, and DMA @@ -2810,11 +2662,6 @@ login: kernel configuration file can tell &os; where to find things. - It is also possible that a probe for a device not present - will cause a later probe for another device that is present to - fail. In that case, the probes for the conflicting driver(s) - should be disabled. - Some installation problems can be avoided or alleviated by updating the firmware on various hardware components, @@ -2830,21 +2677,11 @@ login: BIOS incomplete and the computer inoperative. - - - Troubleshooting Questions and Answers - - - - - My system hangs while probing hardware during boot, - or it behaves strangely during install. - - - - &os; makes extensive use of the system - ACPI service on the i386, amd64, and + If the system hangs while probing hardware during boot, + or it behaves strangely during install, + ACPI may be the culprit. &os; makes extensive use of the system + ACPI service on the &arch.i386;, &arch.amd64;, and ia64 platforms to aid in system configuration if it is detected during boot. Unfortunately, some bugs still exist in both the ACPI driver and @@ -2861,10 +2698,6 @@ login: /boot/loader.conf. More information about the boot loader can be found in . - - - - From owner-svn-doc-all@FreeBSD.ORG Thu May 22 16:25:57 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EA9E49BA; Thu, 22 May 2014 16:25:57 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D4B942311; Thu, 22 May 2014 16:25:57 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4MGPvUd037180; Thu, 22 May 2014 16:25:57 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4MGPvGP037179; Thu, 22 May 2014 16:25:57 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405221625.s4MGPvGP037179@svn.freebsd.org> From: Benedict Reuschling Date: Thu, 22 May 2014 16:25:57 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44908 - head/en_US.ISO8859-1/books/handbook/jails X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 May 2014 16:25:58 -0000 Author: bcr Date: Thu May 22 16:25:57 2014 New Revision: 44908 URL: http://svnweb.freebsd.org/changeset/doc/44908 Log: This PR and the patch was created during the BSDCan 2014 Doc lounge. From the PR: - Describe that it's possible to install prebuilt binaries as well as build from source. - Instructions on how to extract distfiles on 8.x & earlier / 9.0 & later - Remove reference to jail_www_devfs_ruleset rc.conf, as-is it prevents the jail from starting because a ruleset needs to be defined & as there is no documentation for that in the article, it's easier to remove it, by doing this, the default ruleset is applied. - Add instructions on how to keep jails up to date with freebsd-update. I cleaned up the patch a bit, but it is still good work for a first patch. PR: docs/189901 Submitted by: Sevan Janiyan Modified: head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/jails/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Thu May 22 15:18:45 2014 (r44907) +++ head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Thu May 22 16:25:57 2014 (r44908) @@ -50,7 +50,8 @@ host system. Jails expand this model by virtualizing access to the file system, the set of users, and the networking subsystem. More fine-grained controls are available for tuning the access - of a jailed environment. + of a jailed environment. Jails can be considered as a type of + operating system-level virtualization. A jail is characterized by four elements: @@ -194,8 +195,72 @@ system, and service jails, dedicated to one application or service, possibly running with privileges. This is only a conceptual division and the process of building a jail - is not affected by it. The &man.jail.8; manual page is quite - clear about the procedure for building a jail: + is not affected by it. When creating a complete + jail there are two options for the source of the userland: use + prebuilt binaries (such as those supplied on an install media) + or build from source. + + To install the userland from installation media, first + create the root directory for the jail. This can be done by + setting the DESTDIR variable to the proper + location. The command to use depends on which shell is being + used. + + When using &man.sh.1;: + + &prompt.root; export DESTDIR=/here/is/the/jail + + If csh/tcsh is used, + execute this instead: + + &prompt.root; setenv DESTDIR /here/is/the/jail + + Mount the install media as covered in &man.mdconfig.8; + when using the install ISO: + + &prompt.root; mount -t cd9660 /dev/`mdconfig -f cdimage.iso` /mnt + + Extract the binaries from the tarballs on the install media + into the declared destination. Minimally, only the base set + needs to be extracted, but a complete install can be performed + when preferred. + + To install just the base system, run the next command when + using &os; 9.x or newer: + + &prompt.root; tar -xf /mnt/freebsd_install/usr/freebsd_dist/base.txz -C $DESTDIR + + On &os; 8.x systems, use this command instead: + + &prompt.root; /mnt/8.4-RELEASE/base/install.sh + + To install everything but the kernel, issue this + command: + + When using &man.sh.1; on &os; 9.x and newer, issue this + command: + + &prompt.root; for sets in BASE DOC GAMES PORTS; do (tar -xf /mnt/FREEBSD_INSTALL/USR/FREEBSD_DIST/$sets.TXZ -C $DESTDIR + + When using &os; 8.x, run this: + + &prompt.root; cd /mnt/8.4-RELEASE; for dir in base catpages dict doc games info manpages ports; do (cd $dir; ./install.sh) ; done + + If csh/tcsh is used on + &os; 9.x and newer, execute this command: + + &prompt.root; foreach sets ( BASE DOC GAMES PORTS ) +tar -xf /mnt/FREEBSD_INSTALL/USR/FREEBSD_DIST/$sets.TXZ -C $DESTDIR +done + + On &os; 8.x, run this command: + + &prompt.root; foreach dir ( base catpages dict doc games info manpages ports ) + cd /mnt/8.4-RELEASE/$dir; ./install.sh +done + + The &man.jail.8; manual page explains the procedure for + building a jail: &prompt.root; setenv D /here/is/the/jail &prompt.root; mkdir -p $D @@ -299,8 +364,7 @@ jail_list="wwwjail_www_rootdir="/usr/jail/www" # jail's root directory jail_www_hostname="www.example.org" # jail's hostname jail_www_ip="192.168.0.10" # jail's IP address -jail_www_devfs_enable="YES" # mount devfs in the jail -jail_www_devfs_ruleset="www_ruleset" # devfs ruleset to apply to jail +jail_www_devfs_enable="YES" # mount devfs in the jail The default startup of jails configured in &man.rc.conf.5;, will run the /etc/rc @@ -460,6 +524,22 @@ jail_www_devf applications that contribute to &man.jail.8; management. Please refer to its web page for more information.             + + + Keeping Jails Patched and up to Date + + Jails should be kept up to date from the host operating + system as attempting to patch userland from within the jail + may likely fail as the default behaviour in FreeBSD is to + disallow the use of &man.chflags.1; in a jail which prevents + the replacement of some files. It is possible to change this + behavior but it is recommended to use &man.freebsd-update.8; + to maintain jails instead. Use to specify + the path of the jail to be updated. + + &prompt.root; freebsd-update -b /here/is/the/jail fetch +&prompt.root; freebsd-update -b /here/is/the/jail install + From owner-svn-doc-all@FreeBSD.ORG Thu May 22 16:36:17 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A8B6610B; Thu, 22 May 2014 16:36:17 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 95D1223E7; Thu, 22 May 2014 16:36:17 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4MGaHbg041911; Thu, 22 May 2014 16:36:17 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4MGaHWv041910; Thu, 22 May 2014 16:36:17 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405221636.s4MGaHWv041910@svn.freebsd.org> From: Benedict Reuschling Date: Thu, 22 May 2014 16:36:17 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44909 - head/en_US.ISO8859-1/books/handbook/jails X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 May 2014 16:36:17 -0000 Author: bcr Date: Thu May 22 16:36:17 2014 New Revision: 44909 URL: http://svnweb.freebsd.org/changeset/doc/44909 Log: Remove a repeated "the". Modified: head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/jails/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Thu May 22 16:25:57 2014 (r44908) +++ head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Thu May 22 16:36:17 2014 (r44909) @@ -723,7 +723,7 @@ jail_www_devf Use mergemaster to install - missing configuration files. Then, remove the the extra + missing configuration files. Then, remove the extra directories that mergemaster creates: From owner-svn-doc-all@FreeBSD.ORG Thu May 22 16:46:38 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 239C1627; Thu, 22 May 2014 16:46:38 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 10DA224E0; Thu, 22 May 2014 16:46:38 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4MGkbqV046557; Thu, 22 May 2014 16:46:37 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4MGkbq1046556; Thu, 22 May 2014 16:46:37 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405221646.s4MGkbq1046556@svn.freebsd.org> From: Benedict Reuschling Date: Thu, 22 May 2014 16:46:37 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44910 - head/en_US.ISO8859-1/books/handbook/jails X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 May 2014 16:46:38 -0000 Author: bcr Date: Thu May 22 16:46:37 2014 New Revision: 44910 URL: http://svnweb.freebsd.org/changeset/doc/44910 Log: Whitespace fix, which translators can igore. Modified: head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/jails/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Thu May 22 16:36:17 2014 (r44909) +++ head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Thu May 22 16:46:37 2014 (r44910) @@ -544,13 +544,18 @@ jail_www_devf - Updating Multiple Jails + Updating Multiple Jails - - DanielGerzoContributed - by - - + + + + Daniel + Gerzo + + Contributed by + + + Simon @@ -568,7 +573,7 @@ jail_www_devf And an article written by - + The management of multiple jails can become problematic because every jail has to be rebuilt from scratch whenever it is From owner-svn-doc-all@FreeBSD.ORG Thu May 22 17:49:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 618805A9; Thu, 22 May 2014 17:49:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4E96A29CD; Thu, 22 May 2014 17:49:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4MHnARP074161; Thu, 22 May 2014 17:49:10 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4MHnA5r074160; Thu, 22 May 2014 17:49:10 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201405221749.s4MHnA5r074160@svn.freebsd.org> From: Xin LI Date: Thu, 22 May 2014 17:49:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44911 - head/en_US.ISO8859-1/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 May 2014 17:49:10 -0000 Author: delphij Date: Thu May 22 17:49:09 2014 New Revision: 44911 URL: http://svnweb.freebsd.org/changeset/doc/44911 Log: Add gjb@ to secteam. He will act as clusteradm@ liaison for now. Submitted by: des Modified: head/en_US.ISO8859-1/htdocs/administration.xml Modified: head/en_US.ISO8859-1/htdocs/administration.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/administration.xml Thu May 22 16:46:37 2014 (r44910) +++ head/en_US.ISO8859-1/htdocs/administration.xml Thu May 22 17:49:09 2014 (r44911) @@ -245,6 +245,7 @@
          • &a.delphij.email; (Officer Deputy)
          • &a.des.email; (Officer)
          • &a.gavin.email; (Core Team Liaison)
            • +
          • &a.gjb.email; (Cluster Administrators Team Liaison)
          • &a.imp.email;
          • &a.jonathan.email;
          • &a.philip.email;
            • From owner-svn-doc-all@FreeBSD.ORG Thu May 22 23:21:28 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 09B43DAD; Thu, 22 May 2014 23:21:28 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EB25825FC; Thu, 22 May 2014 23:21:27 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4MNLRaH060910; Thu, 22 May 2014 23:21:27 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4MNLRsM060909; Thu, 22 May 2014 23:21:27 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201405222321.s4MNLRsM060909@svn.freebsd.org> From: Glen Barber Date: Thu, 22 May 2014 23:21:27 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44912 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 May 2014 23:21:28 -0000 Author: gjb Date: Thu May 22 23:21:27 2014 New Revision: 44912 URL: http://svnweb.freebsd.org/changeset/doc/44912 Log: stable/9 is now frozen as part of the 9.3-RELEASE cycle. All further commits now require explicit re@ approval. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Thu May 22 17:49:09 2014 (r44911) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Thu May 22 23:21:27 2014 (r44912) @@ -68,7 +68,7 @@
            - +
            Code freeze begins 23 May 2014-23 May 2014 Release Engineers announce that all further commits to the &local.branch.stable; branch will require explicit approval. Certain blanket approvals will be granted for narrow areas of From owner-svn-doc-all@FreeBSD.ORG Fri May 23 14:06:32 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 542CD7AE; Fri, 23 May 2014 14:06:32 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 414992047; Fri, 23 May 2014 14:06:32 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4NE6WEO062427; Fri, 23 May 2014 14:06:32 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4NE6WAL062426; Fri, 23 May 2014 14:06:32 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405231406.s4NE6WAL062426@svn.freebsd.org> From: Dru Lavigne Date: Fri, 23 May 2014 14:06:32 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44914 - head/en_US.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 May 2014 14:06:32 -0000 Author: dru Date: Fri May 23 14:06:31 2014 New Revision: 44914 URL: http://svnweb.freebsd.org/changeset/doc/44914 Log: Finish editorial review of install chapter. The Handbook needs a section on how to use bsdconfig and this chapter should reference it. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Fri May 23 11:43:07 2014 (r44913) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Fri May 23 14:06:31 2014 (r44914) @@ -102,12 +102,12 @@ - How to create the &os; installation media. + The minimum hardware requirements and &os; supported + architectures. - The minimum hardware requirements and &os; supported - architectures. + How to create the &os; installation media. Troubleshooting From owner-svn-doc-all@FreeBSD.ORG Fri May 23 16:24:37 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7C5F79A3; Fri, 23 May 2014 16:24:37 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 694F52DF6; Fri, 23 May 2014 16:24:37 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4NGObB5024528; Fri, 23 May 2014 16:24:37 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4NGObig024527; Fri, 23 May 2014 16:24:37 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405231624.s4NGObig024527@svn.freebsd.org> From: Dru Lavigne Date: Fri, 23 May 2014 16:24:37 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44918 - head/en_US.ISO8859-1/books/handbook/serialcomms X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 May 2014 16:24:37 -0000 Author: dru Date: Fri May 23 16:24:36 2014 New Revision: 44918 URL: http://svnweb.freebsd.org/changeset/doc/44918 Log: Finish editorial review of Dial-in Service chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Fri May 23 16:04:57 2014 (r44917) +++ head/en_US.ISO8859-1/books/handbook/serialcomms/chapter.xml Fri May 23 16:24:36 2014 (r44918) @@ -1367,11 +1367,11 @@ AT&B2&W Troubleshooting - Here are a few steps for troubleshooting a dial-up modem - on a &os; system. + This section provides a few tips for troubleshooting a + dial-up modem that will not connect to a &os; system. - Hook up the modem to the &os; system, boot the system, - and, if the modem has status indication lights, watch to see + Hook up the modem to the &os; system and boot the system. + If the modem has status indication lights, watch to see whether the modem's DTR indicator lights when the login: prompt appears on the system's console. If it lights up, that should mean that &os; @@ -1381,45 +1381,34 @@ AT&B2&W If the DTR indicator does not light, login to the &os; system through the console and type - ps ax to see if &os; is trying to run a + ps ax to see if &os; is running a getty process on the correct port: - 114 ?? I 0:00.10 /usr/libexec/getty V19200 ttyu0 - 115 ?? I 0:00.10 /usr/libexec/getty V19200 ttyu1 + 114 ?? I 0:00.10 /usr/libexec/getty V19200 ttyu0 - If something like this is displayed instead: - - 114 d0 I 0:00.10 /usr/libexec/getty V19200 ttyu0 - - and the modem has not accepted a call yet, this means + If the second column contains a d0 + instead of a ?? and the modem has not + accepted a call yet, this means that getty has completed its open on the communications port. This could indicate a problem with the - cabling or a misconfigured modem, because + cabling or a misconfigured modem because getty should not be able to open the - communications port until carrier detect has been asserted by + communications port until the carrier detect signal has been asserted by the modem. If no getty processes are waiting to - open the desired - ttyuN - port, double-check the entries in - /etc/ttys to see if there are any - mistakes. Also, check + open the port, double-check that the entry for the port is + correct in /etc/ttys. Also, check /var/log/messages to see if there are any log messages from init or - getty. If there are any messages, - triple-check /etc/ttys and - /etc/gettytab, as well as the - appropriate device special files, - /dev/ttyuN, for any mistakes, missing - entries, or missing device special files. + getty. Next, try dialing into the system. Be sure to use 8 bits, no parity, and 1 stop bit on the remote system. If a prompt does not appear right away, or the prompt shows garbage, try pressing Enter about once per second. If - there is still no login: prompt after a - while, try sending a BREAK. When using a + there is still no login: prompt, + try sending a BREAK. When using a high-speed modem, try dialing again after locking the dialing modem's interface speed. @@ -1452,9 +1441,8 @@ AT&B2&W DTR line is asserted by checking the modem's indicator lights. - If it still does not work, take a break and come back to - it later. If it still does not work, try sending an email - message to the &a.questions; describing the modem and the + If it still does not work, try sending an email + to the &a.questions; describing the modem and the problem. From owner-svn-doc-all@FreeBSD.ORG Fri May 23 16:49:33 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 47911BA7; Fri, 23 May 2014 16:49:33 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 34E012014; Fri, 23 May 2014 16:49:33 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4NGnXkh034327; Fri, 23 May 2014 16:49:33 GMT (envelope-from jkois@svn.freebsd.org) Received: (from jkois@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4NGnXa0034326; Fri, 23 May 2014 16:49:33 GMT (envelope-from jkois@svn.freebsd.org) Message-Id: <201405231649.s4NGnXa0034326@svn.freebsd.org> From: Johann Kois Date: Fri, 23 May 2014 16:49:33 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44919 - head/de_DE.ISO8859-1/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 May 2014 16:49:33 -0000 Author: jkois Date: Fri May 23 16:49:32 2014 New Revision: 44919 URL: http://svnweb.freebsd.org/changeset/doc/44919 Log: r44209 -> r44892 MFde: Resync the project news Obtained from: The FreeBSD German Documentation Project Modified: head/de_DE.ISO8859-1/share/xml/news.xml Modified: head/de_DE.ISO8859-1/share/xml/news.xml ============================================================================== --- head/de_DE.ISO8859-1/share/xml/news.xml Fri May 23 16:24:36 2014 (r44918) +++ head/de_DE.ISO8859-1/share/xml/news.xml Fri May 23 16:49:32 2014 (r44919) @@ -4,7 +4,7 @@ -
            - &os; and Solid State Devices - +
            + &os; and Solid State Devices - JohnKozubik -
            john@kozubik.com
            -             + + + John + Kozubik + + +
            + john@kozubik.com +
            +             +             @@ -120,10 +129,10 @@ - Kernel Options + Kernel Options - A few kernel options are of specific interest to those - creating an embedded &os; system. + A few kernel options are of specific interest to those + creating an embedded &os; system. All embedded &os; systems that use flash memory as system disk will be interested in memory disks and memory filesystems. @@ -205,7 +214,8 @@ pseudo-device md # memory &prompt.root; /sbin/mount -uw partition - and can be toggled back to read-only with the command: + and can be toggled back to read-only with the + command: &prompt.root; /sbin/mount -ur partition @@ -356,11 +366,12 @@ pseudo-device md # memory cron - Upon boot, /var - gets populated by /etc/rc.d/var using the - list from /etc/mtree/BSD.var.dist, so the - cron, cron/tabs, at, and a few other standard - directories get created. + Upon boot, /var gets populated by + /etc/rc.d/var using the list from + /etc/mtree/BSD.var.dist, so the + cron, cron/tabs, + at, and a few other standard directories + get created. However, this does not solve the problem of maintaining cron tabs across reboots. When the system reboots, the @@ -402,20 +413,21 @@ pseudo-device md # memory use the ports tree, a reminder is necessary regarding the read-only nature of your filesystems on the flash media. Since they are read-only, you will need to temporarily mount - them read-write using the mount syntax shown in . You should always remount those + them read-write using the mount syntax shown in . You should always remount those filesystems read-only when you are done with any maintenance - unnecessary writes to the flash media could considerably shorten its lifespan. To make it possible to enter a ports directory and - successfully run - make install, we - must create a packages directory on a non-memory filesystem - that will keep track of our packages across reboots. Because - it is necessary to mount your filesystems as read-write for - the installation of a package anyway, it is sensible to assume - that an area on the flash media can also be used for package - information to be written to. + successfully run make + install, we must create a packages + directory on a non-memory filesystem that will keep track of + our packages across reboots. Because it is necessary to mount + your filesystems as read-write for the installation of a + package anyway, it is sensible to assume that an area on the + flash media can also be used for package information to be + written to. First, create a package database directory. This is normally in /var/db/pkg, but we cannot @@ -431,9 +443,9 @@ pseudo-device md # memory &prompt.root; ln -s /etc/pkg /var/db/pkg Now, any time that you mount your filesystems as - read-write and install a package, the - make install will - work, and package information will be written successfully to + read-write and install a package, the make + install will work, and package + information will be written successfully to /etc/pkg (because the filesystem will, at that time, be mounted read-write) which will always be available to the operating system as @@ -446,19 +458,20 @@ pseudo-device md # memory The steps in this section are only necessary if Apache is set up to write its pid or log information outside of - /var. By default, - Apache keeps its pid file in /var/run/httpd.pid and its - log files in /var/log. + /var. By default, Apache keeps its pid + file in /var/run/httpd.pid and its log + files in /var/log. It is now assumed that Apache keeps its log files in a - directory apache_log_dir - outside of /var. - When this directory lives on a read-only filesystem, Apache - will not be able to save any log files, and may have problems - working. If so, it is necessary to add a new directory to the - list of directories in /etc/rc.d/var to - create in /var, and to link + directory + apache_log_dir + outside of /var. When this directory + lives on a read-only filesystem, Apache will not be able to + save any log files, and may have problems working. If so, it + is necessary to add a new directory to the list of directories + in /etc/rc.d/var to create in + /var, and to link apache_log_dir to /var/log/apache. It is also necessary to set permissions and ownership on this new directory. @@ -474,7 +487,8 @@ pseudo-device md # memory &prompt.root; chmod 0774 /var/log/apache &prompt.root; chown nobody:nobody /var/log/apache - Finally, remove the existing apache_log_dir + Finally, remove the existing + apache_log_dir directory, and replace it with a link: &prompt.root; rm -rf apache_log_dir From owner-svn-doc-all@FreeBSD.ORG Fri May 23 17:12:05 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 92609764; Fri, 23 May 2014 17:12:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7FB8722BC; Fri, 23 May 2014 17:12:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4NHC5M2047363; Fri, 23 May 2014 17:12:05 GMT (envelope-from jkois@svn.freebsd.org) Received: (from jkois@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4NHC5qC047362; Fri, 23 May 2014 17:12:05 GMT (envelope-from jkois@svn.freebsd.org) Message-Id: <201405231712.s4NHC5qC047362@svn.freebsd.org> From: Johann Kois Date: Fri, 23 May 2014 17:12:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44921 - head/de_DE.ISO8859-1/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 May 2014 17:12:05 -0000 Author: jkois Date: Fri May 23 17:12:05 2014 New Revision: 44921 URL: http://svnweb.freebsd.org/changeset/doc/44921 Log: r43479 -> r44481 MFde: Resync the "in the media" section. Obtained from: The FreeBSD German Documentation Project Modified: head/de_DE.ISO8859-1/share/xml/press.xml Modified: head/de_DE.ISO8859-1/share/xml/press.xml ============================================================================== --- head/de_DE.ISO8859-1/share/xml/press.xml Fri May 23 17:12:03 2014 (r44920) +++ head/de_DE.ISO8859-1/share/xml/press.xml Fri May 23 17:12:05 2014 (r44921) @@ -7,7 +7,7 @@ "freefall:/c/www/bsddoc/press/". $FreeBSD$ $FreeBSDde$ - basiert auf: r43479 + basiert auf: r44481 --> @@ -22,6 +22,19 @@ 1 + &os; to support secure boot by mid-year + http://www.itwire.com/business-it-news/open-source/62855-freebsd-to-support-secure-boot-by-mid-year + ITWire + http://www.itwire.com/ + 20. Januar 2014 + Sam Varghese +

            Kirk McKusick beschreibt in diesem Artikel die Fortschritte, die + &os; bei der Implementierung von UEFI Secure Boot gemacht hat + (die erste &os;-Version mit UEFI Secure Boot-Untersttzung soll + das voraussichtlich Mitte 2014 erscheinende &os; 10.1 sein).

            +             + + McKusick: &os; sicherheitstechnisch up-to-date http://www.itwire.com/business-it-news/open-source/62728-mckusick-denies-freebsd-lagging-on-security ITWire From owner-svn-doc-all@FreeBSD.ORG Fri May 23 17:28:33 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C31AB3D9; Fri, 23 May 2014 17:28:33 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A467D2411; Fri, 23 May 2014 17:28:33 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4NHSXp3053569; Fri, 23 May 2014 17:28:33 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4NHSXxm053568; Fri, 23 May 2014 17:28:33 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405231728.s4NHSXxm053568@svn.freebsd.org> From: Dru Lavigne Date: Fri, 23 May 2014 17:28:33 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44922 - head/en_US.ISO8859-1/books/handbook/ppp-and-slip X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 May 2014 17:28:33 -0000 Author: dru Date: Fri May 23 17:28:33 2014 New Revision: 44922 URL: http://svnweb.freebsd.org/changeset/doc/44922 Log: Some shuffling in Configuring PPP to improve the flow of this section. More commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/ppp-and-slip/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/ppp-and-slip/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/ppp-and-slip/chapter.xml Fri May 23 17:12:05 2014 (r44921) +++ head/en_US.ISO8859-1/books/handbook/ppp-and-slip/chapter.xml Fri May 23 17:28:33 2014 (r44922) @@ -459,7 +459,29 @@ create /etc/ppp/ppp.linkup with the above two lines. More examples for this file can be found in /usr/share/examples/ppp/.             -             + + By default, the ppp command must be + run as the root + user. To change this default, add the account of the user + who should run ppp to the + network group in + /etc/group. + + Then, give the user access to one or more entries in + /etc/ppp/ppp.conf using the + allow command. For example, to give + fred and + mary + permission to only the provider: entry, + add this line to the provider: + section: + + allow users fred mary + + To give the specified users access to all entries, put + that line in the default section + instead. + Receiving Incoming Calls @@ -513,30 +535,7 @@ - ?> - - <application>PPP</application> Permissions - - The ppp command must normally be - run as the root user. To instead - allow ppp to run in server mode as a - normal user, that user must be given permission to run - ppp by adding them to the - network group in - /etc/group. - - The user also needs access to one or more sections of - the configuration file using the - allow command: - - allow users fred mary - - If this command is used in the - default section, it gives the specified - users access to everything. - - <acronym>PPP</acronym> Shells for Dynamic <acronym>IP</acronym> Users @@ -681,101 +680,9 @@ mary: add 203.14.103.0 netmask 255.255.255.0 HISADDR ?> - - <command>mgetty</command> and AutoPPP - - - mgetty - - - - AutoPPP - - - - LCP - - provides a good description - on enabling dial-up services using &man.getty.8;. - - An alternative to getty is mgetty (from - comms/mgetty+sendfax - port), a smarter version of getty - designed with dial-up lines in mind. - - The advantages of using mgetty is - that it actively talks to modems, - meaning if port is turned off in - /etc/ttys then the modem will not - answer the phone. - - Later versions of mgetty (from - 0.99beta onwards) also support the automatic detection of - PPP streams, allowing clients - scriptless access to the server. - - Refer to for more - information on mgetty. - - By default the comms/mgetty+sendfax port - comes with the AUTO_PPP option enabled - allowing mgetty to detect the LCP - phase of PPP connections and - automatically spawn off a ppp shell. However, since the - default login/password sequence does not occur it is - necessary to authenticate users using either PAP or - CHAP. - - This section assumes the user has successfully - compiled, and installed the comms/mgetty+sendfax port on - his system. - - Ensure that - /usr/local/etc/mgetty+sendfax/login.config - has the following: - - /AutoPPP/ - - /etc/ppp/ppp-pap-dialup - - This tells mgetty to run - ppp-pap-dialup for detected - PPP connections. - - Create an executable file called - /etc/ppp/ppp-pap-dialup containing - the following: - - #!/bin/sh -exec /usr/sbin/ppp -direct pap$IDENT - - For each dial-up line enabled in - /etc/ttys, create a corresponding - entry in /etc/ppp/ppp.conf. This - will happily co-exist with the definitions we created - above. - - pap: - enable pap - set ifaddr 203.14.100.1 203.14.100.20-203.14.100.40 - enable proxy - - Each user logging in with this method will need to - have a username/password in - /etc/ppp/ppp.secret file, or - alternatively add the following option to authenticate - users via PAP from the /etc/passwd - file. - - enable passwdauth - - To assign some users a static IP - number, specify the number as the third argument in - /etc/ppp/ppp.secret. See - /usr/share/examples/ppp/ppp.secret.sample - for examples. - - MS Extensions + Advanced Configuration DNS @@ -817,9 +724,8 @@ set nbns 203.14.100.5 dns line is omitted, PPP will use the values found in /etc/resolv.conf. - - + PAP and CHAP Authentication PAP @@ -888,32 +794,9 @@ set nbns 203.14.100.5 - - - - Changing the <command>ppp</command> Configuration - on the Fly - - It is possible to talk to the ppp - program while it is running in the background, but only - if a suitable diagnostic port has been set up. To do - this, add the following line to the configuration: - - set server /var/run/ppp-tun%d DiagnosticPassword 0177 - - This will tell PPP to listen to the specified - &unix; domain socket, asking clients for the specified - password before allowing access. The - %d in the name is replaced with the - tun device number that is in - use. - - Once a socket has been set up, the &man.pppctl.8; - program may be used in scripts that wish to manipulate - the running program. - + - + Using <acronym>PPP</acronym> Network Address Translation Capability @@ -944,6 +827,7 @@ nat port tcp 10.0.0.2:http httpor do not trust the outside at all nat deny_incoming yes + @@ -1034,6 +918,10 @@ ifconfig_tun0= An alternative is to set up a dfilter to block SMTP traffic. Refer to the sample files for further details. + + + + Using <command>ppp</command> All that is left is to reboot the machine. After rebooting, either type: @@ -1048,7 +936,119 @@ ifconfig_tun0= type: &prompt.root; ppp -auto provider - + + It is possible to talk to the ppp + program while it is running in the background, but only + if a suitable diagnostic port has been set up. To do + this, add the following line to the configuration: + + set server /var/run/ppp-tun%d DiagnosticPassword 0177 + + This will tell PPP to listen to the specified + &unix; domain socket, asking clients for the specified + password before allowing access. The + %d in the name is replaced with the + tun device number that is in + use. + + Once a socket has been set up, the &man.pppctl.8; + program may be used in scripts that wish to manipulate + the running program. + + + + Configuring Dial-in Services + + + mgetty + + + + AutoPPP + + + + LCP + + provides a good description + on enabling dial-up services using &man.getty.8;. + + An alternative to getty is + comms/mgetty+sendfax + port), a smarter version of getty + designed with dial-up lines in mind. + + The advantages of using mgetty is + that it actively talks to modems, + meaning if port is turned off in + /etc/ttys then the modem will not + answer the phone. + + Later versions of mgetty (from + 0.99beta onwards) also support the automatic detection of + PPP streams, allowing clients + scriptless access to the server. + + Refer to http://mgetty.greenie.net/doc/mgetty_toc.html + for more + information on mgetty. + + By default the comms/mgetty+sendfax port + comes with the AUTO_PPP option enabled + allowing mgetty to detect the LCP + phase of PPP connections and + automatically spawn off a ppp shell. However, since the + default login/password sequence does not occur it is + necessary to authenticate users using either PAP or + CHAP. + + This section assumes the user has successfully + compiled, and installed the comms/mgetty+sendfax port on + his system. + + Ensure that + /usr/local/etc/mgetty+sendfax/login.config + has the following: + + /AutoPPP/ - - /etc/ppp/ppp-pap-dialup + + This tells mgetty to run + ppp-pap-dialup for detected + PPP connections. + + Create an executable file called + /etc/ppp/ppp-pap-dialup containing + the following: + + #!/bin/sh +exec /usr/sbin/ppp -direct pap$IDENT + + For each dial-up line enabled in + /etc/ttys, create a corresponding + entry in /etc/ppp/ppp.conf. This + will happily co-exist with the definitions we created + above. + + pap: + enable pap + set ifaddr 203.14.100.1 203.14.100.20-203.14.100.40 + enable proxy + + Each user logging in with this method will need to + have a username/password in + /etc/ppp/ppp.secret file, or + alternatively add the following option to authenticate + users via PAP from the /etc/passwd + file. + + enable passwdauth + + To assign some users a static IP + number, specify the number as the third argument in + /etc/ppp/ppp.secret. See + /usr/share/examples/ppp/ppp.secret.sample + for examples. + From owner-svn-doc-all@FreeBSD.ORG Fri May 23 17:36:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 24EA368D; Fri, 23 May 2014 17:36:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0600024BF; Fri, 23 May 2014 17:36:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4NHasWl057757; Fri, 23 May 2014 17:36:54 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4NHasQ6057756; Fri, 23 May 2014 17:36:54 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405231736.s4NHasQ6057756@svn.freebsd.org> From: Benedict Reuschling Date: Fri, 23 May 2014 17:36:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44923 - head/en_US.ISO8859-1/articles/solid-state X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 May 2014 17:36:55 -0000 Author: bcr Date: Fri May 23 17:36:54 2014 New Revision: 44923 URL: http://svnweb.freebsd.org/changeset/doc/44923 Log: Capitalize words in title tags, remove redundant words and rewrite one sentence in the process. This makes this file igor clean. Modified: head/en_US.ISO8859-1/articles/solid-state/article.xml Modified: head/en_US.ISO8859-1/articles/solid-state/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/solid-state/article.xml Fri May 23 17:28:33 2014 (r44922) +++ head/en_US.ISO8859-1/articles/solid-state/article.xml Fri May 23 17:36:54 2014 (r44923) @@ -167,10 +167,10 @@ pseudo-device md # memory those directories. In the execution of /etc/rc.d/var, one other rc.conf variable comes into play – - varsize. The - /etc/rc.d/var file creates a - /var partition based on the value of - this variable in rc.conf: + varsize. A /var + partition is created by /etc/rc.d/var based + on the value of this variable in + rc.conf: varsize=8192 @@ -189,7 +189,7 @@ pseudo-device md # memory logging or temporary file creation and destruction can do the same. Therefore, in addition to removing the swap entry from your - /etc/fstab file, you should also change the + /etc/fstab, you should also change the Options field for each filesystem to ro as follows: @@ -221,7 +221,7 @@ pseudo-device md # memory - Building a File System From Scratch + Building a File System from Scratch Because ATA compatible compact-flash cards are seen by &os; as normal IDE hard drives, you could theoretically install &os; @@ -251,30 +251,30 @@ pseudo-device md # memory - Partitioning your flash media device + Partitioning Your Flash Media Device After booting with the kern and mfsroot floppies, choose custom from the installation menu. In the custom installation menu, choose partition. In the partition menu, you - should delete all existing partitions using the - d key. After deleting all existing - partitions, create a partition using the c - key and accept the default value for the size of the + should delete all existing partitions using + d. After deleting all existing + partitions, create a partition using c + and accept the default value for the size of the partition. When asked for the type of the partition, make sure the value is set to 165. Now write - this partition table to the disk by pressing the - w key (this is a hidden option on this + this partition table to the disk by pressing + w (this is a hidden option on this screen). If you are using an ATA compatible compact flash card, you should choose the &os; Boot Manager. Now press - the q key to quit the partition menu. You + q to quit the partition menu. You will be shown the boot manager menu once more - repeat the choice you made earlier. - Creating filesystems on your flash memory - device + Creating Filesystems on Your Flash Memory + Device Exit the custom installation menu, and from the main installation menu choose the fixit @@ -302,7 +302,7 @@ pseudo-device md # memory - Placing your filesystem on the flash media + Placing Your Filesystem on the Flash Media Mount the newly prepared flash media: @@ -364,7 +364,7 @@ pseudo-device md # memory the Apache web server will be provided. - cron + Cron Upon boot, /var gets populated by /etc/rc.d/var using the list from @@ -391,7 +391,7 @@ pseudo-device md # memory - syslog + Syslog syslog.conf specifies the locations of certain log files that exist in From owner-svn-doc-all@FreeBSD.ORG Fri May 23 18:28:25 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 88BDE7BF; Fri, 23 May 2014 18:28:25 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 749392969; Fri, 23 May 2014 18:28:25 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4NISPXB080700; Fri, 23 May 2014 18:28:25 GMT (envelope-from allanjude@svn.freebsd.org) Received: (from allanjude@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4NISPLb080699; Fri, 23 May 2014 18:28:25 GMT (envelope-from allanjude@svn.freebsd.org) Message-Id: <201405231828.s4NISPLb080699@svn.freebsd.org> From: Allan Jude Date: Fri, 23 May 2014 18:28:25 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44924 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 May 2014 18:28:25 -0000 Author: allanjude Date: Fri May 23 18:28:25 2014 New Revision: 44924 URL: http://svnweb.freebsd.org/changeset/doc/44924 Log: Massive whitespace cleanup (translators can ignore) Entries in this file are copy/pasted more often than not, so it would be best if they followed the proper doceng guidelines for line length and tabs/spaces etc. I cleaned up all entries from 2012 to current. Reviewed by: wblock (mentor) Modified: head/share/xml/news.xml Modified: head/share/xml/news.xml ============================================================================== --- head/share/xml/news.xml Fri May 23 17:36:54 2014 (r44923) +++ head/share/xml/news.xml Fri May 23 18:28:25 2014 (r44924) @@ -1,31 +1,32 @@ + "http://www.FreeBSD.org/XML/share/xml/news.dtd"> - - $FreeBSD$ - + + $FreeBSD$ + 2014 @@ -35,17 +36,21 @@ 17 +

            New committer: - Allan Jude (doc)

            + Allan Jude + (doc)

                         - 7 + 7 +

            New committer: - Stephen McConnell (src)

            + Stephen McConnell + (src)

                         @@ -54,10 +59,12 @@ 4 - 24 + 24 +

            New committer: - Kurt Jaeger (ports)

            + Kurt Jaeger + (ports)

                         @@ -67,17 +74,19 @@ January-March, 2014 Status Report -

            The January-March, 2014 Status Report - is now available with 41 entries.

            +

            The January-March, + 2014 Status Report is now available with 41 + entries.

             - 7 + 7 + -

            New committer: - Johannes Jost Meixner (ports)

            +

            New committer: Johannes + Jost Meixner (ports)

                         @@ -92,24 +101,27 @@ FreeBSD Project to participate in Google Summer of Code 2014 -

            The FreeBSD Project is pleased to announce its participation - In Google's 2014 Summer of Code program, which funds summer - students to participate in open source projects. - This will be the FreeBSD Project's tenth year in the program, - having mentored over 160 successful students through summer-long - coding projects between 2005 and 2013.

            - -

            Past successful projects have included improvements to Linux - ABI emulation, NFSv4 ACLs, TCP regression testing, FUSE file - system support, and countless other projects. - Many students go on to become FreeBSD developers, as well as - participating in FreeBSD developer events around the world - through continuing support from the FreeBSD Foundation.

            - -

            Prospective participants are invited to apply; more information - is available, including proposal and deadline information, on the - FreeBSD Summer - Projects page.

            +

            The FreeBSD Project is pleased to announce its + participation in Google's 2014 Summer of Code program, + which funds summer students to participate in open source + projects. This will be the FreeBSD Project's tenth year + in the program, having mentored over 160 successful + students through summer-long coding projects between 2005 + and 2013.

            + +

            Past successful projects have included improvements to + Linux ABI emulation, NFSv4 ACLs, TCP regression testing, + FUSE file system support, and countless other projects. + Many students go on to become FreeBSD developers, as well + as participating in FreeBSD developer events around the + world through continuing support from the FreeBSD + Foundation.

            + +

            Prospective participants are invited to apply; more + information is available, including proposal and deadline + information, on the FreeBSD + Summer Projects page.

            @@ -142,30 +154,34 @@ October-December, 2013 Status Report -

            The October-December, 2013 Status Report - is now available with 37 entries.

            +

            The October-December, + 2013 Status Report is now available with 37 + entries.

             - 23 + 23

            New committer: - Rodrigo Osorio (ports)

            + Rodrigo Osorio + (ports)

                         - 21 + 21

            New committer: - Tycho Nightingale (src)

            + Tycho Nightingale + (src)

            New committer: - Michael Gmelin (ports)

            + Michael Gmelin + (ports)

                         @@ -177,40 +193,41 @@

            FreeBSD 10.0-RELEASE is now available. Please be sure to - check the Release - Notes and Release - Errata before installation for any late-breaking - news and/or issues with 10.0. More information about - FreeBSD releases can be found on the Release - Information page.

            + check the Release + Notes and Release + Errata before installation for any late-breaking + news and/or issues with 10.0. More information about + FreeBSD releases can be found on the Release + Information page.

            -

            Enhanced commit privileges: Jason Helfman +

            Enhanced commit privileges: + Jason Helfman (ports, doc)

             - 15 + 15 -

            Enhanced commit privileges: Steven Kreuzer +

            Enhanced commit privileges: + Steven Kreuzer (ports, doc)

                         - 13 + 13

            Returning committer: - Bruce A. Mah (ports)

            + Bruce A. Mah + (ports)

                         @@ -219,7 +236,8 @@

            New committer: - Thomas Zander (ports)

            + Thomas Zander + (ports)

             @@ -234,7 +252,7 @@ href="&lists.stable;/2014-January/076800.html">available on most of our &os; - mirror sites.

            + mirror sites.

            @@ -249,7 +267,7 @@ href="&lists.stable;/2014-January/076681.html">available on most of our &os; - mirror sites.

            + mirror sites.

            @@ -272,7 +290,7 @@ href="&lists.stable;/2013-December/076590.html">available on most of our &os; - mirror sites.

            + mirror sites.

            @@ -280,8 +298,9 @@ 18 -

            Enhanced commit privileges: Ganbold Tsagaankhuu +

            Enhanced commit privileges: + Ganbold + Tsagaankhuu (doc, src)

             @@ -290,12 +309,14 @@ 16 -

            New committer: Jonathan Chu (ports)

            +

            New committer: + Jonathan Chu + (ports)

             -

            Enhanced commit privileges: Bryan Drewery +

            Enhanced commit privileges: + Bryan Drewery (ports, src)

             @@ -308,7 +329,7 @@ href="&lists.stable;/2013-December/076480.html">available on most of our &os; - mirror sites.

            + mirror sites.

            @@ -324,14 +345,16 @@ href="&lists.stable;/2013-December/076231.html">available on most of our &os; - mirror sites.

            + mirror sites.

            EuroBSDcon 2013 Developer Summit Report -

            A special status report on the EuroBSDcon 2013 &os; Developer Summit - is now available with 13 entries.

            + +

            A special + status report on the EuroBSDcon 2013 &os; Developer + Summit is now available with 13 entries.

             @@ -347,7 +370,7 @@ href="&lists.stable;/2013-December/076040.html">available on most of our &os; - mirror sites.

            + mirror sites.

            @@ -360,7 +383,8 @@

            New committer: - Roger Pau Monné (src)

            + Roger Pau + Monné (src)

             @@ -369,7 +393,8 @@

            New committer: - Alexey Degtyarev (ports)

            + Alexey Degtyarev + (ports)

             @@ -385,7 +410,7 @@ href="&lists.stable;/2013-November/075704.html">available on most of our &os; - mirror sites.

            + mirror sites.

            @@ -394,7 +419,8 @@

            New committer: - Julio Merino (src)

            + Julio Merino + (src)

             @@ -409,8 +435,8 @@ Official Binary Packages for Pkg Available -

            Official binary packages are now available for Pkg for &os; - 8.3, 8.4, 9.1, 9.2, 10.0 and head. See the Official binary packages are now available for Pkg for + &os; 8.3, 8.4, 9.1, 9.2, 10.0 and head. See the announcement for more information.

             @@ -428,7 +454,7 @@ href="&lists.stable;/2013-October/075591.html">available on most of our &os; - mirror sites.

            + mirror sites.

            @@ -438,9 +464,10 @@ July-September, 2013 Status Report -

            The July-September, 2013 Status Report - is now available with 30 entries.

            +

            The July-September, + 2013 Status Report is now available with 30 + entries.

             @@ -456,7 +483,7 @@ href="&lists.stable;/2013-October/075504.html">available on most of our &os; - mirror sites.

            + mirror sites.

            @@ -464,7 +491,8 @@ 9

            New committer: - Eric Davis (src)

            + Eric Davis + (src)

             @@ -480,7 +508,7 @@ href="&lists.current;/2013-October/045097.html">available on most of our &os; - mirror sites.

            + mirror sites.

            @@ -496,15 +524,15 @@

            FreeBSD 9.2-RELEASE is now available. Please be sure to - check the Release - Notes Release - Errata before installation for any late-breaking - news and/or issues with 9.2. More information about - FreeBSD releases can be found on the Release - Information page.

            + check the Release + Notes Release + Errata before installation for any late-breaking + news and/or issues with 9.2. More information about + FreeBSD releases can be found on the Release + Information page.

            @@ -520,15 +548,17 @@ href="&lists.current;/2013-September/044951.html">available on most of our &os; - mirror sites.

            + mirror sites.

            23 +

            New committer: - Danilo Egêa Gondolfo (ports)

            + Danilo Egêa + Gondolfo (ports)

                         @@ -544,7 +574,7 @@ href="&lists.current;/2013-September/044676.html">available on most of our &os; - mirror sites.

            + mirror sites.

            @@ -560,7 +590,7 @@ href="&lists.current;/2013-September/044522.html">available on most of our &os; - mirror sites.

            + mirror sites.

            @@ -576,7 +606,7 @@ href="&lists.stable;/2013-September/075163.html">available on most of our &os; - mirror sites.

            + mirror sites.

            @@ -584,11 +614,13 @@ 2

            New committer: - Ruslan Bukin (src)

            + Ruslan Bukin (src)

             +

            New committer: - Zbigniew Bodek (src)

            + Zbigniew Bodek + (src)

             @@ -608,7 +640,7 @@ href="&lists.stable;/2013-August/074920.html">available on most of our &os; - mirror sites.

            + mirror sites.

            @@ -624,7 +656,7 @@ href="&lists.stable;/2013-August/074756.html">available on most of our &os; - mirror sites.

            + mirror sites.

            @@ -662,7 +694,7 @@ href="&lists.stable;/2013-August/074589.html">available on most of our &os; - mirror sites.

            + mirror sites.

            @@ -674,7 +706,8 @@ 31

            New committer: - Rusmir Dusko (ports)

            + Rusmir Dusko + (ports)

             @@ -690,7 +723,7 @@ href="&lists.stable;/2013-July/074440.html">available on most of our &os; - mirror sites.

            + mirror sites.

            @@ -706,7 +739,7 @@ href="&lists.stable;/2013-July/074377.html">available on most of our &os; - mirror sites.

            + mirror sites.

            @@ -716,9 +749,10 @@ April-June, 2013 Status Report -

            The April-June, 2013 Status Report - is now available with 33 entries.

            +

            The April-June, + 2013 Status Report is now available with 33 + entries.

             @@ -726,7 +760,8 @@ 4

            New committer: - John Marino (ports)

            + John Marino + (ports)

             @@ -734,7 +769,8 @@

            New committer: - Luiz Otavio O Souza (src)

            + Luiz Otavio O Souza + (src)

                         @@ -743,9 +779,10 @@ BSDCan 2013 DevSummit Report -

            A special status report on the results of the BSDCan 2013 - &os; Developer Summit is now + +

            A special status report on the results of the BSDCan 2013 + &os; Developer Summit is now available with 6 entries.

             @@ -759,7 +796,8 @@

            New committer: - Mark Felder (ports)

            + Mark Felder + (ports)

             @@ -769,20 +807,21 @@ Happy Birthday &os;! -

            &os; celebrated its - 20th birthday - today. On June 19, 1993, Jordan Hubbard, Rod Grimes, and - David Greenman announced to the world the creation of - their new fork of the BSD 4.3 operating system.

            - -

            &os; was derived from the 386BSD 0.1 release from Bill and - Lynne Jolitz with its 1.0 release in Nov 1993. Its - stated goals were to create a fast, stable, reliable - server OS for i386 systems.

            - -

            Since then, it has become the backbone of countless - products and has grown to supporting 64bit computing, - embedded devices, and desktop users.

            +

            &os; celebrated its 20th + birthday today. On June 19, 1993, Jordan Hubbard, + Rod Grimes, and David Greenman announced to the world the + creation of their new fork of the BSD 4.3 operating + system.

            + +

            &os; was derived from the 386BSD 0.1 release from Bill + and Lynne Jolitz with its 1.0 release in Nov 1993. Its + stated goals were to create a fast, stable, reliable + server OS for i386 systems.

            + +

            Since then, it has become the backbone of countless + products and has grown to supporting 64bit computing, + embedded devices, and desktop users.

             @@ -791,7 +830,8 @@

            New committer: - Veniamin Gvozdikov (ports)

            + Veniamin Gvozdikov + (ports)

             @@ -801,18 +841,18 @@ &os; 8.4-RELEASE Available -

            &os;  - 8.4-RELEASE is now available. Please be sure to - check the Release +

            &os; 8.4-RELEASE + is now available. Please be sure to check the Release Notes (detailed + href="&enbase;/releases/8.4R/relnotes-detailed.html">detailed version) and Release + href="&enbase;/releases/8.4R/errata.html">Release Errata before installation for any late-breaking - news and/or issues with 8.4. More information about - &os; releases can be found on the Release + news and/or issues with 8.4. More information about + &os; releases can be found on the Release Information page.

             @@ -821,8 +861,8 @@ 4 -

            Enhanced commit privileges: Glen Barber +

            Enhanced commit privileges: + Glen Barber (doc, ports, src)

             @@ -835,8 +875,8 @@ 27 -

            Enhanced commit privileges: Chris Rees +

            Enhanced commit privileges: + Chris Rees (doc, ports)

             @@ -862,9 +902,10 @@ January-March 2013 Status Report -

            The January to March 2013 Status Report is now - available with 31 entries.

            + +

            The January to March 2013 Status Report is now + available with 31 entries.

             @@ -899,7 +940,7 @@ href="&lists.stable;/2013-May/073389.html">available on most of our &os; - mirror sites.

            + mirror sites.

            @@ -930,31 +971,35 @@

            New committer: - Alan Somers (src)

            + Alan Somers + (src)

             FreeBSD Project to participate in Google Summer of Code 2013 -

            The FreeBSD Project is pleased to announce its participation - In Google's 2013 Summer of Code program, which funds summer - students to participate in open source projects. - This will be the FreeBSD Project's ninth year in the program, - having mentored over 150 successful students through summer-long - coding projects between 2005 and 2012.

            - -

            Past successful projects have included improvements to Linux - ABI emulation, NFSv4 ACLs, TCP regression testing, FUSE file - system support, and countless other projects. - Many students go on to become FreeBSD developers, as well as - participating in FreeBSD developer events around the world - through continuing support from the FreeBSD Foundation.

            - -

            Prospective participants are invited to apply; more information - is available, including proposal and deadline information, on the - FreeBSD Summer - Projects page.

            +

            The FreeBSD Project is pleased to announce its + participation in Google's 2013 Summer of Code program, + which funds summer students to participate in open source + projects. This will be the FreeBSD Project's ninth year + in the program, having mentored over 150 successful + students through summer-long coding projects between 2005 + and 2012.

            + +

            Past successful projects have included improvements to + Linux ABI emulation, NFSv4 ACLs, TCP regression testing, + FUSE file system support, and countless other projects. + Many students go on to become FreeBSD developers, as well + as participating in FreeBSD developer events around the + world through continuing support from the FreeBSD + Foundation.

            + +

            Prospective participants are invited to apply; more + information is available, including proposal and deadline + information, on the FreeBSD + Summer Projects page.

             @@ -970,7 +1015,7 @@ href="&lists.stable;/2013-April/073198.html">available on most of our &os; - mirror sites.

            + mirror sites.

            @@ -978,8 +1023,8 @@ 18 -

            Enhanced commit privileges: Cy Schubert +

            Enhanced commit privileges: + Cy Schubert (src, ports)

             @@ -989,7 +1034,8 @@

            New committer: - Hiren Panchasara (src)

            + Hiren Panchasara + (src)

             @@ -1005,7 +1051,7 @@ href="&lists.stable;/2013-April/073070.html">available on most of our &os; - mirror sites.

            + mirror sites.

            @@ -1013,8 +1059,8 @@ 3 -

            Enhanced commit privileges: Antoine Brodin +

            Enhanced commit privileges: + Antoine Brodin (src, ports)

             @@ -1024,7 +1070,8 @@

            New committer: - William Grzybowski (ports)

            + William Grzybowski + (ports)

             @@ -1054,7 +1101,7 @@ href="&lists.stable;/2013-March/072913.html">available on most of our &os; - mirror sites.

            + mirror sites.

            @@ -1062,8 +1109,8 @@ 14 - New &os; Foundation Technical Staff Member: Konstantin - Belousov + New &os; Foundation Technical Staff Member: + Konstantin Belousov

            The &os; Foundation is pleased to announce that Konstantin Belousov has been hired as its first full-time @@ -1071,8 +1118,8 @@ Foundation's investment in staff for 2013.

            Read - more...

            + href="http://freebsdfoundation.blogspot.com/2013/03/foundation-announces-new-technical.html">Read + more...

             @@ -1080,8 +1127,8 @@ 12 -

            New member for the Ports Management team: - Bryan Drewery

            +

            New member for the Ports Management team: Bryan Drewery

             @@ -1090,19 +1137,22 @@ October-December 2012 Status Report -

            The October to December 2012 Status Report is now - available with 27 entries.

            + +

            The October to December 2012 Status Report is now + available with 27 entries.

             + July-September 2012 Status Report -

            The July to September 2012 Status Report is now - available with 12 entries.

            + +

            The July to September 2012 Status Report is now + available with 12 entries.

             - + 2 @@ -1111,7 +1161,8 @@

            New committer: - Po-Chien Lin (ports)

            + Po-Chien Lin + (ports)

             @@ -1120,7 +1171,8 @@

            New committer: - Thomas-Martin Seck (ports)

            + Thomas-Martin Seck + (ports)

             @@ -1128,49 +1180,52 @@ *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Fri May 23 18:30:00 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8ADB99F8; Fri, 23 May 2014 18:30:00 +0000 (UTC) Received: from dmz-mailsec-scanner-5.mit.edu (dmz-mailsec-scanner-5.mit.edu [18.7.68.34]) by mx1.freebsd.org (Postfix) with ESMTP id C78532988; Fri, 23 May 2014 18:29:59 +0000 (UTC) X-AuditID: 12074422-f79376d000000c58-ff-537f93a0674e Received: from mailhub-auth-2.mit.edu ( [18.7.62.36]) (using TLS with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-5.mit.edu (Symantec Messaging Gateway) with SMTP id CA.DF.03160.0A39F735; Fri, 23 May 2014 14:29:53 -0400 (EDT) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-2.mit.edu (8.13.8/8.9.2) with ESMTP id s4NITqSH011844; Fri, 23 May 2014 14:29:52 -0400 Received: from multics.mit.edu (system-low-sipb.mit.edu [18.187.2.37]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id s4NITltx031862 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 23 May 2014 14:29:51 -0400 Received: (from kaduk@localhost) by multics.mit.edu (8.12.9.20060308) id s4NITjbl006054; Fri, 23 May 2014 14:29:45 -0400 (EDT) Date: Fri, 23 May 2014 14:29:44 -0400 (EDT) From: Benjamin Kaduk To: Dru Lavigne Subject: Re: svn commit: r44914 - head/en_US.ISO8859-1/books/handbook/bsdinstall In-Reply-To: <201405231406.s4NE6WAL062426@svn.freebsd.org> Message-ID: References: <201405231406.s4NE6WAL062426@svn.freebsd.org> User-Agent: Alpine 1.10 (GSO 962 2008-03-14) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrAIsWRmVeSWpSXmKPExsUixG6nortwcn2wwcvrTBY/Ph5isuhqUrW4 sWg/k8Xu/l5mBxaPGZ/mswQwRnHZpKTmZJalFunbJXBldHf/YS3o46g4usutgfEjWxcjJ4eE gInE/rV7WSBsMYkL99YDxbk4hARmM0ksXPCTESQhJLCRUWL9O1GIxCEmiVWH5zJBOA2MErOP LAIbxSKgLfF82l2wUWwCKhIz32wEi4sIKEo8/boXbBKzQJTEnqWNrCC2sECQxIQ9W8BqOAWs JDb9WMEOYvMKOEp8O9vJDrHZUqL393xmEFtUQEdi9f4pLBA1ghInZz5hgZhpKXHuz3W2CYyC s5CkZiFJLWBkWsUom5JbpZubmJlTnJqsW5ycmJeXWqRrqpebWaKXmlK6iREcsC5KOxh/HlQ6 xCjAwajEwxswsT5YiDWxrLgy9xCjJAeTkihvbR9QiC8pP6UyI7E4I76oNCe1+BCjBAezkghv 9gSgHG9KYmVValE+TEqag0VJnPettVWwkEB6YklqdmpqQWoRTFaGg0NJgpcVGJlCgkWp6akV aZk5JQhpJg5OkOE8QMN7JoEMLy5IzC3OTIfIn2JUlBLn/QGSEABJZJTmwfXCEsorRnGgV4R5 hUFW8ACTEVz3K6DBTECDXyysBRlckoiQkmpgdLF/1nxpkgjj9k+rHLdYv5p6dVKr/d7Xx2f1 WO6r/jp/Ssr90LUKsh3b3z163xvJ83JtdaQV80m5bxccqi5Zen3vP1imLbn56pVLEfdct/hL XRBZYHmvjvftm02lyp1nnO9uCLqQoLPuoWxv/K+waz2nDtqeY5udEvVr40ldkzUTOex2OohK XVBiKc5INNRiLipOBAB6kXgjAwMAAA== Cc: svn-doc-head@freebsd.org, svn-doc-all@freebsd.org, doc-committers@freebsd.org X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 May 2014 18:30:00 -0000 On Fri, 23 May 2014, Dru Lavigne wrote: > Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml > ============================================================================== > --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Fri May 23 11:43:07 2014 (r44913) > +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Fri May 23 14:06:31 2014 (r44914) > @@ -2703,35 +2712,34 @@ Starting sshd. > > Using the Live <acronym>CD</acronym> > > - A live CD of &os; is available on the > - same CD as the main installation program. > + The welcome menu of sysinstall, shown in + linkend="bsdinstall-choose-mode"/>, provides a > + [ Live CD ] option. I guess it's been too long since I installed a machine, but I think that is the bsdinstall welcome menu, not the sysinstall one? -Ben From owner-svn-doc-all@FreeBSD.ORG Fri May 23 18:32:38 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A226DAC7; Fri, 23 May 2014 18:32:38 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8FB552A15; Fri, 23 May 2014 18:32:38 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4NIWcm0084344; Fri, 23 May 2014 18:32:38 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4NIWc6s084343; Fri, 23 May 2014 18:32:38 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405231832.s4NIWc6s084343@svn.freebsd.org> From: Dru Lavigne Date: Fri, 23 May 2014 18:32:38 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44925 - head/en_US.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 May 2014 18:32:38 -0000 Author: dru Date: Fri May 23 18:32:38 2014 New Revision: 44925 URL: http://svnweb.freebsd.org/changeset/doc/44925 Log: Fix application name. Submitted by: bjk Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Fri May 23 18:28:25 2014 (r44924) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Fri May 23 18:32:38 2014 (r44925) @@ -2709,7 +2709,7 @@ Starting sshd. Using the Live <acronym>CD</acronym> - The welcome menu of sysinstall, + The welcome menu of bsdinstall, shown in , provides a [ Live CD ] option. This is useful for those who are still wondering whether &os; is the From owner-svn-doc-all@FreeBSD.ORG Fri May 23 20:29:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 80653383; Fri, 23 May 2014 20:29:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6D51D235E; Fri, 23 May 2014 20:29:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4NKTaG8035421; Fri, 23 May 2014 20:29:36 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4NKTaWU035420; Fri, 23 May 2014 20:29:36 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201405232029.s4NKTaWU035420@svn.freebsd.org> From: Mathieu Arnold Date: Fri, 23 May 2014 20:29:36 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44926 - head/en_US.ISO8859-1/books/porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 May 2014 20:29:36 -0000 Author: mat (ports committer) Date: Fri May 23 20:29:35 2014 New Revision: 44926 URL: http://svnweb.freebsd.org/changeset/doc/44926 Log: Add a note hinting porters not to use INSTALL_LIB to install static libraries. PR: docs/190146 Submitted by: Natacha Port辿 Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Fri May 23 18:32:38 2014 (r44925) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Fri May 23 20:29:35 2014 (r44926) @@ -4361,8 +4361,8 @@ PORTVERSION= 1.0 - INSTALL_LIB is a command to - install shared libraries. + INSTALL_LIB is a command to install + shared libraries (but not static libraries). @@ -4375,7 +4375,7 @@ PORTVERSION= 1.0 INSTALL_DATA is a command to - install sharable data. + install sharable data, including static libraries. @@ -4387,6 +4387,13 @@ PORTVERSION= 1.0 These are basically the install command with all the appropriate flags. + + + Do not use INSTALL_LIB to install + static libraries, because stripping them render them + useless. Use INSTALL_DATA + instead. +             From owner-svn-doc-all@FreeBSD.ORG Fri May 23 22:46:39 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 28A84865; Fri, 23 May 2014 22:46:39 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 091952DC6; Fri, 23 May 2014 22:46:39 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4NMkcXX097235; Fri, 23 May 2014 22:46:38 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4NMkcje097230; Fri, 23 May 2014 22:46:38 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201405232246.s4NMkcje097230@svn.freebsd.org> From: Glen Barber Date: Fri, 23 May 2014 22:46:38 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44927 - in head: en_US.ISO8859-1/htdocs en_US.ISO8859-1/share/xml share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 May 2014 22:46:39 -0000 Author: gjb Date: Fri May 23 22:46:38 2014 New Revision: 44927 URL: http://svnweb.freebsd.org/changeset/doc/44927 Log: The current flow of our website does not allow easily advertising that we will be soon entering the release cycle. As such, we are not able to easily link to the upcoming release schedule.html page from the index page unless we already have BETA release builds on the FTP mirrors. Implement some evil to eliminate this limitation: - In share/xml/release.l10n.ent, move reusable text from the 'helptest' header, and into a beta.helptest macro, and include the new macro in beta.desc. - Add a new entity, beta.local.where, which is ignored by default. When enabled in the schedule.xml for the upcoming release, it prints information about where to download the testing builds. - Add two new entities, beta.upcoming and beta2.upcoming, which are used in index.xsl, and when set, direct the URL to the upcoming release schedule.html page instead of directly to where.html. With this change, we can advertise that a release cycle is about to start, and not need downloadable images yet. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/index.xsl head/en_US.ISO8859-1/share/xml/release.l10n.ent head/share/xml/release.ent Modified: head/en_US.ISO8859-1/htdocs/index.xsl ============================================================================== --- head/en_US.ISO8859-1/htdocs/index.xsl Fri May 23 20:29:35 2014 (r44926) +++ head/en_US.ISO8859-1/htdocs/index.xsl Fri May 23 22:46:38 2014 (r44927) @@ -83,13 +83,13 @@ href="&u.rel2.announce;">&rel2.current;, &rel3.current; - -
          • Upcoming: &betarel.current;-&betarel.vers;
            • + +
          • Upcoming:
            &betarel.current;-&betarel.vers;
            •  - -
          • Upcoming: &betarel2.current;-&betarel2.vers;
            • + +
          • Upcoming:
            &betarel2.current;-&betarel2.vers;
            •  Modified: head/en_US.ISO8859-1/share/xml/release.l10n.ent ============================================================================== --- head/en_US.ISO8859-1/share/xml/release.l10n.ent Fri May 23 20:29:35 2014 (r44926) +++ head/en_US.ISO8859-1/share/xml/release.l10n.ent Fri May 23 22:46:38 2014 (r44927) @@ -73,14 +73,7 @@ - -

            Help With The Next FreeBSD Release&beta.plural;

            - -

            Our developers and release engineers are working on the the - next release&beta.plural; of FreeBSD; if you wish to help with - testing, please download the latest build&beta.plural;. Please - note that these images are, by their very nature, intended for - testing and should not be used in production environments.

            + &beta.helptest; @@ -150,3 +143,28 @@ ]]> + + + +

            Help With The Next FreeBSD Release&beta.plural;

            + +

            Our developers and release engineers are working on the the + next release&beta.plural; of FreeBSD; if you wish to help with + testing, please download the latest build&beta.plural;. Please + note that these images are, by their very nature, intended for + testing and should not be used in production environments.

            + +'> + + + &beta.helptest; +

            Available installation images are listed on the download page.

            + +'> +]]> + + Modified: head/share/xml/release.ent ============================================================================== --- head/share/xml/release.ent Fri May 23 20:29:35 2014 (r44926) +++ head/share/xml/release.ent Fri May 23 22:46:38 2014 (r44927) @@ -22,6 +22,9 @@ rel2.* and u.rel2.* for the "conservative users" version. --> + + + @@ -29,6 +32,10 @@ don't have something in BETAn or RCn), then change %beta.testing below to "IGNORE". If we do, use "INCLUDE". --> + + + + @@ -37,6 +44,11 @@ + + + + + From owner-svn-doc-all@FreeBSD.ORG Fri May 23 22:48:30 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DA3DD8E7; Fri, 23 May 2014 22:48:30 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C74BB2DCF; Fri, 23 May 2014 22:48:30 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4NMmUG3097519; Fri, 23 May 2014 22:48:30 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4NMmU0q097518; Fri, 23 May 2014 22:48:30 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201405232248.s4NMmU0q097518@svn.freebsd.org> From: Glen Barber Date: Fri, 23 May 2014 22:48:30 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44928 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 May 2014 22:48:30 -0000 Author: gjb Date: Fri May 23 22:48:30 2014 New Revision: 44928 URL: http://svnweb.freebsd.org/changeset/doc/44928 Log: Add 'beta.local.where' macro to the 9.3-RELEASE schedule page, and set beta.local.where to IGNORE so it does not show a link to where.html until images are available. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Fri May 23 22:46:38 2014 (r44927) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Fri May 23 22:48:30 2014 (r44928) @@ -5,6 +5,7 @@ + ]> @@ -30,6 +31,8 @@ requests should be sent to re@FreeBSD.org.

            + &beta.local.where; +

            Schedule

            From owner-svn-doc-all@FreeBSD.ORG Fri May 23 23:01:07 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 774D3B39; Fri, 23 May 2014 23:01:07 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 64ADE2E8B; Fri, 23 May 2014 23:01:07 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4NN17UM005346; Fri, 23 May 2014 23:01:07 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4NN17pv005323; Fri, 23 May 2014 23:01:07 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201405232301.s4NN17pv005323@svn.freebsd.org> From: Glen Barber Date: Fri, 23 May 2014 23:01:07 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44929 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 May 2014 23:01:07 -0000 Author: gjb Date: Fri May 23 23:01:06 2014 New Revision: 44929 URL: http://svnweb.freebsd.org/changeset/doc/44929 Log: Set beta.upcoming to INCLUDE so the 9.3-RELEASE schedule link is available from the index page. Switch betarel.current to 9.3 and betarel.vers to PRERELEASE. Sponsored by: The FreeBSD Foundation Modified: head/share/xml/release.ent Modified: head/share/xml/release.ent ============================================================================== --- head/share/xml/release.ent Fri May 23 22:48:30 2014 (r44928) +++ head/share/xml/release.ent Fri May 23 23:01:06 2014 (r44929) @@ -33,13 +33,13 @@ below to "IGNORE". If we do, use "INCLUDE". --> - + - - + + From owner-svn-doc-all@FreeBSD.ORG Sat May 24 00:23:48 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 37CA267E; Sat, 24 May 2014 00:23:48 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 24E01252D; Sat, 24 May 2014 00:23:48 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4O0NmaH043713; Sat, 24 May 2014 00:23:48 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4O0Nmha043712; Sat, 24 May 2014 00:23:48 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201405240023.s4O0Nmha043712@svn.freebsd.org> From: Warren Block Date: Sat, 24 May 2014 00:23:47 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44931 - head/en_US.ISO8859-1/books/handbook/printing X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 May 2014 00:23:48 -0000 Author: wblock Date: Sat May 24 00:23:47 2014 New Revision: 44931 URL: http://svnweb.freebsd.org/changeset/doc/44931 Log: Simplify the lf2crlf filter. Thanks to jilles@. Modified: head/en_US.ISO8859-1/books/handbook/printing/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/printing/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/printing/chapter.xml Sat May 24 00:17:03 2014 (r44930) +++ head/en_US.ISO8859-1/books/handbook/printing/chapter.xml Sat May 24 00:23:47 2014 (r44931) @@ -680,7 +680,7 @@ Starting lpd. contents: #!/bin/sh -CR=`/usr/bin/printf "\r"` +CR=$'\r' /usr/bin/sed -e "s/$/${CR}/g" Set the permissions and make it executable: From owner-svn-doc-all@FreeBSD.ORG Sat May 24 12:22:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F1159DBE; Sat, 24 May 2014 12:22:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DB7DA2779; Sat, 24 May 2014 12:22:13 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4OCMDIJ067909; Sat, 24 May 2014 12:22:13 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4OCMDsx067907; Sat, 24 May 2014 12:22:13 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405241222.s4OCMDsx067907@svn.freebsd.org> From: Benedict Reuschling Date: Sat, 24 May 2014 12:22:13 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44932 - in head/de_DE.ISO8859-1/books/handbook: advanced-networking firewalls X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 May 2014 12:22:14 -0000 Author: bcr Date: Sat May 24 12:22:13 2014 New Revision: 44932 URL: http://svnweb.freebsd.org/changeset/doc/44932 Log: Update to r44080: Remove NAT section from advanced-networking chapter. It was linked to from the firewalls chapter, but we aren't there yet. To make the handbook build in the german tree and allow further updates to the advanced-networking chapter, simply remove the link. The firewalls chapter will be updated eventually, and will then get the NAT info back. Submitted by: Bjoern Heidotting (changes to advanced-networking) Obtained from: The FreeBSD German Documentation Project Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml head/de_DE.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Sat May 24 00:23:47 2014 (r44931) +++ head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Sat May 24 12:22:13 2014 (r44932) @@ -5,7 +5,7 @@ $FreeBSD$ $FreeBSDde:$ - basiert auf: r44011 + basiert auf: r44080 --> - Wissen, wie man NAT (Network Address Translation) - einrichtet. - - - Zwei Computer ber PLIP verbinden knnen. @@ -5652,377 +5647,6 @@ ISDN BRI Verbindung - - NAT - Network Address Translation - - - - Chern - Lee - Beigetragen von - - - - - - - - berblick - - - natd - - - &man.natd.8;, der Network-Address-Translation-Daemon von - &os;, akzeptiert ankommende Raw-IP-Pakete, ndert den - Sender der Daten in den eigenen Rechner und leitet diese Pakete - in den ausgehenden IP-Paketstrom um, indem IP-Adresse und Port - des Senders so gendert werden, dass bei einer Antwort der - ursprngliche Sender wieder bestimmt und die Daten an - ihn weitergeleitet werden knnen. - - - Internet connection sharing - - - - NAT - - - Der hufigste Grund fr die Verwendung von NAT ist - die gemeinsame Nutzung einer Internetverbindung. - - - - Einrichtung - - Wegen der begrenzten Verfgbarkeit von IPv4-Adressen - und der gestiegenen Anzahl von Breitbandverbindungen ber - Kabelmodem oder DSL, wird die gemeinsame Nutzung von - Internetverbindungen immer wichtiger. Der &man.natd.8;-Daemon - ermglicht die Anbindung von mehreren Rechnern an das - Internet unter Nutzung einer gemeinsamen Verbindung und einer - IP-Adresse. - - Hufig soll ein ber Kabelmodem oder DSL und eine - IP-Adresse an das Internet angebundener Rechner mehreren - Rechnern eines lokalen Netzwerks Internetdienste anbieten. - - Um dies zu ermglichen, muss der &os;-Rechner als - Gateway fungieren. Dazu sind zwei Netzwerkkarten notwendig. Eine - fr die Verbindung zum Internet, die zweite fr die - Verbindung mit dem lokalen Netzwerk. Smtliche Rechner - des lokalen Netzwerks sind ber einen Hub oder einen Switch - miteinander verbunden. - - - Es gibt verschiedene Mglichkeiten, ein LAN ber - ein &os;-Gateway an das Internet anzubinden. Das folgende - Beispiel beschreibt ein Gateway, das zumindest zwei - Netzwerkkarten enthlt. - - - - - - - - - _______ __________ ________ - | | | | | | - | Hub |-----| Client B |-----| Router |----- Internet - |_______| |__________| |________| - | - ____|_____ -| | -| Client A | -|__________| - - - - Network Layout - - - - Eine derartige Netzwerkkonfiguration wird vor allem zur - gemeinsamen Nutzung einer Internetverbindung verwendet. Ein - Rechner des lokalen Netzwerks (LAN) ist mit - dem Internet verbunden. Alle anderen Rechner des lokalen - Netzwerks haben nur ber diesen - Gateway-Rechner Zugriff auf das Internet. - - - - Boot Loader Konfiguration - - - boot loader - configuration - - - Die Kerneleigenschaften fr Network Address Translation mit - &man.natd.8; sind im GENERIC-Kernel nicht - aktiviert, knnen aber bereits zur Bootzeit geladen werden, indem - ein paar Zeilen in die Datei /boot/loader.conf - hinzugefgt werden: - - ipfw_load="YES" -ipdivert_load="YES" - - Zustzlich kann die Option - net.inet.ip.fw.default_to_accept auf - 1 gesetzt werden: - - net.inet.ip.fw.default_to_accept="1" - - - Es ist eine gute Idee, diese Option whrend den ersten - Versuchen, eine Firewall und ein NAT-Gateway aufzusetzen, zu - aktivieren. Damit ist die Standardvorgehensweise von &man.ipfw.8; - diejenige, allow ip from any to any, anstatt der - weniger freizgigen deny ip from any to any. - Es wird dadurch etwas schwieriger, sich aus Versehen nach einem - Neustart aus dem System auszusperren. - - - - - Kernelkonfiguration - - - Kernel - Konfiguration - - - Wenn Module nicht in Frage kommen oder Sie bevorzugen, alle - notwendigen Eigenschaften in den laufenden Kernel einzubauen, - mssen die folgenden Optionen in die Kernelkonfigurationsdatei - eingetragen werden: - - options IPFIREWALL -options IPDIVERT - - Die folgende Optionen knnen ebenfalls eingetragen - werden: - - options IPFIREWALL_DEFAULT_TO_ACCEPT -options IPFIREWALL_VERBOSE - - - - System Bootkonfiguration - - Um Firewall- und NAT-Untersttzung zur Bootzeit zu aktivieren, - tragen Sie Folgendes in /etc/rc.conf ein: - - gateway_enable="YES" -firewall_enable="YES" -firewall_type="OPEN" -natd_enable="YES" -natd_interface="fxp0" -natd_flags="" - - - - Richtet den Rechner als Gateway ein. Die - Ausfhrung von - sysctl net.inet.ip.forwarding=1 - htte den gleichen Effekt. - - - - Aktiviert die Firewallregeln in - /etc/rc.firewall beim - Systemstart. - - - - Ein vordefinierter Satz von Firewallregeln, der alle - Pakete durchlsst. Sehen Sie sich - /etc/rc.firewall an, wenn Sie diese - Option verwenden wollen. - - - - Die Netzwerkkarte, die Pakete weiterleitet (und mit dem - Internet verbunden ist). - - - - Zustzliche Konfigurationsoptionen, die beim - Systemstart an &man.natd.8; bergeben werden. - - - - Durch die Definition dieser Optionen in - /etc/rc.conf wird die Anweisung - natd -interface fxp0 beim Systemstart - ausgefhrt. Dies kann aber auch manuell erfolgen. - - - Falls Sie viele Optionen an &man.natd.8; bergeben - mssen, knnen Sie auch eine Konfigurationsdatei - verwenden. Dazu fgen Sie folgende Zeile in - /etc/rc.conf ein: - - natd_flags="-f /etc/natd.conf" - - Die Datei /etc/natd.conf enthlt - verschiedene Konfigurationsoptionen, wobei jede Option in einer - Zeile steht. Das Beispiel im nchsten Abschnitt wrde - folgende Konfigurationsdatei verwenden: - - redirect_port tcp 192.168.0.2:6667 6667 -redirect_port tcp 192.168.0.3:80 80 - - Wenn Sie eine Konfigurationsdatei verwenden wollen, sollten - Sie sich die Handbuchseite zu &man.natd.8; durchlesen, - insbesondere den Abschnitt ber die Nutzung der Option - . - - - Jedem Rechner und jeder Schnittstelle des lokalen Netzwerks - sollte eine IP-Adresse des im RFC 1918 - definierten privaten Adressraums zugewiesen werden. Der - Standardgateway entspricht der internen IP-Adresse des - natd-Rechners. - - Im Beispiel werden den LAN-Clients A und - B die IP-Adressen - 192.168.0.2 und - 192.168.0.3 zugewiesen, - whrend die LAN-Netzwerkkarte des - natd-Rechners die IP-Adresse - 192.168.0.1 erhlt. Der - natd-Rechner mit der IP-Adresse - 192.168.0.1 wird als - Standardgateway fr die Clients A und - B gesetzt. Die externe Netzwerkkarte des - natd-Rechners muss fr die - korrekte Funktion von &man.natd.8; nicht konfiguriert - werden. - - - - Ports umleiten - - Wenn Sie &man.natd.8; verwenden, sind Ihre LAN-Clients von - aussen nicht erreichbar. LAN-Clients knnen zwar - Verbindungen nach aussen aufbauen, sind aber fr - ankommende Verbindungen nicht erreichbar. Wenn Sie - Internetdienste auf einem LAN-Client anbieten wollen, haben Sie - daher ein Problem. Eine einfache Lsung ist die Umleitung - von bestimmten Internetports des - natd-Rechners auf einen LAN-Client. - - Beispielsweise knnte ein IRC-Server auf Client - A und ein Webserver auf Client - B laufen. Damit diese Konfiguration - funktioniert, mssen Verbindungen, die auf den Ports 6667 - (IRC) und 80 (Web) ankommen, auf die entsprechenden Clients - umgeleitet werden. - - Dazu wird die Option unter - Nutzung folgender Syntax an &man.natd.8; bergeben: - - -redirect_port proto targetIP:targetPORT[-targetPORT] - [aliasIP:]aliasPORT[-aliasPORT] - [remoteIP[:remotePORT[-remotePORT]]] - - Fr unser Beispiel heit das: - - -redirect_port tcp 192.168.0.2:6667 6667 - -redirect_port tcp 192.168.0.3:80 80 - - Dadurch werden die entsprechenden - tcp-Ports auf die jeweiligen LAN-Clients - umgeleitet. - - Mit knnen auch ganze - Portbereiche statt einzelner Ports umgeleitet werden. So werden - mit tcp 192.168.0.2:2000-3000 - 2000-3000 alle Verbindungen, die auf den Ports - 2000 bis 3000 ankommen, auf die entsprechenden Ports des Clients - A umgeleitet. - - Diese Optionen knnen whrend des Betriebs von - &man.natd.8; oder ber die Option - natd_flags="" in - /etc/rc.conf gesetzt werden. - - Eine ausfhrliche Konfigurationsanleitung finden Sie - in &man.natd.8;. - - - - Adressen umleiten - - - address redirection - - - Die Umleitung von Adressen ist ntzlich, wenn mehrere - IP-Adressen verfgbar sind, die aber alle auf einem Rechner - verbleiben sollen. In diesem Fall kann &man.natd.8; jedem - LAN-Client eine eigene externe IP-Adresse zuweisen. Ausgehende - Pakete eines LAN-Clients werden so der entsprechenden - externen IP-Adresse des Clients zugeordnet. Ankommender Verkehr - fr diese IP-Adresse wird automatisch an den entsprechenden - LAN-Client weitergeleitet. Diesen Vorgang bezeichnet man - auch als statisches NAT. Dem - natd-Gatewayrechner knnten - beispielsweise die IP-Adressen - 128.1.1.1, - 128.1.1.2 sowie - 128.1.1.3 zugewiesen werden. - 128.1.1.1 wird als die externe - IP-Adresse des natd-Gatewayrechners - verwendet, whrend 128.1.1.2 - und 128.1.1.3 an die LAN-Clients - A und B weitergegeben werden. - - - benutzt folgende - Syntax: - - -redirect_address localIP publicIP - - - - - - localIP - - Die interne IP-Adresse des LAN-Clients - - - publicIP - - Die externe IP-Adresse des LAN-Clients - - - - - - Fr unser Beispiel hiee dies: - - -redirect_address 192.168.0.2 128.1.1.2 --redirect_address 192.168.0.3 128.1.1.3 - - Analog zur Option - knnen Sie diese Argumente auch in der Option - natd_flags="" in - /etc/rc.conf angeben. Bei der Nutzung - der Adressumleitung ist die Portumleitung berflssig, - weil alle fr eine bestimmte IP-Adresse ankommenden Daten - umgeleitet werden. - - Die externe IP-Adresse des - natd-Rechners muss aktiv sein und - der externen Netzwerkkarte zugewiesen sein. Weitere Informationen - zu diesem Thema finden Sie in &man.rc.conf.5;. - - PLIP – Parallel Line IP Modified: head/de_DE.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- head/de_DE.ISO8859-1/books/handbook/firewalls/chapter.xml Sat May 24 00:23:47 2014 (r44931) +++ head/de_DE.ISO8859-1/books/handbook/firewalls/chapter.xml Sat May 24 12:22:13 2014 (r44932) @@ -2416,9 +2416,8 @@ ipfw add deny out Sollte Ihre Maschinen als Gateway fungieren (also mittels &man.natd.8; Network Address Translation (NAT) - durchfhren), finden Sie in Abschnitt - weitere Optionen fr die - /etc/rc.conf. + durchfhren), finden Sie weitere Optionen in + /etc/rc.conf. From owner-svn-doc-all@FreeBSD.ORG Sat May 24 15:05:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2043CFDF; Sat, 24 May 2014 15:05:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 018B722CC; Sat, 24 May 2014 15:05:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4OF5f7e042288; Sat, 24 May 2014 15:05:41 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4OF5fdL042287; Sat, 24 May 2014 15:05:41 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405241505.s4OF5fdL042287@svn.freebsd.org> From: Benedict Reuschling Date: Sat, 24 May 2014 15:05:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44933 - head/en_US.ISO8859-1/articles/port-mentor-guidelines X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 May 2014 15:05:42 -0000 Author: bcr Date: Sat May 24 15:05:41 2014 New Revision: 44933 URL: http://svnweb.freebsd.org/changeset/doc/44933 Log: Whitespace fixes only. Translators can ignore. Modified: head/en_US.ISO8859-1/articles/port-mentor-guidelines/article.xml Modified: head/en_US.ISO8859-1/articles/port-mentor-guidelines/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/port-mentor-guidelines/article.xml Sat May 24 12:22:13 2014 (r44932) +++ head/en_US.ISO8859-1/articles/port-mentor-guidelines/article.xml Sat May 24 15:05:41 2014 (r44933) @@ -1,12 +1,16 @@ -
            - Port Mentor Guidelines - +
            + + Port Mentor Guidelines - The &os; Ports Management Team + + The &os; Ports Management Team + $FreeBSD$ @@ -15,7 +19,8 @@ 2011 - Thomas Abthorpe + Thomas + Abthorpe Chris Rees @@ -43,13 +48,13 @@ - You have an irresistible urge to inflict knowledge - on others. + You have an irresistible urge to inflict knowledge on + others. The usual punishment applies because you are sick and - tired of committing somebody else's good work! + tired of committing somebody else's good work! @@ -60,10 +65,10 @@ Reasons for a co-mentorship: - - Significant timezone differential. - Accessible, interactive mentor(s) available via - IM is extremely helpful! + + Significant timezone differential. Accessible, + interactive mentor(s) available via IM is extremely + helpful! @@ -71,7 +76,7 @@ English oriented, as is most software development, however, having a mentor who can speak a native language can be very useful. - + ENOTIME! Until there is a 30 hour day, and an 8 day @@ -112,19 +117,20 @@ Expectations We expect mentors to review and test-build all proposed - patches, at least for an initial period lasting more than a + patches, at least for an initial period lasting more than a week or two. - We expect that mentors should take responsibility for - the actions of their mentee. A mentor should follow up with - all commits the mentee makes, both approved - and implicit. + We expect that mentors should take responsibility for the + actions of their mentee. A mentor should follow up with all + commits the mentee makes, both approved and implicit. We expect mentors to make sure their mentees read the Porter's - Handbook, the PR handling guide, and - the Committer's - Guide. While it's not necessary to memorize all the + Handbook, the PR handling + guide, and the Committer's + Guide. While it's not necessary to memorize all the details, every committer needs to have an overview of these things to be an effective part of the community (and avoid as many rookie mistakes as possible). @@ -133,101 +139,108 @@ Selecting a mentee - There is no defined rule for what makes a candidate ready; it - can be a combination of number of PRs they have submitted to - GNATS, the number of ports maintained, - frequency of ports updates and/or level of participation in a - particular area of interest, e.g. GNOME, - KDE, Gecko - or others. - - A candidate should have almost no timeouts, be responsive to - requests, and generally helpful in supporting their ports. + There is no defined rule for what makes a candidate ready; + it can be a combination of number of PRs they have submitted + to GNATS, the number of ports + maintained, frequency of ports updates and/or level of + participation in a particular area of interest, e.g. + GNOME, + KDE, + Gecko or others. + + A candidate should have almost no timeouts, be responsive + to requests, and generally helpful in supporting their + ports. There must be a history of commitment, as it is widely - understood that training a committer requires time and effort. If - somebody has been around longer, and spent the time observing how - things are done, there is some anticipation of accumulated - knowledge. All too often we have seen a maintainer submit a few - PRs, show up in IRC and ask when they will be given a commit - bit. - - Being subscribed to, and following the mailing lists is very - beneficial. There is no real expectation that submitting posts on - the lists will make somebody a committer, but it demonstrates a - commitment. Some mails offer insights into the knowledge of a - candidate as well how they interact with others. - Similarly participating in IRC can give somebody a + understood that training a committer requires time and effort. + If somebody has been around longer, and spent the time + observing how things are done, there is some anticipation of + accumulated knowledge. All too often we have seen a + maintainer submit a few PRs, show up in IRC and ask when they + will be given a commit bit. + + Being subscribed to, and following the mailing lists is + very beneficial. There is no real expectation that submitting + posts on the lists will make somebody a committer, but it + demonstrates a commitment. Some mails offer insights into the + knowledge of a candidate as well how they interact with + others. Similarly participating in IRC can give somebody a higher profile. - Ask six different committers how many PRs a maintainer should - submit prior to being nominated, and you will get six different - answers. Ask those same individuals how long somebody should have - been participating, same dilemma. How many ports should they have - at a minimum? Now we have a bikeshed! Some things are just hard - to quantify, a mentor will just have to use their best judgement, - and hope that portmgr agrees. + Ask six different committers how many PRs a maintainer + should submit prior to being nominated, and you will get six + different answers. Ask those same individuals how long + somebody should have been participating, same dilemma. How + many ports should they have at a minimum? Now we have a + bikeshed! Some things are just hard to quantify, a mentor + will just have to use their best judgement, and hope that + portmgr agrees. Mentorship duration As the trust level develops and grows, the mentee may be - granted implicit commit rights. This can include - trivial changes to a Makefile, + granted implicit commit rights. This can + include trivial changes to a Makefile, pkg-descr etc. Similarly, it may include PORTVERSION updates that do not include plist changes. Other circumstances may be - formulated at the discretion of the Mentor. However, during the - period of mentorship, a port version bump that affects dependent - ports should be checked by a mentor. + formulated at the discretion of the Mentor. However, during + the period of mentorship, a port version bump that affects + dependent ports should be checked by a mentor. Just as we are all varied individuals, each mentee has - different learning curves, time commitments, and other influencing - factors that will contribute to the time required before they can - fly solo. Empirically, a mentee should be observed - for at least 3 months. 90-100 commits is another target that a - mentor could use before releasing a mentee. Other factors to - consider prior releasing a mentee are the number of mistakes they - may have made, QATs received etc. If they are still making rookie - mistakes, they still require mentor guidance. + different learning curves, time commitments, and other + influencing factors that will contribute to the time required + before they can fly solo. Empirically, a + mentee should be observed for at least 3 months. 90-100 + commits is another target that a mentor could use before + releasing a mentee. Other factors to consider prior releasing + a mentee are the number of mistakes they may have made, QATs + received etc. If they are still making rookie mistakes, they + still require mentor guidance. Mentor/Co-Mentor debate When a request gets to portmgr, it usually reads as, - I propose 'foo' for a ports commit bit, I will co-mentor - with 'bar'. Proposal received, voted, and carried. + I propose 'foo' for a ports commit bit, I will + co-mentor with 'bar'. Proposal received, voted, and + carried. The mentor is the primary point of contact or the - first among equals, the co-mentor is the backup. + first among equals, the co-mentor is the + backup. Some reprobate, whose name shall be withheld, made the - - first recorded co-mentor commit. Similar co-mentor commits - have also been spotted in the src tree. Does this make it right? - Does this make it wrong? It seems to be part of the evolution of - how things are done. + + first recorded co-mentor commit. Similar co-mentor + commits have also been spotted in the src tree. Does this + make it right? Does this make it wrong? It seems to be part + of the evolution of how things are done. Expectations - We expect mentees to be prepared for constructive criticism - from the community. There's still a lot of lore - that isn't written down. Responding well to constructive criticism - is what we hope we are selecting for by first reviewing their - existing contributions on IRC and mailing lists. - - We warn mentees that some of the criticism they receive may be - less constructive than others, (whether through - language communication problems, or excessive nit-picking), and - that dealing with this gracefully is just part of being in a large - community. In case of specific problems with specific people, or - any questions, we hope that they will approach a portmgr member on - IRC or by email. - + We expect mentees to be prepared for constructive + criticism from the community. There's still a lot of + lore that isn't written down. Responding well + to constructive criticism is what we hope we are selecting for + by first reviewing their existing contributions on IRC and + mailing lists. + + We warn mentees that some of the criticism they receive + may be less constructive than others, (whether + through language communication problems, or excessive + nit-picking), and that dealing with this gracefully is just + part of being in a large community. In case of specific + problems with specific people, or any questions, we hope that + they will approach a portmgr member on IRC or by email.
            From owner-svn-doc-all@FreeBSD.ORG Sat May 24 15:13:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7B6C5303; Sat, 24 May 2014 15:13:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5C8382381; Sat, 24 May 2014 15:13:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4OFDAgH046917; Sat, 24 May 2014 15:13:10 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4OFDAm1046916; Sat, 24 May 2014 15:13:10 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405241513.s4OFDAm1046916@svn.freebsd.org> From: Benedict Reuschling Date: Sat, 24 May 2014 15:13:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44934 - head/en_US.ISO8859-1/articles/port-mentor-guidelines X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 May 2014 15:13:10 -0000 Author: bcr Date: Sat May 24 15:13:09 2014 New Revision: 44934 URL: http://svnweb.freebsd.org/changeset/doc/44934 Log: Remove contractions, capitalize titles and rephrase one sentence to avoid the use of "e.g.". Modified: head/en_US.ISO8859-1/articles/port-mentor-guidelines/article.xml Modified: head/en_US.ISO8859-1/articles/port-mentor-guidelines/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/port-mentor-guidelines/article.xml Sat May 24 15:05:41 2014 (r44933) +++ head/en_US.ISO8859-1/articles/port-mentor-guidelines/article.xml Sat May 24 15:13:09 2014 (r44934) @@ -26,7 +26,7 @@             - Guideline for Mentor/Mentee relationships + Guideline for Mentor/Mentee Relationships This section is intended to help demystify the mentoring process, as well as a way to openly promote a @@ -38,7 +38,7 @@ assurance of the product we call the Ports Tree. - Why mentor? + Why Mentor? @@ -130,20 +130,20 @@ xlink:href="&url.articles.pr-guidelines;">PR handling guide, and the Committer's - Guide. While it's not necessary to memorize all the + Guide. While it is not necessary to memorize all the details, every committer needs to have an overview of these things to be an effective part of the community (and avoid as many rookie mistakes as possible). - Selecting a mentee + Selecting a Mentee There is no defined rule for what makes a candidate ready; it can be a combination of number of PRs they have submitted to GNATS, the number of ports maintained, frequency of ports updates and/or level of - participation in a particular area of interest, e.g. + participation in a particular area of interest like GNOME, KDE, Gecko or others. @@ -179,7 +179,7 @@ - Mentorship duration + Mentorship Duration As the trust level develops and grows, the mentee may be granted implicit commit rights. This can @@ -204,7 +204,7 @@ - Mentor/Co-Mentor debate + Mentor/Co-Mentor Debate When a request gets to portmgr, it usually reads as, I propose 'foo' for a ports commit bit, I will @@ -229,7 +229,7 @@ We expect mentees to be prepared for constructive criticism from the community. There's still a lot of - lore that isn't written down. Responding well + lore that is not written down. Responding well to constructive criticism is what we hope we are selecting for by first reviewing their existing contributions on IRC and mailing lists. From owner-svn-doc-all@FreeBSD.ORG Sat May 24 15:24:59 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0C58D450; Sat, 24 May 2014 15:24:59 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EDE83243C; Sat, 24 May 2014 15:24:58 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4OFOw2C051568; Sat, 24 May 2014 15:24:58 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4OFOwHZ051567; Sat, 24 May 2014 15:24:58 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405241524.s4OFOwHZ051567@svn.freebsd.org> From: Benedict Reuschling Date: Sat, 24 May 2014 15:24:58 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44935 - head/en_US.ISO8859-1/articles/nanobsd X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 May 2014 15:24:59 -0000 Author: bcr Date: Sat May 24 15:24:58 2014 New Revision: 44935 URL: http://svnweb.freebsd.org/changeset/doc/44935 Log: Remove redundant markup and words around filename tags. Sprinkle capitalizations over title tags to make igor happy. Whitespace fixes will follow next. Modified: head/en_US.ISO8859-1/articles/nanobsd/article.xml Modified: head/en_US.ISO8859-1/articles/nanobsd/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/nanobsd/article.xml Sat May 24 15:13:09 2014 (r44934) +++ head/en_US.ISO8859-1/articles/nanobsd/article.xml Sat May 24 15:24:58 2014 (r44935) @@ -86,7 +86,7 @@ NanoBSD Howto - The design of NanoBSD + The Design of NanoBSD Once the image is present on the medium, it is possible to boot NanoBSD. The mass storage @@ -121,7 +121,7 @@ are expected to persist after the system restarts. - Making persistent changes to <filename>/etc/resolv.conf</filename> + Making Persistent Changes to <filename>/etc/resolv.conf</filename> &prompt.root; vi /etc/resolv.conf [...] @@ -140,13 +140,13 @@ all times is not a good idea, especially if the NanoBSD system runs off a mass storage medium that may be adversely affected by a large number - of writes to the partition (i.e. when the filesystem syncer + of writes to the partition (like when the filesystem syncer flushes data to the system disks). - Building a NanoBSD image + Building a NanoBSD Image A NanoBSD image is built using a simple nanobsd.sh shell script, which can @@ -186,7 +186,7 @@ - Customizing a NanoBSD image + Customizing a NanoBSD Image This is probably the most important and most interesting feature of NanoBSD. This is also @@ -195,7 +195,7 @@ Invocation of the following command will force the nanobsd.sh to read its configuration from - the myconf.nano file located in the current + myconf.nano located in the current directory: &prompt.root; sh nanobsd.sh -c myconf.nano @@ -213,7 +213,7 @@ - Configuration options + Configuration Options With configuration settings, it is possible to configure options passed to both the buildworld @@ -264,14 +264,14 @@ FlashDevice — Defines what type of - media to use. Check the FlashDevice.sub - file for more details. + media to use. Check FlashDevice.sub + for more details. - Custom functions + Custom Functions It is possible to fine-tune NanoBSD using shell functions in @@ -322,7 +322,7 @@ customize_cmd cust_etc_size - Adding packages + Adding Packages Packages can be added to a NanoBSD image using a custom function. The following function will install @@ -339,7 +339,7 @@ customize_cmd install_packages - Configuration file example + Configuration File Example A complete example of a configuration file for building a custom NanoBSD image can be: @@ -414,7 +414,7 @@ customize_cmd cust_nobeastieThe most important difference of this step from the initial NanoBSD installation is that - now instead of using the _.disk.full file + now instead of using _.disk.full (which contains an image of the entire disk), the _.disk.image image is installed (which contains an image of a single system partition). From owner-svn-doc-all@FreeBSD.ORG Sat May 24 15:33:59 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F221A680; Sat, 24 May 2014 15:33:58 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DE5A824E3; Sat, 24 May 2014 15:33:58 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4OFXwOt055882; Sat, 24 May 2014 15:33:58 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4OFXw6s055881; Sat, 24 May 2014 15:33:58 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405241533.s4OFXw6s055881@svn.freebsd.org> From: Benedict Reuschling Date: Sat, 24 May 2014 15:33:58 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44936 - head/en_US.ISO8859-1/articles/nanobsd X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 May 2014 15:33:59 -0000 Author: bcr Date: Sat May 24 15:33:58 2014 New Revision: 44936 URL: http://svnweb.freebsd.org/changeset/doc/44936 Log: Whitespace cleanup (translators can ignore): Wrap long lines, replace spaces with tabs and fix bad tag indentation. Modified: head/en_US.ISO8859-1/articles/nanobsd/article.xml Modified: head/en_US.ISO8859-1/articles/nanobsd/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/nanobsd/article.xml Sat May 24 15:24:58 2014 (r44935) +++ head/en_US.ISO8859-1/articles/nanobsd/article.xml Sat May 24 15:33:58 2014 (r44936) @@ -1,9 +1,10 @@ -
            - Introduction to NanoBSD - +
            + Introduction to NanoBSD DanielGerzo @@ -24,10 +25,11 @@ $FreeBSD$ - This document provides information about - the NanoBSD tools, which can be used to - create &os; system images for embedded applications, suitable for - use on a Compact Flash card (or other mass storage medium). + This document provides information about the + NanoBSD tools, which can be used to + create &os; system images for embedded applications, suitable + for use on a Compact Flash card (or other mass storage + medium). @@ -37,47 +39,50 @@ NanoBSD NanoBSD is a tool currently - developed by &a.phk.email;. It creates a &os; system image for embedded - applications, suitable for use on a Compact Flash card (or other - mass storage medium). - - It can be used to build specialized install images, designed for - easy installation and maintenance of systems commonly - called computer appliances. Computer appliances have - their hardware and software bundled in the product, which means all - applications are pre-installed. The appliance is plugged into an - existing network and can begin working (almost) immediately. + developed by &a.phk.email;. It creates a &os; system image for + embedded applications, suitable for use on a Compact Flash card + (or other mass storage medium). + + It can be used to build specialized install images, designed + for easy installation and maintenance of systems commonly called + computer appliances. Computer appliances have + their hardware and software bundled in the product, which means + all applications are pre-installed. The appliance is plugged + into an existing network and can begin working (almost) + immediately. - The features of NanoBSD include: + The features of NanoBSD + include: Ports and packages work as in &os; — Every single - application can be installed and used in - a NanoBSD image, the same way as in + application can be installed and used in a + NanoBSD image, the same way as in &os;. No missing functionality — If it is possible to do - something with &os;, it is possible to do the same thing with - NanoBSD, unless the specific feature - or features were explicitly removed from - the NanoBSD image when it was + something with &os;, it is possible to do the same thing + with NanoBSD, unless the specific + feature or features were explicitly removed from the + NanoBSD image when it was created. - Everything is read-only at run-time — It is safe to - pull the power-plug. There is no necessity to run - &man.fsck.8; after a non-graceful shutdown of the system. + Everything is read-only at run-time — It is safe + to pull the power-plug. There is no necessity to run + &man.fsck.8; after a non-graceful shutdown of the + system. - Easy to build and customize — Making use of just one - shell script and one configuration file it is possible to - build reduced and customized images satisfying any arbitrary set of - requirements. + Easy to build and customize — Making use of just + one shell script and one configuration file it is possible + to build reduced and customized images satisfying any + arbitrary set of requirements. @@ -121,7 +126,8 @@ are expected to persist after the system restarts. - Making Persistent Changes to <filename>/etc/resolv.conf</filename> + Making Persistent Changes to + <filename>/etc/resolv.conf</filename> &prompt.root; vi /etc/resolv.conf [...] @@ -136,24 +142,24 @@ only at boot time and while overriding the configuration files. - Keeping /cfg mounted at - all times is not a good idea, especially if - the NanoBSD system runs off a mass - storage medium that may be adversely affected by a large number - of writes to the partition (like when the filesystem syncer - flushes data to the system disks). + Keeping /cfg mounted at all times + is not a good idea, especially if the + NanoBSD system runs off a mass + storage medium that may be adversely affected by a large + number of writes to the partition (like when the filesystem + syncer flushes data to the system disks). Building a NanoBSD Image - A NanoBSD image is built using a - simple nanobsd.sh shell script, which can - be found in the + A NanoBSD image is built using + a simple nanobsd.sh shell script, which + can be found in the /usr/src/tools/tools/nanobsd - directory. This script creates an image, which can be copied on - the storage medium using the &man.dd.1; utility. + directory. This script creates an image, which can be copied + on the storage medium using the &man.dd.1; utility. The necessary commands to build a NanoBSD image are: @@ -165,8 +171,9 @@ - Change the current directory to the base directory of the - NanoBSD build script. + Change the current directory to the base directory of + the NanoBSD build + script. @@ -174,8 +181,8 @@ - Change the current directory to the place where the built - images are located. + Change the current directory to the place where the + built images are located. @@ -215,20 +222,21 @@ Configuration Options - With configuration settings, it is possible to configure options - passed to both the buildworld - and installworld stages of the - NanoBSD build process, as well as internal - options passed to the main build process of - NanoBSD. Through these options it is - possible to cut the system down, so it will fit on as little as - 64MB. You can use the configuration options to trim down &os; even - more, until it will consists of just the kernel and two or three - files in the userland. - - The configuration file consists of configuration options, - which override the default values. The most important - directives are: + With configuration settings, it is possible to configure + options passed to both the + buildworld and + installworld stages of the + NanoBSD build process, as well as + internal options passed to the main build process of + NanoBSD. Through these options + it is possible to cut the system down, so it will fit on as + little as 64MB. You can use the configuration options to + trim down &os; even more, until it will consists of just the + kernel and two or three files in the userland. + + The configuration file consists of configuration + options, which override the default values. The most + important directives are: @@ -237,35 +245,39 @@ - NANO_SRC — Path to the source - tree used to build the image. + NANO_SRC — Path to the + source tree used to build the image. - NANO_KERNEL — Name of kernel - configuration file used to build kernel. + NANO_KERNEL — Name of + kernel configuration file used to build kernel. CONF_BUILD — Options passed - to the buildworld stage of the build. + to the buildworld stage of + the build. - CONF_INSTALL — Options passed - to the installworld stage of the build. + CONF_INSTALL — Options + passed to the installworld + stage of the build. - CONF_WORLD — Options passed to both - the buildworld and - the installworld stage of the build. + CONF_WORLD — Options passed + to both the buildworld and + the installworld stage of the + build. - FlashDevice — Defines what type of - media to use. Check FlashDevice.sub - for more details. + FlashDevice — Defines what + type of media to use. Check + FlashDevice.sub for more + details. @@ -275,19 +287,18 @@ It is possible to fine-tune NanoBSD using shell functions in - the configuration file. The following example illustrates the - basic model of custom functions: + the configuration file. The following example illustrates + the basic model of custom functions: - cust_foo () ( + cust_foo () ( echo "bar=baz" > \ ${NANO_WORLDDIR}/etc/foo ) customize_cmd cust_foo - A more useful example of a customization function is the - following, which changes the default size of the - /etc directory - from 5MB to 30MB: + A more useful example of a customization function is the + following, which changes the default size of the + /etc directory from 5MB to 30MB: cust_etc_size () ( cd ${NANO_WORLDDIR}/conf @@ -295,20 +306,22 @@ customize_cmd cust_foo ) customize_cmd cust_etc_size - There are a few default pre-defined customization functions - ready for use: + There are a few default pre-defined customization + functions ready for use: cust_comconsole — Disables - &man.getty.8; on the VGA devices - (the /dev/ttyv* device nodes) and enables - the use of the COM1 serial port as the system console. + &man.getty.8; on the VGA devices (the + /dev/ttyv* device nodes) and + enables the use of the COM1 serial port as the system + console. cust_allow_ssh_root — Allow - root to login via &man.sshd.8;. + root to login + via &man.sshd.8;. @@ -324,9 +337,10 @@ customize_cmd cust_etc_size Adding Packages - Packages can be added to a NanoBSD - image using a custom function. The following function will install - all the packages located in + Packages can be added to a + NanoBSD image using a custom + function. The following function will install all the + packages located in /usr/src/tools/tools/nanobsd/packages: install_packages () ( @@ -341,8 +355,9 @@ customize_cmd install_packages Configuration File Example - A complete example of a configuration file for building a - custom NanoBSD image can be: + A complete example of a configuration file for building + a custom NanoBSD image can + be: NANO_NAME=custom NANO_SRC=/usr/src @@ -399,25 +414,27 @@ customize_cmd cust_nobeastie Updating NanoBSD - The update process of NanoBSD is - relatively simple: + The update process of NanoBSD + is relatively simple: - Build a new NanoBSD image, as - usual. + Build a new NanoBSD image, + as usual. Upload the new image into an unused partition of a - running NanoBSD appliance. + running NanoBSD + appliance. The most important difference of this step from the - initial NanoBSD installation is that - now instead of using _.disk.full - (which contains an image of the entire disk), - the _.disk.image image is installed (which - contains an image of a single system partition). + initial NanoBSD installation is + that now instead of using _.disk.full + (which contains an image of the entire disk), the + _.disk.image image is installed + (which contains an image of a single system + partition). @@ -431,18 +448,18 @@ customize_cmd cust_nobeastie If anything goes wrong, reboot back into the previous - partition (which contains the old, working image), to restore system - functionality as fast as possible. Fix any problems of the new - build, and repeat the process. + partition (which contains the old, working image), to + restore system functionality as fast as possible. Fix any + problems of the new build, and repeat the process. To install new image onto the running - NanoBSD system, it is possible to use - either the updatep1 or + NanoBSD system, it is possible to + use either the updatep1 or updatep2 script located in the - /root directory, depending - from which partition is running the current system. + /root directory, depending from which + partition is running the current system. According to which services are available on host serving new NanoBSD image and what type of @@ -471,8 +488,8 @@ get _.disk.image "| sh updatep1" Using &man.nc.1; - Try this example if the remote host is not running neither - &man.ftpd.8; or &man.sshd.8; service: + Try this example if the remote host is not running + neither &man.ftpd.8; or &man.sshd.8; service: @@ -488,6 +505,7 @@ get _.disk.image "| sh updatep1" + Connect to the host serving new image and execute updatep1 script: From owner-svn-doc-all@FreeBSD.ORG Sat May 24 15:39:45 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9E418769; Sat, 24 May 2014 15:39:45 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 71930250E; Sat, 24 May 2014 15:39:45 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4OFdjgZ056646; Sat, 24 May 2014 15:39:45 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4OFdjpi056645; Sat, 24 May 2014 15:39:45 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405241539.s4OFdjpi056645@svn.freebsd.org> From: Benedict Reuschling Date: Sat, 24 May 2014 15:39:45 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44937 - head/en_US.ISO8859-1/articles/laptop X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 May 2014 15:39:45 -0000 Author: bcr Date: Sat May 24 15:39:44 2014 New Revision: 44937 URL: http://svnweb.freebsd.org/changeset/doc/44937 Log: Remove redundant markup and words around filename tags and capitalize titles. Modified: head/en_US.ISO8859-1/articles/laptop/article.xml Modified: head/en_US.ISO8859-1/articles/laptop/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/laptop/article.xml Sat May 24 15:33:58 2014 (r44936) +++ head/en_US.ISO8859-1/articles/laptop/article.xml Sat May 24 15:39:44 2014 (r44937) @@ -86,7 +86,7 @@ Option "Emulate3Buttons" - in the xorg.conf file in the InputDevice + in xorg.conf in the InputDevice section. @@ -108,7 +108,7 @@ - PCMCIA (PC Card) devices + PCMCIA (PC Card) Devices Most laptops come with PCMCIA (also called PC Card) slots; these are supported fine under FreeBSD. Look through @@ -127,7 +127,7 @@ particular most modems (16-bit) should work fine, provided they are not winmodems (these do exist even as PC Cards, so watch out). If your card is recognised as a generic modem, note that the - default pccard.conf file specifies a delay time of 10 seconds + default pccard.conf specifies a delay time of 10 seconds (to avoid freezes on certain modems); this may well be over-cautious for your modem, so you may want to play with it, reducing it or removing it totally. @@ -157,7 +157,7 @@ - Power management + Power Management Unfortunately, this is not very reliably supported under FreeBSD. If you are lucky, some functions may work reliably; From owner-svn-doc-all@FreeBSD.ORG Sat May 24 15:52:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3A3C0D1E; Sat, 24 May 2014 15:52:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 260C3264F; Sat, 24 May 2014 15:52:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4OFqA38064581; Sat, 24 May 2014 15:52:10 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4OFqANM064580; Sat, 24 May 2014 15:52:10 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405241552.s4OFqANM064580@svn.freebsd.org> From: Benedict Reuschling Date: Sat, 24 May 2014 15:52:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44938 - head/en_US.ISO8859-1/articles/laptop X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 May 2014 15:52:10 -0000 Author: bcr Date: Sat May 24 15:52:09 2014 New Revision: 44938 URL: http://svnweb.freebsd.org/changeset/doc/44938 Log: Whitespace fixes, translators can ignore these. Modified: head/en_US.ISO8859-1/articles/laptop/article.xml Modified: head/en_US.ISO8859-1/articles/laptop/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/laptop/article.xml Sat May 24 15:39:44 2014 (r44937) +++ head/en_US.ISO8859-1/articles/laptop/article.xml Sat May 24 15:52:09 2014 (r44938) @@ -1,15 +1,17 @@ -
            - FreeBSD on Laptops - +
            + + FreeBSD on Laptops FreeBSD works fine on most laptops, with a few caveats. - Some issues specific to running FreeBSD on laptops, relating - to different hardware requirements from desktops, are - discussed below. + Some issues specific to running FreeBSD on laptops, relating + to different hardware requirements from desktops, are + discussed below. @@ -24,57 +26,59 @@ $FreeBSD$ - FreeBSD is often thought of as a server operating system, but - it works just fine on the desktop, and if you want to use it on - your laptop you can enjoy all the usual benefits: systematic - layout, easy administration and upgrading, the ports/packages - system for adding software, and so on. (Its other benefits, - such as stability, network performance, and performance under - a heavy load, may not be obvious on a laptop, of course.) - However, installing it on laptops often involves problems which - are not encountered on desktop machines and are not commonly - discussed (laptops, even more than desktops, are fine-tuned for - µsoft.windows;). This article aims to discuss some of these - issues. Several people have also documented their experiences - with &os; on specific laptop models on webpages which are not - part of the &os; documentation. You might very well find some - information if you type the name of your laptop model and the - word &os; into a search engine of your - choice. Additionally there is a &os;-specific online database - which aims to give information on hardware issues with laptops, - The &os; - Laptop Compatibility List. - - If you want to communicate with other &os; laptop users, - check out the &a.mobile.name; list. You can also get additional - information about using Laptops on &os; at - http://tuxmobil.org/mobile_bsd.html. + FreeBSD is often thought of as a server operating system, but + it works just fine on the desktop, and if you want to use it on + your laptop you can enjoy all the usual benefits: systematic + layout, easy administration and upgrading, the ports/packages + system for adding software, and so on. (Its other benefits, such + as stability, network performance, and performance under a heavy + load, may not be obvious on a laptop, of course.) However, + installing it on laptops often involves problems which are not + encountered on desktop machines and are not commonly discussed + (laptops, even more than desktops, are fine-tuned for + µsoft.windows;). This article aims to discuss some of these + issues. Several people have also documented their experiences + with &os; on specific laptop models on webpages which are not part + of the &os; documentation. You might very well find some + information if you type the name of your laptop model and the word + &os; into a search engine of your choice. + Additionally there is a &os;-specific online database which aims + to give information on hardware issues with laptops, The &os; Laptop + Compatibility List. + + If you want to communicate with other &os; laptop users, check + out the &a.mobile.name; list. You can also get additional + information about using Laptops on &os; at http://tuxmobil.org/mobile_bsd.html. &xorg; - Recent versions of &xorg; work with most display adapters - available on laptops these days. Acceleration may not be - supported, but a generic SVGA configuration should work. - - Check your laptop documentation for which card you have, - and check in the &xorg; documentation - to see whether it is specifically supported. If it is not, use - a generic device (do not go for a name which just looks - similar). You can try your luck - with the command Xorg -configure - which auto-detects a lot of configurations. + Recent versions of &xorg; work + with most display adapters available on laptops these days. + Acceleration may not be supported, but a generic SVGA + configuration should work. + + Check your laptop documentation for which card you have, and + check in the &xorg; documentation to + see whether it is specifically supported. If it is not, use a + generic device (do not go for a name which just looks similar). + You can try your luck with the command Xorg + -configure which auto-detects a lot of + configurations. The problem often is configuring the monitor. Common - resources for &xorg; focus on CRT monitors; getting a - suitable modeline for an LCD display may be tricky. You may - be lucky and not need to specify a modeline, or just need to - specify suitable HorizSync and VertRefresh ranges. If that - does not work, the best option is to check web resources - devoted to configuring X on laptops (these are often - Linux oriented sites but it does not matter because both systems - use &xorg;) and copy a modeline posted by someone for similar - hardware. + resources for &xorg; focus on CRT + monitors; getting a suitable modeline for an LCD display may be + tricky. You may be lucky and not need to specify a modeline, or + just need to specify suitable HorizSync and + VertRefresh ranges. If that does not work, + the best option is to check web resources devoted to configuring + X on laptops (these are often Linux oriented sites but it does + not matter because both systems use + &xorg;) and copy a modeline posted by + someone for similar hardware. Most laptops come with two buttons on their pointing devices, which is rather problematic in X (since the middle @@ -82,55 +86,53 @@ simultaneous left-right click in your X configuration to a middle button click with the line - - Option "Emulate3Buttons" - + Option "Emulate3Buttons" - in xorg.conf in the InputDevice - section. + in xorg.conf in the + InputDevice section. Modems - - Laptops usually come with internal (on-board) modems. + + Laptops usually come with internal (on-board) modems. Unfortunately, this almost always means they are - winmodems whose - functionality is implemented in software, for which only &windows; - drivers are normally available (though a few drivers are beginning - to show up for other operating systems; for example, if your modem has a Lucent LT chipset it might be supported by the comms/ltmdm port). If that is the case, you + winmodems whose functionality is implemented in + software, for which only &windows; drivers are normally + available (though a few drivers are beginning to show up for + other operating systems; for example, if your modem has a Lucent + LT chipset it might be supported by the + comms/ltmdm port). If that is the case, you need to buy an external modem: the most compact option is - probably a PC Card (PCMCIA) modem, discussed below, but - serial or USB modems may be cheaper. Generally, regular - modems (non-winmodems) should work fine. - + probably a PC Card (PCMCIA) modem, discussed below, but serial + or USB modems may be cheaper. Generally, regular modems + (non-winmodems) should work fine. PCMCIA (PC Card) Devices - Most laptops come with PCMCIA (also called PC Card) - slots; these are supported fine under FreeBSD. Look through - your boot-up messages (using &man.dmesg.8;) and see whether these were - detected correctly (they should appear as - pccard0, - pccard1 etc on devices like - pcic0). + Most laptops come with PCMCIA (also called PC Card) slots; + these are supported fine under FreeBSD. Look through your + boot-up messages (using &man.dmesg.8;) and see whether these + were detected correctly (they should appear as + pccard0, pccard1 etc + on devices like pcic0). &os; 4.X supports 16-bit PCMCIA cards, and - &os; 5.X supports both 16-bit and - 32-bit (CardBus) cards. A database of supported - cards is in the file /etc/defaults/pccard.conf. - Look through it, and preferably buy cards listed there. Cards not - listed may also work as generic devices: in + &os; 5.X supports both 16-bit and 32-bit + (CardBus) cards. A database of supported cards + is in the file /etc/defaults/pccard.conf. + Look through it, and preferably buy cards listed there. Cards + not listed may also work as generic devices: in particular most modems (16-bit) should work fine, provided they - are not winmodems (these do exist even as PC Cards, so watch out). - If your card is recognised as a generic modem, note that the - default pccard.conf specifies a delay time of 10 seconds - (to avoid freezes on certain modems); this may well be - over-cautious for your modem, so you may want to play with it, - reducing it or removing it totally. + are not winmodems (these do exist even as PC Cards, so watch + out). If your card is recognised as a generic modem, note that + the default pccard.conf specifies a delay + time of 10 seconds (to avoid freezes on certain modems); this + may well be over-cautious for your modem, so you may want to + play with it, reducing it or removing it totally. Some parts of pccard.conf may need editing. Check the irq line, and be sure to remove any number @@ -138,20 +140,20 @@ card, remove irq 5 (otherwise you may experience hangs when you insert a card). Check also the available memory slots; if your card is not being detected, try changing it to one of the other - allowed values (listed in the manual page &man.pccardc.8;). - + allowed values (listed in the manual page + &man.pccardc.8;). - If it is not running already, start the &man.pccardd.8; daemon. - (To enable it at boot time, add + If it is not running already, start the &man.pccardd.8; + daemon. (To enable it at boot time, add pccard_enable="YES" to /etc/rc.conf.) Now your cards should be detected when you insert and remove them, and you should get log messages about new devices being enabled. - There have been major changes to the pccard code - (including ISA routing of interrupts, for machines where - &os; is not able to use the PCI BIOS) before the &os; 4.4 - release. If you have problems, try upgrading your system. + There have been major changes to the pccard code (including + ISA routing of interrupts, for machines where &os; is not able + to use the PCI BIOS) before the &os; 4.4 release. If you + have problems, try upgrading your system. @@ -203,33 +205,32 @@ /etc/rc.conf. You may also want start the &man.apmd.8; daemon by adding apmd_enable="YES" to - /etc/rc.conf, which takes care of - various APM events that are posted to the BIOS, so you can - have your laptop suspend/resume by pressing some function - key on the keyboard or by closing/opening the lid. - - The APM commands are listed in the &man.apm.8; manual page. - For instance, apm -b gives you battery - status (or 255 if not supported), apm -Z - puts the laptop on standby, apm -z (or - zzz) suspends it. To shutdown and power - off the machine, use shutdown -p. Again, - some or all of these functions may not work very well or at - all. + /etc/rc.conf, which takes care of various + APM events that are posted to the BIOS, so you can have your + laptop suspend/resume by pressing some function key on the + keyboard or by closing/opening the lid. + + The APM commands are listed in the &man.apm.8; manual + page. For instance, apm -b gives you + battery status (or 255 if not supported), apm + -Z puts the laptop on standby, apm + -z (or zzz) suspends it. To + shutdown and power off the machine, use shutdown + -p. Again, some or all of these functions may not + work very well or at all. You may find that laptop suspension/standby works in console mode but not under X (that is, the screen does not come on again); if you are running &os; 5.X, one solution for this might be to put options - SC_NO_SUSPEND_VTYSWITCH - in your kernel configuration file and recompile your kernel. - Another workaround is to switch to a virtual console (using - CtrlAltF1 - or another function key) and then execute &man.apm.8;. - You can automate this with &man.vidcontrol.1;, if you are - running &man.apmd.8;. Simply edit - /etc/apmd.conf and change it to - this: + SC_NO_SUSPEND_VTYSWITCH in your kernel + configuration file and recompile your kernel. Another + workaround is to switch to a virtual console (using CtrlAltF1 + or another function key) and then execute &man.apm.8;. You + can automate this with &man.vidcontrol.1;, if you are running + &man.apmd.8;. Simply edit /etc/apmd.conf + and change it to this: apm_event SUSPENDREQ { exec "vidcontrol -s 1 < /dev/console"; @@ -274,26 +275,25 @@ apm_event NORMRESUME, STANDBYRESUME { If you want to disable ACPI simply add hint.acpi.0.disabled="1" to - /boot/device.hints. You can disable - ACPI temporarily at the boot loader prompt by issuing + /boot/device.hints. You can disable ACPI + temporarily at the boot loader prompt by issuing unset acpi_load if you are having problems booting an ACPI enabled machine. &os; 5.1-RELEASE and later come with a boot-time menu that controls how &os; is booted. One of the proposed options is to turn off ACPI. So - to disable ACPI just select 2. Boot &os; with ACPI - disabled in the menu. + to disable ACPI just select 2. Boot &os; with + ACPI disabled in the menu. Display Power Management - The X window system (&xorg;) also includes display power - management (look at the &man.xset.1; manual page, and search for - dpms there). You may want to investigate this. However, this, - too, works inconsistently on laptops: it - often turns off the display but does not turn off the - backlight. + The X window system (&xorg;) + also includes display power management (look at the + &man.xset.1; manual page, and search for dpms + there). You may want to investigate this. However, this, + too, works inconsistently on laptops: it often turns off the + display but does not turn off the backlight. -
            From owner-svn-doc-all@FreeBSD.ORG Sat May 24 15:57:27 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5E636DEB; Sat, 24 May 2014 15:57:27 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BCF42681; Sat, 24 May 2014 15:57:27 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4OFvRuS065295; Sat, 24 May 2014 15:57:27 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4OFvRL2065294; Sat, 24 May 2014 15:57:27 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405241557.s4OFvRL2065294@svn.freebsd.org> From: Benedict Reuschling Date: Sat, 24 May 2014 15:57:27 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44939 - head/en_US.ISO8859-1/articles/laptop X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 May 2014 15:57:27 -0000 Author: bcr Date: Sat May 24 15:57:26 2014 New Revision: 44939 URL: http://svnweb.freebsd.org/changeset/doc/44939 Log: Replace 2 programlisting tags where literal tags are more appropriate. In one instance, a programlisting was inside a para tag, which should be avoided entirely. Luckily, igor checks for those as well. Modified: head/en_US.ISO8859-1/articles/laptop/article.xml Modified: head/en_US.ISO8859-1/articles/laptop/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/laptop/article.xml Sat May 24 15:52:09 2014 (r44938) +++ head/en_US.ISO8859-1/articles/laptop/article.xml Sat May 24 15:57:26 2014 (r44939) @@ -83,13 +83,10 @@ Most laptops come with two buttons on their pointing devices, which is rather problematic in X (since the middle button is commonly used to paste text); you can map a - simultaneous left-right click in your X configuration to - a middle button click with the line - - Option "Emulate3Buttons" - - in xorg.conf in the - InputDevice section. + simultaneous left-right click in your X configuration to a + middle button click with the line Option + "Emulate3Buttons" in xorg.conf + in the InputDevice section. @@ -145,7 +142,7 @@ If it is not running already, start the &man.pccardd.8; daemon. (To enable it at boot time, add - pccard_enable="YES" to + pccard_enable="YES" to /etc/rc.conf.) Now your cards should be detected when you insert and remove them, and you should get log messages about new devices being enabled. From owner-svn-doc-all@FreeBSD.ORG Sat May 24 16:42:03 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 581ED99B; Sat, 24 May 2014 16:42:03 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 450F129F8; Sat, 24 May 2014 16:42:03 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4OGg3Y7087401; Sat, 24 May 2014 16:42:03 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4OGg3BC087400; Sat, 24 May 2014 16:42:03 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201405241642.s4OGg3BC087400@svn.freebsd.org> From: Warren Block Date: Sat, 24 May 2014 16:42:03 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44940 - in head/en_US.ISO8859-1/articles: . cvs-freebsd X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 May 2014 16:42:03 -0000 Author: wblock Date: Sat May 24 16:42:02 2014 New Revision: 44940 URL: http://svnweb.freebsd.org/changeset/doc/44940 Log: Remove obsolete CVS article. Thanks to jmg@ for pointing this out. Deleted: head/en_US.ISO8859-1/articles/cvs-freebsd/ Modified: head/en_US.ISO8859-1/articles/Makefile Modified: head/en_US.ISO8859-1/articles/Makefile ============================================================================== --- head/en_US.ISO8859-1/articles/Makefile Sat May 24 15:57:26 2014 (r44939) +++ head/en_US.ISO8859-1/articles/Makefile Sat May 24 16:42:02 2014 (r44940) @@ -12,7 +12,6 @@ SUBDIR+= contributing-ports SUBDIR+= contributors SUBDIR+= cups SUBDIR+= custom-gcc -SUBDIR+= cvs-freebsd SUBDIR+= explaining-bsd SUBDIR+= fbsd-from-scratch SUBDIR+= filtering-bridges From owner-svn-doc-all@FreeBSD.ORG Fri May 23 11:43:07 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B2616669; Fri, 23 May 2014 11:43:07 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9F02D229B; Fri, 23 May 2014 11:43:07 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4NBh7GG095116; Fri, 23 May 2014 11:43:07 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4NBh7X2095115; Fri, 23 May 2014 11:43:07 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405231143.s4NBh7X2095115@svn.freebsd.org> From: Ryusuke SUZUKI Date: Fri, 23 May 2014 11:43:07 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44913 - head/ja_JP.eucJP/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Sat, 24 May 2014 18:39:45 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 May 2014 11:43:07 -0000 Author: ryusuke Date: Fri May 23 11:43:07 2014 New Revision: 44913 URL: http://svnweb.freebsd.org/changeset/doc/44913 Log: - Merge the following from the English version: r44732 -> r44733 head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Thu May 22 23:21:27 2014 (r44912) +++ head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Fri May 23 11:43:07 2014 (r44913) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r44732 + Original revision: r44733 $FreeBSD$ --> コンパイル する前に /usr/src/Makefile を注意深く読み、 - "world" の再構築 + に書かれている手順に従ってください。 &a.current; と /usr/src/UPDATING を読めば、 次のリリースへ向けて移ってゆくに当たって、 @@ -1257,7 +1257,7 @@ before running "/usr/sbin/freebsd-update 構築、コンパイル する前に、 /usr/src/Makefile を注意深く読み、 - "world" の再構築 + に書かれている手順に従ってください。 &a.stable; と /usr/src/UPDATING を読んで、 次のリリースへ向けて移ってゆくに当たって、 @@ -1341,7 +1341,7 @@ before running "/usr/sbin/freebsd-update - <quote>world</quote> の再構築 + world の再構築 world の再構築 @@ -1387,13 +1387,12 @@ before running "/usr/sbin/freebsd-update - buildworld 前の必要なステップとして、 - 同期しているバージョンのソースの - /usr/src/UPDATING を読んでください。 + /usr/src/UPDATING を読み、 + 同期しているソースのバージョンで必要となるステップがないかどうかを調べて下さい。 このファイルには潜在的な問題や特定のコマンドを実行する順などの重要な情報が含まれています。 - 大きなアップグレードでは、nstallworld - の前に特定のファイルの名前を変更したり、削除するといった、 - 特別なステップが追加で必要となることがあります。 + 大きなアップグレードでは、world + をインストールする前に特定のファイルの名前を変更したり、 + 削除するといった、特別なステップが追加で必要となることがあります。 ファイルの最後には、 現在推奨されているアップグレードの手順が詳しく正確に説明されています。 もし、UPDATING に書かれている手順が、 @@ -1492,14 +1491,27 @@ before running "/usr/sbin/freebsd-update コンパイラとカーネルのミスマッチを防ぐため、 /usr/obj - にある新しいコンパイラを用いて新しいカーネルを構築します。 + にある新しいコンパイラを用いて新しいカーネルを構築します。 + 再構築は、ある種のメモリ構造体が変更されたような場合には必須で、 + pstop + のようなプログラムは、 + カーネルとソースコードのバージョンが一致しないと正常に動作しないでしょう。 &prompt.root; make buildkernel 新しくアップデートされたカーネルで起動できるように、 - 新しいカーネルとカーネルモジュールをディスク上に配置します。 + 新しいカーネルとカーネルモジュールをディスク上に配置します。 + kern.securelevel を 1 より大きくしていて、 + かつ カーネルのバイナリファイルに + noschg のようなフラグを設定している場合は、 + まず、シングルユーザモードに移行してください。 + それ以外の場合は、 + マルチユーザモードでこれらのコマンドを問題なく動かせるはずです。 + kern.securelevel について詳しくは + &man.init.8; を、ファイルに対するさまざまなフラグについて詳しくは + &man.chflags.1; をご覧ください。 &prompt.root; make installkernel @@ -1539,7 +1551,13 @@ before running "/usr/sbin/freebsd-update - 次に、新しい world + システムの再構築では、 + /etc, + /var や + /usr + といったディレクトリに新規に導入されたファイルや、 + 変更された設定ファイルに対する更新は行なわれません。 + 次に、新しい world に対する /etc の最初の設定ファイルのアップデートを行います。 以下のコマンドは @@ -1548,14 +1566,17 @@ before running "/usr/sbin/freebsd-update たとえば、 このステップでは、最後のアップデート後に &os; に追加された、 新しいグループや新しいシステムアカウント、 - もしくはスタートアップスクリプトがシステムに追加されることがあります。 + もしくはスタートアップスクリプトがシステムに追加されることがあります。 + 次のコマンドに関する詳細な情報については、 + を参照してください。 &prompt.root; mergemaster -iF /usr/obj - にある新しい world をインストールします。 + にある新しい world +   およびシステムのバイナリをインストールします。 &prompt.root; cd /usr/src &prompt.root; make installworld @@ -1614,21 +1635,20 @@ before running "/usr/sbin/freebsd-update make.conf - この節では world - の構築のプロセスで使われるコンフィグレーションファイルについて説明します。 + world + の構築プロセスでは、いくつかの設定ファイルが使われます。 - &man.make.1; で利用可能なオプションの説明は &man.make.conf.5; や、 - 共通の例が + make で利用可能なオプションの説明は + &man.make.conf.5; や、共通の例が /usr/share/examples/etc/make.conf にあります。 これらの設定を /etc/make.conf に追加すると、 - &man.make.1; の実行やプログラムの構築方法を設定できます。 + make の実行やプログラムの構築方法を設定できます。 これらのオプションは、 - &man.make.1; が使われる際には常に有効となるため、 + make が使われる際には常に有効となるため、 Ports Collection からアプリケーションをコンパイルする時、 ユーザが書いた C プログラムや &os; - オペレーティングシステムを構築する際に影響を及ぼします。 - - ある設定を変更したことにより、影響が広い範囲におよび、 + オペレーティングシステムを構築する際に影響を及ぼします。 + ある設定を変更したことにより、影響が広い範囲におよび、 驚くべき結果をもたらす可能性があります。 両方のファイルに書かれているコメントを読むことと、 デフォルトの設定は、パフォーマンスと安全性の観点から選ばれていることを覚えておいてください。 @@ -1808,69 +1828,6 @@ Script done, … トリックや近道を使わずに普通に構築した場合、&os.stable; の構築には 1, 2 時間しかかからないでしょう。 &os.current; の構築は、もう少し時間がかかります。 - - - - 新しいカーネルの構築とインストール - - カーネル (kernel) - 構築、コンパイル - - - 新しいシステムの全機能を完全に利用できるようにするには、 - カーネルを再構築してください。 - 再構築は、ある種のメモリ構造体が変更された時には特に必須であり、 - &man.ps.1; や &man.top.1; のようなプログラムは、 - カーネルとソースコードのバージョンが一致しないと正常に動作しないでしょう。 - - 最も簡単で安全にカーネルの再構築を行なう方法は、 - GENERIC - を使ったカーネルを構築・インストールすることです。 - GENERIC - にはあなたが必要とするデバイスがすべて含まれていないかも知れませんが、 - あなたのシステムをシングルユーザモードで - 起動させるのに必要なものはすべて入っています。 - これは新しいバージョンのシステムがきちんと動作するかどうか調べる良い方法の一つです。 - GENERIC で起動して、 - システムが正常に動作しているかどうかを確かめたら、 - カスタムカーネルコンフィグレーションファイルを使って新しいカーネルを構築してください。 - - &os; では、新しいカーネルを構築する前に build world を行うことが重要です。 - - - 既にあるコンフィグレーションファイルを使ってカスタムカーネルを構築するには、 - KERNCONF=MYKERNEL - を使ってください。 - - &prompt.root; cd /usr/src -&prompt.root; make buildkernel KERNCONF=MYKERNEL -&prompt.root; make installkernel KERNCONF=MYKERNEL - - - - kern.securelevel を 1 より大きくしていて、 - かつ カーネルのバイナリファイルに - noschg のようなフラグを設定している場合は、 - installkernel - を行うのにシングルユーザモードに移行してください。 - それ以外の場合は、 - マルチユーザモードでこれらのコマンドを問題なく動かせるはずです。 - kern.securelevel について詳しくは - &man.init.8; を、ファイルの様々なフラグについて詳しくは - &man.chflags.1; をご覧ください。 - - 新しいカーネルが動作するかどうかテストするために、 - シングルユーザモードで再起動してください。 - - - - 新しいシステムバイナリのインストール - - 次に、installworld - を使って新しいシステムバイナリのインストールを行ないます。 - - &prompt.root; cd /usr/src -&prompt.root; make installworld make buildworld @@ -1893,24 +1850,9 @@ Script done, … - - <command>make installworld</command> で更新されないファイルの更新 - - システムの再構築は、いくつかのディレクトリ、 - 特に、/etc や - /var や - /usr において、 - 新規に導入されたり、変更された設定ファイルによる - ファイルの更新は行なわれません。 - - これらのディレクトリのファイルを更新するもっとも簡単な方法は、 - &man.mergemaster.8; を使うことです。 - 必ず /etc - のバックアップを取って不測の事態に備えてください。 - - + - <command>mergemaster</command> + 設定ファイルの同期 @@ -1991,10 +1933,6 @@ Script done, … &man.mergemaster.8; が、パスワードファイルを再構築するかどうかを尋ねることがあります。 最後に残った一時ファイルを削除するかどうかを尋ねて終了します。 - - - - 手動での更新 手動で更新する場合には、単にファイルを /usr/src/etc @@ -2154,7 +2092,6 @@ Script done, … &prompt.root; mkdir /var/tmp/root-`date "+%Y%m%d"` - From owner-svn-doc-all@FreeBSD.ORG Sat May 24 19:59:05 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 700681CF; Sat, 24 May 2014 19:59:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5C303288D; Sat, 24 May 2014 19:59:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4OJx5bG075446; Sat, 24 May 2014 19:59:05 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4OJx509075445; Sat, 24 May 2014 19:59:05 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405241959.s4OJx509075445@svn.freebsd.org> From: Benedict Reuschling Date: Sat, 24 May 2014 19:59:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44941 - head/en_US.ISO8859-1/articles/freebsd-update-server X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 May 2014 19:59:05 -0000 Author: bcr Date: Sat May 24 19:59:04 2014 New Revision: 44941 URL: http://svnweb.freebsd.org/changeset/doc/44941 Log: Remove two instances of "file" following a filename tag, which is redundant (markup and word). Modified: head/en_US.ISO8859-1/articles/freebsd-update-server/article.xml Modified: head/en_US.ISO8859-1/articles/freebsd-update-server/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/freebsd-update-server/article.xml Sat May 24 16:42:02 2014 (r44940) +++ head/en_US.ISO8859-1/articles/freebsd-update-server/article.xml Sat May 24 19:59:04 2014 (r44941) @@ -195,7 +195,7 @@ MASTERDIR=update-master.freebsd.org - The default build.conf file shipped with + The default build.conf shipped with the freebsd-update-server sources is suitable for building &arch.i386; releases of &os;. As an example of building an update server for other architectures, the following steps @@ -211,7 +211,7 @@ MASTERDIR=update-master.freebsd.org - Install a build.conf file in the + Install a build.conf in the newly created build directory. The build configuration options for &os; 7.2-RELEASE on &arch.amd64; should be similar to: From owner-svn-doc-all@FreeBSD.ORG Sat May 24 20:23:35 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9432AAFE; Sat, 24 May 2014 20:23:35 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7E8CF2A9F; Sat, 24 May 2014 20:23:35 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4OKNZAH088771; Sat, 24 May 2014 20:23:35 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4OKNZS5088770; Sat, 24 May 2014 20:23:35 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405242023.s4OKNZS5088770@svn.freebsd.org> From: Benedict Reuschling Date: Sat, 24 May 2014 20:23:35 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44942 - head/en_US.ISO8859-1/articles/freebsd-update-server X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 May 2014 20:23:35 -0000 Author: bcr Date: Sat May 24 20:23:35 2014 New Revision: 44942 URL: http://svnweb.freebsd.org/changeset/doc/44942 Log: Whitespace fixes (bad tag indents, wrap long lines) that igor complained about. Translators can ignore. Modified: head/en_US.ISO8859-1/articles/freebsd-update-server/article.xml Modified: head/en_US.ISO8859-1/articles/freebsd-update-server/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/freebsd-update-server/article.xml Sat May 24 19:59:04 2014 (r44941) +++ head/en_US.ISO8859-1/articles/freebsd-update-server/article.xml Sat May 24 20:23:35 2014 (r44942) @@ -1,15 +1,22 @@ - - FreeBSD Update Server"> ]> -
            - Build Your Own &os; Update Server - - - JasonHelfman +
            + + Build Your Own &os; Update Server + + + + Jason + Helfman + +
            &a.jgh.email;
            -             + + 2009 @@ -30,35 +37,40 @@ $FreeBSD$ - - This article describes building an internal &fbus.ap;. - The freebsd-update-server - is written by &a.cperciva.email;, Security Officer Emeritus of &os;. - For users that think it is convenient to update their systems - against an official update server, building their own &fbus.ap; may - help to extend its functionality by supporting manually-tweaked - &os; releases or by providing a local mirror that will allow faster - updates for a number of machines. - + + This article describes building an internal &fbus.ap;. + The freebsd-update-server + is written by &a.cperciva.email;, Security Officer Emeritus of + &os;. For users that think it is convenient to update their + systems against an official update server, building their own + &fbus.ap; may help to extend its functionality by supporting + manually-tweaked &os; releases or by providing a local mirror + that will allow faster updates for a number of + machines. +             Acknowledgments - This article was subsequently printed at BSD - Magazine. + + This article was subsequently printed at BSD + Magazine. Introduction - Experienced users or administrators are often responsible for - several machines or environments. They understand the difficult - demands and challenges of maintaining such an infrastructure. - Running a &fbus.ap; makes it easier to deploy security and software - patches to selected test machines before rolling them out to - production. It also means a number of systems can be updated from the - local network rather than a potentially slower Internet connection. - This article outlines the steps involved in creating an internal + Experienced users or administrators are often responsible + for several machines or environments. They understand the + difficult demands and challenges of maintaining such an + infrastructure. Running a &fbus.ap; makes it easier to deploy + security and software patches to selected test machines before + rolling them out to production. It also means a number of + systems can be updated from the local network rather than a + potentially slower Internet connection. This article outlines + the steps involved in creating an internal &fbus.ap;. @@ -80,9 +92,10 @@ - A user account with at least 4 GB of available space. - This will allow the creation of updates for 7.1 and 7.2, but the - exact space requirements may change from version to version. + A user account with at least 4 GB of available + space. This will allow the creation of updates for 7.1 and + 7.2, but the exact space requirements may change from + version to version. @@ -91,10 +104,12 @@ - A web server, like Apache, - with over half of the space required for the build. For instance, - test builds for 7.1 and 7.2 consume a total amount of 4 GB, - and the webserver space needed to distribute these updates is + A web server, like Apache, + with over half of the space required for the build. For + instance, test builds for 7.1 and 7.2 consume a total amount + of 4 GB, and the webserver space needed to distribute + these updates is 2.6 GB. @@ -108,21 +123,24 @@ Configuration: Installation & Setup - Download the - freebsd-update-server software by installing devel/subversion , and execute: - - &prompt.user; svn co http://svn.freebsd.org/base/user/cperciva/freebsd-update-build freebsd-update-server + Download the + freebsd-update-server software by installing + devel/subversion , and execute: + + &prompt.user; svn co + http://svn.freebsd.org/base/user/cperciva/freebsd-update-build + freebsd-update-server + + Update scripts/build.conf + appropriately. It is sourced during all build + operations. - Update scripts/build.conf appropriately. - It is sourced during all build operations. - - Here is the default build.conf, which should - be modified to suit your environment. + Here is the default build.conf, which + should be modified to suit your environment. - - -# Main configuration file for FreeBSD Update builds. The + # Main configuration file for FreeBSD Update builds. The # release-specific configuration data is lower down in # the scripts tree. @@ -149,57 +167,57 @@ MASTERDIR=update-master.freebsd.org - This is the location where ISO images are downloaded from (by - the fetchiso() subroutine - of scripts/build.subr). The location - configured is not limited to FTP URIs. Any URI scheme - supported by standard &man.fetch.1; utility should work - fine. - - Customizations to the fetchiso() code can - be installed by copying the - default build.subr script to the release and - architecture-specific area - at scripts/RELEASE/ARCHITECTURE/build.subr - and applying local changes. + This is the location where ISO images are downloaded + from (by the fetchiso() subroutine of + scripts/build.subr). The location + configured is not limited to FTP URIs. Any URI scheme + supported by standard &man.fetch.1; utility should work + fine. + + Customizations to the fetchiso() + code can be installed by copying the default + build.subr script to the release and + architecture-specific area at + scripts/RELEASE/ARCHITECTURE/build.subr + and applying local changes. - The name of the build host. This information will be - displayed on updated systems when issuing: + The name of the build host. This information will be + displayed on updated systems when issuing: &prompt.user; uname -v - The SSH key for uploading files to - the update server. A key pair can be created by - typing ssh-keygen -t dsa. This parameter is - optional; standard password authentication will be used as a - fallback authentication method when SSHKEY is - not defined. - - The &man.ssh-keygen.1; manual page has more detailed - information about SSH and the - appropriate steps for creating and using one. + The SSH key for uploading + files to the update server. A key pair can be created by + typing ssh-keygen -t dsa. This parameter + is optional; standard password authentication will be used + as a fallback authentication method when + SSHKEY is not defined. + + The &man.ssh-keygen.1; manual page has more detailed + information about SSH and the + appropriate steps for creating and using one. - Account for uploading files to the update - server. + Account for uploading files to the update server. - Directory on the update server where files are uploaded - to. + Directory on the update server where files are uploaded + to. - The default build.conf shipped with - the freebsd-update-server sources is - suitable for building &arch.i386; releases of &os;. As an example of - building an update server for other architectures, the following steps - outline the configuration changes needed for &arch.amd64;: + The default build.conf shipped with the + freebsd-update-server sources is + suitable for building &arch.i386; releases of &os;. As an + example of building an update server for other architectures, + the following steps outline the configuration changes needed for + &arch.amd64;: @@ -211,13 +229,13 @@ MASTERDIR=update-master.freebsd.org - Install a build.conf in the - newly created build directory. The build configuration - options for &os; 7.2-RELEASE on &arch.amd64; should be similar + Install a build.conf in the newly + created build directory. The build configuration options + for &os; 7.2-RELEASE on &arch.amd64; should be similar to: - # SHA256 hash of RELEASE disc1.iso image. + # SHA256 hash of RELEASE disc1.iso image. export RELH=1ea1f6f652d7c5f5eab7ef9f8edbed50cb664b08ed761850f95f48e86cc71ef5 # Components of the world, source, and kernels @@ -233,17 +251,22 @@ export EOL=1275289200 - The &man.sha256.1; hash key for the desired release, is - published within the respective release announcement. + The &man.sha256.1; hash key for the desired release, + is published within the respective release + announcement. - To generate the "End of Life" number for - build.conf, refer to the "Estimated - EOL" posted on the &os; - Security Website. The value - of EOL can be derived from the date listed on - the web site, using the &man.date.1; utility, for example: + To generate the "End of Life" number for + build.conf, refer to the "Estimated + EOL" posted on the &os; + Security Website. The value of + EOL can be derived from the date + listed on the web site, using the &man.date.1; utility, + for example: + &prompt.user; date -j -f '%Y%m%d-%H%M%S' '20090401-000000' '+%s' @@ -254,10 +277,11 @@ export EOL=1275289200 Building Update Code - The first step is to run scripts/make.sh. - This will build some binaries, create directories, and generate an RSA - signing key used for approving builds. In this step, a passphrase will - have to be supplied for the final creation of the signing key. + The first step is to run + scripts/make.sh. This will build some + binaries, create directories, and generate an RSA signing key + used for approving builds. In this step, a passphrase will have + to be supplied for the final creation of the signing key. &prompt.root; sh scripts/make.sh cc -O2 -fno-strict-aliasing -pipe findstamps.c -o findstamps @@ -281,8 +305,8 @@ Verifying - enter aes-256-cbc encryption Keep a note of the generated key fingerprint. This value - is required in /etc/freebsd-update.conf for - binary updates. + is required in /etc/freebsd-update.conf + for binary updates. At this point, we are ready to stage a build. @@ -292,8 +316,8 @@ Verifying - enter aes-256-cbc encryption &prompt.root; sh scripts/init.sh amd64 7.2-RELEASE - What follows is a sample of an initial build - run. + What follows is a sample of an initial + build run. &prompt.root; sh scripts/init.sh amd64 7.2-RELEASE Mon Aug 24 16:04:36 PDT 2009 Starting fetch for FreeBSD/amd64 7.2-RELEASE @@ -341,11 +365,13 @@ world|base|/usr/lib/libalias_ftp.a During this second build cycle, the network time protocol daemon, &man.ntpd.8;, is turned off. Per &a.cperciva.email;, - Security Officer Emeritus of &os;, "the freebsd-update-server - build code needs to identify timestamps which are stored in files so - that they can be ignored when comparing builds to determine which - files need to be updated. This timestamp-finding works by doing two - builds 400 days apart and comparing the results." + Security Officer Emeritus of &os;, "the freebsd-update-server + build code needs to identify timestamps which are stored in + files so that they can be ignored when comparing builds to + determine which files need to be updated. This + timestamp-finding works by doing two builds 400 days apart and + comparing the results." Mon Aug 24 17:54:07 PDT 2009 Extracting world+src for FreeBSD/amd64 7.2-RELEASE @@ -417,12 +443,12 @@ they look sensible, then run # sh -e approve.sh amd64 7.2-RELEASE to sign the release. - Approve the build if everything is correct. More information on - determining this can be found in the distributed source - file named USAGE. Execute - scripts/approve.sh, as directed. This will sign - the release, and move components into a staging area suitable for - uploading. + Approve the build if everything is correct. More + information on determining this can be found in the distributed + source file named USAGE. Execute + scripts/approve.sh, as directed. This will + sign the release, and move components into a staging area + suitable for uploading. &prompt.root; cd /usr/local/freebsd-update-server @@ -436,8 +462,8 @@ Wed Aug 26 12:50:06 PDT 2009 Copying fil Wed Aug 26 12:50:07 PDT 2009 Updating databases for FreeBSD/amd64 7.2-RELEASE Wed Aug 26 12:50:07 PDT 2009 Cleaning staging area for FreeBSD/amd64 7.2-RELEASE - After the approval process is complete, the upload procedure may - be started. + After the approval process is complete, the upload procedure + may be started. &prompt.root; cd /usr/local/freebsd-update-server @@ -445,9 +471,9 @@ Wed Aug 26 12:50:07 PDT 2009 Cleaning st - In the event update code needs to be re-uploaded, this may be - done by changing to the public distributions directory for the - target release and updating attributes of the + In the event update code needs to be re-uploaded, this may + be done by changing to the public distributions directory for + the target release and updating attributes of the uploaded file. @@ -460,12 +486,13 @@ Wed Aug 26 12:50:07 PDT 2009 Cleaning st avoid making the instructions Apache-specific here. --> - The uploaded files will need to be in the - document root of the webserver in order for updates - to be distributed. The exact configuration will vary depending on the - web server used. For the Apache web server, - please refer to the Configuration of - Apache servers section in the Handbook. + The uploaded files will need to be in the document root of + the webserver in order for updates to be distributed. The exact + configuration will vary depending on the web server used. For + the Apache web server, please refer + to the Configuration + of Apache servers section in the Handbook. Update client's KeyPrint and ServerName in - /etc/freebsd-update.conf, and perform updates as - instructed in the &os; + /etc/freebsd-update.conf, and perform + updates as instructed in the &os; Update - - - section of the Handbook. + section of the + Handbook. - In order for &fbus.ap; to work properly, updates - for both the current release and the - release one wants to upgrade to need to be - built. This is necessary for determining the differences of - files between releases. For example, when upgrading a &os; - system from 7.1-RELEASE to 7.2-RELEASE, updates will need to be built - and uploaded to your distribution server for both versions. + In order for &fbus.ap; to work properly, updates for both + the current release and the release + one wants to upgrade to need to be built. + This is necessary for determining the differences of files + between releases. For example, when upgrading a &os; system + from 7.1-RELEASE to 7.2-RELEASE, updates will need to be built + and uploaded to your distribution server for both + versions. - For reference, the entire run of init.sh is + For reference, the entire run of init.sh is attached. Building a Patch - Every time a security advisory - or security notice - is announced, a patch update can be built. + Every time a security + advisory or security + notice is announced, a patch update can be + built. For this example, 7.1-RELEASE will be used. @@ -537,38 +572,43 @@ Wed Aug 26 12:50:07 PDT 2009 Cleaning st - Create the patch directory of the respective release - under /usr/local/freebsd-update-server/patches/. + Create the patch directory of the respective release under + /usr/local/freebsd-update-server/patches/. &prompt.user; mkdir -p /usr/local/freebsd-update-server/patches/7.1-RELEASE/ &prompt.user; cd /usr/local/freebsd-update-server/patches/7.1-RELEASE - As an example, take the patch for &man.named.8;. Read the advisory, - and grab the necessary file from &os; Security - Advisories. More information on interpreting the advisory, - can be found in the &os; Handbook. - - In the security brief, - this advisory is called SA-09:12.bind. After - downloading the file, it is required to rename the file to an - appropriate patch level. It is suggested to keep this consistent with - official &os; patch levels, but its name may be freely chosen. - For this build, let us follow the currently established practice of - &os; and call this p7. Rename the file: + As an example, take the patch for &man.named.8;. Read the + advisory, and grab the necessary file from &os; Security + Advisories. More information on interpreting the + advisory, can be found in the &os; + Handbook. + + In the security + brief, this advisory is called + SA-09:12.bind. After downloading the file, + it is required to rename the file to an appropriate patch level. + It is suggested to keep this consistent with official &os; patch + levels, but its name may be freely chosen. For this build, let + us follow the currently established practice of &os; and call + this p7. Rename the file: &prompt.user; cd /usr/local/freebsd-update-server/patches/7.1-RELEASE/; mv bind.patch 7-SA-09:12.bind - When running a patch level build, it is assumed that previous - patches are in place. When a patch build is run, it will run all - patches contained in the patch directory. + When running a patch level build, it is assumed that + previous patches are in place. When a patch build is run, it + will run all patches contained in the patch directory. - There can be custom patches added to any build. Use the number - zero, or any other number. + There can be custom patches added to any build. Use the + number zero, or any other number. @@ -577,18 +617,18 @@ Wed Aug 26 12:50:07 PDT 2009 Cleaning st patch. - At this point, a diff is ready to be built. - The software checks first to see if a - scripts/init.sh has been run on the respective - release prior to running the diff build. + At this point, a diff is ready to be + built. The software checks first to see if a + scripts/init.sh has been run on the + respective release prior to running the diff build. &prompt.root; cd /usr/local/freebsd-update-server &prompt.root; sh scripts/diff.sh amd64 7.1-RELEASE 7 - What follows is a sample of a differential - build run. + What follows is a sample of a + differential build run. &prompt.root; sh -e scripts/diff.sh amd64 7.1-RELEASE 7 Wed Aug 26 10:09:59 PDT 2009 Extracting world+src for FreeBSD/amd64 7.1-RELEASE-p7 @@ -704,8 +744,8 @@ the new builds. &prompt.root; sh scripts/upload.sh amd64 7.1-RELEASE - For reference, the entire run of - diff.sh is + For reference, the entire run of diff.sh is attached. @@ -732,17 +772,20 @@ the new builds. If a custom release is built using the native - make release procedure, - freebsd-update-server code will work - from your release. As an example, a release without ports or - documentation can be built by clearing functionality pertaining - to documentation subroutines findextradocs (), - addextradocs () and altering the download - location in fetchiso (), respectively, in - scripts/build.subr. As a last step, change - the &man.sha256.1; hash in build.conf under - your respective release and architecture and you are ready to build - off your custom release. + make release procedure, + freebsd-update-server code will + work from your release. As an example, a release without + ports or documentation can be built by clearing + functionality pertaining to documentation subroutines + findextradocs (), + addextradocs () and altering the + download location in fetchiso (), + respectively, in scripts/build.subr. + As a last step, change the &man.sha256.1; hash in + build.conf under your respective + release and architecture and you are ready to build off your + custom release. # Compare ${WORKDIR}/release and ${WORKDIR}/$1, identify which parts # of the world|doc subcomponent are missing from the latter, and @@ -752,17 +795,18 @@ the new builds. # Add extra docs to ${WORKDIR}/$1 addextradocs () { - } - + } - Adding - flags to buildworld and + Adding flags to + buildworld and obj targets in the scripts/build.subr script may speed up processing depending on the hardware used, however it is not necessary. Using these flags in other targets is not - recommended, as it may cause the build to become unreliable. + recommended, as it may cause the build to become + unreliable. # Build the world log "Building world" @@ -777,11 +821,12 @@ the new builds. - Create an appropriate DNS - SRV record for the update server, and put others behind it with - variable weights. Using this facility will provide update - mirrors, however this tip is not necessary unless you wish to - provide a redundant service. + Create an appropriate DNS + SRV record for the update server, and put others behind it + with variable weights. Using this facility will provide + update mirrors, however this tip is not necessary unless you + wish to provide a redundant service. _http._tcp.update.myserver.com. IN SRV 0 2 80 host1.myserver.com. SRV 0 1 80 host2.myserver.com. From owner-svn-doc-all@FreeBSD.ORG Sat May 24 20:33:49 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E39E2EE3; Sat, 24 May 2014 20:33:49 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D01502B4F; Sat, 24 May 2014 20:33:49 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4OKXnJO093392; Sat, 24 May 2014 20:33:49 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4OKXnWE093391; Sat, 24 May 2014 20:33:49 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405242033.s4OKXnWE093391@svn.freebsd.org> From: Benedict Reuschling Date: Sat, 24 May 2014 20:33:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44943 - head/en_US.ISO8859-1/articles/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 May 2014 20:33:50 -0000 Author: bcr Date: Sat May 24 20:33:49 2014 New Revision: 44943 URL: http://svnweb.freebsd.org/changeset/doc/44943 Log: Whitespace fixes, nothing more. Modified: head/en_US.ISO8859-1/articles/pgpkeys/article.xml Modified: head/en_US.ISO8859-1/articles/pgpkeys/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/pgpkeys/article.xml Sat May 24 20:23:35 2014 (r44942) +++ head/en_US.ISO8859-1/articles/pgpkeys/article.xml Sat May 24 20:33:49 2014 (r44943) @@ -19,9 +19,12 @@ shown in the Handbook PGP keys chapter. --> -
            +
            - Open<acronym>PGP</acronym> Keys + Open<acronym>PGP</acronym> Keys + $FreeBSD$ $FreeBSD$ From owner-svn-doc-all@FreeBSD.ORG Sat May 24 20:44:44 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1C497604; Sat, 24 May 2014 20:44:44 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E36332C36; Sat, 24 May 2014 20:44:43 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4OKihnI097911; Sat, 24 May 2014 20:44:43 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4OKihwo097910; Sat, 24 May 2014 20:44:43 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405242044.s4OKihwo097910@svn.freebsd.org> From: Benedict Reuschling Date: Sat, 24 May 2014 20:44:43 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44944 - head/en_US.ISO8859-1/articles/committers-guide X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 May 2014 20:44:44 -0000 Author: bcr Date: Sat May 24 20:44:43 2014 New Revision: 44944 URL: http://svnweb.freebsd.org/changeset/doc/44944 Log: Remove some redundant words, add capitalization to titles, as well as redundant markup and words around . Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/committers-guide/article.xml Sat May 24 20:33:49 2014 (r44943) +++ head/en_US.ISO8859-1/articles/committers-guide/article.xml Sat May 24 20:44:43 2014 (r44944) @@ -306,7 +306,7 @@ You need a Passphrase to protect your se - Kerberos and LDAP web password for &os; cluster + Kerberos and LDAP web Password for &os; Cluster Some of the services in the &os; cluster require a Kerberos password. In the &os; cluster, LDAP is proxying to Kerberos, so @@ -1866,7 +1866,7 @@ U stable/9/share/man/man4/netmap.4 &prompt.user; cd sendmail &prompt.user; svn merge -c r261190 ^/vendor/sendmail/dist . - ^ is an alias for the the + ^ is an alias for the repository path. @@ -3027,9 +3027,9 @@ Relnotes: yes or $HOME/.ssh/id_rsa.pub) to the person setting you up as a committer so it can be put - into the + into yourlogin - file in + in /etc/ssh-keys/ on freefall. @@ -3101,8 +3101,8 @@ Relnotes: yes Respect existing maintainers (if listed in the MAINTAINER field in - Makefile or in the - MAINTAINER file in the top-level + Makefile or in + MAINTAINER in the top-level directory). From owner-svn-doc-all@FreeBSD.ORG Sun May 25 06:31:34 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7EB3AE68; Sun, 25 May 2014 06:31:34 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6BF3722F7; Sun, 25 May 2014 06:31:34 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4P6VXEo064773; Sun, 25 May 2014 06:31:33 GMT (envelope-from ache@svn.freebsd.org) Received: (from ache@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4P6VX26064772; Sun, 25 May 2014 06:31:33 GMT (envelope-from ache@svn.freebsd.org) Message-Id: <201405250631.s4P6VX26064772@svn.freebsd.org> From: "Andrey A. Chernov" Date: Sun, 25 May 2014 06:31:33 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44945 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 May 2014 06:31:34 -0000 Author: ache (src,ports committer) Date: Sun May 25 06:31:33 2014 New Revision: 44945 URL: http://svnweb.freebsd.org/changeset/doc/44945 Log: Add www.ru.FreeBSD.org as IPv6 mirror too (dual-stack machine) Modified: head/share/xml/mirrors.xml Modified: head/share/xml/mirrors.xml ============================================================================== --- head/share/xml/mirrors.xml Sat May 24 20:44:43 2014 (r44944) +++ head/share/xml/mirrors.xml Sun May 25 06:31:33 2014 (r44945) @@ -805,6 +805,7 @@ www.ru.FreeBSD.org http://www.ru.FreeBSD.org/ + http://www.ru.FreeBSD.org/ From owner-svn-doc-all@FreeBSD.ORG Sun May 25 11:52:06 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 93FEA217; Sun, 25 May 2014 11:52:06 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8193528E6; Sun, 25 May 2014 11:52:06 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4PBq6DB009596; Sun, 25 May 2014 11:52:06 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4PBq6i3009595; Sun, 25 May 2014 11:52:06 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405251152.s4PBq6i3009595@svn.freebsd.org> From: Benedict Reuschling Date: Sun, 25 May 2014 11:52:06 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44946 - head/en_US.ISO8859-1/htdocs/docs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 May 2014 11:52:06 -0000 Author: bcr Date: Sun May 25 11:52:06 2014 New Revision: 44946 URL: http://svnweb.freebsd.org/changeset/doc/44946 Log: After the removal of the CVS article in r44940, this link to it also became obsolete. Remove it from the list. Modified: head/en_US.ISO8859-1/htdocs/docs/books.xml Modified: head/en_US.ISO8859-1/htdocs/docs/books.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/docs/books.xml Sun May 25 06:31:33 2014 (r44945) +++ head/en_US.ISO8859-1/htdocs/docs/books.xml Sun May 25 11:52:06 2014 (r44946) @@ -143,11 +143,6 @@ How to use newer versions of the GCC compilers and binutils from the &os; ports tree. Custom GCC are also discussed.

            -

            Setting up a - CVS repository - The FreeBSD way (cvs-freebsd)
            - How to set up a CVS repository that uses the same CVSROOT - infrastructure as the FreeBSD project.

            -

            Explaining BSD (explaining-bsd)
            An answer to the question ``What is BSD?''

            From owner-svn-doc-all@FreeBSD.ORG Sun May 25 13:07:58 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 067504A6; Sun, 25 May 2014 13:07:58 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E829D2EF9; Sun, 25 May 2014 13:07:57 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4PD7v57049014; Sun, 25 May 2014 13:07:57 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4PD7vnR049012; Sun, 25 May 2014 13:07:57 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201405251307.s4PD7vnR049012@svn.freebsd.org> From: Mathieu Arnold Date: Sun, 25 May 2014 13:07:57 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44947 - head/en_US.ISO8859-1/books/porters-handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 May 2014 13:07:58 -0000 Author: mat (ports committer) Date: Sun May 25 13:07:57 2014 New Revision: 44947 URL: http://svnweb.freebsd.org/changeset/doc/44947 Log: Document USE_PERL5=fixpacklist. Approved by: bcr Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/uses.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/uses.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/uses.xml Sun May 25 11:52:06 2014 (r44946) +++ head/en_US.ISO8859-1/books/porters-handbook/uses.xml Sun May 25 13:07:57 2014 (r44947) @@ -483,8 +483,11 @@ or modbuildtiny when Makefile.PL, Build.PL, or the Module::Build::Tiny - flavor of Build.PL is required. - Defaults to build run.             + flavor of Build.PL is required. If + there is a .packlist referencing + ${STAGEDIR}, then + fixpacklist should be used to patch it. + It defaults to build run. From owner-svn-doc-all@FreeBSD.ORG Sun May 25 13:38:22 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EC66682D; Sun, 25 May 2014 13:38:21 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D887E20F0; Sun, 25 May 2014 13:38:21 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4PDcLlR062365; Sun, 25 May 2014 13:38:21 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4PDcLga062364; Sun, 25 May 2014 13:38:21 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405251338.s4PDcLga062364@svn.freebsd.org> From: Benedict Reuschling Date: Sun, 25 May 2014 13:38:21 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44948 - head/en_US.ISO8859-1/articles/p4-primer X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 May 2014 13:38:22 -0000 Author: bcr Date: Sun May 25 13:38:21 2014 New Revision: 44948 URL: http://svnweb.freebsd.org/changeset/doc/44948 Log: - Remove redundant markup and words for "command". - Capitalize titles. - Remove contractions. Next up: whitespace fixes. Modified: head/en_US.ISO8859-1/articles/p4-primer/article.xml Modified: head/en_US.ISO8859-1/articles/p4-primer/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/p4-primer/article.xml Sun May 25 13:07:57 2014 (r44947) +++ head/en_US.ISO8859-1/articles/p4-primer/article.xml Sun May 25 13:38:21 2014 (r44948) @@ -51,8 +51,8 @@ Reading the Perforce User's Guide and Perforce Command Reference is highly recommended. The p4 application also contains an - extensive amount of online help accessible via the p4 - help command. + extensive amount of online help accessible via p4 + help. The &os; Perforce server is hosted on perforce.freebsd.org, @@ -127,9 +127,9 @@ lives on. Thus, working on multiple machines requires that multiple clients be used. - Clients may be accessed via the p4 client - command. Running this command with no arguments will bring up a - client template in an editor, allowing you to create a new client + Clients may be accessed via p4 client. + Running this command with no arguments will bring up a client + template in an editor, allowing you to create a new client for your work. The important fields in this template are explained below: @@ -218,8 +218,9 @@ this directory and all files and directories below it. - A Perforce view can contain multiple mappings. Let's say you - want to map in both the SMPng tree and the NFS tree. Your + A Perforce view can contain multiple + mappings. Say you want to map in both the SMPng tree and + the NFS tree. Your View might look like: //depot/projects/smpng/... //client/smpng/... @@ -246,10 +247,10 @@ - Existing clients can be listed via the p4 - clients command. They can be viewed without being - modified via the p4 client -o - clientname command. + Existing clients can be listed via p4 + clients. They can be viewed without being + modified via p4 client -o + clientname. Whenever you are interacting with files in Perforce, the P4CLIENT @@ -271,7 +272,7 @@ Once you have a client specification defined and the P4CLIENT variable set, the next step is to pull the files for that client down to your local machine. This is done - with the p4 sync command, which instructs + with p4 sync, which instructs Perforce to synchronize the local files in your client with the repository. The first time it runs, it will download all of the files. Subsequent runs will only @@ -384,15 +385,15 @@ directory that you specified in the branch is empty on the server until you populate it. - To populate your branch, first edit your client with the - p4 client command and make sure that the branch + To populate your branch, first edit your client with + p4 client and make sure that the branch directory is mapped in your client. You might need to add a View line like: //depot/projects/my-new-project/... //myclient/my-new-project/... - The next step is to run the p4 integrate - command, as described in the next section. + The next step is to run p4 integrate, as + described in the next section.             @@ -422,7 +423,7 @@ will instruct Perforce to look for changes in the branch parent that are not yet in the child. From those changes it will prepare a list of diffs to move. If the - integration is being done for the first time on a branch (i.e. + integration is being done for the first time on a branch (for example doing an initial population operation), then the parent files will simply be copied to the child location on the local machine. @@ -446,8 +447,8 @@ possible conflict and resolve it by hand if needed. Once all of the integrated files have been resolved, they need - to be committed back to the repository. This is done via the - p4 submit command, explained in the next + to be committed back to the repository. This is done via + p4 submit, explained in the next section. @@ -456,8 +457,8 @@ Changes that are made locally should be committed back to the Perforce server for safe keeping and so - that others can access them. This is done via the p4 - submit command. When you run this command, it will open + that others can access them. This is done via p4 + submit. When you run this command, it will open up a submit template in an editor. &os; has a custom template, and the important fields are described below: @@ -515,8 +516,8 @@ for edit, and uses this to help with submit, sync, and integration operations later on. - To open a file for editing, use the p4 edit - command like so: + To open a file for editing, use p4 edit + like so: &prompt.user; p4 edit filename @@ -526,7 +527,7 @@ operation. Note that editing is not exclusive in Perforce. Multiple people can have the same file in the edit state (you will be informed of others when - you run the edit command), and you can submit + you run edit), and you can submit your changes even when others are still editing the file. When someone else submits a change to a file that you are @@ -539,8 +540,8 @@ changes to the repository. If you have a file open for edit and you want to throw away - your changes and revert it to its original state, run the - p4 revert command like so: + your changes and revert it to its original state, run + p4 revert like so: &prompt.user; p4 revert filename @@ -554,8 +555,8 @@ filesystem. When you tell the server to open it for editing, it is changed to read-write on the filesystem. While these permissions can easily be overridden by hand, they are meant to - gently remind you that you should being using the p4 - edit command. Files that have local changes but are not + gently remind you that you should being using p4 + edit. Files that have local changes but are not in the edit state may get overwritten when doing a p4 sync. @@ -564,14 +565,14 @@ Changes, Descriptions, and History Changes to the Perforce depot can - be listed via the p4 changes command. This + be listed via p4 changes. This will provide a brief description of each change, who made the change, and what its change number was. A change can be examined - in detail via the p4 describe - changenumber command. This + in detail via command>p4 describe + changenumber. This will provide the submit log and the diffs of the actual change. - Commonly, the p4 describe command is used in one + Commonly, p4 describe is used in one of three ways: @@ -610,10 +611,9 @@ - The p4 filelog - filename command will show - the history of a file, including all submits, integrations, and - branches of it. + The history of a file, including all submits, integrations, + and branches of it will be shown by p4 filelog + filename. @@ -665,7 +665,7 @@ format that is slightly incompatible with the traditional Unix diff and patch tools. Using the P4DIFF variable to point to the real &man.diff.1; tool can help this, but only for - the p4 diff command. The output of + p4 diff. The output of command must be post-processed to be useful (the flag of will produce unified diffs that are somewhat compatible, but it does @@ -679,7 +679,7 @@ Integrating a branch will bring existing files into your tree, but you may still want to add new files or remove existing ones. Adding files is easily done be creating the file and then running - the p4 add command like so: + p4 add like so: &prompt.user; p4 add filename @@ -692,7 +692,7 @@ Perforce can track UNIX symlinks too, so you can probably use \! -type d as the - matching expression in &man.find.1; above. We don't commit symlinks + matching expression in &man.find.1; above. We do not commit symlinks into the source tree of &os; though, so this should not be necessary. @@ -716,14 +716,14 @@ the repository. Deleted files can be resurrected by syncing them to a prior - version. The only way to permanently remove a file is to use the - p4 obliterate command. This command is + version. The only way to permanently remove a file is to use + p4 obliterate. This command is irreversible and expensive, so it is only available to those with admin access. - Working with diffs + Working with Diffs Sometimes you might need to apply a diff from another source to a tree under Perforce control. If @@ -759,7 +759,7 @@ - Renaming files + Renaming Files Perforce does not have a built-in way of renaming files or moving them to a different part of the @@ -787,7 +787,7 @@ - Interactions between &os; Subversion and Perforce + Interactions Between &os; Subversion and Perforce The &os; Perforce and Subversion repositories are completely separate. However, changes to Subversion are From owner-svn-doc-all@FreeBSD.ORG Sun May 25 13:39:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CB47EA63; Sun, 25 May 2014 13:39:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B90F82102; Sun, 25 May 2014 13:39:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4PDdtQ7062757; Sun, 25 May 2014 13:39:55 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4PDdtrR062756; Sun, 25 May 2014 13:39:55 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405251339.s4PDdtrR062756@svn.freebsd.org> From: Benedict Reuschling Date: Sun, 25 May 2014 13:39:55 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44949 - head/en_US.ISO8859-1/articles/p4-primer X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 May 2014 13:39:55 -0000 Author: bcr Date: Sun May 25 13:39:55 2014 New Revision: 44949 URL: http://svnweb.freebsd.org/changeset/doc/44949 Log: Fix build. Pointy hat: bcr Modified: head/en_US.ISO8859-1/articles/p4-primer/article.xml Modified: head/en_US.ISO8859-1/articles/p4-primer/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/p4-primer/article.xml Sun May 25 13:38:21 2014 (r44948) +++ head/en_US.ISO8859-1/articles/p4-primer/article.xml Sun May 25 13:39:55 2014 (r44949) @@ -568,7 +568,7 @@ be listed via p4 changes. This will provide a brief description of each change, who made the change, and what its change number was. A change can be examined - in detail via command>p4 describe + in detail via p4 describe changenumber. This will provide the submit log and the diffs of the actual change. From owner-svn-doc-all@FreeBSD.ORG Sun May 25 14:40:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0E89C5F9; Sun, 25 May 2014 14:40:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EDD9C2582; Sun, 25 May 2014 14:40:41 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4PEefsh091336; Sun, 25 May 2014 14:40:41 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4PEefUE091335; Sun, 25 May 2014 14:40:41 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405251440.s4PEefUE091335@svn.freebsd.org> From: Benedict Reuschling Date: Sun, 25 May 2014 14:40:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44950 - head/en_US.ISO8859-1/articles/p4-primer X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 May 2014 14:40:42 -0000 Author: bcr Date: Sun May 25 14:40:41 2014 New Revision: 44950 URL: http://svnweb.freebsd.org/changeset/doc/44950 Log: Huge whitespace change to make igor happy. Translators can ignore it. Modified: head/en_US.ISO8859-1/articles/p4-primer/article.xml Modified: head/en_US.ISO8859-1/articles/p4-primer/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/p4-primer/article.xml Sun May 25 13:39:55 2014 (r44949) +++ head/en_US.ISO8859-1/articles/p4-primer/article.xml Sun May 25 14:40:41 2014 (r44950) @@ -1,16 +1,25 @@ -
            - +
            - Perforce in &os; Development + + Perforce in &os; Development - ScottLong -
            scottl@FreeBSD.org -
            -             + + + Scott + Long + + +
            + scottl@FreeBSD.org +
            +             +             @@ -23,446 +32,463 @@ $FreeBSD$             - - Introduction + + Introduction - The &os; project uses the Perforce - version control system to manage experimental projects that are - not ready for the main Subversion repository. - - - Availability, Documentation, and Resources - - While Perforce is a commercial - product, the client software for interacting with the server is - freely available from Perforce. It can be easily installed on - &os; via the devel/p4 - port or can be downloaded from the Perforce - web site at http://www.perforce.com/perforce/loadprog.html, - which also offers client applications for other OS's. - - While there is a GUI client available, most people use the - command line application called p4. This - document is written from the point of view of using this - command. - - Detailed documentation is available online at http://www.perforce.com/perforce/technical.html. - - Reading the Perforce User's Guide and - Perforce Command Reference is highly recommended. - The p4 application also contains an - extensive amount of online help accessible via p4 - help. - - The &os; Perforce server is - hosted on perforce.freebsd.org, - port 1666. The repository is browsable - online at http://p4web.freebsd.org. - - - - - Getting Started - - The first step to using Perforce is - to obtain an account on the server. If you already have a FreeBSD.org account, log into freefall, run the following command, and - enter a password that is not the same as your &os; login or any - other SSH passphrase: - - &prompt.user; /usr/local/bin/p4newuser - - Of course if you do not have a FreeBSD.org account, you will need to - coordinate with your sponsor. - - - An email will be sent to your &os; address that contains - the password you specified above in cleartext. Be sure to change - the password once your Perforce account - has been created! - - - The next step is to set the environment variables that - p4 needs, and verify that it can connect to the - server. The P4PORT variable is required to be set - for all operations, and specifies the appropriate - Perforce server to talk to. For the - &os; project, set it like so: - - &prompt.user; export P4PORT=perforce.freebsd.org:1666 - - - Users with shell access on the FreeBSD.org cluster may wish to tunnel - the Perforce client-server protocol via - an SSH tunnel, in which case the above string should be set to - localhost. - - - The &os; server also requires that the P4USER - and P4PASSWD variables be set. Use the username - and password from above, like so: + The &os; project uses the + Perforce version control system to + manage experimental projects that are not ready for the main + Subversion repository. + + + Availability, Documentation, and Resources + + While Perforce is a commercial + product, the client software for interacting with the server + is freely available from Perforce. It can be easily installed + on &os; via the devel/p4 port or can be + downloaded from the Perforce web + site at http://www.perforce.com/perforce/loadprog.html, + which also offers client applications for other OS's. + + While there is a GUI client available, most people use the + command line application called p4. This + document is written from the point of view of using this + command. + + Detailed documentation is available online at http://www.perforce.com/perforce/technical.html. + + Reading the Perforce User's Guide and + Perforce Command Reference is highly + recommended. The p4 application + also contains an extensive amount of online help accessible + via p4 help. + + The &os; Perforce server is + hosted on perforce.freebsd.org, port + 1666. The repository is browsable online + at http://p4web.freebsd.org. + + + + + Getting Started + + The first step to using Perforce + is to obtain an account on the server. If you already have a + FreeBSD.org + account, log into freefall, run the following + command, and enter a password that is not the same as your &os; + login or any other SSH passphrase: + + &prompt.user; /usr/local/bin/p4newuser + + Of course if you do not have a FreeBSD.org account, you + will need to coordinate with your sponsor. + + + An email will be sent to your &os; address that contains + the password you specified above in cleartext. Be sure to + change the password once your + Perforce account has been + created! + + + The next step is to set the environment variables that + p4 needs, and verify that it can connect to + the server. The P4PORT variable is required to + be set for all operations, and specifies the appropriate + Perforce server to talk to. For the + &os; project, set it like so: + + &prompt.user; export P4PORT=perforce.freebsd.org:1666 + + + Users with shell access on the FreeBSD.org cluster may + wish to tunnel the Perforce + client-server protocol via an SSH tunnel, in which case the + above string should be set to + localhost. + + + The &os; server also requires that the P4USER + and P4PASSWD variables be set. Use the username + and password from above, like so: - &prompt.user; export P4USER=username + &prompt.user; export P4USER=username &prompt.user; export P4PASSWD=password - Test that this works by running the following command: + Test that this works by running the following + command: - &prompt.user; p4 info + &prompt.user; p4 info - This should return a list of information about the server. If - it does not, check that you have the P4PORT - variable set correctly. - - - - Clients - - Perforce provides access to the - repository and tracks state on a per-client basis. In - Perforce terms, a client is a - specification that maps files and directories from the repository - to the local machine. Each user can have multiple clients, and - each client can access different or overlapping parts of the - repository. The client also specifies the root directory of the - file tree that it maps, and it specifies the machine that the tree - lives on. Thus, working on multiple machines requires that - multiple clients be used. - - Clients may be accessed via p4 client. - Running this command with no arguments will bring up a client - template in an editor, allowing you to create a new client - for your work. The important fields in this template are - explained below: - - - - Client: + This should return a list of information about the server. + If it does not, check that you have the P4PORT + variable set correctly. + + + + Clients + + Perforce provides access to the + repository and tracks state on a per-client basis. In + Perforce terms, a client is a + specification that maps files and directories from the + repository to the local machine. Each user can have multiple + clients, and each client can access different or overlapping + parts of the repository. The client also specifies the root + directory of the file tree that it maps, and it specifies the + machine that the tree lives on. Thus, working on multiple + machines requires that multiple clients be used. + + Clients may be accessed via p4 client. + Running this command with no arguments will bring up a client + template in an editor, allowing you to create a new client for + your work. The important fields in this template are explained + below: + + + + Client: + + + This is the name of the client spec. It can be + anything you want, but it must be unique within the + Perforce server. A naming + convention that is commonly used is + username_machinename, + which makes it easy to identify clients when browsing + them. A default name will be filled in that is just the + machine name. + + + + + Description: + + + This can contain a simple text description to help + identify the client. + + + + + Root: + + + This is the local directory that will serve as the + root directory of all the files in the client mapping. + This should be a unique location in your filesystem that + does not overlap with other files or + Perforce clients. + + + + + Options: + + + Most of the default options are fine, though it is + usually a good idea to make sure that the + and + options are present and do not have a + no prefix on them. Details about each + option are in the Perforce + docs. + + + + + LineEnd: + + + This handles CR-LF conversions and should be left to + the default unless you have special needs for it. + + + + + View: + + + This is where the server-to-local file mappings go. + The default is + + //depot/... //client/... + + This will map the entire + Perforce repository to the + Root directory of your client. + DO NOT USE THIS DEFAULT! The &os; + repo is huge, and trying to map and sync it all will take + an enormous amount of resources. Instead, only map the + section of the repo that you intend to work on. For + example, there is the smpng project tree at + //depot/projects/smpng. A mapping + for this might look like: + + //depot/projects/smpng/... //client/... + + The ... should be taken literally. + It is a Perforce idiom for + saying this directory and all files and directories + below it. + + A Perforce view can contain multiple + mappings. Say you want to map in both the SMPng tree and + the NFS tree. Your View might look like: - - This is the name of the client spec. It can be anything - you want, but it must be unique within the - Perforce server. A naming - convention that is commonly used is - username_machinename, - which makes it easy to identify clients when browsing them. - A default name will be filled in that is just the machine - name. - - - - - Description: - - - This can contain a simple text description to help - identify the client. - - - - - Root: - - - This is the local directory that will serve as the root - directory of all the files in the client mapping. This should - be a unique location in your filesystem that does not overlap - with other files or Perforce - clients. - - - - - Options: - - - Most of the default options are fine, though it is - usually a good idea to make sure that the - and options - are present and do not have a no prefix on - them. Details about each option are in the - Perforce docs. - - - - - LineEnd: - - - This handles CR-LF conversions and should be left to the - default unless you have special needs for it. - - - - - View: - - - This is where the server-to-local file mappings go. The - default is - - //depot/... //client/... - - This will map the entire - Perforce repository to the - Root directory of your - client. DO NOT USE THIS DEFAULT! The - &os; repo is huge, and trying to map and sync it all will - take an enormous amount of resources. Instead, only map the - section of the repo that you intend to work on. For - example, there is the smpng project tree at //depot/projects/smpng. A - mapping for this might look like: - - //depot/projects/smpng/... //client/... - - The ... should be taken literally. It - is a Perforce idiom for saying - this directory and all files and directories below - it. - - A Perforce view can contain multiple - mappings. Say you want to map in both the SMPng tree and - the NFS tree. Your - View might look like: - - //depot/projects/smpng/... //client/smpng/... + //depot/projects/smpng/... //client/smpng/... //depot/projects/nfs/... //client/nfs/... - Remember that the client is - the name of the client that was specified in the - Client section, but in the - View it also resolves to the directory - that was specified in the Root - section. - - Also note that the same file or directory cannot be - mapped multiple times in a single view. The following is - illegal and will produce undefined results: + Remember that the client is + the name of the client that was specified in the + Client section, but in the + View it also resolves to the directory + that was specified in the Root + section. + + Also note that the same file or directory cannot be + mapped multiple times in a single view. The following is + illegal and will produce undefined results: - //depot/projects/smpng/... //client/smpng-foo/... + //depot/projects/smpng/... //client/smpng-foo/... //depot/projects/smpng/... //client/smpng-bar/... - Views are a tricky part of the learning experience with - Perforce, so do not be afraid to - ask questions. - - - - - Existing clients can be listed via p4 - clients. They can be viewed without being - modified via p4 client -o - clientname. - - Whenever you are interacting with files in - Perforce, the P4CLIENT - environment variable must be set to the name of the client that - you are using, like so: - - &prompt.user; export P4CLIENT=myclientname - - Note that client mappings in the repository are not exclusive; - multiple clients can map in the same part of the repository. This - allows multiple people to access and modify the same parts of the - repository, allowing a team of people to work together on the same - code. - - - - Syncing - - Once you have a client specification defined and the - P4CLIENT variable set, the next step is to pull the - files for that client down to your local machine. This is done - with p4 sync, which instructs - Perforce to synchronize the local files - in your client with the repository. The first time it runs, it - will download all of the files. Subsequent runs will only - download files that have changed since the previous run. This - allows you to stay in sync with others whom you might be working - with. - - Sync operations only work on files that the - Perforce server knows has changed. If - you change or delete a file locally without informing the server, - doing a sync will not bring it back. However, doing a p4 - sync -f will unconditionally sync all files, regardless - of their state. This is useful for resolving problems where you - think that your tree might be corrupt. - - You can sync a subset of your tree or client by specifying a - relative path to the sync command. For example, to only sync the - ufs directory of the - smpng project, you might do the - following: + Views are a tricky part of the learning experience + with Perforce, so do not be + afraid to ask questions. + + + + + Existing clients can be listed via p4 + clients. They can be viewed without being modified + via p4 client -o + clientname. + + Whenever you are interacting with files in + Perforce, the P4CLIENT + environment variable must be set to the name of the client that + you are using, like so: + + &prompt.user; export P4CLIENT=myclientname + + Note that client mappings in the repository are not + exclusive; multiple clients can map in the same part of the + repository. This allows multiple people to access and modify + the same parts of the repository, allowing a team of people to + work together on the same code. + + + + Syncing + + Once you have a client specification defined and the + P4CLIENT variable set, the next step is to pull + the files for that client down to your local machine. This is + done with p4 sync, which instructs + Perforce to synchronize the local + files in your client with the repository. The first time it + runs, it will download all of the files. Subsequent runs will + only download files that have changed since the previous run. + This allows you to stay in sync with others whom you might be + working with. + + Sync operations only work on files that the + Perforce server knows has changed. + If you change or delete a file locally without informing the + server, doing a sync will not bring it back. However, doing a + p4 sync -f will unconditionally sync all + files, regardless of their state. This is useful for resolving + problems where you think that your tree might be corrupt. + + You can sync a subset of your tree or client by specifying a + relative path to the sync command. For example, to only sync + the ufs directory of the + smpng project, you might do the + following: - &prompt.user; cd projectroot/smpng + &prompt.user; cd projectroot/smpng &prompt.user; p4 sync src/sys/ufs/... - Specifying a local relative path works for many other - p4 commands. - - - - Branches - - One of the strongest features of - Perforce is branching. Branches are - very cheap to create, and moving changes between related branches - is very easy (as will be explained later). Branches also allow - you to do very experimental work in a sandbox-like environment, - without having to worry about colliding with others or - destabilizing the main tree. They also provide insulation against - mistakes while learning the Perforce - system. With all of these benefits, it makes sense for each - project to have its own branch, and we strongly encourage that - with &os;. Frequent submits of changes to the server are also - encouraged. - - Similar to Subversion, the - Perforce repository (the - depot) is a single flat tree. Every file, whether - a unique creation or a derivative from a branch, is accessible via - a simple path under the server //depot directory. When you create a - branch, all you are doing is creating a new path under the - //depot. This is in sharp - contrast to systems like CVS, where each branch lives in the same - path as its parent. With Perforce, the - server tracks the relationship between the files in the parent and - child, but the files themselves live under their own paths. - - The first step to creating a branch is to create a branch - specification. This is similar to a client specification, but is - created via the command p4 branch - branchname. - - The following important fields are explained: - - - - Branch - - - The name of the branch. It can be any name, but must be - unique within the repository. The common convention in &os; - is to use - username_projectname. - - - - - Description - - - This can hold a simple text description to describe the - branch. - - - - - View + Specifying a local relative path works for many other + p4 commands. + + + + Branches + + One of the strongest features of + Perforce is branching. Branches are + very cheap to create, and moving changes between related + branches is very easy (as will be explained later). Branches + also allow you to do very experimental work in a sandbox-like + environment, without having to worry about colliding with others + or destabilizing the main tree. They also provide insulation + against mistakes while learning the + Perforce system. With all of these + benefits, it makes sense for each project to have its own + branch, and we strongly encourage that with &os;. Frequent + submits of changes to the server are also encouraged. + + Similar to Subversion, the + Perforce repository (the + depot) is a single flat tree. Every file, + whether a unique creation or a derivative from a branch, is + accessible via a simple path under the server + //depot directory. When you create a + branch, all you are doing is creating a new path under the + //depot. This is in sharp contrast to + systems like CVS, where each branch lives in the same path as + its parent. With Perforce, the + server tracks the relationship between the files in the parent + and child, but the files themselves live under their own + paths. + + The first step to creating a branch is to create a branch + specification. This is similar to a client specification, but + is created via the command p4 branch + branchname. + + The following important fields are explained: + + + + Branch + + + The name of the branch. It can be any name, but must + be unique within the repository. The common convention in + &os; is to use + username_projectname. + + + + + Description + + + This can hold a simple text description to describe + the branch. + + + + + View + + + This is the branch mapping. Instead of mapping from + the depot to the local machine like a client map, it maps + between the branch parent and branch child in the depot. + For example, you might want to create a branch of the + smpng project. The mapping might look like: + + //depot/projects/smpng/... //depot/projects/my-super-smpng/... + + Or, you might want to create a brand new branch off of + the stock &os; sources: + + //depot/vendor/freebsd/... //depot/projects/my-new-project/... + + This will map the &os; HEAD tree to your new + branch. + + + + + Creating the branch spec only saves the spec itself in the + server, it does not modify the depot or change any files. The + directory that you specified in the branch is empty on the + server until you populate it. + + To populate your branch, first edit your client with + p4 client and make sure that the branch + directory is mapped in your client. You might need to add a + View line like: + + //depot/projects/my-new-project/... //myclient/my-new-project/... + + The next step is to run p4 integrate, as + described in the next section. + + + + Integrations + + Integration is the term used by + Perforce to describe the action of + moving changes from one part of the depot to another. It is + most commonly done in conjunction with creating and maintaining + branches. An integration is done when you want to initially + populate a branch, and it is done when you want to move + subsequent changes in the branch from the parent to the child, + or from the child to the parent. A common example of this is + periodically integrating changes from the vendor &os; tree to + your child branch tree, allowing you to keep up to date with + changes in the &os; tree. The + Perforce server tracks the changes in + each tree and knows when there are changes that can be + integrated from one tree to another. + + The common way to do an integration is with the following + command: + + &prompt.user; p4 integrate -b branchname + + branchname is the name given to a + branch spec, as discussed in the previous section. This command + will instruct Perforce to look for + changes in the branch parent that are not yet in the child. + From those changes it will prepare a list of diffs to move. If + the integration is being done for the first time on a branch + (for example doing an initial population operation), then the + parent files will simply be copied to the child location on the + local machine. + + Once the integration operation is done, you must run + p4 resolve to accept the changes and resolve + possible conflicts. Conflicts can arise from overlapping + changes that happened in both the parent and child copy of a + file. Usually, however, there are no conflicts, and + Perforce can quickly figure out how + to merge the changes together. Use the following commands to do + a resolve operation: - - This is the branch mapping. Instead of mapping from the - depot to the local machine like a client map, it maps between - the branch parent and branch child in the depot. For example, - you might want to create a branch of the smpng project. The - mapping might look like: - - //depot/projects/smpng/... //depot/projects/my-super-smpng/... - - Or, you might want to create a brand new branch off of - the stock &os; sources: - - //depot/vendor/freebsd/... //depot/projects/my-new-project/... - - This will map the &os; HEAD tree to your new - branch. - - - - - Creating the branch spec only saves the spec itself in the - server, it does not modify the depot or change any files. The - directory that you specified in the branch is empty on the server - until you populate it. - - To populate your branch, first edit your client with - p4 client and make sure that the branch - directory is mapped in your client. You might need to add a - View line like: - - //depot/projects/my-new-project/... //myclient/my-new-project/... - - The next step is to run p4 integrate, as - described in the next section. - - - - Integrations - - Integration is the term used by - Perforce to describe the action of - moving changes from one part of the depot to another. It is most - commonly done in conjunction with creating and maintaining - branches. An integration is done when you want to initially - populate a branch, and it is done when you want to move subsequent - changes in the branch from the parent to the child, or from the - child to the parent. A common example of this is periodically - integrating changes from the vendor &os; tree to your child branch - tree, allowing you to keep up to date with changes in the &os; - tree. The Perforce server tracks the - changes in each tree and knows when there are changes that can be - integrated from one tree to another. - - The common way to do an integration is with the following - command: - - &prompt.user; p4 integrate -b branchname - - branchname is the name given to a - branch spec, as discussed in the previous section. This command - will instruct Perforce to look for - changes in the branch parent that are not yet in the child. From - those changes it will prepare a list of diffs to move. If the - integration is being done for the first time on a branch (for example - doing an initial population operation), then the parent files will - simply be copied to the child location on the local - machine. - - Once the integration operation is done, you must run - p4 resolve to accept the changes and resolve - possible conflicts. Conflicts can arise from overlapping changes - that happened in both the parent and child copy of a file. - Usually, however, there are no conflicts, and - Perforce can quickly figure out how to - merge the changes together. Use the following commands to do a - resolve operation: - - &prompt.user; p4 resolve -as + &prompt.user; p4 resolve -as &prompt.user; p4 resolve - The first invocation will instruct - Perforce to automatically merge the - changes together and accept files that have no conflicts. The - second invocation will allow you to inspect each file that has a - possible conflict and resolve it by hand if needed. - - Once all of the integrated files have been resolved, they need - to be committed back to the repository. This is done via - p4 submit, explained in the next - section. - - - - Submit - - Changes that are made locally should be committed back to the - Perforce server for safe keeping and so - that others can access them. This is done via p4 - submit. When you run this command, it will open - up a submit template in an editor. &os; has a custom template, - and the important fields are described below: + The first invocation will instruct + Perforce to automatically merge the + changes together and accept files that have no conflicts. The + second invocation will allow you to inspect each file that has a + possible conflict and resolve it by hand if needed. + + Once all of the integrated files have been resolved, they + need to be committed back to the repository. This is done via + p4 submit, explained in the next + section. + + + + Submit + + Changes that are made locally should be committed back to + the Perforce server for safe keeping + and so that others can access them. This is done via + p4 submit. When you run this command, it + will open up a submit template in an editor. &os; has a custom + template, and the important fields are described below: - Description: + Description: <enter description here> PR: Submitted by: @@ -471,394 +497,414 @@ Obtained from: MFP4 after: - It is good practice to provide at least 2-3 sentences that - describe what the changes are that you are submitting. You should - say what the change does, why it was done that way or what - problem is solves, and what APIs it might change or other side - effects it might have. This text should replace the - <enter description here> line in the template. - You should wrap your lines and start each line with a TAB. The - tags below it are &os;-specific and can be removed if not - needed. - - Files: - - This is automatically populated with all of the files in your - client that were marked in the add, delete, integrate, or edit - states on the server. It is always a very good idea to review - this list and remove files that might not be ready yet. - - Once you save the editor session, the submit will happen to - the server. This also means that the local copies of the - submitted files will be copied back to the server. If anything - goes wrong during this process, the submit will be aborted, and - you will be notified that the submit has been turned into a - changelist that must be corrected and re-submitted. Submits are - atomic, so if one file fails, the entire submit is aborted. - - Submits cannot be reverted, but they can be aborted while in - the editor by exiting the editor without changing the - Description text. - Perforce will complain about this the - first time you do it and will put you back in the editor. Exiting - the editor the second time will abort the operation. Reverting a - submitted change is very difficult and is best handled on a - case-by-case basis. - - - - Editing - - The state of each file in the client is tracked and saved on - the server. In order to avoid collisions from multiple people - working on the same file at once, - Perforce tracks which files are opened - for edit, and uses this to help with submit, sync, and integration - operations later on. - - To open a file for editing, use p4 edit - like so: - - &prompt.user; p4 edit filename - - This marks the file on the server as being in the edit state, - which then allows it to be submitted after changes are made, or - marks it for special handling when doing an integration or sync - operation. Note that editing is not exclusive in - Perforce. Multiple people can have the - same file in the edit state (you will be informed of others when - you run edit), and you can submit - your changes even when others are still editing the file. - - When someone else submits a change to a file that you are - editing, you will need to resolve his changes with yours before - your submit will succeed. The easiest way to do this is to either - run a p4 sync or p4 submit - and let it fail with the conflict, then run p4 - resolve to manually resolve and accept his changes into - your copy, then run p4 submit to commit your - changes to the repository. - - If you have a file open for edit and you want to throw away - your changes and revert it to its original state, run - p4 revert like so: - - &prompt.user; p4 revert filename - - This resyncs the file to the contents of the server, and - removes the edit attribute from the server. Any local changes *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Sun May 25 16:32:53 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CEBEC7D3; Sun, 25 May 2014 16:32:53 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BB96E2D35; Sun, 25 May 2014 16:32:53 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4PGWrcj043933; Sun, 25 May 2014 16:32:53 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4PGWrOr043932; Sun, 25 May 2014 16:32:53 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201405251632.s4PGWrOr043932@svn.freebsd.org> From: Gavin Atkinson Date: Sun, 25 May 2014 16:32:53 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44951 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 May 2014 16:32:53 -0000 Author: gavin Date: Sun May 25 16:32:53 2014 New Revision: 44951 URL: http://svnweb.freebsd.org/changeset/doc/44951 Log: update my key with more signatures. Modified: head/share/pgpkeys/gavin.key Modified: head/share/pgpkeys/gavin.key ============================================================================== --- head/share/pgpkeys/gavin.key Sun May 25 14:40:41 2014 (r44950) +++ head/share/pgpkeys/gavin.key Sun May 25 16:32:53 2014 (r44951) @@ -148,361 +148,565 @@ IlXhP/XRePuAZWAGK75gESHoF6MH9abw27TaPS/2 tYaAmXKmaKfEGVDB89ayyHWA7UFjWGvtVtGH13uAu8ASdHBxbqk9kzIAQfLlNzsm OSxUPeqDMg/bcHYz7a/zraNkezLa3JAjLOhZJLXYiHXQgcbPkC+WxjjVyT7wucGb XCgBuvx+HrLDpr1JygMZOez3fQN268Bbg4fNt4bue8vHnxgeFnAGrpxRfmY8dzCr -BYg608cIAap6eVWU1Ms/Hc+lN4exi/lz1hfu0rQ5R2F2aW4gQXRraW5zb24gKFdv -cmsgZW1haWwgLSBkZXByZWNhdGVkKSA8Z2E5QHlvcmsuYWMudWs+iQI9BBMBCAAn -BQJSQrpOAhsDBQkJZgGABQsJCAcDBRUKCQgLBRYDAgEAAh4BAheAAAoJEE2hFOXE -ouV/ZqQP+gNYsVLlP5QtD9D70u0aKNLKaZsYBvjmaXg6RxvF8xNzfdzbvUMjOkPz -OyFgKIKz6jk37MFV/TbLWWX09h/O8idPqG8Ewx2NN7c1vccmQNXRW2hwKpCfwFob -tH+AwtZS1FLJfoLcU3aV9JzCuhBKMUb3kZuSQdimMJlA7NFQ1Ss13Y8Vf5UxzEvY -8O8c4lT4XOVQLuDEZn7nUcmMBr+b0haGwTW1lrQv1DvPEo0LWQWaGGHU9Qa5LPEP -GQC33fZPo+6f1Kjfe9+wiD+3OkbGjSYBpn+7cNSMYPmDN2f6XhAEKQcioLFNEd5F -k9PP/JEanQGGkIvsyIgZICTW62xciVtwZ/podpiZWeU9AJzUuMhzNHpVf9xyZlsH -cQJIpClYPaJao0ae2D9c4+QD8Yg8iROrR6kd7i50qg4+sUXD0CHCKPUSOVl9ohY9 -eejH1CQ262bUCcrEjdlZKsEVUCKXU6xydiUQJy9juU6XvT+8PSRg+OLvXjmBPdpy -+Bs+3xDrl8s9PHTlnzKR6mApfYzf53Ib2J5PiRGjft09MyUD/Uj+mpsh8zNO2l06 -pI2j+0HGf0hTYMNGn4mlhaQEe4IBVXoIoDhv/UIoRBNhW5e/tUKqOpMYbF7C7kWt -pLZHDX7yfiZIt2wrGo67Chg972eGAt3wIQCtOgeZ5Wdl92FaKq5viEYEExEIAAYF -AlJCuwwACgkQk13vRKCTJiurNACfVRLEmol06xM0SBabbIplkXqVCrQAoIRmwJTS -Qu3qVYwL/vhBNtJF8/mZiQIcBBABCgAGBQJSRAhfAAoJECCcfWL7CfXLi4QP/1B8 -NumFY1f33RgqIMZe2/A8LrpmDEe1NdNSmiS3HEmir/fqAzL2Y/+ruLrUW+abjaj/ -p6OBJ3iGFKtiAD4z7KlsZe1jslCXPQMofe28ErmpsJow1WATEnpm9t8L5pwgGcoz -O0uiLqN3UvkT3sDBDnzAOj28XiH3b1Z6PEab29FFbMewgygCZ4hP61MjIm/TULam -lBi51GGc1Ms2SZ7OqlTTSHYSVnTR8VTGLYZ4KHNQmPvmo7P705nnEgUFmCAwn5SM -2fnvUyp8Cw+AC+yIg6SJAwzx2RAxcb2EVtuHP59VZCO/GCTjw8369RWlV6P4BNpw -SdIeT8xAR058nyT8z31czdYpmgGFiej0DqVPHqs2mZib4Qtu1c+qaWViHb0hUd4j -AZsjsQ3/31SasEmVVjnnwdFRdlUqqLt+MV0UfVT1Obi7O5DGHcm7JI5wdKINuda2 -lZbsh2lxyFQWulpytgo4tEPww/tOf6PbLz14ID8jVqZDtJiIPf5cWXl7LJlYJCH9 -K921EncGNzoa90EW3VEjhHA0cM59SuRQP5nG/j68yTwrOSB0Nc7jVwBcvKqpUq8V -htlesmZ70NQFthynGdfqEIODsj4eDDdmB6MdHYuz1EbpEf8mypQ32ba1q7zkM3uj -6toDiqkhuxzTJunnMDyRT8n+TDYFUWfgsRmVRy4niQQcBBABCAAGBQJSREGOAAoJ -EGbhdg4g6P19EwMgAInQErsuVs8BebI/7tI4+bT9qhHLftg0SLkCan0T2e3VLGMR -7z/5XIqeA2SFXOaYeAzCkUwWNs/oVpoSJ3go+U/Kwk7kSHVitjXBfMmdXWbPkppr -K4g54N1ghe9xGL/DaN/MkoKHXv6TmoowLY836VdctduiHYgpS52nGscaQN16PRvh -TbttEmULJGRtV+KNceSf10ef7QnQUQ6tdphqerTrJrLxcE1qVf5ZqiDzYMJzs1S+ -vGyTzkqlfriM8WEXior+O5IkM7gI2Q25D/aKqFxnMhi105RQQAHCbLHsXlfImtGZ -z60ezMxeymtrUJaO/PTukPQwybDZQjh76YjSvgeIAqf85TbjtDWhkQwXQvos2+k3 -glarmOmCTJIJoIqmkPxmB7ojWIOqsgWUY3hsdz53IFV0SXLVol/u/jREld3PFODh -abWx3acLySJLv+zVGA40qnCUPhHS7q6Gz8JXE8WNsRAQaj28gZB2X4xr2windDSZ -1rSQegExC/L/+73SR8nZtwOcwj6sk278xfRboS6kcF3F4R2eDwW9ETwl8/xi5qUj -wQURCOkdWuOIf910IkY07wpHAHCvp567PDmrp1g0DCzp8lgBsuM1t+uec7h9x90P -EP2fvjbP962f/Sg/rPI0qfsI5cgPKecuLC2MKVVOqnebwejXnuG08und36itVNB8 -gpvJUNd2/pMpHhGXjDFgeAuiAIv9GJcXKft6XmRU996h5PrE3tEKrS39+aUxII6H -OQ1/ImVAa/0xUwxUCjV6qMikUYd265aqkxl2TYgDRgFa7SkMKRALZGkBMEoeAZeq -Sx5qQ6ChbbGJ7vH0l7GIOMTIEipRP2AAqYwsbSZGI5PMgi09ONYj275g/zmqcmB5 -8hm6JUy9kOQsKgJ4ogue1i6WXLIhjPftuNaBtbVNNrYVF0/fX29O8nM1hV6IymIY -aPKPa44psL/7zxO9xK2yepMkUg+aJ/lkrgxRMHze8Ke2BuXeURyoLL/KRMn/g83z -QY1NFSQ33qqRIpFQxLZvx0BA6Ms3GjuBewnMtcx0eKgTQ+ZXd1c3YLex1xStdKYJ -1NJbou8tHYvimDPtzoWetRRF1+3rnoW0g/9MVvicewzUxwWA8NpDfEYqWydBowdI -dNPHo+6SFOMeGt7pa10UoDkbEJFK+RQmrtW2lgCYuWFZtj/RuVYqA8MLvuf05Tom -f+dFPMWh3V/F/iOow7M23Yrabw9br7m3n6pB3NVMyHrJ4N/VPeDxKg7Imofkypw+ -aaQaksdanMThVWdOOeOu2T+YK6cf5EN8+hPQkdU4RGHnQxNWbFqwiXjqZeOBY8BY -o1y9JKENBG3LLZQFfymN5ApMznOQ4Nmzhnii/ZmJAhwEEAECAAYFAlJIKpwACgkQ -JknmKMXTTQXNaQ/8CNvCk9zTTsH8msDBO4zz+VhoWYveRD4QtXmjQ5rw9UwDdPGa -32HE5G33HrJ6/illJDQAfhrOON0VUO0yF2Lp/yfhZylKGv6/BFM06wGp8utIKRM5 -OH5iSL+VMu2BWc4YowMXuHB3Fc0LiwliAl2skkHhJjPLT7RSEFpXYqqGivuG3LFA -+dKcV2Y0++xPloBMkQf8ssj+Hkf/JZheVfuGZQWhqpPxXicqB8fIfHoghmt5k8Lj -JHr1wqQZE+EiEHssNou7xy7pL6zxtbFesBjyRut/gvxL6DEm95qpa4V3ZFXtIISQ -aMnFtQ17fhQ1yWzxdfqkt2EKyLREtkSWA5Aibz7rG9EHtF0XGB2ShfRyof3SIqzz -z++FoFeIkWShl0q/uRN7meTHrgwcfJXlm+OwslkWPc8lfhhAlkWGs6tySvdxeKnw -VTD0KC7Zl8HM5oGgtLIpYD4zJbKPCE0ICnD+ufiBnI/do6jqSFESsABN68TqABcD -Nlu8+tVnGLoKlfLQT/92/5yzREu8r3Pp/wmMTBl5Wh/KG/Oz5R9rPapUt4CBNFsV -wN24mMDIx2ubgDIuitG6zZ/d2taXpC56OqNhCcJkV8A6x7wd/skLynDfw62PStqj -76Js+R36YMuMd1YdVPfQOUDE5Lo6jKC7UQXf8tp/KrMZE9191aLEJ01471WJARwE -EAEIAAYFAlJIP0YACgkQUXvmFKXB7sffzAf9Ertb/KN0RavbfcX8dDXCpO3Ja2JS -azSqjZnfnoIZsGaPOKBDqYbxkzbZNIF/fO80LUDdMPt99NR69bEJsZWvbTbOIE31 -TuNDXg4NB3iwCAh9CIMsUAL7TqW+MPAe3k2YcnyFetYP8QDp3SMkpnv7bXsySaPQ -+96ilfA95rGmVr+NJhp63Np8uCb+3aAYyrYa3fEbDkcru6XP1E2BsCTGoGZwtm40 -aFGM+nRma/wPM+ziasKxBZFZp//xQB07HQS0n1aJq62mAYudbAms9dMzFBkjRW4u -rDVkMqhVE4nUtyHhlnQANMz0p13Nli6rusglpRsRcn4ItCbDnJnU4FddrIkCHAQQ -AQgABgUCUkmXaAAKCRCL6HmwKHMeHMcJD/95t1y912AnNl+jBavsZ1d8jhpg9x5b -p+1UnK7h+R2tAuT+JEiuBYtKaPOR9eLXDa5DqT0N0jXtoboWgoI5KYtE9FygecX+ -mXnznS5BAfKH+SFxrzrKs5WzWFDyWM8Xv7/hqRPv90wCMGVF0nHXxZdi3fT1gjox -tt5g2obRwYCgjqzGZvovVO+uSjZAnfCbdMvQ9sq33S9t9z4zWXHAfjW3rwZTVR0v -78yDMXQnLeb8sca67vHx7bCWiCIigS5kn4/+GTiyoUDvxyrh4iXTbl8rHhU1r/le -pqHaitAcy3MFV/qxMxTAElD5v2xJ0XdFhZarLluH250zp661ZMPvQEP7+qZ7kEz4 -uTVNTCOLNEF7VRre7emAaSU9bqfzwvi7OXxowbyqiq7dUrJEd16TxKwoxL3gjdMA -q/VK1J/jthupvRbQzzmPgC+mU0zafgUqczv5/fl4+C51MEnNA36gcB1ph2dbn7zG -sMh2kD9U4wXyYbTHbotEC0xHvsNu45JiQMJWghKgB+5yq/HG5ggAfZu2lEfHR4KC -KsoGj7t59RiMlzNJSPGPkfFF2+sdxPVnARx5zC+eYVACgAukJLllKZcKQuhfvxta -6XPodUwDMvT8xZXq69+immacaOeaHqA5MoY5ixwHx8fsl2ndpIPqs2OXFdrP0pIe -CvM54GG9eaLTr4kCHAQQAQoABgUCUkqRMQAKCRCSyENFbaambvDjD/9EzriaBe5o -gTdfQDEduhF/RCUVtSDgdpTMht7Ob8boO+6xIBcSRGESkysvxdwiWZlTR4EfHfE6 -AAy9En7bq6Xo9bgX5xHRm1fX4kC1N0Ln9gOv1S0jzezFojEr7DJCO4QQwKCbsXGd -dYhepIkjFhB1iX66vR7fSlsce8Lonl3Bu6FbhLN7SLH/nAj3A6U7Ml2D14MZIKly -z531IU5ym8Fr7sAMz5uNwmMgHnlaGp7G5o8mMdzFZsbZsy9PA8X1mOvjv5KqJEaA -/ZWXvXZV9O7D4i94iStrdw4Zvat8ZiKzcUbxABI3UXWQtIMRlyQgtqz0G8/KhOkI -Ypez/AClDxvybVHB3qeFyeTpX2GMYPLpu5k7/4oOkr30c9zxZxt5UR923Pm3Ate2 -6NUsUxlySZyHxKd0HLVJSGEAvaHFncJW4/Qn/fvtSsZ56E3Elvkv8nKjzazWNQzb -bh0gpr2pBOZ21MvOoAYn9rFvBCvo5l+jziIo8VBN5NFzueL1Q1xRpybYn9LTpFsM -HJ722g+/qdqT3gSeNtc7LHNE6Ub8hKhJ+So1Bh3POhlFSBblgRiebo7XsXLx8l/0 -lrBlOzNk++ovtTY92iUj5DyeQznnmmB3L4xRkkPEjZWRZVVOWndcHHbmlD4TYn5p -4PtaAolHIfUiN5DHnVaA8s9muqIWtmv8TIkCHAQQAQoABgUCUkqSzwAKCRDtZ+zW -Xc9q586jD/9QAZMrzZMcT91w75nGeVzRel7pL8iUG37LF+CLNzYncBtjs9q15s7L -cUuxvIQI35Ms9lkjuX6vDnHA6z8thoRLfbG/Qvvfp/TbEom+Yvef44nq292uC3bK -sSN1MbwmyNhk3LN8LnPpqQeQAVCFb0gU/+OQWrJHNYtPnbWTXIZWc3MmLVIEOt6a -p5wgrj/mIxY7XRWzxyX1JTtS3uzLLL45X/lIBrPlS+Q+ByxFJEuG5hSSE6ESZY3w -f9FLsto9XEalpnReBaN70NiI4q5BBm3eZuTBtWXM+mH99TjQzxH4XXz5rKPqpt3e -iY+nSzCAHS+tEYr0kdMu0GTuuuu0lkS9L/ygGR11gyommr/pmyAf3naKihRS5yyt -fScCTxqwuTB1xAoUnfFFzpZVbISGHb9OEKxEWg28qpVeSREfqKD1dxoKOCZvZpOT -naSVbcawep6KuVtBrA9InduBTrLASHqcQBDSxDjgjxaI3gsXGh7E/Xh+oRBaPujk -ysfa0E/2s1+AzuFlleZ58TymLJ6dfqTTu+ogqd9/hrQQz1QVwoiQwx28Nh3+M6S4 -26xRaAClnudxAWSXNCfDDe6sZ2LGD4MNg9vnQgyqPLAVzna8DK93sPF77MvMUFxq -+oK816u1HU+U7CT2BnLJ9y76Zj9iBw0SgbqeUdvf8jzYCfRgWLZOa4kCHAQTAQoA -BgUCUksQowAKCRA4A0KoUmFWGXbgEACWnBiLSnIGUsIdPgM5Ie+d1QeWRuE+fem7 -qkxOamzvtC6/iWDOtnsCcLv1ezn+sj8D6MIZT3KXQZ2lagc63EWuHkyjzkMHgd9j -fwfOk3JjgTkTbhmKLfVRdhASqowQjkFy47m/pSHua+VU2EWT+3tEQinCiyjy6tSH -pC5H9a1x1o+D+xdN14GBt/De3nJ4mfqNhs32gISQSpqDTrB1UWQGRzUnoYTNQi0m -3nVkB/7HKw+OMqMvQpiBKKDUwaXU32J2+y5CGVNnAHVyPv7//fQlK972+UTyrVhi -GDYx3JMDSt1Qvldz8woN/R5NBzMfrL+5QvbJTWy9FTO57VfxVV2JlB8qZ/S6lTMo -dc2pewnhec+MiTiRe0R7U/1UF4/hMHrT2juBp1952FDNPT3UzFTX1L+bx59GfZat -lj9TXvZMo0drmhwLG7GO/xuianWa9HQ3aLsCAA/SAlVOZI0oK0NcxuTDZ8Ksimra -92uYqROYaJzWkzF/lMCAmiPrPq2vw3nut27lKlzRyA4bLmVsP85jo7fAWsDw2/08 -EkBAin4r7BZaKro+AtqeiNPVRSBKCP98Ungxao8S83lLJ4tPt0qDwBy4Wz5aM7mw -rx2ezwPMZKhbvYPIwdg6fEes8DBG95o3U/YGqmaQ3hAMsfHOIr393MetKeSq5Kd2 -8PsGxFYF9rQ6R2F2aW4gQXRraW5zb24gKFVSWSBlbWFpbCkgPGdhdmluLmF0a2lu -c29uQHVyeS55b3JrLmFjLnVrPokCPQQTAQgAJwUCUkK6ZgIbAwUJCWYBgAULCQgH -AwUVCgkICwUWAwIBAAIeAQIXgAAKCRBNoRTlxKLlf0lmD/9Zq6YWMAzRDHB1zdYa -93qbQl46LRvEeoUNTwV7CI+4UUAC+JCrEi8EKuu23aiyMItFEJxmyLFmwGJKostl -2Gh/c644xsBU7WQxgmu8lgXhqvMr3OwMC25p8AgYNbzOqiWwoKowdKV01SRqtf0l -gS030Fkwc+m5qvjIC+CgrZRkmZoPvT7s7OqcMEKFbfSdoce27k12AQ0692va63P0 -g8Nq8rlzqDFZoUmdsHLS5WiDV1S4Oj5JCv4aZuWL++LGPuLg1PGhSsINAXFAavlW -VRxQI2tOHawg2WK+KYulkwZarNijE/kbmFOXwfuy0egBU3r3lW/vQmgZeiXK1BWL -QfzmJjCUvnWsf6Jvb7NkZZg28MjWLW2TPWSv7+42lyfsAZb6UJOg4MvLyajMkSDI -FtNR/820+CUlCGWxWqz37Npd4ROiDBvBPbzjvBmGfmCagzt9QH1laCxH5LttJd0U -viEa6gJ2L9orxA1kL0djk5eUpnBIn8jdnFt2NLvaISMuQo/ErRNiPVjmEF0Dm+RD -vDkqkQYVFEI6OC/LPLvHqIv+tSJEHDPFZOSjMAK929xLsxqJLw6XTACjIwt77vT1 -dBx+pwX5fH9BRpY5+djPvZMuQtI2e4Sbm6WXjjCgCeoKb5PYZXIQ1pMji1Arkyi+ -FU9tl3R1DY48m1nBxIVd638nOYhGBBMRCAAGBQJSQrsMAAoJEJNd70SgkyYrWDkA -nj08DCnh6gYl+Dr5xjyLeWBMLYFMAKCesOdbLoIYLZpnEp5WLFI/7mUC5YkCHAQQ -AQoABgUCUkQIXwAKCRAgnH1i+wn1y8S1EACVqw7g3ji14bhV9bMFsAMNTiXDMwAD -2eNu4VO21wBJEKfKhLPpqakCRgsP6cbc0EBG3iGQFHFvT7saIojVaFH/xTX2eboh -c7fVQ/jf787RrWwjm+JQDRsjXu0uwoas0Op2c5wyDmT/a/oR1XYQZWKihqOJN8ks -G825d96XeepKpeVf9FGPy/u+otyooKiV+rAG6vMMNqwbPRUExuSH3VIFIPGe+HyY -Ohf45aEKQGS0Kqgog5ieytVnjYxarWReWfsiOBaRyAkjHiuD8iWajMaA/NbCVt/e -jmMM0nNBIr+zjCXFglD3cqK3TSQcPln+k7w3VmClPu4Rmx7N8F4YFFYppLp6vufj -bmSwU62VSWUBHioHg+bmKCaxN+ew2qy30XBNJlq8bkPB4LLJ9O0nuEA4P0IAgFY9 -H1uQI5dcCT+xRaiv9o1ek6u1/u7zHYnLDwMnkCgTeTSiNqj90wXxwV6j3dmJ2vF1 -PERzeNyls9L1mobdSIzt3dMTUyn6ue0DvsJX7ZZNtjmsW5W09FELXiaBiD4C1nK7 -vMJFRb0Az69jfbayEDrK99aSr1O8VGsZTuCDQLay3cy/Zb/jJkuSyXP3FhoZfhjF -mRTWt1PKSBRk9kgy8N7hkyEt8KvI8qJ9rABH+7ZHeHkBH4yIus+wgnClpHOM0x7t -iV7SLaOMPyN6yIkEHAQQAQgABgUCUkRBkAAKCRBm4XYOIOj9ffaTIACs/nneU0ct -3cLegYU78cmQ4x2cVsidBYUswwBDkmPyuA314W+VEbEHINoOmk8znKfyiNPqFujJ -t/Ye5fcA6zExLoAya4THkIE0/nTHgQ716+vXNquaYjiBl6gsabevi84ZlYJ6BDY3 -MpHVAXvFmJuAi6Ul6ge8LNsv2rZper1UqdM9Y/Pnd1wLYL3kjF50RofXbuTICotp -mUFj5F6RIztfocdsRatM/dx8jSr48BLgx56H+fFeSlOeHJWi9jR186lE3YRqwvXx -LlKgLdgLs++oeyFUCSVnRXOh0OcDb7iKx30rZkkwBPMJrpuN/PoWqqvpCXF9iOxy -1khDKIpYpEhUZn9mEHWk9UsX4w+sYvGhKbV9SIcBLi5xXbHM41hNy4kI+IDvSEhV -dLWX/GNT5ZFoUiWCepr0Uw2L95Zzuppo4ari7CEGS/Fph6IjuPHTkddbVMiWAvWm -GyKksInkm6XJX509ZPw+zEIX7hNgtONzYwPDT6AHlVbayuNOG98H+O+X4b7PBsTx -NITVjiokhSMM2zKHLXse7VgLMNBMYmePV7OIP5WEnb/3xEoUjTdPZBz+VHXKcoLZ -i8rcrELmJPoJ+3LB7FElY2INEKUlqKRDbKK2X+khnfxIbjOU5ScFjiUMfuCME+05 -MpLHFLgyHuTOtUTI3aueObdRWEHDWxoozpMflo0JVd8fIS/U/SHOc3ruUkd2QiRV -GrJT/5ndmubMniCfTvYyloxUGDhJwBNkEPBi+DCjPIJe4hXff0bbS1STqqeOfRQj -FF+no3tWjpefGUesDE6/BzkWA2W1LyvgxNe10zeAWROhUSDZViJfpdZzSFaw8KXt -nIJEUGGp4U0O7S+4rEEJ6FJWXQ8Y/CXbHlMJdRGg5WKpn3luy5iEgsF+xfyDsA+X -G2KiYBWCfeElTZku5Yq8nvMvriL27XS7lpRFa3MmjHfq7DmVfh13d8K2uqaVkXom -+Nm6SqzXJQ/GKMrTTVdxP+7Gp/Xo3o3qjM8vFGUS5vgzajaeRociw0QPxjpz7KSd -xpYqfTtoIVJF+GrZ3E3vU2E/BdS6vqDk5NlRNqECtcpDVOxN4IrjK2H1FxNXM799 -BbUUkwULFRYU0UoMPxzPWrPBxt0AWiPkQV3zeATPLKz6yUToXL3WphmJyUJEnqP6 -S5VuNt/B4J2kkWcn/6ok5xuTxCfhr+at84B6QgemNmoHK6QNGxYcZ0WacjpqAulP -Iaq+tLiMc0H95VQk10CzwaBppQ/1j2nRUKb48IdFD9v3XwIuSoktAvmWpXpkmUab -mcOiRKVnmbYSyGTB5a5D3rUQ3SQ701ls/3q6F3u4V83RuqYICRvcqAC6EsRy4VjR -MYjqZgDETT83iQIcBBABAgAGBQJSSCqcAAoJECZJ5ijF000FKAsP/10u7QO5Br58 -MH1Dc8naw+Ejx4InmNA+AWxcuu8+QD+CoAWbVl8AH/jl1cdXuapCpwdFeS2+rR8o -s/FkKOs/Rcn94pb5uHNlxAw17RfrX4HHIeHnaBMFAsdZCo8pqpiGPjs52eP7v4SY -DykK+mg2QPawgwuJmw5Wbprd1YpuE03pknqFZ0qUe8kDt/MQdDWxIhQoaRQUwZmW -PZYM4nq+HELYZZZUX+e/80evwCEJOj/nh/XZJw0TanFuIuHlT8QsF1a33a0dzMQW -OrA+lV68lhYC4AmiSe3AgBAYgZaWRBxrPXSysTKPO3gFWmVgc6Ia5ccTMNZm+96r -GII5IyJwr88UPai/6MgpanaQ02lKndTyxbihjmVJ1yw3XKnkMqCowNQtaHiwWn0q -1CZNBjFeu7Sp1sUFRHPHs+AkQyK849DFAjptQst4pUxeOXJOrwTXN75fp/TaIMtP -0pNq39i98cqC8Yp0/kYBRDQGcIO7Z7Q0N1Y8RyGO6LD9iTCek9F1Wi1K8uDLHtvn -RsZqVje/wV8ROX4VY/Aj9qWMPJUD4lEPPisIXBsJn3bFc0DjhsMvvUZRsGclXt0p -s0Go3S0R/f15KCaVZvm5kDOMwHQwy5lpnosLgnC+LI5oji+hedOhOW6Ds+bbrPpW -fk+PNq3EqV/X2/gVlJ/QmKgh5beKQUIdiQEcBBABCAAGBQJSSD9GAAoJEFF75hSl -we7Ha6kH/1SrtZnefLXRjnkPDOlwrNBbqAPZuLIz0m31k8ai/PJ/byRjcVC2vkFo -EOkh4I26iR091m6NJa6Vsl0Dyj3Ov6iOENTDceq2oVpJ1iclPbZZbjxRwxc7gM+t -ZvycHkaDOxln2dD8pg757cWR6Hut7UDmzqxyA1GJnRo4VxTWY7cmFCeCue1/f8Zf -TA85PrA9uBDtGyfAdzmlnG220boijc2lDcxPkt+S89beloJA3Xkl7a3pAoMe0aT8 -6piIFJ0cJ+GXfQ628bwsV3Q7ma1F0ewkFDA6hNRqMPMimPCjS63+9Q5ZJ2UJJhcC -IxZdU3lSqCQdMHW33um9gUh/xnVsO8aJAhwEEAEIAAYFAlJJl2gACgkQi+h5sChz -Hhx0TQ//Tf5NA1SP6EGqMU5FO5nEG9PekyZcPSeH6KBV7vTH9Q1PKL5FGJiReVM9 -PocvtdVqwFyTl/bM5PKJdYZcZKq+A6ESSDKOds+C7jLxNCbHn4ku7xnBCpj2r/hD -27PMmA3vQ9+BSsnhf7luF/VDyEz6Vt5y22cchlciGP8DypK9P7FOiK7lX4svOKig -O19ipzzfeOfvyxGGH1KoHp9zNu6LFAS5SqkDlMvVbYP6TJTk7ZjLSBUE8+UOrrNK -2u/sTsCV0ZDiMD/XvGgr0Gc25trDVEfRyvW4HuBWR83YoXTK6vryIpazVR+nGk4r -XKuBN6EK/Doesu4tmJbsi2xN4SedRJgcCqtBNuXhD85xTo4Me11WmCaZHy1WyKaW -lwmzEFZBWYevC1dJy7LURsn27ee6r1Esgv+BhnKZ1vAGUADQsd/jjDMTMhJbRcGU -iY6lg9DsTusp2NA50QpFN+tRz760gLC/8zl6HTKYBt4c35XwE2CYyOvr9cui1cRj -uzpUnldqxEvwNbeNO4q0bd11qvSNJ8ojvIJZj92ilgu0gdUHrWejh5h4Rff1f6Qo -/CwsBpeT3QE60GtkKx0EJKeW2S1xDyiD+h4ZQGSYrSfZ3EaaWtTkoNmUMajlMhyv -ZNUrEy1km2qa1bRIE+YpLUGDC3ybY7YCZZHgHTbuCz8BJ1CYuQSJAhwEEAEKAAYF -AlJKkTEACgkQkshDRW2mpm42kw/9E234gdSovwL7aTuoA1SyK1kzMKw1Z4YDwqeo -1zq4vMw5QePQE7OY1YjMlZ+X7bf5IZXQZq4htff2xu0vlwohvREe8r5eJ05Svs0c -hJ68CxZ4OMs9IpCx0/IuQsXAT3c5QTqijVhIaxKtZQZktNe2wQeMGUF/VVHtL8nF -ysidMYy5rBRjHGr1PjhW1RjGurYM8NSaiAiJRjQQcPV4TTmnTq9s2/uPSswKJG4o -LidAtnKG7/rdp8txDVmNth0R/oGiKBMESoGXPG+LkA3lkI6Df5kgGPiOWZ0LXNEM -HQiDMAO9j1TVMkOUEL0BXbj/EEOSWZG6mFLpJU0f342BcUcSiHX2w8VSAuAIs2Ab -W94tzH2/eWOST5mSUgRZPeNRp2KKMmuIDc8rtqqqtkuga0xyymLOz2JJBgy7ATMP -VSY4gNtiMSilnCrGC8UVHLGYZVNlgO8EzfmQlQR5jyZ4+B4LqjA0TjEV9Y6Eb4Vy -uFS9zEAggkWHkoSd6AZqNxrAvpom+WgRiB9o056wsh3R5yZP4+MMAFy4MVKNbzmj -YL7LOLE2iqLPoNqcjoiSwxuYdhYnrtw5AY72uwU7Mvdf65yBRPEG6QxNhnPoKlGZ -x5l/UE5LKe4sqjhXDeoLtskWiLfV8KDfkVlyJw1wRFAmL6ifzP6fgEAqZa6KSrtw -mhZLG2mJAhwEEAEKAAYFAlJKks8ACgkQ7Wfs1l3PaucTug//fMA2zU7PPmyZw7O/ -mz5hVO7KS0bvn2JTtPLDGtOtOagc0aMCm7qJG0bfwr0xlBduoBWECwOngyj/4MA+ -+WXYtPZCnWu+izAiCin7AGmzGfWX7D+/8x9VPI5UE71gusUGWtVbObY6kgX05m7r -w0LsFk7Vvau2RSm1vd7tCMoOcPo3NhBYGqVfh3WFOcSXe/AF7LQLRMLBrIcKu7ka -yy1bjwF3e6MO63Wgo3kgrCoCPkugwfvfQHUypEOGglG10t65tlGZfeiKnhoIZWeD -sfhCoIjhE7P8RbQvdtxAxRpa+UWS+6kRMlVE5N8SCk/Xdh8MLr04uCPciqPeyZYh -7vQ5KqLopwvPvxZjChz878kFFhqY7PRaEpdYRQ2ek9JdilRfd8k/5gDXabxtQX9Y -Qpjf8SZOhlhpHeZmG8AjzicNcvpGjG6JD830BZPDOnKeonJQt5IWmNnAw7De4DGO -xv/59CmHQ8xWpTIt1MUOC+2pjVIXEqyHtCWdEtC0ZN3L8a4N+lx8UGQuZxXuj4x/ -to8GHt2Xom8cfq3T1FMvUkslR/kzfnmdnaZd59uWlfufEBn2xQAJV21WrRVgjoTn -nFDrCaUS5dseIhSQsajr1vcNLeOrk957vpLE1rxLZIv/qrU4R4tD4KME5RMJJ6CD -b6ACDN4rgUECb3jvGpbTsxixgyuJAhwEEwEKAAYFAlJLEKMACgkQOANCqFJhVhmc -RhAAgN0d5o0QoOU0IQtxEZcH8ynVoi2YA2q3n25gz+B7yBqyogkes73ERqy/GLaa -aGPh+lsfoA/cHCaxbYaOcEHKfzpjNPun0b2+we+SFjsPruO2gwTxRmOYgpF8eHVE -R8IRZC9ReQdhqFIsYRDUJvYnGctuDxjKR2N54sAXNYHyW+pLpMbCOVEgwPUwnacZ -FZgJ7fhMwDpbVaaPa4MYOiJFI0XjRVy66u4k/4TzLWRMszTjuXxaPbtpvyvfOu5v -gTvx/ypMyuOp/NuA8Hh9i+PD7/OZ2S1KXcj87im70GKPKfc5qPUG/X/tdGD4v+lW -8w2Im+Cw+ygwjLvpVZiPsOe84c6knIjuOkP0Ds+WF7AzpiBRO7BifJDdKb02KUOX -XqbsycjGWjq38F9meCoNnnFrXX1+pQIOAJrg/+Ba8I9bMhrxw9OdNqfPydU3qsyo -l2c3Rf0KJnBoecXkmutilKDcN30LD/5cKUKjvpglZ6wJLhKcIdfknaqq29fVEVXo -o5mXmnClU/eWZHVRHKTQlV/eK1yB08/6DgU4002VfuQmhyYg4W5ZRiEDhjB0TP8G -w+IOGLM+QaEbIRSsVHuVQs2SV/dNdxXXAzKpy9NVjZQISU12/R1w4wcc47m5+FKT -lfkXef/4ua736aCjEB1XMkpRDTDT0X2BtsRNa1jVgVs5B+G0MEdhdmluIEF0a2lu -c29uIChGcmVlQlNEIGtleSkgPGdhdmluQEZyZWVCU0Qub3JnPokCPQQTAQgAJwUC -UkK6dAIbAwUJCWYBgAULCQgHAwUVCgkICwUWAwIBAAIeAQIXgAAKCRBNoRTlxKLl -f0TIEACkBEMSUaCjXpt+ZJN47D1RSvyeLw+JXUclAATAWQRlO/Et/BO0jzirim/t -EiEdIlv/gWM19YkwqyNMT2j4QcbRbggX4z8dYgR61f13u1ZEugOBLmcNbiQrA45x -lM8qz1wE+5zafOnC+HwyhV2q0FkyqjYzIChw9A/tl1uSNuOnv1cA0jj2XXb4zza4 -f0E+1p3Dmq0w1otaWbVbzYbKRHfeNq44bv5p/iBwol9d44Cm/VICeYqxtwo0a14k -GHCke7Ss4keoDxdoEhs+/8O6g/x3jZV9PF5oHeFgZxd0triztDynbmkdkOd13omH -ddW2sV0AAN787t3Ykx1/NoTONn55Q9EWExJGWCky6MhKbkDchQJE22qQjNuXmNjK -+u3mup5ymv170yix6QccS+jwBrcXC9xIvxjTDvvG1aKRIjxnFsocM4Daa0LOFm8k -y1UVg/pVuYSx0QhIqVzT8JuSFoBnQBGyaAdOcgn+493pv4NvmTrag8fRhhIsAo2c -vD7xGPu0gPNAXWO3x0L5L2FmSZBKk4eFT3WrriTZm9Z9lEnXsKcT3FfTTaQ6PBaE -Td9OPwFhe2qjZ/bfe94Hf1pqbjByTxy+AIJ6kRAK5KA35c/I17IPqPlSbrxrGILT -wMoqkALR0HYK4PqzDXYTL3JOCJTv3oJWGy1erGTtQrCe4I8fdohGBBMRCAAGBQJS -QrsMAAoJEJNd70SgkyYr/A4An0ofuF1stkSsDZ/2k3HMvmBWolH1AJ94xIJAO1p/ -drVE7WnEd9DgXzsosIkCHAQQAQoABgUCUkQIXwAKCRAgnH1i+wn1yxKgD/4/Tjal -gxIXxa14QWZa8HfiIAsAdX74FN4BBZDRXtTiE5XA1p8N38pgB40ym9J3Ys5CjLi2 -bM4onDreVs8y4Bftv7Bco/j8XaYoSd5OzeO7qUsdhr59oxGcuHSgzIWMwVtzQ9mS -aCHBWtb42XDzP9oRggasb5oySZXbGfdxvRk4t4lSX4kfuqXVCIjvkgBCyDGRrBmV -zonf5uRsVyZeBqcqRiWChj61QwfAv+FwtgyUtkBq/AucaT9N4qpkEgCCgc2VdmEl -5xY/RhPeFC7a/lg6spFFCo/Vt0ZCRHLcIyNne/Dw7iPZi82/24WPXahBFBjcxQAv -ysA/AlGNVEzx/UX2z/tY7ciZA3b4LE40WFDV2Yo0zh+3FHBSAhjzt6aieCwbjiao -+syXlSBGqvnswh37T2LOIYiZ/tdWNbFUsS8rOZZAbNVWNHhHRxRCPTjGqsyTtO+h -oOEyDegPM8SqvNUQTPA+XqpL+7F+34goiwY2hjdJUjqrynbbi/wGIpImp6HtfyAc -njD48MTy82VyzxA70YZsAhGMQo9hyCIF+DYEbv6HpbzbOe4YqvYVXTo9ZbYiwnqX -9aygITCQzT7X5AiwpqeVd75rz5/O7rzQ935D30hWZ/wp9tsMRbyjyvPE+xnesngY -dmifgwiws4Ht86OqVHt6hcGJ0JexM176ctZCB4kEHAQQAQgABgUCUkRBjQAKCRBm -4XYOIOj9fcqBH/460+/qWy6TQTU/MQgzh4vjiZV8zQHkEkQwrJpnTxTmzV058ucL -CwlDDNnyRneyrD2M9bteTu4p48UgE9Tr93g0P18h5D4r8siIAni1TMDO9NBGdoo4 -TAsjyroDR9bj43HQxAnFB3d5flVQQtqIpDVQ2/P02Ecl/XK3ucgJWgNmZ3ivKoAZ -KTGth75Yk0kLQUMBkwjlKOyeEwLGw+Gb0lOefSF3sOL++RteciWugYe0J66VIt0Y -+N7s3cGlXz1TEQx3SFsqUTFmehQn5iwgHS/4ebbQZOvd1yTkM8aCwUzrAffKJPXC -wh8c7F/Jsfm6dD3Uvxbj3JVgOqwOUwi3/9fq/hETOlkbNY+F5cmGpaNI+KWYFOLY -quEzrifKU4pRfY5VqLOz2a64fxGpWWow4WebODxs3pNYMSJ/kkZz5FYYbrJaMhBR -Vb3rCiMuR+G6sNZbSeFN7d6qGb2cLZXet7h9Amzot/kp2z3cB9QfaaSPS2Xlxlqe -ZUF5FMF5A+z/w7nHF1GbrPa7vLCOzkM53ds0JFBWxigSUDuZ8lZBkb++hEJK5dVH -k+UyGlhK9cs6Z65fk5XeN+NYcYICkYzzfjMMAbwFypb/wVrGMOrsasFam0RQEVrx -meG6HCQsvsc8zrgtLgv9SHByxM+rvzdbBwuwc/2TWlRxrm/NpOAjfKvYbHBR1iad -Pgu2s0aNrjBn9UBYVe2QVB0dRzC1QHOHgA81txP9Z1YSQTkwhatmCAMsaDpuWhmy -kwwyHlsE1OTk/SnvEZUOJlpbclNmo9Zjkked8hYXDMgP/osuRExEGiUCMZcPjFo1 -cgpWXAF75anVnG1+/NNo5L2jyShgE0rWRRIJogXEiPGrB/SD0q5nML1U4p0DTQdZ -CKvkaDq4nfYrsR+/WLZYJ5EW27XsRgurLmuUxWG1wZA+o/C53LuQ0BfTBqAnCQ/E -wFxzgl6t3ObB0lKyJrOeMYhU7DW2ZgzqdrM3IJq8zEGetIZQM3QNm9VVMO6jfVgj -gL7JnLf3HA89/eOBhChXqUgTgMb0bWs421n6clRXuJKn6Y09uijxOkJa7HlIbpPf -APnlyZe0cksLVj402Y2zkChfGZxGCkJgrCgLcV6D8XLYhd9llxNd6RnjRraFmP8v -+maRwRU/eI48Zi47UcolWjG7gHO0uTwRhBYTe2NxlYajE30gFmsiYNTWH60E/G96 -ko0eIY8KCLJI0sGhO2SQvqFVMcNsiPbtZgKlvqDd6dgmjx+z74hKGCUG+IdhJSnJ -b7ORU3urQ6AFx2XapdM1rd/8jwK8sDCgc3cN/p/XfCRCkVch+OHTcQzmJ18kuJsx -Pz4E0bb0W2db9AgFBaPSBrqrTa/I1TZXE1N+iQIcBBABAgAGBQJSSCqcAAoJECZJ -5ijF000FfHAP/2+a8b0O3BIwV3SAHTgENchkqEfXGuFAE8ZeirWkCmg6jlfpTeOf -eK8TkrR5ANJfitwnOeS4nPwfI+2wua7QDMRrfU+7PpKvgL8xDqW0De0OaH0LhCXB -nIffmeoaDo9/AB+tFoGo1TXbH0wCL83sE7CfIaxFGWjps0afgwZMfgSYBT6SZjQI -ok3UURJnS1nZYAcQnSTMESYTBK0te2RFX9wVMOb+82fcUEQKQgBxXw1pX6Skl1kS -nRt0q/5JFRFriHe4WTzfXX+YNE3Le1ZXVzgPTttd02iCq14iHwSarCgdG2Hp2D/K -2Yz6xeim5/Ob0UUXT9uH7KNH76Yi/H8Ok9upKDAM1CZSPu8tEYRjhBdj1+mV9Tb7 -98+2DOpjb+qdIUJjD8Bz1YkSZOLhL1wufYxzO6MMwxopszj4k40uOiKMiG0lx8od -gyY5zX9K2l5ABFiXCyxbjVCXcjhBV9i9GJjKQLcOYoJJGmb9kCyEVDNAd9Q1uwkA -Sn7JvQ7tic1hPZR1ektvKqIdafnHWM1hlYtdrNPPlsIUciPMqV6IHv4d5lIQffoj -BKVfziFE6k2E8n8pNwzUoy4UxxHmYh73gYWDMNHm5SzV+1xymbPpJxGNeWtubWZJ -rm+6l17dhIY3nyMTi9xQHvSIEcmOKChgXqdmuxT2KbHGf5eH0/9YCKCpiQEcBBAB -CAAGBQJSSD9GAAoJEFF75hSlwe7H2XsH/RwGwPE4rdjAk/0CwbMqdA1BS3mZfD7B -1U2b0ZSuk2DHCBlfGn1k/0XcpWlHKxT8Hh6dHtCFSbNMSEx4TRpWiahVsgU9JnaE -chfZZ/0sManPgbpYXXpW+byWEHUJLCCy8UStc0fu6AXCB+OH6B3EewxRguu/gD8J -h+jppizM9ZPkPK9CEbQeI5xNFoC5E+lcnmxc/LFPchv1xo5TYZR+qAJAfsWGcFmD -LzShPqe8ZIzOtLEfYaYwbiQnAC/+/lbbn0DEJ7H68TIcVIKd/4gOfoIhOkc46dy1 -Ek8bF/ivuGtjY9WxTPsC+wN8YIhIDS4dDm8z4bKOAskv+cgtfveSxV2JAhwEEAEI -AAYFAlJJl2gACgkQi+h5sChzHhz3sQ//SwmOu9ZeWGng52qPqEFyPys0RYNkNxT8 -vATJz84nZKQ3zfOcvTt9LIpT2H38iOOg8nvo3wljQi8Zut3E1oCKQ3Oek2h9yPDR -am25+ZzF714ceyFHZ42pI2uzrvTx4kVvaoArX7bKwHLaI/ZIr4OiVLX4LyeAwDJG -cvAcSp4snwFyxe/eva3QhMVggW/phafqj4NqrbZ86oI1m7SRad8ckWUilDUkLNyq -p9DQmWNXFBYUAuM3ZRIhGltZef2BLWaQe34gDZrS1qC1bCdLymIymoQpF5WBdN5s -N5lQfcPVd0fm1AJxO/ku5pncQ0dnLsuERJ5t3EHdqBgaIi/mvalbQMXxxE59MEaR -Vm9N/CTf4gViby9nvfkQrH23tpq3B26NYFgPSnnIRKGknpG78jhEdg+m5gZqoUfv -NhVEUHKmJPdBaloIStwvvUAS9CaZjzhURvAnoEVFDHu40U8o/UNqiQRLdPjzbnYR -emlKpiLvemYqzYQ908GbXLZKT7HMPr0Vd5k1x+1VgqDZqSJgJOdhPhc6ai3vygzs -MaWIUkw/rVDDqmc9wDSGu6l2LYYPvYw318+E5oLB6cJAPeZqwUAVsx2G1NCJPh8i -0/eXPov+dmCykzHpygtXt+WPpHMy0FYY0gb2azqKcVSeE4Ukr3LMul+y3d4xNgas -eA9xhs9tdvSJAhwEEAEKAAYFAlJKkTEACgkQkshDRW2mpm6Gig/9GeGYkvOhKJZK -tHdnUc2eGlXxNRL/bUL9BT2WRJVaKHYqVFW7xwdLexwuRaV3jOiIQjJT2ALZ/rvA -v3WutNnj3DmngCob2B6wg7vhNb7+HycHw3QsHRfaEIdWO2hywBvB43ErMq1kNj9s -JXlA0m08t2Qjg4+P9gFTy1ynJ2tEPuvhkPorEjhZ/rOiHpQp7RzDeSK16lN19d4g -YN+11aM7FXpPPISvMrg+Gc8eo/1hAApaltiLUYpoAVTtW2o/kYXawRtOxLFaWGGA -cIacRTzJNC3VspA+YDHsN5eY++EqYSZorIpasgxv5Rlq/BDZWwGMdvVJW4mzlX7V -mIsD5VyGtc83NDf0leoBIZDxvABmQdPRdgH2tKL6bsQufUcibDorQ2WaGxwdL6cH -CbwnOelnLytQBKIMnYDsdVJsw55XYpjTzJN4ZNKeSc27qsQJJ/GwbjeogOT3qahy -b+lVq4tELn053xBtAzlTdIis4Hzc8N3n4H49+yt9rlZouRLj6W423u3ITX2KXLGg -UEjF0klzRJHLRW7WqnXsk9QQ20mmlzB7iVaqtODXA8Ts5zIlFfAhoE9pGoti8zmG -I8aCyrUDLkII02oFgUWQ4Q6gqcFBvDYngQYPVDeZ/2amfode4wlYH8grMv6OR+Fj -7NRTZKxfQRr9nUtSM4c16ZJZ/FWB3buJAhwEEAEKAAYFAlJKks8ACgkQ7Wfs1l3P -aucVaA/9GnRQcppfrhmm6X5ZEXl6LBzPGUQo7cjPnJanFvRO71wNIei2Qbdsxpjl -mUjW2/wL04tmEstP6EkAUY5pOBl8OIVmvb6SZjaf/l8Jpga/aUFnO7yhWQ/mS5GG -YtHplqYGalv53ELL3u4RZRM35HIEdr77XdH0gYS62jjH8XQYEP+CMbuLh00oeHpL -zY3k1SXzD46Al9ucZkkSjYeD3GAVowJEKHqwrkUtvkZcbBH7cHlYiVaSTor7DwVv -J61se3AXSuPX11dt8DcZhApDhVN8Fq/4g+/S4O+UEoTnHDOTHESLyMPtBEk5XjoS -PbcG4nF5/Ux64WbDP3QlSTfbwXPWQB/i4pTJzrUF8UsCls82Zu0tAgtEF8HAhqbj -etvHEzHwdM2t1P1ILKKWTuxZgXhD8hkqh5m+PVR7mphN5j4X0BzOs9KZGKt7u8Ad -KqZsLD/+GUiAgzpnwgGk3XQTwVvvx9a4CC95XusXOj9CUw6nydGXOTpq0TZk+zoK -NEU+xvUg7B0EhXlDd/1sUaHzWdJpYIyqa67jagtdUYqNYaFu8T9RsQ0F0m3+YElw -10CYwc15nKEgExFQEZjiMjfntvAwtzNk8/GGG6MqqxG3N25csAClWhgwB1tZ5lU3 -msJKtVUCT8WKSnXM4l2yVOci2PXAS9hBM7jK55D/MxuuaX55AQiJAhwEEwEKAAYF -AlJLEKMACgkQOANCqFJhVhnCEg//Qf5PD6rEghQCxKGzAebOu7RYODFOQew8CyLs -Vwxxf5cXFneUBvpy2+pRVSko6dsP93erEk1o6jVJfloVm0RSW6UY1CkT5qm7+Sb3 -fJbxKa8vwaPJChfc+wcrl+GXeCBHhlie0cdTNbRRmWoqUBwUPrPj5yf+VLG+3kxi -TpP8KXbqdW1zmjMH8i5kYv6Z+WUDaPC2dn1Yto0BvYDkFpQvyboNvPSERCGybdGt -vTMSZFgvz9TGAtqdlfryNqTx0ycdQLCcf+RV0NIvkO/0xq/05+rdQ1nRIenbtjWI -Bsz6yCXYjuQobmX3iMcjGC0MxuhXTlUf1l6jzGPA3yzIGj0jJVWkysTq6u4ORPeD -gKg/yEjGpnv1nZkjzGbadsDRK8vNbGeLtCP4XpARuKiW+gAkEiwRXEsDTyjMnWfS -kUxuD6fREbbmLS1y5aHVmfqR99qsKHVJg+ojjMBvSs5pdb8KLSbuWDJ7n9L76AeX -GHnSB3UzlqLGa+7Wi4HMICsPUwHxIRMKK/AO1rp3B7/vIfgl4316BIoLzDlC3wH4 -1AfUWY/IQ3BkB2Wlh+yxB/8UcbyqphZZ1RfbXPS2FKu0TWiAfnEguqtdq7KPX5Z8 -MW1qCtA+ekxqK+s7vF99lZI+WLj9oBj9HrH5ozCU3Id6lM43Bcq6HvNIRFYZnq4B -XKTz+PW5Ag0EUkK5qAEQAOoYMWRz+wo4bTi1PbCMY4FZllJoAroia5rmi6CGO16D -73jwtCWNp0eOkzXHFIeqgL7hePCAQ8BLYeWuiOGZjAMDHdw1dRUy7eSonmlwQPrp -0FpwqE2pdrs9lwJJyJOBT6Chh3H+K8xjz7urQ5h+oGrSh9ZAYhxQ8bK/XyO98Rdo -SUE7qFb7IsekwrkzhxpTfCxH48OjLSPb3NC65vCoLactiS0zhbqSMiCfdyHrDa/O -K/JQkSh4fKPgP90uY3IZOyMboDy7mMfb0W6NcN5fztsulOH3FYMhLc7CpmckrzlL -MOKF/k6PR3ONpAXN8ofvoLw0hbyQR06yTkZamEfYnWf8XvBIesPJYC1gp4HAWFFe -xTH3KXqCHUHwaYLKXQrOMj6byYty+wYSHaqk3lon+ilDhUB4SOiF6nnHCsbNEz9Q -/EgvY6gBY5uimuP1a3mphC5mVmigJYls/OLe5SxQS366HhEVBr4oc07+bQBskCVl -hOoePa6qqtbsJfhpBavw23kXfqD+FJwppi6WONezbCCqJs4wqBKIuE/Ly1S9ese9 -zmpSQ8IU2wTOOJ324692DOSHozRL+Ss3vPhOPT9l3v1cgl4eStQVZrKTuX9eXCg4 -OCnlTAdG3sktUTC1eu8V1DFq4vSp5CH/BLFIjcli+E9jGCjuAYk64ij1jBbDcYMh -ABEBAAGJAiUEGAEIAA8FAlJCuagCGwwFCQlmAYAACgkQTaEU5cSi5X8iuBAApfvm -LKRTdwGfNSOQhbMzL8u3rwzc3EQn5FBNsSj7hVeKdSkewbnxeIxLGPOKWZ+Lb7eS -KHl+S0BeVZoM4aIm3Mqx1IBnEcMTrP5xWtRrQ4ul+SaDx85dCKQ+TW7EuQzOzbSt -x0b6NUKS/QJra0O5y/fLaAcYG/AZWjrlYtg43za063n5j0XzYu9D/lUAJv9K/RHW -4aV1QSSLA1Wo6po6f6GiqRYM2QfDUMPIbwvjVGd4/ReB8XGLHdH+PVz2WNOR7kK1 -HyP9A9PEX6Km/H0Rpty/MPK6haKClt0TdmfnBnyFzVcfklwvCA0ZklHx6NNx5qOu -G4o8HONFhkYHyoAZ4L6ap34nVRCouhmYfJRMUqChkHuDCvljMrNg0b3Ot21XoEId -Mh6ovrtMC6ctKOSd4GV34+sqfpPwF6Ne+dSZ4aqDn89u5hwY4g7/spx2Gz43Nb8M -sw9Wt+Bsql0CwyC50rKyyIjhNjVU45s2j7VR18lbt0cotf3+AeNJRiwEbCU7ICID -ayf0ktUPV95y0c1Dp1H933TXbYqL8EWG4RF3lBmL6mX2ZMTXIYTussuTbiIKENvt -l8UNmWkS3yQQbM7fSwC4DGZjxxcVBIDUyCIpUduyWrw530+WwZlgjN283VijAX7T -cDXxVhupAfsUfx3AJE7UjjVPriqNX/1mIY1otrE= -=+TCf +BYg608cIAap6eVWU1Ms/Hc+lN4exi/lz1hfu0okCHAQQAQgABgUCUk2B4AAKCRAg +tw3hPx0eT0lTD/9pZfVTlzA9IMCERs7bush9CJn49luBFgZeQpgZ30RDR654f2QM +QWFlltBrPunugOpeaRBKp/qtmqmaQqlaaHOE2o4TP0HXJz7Zc4gusIJe6c3a9Wuh +P/LKKH3cAv24II69yL9tPqoRodlg5Y5+g2UC0OqVUIIdlEVfQx2ZVgRKJ01izYIQ +XP1tFoxvKc2EBbyQPFbkfVTS6oWlohORhhr8YXyI2xCJumml2A6WVRYFLQUATYwk +Zz5lwqs5QRTbImGSeNeM5oaojzUzYmhktygn+Zg98ofziANUnUjBixRhxJueEscX +qGF7WVoaq75RaFkZrSKaUoDADxodss5zhCv72UfUeRETtTnvWvzYQVxYUOrEXFQ5 +0hMROm/HdSHOw6MgygEWRqFIGgTbe+Acrx54fIeJssvUaKgMqvzJVxgtdxmiEtVd +TvE4xkIJs9Yt+8YDtDQEERqY9g9Sg7UjAxD4e0IMkek50scAmztol0+uv6eQ/YIT +rI99jW8vEyltLC3xL/q6u/ZsXxNoIzow/eiceaNFpoHnNLfgYdzW9SbiizOqs3Rq +B4AKgIaeWF5OqU/rVs5+Ebotum2JJvuR+3kojmFsVL6FizdnDeISZYr11XBi0Prh +EEqd2QmBL6RypOBO5oXB0gprGW40Igs4ZMPkyt9/ejZeRDtMMhcgh0GFe4hGBBMR +CgAGBQJSYAehAAoJEO0WlH9koZRNOFwAnRGzzYA3c+nekPbwfsoWxq9hwMRIAJwI +mFHSmA+YeIWyZ/XZt0a+Wqhy/okCHAQTAQoABgUCUmAUsQAKCRD3dJwX9McxrV2b +D/wP/fRy6rUB2mV2v3TgNBFCGj1hd0YEE25T18U2qcfBYvYpqktRJeFt15aQDHZy +eSjJp4YV0vrEMNU4jIL8hdBuFF7ZaWBX9HpLxuX7W7T+i/pb2xF8A8boWEfIcEdo +mM2L0OOlarCVAqEOdZquK6oVo+jL528m10t9iV6ODg+W2dsiL1nlS3VcOF09ozuW +rPvvnEl4n6TarcQrZdDmq72rz3kh+oh2OQKeWGCzuWStBzr11Uo3ptytCPL0xKZA +6sqXlsV6L+MaaHXsTkiv+jSaA8c41dbKjlihvYV4RW/FKFfB5ESIYnWaOUXPrIpk +4AIEAPKh7HHBA7E3o2d+EPeLLsS4vSzZ21CJffZ3X+M6LNQRDK4vdwSNRtoHcduR +mlTprsdQQrv3WnO5tcWpU5+YIF0VfCf4d4VJs+0NNgUGvG/Y6+aYXRMs/sIavb6d +wN2kGfjNkjbQaxJCxa7I6QryWmWm36u+ygRjRvqSsA/0XCfv9GCIr+qSnS/Sl+t/ +i7ON+jcd30WWLEfcJ/rUXU88Jfj/7YBfWF8ScQNhgioB4V7IgiRm+6m4ymUS0GAl +lPFgmy/Yjt3re06yQlYhkgvjLxaxV/rwDdswPijfAi2J1HZ4uyVAAvi5sNZhFf4j +KVznUnzkRGomHf+B9EZ8Nw9ktBBxn6Uugyx3K/dfxXuHT4kBHAQQAQIABgUCU3Pg +zwAKCRA11pcJ7ICeBMVuB/wINRoltrGIBUvPddSc76UljGmJ8aCPmTaHQR0BPVWB +JGhigyrN2FY5ExvDKdIILkw32caAVzMeiOJOMg2TRNtpcEciKKBe04Ws13T7jOSz +vQZa1PTMkZCyETsD32GUpYPFERZTWvIuRkLL1RL6e0FapAPvzBIjF7tdnIvmfrOk +XtEZC/IVSqQVfxWpxzA6SXnvCUzNJZD+/gTB+dxWUsl5oewYtL2PIchtoBqRdTIP +AcCi3dasDEuCzUXQOGd2YRQq8g5bTSAce1lN8Ys6bgmaLVF8rYGDGFJNgwzuPGHF +tSKbn7IyEESOvxKNsu2Qxzm1pMy8no4kkRL+g/JztJFDiQEgBBABCgAKBQJTc9tW +AwUBeAAKCRBSTww3oLlGoz81B/0f/Kf5ACIzrYbC15CkY0CxRzlaT3uPJxvTd8cG +whZ0Y59ZHZ+sV2ybfvg8n9AB9yJoVgZUS444jwdVucMOScM4AY6EuMzbq6GVVDc1 +JMKkQuv7chqP4reBV+hvOjCiFw35Er2YJUjD8SIl47F5E5FcXsqs3bpCGu+PgtU8 +15ZDiITKqw0XMZFU98uHoBPO5+IlMl77hToMmyfvWHaNud+U64wxWHjEMXnr9JNL +7SmJaXkXJ74ymK7LYaXw7kUkfI7SGK9RZ2p2qsqSRbM7ctm6f+bhw/KsXMCIihIg +OixPXrpU7e1L3i4yxuJ9O4aqOEecJKUMlGc5N24XhMVgs79miQEgBBABCgAKBQJT +c9vKAwUCeAAKCRAEGt9Z2zw9i/wmCACX9pVipnemMU+JuN0NR7QFyGxFaif1c16y +iGgL+nzBnub5h3WQuAvXocVcUG7wvCpYukpW3tJyMyU/ltZ+Qzw/2uKGmPg18zMi +oIC0aGkXHbYmTIpIwWX5IRoJvpPRDj9m0hDPTxeTj+dpqXE8zJ7IBIorw4wsfM1S +6V/iUuXRsQvZ9vDpx16Nlv8Cv6Jv7xZNBuKF38Lt2Bfw5rQh6SS0f1ulPXRaJk9/ +Ps2jMRe6Js2/8kwybTE/KE0K9MVf7gGtg0EaBLctQh3rOi4yThqH7dXSRWcBQGae +5AFzQ52obTOJj+kH2B6fDh3G4oNytIDhJpmWjgOltlChX3dQ1TAfiQGgBBABCAAG +BQJTc95XAAoJECjZpvNk63USkbUMHRptti0IgbgBerhpVtgyQxKjYQQvCrU/WqVB +wJrEIschMdrqNby9x1SrcumGdZwIUnlQiVADm6YhCSV6xh1MrWz7HGQBeAK55Ubz +mVWUaBTHNCSJ48lpXrt3ZiWx4XB49uLm3SP/23UXmUKqvH0NTRBujM6HdF+8EICE +w9/wS1K5vkVJBbXnsMbtj/YO517MmacJ4xexHjxV4nLZdZCs0o5qs6mzLBy+go2x +qsRPQZEN+vqzqaB+AWQ8FNX5j+LQvhpG4dZR5X1XllOiKvsug4s96hiKk+xqcZBN +CpVCJE7XoJoYE7O1GKKmElJJ2VFM49A+oJ1PF1mPyMzy9dTzoHMRFGPrhI0OZci1 +bp8qGDDdBivxxVnv5ogRNPIlBDiJn9ZkFzfnTX7mYQJeq2hGQChkG6Ulus5ZM+CS +wT9PZqpQ9L4d3Nj0IZ9PH4pRNQDsIi0rk6xXbIo/0FMCqQNa3iQTl1kdzXBA5lFb +fbvJIIVBECh9ZQVMm2oMQgBhgaMa4S5suEW0OUdhdmluIEF0a2luc29uIChXb3Jr +IGVtYWlsIC0gZGVwcmVjYXRlZCkgPGdhOUB5b3JrLmFjLnVrPokCPQQTAQgAJwUC +UkK6TgIbAwUJCWYBgAULCQgHAwUVCgkICwUWAwIBAAIeAQIXgAAKCRBNoRTlxKLl +f2akD/oDWLFS5T+ULQ/Q+9LtGijSymmbGAb45ml4OkcbxfMTc33c271DIzpD8zsh +YCiCs+o5N+zBVf02y1ll9PYfzvInT6hvBMMdjTe3Nb3HJkDV0VtocCqQn8BaG7R/ +gMLWUtRSyX6C3FN2lfScwroQSjFG95GbkkHYpjCZQOzRUNUrNd2PFX+VMcxL2PDv +HOJU+FzlUC7gxGZ+51HJjAa/m9IWhsE1tZa0L9Q7zxKNC1kFmhhh1PUGuSzxDxkA +t932T6Pun9So33vfsIg/tzpGxo0mAaZ/u3DUjGD5gzdn+l4QBCkHIqCxTRHeRZPT +z/yRGp0BhpCL7MiIGSAk1utsXIlbcGf6aHaYmVnlPQCc1LjIczR6VX/ccmZbB3EC +SKQpWD2iWqNGntg/XOPkA/GIPIkTq0epHe4udKoOPrFFw9Ahwij1EjlZfaIWPXno +x9QkNutm1AnKxI3ZWSrBFVAil1OscnYlECcvY7lOl70/vD0kYPji7145gT3acvgb +Pt8Q65fLPTx05Z8ykepgKX2M3+dyG9ieT4kRo37dPTMlA/1I/pqbIfMzTtpdOqSN +o/tBxn9IU2DDRp+JpYWkBHuCAVV6CKA4b/1CKEQTYVuXv7VCqjqTGGxewu5FraS2 +Rw1+8n4mSLdsKxqOuwoYPe9nhgLd8CEArToHmeVnZfdhWiqub4hGBBMRCAAGBQJS +QrsMAAoJEJNd70SgkyYrqzQAn1USxJqJdOsTNEgWm2yKZZF6lQq0AKCEZsCU0kLt +6lWMC/74QTbSRfP5mYkCHAQQAQoABgUCUkQIXwAKCRAgnH1i+wn1y4uED/9QfDbp +hWNX990YKiDGXtvwPC66ZgxHtTXTUpoktxxJoq/36gMy9mP/q7i61Fvmm42o/6ej +gSd4hhSrYgA+M+ypbGXtY7JQlz0DKH3tvBK5qbCaMNVgExJ6ZvbfC+acIBnKMztL +oi6jd1L5E97AwQ58wDo9vF4h929WejxGm9vRRWzHsIMoAmeIT+tTIyJv01C2ppQY +udRhnNTLNkmezqpU00h2ElZ00fFUxi2GeChzUJj75qOz+9OZ5xIFBZggMJ+UjNn5 +71MqfAsPgAvsiIOkiQMM8dkQMXG9hFbbhz+fVWQjvxgk48PN+vUVpVej+ATacEnS +Hk/MQEdOfJ8k/M99XM3WKZoBhYno9A6lTx6rNpmYm+ELbtXPqmllYh29IVHeIwGb +I7EN/99UmrBJlVY558HRUXZVKqi7fjFdFH1U9Tm4uzuQxh3JuySOcHSiDbnWtpWW +7IdpcchUFrpacrYKOLRD8MP7Tn+j2y89eCA/I1amQ7SYiD3+XFl5eyyZWCQh/Svd +tRJ3Bjc6GvdBFt1RI4RwNHDOfUrkUD+Zxv4+vMk8KzkgdDXO41cAXLyqqVKvFYbZ +XrJme9DUBbYcpxnX6hCDg7I+Hgw3ZgejHR2Ls9RG6RH/JsqUN9m2tau85DN7o+ra +A4qpIbsc0ybp5zA8kU/J/kw2BVFn4LEZlUcuJ4kEHAQQAQgABgUCUkRBjgAKCRBm +4XYOIOj9fRMDIACJ0BK7LlbPAXmyP+7SOPm0/aoRy37YNEi5Amp9E9nt1SxjEe8/ ++VyKngNkhVzmmHgMwpFMFjbP6FaaEid4KPlPysJO5Eh1YrY1wXzJnV1mz5KaayuI +OeDdYIXvcRi/w2jfzJKCh17+k5qKMC2PN+lXXLXboh2IKUudpxrHGkDdej0b4U27 +bRJlCyRkbVfijXHkn9dHn+0J0FEOrXaYanq06yay8XBNalX+Waog82DCc7NUvrxs +k85KpX64jPFhF4qK/juSJDO4CNkNuQ/2iqhcZzIYtdOUUEABwmyx7F5XyJrRmc+t +HszMXspra1CWjvz07pD0MMmw2UI4e+mI0r4HiAKn/OU247Q1oZEMF0L6LNvpN4JW +q5jpgkySCaCKppD8Zge6I1iDqrIFlGN4bHc+dyBVdEly1aJf7v40RJXdzxTg4Wm1 +sd2nC8kiS7/s1RgONKpwlD4R0u6uhs/CVxPFjbEQEGo9vIGQdl+Ma9sIp3Q0mda0 +kHoBMQvy//u90kfJ2bcDnMI+rJNu/MX0W6EupHBdxeEdng8FvRE8JfP8YualI8EF +EQjpHVrjiH/ddCJGNO8KRwBwr6eeuzw5q6dYNAws6fJYAbLjNbfrnnO4fcfdDxD9 +n742z/etn/0oP6zyNKn7COXIDynnLiwtjClVTqp3m8Ho157htPLp3d+orVTQfIKb +yVDXdv6TKR4Rl4wxYHgLogCL/RiXFyn7el5kVPfeoeT6xN7RCq0t/fmlMSCOhzkN +fyJlQGv9MVMMVAo1eqjIpFGHduuWqpMZdk2IA0YBWu0pDCkQC2RpATBKHgGXqkse +akOgoW2xie7x9JexiDjEyBIqUT9gAKmMLG0mRiOTzIItPTjWI9u+YP85qnJgefIZ +uiVMvZDkLCoCeKILntYullyyIYz37bjWgbW1TTa2FRdP319vTvJzNYVeiMpiGGjy +j2uOKbC/+88TvcStsnqTJFIPmif5ZK4MUTB83vCntgbl3lEcqCy/ykTJ/4PN80GN +TRUkN96qkSKRUMS2b8dAQOjLNxo7gXsJzLXMdHioE0PmV3dXN2C3sdcUrXSmCdTS +W6LvLR2L4pgz7c6FnrUURdft656FtIP/TFb4nHsM1McFgPDaQ3xGKlsnQaMHSHTT +x6PukhTjHhre6WtdFKA5GxCRSvkUJq7VtpYAmLlhWbY/0blWKgPDC77n9OU6Jn/n +RTzFod1fxf4jqMOzNt2K2m8PW6+5t5+qQdzVTMh6yeDf1T3g8SoOyJqH5MqcPmmk +GpLHWpzE4VVnTjnjrtk/mCunH+RDfPoT0JHVOERh50MTVmxasIl46mXjgWPAWKNc +vSShDQRtyy2UBX8pjeQKTM5zkODZs4Z4ov2ZiQIcBBABAgAGBQJSSCqcAAoJECZJ +5ijF000FzWkP/AjbwpPc007B/JrAwTuM8/lYaFmL3kQ+ELV5o0Oa8PVMA3Txmt9h +xORt9x6yev4pZSQ0AH4azjjdFVDtMhdi6f8n4WcpShr+vwRTNOsBqfLrSCkTOTh+ +Yki/lTLtgVnOGKMDF7hwdxXNC4sJYgJdrJJB4SYzy0+0UhBaV2Kqhor7htyxQPnS +nFdmNPvsT5aATJEH/LLI/h5H/yWYXlX7hmUFoaqT8V4nKgfHyHx6IIZreZPC4yR6 +9cKkGRPhIhB7LDaLu8cu6S+s8bWxXrAY8kbrf4L8S+gxJveaqWuFd2RV7SCEkGjJ +xbUNe34UNcls8XX6pLdhCsi0RLZElgOQIm8+6xvRB7RdFxgdkoX0cqH90iKs88/v +haBXiJFkoZdKv7kTe5nkx64MHHyV5ZvjsLJZFj3PJX4YQJZFhrOrckr3cXip8FUw +9Cgu2ZfBzOaBoLSyKWA+MyWyjwhNCApw/rn4gZyP3aOo6khRErAATevE6gAXAzZb +vPrVZxi6CpXy0E//dv+cs0RLvK9z6f8JjEwZeVofyhvzs+Ufaz2qVLeAgTRbFcDd +uJjAyMdrm4AyLorRus2f3drWl6QuejqjYQnCZFfAOse8Hf7JC8pw38Otj0rao++i +bPkd+mDLjHdWHVT30DlAxOS6Ooygu1EF3/LafyqzGRPdfdWixCdNeO9ViQEcBBAB +CAAGBQJSSD9GAAoJEFF75hSlwe7H38wH/RK7W/yjdEWr233F/HQ1wqTtyWtiUms0 +qo2Z356CGbBmjzigQ6mG8ZM22TSBf3zvNC1A3TD7ffTUevWxCbGVr202ziBN9U7j +Q14ODQd4sAgIfQiDLFAC+06lvjDwHt5NmHJ8hXrWD/EA6d0jJKZ7+217Mkmj0Pve +opXwPeaxpla/jSYaetzafLgm/t2gGMq2Gt3xGw5HK7ulz9RNgbAkxqBmcLZuNGhR +jPp0Zmv8DzPs4mrCsQWRWaf/8UAdOx0EtJ9WiautpgGLnWwJrPXTMxQZI0VuLqw1 +ZDKoVROJ1Lch4ZZ0ADTM9KddzZYuq7rIJaUbEXJ+CLQmw5yZ1OBXXayJAhwEEAEI +AAYFAlJJl2gACgkQi+h5sChzHhzHCQ//ebdcvddgJzZfowWr7GdXfI4aYPceW6ft +VJyu4fkdrQLk/iRIrgWLSmjzkfXi1w2uQ6k9DdI17aG6FoKCOSmLRPRcoHnF/pl5 +850uQQHyh/khca86yrOVs1hQ8ljPF7+/4akT7/dMAjBlRdJx18WXYt309YI6Mbbe +YNqG0cGAoI6sxmb6L1Tvrko2QJ3wm3TL0PbKt90vbfc+M1lxwH41t68GU1UdL+/M +gzF0Jy3m/LHGuu7x8e2wlogiIoEuZJ+P/hk4sqFA78cq4eIl025fKx4VNa/5Xqah +2orQHMtzBVf6sTMUwBJQ+b9sSdF3RYWWqy5bh9udM6eutWTD70BD+/qme5BM+Lk1 +TUwjizRBe1Ua3u3pgGklPW6n88L4uzl8aMG8qoqu3VKyRHdek8SsKMS94I3TAKv1 +StSf47Ybqb0W0M85j4AvplNM2n4FKnM7+f35ePgudTBJzQN+oHAdaYdnW5+8xrDI +dpA/VOMF8mG0x26LRAtMR77DbuOSYkDCVoISoAfucqvxxuYIAH2btpRHx0eCgirK +Bo+7efUYjJczSUjxj5HxRdvrHcT1ZwEcecwvnmFQAoALpCS5ZSmXCkLoX78bWulz +6HVMAzL0/MWV6uvfoppmnGjnmh6gOTKGOYscB8fH7Jdp3aSD6rNjlxXaz9KSHgrz +OeBhvXmi06+JAhwEEAEKAAYFAlJKkTEACgkQkshDRW2mpm7w4w//RM64mgXuaIE3 +X0AxHboRf0QlFbUg4HaUzIbezm/G6DvusSAXEkRhEpMrL8XcIlmZU0eBHx3xOgAM +vRJ+26ul6PW4F+cR0ZtX1+JAtTdC5/YDr9UtI83sxaIxK+wyQjuEEMCgm7FxnXWI +XqSJIxYQdYl+ur0e30pbHHvC6J5dwbuhW4Sze0ix/5wI9wOlOzJdg9eDGSCpcs+d +9SFOcpvBa+7ADM+bjcJjIB55WhqexuaPJjHcxWbG2bMvTwPF9Zjr47+SqiRGgP2V +l712VfTuw+IveIkra3cOGb2rfGYis3FG8QASN1F1kLSDEZckILas9BvPyoTpCGKX +s/wApQ8b8m1Rwd6nhcnk6V9hjGDy6buZO/+KDpK99HPc8WcbeVEfdtz5twLXtujV +LFMZckmch8SndBy1SUhhAL2hxZ3CVuP0J/377UrGeehNxJb5L/Jyo82s1jUM224d +IKa9qQTmdtTLzqAGJ/axbwQr6OZfo84iKPFQTeTRc7ni9UNcUacm2J/S06RbDBye +9toPv6nak94EnjbXOyxzROlG/ISoSfkqNQYdzzoZRUgW5YEYnm6O17Fy8fJf9Jaw +ZTszZPvqL7U2PdolI+Q8nkM555pgdy+MUZJDxI2VkWVVTlp3XBx25pQ+E2J+aeD7 +WgKJRyH1IjeQx51WgPLPZrqiFrZr/EyJAhwEEAEKAAYFAlJKks8ACgkQ7Wfs1l3P +aufOow//UAGTK82THE/dcO+Zxnlc0Xpe6S/IlBt+yxfgizc2J3AbY7PatebOy3FL +sbyECN+TLPZZI7l+rw5xwOs/LYaES32xv0L736f02xKJvmL3n+OJ6tvdrgt2yrEj +dTG8JsjYZNyzfC5z6akHkAFQhW9IFP/jkFqyRzWLT521k1yGVnNzJi1SBDremqec +IK4/5iMWO10Vs8cl9SU7Ut7syyy+OV/5SAaz5UvkPgcsRSRLhuYUkhOhEmWN8H/R +S7LaPVxGpaZ0XgWje9DYiOKuQQZt3mbkwbVlzPph/fU40M8R+F18+ayj6qbd3omP +p0swgB0vrRGK9JHTLtBk7rrrtJZEvS/8oBkddYMqJpq/6ZsgH952iooUUucsrX0n +Ak8asLkwdcQKFJ3xRc6WVWyEhh2/ThCsRFoNvKqVXkkRH6ig9XcaCjgmb2aTk52k +lW3GsHqeirlbQawPSJ3bgU6ywEh6nEAQ0sQ44I8WiN4LFxoexP14fqEQWj7o5MrH +2tBP9rNfgM7hZZXmefE8piyenX6k07vqIKnff4a0EM9UFcKIkMMdvDYd/jOkuNus +UWgApZ7ncQFklzQnww3urGdixg+DDYPb50IMqjywFc52vAyvd7Dxe+zLzFBcavqC +vNertR1PlOwk9gZyyfcu+mY/YgcNEoG6nlHb3/I82An0YFi2TmuJAhwEEwEKAAYF +AlJLEKMACgkQOANCqFJhVhl24BAAlpwYi0pyBlLCHT4DOSHvndUHlkbhPn3pu6pM +Tmps77Quv4lgzrZ7AnC79Xs5/rI/A+jCGU9yl0GdpWoHOtxFrh5Mo85DB4HfY38H +zpNyY4E5E24Zii31UXYQEqqMEI5BcuO5v6Uh7mvlVNhFk/t7REIpwoso8urUh6Qu +R/WtcdaPg/sXTdeBgbfw3t5yeJn6jYbN9oCEkEqag06wdVFkBkc1J6GEzUItJt51 +ZAf+xysPjjKjL0KYgSig1MGl1N9idvsuQhlTZwB1cj7+//30JSve9vlE8q1YYhg2 +MdyTA0rdUL5Xc/MKDf0eTQczH6y/uUL2yU1svRUzue1X8VVdiZQfKmf0upUzKHXN +qXsJ4XnPjIk4kXtEe1P9VBeP4TB609o7gadfedhQzT091MxU19S/m8efRn2WrZY/ +U172TKNHa5ocCxuxjv8bomp1mvR0N2i7AgAP0gJVTmSNKCtDXMbkw2fCrIpq2vdr +mKkTmGic1pMxf5TAgJoj6z6tr8N57rdu5Spc0cgOGy5lbD/OY6O3wFrA8Nv9PBJA +QIp+K+wWWiq6PgLanojT1UUgSgj/fFJ4MWqPEvN5SyeLT7dKg8AcuFs+WjO5sK8d +ns8DzGSoW72DyMHYOnxHrPAwRveaN1P2BqpmkN4QDLHxziK9/dzHrSnkquSndvD7 +BsRWBfaJAhwEEAEIAAYFAlJNgeYACgkQILcN4T8dHk8mFxAAhg4DUv1yiRnMUKQQ +PfYIwAih1dfX8Xs0SmggW0lRdgEjduX/hC36IBiJ/Q4+3dw9V/27E2C9ba9nhkcr +r2/S54ljcK7CG8sIG52IKnUVT5qhOVG7pJtEwGsonR+o3j/y7GKgfXSxZ1KDH1yb +ipok0fKcGudjldWOrPsFm1NId8lwO/3TDjwaoF8/OeUJ4GfgvAwVwLLnwOdAmUUn +zBIHPllJr4cMHJ28PBJNCmqav0JKjpnwycqVf4TSabW46GmKYqwz1u8jcjYQhLci +w5jb/MgPWfIf7SdE2ABbZv7Dz4R0nAq+87DvJcSvZiIXHsZQClDJGaMLkZgEPP9P +PBt8bx64aUQKyoYA+nms60I9r+qjTwLoch6RlY26jrSeSHmUJh6E0JNYATWpVgA5 +ylf5IzY84bl3NeZJFd+Hbrl10VSNDEFcQZJIiGe0TcYuG2PrhsmY+D9HzazPhDIB +Usov3mSK3So+OtD3WilcEPT2NOEpwEqoiuKXjckBcJXGluci3w+QxiSuG/MpDbyd +cQoGhIXLbqdeY2HqcGkSU9gdB2Ohoq2L1bd9tQxMSLxV1zDQBSDVTtS2LDrhZwpj +o0sBTUMCuT2dUwqlVM6R29JykoL360XyC8PotUR/bnCTnYKWOB4vXQZBQwaGPPWY +CM1Dw0aDynuoYy3shXdpOK2kE3mIRgQTEQoABgUCUmAHrwAKCRDtFpR/ZKGUTalz +AJoDj0FgCzunrfFWiu3Fx4urUfHtgQCeP8XuwW44A6GlhOBVTV//lpVOFe2JAhwE +EwEKAAYFAlJgFLYACgkQ93ScF/THMa3Z/A//a7yRX/0H70s6FzEzoKnsYCy+vEuO +Niu5ujl2GyLkg7OxI71yDnqO2+muT2iiDt6V1kmoH1bP9MYzMggroKwwmMVOYYIl +j3k+EtThm+hyOOMSSxZqAo+CRsyKFkO1omiQswcNMHepUHL4+IQ8D+lKjnHeQO5W +tMKxmLWOGF4KQ/1ZMtFTLhW1qxud1uCRgIMqIaznGWjrsmHZRIDCNGgMKZOgwIhx +L6poIRSoDhl1DkNHtksBFDf9jsL+i2U+k70xGKdOEH9XOyVxDjqP7ifPRWiDtPft +4JzsRhZp+BZPbmPGhbmDO18op7BGtySzED7zvOpGbWgKhWImAXlTKQyhgdVCgJcT +1cLQLpc8z9sksbgcxtEGGQNIpX6IXHmk9/nm8ygvNI2BokL1oncNp2peUO7fqlQH +eaxQ9Q6i2yKg06j8miDfK+w7StyD3YkB3eceyFYsRWjAQxJxfkRgxCcHCPhGDUNx +936CcuAuGlPug21q2K8QIK86X0yF3wHX35I1TVv9zxE5edujNYNOyZO0XEMwKXoK +eQ4++llVv5zNqJHEcRl4evUT9tgWkEpGSmSev4yeEGMtc39jBcgzRXcXj98vS+1R +w7m/Nwtb2D/aDJqRqAWdE9GIT0AQePbWi/EMNwAXDVUyRK249l+dSxo3mGBFbSod +Qiieo1OXbPnW44OJARwEEAECAAYFAlNz4NkACgkQNdaXCeyAngT87Af/YkdVujlH +xgI514S19au8bFoT8ArfXIWKNT25iw3EE0XhChRp6OcPLnVr0Y2rUZFk19Q0EzrR +6lOJue7uYdSZU9wFaGa3z+OPvfLhu+fx6mZaJopO6oVh7VKQzUcyTV33tY8hy+pg +qqlxaBMg/Td2fcEElDvWEmcZqTYqdL1UnAGwwLuYajwDA1tXRuZeGjrpGSm2jrMt +VTSbtyxYiaDg7CJFK/vMA46H6QqjoKW3CmHdRg5Mg6Mj92ICCVWUBOL/SqNxM2m4 +rqJGOLVW15QeC5TdrrgG5JlR9rsYr/U6KNFw73ly+Fch/fljjWKM+tMmkUAgh2T7 +tYmeDdIVO9Cay4kBIAQQAQoACgUCU3PbXAMFAXgACgkQUk8MN6C5RqO+cQgAn9HU +ju1NOk42hzF/uKato184hF2TiCz4V6z1QLIA7Bj1VlHxqcqmzPoaTrY9SWsxrQl6 +APtIz2G96J9/767YA9cpPhYFI34aUQ7aG6jM+6/GEETuMXvbCRxKG4C+6tW4sc9x +CQX+8oslYdBMtW/HJZaqGacF2TD+krIqPxarwO55eROo/VremS+KKiF0o1qZ2662 +/3mPiFKWmd3rA7FTGBqoTvZtOlFOLf7hMQR6tj1jquGNafnp965dDUcLVRZQolrY +QFC34LptqdatnvNEX5q3zMrpHqMC/0Rm9z5/XC4kPw+0LC5DfpdY5XisLPDAM/pZ +1vCcOGgEgqRRISuXOokBIAQQAQoACgUCU3PbywMFAngACgkQBBrfWds8PYvK/Af/ +a1xDydBcDWr+c/RNAt3wdwuK4I1oxafzfcVE5BIlreDm54mr53u5jDpn7gmUnY0W +F/K7n+d+c7DT2tSEsMcImk9cqqx4KVA/jDmx0jUuVzsgL5b6JamyWtgPs6Vitlen +PKrlVQlbZrlL6PuEeY8WSKbAJdO8k+WfFfaLHKeleeOFg4o5sinvvBTl8zKA+OZM +WyEud1upRrUDl3Dy8WjupNVDwkwIPb37e5dxVP2ZCn+AiG6gPpEc4hkTFdr1z8tw +5LlMAhiHH8DFgEhMFg2rUEYg1Zyz5rzm+FQfBG4J2WgZEWj+8eJJyqJk30qCqSDI +/ZLRuMpXkhvtIJU1q1Nm94kBoAQQAQgABgUCU3PeYQAKCRAo2abzZOt1ErL3DCCU +jk/JOrQHVtS7sOJZb7qKjYhw5hpDKTVGIfRNiTZhWSaABJk/r0LAGVyrc+X9i2tb +2YiFSrnvtjC+PHyJ7zd1XXh6BKHlEQgg5HryAyeu0pYM1lSuEXI578AdNMOi1Z8j +SUCSIhuftA67jqaq4sQmGckvEuAKHZEUZIvWEugSALv5OzxvL+uERp72Cd7oak8U +5mnF28kV59jq4q69oO9E2TN4nsq0mhhgKX7CHJordf6r1fVzRNeLmkRdSZYqmDiE +PFn/LCswtj8wKFQWfffs0tDHvVwchZ2xQNTYpApePJ5RmrxhHhnrp1m6QF2lth5R +pAv7vhikzEH1RWzWbg1TQXEdvULvjhRSSc8UWt9PiqBFwWx7Nk0dNijmvUZ/VfMS +kHL3LxWMCW24ZqaL3XjdZNFjekDLh6BkVraey/ltyksA+Um1cYzmkqno4TCo4UPk +lO3VSIAnnmlmWaRJ30/fRsLeM2P8EijpoUk7CkNtct4fWTFA1uDB2sCkoZUebDDc +bZQptDpHYXZpbiBBdGtpbnNvbiAoVVJZIGVtYWlsKSA8Z2F2aW4uYXRraW5zb25A +dXJ5LnlvcmsuYWMudWs+iQI9BBMBCAAnBQJSQrpmAhsDBQkJZgGABQsJCAcDBRUK +CQgLBRYDAgEAAh4BAheAAAoJEE2hFOXEouV/SWYP/1mrphYwDNEMcHXN1hr3eptC +XjotG8R6hQ1PBXsIj7hRQAL4kKsSLwQq67bdqLIwi0UQnGbIsWbAYkqiy2XYaH9z +rjjGwFTtZDGCa7yWBeGq8yvc7AwLbmnwCBg1vM6qJbCgqjB0pXTVJGq1/SWBLTfQ +WTBz6bmq+MgL4KCtlGSZmg+9Puzs6pwwQoVt9J2hx7buTXYBDTr3a9rrc/SDw2ry +uXOoMVmhSZ2wctLlaINXVLg6PkkK/hpm5Yv74sY+4uDU8aFKwg0BcUBq+VZVHFAj +a04drCDZYr4pi6WTBlqs2KMT+RuYU5fB+7LR6AFTeveVb+9CaBl6JcrUFYtB/OYm +MJS+dax/om9vs2RlmDbwyNYtbZM9ZK/v7jaXJ+wBlvpQk6Dgy8vJqMyRIMgW01H/ +zbT4JSUIZbFarPfs2l3hE6IMG8E9vOO8GYZ+YJqDO31AfWVoLEfku20l3RS+IRrq +AnYv2ivEDWQvR2OTl5SmcEifyN2cW3Y0u9ohIy5Cj8StE2I9WOYQXQOb5EO8OSqR +BhUUQjo4L8s8u8eoi/61IkQcM8Vk5KMwAr3b3EuzGokvDpdMAKMjC3vu9PV0HH6n +Bfl8f0FGljn52M+9ky5C0jZ7hJubpZeOMKAJ6gpvk9hlchDWkyOLUCuTKL4VT22X +dHUNjjybWcHEhV3rfyc5iEYEExEIAAYFAlJCuwwACgkQk13vRKCTJitYOQCePTwM +KeHqBiX4OvnGPIt5YEwtgUwAoJ6w51sughgtmmcSnlYsUj/uZQLliQIcBBABCgAG +BQJSRAhfAAoJECCcfWL7CfXLxLUQAJWrDuDeOLXhuFX1swWwAw1OJcMzAAPZ427h +U7bXAEkQp8qEs+mpqQJGCw/pxtzQQEbeIZAUcW9PuxoiiNVoUf/FNfZ5uiFzt9VD ++N/vztGtbCOb4lANGyNe7S7ChqzQ6nZznDIOZP9r+hHVdhBlYqKGo4k3ySwbzbl3 +3pd56kql5V/0UY/L+76i3KigqJX6sAbq8ww2rBs9FQTG5IfdUgUg8Z74fJg6F/jl +oQpAZLQqqCiDmJ7K1WeNjFqtZF5Z+yI4FpHICSMeK4PyJZqMxoD81sJW396OYwzS +c0Eiv7OMJcWCUPdyordNJBw+Wf6TvDdWYKU+7hGbHs3wXhgUVimkunq+5+NuZLBT +rZVJZQEeKgeD5uYoJrE357DarLfRcE0mWrxuQ8Hgssn07Se4QDg/QgCAVj0fW5Aj +l1wJP7FFqK/2jV6Tq7X+7vMdicsPAyeQKBN5NKI2qP3TBfHBXqPd2Yna8XU8RHN4 +3KWz0vWaht1IjO3d0xNTKfq57QO+wlftlk22OaxblbT0UQteJoGIPgLWcru8wkVF +vQDPr2N9trIQOsr31pKvU7xUaxlO4INAtrLdzL9lv+MmS5LJc/cWGhl+GMWZFNa3 +U8pIFGT2SDLw3uGTIS3wq8jyon2sAEf7tkd4eQEfjIi6z7CCcKWkc4zTHu2JXtIt +o4w/I3rIiQQcBBABCAAGBQJSREGQAAoJEGbhdg4g6P199pMgAKz+ed5TRy3dwt6B +hTvxyZDjHZxWyJ0FhSzDAEOSY/K4DfXhb5URsQcg2g6aTzOcp/KI0+oW6Mm39h7l +9wDrMTEugDJrhMeQgTT+dMeBDvXr69c2q5piOIGXqCxpt6+LzhmVgnoENjcykdUB +e8WYm4CLpSXqB7ws2y/atml6vVSp0z1j8+d3XAtgveSMXnRGh9du5MgKi2mZQWPk +XpEjO1+hx2xFq0z93HyNKvjwEuDHnof58V5KU54claL2NHXzqUTdhGrC9fEuUqAt +2Auz76h7IVQJJWdFc6HQ5wNvuIrHfStmSTAE8wmum438+haqq+kJcX2I7HLWSEMo +ilikSFRmf2YQdaT1SxfjD6xi8aEptX1IhwEuLnFdsczjWE3LiQj4gO9ISFV0tZf8 +Y1PlkWhSJYJ6mvRTDYv3lnO6mmjhquLsIQZL8WmHoiO48dOR11tUyJYC9aYbIqSw +ieSbpclfnT1k/D7MQhfuE2C043NjA8NPoAeVVtrK404b3wf475fhvs8GxPE0hNWO +KiSFIwzbMoctex7tWAsw0ExiZ49Xs4g/lYSdv/fEShSNN09kHP5UdcpygtmLytys +QuYk+gn7csHsUSVjYg0QpSWopENsorZf6SGd/EhuM5TlJwWOJQx+4IwT7TkykscU +uDIe5M61RMjdq545t1FYQcNbGijOkx+WjQlV3x8hL9T9Ic5zeu5SR3ZCJFUaslP/ +md2a5syeIJ9O9jKWjFQYOEnAE2QQ8GL4MKM8gl7iFd9/RttLVJOqp459FCMUX6ej +e1aOl58ZR6wMTr8HORYDZbUvK+DE17XTN4BZE6FRINlWIl+l1nNIVrDwpe2cgkRQ +YanhTQ7tL7isQQnoUlZdDxj8JdseUwl1EaDlYqmfeW7LmISCwX7F/IOwD5cbYqJg +FYJ94SVNmS7lirye8y+uIvbtdLuWlEVrcyaMd+rsOZV+HXd3wra6ppWReib42bpK +rNclD8YoytNNV3E/7san9ejejeqMzy8UZRLm+DNqNp5GhyLDRA/GOnPspJ3Glip9 +O2ghUkX4atncTe9TYT8F1Lq+oOTk2VE2oQK1ykNU7E3giuMrYfUXE1czv30FtRST +BQsVFhTRSgw/HM9as8HG3QBaI+RBXfN4BM8srPrJROhcvdamGYnJQkSeo/pLlW42 +38HgnaSRZyf/qiTnG5PEJ+Gv5q3zgHpCB6Y2agcrpA0bFhxnRZpyOmoC6U8hqr60 +uIxzQf3lVCTXQLPBoGmlD/WPadFQpvjwh0UP2/dfAi5KiS0C+ZalemSZRpuZw6JE +pWeZthLIZMHlrkPetRDdJDvTWWz/eroXe7hXzdG6pggJG9yoALoSxHLhWNExiOpm +AMRNPzeJAhwEEAECAAYFAlJIKpwACgkQJknmKMXTTQUoCw//XS7tA7kGvnwwfUNz +ydrD4SPHgieY0D4BbFy67z5AP4KgBZtWXwAf+OXVx1e5qkKnB0V5Lb6tHyiz8WQo +6z9Fyf3ilvm4c2XEDDXtF+tfgcch4edoEwUCx1kKjymqmIY+OznZ4/u/hJgPKQr6 +aDZA9rCDC4mbDlZumt3Vim4TTemSeoVnSpR7yQO38xB0NbEiFChpFBTBmZY9lgzi +er4cQthlllRf57/zR6/AIQk6P+eH9dknDRNqcW4i4eVPxCwXVrfdrR3MxBY6sD6V +XryWFgLgCaJJ7cCAEBiBlpZEHGs9dLKxMo87eAVaZWBzohrlxxMw1mb73qsYgjkj +InCvzxQ9qL/oyClqdpDTaUqd1PLFuKGOZUnXLDdcqeQyoKjA1C1oeLBafSrUJk0G +MV67tKnWxQVEc8ez4CRDIrzj0MUCOm1Cy3ilTF45ck6vBNc3vl+n9Nogy0/Sk2rf +2L3xyoLxinT+RgFENAZwg7tntDQ3VjxHIY7osP2JMJ6T0XVaLUry4Mse2+dGxmpW +N7/BXxE5fhVj8CP2pYw8lQPiUQ8+KwhcGwmfdsVzQOOGwy+9RlGwZyVe3SmzQajd +LRH9/XkoJpVm+bmQM4zAdDDLmWmeiwuCcL4sjmiOL6F506E5boOz5tus+lZ+T482 +rcSpX9fb+BWUn9CYqCHlt4pBQh2JARwEEAEIAAYFAlJIP0YACgkQUXvmFKXB7sdr +qQf/VKu1md58tdGOeQ8M6XCs0FuoA9m4sjPSbfWTxqL88n9vJGNxULa+QWgQ6SHg +jbqJHT3Wbo0lrpWyXQPKPc6/qI4Q1MNx6rahWknWJyU9tlluPFHDFzuAz61m/Jwe +RoM7GWfZ0PymDvntxZHoe63tQObOrHIDUYmdGjhXFNZjtyYUJ4K57X9/xl9MDzk+ +sD24EO0bJ8B3OaWcbbbRuiKNzaUNzE+S35Lz1t6WgkDdeSXtrekCgx7RpPzqmIgU +nRwn4Zd9DrbxvCxXdDuZrUXR7CQUMDqE1Gow8yKY8KNLrf71DlknZQkmFwIjFl1T +eVKoJB0wdbfe6b2BSH/GdWw7xokCHAQQAQgABgUCUkmXaAAKCRCL6HmwKHMeHHRN +D/9N/k0DVI/oQaoxTkU7mcQb096TJlw9J4fooFXu9Mf1DU8ovkUYmJF5Uz0+hy+1 +1WrAXJOX9szk8ol1hlxkqr4DoRJIMo52z4LuMvE0JsefiS7vGcEKmPav+EPbs8yY +De9D34FKyeF/uW4X9UPITPpW3nLbZxyGVyIY/wPKkr0/sU6IruVfiy84qKA7X2Kn +PN945+/LEYYfUqgen3M27osUBLlKqQOUy9Vtg/pMlOTtmMtIFQTz5Q6us0ra7+xO +wJXRkOIwP9e8aCvQZzbm2sNUR9HK9bge4FZHzdihdMrq+vIilrNVH6caTitcq4E3 +oQr8Oh6y7i2YluyLbE3hJ51EmBwKq0E25eEPznFOjgx7XVaYJpkfLVbIppaXCbMQ +VkFZh68LV0nLstRGyfbt57qvUSyC/4GGcpnW8AZQANCx3+OMMxMyEltFwZSJjqWD +0OxO6ynY0DnRCkU361HPvrSAsL/zOXodMpgG3hzflfATYJjI6+v1y6LVxGO7OlSe +V2rES/A1t407irRt3XWq9I0nyiO8glmP3aKWC7SB1QetZ6OHmHhF9/V/pCj8LCwG +l5PdATrQa2QrHQQkp5bZLXEPKIP6HhlAZJitJ9ncRppa1OSg2ZQxqOUyHK9k1SsT +LWSbaprVtEgT5iktQYMLfJtjtgJlkeAdNu4LPwEnUJi5BIkCHAQQAQoABgUCUkqR +MQAKCRCSyENFbaambjaTD/0TbfiB1Ki/AvtpO6gDVLIrWTMwrDVnhgPCp6jXOri8 +zDlB49ATs5jViMyVn5ftt/khldBmriG19/bG7S+XCiG9ER7yvl4nTlK+zRyEnrwL +Fng4yz0ikLHT8i5CxcBPdzlBOqKNWEhrEq1lBmS017bBB4wZQX9VUe0vycXKyJ0x +jLmsFGMcavU+OFbVGMa6tgzw1JqICIlGNBBw9XhNOadOr2zb+49KzAokbiguJ0C2 +cobv+t2ny3ENWY22HRH+gaIoEwRKgZc8b4uQDeWQjoN/mSAY+I5ZnQtc0QwdCIMw +A72PVNUyQ5QQvQFduP8QQ5JZkbqYUuklTR/fjYFxRxKIdfbDxVIC4AizYBtb3i3M +fb95Y5JPmZJSBFk941GnYooya4gNzyu2qqq2S6BrTHLKYs7PYkkGDLsBMw9VJjiA +22IxKKWcKsYLxRUcsZhlU2WA7wTN+ZCVBHmPJnj4HguqMDROMRX1joRvhXK4VL3M +QCCCRYeShJ3oBmo3GsC+mib5aBGIH2jTnrCyHdHnJk/j4wwAXLgxUo1vOaNgvss4 +sTaKos+g2pyOiJLDG5h2Fieu3DkBjva7BTsy91/rnIFE8QbpDE2Gc+gqUZnHmX9Q +Tksp7iyqOFcN6gu2yRaIt9XwoN+RWXInDXBEUCYvqJ/M/p+AQCplropKu3CaFksb +aYkCHAQQAQoABgUCUkqSzwAKCRDtZ+zWXc9q5xO6D/98wDbNTs8+bJnDs7+bPmFU +7spLRu+fYlO08sMa0605qBzRowKbuokbRt/CvTGUF26gFYQLA6eDKP/gwD75Zdi0 +9kKda76LMCIKKfsAabMZ9ZfsP7/zH1U8jlQTvWC6xQZa1Vs5tjqSBfTmbuvDQuwW +TtW9q7ZFKbW93u0Iyg5w+jc2EFgapV+HdYU5xJd78AXstAtEwsGshwq7uRrLLVuP +AXd7ow7rdaCjeSCsKgI+S6DB+99AdTKkQ4aCUbXS3rm2UZl96IqeGghlZ4Ox+EKg +iOETs/xFtC923EDFGlr5RZL7qREyVUTk3xIKT9d2HwwuvTi4I9yKo97JliHu9Dkq +ouinC8+/FmMKHPzvyQUWGpjs9FoSl1hFDZ6T0l2KVF93yT/mANdpvG1Bf1hCmN/x +Jk6GWGkd5mYbwCPOJw1y+kaMbokPzfQFk8M6cp6iclC3khaY2cDDsN7gMY7G//n0 +KYdDzFalMi3UxQ4L7amNUhcSrIe0JZ0S0LRk3cvxrg36XHxQZC5nFe6PjH+2jwYe +3Zeibxx+rdPUUy9SSyVH+TN+eZ2dpl3n25aV+58QGfbFAAlXbVatFWCOhOecUOsJ +pRLl2x4iFJCxqOvW9w0t46uT3nu+ksTWvEtki/+qtThHi0PgowTlEwknoINvoAIM +3iuBQQJveO8altOzGLGDK4kCHAQTAQoABgUCUksQowAKCRA4A0KoUmFWGZxGEACA +3R3mjRCg5TQhC3ERlwfzKdWiLZgDarefbmDP4HvIGrKiCR6zvcRGrL8YtppoY+H6 +Wx+gD9wcJrFtho5wQcp/OmM0+6fRvb7B75IWOw+u47aDBPFGY5iCkXx4dURHwhFk +L1F5B2GoUixhENQm9icZy24PGMpHY3niwBc1gfJb6kukxsI5USDA9TCdpxkVmAnt ++EzAOltVpo9rgxg6IkUjReNFXLrq7iT/hPMtZEyzNOO5fFo9u2m/K9867m+BO/H/ +KkzK46n824DweH2L48Pv85nZLUpdyPzuKbvQYo8p9zmo9Qb9f+10YPi/6VbzDYib +4LD7KDCMu+lVmI+w57zhzqSciO46Q/QOz5YXsDOmIFE7sGJ8kN0pvTYpQ5depuzJ +yMZaOrfwX2Z4Kg2ecWtdfX6lAg4AmuD/4Frwj1syGvHD0502p8/J1TeqzKiXZzdF +/QomcGh5xeSa62KUoNw3fQsP/lwpQqO+mCVnrAkuEpwh1+Sdqqrb19URVeijmZea +cKVT95ZkdVEcpNCVX94rXIHTz/oOBTjTTZV+5CaHJiDhbllGIQOGMHRM/wbD4g4Y +sz5BoRshFKxUe5VCzZJX9013FdcDMqnL01WNlAhJTXb9HXDjBxzjubn4UpOV+Rd5 +//i5rvfpoKMQHVcySlENMNPRfYG2xE1rWNWBWzkH4YkCHAQQAQgABgUCUk2B5gAK +CRAgtw3hPx0eT3pXD/9V/UnKNFXt/poJ7TJEvJ5ckR58tk8aPJvGOUIrbpL7KUch +4BamPGJg6pGapiR8DDwITenCYdhlWv/zvJUFr36R/V/IdQlGKd7d5WdKQKaYXQqS +CpO25NxcazHOHrK/i++543fuIqawHjGiqBPuzMBis6sbOdkFyb84dpwBfvtXrBrg +8zA/ItpJHU4vx/aJORuDiy4VKyOyn1sEELwDXg0ELbAzmRE5wVRA+C4h1rtfuqjU +/9zw3UQqgRWappJ2AmutRr9o0wQDn0M3TtyotREh4HlQY8JROq+sehmfq4dMqnET +fUZme4/iumiSo43HApynzOMW7rxHoGEEsvFD1qOr3q1jHNqAmeaYs0GVyN48XIGD +/buTyTNqmca5VGyDf3ovTNSYoPJejfGtV4GV10QybfusswcDbgU9sk7OLPwu/OdG +LZwSy1F2ni4A+hbDgV9TQ8ygDmz3kAA+PIC44D6yqyXQns+Kp5EmwLY0+L1eL+JG +4DNNkFLPsf/axh+3CNoixhKtYSbMv8VTEEKGK6XR8KSTrg9CqzQwLxcX8AieVATo +64vW/6/ySH1335AX0e3nxdCa+37+k1YuKUxZCR67dw8p8zZD0sA9NzDomlBC04t/ +yO7Mhz7T8gALxNBquKoicInVzueU9AIExhX/BsyNwswYiruWT1LeWZ0YBj2JXIhG +BBMRCgAGBQJSYAevAAoJEO0WlH9koZRNENQAn20W5N9UUehf2KUKtJKZSjZEKpjH +AJ9UWTWK68uiV59h3qv6RrxBckKnXIkCHAQTAQoABgUCUmAUtgAKCRD3dJwX9Mcx +rQnPEACVwHPSl2tIQfPHY3YJ+svntrvey3FJyLfUl0/88kbUVfwZDGpiYbeXLwB9 +DIYQ6Wp8DYRCjfMeeNXxcBaaQ84EEhqRu1DTZOnJ6+M7vIKxnzK0JjG9sZY/jOu9 +vgCsW8eJEvv7lqoIsAzxXMYjVEAiBDaB9HvNPed/j4u6UtpiHTyOaFwolXtqqsnJ +ZQKwY+RQ9h5aVyo+OlEp0HuWVSTleExapscFkOYeE7VS1zPwllh+w3YLkzsC2C1x +VbguEXKg6xD/hxY30YeL/ggBDn+RBB7cAoEktUYymIjpzwICZjFN3ZOhLcgKALH9 +fIa6pFr+Uok8134bnd7Yr1zlrt6LsnMk05fyqJiETIAVpriqFXSwct/fqjbBwau7 +YKmple4ruKuY97bXV3o8Gzhd4ejmYa7T4RHIKFjYvfHOaRhTqayj/RwuewZUzY6f +VS4Nsn5sbzDLT+CvoUVN4dsJCC5jjB/o81wI7Z11y/vLZD/72lGGTEb9kf7BH/Iv ++PWljhkJ9udrAccv4N96778cnRH1npvT1TRrxICVDlm12duge0/hOfCYnCVaw+Tf +/wPabWLYrGLG3jUd4uQ124kciTUastwnUQtJjDzSWAhzejlI0k51M3DtMG5uFSTx +iVQZaYap680Au1APAvIm+/yzPvPVtjrQ0VRe79247+GjqFqEu4kBHAQQAQIABgUC +U3Pg2QAKCRA11pcJ7ICeBD0BB/sGUScJQKnZI+GPpTZ4i1YTcInlZy66yERUGKDp +9xjPXjLuJU46jTXLb08bSPDUIDl5wfb90zUaY/HUAi0lSYMC6KVi2l2aGbktTrcG +fNdZoJEM4JBU0zM3oWrt9R8QRCTEyb4sTmytDxh0lgb1eM7UdDY3G4I3eipBUfVM +vb0ta47DLbO9hOg0KnGzmv6RlsbjknhxGBu8rINpJCmrtr1YVuD1iXMxoPGVmFUJ +vny1ZZA0WwwiYLsvWCrF2/nPBkX0trNg1CwfuGIB4Vn/WF8sCIl7jp5QMGA71qmO +rjbqjfelLh6AdcB4nNo+hk/4pLmYxebbr2vNk+M4mMzFwaxUiQEgBBABCgAKBQJT +c9tcAwUBeAAKCRBSTww3oLlGoy9TB/40F4M/WJx76NcrybH6ouGNMRiuubUEOPod +1T2inm+ZH2X/3cJrzSs3A4EZiAQ/l4CzQq+ovdpkJf3VmloJMIxYUual70cyjUGu +Vf4tnl+4scMsyxadPe9O2Xn4bJ2J5Z+ItLa4T1g1ijfeO5SreJ/Xu1HIXFrWZU+E +gjUjaxVNSsOxzQMWNFrDDOXXO44QH2OUg/CpjuQgDT7yzjpaBWQxnm5gOnqXLD9R +mVRVc4NyerjERvuPDJAHfxDE3p+yk1IjVvkG/1GF2q/PC+hofjgpBvWvkqZaoWaq +0SzkgUYienwfdfNCg+mM+SCWSP2GYUPS6Yj0+HiYNHECk1gfKU5eiQEgBBABCgAK +BQJTc9vLAwUCeAAKCRAEGt9Z2zw9izmyCACuXrRMWnY+JrIcip0CPU8XzFP+FU4G +Uvexei6Xf9Uj8aDD6v2g98lYtVmuvwVL8KsEf0oj/nNfuTyw0jWjPfObMxS2zIpv +l1xlAXZOF9A5ucAz0vVzy0/nLh5n7cMwPBOiKNsW7ruPLQAxljPGbKySjbJds28K +4xTTD0o0xFfjj1GKHwt2ZPxhaafa2Q8GA/sqIWVhNwaI8n4u+9vUE0zBVAUyT8P4 +hwZy5E9Zh0vjXUwPVMmtsmjjsygcp65fNBfhDKwYpNawGQSzonxjR1iAptbTLVqb +LQZ2hqxATInHv2u87kmoaAMnAlw8njVoRon4Z4+yRaRaLY0LbVIs0j5PiQGgBBAB +CAAGBQJTc95hAAoJECjZpvNk63USYkMMHAxYuWseLi8bZ9kCLvzfkw0krtd9aXh+ +VqsrlZS5KsfaLK5+62zyCSAwi+NNa65ELB9c1P6CnQ2ZputdTXp0AxhoGCqFwPap +rBWe4yf8gA93oJanQmHhGYBYGHBudKGy0EOELR6wa329+JAV2s8J5xbL7oj1Df+S +V8DvsG9xgP33kWmZ4kfOW7yxxhYtP7HEDKuBpfGm12Ryw3UkNA1Fj6dYJGE88EXF +/nJdTpWgJUBS6jiOB5Fy3sSHaH4sMQ2FyFkdMTJp1uG77aQ7lLjcN5+0B93uHpPv +LABHXa3XasoBRWdSITlTazuqNlo2qXZzdI6ZSvV71QpJFDoC5gGlE4DWwY4f4L/T +kRZnLmpMw/f4escFQrDJKbIo8lWHuwK1m1HXNt7/0IEzeURSG1kRBxos3k+TiuYx +LgKvUedudZYT4I3uImJzDQCnbrULGDUIY9K47e2j511ejWa28xk01YyL9R2VBXFU +5Gkim5z+a9F8n5LEmB+u3mfSrFS+1R/6gCEf4oG0MEdhdmluIEF0a2luc29uIChG +cmVlQlNEIGtleSkgPGdhdmluQEZyZWVCU0Qub3JnPokCPQQTAQgAJwUCUkK6dAIb +AwUJCWYBgAULCQgHAwUVCgkICwUWAwIBAAIeAQIXgAAKCRBNoRTlxKLlf0TIEACk +BEMSUaCjXpt+ZJN47D1RSvyeLw+JXUclAATAWQRlO/Et/BO0jzirim/tEiEdIlv/ +gWM19YkwqyNMT2j4QcbRbggX4z8dYgR61f13u1ZEugOBLmcNbiQrA45xlM8qz1wE ++5zafOnC+HwyhV2q0FkyqjYzIChw9A/tl1uSNuOnv1cA0jj2XXb4zza4f0E+1p3D +mq0w1otaWbVbzYbKRHfeNq44bv5p/iBwol9d44Cm/VICeYqxtwo0a14kGHCke7Ss +4keoDxdoEhs+/8O6g/x3jZV9PF5oHeFgZxd0triztDynbmkdkOd13omHddW2sV0A +AN787t3Ykx1/NoTONn55Q9EWExJGWCky6MhKbkDchQJE22qQjNuXmNjK+u3mup5y +mv170yix6QccS+jwBrcXC9xIvxjTDvvG1aKRIjxnFsocM4Daa0LOFm8ky1UVg/pV +uYSx0QhIqVzT8JuSFoBnQBGyaAdOcgn+493pv4NvmTrag8fRhhIsAo2cvD7xGPu0 +gPNAXWO3x0L5L2FmSZBKk4eFT3WrriTZm9Z9lEnXsKcT3FfTTaQ6PBaETd9OPwFh +e2qjZ/bfe94Hf1pqbjByTxy+AIJ6kRAK5KA35c/I17IPqPlSbrxrGILTwMoqkALR +0HYK4PqzDXYTL3JOCJTv3oJWGy1erGTtQrCe4I8fdohGBBMRCAAGBQJSQrsMAAoJ +EJNd70SgkyYr/A4An0ofuF1stkSsDZ/2k3HMvmBWolH1AJ94xIJAO1p/drVE7WnE +d9DgXzsosIkCHAQQAQoABgUCUkQIXwAKCRAgnH1i+wn1yxKgD/4/TjalgxIXxa14 +QWZa8HfiIAsAdX74FN4BBZDRXtTiE5XA1p8N38pgB40ym9J3Ys5CjLi2bM4onDre +Vs8y4Bftv7Bco/j8XaYoSd5OzeO7qUsdhr59oxGcuHSgzIWMwVtzQ9mSaCHBWtb4 +2XDzP9oRggasb5oySZXbGfdxvRk4t4lSX4kfuqXVCIjvkgBCyDGRrBmVzonf5uRs +VyZeBqcqRiWChj61QwfAv+FwtgyUtkBq/AucaT9N4qpkEgCCgc2VdmEl5xY/RhPe +FC7a/lg6spFFCo/Vt0ZCRHLcIyNne/Dw7iPZi82/24WPXahBFBjcxQAvysA/AlGN +VEzx/UX2z/tY7ciZA3b4LE40WFDV2Yo0zh+3FHBSAhjzt6aieCwbjiao+syXlSBG +qvnswh37T2LOIYiZ/tdWNbFUsS8rOZZAbNVWNHhHRxRCPTjGqsyTtO+hoOEyDegP +M8SqvNUQTPA+XqpL+7F+34goiwY2hjdJUjqrynbbi/wGIpImp6HtfyAcnjD48MTy +82VyzxA70YZsAhGMQo9hyCIF+DYEbv6HpbzbOe4YqvYVXTo9ZbYiwnqX9aygITCQ +zT7X5AiwpqeVd75rz5/O7rzQ935D30hWZ/wp9tsMRbyjyvPE+xnesngYdmifgwiw +s4Ht86OqVHt6hcGJ0JexM176ctZCB4kEHAQQAQgABgUCUkRBjQAKCRBm4XYOIOj9 +fcqBH/460+/qWy6TQTU/MQgzh4vjiZV8zQHkEkQwrJpnTxTmzV058ucLCwlDDNny +RneyrD2M9bteTu4p48UgE9Tr93g0P18h5D4r8siIAni1TMDO9NBGdoo4TAsjyroD +R9bj43HQxAnFB3d5flVQQtqIpDVQ2/P02Ecl/XK3ucgJWgNmZ3ivKoAZKTGth75Y +k0kLQUMBkwjlKOyeEwLGw+Gb0lOefSF3sOL++RteciWugYe0J66VIt0Y+N7s3cGl +Xz1TEQx3SFsqUTFmehQn5iwgHS/4ebbQZOvd1yTkM8aCwUzrAffKJPXCwh8c7F/J +sfm6dD3Uvxbj3JVgOqwOUwi3/9fq/hETOlkbNY+F5cmGpaNI+KWYFOLYquEzrifK +U4pRfY5VqLOz2a64fxGpWWow4WebODxs3pNYMSJ/kkZz5FYYbrJaMhBRVb3rCiMu +R+G6sNZbSeFN7d6qGb2cLZXet7h9Amzot/kp2z3cB9QfaaSPS2XlxlqeZUF5FMF5 +A+z/w7nHF1GbrPa7vLCOzkM53ds0JFBWxigSUDuZ8lZBkb++hEJK5dVHk+UyGlhK +9cs6Z65fk5XeN+NYcYICkYzzfjMMAbwFypb/wVrGMOrsasFam0RQEVrxmeG6HCQs +vsc8zrgtLgv9SHByxM+rvzdbBwuwc/2TWlRxrm/NpOAjfKvYbHBR1iadPgu2s0aN +rjBn9UBYVe2QVB0dRzC1QHOHgA81txP9Z1YSQTkwhatmCAMsaDpuWhmykwwyHlsE +1OTk/SnvEZUOJlpbclNmo9Zjkked8hYXDMgP/osuRExEGiUCMZcPjFo1cgpWXAF7 +5anVnG1+/NNo5L2jyShgE0rWRRIJogXEiPGrB/SD0q5nML1U4p0DTQdZCKvkaDq4 +nfYrsR+/WLZYJ5EW27XsRgurLmuUxWG1wZA+o/C53LuQ0BfTBqAnCQ/EwFxzgl6t +3ObB0lKyJrOeMYhU7DW2ZgzqdrM3IJq8zEGetIZQM3QNm9VVMO6jfVgjgL7JnLf3 +HA89/eOBhChXqUgTgMb0bWs421n6clRXuJKn6Y09uijxOkJa7HlIbpPfAPnlyZe0 +cksLVj402Y2zkChfGZxGCkJgrCgLcV6D8XLYhd9llxNd6RnjRraFmP8v+maRwRU/ +eI48Zi47UcolWjG7gHO0uTwRhBYTe2NxlYajE30gFmsiYNTWH60E/G96ko0eIY8K +CLJI0sGhO2SQvqFVMcNsiPbtZgKlvqDd6dgmjx+z74hKGCUG+IdhJSnJb7ORU3ur +Q6AFx2XapdM1rd/8jwK8sDCgc3cN/p/XfCRCkVch+OHTcQzmJ18kuJsxPz4E0bb0 +W2db9AgFBaPSBrqrTa/I1TZXE1N+iQIcBBABAgAGBQJSSCqcAAoJECZJ5ijF000F +fHAP/2+a8b0O3BIwV3SAHTgENchkqEfXGuFAE8ZeirWkCmg6jlfpTeOfeK8TkrR5 +ANJfitwnOeS4nPwfI+2wua7QDMRrfU+7PpKvgL8xDqW0De0OaH0LhCXBnIffmeoa +Do9/AB+tFoGo1TXbH0wCL83sE7CfIaxFGWjps0afgwZMfgSYBT6SZjQIok3UURJn +S1nZYAcQnSTMESYTBK0te2RFX9wVMOb+82fcUEQKQgBxXw1pX6Skl1kSnRt0q/5J +FRFriHe4WTzfXX+YNE3Le1ZXVzgPTttd02iCq14iHwSarCgdG2Hp2D/K2Yz6xeim +5/Ob0UUXT9uH7KNH76Yi/H8Ok9upKDAM1CZSPu8tEYRjhBdj1+mV9Tb798+2DOpj +b+qdIUJjD8Bz1YkSZOLhL1wufYxzO6MMwxopszj4k40uOiKMiG0lx8odgyY5zX9K +2l5ABFiXCyxbjVCXcjhBV9i9GJjKQLcOYoJJGmb9kCyEVDNAd9Q1uwkASn7JvQ7t +ic1hPZR1ektvKqIdafnHWM1hlYtdrNPPlsIUciPMqV6IHv4d5lIQffojBKVfziFE +6k2E8n8pNwzUoy4UxxHmYh73gYWDMNHm5SzV+1xymbPpJxGNeWtubWZJrm+6l17d +hIY3nyMTi9xQHvSIEcmOKChgXqdmuxT2KbHGf5eH0/9YCKCpiQEcBBABCAAGBQJS +SD9GAAoJEFF75hSlwe7H2XsH/RwGwPE4rdjAk/0CwbMqdA1BS3mZfD7B1U2b0ZSu +k2DHCBlfGn1k/0XcpWlHKxT8Hh6dHtCFSbNMSEx4TRpWiahVsgU9JnaEchfZZ/0s +ManPgbpYXXpW+byWEHUJLCCy8UStc0fu6AXCB+OH6B3EewxRguu/gD8Jh+jppizM +9ZPkPK9CEbQeI5xNFoC5E+lcnmxc/LFPchv1xo5TYZR+qAJAfsWGcFmDLzShPqe8 +ZIzOtLEfYaYwbiQnAC/+/lbbn0DEJ7H68TIcVIKd/4gOfoIhOkc46dy1Ek8bF/iv +uGtjY9WxTPsC+wN8YIhIDS4dDm8z4bKOAskv+cgtfveSxV2JAhwEEAEIAAYFAlJJ +l2gACgkQi+h5sChzHhz3sQ//SwmOu9ZeWGng52qPqEFyPys0RYNkNxT8vATJz84n +ZKQ3zfOcvTt9LIpT2H38iOOg8nvo3wljQi8Zut3E1oCKQ3Oek2h9yPDRam25+ZzF +714ceyFHZ42pI2uzrvTx4kVvaoArX7bKwHLaI/ZIr4OiVLX4LyeAwDJGcvAcSp4s +nwFyxe/eva3QhMVggW/phafqj4NqrbZ86oI1m7SRad8ckWUilDUkLNyqp9DQmWNX +FBYUAuM3ZRIhGltZef2BLWaQe34gDZrS1qC1bCdLymIymoQpF5WBdN5sN5lQfcPV +d0fm1AJxO/ku5pncQ0dnLsuERJ5t3EHdqBgaIi/mvalbQMXxxE59MEaRVm9N/CTf +4gViby9nvfkQrH23tpq3B26NYFgPSnnIRKGknpG78jhEdg+m5gZqoUfvNhVEUHKm +JPdBaloIStwvvUAS9CaZjzhURvAnoEVFDHu40U8o/UNqiQRLdPjzbnYRemlKpiLv +emYqzYQ908GbXLZKT7HMPr0Vd5k1x+1VgqDZqSJgJOdhPhc6ai3vygzsMaWIUkw/ +rVDDqmc9wDSGu6l2LYYPvYw318+E5oLB6cJAPeZqwUAVsx2G1NCJPh8i0/eXPov+ +dmCykzHpygtXt+WPpHMy0FYY0gb2azqKcVSeE4Ukr3LMul+y3d4xNgaseA9xhs9t +dvSJAhwEEAEKAAYFAlJKkTEACgkQkshDRW2mpm6Gig/9GeGYkvOhKJZKtHdnUc2e +GlXxNRL/bUL9BT2WRJVaKHYqVFW7xwdLexwuRaV3jOiIQjJT2ALZ/rvAv3WutNnj +3DmngCob2B6wg7vhNb7+HycHw3QsHRfaEIdWO2hywBvB43ErMq1kNj9sJXlA0m08 +t2Qjg4+P9gFTy1ynJ2tEPuvhkPorEjhZ/rOiHpQp7RzDeSK16lN19d4gYN+11aM7 +FXpPPISvMrg+Gc8eo/1hAApaltiLUYpoAVTtW2o/kYXawRtOxLFaWGGAcIacRTzJ +NC3VspA+YDHsN5eY++EqYSZorIpasgxv5Rlq/BDZWwGMdvVJW4mzlX7VmIsD5VyG +tc83NDf0leoBIZDxvABmQdPRdgH2tKL6bsQufUcibDorQ2WaGxwdL6cHCbwnOeln +LytQBKIMnYDsdVJsw55XYpjTzJN4ZNKeSc27qsQJJ/GwbjeogOT3qahyb+lVq4tE +Ln053xBtAzlTdIis4Hzc8N3n4H49+yt9rlZouRLj6W423u3ITX2KXLGgUEjF0klz +RJHLRW7WqnXsk9QQ20mmlzB7iVaqtODXA8Ts5zIlFfAhoE9pGoti8zmGI8aCyrUD +LkII02oFgUWQ4Q6gqcFBvDYngQYPVDeZ/2amfode4wlYH8grMv6OR+Fj7NRTZKxf +QRr9nUtSM4c16ZJZ/FWB3buJAhwEEAEKAAYFAlJKks8ACgkQ7Wfs1l3PaucVaA/9 +GnRQcppfrhmm6X5ZEXl6LBzPGUQo7cjPnJanFvRO71wNIei2QbdsxpjlmUjW2/wL +04tmEstP6EkAUY5pOBl8OIVmvb6SZjaf/l8Jpga/aUFnO7yhWQ/mS5GGYtHplqYG +alv53ELL3u4RZRM35HIEdr77XdH0gYS62jjH8XQYEP+CMbuLh00oeHpLzY3k1SXz +D46Al9ucZkkSjYeD3GAVowJEKHqwrkUtvkZcbBH7cHlYiVaSTor7DwVvJ61se3AX +SuPX11dt8DcZhApDhVN8Fq/4g+/S4O+UEoTnHDOTHESLyMPtBEk5XjoSPbcG4nF5 +/Ux64WbDP3QlSTfbwXPWQB/i4pTJzrUF8UsCls82Zu0tAgtEF8HAhqbjetvHEzHw +dM2t1P1ILKKWTuxZgXhD8hkqh5m+PVR7mphN5j4X0BzOs9KZGKt7u8AdKqZsLD/+ +GUiAgzpnwgGk3XQTwVvvx9a4CC95XusXOj9CUw6nydGXOTpq0TZk+zoKNEU+xvUg +7B0EhXlDd/1sUaHzWdJpYIyqa67jagtdUYqNYaFu8T9RsQ0F0m3+YElw10CYwc15 +nKEgExFQEZjiMjfntvAwtzNk8/GGG6MqqxG3N25csAClWhgwB1tZ5lU3msJKtVUC +T8WKSnXM4l2yVOci2PXAS9hBM7jK55D/MxuuaX55AQiJAhwEEwEKAAYFAlJLEKMA +CgkQOANCqFJhVhnCEg//Qf5PD6rEghQCxKGzAebOu7RYODFOQew8CyLsVwxxf5cX +FneUBvpy2+pRVSko6dsP93erEk1o6jVJfloVm0RSW6UY1CkT5qm7+Sb3fJbxKa8v +waPJChfc+wcrl+GXeCBHhlie0cdTNbRRmWoqUBwUPrPj5yf+VLG+3kxiTpP8KXbq +dW1zmjMH8i5kYv6Z+WUDaPC2dn1Yto0BvYDkFpQvyboNvPSERCGybdGtvTMSZFgv +z9TGAtqdlfryNqTx0ycdQLCcf+RV0NIvkO/0xq/05+rdQ1nRIenbtjWIBsz6yCXY +juQobmX3iMcjGC0MxuhXTlUf1l6jzGPA3yzIGj0jJVWkysTq6u4ORPeDgKg/yEjG +pnv1nZkjzGbadsDRK8vNbGeLtCP4XpARuKiW+gAkEiwRXEsDTyjMnWfSkUxuD6fR +EbbmLS1y5aHVmfqR99qsKHVJg+ojjMBvSs5pdb8KLSbuWDJ7n9L76AeXGHnSB3Uz +lqLGa+7Wi4HMICsPUwHxIRMKK/AO1rp3B7/vIfgl4316BIoLzDlC3wH41AfUWY/I +Q3BkB2Wlh+yxB/8UcbyqphZZ1RfbXPS2FKu0TWiAfnEguqtdq7KPX5Z8MW1qCtA+ +ekxqK+s7vF99lZI+WLj9oBj9HrH5ozCU3Id6lM43Bcq6HvNIRFYZnq4BXKTz+PWJ +AhwEEAEIAAYFAlJNgeYACgkQILcN4T8dHk+0gRAAoCdBYysm4vu0YnN/mNNkGrqI +tuNvyI9oxIjWNaNGowixboE68RLEPQLLQJqGq1tasDkgMwdKt9SfhNKY8mqQOn9E +WPD3GYrCEFs1xE3TdnLuTWTcb9YZPT41q7jaKJpU0zrtf3I497d5VrNtFUM346ri +KUR3x/09BdM0252EXmci9uuwrANX8ZhNxh95OSp+B90q6WYwDkEvy01yMDoXU0bi +Cc+jt7XET9XH8CGlTl9AYq7y3ueT27tWBqeksz/JWZ7swJZLl+E+fqZykTcrVB88 +CvVsCt5g+r4vgj0q9YRrRsYhWN+R+aqXAkatjssWG7D6H+kBgr4si/xyW4qQLeQD +wTS+3lHogSN229fYOul4FW/KI0klTiCaLUL5+DqQhp5Ln4HRSWvTrrP9rub69f3f +mCVcJMFvd/A5MrXmNAlsAyYelf51kmgt8kJZaqzQZyT9sfLz+IaFVzZShBVsPuD8 +Y7D/YrqT/l0MX8BAPJyh0+wDvr3AeCbol85S3scEfWjezRgjegU5h3UGxqa3CjDh +XkEGlkbi4S2Eadp8X/xzwfTgs92nHgPSGXZ0ANbI8O4GUlqgLb7WbXPu2xqm7pnF +Ldu/fsrul9qPyQdmBDO2AkpeyvRFIbFnZ0r0Qu5lhp+tVBWWLtEgVcjhAdZFQPPz +eEjhxdU+uCbp5nGuRd+IRgQTEQoABgUCUmAHrwAKCRDtFpR/ZKGUTb0qAJ95cvW8 +5m5ykoLVyvs2i2PiPO6G7gCfYyEy99Ba0OWVIPuTDdpbTbyM2kSJAhwEEwEKAAYF +AlJgFLYACgkQ93ScF/THMa3kZA//aSHdiMGd3KKim82LIrzLb9lPwoo3ndcAQ45U +eAPvY3gIUa3q+A+WfVOwko7kee852doTjOYy9LhH3Xlvw3kJsx2E+H4uvevSRCJZ +jS7SEIyRI6+agaDalM0w+KHFP4NuBmvZ4WZsImTCJ58PXnlzrTtgv20Q28mG08gV +PNKyJsUXjzNDRlmtbjUm1qyspAbx9MRfBIjOqBjARwu22Hio6byu1nLb1R4IdbJi +3abY1X7RUSp23xqDS2thsSRgF6S4Ccjes47NDqZqCkOlDEhnvra1Sz9Ayf2Cn4jb +wVKUUns3Ds0MnNocNYF+1bOUdIgc3gQCr8VTUiYivNjOdNvjhQttZbbByU/BnVgq +KVxP9wWLasNDXbdztA3zvM1zhNUi57JmAwcJTdxBJeZy/T5v6lDdXAwV+PWX7FbC +75rHF1a0U7kO+BsI0T5b1dKvrm7hLT6Lt5uN9sWSsgtwqNpst9ivzQqShCX1vnV+ +f6jJ4LE1W2gYqsFRFLVYE1GS/0wlLRBmzhAA0/U9Octs5CKA5f4d6dlNMllgy7lA +yfskKQjKyWX7cf57gev6tgqAJuYjCJct4Sd7gr93FPlfg50lIcSrJ6/M/JC/ym+S +QBuFzcQYo3uhPaqjI4hLQ1vM/nun5EkjC15ftf809gEBdLYT+jLybnF219Xc2X8y +teq0sMKJARwEEAECAAYFAlNz4NkACgkQNdaXCeyAngT8IQgAlAMbwU3Sx3pVi1zg +v6wVwH05ZPWkkDr5AHbTzfeWrPiawP7/YOgO2yKdVl1YPQIJUklE63getqfcl14o +kS0OBNDuMDZx6lGWFupNp5UJtI9WRM07gSnfPXSjzz/n7iBBE2SjcJIcCCj/1oiR +LQV79D76A6aWr+zomG6hImnLPg/K3seb+7Db3J6alQexA95q34I5ncZKY1KPK+k9 +td5zKyvyP9/KISGdnPRo/erqVwahxIX/AQCpwQvYg75cBXXvUTiXQA7vnc1OakIl +RAmp/7M1f1YtTYrNv7cRaF4HukTqVNnA2xqBGbVE341p/7E8rObJ+BZNklbL3mtf +aSln6YkBIAQQAQoACgUCU3PbXAMFAXgACgkQUk8MN6C5RqNEXwgAmrFkcrkXBzJ1 +/xMkvghwFocxsVoK61Diio/GRlO2WuzMKUnYBM9Q5NTAAGSYKEQuLM3L0PPv/EV2 +JjYFvtiGNo7UmsR5pk0FpYVa60jFXGBUymuESCHWAibifVzPqLB75v6kSFNDNUDP +taaeLN2f/PMWm5t8oph0cvhKolVHaI+VFwivtWT49o0Ki6TlftJj/Sta/h8TnDyn +X9tV+FX21uRSrNFMs3WzReQ+p1C+uTa0Omzv/nfqYt1SeY19LMk7HuPOOxy52kfJ +Io7T70nZjFtxslzO0aA//aKiSE/u7fJRMelBHovRhqNrP+rX3zMdKLa7TW/Pk07H +9f7M1vp6bYkBIAQQAQoACgUCU3PbywMFAngACgkQBBrfWds8PYugRwgAwqW7o7Za +GyI2qXUvTipHCslZZ5F7a9F4LZMXLQlsaUi+iJ84CxGC2YDonMtlVMgH7AYyPclm +g+IFzPK0cTQR7Wpk/1N0VgZvmMpf1N6gc4kneTMxKUnOK8LbP2Ra/Ktd+bKa2MDj +Iy9wDKG+0pbJWmQXDt6pap79FpTgvss9rw6bAOW2AGZn9XObqtelAvAWNICmsxei +6MUeS9BLnsfloOp8NF5yRIOH0UkAiwGBa21vcHugJezt2HTII2z4lE8+TkbAflgu +yn/o9caHuwKILCsAR4v+qeJm1HefwFqbqVpffnAEp8Ga19Rxsf0wmrU8xApQ+I3C +HPZZBGro+60jU4kBoAQQAQgABgUCU3PeYQAKCRAo2abzZOt1EkzwDCCFqCdPMG6i +0IU9o8E6xRSOpqLemrCcHXMIauSgOK5X9+BCZNWPp8gT5SN23/hJc0EmdtS/I99y +IL8/b+Spaa/+lTimYTq8s9uFTL1OE3qSEUUla1IOEN4ExrFtHUZsJY6lzHjLrTZk +Ov2VUUYZHyN3T6wxL3p/hua+NYmFl1PDD9VA/bca4XstGlyZzXY/fb/pBBsc8b6G +MRS1umK+7kWSEHOa2TsY6ahjjL1YX8owAC7s2wbgd8sXe4POJGmdMlliv5jvrmgm +KfJjPiHmPGIudn3CtuEHaei6iZbn1jyTPb0zMnrnTxkt4nDcWvB+9xAiTD8lG2P2 +ry+hMt2I1pOwaMHInTfQ5xdUprq4Voa8wB+TAXMf1ZmGLlueMX7/uxHzAS7FgQvS +Pqi8PQfSJNoA6q7eUtZ2VRJEh2QJsl0rXD1zWbQioD76E3wNmlrsfAaKWI8b0f5D +5p0aXh8V0ypbm9ANPrbponeFKRw0rghwRf/qLDbyQwGvt+y5pJ78veTb8DgluQIN +BFJCuagBEADqGDFkc/sKOG04tT2wjGOBWZZSaAK6Imua5oughjteg+948LQljadH +jpM1xxSHqoC+4XjwgEPAS2HlrojhmYwDAx3cNXUVMu3kqJ5pcED66dBacKhNqXa7 +PZcCSciTgU+goYdx/ivMY8+7q0OYfqBq0ofWQGIcUPGyv18jvfEXaElBO6hW+yLH +pMK5M4caU3wsR+PDoy0j29zQuubwqC2nLYktM4W6kjIgn3ch6w2vzivyUJEoeHyj +4D/dLmNyGTsjG6A8u5jH29FujXDeX87bLpTh9xWDIS3OwqZnJK85SzDihf5Oj0dz +jaQFzfKH76C8NIW8kEdOsk5GWphH2J1n/F7wSHrDyWAtYKeBwFhRXsUx9yl6gh1B +8GmCyl0KzjI+m8mLcvsGEh2qpN5aJ/opQ4VAeEjohep5xwrGzRM/UPxIL2OoAWOb +oprj9Wt5qYQuZlZooCWJbPzi3uUsUEt+uh4RFQa+KHNO/m0AbJAlZYTqHj2uqqrW +7CX4aQWr8Nt5F36g/hScKaYuljjXs2wgqibOMKgSiLhPy8tUvXrHvc5qUkPCFNsE +zjid9uOvdgzkh6M0S/krN7z4Tj0/Zd79XIJeHkrUFWayk7l/XlwoODgp5UwHRt7J +LVEwtXrvFdQxauL0qeQh/wSxSI3JYvhPYxgo7gGJOuIo9YwWw3GDIQARAQABiQIl +BBgBCAAPBQJSQrmoAhsMBQkJZgGAAAoJEE2hFOXEouV/IrgQAKX75iykU3cBnzUj +kIWzMy/Lt68M3NxEJ+RQTbEo+4VXinUpHsG58XiMSxjzilmfi2+3kih5fktAXlWa +DOGiJtzKsdSAZxHDE6z+cVrUa0OLpfkmg8fOXQikPk1uxLkMzs20rcdG+jVCkv0C +a2tDucv3y2gHGBvwGVo65WLYON82tOt5+Y9F82LvQ/5VACb/Sv0R1uGldUEkiwNV +qOqaOn+hoqkWDNkHw1DDyG8L41RneP0XgfFxix3R/j1c9ljTke5CtR8j/QPTxF+i +pvx9EabcvzDyuoWigpbdE3Zn5wZ8hc1XH5JcLwgNGZJR8ejTceajrhuKPBzjRYZG +B8qAGeC+mqd+J1UQqLoZmHyUTFKgoZB7gwr5YzKzYNG9zrdtV6BCHTIeqL67TAun +LSjkneBld+PrKn6T8BejXvnUmeGqg5/PbuYcGOIO/7Kcdhs+NzW/DLMPVrfgbKpd +AsMgudKyssiI4TY1VOObNo+1UdfJW7dHKLX9/gHjSUYsBGwlOyAiA2sn9JLVD1fe +ctHNQ6dR/d90122Ki/BFhuERd5QZi+pl9mTE1yGE7rLLk24iChDb7ZfFDZlpEt8k +EGzO30sAuAxmY8cXFQSA1MgiKVHbslq8Od9PlsGZYIzdvN1YowF+03A18VYbqQH7 +FH8dwCRO1I41T64qjV/9ZiGNaLax +=ygbj -----END PGP PUBLIC KEY BLOCK----- ]]> From owner-svn-doc-all@FreeBSD.ORG Sun May 25 20:55:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 63B19704; Sun, 25 May 2014 20:55:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4466120FC; Sun, 25 May 2014 20:55:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4PKta8o062300; Sun, 25 May 2014 20:55:36 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4PKta4V062299; Sun, 25 May 2014 20:55:36 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201405252055.s4PKta4V062299@svn.freebsd.org> From: Warren Block Date: Sun, 25 May 2014 20:55:36 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44952 - head/en_US.ISO8859-1/books/handbook/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 May 2014 20:55:36 -0000 Author: wblock Date: Sun May 25 20:55:35 2014 New Revision: 44952 URL: http://svnweb.freebsd.org/changeset/doc/44952 Log: Whitespace-only fixes. Translators, please ignore. Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Sun May 25 16:32:53 2014 (r44951) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Sun May 25 20:55:35 2014 (r44952) @@ -4,7 +4,10 @@ $FreeBSD$ --> - + + Security @@ -1083,35 +1086,46 @@ sendmail : PARANOID : denyKerberos - TillmanHodgsonContributed - by + + + Tillman + Hodgson + + Contributed by + + - MarkMurrayBased - on a contribution by + + + Mark + Murray + + Based on a contribution by + Kerberos is a network authentication protocol which was originally created by the - Massachusetts Institute of Technology - (MIT) as a way to securely provide authentication - across a potentially hostile network. - The Kerberos protocol uses - strong cryptography so that both a client and server can prove - their identity without sending any unencrypted secrets over the network. - Kerberos can be described as an - identity-verifying proxy system and as a trusted third-party - authentication system. After a user authenticates with - Kerberos, their communications can be - encrypted to assure privacy and data integrity. + Massachusetts Institute of Technology (MIT) + as a way to securely provide authentication across a potentially + hostile network. The Kerberos + protocol uses strong cryptography so that both a client and + server can prove their identity without sending any unencrypted + secrets over the network. Kerberos + can be described as an identity-verifying proxy system and as a + trusted third-party authentication system. After a user + authenticates with Kerberos, their + communications can be encrypted to assure privacy and data + integrity. The only function of Kerberos is - to provide the secure authentication of users and servers on the network. - It does not provide authorization or auditing functions. It is - recommended that Kerberos be used - with other security methods which provide authorization and - audit services. + to provide the secure authentication of users and servers on the + network. It does not provide authorization or auditing + functions. It is recommended that + Kerberos be used with other security + methods which provide authorization and audit services. The current version of the protocol is version 5, described in RFC 4120. Several free @@ -1123,18 +1137,20 @@ sendmail : PARANOID : denyUS export regulations. In &os;, MIT Kerberos is available as the security/krb5 package or - port. The Heimdal Kerberos implementation was - explicitly developed outside of the US to - avoid export regulations. The Heimdal + port. The Heimdal Kerberos + implementation was explicitly developed outside of the + US to avoid export regulations. The Heimdal Kerberos distribution is included in the base &os; installation, and another distribution with more - configurable options is available as security/heimdal - in the Ports Collection. - - In Kerberos users and services are - identified as principals which are contained within - an administrative grouping, called a realm. A - typical user principal would be of the form + configurable options is available as + security/heimdal in the Ports + Collection. + + In Kerberos users and services + are identified as principals which are contained + within an administrative grouping, called a + realm. A typical user principal would be of the + form user@REALM (realms are traditionally uppercase). @@ -1177,14 +1193,15 @@ sendmail : PARANOID : denyThe Key Distribution Center (KDC) is the centralized authentication service that - Kerberos provides, the trusted - third party of the system. It is the + Kerberos provides, the + trusted third party of the system. It is the computer that issues Kerberos - tickets, which are used for clients to authenticate to servers. - Because the KDC is considered trusted by - all other computers in the - Kerberos realm, it has heightened security - concerns. Direct access to the KDC should be limited. + tickets, which are used for clients to authenticate to + servers. Because the KDC is considered + trusted by all other computers in the + Kerberos realm, it has heightened + security concerns. Direct access to the KDC should be + limited. While running a KDC requires few computing resources, a dedicated machine acting only as a @@ -1219,9 +1236,9 @@ kadmind5_server_enable="YES"Kerberos can also use the DNS to locate KDCs, instead of a [realms] section in - /etc/krb5.conf. For large organizations that - have their own DNS servers, the above example - could be trimmed to: + /etc/krb5.conf. For large organizations + that have their own DNS servers, the above + example could be trimmed to: [libdefaults] default_realm = EXAMPLE.ORG @@ -1252,22 +1269,22 @@ _kerberos IN TXT /var/heimdal/m-key; it would be reasonable to - use a 45-character random password for this purpose. To create the - master key, run kstash and enter a - password: + /var/heimdal/m-key; it would be + reasonable to use a 45-character random password for this + purpose. To create the master key, run + kstash and enter a password: &prompt.root; kstash Master key: xxxxxxxxxxxxxxxxxxxxxxx Verifying password - Master key: xxxxxxxxxxxxxxxxxxxxxxx - Once the master key has been created, the database should be - initialized. The Kerberos administrative - tool &man.kadmin.8; can be used on the KDC in a mode that - operates directly on the database, without using the &man.kadmind.8; - network service, as kadmin -l. - This resolves the chicken-and-egg problem of trying to connect to - the database + Once the master key has been created, the database should + be initialized. The Kerberos + administrative tool &man.kadmin.8; can be used on the KDC in a + mode that operates directly on the database, without using the + &man.kadmind.8; network service, as + kadmin -l. This resolves the + chicken-and-egg problem of trying to connect to the database before it is created. At the kadmin prompt, use init to create the realm's initial database: @@ -1299,10 +1316,11 @@ Verifying password - Password: &prompt.user; kinit tillman -tillman@EXAMPLE.ORG's Password: - +tillman@EXAMPLE.ORG's Password: + Confirm that a ticket was successfully obtained using - klist: + klist: + &prompt.user; klist Credentials cache: FILE:/tmp/krb5cc_1001 Principal: tillman@EXAMPLE.ORG @@ -1333,49 +1351,52 @@ Aug 27 15:37:58 2013 Aug 28 01:37:58 20 regenerated on the new system. Next, create /etc/krb5.keytab on the - server. This is the main part of Kerberizing a service - — it corresponds to generating a secret shared between the - service and the KDC. The secret is a cryptographic - key, stored in a keytab. The keytab contains - the server's host key, which allows it and the KDC - to verify each others' identity. It must be transmitted to the - server in a secure fashion, as the security of the server can - be broken if the key is made public. Typically, the + server. This is the main part of Kerberizing a + service — it corresponds to generating a secret shared + between the service and the KDC. The + secret is a cryptographic key, stored in a + keytab. The keytab contains the server's host + key, which allows it and the KDC to verify + each others' identity. It must be transmitted to the server + in a secure fashion, as the security of the server can be + broken if the key is made public. Typically, the keytab is generated on an administrator's trusted machine using kadmin, then securely transferred to the server, e.g., with &man.scp.1;; it can also be created directly on the server if that is consistent with the desired security policy. It is very important that the keytab is transmitted to the server in a secure fashion: if - the key is known by some other party, that party can impersonate - any user to the server! Using kadmin on the - server directly is convenient, because the entry for the host - principal in the KDC database is also created using + the key is known by some other party, that party can + impersonate any user to the server! Using + kadmin on the server directly is + convenient, because the entry for the host principal in the + KDC database is also created using kadmin. - Of course, kadmin is a kerberized service; - a Kerberos ticket is needed to authenticate - to the network service, but to ensure that the user running - kadmin is actually present (and their session has - not been hijacked), kadmin will prompt for the - password to get a fresh ticket. The principal authenticating - to the kadmin service must be permitted to use the - kadmin interface, as specified in - kadmind.acl. See the section titled - Remote administration in info - heimdal for details on designing access control - lists. Instead of enabling remote kadmin - access, the administrator could securely connect to the - KDC via the local console or &man.ssh.1;, - and perform administration locally using - kadmin -l. + Of course, kadmin is a kerberized + service; a Kerberos ticket is + needed to authenticate to the network service, but to ensure + that the user running kadmin is actually + present (and their session has not been hijacked), + kadmin will prompt for the password to get + a fresh ticket. The principal authenticating to the kadmin + service must be permitted to use the kadmin + interface, as specified in kadmind.acl. + See the section titled Remote administration in + info heimdal for details on designing + access control lists. Instead of enabling remote + kadmin access, the administrator could + securely connect to the KDC via the local + console or &man.ssh.1;, and perform administration locally + using kadmin -l. After installing /etc/krb5.conf, - use add --random-key in kadmin. - This adds the server's host principal to the database, but does not - extract a copy of the host principal key to a keytab. To generate - the keytab, use ext to extract the server's host - principal key to its own keytab: + use add --random-key in + kadmin. This adds the server's host + principal to the database, but does not extract a copy of the + host principal key to a keytab. To generate the keytab, use + ext to extract the server's host principal + key to its own keytab: &prompt.root; kadmin kadmin> add --random-key host/myserver.example.org @@ -1387,11 +1408,12 @@ Attributes []: kadmin> ext_keytab host/myserver.example.org kadmin> exit - Note that ext_keytab stores the extracted key - in /etc/krb5.keytab by default. This is - good when being run on the server being kerberized, but the - --keytab path/to/file - argument should be used when the keytab is being extracted + Note that ext_keytab stores the + extracted key in /etc/krb5.keytab by + default. This is good when being run on the server being + kerberized, but the --keytab + path/to/file argument + should be used when the keytab is being extracted elsewhere: &prompt.root; kadmin @@ -1400,23 +1422,25 @@ kadmin> exitThe keytab can then be securely copied to the server using &man.scp.1; or a removable media. Be sure to specify a - non-default keytab name to avoid inserting unneeded keys into the - system's keytab. + non-default keytab name to avoid inserting unneeded keys into + the system's keytab. - At this point, the server can read encrypted messages from the - KDC using its shared key, stored in - krb5.keytab. It is now - ready for the Kerberos-using services to - be enabled. One of the most common such services is &man.sshd.8;, - which supports Kerberos via the + At this point, the server can read encrypted messages from + the KDC using its shared key, stored in + krb5.keytab. It is now ready for the + Kerberos-using services to be + enabled. One of the most common such services is + &man.sshd.8;, which supports + Kerberos via the GSS-API. In - /etc/ssh/sshd_config, add the line: + /etc/ssh/sshd_config, add the + line: GSSAPIAuthentication yes - After making this change, &man.sshd.8; must be restared for - the new configuration to take effect: service sshd - restart. + After making this change, &man.sshd.8; must be restared + for the new configuration to take effect: + service sshd restart. @@ -1428,34 +1452,35 @@ kadmin> exitconfigure clients - As it was for the server, the client requires configuration in - /etc/krb5.conf. Copy the file in place - (securely) or re-enter it as needed. + As it was for the server, the client requires + configuration in /etc/krb5.conf. Copy + the file in place (securely) or re-enter it as needed. Test the client by using kinit, klist, and kdestroy from - the client to obtain, show, and then delete a ticket - for an existing principal. Kerberos + the client to obtain, show, and then delete a ticket for an + existing principal. Kerberos applications should also be able to connect to Kerberos enabled servers. If that does not work but obtaining a ticket does, the problem is likely with the server and not with the client or the - KDC. In the case of kerberized &man.ssh.1;, - GSS-API is disabled by default, so test using - ssh -o GSSAPIAuthentication=yes - hostname. + KDC. In the case of kerberized + &man.ssh.1;, GSS-API is disabled by + default, so test using ssh -o + GSSAPIAuthentication=yes + hostname. When testing a Kerberized application, try using a packet sniffer such as tcpdump to confirm that no sensitive information is sent in the clear. Various Kerberos client - applications are available. With the advent of a bridge so that - applications using SASL for authentication can - use GSS-API mechanisms as well, large classes - of client applications can use Kerberos - for authentication, from Jabber clients to IMAP - clients. + applications are available. With the advent of a bridge so + that applications using SASL for + authentication can use GSS-API mechanisms + as well, large classes of client applications can use + Kerberos for authentication, from + Jabber clients to IMAP clients. .k5login @@ -1514,8 +1539,8 @@ jdoe@example.org MIT versions if PATH lists the system directories first. - When using MIT Kerberos as a KDC on &os;, - the following edits should also be made to + When using MIT Kerberos as a KDC on + &os;, the following edits should also be made to rc.conf: kerberos5_server="/usr/local/sbin/krb5kdc" @@ -1536,9 +1561,9 @@ kadmind5_server_enable="YES" When using either Heimdal or MIT - Kerberos from ports, ensure that the - PATH lists the port's versions of the - client applications before the system versions. + Kerberos from ports, ensure + that the PATH lists the port's versions of + the client applications before the system versions. @@ -1580,15 +1605,16 @@ kadmind5_server_enable="YES" With MIT - Kerberos, to allow a - principal to have a ticket life longer than the default - lifetime of ten hours, use modify_principal - at the &man.kadmin.8; prompt to change the + Kerberos, to allow a principal + to have a ticket life longer than the default lifetime of + ten hours, use modify_principal at the + &man.kadmin.8; prompt to change the maxlife of both the principal in - question and the krbtgt principal. The - principal can then use kinit -l to - request a ticket with a longer lifetime. + question and the + krbtgt + principal. The principal can then use + kinit -l to request a ticket with a + longer lifetime. @@ -1994,21 +2020,39 @@ Connection closed by foreign host. - <acronym>VPN</acronym> over - <acronym>IPsec</acronym> + <acronym>VPN</acronym> over + <acronym>IPsec</acronym> - NikClayton -
            nik@FreeBSD.org
            -             Written by             + + + Nik + Clayton + + +
            + nik@FreeBSD.org +
            +             + Written by +             - - Hiten - M.Pandya -
            hmp@FreeBSD.org
            -             Written by             -             -             + + + + + Hiten M. + Pandya + + +
            + hmp@FreeBSD.org +
            +             + Written by +             +             +             IPsec @@ -2152,13 +2196,22 @@ device crypto - Configuring a <acronym>VPN</acronym> on &os; + Configuring a <acronym>VPN</acronym> on &os; - - TomRhodes -
            trhodes@FreeBSD.org
            -             Written by             -             + + + + Tom + Rhodes + + +
            + trhodes@FreeBSD.org +
            +             + Written by +             +             To begin, security/ipsec-tools must be @@ -2457,7 +2510,7 @@ racoon_enable="yes" authentication and encryption methods to prevent this from happening. More information about OpenSSH is available from http://www.openssh.com/. + xlink:href="http://www.openssh.com/">http://www.openssh.com/. This section provides an overview of the built-in client utilities to securely access other systems and securely transfer From owner-svn-doc-all@FreeBSD.ORG Mon May 26 00:18:22 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A71907C4; Mon, 26 May 2014 00:18:22 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 90EF82106; Mon, 26 May 2014 00:18:22 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4Q0IMuQ052927; Mon, 26 May 2014 00:18:22 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4Q0IMa7052926; Mon, 26 May 2014 00:18:22 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201405260018.s4Q0IMa7052926@svn.freebsd.org> From: Glen Barber Date: Mon, 26 May 2014 00:18:22 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44953 - head/en_US.ISO8859-1/htdocs/releases/10.0R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 May 2014 00:18:22 -0000 Author: gjb Date: Mon May 26 00:18:22 2014 New Revision: 44953 URL: http://svnweb.freebsd.org/changeset/doc/44953 Log: Remove reference to atacontrol(8). PR: 189833 Submitted by: Paul J Murphy Patched by: Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/10.0R/relnotes.html Modified: head/en_US.ISO8859-1/htdocs/releases/10.0R/relnotes.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/10.0R/relnotes.html Sun May 25 20:55:35 2014 (r44952) +++ head/en_US.ISO8859-1/htdocs/releases/10.0R/relnotes.html Mon May 26 00:18:22 2014 (r44953) @@ -1,5 +1,5 @@ -FreeBSD 10.0-RELEASE Release Notes

            FreeBSD 10.0-RELEASE Release Notes

            The FreeBSD Project

            Copyright 2013-2014 The FreeBSD Documentation +FreeBSD 10.0-RELEASE Release Notes

            FreeBSD 10.0-RELEASE Release Notes

            The FreeBSD Project

            Copyright 2013-2014 The FreeBSD Documentation Project

            FreeBSD is a registered trademark of the FreeBSD Foundation.

            IBM, AIX, OS/2, PowerPC, PS/2, S/390, and ThinkPad are @@ -165,12 +165,7 @@ hv_vmbus_load="YES"

            [r250700]

            Support for setting/matching differentiated services codepoints (DSCP) in IP header has been added to ipfw(8). [r248552]

            2.2.5.Disks and Storage

            The aac(4) driver now supports volumes - larger than 2TB in size.

            The ata(4) driver now supports a spindown command for - disks; after a configurable amount of time, if no requests - have been received for a disk, the disk will be spun down - until the next request. The atacontrol(8) utility now - supports a spindown command to configure - this feature.

            The hptrr(4) driver has been updated to + larger than 2TB in size.

            The hptrr(4) driver has been updated to version 1.2 from Highpoint.

            nvme(4) has been added and provides NVM Express support. NVM Express is an optimized register interface, command set and feature set of PCI Express From owner-svn-doc-all@FreeBSD.ORG Mon May 26 11:34:02 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 978DCD31; Mon, 26 May 2014 11:34:02 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 84C3D28CD; Mon, 26 May 2014 11:34:02 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4QBY2l1058276; Mon, 26 May 2014 11:34:02 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4QBY2OT058275; Mon, 26 May 2014 11:34:02 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405261134.s4QBY2OT058275@svn.freebsd.org> From: Ryusuke SUZUKI Date: Mon, 26 May 2014 11:34:02 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44956 - head/ja_JP.eucJP/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 May 2014 11:34:02 -0000 Author: ryusuke Date: Mon May 26 11:34:02 2014 New Revision: 44956 URL: http://svnweb.freebsd.org/changeset/doc/44956 Log: - Merge the following from the English version: r43575 -> r44930 head/ja_JP.eucJP/htdocs/index.xsl Modified: head/ja_JP.eucJP/htdocs/index.xsl Modified: head/ja_JP.eucJP/htdocs/index.xsl ============================================================================== --- head/ja_JP.eucJP/htdocs/index.xsl Mon May 26 10:36:36 2014 (r44955) +++ head/ja_JP.eucJP/htdocs/index.xsl Mon May 26 11:34:02 2014 (r44956) @@ -5,7 +5,7 @@ ]> - + &rel2.current;, &rel3.current; - +

          • 次回予定: &betarel.current;-&betarel.vers;
            • + href="&u.betarel.schedule;">&betarel.current; - +
          • 次回予定: &betarel2.current;-&betarel2.vers;
            • + href="&u.betarel2.schedule;">&betarel2.current;
            From owner-svn-doc-all@FreeBSD.ORG Mon May 26 10:36:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BFBE67E2; Mon, 26 May 2014 10:36:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AB8302213; Mon, 26 May 2014 10:36:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4QAaavT031922; Mon, 26 May 2014 10:36:36 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4QAaagT031921; Mon, 26 May 2014 10:36:36 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405261036.s4QAaagT031921@svn.freebsd.org> From: Ryusuke SUZUKI Date: Mon, 26 May 2014 10:36:36 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44955 - head/ja_JP.eucJP/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Mon, 26 May 2014 11:48:43 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 May 2014 10:36:36 -0000 Author: ryusuke Date: Mon May 26 10:36:36 2014 New Revision: 44955 URL: http://svnweb.freebsd.org/changeset/doc/44955 Log: - Merge the following from the English version: r44733 -> r44734 head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Mon May 26 04:16:16 2014 (r44954) +++ head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Mon May 26 10:36:36 2014 (r44955) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r44733 + Original revision: r44734 $FreeBSD$ --> これらを配慮し、アップグレードの推奨手順が作られました。 + + make を実行したときの出力は、 + ファイルに保存すると良いでしょう。 + 何か障害が発生した場合には、エラーメッセージのコピーを + &os; メーリングリストに投稿してください。 + + ファイルに保存する最も簡単な方法は、script + コマンドを使い、 + 引数として出力の保存先のファイル名を指定することです。 + /tmp に出力を保存しないようにしてください。 + このディレクトリは、次の再起動で削除されてしまう可能性があります。 + 出力の保存には、/var/tmp が適しています。 + 次のコマンドを world の構築の直前に行ない、再構築が終了したら + exit と入力してください。 + + &prompt.root; script /var/tmp/mw.out +Script started, output file is /var/tmp/mw.out + + world の構築プロセスの概要 @@ -1638,6 +1657,11 @@ before running "/usr/sbin/freebsd-update world の構築プロセスでは、いくつかの設定ファイルが使われます。 + /usr/src に置かれている、 + Makefile には、 + &os; を構成するプログラムの構築方法や、 + どういう順番でそれらを構築すべきかといった指示が記述されています。 + make で利用可能なオプションの説明は &man.make.conf.5; や、共通の例が /usr/share/examples/etc/make.conf にあります。 @@ -1670,152 +1694,69 @@ before running "/usr/sbin/freebsd-update - ベースシステムの再構築 + 変数とターゲット - 実行される &man.make.1; からの出力は、 - ファイルに保存すると良いでしょう。 - もし、何か障害が発生した場合、エラーメッセージのコピーを - &os; メーリングリストに投稿してください。 - - ファイルに保存する最も簡単な方法は、&man.script.1; - コマンドを使い、引数に出力を保存したいファイル名を指定することです。 - これを make world の直前に行ない、再構築が終了したら - 以下のように exit と入力してください。 - - &prompt.root; script /var/tmp/mw.out -Script started, output file is /var/tmp/mw.out -&prompt.root; make TARGET -… compile, compile, compile … -&prompt.root; exit -Script done, … - - /tmp - に出力を保存してはいけません。 - このディレクトリは、次の再起動で削除されてしまう可能性があります。 - 出力の保存には、/var/tmp や - root - のホームディレクトリが適しています。 - - /usr/src にて、 - 次のように実行してください。 - - &prompt.root; cd /usr/src - - - make - - - world を再構築するには、&man.make.1; を使用してください。 - このコマンドは、Makefile から、 - &os; を構成するプログラムの再構築方法や、 - どういう順番でそれらを構築すべきかといったような指示を読み込みます。 - - コマンドラインの一般的な書式は、次のとおりです。 + make の使用における一般的な書式は、 + 次のとおりです。 &prompt.root; make -x -DVARIABLE target この例では、 が - &man.make.1; に渡されるオプションになります。 + make に渡されるオプションになります。 どのようなオプションが利用できるかについては、&man.make.1; を参照してください。 - - は、Makefile に渡される変数であり、 + 変数を渡すには、変数の名前を + + のように指定してください。 この変数は Makefile の動作をコントロールします。 - また、/etc/make.conf で設定される変数も - 同様です。これは変数を設定するもう一つの方法として用意されています。 - たとえば以下の通りです。 + 変数の指定は、/etc/make.conf で設定するか、 + make の実行時に指定するかのどちらかで行います。 + たとえば、以下の変数は、プロファイル版のライブラリを構築しないことを指定します。 &prompt.root; make -DNO_PROFILE target - は、プロファイル版のライブラリを構築しないことを指定する - もう一つの記法で、/etc/make.conf 中の + これは、/etc/make.conf + の中で以下のように設定することに対応します。 NO_PROFILE= true # Avoid compiling profiled libraries - の行に対応します。 - - target は、&man.make.1; に + target は、make に どのように動作するのかを指示するためのものです。 - 各 Makefile には、数多くの異なる - ターゲット (target) が定義されていて、 - 指定されたターゲットによって動作が決まります。 - - Makefile に書かれているターゲットには、 + Makefile は利用可能なターゲットを定義しています。 + ターゲットには、 システムの再構築に必要な段階を、 多くのさらに細かい段階に分割するため、 構築の過程で利用されるものがあります。 - 大抵の場合、&man.make.1; - にパラメータを指定する必要はないでしょうから、 - コマンドラインは次のようなものになります。 - - &prompt.root; make target - - ここで、target - は、多くのビルドオプションのどれかになります。 - 最初のターゲットはいつも buildworld - になるでしょう。 - - その名前が示すように、buildworld は - /usr/obj - 以下に新しい完全なディレクトリツリーを構築し、 - installworld は、そのツリーを - 現在のマシンにインストールします。 - 選択肢が分けられていることは、二つの理由から有用です。 - まず第一に、構築作業は - 何にも依存せず独立して行なわれ、 - 稼働中のシステムにまったく影響を与えません。 - - そのため、マルチユーザモードで稼働中のシステムでも、何一つ - 悪影響を与えずに buildworld を - 実行することができます。 + まず第一に、構築作業は稼働中のシステムにまったく影響を与えません。 + そのため、マルチユーザモードで稼働中のシステムでも、安全に + buildworld を実行できます。 ただし、installworld は シングルユーザモードで行なうことをおすすめします。 - 第二に、NFS マウントを利用することで、 - ネットワーク上の複数のマシンをアップグレードすることが可能な点があげられます。 - たとえば三台のマシン、 - A, - B, C - をアップグレードしたい場合には、まずマシン A - で make buildworld と - make installworld を実行します。 - それから、マシン B - とマシン C - でマシン A の - /usr/src/usr/obj を - NFS マウントし、make installworld - とすることで構築済みのシステムを各マシンにインストールできます。 - - world ターゲットも利用可能ですが、 - このターゲットの利用は推奨されていません。 + 第二に、NFS マウントを利用することで、 で説明されているように、 + ネットワーク上の複数のマシンをアップグレードすることが可能な点があげられます。 - そのかわり、次のコマンド - - &prompt.root; make buildworld - - を実行してください。ここで make に + make をつけると、 同時に複数のプロセスを生成できます。 - この機能はマルチ CPU マシンで特に効果を発揮します。 - 構築過程の大部分では CPU 性能の限界より - I/O 性能の限界の方が問題となるため、シングル CPU - マシンにも効果があります。 - - 普通のシングル CPU マシンで以下のコマンド - - &prompt.root; make -j4 buildworld + 構築過程の大部分では CPU 性能の限界より + I/O 性能の限界の方が問題となるため、 + シングル CPU とマルチ CPU + マシンの両方に効果があります。 - を実行すると、&man.make.1; - は最大 4 個までのプロセスを同時に実行します。 + 普通のシングル CPU マシンで以下のコマンド + を実行すると、最大 4 個までのプロセスを同時に実行します。 メーリングリストに投稿された経験的な報告によると、 4 個という指定が最も良いパフォーマンスを示すようです。 - もし、複数の CPU を備えたマシンで SMP - 設定が行なわれたカーネルを利用しているなら、 - 6 から 10 の間の値を設定し、 + &prompt.root; make -j4 buildworld + + マルチ CPU マシンでは、 + 6 から 10 の間の値を設定し、 速度がどれくらい向上するか確認してみてください。 @@ -1823,20 +1764,15 @@ Script done, … 時間 - 構築時間を決める要素はさまざまありますが、 - 十分新しいマシンであれば、 - トリックや近道を使わずに普通に構築した場合、&os.stable; - の構築には 1, 2 時間しかかからないでしょう。 - &os.current; の構築は、もう少し時間がかかります。 - make buildworld に変数を指定した場合は、同じ指定を make installworld にも指定しなければなりません。 - ただし は - installworld で絶対に使ってはいけません。 + ただし installworld + では、 を + 絶対に使ってはいけません - たとえば以下のように実行したなら、 + たとえば、以下のコマンドを実行したなら、 &prompt.root; make -DNO_PROFILE buildworld @@ -1844,9 +1780,9 @@ Script done, … &prompt.root; make -DNO_PROFILE installworld - もしそうしなかった場合、 - make buildworld の段階で構築されていない - プロファイル版ライブラリをインストールしようとしてしまうでしょう。 + もしそうしなかった場合、2 番目のコマンドは、 + make buildworld + の段階で構築されていないプロファイル版ライブラリをインストールしようとしてしまうでしょう。 From owner-svn-doc-all@FreeBSD.ORG Mon May 26 14:36:11 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A84F7FEE; Mon, 26 May 2014 14:36:11 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 952F62959; Mon, 26 May 2014 14:36:11 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4QEaB8A058460; Mon, 26 May 2014 14:36:11 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4QEaBuA058459; Mon, 26 May 2014 14:36:11 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201405261436.s4QEaBuA058459@svn.freebsd.org> From: Mathieu Arnold Date: Mon, 26 May 2014 14:36:11 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44957 - head/en_US.ISO8859-1/books/porters-handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 May 2014 14:36:11 -0000 Author: mat (ports committer) Date: Mon May 26 14:36:11 2014 New Revision: 44957 URL: http://svnweb.freebsd.org/changeset/doc/44957 Log: Add a link to where examples of USES=dos2unix are. Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/uses.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/uses.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/uses.xml Mon May 26 11:34:02 2014 (r44956) +++ head/en_US.ISO8859-1/books/porters-handbook/uses.xml Mon May 26 14:36:11 2014 (r44957) @@ -182,7 +182,8 @@ DOS format which need to be converted. Three variables can be set to control which files will be converted. The default is to convert all files, - including binaries. + including binaries. See for examples. From owner-svn-doc-all@FreeBSD.ORG Mon May 26 15:14:16 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5ACFD2F2; Mon, 26 May 2014 15:14:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4699F2CF2; Mon, 26 May 2014 15:14:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4QFEGuq082992; Mon, 26 May 2014 15:14:16 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4QFEFKR082989; Mon, 26 May 2014 15:14:15 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201405261514.s4QFEFKR082989@svn.freebsd.org> From: Mathieu Arnold Date: Mon, 26 May 2014 15:14:15 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44958 - in head/en_US.ISO8859-1/books/porters-handbook: appendices makefiles special X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 May 2014 15:14:16 -0000 Author: mat (ports committer) Date: Mon May 26 15:14:15 2014 New Revision: 44958 URL: http://svnweb.freebsd.org/changeset/doc/44958 Log: Add xml:id to all
            and . Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/appendices/chapter.xml head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/appendices/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/appendices/chapter.xml Mon May 26 14:36:11 2014 (r44957) +++ head/en_US.ISO8859-1/books/porters-handbook/appendices/chapter.xml Mon May 26 15:14:15 2014 (r44958) @@ -13,7 +13,7 @@ Values of <varname>USES</varname> -
            +
            Values of <varname>USES</varname> @@ -40,7 +40,7 @@ sys/param.h: -
            +
            <literal>__FreeBSD_version</literal> Values Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Mon May 26 14:36:11 2014 (r44957) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Mon May 26 15:14:15 2014 (r44958) @@ -1649,7 +1649,7 @@ MASTER_SITE_SUBDIR= makeMASTER_SITES= SF MASTER_SITE_SUBDIR= stardict/WyabdcRealPeopleTTS/${PORTVERSION} -
            +
            Popular Magic <varname>MASTER_SITES</varname> Macros @@ -3117,7 +3117,7 @@ ALWAYS_KEEP_DISTFILES= yes lang/gccXY itself! -
            +
            The <varname>USE_<replaceable>*</replaceable></varname> Variables @@ -3264,7 +3264,7 @@ ALWAYS_KEEP_DISTFILES= yes indexing, which causes problems for port and package management. - + Wrong Declaration of an Optional Dependency .include <bsd.port.pre.mk> @@ -3284,7 +3284,7 @@ LIB_DEPENDS= libbar.so:${PORTSDIR}/foo/b determine their need for dependencies based on the existence of other files. - + Correct Declaration of an Optional Dependency OPTIONS_DEFINE= BAR @@ -3685,7 +3685,7 @@ EXAMPLES_CONFIGURE_WITH= examples --disable-xxx in CONFIGURE_ARGS. - + Wrong Handling of an Option .if ${PORT_OPTIONS:MFOO} @@ -3704,7 +3704,7 @@ CONFIGURE_ARGS+= --enable-foo system does not protest (no dependency on libfoo was recorded) but the application breaks. - + Correct Handling of an Option FOO_LIB_DEPENDS= libfoo.so:${PORTSDIR}/devel/foo Modified: head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Mon May 26 14:36:11 2014 (r44957) +++ head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Mon May 26 15:14:15 2014 (r44958) @@ -392,7 +392,7 @@ IGNORE= may not be redistributed because environment variables can be passed using CONFIGURE_ENV variable. -
            +
            Variables for Ports That Use <command>configure</command> @@ -449,7 +449,7 @@ IGNORE= may not be redistributed because USES= cmake:outsource to build in a separate directory (see below). -
            +
            Variables for Ports That Use <command>cmake</command> @@ -494,7 +494,7 @@ IGNORE= may not be redistributed because
            - +
            Variables the Users can define for <command>cmake</command> builds @@ -581,7 +581,7 @@ CMAKE_SOURCE_PATH= ${WRKSRC}/subp If your port uses SCons, define USE_SCONS=yes. -
            +
            Variables for Ports That Use <command>scons</command> @@ -933,7 +933,7 @@ PLIST_SUB+= NLS="@comment " USE_PERL5 like described in the perl5 USES description. -
            +
            Read-Only Variables for Ports That Use <application>Perl</application> @@ -1081,7 +1081,7 @@ PLIST_SUB+= NLS="@comment " USE_GL= glu -
            +
            Variables for Ports That Use X @@ -1292,7 +1292,7 @@ USE_XORG= x11 xpm The Qt framework exports a number of variables which can be used by ports, some of them listed below: -
            +
            Variables Provided to Ports That Use Qt @@ -1391,7 +1391,7 @@ PLIST_SUB+= QT_INCDIR=${QT_INCDIR_REL} \ _USE_QT5_ONLY variables in /usr/ports/Mk/bsd.qt.mk): -
            +
            Available Qt Library Components @@ -1465,7 +1465,7 @@ PLIST_SUB+= QT_INCDIR=${QT_INCDIR_REL} \ depends on, run ldd on the main executable after a successful compilation. -
            +
            Available Qt Tool Components @@ -1525,7 +1525,7 @@ PLIST_SUB+= QT_INCDIR=${QT_INCDIR_REL} \
            - +
            Available Qt Plugin Components @@ -1592,7 +1592,7 @@ PLIST_SUB+= QT_INCDIR=${QT_INCDIR_REL} \ linkend="using-qmake-example">USES= qmake example). -
            +
            Variables for Ports That Use <command>qmake</command> @@ -1700,7 +1700,7 @@ USE_QT5= buildtools_build/usr/ports/Mk/bsd.kde4.mk): -
            +
            Available KDE 4 Components @@ -1894,7 +1894,7 @@ USE_QT4= moc_build qmake_build rcc_build most current version, and &os; default is java/openjdk6. -
            +
            Variables Which May be Set by Ports That Use Java @@ -1964,7 +1964,7 @@ USE_QT4= moc_build qmake_build rcc_build Below is the list of all settings a port will receive after setting USE_JAVA: -
            +
            Variables Provided to Ports That Use Java @@ -2129,7 +2129,7 @@ USE_QT4= moc_build qmake_build rcc_build Additionally, the following constants are defined so all Java ports may be installed in a consistent way: -
            +
            Constants Defined for Ports That Use Java @@ -2304,7 +2304,7 @@ do-install: Apache -
            +
            Variables for Ports That Use Apache @@ -2369,7 +2369,7 @@ do-install:
            - +
            Useful Variables for Porting Apache Modules @@ -2452,7 +2452,7 @@ do-install: PHP -
            +
            Variables for Ports That Use PHP @@ -2599,7 +2599,7 @@ _DOCSDIR= . PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} -
            +
            Most Useful Variables for Ports That Use Python @@ -2719,7 +2719,7 @@ _DOCSDIR= . :xx, e.g.: USES=tcl:85. -
            +
            The Most Useful Read-Only Variables for Ports That Use <application>Tcl/Tk</application> @@ -2793,7 +2793,7 @@ _DOCSDIR= . Using Ruby -
            +
            Useful Variables for Ports That Use Ruby @@ -2838,7 +2838,7 @@ _DOCSDIR= . possible. These variables should not be redefined in the port. -
            +
            Selected Read-Only Variables for Ports That Use Ruby @@ -3133,7 +3133,7 @@ USE_SDL+= mixer wxWidgets versions and the corresponding ports in the tree: -
            +
            Available <application>wxWidgets</application> Versions @@ -3180,7 +3180,7 @@ USE_SDL+= mixer be set to one or more of the following combinations separated by spaces: -
            +
            <application>wxWidgets</application> Version Specifications @@ -3221,7 +3221,7 @@ USE_SDL+= mixer of versions, the first ones will have higher priority. -
            +
            Variables to Select Preferred <application>wxWidgets</application> Versions @@ -3257,7 +3257,7 @@ USE_SDL+= mixer WX_COMPS variable. The following components are available: -
            +
            Available <application>wxWidgets</application> Components @@ -3311,7 +3311,7 @@ USE_SDL+= mixer ). The following types are available: -
            +
            Available <application>wxWidgets</application> Dependency Types @@ -3518,7 +3518,7 @@ CONFIGURE_ARGS+= --enable-wxpython defining one from ). -
            +
            Variables Defined for Ports That Use <application>wxWidgets</application> @@ -3621,7 +3621,7 @@ PLIST_SUB+= VERSION="${VER_STR}" WX_CONF_ARGS variable can be used for provide them. -
            +
            Legal Values for <varname>WX_CONF_ARGS</varname> @@ -3714,7 +3714,7 @@ PLIST_SUB+= VERSION="${VER_STR}" Lua versions and the corresponding ports in the tree: -
            +
            Available <application>Lua</application> Versions @@ -3751,7 +3751,7 @@ PLIST_SUB+= VERSION="${VER_STR}" be set to one or more of the following combinations separated by spaces: -
            +
            <application>Lua</application> Version Specifications @@ -3792,7 +3792,7 @@ PLIST_SUB+= VERSION="${VER_STR}" of versions, the first ones will have higher priority. -
            +
            Variables to Select Preferred <application>Lua</application> Versions @@ -3842,7 +3842,7 @@ WANT_LUA_VER= 5.0LUA_COMPS variable. The following components are available: -
            +
            Available <application>Lua</application> Components @@ -3889,7 +3889,7 @@ WANT_LUA_VER= 5.0). The following types are available: -
            +
            Available <application>Lua</application> Dependency Types @@ -4026,7 +4026,7 @@ CONFIGURE_ARGS+= --enable-tolua defining one from ). -
            +
            Variables Defined for Ports That Use <application>Lua</application> @@ -4420,7 +4420,7 @@ post-patch: Using Mozilla -
            +
            Variables for Ports That Use Mozilla @@ -4500,7 +4500,7 @@ post-patch: Using Databases -
            +
            Variables for Ports Using Databases From owner-svn-doc-all@FreeBSD.ORG Mon May 26 16:34:04 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D06E99B7; Mon, 26 May 2014 16:34:04 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B101B259B; Mon, 26 May 2014 16:34:04 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4QGY4HG036748; Mon, 26 May 2014 16:34:04 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4QGY4Cf036747; Mon, 26 May 2014 16:34:04 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201405261634.s4QGY4Cf036747@svn.freebsd.org> From: Mathieu Arnold Date: Mon, 26 May 2014 16:34:04 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44959 - head/en_US.ISO8859-1/books/porters-handbook/special X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 May 2014 16:34:05 -0000 Author: mat (ports committer) Date: Mon May 26 16:34:04 2014 New Revision: 44959 URL: http://svnweb.freebsd.org/changeset/doc/44959 Log: Major axing of the lua part, it is much, much simpler now. Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Mon May 26 15:14:15 2014 (r44958) +++ head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Mon May 26 16:34:04 2014 (r44959) @@ -3676,355 +3676,21 @@ PLIST_SUB+= VERSION="${VER_STR}" Version Selection - To make your port use a specific version of - Lua there are two variables - available for defining (if only one is defined the other - will be set to a default value): - -
            - Variables to Select <application>Lua</application> - Versions + A port using Lua only needs to + have the following line: - - - - Variable - Description - Default value - - - - - - USE_LUA - List of versions the port can use - All available versions - - - - USE_LUA_NOT - List of versions the port can not use - None - - - -
            - - The following is a list of available - Lua versions and the - corresponding ports in the tree: - - - Available <application>Lua</application> - Versions - - - - - Version - Port - - - - - - 4.0 - lang/lua4 - - - - 5.0 - lang/lua50 - - - - 5.1 - lang/lua - - - -
            - - The variables in can - be set to one or more of the following combinations - separated by spaces: - - - <application>Lua</application> Version - Specifications - - - - - Description - Example - - - - - - Single version - 4.0 - - - - Ascending range - 5.0+ - - - - Descending range - 5.0- - - - - Full range (must be ascending) - 5.0-5.1 - - - -
            - - There are also some variables to select the preferred - versions from the available ones. They can be set to a list - of versions, the first ones will have higher - priority. - - - Variables to Select Preferred - <application>Lua</application> Versions - - - - - Name - Designed for - - - - - - WANT_LUA_VER - the port - - - - WITH_LUA_VER - the user - - - -
            - - - Selecting the <application>Lua</application> - Version - - The following fragment is from a port which can use - Lua version - 5.0 or 5.1, and uses - 5.0 by default. It can be overridden - by the user with WITH_LUA_VER. - - USE_LUA= 5.0-5.1 -WANT_LUA_VER= 5.0 - -             - - - Component Selection - - There are other applications that, while not being - Lua libraries, are related to - them. These applications can be specified in the - LUA_COMPS variable. The following - components are available: - - - Available <application>Lua</application> - Components - - - - - Name - Description - Version restriction - - - - - - lua - main library - none - - - - tolua - Library for accessing C/C++ code - 4.0-5.0 - - - - ruby - Ruby bindings - 4.0-5.0 - - - -
            - - - There are more components but they are modules for the - interpreter, not used by applications (only by other - modules). - - - The dependency type can be selected for each component - by adding a suffix separated by a semicolon. If not present - then a default type will be used (see - ). The following types - are available: - - - Available <application>Lua</application> Dependency - Types + USES= lua - - - - Name - Description - - - - - - build - Component is required for building, equivalent - to BUILD_DEPENDS - - - - run - Component is required for running, equivalent - to RUN_DEPENDS - - - - lib - Component is required for building and running, - equivalent to LIB_DEPENDS - - - -
            - - The default values for the components are detailed in - the following table: - - - Default <application>Lua</application> Dependency - Types - - - - - Component - Dependency type - - - - - - lua - lib for - 4.0-5.0 (shared) and - build for 5.1 - (static) - - - - tolua - build (static) - - - - ruby - lib (shared) - - - -
            - - - Selecting <application>Lua</application> - Components - - The following fragment corresponds to a port which - uses Lua version - 4.0 and its - Ruby bindings. - - USE_LUA= 4.0 -LUA_COMPS= lua ruby - -             - - - Detecting Installed Versions - - To detect an installed version you have to define - WANT_LUA. If you do not set it to a - specific version then the components will have a version - suffix. The HAVE_LUA variable will be - filled after detection. - - - Detecting Installed <application>Lua</application> - Versions and Components - - The following fragment can be used in a port that uses - Lua if it is installed, or an - option is selected. - - WANT_LUA= yes - -.include <bsd.port.pre.mk> - -.if defined(WITH_LUA5) || !empty(PORT_OPTIONS:MLUA5) || !empty(HAVE_LUA:Mlua-5.[01]) -USE_LUA= 5.0-5.1 -CONFIGURE_ARGS+= --enable-lua5 -.endif - - The following fragment can be used in a port that - enables tolua support if it is - installed or if an option is selected, in addition to - Lua, both version - 4.0. - - USE_LUA= 4.0 -LUA_COMPS= lua -WANT_LUA= 4.0 - -.include <bsd.port.pre.mk> - -.if defined(WITH_TOLUA) || !empty(PORT_OPTIONS:MTOLUA) || !empty(HAVE_LUA:Mtolua) -LUA_COMPS+= tolua -CONFIGURE_ARGS+= --enable-tolua -.endif - + If a specific version of Lua is needed, instructions on + how to select it are given in the USES=lua part + of . Defined Variables - The following variables are available in the port (after - defining one from - ). + The following variables are available in the port. Variables Defined for Ports That Use @@ -4047,13 +3713,6 @@ CONFIGURE_ARGS+= --enable-tolua </row> <row> - <entry><varname>LUA_VER_SH</varname></entry> - <entry>The <application>Lua</application> shared - library major version (e.g., - <literal>1</literal>)</entry> - </row> - - <row> <entry><varname>LUA_VER_STR</varname></entry> <entry>The <application>Lua</application> version without the dots (e.g., @@ -4122,75 +3781,9 @@ CONFIGURE_ARGS+= --enable-tolua <entry>The path to the <application>Lua</application> compiler</entry> </row> - - <row> - <entry><varname>TOLUA_CMD</varname></entry> - <entry>The path to the - <application>tolua</application> program</entry> - </row> </tbody> </tgroup> </table> - - <example xml:id="lua-variables-example"> - <title>Telling the Port Where to Find - <application>Lua</application> - - The following fragment shows how to tell a port that - uses a configure script where the - Lua header files and libraries - are. - - USE_LUA= 4.0 -GNU_CONFIGURE= yes -CONFIGURE_ENV= CPPFLAGS="-I${LUA_INCDIR}" LDFLAGS="-L${LUA_LIBDIR}" - - - - - Processing in - <filename>bsd.port.pre.mk</filename> - - If you need to use the variables for running commands - right after including bsd.port.pre.mk - you need to define LUA_PREMK. - - - If you define LUA_PREMK, then the - version, dependencies, components and defined variables - will not change if you modify the - Lua port variables - after including - bsd.port.pre.mk. - - - - Using <application>Lua</application> Variables in - Commands - - The following fragment illustrates the use of - LUA_PREMK by running the - Lua interpreter to obtain the - full version string, assign it to a variable and pass it - to the program. - - USE_LUA= 5.0 -LUA_PREMK= yes - -.include <bsd.port.pre.mk> - -.if exists(${LUA_CMD}) -VER_STR!= ${LUA_CMD} -v - -CFLAGS+= -DLUA_VERSION_STRING="${VER_STR}" -.endif - - - - The Lua variables can be - safely used in commands when they are inside targets - without the need of LUA_PREMK. - From owner-svn-doc-all@FreeBSD.ORG Mon May 26 17:10:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0727A38F; Mon, 26 May 2014 17:10:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E7420283B; Mon, 26 May 2014 17:10:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4QHAtjg059877; Mon, 26 May 2014 17:10:55 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4QHAtNJ059875; Mon, 26 May 2014 17:10:55 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405261710.s4QHAtNJ059875@svn.freebsd.org> From: Benedict Reuschling Date: Mon, 26 May 2014 17:10:55 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44960 - head/en_US.ISO8859-1/articles/remote-install X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 May 2014 17:10:56 -0000 Author: bcr Date: Mon May 26 17:10:55 2014 New Revision: 44960 URL: http://svnweb.freebsd.org/changeset/doc/44960 Log: Remove contractions, improve capitalization, clean up redundant markup and words. Modified: head/en_US.ISO8859-1/articles/remote-install/article.xml Modified: head/en_US.ISO8859-1/articles/remote-install/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/remote-install/article.xml Mon May 26 16:34:04 2014 (r44959) +++ head/en_US.ISO8859-1/articles/remote-install/article.xml Mon May 26 17:10:55 2014 (r44960) @@ -2,7 +2,7 @@
            - Remote Installation of the &os; Operating System without a + <info><title>Remote Installation of the &os; Operating System Without a Remote Console @@ -44,7 +44,7 @@ In some cases, these companies will install your preferred &linux; distribution if you request it. Using this option, we will attempt to install &os;. In other cases, they may offer a rescue - system which would be used in an emergency. It's possible to use + system which would be used in an emergency. It is possible to use this for our purposes as well. This article covers the basic installation and configuration @@ -166,7 +166,7 @@ Another important thing to set is the root password. This can be done by editing - the conf/rootpw.conf file. Please keep in + conf/rootpw.conf. Please keep in mind that the file will contain your password in the plain text, thus we do not recommend to use real password here. Nevertheless, this is just a temporary one-time password which @@ -189,17 +189,16 @@ initconf_ip_ext1="192.168.0.2" initconf_netmask_ext1="255.255.255.0" Do not forget to add the defaultrouter - information to the conf/rc.conf - file: + information to conf/rc.conf: defaultrouter="192.168.0.1" - The <filename>conf/rc.conf</filename> method + The <filename>conf/rc.conf</filename> Method When the network interface driver is known, it is more - convenient to use the conf/rc.conf file + convenient to use conf/rc.conf for networking options. The syntax of this file is the same as the one used in the standard &man.rc.conf.5; file of &os;. @@ -214,7 +213,7 @@ ifconfig_re0="inet 192.168.0.2 netmask 2 - Building an <application>mfsBSD</application> image + Building an <application>mfsBSD</application> Image The process of building an mfsBSD image is pretty straightforward. @@ -236,9 +235,9 @@ ifconfig_re0="inet 192.168.0.2 netmask 2 &prompt.root; make BASE=/cdrom/7.0-RELEASE - The above make command has to be run + The above make has to be run from the top level of the mfsBSD - directory tree, i.e. ~/mfsbsd-1.0-beta1/. + directory tree, for example ~/mfsbsd-1.0-beta1/. @@ -271,7 +270,7 @@ ifconfig_re0="inet 192.168.0.2 netmask 2 - Installation of The &os; Operating System + Installation of the &os; Operating System The mfsBSD has been successfully booted and it should be possible to log in through &man.ssh.1;. @@ -307,7 +306,7 @@ ifconfig_re0="inet 192.168.0.2 netmask 2 introduction, this article will present how to set up a system with RAID-1 and ZFS capabilities. Our set up will consist of a small &man.gmirror.8; mirrored - / (root), /usr and /var file systems, and the rest of + / (root), /usr and /var dataset, and the rest of the disk space will be allocated for a &man.zpool.8; mirrored ZFS file system. Please note, that the ZFS file system will be @@ -369,7 +368,7 @@ ifconfig_re0="inet 192.168.0.2 netmask 2 - Note the option used for swap + Note that is used for the swap partition. This instructs &man.gmirror.8; to assume that the device is in the consistent state after the power/system failure. @@ -414,13 +413,13 @@ ifconfig_re0="inet 192.168.0.2 netmask 2 Go to the Distributions menu, - move the cursor with the arrow keys on the - option, and check it by pressing + move the cursor with the arrow keys to + , and check it by pressing Space. This article uses the Minimal distribution in order to save network traffic, because the system itself will be installed over ftp. Exit this menu by choosing - option. + . The Partition and @@ -470,9 +469,9 @@ ifconfig_re0="inet 192.168.0.2 netmask 2 /etc/resolv.conf and /etc/fstab files. Do not forget to properly set the network information and to enable - sshd in the - /etc/rc.conf file. The contents of the - /etc/fstab file will be similar to the + sshd in + /etc/rc.conf. The contents of + /etc/fstab will be similar to the following: # Device Mountpoint FStype Options Dump Pass# @@ -484,7 +483,7 @@ ifconfig_re0="inet 192.168.0.2 netmask 2 - Create the /boot/loader.conf file, + Create /boot/loader.conf with the following contents: geom_mirror_load="YES" @@ -539,7 +538,7 @@ zfs_load="YES" &prompt.root; zfs set mountpoint=/usr/ports tank/ports &prompt.root; zfs set mountpoint=/usr/src tank/src - That's all. If you are interested in more details about + That is all. If you are interested in more details about ZFS on &os;, please refer to the ZFS section of the &os; Wiki. From owner-svn-doc-all@FreeBSD.ORG Mon May 26 17:21:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 691204D6; Mon, 26 May 2014 17:21:12 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 54C3B28F0; Mon, 26 May 2014 17:21:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4QHLCFt065897; Mon, 26 May 2014 17:21:12 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4QHLCFv065896; Mon, 26 May 2014 17:21:12 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405261721.s4QHLCFv065896@svn.freebsd.org> From: Benedict Reuschling Date: Mon, 26 May 2014 17:21:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44961 - head/en_US.ISO8859-1/articles/remote-install X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 May 2014 17:21:12 -0000 Author: bcr Date: Mon May 26 17:21:11 2014 New Revision: 44961 URL: http://svnweb.freebsd.org/changeset/doc/44961 Log: Whitespace fixes. Translators can ignore them. Modified: head/en_US.ISO8859-1/articles/remote-install/article.xml Modified: head/en_US.ISO8859-1/articles/remote-install/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/remote-install/article.xml Mon May 26 17:10:55 2014 (r44960) +++ head/en_US.ISO8859-1/articles/remote-install/article.xml Mon May 26 17:21:11 2014 (r44961) @@ -1,14 +1,24 @@ -
            - Remote Installation of the &os; Operating System Without a +<article xmlns="http://docbook.org/ns/docbook" + xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" + xml:lang="en"> + <info> + <title>Remote Installation of the &os; Operating System Without a Remote Console - - DanielGerzo -
            danger@FreeBSD.org
            -             + + + Daniel + Gerzo + + +
            + danger@FreeBSD.org +
            +             +             &tm-attrib.freebsd; @@ -27,25 +37,25 @@ This article documents the remote installation of the &os; operating system when the console of the remote system is - unavailable. The main idea behind this article is the result of - a collaboration with &a.mm.email; with valuable input provided by - &a.pjd.email;. + unavailable. The main idea behind this article is the result + of a collaboration with &a.mm.email; with valuable input + provided by &a.pjd.email;.             Background - There are many server hosting providers in the world, but very - few of them are officially supporting &os;. They usually provide - support for a &linux; distribution to be installed on the servers - they offer. + There are many server hosting providers in the world, but + very few of them are officially supporting &os;. They usually + provide support for a &linux; distribution to be installed on + the servers they offer. In some cases, these companies will install your preferred - &linux; distribution if you request it. Using this option, we will - attempt to install &os;. In other cases, they may offer a rescue - system which would be used in an emergency. It is possible to use - this for our purposes as well. + &linux; distribution if you request it. Using this option, we + will attempt to install &os;. In other cases, they may offer a + rescue system which would be used in an emergency. It is + possible to use this for our purposes as well. This article covers the basic installation and configuration steps required to bootstrap a remote installation of &os; with @@ -56,18 +66,20 @@ Introduction This section will summarize the purpose of this article and - better explain what is covered herein. The instructions included - in this article will benefit those using services provided by - colocation facilities not supporting &os;. + better explain what is covered herein. The instructions + included in this article will benefit those using services + provided by colocation facilities not supporting &os;. - As we have mentioned in the Background section, many of the - reputable server hosting companies provide some kind of rescue - system, which is booted from their LAN and - accessible over SSH. They usually - provide this support in order to help their customers fix - broken operating systems. As this article will explain, it is + As we have mentioned in the Background section, many of + the reputable server hosting companies provide some kind of + rescue system, which is booted from their + LAN and accessible over + SSH. They usually provide this + support in order to help their customers fix broken + operating systems. As this article will explain, it is possible to install &os; with the help of these rescue systems. - - Introduction - - - Documentation + + Introduction - Documentation on kernel programming is scarce — it is one of - few areas where there is nearly nothing in the way of friendly - tutorials, and the phrase use the source! really - holds true. However, there are some bits and pieces (some of - them seriously outdated) floating around that should be studied - before beginning to code: - - - - The FreeBSD - Developer's Handbook — part of the documentation - project, it does not contain anything specific to kernel - programming, but rather some general useful information. - - The FreeBSD - Architecture Handbook — also from the documentation - project, contains descriptions of several low-level facilities - and procedures. The most important chapter is 13, Writing - FreeBSD device drivers. - - The Blueprints section of FreeBSD Diary web - site — contains several interesting articles on kernel - facilities. - - The man pages in section 9 — for important - documentation on kernel functions. - - The &man.geom.4; man page and PHK's GEOM slides - — for general introduction of the GEOM - subsystem. - - Man pages &man.g.bio.9;, &man.g.event.9;, &man.g.data.9;, - &man.g.geom.9;, &man.g.provider.9; &man.g.consumer.9;, &man.g.access.9; - & others linked from those, for documentation on specific - functionalities. - - - The &man.style.9; man page — for documentation on - the coding-style conventions which must be followed for any code - which is to be committed to the FreeBSD Subversion tree. - - + + Documentation + Documentation on kernel programming is scarce — it + is one of few areas where there is nearly nothing in the way + of friendly tutorials, and the phrase use the + source! really holds true. However, there are some + bits and pieces (some of them seriously outdated) floating + around that should be studied before beginning to code: + + + + The FreeBSD + Developer's Handbook — part of the + documentation project, it does not contain anything + specific to kernel programming, but rather some general + useful information. + + + + The FreeBSD + Architecture Handbook — also from the + documentation project, contains descriptions of several + low-level facilities and procedures. The most important + chapter is 13, Writing + FreeBSD device drivers. + + + + The Blueprints section of FreeBSD + Diary web site — contains several + interesting articles on kernel + facilities. + + + + The man pages in section 9 — for important + documentation on kernel functions. + + + + The &man.geom.4; man page and PHK's GEOM + slides — for general introduction of the + GEOM subsystem. + + + + Man pages &man.g.bio.9;, &man.g.event.9;, + &man.g.data.9;, &man.g.geom.9;, &man.g.provider.9; + &man.g.consumer.9;, &man.g.access.9; & others linked + from those, for documentation on specific + functionalities. + + + + The &man.style.9; man page — for documentation + on the coding-style conventions which must be followed for + any code which is to be committed to the FreeBSD + Subversion tree. + + @@ -89,75 +116,77 @@ Preliminaries The best way to do kernel development is to have (at least) - two separate computers. One of these would contain the + two separate computers. One of these would contain the development environment and sources, and the other would be used to test the newly written code by network-booting and network-mounting filesystems from the first one. This way if the new code contains bugs and crashes the machine, it will not - mess up the sources (and other live data). The - second system does not even require a proper display. Instead, it - could be connected with a serial cable or KVM to the first + mess up the sources (and other live data). The + second system does not even require a proper display. Instead, + it could be connected with a serial cable or KVM to the first one. - But, since not everybody has two or more computers handy, there are - a few things that can be done to prepare an otherwise live - system for developing kernel code. This setup is also applicable - for developing in a VMWare - or QEmu virtual machine (the - next best thing after a dedicated development machine). + But, since not everybody has two or more computers handy, + there are a few things that can be done to prepare an otherwise + live system for developing kernel code. This + setup is also applicable for developing in a VMWare or QEmu virtual machine + (the next best thing after a dedicated development + machine). Modifying a System for Development For any kernel programming a kernel with - enabled is a must-have. So enter - these in your kernel configuration file: + enabled is a must-have. So enter + these in your kernel configuration file: - options INVARIANT_SUPPORT + options INVARIANT_SUPPORT options INVARIANTS - For more debugging you should also include WITNESS support, - which will alert you of mistakes in locking: + For more debugging you should also include WITNESS + support, which will alert you of mistakes in locking: - options WITNESS_SUPPORT + options WITNESS_SUPPORT options WITNESS For debugging crash dumps, a kernel with debug symbols is - needed: + needed: makeoptions DEBUG=-g With the usual way of installing the kernel (make - installkernel) the debug kernel will not be - automatically installed. It is called - kernel.debug and located in - /usr/obj/usr/src/sys/KERNELNAME/. For - convenience it should be copied to - /boot/kernel/. + installkernel) the debug kernel will not be + automatically installed. It is called + kernel.debug and located in + /usr/obj/usr/src/sys/KERNELNAME/. For + convenience it should be copied to + /boot/kernel/. Another convenience is enabling the kernel debugger so you - can examine a kernel panic when it happens. For this, enter - the following lines in your kernel configuration file: + can examine a kernel panic when it happens. For this, enter + the following lines in your kernel configuration file: options KDB options DDB options KDB_TRACE For this to work you might need to set a sysctl (if it is - not on by default): + not on by default): debug.debugger_on_panic=1 Kernel panics will happen, so care should be taken with - the filesystem cache. In particular, having softupdates might - mean the latest file version could be lost if a panic occurs - before it is committed to storage. Disabling softupdates - yields a great performance hit, and still does not guarantee - data consistency. Mounting filesystem with the sync option - is needed for that. For a compromise, the softupdates cache delays can - be shortened. There are three sysctl's that are useful for - this (best to be set in - /etc/sysctl.conf): + the filesystem cache. In particular, having softupdates might + mean the latest file version could be lost if a panic occurs + before it is committed to storage. Disabling softupdates + yields a great performance hit, and still does not guarantee + data consistency. Mounting filesystem with the + sync option is needed for that. For a + compromise, the softupdates cache delays can be shortened. + There are three sysctl's that are useful for this (best to be + set in /etc/sysctl.conf): kern.filedelay=5 kern.dirdelay=4 @@ -166,76 +195,79 @@ kern.metadelay=3 The numbers represent seconds. For debugging kernel panics, kernel core dumps are - required. Since a kernel panic might make filesystems - unusable, this crash dump is first written to a raw - partition. Usually, this is the swap partition. This partition must be at - least as large as the physical RAM in the machine. On the - next boot, the dump is copied to a regular file. - This happens after filesystems are checked and mounted, and - before swap is enabled. This is controlled with two - /etc/rc.conf variables: + required. Since a kernel panic might make filesystems + unusable, this crash dump is first written to a raw partition. + Usually, this is the swap partition. This partition must be + at least as large as the physical RAM in the machine. On the + next boot, the dump is copied to a regular file. This happens + after filesystems are checked and mounted, and before swap is + enabled. This is controlled with two + /etc/rc.conf variables: dumpdev="/dev/ad0s4b" dumpdir="/usr/core The dumpdev variable specifies the swap - partition and dumpdir tells the system - where in the filesystem to relocate the core dump on reboot. + partition and dumpdir tells the system + where in the filesystem to relocate the core dump on + reboot. Writing kernel core dumps is slow and takes a long time so - if you have lots of memory (>256M) and lots of panics it could - be frustrating to sit and wait while it is done (twice — first - to write it to swap, then to relocate it to filesystem). It is - convenient then to limit the amount of RAM the system will use - via a /boot/loader.conf tunable: + if you have lots of memory (>256M) and lots of panics it + could be frustrating to sit and wait while it is done (twice + — first to write it to swap, then to relocate it to + filesystem). It is convenient then to limit the amount of RAM + the system will use via a + /boot/loader.conf tunable: hw.physmem="256M" If the panics are frequent and filesystems large (or you - simply do not trust softupdates+background fsck) it is advisable - to turn background fsck off via - /etc/rc.conf variable: + simply do not trust softupdates+background fsck) it is + advisable to turn background fsck off via + /etc/rc.conf variable: background_fsck="NO" This way, the filesystems will always get checked when - needed. Note that with background fsck, a new panic could happen while - it is checking the disks. Again, the safest way is not to have - many local filesystems by using another computer as an NFS - server. + needed. Note that with background fsck, a new panic could + happen while it is checking the disks. Again, the safest way + is not to have many local filesystems by using another + computer as an NFS server. Starting the Project For the purpose of creating a new GEOM class, an empty - subdirectory has to be created under an arbitrary user-accessible - directory. You do not have to create the module directory under - /usr/src. + subdirectory has to be created under an arbitrary + user-accessible directory. You do not have to create the + module directory under /usr/src. The Makefile It is good practice to create - Makefiles for every nontrivial coding - project, which of course includes kernel modules. + Makefiles for every nontrivial coding + project, which of course includes kernel modules. Creating the Makefile is simple - thanks to an extensive set of helper routines provided by the - system. In short, here is how a minimal Makefile - looks for a kernel module: + thanks to an extensive set of helper routines provided by the + system. In short, here is how a minimal + Makefile looks for a kernel + module: SRCS=g_journal.c KMOD=geom_journal .include <bsd.kmod.mk> - This Makefile (with changed filenames) - will do for any kernel module, and a GEOM class can reside in just - one kernel module. If more than one file is required, list it in the - SRCS variable, separated with whitespace from - other filenames. + This Makefile (with changed + filenames) will do for any kernel module, and a GEOM class can + reside in just one kernel module. If more than one file is + required, list it in the SRCS variable, + separated with whitespace from other filenames. @@ -245,76 +277,77 @@ KMOD=geom_journal Memory Allocation - See &man.malloc.9;. Basic memory allocation is only - slightly different than its userland equivalent. Most - notably, malloc() and - free() accept additional parameters as is - described in the man page. + See &man.malloc.9;. Basic memory allocation is only + slightly different than its userland equivalent. Most + notably, malloc() and + free() accept additional parameters as is + described in the man page. A malloc type must be declared in the - declaration section of a source file, like this: + declaration section of a source file, like this: static MALLOC_DEFINE(M_GJOURNAL, "gjournal data", "GEOM_JOURNAL Data"); To use this macro, sys/param.h, - sys/kernel.h and - sys/malloc.h headers must be - included. + sys/kernel.h and + sys/malloc.h headers must be + included. There is another mechanism for allocating memory, the UMA - (Universal Memory Allocator). See &man.uma.9; for details, but - it is a special type of allocator mainly used for speedy - allocation of lists comprised of same-sized items (for - example, dynamic arrays of structs). + (Universal Memory Allocator). See &man.uma.9; for details, + but it is a special type of allocator mainly used for speedy + allocation of lists comprised of same-sized items (for + example, dynamic arrays of structs). Lists and Queues - See &man.queue.3;. There are a LOT of cases when a list of - things needs to be maintained. Fortunately, this data - structure is implemented (in several ways) by C macros - included in the system. The most used list type is TAILQ - because it is the most flexible. It is also the one with largest - memory requirements (its elements are doubly-linked) and - also the slowest (although the speed variation is on - the order of several CPU instructions more, so it should not be - taken seriously). + See &man.queue.3;. There are a LOT of cases when a list + of things needs to be maintained. Fortunately, this data + structure is implemented (in several ways) by C macros + included in the system. The most used list type is TAILQ + because it is the most flexible. It is also the one with + largest memory requirements (its elements are doubly-linked) + and also the slowest (although the speed variation is on the + order of several CPU instructions more, so it should not be + taken seriously). If data retrieval speed is very important, see - &man.tree.3; and &man.hashinit.9;. + &man.tree.3; and &man.hashinit.9;. BIOs - Structure bio is used for any and - all Input/Output operations concerning GEOM. It basically - contains information about what device ('provider') should - satisfy the request, request type, offset, length, pointer to - a buffer, and a bunch of user-specific flags - and fields that can help implement various hacks. - - The important thing here is that bios - are handled asynchronously. That means that, in most parts of the code, - there is no analogue to userland's &man.read.2; and - &man.write.2; calls that do not return until a request is - done. Rather, a developer-supplied function is called as a - notification when the request gets completed (or results in - error). - - The asynchronous programming model (also - called event-driven) is somewhat harder - than the much more used imperative one used in userland - (at least it takes a - while to get used to it). In some cases the helper routines - g_write_data() and - g_read_data() can be used, but not - always. In particular, they cannot be used when - a mutex is held; for example, the GEOM topology mutex or - the internal mutex held during the .start() and - .stop() functions. - + Structure bio is + used for any and all Input/Output operations concerning GEOM. + It basically contains information about what device + ('provider') should satisfy the request, request type, offset, + length, pointer to a buffer, and a bunch of + user-specific flags and fields that can help + implement various hacks. + + The important thing here is that bios are handled + asynchronously. That means that, in most parts of the code, + there is no analogue to userland's &man.read.2; and + &man.write.2; calls that do not return until a request is + done. Rather, a developer-supplied function is called as a + notification when the request gets completed (or results in + error). + + The asynchronous programming model (also called + event-driven) is somewhat harder than the much + more used imperative one used in userland (at least it takes a + while to get used to it). In some cases the helper routines + g_write_data() and + g_read_data() can be used, but + not always. In particular, they cannot + be used when a mutex is held; for example, the GEOM topology + mutex or the internal mutex held during the + .start() and .stop() + functions. @@ -325,109 +358,131 @@ KMOD=geom_journal Ggate If maximum performance is not needed, a much simpler way - of making a data transformation is to implement it in userland - via the ggate (GEOM gate) facility. Unfortunately, there is no - easy way to convert between, or even share code between the - two approaches. + of making a data transformation is to implement it in userland + via the ggate (GEOM gate) facility. Unfortunately, there is + no easy way to convert between, or even share code between the + two approaches. GEOM Class - GEOM classes are transformations on the data. These transformations - can be combined in a tree-like fashion. Instances of GEOM classes are - called geoms. - - Each GEOM class has several class methods that get called - when there is no geom instance available (or they are simply not - bound to a single instance): - - - - .init is called when GEOM - becomes aware of a GEOM class (when the kernel module - gets loaded.) - - .fini gets called when GEOM - abandons the class (when the module gets - unloaded) - - .taste is called next, once for - each provider the system has available. If applicable, this - function will usually create and start a geom - instance. - - .destroy_geom is called when - the geom should be disbanded - - .ctlconf is called when user - requests reconfiguration of existing geom - + GEOM classes are transformations on the data. These + transformations can be combined in a tree-like fashion. + Instances of GEOM classes are called + geoms. + + Each GEOM class has several class methods + that get called when there is no geom instance available (or + they are simply not bound to a single instance): + + + + .init is called when GEOM becomes + aware of a GEOM class (when the kernel module gets + loaded.) + + + + .fini gets called when GEOM + abandons the class (when the module gets + unloaded) + + + + .taste is called next, once for + each provider the system has available. If applicable, + this function will usually create and start a geom + instance. + + + + .destroy_geom is called when the + geom should be disbanded + + + + .ctlconf is called when user + requests reconfiguration of existing + geom + Also defined are the GEOM event functions, which will get - copied to the geom instance. + copied to the geom instance. - Field .geom in the - g_class structure is a LIST of geoms - instantiated from the class. - - These functions are called from the g_event kernel thread. + Field .geom in the g_class structure is a LIST of + geoms instantiated from the class. + These functions are called from the g_event kernel + thread. Softc The name softc is a legacy term for - driver private data. The name most probably - comes from the archaic term software control block. - In GEOM, it is a structure (more precise: pointer to a - structure) that can be attached to a geom instance to hold - whatever data is private to the geom instance. Most GEOM classes - have the following members: - - - struct g_provider *provider : The - provider this geom instantiates - - uint16_t n_disks : Number of - consumer this geom consumes - - struct g_consumer **disks : Array - of struct g_consumer*. (It is not possible - to use just single indirection because struct g_consumer* - are created on our behalf by GEOM). - - - The softc structure contains all - the state of geom instance. Every geom instance has its own - softc. + driver private data. The name most probably + comes from the archaic term software control + block. In GEOM, it is a structure (more precise: + pointer to a structure) that can be attached to a geom + instance to hold whatever data is private to the geom + instance. Most GEOM classes have the following + members: + + + + struct g_provider *provider : The + provider this geom + instantiates + + + + uint16_t n_disks : Number of + consumer this geom consumes + + + + struct g_consumer **disks : Array + of struct g_consumer*. (It is not + possible to use just single indirection because struct + g_consumer* are created on our behalf by + GEOM). + + + + The softc structure + contains all the state of geom instance. Every geom instance + has its own softc. Metadata Format of metadata is more-or-less class-dependent, but - MUST start with: + MUST start with: + + 16 byte buffer for null-terminated signature (usually + the class name) + - 16 byte buffer for null-terminated signature - (usually the class name) - - uint32 version ID - + + uint32 version ID + - It is assumed that geom classes know how to handle metadata - with version ID's lower than theirs. + It is assumed that geom classes know how to handle + metadata with version ID's lower than theirs. Metadata is located in the last sector of the provider - (and thus must fit in it). + (and thus must fit in it). (All this is implementation-dependent but all existing - code works like that, and it is supported by libraries.) + code works like that, and it is supported by + libraries.) @@ -436,271 +491,327 @@ KMOD=geom_journal The sequence of events is: - - user calls &man.geom.8; utility (or one of its - hardlinked friends) - - the utility figures out which geom class it is - supposed to handle and searches for - geom_CLASSNAME.so - library (usually in - /lib/geom). - - it &man.dlopen.3;-s the library, extracts the - definitions of command-line parameters and helper - functions. - + + user calls &man.geom.8; utility (or one of its + hardlinked friends) + + + + the utility figures out which geom class it is + supposed to handle and searches for + geom_CLASSNAME.so + library (usually in + /lib/geom). + + + + it &man.dlopen.3;-s the library, extracts the + definitions of command-line parameters and helper + functions. + In the case of creating/labeling a new geom, this is what - happens: + happens: - - &man.geom.8; looks in the command-line argument - for the command (usually ), and calls a helper - function. - - The helper function checks parameters and gathers - metadata, which it proceeds to write to all concerned - providers. - - This spoils existing geoms (if any) and - initializes a new round of tasting of the providers. The - intended geom class recognizes the metadata and brings the - geom up. - + + &man.geom.8; looks in the command-line argument for + the command (usually ), and calls a + helper function. + + + + The helper function checks parameters and gathers + metadata, which it proceeds to write to all concerned + providers. + + + + This spoils existing geoms (if any) and + initializes a new round of tasting of the + providers. The intended geom class recognizes the + metadata and brings the geom up. + (The above sequence of events is implementation-dependent - but all existing code works like that, and it is supported by - libraries.) - + but all existing code works like that, and it is supported by + libraries.) GEOM Command Structure The helper geom_CLASSNAME.so library - exports class_commands structure, - which is an array of struct g_command - elements. Commands are of uniform format and look like: + exports class_commands + structure, which is an array of struct g_command elements. + Commands are of uniform format and look like: verb [-options] geomname [other] Common verbs are: - - label — to write metadata to devices so they can be - recognized at tasting and brought up in geoms - - destroy — to destroy metadata, so the geoms get - destroyed - + + label — to write metadata to devices so they can + be recognized at tasting and brought up in + geoms + + + + destroy — to destroy metadata, so the geoms get + destroyed + Common options are: - -v : be verbose - -f : force + + -v : be verbose + + + + -f : force + Many actions, such as labeling and destroying metadata can - be performed in userland. For this, struct - g_command provides field - gc_func that can be set to a function (in - the same .so) that will be called to - process a verb. If gc_func is NULL, the - command will be passed to kernel module, to - .ctlreq function of the geom - class. + be performed in userland. For this, struct g_command provides field + gc_func that can be set to a function (in + the same .so) that will be called to + process a verb. If gc_func is NULL, the + command will be passed to kernel module, to + .ctlreq function of the geom + class. Geoms - Geoms are instances of GEOM classes. They have internal - data (a softc structure) and some functions with which they - respond to external events. + Geoms are instances of GEOM classes. They have internal + data (a softc structure) and some functions with which they + respond to external events. The event functions are: - .access : calculates - permissions (read/write/exclusive) - - .dumpconf : returns - XML-formatted information about the geom - - .orphan : called when some - underlying provider gets disconnected - - .spoiled : called when some - underlying provider gets written to - - .start : handles I/O - - - These functions are called from the g_down - kernel thread and there can be no sleeping in this context, - (see definition of sleeping elsewhere) which limits what can be done - quite a bit, but forces the handling to be fast. + + .access : calculates permissions + (read/write/exclusive) + + + + .dumpconf : returns XML-formatted + information about the geom + + + + .orphan : called when some + underlying provider gets disconnected + + + + .spoiled : called when some + underlying provider gets written to + + + + .start : handles I/O + + + + These functions are called from the + g_down kernel thread and there can be no + sleeping in this context, (see definition of sleeping + elsewhere) which limits what can be done quite a bit, but + forces the handling to be fast. Of these, the most important function for doing actual - useful work is the .start() function, - which is called when a BIO request arrives for a provider - managed by a instance of geom class. + useful work is the .start() function, + which is called when a BIO request arrives for a provider + managed by a instance of geom class. GEOM Threads There are three kernel threads created and run by the GEOM - framework: + framework: - g_down : Handles requests coming - from high-level entities (such as a userland request) on the - way to physical devices - - g_up : Handles responses from - device drivers to requests made by higher-level - entities - - g_event : Handles all other - cases: creation of geom instances, access counting, spoil - events, etc. + + g_down : Handles requests coming + from high-level entities (such as a userland request) on + the way to physical devices + + + + g_up : Handles responses from + device drivers to requests made by higher-level + entities + + + + g_event : Handles all other cases: + creation of geom instances, access counting, + spoil events, etc. + When a user process issues read data X at offset Y - of a file request, this is what happens: + of a file request, this is what happens: - *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Tue May 27 10:17:18 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8917517D; Tue, 27 May 2014 10:17:18 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6A25E27AA; Tue, 27 May 2014 10:17:18 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4RAHI79023103; Tue, 27 May 2014 10:17:18 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4RAHIY9023102; Tue, 27 May 2014 10:17:18 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405271017.s4RAHIY9023102@svn.freebsd.org> From: Ryusuke SUZUKI Date: Tue, 27 May 2014 10:17:18 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44965 - head/ja_JP.eucJP/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Tue, 27 May 2014 12:19:57 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 May 2014 10:17:18 -0000 Author: ryusuke Date: Tue May 27 10:17:17 2014 New Revision: 44965 URL: http://svnweb.freebsd.org/changeset/doc/44965 Log: - Merge the following from the English version: r44734 -> r44735 head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Mon May 26 19:01:20 2014 (r44964) +++ head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Tue May 27 10:17:17 2014 (r44965) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r44734 + Original revision: r44735 $FreeBSD$ --> + 使われなくなったライブラリを削除します。 + この過程に関する詳細については、 + を参照して下さい。 &prompt.root; make delete-old-libs @@ -1807,17 +1809,24 @@ Script started, output file is /var/tmp/ - &man.mergemaster.8; は Bourne シェルスクリプトで、 - /etc にある設定ファイルとソースツリーの + &os; の &man.mergemaster.8; Bourne シェルスクリプトは、 + /etc にある設定ファイルと、 /usr/src/etc - にある設定ファイルの違いを確認するのを手伝ってくれます。 + にある設定ファイルの違いを確認するためのものです。 これを使うのが、 ソースツリーにある設定ファイルにシステムの設定ファイルを 更新するために推奨される方法です。 - 始めるには、プロンプトから - mergemaster と入力してください - mergemaster は + mergemaster を使う前に、 + 既存の /etc + をどこか安全な場所にコピーしておきましょう。 + 再帰的なコピーを行なう と、 + ファイルの更新時間や所有者などを保存する + と共に実行してください。 + + &prompt.root; cp -Rp /etc /etc.old + + mergemaster を実行すると、 / を起点とした一時的なルート環境を構築し、 さまざまなシステム設定ファイルを (訳注: デフォルトでは /var/tmp/temproot に) @@ -1826,20 +1835,21 @@ Script started, output file is /var/tmp/ 異なるファイルは &man.diff.1; 形式で示され、 の記号は追加または変更された行を表し、 は完全に削除されたか新しく置き換えられた行を表します。 - &man.diff.1; の書式とファイルの違いの表示方法についてのより詳しい情報は、 + ファイルの違いの表示方法についてのより詳しい情報は、 &man.diff.1; を参照してください。 - &man.mergemaster.8; は違いのあるファイルをそれぞれ示します。 - 新しいファイルを削除するか、 + 次に &man.mergemaster.8; は違いのあるファイルをそれぞれ示し、 + 選択可能なオプションを表示します。 + ここでは、新しいファイルを削除するか、 一時ファイルをそのままインストールするか、 一時ファイルと現在インストールされているファイルを統合するか、 - もしくは &man.diff.1; の結果をもう一度見るか選択できます。 + もしくは結果をもう一度見るかを選択できます。 - 一時ファイルの削除を選ぶと、&man.mergemaster.8; + 一時ファイルの削除を選ぶと、mergemaster に現在のファイルを変更しないで新しいバージョンを削除せよと伝えます。 - この選択は、現在のファイルを変更する理由が分からないのであれば、 - お勧めできません。 - &man.mergemaster.8; のプロンプトで ? とタイプすれば、 + この選択は、お勧めできません。 + mergemaster + のプロンプトで ? とタイプすれば、 いつでもヘルプが見られます。 ファイルのスキップを選ぶと、他のすべてのファイルを終えたあと、 もう一度そのファイルが提示されます。 @@ -1860,90 +1870,19 @@ Script started, output file is /var/tmp/ このファイルをインストールすることができます。 たいてい、このオプションはユーザが設定を変更したファイルに使われます。 - &man.diff.1; の結果をもう一度見る、を選択すると、 - ちょうど先ほど &man.mergemaster.8; が選択肢を表示する前と同じように、 - ファイルの相異点を見ることができます。 + 結果をもう一度見る、を選択すると、 + ファイルの相異点をもう一度見ることができます。 - &man.mergemaster.8; がシステムファイルの比較を終えたあと、 + mergemaster + がシステムファイルの比較を終えたあと、 他のオプションについてもプロンプトが表示されます。 - &man.mergemaster.8; - が、パスワードファイルを再構築するかどうかを尋ねることがあります。 + たとえば、 + パスワードファイルを再構築するかどうかを尋ねることがあります。 最後に残った一時ファイルを削除するかどうかを尋ねて終了します。 - 手動で更新する場合には、単にファイルを - /usr/src/etc - から /etc に - コピーしないでください。正常に動作しないでしょう。 - ファイルの中には、 - インストールという手順を踏まなければならないもの - が含まれています。 - /usr/src/etc は - /etc - にそのまま置き換えられるようなコピーでは - ないからです。 - また、/etc にあるべきファイルのうちで - /usr/src/etc にないものもあります。 - - 手動で行う際の一番簡単な方法は、 - ファイルを新しいディレクトリにインストールしてから、 - 以前のものと異なっている部分を調べて更新作業を行なうことです。 - - - 既存の <filename>/etc</filename> をバックアップする - - たとえば以下のようにして、 - 既存の /etc - をどこか安全な場所にコピーしておきましょう。 - - &prompt.root; cp -Rp /etc /etc.old - - ここで、 は再帰的なコピーを行ない、 - はファイルの更新時間や所有者などを保存します。 - - - 新しい /etc - やその他のファイルをインストールするための、 - 仮のディレクトリを作ってください。 - - &prompt.root; mkdir /var/tmp/root -&prompt.root; cd /usr/src/etc -&prompt.root; make DESTDIR=/var/tmp/root distrib-dirs distribution - - - 上の例は、必要なディレクトリ構造をつくり、ファイルをインストールします。 - /var/tmp/root 以下に作られる、 - たくさんの空のサブディレクトリは削除する必要があります。 - 一番簡単なやり方は、次のとおりです。 - - &prompt.root; cd /var/tmp/root -&prompt.root; find -d . -type d | xargs rmdir 2>/dev/null - - これは空ディレクトリをすべて削除します。 - 空でないディレクトリに関する警告を避けるために、 - 標準エラー出力は /dev/null に - リダイレクトされます。 - - この段階の /var/tmp/root には、 - 本来 / - 以下にあるべきファイルがすべて含まれています。各ファイルを順に見て、 - 既存のシステムにあるファイルと異なる部分を調べてください。 - - /var/tmp/root - 以下にインストールされているファイルの中には、 - . から始まっているものがあります。 - ls -a を使って確かめてください。 - - もっとも簡単な方法は、二つのファイルを比較するコマンド - &man.diff.1; を使うことです。 - - &prompt.root; diff /etc/shells /var/tmp/root/etc/shells - - このコマンドは、/etc/shells ファイルと - 新しい /var/tmp/root/etc/shells - ファイルの異なる部分を表示します。 - 内容を確認して、書き換えたものに変更点をマージするか、 - それとも既存のファイルを新しいもので上書きするかを判断してください。 - + - 使われなくなったファイル、ディレクトリの削除 + 使われなくなったファイル、ライブラリの削除 @@ -2070,7 +2010,7 @@ Script started, output file is /var/tmp/ make installworld と、その後の mergemaster が無事に終わったら、 - 以下の方法で使われなくなったファイルやライブラリを確認してください。 + 使われなくなったファイルやライブラリを確認してください。 &prompt.root; cd /usr/src &prompt.root; make check-old @@ -2079,11 +2019,6 @@ Script started, output file is /var/tmp/ &prompt.root; make delete-old - - その他のターゲットについては - /usr/src/Makefile をご覧ください。 - - 使われなくなったファイルを削除する際、 ファイルごとに確認が求められます。 確認を省略し、自動的にファイルを削除するには、 @@ -2097,11 +2032,6 @@ Script started, output file is /var/tmp/ &prompt.root; yes|make delete-old - - - - 使われなくなったライブラリの削除 - Warning @@ -2116,7 +2046,6 @@ Script started, output file is /var/tmp/ 共有ライブラリをチェックするユーティリティとして、 - Ports Collection の sysutils/libchksysutils/bsdadminscripts を利用できます。 @@ -2144,15 +2073,14 @@ Script started, output file is /var/tmp/ 以下のコマンドで古いライブラリを削除してください。 &prompt.root; make delete-old-libs - ここまで来れば、&os; システムのアップグレードは成功です。 - おめでとうございます。 もしちょっとした問題があった場合でも、 システムの一部を再構築するのは簡単です。 たとえば、アップグレードや /etc のマージの途中で誤って /etc/magic を削除してしまい、 - その結果 &man.file.1; が動作しなくなってしまったような場合には、 + その結果 file + が動作しなくなってしまったような場合には、 次のコマンドを実行して修復してください。 &prompt.root; cd /usr/src/usr.bin/file From owner-svn-doc-all@FreeBSD.ORG Tue May 27 13:26:06 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B2E39C5; Tue, 27 May 2014 13:26:06 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 93B212956; Tue, 27 May 2014 13:26:06 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4RDQ6Vn010218; Tue, 27 May 2014 13:26:06 GMT (envelope-from jadawin@svn.freebsd.org) Received: (from jadawin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4RDQ61I010217; Tue, 27 May 2014 13:26:06 GMT (envelope-from jadawin@svn.freebsd.org) Message-Id: <201405271326.s4RDQ61I010217@svn.freebsd.org> From: Philippe Audeoud Date: Tue, 27 May 2014 13:26:06 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44966 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 May 2014 13:26:06 -0000 Author: jadawin (ports committer) Date: Tue May 27 13:26:06 2014 New Revision: 44966 URL: http://svnweb.freebsd.org/changeset/doc/44966 Log: - Update my PGP key Modified: head/share/pgpkeys/jadawin.key (contents, props changed) Modified: head/share/pgpkeys/jadawin.key ============================================================================== --- head/share/pgpkeys/jadawin.key Tue May 27 10:17:17 2014 (r44965) +++ head/share/pgpkeys/jadawin.key Tue May 27 13:26:06 2014 (r44966) @@ -1,182 +1,131 @@ -uid Philippe Audeoud -uid Philippe Audeoud -uid Philippe Audeoud -sub 2048g/EF8EA329 2005-04-13 +pub 4096R/3D5DD05DE3EDC705 2014-05-27 [expires: 2016-05-26] + Key fingerprint = C1CA C5C4 F29A 40BF 507A D85B 3D5D D05D E3ED C705 +uid Philippe Audeoud +uid Philippe Audeoud (Main ID) +uid Philippe Audeoud (FreeBSD) +sub 4096R/BC29A282B624266C 2014-05-27 [expires: 2016-05-26] +sub 4096R/705007E333EEE843 2014-05-27 [expires: 2016-05-26] + ]]> From owner-svn-doc-all@FreeBSD.ORG Tue May 27 18:02:38 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3486D372; Tue, 27 May 2014 18:02:38 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 21D43249B; Tue, 27 May 2014 18:02:38 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4RI2cU3039504; Tue, 27 May 2014 18:02:38 GMT (envelope-from thomas@svn.freebsd.org) Received: (from thomas@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4RI2c0l039503; Tue, 27 May 2014 18:02:38 GMT (envelope-from thomas@svn.freebsd.org) Message-Id: <201405271802.s4RI2c0l039503@svn.freebsd.org> From: Thomas Quinot Date: Tue, 27 May 2014 18:02:38 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44967 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 May 2014 18:02:38 -0000 Author: thomas (src committer) Date: Tue May 27 18:02:37 2014 New Revision: 44967 URL: http://svnweb.freebsd.org/changeset/doc/44967 Log: Add new key, signed with the old one. Modified: head/share/pgpkeys/thomas.key Modified: head/share/pgpkeys/thomas.key ============================================================================== --- head/share/pgpkeys/thomas.key Tue May 27 13:26:06 2014 (r44966) +++ head/share/pgpkeys/thomas.key Tue May 27 18:02:37 2014 (r44967) @@ -1,103 +1,259 @@ - Empreinte de la cl辿 = 4737 A0AD E596 6D30 4356 29B8 004D 54B8 393D 2469 -uid Thomas Quinot -uid Thomas Quinot -sub 1024g/8DE13BB2 1999-09-23 +pub 4096R/9495D5E10F2C905E 2014-05-14 [expires: 2018-05-13] + Key fingerprint = 6048 5466 BE2C 284C C140 FFE9 9495 D5E1 0F2C 905E +uid Thomas Quinot +uid Thomas Quinot +uid Thomas Quinot (FreeBSD) +sub 4096R/DF8E0B5C7CC62EF2 2014-05-14 [expires: 2016-05-13] +sub 4096R/4FC12CCCCDF5176B 2014-05-14 [expires: 2016-05-13] +sub 4096R/4B31C02F7F15353F 2014-05-14 [expires: 2016-05-13] + ]]> From owner-svn-doc-all@FreeBSD.ORG Tue May 27 21:04:54 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 29266372; Tue, 27 May 2014 21:04:54 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1694A25C5; Tue, 27 May 2014 21:04:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4RL4rOE024638; Tue, 27 May 2014 21:04:53 GMT (envelope-from rene@svn.freebsd.org) Received: (from rene@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4RL4rxN024636; Tue, 27 May 2014 21:04:53 GMT (envelope-from rene@svn.freebsd.org) Message-Id: <201405272104.s4RL4rxN024636@svn.freebsd.org> From: Rene Ladan Date: Tue, 27 May 2014 21:04:53 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44968 - head/en_US.ISO8859-1/books/porters-handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 May 2014 21:04:54 -0000 Author: rene Date: Tue May 27 21:04:53 2014 New Revision: 44968 URL: http://svnweb.freebsd.org/changeset/doc/44968 Log: Add an entry for USES=mono to the Porters Handbook Phabric: D92 Modified: head/en_US.ISO8859-1/books/porters-handbook/uses.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/uses.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/uses.xml Tue May 27 18:02:37 2014 (r44967) +++ head/en_US.ISO8859-1/books/porters-handbook/uses.xml Tue May 27 21:04:53 2014 (r44968) @@ -383,6 +383,16 @@ archives and sets the appropriate dependencies. + + mono + + (none) + + Adds a dependency on the Mono + (currently only C#) framework by setting the appropriate + dependencies. + + motif From owner-svn-doc-all@FreeBSD.ORG Wed May 28 10:13:30 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 48A55C62; Wed, 28 May 2014 10:13:30 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2A1C324DD; Wed, 28 May 2014 10:13:30 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4SADTY0078459; Wed, 28 May 2014 10:13:29 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4SADTos078458; Wed, 28 May 2014 10:13:29 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405281013.s4SADTos078458@svn.freebsd.org> From: Ryusuke SUZUKI Date: Wed, 28 May 2014 10:13:29 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44969 - head/ja_JP.eucJP/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Wed, 28 May 2014 11:42:29 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 May 2014 10:13:30 -0000 Author: ryusuke Date: Wed May 28 10:13:29 2014 New Revision: 44969 URL: http://svnweb.freebsd.org/changeset/doc/44969 Log: - Merge the following from the English version: r44735 -> r44736 head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Tue May 27 21:04:53 2014 (r44968) +++ head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Wed May 28 10:13:29 2014 (r44969) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r44735 + Original revision: r44736 $FreeBSD$ --> これらを配慮し、アップグレードの推奨手順が作られました。 - make を実行したときの出力は、 - ファイルに保存すると良いでしょう。 - 何か障害が発生した場合には、エラーメッセージのコピーを - &os; メーリングリストに投稿してください。 - - ファイルに保存する最も簡単な方法は、script - コマンドを使い、 - 引数として出力の保存先のファイル名を指定することです。 - /tmp に出力を保存しないようにしてください。 - このディレクトリは、次の再起動で削除されてしまう可能性があります。 - 出力の保存には、/var/tmp が適しています。 - 次のコマンドを world の構築の直前に行ない、再構築が終了したら - exit と入力してください。 + make を実行したときの出力は、 + ファイルに保存すると良いでしょう。 + 何か障害が発生した場合には、エラーメッセージのコピーを + &os; メーリングリストに投稿してください。 + + ファイルに保存する最も簡単な方法は、script + コマンドを使い、 + 引数として出力の保存先のファイル名を指定することです。 + /tmp に出力を保存しないようにしてください。 + このディレクトリは、次の再起動で削除されてしまう可能性があります。 + 出力の保存には、/var/tmp が適しています。 + 次のコマンドを world の構築の直前に行ない、再構築が終了したら + exit と入力してください。 - &prompt.root; script /var/tmp/mw.out + &prompt.root; script /var/tmp/mw.out Script started, output file is /var/tmp/mw.out @@ -1824,7 +1824,7 @@ Script started, output file is /var/tmp/ ファイルの更新時間や所有者などを保存する と共に実行してください。 - &prompt.root; cp -Rp /etc /etc.old + &prompt.root; cp -Rp /etc /etc.old mergemaster を実行すると、 / を起点とした一時的なルート環境を構築し、 @@ -2329,88 +2329,88 @@ Building everything.. NFS の使い方の詳細については、 をご覧下さい。 - まず初めに、同じバイナリで動かそうとするマシンたちを決めます。 - このマシンたちのことをビルドセットと呼びます。 - それぞれのマシンはカスタムカーネルを持っているかもしれませんが、 - 同じユーザランドバイナリを動かそうというのです。 - このビルドセットから、 - ビルドマシンとなるマシンを 1 台選びます。 - ベースシステムとカーネルを構築するのはこのマシンになります。 - 理想的には、このマシンは make buildworld - と make buildkernel - を実行するのに十分な CPU - を持った速いマシンであるべきです。 + まず初めに、同じバイナリで動かそうとするマシンたちを決めます。 + このマシンたちのことをビルドセットと呼びます。 + それぞれのマシンはカスタムカーネルを持っているかもしれませんが、 + 同じユーザランドバイナリを動かそうというのです。 + このビルドセットから、 + ビルドマシンとなるマシンを 1 台選びます。 + ベースシステムとカーネルを構築するのはこのマシンになります。 + 理想的には、このマシンは make buildworld + と make buildkernel + を実行するのに十分な CPU + を持った速いマシンであるべきです。 - テストマシン - となるべきマシンも選んでください。 - 更新されたソフトウェアを使う前にそのマシンでテストするのです。 - テストマシンはかなり長い時間落ちていても - だいじょうぶなマシンであったほうがいいでしょう。 - ビルドマシンでもかまいませんが、 - ビルドマシンである必要はありません。 - - このビルドセットのマシンはすべて - /usr/obj と - /usr/src - をビルドマシンから FTP - 経由でマウントする必要があります。 - ビルドセット自体が複数ある場合は、 - /usr/src - はひとつのビルドマシン上にあるべきです。 - 他のマシンからはそれを NFS - マウントするようにしましょう。 - - ビルドセットのすべてのマシン上の - /etc/make.conf と - /etc/src.conf - がビルドマシンと一致していることを確認してください。つまり、 - ビルドマシンはビルドセットのどのマシンもインストールしようとしている - ベースシステムを全部ビルドしなければならないということです。 - また、各ビルドマシンは /etc/make.conf - にそれぞれのビルドマシンのカーネル名を - KERNCONF で指定し、 - ビルドマシンは自分自身のカーネルから順に全部のカーネル名を - KERNCONF にリストアップしてください。 - ビルドマシンは各マシンのカーネル設定ファイルを /usr/src/sys/arch/conf - に持っていなければなりません。 - - ビルドマシンにて、 - - に書いてあるようにカーネルとベースシステムを構築してください。 - でも、まだビルドマシンにはインストールしないでください。 - そのかわり、 - ビルドしたカーネルをテストマシンにインストールしてください。 - FTP 経由で - /usr/src および /usr/obj - をテストマシンにマウントしてください。 - その後、shutdown now - を実行してシングルユーザモードに移行し、 - 新しいカーネルとベースシステムをインストールし、 - いつもするように - mergemaster を実行してください。 - 終わったら、再起動して通常のマルチユーザ動作に戻します。 - - テストマシンにあるものすべてがちゃんと動いている確信が得られたら、 - 同じ手順でビルドセットの他のマシンにも新しいソフトウェアをインストールします。 - - ports ツリーにも同じ方法が使えます。 - 最初のステップは、 - ビルドセットのすべてのマシンが NFS 経由で - /usr/ports をマウントすることです。 - そして、distfiles を共有するように - /etc/make.conf を設定します。 - NFS マウントによってマップされる - root - ユーザが何であれ、DISTDIR - はそのユーザが書き込める共通の共有ディレクトリに設定する必要があります。 - ports をローカルでビルドする場合には、 - 各マシンは WRKDIRPREFIX - を自分のマシンのビルドディレクトリに設定しなければなりません。 - また、ビルドシステムが packages - をビルドしてビルドセットのコンピュータに配布するのであれば、 - DISTDIR と同じようにビルドシステム上の - PACKAGES - ディレクトリも設定してください。 + テストマシン + となるべきマシンも選んでください。 + 更新されたソフトウェアを使う前にそのマシンでテストするのです。 + テストマシンはかなり長い時間落ちていても + だいじょうぶなマシンであったほうがいいでしょう。 + ビルドマシンでもかまいませんが、 + ビルドマシンである必要はありません。 + + このビルドセットのマシンはすべて + /usr/obj と + /usr/src + をビルドマシンから FTP + 経由でマウントする必要があります。 + ビルドセット自体が複数ある場合は、 + /usr/src + はひとつのビルドマシン上にあるべきです。 + 他のマシンからはそれを NFS + マウントするようにしましょう。 + + ビルドセットのすべてのマシン上の + /etc/make.conf と + /etc/src.conf + がビルドマシンと一致していることを確認してください。つまり、 + ビルドマシンはビルドセットのどのマシンもインストールしようとしている + ベースシステムを全部ビルドしなければならないということです。 + また、各ビルドマシンは /etc/make.conf + にそれぞれのビルドマシンのカーネル名を + KERNCONF で指定し、 + ビルドマシンは自分自身のカーネルから順に全部のカーネル名を + KERNCONF にリストアップしてください。 + ビルドマシンは各マシンのカーネル設定ファイルを /usr/src/sys/arch/conf + に持っていなければなりません。 + + ビルドマシンにて、 + + に書いてあるようにカーネルとベースシステムを構築してください。 + でも、まだビルドマシンにはインストールしないでください。 + そのかわり、 + ビルドしたカーネルをテストマシンにインストールしてください。 + FTP 経由で + /usr/src および /usr/obj + をテストマシンにマウントしてください。 + その後、shutdown now + を実行してシングルユーザモードに移行し、 + 新しいカーネルとベースシステムをインストールし、 + いつもするように + mergemaster を実行してください。 + 終わったら、再起動して通常のマルチユーザ動作に戻します。 + + テストマシンにあるものすべてがちゃんと動いている確信が得られたら、 + 同じ手順でビルドセットの他のマシンにも新しいソフトウェアをインストールします。 + + ports ツリーにも同じ方法が使えます。 + 最初のステップは、 + ビルドセットのすべてのマシンが NFS 経由で + /usr/ports をマウントすることです。 + そして、distfiles を共有するように + /etc/make.conf を設定します。 + NFS マウントによってマップされる + root + ユーザが何であれ、DISTDIR + はそのユーザが書き込める共通の共有ディレクトリに設定する必要があります。 + ports をローカルでビルドする場合には、 + 各マシンは WRKDIRPREFIX + を自分のマシンのビルドディレクトリに設定しなければなりません。 + また、ビルドシステムが packages + をビルドしてビルドセットのコンピュータに配布するのであれば、 + DISTDIR と同じようにビルドシステム上の + PACKAGES + ディレクトリも設定してください。 From owner-svn-doc-all@FreeBSD.ORG Wed May 28 15:17:27 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D2351B52; Wed, 28 May 2014 15:17:27 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BF94721C8; Wed, 28 May 2014 15:17:27 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4SFHRqJ015143; Wed, 28 May 2014 15:17:27 GMT (envelope-from marck@svn.freebsd.org) Received: (from marck@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4SFHR9h015142; Wed, 28 May 2014 15:17:27 GMT (envelope-from marck@svn.freebsd.org) Message-Id: <201405281517.s4SFHR9h015142@svn.freebsd.org> From: Dmitry Morozovsky Date: Wed, 28 May 2014 15:17:27 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44970 - head/en_US.ISO8859-1/htdocs/releng X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 May 2014 15:17:27 -0000 Author: marck Date: Wed May 28 15:17:27 2014 New Revision: 44970 URL: http://svnweb.freebsd.org/changeset/doc/44970 Log: Update missing stable/9 freeze status. Modified: head/en_US.ISO8859-1/htdocs/releng/index.xml Modified: head/en_US.ISO8859-1/htdocs/releng/index.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/releng/index.xml Wed May 28 10:13:29 2014 (r44969) +++ head/en_US.ISO8859-1/htdocs/releng/index.xml Wed May 28 15:17:27 2014 (r44970) @@ -96,8 +96,8 @@
            - - + + From owner-svn-doc-all@FreeBSD.ORG Thu May 29 11:32:16 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 86F08FB0; Thu, 29 May 2014 11:32:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7401F2F71; Thu, 29 May 2014 11:32:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4TBWG6A055246; Thu, 29 May 2014 11:32:16 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4TBWGkp055245; Thu, 29 May 2014 11:32:16 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201405291132.s4TBWGkp055245@svn.freebsd.org> From: Ryusuke SUZUKI Date: Thu, 29 May 2014 11:32:16 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44971 - head/ja_JP.eucJP/books/handbook/linuxemu X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 May 2014 11:32:16 -0000 Author: ryusuke Date: Thu May 29 11:32:15 2014 New Revision: 44971 URL: http://svnweb.freebsd.org/changeset/doc/44971 Log: PR: docs/190275 o Substitute quote tag by real quotation. Spotted by: Ryusuke Yanagisawa Modified: head/ja_JP.eucJP/books/handbook/linuxemu/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/linuxemu/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/linuxemu/chapter.xml Wed May 28 15:17:27 2014 (r44970) +++ head/ja_JP.eucJP/books/handbook/linuxemu/chapter.xml Thu May 29 11:32:15 2014 (r44971) @@ -95,7 +95,7 @@ Linux 互換機能を常に有効にする場合には、 /etc/rc.conf に以下の行を追加してください。 - linux_enable=YES + linux_enable="YES" この設定により、/etc/rc.i386 では次のような操作が行なわれます。 From owner-svn-doc-all@FreeBSD.ORG Thu May 29 11:39:03 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 13504243; Thu, 29 May 2014 11:39:03 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 009942FB5; Thu, 29 May 2014 11:39:03 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4TBd2h7056623; Thu, 29 May 2014 11:39:02 GMT (envelope-from wosch@svn.freebsd.org) Received: (from wosch@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4TBd2Ol056622; Thu, 29 May 2014 11:39:02 GMT (envelope-from wosch@svn.freebsd.org) Message-Id: <201405291139.s4TBd2Ol056622@svn.freebsd.org> From: Wolfram Schneider Date: Thu, 29 May 2014 11:39:02 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44972 - head/en_US.ISO8859-1/htdocs/cgi X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 May 2014 11:39:03 -0000 Author: wosch Date: Thu May 29 11:39:02 2014 New Revision: 44972 URL: http://svnweb.freebsd.org/changeset/doc/44972 Log: fix old perl code: $* is no longer supported at ./cgi-lib.pl Modified: head/en_US.ISO8859-1/htdocs/cgi/cgi-lib.pl Modified: head/en_US.ISO8859-1/htdocs/cgi/cgi-lib.pl ============================================================================== --- head/en_US.ISO8859-1/htdocs/cgi/cgi-lib.pl Thu May 29 11:32:15 2014 (r44971) +++ head/en_US.ISO8859-1/htdocs/cgi/cgi-lib.pl Thu May 29 11:39:02 2014 (r44972) @@ -107,16 +107,16 @@ sub CgiError { sub PrintVariables { local (%in) = @_; local ($old, $out, $output); - $old = $*; $* =1; + #$old = $*; $* =1; $output .= "
            "; foreach $key (sort keys(%in)) { foreach (split("\0", $in{$key})) { - ($out = $_) =~ s/\n/
            /g; + ($out = $_) =~ s/\n/
            /gm; $output .= "
            $key
            $out
            "; } } $output .= "
            "; - $* = $old; + #$* = $old; return $output; } 1; From owner-svn-doc-all@FreeBSD.ORG Thu May 29 16:39:54 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0CD66EAC; Thu, 29 May 2014 16:39:54 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D54C62CC5; Thu, 29 May 2014 16:39:53 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4TGdr19094119; Thu, 29 May 2014 16:39:53 GMT (envelope-from lwhsu@svn.freebsd.org) Received: (from lwhsu@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4TGdr0F094118; Thu, 29 May 2014 16:39:53 GMT (envelope-from lwhsu@svn.freebsd.org) Message-Id: <201405291639.s4TGdr0F094118@svn.freebsd.org> From: Li-Wen Hsu Date: Thu, 29 May 2014 16:39:53 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-svnadmin@freebsd.org Subject: svn commit: r44973 - svnadmin/conf X-SVN-Group: doc-svnadmin MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 May 2014 16:39:54 -0000 Author: lwhsu (ports committer) Date: Thu May 29 16:39:53 2014 New Revision: 44973 URL: http://svnweb.freebsd.org/changeset/doc/44973 Log: Raise my commit size limit temporarily. Approved by: doceng (gjb) Modified: svnadmin/conf/sizelimit.conf Modified: svnadmin/conf/sizelimit.conf ============================================================================== --- svnadmin/conf/sizelimit.conf Thu May 29 11:39:02 2014 (r44972) +++ svnadmin/conf/sizelimit.conf Thu May 29 16:39:53 2014 (r44973) @@ -18,3 +18,4 @@ blackend gabor gjb hrs +lwhsu From owner-svn-doc-all@FreeBSD.ORG Thu May 29 16:48:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 14074111; Thu, 29 May 2014 16:48:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F1AD52DA3; Thu, 29 May 2014 16:48:09 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4TGm9eu098338; Thu, 29 May 2014 16:48:09 GMT (envelope-from lwhsu@svn.freebsd.org) Received: (from lwhsu@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4TGm8rB098329; Thu, 29 May 2014 16:48:08 GMT (envelope-from lwhsu@svn.freebsd.org) Message-Id: <201405291648.s4TGm8rB098329@svn.freebsd.org> From: Li-Wen Hsu Date: Thu, 29 May 2014 16:48:08 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44974 - in head: . en_US.ISO8859-1/books/faq en_US.ISO8859-1/books/fdp-primer/structure en_US.ISO8859-1/htdocs zh_TW.Big5 zh_TW.UTF-8 zh_TW.UTF-8/articles zh_TW.UTF-8/articles/contribu... X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 May 2014 16:48:10 -0000 Author: lwhsu (ports committer) Date: Thu May 29 16:48:07 2014 New Revision: 44974 URL: http://svnweb.freebsd.org/changeset/doc/44974 Log: Convert zh_TW from Big5 to UTF-8. Approved by: bcr Added: head/zh_TW.UTF-8/ - copied from r44970, head/zh_TW.Big5/ Deleted: head/zh_TW.Big5/ Modified: head/Makefile head/en_US.ISO8859-1/books/faq/book.xml head/en_US.ISO8859-1/books/fdp-primer/structure/chapter.xml head/en_US.ISO8859-1/htdocs/Makefile head/zh_TW.UTF-8/articles/Makefile.inc head/zh_TW.UTF-8/articles/contributing/article.xml head/zh_TW.UTF-8/articles/cvs-freebsd/article.xml head/zh_TW.UTF-8/articles/freebsd-questions/article.xml head/zh_TW.UTF-8/articles/hubs/article.xml head/zh_TW.UTF-8/articles/mailing-list-faq/article.xml head/zh_TW.UTF-8/articles/nanobsd/article.xml head/zh_TW.UTF-8/articles/pr-guidelines/article.xml head/zh_TW.UTF-8/articles/problem-reports/article.xml head/zh_TW.UTF-8/articles/remote-install/article.xml head/zh_TW.UTF-8/books/Makefile.inc head/zh_TW.UTF-8/books/developers-handbook/book.xml head/zh_TW.UTF-8/books/developers-handbook/chapters.ent head/zh_TW.UTF-8/books/developers-handbook/introduction/chapter.xml head/zh_TW.UTF-8/books/developers-handbook/ipv6/chapter.xml head/zh_TW.UTF-8/books/developers-handbook/kerneldebug/chapter.xml head/zh_TW.UTF-8/books/developers-handbook/l10n/chapter.xml head/zh_TW.UTF-8/books/developers-handbook/policies/chapter.xml head/zh_TW.UTF-8/books/developers-handbook/secure/chapter.xml head/zh_TW.UTF-8/books/developers-handbook/sockets/chapter.xml head/zh_TW.UTF-8/books/developers-handbook/testing/chapter.xml head/zh_TW.UTF-8/books/developers-handbook/tools/chapter.xml head/zh_TW.UTF-8/books/developers-handbook/x86/chapter.xml head/zh_TW.UTF-8/books/faq/Makefile head/zh_TW.UTF-8/books/faq/book.xml head/zh_TW.UTF-8/books/fdp-primer/book.xml head/zh_TW.UTF-8/books/fdp-primer/chapters.ent head/zh_TW.UTF-8/books/fdp-primer/doc-build/chapter.xml head/zh_TW.UTF-8/books/fdp-primer/examples/appendix.xml head/zh_TW.UTF-8/books/fdp-primer/overview/chapter.xml head/zh_TW.UTF-8/books/fdp-primer/psgml-mode/chapter.xml head/zh_TW.UTF-8/books/fdp-primer/see-also/chapter.xml head/zh_TW.UTF-8/books/fdp-primer/sgml-markup/chapter.xml head/zh_TW.UTF-8/books/fdp-primer/sgml-primer/chapter.xml head/zh_TW.UTF-8/books/fdp-primer/structure/chapter.xml head/zh_TW.UTF-8/books/fdp-primer/stylesheets/chapter.xml head/zh_TW.UTF-8/books/fdp-primer/the-website/chapter.xml head/zh_TW.UTF-8/books/fdp-primer/tools/chapter.xml head/zh_TW.UTF-8/books/fdp-primer/translations/chapter.xml head/zh_TW.UTF-8/books/fdp-primer/writing-style/chapter.xml head/zh_TW.UTF-8/books/handbook/advanced-networking/chapter.xml head/zh_TW.UTF-8/books/handbook/audit/chapter.xml head/zh_TW.UTF-8/books/handbook/basics/chapter.xml head/zh_TW.UTF-8/books/handbook/bibliography/chapter.xml head/zh_TW.UTF-8/books/handbook/book.xml head/zh_TW.UTF-8/books/handbook/boot/chapter.xml head/zh_TW.UTF-8/books/handbook/chapters.ent head/zh_TW.UTF-8/books/handbook/colophon.xml head/zh_TW.UTF-8/books/handbook/config/chapter.xml head/zh_TW.UTF-8/books/handbook/cutting-edge/chapter.xml head/zh_TW.UTF-8/books/handbook/desktop/chapter.xml head/zh_TW.UTF-8/books/handbook/disks/chapter.xml head/zh_TW.UTF-8/books/handbook/eresources/chapter.xml head/zh_TW.UTF-8/books/handbook/firewalls/chapter.xml head/zh_TW.UTF-8/books/handbook/geom/chapter.xml head/zh_TW.UTF-8/books/handbook/install/chapter.xml head/zh_TW.UTF-8/books/handbook/introduction/chapter.xml head/zh_TW.UTF-8/books/handbook/jails/chapter.xml head/zh_TW.UTF-8/books/handbook/kernelconfig/chapter.xml head/zh_TW.UTF-8/books/handbook/l10n/chapter.xml head/zh_TW.UTF-8/books/handbook/linuxemu/chapter.xml head/zh_TW.UTF-8/books/handbook/mac/chapter.xml head/zh_TW.UTF-8/books/handbook/mail/chapter.xml head/zh_TW.UTF-8/books/handbook/mirrors/chapter.xml head/zh_TW.UTF-8/books/handbook/multimedia/chapter.xml head/zh_TW.UTF-8/books/handbook/network-servers/chapter.xml head/zh_TW.UTF-8/books/handbook/pgpkeys/chapter.xml head/zh_TW.UTF-8/books/handbook/ports/chapter.xml head/zh_TW.UTF-8/books/handbook/ppp-and-slip/chapter.xml head/zh_TW.UTF-8/books/handbook/preface/preface.xml head/zh_TW.UTF-8/books/handbook/printing/chapter.xml head/zh_TW.UTF-8/books/handbook/security/chapter.xml head/zh_TW.UTF-8/books/handbook/serialcomms/chapter.xml head/zh_TW.UTF-8/books/handbook/txtfiles.ent head/zh_TW.UTF-8/books/handbook/users/chapter.xml head/zh_TW.UTF-8/books/handbook/vinum/chapter.xml head/zh_TW.UTF-8/books/handbook/virtualization/chapter.xml head/zh_TW.UTF-8/books/handbook/x11/chapter.xml head/zh_TW.UTF-8/books/porters-handbook/book.xml head/zh_TW.UTF-8/htdocs/Makefile head/zh_TW.UTF-8/htdocs/about.xml head/zh_TW.UTF-8/htdocs/applications.xml head/zh_TW.UTF-8/htdocs/art.xml head/zh_TW.UTF-8/htdocs/availability.xml head/zh_TW.UTF-8/htdocs/community.xml head/zh_TW.UTF-8/htdocs/developers.xml head/zh_TW.UTF-8/htdocs/docs.xml head/zh_TW.UTF-8/htdocs/docs/books.xml head/zh_TW.UTF-8/htdocs/docs/webresources.xml head/zh_TW.UTF-8/htdocs/index.xsl head/zh_TW.UTF-8/htdocs/logo.xml head/zh_TW.UTF-8/htdocs/send-pr.xml head/zh_TW.UTF-8/htdocs/support.xml head/zh_TW.UTF-8/htdocs/where.xml head/zh_TW.UTF-8/share/xml/authors.ent head/zh_TW.UTF-8/share/xml/freebsd-fo.xsl head/zh_TW.UTF-8/share/xml/freebsd-xhtml.xsl head/zh_TW.UTF-8/share/xml/glossary.ent head/zh_TW.UTF-8/share/xml/header.l10n.ent head/zh_TW.UTF-8/share/xml/l10n.ent head/zh_TW.UTF-8/share/xml/libcommon.xsl head/zh_TW.UTF-8/share/xml/mailing-lists.ent head/zh_TW.UTF-8/share/xml/navibar.l10n.ent head/zh_TW.UTF-8/share/xml/news.xml head/zh_TW.UTF-8/share/xml/press.xml head/zh_TW.UTF-8/share/xml/release.l10n.ent (contents, props changed) head/zh_TW.UTF-8/share/xml/trademarks.ent head/zh_TW.UTF-8/share/xml/urls.ent Modified: head/Makefile ============================================================================== --- head/Makefile Thu May 29 16:39:53 2014 (r44973) +++ head/Makefile Thu May 29 16:48:07 2014 (r44974) @@ -28,7 +28,7 @@ SUBDIR+= ru_RU.KOI8-R SUBDIR+= sr_YU.ISO8859-2 SUBDIR+= tr_TR.ISO8859-9 SUBDIR+= zh_CN.UTF-8 -SUBDIR+= zh_TW.Big5 +SUBDIR+= zh_TW.UTF-8 .endif SUBDIR+= share Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Thu May 29 16:39:53 2014 (r44973) +++ head/en_US.ISO8859-1/books/faq/book.xml Thu May 29 16:48:07 2014 (r44974) @@ -792,9 +792,9 @@ - zh_TW.Big5 + zh_TW.UTF-8 - Traditional Chinese (Taiwan, Big5 + Traditional Chinese (Taiwan, UTF-8 encoding)             Modified: head/en_US.ISO8859-1/books/fdp-primer/structure/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/structure/chapter.xml Thu May 29 16:39:53 2014 (r44973) +++ head/en_US.ISO8859-1/books/fdp-primer/structure/chapter.xml Thu May 29 16:48:07 2014 (r44974) @@ -100,7 +100,7 @@ One directory exists for each available translation and encoding of the documentation, for example en_US.ISO8859-1/ - and zh_TW.Big5/. + and zh_TW.UTF-8/. The names are long, but by fully specifying the language and encoding we prevent any future headaches when a translation team wants to provide documentation in the Modified: head/en_US.ISO8859-1/htdocs/Makefile ============================================================================== --- head/en_US.ISO8859-1/htdocs/Makefile Thu May 29 16:39:53 2014 (r44973) +++ head/en_US.ISO8859-1/htdocs/Makefile Thu May 29 16:48:07 2014 (r44974) @@ -103,7 +103,7 @@ WEB_LANG= da_DK.ISO8859-1 \ pt_BR.ISO8859-1 \ ru_RU.KOI8-R \ zh_CN.UTF-8 \ - zh_TW.Big5 + zh_TW.UTF-8 .endif .if !defined(ENGLISH_ONLY) || empty(ENGLISH_ONLY) .for _D in ${WEB_LANG} Modified: head/zh_TW.UTF-8/articles/Makefile.inc ============================================================================== --- head/zh_TW.Big5/articles/Makefile.inc Wed May 28 15:17:27 2014 (r44970) +++ head/zh_TW.UTF-8/articles/Makefile.inc Thu May 29 16:48:07 2014 (r44974) @@ -2,4 +2,4 @@ # $FreeBSD$ # -DESTDIR?= ${DOCDIR}/zh_TW.Big5/articles/${.CURDIR:T} +DESTDIR?= ${DOCDIR}/zh_TW.UTF-8/articles/${.CURDIR:T} Modified: head/zh_TW.UTF-8/articles/contributing/article.xml ============================================================================== --- head/zh_TW.Big5/articles/contributing/article.xml Wed May 28 15:17:27 2014 (r44970) +++ head/zh_TW.UTF-8/articles/contributing/article.xml Thu May 29 16:48:07 2014 (r44974) @@ -1,4 +1,4 @@ - +
            - 整U FreeBSD + 綛 FreeBSD - L竣O咾H略OU斎箇卒ApG同罨 FreeBSD 苅兩挨UA械iHbセゅいт讀XA困茯kC + ∴篋堺腮腟膵鐚絋絽 FreeBSD 箴綛鐚遵篁ュ筝上医号 - JordanHubbard豕曄G + JordanHubbard @@ -32,348 +32,348 @@ - ^m + 莢∝ - A同羇 FreeBSD 圧Iぐ賜芹HびnFAи姪w錻ACFreeBSD - タOΤ逗鷦sj魯葎蜜紺^m~oHoiЁj此Cи未6畠D`P疎z勸紀紺^mAτBAo任u@刻 FreeBSD 昆挺oi]榁nC + 篏絽 FreeBSD 藥篁藝弱鐚紊絅巡鐚罩∴篏FreeBSD + 罩f莖贋弱撮紊т戎莢∝紙緇篁ョ弱紕紊х筝絽御茗莢∝誌筝鐚篋綏ヤ絨 FreeBSD 膾弱箙渇荀 - ]\PzQ抗困PAzJぃゲoO@WX皖 ProgrammerA]L況M - FreeBSD core team ΘΤ椄n恨pユAи矛|@鋸Pく差鍮蘖z困u@C - FreeBSD 唆}oHMガyAjaмNMU翁A~綴だガ]D`sxC - MτACぱи務b厩鍮挺W[困u@AτW鶉SΤ━員困HもA]孝抬明H錨w鎹z裟挨UC - - FreeBSD p杭匈Bz根O@哥江礫婚@~t歌泉航AτぃuO@ kernel 略O@嚢s寛困u礇]C - ]后Aи蜜 TODO 歐譽鞍C躙魅]tUΑU舎困u@G - qゅンB魯葎夢胡BdemoA讎t歌w庫{ΑM鷄M~ kernel }oC - ]控L竣z婚浤N掲p鵝Aq豆鷓愡皸譟A械iH整Uo哭p杭C - - и鵡yq透M FreeBSD 枌u@坤~Mи盟p担C - z旨n@年S蹣座Xi哦榔z魂~B退_啅棔H - z|o{и湊楴峽N紀棲z砂丿DA娃DOSO}_j祢此C - zO_タq頭枌瑳W鳩~鞍H 統и岬喟挨UzaA - и未]\iHbY任茘卯曚X@C - 曠儚n悼疋職bVOゴ}詑Τ混悽(抗O猪鶻n悼}oBP謂M笹@)A - и箕同羸欺弍z椶岶犁好Δ@Ω穣|C + 箙荐沿喝筝鐚≫綽緇筝肴牙 Programmer鐚箙♂ + FreeBSD core team ≧緇絅順腱篋わ筝荀篁絨緇綏ヤ + FreeBSD 寂査♂絽鐚紊у倶茵絨桁逸綛顔宗絽箙絽後撮羈 + 区鐚罸鎀遵√膾紜綏ヤ鐚惹莇喝篋堺鐚罩ゆ罩∴綛 + + FreeBSD 荐筝絎雁篏罐膤紫輝医鐚筝Ŭ筝 kernel 筝篋倶g綏ュ桁 + 罩わ TODO 緇莨篁糸茵茖≦綣罔g綏ヤ鐚 + 緇篁吟篏睡羝荅demo鐚亥鎧腟怨茖腮綣翫罐 kernel 若 + 罩ょ∴茵羂贋絋篏鐚緇篋篏腮鐚遵篁ュ巷荐 + + 藜球篋 FreeBSD 檎綏ヤ篌罐膵 + 荀筝篋号翫箴篏炊√莉莎隙鐚 + 主憝緇罔靁茫羆鐚ら劫ョ絅ゆ + 罩e篋檎紜惹キ鐚 莅箴綛э + 箙荐怨篁ュ篋拷∝娯篏 + 沿蕭罩e頑罅罅(取蕭若桁膓茘)鐚 + 絽茫喝順畿絎筝罨≧ - и蜜沙檬D + - U右CXF@濃櫚nЧΘ坤鞍Mlp杭A - ウ魅N TODO(歐譽鞍C) - C蹣嵯N筺AHの魯葎蜜梱nDC + 筝√坂筝篋荀絎篁糸絖荐鐚 + 絎篁h; TODO(緇莨篁糸茵) + 茵鐚篁ュ篏睡荀羆 - タbi罎お坤鞍(D{Α}oH) + 罩e画筝篁糸(腮綣寂査) - 椄h委[ FreeBSD p杭困HぃO ProgrammerC - o哭p杭弧Τゅン雫g漫B柵恭]pvBHのмNや刊HC - 刻鶻o埜qu啝 AL魅u旨n^m@熱俵 A奪B礒馨撚潛嵯N@C + 緇紊 FreeBSD 荐篋坂 Programmer + 荐茖≧篁倶医膓臥荐荐絽篁ュ茵吂査< + 絨守篋臂綏ヤ茯鐚篁Ū荀莢∝私篋鐚筝筝傑絖悟馹 - ziH姫`遜\ FAQ MもU(Handbook) - ApGo{Τ狐沈ぃM掘墾aよA略OぃX菱y困絅鵝A豆棗好ぃタT墾aよA - 械出iDи漫C訣MAY犇兇皈皀L稔廛拭A巽皸瓢~H宜и漫A┷N鵙nFC:) - (SGML 箙螯辰C焦Aи未]ぃは刻z襲鬼ユ@ ASCII 痕造絋rセ)C + 篁ユ絽悟浸 FAQ (Handbook) + 鐚絋主憝茹i筝羝罐井刻筝絎篁駈喝筝罩g∈井刻 + 処荐贋句駈ヨ初篁篆罩o筝茯ゅ腟鐚e葦翫ソ篋:) + (SGML 九筝筝e醐篏箙筝絨贋・篋や ASCII 膣絖) - 整Uи箕 FreeBSD ゅン遜超ΘA坤聖yC - pGA坤聖yセwgsbFA - ]iH遜超@巴B~困絅鵝A葎明訪d┷任wΤ困絅鵺O_鯵矛sC - ziH族恰檪 FreeBSD ゅンp杭いΤ猪 遜超肘艮`┌維DC - 委[遜超u@A辰O察zntx渉菖遜超勁 FreeBSD ゅンC - ┃宛quAn圧hぶu@ЧM鷄z嵯N@C@スY咾H}l遜超FA - ぇ甦XG@w|Τ筌LH委P豎o任u@い咫C - pG俵・貝A葎椋襪Oぃ員h遜超障ゅンA┷iH坤h遜超w庫nC + 綛 FreeBSD 篁句浸茘篏罸茯 + 絋篏罸茯綏牙絖篋鐚 + 箙篁ョ浸茘筝篋蕁紊篁駈罟∽ラd綏我篁倶堺亥 + 篁ュ膂≦ FreeBSD 篁区筝 膺肢絽梧馹 + 膺肢綏ヤ鐚筝筝茯荀絖よ絅亥浸茘 FreeBSD 篁吟 + 荳榊奨綏ワ荀紊絨綏ヤ絎羆堺惹馹筝篋咲紮膺肢篋鐚 + 箙緇綛鞘筝絎銀篋阪育篋綏ヤ筝箴 + 絋鐚膕上筝紊サ膺肢岩蚕篁駈e篁ラサ膺肢絎茖 - \的 &a.questions; 丹減限従\(豆椄崖W潸ao舎圧) &ng.misc; - CPOHだ姫z艮M~消僉A - 胆挨UL霧僭M維DAOンOHr恨同 F - Τ畢圈Az豆椒iHbo唸L{い焦譴@之sF茵I - o能彎側凱匹]|葦zEoX@任杉嵯QkC + 沿 &a.questions; 筝句丞浸(恰荀鏅育罔e) &ng.misc; + ヤ査篋絨罐ヨ鐚 + 筝綛篁茹f浦馹鐚篁銀擦篋堺篋鐚 + 鐚喝篁ュ腮筝絖後遺篋井沿タ鐚 + 篋茫紕箙堺羶弱坂篋筝恰 - タbi罎お坤鞍({Α}oH) - Cbo弧困j魁だヴ鞍械旨nzщJi[混俵 A葎婿櫚nzb FreeBSD kernel - よ右蛎彜I昏消僉A葎岬皖務nC訣Mo弧]Τ椄hn坤鞍AAX抗O - weekend hackers o寵uノgソNiHdw HackerC + 罩e画筝篁糸(腮綣寂査) + 茖∞紊ч篁糸初荀ュ茹鐚荀 FreeBSD kernel + 拷∽莟絲ヨ鐚処句狗茖>緇紊荀篁糸鐚 + weekend hackers 蕁Ǔ掩絨怨篁ユ絎 Hacker - pGzタb]根O FreeBSD -CURRENT セA奪B柵侯t彖戮杉A - ┷賜iH current.FreeBSD.orgA - oxCぱ|Τ@啖sセ — pGzΤ邸A - ziHTぃき匹U厚脱w庫A - 箒・pGXFぐ賜維DA出iDи漫C + 絋罩e莊 FreeBSD -CURRENT 鐚筝筝膓画君綺筝鐚 + i瑳篁ュ current.FreeBSD.org鐚 + 佀鎀筝亥 — 絋腥削 + 篁ヤ筝篋筝莠筝絎茖鐚 + 狗絋坂篁藝弱馹鐚茫荐贋 - \的 &a.bugs;Co念歟DA粒\z犂僞開愕]雰Nq嵯N┌A - 葎明愛4胡@ patch C好~A豆椒iH港胡廛触笋お困@念歟DC + 沿 &a.bugs;篋馹鐚荐掩醇箴綮肴┃ф靸頳鐚 + 綛綽羝荅筝篋 patch 罩ゅ鐚喝篁ュ荅篆罩e銀賢筝篋馹 - pGz捷DΤ@猫廛燭wgb -CURRENT WΘ\a魯痢A - bgL@q俵(q`O 2 gオk)ぇ瓠AごゼX屹 -STABLE - (oBJNO MFC -- Merged From Current)A┷賜iH宜枌 committer Ho並Щ佐数HC + 絋ラ筝篋篆罩e群膓 -CURRENT 筝遺戎鐚 + 篏膓筝罧究(絽御 2 怨窪)箙緇鐚篁篏球 -STABLE + (罩ラ絨掩 MFC -- Merged From Current)鐚i瑳篁ョ畿檎 committer 篋阪∞弱胼莢篆< - N可Tよ(3rd party)n悼[J讚讒lXい - src/contrib ヘ雀C + 絨膃筝(3rd party)荵蕭ュ医紮腆寂賢 + src/contrib - TO src/contrib い梱讒lXO殻s此C + 腆坂 src/contrib 筝紮腆惹亥 - s超讒lX(略O魁だ讒lX)鼻A出эノ鶲債祈i汽(warning level) - HK飴杉(debug)ノA脱bЧΘ旗胡BT{タ`Ч王ぇ瓠AM娃o能s超債祈i汽邸C + 膩茘紮腆(紮腆)鐚茫合顔茘膈膣(warning level) + 篁ヤ梢級(debug)鐚筝絎羝荅腆肴罩e幻絎≫緇鐚羝ら篋膩茘茘膈膣 - 鷏s┷忍b ports い魯旅L肘昏F茵A - 勁p gets() 離]t - malloc.h 匆ネ債祈iC + 贋育d ports 筝篏睡沿タ鐚 + 箴絋 gets() + malloc.h ∝茘 - pGΤ ports @Fヴ鶚廛拭A - 出OoNz patch o宜讌@ (o舎UΩど溺鼻Az困u@|怒o惨P@)C + 絋 ports 篏篋篁私篆罩o + 茫荐緇絨 patch 主畿篏 (罔d罨≦膣鐚綏ヤ莅緇莠薔筝篋) - oタΑ瑳亰如Ap &posix; 紺謄察C - b FreeBSD - C99 & POSIX 斜掲朞ep杭 柵犬WAiHo讙枌柱欝C - 出N FreeBSD 墾罨飴PWz瑳亰廼i罎餮AY勹o飢GP C99 & POSIX 斜掲ぃP左棔A - SOO┷撚啗`aよ嵯Lpt翁A出o@喘鵐Κ PR (維D釜i)C - pGi燹A出Xp鶚廛織ΑA胆H PR 苅ユ patch C - pGz{絢亰忍外歟DA出Vo燃W羲亰祢根枌肯悼A出D刻箒i罩s墾匱{C + 緇罩e罔羣鐚絋 &posix; + FreeBSD + C99 & POSIX 罔羣後壕 膓牙筝鐚篁ュ亥檎・ + 茫絨 FreeBSD 茵肴筝菴亥罔羣画罸莠鐚ユ緇腟 C99 & POSIX 罔羣筝荅縁 + 劫ユd膣亥井合緇絨鎴逸茫寂弱 PR (馹怨) + 絋緒茫阪篏篆罩e鐚筝 PR 篋 patch + 絋茯堺羣馹鐚茫篋荀惹羣檎蕭鐚茫羆絨狗画亥 - 鯵oC躊僥鵙h慊魁I + 咲篁遵茵箴翫綮肴逸 - d\障 PR 瑚闘w + ラ掩翫 PR 莖綺 - 維D釜i瑚闘w + 馹怨莖綺 FreeBSD - PR C o弧|塔ボヘe勁 PR 紺歟DAAHのパ - FreeBSD 魯葎夢ユ婚鏘i慊魁C - PR 瑚闘wP疋]AF}oHMD}oH坤鞍C - d檬恨禰|ゼ狐M PRA狸檪檪O_ΤzP審曙坤鞍C - o笋ぅi爨海@葱OD`族恰紺歟DAu旨n櫃@檬箪T{ PR OタT此C - t~@妊i犒|D`銃鐸A葎箕好ゼヴ鶚廛拭C - - 坤櫃@檬恨覗扁SΤH欝も PRC - pG PR wgだt宜F筌ΔHA欅_哮Oz牋Bz此A - ziHHH宜┷咾HA淡澎蘖zO_iH苅兩挨U — - L魅i爐wgΤi儡胡 patch A陸海@妊i儖Q竣嵯N┌C + PR 茵 茖≧蕁腓榊 PR 馹鐚篁ュ + FreeBSD 篏睡篋ょ拷峨産茘違 + PR 莖綺篋寂査≦寂査∞篁糸 + ョd絨茹f浦 PR鐚筝莇g篁糸 + 銀賢醇筝篋絽悟亜馹鐚Ū荀筝筝腆肴 PR 罩g∈ + Ϊ筝篋醇絽梧鐚絎篁私篆罩c + + 薤筝d羃篋堺・ PR + 絋 PR 綏牙腟篋九篋削篏莎隙遵鐚 + 篁ュ篆∞畿e篋削筝荅√篁ユ箴綛 — + 篁遵群膓箴羝荅 patch 鐚筝篋箴荐茫頳 - パ <quote>Ideas</quote> い随@教 + <quote>Ideas</quote> 筝娯 &os; list of - projects and ideas for volunteers P舎a}餤孔碍N@委P - &os; p杭困HC - oM恰N挺a鷏sAP百僞U啅汽惠左螳T宜勁海H - ]ぃ竣O_圧{Α]pH^C + projects and ideas for volunteers 罔e育丞畿馹 + &os; 荐篋冴 + 篁醇絨膾井贋逸箴莖荐腟篋 + 鐚筝茫榊綣頥荐篋阪¥ - p鶸兩挨U + 絋篏箴綛 - 芋セWiHだ哀HU 5 斎よΑG + 堺筝篁ュ坂札筝 5 腮劫鐚 - 杉~釜iMN┌o + 茯ゅ怨頳取; - q`A@ - 婚浤NQkM慊垣蓋啜o &a.hackers;C - P舎aA刻鶻o祢F荀蛙浬讓困H (訣MA - L巳P描扠n牋eг jq lンI) - iHσ{q\ &a.hackers;C - 出委\ FreeBSD - 魯里皀U HF狐猪鶻o啅l纂竣沼A - Hの筌Χl纂竣沼左垈啀!pC - - pGzo{F bug 葎矛Qn苅ユY猫廡錙A - 出zL &man.send-pr.1; {Α率魯 - 柵兇境 - 墾^釜 售ユC出胡吸具g PR 恨C啅汽悄C - @襾啝 A娃D patch 隻WL 65 KBAи湊慊界b PR い襲紀W patch NiHFC - Yi襲貴Mノ patch 讚讒lX左棔A┷賜慊界b PR - Synopsis 剃豕 [PATCH]C - 刻FAbW patch 鼻A出 ぃn - zL憩巷此y銃sBKWz啅i罅A]鯵o舎圧|р Tab 怒Θ溺罅A - |症P patch Nぃ爛里FCpG patch WL 20KBA - 出σ{寸Yウ竪魯 &man.uuencode.1; 啅i羹sXC - - bgЧ PR ぇ瓠Az|Μ譴@塀T{lンHの謄鶲l腿s弦C - 出Odo喀s弦A]姶陶瓮iHノos弦oH &a.bugfollowup; - 哘^対B苅冀鷂哦謄鶫昆當鮓螫董Cz旨n圧根ONs弦飄豢lン瑳价DいA - 勁p "Re: - kern/3377"C - YOP@維D墾^対よ院A棲袴zLo斎よΑ啅i罅C - - pGzb@q俵 (WL 3 ぱ豆 1 gAoM鷄z唆lンA鞍)ぇ瓩患MSΤΜ貊T{H - 葎魅僣鵑@猫讀]Lk魯 &man.send-pr.1; {ΑA - hiHoH &a.bugs; 喀丼OH整ANHC + 絽醐 + 茵恰綮肴井荅牙弱 &a.hackers; + 罔e逸絨守篋沿タ莇g篋 (句駈 + 篁荀遵絎劫 紊ч 灸散鐚) + 篁ヨ荐 &a.hackers; + 茫 FreeBSD + 篏睡 篁ヤ茹i守級茫紕鐚 + 篁ュ九級茫紕荅括完羈 + + 絋主憘 bug 活篋ゆ篋篆刻 + 茫 &man.send-pr.1; 腮綣篏睡 + 膓臥篁 + 箴篋ゃ茫荅紂絲 PR 罸 + 筝箴茯鐚ら patch 罟莇 65 KB鐚綮肴医 PR 筝贋・筝 patch 絨怨篁ヤ + ュ贋・絅 patch 医紮腆主荅縁i瑳綮肴医 PR + Synopsis 罨篏荐紙 [PATCH] + 絨篋鐚筝 patch 鐚茫 筝荀 + 羯藜茲茖純莢寂鋐画鐚咲罔e Tab 莅腥堺種 + 絨 patch 絨延順篋絋 patch 莇 20KB鐚 + 茫紕膰絎筝篏睡 &man.uuencode.1; 箴画膩腆若 + + 絲絎 PR 箙緇鐚九遺絨腆肴灸散篁ュ篋篁区申莵ょ隈 + 茫篆膩鐚坂緇篁ョ膩寂拭 &a.bugfollowup; + 箴荀箴取俄篁句緇膾莖荀絨膩上育灸散罔蕁筝鐚 + 箴絋 "Re: + kern/3377" + ユ筝馹荀拷鐚荅臥腮劫鋐画 + + 絋筝罧究 (莇 3 紊 1 縁羆堺惹灸散)箙緇篁倶九亥∈茯篆 + 掩寂篋≧篏睡 &man.send-pr.1; 腮綣鐚 + 篁ョ寂拭 &a.bugs; 箴茫ヤ査綛篏篁e - 出委\ ogゅ街 - F狐p鷦脅gn紺歟D釜iC + 膀腴 + 篋茹e篏医絅順馹怨 - 刻鵑絅鶫梱廰q + 絨惹篁句篆荐 - 苅ユゅン + 篋ゆ篁 - ゅン梱廡錣茘院AOパ &a.doc; 喙fdC - 出委\ FreeBSD Documentation Project Primer - 喟魃oЧ障艮仂撚啗`C - 出罫 いざ火困茯k魯 &man.send-pr.1; - 售ユs困絅鵝A葎箕鏥讐{Τ困絅 (八O椶p婚鏘i]Ow鍼此I)C + 篁句篆号拷鐚 &a.doc; 箴絲ャ + 茫 FreeBSD Documentation Project Primer + 箴峨絎雁絖悟完膀 + 茫 筝篁膣合号篏睡 &man.send-pr.1; + 箴篋ゆ亥篁駈劫憝篁 (緇絨拷俄罩∴鐚) - 刻鷁{Τ讒lX梱廡 + 絨主憝紮腆主篆 FreeBSD-CURRENT - b{Τ讒lXWi罩廡鍠亮W[\燹AbY斎{廚WO旨n鵙hмォ恨董A - 奪B匝交z刻鵐惓e FreeBSD 唆}o{F狐{廢鈎C - Τh斎よΑiHo豎Q細@ FreeBSD-CURRENT - FreeBSD }oセC - 出委\ FreeBSD 魯里皀U 枌魁 A咾F狐魯 FreeBSD-CURRENT 左埀 C - - b詑梱讒lXWi罩廡錙Ahq`i爿讒lXwL鼻A - 了Ps昏セt翁びjτLkQs障X FreeBSD いC - pGzΤq &a.announce; Hの &a.current; 左棔A - hiHzLウ岬咾jPF狐ヘe唆}oAC - - Yz牋嘗qH殻s梱讒lX啅i羆z梱廡錙A - hU@Bn圧恨同ヾNO横ネz勠廡鍼 diff 隻A - 単Nウo宜 FreeBSD 査@HCo教u@iHzL &man.diff.1; - RO哥孔─C - - 苅ユ patch 鼻A慊 &man.diff.1; 网 ̄張 unified diff (iHノ diff - -u 啣ネ)CぃLApGz廡錣Fjq梱讒lXA - h魯 diff -c 咼勇┴ context diff - diff i爭鶤e\的A]τ雲陀魯痢C@襴哦ァAj械O営ノ diff -ruN YiC + 憝紮腆寂画篆号紜緒腮腮綺筝荀翫綏х篋鐚 + 筝筝莊絨主 FreeBSD 主憟篋茹g綺 + 紊腮劫篁ュ域←腮延 FreeBSD-CURRENT + FreeBSD 主 + 茫 FreeBSD 篏睡 檎篁 鐚箴篋茹d戎 FreeBSD-CURRENT 荅恰 + + 紮腆寂画篆刻絽後遵紮腆弱群鐚 + 亥綏医お紊ц≧茴井翫 FreeBSD 筝 + 絋荐 &a.announce; 篁ュ &a.current; 荅縁 + 篁ラ絎箴紊ц岩茹g主 + + ユ遵鋌ユ亥紮腆寂画篆刻 + 筝筝罩ヨ篋絨掩∝篆合 diff 罟鐚 + 筝絨絎主畿 FreeBSD 膓茘隙査<綏ヤ篁ラ &man.diff.1; + 巡擦箴絎 + + 篋 patch 鐚綮肴 &man.diff.1; 弱。 unified diff (篁ョ diff + -u 箴∝)筝鐚絋篆剛紊ч紮腆種 + 篏睡 diff -c 箴 context diff + diff 醇翫号沿鐚ィ篏睡筝荐鐚紊ч醇。 diff -ruN diff - 勁pG + 箴絋鐚 &prompt.user; diff -c oldfile newfile - + &prompt.user; diff -c -r olddir newdir - N|刻Swヘ雀A横ネ context diff 隻C + 絨絨劫鐚∝ context diff 罟 - 葎鵡階O... + ... &prompt.user; diff -u oldfile newfile - + &prompt.user; diff -u -r olddir newdir - N横ネ@舎 diff AO网゜ unified C + 絨∝筝罔g diff 鐚篏弱 unified - 鵙h魂啗`魁A出委\ &man.diff.1;C + 翫膣亥篁緒茫 &man.diff.1; - @スz魯 &man.diff.1; 啣ネ diff 隻 (iH魯 - &man.patch.1; RO售胡@U)ANiH苅ユウ漫AHKQ FreeBSD Μ雀C - zL魯 - い劼恐乖 &man.send-pr.1; {ΑNiHЧΘo教u@C - 出`NGぃnuр diff 隻o &a.hackers;A - _hウ魅i犒|Q崇аI и矛|D`PEz苅ユ梱廡 - (oO@啗qup杭I)F ]挨抬務椄A - ]孔凱匹@w牋ミY廛唇歟DA PR 瑚闘wN@繍O吸o念O雀A - ]好unΤHΤF俵.Ν夢N牾QэタFC - pGz紺歟D釜iい]A patch AぃnаFb斜D[W - [PATCH] 啀j春@UC + 筝篏睡 &man.diff.1; 箴∝ diff 罟 (篁ヤ戎 + &man.patch.1; 巡擦箴羝荅筝筝)鐚絨怨篁ユ篋ゅ鐚篁ヤ梢茴 FreeBSD 狗 + 篏睡 + 筝篁膣合 &man.send-pr.1; 腮綣鎞怨篁ュ綏ヤ + 茫羈鐚筝荀Ŭ diff 罟弱 &a.hackers;鐚 + 絎醇茴阪鐚 絽御羶篋ょ篆 + (筝臂綏ヨ鐚)鐚 堺遵綽鐚 + 罩ゆ筝筝絎遵腴割信罩e馹鐚篏 PR 莖綺絨筝岩篋荐鐚 + 罩ゅŰ篋堺篋絎絨沿処←号d + 絋馹怨筝 patch 鐚筝荀綽篋罔蕁筝 + [PATCH] 箴綣決推筝 uuencode - pGz{愛XA (勁pWBR隻廩律鵲鐇髭W)A - 匝iHσ{魯 - tar 啀N隻廛乾]AM瓮 &man.uuencode.1; - 喀sXC好~A]iHノ &man.shar.1; 横ネ困荀 C - - pGz梱廡錺i爨sb主b昏蝶A勁pA - zぃTw枌昏v維DA葎矛P脹旨ngL鹹Y罟佐_f~iHoGウ漫A - h棲襲亀o宜 &a.core;AτぃOzL &man.send-pr.1; 啜oeC - &a.core; op箇Θjhq FreeBSD 困蕷`u@C - 旨n`N根OAo咾p箇]]垢QだΓLA - ]好uΤbD`ゲn混畢圈A~棲gH宜L漫C + 絋茯阪 (箴絋紜罟罅贋号)鐚 + 篁ヨ篏睡 + tar 箴絨罟罅鐚九 &man.uuencode.1; + 箴膩腆若罩ゅ鐚箙篁ョ &man.shar.1; ∝劫 + + 絋篆劫遵羹茘逸箴絋鐚 + 筝腆阪檎罨馹鐚荀咲荀膓翫贋主緇絲篁ョ寂絎鐚 + 贋・主畿 &a.core;鐚筝 &man.send-pr.1; 箴守 + &a.core; 絨靚≦ぇ紊緇篋 FreeBSD ュ幻綏ヤ + 荀羈鐚絨靚箙罩ゅ綽腆鐚 + 罩ゅŬ絽後荀鐚絲篆∞畿篁 - 出委σ &man.intro.9; M &man.style.9; HF狐猪鷦脅g{ΑX梱勲羂商nC - Y爨beX枌{ΑXぇeAF狐o如A┷刻ja啝 ̄NO轡j裟挨UC + 茫 &man.intro.9; &man.style.9; 篁ヤ茹i惹医腮綣霅主蘂弱鎁純 + ヨ遵榊檎腮綣霅寂鐚篋茹i篋鐚e紊у銀茯絨罐球ぇ綛 - s讒lX劉n坤[罰n悼] + 医紮腆惹荀取蕭 - pGzゴ財苅儚W社勾j梱讒lXA葎蓑 FreeBSD W[n嵯s\燹A - hi爛俺訓Nウ務zL uuencode i羹sXA龍濡讙Y Web - FTP 限IAHK鵙h困H牋o譽ΑCpGzSΤo舎坤D穣A - 出讙枌 FreeBSD l纂竣沼苅XA檪檪O_ΤH@N整z餮mウ漫C + 絋膊箴荀閞∴紊х紮腆種 FreeBSD 紜荀医緒 + 遵絨絎 uuencode 画膩腆種喝井 Web + FTP 腴藥鐚篁ヤ梢翫篋肴遵緇医絋羃罔g筝紙鐚 + 茫亥檎 FreeBSD 級茫紕削篋咲鎶丞舟絎 - 刻鵑jq梱讒lXτ┘A猪鶫v紺歟D岌w|Q苅XC - FreeBSD 芋セt歌い牋魯葎昏vn]AG + 絨弱ぇ紮腆取荐鐚主罨馹絎茴冴 + FreeBSD 堺膤紫輝筝遵篏睡罨我鐚 - BSDBSD vn vCи牟髭V鶉魯粒o寵餌v梱讒lXA - ]哀Αyぃ[hl艮ンzA]τ鶩牋lま尉~~魯痢C - FreeBSD 辰は刻尉~そq魯離Κ梱讒lXA曚蓮A - и命n轡a巧y尉~そq魯律抬蜜梱讒lXA - 訣MApGウ稔Y殻苛爭盂,性讒lXAs獣惶 FreeBSD N鵙nFC + BSDBSD 罨我 罨上寂戎蕁罨紮腆種 + 阪筝紊蕕罌篁吟鐚頑遵後罐篌罐篏睡 + FreeBSD 筝筝絨罐夓戎絎紮腆種後鐚 + 腥罐球育球罐夓戎紮腆種 + 句駈絋絎ユ腟醇紮腆種井茣腟 FreeBSD 絨掩翫ソ篋 - GNU General Public LicenseA梁穏 GPLCGPLGNU General Public LicenseGNU General Public License - и岬辰榲w鍜魯粒o舎餌v梱讒lXA - ]旭啖~そq魯離旨n圧鵙h困u@CぃLAパ鵯椄h魯 - GPL 餌v梱讒lXヘeOLk宋K (compiler, assembler, text formatter汽汽) - A攀寒魯立勁咳張粒o舎餌v些n悼O椶桓此C - 営ノ GPL 餌v梱讒lX|Q飄讚讒lX困@年Sw墾豸mA勁p - /sys/gnu - /usr/src/gnuAHK┷濃{ GPL - i犒|yΘ蛎経困H牋@XA訣婚P_C + GNU General Public License鐚膂∞┗ GPLGPLGNU General Public LicenseGNU General Public License + 筝筝緇罩∴篏睡罔f罨紮腆種 + 阪罐夓戎絎荀翫綏ヤ筝鐚掩弱紊篏睡 + GPL 罨紮腆主≧水 (compiler, assembler, text formatter膈膈) + 鐚腟篏睡。罔f罨荵蕭緇筝榊 + 。 GPL 罨紮腆惹茴上医紮腆主筝篋劫篏臀鐚箴絋 + /sys/gnu + /usr/src/gnu鐚篁ヤ梢d茯 GPL + 醇藝紫篋肴遵篏咲句ゆ激 - 魯率筌Ρ妥v梱讒lXbiJ FreeBSD ぇeゲ況gLV佐_fMσ{C - 営ノ]tYF遞紺啖~餌v梱讒lXA@襾啝〃|Q攀粥A - и鵡yo猫讒lX婚@漫AzL曚v査濤D啜oガウ漫C - - Ynbz墾┴GW[J BSD-based v左棔A - 出рUCゅr飄讎C讒lX些牟}l魁だA - 奪両A訣困絋r汗勧 %% ぇ供困絋rC + 篏睡九罨紮腆弱峨 FreeBSD 箙綽膓緇絲 + 。翫イ句罐罨紮腆種筝箴茯茴腟鐚 + 篏藜級篋紮腆主篏鐚綏援膊♂箴弱絎 + + ヨ筝 BSD-based 罨荅縁 + 茫筝絖上井鋌遵紮腆主紮鐚 + 筝句絖炊 %% 箙絖 Copyright (c) %%proper_years_here%% %%your_name_here%%, %%your_state%% %%your_zip%%. @@ -402,29 +402,29 @@ THIS SOFTWARE, EVEN IF ADVISED OF THE PO $Id$ - 阿FよKz恨魯痢Ab + 坂剛梢篏睡鐚 /usr/share/examples/etc/bsd-style-copyright - ]iHт讀恒妥v紺謄察C + 箙篁ユ上井ゆ罨 - 遅U瑚Bw悼 Internet mirror + 茣莖隋蕭 Internet mirror - и湊D`@N欝U斎陸!混獣悄AHi@B櫪i FreeBSD p杭 - A]愛咳z困筰A抗и務o舎左quVO~牋Τ鵑j墾┫NI - 獣惶w悼]D`nA]鯵o舎牋整Uи娘W[iや刊叉w悼斎寵A - τи未お昆椄hH竪SΤ━員左螽啻文mo乃w悼C + 絽檎・腮綵√茣鐚篁ラ俄罩ユ絮 FreeBSD 荐 + 鐚堺鐚罔g臂綏ュ遵翫ぇ絨縁 + 茣隋蕭箙絽檎荀鐚咲罔h遵綛紜吡隋蕭腮蕁鐚 + 筝緇紊篋坂研羃莇喝莖箴莖主舟篋隋蕭 - + - FreeBSD 芋|O@哽D仙Q此BΤ述|租Kv紺鬨|A - ぇ劵H|悒潦o唹鬨|AO阿F統 FreeBSD p杭牋ii[C - ]宛唹鬨|紬 501(c)3 濠悼A@襴哦ギ輯攀弘鬨|左棔AiHK炭郁p┨ΜJ|A - Hの戝工圖h{ΜJ|Cq`刻鵙浬匍|租Kv差蠹藏i罧獣惠左棔A - iHч菫p┨ΜJい棲述|魁だ昏BC + FreeBSD 咲筝茯牙莟罨咲鐚 + 箙篁ユ綮榊咲鐚坂莅 FreeBSD 荐遵桁箙 + 肴峨咲絮 501(c)3 絲蕭鐚筝荐罨丞畿咲荅縁篁ュ膵括九ョ鐚 + 篁ュ腱臂紊綏九ョ絽後惹茯牙莟罨絲蕭画茣荅縁 + 篁ユ笈九ヤ賢茯牙蕁 - ziHрや下H后G + 篁ユ腑絲緇鐚
            The FreeBSD Foundation 7321 Brockway Dr. @@ -433,30 +433,30 @@ THIS SOFTWARE, EVEN IF ADVISED OF THE PO
            - FreeBSD 芋|{biHzL PayPal q柵W欝輯據C - pGzQV芋|輯據A出委\ FreeBSD 芋| 柵検C + FreeBSD 咲憜篁ラ PayPal 緇膓俄・罨障 + 絋喝咲罨常茫 FreeBSD 咲 膓牙 - 猪 FreeBSD 芋|婚鵙h股院AiHb FreeBSD - 芋| -- ざ火 т譟Cnp妓芋|A - 出oeqllン - bod@FreeBSDFoundation.orgC + FreeBSD 咲翫荅恰鐚篁ュ FreeBSD + 咲 -- 篁膣 上違荀腟≦咲鐚 + 茫守糸灸散 + bod@FreeBSDFoundation.org             - 獣惶w悼 - + 茣隋蕭 + - FreeBSD p杭w錺熙鵑H獣悒iH魯葎叉w悼C - pGzΤ審曙獣惶w悼A出p担 獣愾p妓H酔そC + FreeBSD 荐罩∴篁私篋堺茣篁ヤ戎隋蕭 + 絋莇f茣隋蕭鐚茫膵 茣腟>査莨絎 - Θ FreeBSD mirror 査 + FreeBSD mirror 膓牙 - и姪w鏃s FTPBWWW - cvsup mirror 検CpGz同网━鯵o舎 mirror 検A - 出委\ p鵺[] FreeBSD mirror - @ゅAHF狐i@B艮!pC + 罩∴亥 FTPWWW + cvsup mirror 腴絋絽咲罔g mirror 腴鐚 + 茫 絋篏区┃ FreeBSD mirror + 筝鐚篁ヤ茹i俄罩ョ羈             Modified: head/zh_TW.UTF-8/articles/cvs-freebsd/article.xml ============================================================================== --- head/zh_TW.Big5/articles/cvs-freebsd/article.xml Wed May 28 15:17:27 2014 (r44970) +++ head/zh_TW.UTF-8/articles/cvs-freebsd/article.xml Thu May 29 16:48:07 2014 (r44974) @@ -1,4 +1,4 @@ - + @@ -7,7 +7,7 @@
            - 悒 CVS xsw(repository) - 魯 FreeBSD 困荀 + 綮榊 CVS 峨綺(repository) - 篏睡 FreeBSD 劫 StijnHoop @@ -31,513 +31,513 @@ - oゅンyzF魯立M FreeBSD M廳昿P懇ROZ哽悒 CVS xsw恨BJ - CoM斜掲 CVS 悒潛裟xsw杆ぇUΤ\huIA]tF鵙h刻鶚讒lX情 - granular access 臼遏AHの姶C@Ω佐ユ横ネ的差qllンC + 篁醇篁倶颷遺篏睡 FreeBSD 絨罅後巡擦腮推綮榊 CVS 峨綺罩ラ + 罔羣 CVS 綮榊峨綺梧箙筝荐怨藥鐚篋翫絨弱紮腆惹┨ + granular access ァ駈篁ュ堺鋇罨∞篋ょ∝莅糸灸散 - 族ざ + 膂> - jh柴唆}餃讒lXn悼M彝魯 CVS @ - L蜜梱讒lX臼遖t歌C訣 CVS Τo舎裟uIsb - 鼻Aウ]Τ魁嵯絏M並IC笋いГ@梱讀]OM筌L唆}o未凄畢讒lX情 - 員еta症Pt歌剤z佐c酵ASOOpG笋い@H同罠O@魁梱讒lX情K - 鵑@覈墾sC - - FreeBSD O笋い@哦魯 CVS 艮M廖AP匹] - O芋鵐Κ唆}o鵡MG鵐@鼻CL娘脅gF@禰ROZ榔o剤zxsw怒o鵐[ - eC殻餝o禰ROZパ &a.joe; s障zLB鷦亰任董A榔ob筌L艮M廚WA - Ω魯粒o禰ROZ|鵐[eCセゅンNyz魯粒o之s懇ROZ困茯kC + 紊у悟上紮腆取蕭絨罅巡戎 CVS 篏 + 篁紮腆惹ァ句鎧腟宴 CVS 罔g藥絖 + 鐚絎箙篁順球膽咲銀賢箙筝銀取篋紮腆惹┨ + 紊綽医雁鎧腟援∞≦あ鐚劫ユ絋銀賢筝篋阪篆茘潔篁順紮腆惹┨ + 寂絖 + + FreeBSD 銀賢筝篏睡 CVS 絨罅鐚箙 + 堺弱取篏弱筝篁医篋筝篋巡擦腮推戎緇膊∞峨綺莅緇翫 + 絎号菴篋巡擦腮睡 &a.joe; 井雁筝贋羣鐚篏水銀絨罅筝 + 罨>戎篋巡擦腮炊翫絎号篁九颷遺戎篋亥巡擦腮睡号 - 阿F魯擦絅鵑お紺TЕ灰痢AA旨n儒x CVS - 芋セ詐衍@よΑC + 坂篏炊篁銀賢荐鐚篏荀 CVS + 堺篏劫 - 芋セ]w + 堺荐絎 - 殻n困荀゜Ob@咼s裟xswい印羈o濡BJA箪TwAF狐勁蟹昆 - GCP鼻A出TwAΤ殻sBi的左螫導謄I + 絅順劫筝亥峨綺筝決篋罩ラ鐚筝腆阪篏篋茹f緇 + 鐚茫腆阪篏遺莅莖篁緒 - 讒lてxsw + 紮峨綺 - 坤n圧根O悒澆@啖s裟xswA印罎UCROiD - CVS 悒澀棚讒lてG + 薤荀綮榊筝亥峨綺鐚決筝巡擦荐 + CVS 綮榊筝紮鐚 &prompt.user; cvs -d path-to-repository init - oROiD CVS 悒 - CVSROOT 坤愎Ao咼愎弧餮mF勁蟹魂婪A隻C + 巡擦荐 CVS 綮榊 + CVSROOT 鐚茖≧丞舟篋腟罟 - ]wxsw左s箇 + 荐絎峨綺臂ょ - {bи民N悒澆@咯乢蓋喟xsw左s箇A勁蟹唆}o魅俺轡[Jo啗s箇 - Ao舎L未~牋s袴xswCи粍桶]s箇W細OH FreeBSD ずw - ncvsC + 憜絨綮榊筝荅峨峨綺臂ょ鐚取綽ラ臂ょ + 鐚罔d遵絖荅峨峨綺荐臂ょ腮掩篁 FreeBSD у + ncvs &prompt.root; pw groupadd ncvs - 欝箕A旨n魯 &man.chown.8; Nヘ雀勁蟹湊w宜茘莊sW左s箇G + ・篏荀篏睡 &man.chown.8; 絨絎腟医臂ょ鐚 &prompt.root; chown -R :ncvs path-to-your-repository - p垢@哦SΤA訣左s箇\iNSΤ筌LHiHgJ袴xswC + 絋罩や箴羃句臂ょ荐怨絨羃銀篋阪篁ュヨ峨峨綺 - ^讒l隻 + 紮罟罅 - {bA旨nq FreeBSD xswい^ CVSROOT ヘ雀A - q FreeBSD 偉W CVS Mg絹哦^|O殻族恰困茯kC出d\ b handbook い根枌街` - 栓o鵙h瑚TCи粍桶]^裟筆廢s颱b昿Pヘ雀U - CVSROOT-freebsd ヘ雀いC + 憜篏荀緇 FreeBSD 峨綺筝 CVSROOT 鐚 + 緇 FreeBSD 水 CVS 絨腴箴膂≦号茫ラ handbook 筝檎腴膀箴 + 峨翫莖荐荐罟罅絖上後筝 + CVSROOT-freebsd - 銃s FreeBSD 懇ROZ + 茲茖 FreeBSD 巡擦腮 - 欝U哥抬稔n銃s FreeBSD CVSROOT 弧裟筆廨讌A - 裟xswいCpGAOEx CVSAA]\|QA - iH襲偽廚Jo禰ROZA胡肱鶤e墾P菱M鷏s昏セPBFぃLA胴蟐O - CVS bo啌.Τ並IG訣琴J隻廨 - CVSROOT 鼻Aウ辰7|鷏s箇A隻C阿Fn{Xo農筆 - AA匝旨nb琴Jウ湊瓩@@s苅ユAoNアhF - cvs import 沙函C]后A慊蟹困茯kO業銃so禰RO - ZLhC - - YWzずe刻ASΤNqOぃn—]鯵湊瓷叉鴎G械O@舎此C - 坤琴XA CVSROOTAM畚道s茘荐^ FreeBSD - 隻廨譽殺a坤愎い]|ゼ怒以L^G + ・筝箴荀茲茖 FreeBSD CVSROOT 茖∞罟罅遺 + 峨綺筝絋篏絖井 CVS鐚篏箙荐掩割 + 篁ョ贋・ラ篋巡擦腮随荅翫号贋亥罩ワ筝鐚篋絲 + CVS 篁醇膽咲鐚九ユ罅 + CVSROOT 鐚絎筝筝贋亥罟坂荀茯咲篋罟罅 + 鐚篏荀ュ緇筝筝井篋わ絨怨けサ篋 + cvs import 劫若罩わ綮肴亥号茲茖初篋巡擦 + 腮翠サ + + ヤ菴医у劫篏羃靸筝荀—堺緇腟醇筝罔g + 薤坂 CVSROOT鐚九茲茖遵 FreeBSD + 罟罅井亥筝鐚絨莅鐚鐚 &prompt.user; cvs -d path-to-your-repository checkout CVSROOT &prompt.user; cd CVSROOT &prompt.user; cp ../CVSROOT-freebsd/* . &prompt.user; cvs add * - `NGA椒i犒|o譴@q猪鵺Y妊愎SΤQ銃s債祈iAoOタ`此A - A辰旨nノ豎o妊愎C + 羈鐚篏緇醇緇遺罧級惹篋羃茴茲茖順茘鐚罩e幻鐚 + 篏筝筝荀育篋 - ROZ察 + 巡擦腮粋 - {bA困u@ヘ雀いΤFЧ障 FreeBSD M廢bウ蜜裟xswい魯葎懇ROZ - 砂謄察AHUOC喟筆彗桶罟困恐弌C + 憜篏綏ヤ筝篋絎 FreeBSD 絨罅絎峨綺筝篏睡巡擦腮 + 茲鐚篁ヤ罸罟罅膂≦篁膣鴻 - access - 浩筆廢bw]墾w庫いSΤQノ譟C - oO魯陸bFreeBSD 痕S躋]wい - Aノ啀烏鄒xsw墾sCpGAぃ同罔魯粒o啌]w左棗AiHR娃o喟筆廖C + access - 罩ゆ罅荐絎茖筝羃茴違 + 篏睡FreeBSD 号荐絎筝 + 鐚箴ァ九峨綺絖絋篏筝絽篏睡荐絎荅延篁ュら罟罅 - avail - 浩筆弃烏鄒xsw墾sCb浩筆廚 - AiHwす\sxsw左s箇A]iHw刻ヘ雀寮筆廨唏攀幹ユCA棲袴 - 春障愛bA裟xswいN]t左s箇Mヘ雀C + avail - 罩ゆ罅ァ九峨綺絖罩ゆ罅筝 + 篏篁ユ絎荐怨峨綺臂ょ鐚箙篁ラ絨罟罅箴腟篋ゃ篏荅 + 茯炊雁阪篏峨綺筝絨臂ょ - cfg.pm - 浩筆彁?F]wずeA担儿w]些]wC - A袴廡錵浩筆廖Aτ袴N廡鍼些]w飄 - cfg_local.pmC + cfg.pm - 罩ゆ罅茯篋荐絎у刻筝箴荐荐絎 + 篏荅俄信号ゆ罅鐚荅峨篆合荐絎上 + cfg_local.pm - cfg_local.pm - 浩筆廛]t勁蟹恨t歌]w - CA棲袴]w勁界Cb巧些]wA勁p苅ユ唆lンnH讚Bb妊D穣W - 恨魯葎魅iH苅ユ汽汽C鵙h根枌瑚Tby畄|苅譟C + cfg_local.pm - 罩ゆ罅膤紫輝荐絎 + 篏荅画┃絎罩ょ荐絎鐚箴絋篋ょ灸散荀絲医篋筝紙筝 + 篏睡篁ユ篋ょ膈翫檎莖荐腮緇違 - checkoutlist - 浩筆廢CX勁界b - CVS 臼遒U好愎い裟筆廖A娃F斜掲b - cvs init 悒潺X裟筆廖CAiHR娃Y任旨n - FreeBSD S蹣裟筆廖C + checkoutlist - 罩ゆ罅堺 + CVS ァ銀罩ょ筝罟罅鐚や罔羣 + cvs init 綮榊榊罟罅篏篁ュゆ篋筝荀 + FreeBSD 号罟罅 - commit_prep.pl - 工ROZ印网U斎苅ユe裟訪dA - 芋鵲AO_b cfg_local.pm い衛ノCAぃ袴鶲弗浩筆廖C + commit_prep.pl - 罩ゅ巡擦腮水決腮篋ゅ罟∽ワ + 堺寂 cfg_local.pm 筝篏筝荅我翫罩ゆ罅 - commitcheck - 工ROZ|襲擬vT - CVSC坤ウ|魯 - cvs_acls.pl 喟訪d苅ユ蓑O_iHsw梱讒lX情A - M甍 commit_prep.pl 喀T{U斎苅ユe裟訪dC - pG@ちタ`ACVS Nす\孔鹸ユ~挺印罅C - Aぃ袴鶲弗浩筆廖C + commitcheck - 罩ゅ巡擦腮炊贋・綵演 + CVS薤絎篏睡 + cvs_acls.pl 箴罟∽ユ篋よ篁ュ絎紮腆惹┨鐚 + 九決 commit_prep.pl 箴腆肴腮篋ゅ罟∽ャ + 絋筝罩e幻鐚CVS 絨荐掩ゆ≧篋ょ梗膾決 + 篏筝荅我翫罩ゆ罅 - commitinfo - 浩筆廳O - CVS ノ唏wqb苅ユe勠n印罟叉{Α—b - 宏劼がO commitcheckCAぃ袴鶲弗浩筆廖C + commitinfo - 罩ゆ罅 + CVS 箴絎臂篋ゅ荀決腮綣— + 罩や筝 commitcheck篏筝荅我翫罩ゆ罅 - config - xsw些]w随教CAiH廡鍖挨A - Qn此Ajh柴査涓z魅i犒|Odw]函C鵙h猪鵐iHb抗]w鎖鏘 - 瑚TiHd\ CVS もUC + config - 峨綺荐絎檎篏篁ヤ信合坂 + 活鐚篏紊у悟膊∞醇篆荐若翫弱篁ュ罩よ┃絎檎 + 莖荐篁ユラ CVS *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Thu May 29 16:49:31 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E1DE817A; Thu, 29 May 2014 16:49:31 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B680E2DAA; Thu, 29 May 2014 16:49:31 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4TGnVhn098618; Thu, 29 May 2014 16:49:31 GMT (envelope-from lwhsu@svn.freebsd.org) Received: (from lwhsu@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4TGnVgD098617; Thu, 29 May 2014 16:49:31 GMT (envelope-from lwhsu@svn.freebsd.org) Message-Id: <201405291649.s4TGnVgD098617@svn.freebsd.org> From: Li-Wen Hsu Date: Thu, 29 May 2014 16:49:31 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-svnadmin@freebsd.org Subject: svn commit: r44975 - svnadmin/conf X-SVN-Group: doc-svnadmin MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 May 2014 16:49:32 -0000 Author: lwhsu (ports committer) Date: Thu May 29 16:49:31 2014 New Revision: 44975 URL: http://svnweb.freebsd.org/changeset/doc/44975 Log: Drop my size limit. Approved by: doceng (gjb) Modified: svnadmin/conf/sizelimit.conf Modified: svnadmin/conf/sizelimit.conf ============================================================================== --- svnadmin/conf/sizelimit.conf Thu May 29 16:48:07 2014 (r44974) +++ svnadmin/conf/sizelimit.conf Thu May 29 16:49:31 2014 (r44975) @@ -18,4 +18,3 @@ blackend gabor gjb hrs -lwhsu From owner-svn-doc-all@FreeBSD.ORG Fri May 30 00:19:39 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 29E41BF4; Fri, 30 May 2014 00:19:39 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 16E412764; Fri, 30 May 2014 00:19:39 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4U0Jcub006267; Fri, 30 May 2014 00:19:38 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4U0JcYl006266; Fri, 30 May 2014 00:19:38 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201405300019.s4U0JcYl006266@svn.freebsd.org> From: Glen Barber Date: Fri, 30 May 2014 00:19:38 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44976 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 May 2014 00:19:39 -0000 Author: gjb Date: Fri May 30 00:19:38 2014 New Revision: 44976 URL: http://svnweb.freebsd.org/changeset/doc/44976 Log: Update the 9.3-RELEASE schedule page to reflect 9.3-BETA1 builds have begun. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Thu May 29 16:49:31 2014 (r44975) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Fri May 30 00:19:38 2014 (r44976) @@ -81,7 +81,7 @@
            - + From owner-svn-doc-all@FreeBSD.ORG Fri May 30 16:13:32 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E247BD9A; Fri, 30 May 2014 16:13:32 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CF78E262F; Fri, 30 May 2014 16:13:32 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4UGDWtf041579; Fri, 30 May 2014 16:13:32 GMT (envelope-from jmg@svn.freebsd.org) Received: (from jmg@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4UGDWLj041578; Fri, 30 May 2014 16:13:32 GMT (envelope-from jmg@svn.freebsd.org) Message-Id: <201405301613.s4UGDWLj041578@svn.freebsd.org> From: John-Mark Gurney Date: Fri, 30 May 2014 16:13:32 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44977 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 May 2014 16:13:33 -0000 Author: jmg (src committer) Date: Fri May 30 16:13:32 2014 New Revision: 44977 URL: http://svnweb.freebsd.org/changeset/doc/44977 Log: update my key w/ additional signatures from BSDcan 2014.. Modified: head/share/pgpkeys/jmg.key Modified: head/share/pgpkeys/jmg.key ============================================================================== --- head/share/pgpkeys/jmg.key Fri May 30 00:19:38 2014 (r44976) +++ head/share/pgpkeys/jmg.key Fri May 30 16:13:32 2014 (r44977) @@ -1,13 +1,14 @@ -uid John-Mark Gurney -sub 4096g/0A4C095E 2011-03-03 [expires: 2016-03-01] +uid John-Mark Gurney +uid John-Mark Gurney +sub 4096g/6D93E13E0A4C095E 2011-03-03 [expires: 2016-03-01] + ]]> From owner-svn-doc-all@FreeBSD.ORG Fri May 30 19:41:29 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2BEF1276; Fri, 30 May 2014 19:41:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 195AE294D; Fri, 30 May 2014 19:41:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4UJfSCn038923; Fri, 30 May 2014 19:41:28 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4UJfSXD038922; Fri, 30 May 2014 19:41:28 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201405301941.s4UJfSXD038922@svn.freebsd.org> From: Benedict Reuschling Date: Fri, 30 May 2014 19:41:28 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44978 - head/de_DE.ISO8859-1/htdocs/projects X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 May 2014 19:41:29 -0000 Author: bcr Date: Fri May 30 19:41:28 2014 New Revision: 44978 URL: http://svnweb.freebsd.org/changeset/doc/44978 Log: The link to the article about determining the version does not work, as this article has not been translated yet. Fix this by linking to the en_US version of the article instead for now. Submitted by: Barnerd (on IRC #bsddocs) Modified: head/de_DE.ISO8859-1/htdocs/projects/newbies.xml Modified: head/de_DE.ISO8859-1/htdocs/projects/newbies.xml ============================================================================== --- head/de_DE.ISO8859-1/htdocs/projects/newbies.xml Fri May 30 16:13:32 2014 (r44977) +++ head/de_DE.ISO8859-1/htdocs/projects/newbies.xml Fri May 30 19:41:28 2014 (r44978) @@ -62,7 +62,7 @@

          • Wenn Sie &os; noch nicht installiert haben, weil nicht wissen, welche Version Sie installieren sollen, sollten Sie zuerst den Artikel Die fr + href="&url.articles;/version-guide/index.html">Die fr Sie passende &os;-Version bestimmen lesen. In der Regel wird die aktuelle Produktiv-Version fr Sie am Besten geeignet sein From owner-svn-doc-all@FreeBSD.ORG Sat May 31 05:11:51 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 56EBC816; Sat, 31 May 2014 05:11:51 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4348B2461; Sat, 31 May 2014 05:11:51 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4V5Bpb0098267; Sat, 31 May 2014 05:11:51 GMT (envelope-from pkelsey@svn.freebsd.org) Received: (from pkelsey@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4V5BoLV098260; Sat, 31 May 2014 05:11:50 GMT (envelope-from pkelsey@svn.freebsd.org) Message-Id: <201405310511.s4V5BoLV098260@svn.freebsd.org> From: Patrick Kelsey Date: Sat, 31 May 2014 05:11:50 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44979 - in head: en_US.ISO8859-1/articles/contributors share/pgpkeys share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 May 2014 05:11:51 -0000 Author: pkelsey (src committer) Date: Sat May 31 05:11:49 2014 New Revision: 44979 URL: http://svnweb.freebsd.org/changeset/doc/44979 Log: Added: - myself as a committer - my public PGP key - my author entity - news entry Approved by: jmallett (mentor) Added: head/share/pgpkeys/pkelsey.key (contents, props changed) Modified: head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml head/share/pgpkeys/pgpkeys-developers.xml head/share/pgpkeys/pgpkeys.ent head/share/xml/authors.ent head/share/xml/news.xml Modified: head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Fri May 30 19:41:28 2014 (r44978) +++ head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Sat May 31 05:11:49 2014 (r44979) @@ -595,6 +595,10 @@ + &a.pkelsey.email; + + + &a.keramida.email; Modified: head/share/pgpkeys/pgpkeys-developers.xml ============================================================================== --- head/share/pgpkeys/pgpkeys-developers.xml Fri May 30 19:41:28 2014 (r44978) +++ head/share/pgpkeys/pgpkeys-developers.xml Sat May 31 05:11:49 2014 (r44979) @@ -886,6 +886,11 @@ &pgpkey.vkashyap; + + &a.pkelsey.email; + &pgpkey.pkelsey; + + &a.kris.email; &pgpkey.kris; Modified: head/share/pgpkeys/pgpkeys.ent ============================================================================== --- head/share/pgpkeys/pgpkeys.ent Fri May 30 19:41:28 2014 (r44978) +++ head/share/pgpkeys/pgpkeys.ent Sat May 31 05:11:49 2014 (r44979) @@ -334,6 +334,7 @@ + Added: head/share/pgpkeys/pkelsey.key ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/pgpkeys/pkelsey.key Sat May 31 05:11:49 2014 (r44979) @@ -0,0 +1,51 @@ + + + +uid Patrick J Kelsey +sub 2048R/CB7433052A5B26E5 2014-05-30 [expires: 2017-05-29] + +]]> + Modified: head/share/xml/authors.ent ============================================================================== --- head/share/xml/authors.ent Fri May 30 19:41:28 2014 (r44978) +++ head/share/xml/authors.ent Sat May 31 05:11:49 2014 (r44979) @@ -1671,6 +1671,9 @@ pjd@FreeBSD.org"> + +pkelsey@FreeBSD.org"> + plosher@FreeBSD.org"> Modified: head/share/xml/news.xml ============================================================================== --- head/share/xml/news.xml Fri May 30 19:41:28 2014 (r44978) +++ head/share/xml/news.xml Sat May 31 05:11:49 2014 (r44979) @@ -35,6 +35,16 @@ 5 + 29 + + +

            New committer: + Patrick Kelsey + (src)

            + + + + 17 From owner-svn-doc-all@FreeBSD.ORG Sat May 31 06:31:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4D45DCD9; Sat, 31 May 2014 06:31:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3ABC62B5F; Sat, 31 May 2014 06:31:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4V6VuiQ034623; Sat, 31 May 2014 06:31:56 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4V6Vunh034622; Sat, 31 May 2014 06:31:56 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201405310631.s4V6Vunh034622@svn.freebsd.org> From: Eitan Adler Date: Sat, 31 May 2014 06:31:56 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44980 - head/en_US.ISO8859-1/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 May 2014 06:31:56 -0000 Author: eadler Date: Sat May 31 06:31:55 2014 New Revision: 44980 URL: http://svnweb.freebsd.org/changeset/doc/44980 Log: Make it less likely that someone will find their way to the bug form. Modified: head/en_US.ISO8859-1/htdocs/send-pr.xml Modified: head/en_US.ISO8859-1/htdocs/send-pr.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/send-pr.xml Sat May 31 05:11:49 2014 (r44979) +++ head/en_US.ISO8859-1/htdocs/send-pr.xml Sat May 31 06:31:55 2014 (r44980) @@ -15,8 +15,11 @@ +

            Migration in progress

            +

            Our bug tracking system is currently down for maintaince.

            + From owner-svn-doc-all@FreeBSD.ORG Sat May 31 08:45:15 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6130DF39; Sat, 31 May 2014 08:45:15 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4F58E24DE; Sat, 31 May 2014 08:45:15 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4V8jFLM092953; Sat, 31 May 2014 08:45:15 GMT (envelope-from rene@svn.freebsd.org) Received: (from rene@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4V8jFFH092952; Sat, 31 May 2014 08:45:15 GMT (envelope-from rene@svn.freebsd.org) Message-Id: <201405310845.s4V8jFFH092952@svn.freebsd.org> From: Rene Ladan Date: Sat, 31 May 2014 08:45:15 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44981 - head/nl_NL.ISO8859-1/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 May 2014 08:45:15 -0000 Author: rene Date: Sat May 31 08:45:14 2014 New Revision: 44981 URL: http://svnweb.freebsd.org/changeset/doc/44981 Log: nl/htdocs/send-pr.xml: MFen r44980 (disable the GNATS form) Modified: head/nl_NL.ISO8859-1/htdocs/send-pr.xml Modified: head/nl_NL.ISO8859-1/htdocs/send-pr.xml ============================================================================== --- head/nl_NL.ISO8859-1/htdocs/send-pr.xml Sat May 31 06:31:55 2014 (r44980) +++ head/nl_NL.ISO8859-1/htdocs/send-pr.xml Sat May 31 08:45:14 2014 (r44981) @@ -8,7 +8,7 @@ ]> @@ -18,9 +18,12 @@ +

            Migratie in uitvoering

            +

            Ons foutrapportagesysteem is momenteel niet beschikbaar wegens + onderhoud.

            - + From owner-svn-doc-all@FreeBSD.ORG Sat May 31 15:39:11 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 07E4C120; Sat, 31 May 2014 15:39:11 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E9315228C; Sat, 31 May 2014 15:39:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4VFdArs077454; Sat, 31 May 2014 15:39:10 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4VFdAtf077453; Sat, 31 May 2014 15:39:10 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201405311539.s4VFdAtf077453@svn.freebsd.org> From: Warren Block Date: Sat, 31 May 2014 15:39:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44982 - head/en_US.ISO8859-1/articles/committers-guide X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 May 2014 15:39:11 -0000 Author: wblock Date: Sat May 31 15:39:10 2014 New Revision: 44982 URL: http://svnweb.freebsd.org/changeset/doc/44982 Log: Clarify changes to be made by new committers to committers-*.dot files. Minor markup and clarity changes for immediate area added to submitted patch. Submitted by: pkelsey Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/committers-guide/article.xml Sat May 31 08:45:14 2014 (r44981) +++ head/en_US.ISO8859-1/articles/committers-guide/article.xml Sat May 31 15:39:10 2014 (r44982) @@ -2267,10 +2267,13 @@ ControlPersist yes - Add an entry for yourself to + Add an entry for yourself to the current committers + section of src/share/misc/committers-repository.dot, - where repository is either doc, ports or src, depending on - the commit privileges you obtained. + where repository is doc, ports, or src, depending on + the commit privileges granted. Also add an entry for + each of your mentor/mentee relationships in the + bottom section. From owner-svn-doc-all@FreeBSD.ORG Sat May 31 18:26:09 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0D8534BA; Sat, 31 May 2014 18:26:09 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E2AA32052; Sat, 31 May 2014 18:26:08 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4VIQ8BG053941; Sat, 31 May 2014 18:26:08 GMT (envelope-from peter@svn.freebsd.org) Received: (from peter@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4VIQ8Ss053940; Sat, 31 May 2014 18:26:08 GMT (envelope-from peter@svn.freebsd.org) Message-Id: <201405311826.s4VIQ8Ss053940@svn.freebsd.org> From: Peter Wemm Date: Sat, 31 May 2014 18:26:08 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44983 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 May 2014 18:26:09 -0000 Author: peter (src committer) Date: Sat May 31 18:26:08 2014 New Revision: 44983 URL: http://svnweb.freebsd.org/changeset/doc/44983 Log: Update pgp key. Modified: head/share/pgpkeys/peter.key Modified: head/share/pgpkeys/peter.key ============================================================================== --- head/share/pgpkeys/peter.key Sat May 31 15:39:10 2014 (r44982) +++ head/share/pgpkeys/peter.key Sat May 31 18:26:08 2014 (r44983) @@ -1,8 +1,14 @@ +uid Peter Wemm +sub 1024g/2C5F53778B40D9D1 2003-12-14 + pub 2048R/35D69709EC809E04 2014-05-08 [expires: 2024-05-05] Key fingerprint = 060A C0D1 5AFF BDF3 55B8 FA14 35D6 9709 EC80 9E04 uid Peter Wemm @@ -13,55 +19,257 @@ sub 2048R/B5D591B339B03C75 2014-05-08 From owner-svn-doc-all@FreeBSD.ORG Sat May 31 18:27:37 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A126161D; Sat, 31 May 2014 18:27:37 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8EE562072; Sat, 31 May 2014 18:27:37 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4VIRbF5054224; Sat, 31 May 2014 18:27:37 GMT (envelope-from pluknet@svn.freebsd.org) Received: (from pluknet@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4VIRbY5054223; Sat, 31 May 2014 18:27:37 GMT (envelope-from pluknet@svn.freebsd.org) Message-Id: <201405311827.s4VIRbY5054223@svn.freebsd.org> From: Sergey Kandaurov Date: Sat, 31 May 2014 18:27:37 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44984 - head/en_US.ISO8859-1/books/handbook/config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 May 2014 18:27:37 -0000 Author: pluknet Date: Sat May 31 18:27:37 2014 New Revision: 44984 URL: http://svnweb.freebsd.org/changeset/doc/44984 Log: Fixed fallout from r44345. PR: docs/190429 Submitted by: Evgeny Roubinchtein zhenya1007 gmail.com Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/config/chapter.xml Sat May 31 18:26:08 2014 (r44983) +++ head/en_US.ISO8859-1/books/handbook/config/chapter.xml Sat May 31 18:27:37 2014 (r44984) @@ -1408,7 +1408,7 @@ cron.* and signals programs when log files are moved. The log files may be generated by syslogd or by any other program which generates log files. While - syslogd is normally run from + newsyslog is normally run from &man.cron.8;, it is not a system daemon. In the default configuration, it runs every hour. From owner-svn-doc-all@FreeBSD.ORG Sat May 31 19:47:01 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BB85874E; Sat, 31 May 2014 19:47:01 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A95D02701; Sat, 31 May 2014 19:47:01 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4VJl19s090205; Sat, 31 May 2014 19:47:01 GMT (envelope-from peter@svn.freebsd.org) Received: (from peter@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4VJl1mG090204; Sat, 31 May 2014 19:47:01 GMT (envelope-from peter@svn.freebsd.org) Message-Id: <201405311947.s4VJl1mG090204@svn.freebsd.org> From: Peter Wemm Date: Sat, 31 May 2014 19:47:01 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44985 - head/en_US.ISO8859-1/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 May 2014 19:47:01 -0000 Author: peter (src committer) Date: Sat May 31 19:47:01 2014 New Revision: 44985 URL: http://svnweb.freebsd.org/changeset/doc/44985 Log: Don't hide the contents of the send-pr form. It does work although the results will be processed later. Leave the warning to try and set expectations accordingly. Modified: head/en_US.ISO8859-1/htdocs/send-pr.xml Modified: head/en_US.ISO8859-1/htdocs/send-pr.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/send-pr.xml Sat May 31 18:27:37 2014 (r44984) +++ head/en_US.ISO8859-1/htdocs/send-pr.xml Sat May 31 19:47:01 2014 (r44985) @@ -16,10 +16,11 @@

            Migration in progress

            -

            Our bug tracking system is currently down for maintaince.

            +

            Our bug tracking system is OFFLINE.

            +

            Bug reports can be sent but will be queued for later processing. + You will NOT get an immediate response.

            - From owner-svn-doc-all@FreeBSD.ORG Sat May 31 20:07:58 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5DC99CE5; Sat, 31 May 2014 20:07:58 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BD9B28CE; Sat, 31 May 2014 20:07:58 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4VK7w3m099557; Sat, 31 May 2014 20:07:58 GMT (envelope-from peter@svn.freebsd.org) Received: (from peter@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4VK7wFj099556; Sat, 31 May 2014 20:07:58 GMT (envelope-from peter@svn.freebsd.org) Message-Id: <201405312007.s4VK7wFj099556@svn.freebsd.org> From: Peter Wemm Date: Sat, 31 May 2014 20:07:58 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44986 - head/en_US.ISO8859-1/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 May 2014 20:07:58 -0000 Author: peter (src committer) Date: Sat May 31 20:07:57 2014 New Revision: 44986 URL: http://svnweb.freebsd.org/changeset/doc/44986 Log: Make the delay warning a bit louder. Modified: head/en_US.ISO8859-1/htdocs/send-pr.xml Modified: head/en_US.ISO8859-1/htdocs/send-pr.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/send-pr.xml Sat May 31 19:47:01 2014 (r44985) +++ head/en_US.ISO8859-1/htdocs/send-pr.xml Sat May 31 20:07:57 2014 (r44986) @@ -16,9 +16,9 @@

            Migration in progress

            -

            Our bug tracking system is OFFLINE.

            -

            Bug reports can be sent but will be queued for later processing. - You will NOT get an immediate response.

            +

            Our bug tracking system is OFFLINE.

            +

            Bug reports can be sent but will be queued for later processing.

            +

            You will NOT get an immediate response.

            From owner-svn-doc-all@FreeBSD.ORG Sun Jun 1 01:04:59 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8CDB1CDE; Sun, 1 Jun 2014 01:04:59 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6B9902DD0; Sun, 1 Jun 2014 01:04:59 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5114xDV033542; Sun, 1 Jun 2014 01:04:59 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5114x2s033541; Sun, 1 Jun 2014 01:04:59 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406010104.s5114x2s033541@svn.freebsd.org> From: Warren Block Date: Sun, 1 Jun 2014 01:04:59 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44987 - head/en_US.ISO8859-1/articles/committers-guide X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Jun 2014 01:04:59 -0000 Author: wblock Date: Sun Jun 1 01:04:58 2014 New Revision: 44987 URL: http://svnweb.freebsd.org/changeset/doc/44987 Log: Fix numerous things in the Conventions and Traditions section. Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/committers-guide/article.xml Sat May 31 20:07:57 2014 (r44986) +++ head/en_US.ISO8859-1/articles/committers-guide/article.xml Sun Jun 1 01:04:58 2014 (r44987) @@ -2169,16 +2169,16 @@ ControlPersist yes Conventions and Traditions - As a new developer there are a number of things you should - do first. The first set is specific to committers only. (If + There are a number of things to do as a new developer. + The first set is specific to committers only. (If you are not a committer, e.g., have GNATS-only access, then your - mentor needs to do these things for you.) + mentor must do these things.) Guidelines for Committers - The .ent, .xml, + The .ent and .xml files listed below exist in the &os; Documentation Project SVN repository at svn.FreeBSD.org/doc/. @@ -2240,9 +2240,9 @@ ControlPersist yes             - You should add your PGP or GnuPG key to - head/share/pgpkeys (and if you do not - have a key, you should create one). Do not forget to + Add your PGP or GnuPG key to + head/share/pgpkeys. See + if you do not yet have a key. Do not forget to commit the updated head/share/pgpkeys/pgpkeys.ent and head/share/pgpkeys/pgpkeys-developers.xml. @@ -2256,8 +2256,8 @@ ControlPersist yes It is important to have an up-to-date PGP/GnuPG key - in the Handbook, since the key may be required for - positive identification of a committer, e.g., by the + in the repository. The key may be required for + positive identification of a committer, for example, by the &a.admins; for account recovery. A complete keyring of FreeBSD.org users is @@ -2269,7 +2269,7 @@ ControlPersist yes Add an entry for yourself to the current committers section of - src/share/misc/committers-repository.dot, + head/share/misc/committers-repository.dot, where repository is doc, ports, or src, depending on the commit privileges granted. Also add an entry for each of your mentor/mentee relationships in the From owner-svn-doc-all@FreeBSD.ORG Sun Jun 1 01:52:30 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B4D5A4AF; Sun, 1 Jun 2014 01:52:30 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 931B6212E; Sun, 1 Jun 2014 01:52:30 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s511qUli054900; Sun, 1 Jun 2014 01:52:30 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s511qUin054899; Sun, 1 Jun 2014 01:52:30 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406010152.s511qUin054899@svn.freebsd.org> From: Warren Block Date: Sun, 1 Jun 2014 01:52:30 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44988 - head/en_US.ISO8859-1/books/fdp-primer/docbook-markup X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Jun 2014 01:52:30 -0000 Author: wblock Date: Sun Jun 1 01:52:30 2014 New Revision: 44988 URL: http://svnweb.freebsd.org/changeset/doc/44988 Log: Add a variablelist example to the Lists and Procedures section, and give it and the entry separate examples. Modified: head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Sun Jun 1 01:04:58 2014 (r44987) +++ head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Sun Jun 1 01:52:30 2014 (r44988) @@ -829,11 +829,11 @@ accomplish a particular goal. To do this, use itemizedlist, - orderedlist, or + orderedlist, variablelist, or procedureThere are other types of list element in DocBook, but we are not concerned with those at the - moment. + moment.. itemizedlist and orderedlist are similar to their @@ -845,16 +845,9 @@ analogous to HTML's li tags. However, unlike HTML, they are required. - procedure is slightly different. It - consists of steps, which may in turn - consists of more steps or - substeps. Each step - contains block elements. - - <tag>itemizedlist</tag>, - <tag>orderedlist</tag>, and - <tag>procedure</tag> + <tag>itemizedlist</tag> and + <tag>orderedlist</tag> Usage: @@ -876,21 +869,7 @@ listitem paraThis is the second ordered item.para listitem -orderedlist - -procedure - step - paraDo this.para - step - - step - paraThen do this.para - step - - step - paraAnd now do this.para - step -procedure +orderedlist Appearance: @@ -913,6 +892,97 @@ This is the second ordered item. + + + An alternate and often + useful way of presenting information is the + variablelist. These are lists where each entry has + a term and a description. They are well suited for many types + of descriptions, and present information in a form that is + often easier for the reader than sections and + subsections. + + A variablelist has a title, and then + pairs of term and listitem + entries. + + + <tag>variablelist</tag> + + Usage: + + variablelist + varlistentry + termParallelvarlistentry + + listitem + paraIn parallel communications, groups of bits arrive + at the same time over multiple communications + channels.para + listitem + varlistentry + + varlistentry + termSerialvarlistentry + + listitem + paraIn serial communications, bits arrive one at a + time over a single communications + channel.para + listitem + varlistentry +variablelist + + Appearance: + + + + Parallel + + + In parallel communications, groups of bits arrive + at the same time over multiple communications + channels. + + + + + Serial + + + In serial communications, bits arrive one at a + time over a single communications channel. + + + + + + A procedure shows a series of + steps, which may in turn + consist of more steps or + substeps. Each step + contains block elements. + + + <tag>procedure</tag> + + Usage: + + procedure + step + paraDo this.para + step + + step + paraThen do this.para + step + + step + paraAnd now do this.para + step +procedure + + Appearance: From owner-svn-doc-all@FreeBSD.ORG Sun Jun 1 01:56:54 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3212A55A; Sun, 1 Jun 2014 01:56:54 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1D7292141; Sun, 1 Jun 2014 01:56:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s511urHu055476; Sun, 1 Jun 2014 01:56:53 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s511urLc055475; Sun, 1 Jun 2014 01:56:53 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406010156.s511urLc055475@svn.freebsd.org> From: Warren Block Date: Sun, 1 Jun 2014 01:56:53 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44989 - head/en_US.ISO8859-1/books/fdp-primer/docbook-markup X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Jun 2014 01:56:54 -0000 Author: wblock Date: Sun Jun 1 01:56:53 2014 New Revision: 44989 URL: http://svnweb.freebsd.org/changeset/doc/44989 Log: Correct example. Modified: head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Sun Jun 1 01:52:30 2014 (r44988) +++ head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Sun Jun 1 01:56:53 2014 (r44989) @@ -913,7 +913,7 @@ variablelist varlistentry - termParallelvarlistentry + termParallelterm listitem paraIn parallel communications, groups of bits arrive @@ -923,7 +923,7 @@ varlistentry varlistentry - termSerialvarlistentry + termSerialterm listitem paraIn serial communications, bits arrive one at a From owner-svn-doc-all@FreeBSD.ORG Sun Jun 1 02:04:19 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BEC56821; Sun, 1 Jun 2014 02:04:19 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8FB6C21EB; Sun, 1 Jun 2014 02:04:19 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5124Jck059824; Sun, 1 Jun 2014 02:04:19 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5124JfJ059823; Sun, 1 Jun 2014 02:04:19 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406010204.s5124JfJ059823@svn.freebsd.org> From: Warren Block Date: Sun, 1 Jun 2014 02:04:19 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44990 - head/en_US.ISO8859-1/books/fdp-primer/docbook-markup X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Jun 2014 02:04:19 -0000 Author: wblock Date: Sun Jun 1 02:04:19 2014 New Revision: 44990 URL: http://svnweb.freebsd.org/changeset/doc/44990 Log: Whitespace fixes only, translators please ignore. Modified: head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Sun Jun 1 01:56:53 2014 (r44989) +++ head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Sun Jun 1 02:04:19 2014 (r44990) @@ -1707,8 +1707,8 @@ This is the file called 'foo2' - Hosts, Domains, IP Addresses, User Names, Group Names, and Other - System Items + Hosts, Domains, IP Addresses, User Names, Group Names, + and Other System Items &os; Extension @@ -1790,7 +1790,7 @@ This is the file called 'foo2' The text is a username, like - root. + root. @@ -1799,7 +1799,7 @@ This is the file called 'foo2' The text is a groupname, like - wheel. + wheel. @@ -2152,7 +2152,8 @@ This is the file called 'foo2' - EPS (Encapsulated Postscript) + EPS (Encapsulated + Postscript) Images that are primarily vector based, such as @@ -2163,11 +2164,12 @@ This is the file called 'foo2' - PNG (Portable Network Graphic) + PNG (Portable Network + Graphic) - For bitmaps, such as screen captures, use this format. - These images have the .png + For bitmaps, such as screen captures, use this + format. These images have the .png extension. From owner-svn-doc-all@FreeBSD.ORG Sun Jun 1 12:52:18 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 771BD100; Sun, 1 Jun 2014 12:52:18 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 64E7D2A55; Sun, 1 Jun 2014 12:52:18 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s51CqIkg051895; Sun, 1 Jun 2014 12:52:18 GMT (envelope-from rene@svn.freebsd.org) Received: (from rene@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s51CqIkC051894; Sun, 1 Jun 2014 12:52:18 GMT (envelope-from rene@svn.freebsd.org) Message-Id: <201406011252.s51CqIkC051894@svn.freebsd.org> From: Rene Ladan Date: Sun, 1 Jun 2014 12:52:18 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44991 - head/nl_NL.ISO8859-1/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Jun 2014 12:52:18 -0000 Author: rene Date: Sun Jun 1 12:52:17 2014 New Revision: 44991 URL: http://svnweb.freebsd.org/changeset/doc/44991 Log: nl/htdocs/send-pr.xml: MFen r44980 -> r44986 Modified: head/nl_NL.ISO8859-1/htdocs/send-pr.xml Modified: head/nl_NL.ISO8859-1/htdocs/send-pr.xml ============================================================================== --- head/nl_NL.ISO8859-1/htdocs/send-pr.xml Sun Jun 1 02:04:19 2014 (r44990) +++ head/nl_NL.ISO8859-1/htdocs/send-pr.xml Sun Jun 1 12:52:17 2014 (r44991) @@ -8,7 +8,7 @@ ]> @@ -20,10 +20,16 @@

            Migratie in uitvoering

            -

            Ons foutrapportagesysteem is momenteel niet beschikbaar wegens - onderhoud.

            +

            Ons foutrapportagesysteem is momenteel niet beschikbaar wegens + onderhoud.

            + +

            Foutrapporten kunnen worden verstuurd maar worden in een wachtrij + gezet.

            + +

            U krijgt GEEN onmiddelijk antwoord.

            + - From owner-svn-doc-all@FreeBSD.ORG Mon Jun 2 00:27:16 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DC6F561E; Mon, 2 Jun 2014 00:27:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B13ED224F; Mon, 2 Jun 2014 00:27:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s520RG8b068436; Mon, 2 Jun 2014 00:27:16 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s520RGk4068435; Mon, 2 Jun 2014 00:27:16 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201406020027.s520RGk4068435@svn.freebsd.org> From: Eitan Adler Date: Mon, 2 Jun 2014 00:27:16 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44992 - head X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2014 00:27:17 -0000 Author: eadler Date: Mon Jun 2 00:27:16 2014 New Revision: 44992 URL: http://svnweb.freebsd.org/changeset/doc/44992 Log: Add arclint for xml files Added: head/.arclint (contents, props changed) Added: head/.arclint ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/.arclint Mon Jun 2 00:27:16 2014 (r44992) @@ -0,0 +1,8 @@ +{ + "linters": { + "everything": { + "type": "xml", + "include": "(\\.xml$)" + } + } +} From owner-svn-doc-all@FreeBSD.ORG Mon Jun 2 07:19:04 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DC9561DF; Mon, 2 Jun 2014 07:19:04 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C9AF62233; Mon, 2 Jun 2014 07:19:04 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s527J4We052797; Mon, 2 Jun 2014 07:19:04 GMT (envelope-from peter@svn.freebsd.org) Received: (from peter@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s527J4MS052796; Mon, 2 Jun 2014 07:19:04 GMT (envelope-from peter@svn.freebsd.org) Message-Id: <201406020719.s527J4MS052796@svn.freebsd.org> From: Peter Wemm Date: Mon, 2 Jun 2014 07:19:04 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-svnadmin@freebsd.org Subject: svn commit: r44993 - svnadmin/hooks/scripts X-SVN-Group: doc-svnadmin MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2014 07:19:04 -0000 Author: peter (src committer) Date: Mon Jun 2 07:19:04 2014 New Revision: 44993 URL: http://svnweb.freebsd.org/changeset/doc/44993 Log: Add post-commit -> bugzilla notifier Approved by: doceng (not really, but this is time sensitive) Added: svnadmin/hooks/scripts/notify_bz.sh (contents, props changed) Added: svnadmin/hooks/scripts/notify_bz.sh ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ svnadmin/hooks/scripts/notify_bz.sh Mon Jun 2 07:19:04 2014 (r44993) @@ -0,0 +1,41 @@ +#! /bin/sh +# $FreeBSD$ + +# A trivial stop-gap script to send a cross-reference for commits to bugzilla. + +TZ=UTC +export TZ + +REPO="$1" +REV="$2" + +if [ -z "$REV" -o -z "$REPO" -o ! -d "$REPO" ]; then + echo "Bad args: repo rev" 1>&2 + exit 1 +fi + +PR="$(svnlook info "$REPO" -r "$REV" | sed -nE -e 's/^[ ]*[pP][rR]:[ ]*[a-zA-Z]+\/([0-9]+)/\1/p' -e 's/^[ ]*[pP][rR]:[ ]*([0-9]+)/\1/p')" + +if [ -z "$PR" ]; then + exit 0 +fi +WHO="$(svnlook author "$REPO" -r "$REV")" + +( +echo "From: commit-hook@freebsd.org" +echo "To: notify-bz@freebsd.org" +echo "Subject: [Bug $PR]" +echo "" +echo "A commit references this bug:" +echo "" +echo "Author: $WHO" +echo "Date: $(date)" +echo "New revision: $REV" +echo "URL: http://svnweb.freebsd.org/changeset/doc/$REV" +echo "" +echo "Log:" +svnlook log "$REPO" -r "$REV" | sed -e 's/^/ /' +echo "" +echo "Changes:" +svnlook changed "$REPO" -r "$REV" | sed -E -e 's/^[A-Z]*[ ]+/ /' +) | sed -e 's/^[ ]*$//' | cat -s | /usr/sbin/sendmail -oi -f commit-hook@freebsd.org notify-bz@freebsd.org From owner-svn-doc-all@FreeBSD.ORG Mon Jun 2 07:20:29 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D4B5E26C; Mon, 2 Jun 2014 07:20:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C258F223D; Mon, 2 Jun 2014 07:20:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s527KTkY054569; Mon, 2 Jun 2014 07:20:29 GMT (envelope-from peter@svn.freebsd.org) Received: (from peter@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s527KTkJ054568; Mon, 2 Jun 2014 07:20:29 GMT (envelope-from peter@svn.freebsd.org) Message-Id: <201406020720.s527KTkJ054568@svn.freebsd.org> From: Peter Wemm Date: Mon, 2 Jun 2014 07:20:29 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-svnadmin@freebsd.org Subject: svn commit: r44994 - svnadmin/hooks X-SVN-Group: doc-svnadmin MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2014 07:20:29 -0000 Author: peter (src committer) Date: Mon Jun 2 07:20:29 2014 New Revision: 44994 URL: http://svnweb.freebsd.org/changeset/doc/44994 Log: Add post-commit -> bugzilla notifier Approved by: doceng (not really, but this is time sensitive) Modified: svnadmin/hooks/post-commit Modified: svnadmin/hooks/post-commit ============================================================================== --- svnadmin/hooks/post-commit Mon Jun 2 07:19:04 2014 (r44993) +++ svnadmin/hooks/post-commit Mon Jun 2 07:20:29 2014 (r44994) @@ -57,5 +57,8 @@ update-root.sh "$REPO" "$REV" # commit mail mailer.py commit "$REPO" "$REV" /s/svn/doc/conf/mailer.conf +# Ping bugzilla if there's a reference +notify_bz.sh "$REPO" "$REV" + #commit-email.pl "$REPO" "$REV" commit-watchers@example.org #log-commit.py --repository "$REPO" --revision "$REV" From owner-svn-doc-all@FreeBSD.ORG Mon Jun 2 11:47:19 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 75BD7816; Mon, 2 Jun 2014 11:47:19 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 62447294C; Mon, 2 Jun 2014 11:47:19 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s52BlJ0c073922; Mon, 2 Jun 2014 11:47:19 GMT (envelope-from culot@svn.freebsd.org) Received: (from culot@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s52BlJG2073920; Mon, 2 Jun 2014 11:47:19 GMT (envelope-from culot@svn.freebsd.org) Message-Id: <201406021147.s52BlJG2073920@svn.freebsd.org> From: Frederic Culot Date: Mon, 2 Jun 2014 11:47:19 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44995 - in head: en_US.ISO8859-1/htdocs share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2014 11:47:19 -0000 Author: culot (ports committer) Date: Mon Jun 2 11:47:18 2014 New Revision: 44995 URL: http://svnweb.freebsd.org/changeset/doc/44995 Log: Welcome swills to the portmgr team! Modified: head/en_US.ISO8859-1/htdocs/administration.xml head/share/xml/authors.ent Modified: head/en_US.ISO8859-1/htdocs/administration.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/administration.xml Mon Jun 2 07:20:29 2014 (r44994) +++ head/en_US.ISO8859-1/htdocs/administration.xml Mon Jun 2 11:47:18 2014 (r44995) @@ -135,6 +135,7 @@
          • &a.decke.email;
          • &a.erwin.email; (Cluster Administration Team Liaison)
          • &a.miwi.email;
            • +
          • &a.swills.email;
            • Modified: head/share/xml/authors.ent ============================================================================== --- head/share/xml/authors.ent Mon Jun 2 07:20:29 2014 (r44994) +++ head/share/xml/authors.ent Mon Jun 2 11:47:18 2014 (r44995) @@ -2314,7 +2314,7 @@ - + From owner-svn-doc-all@FreeBSD.ORG Mon Jun 2 13:54:46 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9D68EB68; Mon, 2 Jun 2014 13:54:46 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8A78E2792; Mon, 2 Jun 2014 13:54:46 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s52Dskc9032484; Mon, 2 Jun 2014 13:54:46 GMT (envelope-from culot@svn.freebsd.org) Received: (from culot@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s52DskJx032483; Mon, 2 Jun 2014 13:54:46 GMT (envelope-from culot@svn.freebsd.org) Message-Id: <201406021354.s52DskJx032483@svn.freebsd.org> From: Frederic Culot Date: Mon, 2 Jun 2014 13:54:46 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44996 - head/en_US.ISO8859-1/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2014 13:54:46 -0000 Author: culot (ports committer) Date: Mon Jun 2 13:54:46 2014 New Revision: 44996 URL: http://svnweb.freebsd.org/changeset/doc/44996 Log: Update portmgr secretary's address Modified: head/en_US.ISO8859-1/htdocs/administration.xml Modified: head/en_US.ISO8859-1/htdocs/administration.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/administration.xml Mon Jun 2 11:47:18 2014 (r44995) +++ head/en_US.ISO8859-1/htdocs/administration.xml Mon Jun 2 13:54:46 2014 (r44996) @@ -296,7 +296,7 @@ portmgr's latest decisions and actions.

              -
            • &a.tabthorpe.email;
              • +
            • &a.culot.email;

            Security Team Secretary From owner-svn-doc-all@FreeBSD.ORG Mon Jun 2 14:12:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id ECF15433; Mon, 2 Jun 2014 14:12:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DA1192A88; Mon, 2 Jun 2014 14:12:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s52ECgqx041595; Mon, 2 Jun 2014 14:12:42 GMT (envelope-from feld@svn.freebsd.org) Received: (from feld@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s52ECgqn041594; Mon, 2 Jun 2014 14:12:42 GMT (envelope-from feld@svn.freebsd.org) Message-Id: <201406021412.s52ECgqn041594@svn.freebsd.org> From: Mark Felder Date: Mon, 2 Jun 2014 14:12:42 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44997 - head/en_US.ISO8859-1/articles/contributors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2014 14:12:43 -0000 Author: feld (ports committer) Date: Mon Jun 2 14:12:42 2014 New Revision: 44997 URL: http://svnweb.freebsd.org/changeset/doc/44997 Log: Thanks to both Mark and Kalle for helping to get the FreeBSD Plex port off the ground. This entry is very late, but you were not forgotten! Modified: head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Modified: head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Mon Jun 2 13:54:46 2014 (r44996) +++ head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Mon Jun 2 14:12:42 2014 (r44997) @@ -5365,6 +5365,11 @@ + Kalle R. M淡ller + freebsb_contrib@k-moeller.dk + + + Kaneda Hiloshi vanitas@ma3.seikyou.ne.jp @@ -6259,6 +6264,11 @@ + Mark Walker + ziggimon@raindogs.dk + + + Markus Holmberg saska@acc.umu.se From owner-svn-doc-all@FreeBSD.ORG Tue Jun 3 15:00:34 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 57C4BED7; Tue, 3 Jun 2014 15:00:34 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 450912486; Tue, 3 Jun 2014 15:00:34 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s53F0Yed015203; Tue, 3 Jun 2014 15:00:34 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s53F0Ys1015202; Tue, 3 Jun 2014 15:00:34 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201406031500.s53F0Ys1015202@svn.freebsd.org> From: Eitan Adler Date: Tue, 3 Jun 2014 15:00:34 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44998 - head/en_US.ISO8859-1/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Jun 2014 15:00:34 -0000 Author: eadler Date: Tue Jun 3 15:00:33 2014 New Revision: 44998 URL: http://svnweb.freebsd.org/changeset/doc/44998 Log: quick hack to make this page not wrong for the bugzilla world. it needs a rewrite, but not now :) Modified: head/en_US.ISO8859-1/htdocs/support.xml Modified: head/en_US.ISO8859-1/htdocs/support.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/support.xml Mon Jun 2 14:12:42 2014 (r44997) +++ head/en_US.ISO8859-1/htdocs/support.xml Tue Jun 3 15:00:33 2014 (r44998) @@ -27,15 +27,17 @@ If it has not already been reported, please let us know.

            To find out what has already been reported, it is possible to - search the PR database + search the PR database for specific category, assignee, originator, text, and so forth, or - view all open problem reports. + view all open problem reports.

            If the bug has not yet been reported, please read over our problem reporting guidelines - and then report the problem using our problem report form.

            + and then report the problem using our problem report form.

            From owner-svn-doc-all@FreeBSD.ORG Tue Jun 3 15:06:50 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BF81D56B; Tue, 3 Jun 2014 15:06:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A0A0B24F0; Tue, 3 Jun 2014 15:06:50 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s53F6oSn018887; Tue, 3 Jun 2014 15:06:50 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s53F6o9x018886; Tue, 3 Jun 2014 15:06:50 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201406031506.s53F6o9x018886@svn.freebsd.org> From: Eitan Adler Date: Tue, 3 Jun 2014 15:06:50 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44999 - head/en_US.ISO8859-1/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Jun 2014 15:06:50 -0000 Author: eadler Date: Tue Jun 3 15:06:50 2014 New Revision: 44999 URL: http://svnweb.freebsd.org/changeset/doc/44999 Log: Another quick hack to get people where they need to be. Modified: head/en_US.ISO8859-1/htdocs/send-pr.xml Modified: head/en_US.ISO8859-1/htdocs/send-pr.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/send-pr.xml Tue Jun 3 15:00:33 2014 (r44998) +++ head/en_US.ISO8859-1/htdocs/send-pr.xml Tue Jun 3 15:06:50 2014 (r44999) @@ -8,155 +8,14 @@ ]> - - &title; + + &title; - $FreeBSD$ - - - -

            Migration in progress

            -

            Our bug tracking system is OFFLINE.

            -

            Bug reports can be sent but will be queued for later processing.

            -

            You will NOT get an immediate response.

            - - - - Bugs - -

            Thank you for taking the time to let us know about a problem with - FreeBSD.

            - -

            This form allows you to submit Problem Reports about issues that - you believe are actual bugs in either the source, the documentation, - or the website itself. If you are having problems with initially - installing FreeBSD, or have other questions of the form "why doesn't - foo work" or "does FreeBSD work with bar", please ask - these questions in the appropriate support forums; see the - support page for more information.

            - -

            Before filling out the form, please take the time to read the - - Writing FreeBSD Problem Reports guidelines. This may save you - time and frustration getting help with your problem. Please - check before submitting if your problem has not already been - reported or - has been noted in the - FAQ.

            - -

            Please fill out the form as completely as possible. Make sure - you fill in the "Environment" field as requested with the output from - the machine on which the problem occurred.

            - -

            Note: copy/paste will destroy TABs and spacing, and this web - form should not be used to submit code as plain text.

            - -

            Please note that, unless you explicitly state otherwise, any changes - you submit to the FreeBSD Project are assumed to be under the same - license as FreeBSD. Also, the email address that you use will be - available to the public through the web interface, so you should - already have an effective spam filter in place.

            - -

            If you are submitting a patch file, note that we only accept - text/* and application/shar content types, and you must therefore ensure that your - browser sends the correct type. If your browser does not like - to do this, a good way to convince it to do so is to ensure that - the file name ends with the string '.txt'.

            - -

            Finally, be forewarned that this page requires that you are able - to view images as a measure against abuse of the system. We regret - having to have imposed this measure, but it is completely unavoidable. - If you are unable to view images for any reason, please accept our - apologies for the inconvenience and email your problem report to - the bugbusters team for submission - into the bug tracking system.

            - -

            Note: before hitting 'submit', please save your work. - If your browser caches images, or if you take longer than 45 - minutes to fill in the form, you may have a stale image shown on - your page, and your submission will be rejected. Depending on your - browser, you might lose work in this case. Help save yourself - from this common frustration.

            - -
            - - - - - - :
            - - -

            :
            - - -

            :
            - - -


            - - -

            : - -

            - -

            :
            - - -

            : -
            -

            - - :
            -

            - - :
            -

            - - :
            -

            - - : -
            - - -

            - - - + $FreeBSD$ + + + +

            You are being redirected to The bugzilla bug submission form

            From owner-svn-doc-all@FreeBSD.ORG Tue Jun 3 19:32:07 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 66E60DB3; Tue, 3 Jun 2014 19:32:07 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 502BB2E59; Tue, 3 Jun 2014 19:32:07 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s53JW7Zb041695; Tue, 3 Jun 2014 19:32:07 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s53JW5aO041679; Tue, 3 Jun 2014 19:32:05 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201406031932.s53JW5aO041679@svn.freebsd.org> From: Xin LI Date: Tue, 3 Jun 2014 19:32:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45000 - in head/share: security/advisories security/patches/EN-14:06 security/patches/SA-14:11 security/patches/SA-14:12 security/patches/SA-14:13 xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Jun 2014 19:32:07 -0000 Author: delphij Date: Tue Jun 3 19:32:04 2014 New Revision: 45000 URL: http://svnweb.freebsd.org/changeset/doc/45000 Log: Add 3 latest advisories and 1 errata: Fix sendmail improper close-on-exec flag handling. [SA-14:11] Fix ktrace memory disclosure. [SA-14:12] Fix incorrect error handling in PAM policy parser. [SA-14:13] Fix triple-fault when executing from a threaded process. [EN-14:06] Added: head/share/security/advisories/FreeBSD-EN-14:06.exec.asc (contents, props changed) head/share/security/advisories/FreeBSD-SA-14:11.sendmail.asc (contents, props changed) head/share/security/advisories/FreeBSD-SA-14:12.ktrace.asc (contents, props changed) head/share/security/advisories/FreeBSD-SA-14:13.pam.asc (contents, props changed) head/share/security/patches/EN-14:06/ head/share/security/patches/EN-14:06/exec-10.0.patch (contents, props changed) head/share/security/patches/EN-14:06/exec-10.0.patch.asc (contents, props changed) head/share/security/patches/EN-14:06/exec-10.patch (contents, props changed) head/share/security/patches/EN-14:06/exec-10.patch.asc (contents, props changed) head/share/security/patches/EN-14:06/exec-8.4.patch (contents, props changed) head/share/security/patches/EN-14:06/exec-8.4.patch.asc (contents, props changed) head/share/security/patches/EN-14:06/exec-8.patch (contents, props changed) head/share/security/patches/EN-14:06/exec-8.patch.asc (contents, props changed) head/share/security/patches/EN-14:06/exec-9.1.patch (contents, props changed) head/share/security/patches/EN-14:06/exec-9.1.patch.asc (contents, props changed) head/share/security/patches/EN-14:06/exec-9.2.patch (contents, props changed) head/share/security/patches/EN-14:06/exec-9.2.patch.asc (contents, props changed) head/share/security/patches/EN-14:06/exec-9.patch (contents, props changed) head/share/security/patches/EN-14:06/exec-9.patch.asc (contents, props changed) head/share/security/patches/SA-14:11/ head/share/security/patches/SA-14:11/sendmail.patch (contents, props changed) head/share/security/patches/SA-14:11/sendmail.patch.asc (contents, props changed) head/share/security/patches/SA-14:12/ head/share/security/patches/SA-14:12/ktrace.patch (contents, props changed) head/share/security/patches/SA-14:12/ktrace.patch.asc (contents, props changed) head/share/security/patches/SA-14:13/ head/share/security/patches/SA-14:13/pam-freebsd10.patch (contents, props changed) head/share/security/patches/SA-14:13/pam-freebsd10.patch.asc (contents, props changed) head/share/security/patches/SA-14:13/pam-freebsd9.patch (contents, props changed) head/share/security/patches/SA-14:13/pam-freebsd9.patch.asc (contents, props changed) Modified: head/share/xml/advisories.xml head/share/xml/notices.xml Added: head/share/security/advisories/FreeBSD-EN-14:06.exec.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-EN-14:06.exec.asc Tue Jun 3 19:32:04 2014 (r45000) @@ -0,0 +1,163 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-14:06.exec Errata Notice + The FreeBSD Project + +Topic: triple-fault when executing from a threaded process + +Category: core +Module: kern +Announced: 2014-06-03 +Credits: Ivo De Decker and Debian GNU/kFreeBSD porters +Affects: All supported versions of FreeBSD. +Corrected: 2014-05-23 09:29:04 UTC (stable/10, 10.0-STABLE) + 2014-06-03 19:02:52 UTC (releng/10.0, 10.0-RELEASE-p4) + 2014-05-23 11:56:32 UTC (stable/9, 9.2-STABLE) + 2014-06-03 19:03:11 UTC (releng/9.2, 9.2-RELEASE-p7) + 2014-06-03 19:03:11 UTC (releng/9.1, 9.1-RELEASE-p14) + 2014-05-23 09:48:42 UTC (stable/8, 8.4-STABLE) + 2014-06-03 19:03:23 UTC (releng/8.4, 8.4-RELEASE-p11) +CVE Name: CVE-2014-3880 + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +. + +I. Background + +The execve and fexecve system calls transforms the calling process into a +new process, constructed from an ordinarty file. + +When executing a new process, the FreeBSD virtual memory subsystem tries to +optimize the process by avoiding destroying the old virtual memory address +space when the calling process do not share its address space with another +process (for instance, via rfork(2) with RFMEM) and when the new min/max +address limit stays the same. In the optimized scenario, the virtual memory +subsystem only removes usermode mappings from the existing virtual memory +address space instead of destroying and recreating it. + +II. Problem Description + +When the virtual memory address space is recreated for the calling process, +the old virtual memory address space as well as its associated mappings are +destroyed before thread_single(9) boundary, where threads were allowed to +run to safely terminate. If such threads were on other CPUs, the old page +table pointer may still be referenced. + +III. Impact + +The system will crash when this happens due to a triple-fault triggered by +dereferencing an invalid page table pointer. + +IV. Workaround + +No workaround is available, but systems that do not run binaries that are +of different bit-ness (e.g. 32-bit and 64-bit binaries) are not affected. + +V. Solution + +Perform one of the following: + +1) Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date. + +2) To update your present system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +[FreeBSD 8.4] +# fetch http://security.FreeBSD.org/patches/EN-14:06/exec-8.4.patch +# fetch http://security.FreeBSD.org/patches/EN-14:06/exec-8.4.patch.asc +# gpg --verify exec-8.4.patch.asc + +[FreeBSD 9.1] +# fetch http://security.FreeBSD.org/patches/EN-14:06/exec-9.1.patch +# fetch http://security.FreeBSD.org/patches/EN-14:06/exec-9.1.patch.asc +# gpg --verify exec-9.1.patch.asc + +[FreeBSD 9.2] +# fetch http://security.FreeBSD.org/patches/EN-14:06/exec-9.2.patch +# fetch http://security.FreeBSD.org/patches/EN-14:06/exec-9.2.patch.asc +# gpg --verify exec-9.2.patch.asc + +[FreeBSD 10.0] +# fetch http://security.FreeBSD.org/patches/EN-14:06/exec-10.0.patch +# fetch http://security.FreeBSD.org/patches/EN-14:06/exec-10.0.patch.asc +# gpg --verify exec-10.0.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile your kernel as described in + and reboot the +system. + +3) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +VI. Correction details + +The following list contains the revision numbers of each file that was +corrected in FreeBSD. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/8/ r266583 +releng/8.4/ r267019 +stable/9/ r266585 +releng/9.1/ r267018 +releng/9.2/ r267018 +stable/10/ r266582 +releng/10.0/ r267017 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + + + + + +The latest revision of this Errata Notice is available at +http://security.FreeBSD.org/advisories/FreeBSD-EN-14:06.exec.asc + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (FreeBSD) + +iQIcBAEBCgAGBQJTjiDaAAoJEO1n7NZdz2rnNcIQANX2RW/Yeuso43ziviT10iH9 +IBd0Ibazfq4HIVANEGfBF9pkL7vQ4VZzzWJBZEA6r/0qDMVO0mMoFA2/SDAB3oCO +Wjc2TF/FLNPlrYamO1Comb1lKG8nmXj3C+AEEOyzlxDBLIH4cEuCX6yBbjZgjeuz +eYTmFWqiMBwjOctZSFzmaZjaG0EtUIig8ELkPePXBP+zGZiBlBRpLuXWTUuRTT1T +I8YbhEhlvw7rZmtK7rq5uRFfFclmFCC1cYRxKb9o+9tXUL9Qq6q0740hAG/I1HJU +s7M3gvQZNhFa6B8fC2XbBwe1g51pfcxRkU8ZZ0kIU4064r9CP9In9InmcFKrfZTo +xNYNiV9/8rY2lHts6cXZgfrJQLfEWzYghlKVBBZpd8syVjt8ozA08YAD4RAzGAsb +s1cwI9ZCpc9ak6kd9xvDV/ZUmJLE3XS8HkogUd/RBYiu0GTn6MsCIc/pnOpAL1Cq +BWLmWS8vDT4rcuC828L2VmdfLjrdWcr9DHreiW7xxCX4O+/ktOT43PrgQtjd/mf+ +i0k9OAJRwdoh92ylLkEJqm3kugoDGxOITKHvo2dx+g2ySukIzTv0BCNT9EAJ0kX+ +i4G0eyGNTsIycZcokil1rUzk2giNLa5yqKOZNzPZ3EA7U/knuXDN1rdN0OzrqncY +WZlllko53SvpSDli15vp +=A9nK +-----END PGP SIGNATURE----- Added: head/share/security/advisories/FreeBSD-SA-14:11.sendmail.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-SA-14:11.sendmail.asc Tue Jun 3 19:32:04 2014 (r45000) @@ -0,0 +1,137 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-SA-14:11.sendmail Security Advisory + The FreeBSD Project + +Topic: sendmail improper close-on-exec flag handling + +Category: contrib +Module: sendmail +Announced: 2014-06-03 +Affects: All supported versions of FreeBSD. +Corrected: 2014-05-26 15:35:11 UTC (stable/10, 10.0-STABLE) + 2014-06-03 19:02:52 UTC (releng/10.0, 10.0-RELEASE-p4) + 2014-05-26 20:10:00 UTC (stable/9, 9.3-PRERELEASE) + 2014-06-03 19:03:11 UTC (releng/9.2, 9.2-RELEASE-p7) + 2014-06-03 19:03:11 UTC (releng/9.1, 9.1-RELEASE-p14) + 2014-05-26 15:30:27 UTC (stable/8, 8.4-STABLE) + 2014-06-03 19:03:23 UTC (releng/8.4, 8.4-RELEASE-p11) + +For general information regarding FreeBSD Security Advisories, +including descriptions of the fields above, security branches, and the +following sections, please visit . + +I. Background + +FreeBSD includes sendmail(8), a general purpose internetwork mail +routing facility, as the default Mail Transfer Agent (MTA). + +FreeBSD uses file descriptor as an abstract indicator for accessing a file. +Upon execve(2), file descriptors open in the calling process image remain +open in the new process image, except for those for which the close-on-exec +flag is set. + +II. Problem Description + +There is a programming error in sendmail(8) that prevented open file +descriptors have close-on-exec properly set. Consequently a subprocess +will be able to access all open files that the parent process have open. + +III. Impact + +A local user who can execute their own program for mail delivery will be +able to interfere with an open SMTP connection. + +IV. Workaround + +Do not allow untrusted users to specify programs for mail delivery, for +instance, procmail. + +Systems that do not use sendmail(8) MTA are not affected. + +V. Solution + +Perform one of the following: + +1) Upgrade your vulnerable system to a supported FreeBSD stable or +release / security branch (releng) dated after the correction date. + +2) To update your vulnerable system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch http://security.FreeBSD.org/patches/SA-14:11/sendmail.patch +# fetch http://security.FreeBSD.org/patches/SA-14:11/sendmail.patch.asc +# gpg --verify sendmail.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile the operating system using buildworld and installworld as +described in . + +Restart the applicable daemons, or reboot the system. + +3) To update your vulnerable system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +VI. Correction details + +The following list contains the correction revision numbers for each +affected branch. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/8/ r266693 +releng/8.4/ r267019 +stable/9/ r266711 +releng/9.1/ r267018 +releng/9.2/ r267018 +stable/10/ r266692 +releng/10.0/ r267017 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + +The latest revision of this advisory is available at + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (FreeBSD) + +iQIcBAEBCgAGBQJTjiDaAAoJEO1n7NZdz2rnMxgP/0N9dTCKztkx92+Er1riKEns +k0dfQswsTn2BwKzqIwiuzYcC9YFuBbU/ydfhIy3CGHJoZXd98sl0IZkWok7N7gYb +N46aSyMypHh5RtoxtRm7aLhmKSBXiXhygwoeV8HW5fBhgZG544BQ+zs3wDWL/Y4J +sfTEV4C254hm8+loCjtg+WIoFDtaYFWTWCUm1Yhxb1puN5scCNNgbvqvmhmrCLtb +n/AoWUvqQi8B7tu2YafbG+BE8qaLC+tGpqC4mF3NxtNUX++4HMC6ZhbcOaa2PKrk +kepReV/zdc3DaZ0e0KsiwFBiWMe9NW0RjHaZeDe3wzbX9fer2WjoOszLw7xLo/8s +GPZwI+fPRysKGRXeW+0Bp3itbHYAFUhS5PttZQcGqzFKIRNLdVcAIMsj/+j32/LM +vVw3e1NpsIhpxqIorxJEwuBxr4SWzCY26TbJVG+jWqEzhaRgjgpW+TZ2bhW3EDKm +CNnngufJzh54/rEKolWxntyiw442JRpcPvumiUiH9WmRHipkCrMttQGA9TfjUy0u +diQFs/nWNa9YeUkF1jB7eMFoJubg5d/7/gDFPbHMvgjP7kN75k1TmeyzrBVUuplH +ek+XMzxkWYPStw1QHub94VpKhVm7fjvLrq2+2bfdQnM7bRbgwdA66jSwqVQ569Hr +oOFXJjVfz279BMqszAsw +=JUzV +-----END PGP SIGNATURE----- Added: head/share/security/advisories/FreeBSD-SA-14:12.ktrace.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-SA-14:12.ktrace.asc Tue Jun 3 19:32:04 2014 (r45000) @@ -0,0 +1,144 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-SA-14:12.ktrace Security Advisory + The FreeBSD Project + +Topic: ktrace kernel memory disclosure + +Category: core +Module: kern +Announced: 2014-06-03 +Credits: Jilles Tjoelker +Affects: FreeBSD 8.4, FreeBSD 9.1 and FreeBSD 9.2 +Corrected: 2014-06-03 19:02:33 UTC (stable/9, 9.3-BETA1) + 2014-06-03 19:02:33 UTC (stable/9, 9.3-BETA1-p1) + 2014-06-03 19:03:11 UTC (releng/9.2, 9.2-RELEASE-p7) + 2014-06-03 19:03:11 UTC (releng/9.1, 9.1-RELEASE-p14) + 2014-06-03 19:02:42 UTC (stable/8, 8.4-STABLE) + 2014-06-03 19:03:23 UTC (releng/8.4, 8.4-RELEASE-p11) +CVE Name: CVE-2014-3873 + +For general information regarding FreeBSD Security Advisories, +including descriptions of the fields above, security branches, and the +following sections, please visit . + +I. Background + +The ktrace utility enables kernel trace logging for the specified processes, +commonly used for diagnostic or debugging purposes. The kernel operations +that are traced include system calls, namei translations, signal processing, +and I/O as well as data associated with these operations. + +The utility may be used only with a kernel that has been built with the +``KTRACE'' option in the kernel configuration file, which is enabled by +default. + +II. Problem Description + +Due to an overlooked merge to -STABLE branches, the size for page fault +kernel trace entries was set incorrectly. + +III. Impact + +A user who can enable kernel process tracing could end up reading the +contents of kernel memory. + +Such memory might contain sensitive information, such as portions of the +file cache or terminal buffers. This information might be directly +useful, or it might be leveraged to obtain elevated privileges in some +way; for example, a terminal buffer might include a user-entered +password. + +IV. Workaround + +The system administrator may set sysctl security.bsd.unprivileged_proc_debug +to 0 to prevent non-privileged users from using all process debugging +facilities provided by the kernel, that includes ktrace functionality. +Please note that this flag have broad effect and may break applications, +as some of them may rely on certain debugging facilities to function. + +V. Solution + +Perform one of the following: + +1) Upgrade your vulnerable system to a supported FreeBSD stable or +release / security branch (releng) dated after the correction date. + +2) To update your vulnerable system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch http://security.FreeBSD.org/patches/SA-14:12/ktrace.patch +# fetch http://security.FreeBSD.org/patches/SA-14:12/ktrace.patch.asc +# gpg --verify ktrace.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile your kernel as described in + and reboot the +system. + +3) To update your vulnerable system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +VI. Correction details + +The following list contains the correction revision numbers for each +affected branch. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/8/ r267016 +releng/8.4/ r267019 +stable/9/ r267015 +releng/9.1/ r267018 +releng/9.2/ r267018 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + + + +The latest revision of this advisory is available at + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (FreeBSD) + +iQIcBAEBCgAGBQJTjiDaAAoJEO1n7NZdz2rnIfQP/0kHBNvnNUiZ+1OWo5fMDg3N +Oe7UdrvnfyeXlgw5bP4t0qwbTpn0kVYL2dfr3bxhkT1w7oF/xQjbcosx/DbzPZZs +VtlAGQYh0CvOXcUZmh+COuRfcy2wkr1kKFlc2bGQVTq1uzKS+vceqA3619IWMnJO +b6ClzFnn+0hk6BrUd8xdvoiYIF2RG+zcw7CxuoBQrzPYA9iO/S4ACmxzfTIgRcAD +ZLGXfUEw3wlftfg605H1iV9xKm4FDUGr9qoL4W0UmYmmTmU4Z71yXSzX3A53qlRg +Xd1Grw2K+zhaKaV6xL+mqox0nzSKiYuNf/ZguB5+x9ZA14ck7NtCYg6up1fgh7Ms +pznVb8/GCc+IPdWJGXpSz6yFhl/MJc6mTOi+L0gOGvNKp0raNHelCpxlqavGt/tv +9Niv791FK32S8ynlP0yKRvd8Hzq4b185ehWuGWbQO8bEHljqhOyZDhysBYYWdgFi +0KG16lJopCbMPPPBVb4zfsFBvokr31m2w+/xsDD+hmaXa6C9bHIvHpuyJep4q02E +4NOoVr1x8dO5s7yVk7bNZx0WFCDYZ/DLMycLjEftHog7iq4nw29HW/Mt/rPgJWOf +NiO0GEJ1XucJ1ShV/OC0B+69mFx9OsOI8kDNLE4l9oqGu2UqcZ/W0Dsa9PPl+ec+ +njyksdL+yqvx9kF8fnJ0 +=46Yf +-----END PGP SIGNATURE----- Added: head/share/security/advisories/FreeBSD-SA-14:13.pam.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-SA-14:13.pam.asc Tue Jun 3 19:32:04 2014 (r45000) @@ -0,0 +1,171 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-SA-14:13.pam Security Advisory + The FreeBSD Project + +Topic: Incorrect error handling in PAM policy parser + +Category: contrib +Module: pam +Announced: 2014-06-03 +Credits: Peter Wemm, Dag-Erling Sm淡rgrav +Affects: FreeBSD 9.2 and later. +Corrected: 2014-06-03 19:02:33 UTC (stable/9, 9.3-BETA1) + 2014-06-03 19:02:33 UTC (stable/9, 9.3-BETA1-p1) + 2014-06-03 19:03:11 UTC (releng/9.2, 9.2-RELEASE-p7) + 2014-06-03 19:02:18 UTC (stable/10, 10.0-STABLE) + 2014-06-03 19:02:52 UTC (releng/10.0, 10.0-RELEASE-p4) +CVE Name: CVE-2014-3879 + +For general information regarding FreeBSD Security Advisories, +including descriptions of the fields above, security branches, and the +following sections, please visit . + +I. Background + +The PAM (Pluggable Authentication Modules) library provides a flexible +framework for user authentication and session setup / teardown. It is +used not only in the base system, but also by a large number of +third-party applications. + +Various authentication methods (UNIX, LDAP, Kerberos etc.) are +implemented in modules which are loaded and executed according to +predefined, named policies. These policies are defined in +/etc/pam.conf, /etc/pam.d/, /usr/local/etc/pam.conf or +/usr/local/etc/pam.d/. + +The PAM API is a de facto industry standard which has been implemented +by several parties. FreeBSD uses the OpenPAM implementation. + +II. Problem Description + +The OpenPAM library searches for policy definitions in several +locations. While doing so, the absence of a policy file is a soft +failure (handled by searching in the next location) while the presence +of an invalid file is a hard failure (handled by returning an error to +the caller). + +The policy parser returns the same error code (ENOENT) when a +syntactically valid policy references a non-existent module as when +the requested policy file does not exist. The search loop regards +this as a soft failure and looks for the next similarly-named policy, +without discarding the partially-loaded configuration. + +A similar issue can arise if a policy contains an include directive +that refers to a non-existent policy. + +III. Impact + +If a module is removed, or the name of a module is misspelled in the +policy file, the PAM library will proceed with a partially loaded +configuration. Depending on the exact circumstances, this may result +in a fail-open scenario where users are allowed to log in without a +password, or with an incorrect password. + +In particular, if a policy references a module installed by a package +or port, and that package or port is being reinstalled or upgraded, +there is a brief window of time during which the module is absent and +policies that use it may fail open. This can be especially damaging +to Internet-facing SSH servers, which are regularly subjected to +brute-force scans. + +IV. Workaround + +If your system uses customized PAM policies, carefully review your +policies to ensure that all module names are spelled correctly. + +If your system uses third-party authentication modules, either refrain +from upgrading those modules until you have patched your system, or +shut down the affected services before upgrading. + +V. Solution + +Perform one of the following: + +1) Upgrade your vulnerable system to a supported FreeBSD stable or +release / security branch (releng) dated after the correction date. + +2) To update your vulnerable system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +[FreeBSD 9.2] +# fetch http://security.FreeBSD.org/patches/SA-14:13/pam-freebsd9.patch +# fetch http://security.FreeBSD.org/patches/SA-14:13/pam-freebsd9.patch.asc +# gpg --verify pam-freebsd9.patch.asc + +[FreeBSD 9.3 and 10.0] +# fetch http://security.FreeBSD.org/patches/SA-14:13/pam-freebsd10.patch +# fetch http://security.FreeBSD.org/patches/SA-14:13/pam-freebsd10.patch.asc +# gpg --verify pam-freebsd10.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile the operating system using buildworld and installworld as +described in . + +Restart all deamons using the library, or reboot the system. + +3) To update your vulnerable system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +VI. Correction details + +The following list contains the correction revision numbers for each +affected branch. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/9/ r267015 +releng/9.2/ r267018 +stable/10/ r267014 +releng/10.0/ r267017 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + + + +The latest revision of this advisory is available at + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (FreeBSD) + +iQIcBAEBCgAGBQJTjiDaAAoJEO1n7NZdz2rnx90P/je9ArC02N90sK//UauenbXV +BJCNh1WRSVE3hoxgVyPC0R+6Ts6J9At42ANUHXHVxipA2Qpu2UKf+/c3JreSuSGs +6rgAj1TPZEideQInTs9qCJWr6f/M2aPlYCF8iHuuLMJTO35wfVYQENDaFJmebKoI +fKkVvTh8ig2cgJWe7RZxd+Y4tPxKZb5ix5jV+xFjDPrmzVgSCUVpW0GrD7qWOg1W +25Ysx+LLBr03guDnFd9RodObWoNZ+aFxuvkKELmjUKva7xRSEw6PfwPCpLp9/83Q +HDVlkw0jH+0sF1SY7V+GUvQriPNpwyGNEOfDvL47gnlN/Z7HOZ0hYlVuYw4QYGv5 +l5PZOL5eFC6xl88fn+ypKQwGDdzpM4i+svBy//2CW17luU31L4F/cde+yCxsEJB5 +JXNhVTYe2z+ACfSs+Oxzk5uGI1f9FhvTzIyoO26Coq6e2Nk2633451kRgdPNxoAP +kMimT2Mle/1kqupLirGi44lEyUYV9As2AhnLBFFUXTnESlWVe6q0N0Rb8G6D2jcR +0m5hccsS2HcysUtSIP8ADB6LlSgH+bKP2FUFopdjQUx3J+/KQ5kl6L/UhOOr1Hag +4PdoCPpR15s2CaICmu5HkDtGNkZQV7xdN6TLcksJHXRshISlbzZjlaNyrbu6oJu9 +nz3mhzGz1ZH6l7kuNYXD +=qUxk +-----END PGP SIGNATURE----- Added: head/share/security/patches/EN-14:06/exec-10.0.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-14:06/exec-10.0.patch Tue Jun 3 19:32:04 2014 (r45000) @@ -0,0 +1,66 @@ +Index: sys/kern/kern_exec.c +=================================================================== +--- sys/kern/kern_exec.c (revision 266979) ++++ sys/kern/kern_exec.c (working copy) +@@ -283,6 +283,7 @@ kern_execve(td, args, mac_p) + struct mac *mac_p; + { + struct proc *p = td->td_proc; ++ struct vmspace *oldvmspace; + int error; + + AUDIT_ARG_ARGV(args->begin_argv, args->argc, +@@ -299,6 +300,8 @@ kern_execve(td, args, mac_p) + PROC_UNLOCK(p); + } + ++ KASSERT((td->td_pflags & TDP_EXECVMSPC) == 0, ("nested execve")); ++ oldvmspace = td->td_proc->p_vmspace; + error = do_execve(td, args, mac_p); + + if (p->p_flag & P_HADTHREADS) { +@@ -313,6 +316,12 @@ kern_execve(td, args, mac_p) + thread_single_end(); + PROC_UNLOCK(p); + } ++ if ((td->td_pflags & TDP_EXECVMSPC) != 0) { ++ KASSERT(td->td_proc->p_vmspace != oldvmspace, ++ ("oldvmspace still used")); ++ vmspace_free(oldvmspace); ++ td->td_pflags &= ~TDP_EXECVMSPC; ++ } + + return (error); + } +Index: sys/sys/proc.h +=================================================================== +--- sys/sys/proc.h (revision 266979) ++++ sys/sys/proc.h (working copy) +@@ -966,4 +966,5 @@ curthread_pflags_restore(int save) + + #endif /* _KERNEL */ + ++#define TDP_EXECVMSPC 0x40000000 /* Execve destroyed old vmspace */ + #endif /* !_SYS_PROC_H_ */ +Index: sys/vm/vm_map.c +=================================================================== +--- sys/vm/vm_map.c (revision 266979) ++++ sys/vm/vm_map.c (working copy) +@@ -3725,6 +3725,8 @@ vmspace_exec(struct proc *p, vm_offset_t minuser, + struct vmspace *oldvmspace = p->p_vmspace; + struct vmspace *newvmspace; + ++ KASSERT((curthread->td_pflags & TDP_EXECVMSPC) == 0, ++ ("vmspace_exec recursed")); + newvmspace = vmspace_alloc(minuser, maxuser, NULL); + if (newvmspace == NULL) + return (ENOMEM); +@@ -3741,7 +3743,7 @@ vmspace_exec(struct proc *p, vm_offset_t minuser, + PROC_VMSPACE_UNLOCK(p); + if (p == curthread->td_proc) + pmap_activate(curthread); +- vmspace_free(oldvmspace); ++ curthread->td_pflags |= TDP_EXECVMSPC; + return (0); + } + Added: head/share/security/patches/EN-14:06/exec-10.0.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-14:06/exec-10.0.patch.asc Tue Jun 3 19:32:04 2014 (r45000) @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (FreeBSD) + +iQIcBAABCgAGBQJTjiErAAoJEO1n7NZdz2rnKXEQAJxIZgrVrGZobVSEztzpE8hT +yFcp2Yd0AZesA0glaqBaReEyDxpyKXvDDX33q3nFc+C5rhOePZXp5zw0e4MLT/DX +hGxBp9/sbji+w7soUdL25y5h6QfY19LK1WwJlI4+6CNQUGVvN/bN/uF0vyaiTk1k +9j5Twmtb31hsbpJNwHL6D7+K2vSd5hrMBxaozTn9TOBDzI0KS19NUp6Xt1CrpkAL +NmM65tD1PZ9flsoXqsUBdENydrIEH8XrCovwPXzYipUnqeEvl6VGS5D7U3t/m/SC +bh8v1mK6Ipt7YLJ0HducqO643XkG7n01pJKY8LIXEX1x0yVLI+hLqvSIfPjEza1j +kNs289QiWX3FG7k0ufucnd8tGbaZ5gyrJuA2OWERZurEDPoGYkHxz4cMPXKoTSw+ +ZX4h/mz8zvNGak9Jy6xStWAMGG1FdnrPAWDddNb1aOQJCdx3Ur+fOOTkrYT76JHA +k8iWI44rmBL0BFqkJk/LbcA2NI43pKN/WEVAgufi06yK3poQzV93WyunZ/iBJJVO +boz6F+cCG023r8Obq1jMv7qi+seuUL8pi8PxlYqWeye6xtOKc1Utm6yHJyFmLFN0 +4OmVxgOneS5jcn4IV/F0WNuuRLshTEjpcOKxf9qn2Izll219ikZZtiCD4U5FN0hL +910LWVL+ek6GRdVOyRwg +=fRaC +-----END PGP SIGNATURE----- Added: head/share/security/patches/EN-14:06/exec-10.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-14:06/exec-10.patch Tue Jun 3 19:32:04 2014 (r45000) @@ -0,0 +1,77 @@ +Index: sys/sys/proc.h +=================================================================== +--- sys/sys/proc.h (revision 266581) ++++ sys/sys/proc.h (revision 266582) +@@ -425,6 +425,7 @@ do { \ + #define TDP_NERRNO 0x08000000 /* Last errno is already in td_errno */ + #define TDP_UIOHELD 0x10000000 /* Current uio has pages held in td_ma */ + #define TDP_DEVMEMIO 0x20000000 /* Accessing memory for /dev/mem */ ++#define TDP_EXECVMSPC 0x40000000 /* Execve destroyed old vmspace */ + + /* + * Reasons that the current thread can not be run yet. +Index: sys/kern/kern_exec.c +=================================================================== +--- sys/kern/kern_exec.c (revision 266581) ++++ sys/kern/kern_exec.c (revision 266582) +@@ -283,6 +283,7 @@ kern_execve(td, args, mac_p) + struct mac *mac_p; + { + struct proc *p = td->td_proc; ++ struct vmspace *oldvmspace; + int error; + + AUDIT_ARG_ARGV(args->begin_argv, args->argc, +@@ -299,6 +300,8 @@ kern_execve(td, args, mac_p) + PROC_UNLOCK(p); + } + ++ KASSERT((td->td_pflags & TDP_EXECVMSPC) == 0, ("nested execve")); ++ oldvmspace = td->td_proc->p_vmspace; + error = do_execve(td, args, mac_p); + + if (p->p_flag & P_HADTHREADS) { +@@ -313,6 +316,12 @@ kern_execve(td, args, mac_p) + thread_single_end(); + PROC_UNLOCK(p); + } ++ if ((td->td_pflags & TDP_EXECVMSPC) != 0) { ++ KASSERT(td->td_proc->p_vmspace != oldvmspace, ++ ("oldvmspace still used")); ++ vmspace_free(oldvmspace); ++ td->td_pflags &= ~TDP_EXECVMSPC; ++ } + + return (error); + } +Index: sys/vm/vm_map.c +=================================================================== +--- sys/vm/vm_map.c (revision 266581) ++++ sys/vm/vm_map.c (revision 266582) +@@ -3751,6 +3751,8 @@ vmspace_exec(struct proc *p, vm_offset_t minuser, + struct vmspace *oldvmspace = p->p_vmspace; + struct vmspace *newvmspace; + ++ KASSERT((curthread->td_pflags & TDP_EXECVMSPC) == 0, ++ ("vmspace_exec recursed")); + newvmspace = vmspace_alloc(minuser, maxuser, NULL); + if (newvmspace == NULL) + return (ENOMEM); +@@ -3767,7 +3769,7 @@ vmspace_exec(struct proc *p, vm_offset_t minuser, + PROC_VMSPACE_UNLOCK(p); + if (p == curthread->td_proc) + pmap_activate(curthread); +- vmspace_free(oldvmspace); ++ curthread->td_pflags |= TDP_EXECVMSPC; + return (0); + } + +Index: . +=================================================================== +--- . (revision 266581) ++++ . (revision 266582) + +Property changes on: . +___________________________________________________________________ +Modified: svn:mergeinfo + Merged /head:r266464 Added: head/share/security/patches/EN-14:06/exec-10.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-14:06/exec-10.patch.asc Tue Jun 3 19:32:04 2014 (r45000) @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (FreeBSD) + +iQIcBAABCgAGBQJTjiErAAoJEO1n7NZdz2rnohMQAIzPJ9eBbU4Xdrk5QVHXIFYa +CFeHZM1JOSaNv/XLXXVIvLbZF8m5Egdskj8+PPbn4+cO6c1QhyNRAt/lcc+2Fqpb +w011aG2zTMNCJCTnU26l68cB//MmeWeu6RI2BvSDh6zQlluy9NPrONnSvhb8Y8tM +LZr9c4CVoe0esDTs06X6/0p2f1OStRpIH8hgNI+0OK1DAkL45XcJF5s4PdIkPIgM +0VzSXz93cxTMFAwbWzFNoo+JPM9AFtweUyVQ3vLFCLOSn198IAHrlYCvAoKsoRjI +kv69njIKpzKlRiD98PQxKjVSnMrZ9VcCtSXfEZgDzeBjrNMx7GpBCsVNkL3WHbDa +EgmoBb35mpKDkJ3SMMCDRIYOMTbmESek2Fgj2/u1n3ypNTE54VHevDCeb03+xnag +i3la3eBcRJ49QJcSWRci5S4FjiMX5ujdH6tLYJq1dz2qnqla3GV5jPM8ph6ZY5ZA +Keqf1eieQPaHL+7wfuRBeeDk4KXK7YYtj2/V9DDFuf7PndArHQx72tJjPamcgaEy +CoICjTEFwDHlyN0yJlNe0EWNaC5ItR6zdHEAcs7j9Jsgfn5AAfa+rhg90KuiBVjF +wnXIdWYfiUS65VHVgSO/x/n2/wOoF0Ky9v2CFMoDx5P6/2CCHadY8KcxiVRJs89M +epY+RFb27pmmbTIbV5P+ +=Lp2V +-----END PGP SIGNATURE----- Added: head/share/security/patches/EN-14:06/exec-8.4.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-14:06/exec-8.4.patch Tue Jun 3 19:32:04 2014 (r45000) @@ -0,0 +1,66 @@ +Index: sys/kern/kern_exec.c +=================================================================== +--- sys/kern/kern_exec.c (revision 266979) ++++ sys/kern/kern_exec.c (working copy) +@@ -278,6 +278,7 @@ kern_execve(td, args, mac_p) + struct mac *mac_p; + { + struct proc *p = td->td_proc; ++ struct vmspace *oldvmspace; + int error; + + AUDIT_ARG_ARGV(args->begin_argv, args->argc, +@@ -294,6 +295,8 @@ kern_execve(td, args, mac_p) + PROC_UNLOCK(p); + } + ++ KASSERT((td->td_pflags & TDP_EXECVMSPC) == 0, ("nested execve")); ++ oldvmspace = td->td_proc->p_vmspace; + error = do_execve(td, args, mac_p); + + if (p->p_flag & P_HADTHREADS) { +@@ -308,6 +311,12 @@ kern_execve(td, args, mac_p) + thread_single_end(); + PROC_UNLOCK(p); + } ++ if ((td->td_pflags & TDP_EXECVMSPC) != 0) { ++ KASSERT(td->td_proc->p_vmspace != oldvmspace, ++ ("oldvmspace still used")); ++ vmspace_free(oldvmspace); ++ td->td_pflags &= ~TDP_EXECVMSPC; ++ } + + return (error); + } +Index: sys/sys/proc.h +=================================================================== +--- sys/sys/proc.h (revision 266979) ++++ sys/sys/proc.h (working copy) +@@ -938,4 +938,5 @@ curthread_pflags_restore(int save) + + #endif /* _KERNEL */ + ++#define TDP_EXECVMSPC 0x40000000 /* Execve destroyed old vmspace */ + #endif /* !_SYS_PROC_H_ */ +Index: sys/vm/vm_map.c +=================================================================== +--- sys/vm/vm_map.c (revision 266979) ++++ sys/vm/vm_map.c (working copy) +@@ -3521,6 +3521,8 @@ vmspace_exec(struct proc *p, vm_offset_t minuser, + struct vmspace *oldvmspace = p->p_vmspace; + struct vmspace *newvmspace; + ++ KASSERT((curthread->td_pflags & TDP_EXECVMSPC) == 0, ++ ("vmspace_exec recursed")); + newvmspace = vmspace_alloc(minuser, maxuser); + if (newvmspace == NULL) + return (ENOMEM); +@@ -3537,7 +3539,7 @@ vmspace_exec(struct proc *p, vm_offset_t minuser, + PROC_VMSPACE_UNLOCK(p); + if (p == curthread->td_proc) + pmap_activate(curthread); +- vmspace_free(oldvmspace); ++ curthread->td_pflags |= TDP_EXECVMSPC; + return (0); + } + Added: head/share/security/patches/EN-14:06/exec-8.4.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-14:06/exec-8.4.patch.asc Tue Jun 3 19:32:04 2014 (r45000) @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (FreeBSD) + +iQIcBAABCgAGBQJTjiErAAoJEO1n7NZdz2rnc3EP/3U2Q1wMCK+35jIdsGJ0g+sy +5Dr3VKBYO7h3Tt+V2bUtzDvIEleh7pqtjJZM1k4bT78VgFW0+y/3qdOdVrSbsEqc +0uDYwklb/VMpdQEFh4Qs5qiRt7xuBQPChKDlyzaOIjPl2YM4vy51aGxrwlyH/J9I +/OIEMIOdANDU7YSkm70+edV9/egR9zGupWSBaEfVtH0WUNm3AubyyU8pbE8DDsuz +dLS+PQF9ISZDDwGJgju07GCDmSyZkL0hBzhPQhaXvooxu3KZw8e1mapN7CCU/ntx +Dc9T5QKmuREkbY5ZmK+H2bhGfHU7+sEVwSKUzK3xhhSaBcTQ381q11+TtF2EaPkc +mLd0A4D1O8nJMX/OoLXy3vipS9kz6U10i9+PuntM4QzQqcNYvEjyLnQDpWOslIim +WabFiJL/bPYQiLF3dwcW43+V+acTJ1mXGIhh6iuCospL328JHj4sbp8KDU+qftSx +D/7+ojrxp8sD9m4Up3W8FZ7/DODJv+Rz2n2vXozpBOAo8gXYU30k313y6s/KAH+4 +9AQlohIjJVBMv3LX4Erx1CfPpR/Vs1rrswH2VpmMPGNkCy4HHDuKNda4z6r+huU+ +QgFVwOj6ooTod5yRVEnFqsZtkFAWvkWWOEpgkalEKVmVCha2d98ImdU7n6bSjipt +l404I80gEZeyntZHGMO2 +=DGKB +-----END PGP SIGNATURE----- Added: head/share/security/patches/EN-14:06/exec-8.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-14:06/exec-8.patch Tue Jun 3 19:32:04 2014 (r45000) @@ -0,0 +1,104 @@ +Index: sys/kern/kern_exec.c +=================================================================== +--- sys/kern/kern_exec.c (revision 266582) ++++ sys/kern/kern_exec.c (revision 266583) +@@ -278,6 +278,7 @@ kern_execve(td, args, mac_p) + struct mac *mac_p; + { + struct proc *p = td->td_proc; ++ struct vmspace *oldvmspace; + int error; + + AUDIT_ARG_ARGV(args->begin_argv, args->argc, +@@ -294,6 +295,8 @@ kern_execve(td, args, mac_p) + PROC_UNLOCK(p); + } + ++ KASSERT((td->td_pflags & TDP_EXECVMSPC) == 0, ("nested execve")); ++ oldvmspace = td->td_proc->p_vmspace; + error = do_execve(td, args, mac_p); + + if (p->p_flag & P_HADTHREADS) { +@@ -308,6 +311,12 @@ kern_execve(td, args, mac_p) + thread_single_end(); + PROC_UNLOCK(p); + } ++ if ((td->td_pflags & TDP_EXECVMSPC) != 0) { ++ KASSERT(td->td_proc->p_vmspace != oldvmspace, ++ ("oldvmspace still used")); ++ vmspace_free(oldvmspace); ++ td->td_pflags &= ~TDP_EXECVMSPC; ++ } + + return (error); + } +Index: sys/kern +=================================================================== +--- sys/kern (revision 266582) ++++ sys/kern (revision 266583) + +Property changes on: sys/kern +___________________________________________________________________ +Modified: svn:mergeinfo + Merged /head/sys/kern:r266464 +Index: sys/vm/vm_map.c +=================================================================== +--- sys/vm/vm_map.c (revision 266582) ++++ sys/vm/vm_map.c (revision 266583) +@@ -3521,6 +3521,8 @@ vmspace_exec(struct proc *p, vm_offset_t minuser, + struct vmspace *oldvmspace = p->p_vmspace; + struct vmspace *newvmspace; + ++ KASSERT((curthread->td_pflags & TDP_EXECVMSPC) == 0, ++ ("vmspace_exec recursed")); + newvmspace = vmspace_alloc(minuser, maxuser); + if (newvmspace == NULL) + return (ENOMEM); +@@ -3537,7 +3539,7 @@ vmspace_exec(struct proc *p, vm_offset_t minuser, + PROC_VMSPACE_UNLOCK(p); + if (p == curthread->td_proc) + pmap_activate(curthread); +- vmspace_free(oldvmspace); ++ curthread->td_pflags |= TDP_EXECVMSPC; + return (0); + } + +Index: sys/vm +=================================================================== +--- sys/vm (revision 266582) ++++ sys/vm (revision 266583) + +Property changes on: sys/vm +___________________________________________________________________ +Modified: svn:mergeinfo + Merged /head/sys/vm:r266464 +Index: sys/sys/proc.h +=================================================================== +--- sys/sys/proc.h (revision 266582) ++++ sys/sys/proc.h (revision 266583) +@@ -414,6 +414,7 @@ do { \ + #define TDP_AUDITREC 0x01000000 /* Audit record pending on thread */ + #define TDP_RESETSPUR 0x04000000 /* Reset spurious page fault history. */ + #define TDP_NERRNO 0x08000000 /* Last errno is already in td_errno */ ++#define TDP_EXECVMSPC 0x40000000 /* Execve destroyed old vmspace */ + + /* + * Reasons that the current thread can not be run yet. +Index: sys/sys +=================================================================== +--- sys/sys (revision 266582) ++++ sys/sys (revision 266583) + +Property changes on: sys/sys *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Tue Jun 3 21:18:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9E466C9C; Tue, 3 Jun 2014 21:18:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8C5A52BD5; Tue, 3 Jun 2014 21:18:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s53LINj0090752; Tue, 3 Jun 2014 21:18:23 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s53LINlx090751; Tue, 3 Jun 2014 21:18:23 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201406032118.s53LINlx090751@svn.freebsd.org> From: Xin LI Date: Tue, 3 Jun 2014 21:18:23 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45001 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Jun 2014 21:18:23 -0000 Author: delphij Date: Tue Jun 3 21:18:23 2014 New Revision: 45001 URL: http://svnweb.freebsd.org/changeset/doc/45001 Log: Reorder advisories so they appear in the right order. Modified: head/share/xml/advisories.xml Modified: head/share/xml/advisories.xml ============================================================================== --- head/share/xml/advisories.xml Tue Jun 3 19:32:04 2014 (r45000) +++ head/share/xml/advisories.xml Tue Jun 3 21:18:23 2014 (r45001) @@ -14,7 +14,7 @@ 3 - FreeBSD-SA-14:11.sendmail + FreeBSD-SA-14:13.pam @@ -22,7 +22,7 @@ - FreeBSD-SA-14:13.pam + FreeBSD-SA-14:11.sendmail From owner-svn-doc-all@FreeBSD.ORG Tue Jun 3 23:21:49 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 681DADE; Tue, 3 Jun 2014 23:21:49 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 54AE32638; Tue, 3 Jun 2014 23:21:49 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s53NLnCm060470; Tue, 3 Jun 2014 23:21:49 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s53NLnmr060469; Tue, 3 Jun 2014 23:21:49 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406032321.s53NLnmr060469@svn.freebsd.org> From: Warren Block Date: Tue, 3 Jun 2014 23:21:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45003 - head/en_US.ISO8859-1/articles/problem-reports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Jun 2014 23:21:49 -0000 Author: wblock Date: Tue Jun 3 23:21:48 2014 New Revision: 45003 URL: http://svnweb.freebsd.org/changeset/doc/45003 Log: Update the Problem Reports article, adding techniques for followup when a PR has been untouched for a while. Modified version of patch included with PR. PR: docs/190593 Submitted by: ports@robakdesign.com Modified: head/en_US.ISO8859-1/articles/problem-reports/article.xml Modified: head/en_US.ISO8859-1/articles/problem-reports/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/problem-reports/article.xml Tue Jun 3 22:29:10 2014 (r45002) +++ head/en_US.ISO8859-1/articles/problem-reports/article.xml Tue Jun 3 23:21:48 2014 (r45003) @@ -1242,6 +1242,60 @@ gone away, just send a follow-up (in the manner prescribed above) saying that the problem report can be closed, and, if possible, explaining how or when the problem was fixed. + + Sometimes there is a delay of a week or two where the + problem report remains untouched, not assigned or commented on + by anyone. This can happen when there is an increased problem + report backlog or during a holiday season. When a problem + report has not received attention after several weeks, it is + worth finding a committer particularly interested in working on + it. + + There are a few ways to do so, ideally in the following + order, with a few days between attempting each communication + channel: + + + + Find the relevant &os; mailing list for the problem + report from the list + in the Handbook and send a message to that list + asking about assistance or comments on the problem + report. + + + + Join the relevant IRC channels. + A partial listing is here: . + Inform the people in that channel about the problem report + and ask for assistance. Be patient and stay in the channel + after posting, so that the people from different time zones + around the world have a chance to catch up. + + + + Find committers interested in the problem that was + reported. If the problem was in a particular tool, binary, + port, document, or source file, check the SVN + Repository. Locate the last few committers who + made substantive changes to the file, and try to reach them + via IRC or email. A list of committers + and their emails can be found in the Contributors + to &os; article. + + + + Remember that these people are volunteers, just like + maintainers and users, so they might not be immediately + available to assist with the problem report. Patience and + consistency in the follow-ups is highly advised and appreciated. + With enough care and effort dedicated to that follow-up process, + finding a committer to take care of the problem report is just a + matter of time.
            From owner-svn-doc-all@FreeBSD.ORG Wed Jun 4 04:47:11 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0A626DEA; Wed, 4 Jun 2014 04:47:11 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DE933211B; Wed, 4 Jun 2014 04:47:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s544lAdM057181; Wed, 4 Jun 2014 04:47:10 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s544lAre057180; Wed, 4 Jun 2014 04:47:10 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201406040447.s544lAre057180@svn.freebsd.org> From: Xin LI Date: Wed, 4 Jun 2014 04:47:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45005 - head/share/security/advisories X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Jun 2014 04:47:11 -0000 Author: delphij Date: Wed Jun 4 04:47:10 2014 New Revision: 45005 URL: http://svnweb.freebsd.org/changeset/doc/45005 Log: Revise the errata to provide more correct information. Submitted by: kib, gjb Modified: head/share/security/advisories/FreeBSD-EN-14:06.exec.asc Modified: head/share/security/advisories/FreeBSD-EN-14:06.exec.asc ============================================================================== --- head/share/security/advisories/FreeBSD-EN-14:06.exec.asc Wed Jun 4 01:31:23 2014 (r45004) +++ head/share/security/advisories/FreeBSD-EN-14:06.exec.asc Wed Jun 4 04:47:10 2014 (r45005) @@ -26,31 +26,41 @@ Advisories, including descriptions of th branches, and the following sections, please visit . +0. Revision History + +v1.0 2014-06-03 Initial release. +v1.1 2014-06-03 Corrected some technical details for the advisory. + I. Background -The execve and fexecve system calls transforms the calling process into a -new process, constructed from an ordinarty file. +The execve(2) and fexecve(2) system calls transforms the calling process +into a new process, constructed from an ordinary file. When executing a new process, the FreeBSD virtual memory subsystem tries to optimize the process by avoiding destroying the old virtual memory address -space when the calling process do not share its address space with another -process (for instance, via rfork(2) with RFMEM) and when the new min/max -address limit stays the same. In the optimized scenario, the virtual memory -subsystem only removes usermode mappings from the existing virtual memory -address space instead of destroying and recreating it. +space when the calling process does not share its address space with another +process (for instance, via rfork(2) with RFMEM) and when the new +minimum/maxaximum address limit stays the same. In the optimized scenario, +the virtual memory subsystem only removes usermode mappings from the existing +virtual memory address space instead of destroying and recreating it. II. Problem Description -When the virtual memory address space is recreated for the calling process, -the old virtual memory address space as well as its associated mappings are -destroyed before thread_single(9) boundary, where threads were allowed to -run to safely terminate. If such threads were on other CPUs, the old page -table pointer may still be referenced. +When the virtual memory address space is recreated for the calling +process, the old virtual memory address space, as well as its +associated mappings, may be destroyed if the old address space is not +suitable for the new image execution. The destruction happens before +other threads in the current process are terminated. If the address +space is destroyed, such threads still reference old address space and +corresponding mapping structures, and an attempt to switch to them to +gracefully terminate the remaining threads cause a triple fault and +machine reset. III. Impact -The system will crash when this happens due to a triple-fault triggered by -dereferencing an invalid page table pointer. +The system will reboot without any log or panic message when this +happens due to a triple-fault triggered by dereferencing an invalid +page table pointer. IV. Workaround @@ -147,17 +157,17 @@ http://security.FreeBSD.org/advisories/F -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) -iQIcBAEBCgAGBQJTjiDaAAoJEO1n7NZdz2rnNcIQANX2RW/Yeuso43ziviT10iH9 -IBd0Ibazfq4HIVANEGfBF9pkL7vQ4VZzzWJBZEA6r/0qDMVO0mMoFA2/SDAB3oCO -Wjc2TF/FLNPlrYamO1Comb1lKG8nmXj3C+AEEOyzlxDBLIH4cEuCX6yBbjZgjeuz -eYTmFWqiMBwjOctZSFzmaZjaG0EtUIig8ELkPePXBP+zGZiBlBRpLuXWTUuRTT1T -I8YbhEhlvw7rZmtK7rq5uRFfFclmFCC1cYRxKb9o+9tXUL9Qq6q0740hAG/I1HJU -s7M3gvQZNhFa6B8fC2XbBwe1g51pfcxRkU8ZZ0kIU4064r9CP9In9InmcFKrfZTo -xNYNiV9/8rY2lHts6cXZgfrJQLfEWzYghlKVBBZpd8syVjt8ozA08YAD4RAzGAsb -s1cwI9ZCpc9ak6kd9xvDV/ZUmJLE3XS8HkogUd/RBYiu0GTn6MsCIc/pnOpAL1Cq -BWLmWS8vDT4rcuC828L2VmdfLjrdWcr9DHreiW7xxCX4O+/ktOT43PrgQtjd/mf+ -i0k9OAJRwdoh92ylLkEJqm3kugoDGxOITKHvo2dx+g2ySukIzTv0BCNT9EAJ0kX+ -i4G0eyGNTsIycZcokil1rUzk2giNLa5yqKOZNzPZ3EA7U/knuXDN1rdN0OzrqncY -WZlllko53SvpSDli15vp -=A9nK +iQIcBAEBCgAGBQJTjqLMAAoJEO1n7NZdz2rnlZAQAIyw74OAXftuLAZC6HXHQt5s +cu9wUFa5+2OUJiVjyh0nGsHH6bu0hXqJ+5lODqGb/5H17vXeazIC/1b1qa4aYyV/ +yJ2JqSFvDAgecs8xpP3jzvhB11bnu7IYTIisJ4kguO2uszH4SC3aWnn5706A6B/v +fh+o0L+y8O3eAxGCslpUWUC/0m4gco4BzYiziqk1yDCv58UN1Pb9v/OuxE2FKkRe +aeGTUeXzVUc922TkefXOR4Z6h7I3jL5m4XDO2PfEnpzUanCLPccUHxWy1fBFMN0B +Pk/i2hcXCSuNXAMPmSjOatLpj40t7ZzSKJvbmmxjTUeOGFomLvkCq6alSjzHbpDT +3H2vGYspR8rQz5s3VuXNoaAP3mUgeW2tWmk1O6Pz36/tuUB3XqAifAP6PsBkIJrh +Mw1dlxfeKf9U+FBvwJmarTLMv9cFHmc5bWglrfoom2doWYINAytcBZG5yrYa7nXf +dhIs1iqF+jyz68XoVSB80UsZet4mtvKgvNDeK0PNgz+IW1/izbya5GqkO29izbiw +LNU8xhc/tqHENTZeQxwacyfO9gSlqT0/mFGi0ciRqyIpV5e+rkNG0q/jKSDz1Im+ +957zDTZT6tkxGU8SPP/IRgoj48pMFF9kOslikW+4sYSY7zyrx2GP8qXMtSOcmNOB +WqT612K4k2YB7L/y694b +=sHOn -----END PGP SIGNATURE----- From owner-svn-doc-all@FreeBSD.ORG Wed Jun 4 13:16:17 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D33CAC36; Wed, 4 Jun 2014 13:16:17 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BFB872173; Wed, 4 Jun 2014 13:16:17 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s54DGHvl098793; Wed, 4 Jun 2014 13:16:17 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s54DGHD1098792; Wed, 4 Jun 2014 13:16:17 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406041316.s54DGHD1098792@svn.freebsd.org> From: Warren Block Date: Wed, 4 Jun 2014 13:16:17 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45006 - head/en_US.ISO8859-1/articles/contributors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Jun 2014 13:16:17 -0000 Author: wblock Date: Wed Jun 4 13:16:17 2014 New Revision: 45006 URL: http://svnweb.freebsd.org/changeset/doc/45006 Log: Update the contributor's email in Additional Contributors article. PR: 190603 Submitted by: ports@robakdesign.com Modified: head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Modified: head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Wed Jun 4 04:47:10 2014 (r45005) +++ head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Wed Jun 4 13:16:17 2014 (r45006) @@ -1158,7 +1158,7 @@ Bartek Rutkowski - r@robakdesign.com + contact+freebsd@robakdesign.com From owner-svn-doc-all@FreeBSD.ORG Wed Jun 4 14:08:04 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D15A4865; Wed, 4 Jun 2014 14:08:04 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BC62826B8; Wed, 4 Jun 2014 14:08:04 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s54E84Mn022147; Wed, 4 Jun 2014 14:08:04 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s54E84Wx022146; Wed, 4 Jun 2014 14:08:04 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201406041408.s54E84Wx022146@svn.freebsd.org> From: Ryusuke SUZUKI Date: Wed, 4 Jun 2014 14:08:04 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45007 - head/ja_JP.eucJP/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Jun 2014 14:08:05 -0000 Author: ryusuke Date: Wed Jun 4 14:08:04 2014 New Revision: 45007 URL: http://svnweb.freebsd.org/changeset/doc/45007 Log: - Merge the following from the English version: r44892 -> r44924 head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml ============================================================================== --- head/ja_JP.eucJP/share/xml/news.xml Wed Jun 4 13:16:17 2014 (r45006) +++ head/ja_JP.eucJP/share/xml/news.xml Wed Jun 4 14:08:04 2014 (r45007) @@ -1,31 +1,34 @@ + "http://www.FreeBSD.org/XML/share/xml/news.dtd"> - - $FreeBSD$ - + + $FreeBSD$ + 2014 @@ -35,17 +38,21 @@ 17 +

            新コミッタ就任: - Allan Jude (doc)

            + Allan Jude + (doc)

                         - 7 + 7 +

            新コミッタ就任: - Stephen McConnell (src)

            + Stephen McConnell + (src)

                         @@ -54,10 +61,11 @@ 4 - 24 + 24

            新コミッタ就任: - Kurt Jaeger (ports)

            + Kurt Jaeger + (ports)

                         @@ -69,16 +77,17 @@

            2014 - 年 1 月から 3 月の開発進捗レポート (41 エントリ) + 年 1 月から 3 月の開発進捗レポート (41 エントリ) が公開されました。

            - 7 + 7 + -

            新コミッタ就任: - Johannes Jost Meixner (ports)

            +

            新コミッタ就任: Johannes + Jost Meixner (ports)

                         @@ -111,9 +120,9 @@ FreeBSD の開発者のイベントに参加しています。

            我こそは、と思う方はぜひとも応募してください! - 申し込みや締め切りなど、詳細については - FreeBSD Summer - Projects ページ をご覧ください。

            + 申し込みや締め切りなど、詳細については FreeBSD + Summer Projects ページ をご覧ください。

            @@ -147,31 +156,34 @@ 開発進捗レポート (2013 年 10 月 - 12 月) 公開 -

            2013 +

            2013 年 10 月から 12 月の開発進捗レポート (37 エントリ) - が公開されました。

            + が公開されました。

             - 23 + 23

            新コミッタ就任: - Rodrigo Osorio (ports)

            + Rodrigo Osorio + (ports)

                         - 21 + 21

            新コミッタ就任: - Tycho Nightingale (src)

            + Tycho Nightingale + (src)

            新コミッタ就任: - Michael Gmelin (ports)

            + Michael Gmelin + (ports)

                         @@ -182,20 +194,20 @@ &os; 10.0-RELEASE 公開

            FreeBSD - 10.0-RELEASE が公開されました。 - インストール前に リリースノート - および リリース Errata - を読み、10.0 に関する最新情報や問題点などを確認してください。 - FreeBSD のリリースに関するより詳しい情報については リリース情報 - をご覧ください。

            + 10.0-RELEASE が公開されました。 + インストール前に リリースノート + および リリース Errata + を読み、10.0 に関する最新情報や問題点などを確認してください。 + FreeBSD のリリースに関するより詳しい情報については リリース情報 + をご覧ください。

            -

            コミット権限の拡大: Jason Helfman +

            コミット権限の拡大: + Jason Helfman (ports, doc)

             @@ -204,18 +216,19 @@ 15 -

            コミット権限の拡大: Steven Kreuzer +

            コミット権限の拡大: + Steven Kreuzer (ports, doc)

             - 13 + 13

            コミッタ復帰: - Bruce A. Mah (ports)

            + Bruce A. Mah + (ports)

                         @@ -224,7 +237,8 @@

            新コミッタ就任: - Thomas Zander (ports)

            + Thomas Zander + (ports)

             @@ -238,8 +252,8 @@ href="&lists.stable;/2014-January/076800.html">アナウンス)。 &os; - ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 および - sparc64 アーキテクチャの ISO イメージを入手できます。

            + ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 + および sparc64 アーキテクチャの ISO イメージを入手できます。

            @@ -253,8 +267,8 @@ href="&lists.stable;/2014-January/076681.html">アナウンス)。 &os; - ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 および - sparc64 アーキテクチャの ISO イメージを入手できます。

            + ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 + および sparc64 アーキテクチャの ISO イメージを入手できます。

            @@ -276,8 +290,8 @@ href="&lists.stable;/2013-December/076590.html">アナウンス)。 &os; - ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 および - sparc64 アーキテクチャの ISO イメージを入手できます。

            + ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 + および sparc64 アーキテクチャの ISO イメージを入手できます。

            @@ -285,8 +299,9 @@ 18 -

            コミット権限の拡大: Ganbold Tsagaankhuu +

            コミット権限の拡大: + Ganbold + Tsagaankhuu (doc, src)

             @@ -295,13 +310,14 @@ 16 -

            新コミッタ就任: Jonathan Chu (ports)

            +

            新コミッタ就任: + Jonathan Chu + (ports)

             -

            コミット権限の拡大: Bryan Drewery +

            コミット権限の拡大: + Bryan Drewery (ports, src)

             @@ -313,8 +329,8 @@ href="&lists.stable;/2013-December/076480.html">アナウンス)。 &os; - ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 および - sparc64 アーキテクチャの ISO イメージを入手できます。

            + ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 + および sparc64 アーキテクチャの ISO イメージを入手できます。

            @@ -329,15 +345,17 @@ href="&lists.stable;/2013-December/076231.html">アナウンス)。 &os; - ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 および - sparc64 アーキテクチャの ISO イメージを入手できます。

            + ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 + および sparc64 アーキテクチャの ISO イメージを入手できます。

            EuroBSDcon 2013 Developer Summit レポート -

            EuroBSDcon 2013 &os; Developer Summit のスペシャルレポート - (13 エントリ) が公開されました。

            + +

            EuroBSDcon + 2013 &os; Developer Summit のスペシャルレポート + (13 エントリ) が公開されました。

             @@ -352,8 +370,8 @@ href="&lists.stable;/2013-December/076040.html">アナウンス)。 &os; - ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 および - sparc64 アーキテクチャの ISO イメージを入手できます。

            + ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 + および sparc64 アーキテクチャの ISO イメージを入手できます。

            @@ -366,7 +384,8 @@

            新コミッタ就任: - Roger Pau Monné (src)

            + Roger Pau + Monné (src)

             @@ -375,7 +394,8 @@

            新コミッタ就任: - Alexey Degtyarev (ports)

            + Alexey Degtyarev + (ports)

             @@ -390,8 +410,8 @@ href="&lists.stable;/2013-November/075704.html">アナウンス)。 &os; - ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 および - sparc64 アーキテクチャの ISO イメージを入手できます。

            + ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 + および sparc64 アーキテクチャの ISO イメージを入手できます。

            @@ -400,7 +420,8 @@

            新コミッタ就任: - Julio Merino (src)

            + Julio Merino + (src)

             @@ -435,8 +456,8 @@ href="&lists.stable;/2013-October/075591.html">アナウンス)。 &os; - ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 および - sparc64 アーキテクチャの ISO イメージを入手できます。

            + ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 + および sparc64 アーキテクチャの ISO イメージを入手できます。

            @@ -446,10 +467,10 @@ 開発進捗レポート (2013 年 7 月 - 9 月) 公開 -

            2013 +

            2013 年 7 月から 9 月の開発進捗レポート (30 エントリ) - が公開されました。

            + が公開されました。

             @@ -463,8 +484,8 @@ href="&lists.stable;/2013-October/075504.html">アナウンス)。 &os; - ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 および - sparc64 アーキテクチャの ISO イメージを入手できます。

            + ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 + および sparc64 アーキテクチャの ISO イメージを入手できます。

            @@ -472,7 +493,8 @@ 9

            新コミッタ就任: - Eric Davis (src)

            + Eric Davis + (src)

             @@ -487,8 +509,8 @@ href="&lists.current;/2013-October/045097.html">アナウンス)。 &os; - ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 および - sparc64 アーキテクチャの ISO イメージを入手できます。

            + ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 + および sparc64 アーキテクチャの ISO イメージを入手できます。

            @@ -503,15 +525,15 @@ &os; 9.2-RELEASE 公開

            FreeBSD - 9.2-RELEASE が公開されました。 - インストール前に リリースノート - および リリース Errata - を読み、9.2 に関する最新情報や問題点などを確認してください。 - FreeBSD のリリースに関するより詳しい情報については リリース情報 - をご覧ください。

            + 9.2-RELEASE が公開されました。 + インストール前に リリースノート + および リリース Errata + を読み、9.2 に関する最新情報や問題点などを確認してください。 + FreeBSD のリリースに関するより詳しい情報については リリース情報 + をご覧ください。

            @@ -526,16 +548,18 @@ href="&lists.current;/2013-September/044951.html">アナウンス)。 &os; - ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 および - sparc64 アーキテクチャの ISO イメージを入手できます。

            + ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 + および sparc64 アーキテクチャの ISO イメージを入手できます。

            23 +

            新コミッタ就任: - Danilo Egêa Gondolfo (ports)

            + Danilo Egêa + Gondolfo (ports)

                         @@ -549,8 +573,8 @@ href="&lists.current;/2013-September/044676.html">アナウンス)。 &os; - ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 および - sparc64 アーキテクチャの ISO イメージを入手できます。

            + ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 + および sparc64 アーキテクチャの ISO イメージを入手できます。

            @@ -564,7 +588,7 @@ href="&lists.current;/2013-September/044522.html">アナウンス)。 &os; - ミラーサイト から amd64, i386, ia64, powerpc および + ミラーサイト から amd64, i386, ia64, powerpc および sparc64 アーキテクチャの ISO イメージを入手できます。

            @@ -580,8 +604,8 @@ href="&lists.stable;/2013-September/075163.html">アナウンス)。 &os; - ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 および - sparc64 アーキテクチャの ISO イメージを入手できます。

            + ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 + および sparc64 アーキテクチャの ISO イメージを入手できます。

            @@ -589,11 +613,13 @@ 2

            新コミッタ就任: - Ruslan Bukin (src)

            + Ruslan Bukin (src)

             +

            新コミッタ就任: - Zbigniew Bodek (src)

            + Zbigniew Bodek + (src)

             @@ -611,7 +637,7 @@ amd64, i386, ia64, powerpc, powerpc64 および sparc64 アーキテクチャの ISO イメージが、&os; - ミラーサイト公開 されています。

            @@ -627,7 +653,7 @@ amd64, i386, ia64, powerpc, powerpc64 および sparc64 アーキテクチャの ISO イメージが、&os; - ミラーサイト公開 されています。

            @@ -666,7 +692,7 @@ amd64, i386, ia64, powerpc, powerpc64 および sparc64 アーキテクチャの ISO イメージが、&os; - ミラーサイト公開 されています。

            @@ -680,7 +706,8 @@ 31

            新コミッタ就任: - Rusmir Dusko (ports)

            + Rusmir Dusko + (ports)

             @@ -694,7 +721,7 @@ amd64, i386, powerpc64 および sparc64 アーキテクチャの ISO イメージが、&os; - ミラーサイト公開 されています。

            @@ -709,7 +736,7 @@

            &os;-9.2 リリースサイクルにおける最初の BETA 版が公開されました。 amd64, i386 および ia64 アーキテクチャの ISO イメージが、&os; - ミラーサイト公開 されています。

            @@ -721,10 +748,10 @@ 開発進捗レポート (2013 年 4 月 - 6 月) 公開 -

            2013 +

            2013 年 4 月 から 6 月の開発進捗レポート (33 エントリ) - が公開されました。

            + が公開されました。

             @@ -732,7 +759,8 @@ 4

            新コミッタ就任: - John Marino (ports)

            + John Marino + (ports)

             @@ -740,7 +768,8 @@

            新コミッタ就任: - Luiz Otavio O Souza (src)

            + Luiz Otavio O Souza + (src)

                         @@ -749,10 +778,11 @@ BSDCan 2013 DevSummit レポート -

            BSDCan 2013 &os; 開発者サミットのスペシャルレポート - (6 エントリ) が 公開 - されました。

            + +

            BSDCan 2013 &os; 開発者サミットのスペシャルレポート + (6 エントリ) が 公開 + されました。

             @@ -765,7 +795,8 @@

            新コミッタ就任: - Mark Felder (ports)

            + Mark Felder + (ports)

             @@ -777,18 +808,19 @@

            本日、&os; は 20 - 歳 を迎えました。 + 歳 を迎えました。 1993 年 6 月 19 日、Jordan Hubbard, Rod Grimes および David Greenman は、BSD 4.3 オペレーティングシステムから新しいプロジェクトがスタートしたことを世界にアナウンスしました。

            -

            &os; は、Bill と Lynne Jolitz の 386BSD 0.1 - リリースから派生し、1993 年の 11 月に 1.0 がリリースされました。 - 最初の目標は、高速、安全でかつ信頼性の高い - i386 システムのサーバ用オペレーティングシステムを作成することでした。

            - -

            それ以降、数えきれないほどのプロダクトのバックボーンに採用され、 - 64 ビットシステム、組み込みデバイスおよびデスクトプをサポートするまでに成長しました。

            +

            &os; は、Bill と Lynne Jolitz の 386BSD 0.1 + リリースから派生し、1993 年の 11 月に 1.0 がリリースされました。 + 最初の目標は、高速、安全でかつ信頼性の高い i386 + システムのサーバ用オペレーティングシステムを作成することでした。

            + +

            それ以降、数えきれないほどのプロダクトのバックボーンに採用され、 + 64 ビットシステム、 + 組み込みデバイスおよびデスクトプをサポートするまでに成長しました。

            @@ -797,7 +829,8 @@

            新コミッタ就任: - Veniamin Gvozdikov (ports)

            + Veniamin Gvozdikov + (ports)

             @@ -807,17 +840,20 @@ &os; 8.4-RELEASE 公開 -

            &os;  - 8.4-RELEASE が公開されました。 - インストール前に リリースノート - (詳細版) および リリース - Errata を読み、8.4 に関する最新情報や問題点などを確認してください。 - &os; のリリースに関するより詳しい情報については リリース情報 - をご覧ください。

            +

            &os; 8.4-RELEASE + が公開されました。 + インストール前に リリースノート + (詳細版) + および リリース + Errata を読み、 + 8.4 に関する最新情報や問題点などを確認してください。 + &os; のリリースに関するより詳しい情報については リリース情報 + をご覧ください。

             @@ -825,8 +861,8 @@ 4 -

            コミット権限の拡大: Glen Barber +

            コミット権限の拡大: + Glen Barber (doc, ports, src)

             @@ -839,8 +875,8 @@ 27 -

            コミット権限の拡大: Chris Rees +

            コミット権限の拡大: + Chris Rees (doc, ports)

             @@ -868,7 +904,7 @@ 開発進捗レポート (2013 年 1 月 - 3 月) 公開

            2013 年 1 月 から 3 月の開発進捗レポート (31 エントリ) が 公開 + href="&enbase;/news/status/report-2013-01-2013-03.html">公開 されました。

            @@ -899,7 +935,7 @@

            &os;-8.4 リリースサイクルの 3 回目のリリース候補が公開されました。 amd64, i386 および pc98 アーキテクチャの ISO イメージが、&os; - ミラーサイト公開 されています。

            @@ -931,7 +967,8 @@

            新コミッタ就任: - Alan Somers (src)

            + Alan Somers + (src)

             @@ -956,9 +993,9 @@ FreeBSD の開発者のイベントにも参加しています。

            我こそは、と思う方はぜひとも応募してください! - 申し込みや締め切りなど、詳細については - FreeBSD Summer - Projects ページ をご覧ください。

            + 申し込みや締め切りなど、詳細については FreeBSD Summer + Projects ページ をご覧ください。

             @@ -971,7 +1008,7 @@

            &os;-8.4 リリースサイクルの 2 回目のリリース候補が公開されました。 amd64, i386 および pc98 アーキテクチャの ISO イメージが、&os; - ミラーサイト公開 されています。

            @@ -981,8 +1018,8 @@ 18 -

            コミット権限の拡大: Cy Schubert +

            コミット権限の拡大: + Cy Schubert (src, ports)

             @@ -992,7 +1029,8 @@

            新コミッタ就任: - Hiren Panchasara (src)

            + Hiren Panchasara + (src)

             @@ -1005,7 +1043,7 @@

            &os;-8.4 リリースサイクルの最初のリリース候補が公開されました。 amd64, i386 および pc98 アーキテクチャの ISO イメージが、&os; - ミラーサイト公開 されています。

            @@ -1015,8 +1053,8 @@ 3 -

            コミット権限の拡大: Antoine Brodin +

            コミット権限の拡大: + Antoine Brodin (src, ports)

             @@ -1026,7 +1064,8 @@

            新コミッタ就任: - William Grzybowski (ports)

            + William Grzybowski + (ports)

             @@ -1053,7 +1092,7 @@

            &os;-8.4 リリースサイクルの最初のテストビルドが公開されました。 amd64, i386 および pc98 アーキテクチャの ISO イメージが、&os; - ミラーサイト公開 されています。

            @@ -1072,7 +1111,7 @@ の投資の中で重大な出来事です。

            続きを読む

            + href="http://freebsdfoundation.blogspot.com/2013/03/foundation-announces-new-technical.html">続きを読む

            @@ -1092,19 +1131,20 @@ 開発進捗レポート (2012 年 10 月 - 12 月) 公開

            2012 年 10 月 から 12 月の開発進捗レポート (27 エントリ) が 公開 + href="&enbase;/news/status/report-2012-10-2012-12.html">公開 されました。

            + 開発進捗レポート (2012 年 7 月 - 9 月) 公開

            2012 年 7 月 から 9 月の開発進捗レポート (12 エントリ) が 公開 + href="&enbase;/news/status/report-2012-07-2012-09.html">公開 されました。

             - + 2 @@ -1113,7 +1153,8 @@

            新コミッタ就任: - Po-Chien Lin (ports)

            + Po-Chien Lin + (ports)

             @@ -1122,7 +1163,8 @@

            新コミッタ就任: - Thomas-Martin Seck (ports)

            + Thomas-Martin Seck + (ports)

             @@ -1133,44 +1175,47 @@ 23 - -

            新コミッタ就任: - Achim Leubner (src)

            -             + +

            新コミッタ就任: + Achim Leubner + (src)

            +             - 22 - -

            新コミッタ就任: - Dru Lavigne (doc)

            -             + 22 + +

            新コミッタ就任: + Dru Lavigne (doc)

            +             16 - -

            新コミッタ就任: - Carl Delsey (src)

            -             + +

            新コミッタ就任: + Carl Delsey + (src)

            +             15 -

            コミット権の範囲の拡大: René Ladan (ports, - full doc/www)

            +

            コミット権の範囲の拡大: + René Ladan + (ports, full doc/www)

                         - 14 - + 14 +

            新コミッタ就任: - David Naylor (ports)

            -             + David Naylor + (ports)

            +             @@ -1179,7 +1224,7 @@ 開発進捗レポート (2012 年 4 月 - 6 月) 公開

            2012 年 4 月 から 6 月の開発進捗レポート (17 エントリ) が 公開 + href="&enbase;/news/status/report-2012-04-2012-06.html">公開 されました。

             @@ -1190,9 +1235,11 @@ Ports CVS は 2013 年 2 月 28 日にサポート終了

            現在、&os; ports の開発は Subversion で行われています。 - ports ツリーの CVS へのエクスポートは、2013 年 2 月 28 日をもって停止します。 + ports ツリーの CVS へのエクスポートは、 + 2013 年 2 月 28 日をもって停止します。 そのため、この日を過ぎると、 - CVS, CVSup または csup(1) による ports ツリーのアップデートはできません。 + CVS, CVSup または csup(1) による ports + ツリーのアップデートはできません。 CVS, CVSup および csup(1) を使っているすべてのユーザは portsnap(8) へと移行し、 Ports Collection *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Wed Jun 4 15:34:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C1671EDB; Wed, 4 Jun 2014 15:34:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AEB822F6B; Wed, 4 Jun 2014 15:34:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s54FYgvg063228; Wed, 4 Jun 2014 15:34:42 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s54FYgx9063227; Wed, 4 Jun 2014 15:34:42 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406041534.s54FYgx9063227@svn.freebsd.org> From: Glen Barber Date: Wed, 4 Jun 2014 15:34:42 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45008 - head/en_US.ISO8859-1/articles/committers-guide X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Jun 2014 15:34:42 -0000 Author: gjb Date: Wed Jun 4 15:34:42 2014 New Revision: 45008 URL: http://svnweb.freebsd.org/changeset/doc/45008 Log: Document that zsh users should escape '^' when using the '^/head' subversion syntax for merging. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/committers-guide/article.xml Wed Jun 4 14:08:04 2014 (r45007) +++ head/en_US.ISO8859-1/articles/committers-guide/article.xml Wed Jun 4 15:34:42 2014 (r45008) @@ -1870,6 +1870,14 @@ U stable/9/share/man/man4/netmap.4 repository path. + + If using the Zsh shell, + the ^ must be escaped with + \. This means + ^/head should be + \^/head. + + It is necessary to resolve any merge conflicts. This process is the same in SVN as in CVS. From owner-svn-doc-all@FreeBSD.ORG Wed Jun 4 17:51:16 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4D06CD37; Wed, 4 Jun 2014 17:51:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2EF952DB2; Wed, 4 Jun 2014 17:51:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s54HpGOY026221; Wed, 4 Jun 2014 17:51:16 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s54HpGZq026220; Wed, 4 Jun 2014 17:51:16 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201406041751.s54HpGZq026220@svn.freebsd.org> From: Xin LI Date: Wed, 4 Jun 2014 17:51:16 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45009 - head/share/security/advisories X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Jun 2014 17:51:16 -0000 Author: delphij Date: Wed Jun 4 17:51:15 2014 New Revision: 45009 URL: http://svnweb.freebsd.org/changeset/doc/45009 Log: Correct a typo. Noticed by: pluknet Modified: head/share/security/advisories/FreeBSD-EN-14:06.exec.asc Modified: head/share/security/advisories/FreeBSD-EN-14:06.exec.asc ============================================================================== --- head/share/security/advisories/FreeBSD-EN-14:06.exec.asc Wed Jun 4 15:34:42 2014 (r45008) +++ head/share/security/advisories/FreeBSD-EN-14:06.exec.asc Wed Jun 4 17:51:15 2014 (r45009) @@ -30,6 +30,7 @@ branches, and the following sections, pl v1.0 2014-06-03 Initial release. v1.1 2014-06-03 Corrected some technical details for the advisory. +v1.1 2014-06-04 Corrected a typo. I. Background @@ -40,7 +41,7 @@ When executing a new process, the FreeBS optimize the process by avoiding destroying the old virtual memory address space when the calling process does not share its address space with another process (for instance, via rfork(2) with RFMEM) and when the new -minimum/maxaximum address limit stays the same. In the optimized scenario, +minimum/maximum address limit stays the same. In the optimized scenario, the virtual memory subsystem only removes usermode mappings from the existing virtual memory address space instead of destroying and recreating it. @@ -157,17 +158,17 @@ http://security.FreeBSD.org/advisories/F -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) -iQIcBAEBCgAGBQJTjqLMAAoJEO1n7NZdz2rnlZAQAIyw74OAXftuLAZC6HXHQt5s -cu9wUFa5+2OUJiVjyh0nGsHH6bu0hXqJ+5lODqGb/5H17vXeazIC/1b1qa4aYyV/ -yJ2JqSFvDAgecs8xpP3jzvhB11bnu7IYTIisJ4kguO2uszH4SC3aWnn5706A6B/v -fh+o0L+y8O3eAxGCslpUWUC/0m4gco4BzYiziqk1yDCv58UN1Pb9v/OuxE2FKkRe -aeGTUeXzVUc922TkefXOR4Z6h7I3jL5m4XDO2PfEnpzUanCLPccUHxWy1fBFMN0B -Pk/i2hcXCSuNXAMPmSjOatLpj40t7ZzSKJvbmmxjTUeOGFomLvkCq6alSjzHbpDT -3H2vGYspR8rQz5s3VuXNoaAP3mUgeW2tWmk1O6Pz36/tuUB3XqAifAP6PsBkIJrh -Mw1dlxfeKf9U+FBvwJmarTLMv9cFHmc5bWglrfoom2doWYINAytcBZG5yrYa7nXf -dhIs1iqF+jyz68XoVSB80UsZet4mtvKgvNDeK0PNgz+IW1/izbya5GqkO29izbiw -LNU8xhc/tqHENTZeQxwacyfO9gSlqT0/mFGi0ciRqyIpV5e+rkNG0q/jKSDz1Im+ -957zDTZT6tkxGU8SPP/IRgoj48pMFF9kOslikW+4sYSY7zyrx2GP8qXMtSOcmNOB -WqT612K4k2YB7L/y694b -=sHOn +iQIcBAEBCgAGBQJTj1v/AAoJEO1n7NZdz2rnh2IQALLdJp0DmXZfFxhDctIyb8Ma +9mwBzVRnyfWwhq0q6GwnSKd1hZh0qQ8SCRuaq4+SwO5conlw4NUx+ADyEBo2cx5B +w6uYNZF75QAVh0eFATuYaj5TH5XC7NlqJU8YDKY2mOS1C7Ghbk4jo6fo1EFLwnt8 +lMG/H1H1RBSNsvboqCCpW7kkJPjz1npg12gAO0k4jDKGw/jusC5Beq57HeJE53Wz +iisYQCwLUB+3H/AZLnbj4FBBvD2tOzvuKhnk3GCmVTUHRTecZWAEmWWJ3Jxc/6gB +vu+oIadMHlouLmTBJPZ1sosrhENmM4TG5IfJPRAXCZ8uaaPHR0zY8qgWxvOCLvO+ +zImMhru3DVpJmY1A8KJy/c6R8q/W3meEqv0WhB9B2cgxcgXE8/btmMHy4tss1tN8 +LBv5SlMDm/5xjbM4ApE8cJjQm3JowuCIN1ZAkyHRz8+dDaPBcfZED2MEODE1J3xR +nUJzQzFvUk95vobbUXf2IQXGiVbWX5clS8VFkt8Jo5tgGmoq2lsgEIkNVQTd5eZA +jtG+4HvcGLQP5csBf+SeIEBL4HBYaMpu/grH4bDsqSAVLNC3F/UcsKX1eyv0c3gA +wFPTs2hrkd5LdgplzpLFetdpP0d48msLDBI494skz5eI0/LlBoU0sbtKCwrkYbpO +RUGJumiUhHycxEdXwSgd +=mTIM -----END PGP SIGNATURE----- From owner-svn-doc-all@FreeBSD.ORG Wed Jun 4 21:36:09 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B7BD1E36; Wed, 4 Jun 2014 21:36:09 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8B2A0277C; Wed, 4 Jun 2014 21:36:09 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s54La9i1029968; Wed, 4 Jun 2014 21:36:09 GMT (envelope-from peter@svn.freebsd.org) Received: (from peter@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s54La9I8029967; Wed, 4 Jun 2014 21:36:09 GMT (envelope-from peter@svn.freebsd.org) Message-Id: <201406042136.s54La9I8029967@svn.freebsd.org> From: Peter Wemm Date: Wed, 4 Jun 2014 21:36:09 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45010 - head/en_US.ISO8859-1/htdocs/support X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Jun 2014 21:36:09 -0000 Author: peter (src committer) Date: Wed Jun 4 21:36:09 2014 New Revision: 45010 URL: http://svnweb.freebsd.org/changeset/doc/45010 Log: Along the lines of r44999, hack redirection for a few more gnats references. Modified: head/en_US.ISO8859-1/htdocs/support/bugreports.xml Modified: head/en_US.ISO8859-1/htdocs/support/bugreports.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/support/bugreports.xml Wed Jun 4 17:51:15 2014 (r45009) +++ head/en_US.ISO8859-1/htdocs/support/bugreports.xml Wed Jun 4 21:36:09 2014 (r45010) @@ -15,9 +15,8 @@

            Problem Report Database

            -

            Current FreeBSD problem reports are tracked using the GNATS - database.

            +

            Current FreeBSD problem reports are tracked using Bugzilla.

            A FreeBSD problem report (PR) is not necessarily a bug with FreeBSD itself. In some cases it may be reporting a mistake in the @@ -33,19 +32,18 @@ tracking ID of the PR that prompted the change.

            How to Submit A Problem Report

            -

            Problem reports may be submitted to the development team using the - send-pr(1) - command on a &os; system or by - using the web based form. +

            Problem reports may be submitted to the development team by using + the web based + form. Please note that messages sent to a mailing list are not tracked as official problem reports, and may get lost in the noise!

            From owner-svn-doc-all@FreeBSD.ORG Thu Jun 5 13:03:09 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7D58796F; Thu, 5 Jun 2014 13:03:09 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5E0CB2A02; Thu, 5 Jun 2014 13:03:09 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s55D39BP052402; Thu, 5 Jun 2014 13:03:09 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s55D38Se052392; Thu, 5 Jun 2014 13:03:08 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201406051303.s55D38Se052392@svn.freebsd.org> From: Xin LI Date: Thu, 5 Jun 2014 13:03:08 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45011 - in head/share: security/advisories security/patches/SA-14:14 xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Jun 2014 13:03:09 -0000 Author: delphij Date: Thu Jun 5 13:03:07 2014 New Revision: 45011 URL: http://svnweb.freebsd.org/changeset/doc/45011 Log: Add SA-14:14.openssl. Added: head/share/security/advisories/FreeBSD-SA-14:14.openssl.asc (contents, props changed) head/share/security/patches/SA-14:14/ head/share/security/patches/SA-14:14/openssl-10.patch (contents, props changed) head/share/security/patches/SA-14:14/openssl-10.patch.asc (contents, props changed) head/share/security/patches/SA-14:14/openssl-9.patch (contents, props changed) head/share/security/patches/SA-14:14/openssl-9.patch.asc (contents, props changed) Modified: head/share/xml/advisories.xml Added: head/share/security/advisories/FreeBSD-SA-14:14.openssl.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-SA-14:14.openssl.asc Thu Jun 5 13:03:07 2014 (r45011) @@ -0,0 +1,170 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-SA-14:14.openssl Security Advisory + The FreeBSD Project + +Topic: OpenSSL multiple vulnerabilities + +Category: contrib +Module: openssl +Announced: 2014-06-05 +Affects: All supported versions of FreeBSD. +Corrected: 2014-06-05 12:32:38 UTC (stable/10, 10.0-STABLE) + 2014-06-05 12:33:23 UTC (releng/10.0, 10.0-RELEASE-p5) + 2014-06-05 12:53:06 UTC (stable/9, 9.3-BETA1) + 2014-06-05 12:53:06 UTC (stable/9, 9.3-BETA1-p2) + 2014-06-05 12:33:23 UTC (releng/9.2, 9.2-RELEASE-p8) + 2014-06-05 12:33:23 UTC (releng/9.1, 9.1-RELEASE-p15) + 2014-06-05 12:32:38 UTC (stable/8, 8.4-STABLE) + 2014-06-05 12:33:23 UTC (releng/8.4, 8.4-RELEASE-p12) +CVE Name: CVE-2014-0195, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470 + +For general information regarding FreeBSD Security Advisories, +including descriptions of the fields above, security branches, and the +following sections, please visit . + +I. Background + +FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is +a collaborative effort to develop a robust, commercial-grade, full-featured +Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) +and Transport Layer Security (TLS v1) protocols as well as a full-strength +general purpose cryptography library. + +II. Problem Description + +Receipt of an invalid DTLS fragment on an OpenSSL DTLS client or server can +lead to a buffer overrun. [CVE-2014-0195] + +Receipt of an invalid DTLS handshake on an OpenSSL DTLS client can lead the +code to unnecessary recurse. [CVE-2014-0221] + +Carefully crafted handshake can force the use of weak keying material in +OpenSSL SSL/TLS clients and servers. [CVE-2014-0224] + +Carefully crafted packets can lead to a NULL pointer deference in OpenSSL +TLS client code if anonymous ECDH ciphersuites are enabled. [CVE-2014-3470] + +III. Impact + +A remote attacker may be able to run arbitrary code on a vulnerable client +or server by sending invalid DTLS fragments to an OpenSSL DTLS client or +server. [CVE-2014-0195] + +A remote attacker who can send an invalid DTLS handshake to an OpenSSL DTLS +client can crash the remote OpenSSL DTLS client. [CVE-2014-0221] + +A remote attacker who can send a carefully crafted handshake can force the +use of weak keying material between a vulnerable client and a vulnerable +server and decrypt and/or modify traffic from the attacked client and +server in a man-in-the-middle (MITM) attack. [CVE-2014-0224] + +A remote attacker who can send carefully crafted packets can cause OpenSSL +TLS client to crash. [CVE-2014-3470] + +IV. Workaround + +No workaround is available. + +V. Solution + +Perform one of the following: + +1) Upgrade your vulnerable system to a supported FreeBSD stable or +release / security branch (releng) dated after the correction date. + +2) To update your vulnerable system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +[FreeBSD 10.0] +# fetch http://security.FreeBSD.org/patches/SA-14:14/openssl-10.patch +# fetch http://security.FreeBSD.org/patches/SA-14:14/openssl-10.patch.asc +# gpg --verify openssl-10.patch.asc + +[FreeBSD 9.x and 8.x] +# fetch http://security.FreeBSD.org/patches/SA-14:14/openssl-9.patch +# fetch http://security.FreeBSD.org/patches/SA-14:14/openssl-9.patch.asc +# gpg --verify openssl-9.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile the operating system using buildworld and installworld as +described in . + +Restart all deamons using the library, or reboot the system. + +3) To update your vulnerable system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +VI. Correction details + +The following list contains the correction revision numbers for each +affected branch. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/8/ r267103 +releng/8.4/ r267104 +stable/9/ r267106 +releng/9.1/ r267104 +releng/9.2/ r267104 +stable/10/ r267103 +releng/10.0/ r267104 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + + + + + + + + + + + +The latest revision of this advisory is available at + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (FreeBSD) + +iQIcBAEBCgAGBQJTkGnKAAoJEO1n7NZdz2rnlrgP/RkNkf0qryF34plltoTsy2P9 +uxC1fWAwpPcCCmC6hwGMFOCyNPsxgXNTGk8HDJYwEoNyrgyf5l26P/1KZisNaGWf +JFyjR2Fd5N78AxXdkldp6O3hgMSF6HZtYDxMywVC6q9+hEJsFzgd2B/8fihoP9SO +2f1othqvCAxnMZ9Ts0xQxfl+mcj5Zg0XmApakziPQiEbejOj1k5k9wBHo1O3GFF4 +kWaFEsArqv+UNSTRZ0m/8oRYgElKwCyVGTPr9mPxG1kIYh9WS44remGYc3kkO77Z ++gbzOSMHwEtf/PvIySl90EAkW8XlUWyd+2gTuVSAdm5WlDWArQaauJVHiUwysiOe +nNEhsdSSQcIKHIyOMu486HzSyHP401AQ7jTlJmMHg4IXtsiM0O8lUigk6nCq/zUr +ywYKm1/PHffAlHx2y1c5vP9F8Bun8wMUxYnHFI7FD++jklEZQ1EGEloqLd5RvLDM +6CP8LYg6+zwpmDVbrAs8MBhdug8m6Xd7lACzwO6P02vYXWZGZM3zAbQqTYGag1kp +YTQl/ix4GFIFtuV4qjg8FOwQyqXBp2n9hHKwtXAv4okDRdk8GcxzOFENFSsxhj6Q +8XuoMaX/9EwNi7jteYUsSLhKin0gE3mjTCvzO+d6DLiPS+o8uMXGrE9kt5ww6NHP +XEFCK00JfXunW1wmkcN3 +=o4+e +-----END PGP SIGNATURE----- Added: head/share/security/patches/SA-14:14/openssl-10.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-14:14/openssl-10.patch Thu Jun 5 13:03:07 2014 (r45011) @@ -0,0 +1,146 @@ +Index: crypto/openssl/ssl/d1_both.c +=================================================================== +--- crypto/openssl/ssl/d1_both.c (revision 267031) ++++ crypto/openssl/ssl/d1_both.c (working copy) +@@ -627,8 +627,17 @@ dtls1_reassemble_fragment(SSL *s, struct hm_header + frag->msg_header.frag_off = 0; + } + else ++ { + frag = (hm_fragment*) item->data; ++ if (frag->msg_header.msg_len != msg_hdr->msg_len) ++ { ++ item = NULL; ++ frag = NULL; ++ goto err; ++ } ++ } + ++ + /* If message is already reassembled, this must be a + * retransmit and can be dropped. + */ +@@ -784,6 +793,7 @@ dtls1_get_message_fragment(SSL *s, int st1, int st + int i,al; + struct hm_header_st msg_hdr; + ++ redo: + /* see if we have the required fragment already */ + if ((frag_len = dtls1_retrieve_buffered_fragment(s,max,ok)) || *ok) + { +@@ -842,8 +852,7 @@ dtls1_get_message_fragment(SSL *s, int st1, int st + s->msg_callback_arg); + + s->init_num = 0; +- return dtls1_get_message_fragment(s, st1, stn, +- max, ok); ++ goto redo; + } + else /* Incorrectly formated Hello request */ + { +Index: crypto/openssl/ssl/s3_clnt.c +=================================================================== +--- crypto/openssl/ssl/s3_clnt.c (revision 267031) ++++ crypto/openssl/ssl/s3_clnt.c (working copy) +@@ -559,6 +559,7 @@ int ssl3_connect(SSL *s) + case SSL3_ST_CR_FINISHED_A: + case SSL3_ST_CR_FINISHED_B: + ++ s->s3->flags |= SSL3_FLAGS_CCS_OK; + ret=ssl3_get_finished(s,SSL3_ST_CR_FINISHED_A, + SSL3_ST_CR_FINISHED_B); + if (ret <= 0) goto end; +@@ -915,6 +916,7 @@ int ssl3_get_server_hello(SSL *s) + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT); + goto f_err; + } ++ s->s3->flags |= SSL3_FLAGS_CCS_OK; + s->hit=1; + } + else /* a miss or crap from the other end */ +@@ -2510,6 +2512,13 @@ int ssl3_send_client_key_exchange(SSL *s) + int ecdh_clnt_cert = 0; + int field_size = 0; + ++ if (s->session->sess_cert == NULL) ++ { ++ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE); ++ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE); ++ goto err; ++ } ++ + /* Did we send out the client's + * ECDH share for use in premaster + * computation as part of client certificate? +Index: crypto/openssl/ssl/s3_pkt.c +=================================================================== +--- crypto/openssl/ssl/s3_pkt.c (revision 267031) ++++ crypto/openssl/ssl/s3_pkt.c (working copy) +@@ -1301,6 +1301,15 @@ start: + goto f_err; + } + ++ if (!(s->s3->flags & SSL3_FLAGS_CCS_OK)) ++ { ++ al=SSL_AD_UNEXPECTED_MESSAGE; ++ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_CCS_RECEIVED_EARLY); ++ goto f_err; ++ } ++ ++ s->s3->flags &= ~SSL3_FLAGS_CCS_OK; ++ + rr->length=0; + + if (s->msg_callback) +@@ -1435,7 +1444,7 @@ int ssl3_do_change_cipher_spec(SSL *s) + + if (s->s3->tmp.key_block == NULL) + { +- if (s->session == NULL) ++ if (s->session == NULL || s->session->master_key_length == 0) + { + /* might happen if dtls1_read_bytes() calls this */ + SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,SSL_R_CCS_RECEIVED_EARLY); +Index: crypto/openssl/ssl/s3_srvr.c +=================================================================== +--- crypto/openssl/ssl/s3_srvr.c (revision 267031) ++++ crypto/openssl/ssl/s3_srvr.c (working copy) +@@ -673,6 +673,7 @@ int ssl3_accept(SSL *s) + case SSL3_ST_SR_CERT_VRFY_A: + case SSL3_ST_SR_CERT_VRFY_B: + ++ s->s3->flags |= SSL3_FLAGS_CCS_OK; + /* we should decide if we expected this one */ + ret=ssl3_get_cert_verify(s); + if (ret <= 0) goto end; +@@ -700,6 +701,7 @@ int ssl3_accept(SSL *s) + + case SSL3_ST_SR_FINISHED_A: + case SSL3_ST_SR_FINISHED_B: ++ s->s3->flags |= SSL3_FLAGS_CCS_OK; + ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A, + SSL3_ST_SR_FINISHED_B); + if (ret <= 0) goto end; +@@ -770,7 +772,10 @@ int ssl3_accept(SSL *s) + s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A; + #else + if (s->s3->next_proto_neg_seen) ++ { ++ s->s3->flags |= SSL3_FLAGS_CCS_OK; + s->s3->tmp.next_state=SSL3_ST_SR_NEXT_PROTO_A; ++ } + else + s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A; + #endif +Index: crypto/openssl/ssl/ssl3.h +=================================================================== +--- crypto/openssl/ssl/ssl3.h (revision 267031) ++++ crypto/openssl/ssl/ssl3.h (working copy) +@@ -399,6 +399,7 @@ typedef struct ssl3_buffer_st + * effected, but we can't prevent that. + */ + #define SSL3_FLAGS_SGC_RESTART_DONE 0x0040 ++#define SSL3_FLAGS_CCS_OK 0x0080 + + #ifndef OPENSSL_NO_SSL_INTERN + Added: head/share/security/patches/SA-14:14/openssl-10.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-14:14/openssl-10.patch.asc Thu Jun 5 13:03:07 2014 (r45011) @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (FreeBSD) + +iQIcBAABCgAGBQJTkGnSAAoJEO1n7NZdz2rnnkEQAOu1iaWZHInskbHmwN5bEpSA +66PfKJRO+dT0lfAPzX8NOlgCo/Vy8NR7OMSf5KHhAMz8qBV67FAbj9V8FNra3jp/ +u6S9q7ln5HnUhBvia4aLI31vKTINRooPg7fgMXxTG7dWHMa2E9j56q5PXZ5wkTCA ++BsAFKPKpL4ceZ1MXNwm/YQS3HxnEfVWBsPjues9mnNShgZIjz11PlH05zMrJOUB +gi4bru1v7a66ssejz3RQ/zJ0u1IYnVPzVLbAsAyyr8vd71vvzXOLmfgcdvWCcotZ +kPQbIKacAnbtRULyIEFDXHVLGays3u+c33QzQX1M7Pu5QGXymLrpOzpna4aR99Ax +jxB50tT6d0KchOyn3M10bd9MMSyiEv2bCvp3GPdrTM5ouKjYFgsQDoazZubV+Rai +vto2glhQi29oGkj0NuXf13Ijgn0Yu3qJIkJNsTXGzMaEvcIKyHNaGDdDqHOgOiUQ +2EtEmmE79zbnf+3jkT3jjMcU3bxmj1aG+kX/ErK2yWAGVjYsetimCUSu4yT6Pv/+ +MKONbGDswMqWAIMWwLUp4kkbDDyQC7eTGB4OFLn1BVg5ol+FRD8VcAHfWasSE1WW +BiAk1TvN9Sp+ZLXZBphNwp8lbm3gwUwTpvs7X81B0RByN7rx7hLBaJ1viW7mMx0K +JV+/Ei2voErvo1J0xd9W +=QTlX +-----END PGP SIGNATURE----- Added: head/share/security/patches/SA-14:14/openssl-9.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-14:14/openssl-9.patch Thu Jun 5 13:03:07 2014 (r45011) @@ -0,0 +1,135 @@ +Index: crypto/openssl/ssl/d1_both.c +=================================================================== +--- crypto/openssl/ssl/d1_both.c (revision 267031) ++++ crypto/openssl/ssl/d1_both.c (working copy) +@@ -620,8 +620,17 @@ dtls1_reassemble_fragment(SSL *s, struct hm_header + frag->msg_header.frag_off = 0; + } + else ++ { + frag = (hm_fragment*) item->data; ++ if (frag->msg_header.msg_len != msg_hdr->msg_len) ++ { ++ item = NULL; ++ frag = NULL; ++ goto err; ++ } ++ } + ++ + /* If message is already reassembled, this must be a + * retransmit and can be dropped. + */ +@@ -777,6 +786,7 @@ dtls1_get_message_fragment(SSL *s, int st1, int st + int i,al; + struct hm_header_st msg_hdr; + ++ redo: + /* see if we have the required fragment already */ + if ((frag_len = dtls1_retrieve_buffered_fragment(s,max,ok)) || *ok) + { +@@ -835,8 +845,7 @@ dtls1_get_message_fragment(SSL *s, int st1, int st + s->msg_callback_arg); + + s->init_num = 0; +- return dtls1_get_message_fragment(s, st1, stn, +- max, ok); ++ goto redo; + } + else /* Incorrectly formated Hello request */ + { +Index: crypto/openssl/ssl/s3_clnt.c +=================================================================== +--- crypto/openssl/ssl/s3_clnt.c (revision 267031) ++++ crypto/openssl/ssl/s3_clnt.c (working copy) +@@ -491,6 +491,7 @@ int ssl3_connect(SSL *s) + case SSL3_ST_CR_FINISHED_A: + case SSL3_ST_CR_FINISHED_B: + ++ s->s3->flags |= SSL3_FLAGS_CCS_OK; + ret=ssl3_get_finished(s,SSL3_ST_CR_FINISHED_A, + SSL3_ST_CR_FINISHED_B); + if (ret <= 0) goto end; +@@ -777,6 +778,7 @@ int ssl3_get_server_hello(SSL *s) + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT); + goto f_err; + } ++ s->s3->flags |= SSL3_FLAGS_CCS_OK; + s->hit=1; + } + else /* a miss or crap from the other end */ +@@ -2170,6 +2172,13 @@ int ssl3_send_client_key_exchange(SSL *s) + int ecdh_clnt_cert = 0; + int field_size = 0; + ++ if (s->session->sess_cert == NULL) ++ { ++ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE); ++ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE); ++ goto err; ++ } ++ + /* Did we send out the client's + * ECDH share for use in premaster + * computation as part of client certificate? +Index: crypto/openssl/ssl/s3_pkt.c +=================================================================== +--- crypto/openssl/ssl/s3_pkt.c (revision 267031) ++++ crypto/openssl/ssl/s3_pkt.c (working copy) +@@ -1147,6 +1147,15 @@ start: + goto f_err; + } + ++ if (!(s->s3->flags & SSL3_FLAGS_CCS_OK)) ++ { ++ al=SSL_AD_UNEXPECTED_MESSAGE; ++ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_CCS_RECEIVED_EARLY); ++ goto f_err; ++ } ++ ++ s->s3->flags &= ~SSL3_FLAGS_CCS_OK; ++ + rr->length=0; + + if (s->msg_callback) +@@ -1278,7 +1287,7 @@ int ssl3_do_change_cipher_spec(SSL *s) + + if (s->s3->tmp.key_block == NULL) + { +- if (s->session == NULL) ++ if (s->session == NULL || s->session->master_key_length == 0) + { + /* might happen if dtls1_read_bytes() calls this */ + SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,SSL_R_CCS_RECEIVED_EARLY); +Index: crypto/openssl/ssl/s3_srvr.c +=================================================================== +--- crypto/openssl/ssl/s3_srvr.c (revision 267031) ++++ crypto/openssl/ssl/s3_srvr.c (working copy) +@@ -523,6 +523,7 @@ int ssl3_accept(SSL *s) + case SSL3_ST_SR_CERT_VRFY_A: + case SSL3_ST_SR_CERT_VRFY_B: + ++ s->s3->flags |= SSL3_FLAGS_CCS_OK; + /* we should decide if we expected this one */ + ret=ssl3_get_cert_verify(s); + if (ret <= 0) goto end; +@@ -533,6 +534,7 @@ int ssl3_accept(SSL *s) + + case SSL3_ST_SR_FINISHED_A: + case SSL3_ST_SR_FINISHED_B: ++ s->s3->flags |= SSL3_FLAGS_CCS_OK; + ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A, + SSL3_ST_SR_FINISHED_B); + if (ret <= 0) goto end; +Index: crypto/openssl/ssl/ssl3.h +=================================================================== +--- crypto/openssl/ssl/ssl3.h (revision 267031) ++++ crypto/openssl/ssl/ssl3.h (working copy) +@@ -344,6 +344,7 @@ typedef struct ssl3_buffer_st + * effected, but we can't prevent that. + */ + #define SSL3_FLAGS_SGC_RESTART_DONE 0x0040 ++#define SSL3_FLAGS_CCS_OK 0x0080 + + typedef struct ssl3_state_st + { Added: head/share/security/patches/SA-14:14/openssl-9.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-14:14/openssl-9.patch.asc Thu Jun 5 13:03:07 2014 (r45011) @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.22 (FreeBSD) + +iQIcBAABCgAGBQJTkGnVAAoJEO1n7NZdz2rnaIoP/2bfZoar991IHEBh8Aold0h2 +NKG4hfkSwF2wrvewZT0kNaM84XPClx5dWP2AwOMfFgrtzaPzBrVmKCeuUe9yAGNH +GqM+mZfEMdGmqEusYwCLiGz/kcNeXXvrCFhAyQx+bIXa1btDOfQ3F3GVeHG6eihl +kkywL8dBiSYaaVRECeezROnN0+mlXHM//Yt/+QQkPN38fGBfZ1qdxxXo55a9clCT +Iese/UvLp2q/iikMqzXZWcb3uR2y1yvh4RbIfI5kjj3DSMD9QwPr7NDNY37kjC42 +2t0xLQFrNX24wrFOqJunQvIG9QE33gYQqAFOjPC2rRGVGD3lqLHsKUN0yWHX7ORx +Bzf6wKqEy3ewI4MquPYbQ/sfMchHQexMu6IrF5CYhcgeMzk5SFGawHS7FtTlnLxT +PrBSdpkr4M7zX0Uv1ztLPyx/iC2MUi9Me7Ic0Sr2nWUyl1wufVRcaqEZhN097nwh +q8FqExzRDOAv+3TdGdf2XIuYKzYNrEFKFs35N23QAvzy0HVYfx3y+y5Ob8SY8Z5d +R8QHhlf/o2mWgJBdbYVbITc9OP5+dyVw/75BgVMemg15PobTSdQUcVfFdR5UDDFY +wy0Vnj/7yAMk/WhRMaZA3aeYWx9J0rgW0CGxNTHbMLttocOk5GmgXUIGmraLlPGR +ETLkxDw92ye270FzKYev +=QENL +-----END PGP SIGNATURE----- Modified: head/share/xml/advisories.xml ============================================================================== --- head/share/xml/advisories.xml Wed Jun 4 21:36:09 2014 (r45010) +++ head/share/xml/advisories.xml Thu Jun 5 13:03:07 2014 (r45011) @@ -11,6 +11,14 @@ 6 + 5 + + + FreeBSD-SA-14:14.openssl + + + + 3 From owner-svn-doc-all@FreeBSD.ORG Thu Jun 5 13:09:04 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5F07EE00; Thu, 5 Jun 2014 13:09:04 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 327D02A6C; Thu, 5 Jun 2014 13:09:04 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s55D94j4053675; Thu, 5 Jun 2014 13:09:04 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s55D94Oj053674; Thu, 5 Jun 2014 13:09:04 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201406051309.s55D94Oj053674@svn.freebsd.org> From: Xin LI Date: Thu, 5 Jun 2014 13:09:04 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45012 - head/share/security/advisories X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Jun 2014 13:09:04 -0000 Author: delphij Date: Thu Jun 5 13:09:03 2014 New Revision: 45012 URL: http://svnweb.freebsd.org/changeset/doc/45012 Log: Correct URL. Modified: head/share/security/advisories/FreeBSD-SA-14:14.openssl.asc Modified: head/share/security/advisories/FreeBSD-SA-14:14.openssl.asc ============================================================================== --- head/share/security/advisories/FreeBSD-SA-14:14.openssl.asc Thu Jun 5 13:03:07 2014 (r45011) +++ head/share/security/advisories/FreeBSD-SA-14:14.openssl.asc Thu Jun 5 13:09:03 2014 (r45012) @@ -139,7 +139,7 @@ Or visit the following URL, replacing NN VII. References - + @@ -154,17 +154,17 @@ The latest revision of this advisory is -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) -iQIcBAEBCgAGBQJTkGnKAAoJEO1n7NZdz2rnlrgP/RkNkf0qryF34plltoTsy2P9 -uxC1fWAwpPcCCmC6hwGMFOCyNPsxgXNTGk8HDJYwEoNyrgyf5l26P/1KZisNaGWf -JFyjR2Fd5N78AxXdkldp6O3hgMSF6HZtYDxMywVC6q9+hEJsFzgd2B/8fihoP9SO -2f1othqvCAxnMZ9Ts0xQxfl+mcj5Zg0XmApakziPQiEbejOj1k5k9wBHo1O3GFF4 -kWaFEsArqv+UNSTRZ0m/8oRYgElKwCyVGTPr9mPxG1kIYh9WS44remGYc3kkO77Z -+gbzOSMHwEtf/PvIySl90EAkW8XlUWyd+2gTuVSAdm5WlDWArQaauJVHiUwysiOe -nNEhsdSSQcIKHIyOMu486HzSyHP401AQ7jTlJmMHg4IXtsiM0O8lUigk6nCq/zUr -ywYKm1/PHffAlHx2y1c5vP9F8Bun8wMUxYnHFI7FD++jklEZQ1EGEloqLd5RvLDM -6CP8LYg6+zwpmDVbrAs8MBhdug8m6Xd7lACzwO6P02vYXWZGZM3zAbQqTYGag1kp -YTQl/ix4GFIFtuV4qjg8FOwQyqXBp2n9hHKwtXAv4okDRdk8GcxzOFENFSsxhj6Q -8XuoMaX/9EwNi7jteYUsSLhKin0gE3mjTCvzO+d6DLiPS+o8uMXGrE9kt5ww6NHP -XEFCK00JfXunW1wmkcN3 -=o4+e +iQIcBAEBCgAGBQJTkGuTAAoJEO1n7NZdz2rnomEP/AzIur2b4KXcOJnPSq+Fgz2E +ThZnGpYaWGQXkBnPcARtLUN+98UQkdcVOpDXExdTP/mz+fRH5P14qBCwgFXfMX1a +Ins6M696pAyBE+SHjFMwX/pSA402Y2LFcfUgq1f9oBKPM77+X/9J4z4NPXB72qTp +ULLTBVtHiqwlcO6bD+YlpE5AfvoKoUI0MmmkuA4R1zmY/JBgDqN68oiTn7KwRp5m +v44uVuGF+gGMMkN5oZmXqn89+CbRjDkyk9gvHhe1VXZLfZi6GDlayNMpuBdj9laU +3jpMMqwXGF45j524Ai03U/lAzO7Fn1Zl87dlElPk1BMaVmG8uGFipiULPQqsyUC9 +rchzXxtDM7VVA/p7G3Vn6RHbOPeNCxhuFonq1WxVBrXImIw23PRWDlYx+Kve5trH +gJvztI6CkD0f6NOf7HM7LYU1slvGFykFhoGeurxFVfKT2YlulL6HcRx4QPFE33c1 +W57wPHUvZ2w8hO0OU1zX1pz1qE6je+DoSTq7bob5ExXmDWCu2LElmKXW67N2tGYq +kNetRkTR9qwDlmexrcyAVgR45a/9oe/p9taTgm2/8ITzaHjexYcGn/tL7Mc9pYCa +Dj9FP0D52foKj3PjVfSZc/8kgJklKhtugDvbK74MmruA6vUELRrY84O2kfpgAzLj +KfE2eBuieG9+Pdpk011t +=/CUF -----END PGP SIGNATURE----- From owner-svn-doc-all@FreeBSD.ORG Thu Jun 5 16:26:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 736C2F53; Thu, 5 Jun 2014 16:26:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 467752042; Thu, 5 Jun 2014 16:26:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s55GQaAI051721; Thu, 5 Jun 2014 16:26:36 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s55GQafW051720; Thu, 5 Jun 2014 16:26:36 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201406051626.s55GQafW051720@svn.freebsd.org> From: Ryusuke SUZUKI Date: Thu, 5 Jun 2014 16:26:36 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45013 - head/ja_JP.eucJP/htdocs/support X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Jun 2014 16:26:36 -0000 Author: ryusuke Date: Thu Jun 5 16:26:35 2014 New Revision: 45013 URL: http://svnweb.freebsd.org/changeset/doc/45013 Log: - Merge the following from the English version: r39495 -> r45010 head/ja_JP.eucJP/htdocs/support/bugreports.xml Modified: head/ja_JP.eucJP/htdocs/support/bugreports.xml Modified: head/ja_JP.eucJP/htdocs/support/bugreports.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/support/bugreports.xml Thu Jun 5 13:09:03 2014 (r45012) +++ head/ja_JP.eucJP/htdocs/support/bugreports.xml Thu Jun 5 16:26:35 2014 (r45013) @@ -1,11 +1,11 @@ ]> - + @@ -19,8 +19,8 @@

            障害報告 (PR: Problem Report) データベース

            最新の FreeBSD の障害報告は、GNATS - データベースを用いて追跡されています。

            + href="http://www.bugzilla.org/">Bugzilla + を用いて追跡されています。

            FreeBSD の障害報告 (PR) は、必ずしも FreeBSD そのもののバグとは限りません。場合によっては文書の誤り @@ -39,19 +39,17 @@ が数多く含まれています。

            障害報告 (PR) の提出

            -

            障害報告は、&os; システムの - send-pr(1) - コマンドや、ウェブの - 入力フォーム を利用して、 - 開発チームに提出できます。 +

            障害報告は、ウェブベースの + 入力フォーム + を利用して、開発チームに提出できます。 メーリングリストに提出された報告は、 公式の障害報告としては追跡されないことに注意してください。

            From owner-svn-doc-all@FreeBSD.ORG Thu Jun 5 16:32:05 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C8BD2195; Thu, 5 Jun 2014 16:32:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B5DAC20EE; Thu, 5 Jun 2014 16:32:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s55GW5KW055572; Thu, 5 Jun 2014 16:32:05 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s55GW5Ki055571; Thu, 5 Jun 2014 16:32:05 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201406051632.s55GW5Ki055571@svn.freebsd.org> From: Ryusuke SUZUKI Date: Thu, 5 Jun 2014 16:32:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45014 - head/ja_JP.eucJP/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Jun 2014 16:32:05 -0000 Author: ryusuke Date: Thu Jun 5 16:32:05 2014 New Revision: 45014 URL: http://svnweb.freebsd.org/changeset/doc/45014 Log: - Merge the following from the English version: r44924 -> r44979 head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml ============================================================================== --- head/ja_JP.eucJP/share/xml/news.xml Thu Jun 5 16:26:35 2014 (r45013) +++ head/ja_JP.eucJP/share/xml/news.xml Thu Jun 5 16:32:05 2014 (r45014) @@ -23,7 +23,7 @@ would like to work on. *** $FreeBSD$ - Original revision: r44924 + Original revision: r44979 --> @@ -37,6 +37,16 @@ 5 + 29 + + +

            新コミッタ就任: + Patrick Kelsey + (src)

            +             +             + + 17 From owner-svn-doc-all@FreeBSD.ORG Thu Jun 5 16:36:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 19301270; Thu, 5 Jun 2014 16:36:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0604D2115; Thu, 5 Jun 2014 16:36:13 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s55GaCku056225; Thu, 5 Jun 2014 16:36:12 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s55GaCtL056224; Thu, 5 Jun 2014 16:36:12 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201406051636.s55GaCtL056224@svn.freebsd.org> From: Ryusuke SUZUKI Date: Thu, 5 Jun 2014 16:36:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45015 - head/ja_JP.eucJP/htdocs/docs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Jun 2014 16:36:13 -0000 Author: ryusuke Date: Thu Jun 5 16:36:12 2014 New Revision: 45015 URL: http://svnweb.freebsd.org/changeset/doc/45015 Log: - Merge the following from the English version: r44853 -> r44946 head/ja_JP.eucJP/htdocs/docs/books.xml Modified: head/ja_JP.eucJP/htdocs/docs/books.xml Modified: head/ja_JP.eucJP/htdocs/docs/books.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/docs/books.xml Thu Jun 5 16:32:05 2014 (r45014) +++ head/ja_JP.eucJP/htdocs/docs/books.xml Thu Jun 5 16:36:12 2014 (r45015) @@ -9,7 +9,7 @@ ]> - + @@ -140,12 +140,6 @@ GCC コンパイラおよび bunutils の使い方の紹介です。 GCC のカスタマイズについても説明しています。

            -

            Setting up a - CVS repository - The FreeBSD way - (cvs-freebsd) (英語版のみ)
            - FreeBSD プロジェクトと同じ CVSROOT 機構を使って - CVS リポジトリをセットアップします。

            -

            Explaining BSD (explaining-bsd) (英語版のみ)
            ``BSD とはなにか?'' という質問に対する答えです。

            From owner-svn-doc-all@FreeBSD.ORG Thu Jun 5 21:56:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D7EAC88C; Thu, 5 Jun 2014 21:56:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C52A82F12; Thu, 5 Jun 2014 21:56:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s55LuNMG007087; Thu, 5 Jun 2014 21:56:23 GMT (envelope-from allanjude@svn.freebsd.org) Received: (from allanjude@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s55LuNfS007086; Thu, 5 Jun 2014 21:56:23 GMT (envelope-from allanjude@svn.freebsd.org) Message-Id: <201406052156.s55LuNfS007086@svn.freebsd.org> From: Allan Jude Date: Thu, 5 Jun 2014 21:56:23 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45016 - head/en_US.ISO8859-1/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Jun 2014 21:56:23 -0000 Author: allanjude Date: Thu Jun 5 21:56:23 2014 New Revision: 45016 URL: http://svnweb.freebsd.org/changeset/doc/45016 Log: Removed the word 'Legacy' from the front page re: 9.2/8.4 Under the heading 'Latest Releases', be more clear that 9.2 and 8.4 are supported releases, not dead legacy code, and that they can still be used. Reviewed by: gjb Approved by: bcr (mentor), eadler (mentor) Modified: head/en_US.ISO8859-1/htdocs/index.xsl Modified: head/en_US.ISO8859-1/htdocs/index.xsl ============================================================================== --- head/en_US.ISO8859-1/htdocs/index.xsl Thu Jun 5 16:36:12 2014 (r45015) +++ head/en_US.ISO8859-1/htdocs/index.xsl Thu Jun 5 21:56:23 2014 (r45016) @@ -78,8 +78,8 @@

            LATEST RELEASES

            From owner-svn-doc-all@FreeBSD.ORG Fri Jun 6 01:40:01 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4305142A; Fri, 6 Jun 2014 01:40:01 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 30094221D; Fri, 6 Jun 2014 01:40:01 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s561e1rj010412; Fri, 6 Jun 2014 01:40:01 GMT (envelope-from allanjude@svn.freebsd.org) Received: (from allanjude@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s561e1HD010409; Fri, 6 Jun 2014 01:40:01 GMT (envelope-from allanjude@svn.freebsd.org) Message-Id: <201406060140.s561e1HD010409@svn.freebsd.org> From: Allan Jude Date: Fri, 6 Jun 2014 01:40:01 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45017 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jun 2014 01:40:01 -0000 Author: allanjude Date: Fri Jun 6 01:40:00 2014 New Revision: 45017 URL: http://svnweb.freebsd.org/changeset/doc/45017 Log: Wrong date listed for errata notice EN-14:06.exec on the website. The date on the actual notice is correct (2014-06-03) but the date in doc/head/share/xml/notices.xml wass incorrectly entered as 2014-05-03 in rD45000 PR: 190628 Approved by: wblock (mentor) Modified: head/share/xml/notices.xml Modified: head/share/xml/notices.xml ============================================================================== --- head/share/xml/notices.xml Thu Jun 5 21:56:23 2014 (r45016) +++ head/share/xml/notices.xml Fri Jun 6 01:40:00 2014 (r45017) @@ -8,7 +8,7 @@ 2014 - 5 + 6 3 From owner-svn-doc-all@FreeBSD.ORG Fri Jun 6 02:59:29 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1BDB6A5E; Fri, 6 Jun 2014 02:59:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 087C6287A; Fri, 6 Jun 2014 02:59:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s562xS0p048761; Fri, 6 Jun 2014 02:59:28 GMT (envelope-from allanjude@svn.freebsd.org) Received: (from allanjude@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s562xSXa048760; Fri, 6 Jun 2014 02:59:28 GMT (envelope-from allanjude@svn.freebsd.org) Message-Id: <201406060259.s562xSXa048760@svn.freebsd.org> From: Allan Jude Date: Fri, 6 Jun 2014 02:59:28 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45018 - head/en_US.ISO8859-1/books/handbook/eresources X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jun 2014 02:59:29 -0000 Author: allanjude Date: Fri Jun 6 02:59:28 2014 New Revision: 45018 URL: http://svnweb.freebsd.org/changeset/doc/45018 Log: Add missing freebsd-git mailing list to the handbook PR: 190628 Submitted by: david@catwhisker.org (original patch) Approved by: eadler (mentor) Modified: head/en_US.ISO8859-1/books/handbook/eresources/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/eresources/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/eresources/chapter.xml Fri Jun 6 01:40:00 2014 (r45017) +++ head/en_US.ISO8859-1/books/handbook/eresources/chapter.xml Fri Jun 6 02:59:28 2014 (r45018) @@ -321,6 +321,11 @@ + &a.git.name; + Discussion of git use in the &os; project + + + &a.gnome.name; Porting GNOME and GNOME applications @@ -1363,6 +1368,22 @@ + &a.git.name; + + + Use of git in the &os; + project + + Discussions of how to use git in &os; + infrastructure including the github mirror and other + uses of git for project collaboration. Discussion area + for people using git against the &os; github mirror. + People wanting to get started with the mirror or git + in general on &os; can ask here. + + + + &a.gnome.name; From owner-svn-doc-all@FreeBSD.ORG Fri Jun 6 03:29:59 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B4E9BB0E; Fri, 6 Jun 2014 03:29:59 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A19642C09; Fri, 6 Jun 2014 03:29:59 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s563TxdN064079; Fri, 6 Jun 2014 03:29:59 GMT (envelope-from allanjude@svn.freebsd.org) Received: (from allanjude@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s563Tx4n064078; Fri, 6 Jun 2014 03:29:59 GMT (envelope-from allanjude@svn.freebsd.org) Message-Id: <201406060329.s563Tx4n064078@svn.freebsd.org> From: Allan Jude Date: Fri, 6 Jun 2014 03:29:59 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45019 - head/en_US.ISO8859-1/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jun 2014 03:29:59 -0000 Author: allanjude Date: Fri Jun 6 03:29:59 2014 New Revision: 45019 URL: http://svnweb.freebsd.org/changeset/doc/45019 Log: This file should have been commited with r45018 Unbreak the web build Pointyhat: allanjude PR: 190490 Submitted by: david@catwhisker.org (original patch) Approved by: eadler (mentor) Modified: head/en_US.ISO8859-1/share/xml/mailing-lists.ent Modified: head/en_US.ISO8859-1/share/xml/mailing-lists.ent ============================================================================== --- head/en_US.ISO8859-1/share/xml/mailing-lists.ent Fri Jun 6 02:59:28 2014 (r45018) +++ head/en_US.ISO8859-1/share/xml/mailing-lists.ent Fri Jun 6 03:29:59 2014 (r45019) @@ -213,6 +213,10 @@ FreeBSD GEOM mailing list"> freebsd-geom"> + +Discussion of git use in the FreeBSD project"> +freebsd-git"> + FreeBSD GNOME and GNOME applications mailing list"> freebsd-gnome"> From owner-svn-doc-all@FreeBSD.ORG Fri Jun 6 22:02:11 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9DA5FB40; Fri, 6 Jun 2014 22:02:11 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8A8732455; Fri, 6 Jun 2014 22:02:11 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s56M2BiA082702; Fri, 6 Jun 2014 22:02:11 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s56M2BW2082701; Fri, 6 Jun 2014 22:02:11 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201406062202.s56M2BW2082701@svn.freebsd.org> From: Ryusuke SUZUKI Date: Fri, 6 Jun 2014 22:02:11 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45020 - head/ja_JP.eucJP/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jun 2014 22:02:11 -0000 Author: ryusuke Date: Fri Jun 6 22:02:11 2014 New Revision: 45020 URL: http://svnweb.freebsd.org/changeset/doc/45020 Log: - Merge the following from the English version: r44930 -> r45016 head/ja_JP.eucJP/htdocs/index.xsl Modified: head/ja_JP.eucJP/htdocs/index.xsl Modified: head/ja_JP.eucJP/htdocs/index.xsl ============================================================================== --- head/ja_JP.eucJP/htdocs/index.xsl Fri Jun 6 03:29:59 2014 (r45019) +++ head/ja_JP.eucJP/htdocs/index.xsl Fri Jun 6 22:02:11 2014 (r45020) @@ -5,7 +5,7 @@ ]> - + 最新リリース

            From owner-svn-doc-all@FreeBSD.ORG Fri Jun 6 22:16:03 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 439E2252; Fri, 6 Jun 2014 22:16:03 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 30B382591; Fri, 6 Jun 2014 22:16:03 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s56MG3iM088546; Fri, 6 Jun 2014 22:16:03 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s56MG3T0088545; Fri, 6 Jun 2014 22:16:03 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201406062216.s56MG3T0088545@svn.freebsd.org> From: Ryusuke SUZUKI Date: Fri, 6 Jun 2014 22:16:03 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45021 - head/ja_JP.eucJP/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jun 2014 22:16:03 -0000 Author: ryusuke Date: Fri Jun 6 22:16:02 2014 New Revision: 45021 URL: http://svnweb.freebsd.org/changeset/doc/45021 Log: - Merge the following from the English version: r29363 -> r44998 head/ja_JP.eucJP/htdocs/support.xml Modified: head/ja_JP.eucJP/htdocs/support.xml Modified: head/ja_JP.eucJP/htdocs/support.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/support.xml Fri Jun 6 22:02:11 2014 (r45020) +++ head/ja_JP.eucJP/htdocs/support.xml Fri Jun 6 22:16:02 2014 (r45021) @@ -4,7 +4,7 @@ ]> - + @@ -33,19 +33,18 @@ もし、まだ報告されていなければ、我々に教えてください。

            特定のカテゴリ、担当者、提出者、テキストなどについて - 障害報告データベースを検索 + 障害報告データベースを検索 したり、 - 未解決の障害報告を閲覧 + 未解決の障害報告を閲覧 して、報告済みかどうかを知ることができます。

            もし、まだ報告されていなければ、 障害報告のガイドライン を読んで、 - 障害報告フォーム + 障害報告フォーム から問題を報告してください。

            - - - From owner-svn-doc-all@FreeBSD.ORG Sat Jun 7 07:54:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 31BCA1F3; Sat, 7 Jun 2014 07:54:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1E14E26EA; Sat, 7 Jun 2014 07:54:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s577st1Q069159; Sat, 7 Jun 2014 07:54:55 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s577stom069158; Sat, 7 Jun 2014 07:54:55 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201406070754.s577stom069158@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sat, 7 Jun 2014 07:54:55 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45022 - head/ja_JP.eucJP/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Sat, 07 Jun 2014 11:59:11 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Jun 2014 07:54:56 -0000 Author: ryusuke Date: Sat Jun 7 07:54:55 2014 New Revision: 45022 URL: http://svnweb.freebsd.org/changeset/doc/45022 Log: - Merge the following from the English version: r41808 -> r44999 head/ja_JP.eucJP/htdocs/send-pr.xml Modified: head/ja_JP.eucJP/htdocs/send-pr.xml Modified: head/ja_JP.eucJP/htdocs/send-pr.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/send-pr.xml Fri Jun 6 22:16:02 2014 (r45021) +++ head/ja_JP.eucJP/htdocs/send-pr.xml Sat Jun 7 07:54:55 2014 (r45022) @@ -1,167 +1,23 @@ ]> - + - - &title; + + &title; - $FreeBSD$ - - - - - - - Bugs - -

            FreeBSD に関する問題点の報告に時間を割いていただき、 - どうもありがとうございます。

            - -

            この入力フォームを使うと、障害報告 (Problem Report) を提出することができます。 - 障害報告とは、あなた自身が、ソースファイルに含まれるバグや、 - 文書・ウェブページの誤りによる不具合であると判断した内容を報告するためのものです。 - FreeBSD を最初にインストールする際に問題が発生した、あるいは - 「○○ はどうして動かないのでしょう?」 - 「FreeBSD は××で動作しますか?」といった質問がある場合は、 - 障害報告を提出するのではなく、 - サポートページに書かれているサポートフォーラムに - 問い合わせてください。

            - -

            入力フォームを埋める前に、 - - FreeBSD 障害報告の書き方のガイドラインをじっくり読んでください。 - これを読めば、問題に対する回答を得るまでに長い時間がかかったり、 - イライラするようなやりとりが必要だという状況を少なくするのに役立つでしょう。 - すでに提出された障害報告と重複しないように、 - 報告ずみであるかどうか、すでに - FAQ - に書かれていないかどうかを、事前に確認してください。

            - -

            入力フォームは、可能な限り項目を埋めてください。 - 特に、「実行環境」の項が、 - 問題の発生したマシンで出力された結果になっていることを確認しましょう。

            - -

            注意: コピー・ペーストすると、 - タブ文字や空白部分が別の形に置き換えられてしまう可能性があります。 - そのため、このウェブページを、 - ソースコードをそのままの形で提出する目的で使うことは避けたほうが良いでしょう。

            - -

            また、あなたが特に明示的に指定しない限り、FreeBSD - プロジェクトに提出された変更は FreeBSD - と同様のライセンスのもとにおかれることに注意してください。 - 障害報告に書かれた電子メールアドレスは、 - ウェブページを通じて一般に公開されます。 - 提出前に迷惑メール対策を十分にしておくことをおすすめします。

            - -

            修正パッチファイルを提出する場合は、content type - が「text/*」もしくは「application/shar」のいずれかである必要があり、 - あなたの使っているウェブブラウザが、その content type - に対応してなければなりません。 - ウェブブラウザが上記の content type での送信に対応していない場合は、 - ファイル名を「.txt」で終るように変更すると、動作するかも知れません。

            - -

            最後に、このページを利用するには、画像が閲覧可能でなければならない、 - ということをご了承ください。 - 画像は、システムの濫用に対抗する手段として使われます。 - 不便をおかけして大変申し訳ないのですが、他に方法がないのです。 - もし、何らかの理由で画像を閲覧できない場合は、お手数をおかけしますが - 障害報告を bugbusters チームに - 電子メールで送ってください。このチームが代理で、 - 障害報告をバグ追跡システムに追加します。

            - -

            注意:「送信」を押す前に、記入した内容を保存しましょう。 - ウェブブラウザが画像をキャッシュしていたり、フォームの入力に - 45 分以上かかっていると、古い画像がページに表示されてしまうために、 - 提出が受理されないことがあります。これはウェブブラウザにもよりますが、 - 最悪の場合、入力した内容がなくなってしまいます。イライラしなくてすむように、 - 入力内容を記録しておくと良いでしょう。

            - -
            - - - - - - :
            - - -

            :
            - - -

            :
            - - -

            :
            - - -

            : - -

            - -

            :
            - - -

            : -
            -

            - - :
            -

            - - :
            -

            - - :
            -

            - - : -
            - - -

            - - - + $FreeBSD$ + + + +

            bugzilla 障害報告フォーム に移動します。

            From owner-svn-doc-all@FreeBSD.ORG Sat Jun 7 16:19:40 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8B193D41; Sat, 7 Jun 2014 16:19:40 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 77AA92B24; Sat, 7 Jun 2014 16:19:40 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s57GJe9k095003; Sat, 7 Jun 2014 16:19:40 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s57GJeFQ095001; Sat, 7 Jun 2014 16:19:40 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406071619.s57GJeFQ095001@svn.freebsd.org> From: Glen Barber Date: Sat, 7 Jun 2014 16:19:40 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45023 - in head: en_US.ISO8859-1/htdocs/releases/9.3R share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Jun 2014 16:19:40 -0000 Author: gjb Date: Sat Jun 7 16:19:39 2014 New Revision: 45023 URL: http://svnweb.freebsd.org/changeset/doc/45023 Log: Enable the 'download page' URL on the 9.3-RELEASE schedule page, and update the betarel.vers to 'BETA2'. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml head/share/xml/release.ent Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Sat Jun 7 07:54:55 2014 (r45022) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Sat Jun 7 16:19:39 2014 (r45023) @@ -5,7 +5,7 @@ - + ]> Modified: head/share/xml/release.ent ============================================================================== --- head/share/xml/release.ent Sat Jun 7 07:54:55 2014 (r45022) +++ head/share/xml/release.ent Sat Jun 7 16:19:39 2014 (r45023) @@ -36,10 +36,10 @@ - - + + - + - + &title; $FreeBSD$ - + -

            bugzilla 障害報告フォーム に移動します。

            +

            bugzilla 障害報告フォーム に移動します。

            Modified: head/ja_JP.eucJP/htdocs/support.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/support.xml Sun Jun 8 04:35:10 2014 (r45025) +++ head/ja_JP.eucJP/htdocs/support.xml Sun Jun 8 06:41:05 2014 (r45026) @@ -4,7 +4,7 @@ ]> - + @@ -32,12 +32,10 @@ ドキュメントの間違いに気づきましたか? もし、まだ報告されていなければ、我々に教えてください。

            -

            特定のカテゴリ、担当者、提出者、テキストなどについて - 障害報告データベースを検索 - したり、 - 未解決の障害報告を閲覧 +

            特定のカテゴリ、担当者、提出者、テキストなどについて 障害報告データベースを検索 + したり、未解決の障害報告を閲覧 して、報告済みかどうかを知ることができます。

            もし、まだ報告されていなければ、 From owner-svn-doc-all@FreeBSD.ORG Sun Jun 8 08:00:18 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AD3A06A2; Sun, 8 Jun 2014 08:00:18 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 97E412D3F; Sun, 8 Jun 2014 08:00:18 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5880I7i020932; Sun, 8 Jun 2014 08:00:18 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5880IP3020931; Sun, 8 Jun 2014 08:00:18 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201406080800.s5880IP3020931@svn.freebsd.org> From: Eitan Adler Date: Sun, 8 Jun 2014 08:00:18 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45027 - head/en_US.ISO8859-1/htdocs/cgi X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Jun 2014 08:00:18 -0000 Author: eadler Date: Sun Jun 8 08:00:18 2014 New Revision: 45027 URL: http://svnweb.freebsd.org/changeset/doc/45027 Log: During the temporary period, drop the footer on the gnats PRs. Modified: head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi Modified: head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi ============================================================================== --- head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi Sun Jun 8 06:41:05 2014 (r45026) +++ head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi Sun Jun 8 08:00:18 2014 (r45027) @@ -861,42 +861,7 @@ sub FooterLinks my $url = $q->url(-full => 1, -query => 1); - my $pr = $q->escapeHTML($gnatspr->FieldSingle('Number')); - my $cat = $q->escapeHTML($gnatspr->FieldSingle('Category')); - my $synopsis = $q->escapeHTML($gnatspr->FieldSingle('Synopsis')); - - my $mail = $gnatspr->Header('From'); - - # Try to extract just the e-mail address from the 'From' header - if ($mail) { - $mail =~ s/^\s*(.*)\s*$/$1/; - $mail =~ s/.*<(.*)>.*/$1/; - $mail =~ s/\s*\(.*\)\s*//; - } - - my $replyto = $gnatspr->Header('Reply-To'); - - # ... same with the 'Reply-To' header - if ($replyto) { - $replyto =~ s/^\s*(.*)\s*$/$1/; - $replyto =~ s/.*<(.*)>.*/$1/; - $replyto =~ s/\s*\(.*\)\s*//; - } - - # Prefer 'Reply-To' if present - $mail = $replyto if ($replyto); - $mail .= '@FreeBSD.org' unless ($mail =~ /@/); - - # Prepare for mailto: link - $synopsis =~ s/[^a-zA-Z+.@-]/"%" . sprintf("%02X", unpack("C", $&))/eg; - $mail =~ s/[^a-zA-Z+.@-]/"%" . sprintf("%02X", unpack("C", $&))/eg; - - my $maillink = 'mailto:bug-followup@FreeBSD.org,' - . "$mail?subject=Re:%20$cat/$pr:%20$synopsis"; - return $q->div({-class => 'footerlinks'}, - $q->a({-href => $maillink}, 'Submit Followup') - . ' | ' . $q->a({-href => $url . '&f=raw'}, 'Raw PR') - . ' | ' . $q->a({-href => 'query-pr-summary.cgi?query'}, 'Find another PR') + . $q->a({-href => $url . '&f=raw'}, 'Raw PR') ); } From owner-svn-doc-all@FreeBSD.ORG Sun Jun 8 08:02:43 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4F766713; Sun, 8 Jun 2014 08:02:43 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3C94E2DB3; Sun, 8 Jun 2014 08:02:43 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5882h3C024357; Sun, 8 Jun 2014 08:02:43 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5882hNr024356; Sun, 8 Jun 2014 08:02:43 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201406080802.s5882hNr024356@svn.freebsd.org> From: Eitan Adler Date: Sun, 8 Jun 2014 08:02:43 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45028 - head/en_US.ISO8859-1/htdocs/cgi X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Jun 2014 08:02:43 -0000 Author: eadler Date: Sun Jun 8 08:02:42 2014 New Revision: 45028 URL: http://svnweb.freebsd.org/changeset/doc/45028 Log: During the temporary period, drop the footer on the gnats PRs. Modified: head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi Modified: head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi ============================================================================== --- head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi Sun Jun 8 08:00:18 2014 (r45027) +++ head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi Sun Jun 8 08:02:42 2014 (r45028) @@ -862,6 +862,6 @@ sub FooterLinks my $url = $q->url(-full => 1, -query => 1); return $q->div({-class => 'footerlinks'}, - . $q->a({-href => $url . '&f=raw'}, 'Raw PR') + $q->a({-href => $url . '&f=raw'}, 'Raw PR') ); } From owner-svn-doc-all@FreeBSD.ORG Sun Jun 8 08:06:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C104778E; Sun, 8 Jun 2014 08:06:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AF0112DC3; Sun, 8 Jun 2014 08:06:13 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5886DIR025044; Sun, 8 Jun 2014 08:06:13 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5886DNU025043; Sun, 8 Jun 2014 08:06:13 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201406080806.s5886DNU025043@svn.freebsd.org> From: Eitan Adler Date: Sun, 8 Jun 2014 08:06:13 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45029 - head/en_US.ISO8859-1/htdocs/cgi X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Jun 2014 08:06:13 -0000 Author: eadler Date: Sun Jun 8 08:06:13 2014 New Revision: 45029 URL: http://svnweb.freebsd.org/changeset/doc/45029 Log: During the temporary period, redirect people to bugzilla. Modified: head/en_US.ISO8859-1/htdocs/cgi/query-pr-summary.cgi Modified: head/en_US.ISO8859-1/htdocs/cgi/query-pr-summary.cgi ============================================================================== --- head/en_US.ISO8859-1/htdocs/cgi/query-pr-summary.cgi Sun Jun 8 08:02:42 2014 (r45028) +++ head/en_US.ISO8859-1/htdocs/cgi/query-pr-summary.cgi Sun Jun 8 08:06:13 2014 (r45029) @@ -292,7 +292,7 @@ if ($input{'sort'} eq 'lastmod') { } if ($#prs < $[) { - print "${h1}No matches to your query${h1_e}\n"; + print "${h1}Please try bugzilla for an update to date search mechanism.${h1_e}\n"; } elsif ($input{'responsible'} eq 'summary') { &resp_summary; From owner-svn-doc-all@FreeBSD.ORG Sun Jun 8 08:17:35 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BEEAEA5D; Sun, 8 Jun 2014 08:17:35 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9F7492E74; Sun, 8 Jun 2014 08:17:35 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s588HZml030133; Sun, 8 Jun 2014 08:17:35 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s588HZ9A030131; Sun, 8 Jun 2014 08:17:35 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201406080817.s588HZ9A030131@svn.freebsd.org> From: Eitan Adler Date: Sun, 8 Jun 2014 08:17:35 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45030 - head/en_US.ISO8859-1/htdocs/cgi X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Jun 2014 08:17:35 -0000 Author: eadler Date: Sun Jun 8 08:17:34 2014 New Revision: 45030 URL: http://svnweb.freebsd.org/changeset/doc/45030 Log: During the temporary period, make it more obvious that this script is old and incomplete. It needs to live for debugging, while people ensure that their bugs are correct. this has already caught issues. Eventually it will turn into a proper redirect for any old bugs, and a warning for newer IDs. Modified: head/en_US.ISO8859-1/htdocs/cgi/query-pr-summary.cgi head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi Modified: head/en_US.ISO8859-1/htdocs/cgi/query-pr-summary.cgi ============================================================================== --- head/en_US.ISO8859-1/htdocs/cgi/query-pr-summary.cgi Sun Jun 8 08:06:13 2014 (r45029) +++ head/en_US.ISO8859-1/htdocs/cgi/query-pr-summary.cgi Sun Jun 8 08:17:34 2014 (r45030) @@ -116,75 +116,10 @@ sub header_info { print "Current $project problem reports\n"; } if (!$input{'quiet'}) { - print "The following is a listing of current problems submitted by $project users. " . - 'These represent problem reports covering all versions including ' . - 'experimental development code and obsolete releases. '; + print "The following is an old and incomplete of current problems submitted by $project users. "; if ($html_mode) { print < -Bugs can be in one of several states: -

            -
            -
            o - open
            -
            A problem report has been submitted, no sanity checking -performed.
            - -
            a - analyzed
            -
            The problem is understood and a solution is being sought.
            - -
            f - feedback
            -
            Further work requires additional information from the originator -or the community—possibly confirmation of the effectiveness of a -proposed solution.
            - -
            p - patched
            -
            A patch has been committed, but some issues (MFC and / or -confirmation from originator) are still open.
            - -
            s - suspended
            -
            The problem is not being worked on, due to lack of information or -resources. This is a prime candidate for somebody who is looking for a -project to do. If the problem cannot be solved at all, it will be -closed, rather than suspended.
            - -
            c - closed
            -
            A problem report is closed when any changes have been integrated, -documented, and tested—or when fixing the problem is abandoned.
            -
            -EOM - - } else { - -print <FreeBSD has migrated to Bugzilla. Please update your bookmarks and try your search there. EOM } } @@ -292,7 +227,7 @@ if ($input{'sort'} eq 'lastmod') { } if ($#prs < $[) { - print "${h1}Please try bugzilla for an update to date search mechanism.${h1_e}\n"; + print "${h1}Please try bugzilla for an up to date search mechanism.${h1_e}\n"; } elsif ($input{'responsible'} eq 'summary') { &resp_summary; @@ -453,6 +388,7 @@ sub read_gnats { $syn = &getline($_); $syn =~ s/[\t]+/ /g; + } elsif (/^$/) { $_ = sprintf("%s/%s", $cat, $number); Modified: head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi ============================================================================== --- head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi Sun Jun 8 08:06:13 2014 (r45029) +++ head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi Sun Jun 8 08:17:34 2014 (r45030) @@ -34,14 +34,6 @@ # malformed header) # - ports/138672 - Lots of attachments, multi-level MIME. # - ports/132344 - Base64-encoded attachment. -# -# TODO: -# -# - Charset and transfer encoding transformation. -# - Refine linkifier. -# - Better end-of-diff detection. -# - Inline patches inside MIME parts (probably just the first part). -# - Modernise HTML (may require altering site-wide CSS) #------------------------------------------------------------------------------ BEGIN { push @INC, '.'; } From owner-svn-doc-all@FreeBSD.ORG Sun Jun 8 13:19:32 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 01ABC446; Sun, 8 Jun 2014 13:19:32 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E183924E9; Sun, 8 Jun 2014 13:19:31 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s58DJVhA067925; Sun, 8 Jun 2014 13:19:31 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s58DJVJd067924; Sun, 8 Jun 2014 13:19:31 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201406081319.s58DJVJd067924@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sun, 8 Jun 2014 13:19:31 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45031 - head/ja_JP.eucJP/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Sun, 08 Jun 2014 14:54:45 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Jun 2014 13:19:32 -0000 Author: ryusuke Date: Sun Jun 8 13:19:31 2014 New Revision: 45031 URL: http://svnweb.freebsd.org/changeset/doc/45031 Log: - Merge the following from the English version: r44736 -> r44774 head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Sun Jun 8 08:17:34 2014 (r45030) +++ head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Sun Jun 8 13:19:31 2014 (r45031) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r44736 + Original revision: r44774 $FreeBSD$ --> - セキュリティパッチ + セキュリティパッチの適用 + + &os; のセキュリティパッチを適用する過程は簡単になり、 + 管理者は freebsd-update を使って、 + システムを完全にパッチがあたった状態に保つ事ができるようになりました。 + &os; セキュリティ勧告の詳細については、 + &os; セキュリティ勧告 + + の節で説明されています。 以下のコマンドを実行すると、&os; - のセキュリティパッチがダウンロードされ、インストールされます。 + のセキュリティパッチがダウンロードされ、インストールされます。 + 最初のコマンドは、未対応のパッチがあるかどうかを調べます。 + もし未対応のパッチがある場合には、 + パッチが当てられた際に変更されるファイルのリストが作成されます。 + 2 番目のコマンドはパッチを適用します。 &prompt.root; freebsd-update fetch &prompt.root; freebsd-update install @@ -290,39 +302,38 @@ MergeChanges /etc/ /var/named/etc/ /boot アップデートによってカーネルにパッチが当たった場合には、 パッチが当たったカーネルで起動するように、 システムを再起動する必要があります。 - もしくは、システムにパッチが当てられ、 - 毎晩の &man.cron.8; ジョブとして、freebsd-update - を実行するように、 + もし、実行中のバイナリにパッチが当てられた場合には、 + パッチの当てられたバージョンのバイナリが使われるように、 + 影響のあるアプリケーションを再起動する必要があります。 + + 毎日一度アップデートがないかどうかを自動的に確認するように設定するには、 以下のエントリを /etc/crobntab に追加してください。 @daily root freebsd-update cron - このエントリは、毎日一度 freebsd-update - を実行することを意味します。 - と共に実行すると、 - freebsd-update - はアップデートが存在するときだけ確認します。 - パッチが存在すると、 - 自動的にローカルディスクにダウンロードされますが、適用はされません。 - ダウンロードされたパッチを確認し、手動でインストールする必要のあることが、 - root - 宛てにメールで通知されます。 + パッチが存在すると、 + 自動的にダウンロードされますが、適用はされません。 + root宛てにメールで、 + ダウンロードされたパッチを確認し、 + freebsd-update install + とともに手動でインストールする必要のあることが通知されます。 うまく行かなかった場合には、freebsd-update を以下のように実行すると、最後の変更までロールバックできます。 - &prompt.root; freebsd-update rollback + &prompt.root; freebsd-update rollback +Uninstalling updates... done. カーネルまたはカーネルモジュールがアップデートされた場合には、 - 完了後にシステムを再起動してください。 - この作業によって、&os; がバイナリをメモリに読み込みます。 + 完了後にもう一度システムを再起動して、 + 影響のあったバイナリを再起動してください。 freebsd-update ユーティリティが自動的にアップデートするカーネルは GENERIC のみです。 カスタムカーネルがインストールされている場合には、 - freebsd-update が他の部分をインストールした後、 + freebsd-update がインストールした後、 カーネルを再構築し、もう一度インストールする必要があります。 しかしながら、GENERIC カーネルが /boot/GENERIC に存在する場合には、 @@ -346,7 +357,6 @@ MergeChanges /etc/ /var/named/etc/ /boot 新しいカスタムカーネルの再構築と再インストールは、 通常通り行うことができます。 - freebsd-update は、 常にカーネルをアップデートするとは限りません。 freebsd-update install @@ -359,161 +369,24 @@ MergeChanges /etc/ /var/named/etc/ /boot uname -r-p で表示する時にこのファイルが参照されます。 そのため、何も変更されていない場合でも、カスタムカーネルを再構築することにより、 - &man.uname.1; がシステムの正確なパッチレベルを報告するようになります。 + uname がシステムの正確なパッチレベルを報告するようになります。 各システムにインストールされているアップデートをすばやく把握できるようになるので、 特に複数のシステムを管理するときに助けとなります。 - - メジャーおよびマイナーバージョンのアップグレード + メジャーおよびマイナーバージョンのアップグレードを行う &os; のマイナーバージョン間のアップグレード、 たとえば、&os; 9.0 から &os; 9.1 へのアップグレードは、 マイナーバージョン アップグレードと呼ばれます。 - 通常は、マイナーバージョンのアップグレードを行った後でも、 - インストールされているアプリケーションは問題なく動きます。 - - メジャーバージョン アップグレードは、 - &os; 8.X から &os; 9.X へのアップグレードといった、 + メジャーバージョン アップグレードは、 + &os; 9.X から &os; 10.X へのアップグレードといった、 &os; のメジャーバージョンが変わるようなアップグレードのことです。 - メジャーバージョンのアップグレードでは、 - 古いオブジェクトファイルやライブラリが削除され、 - これらに依存する多くのサードパーティ製アプリケーションに影響を与える可能性があります。 - インストールされているすべての ports を削除して再インストールするか、 - メジャーアップグレード後、 - ports-mgmt/portmaster - といったユーティリティを使ってアップグレードすることが推奨されています。 - インストールされているアプリケーションのブルートフォース的な再構築は、 - 以下のコマンドにより行うことができます。 - - &prompt.root; portmaster -af - - このコマンドは、すべての ports を適切に再インストールしようとします。 - BATCH 環境変数を - yes に設定しておくと、 - アップデートプロセスの途中の質問に対し - yes と答えるようになるので、 - ビルドプロセスでの手動操作を省略できます。 - - - カスタムカーネルの取り扱い - - カスタムカーネルを使用している場合には、アップグレードのプロセスは、 - 幾分複雑となります。 - アップグレードの手順は &os; のバージョンによって変わります。 - - - &os; 8.X におけるカスタムカーネル - - GENERIC カーネルが - /boot/GENERIC - に置かれている必要があります。 - もし GENERIC - カーネルがシステムに存在しない場合には、 - 以下のどれかの方法で用意してください。 - - - - ただ一度だけカスタムカーネルを構築したのであれば、 - /boot/kernel.old - は GENERIC カーネルそのものです。 - このディレクトリの名前を - /boot/GENERIC - へと変更してください。 - - - - コンピュータへの物理的なアクセスが可能であれば、 - 以下のコマンドを実行することで、 - インストールメディアから GENERIC - カーネルをインストールできます。 - - &prompt.root; mount /cdrom -&prompt.root; cd /cdrom/X.Y-RELEASE/kernels -&prompt.root; ./install.sh GENERIC - - ここで X.Y-RELEASE - を実際のリリース番号に置き換えてください。 - GENERIC は、デフォルトで /boot/GENERIC - にインストールされます。 - - - - 上記の方法がすべて失敗するのであれば、 - GENERIC カーネルをソースから再構築して、 - インストールしてください。 - - &prompt.root; cd /usr/src -&prompt.root; env DESTDIR=/boot/GENERIC make kernel __MAKE_CONF=/dev/null SRCCONF=/dev/null -&prompt.root; mv /boot/GENERIC/boot/kernel/* /boot/GENERIC -&prompt.root; rm -rf /boot/GENERIC/boot - - freebsd-update は、このカーネルを - GENERIC カーネルとして扱います。 - GENERIC コンフィグレーションファイルは、 - とにかく変更してはいけません。 - また、特別なオプションを指定しないで構築してください。 - - - - この時点で GENERIC - カーネルで再起動する必要はありません。 - - - - &os; 9.X 以降のシステムにおけるカスタムカーネル - - - - ただ一度だけカスタムカーネルを構築したのであれば、 - /boot/kernel.old - は GENERIC カーネルそのものです。 - ただ単にこのディレクトリの名前を - /boot/kernel - へと変更してください。 - - - - コンピュータへの物理的なアクセスが可能であれば、 - 以下のコマンドで、インストールメディアから - GENERIC - カーネルをインストールできます。 - - &prompt.root; mount /cdrom -&prompt.root; cd /cdrom/usr/freebsd-dist -&prompt.root; tar -C/ -xvf kernel.txz boot/kernel/kernel - - - - 上記の方法が失敗するのであれば、 - GENERIC カーネルをソースから再構築して、 - インストールしてください。 - - &prompt.root; cd /usr/src -&prompt.root; make kernel __MAKE_CONF=/dev/null SRCCONF=/dev/null - - freebsd-update は、このカーネルを - GENERIC カーネルとして扱います。 - GENERIC コンフィグレーションファイルは、 - とにかく変更してはいけません。 - また、特別なオプションを指定しないで構築してください。 - - - - この時点で GENERIC - カーネルで再起動する必要はありません。 - - - - - アップグレードを行う - - freebsd-update - によるメジャー、またはマイナーバージョンのアップデートでは、 - リリースバージョンをターゲットにして実行します。 - 以下のコマンドは、&os; 9.1 にアップデートします。 + どちらのアップグレードもリリース番号のターゲットを指定する事で、 + freebsd-update によって行う事ができます。 + 以下のコマンドを実行すると、&os; 9.0 + のシステムを &os; 9.1 にアップグレードします。 &prompt.root; freebsd-update -r 9.1-RELEASE upgrade @@ -539,7 +412,7 @@ The following components of FreeBSD do n kernel/generic world/catpages world/dict world/doc world/games world/proflibs -Does this look reasonable (y/n)? y +Does this look reasonable (y/n)? y ここで、freebsd-update はアップグレードに必要なすべてのファイルをダウンロードします。 @@ -623,20 +496,145 @@ before running "/usr/sbin/freebsd-update 使用しているライブラリのバージョン番号の付けられ方によって、 3 つのインストールフェーズが 2 つになる場合もあります。 - + + アップグレードはこれで終了です。 + もしメジャーアップグレードを行った場合には、 + + で説明されているようにすべての ports および package + を再構築してください。 + カスタムカーネルを使っているシステムでは、 + カスタムカーネルのアップグレードの方法について、 または + を参照してください。 + + + &os; 9.X 以降のシステムにおけるカスタムカーネル + + + + ただ一度だけカスタムカーネルを構築したのであれば、 + /boot/kernel.old + は GENERIC カーネルそのものです。 + このディレクトリの名前を + /boot/kernel + へと変更してください。 + + + + コンピュータへの物理的なアクセスが可能であれば、 + 以下のコマンドで、インストールメディアから + GENERIC + カーネルをインストールできます。 + + &prompt.root; mount /cdrom +&prompt.root; cd /cdrom/usr/freebsd-dist +&prompt.root; tar -C/ -xvf kernel.txz boot/kernel/kernel + + + + 上記の方法に失敗するのであれば、 + GENERIC カーネルをソースから再構築して、 + インストールしてください。 + + &prompt.root; cd /usr/src +&prompt.root; make kernel __MAKE_CONF=/dev/null SRCCONF=/dev/null + + freebsd-update がこのカーネルを + GENERIC カーネルとして認識するために、 + GENERIC コンフィグレーションファイルは、 + とにかく変更してはいけません。 + また、特別なオプションを指定しないで構築してください。 + + + + この時点で GENERIC + カーネルで再起動する必要はありません。 + + + + &os; 8.X におけるカスタムカーネル + + GENERIC カーネルが + /boot/GENERIC + に置かれている必要があります。 + もし GENERIC + カーネルがシステムに存在しない場合には、 + 以下のどれかの方法で用意してください。 + + + + ただ一度だけカスタムカーネルを構築したのであれば、 + /boot/kernel.old + は GENERIC カーネルそのものです。 + このディレクトリの名前を + /boot/GENERIC + へと変更してください。 + + + + コンピュータへの物理的なアクセスが可能であれば、 + 以下のコマンドを実行することで、 + インストールメディアから GENERIC + カーネルをインストールできます。 + + &prompt.root; mount /cdrom +&prompt.root; cd /cdrom/X.Y-RELEASE/kernels +&prompt.root; ./install.sh GENERIC + + ここで X.Y-RELEASE + を実際のリリース番号に置き換えてください。 + GENERIC カーネルは、 + デフォルトで /boot/GENERIC + にインストールされます。 + + + + 上記の方法がすべて失敗するのであれば、 + GENERIC カーネルをソースから再構築して、 + インストールしてください。 + + &prompt.root; cd /usr/src +&prompt.root; env DESTDIR=/boot/GENERIC make kernel __MAKE_CONF=/dev/null SRCCONF=/dev/null +&prompt.root; mv /boot/GENERIC/boot/kernel/* /boot/GENERIC +&prompt.root; rm -rf /boot/GENERIC/boot + + freebsd-update が、このカーネルを + GENERIC カーネルとして扱うように、 + GENERIC コンフィグレーションファイルは、 + とにかく変更してはいけません。 + また、特別なオプションを指定しないで構築してください。 + + + + この時点で GENERIC + カーネルで再起動する必要はありません。 + メジャーバージョンアップグレード後の ports の再構築 - メジャーバージョンアップグレードを行った後では、 - すべてのサードパーティ製のソフトウェアを再構築し、 - 再インストールする必要があります。 - この作業が必要なのは、インストールされているソフトウェアが、 - アップグレードの際に削除されたライブラリに依存している可能性があるためです。 - ports-mgmt/portupgrade - は、このプロセスを自動化します。 + 一般的に、マイナーバージョンアップグレードの後では、 + インストールされているアプリケーションは、問題なく動作するでしょう。 + メジャーバージョンが異なるとアプリケーションバイナリーインタフェース + (ABI) が異なるため、 + サードパーティ製のアプリケーションの多くは動作しなくなるでしょう。 + メジャーバージョンアップグレードを行った後では、 + インストールされているすべての packages, ports を + ports-mgmt/portmaster + のようなユーティリティを使ってアップグレードする必要があります。 + 以下のコマンドを用いて、 + インストールされているすべてのアプリケーションを再構築できます。 + + &prompt.root; portmaster -af - &prompt.root; portmaster -af + このコマンドを実行すると、 + 設定を変更するオプションを持つアプリケーションは、 + 設定変更のスクリーンを表示し、 + ユーザからの指示待ちの状態で停止します。 + この振る舞いをやめ、デフォルトのオプションを使用するには、 + 上記のコマンドに を含めてください。 この作業の終了後、最後にもう一度 freebsd-update From owner-svn-doc-all@FreeBSD.ORG Sun Jun 8 17:11:07 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3707917C; Sun, 8 Jun 2014 17:11:07 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2396126E1; Sun, 8 Jun 2014 17:11:07 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s58HB6R8096863; Sun, 8 Jun 2014 17:11:06 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s58HB6M0096862; Sun, 8 Jun 2014 17:11:06 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201406081711.s58HB6M0096862@svn.freebsd.org> From: Eitan Adler Date: Sun, 8 Jun 2014 17:11:06 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45032 - head/en_US.ISO8859-1/htdocs/cgi X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Jun 2014 17:11:07 -0000 Author: eadler Date: Sun Jun 8 17:11:06 2014 New Revision: 45032 URL: http://svnweb.freebsd.org/changeset/doc/45032 Log: During the temporary period, make it more obvious that this script is old and incomplete. Modified: head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi Modified: head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi ============================================================================== --- head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi Sun Jun 8 13:19:31 2014 (r45031) +++ head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi Sun Jun 8 17:11:06 2014 (r45032) @@ -733,7 +733,7 @@ sub ErrorExit my $url = $q->url(-full => 1, -query => 1); if ($code == EXIT_NOPRS) { - print html_header("No PRs Matched Query"); + print html_header("FreeBSD has migrated to Bugzilla. This form is obsolete and incomplete."); + print html_header("FreeBSD has migrated to Bugzilla. This form is obsolete and incomplete."); displayform(); print html_footer(); } elsif ($code == EXIT_DBBUSY) { From owner-svn-doc-all@FreeBSD.ORG Mon Jun 9 00:12:20 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 07D9DD84; Mon, 9 Jun 2014 00:12:20 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E9E16263F; Mon, 9 Jun 2014 00:12:19 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s590CJ7G046317; Mon, 9 Jun 2014 00:12:19 GMT (envelope-from peter@svn.freebsd.org) Received: (from peter@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s590CJrA046316; Mon, 9 Jun 2014 00:12:19 GMT (envelope-from peter@svn.freebsd.org) Message-Id: <201406090012.s590CJrA046316@svn.freebsd.org> From: Peter Wemm Date: Mon, 9 Jun 2014 00:12:19 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45034 - head/en_US.ISO8859-1/htdocs/cgi X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Jun 2014 00:12:20 -0000 Author: peter (src committer) Date: Mon Jun 9 00:12:19 2014 New Revision: 45034 URL: http://svnweb.freebsd.org/changeset/doc/45034 Log: Skip offering a search form on a non-existing PR lookup. Modified: head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi Modified: head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi ============================================================================== --- head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi Sun Jun 8 18:22:28 2014 (r45033) +++ head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi Mon Jun 9 00:12:19 2014 (r45034) @@ -733,8 +733,7 @@ sub ErrorExit my $url = $q->url(-full => 1, -query => 1); if ($code == EXIT_NOPRS) { - print html_header("FreeBSD has migrated to Bugzilla. This form is obsolete and incomplete."); - displayform(); + print html_header("FreeBSD has migrated to Bugzilla. Try your search there."); print html_footer(); } elsif ($code == EXIT_DBBUSY) { print html_header("PR Database Busy"); From owner-svn-doc-all@FreeBSD.ORG Mon Jun 9 00:30:05 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B2B921B8; Mon, 9 Jun 2014 00:30:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A0C8F2737; Mon, 9 Jun 2014 00:30:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s590U5Yo052407; Mon, 9 Jun 2014 00:30:05 GMT (envelope-from peter@svn.freebsd.org) Received: (from peter@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s590U5UC052406; Mon, 9 Jun 2014 00:30:05 GMT (envelope-from peter@svn.freebsd.org) Message-Id: <201406090030.s590U5UC052406@svn.freebsd.org> From: Peter Wemm Date: Mon, 9 Jun 2014 00:30:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45035 - head/en_US.ISO8859-1/htdocs/cgi X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Jun 2014 00:30:05 -0000 Author: peter (src committer) Date: Mon Jun 9 00:30:05 2014 New Revision: 45035 URL: http://svnweb.freebsd.org/changeset/doc/45035 Log: Place a link to the bugzilla version of each PR at the top of the page so that folks arriving from mail archive links have a clear location to go. Modified: head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi Modified: head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi ============================================================================== --- head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi Mon Jun 9 00:12:19 2014 (r45034) +++ head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi Mon Jun 9 00:30:05 2014 (r45035) @@ -258,13 +258,19 @@ sub PrintPR # Page title print html_header( + "FreeBSD has migrated to Bugzilla. You should examine the Bugzilla version of this PR." + ); + print ("

            This historical version is likely out of date and is for debugging purposes only!

            \n"); + + print ("

            " . $q->escapeHTML( $gnatspr->FieldSingle('Category') . '/' . $gnatspr->FieldSingle('Number') . ': ' . $gnatspr->FieldSingle('Synopsis') - ) + ) . "

            \n" ); # Header stuff of interest From owner-svn-doc-all@FreeBSD.ORG Mon Jun 9 03:42:29 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F10BA283; Mon, 9 Jun 2014 03:42:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CFE432580; Mon, 9 Jun 2014 03:42:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s593gTSs044107; Mon, 9 Jun 2014 03:42:29 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s593gTXH044106; Mon, 9 Jun 2014 03:42:29 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406090342.s593gTXH044106@svn.freebsd.org> From: Warren Block Date: Mon, 9 Jun 2014 03:42:29 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45036 - head/en_US.ISO8859-1/books/handbook/config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Jun 2014 03:42:30 -0000 Author: wblock Date: Mon Jun 9 03:42:29 2014 New Revision: 45036 URL: http://svnweb.freebsd.org/changeset/doc/45036 Log: Add an example for 10.x swap files, clarify the existing examples for 9.x, use procedure instead of orderedlist, and factor out common parts. PR: 190759 Submitted by: p5B2E9A8F@t-online.de Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/config/chapter.xml Mon Jun 9 00:30:05 2014 (r45035) +++ head/en_US.ISO8859-1/books/handbook/config/chapter.xml Mon Jun 9 03:42:29 2014 (r45036) @@ -1483,7 +1483,7 @@ cron.* For more information on all fields, valid flags, and how to specify the rotation time, refer to &man.newsyslog.conf.5;. Since newsyslog is run from - &man.cron.8;, it can not rotate files more often than it is + &man.cron.8;, it cannot rotate files more often than it is scheduled to run from &man.cron.8;.             @@ -2757,55 +2757,85 @@ kern.maxvnodes: 100000 Creating a Swap File - To instead create a swap file, specify its size. The - following example creates a 64MB file named - /usr/swap0. + These examples create a 64M swap file + called /usr/swap0 instead + of using a partition. + + Using swap files requires that the module needed by + &man.md.4; has either been built into the kernel or has been + loaded before swap is enabled. See + for information about building + a custom kernel. + + + Creating a Swap File on &os; 10.<replaceable>X</replaceable> and Later + + + + Create the swap file: - - Creating a Swap File on &os; + &prompt.root; dd if=/dev/zero of=/usr/swap0 bs=1m count=64 + - - - The GENERIC kernel already - includes the required memory disk driver. When building - a custom kernel, make sure to include the following line - in the custom configuration file: + + Set the proper permissions on the new file: - device md + &prompt.root; chmod 0600 /usr/swap0 + - For information on building a custom kernel, refer - to . - + + Inform the system about the swap file by adding a + line to /etc/fstab: + + md99 none swap sw,file=/usr/swap0 0 0 + + The &man.md.4; device md99 is + used, leaving lower device numbers available for + interactive use. + + + + Swap space will be added on system startup. To add + swap space immediately, use &man.swapon.8;: + + &prompt.root; swapon -aq + + + - + + Creating a Swap File on &os; 9.<replaceable>X</replaceable> and Earlier + + + Create the swap file, /usr/swap0: - &prompt.root; dd if=/dev/zero of=/usr/swap0 bs=1024k count=64 - + &prompt.root; dd if=/dev/zero of=/usr/swap0 bs=1m count=64 + - - Then, set proper permissions on + + Set the proper permissions on /usr/swap0: &prompt.root; chmod 0600 /usr/swap0 - + - + Enable the swap file in /etc/rc.conf: swapfile="/usr/swap0" # Set to name of swap file - + - - To enable the swap file immediately, specify a free + + Swap space will be added on system startup. To enable the swap file immediately, specify a free memory device. Refer to for more information about memory devices. &prompt.root; mdconfig -a -t vnode -f /usr/swap0 -u 0 && swapon /dev/md0 - - + + @@ -2911,7 +2941,7 @@ kern.maxvnodes: 100000 In &os; the &man.acpi.4; driver is loaded by default at system boot and should not be compiled - into the kernel. This driver can not be unloaded after boot + into the kernel. This driver cannot be unloaded after boot because the system bus uses it for various hardware interactions. However, if the system is experiencing problems, ACPI can be disabled altogether From owner-svn-doc-all@FreeBSD.ORG Mon Jun 9 03:52:34 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D44077A8; Mon, 9 Jun 2014 03:52:34 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B634C264F; Mon, 9 Jun 2014 03:52:34 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s593qYNb049000; Mon, 9 Jun 2014 03:52:34 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s593qYvU048999; Mon, 9 Jun 2014 03:52:34 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406090352.s593qYvU048999@svn.freebsd.org> From: Warren Block Date: Mon, 9 Jun 2014 03:52:34 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45037 - head/en_US.ISO8859-1/books/handbook/config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Jun 2014 03:52:34 -0000 Author: wblock Date: Mon Jun 9 03:52:34 2014 New Revision: 45037 URL: http://svnweb.freebsd.org/changeset/doc/45037 Log: Whitespace-only fixes, translators please ignore. Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/config/chapter.xml Mon Jun 9 03:42:29 2014 (r45036) +++ head/en_US.ISO8859-1/books/handbook/config/chapter.xml Mon Jun 9 03:52:34 2014 (r45037) @@ -362,16 +362,16 @@ PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin Before using a custom script, make sure it is executable - and test it with the limited set of environment variables set - by cron. To replicate the environment that would be used to - run the above cron entry, use: + and test it with the limited set of environment variables + set by cron. To replicate the environment that would be + used to run the above cron entry, use: env -i SHELL=/bin/sh PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin HOME=/home/dru LOGNAME=dru /usr/home/dru/bin/mycustomscript.sh - The environment set by cron is discussed in &man.crontab.5;. - Checking that scripts operate correctly in a cron environment - is especially important if they include any commands that delete - files using wildcards. + The environment set by cron is discussed in + &man.crontab.5;. Checking that scripts operate correctly in + a cron environment is especially important if they include + any commands that delete files using wildcards. When finished editing the crontab, save the file. It @@ -1206,7 +1206,7 @@ ifconfig_fxp0_alias7="inet 202.0.75.20 n - Configuring System Logging + Configuring System Logging @@ -1489,18 +1489,18 @@ cron.* - Configuring Remote Logging + Configuring Remote Logging - - - - Tom - Rhodes - - Contributed by - - - + + + + Tom + Rhodes + + Contributed by + + + Monitoring the log files of multiple hosts can become unwieldy as the number of systems increases. Configuring @@ -2757,9 +2757,9 @@ kern.maxvnodes: 100000 Creating a Swap File - These examples create a 64M swap file - called /usr/swap0 instead - of using a partition. + These examples create a 64M swap file called + /usr/swap0 instead of using a + partition. Using swap files requires that the module needed by &man.md.4; has either been built into the kernel or has been @@ -2829,9 +2829,10 @@ kern.maxvnodes: 100000 - Swap space will be added on system startup. To enable the swap file immediately, specify a free - memory device. Refer to - for more information about memory devices. + Swap space will be added on system startup. To + enable the swap file immediately, specify a free memory + device. Refer to for + more information about memory devices. &prompt.root; mdconfig -a -t vnode -f /usr/swap0 -u 0 && swapon /dev/md0 @@ -3313,35 +3314,35 @@ acpi_dsdt_name="/boot/DSDT.aml" - Getting and Submitting Debugging Info + Getting and Submitting Debugging Info - - - - Nate - Lawson - - Written by - - + + + + Nate + Lawson + + Written by + + - - - - Peter - Schultz - - With contributions from - + + + + Peter + Schultz + + With contributions from + - - - Tom - Rhodes - - - - + + + Tom + Rhodes + + + + ACPI From owner-svn-doc-all@FreeBSD.ORG Mon Jun 9 03:58:34 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DCA40961; Mon, 9 Jun 2014 03:58:34 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CA103269C; Mon, 9 Jun 2014 03:58:34 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s593wYKP049963; Mon, 9 Jun 2014 03:58:34 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s593wYF0049962; Mon, 9 Jun 2014 03:58:34 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406090358.s593wYF0049962@svn.freebsd.org> From: Warren Block Date: Mon, 9 Jun 2014 03:58:34 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45038 - head/en_US.ISO8859-1/books/handbook/config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Jun 2014 03:58:34 -0000 Author: wblock Date: Mon Jun 9 03:58:34 2014 New Revision: 45038 URL: http://svnweb.freebsd.org/changeset/doc/45038 Log: Fix a couple of spaces that should have been  . Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/config/chapter.xml Mon Jun 9 03:52:34 2014 (r45037) +++ head/en_US.ISO8859-1/books/handbook/config/chapter.xml Mon Jun 9 03:58:34 2014 (r45038) @@ -2768,7 +2768,7 @@ kern.maxvnodes: 100000 a custom kernel. - Creating a Swap File on &os; 10.<replaceable>X</replaceable> and Later + Creating a Swap File on &os; 10.<replaceable>X</replaceable> and Later @@ -2804,7 +2804,7 @@ kern.maxvnodes: 100000 - Creating a Swap File on &os; 9.<replaceable>X</replaceable> and Earlier + Creating a Swap File on &os; 9.<replaceable>X</replaceable> and Earlier From owner-svn-doc-all@FreeBSD.ORG Tue Jun 10 03:24:14 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4ED2CF75; Tue, 10 Jun 2014 03:24:14 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3C00420B0; Tue, 10 Jun 2014 03:24:14 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5A3OExg012779; Tue, 10 Jun 2014 03:24:14 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5A3ODvc012778; Tue, 10 Jun 2014 03:24:13 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406100324.s5A3ODvc012778@svn.freebsd.org> From: Warren Block Date: Tue, 10 Jun 2014 03:24:13 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45039 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Jun 2014 03:24:14 -0000 Author: wblock Date: Tue Jun 10 03:24:13 2014 New Revision: 45039 URL: http://svnweb.freebsd.org/changeset/doc/45039 Log: Add a man page reference for sudo(8). Modified: head/share/xml/man-refs.ent Modified: head/share/xml/man-refs.ent ============================================================================== --- head/share/xml/man-refs.ent Mon Jun 9 03:58:34 2014 (r45038) +++ head/share/xml/man-refs.ent Tue Jun 10 03:24:13 2014 (r45039) @@ -624,6 +624,7 @@ strip1"> stty1"> su1"> +sudo8"> sum1"> suspend1"> svn1"> From owner-svn-doc-all@FreeBSD.ORG Tue Jun 10 03:35:05 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7122343C; Tue, 10 Jun 2014 03:35:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5D9052178; Tue, 10 Jun 2014 03:35:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5A3Z5lr017719; Tue, 10 Jun 2014 03:35:05 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5A3Z53X017717; Tue, 10 Jun 2014 03:35:05 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406100335.s5A3Z53X017717@svn.freebsd.org> From: Warren Block Date: Tue, 10 Jun 2014 03:35:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45040 - head/en_US.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Jun 2014 03:35:05 -0000 Author: wblock Date: Tue Jun 10 03:35:04 2014 New Revision: 45040 URL: http://svnweb.freebsd.org/changeset/doc/45040 Log: Update the section on using dd(1) to write the USB stick. Add a note on using sync(8) on Linux, and fix some terminology. Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Tue Jun 10 03:24:13 2014 (r45039) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Tue Jun 10 03:35:04 2014 (r45040) @@ -510,24 +510,24 @@ match exactly. If the checksums do not match, the file is corrupt and should be downloaded again. - - Burning an Image File to <acronym>USB</acronym> + + Writing an Image File to <acronym>USB</acronym> - Since the *.img file is an + The *.img file is an image of the complete contents of a - memory stick, it cannot just be copied - to the target device. Several applications are available - for burning the *.img to a + memory stick. It cannot be copied + to the target device as a file. Several applications are available + for writing the *.img to a USB stick. This section describes two of these utilities. Before proceeding, back up any important data on the - USB stick as this procedure will erase + USB stick. This procedure will erase the existing data on the stick. - + Using <command>dd</command> to Write the Image @@ -540,8 +540,8 @@ - The dd command-line utility is - included on BSD, Linux, and &macos; systems. To burn + The &man.dd.1; command-line utility is + available on BSD, &linux;, and &macos; systems. To burn the image using dd, insert the USB stick and determine its device name. Then, specify the name of the downloaded @@ -553,11 +553,13 @@ &prompt.root; dd if=FreeBSD-10.0-RELEASE-amd64-memstick.img of=/dev/da0 bs=64k - Should this command fail, verify that the + If this command fails, verify that the USB stick is not mounted and that the - device name is for the disk, not a partition. Depending - upon the operating system, this command may need to be - issued using sudo. + device name is for the disk, not a partition. Some + operating systems might require this command to be run + with &man.sudo.8;. Systems like &linux; might buffer + writes. To force all writes to complete, use + &man.sync.8;. @@ -897,9 +899,9 @@ Ethernet address 0:3:ba:b:92:d4, Host ID This section shows the order of the bsdinstall menus and the type of information that will be asked before the system is installed. - Use the arrow keys to highlight a menu option, then the - Space key to select or deselect that menu item. - When finished, use Enter to save the selection + Use the arrow keys to highlight a menu option, then + Space to select or deselect that menu item. + When finished, press Enter to save the selection and move onto the next screen. From owner-svn-doc-all@FreeBSD.ORG Tue Jun 10 07:15:24 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C43AA221; Tue, 10 Jun 2014 07:15:24 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B138822AC; Tue, 10 Jun 2014 07:15:24 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5A7FO6t020966; Tue, 10 Jun 2014 07:15:24 GMT (envelope-from loader@svn.freebsd.org) Received: (from loader@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5A7FOdT020964; Tue, 10 Jun 2014 07:15:24 GMT (envelope-from loader@svn.freebsd.org) Message-Id: <201406100715.s5A7FOdT020964@svn.freebsd.org> From: Fukang Chen Date: Tue, 10 Jun 2014 07:15:24 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45041 - head/zh_CN.UTF-8/books/handbook/linuxemu X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Tue, 10 Jun 2014 12:16:47 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Jun 2014 07:15:24 -0000 Author: loader Date: Tue Jun 10 07:15:24 2014 New Revision: 45041 URL: http://svnweb.freebsd.org/changeset/doc/45041 Log: MFen: linuxemu/chapter.xml r36653 -> r44899 Modified: head/zh_CN.UTF-8/books/handbook/linuxemu/chapter.xml Modified: head/zh_CN.UTF-8/books/handbook/linuxemu/chapter.xml ============================================================================== --- head/zh_CN.UTF-8/books/handbook/linuxemu/chapter.xml Tue Jun 10 03:35:04 2014 (r45040) +++ head/zh_CN.UTF-8/books/handbook/linuxemu/chapter.xml Tue Jun 10 07:15:24 2014 (r45041) @@ -2,298 +2,281 @@ - - Linux篋菴九弱号─綣 + + + &linux; 篋菴九弱号─綣 + - JimMockRestructured and parts updated by + + + Jim + Mock + + Restructured and parts updated by + + - Brian N.HandyOriginally contributed by - RichMurphey + + + Brian N. + Handy + + Originally contributed by + + + + + Rich + Murphey + + - - 网菴 - Linux篋菴九弱号─綣 + + + Linux 篋菴九弱号─綣 + 篋菴九弱号─綣 Linux - FreeBSD 箴篋筝銀腱膠 - &unix; 篏膤紫鐚 Linux鐚 弱号с ー巡鐚 筝坂箙 - FreeBSD 荀遵菴茵 Linux ц篁駈 膈罅緇膊 - 莅後夔綣篋阪Ü減 Linux 綣腮綺鐚 - 筝肴莅∞坂 - 菴篏水篁 FreeBSD 隙緇筝サ莚頑篋夔綣篋阪箴篁篁綺腮綺篁ョ贋・ - FreeBSD 筝菴茵 蘂鐚 莅後菴欠夔攻筝ラ医箴篋 - FreeBSD 箙遵研ュ絨件 罩よ後篁九Û Linux - 菴 FreeBSD 決遵篁箙鐚 膈罅絨掩篏睡 FreeBSD - 箴 Linux 篋菴九弱号с - - 膊荐箙鐚 菴腱弱号ц遵莅 FreeBSD 隙篆劫亥贋・菴茵紊х墾 90% - Linux 綺腮綺 菴膠私室 &staroffice;鐚 - Linux &netscape;鐚 - &adobe; &acrobat;鐚 - &realplayer;鐚 - VMware鐚 - &oracle;鐚 - &wordperfect;鐚 - Doom鐚 - Quake鐚 膈膈 罩ゅ鐚 箙篋肴器 - 篋灸鐚 FreeBSD 筝∵茵 Linux 腮綺ц緒 - 喝ソ篋贋・ Linux 筝∵茵 - - 区鐚 篁倶筝篋Ŭ Linux 篏膤紫号у FreeBSD 筝綛銀茴 - 絋 Linux 腮綺颷遺戎Ű遵 &i386; 筝篏睡号э - 箴絋 8086 罔≦鐚 箙醇羈 FreeBSD 筝菴茵 + &os; 箴篋筝 &linux; 32-bit 篋菴九弱刻 + 莅悟桁 &os; 膤紫筝絎茖菴茵紊у亥 32-bit &linux; + 篋菴句綺篁私篆鴻 莚翫篋灸鐚 &os; 筝菴茵 + 32-bit &linux; 篋菴句綺醇翫ソ茵ー + + 区鐚 篁倶筝篋 &linux; 篏膤紫号遵 &os; + 筝綛銀茴 箴絋鐚 荀 &linux; + 腮綺颷綺遺戎篋莚後 8086 罔≦ &i386; 号莪鐚 + 羈 &os; 筝菴茵 Ϊ鐚 菴筝 64-bit &linux; + 篋菴句綺 莚糸菴腴鐚絨篋茹e逸 + - 絋篏膤紫筝Linux弱号─綣 + 絋篏 &os; 膤紫筝 &linux; 篋菴九弱号─綣 - 絋篏絎茖蘂紊Linux延昆綺 - + 絋篏絎茖蘂紊 &linux; 延昆綺 + - 絋篏FreeBSD筝絎茖Linux綺腮綺 + 絋篏 &os; 筝絎茖 &linux; 綺腮綺 - FreeBSD筝鐚Linux弱号─綣ц膸 + &os; 筝 &linux; 弱号─綣絎ー膸 - 莚肢腴箙鐚綺莚ョラ鐚 + 莚肢腴箙鐚綺莚ョラ鐚 - 絋篏絎茖膃筝壕蒐篁駈 + ラ絋篏絎茖 + 蘂紊膃筝壕蒐篁 - 絎茖 + 臀 &linux; 篋菴九弱号─綣 - KLD (kernel loadable object) + Ports Collection - 藥莅ゆ灸鐚 綛銀綣 Linux 篋菴九弱号 - 菴筝醇膊号莉遵 - linux KLD 罔≦ (Kernel LoaDable - object) 篁 root - 荳篁緒 ヤ巡擦喝鐚 + 藥莅ゆ灸鐚 &linux; 綺綛倶押茴絎茖筝 &linux; + 篋菴九弱号─綣鋈羃≧茴 &linux; + 綺篁ラ菴絎茖篏睡 &os; Ports Collection - &prompt.root; kldload linux + 絎茖 emulators/linux-base-f10 + port 絎号 &os; 膤紫筝キ緇筝絅堺 &linux; 綺号 + 篏睡絋筝号絎茖 port鐚 - 絋絽 Linux 弱号膤紫紮菴腮筝鐚 綺 - /etc/rc.conf 筝紜鐚 + &prompt.root; cd /usr/ports/emulators/linux_base-f10 +&prompt.root; make install distclean - linux_enable="YES" + 絎茖絎篁ュ鐚 莉 linux + 罔≦ &linux; 篋菴九弱号─綣鐚 - &man.kldstat.8;篁ョユKLD罔≦莉緒 + &prompt.root; kldload linuxuserinput> + + ョ罔≦綏牙頮莉緒 &prompt.user; kldstat Id Refs Address Size Name 1 2 0xc0100000 16bdb8 kernel 7 1 0xc24db000 d000 linux.ko + + /etc/rc.conf 筝ヤ札筝菴茵 + &linux; 弱号─綣鋐推膤紫区綣鐚 + + linux_enable="YES" + - kernel options (檎蕁) + kernel options COMPAT_LINUX - 絋筝恰羈絨Linux KLD莉緒絨演荀娯賢丈・菴Linux篋菴九弱号─綣綽蕁糸 - 檎臀篁狗√options COMPAT_LINUX鐚九亥莚吾 - + 活九娯賢丈・ &linux; + 篋菴九弱号桁篁ュ絎箙檎臀篁銀賢 + options COMPAT_LINUXliteral> + 九 + 筝颷亥号膽莚綛九茖医吾 + + + 絎茖蘂紊綺 - - 絎茖Linux菴茵九 - Linux - 絎茖Linux菴茵九 + shared libraries - 筝ょ号ュ茖Linux菴茵九鐚荀箙篏睡linux_base port鐚 - 荀箙絎茖 - - - 菴篏睡 linux_base Port ュ茖 - Ports Collection - - 菴絎号絎茖号鐚Ū荀鎘茖銀port筝隙 - Ports Collectionュ茖鐚 - - &prompt.root; cd /usr/ports/emulators/linux_base-f10 -&prompt.root; make install distclean - - - 絲剛 &os; 8.0 箙 &os; 膤紫鐚 - 篏荀篏睡 emulators/linux_base-fc4 port - 筝 emulators/linux_base-f10 - + 臀篋 &linux; 弱号─綣鋈鐚 + 絋筝 &linux; 綺腮綺鋐倶腓堺鞘医延昆綺鐚 + 上堺 &linux; 篋菴句綺荀延昆綺絎茖 + + &linux; 膤紫筝篏睡 ldd + 上阪腮綺延昆綺篁吟 罸絋鐚 + 絎茖 Doom &linux; + 膤紫筝菴茵絋筝巡擦 linuxdoom + 亥延昆綺篁駈 - - ー綺綵綏ヤLinux弱号─綣鋇篋筝篋腮綺巡腓榊鎧膸綺筝罩g`絽醐菴筝蘂 - - 紊筝emulators/linux_base port鐚絲剛Linux - 綺莚ラ・菴Linux綺腮綺荀d肩ュ茖 - - - - - 絎茖 - - 絋羃≧絎茖 Ports Collection鐚箙篁ラ菴ュ茖Linux菴茵九 - 絨荀菴篋腮綺鋐莎Linux延昆綺鐚筝荀綮坂筝shadow root - 綵/compat/linux鐚篁私荀茴Linux腮綺綣延昆綺初菴筝綵∽ユ障 - 篁ワ絋筝筝Linux腮綺莉巡鐚箴絋鐚/lib/libc.so鐚FreeBSD 篌薤絨莚綣 - /compat/linux/lib/libc.so鐚絋筝絖鐚絎絨絨莚綣/lib/libc.so - 延昆綺綺莚ュ茖/compat/linux/lib筝Linux ld.soュ銀莊緇 - - 絽醐荀絲紙Linux腮綺鋐莎延昆綺 罩ゅ鐚 - 篏膤紫筝絨延筝膸 Linux 延昆綺鐚 - 菴膸延昆綺莇割札ヨ茵医茖 Linux 篋菴句綺 - - - - 絋篏絎茖蘂紊延昆綺 - 延昆綺 - - 絋絎茖篋linux_base port鐚篏 - 綺腮綺鋌篌ュ筝√け延昆綺篆≧鐚絋篏ラLinux腮綺荀筝延昆綺鐚 - 堺筝鐚筝ょ醇э・筝ョ篁ら荀root鐚鐚 - - 絋篁ヨ翠Linux膤紫鐚 綺腮綺荀篁箙延昆綺鐚 - 絎篁紊九井FreeBSD膤紫筝∝箴絖鐚 - - - 篁莅丈菴FTP緇Linux腮綺Doom鐚 - 綛倶絎上処翠Linux膤紫筝九篁ラ菴ldd linuxdoomユラ荀篋延昆綺鐚 - 絨怨颷件 - - &prompt.user; ldd linuxdoom + &prompt.user; ldd linuxdoom libXt.so.3 (DLL Jump 3.1) => /usr/X11/lib/libXt.so.3.1.0 libX11.so.3 (DLL Jump 3.1) => /usr/X11/lib/libX11.so.3.1.0 libc.so.4 (DLL Jump 4.5pl26) => /lib/libc.so.4.6.29 - 膃埌丈・ - 荀緇遺∵榊勀篁駈綛倶絎篁紊九 /compat/linux鐚 - 膃筝絖膃埈・絎篁菴傑FreeBSD膤紫筝絨掩篋菴篋篁駈 + + symbolic links + + + 九筝∵坂賢筝筝篁銀 &linux; + 膤紫紊九 &os; 筝 /compat/linux + 紊九箙鐚 綮榊膃筝鋇篁九膃埌丈・ + 菴桁 &os; 膤紫筝絨篌絋筝篁駈 - /compat/linux/usr/X11/lib/libXt.so.3.1.0 + /compat/linux/usr/X11/lib/libXt.so.3.1.0 /compat/linux/usr/X11/lib/libXt.so.3 -> libXt.so.3.1.0 /compat/linux/usr/X11/lib/libX11.so.3.1.0 /compat/linux/usr/X11/lib/libX11.so.3 -> libX11.so.3.1.0 /compat/linux/lib/libc.so.4.6.29 /compat/linux/lib/libc.so.4 -> libc.so.4.6.29 -
            - - 絋綏牙篋筝筝筝ldd 莨榊膃筝筝私信莅√埇後拷Linux延昆綺鐚 - 絨怨群膸鎘篋綏ヤ鐚 筝荀勀遵篁九九井膤紫筝篋 - 絋筝筝亥鐚 f莅阪篏処紊銀筝延昆綺 - 篁ュх鐚 Ű筝筝膃埈・井亥 - 篁ワ絋菴篋綺膤紫筝鐚 - + 絋綏牙篋筝筝筝 ldd + 莨坂賢膃筝筝私信莅√埇後 &linux; 延昆綺篁駈 + 筝荀紊倶e篁駈 ー延昆綺綺莚ュ篁ユe幻篏睡 + 絋贋亥延昆綺絽後産莅紊吟 + Ű膃埌丈・亥鐚 d絨怨篁ュゆх篋 - /compat/linux/lib/libc.so.4.6.27 + 罸絋鐚 &os; 膤紫筝ー菴篋延昆綺篁駈 + + /compat/linux/lib/libc.so.4.6.27 /compat/linux/lib/libc.so.4 -> libc.so.4.6.27 - 絋号ldd莨榊ー荀筝筝贋亥綺鐚 + 綛銀 ldd 堺筝篋菴句綺荀箙鐚 - libc.so.4 (DLL Jump 4.5pl26) -> libc.so.4.6.29 + libc.so.4 (DLL Jump 4.5pl26) -> libc.so.4.6.29 - 絋膸絨丞医Ŭ筝遺犬筝菴鐚d筝荀綽紊 /lib/libc.so.4.6.29鐚 - 筝榊綺腮緇т篋筝箙遵絅遵医轡篏 - 区鐚絋罨∝莚鐚篁ユ炊libc.so鐚菴件 + ∝句ー篁倶垸Ǔ後勲筝遺犬筝鐚 + 腮綺鎺莚ュ篁ユe幻篏睡腮т 筝膊≧件 + 篏睡亥炊∝ー libc.so 醇絎 - /compat/linux/lib/libc.so.4.6.29 + /compat/linux/lib/libc.so.4.6.29 /compat/linux/lib/libc.so.4 -> libc.so.4.6.29 - -
            -
            - - 膃埌丈・阪 篁篁 Linux 腮綺荀 - FreeBSD 菴茵区・篌綏怨紙上拷筝私信莅√埦筝荀筝堺ゆ綽 - -
            -             -             + 絽御罨≦ &os; 筝絎茖 &linux; 腮綺狗荀絲紙 &linux; + 篋菴句綺箴莎延昆綺篁吟 罩や鐚 膤紫箴推莇喝紊 &linux; + 延昆綺篁倶ヨ茵医茖 &linux; 篋菴句綺蘂紊篏             - 絎茖Linux ELF腮綺 + 絎茖 &linux; <acronym>ELF</acronym> + 篋菴句綺 + - Linux - ELF腮綺 + Linux + ELF binaries - ELF弱腮綺荀筝罩ラ紊罩ラ絋絨莚菴茵羃≧莅亥ELF腮綺鐚 - 篌緇医鋇∵欠莚篆≧鐚 + ELF 篋菴句綺狗荀蘂紊罩ラゃ + 綵茴莅亥 ELF 篋菴句綺頮ц九鐚 + 篌絋筝莚篆≧鐚 &prompt.user; ./my-linux-elf-binary ELF binary type not known Abort - 筝阪軒 FreeBSD 後莨 FreeBSD ELF - ц篁九 Linux ц篁駈 荀篏睡 &man.brandelf.1; - 綏ュ激 + 筝坂絽 &os; 後莨 &os; ELF + 篋菴句綺 &linux; 篋菴句綺鐚 莚隙戎 &man.brandelf.1;鐚 &prompt.user; brandelf -t Linux my-linux-elf-binary - GNU綏ュ - GNU綏ュ欠ー篌綵莅遺拭上ELF腮綺鋇鐚篁ュ域筝蘂坂莇ヨ絨 + + GNU toolchain + + + 延ー GNU 綏ュ潔乗処綵莅遺拭 ELF + 篋菴句綺鋇鐚菴筝罩ラら絽娯綽蕁糸 - 絎茖腱坂 RPM 綺腮綺 + 絎茖坂 &linux; <acronym>RPM</acronym> 綺腮綺 - FreeBSD 篏睡綏援井綺ヨ荼 ports ( &linux; ports) - 篁ユ羈篏睡(筝) &linux; RPM 井綺 - - 絋篏荀絎茖篁紙筝筝坂 RPM &linux; 綺腮綺鐚 - 篁ラ菴筝筝罩ラゅ鐚 + 絎茖坂 &linux; RPM 綺腮綺鐚 + 薤荀絎茖 archivers/rpm port + 絎茖絅巡 root + 桁葦巡戎罩ゅ巡擦絎茖 .rpm 篋鐚 &prompt.root; cd /compat/linux -&prompt.root; rpm2cpio -q < /path/to/linux.archive.rpm | cpio -id +&prompt.root; rpm2cpio < /path/to/linux.archive.rpm | cpio -id - 九絲劫群絎茖 ELF 篋菴句綺(筝綺)菴茵 brandelf - 罩ょ号絎茖腮綺鋇処←絎梧十鐚 篏醇篋篋羌莚 + 絋綽荀莚篏睡 brandelf 莅医茖絅順 + ELF 篋菴句綺 羈閫ら々絎茖絨羈綛峨梧十 臀筝紙阪茹f - 絋DNS筝醇e幻綏ヤ緇遺篆≧鐚 + DNS 筝醇e幻綏ヤ榊ー篁ヤ莚篆≧鐚 resolv+: "bind" is an invalid keyword resolv+: "hosts" is an invalid keyword - 絨演荀臀/compat/linux/etc/host.conf篁駈罩ゆ篁九鐚 + 莚桁фゆ号臀 /compat/linux/etc/host.conf order hosts, bind multi on - order菴筝茵/etc/hosts茴膣√・膣DNS - 絋/compat/linux/etc/host.conf羃≧茴絎茖鐚Linux腮綺鋍莚糸FreeBSD - /etc/host.conf九腓坂弱合FreeBSD莚羈 - 絋羃≧篏睡/etc/resolv.conf 篁区丞舟DNS鐚綺莚ュbind - + 菴絎篋ヨ /etc/hosts + ヨ DNS 絋 + /compat/linux/etc/host.conf 筝絖莚鐚 + &linux; 腮綺鋐推莚糸 /etc/host.conf + 綛倶腓坂 &os; 莚羈筝弱鴻 絋羃≧ + /etc/resolv.conf 篁銀賢臀≦鐚 + 篁ュ bind             + 絎茖&mathematica; @@ -438,7 +421,13 @@ done 篁ユMathType1Type1                         + --> + + + @@ -667,6 +667,9 @@ total 530 マウントポイントとはルートファイルシステムに存在する、 追加のファイルシステムと接続するためのディレクトリのことです。 + より詳細な説明は + + の節にあります。 標準的なマウントポイントには /usr, /var, /tmp, /mnt, /cdrom @@ -795,6 +798,9 @@ total 530 メモリファイルシステムはよく /tmp にマウントされます。 + これは &man.rc.conf.5; の tmpmfs 関係の変数を使うか、 + /etc/fstab + に設定項目を記入することで自動化できます。 詳しくは &man.mdmfs.8; (FreeBSD 4.X 系列であれば &man.mfs.8;) を参照して下さい。 @@ -883,7 +889,16 @@ total 530 /var/ - ログ・一時的なファイル・スプールファイルなどいろいろな用途 + ログ・一時的なファイル・スプールファイルなどいろいろな用途。 + メモリファイルシステムは時々 + /var + にマウントされます。 + これは &man.rc.conf.5; の varmfs 関係の変数を使うか、 + /etc/fstab + に設定項目を記入することで自動化できます。 + 詳しくは &man.mdmfs.8; + (FreeBSD 4.X 系列であれば &man.mfs.8;) + を参照して下さい。 @@ -904,7 +919,10 @@ total 530 /var/tmp/ - システムが再起動しても消えない一時的なファイル + 一時的なファイル。 + /var + がメモリファイルシステムでなければ、 + ここにあるファイルはシステムが再起動しても失われません。 From owner-svn-doc-all@FreeBSD.ORG Wed Jun 11 21:26:48 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C2134CC9; Wed, 11 Jun 2014 21:26:48 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AEB8028CC; Wed, 11 Jun 2014 21:26:48 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5BLQmi6008398; Wed, 11 Jun 2014 21:26:48 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5BLQm0O008397; Wed, 11 Jun 2014 21:26:48 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201406112126.s5BLQm0O008397@svn.freebsd.org> From: Mathieu Arnold Date: Wed, 11 Jun 2014 21:26:48 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45043 - head/en_US.ISO8859-1/books/porters-handbook/plist X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jun 2014 21:26:48 -0000 Author: mat (ports committer) Date: Wed Jun 11 21:26:48 2014 New Revision: 45043 URL: http://svnweb.freebsd.org/changeset/doc/45043 Log: Document the @shell plist keyword. Poked by: bapt Looked at by: bjk Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml Wed Jun 11 12:03:08 2014 (r45042) +++ head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml Wed Jun 11 21:26:48 2014 (r45043) @@ -308,6 +308,8 @@ etc/orbit.conf-dist Expanding Package List with Keywords + + <literal>@fc</literal> <replaceable>directory</replaceable> @@ -373,6 +375,19 @@ etc/orbit.conf-dist information. + + <literal>@shell</literal> + <replaceable>file</replaceable> + + Add the file passed as argument to the plist. + + On installation, add the full path to + file to + /etc/shells, while making sure it's not + added twice. On deinstallation, remove it from + /etc/shells. + + Base Keywords From owner-svn-doc-all@FreeBSD.ORG Wed Jun 11 21:29:47 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E1982EAD; Wed, 11 Jun 2014 21:29:47 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CE5A12910; Wed, 11 Jun 2014 21:29:47 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5BLTluN008783; Wed, 11 Jun 2014 21:29:47 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5BLTllg008782; Wed, 11 Jun 2014 21:29:47 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201406112129.s5BLTllg008782@svn.freebsd.org> From: Mathieu Arnold Date: Wed, 11 Jun 2014 21:29:47 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45044 - head/en_US.ISO8859-1/books/porters-handbook/plist X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jun 2014 21:29:48 -0000 Author: mat (ports committer) Date: Wed Jun 11 21:29:47 2014 New Revision: 45044 URL: http://svnweb.freebsd.org/changeset/doc/45044 Log: s/it's/it is/ Noticed by: bjk Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml Wed Jun 11 21:26:48 2014 (r45043) +++ head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml Wed Jun 11 21:29:47 2014 (r45044) @@ -383,7 +383,7 @@ etc/orbit.conf-dist On installation, add the full path to file to - /etc/shells, while making sure it's not + /etc/shells, while making sure it is not added twice. On deinstallation, remove it from /etc/shells. From owner-svn-doc-all@FreeBSD.ORG Wed Jun 11 21:49:52 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B11B55FF; Wed, 11 Jun 2014 21:49:52 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 84E032B1D; Wed, 11 Jun 2014 21:49:52 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5BLnqOn017856; Wed, 11 Jun 2014 21:49:52 GMT (envelope-from bapt@svn.freebsd.org) Received: (from bapt@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5BLnqve017855; Wed, 11 Jun 2014 21:49:52 GMT (envelope-from bapt@svn.freebsd.org) Message-Id: <201406112149.s5BLnqve017855@svn.freebsd.org> From: Baptiste Daroussin Date: Wed, 11 Jun 2014 21:49:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45045 - head X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jun 2014 21:49:52 -0000 Author: bapt (src,ports committer) Date: Wed Jun 11 21:49:52 2014 New Revision: 45045 URL: http://svnweb.freebsd.org/changeset/doc/45045 Log: Remove the automatic linter, it doesn't play nicely with our xml and mangles the code review Approved by: gjb Deleted: head/.arclint From owner-svn-doc-all@FreeBSD.ORG Wed Jun 11 21:51:39 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 85066683; Wed, 11 Jun 2014 21:51:39 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 728FE2B99; Wed, 11 Jun 2014 21:51:39 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5BLpd23018583; Wed, 11 Jun 2014 21:51:39 GMT (envelope-from bapt@svn.freebsd.org) Received: (from bapt@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5BLpdmN018582; Wed, 11 Jun 2014 21:51:39 GMT (envelope-from bapt@svn.freebsd.org) Message-Id: <201406112151.s5BLpdmN018582@svn.freebsd.org> From: Baptiste Daroussin Date: Wed, 11 Jun 2014 21:51:39 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45046 - head X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jun 2014 21:51:39 -0000 Author: bapt (src,ports committer) Date: Wed Jun 11 21:51:38 2014 New Revision: 45046 URL: http://svnweb.freebsd.org/changeset/doc/45046 Log: Add .arcconfig so code review are automatically associated with the right repository and to prevent people using git svn/hg svn to have arcanist automatically modifying their history Approved by: gjb Added: head/.arcconfig (contents, props changed) Added: head/.arcconfig ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/.arcconfig Wed Jun 11 21:51:38 2014 (r45046) @@ -0,0 +1,5 @@ +{ + "project.name": "D", + "phabricator.uri" : "https://phabric.freebsd.org/", + "history.immutable" : true +} From owner-svn-doc-all@FreeBSD.ORG Thu Jun 12 18:15:59 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EE6648CD; Thu, 12 Jun 2014 18:15:59 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DB99D28D2; Thu, 12 Jun 2014 18:15:59 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5CIFxRI081958; Thu, 12 Jun 2014 18:15:59 GMT (envelope-from flo@svn.freebsd.org) Received: (from flo@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5CIFxbk081957; Thu, 12 Jun 2014 18:15:59 GMT (envelope-from flo@svn.freebsd.org) Message-Id: <201406121815.s5CIFxbk081957@svn.freebsd.org> From: Florian Smeets Date: Thu, 12 Jun 2014 18:15:59 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45047 - head/en_US.ISO8859-1/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jun 2014 18:16:00 -0000 Author: flo (ports committer) Date: Thu Jun 12 18:15:59 2014 New Revision: 45047 URL: http://svnweb.freebsd.org/changeset/doc/45047 Log: - reflect jadawin's addition to postmaster@ - mention that I took over the lead from dhw [1] Prodded by: pgj [1] Approved by: gjb Modified: head/en_US.ISO8859-1/htdocs/administration.xml Modified: head/en_US.ISO8859-1/htdocs/administration.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/administration.xml Wed Jun 11 21:51:38 2014 (r45046) +++ head/en_US.ISO8859-1/htdocs/administration.xml Thu Jun 12 18:15:59 2014 (r45047) @@ -455,9 +455,10 @@
            • &a.brd.email;
              • -
            • &a.flo.email;
              • +
            • &a.flo.email; (Lead)
            • &a.sahil.email;
            • &a.dhw.email;
              • +
            • &a.jadawin.email;

            Subversion Administrators <svnadm@>

            From owner-svn-doc-all@FreeBSD.ORG Fri Jun 13 10:26:44 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E538A43D; Fri, 13 Jun 2014 10:26:43 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C72802A30; Fri, 13 Jun 2014 10:26:43 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5DAQhd1025763; Fri, 13 Jun 2014 10:26:43 GMT (envelope-from brueffer@svn.freebsd.org) Received: (from brueffer@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5DAQgJP025754; Fri, 13 Jun 2014 10:26:42 GMT (envelope-from brueffer@svn.freebsd.org) Message-Id: <201406131026.s5DAQgJP025754@svn.freebsd.org> From: Christian Brueffer Date: Fri, 13 Jun 2014 10:26:42 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45048 - in head/en_US.ISO8859-1: articles/committers-guide articles/portbuild books/fdp-primer/docbook-markup books/fdp-primer/translations books/fdp-primer/working-copy books/porters-... X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jun 2014 10:26:44 -0000 Author: brueffer Date: Fri Jun 13 10:26:42 2014 New Revision: 45048 URL: http://svnweb.freebsd.org/changeset/doc/45048 Log: Fix links to the SVN mirror list. PR: 190962 Submitted by: Sergey V. Dyatko Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml head/en_US.ISO8859-1/articles/portbuild/article.xml head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml head/en_US.ISO8859-1/books/fdp-primer/translations/chapter.xml head/en_US.ISO8859-1/books/fdp-primer/working-copy/chapter.xml head/en_US.ISO8859-1/books/porters-handbook/upgrading/chapter.xml Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/committers-guide/article.xml Thu Jun 12 18:15:59 2014 (r45047) +++ head/en_US.ISO8859-1/articles/committers-guide/article.xml Fri Jun 13 10:26:42 2014 (r45048) @@ -854,7 +854,7 @@ You need a Passphrase to protect your se Select the closest mirror and verify the mirror server certificate from the list of Subversion + xlink:href="&url.books.handbook;/svn.html#svn-mirrors">Subversion mirror sites. Modified: head/en_US.ISO8859-1/articles/portbuild/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/portbuild/article.xml Thu Jun 12 18:15:59 2014 (r45047) +++ head/en_US.ISO8859-1/articles/portbuild/article.xml Fri Jun 13 10:26:42 2014 (r45048) @@ -2791,7 +2791,7 @@ sh -x ./tmp/mkportbuild Select an svn repository and export it. See the - &os; Handbook + &os; Handbook for the currently supported list. &prompt.root; export VCS_REPOSITORY=svn://svn0.us-east.FreeBSD.org Modified: head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Thu Jun 12 18:15:59 2014 (r45047) +++ head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Fri Jun 13 10:26:42 2014 (r45048) @@ -2620,7 +2620,7 @@ IMAGES= chapter1/fig1.png xlink:href="&url.books.handbook;/svn.html#svn-intro"SVN introductionlink, then pick the nearest mirror from the list of link - xlink:href="&url.books.handbook;/svn-mirrors.html"Subversion + xlink:href="&url.books.handbook;/svn.html#svn-mirrors"Subversion mirror siteslink.para Appearance: @@ -2629,7 +2629,7 @@ IMAGES= chapter1/fig1.png xlink:href="&url.books.handbook;/svn.html#svn-intro">SVN introduction, then pick the nearest mirror from the list of Subversion + xlink:href="&url.books.handbook;/svn.html#svn-mirrors">Subversion mirror sites.             Usage for article links: Modified: head/en_US.ISO8859-1/books/fdp-primer/translations/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/translations/chapter.xml Thu Jun 12 18:15:59 2014 (r45047) +++ head/en_US.ISO8859-1/books/fdp-primer/translations/chapter.xml Fri Jun 13 10:26:42 2014 (r45048) @@ -140,7 +140,7 @@ svn0.us-east.FreeBSD.org is a public SVN server. Select the closest mirror and verify the mirror server - certificate from the list of Subversion + certificate from the list of Subversion mirror sites. Modified: head/en_US.ISO8859-1/books/fdp-primer/working-copy/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/working-copy/chapter.xml Thu Jun 12 18:15:59 2014 (r45047) +++ head/en_US.ISO8859-1/books/fdp-primer/working-copy/chapter.xml Fri Jun 13 10:26:42 2014 (r45048) @@ -67,7 +67,7 @@ Choosing a Mirror To increase speed and reduce download time, select a mirror - from the list of Subversion + from the list of Subversion mirror sites that is close to your location. Substitute the chosen mirror URL for the https://svn0.us-west.FreeBSD.org/ Modified: head/en_US.ISO8859-1/books/porters-handbook/upgrading/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/upgrading/chapter.xml Thu Jun 12 18:15:59 2014 (r45047) +++ head/en_US.ISO8859-1/books/porters-handbook/upgrading/chapter.xml Fri Jun 13 10:26:42 2014 (r45048) @@ -170,7 +170,7 @@ is a public Subversion server. Select the closest mirror and verify the mirror server certificate from the list of Subversion + xlink:href="&url.books.handbook;/svn.html#svn-mirrors">Subversion mirror sites. From owner-svn-doc-all@FreeBSD.ORG Fri Jun 13 12:05:03 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A14E6770; Fri, 13 Jun 2014 12:05:03 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 826AD24E1; Fri, 13 Jun 2014 12:05:03 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5DC533M071829; Fri, 13 Jun 2014 12:05:03 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5DC53Xw071828; Fri, 13 Jun 2014 12:05:03 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201406131205.s5DC53Xw071828@svn.freebsd.org> From: Ryusuke SUZUKI Date: Fri, 13 Jun 2014 12:05:03 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45049 - head/ja_JP.eucJP/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Fri, 13 Jun 2014 13:17:57 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jun 2014 12:05:03 -0000 Author: ryusuke Date: Fri Jun 13 12:05:03 2014 New Revision: 45049 URL: http://svnweb.freebsd.org/changeset/doc/45049 Log: - Merge the following from the English version: r44774 -> r44775 head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Fri Jun 13 10:26:42 2014 (r45048) +++ head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Fri Jun 13 12:05:03 2014 (r45049) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r44774 + Original revision: r44775 $FreeBSD$ --> freebsd-update を使って、 システムを完全にパッチがあたった状態に保つ事ができるようになりました。 &os; セキュリティ勧告の詳細については、 - &os; セキュリティ勧告 + &os; セキュリティ勧告 の節で説明されています。 @@ -342,12 +342,15 @@ Uninstalling updates... done. によりアップデートされます。 - GENERIC カーネルを、常に /boot/GENERIC - に置いておくことは良い考えです。 + GENERIC カーネルを、 + 常に /boot/GENERIC に置いておいてください。 さまざまな問題を解決する際や、 - に説明されているように、 - freebsd-update - を用いてバージョンをアップグレードする際に助けとなります。 + バージョンをアップグレードする際に助けとなります。 + GENERIC カーネルを用意する方法については、 + または + を参照してください。 /etc/freebsd-update.conf @@ -384,8 +387,22 @@ Uninstalling updates... done. &os; 9.X から &os; 10.X へのアップグレードといった、 &os; のメジャーバージョンが変わるようなアップグレードのことです。 どちらのアップグレードもリリース番号のターゲットを指定する事で、 - freebsd-update によって行う事ができます。 - 以下のコマンドを実行すると、&os; 9.0 + freebsd-update によって行う事ができます。 + + + カスタムカーネルを使っているシステムでは、 + アップグレードを行う前に + GENERIC カーネルが、 + /boot/GENERIC + に置かれている事を確認してください。 + GENERIC カーネルを用意する方法については、 + または + を参照してください。 + + + 以下のコマンドを実行すると、&os; 9.0 のシステムを &os; 9.1 にアップグレードします。 &prompt.root; freebsd-update -r 9.1-RELEASE upgrade @@ -457,7 +474,6 @@ before running "/usr/sbin/freebsd-update パッチは最初にカーネルとカーネルモジュールに対して当てられます。 - ここでコンピュータを再起動する必要があります。 システムがカスタムカーネルを実行している場合には、 &man.nextboot.8; を使って次回の再起動時のカーネルを、 アップデートされた /boot/GENERIC @@ -487,8 +503,9 @@ before running "/usr/sbin/freebsd-update システムがオンラインに戻ったら、以下のコマンドを使って freebsd-update を再び実行してください。 アップデートプロセスの状態は保存されているので、 - freebsd-update を実行すると、最初からではなく、 - 古い共有ライブラリとオブジェクトファイルを削除するプロセスから始まります。 + freebsd-update を実行すると、 + 最初からではなく、次のステップに進み、 + 古い共有ライブラリとオブジェクトファイルを削除します。 &prompt.root; freebsd-update install @@ -501,39 +518,35 @@ before running "/usr/sbin/freebsd-update もしメジャーアップグレードを行った場合には、 で説明されているようにすべての ports および package - を再構築してください。 - カスタムカーネルを使っているシステムでは、 - カスタムカーネルのアップグレードの方法について、 または - を参照してください。 + を再構築してください。 &os; 9.X 以降のシステムにおけるカスタムカーネル - - - ただ一度だけカスタムカーネルを構築したのであれば、 + freebsd-update を使う前に、 + GENERIC カーネルが + /boot/GENERIC + に置かれていることを確認してください。 + ただ一度だけカスタムカーネルを構築したのであれば、 /boot/kernel.oldGENERIC カーネルそのものです。 このディレクトリの名前を /boot/kernel へと変更してください。 - - - コンピュータへの物理的なアクセスが可能であれば、 - 以下のコマンドで、インストールメディアから - GENERIC + もし、2 回以上カスタムカーネルを構築した後であったり、 + カスタムカーネルを構築した回数がわからなければ、 + 現在のオペレーティングシステムのバージョンの + GENERIC カーネルを入手してください。 + コンピュータへの物理的なアクセスが可能であれば、 + インストールメディアから GENERIC カーネルをインストールできます。 &prompt.root; mount /cdrom &prompt.root; cd /cdrom/usr/freebsd-dist &prompt.root; tar -C/ -xvf kernel.txz boot/kernel/kernel - - - 上記の方法に失敗するのであれば、 + 別な方法としては、 GENERIC カーネルをソースから再構築して、 インストールしてください。 @@ -545,34 +558,20 @@ before running "/usr/sbin/freebsd-update GENERIC コンフィグレーションファイルは、 とにかく変更してはいけません。 また、特別なオプションを指定しないで構築してください。 - - - この時点で GENERIC + freebsd-update は、 + /boot/GENERIC + が存在する事だけを必要とするので、 + GENERIC カーネルで再起動する必要はありません。 &os; 8.X におけるカスタムカーネル - GENERIC カーネルが - /boot/GENERIC - に置かれている必要があります。 - もし GENERIC - カーネルがシステムに存在しない場合には、 - 以下のどれかの方法で用意してください。 - - - - ただ一度だけカスタムカーネルを構築したのであれば、 - /boot/kernel.old - は GENERIC カーネルそのものです。 - このディレクトリの名前を - /boot/GENERIC - へと変更してください。 - + &os; 8.X システムでは、GENERIC + カーネルを入手する方法や構築の方法が少し異なります。 - コンピュータへの物理的なアクセスが可能であれば、 以下のコマンドを実行することで、 インストールメディアから GENERIC @@ -584,16 +583,13 @@ before running "/usr/sbin/freebsd-update ここで X.Y-RELEASE - を実際のリリース番号に置き換えてください。 + をリリース番号に置き換えてください。 GENERIC カーネルは、 デフォルトで /boot/GENERIC にインストールされます。 - - - 上記の方法がすべて失敗するのであれば、 - GENERIC カーネルをソースから再構築して、 - インストールしてください。 + または、GENERIC + カーネルをソースから再構築してください。 &prompt.root; cd /usr/src &prompt.root; env DESTDIR=/boot/GENERIC make kernel __MAKE_CONF=/dev/null SRCCONF=/dev/null @@ -605,10 +601,8 @@ before running "/usr/sbin/freebsd-update GENERIC コンフィグレーションファイルは、 とにかく変更してはいけません。 また、特別なオプションを指定しないで構築してください。 - - - この時点で GENERIC + GENERIC カーネルで再起動する必要はありません。 @@ -636,7 +630,7 @@ before running "/usr/sbin/freebsd-update この振る舞いをやめ、デフォルトのオプションを使用するには、 上記のコマンドに を含めてください。 - この作業の終了後、最後にもう一度 + ソフトウェアのアップグレードが終わったら、最後にもう一度 freebsd-update を実行して、 すべてのアップグレードプロセスのやり残し作業を行い、 @@ -645,8 +639,9 @@ before running "/usr/sbin/freebsd-update &prompt.root; freebsd-update install GENERIC - カーネルを一時的に読み込んでいたのであれば、 - ここで、通常の方法を用いて新しいカスタムを構築し、インストールしてください。 + カーネルを一時的に読み込んでいたのであれば、 に書かれている手順に従って、 + 新しいカスタムを構築し、インストールしてください。 コンピュータを再起動し、新しい &os; を立ち上げてください。 これでアップグレードのプロセスは完了です。 @@ -659,16 +654,15 @@ before running "/usr/sbin/freebsd-update freebsd-update を用いて、 インストールされている &os; の状態と、 正しく動作することが分かっている状態とを比較できます。 - このオプションは、システムのユーティリティ、ライブラリ、 - 設定ファイルを評価します。 - 比較を行うには、以下のコマンドを実行してください。 - - &prompt.root; freebsd-update IDS >> outfile.ids + このコマンドは、現在のシステムのユーティリティ、ライブラリ、 + 設定ファイルを評価するので、 + 組み込みの侵入検知システム (IDS) + として使うことができます。 - コマンドライン名は IDS ですが、 - security/snort - のような侵入検知システムの本当の置き換えになるものではありません。 + このコマンドは、security/snort + のような本当の IDS + の置き換えになるものではありません。 freebsd-update はデータをディスクに保存するので、 不正な変更が行われる可能性があります。 kern.securelevel と、 @@ -678,13 +672,22 @@ before running "/usr/sbin/freebsd-update よりよい解決方法は、 DVD または安全に保存されている外部 USB - ディスクのような安全なディスクとシステムを比較することです。 + ディスクのような安全なディスクとシステムを比較することです。 + 組み込まれているユーティリティを用いた、別の方法による + IDS 機能については、 + &os; バイナリによる検出 + + の節をご覧ください。 - このコマンドを実行すると、システムは検査され、 - リリースファイルの &man.sha256.1; - ハッシュ値と現在インストールされているファイルのハッシュ値がファイルの一覧と共に、指定した - outfile.ids ファイルに送られます。 + 比較を行うには、 + 結果の出力先のファイル名を指定してください。 + + &prompt.root; freebsd-update IDS >> outfile.ids + + システムは検査され、リリースファイルの SHA256 + ハッシュ値と現在インストールされているファイルのハッシュ値がファイルの一覧と共に、 + 指定した出力先のファイルに送られます。 これらの行は極めて長いのですが、出力形式は簡単にすぐに解析できます。 たとえば、これらのリリースで異なっているすべてのファイルを知りたいのであれば、 @@ -701,15 +704,12 @@ before running "/usr/sbin/freebsd-update これらのファイルには、運用中に変更されるファイルがあります。 たとえば、/etc/passwd はユーザがシステムに追加されると変更されます。 - また、カーネルモジュールのようなファイルは、 + また、カーネルモジュールは、 freebsd-update によりアップデートされるため、変更されます。 このような特別なファイルやディレクトリを除外するには、 それらを /etc/freebsd-update.confIDSIgnorePaths オプションに追加してください。 - - 以前に議論した方法とは別に、 - このシステムを入念なアップグレード方法の一部として用いることができます。 From owner-svn-doc-all@FreeBSD.ORG Fri Jun 13 14:53:28 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BCD6BD79; Fri, 13 Jun 2014 14:53:28 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A6B8123DB; Fri, 13 Jun 2014 14:53:28 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5DErSFC050352; Fri, 13 Jun 2014 14:53:28 GMT (envelope-from taras@svn.freebsd.org) Received: (from taras@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5DErOQu050330; Fri, 13 Jun 2014 14:53:24 GMT (envelope-from taras@svn.freebsd.org) Message-Id: <201406131453.s5DErOQu050330@svn.freebsd.org> From: Taras Korenko Date: Fri, 13 Jun 2014 14:53:24 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45050 - in head/ru_RU.KOI8-R: articles/committers-guide articles/console-server articles/cups articles/custom-gcc articles/cvs-freebsd articles/fbsd-from-scratch articles/fonts article... X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Fri, 13 Jun 2014 15:28:50 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jun 2014 14:53:28 -0000 Author: taras Date: Fri Jun 13 14:53:24 2014 New Revision: 45050 URL: http://svnweb.freebsd.org/changeset/doc/45050 Log: + ru/articles & ru/books/handbook: restore tags, which were lost during conversion to the DocBook5. P.S.: special thanks to wblock@ for his script [1], which made this task much easier. 1. http://lists.freebsd.org/pipermail/freebsd-doc/2014-March/023463.html Modified: head/ru_RU.KOI8-R/articles/committers-guide/article.xml head/ru_RU.KOI8-R/articles/console-server/article.xml head/ru_RU.KOI8-R/articles/cups/article.xml head/ru_RU.KOI8-R/articles/custom-gcc/article.xml head/ru_RU.KOI8-R/articles/cvs-freebsd/article.xml head/ru_RU.KOI8-R/articles/fbsd-from-scratch/article.xml head/ru_RU.KOI8-R/articles/fonts/article.xml head/ru_RU.KOI8-R/articles/geom-class/article.xml head/ru_RU.KOI8-R/articles/ipsec-must/article.xml head/ru_RU.KOI8-R/articles/mh/article.xml head/ru_RU.KOI8-R/articles/new-users/article.xml head/ru_RU.KOI8-R/articles/pam/article.xml head/ru_RU.KOI8-R/articles/portbuild/article.xml head/ru_RU.KOI8-R/articles/problem-reports/article.xml head/ru_RU.KOI8-R/articles/releng/article.xml head/ru_RU.KOI8-R/articles/solid-state/article.xml head/ru_RU.KOI8-R/books/handbook/advanced-networking/chapter.xml head/ru_RU.KOI8-R/books/handbook/basics/chapter.xml head/ru_RU.KOI8-R/books/handbook/boot/chapter.xml head/ru_RU.KOI8-R/books/handbook/bsdinstall/chapter.xml head/ru_RU.KOI8-R/books/handbook/config/chapter.xml head/ru_RU.KOI8-R/books/handbook/cutting-edge/chapter.xml head/ru_RU.KOI8-R/books/handbook/desktop/chapter.xml head/ru_RU.KOI8-R/books/handbook/disks/chapter.xml head/ru_RU.KOI8-R/books/handbook/filesystems/chapter.xml head/ru_RU.KOI8-R/books/handbook/firewalls/chapter.xml head/ru_RU.KOI8-R/books/handbook/geom/chapter.xml head/ru_RU.KOI8-R/books/handbook/install/chapter.xml head/ru_RU.KOI8-R/books/handbook/kernelconfig/chapter.xml head/ru_RU.KOI8-R/books/handbook/l10n/chapter.xml head/ru_RU.KOI8-R/books/handbook/linuxemu/chapter.xml head/ru_RU.KOI8-R/books/handbook/mac/chapter.xml head/ru_RU.KOI8-R/books/handbook/mirrors/chapter.xml head/ru_RU.KOI8-R/books/handbook/multimedia/chapter.xml head/ru_RU.KOI8-R/books/handbook/network-servers/chapter.xml head/ru_RU.KOI8-R/books/handbook/ports/chapter.xml head/ru_RU.KOI8-R/books/handbook/ppp-and-slip/chapter.xml head/ru_RU.KOI8-R/books/handbook/printing/chapter.xml head/ru_RU.KOI8-R/books/handbook/security/chapter.xml head/ru_RU.KOI8-R/books/handbook/serialcomms/chapter.xml Modified: head/ru_RU.KOI8-R/articles/committers-guide/article.xml ============================================================================== --- head/ru_RU.KOI8-R/articles/committers-guide/article.xml Fri Jun 13 12:05:03 2014 (r45049) +++ head/ru_RU.KOI8-R/articles/committers-guide/article.xml Fri Jun 13 14:53:24 2014 (r45050) @@ -87,9 +87,9 @@ &a.src-developers;, &a.src-committers;. (訌崢詫 凖佻敝塹夘 侑賄穆 嗜墸都嘖徼脊 堋徒慘拇 嗤瓶防 卅嗷挂防 嗾篤彬啻揺 -developers -committers. 痃班忸 榑蛭 嗤瓶墨 頒僧冱嗔 徳別組 - /home/mail/repository-name-developers-archive + /home/mail/repository-name-developers-archive - /home/mail/repository-name-committers-archive + /home/mail/repository-name-committers-archive 料 輿柯料 北喪堙卅 FreeBSD.org). @@ -337,7 +337,7 @@ alias scvs cvs -d user登賭 徨 椀賭礎鰭 CVS 溶杯 忸佻摸冱慯 料 模冒蒙力 輿柯療, 通 徇途杜頻 冨妖療良 脇秒描蒙力 津凖從 CVS 嗅田嫖 瓶佻蒙斛彖墮 - 墨輿猟 Xcvs commit. + 墨輿猟 Xcvs commit. 縒棉 彖 燐嵶 掴汰徂墮 侑賄穆 湟-棉堆 嗜彭叨杜力 力從 (料侑浜賭, 瓶範栂拇 堙睦壅 嘖碗藁良 卅斷疎壘彬), 燐嵶 瓶佻蒙斛彖墮 墨輿猟 cvs import; 和卅塢堙嗹 嘖卅良壇 嗤卅從淮彬 佻 @@ -1136,7 +1136,7 @@ Host pcvs.FreeBSD.org - 簣汰忤堙 單耐 徳別 src/share/misc/committers-凖佻敝塹夘.dot, + 簣汰忤堙 單耐 徳別 src/share/misc/committers-凖佻敝塹夘.dot, 把 凖佻敝塹夘斗 怠津 况妄墮嗔 棉堆 doc, 棉堆 ports, 棉堆 src 攸徂喇溶嘖 佻盲淌領挌 彖揺 墨様不堙厶防 侑夫斌吐品. @@ -1162,7 +1162,7 @@ Host pcvs.FreeBSD.org 訴追堙 料 輿柯燐 hub.FreeBSD.org 嗜敖訴堙 - 徳別 /var/forward/user + 徳別 /var/forward/user (攸妖良堙 user 料 彖枦 浜 佻蒙斛彖堙妄). 塹 徳別 掴網杜 嗜津雙壮 祖凖 槎屠墟藁力 佻湟, 料 墨塹燮 怠津 佚凖侑宋妄墮嗔 徨 佻湟 料 祖凖 @@ -1345,7 +1345,7 @@ Host pcvs.FreeBSD.org 瓶佻蒙旁都 GNATS. 縒棉 忸 瓶侑宋斌 柯陀 斌 徇途棉 冨妖療良, 椀瓶僧隣 歪力 冨 嗜和歸良 和 柯陀組 (PR), 療 攸怠椿堙 攸牧捏 榑 嗜和歸良, 瓶佻蒙旁 墨輿猟 - edit-pr pr-number 料 輿柯療 + edit-pr pr-number 料 輿柯療 freefall. 莽厦柤 怠津, 途棉 忸 佻墟壮不 療洋惑 徠斗杜 料 佻瓶 攸牧捏錨 漬嫻蛭 PR 佻 榑亙 堙妖. 啻揺 溶崚堙 佻蒙斛彖墮嗔 &man.send-pr.1; 通 侑田模崚良 冨妖療良, 墨塹燮, 佻 @@ -1670,7 +1670,7 @@ docs:Documentation Bug:freebsd-doc:$HOME/.ssh/id_dsa.pub 斌 $HOME/.ssh/id_rsa.pub) 彖枦葉 怠蔦歸葉 妖淋碗, 湟和 藁 溶 泰墮 佻妖歸 徳別 - yourlogin 冒堊模播 + yourlogin 冒堊模播 /c/ssh-keys/ 料 輿柯療 freefall. @@ -2343,7 +2343,7 @@ docs:Documentation Bug:freebsd-doc:&prompt.root; make install &prompt.root; make package &prompt.root; make deinstall -&prompt.root; pkg_add 浜 嗜岱僧力馬 仭謀堊 +&prompt.root; pkg_add 浜 嗜岱僧力馬 仭謀堊 &prompt.root; make deinstall &prompt.root; make reinstall &prompt.root; make package @@ -2363,7 +2363,7 @@ docs:Documentation Bug:freebsd-doc:阻厦編 PR, 途棉 力忸 佻參 侑布徒 徂津 PR. 簗 榑惑 從嗤鰐憙嬖堙嗹 墨輿猟亙 - edit-pr PR# + edit-pr PR# 料 輿柯療 freefall 冨妖良堙 變挿杜錨 嘖厦謀 state openclosed. 壮斗 椀布不 侑扶瀕 嗟杜 @@ -2786,8 +2786,8 @@ docs:Documentation Bug:freebsd-doc:簗 侑彭卷 嗅田嫖 瓶佻蒙斛彖墮 嗚夘來 chkorigin.sh: env - PORTSDIR=/path/to/ports - sh -e /path/to/ports/Tools/scripts/chkorigin.sh + PORTSDIR=/path/to/ports + sh -e /path/to/ports/Tools/scripts/chkorigin.sh . 堊 墨輿猟 侑彭夘 冒崢拱 佻參 津凖彭, 塹 淺嗅 堙, 湟 療 徊明淌隣 侑話途 啾碗防, 堊 湟 電 溶嵶 @@ -2854,7 +2854,7 @@ docs:Documentation Bug:freebsd-doc: 簣汰忤堙 冒堊模 - distrib/cvsup/sup/ports-categoryname + distrib/cvsup/sup/ports-categoryname 鍔 徳別: list.cvs releases. @@ -3035,7 +3035,7 @@ bak/packages 仭謀壅 佻嗅田療 佻摸亙 啾 佻盲淺墮 掴嘖孃 輿柯療 cvsup-master.FreeBSD.org, 侑斌嵒 忸從 墨輿猟 cvpasswd - yourusername@FreeBSD.org + yourusername@FreeBSD.org freefall.FreeBSD.org. 鐶卅塢堙 徇浜僧錨: 墨輿猟力 嘖厦謀 忸 掴網隣 嬲惣壮 freefall.FreeBSD.org, 範墹 凖遡慘挈 單叟賭詫 怠津 cvsup-master. Modified: head/ru_RU.KOI8-R/articles/console-server/article.xml ============================================================================== --- head/ru_RU.KOI8-R/articles/console-server/article.xml Fri Jun 13 12:05:03 2014 (r45049) +++ head/ru_RU.KOI8-R/articles/console-server/article.xml Fri Jun 13 14:53:24 2014 (r45050) @@ -424,7 +424,7 @@ 霤凖閉不 冒堊模 榑惑 佻參 (卅堆堊 冒 佻蒙斛彖堙蒙 root) 料妥夘堙: - &prompt.root; make DEFAULTHOST=consolehost install + &prompt.root; make DEFAULTHOST=consolehost install consolehost 况妄都嗔 浜杜斗 輿柯隣, 料 墨塹厦 卅堆堊都 墨林鰐慘拱 單叟賭. 祖僧錨 榑惑 侑 @@ -506,22 +506,22 @@ trusted: 127.0.0.1 buzz 怠蔦 卅嗤鰐素壮慯 冒堊模播 /var/log/consoles. 麌要鰐 & 冒崢亙 嘖厦謀 嬲惣掀租 料 塹, 湟 徳別 嶮厠遡 通 榑亙 輿柯隣 怠津 料旛彖墮嗔 - /var/log/consoles/machine. + /var/log/consoles/machine. 嗅田媽殄 墟H 嘖厦冒 佻冒攸隣 墟 輿柯隣, 墨塹燮 料 燐嵶 佻痛明涸墮嗔. 輾 瓶佻蒙旁斗 孑墟亙嘖彖 - cuaEx 徑途塹 - ttyEx, 佻塹葉 湟 + cuaEx 徑途塹 + ttyEx, 佻塹葉 湟 料 墨林鰐慘挌 佻參組 和掵力 墫孕嘖徼都 療嗾歔. 塹 變挿租, 湟 - 塰燮塢 ttyEx + 塰燮塢 ttyEx 怠津 攸徂啻墮, conserver 良墨把 療 嗟崚 腕斈途墸不 佻痛明淌良. 蚌佻蒙斛彖良 孑墟亙嘖彖 - cuaEx 佻旌鰐囘 + cuaEx 佻旌鰐囘 嬖塢 榑亙 侑和姪踊. 簟嫻浜 凖枦良斗 怠津 瓶佻蒙斛彖良 孑墟亙嘖 - ttyEx 卅斷奴杜錨 + ttyEx 卅斷奴杜錨 瓶佻蒙斛彖良 料 榑浜 佻參組 侑惑卅様力 療嗾歸, 從斃嵶, 侖圍 孑堊力徊 榑惑 侑 佻溶殄 孑墟亙嘖彖 - ttyiEx 徳別 + ttyiEx 徳別 /etc/rc.serial. 靉嗟墟不 墨様杜堊夘 榑詫 徳別 通 忸决療良 徨堵 津堊姪. 阻崚 佻嗟墟不 &man.sio.4; 通 佻盲淌良 瀕届厖礎鰭 和 孑墟亙嘖彖 料涸蒙隣 嗜嘖湾良斗 Modified: head/ru_RU.KOI8-R/articles/cups/article.xml ============================================================================== --- head/ru_RU.KOI8-R/articles/cups/article.xml Fri Jun 13 12:05:03 2014 (r45049) +++ head/ru_RU.KOI8-R/articles/cups/article.xml Fri Jun 13 14:53:24 2014 (r45050) @@ -114,7 +114,7 @@ add path 'usb/X/dev/usb. 塹泰 料編 墟殿嫖踊 變挿杜頻, 侑腕溶墟不 忸從 &man.dmesg.8; 料閉不 嘛凉僧力 彖柯 侑瀕堙厦 浜 嗤澱描蒙力馬 孑墟亙嘖彖 - ugenX.Y, + ugenX.Y, 佻嗅田療 怠津 喇要鰐扶途墨 嗷挂墨 料 瓶墨溶 孑墟亙嘖從 冒堊模播 /dev/usb. Modified: head/ru_RU.KOI8-R/articles/custom-gcc/article.xml ============================================================================== --- head/ru_RU.KOI8-R/articles/custom-gcc/article.xml Fri Jun 13 12:05:03 2014 (r45049) +++ head/ru_RU.KOI8-R/articles/custom-gcc/article.xml Fri Jun 13 14:53:24 2014 (r45050) @@ -90,7 +90,7 @@ 簗 孑堊力徊 歪力馬 冨 忸枦孃詫冦孕挌 佻參 GCC, 料妥夘堙 嗅田媽殳 墨輿猟: - &prompt.root; cd /usr/ports/lang/gcc44 && make install + &prompt.root; cd /usr/ports/lang/gcc44 && make install Modified: head/ru_RU.KOI8-R/articles/cvs-freebsd/article.xml ============================================================================== --- head/ru_RU.KOI8-R/articles/cvs-freebsd/article.xml Fri Jun 13 12:05:03 2014 (r45049) +++ head/ru_RU.KOI8-R/articles/cvs-freebsd/article.xml Fri Jun 13 14:53:24 2014 (r45050) @@ -83,7 +83,7 @@ 瀕秒描棉敝厦彖墮, 通 淌馬 忸珍墮 CVS 堊釦 墨輿猟: - &prompt.user; cvs -d path-to-repository init + &prompt.user; cvs -d path-to-repository init 鯏旁蒙堊塹 電 忸佻摸杜頻 怠津 嗜敖僧隣 CVS 嗅孛殿隣 @@ -99,12 +99,12 @@ 溶婆 佗啻墮 頒僧斌怖. 簗 榑亙 拝孃俎 踊 侑浜斗 嘖僧珍參力 通 FreeBSD 料旌僧錨 ncvs. - &prompt.root; pw groupadd ncvs + &prompt.root; pw groupadd ncvs 壮斗 忸 掴網隣 侑 佻溶殄 墨輿猟 &man.chown.8; 嗟杜不 很祖徒愧 拝孃侖 通 塹蒙墨 湟 掴汰很杜力馬 冒堊模覗: - &prompt.root; chown -R :ncvs path-to-your-repository + &prompt.root; chown -R :ncvs path-to-your-repository 塹 燐嵶 通 塹馬, 湟和 良穆 療 溶 攸佗噎彖墮 頒僧斌怖, 療 况妄决 淕杜詫 拝孃俎. @@ -141,7 +141,7 @@ CVSROOT 嗚椀敏嬖堙 徳別 FreeBSD 佻彭卮 彖柯 模冒蒙隣 (療冨妖療領挌) 墨佗: - &prompt.user; cvs -d path-to-your-repository checkout CVSROOT + &prompt.user; cvs -d path-to-your-repository checkout CVSROOT &prompt.user; cd CVSROOT &prompt.user; cp ../CVSROOT-freebsd/* . &prompt.user; cvs add * @@ -584,7 +584,7 @@ 單耐. 阻 湟 嫗田不途, 湟 徨 浜杜力 堊, 冒 忸 侑田佻盟覗棉, 攸堙 忸佻摸不 嗅田媽歸: - &prompt.user; cvs commit -m '- Initial FreeBSD scripts commit' + &prompt.user; cvs commit -m '- Initial FreeBSD scripts commit' @@ -594,7 +594,7 @@ avail, 湟和 嫗田不慯, 湟 徨 卅堆堊都 堊, 冒 嵒珍模嗹. - &prompt.user; cvs commit -f -m 'Forced commit to test the new CVSROOT scripts' avail + &prompt.user; cvs commit -f -m 'Forced commit to test the new CVSROOT scripts' avail 縒棉 徨 卅堆堊都, 佻敖卅很囘! 登賭 彖 浜電墫 卅堆堊摂叢 料嘖厦碧 嗚夘來 FreeBSD 通 彖枦馬 頒僧斌怖. 縒棉 @@ -694,7 +694,7 @@ &prompt.root; mv /usr/bin/cvs /usr/bin/ncvs &prompt.root; mv cvs /usr/bin/cvs -&prompt.root; chown root:ncvs /usr/bin/cvs /usr/bin/ncvs +&prompt.root; chown root:ncvs /usr/bin/cvs /usr/bin/ncvs &prompt.root; chmod o-rx /usr/bin/ncvs &prompt.root; chmod u-w,g+s /usr/bin/cvs @@ -718,7 +718,7 @@ 侑堙嘖敏彖墮 吐, 忸佻摸夫 侑瀕嫩不徒慘拱 墨様不 徳別 access: - &prompt.user; cvs commit -f -m 'Forced commit to test the new CVSROOT scripts' access + &prompt.user; cvs commit -f -m 'Forced commit to test the new CVSROOT scripts' access 嗄彖, 途棉 榑 療 嘔疎堊都, 侑彭曼堙, 侑宋斌慘 棉 泰棉 忸佻摸杜 徨 忸枦佚凖淺嗅杜隣 杼派. Modified: head/ru_RU.KOI8-R/articles/fbsd-from-scratch/article.xml ============================================================================== --- head/ru_RU.KOI8-R/articles/fbsd-from-scratch/article.xml Fri Jun 13 12:05:03 2014 (r45049) +++ head/ru_RU.KOI8-R/articles/fbsd-from-scratch/article.xml Fri Jun 13 14:53:24 2014 (r45050) @@ -253,7 +253,7 @@ 倉杯妖淋詫, 料侑浜賭 - &prompt.root; ./stage_1.sh default + &prompt.root; ./stage_1.sh default 怠津 嘲不掀壮 嘛論 墨瞭蒜孀礎廟 冨 徳別 @@ -326,7 +326,7 @@ 孑佚枸 忸佻摸斌 make buildkernel - KERNCONF=whatever + KERNCONF=whatever @@ -455,7 +455,7 @@ Do you wish to delete what is left of /v 嬲惣掀狙殄 料 墨瞭蒜孀礎貧領拱 徳別, 侑浜賭 - &prompt.root; ./stage_2.sh default + &prompt.root; ./stage_2.sh default 墨塹燮 怠津 嘲不掀壮 佚凖淌輪 佻參 冨 @@ -529,7 +529,7 @@ news inn-stable CONFIGURE_ARGS="-- 塹, 湟 忸 範塢堙 墨瞭蒜孀敏彖墮, 嗅田媽殄 侑腕壅 忸斛從: - &prompt.root; make -f stage_3.mk target + &prompt.root; make -f stage_3.mk target 訌 嗅孺租 stage_2.sh, 嫗田不途, 湟 徳別 Modified: head/ru_RU.KOI8-R/articles/fonts/article.xml ============================================================================== --- head/ru_RU.KOI8-R/articles/fonts/article.xml Fri Jun 13 12:05:03 2014 (r45049) +++ head/ru_RU.KOI8-R/articles/fonts/article.xml Fri Jun 13 14:53:24 2014 (r45050) @@ -741,7 +741,7 @@ EOF 麩敖訴堙 徳別 .afm 佻 堊墨 墨輿猟: -% gs -dNODISPLAY -q -- ttf2pf.ps TTF_name PS_font_name AFM_name +% gs -dNODISPLAY -q -- ttf2pf.ps TTF_name PS_font_name AFM_name 津嗹 TTF_name 和變挿租 彖 徳別 嗜 @@ -796,7 +796,7 @@ Converting 3of9.ttf to A.pfa and B.afm. % afmtodit -d DESC -e text.enc file.afm \ - generate/textmap PS_font_name + generate/textmap PS_font_name 津嗹 file.afm 况妄都嗔 徳別詫 Modified: head/ru_RU.KOI8-R/articles/geom-class/article.xml ============================================================================== --- head/ru_RU.KOI8-R/articles/geom-class/article.xml Fri Jun 13 12:05:03 2014 (r45049) +++ head/ru_RU.KOI8-R/articles/geom-class/article.xml Fri Jun 13 14:53:24 2014 (r45050) @@ -496,7 +496,7 @@ KMOD=geom_journal 侑惑卅様 凖杼都 冒防 北喪嗜 geom 妬 侑苗都嗔 孃卅很冱 怖都 舵駄貧堙釦 - geom_CLASSNAME.so + geom_CLASSNAME.so (墨塹卅 和掵力 料範追墫 /lib/geom). Modified: head/ru_RU.KOI8-R/articles/ipsec-must/article.xml ============================================================================== --- head/ru_RU.KOI8-R/articles/ipsec-must/article.xml Fri Jun 13 12:05:03 2014 (r45049) +++ head/ru_RU.KOI8-R/articles/ipsec-must/article.xml Fri Jun 13 14:53:24 2014 (r45050) @@ -99,7 +99,7 @@ 誅輿猟 - tcpdump -c 4000 -s 10000 -w dumpfile.bin + tcpdump -c 4000 -s 10000 -w dumpfile.bin 嗜頒僧不 4000 仭謀塹 徳別 dumpfile.bin. 珍領詫 侑浜賭 和滷 @@ -142,8 +142,8 @@ (7,18), 和掵力 嗜田瀕杜錨 — 徨吐 棉檜 29% (2,1). - &prompt.user; tcpdump -c 4000 -s 10000 -w ipsecdemo.bin -&prompt.user; uliscan ipsecdemo.bin + &prompt.user; tcpdump -c 4000 -s 10000 -w ipsecdemo.bin +&prompt.user; uliscan ipsecdemo.bin Uliscan 21 Dec 98 L=8 256 258560 Modified: head/ru_RU.KOI8-R/articles/mh/article.xml ============================================================================== --- head/ru_RU.KOI8-R/articles/mh/article.xml Fri Jun 13 12:05:03 2014 (r45049) +++ head/ru_RU.KOI8-R/articles/mh/article.xml Fri Jun 13 14:53:24 2014 (r45050) @@ -149,7 +149,7 @@ -&prompt.user; inc -host mail.pop.org -user username -norpop +&prompt.user; inc -host mail.pop.org -user username -norpop @@ -228,7 +228,7 @@ 侑腕冒良厦彖墮 佻湟忸 處彬 徃歪處妬 佻湟亙 從 FreeBSD 妥 瓶佻蒙斛彖良 墨輿猟 inc, 塹 榑 溶嵶 喞徒壮 墨輿猟亙 scan -file - /var/mail/username. 塹 溶嵶 + /var/mail/username. 塹 溶嵶 喞徒壮 明泰 徳別詫 届厖壮 mbox. @@ -564,7 +564,7 @@ which I am probably the guilty party).folder 瓶佻蒙旁都嗔 通 佚凖北折杜頻 妖崢 仭佶鼠, 蛭 嗽壮頻 忸從珍 蛭 嗤瓶冒. 啻溶 侑腕塹 嗅孺租 忸 溶崚堙 忸佻摸不 墨輿猟 folder - +newfolder, 忸 佚凖北折不途 料 + +newfolder, 忸 佚凖北折不途 料 仭佶 newfolder. 榑惑 溶妖淋 徨 彖柯 墨輿猟 MH 塢仭 comp, repl, scan show 怠蔦 忸佻摸冱慯 料 Modified: head/ru_RU.KOI8-R/articles/new-users/article.xml ============================================================================== --- head/ru_RU.KOI8-R/articles/new-users/article.xml Fri Jun 13 12:05:03 2014 (r45049) +++ head/ru_RU.KOI8-R/articles/new-users/article.xml Fri Jun 13 14:53:24 2014 (r45050) @@ -247,7 +247,7 @@ view - filename + filename 靉旌鰐囘 彖 侑腕溶墟都 徳別 ( 浜杜斗 @@ -260,7 +260,7 @@ cat - filename + filename 拂腺 嗜津雙浜賄 filename 料 榾卅. @@ -296,7 +296,7 @@ - apropos text + apropos text 咤, 湟 嗜津雙不 嘖厦釦 text @@ -305,7 +305,7 @@ - man text + man text 黌卅良蛋 嗤卅徊 佻 text. 塹 @@ -323,7 +323,7 @@ - which text + which text 靉冒崚, 冒墨 妖嘖 冨 輿叨簒堊 佻瓶冒 佻蒙斛彖堙妄 @@ -332,7 +332,7 @@ - locate text + locate text 單 輿叨簒壅, 把 料範追墫 嘖厦淤 @@ -341,7 +341,7 @@ - whatis text + whatis text 鑰瓶掀租, 湟 津盟都 墨輿猟 text @@ -351,7 +351,7 @@ - whereis text + whereis text 蛞都 徳別 text 忸珍T 佻摸拱 侖墮 @@ -369,7 +369,7 @@ script. 誅輿猟 more 佻旌鰐不 彖 淺堊墮 佻嘖卅良淮, 冒 DOS, 料侑浜賭, ls -l | moremore - filename. 料 + filename. 料 * 卅堆堊都 冒 和殄 杼駄藁—料侑浜賭, ls w* 忸珍嘖 佚凖淌輪 徳別, 料淺料摂蛭嗔 怠没 w. @@ -468,7 +468,7 @@ 簗 凖珍穆敏彖良 徳別 料妥夘堙 - &prompt.root; vi filename + &prompt.root; vi filename 霤凖鍔蒜訴堙嗹 佻 堙睦壞 侑 佻溶殄 北宋布 嗜 嘖凖緬鼠. @@ -541,7 +541,7 @@ - /text + /text 通 佚凖妖歸良 釦厶碗 料 text; @@ -560,7 +560,7 @@ - nG + nG 簗 佚凖範珍 嘖厦謀 n 徳別, @@ -589,7 +589,7 @@ 靉孃卅嵶冓堙嗹 凖珍穆碗詫 vi 嘛錬 掴輿枸斗 冒堊模播, 嗜敖宋 力忸 徳別 佻 墨輿猟 vi - filename, 掴汰很冪 嫩遡冪 堙睦, + filename, 掴汰很冪 嫩遡冪 堙睦, 嗜頒僧冪 徳別 忸旛彖 吐 嗄彖. 鯏珍穆碗 vi 侑登歪力喇 療墨塹燮 喟厥夘旛, 佻塹葉 湟 藁 料 啻溶 津姪 掴嘖壮淮 嗅嵶拱, 瀕惑珍 忸 溶崚堙 療侑宋斌慘 忸旌壮 墨輿猟, 墨塹卅 喞徒租 @@ -723,7 +723,7 @@ - rm filename + rm filename 嫩遡囘 filename. @@ -731,7 +731,7 @@ - rm -R dir + rm -R dir 嫩遡囘 冒堊模 dir 徨 吐 @@ -773,7 +773,7 @@ 釘 佻痛壮遡惑 侑 佻溶殄 墨輿猟 - &prompt.user; find /usr -name "filename" + &prompt.user; find /usr -name "filename" 溶崚堙 瓶佻蒙斛彖墮 * 冒淌嘖彭 杼駄藁 徇孕夘 @@ -799,7 +799,7 @@ 堊勃 Web-啻編 料範佃墫 卅斂扶隣 仭謀壅 佻參. 鰌墨從柘墸 卅嗷冒旛彖都嗔 堆姪 佻漬和力 塹, 冒 蛭 瓶佻蒙斛彖墮 (佻盲淺墮 仭謀, 途棉 藁 嗾歸嘖徼都, 墨輿猟亙 pkg_add - /cdrom/packages/All/packagename, + /cdrom/packages/All/packagename, 把 packagename 况妄都嗔 浜杜斗 徳別 仭謀堊). 鄙 CDROM 料範追墫 佚凖淮 仭謀塹 佻參 蛭 牧壮防揺 椀瓶僧頻揺 徳別組 cdrom/packages/index, Modified: head/ru_RU.KOI8-R/articles/pam/article.xml ============================================================================== --- head/ru_RU.KOI8-R/articles/pam/article.xml Fri Jun 13 12:05:03 2014 (r45049) +++ head/ru_RU.KOI8-R/articles/pam/article.xml Fri Jun 13 14:53:24 2014 (r45050) @@ -525,7 +525,7 @@ sshd password required p 虱杜彖良 溶蔦姪 FreeBSD 冒崢拱 妖帆良斃 凖遡冨嫖墫 堋徒慘詫 溶蔦姪 - 浜杜斗 pam_mechanism.so + 浜杜斗 pam_mechanism.so (料侑浜賭, pam_unix.so 通 妖帆良斃 &unix;.) 漬嫻蛭 凖遡冨礎頻 瀕惑珍 堋徒慘拇 溶蔦棉 瓶佻蒙旁脊嗔 通 卅變挌 佻柘瓶堙, 蛭 浜 徊明涸都嗔, 牧詫 料旌僧頻 妖帆良斃, 浜 Modified: head/ru_RU.KOI8-R/articles/portbuild/article.xml ============================================================================== --- head/ru_RU.KOI8-R/articles/portbuild/article.xml Fri Jun 13 12:05:03 2014 (r45049) +++ head/ru_RU.KOI8-R/articles/portbuild/article.xml Fri Jun 13 14:53:24 2014 (r45050) @@ -102,17 +102,17 @@ 霑謀壅 嗜舵卅脊嗔 惑卅良淌領亙 (chroot) 嘔田, 墨塹卅 卅旌碗挿夫租墫 嗚夘來詫 portbuild 冨 倉班彖 - ${arch}/${branch}/tarballs/bindist.tar. + ${arch}/${branch}/tarballs/bindist.tar. 塹 倉班 嗜敖租墫 侑 佻溶殄 嗚夘來 mkbindist, 墨瞭蒜孀礎頻 墨塹厦馬 椀瓶掀租墫 徳別詫 - ${arch}/${branch}/mkbindist.conf. + ${arch}/${branch}/mkbindist.conf. 麕夘來 掴網杜 攸侖嗚壮慯 侑宋鼠 佻蒙斛彖堙妄 root 嗅田媽殄揺 仭卅妖墟鼠: - /var/portbuild&prompt.root; scripts/mkbindist ${arch} ${branch} + /var/portbuild&prompt.root; scripts/mkbindist ${arch} ${branch} 靤 嬲惣僧鰭 徳別 mkbindist.conf 仭卅妖墟 ftp=1 祖凖啻 @@ -133,10 +133,10 @@ 津盟都嗔 侑 佻溶殄 嗚夘來 makeworld: - /var/portbuild&prompt.root; scripts/makeworld ${arch} ${branch} [-nocvs] + /var/portbuild&prompt.root; scripts/makeworld ${arch} ${branch} [-nocvs] 堊 墨輿猟 嗜妥凖 喇嘖斗 料 汰敕 瓶範栂挌 堙睦塹 津凖彭 - ${arch}/${branch}/src + ${arch}/${branch}/src 孑堊力徂 電 ${worlddir}. 蚌範栂拇 堙睦壅 怠蔦 和力很杜, 途棉 療 嬲惣僧 仭卅妖墟 -nocvs. @@ -197,7 +197,7 @@ 料 dopackages.wrapper. 輜杯 泰墮 嬲惣僧 洋惑淺嗅杜隣 仭卅妖墟, 料侑浜賭: - dopackages.6 ${arch} [-options] + dopackages.6 ${arch} [-options] [-options] 溶崚 泰墮 侑鷲旌鰐慘挈 料堆厦 冨 嗅田媽殄 椀檀: @@ -349,7 +349,7 @@ 療 嗷挂遡嗔 料 侖嘖拇 佻痛壮遡惑. 腕和杜力嘖 榑 彖嵶 通 啾碗防 彭墸 -exp. 縒棉 侑話途 啾碗防 和料簒嵒彖都 侖嘖亙 冒堊模, 和 徳旛 啾碗防 徨墨凖 腕堊力徘墫. 靤 榑詫 徳別 - ${arch}/${branch}/make.[0|1] + ${arch}/${branch}/make.[0|1] 怠津 攸佗啻力 嗜和歸良 和 柯陀 侑浜賭力 堊墨馬 徂珍: @@ -432,7 +432,7 @@ [*] 鯏旁蒙堊壅 忸佻摸杜頻 榑蛭 杼馬 攸佗噎彖脊嗔 徳別 - ${arch}/${branch}/build.log, + ${arch}/${branch}/build.log, 堊勃 嘖僧珍參隣 忸從 通 柯堆 墨林鰐, 墨塹厦 攸侖嗚遡嗔 嗚夘來 dopackages. @@ -440,13 +440,13 @@ 侑屠卅歔都嗔. [++] 鯏旁蒙堊壅 忸佻摸杜頻 佗柎墫 徳別 - ${arch}/${branch}/make.[0|1], + ${arch}/${branch}/make.[0|1], 把 make.0 嗜墸都嘖徼都 佚叟亙, make.1 徭碗亙 徳敕 啾碗防. 孀料儲 啾碗防 堋徒慘挌 佻參 攸佗噎彖脊嗔 徳別 - ${arch}/${branch}/logs, + ${arch}/${branch}/logs, 嶮厠遡 佻參, 嗜岱宋柯飯 療嫩挿力, - ${arch}/${branch}/errors. + ${arch}/${branch}/errors. 鯀療 冨 凖佻敝塹夘 冨很屠遡腕 堊勃 津凖從 掴釦妖淋礎鰭; @@ -467,7 +467,7 @@ &prompt.user; killall -HUP sh ssh make 珍棉堙 徳別 - ${arch}/lock + ${arch}/lock 佚凖 堙, 冒 佚凖攸侖嘖不 啾碗釦. @@ -476,7 +476,7 @@ 麑砥杜錨 攸 侑話途嗜 誅輿猟 - scripts/stats ${branch} + scripts/stats ${branch} 佻冒旛彖都 墨棉淌嘖從 嗜岱僧隣 料 料嘖湾殄 溶妖淋 仭謀塹. 誅輿猟 cat /var/portbuild/*/loads/* @@ -484,7 +484,7 @@ 攸侖歸領挌 料 良. 捐鰐療良 - tail -f ${arch}/${branch}/build.log + tail -f ${arch}/${branch}/build.log 侑歪斗藁嘖夘簒都 和歸 嗜嘖湾良 侑話途啻 啾碗防. 嗅孺租, 途棉 佻參 療 嗜舵卅都嗔, 冨 模馬 療 佻倫堽 侑扶瀕 @@ -493,7 +493,7 @@ 簗 榑惑 嗜敖訴堙 徳別 .keep 冒堊模播 佻參. 靤 嗅田媽歸 啾碗謀 佻參 北喪堙厦 倉班 WRKDIR 怠津 佻妖歸 徳別 - ${arch}/${branch}/wrkdirs. + ${arch}/${branch}/wrkdirs. 麑田不 攸 忸從掴 墨輿猟 &man.df.1;. 縒棉 徳別彖 喇嘖斗, @@ -527,11 +527,11 @@ 壮斗, 料 榑双 読料蒙力 和卅堆塰, 嗜妥夘堙 嗤瓶亘 徳別 侑 佻溶殄 墨輿猟 - &prompt.user; cd ${arch}/${branch} -&prompt.user; find distfiles > distfiles-${release} + &prompt.user; cd ${arch}/${branch} +&prompt.user; find distfiles > distfiles-${release} 塹 徳別 和掵力 墨佗簒脊 冒堊模 - i386/${branch} + i386/${branch} 婆宋力 輿柯隣 北喪堙卅. 篩領叢 侑話田孀 佻溶覗都 淺嘖不 墨熔姪穆 追嘖夘怠塢徇挌 倉班從, @@ -541,12 +541,12 @@ 靉嗅 墨佗厦彖良 追嘖夘怠塢從 (嗟. 良崚) 料掴 嗜敖壮 亘藁涸堙蒙隣 墨熔姪穆 仭謀塹 通 凖棉攸. 簗 佻摸惑 嗤亘亙嘖徂, 攸侖嘖不 嗚夘來 - ${arch}/${branch}/cdrom.sh + ${arch}/${branch}/cdrom.sh 徠孺燐, 湟和 泰墮 孥賭杜隣, 湟 徨 仭謀壅 惑卅良淌領惑 卅嗤厦嘖卅療良 蛭 瓶範栂拇 倉班忸 嫩遡杜. 壮斗 嗚椀敏嬖堙 冒堊模 - ${arch}/${branch}/packages + ${arch}/${branch}/packages - ${arch}/${branch}/packages-${release}. + ${arch}/${branch}/packages-${release}. 靉嗅 塹馬, 冒 仭謀壅 佚凖模崚隣 料津嵶賄 妖嘖, 嘛冰不途 拝孃佻 &a.re; 嗜和殄堙 浜 卅嗤鰐崚良 読料蒙力馬 墨熔姪穆 仭謀塹. @@ -585,12 +585,12 @@ 霑謀壅 溶嵶 墨佗厦彖墮 從 徠斗杜燐 和盟嘖 料 ftp-master 侑浜賭力 堊墨 墨輿猟亙: - &prompt.root; cd /var/portbuild/${arch}/${branch} -&prompt.root; tar cfv - packages/ | ssh portmgr@ftp-master tar xfC - w/ports/${arch}/tmp/${branch} + &prompt.root; cd /var/portbuild/${arch}/${branch} +&prompt.root; tar cfv - packages/ | ssh portmgr@ftp-master tar xfC - w/ports/${arch}/tmp/${branch} 壮斗, 料 輿柯療 ftp-master, 嫗田不途, 湟 料堆 仭謀塹 嗚椀敏彖 墨厰屠堽, 嫩遡不 嘖倉拱 料堆 (冨 冒堊模覗 - ~/w/ports/${arch}), + ~/w/ports/${arch}), 佚凖妖嘖不 力忸 料 吐 妖嘖. 酖墨塹燮 冒堊模派 料 ftp-master 料 啻溶 津姪 @@ -602,12 +602,12 @@ rsync. 阻 踊 療 嗜敖腺 喇蒙力 攸拝孳防 料 敕卷遡組: - &prompt.root; rsync -n -r -v -l -t -p --delete packages/ portmgr@ftp-master:w/ports/${arch}/${branch}/ | tee log + &prompt.root; rsync -n -r -v -l -t -p --delete packages/ portmgr@ftp-master:w/ports/${arch}/${branch}/ | tee log 簓嘖夘怠塢徇拇 倉班忸 墨佗簒脊嗔 侑 佻溶殄 墨輿猟 rsync: - &prompt.root; cd /var/portbuild/${arch}/${branch} + &prompt.root; cd /var/portbuild/${arch}/${branch} &prompt.root; rsync -r -v -l -p -c -n distfiles/ portmgr@ftp-master:w/ports/distfiles/ | tee log 黼舮 通 料涸盟 瓶佻蒙旁編 北折 Modified: head/ru_RU.KOI8-R/articles/problem-reports/article.xml ============================================================================== --- head/ru_RU.KOI8-R/articles/problem-reports/article.xml Fri Jun 13 12:05:03 2014 (r45049) +++ head/ru_RU.KOI8-R/articles/problem-reports/article.xml Fri Jun 13 14:53:24 2014 (r45050) @@ -763,8 +763,8 @@ &man.sh.1; 斌 &man.mount.8;, 塹 彖 侑砥津 徨吐 療和範追溶 椀凖津棉墮 侑瀕祖姪嵶腕墮 侑惑卅様 汰斛從 喇嘖斗 斌 孑堊力徊 冨 墨面屠檀 佻參. 縒棉 忸 療 孥賭杜, - 忸佻摸不 墨輿猟 whereis 浜 - 侑惑卅様. &os; 通 墨面屠檀 佻參 + 忸佻摸不 墨輿猟 whereis 浜 + 侑惑卅様. &os; 通 墨面屠檀 佻參 嗾歸嘖徼都 掴馬從凖領腕墮: 孑堊力徊 彭津墫 /usr/local, 歪料墨 榑 溶崚 泰墮 佚凖椀凖津姪力 喇嘖斗隣 祖揺良嘖卅塹厦. 簗 堊防 侑惑卅様 嗅田嫖 瓶佻蒙斛彖墮 冒堙馬夘 ports (珍崚 @@ -802,7 +802,7 @@ 縒棉 侑和姪輿 淌-塹 冨 佻參, 料旛彖斗惑 - www/someportname + www/someportname , 塹 藁 徨 崚 侑瀕祖姪嵒 冒堙馬夘 ports. Modified: head/ru_RU.KOI8-R/articles/releng/article.xml ============================================================================== --- head/ru_RU.KOI8-R/articles/releng/article.xml Fri Jun 13 12:05:03 2014 (r45049) +++ head/ru_RU.KOI8-R/articles/releng/article.xml Fri Jun 13 14:53:24 2014 (r45050) @@ -251,11 +251,11 @@ 麩敖僧錨 彭塰 凖棉攸 訌 嗚惣僧 從 忻歪力 涸嘖, 彭塰 - RELENG_X_Y + RELENG_X_Y 况妄都嗔 嘔宋良堙蒙力 力忸 掴汰很杜錨 料枦 妖塹掴模派 佻椎塹徊 凖棉斛. 霤叟挈 杼馬 嗜敖僧鰭 榑亙 彭塰 况妄都嗔 侑彭卷 塹馬, 湟 忸 卅堆堊都 啻溶 佻嗅田療 彭厶錨 瓶範栂挌 - 堙睦塹 RELENG_X, 冨 + 堙睦塹 RELENG_X, 冨 墨塹厦 忸 範塢堙 嗜敖壮 力徼 彭塰. /usr/src&prompt.root; cvs update -rRELENG_4 -P -d @@ -271,7 +271,7 @@ 蚌佻蒙斛彖良 壗馬 - RELENG_* 卅斷奴杜 + RELENG_* 卅斷奴杜 塹蒙墨 妖療綴賭鼠 CVS 孺喪堽彬鼠 拝孃俎 佻 忸侖嗚 凖棉斛. @@ -468,7 +468,7 @@ - doc/share/images/articles/releng/branches-relengX.pic + doc/share/images/articles/releng/branches-relengX.pic @@ -540,7 +540,7 @@ 嗜敖僧頻 佻嗅田良 壗馬 溶崚 佻墟殿彖墮嗔 徇途杜錨 瓶侑宋姪良. 鄙 侑阻塢謀 榑 療 况妄都嗔 侑和姪溶, 堊 冒 CVS 佻旌鰐囘 忸佻摸冱 輿良侖妄檀 壗覗揺 佻 墨輿猟 cvs - tag -d tagname filename. 閘杜 + tag -d tagname filename. 閘杜 彖嵶, 湟和 徨 佻嗅田良 冨妖療良 泰棉 佻妖淌隣 嗜墸都嘖徼摂浜 壗馬, 冒 涸嘖 凖棉攸. 鯏棉旛 &os; 掴網隣 泰墮 徨吐珍 佻徭碗囘踊揺. 賚冒蒙隣 冨妖療良 仭卅妖墟 亘簒崚良 忸侖嗚狙歸馬 @@ -839,7 +839,7 @@ - /pub/FreeBSD/releases/arch/X.Y-RELEASE/ + /pub/FreeBSD/releases/arch/X.Y-RELEASE/ 嘖僧從淮拱 冒堊模 FTP, 佻盲涸斗拱 佻 墨輿猟 make @@ -848,7 +848,7 @@ - /pub/FreeBSD/ports/arch/packages-X.Y-release/ + /pub/FreeBSD/ports/arch/packages-X.Y-release/ 靉摸拱 墨熔姪穆 佻嘖厦杜隣 仭謀塹 通 榑惑 凖棉攸. @@ -856,7 +856,7 @@ - /pub/FreeBSD/releases/arch/X.Y-RELEASE/tools + /pub/FreeBSD/releases/arch/X.Y-RELEASE/tools 麌要鰐扶途冒 嗷挂冒 料 @@ -865,16 +865,16 @@ - /pub/FreeBSD/releases/arch/X.Y-RELEASE/packages + /pub/FreeBSD/releases/arch/X.Y-RELEASE/packages 麌要鰐扶途冒 嗷挂冒 料 - ../../../ports/arch/packages-X.Y-release. + ../../../ports/arch/packages-X.Y-release. - /pub/FreeBSD/releases/arch/ISO-IMAGES/X.Y/X.Y-RELEASE-arch-*.iso + /pub/FreeBSD/releases/arch/ISO-IMAGES/X.Y/X.Y-RELEASE-arch-*.iso ISO-和卅旛. 津嗹 * 榑 Modified: head/ru_RU.KOI8-R/articles/solid-state/article.xml ============================================================================== --- head/ru_RU.KOI8-R/articles/solid-state/article.xml Fri Jun 13 12:05:03 2014 (r45049) +++ head/ru_RU.KOI8-R/articles/solid-state/article.xml Fri Jun 13 14:53:24 2014 (r45050) @@ -205,12 +205,12 @@ pseudo-device md # memory 明堆 溶妖淋 溶崚 泰墮 喞徒僧 掴嘖孃力 佻 湟杜廟 攸佗喇 忸珍淌 墨輿猟: - &prompt.root; /sbin/mount -uw partition + &prompt.root; /sbin/mount -uw partition 溶崚 泰墮 從旌卅歸料 凖嵒葉 掴嘖孃 塹蒙墨 通 湟杜頻 佻 堊墨 墨輿猟: - &prompt.root; /sbin/mount -ur partition + &prompt.root; /sbin/mount -ur partition @@ -446,7 +446,7 @@ pseudo-device md # memory 篩姪 嘖壮愿 佻漬惣嬪砺租墫, - 湟 Apache 嗜頒僧囘 嘛鷲 模 徳別 冒堊模 apache_log_dir + 湟 Apache 嗜頒僧囘 嘛鷲 模 徳別 冒堊模 apache_log_dir 徇 冒堊模覗 /var. 誅把 榑 冒堊模 卅嗤鰐崚 料 徳別從 喇嘖斗, 嗟藁塢厦彖領亙 凖嵒妖 塹蒙墨 通 湟杜頻, Apache 療 嗟崚 嗜頒僧冱 模 徳別, 湟 嘛論 淌凖椿 @@ -454,7 +454,7 @@ pseudo-device md # memory 療和範追溶 掴汰徂墮 力忸 冒堊模 嗤瓶釦 冒堊模馬 冨 /etc/rc.d/var 通 蛭 嗜敖僧頻 冒堊模播 /var 嘛凉壮 - apache_log_dir + apache_log_dir /var/log/apache. 醺嵶 堊勃 攸珍墮 侑宋 掴嘖孃 很祖徒愧 力從馬 冒堊模覗. @@ -469,11 +469,11 @@ pseudo-device md # memory &prompt.root; chown nobody:nobody /var/log/apache 料墨療, 嫩遡不 嗾歸嘖徼摂品 冒堊模 - apache_install/logs + apache_install/logs 攸妖良堙 吐 嗷挂墨: - &prompt.root; rm -rf apache_log_dir -&prompt.root; ln -s apache_log_dir + &prompt.root; rm -rf apache_log_dir +&prompt.root; ln -s apache_log_dir Modified: head/ru_RU.KOI8-R/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/ru_RU.KOI8-R/books/handbook/advanced-networking/chapter.xml Fri Jun 13 12:05:03 2014 (r45049) +++ head/ru_RU.KOI8-R/books/handbook/advanced-networking/chapter.xml Fri Jun 13 14:53:24 2014 (r45050) @@ -562,7 +562,7 @@ route_internalnet2="-net 192.168.2.0/24 途墮 塹蒙墨 歪料 嘖厦冒, 榑 internalnet2. 壮斗 踊 掴汰徂棉 佚凖妖領媽 - route_internalnet2, + route_internalnet2, 釦珍 佻妖歸隣 徨 仭卅妖墟, 墨塹燮 療和範追溶 佚凖珍墮 墨輿猟 &man.route.8;. 侑浜賭 忸枦 泰盟 瓶佻蒙斛彖料 墨輿猟: @@ -855,7 +855,7 @@ wi0: flags=8843<UP,BROADCAST,RUNNING, 掴嘖孃: -&prompt.root; ifconfig wi0 ssid my_net channel 11 media DS/11Mbps mediaopt hostap up stationname "FreeBSD AP" +&prompt.root; ifconfig wi0 ssid my_net channel 11 media DS/11Mbps mediaopt hostap up stationname "FreeBSD AP" 黌厦淤 &man.ifconfig.8; 阻塢徂敝簒都 瀕堙卞妬 @@ -954,7 +954,7 @@ wi0: flags=8843<UP,BROADCAST,RUNNING, 登賭 踊 溶崚 冨妖良墮 料嘖厦碧 祖双堙卅 料 堙, 湟 嗜墸都嘖徼脊 料枦 單塢: - &prompt.root; ifconfig wi0 inet 192.168.0.20 netmask 255.255.255.0 ssid my_net + &prompt.root; ifconfig wi0 inet 192.168.0.20 netmask 255.255.255.0 ssid my_net 鼠杜不 192.168.0.20 255.255.255.0 料 侑宋斌慘拇 IP-祖凖 單堙徼 輿嗚 彖枦 侑從栂亙 單塢. 双詫良堙, 湟 料杼 塹淤 @@ -1023,11 +1023,11 @@ wi0: flags=8843<UP,BROADCAST,RUNNING, 鑪 盲渟, 淌 良淌馬, 堊 湟 瓶佻蒙旁編 嗅田媽殳 墨輿猟 通 徊明淌良 WEP 彖枦 力從 塹淤 掴嘖孃 FreeBSD: - &prompt.root; ifconfig wi0 inet up ssid my_net wepmode on wepkey 0x1234567890 media DS/11Mbps mediaopt hostap + &prompt.root; ifconfig wi0 inet up ssid my_net wepmode on wepkey 0x1234567890 media DS/11Mbps mediaopt hostap 溶崚堙 徊明淺墮 WEP 料 北錨淋 嗅田媽歸 墨輿猟亙: - &prompt.root; ifconfig wi0 inet 192.168.0.20 netmask 255.255.255.0 ssid my_net wepmode on wepkey 0x1234567890 + &prompt.root; ifconfig wi0 inet 192.168.0.20 netmask 255.255.255.0 ssid my_net wepmode on wepkey 0x1234567890 鑚妖墮堙, 湟 忸 掴網隣 攸妖良墮 0x1234567890 料 堆姪 嬶彬遡慘拱 北折. @@ -1209,15 +1209,15 @@ wi0: flags=8843<UP,BROADCAST,RUNNING, &windows;: &prompt.root; cd /usr/src/sys/modules/if_ndis -&prompt.root; cp /path/to/driver/W32DRIVER.SYS ./ -&prompt.root; cp /path/to/driver/W32DRIVER.INF ./ +&prompt.root; cp /path/to/driver/W32DRIVER.SYS ./ +&prompt.root; cp /path/to/driver/W32DRIVER.INF ./ 登賭 瓶佻蒙旁編 孕斌不 ndiscvt 通 嗜敖僧頻 攸馬模徊 椀凖津姪良 漬訴彭卅 ndis_driver_data.h 佚凖 啾碗墨 溶蔦妄: - &prompt.root; ndiscvt -i W32DRIVER.INF -s W32DRIVER.SYS -o ndis_driver_data.h + &prompt.root; ndiscvt -i W32DRIVER.INF -s W32DRIVER.SYS -o ndis_driver_data.h 霑卅妖墟 攸珍脊 嗜墸都嘖彭領 徳別 料嘖厦碧 舵料厠拱 徳別. 輾 瓶佻蒙旁斗 @@ -2359,7 +2359,7 @@ subnet 192.168.4.0 netmask 255.255.255.0 變挿杜頻 津北倉礎品 host 冒 浜 範嘖 通 妥敖瓶墨從 輿柯隣. 疚慥賭料塢徇挈 嗤腕和詫 泰模 泰 掴汰很杜錨 option host-name - margaux 徇孕夘 和瀾很杜品 + margaux 徇孕夘 和瀾很杜品 host. @@ -2476,7 +2476,7 @@ margaux:ha=0123456789ab:tc=.def100 Etherboot 料妥夘堙: -&prompt.root; gmake bin32/devicetype.fd0 +&prompt.root; gmake bin32/devicetype.fd0 devicetype 攸徂喇 塢仭 祖双堙卅 @@ -2707,7 +2707,7 @@ cd /usr/src/etc; make distribution - &prompt.root; dd if=/dev/zero of=/path/to/swapfile bs=1k count=1 oseek=100000 + &prompt.root; dd if=/dev/zero of=/path/to/swapfile bs=1k count=1 oseek=100000 簗 阻塢彖檀 榑惑 徳別 佻痛挿防 嗅田嫖 掴汰徂墮 徳別 rc.conf 嘖厦釦 @@ -3901,8 +3901,8 @@ round-trip min/avg/max/stddev = 2.530/2. &prompt.root; ifconfig gif0 create &prompt.root; ifconfig gif0 gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280 -&prompt.root; ifconfig gif0 tunnel MY_IPv4_ADDR MY_IPv4_REMOTE_TUNNEL_ENDPOINT_ADDR -&prompt.root; ifconfig gif0 inet6 alias MY_ASSIGNED_IPv6_TUNNEL_ENDPOINT_ADDR MY_IPv6_REMOTE_TUNNEL_ENDPOINT_ADDR +&prompt.root; ifconfig gif0 tunnel MY_IPv4_ADDR MY_IPv4_REMOTE_TUNNEL_ENDPOINT_ADDR +&prompt.root; ifconfig gif0 inet6 alias MY_ASSIGNED_IPv6_TUNNEL_ENDPOINT_ADDR MY_IPv6_REMOTE_TUNNEL_ENDPOINT_ADDR 鼠杜不 嗅彖, 料佗啻領拇 攸婆宋隣揺 怠没鼠, 瀕届厖礎錨, 墨塹簒 彖 珍 忸枦嘖湾殄 孳徒 6bone. @@ -3924,7 +3924,7 @@ gif0: flags=8010<POINTOPOINT,MULTICAS 6bone 掴網料 泰墮 彭嗹輿 侑腕堊: &prompt.root; route add -inet6 default -interface gif0 -&prompt.root; ping6 -n MY_UPLINK +&prompt.root; ping6 -n MY_UPLINK &prompt.root; traceroute6 www.jp.FreeBSD.org (3ffe:505:2008:1:2a0:24ff:fe57:e561) from 3ffe:8060:100::40:2, 30 hops max, 12 byte packets Modified: head/ru_RU.KOI8-R/books/handbook/basics/chapter.xml ============================================================================== --- head/ru_RU.KOI8-R/books/handbook/basics/chapter.xml Fri Jun 13 12:05:03 2014 (r45049) +++ head/ru_RU.KOI8-R/books/handbook/basics/chapter.xml Fri Jun 13 14:53:24 2014 (r45050) @@ -1788,7 +1788,7 @@ total 530 FILE, 攸堙 掴汰徂 侑宋 料 忸佻摸杜錨 通 徨堵: - &prompt.user; chmod go-w,a+x FILE + &prompt.user; chmod go-w,a+x FILE AKTUELLE VERSIONEN From owner-svn-doc-all@FreeBSD.ORG Fri Jun 13 18:34:19 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 95A18D9C; Fri, 13 Jun 2014 18:34:19 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 67F1C2925; Fri, 13 Jun 2014 18:34:19 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5DIYJZ5053938; Fri, 13 Jun 2014 18:34:19 GMT (envelope-from jkois@svn.freebsd.org) Received: (from jkois@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5DIYItm053935; Fri, 13 Jun 2014 18:34:18 GMT (envelope-from jkois@svn.freebsd.org) Message-Id: <201406131834.s5DIYItm053935@svn.freebsd.org> From: Johann Kois Date: Fri, 13 Jun 2014 18:34:18 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45053 - in head/de_DE.ISO8859-1: htdocs share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jun 2014 18:34:19 -0000 Author: jkois Date: Fri Jun 13 18:34:18 2014 New Revision: 45053 URL: http://svnweb.freebsd.org/changeset/doc/45053 Log: The German version of the security pages is outdated. Relink to the original version until it is updated again. Modified: head/de_DE.ISO8859-1/htdocs/index.xsl head/de_DE.ISO8859-1/share/xml/header.l10n.ent head/de_DE.ISO8859-1/share/xml/navibar.l10n.ent Modified: head/de_DE.ISO8859-1/htdocs/index.xsl ============================================================================== --- head/de_DE.ISO8859-1/htdocs/index.xsl Fri Jun 13 17:55:41 2014 (r45052) +++ head/de_DE.ISO8859-1/htdocs/index.xsl Fri Jun 13 18:34:18 2014 (r45053) @@ -90,7 +90,7 @@ href="&u.betarel2.schedule;">&betarel2.current;
          • Untersttzte + href="&enbase;/security/security.html#sup">Untersttzte FreeBSD-Versionen
            • Modified: head/de_DE.ISO8859-1/share/xml/header.l10n.ent ============================================================================== --- head/de_DE.ISO8859-1/share/xml/header.l10n.ent Fri Jun 13 17:55:41 2014 (r45052) +++ head/de_DE.ISO8859-1/share/xml/header.l10n.ent Fri Jun 13 18:34:18 2014 (r45053) @@ -78,7 +78,7 @@ Modified: head/de_DE.ISO8859-1/share/xml/navibar.l10n.ent ============================================================================== --- head/de_DE.ISO8859-1/share/xml/navibar.l10n.ent Fri Jun 13 17:55:41 2014 (r45052) +++ head/de_DE.ISO8859-1/share/xml/navibar.l10n.ent Fri Jun 13 18:34:18 2014 (r45053) @@ -148,7 +148,7 @@
          • Verschiedenes
            • -
          • Sicherheit +
          • Sicherheit
            • Advisories
            • Errata Notices
              • From owner-svn-doc-all@FreeBSD.ORG Fri Jun 13 23:33:18 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AA605DBC; Fri, 13 Jun 2014 23:33:18 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7D7E52219; Fri, 13 Jun 2014 23:33:18 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5DNXIjb091483; Fri, 13 Jun 2014 23:33:18 GMT (envelope-from shurd@svn.freebsd.org) Received: (from shurd@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5DNXHrT091479; Fri, 13 Jun 2014 23:33:17 GMT (envelope-from shurd@svn.freebsd.org) Message-Id: <201406132333.s5DNXHrT091479@svn.freebsd.org> From: Stephen Hurd Date: Fri, 13 Jun 2014 23:33:17 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45055 - in head: en_US.ISO8859-1/articles/contributors share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jun 2014 23:33:18 -0000 Author: shurd (ports committer) Date: Fri Jun 13 23:33:17 2014 New Revision: 45055 URL: http://svnweb.freebsd.org/changeset/doc/45055 Log: Added: - my author entity - myself as a committer Removed: - myself as an additional contributor Approved by: db (mentor) Modified: head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml head/share/xml/authors.ent Modified: head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Fri Jun 13 22:36:22 2014 (r45054) +++ head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Fri Jun 13 23:33:17 2014 (r45055) @@ -9634,11 +9634,6 @@ - Stephen Hurd - admin@nix.synchro.net - - - Stephen J. Roznowski sjr@home.net Modified: head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Fri Jun 13 22:36:22 2014 (r45054) +++ head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Fri Jun 13 23:33:17 2014 (r45055) @@ -531,6 +531,10 @@ + &a.shurd.email; + + + &a.davide.email; Modified: head/share/xml/authors.ent ============================================================================== --- head/share/xml/authors.ent Fri Jun 13 22:36:22 2014 (r45054) +++ head/share/xml/authors.ent Fri Jun 13 23:33:17 2014 (r45055) @@ -1911,6 +1911,9 @@ shin@FreeBSD.org"> + +shurd@FreeBSD.org"> + silby@FreeBSD.org"> From owner-svn-doc-all@FreeBSD.ORG Fri Jun 13 23:38:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9698117C; Fri, 13 Jun 2014 23:38:12 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 842272242; Fri, 13 Jun 2014 23:38:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5DNcCue092271; Fri, 13 Jun 2014 23:38:12 GMT (envelope-from shurd@svn.freebsd.org) Received: (from shurd@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5DNcBgN092268; Fri, 13 Jun 2014 23:38:11 GMT (envelope-from shurd@svn.freebsd.org) Message-Id: <201406132338.s5DNcBgN092268@svn.freebsd.org> From: Stephen Hurd Date: Fri, 13 Jun 2014 23:38:11 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45056 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jun 2014 23:38:12 -0000 Author: shurd (ports committer) Date: Fri Jun 13 23:38:11 2014 New Revision: 45056 URL: http://svnweb.freebsd.org/changeset/doc/45056 Log: Added: - my PGP key Approved by: db (mentor) Added: head/share/pgpkeys/shurd.key (contents, props changed) Modified: head/share/pgpkeys/pgpkeys-developers.xml head/share/pgpkeys/pgpkeys.ent Modified: head/share/pgpkeys/pgpkeys-developers.xml ============================================================================== --- head/share/pgpkeys/pgpkeys-developers.xml Fri Jun 13 23:33:17 2014 (r45055) +++ head/share/pgpkeys/pgpkeys-developers.xml Fri Jun 13 23:38:11 2014 (r45056) @@ -786,6 +786,11 @@ &pgpkey.chinsan; + + &a.shurd.email; + &pgpkey.shurd; + + &a.davide.email; &pgpkey.davide; Modified: head/share/pgpkeys/pgpkeys.ent ============================================================================== --- head/share/pgpkeys/pgpkeys.ent Fri Jun 13 23:33:17 2014 (r45055) +++ head/share/pgpkeys/pgpkeys.ent Fri Jun 13 23:38:11 2014 (r45056) @@ -387,6 +387,7 @@ + Added: head/share/pgpkeys/shurd.key ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/pgpkeys/shurd.key Fri Jun 13 23:38:11 2014 (r45056) @@ -0,0 +1,42 @@ + + + +sub 2048R/DA5C47503253C094 2014-06-11 [expires: 2017-06-10] + +]]> + From owner-svn-doc-all@FreeBSD.ORG Fri Jun 13 23:53:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E44606A1; Fri, 13 Jun 2014 23:53:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D26E123C6; Fri, 13 Jun 2014 23:53:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5DNraTw000622; Fri, 13 Jun 2014 23:53:36 GMT (envelope-from shurd@svn.freebsd.org) Received: (from shurd@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5DNra5v000621; Fri, 13 Jun 2014 23:53:36 GMT (envelope-from shurd@svn.freebsd.org) Message-Id: <201406132353.s5DNra5v000621@svn.freebsd.org> From: Stephen Hurd Date: Fri, 13 Jun 2014 23:53:36 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45057 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jun 2014 23:53:37 -0000 Author: shurd (ports committer) Date: Fri Jun 13 23:53:36 2014 New Revision: 45057 URL: http://svnweb.freebsd.org/changeset/doc/45057 Log: Added: - news item announcing my commit bit Approved by: db (mentor) Modified: head/share/xml/news.xml Modified: head/share/xml/news.xml ============================================================================== --- head/share/xml/news.xml Fri Jun 13 23:38:11 2014 (r45056) +++ head/share/xml/news.xml Fri Jun 13 23:53:36 2014 (r45057) @@ -32,6 +32,20 @@ 2014 + 6 + + + 11 + + +

              New committer: + Stephen Hurd + (ports)

              +               +               +               + + 5 From owner-svn-doc-all@FreeBSD.ORG Sat Jun 14 00:15:03 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0078A144; Sat, 14 Jun 2014 00:15:02 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E286025B5; Sat, 14 Jun 2014 00:15:02 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5E0F2qJ011509; Sat, 14 Jun 2014 00:15:02 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5E0F20q011508; Sat, 14 Jun 2014 00:15:02 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406140015.s5E0F20q011508@svn.freebsd.org> From: Glen Barber Date: Sat, 14 Jun 2014 00:15:02 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45058 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 14 Jun 2014 00:15:03 -0000 Author: gjb Date: Sat Jun 14 00:15:02 2014 New Revision: 45058 URL: http://svnweb.freebsd.org/changeset/doc/45058 Log: Add BETA3 to the schedule, and note that the builds started on time. BETA3 was left out of the original schedule intentionally, as it was an if-needed build (which is why there was such a large timespan between BETA2 and the releng/9.3 branch). Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Fri Jun 13 23:53:36 2014 (r45057) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Sat Jun 14 00:15:02 2014 (r45058) @@ -93,6 +93,13 @@
            • + + + + + + + From owner-svn-doc-all@FreeBSD.ORG Fri Jun 13 22:36:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 055F9358; Fri, 13 Jun 2014 22:36:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E69F42D64; Fri, 13 Jun 2014 22:36:22 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5DMaMuE064265; Fri, 13 Jun 2014 22:36:22 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5DMaMec064264; Fri, 13 Jun 2014 22:36:22 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201406132236.s5DMaMec064264@svn.freebsd.org> From: Ryusuke SUZUKI Date: Fri, 13 Jun 2014 22:36:22 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45054 - head/ja_JP.eucJP/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Sat, 14 Jun 2014 01:50:59 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jun 2014 22:36:23 -0000 Author: ryusuke Date: Fri Jun 13 22:36:22 2014 New Revision: 45054 URL: http://svnweb.freebsd.org/changeset/doc/45054 Log: - Merge the following from the English version: r44775 -> r44776 head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Fri Jun 13 18:34:18 2014 (r45053) +++ head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Fri Jun 13 22:36:22 2014 (r45054) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r44775 + Original revision: r44776 $FreeBSD$ --> - &os.current; のソースを同期する。 + &os.current; のソースを同期してください。 特に svn を使って - Subversion ミラーサイト - のひとつの head ブランチから + の一覧にある + Subversion ミラーサイトのひとつの + head ブランチから -CURRENT コードをチェックアウトしてください。 インターネットの接続がとても遅かったり、 制限がある場合には、 - CTM + で説明されている CTM を利用すると良いでしょう。 ただし、svn ほどには信頼はできないので、 @@ -1227,7 +1228,7 @@ before running "/usr/sbin/freebsd-update 毎月公開されている &os.stable; からビルドされたスナップショットを使ってください。 スナップショットの詳細については、スナップショット + xlink:href="&url.base;/ja/snapshots/">www.freebsd.org/ja/snapshots をご覧ください。 既に &os; が動いているシステムを @@ -1238,14 +1239,10 @@ before running "/usr/sbin/freebsd-update を使って、 希望する開発ブランチのソースをチェックアウしてください。 stable/9 といったブランチ名は、 - リリースエンジニアリングのページ + www.freebsd.org/releng で説明されています。 インターネットへの接続に信頼できる回線を利用できないのであれば、 - CTM - - -STABLE - CTM を使って同期する - を使ってください。 + CTM () を使ってください。 @@ -1270,11 +1267,10 @@ before running "/usr/sbin/freebsd-update 訳: &a.jp.iwasaki;、1997 年 9 月 13 日 - インターネット接続または電子メールを使用して、&os; - プロジェクトのソースのある一部分または全体の最新を追いかける方法は色々あります。 - 基本的なサービスは - Subversion と - CTM です。 + &os; のソースの最新を追いかける方法は色々あります。 + この節では、基本的なサービスである + Subversion および + CTM について説明します。 ソースツリーの一部を最新のものに更新することは可能です。 @@ -1296,14 +1292,17 @@ before running "/usr/sbin/freebsd-update Subversionpull 同期モデルを採用しています。 - ユーザ (または cron スクリプト) が svn - を起動し、ファイルを最新状態にします。 - Subversion は、 - ローカルのソースツリーをアップデートする最も好ましい方法です。 + ユーザ (または cron スクリプト) が + svn プログラムを起動し、 + ローカルにあるソースを最新状態にします。 更新情報はその時点の最新のものであり、 - ユーザはいつダウンロードするかをコントロールします。 + いつダウンロードするかはユーザがコントロールするので、 + Subversion + はローカルのソースツリーをアップデートする好ましい方法です。 特定のファイルやディレクトリに限定して更新することも簡単にできます。 - 更新情報はサーバによって素早く生成されます。 + 更新情報はサーバによって素早く生成されます。 + Subversion によるソースの同期方法については、 + で説明されています。 CTM @@ -1315,25 +1314,26 @@ before running "/usr/sbin/freebsd-update そのかわりに、前回の実行時からの変更を認識するスクリプトが マスタ CTM マシン上で一日に数回実行され、 すべての変更を compress して通し番号を振り、 - さらに電子メールで、印字可能な ASCII + さらに電子メールで、印字可能な ASCII キャラクタのみで転送できるようにエンコードします。 - 受信した後は、 - これらの CTM のデルタ は自動 - 的にデコード、検査してユーザのソースのコピーに変更を適用する - &man.ctm.rmail.1; によって処理可能となります。 + ダウンロードした後は、 + これらの デルタ は、 + 自動的にデコード、検査してユーザのソースのコピーに変更を適用する + ctm.rmail によって処理可能です。 この処理は Subversion よりずっと効率的であり、pull モデルというよりむしろ push モデルであるため、 - サーバ資源の負荷は軽くなります。 + サーバ資源の負荷は軽くなります。 + CTM を用いたソースの同期方法については、 + をご覧ください。 - 他のトレードオフもあります。 - Subversion であれば、 + Subversion であれば、 うっかりローカルのアーカイブの一部を消してしまっても、 壊れた部分を検出して再構築してくれます。 CTM はこれをやってくれません。 もしソースツリーの一部を消してしまい、 - そしてバックアップを取っていないのであれば、最新の CTM - ベースデルタ を用いて、一からやり直し、 + そしてバックアップを取っていないのであれば、最新の + ベースデルタ を用いて、一からやり直し、 CTM を使ってすべてを再構築しなければなりません。 From owner-svn-doc-all@FreeBSD.ORG Sat Jun 14 15:55:57 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 743EE187; Sat, 14 Jun 2014 15:55:57 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 61FC52A34; Sat, 14 Jun 2014 15:55:57 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5EFtvnu046093; Sat, 14 Jun 2014 15:55:57 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5EFtvlY046092; Sat, 14 Jun 2014 15:55:57 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406141555.s5EFtvlY046092@svn.freebsd.org> From: Glen Barber Date: Sat, 14 Jun 2014 15:55:57 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45059 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 14 Jun 2014 15:55:57 -0000 Author: gjb Date: Sat Jun 14 15:55:56 2014 New Revision: 45059 URL: http://svnweb.freebsd.org/changeset/doc/45059 Log: Switch betarel.vers to BETA3. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/share/xml/release.ent Modified: head/share/xml/release.ent ============================================================================== --- head/share/xml/release.ent Sat Jun 14 00:15:02 2014 (r45058) +++ head/share/xml/release.ent Sat Jun 14 15:55:56 2014 (r45059) @@ -39,7 +39,7 @@ - + @@ -34,6 +34,67 @@ 2014 + 6 + + + 14 + + + &os; 9.3-BETA3 公開 + +

            &os;-9.3 リリースサイクルから 3 + 回目のベータ版が公開されました (アナウンス)。 + &os; + ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 + および sparc64 アーキテクチャの ISO イメージを入手できます。

            +             +             + + + 11 + + +

            新コミッタ就任: + Stephen Hurd + (ports)

            +             +             + + + 7 + + + &os; 9.3-BETA2 公開 + +

            &os;-9.3 リリースサイクルから 2 + 回目のベータ版が公開されました (アナウンス)。 + &os; + ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 + および sparc64 アーキテクチャの ISO イメージを入手できます。

            +             +             + + + 1 + + + &os; 9.1-BETA1 公開 + +

            &os;-9.3 リリースサイクルから最初のベータ版が公開されました (アナウンス)。 + &os; + ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 + および sparc64 アーキテクチャの ISO イメージを入手できます。

            +             +             +             + + 5 From owner-svn-doc-all@FreeBSD.ORG Sun Jun 15 03:28:43 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 50DEE55A; Sun, 15 Jun 2014 03:28:43 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 31D612A0D; Sun, 15 Jun 2014 03:28:43 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5F3ShdR063963; Sun, 15 Jun 2014 03:28:43 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5F3ShY2063961; Sun, 15 Jun 2014 03:28:43 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201406150328.s5F3ShY2063961@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sun, 15 Jun 2014 03:28:43 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45063 - head/ja_JP.eucJP/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Sun, 15 Jun 2014 11:41:46 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 15 Jun 2014 03:28:43 -0000 Author: ryusuke Date: Sun Jun 15 03:28:42 2014 New Revision: 45063 URL: http://svnweb.freebsd.org/changeset/doc/45063 Log: - Merge the following from the English version: r44776 -> r44778 head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Sun Jun 15 03:15:45 2014 (r45062) +++ head/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml Sun Jun 15 03:28:42 2014 (r45063) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r44776 + Original revision: r44778 $FreeBSD$ --> 新しいカスタムカーネルの再構築と再インストールは、 通常通り行うことができます。             - freebsd-update は、 - 常にカーネルをアップデートするとは限りません。 - freebsd-update install - によってカーネルソースが変更されなかった場合には、 - カスタムカーネルを再構築する必要はありません。 - しかしながら freebsd-update は、 - /usr/src/sys/conf/newvers.sh - を常にアップデートします。 - これは、現在のシステムのパッチレベルを - uname -r-p - で表示する時にこのファイルが参照されます。 - そのため、何も変更されていない場合でも、カスタムカーネルを再構築することにより、 - uname がシステムの正確なパッチレベルを報告するようになります。 - 各システムにインストールされているアップデートをすばやく把握できるようになるので、 - 特に複数のシステムを管理するときに助けとなります。 + freebsd-update は、 + 常にカーネルをアップデートするとは限りません。 + freebsd-update install + によってカーネルソースが変更されなかった場合には、 + カスタムカーネルを再構築する必要はありません。 + しかしながら freebsd-update は、 + /usr/src/sys/conf/newvers.sh + を常にアップデートします。 + これは、現在のシステムのパッチレベルを + uname -r-p + で表示する時にこのファイルが参照されます。 + そのため、何も変更されていない場合でも、 + カスタムカーネルを再構築することにより、 + uname がシステムの正確なパッチレベルを報告するようになります。 + 各システムにインストールされているアップデートをすばやく把握できるようになるので、 + 特に複数のシステムを管理するときに助けとなります。 @@ -405,16 +406,16 @@ Uninstalling updates... done. 以下のコマンドを実行すると、&os; 9.0 のシステムを &os; 9.1 にアップグレードします。 - &prompt.root; freebsd-update -r 9.1-RELEASE upgrade + &prompt.root; freebsd-update -r 9.1-RELEASE upgrade - コマンドを実行すると、freebsd-update - は設定ファイルと現在のシステムを評価し、 - アップデートするために必要な情報を収集します。 - 画面には、どのコンポーネントが認識され、 - どのコンポーネントが認識されていないといったリストが表示されます。 - たとえば以下のように表示されます。 + コマンドを実行すると、freebsd-update + は設定ファイルと現在のシステムを評価し、 + アップデートするために必要な情報を収集します。 + 画面には、どのコンポーネントが認識され、 + どのコンポーネントが認識されていないといったリストが表示されます。 + たとえば以下のように表示されます。 - Looking up update.FreeBSD.org mirrors... 1 mirrors found. + Looking up update.FreeBSD.org mirrors... 1 mirrors found. Fetching metadata signature for 9.0-RELEASE from update1.FreeBSD.org... done. Fetching metadata index... done. Inspecting system... done. @@ -431,180 +432,180 @@ world/proflibs Does this look reasonable (y/n)? y - ここで、freebsd-update - はアップグレードに必要なすべてのファイルをダウンロードします。 - 何をインストールし、どのように進むかといった質問をされることもあります。 + ここで、freebsd-update + はアップグレードに必要なすべてのファイルをダウンロードします。 + 何をインストールし、どのように進むかといった質問をされることもあります。 - カスタムカーネルを使っていると、 - 上記のステップで以下のような警告が表示されます。 + カスタムカーネルを使っていると、 + 上記のステップで以下のような警告が表示されます。 - WARNING: This system is running a "MYKERNEL" kernel, which is not a + WARNING: This system is running a "MYKERNEL" kernel, which is not a kernel configuration distributed as part of FreeBSD 9.0-RELEASE. This kernel will not be updated: you MUST update the kernel manually before running "/usr/sbin/freebsd-update install" - この時点ではこの警告を無視してもかまいません。 - アップデートされた GENERIC カーネルは、 - アップグレードプロセスの途中で利用されます。 - - すべてのパッチがローカルシステムへダウンロードされたら、 - 次にパッチが適用されます。 - このプロセスには時間がかかります。 - この時間はコンピュータの性能とワークロードに依存します。 - その後、設定ファイルがマージされます。 - このプロセスでは、ユーザはファイルをマージするか、 - 画面上にエディタを立ち上げて手動でマージするかを尋ねられます。 - プロセスが進むごとに、成功したマージのすべての結果の情報がユーザに示されます。 - マージに失敗したり、無視した場合には、プロセスが中断します。 - ユーザによっては /etc - のバックアップを取り、 - master.passwdgroup - のような重要なファイルを後で手動でマージする方もいます。 - - - すべてのパッチは別のディレクトリでマージされており、 - まだ、システムには反映されていません。 - すべてのパッチが正しく適用され、 - すべての設定ファイルがマージされてプロセスがスムーズに進んだら、 - ユーザは以下のコマンドを用いて、 - 変更点をディスクに反映してください。 + この時点ではこの警告を無視してもかまいません。 + アップデートされた GENERIC カーネルは、 + アップグレードプロセスの途中で利用されます。 + + すべてのパッチがローカルシステムへダウンロードされたら、 + 次にパッチが適用されます。 + このプロセスには時間がかかります。 + この時間はコンピュータの性能とワークロードに依存します。 + その後、設定ファイルがマージされます。 + このプロセスでは、ユーザはファイルをマージするか、 + 画面上にエディタを立ち上げて手動でマージするかを尋ねられます。 + プロセスが進むごとに、成功したマージのすべての結果の情報がユーザに示されます。 + マージに失敗したり、無視した場合には、プロセスが中断します。 + ユーザによっては /etc + のバックアップを取り、 + master.passwdgroup + のような重要なファイルを後で手動でマージする方もいます。 + + + すべてのパッチは別のディレクトリでマージされており、 + まだ、システムには反映されていません。 + すべてのパッチが正しく適用され、 + すべての設定ファイルがマージされてプロセスがスムーズに進んだら、 + ユーザは以下のコマンドを用いて、 + 変更点をディスクに反映してください。 &prompt.root; freebsd-update install - + - パッチは最初にカーネルとカーネルモジュールに対して当てられます。 - システムがカスタムカーネルを実行している場合には、 - &man.nextboot.8; を使って次回の再起動時のカーネルを、 - アップデートされた /boot/GENERIC - に設定してください。 - - &prompt.root; nextboot -k GENERIC - - - GENERIC カーネルで再起動する前に、 - カーネルにシステムが適切に起動するために必要なすべてのドライバが含まれていること、 - もしアップデートしているコンピュータがリモートでアクセスしているのであれば、 - ネットワーク接続に必要なすべてのドライバも含まれていることを確認してください。 - 特に、これまで実行しているカスタムカーネルが、 - カーネルモジュールとして提供されているビルドインの機能を含んでいるのであれば、 - これらのモジュールを一時的に /boot/loader.conf - の機能を用いて、 - GENERIC に読み込んでください。 - アップグレードプロセスが終わるまでは、 - 重要ではないサービスを無効にするとともに、 - 必要のないディスクやネットワークのマウントなども避けることが推奨されています。 - - - アップデートされたカーネルでコンピュータを再起動してください。 - - &prompt.root; shutdown -r now - - システムがオンラインに戻ったら、以下のコマンドを使って - freebsd-update を再び実行してください。 - アップデートプロセスの状態は保存されているので、 - freebsd-update を実行すると、 - 最初からではなく、次のステップに進み、 - 古い共有ライブラリとオブジェクトファイルを削除します。 + パッチは最初にカーネルとカーネルモジュールに対して当てられます。 + システムがカスタムカーネルを実行している場合には、 + &man.nextboot.8; を使って次回の再起動時のカーネルを、 + アップデートされた /boot/GENERIC + に設定してください。 - &prompt.root; freebsd-update install + &prompt.root; nextboot -k GENERIC - - 使用しているライブラリのバージョン番号の付けられ方によって、 - 3 つのインストールフェーズが 2 つになる場合もあります。 - - - アップグレードはこれで終了です。 - もしメジャーアップグレードを行った場合には、 - - で説明されているようにすべての ports および package - を再構築してください。 - - - &os; 9.X 以降のシステムにおけるカスタムカーネル - - freebsd-update を使う前に、 - GENERIC カーネルが - /boot/GENERIC - に置かれていることを確認してください。 - ただ一度だけカスタムカーネルを構築したのであれば、 - /boot/kernel.old - は GENERIC カーネルそのものです。 - このディレクトリの名前を - /boot/kernel - へと変更してください。 - - もし、2 回以上カスタムカーネルを構築した後であったり、 - カスタムカーネルを構築した回数がわからなければ、 - 現在のオペレーティングシステムのバージョンの - GENERIC カーネルを入手してください。 - コンピュータへの物理的なアクセスが可能であれば、 - インストールメディアから GENERIC - カーネルをインストールできます。 + + GENERIC カーネルで再起動する前に、 + カーネルにシステムが適切に起動するために必要なすべてのドライバが含まれていること、 + もしアップデートしているコンピュータがリモートでアクセスしているのであれば、 + ネットワーク接続に必要なすべてのドライバも含まれていることを確認してください。 + 特に、これまで実行しているカスタムカーネルが、 + カーネルモジュールとして提供されているビルドインの機能を含んでいるのであれば、 + これらのモジュールを一時的に /boot/loader.conf + の機能を用いて、 + GENERIC に読み込んでください。 + アップグレードプロセスが終わるまでは、 + 重要ではないサービスを無効にするとともに、 + 必要のないディスクやネットワークのマウントなども避けることが推奨されています。 + + + アップデートされたカーネルでコンピュータを再起動してください。 + + &prompt.root; shutdown -r now + + システムがオンラインに戻ったら、以下のコマンドを使って + freebsd-update を再び実行してください。 + アップデートプロセスの状態は保存されているので、 + freebsd-update を実行すると、 + 最初からではなく、次のステップに進み、 + 古い共有ライブラリとオブジェクトファイルを削除します。 + + &prompt.root; freebsd-update install + + + 使用しているライブラリのバージョン番号の付けられ方によって、 + 3 つのインストールフェーズが 2 つになる場合もあります。 + - &prompt.root; mount /cdrom + アップグレードはこれで終了です。 + もしメジャーアップグレードを行った場合には、 + + で説明されているようにすべての ports および package + を再構築してください。 + + + &os; 9.X 以降のシステムにおけるカスタムカーネル + + freebsd-update を使う前に、 + GENERIC カーネルが + /boot/GENERIC + に置かれていることを確認してください。 + ただ一度だけカスタムカーネルを構築したのであれば、 + /boot/kernel.old + は GENERIC カーネルそのものです。 + このディレクトリの名前を + /boot/kernel + へと変更してください。 + + もし、2 回以上カスタムカーネルを構築した後であったり、 + カスタムカーネルを構築した回数がわからなければ、 + 現在のオペレーティングシステムのバージョンの + GENERIC カーネルを入手してください。 + コンピュータへの物理的なアクセスが可能であれば、 + インストールメディアから GENERIC + カーネルをインストールできます。 + + &prompt.root; mount /cdrom &prompt.root; cd /cdrom/usr/freebsd-dist &prompt.root; tar -C/ -xvf kernel.txz boot/kernel/kernel - 別な方法としては、 - GENERIC カーネルをソースから再構築して、 - インストールしてください。 + 別な方法としては、 + GENERIC カーネルをソースから再構築して、 + インストールしてください。 - &prompt.root; cd /usr/src + &prompt.root; cd /usr/src &prompt.root; make kernel __MAKE_CONF=/dev/null SRCCONF=/dev/null - freebsd-update がこのカーネルを - GENERIC カーネルとして認識するために、 - GENERIC コンフィグレーションファイルは、 - とにかく変更してはいけません。 - また、特別なオプションを指定しないで構築してください。 - - freebsd-update は、 - /boot/GENERIC - が存在する事だけを必要とするので、 - GENERIC - カーネルで再起動する必要はありません。 - - - - &os; 8.X におけるカスタムカーネル - - &os; 8.X システムでは、GENERIC - カーネルを入手する方法や構築の方法が少し異なります。 - - コンピュータへの物理的なアクセスが可能であれば、 - 以下のコマンドを実行することで、 - インストールメディアから GENERIC - カーネルをインストールできます。 + freebsd-update がこのカーネルを + GENERIC カーネルとして認識するために、 + GENERIC コンフィグレーションファイルは、 + とにかく変更してはいけません。 + また、特別なオプションを指定しないで構築してください。 + + freebsd-update は、 + /boot/GENERIC + が存在する事だけを必要とするので、 + GENERIC + カーネルで再起動する必要はありません。 + + + + &os; 8.X におけるカスタムカーネル + + &os; 8.X システムでは、GENERIC + カーネルを入手する方法や構築の方法が少し異なります。 + + コンピュータへの物理的なアクセスが可能であれば、 + 以下のコマンドを実行することで、 + インストールメディアから GENERIC + カーネルをインストールできます。 - &prompt.root; mount /cdrom + &prompt.root; mount /cdrom &prompt.root; cd /cdrom/X.Y-RELEASE/kernels &prompt.root; ./install.sh GENERIC - ここで X.Y-RELEASE - をリリース番号に置き換えてください。 - GENERIC カーネルは、 - デフォルトで /boot/GENERIC - にインストールされます。 + ここで X.Y-RELEASE + をリリース番号に置き換えてください。 + GENERIC カーネルは、 + デフォルトで /boot/GENERIC + にインストールされます。 - または、GENERIC - カーネルをソースから再構築してください。 + または、GENERIC + カーネルをソースから再構築してください。 - &prompt.root; cd /usr/src + &prompt.root; cd /usr/src &prompt.root; env DESTDIR=/boot/GENERIC make kernel __MAKE_CONF=/dev/null SRCCONF=/dev/null &prompt.root; mv /boot/GENERIC/boot/kernel/* /boot/GENERIC &prompt.root; rm -rf /boot/GENERIC/boot - freebsd-update が、このカーネルを - GENERIC カーネルとして扱うように、 - GENERIC コンフィグレーションファイルは、 - とにかく変更してはいけません。 - また、特別なオプションを指定しないで構築してください。 - - GENERIC - カーネルで再起動する必要はありません。 - + freebsd-update が、このカーネルを + GENERIC カーネルとして扱うように、 + GENERIC コンフィグレーションファイルは、 + とにかく変更してはいけません。 + また、特別なオプションを指定しないで構築してください。 + + GENERIC + カーネルで再起動する必要はありません。 + メジャーバージョンアップグレード後の ports の再構築 @@ -621,14 +622,14 @@ before running "/usr/sbin/freebsd-update 以下のコマンドを用いて、 インストールされているすべてのアプリケーションを再構築できます。 - &prompt.root; portmaster -af + &prompt.root; portmaster -af - このコマンドを実行すると、 - 設定を変更するオプションを持つアプリケーションは、 - 設定変更のスクリーンを表示し、 - ユーザからの指示待ちの状態で停止します。 - この振る舞いをやめ、デフォルトのオプションを使用するには、 - 上記のコマンドに を含めてください。 + このコマンドを実行すると、 + 設定を変更するオプションを持つアプリケーションは、 + 設定変更のスクリーンを表示し、 + ユーザからの指示待ちの状態で停止します。 + この振る舞いをやめ、デフォルトのオプションを使用するには、 + 上記のコマンドに を含めてください。 ソフトウェアのアップグレードが終わったら、最後にもう一度 freebsd-update From owner-svn-doc-all@FreeBSD.ORG Sun Jun 15 14:13:00 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CA6D884B; Sun, 15 Jun 2014 14:13:00 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AB90C2E42; Sun, 15 Jun 2014 14:13:00 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5FED0XF066112; Sun, 15 Jun 2014 14:13:00 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5FED0H5066111; Sun, 15 Jun 2014 14:13:00 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406151413.s5FED0H5066111@svn.freebsd.org> From: Glen Barber Date: Sun, 15 Jun 2014 14:13:00 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45064 - head/en_US.ISO8859-1/books/porters-handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 15 Jun 2014 14:13:00 -0000 Author: gjb Date: Sun Jun 15 14:13:00 2014 New Revision: 45064 URL: http://svnweb.freebsd.org/changeset/doc/45064 Log: Document __FreeBSD_version values: 902511, 902512, 1000706, 1000707, 1000708, 1000709, 1000710, 1100015, 1100016, 1100017, 1100018, 1100019, 1100021, 1100022, 1100023. Add svn revision number in 1100020 entry. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/books/porters-handbook/versions.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/versions.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/versions.xml Sun Jun 15 03:28:42 2014 (r45063) +++ head/en_US.ISO8859-1/books/porters-handbook/versions.xml Sun Jun 15 14:13:00 2014 (r45064) @@ -4375,6 +4375,20 @@ it was never committed: + 902511 + March 27, 2014 + 9-STABLE after FreeBSD-SA-14:06.openssl + (rev 264289). + + + + 902512 + April 30, 2014 + 9-STABLE after FreeBSD-SA-14:08.tcp + (rev 265123). + + + 1000000 September 26, 2011 10.0-CURRENT. @@ -4963,6 +4977,46 @@ it was never committed: + 1000706 + April 6, 2014 + 10-STABLE after GCC support for __block + definition (rev 264214). + + + + 1000707 + April 8, 2014 + 10-STABLE after FreeBSD-SA-14:06.openssl (rev + 264289). + + + + 1000708 + April 30, 2014 + 10-STABLE after FreeBSD-SA-14:07.devfs, FreeBSD-SA-14:08.tcp, + and FreeBSD-SA-14:09.openssl + (rev 265122). + + + + 1000709 + May 13, 2014 + 10-STABLE after support for UDP-Lite protocol (RFC 3828) + (rev 265946). + + + + 1000710 + June 13, 2014 + 10-STABLE after changes to &man.strcasecmp.3;, moving + strcasecmp_l() and + strncasecmp_l() from + <string.h> to + <strings.h> for POSIX 2008 compliance + (rev 267465). + + + 1100000 October 10, 2013 11.0-CURRENT @@ -5076,8 +5130,72 @@ it was never committed: + 1100015 + March 22, 2014 + 11.0-CURRENT after cnt rename to + vm_cnt (rev + 263620). + + + + 1100016 + March 23, 2014 + 11.0-CURRENT after addition of armv6hf + TARGET_ARCH (rev + 263660). + + + + 1100017 + April 4, 2014 + 11.0-CURRENT after GCC support for __block + definition (rev 264121). + + + + 1100018 + April 6, 2014 + 11.0-CURRENT after support for UDP-Lite protocol (RFC 3828) + (rev 264212). + + + + 1100019 + April 8, 2014 + 11.0-CURRENT after FreeBSD-SA-14:06.openssl (rev + 264265). + + + 1100020 May 1, 2014 11.0-CURRENT after removing lindev in favor of having - /dev/full by default. + /dev/full by default (rev 265212). + + + + 1100021 + May 6, 2014 + 11.0-CURRENT after src.opts.mk changes, + decoupling &man.make.conf.5; from buildworld + (rev 265419). + + + + 1100022 + May 30, 2014 + 11.0-CURRENT after changes to &man.strcasecmp.3;, moving + strcasecmp_l() and + strncasecmp_l() from + <string.h> to + <strings.h> for POSIX 2008 compliance + (rev 266865). + + + + 1100023 + June 13, 2014 + 11.0-CURRENT after the CUSE library and kernel module have + been attached to the build by default (rev + 267440). From owner-svn-doc-all@FreeBSD.ORG Sun Jun 15 14:13:52 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AD2C98B0; Sun, 15 Jun 2014 14:13:52 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9A8FB2E47; Sun, 15 Jun 2014 14:13:52 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5FEDqwf066314; Sun, 15 Jun 2014 14:13:52 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5FEDq7j066313; Sun, 15 Jun 2014 14:13:52 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406151413.s5FEDq7j066313@svn.freebsd.org> From: Glen Barber Date: Sun, 15 Jun 2014 14:13:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45065 - head/en_US.ISO8859-1/books/porters-handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 15 Jun 2014 14:13:52 -0000 Author: gjb Date: Sun Jun 15 14:13:52 2014 New Revision: 45065 URL: http://svnweb.freebsd.org/changeset/doc/45065 Log: Remove leading 'r' in the svn revision number for 902510 entry. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/books/porters-handbook/versions.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/versions.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/versions.xml Sun Jun 15 14:13:00 2014 (r45064) +++ head/en_US.ISO8859-1/books/porters-handbook/versions.xml Sun Jun 15 14:13:52 2014 (r45065) @@ -4371,7 +4371,7 @@ it was never committed: 902510 March 27, 2014 9-STABLE after merge of the vt(4) driver - (rev r263818). + (rev 263818). From owner-svn-doc-all@FreeBSD.ORG Sun Jun 15 14:14:57 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C178B9EF; Sun, 15 Jun 2014 14:14:57 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AEF612E4E; Sun, 15 Jun 2014 14:14:57 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5FEEvI1066547; Sun, 15 Jun 2014 14:14:57 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5FEEvAX066546; Sun, 15 Jun 2014 14:14:57 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406151414.s5FEEvAX066546@svn.freebsd.org> From: Glen Barber Date: Sun, 15 Jun 2014 14:14:57 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45066 - head/en_US.ISO8859-1/books/porters-handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 15 Jun 2014 14:14:57 -0000 Author: gjb Date: Sun Jun 15 14:14:57 2014 New Revision: 45066 URL: http://svnweb.freebsd.org/changeset/doc/45066 Log: Line wrap to meet style requirements. No content changes. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/books/porters-handbook/versions.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/versions.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/versions.xml Sun Jun 15 14:13:52 2014 (r45065) +++ head/en_US.ISO8859-1/books/porters-handbook/versions.xml Sun Jun 15 14:14:57 2014 (r45066) @@ -5124,9 +5124,9 @@ it was never committed: <sys/capability.h> to <sys/capsicum.h> to avoid a clash with similarly named headers in other operating systems. - A compatibility header is left in place to limit build breakage, but will - be deprecated in due course. - (rev 263235). + A compatibility header is left in place to limit build breakage, + but will be deprecated in due course. (rev + 263235). From owner-svn-doc-all@FreeBSD.ORG Sun Jun 15 23:30:04 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 201BF4B5; Sun, 15 Jun 2014 23:30:04 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0D7082D6C; Sun, 15 Jun 2014 23:30:04 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5FNU3WN020276; Sun, 15 Jun 2014 23:30:03 GMT (envelope-from robak@svn.freebsd.org) Received: (from robak@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5FNU3L3020275; Sun, 15 Jun 2014 23:30:03 GMT (envelope-from robak@svn.freebsd.org) Message-Id: <201406152330.s5FNU3L3020275@svn.freebsd.org> From: Bartek Rutkowski Date: Sun, 15 Jun 2014 23:30:03 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45067 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 15 Jun 2014 23:30:04 -0000 Author: robak (ports committer) Date: Sun Jun 15 23:30:03 2014 New Revision: 45067 URL: http://svnweb.freebsd.org/changeset/doc/45067 Log: Added Bartek Rutkowski (myself) entity. Reviewed by: swills, marino (mentors) Approved by: swills, marino (mentors) Modified: head/share/xml/authors.ent Modified: head/share/xml/authors.ent ============================================================================== --- head/share/xml/authors.ent Sun Jun 15 14:14:57 2014 (r45066) +++ head/share/xml/authors.ent Sun Jun 15 23:30:03 2014 (r45067) @@ -1764,6 +1764,9 @@ roam@FreeBSD.org"> + +robak@FreeBSD.org"> + robert@FreeBSD.org"> From owner-svn-doc-all@FreeBSD.ORG Tue Jun 17 02:40:35 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 201B1E9F; Tue, 17 Jun 2014 02:40:35 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0CC9F28B8; Tue, 17 Jun 2014 02:40:35 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5H2eYfX080474; Tue, 17 Jun 2014 02:40:34 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5H2eYun080473; Tue, 17 Jun 2014 02:40:34 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406170240.s5H2eYun080473@svn.freebsd.org> From: Warren Block Date: Tue, 17 Jun 2014 02:40:34 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45068 - head/en_US.ISO8859-1/htdocs/support X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jun 2014 02:40:35 -0000 Author: wblock Date: Tue Jun 17 02:40:34 2014 New Revision: 45068 URL: http://svnweb.freebsd.org/changeset/doc/45068 Log: Reorganize, modernize, optimize, and miniaturize. Modified: head/en_US.ISO8859-1/htdocs/support/bugreports.xml Modified: head/en_US.ISO8859-1/htdocs/support/bugreports.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/support/bugreports.xml Sun Jun 15 23:30:03 2014 (r45067) +++ head/en_US.ISO8859-1/htdocs/support/bugreports.xml Tue Jun 17 02:40:34 2014 (r45068) @@ -15,49 +15,45 @@

            Problem Report Database

            -

            Current FreeBSD problem reports are tracked using Bugzilla.

            - -

            A FreeBSD problem report (PR) is not necessarily a bug with FreeBSD - itself. In some cases it may be reporting a mistake in the - documentation (which could be a simple typo). In other cases it may - be a 'wishlist' item that the submitter would like to see incorporated - in to FreeBSD. In many cases a PR contains a port which has been - prepared for inclusion in the FreeBSD - Ports and Packages collection.

            - -

            Problem reports start 'open', and are closed as the issue they report - is resolved. In addition, each PR is assigned a unique tracking ID - to ensure that it is not lost. Many FreeBSD changes include the - tracking ID of the PR that prompted the change.

            - -

            How to Submit A Problem Report

            - -

            Problem reports may be submitted to the development team by using - the web based - form. +

            A problem report, or PR, can be about any component + of FreeBSD, including problems with the operating system programs, a mistake in the + documentation, or a + new feature that the submitter wishes to see incorporated.

            + +

            Problem reports begin in the open state, and are closed when the issue + is resolved. A numeric ID is assigned to each PR for tracking. + Many FreeBSD changes refer to the + PR number that prompted the change.

            + +

            How to Submit a Problem Report

            + +

            Problem reports are submitted to the development team with + the + web form. Please note that messages sent to a mailing list are not tracked as official problem reports, and may get lost in the noise!

            -

            Before submitting a problem report, you might find it useful to +

            Before submitting a problem report, please read the Writing FreeBSD Problem Reports article. This article describes - when you should submit a problem report, what you are expected - to include in one, and what the best way to submit your problem - report is. Some useful background information is also contained + when to submit a problem report and what + to include. + Some useful background information is also contained in the Problem Report Handling Guidelines article.

            +

            FreeBSD problem reports are tracked using Bugzilla.

            From owner-svn-doc-all@FreeBSD.ORG Tue Jun 17 09:53:05 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0DEED73C; Tue, 17 Jun 2014 09:53:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EF0142B13; Tue, 17 Jun 2014 09:53:04 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5H9r4ES081474; Tue, 17 Jun 2014 09:53:04 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5H9r4Hh081473; Tue, 17 Jun 2014 09:53:04 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201406170953.s5H9r4Hh081473@svn.freebsd.org> From: Ryusuke SUZUKI Date: Tue, 17 Jun 2014 09:53:04 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45069 - head/ja_JP.eucJP/books/handbook/basics X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jun 2014 09:53:05 -0000 Author: ryusuke Date: Tue Jun 17 09:53:04 2014 New Revision: 45069 URL: http://svnweb.freebsd.org/changeset/doc/45069 Log: - Merge the following from the English version: r25848 -> r27406 head/ja_JP.eucJP/books/handbook/basics/chapter.xml Submitted by: Yuta MASUMOTO Modified: head/ja_JP.eucJP/books/handbook/basics/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/basics/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/basics/chapter.xml Tue Jun 17 02:40:34 2014 (r45068) +++ head/ja_JP.eucJP/books/handbook/basics/chapter.xml Tue Jun 17 09:53:04 2014 (r45069) @@ -4,6 +4,7 @@ The FreeBSD Japanese Documentation Project Original revision: r25848 + Original revision: r27406 $FreeBSD$ --> @@ -634,7 +635,7 @@ total 530 &prompt.root; chflags nosunlink file1 ファイルにどのフラグが設定されているのかを見るには、&man.ls.1; - を オプションと一緒に使ってください。 + コマンドを オプションと一緒に使ってください。             &prompt.root; ls -lo file1 @@ -1456,25 +1457,25 @@ total 530 .-----------------. --. | | | | DOS / Windows | | -: : > First slice, ad0s1 +: : > First slice, ad0s1 : : | | | | :=================: ==: --. | | | Partition a, mounted as / | -| | > referred to as ad0s2a | +| | > referred to as ad0s2a | | | | | :-----------------: ==: | | | | Partition b, used as swap | -| | > referred to as ad0s2b | +| | > referred to as ad0s2b | | | | | :-----------------: ==: | Partition c, no -| | | Partition e, used as /var > file system, all -| | > referred to as ad0s2e | of FreeBSD slice, +| | | Partition e, used as /var > file system, all +| | > referred to as ad0s2e | of FreeBSD slice, | | | | ad0s2c :-----------------: ==: | | | | | : : | Partition f, used as /usr | -: : > referred to as ad0s2f | +: : > referred to as ad0s2f | : : | | | | | | | | --' | @@ -2281,9 +2282,6 @@ Swap: 256M Total, 38M Used, 217M Free, 1 &prompt.user; chsh -s /usr/local/bin/bash - chsh をパラメータなしで実行し、 - エディタでシェルを変更しても同じことができます。 - 使おうと思っているシェルは必ず /etc/shells 中に書かれているものでなければなりません。 From owner-svn-doc-all@FreeBSD.ORG Tue Jun 17 15:00:59 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 68A6EA0F; Tue, 17 Jun 2014 15:00:59 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 555F92883; Tue, 17 Jun 2014 15:00:59 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5HF0xQZ027344; Tue, 17 Jun 2014 15:00:59 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5HF0xpI027343; Tue, 17 Jun 2014 15:00:59 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201406171500.s5HF0xpI027343@svn.freebsd.org> From: Mathieu Arnold Date: Tue, 17 Jun 2014 15:00:59 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45070 - head/en_US.ISO8859-1/books/porters-handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jun 2014 15:00:59 -0000 Author: mat (ports committer) Date: Tue Jun 17 15:00:58 2014 New Revision: 45070 URL: http://svnweb.freebsd.org/changeset/doc/45070 Log: Document the new Uses/gssapi.mk Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/uses.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/uses.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/uses.xml Tue Jun 17 09:53:04 2014 (r45069) +++ head/en_US.ISO8859-1/books/porters-handbook/uses.xml Tue Jun 17 15:00:58 2014 (r45070) @@ -267,6 +267,71 @@ for the build. + + gssapi + + (none), base (default), + heimdal, mit, + flags, bootstrap + + + Handle dependency on Kerberos + ports. By default, or set to base, + Kerberos from the base system is + used. Set to heimdal to use security/heimdal, or + mit to use security/krb5. + + When the local Kerberos + installation is not in LOCALBASE, set + HEIMDAL_HOME (for heimdal) + or KRB5_HOME (for krb5) to + the base Kerberos directory. + + These variables are exported for the ports to use: + + + GSSAPIBASEDIR + GSSAPICPPFLAGS + GSSAPIINCDIR + GSSAPILDFLAGS + GSSAPILIBDIR + GSSAPILIBS + GSSAPI_CONFIGURE_ARGS + + + The flags option can be set with + base, heimdal, or + mit to automatically add + GSSAPICPPFLAGS, + GSSAPILDFLAGS, and + GSSAPILIBS to CFLAGS, + LDFLAGS, and LDADD, + respectively. For example, use + base,flags. + + The bootstrap option is a special prefix + only for use with security/krb5 + and security/heimdal. For + example, use bootstrap,mit. + + + Typical Use + + OPTIONS_SINGLE= GSSAPI +OPTIONS_SINGLE_GSSAPI= GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT GSSAPI_NONE + +GSSAPI_BASE_USES= gssapi +GSSAPI_BASE_CONFIGURE_ON= --with-gssapi=${GSSAPIBASEDIR} ${GSSAPI_CONFIGURE_ARGS} +GSSAPI_HEIMDAL_USES= gssapi:heimdal +GSSAPI_HEIMDAL_CONFIGURE_ON= --with-gssapi=${GSSAPIBASEDIR} ${GSSAPI_CONFIGURE_ARGS} +GSSAPI_MIT_USES= gssapi:mit +GSSAPI_MIT_CONFIGURE_ON= --with-gssapi=${GSSAPIBASEDIR} ${GSSAPI_CONFIGURE_ARGS} +GSSAPI_NONE_CONFIGURE_ON= --without-gssapi + + + iconv From owner-svn-doc-all@FreeBSD.ORG Tue Jun 17 19:47:31 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 32589EC; Tue, 17 Jun 2014 19:47:31 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1DF5A25F7; Tue, 17 Jun 2014 19:47:31 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5HJlUac062307; Tue, 17 Jun 2014 19:47:30 GMT (envelope-from robak@svn.freebsd.org) Received: (from robak@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5HJlUI9062304; Tue, 17 Jun 2014 19:47:30 GMT (envelope-from robak@svn.freebsd.org) Message-Id: <201406171947.s5HJlUI9062304@svn.freebsd.org> From: Bartek Rutkowski Date: Tue, 17 Jun 2014 19:47:30 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45071 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jun 2014 19:47:31 -0000 Author: robak (ports committer) Date: Tue Jun 17 19:47:30 2014 New Revision: 45071 URL: http://svnweb.freebsd.org/changeset/doc/45071 Log: - Added robak (Bartek Rutkowski, myself) pgp key - Added robak pgp key entity - Added robak in developers pgp keys xml Reviewed by: marino Approved by: marino Added: head/share/pgpkeys/robak.key (contents, props changed) Modified: head/share/pgpkeys/pgpkeys-developers.xml head/share/pgpkeys/pgpkeys.ent Modified: head/share/pgpkeys/pgpkeys-developers.xml ============================================================================== --- head/share/pgpkeys/pgpkeys-developers.xml Tue Jun 17 15:00:58 2014 (r45070) +++ head/share/pgpkeys/pgpkeys-developers.xml Tue Jun 17 19:47:30 2014 (r45071) @@ -1611,6 +1611,11 @@ &pgpkey.rodrigc;             + + &a.robak.email; + &pgpkey.robak; + + &a.guido.email; &pgpkey.guido; Modified: head/share/pgpkeys/pgpkeys.ent ============================================================================== --- head/share/pgpkeys/pgpkeys.ent Tue Jun 17 15:00:58 2014 (r45070) +++ head/share/pgpkeys/pgpkeys.ent Tue Jun 17 19:47:30 2014 (r45071) @@ -356,6 +356,7 @@ + Added: head/share/pgpkeys/robak.key ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/pgpkeys/robak.key Tue Jun 17 19:47:30 2014 (r45071) @@ -0,0 +1,91 @@ + + + +uid Bartek Rutkowski +uid Bartek Rutkowski +sub 4096R/36F01FFE 2013-06-17 [expires: 2017-06-17] + +]]> + From owner-svn-doc-all@FreeBSD.ORG Tue Jun 17 19:56:43 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3192F5FD; Tue, 17 Jun 2014 19:56:43 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1EBB026E7; Tue, 17 Jun 2014 19:56:43 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5HJugdp066932; Tue, 17 Jun 2014 19:56:42 GMT (envelope-from robak@svn.freebsd.org) Received: (from robak@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5HJugib066930; Tue, 17 Jun 2014 19:56:42 GMT (envelope-from robak@svn.freebsd.org) Message-Id: <201406171956.s5HJugib066930@svn.freebsd.org> From: Bartek Rutkowski Date: Tue, 17 Jun 2014 19:56:42 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45072 - head/en_US.ISO8859-1/articles/contributors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jun 2014 19:56:43 -0000 Author: robak (ports committer) Date: Tue Jun 17 19:56:42 2014 New Revision: 45072 URL: http://svnweb.freebsd.org/changeset/doc/45072 Log: Move Bartek Rutkowski (myself) from additional contributors to committers list. Reviewed by: marino, swills Approved by: marino, swills Modified: head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Modified: head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Tue Jun 17 19:47:30 2014 (r45071) +++ head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Tue Jun 17 19:56:42 2014 (r45072) @@ -1157,11 +1157,6 @@             - Bartek Rutkowski - contact+freebsd@robakdesign.com - - - Bartosz Fabianowski freebsd@chillt.de Modified: head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Tue Jun 17 19:47:30 2014 (r45071) +++ head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Tue Jun 17 19:56:42 2014 (r45072) @@ -1139,6 +1139,10 @@ + &a.robak.email; + + + &a.rea.email; From owner-svn-doc-all@FreeBSD.ORG Tue Jun 17 20:29:59 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C291149E; Tue, 17 Jun 2014 20:29:59 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B006529E8; Tue, 17 Jun 2014 20:29:59 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5HKTxtc083125; Tue, 17 Jun 2014 20:29:59 GMT (envelope-from robak@svn.freebsd.org) Received: (from robak@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5HKTxa6083124; Tue, 17 Jun 2014 20:29:59 GMT (envelope-from robak@svn.freebsd.org) Message-Id: <201406172029.s5HKTxa6083124@svn.freebsd.org> From: Bartek Rutkowski Date: Tue, 17 Jun 2014 20:29:59 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45073 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jun 2014 20:29:59 -0000 Author: robak (ports committer) Date: Tue Jun 17 20:29:59 2014 New Revision: 45073 URL: http://svnweb.freebsd.org/changeset/doc/45073 Log: Added news regarding Bartek Rutkowski (myself) as a new ports committer. Reviewed by: marino, swills Approved by: marino, swills Modified: head/share/xml/news.xml Modified: head/share/xml/news.xml ============================================================================== --- head/share/xml/news.xml Tue Jun 17 19:56:42 2014 (r45072) +++ head/share/xml/news.xml Tue Jun 17 20:29:59 2014 (r45073) @@ -35,6 +35,16 @@ 6 + 17 + + +

            New committer: + Bartek Rutkowski + (ports)

            +             +             + + 14 From owner-svn-doc-all@FreeBSD.ORG Wed Jun 18 00:43:00 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 35D27463; Wed, 18 Jun 2014 00:43:00 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 22BD720FE; Wed, 18 Jun 2014 00:43:00 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5I0h0CY003273; Wed, 18 Jun 2014 00:43:00 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5I0gxXV003271; Wed, 18 Jun 2014 00:42:59 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406180042.s5I0gxXV003271@svn.freebsd.org> From: Glen Barber Date: Wed, 18 Jun 2014 00:42:59 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45074 - head/en_US.ISO8859-1/htdocs/donations X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jun 2014 00:43:00 -0000 Author: gjb Date: Wed Jun 18 00:42:59 2014 New Revision: 45074 URL: http://svnweb.freebsd.org/changeset/doc/45074 Log: Fix link to the want list. Submitted by: Richard Allen Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/donations/index.xml Modified: head/en_US.ISO8859-1/htdocs/donations/index.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/donations/index.xml Tue Jun 17 20:29:59 2014 (r45073) +++ head/en_US.ISO8859-1/htdocs/donations/index.xml Wed Jun 18 00:42:59 2014 (r45074) @@ -96,7 +96,7 @@ donation.

            If you don't know what you want to give, take a look at our list of needs. We would appreciate any + href="https://wiki.freebsd.org/Donations/WantList">list of needs. We would appreciate any items on this list. If you have equipment you'd like to donate, read on.

            From owner-svn-doc-all@FreeBSD.ORG Wed Jun 18 13:41:06 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F08C2439; Wed, 18 Jun 2014 13:41:06 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D98252428; Wed, 18 Jun 2014 13:41:06 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5IDf692065359; Wed, 18 Jun 2014 13:41:06 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5IDf4ZC065339; Wed, 18 Jun 2014 13:41:04 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406181341.s5IDf4ZC065339@svn.freebsd.org> From: Glen Barber Date: Wed, 18 Jun 2014 13:41:04 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45075 - in head: en_US.ISO8859-1/articles/building-products en_US.ISO8859-1/articles/contributing en_US.ISO8859-1/articles/problem-reports en_US.ISO8859-1/articles/releng en_US.ISO8859... X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jun 2014 13:41:07 -0000 Author: gjb Date: Wed Jun 18 13:41:03 2014 New Revision: 45075 URL: http://svnweb.freebsd.org/changeset/doc/45075 Log: Replace query-pr.cgi and send-pr.html with their Bugzilla equivalents. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/articles/building-products/article.xml head/en_US.ISO8859-1/articles/contributing/article.xml head/en_US.ISO8859-1/articles/problem-reports/article.xml head/en_US.ISO8859-1/articles/releng/article.xml head/en_US.ISO8859-1/books/faq/book.xml head/en_US.ISO8859-1/books/fdp-primer/working-copy/chapter.xml head/en_US.ISO8859-1/books/handbook/eresources/chapter.xml head/en_US.ISO8859-1/htdocs/commercial/commercial.xml head/en_US.ISO8859-1/htdocs/docproj/submitting.xml head/en_US.ISO8859-1/htdocs/search/sitemap.xml head/share/xml/header.ent head/share/xml/libcommon.xsl head/share/xml/navibar.ent head/share/xml/templates.entries.xsl Modified: head/en_US.ISO8859-1/articles/building-products/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/building-products/article.xml Wed Jun 18 00:42:59 2014 (r45074) +++ head/en_US.ISO8859-1/articles/building-products/article.xml Wed Jun 18 13:41:03 2014 (r45075) @@ -693,7 +693,7 @@ bde 2005-10-29 16:34:50 UTC Report bugs upstream If you notice bug in the FreeBSD code that you are - using, file a bug + using, file a bug report. This step helps ensure that you do not have to fix the bug the next time you take a code drop from upstream. Modified: head/en_US.ISO8859-1/articles/contributing/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributing/article.xml Wed Jun 18 00:42:59 2014 (r45074) +++ head/en_US.ISO8859-1/articles/contributing/article.xml Wed Jun 18 13:41:03 2014 (r45075) @@ -252,7 +252,7 @@ If you find a bug or are submitting a specific change, please report it using the &man.send-pr.1; program or its - WEB-based + WEB-based equivalent. Try to fill-in each field of the bug report. Unless they exceed 65KB, include any patches directly in the report. If the patch is suitable to be applied to the Modified: head/en_US.ISO8859-1/articles/problem-reports/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/problem-reports/article.xml Wed Jun 18 00:42:59 2014 (r45074) +++ head/en_US.ISO8859-1/articles/problem-reports/article.xml Wed Jun 18 13:41:03 2014 (r45075) @@ -258,8 +258,8 @@ Next, the searchable &os; - PR database (GNATS). Unless the problem is recent + xlink:href="https://bugs.freebsd.org/bugzilla/query.cgi">&os; + PR database (Bugzilla). Unless the problem is recent or obscure, there is a fair chance it has already been reported. @@ -498,7 +498,7 @@ a similar PR. Although this has already been mentioned above, it bears repeating here. It only take a minute or two to use the web-based search engine at http://www.FreeBSD.org/cgi/query-pr-summary.cgi?query. + xlink:href="https://bugs.freebsd.org/bugzilla/query.cgi">https://bugs.freebsd.org/bugzilla/query.cgi. (Of course, everyone is guilty of forgetting to do this now and then.) @@ -562,7 +562,7 @@ display of the PR will be readable. Similar considerations apply to use of the - web-based + web-based PR submission form. Note that cut-and-paste operations can have their own side-effects on text formatting. In certain cases it may be necessary to use &man.uuencode.1; to @@ -571,7 +571,7 @@ Finally, if the submission is lengthy, prepare the work offline so that nothing will be lost if there is a problem submitting it. This can especially be a problem with the - web + web form. @@ -723,7 +723,7 @@ The next section describes fields that are common to both the email interface and the - web + web interface: @@ -1161,7 +1161,7 @@ strip comments and send it off. If you are using the web form: + xlink:href="https://bugs.freebsd.org/bugzilla/enter_bug.cgi">web form: Before you hit submit, you will need to fill in a field containing text that is represented in image @@ -1207,7 +1207,7 @@ The easiest way is to use the followup link on the individual PR's web page, which you can reach from the PR + xlink:href="https://bugs.freebsd.org/bugzilla/query.cgi">PR search page. Clicking on this link will bring up an email window with the correct To: and Subject: lines filled in (if your browser is configured to do this). @@ -1329,7 +1329,7 @@ have happened is that the database index has gotten out of synchronization with the database itself. The way that you can test whether this has happened is to pull up the - view + view a single PR page and see whether the PR shows up. If it does, please notify the GNATS administrators at bugmeister@FreeBSD.org. Note that there is a Modified: head/en_US.ISO8859-1/articles/releng/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/releng/article.xml Wed Jun 18 00:42:59 2014 (r45074) +++ head/en_US.ISO8859-1/articles/releng/article.xml Wed Jun 18 13:41:03 2014 (r45075) @@ -165,7 +165,7 @@ through email, the &man.send-pr.1; application, or via the web - interface provided at http://www.FreeBSD.org/send-pr.html. + interface provided at https://bugs.freebsd.org/bugzilla/enter_bug.cgi. To service our most conservative users, individual release branches were introduced with &os; 4.3. Modified: head/en_US.ISO8859-1/books/faq/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/faq/book.xml Wed Jun 18 00:42:59 2014 (r45074) +++ head/en_US.ISO8859-1/books/faq/book.xml Wed Jun 18 13:41:03 2014 (r45075) @@ -593,13 +593,13 @@ The Problem Report database of all user change requests may be queried by using our web-based PR query + xlink:href="https://bugs.freebsd.org/bugzilla/query.cgi">query interface. The &man.send-pr.1; command can be used to submit problem reports and change requests via electronic mail. Alternatively, the web-based + xlink:href="https://bugs.freebsd.org/bugzilla/enter_bug.cgi">web-based problem report submission interface can be used to submit problem reports through a web browser. Modified: head/en_US.ISO8859-1/books/fdp-primer/working-copy/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/working-copy/chapter.xml Wed Jun 18 00:42:59 2014 (r45074) +++ head/en_US.ISO8859-1/books/fdp-primer/working-copy/chapter.xml Wed Jun 18 13:41:03 2014 (r45075) @@ -160,7 +160,7 @@ documentation tree. If the diff file is to be submitted with the web - Submit a &os; + Submit a &os; problem report interface, add a .txt extension to give the earnest and simple-minded web form a clue that the contents are plain Modified: head/en_US.ISO8859-1/books/handbook/eresources/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/eresources/chapter.xml Wed Jun 18 00:42:59 2014 (r45074) +++ head/en_US.ISO8859-1/books/handbook/eresources/chapter.xml Wed Jun 18 13:41:03 2014 (r45075) @@ -1069,7 +1069,7 @@ This is the mailing list for reporting bugs in &os;. Whenever possible, bugs should be submitted using the &man.send-pr.1; command or the - WEB + WEB interface to it. Modified: head/en_US.ISO8859-1/htdocs/commercial/commercial.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/commercial/commercial.xml Wed Jun 18 00:42:59 2014 (r45074) +++ head/en_US.ISO8859-1/htdocs/commercial/commercial.xml Wed Jun 18 13:41:03 2014 (r45075) @@ -46,7 +46,7 @@ to the internet, these companies may off

            If your company supports a FreeBSD related product, service, consulting, or support that should be added to this page, please - fill out a problem report + fill out a problem report for category www. Submissions should contain a medium-sized paragraph in length, describing your company. Please note that the inclusion of vendors in our list does Modified: head/en_US.ISO8859-1/htdocs/docproj/submitting.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/docproj/submitting.xml Wed Jun 18 00:42:59 2014 (r45074) +++ head/en_US.ISO8859-1/htdocs/docproj/submitting.xml Wed Jun 18 13:41:03 2014 (r45075) @@ -65,7 +65,7 @@

            You should then let the Documentation Project know about it. The correct way to do this is to use a command called send-pr, which should be installed on your machine. - The WWW problem report form may also be used.

            + The WWW problem report form may also be used.

            You do this so that your submission can be tracked. When you submit a PR (Problem Report) it is assigned a unique number. One of the committers Modified: head/en_US.ISO8859-1/htdocs/search/sitemap.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/search/sitemap.xml Wed Jun 18 00:42:59 2014 (r45074) +++ head/en_US.ISO8859-1/htdocs/search/sitemap.xml Wed Jun 18 13:41:03 2014 (r45075) @@ -1201,12 +1201,12 @@ Submit a FreeBSD problem report - &base;/send-pr.html + https://bugs.freebsd.org/bugzilla/enter_bug.cgi Bug report, submit - &base;/send-pr.html + https://bugs.freebsd.org/bugzilla/enter_bug.cgi Modified: head/share/xml/header.ent ============================================================================== --- head/share/xml/header.ent Wed Jun 18 00:42:59 2014 (r45074) +++ head/share/xml/header.ent Wed Jun 18 13:41:03 2014 (r45075) @@ -125,8 +125,8 @@

            Modified: head/share/xml/libcommon.xsl ============================================================================== --- head/share/xml/libcommon.xsl Wed Jun 18 00:42:59 2014 (r45074) +++ head/share/xml/libcommon.xsl Wed Jun 18 13:41:03 2014 (r45075) @@ -243,7 +243,7 @@

            FreeBSD's widespread popularity has spawned a number of user groups around the world.

            If you know of a FreeBSD user group not listed here, - please fill out a + please fill out a problem report for category www with the following information:

            1. A URL for the user group's website.
              2. Modified: head/share/xml/navibar.ent ============================================================================== --- head/share/xml/navibar.ent Wed Jun 18 00:42:59 2014 (r45074) +++ head/share/xml/navibar.ent Wed Jun 18 13:41:03 2014 (r45075) @@ -180,7 +180,7 @@
            2. Bug Reports
            3. Web Resources
              4. Modified: head/share/xml/templates.entries.xsl ============================================================================== --- head/share/xml/templates.entries.xsl Wed Jun 18 00:42:59 2014 (r45074) +++ head/share/xml/templates.entries.xsl Wed Jun 18 13:41:03 2014 (r45075) @@ -40,7 +40,7 @@ commercial listing into several sections. If your company supports a FreeBSD-compatible product or service that should be added to this page, please fill out a - problem report for + problem report for category www. Submissions should be in HTML and a medium-sized paragraph in length.

              From owner-svn-doc-all@FreeBSD.ORG Wed Jun 18 14:29:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0357D1B6; Wed, 18 Jun 2014 14:29:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E48CF2A37; Wed, 18 Jun 2014 14:29:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5IETs7m085127; Wed, 18 Jun 2014 14:29:54 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5IETsLJ085126; Wed, 18 Jun 2014 14:29:54 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201406181429.s5IETsLJ085126@svn.freebsd.org> From: Ryusuke SUZUKI Date: Wed, 18 Jun 2014 14:29:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45076 - head/ja_JP.eucJP/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jun 2014 14:29:55 -0000 Author: ryusuke Date: Wed Jun 18 14:29:54 2014 New Revision: 45076 URL: http://svnweb.freebsd.org/changeset/doc/45076 Log: - Merge the following from the English version: r45061 -> r45073 head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml ============================================================================== --- head/ja_JP.eucJP/share/xml/news.xml Wed Jun 18 13:41:03 2014 (r45075) +++ head/ja_JP.eucJP/share/xml/news.xml Wed Jun 18 14:29:54 2014 (r45076) @@ -23,7 +23,7 @@ would like to work on. *** $FreeBSD$ - Original revision: r45061 + Original revision: r45073 --> @@ -37,6 +37,16 @@ 6 + 17 + + +

              新コミッタ就任: + Bartek Rutkowski + (ports)

              +               +               + + 14 From owner-svn-doc-all@FreeBSD.ORG Wed Jun 18 14:41:17 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 527D3751; Wed, 18 Jun 2014 14:41:17 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3EA352BB9; Wed, 18 Jun 2014 14:41:17 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5IEfHoO091938; Wed, 18 Jun 2014 14:41:17 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5IEfGjk091935; Wed, 18 Jun 2014 14:41:16 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201406181441.s5IEfGjk091935@svn.freebsd.org> From: Ryusuke SUZUKI Date: Wed, 18 Jun 2014 14:41:16 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45077 - head/ja_JP.eucJP/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jun 2014 14:41:17 -0000 Author: ryusuke Date: Wed Jun 18 14:41:16 2014 New Revision: 45077 URL: http://svnweb.freebsd.org/changeset/doc/45077 Log: - Merge the following from the English version: r43406 -> r45075 head/ja_JP.eucJP/share/xml/header.l10n.ent r43972 -> r45075 head/ja_JP.eucJP/share/xml/libcommon.xsl r43583 -> r45075 head/ja_JP.eucJP/share/xml/navibar.l10n.ent Modified: head/ja_JP.eucJP/share/xml/header.l10n.ent head/ja_JP.eucJP/share/xml/libcommon.xsl head/ja_JP.eucJP/share/xml/navibar.l10n.ent Modified: head/ja_JP.eucJP/share/xml/header.l10n.ent ============================================================================== --- head/ja_JP.eucJP/share/xml/header.l10n.ent Wed Jun 18 14:29:54 2014 (r45076) +++ head/ja_JP.eucJP/share/xml/header.l10n.ent Wed Jun 18 14:41:16 2014 (r45077) @@ -5,7 +5,7 @@ - + サイトマップ | 知的財産権について | (C) 1995–2014 The FreeBSD Project. @@ -89,8 +89,8 @@ Modified: head/ja_JP.eucJP/share/xml/libcommon.xsl ============================================================================== --- head/ja_JP.eucJP/share/xml/libcommon.xsl Wed Jun 18 14:29:54 2014 (r45076) +++ head/ja_JP.eucJP/share/xml/libcommon.xsl Wed Jun 18 14:41:16 2014 (r45077) @@ -3,7 +3,7 @@ "http://www.FreeBSD.org/XML/share/xml/xslt10-freebsd.dtd"> - +

              FreeBSD は広く使われており、世界中にたくさんのユーザグループがあります。

              このリストに載っていないユーザグループをご存知でしたら、 - ぜひ、障害報告 の www カテゴリを使って以下の情報をお知らせください。

              + ぜひ、障害報告 + の www カテゴリを使って以下の情報をお知らせください。

              1. ユーザグループのウェブサイトの URL
              2. 訪問者とウェブサイトの管理のために、担当者の連絡先のメールアドレス
                3. Modified: head/ja_JP.eucJP/share/xml/navibar.l10n.ent ============================================================================== --- head/ja_JP.eucJP/share/xml/navibar.l10n.ent Wed Jun 18 14:29:54 2014 (r45076) +++ head/ja_JP.eucJP/share/xml/navibar.l10n.ent Wed Jun 18 14:41:16 2014 (r45077) @@ -1,7 +1,7 @@ - + @@ -161,7 +161,7 @@
              3. バグ報告
              4. ウェブ上の情報
                5. From owner-svn-doc-all@FreeBSD.ORG Wed Jun 18 19:50:53 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 210F137F; Wed, 18 Jun 2014 19:50:53 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0F5EA29C3; Wed, 18 Jun 2014 19:50:53 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5IJoqNC031390; Wed, 18 Jun 2014 19:50:52 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5IJoqp7031389; Wed, 18 Jun 2014 19:50:52 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406181950.s5IJoqp7031389@svn.freebsd.org> From: Warren Block Date: Wed, 18 Jun 2014 19:50:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45078 - head/en_US.ISO8859-1/htdocs/cgi X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jun 2014 19:50:53 -0000 Author: wblock Date: Wed Jun 18 19:50:52 2014 New Revision: 45078 URL: http://svnweb.freebsd.org/changeset/doc/45078 Log: Be more specific about which PR is current and which is historical. Modified: head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi Modified: head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi ============================================================================== --- head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi Wed Jun 18 14:41:16 2014 (r45077) +++ head/en_US.ISO8859-1/htdocs/cgi/query-pr.cgi Wed Jun 18 19:50:52 2014 (r45078) @@ -258,10 +258,10 @@ sub PrintPR # Page title print html_header( - "FreeBSD has migrated to Bugzilla. You should examine the FieldSingle('Number') . "'/>Bugzilla version of this PR." ); - print ("

                This historical version is likely out of date and is for debugging purposes only!

                \n"); + print ("

                The historical version shown below is likely out of date and is for debugging purposes only!

                \n"); print ("

                " . $q->escapeHTML( From owner-svn-doc-all@FreeBSD.ORG Thu Jun 19 16:37:06 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CFAAA433; Thu, 19 Jun 2014 16:37:06 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BD0642275; Thu, 19 Jun 2014 16:37:06 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5JGb6lD024793; Thu, 19 Jun 2014 16:37:06 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5JGb6Mj024791; Thu, 19 Jun 2014 16:37:06 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201406191637.s5JGb6Mj024791@svn.freebsd.org> From: Ryusuke SUZUKI Date: Thu, 19 Jun 2014 16:37:06 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45079 - head/ja_JP.eucJP/books/handbook/basics X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Thu, 19 Jun 2014 16:48:39 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2014 16:37:06 -0000 Author: ryusuke Date: Thu Jun 19 16:37:06 2014 New Revision: 45079 URL: http://svnweb.freebsd.org/changeset/doc/45079 Log: - Merge the following from the English version: r27406 -> r29930 head/ja_JP.eucJP/books/handbook/basics/chapter.xml Submitted by: Yuta MASUMOTO Modified: head/ja_JP.eucJP/books/handbook/basics/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/basics/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/basics/chapter.xml Wed Jun 18 19:50:52 2014 (r45078) +++ head/ja_JP.eucJP/books/handbook/basics/chapter.xml Thu Jun 19 16:37:06 2014 (r45079) @@ -3,8 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r25848 - Original revision: r27406 + Original revision: r29930 $FreeBSD$ --> @@ -787,11 +786,6 @@ total 530 - /stand/ - スタンドアロン環境で使われるプログラム - - - /tmp/ 一時的なファイル。 通常、/tmp @@ -802,9 +796,7 @@ total 530 これは &man.rc.conf.5; の tmpmfs 関係の変数を使うか、 /etc/fstab に設定項目を記入することで自動化できます。 - 詳しくは &man.mdmfs.8; - (FreeBSD 4.X 系列であれば &man.mfs.8;) - を参照して下さい。 + 詳しくは &man.mdmfs.8; を参照して下さい。 @@ -897,9 +889,7 @@ total 530 これは &man.rc.conf.5; の varmfs 関係の変数を使うか、 /etc/fstab に設定項目を記入することで自動化できます。 - 詳しくは &man.mdmfs.8; - (FreeBSD 4.X 系列であれば &man.mfs.8;) - を参照して下さい。 + 詳しくは &man.mdmfs.8; を参照して下さい。 @@ -1197,7 +1187,7 @@ total 530 バックアップしたデータをリストアする作業が必要となるでしょう。 - FreeBSD 4.4 以降のバージョンには、 + FreeBSD には、 &man.growfs.8; コマンドがあります。 このコマンドは、この制限を取り除いて、 ファイルシステムのファイルを直ちに増加させることを可能にします。 @@ -1273,12 +1263,7 @@ total 530 d パーティションは、 それに関連づけられた特別な意味を持っていましたが、 - 今はありません。 - 現在では、いくつかのツールが d - パーティション上で動作するように命じれば、 - 奇妙に動くかもしれません。 - したがって、sysinstall は通常 - d パーティションを作成しないでしょう。 + 今は無いので、普通のパーティションとして動作するでしょう。

            @@ -2390,22 +2375,7 @@ Swap: 256M Total, 38M Used, 217M Free, 1 デバイスノードを作成する新しいデバイスをシステムにつけ足したり、 追加デバイスのサポートをコンパイルして加えたりするときは、 - デバイスノードを追加で作成しなければならない場合があります。 - - - MAKEDEV スクリプト - DEVFS がないシステム (5.0 - より前のすべてのバージョンの FreeBSD にあてはまります) では、 - 以下に示すように &man.MAKEDEV.8; - スクリプトを使ってデバイスノードを作成します。 - - &prompt.root; cd /dev -&prompt.root; sh MAKEDEV ad1 - - - この例では、取りつけられたとき2番目に当たる IDE - ドライブにとって適切なデバイスノードを作ります。 - + デバイスノードを作成しなければなりません。 <literal>DEVFS</literal> (デバイスファイルシステム: Device File System) @@ -2417,8 +2387,6 @@ Swap: 256M Total, 38M Used, 217M Free, 1 詳しくは &man.devfs.5; マニュアルページをご覧ください。 - FreeBSD 5.0 以降では - DEVFS がデフォルトで使われています。 From owner-svn-doc-all@FreeBSD.ORG Thu Jun 19 17:14:08 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 507E0D66; Thu, 19 Jun 2014 17:14:08 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 256292618; Thu, 19 Jun 2014 17:14:08 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5JHE8TE043092; Thu, 19 Jun 2014 17:14:08 GMT (envelope-from jkois@svn.freebsd.org) Received: (from jkois@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5JHE8qB043091; Thu, 19 Jun 2014 17:14:08 GMT (envelope-from jkois@svn.freebsd.org) Message-Id: <201406191714.s5JHE8qB043091@svn.freebsd.org> From: Johann Kois Date: Thu, 19 Jun 2014 17:14:07 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45080 - head/de_DE.ISO8859-1/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2014 17:14:08 -0000 Author: jkois Date: Thu Jun 19 17:14:07 2014 New Revision: 45080 URL: http://svnweb.freebsd.org/changeset/doc/45080 Log: r44979 -> r45073 MFde: Resync the project news Obtained from: The FreeBSD German Documentation Project Modified: head/de_DE.ISO8859-1/share/xml/news.xml Modified: head/de_DE.ISO8859-1/share/xml/news.xml ============================================================================== --- head/de_DE.ISO8859-1/share/xml/news.xml Thu Jun 19 16:37:06 2014 (r45079) +++ head/de_DE.ISO8859-1/share/xml/news.xml Thu Jun 19 17:14:07 2014 (r45080) @@ -4,7 +4,7 @@ - + @@ -53,7 +53,7 @@

            あなたの会社が FreeBSD 関連製品、サービス、 コンサルティングやサポートを提供していたら、障害報告 + href="https://bugs.freebsd.org/bugzilla/enter_bug.cgi">障害報告 の www カテゴリから必要事項を (訳注: 英語で) 記入して、わたしたちに知らせてください。 あなたの会社について中程度の長さの説明文を送っていただくのが望ましいです。 このリストにベンダの名前が載っているからといって、FreeBSD Modified: head/ja_JP.eucJP/htdocs/docproj/submitting.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/docproj/submitting.xml Fri Jun 20 01:08:41 2014 (r45082) +++ head/ja_JP.eucJP/htdocs/docproj/submitting.xml Fri Jun 20 15:20:06 2014 (r45083) @@ -5,7 +5,7 @@ ]> - + @@ -73,7 +73,7 @@ そのことをドキュメンテーションプロジェクトに知らせる必要があります。 御使用のマシンにもインストールされているはずの send-pr というコマンドを使うのが正しい方法です。 - WWW 問題報告フォームを使用してもかまいません。

            + WWW 問題報告フォームを使用してもかまいません。

            このコマンドを使うのは、 あなたが寄稿したことを後から確認することができるからです。 Modified: head/ja_JP.eucJP/htdocs/search/sitemap.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/search/sitemap.xml Fri Jun 20 01:08:41 2014 (r45082) +++ head/ja_JP.eucJP/htdocs/search/sitemap.xml Fri Jun 20 15:20:06 2014 (r45083) @@ -3,7 +3,7 @@ "http://www.FreeBSD.org/XML/share/xml/sitemap.dtd"> - + @@ -1203,12 +1203,12 @@ Submit a FreeBSD problem report - &base;/send-pr.html + https://bugs.freebsd.org/bugzilla/enter_bug.cgi Bug report, submit - &base;/send-pr.html + https://bugs.freebsd.org/bugzilla/enter_bug.cgi From owner-svn-doc-all@FreeBSD.ORG Fri Jun 20 16:34:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 52D7A84D for ; Fri, 20 Jun 2014 16:34:23 +0000 (UTC) Received: from mail-qc0-x22c.google.com (mail-qc0-x22c.google.com [IPv6:2607:f8b0:400d:c01::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 0A93622B2 for ; Fri, 20 Jun 2014 16:34:22 +0000 (UTC) Received: by mail-qc0-f172.google.com with SMTP id o8so3776634qcw.3 for ; Fri, 20 Jun 2014 09:34:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=eitanadler.com; s=0xdeadbeef; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-type; bh=kxw/toBLJ+Mq+Z5wASet1AV3yT/AQaWMnLwASM1YdzY=; b=nDI//LaL6KMqVaRZgoWx/6Z7qpaE+CA62532nmrNSXY0A52sgNQRFUvcq9vkJEh8cw MI+8yOhUFh8n2R+9z3+4t+p18VBMXd4lYeUB70fWxOedqWHG+bDHk2KEbbnYQCCHsThh afewGV7Jyg5Ar43lOhRbnVzwK2tM48RPKSi1A= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc:content-type; bh=kxw/toBLJ+Mq+Z5wASet1AV3yT/AQaWMnLwASM1YdzY=; b=NM1nptt5jREPHHPCXqI175CBy6kKcpPeW5hShKWQR1TBJZqzknk6s3HvxIMyNqYXrh PbcWmyLyLJouvJro7lzufs97J+WK5lDpqVHBGWl4m3CiKDE0ExYfvwsRtdoSAz58v49V vyd7+KQqOf5DJmfv81zJfRplqZnwRLbrupkvXsOVci5Scl1MjwgptPbzVaLwPeD70d3H 1Fk1akalx1I+XdSMyeS6+Jr91UGhDaaU8QMbFGMAfr6BYZbG4YvRlSrEFlFtwFFFCtXe M+r8q3wArbOHTRFDEy/3uE1oRtGiCAITuliZGJCRbjLm9ojjSwY54pHELg09HVxD7rNY fZuw== X-Gm-Message-State: ALoCoQmgpEcizSrK42W8MfxYy0Dag/hKykc0yMaXlBPb0KxYnyEYIVKiLuDoGnJCZLSMsgsWcHaZ X-Received: by 10.140.37.75 with SMTP id q69mr6422567qgq.60.1403282062079; Fri, 20 Jun 2014 09:34:22 -0700 (PDT) MIME-Version: 1.0 Sender: lists@eitanadler.com Received: by 10.96.222.131 with HTTP; Fri, 20 Jun 2014 09:33:51 -0700 (PDT) In-Reply-To: References: <201406181341.s5IDf4ZC065339@svn.freebsd.org> From: Eitan Adler Date: Fri, 20 Jun 2014 09:33:51 -0700 X-Google-Sender-Auth: yiCMOI_si4rfA17Ehx3tMclB1jM Message-ID: Subject: Re: svn commit: r45075 - in head: en_US.ISO8859-1/articles/building-products en_US.ISO8859-1/articles/contributing en_US.ISO8859-1/articles/problem-reports en_US.ISO8859-1/articles/releng en_US.ISO8859... To: Gavin Atkinson Content-Type: text/plain; charset=UTF-8 Cc: svn-doc-head@freebsd.org, Glen Barber , svn-doc-all@freebsd.org, doc-committers@freebsd.org X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2014 16:34:23 -0000 On 20 June 2014 04:43, Gavin Atkinson wrote: > All links to "report a bug" should likely point to /support.html and not > to Bugzilla directly, in order to give a much more friendly end-user > experience. There are plans to fix the user experience of going to bugzilla directly. Requiring an indirect link to support.html should be treated as a tempoary measure only. > Ones that do need to point directly into the bug tracker > should point at the generic https://bugs.freebsd.org/submit/ link rather > than the Bugzilla cgi. +1. It would save us the need to go through this process again. -- Eitan Adler Source, Ports, Doc committer Bugmeister, Ports Security teams From owner-svn-doc-all@FreeBSD.ORG Fri Jun 20 20:04:14 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B8545142; Fri, 20 Jun 2014 20:04:14 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A22C825E4; Fri, 20 Jun 2014 20:04:14 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5KK4E5a001146; Fri, 20 Jun 2014 20:04:14 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5KK4EUr001145; Fri, 20 Jun 2014 20:04:14 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406202004.s5KK4EUr001145@svn.freebsd.org> From: Glen Barber Date: Fri, 20 Jun 2014 20:04:14 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45084 - head/en_US.ISO8859-1/htdocs/releases/9.2R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2014 20:04:14 -0000 Author: gjb Date: Fri Jun 20 20:04:14 2014 New Revision: 45084 URL: http://svnweb.freebsd.org/changeset/doc/45084 Log: Regen from r267686. Note: Replacement of 9.3-RELEASE with 9.2-RELEASE was manually done. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/9.2R/errata.html (contents, props changed) Modified: head/en_US.ISO8859-1/htdocs/releases/9.2R/errata.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.2R/errata.html Fri Jun 20 15:20:06 2014 (r45083) +++ head/en_US.ISO8859-1/htdocs/releases/9.2R/errata.html Fri Jun 20 20:04:14 2014 (r45084) @@ -1,144 +1,54 @@ - - - - -FreeBSD 9.2-RELEASE Errata - - - - - -

            -
            -

            FreeBSD 9.2-RELEASE Errata

            - -

            The FreeBSD Project

            - -

            Copyright © 2012 The FreeBSD Documentation Project

            - -

            $FreeBSD$
            -

            - -
            -

            FreeBSD is a registered trademark of the FreeBSD Foundation.

            - -

            Intel, Celeron, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or -registered trademarks of Intel Corporation or its subsidiaries in the United States and -other countries.

            - -

            SPARC, SPARC64, SPARCengine, and UltraSPARC are trademarks of SPARC International, Inc -in the United States and other countries. SPARC International, Inc owns all of the SPARC -trademarks and under licensing agreements allows the proper use of these trademarks by -its members.

            - -

            Many of the designations used by manufacturers and sellers to distinguish their -products are claimed as trademarks. Where those designations appear in this document, and -the FreeBSD Project was aware of the trademark claim, the designations have been followed -by the “™” or the “” symbol.

            -
            - -
            -
            - -
            -
            -

            This document lists errata items for FreeBSD 9.2-RELEASE, containing significant -information discovered after the release or too late in the release cycle to be otherwise -included in the release documentation. This information includes security advisories, as -well as news relating to the software or documentation that could affect its operation or -usability. An up-to-date version of this document should always be consulted before -installing this version of FreeBSD.

            - -

            This errata document for FreeBSD 9.2-RELEASE will be maintained until the release of -FreeBSD 9.3-RELEASE.

            -
            -
            - -
            -
            -

            1 Introduction

            - -

            This errata document contains “late-breaking news” about FreeBSD -9.2-RELEASE. Before installing this version, it is important to consult this document to -learn about any post-release discoveries or problems that may already have been found and -fixed.

            - -

            Any version of this errata document actually distributed with the release (for -example, on a CDROM distribution) will be out of date by definition, but other copies are -kept updated on the Internet and should be consulted as the “current errata” -for this release. These other copies of the errata are located at http://www.FreeBSD.org/releases/, plus any sites which keep up-to-date -mirrors of this location.

            - -

            Source and binary snapshots of FreeBSD 9.2-STABLE also contain up-to-date copies of -this document (as of the time of the snapshot).

            - -

            For a list of all FreeBSD CERT security advisories, see http://www.FreeBSD.org/security/ or ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/.

            -
            - -
            -
            -

            2 Security Advisories

            - -

            Problems described in the following security advisories have been fixed in -9.2-RELEASE. For more information, consult the individual advisories available from http://security.FreeBSD.org/.

            - -
            -
            stable/9OpencommittersFrozen&contact.re; Development branch for FreeBSD 9-STABLE.
            BETA1 builds begin 30 May 2014-30 May 2014 First beta test snapshot.
            BETA3 builds begin13 June 201413 June 2014Third beta test snapshot.
            &local.branch.releng; branch 20 June 2014 -
            ---- - - - - - - - - - - - - - - - -
            AdvisoryDateTopic
            No entries to display.  
            - - - -
            -
            -

            3 Late-Breaking News

            - -

            No entries to display.

            - -
            - - -
            -

            This file, and other release-related documents, can be -downloaded from http://www.FreeBSD.org/releases/.

            - -

            For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.

            - -

            All users of FreeBSD 9.2-STABLE should subscribe to the <stable@FreeBSD.org> mailing list.

            - -

            For questions about this documentation, e-mail <doc@FreeBSD.org>.

            - - - + +FreeBSD 9.2-RELEASE Errata

            FreeBSD 9.2-RELEASE Errata

            + The FreeBSD Project +

            Copyright 2014 The FreeBSD Documentation Project

            FreeBSD is a registered trademark of + the FreeBSD Foundation.

            Intel, Celeron, EtherExpress, i386, + i486, Itanium, Pentium, and Xeon are trademarks or registered + trademarks of Intel Corporation or its subsidiaries in the United + States and other countries.

            SPARC, SPARC64, and + UltraSPARC are trademarks of SPARC International, Inc in the United + States and other countries. SPARC International, Inc owns all of the + SPARC trademarks and under licensing agreements allows the proper use + of these trademarks by its members.

            Many of the designations used by + manufacturers and sellers to distinguish their products are claimed + as trademarks. Where those designations appear in this document, + and the FreeBSD Project was aware of the trademark claim, the + designations have been followed by the or the + symbol.

            Last modified on 2014-06-20 by gjb.
            Abstract

            This document lists errata items for FreeBSD 9.2-RELEASE, + containing significant information discovered after the release + or too late in the release cycle to be otherwise included in the + release documentation. + This information includes security advisories, as well as news + relating to the software or documentation that could affect its + operation or usability. An up-to-date version of this document + should always be consulted before installing this version of + FreeBSD.

            This errata document for FreeBSD 9.2-RELEASE + will be maintained until the release of FreeBSD 9.3-RELEASE.

            Table of Contents
            1. Introduction
            2. Security Advisories
            3. Late-Breaking News

            1.Introduction

            This errata document contains late-breaking news + about FreeBSD 9.2-RELEASE + Before installing this version, it is important to consult this + document to learn about any post-release discoveries or problems + that may already have been found and fixed.

            Any version of this errata document actually distributed + with the release (for example, on a CDROM distribution) will be + out of date by definition, but other copies are kept updated on + the Internet and should be consulted as the current + errata for this release. These other copies of the + errata are located at http://www.FreeBSD.org/releases/, plus any sites + which keep up-to-date mirrors of this location.

            Source and binary snapshots of FreeBSD 9.3-STABLE also + contain up-to-date copies of this document (as of the time of + the snapshot).

            For a list of all FreeBSD CERT security advisories, see http://www.FreeBSD.org/security/ or ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/.

            2.Security Advisories

            Problems described in the following security advisories have + been fixed in 9.2-RELEASE. For more information, consult + the individual advisories available from + http://security.FreeBSD.org/.

            AdvisoryDateTopic
            SA-14:01.bsnmpd1January2014

            Fix bsnmpd remote denial of service + vulnerability

            SA-14:02.ntpd1January2014

            Fix ntpd distributed reflection Denial of + Service vulnerability

            SA-14:03.ntpd1January2014

            Fix BIND remote denial of service + vulnerability

            SA-14:05.nfsserver8April2014

            Fix NFS deadlock vulnerability

            SA-14:06.openssl8April2014

            Fix ECDSA Cache Side-channel + Attack

            SA-14:08.tcp30April2014

            Fix TCP reassembly + vulnerability

            SA-14:11.sendmail3June2014

            Fix sendmail improper close-on-exec flag + handling

            SA-14:12.ktrace3June2014

            Fix ktrace memory disclosure

            SA-14:13.pam3June2014

            Fix incorrect error handling in PAM policy + parser

            SA-14:14.openssl5June2014

            Multiple vulnerabilities

            3.Late-Breaking News

            No late-breaking news.

            This file, and other release-related documents, + can be downloaded from http://www.FreeBSD.org/releases/.

            For questions about FreeBSD, read the + documentation before + contacting <questions@FreeBSD.org>.

            All users of FreeBSD 9.3-STABLE should + subscribe to the <current@FreeBSD.org> + mailing list.

            For questions about this documentation, + e-mail <doc@FreeBSD.org>.

            From owner-svn-doc-all@FreeBSD.ORG Fri Jun 20 20:18:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 511AF6C9; Fri, 20 Jun 2014 20:18:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3803D270F; Fri, 20 Jun 2014 20:18:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5KKIAcA007003; Fri, 20 Jun 2014 20:18:10 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5KKIAKW007002; Fri, 20 Jun 2014 20:18:10 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406202018.s5KKIAKW007002@svn.freebsd.org> From: Glen Barber Date: Fri, 20 Jun 2014 20:18:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45085 - head/en_US.ISO8859-1/htdocs/releases/10.0R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2014 20:18:10 -0000 Author: gjb Date: Fri Jun 20 20:18:09 2014 New Revision: 45085 URL: http://svnweb.freebsd.org/changeset/doc/45085 Log: Regen after r267687 Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html Modified: head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html Fri Jun 20 20:04:14 2014 (r45084) +++ head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html Fri Jun 20 20:18:09 2014 (r45085) @@ -1,5 +1,5 @@ -FreeBSD 10.0-RELEASE Errata

            FreeBSD 10.0-RELEASE Errata

            The FreeBSD Project

            Copyright 2014 The FreeBSD Documentation Project

            FreeBSD is a registered trademark of +FreeBSD 10.0-RELEASE Errata

            FreeBSD 10.0-RELEASE Errata

            The FreeBSD Project

            Copyright 2014 The FreeBSD Documentation Project

            FreeBSD is a registered trademark of the FreeBSD Foundation.

            Intel, Celeron, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United @@ -12,7 +12,7 @@ as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the or the - symbol.

            Last modified on 2014-04-09 by gjb.
            Abstract

            This document lists errata items for FreeBSD 10.0-RELEASE, + symbol.

            Last modified on 2014-06-20 by gjb.
            Abstract

            This document lists errata items for FreeBSD 10.0-RELEASE, containing significant information discovered after the release or too late in the release cycle to be otherwise included in the release documentation. @@ -38,7 +38,13 @@ the snapshot).

            For a list of all FreeBSD CERT security advisories, see http://www.FreeBSD.org/security/ or ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/.

            2.Security Advisories

            AdvisoryDateTopic
            SA-13:14.openssh19November2013

            OpenSSH AES-GCM memory corruption - vulnerability

            SA-14:01.bsnmpd14January2014

            bsnmpd remote denial of service vulnerability

            SA-14:02.ntpd14January2014

            ntpd distributed reflection Denial of Service vulnerability

            SA-14:03.openssl14January2014

            OpenSSL multiple vulnerabilities

            SA-14:04.bind< /a>14January2014

            BIND remote denial of service vulnerability

            SA-14:05.nfsserver8April2014

            Deadlock in the NFS server

            SA-14:06.openssl8April2014

            OpenSSL multiple vulnerabilities

            3.Open Issues

            • FreeBSD/i386 10.0-RELEASE running as a guest + vulnerability

            SA-14:01.bsnmpd14January2014

            bsnmpd remote denial of service vulnerability

            SA-14:02.ntpd14January2014

            ntpd distributed reflection Denial of Service vulnerability

            SA-14:03.openssl14January2014

            OpenSSL multiple vulnerabilities

            SA-14:04.bind< /a>14January2014

            BIND remote denial of service vulnerability

            SA-14:05.nfsserver8April2014

            Deadlock in the NFS server

            SA-14:06.openssl8April2014

            OpenSSL multiple vulnerabilities

            SA-14:07.devfs30April2014

            Fix devfs rules not applied by default for + jails

            SA-14:08.tcp30April2014

            Fix TCP reassembly + vulnerability

            SA-14:09.openssl30April2014

            Fix OpenSSL use-after-free + vulnerability

            SA-14:10.openssl15May2014

            Fix OpenSSL NULL pointer deference + vulnerability

            SA-14:11.sendmail3June2014

            Fix sendmail improper close-on-exec flag + handling

            SA-14:13.pam3June2014

            Fix incorrect error handling in PAM policy + parser

            SA-14:14.openssl5June2014

            Multiple vulnerabilities

    3.Open Issues

    • FreeBSD/i386 10.0-RELEASE running as a guest operating system on VirtualBox can have a problem with disk I/O access. It depends on some specific hardware configuration and does not depend on a From owner-svn-doc-all@FreeBSD.ORG Fri Jun 20 21:41:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9952ED1C; Fri, 20 Jun 2014 21:41:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7DFAD2DEF; Fri, 20 Jun 2014 21:41:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5KLfNVG047370; Fri, 20 Jun 2014 21:41:23 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5KLfMDu047365; Fri, 20 Jun 2014 21:41:22 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406202141.s5KLfMDu047365@svn.freebsd.org> From: Glen Barber Date: Fri, 20 Jun 2014 21:41:22 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45086 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Fri, 20 Jun 2014 21:45:59 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2014 21:41:23 -0000 Author: gjb Date: Fri Jun 20 21:41:22 2014 New Revision: 45086 URL: http://svnweb.freebsd.org/changeset/doc/45086 Log: Add the errata, hardware, installation, readme, and relnotes pages for 9.3R. These are not yet linked to the build, but soon the installation and relnotes pages will be so they can be used in the 9.3-RC1 email. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Added: head/en_US.ISO8859-1/htdocs/releases/9.3R/errata.html (contents, props changed) head/en_US.ISO8859-1/htdocs/releases/9.3R/hardware.html (contents, props changed) head/en_US.ISO8859-1/htdocs/releases/9.3R/installation.html (contents, props changed) head/en_US.ISO8859-1/htdocs/releases/9.3R/readme.html (contents, props changed) head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html (contents, props changed) Added: head/en_US.ISO8859-1/htdocs/releases/9.3R/errata.html ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/errata.html Fri Jun 20 21:41:22 2014 (r45086) @@ -0,0 +1,47 @@ + +FreeBSD 9.3-RELEASE Errata

      FreeBSD 9.3-RELEASE Errata

      + The FreeBSD Project +

      Copyright 2014 The FreeBSD Documentation Project

      FreeBSD is a registered trademark of + the FreeBSD Foundation.

      Intel, Celeron, EtherExpress, i386, + i486, Itanium, Pentium, and Xeon are trademarks or registered + trademarks of Intel Corporation or its subsidiaries in the United + States and other countries.

      SPARC, SPARC64, and + UltraSPARC are trademarks of SPARC International, Inc in the United + States and other countries. SPARC International, Inc owns all of the + SPARC trademarks and under licensing agreements allows the proper use + of these trademarks by its members.

      Many of the designations used by + manufacturers and sellers to distinguish their products are claimed + as trademarks. Where those designations appear in this document, + and the FreeBSD Project was aware of the trademark claim, the + designations have been followed by the or the + symbol.

      Last modified on 2014-06-17 by gjb.
      Abstract

      This document lists errata items for FreeBSD 9.3-RELEASE, + containing significant information discovered after the release + or too late in the release cycle to be otherwise included in the + release documentation. + This information includes security advisories, as well as news + relating to the software or documentation that could affect its + operation or usability. An up-to-date version of this document + should always be consulted before installing this version of + FreeBSD.

      This errata document for FreeBSD 9.3-RELEASE + will be maintained until the release of FreeBSD 9.3-RELEASE.

      Table of Contents
      1. Introduction
      2. Security Advisories
      3. Late-Breaking News

      1.Introduction

      This errata document contains late-breaking news + about FreeBSD 9.3-RELEASE + Before installing this version, it is important to consult this + document to learn about any post-release discoveries or problems + that may already have been found and fixed.

      Any version of this errata document actually distributed + with the release (for example, on a CDROM distribution) will be + out of date by definition, but other copies are kept updated on + the Internet and should be consulted as the current + errata for this release. These other copies of the + errata are located at http://www.FreeBSD.org/releases/, plus any sites + which keep up-to-date mirrors of this location.

      Source and binary snapshots of FreeBSD 9.3-STABLE also + contain up-to-date copies of this document (as of the time of + the snapshot).

      For a list of all FreeBSD CERT security advisories, see http://www.FreeBSD.org/security/ or ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/.

      2.Security Advisories

      Problems described in the following security advisories have + been fixed in 9.3-RELEASE. For more information, consult + the individual advisories available from + http://security.FreeBSD.org/.

      AdvisoryDateTopic

      No security advisories.

      3.Late-Breaking News

      No late-breaking news.

      This file, and other rel ease-related documents, + can be downloaded from http://www.FreeBSD.org/releases/.

      For questions about FreeBSD, read the + documentation before + contacting <questions@FreeBSD.org>.

      All users of FreeBSD 9.3-STABLE should + subscribe to the <current@FreeBSD.org> + mailing list.

      For questions about this documentation, + e-mail <doc@FreeBSD.org>.

      \ No newline at end of file Added: head/en_US.ISO8859-1/htdocs/releases/9.3R/hardware.html ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/hardware.html Fri Jun 20 21:41:22 2014 (r45086) @@ -0,0 +1,349 @@ + +FreeBSD 9.3-RELEASE Hardware Notes

      FreeBSD 9.3-RELEASE Hardware Notes

      The FreeBSD Documentation Project

      Copyright 2000-2014 The FreeBSD Documentation Project

      FreeBSD is a registered trademark of + the FreeBSD Foundation.

      AMD, AMD Athlon, + AMD Opteron, Athlon, lan, Opteron, and PCnet are + trademarks of Advanced Micro Devices, Inc.

      Fujitsu, the Fujitsu logo, LifeBook, + Stylistic, PRIMEPOWER, PRIMEQUEST, PRIMECLUSTER, ETERNUS, TRIOLE, + ESPRIMO, BioMedCAChe, CAChe, CELLINJECTOR, isS, Materials Explorer, + SystemWalker, and Interstage are trademarks or registered trademarks + of Fujitsu Limited in the United States and other countries.

      IBM, AIX, OS/2, + PowerPC, PS/2, S/390, and ThinkPad are + trademarks of International Business Machines Corporation in the + United States, other countries, or both.

      Intel, Celeron, EtherExpress, i386, + i486, Itanium, Pentium, and Xeon are trademarks or registered + trademarks of Intel Corporation or its subsidiaries in the United + States and other countries.

      SPARC, SPARC64, and + UltraSPARC are trademarks of SPARC International, Inc in the United + States and other countries. SPARC International, Inc owns all of the + SPARC trademarks and under licensing agreements allows the proper use + of these trademarks by its members.

      Sun, Sun Microsystems, Java, Java + Virtual Machine, JDK, JRE, JSP, JVM, Netra, OpenJDK, + Solaris, StarOffice, SunOS + and VirtualBox are trademarks or registered trademarks of + Sun Microsystems, Inc. in the United States and other countries.

      Many of the designations used by + manufacturers and sellers to distinguish their products are claimed + as trademarks. Where those designations appear in this document, + and the FreeBSD Project was aware of the trademark claim, the + designations have been followed by the or the + symbol.

      Last modified on 2014-06-09 by brueffer.
      Table of Contents
      1. Introduction
      2. Supported Processors and System Boards
      3. Supported Devices

      1.Introduction

      This document contains the hardware compatibility notes for + FreeBSD 9.3-RELEASE. It lists the hardware platforms + supported by FreeBSD, as well as the various types of hardware + devices (storage controllers, network interfaces, and so on), + along with known working instances of these devices.

      2.Supported Processors and System Boards

      This section provides some architecture-specific information + about the specific processors and systems that are supported by + each architecture.

      2.1.amd64

      Since mid-2003 FreeBSD/amd64 has supported the AMD64 + (Hammer) and Intel EM64T architecture, and is + now one of the Tier-1 platforms (fully supported + architecture), which are expected to be Production Quality + with respects to all aspects of the FreeBSD operating system, + including installation and development environments.

      Note that there are two names for this architecture, AMD64 + (AMD) and Intel EM64T (Extended Memory 64-bit Technology). + 64-bit mode of the two architectures are almost compatible + with each other, and FreeBSD/amd64 should support them + both.

      As of this writing, the following processors are + supported:

      • AMDAthlon™64 (Clawhammer).

      • AMDOpteron™ (Sledgehammer).

      • All multi-core Intel Xeon™ processors except + Sossaman have EM64T support.

      • The single-core Intel Xeon™ + processors Nocona, Irwindale, + Potomac, and Cranford have + EM64T support.

      • All Intel Core 2 (not Core Duo) and later + processors

      • All Intel Pentium D processors

      • Intel Pentium 4s and Celeron Ds using + the Cedar Mill core have EM64T + support.

      • Some Intel Pentium 4s and Celeron Ds using + the Prescott core have EM64T support. See + the Intel + Processor Spec Finder for the definitive answer about + EM64T support in Intel processors.

      Intel EM64T is an extended version of IA-32 (x86) and + different from Intel IA-64 (Itanium) architecture, which + FreeBSD/ia64 supports. Some Intel's old documentation refers + to Intel EM64T as 64-bit extension technology + or IA-32e.

      Both Uniprocessor (UP) and Symmetric Multi-processor (SMP) + configurations are supported.

      In many respects, FreeBSD/amd64 is similar to + FreeBSD/i386, in terms of drivers supported. Generally, + drivers that already function correctly on other 64-bit + platforms should work.

      2.2.i386

      FreeBSD/i386 runs on a wide variety of IBM PC + compatible machines. Due to the wide range of + hardware available for this architecture, it is impossible + to exhaustively list all combinations of equipment supported + by FreeBSD. Nevertheless, some general guidelines are + presented here.

      Almost all i386™-compatible processors with a floating + point unit are supported. All Intel processors beginning + with the 80486 are supported, including the 80486, Pentium, + Pentium Pro, Pentium II, Pentium III, Pentium 4, and + variants thereof, such as the Xeon™ and Celeron processors. + All i386™-compatible AMD processors are also supported, + including the Am486, Am5x86, K5, AMD-K6 (and variants), + AMDAthlon™ (including Athlon-MP, Athlon-XP, Athlon-4, and + Athlon Thunderbird), and AMDDuron™ processors. The AMD + lan SC520 embedded processor is supported. The + Transmeta Crusoe is recognized and supported, as are + i386™-compatible processors from Cyrix and NexGen.

      There is a wide variety of motherboards available for this + architecture. Motherboards using the ISA, VLB, EISA, AGP, and + PCI expansion buses are well-supported. There is some + limited support for the MCA (MicroChannel) + expansion bus used in the IBM PS/2 line of PCs.

      Symmetric multi-processor (SMP) systems are generally + supported by FreeBSD, although in some cases, BIOS or motherboard + bugs may generate some problems. Perusal of the archives of + the FreeBSD symmetric multiprocessing mailing list may yield some clues.

      FreeBSD will take advantage of HyperThreading (HTT) support + on Intel CPUs that support this feature. A kernel with the + optionsSMP feature enabled will + automatically detect the additional logical processors. The + default FreeBSD scheduler treats the logical processors the same + as additional physical processors; in other words, no attempt + is made to optimize scheduling decisions given the shared + resources between logical processors within the same CPU. + Because this naive scheduling can result in suboptimal + performance, under certain circumstances it may be useful to + disable the logical processors with the + machdep.hyperthreading_allowed tunable. + The smp(4) manual page has more details.

      FreeBSD will take advantage of Physical Address Extensions + (PAE) support on CPUs that support this feature. A kernel + with the PAE feature enabled will detect + memory above 4 gigabytes and allow it to be used by the + system. This feature places constraints on the device drivers + and other features of FreeBSD which may be used; consult the + pae(4) manual page for more details.

      FreeBSD will generally run on i386-based laptops, albeit with + varying levels of support for certain hardware features such + as sound, graphics, power management, and PCCARD expansion + slots. These features tend to vary in idiosyncratic ways + between machines, and frequently require special-case support + in FreeBSD to work around hardware bugs or other oddities. When + in doubt, a search of the archives of the FreeBSD laptop computer mailing list may be + useful.

      Most modern laptops (as well as many desktops) use the + Advanced Configuration and Power Management (ACPI) standard. + FreeBSD supports ACPI via the ACPI Component Architecture + reference implementation from Intel, as described in the + acpi(4) manual page. The use of ACPI causes + instabilities on some machines and it may be necessary to + disable the ACPI driver, which is normally loaded via a kernel + module. This may be accomplished by adding the following line + to /boot/device.hints: 

      hint.acpi.0.disabled="1"

      Users debugging ACPI-related problems may find it useful + to disable portions of the ACPI functionality. The + acpi(4) manual page has more information on how to do + this via loader tunables.

      ACPI depends on a Differentiated System Descriptor Table + (DSDT) provided by each machine's BIOS. Some machines have + bad or incomplete DSDTs, which prevents ACPI from functioning + correctly. Replacement DSDTs for some machines can be found + at the DSDT + section of the ACPI4Linux project + Web site. FreeBSD can use these DSDTs to override the DSDT + provided by the BIOS; see the acpi(4) manual page for + more information.

      2.3.ia64

      Currently supported processors are the Itanium + and the Itanium + 2.

      Supported chipsets include:

      • HP zx1

      • Intel 460GX

      • Intel E8870

      Both Uniprocessor (UP) and Symmetric Multi-processor (SMP) + configurations are supported.

      Most devices that can be found in or are compatible with + ia64 machines are fully supported. The notable + exception is the VGA console. The FreeBSD support for VGA + consoles is at this time too much based on PC hardware and not + all ia64 machines have chipsets that provide sufficient + PC legacy support. As such syscons(4) can not be enabled + and the use of a serial console is required.

      2.4.pc98

      NEC PC-9801/9821 series with almost all i386™-compatible + processors, including 80486, Pentium, Pentium Pro, + Pentium II, and variants. All i386™-compatible processors + by AMD, Cyrix, IBM, and IDT are also supported.

      NEC FC-9801/9821 series, and NEC SV-98 series (both of + them are compatible with PC-9801/9821 series) should be + supported.

      EPSON PC-386/486/586 series, which are compatible with NEC + PC-9801 series are supported.

      High-resolution mode is not supported. NEC + PC-98XA/XL/RL/XL^2, and NEC PC-H98 series are supported in + normal (PC-9801 compatible) mode only.

      Although there are some multi-processor systems (such as + Rs20/B20), SMP-related features of FreeBSD are not supported + yet.

      PC-9801/9821 standard bus (called C-Bus), PC-9801NOTE + expansion bus (110pin), and PCI bus are supported. New Extend + Standard Architecture (NESA) bus (used in PC-H98, SV-H98, and + FC-H98 series) is not supported.

      2.5.powerpc

      This section describes the systems currently known to be + supported by FreeBSD on the PowerPC platform. This list is not + exhaustive.

      In general, all New World architecture Apple hardware + is supported, as well a limited selection of non-Apple + machines.

      All systems listed below are fully supported, with the + exception that software fan control is currently missing on + some Power Macintosh G5 models. SMP is supported on all systems + with more than 1 processor.

      • Apple iMac G3

      • Apple iMac G4

      • Apple iMac G5

      • Apple Power Macintosh G3 (Blue & White)

      • Apple Power Macintosh G4

      • Apple Power Macintosh G5

      • Apple iBook G3

      • Apple iBook G4

      • Apple PowerBook G3 (Lombard and Pismo)

      • Apple PowerBook G4

      • Apple XServe G4

      • Apple XServe G5

      • Apple Mac Mini

      • Embedded boards based on MPC85XX

      2.6.sparc64

      This section describes the systems currently known to be + supported by FreeBSD on the Fujitsu SPARC64 and Sun UltraSPARC + platforms. For + background information on the various hardware designs see the + Sun System + Handbook.

      SMP is supported on all systems with more than 1 + processor.

      When using the GENERIC kernel, + FreeBSD/sparc64 systems not equipped with a framebuffer + supported by the creator(4) (Sun Creator, Sun Creator3D + and Sun Elite3D) or machfb(4) (Sun PGX and Sun PGX64 + as well as the ATI Mach64 chips found onboard in for example + SunBlade™ 100, SunBlade™ 150, SunUltra™ 5 and SunUltra™ 10) + driver must use the serial console.

      If you have a system that is not listed here, it may not + have been tested with FreeBSD 9.3-RELEASE. We encourage + you to try it and send a note to the FreeBSD SPARC porting mailing list with your + results, including which devices work and which do not.

      The following systems are fully supported by FreeBSD:

      • Naturetech GENIALstation 777S

      • SunBlade™ 100

      • SunBlade™ 150

      • SunEnterprise™ 150

      • SunEnterprise™ 220R

      • SunEnterprise™ 250

      • SunEnterprise™ 420R

      • SunEnterprise™ 450

      • SunFire™ B100s (support for the on-board NICs first + appeared in 8.1-RELEASE)

      • SunFire™ V100

      • SunFire™ V120

      • Sun Netra™ t1 100/105

      • Sun Netra™ T1 AC200/DC200

      • Sun Netra™ t 1100

      • Sun Netra™ t 1120

      • Sun Netra™ t 1125

      • Sun Netra™ t 1400/1405

      • Sun Netra™ 120

      • Sun Netra™ X1

      • Sun SPARCEngine Ultra AX1105

      • Su! n SPARCEngine Ultra AXe

      • Sun SPARCEngine Ultra AXi

      • Sun SPARCEngine Ultra AXmp

      • Sun SPARCEngine CP1500

      • SunUltra™ 1

      • SunUltra™ 1E

      • SunUltra™ 2

      • SunUltra™ 5

      • SunUltra™ 10

      • SunUltra™ 30

      • SunUltra™ 60

      • SunUltra™ 80

      • SunUltra™ 450

      The following systems are partially supported by FreeBSD. In + particular the fiber channel controllers in SBus-based systems are not + supported. However, it is possible to use these with a SCSI controller + supported by the esp(4) driver (Sun ESP SCSI, Sun FAS Fast-SCSI + and Sun FAS366 Fast-Wide SCSI controllers).

      • SunEnterprise™ 3500

      • SunEnterprise™ 4500

      Starting with 7.2-RELEASE, sparc64 systems based on Sun + UltraSPARC III and beyond are also supported by FreeBSD, which includes + the following known working systems:

      • SunBlade™ 1000

      • SunBlade™ 1500

      • SunBlade™ 2000

      • SunBlade™ 2500

      • SunFire™ 280R

      • SunFire™ V210

      • SunFire™ V215 (support first appeared in 7.3-RELEASE and 8.1-RELEASE)

      • SunFire™ V240

      • SunFire™ V245 (support first appeared in 7.3-RELEASE and 8.1-RELEASE)

      • SunFire™ V250

      • SunFire™ V440 (support for the on-board NICs first + appeared in 7.3-RELEASE and 8.0-RELEASE)

      • SunFire™ V480 (501-6780 and 501-6790 centerplanes only, for + which support first appeared in 7.3-RELEASE and 8.1-RELEASE, + other centerplanes might work beginning with 8.3-RELEASE and 9.0-RELEASE)

      • SunFire™ V880

      • SunFire™ V890 (support first appeared in 7.4-RELEASE and 8.1-RELEASE, + non-mixed UltraSPARC IV/IV+ CPU-configurations only)

      • Netra™ 20/Netra™ T4

      The following Sun UltraSPARC systems are not tested but + believed to be also supported by FreeBSD:

      • SunFire™ V125

      • SunFire™ V490 (support first appeared in 7.4-RELEASE and 8.1-RELEASE, + non-mixed UltraSPARC IV/IV+ CPU-configurations only)

      Starting with 7.4-RELEASE and 8.1-RELEASE, sparc64 systems based on + Fujitsu SPARC64 V are also supported by FreeBSD, which + includes the following known working systems:

      • Fujitsu PRIMEPOWER 250

      The following Fujitsu PRIMEPOWER systems are not tested but + believed to be also supported by FreeBSD:

      • Fujitsu PRIMEPOWER 450

      • Fujitsu PRIMEPOWER 650

      • Fujitsu PRIMEPOWER 850

      3.Supported Devices

      This section describes the devices currently known to be + supported by FreeBSD. Other configurations may also work, but + simply have not been tested yet. Feedback, updates, and + corrections to this list are encouraged.

      Where possible, the drivers applicable to each device or + class of devices is listed. If the driver in question has a + manual page in the FreeBSD base distribution (most should), it is + referenced here. Information on specific models of supported + devices, controllers, etc. can be found in the manual + pages.

      Note:

      The device lists in this document are being generated + automatically from FreeBSD manual pages. This means that some + devices, which are supported by multiple drivers, may appear + multiple times.

      3.1.Disk Controllers

      [amd64, i386, ia64, pc98, + sparc64] IDE/ATA controllers (ata(4) + driver)

      [pc98] IDE/ATA controllers (wdc driver)

      • On-board IDE controller

      [i386,ia64,amd64] Controllers supported by the aac(4) driver include:

      • Adaptec AAC-364

      • Adaptec RAID 2045

      • Adaptec RAID 2405

      • Adaptec RAID 2445

      • Adaptec RAID 2805

      • Adaptec RAID 3085

      • Adaptec RAID 31205

      • Adaptec RAID 31605

      • Adaptec RAID 5085

      • Adaptec RAID 51205

      • Adaptec RAID 51245

      • Adaptec RAID 51605

      • Adaptec RAID 51645

      • Adaptec RAID 52445

      • Adaptec RAID 5405

      • Adaptec RAID 5445

      • Adaptec RAID 5805

      • Adaptec SAS RAID 3405

      • Adaptec SAS RAID 3805

      • Adaptec SAS RAID 4000SAS

      • Adaptec SAS RAID 4005SAS

      • Adaptec SAS RAID 4800SAS

      • Adaptec SA S RAID 4805SAS

      • Adaptec SATA RAID 2020SA ZCR

      • Adaptec SATA RAID 2025SA ZCR

      • Adaptec SATA RAID 2026ZCR

      • Adaptec SATA RAID 2410SA

      • Adaptec SATA RAID 2420SA

      • Adaptec SATA RAID 2610SA

      • Adaptec SATA RAID 2620SA

      • Adaptec SATA RAID 2810SA

      • Adaptec SATA RAID 2820SA

        • < li class="listitem">

        Adaptec SATA RAID 21610SA

      • Adaptec SCSI RAID 2020ZCR

      • Adaptec SCSI RAID 2025ZCR

      • Adaptec SCSI RAID 2120S

      • Adaptec SCSI RAID 2130S

      • Adaptec SCSI RAID 2130SLP

      • Adaptec SCSI RAID 2230SLP

      • Adaptec SCSI RAID 2200S

      • Adaptec SCSI RAID 2240S

      • Adaptec SCSI R AID 3230S

      • Adaptec SCSI RAID 3240S

      • Adaptec SCSI RAID 5400S

      • Dell CERC SATA RAID 2

      • Dell PERC 2/Si

      • Dell PERC 2/QC

      • Dell PERC 3/Si

      • Dell PERC 3/Di

      • Dell PERC 320/DC

      • HP ML110 G2 (Adaptec SATA RAID 2610SA)

      • HP NetRAID 4M

        • IBM ServeRAID 8i

      • IBM ServeRAID 8k

      • IBM ServeRAID 8s

      • ICP RAID ICP5045BL

      • ICP RAID ICP5085BL

      • ICP RAID ICP5085SL

      • ICP RAID ICP5125BR

      • ICP RAID ICP5125SL

      • ICP RAID ICP5165BR

      • ICP RAID ICP5165SL

      • ICP RAID ICP5445SL

      • ICP RAID ICP5805BL

      • ICP RAID ICP5805SL

      • ICP ICP5085BR SAS RAID

      • ICP ICP9085LI SAS RAID

      • ICP ICP9047MA SATA RAID

      • ICP ICP9067MA SATA RAID

      • ICP ICP9087MA SATA RAID

      • ICP ICP9014RO SCSI RAID

      • ICP ICP9024RO SCSI RAID

        • Legend S220

      • Legend S230

      • Sun STK RAID REM

      • Sun STK RAID EM

      • SG-XPCIESAS-R-IN

      • SG-XPCIESAS-R-EX

      • AOC-USAS-S4i

      • AOC-USAS-S8i

      • AOC-USAS-S4iR

      • AOC-USAS-S8iR

      • AOC-USAS-S8i-LP

      • AOC-USAS-S8iR-LP

      [i386,pc98,amd64] The adv(4) driver supports the following SCSI controllers:

      • AdvanSys ABP510/5150

      • AdvanSys ABP5140

      • AdvanSys ABP5142

      • AdvanSys ABP902/3902

      • AdvanSys ABP3905

      • AdvanSys ABP915

      • AdvanSys ABP920

      • AdvanSys ABP3922

      • AdvanSys ABP3925

      • AdvanSys ABP930, ABP930U, ABP930UA

      • AdvanSys ABP960, ABP960U

      • AdvanSys ABP542

      • AdvanSys ABP742

      • AdvanSys ABP842

      • AdvanSys ABP940

      • AdvanSys ABP940UA/3940UA

      • AdvanSys ABP940U

      • AdvanSys ABP3960UA

      • AdvanSys ABP970, ABP970U

      • AdvanSys ABP752

      • AdvanSys ABP852

      • AdvanSys ABP950

      • AdvanSys ABP980, ABP980U

      • AdvanSys ABP980UA/3980UA

      • MELCO IF! C-USP (PC-98)

      • RATOC REX-PCI30 (PC-98)

      • @Nifty FNECHARD IFC-USUP-TX (PC-98)

      [i386,pc98,amd64] The adw(4) driver supports SCSI controllers including:

      • AdvanSys ABP940UW/ABP3940UW

      • AdvanSys ABP950UW

      • AdvanSys ABP970UW

      • AdvanSys ABP3940U2W

      • AdvanSys ABP3950U2W

      [i386] The aha(4) driver supports the following SCSI host adapters:

      • Adaptec AHA-154xB

      • Adaptec AHA-154xC

      • Adaptec AHA-154xCF

      • Adaptec AHA-154xCP

      • Adaptec AHA-1640

      • Adaptec AHA-174x in 154x emulation mode

      • DTC 3290 SCSI controller in 1542 emulation mode

      • Tekram SCSI controllers in 154x emulation mode

      [i386] The ahb(4) driver supports the following SCSI host adapters:

      • Adaptec AHA-1740

      • Adaptec AHA-1742

      • Adaptec AHA-1740A

      • Adaptec AHA-1742A

      The ahc(4) driver supports the following SCSI host adapter chips and SCSI controller cards:

      • Adaptec AIC7770 host adapter chip

      • Adaptec AIC7850 host adapter chip

      • Adaptec AIC7860 host adapter chip

        !

      • Adaptec AIC7870 host adapter chip

      • Adaptec AIC7880 host adapter chip

      • Adaptec AIC7890 host adapter chip

      • Adaptec AIC7891 host adapter chip

      • Adaptec AIC7892 host adapter chip

      • Adaptec AIC7895 host adapter chip

      • Adaptec AIC7896 host adapter chip

      • Adaptec AIC7897 host adapter chip

      • Adaptec AIC7899 host adapter chip

      • Adaptec 274X(W)

      • Adaptec 274X(T)

      • Adaptec 284X

      • Adaptec 2910

      • Adaptec 2915

      • Adaptec 2920C

      • Adaptec 2930C

      • Adaptec 2930U2

      • Adaptec 2940

      • Adaptec 2940J

      • Adaptec 2940N

      • Adaptec 2940U

      • Adaptec 2940AU

      • Adaptec 2940UW

      • Adaptec 2940UW Dual

      • Adaptec 2940UW Pro

      • Adaptec 2940U2W

      • Adaptec 2940U2B

      • Adaptec 2950U2W

      • Adaptec 2950U2B

      • Adaptec 19160B

      • Adaptec 29160B

      • Adaptec 29160N

      • Adaptec 3940

      • Adaptec 3940U

      • Adaptec 3940AU

      • Adaptec 3940UW

      • Adaptec 3940AUW

      • Adaptec 3940U2W

      • Adaptec 3950U2

      • Adaptec 3960

      • Adaptec 39160

      • Adaptec 3985

      • Adaptec 4944UW

      • NEC PC-9821Xt13 (PC-98)

      • NEC RvII26 (PC-98)

      • NEC PC-9821X-B02L/B09 (PC-98)

      • NEC SV-98/2-B03 (PC-98)

      • Many motherboards with on-board SCSI support

      The ahci(4) driver supports AHCI compatible controllers having PCI class 1 (mass storage), subclass 6 (SATA) and programming interface 1 (AHCI).

      Also, in cooperation with atamarvell and atajmicron drivers of ata(4), it supports AHCI part of legacy-PATA + AHCI-SATA combined controllers, such as JMicron JMB36x and Marvell 88SE61xx.

      [i386,sparc64,ia64,amd64] The ahd(4) driver supports the following:

      • Adaptec AIC7901 host adapter chip

      • Ada! ptec AIC7901A host adapter chip

      • Adaptec AIC7902 host adapter chip

      • Adaptec 29320 host adapter

      • Adaptec 39320 host adapter

      • Many motherboards with on-board SCSI support

      [i386,pc98,amd64] The adapters supported by the aic(4) driver include:

      • A daptec AHA-1505 (ISA)

      • Adaptec AHA-1510A, AHA-1510B (ISA)

      • Adaptec AHA-1520A, AHA-1520B (ISA)

      • Adaptec AHA-1522A, AHA-1522B (ISA)

      • Adaptec AHA-1535 (ISA)

      • Creative Labs SoundBlaster SCSI host adapter (ISA)

      • Adaptec AHA-1460, AHA-1460B, AHA-1460C, AHA-1460D (PC Card)

      • Adaptec AHA-1030B, AHA-1030P (PC98)

      • NEC PC-9801-100 (PC98)

      < p xmlns="http://www.w3.org/TR/xhtml1/transit! ional">[i! 386,pc98,amd64] Controllers supported by the amd(4) driver include:

      • MELCO IFC-DP (PC-98)

      • Tekram DC390

      • Tekram DC390T

      Controllers supported by the amr(4) driver include:

      • MegaRAID SATA 150-4

      • MegaRAID SATA 150-6

      • MegaRAID SATA 300-4X

      • MegaRAID SATA 300-8X

      • MegaRAID SCSI 320-1E

      • MegaRAID SCSI 320-2E

      • MegaRAID SCSI 320-4E

      • MegaRAID SCSI 320-0X

      • MegaRAID SCSI 320-2X

      • MegaRAID SCSI 320-4X

      • MegaRAID SCSI 320-0

      • MegaRAID SCSI 320-1

      • MegaRAID SCSI 320-2

      • MegaRAID SCSI 320-4

      • MegaRAID Series 418

      • MegaRAID i4 133 RAID

      • MegaRAID Elite 1500 (Series 467)

      • MegaRAID Elite 1600 (Series 493)

      • MegaRAID Elite 1650 (Series 4xx)

      • MegaRAID Enterprise 1200 (Series 428)

      • MegaRAID Enterprise 1300 (Series 434)

      • MegaRAID Enterprise 1400 (Series 438)

      • MegaRAID Enterprise 1500 (Series 467)

      • MegaRAID Enterprise 1600 (Series 471)

      • MegaRAID Express 100 (Series 466WS)

      • MegaRAID Express 200 (Series 466)

      • MegaRAID Express 300 (Series 490)

      • MegaRAID Express 500 (Ser! ies 475) !

      • Dell PERC

      • Dell PERC 2/SC

      • Dell PERC 2/DC

      • Dell PERC 3/DCL

      • Dell PERC 3/QC

      • Dell PERC 4/DC

      • Dell PERC 4/IM

      • Dell PERC 4/SC

      • Dell PERC 4/Di

      • Dell PERC 4e/DC

      • Dell PERC 4e/Di

      • Dell PERC 4e/Si

      • Dell PERC 4ei

      • HP NetRAID-1/Si

      • HP NetRAID-3/Si (D4943A)

      • HP Embedded NetRAID

      • Intel RAID Controller SRCS16

      • Intel RAID Controller SRCU42X

      [i386,amd64] The arcmsr(4) driver supports the following cards:

      • ARC-1110

      • ARC-1120

      • ARC-1130

      • ARC-1160

      • ARC-1170

      • ARC-1110ML

      • ARC-1120ML

      • ARC-1130ML

      • ARC-1160ML

        • ARC-1200

      • ARC-1201

      • ARC-1210

      • ARC-1212

      • ARC-1213

      • ARC-1214

      • ARC-1220

      • ARC-1222

      • ARC-1223

      • ARC-1224

      • ARC-1230

      • ARC-1231

      • ARC-1260

      • ARC-1261

      • ARC-1270

      • ARC-1280

      • ARC-1210ML

      • ARC-1220ML

      • ARC-1231ML

      • ARC-1261ML

      • ARC-1280ML

      • ARC-1380

      • ARC-1381

      • ARC-1680

      • ARC-1681

      • ARC-1880

      • ARC-1882

      [i386] The adapters currently supported by the asr(4) driver include the following:

      • Adaptec Zero-Channel SCSI RAID 2000S, 2005S, 2010S, 2015S

      • Adaptec SCSI RAID 2100S, 2110S

      • Adaptec ATA-100 RAID 2400A

      • Adaptec SCSI RAID 3200S, 3210S

      • Adaptec SCSI RAID 3400S, 3410S

      • Adaptec SmartRAID PM1554

      • Adaptec SmartRAID PM1564

      • Adaptec SmartRAID PM2554

      • Adaptec SmartRAID PM2564

      • Adaptec SmartRAID PM2664

      • Adaptec SmartRAID PM2754

      • Adaptec SmartRAID PM2865

      • Adaptec SmartRAID PM3754

      • Adaptec SmartRAID PM3755U2B / SmartRAID V Millennium

      • Adaptec SmartRAID PM3757

      • DEC KZPCC-AC (LVD 1-ch, 4MB or 16MB cache), DEC KZPCC-CE (LVD 3-ch, 64MB cache), DEC KZPCC-XC (LVD 1-ch, 16MB cache), DEC KZPCC-XE (LVD 3-ch, 64MB cache) -- rebadged SmartRAID V Millennium

      [i386,amd64] The bt(4) dri! ver supports the following BusLogic MultiMaster W, C, S, and A series and compatible SCSI host adapters:

      • BusLogic BT-445C

      • BusLogic BT-445S

      • BusLogic BT-540CF

      • BusLogic BT-54 2B

      • BusLogic BT-542B

      • BusLogic BT-542D

      • BusLogic BT-545C

      • BusLogic BT-545S

      • BusLogic/BusTek BT-640

      • BusLogic BT-742A

      • BusLogic BT-742A

      • BusLogic BT-747C

      • BusLogic BT-747D

      • BusLogic BT-747 S

      • BusLogic BT-757C

      • BusLogic BT-757CD

      • BusLogic BT-757D

      • BusLogic BT-757S

      • BusLogic BT-946C

      • BusLogic BT-948

      • BusLogic BT-956C

      • BusLogic BT-956CD

      • BusLogic BT-958

      • BusLogic BT-958D

      • Storage Dimensions SDC3211B / SDC3211F

      AMI FastDisk Host Adapters that are true BusLogic MultiMaster clones are also supported by the bt(4) driver.

      [i386,ia64,amd64] Controllers supported by the ciss(4) driver include:

      • Compaq Smart Array 5300

      • Comp! aq Smart ! Array 532

      • Compaq Smart Array 5i

      • HP Smart Array 5312

      • HP Smart Array 6i

      • HP Smart Array 641

      • HP Smart Array 642

      • HP Smart Array 6400

      • HP Smart Array 6400 EM

      • HP Smart Array E200

      • HP Smart Array E200i

      • HP Smart Array P212

      • HP Smart Array P220i

      • HP Smart Array P222

      • HP Smart Array P230i

      • HP Smart Array P400

      • HP Smart Array P400i

      • HP Smart Array P410

      • HP Smart Array P410i

      • HP Smart Array P411

      • HP Smart Array P420

      • HP! Smart Ar! ray P420i

      • HP Smart Array P421

      • HP Smart Array P430

      • HP Smart Array P430i

      • HP Smart Array P431

      • HP Smart Array P530

      • HP Smart Array P531

      • HP Smart Array P600

      • HP Smart Array P721m

      • HP Smart Array P731m

      • HP Smart Array P800

      • HP Smart Array P812

      • HP Smart Array P830

      • HP Smart Array P830i

      • HP Modular Smart Array 20 (MSA20)

      • HP Modular Smart Array 500 (MSA500)

      [pc98] The ct(4) driver supports the following adapters:

      • ELECOM bus-master SCSI adapters

      • I-O DATA SC-98II

      • ICM IF-2660, IF-2766, IF-2766ET, IF-2767 and IF-2769

      • Logitec LHA-N151 and LHA-20x series

      • Midori-Denshi MDC-554NA and MDC-926R

      • NEC PC-9801-55, 92 and compatibles

      • SMIT transfer type SCSI host adapters

      • TEXA HA-55BS2 and its later models

      [i386,ia64,amd64] The dpt(4) driver provides support for the following RAID adapters:

      • DPT Smart Cache Plus

      • Smart Cache II (PM2?2?, PM2022 [EISA], PM2024/PM2124 [PCI]) (Gen2)

      • Smart RAID II (PM3?2?, PM3021, PM3222)

      • Smart Cache III (PM2?3?)

      • Smart RAID III (PM3?3?, PM3332 [EISA], PM3334UW [PCI]) (Gen3)

      • Smart Cache IV (PM2?4?, ! PM2042 [E! ISA], PM2044/PM2144 [PCI]) (Gen4)

      • Smart RAID IV

      Note:

      [amd64, i386] Booting from these + controllers is supported. EISA adapters are not + supported.

      [sparc64] Controllers supported by the esp(4) driver include:

      • MELCO IFC-DP (PC-98)

      • Sun ESP family

      • Sun FAS family

      • Tekram DC390

      • Tekram DC390T

      [i386,amd64] The hpt27xx(4) driver supports the following SAS controllers:

      • HighPoint's RocketRAID 271x series

      • HighPoint's RocketRAID 272x series

      • HighPoint's RocketRAID 274x series

      • HighPoint's RocketRAID 276x series

      • HighPoint's RocketRAID 278x series

      [i38 6,amd64] The hptiop(4) driver supports the following SAS and SATA RAID controllers:

      • HighPoint RocketRAID 4522

      • HighPoint RocketRAID 4521

      • HighPoint RocketRAID 4520

      • HighPoint RocketRAID 4322

      • HighPoint RocketRAID 4321

      • HighPoint RocketRAID 4320

      • HighPoint RocketRAID 4311

      • HighPoint RocketRAID 4310

      • HighPoint RocketRAID 3640

      • HighPoint RocketRAID 3622

      • HighPoint RocketRAID 3620

      The hptiop(4) driver also supports the following SAS and SATA RAID controllers that are already End-of-Life:

      • HighPoint RocketRAID 4211

      • HighPoint RocketRAID 4210

      • HighPoint RocketRAID 3560

      • HighPoint RocketRAID 3540

      • HighPoint RocketRAID 3530

      • HighPoint RocketRAID 3522

      • HighPoint RocketRAID 3521

      • HighPoint RocketRAID 3520

      • HighPoint RocketRAID 3511

      • HighPoint RocketRAI D 3510

      • HighPoint RocketRAID 3410

      • HighPoint RocketRAID 3320

      • HighPoint RocketRAID 3220

      • HighPoint RocketRAID 3122

      • HighPoint RocketRAID 3120

      • HighPoint RocketRAID 3020

      [i386,amd64] The hptmv(4) driver supports the following ATA RAID con trollers:

      • HighPoint's RocketRAID 182x series

      [i386,amd64] The hptrr(4) driver supports the following RAID controllers:

      • RocketRAID 172x series

      • RocketRAID 174x series

      • RocketRAID 2210

      • RocketRAID 222x series

      • RocketRAID 2240

      • RocketRAID 230x series

      • RocketRAID 231x series

      • RocketRAID 232x series

      • RocketRAID 2340

      • RocketRAID 2522

      [i386] The following controllers are supported by the ida(4) driver:

      • Compaq SMART Array 221

      • Compaq Integrated SMART Array Controller

      • Compaq SMART Array 4200

      • Compaq SMART Array 4250ES

      • Compaq SMART 3200 Controller

      • Compaq SMART 3100ES Controller

      • Compaq SMART-2/DH Controller

      • Compaq SMART-2/SL Controller

      • Compaq SMART-2/P Controller

      • Compaq SMART-2/E Controller

      • Compaq SMART Controller

      [i386,ia64,amd64] Controllers supported by the iir(4) driver include:

      • Intel RAID Controller SRCMR

      • Intel Server RAID Controller U3-l (SRCU31a)

      • Intel Server RAID Controller U3-1L (SRCU31La)

      • Intel Server RAID Controller U3-2 (SRCU32)

      • All past and future releases of Intel and ICP RAID Controllers.

      • Intel RAID Controller SRCU21 (discontinued)

      • Intel RAID Controller SRCU31 (older revision, not compatible)

      • Intel RAID Controller SRCU31L (older revision, not compatible)

      The SRCU31 and SRCU31L can be updated via a firmware update available from Intel.

      [i386,amd64] Controllers supported by the ips(4) driver include:

      • IBM ServeRAID 3H

      • ServeRAID 4L/4M/4H

      • ServeRAID Series 5

      • ServeRAID 6i/6M

      • ServeRAID 7t/7k/7M

      Newer ServeRAID controllers are supported by the aac(4) or mfi(4) driver.

      [i386,amd64] The isci(4) driver provides support for Intel C600 SAS controllers.

      Cards supported by the isp(4) driver include:

      • ISP1000

      • ISP1020

      • ISP1040

      • Qlogic 1240

      • Qlogic 1020

      • Qlogic 1040

      • Qlogic 1080

      • Qlogic 1280

      • Qlogic 12160

      • Qlogic 210X

      • Qlogic 220X

      • Qlogic 2300

      • Qlogic 2312

      • Qlogic 234X

      • Qlogic 2322

      • Qlogic 200

      • Qlogic 2422

      • Qlogic 2432

      [i386,ia64,amd64] The mfi(4) driver supports the following hardware:

      • LSI MegaRAID SAS 1078

      • LSI MegaRAID SAS 8408E

      • LSI MegaRAID SAS 8480E

      • LSI MegaRAID SAS 9260

      • Dell PERC5

      • Dell PERC6

      • IBM ServeRAID M5015 SAS/SATA

      • IBM ServeRAID-MR10i

      • Intel RAID Controller SROMBSAS18E

      [i386,ia64,amd64] Controllers supported by the mlx(4) driver include:

      • Mylex DAC960P

      • Mylex DAC960PD / DEC KZPSC (Fast Wide)

      • Mylex DAC960PDU

      • Mylex DAC960PL

      • Mylex DAC960PJ

      • Mylex DAC960PG

      • Mylex DAC960PU / DEC PZPAC (Ultra Wide)

      • Mylex AcceleRAID 150 (DAC960PRL)

      • Mylex AcceleRAID 250 (DAC960PTL1)

      • Mylex eXtremeRAID 1100 (D AC1164P)

      • RAIDarray 230 controllers, aka the Ultra-SCSI DEC KZPAC-AA (1-ch, 4MB cache), KZPAC-CA (3-ch, 4MB), KZPAC-CB (3-ch, 8MB cache)

      All major firmware revisions (2.x, 3.x, 4.x and 5.x) are supported, however it is always advisable to upgrade to the most recent firmware available for the controller.

      Compatible Mylex controllers not listed should work, but have not been verified.

      Note:

      [amd64, i386] Booting from these + controllers is supported. EISA adapters are not + supported.

      [i386,ia64,amd64] Controllers supported by the mly(4) driver include:

      • Mylex AcceleRAID 160

      • Mylex AcceleRAID 170

      • Mylex AcceleRAID 352

      • Mylex eXtremeRAID 2000

      • Mylex eXtremeRAID 3000

      Compatible Mylex controllers not listed should work, but have not been verified.

      The mps(4) driver supports the following hardware:

      • LSI Logic SAS2004 (4 Port SAS)

      • LSI Logic SAS2008 (8 Port SAS)

      • LSI Logic SAS2108 (8 Port SAS)

      • LSI Logic SAS2116 (16 Port SAS)

      • LSI Logic SAS2208 (8 P! ort SAS)

      • LSI Logic SAS2308 (8 Port SAS)

      • LSI Logic SSS6200 Solid State Storage

      • Intel Integrated RAID Module RMS25JB040

      • Intel Integrated RAID Module RMS25JB080

      • Intel Integrated RAID Module RMS25KB040

      • Intel Integrated RAID Module RMS25KB080

      The following controllers are supported by the mpt(4) driver:

      • LSI Logic 53c1030, LSI Logic LSI2x320-X (Single and Dual Ultra320 SCSI)

      • LSI Logic AS1064, LSI Logic AS1068

      • LSI Logic FC909 (1Gb/s Fibre Channel)

      • LSI Logic FC909A (Dual 1Gb/s Fibre Channel)

      • LSI Logic FC919, LSI Logic 7102XP-LC (Single 2Gb/s Fibre Channel)

      • LSI Logic FC929, LSI Logic FC929X, LSI Logic 7202XP-LC (Dual 2Gb/s Fibre Channel)

      • LSI Logic FC949X (Dual 4Gb/s Fibre Channel)

      • LSI Logic FC949E, LSI Logic FC949ES (Dual 4Gb/s Fibre Channel PCI-Express)

      The Ultra 320 SCSI controller chips supported by the mpt(4) driver can be found onboard on many systems including:

      • Dell PowerEdge 1750 thru 2850

      • IBM eServer xSeries 335

      These systems also contain Integrat ed RAID Mirroring and Integrated RAID Mirroring Enhanced which this driver also supports.

      The SAS controller chips are also present on many new AMD/Opteron based systems, like the Sun 4100. Note that this controller can drive both SAS and SATA drives or a mix of them at the same time. The Integrated RAID Mirroring available for these controllers is poorly supported at best.

      The Fibre Channel controller chipset are supported by a broad variety of speeds and systems. The Apple Fibre Channel HBA is in fact the FC949ES card.

      This driver also supports target mode for Fibre Channel cards. This support may be enabled by setting the desired role of the core via the LSI Logic firmware utility that establishes what roles the card can take on - no separate compilation is required.

      The mrsas(4) driver supports the following hardware:

      [ Thunderbolt 6Gb/s MR controller ]

      • LSI MegaRAID SAS 9265

      • LSI MegaRAID SAS 9266

      • LSI MegaRAID SAS 9267

      • LSI MegaRAID SAS 9270

      • LSI MegaRAID SAS 9271

      • LSI MegaRAID SA S 9272

      • LSI MegaRAID SAS 9285

      • LSI MegaRAID SAS 9286

      • DELL PERC H810

      • DELL PERC H710/P

      [ Invader/Fury 12Gb/s MR controller ]

      • LSI MegaRAID SAS 9380

      • LSI MegaRAID SAS 9361

      • LSI MegaRAID SAS 9341

      • DELL PERC H830

      • DELL PERC H730/P

      • DELL PERC H330

      The mvs(4) driver supports the following controllers:

      Gen-I (SATA 1.5Gbps):

      • 88SX5040

      • 88SX5041

      • 88SX5080

      • 88SX5 081

      Gen-II (SATA 3Gbps, NCQ, PMP):

      • 88SX6040

      • 88SX6041 (including Adaptec 1420SA)

      • 88SX6080

      • 88SX6081

      Gen-IIe (SATA 3Gbps, NCQ, PMP with FBS):

      • 88SX6042

      • 88SX7042 (including Adaptec 1430SA)

      • 88F5182 SoC

      • 88F6281 SoC

      • MV78100 SoC

      Note, that this hardware supports command queueing and FIS-based switching only for ATA DMA commands. ATAPI and non-DMA ATA commands executed one by one for each port.

      [i386,pc98,amd64] The ncr(4) driver provides support for the following NCR/Symbios SCSI controller chips:

      • 53C810

      • 53C810A

      • 53C815

      • 53C820

      • 53C825A

      • 53C860

      • 53C875

      • 53C875J

      • 53C885

      • 53C895

      • 53C895A

      • 53C896

      • 53C151! 0D

      The following add-on boards are known to be supported:

      • I-O DATA SC-98/PCI (PC-98)

      • I-O DATA SC-PCI (PC-98)

      [i386,pc98] The following devices are currently supported by the ncv(4) driver:

      • I-O DATA PCSC-DV

      • KME KXLC002 (TAXAN ICD-400PN, etc.), KXLC004, and UJDCD450

      • Macnica Miracle SCSI-II mPS110

      • Media Intelligent MSC-110, MSC-200

      • NEC PC-9801N-J03R

      • New Media Corporation BASICS SCSI

      • Qlogic Fast SCSI

      • RATOC REX-9530, REX-5572 (SCSI only)

      [i386,pc98] Controllers supported by the nsp(4) driver include:

      • Alpha-Data AD-PCS201

      • I-O DATA CBSC16

      [i386] The pst(4) driver supports the Promise Supertrak SX6000 ATA hardware RAID controller.

      The siis(4) driver supports the following controll er chips:

      • SiI3124 (PCI-X 133MHz/64bit, 4 ports)

      • SiI3131 (PCIe 1.0 x1, 1 port)

      • SiI3132 (PCIe 1.0 x1, 2 ports)

      • SiI3531 (PCIe 1.0 x1, 1 port)

      [i386,pc98] Controllers supported by the stg(4) driver include:

      • ! Adaptec 2! 920/A

      • Future Domain SCSI2GO

      • Future Domain TMC-18XX/3260

      • IBM SCSI PCMCIA Card

      • ICM PSC-2401 SCSI

      • MELCO IFC-SC

      • RATOC REX-5536, REX-5536AM, REX-5536M, REX-9836A

      Note that the Adaptec 2920C is supported by the ahc(4) driver.

      The sym(4) driver provides support for the following Symbios/LSI Logic PCI SCSI controllers:

      • 53C810

      • 53C810A

      • 53C815

      • 53C825

      • 53C825A

      • 53C860

      • 53C875

      • 53C876

      • 53C895

      • 53C895A

      • 53C896

      • 53C897

      • 53C1000

      • 53C1000R

      • 53C1010-33

      • 53C1010-66

      • 53C1510D

      The SCSI controllers supported by sym(4) can be either embedded on a motherboard, or on one of the following add-on boards:

      • ASUS SC-200, SC-896

      • Data Technology DTC3130 (all variants)

      • DawiControl DC2976UW

      • Diamond FirePort (all)

      • I-O DATA SC-UPCI (PC-98)

      • Logitec LHA-521UA (PC-98)

      • NCR cards (all)

      • S ymbios cards (all)

      • Tekram DC390W, 390U, 390F, 390U2B, 390U2W, 390U3D, and 390U3W

      • Tyan S1365

      [i386,amd64] SCSI controllers supported by the trm(4) driver include:

      • Tekram DC-315 PCI Ultra SCSI adapter without BIOS and internal SCSI connector

      • Tekram DC-315U PCI Ultra SCSI adapter without BIOS

      • Tekram DC-395F PCI Ultra-Wide SCSI adapter with flash BIOS and 68-pin external SCSI connector

      • Tekram DC-395U PCI Ultra SCSI adapter with flash BIOS

      • Tekram DC-395UW PCI Ultra-Wide SCSI adapter with flash BIOS

      • Tekram DC-395U2W PCI Ultra2-Wide SCSI adapter with flash BIOS

      For the Tekram DC-310/U and DC-390F/U/UW/U2B/U2W/U3W PCI SCSI host adapters, use the sym(4) driver.

      [i386,amd64] The twa(4) driver supports the followin g SATA RAID controllers:

      • AMCC's 3ware 9500S-4LP

      • AMCC's 3ware 9500S-8

      • AMCC's 3ware 9500S-8MI

      • AMCC's 3ware 9500S-12

      • AMCC's 3ware 9500S-12MI

      • AMCC's 3ware 9500SX-4LP

      • AMCC's 3ware 9500SX-8LP

      • AMCC's 3ware 9500SX-12

      • AMCC's 3ware 9500SX-12MI

      • AMCC's 3ware 9500SX-16ML

      • AMCC's 3ware 9550SX-4LP

      • AMCC's 3ware 9550SX-8LP

      • AMCC's 3ware 9550SX-12

      • AMCC's 3ware 9550SX-12MI

      • AMCC's 3ware 9550SX-16ML

      • AMCC's 3ware 9650SE-2LP

      • AMCC's 3ware 9650SE-4LPML

      • AMCC's 3ware 9650SE-8LPML

      • AMCC's 3! ware 9650SE-12ML

      • AMCC's 3ware 9650SE-16ML

      • AMCC's 3ware 9650SE-24M8

      [i386,amd64] The twe(4) driver supports the following PATA/SATA RAID controllers:

      • AMCC's 3ware 5000 series

      • AMCC's 3ware 6000 series

      • AMCC's 3ware 7000-2

      • AMCC's 3ware 7006-2

      • AMCC's 3ware 7500-4LP

      • AMCC's 3ware 7500-8

      • AMCC's 3ware 7500-12

      • AMCC's 3ware 7506-4LP

      • AMCC's 3ware 7506-8

      • AMCC's 3ware 7506-12

      • AMCC's 3ware 8006-2LP

      • AMCC's 3ware 8500-4LP

      • AMCC' s 3ware 8500-8

      • AMCC's 3ware 8500-12

      • AMCC's 3ware 8506-4LP

      • AMCC's 3ware 8506-8

      • AMCC's 3ware 8506-8MI

      • AMCC's 3ware 8506-12

      • AMCC's 3ware 8506-12MI

      [i386,amd64] The tws(4) driver supports the following SATA/SAS RAID controller:

      • LSI's 3ware SAS 9750 series

      [i386] The vpo(4) driver supports the following parallel to SCSI interfaces:

      • Adaptec AIC-7110 Parallel to SCSI interface (built-in to Iomega ZIP drives)

      • Iomega Jaz Traveller interface

      • Iomega MatchMaker SCSI interface (built-in to Iomega ZIP+ drives)

      [i386]! The wds(4) driver supports the WD7000 SCSI + controller.

      With all supported SCSI controllers, full support is + provided for SCSI-I, SCSI-II, and SCSI-III peripherals, + including hard disks, optical disks, tape drives (including + DAT, 8mm Exabyte, Mammoth, and DLT), medium changers, + processor target devices and CD-ROM drives. WORM devices that + support CD-ROM commands are supported for read-only access by + the CD-ROM drivers (such as cd(4)). WORM/CD-R/CD-RW + writing support is provided by cdrecord(1), which is a + part of the sysutils/cdrtools port in the Ports + Collection.

      The following CD-ROM type systems are supported at this + time:

      • SCSI interface (also includes ProAudio Spectrum and + SoundBlaster SCSI) (cd(4))

      • [i386] Sony proprietary interface (all models) + (scd(4))

      • ATAPI IDE interface (acd(4))

      [i386] The following device is unmaintained:

      • Mitsumi proprietary CD-ROM interface (all models) + (mcd(4))

      3.2.Ethernet Interfaces

      The ae(4) driver supports Attansic/Atheros L2 PCIe FastEthernet controllers, and is known to support the following hardware:

      • ASUS EeePC 701

      • ASUS EeePC 900

      Other hardware may or may not work with this driver.

      The age(4) driver provides support for LOMs based on Attansic/Atheros L1 Gigabit Ethernet controller chips, including:

      • ASUS M2N8-VMX

      • ASUS M2V

      • ASUS M3A

      • ASUS P2-M2A590G

        • ASUS P5B-E

      • ASUS P5B-MX/WIFI-AP

      • ASUS P5B-VMSE

      • ASUS P5K

      • ASUS P5KC

      • ASUS P5KPL-C

      • ASUS P5KPL-VM

      • ASUS P5K-SE

      • ASUS P5K-V

      • ASUS P5L-MX

      • ASUS P5DL2-VM

      • ASUS P5L-VM 1394

      • ASUS G2S

      The ale(4) device driver provides support for the following Ethernet controllers:

      • Atheros AR8113 PCI Express Fast Ethernet controller

      • Atheros AR8114 PCI Express Fast Ethernet controller

      • Atheros AR8121 PCI Express Gigabit E! thernet c! ontroller

      [i386,pc98,ia64,amd64,powerpc] Adapters supported by the aue(4) driver include:

      • Abocom UFE1000, DSB650TX_NA

      • Accton USB320-EC, SpeedStream

      • ADMtek AN986, AN8511

      • Billionton USB100, USB100LP, USB100EL, USBE100

      • Corega Ether FEther U SB-T, FEther USB-TX, FEther USB-TXS

      • D-Link DSB-650, DSB-650TX, DSB-650TX-PNA

      • Elecom LD-USBL/TX

      • Elsa Microlink USB2Ethernet

      • HP hn210e

      • I-O Data USB ETTX

      • Kingston KNU101TX

      • LinkSys USB10T adapters that contain the AN986 Pegasus chipset, USB10TA, USB10TX, USB100TX, USB100H1

      • MELCO LUA-TX, LUA2-TX

      • Netgear FA1! 01

      • Planex UE-200TX

      • Sandberg USB to Network Link (model number 133-06)

      • Siemens Speedstream

      • SmartBridges smartNIC

      • SMC 2202USB

      • SOHOware NUB100

      [i386,pc98,amd64,powerpc] The axe(4) driver supports ASIX Electronics AX88172/AX88178/AX88772/AX88772A /AX88772B/AX88760 based USB Ethernet adapters including:

      AX88172:

      • AboCom UF200

      • Acer Communications EP1427X2

      • ASIX AX88172

      • ATen UC210T

      • Billionton SnapPort

      • Billionton USB2AR

      • Buffalo (Melco Inc.) LUA-U2-KTX

      • Core ga USB2_TX

      • D-Link DUBE100

      • Goodway GWUSB2E

      • JVC MP_PRX1

      • LinkSys USB200M

      • Netgear FA120

      • Sitecom LN-029

      • System TALKS Inc. SGC-X2UL

      AX88178:

      • ASIX AX88178

      • Belkin F5D505 5

      • Logitec LAN-GTJ/U2A

      • Buffalo (Melco Inc.) LUA3-U2-AGT

      • Planex Communications GU1000T

      • Sitecom Europe LN-028

      AX88772:

      • ASIX AX88772

      • Buffalo (Melco Inc.) LUA3-U2-ATX

      • D-Link DUBE100B1

      • Planex UE-20 0TX-G

      • Planex UE-200TX-G2

      AX88772A:

      • ASIX AX88772A

      • Cisco-Linksys USB200Mv2

      AX88772B:

      • ASIX AX88772B

      • Lenovo USB 2.0 Ethernet

      AX88760:

      • ASIX AX88760

      ASIX Electronics AX88178A/AX88179 USB Gigabit Ethernet + adapters (axge(4) driver)

      [i386,amd64] The bce(4) driver provides support for various NICs based on the QLogic NetXtreme II family of Gigabit Ethernet controllers, including the following:

      • QLogic NetXtreme II BCM5706 1000Base-SX

      • QLogic NetXtreme II BCM5706 1000Base-T

      • QLogic NetXtreme II BCM5708 1000Base-SX

      • QLogic NetXtreme II BCM5708 1000Base-T

      • QLogic NetXtreme II BCM5709 1000Base-SX

      • QLogic NetXtreme II BCM5709 1000Base-T

      • QLogic NetXtreme II BCM5716 1000Base-T

      • Dell PowerEdge 1950 integrated BCM5708 NIC

      • Dell PowerEdge 2950 integrated BCM5708 NIC

      • Dell PowerEdge R710 integrated BCM5709 NIC

      • HP NC3! 70F Multifunction Gigabit Server Adapter

      • HP NC370T Multifunction Gigabit Server Adapter

      • HP NC370i Multifunction Gigabit Server Adapter

      • HP NC371i Multifunction Gigabit Server Adapter

      • HP NC373F PCIe Multifunc Giga Server Adapter

      • HP NC373T PCIe Multifunction Gig Server Adapter

      • HP NC373i Multifunction Gigabit Server Adapter

      • HP NC373m Multifunction Gigabit Server Adapter

      • HP NC374m PCIe Multifunction Adapter

      • HP NC380T PCIe DP Multifunc Gig Server Adapter

      • HP NC382T PCIe DP Multifunction Gigabit Server Adapter

      • HP NC382i DP Multifunction Gigabit Server Adapter

      • HP NC382m DP 1GbE Multifunction BL-c Adapter

      [amd64, i386] Broadcom BCM4401 based Fast + Ethernet adapters (bfe(4) driver)

      [i386,pc98,sparc64,ia64,amd64] The bge(4) driver provides support for various NICs based on the Broadcom BCM570x family of Gigabit Ethernet controller chips, including the following:

      • 3Com 3c996-SX (1000baseSX)

      • 3Com 3c996-T (10/100/1000baseTX)

      • Dell PowerEdge 1750 integrated BCM5704C NIC (10/100/1000baseTX)

      • Dell PowerEdge 2550 integrated BCM5700 NIC (10/100/1000baseTX)

      • Dell PowerEdge 2650 integrated BCM5703 NIC (10/100/1000baseTX)

      • Dell PowerEdge R200 integrated BCM5750 NIC (10/100/1000baseTX)

      • Dell PowerEdge R300 integrated BCM5722 NIC (10/100/1000baseTX)

      • IBM x235 server integrated BCM5703x NIC (10/100/1000baseTX)

      • HP Compaq dc7600 integrated BCM5752 NIC (10/100/1000baseTX)

      • HP ProLiant NC7760 embedded Gigabit NIC (10/100/1000baseTX)

      • HP ProLiant NC7770 PCI-X Gigabit NIC (10/100/1000baseTX)

      • HP ProLiant NC7771 PCI-X Gigabit NIC (10/100/1000baseTX)

      • HP ProLiant NC7781 embedded PCI-X Gigabit NIC (10/100/1000baseTX)

      • Netgear GA302T (10/100/1000baseTX)

      • SysKonnect SK-9D21 (10/100/1000baseTX)

      • SysKonnect SK-9D41 (1000baseSX)

      The chips supported by the cas(4) driver are:

      • National Semiconductor DP83065 Saturn Gigabit Ethernet

      • Sun Cassini Gigabit Ethernet

      • Sun Cassini+ Gigabit Ethernet

      The following add-on cards are known to work with the cas(4) driver at this time:

      • Sun GigaSwift Ethernet 1.0 MMF (Cassini Kuheen) (part no. 501-5524)

      • Sun GigaSwift Ethernet 1.0 UTP (Cassini) (part no. 501-5902)

      • Sun GigaSwift Ethernet UTP (GCS) (part no. 501-6719)

      • Sun Quad GigaSwift Ethernet UTP (QGE) (part no. 501-6522)

      • Sun Quad GigaSwift Ethernet PCI-X (QGE-X) (part no. 501-6738)

      [i386,pc98,ia64,amd64,powerpc] The following devices are supported by the cdce(4) driver:

      • Prolific PL-2501 Host-to-Host Bridge Controller

      • Sharp Zaurus PDA

      • Terayon TJ-715 DOCSIS Cable Modem

      [amd64, i386] Crystal Semiconductor + CS89x0-based NICs (cs(4) driver)

      [i386,pc98,ia64,amd64,powerpc] The cue(4) driver supports CATC USB-EL1210A based USB Ethernet adapters including:

      • Belkin F5U011/F5U111

      • CATC Netmate

      • CATC Netmate II

      • SmartBridges SmartLink

      [i386,amd64] The cxgb(4) driver supports 10 Gigabit and 1 Gigabit Ethernet adapters based on the T3 and T3B chipset:

      • Chelsio 10GBase-CX4

      • Chelsio 10GBase-LR

      • Chelsio 10GBase-SR

      The dc(4) driver provides support for the following chipsets:

      • DEC/Intel 21143

      • ADMtek AL981 Comet, AN985 Centaur, ADM9511 Centaur II and ADM9513 Centaur II

      • ALi/ULi M5261 and M5263

      • ASIX Electronics AX88140A and AX88141

      • Conexant LANfinity RS7112 (miniPCI)

      • Davicom DM9009, DM9100, DM9102 and DM9102A

      • Lite-On 82c168 and 82c169 PNIC

      • Lite-On/Macronix 82c115 PNIC II

      • Macronix 98713, 98713A, 98715, 98715A, 98715AEC-C, 98725, 98727 and 98732

      • Xircom X3201 (cardbus only)

      The following NICs are known to work with the dc(4) driver at this time:

      • 3Com OfficeConnect 10/100B (ADMtek AN985 Cen taur-P)

      • Abocom FE2500

      • Accton EN1217 (98715A)

      • Accton EN2242 MiniPCI

      • Adico AE310TX (98715A)

      • Alfa Inc GFC2204 (ASIX AX88140A)

      • Built in 10Mbps only Ethernet on Compaq Presario 7900 series desktops (21143, non-MII)

      • Built in Sun DMFE 10/100 Mbps Ethernet on Sun Netra X1 and Sun Fire V100 (DM9102A, MII)

      • Built in Ethernet on LinkSys EtherFast 10/100 Instant GigaDrive (DM9102, MII)

      • CNet Pro110B (ASIX AX88140A)

      • CNet Pro120A (98715A or 98713A) and CNet Pro120B (98715)

      • Compex RL100-TX (98713 or 98713A)

      • D-Link DFE-570TX (21143, MII, quad port)

      • Digital DE500-BA 10/100 (21143, non-MII)

      • ELECOM Laneed LD-CBL/TXA (ADMtek AN985)

      • Hawking CB102 CardBus

      • IBM EtherJet Cardbus Adapter

      • Intel PRO/100 Mobile Cardbu! s (version! s that use the X3201 chipset)

      • Jaton XpressNet (Davicom DM9102)

      • Kingston KNE100TX (21143, MII)

      • Kingston KNE110TX (PNIC 82c169)

      • LinkSys LNE100TX (PNIC 82c168, 82c169)

      • LinkSys LNE100TX v2.0 (PNIC II 82c115)

      • LinkSys LNE100TX v4.0/4.1 (ADMtek AN985 Centaur-P)

      • Matrox FastNIC 10/100 (PNIC 82c168, 82c169)

      • Melco LGY-PCI-TXL

      • Microsoft MN-120 10/100 CardBus (ADMTek Centaur-C)

      • Microsoft MN-130 10/100 PCI (ADMTek Centaur-P)

      • NDC SOHOware SFA110A (98713A)

      • NDC SOHOware SFA110A Rev B4 (98715AEC-C)

      • NetGear FA310-TX Rev. D1, D2 or D3 (PNIC 82c169)

      • Netgear FA511

      • PlaneX FNW-3602-T (ADMtek AN985)

      • SMC EZ Card 10/100 1233A-TX (ADMtek AN985)

      • SVEC PN102-TX (9871! 3)

      • Xircom Cardbus Realport

      • Xircom Cardbus Ethernet 10/100

      • Xircom Cardbus Ethernet II 10/100

      [i386,pc98,ia64,amd64] Adapters supported by the de(4) driver include:

      • Adaptec ANA-6944/TX

      • Cogent EM100FX and EM440TX

      • Corega FastEther PCI-TX

      • D-Link DFE-500TX

      • DEC DE435, DEC DE450, and DEC DE500

      • ELECOM LD-PCI2T, LD-PCITS

      • I-O DATA LA2/T-PCI

      • SMC Etherpower 8432, 9332 and 9334

      • ZNYX ZX3xx

      [i386,pc98] The ed(4) driver supports the following Ethernet NICs! :

      • 3Com 3c503 Etherlink II

      • AR-P500 Ethernet

      • Accton EN1644 (old model), EN1646 (old model), EN2203 (old model) (110pin) (flags 0xd00000)

      • Accton EN2212/EN2216/UE2216

      • Allied Telesis CentreCOM LA100-PCM_V2

      • Allied Telesis LA-98 (flags 0x000000) (PC-98)

      • Allied Telesis SIC-98, SIC-98NOTE (110pin), SIU-98 (flags 0x600000) (PC-98)

      • < p xmlns="http://www.w3.org/TR/xhtml1/transitional">Allied Telesis SIU-98-D (flags 0x610000) (PC-98)

      • AmbiCom 10BaseT card

      • Bay Networks NETGEAR FA410TXC Fast Ethernet

      • Belkin F5D5020 PC Card Fast Ethernet

      • Billionton LM5LT-10B Ethernet/Modem PC Card

      • Bromax iPort 10/100 Ethernet PC Card

      • Bromax iPort 10 Ethernet PC Card

      • Buffalo LPC2-CLT, LPC3-CLT, LPC3-CLX, LPC4-TX PC Card

      • CNet BC40 adapt! er

      • Compex Net-A adapter

      • Compex RL2000

      • Contec C-NET(98), RT-1007(98), C-NET(9N) (110pin) (flags 0xa00000) (PC-98)

      • Contec C-NET(98)E-A, C-NET(98)L-A, C-NET(98)P (flags 0x300000) (PC-98)

      • Corega Ether98-T (flags 0x000000) (PC-98)

      • Corega Ether PCC-T/EtherII PCC-T/FEther PCC-TXF/PCC-TXD PCC-T/Fether II TXD

      • Corega LAPCCTXD (TC5299J)

      • CyQ've ELA-010

      • DEC EtherWorks DE305

      • Danpex EN-6200P2

      • D-Link DE-298, DE-298P (flags 0x500000) (PC-98)

      • D-Link DE-660, DE-660+

      • D-Link IC-CARD/IC-CARD+ Ethernet

      • ELECOM LD-98P (flags 0x500000) (PC-98)

      • ELECOM LD-BDN, LD-NW801G (flags 0x200000) (PC-98)

      • ELECOM Laneed LD-CDL/TX, LD-CDF, LD-CDS, LD-10/100CD, LD-CDWA (DP83902A)

      • Hawkin! g PN652TX! PC Card (AX88790)

      • HP PC Lan+ 27247B and 27252A

      • IBM Creditcard Ethernet I/II

      • ICM AD-ET2-T, DT-ET-25, DT-ET-T5, IF-2766ET, IF-2771ET, NB-ET-T (110pin) (flags 0x500000) (PC-98)

      • I-O DATA LA/T-98, LA/T-98SB, LA2/T-98, ET/T-98 (flags 0x900000) (PC-98)

      • I-O DATA ET2/T-PCI

      • I-O DATA PCLATE

      • Kansai KLA-98C/T (flags 0x900000) (PC-98)

      • Kingston KNE-PC2, CIO10T, KNE-PCM/x Ethernet

      • KTI ET32P2 PCI

      • Linksys EC2T/PCMPC100/PCM100, PCMLM56

      • Linksys EtherFast 10/100 PC Card, Combo PCMCIA Ethernet Card (PCMPC100 V2)

      • Logitec LAN-98T (flags 0xb00000) (PC-98)

      • MACNICA Ethernet ME1 for JEIDA

      • MACNICA ME98 (flags 0x900000) (PC-98)

      • MACNICA NE2098 (flags 0x400000) (PC-98)

      • MELCO EGY-98 (flags 0x300000) (PC-9 8)

      • MELCO LGH-98, LGY-98, LGY-98-N (110pin), IND-SP, IND-SS (flags 0x400000) (PC-98)

      • MELCO LGY-PCI-TR

      • MELCO LPC-T/LPC2-T/LPC2-CLT/LPC2-TX/LPC3-TX/LPC3-CLX

      • NDC Ethernet Instant-Link

      • NEC PC-9801-77, PC-9801-78 (flags 0x910000) (PC-98)

      • NEC PC-9801-107, PC-9801-108 (flags 0x800000) (PC-98)

      • National Semiconductor InfoMover NE4100

      • NetGear FA-410TX

      • NetVin NV5000SC

      • Network Everywhere Ethernet 10BaseT PC Card

      • Networld 98X3 (flags 0xd00000) (PC-98)

      • Networld EC-98X, EP-98X (flags 0xd10000) (PC-98)

      • New Media LANSurfer 10+56 Ethernet/Modem

      • New Media LANSurfer

      • Novell NE1000/NE2000/NE2100

      • PLANEX ENW-8300-T

      • PLANEX EN-2298-C (flags 0x200000) (PC-98)

      • PLANEX EN-2298P-T, EN-2298-T (flags 0x500000) (PC-98)

      • PLANEX FNW-3600-T

      • Psion 10/100 LANGLOBAL Combine iT

      • RealTek 8019

      • RealTek 8029

      • Relia Combo-L/M-56k PC Card

      • SMC Elite 16 WD8013

      • SMC Elite Ultra

      • SMC EtherEZ98 (flags 0x000000) (PC-98)

      • SMC WD80 03E/WD8003EBT/WD8003S/WD8003SBT/WD8003W/WD8013EBT/WD8013W and clones

      • SMC EZCard PC Card, 8040-TX, 8041-TX (AX88x90), 8041-TX V.2 (TC5299J)

      • Socket LP-E, ES-1000 Ethernet/Serial, LP-E CF, LP-FE CF

      • Surecom EtherPerfect EP-427

      • Surecom NE-34

      • TDK 3000/3400/5670 Fast Ethernet/Modem

      • TDK LAK-CD031, Grey Cell GCS2000 Ethernet Card

      • TDK DFL5610WS Ethernet/Modem PC Card

      • Telecom Device SuperSocke! t RE450T !

      • Toshiba LANCT00A PC Card

      • VIA VT86C926

      • Winbond W89C940

      • Winbond W89C940F

      C-Bus, ISA, PCI and PC Card devices are supported.

      The ed(4) driver does not support the following Ethernet NICs:

      • Mitsubishi LAN Adapter B8895

      The em(4) driver supports Gigabit Ethernet adapters based on the Intel 82540, 82541ER, 82541PI, 82542, 82543, 82544, 82545, 82546, 82546EB, 82546GB, 82547, 82571, 82572, 82573, and 82574 controller chips:

      • Intel PRO/1000 CT Network Connection (82547)

      • Intel PRO/1000 F Server Adapter (82543)

      • Intel PRO/1000 Gigabit Server Adapter (82542)

      • Intel! PRO/1000 GT Desktop Adapter (82541PI)

      • Intel PRO/1000 MF Dual Port Server Adapter (82546)

      • Intel PRO/1000 MF Server Adapter (82545)

      • Intel PRO/1000 MF Server Adapter (LX) (82545)

      • Intel PRO/1000 MT Desktop Adapter (82540)

      • Intel PRO/1000 MT Desktop Adapter (82541)

      • Intel PRO/1000 MT Dual Port Server Adapter (82546)

      • Intel PRO/1000 MT Quad Port Server Adapter (82546EB)

      • Intel PRO/1000 MT Server Adapter (82545)

      • Intel PRO/1000 PF Dual Port Server Adapter (82571)

      • Intel PRO/1000 PF Quad Port Server Adapter (82571)

      • Intel PRO/1000 PF Server Adapter (82572)

      • Intel PRO/1000 PT Desktop Adapter (82572)

      • Intel PRO/1000 PT Dual Port Server Adapter (82571)

      • Intel PRO/1000 PT Quad Port Server Adapter (82571)

      • Intel PRO/1000 PT Server Adapter (82572)

      • I! ntel PRO/1000 T Desktop Adapter (82544)

      • Intel PRO/1000 T Server Adapter (82543)

      • Intel PRO/1000 XF Server Adapter (82544)

      • Intel PRO/1000 XT Server Adapter (82544)

      [i386,pc98,amd64] The ep(4) driver supports Ethernet adapters based on the 3Com 3C5x9 Etherlink III Parallel Tasking chipset, including:

      • 3Com 3C1 CF

      • 3Com 3C509-TP, 3C509-BNC, 3C509-Combo, 3C509-TPO, 3C509-TPC ISA

      • 3Com 3C509B-TP, 3C509B-BNC, 3C509B-Combo, 3C509B-TPO, 3C509B-TPC ISA

      • 3Com 3C529, 3C529-TP MCA

      • 3Com 3C562/3C563 PCMCIA

      • 3Com 3C569B-J-TPO, 3C569B-J-COMBO CBUS

      • 3Com 3C574, 3C574TX, 3C574-TX, 3CCFE574BT, 3CXFE574BT, 3C3FE574BT PCMCIA

      • 3Com 3C579-TP, 3C579-BNC EISA

      • 3Com 3C589, 3C589B, 3C589C , 3C589D, 3CXE589DT PCMCIA

      • 3Com 3CCFEM556B, 3CCFEM556BI PCMCIA

      • 3Com 3CXE589EC, 3CCE589EC, 3CXE589ET, 3CCE589ET PCMCIA

      • 3Com Megahertz 3CCEM556, 3CXEM556, 3CCEM556B, 3CXEM556B, 3C3FEM556C PCMCIA

      • 3Com OfficeConnect 3CXSH572BT, 3CCSH572BT PCMCIA

      • Farallon EtherWave and EtherMac PC Card (P/n 595/895 with BLUE arrow)

      Agere ET1310 Gigabit Ethernet adapters + (et(4) driver)

      [i386,amd64] The ex(4) driver supports the following Ethernet adapters:

      • Intel EtherExpress Pro/10 ISA

      • Intel EtherExpress Pro/10+ ISA

      • Olicom OC2220 Ethernet PC Card

      • Olicom OC2232 Ethernet/Modem PC Card

      • Silicom Ethernet LAN PC Card

      • Silicom EtherSerial LAN PC Card

      [i386,pc98,amd64] Controllers and cards supported by the fe(4) driver include:

      • Allied Telesis RE1000, RE1000Plus, ME1500 (110-pin)

      • CONTEC C-NET(98)P2, C-NET (9N)E (110-pin), C-NET (9N)C (ExtCard)

      • CONTEC C-NET(PC)C PC Card Ethernet

      • Eagle Tech NE200T

      • Eiger Labs EPX-10BT

      • Fujitsu FMV-J182, FMV-J182A

      • Fujitsu MB86960A, MB86965A

      • Fujitsu MBH10303, MBH10302 PC Card Ethernet

      • Fujitsu Towa LA501 Ethernet

      • HITACHI HT-4840-11 PC Card Ethernet

      • NextCom J Link NC5310

      • RATOC REX-5588, REX-9822, REX-4886, and REX-R280

      • RATOC REX-9880/9881/9882/9883

      • TDK LAC-98012, LAC-98013, LAC-98025, LAC-9N011 (110-pin)

      • TDK LAK-CD011, LAK-CD021, LAK-CD021A, LAK-CD021BX

      • Ungermann-Bass Access/PC N98C+(PC85152, PC85142), Access/NOTE N98(PC86132) (110-pin)

      Adapters supported by the fxp(4) driver include:

      • Intel EtherExpress PRO/10

      • Intel InBusiness 10/100

      • Intel PRO/100B / EtherExpressPRO/100 B PCI Adapter

      • Intel PRO/100+ Management Adapter

      • Intel PRO/100 VE Desktop Adapter

      • Intel PRO/100 VM Network Connection

      • Intel PRO/100 M Desktop Adapter

      • Intel PRO/100 S Desktop, Server and Dual-Port Server Adapters

      • Contec C-NET(PI)-100TX (PC-98)

      • NEC PC-9821Ra20, Rv20, Xv13, Xv20 internal 100Base-TX (PC-98)

      • NEC PC-9821X-B06 (PC-98)

      • Many on-board network interfaces on Intel motherboards

      Chips supported by the gem(4) driver include:

      • Apple GMAC

      • Sun ERI 10/! 100 Mbps ! Ethernet

      • Sun GEM Gigabit Ethernet

      The following add-on cards are known to work with the gem(4) driver at this time:

      • Sun Gigabit Ethernet PCI 2.0/3.0 (GBE/P) (part no. 501-4373)

      • Sun Gigabit Ethernet SBus 2.0/3.0 (GBE/S) (part no. 501-4375)

      The hme(4) driver supports the on-board Ethernet interfaces of many Sun UltraSPARC workstation and server models.

      Cards supported by the hme(4) driver include:

      • Sun PCI SunSwift Adapter

      • Sun SBus SunSwift Adapter ( hme and “ ;SUNW,hme)

      • Sun PCI Sun100BaseT Adapter 2.0

      • Sun SBus Sun100BaseT 2.0

      • Sun PCI Quad FastEthernet Controller

      • Sun SBus Quad FastEthernet Controller

      [i386] The ie(4) driver provides supports the following 8 and 16bit ISA Ethernet cards that are based on the Intel i82586 chip:

      • 3COM 3C507

      • AT&T EN100

      • AT&T Starlan 10

      • AT&T Starlan Fiber

      • Intel EtherExpress 16

      • RACAL Interlan NI5210

      The igb(4) driver supports Gigabit Ethernet adapters based on the Intel 82575 and 82576 controller chips:

      • Intel Gigabit ET Dual Port Server Adapter (82576)

      • Intel Gigabit VT Quad Port Server Adapter (82575)

      [i386,amd64] The ixgb(4) driver supports the following cards:

      • Intel PRO/10GbE LR Server Adapter

      • Intel PRO/10GbE SR Server Adapter

      The ixgbe(4) driver supports the following cards:

      • Intel(R) 10 Gigabit XF SR/AF Dual Port Server Adapter

      • Intel(R) 10 Gigabit XF SR/LR Server Adapter

      • Intel(R) 82598EB 10 Gigabit AF Network Connection

      • Intel(R) 82598EB 10 Gigabit AT CX4 Network Connection

      The jme(4) device driver provides support for the following Ethernet controllers:

      • JMicron JMC250 PCI Express Gigabit Ethernet controller

      • JMicron JMC251 PCI Express Gigabit Ethernet with Card Read Host controller

      • JMicron JMC260 PCI Express Fast Ethernet controller

      • JMicron JMC261 PCI Express Gigabit Ethernet with Card Read Host controller

      [i386,pc98,ia64,amd64,powerpc] The kue(4) driver supports Kawasaki LSI KL5KLUSB101B based USB Ethernet adapters including:

      • 3Com 3c19250

      • 3Com 3c460 HomeConnect Ethernet USB Adapter

      • ADS Technologies USB-10BT

      • AOX USB101

      • ATen UC10T

      • Abocom URE 450

      • Corega USB-T

      • D-Lin! k DSB-650C

      • Entrega NET-USB-E45, NET-HUB-3U1E

      • I/O Data USB ETT

      • Kawasaki DU-H3E

      • LinkSys USB10T

      • Netgear EA101

      • Peracom USB Ethernet Adapter

      • Psion Gold Port USB Ethernet adapter

      • SMC 2102USB, 2104USB

      [i386,pc98,amd64] Adapters supported by the lge(4) driver include:

      • SMC TigerCard 1000 (SMC9462SX)

      • D-Link DGE-500SX

      [i386,amd64] The msk(4) driver provides support for various NICs based on the Marvell/SysKonnect Yukon II based Gigabit Ethernet controller chips, including:

      • D-Link 550SX Gigabit Ethernet

      • D-Link 560SX Gigabit Ethernet

      • D-Link 560T Gigabit Ethernet

      • Marvell Yukon 88E8021CU Gigabit Ethernet

      • Marvell Yukon 88E8021 SX/LX Gigabit Ethernet

      • Marvell Yukon 88E8022CU Gigabit Ethernet

      • Marvell Yukon 88E8022 SX/LX Gigabit Ethernet

      • Marvell Yukon 88E8061CU Gigabit Ethernet

      • Marvell Yukon 88E 8061 SX/LX Gigabit Ethernet

      • Marvell Yukon 88E8062CU Gigabit Ethernet

      • Marvell Yukon 88E8062 SX/LX Gigabit Ethernet

      • Marvell Yukon 88E8035 Fast Ethernet

      • Marvell Yukon 88E8036 Fast Ethernet

      • Marvell Yukon 88E8038 Fast Ethernet

      • Marvell Yukon 88E8039 Fast Ethernet

      • Marvell Yukon 88E8040 Fast Ethernet

      • Marvell Yukon 88E8040T Fast Ethernet

        • < li class="listitem">

        Marvell Yukon 88E8042 Fast Ethernet

      • Marvell Yukon 88E8048 Fast Ethernet

      • Marvell Yukon 88E8050 Gigabit Ethernet

      • Marvell Yukon 88E8052 Gigabit Ethernet

      • Marvell Yukon 88E8053 Gigabit Ethernet

      • Marvell Yukon 88E8055 Gigabit Ethernet

      • Marvell Yukon 88E8056 Gigabit Ethernet

      • Marvell Yukon 88E8057 Gigabit Ethernet

      • Marvell Yukon 88 E8058 Gigabit Ethernet

      • Marvell Yukon 88E8059 Gigabit Ethernet

      • Marvell Yukon 88E8070 Gigabit Ethernet

      • Marvell Yukon 88E8071 Gigabit Ethernet

      • Marvell Yukon 88E8072 Gigabit Ethernet

      • Marvell Yukon 88E8075 Gigabit Ethernet

      • SysKonnect SK-9Sxx Gigabit Ethernet

      • SysKonnect SK-9Exx Gigabit Ethernet

      [i386,amd64] The mxge(4) driver supports 10 Gigabit Ethernet adapters based on the Myricom LANai Z8E chips:

      • Myricom 10GBase-CX4 (10G-PCIE-8A-C, 10G-PCIE-8AL-C)

      • Myricom 10GBase-R (10G-PCIE-8A-R, 10G-PCIE-8AL-R)

      • Myricom 10G XAUI over ribbon fiber (10G-PCIE-8A-Q, 10G-PCIE-8AL-Q)

      [i386,pc98] The my(4) driver provides support for various NICs based on the Myson chipset. Supported models include:

      • Myson MTD800 PCI Fast Ethernet chip

      • Myson MTD803 PCI Fast Ethernet chip

      • Myson MTD89X PCI Gigabit Ethernet chip

      [i386,amd64] The nfe(4) driver supports the following NVIDIA MCP onboard adapters:

      • NVIDIA nForc! e MCP Net! working Adapter

      • NVIDIA nForce MCP04 Networking Adapter

      • NVIDIA nForce 430 MCP12 Networking Adapter

      • NVIDIA nForce 430 MCP13 Networking Adapter

      • NVIDIA nForce MCP51 Networking Adapter

      • NVIDIA nForce MCP55 Networking Adapter

      • NVIDIA nForce MCP61 Networking Adapter

      • NVIDIA nForce MCP65 Networking Adapter

      • NVIDIA nForce MCP67 Networking Adapter

        < /li>

      • NVIDIA nForce MCP73 Networking Adapter

      • NVIDIA nForce MCP77 Networking Adapter

      • NVIDIA nForce MCP79 Networking Adapter

      • NVIDIA nForce2 MCP2 Networking Adapter

      • NVIDIA nForce2 400 MCP4 Networking Adapter

      • NVIDIA nForce2 400 MCP5 Networking Adapter

      • NVIDIA nForce3 MCP3 Networking Adapter

      • NVIDIA nForce3 250 MCP6 Networking Adapter

      • NVIDIA nForce3 MCP7 Networking Adapter

      • NVIDIA nForce4 CK804 MCP8 Networking Adapter

      • NVIDIA nForce4 CK804 MCP9 Networking Adapter

      The nge(4) driver supports National Semiconductor DP83820 and DP83821 based Gigabit Ethernet adapters including:

      • Addtron AEG320T

      • Ark PC SOHO-GA2500T (32-bit PCI) and SOHO-GA2000T (64- bit PCI)

      • Asante FriendlyNet GigaNIX 1000TA and 1000TPC

      • D-Link DGE-500T

      • Linksys EG1032, revision 1

      • Netgear GA621

      • Netgear GA622T

      • SMC EZ Card 1000 (SMC9462TX)

      • Surecom Technology EP-320G-TX

      • Trendware TEG-PCITX (32-bit PCI) and TEG-PCITX2 (64-bit PCI)

      [i386,amd64] The nve(4) driver supports the NVIDIA MCP onboard adapters of mainboards with the following chipsets:

      • nForce

      • nForce2

      • nForce3

      • nForce4

      [i386,amd64] The nxge(4) driver supports Neteri on Xframe 10 Gigabit Ethernet adapters listed in http://www.neterion.com/how/pricing.html.

      [i386,amd64] The oce(4) driver supports the following network adapters:

      • Emulex BladeEngine 2

      • Emulex BladeEngine 3

      • Emulex Lancer

      [i386,p c98,ia64,amd64] The pcn(4) driver supports adapters and embedded controllers based on the AMD PCnet/FAST, PCnet/FAST+, PCnet/FAST III, PCnet/PRO and PCnet/Home Fast Ethernet chips:

      • AMD Am79C971 PCnet-FAST

      • AMD Am79C972 PCnet-FAST+

      • AMD Am79C973/Am79C975 PCnet-FAST III

      • AMD Am79C976 PCnet-PRO

      • AMD Am79C978 PCnet-Home

      • Allied-Telesis LA-PCI

      [amd64] The qlxgb(4) driver supports 10 Gigabit Ethernet & CNA Adapter based on the following chipsets:

      • QLogic 3200 series

      • QLogic 8200 series

      [amd64] The qlxgbe(4) driver supports 10 Gigabit! Ethernet! & CNA Adapter based on the following chipsets:

      • QLogic 8300 series

      [amd64] The qlxge(4) driver supports 10 Gigabit Ethernet & CNA Adapter based on the following chipsets:

      • QLogic 8100 series

      The re(4) driver supports RealTek RTL8139C+, RTL8169, RTL816xS, RTL811xS, RTL8168, RTL810xE and RTL8111 based Fast Ethernet and Gigabit Ethernet adapters including:

      • Alloy Computer Products EtherGOLD 1439E 10/100 (8139C+)

      • Compaq Evo N1015v Integrated Ethernet (8139C+)

      • Corega CG-LAPCIGT Gigabit Ethernet (8169S)

      • D-Link DGE-528(T) Gigabit Ethernet (8169S)

      • Gigabyte 7N400 Pro2 Integrated Gigabit Ethernet (8110S)

      • Leve! lOne GNC-0105T (8169S)

      • LinkSys EG1032 (32-bit PCI)

      • PLANEX COMMUNICATIONS Inc. GN-1200TC (8169S)

      • USRobotics USR997902 Gigabit Ethernet (8169S)

      • Xterasys XN-152 10/100/1000 NIC (8169)

      Adapters supported by the rl(4) driver include:

      • Accton Cheetah” EN1207D (MPX 5030/5038; RealTek 8139 clone)

      • Allied Telesyn AT2550

      • Allied Telesyn AT2500TX

      • Belkin F5D5000

      • BUFFALO (Melco INC.) LPC-CB-CLX (CardBus)

      • Compaq HNE-300

      • CompUSA no-name 10/100 PCI Ethernet NIC

      • Corega FEther CB-TXD

      • Corega FEtherII CB-TXD

      • D-Link DFE-520TX (rev. C1)

      • D-Link DFE-528TX

      • D-Link DFE-530TX+

      • D-Link DFE-538TX

      • D-Link DFE-690TXD

      • Edimax EP-4103DL CardBus

      • Encore ENL832-TX 10/100 M PCI

      • Farallon NetLINE 10/100 PCI

      • Genius GF100TXR

      • GigaFast Ethernet EE100-AXP

      • KTX-9130TX 10/100 Fast Ethernet

      • LevelOne FPC-0106TX

      • Longshine LCS-8038TX-R

      • NDC Communications NE100TX-E

      • Netronix Inc. EA-1210 NetEther 10/100

      • Nortel Networks 10/100BaseTX

      • OvisLink LEF-8129TX

      • OvisLink LEF-8139TX

      • Peppercon AG ROL-F

      • Planex FNW-3603-TX

      • Planex FNW-3800-TX

      • SMC EZ Card 10/100 PCI 1211-TX

      • SOHO (PRAGMATIC) UE-1211C

      [i386,pc98,amd64] The rue(4) driver supports RealTek RTL8150 based USB Ethernet adapters including:

      • Buffalo (Melco Inc.) LUA-KTX

      • Gre en House GH-USB100B

      • LinkSys USB100M

      • Billionton 10/100 FastEthernet USBKR2

      Adapters supported by the sf(4) driver include:

      • ANA-62011 64-bit single port 10/100baseTX adapter

      • ANA-62022 64-bit dual port 10/100baseTX adapter

      • ANA-62044 64-bit q uad port 10/100baseTX adapter

      • ANA-69011 32-bit single port 10/100baseTX adapter

      • ANA-62020 64-bit single port 100baseFX adapter

      The sfxge(4) driver supports all 10Gb Ethernet adapters based on Solarflare SFC9000 family controllers.

      The sge(4) device driver provides support for the following Ethernet controllers:

      • SiS190 Fast Ethernet controller

      • SiS191 Fast/Gigabit Ethernet controller

      The sis(4) driver supports Silicon Integrated Systems SiS 900 and SiS 7016 based Fast Ethernet adapters and embedded controllers, as well as Fast Ethernet adapters based on the National Semiconductor DP83815 (MacPhyter) and DP83816 chips. Supported adapters include:

      • @Nifty FNECHARD IFC USUP-TX

      • MELCO LGY-PCI-TXC

      • Netgear FA311-TX (DP83815)

      • Netgear FA312-TX (DP83815)

      • SiS 630, 635, and 735 motherboard chipsets

      • Soekris Engineering net45xx, net48xx, lan1621, and lan1641

      Adapters supported by the sk(4) driver include:

      • 3Com 3C940 single port, 1000baseT adapter

      • 3Com 3C2000-T single port, 1000baseT adapter

      • Belkin F5D5005 single port, 1000baseT adapter

      • D-Link DGE-530T single port, 1000baseT adapter

      • Linksys (revision 2) single port, 1000baseT adapter

      • SK-9521 SK-NET GE-T single port, 1000baseT adapter

      • SK-9821 SK-NET GE-T single port, 1000baseT adapter

      • SK-9822 SK-NET GE-T dual port, 1000baseT adapter

      • SK-9841 SK-NET GE-LX single port, single mode fiber adapter

      • SK-9842 SK-NET GE-LX dual port, single mode fiber adapter

      • SK-9843 SK-NET GE-SX single port, multimode fiber adapter

      • SK-9844 SK-NET GE-SX dual port, multimode fiber adapter

      • SMC 9452TX single port, 1000baseT adapter

      [i386,amd64] The sn(4) driver supports SMC91Cxx based ISA and PCMCIA cards including:

      • 3Com Megahertz X-Jack Ethernet PC Card XJ10BT, XJ10BC

      • 3Com Megahertz XJEM and CCEM series: CCEM3288C, CCEM3288T, CCEM3336, CEM3336C, CCEM3336T, XJEM1144C, XJEM1144T, XJEM3288C, XJEM3288T, XJEM3336

      • Farallon EtherMac PC Card 595a

      • Motorola Mariner Ethernet/Modem PC Card

      • Ositech Seven of Diamonds Ethernet PC Card

      • Ositech Jack of Hearts Ethernet/Modem PC Card

      • Psion Gold Card Netglob al Ethernet PC Card

      • Psion Gold Card Netglobal 10/100 Fast Ethernet PC Card

      • Psion Gold Card Netglobal 56k+10Mb Ethernet PC Card

      • SMC EZEther PC Card (8020BT)

      • SMC EZEther PC Card (8020T)

      The sn(4) driver supports the SMC 91C90, SMC 91C92, SMC 91C94, SMC 91C95, SMC 91C96, SMC91C100 and SMC 91C100FD chips from SMC.

      The Farallon EtherWave and EtherMac card came in two varieties. The ep(4) driver su pports the 595 and 895 cards. These cards have the blue arrow on the front along with a 3Com logo. The Farallon 595a cards, which have a red arrow on the front, are also called EtherWave and EtherMac. They are supported by the sn(4) driver.

      [pc98] The snc(4) driver supports the following cards:

      • National Semiconductor DP83934AVQB

      • NEC PC-9801-8! 3

      • NEC PC-9801-84

      • NEC PC-9801-103

      • NEC PC-9801-104

      • NEC PC-9801N-15

      • NEC PC-9801N-25

      • NEC PC-9801N-J02 PCMCIA

      • NEC PC-9801N-J02R PCMCIA

      The snc(4) driver also include s support for the National Semiconductor NS46C46 as 64 * 16 bits Microwave Serial EEPROM.

      The ste(4) driver supports Sundance Technologies ST201 based Fast Ethernet adapters and embedded controllers including:

      • D-Link DFE-530TXS

      • D-Link DFE-550TX

      • D-Link DFE-580TX

      The stge(4) driver provides support for various NICs based on the Sundance/Tamarack TC9021 based Gigabit Ethernet controller chips, including:

      • Antares Microsystems Gigabit Ethernet

      • ASUS NX1101 Gigabit Ethernet

      • D-Link DL-4000 Gigabit Ethernet

      • IC Plus IP1000A Gigabit Ethernet

      • Sundance ST-2021 Gigabit Ethernet

      • Sundance ST-2023 Gigabit Ethernet

      • Sundance TC9021 Gigabit Ethernet

      • Tamarack TC9021 Gigabit Ethernet

      [i386,pc98,amd64,sparc64] The ti(4) driver supports Gigabit Ethernet adapters based on the Alteon Tigon I and II chips. The ti(4) driver has been tested with the following adapters:

      • 3Com 3c985-SX Giga! bit Ether! net adapter (Tigon 1)

      • 3Com 3c985B-SX Gigabit Ethernet adapter (Tigon 2)

      • Alteon AceNIC V Gigabit Ethernet adapter (1000baseSX)

      • Alteon AceNIC V Gigabit Ethernet adapter (1000baseT)

      • Digital EtherWORKS 1000SX PCI Gigabit adapter

      • Netgear GA620 Gigabit Ethernet adapter (1000baseSX)

      • Netgear GA620T Gigabit Ethernet adapter (1000baseT)

      The following adapters should also be supported but have not yet been tested:

      • Asante GigaNIX1000T Gigabit Ethernet adapter

      • Asante PCI 1000BASE-SX Gigabit Ethernet adapter

      • Farallon PN9000SX Gigabit Ethernet adapter

      • NEC Gigabit Ethernet

      • Silicon Graphics PCI Gigabit Ethernet adapter

      [i386,pc98,amd64] The tl(4) driver supports Texas Instruments ThunderLAN based Ethernet and Fast Ethernet! adapters! including a large number of Compaq PCI Ethernet adapters. Also supported are:

      • Olicom OC-2135/2138 10/100 TX UTP adapter

      • Olicom OC-2325/OC-2326 10/100 TX UTP adapter

      • Racore 8148 10baseT/100baseTX/100baseFX adapter

      • Racore 8165 10/100baseTX adapter

      The tl(4) driver also supports the built-in Ethernet adapters of various Compaq Prosignia servers and Compaq Deskpro desktop machines including:

      • Compaq Netelligent 10

      • Compaq Netelligent 10 T PCI UTP/Coax

      • Compaq Netelligent 10/100

      • Compaq Netelligent 10/100 Dual-Port

      • Compaq Netelligent 10/100 Proliant

      • Compaq Netelligent 10/100 TX Embedded UTP

      • Compaq Netelligent 10/100 TX UTP

      • Comp! aq NetFle! x 3P

      • Compaq NetFlex 3P Integrated

      • Compaq NetFlex 3P w/BNC

      [amd64, i386, pc98] SMC 83c17x + (EPIC)-based Ethernet NICs (tx(4) driver)

      The txp(4) driver supports the following cards:

      • 3Com 3CR990-TX-95

      • 3Com 3CR990-TX-97

      • 3Com 3cR990B-TXM

      • 3Com 3CR990SVR95

      • 3Com 3CR990SVR97

      • 3Com 3cR990B-SRV

      [i386,pc98,amd64] The udav(4) driver supports the following adapters:

      • Corega FEther USB-TXC

      • ShanTou ST268 USB NIC

      The vge(4) driver supports VIA Networking VT6120, VT6122, VT6130 and VT6132 based Gigabit Ethernet adapters including:

      • VIA Networking LAN-on-motherboard Gigabit Ethernet

      • ZyXEL GN650-T 64-bit PCI Gigabit Ethernet NIC (ZX1701)

      • ZyXEL GN670-T 32-bit PCI Gigabit Ethernet NIC (ZX1702)

      The vr(4) driver supports VIA Technolog ies Rhine I, Rhine II, and Rhine III based Fast Ethernet adapters including:

      • AOpen/Acer ALN-320

      • D-Link DFE520-TX

      • D-Link DFE530-TX

      • Hawking Technologies PN102TX

      • Soekris Engineering net5501

      The vte(4) device driver provides support for the following Ethernet controllers:

      • DM&P Vortex86 RDC R6040 Fast Ethernet controller

      [i386,pc98,ia64,amd64] The vx(4) driver supports the following cards:

      • 3Com 3c590 EtherLink III PCI

      • 3Com 3c592 EtherLink III EISA

      • 3Com 3c595 Fast EtherLink III PCI in 10 Mbps mode

      • < p xmlns="http://www.w3.org/TR/xhtml1/transitional">3Com 3c597 Fast EtherLink III EISA in 10 Mbps mode

      [i386,amd64] The vxge(4) driver supports Neterion X3100 10 Gigabit Ethernet adapters listed in http://www.neterion.com.

      [i386,pc98,amd64] The wb(4) driver supports Winbond W89C840F based Fast Ethernet adapters and embedded controllers including:

      • Trendware TE100-PCIE

      [i386,amd64] The xe(4) driver supports the following cards:

      • Xircom CreditCard Ethernet (PS-CE2-10)

      • Xircom CreditCard Ethernet + Modem 28 (PS-CEM-28)

      • Xircom CreditCard Ethernet + Modem 33 (CEM33)

      • Xircom CreditCar d 10/100 (CE3, CE3B)

      • Xircom CreditCard Ethernet 10/100 + Modem 56 (CEM56)

      • Xircom RealPort Ethernet 10 (RE10)

      • Xircom RealPort Ethernet 10/100 (RE100)

      • Xircom RealPort Ethernet 10/100 + Modem 56 (REM56, REM56G)

      • Accton Fast EtherCard-16 (EN2226)

      • Compaq Microcom CPQ550 Ethernet/Modem PC Card

      • Compaq Netelligent 10/100 PC Card (CPQ-10/100)

      • Intel EtherExpress Pro/100 PC Card Mobile Adapter ! 16 (Pro/1! 00 M16A)

      • Intel EtherExpress Pro/100 LAN/Modem PC Card Adapter (Pro/100 M16B)

      Other similar devices using the same hardware may also be supported.

      The xl(4) driver supports the following hardware:

      • 3Com 3c900-TPO

      • 3Com 3c900-COMBO

      • 3Com 3c905-TX

      • 3Com 3c905-T4

      • 3Com 3c900B-TPO

      • 3Com 3c900B-TPC

      • 3Com 3c900B-FL

      • 3Com 3c900B-COMBO

      • 3Com 3c905B-T4

      • 3Com 3c905B-TX

      • 3Com 3c905B-FX

      • 3Com 3c905B-COMBO

      • 3Com 3c905C-TX

      • 3Com! 3c980, 3! c980B, and 3c980C server adapters

      • 3Com 3cSOHO100-TX OfficeConnect adapters

      • 3Com 3c450 HomeConnect adapters

      • 3Com 3c555, 3c556 and 3c556B mini-PCI adapters

      • 3Com 3C3SH573BT, 3C575TX, 3CCFE575BT, 3CXFE575BT, 3CCFE575CT, 3CXFE575CT, 3CCFEM656, 3CCFEM656B, and 3CCFEM656C, 3CXFEM656, 3CXFEM656B, and 3CXFEM656C CardBus adapters

      • 3Com 3c905-TX, 3c905B-TX 3c905C-TX, 3c920B-EMB, and 3c920B-EMB-WNM embedded adapters

      Both the 3C656 family of CardBus cards and the 3C556 family of MiniPCI cards have a built-in proprietary mod em. Neither the xl(4) driver nor any other FreeBSD driver supports this modem.

      3.3.FDDI Interfaces

      [i386, pc98] DEC DEFPA PCI (fpa(4) + driver)

      [i386] DEC DEFEA EISA (fpa(4) driver)

      3.4.ATM Interfaces

      [i386, pc98] Midway-based ATM interfaces + (en(4) driver)

      [i386, pc98 sparc64] FORE Systems, + Inc. PCA-200E ATM PCI Adapters (hfa and fatm(4) + drivers)

      [i386, pc98] IDT NICStAR 77201/211-based ATM + Adapters (idt(4) driver)

      [i386, pc98 sparc64] FORE Systems, + Inc. HE155 and HE622 ATM interfaces (hatm(4) + driver)

      [i386, pc98] IDT77252-based ATM cards + (patm(4) driver)

      3.5.Wireless Network Interfaces

      [amd64, i386, pc98] Cisco/Aironet + 802.11b wireless adapters (an(4) driver)

      [i386,pc98,amd64,sparc64] The ath(4) driver supports all Atheros Cardbus and PCI cards, except those that are based on the AR5005VL chipset.

      The bwi(4) driver supports Broadcom BCM43xx based wireless devices, including:

      • Apple Airport Extreme

      • Apple Airport Extreme

      • ASUS WL-138g

      • Buffalo WLI-CB-G54S

      • Buffalo WLI-PCI-G54S

      • Compaq R4035 onboard

      • Dell Wireless 1390 BCM4311 Mini PCI

      • Dell Wireless 1470

      • Dell Truemobile 1300 r2

      • Dell Truemobile 1400

      • HP nx6125

      • Linksys WPC54G Ver 3

      • Linksys WPC54GS Ver 2

      • TRENDnet TEW-401PCplus

      • US Robotics 5411

      The bwi(4) driver uses the older v3 version of Broadcom's firmware. While this older firmware does support most BCM43xx parts, the bwn(4) driver works better for the newe r chips it supports. You must use the bwi(4) driver if you are using older Broadcom chipsets (BCM4301, BCM4303 and BCM4306 rev 2). The v4 version of the firmware that bwn(4) uses does not support these chips.

      [i386, amd64] Intel PRO/Wireless 2100 + MiniPCI network adapter (ipw(4) driver)

      [i386, amd64] Intel PRO/Wireless + 2200BG/2915ABG MiniPCI and 2225BG PCI network adapters + (iwi(4) driver)

      [i386, amd64] Intel Wireless WiFi Link + 4965AGN IEEE 802.11n PCI network adapters + (iwn(4) driver)

      [i386, amd64] Marvell Libertas IEEE 802.11b/g + PCI network adapters (malo(4) driver)

      Marvell 88W8363 IEEE 802.11n wireless network + adapters (mwl(4) driver)

      [i386,amd64] The ral(4) driver supports PCI/PCIe/CardBus wireless adapters based on Ralink Technology chipsets, including:

      • A-Link WL54H

      • A-Link WL54PC

      • AirLink101 AWLC5025

      • AirLink101 AWLH5025

      • Amigo AWI-914W

      • Amigo AWI-922W

      • Amigo AWI-926W

      • AMIT WL531C

      • AMIT WL531P

      • AOpen AOI-831

      • ASUS WL-107G

      • ASUS WL-130g

      • Atlantis Land A02-PCI-W54

      • Atlan! tis Land A02-PCM-W54

      • Belkin F5D7000 v3

      • Belkin F5D7010 v2

      • Billionton MIWLGRL

      • Canyon CN-WF511

      • Canyon CN-WF513

      • CC&C WL-2102

      • CNet CWC-854

      • CNet CWP-854

      • Compex WL54G

      • Compex WLP54G

      • Conceptronic C54RC

      • Conceptronic C54Ri

      • Digitus DN-7001G-RA

      • Digitus DN-7006G-RA

      • E-Tech WGPC02

      • E-Tech WGPI02

      • Edimax EW-7108PCg

      • Edimax EW-7128g

      • Eminent EM3036

      • Eminent EM3037

      • Encore ENLWI-G-RLAM

      • Encore ENPWI-G-RLAM

      • Fiberline WL-400P

      • Fibreline WL-400X

      • Gigabyte GN-WI01GS

      • Gigabyte GN-WIKG

      • Gigabyte GN-WMKG

      • Gigabyte GN-WP01GS

      • Gigabyte GN-WPKG

      • Hawking HWC54GR

      • Hawking HWP54GR

      • iNexQ CR054g-009 (R03)

      • JAHT WN-4054P

      • JAHT WN-4054PCI

      • LevelOne WNC-0301 v2

      • LevelOne WPC-0301 v2

      • Linksys WMP54G v4

      • Micronet SP906GK

      • Micronet SP908GK V3

      • Minitar MN54GCB-R

      • Minitar MN! 54GPC-R

      • MSI CB54G2

      • MSI MP54G2

      • MSI PC54G2

      • OvisLink EVO-W54PCI

      • PheeNet HWL-PCIG/RA

      • Pro-Nets CB80211G

      • Pro-Nets PC80211G

      • Repotec RP-WB7108

      • Repotec RP-WP0854

      • SATech SN-54C

      • SATech SN-54P

      • Sitecom WL-112

      • Sitecom WL-115

      • SMC SMCWCB-GM

      • SMC SMCWPCI-GM

      • SparkLAN WL-685R

      • Surecom EP-9321-g

      • Surecom EP-9321-g1

      • Surecom EP-9428-g

      • Sweex LC500050

      • Sweex L! C700030

      • TekComm NE-9321-g

      • TekComm NE-9428-g

      • Unex CR054g-R02

      • Unex MR054g-R02

      • Zinwell ZWX-G160

      • Zinwell ZWX-G360

      • Zinwell ZWX-G361

      • Zonet ZEW1500

      • Zonet ZEW1600

      [i386,amd64] The rum(4) driver supports USB 2.0 wireless adapters based on the Ralink RT2501USB and RT2601USB chipsets, including:

      • 3Com Aolynk WUB320g

      • Abocom WUG2700

      • Airlink101 AWLL5025

      • ASUS WL-167g ver 2

      • Belkin F5D7050 ver 3

      • Belkin F5D9050 ver 3

      • Buffalo WLI-U2-SG54HP

      • Buffalo WLI-U2-SG54HG

      • Buffalo WLI-U2-G54HP

      • Buffalo WLI-UC-G

      • CNet CWD-854 ver F

      • Conceptronic C54RU ver 2

      • Corega CG-WLUSB2GO

      • D-Link DWA-110

      • D-Link DWA-111

      • D-Link DWL-G122 rev C1

      • D-Link WUA-1340

      • Digitus DN-7003GR

      • Edimax EW-7318USG

      • Gigabyte GN-WB01GS

      • Gigabyte GN-WI05GS

      • Hawking HWUG1

      • Hawking HWU54DM

      • Hercules HWGUSB2-54-LB

      • Hercules HWGUSB2-54V2-AP

      • LevelOne WNC-0301USB v3

      • ! Linksys WUSB54G rev C

      • Linksys WUSB54GR

      • Planex GW-US54HP

      • Planex GW-US54Mini2

      • Planex GW-USMM

      • Senao NUB-3701

      • Sitecom WL-113 ver 2

      • Sitecom WL-172

      • Sweex LW053

      • TP-LINK TL-WN321G

      [i386,amd64] Th e run(4) driver supports the following wireless adapters:

      • Airlink101 AWLL6090

      • ASUS USB-N11

      • ASUS USB-N13 ver. A1

      • ASUS USB-N66

      • ASUS WL-160N

      • Belkin F5D8051 ver 3000

      • Belkin F5D8053

        • Belkin F5D8055

      • Belkin F6D4050 ver 1

      • Belkin F9L1103

      • Buffalo WLI-UC-AG300N

      • Buffalo WLI-UC-G300N

      • Buffalo WLI-UC-G301N

      • Buffalo WLI-UC-GN

      • Buffalo WLI-UC-GNM

      • Buffalo WLI-UC-GNM2

      • Corega CG-WLUSB2GNL

        < /li>

      • Corega CG-WLUSB2GNR

      • Corega CG-WLUSB300AGN

      • Corega CG-WLUSB300GNM

      • D-Link DWA-130 rev B1

      • D-Link DWA-140 rev B1, B2, B3, D1

      • D-Link DWA-160 rev B2

      • D-Link DWA-162

      • DrayTek Vigor N61

      • Edimax EW-7711UAn

      • Edimax EW-7711UTn

      • Edimax EW-7717Un

      • Edimax EW-7718Un

      • Edimax EW-7733UnD

      • Gigabyte GN-WB30N

      • Gigabyte GN-WB31N

      • Gigabyte GN-WB32L

      • Hawking HWDN1

      • Hawking HWUN1

      • Hawking HWUN2

      • Hercules HWNU-300

      • Linksys WUSB54GC v3

      • Linksys WUSB600N

      • Logitec LAN-W150N/U2

      • Mvix Nubbin MS-811N

      • Planex GW-USMicroN

      • Planex GW-US300MiniS

      • Sitecom WL-182

      • Sitecom WL-188

      • Sitecom WL-301

      • Sitecom WL-302

      • Sitec! om WL-315

      • SMC SMCWUSBS-N2

      • Sweex LW303

      • Sweex LW313

      • TP-LINK TL-WDN3200

      • TP-LINK TL-WN727N v3

      • Unex DNUR-81

      • Unex DNUR-82

      • ZyXEL NWD2705

      • ZyXEL NWD210N

      • ZyXEL NWD270N

      The uath(4) driver should work with the following adapters:

      • Compex WLU108AG

      • Compex WLU108G

      • D-Link DWL-G132

      • IODATA WN-G54/US

      • MELCO WLI-U2-KAMG54

      • Netgear WG111T

      • Netgear WG111U

      • Netgear WPN111

      • Olitec 000544

      • PLANET WDL-U357

      • Siemens Gigaset 108

      • SMC SMCWUSBT-G

      • SMC SMCWUSBT-G2

      • SparkLAN WL-785A

      • TP-Link TL-WN620G

      • TRENDware International TEW-444UB

      • TRENDware International TEW-504UB

      • Unex Technology UR054ag

      • ZyXEL XtremeMIMO M-202

      An up to date list can be found at http://customerproducts.atheros.com/customerproducts/default.asp.

      The upgt(4) driver supports USB 2.0 Conexant/Intersil PrismGT series wireless adapters based on the GW3887 chipset, among them:

      • Belkin F5D7050 (version 1000)

      • Cohiba Proto Board

      • D-Link DWL-G120 Cohiba

      • FSC Connect2Air E-5400 USB D1700

      • Gigaset USB Adapter 54

      • Inventel UR045G

      • SMC EZ ConnectG SMC2862W-G

      • Sagem XG703A

      • Spinnaker DUT

      • Spinnaker Proto Board

      [i386,amd64] The ural(4) driver supports USB 2.0 wireless adapters based on the Ralink Technology RT2500USB chipset, including:

      • AMIT WL532U

      • ASUS WL-167g

      • Belkin F5D7050 v2000

      • Buffalo WLI-U2-KG54-AI

      • CNet CWD-854

      • Compex WLU54G 2A1100

      • Conceptronic C54RU

      • D-Link DWL-G122 b1

      • Dynalink WLG25USB

      • E-Tech WGUS02

      • Gigabyte GN-WBKG

      • Hercules HWGUSB2-54

      • KCORP LifeStyle KLS-685

      • Linksys WUSB54G v4

      • Linksys WUSB54GP v4

      • MSI MS-6861

      • MSI MS-6865

      • MSI MS-6869

      • NovaTech NV-902

      • OvisLink Evo-W54USB

      • SerComm UB801R

      • SparkLAN WL-685R

      • Surecom EP-9001-g

      • Sweex LC100060

      • Tonze UW-6200C

      • Zinwell ZWX-G261 !

        • !

      • Zonet ZEW2500P

      An up to date list can be found at http://ralink.rapla.net/.

      The urtw(4) driver supports Realtek RTL8187B/L based wireless network devices, including:

      • Belkin F5D7050E

      • Linksys WUSB54GCv2

      • Netgear WG111v2

      • Netgear WG111v3

      • Safehome WLG-1500SMA5

      • Shuttle XPC Accessory PN20

      • Sitecom WL168v1

      • Sitecom WL168v4

      • SureCom EP-9001-g(2A)

      • TRENDnet TEW-424UB V3.xR

      [amd64, i386, pc98] Lucent + Technologies WaveLAN/IEEE 802.11b wireless network adapters + and workalikes using the Lucent Hermes, Intersil PRISM-II, + Intersil PRISM-2.5, Intersil Prism-3, and Symbol Spectrum24 + chipsets (wi(4) driver)

      [i386] NCR / AT&T / Lucent Technologies WaveLan + T1-speed ISA/radio LAN cards (wl(4) driver)

      [i386, amd64] Intel PRO/Wireless 3945ABG + MiniPCI network adapters (wpi(4) driver)

      [i386,amd64] The following devices are known to be supported by the zyd(4) driver:

      • 3COM 3CRUSB10075

      • Acer WLAN-G-US1

      • Airlink+ AWLL3025

      • Airlink 101 AWLL3026

      • AOpen 802.11g WL54

      • Asus A9T integrated wireless

      • Asus WL-159g

      • Belkin F5D7050 v.4000

      • Billion BiPAC 3011G

      • Buffalo WLI-U2-KG54L

      • CC&C WL-2203B

      • DrayTek Vigor 550

      • Edimax EW-7317UG

      • Edimax EW-7317LDG

      • Fiberline Networks WL-43OU

      • iNexQ UR055g

      • Linksys WUSBF54G

      • Longshine LCS-8131G3

      • MSI US54SE

      • MyTek MWU-201 USB adapter

      • Philips SNU5600

      • Planet WL-U356

      • Planex GW-US54GZ

      • Planex GW-US54GZL

      • Planex GW-US54Mini

      • Safecom SWMULZ-5400

      • Sagem XG 760A

      • Sagem XG 76NA

      • Sandberg Wireless G54 USB

      • Sitecom WL-113

      • SMC SMCWUSB-G

      • Sweex wireless USB 54 Mbps

      • Tekram/Siemens USB adapter

      • Teleg! ent TG54U! SB

      • Trendnet TEW-424UB rev A

      • Trendnet TEW-429UB

      • TwinMOS G240

      • Unicorn WL-54G

      • US Robotics 5423

      • X-Micro XWL-11GUZX

      • Yakumo QuickWLAN USB

      • Zonet ZEW2501

      • ZyXEL ZyAIR G-202

      • ZyXEL ZyAIR G -220

      3.6.Miscellaneous Networks

      [i386,pc98] The ce(4) driver supports the following models of Tau-PCI/32 WAN adapters:

      • Cronyx Tau-PCI/32

      • Cronyx Tau-PCI/32-Lite

      [i386] The cx(4) driver supports the following cards:

      • Cronyx Sigma-22, Sigma-24

      • Cronyx Sigma-100

      • Cronyx Sigma-400, Sigma-401, Sigma-404, Sigma-410, Sigma-440

      • Cronyx Sigma-500

      • Cronyx Sigma-703

      • Cronyx Sigma-800, Sigma-801, Sigma-810, Sigma-840

      [i386,pc98] The cp(4) driver supports the following models of Tau-PCI WAN adapters:

      • Cronyx Tau-PCI

      • Cronyx Tau-PCI/R

      • Cronyx Tau-PCI-L

      • Cronyx Tau-PCI-L/R

      • Cronyx Tau-PCI-E1

      • Cronyx Tau-PCI-G703

      • Crony x Tau-PCI-2E1

      • !

        Cronyx Tau-PCI-4E1

      • Cronyx Tau-PCI-E3

      • Cronyx Tau-PCI-T3

      • Cronyx Tau-PCI-STS1

      [i386] The ctau(4) driver supports the following cards:

      • Cronyx Tau (RS-232/V.35)

      • Cronyx Tau/R (RS-530/RS-449)

      • Cronyx Tau/E1 (fractional E1)

      • Cronyx Tau/G703 (unframed E1)

      [i386] The cm(4) driver supports the following card models:

      • SMC90c26

      • SMC90c56

      • SMC90c66 in '56 compatibility mode.

      3.7.Serial Interfaces

      [amd64, i386] PC standard + 8250, 16450, and 16550-based serial ports (sio(4) + driver)

      The uart(4) driver supports the following classes of UARTs:

      • NS8250: standard hardware based on the 8250, 16450, 16550, 16650, 16750 or the 16950 UARTs.

      • SCC: serial communications controllers supported by the scc(4) device driver.

      The s cc(4) driver supports the following classes of SCCs:

      • SAB82532: Siemens SAB 82532 based serial communications controllers.

      • Z8530: Zilog 8530 based serial communications controllers.

      [amd64, i386] AST 4 port serial card using + shared IRQ

      • ARNET 8 port serial card using shared IRQ

      • ARNET (now Digiboard) Sync 570/i high-speed + serial

      [i386] Boca multi-port serial cards

      • Boca BB1004 4-Port serial card (Modems + not supported)

      • Boca IOAT66 6-Port serial card (Modems + supported)

      • Boca BB1008 8-Port serial card (Modems + not supported)

      • Boca BB2016 16-Port serial card (Modems + supported)

      [i386] Comtrol Rocketport card (rp(4) + driver)

      [i386] Cyclades Cyclom-Y serial board (cy(4) + driver)

      [i386] STB 4 port card using shared IRQ

      [i386] DigiBoard intelligent serial cards (digi + driver)

      [amd64, i386, ia64] PCI-Based + multi-port serial boards (puc(4) driver)

      • [amd64, i386] Actiontech 56K PCI

      • [amd64, i386] Avlab Technology, PCI IO 2S + and PCI IO 4S

      • [amd64, i386] Comtrol RocketPort 550

      • [amd64, i386] Decision Computers PCCOM + 4-port serial and dual port RS232/422/485

      • [ia64] Diva Serial (GSP) Multiport UART

      • [amd64, i386] Dolphin Peripherals + 4025/4035/4036

      • [amd64, i386] IC Book Labs Dreadnought + 16x Lite and Pro

      • [amd64, i386] Lava Computers + 2SP-PCI/DSerial-PCI/Quattro-PCI/Octopus-550

      • [amd64, i386] Middle Digital, Weasle + serial port

      • [amd64, i386] Moxa Industio CP-114, + Smartio C104H-PCI and C168H/PCI

      • [amd64, i386] NEC PK-UG-X001 and + PK-UG-X008

      • [amd64, i386] Netmos NM9835 + PCI-2S-550

      • [amd64, i386] Oxford Semiconductor + OX16PCI954 PCI UART

      • [amd64, i386] Syba Tech SD-LAB + PCI-4S2P-550-ECP

      • [amd64, i386] SIIG Cyber I/O PCI + 16C550/16C650/16C850

      • [amd64, i386] SIIG Cyber 2P1S PCI + 16C550/16C650/16C850

      • [amd64, i386] SIIG Cyber 2S1P PCI + 16C550/16C650/16C850

      • [amd64, i386] SIIG Cyber 4S PCI + 16C550/16C650/16C850

      • [amd64, i386] SIIG Cyber Serial (Single + and Dual) PCI 16C550/16C650/16C850

      • [amd64, i386] Syba Tech + Ltd. PCI-4S2P-550-ECP

      • [amd64, i386] Titan PCI-200H and + PCI-800H

      • [amd64, i386] US Robotics (3Com) 3CP5609 + modem

      • [amd64, i386] VScom PCI-400 and + PCI-800

      [i386] The rc(4) driver provides support for the SDL Communications RISCom/8 boards.

      [i386, amd64] Specialix SI/XIO/SX multiport + serial cards, with both the older SIHOST2.x and the + enhanced (transputer based, aka JET) host cards + (ISA, EISA and PCI) are supported. Note that the newer SX+ + PCI cards are not currently supported. (si(4) + driver)

      [pc98] Internel serial interfaces (sio(4) + driver)

      • PC-9801 on-board

      • PC-9821 2'nd CCU (flags 0x12000000)

      [pc98] NEC PC-9861K, PC-9801-101 and Midori-Denshi + MDC-926Rs (sio(4) driver)

      • COM2 (flags 0x01000000)

      • COM3 (flags 0x02000000)

      [pc98] NEC PC-9801-120 (sio(4) driver)

      Note:

      "flags 0x11000000" is necessary in kernel + configuration.

      [pc98] Microcore MC-16550, MC-16550II, MC-RS98 + (sio(4) driver)

      Note:

      "flags 0x14000?01" is necessary in kernel + configuration.

      [pc98] Media Intelligent RSB-2000, RSB-3000 and + AIWA B98-02 (sio(4) driver)

      Note:

      "flags 0x15000?01" is necessary in kernel + configuration.

      [pc98] Media Intelligent RSB-384 (sio(4) + driver)

      Note:

      "flags 0x16000001" is necessary in kernel + configuration.

      [pc98] I-O DATA RSA-98III (sio(4) + driver)

      Note:

      "flags 0x18000?01" is necessary in kernel + configuration.

      [pc98] Hayes ESP98 (sio(4) driver)

      Note:

      "options COM_ESP" and "flags 0x19000000" are necessary + in kernel configuration.

      3.8.Sound Devices

      [i386,amd64] The snd_ad1816(4) driver supports the following sound cards:

      • Analog Devices AD1816

      [i386] The snd_als4000(4) driver supports the following sound cards:

      • Avance Logic ALS4000

      [i386,amd64] The snd_atiixp(4) driver supports the following audio chipsets:

      • ATI IXP 200

      • ATI IXP 300

      • ATI IXP 400

      [sparc64] The snd_audiocs(4) driver supports the following audio devices:

      • CS4231 on SBus based UltraSPARC

      • CS4231 on PCI/EBus based UltraSPARC

      [i386,amd64] The snd_cmi(4) driver supports the following sound cards:

      • CMedia CMI8338A

      • CMedia CMI8338B

      • CMedia CMI8738

      • CMedia CMI8738B

      [i386,amd64] The snd_cs4281(4) driver supports the following sound cards:

      • Crystal Semiconductor CS4281

      [i! 386,amd64! ] The snd_csa(4) driver supports the following sound cards:

      • Crystal Semiconductor CS4280

      • Crystal Semiconductor CS4610

      • Crystal Semiconductor CS4611

      • Crystal Semiconductor CS4614

      • Crystal Semiconductor CS4615

      • Crystal Semiconduc tor CS4622

      • Crystal Semiconductor CS4624

      • Crystal Semiconductor CS4630

      • Genius Soundmaker 128 Value

      • Hercules Game Theatre XP

      • Turtle Beach Santa Cruz

      Some onboard CS4610 chips are accompanied by the CS423x ISA codec instead of the CS4297 AC97 codec. Such configurations are not supported by the snd_csa(4) driver ye t.

      [i386,amd64] The snd_ds1(4) driver supports the following sound cards:

      • Yamaha DS-1

      • Yamaha DS-1E

      [i386,amd64] The snd_emu10k1(4) driver supports the following sound cards:

      • Creative SoundBlaster Live! (EMU10K1 Chipset)

      • Creative SoundBlaster Audigy (EMU10K2 Chipset)

      • Creative SoundBlaster Audigy 2 (EMU10K2 Chipset)

      • Creative SoundBlaster Audigy 2 (EMU10K3 Chipset)

      [i386,amd64] The snd_emu10kx(4) driver supports the following sound cards:

      • Creative Sound Blaster ! Live! (EM! U10K1 Chipset). Both PCM and MIDI interfaces are available.

      • Creative Sound Blaster Audigy (CA0100 and CA0101 Chipset). PCM and two MIDI interfaces available.

      • Creative Sound Blaster Audigy 2 and Creative Sound Blaster Audigy 4 (CA0102 Chipset). PCM support is limited to 48kHz/16 bit stereo (192kHz/24 bit part of this chipset is not supported).

      • Creative Sound Blaster Audigy 2 Value (CA0108 Chipset). PCM support is limited to 48kHz/16 bit stereo (192kHz/24 bit part of this chipset is not supported). There is no MIDI support for this card.

      The snd_emu10kx(4) driver does not support the following sound cards (although they have names similar to some supported ones):

      • Creative Sound Blaster Live! 24-Bit, identified by FreeBSD as

      • Creative Sound Blaster Audigy LS / ES, identified by FreeBSD as

      • All other Creative sound cards with -DAT chipsets.

      • All Creative X-Fi series sound cards.

      [i386,amd64] The snd_envy24(4) driver supports the following audio devices:

      • M-Audio Audiophile 2496

      • M-Audio Delta Dio 2496

      • Terratec DMX 6fire

      [i386,amd64] The snd_envy24ht(4) driver supports the following audio devices:

      • Audiotrak Prodigy 7.1

      • Audiotrak Prodigy 7.1 LT

      • Audiotrak Prodigy 7.1 XT

      • Audiotrak Prodigy HD2

      • ESI Juli@

      • M-Audio Audiophile 192

      • M-Audio Revolution 5.1

      • M-Audio Revolution 7.1

      • Terratec Aureon 5.1 Sky

      • < p xmlns="http://www.w3.org/TR/xhtml1/transit! ional">Te! rratec Aureon 7.1 Space

      • Terratec Aureon 7.1 Universe

      • Terratec PHASE 22

      • Terratec PHASE 28

      [i386,sparc64,amd64] The snd_es137x(4) driver supports the following sound cards:

      • Creative CT5880-A

      • Creative CT5880-C

      • Creative CT5880-D

      • Creative CT5880-E

      • Creative SB AudioPCI CT4730

      • Ensoniq AudioPCI ES1370

      • Ensoniq AudioPCI ES1371-A

      • Ensoniq AudioPCI ES1371-B

      • Ensoniq AudioPCI ES1373-A

      • Ensoniq AudioPCI ES1373-B

      • Ensoniq AudioPCI ES1373-8

      [i386,amd64] The snd_ess(4) driver supports the following sound cards:

      • Ensoniq ESS ISA PnP/non-PnP

      [i386,amd64] The snd_fm801(4) driver supports audio devices based on the following chipset:

      • Forte Media FM801

      [i386,amd64] The snd_gusc(4) driver supports the following sound cards:

      • Gravis UltraSound MAX

      • Gravis UltraSound PnP

      [i386,amd64] The snd_hda(4) driver supports controllers having PCI class 4 (multimedia) and subclass 3 (HDA), compati ble with Intel HDA specification.

      The snd_hda(4) driver supports more than two hundred different controllers and CODECs. There is no sense to list all of them here, as in most cases specific CODEC configuration and wiring are more important then type of the CODEC itself.

      [i386,amd64] The snd_hdspe(4) driver supports the following audio devices:

      • RME HDSPe AIO

      • RME HDSPe RayDAT

      [i386,amd64] The snd_ich(4) driver supports the following audio devices:

      • AMD 768

      • AMD 8111

      • Intel 443MX

      • Intel ICH

      • Intel ICH revision 1

      • Intel ICH2

      • Intel ICH3

      • Intel ICH4

      • Intel ICH5

      • Intel ICH6

      • Intel ICH7

      • NVIDIA nForce

      • NVIDIA nForce2

      • NVIDIA nForce2 400

      • NVIDIA nForce3

      • NVIDIA nForce3 250

      • NVIDIA nForce4

      • SiS 7012

      [i386,amd64] The snd_maestro(4) driver supports the following PCI sound cards:

      • ESS Technology Maestro-1

      • ESS Technology Maestro-2

      • ESS Technology Maestro-2E

      [i386,amd64] The snd_maestro3(4) driver supports the following audio devices:

      • ESS Technology Allegro-1

      • ESS Technology Maestro3

      [i386] The snd_mss(4) driver supports the following audio devices:

      • AD1845

      • AD1848

      • Aztech 2320

      • CMedia CMI8330

      • Crystal Semiconductor CS4231

      • Crystal Semiconductor CS4232

      • Crystal Semiconductor CS4234

      • Crystal Semiconductor CS4235

      • Crystal Semiconductor CS4236

      • Crystal Semiconductor CS4237

      • ENSONIQ SoundscapeVIVO ENS4081

      • NeoMagic 256AV (non-AC97)

      • OPTi 924

      • OPTi 925

      • OPTi 930

      • OPTi 931

      • OPTi 933

      • Yamaha OPL-SA2

      • Yamaha OPL-SA3

      [i386,amd64] The snd_neomagic(4) driver supports the following audio devices:

      • NeoMagic 256AV

      • NeoMagic 256ZX

      [i386,amd64] The snd_sbc(4) driver supports the following sound cards:

      • Avance Asound 110

      • Avance Logic ALS100+

      • Avance Logic ALS120

      • Creative SB16

      • Creative SB32

      • Creative AWE64

      • Creative AWE64 Gold

      • Creative ViBRA16C

      • Creative ViBRA16X

      • ESS ES1681

      • ESS ES1688

      • ESS ES 1868

      • ESS ES1869

      • ESS ES1878

      • ESS ES1879

      • ESS ES1888

      [i386,amd64] The snd_solo(4) driver supports the following sound cards:

      • ESS Solo-1 (ES1938 Chipset)

      • E SS Solo-1E (ES1946 Chipset)

      Note that older ESS ISA cards with ES18xx chipset are supported via snd_ess(4) and/or snd_sbc(4).

      [i386,amd64] The snd_spicds(4) driver supports the following codecs:

      • AK4358

      • AK4381

      • AK4396

      • AK4524

      • AK45 28

      • WM8770

      [i386,amd64,sparc64] The snd_t4dwave(4) driver supports the following audio devices:

      • Acer Labs M5451

      • SIS 7018

      • Trident 4DWave DX

      • Trident 4DWave NX

      [ i386,amd64] The snd_via8233(4) driver supports the following audio chipsets:

      • VIA VT8233

      • VIA VT8233A

      • VIA VT8233C

      • VIA VT8235

      • VIA VT8237

      • VIA VT8251

      [i386,amd64] The snd_via82c686(4) driver supports audio devices based on the following chipset:

      • VIA 82C686A

      [i386,amd64] The snd_vibes(4) driver supports audio devices based on the following chipset:

      • S3 SonicVibes

      [p! c98] NEC ! PC-9801-73, 86 and compatibles (nss + driver)

      • NEC A-MATE internal sound

      • Q-Vision WaveStar, WaveMaster

      [pc98] NEC X-MATE, CanBe, ValueStar internal (mss + driver)

      [pc98] Creative Technologies SoundBlaster(98) + (sb(4) driver)

      [pc98] I-O DATA CD-BOX (sb(4) driver)

      [pc98] MPU-401 and compatible interfaces (mpu + driver)

      • Q-Vision WaveStar

      3.9.Camera and Video Capture Devices

      [i386,pc98] The bktr(4) driver supports video capture cards based on the Brooktree Bt848/849/878/879 chips, as well as Pinnacle PCTV cards, including:

      • AOpen VA1000

      • AVerMedia AVerTV Studio

      • AVerMedia TF/FM-98

      • ATI TV Wonder VE

      • Hauppauge WinCast/TV

      • Hauppauge WinTV-Go-FM

      • Hauppauge WinTV-pci

      • Hauppauge WinTV-radio

      • Intel Smart Video Recorder III

      • KWORLD PCI TV Tuner

      • Miro PC TV

      • Pinnacle PCTV Pro

      • Pinnacle PCTV Rave

      • PixelView PlayTV PAK

      • PixelView PlayTV Pro (rev 4C, 9D)

      • SIGMA TV II

      • STB TV PCI Television Tuner

      • Super TV Tuner

      • TerraTec TValue

      • V-Stream XPERT TV-PVR 878

      • Video Highway XTreme

      • VideoLogic Captivator PCI

      [i386] Connectix QuickCam

      3.10.USB Devices

      [amd64, i386, ia64, pc98] A + range of USB peripherals are supported; devices known to work + are listed in this section. Owing to the generic nature of + most USB devices, with some exceptions any device of a given + class will be supported, even if not explicitly listed + here.

      Note:

      [amd64, i386, ia64, pc98] + USB Ethernet adapters can be found in the section listing + Ethernet + interfaces.

      Note:

      [amd64, i386, ia64, pc98] + USB Bluetooth adapters can be found in Bluetooth section.

      [i386,pc98,ia64,amd64,powerpc] The ohci(4) driver supports all OHCI v1.0 compliant controllers including:

      • AcerLabs M5237 (Aladdin-V)

      • AMD-756

      • OPTi 82C861 (FireLink)

      • NEC uPD 9210

      • CMD Tech 670 (USB0670)

      • CMD Tech 673 (USB0673)

      • NVIDIA nForce3

      • Sun PCIO-2 (RIO USB)

      [i386,pc98,ia64,amd64,powerpc] The uhci(4) driver supports all UHCI v1.1 compliant controllers including:

      • Intel 82371AB/EB (PIIX4)

      • Intel 82371SB (PIIX3)

      • VIA 83C572

      [amd64, i386, ia64, pc98] USB + 2.0 controllers using the EHCI interface (ehci(4) + driver)

      [amd64, i386, ia64, pc98] + Hubs

      [amd64, i386, ia64, pc98] + Keyboards (ukbd(4) driver)

      [amd64, i386, pc98] + Miscellaneous

      • Assist Computer Systems PC Camera C-M1

      • ActiveWire I/O Board

      • Creative Technology Video Blaster WebCam Plus

      • D-Link DSB-R100 USB Radio (ufm(4) driver)

      • Mirunet AlphaCam Plus

      [i386,pc98,amd64,powerpc] The following devices are supported by the urio(4) driver:

      • Diamond MultiMedia Rio 500

      • Diamond MultiMedia Rio 600

      • Diamond MultiMedia Rio 800

      [i386,pc98,amd64] Devices supported by the umodem(4) driver include:

      • 3Com 5605

      • Curitel PC5740 Wireless Modem

      • Kyocera AH-K3001V Mobile Phone(WILLCOM)

      • Kyocera WX320K Mobile Phone(WILLCOM)

      • Metricom Ricochet GS USB wireless modem

      • Sierra MC5720 Wireless Modem

      • Yamaha Broadband Wireless Router RTW65b

      • ELSA MicroLink 56k USB modem

      • Sony Ericsson W810i phone

      • Sonim XP5300 Force

      [amd64, i386, ia64, pc98] Mice + (ums(4) driver)

      [i386,pc98,amd64,powerpc] The ulpt(4) driver provides support for USB printers and parallel printer conversion cables, including the following:

      • ATen parallel printer adapter

      • Belkin F5U002 parallel printer adapter

      • Canon BJ F850, S600

      • Canon LBP-1310, 350

      • Entrega USB-to-parallel printer adapter

      • Hewlett-Packard HP Deskjet 3420 (P/N: C8947A #ABJ)

      • Oki Data MICROLINE ML660PS

      • Seiko Epson PM-900C, 880C, 820C, 730C

      [i386,pc98,amd64] The ubsa(4) driver supports the following adapters:

      • AnyData ADU-500A EV-DO modem

      • AnyData ADU-E100A (no EV-DO mode support)

      • Belkin F5U103

      • Belkin F5U120

      • e-Tek Labs Kwik232

      • GoHubs GoCOM232

      • Peracom single port serial adapter

      [i386,pc98,amd64] The ubser(4) driver provides support for the BWCT console management serial adapters.

      [i386,pc98,amd64] The

      • B&B Electronics USB->RS422/485 adapter

      • Elexol USB MOD1 and USB MOD3

      • HP USB-Serial adapter shipped with some HP laptops

      • Inland UAS111

      • QVS USC-1000

      • Buffalo PC-OP-RS / Kurouto-shikou KURO-RS universal remote

      • Prologix GPIB-USB Controller

      [i386,pc98,amd64] The uplcom(4) driver supports the following devices and adapters:

      • ADLINK ND-6530 USB-Serial Adapter

      • Alcatel One Touch 535/735 Phone

      • Alcor AU9720 USB-RS232 Serial Adapter

      • AlDiga AL-11U Modem

      • Alltronix ACM003U00 Modem

      • Anchor Serial adapter

      • ATEN UC-232A

      • BAFO BF-800 and BF-810

      • Belkin F5U257

      • BenQ S81 Phone

      • Corega CG-USBRS232R Serial Adapter

      • Cressi Edy (Seiko) Diving Computer

      • ELECOM UC-SGT Serial Adapter

      • HAL Corporation Crossam2+USB IR commander

      • !

        Hama USB RS-232 Serial Adapter

      • Hamlet exagerate XURS232

      • HP LD220 Point-Of-Sale (POS) Display

      • IOGEAR UC-232A

      • I/O DATA USB-RSAQ, USB-RSAQ2, USB-RSAQ3 and USB-RSAQ5

      • iTegno WM1080A GSM/GFPRS Modem

      • iTegno WM2080A CDMA Modem

      • Leadtek 9531 GPS

      • Micromax 610U Modem

      • Microsoft Palm 700WX

      • Mobile Action MA-620 Infrared Adapter

      • Motorola Cables

      • Nokia CA-42 Cable

      • OTI DKU-5 cable

      • Panasonic TY-TP50P6-S flat screen

      • PLX CA-42 Phone Cable

      • PLANEX USB-RS232 URS-03

      • Prolific Generic USB-Serial Adapters

      • Prolific Pharos USB-Serial Adapter

        • RATOC REX-USB60

      • Radio Shack USB Serial Cable

      • Sagem USB-Serial Adapter

      • Samsung I330 Phone Cradle

      • Sandberg USB to Serial Link (model number 133-08)

      • Sanwa KB-USB2 Multimeter cable

      • Siemens/BenQ EF81, SX1, X65 and X75 Mobile Phones

      • Sitecom USB-Serial Adapter

      • SMART Technologi es USB-Serial Adapter

      • Sony QN3 Phone Cable

      • Sony Ericsson Datapilot

      • Sony Ericsson DCU-10 and DCU-11 (Susteen) USB Cables

      • SOURCENEXT KeikaiDenwa 8 (with and without charger)

      • Speed Dragon USB-Serial Cable

      • Syntech CPT-8001C Barcode Scanner

      • TDK UHA6400 and UPA9664 USB-PHS Adapters

      • TRENDnet USB to Serial Converter (TU-S9)

      • Tripp-Lite U209-000-R USB-Serial Adapter

      • UIC HCR331 Magnetic Stripe Card Reader

      • UIC MSR206 Magnetic Stripe Card Reader

      • Willcom W-SIM DD PHS terminal.(WS002IN)

      • YC-Cable USB-Serial Adapter

      • Zeagle N2iTion3 Diving Computer

      The umct(4) driver supports the following adapters:

      • Belkin F5U109

      • Belkin F5U409

      • D-Link DU-H3SP USB BAY Hub

      • Magic Control Technology USB-232

      • Sitecom USB-232

      [i386,pc98,amd64,powerpc] The umass(4) driver supports USB Mass Storage devices, including:

      • ADTEC Stick Drive AD-UST32M, 64M, 128M, 256M

      • Denno FireWire/USB2 Removable 2.5-inch HDD Case MIFU-25CB20

      • FujiFilm Zip USB Drive ZDR100 USB A

      • GREEN HOUSE USB Flash Memory "PicoDrive" GH-UFD32M, 64M, 128M

      • Huawei Mobile (SD slot)

      • IBM 32MB USB Memory Key (P/N 22P5296)

      • IBM 256MB USB Drive (MSYSTEM DiskOnKey2)

      • IBM ThinkPad USB Portable CD-ROM Drive (P/N 33L5151)

      • I-O DATA USB CD/CD-R/CD-RW/DVD-R/DVD-RW/DVD-RAM/DVD-ROM Drive DVR-iUH2 (CDROM, DVD-RAM only)

      • I-O DATA USB x6 CD-RW Drive CDRW-i64/USB (CDROM only)

      • I-O DATA USB/IEEE1394 Portable HD Drive HDP-i30P/CI, HDP-i40P/CI

      • Iomega USB Zip 100/250 drive

      • Iomega Zip750 USB2.0 drive

      • Keian USB1.1/2.0 3.5-inch HDD Case KU350A

      • Kurouto Shikou USB 2.5-inch HDD Case GAWAP2.5PS-USB2.0

      • LaCie P3 HardDrive USB 200GB

      • Logitec LDR-H443U2 DVD-RAM/-R/+R/-RW/+RW drive

      • Logitec Mobile USB Memory LMC-256UD

      • Logitec USB1.1/2.0 HDD Unit SHD-E60U2

      • Logitec USB Double-Speed Floppy Drive LFD-31U2

      • Logitec USB/IEEE1394 DVD-RAM/R/RW Unit LDR-N21FU2 (CDROM only)

      • MELCO USB Flash Disk "ClipDrive", RUF-C32M, -C64M, -C128M, -C256M, -C512M

      • MELCO USB Flash Disk "PetitDrive", RUF-32M, -64M, -128M, -256Mm

      • MELCO USB2.0 Flash Disk "PetitDrive2", RUF-256M/U2, -512M/U2

      • MELCO USB2.0 MO Drive MO-CH640U2

      • Matshita CF-VFDU03 floppy drive

      • Merlin SM300 MP3/WMA Player (256Mb)

      • Microtech International, Inc. USB-SCSI-HD 50 USB to SCSI cable

      • Motorola E398 Mobile Phone (TransFlash memory card)

      • NOVAC USB2.0 2.5/3.5-inch HDD Case NV-HD351U

      • PNY Attache Flash Drive

      • Panasonic ("Matshita FDD CF-VFDU03")

      • Panasonic KXL-CB20AN Portable DVD-ROM/CD-R/RW

      • Panasonic KXL-CB35AN (DVD-ROM & CD-R/RW)

      • Panasonic USB2.0 Portable CD-RW Drive KXL-RW40AN (CDROM only)

      • Panasonic floppy drive

      • Qware BeatZkey! Pro

      • RATOC Systems USB2.0 Removable HDD Case U2-MDK1, U2-MDK1B

      • SanDisk SDDR-31 (Compact Flash)

      • SanDisk SDDR-75 (only Compact Flash port works)

      • Sitecom CN-300 MultiFlash (MMC/SD, SmartMedia, CF, MemoryStick)

      • Sony Portable CD-R/RW Drive CRX10U (CDROM only)

      • TEAC Portable USB CD-ROM Unit CD-110PU/210PU

      • Time DPA20B MP3 Player (1Gb)

      • Trek Thumbdrive 8MB

      • VAIO floppy drive (includes Y-E Data Flashbuster-U)

      • Y-E Data floppy drive (720/1.44/2.88Mb)

      Among the supported digital cameras are:

        Asahi Optical (PENTAX) Optio 230 & 330

      [amd64, i386, pc98] Audio Devices + (uaudio(4) driver)

      [i386,pc98,amd64] The uvisor(4) driver supports the following devices:

      • Aceeca Mez1000 RDA

      • Handspring Treo

      • Handspring Treo 600

      • Handspring Visor

      • Palm I705

      • Palm M125

      • Palm M130

      • Palm M500

      • Palm M505

      • Palm M515

      • Palm Tungsten T

      • Palm Tungsten Z

      • Palm Zire

      • Palm Zire 31

      • Sony Clie 4.0

      • Sony Clie 4.1

      • Sony Clie 5.0

      • Sony Clie PEG-S500C

      • Sony Clie NX60

      • Sony Clie S360

      • Sony Clie TJ37

      3.11.IEEE 1394 (Firewire) Devices

      [i386,sparc64,ia64,amd64,powerpc] The fwohci(4) driver provides support for PCI/CardBus FireWire interface cards. The driver supports the following IEEE 1394 OHCI chipsets:

      • Adaptec AHA-894x/AIC-5800

      • Apple Pangea

      • Apple UniNorth

      • Intel 82372FB

      • IOGEAR GUF320

      • Lucent / Agere FW322/323

      • NEC uPD72861

        • !

      • NEC uPD72870

      • NEC uPD72871/2

      • NEC uPD72873

      • NEC uPD72874

      • National Semiconductor CS4210

      • Ricoh R5C551

      • Ricoh R5C552

      • Sony CX3022

      • Sony i.LINK (CXD3222)

      • Sun PCIO-2 (RIO 1394)

      • Texas Instruments PCI4410A

      • Texas Instruments PCI4450

      • Texas Instruments PCI4451

      • Texas Instruments TSB12LV22

      • Texas Instruments TSB12LV23

      • Texas Instruments TSB12LV26

      • Texas Instruments TSB43AA22

      • Texas Instruments TSB43AB21/A/AI/A-EP

      • Texas Instruments TSB43AB22/A

      • ! Texas Instruments TSB43AB23

      • Texas Instruments TSB82AA2

      • VIA Fire II (VT6306)

      [amd64, i386, sparc64] Serial Bus + Protocol 2 (SBP-2) storage devices (sbp(4) driver)

      3.12.Bluetooth Devices

      [i386,pc98,amd64] The ng_bt3c(4) driver provides support for the 3Com/HP 3CRWB6096-A PCCARD bluetooth adapter.

      [i386,pc98,amd64] The ng_ubt(4) driver supports all Bluetooth USB devices that conform with the Bluetooth specification v1.1, including:

      • 3Com 3CREB96

      • AIPTEK BR0R02

      • EPoX BT-DG02

      • Mitsumi Bluetooth USB adapter

      • MSI MS-6967

      • TDK Bluetooth USB adapter

      • Broadcom Bluetooth USB ad apter

      3.13.Cryptographic Accelerators

      [i386,pc98,amd64] The hifn(4) driver supports various cards containing the Hifn 7751, 7951, 7811, 7955, and 7956 chipsets, such as:

      • Invertex AEON

      • Hifn 7751

      • PowerCrypt

      • XL-Crypt

      • NetSec 7751

      • Soekris Engineering vpn1201 and vpn1211

      • Soekris Engineering vpn1401 and vpn1411

      [i386,pc98,amd64] The safe(4) driver supports cards containing any of the following chips:

      • SafeNet 1141

      • SafeNet 1741

        < /li>

      [i386,pc98,amd64] The ubsec(4) driver supports cards containing any of the following chips:

      • Bluesteel 5501

      • Bluesteel 5601

      • Broadcom BCM5801

      • Broadcom BCM5802

      • Broadcom BCM5805

      • Broadcom BCM5820

      • Broadcom BCM5821

      • Broadcom BCM5822

      • Broadcom BCM5823

      • Broadcom BCM5825

      3.14.Miscellaneous

      [amd64, i386, pc98] + FAX-Modem/PCCARD

      • MELCO IGM-PCM56K/IGM-PCM56KH

      • Nokia Card Phone 2.0 (gsm900/dcs1800 HSCSD + terminal)

      [amd64, i386, pc98] Floppy drives + (fdc(4) driver)

      [amd64, i386] VGA-compatible video cards + (vga(4) driver)

      Note:

      Information regarding specific video cards and + compatibility with Xorg can be + found at http://www.x.org/.

      [amd64, i386, ia64, pc98] + Keyboards including:

      • [i386] AT-style keyboards (atkbd(4) + driver)

      • [amd64, i386] PS/2 keyboards + (atkbd(4) driver)

      • [pc98] Standard keyboards

      • [amd64, i386, ia64, pc98] + USB keyboards (ukbd(4) driver)

      [amd64, i386, ia64, pc98] + Pointing devices including:

      • [amd64, i386, pc98] Bus mice and + compatible devices (mse(4) driver)

      • [amd64, i386] PS/2 mice and compatible + devices, including many laptop pointing devices + (psm(4) driver)

      • Serial mice and compatible devices

      • [amd64, i386, ia64, pc98] + USB mice (ums(4) driver)

      Note:

      moused(8) has more information on using pointing + devices with FreeBSD. Information on using pointing devices + with Xorg can be found at http://www.x.org/.

      [amd64, i386] PC standard + parallel ports (ppc(4) driver)

      [pc98] PC-9821 standard parallel + ports (ppc(4) driver)

      [i386, amd64] PC-compatible joysticks + (joy(4) driver)

      [pc98] Joystick port of SoundBlaster(98) + (joy(4) driver)

      [i386, pc98] PHS Data Communication + Card/PCCARD

      • NTT DoCoMo P-in Comp@ct

      • Panasonic KX-PH405

      • SII MC-P200

      [i386] Xilinx XC6200-based reconfigurable hardware + cards compatible with the HOT1 from Virtual Computers (xrpu + driver).

      [pc98] Power Management Controller of NEC PC-98 + Note (pmc driver)

      This file, and other release-related documents, + can be downloaded from http://www.FreeBSD.org/releases/.

      For questions about FreeBSD, read the + documentation before + contacting <questions@FreeBSD.org>.

      All users of FreeBSD 9.3-STABLE should + subscribe to the <current@FreeBSD.org> + mailing list.

      For questions about this documentation, + e-mail <doc@FreeBSD.org>.

      \ No newline at end of file Added: head/en_US.ISO8859-1/htdocs/releases/9.3R/installation.html ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/installation.html Fri Jun 20 21:41:22 2014 (r45086) @@ -0,0 +1,78 @@ + +FreeBSD 9.3-RELEASE Installation Instructions

      FreeBSD 9.3-RELEASE Installation Instructions

      The FreeBSD Project

      < div>

      Copyright 2014 The FreeBSD Documentation Project

      FreeBSD is a registered trademark of + the FreeBSD Foundation.

      Intel, Celeron, EtherExpress, i386, + i486, Itanium, Pentium, and Xeon are trademarks or registered + trademarks of Intel Corporation or its subsidiaries in the United + States and other countries.

      SPARC, SPARC64, and + UltraSPARC are trademarks of SPARC International, Inc in the United + States and other countries. SPARC International, Inc owns all of the + SPARC trademarks and under licensing agreements allows the proper use + of these trademarks by its members.

      Many of the designations used by + manufacturers and sellers to distinguish their products are claimed + as trademarks. Where those designations appear in this document, + and the FreeBSD Project was aware of the trademark claim, the + designations have been followed by the or the + symbol.

      Last modified on 2014-06-17 by gjb.
      Abstract

      This article gives some brief instructions on installing + FreeBSD 9.3-RELEASE and upgrading the systems running earlier + releases.

      Table of Contents
      1. Installing FreeBSD
      2. Upgrading FreeBSD

      1.Installing FreeBSD

      The Installing + FreeBSD + chapter of the FreeBSD + Handbook provides more in-depth information about the + installation program itself, including a guided walk-through with + screenshots.

      2.Upgrading FreeBSD

      If you are upgrading from a previous release of FreeBSD, please + read upgrading + section in the Release Notes for notable + incompatibilities carefully.

      2.1.Upgrading from Source

      The procedure for doing a source code based update is + described in + ../../../../doc/en_US.ISO8859-1/books/handbook/synching.html and + ../../../../doc/en_US.ISO8859-1/books/handbook/makeworld.html.

      For SVN use the releng/9.3 branch + which will be where any upcoming Security Advisories or Errata + Notices will be applied.

      2.2.Upgrading Using FreeBSD Update

      The freebsd-update(8) utility supports binary + upgrades of i386 and amd64 systems running + earlier FreeBSD releases. Systems running + 8.4-RELEASE, + 9.[12]-RELEASE, + 9.3-BETA*, or + 9.3-RC* can upgrade as follows:

      First, ensure that your current system is up to date; a + change was recently made to freebsd-update(8) (Errata + Notice FreeBSD-EN-12:01.freebsd-update) + which is needed in order to upgrade to FreeBSD + 9.3-RELEASE. 

      # freebsd-update fetch
+# freebsd-update install

      Now the freebsd-update(8) utility can fetch bits + belonging to 9.3-RELEASE. During this process + freebsd-update(8) will ask for help in merging + configuration files. 

      # freebsd-update upgrade -r 9.3-RELEASE

      Due to changes in the way that FreeBSD is packaged on the + release media, two complications may arise in this process if + upgrading from FreeBSD 7.x or 8.x:

      1. The FreeBSD, which previously could appear in either + /boot/kernel or + /boot/GENERIC, now only appears as + /boot/kernel. As a result, any + kernel appearing in /boot/GENERIC + will be deleted. Please carefully read the output printed + by freebsd-update(8) and confirm that an updated + kernel will be placed into + /boot/kernel before proceeding beyond + this point.

      2. The FreeBSD source tree in /usr/src + (if present) will be deleted. (Normally the + freebsd-update(8) utility will update a source tree, + but in this case the changes in release packaging result + in the freebsd-update(8) utility not recognizing that + the source tree from the old release and the source tree + from the new release correspond to the same part of + FreeBSD.) 

      # freebsd-update install

      The system must now be rebooted with the newly installed + kernel before the non-kernel components are updated. 

      # shutdown -r now

      After rebooting, freebsd-update(8) needs to be run + again to install the new userland components: 

      # freebsd-update install

      At this point, users of systems being upgraded from FreeBSD + 8.2-RELEASE or earlier will be prompted by + freebsd-update(8) to rebuild all third-party applications + (e.g., ports installed from the ports tree) due to updates in + system libraries.

      After updating installed third-party applications (and + again, only if freebsd-update(8) printed a message + indicating that this was necessary), run + freebsd-update(8) again so that it can delete the old (no + longer used) system libraries: 

      # freebsd-update install

      Finally, reboot into 9.3-RELEASE 

      # shutdown -r now

    This file, and other release-related documents, + can be downloaded from http://www.FreeBSD.org/releases/.

    For questions about FreeBSD, read the + documentation before + contacting <questions@FreeBSD.org>.

    All users of FreeBSD 9.3-STABLE should + subscribe to the <current@FreeBSD.org> + mailing list.

    For questions about this documentation, + e-mail <doc@FreeBSD.org>.

    \ No newline at end of file Added: head/en_US.ISO8859-1/htdocs/releases/9.3R/readme.html ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/readme.html Fri Jun 20 21:41:22 2014 (r45086) @@ -0,0 +1,211 @@ + +FreeBSD 9.3-RELEASE README

    FreeBSD 9.3-RELEASE README

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation Project

    FreeBSD is a registered trademark of + the FreeBSD Foundation.

    Intel, Celeron, EtherExpress, i386, + i486, Itanium, Pentium, and Xeon are trademarks or registered + trademarks of Intel Corporation or its subsidiaries in the United + States and other countries.

    Motif, OSF/1, and UNIX are + registered trademarks and IT DialTone and The Open Group are + trademarks of The Open Group in the United States and other + countries.

    SPARC, SPARC64, and + UltraSPARC are trademarks of SPARC International, Inc in the United + States and other countries. SPARC International, Inc owns all of the + SPARC trademarks and under licensing agreements allows the proper use + of these trademarks by its members.

    Many of the designations used by + manufacturers and sellers to distinguish their products are claimed + as trademarks. Where those designations appear in this document, + and the FreeBSD Project was aware of the trademark claim, the + designations have been followed by the or the + symbol.

    Last modified on 2014-03-22 by gjb.
    Abstract

    This document gives a brief introduction to FreeBSD + 9.3-RELEASE. It includes some information on how to + obtain FreeBSD, a listing of various ways to contact the FreeBSD + Project, and pointers to some other sources of + information.

    Table of Contents
    1. Introduction
    2. Obtaining FreeBSD
    3. Contacting the FreeBSD Project
    4. Further Reading
    5. Acknowledgments

    1.Introduction

    This distribution is a snapshot of FreeBSD 9.3-RELEASE, the + latest point along the 9.3-STABLE branch.

    1.1.About FreeBSD

    FreeBSD is an operating system based on 4.4 BSD Lite for + AMD64 and Intel EM64T based PC hardware (amd64), + Intel, AMD, Cyrix or NexGen x86 based PC hardware (i386), + Intel Itanium Processor based computers (ia64), + NEC PC-9801/9821 series PCs and compatibles (pc98), + and UltraSPARC machines (sparc64). Versions + for the ARM (arm), MIPS (mips), and + PowerPC (powerpc) architectures are currently under + development as well. FreeBSD works with a wide variety of + peripherals and configurations and can be used for everything + from software development to games to Internet Service + Provision.

    This release of FreeBSD contains everything you need to run + such a system, including full source code for the kernel and + all utilities in the base distribution. With the source + distribution installed, you can literally recompile the entire + system from scratch with one command, making it ideal for + students, researchers, or users who simply want to see how it + all works.

    A large collection of third-party ported software (the + Ports Collection) is also provided to make it + easy to obtain and install all your favorite traditional UNIX + utilities for FreeBSD. Each port consists of a + set of scripts to retrieve, configure, build, and install a + piece of software, with a single command. Over 24,000 + ports, from editors to programming languages to graphical + applications, make FreeBSD a powerful and comprehensive operating + environment that extends far beyond what's provided by many + commercial versions of UNIX. Most ports are also available as + pre-compiled packages, which can be quickly + installed from the installation program.

    1.2.Target Audience

    This snapshot is aimed primarily at early adopters + and various other users who want to get involved with the + ongoing development of FreeBSD. While the FreeBSD development team + tries its best to ensure that each snapshot works as + advertised, 9.3-STABLE is very much a + work-in-progress.

    The basic requirements for using this snapshot are + technical proficiency with FreeBSD and an understanding of the + ongoing development process of FreeBSD 9.3-STABLE (as + discussed on the FreeBSD-CURRENT mailing list).

    For those more interested in doing business with FreeBSD than + in experimenting with new FreeBSD technology, formal releases + (such as 9.2-RELEASE) are frequently more appropriate. + Releases undergo a period of testing and quality assurance + checking to ensure high reliability and dependability.

    2.Obtaining FreeBSD

    FreeBSD may be obtained in a variety of ways. This section + focuses on those ways that are primarily useful for obtaining a + complete FreeBSD distribution, rather than updating an existing + installation.

    2.1.CDROM and DVD

    FreeBSD -RELEASE distributions may be ordered on CDROM or DVD + from several publishers. This is frequently the most + convenient way to obtain FreeBSD for new installations, as it + provides a convenient way to quickly reinstall the system if + necessary. Some distributions include some of the optional, + precompiled packages from the FreeBSD Ports + Collection, or other extra material.

    A list of the CDROM and DVD publishers known to the + project are listed in the Obtaining + FreeBSD appendix to the Handbook.

    2.2.FTP

    You can use FTP to retrieve FreeBSD and any or all of its + optional packages from ftp://ftp.FreeBSD.org/, which is the official + FreeBSD release site, or any of its + mirrors.

    Lists of locations that mirror FreeBSD can be found in the + FTP + Sites section of the Handbook. + Finding a close (in networking terms) mirror from which to + download the distribution is highly recommended.

    Additional mirror sites are always welcome. Contact + for more details on + becoming an official mirror site. You can also find useful + information for mirror sites at the Mirroring + FreeBSD article.

    Mirrors generally contain the ISO images generally used to + create a CDROM of a FreeBSD release. They usually also contain + floppy disk images (for applicable platforms), as well as the + files necessary to do an installation over the network. + Finally mirrors sites usually contain a set of packages for + the most current release.

    3.Contacting the FreeBSD Project

    3.1.Email and Mailing Lists

    For any questions or general technical support issues, + please send mail to the FreeBSD general questions mailing list.

    If you're tracking the 9.3-STABLE development efforts, you + must join the FreeBSD-CURRENT mailing list, in order to + keep abreast of recent developments and changes that may + affect the way you use and maintain the system.

    Being a largely-volunteer effort, the FreeBSD + Project is always happy to have extra hands willing to help—there are already far more desired enhancements than + there is time to implement them. To contact the developers on + technical matters, or with offers of help, please send mail to + the FreeBSD technical discussions mailing list.

    Please note that these mailing lists can experience + significant amounts of traffic. If you + have slow or expensive mail access, or are only interested in + keeping up with major FreeBSD events, you may find it + preferable to subscribe instead to the FreeBSD announcements mailing list.

    All of the mailing lists can be freely joined by anyone + wishing to do so. Visit the + FreeBSD Mailman Info Page. This will give you more + information on joining the various lists, accessing archives, + etc. There are a number of mailing lists targeted at special + interest groups not mentioned here; more information can be + obtained either from the Mailman pages or the mailing + lists section of the FreeBSD Web site.

    Important:

    Do not send email to the lists + asking to be subscribed. Use the Mailman interface + instead.

    3.2.Submitting Problem Reports

    Suggestions, bug reports and contributions of code are + always valued—please do not hesitate to report any + problems you may find. Bug reports with attached fixes are of + course even more welcome.

    The preferred method to submit bug reports from a machine + with Internet mail connectivity is to use the send-pr(1) + command. + Problem Reports (PRs) submitted in this way + will be filed and their progress tracked; the FreeBSD developers + will do their best to respond to all reported bugs as soon as + possible. A list + of all active PRs is available on the FreeBSD Web site; + this list is useful to see what potential problems other users + have encountered.

    Note that send-pr(1) itself is a shell script that + should be easy to move even onto a non-FreeBSD system. Using + this interface is highly preferred. If, for some reason, you + are unable to use send-pr(1) to submit a bug report, you + can try to send it to the FreeBSD problem reports mailing list.

    For more information, Writing + FreeBSD Problem Reports, available on the FreeBSD Web + site, has a number of helpful hints on writing and submitting + effective problem reports.

    4.Further Reading

    There are many sources of information about FreeBSD; some are + included with this distribution, while others are available + on-line or in print versions.

    4.1.Release Documentation

    A number of other files provide more specific information + about this snapshot distribution. These files are + provided in various formats. Most distributions will include + both ASCII text (.TXT) and HTML + (.HTM) renditions. Some distributions + may also include other formats such as Portable Document Format + (.PDF). + +

    • README.TXT: This file, which + gives some general information about FreeBSD as well as + some cursory notes about obtaining a + distribution.

    • RELNOTES.TXT: The release + notes, showing what's new and different in FreeBSD + 9.3-RELEASE compared to the previous release (FreeBSD + 9.2-RELEASE).

    • HARDWARE.TXT: The hardware + compatibility list, showing devices with which FreeBSD has + been tested and is known to work.

    • ERRATA.TXT: Release errata. + Late-breaking, post-release information can be found in + this file, which is principally applicable to releases + (as opposed to snapshots). It is important to consult + this file before installing a release of FreeBSD, as it + contains the latest information on problems which have + been found and fixed since the release was + created.

    +

    Note:

    It is extremely important to read the errata for any + given release before installing it, to learn about any + late-breaking news or post-release problems. + The errata file accompanying each release (most likely right + next to this file) is already out of date by definition, but + other copies are kept updated on the Internet and should be + consulted as the current errata for this + release. These other copies of the errata are located at + ../../../../releases/ (as + well as any sites which keep up-to-date mirrors of this + location).

    4.2.Manual Pages

    As with almost all UNIX like operating systems, FreeBSD comes + with a set of on-line manual pages, accessed through the + man(1) command or through the hypertext manual + pages gateway on the FreeBSD Web site. In general, the + manual pages provide information on the different commands and + APIs available to the FreeBSD user.

    In some cases, manual pages are written to give + information on particular topics. Notable examples of such + manual pages are tuning(7) (a guide to performance tuning), + security(7) (an introduction to FreeBSD security), and + style(9) (a style guide to kernel coding).

    4.3.Books and Articles

    Two highly-useful collections of FreeBSD-related information, + maintained by the FreeBSD Project, + are the FreeBSD Handbook and FreeBSD FAQ (Frequently Asked + Questions document). On-line versions of the Handbook + and FAQ + are always available from the FreeBSD Documentation + page or its mirrors. If you install the + doc distribution set, you can use a Web + browser to read the Handbook and FAQ locally. In particular, + note that the Handbook contains a step-by-step guide to + installing FreeBSD.

    A number of on-line books and articles, also maintained by + the FreeBSD Project, cover more-specialized, FreeBSD-related topics. + This material spans a wide range of topics, from effective use + of the mailing lists, to dual-booting FreeBSD with other + operating systems, to guidelines for new committers. Like the + Handbook and FAQ, these documents are available from the FreeBSD + Documentation Page or in the doc + distribution set.

    A listing of other books and documents about FreeBSD can be + found in the bibliography + of the FreeBSD Handbook. Because of FreeBSD's strong UNIX heritage, + many other articles and books written for UNIX systems are + applicable as well, some of which are also listed in the + bibliography.

    5.Acknowledgments

    FreeBSD represents the cumulative work of many hundreds, if not + thousands, of individuals from around the world who have worked + countless hours to bring about this snapshot. For a + complete list of FreeBSD developers and contributors, please see + Contributors + to FreeBSD on the FreeBSD Web site or any of its + mirrors.

    Special thanks also go to the many thousands of FreeBSD users + and testers all over the world, without whom this snapshot + simply would not have been possible.

    This file, and other release-related documents, + can be downloaded from http://www.FreeBSD.org/releases/.

    For questions about FreeBSD, read the + documentation before + contacting <questions@FreeBSD.org>.

    All users of FreeBSD 9.3-STABLE should + subscribe to the <current@FreeBSD.org> + mailing list.

    For questions about this documentation, + e-mail <doc@FreeBSD.org>.

    \ No newline at end of file Added: head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Fri Jun 20 21:41:22 2014 (r45086) @@ -0,0 +1,359 @@ + +FreeBSD 9.3-RELEASE Release Notes

    FreeBSD 9.3-RELEASE Release Notes

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation + Project

    FreeBSD is a registered trademark of + the FreeBSD Foundation.

    IBM, AIX, OS/2, + PowerPC, PS/2, S/390, and ThinkPad are + trademarks of International Business Machines Corporation in the + United States, other countries, or both.

    IEEE, POSIX, and 802 are registered + trademarks of Institute of Electrical and Electronics Engineers, + Inc. in the United States.

    Intel, Celeron, EtherExpress, i386, + i486, Itanium, Pentium, and Xeon are trademarks or registered + trademarks of Intel Corporation or its subsidiaries in the United + States and other countries.

    SPARC, SPARC64, and + UltraSPARC are trademarks of SPARC International, Inc in the United + States and other countries. SPARC International, Inc owns all of the + SPARC trademarks and under licensing agreements allows the proper use + of these trademarks by its members.

    Many of the designations used by + manufacturers and sellers to distinguish their products are claimed + as trademarks. Where those designations appear in this document, + and the FreeBSD Project was aware of the trademark claim, the + designations have been followed by the or the + symbol.

    Last modified on 2014-06-20 by gjb.
    Abstract

    The release notes for FreeBSD 9.3-RELEASE contain + a summary of the changes made to the FreeBSD base system on the + 9.3-STABLE development line. This document lists + applicable security advisories that were issued since the last + release, as well as significant changes to the FreeBSD kernel and + userland. Some brief remarks on upgrading are also + presented.

    Table of Contents
    1. Introduction
    2. What's New
    3. Upgrading from Previous Releases of FreeBSD

    1.Introduction

    This document contains the release notes for FreeBSD + 9.3-RELEASE. It describes recently added, changed, or + deleted features of FreeBSD. It also provides some notes on + upgrading from previous versions of FreeBSD.

    This distribution of FreeBSD 9.3-RELEASE is + a snapshot distribution. It can be found at http://www.FreeBSD.org/releases/ or any of its + mirrors. More information on obtaining this (or other) + snapshot distributions of FreeBSD can be found in the Obtaining + FreeBSD appendix to the FreeBSD + Handbook.

    All users are encouraged to consult the release errata + before installing FreeBSD. The errata document is updated with + late-breaking information discovered late in the + release cycle or after the release. Typically, it contains + information on known bugs, security advisories, and corrections + to documentation. An up-to-date copy of the errata for FreeBSD + 9.3-RELEASE can be found on the FreeBSD Web site.

    2.What's New

    This section describes the most user-visible new or changed + features in FreeBSD since 9.2-RELEASE.

    Typical release note items document recent security + advisories issued after 9.2-RELEASE, new drivers or hardware + support, new commands or options, major bug fixes, or + contributed software upgrades. They may also list changes to + major ports/packages or release engineering practices. Clearly + the release notes cannot list every single change made to FreeBSD + between releases; this document focuses primarily on security + advisories, user-visible changes, and major architectural + improvements.

    2.1.Security Advisories

    Problems described in the following security advisories + have been fixed. For more information, consult the individual + advisories available from http://security.FreeBSD.org/.

    AdvisoryDateTopic
    FreeBSD-SA-14:01.bsnmpd1January2014

    Fix bsnmpd(1) remote denial of service + vulnerability

    FreeBSD-SA-14:02.ntpd1January2014

    Disable monitor feature in + ntpd(8) by default

    FreeBSD-SA-14:04.bind1January2014

    Remote denial of service + vulnerability

    FreeBSD-SA-14:05.nfsserver8April2014

    Deadlock in the NFS server

    FreeBSD-SA-14:06.openssl8April2014

    ECDSA side channel leak

    FreeBSD-SA-14:08.tcp30April2014

    TCP reassembly vulnerability

    FreeBSD-SA-14:11.sendmail26May2014

    Sendmail + improper close-on-exec flag handling

    FreeBSD-SA-14:12.ktrace3June2014

    ktrace(1) kernel memory + disclosure

    FreeBSD-SA-14:13.pam3June2014

    Incorrect error handling in PAM policy + parser

    FreeBSD-SA-14:14.openssl5June2014

    Multiple vulnerabilities

    2.2.Kernel Changes

    The arcmsr(4) driver has been + updated to version 1.20.00.28. [r256033]

    The isci(4) driver is now loadable + via kldload(8). [r256437] + (Sponsored by + TheFreeBSDFoundation)

    System-level sysctl(8) values are + now exposed to the system for the ixgbe(4) device. [r256759]

    The mfi(4) driver has been updated + to support MegaRAID Invader controllers. [r256924]

    A kernel panic triggered in + zfs_root() after a failed rollback has + been fixed. [r257119]

    A new sysctl(8), + debug.devfs_iosize_max_clamp has been added + which enables and disables SSIZE_MAX-sized + I/O requests on devfs(5) files. [r257125] + (Sponsored by + TheFreeBSDFoundation)

    A new + sysctl(8), kern.disallow_high_osrel, + has been added which disables executing the images compiled on + a userland with a higher major version number than the major + version number of the running kernel. [r257126] + (Sponsored by + TheFreeBSDFoundation)

    A kernel panic triggered by unmounting + a busy zfs(8) filesystem has been fixed. [r257253]

    A deadlock triggered by powering off + a USB device has been fixed. [r257373]

    The ata(4) driver has been updated + to support Intel Lynx Point PCH SMBus devices. [r258214]

    The ata(4) driver has been updated + to support Coleto Creek devices. [r258215]

    The ahci(4) driver has been updated + to support the PCI-express solid state drive in the + AppleMacBook Air (model A1465). [r258217]

    The sysctl(8) + vfs.zfs.arc_meta_limit can now be changed + at runtime. [r258635]

    The mmap(2) system call has been + updated to more optimally use superpages and provide support + for tweaking the alignment of virtual mappings. [r258870]

    A workaround has been implemented + in the bge(4) driver for hung transmission on BCM5719 + and BCM5720 chipsets. [r258962]

    A kernel panic when listing sysctls + on a system with INVARIANTS enabled has + been fixed. [r259002]

    A new sysctl(8), + kern.supported_archs has been added, + which will list the MACHINE_ARCH values + whose binaries can be run on the system. [r259466]

    Several problems that could trigger + kernel panic on kldload(8) and kldunload(8) have + been fixed. [r259519] + (Sponsored by + Spectra Logic)

    A kernel panic triggered by some + multi-threaded applications has been fixed. [r260082] + (Sponsored by + TheFreeBSDFoundation)

    The runfw(4) firmware has been + renamed from runfw to + run.fw for consistency with other firmware + files. [r260134]

    A new sysctl(8), + kern.panic_reboot_wait_time, has been + added. This allows tuning the amount of time the system + will wait before rebooting after panic(9). The + kern.panic_reboot_wait_time value defaults + to the kernel configuration option, + PANIC_REBOOT_WAIT_TIME. [r260433]

    Hardware Random Number Generators have + been disabled by default. [r260644]

    Support for GPS ports has been added + to the uhso(4) driver. [r261485]

    A memory leak of compressed buffers + has been fixed in + l2arc_write_done(). [r262116]

    The netmap(4) framework has been + updated to match the version in head/, + which includes netmap pipes, kqueue support, and enhanced + VALE switch port. [r262153]

    A deadlock triggered by sending + a mounted zfs(8) snapshot has been fixed. [r262175]

    Support for SIIG X1 PCI-e has been added + to ppc(4). [r262231]

    Support for the ext4 filesystem + has been enabled, supporting read-only mounts. [r262564]

    A kernel panic triggered by inserting + a USB ethernet device on VIMAGE-enabled systems has been + fixed. [r262594]

    TTM, + a memory manager used by video + drivers, has been merged. [r262988] + (Sponsored by + TheFreeBSDFoundation)

    Support for + /sys/kernel/random/uuid has been added + to linprocfs(5). [r263103]

    A memory leak in the + zpool_in_use() function has been + fixed. [r263128]

    The + extensible_dataset zpool(8) feature + has been added. See zpool-features(7) for more + information. [r263391]

    A memory leak has been fixed in + libzfs. [r263408]

    The vt driver + has been merged from head/. [r263817,263818] + (Sponsored by + TheFreeBSDFoundation)

    The mpr(4) device has + been added, providing support for LSI Fusion-MPT 3 12Gb + SCSI/SATA controllers. [r265729] + (Sponsored by + LSI, Spectra Logic)

    A kernel bug that inhibited proper + functionality of the dev.cpu.0.freq + sysctl(8) on Intel processors with Turbo + Boost™ enabled has been fixed. [r266167]

    Support for xen(4) + hardware-assisted virtualization, XENHVM, + is now available as a loadable module, + xenhvm.ko. [r266269]

    2.2.1.Hardware Support

    Trackpad support for + AppleMacBook products has been added. [r261510]

    The nve(4) driver has been + deprecated, and the nfe(4) driver should be used + instead. [r261973]

    The mfi(4) driver has been + updated to support MegaRAID Fury cards. [r262968]

    The Radeon KMS driver has been + added. [r263170,263171]

    The aacraid(4) driver has been + updated to version 3.2.5. [r263340]

    2.2.1.1.Network Interface Support

    The re(4) driver has been + updated to add preliminary support for the RTL8106E + chipset. [r257611]

    The re(4) driver has + been updated to support the RTL8168G, RTL8168GU and + RTL8411B chipsets. [r257614,257616]

    The re(4) driver has been + updated to add preliminary support for the RTL8168EP + chipset. [r257618]

    The oce(4) driver has been + updated to version 10.0.664.0. [r258586]

    The qlxgbe(4) driver has been + imported from head/. [r258898]

    The qlxge(4) driver has been + imported from head/. [r258936]

    The bge(4) driver has been + updated to support the BCM5725 chipset. [r258965]

    The bge(4) driver has been + updated to support the BCM57764, BCM57767, BCM57782, + BCM57786 and BCM57787 chipsets. [r258967]

    The run(4) driver has been + updated to support MediaTek/Ralink chipsets RT5370 and + RT5372. [r259457]

    The usb(4) wireless radiotap + headers have been realigned, allowing wireless adapters + to work on arm, mips, and other similar + platforms where alignment is important. [r259460]

    The run(4) firmware has been + updated to version 0.33. [r260119]

    The bxe(4) driver has been + merged from head/, providing support + for Broadcom NetXtreme II 10Gb PCIe adapters. [r260252]

    The run(4) driver has been + updated to include support for the MediaTek/Ralink RT3593 + chipset. [r261865]

    The run(4) driver has been + updated to include support for the DLINK DWA-127 wireless + adapter. [r261933]

    The axge(4) driver has been + added. [r262153]

    The urndis(4) driver has been + imported from OpenBSD. [r262362]

    The bxe(4) driver has been + updated to version 1.78.78. [r263582]

    2.2.2.File Systems

    The zfs(8) filesystem has been + updated to support the bookmarks + feature. [r263410]

    2.3.Userland Changes

    A new flag -c, has + been added to pgrep(1) and pkill(1), which restricts + the process lookup to the specified login class. [r256054]

    The ddb(8) utility has been updated + to add show ioapic and show all + ioapics. [r257496]

    Setting nmbcluster + values to their current value will now be ignored, instead of + failing with an error. [r258183]

    The /var/cache directory is now + created with mode 0755 instead of mode + 0750, since this directory is used by + many third-party applications, which makes dropping group + privileges impossible. [r258763]

    The uname(1) utility has been + updated to include the -U and + -K flags, which print the + __FreeBSD_version for the running userland + and kernel, respectively. [r258818]

    The fetch(3) library has been + updated to support SNI (Server Name Identification), allowing + to use virtual hosts on HTTPS. [r258844]

    A segmentation fault and internal + compiler error bug in gcc(1) triggered by throwing + a warning before parsing any tokens has been fixed. [r259243]

    Several updates to gcc(1) + have been imported from Google. [r259269,259406] + (Contributed / provided by + Google)

    A byte-order bug in the Heimdal + gss_pseudo_random() function which would + prevent interoperability with other + Kerberos implementations has been + fixed. In particular, this would prevent interoperability + with the MIT implementation. [r259448]

    The hastctl(8) utility has been + updated to output the current queue sizes. [r260007]

    The ps(1) utility will no longer + truncate the command output column. [r260197]

    The protect(1) command has been + added, which allows exempting processes from being killed + when swap is exhausted. [r260208]

    The gmirror(8) utility now prevents + deactivating the last component of a mirror. [r260507]

    A new gmirror(8) command, + gmirror destroy, has been added, which will + destroy the geom(8) and erase the gmirror(8) + metadata. [r260507]

    The etcupdate(8) utility, a tool + for managing updates to files in /etc, has been merged from + head/. [r260650]

    The find(1) utility has been + updated to fix incorrect behavior with the + -lname and -ilname + flags. [r260651]

    The + hw.uart.console is now always updated when + the comconsole setup changes. [r260868,260869]

    The kldload(8) utility has been + updated to display a message directing to dmesg(8), + instead of the cryptic message Exec format + error. [r260909]

    A bug that could trigger an infinite + loop in KDE and X has been fixed. [r261674]

    The newsyslog(8) utility has been + changed to use the size of the file, instead of the blocks the + file takes on the disk to match the behavior documented in + newsyslog.conf(5). [r262076]

    A bug in zdb(8) which would cause + numeric parameters to a flag as being treated as additional + flags has been fixed. [r262105]

    The default number of nfsd(8) + threads has been increased from 4 to + (8 * N), where N is + the number of CPUs as reported by + sysctl -n hw.ncpu. [r262124]

    The pciconf(8) utility now has + a -V flag, which lists information such + as serial numbers for each device. [r262134]

    A bug that would allow creating + a zfs(8) snapshot of an inconsistent dataset has been + fixed. [r262158]

    Receiving a zfs(8) dataset with + zfs recv -F now properly destroys any + snapshots that were created since the incremental source + snapshot. [r262160]

    Installation from a read-only + .OBJDIR has been fixed. [r263031]

    A new shared library directory, + /usr/lib/private, + has been added for internal-use shared libraries. [r263031]

    A default + libmap32.conf has been added, for 32-bit + applications. [r263031]

    The libucl library, + a JSON-compatible configuration file parsing library, has been + imported. [r263032]

    The pkg(7) package management + utility has been syncronized with head/. + This implements binary package signature verification when + bootstrapping the system with pkg + bootstrap. [r263038]

    The system timezone data files have + been updated to version tzdata2014a. [r263042]

    The NetBSD make(1) utility, + bmake has been imported for compatibility + with the FreeBSDPorts Collection. It is installed as + bmake, and the make + remains the FreeBSD version. [r263212]

    The fetch(3) library now + supports Last-Modified timestamps which + return UTC instead of GMT. [r263326]

    Aliases for the zfs(8) commands + list -t snap and snap + have been added to match OracleSolaris 11. [r263404]

    A new flag, -p, has + been added to the zfs(8) list command, + providing output in a parseable form. [r263406]

    OpenPAM has + been updated to Nummularia (20130907), which incorporates + several bug fixes and documentation improvements. The + openpam_ttyconv(3) library has been completely + rewritten. [r263421]

    The sh(1) command interpreter has + been updated to expand assignments after + export, local, and + readonly differently. As result of this + change, variable assignment such as local + v=$1 will assign the first positional + parameter to v, even if + $1 contains spaces, and + local w=~/myfile + will expand the tilde (~). [r264423]

    The find(1) utility has been + updated to implement -ignore_readdir_race. + Prior to this change, -ignore_readdir_race + existed as an option for GNU find(1) compatibility, and + was ignored if specified. A counter primary, + -noignore_readdir_race now also exists, and + is the default behavior. [r264699]

    The ps(1) utility has been updated + to include the -J flag, used to filter + output by matching jail(8) IDs and names. Additionally, + argument 0 can be used to + -J to only list processes running on the + host system. [r266286]

    The top(1) utility has been updated + to filter by jail(8) ID or name, in followup to the + ps(1) change in r265229. [r266287]

    The Blowfish crypt(3) default + format has been changed to + $2b$. [r266818]

    The default newsyslog.conf(5) now + includes files in the + /etc/newsyslog.conf.d/ and + /usr/local/etc/newsyslog.conf.d/ *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Fri Jun 20 21:57:53 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B7612414; Fri, 20 Jun 2014 21:57:53 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A44B62F76; Fri, 20 Jun 2014 21:57:53 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5KLvrWI053590; Fri, 20 Jun 2014 21:57:53 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5KLvrcS053589; Fri, 20 Jun 2014 21:57:53 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406202157.s5KLvrcS053589@svn.freebsd.org> From: Glen Barber Date: Fri, 20 Jun 2014 21:57:53 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45087 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2014 21:57:53 -0000 Author: gjb Date: Fri Jun 20 21:57:53 2014 New Revision: 45087 URL: http://svnweb.freebsd.org/changeset/doc/45087 Log: Connect the installation and relnotes pages to the 9.3R build. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/Makefile Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/Makefile ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/Makefile Fri Jun 20 21:41:22 2014 (r45086) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/Makefile Fri Jun 20 21:57:53 2014 (r45087) @@ -10,6 +10,8 @@ DOCS= schedule.xml \ todo.xml -DATA= docbook.css +DATA= docbook.css \ + installation.html \ + relnotes.html .include "${DOC_PREFIX}/share/mk/web.site.mk" From owner-svn-doc-all@FreeBSD.ORG Fri Jun 20 22:51:41 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A3B90760; Fri, 20 Jun 2014 22:51:41 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 90A2123FF; Fri, 20 Jun 2014 22:51:41 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5KMpfwl081813; Fri, 20 Jun 2014 22:51:41 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5KMpfuN081812; Fri, 20 Jun 2014 22:51:41 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406202251.s5KMpfuN081812@svn.freebsd.org> From: Glen Barber Date: Fri, 20 Jun 2014 22:51:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45088 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2014 22:51:41 -0000 Author: gjb Date: Fri Jun 20 22:51:41 2014 New Revision: 45088 URL: http://svnweb.freebsd.org/changeset/doc/45088 Log: Pull in stylization for span.contrib class. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/docbook.css Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/docbook.css ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/docbook.css Fri Jun 20 21:57:53 2014 (r45087) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/docbook.css Fri Jun 20 22:51:41 2014 (r45088) @@ -206,3 +206,8 @@ BLOCKQUOTE.WARNING { padding-left: 1em; padding-right: 1em; } + +span.contrib { + font-size: small; + font-style: italic; +} From owner-svn-doc-all@FreeBSD.ORG Fri Jun 20 23:25:58 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id ADCB2D6; Fri, 20 Jun 2014 23:25:58 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9AC4E266A; Fri, 20 Jun 2014 23:25:58 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5KNPwdH097104; Fri, 20 Jun 2014 23:25:58 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5KNPwTs097103; Fri, 20 Jun 2014 23:25:58 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406202325.s5KNPwTs097103@svn.freebsd.org> From: Glen Barber Date: Fri, 20 Jun 2014 23:25:58 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45089 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2014 23:25:58 -0000 Author: gjb Date: Fri Jun 20 23:25:58 2014 New Revision: 45089 URL: http://svnweb.freebsd.org/changeset/doc/45089 Log: Flip the betarel.vers to RC1 since most mirrors seem to have gotten caught up. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/share/xml/release.ent Modified: head/share/xml/release.ent ============================================================================== --- head/share/xml/release.ent Fri Jun 20 22:51:41 2014 (r45088) +++ head/share/xml/release.ent Fri Jun 20 23:25:58 2014 (r45089) @@ -39,7 +39,7 @@ - + -uid [jpeg image of size 19667] -sub 2048g/8C9828D3 2002-01-31 +pub 1024D/C6043C5672077137 2002-01-31 [verf辰llt: 2014-10-19] + Schl.-Fingerabdruck = AA3A 8F69 B214 6BBD 5E73 C9A0 C604 3C56 7207 7137 +uid Alexander Leidinger +uid [jpeg image of size 19667] +sub 2048g/24CD30348C9828D3 2002-01-31 + Schl.-Fingerabdruck = 6CDD 7708 F4E8 EFFC 9972 A277 24CD 3034 8C98 28D3 + +pub 4096R/C773696B3BAC17DC 2014-06-21 [verf辰llt: 2016-06-20] + Schl.-Fingerabdruck = AEB2 6917 4B92 8861 7AD1 AE54 C773 696B 3BAC 17DC +uid Alexander Leidinger +uid Alexander Leidinger +sub 4096R/8E10BC04D7D8F82E 2014-06-21 [verf辰llt: 2016-06-20] + Schl.-Fingerabdruck = 87DE 3516 D6A1 A373 3C20 7B97 8E10 BC04 D7D8 F82E +sub 4096R/E4B3A9F4D39E3666 2014-06-21 [verf辰llt: 2016-06-20] + Schl.-Fingerabdruck = 51FC 6301 8CA2 DEBB 243F A453 E4B3 A9F4 D39E 3666 +sub 4096R/33DA1AF69A1EE38D 2014-06-21 [verf辰llt: 2016-06-20] + Schl.-Fingerabdruck = 3D36 7895 2013 21A2 A216 3994 33DA 1AF6 9A1E E38D + ]]> Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 30D12DA2; Sat, 21 Jun 2014 09:43:31 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 119552310; Sat, 21 Jun 2014 09:43:31 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5L9hUPN083019; Sat, 21 Jun 2014 09:43:30 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5L9hUoK083018; Sat, 21 Jun 2014 09:43:30 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201406210943.s5L9hUoK083018@svn.freebsd.org> From: Gabor Pali Date: Sat, 21 Jun 2014 09:43:30 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45092 - head/en_US.ISO8859-1/articles/committers-guide X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Jun 2014 09:43:31 -0000 Author: pgj Date: Sat Jun 21 09:43:30 2014 New Revision: 45092 URL: http://svnweb.freebsd.org/changeset/doc/45092 Log: - Add a section on keeping track of licenses granted to the Project Submitted by: core Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/committers-guide/article.xml Sat Jun 21 09:06:02 2014 (r45091) +++ head/en_US.ISO8859-1/articles/committers-guide/article.xml Sat Jun 21 09:43:30 2014 (r45092) @@ -2684,6 +2684,69 @@ Relnotes: yes brought to the attention of the core team. + + Keeping Track of Licenses Granted to the &os; Project + + Various software or data exist in the repositories where + the &os; project has been granted a special licence to be able + to use them. A case in point are the Terminus fonts for use + with &man.vt.4;. Here the author Dimitar Zhekov has allowed us + to use the "Terminus BSD Console" font under a 2-clause BSD + license rather than the regular Open Font License he normally + uses. + + It is clearly sensible to keep a record of any such + license grants. To that end, the &a.core; has decided to keep + an archive of them. Whenever the &os; project is granted a + special license we require the &a.core; to be notified. Any + developers involved in arranging such a license grant, please send + details to the &a.core; including: + + + + Contact details for people or organizations granting the + special license. + + + + What files, directories etc. in the repositories are + covered by the license grant including the revision numbers + where any specially licensed material was committed. + + + + The date the license comes into effect from. Unless + otherwise agreed, this will be the date the license was issued + by the authors of the software in question. + + + + The license text. + + + + A note of any restrictions, limtations or exceptions that + apply specifically to &os;'s usage of the licensed + material. + + + + Any other relevant information. + + + + Once the &a.core; is satisfied that all the necessary details + have been gathered and are correct, the secretary will send a + PGP-signed acknowledgement of receipt including the license + details. This receipt will be persistently archived and serve + as our permanent record of the license grant. + + The license archive should contain only details of license + grants; this is not the place for any discussions around + licensing or other subjects. Access to data within the license + archive will be available on request to the &a.core;. + + Developer Relations From owner-svn-doc-all@FreeBSD.ORG Sat Jun 21 14:07:29 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F135834B; Sat, 21 Jun 2014 14:07:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DE37E25B4; Sat, 21 Jun 2014 14:07:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5LE7T5D002131; Sat, 21 Jun 2014 14:07:29 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5LE7Tg3002130; Sat, 21 Jun 2014 14:07:29 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406211407.s5LE7Tg3002130@svn.freebsd.org> From: Glen Barber Date: Sat, 21 Jun 2014 14:07:29 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45093 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Jun 2014 14:07:30 -0000 Author: gjb Date: Sat Jun 21 14:07:29 2014 New Revision: 45093 URL: http://svnweb.freebsd.org/changeset/doc/45093 Log: Announce 9.3-RC1. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/share/xml/news.xml Modified: head/share/xml/news.xml ============================================================================== --- head/share/xml/news.xml Sat Jun 21 09:43:30 2014 (r45092) +++ head/share/xml/news.xml Sat Jun 21 14:07:29 2014 (r45093) @@ -35,6 +35,22 @@ 6 + 21 + + + &os; 9.3-RC1 Available + +

    The first RC build for the &os;-9.3 release cycle is + now available. ISO images for the amd64, i386, ia64, + powerpc, powerpc64 and sparc64 architectures are available + on most of our &os; + mirror sites.

    + + + + 17 From owner-svn-doc-all@FreeBSD.ORG Sat Jun 21 16:43:52 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A7A281A5; Sat, 21 Jun 2014 16:43:52 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 94E44213D; Sat, 21 Jun 2014 16:43:52 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5LGhqXs076292; Sat, 21 Jun 2014 16:43:52 GMT (envelope-from lme@svn.freebsd.org) Received: (from lme@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5LGhqe4076291; Sat, 21 Jun 2014 16:43:52 GMT (envelope-from lme@svn.freebsd.org) Message-Id: <201406211643.s5LGhqe4076291@svn.freebsd.org> From: Lars Engels Date: Sat, 21 Jun 2014 16:43:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45095 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Jun 2014 16:43:52 -0000 Author: lme (ports committer) Date: Sat Jun 21 16:43:52 2014 New Revision: 45095 URL: http://svnweb.freebsd.org/changeset/doc/45095 Log: Update my key Modified: head/share/pgpkeys/lme.key Modified: head/share/pgpkeys/lme.key ============================================================================== --- head/share/pgpkeys/lme.key Sat Jun 21 15:47:06 2014 (r45094) +++ head/share/pgpkeys/lme.key Sat Jun 21 16:43:52 2014 (r45095) @@ -1,41 +1,69 @@ -sub 1024g/8AD5BF9D 2004-08-27 +pub 2048R/E54CB37D3A089D6D 2014-03-10 [expires: 2017-03-09] + Key fingerprint = 8F40 017E 4DF5 3125 7AFE 5149 E54C B37D 3A08 9D6D +uid Lars Martin Engels +uid Lars Martin Engels +uid Lars Martin Engels +uid Lars Martin Engels +sub 2048R/5AB391DB0BA67DBB 2014-03-10 [expires: 2017-03-09] + Key fingerprint = C31C 8DAA 4A95 2507 F065 C42D 5AB3 91DB 0BA6 7DBB + ]]> From owner-svn-doc-all@FreeBSD.ORG Sat Jun 21 15:47:07 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 640119ED; Sat, 21 Jun 2014 15:47:07 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 507602CE9; Sat, 21 Jun 2014 15:47:07 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5LFl7G1048505; Sat, 21 Jun 2014 15:47:07 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5LFl7ab048504; Sat, 21 Jun 2014 15:47:07 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201406211547.s5LFl7ab048504@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sat, 21 Jun 2014 15:47:07 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45094 - head/ja_JP.eucJP/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Sat, 21 Jun 2014 21:57:21 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Jun 2014 15:47:07 -0000 Author: ryusuke Date: Sat Jun 21 15:47:06 2014 New Revision: 45094 URL: http://svnweb.freebsd.org/changeset/doc/45094 Log: - Merge the following from the English version: r43885 -> r43887 head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Sat Jun 21 14:07:29 2014 (r45093) +++ head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Sat Jun 21 15:47:06 2014 (r45094) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43885 + Original revision: r43887 $FreeBSD$ --> @@ -181,8 +181,6 @@ FTP のデルタは以下のミラーサイトから入手できます。 - 関連したディレクトリをダウンロードし、 - README を読んでください。 もし anonymous FTP を使って CTM のデルタを手にいれる場合は、 近くのミラーを利用するようにしてください。 @@ -237,10 +235,10 @@ メールでデルタを得たいという場合は、 - CTM + http://lists.freebsd.org/mailman/listinfo + から、ctm-src 配布メーリングリストのいずれかに参加してください。 - &a.ctm-src-cur.name; は完全なソースツリー、 - &a.ctm-src-cur.name; + たとえば &a.ctm-src-cur.name; は開発先端ブランチに対応しています。&a.ctm-src-9.name; は 9.X リリースのブランチに対応したものです @@ -265,151 +263,145 @@ - はじめて <application>CTM</application> を使い始める + <application>CTM</application> の使い方 + + 初めて CTM + デルタを使う前に、出発点を作成しておく必要があります。 - CTM - デルタを使い始めるためには、 - のディレクトリからデルタの出発点を作成する必要があります。 - - 適切な出発点が決まれば、その出発点を - CTM が - 維持するツリーへ変換するための スタータ - 初期デルタを使う必要が あります。 - - 移行デルタは番号の後ろに X - をつけたものがそうです - (たとえば src-cur.3210XEmpty.gz)。 + その方法の一つは、空のディレクトリに対して、 + スタータ デルタを使う方法です。 + スタータデルタは + src-cur.3210XEmpty.gz + のように、XEmpty + というファイル名になります。 X - の後ろは最初の開始ポイントに対応します。 - Empty は 空のディレクトリです。 + の後ろは最初の開始ポイントに対応し、 + Empty は空のディレクトリを表します。 ルールとして Empty からの移行デルタは - 100 デルタごとに 作られます。ちなみに、 - これらは非常に大きくなります! - XEmptyのデルタは 70 から 80MB の + 100 デルタごとに作られます。 + スタータデルタである + XEmpty のデルタは、70 から 80MB の gzip - で圧縮されたデータというのが普通です。 - - 一度スタートするためのベースデルタを得ると、 - それに続く多数のすべてのデルタも必要になるでしょう。 - - - - <application>CTM</application> を日常で使う - - デルタを適用するためには、単に - - &prompt.root; cd /where/ever/you/want/the/stuff -&prompt.root; ctm -v -v /where/you/store/your/deltas/src-xxx.* - - とします。 + で圧縮された大きなデータということに注意してください。 - CTM - はどれが gzip されているか理解します。 - 従って最初に gunzip しておく必要はありません。 + もう一つの方法は、RELEASE + のメディアからソースをコピーしたり展開する方法です。 + この方法では、 + インターネット上で大きなデータの転送を行う必要がありません。 + + 一度ベースとなるデルタを作成したら、 + それに続く大きな数字を持つ多数のすべてのデルタを適用してください。 + デルタを適用するためには、以下のように実行してください。 + + &prompt.root; cd /directory/to/store/the/stuff +&prompt.root; ctm -v -v /directory/which/stores/the/deltas/src-xxx.* + + 一度に適用されるデルタは一つで、 + 一度適用されたデルタは無視されるので、 + 複数のデルタを一度に適用することができます。 + CTM + はどれが gzip + されているか理解しているので、 ディスクの節約にもなります。 - 全体の処理に関して確信するまでは - CTM は (ソース) ツリーに対して - 何もしません。また、デルタを確かめるためには - フラグを使うことができます。 - このフラグがあると CTM - はツリーに対して実際には何も行ないません。 - 単にデルタの完全性を確認し、 - 現在のツリーに問題なく使用できるかを確認 - するだけです。 - - CTM - には他にもオプションがあります。詳細に関しては - マニュアルページを参照するかソースを見てください。 - - 以上でやることは本当に全部です。 - 新しいデルタを入手した時には、 - ソースを最新のものにするためにそれを - CTMに通すだけです。 - - もしデルタを再ダウンロードするのが - 骨の折れる作業であれば、デルタを消さないでおいてください。 - なにかおかしなことが起こった場合には置いておけば良かった - と思うかもしれません。 - もしフロッピーディスクしか持っていない状況 - であってもコピーを取るのに - fdwrite を使うことを考えてください。 + デルタを適用せずに確認だけを行うには、 + フラグを使ってください。 + CTM + はローカルのツリーに対して実際には何も行ないません。 + デルタの完全性を確認し、 + 現在のツリーに問題なく使用できるかを確認します。 + オプションに関するより多くの情報や、 + デルタを適用する時に CTM + が用いるプロセスの全体については、&man.ctm.1; をご覧ください。 + + ローカルのソースツリーを最新に保つには、 + 新しいデルタが入手可能になるたびに、 + CTM に適用してください。 + + デルタを適用後、 + もしデルタを再ダウンロードするのが骨の折れる作業であれば、 + デルタを消さないでおいてください。 + このようにすると、何かおかしなことが起こった場合でも、 + ローカルにあるコピーを利用できます。 ローカルの変更を保存する - 開発者としてはソースツリー中のファイルを - 使って実験したり変更したく なるものです。 + 開発者はソースツリー中のファイルを使って、 + 実験したり変更したくなるものです。 CTM - はローカルの変更を制限つきでサポートします: ファイル - foo の存在をチェックする前に、 - foo.ctm を参照しにいきます。 + はローカルの変更を制限つきでサポートします。 + ファイルの存在をチェックする前に、同じ名前で + .ctm + という拡張子のついたファイルを参照しにいきます。 このファイルが存在する場合、CTM - は foo - の代りにこれを処理します。 + はオリジナルファイルの代りにこのファイルを処理します。 - この動作はローカルの変更を保持する簡単な手段を - 提供します: 単に変更したいファイルを拡張子 - .ctm 付きのファイル名で - コピーするだけです。あとは自由にコードをハックでき、 - .ctm ファイルの方は - CTM - が最新状態に保ってくれます。 + この動作はローカルの変更を保持する簡単な手段を提供します。 + ファイルを変更する前に、.ctm + という拡張子のファイル名にコピーしてください。 + あとは自由にオリジナルの名前を持つファイルを変更してください。 + CTM は、.ctm + の拡張子を持つファイルにのみに適用されます。 <application>CTM</application> - のその他の面白いオプション - - - 更新で変更されるファイルを正確に知る + のその他のオプション - CTM - のソースリポジトリに対する変更のリストを - - オプションを使って決定することができます。 - - これは、変更のログを保存したい、 - 変更されたファイルをなんらかの方法で 前・後処理したい、 - または単にこだわりたい場合には、 - 役に立つでしょう。 - - - - 更新前にバックアップを取る + + + 更新で変更されるファイルを正確に知る - CTM - の更新によって変更されるファイルすべてのバックアップを - 取りたくなることがあります。 + + CTM + がローカルのソースリポジトリに対して、 + どのような変更を行うかを知るには、 + + オプションを使ってください。 + このオプションは、変更のログを作成したり、 + 変更されたファイルに対して、 + なんらかの方法で 前・後処理したい場合には、 + 役に立つでしょう。 + + - オプションを指定すると - CTM は - デルタで変更されるファイルすべてを - backup-file - としてバックアップするようになります。 - + + 更新前にバックアップを取る - - 更新で変更されるファイルを制限する + + CTM + の更新によって変更されるファイルすべてのバックアップをとるには、 + オプションを指定してください。 + このオプションを使うと、 + CTM は、 + デルタで変更されるファイルすべてを + backup-file + としてバックアップするようになります。 + + - CTM - の更新の範囲を制限したり一連のデルタのから - ほんの数ファイルを抽出したくなることがあります。 + + 更新で変更されるファイルを制限する - - オプションを用い正規表現を指定することで、 - CTM - が処理するファイルのリストを制御することが - できます。 + + CTM + の更新の範囲を制限したり一連のデルタのから + ほんの数ファイルを抽出するには、 + 使用するファイルを指定する + と + どのファイルを無視するかを指定する + + オプションを使って、正規表現で指定できます。 例えば、lib/libc/Makefile の最新のコピーを保存してある CTM デルタのコレクションから抽出するには、 - 以下のコマンドを実行します。 + 以下のコマンドを実行してください。 - &prompt.root; cd /where/ever/you/want/to/extract/it/ -&prompt.root; ctm -e '^lib/libc/Makefile' ~ctm/src-xxx.* + &prompt.root; cd /directory/to/extract/to/ +&prompt.root; ctm -e '^lib/libc/Makefile' /directory/which/stores/the/deltas/src-xxx.* CTM デルタで指定されたファイルごとに、 @@ -419,9 +411,14 @@ オプションが適用された後に更新対象と選択された場合に限り、 CTM はそのファイルを処理します。 - + + + + + From owner-svn-doc-all@FreeBSD.ORG Sat Jun 21 23:37:15 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9DE7C8E9; Sat, 21 Jun 2014 23:37:15 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7D4642EB9; Sat, 21 Jun 2014 23:37:15 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5LNbF43066770; Sat, 21 Jun 2014 23:37:15 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5LNbFkb066769; Sat, 21 Jun 2014 23:37:15 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406212337.s5LNbFkb066769@svn.freebsd.org> From: Glen Barber Date: Sat, 21 Jun 2014 23:37:15 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45096 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Jun 2014 23:37:15 -0000 Author: gjb Date: Sat Jun 21 23:37:15 2014 New Revision: 45096 URL: http://svnweb.freebsd.org/changeset/doc/45096 Log: Regen after r267707 Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Sat Jun 21 16:43:52 2014 (r45095) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Sat Jun 21 23:37:15 2014 (r45096) @@ -1,5 +1,5 @@ -FreeBSD 9.3-RELEASE Release Notes

    FreeBSD 9.3-RELEASE Release Notes

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation +FreeBSD 9.3-RELEASE Release Notes

    FreeBSD 9.3-RELEASE Release Notes

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation Project

    FreeBSD is a registered trademark of the FreeBSD Foundation.

    IBM, AIX, OS/2, PowerPC, PS/2, S/390, and ThinkPad are @@ -344,10 +344,10 @@ instructions, see http://www.FreeBSD.org/releases/9.3R/installation.html.

    Important:

    Upgrading FreeBSD should only be attempted after backing up all data and configuration files.

    3.2.User-Visible - Incompatibilities

    FreeBSD9.0 and later have several incompatibilities in - system configuration which you might want to know before - upgrading your system. Please read this section and - the Upgrading + Incompatibilities

    FreeBSD9.0 and later versions have several + configuration incompatibilities with earlier versions of FreeBSD. + These differences are best understood before upgrading. + Please read this section and the Upgrading Section in 9.0-RELEASE Release Notes carefully before submitting a problem report and/or posting a question to the FreeBSD mailing lists.

    This file, and other release-related documents, From owner-svn-doc-all@FreeBSD.ORG Sun Jun 22 07:51:24 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C565CB66; Sun, 22 Jun 2014 07:51:24 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 985ED2E0D; Sun, 22 Jun 2014 07:51:24 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5M7pOhu091507; Sun, 22 Jun 2014 07:51:24 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5M7pOkH091506; Sun, 22 Jun 2014 07:51:24 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201406220751.s5M7pOkH091506@svn.freebsd.org> From: Eitan Adler Date: Sun, 22 Jun 2014 07:51:24 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45097 - head/en_US.ISO8859-1/books/porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Jun 2014 07:51:24 -0000 Author: eadler Date: Sun Jun 22 07:51:24 2014 New Revision: 45097 URL: http://svnweb.freebsd.org/changeset/doc/45097 Log: porter's handbook: better handle OPTION_DESC - Make some of the porter's handbook examples better. - move a tip to a general paragraph. - clarify a tip Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Sat Jun 21 23:37:15 2014 (r45096) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Sun Jun 22 07:51:24 2014 (r45097) @@ -3288,7 +3288,7 @@ LIB_DEPENDS= libbar.so:${PORTSDIR}/foo/b Correct Declaration of an Optional Dependency OPTIONS_DEFINE= BAR -BAR_DESC= Bar support +BAR_DESC= Calling cellphones via bar BAR_LIB_DEPENDS= libbar.so:${PORTSDIR}/foo/bar @@ -3499,16 +3499,16 @@ OPT4_DESC= Describe OPT4 OPT5_DESC= Describe OPT5 OPT6_DESC= Describe OPT6 - - ports/Mk/bsd.options.desc.mk + ports/Mk/bsd.options.desc.mk has descriptions for many common - OPTIONS; there is usually no need to - override these. - + OPTIONS. While often useful, they + should be overriden if the description is insufficient + for the port. When describing options, view it from the - perspective of the user: What does it do? + perspective of the user: What functionality does it + change? and Why would I want to enable this? Do not just repeat the name. For example, describing the NLS option as @@ -3576,8 +3576,8 @@ OPTIONS_GROUP_GG1= OPT9 OPT10Simple Use of OPTIONS OPTIONS_DEFINE= FOO BAR -FOO_DESC= Enable option foo -BAR_DESC= Support feature bar +FOO_DESC= Option foo support +BAR_DESC= Feature bar support OPTIONS_DEFAULT=FOO From owner-svn-doc-all@FreeBSD.ORG Sun Jun 22 09:51:49 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 94F31ABC; Sun, 22 Jun 2014 09:51:49 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 81C0126CA; Sun, 22 Jun 2014 09:51:49 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5M9pnjx049608; Sun, 22 Jun 2014 09:51:49 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5M9pndL049607; Sun, 22 Jun 2014 09:51:49 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201406220951.s5M9pndL049607@svn.freebsd.org> From: Gabor Pali Date: Sun, 22 Jun 2014 09:51:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45098 - head/en_US.ISO8859-1/articles/committers-guide X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Jun 2014 09:51:49 -0000 Author: pgj Date: Sun Jun 22 09:51:49 2014 New Revision: 45098 URL: http://svnweb.freebsd.org/changeset/doc/45098 Log: - Fix a typo Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/committers-guide/article.xml Sun Jun 22 07:51:24 2014 (r45097) +++ head/en_US.ISO8859-1/articles/committers-guide/article.xml Sun Jun 22 09:51:49 2014 (r45098) @@ -2725,7 +2725,7 @@ Relnotes: yes - A note of any restrictions, limtations or exceptions that + A note of any restrictions, limitations or exceptions that apply specifically to &os;'s usage of the licensed material. From owner-svn-doc-all@FreeBSD.ORG Sun Jun 22 11:51:57 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5D17595C; Sun, 22 Jun 2014 11:51:57 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 49F522EEB; Sun, 22 Jun 2014 11:51:57 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5MBpvGn006134; Sun, 22 Jun 2014 11:51:57 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5MBpvkk006133; Sun, 22 Jun 2014 11:51:57 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201406221151.s5MBpvkk006133@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sun, 22 Jun 2014 11:51:57 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45099 - head/ja_JP.eucJP/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Jun 2014 11:51:57 -0000 Author: ryusuke Date: Sun Jun 22 11:51:56 2014 New Revision: 45099 URL: http://svnweb.freebsd.org/changeset/doc/45099 Log: - Merge the following from the English version: r45073 -> r45093 head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml ============================================================================== --- head/ja_JP.eucJP/share/xml/news.xml Sun Jun 22 09:51:49 2014 (r45098) +++ head/ja_JP.eucJP/share/xml/news.xml Sun Jun 22 11:51:56 2014 (r45099) @@ -23,7 +23,7 @@ would like to work on. *** $FreeBSD$ - Original revision: r45073 + Original revision: r45093 --> @@ -37,6 +37,22 @@ 6 + 21 + + + &os; 9.3-RC1 公開 + +

    &os;-9.3 リリースサイクルから最初のリリース候補が公開されました + (アナウンス)。 + &os; + ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 + および sparc64 アーキテクチャの ISO イメージを入手できます。

    + + + + 17 From owner-svn-doc-all@FreeBSD.ORG Sun Jun 22 14:33:44 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A9D57EF2; Sun, 22 Jun 2014 14:33:44 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9554A2A8F; Sun, 22 Jun 2014 14:33:44 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5MEXiWJ083384; Sun, 22 Jun 2014 14:33:44 GMT (envelope-from blackend@svn.freebsd.org) Received: (from blackend@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5MEXiD5083382; Sun, 22 Jun 2014 14:33:44 GMT (envelope-from blackend@svn.freebsd.org) Message-Id: <201406221433.s5MEXiD5083382@svn.freebsd.org> From: Marc Fonvieille Date: Sun, 22 Jun 2014 14:33:44 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45100 - head/fr_FR.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Jun 2014 14:33:44 -0000 Author: blackend Date: Sun Jun 22 14:33:44 2014 New Revision: 45100 URL: http://svnweb.freebsd.org/changeset/doc/45100 Log: Add a new translated chapter (based on r44242 of bsdinstall/chapter.xml). Not hooked to the build yet. Added: head/fr_FR.ISO8859-1/books/handbook/bsdinstall/ head/fr_FR.ISO8859-1/books/handbook/bsdinstall/Makefile (contents, props changed) head/fr_FR.ISO8859-1/books/handbook/bsdinstall/chapter.xml (contents, props changed) Added: head/fr_FR.ISO8859-1/books/handbook/bsdinstall/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/fr_FR.ISO8859-1/books/handbook/bsdinstall/Makefile Sun Jun 22 14:33:44 2014 (r45100) @@ -0,0 +1,15 @@ +# +# Build the Handbook with just the content from this chapter. +# +# $FreeBSD$ +# + +CHAPTERS= bsdinstall/chapter.xml + +VPATH= .. + +MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX} + +DOC_PREFIX?= ${.CURDIR}/../../../.. + +.include "../Makefile" Added: head/fr_FR.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/fr_FR.ISO8859-1/books/handbook/bsdinstall/chapter.xml Sun Jun 22 14:33:44 2014 (r45100) @@ -0,0 +1,2885 @@ + + + + + + + Installer &os; 9.<replaceable>X</replaceable> et versions + suivantes + + + + + Jim + Mock + + + Restructur, rorganis, et en partie + r蜑crit par + + + + + + + Randy + Pratt + + + Le guide de sysinstall, les copies d'crans, et la + plupart du texte sont de + + + + + + + Gavin + Atkinson + + + Mis jour pour bsdinstall par + + + + + Warren + Block + + + + + + &trans.a.fonvieille; + + + Synopsis + + installation + + &os; est fourni avec un programme d'installation en mode + texte facile d'emploi. &os; 9.0-RELEASE et les versions + suivantes utilisent un programme d'installation appel + bsdinstall, alors que les versions + prcdentes &os; 9.0-RELEASE emploient + sysinstall pour l'installation. Ce + chapitre dcrit l'utilisation de + bsdinstall. Celle de + sysinstall est aborde dans la . + + Aprs la lecture de ce chapitre, vous connatrez: + + + + Comment crer un support d'installation de &os;. + + + + + Comment &os; subdivise et accde aux disques + durs. + + + + Comment lancer + bsdinstall. + + + + Les questions que bsdinstall + vous posera, ce qu'elles signifient, et comment y + rpondre. + + + + Avant de lire ce chapitre, vous devrez: + + + + Lire la liste du matriel support fournie avec la + version de &os; que vous allez installer, et vrifier que + votre matriel est support. + + + + + Par dfaut, ces instructions d'installation sont + crites pour l'architecture &i386; (compatible + PC). O elles seront applicables, les instructions + spcifiques d'autres plateformes seront indiques. Vous + pourrez constater des diffrences mineures entre le programme + d'installation et ce qui est montr ici, il est donc suggr + d'utiliser ce chapitre comme un guide gnral plutt comme un + manuel d'installation suivre la ligne prs. + + + + + Matriel ncessaire + + + Configuration minimale + + La configuration minimale pour installer &os; varie avec + la version de &os; et l'architecture matrielle + concerne. + + Des informations sur cette configuration sont donnes dans + les sections suivantes. En fonction de la mthode que vous + avez choisie pour installer &os;, vous pourrez avoir besoin + d'un lecteur de CDROM support, et dans certains cas d'une + carte rseau. Cela sera abord dans la . + + + Architecture &os;/&arch.i386; + + &os;/&arch.i386; ncessite un processeur 486 ou plus + performant et au moins 64 Mo de RAM. Au moins un + 1.1 Go d'espace libre sur le disque dur est ncessaire + pour l'installation la plus rduite. + + + Sur d'anciens ordinateurs, augmenter la RAM et + l'espace disque est en gnral plus efficace dans + l'amlioration des performances que l'installation d'un + processeur plus rapide. + + + + + Architecture &os;/&arch.amd64; + + Il existe deux classes de processeurs en mesure + d'utiliser &os;/&arch.amd64;. La premire est + compose des processeurs AMD64, comprenant les processeurs + &amd.athlon;64, &amd.athlon;64-FX, &amd.opteron; et + suivants. + + La seconde classe de processeurs pouvant utiliser + &os;/&arch.amd64; comprend les processeurs bass sur + l'architecture &intel; EM64T. Comme par exemple, les + familles de processeurs &intel; &core; 2 Duo, + Quad, et Extreme, et la srie des processeurs + &intel; &xeon; 3000, 5000, et 7000, et enfin les + processeurs &intel; &core; i3, i5 et i7. + + Si vous avez une machine base sur le circuit nVidia + nForce3 Pro-150, vous devez dsactiver + l'option IO APIC dans le BIOS de votre machine. Si vous + n'avez pas la possibilit de le faire, vous devrez + dsactiver la place l'ACPI. Il existe un certain nombre + de bogues dans le circuit Pro-150 pour lesquels nous n'avons + toujours pas trouv de solution. + + + + Architecture &os;/&arch.powerpc; &apple; + &macintosh; + + Tous les systmes &apple; &macintosh; de type New + World avec l'USB intgr sont supports. Un + fonctionnement multi-processeurs est support sur les + machines dotes de plusieurs processeurs. + + Un noyau 32bits ne peut utiliser que les 2 premiers Go + de RAM. Le &firewire; n'est support que sur les PowerMac + bleu et blanc. + + + + Architecture &os;/&arch.sparc64; + + Les systmes supports par &os;/&arch.sparc64; sont + lists sur la page du projet FreeBSD/sparc64. + + Un disque dur ddi sera ncessaire pour + &os;/&arch.sparc64;. Il n'est pas, pour l'instant, possible + de partager un disque dur avec un autre systme + d'exploitation. + + + + + Matriel support + + Le matriel et les architectures supports par une version + de &os; sont lists dans la liste de compatibilit matrielle. + Gnralement nomm HARDWARE.TXT, ce + document peut tre trouv sur la racine du support + d'installation. La liste du matriel support peut galement + tre trouve sur la page d'Information + sur les versions du site Web de &os;. + + + + + Tches de pr-installation + + + Sauvegardez vos donnes + + Sauvegardez toutes les donnes importantes prsentes sur + l'ordinateur sur lequel &os; sera install. Testez ces + sauvegardes avant de poursuivre. Le programme d'installation + de &os; vous sollicitera avant d'crire sur le disque, mais + une fois le processus lanc, il ne sera pas possible de + revenir en arrire. + + + + O installer FreeBSD? + + Si &os; sera le seul systme d'exploitation install, et + qu'il utilisera l'intgralit du disque dur, vous pouvez + passer cette section. Mais si &os; doit partager le disque + avec d'autres systmes d'exploitation, une connaissance de + l'organisation des disques durs sera utile pendant + l'installation. + + + Organisation des disques pour les architectures + &os;/&arch.i386; et &os;/&arch.amd64; + + Les disques durs peuvent tre diviss en plusieurs + portions. Ces portions sont appeles + partitions. + + Il existe deux manires pour diviser un disque en + partitions. Le Master Boot Record + (MBR) + traditionnel contient une table de partitions dfinissant + jusqu' quatre partitions primaires. + (Pour des raisons historiques, &os; appelle les partitions + primaires slices ou + tranches.) Une limite quatre + partitions est handicapant dans le cas de gros disques durs, + aussi une de ces partitions peut devenir une + partition tendue. Plusieurs + partitions logiques pourront alors + tre cr蜑es dans la partition tendue. Cela peut sembler un + peu lourd, c'est le cas. + + La table de partitionnement GUID + (GUID Partition Table ou + GPT) est une mthode nouvelle et plus + simple pour partitionner un disque. GPT + est bien plus polyvalente que la table de partitionnement + MBR traditionnelle. Les implmentations classiques de + GPT autorisent jusqu' 128 partitions par + disque, supprimant ainsi le recours des solutions + problmatiques comme les partitions logiques. + + + Certains anciens systmes d'exploitation comme + &windows; XP ne sont pas compatibles avec le systme + de partitions GPT. Si &os; sera amen + partager un disque avec un tel systme d'exploitation, + un partitionnement MBR sera alors + ncessaire. + + + Le chargeur d'amorage de &os; a besoin soit d'une + partition primaire soit d'une partition + GPT (Consulter + pour plus d'information sur le processus d'amorage de + &os;). Si toutes les partitions primaires ou + GPT sont dj utilises, l'une d'entre + elles devra tre libre pour &os;. + + Une installation minimale de &os; ncessite 1 Go + d'espace disque. Cependant, c'est vraiment une installation + minimale, ne laissant presque aucun + espace libre. Un minimum plus raliste est 3 Go sans + environnement graphique, et 5 Go ou plus si une + interface graphique sera utilise. Les applications + tierce-partie auront besoin de plus de place. + + De nombreux + outils de partionnement gratuits et commerciaux + existent. GParted + Live est un CD Live gratuit qui comprend l'diteur de + partition GParted. + GParted est galement disponible + sur d'autres CDs Live Linux. + + + Les applications de partitionnement de disques peuvent + dtruire les donnes. Effectuez une sauvegarde complte et + vrifiez son intgrit avant de modifier les partitions du + disque. + + + Redimensionner des partitions µsoft; Vista + peut tre complexe. Un CDROM d'installation de Vista peut + tre utile quand on tente une telle opration. + + + Utilisation d'une partition existante + + Soit un ordinateur sous &windows; avec un seul disque + de 40 Go qui a t divis en deux partitions de + 20 Go. &windows; les appelle + C: et + D:. La partition + C: contient 10 Go de + donnes, et la partition D: + 5 Go de donnes. + + Dplacer les donnes de D: + vers C: librera la deuxime + partition pour &os;. + + + + Rduire une partition existante + + Soit un ordinateur sous &windows; disposant d'un seul + disque de 40 Go sur lequel il y a une seule grande + partition occupant tout le disque. &windows; fait + apparatre cette partition de 40 Go comme un seul + lecteur C:. 15 Go d'espace est + utilis. L'objectif est de limiter &windows; une + partition de 20 Go, et avoir une autre partition de + 20 Go pour &os;. + + Il y a deux faons de procder: + + + + Sauvegardez vos donnes &windows;. Puis + rinstaller &windows;, en utilisant une partition de + 20 G l'installation. + + + + Utiliser un outil de redimensionnement de + partition comme GParted + pour rduire la partition &windows; et crer une + nouvelle partition dans l'espace libr pour + &os;. + + + + + Disposer de diffrentes partitions contenant chacune un + systme d'exploitation diffrent permet de lancer au choix + un de ces systmes. Une autre mthode qui permet + l'excution simultane de plusieurs systmes d'exploitation + est aborde dans le . + + + + + Rcuprer les informations relatives au rseau + + Certaines mthodes d'installation de &os; requirent une + connexion rseau pour tlcharger des fichiers. Pour se + connecter un rseau Ethernet (ou un modem cble ou ADSL + avec une interface Ethernet), le programme d'installation + demandera certaines informations au sujet du rseau. + + Le protocole DHCP + est communment utilis pour fournir une configuration rseau + automatique. Si la configuration par DHCP + n'est pas possible, les informations relatives au rseau + pourront tre obtenu auprs de l'administrateur rseau ou du + fournisseur d'accs: + + + Information rseau + + + Adresse IP + + + + Masque de sous-rseau + + + + Adresse IP de la passerelle par + dfaut + + + + Nom de domaine du rseau local + + + + Adresse(s) IP du serveur + DNS + + + + + + Vrifier l'Errata &os; + + Bien que le projet &os; s'efforce de s'assurer que chaque + version de &os; soit aussi stable que possible, des bogues + peuvent parfois exister. Il est trs rare que ces bogues + affectent le processus d'installation. Ds que ces problmes + sont dcouverts et corrigs, ils sont nots dans l'Errata + de FreeBSD, prsent sur le site Web de FreeBSD. Vous + devriez vrifier l'errata avant l'installation afin d'tre sr + qu'il n'y a pas de problme pouvant affecter + l'installation. + + Les informations sur chaque version, y compris les errata, + peuvent tre trouvs dans la section d'information sur + les diffrentes versions situe sur le site web de + &os;. + + + + Prparer le support d'installation + + Une installation de &os; est lance en dmarrant + l'ordinateur avec un CD, DVD, ou cl USB d'installation de + &os;. Le programme d'installation n'est pas un programme qui + peut tre excut partir d'un autre systme + d'exploitation. + + En plus des supports standards d'installation qui + contiennent une copie de l'ensemble des fichiers + d'installation de &os;, il existe une variante dite + bootonly. Le support d'installation + bootonly ne comprend pas les fichiers d'installation, mais les + tlchargera partir du rseau lors de l'installation. Le CD + d'installation bootonly est donc plus petit, et rduit la + bande passante utilise lors de l'installation en ne + tlchargeant que les fichiers ncessaires. + + Des exemplaires des supports d'installation de &os; sont + disponibles sur le site Web de + &os;. Tlchargez galement le fichier + CHECKSUM.SHA256 partir du mme + rpertoire et utilisez-le pour contrler l'intgralit des + fichiers en calculant une somme de + contrle ou checksum. &os; + fournit &man.sha256.1; cet effet, les autres systmes + d'exploitation proposent des outils similaires. Comparez la + somme de contrle calcule avec celle donne dans le fichier + CHECKSUM.SHA256. Les sommes de contrle + doivent tre identiques. Si une des sommes ne correspond pas, + le fichier est corrompu et devra tre tlcharg + nouveau. + + + Si vous avez dj une copie de &os; sur CDROM, DVD, ou + cl USB, cette section peut tre ignore. + + + Les images CD et DVD de &os; sont des fichiers ISO + bootable. Seul un CD ou DVD est ncessaire + pour l'installation. Gravez l'image ISO sur un CD ou DVD en + utilisant un logiciel de gravure disponible pour votre systme + d'exploitation actuel. Sous &os;, la gravure est possible + avec &man.cdrecord.1; du logiciel port sysutils/cdrtools, install partir du + catalogue des logiciels ports. + + Pour crer une cl USB bootable, suivez les tapes + suivantes: + + + + Obtenir l'image de la cl USB + + Les images de cls USB pour &os; 9.0-RELEASE et + versions ultrieures peuvent tre tlcharges partir du + rpertoire ISO-IMAGES/ l'adresse + ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/arch/arch/ISO-IMAGES/version/&os;-version-RELEASE-arch-memstick.img. + Remplacer arch et + version par respectivement + l'architecture et le numro de version que vous voulez + installer. Par exemple, les images de cls USB Pour + &os;/&arch.i386; 9.0-RELEASE sont disponibles + partir de . + + + Un chemin de rpertoire diffrent est utilis pour + &os; 8.X et les versions + antrieures. Des informations sur le tlchargement et + l'installation de + &os; 8.X et des versions + antrieures sont donnes dans le . + + + L'image de la cl USB a l'extension + .img. Le rpertoire + ISO-IMAGES/ contient un certain + nombre d'images diffrentes, et celle employer dpend de + la version de &os; installer, et dans certains cas, du + matriel cible de l'installation. + + + Avant de continuer, sauvegardez + les donnes prsentes sur la cl USB, en effet + l'criture de l'image dtruira + toutes les donnes. + + + + + Ecrire le fichier image sur la cl USB + + + Utiliser &os; pour crire l'image + + + L'exemple ci-dessous prend + /dev/da0 comme priphrique cible + sur lequel l'image sera crite. Vrifiez que le + priphrique utilis comme cible est bien le bon, ou + vous risquer de dtruire les donnes + existantes. + + + + Ecrire l'image avec &man.dd.1; + + Le fichier .img n'est + pas un + fichier classique. C'est une + image de l'intgralit du contenu + de la cl. Il ne peut pas tre + simplement copi comme n'importe quel fichier, mais + doit tre crit directement sur le priphrique cible + avec &man.dd.1;: + + &prompt.root; dd if=&os;-9.0-RELEASE-&arch.i386;-memstick.img of=/dev/da0 bs=64k + + + + + Utiliser &windows; pour crire l'image + + + Assurez-vous de prciser le bon lecteur comme + cible, ou vous risquez d'craser et dtruire les + donnes existantes. + + + + Rcuprer <application>Image Writer for + &windows;</application> + + Image Writer for + &windows; est une application gratuite + pour crire une image sur une cl USB. Tlchargez-la + depuis + et dcompressez-la dans un rpertoire. + + + + Ecrire l'image avec Image Writer + + Double-cliquez sur l'icone + Win32DiskImager pour lancer + le programme. Vrifez que le lecteur affich sous + Device est celui de + la cl USB. Cliquer sur l'icone rpertoire et + slectionner l'image crire sur la cl. Cliquer sur + [ Save ] pour + accepter le nom du fichier image. Vrifiez que tout + est correct, et qu'il n'y a pas de rpertoires + prsents sur la cl USB ouverts dans d'autres + fentres. Puis quand tout est prt, cliquer sur + [ Write ] pour crire + le fichier image sur la cl USB. + + + + + + + L'installation partir de disquettes n'est plus + supporte. + + + Vous tes maintenant prt commencer l'installation de + &os;. + + + + + Lancer l'installation + + + Par dfaut, le processus d'installation ne modifiera rien + sur le(s) disque(s) dur(s) jusqu' ce que vous voyiez le + message suivant: + + Your changes will now be written to disk. If you +have chosen to overwrite existing data, it will +be PERMANENTLY ERASED. Are you sure you want to +commit your changes? + + L'installation peut tre quitte tout moment avant + l'avertissement final sans changer le contenu du disque dur. + Si vous avez mal configur quelque chose, vous pouvez juste + teindre l'ordinateur avant ce point sans aucun risque. + + + + Dmarrage + + + Dmarrage pour les architectures &i386; et + &arch.amd64; + + + + Si vous avez prpar une cl USB + bootable, comme dcrit dans la , branchez + alors votre cl USB avant d'allumer l'ordinateur. + + Si vous dmarrez depuis le CDROM, alors vous devrez + allumer votre ordinateur, et insrer le CDROM la + premire occasion. + + + + Configurez votre machine pour qu'elle dmarre soit + partir du CDROM ou de l'USB, en fonction du support + utilis pour l'installation. Le BIOS + permet la slection d'un priphrique de dmarrage + spcifique. La plupart des systmes proposent galement + la slection du priphrique d'amorage au dmarrage, + gnralement en appuyant sur F10, + F11, F12, ou encore + Escape. + + + + Si votre ordinateur dmarre comme l'accoutume et, + et charge le systme d'exploitation existant, alors + soit: + + + + Les disques n'ont pas t insrs suffisamment + tt lors du processus de dmarrage. Laissez-les, et + essayez de redmarrer votre ordinateur. + + + + Soit les modifications du BIOS + effectues juste avant n'ont pas fonctionn + correctement. Vous devrez repasser par cette tape + jusqu' trouver la bonne option. + + + + Soit votre BIOS ne supporte + pas l'amorage partir du support dsir. Le gestionnaire + de dmarrage Plop peut tre utilis pour + dmarrer les anciens ordinateurs partir de + supports comme un CD ou une cl USB. + + + + + + &os; dmarre. Si vous dmarrez partir du CDROM + vous verrez un affichage similaire ceci (information + sur la version omise): + + Booting from CD-ROM... +645MB medium detected +CD Loader 1.2 + +Building the boot loader arguments +Looking up /BOOT/LOADER... Found +Relocating the loader and the BTX +Starting the BTX loader + +BTX loader 1.00 BTX version is 1.02 +Consoles: internal video/keyboard +BIOS CD is cd0 +BIOS drive C: is disk0 +BIOS drive D: is disk1 +BIOS 636kB/261056kB available memory + +FreeBSD/i386 bootstrap loader, Revision 1.1 + +Loading /boot/defaults/loader.conf +/boot/kernel/kernel text=0x64daa0 data=0xa4e80+0xa9e40 syms=[0x4+0x6cac0+0x4+0x88e9d] +\ + + + + Le chargeur &os; est alors affich: + +
    + Menu du chargeur &os; + + + + + + +
    + + Attendez dix secondes, ou appuyez sur + Entre. +     +     +     + + + Dmarrage pour l'architecture &macintosh; + &powerpc; + + Sur la plupart des machines, maintenir + la touche C enfonce lors du dmarrage + provoquera l'amorage du CD. Sinon appuyez sur + + Command + Option + O + F + , + ou + + Windows + Alt + O + F + + dans le cas des claviers non-&apple;. A l'invite + 0 >, entrez: + + boot cd:,\ppc\loader cd:0 + + Pour les machines Xserve sans clavier, consultez le + site de + support d'&apple; au sujet du dmarrage avec Open + Firmware. + + + + Dmarrage pour l'architecture &sparc64; + + La plupart des systmes &sparc64; sont + configurs pour dmarrer automatiquement + partir du disque dur. Pour installer &os;, vous + devez dmarrer partir du rseau ou + partir d'un CDROM, ce qui ncessitera un + passage par le PROM + (OpenFirmware). + + Pour cela, redmarrez le systme, et + attendez l'affichage des messages de dmarrage. En + fonction du modle, vous devriez voir quelque chose + comme ce qui suit: + + Sun Blade 100 (UltraSPARC-IIe), Keyboard Present +Copyright 1998-2001 Sun Microsystems, Inc. All rights reserved. +OpenBoot 4.2, 128 MB memory installed, Serial #51090132. +Ethernet address 0:3:ba:b:92:d4, Host ID: 830b92d4. + + Si votre systme tente de dmarrer + partir du disque dur cet endroit, vous devrez + alors appuyer sur L1A + ou StopA + sur le clavier, ou envoyer un BREAK par + l'intermdiaire de la console srie (en utilisant par + exemple ~# sous &man.tip.1; ou + &man.cu.1;) pour obtenir l'invite PROM. + Cela ressemble ceci: + + ok +ok {0} + + + + C'est l'invite utilise sur les systmes avec un + seul CPU. + + + + C'est l'invite utilise sur les systmes SMP, le + chiffre indiquant le nombre de CPU actifs. + + + + En ce point, placez le CDROM dans le lecteur, et + l'invite PROM, tapez boot + cdrom. + +     + + + Examen des rsultats de la dtection du + matriel + + La dernire centaine de lignes qui a t affiche + l'cran est stocke et peut tre relue. + + Pour relire le tampon, appuyez sur Arrt + Dfil. Cela activera le dfilement de l'affichage. + Vous pouvez alors utiliser les touches flches, ou + PageUp et PageDown pour + visualiser les rsultats. Appuyer nouveau sur Arrt + Dfil pour revenir dans le mode normal. + + Faites cela maintenant, pour relire le texte qui a dfil + en dehors de l'cran quand le noyau effectuait la dtection du + matriel. Vous verrez quelque chose de semblable la , bien que le texte sera + diffrent en fonction des priphriques que vous avez dans + votre ordinateur. + +
    + Rsultats typiques de la dtection du + matriel + + Copyright (c) 1992-2011 The FreeBSD Project. +Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 + The Regents of the University of California. All rights reserved. +FreeBSD is a registered trademark of The FreeBSD Foundation. +FreeBSD 9.0-RELEASE #0 r225473M: Sun Sep 11 16:07:30 BST 2011 + root@psi:/usr/obj/usr/src/sys/GENERIC amd64 +CPU: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz (2527.05-MHz K8-class CPU) + Origin = "GenuineIntel" Id = 0x10676 Family = 6 Model = 17 Stepping = 6 + Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE> + Features2=0x8e3fd<SSE3,DTES64,MON,DS_CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1> + AMD Features=0x20100800<SYSCALL,NX,LM> + AMD Features2=0x1<LAHF> + TSC: P-state invariant, performance statistics +real memory = 3221225472 (3072 MB) +avail memory = 2926649344 (2791 MB) +Event timer "LAPIC" quality 400 +ACPI APIC Table: <TOSHIB A0064 > +FreeBSD/SMP: Multiprocessor System Detected: 2 CPUs +FreeBSD/SMP: 1 package(s) x 2 core(s) + cpu0 (BSP): APIC ID: 0 + cpu1 (AP): APIC ID: 1 +ioapic0: Changing APIC ID to 1 +ioapic0 <Version 2.0> irqs 0-23 on motherboard +kbd1 at kbdmux0 +acpi0: <TOSHIB A0064> on motherboard +acpi0: Power Button (fixed) +acpi0: reservation of 0, a0000 (3) failed +acpi0: reservation of 100000, b6690000 (3) failed +Timecounter "ACPI-safe" frequency 3579545 Hz quality 850 +acpi_timer0: <24-bit timer at 3.579545MHz> port 0xd808-0xd80b on acpi0 +cpu0: <ACPI CPU> on acpi0 +ACPI Warning: Incorrect checksum in table [ASF!] - 0xFE, should be 0x9A (20110527/tbutils-282) +cpu1: <ACPI CPU> on acpi0 +pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0 +pci0: <ACPI PCI bus> on pcib0 +vgapci0: <VGA-compatible display> port 0xcff8-0xcfff mem 0xff400000-0xff7fffff,0xe0000000-0xefffffff irq 16 at device 2.0 on pci0 +agp0: <Intel GM45 SVGA controller> on vgapci0 +agp0: aperture size is 256M, detected 131068k stolen memory +vgapci1: <VGA-compatible display> mem 0xffc00000-0xffcfffff at device 2.1 on pci0 +pci0: <simple comms> at device 3.0 (no driver attached) +em0: <Intel(R) PRO/1000 Network Connection 7.2.3> port 0xcf80-0xcf9f mem 0xff9c0000-0xff9dffff,0xff9fe000-0xff9fefff irq 20 at device 25.0 on pci0 +em0: Using an MSI interrupt +em0: Ethernet address: 00:1c:7e:6a:ca:b0 +uhci0: <Intel 82801I (ICH9) USB controller> port 0xcf60-0xcf7f irq 16 at device 26.0 on pci0 +usbus0: <Intel 82801I (ICH9) USB controller> on uhci0 +uhci1: <Intel 82801I (ICH9) USB controller> port 0xcf40-0xcf5f irq 21 at device 26.1 on pci0 +usbus1: <Intel 82801I (ICH9) USB controller> on uhci1 +uhci2: <Intel 82801I (ICH9) USB controller> port 0xcf20-0xcf3f irq 19 at device 26.2 on pci0 +usbus2: <Intel 82801I (ICH9) USB controller> on uhci2 +ehci0: <Intel 82801I (ICH9) USB 2.0 controller> mem 0xff9ff800-0xff9ffbff irq 19 at device 26.7 on pci0 +usbus3: EHCI version 1.0 +usbus3: <Intel 82801I (ICH9) USB 2.0 controller> on ehci0 +hdac0: <Intel 82801I High Definition Audio Controller> mem 0xff9f8000-0xff9fbfff irq 22 at device 27.0 on pci0 +pcib1: <ACPI PCI-PCI bridge> irq 17 at device 28.0 on pci0 +pci1: <ACPI PCI bus> on pcib1 +iwn0: <Intel(R) WiFi Link 5100> mem 0xff8fe000-0xff8fffff irq 16 at device 0.0 on pci1 +pcib2: <ACPI PCI-PCI bridge> irq 16 at device 28.1 on pci0 +pci2: <ACPI PCI bus> on pcib2 +pcib3: <ACPI PCI-PCI bridge> irq 18 at device 28.2 on pci0 +pci4: <ACPI PCI bus> on pcib3 +pcib4: <ACPI PCI-PCI bridge> at device 30.0 on pci0 +pci5: <ACPI PCI bus> on pcib4 +cbb0: <RF5C476 PCI-CardBus Bridge> at device 11.0 on pci5 +cardbus0: <CardBus bus> on cbb0 +pccard0: <16-bit PCCard bus> on cbb0 +isab0: <PCI-ISA bridge> at device 31.0 on pci0 +isa0: <ISA bus> on isab0 +ahci0: <Intel ICH9M AHCI SATA controller> port 0x8f58-0x8f5f,0x8f54-0x8f57,0x8f48-0x8f4f,0x8f44-0x8f47,0x8f20-0x8f3f mem 0xff9fd800-0xff9fdfff irq 19 at device 31.2 on pci0 +ahci0: AHCI v1.20 with 4 3Gbps ports, Port Multiplier not supported +ahcich0: <AHCI channel> at channel 0 on ahci0 +ahcich1: <AHCI channel> at channel 1 on ahci0 +ahcich2: <AHCI channel> at channel 4 on ahci0 +acpi_lid0: <Control Method Lid Switch> on acpi0 +battery0: <ACPI Control Method Battery> on acpi0 +acpi_button0: <Power Button> on acpi0 +acpi_acad0: <AC Adapter> on acpi0 +acpi_toshiba0: <Toshiba HCI Extras> on acpi0 +acpi_tz0: <Thermal Zone> on acpi0 +attimer0: <AT timer> port 0x40-0x43 irq 0 on acpi0 +Timecounter "i8254" frequency 1193182 Hz quality 0 +Event timer "i8254" frequency 1193182 Hz quality 100 +atkbdc0: <Keyboard controller (i8042)> port 0x60,0x64 irq 1 on acpi0 +atkbd0: <AT Keyboard> irq 1 on atkbdc0 +kbd0 at atkbd0 +atkbd0: [GIANT-LOCKED] +psm0: <PS/2 Mouse> irq 12 on atkbdc0 +psm0: [GIANT-LOCKED] +psm0: model GlidePoint, device ID 0 +atrtc0: <AT realtime clock> port 0x70-0x71 irq 8 on acpi0 +Event timer "RTC" frequency 32768 Hz quality 0 +hpet0: <High Precision Event Timer> iomem 0xfed00000-0xfed003ff on acpi0 +Timecounter "HPET" frequency 14318180 Hz quality 950 +Event timer "HPET" frequency 14318180 Hz quality 450 +Event timer "HPET1" frequency 14318180 Hz quality 440 +Event timer "HPET2" frequency 14318180 Hz quality 440 +Event timer "HPET3" frequency 14318180 Hz quality 440 +uart0: <16550 or compatible> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0 +sc0: <System console> at flags 0x100 on isa0 +sc0: VGA <16 virtual consoles, flags=0x300> +vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0 +ppc0: cannot reserve I/O port range +est0: <Enhanced SpeedStep Frequency Control> on cpu0 +p4tcc0: <CPU Frequency Thermal Control> on cpu0 +est1: <Enhanced SpeedStep Frequency Control> on cpu1 +p4tcc1: <CPU Frequency Thermal Control> on cpu1 +Timecounters tick every 1.000 msec +hdac0: HDA Codec #0: Realtek ALC268 +hdac0: HDA Codec #1: Lucent/Agere Systems (Unknown) +pcm0: <HDA Realtek ALC268 PCM #0 Analog> at cad 0 nid 1 on hdac0 +pcm1: <HDA Realtek ALC268 PCM #1 Analog> at cad 0 nid 1 on hdac0 +usbus0: 12Mbps Full Speed USB v1.0 +usbus1: 12Mbps Full Speed USB v1.0 +usbus2: 12Mbps Full Speed USB v1.0 +usbus3: 480Mbps High Speed USB v2.0 *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Sun Jun 22 14:43:44 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 962F14D6; Sun, 22 Jun 2014 14:43:44 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 82A4A2B40; Sun, 22 Jun 2014 14:43:44 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5MEhi0W088321; Sun, 22 Jun 2014 14:43:44 GMT (envelope-from blackend@svn.freebsd.org) Received: (from blackend@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5MEhiEs088318; Sun, 22 Jun 2014 14:43:44 GMT (envelope-from blackend@svn.freebsd.org) Message-Id: <201406221443.s5MEhiEs088318@svn.freebsd.org> From: Marc Fonvieille Date: Sun, 22 Jun 2014 14:43:44 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45101 - head/fr_FR.ISO8859-1/books/handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Jun 2014 14:43:44 -0000 Author: blackend Date: Sun Jun 22 14:43:43 2014 New Revision: 45101 URL: http://svnweb.freebsd.org/changeset/doc/45101 Log: Hook bsdinstall/chapter.xml to the build. Modified: head/fr_FR.ISO8859-1/books/handbook/Makefile head/fr_FR.ISO8859-1/books/handbook/chapters.ent Modified: head/fr_FR.ISO8859-1/books/handbook/Makefile ============================================================================== --- head/fr_FR.ISO8859-1/books/handbook/Makefile Sun Jun 22 14:33:44 2014 (r45100) +++ head/fr_FR.ISO8859-1/books/handbook/Makefile Sun Jun 22 14:43:43 2014 (r45101) @@ -21,6 +21,50 @@ IMAGES+= advanced-networking/isdn-twiste IMAGES+= advanced-networking/natd.eps IMAGES+= advanced-networking/net-routing.pic IMAGES_EN+= advanced-networking/static-routes.pic +IMAGES_EN+= bsdinstall/bsdinstall-adduser1.png +IMAGES_EN+= bsdinstall/bsdinstall-adduser2.png +IMAGES_EN+= bsdinstall/bsdinstall-adduser3.png +IMAGES_EN+= bsdinstall/bsdinstall-boot-loader-menu.png +IMAGES_EN+= bsdinstall/bsdinstall-choose-mode.png +IMAGES_EN+= bsdinstall/bsdinstall-config-components.png +IMAGES_EN+= bsdinstall/bsdinstall-config-hostname.png +IMAGES_EN+= bsdinstall/bsdinstall-config-keymap.png +IMAGES_EN+= bsdinstall/bsdinstall-config-services.png +IMAGES_EN+= bsdinstall/bsdinstall-config-crashdump.png +IMAGES_EN+= bsdinstall/bsdinstall-configure-network-interface-ipv4-dhcp.png +IMAGES_EN+= bsdinstall/bsdinstall-configure-network-interface-ipv4.png +IMAGES_EN+= bsdinstall/bsdinstall-configure-network-interface-ipv4-static.png +IMAGES_EN+= bsdinstall/bsdinstall-configure-network-interface-ipv6.png +IMAGES_EN+= bsdinstall/bsdinstall-configure-network-interface-ipv6-static.png +IMAGES_EN+= bsdinstall/bsdinstall-configure-network-interface-slaac.png +IMAGES_EN+= bsdinstall/bsdinstall-configure-network-interface.png +IMAGES_EN+= bsdinstall/bsdinstall-configure-network-ipv4-dns.png +IMAGES_EN+= bsdinstall/bsdinstall-configure-wireless-accesspoints.png +IMAGES_EN+= bsdinstall/bsdinstall-configure-wireless-scan.png +IMAGES_EN+= bsdinstall/bsdinstall-configure-wireless-wpa2setup.png +IMAGES_EN+= bsdinstall/bsdinstall-distfile-extracting.png +IMAGES_EN+= bsdinstall/bsdinstall-distfile-fetching.png +IMAGES_EN+= bsdinstall/bsdinstall-distfile-verifying.png +IMAGES_EN+= bsdinstall/bsdinstall-final-confirmation.png +IMAGES_EN+= bsdinstall/bsdinstall-finalconfiguration.png +IMAGES_EN+= bsdinstall/bsdinstall-final-modification-shell.png +IMAGES_EN+= bsdinstall/bsdinstall-keymap-select-default.png +IMAGES_EN+= bsdinstall/bsdinstall-mainexit.png +IMAGES_EN+= bsdinstall/bsdinstall-netinstall-files.png +IMAGES_EN+= bsdinstall/bsdinstall-netinstall-mirrorselect.png +IMAGES_EN+= bsdinstall/bsdinstall-part-entire-part.png +IMAGES_EN+= bsdinstall/bsdinstall-part-guided-disk.png +IMAGES_EN+= bsdinstall/bsdinstall-part-guided-manual.png +IMAGES_EN+= bsdinstall/bsdinstall-part-manual-addpart.png +IMAGES_EN+= bsdinstall/bsdinstall-part-manual-create.png +IMAGES_EN+= bsdinstall/bsdinstall-part-manual-partscheme.png +IMAGES_EN+= bsdinstall/bsdinstall-part-review.png +IMAGES_EN+= bsdinstall/bsdinstall-post-root-passwd.png +IMAGES_EN+= bsdinstall/bsdinstall-set-clock-local-utc.png +IMAGES_EN+= bsdinstall/bsdinstall-timezone-confirm.png +IMAGES_EN+= bsdinstall/bsdinstall-timezone-country.png +IMAGES_EN+= bsdinstall/bsdinstall-timezone-region.png +IMAGES_EN+= bsdinstall/bsdinstall-timezone-zone.png IMAGES_EN+= geom/striping.pic IMAGES_EN+= install/adduser1.scr IMAGES_EN+= install/adduser2.scr @@ -161,6 +205,7 @@ IMAGES_LIB+= callouts/15.png # XML content SRCS+= audit/chapter.xml SRCS+= book.xml +SRCS+= bsdinstall/chapter.xml SRCS+= colophon.xml SRCS+= dtrace/chapter.xml SRCS+= advanced-networking/chapter.xml Modified: head/fr_FR.ISO8859-1/books/handbook/chapters.ent ============================================================================== --- head/fr_FR.ISO8859-1/books/handbook/chapters.ent Sun Jun 22 14:33:44 2014 (r45100) +++ head/fr_FR.ISO8859-1/books/handbook/chapters.ent Sun Jun 22 14:43:43 2014 (r45101) @@ -20,6 +20,7 @@ + From owner-svn-doc-all@FreeBSD.ORG Sun Jun 22 14:45:04 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2EC28614; Sun, 22 Jun 2014 14:45:04 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1B9832B49; Sun, 22 Jun 2014 14:45:04 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5MEj3NS088725; Sun, 22 Jun 2014 14:45:03 GMT (envelope-from blackend@svn.freebsd.org) Received: (from blackend@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5MEj3Sv088724; Sun, 22 Jun 2014 14:45:03 GMT (envelope-from blackend@svn.freebsd.org) Message-Id: <201406221445.s5MEj3Sv088724@svn.freebsd.org> From: Marc Fonvieille Date: Sun, 22 Jun 2014 14:45:03 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45102 - head/fr_FR.ISO8859-1/books/handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Jun 2014 14:45:04 -0000 Author: blackend Date: Sun Jun 22 14:45:03 2014 New Revision: 45102 URL: http://svnweb.freebsd.org/changeset/doc/45102 Log: MFen to r44332 and cleanup a bit the informations related to translation. Modified: head/fr_FR.ISO8859-1/books/handbook/book.xml Modified: head/fr_FR.ISO8859-1/books/handbook/book.xml ============================================================================== --- head/fr_FR.ISO8859-1/books/handbook/book.xml Sun Jun 22 14:43:43 2014 (r45101) +++ head/fr_FR.ISO8859-1/books/handbook/book.xml Sun Jun 22 14:45:03 2014 (r45102) @@ -9,7 +9,7 @@ The FreeBSD French Documentation Project $FreeBSD$ - Original revision: 1.172 + Original revision: 44332 --> Manuel FreeBSD @@ -17,7 +17,7 @@ Groupe de Documentation FreeBSD - Fvrier 1999 + $FreeBSD$ $FreeBSD$ @@ -36,6 +36,12 @@ 2006 2007 2008 + 2009 + 2010 + 2011 + 2012 + 2013 + 2014 Groupe de Documentation FreeBSD @@ -49,7 +55,6 @@ &tm-attrib.adaptec; &tm-attrib.adobe; &tm-attrib.apple; - &tm-attrib.corel; &tm-attrib.creative; &tm-attrib.cvsup; &tm-attrib.heidelberger; @@ -60,18 +65,12 @@ &tm-attrib.linux; &tm-attrib.lsilogic; &tm-attrib.m-systems; - &tm-attrib.macromedia; &tm-attrib.microsoft; - &tm-attrib.netscape; - &tm-attrib.nexthop; &tm-attrib.opengroup; &tm-attrib.oracle; - &tm-attrib.powerquest; &tm-attrib.realnetworks; &tm-attrib.redhat; - &tm-attrib.sap; &tm-attrib.sun; - &tm-attrib.symantec; &tm-attrib.themathworks; &tm-attrib.thomson; &tm-attrib.usrobotics; @@ -85,18 +84,19 @@ Bienvenue à FreeBSD! Ce manuel dcrit l'installation - et l'utilisation quotidienne de la Version - &rel2.current;-RELEASE de FreeBSD - et FreeBSD &rel.current;-RELEASE. + et l'utilisation quotidienne de FreeBSD + &rel3.current;-RELEASE, FreeBSD + &rel2.current;-RELEASE et FreeBSD + &rel.current;-RELEASE. Ce manuel est en - constante volution. Il est le + constante volution et il est le rsultat du travail de nombreuses personnes. Par consquent, certaines sections peuvent prendre de l'ge et demandent à tre mises à jour. Si vous voulez participer à ce projet, envoyez un courrier lectronique à la &a.doc;. La dernire version anglaise de ce document est disponible sur le - serveur World Wide Web + site Web de FreeBSD (les versions antrieures de ce manuel peuvent tre obtenues auprs de http://docs.FreeBSD.org/doc/). Il peut tre aussi @@ -112,14 +112,8 @@ faire des recherches dans le Manuel. - N.d.T.: Contactez &a.blackend; si vous voulez collaborer à - la traduction. - - Version franaise de &a.blackend; avec la - collaboration de &a.fr.delfly; - - Premire version de - &a.fr.haby; + N.d.T.: Contactez &a.fr.fonvieille; si vous voulez + collaborer à la traduction. @@ -168,6 +162,7 @@ &chap.introduction; &chap.install; + &chap.bsdinstall; &chap.basics; &chap.ports; &chap.x11; @@ -314,7 +309,7 @@ &chap.eresources; &chap.pgpkeys; - &chap.freebsd-glossary; - &chap.index; + &chap.freebsd-glossary; + &chap.index; &chap.colophon; From owner-svn-doc-all@FreeBSD.ORG Mon Jun 23 13:47:08 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AD9CDEDE; Mon, 23 Jun 2014 13:47:08 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7E46A2A29; Mon, 23 Jun 2014 13:47:08 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5NDl8Kj043068; Mon, 23 Jun 2014 13:47:08 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5NDl8A0043067; Mon, 23 Jun 2014 13:47:08 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201406231347.s5NDl8A0043067@svn.freebsd.org> From: Ryusuke SUZUKI Date: Mon, 23 Jun 2014 13:47:08 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45103 - head/ja_JP.eucJP/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Jun 2014 13:47:08 -0000 Author: ryusuke Date: Mon Jun 23 13:47:08 2014 New Revision: 45103 URL: http://svnweb.freebsd.org/changeset/doc/45103 Log: - Merge the following from the English version: r43887 -> r43888 head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Sun Jun 22 14:45:03 2014 (r45102) +++ head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Mon Jun 23 13:47:08 2014 (r45103) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43887 + Original revision: r43888 $FreeBSD$ --> @@ -29,7 +29,8 @@ 電話: +1 925 240-6652 Fax: +1 925 674-0821 Email: info@freebsdmall.com - WWW: http://www.freebsdmall.com/ + WWW: http://www.freebsdmall.com/ @@ -40,7 +41,8 @@ D-81371 München Germany 電話: (0177) 428 419 0 - WWW: http://www.hinner.de/linux/freebsd.html + WWW: http://www.hinner.de/linux/freebsd.html @@ -51,7 +53,8 @@ Margate CT9 2TB United Kingdom - WWW: https://linux-distro.co.uk/ + WWW: https://linux-distro.co.uk/ @@ -64,7 +67,8 @@ United Kingdom 電話: +44 (0)247 615 8121 Fax: +44 1491 837016 - WWW: http://www.linuxemporium.co.uk/products/bsd/ + WWW: http://www.linuxemporium.co.uk/products/bsd/ @@ -77,7 +81,8 @@ Russia 電話: +7-812-3125208 Email: info@linuxcenter.ru - WWW: http://linuxcenter.ru/shop/freebsd + WWW: http://linuxcenter.ru/shop/freebsd @@ -88,8 +93,8 @@ <acronym>FTP</acronym> サイト &os; の公式な情報は anonymous FTP - によって世界中のミラーサイトより入手できます。 - ftp://ftp.FreeBSD.org/pub/FreeBSD/ + によって世界中のミラーサイトより入手できます。ftp://ftp.FreeBSD.org/pub/FreeBSD/ サイトは接続が良く、大規模な接続を受け付けていますが、 よりネットワーク的に近い ミラーサイトを探した方が良いでしょう @@ -126,8 +131,8 @@ CVS は、プロジェクトにおいて使用されなくなったため、 - 非推奨になりました。かわりに - Subversion + 非推奨になりました。かわりに Subversion を使ってください。 @@ -193,10 +198,12 @@ - ftp://ftp.FreeBSD.org/pub/FreeBSD/development/CTM/ + ftp://ftp.FreeBSD.org/pub/FreeBSD/development/CTM/ - ftp://ftp.FreeBSD.org/pub/FreeBSD/CTM/ + ftp://ftp.FreeBSD.org/pub/FreeBSD/CTM/ @@ -207,7 +214,8 @@ - ftp://ftp.za.FreeBSD.org/pub/FreeBSD/CTM/ + ftp://ftp.za.FreeBSD.org/pub/FreeBSD/CTM/ @@ -219,23 +227,26 @@ - ftp://ctm.tw.FreeBSD.org/pub/FreeBSD/development/CTM/ + ftp://ctm.tw.FreeBSD.org/pub/FreeBSD/development/CTM/ - ftp://ctm2.tw.FreeBSD.org/pub/FreeBSD/development/CTM/ + ftp://ctm2.tw.FreeBSD.org/pub/FreeBSD/development/CTM/ - ftp://ctm3.tw.FreeBSD.org/pub/FreeBSD/development/CTM/ + ftp://ctm3.tw.FreeBSD.org/pub/FreeBSD/development/CTM/ - メールでデルタを得たいという場合は、 - http://lists.freebsd.org/mailman/listinfo + メールでデルタを得たいという場合は、http://lists.freebsd.org/mailman/listinfo から、ctm-src 配布メーリングリストのいずれかに参加してください。 たとえば &a.ctm-src-cur.name; @@ -382,41 +393,39 @@ - - 更新で変更されるファイルを制限する + + 更新で変更されるファイルを制限する - - CTM - の更新の範囲を制限したり一連のデルタのから - ほんの数ファイルを抽出するには、 - 使用するファイルを指定する - と - どのファイルを無視するかを指定する - - オプションを使って、正規表現で指定できます。 - - 例えば、lib/libc/Makefile - の最新のコピーを保存してある CTM - デルタのコレクションから抽出するには、 - 以下のコマンドを実行してください。 + + CTM + の更新の範囲を制限したり一連のデルタのから + ほんの数ファイルを抽出するには、 + 使用するファイルを指定する + と + どのファイルを無視するかを指定する + + オプションを使って、正規表現で指定できます。 + + 例えば、lib/libc/Makefile + の最新のコピーを保存してある CTM + デルタのコレクションから抽出するには、 + 以下のコマンドを実行してください。 - &prompt.root; cd /directory/to/extract/to/ + &prompt.root; cd /directory/to/extract/to/ &prompt.root; ctm -e '^lib/libc/Makefile' /directory/which/stores/the/deltas/src-xxx.* - CTM - デルタで指定されたファイルごとに、 - そして - オプションがコマンドラインで指定された順序で適用されます。 - すべての そして - オプションが適用された後に更新対象と選択された場合に限り、 - CTM - はそのファイルを処理します。 - - - - + CTM + デルタで指定されたファイルごとに、 + そして + オプションがコマンドラインで指定された順序で適用されます。 + すべての そして + オプションが適用された後に更新対象と選択された場合に限り、 + CTM + はそのファイルを処理します。 + + + - @@ -123,21 +123,6 @@ &chap.mirrors.ftp.inc; - - Anonymous CVS (非推奨) - - - Warning - - - CVS は、プロジェクトにおいて使用されなくなったため、 - 非推奨になりました。かわりに Subversion - を使ってください。 - - - - CTM を使う @@ -777,10 +762,10 @@ Certificate information: 紹介 - cvsup は、 - プロジェクトにおいて使用されなくなったため、 - 非推奨になりました。 - かわりに Subversion + CVS および cvsup は、 + プロジェクトにおいて使用されなくなりました。 + かわりに Subversion を使ってください。 From owner-svn-doc-all@FreeBSD.ORG Mon Jun 23 17:09:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CA6E8B5C; Mon, 23 Jun 2014 17:09:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9EDE62DD2; Mon, 23 Jun 2014 17:09:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5NH9tDU038925; Mon, 23 Jun 2014 17:09:55 GMT (envelope-from blackend@svn.freebsd.org) Received: (from blackend@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5NH9ttI038924; Mon, 23 Jun 2014 17:09:55 GMT (envelope-from blackend@svn.freebsd.org) Message-Id: <201406231709.s5NH9ttI038924@svn.freebsd.org> From: Marc Fonvieille Date: Mon, 23 Jun 2014 17:09:55 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org Subject: svn commit: r45105 - release/9.3.0 X-SVN-Group: doc-release MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Jun 2014 17:09:55 -0000 Author: blackend Date: Mon Jun 23 17:09:55 2014 New Revision: 45105 URL: http://svnweb.freebsd.org/changeset/doc/45105 Log: Tag FreeBSD docset for 9.3-RELEASE Approved by: doceng (implicit) Added: release/9.3.0/ - copied from r45104, head/ From owner-svn-doc-all@FreeBSD.ORG Mon Jun 23 18:02:54 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 333E5697; Mon, 23 Jun 2014 18:02:54 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 20992235C; Mon, 23 Jun 2014 18:02:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5NI2rs7066607; Mon, 23 Jun 2014 18:02:53 GMT (envelope-from blackend@svn.freebsd.org) Received: (from blackend@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5NI2rOU066606; Mon, 23 Jun 2014 18:02:53 GMT (envelope-from blackend@svn.freebsd.org) Message-Id: <201406231802.s5NI2rOU066606@svn.freebsd.org> From: Marc Fonvieille Date: Mon, 23 Jun 2014 18:02:53 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org Subject: svn commit: r45106 - release/9.3.0/share/xml X-SVN-Group: doc-release MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Jun 2014 18:02:54 -0000 Author: blackend Date: Mon Jun 23 18:02:53 2014 New Revision: 45106 URL: http://svnweb.freebsd.org/changeset/doc/45106 Log: Add 9.3-R bits. Approved by: doceng (implicit) Modified: release/9.3.0/share/xml/freebsd.ent Modified: release/9.3.0/share/xml/freebsd.ent ============================================================================== --- release/9.3.0/share/xml/freebsd.ent Mon Jun 23 17:09:55 2014 (r45105) +++ release/9.3.0/share/xml/freebsd.ent Mon Jun 23 18:02:53 2014 (r45106) @@ -72,8 +72,8 @@ used in both environments. - - + + From owner-svn-doc-all@FreeBSD.ORG Tue Jun 24 10:58:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CE4F729C; Tue, 24 Jun 2014 10:58:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B9EF32B1A; Tue, 24 Jun 2014 10:58:13 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5OAwDxG048911; Tue, 24 Jun 2014 10:58:13 GMT (envelope-from kadesai@svn.freebsd.org) Received: (from kadesai@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5OAwCvP048902; Tue, 24 Jun 2014 10:58:12 GMT (envelope-from kadesai@svn.freebsd.org) Message-Id: <201406241058.s5OAwCvP048902@svn.freebsd.org> From: Kashyap D Desai Date: Tue, 24 Jun 2014 10:58:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45107 - in head: en_US.ISO8859-1/articles/contributors share/pgpkeys share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jun 2014 10:58:14 -0000 Author: kadesai (src committer) Date: Tue Jun 24 10:58:12 2014 New Revision: 45107 URL: http://svnweb.freebsd.org/changeset/doc/45107 Log: - Add myself as a committer - Add my PGP public key - Add my author entity - Add a news entry Approved by: ken/scottl/ambrisko (mentors) Modified: head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml head/share/pgpkeys/pgpkeys-developers.xml head/share/pgpkeys/pgpkeys.ent head/share/xml/authors.ent head/share/xml/news.xml Modified: head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Mon Jun 23 18:02:53 2014 (r45106) +++ head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Tue Jun 24 10:58:12 2014 (r45107) @@ -891,6 +891,10 @@ + &a.kadesai.email; + + + &a.ken.email; Modified: head/share/pgpkeys/pgpkeys-developers.xml ============================================================================== --- head/share/pgpkeys/pgpkeys-developers.xml Mon Jun 23 18:02:53 2014 (r45106) +++ head/share/pgpkeys/pgpkeys-developers.xml Tue Jun 24 10:58:12 2014 (r45107) @@ -1295,6 +1295,11 @@ &a.jmmv.email; &pgpkey.jmmv; + + + &a.kadesai.email; + &pgpkey.kadesai; + &a.ken.email; Modified: head/share/pgpkeys/pgpkeys.ent ============================================================================== --- head/share/pgpkeys/pgpkeys.ent Mon Jun 23 18:02:53 2014 (r45106) +++ head/share/pgpkeys/pgpkeys.ent Tue Jun 24 10:58:12 2014 (r45107) @@ -216,6 +216,7 @@ + Modified: head/share/xml/authors.ent ============================================================================== --- head/share/xml/authors.ent Mon Jun 23 18:02:53 2014 (r45106) +++ head/share/xml/authors.ent Tue Jun 24 10:58:12 2014 (r45107) @@ -1134,6 +1134,9 @@ keith@FreeBSD.org"> + +kadesai@FreeBSD.org"> + ken@FreeBSD.org"> Modified: head/share/xml/news.xml ============================================================================== --- head/share/xml/news.xml Mon Jun 23 18:02:53 2014 (r45106) +++ head/share/xml/news.xml Tue Jun 24 10:58:12 2014 (r45107) @@ -147,6 +147,16 @@

    New committer: + Kashyap Desai + (src)

    +     + + + + 7 + + +

    New committer: Stephen McConnell (src)

     From owner-svn-doc-all@FreeBSD.ORG Tue Jun 24 11:24:19 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A84F5CDB; Tue, 24 Jun 2014 11:24:19 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7BF8F2DD9; Tue, 24 Jun 2014 11:24:19 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5OBOJYq062825; Tue, 24 Jun 2014 11:24:19 GMT (envelope-from kadesai@svn.freebsd.org) Received: (from kadesai@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5OBOJSW062824; Tue, 24 Jun 2014 11:24:19 GMT (envelope-from kadesai@svn.freebsd.org) Message-Id: <201406241124.s5OBOJSW062824@svn.freebsd.org> From: Kashyap D Desai Date: Tue, 24 Jun 2014 11:24:19 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45108 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jun 2014 11:24:19 -0000 Author: kadesai (src committer) Date: Tue Jun 24 11:24:19 2014 New Revision: 45108 URL: http://svnweb.freebsd.org/changeset/doc/45108 Log: - Add my PGP public key Approved by: ken/scottl/ambrisko (mentors) Added: head/share/pgpkeys/kadesai.key (contents, props changed) Added: head/share/pgpkeys/kadesai.key ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/pgpkeys/kadesai.key Tue Jun 24 11:24:19 2014 (r45108) @@ -0,0 +1,42 @@ + + + +sub 2048g/9372013F74B44808 2014-05-22 [expires: 2017-05-21] + +]]> + From owner-svn-doc-all@FreeBSD.ORG Tue Jun 24 13:20:27 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A6F90560; Tue, 24 Jun 2014 13:20:27 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 86D10285C; Tue, 24 Jun 2014 13:20:27 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5ODKRr0016412; Tue, 24 Jun 2014 13:20:27 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5ODKRs3016411; Tue, 24 Jun 2014 13:20:27 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406241320.s5ODKRs3016411@svn.freebsd.org> From: Warren Block Date: Tue, 24 Jun 2014 13:20:27 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45109 - head/en_US.ISO8859-1/articles/committers-guide X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jun 2014 13:20:27 -0000 Author: wblock Date: Tue Jun 24 13:20:27 2014 New Revision: 45109 URL: http://svnweb.freebsd.org/changeset/doc/45109 Log: Clarify and organize the steps for new committers. Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/committers-guide/article.xml Tue Jun 24 11:24:19 2014 (r45108) +++ head/en_US.ISO8859-1/articles/committers-guide/article.xml Tue Jun 24 13:20:27 2014 (r45109) @@ -205,10 +205,17 @@ Creating a Key - If you do not yet have an OpenPGP key, - or your key does not meet &os; security requirements, here we + Existing keys can be used, but should be checked with + doc/head/share/pgpkeys/checkkey.sh + first. + + For those who do not yet have an OpenPGP key, + or need a new key to meet &os; security requirements, here we show how to generate one. + + + Install security/gnupg. Enter these lines in ~/.gnupg/gpg.conf to set @@ -223,7 +230,9 @@ verify-options show-uid-validity list-options show-uid-validity sig-notation issuer-fpr@notations.openpgp.fifthhorseman.net=%g cert-digest-algo SHA512 + + Generate a key: &prompt.user; gpg --gen-key @@ -294,6 +303,8 @@ You need a Passphrase to protect your se xlink:href="http://www.iusmentis.com/security/passphrasefaq/">, , . + + Protect your private key and passphrase. If either the private key or passphrase may have been compromised or @@ -301,7 +312,7 @@ You need a Passphrase to protect your se accounts@FreeBSD.org and revoke the key. Committing the new key is shown in - . + .     @@ -312,12 +323,12 @@ You need a Passphrase to protect your se password. In the &os; cluster, LDAP is proxying to Kerberos, so this also serves as the LDAP web password.     - To reset your Kerberos password in the &os; cluster using a + To reset a Kerberos password in the &os; cluster using a random password generator: &prompt.user; ssh kpasswd.freebsd.org - Alternatively, you can set your Kerberos password manually + A Kerberos password can also be set manually by logging into freefall.FreeBSD.org and running: @@ -1531,11 +1542,11 @@ $target - head/$source:$P,$Q,$R     Practical Example As a practical example, consider the following - scenario: The changes to netmap.4 - in r238987 is to be merged from CURRENT to 9-STABLE. + scenario. The changes to netmap.4 + in r238987 are to be merged from CURRENT to 9-STABLE. The file resides in - head/share/man/man4 and according - to this is + head/share/man/man4. According + to , this is also where to do the merge. Note that in this example all paths are relative to the top of the svn repository. For more information on the directory layout, see - Conventions and Traditions + Setup, Conventions, and Traditions There are a number of things to do as a new developer. - The first set is specific to committers only. (If - you are not a committer, e.g., have GNATS-only access, then your - mentor must do these things.) + The first set of steps is specific to committers only. These + steps must be done by a mentor for those who are not + committers. - Guidelines for Committers + For New Committers - - The .ent - and .xml files listed below exist in the - &os; Documentation Project SVN repository at svn.FreeBSD.org/doc/. - - - If you have been given commit rights to one or more of the - repositories: - - - Steps for New Committers + Those who have been given commit rights to the &os; + repositories must follow these steps. + - Add your author entity to - head/share/xml/authors.ent; this - should be done first since an omission of this commit will - cause the next commits to break the doc/ build. - - This is a relatively easy task, but remains a good - first test of your version control skills. - - - New files that do not have the - FreeBSD=%H - svn:keywords property will be - rejected when attempting to commit them to the - repository. Be sure to read - - regarding adding and removing files, in addition to - verifying that ~/.subversion/config - contains the necessary "auto-props" entries - from auto-props.txt mentioned - there. - - - - Do not forget to get mentor approval for these - patches! - + Get mentor approval before committing each of these + changes! - Add yourself to the Developers section - of the Contributors - List - (head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml) - and remove yourself from the - Additional Contributors section - (head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml). - Please note that entries are sorted by last name. + The .ent and + .xml files mentioned below exist in the + &os; Documentation Project SVN repository at svn.FreeBSD.org/doc/. - Add an entry for yourself to - head/share/xml/news.xml. Look for - the other entries that look like - A new committer and follow the - format. + New files that do not have the + FreeBSD=%H + svn:keywords property will be rejected + when attempting to commit them to the repository. Be sure + to read + + regarding adding and removing files. + Verify that ~/.subversion/config + contains the necessary auto-props entries from + auto-props.txt mentioned + there. - Add your PGP or GnuPG key to - head/share/pgpkeys. See - if you do not yet have a key. Do not forget to - commit the updated - head/share/pgpkeys/pgpkeys.ent and - head/share/pgpkeys/pgpkeys-developers.xml. - Please note that entries are sorted by last name. + All src commits should go to + &os.current; first before being merged to &os.stable;. + The &os.stable; branch must maintain ABI + and API compatibility with earlier + versions of that branch. Do not merge changes that break + this compatibility. + + + + + Steps for New Committers + + + Add an Author Entity + + head/share/xml/authors.ent — + Add an author entity. Later steps depend + on this entity, and missing this step will + cause the + doc/ build to fail. This is a relatively easy task, but remains a good + first test of version control skills. + + + + Update the List of Developers and Contributors + + head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml — + Add an entry to the Developers section + of the Contributors + List. Entries are sorted by last name. + head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml — + Remove the entry from the + Additional Contributors section. + Entries are sorted by last name. + + + + Add a News Item + doc/head/share/xml/news.xml — + Add an entry. Look for + the other entries that announce + new committers and follow the + format. Use the date from the commit bit approval email from core@FreeBSD.org. + + + + Add a <acronym>PGP</acronym> Key + doc/head/share/pgpkeys/pgpkeys.ent and + doc/head/share/pgpkeys/pgpkeys-developers.xml - + Add your PGP or GnuPG key. + Those who do not yet have a key should see . &a.des.email; has written a shell script (head/share/pgpkeys/addkey.sh) to - make this extremely simple. See the README file for more information. + Use + doc/head/share/pgpkeys/checkkey.sh to + verify that keys meet minimal best-practices + standards. + + After adding and checking a key, add both updated files to source control and then commit them. + Entries in this file are sorted by last name. + - It is important to have an up-to-date PGP/GnuPG key + It is very important to have a current PGP/GnuPG key in the repository. The key may be required for - positive identification of a committer, for example, by the - &a.admins; for account recovery. A complete keyring of + positive identification of a committer. For example, the + &a.admins; might need it for account recovery. A complete keyring of FreeBSD.org users is available for download from http://www.FreeBSD.org/doc/pgpkeyring.txt. - + - - Add an entry for yourself to the current committers - section of - head/share/misc/committers-repository.dot, + + Update Mentor and Mentee Information + + head/share/misc/committers-repository.dot — + Add an entry to the current committers + section, where repository is doc, ports, or src, depending on - the commit privileges granted. Also add an entry for - each of your mentor/mentee relationships in the + the commit privileges granted. + + Add an entry for the + each additonal mentor/mentee relationship in the bottom section. - + - - Some people add an entry for themselves to - ports/astro/xearth/files/freebsd.committers.markers. - + + Generate a <application>Kerberos</application> + Password + + See to generate or + set a Kerberos for use with + other &os; services like the bug tracking + database. + + + + Optional: Enable Wiki Account + + &os; Wiki Account — + A wiki account allows sharing projects and ideas. Those + who do not yet have an account can contact + clusteradm@FreeBSD.org to obtain + one. + - - Some people add an entry for themselves to - src/usr.bin/calendar/calendars/calendar.freebsd. - + + Optional: Update Wiki Information - - If you already have an account at the - &os; - wiki, make sure your mentor moves you from the - Contributors - group to the Developers - group. Otherwise, consider signing up for an - account so you can publish projects and ideas you are - working on. - - - - Once you get access to the wiki, you may add yourself + Wiki Information - + After gaining access to the wiki, some people add entries to the How We Got Here, @@ -2316,42 +2352,43 @@ ControlPersist yes Nicks, and Dogs of FreeBSD pages. - - - - If you subscribe to &a.svn-src-all.name;, - &a.svn-ports-all.name; or &a.svn-doc-all.name;, you will - probably want to unsubscribe to avoid receiving duplicate - copies of commit messages and their followups. - - + - - All src commits should go to - &os.current; first before being merged to &os.stable;. No - major new features or high-risk modifications should be made - to the &os.stable; branch. - + + Optional: Update Ports with Personal Information + ports/astro/xearth/files/freebsd.committers.markers and + src/usr.bin/calendar/calendars/calendar.freebsd - + Some people add entries for themselves to these + files to show where they are located or the date of their birthday. + + + + Optional: Prevent Duplicate Mailings + + Subscribers to &a.svn-src-all.name;, + &a.svn-ports-all.name; or &a.svn-doc-all.name; might wish to + unsubscribe to avoid receiving duplicate + copies of commit messages and followups. + + - Guidelines for Everyone - - Whether or not you have commit rights: + For Everyone - - + + Introduce yourself to the other developers, otherwise no one will have any idea who you are or what you are - working on. You do not have to write a comprehensive - biography, just write a paragraph or two about who you are - and what you plan to be working on as a developer in - &os;. (You should also mention who your mentor will - be). Email this to the &a.developers; and you will be on + working on. The introduction need not be a comprehensive + biography, just write a paragraph or two about who you are, + what you plan to be working on as a developer in + &os;, and who will be your mentor. + Email this to the &a.developers; and you will be on your way! - + - + Log into hub.FreeBSD.org and create a /var/forward/user @@ -2379,13 +2416,13 @@ ControlPersist yes directory on freefall.FreeBSD.org to disable the checks for your email. - - + + - If you are a developer but not a committer, you will + Those who are developers but not committers will not be subscribed to the committers or developers mailing - lists; the subscriptions are derived from the access + lists. The subscriptions are derived from the access rights. @@ -2393,20 +2430,22 @@ ControlPersist yes Mentors - All new developers also have a mentor assigned to them for - the first few months. Your mentor is responsible for teaching - you the rules and conventions of the project and guiding your - first steps in the developer community. Your mentor is also - personally responsible for your actions during this initial + All new developers have a mentor assigned to them for + the first few months. A mentor is responsible for teaching + the mentee the rules and conventions of the project and guiding their + first steps in the developer community. The mentor is also + personally responsible for the mentee's actions during this initial period. - For committers: until your mentor decides (and announces - with a commit to mentors) that you - have learned the ropes and are ready to commit on your own, - you should not commit anything without first getting your - mentor's review and approval, and you should document that + For committers: do not commit anything without first + getting mentor approval. Document that approval with an Approved by: line in the commit message. + + When the mentor decides that a mentee has learned the + ropes and is ready to commit on their own, the mentor + announces it + with a commit to mentors. @@ -2434,7 +2473,7 @@ ControlPersist yes The problem report (if any) which is affected (typically, by being closed) by this commit. Only include one PR per line as the automated scripts which - parse this line can not understand more than + parse this line cannot understand more than one. @@ -3475,9 +3514,9 @@ Relnotes: yes cases where the dispute involves a change to the codebase and the participants do not appear to be reaching an amicable agreement, core may appoint a mutually-agreeable - 3rd party to resolve the dispute. All parties involved + third party to resolve the dispute. All parties involved must then agree to be bound by the decision reached by - this 3rd party. + this third party. From owner-svn-doc-all@FreeBSD.ORG Tue Jun 24 13:35:29 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E26D27EE; Tue, 24 Jun 2014 13:35:28 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C27B92A48; Tue, 24 Jun 2014 13:35:28 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5ODZSwC024187; Tue, 24 Jun 2014 13:35:28 GMT (envelope-from antoine@svn.freebsd.org) Received: (from antoine@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5ODZS7d024185; Tue, 24 Jun 2014 13:35:28 GMT (envelope-from antoine@svn.freebsd.org) Message-Id: <201406241335.s5ODZS7d024185@svn.freebsd.org> From: Antoine Brodin Date: Tue, 24 Jun 2014 13:35:28 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45110 - in head/en_US.ISO8859-1/books/porters-handbook: porting-dads quick-porting X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jun 2014 13:35:29 -0000 Author: antoine (src,ports committer) Date: Tue Jun 24 13:35:28 2014 New Revision: 45110 URL: http://svnweb.freebsd.org/changeset/doc/45110 Log: - IGNOREFILES is no longer supported by the ports tree - Ports that have runtime issues on systems where they are supposed to run should be marked BROKEN not IGNORE - Ports have to install into ${PREFIX} not ${LOCALBASE} Phabric: D280 Reviewed by: rene, mat, gjb Approved by: rene Modified: head/en_US.ISO8859-1/books/porters-handbook/porting-dads/chapter.xml head/en_US.ISO8859-1/books/porters-handbook/quick-porting/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/porting-dads/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/porting-dads/chapter.xml Tue Jun 24 13:20:27 2014 (r45109) +++ head/en_US.ISO8859-1/books/porters-handbook/porting-dads/chapter.xml Tue Jun 24 13:35:28 2014 (r45110) @@ -386,7 +386,7 @@ exec %%LOCALBASE%%/bin/java -jar %%DATAD BROKEN is reserved for ports that - currently do not compile, install, or deinstall correctly. + currently do not compile, install, deinstall, or run correctly. It should be used for ports where the problem is believed to be temporary. @@ -410,7 +410,7 @@ exec %%LOCALBASE%%/bin/java -jar %%DATAD installs files outside of - ${LOCALBASE} + ${PREFIX} @@ -419,6 +419,11 @@ exec %%LOCALBASE%%/bin/java -jar %%DATAD desirable, for the port to leave user-modified files behind) + + + has runtime issues on systems where it is + supposed to run fine. + @@ -452,10 +457,6 @@ exec %%LOCALBASE%%/bin/java -jar %%DATAD - compiles but does not run properly - - - does not work on the installed version of &os; Modified: head/en_US.ISO8859-1/books/porters-handbook/quick-porting/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/quick-porting/chapter.xml Tue Jun 24 13:20:27 2014 (r45109) +++ head/en_US.ISO8859-1/books/porters-handbook/quick-porting/chapter.xml Tue Jun 24 13:35:28 2014 (r45110) @@ -229,14 +229,6 @@ PLIST_DIRS= lib/X11/onekoJust type make makesum. The ports make rules will automatically generate the file distinfo. - - If a file fetched has its checksum changed regularly and - you are certain the source is trusted (i.e., it comes from - manufacturer CDs or documentation generated daily), you should - specify these files in the IGNOREFILES - variable. Then the checksum is not calculated for that file - when you run make makesum, but set to - IGNORE. From owner-svn-doc-all@FreeBSD.ORG Tue Jun 24 13:38:27 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 826C690F; Tue, 24 Jun 2014 13:38:27 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 62CF22AB0; Tue, 24 Jun 2014 13:38:27 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5ODcRNt024605; Tue, 24 Jun 2014 13:38:27 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5ODcRiB024604; Tue, 24 Jun 2014 13:38:27 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406241338.s5ODcRiB024604@svn.freebsd.org> From: Warren Block Date: Tue, 24 Jun 2014 13:38:27 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45111 - head/en_US.ISO8859-1/articles/committers-guide X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jun 2014 13:38:27 -0000 Author: wblock Date: Tue Jun 24 13:38:27 2014 New Revision: 45111 URL: http://svnweb.freebsd.org/changeset/doc/45111 Log: Whitespace-only fixes, translators please ignore. Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/committers-guide/article.xml Tue Jun 24 13:35:28 2014 (r45110) +++ head/en_US.ISO8859-1/articles/committers-guide/article.xml Tue Jun 24 13:38:27 2014 (r45111) @@ -209,19 +209,20 @@ doc/head/share/pgpkeys/checkkey.sh first. - For those who do not yet have an OpenPGP key, - or need a new key to meet &os; security requirements, here we - show how to generate one. + For those who do not yet have an + OpenPGP key, or need a new key to meet &os; + security requirements, here we show how to generate + one. - Install - security/gnupg. Enter - these lines in ~/.gnupg/gpg.conf to set - minimum acceptable defaults: + Install + security/gnupg. Enter + these lines in ~/.gnupg/gpg.conf to + set minimum acceptable defaults: - fixed-list-mode + fixed-list-mode keyid-format 0xlong personal-digest-preferences SHA512 SHA384 SHA256 SHA224 default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 BZIP2 ZLIB ZIP Uncompressed @@ -233,9 +234,9 @@ cert-digest-algo SHA512 - Generate a key: + Generate a key: - &prompt.user; gpg --gen-key + &prompt.user; gpg --gen-key gpg (GnuPG) 2.0.22; Copyright (C) 2013 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. @@ -271,38 +272,39 @@ You selected this USER-ID: Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o You need a Passphrase to protect your secret key. - - - 2048-bit keys with a three-year expiration provide - adequate protection at present (2013-12). - describes the situation in more detail. - - - - A three year key lifespan is short enough to obsolete - keys weakened by advancing computer power, but long enough - to reduce key management problems. - - - - Use your real name here, preferably matching that - shown on government-issued ID to make - it easier for others to verify your identity. Text that - may help others identify you can be entered in the - Comment section. - - - - After the email address is entered, a passphrase is - requested. Methods of creating a secure passphrase are - contentious. Rather than suggest a single way, here are some - links to sites that describe various methods: , - , - , . + + + 2048-bit keys with a three-year expiration provide + adequate protection at present (2013-12). + describes the situation in more detail. + + + + A three year key lifespan is short enough to + obsolete keys weakened by advancing computer power, + but long enough to reduce key management + problems. + + + + Use your real name here, preferably matching that + shown on government-issued ID to + make it easier for others to verify your identity. + Text that may help others identify you can be entered + in the Comment section. + + + + After the email address is entered, a passphrase is + requested. Methods of creating a secure passphrase are + contentious. Rather than suggest a single way, here are + some links to sites that describe various methods: , + , + , + . @@ -2207,8 +2209,8 @@ ControlPersist yes The .ent and - .xml files mentioned below exist in the - &os; Documentation Project SVN repository at .xml files mentioned below exist in + the &os; Documentation Project SVN repository at svn.FreeBSD.org/doc/. @@ -2219,20 +2221,20 @@ ControlPersist yes when attempting to commit them to the repository. Be sure to read - regarding adding and removing files. - Verify that ~/.subversion/config - contains the necessary auto-props entries from + regarding adding and removing files. Verify that + ~/.subversion/config contains the + necessary auto-props entries from auto-props.txt mentioned there. - All src commits should go to - &os.current; first before being merged to &os.stable;. - The &os.stable; branch must maintain ABI - and API compatibility with earlier - versions of that branch. Do not merge changes that break - this compatibility. + All src commits should go to + &os.current; first before being merged to &os.stable;. + The &os.stable; branch must maintain + ABI and API + compatibility with earlier versions of that branch. Do + not merge changes that break this compatibility. @@ -2242,43 +2244,50 @@ ControlPersist yes Add an Author Entity - head/share/xml/authors.ent — - Add an author entity. Later steps depend - on this entity, and missing this step will - cause the - doc/ build to fail. This is a relatively easy task, but remains a good - first test of version control skills. + head/share/xml/authors.ent + — Add an author entity. Later steps depend on this + entity, and missing this step will cause the + doc/ build to fail. This is a + relatively easy task, but remains a good first test of + version control skills. - Update the List of Developers and Contributors + Update the List of Developers and + Contributors - head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml — + head/en_US.ISO8859-1/articles/contributors/contrib.committers.xml + — Add an entry to the Developers section of the Contributors List. Entries are sorted by last name. - head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml — - Remove the entry from the - Additional Contributors section. - Entries are sorted by last name. + + head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml + — Remove the entry from the + Additional Contributors section. Entries + are sorted by last name. Add a News Item - doc/head/share/xml/news.xml — - Add an entry. Look for - the other entries that announce - new committers and follow the - format. Use the date from the commit bit approval email from core@FreeBSD.org. + + doc/head/share/xml/news.xml + — Add an entry. Look for the other entries that + announce new committers and follow the format. Use the + date from the commit bit approval email from + core@FreeBSD.org. Add a <acronym>PGP</acronym> Key - doc/head/share/pgpkeys/pgpkeys.ent and - doc/head/share/pgpkeys/pgpkeys-developers.xml - - Add your PGP or GnuPG key. - Those who do not yet have a key should see . + + doc/head/share/pgpkeys/pgpkeys.ent + and + doc/head/share/pgpkeys/pgpkeys-developers.xml + - Add your PGP or + GnuPG key. Those who do not yet have a + key should see . &a.des.email; has written a shell script (head/share/pgpkeys/addkey.sh) to @@ -2291,15 +2300,17 @@ ControlPersist yes verify that keys meet minimal best-practices standards. - After adding and checking a key, add both updated files to source control and then commit them. - Entries in this file are sorted by last name. + After adding and checking a key, add both updated + files to source control and then commit them. Entries in + this file are sorted by last name. - It is very important to have a current PGP/GnuPG key - in the repository. The key may be required for - positive identification of a committer. For example, the - &a.admins; might need it for account recovery. A complete keyring of - It is very important to have a current + PGP/GnuPG key in + the repository. The key may be required for positive + identification of a committer. For example, the + &a.admins; might need it for account recovery. A + complete keyring of FreeBSD.org users is available for download from http://www.FreeBSD.org/doc/pgpkeyring.txt. @@ -2309,43 +2320,41 @@ ControlPersist yes Update Mentor and Mentee Information - head/share/misc/committers-repository.dot — - Add an entry to the current committers - section, - where repository is doc, ports, or src, depending on - the commit privileges granted. - - Add an entry for the - each additonal mentor/mentee relationship in the - bottom section. + head/share/misc/committers-repository.dot + — Add an entry to the current committers section, + where repository is + doc, ports, or + src, depending on the commit privileges + granted. + + Add an entry for the each additonal mentor/mentee + relationship in the bottom section. Generate a <application>Kerberos</application> Password - See to generate or - set a Kerberos for use with - other &os; services like the bug tracking - database. + See to generate or + set a Kerberos for use with + other &os; services like the bug tracking database. Optional: Enable Wiki Account - &os; Wiki Account — - A wiki account allows sharing projects and ideas. Those - who do not yet have an account can contact - clusteradm@FreeBSD.org to obtain - one. + &os; + Wiki Account — A wiki account allows + sharing projects and ideas. Those who do not yet have an + account can contact clusteradm@FreeBSD.org + to obtain one. Optional: Update Wiki Information - Wiki Information - - After gaining access to the wiki, some people add entries - to the Wiki Information - After gaining access to the wiki, + some people add entries to the How We Got Here, Irc @@ -2355,20 +2364,24 @@ ControlPersist yes - Optional: Update Ports with Personal Information - ports/astro/xearth/files/freebsd.committers.markers and - src/usr.bin/calendar/calendars/calendar.freebsd - - Some people add entries for themselves to these - files to show where they are located or the date of their birthday. + Optional: Update Ports with Personal + Information + + ports/astro/xearth/files/freebsd.committers.markers + and + src/usr.bin/calendar/calendars/calendar.freebsd + - Some people add entries for themselves to these files to + show where they are located or the date of their + birthday. Optional: Prevent Duplicate Mailings Subscribers to &a.svn-src-all.name;, - &a.svn-ports-all.name; or &a.svn-doc-all.name; might wish to - unsubscribe to avoid receiving duplicate - copies of commit messages and followups. + &a.svn-ports-all.name; or &a.svn-doc-all.name; might wish + to unsubscribe to avoid receiving duplicate copies of + commit messages and followups. @@ -2381,11 +2394,10 @@ ControlPersist yes Introduce yourself to the other developers, otherwise no one will have any idea who you are or what you are working on. The introduction need not be a comprehensive - biography, just write a paragraph or two about who you are, - what you plan to be working on as a developer in - &os;, and who will be your mentor. - Email this to the &a.developers; and you will be on - your way! + biography, just write a paragraph or two about who you + are, what you plan to be working on as a developer in + &os;, and who will be your mentor. Email this to the + &a.developers; and you will be on your way! @@ -2432,20 +2444,20 @@ ControlPersist yes All new developers have a mentor assigned to them for the first few months. A mentor is responsible for teaching - the mentee the rules and conventions of the project and guiding their - first steps in the developer community. The mentor is also - personally responsible for the mentee's actions during this initial - period. + the mentee the rules and conventions of the project and + guiding their first steps in the developer community. The + mentor is also personally responsible for the mentee's actions + during this initial period. For committers: do not commit anything without first - getting mentor approval. Document that - approval with an Approved by: line in the - commit message. + getting mentor approval. Document that approval with an + Approved by: line in the commit + message. When the mentor decides that a mentee has learned the ropes and is ready to commit on their own, the mentor - announces it - with a commit to mentors. + announces it with a commit to + mentors. @@ -2724,7 +2736,8 @@ Relnotes: yes - Keeping Track of Licenses Granted to the &os; Project + Keeping Track of Licenses Granted to the &os; + Project Various software or data exist in the repositories where the &os; project has been granted a special licence to be able @@ -2738,8 +2751,8 @@ Relnotes: yes license grants. To that end, the &a.core; has decided to keep an archive of them. Whenever the &os; project is granted a special license we require the &a.core; to be notified. Any - developers involved in arranging such a license grant, please send - details to the &a.core; including: + developers involved in arranging such a license grant, please + send details to the &a.core; including: @@ -2755,8 +2768,8 @@ Relnotes: yes The date the license comes into effect from. Unless - otherwise agreed, this will be the date the license was issued - by the authors of the software in question. + otherwise agreed, this will be the date the license was + issued by the authors of the software in question. @@ -2764,8 +2777,8 @@ Relnotes: yes - A note of any restrictions, limitations or exceptions that - apply specifically to &os;'s usage of the licensed + A note of any restrictions, limitations or exceptions + that apply specifically to &os;'s usage of the licensed material. @@ -2774,11 +2787,11 @@ Relnotes: yes - Once the &a.core; is satisfied that all the necessary details - have been gathered and are correct, the secretary will send a - PGP-signed acknowledgement of receipt including the license - details. This receipt will be persistently archived and serve - as our permanent record of the license grant. + Once the &a.core; is satisfied that all the necessary + details have been gathered and are correct, the secretary will + send a PGP-signed acknowledgement of receipt including the + license details. This receipt will be persistently archived and + serve as our permanent record of the license grant. The license archive should contain only details of license grants; this is not the place for any discussions around From owner-svn-doc-all@FreeBSD.ORG Tue Jun 24 13:52:02 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1C614FE7; Tue, 24 Jun 2014 13:52:02 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0849D2C3C; Tue, 24 Jun 2014 13:52:02 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5ODq1RP033187; Tue, 24 Jun 2014 13:52:01 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5ODq1c4033186; Tue, 24 Jun 2014 13:52:01 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406241352.s5ODq1c4033186@svn.freebsd.org> From: Warren Block Date: Tue, 24 Jun 2014 13:52:01 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45112 - head/en_US.ISO8859-1/articles/committers-guide X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jun 2014 13:52:02 -0000 Author: wblock Date: Tue Jun 24 13:52:01 2014 New Revision: 45112 URL: http://svnweb.freebsd.org/changeset/doc/45112 Log: Spelling, bad phrase, and missing link corrections. Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml Modified: head/en_US.ISO8859-1/articles/committers-guide/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/committers-guide/article.xml Tue Jun 24 13:38:27 2014 (r45111) +++ head/en_US.ISO8859-1/articles/committers-guide/article.xml Tue Jun 24 13:52:01 2014 (r45112) @@ -304,7 +304,7 @@ You need a Passphrase to protect your se , , - . + . @@ -2327,7 +2327,7 @@ ControlPersist yes src, depending on the commit privileges granted. - Add an entry for the each additonal mentor/mentee + Add an entry for each additional mentor/mentee relationship in the bottom section. From owner-svn-doc-all@FreeBSD.ORG Tue Jun 24 14:18:21 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 486336F0; Tue, 24 Jun 2014 14:18:21 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 335912E79; Tue, 24 Jun 2014 14:18:21 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5OEIL1h043723; Tue, 24 Jun 2014 14:18:21 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5OEILQ9043722; Tue, 24 Jun 2014 14:18:21 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406241418.s5OEILQ9043722@svn.freebsd.org> From: Warren Block Date: Tue, 24 Jun 2014 14:18:21 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45113 - head/en_US.ISO8859-1/books/porters-handbook/quick-porting X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jun 2014 14:18:21 -0000 Author: wblock Date: Tue Jun 24 14:18:20 2014 New Revision: 45113 URL: http://svnweb.freebsd.org/changeset/doc/45113 Log: Clarify language in quick-porting chapter. Remove "you" and "your" where possible. Modified: head/en_US.ISO8859-1/books/porters-handbook/quick-porting/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/quick-porting/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/quick-porting/chapter.xml Tue Jun 24 13:52:01 2014 (r45112) +++ head/en_US.ISO8859-1/books/porters-handbook/quick-porting/chapter.xml Tue Jun 24 14:18:20 2014 (r45113) @@ -10,20 +10,20 @@ Quick Porting - This section tells you how to quickly create a new port. In - many cases, it is not sufficient, so you will have to read - further on into the document. + This section describes how to quickly create a new port. For + applications where this quick method is not adequate, the full + Slow Porting process is described in + . First, get the original tarball and put it into DISTDIR, which defaults to /usr/ports/distfiles. - The following assumes that the software compiled - out-of-the-box, i.e., there was absolutely no change required - for the port to work on your &os; box. If you needed to - change something, you will have to refer to the next section - too. + The following steps assume that the software compiled + out-of-the-box. In other words, absolutely no changes were required + for the application to work on a &os; system. If anything had to be + changed, refer to . @@ -64,12 +64,12 @@ COMMENT= Cat chasing a mouse all over th is being phased out. - See if you can figure it out. Do not worry about the + Try to figure it out. Do not worry about the contents of the $FreeBSD$ line, it will be filled in automatically by Subversion when the port is - imported to our main ports tree. You can find a more detailed - example in the + imported to our main ports tree. A more detailed + example is shown in the sample Makefile section. @@ -94,7 +94,7 @@ COMMENT= Cat chasing a mouse all over th This is not a manual or an in-depth description on how to use or compile the port! - Please be careful if you are copying from the + Please be careful when copying from the README or manpage; too often they are not a concise description of the port or are in an awkward format (e.g., manpages have justified @@ -124,7 +124,7 @@ COMMENT= Cat chasing a mouse all over th moved, was renamed, or is hosted elsewhere. - The following example shows how your + The following example shows how the pkg-descr should look: This is a port of oneko, in which a cat chases a poor mouse all over @@ -161,9 +161,9 @@ lib/X11/oneko/mouse.xpm on the packing list. - It is recommended that you keep all the filenames in + It is recommended to keep all the filenames in this file sorted alphabetically. It will make verifying - the changes when you upgrade the port much easier. + changes when upgrading the port much easier. @@ -207,13 +207,13 @@ PLIST_DIRS= lib/X11/oneko. - The price for this way of listing port's files and - directories is that you cannot use command sequences - described in &man.pkg-create.8;. Therefore, it is suitable + The price for this way of listing a port's files and + directories is that then command sequences + described in &man.pkg-create.8; cannot be used. Therefore, it is suitable only for simple ports and makes them even simpler. At the same time, it has the advantage of reducing the number of files in the ports collection. Please consider using this - technique before you resort to + technique before resorting to pkg-plist. Later we will see how pkg-plist @@ -234,9 +234,9 @@ PLIST_DIRS= lib/X11/oneko Testing the Port - You should make sure that the port rules do exactly what - you want them to do, including packaging up the port. These - are the important points you need to verify. + Make sure that the port rules do exactly what + is desired, including packaging up the port. These + are the important points to verify: @@ -315,14 +315,14 @@ PLIST_DIRS= lib/X11/oneko - Checking Your Port with + <title>Checking the Port with <command>portlint</command> - Please use portlint to see if your port + Please use portlint to see if the port conforms to our guidelines. The ports-mgmt/portlint - program is part of the ports collection. In particular, you - may want to check if the + program is part of the ports collection. In particular, + check that the Makefile is in the right shape and the package is named @@ -336,7 +336,7 @@ PLIST_DIRS= lib/X11/onekoDOs and DON'Ts section. - Once happy with your port, the only thing remaining is to + Once happy with the port, the only thing remaining is to put it in the main &os; ports tree and make everybody else happy about it too. We do not need the work directory or the @@ -375,7 +375,7 @@ PLIST_DIRS= lib/X11/onekoOne more time, do not include the original source distfile, the work directory, or - the package you built with + the package built with make package; and, do use &man.shar.1; for new ports, not &man.diff.1;. From owner-svn-doc-all@FreeBSD.ORG Tue Jun 24 15:45:25 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1D1804B9; Tue, 24 Jun 2014 15:45:25 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 09BCC288E; Tue, 24 Jun 2014 15:45:25 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5OFjOPp086524; Tue, 24 Jun 2014 15:45:24 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5OFjOZ1086523; Tue, 24 Jun 2014 15:45:24 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406241545.s5OFjOZ1086523@svn.freebsd.org> From: Warren Block Date: Tue, 24 Jun 2014 15:45:24 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45114 - head/en_US.ISO8859-1/books/fdp-primer/docbook-markup X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jun 2014 15:45:25 -0000 Author: wblock Date: Tue Jun 24 15:45:24 2014 New Revision: 45114 URL: http://svnweb.freebsd.org/changeset/doc/45114 Log: Point out that procedure steps are allowed to have title elements. Modified: head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Tue Jun 24 14:18:20 2014 (r45113) +++ head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Tue Jun 24 15:45:24 2014 (r45114) @@ -961,7 +961,7 @@ steps, which may in turn consist of more steps or substeps. Each step - contains block elements. + contains block elements and may include an optional title. <tag>procedure</tag> From owner-svn-doc-all@FreeBSD.ORG Tue Jun 24 15:50:49 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2CE905A8; Tue, 24 Jun 2014 15:50:49 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 194812950; Tue, 24 Jun 2014 15:50:49 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5OFomEV087901; Tue, 24 Jun 2014 15:50:48 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5OFomXS087900; Tue, 24 Jun 2014 15:50:48 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406241550.s5OFomXS087900@svn.freebsd.org> From: Warren Block Date: Tue, 24 Jun 2014 15:50:48 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45115 - head/en_US.ISO8859-1/books/fdp-primer/xml-primer X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jun 2014 15:50:49 -0000 Author: wblock Date: Tue Jun 24 15:50:48 2014 New Revision: 45115 URL: http://svnweb.freebsd.org/changeset/doc/45115 Log: Remove obsolete DocBook SGML setup instructions. Modified: head/en_US.ISO8859-1/books/fdp-primer/xml-primer/chapter.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/xml-primer/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/xml-primer/chapter.xml Tue Jun 24 15:45:24 2014 (r45114) +++ head/en_US.ISO8859-1/books/fdp-primer/xml-primer/chapter.xml Tue Jun 24 15:50:48 2014 (r45115) @@ -360,59 +360,15 @@ To Do… - Before running the examples in this document, - application software must be installed and the catalog - environment variable configured. - - - - Install + Before running the examples in this document, install textproc/docproj from the &os; Ports Collection. This is a meta-port that downloads and installs the standard programs and supporting files needed by the - Documentation Project. - - - - Add lines to the shell startup files to set - SGML_CATALOG_FILES. When working on - non-English versions of the documentation, replace - en_US.ISO8859-1 with the - appropriate directory for the target language. - - - <filename>.profile</filename>, for &man.sh.1; and - &man.bash.1; Users - - SGML_ROOT=/usr/local/share/xml -SGML_CATALOG_FILES=${SGML_ROOT}/jade/catalog -SGML_CATALOG_FILES=${SGML_ROOT}/docbook/4.1/catalog:$SGML_CATALOG_FILES -SGML_CATALOG_FILES=${SGML_ROOT}/html/catalog:$SGML_CATALOG_FILES -SGML_CATALOG_FILES=${SGML_ROOT}/iso8879/catalog:$SGML_CATALOG_FILES -SGML_CATALOG_FILES=/usr/doc/share/xml/catalog:$SGML_CATALOG_FILES -SGML_CATALOG_FILES=/usr/doc/en_US.ISO8859-1/share/xml/catalog:$SGML_CATALOG_FILES -export SGML_CATALOG_FILES - - - - <filename>.cshrc</filename>, for &man.csh.1; and - &man.tcsh.1; Users - - setenv SGML_ROOT /usr/local/share/xml -setenv SGML_CATALOG_FILES ${SGML_ROOT}/jade/catalog -setenv SGML_CATALOG_FILES ${SGML_ROOT}/docbook/4.1/catalog:$SGML_CATALOG_FILES -setenv SGML_CATALOG_FILES ${SGML_ROOT}/html/catalog:$SGML_CATALOG_FILES -setenv SGML_CATALOG_FILES ${SGML_ROOT}/iso8879/catalog:$SGML_CATALOG_FILES -setenv SGML_CATALOG_FILES /usr/doc/share/xml/catalog:$SGML_CATALOG_FILES -setenv SGML_CATALOG_FILES /usr/doc/en_US.ISO8859-1/share/xml/catalog:$SGML_CATALOG_FILES - - - After making these changes, either log out and log - back in again, or run the commands from the command line - to set the variable values. - - + Documentation Project. &man.csh.1; users must use + rehash for the shell to recognize new + programs after after they have been installed, or log out + and then log back in again. @@ -711,43 +667,6 @@ example.xml:5: element head: validity er DTDs that were installed as part of the textproc/docproj port. - - - <envar>SGML_CATALOG_FILES</envar> - - To locate a catalog, the - XML processor must know where to look. - Many feature command line parameters for specifying the path - to one or more catalogs. - - In addition, SGML_CATALOG_FILES can be - set to point to the files. This environment variable - consists of a colon-separated list of catalog files - (including their full path). - - Typically, the list includes these files: - - - - /usr/local/share/xml/docbook/4.1/catalog - - - - /usr/local/share/xml/html/catalog - - - - /usr/local/share/xml/iso8879/catalog - - - - /usr/local/share/xml/jade/catalog - - - - This was done - earlier. - From owner-svn-doc-all@FreeBSD.ORG Tue Jun 24 18:41:27 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 463D6E30; Tue, 24 Jun 2014 18:41:27 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 268172ADE; Tue, 24 Jun 2014 18:41:27 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5OIfRSh075226; Tue, 24 Jun 2014 18:41:27 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5OIfRCp075225; Tue, 24 Jun 2014 18:41:27 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406241841.s5OIfRCp075225@svn.freebsd.org> From: Warren Block Date: Tue, 24 Jun 2014 18:41:27 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45116 - head/en_US.ISO8859-1/books/handbook/geom X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jun 2014 18:41:27 -0000 Author: wblock Date: Tue Jun 24 18:41:26 2014 New Revision: 45116 URL: http://svnweb.freebsd.org/changeset/doc/45116 Log: Convert some elements in the gmirror section to man page references where the text is referring to the system rather than the command name. Convert some passive voice to active. Clarify. Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Tue Jun 24 15:50:48 2014 (r45115) +++ head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Tue Jun 24 18:41:26 2014 (r45116) @@ -263,7 +263,7 @@ Done. RAID1, or - mirroring, is the technique of writing + mirroring, is the technique of writing the same data to more than one disk drive. Mirrors are usually used to guard against data loss due to drive failure. Each drive in a mirror contains an identical copy of the data. When @@ -295,7 +295,7 @@ Done. - While dump is used in these procedures + While &man.dump.8; is used in these procedures to copy file systems, it does not work on file systems with soft updates journaling. See &man.tunefs.8; for information on detecting and disabling soft updates journaling. @@ -311,14 +311,14 @@ Done. old metadata from a previous mirror. GPT metadata can be erased with - gpart. This example erases both primary + &man.gpart.8;. This example erases both primary and backup GPT partition tables from disk ada8: &prompt.root; gpart destroy -F ada8 A disk can be removed from an active mirror and the - metadata erased in one step using gmirror. + metadata erased in one step using &man.gmirror.8;. Here, the example disk ada8 is removed from the active mirror gm4: @@ -330,15 +330,15 @@ Done. &prompt.root; gmirror clear ada8 - When gmirror is used, one block of - metadata is stored at the end of the disk. Because + &man.gmirror.8; stores one block of + metadata at the end of the disk. Because GPT partition schemes also store metadata at the end of the disk, mirroring entire - GPT disks with gmirror + GPT disks with &man.gmirror.8; is not recommended. MBR partitioning is used here because it only stores a partition table at the - start of the disk and does not conflict with - gmirror. + start of the disk and does not conflict with the + mirror metadata. @@ -361,14 +361,14 @@ Done. &prompt.root; gmirror label -v gm0 /dev/ada1 /dev/ada2 - In this example, gm0 is a user-chosen + gm0 is a user-chosen device name assigned to the new mirror. After the mirror has - been started, this device name will appear in + been started, this device name appears in /dev/mirror/. MBR and bsdlabel partition tables can now - be created on the mirror with gpart. This + be created on the mirror with &man.gpart.8;. This example uses a traditional file system layout, with partitions for /, swap, /var, /tmp, and /usr. A @@ -422,7 +422,7 @@ Done. File systems from the original ada0 disk can now be copied onto the mirror with - dump and restore. + &man.dump.8; and &man.restore.8;. &prompt.root; mount /dev/mirror/gm0s1a /mnt &prompt.root; dump -C16 -b64 -0aL -f - / | (cd /mnt && restore -rf -) @@ -433,7 +433,7 @@ Done. &prompt.root; dump -C16 -b64 -0aL -f - /tmp | (cd /mnt/tmp && restore -rf -) &prompt.root; dump -C16 -b64 -0aL -f - /usr | (cd /mnt/usr && restore -rf -) - Next, edit /mnt/etc/fstab to point to + Edit /mnt/etc/fstab to point to the new mirror file systems: # Device Mountpoint FStype Options Dump Pass# @@ -493,16 +493,16 @@ Done. 1000204821504 # mediasize in bytes (931G) Create a mirror on the new disk. To make certain that the - mirror capacity is not any larger than the original drive, - gnop is used to create a fake drive of the + mirror capacity is not any larger than the original ada0 drive, + &man.gnop.8; is used to create a fake drive of the exact same size. This drive does not store any data, but is used only to limit the size of the mirror. When - gmirror creates the mirror, it will + &man.gmirror.8; creates the mirror, it will restrict the capacity to the size of - gzero.nop, even if the new drive - (ada1) has more space. Note that the + gzero.nop, even if the new + ada1 drive has more space. Note that the 1000204821504 in the second line - should be equal to ada0's media size as + is equal to ada0's media size as shown by diskinfo above. &prompt.root; geom zero load @@ -524,7 +524,7 @@ Done. ada0 to the new mirror. However, if the output shows that all of the space on the - disk is allocated, like in the following listing, there is no + disk is allocated, as in the following listing, there is no space available for the 512-byte mirror metadata at the end of the disk. @@ -562,8 +562,8 @@ BSD 8 6 freebsd-ufs 130023424 838860800 7 freebsd-ufs 968884224 984640881 - If the output of gpart show shows no - free space at the end of the disk, the size of both the slice + If no + free space is shown at the end of the disk, the size of both the slice and the last partition must be reduced by one sector. Edit the two files, reducing the size of both the slice and last partition by one. These are the last numbers in each @@ -615,11 +615,11 @@ BSD 8 710934528 1242590514 7 freebsd-ufs (592G) 1953525042 63 - free - (31k) - Both the slice and the last partition should have some - free space at the end of each disk. + Both the slice and the last partition must have at least + one free block at the end of the disk. Create file systems on these new partitions. The number - of partitions will vary, matching the partitions on the + of partitions will vary to match the original disk, ada0. &prompt.root; newfs -U /dev/mirror/gm0s1a @@ -656,15 +656,15 @@ BSD 8 If the geom_mirror.ko kernel module has not been built into the kernel, edit - /boot/loader.conf to load it: + /boot/loader.conf to load it at boot: geom_mirror_load="YES" File systems from the original disk can now be copied onto - the mirror with dump and - restore. Note that it may take some time - to create a snapshot for each file system dumped with - dump -L. + the mirror with &man.dump.8; and + &man.restore.8;. + Each file system dumped with + dump -L will create a snapshot first, which can take some time. &prompt.root; mount /dev/mirror/gm0s1a /mnt &prompt.root; dump -C16 -b64 -0aL -f - / | (cd /mnt && restore -rf -) @@ -693,15 +693,15 @@ BSD 8 When ada0 is inserted into the - mirror, its former contents will be overwritten by data on + mirror, its former contents will be overwritten by data from the mirror. Make certain that mirror/gm0 has the same contents as ada0 before adding - ada0 to the mirror. If there is - something wrong with the contents copied by - dump and restore, + ada0 to the mirror. If the contents + previously copied by + &man.dump.8; and &man.restore.8; are not identical to what was on ada0, revert /etc/fstab to mount the file - systems on ada0, reboot, and try the + systems on ada0, reboot, and start the whole procedure again. @@ -725,7 +725,7 @@ mirror/gm0 DEGRADED ada1 (ACTIVE) mirror/gm0 COMPLETE ada1 (ACTIVE) ada0 (ACTIVE) - The mirror, mirror/gm0, now consists + mirror/gm0 now consists of the two disks ada0 and ada1, and the contents are automatically synchronized with each other. In use, @@ -826,7 +826,7 @@ mountroot> Any old metadata should be cleared from the replacement disk using the instructions in . Then the disk, + linkend="geom-mirror-metadata"/>. Then the replacement disk, ada4 for this example, is inserted into the mirror: From owner-svn-doc-all@FreeBSD.ORG Tue Jun 24 18:51:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8B574153; Tue, 24 Jun 2014 18:51:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 76A192BCE; Tue, 24 Jun 2014 18:51:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5OIpAOX082033; Tue, 24 Jun 2014 18:51:10 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5OIpARD082032; Tue, 24 Jun 2014 18:51:10 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406241851.s5OIpARD082032@svn.freebsd.org> From: Warren Block Date: Tue, 24 Jun 2014 18:51:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45117 - head/en_US.ISO8859-1/books/handbook/geom X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jun 2014 18:51:10 -0000 Author: wblock Date: Tue Jun 24 18:51:09 2014 New Revision: 45117 URL: http://svnweb.freebsd.org/changeset/doc/45117 Log: Whitespace-only fixes, translators please ignore. Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/geom/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Tue Jun 24 18:41:26 2014 (r45116) +++ head/en_US.ISO8859-1/books/handbook/geom/chapter.xml Tue Jun 24 18:51:09 2014 (r45117) @@ -311,16 +311,16 @@ Done. old metadata from a previous mirror. GPT metadata can be erased with - &man.gpart.8;. This example erases both primary - and backup GPT partition tables from disk + &man.gpart.8;. This example erases both primary and backup + GPT partition tables from disk ada8: &prompt.root; gpart destroy -F ada8 A disk can be removed from an active mirror and the - metadata erased in one step using &man.gmirror.8;. - Here, the example disk ada8 is removed - from the active mirror gm4: + metadata erased in one step using &man.gmirror.8;. Here, the + example disk ada8 is removed from the + active mirror gm4: &prompt.root; gmirror remove gm4 ada8 @@ -330,15 +330,13 @@ Done. &prompt.root; gmirror clear ada8 - &man.gmirror.8; stores one block of - metadata at the end of the disk. Because - GPT partition schemes also store metadata - at the end of the disk, mirroring entire - GPT disks with &man.gmirror.8; - is not recommended. MBR partitioning is - used here because it only stores a partition table at the - start of the disk and does not conflict with the - mirror metadata. + &man.gmirror.8; stores one block of metadata at the end of + the disk. Because GPT partition schemes + also store metadata at the end of the disk, mirroring entire + GPT disks with &man.gmirror.8; is not + recommended. MBR partitioning is used here + because it only stores a partition table at the start of the + disk and does not conflict with the mirror metadata. @@ -361,16 +359,16 @@ Done. &prompt.root; gmirror label -v gm0 /dev/ada1 /dev/ada2 - gm0 is a user-chosen - device name assigned to the new mirror. After the mirror has - been started, this device name appears in + gm0 is a user-chosen device name + assigned to the new mirror. After the mirror has been + started, this device name appears in /dev/mirror/. MBR and bsdlabel partition tables can now - be created on the mirror with &man.gpart.8;. This - example uses a traditional file system layout, with partitions - for /, swap, /var, + be created on the mirror with &man.gpart.8;. This example + uses a traditional file system layout, with partitions for + /, swap, /var, /tmp, and /usr. A single / file system and a swap partition will also work. @@ -421,8 +419,8 @@ Done. &prompt.root; newfs -U /dev/mirror/gm0s1f File systems from the original ada0 - disk can now be copied onto the mirror with - &man.dump.8; and &man.restore.8;. + disk can now be copied onto the mirror with &man.dump.8; and + &man.restore.8;. &prompt.root; mount /dev/mirror/gm0s1a /mnt &prompt.root; dump -C16 -b64 -0aL -f - / | (cd /mnt && restore -rf -) @@ -493,17 +491,17 @@ Done. 1000204821504 # mediasize in bytes (931G) Create a mirror on the new disk. To make certain that the - mirror capacity is not any larger than the original ada0 drive, - &man.gnop.8; is used to create a fake drive of the - exact same size. This drive does not store any data, but is - used only to limit the size of the mirror. When - &man.gmirror.8; creates the mirror, it will + mirror capacity is not any larger than the original + ada0 drive, &man.gnop.8; is used to + create a fake drive of the exact same size. This drive does + not store any data, but is used only to limit the size of the + mirror. When &man.gmirror.8; creates the mirror, it will restrict the capacity to the size of gzero.nop, even if the new ada1 drive has more space. Note that the - 1000204821504 in the second line - is equal to ada0's media size as - shown by diskinfo above. + 1000204821504 in the second line is + equal to ada0's media size as shown by + diskinfo above. &prompt.root; geom zero load &prompt.root; gnop create -s 1000204821504 gzero @@ -533,9 +531,8 @@ Done. 63 1953525105 1 freebsd [active] (931G) In this case, the partition table must be edited to reduce - the capacity by one sector on - mirror/gm0. The procedure will be - explained later. + the capacity by one sector on mirror/gm0. + The procedure will be explained later. In either case, partition tables on the primary disk should be first copied using gpart backup @@ -562,12 +559,11 @@ BSD 8 6 freebsd-ufs 130023424 838860800 7 freebsd-ufs 968884224 984640881 - If no - free space is shown at the end of the disk, the size of both the slice - and the last partition must be reduced by one sector. Edit - the two files, reducing the size of both the slice and last - partition by one. These are the last numbers in each - listing. + If no free space is shown at the end of the disk, the size + of both the slice and the last partition must be reduced by + one sector. Edit the two files, reducing the size of both the + slice and last partition by one. These are the last numbers + in each listing. &prompt.root; cat table.ada0 MBR 4 @@ -619,8 +615,8 @@ BSD 8 one free block at the end of the disk. Create file systems on these new partitions. The number - of partitions will vary to match the - original disk, ada0. + of partitions will vary to match the original disk, + ada0. &prompt.root; newfs -U /dev/mirror/gm0s1a &prompt.root; newfs -U /dev/mirror/gm0s1d @@ -656,15 +652,15 @@ BSD 8 If the geom_mirror.ko kernel module has not been built into the kernel, edit - /boot/loader.conf to load it at boot: + /boot/loader.conf to load it at + boot: geom_mirror_load="YES" File systems from the original disk can now be copied onto - the mirror with &man.dump.8; and - &man.restore.8;. - Each file system dumped with - dump -L will create a snapshot first, which can take some time. + the mirror with &man.dump.8; and &man.restore.8;. Each file + system dumped with dump -L will create a + snapshot first, which can take some time. &prompt.root; mount /dev/mirror/gm0s1a /mnt &prompt.root; dump -C16 -b64 -0aL -f - / | (cd /mnt && restore -rf -) @@ -698,8 +694,8 @@ BSD 8 mirror/gm0 has the same contents as ada0 before adding ada0 to the mirror. If the contents - previously copied by - &man.dump.8; and &man.restore.8; are not identical to what was on ada0, + previously copied by &man.dump.8; and &man.restore.8; are + not identical to what was on ada0, revert /etc/fstab to mount the file systems on ada0, reboot, and start the whole procedure again. @@ -825,10 +821,10 @@ mountroot> &prompt.root; gmirror forget gm0 Any old metadata should be cleared from the replacement - disk using the instructions in . Then the replacement disk, - ada4 for this example, is inserted into - the mirror: + disk using the instructions in + . Then the replacement + disk, ada4 for this example, is inserted + into the mirror: &prompt.root; gmirror insert gm0 /dev/ada4 From owner-svn-doc-all@FreeBSD.ORG Tue Jun 24 19:29:19 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D6A27443; Tue, 24 Jun 2014 19:29:19 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C00172F90; Tue, 24 Jun 2014 19:29:19 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5OJTJCo000725; Tue, 24 Jun 2014 19:29:19 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5OJTHRm000711; Tue, 24 Jun 2014 19:29:17 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201406241929.s5OJTHRm000711@svn.freebsd.org> From: Xin LI Date: Tue, 24 Jun 2014 19:29:17 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45118 - in head/share: security/advisories security/patches/EN-14:07 security/patches/EN-14:08 security/patches/SA-14:15 security/patches/SA-14:16 xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jun 2014 19:29:19 -0000 Author: delphij Date: Tue Jun 24 19:29:17 2014 New Revision: 45118 URL: http://svnweb.freebsd.org/changeset/doc/45118 Log: Add SA-14:15.iconv, SA-14:16.file, EN-14:07.pmap and EN-14:08.heimdal. Added: head/share/security/advisories/FreeBSD-EN-14:07.pmap.asc (contents, props changed) head/share/security/advisories/FreeBSD-EN-14:08.heimdal.asc (contents, props changed) head/share/security/advisories/FreeBSD-SA-14:15.iconv.asc (contents, props changed) head/share/security/advisories/FreeBSD-SA-14:16.file.asc (contents, props changed) head/share/security/patches/EN-14:07/ head/share/security/patches/EN-14:07/pmap.patch (contents, props changed) head/share/security/patches/EN-14:07/pmap.patch.asc (contents, props changed) head/share/security/patches/EN-14:08/ head/share/security/patches/EN-14:08/heimdal.patch (contents, props changed) head/share/security/patches/EN-14:08/heimdal.patch.asc (contents, props changed) head/share/security/patches/SA-14:15/ head/share/security/patches/SA-14:15/iconv.patch (contents, props changed) head/share/security/patches/SA-14:15/iconv.patch.asc (contents, props changed) head/share/security/patches/SA-14:16/ head/share/security/patches/SA-14:16/file-8.4.patch (contents, props changed) head/share/security/patches/SA-14:16/file-8.4.patch.asc (contents, props changed) head/share/security/patches/SA-14:16/file.patch (contents, props changed) head/share/security/patches/SA-14:16/file.patch.asc (contents, props changed) Modified: head/share/xml/advisories.xml head/share/xml/notices.xml Added: head/share/security/advisories/FreeBSD-EN-14:07.pmap.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-EN-14:07.pmap.asc Tue Jun 24 19:29:17 2014 (r45118) @@ -0,0 +1,129 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-14:07.pmap Errata Notice + The FreeBSD Project + +Topic: Bug with PCID implementation + +Category: core +Module: kernel +Announced: 2014-06-24 +Credits: Henrik Gulbrandsen +Affects: FreeBSD 10.0-RELEASE +Corrected: 2014-03-04 21:51:09 UTC (stable/10, 10.0-STABLE) + 2014-06-24 19:05:08 UTC (releng/10.0, 10.0-RELEASE-p6) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +. + +I. Background + +Process-context identifiers (PCIDs) are a facility in modern x86 +processors, which tags TLB entries with the Id of the address space +and allows to avoid TLB invalidation on the context switch. + +II. Problem Description + +Due to bug in the handling of the mask of the CPU set where the given +address space could have cached TLB entries, stale mappings could be +seen by multithreaded programs. + +III. Impact + +Applications, most notably Java, which makes heavy use of threads may +randomly crash due to the inconcistency. + +IV. Workaround + +Systems that do not run have a CPU that supports the Process-Context +Identifiers feature are not affected. + +The system administrator can add the following to /boot/loader.conf +which disables Process-Context Identifiers to workaround this problem: + + vm.pmap.pcid_enabled="0" + +V. Solution + +Perform one of the following: + +1) Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date. + +2) To update your present system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +[FreeBSD 10.0] +# fetch http://security.FreeBSD.org/patches/EN-14:07/pmap.patch +# fetch http://security.FreeBSD.org/patches/EN-14:07/pmap.patch.asc +# gpg --verify pmap.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile your kernel as described in + and reboot the +system. + +3) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +VI. Correction details + +The following list contains the revision numbers of each file that was +corrected in FreeBSD. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/10/ r262753 +releng/10.0/ r267829 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + +The latest revision of this Errata Notice is available at +http://security.FreeBSD.org/advisories/FreeBSD-EN-14:07.pmap.asc + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2 + +iQIcBAEBCgAGBQJTqc+KAAoJEO1n7NZdz2rnAbYP/iZKU3SSwHwWPzYa03ZwgW4u +54MigJuV/wyOfJj2ZZuOXTaYZP1miRgFr7mn9OWkA6slWHLAVkmN9fWrUU8tRPjJ +UDVhnbToVYIcmW2tEH5lZ5y1Stt178NZTeMo26jgkWhj74RZ10OIFdSuNlNUQGSr +djanCdgpnGL+odml+rQcGAAKKH97PchQ6r9IivNgE6mnGhGvzOjQOSdxioBLew14 +w5Ua3k4nn/4hYi4RMPJ/vAlPdJHVsnZb8kRWhf4Ncj19IkvJ8EO6PmnHCbdGmV1I +cvqVFxXPGGA/A+O9E+1S+54SWotivpgjSujuQFFmvuzBbPhlt/Hmtn6YwljNG4+e +V6MsMRPMHVoIhOCBv9xfCHgyajA7jgbRGqQkMWxwKPVLjmk2NWOsbGBjHMFHnqYn +87Sh7crbFffNGwqGJgn+vXSXeNZ/95EWSBE0/B4KfqPeX6XCJI/C/sMRl0ATKa7C +k227J0olXKKUInLEq7tS1nLS0IKlWLF5WiRFx7DOa4DKLBcLZkYKTu3ATJySQ4V3 +hDNDpubB3/94ug1slRNWDYGxzaZq0ctUTubxsHW7a0iYQi/PkssCT/8jVAdsx8hq +S1DjGZiFAKLOiJUSvPfONdwodORyEyMB+z37EfgeHKKqnjJXgSEtmnmI+7sT8hlR +FhXX1XQOBUtPxF+MY4bT +=vNzu +-----END PGP SIGNATURE----- Added: head/share/security/advisories/FreeBSD-EN-14:08.heimdal.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-EN-14:08.heimdal.asc Tue Jun 24 19:29:17 2014 (r45118) @@ -0,0 +1,166 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-14:08.heimdal Errata Notice + The FreeBSD Project + +Topic: gss_pseudo_random interoperability issue + +Category: contrib +Module: heimdal +Announced: 2014-06-24 +Credits: Marc Dionne, Nico Williams, and Benjamin Kaduk +Affects: All supported versions of FreeBSD prior to 9.2-RELEASE. +Corrected: 2013-12-16 06:52:30 UTC (stable/9, 9.2-STABLE) + 2014-06-24 19:05:36 UTC (releng/9.2, 9.2-RELEASE-p9) + 2014-06-24 19:05:36 UTC (releng/9.1, 9.1-RELEASE-p16) + 2013-12-16 06:56:38 UTC (stable/8, 8.4-STABLE) + 2014-06-24 19:05:47 UTC (releng/8.4, 8.4-RELEASE-p13) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +. + +I. Background + +Heimdal provides an implementation of Kerberos 5, the Generic Security +Service API (GSS-API), and the krb5 GSS-API mechanism. The GSS-API is +an abstract API that provides a unified interface for security services +that wraps many underlying security mechanisms. Application protocols +using the GSS-API exchange context tokens to establish a security context. +Once the security context has successfully been established, it can be +used to checksum and/or encrypt messages between the two parties of +the context, securely generate an identical pseudorandom bitstring at +both endpoints, and other security-related functionality. + +Kerberos 5 permits the use of different encryption types for encryption +keys; part of the specification for each encryption type is a pseudo-random +function that uses an encryption key and some optional seed data to +produce a pseudo-random bitstring of a fixed length. The GSS_Pseudo_random +function uses an established security context and some optional seed +data to produce a pseudo-random bitstring of (nearly) arbitrary lengh. +The specification for GSS_Pseudo_random for the krb5 mechanism (RFC 4402) +uses a counter mode to produce the arbitrary length output from the +fixed-length output of the underlying enctype's pseudo-random output. + +II. Problem Description + +RFC 4402 specifies that the counter which is prepended to the seed data +must be encoded in network (big-endian) byte order before being input to the +encryption type's pseudo-random function. All released versions of Heimdal +that include a GSS_Pseudo_random implementation for the krb5 mechanism +encode the counter as a little-endian integer. + +III. Impact + +Only applications using the GSS_Pseudo_random functionality with the krb5 +mechanism are affected; the number of such applications is believed to +be small. (RFC 4402 was published in 2006.) Since the first value +used for the counter is zero, the first block of output is correct, but +the second and all subsequent blocks of output are incorrect. +Old versions of Heimdal will interoperate over the network with each +other, but will not interoperate with MIT krb5 peers or other implementations +of RFC 4402, if producing more than one block of pseudo-random output. +For the commonly used AES encryption types, the first 128 bits of output +are correct but the subsequent output differs. + +IV. Workaround + +Applications which do not use the GSS_Pseudo_random functionality +are not affected. + +Applications which can reduce their pseudo-random needs to a single +block length (e.g., 128 bits for AES) will interoperate with all +known implementations. + +V. Solution + +Perform one of the following: + +1) Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date. + +2) To update your present system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch http://security.FreeBSD.org/patches/EN-14:08/heimdal.patch +# fetch http://security.FreeBSD.org/patches/EN-14:08/heimdal.patch.asc +# gpg --verify heimdal.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile the operating system using buildworld and installworld as +described in . + +Restart all deamons using the library, or reboot the system. + +3) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +VI. Correction details + +The following list contains the revision numbers of each file that was +corrected in FreeBSD. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/8/ r259452 +releng/8.4/ r267832 +stable/9/ r259451 +releng/9.1/ r267831 +releng/9.2/ r267831 +stable/10/ r259447 +releng/10.0/ r259758 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + +The discussion of this interoperability issue in the IETF kitten working +group archives may be found here: +http://www.ietf.org/mail-archive/web/kitten/current/msg04479.html + +The latest revision of this Errata Notice is available at +http://security.FreeBSD.org/advisories/FreeBSD-EN-14:08.heimdal.asc + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2 + +iQIcBAEBCgAGBQJTqc+KAAoJEO1n7NZdz2rnk2wP/RXxr1lgWeKY1wCusB/wlkLO +6cVsvZwIkvTvKNglkqY4dEvJJ1mdy25xP2yoft+ChM9ugTiGs5gfxsROXLCufobP +0ycnbl0pxL00aNwU3nXaejPhfblwwLmnwZAb3JuxF795BH/7z4a9vdC0mEn86RbQ +efeu3hqxJJxDL65xUntlgzWiFSWB+DZUjBU9DAFWlOPnbVR2T3n5w4sFSWMDtmv+ +AxqKjNVLgIHQKECTYjyFV2UjXCn6Np2m0dWHSpYM5MsdSaUolOqDRRxzAK5LKHg0 +ieHTf1OgBpfe/iBuSwybtEv/4cagDvN82Vsni8MbLEeDMa4DSsKorea1SIrCTcBv +CW4ugln7bBWgm3hnCEIWsy0wwhSVQetGFjYgimZySI5/nO2Jnh1Ung705MPCYpb7 ++X+G/oLqp04Bq81sWY4KFN8cfcmM2fQyL0zYOS72VPjXEvwcHnsbjZ/yO8eekO+J +oxkd8FaXR4b21HCh5cdlwWNNU4mu9wId8CLJW0y9l15zloTQvjW8+MSlEhAm9KUl +nYq/qHGiLTvxmsHlnQumay8lhtRJf0r3pNih+xchxy7JCVeu84aZHSIDrklZoiAr +LjOWagYFP9qHqhmmRxVoHKBeHgUaDWiJ9J0a0R44GadowrstYT7cYCzfSQr1KkDz +HPlEHgAxXm0shG0bbEA5 +=tTXE +-----END PGP SIGNATURE----- Added: head/share/security/advisories/FreeBSD-SA-14:15.iconv.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-SA-14:15.iconv.asc Tue Jun 24 19:29:17 2014 (r45118) @@ -0,0 +1,131 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-SA-14:15.iconv Security Advisory + The FreeBSD Project + +Topic: iconv(3) NULL pointer dereference and out-of-bounds array access + +Category: core +Module: libc/iconv +Announced: 2014-06-24 +Credits: Manuel Mausz, Tijl Coosemans +Affects: FreeBSD 10.0 +Corrected: 2014-03-04 12:43:10 UTC (stable/10, 10.0-STABLE) + 2014-06-24 19:05:08 UTC (releng/10.0, 10.0-RELEASE-p6) +CVE Name: CVE-2014-3951 + +For general information regarding FreeBSD Security Advisories, +including descriptions of the fields above, security branches, and the +following sections, please visit . + +I. Background + +The iconv(3) API allows converting text data from one character set +encoding to another. Applications first open a converter between two +encodings using iconv_open(3) and then convert text using iconv(3). +HZ is an encoding of the GB2312 character set used for simplified +Chinese characters. VIQR is an encoding for Vietnamese characters. + +II. Problem Description + +A NULL pointer dereference in the initialization code of the HZ module and +an out of bounds array access in the initialization code of the VIQR module +make iconv_open(3) calls involving HZ or VIQR result in an application crash. + +III. Impact + +Services where an attacker can control the arguments of an iconv_open(3) +call can be caused to crash resulting in a denial-of-service. For example, +an email encoded in HZ may cause an email delivery service to crash if it +converts emails to a more generic encoding like UTF-8 before applying +filtering rules. + +IV. Workaround + +No workaround is available, but systems that do not process untrusted +Chinese or Vietnamese input are not affected by this vulnerability. + +V. Solution + +Perform one of the following: + +1) Upgrade your vulnerable system to a supported FreeBSD stable or +release / security branch (releng) dated after the correction date. + +2) To update your vulnerable system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +[FreeBSD 10.0] +# fetch http://security.FreeBSD.org/patches/SA-14:15/iconv.patch +# fetch http://security.FreeBSD.org/patches/SA-14:15/iconv.patch.asc +# gpg --verify iconv.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile the operating system using buildworld and installworld as +described in . + +Restart all deamons using the library, or reboot the system. + +3) To update your vulnerable system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +VI. Correction details + +The following list contains the correction revision numbers for each +affected branch. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/10/ r262731 +releng/10.0/ r267829 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + + + +The latest revision of this advisory is available at + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2 + +iQIcBAEBCgAGBQJTqc+KAAoJEO1n7NZdz2rnmqsP/1VXkGjjBB34Qh43HGxmVofB +8Zfkc19nQtHvQaS+wAUfm10Onu2QJUPPm5OZL+kYYxJs1G4/VLTDTl/7cHBkCoA0 +abdDpRbtG6CMHfnaARpMOAkg+uvHl41pjHgr+mi4TRYivzSNp+qfw8BsPJ21DAS6 +Om6H6m+ggHjTXrtniBtQ+os2wfxbGGMJQzL94QC+tyzzFTEknIt8lgn6hboh99eV +pQb8WnSRCPuyiw+hKHdOOS7er7ZCIy9l0VWWfyJzcZP3/W5q6qSNCdnMUNZsTk0L +ruiUrhRjookK6/3VKb+9/YMfpB8xuQad2fk2mbQZkaxdSVJyFIfOI6Y9PJYbx9BP +Z7Bp0qyEGs+5/CZhiSwr2E/3k7kNe+30dvbPE0SBw9JNS4T0FyzlRUM4Y8s843Lf +GUcacSLcgCv8DUU517GmTL+UvnE+dajppr/vueRTC2T0mj8OX1qukq1Rjs9RpZkc +l2ajo3TbMZjwwivEsJEI2706tqv2v7+xON6WrZbUvbXlp4Kw7v01pS2Z3DFIeK8d +D9H80XuBIM6ZvMUd3NZHBGBjcxYEHvB5hM26ceCAP/ZvOSa4jp8vVQcPVONwj55n +RvX+K66t3yGiRznjhUUL+/8T9ulcI8TomgKL+U3UXasinYU9F4v55yXRugYvgnig +jh8e1kgmRt2rt5ZLthe5 +=Wr8S +-----END PGP SIGNATURE----- Added: head/share/security/advisories/FreeBSD-SA-14:16.file.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-SA-14:16.file.asc Tue Jun 24 19:29:17 2014 (r45118) @@ -0,0 +1,161 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-SA-14:16.file Security Advisory + The FreeBSD Project + +Topic: Multiple vulnerabilities in file(1) and libmagic(3) + +Category: contrib +Module: file +Announced: 2014-06-24 +Affects: All supported versions of FreeBSD. +Corrected: 2014-06-24 19:04:55 UTC (stable/10, 10.0-STABLE) + 2014-06-24 19:05:08 UTC (releng/10.0, 10.0-RELEASE-p6) + 2014-06-24 19:04:55 UTC (stable/9, 9.3-PRERELEASE) + 2014-06-24 19:05:19 UTC (releng/9.3, 9.3-RC2) + 2014-06-24 19:05:36 UTC (releng/9.2, 9.2-RELEASE-p9) + 2014-06-24 19:05:36 UTC (releng/9.1, 9.1-RELEASE-p16) + 2014-06-24 19:04:55 UTC (stable/8, 8.4-STABLE) + 2014-06-24 19:05:47 UTC (releng/8.4, 8.4-RELEASE-p13) +CVE Name: CVE-2012-1571, CVE-2013-7345, CVE-2014-1943, CVE-2014-2270 + +For general information regarding FreeBSD Security Advisories, +including descriptions of the fields above, security branches, and the +following sections, please visit . + +I. Background + +The file(1) utility attempts to classify file system objects based on +filesystem, magic number and language tests. + +The libmagic(3) library provides most of the functionality of file(1) +and may be used by other applications. + +II. Problem Description + +A specifically crafted Composite Document File (CDF) file can trigger an +out-of-bounds read or an invalid pointer dereference. [CVE-2012-1571] + +A flaw in regular expression in the awk script detector makes use of +multiple wildcards with unlimited repetitions. [CVE-2013-7345] + +A malicious input file could trigger infinite recursion in libmagic(3). +[CVE-2014-1943] + +A specifically crafted Portable Executable (PE) can trigger out-of-bounds +read. [CVE-2014-2270] + +III. Impact + +An attacker who can cause file(1) or any other applications using the +libmagic(3) library to be run on a maliciously constructed input can +the application to crash or consume excessive CPU resources, resulting +in a denial-of-service. + +IV. Workaround + +No workaround is available, but systems where file(1) and other +libmagic(3)-using applications are never run on untrusted input are not +vulnerable. + +V. Solution + +Perform one of the following: + +1) Upgrade your vulnerable system to a supported FreeBSD stable or +release / security branch (releng) dated after the correction date. + +2) To update your vulnerable system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +[FreeBSD 9.1, 9.2, 9.3, 10.0] +# fetch http://security.FreeBSD.org/patches/SA-14:16/file.patch +# fetch http://security.FreeBSD.org/patches/SA-14:16/file.patch.asc +# gpg --verify file.patch.asc + +[FreeBSD 8.4] +# fetch http://security.FreeBSD.org/patches/SA-14:16/file-8.4.patch +# fetch http://security.FreeBSD.org/patches/SA-14:16/file-8.4.patch.asc +# gpg --verify file.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile the operating system using buildworld and installworld as +described in . + +Restart all deamons using the library, or reboot the system. + +3) To update your vulnerable system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +VI. Correction details + +The following list contains the correction revision numbers for each +affected branch. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/8/ r267828 +releng/8.4/ r267832 +stable/9/ r267828 +releng/9.1/ r267831 +releng/9.2/ r267831 +releng/9.3/ r267830 +stable/10/ r267828 +releng/10.0/ r267829 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + + + + + + + + + +The latest revision of this advisory is available at + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2 + +iQIcBAEBCgAGBQJTqc+KAAoJEO1n7NZdz2rnaLsP/jwrr5b1qZ9tObnN3FXwzEjD +jNHa3AJKHXgrYGzF8yNrZElhE48f02sr9dEXqIw/E5eElcVhi38RBEkwblE8Nj2H +M5bzEwVS7kWPcAl1vBno1rFTHutUTOSSopBGgwlNAlWSFnr1iFIIU9dQ6kcGCnBj +LvMx5kTSyZ707kArRrFjrDeYlPLSE/vSBOC00TqReS+3Q9By1IH5kUWesDWr+3Gk +lvW/JzSTcyOicrGR6vRHiLn9+NKojd6pV3hqV/uxuth1OxRtiGPeodL6CyvkipMo +rKjTgXEY2KluBGV9ff+rbeARLfUh2PDJ9Z5BfF7O8ZyMZpKkcw6MFRRfJ0xgtUZK +vpF0u8NVMIZhHLSJ9q1Roij2POxeOETNXG2bGKtVu8pqhJ14DvMfPgamsQLhzKRX +vBN1Gw+3RctJrQpF9HvYFOsKlfzcWyka82lw5GSsDYGH2TamU00CTQmx/5PW+WVo +xV3C17Wj8AkmRYWeC4IzkTiZ8avVOZ+TMyJKRhL6EGBT3ramu8BFdV8oZOcHHpR/ +rAI6eZcFtNuwKuvfqHZmh84GicHDkMHXy6OiyCYUW9uNdWl7nUPMMxp/zEA6gtay +ozVedGIIrhYkfQAJRcRAcnEBYqcBVkCD/rKXJtdALl3RDQrediRaz0nWE2bJ/qs3 +bHjS6vu9VS/3z0+pEYri +=5Ihe +-----END PGP SIGNATURE----- Added: head/share/security/patches/EN-14:07/pmap.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-14:07/pmap.patch Tue Jun 24 19:29:17 2014 (r45118) @@ -0,0 +1,13 @@ +Index: sys/amd64/amd64/pmap.c +=================================================================== +--- sys/amd64/amd64/pmap.c (revision 267572) ++++ sys/amd64/amd64/pmap.c (working copy) +@@ -367,7 +367,7 @@ static int pmap_flags = PMAP_PDE_SUPERPAGE; /* fla + + static struct unrhdr pcid_unr; + static struct mtx pcid_mtx; +-int pmap_pcid_enabled = 1; ++int pmap_pcid_enabled = 0; + SYSCTL_INT(_vm_pmap, OID_AUTO, pcid_enabled, CTLFLAG_RDTUN, &pmap_pcid_enabled, + 0, "Is TLB Context ID enabled ?"); + int invpcid_works = 0; Added: head/share/security/patches/EN-14:07/pmap.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-14:07/pmap.patch.asc Tue Jun 24 19:29:17 2014 (r45118) @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2 + +iQIcBAABCgAGBQJTqc/GAAoJEO1n7NZdz2rnhbEP/2pckDzyxx2dvtY4VXOHwykV +K8Wb0m8o2x6IpHx/lqvToBX77VneknAmfc6yNxldMTmBq5sLA4kuLp9EkH7iuFtV +k1XcDWWGaoyLEK6Ur2f/CQOE9t0Qig5i6hVNbWCYzmjNZZGGE4Xd60rSSyQ1QN28 +JNoopI5p/wGWkDlDbw5f+foXBfbuOx1t1XWgEPRbxAXnvc6f3QBi7HQEu7GWWu04 +o5bn7+42zv3ij6aJ/zMb818Ml5cp1zeGT9VkSN17yqEdzmF+5C32caUp4qiiA5+n +gTR56RISYT+85xK+4AXdv3kZE5ZSQlsA8wLquKDiRVNFvqH7ly6v21JbWEfJBwyz +4iCA5I9A/Bp8z5ScouupkPimMEKCmSFwpE/Ww914x5bOaYl4xsXUQzBKs2nIWaao +u7sR7HxW0bq9pK1iVR2kU2md+65vq98HHO1xi1wQ8Aqw9Gt3CKklubiOf36qilUE +FCxBtumgOkHP8HWSE4oKFqLqx3GPV2j2BMSZiUE/x7gfd86FF6/fyx01NIekMpny +Osp5rXA5jnKgHJC8M6sF/+Xag1kBaIur5wNtaPSsQASmiXs4yXY29zH3sX4AxA2n +0fS1fItiM/US30TPGbcT0YEU8FR/CHDchUD2FjbjxntU4VSBUrnsK+ydRWiL+M0e +q4qZ9kLz2/HzBYG54HiI +=XjDR +-----END PGP SIGNATURE----- Added: head/share/security/patches/EN-14:08/heimdal.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-14:08/heimdal.patch Tue Jun 24 19:29:17 2014 (r45118) @@ -0,0 +1,13 @@ +Index: crypto/heimdal/lib/gssapi/krb5/prf.c +=================================================================== +--- crypto/heimdal/lib/gssapi/krb5/prf.c (revision 267806) ++++ crypto/heimdal/lib/gssapi/krb5/prf.c (working copy) +@@ -117,7 +117,7 @@ _gsskrb5_pseudo_random(OM_uint32 *minor_status, + num = 0; + p = prf_out->value; + while(desired_output_len > 0) { +- _gsskrb5_encode_om_uint32(num, input.data); ++ _gsskrb5_encode_be_om_uint32(num, input.data); + ret = krb5_crypto_prf(context, crypto, &input, &output); + if (ret) { + OM_uint32 junk; Added: head/share/security/patches/EN-14:08/heimdal.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-14:08/heimdal.patch.asc Tue Jun 24 19:29:17 2014 (r45118) @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2 + +iQIcBAABCgAGBQJTqc/GAAoJEO1n7NZdz2rneCAP/Ay62O3KiG8sQoCgH/3aTcV2 +k0OhOBxvRsTAaiOy5EVT+BMtZWymDBWiiFZueL6jpYEy3LthqAmguj9KMWC0k6ni +a6ETu8IzPWjqmYodqcPEM0dfDsovSzDxP2iAdKwcCrY379d/7hPvmhVR2IMt7oXj +7aeu1zDZtubw5SkpS9Vy6X8yynuz3caxqaUjmRuumonZ+isrQxeC8taXQP/nFIs1 +F71Il7LluEf9Abieh9R1m6mVftABGju9TSvmzHtjuBd0jzInBpegDlxeD3sw4mqa +TWHKABsd9DqEnghkTN3f0CQ+ba8/KEcN5hR+xpjWGw+8GjilkE5JswIM8W9iQK61 +BIim1dwS4WwLxIxgQtaHwSXrWq5yVrSFwq3sy5yUCa/dZVr4U+vlr4YHZtEw0V+H +MUh8/3087XlLskNVA7zYQMyjO0f0BUVB5V28VZQJnrywPzHCP/ZHCKboqTmGA5t6 +19MaloslnSpCp73T+ooQ+aiv5j8FGKJfhXOKHkrrj6wocNq1iqsc0coVWv3TtN1J +GAM00xKyxQLe2nVP+EPQJt1uDdNvcPfXCbNzzQbyW4wnRklBuXqIKKeZn/vYTIYE +x0oPHPPgAihot6gP2ZZRclT0kpqdJWFGw6fjsBJINBrMPAlClwPUQtelUkueaxtz +PGj8k8GVtsFOjgvqsRfb +=QKVG +-----END PGP SIGNATURE----- Added: head/share/security/patches/SA-14:15/iconv.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-14:15/iconv.patch Tue Jun 24 19:29:17 2014 (r45118) @@ -0,0 +1,175 @@ +Index: lib/libc/iconv/citrus_prop.c +=================================================================== +--- lib/libc/iconv/citrus_prop.c (revision 267591) ++++ lib/libc/iconv/citrus_prop.c (working copy) +@@ -339,7 +339,7 @@ name_found: + + static int + _citrus_prop_parse_element(struct _memstream * __restrict ms, +- const _citrus_prop_hint_t * __restrict hints, void ** __restrict context) ++ const _citrus_prop_hint_t * __restrict hints, void * __restrict context) + { + int ch, errnum; + #define _CITRUS_PROP_HINT_NAME_LEN_MAX 255 +@@ -435,8 +435,7 @@ _citrus_prop_parse_variable(const _citrus_prop_hin + if (ch == EOF || ch == '\0') + break; + _memstream_ungetc(&ms, ch); +- errnum = _citrus_prop_parse_element( +- &ms, hints, (void ** __restrict)context); ++ errnum = _citrus_prop_parse_element(&ms, hints, context); + if (errnum != 0) + return (errnum); + } +Index: lib/libc/iconv/citrus_prop.h +=================================================================== +--- lib/libc/iconv/citrus_prop.h (revision 267591) ++++ lib/libc/iconv/citrus_prop.h (working copy) +@@ -42,7 +42,7 @@ typedef struct _citrus_prop_hint_t _citrus_prop_hi + + #define _CITRUS_PROP_CB0_T(_func_, _type_) \ + typedef int (*_citrus_prop_##_func_##_cb_func_t) \ +- (void ** __restrict, const char *, _type_); \ ++ (void * __restrict, const char *, _type_); \ + typedef struct { \ + _citrus_prop_##_func_##_cb_func_t func; \ + } _citrus_prop_##_func_##_cb_t; +@@ -52,7 +52,7 @@ _CITRUS_PROP_CB0_T(str, const char *) + + #define _CITRUS_PROP_CB1_T(_func_, _type_) \ + typedef int (*_citrus_prop_##_func_##_cb_func_t) \ +- (void ** __restrict, const char *, _type_, _type_); \ ++ (void * __restrict, const char *, _type_, _type_); \ + typedef struct { \ + _citrus_prop_##_func_##_cb_func_t func; \ + } _citrus_prop_##_func_##_cb_t; +Index: lib/libiconv_modules/BIG5/citrus_big5.c +=================================================================== +--- lib/libiconv_modules/BIG5/citrus_big5.c (revision 267591) ++++ lib/libiconv_modules/BIG5/citrus_big5.c (working copy) +@@ -170,7 +170,7 @@ _citrus_BIG5_check_excludes(_BIG5EncodingInfo *ei, + } + + static int +-_citrus_BIG5_fill_rowcol(void ** __restrict ctx, const char * __restrict s, ++_citrus_BIG5_fill_rowcol(void * __restrict ctx, const char * __restrict s, + uint64_t start, uint64_t end) + { + _BIG5EncodingInfo *ei; +@@ -189,7 +189,7 @@ static int + + static int + /*ARGSUSED*/ +-_citrus_BIG5_fill_excludes(void ** __restrict ctx, ++_citrus_BIG5_fill_excludes(void * __restrict ctx, + const char * __restrict s __unused, uint64_t start, uint64_t end) + { + _BIG5EncodingInfo *ei; +@@ -235,7 +235,6 @@ static int + _citrus_BIG5_encoding_module_init(_BIG5EncodingInfo * __restrict ei, + const void * __restrict var, size_t lenvar) + { +- void *ctx = (void *)ei; + const char *s; + int err; + +@@ -257,9 +256,9 @@ _citrus_BIG5_encoding_module_init(_BIG5EncodingInf + } + + /* fallback Big5-1984, for backward compatibility. */ +- _citrus_BIG5_fill_rowcol((void **)&ctx, "row", 0xA1, 0xFE); +- _citrus_BIG5_fill_rowcol((void **)&ctx, "col", 0x40, 0x7E); +- _citrus_BIG5_fill_rowcol((void **)&ctx, "col", 0xA1, 0xFE); ++ _citrus_BIG5_fill_rowcol(ei, "row", 0xA1, 0xFE); ++ _citrus_BIG5_fill_rowcol(ei, "col", 0x40, 0x7E); ++ _citrus_BIG5_fill_rowcol(ei, "col", 0xA1, 0xFE); + + return (0); + } +Index: lib/libiconv_modules/HZ/citrus_hz.c +=================================================================== +--- lib/libiconv_modules/HZ/citrus_hz.c (revision 267591) ++++ lib/libiconv_modules/HZ/citrus_hz.c (working copy) +@@ -65,8 +65,8 @@ typedef enum { + } charset_t; + + typedef struct { ++ int start; + int end; +- int start; + int width; + } range_t; + +@@ -503,12 +503,12 @@ _citrus_HZ_encoding_module_uninit(_HZEncodingInfo + } + + static int +-_citrus_HZ_parse_char(void **context, const char *name __unused, const char *s) ++_citrus_HZ_parse_char(void *context, const char *name __unused, const char *s) + { + escape_t *escape; + void **p; + +- p = (void **)*context; ++ p = (void **)context; + escape = (escape_t *)p[0]; + if (escape->ch != '\0') + return (EINVAL); +@@ -520,7 +520,7 @@ static int + } + + static int +-_citrus_HZ_parse_graphic(void **context, const char *name, const char *s) ++_citrus_HZ_parse_graphic(void *context, const char *name, const char *s) + { + _HZEncodingInfo *ei; + escape_t *escape; +@@ -527,7 +527,7 @@ static int + graphic_t *graphic; + void **p; + +- p = (void **)*context; ++ p = (void **)context; + escape = (escape_t *)p[0]; + ei = (_HZEncodingInfo *)p[1]; + graphic = malloc(sizeof(*graphic)); +@@ -589,13 +589,13 @@ _CITRUS_PROP_HINT_END + }; + + static int +-_citrus_HZ_parse_escape(void **context, const char *name, const char *s) ++_citrus_HZ_parse_escape(void *context, const char *name, const char *s) + { + _HZEncodingInfo *ei; + escape_t *escape; + void *p[2]; + +- ei = (_HZEncodingInfo *)*context; ++ ei = (_HZEncodingInfo *)context; + escape = malloc(sizeof(*escape)); + if (escape == NULL) + return (EINVAL); +Index: lib/libiconv_modules/VIQR/citrus_viqr.c +=================================================================== +--- lib/libiconv_modules/VIQR/citrus_viqr.c (revision 267591) ++++ lib/libiconv_modules/VIQR/citrus_viqr.c (working copy) +@@ -431,7 +431,6 @@ static int + _citrus_VIQR_encoding_module_init(_VIQREncodingInfo * __restrict ei, + const void * __restrict var __unused, size_t lenvar __unused) + { +- const mnemonic_def_t *p; + const char *s; + size_t i, n; + int errnum; +@@ -455,7 +454,10 @@ _citrus_VIQR_encoding_module_init(_VIQREncodingInf + return (errnum); + } + } +- for (i = 0;; ++i) { ++ /* a + 1 < b + 1 here to silence gcc warning about unsigned < 0. */ ++ for (i = 0; i + 1 < mnemonic_ext_size + 1; ++i) { ++ const mnemonic_def_t *p; ++ + p = &mnemonic_ext[i]; + n = strlen(p->name); + if (ei->mb_cur_max < n) Added: head/share/security/patches/SA-14:15/iconv.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-14:15/iconv.patch.asc Tue Jun 24 19:29:17 2014 (r45118) @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2 + +iQIcBAABCgAGBQJTqc+xAAoJEO1n7NZdz2rnGpkP/0rm6huVPDIo3qTvfuXyKVvX +MGbc8+35EfDSUxAYLkQIJxiEF88+chJrEqyivP311+IMFUXdyplQvXQiZcTKXdPp +hYVa7wCeC7BbdXILiw+hi9J5TI4QiE+b4Kmn83DIS/iYols4tRpUVXN4OCFaO3BR +oW5RuCI/VBVqwUm+3pZhz1GuzPOmZo+8KxdHk3nmSmoad6SNvPB0W3QY53P2J96E +8euOJGM/38QWav2g7QsQeI+MAx2jcxUmRIQVfCblfXG1O0izNjuC8hjqJptSvBpc +uvJAhQxptludfAa7/ZnW4ws/dJz4ekNSlerjRpNiXE0Hr2r2TAM8cFwG9AbVThga +wZ8+rHFOC30kIJ6uvZbpTPHNSHxu4pVyOOoh4Tfr1xpDqb/3ktSXfXX6bgXPrhMI +PdBVVACYGbdurQU8Z65JbMmNx96Sl79w8mOHrMSeVS3pRL7FtJ4J+c8sOLyiaouM +kIf+vbqSPHRqpkCtmmKP6QM+qrfhrlzmYwyNTE2pKautaGNCyAMY3lrKhbEr7llK +L4YZ9/9Z6ivZZZDhAZbzcJrWQOuW0wmt7E2CyC1TOHOBjI6202J/++ZWSmmsexWF +mWNai/3IqCGd24unHHxdrTUSw+b99pL+HAgAdTQZ2dg3Qh/qC0PAcICBoWDgS0sM +Q34JUXT4cVpCqHeFhPkp +=gJzF +-----END PGP SIGNATURE----- Added: head/share/security/patches/SA-14:16/file-8.4.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-14:16/file-8.4.patch Tue Jun 24 19:29:17 2014 (r45118) @@ -0,0 +1,1891 @@ +Index: contrib/file/ascmagic.c +=================================================================== +--- contrib/file/ascmagic.c (revision 267806) ++++ contrib/file/ascmagic.c (working copy) +@@ -151,7 +151,7 @@ file_ascmagic_with_encoding(struct magic_set *ms, + if ((utf8_end = encode_utf8(utf8_buf, mlen, ubuf, ulen)) == NULL) + goto done; + if ((rv = file_softmagic(ms, utf8_buf, (size_t)(utf8_end - utf8_buf), +- TEXTTEST)) != 0) ++ 0, TEXTTEST)) != 0) + goto done; + else + rv = -1; +Index: contrib/file/cdf.c +=================================================================== +--- contrib/file/cdf.c (revision 267806) ++++ contrib/file/cdf.c (working copy) +@@ -24,15 +24,18 @@ + * POSSIBILITY OF SUCH DAMAGE. + */ + /* +- * Parse composite document files, the format used in Microsoft Office +- * document files before they switched to zipped xml. ++ * Parse Composite Document Files, the format used in Microsoft Office ++ * document files before they switched to zipped XML. + * Info from: http://sc.openoffice.org/compdocfileformat.pdf ++ * ++ * N.B. This is the "Composite Document File" format, and not the ++ * "Compound Document Format", nor the "Channel Definition Format". + */ + + #include "file.h" + + #ifndef lint +-FILE_RCSID("@(#)$File: cdf.c,v 1.30 2009/05/06 14:29:47 christos Exp $") ++FILE_RCSID("@(#)$File: cdf.c,v 1.49 2012/02/20 20:04:37 christos Exp $") + #endif + + #include +@@ -44,6 +47,9 @@ + #include + #include + #include ++#ifdef HAVE_LIMITS_H ++#include ++#endif + + #ifndef EFTYPE + #define EFTYPE EINVAL +@@ -51,10 +57,6 @@ + + #include "cdf.h" + +-#ifndef __arraycount +-#define __arraycount(a) (sizeof(a) / sizeof(a[0])) +-#endif +- + #ifdef CDF_DEBUG + #define DPRINTF(a) printf a, fflush(stdout) + #else +@@ -68,19 +70,21 @@ static union { + + #define NEED_SWAP (cdf_bo.u == (uint32_t)0x01020304) + +-#define CDF_TOLE8(x) (NEED_SWAP ? cdf_tole8(x) : (uint64_t)(x)) +-#define CDF_TOLE4(x) (NEED_SWAP ? cdf_tole4(x) : (uint32_t)(x)) +-#define CDF_TOLE2(x) (NEED_SWAP ? cdf_tole2(x) : (uint16_t)(x)) ++#define CDF_TOLE8(x) ((uint64_t)(NEED_SWAP ? _cdf_tole8(x) : (uint64_t)(x))) ++#define CDF_TOLE4(x) ((uint32_t)(NEED_SWAP ? _cdf_tole4(x) : (uint32_t)(x))) ++#define CDF_TOLE2(x) ((uint16_t)(NEED_SWAP ? _cdf_tole2(x) : (uint16_t)(x))) ++#define CDF_GETUINT32(x, y) cdf_getuint32(x, y) + ++ + /* + * swap a short + */ +-uint16_t +-cdf_tole2(uint16_t sv) ++static uint16_t ++_cdf_tole2(uint16_t sv) + { + uint16_t rv; +- uint8_t *s = (uint8_t *)(void *)&sv; +- uint8_t *d = (uint8_t *)(void *)&rv; ++ uint8_t *s = (uint8_t *)(void *)&sv; ++ uint8_t *d = (uint8_t *)(void *)&rv; + d[0] = s[1]; + d[1] = s[0]; + return rv; +@@ -89,12 +93,12 @@ static union { + /* + * swap an int + */ +-uint32_t +-cdf_tole4(uint32_t sv) ++static uint32_t ++_cdf_tole4(uint32_t sv) + { + uint32_t rv; +- uint8_t *s = (uint8_t *)(void *)&sv; +- uint8_t *d = (uint8_t *)(void *)&rv; ++ uint8_t *s = (uint8_t *)(void *)&sv; ++ uint8_t *d = (uint8_t *)(void *)&rv; + d[0] = s[3]; + d[1] = s[2]; + d[2] = s[1]; +@@ -105,12 +109,12 @@ static union { + /* + * swap a quad + */ +-uint64_t +-cdf_tole8(uint64_t sv) ++static uint64_t ++_cdf_tole8(uint64_t sv) + { + uint64_t rv; +- uint8_t *s = (uint8_t *)(void *)&sv; +- uint8_t *d = (uint8_t *)(void *)&rv; ++ uint8_t *s = (uint8_t *)(void *)&sv; ++ uint8_t *d = (uint8_t *)(void *)&rv; + d[0] = s[7]; + d[1] = s[6]; + d[2] = s[5]; +@@ -122,11 +126,41 @@ static union { + return rv; + } + ++/* *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Wed Jun 25 00:14:58 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7B0F6307; Wed, 25 Jun 2014 00:14:58 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5BD952F90; Wed, 25 Jun 2014 00:14:58 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5P0EwYU040823; Wed, 25 Jun 2014 00:14:58 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5P0EwpG040821; Wed, 25 Jun 2014 00:14:58 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406250014.s5P0EwpG040821@svn.freebsd.org> From: Glen Barber Date: Wed, 25 Jun 2014 00:14:58 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45119 - in head/en_US.ISO8859-1/htdocs/releases: 10.0R 9.2R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Jun 2014 00:14:58 -0000 Author: gjb Date: Wed Jun 25 00:14:57 2014 New Revision: 45119 URL: http://svnweb.freebsd.org/changeset/doc/45119 Log: Regen after r267846 Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html head/en_US.ISO8859-1/htdocs/releases/9.2R/errata.html Modified: head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html Tue Jun 24 19:29:17 2014 (r45118) +++ head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html Wed Jun 25 00:14:57 2014 (r45119) @@ -1,5 +1,5 @@ -FreeBSD 10.0-RELEASE Errata

    FreeBSD 10.0-RELEASE Errata

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation Project

    FreeBSD is a registered trademark of +FreeBSD 10.0-RELEASE Errata

    FreeBSD 10.0-RELEASE Errata

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation Project

    FreeBSD is a registered trademark of the FreeBSD Foundation.

    Intel, Celeron, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United @@ -12,7 +12,7 @@ as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the or the - symbol.

    Last modified on 2014-06-20 by gjb.
    Abstract

    This document lists errata items for FreeBSD 10.0-RELEASE, + symbol.

    Last modified on 2014-06-25 by gjb.
    Abstract

    This document lists errata items for FreeBSD 10.0-RELEASE, containing significant information discovered after the release or too late in the release cycle to be otherwise included in the release documentation. @@ -44,7 +44,8 @@ vulnerability

    SA-14:10.openssl15May2014

    Fix OpenSSL NULL pointer deference vulnerability

    SA-14:11.sendmail3June2014

    Fix sendmail improper close-on-exec flag handling

    SA-14:13.pam3June2014

    Fix incorrect error handling in PAM policy - parser

    SA-14:14.openssl5June2014

    Multiple vulnerabilities

    3.Open Issues

    • FreeBSD/i386 10.0-RELEASE running as a guest + parser

      SA-14:14.openssl5June2014

      Multiple vulnerabilities

      SA-14:15.iconv24June2014

      NULL pointer dereference and out-of-bounds + array access

      SA-14:16.file24June2014

      Multiple vulnerabilities

    3.Open Issues

    • FreeBSD/i386 10.0-RELEASE running as a guest operating system on VirtualBox can have a problem with disk I/O access. It depends on some specific hardware configuration and does not depend on a Modified: head/en_US.ISO8859-1/htdocs/releases/9.2R/errata.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.2R/errata.html Tue Jun 24 19:29:17 2014 (r45118) +++ head/en_US.ISO8859-1/htdocs/releases/9.2R/errata.html Wed Jun 25 00:14:57 2014 (r45119) @@ -14,7 +14,7 @@ as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the or the - symbol.

    Last modified on 2014-06-20 by gjb.
    Abstract

    This document lists errata items for FreeBSD 9.2-RELEASE, + symbol.

    Last modified on 2014-06-25 by gjb.
    Abstract

    This document lists errata items for FreeBSD 9.2-RELEASE, containing significant information discovered after the release or too late in the release cycle to be otherwise included in the release documentation. @@ -45,7 +45,7 @@ Attack

    SA-14:08.tcp30April2014

    Fix TCP reassembly vulnerability

    SA-14:11.sendmail3June2014

    Fix sendmail improper close-on-exec flag handling

    SA-14:12.ktrace3June2014

    Fix ktrace memory disclosure

    SA-14:13.pam3June2014

    Fix incorrect error handling in PAM policy - parser

    SA-14:14.openssl5June2014

    Multiple vulnerabilities

    3.Late-Breaking News

    No late-breaking news.

    This file, and other release-related documents, + parser

    SA-14:14.openssl5June2014

    Multiple vulnerabilities

    SA-14:16.file24June2014

    Multiple vulnerabilities

    3.Late-Breaking News

    No late-breaking news.

    This file, and other release-related documents, can be downloaded from http://www.FreeBSD.org/releases/.

    For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.

    All users of FreeBSD 9.3-STABLE should From owner-svn-doc-all@FreeBSD.ORG Wed Jun 25 00:34:43 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EA32C73E; Wed, 25 Jun 2014 00:34:43 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D19602140; Wed, 25 Jun 2014 00:34:43 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5P0YhNF050029; Wed, 25 Jun 2014 00:34:43 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5P0Yhx0050028; Wed, 25 Jun 2014 00:34:43 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406250034.s5P0Yhx0050028@svn.freebsd.org> From: Glen Barber Date: Wed, 25 Jun 2014 00:34:43 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45120 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Jun 2014 00:34:44 -0000 Author: gjb Date: Wed Jun 25 00:34:43 2014 New Revision: 45120 URL: http://svnweb.freebsd.org/changeset/doc/45120 Log: Regen after r267848. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Wed Jun 25 00:14:57 2014 (r45119) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Wed Jun 25 00:34:43 2014 (r45120) @@ -1,5 +1,5 @@ -FreeBSD 9.3-RELEASE Release Notes

    FreeBSD 9.3-RELEASE Release Notes

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation +FreeBSD 9.3-RELEASE Release Notes

    FreeBSD 9.3-RELEASE Release Notes

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation Project

    FreeBSD is a registered trademark of the FreeBSD Foundation.

    IBM, AIX, OS/2, PowerPC, PS/2, S/390, and ThinkPad are @@ -18,7 +18,7 @@ as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the or the - symbol.

    Last modified on 2014-06-21 by gjb.
    Abstract

    The release notes for FreeBSD 9.3-RELEASE contain + symbol.

    Last modified on 2014-06-25 by gjb.
    Abstract

    The release notes for FreeBSD 9.3-RELEASE contain a summary of the changes made to the FreeBSD base system on the 9.3-STABLE development line. This document lists applicable security advisories that were issued since the last @@ -55,7 +55,7 @@ vulnerability

    FreeBSD-SA-14:05.nfsserver8April2014

    Deadlock in the NFS server

    FreeBSD-SA-14:06.openssl8April2014

    ECDSA side channel leak

    FreeBSD-SA-14:08.tcp30April2014

    TCP reassembly vulnerability

    FreeBSD-SA-14:11.sendmail26May2014

    Sendmail improper close-on-exec flag handling

    FreeBSD-SA-14:12.ktrace3June2014

    ktrace(1) kernel memory disclosure

    FreeBSD-SA-14:13.pam3June2014

    Incorrect error handling in PAM policy - parser

    FreeBSD-SA-14:14.openssl5June2014

    Multiple vulnerabilities

    2.2.Kernel Changes

    The arcmsr(4) driver has been + parser

    FreeBSD-SA-14:14.openssl5June2014

    Multiple vulnerabilities

    SA-14:16.file24June2014

    Multiple vulnerabilities

    2.2.Kernel Changes

    The arcmsr (4) driver has been updated to version 1.20.00.28. [r256033]

    The isci(4) driver is now loadable via kldload(8). [r256437] (Sponsored by @@ -329,7 +329,7 @@ been updated to support multiple byte orders. Similar to cap_mkdb(1), the services.db will be created with proper endinanness as part of - cross-architecture release builds. [r263028]

    3.Upgrading from Previous Releases of FreeBSD

    3.1.Upgrading Using freebsd-update(8) or a Source-Based + cross-architecture release builds. [r263028]

    3.Upgrading from Previous Releases of FreeBSD

    3.1.Upgrading Using freebsd-update(8) or a Source-Based Procedure

    [amd64,i386] Binary upgrades between RELEASE versions (and snapshots of the various security branches) are supported using the freebsd-update(8) utility. The binary upgrade @@ -343,7 +343,7 @@ /usr/src/UPDATING.

    For more specific information about upgrading instructions, see http://www.FreeBSD.org/releases/9.3R/installation.html.

    Important:

    Upgrading FreeBSD should only be attempted after backing up all data and - configuration files.

    3.2.User-Visible + configuration files.

    3.2.User-Visible Incompatibilities

    FreeBSD9.0 and later versions have several configuration incompatibilities with earlier versions of FreeBSD. These differences are best understood before upgrading. From owner-svn-doc-all@FreeBSD.ORG Wed Jun 25 13:45:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4AD28DE4; Wed, 25 Jun 2014 13:45:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2B7C429A5; Wed, 25 Jun 2014 13:45:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5PDjubm030001; Wed, 25 Jun 2014 13:45:56 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5PDjuJs030000; Wed, 25 Jun 2014 13:45:56 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406251345.s5PDjuJs030000@svn.freebsd.org> From: Warren Block Date: Wed, 25 Jun 2014 13:45:56 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45121 - head/en_US.ISO8859-1/books/fdp-primer/editor-config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Jun 2014 13:45:56 -0000 Author: wblock Date: Wed Jun 25 13:45:55 2014 New Revision: 45121 URL: http://svnweb.freebsd.org/changeset/doc/45121 Log: Update the vim editor config section, adding gjb's .vimrc. Also add a a post-processing step to avoid an embedded literal tab, and a short note on usage. PR: 191137 Submitted by: venture37@geeklan.co.uk Modified: head/en_US.ISO8859-1/books/fdp-primer/editor-config/chapter.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/editor-config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/editor-config/chapter.xml Wed Jun 25 00:34:43 2014 (r45120) +++ head/en_US.ISO8859-1/books/fdp-primer/editor-config/chapter.xml Wed Jun 25 13:45:55 2014 (r45121) @@ -40,18 +40,63 @@ Install from editors/vim or editors/vim-lite. + + Configuration + Edit ~/.vimrc, adding these lines: - augroup sgmledit - autocmd FileType sgml set formatoptions=cq2l " Special formatting options - autocmd FileType sgml set textwidth=70 " Wrap lines at 70 columns - autocmd FileType sgml set shiftwidth=2 " Automatically indent - autocmd FileType sgml set softtabstop=2 " Tab key indents 2 spaces - autocmd FileType sgml set tabstop=8 " Replace 8 spaces with a tab - autocmd FileType sgml set autoindent " Automatic indentation -augroup END + if has("autocmd") + au BufNewFile,BufRead *.sgml,*.ent,*.xsl,*.xml call Set_SGML() + au BufNewFile,BufRead *.[1-9] call ShowSpecial() +endif " has(autocmd) + +function Set_Highlights() + "match ExtraWhitespace /^\s* \s*\|\s\+$/ + highlight OverLength ctermbg=red ctermfg=white guibg=#592929 + match OverLength /\%71v.\+/ + return 0 +endfunction + +function ShowSpecial() + setlocal list listchars=tab:>>,trail:*,eol:$ + hi nontext ctermfg=red + return 0 +endfunction " ShowSpecial() + +function Set_SGML() + setlocal number + syn match sgmlSpecial "&[^;]*;" + setlocal syntax=sgml + setlocal filetype=xml + setlocal shiftwidth=2 + setlocal textwidth=70 + setlocal tabstop=8 + setlocal softtabstop=2 + setlocal formatprg="fmt -p" + setlocal autoindent + setlocal smartindent + " Rewrap paragraphs + :map P gqj + " Replace spaces with tabs + :map T :s/ /TAB/<CR> + call ShowSpecial() + call Set_Highlights() + return 0 +endfunction " Set_SGML() + Process the file to create embedded tabs: + + &prompt.user; perl -i'' -pe 's/TAB/\t/g' ~/.vimrc + + + + Use + + Press P to reformat paragraphs. Press + T to replace groups of eight spaces with a + tab. + From owner-svn-doc-all@FreeBSD.ORG Wed Jun 25 13:47:41 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 07D93D4; Wed, 25 Jun 2014 13:47:41 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E806C29C8; Wed, 25 Jun 2014 13:47:40 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5PDle6P030294; Wed, 25 Jun 2014 13:47:40 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5PDleN2030293; Wed, 25 Jun 2014 13:47:40 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406251347.s5PDleN2030293@svn.freebsd.org> From: Warren Block Date: Wed, 25 Jun 2014 13:47:40 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45122 - head/en_US.ISO8859-1/books/fdp-primer/editor-config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Jun 2014 13:47:41 -0000 Author: wblock Date: Wed Jun 25 13:47:40 2014 New Revision: 45122 URL: http://svnweb.freebsd.org/changeset/doc/45122 Log: Whitespace-only fixes, translators please ignore. Modified: head/en_US.ISO8859-1/books/fdp-primer/editor-config/chapter.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/editor-config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/editor-config/chapter.xml Wed Jun 25 13:45:55 2014 (r45121) +++ head/en_US.ISO8859-1/books/fdp-primer/editor-config/chapter.xml Wed Jun 25 13:47:40 2014 (r45122) @@ -27,7 +27,10 @@ $FreeBSD$ --> - + + Editor Configuration Adjusting text editor configuration can make working on @@ -43,10 +46,10 @@ Configuration - Edit ~/.vimrc, adding these - lines: + Edit ~/.vimrc, adding these + lines: - if has("autocmd") + if has("autocmd") au BufNewFile,BufRead *.sgml,*.ent,*.xsl,*.xml call Set_SGML() au BufNewFile,BufRead *.[1-9] call ShowSpecial() endif " has(autocmd) From owner-svn-doc-all@FreeBSD.ORG Wed Jun 25 14:11:47 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C9EFAB1D; Wed, 25 Jun 2014 14:11:47 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B6FA52C9C; Wed, 25 Jun 2014 14:11:47 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5PEBlkn043964; Wed, 25 Jun 2014 14:11:47 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5PEBlpT043963; Wed, 25 Jun 2014 14:11:47 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201406251411.s5PEBlpT043963@svn.freebsd.org> From: Ryusuke SUZUKI Date: Wed, 25 Jun 2014 14:11:47 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45123 - head/ja_JP.eucJP/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Jun 2014 14:11:47 -0000 Author: ryusuke Date: Wed Jun 25 14:11:47 2014 New Revision: 45123 URL: http://svnweb.freebsd.org/changeset/doc/45123 Log: - Merge the following from the English version: r45093 -> r45107 head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml ============================================================================== --- head/ja_JP.eucJP/share/xml/news.xml Wed Jun 25 13:47:40 2014 (r45122) +++ head/ja_JP.eucJP/share/xml/news.xml Wed Jun 25 14:11:47 2014 (r45123) @@ -23,7 +23,7 @@ would like to work on. *** $FreeBSD$ - Original revision: r45093 + Original revision: r45107 --> @@ -148,6 +148,16 @@

    新コミッタ就任: + Kashyap Desai + (src)

    + + + + + 7 + + +

    新コミッタ就任: Stephen McConnell (src)

     From owner-svn-doc-all@FreeBSD.ORG Wed Jun 25 14:19:47 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6889ED5E; Wed, 25 Jun 2014 14:19:47 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 53D132D12; Wed, 25 Jun 2014 14:19:47 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5PEJlNV045452; Wed, 25 Jun 2014 14:19:47 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5PEJlqK045451; Wed, 25 Jun 2014 14:19:47 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406251419.s5PEJlqK045451@svn.freebsd.org> From: Warren Block Date: Wed, 25 Jun 2014 14:19:47 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45124 - head/en_US.ISO8859-1/books/fdp-primer/examples X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Jun 2014 14:19:47 -0000 Author: wblock Date: Wed Jun 25 14:19:46 2014 New Revision: 45124 URL: http://svnweb.freebsd.org/changeset/doc/45124 Log: Remove obsolete example build instructions. Update book and article examples for DocBook 5 and FreeBSD DTD. Note to translators: there are content whitespace changes in the example programlistings that should be included in translations. Modified: head/en_US.ISO8859-1/books/fdp-primer/examples/appendix.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/examples/appendix.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/examples/appendix.xml Wed Jun 25 14:11:47 2014 (r45123) +++ head/en_US.ISO8859-1/books/fdp-primer/examples/appendix.xml Wed Jun 25 14:19:46 2014 (r45124) @@ -33,45 +33,40 @@ Examples - This appendix contains example XML files - and the commands to convert them from one output format to - another. After installing the Documentation Project tools (see - ), these examples can be used - directly. - These examples are not exhaustive—they do not contain all the elements that might be desirable to use, particularly in a document's front matter. For more examples of DocBook markup, examine the XML source for this and other - documents available in the svn + documents available in the Subversion doc repository, or available online starting at http://svnweb.FreeBSD.org/doc/. - To avoid confusion, these examples use the standard DocBook - 4.1 DTD rather than the &os; extension. They - also use the stock stylesheets distributed by Norm Walsh, rather - than any customizations made to those stylesheets by the &os; - Documentation Project. This makes them more useful as generic - DocBook examples. - DocBook <tag>book</tag> DocBook <tag>book</tag> - <!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" - "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> + <!DOCTYPE book PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN" + "http://www.FreeBSD.org/XML/share/xml/freebsd50.dtd"> + +book xmlns="http://docbook.org/ns/docbook" + xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" + xml:lang="en" -book lang='en' - bookinfo + info titleAn Example Booktitle author - firstnameYour first namefirstname - surnameYour surnamesurname + personname + firstnameYour first namefirstname + surnameYour surnamesurname + personname + affiliation - addressemailfoo@example.comemailaddress + address + emailfoo@example.comemail + address affiliation author @@ -83,7 +78,7 @@ abstract paraIf your book has an abstract then it should go here.para abstract - bookinfo + info preface titlePrefacetitle @@ -113,18 +108,26 @@ DocBook <tag>article</tag> - <!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" - "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> + <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN" + "http://www.FreeBSD.org/XML/share/xml/freebsd50.dtd"> + +article xmlns="http://docbook.org/ns/docbook" + xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" + xml:lang="en" -article lang='en' - articleinfo + info titleAn Example Articletitle author - firstnameYour first namefirstname - surnameYour surnamesurname + personname + firstnameYour first namefirstname + surnameYour surnamesurname + personname + affiliation - addressemailfoo@example.comemailaddress + address + emailfoo@example.comemail + address affiliation author @@ -136,7 +139,7 @@ abstract paraIf your article has an abstract then it should go here.para abstract - articleinfo + info sect1 titleMy First Sectiontitle @@ -152,223 +155,4 @@ article - - - Producing Formatted Output - - Before using these examples, install the required tools as - shown in . - - - Using <application>Jade</application> - - - Converting DocBook to <acronym>XHTML</acronym> (One - Large File) - - &prompt.user; jade -V nochunks \ - -c /usr/local/share/xml/docbook/dsssl/modular/catalog \ - -c /usr/local/share/xml/docbook/catalog \ - -c /usr/local/share/xml/jade/catalog \ - -d /usr/local/share/xml/docbook/dsssl/modular/html/docbook.dsl \ - -t sgml file.xml > file.html - - - - Specifies the nochunks parameter - to the stylesheets, forcing all output to be written to - the standard output (using Norm Walsh's - stylesheets). - - - - Specifies the catalogs that - Jade will need to process. - Three catalogs are required. The first is a catalog - that contains information about the - DSSSL stylesheets. The second - contains information about the DocBook - DTD. The third contains information - specific to Jade. - - - - Specifies the full path to the - DSSSL stylesheet that - Jade will use when processing - the document. - - - - Instructs Jade to perform - a transformation from one - DTD to another. In this case, the - input is being transformed from the DocBook - DTD to the XHTML - DTD. - - - - Specifies the file that - Jade should process, and - redirects output to the specified - .html file. - - - - - - Converting DocBook to <acronym>XHTML</acronym> (Several - Small Files) - - &prompt.user; jade \ - -c /usr/local/share/xml/docbook/dsssl/modular/catalog \ - -c /usr/local/share/xml/docbook/catalog \ - -c /usr/local/share/xml/jade/catalog \ - -d /usr/local/share/xml/docbook/dsssl/modular/html/docbook.dsl \ - -t sgml file.xml - - - - Specifies the catalogs that - Jade will need to process. - Three catalogs are required. The first is a catalog - that contains information about the - DSSSL stylesheets. The second - contains information about the DocBook - DTD. The third contains information - specific to Jade. - - - - Specifies the full path to the - DSSSL stylesheet that - Jade will use when processing - the document. - - - - Instructs Jade to perform - a transformation from one - DTD to another. In this case, the - input is being transformed from the DocBook - DTD to the XHTML - DTD. - - - - Specifies the file that - Jade should process. The - stylesheets determine how the individual - XHTML files will be named, and the - name of the root file, the one that - contains the start of the document. - - - - This example may still only generate one - XHTML file, depending on the structure of - the document you are processing, and the stylesheet's rules - for splitting output. - - - - Converting DocBook to &postscript; - - The source XML file must be converted - to a &tex; file. - - &prompt.user; jade -V tex-backend \ - -c /usr/local/share/xml/docbook/dsssl/modular/catalog \ - -c /usr/local/share/xml/docbook/catalog \ - -c /usr/local/share/xml/jade/catalog \ - -d /usr/local/share/xml/docbook/dsssl/modular/print/docbook.dsl \ - -t tex file.xml - - - - Customizes the stylesheets to use various options - specific to producing output for &tex;. - - - - Specifies the catalogs that - Jade will need to process. - Three catalogs are required. The first is a catalog - that contains information about the - DSSSL stylesheets. The second - contains information about the DocBook - DTD. The third contains information - specific to Jade. - - - - Specifies the full path to the - DSSSL stylesheet that - Jade will use when processing - the document. - - - - Instructs Jade to convert - the output to &tex;. - - - - The generated .tex file must now be - run through tex, specifying the - &jadetex macro package. - - &prompt.user; tex "&jadetex" file.tex - - tex commands must be run - at least three times. The first run - processes the document, and determines areas of the document - which are referenced from other parts of the document, for - use in indexing, and so on. - - Do not be alarmed if you see warning messages such as - LaTeX Warning: Reference `136' on page 5 - undefined on input line 728. at this - point. - - The second run reprocesses the document now that certain - pieces of information are known (such as the document's page - length). This allows index entries and other - cross-references to be fixed up. - - The third pass performs any final cleanup - necessary. - - The output from this stage will be - file.dvi. - - Finally, run dvips to convert the - .dvi file to &postscript;. - - &prompt.user; dvips -o file.ps file.dvi - - - - Converting DocBook to <acronym>PDF</acronym> - - The first part of this process is identical to that of - converting DocBook to &postscript;, using the same - jade command line (). - - After the .tex file has been - generated, run pdfTeX. - However, use the &pdfjadetex macro - package instead. - - &prompt.user; pdftex "&pdfjadetex" file.tex - - Again, run this command three times. - - This will generate - file.pdf, - which does not need to be processed any further. - - - From owner-svn-doc-all@FreeBSD.ORG Wed Jun 25 14:21:20 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F31B4ED9; Wed, 25 Jun 2014 14:21:19 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DF7CB2D9A; Wed, 25 Jun 2014 14:21:19 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5PELJcV048357; Wed, 25 Jun 2014 14:21:19 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5PELJXM048356; Wed, 25 Jun 2014 14:21:19 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406251421.s5PELJXM048356@svn.freebsd.org> From: Warren Block Date: Wed, 25 Jun 2014 14:21:19 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45125 - head/en_US.ISO8859-1/books/fdp-primer/examples X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Jun 2014 14:21:20 -0000 Author: wblock Date: Wed Jun 25 14:21:19 2014 New Revision: 45125 URL: http://svnweb.freebsd.org/changeset/doc/45125 Log: Whitespace-only fixes, translators please ignore. Modified: head/en_US.ISO8859-1/books/fdp-primer/examples/appendix.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/examples/appendix.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/examples/appendix.xml Wed Jun 25 14:19:46 2014 (r45124) +++ head/en_US.ISO8859-1/books/fdp-primer/examples/appendix.xml Wed Jun 25 14:21:19 2014 (r45125) @@ -30,7 +30,10 @@ $FreeBSD$ --> - + + Examples These examples are not exhaustive—they do not contain @@ -39,7 +42,8 @@ examine the XML source for this and other documents available in the Subversion doc repository, or available online starting at - http://svnweb.FreeBSD.org/doc/. + http://svnweb.FreeBSD.org/doc/. DocBook <tag>book</tag> From owner-svn-doc-all@FreeBSD.ORG Wed Jun 25 15:10:39 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7CBF41B4; Wed, 25 Jun 2014 15:10:39 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5D8FC2290; Wed, 25 Jun 2014 15:10:39 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5PFAdle069956; Wed, 25 Jun 2014 15:10:39 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5PFAdE7069955; Wed, 25 Jun 2014 15:10:39 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406251510.s5PFAdE7069955@svn.freebsd.org> From: Warren Block Date: Wed, 25 Jun 2014 15:10:39 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45126 - head/en_US.ISO8859-1/books/fdp-primer/docbook-markup X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Jun 2014 15:10:39 -0000 Author: wblock Date: Wed Jun 25 15:10:38 2014 New Revision: 45126 URL: http://svnweb.freebsd.org/changeset/doc/45126 Log: Correct and expand DocBook examples, fix some that have embarrassing errors and some that do exactly what the guidelines say to avoid. Modified: head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Wed Jun 25 14:21:19 2014 (r45125) +++ head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Wed Jun 25 15:10:38 2014 (r45126) @@ -63,7 +63,7 @@ The DocBook DTD is available from the Ports Collection in the - textproc/docbook-xml-450 + textproc/docbook-xml port. It is automatically installed as part of the textproc/docproj port. @@ -418,10 +418,9 @@ The &os; tutorials are all marked up as articles, while this document, the FreeBSD FAQ, + xlink:href="&url.books.faq;/index.html">FAQ, and the FreeBSD - Handbook are all marked up as books, for + xlink:href="&url.books.handbook;/index.html">Handbook are all marked up as books, for example. @@ -435,24 +434,29 @@ content used to produce a title page. This additional information is contained within - bookinfo. + info. Boilerplate <tag>book</tag> with - <tag>bookinfo</tag> + info book - bookinfo + info titleYour Title Heretitle author - firstnameYour first namefirstname - surnameYour surnamesurname + personname + firstnameYour first namefirstname + surnameYour surnamesurname + personname + affiliation - addressemailYour email addressemailaddress + address + emailYour email addressemail + address affiliation author @@ -466,7 +470,7 @@ abstract paraInclude an abstract of the book's contents here.para abstract - bookinfo + info … @@ -485,24 +489,29 @@ additional content used to produce a title page. This additional information is contained within - articleinfo. + info. Boilerplate <tag>article</tag> with - <tag>articleinfo</tag> + info article - articleinfo + info titleYour title heretitle author - firstnameYour first namefirstname - surnameYour surnamesurname + personname + firstnameYour first namefirstname + surnameYour surnamesurname + personname + affiliation - addressemailYour email addressemailaddress + address + emailYour email addressemailaddress + address affiliation author @@ -516,7 +525,7 @@ abstract paraInclude an abstract of the article's contents here.para abstract - articleinfo + info … @@ -762,63 +771,71 @@ - Tips, Notes, Warnings, Cautions, Important Information - and Sidebars + Tips, Notes, Warnings, Cautions, and Important + Information Extra information may need to be separated from the main body of the text. Typically this is meta information of which the user should be aware. - Depending on the nature of the information, one of + Several types of admonitions are available: tip, note, warning, caution, and - important should be used. Alternatively, - if the information is related to the main text but is not - one of the above, use sidebar. - - The circumstances in which to choose one of these - elements over another is loosely defined by the DocBook - documentation, which suggests: + important. + + Which admonition to choose depends on the situation. + The DocBook + documentation suggests: - A Note is for information that should be heeded by + Note is for information that should be heeded by all readers. - An Important element is a variation on Note. + Important is a variation on Note. - A Caution is for information regarding possible data + Caution is for information regarding possible data loss or software damage. - A Warning is for information regarding possible + Warning is for information regarding possible hardware damage or injury to life or limb. - <tag>warning</tag> + <tag>tip</tag> and <tag>important</tag> Usage: - warning - paraInstalling &os; may make you want to delete Windows from your - hard disk.para -warning + tip + para&os; may reduce stress.para +tip + +important + paraPlease use admonitions sparingly. Too many admonitions + are visually jarring and can have the opposite of the + intended effect.para +important Appearance: - - Installing FreeBSD may make you want to delete Windows - from your hard disk. - + + &os; may reduce stress. + + + + Please use admonitions sparingly. Too many admonitions + are visually jarring and can have the opposite of the + intended effect. + @@ -830,10 +847,8 @@ To do this, use itemizedlist, orderedlist, variablelist, or - procedureThere are other - types of list element in DocBook, but we are not - concerned with those at the - moment.. + procedure. There are other types of list + elements in DocBook, but we will not cover them here. itemizedlist and orderedlist are similar to their @@ -1380,7 +1395,7 @@ This is the file called 'foo2' Appearance: - FreeBSD is without doubt the + &os; is without doubt the premiere &unix;-like operating system for the Intel architecture. @@ -1558,9 +1573,9 @@ This is the file called 'foo2' ]> - Use command when to include a command + Use command to include a command name in-line but present it as something the - user should type in. + user should type. Use option to mark up the options which will be passed to a command. From owner-svn-doc-all@FreeBSD.ORG Wed Jun 25 18:28:19 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 45213486; Wed, 25 Jun 2014 18:28:19 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 31FA72611; Wed, 25 Jun 2014 18:28:19 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5PISI5W062713; Wed, 25 Jun 2014 18:28:18 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5PISIsW062712; Wed, 25 Jun 2014 18:28:18 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406251828.s5PISIsW062712@svn.freebsd.org> From: Warren Block Date: Wed, 25 Jun 2014 18:28:18 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45127 - head/en_US.ISO8859-1/books/handbook/bsdinstall X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Jun 2014 18:28:19 -0000 Author: wblock Date: Wed Jun 25 18:28:18 2014 New Revision: 45127 URL: http://svnweb.freebsd.org/changeset/doc/45127 Log: Remove dash from example partition label and clarify wording. A dash can be used in a partition label, but not in a UFS label. Even though users are told not to use identical labels, we can remove one source of potential confusion by sticking to the lowest common denominator. Submitted by: taras on IRC Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Wed Jun 25 15:10:38 2014 (r45126) +++ head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml Wed Jun 25 18:28:18 2014 (r45127) @@ -1492,11 +1492,11 @@ Ethernet address 0:3:ba:b:92:d4, Host ID /dev/. - Use a unique label on every file system to avoid + Use a unique label on every partition to avoid conflicts from identical labels. A few letters from the computer's name, use, or location can be added to the label. For instance, use labroot or - rootfs-lab for the UFS + rootfslab for the UFS root partition on the computer named lab. From owner-svn-doc-all@FreeBSD.ORG Wed Jun 25 21:23:32 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B9E4AF9F; Wed, 25 Jun 2014 21:23:32 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A76FD2723; Wed, 25 Jun 2014 21:23:32 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5PLNWRk048951; Wed, 25 Jun 2014 21:23:32 GMT (envelope-from allanjude@svn.freebsd.org) Received: (from allanjude@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5PLNWHM048950; Wed, 25 Jun 2014 21:23:32 GMT (envelope-from allanjude@svn.freebsd.org) Message-Id: <201406252123.s5PLNWHM048950@svn.freebsd.org> From: Allan Jude Date: Wed, 25 Jun 2014 21:23:32 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45128 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Jun 2014 21:23:32 -0000 Author: allanjude Date: Wed Jun 25 21:23:32 2014 New Revision: 45128 URL: http://svnweb.freebsd.org/changeset/doc/45128 Log: Add xmj@'s consultancy Perceivon to the commercial Vendors section PR: 191295 Submitted by: xmj (modified) Approved by: bcr Modified: head/share/xml/commercial.consult.xml Modified: head/share/xml/commercial.consult.xml ============================================================================== --- head/share/xml/commercial.consult.xml Wed Jun 25 18:28:18 2014 (r45127) +++ head/share/xml/commercial.consult.xml Wed Jun 25 21:23:32 2014 (r45128) @@ -1059,6 +1059,22 @@ + + Perceivon O + http://www.perceivon.net + + Perceivon O is an Estonian FreeBSD consulting firm with focus + on evaluation, implementation, and enhancement of complex + systems powered by the FreeBSD operating system. We power + client infrastructure with ZFS, jails, bhyve, and higher-level + technologies including nginx, uwsgi, Django, and postgres. We + proudly encourage our developers to spend up to 20% of their + time on contributing to the FreeBSD operating system. For more + information, please send an email to johannes@perceivon.net. + + + Peter Dufault mailto:dufault@hda.com From owner-svn-doc-all@FreeBSD.ORG Thu Jun 26 10:47:14 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F1AC2C43; Thu, 26 Jun 2014 10:47:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DF15029D5; Thu, 26 Jun 2014 10:47:13 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5QAlDv0016663; Thu, 26 Jun 2014 10:47:13 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5QAlD7C016662; Thu, 26 Jun 2014 10:47:13 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201406261047.s5QAlD7C016662@svn.freebsd.org> From: Gavin Atkinson Date: Thu, 26 Jun 2014 10:47:13 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45129 - head/en_US.ISO8859-1/htdocs/news/2009 X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Jun 2014 10:47:14 -0000 Author: gavin Date: Thu Jun 26 10:47:13 2014 New Revision: 45129 URL: http://svnweb.freebsd.org/changeset/doc/45129 Log: Start building the 2009 press release page. This was previously missing, leading to a broken link at the bottom of http://www.freebsd.org/news/press.html Modified: head/en_US.ISO8859-1/htdocs/news/2009/Makefile Modified: head/en_US.ISO8859-1/htdocs/news/2009/Makefile ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/2009/Makefile Wed Jun 25 21:23:32 2014 (r45128) +++ head/en_US.ISO8859-1/htdocs/news/2009/Makefile Thu Jun 26 10:47:13 2014 (r45129) @@ -10,4 +10,7 @@ XMLDOCS+= index:${XSL_NEWS_NEWSFLASH_OLD}:news.xml: DEPENDSET.index=transtable news +XMLDOCS+= press:${XSL_NEWS_PRESS_OLD}:: +DEPENDSET.press=transtable press + .include "${DOC_PREFIX}/share/mk/web.site.mk" From owner-svn-doc-all@FreeBSD.ORG Fri Jun 27 00:17:54 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CBF447DC; Fri, 27 Jun 2014 00:17:54 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B903A2879; Fri, 27 Jun 2014 00:17:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5R0HsqP004667; Fri, 27 Jun 2014 00:17:54 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5R0HsQB004666; Fri, 27 Jun 2014 00:17:54 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406270017.s5R0HsQB004666@svn.freebsd.org> From: Glen Barber Date: Fri, 27 Jun 2014 00:17:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45130 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jun 2014 00:17:54 -0000 Author: gjb Date: Fri Jun 27 00:17:54 2014 New Revision: 45130 URL: http://svnweb.freebsd.org/changeset/doc/45130 Log: Update the 9.3R schedule to reflect -RC2 builds started on time. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Thu Jun 26 10:47:13 2014 (r45129) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Fri Jun 27 00:17:54 2014 (r45130) @@ -117,7 +117,7 @@ RC2 builds begin 27 June 2014 - - + 27 June 2014 Second release candidate. From owner-svn-doc-all@FreeBSD.ORG Fri Jun 27 05:10:00 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 12D9C9E; Fri, 27 Jun 2014 05:10:00 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 007BA2033; Fri, 27 Jun 2014 05:10:00 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5R59x4Q046650; Fri, 27 Jun 2014 05:09:59 GMT (envelope-from daichi@svn.freebsd.org) Received: (from daichi@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5R59xWT046649; Fri, 27 Jun 2014 05:09:59 GMT (envelope-from daichi@svn.freebsd.org) Message-Id: <201406270509.s5R59xWT046649@svn.freebsd.org> From: Daichi GOTO Date: Fri, 27 Jun 2014 05:09:59 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45132 - head/en_US.ISO8859-1/articles/contributors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jun 2014 05:10:00 -0000 Author: daichi (ports committer) Date: Fri Jun 27 05:09:59 2014 New Revision: 45132 URL: http://svnweb.freebsd.org/changeset/doc/45132 Log: add a new contributor Koichiro IWAO Modified: head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Modified: head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Fri Jun 27 02:59:22 2014 (r45131) +++ head/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Fri Jun 27 05:09:59 2014 (r45132) @@ -5687,6 +5687,11 @@ + Koichiro IWAO + meta@vmeta.jp + + + Konrad Heuer kheuer@gwdu60.gwdg.de From owner-svn-doc-all@FreeBSD.ORG Fri Jun 27 11:36:21 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2310EA4A; Fri, 27 Jun 2014 11:36:21 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0FC4A241C; Fri, 27 Jun 2014 11:36:21 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5RBaK0F028713; Fri, 27 Jun 2014 11:36:20 GMT (envelope-from pluknet@svn.freebsd.org) Received: (from pluknet@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5RBaKXX028712; Fri, 27 Jun 2014 11:36:20 GMT (envelope-from pluknet@svn.freebsd.org) Message-Id: <201406271136.s5RBaKXX028712@svn.freebsd.org> From: Sergey Kandaurov Date: Fri, 27 Jun 2014 11:36:20 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45133 - head/en_US.ISO8859-1/htdocs/releng X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jun 2014 11:36:21 -0000 Author: pluknet Date: Fri Jun 27 11:36:20 2014 New Revision: 45133 URL: http://svnweb.freebsd.org/changeset/doc/45133 Log: o Document the current status of releng/9.3. o The stable/9 branch is open again. Modified: head/en_US.ISO8859-1/htdocs/releng/index.xml Modified: head/en_US.ISO8859-1/htdocs/releng/index.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/releng/index.xml Fri Jun 27 05:09:59 2014 (r45132) +++ head/en_US.ISO8859-1/htdocs/releng/index.xml Fri Jun 27 11:36:20 2014 (r45133) @@ -96,9 +96,16 @@ stable/9 + Open + committers + Development branch for FreeBSD 9-STABLE. + + + + releng/9.3 Frozen &contact.re; - Development branch for FreeBSD 9-STABLE. + FreeBSD 9.3 supported errata fix branch. From owner-svn-doc-all@FreeBSD.ORG Fri Jun 27 19:36:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 635CE9C9; Fri, 27 Jun 2014 19:36:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 50C1E2457; Fri, 27 Jun 2014 19:36:13 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5RJaDsX064758; Fri, 27 Jun 2014 19:36:13 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5RJaCuh064756; Fri, 27 Jun 2014 19:36:12 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406271936.s5RJaCuh064756@svn.freebsd.org> From: Glen Barber Date: Fri, 27 Jun 2014 19:36:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45134 - in head/en_US.ISO8859-1/htdocs: . layout/css X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jun 2014 19:36:13 -0000 Author: gjb Date: Fri Jun 27 19:36:12 2014 New Revision: 45134 URL: http://svnweb.freebsd.org/changeset/doc/45134 Log: Add a link to the FreeBSD Journal. Requested by: anne, deb Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/index.xsl head/en_US.ISO8859-1/htdocs/layout/css/text.css Modified: head/en_US.ISO8859-1/htdocs/index.xsl ============================================================================== --- head/en_US.ISO8859-1/htdocs/index.xsl Fri Jun 27 11:36:20 2014 (r45133) +++ head/en_US.ISO8859-1/htdocs/index.xsl Fri Jun 27 19:36:12 2014 (r45134) @@ -61,6 +61,16 @@ title="Learn More">Learn More
    +
    +
    » + + Get the &os; Journal + +
    +
    Modified: head/en_US.ISO8859-1/htdocs/layout/css/text.css ============================================================================== --- head/en_US.ISO8859-1/htdocs/layout/css/text.css Fri Jun 27 11:36:20 2014 (r45133) +++ head/en_US.ISO8859-1/htdocs/layout/css/text.css Fri Jun 27 19:36:12 2014 (r45134) @@ -95,6 +95,16 @@ h4 { padding-left: 5px; } +#txtfrontjournalblock { + padding-left: 0px; +} + +#txtfrontjournallink { + font-size: 1.2em; + font-weight: bold; + padding-left: 1px; +} + /* Link Styles */ a:link { color:#990000; text-decoration: underline; } From owner-svn-doc-all@FreeBSD.ORG Fri Jun 27 20:36:11 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 79E8D696; Fri, 27 Jun 2014 20:36:11 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6701129EB; Fri, 27 Jun 2014 20:36:11 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5RKaBsg093482; Fri, 27 Jun 2014 20:36:11 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5RKaBYw093481; Fri, 27 Jun 2014 20:36:11 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406272036.s5RKaBYw093481@svn.freebsd.org> From: Glen Barber Date: Fri, 27 Jun 2014 20:36:11 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45135 - head/en_US.ISO8859-1/htdocs/layout/css X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jun 2014 20:36:11 -0000 Author: gjb Date: Fri Jun 27 20:36:10 2014 New Revision: 45135 URL: http://svnweb.freebsd.org/changeset/doc/45135 Log: Increment the layout.css date to try to prevent caching of the old file. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/layout/css/fixed.css Modified: head/en_US.ISO8859-1/htdocs/layout/css/fixed.css ============================================================================== --- head/en_US.ISO8859-1/htdocs/layout/css/fixed.css Fri Jun 27 19:36:12 2014 (r45134) +++ head/en_US.ISO8859-1/htdocs/layout/css/fixed.css Fri Jun 27 20:36:10 2014 (r45135) @@ -12,7 +12,7 @@ */ @import url("global.css"); -@import url("layout.css?20130112"); +@import url("layout.css?20140627"); @import url("text.css"); @import url("navigation.css"); @import url("table.css"); From owner-svn-doc-all@FreeBSD.ORG Sat Jun 28 12:06:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F0F73F66; Sat, 28 Jun 2014 12:06:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DE3F321B5; Sat, 28 Jun 2014 12:06:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5SC6Awt027332; Sat, 28 Jun 2014 12:06:10 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5SC6AVc027331; Sat, 28 Jun 2014 12:06:10 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406281206.s5SC6AVc027331@svn.freebsd.org> From: Glen Barber Date: Sat, 28 Jun 2014 12:06:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45136 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 28 Jun 2014 12:06:11 -0000 Author: gjb Date: Sat Jun 28 12:06:10 2014 New Revision: 45136 URL: http://svnweb.freebsd.org/changeset/doc/45136 Log: Switch 9.3 to RC2. Sponsored by: The FreeBSD Foundation Modified: head/share/xml/release.ent Modified: head/share/xml/release.ent ============================================================================== --- head/share/xml/release.ent Fri Jun 27 20:36:10 2014 (r45135) +++ head/share/xml/release.ent Sat Jun 28 12:06:10 2014 (r45136) @@ -39,7 +39,7 @@ - + @@ -37,6 +37,22 @@ 6 + 28 + + + &os; 9.3-RC2 公開 + +

    &os;-9.3 リリースサイクルから 2 回目のリリース候補が公開されました + (アナウンス)。 + &os; + ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 + および sparc64 アーキテクチャの ISO イメージを入手できます。

    +     +     + + 21 From owner-svn-doc-all@FreeBSD.ORG Sun Jun 29 13:39:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C14CB317; Sun, 29 Jun 2014 13:39:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AE3BB29F4; Sun, 29 Jun 2014 13:39:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5TDdNXG030076; Sun, 29 Jun 2014 13:39:23 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5TDdNfE030075; Sun, 29 Jun 2014 13:39:23 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201406291339.s5TDdNfE030075@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sun, 29 Jun 2014 13:39:23 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45159 - head/ja_JP.eucJP/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Jun 2014 13:39:23 -0000 Author: ryusuke Date: Sun Jun 29 13:39:23 2014 New Revision: 45159 URL: http://svnweb.freebsd.org/changeset/doc/45159 Log: - Merge the following from the English version: r45016 -> r45134 head/ja_JP.eucJP/htdocs/index.xsl Modified: head/ja_JP.eucJP/htdocs/index.xsl Modified: head/ja_JP.eucJP/htdocs/index.xsl ============================================================================== --- head/ja_JP.eucJP/htdocs/index.xsl Sun Jun 29 13:29:38 2014 (r45158) +++ head/ja_JP.eucJP/htdocs/index.xsl Sun Jun 29 13:39:23 2014 (r45159) @@ -5,7 +5,7 @@ ]> - + »詳しくはこちら
    + +
    +
    » + + &os; Journal + を入手 + +
    From owner-svn-doc-all@FreeBSD.ORG Sun Jun 29 14:50:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E4D47CD; Sun, 29 Jun 2014 14:50:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D1E2F2EA3; Sun, 29 Jun 2014 14:50:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5TEoaV0063057; Sun, 29 Jun 2014 14:50:36 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5TEoaCp063056; Sun, 29 Jun 2014 14:50:36 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201406291450.s5TEoaCp063056@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sun, 29 Jun 2014 14:50:36 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45162 - head/ja_JP.eucJP/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Jun 2014 14:50:37 -0000 Author: ryusuke Date: Sun Jun 29 14:50:36 2014 New Revision: 45162 URL: http://svnweb.freebsd.org/changeset/doc/45162 Log: - Merge the following from the English version: r43895 -> r43896 head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Sun Jun 29 14:35:23 2014 (r45161) +++ head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Sun Jun 29 14:50:36 2014 (r45162) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43895 + Original revision: r43896 $FreeBSD$ --> @@ -368,7 +368,8 @@ CTM の更新によって変更されるファイルすべてのバックアップをとるには、 - + オプションを指定してください。 このオプションを使うと、 CTM は、 From owner-svn-doc-all@FreeBSD.ORG Sun Jun 29 17:19:33 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 816E4637; Sun, 29 Jun 2014 17:19:33 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6E37E29B3; Sun, 29 Jun 2014 17:19:33 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5THJX40032640; Sun, 29 Jun 2014 17:19:33 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5THJXXR032639; Sun, 29 Jun 2014 17:19:33 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201406291719.s5THJXXR032639@svn.freebsd.org> From: Eitan Adler Date: Sun, 29 Jun 2014 17:19:33 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45163 - head/en_US.ISO8859-1/articles/contributing X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Jun 2014 17:19:33 -0000 Author: eadler Date: Sun Jun 29 17:19:32 2014 New Revision: 45163 URL: http://svnweb.freebsd.org/changeset/doc/45163 Log: This section should be replaced by a pointer to an official statement by core. Requested by: imp Modified: head/en_US.ISO8859-1/articles/contributing/article.xml Modified: head/en_US.ISO8859-1/articles/contributing/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributing/article.xml Sun Jun 29 14:50:36 2014 (r45162) +++ head/en_US.ISO8859-1/articles/contributing/article.xml Sun Jun 29 17:19:32 2014 (r45163) @@ -411,6 +411,30 @@ by commercial interests who might eventually be inclined to invest something of their own into FreeBSD. + + + + + GPL + GNU General Public License + + + + GNU General Public License + + The GNU General Public License, or GPL. + This license is not quite as popular with us due to the + amount of extra effort demanded of anyone using the code + for commercial purposes, but given the sheer quantity of + GPL'd code we currently require (compiler, assembler, text + formatter, etc) it would be silly to refuse additional + contributions under this license. Code under the GPL also + goes into a different part of the tree, that being + /sys/gnu or + /usr/src/gnu, and + is therefore easily identifiable to anyone for whom the + GPL presents a problem. + Contributions coming under any other type of copyright From owner-svn-doc-all@FreeBSD.ORG Sun Jun 29 13:53:15 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1E5384F8; Sun, 29 Jun 2014 13:53:15 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E41BE2B0D; Sun, 29 Jun 2014 13:53:14 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5TDrEtG038204; Sun, 29 Jun 2014 13:53:14 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5TDrEkl038203; Sun, 29 Jun 2014 13:53:14 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201406291353.s5TDrEkl038203@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sun, 29 Jun 2014 13:53:14 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45160 - head/ja_JP.eucJP/articles/contributing X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Sun, 29 Jun 2014 19:53:54 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Jun 2014 13:53:15 -0000 Author: ryusuke Date: Sun Jun 29 13:53:14 2014 New Revision: 45160 URL: http://svnweb.freebsd.org/changeset/doc/45160 Log: - Merge the following from the English version: r42442 -> r45153 head/ja_JP.eucJP/articles/contributing/article.xml Modified: head/ja_JP.eucJP/articles/contributing/article.xml Modified: head/ja_JP.eucJP/articles/contributing/article.xml ============================================================================== --- head/ja_JP.eucJP/articles/contributing/article.xml Sun Jun 29 13:39:23 2014 (r45159) +++ head/ja_JP.eucJP/articles/contributing/article.xml Sun Jun 29 13:53:14 2014 (r45160) @@ -5,7 +5,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r42442 + Original revision: r45153 $FreeBSD$ -->
    @@ -256,8 +256,8 @@ ハンドブックを参照してください。 バグを発見したり変更を送付しようとしている場合は - &man.send-pr.1; プログラムか ウェブベースの - send-pr を使用して報告してください。 + &man.send-pr.1; プログラムか + ウェブベースの環境 を使用して報告してください。 バグレポートの各項目を埋めるようにしてください。65KB を超えるのでなければ、 レポート中に直接パッチを入れてくださって結構です。 @@ -416,31 +416,6 @@ FreeBSD へ投資する気になった商業関係者による参加を積極的に奨励します。 - - - - - GPL - GNU General Public License - - - - GNU General Public License - - - GNU一般公有使用許諾、または GPL。 - このライセンスはコードを商用目的に使用する場合に余分な努力が求められるため、 - 私たちにあまり評判が良いというわけではありません。しかし、 - 私たちは既に GPL 下の高品質なコード - (コンパイラ、アセンブラ、テキストフォーマッタ等) - の提供を受けており、私たちは現在それを必要としています。そのため、 - このライセンスによる新たな貢献を拒絶するというのは愚かなことでしょう。GPL - 下のコードはソースツリーの別の部分、現在のところ - /sys/gnu か - /usr/src/gnu に入っています。 - そのため、GPL が問題となるような人は、 - 誰でも簡単にそれとわかるようになっています。 - これ以外のタイプの著作権による寄贈は、FreeBSD From owner-svn-doc-all@FreeBSD.ORG Sun Jun 29 14:35:24 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 51AAFE2E; Sun, 29 Jun 2014 14:35:24 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3E7BF2DE6; Sun, 29 Jun 2014 14:35:24 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5TEZO5u057383; Sun, 29 Jun 2014 14:35:24 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5TEZOWX057382; Sun, 29 Jun 2014 14:35:24 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201406291435.s5TEZOWX057382@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sun, 29 Jun 2014 14:35:24 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45161 - head/ja_JP.eucJP/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Sun, 29 Jun 2014 19:54:06 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Jun 2014 14:35:24 -0000 Author: ryusuke Date: Sun Jun 29 14:35:23 2014 New Revision: 45161 URL: http://svnweb.freebsd.org/changeset/doc/45161 Log: - Merge the following from the English version: r43890 -> r43895 head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Sun Jun 29 13:53:14 2014 (r45160) +++ head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Sun Jun 29 14:35:23 2014 (r45161) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43890 + Original revision: r43895 $FreeBSD$ --> @@ -136,7 +136,7 @@ リモートのディレクトリツリーを中央のツリーに同期させるための手段です。 &os; システムに組み込まれており、&os; のソースリポジトリとの同期に使うことができます。 - リポジトリ全体の同期や特定のブランチの同期に用いることができます。 + リポジトリ全体の同期や特定のブランチセットの同期に用いることができます。 CTM は、 特にお粗末な TCP/IP 接続しか持っていなかったり、 @@ -173,7 +173,7 @@ のデルタは以下のミラーサイトから入手できます。 もし anonymous FTP を使って CTM のデルタを手にいれる場合は、 - 近くのミラーを利用するようにしてください。 + 地理的に近くにあるミラーサイトを利用するようにしてください。 何か問題がある場合は、&a.ctm-users.name; メーリングリストに相談してください。 @@ -235,7 +235,7 @@ から、ctm-src 配布メーリングリストのいずれかに参加してください。 たとえば &a.ctm-src-cur.name; - は開発先端ブランチに対応しています。&a.ctm-src-9.name; + は head 開発ブランチに対応しています。&a.ctm-src-9.name; は 9.X リリースのブランチに対応したものです メールで CTM @@ -254,7 +254,7 @@ メーリングリストを購読するようにしてください。 このメーリングリストは、 CTM - システムの操作に関するアナウンスが投稿される唯一の場所です。 + に関するアナウンスが投稿される唯一の場所です。 @@ -294,14 +294,13 @@ 一度に適用されるデルタは一つで、 一度適用されたデルタは無視されるので、 - 複数のデルタを一度に適用することができます。 + 複数のデルタを一つのコマンドで適用することができます。 CTM - はどれが gzip - されているか理解しているので、 + は gzip で圧縮されているデルタを理解するので、 ディスクの節約にもなります。 デルタを適用せずに確認だけを行うには、 - フラグを使ってください。 + コマンドラインに フラグを加えてください。 CTM はローカルのツリーに対して実際には何も行ないません。 デルタの完全性を確認し、 @@ -317,7 +316,7 @@ デルタを適用後、 もしデルタを再ダウンロードするのが骨の折れる作業であれば、 デルタを消さないでおいてください。 - このようにすると、何かおかしなことが起こった場合でも、 + このようにすると、将来のディザスタリカバリで必要になった場合に、 ローカルにあるコピーを利用できます。 @@ -369,7 +368,8 @@ CTM の更新によって変更されるファイルすべてのバックアップをとるには、 - オプションを指定してください。 + + オプションを指定してください。 このオプションを使うと、 CTM は、 デルタで変更されるファイルすべてを From owner-svn-doc-all@FreeBSD.ORG Sun Jun 29 20:13:24 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5BA44E9B; Sun, 29 Jun 2014 20:13:24 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 48EEF2608; Sun, 29 Jun 2014 20:13:24 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5TKDOrW013866; Sun, 29 Jun 2014 20:13:24 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5TKDO4B013865; Sun, 29 Jun 2014 20:13:24 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201406292013.s5TKDO4B013865@svn.freebsd.org> From: Gavin Atkinson Date: Sun, 29 Jun 2014 20:13:24 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45164 - head/en_US.ISO8859-1/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Jun 2014 20:13:24 -0000 Author: gavin Date: Sun Jun 29 20:13:23 2014 New Revision: 45164 URL: http://svnweb.freebsd.org/changeset/doc/45164 Log: Introduce a new read-only Subversion mirror, generously hosted by Yandex in Moscow. To switch an existing checkout from one mirror to another, something like the following command can be used: svn relocate https://svn0.eu.freebsd.org/ https://svn0.ru.freebsd.org/ Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Sun Jun 29 17:19:32 2014 (r45163) +++ head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Sun Jun 29 20:13:23 2014 (r45164) @@ -700,6 +700,22 @@ Comment out for now until these can be v SHA1 39:B0:53:35:CE:60:C7:BB:00:54:96:96:71:10:94:BB:CE:1C:07:A7 + + + svn0.ru.FreeBSD.org + + svn, http, + https, + rsync + + Moscow, Russia + + SHA1 + F6:44:AA:B9:03:89:0E:3E:8C:4D:4D:14:F0:27:E6:C7:C1:8B:17:C5 + From owner-svn-doc-all@FreeBSD.ORG Sun Jun 29 20:16:15 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 04C6495; Sun, 29 Jun 2014 20:16:15 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E5C942632; Sun, 29 Jun 2014 20:16:14 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5TKGEHJ014366; Sun, 29 Jun 2014 20:16:14 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5TKGEel014365; Sun, 29 Jun 2014 20:16:14 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201406292016.s5TKGEel014365@svn.freebsd.org> From: Gavin Atkinson Date: Sun, 29 Jun 2014 20:16:14 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45165 - head/en_US.ISO8859-1/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Jun 2014 20:16:15 -0000 Author: gavin Date: Sun Jun 29 20:16:14 2014 New Revision: 45165 URL: http://svnweb.freebsd.org/changeset/doc/45165 Log: Add tags around "rsync". Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Sun Jun 29 20:13:23 2014 (r45164) +++ head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Sun Jun 29 20:16:14 2014 (r45165) @@ -677,7 +677,7 @@ Comment out for now until these can be v xlink:href="http://svn0.us-east.FreeBSD.org/">http, https, - rsync + rsync USA, New Jersey @@ -693,7 +693,7 @@ Comment out for now until these can be v xlink:href="http://svn0.eu.FreeBSD.org/">http, https, - rsync + rsync Europe, UK From owner-svn-doc-all@FreeBSD.ORG Sun Jun 29 20:29:26 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4DB48368; Sun, 29 Jun 2014 20:29:26 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3AAE626F2; Sun, 29 Jun 2014 20:29:26 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5TKTQur019263; Sun, 29 Jun 2014 20:29:26 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5TKTQKi019262; Sun, 29 Jun 2014 20:29:26 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201406292029.s5TKTQKi019262@svn.freebsd.org> From: Gavin Atkinson Date: Sun, 29 Jun 2014 20:29:26 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45166 - head/en_US.ISO8859-1/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Jun 2014 20:29:26 -0000 Author: gavin Date: Sun Jun 29 20:29:25 2014 New Revision: 45166 URL: http://svnweb.freebsd.org/changeset/doc/45166 Log: Re-order svn0.ru location to be Country, City like other entries. Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Sun Jun 29 20:16:14 2014 (r45165) +++ head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Sun Jun 29 20:29:25 2014 (r45166) @@ -711,7 +711,7 @@ Comment out for now until these can be v xlink:href="https://svn0.ru.FreeBSD.org/">https, rsync - Moscow, Russia + Russia, Moscow SHA1 F6:44:AA:B9:03:89:0E:3E:8C:4D:4D:14:F0:27:E6:C7:C1:8B:17:C5 From owner-svn-doc-all@FreeBSD.ORG Sun Jun 29 22:01:51 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 937D82D8; Sun, 29 Jun 2014 22:01:51 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 73C492D28; Sun, 29 Jun 2014 22:01:51 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5TM1pPZ064029; Sun, 29 Jun 2014 22:01:51 GMT (envelope-from peter@svn.freebsd.org) Received: (from peter@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5TM1nAe063804; Sun, 29 Jun 2014 22:01:49 GMT (envelope-from peter@svn.freebsd.org) Message-Id: <201406292201.s5TM1nAe063804@svn.freebsd.org> From: Peter Wemm Date: Sun, 29 Jun 2014 22:01:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45167 - in head: de_DE.ISO8859-1/htdocs es_ES.ISO8859-1/htdocs fr_FR.ISO8859-1/htdocs hu_HU.ISO8859-2/htdocs nl_NL.ISO8859-1/htdocs ru_RU.KOI8-R/htdocs zh_CN.UTF-8/htdocs zh_TW.UTF-8/h... X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Jun 2014 22:01:51 -0000 Author: peter (src committer) Date: Sun Jun 29 22:01:49 2014 New Revision: 45167 URL: http://svnweb.freebsd.org/changeset/doc/45167 Log: Copy over just the redirect header from the en_US version of send-pr.xml as in r44999 and r45025 to avoid messing with translation text. Reviewed by: gjb (glanced at) Modified: head/de_DE.ISO8859-1/htdocs/send-pr.xml head/es_ES.ISO8859-1/htdocs/send-pr.xml head/fr_FR.ISO8859-1/htdocs/send-pr.xml head/hu_HU.ISO8859-2/htdocs/send-pr.xml head/nl_NL.ISO8859-1/htdocs/send-pr.xml head/ru_RU.KOI8-R/htdocs/send-pr.xml head/zh_CN.UTF-8/htdocs/send-pr.xml head/zh_TW.UTF-8/htdocs/send-pr.xml Modified: head/de_DE.ISO8859-1/htdocs/send-pr.xml ============================================================================== --- head/de_DE.ISO8859-1/htdocs/send-pr.xml Sun Jun 29 20:29:25 2014 (r45166) +++ head/de_DE.ISO8859-1/htdocs/send-pr.xml Sun Jun 29 22:01:49 2014 (r45167) @@ -14,6 +14,7 @@ &title; $FreeBSD$ + Modified: head/es_ES.ISO8859-1/htdocs/send-pr.xml ============================================================================== --- head/es_ES.ISO8859-1/htdocs/send-pr.xml Sun Jun 29 20:29:25 2014 (r45166) +++ head/es_ES.ISO8859-1/htdocs/send-pr.xml Sun Jun 29 22:01:49 2014 (r45167) @@ -15,6 +15,7 @@ &title; $FreeBSD$ + Modified: head/fr_FR.ISO8859-1/htdocs/send-pr.xml ============================================================================== --- head/fr_FR.ISO8859-1/htdocs/send-pr.xml Sun Jun 29 20:29:25 2014 (r45166) +++ head/fr_FR.ISO8859-1/htdocs/send-pr.xml Sun Jun 29 22:01:49 2014 (r45167) @@ -22,6 +22,7 @@ &title; $FreeBSD$ + Modified: head/hu_HU.ISO8859-2/htdocs/send-pr.xml ============================================================================== --- head/hu_HU.ISO8859-2/htdocs/send-pr.xml Sun Jun 29 20:29:25 2014 (r45166) +++ head/hu_HU.ISO8859-2/htdocs/send-pr.xml Sun Jun 29 22:01:49 2014 (r45167) @@ -19,6 +19,7 @@ &title; $FreeBSD$ + Modified: head/nl_NL.ISO8859-1/htdocs/send-pr.xml ============================================================================== --- head/nl_NL.ISO8859-1/htdocs/send-pr.xml Sun Jun 29 20:29:25 2014 (r45166) +++ head/nl_NL.ISO8859-1/htdocs/send-pr.xml Sun Jun 29 22:01:49 2014 (r45167) @@ -15,6 +15,7 @@ &title; $FreeBSD$ + Modified: head/ru_RU.KOI8-R/htdocs/send-pr.xml ============================================================================== --- head/ru_RU.KOI8-R/htdocs/send-pr.xml Sun Jun 29 20:29:25 2014 (r45166) +++ head/ru_RU.KOI8-R/htdocs/send-pr.xml Sun Jun 29 22:01:49 2014 (r45167) @@ -20,6 +20,7 @@ &title; $FreeBSD$ + Modified: head/zh_CN.UTF-8/htdocs/send-pr.xml ============================================================================== --- head/zh_CN.UTF-8/htdocs/send-pr.xml Sun Jun 29 20:29:25 2014 (r45166) +++ head/zh_CN.UTF-8/htdocs/send-pr.xml Sun Jun 29 22:01:49 2014 (r45167) @@ -15,6 +15,7 @@ &title; $FreeBSD$ + Modified: head/zh_TW.UTF-8/htdocs/send-pr.xml ============================================================================== --- head/zh_TW.UTF-8/htdocs/send-pr.xml Sun Jun 29 20:29:25 2014 (r45166) +++ head/zh_TW.UTF-8/htdocs/send-pr.xml Sun Jun 29 22:01:49 2014 (r45167) @@ -15,6 +15,7 @@ &title; $FreeBSD$ + From owner-svn-doc-all@FreeBSD.ORG Sun Jun 29 22:10:23 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BD54549F; Sun, 29 Jun 2014 22:10:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AA6A52E34; Sun, 29 Jun 2014 22:10:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5TMANk5067598; Sun, 29 Jun 2014 22:10:23 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5TMAN9u067597; Sun, 29 Jun 2014 22:10:23 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201406292210.s5TMAN9u067597@svn.freebsd.org> From: Gavin Atkinson Date: Sun, 29 Jun 2014 22:10:23 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45168 - head/en_US.ISO8859-1/htdocs/internal X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Jun 2014 22:10:23 -0000 Author: gavin Date: Sun Jun 29 22:10:23 2014 New Revision: 45168 URL: http://svnweb.freebsd.org/changeset/doc/45168 Log: README.mirror is out of date, and not linked to from anywhere. Remove. Deleted: head/en_US.ISO8859-1/htdocs/internal/README.mirror Modified: head/en_US.ISO8859-1/htdocs/internal/Makefile Modified: head/en_US.ISO8859-1/htdocs/internal/Makefile ============================================================================== --- head/en_US.ISO8859-1/htdocs/internal/Makefile Sun Jun 29 22:01:49 2014 (r45167) +++ head/en_US.ISO8859-1/htdocs/internal/Makefile Sun Jun 29 22:10:23 2014 (r45168) @@ -47,6 +47,6 @@ homepage.html: homepage.inc CLEANFILES+= homepage.inc .endif -DATA+= README.mirror ssh-keys.asc +DATA+= ssh-keys.asc .include "${DOC_PREFIX}/share/mk/web.site.mk" From owner-svn-doc-all@FreeBSD.ORG Mon Jun 30 02:47:52 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9F29AC36; Mon, 30 Jun 2014 02:47:52 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 810F320C4; Mon, 30 Jun 2014 02:47:52 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5U2lqmm092809; Mon, 30 Jun 2014 02:47:52 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5U2lqIb092808; Mon, 30 Jun 2014 02:47:52 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201406300247.s5U2lqIb092808@svn.freebsd.org> From: Eitan Adler Date: Mon, 30 Jun 2014 02:47:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45169 - head/en_US.ISO8859-1/articles/contributing X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Jun 2014 02:47:52 -0000 Author: eadler Date: Mon Jun 30 02:47:52 2014 New Revision: 45169 URL: http://svnweb.freebsd.org/changeset/doc/45169 Log: Direct contributors to the licensing policy page instead of incorrectly instructing them in this article. Discussed with: imp, core Modified: head/en_US.ISO8859-1/articles/contributing/article.xml Modified: head/en_US.ISO8859-1/articles/contributing/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributing/article.xml Sun Jun 29 22:10:23 2014 (r45168) +++ head/en_US.ISO8859-1/articles/contributing/article.xml Mon Jun 30 02:47:52 2014 (r45169) @@ -397,88 +397,12 @@ someone to host the changes for you. When working with large amounts of code, the touchy - subject of copyrights also invariably comes up. Acceptable - copyrights for code included in FreeBSD are: - - - - The BSD copyrightBSD - copyright. This copyright is most - preferred due to its no strings attached - nature and general attractiveness to commercial - enterprises. Far from discouraging such commercial use, - the FreeBSD Project actively encourages such participation - by commercial interests who might eventually be inclined - to invest something of their own into FreeBSD. - - - - - - GPL - GNU General Public License - - - - GNU General Public License - - The GNU General Public License, or GPL. - This license is not quite as popular with us due to the - amount of extra effort demanded of anyone using the code - for commercial purposes, but given the sheer quantity of - GPL'd code we currently require (compiler, assembler, text - formatter, etc) it would be silly to refuse additional - contributions under this license. Code under the GPL also - goes into a different part of the tree, that being - /sys/gnu or - /usr/src/gnu, and - is therefore easily identifiable to anyone for whom the - GPL presents a problem. - - - - Contributions coming under any other type of copyright - must be carefully reviewed before their inclusion into FreeBSD - will be considered. Contributions for which particularly - restrictive commercial copyrights apply are generally - rejected, though the authors are always encouraged to make - such changes available through their own channels. - - To place a BSD-style copyright on your - work, include the following text at the very beginning of - every source code file you wish to protect, replacing the text - between the %% with the appropriate - information: - - Copyright (c) %%proper_years_here%% - %%your_name_here%%, %%your_state%% %%your_zip%%. - All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer as - the first lines of this file unmodified. -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -THIS SOFTWARE IS PROVIDED BY %%your_name_here%% ``AS IS'' AND ANY EXPRESS OR -IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -IN NO EVENT SHALL %%your_name_here%% BE LIABLE FOR ANY DIRECT, INDIRECT, -INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - - $&os;$ - - For your convenience, a copy of this text can be found in - /usr/share/examples/etc/bsd-style-copyright. + subject of copyrights also invariably comes up. &os; + prefers free software licenses such as BSD or ISC. + Copyleft licenses such as GPLv2 are sometimes permitted. The + complete listing can be found on the core team + licensing policy page. From owner-svn-doc-all@FreeBSD.ORG Mon Jun 30 02:47:54 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4860CC98; Mon, 30 Jun 2014 02:47:54 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0DA9320C5; Mon, 30 Jun 2014 02:47:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5U2lrXb092852; Mon, 30 Jun 2014 02:47:53 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5U2lr9Z092851; Mon, 30 Jun 2014 02:47:53 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201406300247.s5U2lr9Z092851@svn.freebsd.org> From: Eitan Adler Date: Mon, 30 Jun 2014 02:47:53 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45170 - head/en_US.ISO8859-1/articles/contributing X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Jun 2014 02:47:54 -0000 Author: eadler Date: Mon Jun 30 02:47:53 2014 New Revision: 45170 URL: http://svnweb.freebsd.org/changeset/doc/45170 Log: uuencoding is no longer required for submission of patches to the bug tracker. Modified: head/en_US.ISO8859-1/articles/contributing/article.xml Modified: head/en_US.ISO8859-1/articles/contributing/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributing/article.xml Mon Jun 30 02:47:52 2014 (r45169) +++ head/en_US.ISO8859-1/articles/contributing/article.xml Mon Jun 30 02:47:53 2014 (r45170) @@ -261,9 +261,8 @@ do not use cut-and-paste because cut-and-paste turns tabs into spaces and makes them unusable. When patches are a lot larger than 20KB, consider compressing - them (eg. with &man.gzip.1; or &man.bzip2.1;) and using - &man.uuencode.1; to include their compressed form in your - problem report. + them (eg. with &man.gzip.1; or &man.bzip2.1;) prior to + uploading them. After filing a report, you should receive confirmation along with a tracking number. Keep this tracking number so @@ -360,14 +359,10 @@ [PATCH] in the synopsis of the report. - - uuencode - - If you feel it appropriate (e.g. you have added, deleted, or renamed files), bundle your changes into a - tar file and run the &man.uuencode.1; - program on it. Archives created with &man.shar.1; are also + tar file. + Archives created with &man.shar.1; are also welcome. If your change is of a potentially sensitive nature, such @@ -391,7 +386,7 @@ In the case of a significant contribution of a large body work, or the addition of an important new feature to FreeBSD, it becomes almost always necessary to either send changes as - uuencoded tar files or upload them to a web or FTP site for + tar files or upload them to a web or FTP site for other people to access. If you do not have access to a web or FTP site, ask on an appropriate FreeBSD mailing list for someone to host the changes for you. From owner-svn-doc-all@FreeBSD.ORG Mon Jun 30 02:47:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5CB25CC1; Mon, 30 Jun 2014 02:47:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 497A620C6; Mon, 30 Jun 2014 02:47:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5U2lt6C092894; Mon, 30 Jun 2014 02:47:55 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5U2lt5f092893; Mon, 30 Jun 2014 02:47:55 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201406300247.s5U2lt5f092893@svn.freebsd.org> From: Eitan Adler Date: Mon, 30 Jun 2014 02:47:55 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45171 - head/en_US.ISO8859-1/articles/contributing X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Jun 2014 02:47:55 -0000 Author: eadler Date: Mon Jun 30 02:47:54 2014 New Revision: 45171 URL: http://svnweb.freebsd.org/changeset/doc/45171 Log: Remove additional references to send-pr Modified: head/en_US.ISO8859-1/articles/contributing/article.xml Modified: head/en_US.ISO8859-1/articles/contributing/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributing/article.xml Mon Jun 30 02:47:53 2014 (r45170) +++ head/en_US.ISO8859-1/articles/contributing/article.xml Mon Jun 30 02:47:54 2014 (r45171) @@ -251,9 +251,9 @@ other mailing lists. If you find a bug or are submitting a specific change, - please report it using the &man.send-pr.1; program or its - WEB-based - equivalent. Try to fill-in each field of the bug + please report it using the bug submission form. + Try to fill-in each field of the bug report. Unless they exceed 65KB, include any patches directly in the report. If the patch is suitable to be applied to the source tree put [PATCH] in the synopsis of @@ -266,17 +266,7 @@ After filing a report, you should receive confirmation along with a tracking number. Keep this tracking number so - that you can update us with details about the problem by - sending mail to &a.bugfollowup;. Use the number as the - message subject, e.g. "Re: kern/3377". - Additional information for any bug report should be submitted - this way. - - If you do not receive confirmation in a timely fashion (3 - days to a week, depending on your email connection) or are, - for some reason, unable to use the &man.send-pr.1; command, - then you may ask someone to file it for you by sending mail to - the &a.bugs;. + that you can update us with details about the problem. See also this article on how to write good problem @@ -295,9 +285,8 @@ FreeBSD Documentation Project Primer for complete instructions. Send submissions and changes (even small ones - are welcome!) using &man.send-pr.1; as described in - Bug Reports and General - Commentary. + are welcome!) using the same method any other bug + report. @@ -348,9 +337,8 @@ Once you have a set of diffs (which you may test with the &man.patch.1; command), you should submit them for inclusion - with FreeBSD. Use the &man.send-pr.1; program as described in - Bug Reports and General - Commentary. Do not just send the + with &os; as a bug report. + Do not just send the diffs to the &a.hackers; or they will get lost! We greatly appreciate your submission (this is a volunteer project!); because we are busy, we may not be able to address it @@ -368,7 +356,7 @@ If your change is of a potentially sensitive nature, such as if you are unsure of copyright issues governing its further distribution then you should send it to &a.core; directly - rather than submitting it with &man.send-pr.1;. The &a.core; + rather than submitting as a bug report. The &a.core; reaches a much smaller group of people who do much of the day-to-day work on FreeBSD. Note that this group is also very busy and so you should only send From owner-svn-doc-all@FreeBSD.ORG Mon Jun 30 02:53:30 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2588EA51; Mon, 30 Jun 2014 02:53:30 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 129D3215F; Mon, 30 Jun 2014 02:53:30 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5U2rTgG096704; Mon, 30 Jun 2014 02:53:29 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5U2rTxm096703; Mon, 30 Jun 2014 02:53:29 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201406300253.s5U2rTxm096703@svn.freebsd.org> From: Eitan Adler Date: Mon, 30 Jun 2014 02:53:29 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45172 - head/en_US.ISO8859-1/articles/contributing X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Jun 2014 02:53:30 -0000 Author: eadler Date: Mon Jun 30 02:53:29 2014 New Revision: 45172 URL: http://svnweb.freebsd.org/changeset/doc/45172 Log: There is no reference to donating internet access, and we are not soliciting mirrors at this time. Modified: head/en_US.ISO8859-1/articles/contributing/article.xml Modified: head/en_US.ISO8859-1/articles/contributing/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributing/article.xml Mon Jun 30 02:47:54 2014 (r45171) +++ head/en_US.ISO8859-1/articles/contributing/article.xml Mon Jun 30 02:53:29 2014 (r45172) @@ -389,7 +389,7 @@ - Money, Hardware or Internet Access + Money or Hardware We are always very happy to accept donations to further the cause of the FreeBSD Project and, in a volunteer effort From owner-svn-doc-all@FreeBSD.ORG Mon Jun 30 03:28:43 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5D41D1A7; Mon, 30 Jun 2014 03:28:43 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4B201245B; Mon, 30 Jun 2014 03:28:43 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5U3Shhq012496; Mon, 30 Jun 2014 03:28:43 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5U3Shs1012495; Mon, 30 Jun 2014 03:28:43 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201406300328.s5U3Shs1012495@svn.freebsd.org> From: Warren Block Date: Mon, 30 Jun 2014 03:28:43 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45173 - head/share/misc X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Jun 2014 03:28:43 -0000 Author: wblock Date: Mon Jun 30 03:28:42 2014 New Revision: 45173 URL: http://svnweb.freebsd.org/changeset/doc/45173 Log: Remove bold highlighting for elements. Discussed on freebsd-doc mailing list: http://lists.freebsd.org/pipermail/freebsd-doc/2014-June/023883.html Modified: head/share/misc/docbook.css Modified: head/share/misc/docbook.css ============================================================================== --- head/share/misc/docbook.css Mon Jun 30 02:53:29 2014 (r45172) +++ head/share/misc/docbook.css Mon Jun 30 03:28:42 2014 (r45173) @@ -377,10 +377,6 @@ pre.programlisting { font-style: italic; } -.application { - font-weight: bold; -} - .userinput, .userinput code { font-weight: bold; From owner-svn-doc-all@FreeBSD.ORG Mon Jun 30 04:09:26 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 34EC3AF3; Mon, 30 Jun 2014 04:09:26 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 221D72765; Mon, 30 Jun 2014 04:09:26 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5U49PMW030746; Mon, 30 Jun 2014 04:09:25 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5U49P0r030745; Mon, 30 Jun 2014 04:09:25 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201406300409.s5U49P0r030745@svn.freebsd.org> From: Eitan Adler Date: Mon, 30 Jun 2014 04:09:25 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45174 - head/en_US.ISO8859-1/articles/new-users X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Jun 2014 04:09:26 -0000 Author: eadler Date: Mon Jun 30 04:09:25 2014 New Revision: 45174 URL: http://svnweb.freebsd.org/changeset/doc/45174 Log: Direct new users to less(1) instead of view(1) Modified: head/en_US.ISO8859-1/articles/new-users/article.xml Modified: head/en_US.ISO8859-1/articles/new-users/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/new-users/article.xml Mon Jun 30 03:28:42 2014 (r45173) +++ head/en_US.ISO8859-1/articles/new-users/article.xml Mon Jun 30 04:09:25 2014 (r45174) @@ -228,15 +228,14 @@ - view + less filename Lets you look at a file (named filename) without changing it. - Try view - /etc/fstab. - Type :q to quit. + Try less /etc/fstab. + Type q to quit. From owner-svn-doc-all@FreeBSD.ORG Mon Jun 30 04:28:52 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8ECBE799; Mon, 30 Jun 2014 04:28:52 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5DBB528CF; Mon, 30 Jun 2014 04:28:52 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5U4SqsL039803; Mon, 30 Jun 2014 04:28:52 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5U4SqHk039802; Mon, 30 Jun 2014 04:28:52 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201406300428.s5U4SqHk039802@svn.freebsd.org> From: Eitan Adler Date: Mon, 30 Jun 2014 04:28:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45175 - head/en_US.ISO8859-1/books/developers-handbook/tools X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Jun 2014 04:28:52 -0000 Author: eadler Date: Mon Jun 30 04:28:51 2014 New Revision: 45175 URL: http://svnweb.freebsd.org/changeset/doc/45175 Log: Eliminate some history from the documentation. Modified: head/en_US.ISO8859-1/books/developers-handbook/tools/chapter.xml Modified: head/en_US.ISO8859-1/books/developers-handbook/tools/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/developers-handbook/tools/chapter.xml Mon Jun 30 04:09:25 2014 (r45174) +++ head/en_US.ISO8859-1/books/developers-handbook/tools/chapter.xml Mon Jun 30 04:28:51 2014 (r45175) @@ -618,35 +618,17 @@ This will link the math library functions into foobar. - If you are compiling C++ code, you need to add - , or if - you are using FreeBSD 2.2 or later, to the command line - argument to link the C++ library functions. - Alternatively, you can run c++ instead - of cc, which does this for you. - c++ can also be invoked as - g++ on FreeBSD. + If you are compiling C++ code, use + c++. c++ can also be + invoked as clang++ on &os;. - &prompt.user; cc -o foobar foobar.cc -lg++ For FreeBSD 2.1.6 and earlier -&prompt.user; cc -o foobar foobar.cc -lstdc++ For FreeBSD 2.2 and later -&prompt.user; c++ -o foobar foobar.cc - + &prompt.user; c++ -o foobar foobar.cc - Each of these will both produce an executable + This will both produce an executable foobar from the C++ source file - foobar.cc. Note that, on &unix; - systems, C++ source files traditionally end in - .C, .cxx or - .cc, rather than the - &ms-dos; style - .cpp (which was already used for - something else). gcc used to rely on - this to work out what kind of compiler to use on the - source file; however, this restriction no longer applies, - so you may now call your C++ files - .cpp with impunity! + foobar.cc. From owner-svn-doc-all@FreeBSD.ORG Mon Jun 30 04:28:53 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E31177A7; Mon, 30 Jun 2014 04:28:53 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D045128D0; Mon, 30 Jun 2014 04:28:53 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5U4SrMI039840; Mon, 30 Jun 2014 04:28:53 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5U4Sr7M039839; Mon, 30 Jun 2014 04:28:53 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201406300428.s5U4Sr7M039839@svn.freebsd.org> From: Eitan Adler Date: Mon, 30 Jun 2014 04:28:53 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45176 - head/en_US.ISO8859-1/books/developers-handbook/secure X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Jun 2014 04:28:54 -0000 Author: eadler Date: Mon Jun 30 04:28:53 2014 New Revision: 45176 URL: http://svnweb.freebsd.org/changeset/doc/45176 Log: Don't make it seem like FreeSBD lacks these interfaces when first reading the sentence. Modified: head/en_US.ISO8859-1/books/developers-handbook/secure/chapter.xml Modified: head/en_US.ISO8859-1/books/developers-handbook/secure/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/developers-handbook/secure/chapter.xml Mon Jun 30 04:28:51 2014 (r45175) +++ head/en_US.ISO8859-1/books/developers-handbook/secure/chapter.xml Mon Jun 30 04:28:53 2014 (r45176) @@ -217,17 +217,11 @@ int main() { strncpy NUL fills up the size specified. - In OpenBSD, another memory copy implementation has been - - OpenBSD - - created to get around these problem. The + Another memory copy implementation exists + to get around these problems. The strlcpy and strlcat functions guarantee that they will always null terminate the - destination string when given a non-zero length argument. For - more information about these functions see . The OpenBSD strlcpy and - strlcat instructions have been in FreeBSD - since 3.3. + destination string when given a non-zero length argument. string copy functions From owner-svn-doc-all@FreeBSD.ORG Mon Jun 30 04:28:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3B2E87F4; Mon, 30 Jun 2014 04:28:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2255F28D1; Mon, 30 Jun 2014 04:28:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5U4SskQ039883; Mon, 30 Jun 2014 04:28:54 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5U4SsQF039882; Mon, 30 Jun 2014 04:28:54 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201406300428.s5U4SsQF039882@svn.freebsd.org> From: Eitan Adler Date: Mon, 30 Jun 2014 04:28:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45177 - head/en_US.ISO8859-1/books/developers-handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Jun 2014 04:28:55 -0000 Author: eadler Date: Mon Jun 30 04:28:54 2014 New Revision: 45177 URL: http://svnweb.freebsd.org/changeset/doc/45177 Log: Bump copyright Modified: head/en_US.ISO8859-1/books/developers-handbook/book.xml Modified: head/en_US.ISO8859-1/books/developers-handbook/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/developers-handbook/book.xml Mon Jun 30 04:28:53 2014 (r45176) +++ head/en_US.ISO8859-1/books/developers-handbook/book.xml Mon Jun 30 04:28:54 2014 (r45177) @@ -31,6 +31,7 @@ 2011 2012 2013 + 2014 The FreeBSD Documentation Project From owner-svn-doc-all@FreeBSD.ORG Mon Jun 30 05:48:41 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5D267C5E; Mon, 30 Jun 2014 05:48:41 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 43D332EF5; Mon, 30 Jun 2014 05:48:41 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5U5mfsn076703; Mon, 30 Jun 2014 05:48:41 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5U5mfvG076702; Mon, 30 Jun 2014 05:48:41 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201406300548.s5U5mfvG076702@svn.freebsd.org> From: Eitan Adler Date: Mon, 30 Jun 2014 05:48:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45178 - head/en_US.ISO8859-1/books/developers-handbook/tools X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Jun 2014 05:48:41 -0000 Author: eadler Date: Mon Jun 30 05:48:40 2014 New Revision: 45178 URL: http://svnweb.freebsd.org/changeset/doc/45178 Log: Add missing Modified: head/en_US.ISO8859-1/books/developers-handbook/tools/chapter.xml Modified: head/en_US.ISO8859-1/books/developers-handbook/tools/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/developers-handbook/tools/chapter.xml Mon Jun 30 04:28:54 2014 (r45177) +++ head/en_US.ISO8859-1/books/developers-handbook/tools/chapter.xml Mon Jun 30 05:48:40 2014 (r45178) @@ -628,7 +628,7 @@ This will both produce an executable foobar from the C++ source file - foobar.cc. + foobar.cc. From owner-svn-doc-all@FreeBSD.ORG Mon Jun 30 10:37:16 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4852E641; Mon, 30 Jun 2014 10:37:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 29D6C2717; Mon, 30 Jun 2014 10:37:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5UAbF44015639; Mon, 30 Jun 2014 10:37:15 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5UAbFe6015638; Mon, 30 Jun 2014 10:37:15 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201406301037.s5UAbFe6015638@svn.freebsd.org> From: Gabor Pali Date: Mon, 30 Jun 2014 10:37:15 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45179 - head/en_US.ISO8859-1/htdocs/internal X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Jun 2014 10:37:16 -0000 Author: pgj Date: Mon Jun 30 10:37:15 2014 New Revision: 45179 URL: http://svnweb.freebsd.org/changeset/doc/45179 Log: - Update the dates for the Core Team Elections, the 2014 edition is now over Modified: head/en_US.ISO8859-1/htdocs/internal/bylaws.xml Modified: head/en_US.ISO8859-1/htdocs/internal/bylaws.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/internal/bylaws.xml Mon Jun 30 05:48:40 2014 (r45178) +++ head/en_US.ISO8859-1/htdocs/internal/bylaws.xml Mon Jun 30 10:37:15 2014 (r45179) @@ -59,8 +59,8 @@

    Additional Information

    -

    The last core election was held in May-June of 2012. The next core - election is scheduled for June of 2014.

    +

    The last core election was held in May-June of 2014. The next core + election is scheduled for June of 2016.

    Core Interpretations of the Bylaws

    From owner-svn-doc-all@FreeBSD.ORG Mon Jun 30 12:56:50 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 334A4B40; Mon, 30 Jun 2014 12:56:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 041392469; Mon, 30 Jun 2014 12:56:50 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5UCunuD081376; Mon, 30 Jun 2014 12:56:49 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5UCun7n081375; Mon, 30 Jun 2014 12:56:49 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201406301256.s5UCun7n081375@svn.freebsd.org> From: Gavin Atkinson Date: Mon, 30 Jun 2014 12:56:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45180 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Jun 2014 12:56:50 -0000 Author: gavin Date: Mon Jun 30 12:56:49 2014 New Revision: 45180 URL: http://svnweb.freebsd.org/changeset/doc/45180 Log: Remove old (mostly cvsup) mirrors that no longer resolve. Modified: head/share/xml/mirrors.xml Modified: head/share/xml/mirrors.xml ============================================================================== --- head/share/xml/mirrors.xml Mon Jun 30 10:37:15 2014 (r45179) +++ head/share/xml/mirrors.xml Mon Jun 30 12:56:49 2014 (r45180) @@ -160,10 +160,6 @@ - - cvsup1.am.FreeBSD.org - - hostmaster@am.FreeBSD.org @@ -194,10 +190,6 @@ ftp://ftp3.au.FreeBSD.org/pub/FreeBSD/ - - cvsup.au.FreeBSD.org - - hostmaster@au.FreeBSD.org @@ -728,18 +720,6 @@ ftp://ftp2.nl.FreeBSD.org/pub/FreeBSD/ - - cvsup.nl.FreeBSD.org - - - - cvsup2.nl.FreeBSD.org - - - - cvsup3.nl.FreeBSD.org - - hostmaster@nl.FreeBSD.org @@ -895,11 +875,6 @@ http://www.za.FreeBSD.org/ - - www2.za.FreeBSD.org - http://www2.za.FreeBSD.org/ - - ftp.za.FreeBSD.org ftp://ftp.za.FreeBSD.org/pub/FreeBSD/ @@ -915,10 +890,6 @@ ftp://ftp4.za.FreeBSD.org/pub/FreeBSD/ - - cvsup.za.FreeBSD.org - - hostmaster@za.FreeBSD.org @@ -1026,10 +997,6 @@ http://ftp.ch.FreeBSD.org/pub/FreeBSD/ - - cvsup.ch.FreeBSD.org - - hostmaster@ch.FreeBSD.org @@ -1179,14 +1146,6 @@ ftp://ftp7.ua.FreeBSD.org/pub/FreeBSD/ - - cvsup5.ua.FreeBSD.org - - - - cvsup6.ua.FreeBSD.org - - From owner-svn-doc-all@FreeBSD.ORG Mon Jun 30 19:38:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C6FD2519; Mon, 30 Jun 2014 19:38:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 951A52C78; Mon, 30 Jun 2014 19:38:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5UJcuPS077694; Mon, 30 Jun 2014 19:38:56 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5UJcu2W077693; Mon, 30 Jun 2014 19:38:56 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406301938.s5UJcu2W077693@svn.freebsd.org> From: Glen Barber Date: Mon, 30 Jun 2014 19:38:56 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45181 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Jun 2014 19:38:57 -0000 Author: gjb Date: Mon Jun 30 19:38:56 2014 New Revision: 45181 URL: http://svnweb.freebsd.org/changeset/doc/45181 Log: Regenerate after r268058 and r268060. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Mon Jun 30 12:56:49 2014 (r45180) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Mon Jun 30 19:38:56 2014 (r45181) @@ -1,5 +1,5 @@ -FreeBSD 9.3-RELEASE Release Notes

    FreeBSD 9.3-RELEASE Release Notes

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation +FreeBSD 9.3-RELEASE Release Notes

    FreeBSD 9.3-RELEASE Release Notes

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation Project

    FreeBSD is a registered trademark of the FreeBSD Foundation.

    IBM, AIX, OS/2, PowerPC, PS/2, S/390, and ThinkPad are @@ -18,7 +18,7 @@ as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the or the - symbol.

    Last modified on 2014-06-25 by gjb.
    Abstract

    The release notes for FreeBSD 9.3-RELEASE contain + symbol.

    Last modified on 2014-06-30 by gjb.
    Abstract

    The release notes for FreeBSD 9.3-RELEASE contain a summary of the changes made to the FreeBSD base system on the 9.3-STABLE development line. This document lists applicable security advisories that were issued since the last @@ -55,7 +55,7 @@ vulnerability

    FreeBSD-SA-14:05.nfsserver8April2014

    Deadlock in the NFS server

    FreeBSD-SA-14:06.openssl8April2014

    ECDSA side channel leak

    FreeBSD-SA-14:08.tcp30April2014

    TCP reassembly vulnerability

    FreeBSD-SA-14:11.sendmail26May2014

    Sendmail improper close-on-exec flag handling

    FreeBSD-SA-14:12.ktrace3June2014

    ktrace(1) kernel memory disclosure

    FreeBSD-SA-14:13.pam3June2014

    Incorrect error handling in PAM policy - parser

    FreeBSD-SA-14:14.openssl5June2014

    Multiple vulnerabilities

    SA-14:16.file24June2014

    Multiple vulnerabilities

    2.2.Kernel Changes

    The arcmsr (4) driver has been + parser

    FreeBSD-SA-14:14.openssl5June2014

    Multiple vulnerabilities

    FreeBSD-SA-14:16.file24June2014

    Multiple vulnerabilities

    2.2.Kernel Changes

    The arcms r(4) driver has been updated to version 1.20.00.28. [r256033]

    The isci(4) driver is now loadable via kldload(8). [r256437] (Sponsored by @@ -131,7 +131,7 @@ extensible_dataset zpool(8) feature has been added. See zpool-features(7) for more information. [r263391]

    A memory leak has been fixed in - libzfs. [r263408]

    The vt driver + libzfs. [r263408]

    The vt(4) driver has been merged from head/. [r263817,263818] (Sponsored by TheFreeBSDFoundation)

    The mpr(4) device has @@ -329,7 +329,7 @@ been updated to support multiple byte orders. Similar to cap_mkdb(1), the services.db will be created with proper endinanness as part of - cross-architecture release builds. [r263028]

    3.Upgrading from Previous Releases of FreeBSD

    3.1.Upgrading Using freebsd-update(8) or a Source-Based + cross-architecture release builds. [r263028]

    3.Upgrading from Previous Releases of FreeBSD

    3.1.Upgrading Using freebsd-update(8) or a Source-Based Procedure

    [amd64,i386] Binary upgrades between RELEASE versions (and snapshots of the various security branches) are supported using the freebsd-update(8) utility. The binary upgrade @@ -343,7 +343,7 @@ /usr/src/UPDATING.

    For more specific information about upgrading instructions, see http://www.FreeBSD.org/releases/9.3R/installation.html.

    Important:

    Upgrading FreeBSD should only be attempted after backing up all data and - configuration files.

    3.2.User-Visible + configuration files.

    3.2.User-Visible Incompatibilities

    FreeBSD9.0 and later versions have several configuration incompatibilities with earlier versions of FreeBSD. These differences are best understood before upgrading. From owner-svn-doc-all@FreeBSD.ORG Mon Jun 30 19:55:16 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B1F53A1B; Mon, 30 Jun 2014 19:55:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 853B82E14; Mon, 30 Jun 2014 19:55:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5UJtG3O086345; Mon, 30 Jun 2014 19:55:16 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5UJtGRB086343; Mon, 30 Jun 2014 19:55:16 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201406301955.s5UJtGRB086343@svn.freebsd.org> From: Glen Barber Date: Mon, 30 Jun 2014 19:55:16 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45182 - head/en_US.ISO8859-1/htdocs/cgi X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Jun 2014 19:55:16 -0000 Author: gjb Date: Mon Jun 30 19:55:16 2014 New Revision: 45182 URL: http://svnweb.freebsd.org/changeset/doc/45182 Log: - Add 9.3-RELEASE and 9.3-stable paths. - Make 9.3-RELEASE the default, because it contains a few manual pages that are newer than 10.0-RELEASE (vt(4) in particular). - Update 'freebsd-stable9' to 9.3. Approved by: re (implicit), doceng (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/cgi/man.cgi Modified: head/en_US.ISO8859-1/htdocs/cgi/man.cgi ============================================================================== --- head/en_US.ISO8859-1/htdocs/cgi/man.cgi Mon Jun 30 19:38:56 2014 (r45181) +++ head/en_US.ISO8859-1/htdocs/cgi/man.cgi Mon Jun 30 19:55:16 2014 (r45182) @@ -209,7 +209,7 @@ foreach my $os ( keys %$sectionpath ) { ); $manLocalDir = '/usr/local/www/bsddoc/man'; -$manPathDefault = 'FreeBSD 10.0-RELEASE'; +$manPathDefault = 'FreeBSD 9.3-RELEASE'; %manPath = ( 'FreeBSD 9.2-RELEASE and Ports', @@ -242,6 +242,11 @@ $manPathDefault = 'FreeBSD 10.0-RELEASE' 'FreeBSD 10.0-stable', "$manLocalDir/FreeBSD-10.0-stable/man:$manLocalDir/FreeBSD-10.0-stable/openssl/man", + 'FreeBSD 9.3-RELEASE', +"$manLocalDir/FreeBSD-9.3-RELEASE/man:$manLocalDir/FreeBSD-9.3-RELEASE/openssl/man", + 'FreeBSD 9.3-stable', +"$manLocalDir/FreeBSD-9.3-stable/man:$manLocalDir/FreeBSD-9.3-stable/openssl/man", + 'FreeBSD 9.2-stable', "$manLocalDir/FreeBSD-9.2-stable/man:$manLocalDir/FreeBSD-9.2-stable/openssl/man", 'FreeBSD 9.2-RELEASE', @@ -602,6 +607,7 @@ my $default_arch = 'i386'; my %arch = ( 'FreeBSD 10.0-RELEASE' => { 'default' => 'i386', 'arch' => [qw/amd64 arm i386 powerpc sparc64/] } , +'FreeBSD 9.3-RELEASE' => { 'default' => 'i386', 'arch' => [qw/amd64 arm i386 powerpc sparc64/] } , 'FreeBSD 9.2-RELEASE' => { 'default' => 'i386', 'arch' => [qw/amd64 arm i386 powerpc sparc64/] } , 'FreeBSD 9.1-RELEASE' => { 'default' => 'i386', 'arch' => [qw/amd64 arm i386 powerpc sparc64/] } , 'FreeBSD 9.0-RELEASE' => { 'default' => 'i386', 'arch' => [qw/amd64 arm i386 powerpc sparc64/] } , @@ -637,12 +643,12 @@ while ( ( $key, $val ) = each %manPath ) # keywords must be in lower cases. %manPathAliases = ( - 'freebsd', 'FreeBSD 10.0-RELEASE', - 'freebsd-release', 'FreeBSD 10.0-RELEASE', + 'freebsd', 'FreeBSD 9.3-RELEASE', + 'freebsd-release', 'FreeBSD 9.3-RELEASE', 'freebsd-stable', 'FreeBSD 10.0-stable', 'freebsd-stable10', 'FreeBSD 10.0-stable', - 'freebsd-stable9', 'FreeBSD 9.2-stable', + 'freebsd-stable9', 'FreeBSD 9.3-stable', 'freebsd-stable8', 'FreeBSD 8.4-stable', 'freebsd-stable7', 'FreeBSD 7.4-stable', 'freebsd-stable6', 'FreeBSD 6.4-stable', From owner-svn-doc-all@FreeBSD.ORG Tue Jul 1 12:09:03 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 51B55766; Tue, 1 Jul 2014 12:09:03 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3E156281A; Tue, 1 Jul 2014 12:09:03 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s61C93IC038621; Tue, 1 Jul 2014 12:09:03 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s61C93TB038620; Tue, 1 Jul 2014 12:09:03 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201407011209.s61C93TB038620@svn.freebsd.org> From: Ryusuke SUZUKI Date: Tue, 1 Jul 2014 12:09:03 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45183 - head/ja_JP.eucJP/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jul 2014 12:09:03 -0000 Author: ryusuke Date: Tue Jul 1 12:09:02 2014 New Revision: 45183 URL: http://svnweb.freebsd.org/changeset/doc/45183 Log: - Merge the following from the English version: r43896 -> r44061 head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Mon Jun 30 19:55:16 2014 (r45182) +++ head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Tue Jul 1 12:09:02 2014 (r45183) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r43896 + Original revision: r44061 $FreeBSD$ --> @@ -644,10 +644,12 @@ Comment out for now until these can be v を利用してください。 - &os; の svn ミラーネットワークは、 + &os; の Subversion + ミラーのネットワークは、 まだ初期の段階にあるので、今後変更されることがあります。 以下のミラー一覧を不変なものとは考えないでください。 - 特に、サーバの SSL 証明書は、いずれかの時点で変更になるでしょう。 + 特に、サーバの SSL 証明書は、 + いずれかの時点で変更になるでしょう。 @@ -664,7 +666,7 @@ Comment out for now until these can be v 位置 - SSL フィンガープリント + SSL フィンガープリント @@ -673,10 +675,10 @@ Comment out for now until these can be v svn0.us-west.FreeBSD.org - svn, http, + svn, http, https + xlink:href="https://svn0.us-west.FreeBSD.org/">https USA, カリフォルニア @@ -688,10 +690,10 @@ Comment out for now until these can be v svn0.us-east.FreeBSD.org - svn, http, + svn, http, https, + xlink:href="https://svn0.us-east.FreeBSD.org/">https, rsync USA, ニュージャージ @@ -704,10 +706,10 @@ Comment out for now until these can be v svn0.eu.FreeBSD.org - svn, http, + svn, http, https, + xlink:href="https://svn0.eu.FreeBSD.org/">https, rsync Europe, UK @@ -748,10 +750,10 @@ Certificate information: ~/.subversion/auth/ に保存され、 有効期限が切れるまでは、フィンガープリントの確認は求められません。 - ファイアウォールまたは他の問題のため、HTTPS - を使えなければ、転送速度がより少し早い SVN を使ってください。 + ファイアウォールまたは他の問題のため、https + を使えなければ、転送速度がより少し早い svn を使ってください。 両方を使えない場合には、 - HTTP を使ってください。 + HTTP を使ってください。 From owner-svn-doc-all@FreeBSD.ORG Tue Jul 1 12:21:24 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 85308A2F; Tue, 1 Jul 2014 12:21:24 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 71932299F; Tue, 1 Jul 2014 12:21:24 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s61CLOcd046259; Tue, 1 Jul 2014 12:21:24 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s61CLOBe046258; Tue, 1 Jul 2014 12:21:24 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201407011221.s61CLOBe046258@svn.freebsd.org> From: Ryusuke SUZUKI Date: Tue, 1 Jul 2014 12:21:24 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45184 - head/ja_JP.eucJP/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Tue, 01 Jul 2014 12:27:30 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jul 2014 12:21:24 -0000 Author: ryusuke Date: Tue Jul 1 12:21:24 2014 New Revision: 45184 URL: http://svnweb.freebsd.org/changeset/doc/45184 Log: - Merge the following from the English version: r44061 -> r44073 head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Tue Jul 1 12:09:02 2014 (r45183) +++ head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Tue Jul 1 12:21:24 2014 (r45184) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r44061 + Original revision: r44073 $FreeBSD$ --> @@ -753,1754 +753,7 @@ Certificate information: ファイアウォールまたは他の問題のため、https を使えなければ、転送速度がより少し早い svn を使ってください。 両方を使えない場合には、 - HTTP を使ってください。 - - - - CVSup を使う (非推奨) - - 訳: &a.jp.iwasaki;、1997 年 2 月 27 日 - - - 紹介 - - - CVS および cvsup は、 - プロジェクトにおいて使用されなくなりました。 - かわりに Subversion - を使ってください。 - - - CVSup は、 - リモートのサーバホストにあるマスタ CVS リポジトリから - ソースツリーを配布し更新するための - ソフトウェアパッケージです。&os; のソースは、 - カリフォルニアにある中心的な開発マシンの CVS リポジトリの - 中でメンテナンスしています。CVSup - を使用することで、&os; ユーザは - 簡単に自分のソースツリーを最新の状態に - しておくことができます。 - - CVSup は - pull - モデルとよばれる更新のモデルを採用しています。pull - モデルでは、 - 各クライアントが更新したい場合に更新したい時点で、 - サーバに更新の問い合わせをおこないます。 - サーバはクライアントからの - 更新の要求を受け身の状態で待ちます。したがって、 - すべての更新はクライアント主導でおこなわれます。 - サーバは頼まれもしない更新情報を送るようなことはしません。 - ユーザは CVSup - クライアントを手動で実行して更新をおこなうか、 - cron - ジョブを設定して定期的に自動実行する必要があります。 - - 用語 CVSup - のように大文字で表記しているものは、ソフトウェアパッケージ - 全体を指します。主な構成物は、 - 各ユーザマシンで実行するクライアントである - cvsup、&os; - の各ミラーサイトで実行するサーバ cvsupd - です。 - - - csup ユーティリティは - CVSup - ソフトウェアを C 言語で書き直したものです。 - 処理速度が速く、また、Modula-3 言語を使わないため、 - Modula-3 をインストールする必要がありません。 - さらに、ベースシステムに含まれているので、 - すぐに使うことができます。 - csup を使う場合は、 - CVSup のインストールを省略し、 - 以下の文章中の CVSup を - csup に置きかえて読んでください。 - - - - - インストール - - CVSup - をインストールする最も簡単な方法は、&os; - Ports コレクションのパッケージ - からコンパイル済みの - net/cvsup パッケージをインストールすることです。 - もしくは、net/cvsup でも構いません。 - ただし、net/cvsup は - Modula-3 システムに依存していて、構築にかかる時間、 - ディスクスペースは比較的大きくなります。 - - - たとえばサーバのような &xorg; - がインストールされていない計算機で CVSup - を使おうとしているのであれば、必ず CVSup - GUI が含まれていない - net/cvsup-without-gui - を使ってください。 - - - - - CVSup のコンフィグレーション - - CVSup の動作は、supfile - と呼ばれるコンフィグレーションファイルで制御します。 - supfile のサンプルは、ディレクトリ /usr/share/examples/cvsup/ - の下にあります。 - - supfile には以下の CVSup - に関する質問への答えを記述します: - - - - - どのファイルを受け取りたいのか? - - - - - どのバージョンのものが欲しいのか? - - - - - どこから入手したいのか? - - - - - 自分のマシンのどこに置きたいのか? - - - - - どこに status ファイルを置きたいのか? - - - - 次のセクションで、これらの質問に順番に答えながら典型的な - supfile を組み立てていきます。最初に - supfile の全体構造を説明します。 - - supfile はテキストファイルです。 - コメントは # から行末までです。 - 空行とコメントだけの行は無視します。 - - 残りの各行には、 - ユーザが受け取りたいファイル群について記述します。 - 行の始めは、 - サーバ側で定義した論理的なファイルのグループである - コレクション の名称です。 - コレクションの名称を指定して、欲しいファイル群を - サーバに伝えます。コレクション名の後には、 - ホワイトスペースで区切られた 0 個以上のフィールドが続きます。 - これらのフィールドが上記の質問に対する答えになります。 - フィールドには 2 種類あります: flag フィールドと value - フィールドです。flag フィールドは delete - や compress のような - 単独のキーワードから成ります。また、value - フィールドもキーワードで始まりますが、 - キーワードの後にはホワイトスペースは入らず、 - = と二つめの単語が続きます。例えば、 - release=cvs は value - フィールドです。 - - 通常、supfile - には受け取りたいコレクションを一つ以上指定します。 - supfile を組み立てる一つの方法として、 - コレクション毎にすべての関係の - あるフィールドを明示的に指定する方法があります。しかし、 - これでは supfile - のすべてのコレクションに対して - ほとんどのフィールドが同じになるため、 - 行が非常に長くなってしまい不便になります。 - これらの問題を避けるため、CVSup - ではデフォルトを指定することのできる - メカニズムが提供されています。特殊な擬似コレクション名 - *default で始まる行は、 - supfile 中の後続の - コレクションに対して使用する flag フィールドと value - フィールドのデフォルトを設定するために利用できます。 - 個々のコレクションで固有の値を指定すると、 - デフォルト値を無効にできます。また - 行を追加すると、supfile - の途中からデフォルト値の変更や追加が可能になります。 - - これまでの予備知識を基に、 - &os;-CURRENT - のメインのソースツリーを受け取って更新するための - supfile を組み立ててみましょう。 - - - - - どのファイルを受け取りたいのか? - - CVSup - を通して入手できるファイルは コレクション - と呼ばれる名前の付けられたグループにまとめられています。 - 利用可能なコレクションについては - 後の節の中で説明しています。 - ここでは、&os; システムのメインのソースツリー全体 - を受け取るための設定例を紹介します。 - すべてを含む src-all - という単一の大きなコレクションがあります。 - supfile - を組み立てる最初のステップとして、 - これらのコレクションを一行に一つずつ記述します - (この場合は一行だけです)。 - - src-all - - - - - どのバージョンのものが欲しいのか? - - CVSup を使用すると、 - かつて存在していたことのある、事実上どのバージョンの - ソースでも受け取ることができます。これは - cvsupd - サーバがすべてのバージョンを含む CVS - リポジトリに基づいて動作することにより、 - 実現されています。 - tag= および - の value フィールドを使用して、 - 欲しいバージョンの 一つを指定します。 - - - tag= - のフィールドの指定は正確に行うように十分注意 - してください。いくつかのタグは特定のコレクションに - 対してのみ有効です。 - タグの綴りが違っていたり不適切なタグを指定すると、 - CVSup はユーザが消し - たくないファイルまで削除してしまいます。特に - ports-* のコレクション に対しては - tag=. だけ - を指定するようにしてください。 - - - tag= - フィールドはリポジトリ中のシンボリックタグを指定します。 - tag には revision tag と branch tag の二種類があります。 - revision tag は特定のリビジョンを指します。これは、 - 毎日同じ状態に保つことになります。一方 branch tag は、 - ある時点での開発分流の最新のリビジョンを指します。 - branch tag - は特定のリビジョンを指定している訳ではないので、 - 今日と明日では - 異なるリビジョンを参照することになるかもしれません。 - - - にはユーザが興味を持つであろうリビジョンタグの一覧が載せられています。 - CVSup の設定ファイル中でタグを指定する時は、 - tag= に続けて書きます - (RELENG_8 は - tag=RELENG_8 になります)。 - tag=. だけが Ports Collection には - 適切であることに注意してください。 - - - tag - 名を示した通りにタイプされているか十分注意してく - ださい。CVSup は tag - 名が正しいかどうかを見分けることはできません。tag - が間違っていた場合、 - たまたまファイルがまったく存在しない正しい tag が - 指定されたものとしてCVSup - は動作します。その場合は、現在あるソースが削 - 除されるでしょう。 - - - branch tag を指定した際には、 - 通常はその開発分流の最新バージョンの - ファイルを受け取ります。 - いくらか前のバージョンを受け取りたい場合は、 - の value - フィールドを使って日付を指定することで、 - これを実現することが できます。&man.cvsup.1; - のマニュアルページで、 - その方法を説明しています。 - - 例として、&os;-CURRENT を受け取りたいとします。 - 次の行を supfile - の始めに追加します: - - *default tag=. - - tag= フィールドも - date= - フィールドも指定しなかった場合に - 動き出す重要な特殊なケースがあります。そのケースでは、 - 特定のバージョンの ファイルを受け取るのではなく、 - サーバの CVS リポジトリから実際の RCS - ファイルを直接受け取ります。 - 一般的に開発者はこの処理のモードが好きなようです。 - 彼らのシステム上にリポジトリそのものの - コピーを維持することで、 - リビジョン履歴を閲覧し過去のバージョンの - ファイルを検査できるようになります。しかし、 - これには大きなディスクスペースが必要になります。 - - - - - どこから入手したいのか? - - 更新情報をどこから入手するかを - cvsup に伝えるために - host= フィールドを使用します。 - CVSup ミラーサイト - のどこからでも入手できますが、 - ネット上での最寄りのサイトを選ぶべきでしょう。 - この例では、仮想上の &os; 配布サイト - cvsup99.FreeBSD.org - を使用します: - - *default host=cvsup99.FreeBSD.org - - CVSup を実行する前にホスト名を - 実在のものに変更する必要があります。どのように - cvsup を実行しても、この設定は - - を - 使用してコマンドラインで変更することができます。 - - - - - 自分のマシンのどこに置きたいのか? - - prefix= フィールドは、 - cvsup - に受け取ったファイルをどこに置くかを伝えます。 - この例では、ソースファイルを直接メインのソースツリー - /usr/src に置きます。 - src - ディレクトリはすでにファイルを受け取るために - 選択したコレクションで暗黙に指定しているので、 - これは正しい仕様となります: - - *default prefix=/usr - - - - - どこに status ファイルを置きたいのか? - - CVSup クライアントは - base - ディレクトリと呼ばれる場所に、ある status - ファイルを維持しています。 - すでに受け取った更新情報を追従し続けることで、 - これらのファイルは CVSup - がより効果的に動作することを支援します。標準の base - ディレクトリ /var/db - を使用します: - - *default base=/var/db - - base - ディレクトリが存在しない場合は作成しておきましょう。base - ディレクトリが存在しない場合、cvsup - クライアントは実行を拒否します。 - - - - その他もろもろの supfile - の設定: - - 通常 supfile - に入れておくべき行がもう一つあります: - - *default release=cvs delete use-rel-suffix compress - - release=cvs は、サーバがメインの - &os; CVS リポジトリから - その情報を取得するように指示します。 - ほとんどの場合はこのようにしておきますが、 - ここでの説明の範疇をこえるような - 状況では他の指定をすることも可能です。 - - delete は - CVSup - にファイルを削除することを許可します。 - CVSup が - ソースツリーを完全に最新の状態に - 保てるようにするためには、これは常に - 指定しておくべきでしょう。 - CVSup は、 - これらの責任範囲のファイルだけを慎重に削除します。 - たまたま存在する他の余分なファイルについては、 - まったく手をつけずに残しておきます。 - - use-rel-suffix - は、…神秘的なものです。これについて本当に知りたい人は、 - &man.cvsup.1; のマニュアルページをご覧ください。 - でなければ、何も考えずに指定してみてください。 - - compress は通信チャネルで gzip - 形式の圧縮の使用を有効にします。 - ご使用のネットワーク接続が T1 speed 以上である場合、 - この圧縮を使用しない方がよいかもしれません。 - そうでない場合は十分に役に立ちます。 - - - - supfile の例のまとめ: - - 以下は supfile の例の全体です: - - *default tag=. -*default host=cvsup99.FreeBSD.org -*default prefix=/usr -*default base=/var/db -*default release=cvs delete use-rel-suffix compress - -src-all - - - - - <filename>refuse</filename> ファイル - - 既に述べたように、CVSup - は取り寄せ法 (pull method)を用いるのですが、 - これは基本的に次のようなことを意味します。 - まずあなたが CVSup サーバに接続します。 - するとサーバは - あなたがダウンロードできるのはこれこれです と言います。 - それに対し、あなたが使っているクライアントは - わかりました。 - では、これとこれとこれをもらいます と答えます。 - デフォルトの設定の CVSup クライアントは、 - 設定ファイルで選んだコレクションとタグに適合するすべてのファイルを取得します。 - ツリーの一部をダウンロードするには、 - refuse ファイルを使ってください。 - - refuse ファイルは - CVSup に対し、 - コレクションに含まれる一部のファイルを取得することを伝えます。 - 言い換えれば、それはクライアントに対し、 - サーバから来る一部のファイルを拒否するよう指定するということです。 - refuse ファイルは - base/sup/ - にあります (もしファイルがない場合には作成してください)。 - basesupfile 内で定義されています。 - 私達は base に - /var/db を定義しています。つまり、 - refuse ファイルのデフォルトは - /var/db/sup/refuse - ということになります。 - - refuse ファイルの書式は、単にダウンロードしたくないファイルや - ディレクトリの名前が書いてあるだけの非常にシンプルなものです。 - たとえば、以下のような refuse ファイルが考えられます。 - - bin/ -usr.bin/ - - まったく必要としないファイルをダウンロードする必要がなくなり、 - インターネット接続の回線が遅かったり従量制で課金されている人は時間を節約できるようになります。 - refuse ファイルの詳細や - CVSup が持つその他の便利な機能に関しては - マニュアルページを参照してください。 - - - - - <application>CVSup</application> の実行 - - さて、更新の準備ができました。 - これを実行するコマンドラインは実に簡単です: - - &prompt.root; cvsup supfile - - もちろん、ここでの - supfile - は作成したばかりの supfile のファイル名です。X11 - 環境で実行するものと仮定して、cvsup は - 通常の操作に必要なボタンを持つ GUI ウィンドウを表示します。 - go ボタンを押して、 - 実行を監視してください。 - - この例では実際の /usr/src - ツリーを更新しているので、cvsup - にファイルを更新するのに必要なパーミッションを与えるために、 - ユーザ root で実行する必要があります。 - コンフィグレーションファイルを作ったばかりで、 - しかも以前にこのプログラムを実行したことがないので、 - 神経質になるのは無理もない話だと思います。 - 大切なファイルに触らずに試しに実行する簡単な方法があります。 - どこか適当な場所に空のディレクトリを作成して、 - コマンドラインの引数で指定するだけです: - - &prompt.root; mkdir /var/tmp/dest -&prompt.root; cvsup supfile /var/tmp/dest - - 指定したディレクトリは、すべての更新されるファイルの - 更新先ディレクトリとして使用します。 - CVSup は - /usr/src の下のファイルを検査しますが、 - 変更や削除はまったくおこないません。かわりに - /var/tmp/dest/usr/src - に更新されたすべてのファイルが置かれるようになります。 - この方法で実行した場合は、CVSup - は base ディレクトリの status - ファイルを更新せずにそのままにします。 - これらのファイルの新しいバージョンは指定されたディレクトリ - に書き込まれます。/usr/src - の読み取り許可がある限り、このような試し実行のためにユーザ - root になる必要はありません。 - - X11 を利用していないとか単に GUI が気に入らない場合は、 - cvsup 起動時にコマンドラインに - 二つほどオプションを追加する必要があります: - - &prompt.root; cvsup -g -L 2 supfile - - オプションは CVSup - に GUI を使用しないように伝えます。X11 - を利用していない場合には自動的に指定されますが、 - そうでない場合は明示的に指定します。 - - オプションは cvsup - にファイル更新中の詳細情報をプリントアウト - するように伝えます。冗長性には から - までの三つのレベルがあります。 - デフォルトは 0 であり、エラーメッセージ以外はまったく出力 - しません。 - - たくさんの他のオプション変数があります。 - それらの簡単な一覧は cvsup -H - で表示されます。 - より詳しい説明はマニュアルページをご覧ください。 - - 動作している更新の方法に満足したら、&man.cron.8; - を使って CVSup を定期的に - 実行させる準備をすることができます。cron から起動する際には、 - 明示的に CVSup が GUI - を使わないようにする必要があります。 - - - - <application>CVSup</application> ファイルコレクション - - CVSup - 経由で入手できるファイルコレクションは - 階層的に組織化されています。 - いくつか大きなコレクションがあり、 - それらは小さなサブコレクションに 分割されています。 - 大きなコレクションは、そのサブコレクション毎に - 受信することと同じことになります。 - 下の一覧ではコレクション間の階層関係を - 字下げして表現します。 - - 最も一般的に使用するコレクションは - src-all です。 - - - - cvs-all release=cvs - - - メインの &os; CVS リポジトリであり、 - 暗号のコードを含んでいます。 - - - - distrib release=cvs - - - &os; - の配布とミラーに関連するファイルです。 - - - - - - projects-all release=cvs - - - - &os; プロジェクトのリポジトリのソース。 - - - - - src-all release=cvs - - - メインの &os; ソース群であり、 - 暗号のコードを含んでいます。 - - - - src-base - release=cvs - - - /usr/src - のトップにあるその他のファイル。 - - - - - src-bin - release=cvs - - - シングルユーザモードで必要なユーザユーティリティ - (/usr/src/bin)。 - - - - - src-cddl - release=cvs - - - CDDL ライセンスのユーティリティおよびライブラリ - (/usr/src/cddl)。 - - - - - src-contrib - release=cvs - - - &os; - プロジェクト外部からのユーティリティおよびライブラリ、 - 比較的無修正 - (/usr/src/contrib)。 - - - - - - src-crypto release=cvs - - - - &os; - プロジェクトの外部で開発された暗号ユーティリティとライブラリで、 - ほとんどそのままの形で使われます - (/usr/src/crypto)。 - - - - - - src-eBones release=cvs - - - - Kerberos と DES - (/usr/src/eBones) のこと。 - 現在の &os; リリースでは使われていません。 - - - - - src-etc - release=cvs - - - システムコンフィグレーションファイル - (/usr/src/etc)。 - - - - - src-games - release=cvs - - - ゲーム - (/usr/src/games)。 - - - - - src-gnu - release=cvs - - - GNU Public License - 下にあるユーティリティ - (/usr/src/gnu)。 - - - - - src-include - release=cvs - - - ヘッダファイル - (/usr/src/include)。 - - - - - src-kerberos5 - release=cvs - - - Kerberos5 セキュリティパッケージ - (/usr/src/kerberos5)。 - - - - - src-kerberosIV - release=cvs - - - KerberosIV セキュリティパッケージ - (/usr/src/kerberosIV)。 - - - - - src-lib - release=cvs - - - ライブラリ - (/usr/src/lib)。 - - - - - src-libexec - release=cvs - - - システムプログラムであり、 - 通常は他のプログラムから実行される - (/usr/src/libexec)。 - - - - - src-release - release=cvs - - - &os; の release - を構築するために必要なファイル - (/usr/src/release)。 - - - - - src-rescue - release=cvs - - - システム復旧のためのスタティックリンクされている緊急用プログラム。 - &man.rescue.8; をご覧ください - (/usr/src/rescue)。 - - - - - - src-sbin release=cvs - - - - シングルユーザモード用の - システムユーティリティ - (/usr/src/sbin)。 - - - - - src-secure - release=cvs - - - 暗号化ライブラリとコマンド - (/usr/src/secure)。 - - - - - src-share - release=cvs - - - 多様なシステム間で共有可能なファイル - (/usr/src/share)。 - - - - - src-sys - release=cvs - - - カーネル - (/usr/src/sys)。 - - - - - src-sys-crypto - release=cvs - - - カーネル用の暗号コード - (/usr/src/sys/crypto)。 - - - - - src-tools - release=cvs - - - &os; の保守用の色々なツール - (/usr/src/tools)。 - - - - - src-usrbin - release=cvs - - - ユーザユーティリティ - (/usr/src/usr.bin)。 - - - - - src-usrsbin - release=cvs - - - システムユーティリティ - (/usr/src/usr.sbin)。 - - - - - - - - - - - distrib release=self - - - CVSup - サーバ自身のコンフィグレーションファイルです。CVSup - ミラーサイトが使用します。 - - - - - gnats release=current - - - GNATS バグトラッキングデータベースです。 - - - - - mail-archive release=current - - - &os; 関連メーリングリストのアーカイブ。 - - - - - - - 詳細について - - CVSup の FAQ や - CVSup に関するその他の情報については - - The CVSup Home Page をご覧ください。 - - CVSup のほとんどの &os; - 関連の議論は &a.hackers; でおこなわれています。 - ソフトウェアの新しいバージョンは &a.announce; で - アナウンスされます。 - - CVSup に関する質問やバグ報告については - - CVSup FAQ をご覧ください。 - - - - CVSup サイト - - &os; の CVSup - サーバは以下のサイトで稼働しています。 - - &chap.mirrors.cvsup.index.inc; - - &chap.mirrors.lastmod.inc; - - &chap.mirrors.cvsup.inc; - - - - - - CVS タグ - - - CVS は、プロジェクトにおいて使用されなくなったため、 - 非推奨になりました。 - かわりに Subversion - を使ってください。 - - - cvsCVSup - を使用してソースを入手したり同期させたりするとき、 - リビジョンタグを指定しなければなりません。 - リビジョンタグは、特定の &os; 開発ブランチか、 - もしくはある時刻に対応しています。前者を ブランチタグ、 - 後者を リリースタグ と呼びます。 - - - - ブランチタグ - - ここにある HEAD (常に有効なタグ) - 以外のすべてのタグは、src/ のみに有効です。 - ports/doc/、 - www/ ツリーは、ブランチに分けられていません。 - - - - HEAD - - - 主要部をなす流れ、すなわち &os;-CURRENT - のための名前です。また、 - どのリビジョンも指定されなかったときにはこれになります。 - - CVSup では、 - このタグは . で表されます - (句読点ではありません。. - 文字そのものです)。 - - - CVS - ではこれがリビジョンタグが指定されなかった時のデフォルトです。 - STABLE な計算機上に CURRENT - のソースをチェクアウトしたりアップデートするのは、 - 思うところがあってやっているのというのでなければ、 - よい考えとはいえません - - - - - - RELENG_9 - - - &os;-9.X の開発のための流れです。 - &os; 9-STABLE としても知られています。 - - - - - RELENG_9_1 - - - &os;-9.1 用のリリースブランチ。セキュリティ勧告や、 - その他の深刻なセキュリティ上の修正があった場合にのみ使われます。 - - - - - RELENG_9_0 - - - &os;-9.0 用のリリースブランチ。セキュリティ勧告や - その他の深刻なセキュリティ上の修正があった場合にのみ使われます。 - - - *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Tue Jul 1 14:15:32 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 586508F2; Tue, 1 Jul 2014 14:15:32 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 38D1F25C4; Tue, 1 Jul 2014 14:15:32 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s61EFWpB001034; Tue, 1 Jul 2014 14:15:32 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s61EFW2Q001033; Tue, 1 Jul 2014 14:15:32 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407011415.s61EFW2Q001033@svn.freebsd.org> From: Glen Barber Date: Tue, 1 Jul 2014 14:15:32 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45185 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jul 2014 14:15:32 -0000 Author: gjb Date: Tue Jul 1 14:15:31 2014 New Revision: 45185 URL: http://svnweb.freebsd.org/changeset/doc/45185 Log: Regen after r268092. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Tue Jul 1 12:21:24 2014 (r45184) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Tue Jul 1 14:15:31 2014 (r45185) @@ -1,5 +1,5 @@ -FreeBSD 9.3-RELEASE Release Notes

    FreeBSD 9.3-RELEASE Release Notes

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation +FreeBSD 9.3-RELEASE Release Notes

    FreeBSD 9.3-RELEASE Release Notes

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation Project

    FreeBSD is a registered trademark of the FreeBSD Foundation.

    IBM, AIX, OS/2, PowerPC, PS/2, S/390, and ThinkPad are @@ -18,7 +18,7 @@ as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the or the - symbol.

    Last modified on 2014-06-30 by gjb.
    Abstract

    The release notes for FreeBSD 9.3-RELEASE contain + symbol.

    Last modified on 2014-07-01 by gjb.
    Abstract

    The release notes for FreeBSD 9.3-RELEASE contain a summary of the changes made to the FreeBSD base system on the 9.3-STABLE development line. This document lists applicable security advisories that were issued since the last @@ -76,8 +76,8 @@ (Sponsored by TheFreeBSDFoundation)

    A kernel panic triggered by unmounting a busy zfs(8) filesystem has been fixed. [r257253]

    A deadlock triggered by powering off - a USB device has been fixed. [r257373]

    The ata(4) driver has been updated - to support Intel Lynx Point PCH SMBus devices. [r258214]

    The ata(4) driver has been updated + a USB device has been fixed. [r257373]

    The ichsmb(4) driver has been + updated to support Intel Lynx Point PCH SMBus devices. [r258214]

    The ata(4) driver has been updated to support Coleto Creek devices. [r258215]

    The ahci(4) driver has been updated to support the PCI-express solid state drive in the AppleMacBook Air (model A1465). [r258217]

    The sysctl(8) From owner-svn-doc-all@FreeBSD.ORG Tue Jul 1 18:53:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7D3C2323; Tue, 1 Jul 2014 18:53:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 693792268; Tue, 1 Jul 2014 18:53:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s61IrgWM036167; Tue, 1 Jul 2014 18:53:42 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s61Irgff036166; Tue, 1 Jul 2014 18:53:42 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201407011853.s61Irgff036166@svn.freebsd.org> From: Gavin Atkinson Date: Tue, 1 Jul 2014 18:53:42 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45186 - head/en_US.ISO8859-1/htdocs/projects X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jul 2014 18:53:42 -0000 Author: gavin Date: Tue Jul 1 18:53:41 2014 New Revision: 45186 URL: http://svnweb.freebsd.org/changeset/doc/45186 Log: Fix some dead links, and remove some very old projects (one of which was integrated before FreeBSD 3.3 was released...) Minimal update, the reality is that every page under /projects/ likely needs either updating or deleting. Modified: head/en_US.ISO8859-1/htdocs/projects/projects.xml Modified: head/en_US.ISO8859-1/htdocs/projects/projects.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/projects/projects.xml Tue Jul 1 14:15:31 2014 (r45185) +++ head/en_US.ISO8859-1/htdocs/projects/projects.xml Tue Jul 1 18:53:41 2014 (r45186) @@ -105,7 +105,7 @@ install a wide range of applications wit A list of current ports is available along with a search mechanism to see if a specific application exists in the Ports Collection. -

  • FreeBSD Ports distfiles survey: +
  • FreeBSD Ports distfiles scanner: A list which checks the Ports Collection for unfetchable distfiles and provides a summary for each port.
    • @@ -113,7 +113,7 @@ and provides a summary for each port. -
  • Pointyhat: Is a server which +
  • PortsMon: Is a server which checks the Ports Collection and keeps package building logs and error logs for each port.
    • @@ -122,7 +122,7 @@ notification of any changes.

    Networking

    • Netperf: -Network stack optimization for the FreeBSD 5.x and 6.x kernels, a follow-on +Network stack performance and optimization, a follow-on to the SMPng network stack locking work for FreeBSD 5.3. This project is exploring and implementing optimizations strategies for a multi-threaded network stack.
      • @@ -213,30 +213,10 @@ authors avoid adding platform-specific D the portability of drivers between hardware architectures. This page also tracks the progress of drivers towards being SMPng-safe. -
    • -A New Device Framework for FreeBSD
      • - -
    • BSD ATM: implementation of ATM internetworking under 4.4BSD: -New computer applications in areas such as multimedia, imaging, -and distributed computing demand high levels of performance from -computer networks. ATM-based networking solutions provide one -possible alternative to meeting these performance needs. -However, the complexity of ATM over traditional networks such as -Ethernet has proven to be a barrier to its being used. In this -paper we present the design and implementation of BSD ATM, a -light-weight and efficient ATM software layer for BSD-based -operating systems that requires minimal changes to the operating -system. BSD ATM can be used both for IP-based networking traffic -and for ``native'' ATM traffic.
      • -
    • Home Automation: Using FreeBSD to run appliance controllers, infra-red controllers, automated telephone systems, and more.
      • -
    • The FreeBSD Token-Ring Project: -Information, files, patches, and documentation about adding Token Ring -support to FreeBSD.
      • -
    • Xircom CEM Ethernet Driver: A mailing list exists for further development of Scott Mitchell's Xircom CEM ethernet driver. Send subscribe freebsd-xircom to hierarchy on your browser to view each file's revision history in a very handy manner.
      • -
    • The FreeBSD - Laptop Compatibility List: A comprehensive database of - laptops and PCMCIA cards that work with FreeBSD. This site - contains detailed information about known hardware and - software issues.
      • -
    • TET Integration: The Test Execution Toolkit from The Open Group is a From owner-svn-doc-all@FreeBSD.ORG Tue Jul 1 18:58:48 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 475489A3; Tue, 1 Jul 2014 18:58:48 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 33B8622FA; Tue, 1 Jul 2014 18:58:48 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s61Iwm5X037635; Tue, 1 Jul 2014 18:58:48 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s61IwmIn037634; Tue, 1 Jul 2014 18:58:48 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201407011858.s61IwmIn037634@svn.freebsd.org> From: Gavin Atkinson Date: Tue, 1 Jul 2014 18:58:48 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45187 - head/en_US.ISO8859-1/htdocs/projects X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jul 2014 18:58:48 -0000 Author: gavin Date: Tue Jul 1 18:58:47 2014 New Revision: 45187 URL: http://svnweb.freebsd.org/changeset/doc/45187 Log: The FreeBSD Project no longer maintain CVSweb, make this clear on the project page. Minimally update the rest of the page. Suggested by: eadler Approved by: Jonathan Noack (silence), scop, fenner, core Modified: head/en_US.ISO8859-1/htdocs/projects/cvsweb.xml Modified: head/en_US.ISO8859-1/htdocs/projects/cvsweb.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/projects/cvsweb.xml Tue Jul 1 18:53:41 2014 (r45186) +++ head/en_US.ISO8859-1/htdocs/projects/cvsweb.xml Tue Jul 1 18:58:47 2014 (r45187) @@ -33,20 +33,32 @@ Project, and instantly won great popularity among software developers for its usability.

      + + + + + + +

      Please note that CVSweb is no longer + maintained, and is no longer in use within the FreeBSD Project. + There may be unpatched security issues with the code available on + this page. The information and files available here are retained + for historical interest only; we can not recommend anybody use the + code available here without an understanding that any security + issues discovered will not be fixed.

      +

      FreeBSD-CVSweb, formerly known as knu-CVSweb, is an enhanced version of CVSweb based on Henner Zeller's CVSweb, which is an extended version of the original CVSweb. &a.knu; made numerous cleanups, bug-fixes, security enhancements and feature improvements over the version and brought it back where it was - born. Ville Skyttä continued that work; the project is currently - being maintained by Jonathan Noack.

      + born. Ville Skyttä continued that work; the project was most + recently maintained by Jonathan Noack.

      FreeBSD-CVSweb is freely available under the terms of The BSD License. It is currently used by such projects as - FreeBSD, - Mandriva, NetBSD, OpenBSD and Download the tarball from the following sites. The latest stable release is 3.0.6 (released 2005-09-25), see - NEWS and - ChangeLog for changes.

      + the NEWS and ChangeLog files within the tarball for changes.

      • ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/local-distfiles/scop/
        • @@ -90,37 +101,5 @@
        - -

        Resources

        - -
        -
        Project mailing list:
        - -
        freebsd-cvsweb@FreeBSD.org - is the mailing list for people discussing the development of - FreeBSD-CVSweb. Patches, bug reports and feature requests - are welcome. To join the list, follow the instructions in the - FreeBSD Handbook. - List archives - are also available.
        - -
        CVS repository:
        - -
        FreeBSD-CVSweb is available through - anonymous - CVS pserver. - The module name is /projects/cvsweb. - The current stable branch is MAIN, and - rel-2_0-branch contains the legacy version. -
        - -
        CVSweb on CVSweb:
        - -
        You can browse the FreeBSD-CVSweb source via itself at - http://www.FreeBSD.org/cgi/cvsweb.cgi/projects/cvsweb/. -
        -
        - - From owner-svn-doc-all@FreeBSD.ORG Tue Jul 1 19:23:33 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AE222A79; Tue, 1 Jul 2014 19:23:33 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 80DC825DE; Tue, 1 Jul 2014 19:23:33 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s61JNXj6051449; Tue, 1 Jul 2014 19:23:33 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s61JNXMO051447; Tue, 1 Jul 2014 19:23:33 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201407011923.s61JNXMO051447@svn.freebsd.org> From: Gavin Atkinson Date: Tue, 1 Jul 2014 19:23:33 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45188 - head/en_US.ISO8859-1/books/handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jul 2014 19:23:33 -0000 Author: gavin Date: Tue Jul 1 19:23:32 2014 New Revision: 45188 URL: http://svnweb.freebsd.org/changeset/doc/45188 Log: Since r44073, we no longer publish the list of CVSup mirrors in the handbook anywhere, so stop generating the raw mirror list files. Modified: head/en_US.ISO8859-1/books/handbook/Makefile head/en_US.ISO8859-1/books/handbook/chapters.ent Modified: head/en_US.ISO8859-1/books/handbook/Makefile ============================================================================== --- head/en_US.ISO8859-1/books/handbook/Makefile Tue Jul 1 18:58:47 2014 (r45187) +++ head/en_US.ISO8859-1/books/handbook/Makefile Tue Jul 1 19:23:32 2014 (r45188) @@ -288,8 +288,6 @@ DOC_PREFIX?= ${.CURDIR}/../../.. XMLDOCS= lastmod:::mirrors.lastmod.inc \ mirrors-ftp-index:::mirrors.xml.ftp.index.inc \ mirrors-ftp:::mirrors.xml.ftp.inc \ - mirrors-cvsup-index:::mirrors.xml.cvsup.index.inc \ - mirrors-cvsup:::mirrors.xml.cvsup.inc \ eresources-index:::eresources.xml.www.index.inc \ eresources:::eresources.xml.www.inc DEPENDSET.DEFAULT= transtable mirror @@ -303,12 +301,6 @@ PARAMS.mirrors-ftp-index+= --param 'type PARAMS.mirrors-ftp+= --param 'type' "'ftp'" \ --param 'proto' "'ftp'" \ --param 'target' "'handbook/mirrors/chapter.xml'" -PARAMS.mirrors-cvsup-index+= --param 'type' "'cvsup'" \ - --param 'proto' "'cvsup'" \ - --param 'target' "'index'" -PARAMS.mirrors-cvsup+= --param 'type' "'cvsup'" \ - --param 'proto' "'cvsup'" \ - --param 'target' "'handbook/mirrors/chapter.xml'" PARAMS.eresources-index+= --param 'type' "'www'" \ --param 'proto' "'http'" \ --param 'target' "'index'" @@ -319,8 +311,6 @@ PARAMS.eresources+= --param 'type' "'www SRCS+= mirrors.lastmod.inc \ mirrors.xml.ftp.inc \ mirrors.xml.ftp.index.inc \ - mirrors.xml.cvsup.inc \ - mirrors.xml.cvsup.index.inc \ eresources.xml.www.inc \ eresources.xml.www.index.inc Modified: head/en_US.ISO8859-1/books/handbook/chapters.ent ============================================================================== --- head/en_US.ISO8859-1/books/handbook/chapters.ent Tue Jul 1 18:58:47 2014 (r45187) +++ head/en_US.ISO8859-1/books/handbook/chapters.ent Tue Jul 1 19:23:32 2014 (r45188) @@ -56,8 +56,6 @@ - - From owner-svn-doc-all@FreeBSD.ORG Tue Jul 1 21:20:20 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 824E6645; Tue, 1 Jul 2014 21:20:20 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6EB002012; Tue, 1 Jul 2014 21:20:20 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s61LKKFx006228; Tue, 1 Jul 2014 21:20:20 GMT (envelope-from rmacklem@svn.freebsd.org) Received: (from rmacklem@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s61LKKcc006207; Tue, 1 Jul 2014 21:20:20 GMT (envelope-from rmacklem@svn.freebsd.org) Message-Id: <201407012120.s61LKKcc006207@svn.freebsd.org> From: Rick Macklem Date: Tue, 1 Jul 2014 21:20:20 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45189 - head/en_US.ISO8859-1/books/porters-handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jul 2014 21:20:20 -0000 Author: rmacklem (src committer) Date: Tue Jul 1 21:20:19 2014 New Revision: 45189 URL: http://svnweb.freebsd.org/changeset/doc/45189 Log: Add an entry for the __FreeBSD_version bump. Modified: head/en_US.ISO8859-1/books/porters-handbook/versions.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/versions.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/versions.xml Tue Jul 1 19:23:32 2014 (r45188) +++ head/en_US.ISO8859-1/books/porters-handbook/versions.xml Tue Jul 1 21:20:19 2014 (r45189) @@ -5213,3 +5213,11 @@ it was never committed: been attached to the build by default (rev 267440). + + + 1100026 + July 1, 2014 + 11.0-CURRENT after the internal interface between the NFS + modules, including the krpc, was changed by (rev + 268115). + From owner-svn-doc-all@FreeBSD.ORG Wed Jul 2 00:12:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 32E85BA6; Wed, 2 Jul 2014 00:12:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1E6612F86; Wed, 2 Jul 2014 00:12:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s620Cte1092584; Wed, 2 Jul 2014 00:12:55 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s620Ct1l092583; Wed, 2 Jul 2014 00:12:55 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201407020012.s620Ct1l092583@svn.freebsd.org> From: Gavin Atkinson Date: Wed, 2 Jul 2014 00:12:55 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45190 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Jul 2014 00:12:56 -0000 Author: gavin Date: Wed Jul 2 00:12:55 2014 New Revision: 45190 URL: http://svnweb.freebsd.org/changeset/doc/45190 Log: Since r44073, we no longer publish CVSup mirrors on the web site. Remove them from the mirror list source. Many thanks to all of the people who have have maintained these systems over the years (sometimes more than 10!). You have helped FreeBSD grow to what it is today, and your contribution is very much appreciated. Modified: head/share/xml/mirrors.xml Modified: head/share/xml/mirrors.xml ============================================================================== --- head/share/xml/mirrors.xml Tue Jul 1 21:20:19 2014 (r45189) +++ head/share/xml/mirrors.xml Wed Jul 2 00:12:55 2014 (r45190) @@ -21,9 +21,6 @@ http://ftp.FreeBSD.org/pub/FreeBSD/ - - cvsup.FreeBSD.org - @@ -90,58 +87,6 @@ http://ftp14.FreeBSD.org/pub/FreeBSD/ - - cvsup1.FreeBSD.org - - - - cvsup3.FreeBSD.org - - - - cvsup4.FreeBSD.org - - - - cvsup5.FreeBSD.org - - - - cvsup6.FreeBSD.org - - - - cvsup7.FreeBSD.org - - - - cvsup9.FreeBSD.org - - - - cvsup10.FreeBSD.org - - - - cvsup11.FreeBSD.org - - - - cvsup12.FreeBSD.org - - - - cvsup14.FreeBSD.org - - - - cvsup15.FreeBSD.org - - - - cvsup18.FreeBSD.org - - mirror-admin@FreeBSD.org @@ -231,10 +176,6 @@ ftp://ftp4.br.FreeBSD.org/pub/FreeBSD/ - - cvsup2.br.FreeBSD.org - - hostmaster@br.FreeBSD.org @@ -302,10 +243,6 @@ http://ftp2.cz.FreeBSD.org/pub/FreeBSD/ - - cvsup.cz.FreeBSD.org - - hostmaster@cz.FreeBSD.org @@ -325,10 +262,6 @@ http://ftp.dk.FreeBSD.org/pub/FreeBSD/ - - cvsup.dk.FreeBSD.org - - hostmaster@dk.FreeBSD.org @@ -339,10 +272,6 @@ ftp://ftp.ee.FreeBSD.org/pub/FreeBSD/ - - cvsup.ee.FreeBSD.org - - hostmaster@ee.FreeBSD.org @@ -358,10 +287,6 @@ ftp://ftp.fi.FreeBSD.org/pub/FreeBSD/ - - cvsup.fi.FreeBSD.org - - hostmaster@fi.FreeBSD.org @@ -410,18 +335,6 @@ ftp://ftp8.fr.FreeBSD.org/pub/FreeBSD/ - - cvsup3.fr.FreeBSD.org - - - - cvsup5.fr.FreeBSD.org - - - - cvsup8.fr.FreeBSD.org - - rsync1.fr.FreeBSD.org @@ -477,22 +390,6 @@ ftp://ftp8.de.FreeBSD.org/pub/FreeBSD/ - - cvsup.de.FreeBSD.org - - - - cvsup2.de.FreeBSD.org - - - - cvsup4.de.FreeBSD.org - - - - cvsup5.de.FreeBSD.org - - de-bsd-hubs@de.FreeBSD.org @@ -539,27 +436,9 @@ - - cvsup.ie.FreeBSD.org - - - - cvsup2.ie.FreeBSD.org - - hostmaster@ie.FreeBSD.org - - Italy - - - cvsup.it.FreeBSD.org - - - hostmaster@it.FreeBSD.org - - Japan @@ -613,30 +492,6 @@ ftp://ftp9.jp.FreeBSD.org/pub/FreeBSD/ - - cvsup.jp.FreeBSD.org - - - - cvsup2.jp.FreeBSD.org - - - - cvsup3.jp.FreeBSD.org - - - - cvsup4.jp.FreeBSD.org - - - - cvsup5.jp.FreeBSD.org - - - - cvsup6.jp.FreeBSD.org - - hostmaster@jp.FreeBSD.org @@ -654,10 +509,6 @@ http://ftp2.kr.FreeBSD.org/pub/FreeBSD/ - - cvsup.kr.FreeBSD.org - - hostmaster@kr.FreeBSD.org @@ -668,10 +519,6 @@ http://www.lv.FreeBSD.org/ - - cvsup.lv.FreeBSD.org - - ftp.lv.FreeBSD.org ftp://ftp.lv.FreeBSD.org/pub/FreeBSD/ @@ -694,10 +541,6 @@ http://ftp.lt.FreeBSD.org/pub/FreeBSD/ - - cvsup.lt.FreeBSD.org - - hostmaster@lt.FreeBSD.org @@ -746,10 +589,6 @@ - - cvsup.no.FreeBSD.org - - hostmaster@no.FreeBSD.org @@ -773,10 +612,6 @@ ftp://ftp3.pl.FreeBSD.org/pub/FreeBSD/ --> - - cvsup.pl.FreeBSD.org - - hostmaster@pl.FreeBSD.org @@ -824,18 +659,6 @@ ftp://ftp6.ru.FreeBSD.org/pub/FreeBSD/ - - cvsup3.ru.FreeBSD.org - - - - cvsup5.ru.FreeBSD.org - - - - cvsup6.ru.FreeBSD.org - - hostmaster@ru.FreeBSD.org @@ -861,10 +684,6 @@ ftp://ftp.si.FreeBSD.org/pub/FreeBSD/ - - cvsup.si.FreeBSD.org - - hostmaster@si.FreeBSD.org @@ -916,18 +735,6 @@ ftp://ftp3.es.FreeBSD.org/pub/FreeBSD/ - - cvsup.es.FreeBSD.org - - - - cvsup2.es.FreeBSD.org - - - - cvsup3.es.FreeBSD.org - - hostmaster@es.FreeBSD.org @@ -970,10 +777,6 @@ http://ftp6.se.FreeBSD.org/pub/FreeBSD/ - - cvsup.se.FreeBSD.org - - hostmaster@se.FreeBSD.org @@ -1095,34 +898,6 @@ ftp://ftp15.tw.FreeBSD.org/pub/FreeBSD/ - - cvsup.tw.FreeBSD.org - - - - cvsup3.tw.FreeBSD.org - - - - cvsup6.tw.FreeBSD.org - - - - cvsup10.tw.FreeBSD.org - - - - cvsup11.tw.FreeBSD.org - - - - cvsup12.tw.FreeBSD.org - - - - cvsup13.tw.FreeBSD.org - - hostmaster@tw.FreeBSD.org @@ -1265,54 +1040,6 @@ ftp://ftp15.us.FreeBSD.org/pub/FreeBSD/ - - cvsup1.us.FreeBSD.org - - - - cvsup3.us.FreeBSD.org - - - - cvsup4.us.FreeBSD.org - - - - cvsup5.us.FreeBSD.org - - - - cvsup7.us.FreeBSD.org - - - - cvsup9.us.FreeBSD.org - - - - cvsup11.us.FreeBSD.org - - - - cvsup12.us.FreeBSD.org - - - - cvsup13.us.FreeBSD.org - - - - cvsup14.us.FreeBSD.org - - - - cvsup15.us.FreeBSD.org - - - - cvsup18.us.FreeBSD.org - - hostmaster@us.FreeBSD.org From owner-svn-doc-all@FreeBSD.ORG Wed Jul 2 01:12:18 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 972C92D5; Wed, 2 Jul 2014 01:12:18 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6ABC02445; Wed, 2 Jul 2014 01:12:18 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s621CIg0020304; Wed, 2 Jul 2014 01:12:18 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s621CIHX020303; Wed, 2 Jul 2014 01:12:18 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201407020112.s621CIHX020303@svn.freebsd.org> From: Warren Block Date: Wed, 2 Jul 2014 01:12:18 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45191 - head/en_US.ISO8859-1/books/handbook/basics X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Jul 2014 01:12:18 -0000 Author: wblock Date: Wed Jul 2 01:12:17 2014 New Revision: 45191 URL: http://svnweb.freebsd.org/changeset/doc/45191 Log: Remove excess word. PR: 191541 Submitted by: cs@ Modified: head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/basics/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Wed Jul 2 00:12:55 2014 (r45190) +++ head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Wed Jul 2 01:12:17 2014 (r45191) @@ -171,7 +171,7 @@ login: to access the second virtual console (ttyv2), and so on. - When switching from one console to the next, &os; takes + When switching from one console to the next, &os; manages the screen output. The result is an illusion of having multiple virtual screens and keyboards that can be used to type commands for &os; to run. The programs that are From owner-svn-doc-all@FreeBSD.ORG Wed Jul 2 08:13:02 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B27EB994; Wed, 2 Jul 2014 08:13:02 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9F7912650; Wed, 2 Jul 2014 08:13:02 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s628D2FC017282; Wed, 2 Jul 2014 08:13:02 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s628D2xG017281; Wed, 2 Jul 2014 08:13:02 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201407020813.s628D2xG017281@svn.freebsd.org> From: Gavin Atkinson Date: Wed, 2 Jul 2014 08:13:02 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45192 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Jul 2014 08:13:02 -0000 Author: gavin Date: Wed Jul 2 08:13:02 2014 New Revision: 45192 URL: http://svnweb.freebsd.org/changeset/doc/45192 Log: For reasons that are not clear to me yet, the translated versions of the handbook fail to build on the cluster with no CVSup mirrors listed. I can't recreate this locally, but for now, add back a single mirror (cvsup.freebsd.org, which is under clusteradm control). Hopefully that should be sufficient to allow the build to complete. Noticed by: wblock Pointy hat to: gavin Modified: head/share/xml/mirrors.xml Modified: head/share/xml/mirrors.xml ============================================================================== --- head/share/xml/mirrors.xml Wed Jul 2 01:12:17 2014 (r45191) +++ head/share/xml/mirrors.xml Wed Jul 2 08:13:02 2014 (r45192) @@ -21,6 +21,10 @@ http://ftp.FreeBSD.org/pub/FreeBSD/ + + cvsup.FreeBSD.org + + From owner-svn-doc-all@FreeBSD.ORG Wed Jul 2 08:39:40 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0626C1DA; Wed, 2 Jul 2014 08:39:40 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DAF6E2857; Wed, 2 Jul 2014 08:39:39 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s628ddV6027852; Wed, 2 Jul 2014 08:39:39 GMT (envelope-from mav@svn.freebsd.org) Received: (from mav@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s628dd71027851; Wed, 2 Jul 2014 08:39:39 GMT (envelope-from mav@svn.freebsd.org) Message-Id: <201407020839.s628dd71027851@svn.freebsd.org> From: Alexander Motin Date: Wed, 2 Jul 2014 08:39:39 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45193 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Jul 2014 08:39:40 -0000 Author: mav (src committer) Date: Wed Jul 2 08:39:39 2014 New Revision: 45193 URL: http://svnweb.freebsd.org/changeset/doc/45193 Log: Update my key. Modified: head/share/pgpkeys/mav.key Modified: head/share/pgpkeys/mav.key ============================================================================== --- head/share/pgpkeys/mav.key Wed Jul 2 08:13:02 2014 (r45192) +++ head/share/pgpkeys/mav.key Wed Jul 2 08:39:39 2014 (r45193) @@ -1,49 +1,42 @@ -uid Alexander Motin -uid Alexander Motin -sub 2048g/4D59D1C2 2007-04-20 [expires: 2012-04-18] +pub 2048R/8318C3955BAB227F 2014-07-02 [亞仂亟亠仆 亟仂: 2017-07-01] +仗亠舒仂从 从仍ム舒 = E98C F3C4 E69C C3CD 0E57 9D55 8318 C395 5BAB 227F +uid Alexander Motin +sub 2048R/0644E1A545DBCC15 2014-07-02 [亞仂亟亠仆 亟仂: 2017-07-01] + ]]> From owner-svn-doc-all@FreeBSD.ORG Wed Jul 2 08:59:33 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 29273B8E; Wed, 2 Jul 2014 08:59:33 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 14FDE2A42; Wed, 2 Jul 2014 08:59:33 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s628xWRt037131; Wed, 2 Jul 2014 08:59:32 GMT (envelope-from mav@svn.freebsd.org) Received: (from mav@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s628xWDa037130; Wed, 2 Jul 2014 08:59:32 GMT (envelope-from mav@svn.freebsd.org) Message-Id: <201407020859.s628xWDa037130@svn.freebsd.org> From: Alexander Motin Date: Wed, 2 Jul 2014 08:59:32 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45194 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Jul 2014 08:59:33 -0000 Author: mav (src committer) Date: Wed Jul 2 08:59:32 2014 New Revision: 45194 URL: http://svnweb.freebsd.org/changeset/doc/45194 Log: Add some of my emails. Modified: head/share/pgpkeys/mav.key Modified: head/share/pgpkeys/mav.key ============================================================================== --- head/share/pgpkeys/mav.key Wed Jul 2 08:39:39 2014 (r45193) +++ head/share/pgpkeys/mav.key Wed Jul 2 08:59:32 2014 (r45194) @@ -5,7 +5,10 @@ sh addkey.sh mav 8318C3955BAB227F ; uid Alexander Motin +uid Alexander Motin +uid Alexander Motin sub 2048R/0644E1A545DBCC15 2014-07-02 [亞仂亟亠仆 亟仂: 2017-07-01] ]]> @@ -25,18 +28,41 @@ YxfvnE0s1yEbWC/x7I3BXZBjPV5jVmWDaTyTKA/b +7ke1i+9djuWEJu6Mw9qZz2AHg+JOY8Q+42/vXV+pXGpc0zYcgOkPTZ7So4YGdHC Kw7eGqYmNXKCj+xHMcqhSi5rQRUfEYxCrM6HI8IDLMVsRB7sf0UO+GLJkxBjoMf0 ECS+EC3t0jlY6V5qunic+nhpGY3q/rkp/xkzlsFS8pg2/1iCl31Pn+aqrzf+10Ps -L6hnuQENBFOzxAwBCADmYFn9nCSLvufCMz9nZFxP7q497a+Dqqwf8hxllH+9S8+g -9BYumQF4A7ZnBSxj3zMlriwL0jPsZqILpO8wuIUQWL0MnJiIbqgatYztVqf2fpaa -DzP9XA2C5/BZb5iP3ONDIVGYd+OQwOI2FlmmTY0B1FlUNXz3+feb3VVTD0/2mxPB -OQ2hen0pEZqhU5n2EZH27d8rVPDXVGqQ3CVWO3BD9pyQVTWT5ziDm0f2SIEsY46x -uaN+Ml6KnrqfCb8BL/vzcpc87slxGUdRHRCM0P2tZ4f9I+DV7c2RKiluGk1pZkqm -+sDfI4dTkjjqpGLH5xN538XGW8YuCEaDUGJZufUfABEBAAGJASUEGAEKAA8FAlOz -xAwCGwwFCQWjmoAACgkQgxjDlVurIn+xUQf+JPcvxmhqlH3CYl3UB0QChwlL2yjB -YHhAxzoN96sfjzktgIfOfz11Wto2AZXQmQ5mHPs5ePGhDHdet2u7N9ICWgewmBJc -MZSlJOnPuYMKGCCbiSc0s1tCc0g+XIe0SEcW38aynbIh61FvAHnbmVs5SulWlkZl -iC4C5sXy3YRFRVsW6/fRknlRWWmcJ+rZf/ArwXIGKAEbyb5dFec0tWpEHxCEmJMC -/RH1CFuOBDh62py+alF5HnVwWKen0bKKBqyIpn8GMWgvBW14ZNxTIDIwzEYlauDz -h6NYhnmBE7FKyzTOtfOBNuYD1bV9n290YTPF4egZMAmemWG0PgHA+Bf3Cg== -=LoYK +L6hntCNBbGV4YW5kZXIgTW90aW4gPG1hdkBtYXZob21lLmRwLnVhPokBPQQTAQoA +JwUCU7PJWgIbAwUJBaOagAULCQgHAwUVCgkICwUWAwIBAAIeAQIXgAAKCRCDGMOV +W6sif+RCCADP6DmzHPcYR6FNFLp8hEogvA1aAz68G0ieU34Gh5gUpjWbfXC2Nf5A +9jH/mIpII02qLC+r7V3tXkxX5h2GBFaNDNCd5jhDo2t+d7oU0Jei4fUB/iHlyAWx +ocZ8znwqVLVZdXkYa07aOwwOXYLzaChGT/U1CWh/SNoyO5CQGkQNJsbPET9Hh2Z5 +hC7R8Ka7v5Jze9K9R195tjRMo814A8H4Zn7ovHSupGnKdJ30yK+bQevV89v+iD9w +HBulA6g+q41fXuR8yI5Nn57LVSk49VQo1kBb/BOIX7SEv7JQvjuza1NqwaEQTyYJ +Pq5807RY7r1ZcIA7LsdFO88AwMl8cjBptCJBbGV4YW5kZXIgTW90aW4gPG1hdmJz +ZEBnbWFpbC5jb20+iQE9BBMBCgAnBQJTs8mLAhsDBQkFo5qABQsJCAcDBRUKCQgL +BRYDAgEAAh4BAheAAAoJEIMYw5VbqyJ/eFgH/R3NJ3ZU5/zEPYdUYy69ljJKP7kK +fJkUyJckLK2D4B5Tjqnb88RBlDhYCRskpsJfezXC4GC4I2d31CbszZZaEkHeleLI +dXExmEBK667/r9Wf8Wsh6rZGCky3eepiOrQLMkDGGCE6Ha9jF6Vt/5U/atHxC5uc +GLej0m21OSjofP9qS3m1F5HjuDs/JxtgodLwKWlXD3bPJl4hJQ7QJNu0eKdtXWOb +J4lAOXOBwbq1IHu9caKYc+YpxzmwVn3C2cZcrLCrlZUcLyCR4gYy+LSw5EvhyUI9 +Gr3xQU5W137G47zR/9GKcGXGVDZfFWMP2HXqeM4s8jRA85X+ab8oC6tLODu0I0Fs +ZXhhbmRlciBNb3RpbiA8bWF2QGl4c3lzdGVtcy5jb20+iQE9BBMBCgAnBQJTs8mw +AhsDBQkFo5qABQsJCAcDBRUKCQgLBRYDAgEAAh4BAheAAAoJEIMYw5VbqyJ/1YgH +/A5uqC/GzWXzKKSv53V2LbNlbHY83wZ9qmhNgnZsnh7wVFjYTTMj3ovLJPmm8NQ6 +y8KUs6EShr4cBEUA+eqHKZpMEV47E9Wgj7DUL4ZPkyBXr3Blnti0yyHcN/MzOoxs +L5g+jjKXPjqZ7lXUeIgfmPtf3FEpmzJoFnEJ39YnOJqrn7uvtCPtX9hGJK+7X4Kd +3d2M3MHGN1HdNWAMhgOS+2qTzRK/GI0feg+frFex+9du4glggTq6yR93sr2PXBSp +7JJ1r56KEQDDIRCk1MauAOIeESXkMYC+RT3q8mkXFzTM/40MJjOK0p75oNXpA86j +Po++7dPndGCNFw6Y8jw2uJS5AQ0EU7PEDAEIAOZgWf2cJIu+58IzP2dkXE/urj3t +r4OqrB/yHGWUf71Lz6D0Fi6ZAXgDtmcFLGPfMyWuLAvSM+xmoguk7zC4hRBYvQyc +mIhuqBq1jO1Wp/Z+lpoPM/1cDYLn8FlvmI/c40MhUZh345DA4jYWWaZNjQHUWVQ1 +fPf595vdVVMPT/abE8E5DaF6fSkRmqFTmfYRkfbt3ytU8NdUapDcJVY7cEP2nJBV +NZPnOIObR/ZIgSxjjrG5o34yXoqeup8JvwEv+/NylzzuyXEZR1EdEIzQ/a1nh/0j +4NXtzZEqKW4aTWlmSqb6wN8jh1OSOOqkYsfnE3nfxcZbxi4IRoNQYlm59R8AEQEA +AYkBJQQYAQoADwUCU7PEDAIbDAUJBaOagAAKCRCDGMOVW6sif7FRB/4k9y/GaGqU +fcJiXdQHRAKHCUvbKMFgeEDHOg33qx+POS2Ah85/PXVa2jYBldCZDmYc+zl48aEM +d163a7s30gJaB7CYElwxlKUk6c+5gwoYIJuJJzSzW0JzSD5ch7RIRxbfxrKdsiHr +UW8AeduZWzlK6VaWRmWILgLmxfLdhEVFWxbr99GSeVFZaZwn6tl/8CvBcgYoARvJ +vl0V5zS1akQfEISYkwL9EfUIW44EOHranL5qUXkedXBYp6fRsooGrIimfwYxaC8F +bXhk3FMgMjDMRiVq4POHo1iGeYETsUrLNM6184E25gPVtX2fb3RhM8Xh6BkwCZ6Z +YbQ+AcD4F/cK +=DQW2 -----END PGP PUBLIC KEY BLOCK----- ]]> From owner-svn-doc-all@FreeBSD.ORG Wed Jul 2 09:44:04 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 54C0292D; Wed, 2 Jul 2014 09:44:04 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 41D1A2FD7; Wed, 2 Jul 2014 09:44:04 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s629i4lp059560; Wed, 2 Jul 2014 09:44:04 GMT (envelope-from mav@svn.freebsd.org) Received: (from mav@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s629i4EJ059559; Wed, 2 Jul 2014 09:44:04 GMT (envelope-from mav@svn.freebsd.org) Message-Id: <201407020944.s629i4EJ059559@svn.freebsd.org> From: Alexander Motin Date: Wed, 2 Jul 2014 09:44:04 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45195 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Jul 2014 09:44:04 -0000 Author: mav (src committer) Date: Wed Jul 2 09:44:03 2014 New Revision: 45195 URL: http://svnweb.freebsd.org/changeset/doc/45195 Log: Change preferred UID. Modified: head/share/pgpkeys/mav.key Modified: head/share/pgpkeys/mav.key ============================================================================== --- head/share/pgpkeys/mav.key Wed Jul 2 08:59:32 2014 (r45194) +++ head/share/pgpkeys/mav.key Wed Jul 2 09:44:03 2014 (r45195) @@ -5,8 +5,8 @@ sh addkey.sh mav 8318C3955BAB227F ; uid Alexander Motin +uid Alexander Motin uid Alexander Motin uid Alexander Motin sub 2048R/0644E1A545DBCC15 2014-07-02 [亞仂亟亠仆 亟仂: 2017-07-01] @@ -20,49 +20,49 @@ yr4ak/4g9bKUyC7rMEAp/ZHNhd+MFCPAAcHPvtov KVLks0CwbLHGAyne46lTQW74Xl/33c3W1Z6d8jD9gVFT/xaVzZ0U9xdzOmsYAZaA j4ki0tuxO9F7L+ct9grRe7iPg8t9hai7BL4ee3VRwk2JXnKb7UvBiVITKYWKz1jR vZIrjPokgEcCLOSlv7x/1kjuFnj3xWZU7HSFFT8J93epBbrSSCsYsppIk2fZH41k -aaFXsMQfTPH8wkeM6qwrvOh4HiQM08R+9tThABEBAAG0IUFsZXhhbmRlciBNb3Rp -biA8bWF2QEZyZWVCU0Qub3JnPokBPQQTAQoAJwUCU7PEDAIbAwUJBaOagAULCQgH -AwUVCgkICwUWAwIBAAIeAQIXgAAKCRCDGMOVW6sif1BzCADJc01O6VwlTFiVqly8 -zc0KInHSkP+BuGI78MXc49lsO4OdNShvKWA06jFuWGJFF1RLfYCNbgeecYElsJVC -YxfvnE0s1yEbWC/x7I3BXZBjPV5jVmWDaTyTKA/bvnlfVxvavTq23hUl+i3yb0OX -+7ke1i+9djuWEJu6Mw9qZz2AHg+JOY8Q+42/vXV+pXGpc0zYcgOkPTZ7So4YGdHC -Kw7eGqYmNXKCj+xHMcqhSi5rQRUfEYxCrM6HI8IDLMVsRB7sf0UO+GLJkxBjoMf0 -ECS+EC3t0jlY6V5qunic+nhpGY3q/rkp/xkzlsFS8pg2/1iCl31Pn+aqrzf+10Ps -L6hntCNBbGV4YW5kZXIgTW90aW4gPG1hdkBtYXZob21lLmRwLnVhPokBPQQTAQoA -JwUCU7PJWgIbAwUJBaOagAULCQgHAwUVCgkICwUWAwIBAAIeAQIXgAAKCRCDGMOV -W6sif+RCCADP6DmzHPcYR6FNFLp8hEogvA1aAz68G0ieU34Gh5gUpjWbfXC2Nf5A -9jH/mIpII02qLC+r7V3tXkxX5h2GBFaNDNCd5jhDo2t+d7oU0Jei4fUB/iHlyAWx -ocZ8znwqVLVZdXkYa07aOwwOXYLzaChGT/U1CWh/SNoyO5CQGkQNJsbPET9Hh2Z5 -hC7R8Ka7v5Jze9K9R195tjRMo814A8H4Zn7ovHSupGnKdJ30yK+bQevV89v+iD9w -HBulA6g+q41fXuR8yI5Nn57LVSk49VQo1kBb/BOIX7SEv7JQvjuza1NqwaEQTyYJ -Pq5807RY7r1ZcIA7LsdFO88AwMl8cjBptCJBbGV4YW5kZXIgTW90aW4gPG1hdmJz -ZEBnbWFpbC5jb20+iQE9BBMBCgAnBQJTs8mLAhsDBQkFo5qABQsJCAcDBRUKCQgL -BRYDAgEAAh4BAheAAAoJEIMYw5VbqyJ/eFgH/R3NJ3ZU5/zEPYdUYy69ljJKP7kK -fJkUyJckLK2D4B5Tjqnb88RBlDhYCRskpsJfezXC4GC4I2d31CbszZZaEkHeleLI -dXExmEBK667/r9Wf8Wsh6rZGCky3eepiOrQLMkDGGCE6Ha9jF6Vt/5U/atHxC5uc -GLej0m21OSjofP9qS3m1F5HjuDs/JxtgodLwKWlXD3bPJl4hJQ7QJNu0eKdtXWOb -J4lAOXOBwbq1IHu9caKYc+YpxzmwVn3C2cZcrLCrlZUcLyCR4gYy+LSw5EvhyUI9 -Gr3xQU5W137G47zR/9GKcGXGVDZfFWMP2HXqeM4s8jRA85X+ab8oC6tLODu0I0Fs -ZXhhbmRlciBNb3RpbiA8bWF2QGl4c3lzdGVtcy5jb20+iQE9BBMBCgAnBQJTs8mw -AhsDBQkFo5qABQsJCAcDBRUKCQgLBRYDAgEAAh4BAheAAAoJEIMYw5VbqyJ/1YgH -/A5uqC/GzWXzKKSv53V2LbNlbHY83wZ9qmhNgnZsnh7wVFjYTTMj3ovLJPmm8NQ6 -y8KUs6EShr4cBEUA+eqHKZpMEV47E9Wgj7DUL4ZPkyBXr3Blnti0yyHcN/MzOoxs -L5g+jjKXPjqZ7lXUeIgfmPtf3FEpmzJoFnEJ39YnOJqrn7uvtCPtX9hGJK+7X4Kd -3d2M3MHGN1HdNWAMhgOS+2qTzRK/GI0feg+frFex+9du4glggTq6yR93sr2PXBSp -7JJ1r56KEQDDIRCk1MauAOIeESXkMYC+RT3q8mkXFzTM/40MJjOK0p75oNXpA86j -Po++7dPndGCNFw6Y8jw2uJS5AQ0EU7PEDAEIAOZgWf2cJIu+58IzP2dkXE/urj3t -r4OqrB/yHGWUf71Lz6D0Fi6ZAXgDtmcFLGPfMyWuLAvSM+xmoguk7zC4hRBYvQyc -mIhuqBq1jO1Wp/Z+lpoPM/1cDYLn8FlvmI/c40MhUZh345DA4jYWWaZNjQHUWVQ1 -fPf595vdVVMPT/abE8E5DaF6fSkRmqFTmfYRkfbt3ytU8NdUapDcJVY7cEP2nJBV -NZPnOIObR/ZIgSxjjrG5o34yXoqeup8JvwEv+/NylzzuyXEZR1EdEIzQ/a1nh/0j -4NXtzZEqKW4aTWlmSqb6wN8jh1OSOOqkYsfnE3nfxcZbxi4IRoNQYlm59R8AEQEA -AYkBJQQYAQoADwUCU7PEDAIbDAUJBaOagAAKCRCDGMOVW6sif7FRB/4k9y/GaGqU -fcJiXdQHRAKHCUvbKMFgeEDHOg33qx+POS2Ah85/PXVa2jYBldCZDmYc+zl48aEM -d163a7s30gJaB7CYElwxlKUk6c+5gwoYIJuJJzSzW0JzSD5ch7RIRxbfxrKdsiHr -UW8AeduZWzlK6VaWRmWILgLmxfLdhEVFWxbr99GSeVFZaZwn6tl/8CvBcgYoARvJ -vl0V5zS1akQfEISYkwL9EfUIW44EOHranL5qUXkedXBYp6fRsooGrIimfwYxaC8F -bXhk3FMgMjDMRiVq4POHo1iGeYETsUrLNM6184E25gPVtX2fb3RhM8Xh6BkwCZ6Z -YbQ+AcD4F/cK -=DQW2 +aaFXsMQfTPH8wkeM6qwrvOh4HiQM08R+9tThABEBAAG0I0FsZXhhbmRlciBNb3Rp +biA8bWF2QGl4c3lzdGVtcy5jb20+iQE9BBMBCgAnBQJTs8mwAhsDBQkFo5qABQsJ +CAcDBRUKCQgLBRYDAgEAAh4BAheAAAoJEIMYw5VbqyJ/1YgH/A5uqC/GzWXzKKSv +53V2LbNlbHY83wZ9qmhNgnZsnh7wVFjYTTMj3ovLJPmm8NQ6y8KUs6EShr4cBEUA ++eqHKZpMEV47E9Wgj7DUL4ZPkyBXr3Blnti0yyHcN/MzOoxsL5g+jjKXPjqZ7lXU +eIgfmPtf3FEpmzJoFnEJ39YnOJqrn7uvtCPtX9hGJK+7X4Kd3d2M3MHGN1HdNWAM +hgOS+2qTzRK/GI0feg+frFex+9du4glggTq6yR93sr2PXBSp7JJ1r56KEQDDIRCk +1MauAOIeESXkMYC+RT3q8mkXFzTM/40MJjOK0p75oNXpA86jPo++7dPndGCNFw6Y +8jw2uJS0IUFsZXhhbmRlciBNb3RpbiA8bWF2QEZyZWVCU0Qub3JnPokBQAQTAQoA +KgIbAwUJBaOagAULCQgHAwUVCgkICwUWAwIBAAIeAQIXgAUCU7PUBQIZAQAKCRCD +GMOVW6sif7UaB/4gc8kWJcZmuKGL5ZS3n80kUAFZcaKVeLjKgVwjBCP3KGiL/Zuo +TF10EcOJPKfqQ5HThEmVFjZGuNXDubv8/wHYDAHfa7T6sb41eqgZ+QMWmYt8kBc+ +cqEmoj6Nb7WxC6LduYwElmMHn3nQzRKqZoqIx9sOFIsEG+Ti3AdWIx+L+sOOSfiC +fAp4uaG6Wihue9h6N5OIx53hUwZioWQudqacg/FYydAgzJ/ASVKXThJSfvvX/48O +EARgTDJbi+kJeBIRpVO7ii8eEZGJGOZIDHW22rUDsPog0FKH4fAruWE+ELE8HWQO +MhrqtljRvIA0LBohl0gdYFpH08X5BuLeuPA3tCNBbGV4YW5kZXIgTW90aW4gPG1h +dkBtYXZob21lLmRwLnVhPokBPQQTAQoAJwUCU7PJWgIbAwUJBaOagAULCQgHAwUV +CgkICwUWAwIBAAIeAQIXgAAKCRCDGMOVW6sif+RCCADP6DmzHPcYR6FNFLp8hEog +vA1aAz68G0ieU34Gh5gUpjWbfXC2Nf5A9jH/mIpII02qLC+r7V3tXkxX5h2GBFaN +DNCd5jhDo2t+d7oU0Jei4fUB/iHlyAWxocZ8znwqVLVZdXkYa07aOwwOXYLzaChG +T/U1CWh/SNoyO5CQGkQNJsbPET9Hh2Z5hC7R8Ka7v5Jze9K9R195tjRMo814A8H4 +Zn7ovHSupGnKdJ30yK+bQevV89v+iD9wHBulA6g+q41fXuR8yI5Nn57LVSk49VQo +1kBb/BOIX7SEv7JQvjuza1NqwaEQTyYJPq5807RY7r1ZcIA7LsdFO88AwMl8cjBp +tCJBbGV4YW5kZXIgTW90aW4gPG1hdmJzZEBnbWFpbC5jb20+iQE9BBMBCgAnBQJT +s8mLAhsDBQkFo5qABQsJCAcDBRUKCQgLBRYDAgEAAh4BAheAAAoJEIMYw5VbqyJ/ +eFgH/R3NJ3ZU5/zEPYdUYy69ljJKP7kKfJkUyJckLK2D4B5Tjqnb88RBlDhYCRsk +psJfezXC4GC4I2d31CbszZZaEkHeleLIdXExmEBK667/r9Wf8Wsh6rZGCky3eepi +OrQLMkDGGCE6Ha9jF6Vt/5U/atHxC5ucGLej0m21OSjofP9qS3m1F5HjuDs/Jxtg +odLwKWlXD3bPJl4hJQ7QJNu0eKdtXWObJ4lAOXOBwbq1IHu9caKYc+YpxzmwVn3C +2cZcrLCrlZUcLyCR4gYy+LSw5EvhyUI9Gr3xQU5W137G47zR/9GKcGXGVDZfFWMP +2HXqeM4s8jRA85X+ab8oC6tLODu5AQ0EU7PEDAEIAOZgWf2cJIu+58IzP2dkXE/u +rj3tr4OqrB/yHGWUf71Lz6D0Fi6ZAXgDtmcFLGPfMyWuLAvSM+xmoguk7zC4hRBY +vQycmIhuqBq1jO1Wp/Z+lpoPM/1cDYLn8FlvmI/c40MhUZh345DA4jYWWaZNjQHU +WVQ1fPf595vdVVMPT/abE8E5DaF6fSkRmqFTmfYRkfbt3ytU8NdUapDcJVY7cEP2 +nJBVNZPnOIObR/ZIgSxjjrG5o34yXoqeup8JvwEv+/NylzzuyXEZR1EdEIzQ/a1n +h/0j4NXtzZEqKW4aTWlmSqb6wN8jh1OSOOqkYsfnE3nfxcZbxi4IRoNQYlm59R8A +EQEAAYkBJQQYAQoADwUCU7PEDAIbDAUJBaOagAAKCRCDGMOVW6sif7FRB/4k9y/G +aGqUfcJiXdQHRAKHCUvbKMFgeEDHOg33qx+POS2Ah85/PXVa2jYBldCZDmYc+zl4 +8aEMd163a7s30gJaB7CYElwxlKUk6c+5gwoYIJuJJzSzW0JzSD5ch7RIRxbfxrKd +siHrUW8AeduZWzlK6VaWRmWILgLmxfLdhEVFWxbr99GSeVFZaZwn6tl/8CvBcgYo +ARvJvl0V5zS1akQfEISYkwL9EfUIW44EOHranL5qUXkedXBYp6fRsooGrIimfwYx +aC8FbXhk3FMgMjDMRiVq4POHo1iGeYETsUrLNM6184E25gPVtX2fb3RhM8Xh6Bkw +CZ6ZYbQ+AcD4F/cK +=s7JZ -----END PGP PUBLIC KEY BLOCK----- ]]> From owner-svn-doc-all@FreeBSD.ORG Wed Jul 2 11:28:00 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B43256B0; Wed, 2 Jul 2014 11:28:00 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 959A529A0; Wed, 2 Jul 2014 11:28:00 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s62BS0nW008554; Wed, 2 Jul 2014 11:28:00 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s62BS0Bb008553; Wed, 2 Jul 2014 11:28:00 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201407021128.s62BS0Bb008553@svn.freebsd.org> From: Ryusuke SUZUKI Date: Wed, 2 Jul 2014 11:28:00 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45196 - head/ja_JP.eucJP/htdocs/projects X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Wed, 02 Jul 2014 11:32:23 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Jul 2014 11:28:00 -0000 Author: ryusuke Date: Wed Jul 2 11:27:59 2014 New Revision: 45196 URL: http://svnweb.freebsd.org/changeset/doc/45196 Log: - Merge the following from the English version: r42780 -> r45186 head/ja_JP.eucJP/htdocs/projects/projects.xml Modified: head/ja_JP.eucJP/htdocs/projects/projects.xml Modified: head/ja_JP.eucJP/htdocs/projects/projects.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/projects/projects.xml Wed Jul 2 09:44:03 2014 (r45195) +++ head/ja_JP.eucJP/htdocs/projects/projects.xml Wed Jul 2 11:27:59 2014 (r45196) @@ -1,6 +1,6 @@ @@ -8,7 +8,7 @@ ]> - + @@ -108,7 +108,7 @@ FreeBSD のアプリケーションの範囲を新しい 特定のアプリケーションが Ports Collection に存在しているかどうかを調べることができます。 -
      • FreeBSD Ports distfiles の調査: +
      • FreeBSD Ports distfiles scanner: distfile を取得できない Ports Collection を調査し、 各 ports についてまとめて報告するリストです。
        • @@ -116,7 +116,7 @@ FreeBSD のアプリケーションの範囲を新しい とその変更点の一覧を提供します。お好みの ports を監視リストに登録して、 なにか変更があったときにメールで連絡をもらいましょう。 -
      • Pointyhat: +
      • PortsMon: Ports Collection を調査し、各 port の package 構築ログやエラーログを保持しているサーバです。
      @@ -125,8 +125,7 @@ FreeBSD のアプリケーションの範囲を新しい

      ネットワーク

      • Netperf: - FreeBSD 5.x および 6.x - カーネルに対するネットワークスタック最適化のプロジェクトで、 + ネットワークスタックのパフォーマンスおよび最適化のプロジェクトで、 FreeBSD 5.3 における SMPng ネットワークスタックのロック作業に続いています。 このプロジェクトはマルチスレッドネットワークスタックに関する最適化の戦略について研究と実装をおこなっています。
      • KAME プロジェクト: BSD 用の IPv6/IPsec スタック
        • @@ -219,30 +218,10 @@ FreeBSD のアプリケーションの範囲を新しい また、このページではドライバを SMPng のコードで安全に動作するようにするための書き換え作業の進捗も公開しています。 -
      • - FreeBSD 用デバイスの新しい枠組み
        • - -
      • BSD ATM: 4.4BSD での ATM によるインターネットワークの実装: - マルチメディアやイメージ処理、 - 分散コンピューティング等といった新しいコンピュータアプリケーションはコンピュータネットワークの高い性能に依存します。 - ATM ベースのネットワークソリューションはこれらの性能要求を満足させる一つの手段を提供します。 - しかしながらイーサネットなどの従来のネットワーク上の ATM - の複雑さはそれが使えるようになる上で障害となることが判っています。 - この文書では BSD ATM のデザインと実装について述べています。 - これは BSD ベースのオペレーティングシステム用の軽量かつ有能な - ATM ソフトウェア層で、 - 必要なオペレーティングシステムへの変更は最小限です。 - BSD ATM は IP ベースのネットワークトラフィックとしても「ネイティブ」な - ATM としても使えます。
        • -
      • 家庭での自動化: 器具コントローラ、赤外線コントローラ、 自動化された電話システム等々を FreeBSD で。
        • -
      • FreeBSD トークンリングプロジェクト: - トークンリング対応を FreeBSD - に追加するにあたっての情報、ファイル、パッチ、ドキュメント。
        • -
      • Xircom CEM イーサネットドライバ: Scott Mitchell の Xircom CEM イーサネットドライバの開発を助けるメーリングリストがあります。参加するには @@ -338,12 +317,6 @@ FreeBSD のアプリケーションの範囲を新しい ブラウザを使って非常に手軽な方法でファイル階層を閲覧し、 各ファイルの修正履歴を見ることができます。
        • -
      • FreeBSD - ラップトップ互換性リスト: FreeBSD で動作するラップトップと - PCMCIA カードのわかりやすいデータベースです。このサイトには、 - 既知のハードウェアおよびソフトウェアの問題の詳細な情報も含まれています。
        • -
      • TET Integration: The Open Group が提供する From owner-svn-doc-all@FreeBSD.ORG Wed Jul 2 11:52:18 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4F53C112; Wed, 2 Jul 2014 11:52:18 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2FEC32C0A; Wed, 2 Jul 2014 11:52:18 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s62BqIL5021701; Wed, 2 Jul 2014 11:52:18 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s62BqI8X021700; Wed, 2 Jul 2014 11:52:18 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201407021152.s62BqI8X021700@svn.freebsd.org> From: Ryusuke SUZUKI Date: Wed, 2 Jul 2014 11:52:18 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45197 - head/ja_JP.eucJP/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Wed, 02 Jul 2014 12:03:17 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Jul 2014 11:52:18 -0000 Author: ryusuke Date: Wed Jul 2 11:52:17 2014 New Revision: 45197 URL: http://svnweb.freebsd.org/changeset/doc/45197 Log: - Merge the following from the English version: r44073 -> r44586 head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Wed Jul 2 11:27:59 2014 (r45196) +++ head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Wed Jul 2 11:52:17 2014 (r45197) @@ -3,27 +3,24 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r44073 + Original revision: r44586 $FreeBSD$ --> &os; の入手方法 - CDROM/DVD 出版社 + <acronym>CD</acronym> および + <acronym>DVD</acronym> セット - - CD/DVD セット - - &os; の CD/DVD セットは以下のオンライン業者から入手できます。 + &os; の CD および DVD + のセットは以下のオンライン業者から入手できます。 -
        - &os; Mall, Inc. +
        &os; Mall, Inc. 2420 Sand Creek Rd C-1 #347 - Brentwood, - CA + Brentwood, CA 94513 USA 電話: +1 925 240-6652 @@ -35,17 +32,19 @@ -
        - Dr. Hinner EDV +
        Dr. Hinner EDV Kochelseestr. 11 D-81371 München Germany 電話: (0177) 428 419 0 + Email: infow@hinner.de WWW: http://www.hinner.de/linux/freebsd.html
        + -
        - LinuxCenter.Ru +
        Linux Center Galernaya Street, 55 Saint-Petersburg 190000 Russia - 電話: +7-812-3125208 + 電話: +7-812-309-06-86 Email: info@linuxcenter.ru WWW: http://linuxcenter.ru/shop/freebsd
        - @@ -524,7 +522,7 @@ Comment out for now until these can be v 以下のように入力して、リポジトリからチェックアウトしてください。 - &prompt.root; svn checkout svn-mirror/repository/branch lwcdir + &prompt.root; svn checkout svn-mirror/repository/branch lwcdir ここで、repository, branch および root @@ -578,7 +576,7 @@ Comment out for now until these can be v それが svn によって生成されたものでなければ、 チェックアウトする前に、名前を変更するか削除してください。 - &prompt.root; svn checkout https://svn0.us-west.FreeBSD.org/ports/head /usr/ports + &prompt.root; svn checkout https://svn0.us-west.FreeBSD.org/ports/head /usr/ports 初めてチェックアウトする際には、 リモートリポジトリのすべてのブランチをダウンロードするので時間がかかります。 @@ -587,7 +585,7 @@ Comment out for now until these can be v 初めてのチェックアウト後は、 以下を実行することでローカル作業コピーをアップデートできます。 - &prompt.root; svn update lwcdir + &prompt.root; svn update lwcdir この例で作成された /usr/ports をアップデートするには、 From owner-svn-doc-all@FreeBSD.ORG Wed Jul 2 16:06:50 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D7AA4107; Wed, 2 Jul 2014 16:06:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C36C225BA; Wed, 2 Jul 2014 16:06:50 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s62G6o1q042818; Wed, 2 Jul 2014 16:06:50 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s62G6oPF042817; Wed, 2 Jul 2014 16:06:50 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201407021606.s62G6oPF042817@svn.freebsd.org> From: Benedict Reuschling Date: Wed, 2 Jul 2014 16:06:50 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45198 - head/de_DE.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Jul 2014 16:06:51 -0000 Author: bcr Date: Wed Jul 2 16:06:50 2014 New Revision: 45198 URL: http://svnweb.freebsd.org/changeset/doc/45198 Log: Update to r44122: Use the absolute path to dhcpd.conf. Submitted by: Bjoern Heidotting Obtained from: The FreeBSD German Documentation Project Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed Jul 2 11:52:17 2014 (r45197) +++ head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed Jul 2 16:06:50 2014 (r45198) @@ -5,7 +5,7 @@ $FreeBSD$ $FreeBSDde:$ - basiert auf: r44080 + basiert auf: r44122 --> - Einen plattenlosen Rechner ber das Netzwerk starten - knnen. - - - - Wissen, wie man mithilfe von PXE ber ein Netzwerk - bootet und ein NFS-Root-Dateisystem einrichtet. + Wissen, wie man mithilfe von PXE ber + ein Netzwerk bootet. @@ -4192,7 +4187,9 @@ DHCP" - Start und Betrieb von &os; ber ein Netzwerk + + Plattenloser Betrieb mit <acronym>PXE</acronym> + @@ -4445,9 +4442,6 @@ DHCP" - Installationsanweisungen - - Konfiguration unter Verwendung von <application>ISC DHCP</application> @@ -4557,9 +4551,9 @@ DHCP" dem TFTP-Server. - + - + Konfiguration bei Verwendung von BOOTP @@ -4592,9 +4586,9 @@ DHCP" :rp="192.168.4.4:/data/misc/diskless": margaux:ha=0123456789ab:tc=.def100 - + - + Ein Startprogramm unter Verwendung von <application>Etherboot</application> erstellen @@ -4640,10 +4634,11 @@ margaux:ha=0123456789ab:tc=.def100NIC im gleichen Verzeichnis, um den richtigen Wert fr devicetype zu bestimmen. - + - - Das System mit <acronym>PXE</acronym> starten + + Konfiguration des <acronym>PXE</acronym> und + <acronym>NFS</acronym> Servers In der Voreinstellung ldt der &man.pxeboot.8;-Loader den Kernel ber @@ -4669,11 +4664,6 @@ margaux:ha=0123456789ab:tc=.def100 - - - - Serverkonfiguration - <acronym>TFTP</acronym> und - <acronym>NFS</acronym> TFTP @@ -4729,7 +4719,8 @@ margaux:ha=0123456789ab:tc=.def100/tftpboot an einem beliebigen Ort auf dem Server ablegen. Stellen Sie aber sicher, dass Sie diesen Ort sowohl in inetd.conf als auch in - dhcpd.conf eingetragen haben. + /usr/local/etc/dhcpd.conf eingetragen + haben. Auerdem mssen Sie NFS aktivieren und die entsprechenden Verzeichnisse exportieren. @@ -4767,10 +4758,6 @@ margaux:ha=0123456789ab:tc=.def100&prompt.root; /etc/rc.d/mountd restart - - - - Einen plattenlosen Kernel erzeugen plattenloser Betrieb @@ -4799,7 +4786,8 @@ options BOOTP_NFSROOT # NFS mount r Erzeugen Sie den neuen Kernel (lesen Sie dazu auch ) und kopieren Sie ihn an den - in dhcpd.conf festgelegten Ort. + in /usr/local/etc/dhcpd.conf festgelegten + Ort. Wenn Sie PXE verwenden, ist die Erzeugung eines Kernels zwar nicht unbedingt ntig, sie @@ -4826,10 +4814,6 @@ options BOOTP_NFSROOT # NFS mount r hints "GENERIC.hints" - - - - Das root-Dateisystem erzeugen Root-Dateisystem @@ -4838,12 +4822,11 @@ options BOOTP_NFSROOT # NFS mount r Sie mssen fr den plattenlosen Rechner ein root-Dateisystem erzeugen, und zwar an dem in - dhcpd.conf als + /usr/local/etc/dhcpd.conf als root-path festgelegten Ort. - - <command>make world</command> zum Fllen des - Dateisystems einsetzen + make world zum Fllen des + Dateisystems einsetzen Diese schnelle Methode installiert ein komplettes jungfruliches System (und nicht nur ein @@ -4863,20 +4846,15 @@ cd /usr/src/etc; make distribution/etc/rc.conf sowie /etc/fstab Ihren Wnschen anpassen. - - + - + Den Auslagerungsbereich konfigurieren Falls ntig, kann eine auf dem NFS-Server liegende Datei als Auslagerungsdatei eingerichtet werden. - - Eine <acronym>NFS</acronym>-Auslagerungsdatei - einrichten - Der Kernel untersttzt beim Systemstart keine NFS-Auslagerungsdatei. Diese muss daher in den Startskripten aktiviert werden, indem ein @@ -4891,30 +4869,23 @@ cd /usr/src/etc; make distributionrc.conf ein: swapfile=/path/to/swapfile - - + - + Verschiedenes - - Schreibgeschtztes Dateisystem - <filename>/usr</filename> - plattenloser Betrieb /usr schreibgeschtzt - Wenn am plattenlosen Rechner X luft, mssen + Wenn am plattenlosen Rechner + &xorg; sowie ein + schreibgeschtztes /usr luft, mssen Sie die Konfigurationsdatei von XDM anpassen, da Fehlermeldungen in der Voreinstellung auf /usr geschrieben werden. - - - - Der Server luft nicht unter &os; Wenn das root-Dateisystem nicht auf einem &os;-Rechner liegt, muss das Dateisystem zuerst unter @@ -4930,13 +4901,10 @@ cd /usr/src/etc; make distribution - - - - + <acronym>PXE</acronym>-Boot mit einem <acronym>NFS</acronym>-Root-Dateisystem @@ -4981,6 +4949,7 @@ cd /usr/src/etc; make distribution. + Einrichtung der <command>chroot</command>-Umgebung fr @@ -5243,8 +5212,8 @@ subnet 192.168.0.0 netmask 255.255.255.0 <acronym>TFTP</acronym>-Server und vergewissern Sie sich, dass die <filename>pxeboot</filename>-Datei von der richtigen Adresse heruntergeladen wurde. Um die obige - Konfiguration von <filename>dhcpd.conf</filename> zu - testen, geben Sie folgendes ein:</para> + Konfiguration von <filename>/usr/local/etc/dhcpd.conf</filename> + zu testen, geben Sie folgendes ein:</para> <screen>&prompt.root; <userinput>tftp 192.168.0.1</userinput> tftp> <userinput>get FreeBSD/install/boot/pxeboot</userinput> @@ -5259,7 +5228,8 @@ Received 264951 bytes in 0.1 seconds</sc <step> <para>Achten Sie darauf, dass Sie das Root-Dateisystem ber <acronym>NFS</acronym> einhngen knnen. Auch hier knnen - Sie Ihre Einstellungen aus <filename>dhcpd.conf</filename> + Sie Ihre Einstellungen aus + <filename>/usr/local/etc/dhcpd.conf</filename> wie folgt testen:</para> <screen>&prompt.root; <userinput>mount -t nfs 192.168.0.1:/b From owner-svn-doc-all@FreeBSD.ORG Wed Jul 2 20:09:36 2014 Return-Path: <owner-svn-doc-all@FreeBSD.ORG> Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E12ACB5F; Wed, 2 Jul 2014 20:09:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B418E2C59; Wed, 2 Jul 2014 20:09:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s62K9a6Q061737; Wed, 2 Jul 2014 20:09:36 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s62K9a9t061734; Wed, 2 Jul 2014 20:09:36 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201407022009.s62K9a9t061734@svn.freebsd.org> From: Warren Block <wblock@FreeBSD.org> Date: Wed, 2 Jul 2014 20:09:36 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45199 - head/en_US.ISO8859-1/books/fdp-primer/editor-config X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" <svn-doc-all.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/svn-doc-all/> List-Post: <mailto:svn-doc-all@freebsd.org> List-Help: <mailto:svn-doc-all-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=subscribe> X-List-Received-Date: Wed, 02 Jul 2014 20:09:37 -0000 Author: wblock Date: Wed Jul 2 20:09:36 2014 New Revision: 45199 URL: http://svnweb.freebsd.org/changeset/doc/45199 Log: Update the vim editor configuration. Submitted by: mat@ Modified: head/en_US.ISO8859-1/books/fdp-primer/editor-config/chapter.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/editor-config/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/editor-config/chapter.xml Wed Jul 2 16:06:50 2014 (r45198) +++ head/en_US.ISO8859-1/books/fdp-primer/editor-config/chapter.xml Wed Jul 2 20:09:36 2014 (r45199) @@ -56,14 +56,14 @@ endif " has(autocmd) function Set_Highlights() "match ExtraWhitespace /^\s* \s*\|\s\+$/ - highlight OverLength ctermbg=red ctermfg=white guibg=#592929 + highlight default link OverLength ErrorMsg match OverLength /\%71v.\+/ return 0 endfunction function ShowSpecial() setlocal list listchars=tab:>>,trail:*,eol:$ - hi nontext ctermfg=red + hi def link nontext ErrorMsg return 0 endfunction " ShowSpecial() @@ -80,23 +80,19 @@ function Set_SGML() setlocal autoindent setlocal smartindent " Rewrap paragraphs - :map P gqj + noremap P gqj " Replace spaces with tabs - :map T :s/ /TAB/<CR> + noremap T :s/ /\t/<CR> call ShowSpecial() call Set_Highlights() return 0 endfunction " Set_SGML()</programlisting> - - <para>Process the file to create embedded tabs:</para> - - <screen>&prompt.user; <userinput>perl -i'' -pe 's/TAB/\t/g' ~/.vimrc</userinput></screen> </sect2> <sect2 xml:id="editor-config-vim-use"> <title>Use - Press P to reformat paragraphs. Press + Press P to reformat paragraphs or text that has been selected in Visual mode. Press T to replace groups of eight spaces with a tab. From owner-svn-doc-all@FreeBSD.ORG Thu Jul 3 07:33:00 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E20F7C15; Thu, 3 Jul 2014 07:33:00 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CD55A25F1; Thu, 3 Jul 2014 07:33:00 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s637X02a092029; Thu, 3 Jul 2014 07:33:00 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s637X03M092028; Thu, 3 Jul 2014 07:33:00 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201407030733.s637X03M092028@svn.freebsd.org> From: Eitan Adler Date: Thu, 3 Jul 2014 07:33:00 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45200 - head/en_US.ISO8859-1/articles/linux-comparison X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Jul 2014 07:33:01 -0000 Author: eadler Date: Thu Jul 3 07:33:00 2014 New Revision: 45200 URL: http://svnweb.freebsd.org/changeset/doc/45200 Log: ia64 is gone in HEAD, so stop using it in a marketing document. Modified: head/en_US.ISO8859-1/articles/linux-comparison/article.xml Modified: head/en_US.ISO8859-1/articles/linux-comparison/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/linux-comparison/article.xml Wed Jul 2 20:09:36 2014 (r45199) +++ head/en_US.ISO8859-1/articles/linux-comparison/article.xml Thu Jul 3 07:33:00 2014 (r45200) @@ -174,7 +174,6 @@ Copyright (c) 2005 Dru Lavigne amd64 - ia64 &i386; pc98 &sparc64; From owner-svn-doc-all@FreeBSD.ORG Thu Jul 3 07:37:31 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 90E42CB7; Thu, 3 Jul 2014 07:37:31 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7E49E2613; Thu, 3 Jul 2014 07:37:31 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s637bVIE092674; Thu, 3 Jul 2014 07:37:31 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s637bVU2092673; Thu, 3 Jul 2014 07:37:31 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201407030737.s637bVU2092673@svn.freebsd.org> From: Eitan Adler Date: Thu, 3 Jul 2014 07:37:31 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45201 - head/en_US.ISO8859-1/articles/linux-comparison X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Jul 2014 07:37:31 -0000 Author: eadler Date: Thu Jul 3 07:37:31 2014 New Revision: 45201 URL: http://svnweb.freebsd.org/changeset/doc/45201 Log: Switch to pkgng Modified: head/en_US.ISO8859-1/articles/linux-comparison/article.xml Modified: head/en_US.ISO8859-1/articles/linux-comparison/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/linux-comparison/article.xml Thu Jul 3 07:33:00 2014 (r45200) +++ head/en_US.ISO8859-1/articles/linux-comparison/article.xml Thu Jul 3 07:37:31 2014 (r45201) @@ -202,7 +202,7 @@ Copyright (c) 2005 Dru Lavigne Using FreeBSD's ports collection: software installation is as easy as - pkg_add -r application_name. + pkg install application_name. including KDE, Gnome, and From owner-svn-doc-all@FreeBSD.ORG Thu Jul 3 11:58:40 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 99E738ED; Thu, 3 Jul 2014 11:58:40 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 863BC2E26; Thu, 3 Jul 2014 11:58:40 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s63BweuU013932; Thu, 3 Jul 2014 11:58:40 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s63BweBm013931; Thu, 3 Jul 2014 11:58:40 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201407031158.s63BweBm013931@svn.freebsd.org> From: Ryusuke SUZUKI Date: Thu, 3 Jul 2014 11:58:40 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45202 - head/ja_JP.eucJP/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Jul 2014 11:58:40 -0000 Author: ryusuke Date: Thu Jul 3 11:58:40 2014 New Revision: 45202 URL: http://svnweb.freebsd.org/changeset/doc/45202 Log: - Merge the following from the English version: r44586 -> r44590 head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Thu Jul 3 07:37:31 2014 (r45201) +++ head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Thu Jul 3 11:58:40 2014 (r45202) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r44586 + Original revision: r44590 $FreeBSD$ --> @@ -448,33 +448,26 @@ Comment out for now until these can be v 2012 年 7 月から、&os; はすべてのソースコード、ドキュメント、Ports Collection - を管理するメインのバージョン管理システムに Subversion - (svn) を使っています。 + を管理するメインのバージョン管理システムに + Subversion を使っています。 - 一般的には Subversion は開発者向けのツールです。 - 大部分のユーザは、&os; のベースシステムのアップデートに FreeBSD - Update、 - Ports Collection のアップデートには Portsnap + 一般的には Subversion + は開発者向けのツールです。 + 大部分のユーザは、&os; のベースシステムのアップデートに + freebsd-update ()、 + Ports Collection のアップデートには portsnap () を使うべきでしょう。 - Subversion では、リポジトリの指定に - protocol://hostname/path 形式の URL を用います。 - 以下に記載されているように、 - ミラーサイトは異なる複数のプロトコルに対応しています。 - アクセスする FreeBSD のリポジトリは、パス (path) の最初で指定します。 - リポジトリは 3 つあります。 - base は &os; ベースシステムのソースコード、 - ports は Ports Collection、 - そして doc はドキュメントのリポジトリです。 - たとえば、 - svn://svn0.us-east.FreeBSD.org/ports/head/ - という URL は、svn プロトコルによる svn0.us-east.FreeBSD.org - ミラー上の ports リポジトリのメインブランチを示しています。 + この章では、&os; システムへの + Subversion のインストール方法および、 + &os; リポジトリをローカルに準備する方法について説明します。 + また、利用可能な &os; Subversion ミラーの一覧および、 + Subversion + を利用するための情報についても紹介します。 @@ -520,6 +513,22 @@ Comment out for now until these can be v リポジトリから持ってきたファイルとの間で衝突が起きてしまいます。 + Subversion では、リポジトリの指定に + protocol://hostname/path 形式の + URL を用います。 + 以下に記載されているように、 + ミラーサイトは異なる複数のプロトコルに対応しています。 + アクセスする &os; リポジトリは、パス (path) の最初で指定します。 + リポジトリは 3 つあります。 + base は &os; ベースシステムのソースコード、 + ports は Ports Collection、 + そして doc はドキュメントのリポジトリです。 + たとえば、 + svn://svn0.us-east.FreeBSD.org/ports/head/ + という URL は、svn プロトコルによる svn0.us-east.FreeBSD.org + ミラー上の ports リポジトリのメインブランチを示しています。 + 以下のように入力して、リポジトリからチェックアウトしてください。 &prompt.root; svn checkout svn-mirror/repository/branch lwcdir @@ -610,19 +619,7 @@ Comment out for now until these can be v &prompt.root; make update SVN_UPDATE=yes - - より詳しい情報 - - Subversion の利用に関する他の情報は、 - Version - Control with Subversion や Subversion - Documentation といった - Subversion Book をご覧ください。 - - - - + <application>Subversion</application> ミラーサイト @@ -752,10 +749,22 @@ Certificate information: を使えなければ、転送速度がより少し早い svn を使ってください。 両方を使えない場合には、 http を使ってください。 + + + + より詳しい情報 + + Subversion の利用に関する他の情報は、 + Version + Control with Subversion や Subversion + Documentation といった + Subversion Book をご覧ください。 + - <application>rsync</application> ミラーサイト + <application>rsync</application> を使用する 次のサイトは、&os; を rsync プロトコルで提供しています。 rsync ユーティリティは From owner-svn-doc-all@FreeBSD.ORG Thu Jul 3 12:07:19 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D0C69DCC; Thu, 3 Jul 2014 12:07:19 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B293B2F37; Thu, 3 Jul 2014 12:07:19 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s63C7JlO018790; Thu, 3 Jul 2014 12:07:19 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s63C7J0V018788; Thu, 3 Jul 2014 12:07:19 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201407031207.s63C7J0V018788@svn.freebsd.org> From: Ryusuke SUZUKI Date: Thu, 3 Jul 2014 12:07:19 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45203 - head/ja_JP.eucJP/books/handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Jul 2014 12:07:19 -0000 Author: ryusuke Date: Thu Jul 3 12:07:19 2014 New Revision: 45203 URL: http://svnweb.freebsd.org/changeset/doc/45203 Log: - Merge the following from the English version: r42118 -> r45188 head/ja_JP.eucJP/books/handbook/Makefile r42118 -> r45188 head/ja_JP.eucJP/books/handbook/chapters.ent Modified: head/ja_JP.eucJP/books/handbook/Makefile head/ja_JP.eucJP/books/handbook/chapters.ent Modified: head/ja_JP.eucJP/books/handbook/Makefile ============================================================================== --- head/ja_JP.eucJP/books/handbook/Makefile Thu Jul 3 11:58:40 2014 (r45202) +++ head/ja_JP.eucJP/books/handbook/Makefile Thu Jul 3 12:07:19 2014 (r45203) @@ -3,7 +3,7 @@ # # Build the FreeBSD Handbook (Japanese). # -# Original revision: r42118 +# Original revision: r45188 # # ------------------------------------------------------------------------ @@ -35,6 +35,8 @@ IMAGES_EN+= bsdinstall/bsdinstall-adduse IMAGES_EN+= bsdinstall/bsdinstall-adduser2.png IMAGES_EN+= bsdinstall/bsdinstall-adduser3.png IMAGES_EN+= bsdinstall/bsdinstall-boot-loader-menu.png +IMAGES_EN+= bsdinstall/bsdinstall-boot-options-menu.png +IMAGES_EN+= bsdinstall/bsdinstall-newboot-loader-menu.png IMAGES_EN+= bsdinstall/bsdinstall-choose-mode.png IMAGES_EN+= bsdinstall/bsdinstall-config-components.png IMAGES_EN+= bsdinstall/bsdinstall-config-hostname.png @@ -58,6 +60,7 @@ IMAGES_EN+= bsdinstall/bsdinstall-distfi IMAGES_EN+= bsdinstall/bsdinstall-final-confirmation.png IMAGES_EN+= bsdinstall/bsdinstall-finalconfiguration.png IMAGES_EN+= bsdinstall/bsdinstall-final-modification-shell.png +IMAGES_EN+= bsdinstall/bsdinstall-keymap-10.png IMAGES_EN+= bsdinstall/bsdinstall-keymap-select-default.png IMAGES_EN+= bsdinstall/bsdinstall-mainexit.png IMAGES_EN+= bsdinstall/bsdinstall-netinstall-files.png @@ -75,6 +78,14 @@ IMAGES_EN+= bsdinstall/bsdinstall-timezo IMAGES_EN+= bsdinstall/bsdinstall-timezone-country.png IMAGES_EN+= bsdinstall/bsdinstall-timezone-region.png IMAGES_EN+= bsdinstall/bsdinstall-timezone-zone.png +IMAGES_EN+= bsdinstall/bsdinstall-zfs-disk_info.png +IMAGES_EN+= bsdinstall/bsdinstall-zfs-disk_select.png +IMAGES_EN+= bsdinstall/bsdinstall-zfs-geli_password.png +IMAGES_EN+= bsdinstall/bsdinstall-zfs-menu.png +IMAGES_EN+= bsdinstall/bsdinstall-zfs-partmenu.png +IMAGES_EN+= bsdinstall/bsdinstall-zfs-vdev_invalid.png +IMAGES_EN+= bsdinstall/bsdinstall-zfs-vdev_type.png +IMAGES_EN+= bsdinstall/bsdinstall-zfs-warning.png IMAGES_EN+= geom/striping.pic IMAGES_EN+= install/adduser1.scr IMAGES_EN+= install/adduser2.scr @@ -284,8 +295,6 @@ DOC_PREFIX?= ${.CURDIR}/../../.. XMLDOCS= lastmod:::mirrors.lastmod.inc \ mirrors-ftp-index:::mirrors.xml.ftp.index.inc \ mirrors-ftp:::mirrors.xml.ftp.inc \ - mirrors-cvsup-index:::mirrors.xml.cvsup.index.inc \ - mirrors-cvsup:::mirrors.xml.cvsup.inc \ eresources-index:::eresources.xml.www.index.inc \ eresources:::eresources.xml.www.inc DEPENDSET.DEFAULT= transtable mirror @@ -299,12 +308,6 @@ PARAMS.mirrors-ftp-index+= --param 'type PARAMS.mirrors-ftp+= --param 'type' "'ftp'" \ --param 'proto' "'ftp'" \ --param 'target' "'handbook/mirrors/chapter.xml'" -PARAMS.mirrors-cvsup-index+= --param 'type' "'cvsup'" \ - --param 'proto' "'cvsup'" \ - --param 'target' "'index'" -PARAMS.mirrors-cvsup+= --param 'type' "'cvsup'" \ - --param 'proto' "'cvsup'" \ - --param 'target' "'handbook/mirrors/chapter.xml'" PARAMS.eresources-index+= --param 'type' "'www'" \ --param 'proto' "'http'" \ --param 'target' "'index'" @@ -315,8 +318,6 @@ PARAMS.eresources+= --param 'type' "'www SRCS+= mirrors.lastmod.inc \ mirrors.xml.ftp.inc \ mirrors.xml.ftp.index.inc \ - mirrors.xml.cvsup.inc \ - mirrors.xml.cvsup.index.inc \ eresources.xml.www.inc \ eresources.xml.www.index.inc Modified: head/ja_JP.eucJP/books/handbook/chapters.ent ============================================================================== --- head/ja_JP.eucJP/books/handbook/chapters.ent Thu Jul 3 11:58:40 2014 (r45202) +++ head/ja_JP.eucJP/books/handbook/chapters.ent Thu Jul 3 12:07:19 2014 (r45203) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r42118 + Original revision: r45188 $FreeBSD$ Creates entities for each chapter in the FreeBSD Handbook. Each entity @@ -61,8 +61,6 @@ - - From owner-svn-doc-all@FreeBSD.ORG Thu Jul 3 12:53:33 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A4F8BACB; Thu, 3 Jul 2014 12:53:33 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 921CE23C6; Thu, 3 Jul 2014 12:53:33 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s63CrXuG041899; Thu, 3 Jul 2014 12:53:33 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s63CrXTN041898; Thu, 3 Jul 2014 12:53:33 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201407031253.s63CrXTN041898@svn.freebsd.org> From: Gavin Atkinson Date: Thu, 3 Jul 2014 12:53:33 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45204 - head/en_US.ISO8859-1/articles/hubs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Jul 2014 12:53:33 -0000 Author: gavin Date: Thu Jul 3 12:53:33 2014 New Revision: 45204 URL: http://svnweb.freebsd.org/changeset/doc/45204 Log: Since r45154, this article no longer mentions CVSup. Remove the TM attribution. Modified: head/en_US.ISO8859-1/articles/hubs/article.xml Modified: head/en_US.ISO8859-1/articles/hubs/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/hubs/article.xml Thu Jul 3 12:07:19 2014 (r45203) +++ head/en_US.ISO8859-1/articles/hubs/article.xml Thu Jul 3 12:53:33 2014 (r45204) @@ -21,7 +21,6 @@ &tm-attrib.freebsd; - &tm-attrib.cvsup; &tm-attrib.general; From owner-svn-doc-all@FreeBSD.ORG Fri Jul 4 10:35:35 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6A4C5D2A; Fri, 4 Jul 2014 10:35:35 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3AA262A47; Fri, 4 Jul 2014 10:35:35 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s64AZZew076732; Fri, 4 Jul 2014 10:35:35 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s64AZZRJ076731; Fri, 4 Jul 2014 10:35:35 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201407041035.s64AZZRJ076731@svn.freebsd.org> From: Mathieu Arnold Date: Fri, 4 Jul 2014 10:35:35 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45205 - head/en_US.ISO8859-1/books/porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jul 2014 10:35:35 -0000 Author: mat (ports committer) Date: Fri Jul 4 10:35:34 2014 New Revision: 45205 URL: http://svnweb.freebsd.org/changeset/doc/45205 Log: Document the optional argument *_CONFIGURE_WITH can have. PH: D341 Reviewed by: wblock, bcr Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Thu Jul 3 12:53:33 2014 (r45204) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Fri Jul 4 10:35:34 2014 (r45205) @@ -3836,22 +3836,33 @@ CONFIGURE_ARGS+= --disable-test --without-${OPT_CONFIGURE_WITH} will be added to CONFIGURE_ARGS depending on the status of the option - OPT, for - example: - - OPTIONS_DEFINE= OPT1 -OPT1_CONFIGURE_WITH= test + OPT. An + optional argument can be specified with an + = symbol. This argument is only appended + to the + --with-opt + configure option. For example: + + OPTIONS_DEFINE= OPT1 OPT2 +OPT1_CONFIGURE_WITH= test1 +OPT1_CONFIGURE_WITH= test2=exhaustive is equivalent to: - OPTIONS_DEFINE= OPT1 + OPTIONS_DEFINE= OPT1 OPT2 .include <bsd.port.options.mk> .if ${PORT_OPTIONS:MOPT1} -CONFIGURE_ARGS+= --with-test +CONFIGURE_ARGS+= --with-test1 +.else +CONFIGURE_ARGS+= --without-test1 +.endif + +.if ${PORT_OPTIONS:MOPT2} +CONFIGURE_ARGS+= --with-test2=exhaustive .else -CONFIGURE_ARGS+= --without-test +CONFIGURE_ARGS+= --without-test2 .endif From owner-svn-doc-all@FreeBSD.ORG Fri Jul 4 11:38:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4292539E; Fri, 4 Jul 2014 11:38:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1553B2FD6; Fri, 4 Jul 2014 11:38:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s64Bc9Mh005392; Fri, 4 Jul 2014 11:38:09 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s64Bc9oO005391; Fri, 4 Jul 2014 11:38:09 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201407041138.s64Bc9oO005391@svn.freebsd.org> From: Gavin Atkinson Date: Fri, 4 Jul 2014 11:38:09 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45206 - head/en_US.ISO8859-1/htdocs/developers X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jul 2014 11:38:10 -0000 Author: gavin Date: Fri Jul 4 11:38:09 2014 New Revision: 45206 URL: http://svnweb.freebsd.org/changeset/doc/45206 Log: Reword intro so as to not repeat the link to the Subversion site, and switch links to svnweb from http to https. Modified: head/en_US.ISO8859-1/htdocs/developers/cvs.xml Modified: head/en_US.ISO8859-1/htdocs/developers/cvs.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/developers/cvs.xml Fri Jul 4 10:35:34 2014 (r45205) +++ head/en_US.ISO8859-1/htdocs/developers/cvs.xml Fri Jul 4 11:38:09 2014 (r45206) @@ -16,26 +16,26 @@

        Subversion

        Subversion + (SVN for short) is the tool the &os; Project uses for keeping its sources under control. Every change (with an accompanying log message explaining its purpose) is stored. It can be easily viewed from the web interface mentioned below.

        -

        In June 2008, development of the base system moved to a different - version control system, Subversion - (SVN for short). The web +

        In June 2008, development of the base system migrated from CVS to + Subversion. The web interface is available for browsing the repository.

        In May 2012, the FreeBSD Documentation Project moved from CVS to Subversion. There is a web interface + href="https://svnweb.FreeBSD.org/doc/">web interface available for browsing the contents of the FreeBSD Documentation Project SVN repository.

        In July 2012, the FreeBSD Ports tree moved from CVS to Subversion. There is a web interface for + href="https://svnweb.FreeBSD.org/ports/">web interface for browsing the repository.

        Other options

        From owner-svn-doc-all@FreeBSD.ORG Fri Jul 4 16:47:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CBC5F21C; Fri, 4 Jul 2014 16:47:12 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B823E2C02; Fri, 4 Jul 2014 16:47:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s64GlCT2055365; Fri, 4 Jul 2014 16:47:12 GMT (envelope-from mat@svn.freebsd.org) Received: (from mat@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s64GlCsu055364; Fri, 4 Jul 2014 16:47:12 GMT (envelope-from mat@svn.freebsd.org) Message-Id: <201407041647.s64GlCsu055364@svn.freebsd.org> From: Mathieu Arnold Date: Fri, 4 Jul 2014 16:47:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45207 - head/en_US.ISO8859-1/books/porters-handbook/makefiles X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jul 2014 16:47:12 -0000 Author: mat (ports committer) Date: Fri Jul 4 16:47:12 2014 New Revision: 45207 URL: http://svnweb.freebsd.org/changeset/doc/45207 Log: Add portmgr's blanket approval, and update what being a maintainer means. PH: D342 Reviewed by: wblock, swills, erwin... Sponsored by: Absolight Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Fri Jul 4 11:38:09 2014 (r45206) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Fri Jul 4 16:47:12 2014 (r45207) @@ -2719,21 +2719,66 @@ ALWAYS_KEEP_DISTFILES= yes :-) - Note that only a single address without the comment part is + Only a single address without the comment part is allowed as a MAINTAINER value. The format - used should be user@hostname.domain. Please - do not include any descriptive text such as your real name in - this entry—that merely confuses - bsd.port.mk. + used is user@hostname.domain. Please + do not include any descriptive text such as a real name in + this entry. That merely confuses the Ports infrastructure + and most tools using it. The maintainer is responsible for keeping the port up to - date, and ensuring the port works correctly. For a detailed + date and making sure that it works correctly. For a detailed description of the responsibilities of a port maintainer, refer - to the The - challenge for port maintainers section. + challenge for port maintainers. - Changes to the port will be sent to the maintainer of a port + + A maintainer volunteers to keep a port in good working + order. Maintainers have the primary responsibility for their + ports, but not exclusive ownership. Ports exist for the + benefit of the community and, in reality, belong to the + community. What this means is that people other than the + maintainer can make changes to a port. Large changes to the + Ports Collection might require changes to many ports. The + &os; Ports Management Team or members of other teams might + modify ports to fix dependency issues or other problems, like + a version bump for a shared library update. + + Some types of fixes have blanket approval + from the &a.portmgr;, allowing any committer to fix those + categories of problems on any port. These fixes do not need + approval from the maintainer. Blanket approval does not apply + to ports that are maintained by teams like autotools@FreeBSD.org, x11@FreeBSD.org, gnome@FreeBSD.org, or kde@FreeBSD.org. These teams use + external repositories and can have work that would conflict + with changes that would normally fall under blanket + approval. + + Blanket approval for most ports applies to these types of + fixes: + + + + Most infrastructure changes to a port (that is, + modernizing, but not changing the functionality). For + example, converting to staging, + USE_GMAKE to + USES=gmake, the new + LIB_DEPENDS format... + + + + Trivial and tested build + fixes. + + + + + Other changes to the port will be sent to the maintainer for review and approval before being committed. If the maintainer does not respond to an update request after two weeks (excluding major public holidays), then that is considered a @@ -2748,7 +2793,8 @@ ALWAYS_KEEP_DISTFILES= yes We reserve the right to modify the maintainer's submission to better match existing policies and style of the Ports - Collection without explicit blessing from the submitter. Also, + Collection without explicit blessing from the submitter or the + maintainer. Also, large infrastructural changes can result in a port being modified without the maintainer's consent. These kinds of changes will never affect the port's functionality. From owner-svn-doc-all@FreeBSD.ORG Fri Jul 4 21:15:09 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EB8B5535; Fri, 4 Jul 2014 21:15:09 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CAB58234C; Fri, 4 Jul 2014 21:15:09 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s64LF9nJ083191; Fri, 4 Jul 2014 21:15:09 GMT (envelope-from kwm@svn.freebsd.org) Received: (from kwm@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s64LF94Y083190; Fri, 4 Jul 2014 21:15:09 GMT (envelope-from kwm@svn.freebsd.org) Message-Id: <201407042115.s64LF94Y083190@svn.freebsd.org> From: Koop Mast Date: Fri, 4 Jul 2014 21:15:09 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45208 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jul 2014 21:15:10 -0000 Author: kwm (ports committer) Date: Fri Jul 4 21:15:09 2014 New Revision: 45208 URL: http://svnweb.freebsd.org/changeset/doc/45208 Log: Annouce temporary WITH_NEW_XORG repositories for FreeBSD 9 and 10. Reviewed by: wblock@ Approved by: wblock@ Modified: head/share/xml/news.xml Modified: head/share/xml/news.xml ============================================================================== --- head/share/xml/news.xml Fri Jul 4 16:47:12 2014 (r45207) +++ head/share/xml/news.xml Fri Jul 4 21:15:09 2014 (r45208) @@ -32,6 +32,25 @@ 2014 + 7 + + + 4 + + + Temporary WITH_NEW_XORG repositories available for + &os; 9 and 10 + +

        For people needing WITH_NEW_XORG, an alternate pkg(8) + repository is now online. It contains a subset of + packages affected by this knob. Please see the announce + mail for more details.

        +         +         +         + + 6 From owner-svn-doc-all@FreeBSD.ORG Fri Jul 4 21:15:21 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3A353594; Fri, 4 Jul 2014 21:15:21 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 27AE02351; Fri, 4 Jul 2014 21:15:21 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s64LFLIW083255; Fri, 4 Jul 2014 21:15:21 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s64LFL3c083254; Fri, 4 Jul 2014 21:15:21 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407042115.s64LFL3c083254@svn.freebsd.org> From: Glen Barber Date: Fri, 4 Jul 2014 21:15:21 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45209 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jul 2014 21:15:21 -0000 Author: gjb Date: Fri Jul 4 21:15:20 2014 New Revision: 45209 URL: http://svnweb.freebsd.org/changeset/doc/45209 Log: Update the 9.3R schedule to note the RC3 builds have started. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Fri Jul 4 21:15:09 2014 (r45208) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Fri Jul 4 21:15:20 2014 (r45209) @@ -124,7 +124,7 @@ RC3 builds begin 4 July 2014 - - + 4 July 2014 Third release candidate. From owner-svn-doc-all@FreeBSD.ORG Sat Jul 5 03:52:28 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5F9D850B; Sat, 5 Jul 2014 03:52:28 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3078420CF; Sat, 5 Jul 2014 03:52:28 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s653qS6F079714; Sat, 5 Jul 2014 03:52:28 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s653qSSi079713; Sat, 5 Jul 2014 03:52:28 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201407050352.s653qSSi079713@svn.freebsd.org> From: Warren Block Date: Sat, 5 Jul 2014 03:52:28 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45210 - head/en_US.ISO8859-1/books/fdp-primer/docbook-markup X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Jul 2014 03:52:28 -0000 Author: wblock Date: Sat Jul 5 03:52:27 2014 New Revision: 45210 URL: http://svnweb.freebsd.org/changeset/doc/45210 Log: Add example of to . Modified: head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Fri Jul 4 21:15:20 2014 (r45209) +++ head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Sat Jul 5 03:52:27 2014 (r45210) @@ -978,6 +978,11 @@ substeps. Each step contains block elements and may include an optional title.         + Sometimes, steps are not sequential, but present a choice: + do this or do that, + but not both. For these alternative choices, use + stepalternatives. + <tag>procedure</tag> @@ -995,6 +1000,20 @@ step paraAnd now do this.para step + + step + paraFinally, do one of these.para + + stepalternatives + step + paraGo left.para + step + + step + paraGo right.para + step + stepalternatives + step procedure         Appearance: @@ -1011,6 +1030,20 @@ And now do this. + + + Finally, do one of these: + + + + Go left. + + + + Go right. + + + From owner-svn-doc-all@FreeBSD.ORG Sun Jul 6 04:03:28 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4426F41A; Sun, 6 Jul 2014 04:03:28 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 28AE42C86; Sun, 6 Jul 2014 04:03:28 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6643Rfu037200; Sun, 6 Jul 2014 04:03:27 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6643RJf037199; Sun, 6 Jul 2014 04:03:27 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201407060403.s6643RJf037199@svn.freebsd.org> From: Warren Block Date: Sun, 6 Jul 2014 04:03:27 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45211 - head/en_US.ISO8859-1/books/fdp-primer/docbook-markup X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Jul 2014 04:03:28 -0000 Author: wblock Date: Sun Jul 6 04:03:27 2014 New Revision: 45211 URL: http://svnweb.freebsd.org/changeset/doc/45211 Log: Add an example showing the use of . Modified: head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Modified: head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Sat Jul 5 03:52:27 2014 (r45210) +++ head/en_US.ISO8859-1/books/fdp-primer/docbook-markup/chapter.xml Sun Jul 6 04:03:27 2014 (r45211) @@ -838,6 +838,33 @@ + + Examples + + Examples can be shown with example. + + + <tag>example</tag> + + Usage: + + example + paraEmpty files can be created easily:para + + screen&prompt.user; userinputtouch file1 file2 file3userinputscreen +example + + + + Appearance: + + + Empty files can be created easily: + + &prompt.user; touch file1 file2 file3 + + + Lists and Procedures From owner-svn-doc-all@FreeBSD.ORG Sun Jul 6 13:25:00 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D44B3F71; Sun, 6 Jul 2014 13:25:00 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C229621D1; Sun, 6 Jul 2014 13:25:00 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s66DP0P4097056; Sun, 6 Jul 2014 13:25:00 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s66DP0Xo097055; Sun, 6 Jul 2014 13:25:00 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407061325.s66DP0Xo097055@svn.freebsd.org> From: Glen Barber Date: Sun, 6 Jul 2014 13:25:00 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45212 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Jul 2014 13:25:00 -0000 Author: gjb Date: Sun Jul 6 13:25:00 2014 New Revision: 45212 URL: http://svnweb.freebsd.org/changeset/doc/45212 Log: Switch 9.3 links to -RC3. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/share/xml/release.ent Modified: head/share/xml/release.ent ============================================================================== --- head/share/xml/release.ent Sun Jul 6 04:03:27 2014 (r45211) +++ head/share/xml/release.ent Sun Jul 6 13:25:00 2014 (r45212) @@ -39,7 +39,7 @@ - + @@ -34,6 +34,43 @@ 2014 + 7 + + + 6 + + + &os; 9.3-RC3 公開 + +

        &os;-9.3 リリースサイクルから 3 回目のリリース候補が公開されました + (アナウンス)。 + &os; + ミラーサイト から amd64, i386, ia64, powerpc, powerpc64 + および sparc64 アーキテクチャの ISO イメージを入手できます。

        +         +         + + + 4 + + + &os; 9 および 10 の WITH_NEW_XORG + リポジトリが利用可能になりました。 + +

        WITH_NEW_XORG で構築された packages が必要な方々のために、 + pkg(8) とは別のリポジトリが用意されました。 + このリポジトリには、このオプションで構築された packages + のサブセットが含まれています。 + 詳細については アナウンスメール + をご覧ください。

        +         +         +         + + 6 From owner-svn-doc-all@FreeBSD.ORG Mon Jul 7 09:14:01 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 104DED5B; Mon, 7 Jul 2014 09:14:01 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D5C8D2DED; Mon, 7 Jul 2014 09:14:00 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s679E0at060476; Mon, 7 Jul 2014 09:14:00 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s679E0x2060475; Mon, 7 Jul 2014 09:14:00 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201407070914.s679E0x2060475@svn.freebsd.org> From: Ryusuke SUZUKI Date: Mon, 7 Jul 2014 09:14:00 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45216 - head/ja_JP.eucJP/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Jul 2014 09:14:01 -0000 Author: ryusuke Date: Mon Jul 7 09:14:00 2014 New Revision: 45216 URL: http://svnweb.freebsd.org/changeset/doc/45216 Log: - Merge the following from the English version: r44590 -> r44592 head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Mon Jul 7 08:51:03 2014 (r45215) +++ head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Mon Jul 7 09:14:00 2014 (r45216) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r44590 + Original revision: r44592 $FreeBSD$ --> @@ -13,35 +13,35 @@ <acronym>CD</acronym> および <acronym>DVD</acronym> セット - &os; の CD および DVD - のセットは以下のオンライン業者から入手できます。 + &os; の CD および DVD + のセットは以下のオンライン業者から入手できます。 - - -
        &os; Mall, Inc. - 2420 Sand Creek Rd C-1 #347 - Brentwood, CA - 94513 - USA - 電話: +1 925 240-6652 - Fax: +1 925 674-0821 - Email: info@freebsdmall.com - WWW: http://www.freebsdmall.com/ -
        -         - - -
        Dr. Hinner EDV - Kochelseestr. 11 - D-81371 München - Germany - 電話: (0177) 428 419 0 - Email: infow@hinner.de - WWW: http://www.hinner.de/linux/freebsd.html -
        -         + + +
        &os; Mall, Inc. + 2420 Sand Creek Rd C-1 #347 + Brentwood, CA + 94513 + USA + 電話: +1 925 240-6652 + Fax: +1 925 674-0821 + Email: info@freebsdmall.com + WWW: http://www.freebsdmall.com/ +
        +         + + +
        Dr. Hinner EDV + Kochelseestr. 11 + D-81371 München + Germany + 電話: (0177) 428 419 0 + Email: infow@hinner.de + WWW: http://www.hinner.de/linux/freebsd.html +
        +         - -
        Linux Center - Galernaya Street, 55 - Saint-Petersburg - 190000 - Russia - 電話: +7-812-309-06-86 - Email: info@linuxcenter.ru - WWW: http://linuxcenter.ru/shop/freebsd -
        -         -         + +
        Linux Center + Galernaya Street, 55 + Saint-Petersburg + 190000 + Russia + 電話: +7-812-309-06-86 + Email: info@linuxcenter.ru + WWW: http://linuxcenter.ru/shop/freebsd +
        +         +         @@ -619,112 +619,113 @@ Comment out for now until these can be v &prompt.root; make update SVN_UPDATE=yes - - <application>Subversion</application> ミラーサイト + + <application>Subversion</application> ミラーサイト - - Subversion Repository - ミラーサイト - + + Subversion Repository + ミラーサイト + + + すべてのミラーはすべてのリポジトリを持っています。 + + &os; Subversion サーバのマスタである + svn.FreeBSD.org は、 + 公には読み出し専用でアクセスできますが、 + 将来的には変更される予定ですので、 + オフィシャルミラーを使うことが推奨されます。 + ブラウザを用いて &os; の Subversion リポジトリを参照するには、http://svnweb.FreeBSD.org/ + を利用してください。 - すべてのミラーはすべてのリポジトリを持っています。 + + &os; の Subversion + ミラーのネットワークは、 + まだ初期の段階にあるので、今後変更されることがあります。 + 以下のミラー一覧を不変なものとは考えないでください。 + 特に、サーバの SSL 証明書は、 + いずれかの時点で変更になるでしょう。 + - &os; Subversion サーバのマスタである - svn.FreeBSD.org は、 - 公には読み出し専用でアクセスできますが、 - 将来的には変更される予定ですので、 - オフィシャルミラーを使うことが推奨されます。 - ブラウザを用いて &os; の Subversion リポジトリを参照するには、http://svnweb.FreeBSD.org/ - を利用してください。 - - - &os; の Subversion - ミラーのネットワークは、 - まだ初期の段階にあるので、今後変更されることがあります。 - 以下のミラー一覧を不変なものとは考えないでください。 - 特に、サーバの SSL 証明書は、 - いずれかの時点で変更になるでしょう。 - - - - - - - - - - - 名前 - - プロトコル - - 位置 - - SSL フィンガープリント - - - - - - svn0.us-west.FreeBSD.org - - svn, http, - https - - USA, カリフォルニア - - SHA1 - 1C:BD:85:95:11:9F:EB:75:A5:4B:C8:A3:FE:08:E4:02:73:06:1E:61 - - - - svn0.us-east.FreeBSD.org - - svn, http, - https, - rsync - - USA, ニュージャージ - - SHA1 - 1C:BD:85:95:11:9F:EB:75:A5:4B:C8:A3:FE:08:E4:02:73:06:1E:61 - - - - svn0.eu.FreeBSD.org - - svn, http, - https, - rsync - - Europe, UK - - SHA1 - 39:B0:53:35:CE:60:C7:BB:00:54:96:96:71:10:94:BB:CE:1C:07:A7 - - - - - - HTTPS は推奨されているプロトコルです。 - 他のコンピュータが &os; ミラーを装う (一般的には - マン・イン・ザ・ミドル 攻撃として知られています) ことや、 - もしくは、エンドユーザに対し好ましくない内容を送りつけようということに対し保護を行います。 + + + + + + + + + 名前 + + プロトコル + + 位置 + + SSL フィンガープリント + + + + + + svn0.us-west.FreeBSD.org + + svn, http, + https + + USA, カリフォルニア + + SHA1 + 1C:BD:85:95:11:9F:EB:75:A5:4B:C8:A3:FE:08:E4:02:73:06:1E:61 + + + + svn0.us-east.FreeBSD.org + + svn, http, + https, + rsync + + USA, ニュージャージ + + SHA1 + 1C:BD:85:95:11:9F:EB:75:A5:4B:C8:A3:FE:08:E4:02:73:06:1E:61 + + + + svn0.eu.FreeBSD.org + + svn, http, + https, + rsync + + Europe, UK + + SHA1 + 39:B0:53:35:CE:60:C7:BB:00:54:96:96:71:10:94:BB:CE:1C:07:A7 + + + + + + HTTPS は推奨されているプロトコルです。 + 他のコンピュータが &os; ミラーを装う (一般的には + マン・イン・ザ・ミドル 攻撃として知られています) + ことや、もしくは、 + エンドユーザに対し好ましくない内容を送りつけようということに対し保護を行います。 - HTTPS ミラーへの最初の接続の際には、 - サーバの フィンガープリント の確認を求められます。 + HTTPS ミラーへの最初の接続の際には、 + サーバの フィンガープリント の確認を求められます。 - Error validating server certificate for 'https://svn0.us-west.freebsd.org:443': + Error validating server certificate for 'https://svn0.us-west.freebsd.org:443': - The certificate is not issued by a trusted authority. Use the fingerprint to validate the certificate manually! - The certificate hostname does not match. @@ -735,20 +736,23 @@ Certificate information: - Fingerprint: 1C:BD:85:95:11:9F:EB:75:A5:4B:C8:A3:FE:08:E4:02:73:06:1E:61 (R)eject, accept (t)emporarily or accept (p)ermanently? - フィンガープリントを上の表の一覧のものと照合してください。 - フィンガープリントが一致したら、 - サーバのセキュリティ証明書を一時的 (permanently) - もしくは恒久的 (temporarily) に受け入れてください。 - 一時的な認証であれば、サーバとの一回のセッションで有効期限が切れるため、 - 次回の接続時にはもう一度検証が行われます。 - 恒常的な認証を選んだ場合には、認証のための証明書が - ~/.subversion/auth/ に保存され、 - 有効期限が切れるまでは、フィンガープリントの確認は求められません。 - - ファイアウォールまたは他の問題のため、https - を使えなければ、転送速度がより少し早い svn を使ってください。 - 両方を使えない場合には、 - http を使ってください。 + フィンガープリントを上の表の一覧のものと照合してください。 + フィンガープリントが一致したら、 + サーバのセキュリティ証明書を一時的 (permanently) + もしくは恒久的 (temporarily) に受け入れてください。 + 一時的な認証であれば、 + サーバとの一回のセッションで有効期限が切れるため、 + 次回の接続時にはもう一度検証が行われます。 + 恒常的な認証を選んだ場合には、認証のための証明書が + ~/.subversion/auth/ に保存され、 + 有効期限が切れるまでは、 + フィンガープリントの確認は求められません。 + + ファイアウォールまたは他の問題のため、https + を使えなければ、転送速度がより少し早い svn + を使ってください。 + 両方を使えない場合には、 + http を使ってください。 @@ -775,8 +779,7 @@ Certificate information: 特に、&os; FTP サーバや CVS リポジトリのミラーサイトを作成する時に便利でしょう。 rsync は、多くのオペレーティングシステムで - 利用することができます。&os; 版は、 - net/rsync の + 利用することができます。&os; 版は、net/rsync の port か、package を使ってください。 @@ -787,6 +790,7 @@ Certificate information: rsync://ftp.cz.FreeBSD.org/ 提供しているコレクション: + ftp: &os; FTP From owner-svn-doc-all@FreeBSD.ORG Mon Jul 7 09:46:28 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5C2AFA0A; Mon, 7 Jul 2014 09:46:28 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 48BCE2114; Mon, 7 Jul 2014 09:46:28 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s679kSLd075211; Mon, 7 Jul 2014 09:46:28 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s679kSIs075210; Mon, 7 Jul 2014 09:46:28 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201407070946.s679kSIs075210@svn.freebsd.org> From: Ryusuke SUZUKI Date: Mon, 7 Jul 2014 09:46:28 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45217 - head/en_US.ISO8859-1/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Jul 2014 09:46:28 -0000 Author: ryusuke Date: Mon Jul 7 09:46:27 2014 New Revision: 45217 URL: http://svnweb.freebsd.org/changeset/doc/45217 Log: Use SGL entities for acute accents. Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Mon Jul 7 09:14:00 2014 (r45216) +++ head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml Mon Jul 7 09:46:27 2014 (r45217) @@ -32,7 +32,7 @@
        Getlinux 78 Rue de la Croix Rochopt - pinay-sous-Snart + Épinay-sous-Sénart 91860 France Email: contact@getlinux.fr From owner-svn-doc-all@FreeBSD.ORG Mon Jul 7 09:50:21 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EF308CD7; Mon, 7 Jul 2014 09:50:21 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C174C214F; Mon, 7 Jul 2014 09:50:21 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s679oLR9078519; Mon, 7 Jul 2014 09:50:21 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s679oLVu078518; Mon, 7 Jul 2014 09:50:21 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201407070950.s679oLVu078518@svn.freebsd.org> From: Ryusuke SUZUKI Date: Mon, 7 Jul 2014 09:50:21 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45218 - head/ja_JP.eucJP/books/handbook/mirrors X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Jul 2014 09:50:22 -0000 Author: ryusuke Date: Mon Jul 7 09:50:21 2014 New Revision: 45218 URL: http://svnweb.freebsd.org/changeset/doc/45218 Log: - Merge the following from the English version: r44592 -> r45217 head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Mon Jul 7 09:46:27 2014 (r45217) +++ head/ja_JP.eucJP/books/handbook/mirrors/chapter.xml Mon Jul 7 09:50:21 2014 (r45218) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r44592 + Original revision: r45217 $FreeBSD$ --> @@ -32,6 +32,18 @@ +
        Getlinux + 78 Rue de la Croix Rochopt + Épinay-sous-Sénart + 91860 + France + Email: contact@getlinux.fr + WWW: http://www.getlinux.fr/ +
        +         + +
        Dr. Hinner EDV Kochelseestr. 11 D-81371 München @@ -689,7 +701,7 @@ Comment out for now until these can be v xlink:href="http://svn0.us-east.FreeBSD.org/">http, https, - rsync + rsync USA, ニュージャージ @@ -705,13 +717,29 @@ Comment out for now until these can be v xlink:href="http://svn0.eu.FreeBSD.org/">http, https, - rsync + rsync Europe, UK SHA1 39:B0:53:35:CE:60:C7:BB:00:54:96:96:71:10:94:BB:CE:1C:07:A7 + + + svn0.ru.FreeBSD.org + + svn, http, + https, + rsync + + ロシア、モスクワ + + SHA1 + F6:44:AA:B9:03:89:0E:3E:8C:4D:4D:14:F0:27:E6:C7:C1:8B:17:C5 + From owner-svn-doc-all@FreeBSD.ORG Mon Jul 7 12:57:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1706AE20; Mon, 7 Jul 2014 12:57:12 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 047CC2248; Mon, 7 Jul 2014 12:57:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s67CvBd5068040; Mon, 7 Jul 2014 12:57:11 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s67CvBka068039; Mon, 7 Jul 2014 12:57:11 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201407071257.s67CvBka068039@svn.freebsd.org> From: Gavin Atkinson Date: Mon, 7 Jul 2014 12:57:11 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45219 - head/en_US.ISO8859-1/htdocs/internal X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Jul 2014 12:57:12 -0000 Author: gavin Date: Mon Jul 7 12:57:11 2014 New Revision: 45219 URL: http://svnweb.freebsd.org/changeset/doc/45219 Log: There are no longer any ref7 machines in the cluster. Modified: head/en_US.ISO8859-1/htdocs/internal/machines.xml Modified: head/en_US.ISO8859-1/htdocs/internal/machines.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/internal/machines.xml Mon Jul 7 09:50:21 2014 (r45218) +++ head/en_US.ISO8859-1/htdocs/internal/machines.xml Mon Jul 7 12:57:11 2014 (r45219) @@ -319,7 +319,7 @@ SAS controller, 418GB local storage, 2x -ref[7-10]-(amd64|i386) +ref[8-10]-(amd64|i386) Intel EM64T MP Dell PowerEdge 2950, 2xIntel Xeon L5320 (8x1.86GHz), 8/16GB Memory, PERC 5/i RAID controller, 6x136GB SAS disks, Broadcom NetXtreme II From owner-svn-doc-all@FreeBSD.ORG Mon Jul 7 15:20:00 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1CBF9525; Mon, 7 Jul 2014 15:20:00 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0A5132076; Mon, 7 Jul 2014 15:20:00 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s67FJxI1036336; Mon, 7 Jul 2014 15:19:59 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s67FJxAR036335; Mon, 7 Jul 2014 15:19:59 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407071519.s67FJxAR036335@svn.freebsd.org> From: Glen Barber Date: Mon, 7 Jul 2014 15:19:59 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45220 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Jul 2014 15:20:00 -0000 Author: gjb Date: Mon Jul 7 15:19:59 2014 New Revision: 45220 URL: http://svnweb.freebsd.org/changeset/doc/45220 Log: Initial commit of the 2014Q2 status report, including its first entry. Sponsored by: The FreeBSD Foundation Added: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml (contents, props changed) Added: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Mon Jul 7 15:19:59 2014 (r45220) @@ -0,0 +1,124 @@ + + + + + + April-June + + 2014 + + +
        + Introduction + +

        This report covers &os;-related projects between April and + June 2014. This is the second of four reports planned for + 2014.

        + + The first quarter of 2014 was, again, a hectic and + productive time for &os;. The Ports team released their + landmark first quarterly stable branch. &os; continues + to grow on the ARM architecture, now running on an ARM-based + ChromeBook. SMP is now possible on multi-core ARM systems. + bhyve, the native &os; hypervisor, continues to improve. An + integral test suite is taking shape, and the Jenkins Continuous + Integration system has been implemented. &os; patches to GCC + are being forward-ported, and LLDB, the Clang/LLVM + debugger is being ported. Desktop use has also seen + improvements, with work on Gnome, KDE, Xfce, KMS video drivers, + X.org, and vt, the new console driver which supports + KMS and Unicode. Linux and Wine binary compatibility layers + have been improved. UEFI booting support has been merged to + head. The &os; Foundation continues to assist in moving &os; + forward, sponsoring conferences and meetings and numerous + development projects. And these are only some of the things + that happened! Read on for even more.

        + ?> + +

        Thanks to all the reporters for the excellent work! This + report contains 1 entry and we hope you enjoy reading it.

        + +

        The deadline for submissions covering between July and + September 2014 is October 7th, 2014.

        +
        + + + team + + &os; Team Reports + + + + proj + + Projects + + + + kern + + Kernel + + + + arch + + Architectures + + + + bin + + Userland Programs + + + + ports + + Ports + + + + doc + + Documentation + + + + misc + + Miscellaneous + + + + CUSE4BSD + + + + + Hans Petter + Selasky + + hselasky@freebsd.org + + + + + Commit + + + +

        The so-called "CUSE4BSD" has been imported into the base + system of &os;-11. CUSE is short for character device in + userspace. The CUSE library is a wrapper for the devfs(8) + kernel functionality which is exposed through /dev/cuse. In + order to function the CUSE kernel code must either be enabled + in the kernel configuration file or loaded separately as + a module. Follow the commit message link to get more + information. +

        + +         +         From owner-svn-doc-all@FreeBSD.ORG Tue Jul 8 01:49:56 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C506498F; Tue, 8 Jul 2014 01:49:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B20C32A45; Tue, 8 Jul 2014 01:49:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s681nuPD037141; Tue, 8 Jul 2014 01:49:56 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s681nuR8037140; Tue, 8 Jul 2014 01:49:56 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201407080149.s681nuR8037140@svn.freebsd.org> From: Warren Block Date: Tue, 8 Jul 2014 01:49:56 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45221 - head/en_US.ISO8859-1/htdocs/portmgr X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jul 2014 01:49:56 -0000 Author: wblock Date: Tue Jul 8 01:49:56 2014 New Revision: 45221 URL: http://svnweb.freebsd.org/changeset/doc/45221 Log: Pointyhat is gone, replace the link with one to pkg. Submitted by: swills Modified: head/en_US.ISO8859-1/htdocs/portmgr/charter.xml Modified: head/en_US.ISO8859-1/htdocs/portmgr/charter.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/portmgr/charter.xml Mon Jul 7 15:19:59 2014 (r45220) +++ head/en_US.ISO8859-1/htdocs/portmgr/charter.xml Tue Jul 8 01:49:56 2014 (r45221) @@ -37,7 +37,7 @@
      • -

        Maintain the automated +

        Maintain the automated package building cluster, and make the resulting packages available for download by FreeBSD users.

        • From owner-svn-doc-all@FreeBSD.ORG Tue Jul 8 01:50:34 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6EC489EF; Tue, 8 Jul 2014 01:50:34 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5C2FB2AB6; Tue, 8 Jul 2014 01:50:34 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s681oYqX039063; Tue, 8 Jul 2014 01:50:34 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s681oYx3039062; Tue, 8 Jul 2014 01:50:34 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201407080150.s681oYx3039062@svn.freebsd.org> From: Warren Block Date: Tue, 8 Jul 2014 01:50:34 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45222 - head/en_US.ISO8859-1/htdocs/portmgr X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jul 2014 01:50:34 -0000 Author: wblock Date: Tue Jul 8 01:50:33 2014 New Revision: 45222 URL: http://svnweb.freebsd.org/changeset/doc/45222 Log: Update EOL policies. Submitted by: swills Modified: head/en_US.ISO8859-1/htdocs/portmgr/policies_eol.xml Modified: head/en_US.ISO8859-1/htdocs/portmgr/policies_eol.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/portmgr/policies_eol.xml Tue Jul 8 01:49:56 2014 (r45221) +++ head/en_US.ISO8859-1/htdocs/portmgr/policies_eol.xml Tue Jul 8 01:50:33 2014 (r45222) @@ -63,11 +63,11 @@ last release + 2 years - RELENG_8_3 - 8.3-RELEASE - RELENG_8_3 + RELENG_8_4 + 8.4-RELEASE + RELENG_8_4 packages-8-stable - April 30, 2014 + June 30, 2015 RELENG_9 From owner-svn-doc-all@FreeBSD.ORG Tue Jul 8 12:18:18 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9370BD7E; Tue, 8 Jul 2014 12:18:18 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7F66A2C17; Tue, 8 Jul 2014 12:18:18 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s68CIIIh038257; Tue, 8 Jul 2014 12:18:18 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s68CIIH9038256; Tue, 8 Jul 2014 12:18:18 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201407081218.s68CIIH9038256@svn.freebsd.org> From: Gavin Atkinson Date: Tue, 8 Jul 2014 12:18:18 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45223 - head/en_US.ISO8859-1/htdocs/internal X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jul 2014 12:18:18 -0000 Author: gavin Date: Tue Jul 8 12:18:18 2014 New Revision: 45223 URL: http://svnweb.freebsd.org/changeset/doc/45223 Log: Update the machines list to mostly match reality. A lot of hosts have had hardware refreshes since this list was last updated. Remove the ports build machines for now, the existing specs and hosts are very outdated but I don't know enough about the ports build infrastructure to refresh it at the moment. I plan to update this in the coming days. Modified: head/en_US.ISO8859-1/htdocs/internal/machines.xml Modified: head/en_US.ISO8859-1/htdocs/internal/machines.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/internal/machines.xml Tue Jul 8 01:50:33 2014 (r45222) +++ head/en_US.ISO8859-1/htdocs/internal/machines.xml Tue Jul 8 12:18:18 2014 (r45223) @@ -40,7 +40,7 @@ this file.

        eris -11-CURRENT +10-STABLE ia64 Reference machine. @@ -56,7 +56,7 @@ this file.

        freefall 11-CURRENT amd64 -GNATS/shell Logins. +Shell Logins. @@ -174,6 +174,7 @@ this file.

        +

        Hardware configurations

        @@ -239,61 +216,31 @@ this file.

        freefall -Intel x86 -2x dual-core 2.80GHz Xeon (Pentium-IV family), 2GB Memory, -Compaq Smart Array 5i SCSI RAID controller, 138 GB SCSI local storage, -Broadcom-based Compaq NC7781 Gigabit Server Adapter NIC. +Intel EM64T MP +HP Proliant DL160 G6, 2xIntel Xeon X5650 (6x2x2.67GHz), 24GB Memory, + 4x1TB SATA disks, Intel PRO/1000 NIC. ftp-master -Intel x86 -2x dual-core 2.80GHz Xeon, 4GB Memory, LSI Logic PERC 4e/Di RAID - adapter, 1.14T disk, 2x Intel PRO/1000 Ethernet NIC. - - - -gohan10-13 -Intel x86 -2x1.8GHz quad-core Xeon L5320, 8GB Memory, Intel 63XXESB2 SATA300 -controller, 1x160GB SAT300 drive, 2xIntel PRO/1000 NIC. - - - -gohan18 -Intel x86 -2x1.8GHz quad-core Xeon L5320, 8GB Memory, LSILogic SAS/SATA controller, -1x160GB SAT300 drive, 2x Broadcom NetXtreme Gigabit Ethernet NIC. - - - -gohan61-62 -Intel x86 -2x2.0GHz quad-core Intel Xeon L5335, 32GB Memory, Dell PERC 6 Megaraid -SAS controller, 418GB local storage, 2x Broadcom NetXtreme II BCM5708 -1000Base-T Ethernet NIC. +Intel EM64T MP +HP Proliant DL160 G6, 2xIntel Xeon X5650 (6x2x2.67GHz), 24GB Memory, + 4x1TB SATA disks, Intel PRO/1000 NIC. hub -AMD64 MP -4x2.2GHz (dual CPU, dual core), 3GB Memory, Adaptec RAID Controller, -4x36GB U160 SCSI Disk, Broadcom Gigabit Ethernet. - - - -mx1 -Intel x86 MP -8x1.86GHz Xeon (dual CPU, quad core), 8GB Memory, Dell PERC 5/i - RAID controller, 2x136GB SAS disks in RAID1, Broadcom NetXtreme - Gigabit Ethernet adapter. +Intel EM64T MP +HP Proliant DL160 G6, 2xIntel Xeon X5650 (6x2x2.67GHz), 48GB Memory, + 4x1TB SATA disks, Intel PRO/1000 NIC. -mx2 -Intel x86 MP -2x2.8GHz Xeon, 1GB Memory, Compaq Smart Array 5i RAID controller, - 2x34GB SCSI Disks in RAID1, Broadcom Gigabit Ethernet. +mx1, mx2 +AMD64 +PowerEdge R415, 2xAMD Opteron 4180 (2x6x2.6GHz), 16GB Memory, + Dell PERC H700 RAID controller, 3x300GB SAS disks in XFS mirror, + QLogic NetXtreme II Gigabit Ethernet adapter. @@ -312,31 +259,24 @@ SAS controller, 418GB local storage, 2x -pointyhat +ref[8-11]-amd64 Intel EM64T MP -2x2.8GHz Intel Xeon (dualcore), 4GB Memory, Dell PERC 4 RAID controller, - 1.1TB storage, Intel PRO/1000 Gigabitq NIC. +HP Proliant DL160 G6, 2xIntel Xeon X5650 (6x2x2.67GHz), 24GB Memory, + 4x1TB SATA disks, Intel PRO/1000 NIC. -ref[8-10]-(amd64|i386) +ref10-i386 Intel EM64T MP -Dell PowerEdge 2950, 2xIntel Xeon L5320 (8x1.86GHz), 8/16GB Memory, +Dell PowerEdge 2950, 2xIntel Xeon L5320 (4x1.86GHz), 8/16GB Memory, PERC 5/i RAID controller, 6x136GB SAS disks, Broadcom NetXtreme II BCM5708 NIC. -ref11-amd64 -Intel EM64T MP -HP Proliant, 2xIntel Xeon X5650 (6x2x2.67GHz), 24GB Memory, - 4x1TB SATA disks, Intel PRO/1000 NIC. - - - ref11-i386 Intel EM64T MP -Dell, 2xIntel Xeon E5320 (4x1.86GHz), 32GB Memory, PERC 5/i RAID +Dell PowerEdge 2950, 2xIntel Xeon E5320 (4x1.86GHz), 32GB Memory, PERC 5/i RAID controller,6x136GB SAS disks, Broadcom NetXtreme II BCM5708 NIC. @@ -351,8 +291,8 @@ SAS controller, 418GB local storage, 2x -

        All machines are connected at 100Mbit/sec full-duplex to a dedicated -Cisco 2948G switch with redundant gigabit uplinks. Internet connectivity +

        Machines are generally connected at 1Gbit/sec full-duplex to a dedicated +switch with redundant gigabit uplinks. Internet connectivity and colocation is provided by Yahoo!. All systems have logged serial consoles and remote power management.

        From owner-svn-doc-all@FreeBSD.ORG Tue Jul 8 15:09:15 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AD0FF429; Tue, 8 Jul 2014 15:09:15 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9A1942DAC; Tue, 8 Jul 2014 15:09:15 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s68F9Fbt023177; Tue, 8 Jul 2014 15:09:15 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s68F9Fjl023176; Tue, 8 Jul 2014 15:09:15 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407081509.s68F9Fjl023176@svn.freebsd.org> From: Glen Barber Date: Tue, 8 Jul 2014 15:09:15 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45225 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jul 2014 15:09:15 -0000 Author: gjb Date: Tue Jul 8 15:09:14 2014 New Revision: 45225 URL: http://svnweb.freebsd.org/changeset/doc/45225 Log: Add mkimg(1). Sponsored by: The FreeBSD Foundation Modified: head/share/xml/man-refs.ent Modified: head/share/xml/man-refs.ent ============================================================================== --- head/share/xml/man-refs.ent Tue Jul 8 14:14:50 2014 (r45224) +++ head/share/xml/man-refs.ent Tue Jul 8 15:09:14 2014 (r45225) @@ -376,6 +376,7 @@ mkdir1"> mkfifo1"> mkfontdir1"> +mkimg1"> mklocale1"> mkstr1"> mktemp1"> From owner-svn-doc-all@FreeBSD.ORG Tue Jul 8 14:14:51 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E371FA97; Tue, 8 Jul 2014 14:14:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C553F27D6; Tue, 8 Jul 2014 14:14:50 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s68EEoJC098053; Tue, 8 Jul 2014 14:14:50 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s68EEoBM098052; Tue, 8 Jul 2014 14:14:50 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201407081414.s68EEoBM098052@svn.freebsd.org> From: Ryusuke SUZUKI Date: Tue, 8 Jul 2014 14:14:50 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45224 - head/ja_JP.eucJP/books/handbook/basics X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Tue, 08 Jul 2014 15:35:33 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jul 2014 14:14:51 -0000 Author: ryusuke Date: Tue Jul 8 14:14:50 2014 New Revision: 45224 URL: http://svnweb.freebsd.org/changeset/doc/45224 Log: - Merge the following from the English version: r29930 -> r30735 head/ja_JP.eucJP/books/handbook/basics/chapter.xml Submitted by: Yuta MASUMOTO Modified: head/ja_JP.eucJP/books/handbook/basics/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/basics/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/basics/chapter.xml Tue Jul 8 12:18:18 2014 (r45223) +++ head/ja_JP.eucJP/books/handbook/basics/chapter.xml Tue Jul 8 14:14:50 2014 (r45224) @@ -3,7 +3,7 @@ The FreeBSD Documentation Project The FreeBSD Japanese Documentation Project - Original revision: r29930 + Original revision: r30735 $FreeBSD$ --> @@ -662,11 +662,11 @@ total 530 オペレーティングシステムをマルチユーザで動作させるために 必要な基本システムが含まれています。 また、ルートディレクトリには、 - 他のファイルシステムをマウントするためのマウントポイントも含まれます。 - + マルチユーザへの移行中に他のファイルシステムをマウントするためのマウントポイントも含まれます。 - マウントポイントとはルートファイルシステムに存在する、 - 追加のファイルシステムと接続するためのディレクトリのことです。 + マウントポイントとは、 + 追加のファイルシステムと接続するためのディレクトリのことです + (普通はルートファイルシステムにあります) 。 より詳細な説明は の節にあります。 @@ -1312,9 +1312,9 @@ total 530 パーティションを参照するときには、 FreeBSD はパーティションを含むスライスおよびパーティションも指定することを必要とします。 - そしてスライスを参照するときはディスク名も参照しないといけないでしょう。 - このことは、ディスク名、s、スライス番号、 - そしてパーティション文字を並べることによってできます。 + そしてスライスを参照するときはディスク名も参照しないといけません。 + したがって、ディスク名、s、スライス番号、 + そしてパーティション文字を並べることによってパーティションを参照します。 に例があります。 @@ -1424,7 +1424,7 @@ total 530 一番目のスライスは &ms-dos; ディスクの C: を含んでいます。 そして、二番目のスライスは FreeBSD のディスクを含んでいます。 - これは FreeBSD インストーラが三つのパーティションと一つのスワップパーティションを作成した例です。 + これは FreeBSD インストーラが三つのデータパーティションと一つのスワップパーティションを作成した例です。 三つのパーティションはそれぞれファイルシステムを含んでいます。 a @@ -1704,15 +1704,6 @@ total 530 - nodev - - - ファイルシステム上のスペシャルデバイスを解釈しません。 - セキュリティのために有用なオプションです。 - - - - noexec @@ -1823,7 +1814,8 @@ total 530 &man.ps.1; の出力はいくつかの行に整形されています。 PID は先ほど見たプロセス ID です。 PID は 1 から順に 99999 まで割り当てられ、 - 足りなくなると最初に戻って使い回されます。 + 足りなくなると最初に戻って使い回されます + (使用中の PID は割り当てられません) 。 TT の列はプログラムが動いている tty を示します。 差し当たって無視してもかまわないでしょう。 STAT はプログラムの状態を示しますが、 @@ -1842,7 +1834,7 @@ total 530 はプロセスの所有者の名前をメモリ使用量と同様に表示します。 はデーモンプロセスについての情報を表示し、 で、スクリーンに入りきらないほど長くなったコマンドラインでも省略せず、 - &man.ps.1; に全コマンドラインを表示させます。 + &man.ps.1; に各プロセスの全コマンドラインを表示させます。 &man.top.1; の出力も同様です。 例は以下の通りです。 @@ -1911,10 +1903,11 @@ Swap: 256M Total, 38M Used, 217M Free, 1 通常デーモンとして動作するプログラムには末尾に d を持った名前をつける慣習があります。 - BIND は Berkeley Internet Name Daemon ですし - (実際実行されるプログラムは named という名前です)、 + BIND は Berkeley Internet Name Domain + ですが、 + 実際実行されるプログラムは named という名前です。 Apache ウェブサーバのプログラムは - httpd と呼ばれますし、 + httpd と呼ばれ、 ラインプリンタスプーリングデーモンは lpd、 などなどです。 これは単なる慣習で、しっかりがっちりとしたルールではありません。 @@ -1924,9 +1917,8 @@ Swap: 256M Total, 38M Used, 217M Free, 1 連想しそうな maild ではありません。 時々、デーモンプロセスと通信したいときがあります。 - この通信はシグナルと呼ばれ、 - デーモンにシグナルを送ることによってデーモン - (に限らずどんな動作中のプロセスでも) と通信することができます。 + 一つの方法として、それ (に限らずどんな動作中のプロセスでも) に + シグナルと呼ばれるものを送信する方法です。 送信可能なシグナルはたくさんあります—特別な意味があるものもあれば、 アプリケーションによって解釈されるものもありますし、 アプリケーションがシグナルをどう解釈するかは @@ -2162,7 +2154,7 @@ Swap: 256M Total, 38M Used, 217M Free, 1 TERM - ユーザの端末名。 + ユーザの端末種名。 端末のケーパビリティを決定するのに使われる。 From owner-svn-doc-all@FreeBSD.ORG Tue Jul 8 16:35:19 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 649FBBFA; Tue, 8 Jul 2014 16:35:19 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BD7D26E4; Tue, 8 Jul 2014 16:35:19 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s68GZJSq065727; Tue, 8 Jul 2014 16:35:19 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s68GZIee065722; Tue, 8 Jul 2014 16:35:18 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407081635.s68GZIee065722@svn.freebsd.org> From: Glen Barber Date: Tue, 8 Jul 2014 16:35:18 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45226 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jul 2014 16:35:19 -0000 Author: gjb Date: Tue Jul 8 16:35:18 2014 New Revision: 45226 URL: http://svnweb.freebsd.org/changeset/doc/45226 Log: Regen after r268417. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/errata.html head/en_US.ISO8859-1/htdocs/releases/9.3R/hardware.html head/en_US.ISO8859-1/htdocs/releases/9.3R/installation.html head/en_US.ISO8859-1/htdocs/releases/9.3R/readme.html head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/errata.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/errata.html Tue Jul 8 15:09:14 2014 (r45225) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/errata.html Tue Jul 8 16:35:18 2014 (r45226) @@ -1,5 +1,5 @@ -FreeBSD 9.3-RELEASE Errata

        FreeBSD 9.3-RELEASE Errata

        +FreeBSD 9.3-RELEASE Errata

        FreeBSD 9.3-RELEASE Errata

        The FreeBSD Project

        Copyright 2014 The FreeBSD Documentation Project

        FreeBSD is a registered trademark of the FreeBSD Foundation.

        Intel, Celeron, EtherExpress, i386, @@ -14,7 +14,7 @@ as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the or the - symbol.

        Last modified on 2014-06-17 by gjb.
        Abstract

        This document lists errata items for FreeBSD 9.3-RELEASE, + symbol.

        Last modified on 2014-07-08 by gjb.
        Abstract

        This document lists errata items for FreeBSD 9.3-RELEASE, containing significant information discovered after the release or too late in the release cycle to be otherwise included in the release documentation. @@ -23,7 +23,7 @@ operation or usability. An up-to-date version of this document should always be consulted before installing this version of FreeBSD.

        This errata document for FreeBSD 9.3-RELEASE - will be maintained until the release of FreeBSD 9.3-RELEASE.

        Table of Contents
        1. Introduction
        2. Security Advisories
        3. Late-Breaking News

        1.Introduction

        This errata document contains late-breaking news + will be maintained until the EoL of FreeBSD 9.3-STABLE.

        Table of Contents
        1. Introduction
        2. Security Advisories
        3. Late-Breaking News

        1.Introduction

        This errata document contains late-breaking news about FreeBSD 9.3-RELEASE Before installing this version, it is important to consult this document to learn about any post-release discoveries or problems @@ -42,6 +42,6 @@ can be downloaded from http://www.FreeBSD.org/releases/.

        For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.

        All users of FreeBSD 9.3-STABLE should - subscribe to the <current@FreeBSD.org> + subscribe to the <stable@FreeBSD.org> mailing list.

        For questions about this documentation, e-mail <doc@FreeBSD.org>.

        \ No newline at end of file Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/hardware.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/hardware.html Tue Jul 8 15:09:14 2014 (r45225) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/hardware.html Tue Jul 8 16:35:18 2014 (r45226) @@ -1,5 +1,5 @@ -FreeBSD 9.3-RELEASE Hardware Notes

        FreeBSD 9.3-RELEASE Hardware Notes

        The FreeBSD Documentation Project

        Copyright 2000-2014 The FreeBSD Documentation Project

        FreeBSD is a registered trademark of +FreeBSD 9.3-RELEASE Hardware Notes

        FreeBSD 9.3-RELEASE Hardware Notes

        The FreeBSD Documentation Project

        Copyright 2000-2014 The FreeBSD Documentation Project

        FreeBSD is a registered trademark of the FreeBSD Foundation.

        AMD, AMD Athlon, AMD Opteron, Athlon, lan, Opteron, and PCnet are trademarks of Advanced Micro Devices, Inc.

        Fujitsu, the Fujitsu logo, LifeBook, @@ -344,6 +344,6 @@ can be downloaded from http://www.FreeBSD.org/releases/.

        For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.

        All users of FreeBSD 9.3-STABLE should - subscribe to the <current@FreeBSD.org> + subscribe to the <stable@FreeBSD.org> mailing list.

        For questions about this documentation, e-mail <doc@FreeBSD.org>.

        \ No newline at end of file Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/installation.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/installation.html Tue Jul 8 15:09:14 2014 (r45225) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/installation.html Tue Jul 8 16:35:18 2014 (r45226) @@ -1,5 +1,5 @@ -FreeBSD 9.3-RELEASE Installation Instructions

        FreeBSD 9.3-RELEASE Installation Instructions

        The FreeBSD Project

        < div>

        Copyright 2014 The FreeBSD Documentation Project

        FreeBSD is a registered trademark of +FreeBSD 9.3-RELEASE Installation Instructions

        FreeBSD 9.3-RELEASE Installation Instructions

        The FreeBSD Project

        < div>

        Copyright 2014 The FreeBSD Documentation Project

        FreeBSD is a registered trademark of the FreeBSD Foundation.

        Intel, Celeron, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United @@ -12,7 +12,7 @@ as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the or the - symbol.

        Last modified on 2014-06-17 by gjb.
        Abstract

        This article gives some brief instructions on installing + symbol.

        Last modified on 2014-07-08 by gjb.
        Abstract

        This article gives some brief instructions on installing FreeBSD 9.3-RELEASE and upgrading the systems running earlier releases.

        Table of Contents
        1. Installing FreeBSD
        2. Upgrading FreeBSD

        1.Installing FreeBSD

        The Installing FreeBSD @@ -22,12 +22,12 @@ screenshots.

        2.Upgrading FreeBSD

        If you are upgrading from a previous release of FreeBSD, please read upgrading section in the Release Notes for notable - incompatibilities carefully.

        2.1.Upgrading from Source

        The procedure for doing a source code based update is + incompatibilities carefully.

        2.1.Upgrading from Source

        The procedure for doing a source code based update is described in - ../../../../doc/en_US.ISO8859-1/books/handbook/synching.html and - ../../../../doc/en_US.ISO8859-1/books/handbook/makeworld.html.

        For SVN use the releng/9.3 branch + Synchronizing Source and + Rebuilding World.

        For SVN use the releng/9.3 branch which will be where any upcoming Security Advisories or Errata - Notices will be applied.

        2.2.Upgrading Using FreeBSD Update

        The freebsd-update(8) utility supports binary + Notices will be applied.

        2.2.Upgrading Using FreeBSD Update

        The freebsd-update(8) utility supports binary upgrades of i386 and amd64 systems running earlier FreeBSD releases. Systems running 8.4-RELEASE, @@ -43,7 +43,7 @@ freebsd-update(8) will ask for help in merging configuration files. 

        # freebsd-update upgrade -r 9.3-RELEASE

        Due to changes in the way that FreeBSD is packaged on the release media, two complications may arise in this process if - upgrading from FreeBSD 7.x or 8.x:

        1. The FreeBSD, which previously could appear in either + upgrading from FreeBSD 8.x:

          1. The FreeBSD, which previously could appear in either /boot/kernel or /boot/GENERIC, now only appears as /boot/kernel. As a result, any @@ -62,7 +62,7 @@ FreeBSD.) 

          # freebsd-update install

          The system must now be rebooted with the newly installed kernel before the non-kernel components are updated. 

          # shutdown -r now

          After rebooting, freebsd-update(8) needs to be run again to install the new userland components: 

          # freebsd-update install

          At this point, users of systems being upgraded from FreeBSD - 8.2-RELEASE or earlier will be prompted by + 8.4-RELEASE or earlier will be prompted by freebsd-update(8) to rebuild all third-party applications (e.g., ports installed from the ports tree) due to updates in system libraries.

          After updating installed third-party applications (and @@ -73,6 +73,6 @@ can be downloaded from http://www.FreeBSD.org/releases/.

          For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.

          All users of FreeBSD 9.3-STABLE should - subscribe to the <current@FreeBSD.org> + subscribe to the <stable@FreeBSD.org> mailing list.

          For questions about this documentation, e-mail <doc@FreeBSD.org>.

          \ No newline at end of file Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/readme.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/readme.html Tue Jul 8 15:09:14 2014 (r45225) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/readme.html Tue Jul 8 16:35:18 2014 (r45226) @@ -1,5 +1,5 @@ -FreeBSD 9.3-RELEASE README

          FreeBSD 9.3-RELEASE README

          The FreeBSD Project

          Copyright 2014 The FreeBSD Documentation Project

          FreeBSD is a registered trademark of +FreeBSD 9.3-RELEASE README

          FreeBSD 9.3-RELEASE README

          The FreeBSD Project

          Copyright 2014 The FreeBSD Documentation Project

          FreeBSD is a registered trademark of the FreeBSD Foundation.

          Intel, Celeron, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United @@ -15,12 +15,12 @@ as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the or the - symbol.

          Last modified on 2014-03-22 by gjb.
          Abstract

          This document gives a brief introduction to FreeBSD + symbol.

          Last modified on 2014-07-08 by gjb.
          Abstract

          This document gives a brief introduction to FreeBSD 9.3-RELEASE. It includes some information on how to obtain FreeBSD, a listing of various ways to contact the FreeBSD Project, and pointers to some other sources of - information.

          Table of Contents
          1. Introduction
          2. Obtaining FreeBSD
          3. Contacting the FreeBSD Project
          4. Further Reading
          5. Acknowledgments

          1.Introduction

          This distribution is a snapshot of FreeBSD 9.3-RELEASE, the - latest point along the 9.3-STABLE branch.

          1.1.About FreeBSD

          FreeBSD is an operating system based on 4.4 BSD Lite for + information.

          Table of Contents
          1. Introduction
          2. Obtaining FreeBSD
          3. Contacting the FreeBSD Project
          4. Further Reading
          5. Acknowledgments

          1.Introduction

          This distribution is a release of FreeBSD 9.3-RELEASE, the + latest point along the 9.3-STABLE branch.

          1.1.About FreeBSD

          FreeBSD is an operating system based on 4.4 BSD Lite for AMD64 and Intel EM64T based PC hardware (amd64), Intel, AMD, Cyrix or NexGen x86 based PC hardware (i386), Intel Itanium Processor based computers (ia64), @@ -48,22 +48,13 @@ environment that extends far beyond what's provided by many commercial versions of UNIX. Most ports are also available as pre-compiled packages, which can be quickly - installed from the installation program.

          1.2.Target Audience

          This snapshot is aimed primarily at early adopters - and various other users who want to get involved with the - ongoing development of FreeBSD. While the FreeBSD development team - tries its best to ensure that each snapshot works as - advertised, 9.3-STABLE is very much a - work-in-progress.

          The basic requirements for using this snapshot are - technical proficiency with FreeBSD and an understanding of the - ongoing development process of FreeBSD 9.3-STABLE (as - discussed on the FreeBSD-CURRENT mailing list).

          For those more interested in doing business with FreeBSD than - in experimenting with new FreeBSD technology, formal releases - (such as 9.2-RELEASE) are frequently more appropriate. - Releases undergo a period of testing and quality assurance - checking to ensure high reliability and dependability.

          2.Obtaining FreeBSD

          FreeBSD may be obtained in a variety of ways. This section + installed from the installation program.

          1.2.Target Audience

          This release of FreeBSD is suitable for all users. It + has undergone a period of testing and quality assurance + checking to ensure the highest reliability and + dependability.

          2.Obtaining FreeBSD

          FreeBSD may be obtained in a variety of ways. This section focuses on those ways that are primarily useful for obtaining a complete FreeBSD distribution, rather than updating an existing - installation.

          2.1.CDROM and DVD

          FreeBSD -RELEASE distributions may be ordered on CDROM or DVD + installation.

          2.1.CDROM and DVD

          FreeBSD -RELEASE distributions may be ordered on CDROM or DVD from several publishers. This is frequently the most convenient way to obtain FreeBSD for new installations, as it provides a convenient way to quickly reinstall the system if @@ -71,7 +62,7 @@ precompiled packages from the FreeBSD Ports Collection, or other extra material.

          A list of the CDROM and DVD publishers known to the project are listed in the Obtaining - FreeBSD appendix to the Handbook.

          2.2.FTP

          You can use FTP to retrieve FreeBSD and any or all of its + FreeBSD” appendix to the Handbook.

          2.2.FTP

          You can use FTP to retrieve FreeBSD and any or all of its optional packages from ftp://ftp.FreeBSD.org/, which is the official FreeBSD release site, or any of its mirrors.

          Lists of locations that mirror FreeBSD can be found in the @@ -87,9 +78,9 @@ floppy disk images (for applicable platforms), as well as the files necessary to do an installation over the network. Finally mirrors sites usually contain a set of packages for - the most current release.

          3.Contacting the FreeBSD Project

          3.1.Email and Mailing Lists

          For any questions or general technical support issues, + the most current release.

          3.Contacting the FreeBSD Project

          3.1.Email and Mailing Lists

          For any questions or general technical support issues, please send mail to the FreeBSD general questions mailing list.

          If you're tracking the 9.3-STABLE development efforts, you - must join the FreeBSD-CURRENT mailing list, in order to + must join the FreeBSD-STABLE mailing list, in order to keep abreast of recent developments and changes that may affect the way you use and maintain the system.

          Being a largely-volunteer effort, the FreeBSD Project is always happy to have extra hands willing to help—there are already far more desired enhancements than @@ -108,29 +99,26 @@ obtained either from the Mailman pages or the mailing lists section of the FreeBSD Web site.

          Important:

          Do not send email to the lists asking to be subscribed. Use the Mailman interface - instead.

          3.2.Submitting Problem Reports

          Suggestions, bug reports and contributions of code are + instead.

          3.2.Submitting Problem Reports

          Suggestions, bug reports and contributions of code are always valued—please do not hesitate to report any problems you may find. Bug reports with attached fixes are of - course even more welcome.

          The preferred method to submit bug reports from a machine - with Internet mail connectivity is to use the send-pr(1) - command. + course even more welcome.

          The method to submit bug reports from a machine + with Internet mail connectivity is to use the Bugzilla web + interface. Problem Reports (PRs) submitted in this way will be filed and their progress tracked; the FreeBSD developers will do their best to respond to all reported bugs as soon as - possible. A list - of all active PRs is available on the FreeBSD Web site; - this list is useful to see what potential problems other users - have encountered.

          Note that send-pr(1) itself is a shell script that - should be easy to move even onto a non-FreeBSD system. Using - this interface is highly preferred. If, for some reason, you - are unable to use send-pr(1) to submit a bug report, you - can try to send it to the FreeBSD problem reports mailing list.

          For more information, Writing + possible. A search + interface of all active PRs is available; + this list is useful to find what potential problems other users + have encountered.

          Note that send-pr(1) is a stub shell script, and + instructs to use the Bugzilla interface.

          For more information, Writing FreeBSD Problem Reports, available on the FreeBSD Web site, has a number of helpful hints on writing and submitting effective problem reports.

          4.Further Reading

          There are many sources of information about FreeBSD; some are included with this distribution, while others are available on-line or in print versions.

          4.1.Release Documentation

          A number of other files provide more specific information - about this snapshot distribution. These files are + about this release distribution. These files are provided in various formats. Most distributions will include both ASCII text (.TXT) and HTML (.HTM) renditions. Some distributions @@ -161,9 +149,9 @@ other copies are kept updated on the Internet and should be consulted as the current errata for this release. These other copies of the errata are located at - ../../../../releases/ (as + the FreeBSDreleases page (as well as any sites which keep up-to-date mirrors of this - location).

          4.2.Manual Pages

          As with almost all UNIX like operating systems, FreeBSD comes + location).

          4.2.Manual Pages

          As with almost all UNIX like operating systems, FreeBSD comes with a set of on-line manual pages, accessed through the man(1) command or through the hypertext manual pages gateway on the FreeBSD Web site. In general, the @@ -172,7 +160,7 @@ information on particular topics. Notable examples of such manual pages are tuning(7) (a guide to performance tuning), security(7) (an introduction to FreeBSD security), and - style(9) (a style guide to kernel coding).

          4.3.Books and Articles

          Two highly-useful collections of FreeBSD-related information, + style(9) (a style guide to kernel coding).

          4.3.Books and Articles

          Two highly-useful collections of FreeBSD-related information, maintained by the FreeBSD Project, are the FreeBSD Handbook and FreeBSD FAQ (Frequently Asked Questions document). On-line versions of the Handbook @@ -196,16 +184,16 @@ applicable as well, some of which are also listed in the bibliography.

          5.Acknowledgments

          FreeBSD represents the cumulative work of many hundreds, if not thousands, of individuals from around the world who have worked - countless hours to bring about this snapshot. For a + countless hours to bring about this release. For a complete list of FreeBSD developers and contributors, please see Contributors to FreeBSD on the FreeBSD Web site or any of its mirrors.

          Special thanks also go to the many thousands of FreeBSD users - and testers all over the world, without whom this snapshot + and testers all over the world, without whom this release simply would not have been possible.

          This file, and other release-related documents, can be downloaded from http://www.FreeBSD.org/releases/.

          For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.

          All users of FreeBSD 9.3-STABLE should - subscribe to the <current@FreeBSD.org> + subscribe to the <stable@FreeBSD.org> mailing list.

          For questions about this documentation, e-mail <doc@FreeBSD.org>.

          \ No newline at end of file Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Tue Jul 8 15:09:14 2014 (r45225) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Tue Jul 8 16:35:18 2014 (r45226) @@ -1,5 +1,5 @@ -FreeBSD 9.3-RELEASE Release Notes

          FreeBSD 9.3-RELEASE Release Notes

          The FreeBSD Project

          Copyright 2014 The FreeBSD Documentation +FreeBSD 9.3-RELEASE Release Notes

          FreeBSD 9.3-RELEASE Release Notes

          The FreeBSD Project

          Copyright 2014 The FreeBSD Documentation Project

          FreeBSD is a registered trademark of the FreeBSD Foundation.

          IBM, AIX, OS/2, PowerPC, PS/2, S/390, and ThinkPad are @@ -18,7 +18,7 @@ as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the or the - symbol.

          Last modified on 2014-07-01 by gjb.
          Abstract

          The release notes for FreeBSD 9.3-RELEASE contain + symbol.

          Last modified on 2014-07-08 by gjb.
          Abstract

          The release notes for FreeBSD 9.3-RELEASE contain a summary of the changes made to the FreeBSD base system on the 9.3-STABLE development line. This document lists applicable security advisories that were issued since the last @@ -28,9 +28,9 @@ 9.3-RELEASE. It describes recently added, changed, or deleted features of FreeBSD. It also provides some notes on upgrading from previous versions of FreeBSD.

          This distribution of FreeBSD 9.3-RELEASE is - a snapshot distribution. It can be found at http://www.FreeBSD.org/releases/ or any of its + a release distribution. It can be found at http://www.FreeBSD.org/releases/ or any of its mirrors. More information on obtaining this (or other) - snapshot distributions of FreeBSD can be found in the Obtaining + release distributions of FreeBSD can be found in the Obtaining FreeBSD appendix to the FreeBSD Handbook.

          All users are encouraged to consult the release errata before installing FreeBSD. The errata document is updated with @@ -302,7 +302,12 @@ updated to match that of FreeBSD-CURRENT. [r267379]

          The pmcstat(8) utility has been updated to include a new flag, -l, which ends event collection after the specified number of - seconds. [r267411]

          2.3.1.periodic(8) Scripts

          The + seconds. [r267411]

          The FreeBSDProject has migrated + from the GNATS bug tracking system + to Bugzilla. The send-pr(1) + utility used for submitting problem reports has been replaced + with a stub shell script that instructs to use the Bugzilla + web interface. [r267911]

          2.3.1.periodic(8) Scripts

          The /etc/periodic/security/800.loginfail periodic(8) script has been refined to catch more authentication failures and reduce false positives. [r263662]

          2.3.2.rc(8) Scripts

          Support for first boot @@ -329,7 +334,7 @@ been updated to support multiple byte orders. Similar to cap_mkdb(1), the services.db will be created with proper endinanness as part of - cross-architecture release builds. [r263028]

          3.Upgrading from Previous Releases of FreeBSD

          3.1.Upgrading Using freebsd-update(8) or a Source-Based + cross-architecture release builds. [r263028]

          3.Upgrading from Previous Releases of FreeBSD

          3.1.Upgrading Using freebsd-update(8) or a Source-Based Procedure

          [amd64,i386] Binary upgrades between RELEASE versions (and snapshots of the various security branches) are supported using the freebsd-update(8) utility. The binary upgrade @@ -343,7 +348,7 @@ /usr/src/UPDATING.

          For more specific information about upgrading instructions, see http://www.FreeBSD.org/releases/9.3R/installation.html.

          Important:

          Upgrading FreeBSD should only be attempted after backing up all data and - configuration files.

          3.2.User-Visible + configuration files.

          3.2.User-Visible Incompatibilities

          FreeBSD9.0 and later versions have several configuration incompatibilities with earlier versions of FreeBSD. These differences are best understood before upgrading. @@ -354,6 +359,6 @@ can be downloaded from http://www.FreeBSD.org/releases/.

          For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.

          All users of FreeBSD 9.3-STABLE should - subscribe to the <current@FreeBSD.org> + subscribe to the <stable@FreeBSD.org> mailing list.

          For questions about this documentation, e-mail <doc@FreeBSD.org>.

          \ No newline at end of file From owner-svn-doc-all@FreeBSD.ORG Tue Jul 8 16:46:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id ECB70114; Tue, 8 Jul 2014 16:46:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D9DD727DB; Tue, 8 Jul 2014 16:46:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s68Gkg0e070801; Tue, 8 Jul 2014 16:46:42 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s68GkgAP070800; Tue, 8 Jul 2014 16:46:42 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407081646.s68GkgAP070800@svn.freebsd.org> From: Glen Barber Date: Tue, 8 Jul 2014 16:46:42 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45227 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jul 2014 16:46:43 -0000 Author: gjb Date: Tue Jul 8 16:46:42 2014 New Revision: 45227 URL: http://svnweb.freebsd.org/changeset/doc/45227 Log: Connect the 9.3R errata.html, hardware.html, and readme.html pages to the build. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/Makefile Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/Makefile ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/Makefile Tue Jul 8 16:35:18 2014 (r45226) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/Makefile Tue Jul 8 16:46:42 2014 (r45227) @@ -11,7 +11,10 @@ DOCS= schedule.xml \ todo.xml DATA= docbook.css \ + errata.html \ + hardware.html \ installation.html \ + readme.html \ relnotes.html .include "${DOC_PREFIX}/share/mk/web.site.mk" From owner-svn-doc-all@FreeBSD.ORG Tue Jul 8 19:47:48 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 164C0735; Tue, 8 Jul 2014 19:47:48 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F268A29D2; Tue, 8 Jul 2014 19:47:47 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s68Jll8h054951; Tue, 8 Jul 2014 19:47:47 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s68JllPN054950; Tue, 8 Jul 2014 19:47:47 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407081947.s68JllPN054950@svn.freebsd.org> From: Glen Barber Date: Tue, 8 Jul 2014 19:47:47 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45228 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jul 2014 19:47:48 -0000 Author: gjb Date: Tue Jul 8 19:47:47 2014 New Revision: 45228 URL: http://svnweb.freebsd.org/changeset/doc/45228 Log: Regen after r268423. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Tue Jul 8 16:46:42 2014 (r45227) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Tue Jul 8 19:47:47 2014 (r45228) @@ -322,7 +322,48 @@ DK Hostmaster A/S)

          The xz(1) utility has been updated to a post-5.0.5 snapshot. [r263286]

          OpenSSH has been updated to version 6.6p1. [r263970]

          OpenSSL has - been updated to version 0.9.8za. [r267285]

          2.5.Release Engineering and Integration

          As part of the release build, the + been updated to version 0.9.8za. [r267285]

          2.5.Ports and Packages

          Important:

          Note to FreeBSD desktop users: please read this section + carefully, especially before upgrading ports that + depend on Xorg.

          In April 2014, the FreeBSD Ports collection switched to a + newer version of Xorg that supports + KMS (Kernel Mode Setting).

          Users upgrading from earlier versions of FreeBSD9.x or + FreeBSD8.x should be aware of several things regarding + Xorg:

          +

          • When applications are built from the FreeBSD Ports + Collection or installed from the new_xorg + pkg(8) repository, the newer, KMS-aware version of + Xorg is used.

          • The KMS version of + Xorg does not switch back to + text mode after leaving the X desktop environment, and + the system console will not be visible. The new + vt(4) console driver supports graphic consoles and + keeps the console visible after X has exited. The + vt(4) driver must be compiled into the kernel. + A VT kernel configuration example + file is included in 9.3-RELEASE, but is not + compiled or enabled by default. See vt(4) and the + vt(4) wiki + page for additional information.

          • The older Xorg that does + not support KMS can still be + installed from the latest upstream + pkg(8) repository and the packages included on the + 9.3-RELEASE DVD.

            However, it is important to note that some newer + applications require the newer + Xorg, and will not work with + the old version. The newer + Xorg is recommended, and + should be used unless not compatible with legacy + graphics cards.

            To continue using the old version of + Xorg when building from the + FreeBSDPorts Collection, set + WITHOUT_NEW_XORG=yes in + make.conf(5).

            Packages for KDE4 are not + available in the default (latest) + pkg(8) repository, however are available in the + new_xorg repository. See the announcement + email for details on how to use the + new_xorg repository.

          +

          2.6.Release Engineering and Integration

          As part of the release build, the etcupdate(8) utility will bootstrap the system, allowing etcupdate(8) to work after the first upgrade of a system. [r260891]

          The release.sh @@ -334,7 +375,7 @@ been updated to support multiple byte orders. Similar to cap_mkdb(1), the services.db will be created with proper endinanness as part of - cross-architecture release builds. [r263028]

          3.Upgrading from Previous Releases of FreeBSD

          3.1.Upgrading Using freebsd-update(8) or a Source-Based + cross-architecture release builds. [r263028]

          3.Upgrading from Previous Releases of FreeBSD

          3.1.Upgrading Using freebsd-update(8) or a Source-Based Procedure

          [amd64,i386] Binary upgrades between RELEASE versions (and snapshots of the various security branches) are supported using the freebsd-update(8) utility. The binary upgrade @@ -348,7 +389,7 @@ /usr/src/UPDATING.

          For more specific information about upgrading instructions, see http://www.FreeBSD.org/releases/9.3R/installation.html.

          Important:

          Upgrading FreeBSD should only be attempted after backing up all data and - configuration files.

          3.2.User-Visible + configuration files.

          3.2.User-Visible Incompatibilities

          FreeBSD9.0 and later versions have several configuration incompatibilities with earlier versions of FreeBSD. These differences are best understood before upgrading. From owner-svn-doc-all@FreeBSD.ORG Tue Jul 8 19:57:08 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B3F872D6; Tue, 8 Jul 2014 19:57:08 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 81DDA2B05; Tue, 8 Jul 2014 19:57:08 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s68Jv8ZX060315; Tue, 8 Jul 2014 19:57:08 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s68Jv8hQ060314; Tue, 8 Jul 2014 19:57:08 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407081957.s68Jv8hQ060314@svn.freebsd.org> From: Glen Barber Date: Tue, 8 Jul 2014 19:57:08 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45229 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jul 2014 19:57:08 -0000 Author: gjb Date: Tue Jul 8 19:57:08 2014 New Revision: 45229 URL: http://svnweb.freebsd.org/changeset/doc/45229 Log: Regen after r268425. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Tue Jul 8 19:47:47 2014 (r45228) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Tue Jul 8 19:57:08 2014 (r45229) @@ -1,5 +1,5 @@ -FreeBSD 9.3-RELEASE Release Notes

          FreeBSD 9.3-RELEASE Release Notes

          The FreeBSD Project

          Copyright 2014 The FreeBSD Documentation +FreeBSD 9.3-RELEASE Release Notes

          FreeBSD 9.3-RELEASE Release Notes

          The FreeBSD Project

          Copyright 2014 The FreeBSD Documentation Project

          FreeBSD is a registered trademark of the FreeBSD Foundation.

          IBM, AIX, OS/2, PowerPC, PS/2, S/390, and ThinkPad are @@ -229,11 +229,7 @@ file takes on the disk to match the behavior documented in newsyslog.conf(5). [r262076]

          A bug in zdb(8) which would cause numeric parameters to a flag as being treated as additional - flags has been fixed. [r262105]

          The default number of nfsd(8) - threads has been increased from 4 to - (8 * N), where N is - the number of CPUs as reported by - sysctl -n hw.ncpu. [r262124]

          The pciconf(8) utility now has + flags has been fixed. [r262105]

          The pciconf(8) utility now has a -V flag, which lists information such as serial numbers for each device. [r262134]

          A bug that would allow creating a zfs(8) snapshot of an inconsistent dataset has been @@ -343,7 +339,12 @@ file is included in 9.3-RELEASE, but is not compiled or enabled by default. See vt(4) and the vt(4) wiki - page for additional information.

        2. The older Xorg that does + page for additional information.

        3. Packages for KDE4 are not + available in the default (latest) + pkg(8) repository, however are available in the + new_xorg repository. See the announcement + email for details on how to use the + new_xorg repository.

          The older Xorg that does not support KMS can still be installed from the latest upstream pkg(8) repository and the packages included on the @@ -357,12 +358,7 @@ Xorg when building from the FreeBSDPorts Collection, set WITHOUT_NEW_XORG=yes in - make.conf(5).

          Packages for KDE4 are not - available in the default (latest) - pkg(8) repository, however are available in the - new_xorg repository. See the announcement - email for details on how to use the - new_xorg repository.

    + make.conf(5).

    2.6.Release Engineering and Integration

    As part of the release build, the etcupdate(8) utility will bootstrap the system, allowing etcupdate(8) to work after the first upgrade of a @@ -375,7 +371,7 @@ been updated to support multiple byte orders. Similar to cap_mkdb(1), the services.db will be created with proper endinanness as part of - cross-architecture release builds. [r263028]

    3.Upgrading from Previous Releases of FreeBSD

    3.1.Upgrading Using freebsd-update(8) or a Source-Based + cross-architecture release builds. [r263028]

    3.Upgrading from Previous Releases of FreeBSD

    3.1.Upgrading Using freebsd-update(8) or a Source-Based Procedure

    [amd64,i386] Binary upgrades between RELEASE versions (and snapshots of the various security branches) are supported using the freebsd-update(8) utility. The binary upgrade @@ -389,7 +385,7 @@ /usr/src/UPDATING.

    For more specific information about upgrading instructions, see http://www.FreeBSD.org/releases/9.3R/installation.html.

    Important:

    Upgrading FreeBSD should only be attempted after backing up all data and - configuration files.

    3.2.User-Visible + configuration files.

    3.2.User-Visible Incompatibilities

    FreeBSD9.0 and later versions have several configuration incompatibilities with earlier versions of FreeBSD. These differences are best understood before upgrading. From owner-svn-doc-all@FreeBSD.ORG Tue Jul 8 22:23:28 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 06C77F7D; Tue, 8 Jul 2014 22:23:28 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E561028A5; Tue, 8 Jul 2014 22:23:27 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s68MNR7j035397; Tue, 8 Jul 2014 22:23:27 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s68MNQBh035382; Tue, 8 Jul 2014 22:23:26 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201407082223.s68MNQBh035382@svn.freebsd.org> From: Xin LI Date: Tue, 8 Jul 2014 22:23:26 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45230 - in head/share: security/advisories security/patches/EN-14:09 security/patches/SA-14:17 xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jul 2014 22:23:28 -0000 Author: delphij Date: Tue Jul 8 22:23:25 2014 New Revision: 45230 URL: http://svnweb.freebsd.org/changeset/doc/45230 Log: Add SA-14:17.kmem and EN-14:09.jail. Added: head/share/security/advisories/FreeBSD-EN-14:09.jail.asc (contents, props changed) head/share/security/advisories/FreeBSD-SA-14:17.kmem.asc (contents, props changed) head/share/security/patches/EN-14:09/ head/share/security/patches/EN-14:09/jail.patch (contents, props changed) head/share/security/patches/EN-14:09/jail.patch.asc (contents, props changed) head/share/security/patches/SA-14:17/ head/share/security/patches/SA-14:17/kmem-89.patch (contents, props changed) head/share/security/patches/SA-14:17/kmem-89.patch.asc (contents, props changed) head/share/security/patches/SA-14:17/kmem-9.1.patch (contents, props changed) head/share/security/patches/SA-14:17/kmem-9.1.patch.asc (contents, props changed) head/share/security/patches/SA-14:17/kmem.patch (contents, props changed) head/share/security/patches/SA-14:17/kmem.patch.asc (contents, props changed) Modified: head/share/xml/advisories.xml head/share/xml/notices.xml Added: head/share/security/advisories/FreeBSD-EN-14:09.jail.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-EN-14:09.jail.asc Tue Jul 8 22:23:25 2014 (r45230) @@ -0,0 +1,121 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-14:09.jail Errata Notice + The FreeBSD Project + +Topic: Jail fails to start if WITHOUT_INET/WITHOUT_INET6 is used + +Category: core +Module: jail +Announced: 2014-07-08 +Credits: Eugene Grosbein, Chris Rees +Affects: FreeBSD 8.4 +Corrected: 2014-07-02 19:18:59 UTC (stable/8, 8.4-STABLE) + 2014-07-08 21:55:39 UTC (releng/8.4, 8.4-RELEASE-p14) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +. + +I. Background + +The jail(8) utility creates new jails, or modifies or removes existing +jails. + +II. Problem Description + +The jail(8) rc(8) script used to start jails on the system does not +properly detect if an address protocol is in use on the system. + +III. Impact + +When the FreeBSD kernel and userland are built either without IPv4 or IPv6 +support by defining WITHOUT_INET or WITHOUT_INET6 in src.conf(5), the jail(8) +will fail to start with an non-descriptive error. + +IV. Workaround + +No workaround is available, however systems that do not define WITHOUT_INET +or WITHOUT_INET6 are not affected. + +V. Solution + +Perform one of the following: + +1) Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date. + +2) To update your present system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch http://security.FreeBSD.org/patches/EN-14:09/jail.patch +# fetch http://security.FreeBSD.org/patches/EN-14:09/jail.patch.asc +# gpg --verify jail.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile the operating system using buildworld and installworld as +described in . + +3) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +VI. Correction details + +The following list contains the revision numbers of each file that was +corrected in FreeBSD. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/8/ r268168 +releng/8.4/ r268435 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + +The latest revision of this Errata Notice is available at +http://security.FreeBSD.org/advisories/FreeBSD-EN-14:09.jail.asc + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2 + +iQIcBAEBCgAGBQJTvG0oAAoJEO1n7NZdz2rnEeUP+gJuYN0VoSbT+0zPJH9u61/K +gJma3dUY4zuKDRyLhYNTCM+fKIwCZ07+9lesAeDm8mXts0UGGvjSHVqxXlG1hiGi +2W8AxNzvV0FQuE6awlz8dDE2ikATkae7VPBoLraq0a7CEH4kW/mnl4+xQ3I2Hgc+ +wTmF+R13mb905xbF+52aj1jDUus8+ZFuDY0VRV3IY34i9OxcnoQO+T8v1w6d9ly3 +KbHmZXd2LPS0yeITAWuk4p1gwl8vi7uz7IiJcxrw/YEOUC6LkHO5/JUPRDz1O5Dd +snRmFFF5w77u5bYWpHHU6kw4/k0GwuS1jfQnQm1ag/Gl8A1O4BA4ixvItOrU/FiT +KxoOsdrMgD9jvIyHKOGPyio+FQuRdn+TsyE7WDw/MO2sZ3Et8nG49PccSbFQxuWu +IFXoK+1gI1Vst5YlMUwbCwQRCuBawaUVhfWqF5jIeVvW2uPRr6S1rIJOyGy/HlKO +HwdEtBbDcukWYojjG3pcORdv/HaQkN47NrJrJ6bWldJCshhSwPJ1ivyKLL16hjf2 +H/Tk+IHfVULjxgMEY7wQ3fL6kkgMHbrfxhBSy6LVYJggzvV+hgJXNY0116gUuAhA +5UTKFfEHyXDtlgsTHSyETiHw3qXQ6JmyNUPepuAcf1Ly/yTvlFPhM56R52ZjBLRs +rQOf3Vdelgpnpo4olu7L +=4r/Q +-----END PGP SIGNATURE----- Added: head/share/security/advisories/FreeBSD-SA-14:17.kmem.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-SA-14:17.kmem.asc Tue Jul 8 22:23:25 2014 (r45230) @@ -0,0 +1,170 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-SA-14:17.kmem Security Advisory + The FreeBSD Project + +Topic: Kernel memory disclosure in control messages and SCTP + notifications + +Category: core +Module: kern, sctp +Announced: 2014-07-08 +Credits: Michael Tuexen +Affects: All supported versions of FreeBSD. +Corrected: 2014-07-08 21:54:50 UTC (stable/10, 10.0-STABLE) + 2014-07-08 21:55:27 UTC (releng/10.0, 10.0-RELEASE-p7) + 2014-07-08 21:54:50 UTC (stable/9, 9.3-PRERELEASE) + 2014-07-08 21:55:27 UTC (releng/9.3, 9.3-RC3-p1) + 2014-07-08 21:55:27 UTC (releng/9.3, 9.3-RC2-p1) + 2014-07-08 21:55:27 UTC (releng/9.3, 9.3-RC1-p2) + 2014-07-08 21:55:27 UTC (releng/9.3, 9.3-BETA3-p2) + 2014-07-08 21:55:27 UTC (releng/9.2, 9.2-RELEASE-p10) + 2014-07-08 21:55:27 UTC (releng/9.1, 9.1-RELEASE-p17) + 2014-07-08 21:54:50 UTC (stable/8, 8.4-STABLE) + 2014-07-08 21:55:39 UTC (releng/8.4, 8.4-RELEASE-p14) +CVE Name: CVE-2014-3952, CVE-2014-3953 + +For general information regarding FreeBSD Security Advisories, +including descriptions of the fields above, security branches, and the +following sections, please visit . + +I. Background + +The control message API is used to construct ancillary data objects for +use in control messages sent and received across sockets and passed via +the recvmsg(2) and sendmsg(2) system calls. + +II. Problem Description + +Buffer between control message header and data may not be completely +initialized before being copied to userland. [CVE-2014-3952] + +Three SCTP cmsgs, SCTP_SNDRCV, SCTP_EXTRCV and SCTP_RCVINFO, have implicit +padding that may not be completely initialized before being copied to +userland. In addition, three SCTP notifications, SCTP_PEER_ADDR_CHANGE, +SCTP_REMOTE_ERROR and SCTP_AUTHENTICATION_EVENT, have padding in the +returning data structure that may not be completely initialized before +being copied to userland. [CVE-2014-3953] + +III. Impact + +An unprivileged local process may be able to retrieve portion of kernel +memory. + +For the generic control message, the process may be able to retrieve a +maximum of 4 bytes of kernel memory. + +For SCTP, the process may be able to retrieve 2 bytes of kernel memory +for all three control messages, plus 92 bytes for SCTP_SNDRCV and 76 +bytes for SCTP_EXTRCV. If the local process is permitted to receive +SCTP notification, a maximum of 112 bytes of kernel memory may be +returned to userland. + +This information might be directly useful, or it might be leveraged to +obtain elevated privileges in some way. For example, a terminal buffer +might include a user-entered password. + +IV. Workaround + +No workaround is available. + +V. Solution + +Perform one of the following: + +1) Upgrade your vulnerable system to a supported FreeBSD stable or +release / security branch (releng) dated after the correction date. + +2) To update your vulnerable system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +[FreeBSD 10.0] +# fetch http://security.FreeBSD.org/patches/SA-14:17/kmem.patch +# fetch http://security.FreeBSD.org/patches/SA-14:17/kmem.patch.asc +# gpg --verify kmem.patch.asc + +[FreeBSD 8.4, 9.2 and 9.3-RC] +# fetch http://security.FreeBSD.org/patches/SA-14:17/kmem-89.patch +# fetch http://security.FreeBSD.org/patches/SA-14:17/kmem-89.patch.asc +# gpg --verify kmem.patch.asc + +[FreeBSD 9.2] +# fetch http://security.FreeBSD.org/patches/SA-14:17/kmem-9.1.patch +# fetch http://security.FreeBSD.org/patches/SA-14:17/kmem-9.1.patch.asc +# gpg --verify kmem.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile your kernel as described in + and reboot the +system. + +3) To update your vulnerable system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +VI. Correction details + +The following list contains the correction revision numbers for each +affected branch. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/8/ r268432 +releng/8.4/ r268435 +stable/9/ r268432 +releng/9.1/ r268434 +releng/9.2/ r268434 +releng/9.3/ r268433 +stable/10/ r268432 +releng/10.0/ r268434 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + + + + +The latest revision of this advisory is available at + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2 + +iQIcBAEBCgAGBQJTvG0nAAoJEO1n7NZdz2rn9w0QANVDZ/92sbXjrREbn/qDto75 +opjg7cJUne0tAkeqoCxYNiCT0yxI4M37N41Hvq1ZbA0HFgodjb5s6pXTZ4baB4PH +CKxMvk8NB8PAw3+JfG9Ec8e4MaUd0Md04yNx/Ej1zdDz75rhHcqGiK2Agm086RSV +K7TyzZXr1QrjJCSltM5dcXHacMgIZ7OxxY/e4DrI7tsEQk50wmlSKcZZI0GC8o+p +DzhcMP+7qN9wNcZaXNNlLxLlthjlwudnGuFwg4DzkUCjCu2ooyerOref4UDWXmN8 +bky3U9wx5PnM/LmocWAPYCgA58WckbPooiWEWGWJJeogbVi6+vVNOe1516vAeTep +MyGLpdP6v2tSo6XI33yd2YrxDMGOdFN1+ZfeDvFyBk9JFEfMhKHio84967hQRQN6 +pz1+0Ga119akQZKnBs3z9YhPze26sJB+tgTdIUJnunVysdslKI2EYcJ1R+UNIoDB +h5XClPqAWyupfohp2TD8vM5RT+x6CaeW4P08KRpg8PTmqHi7CNB5wgFASG2uC/BT +3qZDebjE7CMCQ35wEWBwVHt8SK0MwaIb9u4A+Fxf/plNDwqKqtQ7LdhI/fabJl5T +IP3RbQLdiGyRAtOwcgXbmIGd2k3E9TNCQa5AdiUjiE5zGcRUs3iywVtyvellnVpI +yAc2ussNLU5vJef4t30X +=u6Xe +-----END PGP SIGNATURE----- Added: head/share/security/patches/EN-14:09/jail.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-14:09/jail.patch Tue Jul 8 22:23:25 2014 (r45230) @@ -0,0 +1,15 @@ +Index: etc/rc.d/jail +=================================================================== +--- etc/rc.d/jail (revision 268273) ++++ etc/rc.d/jail (working copy) +@@ -647,7 +647,9 @@ jail_start() + done + + eval ${_setfib} jail -n ${_jail} ${_flags} -i -c path=${_rootdir} host.hostname=${_hostname} \ +- ip4.addr=\"${_addrl}\" ip6.addr=\"${_addr6l}\" ${_parameters} command=${_exec_start} > ${_tmp_jail} 2>&1 ++ ${_addrl:+ip4.addr=\"${_addrl}\"} ${_addr6l:+ip6.addr=\"${_addr6l}\"} \ ++ ${_parameters} command=${_exec_start} > ${_tmp_jail} 2>&1 \ ++ m_len = 0; + KASSERT(CMSG_SPACE((u_int)size) <= M_TRAILINGSPACE(m), + ("sbcreatecontrol: short mbuf")); ++ /* ++ * Don't leave the padding between the msg header and the ++ * cmsg data and the padding after the cmsg data un-initialized. ++ */ ++ bzero(cp, CMSG_SPACE((u_int)size)); + if (p != NULL) + (void)memcpy(CMSG_DATA(cp), p, size); + m->m_len = CMSG_SPACE(size); +Index: sys/netinet/sctp_auth.c +=================================================================== +--- sys/netinet/sctp_auth.c (revision 268273) ++++ sys/netinet/sctp_auth.c (working copy) +@@ -1790,6 +1790,7 @@ sctp_notify_authentication(struct sctp_tcb *stcb, + + SCTP_BUF_LEN(m_notify) = 0; + auth = mtod(m_notify, struct sctp_authkey_event *); ++ memset(auth, 0, sizeof(struct sctp_authkey_event)); + auth->auth_type = SCTP_AUTHENTICATION_EVENT; + auth->auth_flags = 0; + auth->auth_length = sizeof(*auth); +Index: sys/netinet/sctp_indata.c +=================================================================== +--- sys/netinet/sctp_indata.c (revision 268273) ++++ sys/netinet/sctp_indata.c (working copy) +@@ -250,6 +250,11 @@ sctp_build_ctl_nchunk(struct sctp_inpcb *inp, stru + + /* We need a CMSG header followed by the struct */ + cmh = mtod(ret, struct cmsghdr *); ++ /* ++ * Make sure that there is no un-initialized padding between the ++ * cmsg header and cmsg data and after the cmsg data. ++ */ ++ memset(cmh, 0, len); + if (sctp_is_feature_on(inp, SCTP_PCB_FLAGS_RECVRCVINFO)) { + cmh->cmsg_level = IPPROTO_SCTP; + cmh->cmsg_len = CMSG_LEN(sizeof(struct sctp_rcvinfo)); +Index: sys/netinet/sctputil.c +=================================================================== +--- sys/netinet/sctputil.c (revision 268273) ++++ sys/netinet/sctputil.c (working copy) +@@ -2622,6 +2622,7 @@ sctp_notify_assoc_change(uint16_t state, struct sc + } + SCTP_BUF_NEXT(m_notify) = NULL; + sac = mtod(m_notify, struct sctp_assoc_change *); ++ memset(sac, 0, notif_len); + sac->sac_type = SCTP_ASSOC_CHANGE; + sac->sac_flags = 0; + sac->sac_length = sizeof(struct sctp_assoc_change); +@@ -2835,11 +2836,10 @@ sctp_notify_send_failed(struct sctp_tcb *stcb, uin + if (m_notify == NULL) + /* no space left */ + return; +- length += chk->send_size; +- length -= sizeof(struct sctp_data_chunk); + SCTP_BUF_LEN(m_notify) = 0; + if (sctp_stcb_is_feature_on(stcb->sctp_ep, stcb, SCTP_PCB_FLAGS_RECVNSENDFAILEVNT)) { + ssfe = mtod(m_notify, struct sctp_send_failed_event *); ++ memset(ssfe, 0, length); + ssfe->ssfe_type = SCTP_SEND_FAILED_EVENT; + if (sent) { + ssfe->ssfe_flags = SCTP_DATA_SENT; +@@ -2846,10 +2846,11 @@ sctp_notify_send_failed(struct sctp_tcb *stcb, uin + } else { + ssfe->ssfe_flags = SCTP_DATA_UNSENT; + } ++ length += chk->send_size; ++ length -= sizeof(struct sctp_data_chunk); + ssfe->ssfe_length = length; + ssfe->ssfe_error = error; + /* not exactly what the user sent in, but should be close :) */ +- bzero(&ssfe->ssfe_info, sizeof(ssfe->ssfe_info)); + ssfe->ssfe_info.snd_sid = chk->rec.data.stream_number; + ssfe->ssfe_info.snd_flags = chk->rec.data.rcv_flags; + ssfe->ssfe_info.snd_ppid = chk->rec.data.payloadtype; +@@ -2859,6 +2860,7 @@ sctp_notify_send_failed(struct sctp_tcb *stcb, uin + SCTP_BUF_LEN(m_notify) = sizeof(struct sctp_send_failed_event); + } else { + ssf = mtod(m_notify, struct sctp_send_failed *); ++ memset(ssf, 0, length); + ssf->ssf_type = SCTP_SEND_FAILED; + if (sent) { + ssf->ssf_flags = SCTP_DATA_SENT; +@@ -2865,6 +2867,8 @@ sctp_notify_send_failed(struct sctp_tcb *stcb, uin + } else { + ssf->ssf_flags = SCTP_DATA_UNSENT; + } ++ length += chk->send_size; ++ length -= sizeof(struct sctp_data_chunk); + ssf->ssf_length = length; + ssf->ssf_error = error; + /* not exactly what the user sent in, but should be close :) */ +@@ -2948,16 +2952,16 @@ sctp_notify_send_failed2(struct sctp_tcb *stcb, ui + /* no space left */ + return; + } +- length += sp->length; + SCTP_BUF_LEN(m_notify) = 0; + if (sctp_stcb_is_feature_on(stcb->sctp_ep, stcb, SCTP_PCB_FLAGS_RECVNSENDFAILEVNT)) { + ssfe = mtod(m_notify, struct sctp_send_failed_event *); ++ memset(ssfe, 0, length); + ssfe->ssfe_type = SCTP_SEND_FAILED_EVENT; + ssfe->ssfe_flags = SCTP_DATA_UNSENT; ++ length += sp->length; + ssfe->ssfe_length = length; + ssfe->ssfe_error = error; + /* not exactly what the user sent in, but should be close :) */ +- bzero(&ssfe->ssfe_info, sizeof(ssfe->ssfe_info)); + ssfe->ssfe_info.snd_sid = sp->stream; + if (sp->some_taken) { + ssfe->ssfe_info.snd_flags = SCTP_DATA_LAST_FRAG; +@@ -2971,12 +2975,13 @@ sctp_notify_send_failed2(struct sctp_tcb *stcb, ui + SCTP_BUF_LEN(m_notify) = sizeof(struct sctp_send_failed_event); + } else { + ssf = mtod(m_notify, struct sctp_send_failed *); ++ memset(ssf, 0, length); + ssf->ssf_type = SCTP_SEND_FAILED; + ssf->ssf_flags = SCTP_DATA_UNSENT; ++ length += sp->length; + ssf->ssf_length = length; + ssf->ssf_error = error; + /* not exactly what the user sent in, but should be close :) */ +- bzero(&ssf->ssf_info, sizeof(ssf->ssf_info)); + ssf->ssf_info.sinfo_stream = sp->stream; + ssf->ssf_info.sinfo_ssn = 0; + if (sp->some_taken) { +@@ -3038,6 +3043,7 @@ sctp_notify_adaptation_layer(struct sctp_tcb *stcb + return; + SCTP_BUF_LEN(m_notify) = 0; + sai = mtod(m_notify, struct sctp_adaptation_event *); ++ memset(sai, 0, sizeof(struct sctp_adaptation_event)); + sai->sai_type = SCTP_ADAPTATION_INDICATION; + sai->sai_flags = 0; + sai->sai_length = sizeof(struct sctp_adaptation_event); +@@ -3093,6 +3099,7 @@ sctp_notify_partial_delivery_indication(struct sct + return; + SCTP_BUF_LEN(m_notify) = 0; + pdapi = mtod(m_notify, struct sctp_pdapi_event *); ++ memset(pdapi, 0, sizeof(struct sctp_pdapi_event)); + pdapi->pdapi_type = SCTP_PARTIAL_DELIVERY_EVENT; + pdapi->pdapi_flags = 0; + pdapi->pdapi_length = sizeof(struct sctp_pdapi_event); +@@ -3202,6 +3209,7 @@ sctp_notify_shutdown_event(struct sctp_tcb *stcb) + /* no space left */ + return; + sse = mtod(m_notify, struct sctp_shutdown_event *); ++ memset(sse, 0, sizeof(struct sctp_shutdown_event)); + sse->sse_type = SCTP_SHUTDOWN_EVENT; + sse->sse_flags = 0; + sse->sse_length = sizeof(struct sctp_shutdown_event); +@@ -3252,6 +3260,7 @@ sctp_notify_sender_dry_event(struct sctp_tcb *stcb + } + SCTP_BUF_LEN(m_notify) = 0; + event = mtod(m_notify, struct sctp_sender_dry_event *); ++ memset(event, 0, sizeof(struct sctp_sender_dry_event)); + event->sender_dry_type = SCTP_SENDER_DRY_EVENT; + event->sender_dry_flags = 0; + event->sender_dry_length = sizeof(struct sctp_sender_dry_event); +@@ -3284,7 +3293,6 @@ sctp_notify_stream_reset_add(struct sctp_tcb *stcb + struct mbuf *m_notify; + struct sctp_queued_to_read *control; + struct sctp_stream_change_event *stradd; +- int len; + + if ((stcb == NULL) || + (sctp_stcb_is_feature_off(stcb->sctp_ep, stcb, SCTP_PCB_FLAGS_STREAM_CHANGEEVNT))) { +@@ -3297,25 +3305,20 @@ sctp_notify_stream_reset_add(struct sctp_tcb *stcb + return; + } + stcb->asoc.peer_req_out = 0; +- m_notify = sctp_get_mbuf_for_msg(MCLBYTES, 0, M_DONTWAIT, 1, MT_DATA); ++ m_notify = sctp_get_mbuf_for_msg(sizeof(struct sctp_stream_change_event), 0, M_DONTWAIT, 1, MT_DATA); + if (m_notify == NULL) + /* no space left */ + return; + SCTP_BUF_LEN(m_notify) = 0; +- len = sizeof(struct sctp_stream_change_event); +- if (len > M_TRAILINGSPACE(m_notify)) { +- /* never enough room */ +- sctp_m_freem(m_notify); +- return; +- } + stradd = mtod(m_notify, struct sctp_stream_change_event *); ++ memset(stradd, 0, sizeof(struct sctp_stream_change_event)); + stradd->strchange_type = SCTP_STREAM_CHANGE_EVENT; + stradd->strchange_flags = flag; +- stradd->strchange_length = len; ++ stradd->strchange_length = sizeof(struct sctp_stream_change_event); + stradd->strchange_assoc_id = sctp_get_associd(stcb); + stradd->strchange_instrms = numberin; + stradd->strchange_outstrms = numberout; +- SCTP_BUF_LEN(m_notify) = len; ++ SCTP_BUF_LEN(m_notify) = sizeof(struct sctp_stream_change_event); + SCTP_BUF_NEXT(m_notify) = NULL; + if (sctp_sbspace(&stcb->asoc, &stcb->sctp_socket->so_rcv) < SCTP_BUF_LEN(m_notify)) { + /* no space */ +@@ -3346,7 +3349,6 @@ sctp_notify_stream_reset_tsn(struct sctp_tcb *stcb + struct mbuf *m_notify; + struct sctp_queued_to_read *control; + struct sctp_assoc_reset_event *strasoc; +- int len; + + if ((stcb == NULL) || + (sctp_stcb_is_feature_off(stcb->sctp_ep, stcb, SCTP_PCB_FLAGS_ASSOC_RESETEVNT))) { +@@ -3353,25 +3355,20 @@ sctp_notify_stream_reset_tsn(struct sctp_tcb *stcb + /* event not enabled */ + return; + } +- m_notify = sctp_get_mbuf_for_msg(MCLBYTES, 0, M_DONTWAIT, 1, MT_DATA); ++ m_notify = sctp_get_mbuf_for_msg(sizeof(struct sctp_assoc_reset_event), 0, M_DONTWAIT, 1, MT_DATA); + if (m_notify == NULL) + /* no space left */ + return; + SCTP_BUF_LEN(m_notify) = 0; +- len = sizeof(struct sctp_assoc_reset_event); +- if (len > M_TRAILINGSPACE(m_notify)) { +- /* never enough room */ +- sctp_m_freem(m_notify); +- return; +- } + strasoc = mtod(m_notify, struct sctp_assoc_reset_event *); ++ memset(strasoc, 0, sizeof(struct sctp_assoc_reset_event)); + strasoc->assocreset_type = SCTP_ASSOC_RESET_EVENT; + strasoc->assocreset_flags = flag; +- strasoc->assocreset_length = len; ++ strasoc->assocreset_length = sizeof(struct sctp_assoc_reset_event); + strasoc->assocreset_assoc_id = sctp_get_associd(stcb); + strasoc->assocreset_local_tsn = sending_tsn; + strasoc->assocreset_remote_tsn = recv_tsn; +- SCTP_BUF_LEN(m_notify) = len; ++ SCTP_BUF_LEN(m_notify) = sizeof(struct sctp_assoc_reset_event); + SCTP_BUF_NEXT(m_notify) = NULL; + if (sctp_sbspace(&stcb->asoc, &stcb->sctp_socket->so_rcv) < SCTP_BUF_LEN(m_notify)) { + /* no space */ +@@ -3424,6 +3421,7 @@ sctp_notify_stream_reset(struct sctp_tcb *stcb, + return; + } + strreset = mtod(m_notify, struct sctp_stream_reset_event *); ++ memset(strreset, 0, len); + strreset->strreset_type = SCTP_STREAM_RESET_EVENT; + strreset->strreset_flags = flag; + strreset->strreset_length = len; +@@ -6236,9 +6234,12 @@ sctp_soreceive(struct socket *so, + fromlen = 0; + } + ++ if (filling_sinfo) { ++ memset(&sinfo, 0, sizeof(struct sctp_extrcvinfo)); ++ } + error = sctp_sorecvmsg(so, uio, mp0, from, fromlen, flagsp, + (struct sctp_sndrcvinfo *)&sinfo, filling_sinfo); +- if ((controlp) && (filling_sinfo)) { ++ if (controlp != NULL) { + /* copy back the sinfo in a CMSG format */ + if (filling_sinfo) + *controlp = sctp_build_ctl_nchunk(inp, Added: head/share/security/patches/SA-14:17/kmem-89.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-14:17/kmem-89.patch.asc Tue Jul 8 22:23:25 2014 (r45230) @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2 + +iQIcBAABCgAGBQJTvG1sAAoJEO1n7NZdz2rnxSAQAMOj+4y12nfK7TJZZV6Knr2O +Cxgee7T0CV6j7+pdSoN0KNsat6Yl9+s5tM3Akr2kkvSoviZQcXlQopJmZhjyiT3u +/RHankNfsRdZDoXzgHMkD2922eQbwz0O5MOeV+dysQCfYNW31890nCviVTr5a5SH +0C20+ka1nelBPaea4RNgyKBUEs3PAzfTz5yDRzRLFhl/8EqV/Pcom62IyEFe9TB9 +IxPk+DT3tpynWA2XioQFc3vLYz0NxBSCdsWnk9klWvmkLwJUkGGcUztWokU675ez +4bvb018YPOaqikePymMzUluLpZZH8P0Om2hnKnZP2aqOjj9IaOlNzSkY9OPqoaSN +7t29mWZ+x3e8D56c3TMfviFjTVwJjE9OH9aomoZGrxIt1W5cCKwgAJJfpXtin+bR +/nzYtomRDWxKLjfSDV2nC8N4dqh4qz7HRFSmLgXhL7LYpNtMZURZnrNke92OCZMe +hjeGFk3V9tATYeCxAZaDEe/xgW5Ir/cCWaxQUabEldc8AdHT7vumaQ9UvND8SSBp +52BPWMRFPdDtDbL61ESjrBwjFgWIeiNDbSW3VW5qTPqIxF66GcWcZf8PJE8kdYTX +0vrMsjsusu6LFc8FTwzE1O8sbPGkSdqe2GPXU2PZu8+FGkHKgz4qR/bLewG/nqwQ +3zOlJ1MrVW2nyKQK+Bik +=VGnU +-----END PGP SIGNATURE----- Added: head/share/security/patches/SA-14:17/kmem-9.1.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-14:17/kmem-9.1.patch Tue Jul 8 22:23:25 2014 (r45230) @@ -0,0 +1,263 @@ +Index: sys/kern/uipc_sockbuf.c +=================================================================== +--- sys/kern/uipc_sockbuf.c (revision 268273) ++++ sys/kern/uipc_sockbuf.c (working copy) +@@ -1011,6 +1011,11 @@ sbcreatecontrol(caddr_t p, int size, int type, int + m->m_len = 0; + KASSERT(CMSG_SPACE((u_int)size) <= M_TRAILINGSPACE(m), + ("sbcreatecontrol: short mbuf")); ++ /* ++ * Don't leave the padding between the msg header and the ++ * cmsg data and the padding after the cmsg data un-initialized. ++ */ ++ bzero(cp, CMSG_SPACE((u_int)size)); + if (p != NULL) + (void)memcpy(CMSG_DATA(cp), p, size); + m->m_len = CMSG_SPACE(size); +Index: sys/netinet/sctp_auth.c +=================================================================== +--- sys/netinet/sctp_auth.c (revision 268273) ++++ sys/netinet/sctp_auth.c (working copy) +@@ -1876,6 +1876,7 @@ sctp_notify_authentication(struct sctp_tcb *stcb, + + SCTP_BUF_LEN(m_notify) = 0; + auth = mtod(m_notify, struct sctp_authkey_event *); ++ memset(auth, 0, sizeof(struct sctp_authkey_event)); + auth->auth_type = SCTP_AUTHENTICATION_EVENT; + auth->auth_flags = 0; + auth->auth_length = sizeof(*auth); +Index: sys/netinet/sctp_indata.c +=================================================================== +--- sys/netinet/sctp_indata.c (revision 268273) ++++ sys/netinet/sctp_indata.c (working copy) +@@ -250,6 +250,11 @@ sctp_build_ctl_nchunk(struct sctp_inpcb *inp, stru + + /* We need a CMSG header followed by the struct */ + cmh = mtod(ret, struct cmsghdr *); ++ /* ++ * Make sure that there is no un-initialized padding between the ++ * cmsg header and cmsg data and after the cmsg data. ++ */ ++ memset(cmh, 0, len); + if (sctp_is_feature_on(inp, SCTP_PCB_FLAGS_RECVRCVINFO)) { + cmh->cmsg_level = IPPROTO_SCTP; + cmh->cmsg_len = CMSG_LEN(sizeof(struct sctp_rcvinfo)); +Index: sys/netinet/sctputil.c +=================================================================== +--- sys/netinet/sctputil.c (revision 268273) ++++ sys/netinet/sctputil.c (working copy) +@@ -2628,6 +2628,7 @@ sctp_notify_assoc_change(uint16_t state, struct sc + } + SCTP_BUF_NEXT(m_notify) = NULL; + sac = mtod(m_notify, struct sctp_assoc_change *); ++ memset(sac, 0, notif_len); + sac->sac_type = SCTP_ASSOC_CHANGE; + sac->sac_flags = 0; + sac->sac_length = sizeof(struct sctp_assoc_change); +@@ -2834,11 +2835,10 @@ sctp_notify_send_failed(struct sctp_tcb *stcb, uin + if (m_notify == NULL) + /* no space left */ + return; +- length += chk->send_size; +- length -= sizeof(struct sctp_data_chunk); + SCTP_BUF_LEN(m_notify) = 0; + if (sctp_stcb_is_feature_on(stcb->sctp_ep, stcb, SCTP_PCB_FLAGS_RECVNSENDFAILEVNT)) { + ssfe = mtod(m_notify, struct sctp_send_failed_event *); ++ memset(ssfe, 0, length); + ssfe->ssfe_type = SCTP_SEND_FAILED_EVENT; + if (sent) { + ssfe->ssfe_flags = SCTP_DATA_SENT; +@@ -2845,10 +2845,11 @@ sctp_notify_send_failed(struct sctp_tcb *stcb, uin + } else { + ssfe->ssfe_flags = SCTP_DATA_UNSENT; + } ++ length += chk->send_size; ++ length -= sizeof(struct sctp_data_chunk); + ssfe->ssfe_length = length; + ssfe->ssfe_error = error; + /* not exactly what the user sent in, but should be close :) */ +- bzero(&ssfe->ssfe_info, sizeof(ssfe->ssfe_info)); + ssfe->ssfe_info.snd_sid = chk->rec.data.stream_number; + ssfe->ssfe_info.snd_flags = chk->rec.data.rcv_flags; + ssfe->ssfe_info.snd_ppid = chk->rec.data.payloadtype; +@@ -2858,6 +2859,7 @@ sctp_notify_send_failed(struct sctp_tcb *stcb, uin + SCTP_BUF_LEN(m_notify) = sizeof(struct sctp_send_failed_event); + } else { + ssf = mtod(m_notify, struct sctp_send_failed *); ++ memset(ssf, 0, length); + ssf->ssf_type = SCTP_SEND_FAILED; + if (sent) { + ssf->ssf_flags = SCTP_DATA_SENT; +@@ -2864,6 +2866,8 @@ sctp_notify_send_failed(struct sctp_tcb *stcb, uin + } else { + ssf->ssf_flags = SCTP_DATA_UNSENT; + } ++ length += chk->send_size; ++ length -= sizeof(struct sctp_data_chunk); + ssf->ssf_length = length; + ssf->ssf_error = error; + /* not exactly what the user sent in, but should be close :) */ +@@ -2947,16 +2951,16 @@ sctp_notify_send_failed2(struct sctp_tcb *stcb, ui + /* no space left */ + return; + } +- length += sp->length; + SCTP_BUF_LEN(m_notify) = 0; + if (sctp_stcb_is_feature_on(stcb->sctp_ep, stcb, SCTP_PCB_FLAGS_RECVNSENDFAILEVNT)) { + ssfe = mtod(m_notify, struct sctp_send_failed_event *); ++ memset(ssfe, 0, length); + ssfe->ssfe_type = SCTP_SEND_FAILED_EVENT; + ssfe->ssfe_flags = SCTP_DATA_UNSENT; ++ length += sp->length; + ssfe->ssfe_length = length; + ssfe->ssfe_error = error; + /* not exactly what the user sent in, but should be close :) */ +- bzero(&ssfe->ssfe_info, sizeof(ssfe->ssfe_info)); + ssfe->ssfe_info.snd_sid = sp->stream; + if (sp->some_taken) { + ssfe->ssfe_info.snd_flags = SCTP_DATA_LAST_FRAG; +@@ -2970,12 +2974,13 @@ sctp_notify_send_failed2(struct sctp_tcb *stcb, ui + SCTP_BUF_LEN(m_notify) = sizeof(struct sctp_send_failed_event); + } else { + ssf = mtod(m_notify, struct sctp_send_failed *); ++ memset(ssf, 0, length); + ssf->ssf_type = SCTP_SEND_FAILED; + ssf->ssf_flags = SCTP_DATA_UNSENT; ++ length += sp->length; + ssf->ssf_length = length; + ssf->ssf_error = error; + /* not exactly what the user sent in, but should be close :) */ +- bzero(&ssf->ssf_info, sizeof(ssf->ssf_info)); + ssf->ssf_info.sinfo_stream = sp->stream; + ssf->ssf_info.sinfo_ssn = sp->strseq; + if (sp->some_taken) { +@@ -3037,6 +3042,7 @@ sctp_notify_adaptation_layer(struct sctp_tcb *stcb + return; + SCTP_BUF_LEN(m_notify) = 0; + sai = mtod(m_notify, struct sctp_adaptation_event *); ++ memset(sai, 0, sizeof(struct sctp_adaptation_event)); + sai->sai_type = SCTP_ADAPTATION_INDICATION; + sai->sai_flags = 0; + sai->sai_length = sizeof(struct sctp_adaptation_event); +@@ -3092,6 +3098,7 @@ sctp_notify_partial_delivery_indication(struct sct + return; + SCTP_BUF_LEN(m_notify) = 0; + pdapi = mtod(m_notify, struct sctp_pdapi_event *); ++ memset(pdapi, 0, sizeof(struct sctp_pdapi_event)); + pdapi->pdapi_type = SCTP_PARTIAL_DELIVERY_EVENT; + pdapi->pdapi_flags = 0; + pdapi->pdapi_length = sizeof(struct sctp_pdapi_event); +@@ -3201,6 +3208,7 @@ sctp_notify_shutdown_event(struct sctp_tcb *stcb) + /* no space left */ + return; + sse = mtod(m_notify, struct sctp_shutdown_event *); ++ memset(sse, 0, sizeof(struct sctp_shutdown_event)); + sse->sse_type = SCTP_SHUTDOWN_EVENT; + sse->sse_flags = 0; + sse->sse_length = sizeof(struct sctp_shutdown_event); +@@ -3251,6 +3259,7 @@ sctp_notify_sender_dry_event(struct sctp_tcb *stcb + } + SCTP_BUF_LEN(m_notify) = 0; + event = mtod(m_notify, struct sctp_sender_dry_event *); ++ memset(event, 0, sizeof(struct sctp_sender_dry_event)); + event->sender_dry_type = SCTP_SENDER_DRY_EVENT; + event->sender_dry_flags = 0; + event->sender_dry_length = sizeof(struct sctp_sender_dry_event); +@@ -3283,7 +3292,6 @@ sctp_notify_stream_reset_add(struct sctp_tcb *stcb + struct mbuf *m_notify; + struct sctp_queued_to_read *control; + struct sctp_stream_change_event *stradd; +- int len; + + if ((stcb == NULL) || + (sctp_stcb_is_feature_off(stcb->sctp_ep, stcb, SCTP_PCB_FLAGS_STREAM_CHANGEEVNT))) { +@@ -3296,25 +3304,20 @@ sctp_notify_stream_reset_add(struct sctp_tcb *stcb + return; + } + stcb->asoc.peer_req_out = 0; +- m_notify = sctp_get_mbuf_for_msg(MCLBYTES, 0, M_DONTWAIT, 1, MT_DATA); ++ m_notify = sctp_get_mbuf_for_msg(sizeof(struct sctp_stream_change_event), 0, M_DONTWAIT, 1, MT_DATA); + if (m_notify == NULL) + /* no space left */ + return; + SCTP_BUF_LEN(m_notify) = 0; +- len = sizeof(struct sctp_stream_change_event); +- if (len > M_TRAILINGSPACE(m_notify)) { +- /* never enough room */ +- sctp_m_freem(m_notify); +- return; +- } + stradd = mtod(m_notify, struct sctp_stream_change_event *); ++ memset(stradd, 0, sizeof(struct sctp_stream_change_event)); + stradd->strchange_type = SCTP_STREAM_CHANGE_EVENT; + stradd->strchange_flags = flag; +- stradd->strchange_length = len; ++ stradd->strchange_length = sizeof(struct sctp_stream_change_event); + stradd->strchange_assoc_id = sctp_get_associd(stcb); + stradd->strchange_instrms = numberin; + stradd->strchange_outstrms = numberout; +- SCTP_BUF_LEN(m_notify) = len; ++ SCTP_BUF_LEN(m_notify) = sizeof(struct sctp_stream_change_event); + SCTP_BUF_NEXT(m_notify) = NULL; + if (sctp_sbspace(&stcb->asoc, &stcb->sctp_socket->so_rcv) < SCTP_BUF_LEN(m_notify)) { + /* no space */ +@@ -3345,7 +3348,6 @@ sctp_notify_stream_reset_tsn(struct sctp_tcb *stcb + struct mbuf *m_notify; + struct sctp_queued_to_read *control; + struct sctp_assoc_reset_event *strasoc; +- int len; + + if ((stcb == NULL) || + (sctp_stcb_is_feature_off(stcb->sctp_ep, stcb, SCTP_PCB_FLAGS_ASSOC_RESETEVNT))) { +@@ -3352,25 +3354,20 @@ sctp_notify_stream_reset_tsn(struct sctp_tcb *stcb + /* event not enabled */ + return; + } +- m_notify = sctp_get_mbuf_for_msg(MCLBYTES, 0, M_DONTWAIT, 1, MT_DATA); ++ m_notify = sctp_get_mbuf_for_msg(sizeof(struct sctp_assoc_reset_event), 0, M_DONTWAIT, 1, MT_DATA); + if (m_notify == NULL) + /* no space left */ + return; + SCTP_BUF_LEN(m_notify) = 0; +- len = sizeof(struct sctp_assoc_reset_event); +- if (len > M_TRAILINGSPACE(m_notify)) { +- /* never enough room */ +- sctp_m_freem(m_notify); +- return; +- } + strasoc = mtod(m_notify, struct sctp_assoc_reset_event *); ++ memset(strasoc, 0, sizeof(struct sctp_assoc_reset_event)); + strasoc->assocreset_type = SCTP_ASSOC_RESET_EVENT; + strasoc->assocreset_flags = flag; +- strasoc->assocreset_length = len; ++ strasoc->assocreset_length = sizeof(struct sctp_assoc_reset_event); + strasoc->assocreset_assoc_id = sctp_get_associd(stcb); + strasoc->assocreset_local_tsn = sending_tsn; + strasoc->assocreset_remote_tsn = recv_tsn; +- SCTP_BUF_LEN(m_notify) = len; ++ SCTP_BUF_LEN(m_notify) = sizeof(struct sctp_assoc_reset_event); + SCTP_BUF_NEXT(m_notify) = NULL; + if (sctp_sbspace(&stcb->asoc, &stcb->sctp_socket->so_rcv) < SCTP_BUF_LEN(m_notify)) { + /* no space */ +@@ -3423,6 +3420,7 @@ sctp_notify_stream_reset(struct sctp_tcb *stcb, + return; + } + strreset = mtod(m_notify, struct sctp_stream_reset_event *); ++ memset(strreset, 0, len); + strreset->strreset_type = SCTP_STREAM_RESET_EVENT; + strreset->strreset_flags = flag; + strreset->strreset_length = len; +@@ -6261,9 +6259,12 @@ sctp_soreceive(struct socket *so, + fromlen = 0; + } + ++ if (filling_sinfo) { ++ memset(&sinfo, 0, sizeof(struct sctp_extrcvinfo)); ++ } + error = sctp_sorecvmsg(so, uio, mp0, from, fromlen, flagsp, + (struct sctp_sndrcvinfo *)&sinfo, filling_sinfo); +- if ((controlp) && (filling_sinfo)) { ++ if (controlp != NULL) { + /* copy back the sinfo in a CMSG format */ + if (filling_sinfo) + *controlp = sctp_build_ctl_nchunk(inp, Added: head/share/security/patches/SA-14:17/kmem-9.1.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-14:17/kmem-9.1.patch.asc Tue Jul 8 22:23:25 2014 (r45230) @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2 + +iQIcBAABCgAGBQJTvG1sAAoJEO1n7NZdz2rnfuYQAMucmTFZ6DMXAfniAzJK7YBj +QmPeCMS31bJePyXLQY7wyeo+xK0uV0cyhNL8Oy6OF9bziJxkkxNhT8FqPbYnD4E7 +aGT+SGhGeKWGILBbDIGD+XDMy2S3SjHUIUdVB0T95O7D0IrQqQUoVwZjDvrxRrdP +mXIvWePatyAYpwukYwVDtB2hj3vxZRuW90HGdRpEeWO/W/3Fm91Lxbgw95J/2IQl +wpTteCGAIa74ez4nYGlEIvWmw0x8eiFty6tDAoDkVYuGH9wzQek5X+Ih3MVbYPR3 +prciyU9OFoAI/asm3T04Kq50nO7tVSZrLVw+x776BkziZJ2rofib4qeQBS/0vc6m +jcuyY0zbZAb2Tl9aoKmdAYFIsWxhVNr6/NjaZbxDdirs8aV4sIw+xBTo+C6aP9eS +vX30K3Fuycl3hJ9g+Idvw21kpvApbArQztiPk/DwJMoyfSQvDCiX1mS3QX3FXjZN +P/PIvEd19T5ODde4Ae2eCQk8dxNKqvE/X5F48K0dZT3blAgYhEJW02ydz11M+1Z/ +q5Iu+LRnAsSk0yD1WjfkKIDHIQTaqsGGKsCUIfrImT09k/qJt8Wn/r7DRX5GVvX5 +rSU0941KQhYc5ffYgiLG0xQcRDKqZKlIWJtUth1rpXbQhO8uZya1O7xlaOCn1aXn +Cc+B5t8Y12ohipRNTvoC +=vpdj +-----END PGP SIGNATURE----- Added: head/share/security/patches/SA-14:17/kmem.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-14:17/kmem.patch Tue Jul 8 22:23:25 2014 (r45230) @@ -0,0 +1,263 @@ +Index: sys/kern/uipc_sockbuf.c +=================================================================== +--- sys/kern/uipc_sockbuf.c (revision 268273) ++++ sys/kern/uipc_sockbuf.c (working copy) +@@ -1071,6 +1071,11 @@ sbcreatecontrol(caddr_t p, int size, int type, int + m->m_len = 0; + KASSERT(CMSG_SPACE((u_int)size) <= M_TRAILINGSPACE(m), + ("sbcreatecontrol: short mbuf")); ++ /* ++ * Don't leave the padding between the msg header and the ++ * cmsg data and the padding after the cmsg data un-initialized. ++ */ ++ bzero(cp, CMSG_SPACE((u_int)size)); + if (p != NULL) + (void)memcpy(CMSG_DATA(cp), p, size); + m->m_len = CMSG_SPACE(size); +Index: sys/netinet/sctp_auth.c +=================================================================== +--- sys/netinet/sctp_auth.c (revision 268273) ++++ sys/netinet/sctp_auth.c (working copy) +@@ -1790,6 +1790,7 @@ sctp_notify_authentication(struct sctp_tcb *stcb, + + SCTP_BUF_LEN(m_notify) = 0; + auth = mtod(m_notify, struct sctp_authkey_event *); ++ memset(auth, 0, sizeof(struct sctp_authkey_event)); + auth->auth_type = SCTP_AUTHENTICATION_EVENT; + auth->auth_flags = 0; + auth->auth_length = sizeof(*auth); +Index: sys/netinet/sctp_indata.c +=================================================================== +--- sys/netinet/sctp_indata.c (revision 268273) ++++ sys/netinet/sctp_indata.c (working copy) +@@ -250,6 +250,11 @@ sctp_build_ctl_nchunk(struct sctp_inpcb *inp, stru + + /* We need a CMSG header followed by the struct */ + cmh = mtod(ret, struct cmsghdr *); ++ /* ++ * Make sure that there is no un-initialized padding between the ++ * cmsg header and cmsg data and after the cmsg data. ++ */ ++ memset(cmh, 0, len); + if (sctp_is_feature_on(inp, SCTP_PCB_FLAGS_RECVRCVINFO)) { + cmh->cmsg_level = IPPROTO_SCTP; + cmh->cmsg_len = CMSG_LEN(sizeof(struct sctp_rcvinfo)); +Index: sys/netinet/sctputil.c +=================================================================== +--- sys/netinet/sctputil.c (revision 268273) ++++ sys/netinet/sctputil.c (working copy) +@@ -2622,6 +2622,7 @@ sctp_notify_assoc_change(uint16_t state, struct sc + } + SCTP_BUF_NEXT(m_notify) = NULL; + sac = mtod(m_notify, struct sctp_assoc_change *); ++ memset(sac, 0, notif_len); + sac->sac_type = SCTP_ASSOC_CHANGE; + sac->sac_flags = 0; + sac->sac_length = sizeof(struct sctp_assoc_change); +@@ -2835,11 +2836,10 @@ sctp_notify_send_failed(struct sctp_tcb *stcb, uin + if (m_notify == NULL) + /* no space left */ + return; +- length += chk->send_size; +- length -= sizeof(struct sctp_data_chunk); + SCTP_BUF_LEN(m_notify) = 0; + if (sctp_stcb_is_feature_on(stcb->sctp_ep, stcb, SCTP_PCB_FLAGS_RECVNSENDFAILEVNT)) { + ssfe = mtod(m_notify, struct sctp_send_failed_event *); ++ memset(ssfe, 0, length); + ssfe->ssfe_type = SCTP_SEND_FAILED_EVENT; + if (sent) { + ssfe->ssfe_flags = SCTP_DATA_SENT; +@@ -2846,10 +2846,11 @@ sctp_notify_send_failed(struct sctp_tcb *stcb, uin + } else { + ssfe->ssfe_flags = SCTP_DATA_UNSENT; + } ++ length += chk->send_size; ++ length -= sizeof(struct sctp_data_chunk); + ssfe->ssfe_length = length; + ssfe->ssfe_error = error; + /* not exactly what the user sent in, but should be close :) */ +- bzero(&ssfe->ssfe_info, sizeof(ssfe->ssfe_info)); + ssfe->ssfe_info.snd_sid = chk->rec.data.stream_number; + ssfe->ssfe_info.snd_flags = chk->rec.data.rcv_flags; + ssfe->ssfe_info.snd_ppid = chk->rec.data.payloadtype; +@@ -2859,6 +2860,7 @@ sctp_notify_send_failed(struct sctp_tcb *stcb, uin + SCTP_BUF_LEN(m_notify) = sizeof(struct sctp_send_failed_event); + } else { + ssf = mtod(m_notify, struct sctp_send_failed *); ++ memset(ssf, 0, length); + ssf->ssf_type = SCTP_SEND_FAILED; + if (sent) { + ssf->ssf_flags = SCTP_DATA_SENT; *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Tue Jul 8 22:31:45 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 39165576; Tue, 8 Jul 2014 22:31:45 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0C8F029D4; Tue, 8 Jul 2014 22:31:45 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s68MVigt039432; Tue, 8 Jul 2014 22:31:44 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s68MViX0039431; Tue, 8 Jul 2014 22:31:44 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201407082231.s68MViX0039431@svn.freebsd.org> From: Xin LI Date: Tue, 8 Jul 2014 22:31:44 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45231 - head/share/security/advisories X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jul 2014 22:31:45 -0000 Author: delphij Date: Tue Jul 8 22:31:44 2014 New Revision: 45231 URL: http://svnweb.freebsd.org/changeset/doc/45231 Log: Correct a typo found by gjb. Modified: head/share/security/advisories/FreeBSD-SA-14:17.kmem.asc Modified: head/share/security/advisories/FreeBSD-SA-14:17.kmem.asc ============================================================================== --- head/share/security/advisories/FreeBSD-SA-14:17.kmem.asc Tue Jul 8 22:23:25 2014 (r45230) +++ head/share/security/advisories/FreeBSD-SA-14:17.kmem.asc Tue Jul 8 22:31:44 2014 (r45231) @@ -95,7 +95,7 @@ detached PGP signature using your PGP ut # fetch http://security.FreeBSD.org/patches/SA-14:17/kmem-89.patch.asc # gpg --verify kmem.patch.asc -[FreeBSD 9.2] +[FreeBSD 9.1] # fetch http://security.FreeBSD.org/patches/SA-14:17/kmem-9.1.patch # fetch http://security.FreeBSD.org/patches/SA-14:17/kmem-9.1.patch.asc # gpg --verify kmem.patch.asc @@ -154,17 +154,17 @@ The latest revision of this advisory is -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 -iQIcBAEBCgAGBQJTvG0nAAoJEO1n7NZdz2rn9w0QANVDZ/92sbXjrREbn/qDto75 -opjg7cJUne0tAkeqoCxYNiCT0yxI4M37N41Hvq1ZbA0HFgodjb5s6pXTZ4baB4PH -CKxMvk8NB8PAw3+JfG9Ec8e4MaUd0Md04yNx/Ej1zdDz75rhHcqGiK2Agm086RSV -K7TyzZXr1QrjJCSltM5dcXHacMgIZ7OxxY/e4DrI7tsEQk50wmlSKcZZI0GC8o+p -DzhcMP+7qN9wNcZaXNNlLxLlthjlwudnGuFwg4DzkUCjCu2ooyerOref4UDWXmN8 -bky3U9wx5PnM/LmocWAPYCgA58WckbPooiWEWGWJJeogbVi6+vVNOe1516vAeTep -MyGLpdP6v2tSo6XI33yd2YrxDMGOdFN1+ZfeDvFyBk9JFEfMhKHio84967hQRQN6 -pz1+0Ga119akQZKnBs3z9YhPze26sJB+tgTdIUJnunVysdslKI2EYcJ1R+UNIoDB -h5XClPqAWyupfohp2TD8vM5RT+x6CaeW4P08KRpg8PTmqHi7CNB5wgFASG2uC/BT -3qZDebjE7CMCQ35wEWBwVHt8SK0MwaIb9u4A+Fxf/plNDwqKqtQ7LdhI/fabJl5T -IP3RbQLdiGyRAtOwcgXbmIGd2k3E9TNCQa5AdiUjiE5zGcRUs3iywVtyvellnVpI -yAc2ussNLU5vJef4t30X -=u6Xe +iQIcBAEBCgAGBQJTvHEtAAoJEO1n7NZdz2rnbRcP+gJ9CIH2kch1kXgs94McM1L+ +uSnUQsv30OQFe/J//q65HUINVwCMwyRZRFZ238sVsJ6jpft6UTaDxDSdJAqR2opi +hew/KEYYQhrrFXCHAgyaXh7Ph1B9URBJ5/MOkDWIBYOei3bxPZRP4ordrtclq/bA +qFRvov9gXUah6imbnRMvmC68tzt9v7I/vE2VwsC9fE/yL25IvP5ZunEATegOm4IQ +w+fk2VB/6GNFbTsWW1aR6FM60mWXVj2uJfHenEG1K381AXXQb4lSzo8E2SsdkI3B +x+MJkxBhNrpSm6tV/zndtYRoDtFseuTHBjKxe7liTyJcFuztkZqmdHaNzbeBSVON +P/fIqMHt2f143028ZZZEFqHzuqiEWrWB3WcgQnfsp3HrhMPnhnwkfo8TuC5NiKYx +6CsdnWLdPb1ix9RqX4MqnbFBHDKCoK28nuCKcxJB/OXanikGzcIBazpLsqFmTcm6 +9bZ79zuMWU7wiU8p5qdGURmjTJQx9eF5UHcyfIPX6wZLyx8WVltbF5zVJa0nw0LC +OEf5KmmgEbPhfdkJ5R2UyHffwQDCNs+vixNLRSJS9/D/6lczT8qPxpDEkjQCsSKw +YxmLubDOjnqR57yrh4kKEj2V5ZJcRu2G1q1EKdLfD98VJOrot8p4qa4sCL+o9sbw +nII906M+PVUAnsa9synp +=nTZs -----END PGP SIGNATURE----- From owner-svn-doc-all@FreeBSD.ORG Tue Jul 8 22:55:15 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 09E00E4C; Tue, 8 Jul 2014 22:55:15 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E40EC2EFE; Tue, 8 Jul 2014 22:55:14 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s68MtERk003899; Tue, 8 Jul 2014 22:55:14 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s68MtEbQ003834; Tue, 8 Jul 2014 22:55:14 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407082255.s68MtEbQ003834@svn.freebsd.org> From: Glen Barber Date: Tue, 8 Jul 2014 22:55:14 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45232 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jul 2014 22:55:15 -0000 Author: gjb Date: Tue Jul 8 22:55:14 2014 New Revision: 45232 URL: http://svnweb.freebsd.org/changeset/doc/45232 Log: Regen after r268438 Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Tue Jul 8 22:31:44 2014 (r45231) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/relnotes.html Tue Jul 8 22:55:14 2014 (r45232) @@ -1,5 +1,5 @@ -FreeBSD 9.3-RELEASE Release Notes

    FreeBSD 9.3-RELEASE Release Notes

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation +FreeBSD 9.3-RELEASE Release Notes

    FreeBSD 9.3-RELEASE Release Notes

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation Project

    FreeBSD is a registered trademark of the FreeBSD Foundation.

    IBM, AIX, OS/2, PowerPC, PS/2, S/390, and ThinkPad are @@ -55,7 +55,8 @@ vulnerability

    FreeBSD-SA-14:05.nfsserver8April2014

    Deadlock in the NFS server

    FreeBSD-SA-14:06.openssl8April2014

    ECDSA side channel leak

    FreeBSD-SA-14:08.tcp30April2014

    TCP reassembly vulnerability

    FreeBSD-SA-14:11.sendmail26May2014

    Sendmail improper close-on-exec flag handling

    FreeBSD-SA-14:12.ktrace3June2014

    ktrace(1) kernel memory disclosure

    FreeBSD-SA-14:13.pam3June2014

    Incorrect error handling in PAM policy - parser

    FreeBSD-SA-14:14.openssl5June2014

    Multiple vulnerabilities

    FreeBSD-SA-14:16.file24June2014

    Multiple vulnerabilities

    2.2.Kernel Changes

    The arcms r(4) driver has been + parser

    FreeBSD-SA-14:14.openssl5June2014

    Multiple vulnerabilities

    FreeBSD-SA-14:16.file24June2014

    Multiple vulnerabilities

    FreeBSD-SA-14:17.kmem8July2014

    Kernel memory disclosure in control + messages and SCTP notifications

    2.2.Kernel Changes

    The arcmsr(4) driver has been updated to version 1.20.00.28. [r256033]

    The isci(4) driver is now loadable via kldload(8). [r256437] (Sponsored by @@ -371,7 +372,7 @@ been updated to support multiple byte orders. Similar to cap_mkdb(1), the services.db will be created with proper endinanness as part of - cross-architecture release builds. [r263028]

    3.Upgrading from Previous Releases of FreeBSD

    3.1.Upgrading Using freebsd-update(8) or a Source-Based + cross-architecture release builds. [r263028]

    3.Upgrading from Previous Releases of FreeBSD

    3.1.Upgrading Using freebsd-update(8) or a Source-Based Procedure

    [amd64,i386] Binary upgrades between RELEASE versions (and snapshots of the various security branches) are supported using the freebsd-update(8) utility. The binary upgrade @@ -385,7 +386,7 @@ /usr/src/UPDATING.

    For more specific information about upgrading instructions, see http://www.FreeBSD.org/releases/9.3R/installation.html.

    Important:

    Upgrading FreeBSD should only be attempted after backing up all data and - configuration files.

    3.2.User-Visible + configuration files.

    3.2.User-Visible Incompatibilities

    FreeBSD9.0 and later versions have several configuration incompatibilities with earlier versions of FreeBSD. These differences are best understood before upgrading. From owner-svn-doc-all@FreeBSD.ORG Tue Jul 8 23:11:06 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 269C5596; Tue, 8 Jul 2014 23:11:06 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0E768211B; Tue, 8 Jul 2014 23:11:06 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s68NB6Dw078401; Tue, 8 Jul 2014 23:11:06 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s68NB53C078398; Tue, 8 Jul 2014 23:11:05 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407082311.s68NB53C078398@svn.freebsd.org> From: Glen Barber Date: Tue, 8 Jul 2014 23:11:05 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45233 - in head/en_US.ISO8859-1/htdocs/releases: 10.0R 9.2R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jul 2014 23:11:06 -0000 Author: gjb Date: Tue Jul 8 23:11:05 2014 New Revision: 45233 URL: http://svnweb.freebsd.org/changeset/doc/45233 Log: Regen after r268439 Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html head/en_US.ISO8859-1/htdocs/releases/9.2R/errata.html Modified: head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html Tue Jul 8 22:55:14 2014 (r45232) +++ head/en_US.ISO8859-1/htdocs/releases/10.0R/errata.html Tue Jul 8 23:11:05 2014 (r45233) @@ -1,5 +1,5 @@ -FreeBSD 10.0-RELEASE Errata

    FreeBSD 10.0-RELEASE Errata

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation Project

    FreeBSD is a registered trademark of +FreeBSD 10.0-RELEASE Errata

    FreeBSD 10.0-RELEASE Errata

    The FreeBSD Project

    Copyright 2014 The FreeBSD Documentation Project

    FreeBSD is a registered trademark of the FreeBSD Foundation.

    Intel, Celeron, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United @@ -12,7 +12,7 @@ as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the or the - symbol.

    Last modified on 2014-06-25 by gjb.
    Abstract

    This document lists errata items for FreeBSD 10.0-RELEASE, + symbol.

    Last modified on 2014-07-08 by gjb.
    Abstract

    This document lists errata items for FreeBSD 10.0-RELEASE, containing significant information discovered after the release or too late in the release cycle to be otherwise included in the release documentation. @@ -45,7 +45,8 @@ vulnerability

    SA-14:11.sendmail3June2014

    Fix sendmail improper close-on-exec flag handling

    SA-14:13.pam3June2014

    Fix incorrect error handling in PAM policy parser

    SA-14:14.openssl5June2014

    Multiple vulnerabilities

    SA-14:15.iconv24June2014

    NULL pointer dereference and out-of-bounds - array access

    SA-14:16.file24June2014

    Multiple vulnerabilities

    3.Open Issues

    • FreeBSD/i386 10.0-RELEASE running as a guest + array access

      SA-14:16.file24June2014

      Multiple vulnerabilities

      SA-14:17.kmem8July2014

      Kernel memory disclosure in control messages + and SCTP notifications

    3.Open Issues

    • FreeBSD/i386 10.0-RELEASE running as a guest operating system on VirtualBox can have a problem with disk I/O access. It depends on some specific hardware configuration and does not depend on a Modified: head/en_US.ISO8859-1/htdocs/releases/9.2R/errata.html ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.2R/errata.html Tue Jul 8 22:55:14 2014 (r45232) +++ head/en_US.ISO8859-1/htdocs/releases/9.2R/errata.html Tue Jul 8 23:11:05 2014 (r45233) @@ -1,5 +1,5 @@ -FreeBSD 9.2-RELEASE Errata

      FreeBSD 9.2-RELEASE Errata

      +FreeBSD 9.2-RELEASE Errata

      FreeBSD 9.2-RELEASE Errata

      The FreeBSD Project

      Copyright 2014 The FreeBSD Documentation Project

      FreeBSD is a registered trademark of the FreeBSD Foundation.

      Intel, Celeron, EtherExpress, i386, @@ -14,7 +14,7 @@ as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the or the - symbol.

      Last modified on 2014-06-25 by gjb.
      Abstract

      This document lists errata items for FreeBSD 9.2-RELEASE, + symbol.

      Last modified on 2014-07-08 by gjb.
      Abstract

      This document lists errata items for FreeBSD 9.2-RELEASE, containing significant information discovered after the release or too late in the release cycle to be otherwise included in the release documentation. @@ -36,7 +36,7 @@ which keep up-to-date mirrors of this location.

      Source and binary snapshots of FreeBSD 9.3-STABLE also contain up-to-date copies of this document (as of the time of the snapshot).

      For a list of all FreeBSD CERT security advisories, see http://www.FreeBSD.org/security/ or ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/.

      2.Security Advisories

      Problems described in the following security advisories have - been fixed in 9.2-RELEASE. For more information, consult + been fixed in 9.3-RELEASE. For more information, consult the individual advisories available from http://security.FreeBSD.org/.

      AdvisoryDateTopic
      SA-14:01.bsnmpd1January2014

      Fix bsnmpd remote denial of service vulnerability

      SA-14:02.ntpd1January2014

      Fix ntpd distributed reflection Denial of @@ -45,7 +45,8 @@ Attack

      SA-14:08.tcp30April2014

      Fix TCP reassembly vulnerability

      SA-14:11.sendmail3June2014

      Fix sendmail improper close-on-exec flag handling

      SA-14:12.ktrace3June2014

      Fix ktrace memory disclosure

      SA-14:13.pam3June2014

      Fix incorrect error handling in PAM policy - parser

      SA-14:14.openssl5June2014

      Multiple vulnerabilities

      SA-14:16.file24June2014

      Multiple vulnerabilities

      3.Late-Breaking News

      No late-breaking news.

      This file, and other release-related documents, + parser

      SA-14:14.openssl5June2014

      Multiple vulnerabilities

      SA-14:16.file24June2014

      Multiple vulnerabilities

      SA-14:17.kmem8July2014

      Kernel memory disclosure in control messages + and SCTP notifications

      3.Late-Breaking News

      No late-breaking news.

      This file, and other release-related documents, can be downloaded from http://www.FreeBSD.org/releases/.

      For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.

      All users of FreeBSD 9.3-STABLE should From owner-svn-doc-all@FreeBSD.ORG Wed Jul 9 01:20:34 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CB3CBBC7; Wed, 9 Jul 2014 01:20:34 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9E2DA2C5A; Wed, 9 Jul 2014 01:20:34 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s691KYZD036083; Wed, 9 Jul 2014 01:20:34 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s691KYUH036082; Wed, 9 Jul 2014 01:20:34 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407090120.s691KYUH036082@svn.freebsd.org> From: Glen Barber Date: Wed, 9 Jul 2014 01:20:34 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45234 - head/en_US.ISO8859-1/books/porters-handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2014 01:20:34 -0000 Author: gjb Date: Wed Jul 9 01:20:34 2014 New Revision: 45234 URL: http://svnweb.freebsd.org/changeset/doc/45234 Log: Document __FreeBSD_verion values: 903501, 1000711, 1100027 Swap __FreeBSD_version values 903000 and 903500 to match the correct branch. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/books/porters-handbook/versions.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/versions.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/versions.xml Tue Jul 8 23:11:05 2014 (r45233) +++ head/en_US.ISO8859-1/books/porters-handbook/versions.xml Wed Jul 9 01:20:34 2014 (r45234) @@ -4391,15 +4391,22 @@ it was never committed: 903000 June 20, 2014 - 9-STABLE releng/9.3 branch - (rev 267657). + 9-RC1 releng/9.3 branch + (rev 267656). 903500 June 20, 2014 - 9.3-RC1 releng/9.3 branch - (rev 267656). + 9.3-STABLE releng/9.3 branch + (rev 267657). + + + + 903501 + July 8, 2014 + 9-STABLE after FreeBSD-SA-14:17.kmem + (rev 268433). @@ -5031,6 +5038,13 @@ it was never committed: + 1000711 + July 8, 2014 + 10-STABLE after FreeBSD-SA-14:17.kmem + (rev 268432). + + + 1100000 October 10, 2013 11.0-CURRENT @@ -5221,3 +5235,10 @@ it was never committed: modules, including the krpc, was changed by (rev 268115). + + + 1100027 + July 8, 2014 + 11.0-CURRENT after FreeBSD-SA-14:17.kmem + (rev 268431). + From owner-svn-doc-all@FreeBSD.ORG Wed Jul 9 11:02:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 65C81561; Wed, 9 Jul 2014 11:02:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 451942E6F; Wed, 9 Jul 2014 11:02:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s69B2aEt033870; Wed, 9 Jul 2014 11:02:36 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s69B2a2P033869; Wed, 9 Jul 2014 11:02:36 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201407091102.s69B2a2P033869@svn.freebsd.org> From: Ryusuke SUZUKI Date: Wed, 9 Jul 2014 11:02:36 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45235 - head/ja_JP.eucJP/htdocs/internal X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2014 11:02:36 -0000 Author: ryusuke Date: Wed Jul 9 11:02:35 2014 New Revision: 45235 URL: http://svnweb.freebsd.org/changeset/doc/45235 Log: - Merge the following from the English version: r44720 -> r45223 head/ja_JP.eucJP/htdocs/internal/machines.xml Modified: head/ja_JP.eucJP/htdocs/internal/machines.xml Modified: head/ja_JP.eucJP/htdocs/internal/machines.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/internal/machines.xml Wed Jul 9 01:20:34 2014 (r45234) +++ head/ja_JP.eucJP/htdocs/internal/machines.xml Wed Jul 9 11:02:35 2014 (r45235) @@ -4,7 +4,7 @@ ]> - + @@ -40,7 +40,7 @@ eris -11-CURRENT +10-STABLE ia64 リファレンスマシン @@ -56,7 +56,7 @@ freefall 11-CURRENT amd64 -GNATS/shell ログイン +シェルログイン @@ -174,6 +174,7 @@ +

      ハードウェア構成

      @@ -238,61 +215,31 @@ freefall -Intel x86 -2x dual-core 2.80GHz Xeon (Pentium-IV family), 2GB Memory, -Compaq Smart Array 5i SCSI RAID controller, 138 GB SCSI local storage, -Broadcom-based Compaq NC7781 Gigabit Server Adapter NIC. +Intel EM64T MP +HP Proliant DL160 G6, 2xIntel Xeon X5650 (6x2x2.67GHz), 24GB Memory, + 4x1TB SATA disks, Intel PRO/1000 NIC. ftp-master -Intel x86 -2x dual-core 2.80GHz Xeon, 4GB Memory, LSI Logic PERC 4e/Di RAID - adapter, 1.14T disk, 2x Intel PRO/1000 Ethernet NIC. - - - -gohan10-13 -Intel x86 -2x1.8GHz quad-core Xeon L5320, 8GB Memory, Intel 63XXESB2 SATA300 -controller, 1x160GB SAT300 drive, 2xIntel PRO/1000 NIC. - - - -gohan18 -Intel x86 -2x1.8GHz quad-core Xeon L5320, 8GB Memory, LSILogic SAS/SATA controller, -1x160GB SAT300 drive, 2x Broadcom NetXtreme Gigabit Ethernet NIC. - - - -gohan61-62 -Intel x86 -2x2.0GHz quad-core Intel Xeon L5335, 32GB Memory, Dell PERC 6 Megaraid -SAS controller, 418GB local storage, 2x Broadcom NetXtreme II BCM5708 -1000Base-T Ethernet NIC. +Intel EM64T MP +HP Proliant DL160 G6, 2xIntel Xeon X5650 (6x2x2.67GHz), 24GB Memory, + 4x1TB SATA disks, Intel PRO/1000 NIC. hub -AMD64 MP -4x2.2GHz (dual CPU, dual core), 3GB Memory, Adaptec RAID Controller, -4x36GB U160 SCSI Disk, Broadcom Gigabit Ethernet. - - - -mx1 -Intel x86 MP -8x1.86GHz Xeon (dual CPU, quad core), 8GB Memory, Dell PERC 5/i - RAID controller, 2x136GB SAS disks in RAID1, Broadcom NetXtreme - Gigabit Ethernet adapter. +Intel EM64T MP +HP Proliant DL160 G6, 2xIntel Xeon X5650 (6x2x2.67GHz), 48GB Memory, + 4x1TB SATA disks, Intel PRO/1000 NIC. -mx2 -Intel x86 MP -2x2.8GHz Xeon, 1GB Memory, Compaq Smart Array 5i RAID controller, - 2x34GB SCSI Disks in RAID1, Broadcom Gigabit Ethernet. +mx1, mx2 +AMD64 +PowerEdge R415, 2xAMD Opteron 4180 (2x6x2.6GHz), 16GB Memory, + Dell PERC H700 RAID controller, 3x300GB SAS disks in XFS mirror, + QLogic NetXtreme II Gigabit Ethernet adapter. @@ -311,31 +258,24 @@ SAS controller, 418GB local storage, 2x -pointyhat +ref[8-11]-amd64 Intel EM64T MP -2x2.8GHz Intel Xeon (dualcore), 4GB Memory, Dell PERC 4 RAID controller, - 1.1TB storage, Intel PRO/1000 Gigabitq NIC. +HP Proliant DL160 G6, 2xIntel Xeon X5650 (6x2x2.67GHz), 24GB Memory, + 4x1TB SATA disks, Intel PRO/1000 NIC. -ref[7-10]-(amd64|i386) +ref10-i386 Intel EM64T MP -Dell PowerEdge 2950, 2xIntel Xeon L5320 (8x1.86GHz), 8/16GB Memory, +Dell PowerEdge 2950, 2xIntel Xeon L5320 (4x1.86GHz), 8/16GB Memory, PERC 5/i RAID controller, 6x136GB SAS disks, Broadcom NetXtreme II BCM5708 NIC. -ref11-amd64 -Intel EM64T MP -HP Proliant, 2xIntel Xeon X5650 (6x2x2.67GHz), 24GB Memory, - 4x1TB SATA disks, Intel PRO/1000 NIC. - - - ref11-i386 Intel EM64T MP -Dell, 2xIntel Xeon E5320 (4x1.86GHz), 32GB Memory, PERC 5/i RAID +Dell PowerEdge 2950, 2xIntel Xeon E5320 (4x1.86GHz), 32GB Memory, PERC 5/i RAID controller,6x136GB SAS disks, Broadcom NetXtreme II BCM5708 NIC. @@ -350,8 +290,9 @@ SAS controller, 418GB local storage, 2x -

      すべてのマシンは、冗長構成のギガビットアップリンクを持つ専用の -Cisco 2948G スイッチに 100Mbit/sec 全二重で接続されています。 +

      ほとんどのマシンは、 +冗長構成のギガビットアップリンクを持つ専用のスイッチに +1Gbit/sec 全二重で接続されています。 インターネットへの接続とコロケーションは Yahoo! により提供されています。 すべてのシステムはシリアルコンソールで繋がっていて、 From owner-svn-doc-all@FreeBSD.ORG Wed Jul 9 11:09:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 853F384E; Wed, 9 Jul 2014 11:09:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5980B2ECC; Wed, 9 Jul 2014 11:09:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s69B9AkU035049; Wed, 9 Jul 2014 11:09:10 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s69B9Alk035048; Wed, 9 Jul 2014 11:09:10 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201407091109.s69B9Alk035048@svn.freebsd.org> From: Ryusuke SUZUKI Date: Wed, 9 Jul 2014 11:09:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45236 - head/ja_JP.eucJP/htdocs/developers X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Wed, 09 Jul 2014 11:31:14 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2014 11:09:10 -0000 Author: ryusuke Date: Wed Jul 9 11:09:09 2014 New Revision: 45236 URL: http://svnweb.freebsd.org/changeset/doc/45236 Log: - Merge the following from the English version: r44021 -> r45206 head/ja_JP.eucJP/htdocs/developers/cvs.xml Modified: head/ja_JP.eucJP/htdocs/developers/cvs.xml Modified: head/ja_JP.eucJP/htdocs/developers/cvs.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/developers/cvs.xml Wed Jul 9 11:02:35 2014 (r45235) +++ head/ja_JP.eucJP/htdocs/developers/cvs.xml Wed Jul 9 11:09:09 2014 (r45236) @@ -5,7 +5,7 @@ ]> - + @@ -19,26 +19,26 @@

      Subversion

      &os; プロジェクトは、ソースを管理するツールとして - Subversion を使っています。 + Subversion + (略して SVN) を使っています。 すべての変更は、(その目的を説明するログメッセージと共に) リポジトリに記録され、 以下で述べるウェブインタフェースで簡単に見ることができます。

      -

      2008 年 6 月より、ベースシステムの開発は、別のバージョン管理システム - Subversion - (略して SVN) に移行しました。 - ウェブインタフェース +

      2008 年 6 月より、ベースシステムの開発は、CVS から + Subversion に移行しました。 + ウェブインタフェース を利用してリポジトリを見ることができます。

      2012 年 5 月より、FreeBSD ドキュメンテーションプロジェクトは、CVS から Subversion へと移行しました。ウェブインタフェース + href="https://svnweb.FreeBSD.org/doc/">ウェブインタフェース を利用して FreeBSD ドキュメンテーションプロジェクトの SVN リポジトリの内容を見ることができます。

      2012 年 6 月より、FreeBSD Ports ツリーは、CVS から Subversion へと移行しました。ウェブインタフェース + href="https://svnweb.FreeBSD.org/ports/">ウェブインタフェース を利用してリポジトリの内容を見ることができます。

      その他の選択肢

      From owner-svn-doc-all@FreeBSD.ORG Wed Jul 9 11:40:16 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E271AD5; Wed, 9 Jul 2014 11:40:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CEB9B21D5; Wed, 9 Jul 2014 11:40:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s69BeGQj048493; Wed, 9 Jul 2014 11:40:16 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s69BeFEo048486; Wed, 9 Jul 2014 11:40:15 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201407091140.s69BeFEo048486@svn.freebsd.org> From: Gabor Pali Date: Wed, 9 Jul 2014 11:40:15 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45237 - in head: en_US.ISO8859-1/articles/contributors en_US.ISO8859-1/books/handbook/introduction en_US.ISO8859-1/htdocs share/pgpkeys share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2014 11:40:17 -0000 Author: pgj Date: Wed Jul 9 11:40:15 2014 New Revision: 45237 URL: http://svnweb.freebsd.org/changeset/doc/45237 Log: - Announce the new Core Team Modified: head/en_US.ISO8859-1/articles/contributors/contrib.corealumni.xml head/en_US.ISO8859-1/books/handbook/introduction/chapter.xml head/en_US.ISO8859-1/htdocs/administration.xml head/share/pgpkeys/pgpkeys-core.xml head/share/xml/news.xml Modified: head/en_US.ISO8859-1/articles/contributors/contrib.corealumni.xml ============================================================================== --- head/en_US.ISO8859-1/articles/contributors/contrib.corealumni.xml Wed Jul 9 11:09:09 2014 (r45236) +++ head/en_US.ISO8859-1/articles/contributors/contrib.corealumni.xml Wed Jul 9 11:40:15 2014 (r45237) @@ -2,6 +2,22 @@ + &a.tabthorpe.email; (2012 - 2014) + + + + &a.jhb.email; (2002 - 2006, 2010 - 2014) + + + + &a.kib.email; (2010 - 2014) + + + + &a.miwi.email; (2012 - 2014) + + + &a.attilio.email; (2012) @@ -21,9 +37,11 @@ &a.cperciva.email; (2010 - 2012) + &a.keramida.email; (2006 - 2010) @@ -33,9 +51,11 @@ &a.kris.email; (2008 - 2010) + &a.murray.email; (2002 - 2010) Modified: head/en_US.ISO8859-1/books/handbook/introduction/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/introduction/chapter.xml Wed Jul 9 11:09:09 2014 (r45236) +++ head/en_US.ISO8859-1/books/handbook/introduction/chapter.xml Wed Jul 9 11:40:15 2014 (r45237) @@ -1154,7 +1154,7 @@ is one of the functions of the core team, as is the recruitment of new core team members as others move on. The current core team was elected from a pool of - committer candidates in July 2012. Elections are held + committer candidates in July 2014. Elections are held every 2 years. Modified: head/en_US.ISO8859-1/htdocs/administration.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/administration.xml Wed Jul 9 11:09:09 2014 (r45236) +++ head/en_US.ISO8859-1/htdocs/administration.xml Wed Jul 9 11:40:15 2014 (r45237) @@ -86,14 +86,15 @@ Core Team is elected by the active developers in the project.

        -
      • &a.tabthorpe.email; (Donations Team, Port Management Team Liaison)
        • -
      • &a.gavin.email; (Security Team Liaison)
        • -
      • &a.jhb.email;
        • -
      • &a.kib.email;
        • -
      • &a.theraven.email; (&os; Foundation Liaison)
        • +
      • &a.gavin.email;
        • +
      • &a.theraven.email;
        • +
      • &a.bapt.email;
        • +
      • &a.emaste.email;
        • +
      • &a.gnn.email;
      • &a.hrs.email;
        • +
      • &a.glebius.email;
      • &a.peter.email;
        • -
      • &a.miwi.email;
        • +
      • &a.rwatson.email;

      FreeBSD Documentation Engineering Team Modified: head/share/pgpkeys/pgpkeys-core.xml ============================================================================== --- head/share/pgpkeys/pgpkeys-core.xml Wed Jul 9 11:09:09 2014 (r45236) +++ head/share/pgpkeys/pgpkeys-core.xml Wed Jul 9 11:40:15 2014 (r45237) @@ -4,29 +4,29 @@ $FreeBSD$ --> - - &a.tabthorpe.email; - &pgpkey.tabthorpe; - - &a.gavin.email; &pgpkey.gavin; - - &a.jhb.email; - &pgpkey.jhb; + + &a.theraven.email; + &pgpkey.theraven; - - &a.kib.email; - &pgpkey.kib; + + &a.bapt.email; + &pgpkey.bapt; - - &a.theraven.email; - &pgpkey.theraven; + + &a.emaste.email; + &pgpkey.emaste; + + + + &a.gnn.email; + &pgpkey.gnn; @@ -34,12 +34,19 @@ &pgpkey.hrs; + + &a.glebius.email; + &pgpkey.glebius; + + &a.peter.email; &pgpkey.peter; - - &a.miwi.email; - &pgpkey.miwi; + Modified: head/share/xml/news.xml ============================================================================== --- head/share/xml/news.xml Wed Jul 9 11:09:09 2014 (r45236) +++ head/share/xml/news.xml Wed Jul 9 11:40:15 2014 (r45237) @@ -35,6 +35,30 @@ 7 + 9 + + + New &os; Core Team elected + +

      The &os; Project is pleased to announce the completion of + the 2012 Core Team election. The &os; Core Team acts as + the project's "board of directors" and is responsible for + approving new src committers, resolving disputes between + developers, appointing sub-committees for specific + purposes (security officer, release engineering, port + managers, webmaster, etc ...), and making any other + administrative or policy decisions as needed. The Core + Team has been elected by &os; developers every two years + since 2000.

      + +

      More information about the election (together with a list + of the new members of the Core Team) can be found in the + official announcement.

      +       +       + + 6 From owner-svn-doc-all@FreeBSD.ORG Wed Jul 9 11:54:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A8ACB6DC; Wed, 9 Jul 2014 11:54:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 97C0D2365; Wed, 9 Jul 2014 11:54:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s69BsgeF056662; Wed, 9 Jul 2014 11:54:42 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s69BsgJX056660; Wed, 9 Jul 2014 11:54:42 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201407091154.s69BsgJX056660@svn.freebsd.org> From: Gabor Pali Date: Wed, 9 Jul 2014 11:54:42 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45238 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2014 11:54:42 -0000 Author: pgj Date: Wed Jul 9 11:54:42 2014 New Revision: 45238 URL: http://svnweb.freebsd.org/changeset/doc/45238 Log: - Fix year in the Core Team Election entry Modified: head/share/xml/news.xml Modified: head/share/xml/news.xml ============================================================================== --- head/share/xml/news.xml Wed Jul 9 11:40:15 2014 (r45237) +++ head/share/xml/news.xml Wed Jul 9 11:54:42 2014 (r45238) @@ -41,7 +41,7 @@ New &os; Core Team elected

      The &os; Project is pleased to announce the completion of - the 2012 Core Team election. The &os; Core Team acts as + the 2014 Core Team election. The &os; Core Team acts as the project's "board of directors" and is responsible for approving new src committers, resolving disputes between developers, appointing sub-committees for specific From owner-svn-doc-all@FreeBSD.ORG Wed Jul 9 13:37:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DA55D96D; Wed, 9 Jul 2014 13:37:09 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BCB1D2E25; Wed, 9 Jul 2014 13:37:09 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s69Db9WB002412; Wed, 9 Jul 2014 13:37:09 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s69Db8wh002406; Wed, 9 Jul 2014 13:37:08 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201407091337.s69Db8wh002406@svn.freebsd.org> From: Gabor Pali Date: Wed, 9 Jul 2014 13:37:08 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45239 - in head: en_US.ISO8859-1/books/dev-model en_US.ISO8859-1/htdocs share/pgpkeys share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2014 13:37:10 -0000 Author: pgj Date: Wed Jul 9 13:37:08 2014 New Revision: 45239 URL: http://svnweb.freebsd.org/changeset/doc/45239 Log: - Introduce Matthew Seaman (matthew) as the new core-secretary Modified: head/en_US.ISO8859-1/books/dev-model/book.xml head/en_US.ISO8859-1/htdocs/administration.xml head/share/pgpkeys/core-secretary.key head/share/xml/news.xml Modified: head/en_US.ISO8859-1/books/dev-model/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/dev-model/book.xml Wed Jul 9 11:54:42 2014 (r45238) +++ head/en_US.ISO8859-1/books/dev-model/book.xml Wed Jul 9 13:37:08 2014 (r45239) @@ -1099,7 +1099,7 @@ unresolved. - Hat currently held by: &a.pgj.email;. + Hat currently held by: &a.matthew.email;. Modified: head/en_US.ISO8859-1/htdocs/administration.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/administration.xml Wed Jul 9 11:54:42 2014 (r45238) +++ head/en_US.ISO8859-1/htdocs/administration.xml Wed Jul 9 13:37:08 2014 (r45239) @@ -272,17 +272,17 @@

      Core Team Secretary <core-secretary@FreeBSD.org>

      -

      The FreeBSD Core Team Secretary is a non-voting member of the Core Team, +

      The &os; Core Team Secretary is a non-voting member of the Core Team, responsible for documenting the work done by core, keeping track of the core agenda, direct contact with non-core members sending mail to core and to be an the interface to the admin team for committer/account approval. The Core Team Secretary is also responsible - for writing and sending out monthly status reports to the FreeBSD + for writing and sending out monthly status reports to the &os; Developer community, containing a summary of core's latest decisions and actions.

        -
      • &a.pgj.email;
        • +
      • &a.matthew.email;

      Port Management Team Secretary Modified: head/share/pgpkeys/core-secretary.key ============================================================================== --- head/share/pgpkeys/core-secretary.key Wed Jul 9 11:54:42 2014 (r45238) +++ head/share/pgpkeys/core-secretary.key Wed Jul 9 13:37:08 2014 (r45239) @@ -1,47 +1,93 @@ -sub 2048R/BBAD1C98 2012-07-23 +pub 4096R/36A7C05FE1ECF9BB 2014-07-09 [expires: 2015-07-09] + Key fingerprint = C07B F5E3 10AE 64BF 6120 B0F6 36A7 C05F E1EC F9BB +uid FreeBSD Core Team Secretary +sub 4096R/7B5150C8D7CE5D02 2014-07-09 [expires: 2015-07-09] + ]]> Modified: head/share/xml/news.xml ============================================================================== --- head/share/xml/news.xml Wed Jul 9 11:54:42 2014 (r45238) +++ head/share/xml/news.xml Wed Jul 9 13:37:08 2014 (r45239) @@ -38,6 +38,18 @@ 9 + New Core Team Secretary: + <a href="mailto:matthew@FreeBSD.org">Matthew + Seaman</a> + +

      The &os; Core Team is glad to announce that + Matthew + Seaman has assumed the role of + Core Team + Secretary.

      +       + + New &os; Core Team elected

      The &os; Project is pleased to announce the completion of From owner-svn-doc-all@FreeBSD.ORG Wed Jul 9 14:09:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 41894E9F; Wed, 9 Jul 2014 14:09:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 22DAA21B1; Wed, 9 Jul 2014 14:09:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s69E9A7N016685; Wed, 9 Jul 2014 14:09:10 GMT (envelope-from matthew@svn.freebsd.org) Received: (from matthew@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s69E99vd016684; Wed, 9 Jul 2014 14:09:09 GMT (envelope-from matthew@svn.freebsd.org) Message-Id: <201407091409.s69E99vd016684@svn.freebsd.org> From: Matthew Seaman Date: Wed, 9 Jul 2014 14:09:09 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45240 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2014 14:09:10 -0000 Author: matthew (ports committer) Date: Wed Jul 9 14:09:09 2014 New Revision: 45240 URL: http://svnweb.freebsd.org/changeset/doc/45240 Log: Update the new core-secretary key to a version with signatures by the Security Officer. Modified: head/share/pgpkeys/core-secretary.key Modified: head/share/pgpkeys/core-secretary.key ============================================================================== --- head/share/pgpkeys/core-secretary.key Wed Jul 9 13:37:08 2014 (r45239) +++ head/share/pgpkeys/core-secretary.key Wed Jul 9 14:09:09 2014 (r45240) @@ -64,30 +64,52 @@ AyQJyv8KUG8VVzK7m6Kt/Okq7LBc8RuvLQpUHSv1 QIIc7XRElM57e+t8kbsoRpOlaKa3Okl3KisXdksWB4Fu6XdVArY/jIIQGs6dCpYa jhRZcjkjHUAPvY/OqD2mBSwj0YwP0RoMVvFHMP1cgB3gjaB37A+DJeiKEXTWzGe1 fKC1TxCcOUZsrcqXnUyy23lKV9CXC7za3eB23dPIfWzJnD9BsVgYsemRVJx8r3Sv -QIL5zjKVDRAuV3M/HbCtSOgO68MExC0TFEl/8LPIMW8oVCY4+iqluQINBFO9HvEB -EACynbl7EgcRIGWP7O6h1O6mrYXNZ2JpJBgYosqizdDHyru2nQSrNfgiwAM1feB2 -NLJC0coQzRO1sDK2JP770+eK3ZhbWSP5BWN2toSFVEGlVpGWLBGoefaeZnZA22ID -zpOIjIi7iC92JBsTXESsBoV8iG1rylQ15pcE03IQEuuDu9r7H8RJ3vTfX1c+a+B8 -MUHn56kn3QkdG2blV0/3gjFqqavZeOxZpAmyn9n9Vc3yCCPkagtNQwleNyZOSOLj -jVpBjncE6dATdLOj85phfOU6eO/0bMXAgTr7mY41EIqYqdPQYrY93ySGgBvBkyNa -H5AlDNZZwJ4ddtDMFoP8nUhBoRrf5ApYyHcEmSXahLfW3a2qrPm/w5VLEGLt53/6 -GZvEetpP+TtBLAxX6XaC2SXAOrzfSZENdYt/Ew6F/dTCZ622m0eW65iVwSi1sNZD -2hNFPs/12a2tem7DAWqD2bi8BltKRbO+8T7BARwIl5hXGq5+YnO+DgTIf4SYkSt8 -aiPYwDAF3YSkzpiUmZoBSRt6Sb9sZ3zIxpfnrtLFmSeujzinyCVNzFdn+HKxZvI9 -Mc3Tv/LqPruVuWHt1Aj+eygH5bRZw4PTsMNX1FxM/K8hRY91A6Fyp3GCkb5RzqdE -GuSONBseaZirC0d+EYZ4smy1jydpzwT1O8VjY4wi5BdgwQARAQABiQIlBBgBCgAP -BQJTvR7xAhsMBQkB4TOAAAoJEDanwF/h7Pm7gzUP/Auq4I876RUqAP2DgPNArjuc -7jqvIIsgqBvwS2Vdvxg0pFQmsL13nvlmFHR1dp+yOhiz1WmXIVGa9UoBrVdmDrzq -CifHUVlFct99DLJlM+hNmQnHgTABTsClR4idkekOvyEgAW/gsgddYfqmN8nRKSro -kFZvwoR7HlCcSXEuATbqgHjJC8IuJuIgDWjshy3yVLIo5v/g/Yuio4bxtRTJm72D -tUIdDH3tDejc37wd945Rzk4hKzet64inF6XfRhqBsRob1m6/wtP62xPcGbb1Glzx -Yg9WllRJ/ZOTktB4BemVjRn4/0KU93YyxFxHOtXsoZpRGDlovQBUhRkdb2JEyHaL -nFVKa7w7JFKW9d+OdGjV93l//6139QEQlcuocV4QciXZOXTZkWsaKQOb6WkrSwkQ -wvNFS2yeUd0x6HD0xebztmSGoXL3uCKyeIxP/8MJjJUkWHh/+DLue4khlHwva7Wy -m0cvYoS3RzfYd26t9OgM7rflE0tOeJovaoaKP6Aant/EkQj2Wb1MssO/Ia44NyMT -rLARAPlAEGW/HI5JL9DZDnmUtByf29yqaHDuJCZS3nvR3T/4q+pblTVdxQgwopUW -jiKkg72yCXMhr/6FcOr9Xgqn++GuMZzh/TFdEoFoJn9stUaScYsoMoihym2NFbd1 -l2Pw/ifTQk5/KpQD/Hkw -=piW2 +QIL5zjKVDRAuV3M/HbCtSOgO68MExC0TFEl/8LPIMW8oVCY4+iqliQIcBBABCgAG +BQJTvUdSAAoJEO1n7NZdz2rnXxsP/R8WHku1nxjELqdM9M72JLD8UBlaAIwLStDy +hnTvLa0GO6eN0r2eJ1+tG8mKB+PZKOvNt8eZcSO/kjUvTIBILt7fAtN1BhsWpjQz +n+tuVWs4GVoPQssM4N09AYUzx8ni4byADY6n9l4zof2HsPsjXvuw/bzYXctKTQxg +gD3nswtLGY3q6unYewIChyaG8DStihFLcXIhXbwc6EOqdPN3VWwNInG/602UTO2L +eXoEM+tTaXkE51P5otACVH37AW0Vqqh1GxklYlMYLrKKn/YIBRvLVS5G+95iKs3g +MJhnaeFND2s9dmOTXyKyfTUffr/XTL/PVJSCbdqwiuXZQp8J77MtYyJn1262H8ko +59OlPtqvpBNuywco0/F8BOFvSTw5sS8CmU0EHvyunKaofS3mxCFd2B0DzX89+AoY +ZY7CKU8OYt/VqhsfsL0C+DL4+XschBOUoTg6HrqG4F69+gerkK4Ps2984vOeTXe3 +IqlYN/Bn92m9rGy9PKkpqG5C6w5X58BgvfeWTAkM4X32rZHKOmyYSCdRJQw7MGSR +24OaWKPmgKvMaH8MQaJx9oSaAgF1y1892+ykVI9ntCVwywkmxNg1lfMuVFM4Vh9j ++C7OngnbQbhYtbFG90z9zfoMln39z8KT2yDP4A7Hklw0xmmT6t8KduGD2tfmaW4+ +oz9attTyiQIcBBABCgAGBQJTvUdkAAoJEJLIQ0VtpqZuLNQP/RazXTtk1mixmLfu +nrScgh/1Gtb6XPVDTP5SGb/8HVdY1a+dDBClUIAFbEAUBIcBO4/NVlW9un4IHyri +xdD/ijE/Cr/BMLnSFU5EmHKn8yOc3Bv6eTTRbJ8EYru0Cj5MdSIAoq8JKF8Lbxba +hBFw9ZSIpREPGlxnKI3TEuHJQreSZR07/GPk50suTK2CXxzEsk4VZesSTnwt/1m+ +hrdtyNke3+wy8R0Use+KKgmTzpQ9phc8wq3uhHFzLJ5HbE21VRHgFd5+osZuSDuH +jw5o/zU5o0Bq9DDY3TWXPD9lgqKQ2PgH5DG6od9gjpjJdvXpXpck08HJDu2V+u7M +zW5lsnthDsW39YVLRD4ZwZJQaw+0wBuGDDxV+8x4fYhYJnXD8ZtUHCQ56FlcMyzL +m00WRLNxBSJjRvH12geg5xK3JWZ8V6Ce+XhvIAduDkajuUKQoWvTMzYaviqQhfV1 +zXNNt5rxDNT+jMiwnAtDeCTZPMfGvzOPw9sYBz5RUa4liVPrGiEW/snAhcMB9JDK +jMAsKHvJwIvB9QrRC9sz6JIgEqv+jlsdkslEVU2AALlcJ3QuXlW0j9Z26q0sNGt8 +5FVqhc4DOyXtZhKR5Ru8Lyc3swYRi2ofu9Roycq3L0swcMoGnOikRbj2PuuRdQiU +ozJ7mT6JmNF8ynlx/1+uzniVneEluQINBFO9HvEBEACynbl7EgcRIGWP7O6h1O6m +rYXNZ2JpJBgYosqizdDHyru2nQSrNfgiwAM1feB2NLJC0coQzRO1sDK2JP770+eK +3ZhbWSP5BWN2toSFVEGlVpGWLBGoefaeZnZA22IDzpOIjIi7iC92JBsTXESsBoV8 +iG1rylQ15pcE03IQEuuDu9r7H8RJ3vTfX1c+a+B8MUHn56kn3QkdG2blV0/3gjFq +qavZeOxZpAmyn9n9Vc3yCCPkagtNQwleNyZOSOLjjVpBjncE6dATdLOj85phfOU6 +eO/0bMXAgTr7mY41EIqYqdPQYrY93ySGgBvBkyNaH5AlDNZZwJ4ddtDMFoP8nUhB +oRrf5ApYyHcEmSXahLfW3a2qrPm/w5VLEGLt53/6GZvEetpP+TtBLAxX6XaC2SXA +OrzfSZENdYt/Ew6F/dTCZ622m0eW65iVwSi1sNZD2hNFPs/12a2tem7DAWqD2bi8 +BltKRbO+8T7BARwIl5hXGq5+YnO+DgTIf4SYkSt8aiPYwDAF3YSkzpiUmZoBSRt6 +Sb9sZ3zIxpfnrtLFmSeujzinyCVNzFdn+HKxZvI9Mc3Tv/LqPruVuWHt1Aj+eygH +5bRZw4PTsMNX1FxM/K8hRY91A6Fyp3GCkb5RzqdEGuSONBseaZirC0d+EYZ4smy1 +jydpzwT1O8VjY4wi5BdgwQARAQABiQIlBBgBCgAPBQJTvR7xAhsMBQkB4TOAAAoJ +EDanwF/h7Pm7gzUP/Auq4I876RUqAP2DgPNArjuc7jqvIIsgqBvwS2Vdvxg0pFQm +sL13nvlmFHR1dp+yOhiz1WmXIVGa9UoBrVdmDrzqCifHUVlFct99DLJlM+hNmQnH +gTABTsClR4idkekOvyEgAW/gsgddYfqmN8nRKSrokFZvwoR7HlCcSXEuATbqgHjJ +C8IuJuIgDWjshy3yVLIo5v/g/Yuio4bxtRTJm72DtUIdDH3tDejc37wd945Rzk4h +Kzet64inF6XfRhqBsRob1m6/wtP62xPcGbb1GlzxYg9WllRJ/ZOTktB4BemVjRn4 +/0KU93YyxFxHOtXsoZpRGDlovQBUhRkdb2JEyHaLnFVKa7w7JFKW9d+OdGjV93l/ +/6139QEQlcuocV4QciXZOXTZkWsaKQOb6WkrSwkQwvNFS2yeUd0x6HD0xebztmSG +oXL3uCKyeIxP/8MJjJUkWHh/+DLue4khlHwva7Wym0cvYoS3RzfYd26t9OgM7rfl +E0tOeJovaoaKP6Aant/EkQj2Wb1MssO/Ia44NyMTrLARAPlAEGW/HI5JL9DZDnmU +tByf29yqaHDuJCZS3nvR3T/4q+pblTVdxQgwopUWjiKkg72yCXMhr/6FcOr9Xgqn +++GuMZzh/TFdEoFoJn9stUaScYsoMoihym2NFbd1l2Pw/ifTQk5/KpQD/Hkw +=zQ/h -----END PGP PUBLIC KEY BLOCK----- ]]> From owner-svn-doc-all@FreeBSD.ORG Wed Jul 9 15:26:12 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0AC19BEC; Wed, 9 Jul 2014 15:26:12 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EC5D22A67; Wed, 9 Jul 2014 15:26:11 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s69FQBtW056703; Wed, 9 Jul 2014 15:26:11 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s69FQBaZ056702; Wed, 9 Jul 2014 15:26:11 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201407091526.s69FQBaZ056702@svn.freebsd.org> From: Gavin Atkinson Date: Wed, 9 Jul 2014 15:26:11 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45241 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2014 15:26:12 -0000 Author: gavin Date: Wed Jul 9 15:26:11 2014 New Revision: 45241 URL: http://svnweb.freebsd.org/changeset/doc/45241 Log: Use permanent URL to mailing list archive in news item. Modified: head/share/xml/news.xml Modified: head/share/xml/news.xml ============================================================================== --- head/share/xml/news.xml Wed Jul 9 14:09:09 2014 (r45240) +++ head/share/xml/news.xml Wed Jul 9 15:26:11 2014 (r45241) @@ -66,7 +66,7 @@

      More information about the election (together with a list of the new members of the Core Team) can be found in the official announcement.

      + href="http://docs.FreeBSD.org/cgi/mid.cgi?20140709125554.7abb9ee4">announcement.

       From owner-svn-doc-all@FreeBSD.ORG Wed Jul 9 16:17:27 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 900668F1; Wed, 9 Jul 2014 16:17:27 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7CAB72F0E; Wed, 9 Jul 2014 16:17:27 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s69GHROH081765; Wed, 9 Jul 2014 16:17:27 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s69GHR9I081764; Wed, 9 Jul 2014 16:17:27 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407091617.s69GHR9I081764@svn.freebsd.org> From: Glen Barber Date: Wed, 9 Jul 2014 16:17:27 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45242 - head/share/pgpkeys X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2014 16:17:27 -0000 Author: gjb Date: Wed Jul 9 16:17:27 2014 New Revision: 45242 URL: http://svnweb.freebsd.org/changeset/doc/45242 Log: Update my PGP key to include new signatures. Sponsored by: The FreeBSD Foundation Modified: head/share/pgpkeys/gjb.key Modified: head/share/pgpkeys/gjb.key ============================================================================== --- head/share/pgpkeys/gjb.key Wed Jul 9 15:26:11 2014 (r45241) +++ head/share/pgpkeys/gjb.key Wed Jul 9 16:17:27 2014 (r45242) @@ -1,6 +1,6 @@ From owner-svn-doc-all@FreeBSD.ORG Wed Jul 9 16:19:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 726889D0; Wed, 9 Jul 2014 16:19:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5F0972F3D; Wed, 9 Jul 2014 16:19:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s69GJgc8082084; Wed, 9 Jul 2014 16:19:42 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s69GJg0x082083; Wed, 9 Jul 2014 16:19:42 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201407091619.s69GJg0x082083@svn.freebsd.org> From: Gavin Atkinson Date: Wed, 9 Jul 2014 16:19:42 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45243 - head/en_US.ISO8859-1/htdocs/ports X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2014 16:19:42 -0000 Author: gavin Date: Wed Jul 9 16:19:41 2014 New Revision: 45243 URL: http://svnweb.freebsd.org/changeset/doc/45243 Log: When generating categories-alpha.xml, always output an

      • even if we don't have a textual description for a particular port category. This is the real fix for the bug alluded to in r43602. It is not clear to me how more people haven't hit this bug. Modified: head/en_US.ISO8859-1/htdocs/ports/portindex Modified: head/en_US.ISO8859-1/htdocs/ports/portindex ============================================================================== --- head/en_US.ISO8859-1/htdocs/ports/portindex Wed Jul 9 16:17:27 2014 (r45242) +++ head/en_US.ISO8859-1/htdocs/ports/portindex Wed Jul 9 16:19:41 2014 (r45243) @@ -355,8 +355,8 @@ EOF "
    • \u$key ($stats{$key})"; if ($category_description{$key}{desc}) { print $moutf " -- " . $category_description{$key}{desc}; - print $moutf "
      • \n"; } + print $moutf "\n"; } print $moutf "
    \n"; } From owner-svn-doc-all@FreeBSD.ORG Wed Jul 9 16:23:59 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 45D8EDE7; Wed, 9 Jul 2014 16:23:59 +0000 (UTC) Received: from mail-oa0-x236.google.com (mail-oa0-x236.google.com [IPv6:2607:f8b0:4003:c02::236]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id DF9E82FF8; Wed, 9 Jul 2014 16:23:58 +0000 (UTC) Received: by mail-oa0-f54.google.com with SMTP id n16so620591oag.13 for ; Wed, 09 Jul 2014 09:23:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=6mYDbKNxt7aGtPzxp7UIyTgmbQiToxUUFq3OtjEELQY=; b=o6Fwtzjh2e6rF8MalngT1OqR/M+1JWz/RELv5pKzvzY3st6ZM/cBxxi9ss66tXNf9l 0iKkPuOdq4gKUfpYmIzkAejJQwwVMZ0+hYGuIgfeS1fiGLerDobvzW0pN/zmiVu02Afw CYnTGBFP1gGDBG4UUg4maNC2OsKi0V4Y5ClqLDwU4jUPF1KXgfzjWJP4kxezuUgQfyUc 4R2RBNX69i5TXBUMhWoNzvWtGxwnwKp70zcqCc+LMo4v5tRjQxx/AYlPFMRj1b5nPA1A oaPVb6Leji1ObZ99fnRpBTt0wn2HnheXhT+pKpC0ZNvnIdGzJivB0+lyZCb66nqaieVF DBvw== MIME-Version: 1.0 X-Received: by 10.182.214.98 with SMTP id nz2mr48255927obc.62.1404923038001; Wed, 09 Jul 2014 09:23:58 -0700 (PDT) Received: by 10.182.142.34 with HTTP; Wed, 9 Jul 2014 09:23:57 -0700 (PDT) In-Reply-To: <201407091619.s69GJg0x082083@svn.freebsd.org> References: <201407091619.s69GJg0x082083@svn.freebsd.org> Date: Wed, 9 Jul 2014 12:23:57 -0400 Message-ID: Subject: Re: svn commit: r45243 - head/en_US.ISO8859-1/htdocs/ports From: Benjamin Kaduk To: Gavin Atkinson Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.18 Cc: svn-doc-head@freebsd.org, svn-doc-all@freebsd.org, doc-committers@freebsd.org X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2014 16:23:59 -0000 On Wed, Jul 9, 2014 at 12:19 PM, Gavin Atkinson wrote: > Author: gavin > Date: Wed Jul 9 16:19:41 2014 > New Revision: 45243 > URL: http://svnweb.freebsd.org/changeset/doc/45243 > > Log: > When generating categories-alpha.xml, always output an even if we > don't have a textual description for a particular port category. > > This is the real fix for the bug alluded to in r43602. It is not clear > to me how more people haven't hit this bug. > Nor to me. Thank you for tracking it down and fixing it! -Ben From owner-svn-doc-all@FreeBSD.ORG Thu Jul 10 10:59:55 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1371B1BD; Thu, 10 Jul 2014 10:59:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DB31D2D0B; Thu, 10 Jul 2014 10:59:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6AAxsn4015179; Thu, 10 Jul 2014 10:59:54 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6AAxsvj015178; Thu, 10 Jul 2014 10:59:54 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201407101059.s6AAxsvj015178@svn.freebsd.org> From: Ryusuke SUZUKI Date: Thu, 10 Jul 2014 10:59:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45244 - head/ja_JP.eucJP/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jul 2014 10:59:55 -0000 Author: ryusuke Date: Thu Jul 10 10:59:54 2014 New Revision: 45244 URL: http://svnweb.freebsd.org/changeset/doc/45244 Log: - Merge the following from the English version: r45213 -> r45241 head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml ============================================================================== --- head/ja_JP.eucJP/share/xml/news.xml Wed Jul 9 16:19:41 2014 (r45243) +++ head/ja_JP.eucJP/share/xml/news.xml Thu Jul 10 10:59:54 2014 (r45244) @@ -23,7 +23,7 @@ would like to work on. *** $FreeBSD$ - Original revision: r45213 + Original revision: r45241 --> @@ -37,6 +37,40 @@ 7 + 9 + + + 新コアチーム Secretary 就任: + <a href="mailto:matthew@FreeBSD.org">Matthew + Seaman</a> + +

    &os; コアチームは、 + Matthew + Seaman が + コアチーム + Secretary に就任したことをお知らせします。

    +     + + + 新しい &os; コアチームが選出されました + +

    &os; プロジェクトは、 + 2014 コアチーム選挙の終了をお知らせします。 + &os; コアチームは、"取締役" にあたるもので、 + 新しい src コミッタの承認、開発者間に対立があった場合の調停、 + 特定の範囲のサブコミッタ (セキュリティオフィサ、 + リリースエンジニア、port マネージャ、ウェブマスタなど) の任命、 + また、必要な際は、管理や方針の決定を行います。 + コアチームは、2000 年から 2 年おきに &os; + の開発者により選ばれています。

    + +

    選挙の詳細 (および新しいコアチームのメンバの一覧) については、公式 アナウンス + をご覧ください。

    +     +     + + 6 From owner-svn-doc-all@FreeBSD.ORG Thu Jul 10 18:08:04 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 159596E1; Thu, 10 Jul 2014 18:08:04 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0232B2485; Thu, 10 Jul 2014 18:08:04 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6AI83K9028364; Thu, 10 Jul 2014 18:08:03 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6AI838t028363; Thu, 10 Jul 2014 18:08:03 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201407101808.s6AI838t028363@svn.freebsd.org> From: Gabor Pali Date: Thu, 10 Jul 2014 18:08:03 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45245 - head/en_US.ISO8859-1/htdocs X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jul 2014 18:08:04 -0000 Author: pgj Date: Thu Jul 10 18:08:03 2014 New Revision: 45245 URL: http://svnweb.freebsd.org/changeset/doc/45245 Log: - Fix ordering of core members Modified: head/en_US.ISO8859-1/htdocs/administration.xml Modified: head/en_US.ISO8859-1/htdocs/administration.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/administration.xml Thu Jul 10 10:59:54 2014 (r45244) +++ head/en_US.ISO8859-1/htdocs/administration.xml Thu Jul 10 18:08:03 2014 (r45245) @@ -93,8 +93,8 @@
  • &a.gnn.email;
  • &a.hrs.email;
  • &a.glebius.email;
    • -
  • &a.peter.email;
  • &a.rwatson.email;
    • +
  • &a.peter.email;

    • FreeBSD Documentation Engineering Team From owner-svn-doc-all@FreeBSD.ORG Thu Jul 10 22:02:15 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AF99B625; Thu, 10 Jul 2014 22:02:15 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9CD872A63; Thu, 10 Jul 2014 22:02:15 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6AM2FEp041858; Thu, 10 Jul 2014 22:02:15 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6AM2FAp041857; Thu, 10 Jul 2014 22:02:15 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407102202.s6AM2FAp041857@svn.freebsd.org> From: Glen Barber Date: Thu, 10 Jul 2014 22:02:15 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45246 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jul 2014 22:02:15 -0000 Author: gjb Date: Thu Jul 10 22:02:15 2014 New Revision: 45246 URL: http://svnweb.freebsd.org/changeset/doc/45246 Log: Update the 9.3-RELEASE schedule to reflect the builds have begun. Update the description to reflect that it is not when the builds are complete, but have started. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Thu Jul 10 18:08:03 2014 (r45245) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Thu Jul 10 22:02:15 2014 (r45246) @@ -131,8 +131,8 @@ RELEASE builds begin 11 July 2014 - - - &local.rel;-RELEASE built. + 11 July 2014 + &local.rel;-RELEASE builds begin. From owner-svn-doc-all@FreeBSD.ORG Thu Jul 10 22:45:27 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8E75F4BD; Thu, 10 Jul 2014 22:45:27 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6FBE82E11; Thu, 10 Jul 2014 22:45:27 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6AMjRlS061825; Thu, 10 Jul 2014 22:45:27 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6AMjQZA061821; Thu, 10 Jul 2014 22:45:26 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407102245.s6AMjQZA061821@svn.freebsd.org> From: Glen Barber Date: Thu, 10 Jul 2014 22:45:26 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45247 - head/en_US.ISO8859-1/htdocs/releases/10.1R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jul 2014 22:45:27 -0000 Author: gjb Date: Thu Jul 10 22:45:26 2014 New Revision: 45247 URL: http://svnweb.freebsd.org/changeset/doc/45247 Log: Add the 10.1-RELEASE schedule. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Added: head/en_US.ISO8859-1/htdocs/releases/10.1R/ head/en_US.ISO8859-1/htdocs/releases/10.1R/Makefile (contents, props changed) head/en_US.ISO8859-1/htdocs/releases/10.1R/docbook.css (contents, props changed) head/en_US.ISO8859-1/htdocs/releases/10.1R/schedule.xml (contents, props changed) head/en_US.ISO8859-1/htdocs/releases/10.1R/todo.xml (contents, props changed) Added: head/en_US.ISO8859-1/htdocs/releases/10.1R/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/en_US.ISO8859-1/htdocs/releases/10.1R/Makefile Thu Jul 10 22:45:26 2014 (r45247) @@ -0,0 +1,15 @@ +# $FreeBSD$ + +.if exists(../Makefile.conf) +.include "../Makefile.conf" +.endif +.if exists(../Makefile.inc) +.include "../Makefile.inc" +.endif + +DOCS= schedule.xml \ + todo.xml + +DATA= docbook.css + +.include "${DOC_PREFIX}/share/mk/web.site.mk" Added: head/en_US.ISO8859-1/htdocs/releases/10.1R/docbook.css ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/en_US.ISO8859-1/htdocs/releases/10.1R/docbook.css Thu Jul 10 22:45:26 2014 (r45247) @@ -0,0 +1,213 @@ +/* + * Copyright (c) 2001, 2003, 2010 The FreeBSD Documentation Project + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +BODY ADDRESS { + line-height: 1.3; + margin: .6em 0; +} + +BODY BLOCKQUOTE { + margin-top: .75em; + line-height: 1.5; + margin-bottom: .75em; +} + +HTML BODY { + margin: 1em 8% 1em 10%; + line-height: 1.2; +} + +.LEGALNOTICE { + font-size: small; + font-variant: small-caps; +} + +BODY DIV { + margin: 0; +} + +DL { + margin: .8em 0; + line-height: 1.2; +} + +BODY FORM { + margin: .6em 0; +} + +H1, H2, H3, H4, H5, H6, +DIV.EXAMPLE P B, +.QUESTION, +DIV.TABLE P B, +DIV.PROCEDURE P B { + color: #990000; +} + +BODY H1, BODY H2, BODY H3, BODY H4, BODY H5, BODY H6 { + line-height: 1.3; + margin-left: 0; +} + +BODY H1, BODY H2 { + margin: .8em 0 0 -4%; +} + +BODY H3, BODY H4 { + margin: .8em 0 0 -3%; +} + +BODY H5 { + margin: .8em 0 0 -2%; +} + +BODY H6 { + margin: .8em 0 0 -1%; +} + +BODY HR { + margin: .6em; + border-width: 0 0 1px 0; + border-style: solid; + border-color: #cecece; +} + +BODY IMG.NAVHEADER { + margin: 0 0 0 -4%; +} + +OL { + margin: 0 0 0 5%; + line-height: 1.2; +} + +BODY PRE { + margin: .75em 0; + line-height: 1.0; + font-family: monospace; +} + +BODY TD, BODY TH { + line-height: 1.2; +} + +UL, BODY DIR, BODY MENU { + margin: 0 0 0 5%; + line-height: 1.2; +} + +HTML { + margin: 0; + padding: 0; +} + +BODY P B.APPLICATION { + color: #000000; +} + +.FILENAME { + color: #007a00; +} + +.GUIMENU, .GUIMENUITEM, .GUISUBMENU, +.GUILABEL, .INTERFACE, +.SHORTCUT, .SHORTCUT .KEYCAP { + font-weight: bold; +} + +.GUIBUTTON { + background-color: #CFCFCF; + padding: 2px; +} + +.ACCEL { + background-color: #F0F0F0; + text-decoration: underline; +} + +.SCREEN { + padding: 1ex; +} + +.PROGRAMLISTING { + padding: 1ex; + background-color: #eee; + border: 1px solid #ccc; +} + +@media screen { /* hide from IE3 */ + a[href]:hover { background: #ffa } +} + +BLOCKQUOTE.NOTE { + color: #222; + background: #eee; + border: 1px solid #ccc; + padding: 0.4em 0.4em; + width: 85%; +} + +BLOCKQUOTE.TIP { + color: #004F00; + background: #d8ecd6; + border: 1px solid green; + padding: 0.2em 2em; + width: 85%; +} + +BLOCKQUOTE.IMPORTANT { + font-style:italic; + border: 1px solid #a00; + border-left: 12px solid #c00; + padding: 0.1em 1em; +} + +BLOCKQUOTE.WARNING { + color: #9F1313; + background: #f8e8e8; + border: 1px solid #e59595; + padding: 0.2em 2em; + width: 85%; +} + +.EXAMPLE { + background: #fefde6; + border: 1px solid #f1bb16; + margin: 1em 0; + padding: 0.2em 2em; + width: 90%; +} + +.INFORMALTABLE TABLE.CALSTABLE TR TD { + padding-left: 1em; + padding-right: 1em; +} + +span.contrib { + font-size: small; + font-style: italic; +} Added: head/en_US.ISO8859-1/htdocs/releases/10.1R/schedule.xml ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/en_US.ISO8859-1/htdocs/releases/10.1R/schedule.xml Thu Jul 10 22:45:26 2014 (r45247) @@ -0,0 +1,167 @@ + + + + + + +]> + + + + &title; + + $FreeBSD$ + + + + +

    Introduction

    + +

    This is the release schedule for FreeBSD &local.rel;. For more + information about the release engineering process, please see the Release Engineering section of the + web site.

    + +

    General discussions about the pending release and known issues should be + sent to the public + freebsd-stable mailing list. + MFC + requests should be sent to + re@FreeBSD.org.

    + + &beta.local.where; + +

    Schedule

    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ActionExpectedActualDescription
    Initial release schedule announcement-10 July 2014Release Engineers send announcement email to developers with + a rough schedule.
    Release schedule reminder10 August 2014-Release Engineers send reminder announcement e-mail to + developers with updated schedule.
    Code slush begins22 August 2014-Release Engineers announce that all further commits to the + &local.branch.stable; branch will not require explicit + approval, however new features should be avoided.
    Code freeze begins5 September 2014-Release Engineers announce that all further commits to the + &local.branch.stable; branch will require explicit approval. + Certain blanket approvals will be granted for narrow areas of + development, documentation improvements, etc.
    BETA1 builds begin12 September 2014-First beta test snapshot.
    BETA2 builds begin19 September 2014-Second beta test snapshot.
    BETA3 builds begin26 September 2014-Third beta test snapshot.
    &local.branch.releng; branch3 October 2014-Subversion branch created; future release engineering + proceeds on this branch.
    RC1 builds begin3 October 2014-First release candidate.
    RC2 builds begin10 October 2014-Second release candidate.
    RC3 builds begin17 October 2014-Third release candidate.
    RELEASE builds begin24 October 2014-&local.rel;-RELEASE builds begin.
    RELEASE announcement29 October 2014-&local.rel;-RELEASE press release.
    Turn over to the secteam--&local.branch.releng; branch is handed over to the FreeBSD + Security Officer Team in one or two weeks after the + announcement.
    + +

    Status / TODO

    + &os; Release + Engineering TODO Page + +

    Additional Information

    + + + + + + Added: head/en_US.ISO8859-1/htdocs/releases/10.1R/todo.xml ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/en_US.ISO8859-1/htdocs/releases/10.1R/todo.xml Thu Jul 10 22:45:26 2014 (r45247) @@ -0,0 +1,112 @@ + + + + + +]> + + + + + + &title; + + $FreeBSD$ + + + + +

    Introduction

    + +

    Please do not edit this file unless you are + on the Release Engineering Team, or a member of the Release + Engineering Team gave you explicit permission to do so.

    + +

    This is the release cycle TODO page, outlining + items that are in-progress, issues that must be fixed (release + blockers), issues that need to be fixed but are not blockers, + and issues that should be fixed as an Errata Notice after the + release.

    + +

    Works in Progress

    + + + + + + + + + + + + + +
    Pre-Freeze IssuesDescriptionWorkaround
    n/an/an/a
    +
    + +

    Release Blockers

    + + + + + + + + + + + + + +
    DescriptionWorkaroundTarget Date
    n/an/an/a
    +
    + +

    Release Issues

    + + + + + + + + + + + + + +
    DescriptionWorkaroundTarget Date
    n/an/an/a
    +
    + +

    Post-Release Errata Items

    + + + + + + + + + + + +
    DescriptionWorkaround
    n/an/a
    +
    + +

    Additional Information

    + + + + From owner-svn-doc-all@FreeBSD.ORG Fri Jul 11 10:41:19 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 67336F50; Fri, 11 Jul 2014 10:41:19 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 549F82A55; Fri, 11 Jul 2014 10:41:19 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6BAfIwA097922; Fri, 11 Jul 2014 10:41:18 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6BAfIOK097921; Fri, 11 Jul 2014 10:41:18 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201407111041.s6BAfIOK097921@svn.freebsd.org> From: Ryusuke SUZUKI Date: Fri, 11 Jul 2014 10:41:18 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45248 - head/ja_JP.eucJP/books/handbook/introduction X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jul 2014 10:41:19 -0000 Author: ryusuke Date: Fri Jul 11 10:41:17 2014 New Revision: 45248 URL: http://svnweb.freebsd.org/changeset/doc/45248 Log: - Merge the following from the English version: r43599 -> r45237 head/ja_JP.eucJP/books/handbook/introduction/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/introduction/chapter.xml Modified: head/ja_JP.eucJP/books/handbook/introduction/chapter.xml ============================================================================== --- head/ja_JP.eucJP/books/handbook/introduction/chapter.xml Thu Jul 10 22:45:26 2014 (r45247) +++ head/ja_JP.eucJP/books/handbook/introduction/chapter.xml Fri Jul 11 10:41:17 2014 (r45248) @@ -820,7 +820,7 @@ 責任感あふれる開発者を上記のソースツリー管理者として招くこと、 また仕事上の都合などでコアチームをやめた人たちの後任を見つけることもコアチームの役割です。 現在のコアチームは &os; 開発者 (committer) の中から - 2012 年 7 月に選挙によって選出されました。 + 2014 年 7 月に選挙によって選出されました。 コアチームを選出するための選挙は、2 年ごとに行なわれています。 コアチームのうち何人かは特定の担当分野を持っており、 From owner-svn-doc-all@FreeBSD.ORG Fri Jul 11 13:09:38 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8BDC96C2; Fri, 11 Jul 2014 13:09:38 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 78B072738; Fri, 11 Jul 2014 13:09:38 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6BD9ctH066395; Fri, 11 Jul 2014 13:09:38 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6BD9ccw066394; Fri, 11 Jul 2014 13:09:38 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201407111309.s6BD9ccw066394@svn.freebsd.org> From: Gavin Atkinson Date: Fri, 11 Jul 2014 13:09:38 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45249 - head/en_US.ISO8859-1/htdocs/docproj X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jul 2014 13:09:38 -0000 Author: gavin Date: Fri Jul 11 13:09:38 2014 New Revision: 45249 URL: http://svnweb.freebsd.org/changeset/doc/45249 Log: Make the link to the docproj project list more visible. Previously, it was far too easy to miss the link. Modified: head/en_US.ISO8859-1/htdocs/docproj/docproj.xml Modified: head/en_US.ISO8859-1/htdocs/docproj/docproj.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/docproj/docproj.xml Fri Jul 11 10:41:17 2014 (r45248) +++ head/en_US.ISO8859-1/htdocs/docproj/docproj.xml Fri Jul 11 13:09:38 2014 (r45249) @@ -49,7 +49,7 @@

    There are a number of projects currently in progress as part of the documentation effort. Please take the time to look over - this list and see if there is anything you can help + this list and see if there is anything you can help with.

    From owner-svn-doc-all@FreeBSD.ORG Fri Jul 11 14:44:26 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BDEF8A2E; Fri, 11 Jul 2014 14:44:26 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9DB1320D8; Fri, 11 Jul 2014 14:44:26 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6BEiQmM014566; Fri, 11 Jul 2014 14:44:26 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6BEiQTR014565; Fri, 11 Jul 2014 14:44:26 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407111444.s6BEiQTR014565@svn.freebsd.org> From: Glen Barber Date: Fri, 11 Jul 2014 14:44:26 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45250 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jul 2014 14:44:26 -0000 Author: gjb Date: Fri Jul 11 14:44:26 2014 New Revision: 45250 URL: http://svnweb.freebsd.org/changeset/doc/45250 Log: Add status report submission from mav@. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Fri Jul 11 13:09:38 2014 (r45249) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Fri Jul 11 14:44:26 2014 (r45250) @@ -37,7 +37,7 @@ ?>

    Thanks to all the reporters for the excellent work! This - report contains 1 entry and we hope you enjoy reading it.

    + report contains 2 entries and we hope you enjoy reading it.

    The deadline for submissions covering between July and September 2014 is October 7th, 2014.

    @@ -121,4 +121,51 @@

    + + + RPC/NFS and CTL/iSCSI performance optimizations. + + + + + Alexander + Motin + + mav@FreeBSD.org + + + + +

    The &os; RPC stack, used as base for its NFS server, took + multiple optimizations to improve its performance and SMP + scalability. Algorithmic optimizations allowed to reduce + processing overhead, while improved locking allowed it to + scale up to at least 40 processor cores without significant + lock congestion. Combined with some other kernel + optimizations that allowed to increase peak NFS request + rate by many times, reaching up to 600K requests per second + on modern hardware.

    + +

    The CAM Target Layer (CTL), used as base for new kernel + iSCSI server, also took series of locking optimization, + that allowed to increase its peak request rate from ~200K + to ~600K IOPS with potential of reaching reate of 1M + request per second. That rate is sufficient to completely + saturage 2x10Gbit Ethernet links with 4KB requests. For + comparison, the port of net/istgt (user-level iSCSI + server) on the same hardware with equal configuration + shown only 100K IOPS.

    + +

    There is also ongoing work on improving CTL functionality. + It was already made to support 3 of 4 VMWare VAAI storage + acceleration primitives (net/istgt supports 2), while the + goal is to reach full VAAI support during next months.

    + +

    With all above, and earlier improvements in CAM, GEOM, ZFS + and number of other kernel areas coming soon FreeBSD 10.1 + may become the fastest storage release ever. ;)

    + +

    These projects are sponsored by iXsystems, Inc.

    + +     From owner-svn-doc-all@FreeBSD.ORG Fri Jul 11 14:49:28 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 76506B36; Fri, 11 Jul 2014 14:49:28 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 485172105; Fri, 11 Jul 2014 14:49:28 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6BEnS1E015362; Fri, 11 Jul 2014 14:49:28 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6BEnSPx015361; Fri, 11 Jul 2014 14:49:28 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407111449.s6BEnSPx015361@svn.freebsd.org> From: Glen Barber Date: Fri, 11 Jul 2014 14:49:28 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45251 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jul 2014 14:49:28 -0000 Author: gjb Date: Fri Jul 11 14:49:27 2014 New Revision: 45251 URL: http://svnweb.freebsd.org/changeset/doc/45251 Log: Add status report submission from aturner@ Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Fri Jul 11 14:44:26 2014 (r45250) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Fri Jul 11 14:49:27 2014 (r45251) @@ -37,7 +37,7 @@ ?>

    Thanks to all the reporters for the excellent work! This - report contains 2 entries and we hope you enjoy reading it.

    + report contains 3 entries and we hope you enjoy reading it.

    The deadline for submissions covering between July and September 2014 is October 7th, 2014.

    @@ -168,4 +168,49 @@

    These projects are sponsored by iXsystems, Inc.

    + + + FreeBSD/arm64 + + + + + Andrew + Turner + + andrew@FreeBSD.org + + + + + + + + +

    Arm64 is the name of the in-progress port of &os; to the + ARMv8 CPU when it is in AArch64 mode. Until recently, all ARM + CPU designs were 32-bit only. With the introduction of the + ARMv8 architecture, ARM has added a new 64-bit mode. This new + mode has been named AArch64.

    + +

    Booting &os; on the ARM Foundation Model has made a lot of + progress since the last status report. An initial pmap + implementation has been written. With this &os; is able to + enter the Machine Independent boot code. The required autoconf + functions have been added allowing &os; to start scheduling + tasks. Finally the cpu_switch and copystr functions were + added. With these two &os; will boot to the mountroot + prompt.

    + +

    Work has started on supporting exceptions, including + interrupts. This will start to allow more developers to start + working on device drivers.

    + + + + Finish exception and interrupt handling + Read the Device Tree or ACPI tables from UEFI + Test on real hardware + +     From owner-svn-doc-all@FreeBSD.ORG Fri Jul 11 15:01:08 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BB734CDC; Fri, 11 Jul 2014 15:01:08 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A710C21FA; Fri, 11 Jul 2014 15:01:08 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6BF18h0023116; Fri, 11 Jul 2014 15:01:08 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6BF18Nt023115; Fri, 11 Jul 2014 15:01:08 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407111501.s6BF18Nt023115@svn.freebsd.org> From: Glen Barber Date: Fri, 11 Jul 2014 15:01:08 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45252 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jul 2014 15:01:08 -0000 Author: gjb Date: Fri Jul 11 15:01:08 2014 New Revision: 45252 URL: http://svnweb.freebsd.org/changeset/doc/45252 Log: Fix indentation levels. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Fri Jul 11 14:49:27 2014 (r45251) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Fri Jul 11 15:01:08 2014 (r45252) @@ -123,50 +123,49 @@ - RPC/NFS and CTL/iSCSI performance optimizations. + RPC/NFS and CTL/iSCSI performance optimizations. - - - - Alexander - Motin - - mav@FreeBSD.org - - - - -

    The &os; RPC stack, used as base for its NFS server, took - multiple optimizations to improve its performance and SMP - scalability. Algorithmic optimizations allowed to reduce - processing overhead, while improved locking allowed it to - scale up to at least 40 processor cores without significant - lock congestion. Combined with some other kernel - optimizations that allowed to increase peak NFS request - rate by many times, reaching up to 600K requests per second - on modern hardware.

    - -

    The CAM Target Layer (CTL), used as base for new kernel - iSCSI server, also took series of locking optimization, - that allowed to increase its peak request rate from ~200K - to ~600K IOPS with potential of reaching reate of 1M - request per second. That rate is sufficient to completely - saturage 2x10Gbit Ethernet links with 4KB requests. For - comparison, the port of net/istgt (user-level iSCSI - server) on the same hardware with equal configuration - shown only 100K IOPS.

    - -

    There is also ongoing work on improving CTL functionality. - It was already made to support 3 of 4 VMWare VAAI storage - acceleration primitives (net/istgt supports 2), while the - goal is to reach full VAAI support during next months.

    - -

    With all above, and earlier improvements in CAM, GEOM, ZFS - and number of other kernel areas coming soon FreeBSD 10.1 - may become the fastest storage release ever. ;)

    + + + + Alexander + Motin + + mav@FreeBSD.org + + -

    These projects are sponsored by iXsystems, Inc.

    - + +

    The &os; RPC stack, used as base for its NFS server, took + multiple optimizations to improve its performance and SMP + scalability. Algorithmic optimizations allowed to reduce + processing overhead, while improved locking allowed it to + scale up to at least 40 processor cores without significant + lock congestion. Combined with some other kernel + optimizations that allowed to increase peak NFS request rate + by many times, reaching up to 600K requests per second on + modern hardware.

    + +

    The CAM Target Layer (CTL), used as base for new kernel iSCSI + server, also took series of locking optimization, that allowed + to increase its peak request rate from ~200K to ~600K IOPS + with potential of reaching reate of 1M request per second. + That rate is sufficient to completely saturage 2x10Gbit + Ethernet links with 4KB requests. For comparison, the port of + net/istgt (user-level iSCSI server) on the same hardware with + equal configuration shown only 100K IOPS.

    + +

    There is also ongoing work on improving CTL functionality. + It was already made to support 3 of 4 VMWare VAAI storage + acceleration primitives (net/istgt supports 2), while the goal + is to reach full VAAI support during next months.

    + +

    With all above, and earlier improvements in CAM, GEOM, ZFS + and number of other kernel areas coming soon FreeBSD 10.1 may + become the fastest storage release ever. ;)

    + +

    These projects are sponsored by iXsystems, Inc.

    +     From owner-svn-doc-all@FreeBSD.ORG Fri Jul 11 15:15:24 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F3469245; Fri, 11 Jul 2014 15:15:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DF7D023B7; Fri, 11 Jul 2014 15:15:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6BFFNLj029534; Fri, 11 Jul 2014 15:15:23 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6BFFNCH029533; Fri, 11 Jul 2014 15:15:23 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407111515.s6BFFNCH029533@svn.freebsd.org> From: Glen Barber Date: Fri, 11 Jul 2014 15:15:23 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45253 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jul 2014 15:15:24 -0000 Author: gjb Date: Fri Jul 11 15:15:23 2014 New Revision: 45253 URL: http://svnweb.freebsd.org/changeset/doc/45253 Log: Add a paragraph that the document is currently a draft. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Fri Jul 11 15:01:08 2014 (r45252) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Fri Jul 11 15:15:23 2014 (r45253) @@ -11,6 +11,12 @@
    Introduction +

    + This is a draft of the April-June 2014 status report. + Please check back after it is finalized, and an announcement + email is sent to the FreeBSD-Announce mailing + list.

    +

    This report covers &os;-related projects between April and June 2014. This is the second of four reports planned for 2014.

    From owner-svn-doc-all@FreeBSD.ORG Fri Jul 11 15:16:14 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 63DD72EB; Fri, 11 Jul 2014 15:16:14 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5026A23C2; Fri, 11 Jul 2014 15:16:14 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6BFGEia029777; Fri, 11 Jul 2014 15:16:14 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6BFGEZW029776; Fri, 11 Jul 2014 15:16:14 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407111516.s6BFGEZW029776@svn.freebsd.org> From: Glen Barber Date: Fri, 11 Jul 2014 15:16:14 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45254 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jul 2014 15:16:14 -0000 Author: gjb Date: Fri Jul 11 15:16:13 2014 New Revision: 45254 URL: http://svnweb.freebsd.org/changeset/doc/45254 Log: Connect the April-June 2014 report to the build. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/news/status/Makefile Modified: head/en_US.ISO8859-1/htdocs/news/status/Makefile ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/Makefile Fri Jul 11 15:15:23 2014 (r45253) +++ head/en_US.ISO8859-1/htdocs/news/status/Makefile Fri Jul 11 15:16:13 2014 (r45254) @@ -65,6 +65,7 @@ XMLDOCS+= report-2013-07-2013-09 XMLDOCS+= report-2013-09-devsummit XMLDOCS+= report-2013-10-2013-12 XMLDOCS+= report-2014-01-2014-03 +XMLDOCS+= report-2014-04-2014-06 XSLT.DEFAULT= report.xsl From owner-svn-doc-all@FreeBSD.ORG Sat Jul 12 09:14:49 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9D163EA7; Sat, 12 Jul 2014 09:14:49 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 707972062; Sat, 12 Jul 2014 09:14:49 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6C9En8I071739; Sat, 12 Jul 2014 09:14:49 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6C9Ena6071738; Sat, 12 Jul 2014 09:14:49 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201407120914.s6C9Ena6071738@svn.freebsd.org> From: Gavin Atkinson Date: Sat, 12 Jul 2014 09:14:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45255 - head/en_US.ISO8859-1/htdocs/gnome X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Jul 2014 09:14:49 -0000 Author: gavin Date: Sat Jul 12 09:14:48 2014 New Revision: 45255 URL: http://svnweb.freebsd.org/changeset/doc/45255 Log: The GNOME screenshots are all from version 2.24, don't claim they are version 2.32. Approved by: kwm (gnome@) Modified: head/en_US.ISO8859-1/htdocs/gnome/screenshots.xml Modified: head/en_US.ISO8859-1/htdocs/gnome/screenshots.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/gnome/screenshots.xml Fri Jul 11 15:16:13 2014 (r45254) +++ head/en_US.ISO8859-1/htdocs/gnome/screenshots.xml Sat Jul 12 09:14:48 2014 (r45255) @@ -18,25 +18,25 @@ -

    GNOME &gnomever; Screenshots

    +

    GNOME 2.24 Screenshots

    -

    A GNOME &gnomever; Desktop showing off the Gimp, the +

    A GNOME 2.24 Desktop showing off the Gimp, the System Monitor applet, and the multi-byte, fully internationalized power of GNOME.
    - GNOME &gnomever; Screen + <a href=GNOME 2.24 Screen Shot 1
    Contributed by Denise H. G. <darcsis |at| gmail.com>

    -

    GNOME &gnomever; within GNOME &gnomever;! This is a - GNOME &gnomever; Desktop running vinagre connected to another - GNOME &gnomever; Desktop running Epiphany. The main desktop +

    GNOME 2.24 within GNOME 2.24! This is a + GNOME 2.24 Desktop running vinagre connected to another + GNOME 2.24 Desktop running Epiphany. The main desktop is also sporting the Anjuta IDE, the new Empathy IM client, and showing off the SMB network browsing capability along with the internationalized clock applet.
    - GNOME &gnomever; Screen + <a href=GNOME 2.24 Screen Shot 2
    Contributed by Joe Marcus Clarke <marcus |at| FreeBSD.org>

    From owner-svn-doc-all@FreeBSD.ORG Sat Jul 12 14:17:52 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 340933FD; Sat, 12 Jul 2014 14:17:52 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1E49C2636; Sat, 12 Jul 2014 14:17:52 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6CEHq80025639; Sat, 12 Jul 2014 14:17:52 GMT (envelope-from pluknet@svn.freebsd.org) Received: (from pluknet@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6CEHpFL025636; Sat, 12 Jul 2014 14:17:51 GMT (envelope-from pluknet@svn.freebsd.org) Message-Id: <201407121417.s6CEHpFL025636@svn.freebsd.org> From: Sergey Kandaurov Date: Sat, 12 Jul 2014 14:17:51 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45257 - in head/ru_RU.KOI8-R: books/handbook/cutting-edge books/handbook/mirrors share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Jul 2014 14:17:52 -0000 Author: pluknet Date: Sat Jul 12 14:17:51 2014 New Revision: 45257 URL: http://svnweb.freebsd.org/changeset/doc/45257 Log: MFen: + books/handbook/mirrors/chapter.xml r28148 --> r45217 Modified: head/ru_RU.KOI8-R/books/handbook/cutting-edge/chapter.xml head/ru_RU.KOI8-R/books/handbook/mirrors/chapter.xml head/ru_RU.KOI8-R/share/xml/mailing-lists.ent Modified: head/ru_RU.KOI8-R/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/ru_RU.KOI8-R/books/handbook/cutting-edge/chapter.xml Sat Jul 12 14:08:49 2014 (r45256) +++ head/ru_RU.KOI8-R/books/handbook/cutting-edge/chapter.xml Sat Jul 12 14:17:51 2014 (r45257) @@ -683,7 +683,7 @@ Fetching 133 new ports or files... done. - 靤 佻溶殄 侑惑卅様 cvsupcvsup + 靤 佻溶殄 侑惑卅様 cvsupcvsup sup-徳別詫 standard-supfile, 墨塹燮 溶嵶 料編 冒堊模播 /usr/share/examples/cvsup. 塹 @@ -694,7 +694,7 @@ Fetching 133 new ports or files... done. cvsup 侑 佻溶殄 侑惑卅様 croncron 佻盲涸脊 啻踊 嘛砥錨 瓶範栂拇 堙睦壅 宋塹輿塢淌嗚. 蠣妖良堙 侑浜賭隣 徳別 - supfile 忸枦 塰藁読杯夘簒編 cvsup-CURRENT麌糧厦良攸檀 侑 佻溶殄 CVSup 通 彖枦馬 亘簒崚良. + supfile 忸枦 塰藁読杯夘簒編 cvsup-CURRENT麌糧厦良攸檀 侑 佻溶殄 CVSup 通 彖枦馬 亘簒崚良. 靤浜賭隣 徳別 standard-supfile 侑田料變挿杜 通 墫姪嵒彖良 嗤澱描蒙力 彭塰 @@ -709,7 +709,7 @@ Fetching 133 new ports or files... done. *default release=cvs tag=. 簗 佻盲淌良 佻漬和力 瀕届厖礎鰭 佻 瓶佻蒙斛彖良 - 堙馬 和卅塢堙嗹 卅敖徒 鰌墨從柘墸 吐 CVS. + 堙馬 和卅塢堙嗹 卅敖徒 鰌墨從柘墸 吐 CVS. @@ -872,7 +872,7 @@ Fetching 133 new ports or files... done. - 靤 佻溶殄 侑惑卅様 cvsupcvsup + 靤 佻溶殄 侑惑卅様 cvsupcvsup sup-徳別詫 stable-supfile 冨 冒堊模覗 /usr/share/examples/cvsup. @@ -883,7 +883,7 @@ Fetching 133 new ports or files... done. cvsup 侑 佻溶殄 侑惑卅様 croncron 佻盲涸脊 啻踊 嘛砥錨 瓶範栂拇 堙睦壅 宋塹輿塢淌嗚. 蠣妖良堙 侑浜賭隣 徳別 - supfile 忸枦 塰藁読杯夘簒編 cvsup-STABLE麌糧厦良攸檀 侑 佻溶殄 CVSup 通 彖枦馬 亘簒崚良. + supfile 忸枦 塰藁読杯夘簒編 cvsup-STABLE麌糧厦良攸檀 侑 佻溶殄 CVSup 通 彖枦馬 亘簒崚良. @@ -925,7 +925,7 @@ Fetching 133 new ports or files... done. 佻痛明淌良 通 塹馬, 湟和 浜都 啻踊 佻嗅田良 彭厶鰭 瓶範栂挌 堙睦塹 明堆馬 侑賄穆 &os;, 攸徂喇溶嘖 塹馬, 淌 忸 瀕堙凖嗾都途. 鑽力徇亙 單叟瓶, 墨塹燮 踊 侑田盟覗斗, - 榑 疥藁浜隣 CVS, CVSup CTM. + 榑 疥藁浜隣 CVS, CVSup CTM. 莽墹 浜電墫 從斃嵶腕墮 和力很冱 塹蒙墨 涸嘖 津凖彖 瓶範栂挌 Modified: head/ru_RU.KOI8-R/books/handbook/mirrors/chapter.xml ============================================================================== --- head/ru_RU.KOI8-R/books/handbook/mirrors/chapter.xml Sat Jul 12 14:08:49 2014 (r45256) +++ head/ru_RU.KOI8-R/books/handbook/mirrors/chapter.xml Sat Jul 12 14:17:51 2014 (r45257) @@ -5,3133 +5,851 @@ $FreeBSD$ $FreeBSDru: frdp/doc/ru_RU.KOI8-R/books/handbook/mirrors/chapter.xml,v 1.39 2006/06/30 12:36:59 marck Exp $ - Original revision: r28148 + Original revision: r45217 --> - 靉盲淌良 FreeBSD - + 靉盲淌良 &os; - 篥良霤侈瀕霤凖從 料 簒嗷防 凉挧: + + 篥良 + 霤侈瀕 + 霤凖從 料 簒嗷防 凉挧: - 蠣珍堙棉 CDROM DVD + 鄙堆燮 <acronym>CD</acronym> + <acronym>DVD</acronym> - - 誅厦堆淮叢 彭厶頻 - - FreeBSD 掴嘖孃料 墨厦堆淮亙 彭厶鰭 (FreeBSD CD 追嗚, - 掴佻摸不徒慘賄 侑惑卅様力 和途佚淌良, 佚涸堽叢 掴釦妖淋礎頻) - 療嗚鰐慄蛭 佻嘖宋殄墨: - - - -
    - CompUSA - WWW: http://www.compusa.com/ -
    -     - - -
    - Frys Electronics - WWW: http://www.frys.com/ -
    -     -     -     - - - 鄙堆燮 CD DVD - - 鄙堆燮 FreeBSD CD DVD 掴嘖孃隣 洋崚嘖彖 藁盟蔑 - 佻嘖宋殄墨: + 鄙堆燮 &os; CD DVD + 掴嘖孃隣 療嗚鰐慄蛭 藁盟蔑 佻嘖宋殄墨: -
    - BSD Mall (佻漬惣津姪良 Daemon News) - PO Box 161 - Nauvoo, IL 62354 - USA - 徒兎藁: +1 866 273-6255 - 譱睦: +1 217 453-9956 - Email: sales@bsdmall.com - WWW: http://www.bsdmall.com/freebsd1.html -
    -     - - -
    - BSD-Systems - Email: info@bsd-systems.co.uk - WWW: http://www.bsd-systems.co.uk -
    -     - - -
    - FreeBSD Mall, Inc. - 3623 Sanford Street - Concord, CA 94520-1405 +
    &os; Mall, Inc. + 2420 Sand Creek Rd C-1 #347 + Brentwood, CA + 94513 - 徒兎藁: +1 925 674-0783 + 徒兎藁: +1 925 240-6652 譱睦: +1 925 674-0821 Email: info@freebsdmall.com - WWW: http://www.freebsdmall.com/ -
    - - - -
    - Ingram Micro - 1600 E. St. Andrew Place - Santa Ana, CA 92705-4926 - - 徒兎藁: 1 (800) 456-8000 - WWW: http://www.ingrammicro.com/ -
    -     - - -
    - Hinner EDV - St. Augustinus-Str. 10 - D-81825 München - 臈厖僧頻 - 徒兎藁: (089) 428 419 - WWW: http://www.hinner.de/linux/freebsd.html + WWW: http://www.freebsdmall.com/
    -
    - Ikarios - 22-24 rue Voltaire - 92000 Nanterre +
    Getlinux + 78 Rue de la Croix Rochopt + Épinay-sous-Sénart + 91860 耙僧檀 - WWW: http://ikarios.com/form/#freebsd + Email: contact@getlinux.fr + WWW: http://www.getlinux.fr/
    -
    - JMC Software - 蚋盟猟頻 - 徒兎藁: 353 1 6291282 - WWW: http://www.thelinuxmall.com -
    -     - - -
    - Linux CD Mall - Private Bag MBE N348 - Auckland 1030 - 醢彖 徒僧追 - 徒兎藁: +64 21 866529 - WWW: http://www.linuxcdmall.co.nz/ -
    -     - - -
    - The Linux Emporium - Hilliard House, Lester Way - Wallingford - OX10 9TA - 徒彬和夘堊良 - 徒兎藁: +44 1491 837010 - 譱睦: +44 1491 837016 - WWW: http://www.linuxemporium.co.uk/products/freebsd/ -
    -     - - -
    - Linux+ DVD Magazine - Lewartowskiego 6 - Warsaw - 00-190 - 靉蒙杼 - 徒兎藁: +48 22 860 18 18 - Email: editors@lpmagazine.org - WWW: http://www.lpmagazine.org/ -
    -     - - -
    - Linux System Labs Australia - 21 Ray Drive - Balwyn North - VIC - 3104 - 疱嘖卅棉 - 徒兎藁: +61 3 9857 5918 - 譱睦: +61 3 9857 8974 - WWW: http://www.lsl.com.au +
    Dr. Hinner EDV + Kochelseestr. 11 + D-81371 München + 臈厖僧頻 + 徒兎藁: (0177) 428 419 0 + Email: infow@hinner.de + WWW: http://www.hinner.de/linux/freebsd.html
    -
    - LinuxCenter.Ru +
    Linux Center 嫐. 臍姪厠叢, 55 鸛遼-霤堙丗孀 190000 鯱嗷頻 徒兎藁: +7-812-3125208 Email: info@linuxcenter.ru - WWW: http://linuxcenter.ru/freebsd + WWW: http://linuxcenter.ru/shop/freebsd
    - - - - - 鯀嗤厦嘖卅良堙棉 - - 縒棉 忸 侑歪宋澱 範塢堙 攸良輿墮嗔 FreeBSD CDROM, - 佻崛盲篇堊 嘛冰不途 卅嗤厦嘖卅良堙姪: - - - -
    - Cylogistics - 809B Cuesta Dr., #2149 - Mountain View, CA 94040 - - 徒兎藁: +1 650 694-4949 - 譱睦: +1 650 694-4953 - Email: sales@cylogistics.com - WWW: http://www.cylogistics.com/ -
    -     - - -
    - Kudzu, LLC - 7375 Washington Ave. S. - Edina, MN 55439 - - 徒兎藁: +1 952 947-0822 - 譱睦: +1 952 947-0876 - Email: sales@kudzuenterprises.com -
    -     - - -
    - LinuxCenter.Ru - 嫐. 臍姪厠叢, 55 - 鸛遼-霤堙丗孀 - 190000 - 鯱嗷頻 - 徒兎藁: +7-812-3125208 - Email: info@linuxcenter.ru - WWW: http://linuxcenter.ru/freebsd -
    -     - - -
    - Navarre Corp - 7400 49th Ave South - New Hope, MN 55428 - - 徒兎藁: +1 763 535-8333 - 譱睦: +1 763 535-0341 - WWW: http://www.navarre.com/ -
    -     -     -     - FTP 啻編 - - 鐺秒描蒙隣 瓶塹淮彬詫 FreeBSD 况妄脊嗔 僧藁浜隣 FTP - 敕卷遡 佻 徨斗 揺簒. 鸛編 - ftp://ftp.FreeBSD.org/pub/FreeBSD/ 浜電 - 範厦枦 佻痛明淌良 佻陳賭嵒彖都 堆蒙柤 墨棉淌嘖從 歪力徠斗杜隣 - 嗜田瀕杜品, 力 通 彖 從斃嵶 佻墟殿嫖墫 料編 - 駄埠訴枦 敕卷遡 (腕和杜力 途棉 忸 凖柯棉 料嘖厦不 - 單耐 冒墨-塹 冨 徂掴 敕卷遡). - - 眩攸 珍領挌 敕卷遡 - FreeBSD 侑田佻湟不徒慘電 佻 嘔宋療良 嗜 嗤瓶墨 敕卷遡 - 鰌墨從柘墸, 佻嗚鰐慄 瀕届厖礎頻 汰敕 嗜舵卅都嗔 冨 DNS, 療 - 冨 嘖壮扶途墨馬 嗤瓶冒 孳模. - - 誨詫 塹馬, FreeBSD 掴嘖孃料 淌凖 僧藁浜隣 FTP 嗜 嗅田媽殄 - 敕卷遡. 縒棉 忸 忸岱遡 佻盲淌良 FreeBSD 淌凖 僧藁浜隣 FTP, - 佻崛盲篇堊 忸妥夘堙 駄埠訴柯 彖 啻編. 賭冒盟 冨 嗤瓶冒 - 鑽力徇挌 敕卷遡 和掵力 嗜津雙壮 佻摸拱 倉班 - FreeBSD (徨 掴嘖孃隣 料 珍領拱 溶妖淋 彭厶鰭 通 冒崢亙 倉班堙穆孀), - 嗚碗腕墮 攸拝孳防 從斃嵶 怠津 堆蒙枦 敕卷遡, 卅嗤鰐崚領惑 - 彖枦 嘖卅療 斌 凖派藁. 鸛編 冒崢亙 嘖卅隣 嗜津雙壮 佻嗅田寮 彭厶廟 通 料病鰐電 - 佻侖妄厠挌 倉班堙穆孀, 力 料 良 溶崚 療 泰墮 佻摸惑 倉班彖 FreeBSD. - 單 啻編 侑田腕堊很兩 掴嘖孃 淌凖 僧藁浜隣 FTP, 療墨塹燮 - 侑田腕堊很兩 掴嘖孃 漬嫻浜 妖塹珍揺. 簗 冒崢惑 啻編 - 侑夫田杜 嗤瓶亘 妖塹掴 掴嘖孃 嗚和冒 佻嗅 浜杜 範嘖. - - &chap.mirrors.ftp.inc; - - - - 疥藁浜隣 CVS - - - 彭津良 - - - CVS - 僧藁浜隣 - - - 疥藁浜隣 CVS (冨彭嘖隣 堊勃 冒, - anoncvs) 榑 從斃嵶腕墮, 侑田腕堊很囘輿 - 孕斌不鼠 CVS, 佻嘖宋妄斗挈 FreeBSD 通 喇糧厦良攸檀 嫩遡杜隣 - CVS 凖佻敝塹夘斗. 靉揺溶 侑淌馬, 藁 佻旌鰐囘 佻蒙斛彖堙妄 - FreeBSD 妥 嗤澱描蒙隣 侑夫斌吐品 ( 侑宋鼠 塹蒙墨 料 湟杜錨) - 忸佻摸冱 CVS 椀賭礎鰭 料 歪力 冨 脇秒描蒙隣 anoncvs 單叟賭 - 侑賄穆 FreeBSD. 簗 瓶佻蒙斛彖良 榑亙 從斃嵶腕塢, 侑腕塹 - 孑堊力徂堙 佚凖妖領媽 CVSROOT 料 嗜墸都嘖徼摂品 - 單叟賭 anoncvs, 忻田不 和歸冨彭嘖隣 仭厦蒙 anoncvs - 墸都 料 侑蒜盟枦良 墨輿猟 cvs login, - 攸堙 瓶佻蒙旁編 &man.cvs.1; 通 掴嘖孃 凖佻敝塹夘 冒 - 和掵力葉 模冒蒙力葉 CVS. - - - 誅輿猟 cvs login 嗜頒僧囘 仭厦棉, - 瓶佻蒙斛彖領拇 通 宋塹夘攸檀 料 單叟賭 CVS 徳別 - 浜杜斗 .cvspass 冒堊模播 - HOME. 縒棉 榑 徳別 療 嗾歸嘖徼都, 忸 溶崚堙 - 佻盲淺墮 嗜和歸良 和 柯陀 侑 佚叟詫 攸侖嗚 cvs - login. 靤腕塹 嗜敖訴堙 侖嘖亙 徳別 - .cvspass 佻侑和嬖堙 倒 卅. - - - 莽墹 溶嵶 嗚惣壮, 湟 單叟瓶 CVSup anoncvs - 忸佻摸兩 嗾殞腕塢 佻範嵒 噸遼檀, 途墮 療嗚鰐慄 毀扶品, - 墨塹燮 溶杯 佻很頻墮 料 忸堆 妖塹珍 喇糧厦良攸檀. - 靉 嘛賄 嗾塢, CVSup 馬卅敖 - 堆姪 榮禿穆夫力 瓶佻蒙旁都 單堙忸 凖嗾厶, 冨 鍔嬌 榑蛭 - 侑惑卅様 藁 堆姪 瀕堙面屠壞遡杜, 力 攸 吐 榮禿穆夫力嘖 - 侑蛭歪不嗔 侈壮不. -佚叟挌, 通 塹馬, 湟和 佻况斌喪 - 從斃嵶腕墮 範墮 湟-塹 佻盲淺墮 榑浜 妖塹掴, - CVSup 佻墟殿嫖墫 孑堊力徂墮 - 料嘖厦不 嗤澱描蒙燐 侑惑卅様, 從-徭碗挌, 榑 - CVSup 佻旌鰐囘 喇糧厦良攸檀 塹蒙墨 - 掴從蒙力 堆蒙柯 涸嘖妬 瓶範栂挌 堙睦塹, 料旛彖斗挌 - 墨面屠檀冤. - - Anoncvs 料侑塢 溶崚 瓶佻蒙斛彖墮嗔 - 通 佻盲淌良 冒 歪力馬 徳別, 堊 徨妬 侑惑卅様 - (料侑浜賭 lsgrep), - 佻溶毆 嗷挂防 料 浜 溶蔦妄 CVS. 誅療淮, - anoncvs 範厦柤 佻槌歪不 塹蒙墨 侑 - 椀賭礎頻 料 湟杜錨 CVS 凖佻敝塹夘, 佻榑詫 途棉 忸 料妖凖彖都途 - 侑鷲旌歪不 模冒蒙燐 卅斷疎塰 歪力 冨 凖佻敝塹夘砺 - 侑賄穆 FreeBSD, 彖 佻掴閉都 塹蒙墨 - CVSup. - - - - - 蚌佻蒙斛彖良 僧藁浜力馬 CVS - - 鄙嘖厦碧 &man.cvs.1; 通 瓶佻蒙斛彖良 僧藁浜力馬 CVS - 凖佻敝塹夘 變挿租 孑堊力徊 佚凖妖領亙 亘簒崚良 - CVSROOT 料 歪瀕 冨 anoncvs - 單叟賭 侑賄穆 FreeBSD. 鄙 溶妖淋 料佗啻良 榑惑 掴釦妖淋 - 掴嘖孃隣 嗅田媽殄 單叟賭: - - - - 疱嘖夘: - :pserver:anoncvs@anoncvs.at.FreeBSD.org:/home/ncvs - (蚌佻蒙旁編 cvs login 忻田不 明堆 - 仭厦蒙 墸都 料 侑蒜盟枦良.) - - - 耙僧檀: - :pserver:anoncvs@anoncvs.fr.FreeBSD.org:/home/ncvs - (pserver (仭厦蒙 anoncvs), ssh (療 仭厦妄)) - - - - 臈厖僧頻: - :pserver:anoncvs@anoncvs.de.FreeBSD.org:/home/ncvs - (蚌佻蒙旁編 cvs login 忻田不 仭厦蒙 - anoncvs 墸都 料 侑蒜盟枦良.) - - - 臈厖僧頻: - :pserver:anoncvs@anoncvs2.de.FreeBSD.org:/home/ncvs - (rsh, pserver, ssh, ssh/2022) - - - - 駮藁頻: - :pserver:anoncvs@anoncvs.jp.FreeBSD.org:/home/ncvs - (蚌佻蒙旁編 cvs login 忻田不 仭厦蒙 - anoncvs 墸都 料 侑蒜盟枦良.) - - - : - freebsdanoncvs@anoncvs.FreeBSD.org:/home/ncvs - (塹蒙墨 ssh - 妥 仭厦妄) - - SSH HostKey: 1024 a1:e7:46:de:fb:56:ef:05:bc:73:aa:91:09:da:f7:f4 root@sanmateo.ecn.purdue.edu -SSH2 HostKey: 1024 52:02:38:1a:2f:a8:71:d3:f5:83:93:8d:aa:00:6f:65 ssh_host_dsa_key.pub - - - - : - anoncvs@anoncvs1.FreeBSD.org:/home/ncvs (塹蒙墨 ssh - 妥 - 仭厦妄) - - SSH HostKey: 1024 8b:c4:6f:9a:7e:65:8a:eb:50:50:29:7c:a1:47:03:bc root@ender.liquidneon.com -SSH2 HostKey: 2048 4d:59:19:7b:ea:9b:76:0b:ca:ee:da:26:e2:3a:83:b8 ssh_host_dsa_key.pub - - - - - 靉嗚鰐慄 CVS 佻旌鰐囘 忸佻摸不 check out - 侑阻塢淌嗚 明堆 彭厶鰭 瓶範栂挌 堙睦塹 FreeBSD, 墨塹燮 - 墨把-棉堆 嗾歸嘖從彖棉 (斌, 療墨塹燮 嗅孺叢, 怠蔦 - 嗾歸嘖從彖墮), 彖 療和範追溶 佻變阻詫不慯 凸素詫 - &man.cvs.1; 通 凖徂敝 () 仭卅妖墟鼠, - 墨塹燮 溶杯 泰墮 瓶佻蒙斛彖隣 榑浜 凸素詫 凖佻敝塹夘 - 侑賄穆 FreeBSD. - - 縒墮 鍔 徂珍 堙馬, 堙派 凖徂敝 堙派 彭墸妬. - 吐 凖徂敝 墸党狙 攸 椀凖津姪領媽 凖徂敝. 虍 變挿杜錨 - 腕堊都嗔 侑砥良 冨 栂 津輪. 吐 彭墸妬 嗜佻嘖宋妄脊嗔 - 佻嗅田療 凖徂敝 椀凖津姪領亙 彭墸 卅斷疎塰, 明堆 - 溶妖淋 徠斗杜. 靉嗚鰐慄 堙派 彭墸妬 療 嗜佻嘖宋姪隣 冒墨-塹 - 椀凖津姪領亙 凖徂敝, 攸徭卅 藁 溶杯 變挿壮 嗜徨斗 療 塹, - 湟 單馬栂. - - 嗜津雙不 堙派 凖徂敝, 墨塹燮 - 溶杯 攸瀕堙凖嗜彖墮 佻蒙斛彖堙姪. 鑰冱 崚, 良 歪瀕 冨 良 - 療 佻槌歪不 通 墨面屠檀 佻參, 佻嗚鰐慄 墨面屠檀 佻參 - 療 卅變蕨岱惣頻 凖徂敝. - - 縒棉 忸 嬲惣掀租堙 堙 彭墸, 塹 和掵力 佻盲涸都 佻嗅田寮 - 彭厶廟 徳別 榑亙 彭墸 卅斷疎塰. 縒棉 忸 範塢堙 佻盲淺墮 - 侑田拂斈媽 彭厶廟, 榑 溶嵶 喞徒壮 侖堙 嬲惣僧頻 珍壅 凸素詫 - . 鐶卅塢堙嗹 嘖卅良壇 嗤卅從淮彬 - &man.cvs.1; 攸 堆姪 佻漬和力 瀕届厖礎錨. - - - - 靤浜賭 - - 莽墹 佚凖 堙, 冒 湟-塹 津盟墮, 凖墨妖猟嫖墫 佻摸腕墮 - 侑淌嘖 嘖卅良稚 嗤卅從淮彬 &man.cvs.1;, 從 療嗚鰐慄 牧壮防 - 侑浜賭 瓶佻蒙斛彖良 Anonymous CVS: - - - 蠣很党杜錨 墨珍 冨 -CURRENT (&man.ls.1;): - - &prompt.user; setenv CVSROOT :pserver:anoncvs@anoncvs.jp.FreeBSD.org:/home/ncvs -&prompt.user; cvs login -At the prompt, enter the password anoncvs. -&prompt.user; cvs co ls - - - - - 蚌佻蒙斛彖良 SSH 通 冨很党杜頻 津凖彖 - <filename>src/</filename>: - &prompt.user; cvs -d freebsdanoncvs@anoncvs.FreeBSD.org:/home/ncvs co src -The authenticity of host 'anoncvs.freebsd.org (128.46.156.46)' can't be established. -DSA key fingerprint is 52:02:38:1a:2f:a8:71:d3:f5:83:93:8d:aa:00:6f:65. -Are you sure you want to continue connecting (yes/no)? yes -Warning: Permanently added 'anoncvs.freebsd.org' (DSA) to the list of known hosts. - - - - 蠣很党杜錨 &man.ls.1; 冨 彭墸 通 6-STABLE: - - &prompt.user; setenv CVSROOT :pserver:anoncvs@anoncvs.jp.FreeBSD.org:/home/ncvs -&prompt.user; cvs login -At the prompt, enter the password anoncvs. -&prompt.user; cvs co -rRELENG_6 ls - - - - - 麩敖僧錨 嗤瓶冒 冨妖療良 &man.ls.1; ( 徂津 unified diff) - - &prompt.user; setenv CVSROOT :pserver:anoncvs@anoncvs.jp.FreeBSD.org:/home/ncvs -&prompt.user; cvs login -At the prompt, enter the password anoncvs. -&prompt.user; cvs rdiff -u -rRELENG_5_3_0_RELEASE -rRELENG_5_4_0_RELEASE ls - - - - - 靉瓶 掴嘖孃隣 浜杜 溶蔦姪: - - &prompt.user; setenv CVSROOT :pserver:anoncvs@anoncvs.jp.FreeBSD.org:/home/ncvs -&prompt.user; cvs login -At the prompt, enter the password anoncvs. -&prompt.user; cvs co modules -&prompt.user; more modules/modules - - - - - - 簟嫻錨 凖嗾厶 - - 冨孺杜鰭 CVS 溶杯 佻溶渫 嗅田媽殄 掴佻摸不徒慘拇 - 凖嗾厶: - - - - 淌体彬 - 佻 CVS Cal Poly. - - - - CVS Home, - 嗜和歸嘖從 卅斷疎塰 佻陳賭嵋 CVS. - - - - CVSweb - 榑 彭 瀕堙卞妬 CVS 侑賄穆 FreeBSD. - - - - - - - 蚌佻蒙斛彖良 CTM - - - CTM - - - CTM 榑 妖塹 喇糧厦良攸檀 嫩遡杜力馬 - 津凖彖 瓶範栂挌 堙睦塹 壇淋卅蒙隣. 鑪 泰 卅斷疎堊 通 - 瓶佻蒙斛彖良 津凖從 瓶範栂挌 堙睦塹 FreeBSD, 範墹 溶崚 - 泰墮 佻姪敕 通 漬嫻蛭 壇姪. 鄙 珍領拱 溶妖淋 嗾歸嘖徼都 淌輪 - 療洋惑 (途棉 藁 從和歸 嗾歸嘖徼都) 掴釦妖淋礎鰭 佻 侑話途嗾 嗜敖僧頻 - 津蒙堊-徳別 (deltas, 卅變秒 妖崢 浜点殄揺嗔 阻壞遡慘挈 - 瓶範栂挈 堙睦堊揺), 佻榑詫 和卅塢堙嗹 嗤瓶亘 卅嗷挂防 - &a.ctm-users.name; 攸 - 掴佻摸不徒慘亙 瀕届厖礎錨, 途棉 攸範塢堙 瓶佻蒙斛彖墮 - CTM 通 漬嫻蛭 壇姪. - - - 挿斗 洋 溶崚 佻料掴舵墮嗔 - <application>CTM</application>? - - CTM 嗜敖喪 通 彖 模冒蒙燐 墨佗 - 瓶範栂挌 堙睦塹 FreeBSD. 黎歸嘖徼都 洋崚嘖從 卅變徂栂腕堙 - 津凖彖 瓶範栂挌 堙睦塹. 組塢堙 棉 忸 佻陳賭嵒彖墮 徨 津凖從 - CVS 斌 塹蒙墨 歪燐 冨 彭墸妬, CTM - 溶崚 侑田腕堊徂墮 彖 徨 療和範追溶. 縒棉 忸 卅斷疎壘彬 - FreeBSD, 力 彖枦 嗜田瀕杜錨 佻 TCP/IP 療冒淌嘖彭領賄 斌 - 墫孕嘖徼都, 斌 崚 忸 侑腕塹 範塢堙, 湟和 冨妖療良 宋塹輿塢淌嗚 - 墅卅很冖瓶 彖, CTM 侑田料變挿杜 - 通 彖. 鼠 佻墟殿嫖墫 佻盲涸墮 掴 墟堵 冨妖療良 津輪 通 - 料病鰐電 阻塢徇挌 彭墸妬. 鑪 怠蔦 墅卅很冱慯 彖 佻 槎屠墟藁力 - 佻湟. 鯀斃賭 和力很杜品 徨吐珍 佻陳賭嵒彖脊嗔 料嘖鰐慄 輿儲揺, - 料嗚鰐慄 榑 從斃嵶. 鑪 和掵力 妖輪枦 5K, 範墹 嗅孺租墫 - (卅 冨 津嗔塢) 掴嘖蒜狙 10-50K 徠斗 徠斗杜 珍崚 - 100K 斌 堆蒙枦. - - 鼠 堊勃 佻墟殿嫖墫 孳料墮 卅斂扶隣 腕和杜力嘖冏 卅堆壅 - 療佻嘔田嘖彭領 瓶範栂挈 堙睦堊揺 卅斷疎塰, 徑途塹 - 馬塹忸 凖棉斛. 塹 涸嘖力嘖 堽腕不嗔 忸堆簒 瓶範栂挌 - 堙睦塹 彭墸 -CURRENT. 鯏墨妖猟嫖墫 侑淌嘖 輿堙夘遡 - 鄙 佚凖栂斗 牧租 卅斷疎塹. - - - - 塹 佻墟殿嫖墫 通 瓶佻蒙斛彖良 - <application>CTM</application>? - - 鼠 佻墟殿媽墫 鍔 彭殄: 侑惑卅様 - CTM 瓶範栂拇 堙睦壅, 墨塹燮 墟殿嫖墫 - 和力徂墮 (掴 阻壞遡慘惑 嗜嘖湾良). - - 靤惑卅様 CTM 泰盟 涸嘖慇 - FreeBSD 徨 徠斗 溶妖淋 忸侖嗚 凖棉攸 2.0, 藁 料範追墫 - 冒堊模播 /usr/src/usr.sbin/ctm, 途棉 - 彖 途墮 墨佗 瓶範栂挌 堙睦塹. - - 篥蒙堊-徳別 - CTM 溶杯 侑蛭歪不 鍔嬪 侖墹揺, - 淌凖 FTP 斌 email. 縒棉 彖 途墮 掴嘖孃 瀕堙厠都 佻 FTP, - 掴嘖孃 CTM 溶崚 泰墮 佻盲淌 淌凖 - 嗅田媽殄 FTP 啻編: - - ftp://ftp.FreeBSD.org/pub/FreeBSD/CTM/ - - 斌 啻編 冨 嗤瓶冒 敕卷遡. - - 訴追堙 佻 FTP 嗜墸都嘖徼摂品 冒堊模 侑湟不 徳別 - README. - - 縒棉 忸 侑田佻淺堊都 佻盲涸墮 津蒙堊-徳別 佻 佻湟: - - 靉槻布不途 料 歪瀕 冨 嗤瓶墨 卅嗤厦嘖卅療良 - CTM. - &a.ctm-cvs-cur.name; 佻陳賭嵒彖都 徨 津凖從 CVS. - &a.ctm-src-cur.name; 佻陳賭嵒彖都 婆宋燐 彭墸 卅斷疎塰. - &a.ctm-src-4.name; 佻陳賭嵒彖都 彭墸 4.X, .. 縒棉 忸 - 療 變租堙, 冒 佻槻瓶壮慯 料 嗤瓶亘, 料嵳不 料 嗷挂釦 忸枦 斌 - 料 嗷挂釦 &a.mailman.lists.link;, 攸堙 料 嗷挂釦 嗜墸都嘖徼摂吐 - 嗤瓶冒. 黌卅良蛋 嗤瓶冒 掴網料 嗜津雙壮 徨 療和範追踊 瀕嘖簒肪鰭 - 佻 佻槻瓶謀. - - 誅把 忸 料淮都 佻盲涸墮 和力很杜頻 - CTM 佻 佻湟, 瓶佻蒙旁編 侑惑卅様 - ctm_rmail 通 卅嗤阻徊 侑浜杜杜頻 和力很杜品. - 溶崚堙 瓶佻蒙斛彖墮 侑惑卅様 ctm_rmail - 療佻嘔田嘖彭領 冨 /etc/aliases, 途棉 - 範塢堙 佻摸腕墮 宋塹輿塢敝厦彖墮 侑話途. 靤湟不 嘖卅良稚 - 嗤卅從淮彬 ctm_rmail 堆姪 佻漬和力 - 瀕届厖礎錨. - - - 療 攸徂喇溶嘖 嗤腕和 佻盲淌良 津蒙堊-徳別 - CTM, 彖 佻墟殿嫖墫 佻槻瓶冒 料 - 嗤瓶亘 卅嗷挂防 &a.ctm-announce.name;. 怠蔦歸 榑 嗤瓶亘 - 嘖僧都 田瀕嘖彭領挈 妖嘖詫, 把 怠蔦 僧藁喇厦彖墮嗔 椀賭礎鰭, - 堽腕處錨嗔 喇嘖斗 CTM. - 鄙嵳不 料 嗷挂釦 忸枦 嗅田嬖堙 瀕嘖簒肪頻 通 佻槻瓶防 - 料 榑 卅嗷挂釦. - - - - - 蚌佻蒙斛彖良 <application>CTM</application> 佚叟拱 - 卅 - - 霤凖 堙, 冒 忸 嗟崚堙 料涸墮 瓶佻蒙斛彖良 津蒙堊-徳別 - CTM, 佻墟殿嫖墫 椀凖津棉墮 - 瓶範栂媽 塹淤 通 佻嗅田媽歸馬 蛭 侑浜杜杜頻. - - 麥挿遡 佻墟殿嫖墫 椀凖津棉墮, 湟 孛 浜電墫. - 訌崢拱 溶崚 料涸墮 侖嘖惑 (empty) 冒堊模覗. - 掴網隣 瓶佻蒙斛彖墮 津蒙堊-徳別 Empty - 通 嗜敖僧頻 佻陳賭嵒彖斗惑 CTM 津凖彖. - 靆僧敏嫖墫 卅嗤厦嘖卅療良 嘖倉塹忸 津蒙堊-徳別 - 料 CD, 力 料 珍領拱 溶妖淋 榑 療 津盟都嗔. - - 靉嗚鰐慄 津凖從 瓶範栂挌 堙睦塹 溶崚 泰墮 和濺溶 津嗔塰 - 妖覗汰編, 侑田佻湟不徒慘 料涸墮 冒防-塹 孛 浜点殄飯 堙睦塹. - 縒棉 彖 途墮 -RELEASE CD, 卅嗤阻嬖堙 瓶範栂拇 堙睦壅 療馬. - 塹 嗄冨不 和濺 佚凖珍彖斗挌 珍領挌. - - 溶崚堙 卅嗤變壮 嘖倉塹忸 津蒙堊-徳別 - 佻 喇要鰐 X, 掴汰很囘溶葉 力妖簒 - (料侑浜賭, src-cur.3210XEmpty.gz). - 鐶變挿杜錨 佚凖 X 嗜墸都嘖徼都 浜点殄羊 - 瓶範栂挈 堙睦堊. Empty 榑 侖嘖亙 冒堊模. - 訌 侑宋斌 徳別 Empty 嗜敖租墫 淌凖 冒崢拇 - 100 津蒙堊-徳別. 軼崢 侑淌, 榑 徳別 堆蒙柯! 鑚 70 掴 - ;) 妖覗汰編 孃阻彖領挌 gzip 珍領挌 榑 - 和掵隣 卅斃賭 通 XEmpty. - - 訌 塹蒙墨 忸 佻盲淺棉 腕力徇亙 津蒙堊-徳別, 佻墟殿媽墫 堊勃 - 徨 津蒙堊-徳別 佻嗅田媽殄揺 力妖卅揺. - - - - 靉徨田療徇賄 瓶佻蒙斛彖良 - <application>CTM</application> - - 簗 侑浜杜杜頻 津蒙堊-徳別, 侑腕塹 忸佻摸不: - - &prompt.root; cd /where/ever/you/want/the/stuff -&prompt.root; ctm -v -v /where/you/store/your/deltas/src-xxx.* - - CTM 卅堆堊都 津蒙堊-徳別鼠, - 孃阻彖領挈 佻溶毆 gzip, 佻榑詫 彖 療 - 墟殿嫖墫 蛭 卅嗤阻忸彖墮. - - 莽墹 彭嗹 侑話途 掴從蒙力 妥斛仭單, - CTM 療 怠津 冨妖倫墮 津凖從 瓶範栂挌 - 堙睦塹. 簗 侑彭卷 津蒙堊-徳別 忸 堊勃 溶崚堙 瓶佻蒙斛彖墮 - 凸素 , CTM - 塹蒙墨 侑彭夘 壇模嘖力嘖 津蒙堊-徳別 堊勃 吐 侑浜杜浜腕墮 - 嗾歸嘖徼摂浜 瓶範栂挈 堙睦堊. - - 塹 徨. 訌崢拱 卅 佻嗅 佻盲淌良 津蒙堊-徳別, 攸侖嗚訴堙 - CTM 通 佻陳賭崛良 瓶範栂挌 堙睦塹 - 阻壞遡慘詫 嗜嘖湾良. - - 酖 嫩遡冓堙 津蒙堊-徳別, 途棉 蛭 嗅嵶 攸拝孳不 倒 卅. - 從斃嵶 攸範塢堙 嗜頒僧不 蛭 料 徨冕品 嗅孺訴. 縒棉 忸 溶崚堙 - 嗜頒僧不 蛭 塹蒙墨 料 追嗚都, 瓶佻蒙旁編 通 嗜敖僧頻 墨佗 - fdwrite. - - - - 麩頒僧杜錨 模冒蒙隣 冨妖療良 - - 訌 卅斷疎壘彬 忸 從斃嵶 攸範塢堙 佻榾嗤賭浜杜塢厦彖墮 - 冨妖良墮 徳別 津凖彭 瓶範栂挌 堙睦塹. - CTM 浜電 惑卅良淌領媽 佻陳賭嵋 - 模冒蒙隣 冨妖療良: 佚凖 侑彭卷亙 料棉淺 徳別 - foo, 嗄挿遡 侑彭厮都嗔 - foo.ctm. 縒棉 藁 侑瓶孕嘖徼都, - CTM 怠津 卅堆堊墮 良 徑途塹 - foo. - - 阻賄 佻彭津良 和途佚淺彖都 侑腕塹 侖墮 佻陳賭嵋 模冒蒙隣 - 冨妖療良: 侑腕塹 嗚椀敏嬖堙 徳別, 墨塹燮 忸 範塢堙 冨妖良墮, - 徳別 嗜墸都嘖徼摂浜 浜杜鼠 嗾篤彬嗜 - .ctm. 溶崚堙 嘛和歪力 冨妖倫墮 墨, - CTM 怠津 佻陳賭嵒彖墮 徳別 - .ctm 阻壞遡慘詫 嗜嘖湾良. - - - - 簟嫻錨 瀕堙凖嗄拇 從斃嵶腕塢 - <application>CTM</application> - - - 鑰凖津姪良 徳別, 墨塹燮 怠蔦 攸墟藁孕 - 和力很杜錨 - - 溶崚堙 椀凖津棉墮 嗤瓶亘 冨妖療良, 墨塹燮 - CTM 徇途都 瓶範栂拇 堙睦壅, - 瓶佻蒙旁 仭卅妖墟 CTM - . - - 塹 佻姪變, 途棉 忸 範塢堙 佻陳賭嵒彖墮 模 冨妖療良, - 忸佻摸不 侑田彖夘堙蒙燐 斌 佻嗅田媽殳 和卅堆塰 冨妖倫斗挌 - 徳別, 斌 途棉 忸 侑腕塹 療洋惑 仭卅力苗遡慘. - - - - 麩敖僧錨 凖敕叟隣 墨佗 佚凖 和力很杜錨 - - 蚓惑珍 彖 溶崚 佻料掴舵墮嗔 喞徒壮 凖敕叟隣 墨佗 徨堵 - 徳別, 墨塹燮 怠蔦 冨妖療隣 - CTM. - - 仭卅妖墟詫 - CTM 忸佻摸不 凖敕叟力 墨佗厦彖良 - 徨堵 冨妖倫斗挌 津蒙堊-徳別詫 CTM - 徳別 backup-file. - - - - 鑁卅良淌良 和力很杜品 通 椀凖津姪領挌 徳別 - - 蚓惑珍 療和範追溶 惑卅良淺墮 料堆 徳別, 和力很囘踊 - CTM, 斌 珍崚 攸珍墮 和力很杜錨 - 療嗚鰐慄蛭 椀凖津姪領挌 徳別. - - 溶崚堙 孃卅很冱 嗤瓶墨 徳別, 墨塹燮揺 怠津 卅堆堊墮 - CTM, 侖堙 嬲惣僧頻 読蒙墟媽殄 - 凖杯妄厠挌 忸卅崚良 仭卅妖墟鼠 - . - - 鄙侑浜賭, 通 冨很党杜頻 嘛砥妬 墨佗 - lib/libc/Makefile 冨 墨面屠檀 嗜頒僧杜隣 - 津蒙堊-徳別 CTM, 忸佻摸不 - 墨輿猟: - - &prompt.root; cd /where/ever/you/want/to/extract/it/ -&prompt.root; ctm -e '^lib/libc/Makefile' ~ctm/src-xxx.* - - 簗 冒崢惑 嬲惣僧力馬 CTM - 津蒙堊-徳別, 仭卅妖墟 - 侑浜杜兩墫 佻厮痛 蛭 攸珍良 墨輿猟力 嘖厦謀. 譱別 - 和卅汰壅彖都嗔 CTM 塹蒙墨 途棉 藁 - 佻妖涸都嗔 冒 佻槌歪處品 佻嗅 和卅堆塰 徨堵 仭卅妖墟 - . - - - - - 篩蒙療弁錨 侈僧 通 <application>CTM</application> - - 軈嗷 侈僧: - - - - 蚌佻蒙斛彖墮 冒墨-塹 冨 徂掴 奏堙淋鋲彬礎鰭 喇嘖斗 - CTM, 佻旌鰐兩殄 和料簒崚良 - 佻陳徒慘挌 珍 CTM. - - - - 簣卅堆堊墮 仭卅妖墟 CTM, - 佻嗚鰐慄 藁 溶杯 忻途塢 攸駄孛津良. - - - - - - 鯀變賄 - - 黎歸嘖徼都 料堆 津蒙堊-徳別 通 墨面屠檀 - ports, 力 瀕堙凖 療葉 佻冒 療 堊 - 忸嗜. - - - - 賭冒盟 CTM - - CTM/FreeBSD 掴嘖孃杜 淌凖 僧藁浜隣 - FTP 良崚侑夫田杜隣 敕卷遡. 縒棉 忸 忸岱遡 佻盲淌良 - CTM 淌凖 僧藁浜隣 FTP, 瓶佻蒙旁編 - 駄埠訴柯 彖 單叟賭. - - 嗅孺租 從變彬力彭良 侑和姪 和卅塢堙嗹 嗤瓶亘 卅嗷挂防 - &a.ctm-users.name;. - - - - California, Bay Area, 脇秒描蒙隣 瓶塹淮彬 - - - - - ftp://ftp.FreeBSD.org/pub/FreeBSD/development/CTM/ - - - - - - - South Africa, 凖敕叟隣 單叟賭 通 嘖倉挌 津蒙堊-徳別 - - - - - ftp://ftp.za.FreeBSD.org/pub/FreeBSD/CTM/ - - - - - - - Taiwan/R.O.C. - - - - - ftp://ctm.tw.FreeBSD.org/pub/FreeBSD/development/CTM/ - - - - ftp://ctm2.tw.FreeBSD.org/pub/FreeBSD/development/CTM/ - - - - ftp://ctm3.tw.FreeBSD.org/pub/FreeBSD/development/CTM/ - - - - - - - 縒棉 忸 療 料枳 駄埠訴枦馬 彖 敕卷遡, 斌 敕卷遡 療佻摸, - 佻侑和嬖堙 從嗤鰐憙彖墮嗔 佻瓶墨, 料侑浜賭 - alltheweb. - - - - 蚌佻蒙斛彖良 CVSup - - - 彭津良 - - CVSup 榑 仭謀 侑惑卅様力馬 - 和途佚淌良 通 卅嗤厦嘖卅療良 和力很杜頻 瓶範栂挌 堙睦塹 - 腕力徇惑 凖佻敝塹夘 CVS 料 嫩遡杜力 單叟賭. 蚌範栂拇 堙睦壅 - FreeBSD 佻陳賭嵒彖脊嗔 凖佻敝塹夘 CVS 料 壇淋卅蒙力 輿柯療 - 卅斷疎塰 訌棉届厠鰭. 佻溶毆 CVSup - 佻蒙斛彖堙棉 FreeBSD 姪破 溶杯 佻陳賭嵒彖墮 嗜帯墸杜隣 瓶範栂拇 - 堙睦壅 阻壞遡慘詫 嗜嘖湾良. - - CVSup 瓶佻蒙旁都 堊 料旛彖斗媽 - 椀卅柯彖摂媽 (pull) 溶津蒙 和力很杜頻. - 鯀堆堊 佻 榑亙 溶津棉, 冒崢拱 北錨淋 攸侑想夫租 和力很杜頻 - 單叟賭, 途棉 墨把 藁 燐嵶. 鹽叟賭 仭嗷夫力 嵒珍都 攸侑腕 - 料 和力很杜錨 嘛鷲 北錨淋. 阻浜 和卅斛, 徨 和力很杜頻 - 瀕秒鰭簒脊嗔 北錨淋鼠. 鹽叟賭 良墨把 療 忸噎盟都 療 攸侑枦領拇 - 和力很杜頻. 靉蒙斛彖堙蒙 通 佻盲淌良 和力很杜品 掴網杜 棉堆 攸侖嘖不 - CVSup 北錨淋 徠孺燐, 棉堆 掴汰徂墮 - 攸珍良 cron 通 料嘖厦碧 佚夘歪扶途防 - 和力很杜品 宋塹輿塢淌嗚詫 凖嵒妖. - - 賭揺 CVSup, 料佗啻領拱 攸婆宋隣揺 - 怠没鼠, 變挿租 彭嗹 仭謀 侑惑卅様力馬 和途佚淌良. 綰 腕力徇拇 - 墨熔藁杜壅 榑 北錨淋 cvsup, 攸侖嗚租踊 料 - 冒崢詫 佻蒙斛彖堙蒙嗚詫 墨熔慇堙凖, 單叟賭 - cvsupd, 卅堆堊摂品 料 冒崢詫 敕卷遡 - FreeBSD. - - 靤 湟杜鰭 掴釦妖淋礎鰭 FreeBSD 嗤瓶墨 卅嗷挂防 忸 溶婆 - 徨墟都不 嬲惣僧頻 料 sup. - Sup 泰 侑田枦嘖彭領彬詫 - CVSup, 忸佻摸冖 佻範嵒 噸遼檀. - CVSup 腕力徇詫 瓶佻蒙旁都嗔 堙 崚 - 嗤腕和詫, 湟 sup, , 徳穆扶途防, 瓶佻蒙旁都 徳別 料嘖厦碧, - 和卅堽 嗜徑途塢踊 徳別鼠 sup. - Sup 堆姪 療 瓶佻蒙旁都嗔 侑賄穆詫 - FreeBSD, 佻嗚鰐慄 CVSup 泰嘖凖 - 堆姪 派堆. - - - - 嘖僧徊 - - 靤腕堙弁品 嗤腕和 孑堊力徊 CVSup - 榑 瓶佻蒙斛彖良 侑屠詫佗棉厦彖領惑 仭謀堊 net/cvsup墨面屠檀 - 仭謀塹 FreeBSD. 縒棉 忸 侑田佻湟都 嗜岱壮 - CVSup 冨 瓶範栂挌 堙睦塹, 溶崚堙 - 瓶佻蒙斛彖墮 徑途塹 榑惑 佻參 net/cvsup. 醢 浜妬堙 忻苗: - 佻參 net/cvsup 攸徂喇 喇嘖斗 - Modula-3, 墨塹厦 佻墟殿嫖墫 嗾歸嘖彭領拱 和濺 徠斗杜 - 侑腕墟僧嘖彖 料 追嗚 通 攸拝孳防 孑堊力徊. - - - 縒棉 忸 嗜舵卅都途 瓶佻蒙斛彖墮 - CVSup 料 墨熔慇堙凖, 把 療 *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Sat Jul 12 14:08:50 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4EA0B352; Sat, 12 Jul 2014 14:08:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 375CA259B; Sat, 12 Jul 2014 14:08:50 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6CE8oSY020964; Sat, 12 Jul 2014 14:08:50 GMT (envelope-from pluknet@svn.freebsd.org) Received: (from pluknet@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6CE8nU6020959; Sat, 12 Jul 2014 14:08:49 GMT (envelope-from pluknet@svn.freebsd.org) Message-Id: <201407121408.s6CE8nU6020959@svn.freebsd.org> From: Sergey Kandaurov Date: Sat, 12 Jul 2014 14:08:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45256 - in head/ru_RU.KOI8-R/books/porters-handbook: . appendices keeping-up makefiles new-port pkg-files plist porting-dads porting-samplem porting-why quick-porting security slow-por... X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Sat, 12 Jul 2014 14:28:59 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Jul 2014 14:08:50 -0000 Author: pluknet Date: Sat Jul 12 14:08:49 2014 New Revision: 45256 URL: http://svnweb.freebsd.org/changeset/doc/45256 Log: Whitespace fixes after PH split. Modified: head/ru_RU.KOI8-R/books/porters-handbook/appendices/chapter.xml head/ru_RU.KOI8-R/books/porters-handbook/keeping-up/chapter.xml head/ru_RU.KOI8-R/books/porters-handbook/makefiles/chapter.xml head/ru_RU.KOI8-R/books/porters-handbook/new-port/chapter.xml head/ru_RU.KOI8-R/books/porters-handbook/pkg-files/chapter.xml head/ru_RU.KOI8-R/books/porters-handbook/plist/chapter.xml head/ru_RU.KOI8-R/books/porters-handbook/porting-dads/chapter.xml head/ru_RU.KOI8-R/books/porters-handbook/porting-samplem/chapter.xml head/ru_RU.KOI8-R/books/porters-handbook/porting-why/chapter.xml head/ru_RU.KOI8-R/books/porters-handbook/quick-porting/chapter.xml head/ru_RU.KOI8-R/books/porters-handbook/security/chapter.xml head/ru_RU.KOI8-R/books/porters-handbook/slow-porting/chapter.xml head/ru_RU.KOI8-R/books/porters-handbook/special/chapter.xml head/ru_RU.KOI8-R/books/porters-handbook/testing/chapter.xml head/ru_RU.KOI8-R/books/porters-handbook/upgrading/chapter.xml head/ru_RU.KOI8-R/books/porters-handbook/uses.xml head/ru_RU.KOI8-R/books/porters-handbook/versions.xml Modified: head/ru_RU.KOI8-R/books/porters-handbook/appendices/chapter.xml ============================================================================== --- head/ru_RU.KOI8-R/books/porters-handbook/appendices/chapter.xml Sat Jul 12 09:14:48 2014 (r45255) +++ head/ru_RU.KOI8-R/books/porters-handbook/appendices/chapter.xml Sat Jul 12 14:08:49 2014 (r45256) @@ -7,67 +7,70 @@ Original revision: r43844 --> - + - 靤斌崚良 + 靤斌崚良 - - 料淌良 <varname>USES</varname> + + 料淌良 <varname>USES</varname> - - 料淌良 <varname>USES</varname> +
    + 料淌良 <varname>USES</varname> - - - - 鄙浜杜彖良 - 痃杯妖淋 - 鑰瓶僧錨 - - - - &values.uses; - - -
    -     + + + + 鄙浜杜彖良 + 痃杯妖淋 + 鑰瓶僧錨 + + + + + &values.uses; + + + +     + + + 料淌良 <literal>__FreeBSD_version</literal> + + 酩崚 通 嗤卅徊 侑夫歪不嗔 佚凖淌輪 變挿杜品 + __FreeBSD_version 徂津, 墨塹燮 椀凖津味 + sys/param.h: - + 料淌良 <literal>__FreeBSD_version</literal> - 酩崚 通 嗤卅徊 侑夫歪不嗔 佚凖淌輪 變挿杜品 - __FreeBSD_version 徂津, 墨塹燮 椀凖津味 - sys/param.h: - -
    - 料淌良 <literal>__FreeBSD_version</literal> - - - - - 料淌良 - 篩堊 - 鯏棉 - - - - - &values.versions; - - -
    - - - 鼠都慥, 湟 2.2-STABLE 瀕惑珍 苗杜塢読檀簒都 單耐 冒 - 2.2.5-STABLE 佻嗅 2.2.5-RELEASE. 阻亙 侑瀕檀 - 瓶佻蒙斛彖毛 馬 妖嗔, 力 踊 凖柯棉 冨妖良墮 吐 料 堆姪 - 歪力變挿燐 喇嘖斗 燐妖卅檀 嘖倉柯/楊祖柯, 料淺料 彭厶鰭 - 2.2. 塹 和瀾嗄囘墫 堙, 湟 仭卅面徒慘叢 卅斷疎塰 療嗚鰐慄蛭 - 彭塰組 津盟都 療侑阻塢淮挈 苗杜塢読冒檀 凖棉斛 侑腕塹 佻 蛭 - 凖遡慘挈 珍堊 忸侖嗚. 縒棉 忸 單舗喪 津盟都 佻參, 彖 療 嘖鷲 - 攸堆塢墮嗔 嘖倉挌 彭厶頻 -CURRENT; 藁 佚凖淺嗅杜 敖途 侑腕塹 - 瀕届厖礎貧領挌 壇妄. - -     -     - + + + + 料淌良 + 篩堊 + 鯏棉 + + + + + &values.versions; + + + + + + 鼠都慥, 湟 2.2-STABLE 瀕惑珍 苗杜塢読檀簒都 單耐 冒 + 2.2.5-STABLE 佻嗅 2.2.5-RELEASE. 阻亙 + 侑瀕檀 瓶佻蒙斛彖毛 馬 妖嗔, 力 踊 凖柯棉 冨妖良墮 吐 + 料 堆姪 歪力變挿燐 喇嘖斗 燐妖卅檀 嘖倉柯/楊祖柯, + 料淺料 彭厶鰭 2.2. 塹 和瀾嗄囘墫 堙, 湟 仭卅面徒慘叢 + 卅斷疎塰 療嗚鰐慄蛭 彭塰組 津盟都 療侑阻塢淮挈 + 苗杜塢読冒檀 凖棉斛 侑腕塹 佻 蛭 凖遡慘挈 珍堊 忸侖嗚. + 縒棉 忸 單舗喪 津盟都 佻參, 彖 療 嘖鷲 攸堆塢墮嗔 嘖倉挌 + 彭厶頻 -CURRENT; 藁 佚凖淺嗅杜 敖途 侑腕塹 + 瀕届厖礎貧領挌 壇妄. + +     + Modified: head/ru_RU.KOI8-R/books/porters-handbook/keeping-up/chapter.xml ============================================================================== --- head/ru_RU.KOI8-R/books/porters-handbook/keeping-up/chapter.xml Sat Jul 12 09:14:48 2014 (r45255) +++ head/ru_RU.KOI8-R/books/porters-handbook/keeping-up/chapter.xml Sat Jul 12 14:08:49 2014 (r45256) @@ -7,149 +7,161 @@ Original revision: r43840 --> - + - 疔壞遡冨礎頻 - - 誅面屠檀 靉參 &os; 佻嘖湾領 冨妖倫都嗔. 津嗹 料範追墫 - 療墨塹卅 瀕届厖礎頻 塹, 冒 佻陳賭嵒彖墮 釘 阻壞遡慘詫 - 嗜嘖湾良. - - - FreshPorts - - 鸛踊 侑腕壅 嗤腕和詫 墫姪嵒彖墮 孛 侑鷲斛枦壷錨 和力很杜頻 - 况妄都嗔 佻槻瓶冒 料 - FreshPorts. 簗 溶良塹夘稜 忸 溶崚堙 忸岱壮 療嗚鰐慄 - 佻參. 軼蔑堙蔑賭鼠 料嘖湾堙蒙力 凖墨妖猟嫖墫 佻槻瓶壮慯 敖途, - 佻塹葉 湟 藁 怠蔦 佻盲涸墮 孥田詫姪良 療 塹蒙墨 嗜帯墸杜隣 - 冨妖療良冏, 力 和 冨妖療良冏, 喞徒僧隣 明泰 漬嫻浜 墨様不堙厦 - &os;. (塹 涸嘖 療和範追溶 通 喇糧厦良攸檀 冨妖療良冤 料 堆姪 - 良數詫 堙販鰐惑扶途墨 孀徇—範墹 堆姪 墨厰屠堽挈 泰模 泰 - 佻盲淌良 侑田孃凖崢杜品 堙, 穆 徇腕不 佻掴体拇 冨妖療良, - 瀕惑珍 榑 榑双 侑椀孑冒都嗔 斌 藁 侑腕塹 療侑阻塢淌. 誨詫 塹馬, - 療墨塹燮 嗅孺叢 冨妖療良 佻 嘛賄 侑敏歪 彭嗹輿 療變挿不徒慘. - 輾 佻盟覗斗, 湟 明堆 卅斷疎壘彬 堊防 喇壞礎頻 怠津 - 簒墨從柘墸彖墮嗔 敖卅忸 嗟搜模). - - 縒棉 忸 範塢堙 瓶佻蒙斛彖墮 FreshPorts, 塹 彖 燐嵶 塹蒙墨 - 孺T料 攸佗嗹. 縒棉 凖派嘖卅檀藁隣 祖凖 彖枦 槎屠墟藁力 佻湟 - 怠津 浜都 徂 @FreeBSD.org, 塹 嗤卅彖 料 - Web-嘖卅良蛋 忸 孥苗不 掴佻摸不徒慘媽 嗷挂釦. 簗 堙 冨 彖, 穆 - 孛 佻盲淺 孺T燐 攸佗嗹 FreshPorts, 力 療 瓶佻蒙斛彖 嗜帯墸杜隣 - 祖凖 槎屠墟藁力 佻湟 @FreeBSD.org, 掴嘖壮淮 - 嗟杜不 祖凖 料 @FreeBSD.org, 佻槻瓶壮慯, - 攸堙 嗟杜不 吐 和卅堽. - - FreshPorts 浜電墫 堊勃 噸遼檀 侑彭卷 侑宋斌慘腕塢, - 墨塹卅 宋塹輿塢淌嗚 侑彭厮都 冒崢賄 冨妖療良, 徇途N力 津凖從 - 佻參 &os;. 縒棉 忸 佻槻布都途 料 榑 孑盲杯, 塹 怠津堙 - 椀彭歔墮嗔 和 徨堵 柯陀組, 和料簒崚領挌 FreshPorts 侑 侑彭卷 - 徇途N隣 彖揺 冨妖療良. - - - - Web-瀕堙卞妬 頒僧斌怖 瓶範栂挌 堙睦塹 - - 譱別 頒僧斌怖 瓶範栂挌 堙睦塹 溶嵶 侑腕輿墟夫壮 侑 佻溶殄 - Web-瀕堙卞妬啻. 蠣妖療良, 墨塹燮 冒啻脊嗔 壇模 徨妬 喇嘖斗 - 佻參, 堙佚曼 掴釦妖淋敏媽墫 徳別 CHANGES. - 蠣妖療良, 冒啻摂錨嗔 堋徒慘挌 佻參, 墟爽狙墫 堙佚曼 - 徳別 UPDATING. - 鐵料墨 歪力變挿隣 墸都 料 明堆 從侑腕 溶嵶 料編, 塹蒙墨 - 侑淺堊 瓶範栂挌 墨 bsd.port.mk - 嘛凉僧隣 良 徳別. - - - - 麸瓶亘 卅嗷挂防 &os;, 佻嘛處N隣 佻參鼠 - - 縒棉 忸 佻陳賭嵒彖都 佻參, 塹 掴網隣 嗅田不 攸 &a.ports;. - 彖嵶挌 冨妖療良冏, 墟爽狙殄飯 料 卅堆堙 佻參, 怠津 嗜和歔墮嗔 - 敖途, 攸堙 藁 佚凖力嗔墫 CHANGES. - - 縒棉 珍領拱 嗤瓶亘 卅嗷挂防 嗅布墨 攸拝孛杜 嗜和歸良冤, - 忸 溶崚堙 墫姪嵒彖墮 &a.ports-announce.name;, 墨塹燮 溶津夘簒都嗔 - 療 况妄都嗔 妖嘖詫 通 追嗚孑喇. - - - - 詭喪堙 佻嘖厦杜頻 佻參 &os; - - 鐵力 冨 料浜杜電 冨彭嘖隣 喇蒙隣 嘖碗藁 &os; 况妄都嗔 塹 - 徳穆, 湟 通 療侑賭掀力馬 佻嘖厦杜頻 誅面屠檀 靉參 通 冒崢惑 - 冨 腕力徇挌 凖棉斛 闢 通 冒崢亙 倉班堙穆孀 孀徇 佻陳賭嵋 - Tier-1 忸津姪 壇儲 北喪堙 輿柯. - - 鑚津蒙隣 佻參 嗜舵卅脊嗔, 途棉 藁 嗤澱描蒙力 療 佻妖淌隣 冒 - IGNORE. 簗 佻參, 佻妖淌領挌 冒 - BROKEN, 佻俎塰 怠蔦 侑歪鰐崚隣 通 塹馬, - 湟和 孥苗都, 途棉 腕力徇叢 侑和姪輿 泰盟 凖枦料. (塹 喞徒僧 - 淌凖 瓶佻蒙斛彖良 佚凖妖領亙 TRYBROKEN 通 - Makefile 佻參.) - - - - - Portscout: 嗚僧賭 追嘖夘怠塢徇挌 徳別 佻參 &os; - - 詭喪堙 佻嘖厦杜頻 忸津姪 通 忸佻摸杜頻 啻溶馬 佻嗅田療馬 - 凖棉攸 冒崢惑 冨 佻參, 追嘖夘怠塢徇拇 徳別 墨塹燮 孛 泰棉 - 喃簒崚隣. 鐵料墨 冨-攸 佻嘖湾領挌 冨妖療良 Internet - 追嘖夘怠塢徇拇 徳別 溶杯 泰嘖厦 瓶淌攸墮. Portscout, 嘔田嘖從 - 嗚僧敏彖良 追嘖夘怠塢徇挌 徳別 &os; 俎堊都嗔 椀厦喇墮 - 冒崢拱 冨 啻編, 掴嘖孃隣 通 喃簒數 冒崢惑 冨 佻參, - 通 椀凖津姪良 塹馬, 掴嘖孃隣 棉 倒 追嘖夘怠塢徇拇 徳別. - Portscout 溶崚 馬塹徂墮 壘T - HTML 卅嗷挂壮 槎屠墟藁隣 佗嗹輿 和 - 浜点殄飯 和力很杜頻 通 佻參 堙, 穆 榑 攸侑想夫租. - 軼蔑堙蔑賭 佚夘歪扶途防 攸侑想夫狙 料棉淺 冨妖療良, 棉堆 - 徠孺燐, 棉堆 瓶佻蒙旁 姪淋 RSS. - - 臾宋料 嘖卅良蛋 Portscout - 塹岱爽租 email 妖蔑堙蔑賭 佻參, 墨棉淌嘖從 佻參, 攸 - 墨塹燮 墸都嘖彭療 妖蔑堙蔑賭, 墨棉淌嘖從 佻參 力忸揺 - 追嘖夘怠塢徇挈 徳別鼠 侑話杜 孑堊凖忝蛭 佻參. 耨遼檀 - 佻瓶冒 忸佻摸囘 佻瓶 妖蔑堙蔑賭 佻 祖凖嗾 槎屠墟藁力 佻湟 - 佻旌鰐囘 忸舵卅墮 妖崢 徨斗 佻參鼠 斌 塹蒙墨 - 孑堊凖忝浜. - - 靤 歸勿謀 佻 祖凖嗾 槎屠墟藁力 佻湟 妖蔑堙蔑賭 - 塹岱爽租墫 嗤瓶亘 徨堵 吐 佻參, 卅敖徒N隣 佻 冒堙馬夘冤, - 徑途堙 堙釦殄 力妖厦 彭厶鰭, 瀕届厖礎錨 料棉淺 力從 - 彭厶鰭, 徠斗杜斗 佻嗅田療馬 和力很杜頻 佻參 徠斗杜斗 吐 - 佻嗅田療 侑彭卷. 耨遼檀 佻瓶冒 料 榑亙 嘖卅良壇 佻旌鰐囘 - 佻蒙斛彖堙明 忸佻摸冱 佻瓶 墨遼凖堽惑 佻參. - - 靉 歸勿釦 料 料旌僧錨 佻參 嗤瓶謀 塹岱爽租墫 瀕届厖礎頻 - 佻參 FreshPorts. - - - - 麌嘖斗 溶良塹夘稜 佻參 &os; - - 簟嫻浜 佻姪變挈 凖嗾厶詫 况妄都嗔 - 麌嘖斗 溶良塹夘稜 - 佻參 &os; (冨彭嘖料 堊勃 冒 portsmon). - 麌嘖斗 侑田嘖宋妄都 嗜堆 汰旁 珍領挌, 和卅汰壅彖摂媽 瀕届厖礎廟 冨 - 療嗚鰐慄蛭 瓶塹淮彬 佻旌鰐兩殳 侑腕輿墟夫壮 蛭 侑 佻溶殄 - Web-瀕堙卞妬啻. 鄙 珍領拱 溶妖淋 攸津篇墸彖隣 汰攸 嗜和歸良 和 - 柯陀組 (PR), 侑塹墨儲 柯堆 北喪堙卅 佻嘖厦杜頻 堋徒慘拇 徳別 - 冨 墨面屠檀 佻參. 怠蔦歸 榑 嗤瓶亘 怠津 掴汰很杜 喇嘖斗 - 侑彭卷 追嘖夘怠塢徇挌 徳別 漬嫻錨 凖嗾厶. - - 簗 料涸盟 忸 溶崚堙 侑腕溶墟都 徨 瀕届厖礎廟 療墨塹厦 佻參 - 侑 佻溶殄 嘔田嘖彖 鐶斛 - 堋徒慘惑 佻參. - - 鄙 溶妖淋 料佗啻良 榑 田瀕嘖彭領拱 掴嘖孃隣 凖嗾厶, 墨塹燮 - 通 浜杜 佻參 嘖宋不 嗜墸都嘖徂 攸佗喇 PR GNATS. - (鑚侑宋不徒 PR 療 徨吐珍 掴汰很兩 料旌僧錨 浜 佻參, 範墹 - 踊 侑田佻淺堊斗, 湟和 藁 榑 津盟棉.) 阻浜 和卅斛, - portsmon 榑 範厦枦 妖嘖 通 料涸盟, 途棉 忸 - 範塢堙 料編 侑瓶盟領拇 PR /斌 柯陀 佻嘖厦杜頻 通 嗾歸嘖徼摂吐 - 佻參; 棉堆 佻瓶冒墮, 泰 棉 孛 侑瓶盟 力忸 佻參, 墨塹燮 忸 - 佻蔦踊彖棉 嗜敖壮 啻揺. - - + 疔壞遡冨礎頻 + 誅面屠檀 靉參 &os; 佻嘖湾領 冨妖倫都嗔. 津嗹 料範追墫 + 療墨塹卅 瀕届厖礎頻 塹, 冒 佻陳賭嵒彖墮 釘 阻壞遡慘詫 + 嗜嘖湾良. + + + FreshPorts + + 鸛踊 侑腕壅 嗤腕和詫 墫姪嵒彖墮 孛 侑鷲斛枦壷錨 + 和力很杜頻 况妄都嗔 佻槻瓶冒 料 FreshPorts. 簗 + 溶良塹夘稜 忸 溶崚堙 忸岱壮 療嗚鰐慄 佻參. 軼蔑堙蔑賭鼠 + 料嘖湾堙蒙力 凖墨妖猟嫖墫 佻槻瓶壮慯 敖途, 佻塹葉 湟 藁 + 怠蔦 佻盲涸墮 孥田詫姪良 療 塹蒙墨 嗜帯墸杜隣 冨妖療良冏, + 力 和 冨妖療良冏, 喞徒僧隣 明泰 漬嫻浜 墨様不堙厦 &os;. + (塹 涸嘖 療和範追溶 通 喇糧厦良攸檀 冨妖療良冤 料 堆姪 + 良數詫 堙販鰐惑扶途墨 孀徇—範墹 堆姪 墨厰屠堽挈 泰模 + 泰 佻盲淌良 侑田孃凖崢杜品 堙, 穆 徇腕不 佻掴体拇 + 冨妖療良, 瀕惑珍 榑 榑双 侑椀孑冒都嗔 斌 藁 侑腕塹 + 療侑阻塢淌. 誨詫 塹馬, 療墨塹燮 嗅孺叢 冨妖療良 佻 + 嘛賄 侑敏歪 彭嗹輿 療變挿不徒慘. 輾 佻盟覗斗, 湟 明堆 + 卅斷疎壘彬 堊防 喇壞礎頻 怠津 簒墨從柘墸彖墮嗔 敖卅忸 + 嗟搜模). + + 縒棉 忸 範塢堙 瓶佻蒙斛彖墮 FreshPorts, 塹 彖 燐嵶 塹蒙墨 + 孺T料 攸佗嗹. 縒棉 凖派嘖卅檀藁隣 祖凖 彖枦 槎屠墟藁力 + 佻湟 怠津 浜都 徂 @FreeBSD.org, 塹 + 嗤卅彖 料 Web-嘖卅良蛋 忸 孥苗不 掴佻摸不徒慘媽 嗷挂釦. 簗 + 堙 冨 彖, 穆 孛 佻盲淺 孺T燐 攸佗嗹 FreshPorts, 力 療 + 瓶佻蒙斛彖 嗜帯墸杜隣 祖凖 槎屠墟藁力 佻湟 + @FreeBSD.org, 掴嘖壮淮 嗟杜不 祖凖 料 + @FreeBSD.org, 佻槻瓶壮慯, 攸堙 嗟杜不 + 吐 和卅堽. + + FreshPorts 浜電墫 堊勃 噸遼檀 侑彭卷 侑宋斌慘腕塢, + 墨塹卅 宋塹輿塢淌嗚 侑彭厮都 冒崢賄 冨妖療良, 徇途N力 + 津凖從 佻參 &os;. 縒棉 忸 佻槻布都途 料 榑 孑盲杯, 塹 + 怠津堙 椀彭歔墮嗔 和 徨堵 柯陀組, 和料簒崚領挌 FreshPorts + 侑 侑彭卷 徇途N隣 彖揺 冨妖療良. + + + + Web-瀕堙卞妬 頒僧斌怖 瓶範栂挌 堙睦塹 + + 譱別 頒僧斌怖 瓶範栂挌 堙睦塹 溶嵶 侑腕輿墟夫壮 侑 + 佻溶殄 Web-瀕堙卞妬啻. 蠣妖療良, 墨塹燮 冒啻脊嗔 壇模 + 徨妬 喇嘖斗 佻參, 堙佚曼 掴釦妖淋敏媽墫 徳別 CHANGES. + 蠣妖療良, 冒啻摂錨嗔 堋徒慘挌 佻參, 墟爽狙墫 堙佚曼 + 徳別 UPDATING. + 鐵料墨 歪力變挿隣 墸都 料 明堆 從侑腕 溶嵶 料編, 塹蒙墨 + 侑淺堊 瓶範栂挌 墨 bsd.port.mk + 嘛凉僧隣 良 徳別. + + + + 麸瓶亘 卅嗷挂防 &os;, 佻嘛處N隣 佻參鼠 + + 縒棉 忸 佻陳賭嵒彖都 佻參, 塹 掴網隣 嗅田不 攸 + &a.ports;. 彖嵶挌 冨妖療良冏, 墟爽狙殄飯 料 卅堆堙 佻參, + 怠津 嗜和歔墮嗔 敖途, 攸堙 藁 佚凖力嗔墫 + CHANGES. + + 縒棉 珍領拱 嗤瓶亘 卅嗷挂防 嗅布墨 攸拝孛杜 嗜和歸良冤, + 忸 溶崚堙 墫姪嵒彖墮 &a.ports-announce.name;, 墨塹燮 + 溶津夘簒都嗔 療 况妄都嗔 妖嘖詫 通 追嗚孑喇. + + + + 詭喪堙 佻嘖厦杜頻 佻參 &os; + + 鐵力 冨 料浜杜電 冨彭嘖隣 喇蒙隣 嘖碗藁 &os; 况妄都嗔 + 塹 徳穆, 湟 通 療侑賭掀力馬 佻嘖厦杜頻 誅面屠檀 靉參 通 + 冒崢惑 冨 腕力徇挌 凖棉斛 闢 通 冒崢亙 倉班堙穆孀 孀徇 + 佻陳賭嵋 Tier-1 忸津姪 壇儲 北喪堙 輿柯. + + 鑚津蒙隣 佻參 嗜舵卅脊嗔, 途棉 藁 嗤澱描蒙力 療 佻妖淌隣 + 冒 IGNORE. 簗 佻參, 佻妖淌領挌 冒 + BROKEN, 佻俎塰 怠蔦 侑歪鰐崚隣 通 塹馬, + 湟和 孥苗都, 途棉 腕力徇叢 侑和姪輿 泰盟 凖枦料. (塹 + 喞徒僧 淌凖 瓶佻蒙斛彖良 佚凖妖領亙 + TRYBROKENMakefile + 佻參.) + + + + Portscout: 嗚僧賭 追嘖夘怠塢徇挌 徳別 佻參 + &os; + + 詭喪堙 佻嘖厦杜頻 忸津姪 通 忸佻摸杜頻 啻溶馬 佻嗅田療馬 + 凖棉攸 冒崢惑 冨 佻參, 追嘖夘怠塢徇拇 徳別 墨塹燮 孛 泰棉 + 喃簒崚隣. 鐵料墨 冨-攸 佻嘖湾領挌 冨妖療良 Internet + 追嘖夘怠塢徇拇 徳別 溶杯 泰嘖厦 瓶淌攸墮. Portscout, + 嘔田嘖從 嗚僧敏彖良 追嘖夘怠塢徇挌 徳別 &os; 俎堊都嗔 + 椀厦喇墮 冒崢拱 冨 啻編, 掴嘖孃隣 通 喃簒數 冒崢惑 冨 + 佻參, 通 椀凖津姪良 塹馬, 掴嘖孃隣 棉 倒 追嘖夘怠塢徇拇 + 徳別. Portscout 溶崚 馬塹徂墮 + 壘T HTML 卅嗷挂壮 槎屠墟藁隣 佗嗹輿 + 和 浜点殄飯 和力很杜頻 通 佻參 堙, 穆 榑 攸侑想夫租. + 軼蔑堙蔑賭 佚夘歪扶途防 攸侑想夫狙 料棉淺 冨妖療良, 棉堆 + 徠孺燐, 棉堆 瓶佻蒙旁 姪淋 RSS. + + 臾宋料 嘖卅良蛋 Portscout + 塹岱爽租 email 妖蔑堙蔑賭 佻參, 墨棉淌嘖從 佻參, 攸 + 墨塹燮 墸都嘖彭療 妖蔑堙蔑賭, 墨棉淌嘖從 佻參 力忸揺 + 追嘖夘怠塢徇挈 徳別鼠 侑話杜 孑堊凖忝蛭 佻參. 耨遼檀 + 佻瓶冒 忸佻摸囘 佻瓶 妖蔑堙蔑賭 佻 祖凖嗾 槎屠墟藁力 佻湟 + 佻旌鰐囘 忸舵卅墮 妖崢 徨斗 佻參鼠 斌 塹蒙墨 + 孑堊凖忝浜. + + 靤 歸勿謀 佻 祖凖嗾 槎屠墟藁力 佻湟 妖蔑堙蔑賭 + 塹岱爽租墫 嗤瓶亘 徨堵 吐 佻參, 卅敖徒N隣 佻 冒堙馬夘冤, + 徑途堙 堙釦殄 力妖厦 彭厶鰭, 瀕届厖礎錨 料棉淺 力從 + 彭厶鰭, 徠斗杜斗 佻嗅田療馬 和力很杜頻 佻參 徠斗杜斗 吐 + 佻嗅田療 侑彭卷. 耨遼檀 佻瓶冒 料 榑亙 嘖卅良壇 佻旌鰐囘 + 佻蒙斛彖堙明 忸佻摸冱 佻瓶 墨遼凖堽惑 佻參. + + 靉 歸勿釦 料 料旌僧錨 佻參 嗤瓶謀 塹岱爽租墫 瀕届厖礎頻 + 佻參 FreshPorts. + + + + 麌嘖斗 溶良塹夘稜 佻參 &os; + + 簟嫻浜 佻姪變挈 凖嗾厶詫 况妄都嗔 麌嘖斗 溶良塹夘稜 + 佻參 &os; (冨彭嘖料 堊勃 冒 + portsmon). 麌嘖斗 侑田嘖宋妄都 嗜堆 汰旁 + 珍領挌, 和卅汰壅彖摂媽 瀕届厖礎廟 冨 療嗚鰐慄蛭 瓶塹淮彬 + 佻旌鰐兩殳 侑腕輿墟夫壮 蛭 侑 佻溶殄 Web-瀕堙卞妬啻. 鄙 + 珍領拱 溶妖淋 攸津篇墸彖隣 汰攸 嗜和歸良 和 柯陀組 (PR), + 侑塹墨儲 柯堆 北喪堙卅 佻嘖厦杜頻 堋徒慘拇 徳別 冨 + 墨面屠檀 佻參. 怠蔦歸 榑 嗤瓶亘 怠津 掴汰很杜 + 喇嘖斗 侑彭卷 追嘖夘怠塢徇挌 徳別 漬嫻錨 凖嗾厶. + + 簗 料涸盟 忸 溶崚堙 侑腕溶墟都 徨 瀕届厖礎廟 療墨塹厦 + 佻參 侑 佻溶殄 嘔田嘖彖 鐶斛 + 堋徒慘惑 佻參. + + 鄙 溶妖淋 料佗啻良 榑 田瀕嘖彭領拱 掴嘖孃隣 凖嗾厶, + 墨塹燮 通 浜杜 佻參 嘖宋不 嗜墸都嘖徂 攸佗喇 PR GNATS. + (鑚侑宋不徒 PR 療 徨吐珍 掴汰很兩 料旌僧錨 浜 佻參, 範墹 + 踊 侑田佻淺堊斗, 湟和 藁 榑 津盟棉.) 阻浜 和卅斛, + portsmon 榑 範厦枦 妖嘖 通 料涸盟, 途棉 + 忸 範塢堙 料編 侑瓶盟領拇 PR /斌 柯陀 佻嘖厦杜頻 通 + 嗾歸嘖徼摂吐 佻參; 棉堆 佻瓶冒墮, 泰 棉 孛 侑瓶盟 力忸 + 佻參, 墨塹燮 忸 佻蔦踊彖棉 嗜敖壮 啻揺. + + Modified: head/ru_RU.KOI8-R/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/ru_RU.KOI8-R/books/porters-handbook/makefiles/chapter.xml Sat Jul 12 09:14:48 2014 (r45255) +++ head/ru_RU.KOI8-R/books/porters-handbook/makefiles/chapter.xml Sat Jul 12 14:08:49 2014 (r45256) @@ -7,3028 +7,3209 @@ Original revision: r43840 --> - + - 鄙嘖厦碧 徳別 Makefile + 鄙嘖厦碧 徳別 Makefile - 鄙嘖厦碧 徳別 Makefile 掴嘖壮淮 侑腕堊, - 踊 嗄彖 侑田佻盟覗斗, 湟 佚凖 堙, 冒 料涸墮, 忸 佻嗟墟不 料 - 嗾歸嘖徼摂錨 侑浜賭. 塹葉 崚 榑詫 簒墨從柘墸 浜電墫 侑浜賭隣 Makefile, 堊 湟 忱婆冦不 - 料 療馬 , 佻崛盲篇堊, 嗅田嬖堙 佻厮痛 佚凖妖領挌 卅敖徒 榑詫 - 和卅效, 湟和 和姪媒不 湟杜錨 彖枦馬 佻參 漬嫻浜 明椿揺. - - 蚶阻, 卅嗤鰐嵒 凖杼斗拇 攸珍淺 佻厮痛 蛭 從變彬力彭良 侑 - 嗜敖僧鰭 彖枦馬 力從馬 徳別 Makefile: - - - 鑷蒜瀕遡慘拇 瓶範栂拱 墨 - - 鄙範追墫 棉 藁 冒堊模播 DISTDIR 徂津 - 嘖僧珍參力馬 孃阻彖領惑 倉班彖塹厦 gzip - tar-倉班彖 浜杜斗 塢仭 - foozolix-1.2.tar.gz? 縒棉 榑 堊, - 溶嵶 佚凖編 嗅田媽歸葉 杼杯. 縒棉 療, 塹 忸 掴網隣 佻俎堊墮嗔 - 佚凖椀凖津棉墮 療墨塹燮 冨 佚凖妖領挌 - DISTVERSION, DISTNAME, - EXTRACT_CMD, - EXTRACT_BEFORE_ARGS, - EXTRACT_AFTER_ARGS, - EXTRACT_SUFXDISTFILES - 攸徂喇溶嘖 塹馬, 料嗚鰐慄 療和掵杜 届厖壮 追嘖夘怠塢徇惑 - 徳別. - - 晩壷斗 嗅孺租 忸 溶崚堙 侑腕塹 椀凖津棉墮 嘛論 嗜帯墸杜燐 壇蒙 - do-extract 通 佚凖椀凖津姪良 津篇墸品 佻 - 嬪鰐涸良, 範墹 榑詫 燐嵶 怠津 侑病吐壮 淌輪 凖痛蛭 嗅孺叢, - 途棉 從和歸 侑苗T嗔. - - - - 虱杜彖良 - - 佚叟亙 涸嘖 Makefile 佻參 斗 珍T嗔 - 料旌僧錨, 嬲惣掀租墫 吐 力妖 彭厶鰭 侑瀕祖姪嵶腕墮 侑宋斌慘亙 - 冒堙馬夘. - - - <varname>PORTNAME</varname> - <varname>PORTVERSION</varname> - - 佚凖妖領亙 PORTNAME 忸 掴網隣 嬲惣壮 - 腕力徇媽 涸嘖 浜杜 彖枦馬 佻參, 佚凖妖領亙 - PORTVERSION - 力妖 彭厶鰭. - - - - <varname>PORTREVISION</varname> - <varname>PORTEPOCH</varname> - - - <varname>PORTREVISION</varname> - - 霤凖妖領叢 PORTREVISION 侑田嘖宋妄都 嗜堆 - 溶力塹領 孥徒扶夫狙歸途 淺嗅, 墨塹厦 和燐妄都嗔 侑 冒崢詫 - 孥徒扶杜鰭 變挿杜頻 佚凖妖領亙 PORTVERSION (塹 - 途墮 冒崢拱 卅, 墨把 嗜敖壮徒冤 忸侖嗚租墫 力忸 脇秒描蒙隣 - 凖棉), 掴汰很囘墫 浜杜 仭謀堊, 途棉 藁 療 卅徇 燐明. - 蠣妖療良 PORTREVISION 瓶佻蒙旁脊嗔 - 宋塹輿塢敝厦彖領挈 瀕嘖簒妖淋鼠 (料侑浜賭, - pkg version, 嗟. &man.pkg-version.8;) - 通 椀凖津姪良 徳穆 佻况姪良 力從馬 仭謀堊. - - 料淌良 PORTREVISION 掴網力 孥徒扶夫壮慯 - 冒崢拱 卅, 墨把 佻參 FreeBSD 津盟脊嗔 冨妖療良, 墨塹燮 - 冒-棉堆 妖倫脊 佻盲涸斗拱 仭謀. 鸚珍 堽腕冱嗔 塹蒙墨 - 冨妖療良, 攸墟素夫狙殄 佻嘖厦杜錨 仭謀堊 仭卅妖墟鼠 佻 - 嬪鰐涸良. - - 靤浜賭 嗅孺租, 墨把 變挿杜錨 PORTREVISION - 掴網力 泰墮 孥徒扶杜: - - - - 簣汰很杜錨 仭壘妬 通 瓶侑宋姪良 孅旌浜腕堙, - 柯堆, 斌 掴汰很杜頻 力從 噸遼檀藁遡慘腕塢 佻參. - - - - 蠣妖療良 徳別 Makefile 佻參 通 - 徊明淌良 忸北折杜頻 仭卅妖墟, 椀凖津妄斗挌 侑 墨熔斌冀鰭 - 仭謀堊. - - - - 蠣妖療良 嗤瓶謀 孃阻徊 斌 佻彭津良 仭謀堊 從 - 徠斗 吐 孑堊力徊 (料侑浜賭, 冨妖療良 嗚夘來, 播療夘簒摂吐 - 料涸蒙隣 珍領拇 通 仭謀堊, 堊防, 冒 ssh-北折 通 - 範嘖). - - - - 彭棉淌良 彭厶鰭 追料揺淌嗚亙 舵駄貧堙防, 墨塹厦 - 攸徂喇 佻參 ( 榑詫 嗅孺租 塹, 穆 佻俎堊都嗔 孑堊力徂墮 - 嘖倉拱 仭謀 佻嗅 孑堊力徊 堆姪 力從 彭厶鰭 舵駄貧堙防, - 療 嗟崚 榑惑 喞徒壮, 佻塹葉 湟 侑 榑詫 怠津 津盟墮嗔 - 佻瓶 嘖倉亙 舵駄貧堙防 libfoo.x, 療 libfoo.(x+1)). - - - - 睿蒙柯 噸遼檀藁遡慘拇 冨妖療良 追嘖夘怠塢徇詫 徳別 - 佻參, 侑鷲喩歪處錨 妥 和瀾很杜品, 侑夫歪處錨 堆蒙柯 - 冨妖療良冤, 塹 途墮 冨妖療良 追嘖夘怠塢彭 墟殿媽 - 墨厰屠塢厦徊 徳別 distinfo 妥 - 嗜墸都嘖徼摂吐 冨妖療良 PORTVERSION, - 墨把 冒 墨輿猟 diff -ru 妖崢 力從 - 嘖倉亙 彭厶頻揺 佻冒旛彖都 療墟夫描蒙隣 冨妖療良 - 墨津. - - - - 靤浜賭 冨妖療良, 墨塹燮 療 墟殿媽 孥徒扶杜頻 佚凖妖領亙 - PORTREVISION: - - - - 蠣妖療良 嘖斌 嗚徒都 佻參 妥 噸遼檀藁遡慘挌 冨妖療良 - 仭謀堙. - - - - 蠣妖療良 佚凖妖領亙 MASTER_SITES 斌 - 漬嫻錨 噸遼檀藁遡慘拇 冨妖療良 佻參, 墨塹燮 療 攸墟素夫狙 - 佻盲涸摂吐腕 仭謀堊. - - - - 夘徂遡慘拇 仭壘 追嘖夘怠塢徇詫 徳別, 堊防, 冒 - 瓶侑宋姪良 椀党壮亘, 墨塹燮 療 堊 孛 彖嵶, 湟 佻蒙斛彖堙棉 - 仭謀堊 掴網隣 攸堆塢墮嗔 和力很杜錨. - - - - 蚌侑宋姪良, 冒啻摂錨嗔 榑双 佻嘖厦杜頻, 墨塹燮 津盟脊 - 從斃嵶挈 佻嘖厦杜錨 仭謀堊, 途棉 卅療 榑 泰模 療從斃嵶 - 喞徒壮 (佻冒 冨妖療良 療 侑夫歪冱 冨妖療良 卅堆壅 料 明泰 - 漬嫻蛭 侈壮届厖組, 料 墨塹燮 佻參 卅療 嘖厦斌嗔). 阻 冒 - PORTREVISION 墟爽租 嗜津雙浜賄 仭謀堊, - 塹, 途棉 卅療 仭謀 療 嘖厦斌嗔, 塹 療 燐崢 孥徒扶夫壮 - PORTREVISION 通 塒都防 冨妖療良. - - - - 靤宋斌, 墨塹厦葉 燐嵶 侑病棉敝堙蒙力 嗅田彖墮, 攸北折租墫 - 塹, 湟 燐嵶 嗤卅柯彖墮 單耐, 况妄都嗔 棉 徇腕浜賄 佻參 - 冨妖療良 堊防, 湟 療馬 忸蒜卅脊 徨 ( 徂津 - 孑彭叨杜嘖從彖良, 瓶侑宋姪良 斌 駄素歪倉 塹葉, 湟 力忸 - 仭謀 怠津 從和歸 卅堆塹嗤腕和隣), 侑浜不 從 徇浜僧錨 塹 - 徳穆, 湟 侑 榑詫 徨, 穆 凖杯妄厠 和力很兩 嘛錬 津凖從 佻參, - 怠蔦 和凉僧 榑 喞徒壮. 縒棉 榑 堊, 塹 佚凖妖領叢 - PORTREVISION 掴網料 泰墮 孥徒扶杜. - - - - <varname>PORTEPOCH</varname> - - 凖用 徠斗杜 卅斷疎壘彬 侑惑卅様力馬 和途佚淌良 斌 - 嗜敖壮徒 佻參 &os; 津盟脊 湟-塹 療 堊 忸侖嗚狙 彭厶廟 - 侑惑卅様, 力妖 墨塹厦 妖輪枦 侑田拂斈妬 彭厶鰭. 靤浜賭詫 榑惑 - 况妄都嗔 佻參, 料旌僧錨 墨塹厦馬 妖倫都嗔 foo-20000801 料 foo-1.0 - (冨料涸蒙力 榑 療 嘲不遡腕 泰 堆姪 力從 彭厶錨, 堊 冒 - 20000801 淺嗅杜力 堆蒙枦, 淌 1). - - - 鯏旁蒙堊 嘔宋療良 力妖卅 彭厶鰭 療 徨吐珍 淌徂津. - 簗 忸佻摸杜頻 嘔宋療良 鍔嬌 嘖厦 力妖厦 彭厶鰭 溶嵶 - 瓶佻蒙斛彖墮 pkg version - (嗟. &man.pkg-version.8;). 鄙侑浜賭: - - &prompt.user; pkg_version -t 0.031 0.29 -> - - 簗 佻蒙斛彖堙姪 pkgng: + 鄙嘖厦碧 徳別 Makefile 掴嘖壮淮 + 侑腕堊, 踊 嗄彖 侑田佻盟覗斗, 湟 佚凖 堙, 冒 料涸墮, 忸 + 佻嗟墟不 料 嗾歸嘖徼摂錨 侑浜賭. 塹葉 崚 榑詫 簒墨從柘墸 + 浜電墫 侑浜賭隣 + Makefile, 堊 湟 忱婆冦不 料 療馬 , 佻崛盲篇堊, + 嗅田嬖堙 佻厮痛 佚凖妖領挌 卅敖徒 榑詫 和卅效, 湟和 + 和姪媒不 湟杜錨 彖枦馬 佻參 漬嫻浜 明椿揺. + + 蚶阻, 卅嗤鰐嵒 凖杼斗拇 攸珍淺 佻厮痛 蛭 從變彬力彭良 + 侑 嗜敖僧鰭 彖枦馬 力從馬 徳別 + Makefile: + + + 鑷蒜瀕遡慘拇 瓶範栂拱 墨 + + 鄙範追墫 棉 藁 冒堊模播 DISTDIR + 徂津 嘖僧珍參力馬 孃阻彖領惑 倉班彖塹厦 + gzip tar-倉班彖 浜杜斗 塢仭 + foozolix-1.2.tar.gz? 縒棉 榑 堊, 溶嵶 + 佚凖編 嗅田媽歸葉 杼杯. 縒棉 療, 塹 忸 掴網隣 佻俎堊墮嗔 + 佚凖椀凖津棉墮 療墨塹燮 冨 佚凖妖領挌 + DISTVERSION, DISTNAME, + EXTRACT_CMD, + EXTRACT_BEFORE_ARGS, + EXTRACT_AFTER_ARGS, + EXTRACT_SUFX 斌 + DISTFILES 攸徂喇溶嘖 塹馬, 料嗚鰐慄 + 療和掵杜 届厖壮 追嘖夘怠塢徇惑 徳別. + + 晩壷斗 嗅孺租 忸 溶崚堙 侑腕塹 椀凖津棉墮 嘛論 + 嗜帯墸杜燐 壇蒙 do-extract 通 + 佚凖椀凖津姪良 津篇墸品 佻 嬪鰐涸良, 範墹 榑詫 燐嵶 怠津 + 侑病吐壮 淌輪 凖痛蛭 嗅孺叢, 途棉 從和歸 侑苗T嗔. + - &prompt.user; pkg version -t 0.031 0.29 -> + + 虱杜彖良 - 黌厦冒 > 忸從津 墨輿猟 變挿租, - 湟 彭厶頻 0.031 嘲不租墫 忸枦, 淌 彭厶頻 0.29, 湟 溶崚 - 泰墮 療 淌徂栂 通 塹馬, 穆 忸佻摸囘 佻參敏彖良. - + 佚叟亙 涸嘖 Makefile 佻參 斗 + 珍T嗔 料旌僧錨, 嬲惣掀租墫 吐 力妖 彭厶鰭 侑瀕祖姪嵶腕墮 + 侑宋斌慘亙 冒堙馬夘. + + + <varname>PORTNAME</varname> + <varname>PORTVERSION</varname> + + 佚凖妖領亙 PORTNAME 忸 掴網隣 + 嬲惣壮 腕力徇媽 涸嘖 浜杜 彖枦馬 佻參, 佚凖妖領亙 + PORTVERSION - 力妖 彭厶鰭. + + + + <varname>PORTREVISION</varname> + <varname>PORTEPOCH</varname> + + + <varname>PORTREVISION</varname> + + 霤凖妖領叢 PORTREVISION 侑田嘖宋妄都 + 嗜堆 溶力塹領 孥徒扶夫狙歸途 淺嗅, 墨塹厦 和燐妄都嗔 + 侑 冒崢詫 孥徒扶杜鰭 變挿杜頻 佚凖妖領亙 + PORTVERSION (塹 途墮 冒崢拱 卅, 墨把 + 嗜敖壮徒冤 忸侖嗚租墫 力忸 脇秒描蒙隣 凖棉), + 掴汰很囘墫 浜杜 仭謀堊, 途棉 藁 療 卅徇 燐明. + 蠣妖療良 PORTREVISION 瓶佻蒙旁脊嗔 + 宋塹輿塢敝厦彖領挈 瀕嘖簒妖淋鼠 (料侑浜賭, + pkg version, 嗟. &man.pkg-version.8;) + 通 椀凖津姪良 徳穆 佻况姪良 力從馬 仭謀堊. + + 料淌良 PORTREVISION 掴網力 + 孥徒扶夫壮慯 冒崢拱 卅, 墨把 佻參 FreeBSD 津盟脊嗔 + 冨妖療良, 墨塹燮 冒-棉堆 妖倫脊 佻盲涸斗拱 仭謀. 鸚珍 + 堽腕冱嗔 塹蒙墨 冨妖療良, 攸墟素夫狙殄 佻嘖厦杜錨 仭謀堊 + 仭卅妖墟鼠 佻 + 嬪鰐涸良. + + 靤浜賭 嗅孺租, 墨把 變挿杜錨 + PORTREVISION 掴網力 泰墮 + 孥徒扶杜: - 喇壞礎頻, 佻掴体挌 榑亙, 掴網力 泰墮 孥徒扶杜 變挿杜錨 - PORTEPOCH. 縒棉 變挿杜錨 - PORTEPOCH 療 卅徇 燐明, 塹 藁 掴汰很囘墫 - 浜杜 仭謀堊, 冒 椀瓶僧 卅敖徒 忸枦. 料淌良 - PORTEPOCH 良墨把 療 掴網力 嬪杜憖壮慯 斌 - 啾卅噎彖墮嗔 力蒙, 佻塹葉 湟 榑 侑夫田T 柯陀 嘔宋療良 - 仭謀塹 妖輪柯 力妖厦 榻枠 (塹 途墮 塹, 湟 仭謀 孑堊凖, - 和料簒崚力 療 怠津): 力妖 力從 彭厶鰭 (料侑浜賭, - 1.0,1 侑浜賭 忸枦) 腕堊療墫 妖輪枦, 淌 - 力妖 侑田拂斈妬 彭厶鰭 (20000801), 歪料墨 嗾篤彬 - ,1 瀕堙厥凖塢簒都嗔 卅斂扶隣揺 - 宋塹輿塢敝厦彖領挈 孕斌不鼠 腕和挈 和卅斛, 亘爽都嗔 堆蒙枦, - 淌 侑田佻盟覗斗拱 嗾篤彬 ,0 堆姪 卅領吐 - 仭謀堊). - - 酖墨厰屠堽賄 嬪杜憖杜錨 斌 啾厦 PORTEPOCH - 侑夫歪不 佚涸蒙隣 佻嗅田嘖徂冤; 途棉 忸 療 佻倫棉, 泯 枳 - 凖渫 卅療, 佻崛盲篇堊, 徨 崚 卅畋賭不途 榑浜, 棉堆 嗤厦喇堙 - 嗤瓶冒 卅嗷挂防. - - 靤田佻盟覗都嗔, 湟 堆蒙柯林墸 佻參 佚凖妖領叢 - PORTEPOCH 瓶佻蒙斛彖墮嗔 療 怠津, 力 侑 - 墨厰屠堽詫 瓶佻蒙斛彖良 PORTVERSION 溶崚 - 佻况不慯 療和範追溶嘖 釘 浜都, 途棉 怠蔦殄 凖棉攸 - 侑惑卅様力 和途佚淌良 掴網力 冨妖良墮 嘖簒穆孀 力妖卅 彭厶鰭. - 鐵料墨 嗜敖壮徒冤 佻參 通 &os; 燐嵶 泰墮 徇浜壮徒慘挈, 墨把 - 卅斷疎壘彬 忸侖嗚租 凖棉 妥 脇秒描蒙力馬 力妖卅 彭厶鰭 — - 楪阻錨 侑詫砥孕淮拇 凖棉旛. 虱電墫 嗜駄惣 - 佻妖塢墮 凖棉 珍塹 吐 忸範珍, 湟 溶崚 忸旌壮 侑和姪踊, 冒 - 侑浜賭 忸枦, 墨把 怠津 忸侖歸 力忸 - 脇秒描蒙隣 凖棉. - - 鄙侑浜賭, 途棉 侑詫砥孕淮拱 凖棉 佻妖淌 珍塹 20000917, - 侑田拂斈叢 彭厶頻 侑惑卅様力馬 和途佚淌良 浜徒 力妖 1.2, 塹 - 侑詫砥孕淮詫 凖棉旁 掴網力 泰墮 佻嘖宋姪力 嗜墸都嘖徂 - 變挿杜錨 PORTVERSION, 卅徇賄 1.2.20000917 斌 - 湟-塹 佻範崚, 力 療 20000917, 堊 冒 佻嗅田媽殄 凖棉, 嗚爽斗, - 1.3, 掴網杜 浜都 淺嗅杜力 堆蒙枦 變挿杜錨. - - - - 靤浜賭 瓶佻蒙斛彖良 佚凖妖領挌 - <varname>PORTREVISION</varname> - <varname>PORTEPOCH</varname> - - 捐鰐療 墨様不 佻參 gtkmumble, 彭厶鰭 - 0.10, 墨面屠檀 佻參. - - PORTNAME= gtkmumble -PORTVERSION= 0.10 - - 料淌良 PKGNAME 嘖僧都 卅徇挈 - gtkmumble-0.10. - - 鐶料簒崚料 岱奴 妥斛仭嗄腕塢, 瓶侑宋姪良 墨塹厦 - 佻墟殿彖模 嗜敖僧頻 - 模冒蒙力馬 仭壘 通 &os;. 麩墸都嘖彭領 泰模 孥徒扶杜 - 變挿杜錨 佚凖妖領亙 PORTREVISION. - - PORTNAME= gtkmumble -PORTVERSION= 0.10 -PORTREVISION= 1 - - PKGNAME 侑瀕浜租 變挿杜錨 - gtkmumble-0.10_1 - - 鯀斷疎壘彬詫 忸侖歸料 力彖 彭厶頻 力妖厦 - 0.2 (亘惣遡腕, 湟 佻 力妖厦 - 0.10 宋塹 浜徒 徂蔦 - 0.1.0, 療 塹, 湟 怠津 忸侖歸力 佻嗅 - 彭厶鰭 0.9 - 冨徂良堙, 堙佚曼 孛 佻敖力). 阻 冒 力忸 - 楊祖柯 力妖 彭厶鰭 2 佻 變挿杜廟 妖輪枦, 淌 - 力妖 侑田拂斈妬 彭厶鰭 10, 塹 掴網力 泰墮 - 孥徒扶杜 變挿杜錨 PORTEPOCH 通 塹馬, 湟和 - 攸嘖宋不 卅嗤變宋壮 徇忤 嗜敖宋租踊 仭謀 冒 堆姪 - 力忸. 阻 冒 榑 力忸 凖棉 侑惑卅様, 塹 - PORTREVISION 和燐妄都嗔 (斌 嫩遡囘墫 冨 - 徳別 Makefile). - - PORTNAME= gtkmumble -PORTVERSION= 0.2 -PORTEPOCH= 1 - - PKGNAME 侑瀕浜租 變挿杜錨 - gtkmumble-0.2,1 - - 麑田媽殄 凖棉 浜電 力妖 彭厶鰭 0.3. 阻 冒 變挿杜錨 - 佚凖妖領亙 PORTEPOCH 良墨把 療 嬪杜憖租墫, 湟 - 佚凖妖領拇, 椀凖津妄摂錨 彭厶鰭, 堙佚曼 忸婆冂冱 堊: - - PORTNAME= gtkmumble -PORTVERSION= 0.3 -PORTEPOCH= 1 - - PKGNAME 侑瀕浜租 變挿杜錨 - gtkmumble-0.3,1 - - - 縒棉 變挿杜錨 PORTEPOCH 榑浜 和力很杜錨 - 泰模 泰 啾厦枦力 0, 塹 穆-良怠椿, 浜点殄 - 孑堊力很杜隣 仭謀 gtkmumble-0.10_1, 療 - 嗟惑 泰 椀變壮 仭謀 gtkmumble-0.3 冒 - 堆姪 力忸, 堊 冒 3 泰模 泰 妖輪枦, 淌 - 10. 靉洋不, 湟 佚叟媽 淌凖椿 榑 - 冒啻都嗔 PORTEPOCH. - - - - - - 霤凖妖領拇 <varname>PKGNAMEPREFIX</varname> - <varname>PKGNAMESUFFIX</varname> - - 籃 療和凉壮徒慘拇 佚凖妖領拇, PKGNAMEPREFIX - PKGNAMESUFFIX, 和濺追倫脊嗔 嗜 變挿杜頻揺 - PORTNAME - PORTVERSION 通 届厖敏彖良 - PKGNAME 届厖 - ${PKGNAMEPREFIX}${PORTNAME}${PKGNAMESUFFIX}-${PORTVERSION}. - 簣妥編途 塹馬, 湟和 榑 嗜墸都嘖從彖模 料柯 凖墨妖猟礎頻 佻 侑宋斌慘詫 忸堆簒 - 料旌僧品 通 仭謀塹. 涸嘖力嘖, 佚凖妖領亙 - PORTVERSION 療 卅斷奴租墫 - 瓶佻蒙斛彖良 津読啻 (-). 誨詫 塹馬, 途棉 - 浜杜 仭謀堊 侑瓶孕嘖徼都 涸嘖 language- - 斌 -compiled.specifics (嗟墟不 良崚), - 塹 瓶佻蒙旁編 佚凖妖領拇 PKGNAMEPREFIX - PKGNAMESUFFIX, 嗜墸都嘖彭領. 酖 津盟編 蛭 - 涸嘖慇 變挿杜頻 佚凖妖領亙 PORTNAME. - - - - 麩婆想杜頻 佻 浜杜彖良 仭謀塹 - - 篩姪 椀瓶僧 療墨塹燮 嗜婆想杜頻, 墨塹燮 忸 掴網隣 嗅田彖墮 - 浜杜彖良 彖柯 仭謀塹. 鑪 泰棉 卅斷疎堊隣 通 和姪媒杜頻 - 侑腕溶墟 冒堊模覗, 堊 冒 浜電墫 孛 壅嗔淺 仭謀塹, - 佻蒙斛彖堙棉 墸賭燐墫 料, 途棉 嗤瓶亘 療 佻厘宋不嗔 蛭 - 忱碗! - - 虱 仭謀堊 掴網力 浜都 徂 - language_region-name-compiled.specifics-version.numbers. - - 虱 仭謀堊 椀凖津妄都嗔 冒 - ${PKGNAMEPREFIX}${PORTNAME}${PKGNAMESUFFIX}-${PORTVERSION}. - 掴網隣 攸珍彖墮 變挿杜頻 佚凖妖領挌 嗜墸都嘖徂 榑浜 - 届厖壮詫. - - - - &os; 俎堊都嗔 佻陳賭嵒彖墮 凉挧, 料 墨塹燮 卅敘彖夘彖脊 - 釘 佻蒙斛彖堙棉. 喪墮 language- - 掴網料 泰墮 鍔嬌喇要鰐慘挈 嗜牧掃杜錨 料旌僧頻 凉挧 佻 - 嘖僧珍參 ISO-639, 途棉 佻參 嗤澱鋲扶杜 通 墨遼凖堽惑 凉挧. - 靤浜賭鼠 况妄脊嗔 ja 通 冩藁嗚惑, - ru 通 簒嗷墨馬, vi 通 - 忤都料羊墨馬, zh 通 防堊篇墨馬, - ko 通 墨凖篇墨馬 de 通 - 療妖男惑 凉挧. - - 縒棉 彖 佻參 嗤澱鋲扶杜 通 墨遼凖堽惑 凖派藁 徇孕夘 - 和盟嘖 瓶佻蒙斛彖良 凉挧, 掴汰忤堙 堊勃 鍔嬌喇要鰐慘拱 墨 - 嘖卅隣. 靤浜賭鼠 况妄脊嗔 en_US 通 US - English fr_CH 通 Swiss French. - - 喪墮 language- 掴網料 攸珍彖墮嗔 - 佚凖妖領亙 PKGNAMEPREFIX. - - - - 霤叟叢 怠没 涸嘖 name 掴網料 泰墮 - 良嵶斗 凖派嘖凖. (鑽堊忝叢嗔 涸嘖 料旌僧頻 溶崚 嗜津雙壮 - 怠没 彭卮療 凖派嘖凖, 堊 湟 侑瀕浜訴堙 凖枦良 啻揺, 墨把 - 侑渡岱惣嫖堙 浜 侑惑卅様力馬 仭謀堊, 嗜津雙掃吐 浜杜 - 療墨塹厦 墨棉淌嘖從 攸婆宋隣 怠没.) 黎歸嘖徼都 墟祖秒頻 - 浜杜彖墮 溶蔦棉 通 Perl 5, 掴汰很冪 徙賭田 - p5- 侑渡岱惣孅 仭簒 鍔賄塹淺 - 津読; 料侑浜賭, 溶蔦蒙 Data::Dumper 怠津 - 浜杜彖墮嗔 p5-Data-Dumper. + + + 簣汰很杜錨 仭壘妬 通 瓶侑宋姪良 孅旌浜腕堙, + 柯堆, 斌 掴汰很杜頻 力從 噸遼檀藁遡慘腕塢 + 佻參. - 妥追堙嗹, 湟 浜 佻參 彭厶頻 淌塰 堋徒杜 - 卅斃倒狙墫 佚凖妖領挌 PORTNAME - PORTVERSION. 緜瀕嘖彭領叢 侑扶瀕, 佻 - 墨塹厦 PORTNAME 嗜津雙不 彭厶貧領媽 涸嘖, - 榑 途棉 佻盲淌領拱 追嘖夘怠塢 啻 料旌僧 堊防 和卅斛, 冒 - 榑 喞徒僧 通 佻參 textproc/libxml2 - 斌 japanese/kinput2-freewnn. 侑塢徇詫 - 嗅孺租 PORTNAME 療 掴網杜 嗜津雙壮 良冒墨 - 瀕届厖礎鰭, 嬲惣掀狙歸 料 彭厶廟. , 湟 療墨塹燮 佻參 - 浜点 歪瀕阻忸 PORTNAME, 况妄都嗔 徙鰐療 - 力厖遡慘挈, 冒 通 佻參 www/apache*; - 榑詫 嗅孺租 卅斂扶隣 彭厶鰭 ( 卅斂扶隣 攸佗喇 瀕津睦) - 毀扶狙墫 佻 變挿杜頻 PKGNAMEPREFIX - PKGNAMESUFFIX. - - - - 縒棉 佻參 溶崚 泰墮 佻嘖厦杜 卅斂扶隣揺 嘖壮扶途防 攸珍領挈 變挿杜頻揺 佻 - 嬪鰐涸良 (和掵力 榑 涸嘖 浜杜 冒堊模覗 單妖篇墸 - 佻參), 塹 涸嘖 -compiled.specifics - 掴網料 椀凖津妄墮 徊詫佗棉厦彖領拇 變挿杜頻 佻 嬪鰐涸良 (津読 - 療 和凉壮徒杜). 靤浜賭鼠 况妄脊嗔 卅斃賭 怠輿派 - 柢鋲塹. - - 喪墮 -compiled.specifics 掴網料 - 攸珍彖墮嗔 佚凖妖領亙 PKGNAMESUFFIX. - - - - 黌厦冒 力妖厦 彭厶鰭 掴網料 嗅田彖墮 攸 津読嗜 - (-) 况妄墮嗔 嗤瓶墨 卅敖徒杜隣 鍔賄塹淺斗 - 淺單 怠没 良嵶斗 凖派嘖凖. 涸嘖力嘖, 療 卅斷奴租墫 - 浜都 倒 歪瀕 津読 徇孕夘 嘖厦防 和變挿杜錨 力妖卅 彭厶鰭. - 緜瀕嘖彭領挈 瓶北折杜錨 况妄都嗔 嘖厦淤 pl - (變挿狙歔 patchlevel), 墨塹卅 溶崚 - 瓶佻蒙斛彖墮嗔 塹蒙墨 塹把, 墨把 - 侑惑卅様力馬 和途佚淌良 療 嘖倉枦馬 楊祖枦馬 力妖卅 彭厶鰭. - 縒棉 力妖 彭厶鰭 侑惑卅様力馬 和途佚淌良 徊明淌料 嘖厦淤 - 塢仭 alpha, beta, - rcpre, 從旒揺堙 冨 療 佚叟媽 - 怠没 佻嘖宋慥 釘 療佻嘔田嘖彭領 佻嗅 塹淤. 縒棉 佻嗅 - 堊防 嘖厦 力妖 彭厶鰭 倒 侑歪鰐崛都嗔, 塹 佻嗅 怠没 掴網力 - 嗅田彖墮 淺嗅 妥 掴佻摸不徒慘亙 卅敖徒兩歸 塹淤. - - 麝搜 堊墨馬 届厖壮 攸北折租墫 嫩和嘖彭 嗜參敏徊 佻參 - 佻 力妖簒 彭厶鰭. 涸嘖力嘖, 嗅田不 攸 堙, 湟和 墨熔藁杜壅 - 力妖卅 彭厶鰭 卅敖徒冖瓶 塹淤亙, 途棉 堊 侑瓶孕嘖徼都 珍堊, - 塹 瓶佻蒙旁編 届厖壮 - 0.0.yyyy.mm.dd, 力 療 - dd.mm.yyyy - 斌 療 嗜徑途塢踊 侑和姪溶 Y2K - yy.mm.dd. - 簣汰很杜錨 彭厶鰭 侑兎彬啻 0.0. 况妄都嗔 - 彖嵶挈, 嗅孺租 途棉 忸侖歸 凖棉 侑瓶從杜錨 料嘖湾歸 - 彭厶鰭, 墨塹卅 淺嗅從 侑田嘖宋姪良, 墨療淮 崚, 怠津 - 良崚, 淌 - yyyy. - - - - 療嗚鰐慄 (凖遡慘挌) 侑浜賭 塹馬, 冒 侑渡岱惣彖墮 浜 冨 - 碗蒜瀕遡慘惑, 侑苗嬪僧力馬 宋塹卅揺, 佻槌歪處斗 通 浜杜 - 仭謀堊: - - - - - - 虱 追嘖夘怠塢彖 - - PKGNAMEPREFIX - - PORTNAME - - PKGNAMESUFFIX - - PORTVERSION - - 鐶腕力彖良 - - - - - - mule-2.2.2 - (侖嘖) - mule - (侖嘖) - 2.2.2 - 蠣妖療良 療 佻墟殿彖模嗹 - - - - EmiClock-1.0.2 - (侖嘖) - emiclock - (侖嘖) - 1.0.2 - 簗 堋徒慘挌 侑惑卅様 浜杜 攸婆宋隣揺 怠没鼠 - 攸侑倒杜 - *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Sat Jul 12 14:51:20 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A1A37B9C; Sat, 12 Jul 2014 14:51:20 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8ECDC28A4; Sat, 12 Jul 2014 14:51:20 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6CEpKfV040444; Sat, 12 Jul 2014 14:51:20 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6CEpK5m040443; Sat, 12 Jul 2014 14:51:20 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201407121451.s6CEpK5m040443@svn.freebsd.org> From: Ryusuke SUZUKI Date: Sat, 12 Jul 2014 14:51:20 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45258 - head/ja_JP.eucJP/htdocs/docproj X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Jul 2014 14:51:20 -0000 Author: ryusuke Date: Sat Jul 12 14:51:20 2014 New Revision: 45258 URL: http://svnweb.freebsd.org/changeset/doc/45258 Log: - Merge the following from the English version: r41577 -> r45249 head/ja_JP.eucJP/htdocs/docproj/docproj.xml Modified: head/ja_JP.eucJP/htdocs/docproj/docproj.xml Modified: head/ja_JP.eucJP/htdocs/docproj/docproj.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/docproj/docproj.xml Sat Jul 12 14:17:51 2014 (r45257) +++ head/ja_JP.eucJP/htdocs/docproj/docproj.xml Sat Jul 12 14:51:20 2014 (r45258) @@ -1,11 +1,11 @@ ]> - + @@ -54,7 +54,7 @@

    現在、ドキュメンテーションの努力の一環として、 幾つもプロジェクトが進行中です。 - リストに目を通して、 + リスト に目を通して、 あなたにもできることがないかどうか調べてみてください。

    From owner-svn-doc-all@FreeBSD.ORG Sat Jul 12 16:55:16 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 93C2B92F; Sat, 12 Jul 2014 16:55:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 677A821E6; Sat, 12 Jul 2014 16:55:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6CGtGkd000535; Sat, 12 Jul 2014 16:55:16 GMT (envelope-from pluknet@svn.freebsd.org) Received: (from pluknet@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6CGtGdv000533; Sat, 12 Jul 2014 16:55:16 GMT (envelope-from pluknet@svn.freebsd.org) Message-Id: <201407121655.s6CGtGdv000533@svn.freebsd.org> From: Sergey Kandaurov Date: Sat, 12 Jul 2014 16:55:16 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45259 - head/ru_RU.KOI8-R/books/handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Jul 2014 16:55:16 -0000 Author: pluknet Date: Sat Jul 12 16:55:15 2014 New Revision: 45259 URL: http://svnweb.freebsd.org/changeset/doc/45259 Log: MFen r45188. Now that mirrors/chapter.xml synced, we can safely remove this. Modified: head/ru_RU.KOI8-R/books/handbook/Makefile head/ru_RU.KOI8-R/books/handbook/chapters.ent Modified: head/ru_RU.KOI8-R/books/handbook/Makefile ============================================================================== --- head/ru_RU.KOI8-R/books/handbook/Makefile Sat Jul 12 14:51:20 2014 (r45258) +++ head/ru_RU.KOI8-R/books/handbook/Makefile Sat Jul 12 16:55:15 2014 (r45259) @@ -230,8 +230,6 @@ DOC_PREFIX?= ${.CURDIR}/../../.. XMLDOCS= lastmod:::mirrors.lastmod.inc \ mirrors-ftp-index:::mirrors.xml.ftp.index.inc \ mirrors-ftp:::mirrors.xml.ftp.inc \ - mirrors-cvsup-index:::mirrors.xml.cvsup.index.inc \ - mirrors-cvsup:::mirrors.xml.cvsup.inc \ eresources-index:::eresources.xml.www.index.inc \ eresources:::eresources.xml.www.inc DEPENDSET.DEFAULT= transtable mirror @@ -245,12 +243,6 @@ PARAMS.mirrors-ftp-index+= --param 'type PARAMS.mirrors-ftp+= --param 'type' "'ftp'" \ --param 'proto' "'ftp'" \ --param 'target' "'handbook/mirrors/chapter.xml'" -PARAMS.mirrors-cvsup-index+= --param 'type' "'cvsup'" \ - --param 'proto' "'cvsup'" \ - --param 'target' "'index'" -PARAMS.mirrors-cvsup+= --param 'type' "'cvsup'" \ - --param 'proto' "'cvsup'" \ - --param 'target' "'handbook/mirrors/chapter.xml'" PARAMS.eresources-index+= --param 'type' "'www'" \ --param 'proto' "'http'" \ --param 'target' "'index'" @@ -261,8 +253,6 @@ PARAMS.eresources+= --param 'type' "'www SRCS+= mirrors.lastmod.inc \ mirrors.xml.ftp.inc \ mirrors.xml.ftp.index.inc \ - mirrors.xml.cvsup.inc \ - mirrors.xml.cvsup.index.inc \ eresources.xml.www.inc \ eresources.xml.www.index.inc Modified: head/ru_RU.KOI8-R/books/handbook/chapters.ent ============================================================================== --- head/ru_RU.KOI8-R/books/handbook/chapters.ent Sat Jul 12 14:51:20 2014 (r45258) +++ head/ru_RU.KOI8-R/books/handbook/chapters.ent Sat Jul 12 16:55:15 2014 (r45259) @@ -61,8 +61,6 @@ - - From owner-svn-doc-all@FreeBSD.ORG Sat Jul 12 23:41:03 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7E26D124; Sat, 12 Jul 2014 23:41:03 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 69C5A2E72; Sat, 12 Jul 2014 23:41:03 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6CNf3iL093296; Sat, 12 Jul 2014 23:41:03 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6CNf22T093289; Sat, 12 Jul 2014 23:41:02 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407122341.s6CNf22T093289@svn.freebsd.org> From: Glen Barber Date: Sat, 12 Jul 2014 23:41:02 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45260 - in head: en_US.ISO8859-1/htdocs/releases en_US.ISO8859-1/htdocs/releases/10.1R en_US.ISO8859-1/share/xml share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Jul 2014 23:41:03 -0000 Author: gjb Date: Sat Jul 12 23:41:02 2014 New Revision: 45260 URL: http://svnweb.freebsd.org/changeset/doc/45260 Log: - Add support for concurrent upcoming releases. - Set beta2 macros to 10.1-R, and enable the beta2.upcoming text. - Connect the 10.1R directory to the build. Approved by: re (implicit), doceng (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/10.1R/schedule.xml head/en_US.ISO8859-1/htdocs/releases/Makefile head/en_US.ISO8859-1/share/xml/release.l10n.ent head/share/xml/release.ent Modified: head/en_US.ISO8859-1/htdocs/releases/10.1R/schedule.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/10.1R/schedule.xml Sat Jul 12 16:55:15 2014 (r45259) +++ head/en_US.ISO8859-1/htdocs/releases/10.1R/schedule.xml Sat Jul 12 23:41:02 2014 (r45260) @@ -5,7 +5,8 @@ - + + ]> @@ -32,6 +33,7 @@ re@FreeBSD.org.

    &beta.local.where; + &beta2.local.where;

    Schedule

    Modified: head/en_US.ISO8859-1/htdocs/releases/Makefile ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/Makefile Sat Jul 12 16:55:15 2014 (r45259) +++ head/en_US.ISO8859-1/htdocs/releases/Makefile Sat Jul 12 23:41:02 2014 (r45260) @@ -18,7 +18,7 @@ SUBDIR+= 6.0R 6.1R 6.2R 6.3R 6.4R SUBDIR+= 7.0R 7.1R 7.2R 7.3R 7.4R SUBDIR+= 8.0R 8.1R 8.2R 8.3R 8.4R SUBDIR+= 9.0R 9.1R 9.2R 9.3R -SUBDIR+= 10.0R +SUBDIR+= 10.0R 10.1R .if defined(NEW_BUILD) SUBDIR= Modified: head/en_US.ISO8859-1/share/xml/release.l10n.ent ============================================================================== --- head/en_US.ISO8859-1/share/xml/release.l10n.ent Sat Jul 12 16:55:15 2014 (r45259) +++ head/en_US.ISO8859-1/share/xml/release.l10n.ent Sat Jul 12 23:41:02 2014 (r45260) @@ -167,4 +167,15 @@ '> ]]> + + &beta.helptest; +

    Available installation images are listed on the download page.

    +

    +'> +]]> + + Modified: head/share/xml/release.ent ============================================================================== --- head/share/xml/release.ent Sat Jul 12 16:55:15 2014 (r45259) +++ head/share/xml/release.ent Sat Jul 12 23:41:02 2014 (r45260) @@ -24,6 +24,7 @@ + @@ -46,13 +47,13 @@ are having release candidates at the same time), do the same here. --> - + - + - - + + From owner-svn-doc-all@FreeBSD.ORG Sat Jul 12 23:46:30 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id ED2451AE; Sat, 12 Jul 2014 23:46:30 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DB2712EF5; Sat, 12 Jul 2014 23:46:30 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6CNkUiW095073; Sat, 12 Jul 2014 23:46:30 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6CNkU7G095072; Sat, 12 Jul 2014 23:46:30 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407122346.s6CNkU7G095072@svn.freebsd.org> From: Glen Barber Date: Sat, 12 Jul 2014 23:46:30 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45261 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Jul 2014 23:46:31 -0000 Author: gjb Date: Sat Jul 12 23:46:30 2014 New Revision: 45261 URL: http://svnweb.freebsd.org/changeset/doc/45261 Log: Remove '(Legacy)' text from older branch releases. Sponsored by: The FreeBSD Foundation Modified: head/share/xml/navibar.ent Modified: head/share/xml/navibar.ent ============================================================================== --- head/share/xml/navibar.ent Sat Jul 12 23:41:02 2014 (r45260) +++ head/share/xml/navibar.ent Sat Jul 12 23:46:30 2014 (r45261) @@ -98,8 +98,9 @@
    • Production Release:
      &rel.current;
      • -
    • Production (Legacy) Release:
      - &rel2.current; +
    • Production Release:
      + &rel2.current;
      • +
    • Production Release:
      &rel3.current;
      • &beta.listitem; From owner-svn-doc-all@FreeBSD.ORG Sat Jul 12 23:49:10 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E96AC21D; Sat, 12 Jul 2014 23:49:10 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D72C22EFD; Sat, 12 Jul 2014 23:49:10 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6CNnAk2095541; Sat, 12 Jul 2014 23:49:10 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6CNnATl095540; Sat, 12 Jul 2014 23:49:10 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407122349.s6CNnATl095540@svn.freebsd.org> From: Glen Barber Date: Sat, 12 Jul 2014 23:49:10 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45262 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Jul 2014 23:49:11 -0000 Author: gjb Date: Sat Jul 12 23:49:10 2014 New Revision: 45262 URL: http://svnweb.freebsd.org/changeset/doc/45262 Log: Re-enable the 'Snapshot Releases' URL. Sponsored by: The FreeBSD Foundation Modified: head/share/xml/navibar.ent Modified: head/share/xml/navibar.ent ============================================================================== --- head/share/xml/navibar.ent Sat Jul 12 23:46:30 2014 (r45261) +++ head/share/xml/navibar.ent Sat Jul 12 23:49:10 2014 (r45262) @@ -102,7 +102,7 @@ &rel2.current;
    • Production Release:
      &rel3.current;
      • - +
    • Snapshot Releases
      • &beta.listitem; &beta2.listitem;
    From owner-svn-doc-all@FreeBSD.ORG Sun Jul 13 00:07:45 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B8AA635B; Sun, 13 Jul 2014 00:07:45 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A64642049; Sun, 13 Jul 2014 00:07:45 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6D07jjJ005827; Sun, 13 Jul 2014 00:07:45 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6D07jmK005825; Sun, 13 Jul 2014 00:07:45 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407130007.s6D07jmK005825@svn.freebsd.org> From: Glen Barber Date: Sun, 13 Jul 2014 00:07:45 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45263 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Jul 2014 00:07:45 -0000 Author: gjb Date: Sun Jul 13 00:07:44 2014 New Revision: 45263 URL: http://svnweb.freebsd.org/changeset/doc/45263 Log: Fix the 'Upcoming releases' list in the navigation bar. Sponsored by: The FreeBSD Foundation Modified: head/share/xml/navibar.ent head/share/xml/release.ent Modified: head/share/xml/navibar.ent ============================================================================== --- head/share/xml/navibar.ent Sat Jul 12 23:49:10 2014 (r45262) +++ head/share/xml/navibar.ent Sun Jul 13 00:07:44 2014 (r45263) @@ -75,14 +75,14 @@
    '> -Upcoming Release:
    &betarel.current; '> ]]> -Upcoming Release:
    &betarel2.current; '> Modified: head/share/xml/release.ent ============================================================================== --- head/share/xml/release.ent Sat Jul 12 23:49:10 2014 (r45262) +++ head/share/xml/release.ent Sun Jul 13 00:07:44 2014 (r45263) @@ -35,6 +35,7 @@ + @@ -48,6 +49,7 @@ + From owner-svn-doc-all@FreeBSD.ORG Sun Jul 13 07:43:50 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 38B2348F; Sun, 13 Jul 2014 07:43:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 099182D7F; Sun, 13 Jul 2014 07:43:50 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6D7hn2N013833; Sun, 13 Jul 2014 07:43:49 GMT (envelope-from pluknet@svn.freebsd.org) Received: (from pluknet@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6D7hnNU013830; Sun, 13 Jul 2014 07:43:49 GMT (envelope-from pluknet@svn.freebsd.org) Message-Id: <201407130743.s6D7hnNU013830@svn.freebsd.org> From: Sergey Kandaurov Date: Sun, 13 Jul 2014 07:43:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45264 - in head/en_US.ISO8859-1/books/porters-handbook: makefiles plist special X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Jul 2014 07:43:50 -0000 Author: pluknet Date: Sun Jul 13 07:43:49 2014 New Revision: 45264 URL: http://svnweb.freebsd.org/changeset/doc/45264 Log: Fix typos. Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Sun Jul 13 00:07:44 2014 (r45263) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Sun Jul 13 07:43:49 2014 (r45264) @@ -3548,7 +3548,7 @@ OPT6_DESC= Describe OPT6ports/Mk/bsd.options.desc.mk has descriptions for many common OPTIONS. While often useful, they - should be overriden if the description is insufficient + should be overridden if the description is insufficient for the port. Modified: head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml Sun Jul 13 00:07:44 2014 (r45263) +++ head/en_US.ISO8859-1/books/porters-handbook/plist/chapter.xml Sun Jul 13 07:43:49 2014 (r45264) @@ -209,7 +209,7 @@ lib/X11/oneko/sounds/cat.au of ${PREFIX}/etc, it should be in ETCDIR, which defaults to ${PREFIX}/etc/${PORTNAME}, it can be - overrided in the ports Makefile if there + overridden in the ports Makefile if there is a convention for the port to use some other directory. The %%ETCDIR%% macro should be used in its stead in the pkg-plist file. Modified: head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Sun Jul 13 00:07:44 2014 (r45263) +++ head/en_US.ISO8859-1/books/porters-handbook/special/chapter.xml Sun Jul 13 07:43:49 2014 (r45264) @@ -53,7 +53,7 @@ but only depend on other ports, should avoid needlessly extracting the &man.mtree.8; to the stage directory. This is the basic directory layout of the package, and these empty - directories will be seens as orphans. To prevent + directories will be seen as orphans. To prevent &man.mtree.8; extraction, add this line: NO_MTREE= yes From owner-svn-doc-all@FreeBSD.ORG Sun Jul 13 10:54:44 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0B0CAFAB; Sun, 13 Jul 2014 10:54:44 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EAABD2B67; Sun, 13 Jul 2014 10:54:43 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6DAshM5004400; Sun, 13 Jul 2014 10:54:43 GMT (envelope-from bcr@svn.freebsd.org) Received: (from bcr@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6DAshef004399; Sun, 13 Jul 2014 10:54:43 GMT (envelope-from bcr@svn.freebsd.org) Message-Id: <201407131054.s6DAshef004399@svn.freebsd.org> From: Benedict Reuschling Date: Sun, 13 Jul 2014 10:54:43 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45265 - head/de_DE.ISO8859-1/books/handbook/advanced-networking X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Jul 2014 10:54:44 -0000 Author: bcr Date: Sun Jul 13 10:54:43 2014 New Revision: 45265 URL: http://svnweb.freebsd.org/changeset/doc/45265 Log: Update to r44123: - comment out the BOOTP section for now, as this does not belong here - correct some german typos while where here. Submitted by: Bjoern Heidotting Obtained from: The FreeBSD German Documentation Project Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Sun Jul 13 07:43:49 2014 (r45264) +++ head/de_DE.ISO8859-1/books/handbook/advanced-networking/chapter.xml Sun Jul 13 10:54:43 2014 (r45265) @@ -5,7 +5,7 @@ $FreeBSD$ $FreeBSDde:$ - basiert auf: r44122 + basiert auf: r44123 --> Wollen Sie keine Kernelmodule verwenden, knnen Sie die bentigten Treiber auch in Ihren Kernel - kompilieren. Daz nehmen Sie folgende Zeilen in Ihre + kompilieren. Dazu nehmen Sie folgende Zeilen in Ihre Kernelkonfigurationsdatei auf: device wlan # 802.11 support @@ -1110,7 +1110,7 @@ ath0: AR2413 mac 7.9 RF2413 phy 4.5Um nach drahtlosen Netzwerken zu suchen verwenden Sie ifconfig. Dieser Scanvorgang kann einige - Zei in Anspruch nehmen, da dazu jede verfgbare + Zeit in Anspruch nehmen, da dazu jede verfgbare Frequenz auf verfgbare Access Points hin berprft werden muss. Um die Suche zu starten, mssen Sie als Super-User angemeldet sein: @@ -1227,7 +1227,7 @@ freebsdap 00:11:95:c3:0d:ac 1 Basiseinstellungen Dieser Abschnitt beschreibt, wie Sie ein einfaches - drahtloses Netzerk ohne Verschlsselung unter &os; + drahtloses Netzwerk ohne Verschlsselung unter &os; einrichten. Nachdem Sie sich mit den Informationen dieses Abschnitts vertraut gemacht haben, sollten Sie Ihr drahtloses Netzwerk mit WPA @@ -1735,7 +1735,7 @@ wlan0: flags=8843<UP,BROADCAST,RUNNIN bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5 protmode CTS wme burst roaming MANUAL - Alternativ knnen Sie Ihr drahtloses Gerlt + Alternativ knnen Sie Ihr drahtloses Gert wiederum manuell ber wpa_supplicant und ifconfig aktivieren. @@ -1753,7 +1753,7 @@ wlan0: flags=8843<UP,BROADCAST,RUNNIN hnlich vor wie verschlsselte Webseiten, bei denen der Webserver einen sicheren SSL-Tunnel erzeugen kann, ohne dass der Besucher dabei ber - ein client-seitiges Zertifikat verfgen muss. + ein clientseitiges Zertifikat verfgen muss. EAP-TTLS verwendet einen verschlsselten TLS-Tunnel zum sicheren Transport der Authentifizierungsdaten. @@ -1848,7 +1848,7 @@ wlan0: flags=8843<UP,BROADCAST,RUNNIN untersttzte EAP-Standard. PEAP arbeitet hnlich wie EAP-TTLS: Es - verwendet ein server-seitiges Zertifikat, um + verwendet ein serverseitiges Zertifikat, um einen verschlsselten TLS-Tunnel zu erzeugen, ber den die sichere Authentifizierung zwischen den Clients und dem Authentifizierungsserver erfolgt. @@ -2104,7 +2104,7 @@ Associated with 00:13:46:49:41:76 Die Verwendung der NDIS und &windows; Treiber erlauben zur Zeit keinen AP-Modus. Nur die nativen - &os;-Wireless-Treiber unterstten den AP Modus. + &os;-Wireless-Treiber untersttzen den AP Modus. Nachdem die Untersttzung fr ihr drahtloses @@ -2831,7 +2831,7 @@ c2e8bc80 0 250 00:02:72:00:d4:1a Transportprotokoll, das um Funktionen zur Emulation der 9poligen Schaltkreise von mit RS-232 (EIATIA-232-E) kompatiblen seriellen Ports ergnzt wurde. RFCOMM erlaubt bis zu 60 - simultane Verbindungen (RFCOMM-Kane) zwischen zwei + simultane Verbindungen (RFCOMM-Kanle) zwischen zwei Bluetooth-Gerten. Eine RFCOMM-Kommunikation besteht aus zwei Anwendungen (den @@ -3667,7 +3667,7 @@ bridge0: flags=8843<UP,BROADCAST,RUNN MAC-Adressen hinter einer Schnittstelle kann festgelegt werden. Sobald das Limit erreicht ist, werden Pakete mit einer unbekannten Quell-Adresse solange verworfen, bis ein - exisitierender Eintrag gelscht wird oder + existierender Eintrag gelscht wird oder abluft. Das folgende Beispiel setzt die maximale Anzahl von @@ -4230,31 +4230,12 @@ DHCP" - Es gibt mindestens zwei Mglichkeiten, den Kernel - ber das Netzwerk zu laden: - - - - PXE: Das - Preboot eXecution Environment System von - &intel; ist eine Art intelligentes Boot-ROM, das in - einigen Netzwerkkarten oder Hauptplatinen verwendet wird. - Weitere Informationen finden Sie in &man.pxeboot.8;. - - - - - Der Port - Etherboot - (net/etherboot) - erzeugt ROM-fhigen Code, um einen Kernel ber - das Netzwerk zu laden. Dieser Code kann entweder auf ein - Boot-PROM einer Netzwerkkarte gebrannt werden, was von vielen - Netzwerkkarten untersttzt wird. Oder er kann von einer - lokalen Diskette, Festplatte oder von einem laufenden - &ms-dos;-System geladen werden. - - + PXE: Das + Preboot eXecution Environment System von + &intel; ist eine Art intelligentes Boot-ROM, das in + einigen Netzwerkkarten oder Hauptplatinen verwendet wird. + Weitere Informationen finden Sie in &man.pxeboot.8;. + @@ -4294,13 +4275,17 @@ DHCP" /- sowie ein gemeinsames /usr-Dateisystem, die jeweils schreibgeschtzt sind. + + Das root-Dateisystem ist eine Kopie eines Standardwurzelverzeichnisses von &os; (blicherweise das des Servers), bei dem einige Konfigurationsdateien durch fr den plattenlosen Betrieb geeignete Versionen ersetzt wurden. + + Fr die Bereiche des root-Dateisystems, die beschreibbar sein mssen, werden mit &man.md.4; virtuelle Dateisysteme erzeugt. Dies bedeutet aber auch, dass @@ -4327,29 +4312,9 @@ DHCP" Hintergrundinformationen - Die Einrichtung von plattenlosen Rechnern ist einfach, aber - auch fehleranfllig. Der Grund dafr sind auftretende - Fehler, die sich oft nur schwer zuordnen lassen. Unter anderem - sind dafr folgende Umstnde verantwortlich: - - - - Kompilierte Optionen haben zur Laufzeit unterschiedliche - Auswirkungen. - - - - Fehlermeldungen sind oft kryptisch oder fehlen - vollstndig. - - - - Daher ist es ntzlich, ber die im Hintergrund - ablaufenden Mechanismen Bescheid zu wissen. Dadurch wird es - einfacher, eventuell auftretende Fehler zu beheben. - - Verschiedene Operationen mssen ausgefhrt werden, - um ein System erfolgreich zu starten: + Bei der Einrichtung von plattenlosen Rechnern + mssen verschiedene Operationen durchgefhrt werden, um + das System erfolgreich zu starten: @@ -4381,20 +4346,15 @@ DHCP" - Der Rechner muss ein oder mehrere Programme in den - lokalen Speicher laden. Dazu wird entweder - TFTP oder NFS - verwendet. Die Auswahl zwischen TFTP und - NFS erfolgt ber das Setzen von - verschiedenen Kompilieroptionen. Ein hufig gemachter - Fehler ist es, Dateinamen fr das falsche Protokoll - anzugeben: TFTP transferiert - normalerweise alle Dateien aus einem einzigen Verzeichnis - des Servers, und erwartet einen Pfad relativ zu diesem - Verzeichnis. NFS verlangt hingegen - absolute Dateipfade. + Der Rechner muss den Loader ber + TFTP starten. + + Das Root-Dateisystem muss ber + NFS geladen werden. + + Die mglichen Bootstrap-Programme und der Kernel mssen initialisiert und ausgefhrt werden. Dabei @@ -4404,7 +4364,7 @@ DHCP" PXE ldt &man.pxeboot.8;. Dabei handelt es sich um eine modifizierte Version des - &os;-Laders der Boot-Phase drei. Der &man.loader.8; + &os;-Loaders der Boot-Phase drei. Der &man.loader.8; beschafft alle fr den Systemstart notwendigen Parameter, und hinterlegt diese in der Kernelumgebung, bevor er die Kontrolle bergibt. Es ist hier @@ -4441,82 +4401,85 @@ DHCP" Weitere Informationen finden Sie in &man.diskless.8;. - - Konfiguration unter Verwendung von - <application>ISC DHCP</application> + + Konfiguration des + <application>ISC DHCP</application>-Servers DHCP plattenloser Betrieb + PXE bentigt einen konfigurierten + TFTP- und + DHCP-Server. Der + DHCP-Server muss nicht auf der selben + Maschine laufen wie der TFTP-Server, + aber er muss ber das Netzwerk erreichbar sein. + Der ISC DHCP-Server kann Anfragen sowohl von BOOTP als auch von DHCP beantworten. - isc-dhcp 3.1 ist nicht Teil - des Basissystems. Sie mssen es daher zuerst - installieren. Verwenden Sie dazu den Port - net/isc-dhcp31-server - oder das entsprechende Paket. + ISC DHCP ist nicht Teil + des Basissystems. Installieren Sie den + net/isc-dhcp42-server Port und folgen + Sie den Anweisungen in . + Stellen Sie sicher, dass /etc/rc.conf + und /usr/local/etc/dhcpd.conf richtig + konfiguriert sind. Nachdem ISC DHCP installiert - ist, muss das Programm konfiguriert werden (normalerweise in - /usr/local/etc/dhcpd.conf). Im - folgenden Beispiel verwendet Rechner margaux - Etherboot, whrend Rechner - corbieres PXE verwendet: - + ist, bearbeiten Sie seine Konfigurationsdatei, + /usr/local/etc/dhcpd.conf. + Konfigurieren Sie die next-server, + filename und option root-path + Einstellungen, um die IP-Adresse des + TFTP-Servers, den Pfad zu + /boot/pxeboot in TFTP + und den Pfad zum NFS-Root-Dateisystem + zu bestimmen. Hierzu ein Beispiel fr + /usr/local/etc/dhcpd.conf: + + subnet 192.168.0.0 netmask 255.255.255.0 { +range 192.168.0.2 192.168.0.3; +option subnet-mask 255.255.255.0; +option routers 192.168.0.1; +option broadcast-address 192.168.0.255; +option domain-name-servers 192.168.35.35, 192.168.35.36; +option domain-name "example.com"; + +# IP address of TFTP server +next-server 192.168.0.1; + +# path of boot loader obtained +# via tftp +filename "FreeBSD/install/boot/pxeboot"; - default-lease-time 600; - max-lease-time 7200; - authoritative; - - option domain-name "example.com"; - option domain-name-servers 192.168.4.1; - option routers 192.168.4.1; - - subnet 192.168.4.0 netmask 255.255.255.0 { - use-host-decl-names on; - option subnet-mask 255.255.255.0; - option broadcast-address 192.168.4.255; - - host margaux { - hardware ethernet 01:23:45:67:89:ab; - fixed-address margaux.example.com; - next-server 192.168.4.4; - filename "/tftpboot/kernel.diskless"; - option root-path "192.168.4.4:/data/misc/diskless"; - } - host corbieres { - hardware ethernet 00:02:b3:27:62:df; - fixed-address corbieres.example.com; - next-server 192.168.4.4; - filename "pxeboot"; - option root-path "192.168.4.4:/data/misc/diskless"; - } - } - +# pxeboot boot loader will try to NFS mount this directory for root FS +option root-path "192.168.0.1:/b/tftpboot/FreeBSD/install/"; +} - - Diese Option + - Die Anweisung + Die Anweisung next-server bestimmt den TFTP- oder NFS-Server, von dem der Loader oder der Kernel geladen werden (in der Voreinstellung ist das der DHCP-Server selbst). - - Die Anweisung + Die Anweisung filename bestimmt die Datei, die Etherboot als nchstes ldt. Das genaue Format hngt von der @@ -4539,20 +4502,18 @@ DHCP" GENERIC-Kernel laden, dadurch ist es mglich, PXE von einer entfernten CD-ROM zu starten. - - Die Option - root-path bestimmt den Pfad des - root-Dateisystems in normaler NFS-Schreibweise. Wird - PXE verwendet, ist es mglich, + Die Option root-path bestimmt den + Pfad des root-Dateisystems in normaler NFS-Schreibweise. + Wird PXE verwendet, ist es mglich, die IP-Adresse des Rechners wegzulassen, solange nicht die Kerneloption BOOTP aktiviert wird. Der NFS-Server entspricht in diesem Fall dem TFTP-Server. - - + - Konfiguration des <acronym>PXE</acronym> und - <acronym>NFS</acronym> Servers + Konfiguration des + <acronym>NFS</acronym>-Servers + + Aktivieren Sie NFS und exportieren + Sie die entsprechenden Dateisysteme auf dem + NFS-Server. + + Fgen Sie folgende Zeile in + /etc/rc.conf hinzu: + + nfs_server_enable="YES" + + Exportieren Sie das Verzeichnis, in dem sich das + Wurzelverzeichnis fr den plattenlosen Betrieb befindet, + indem Sie folgende Zeile in + /etc/exports hinzufgen (passen Sie + dabei den mountpoint an und + ersetzen Sie corbieres durch + den Namen Ihres plattenlosen Rechners): - In der Voreinstellung ldt der - &man.pxeboot.8;-Loader den Kernel ber - NFS. Soll stattdessen - TFTP verwendet werden, muss beim - Kompilieren die Option - LOADER_TFTP_SUPPORT in der Datei - /etc/make.conf eingetragen sein. Sehen - Sie sich die Datei - /usr/share/examples/etc/make.conf - fr weitere Anweisungen an. - - Es gibt zwei Optionen fr - make.conf, die ntzlich sein - knnen, wenn Sie eine plattenlose serielle Konsole - einrichten wollen: - BOOT_PXELDR_PROBE_KEYBOARD, und - BOOT_PXELDR_ALWAYS_SERIAL. + /data/misc + -alldirs -ro margaux corbieres + + + Weisen Sie nun mountd an, + seine Konfigurationsdatei neu einzulesen. Wenn Sie + NFS erst in der Datei + /etc/rc.conf aktivieren mussten, + sollten Sie stattdessen den Rechner neu starten. Dadurch + wird die Konfigurationsdatei ebenfalls + neu eingelesen. + + &prompt.root; service mountd restart + + + + Konfiguration des + <acronym>TFTP</acronym>-Servers Um PXE beim Systemstart zu verwenden, mssen Sie im BIOS des Rechner die @@ -4675,11 +4655,8 @@ margaux:ha=0123456789ab:tc=.def100plattenloser Betrieb - Wenn Sie PXE oder - Etherboot so konfiguriert haben, - dass diese TFTP verwenden, mssen - Sie auf dem Dateiserver tftpd - aktivieren: + Fhren Sie folgende Schritte aus um + &man.tftpd.8; zu aktivieren: @@ -4716,58 +4693,33 @@ margaux:ha=0123456789ab:tc=.def100 Sie knnen das Verzeichnis - /tftpboot an einem beliebigen Ort auf dem - Server ablegen. Stellen Sie aber sicher, dass Sie diesen Ort - sowohl in inetd.conf als auch in - /usr/local/etc/dhcpd.conf eingetragen - haben. - - Auerdem mssen Sie NFS aktivieren und die - entsprechenden Verzeichnisse exportieren. - - - - Fgen Sie folgende Zeile in - /etc/rc.conf ein: - - nfs_server_enable="YES" - - - - Exportieren Sie das Verzeichnis, in dem sich das - Wurzelverzeichnis fr den plattenlosen Betrieb - befindet, indem Sie folgende Zeile in - /etc/exports einfgen (passen - Sie dabei den mountpoint - an und ersetzen Sie - margaux corbieres durch den - Namen Ihres plattenlosen Rechners): - - /data/misc -alldirs -ro margaux - - - - Weisen sie nun mountd an, - seine Konfigurationsdatei erneut einzulesen. Wenn Sie - NFS erst in der Datei - /etc/rc.conf aktivieren mussten, - sollten Sie stattdessen den Rechner neu starten. Dadurch - wird die Konfigurationsdatei ebenfalls neu eingelesen. - + /tftpboot an einem beliebigen Ort auf + dem Server ablegen. Stellen Sie aber sicher, dass Sie + diesen Ort sowohl in /etc/inetd.conf + als auch in /usr/local/etc/dhcpd.conf + eingetragen haben. + - &prompt.root; /etc/rc.d/mountd restart - - + + Vorbereitung des Root-Dateisystems plattenloser Betrieb Kernelkonfiguration - Wenn Sie Etherboot verwenden, - mssen Sie in die Kernelkonfigurationsdatei Ihres - plattenlosen Clients zustzlich folgende Optionen - einfgen: + Wenn Sie PXE verwenden, ist die + Erzeugung eines neuen Kernels zwar nicht unbedingt + notwendig, es wird allerdings dennoch empfohlen. Die + Aktivierung dieser Optionen bewirkt, dass die Anzahl der + mglichen DHCP-Anfragen whrend des + Kernelstarts erhht wird. Ein kleiner Nachteil sind + eventuell auftretende Inkonsistenzen zwischen den neuen + Werten und den von &man.pxeboot.8; erhaltenen Werten. + Der groe Vorteil dieser Variante ist es, das dabei der + Rechnername gesetzt wird, den Sie ansonsten durch eine + andere Methode, beispielsweise in einer clientspezifischen + /etc/rc.conf festlegen mssten. options BOOTP # Use BOOTP to obtain IP address/hostname options BOOTP_NFSROOT # NFS mount root file system using BOOTP info @@ -4789,32 +4741,6 @@ options BOOTP_NFSROOT # NFS mount r in /usr/local/etc/dhcpd.conf festgelegten Ort. - Wenn Sie PXE verwenden, ist die - Erzeugung eines Kernels zwar nicht unbedingt ntig, sie - wird allerdings dennoch empfohlen. Die Aktivierung dieser - Optionen bewirkt, dass die Anzahl der mglichen - DHCP-Anforderungen whrend des - Kernelstarts erhht wird. Ein kleiner Nachteil sind - eventuell auftretende Inkonsistenzen zwischen den neuen - Werten und den von &man.pxeboot.8; erhaltenen Werten. Der - groe Vorteil dieser Variante ist es, dass dabei der - Rechnername gesetzt wird, den Sie ansonsten durch eine - andere Methode, beispielsweise in einer clientspezifischen - rc.conf-Datei festlegen mssten. - - - - Damit der Kernel von - Etherboot geladen werden kann, - mssen device hints im - Kernel einkompiliert sein. Dazu setzen Sie normalerweise - folgende Option in die Kernelkonfigurationsdatei (sehen Sie - sich dazu auch die kommentierte Datei - NOTES an): - - hints "GENERIC.hints" - - Root-Dateisystem plattenloser Betrieb @@ -5125,66 +5051,6 @@ myhost.example.com:/b/tftpboot/FreeBSD/i - Einrichtung des DHCP-Servers - - PXE bentigt fr die Einrichtung einen - TFTP-Server und einen - DHCP-Server. Der - DHCP-Server muss nicht unbedingt auf der - gleichen Maschine laufen wie der - TFTP-Server, aber er muss in Ihrem Netzwerk - erreichbar sein. - - - - Installieren Sie den DHCP-Server, - indem Sie den Anweisungen in folgen. Stellen Sie - sicher, dass /etc/rc.conf und - /usr/local/etc/dhcpd.conf richtig - konfiguriert sind. - - - - Konfigurieren Sie in - /usr/local/etc/dhcpd.conf die - next-server, - filename und option - root-path Einstellungen, um die - IP-Adresse des - TFTP-Servers, den Pfad zu - /boot/pxeboot in - TFTP und den Pfad zum - NFS-Root-Dateisystem zu bestimmen. - Hierzu ein Beispiel fr - /usr/local/etc/dhcpd.conf: - - -subnet 192.168.0.0 netmask 255.255.255.0 { - range 192.168.0.2 192.168.0.3; - option subnet-mask 255.255.255.0; - option routers 192.168.0.1; - option broadcast-address 192.168.0.255; - option domain-name-server 192.168.35.35 192.168.35.36; - option domain-name "example.com"; - - # IP address of TFTP server - next-server 192.168.0.1; - - # path of boot loader obtained - # via tftp - filename "FreeBSD/install/boot/pxeboot"; - - # pxeboot boot loader will try to NFS mount this directory for root FS - option root-path "192.168.0.1:/b/tftpboot/FreeBSD/install/"; - -} - - - - - - Konfiguration des <acronym>PXE</acronym>-Clients und Fehlersuche bei Verbindungsproblemen @@ -5240,7 +5106,7 @@ Received 264951 bytes in 0.1 seconds - ISDN – diensteintegrierendes digitales Netzwerk + ISDN – dienstintegrierendes digitales Netzwerk ISDN @@ -6002,7 +5868,7 @@ round-trip min/avg/max/stddev = 2.530/2. Es gibt verschiedene Arten von IPv6-Adressen: Unicast-, Anycast- und Multicast-Adressen. - Unicast-Adressen sind die herkmlichen Adressen. Ein + Unicast-Adressen sind die herkmmlichen Adressen. Ein Paket, das an eine Unicast-Adresse gesendet wird, kommt nur an der Schnittstelle an, die dieser Adresse zugeordnet ist. @@ -6697,7 +6563,7 @@ class="ipaddress">192.168.1.51 An dieser Stelle muss entweder das Netzwerk neu gestartet, - oder die Machine neu gebootet werden, um + oder die Maschine neu gebootet werden, um CARP zu aktivieren. Die Funktionalitt von CARP kann, wie From owner-svn-doc-all@FreeBSD.ORG Sun Jul 13 17:36:52 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CAD12788; Sun, 13 Jul 2014 17:36:52 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AB7C22983; Sun, 13 Jul 2014 17:36:52 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6DHaqvC093958; Sun, 13 Jul 2014 17:36:52 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6DHaq4o093957; Sun, 13 Jul 2014 17:36:52 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407131736.s6DHaq4o093957@svn.freebsd.org> From: Glen Barber Date: Sun, 13 Jul 2014 17:36:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45266 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Jul 2014 17:36:52 -0000 Author: gjb Date: Sun Jul 13 17:36:52 2014 New Revision: 45266 URL: http://svnweb.freebsd.org/changeset/doc/45266 Log: Add vt(4) report. Submitted by: ray Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Sun Jul 13 10:54:43 2014 (r45265) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Sun Jul 13 17:36:52 2014 (r45266) @@ -43,7 +43,7 @@ ?>

    Thanks to all the reporters for the excellent work! This - report contains 3 entries and we hope you enjoy reading it.

    + report contains 4 entries and we hope you enjoy reading it.

    The deadline for submissions covering between July and September 2014 is October 7th, 2014.

    @@ -218,4 +218,116 @@ Test on real hardware + + + Updated <tt>vt(4)</tt> System Console + + + + + Aleksandr + Rybalko + + ray@FreeBSD.org + + + + + Ed + Maste + + emaste@FreeBSD.org + + + + + Ed + Schouten + + ed@FreeBSD.org + + + + + Project wiki + page + + + +

    The vt(4) (a.k.a. Newcons) project provides + a replacement for the legacy syscons system console. + It brings a number of improvements, including better + integration with graphics modes and broader character set + support.

    + +

    Since the last report, + vt(4) gained the ability to make early driver + selection. vt(4) selects the best successfully + probed driver before most of kernel subsystems. Also, to make + easy migration from syscons(4) to vt(4), + multiple virtual terminal subsystems in the kernel are now + supported, and it is controlled by a small module with just + one kernel environment variable 

    kern.vty=syscons
    or + 
    kern.vty=vt
    .

    + +

    The GENERIC kernel configuration for the amd64 and i386 + platforms include both syscons(4) and vt(4) + by default. Such configuration also planned to be in next + 10-STABLE release, expected to be included in + &os; 10.1-RELEASE.

    + +

    Major highlights:

    + +
      +
    • Unicode support.
      • +
    • Double-width character support for CJK characters.
      • +
    • xterm(1)-like terminal emulation.
      • +
    • Support for Kernel Mode Setting (KMS) drivers + (i915kms, radeonkms).
      • +
    • Support for different fonts per terminal window.
      • +
    • Simplified drivers.
      • +
    + +

    Brief status of supported architectures and hardware:

    + +
      +
    • amd64 (VGA/i915kms/radeonkms) — + works.
      • +
    • ARM framebuffer — works.
      • +
    • i386 (VGA/i915kms/radeonkms) — + works.
      • +
    • IA64 — untested.
      • +
    • MIPS — untested.
      • +
    • PPC and PPC64 — work, but without X.Org yet.
      • +
    • SPARC — works on certain hardware (e.g., Ultra + 5).
      • +
    • vesa(4) — in progress.
      • +
    • i386/amd64 nVidia driver — not supported. VGA + should be used (VESA planned).
      • +
    • Xbox framebuffer driver — will be deleted as + unused.
      • +
    + + + The &os; Foundation + + + Implement the remaining features supported by + vidcontrol(1). + + Write manual pages for vt(4) drivers and kernel + interface. + + Support direct handling of keyboard by the kbd + device (without kbdmux(4)). + + CJK fonts. (This is in progress). + Address performance issues on some architectures. + Switch to vt(4) by default. + Convert keyboard maps for use with vt(4). + Implement campatibility mode to be able to use single-byte + charsets/key-codes in the vt(4). + +     From owner-svn-doc-all@FreeBSD.ORG Sun Jul 13 17:46:30 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 630DF8C4; Sun, 13 Jul 2014 17:46:30 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 448202A34; Sun, 13 Jul 2014 17:46:30 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6DHkUsk098541; Sun, 13 Jul 2014 17:46:30 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6DHkUhN098540; Sun, 13 Jul 2014 17:46:30 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407131746.s6DHkUhN098540@svn.freebsd.org> From: Glen Barber Date: Sun, 13 Jul 2014 17:46:30 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45267 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Jul 2014 17:46:30 -0000 Author: gjb Date: Sun Jul 13 17:46:29 2014 New Revision: 45267 URL: http://svnweb.freebsd.org/changeset/doc/45267 Log: Add QEMU report. Submitted by: sbruno Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Sun Jul 13 17:36:52 2014 (r45266) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Sun Jul 13 17:46:29 2014 (r45267) @@ -43,7 +43,7 @@ ?>

    Thanks to all the reporters for the excellent work! This - report contains 4 entries and we hope you enjoy reading it.

    + report contains 5 entries and we hope you enjoy reading it.

    The deadline for submissions covering between July and September 2014 is October 7th, 2014.

    @@ -330,4 +330,113 @@ charsets/key-codes in the vt(4). + + + QEMU bsd-user enabled ports building + + + + + Stacey + Son + + sson@freebsd.org + + + + Juergen + Lock + + nox@freebsd.org + + + + Sean + Bruno + + sbruno@freebsd.org + + + + + Overview of technology + Status of ports building + Master respository for collaboration + + + +

    The ports-mgmt/poudriere-devel port is aware of how to build + ports via an emulator. Configuration of the miscellaneous + binary image activator is required prior to a poudriere-devel + run.

    + +

    ARMV6, MIPS32 and MIPS64 packages can be produced via full + emulation. There are several packages that block a full run of + builds. They can be viewed on the Status of ports building + link.

    + +

    On current or latest stable/10:

    + +

    Clone the github + repository of qemu, and switch to + the bsd-user branch. Then run:

    + +

    ./configure --static \
    + --target-list="arm-bsd-user i386-bsd-user \
    + mips-bsd-user mips64-bsd-user mips64el-bsd-user \
    + mipsel-bsd-user ppc-bsd-user ppc64-bsd-user sparc-bsd-user \
    + sparc64-bsd-user x86_64-bsd-user"

    + +

    gmake; gmake install

    + +

    Then setup the binmiscctl tools to do some evil hackery to + redirect execution of armv6 binaries to qemu:

    + +

    binmiscctl add armv6 --interpreter \ + "/usr/local/bin/qemu-arm" --magic \ + "\x7f\x45\x4c\x46\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02 \
    + \x00\x28\x00" --mask "\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff \
    + \xff\xff\xff\xff\xfe\xff\xff\xff" --size 20 --set-enabled

    + +

    Install poudriere-devel from ports. It knows how to setup + things.

    + +

    Build poudriere jail to do all the magic:

    + +

    poudriere jail -c -j 11armv632 -m svn -a armv6 \
    + -v head

    + +

    You can now run poudriere against that jail to build all the + ports:

    + +

    poudriere bulk -j 11armv632 -a

    + +

    Nullfs mount your ports tree into the jail:

    + +

    mkdir /usr/local/poudriere/jails/11armv632/usr/ports
    + mount -t nullfs /usr/ports /usr/local/poudriere/jails/11armv632/usr/ports

    +

    To chroot into the jail:

    + +

    mount -t devfs devfs /usr/local/poudriere/jails/11armv632/dev
    + chroot /usr/local/poudriere/jails/11armv632/

    + + + + + PPC on AMD64 emulation. WIP as there appears to be some serious issues running the bsd-user binary on big endian hardware. Justin Hibbits working on this. + + + SPARC64 on AMD64 emulation is non-functional and instantly segfaults. Looking for someone to poke at the bits here. + + + External Tool Chain, XDEV support. Partial support for using an AMD64 tool chain that can output other architecture (use AMD64 toolchain to build MIPS64 packages). Currently tracking a linking issue with ports-mgmt/pkg. Thanks to Warner Losh, Baptiste Daroussin, Dimitry Andric for poking at bits in here to make the XDEV target useful. + + + Signal Handling, MIPS/ARMV6 target still displays a failure that manifests itself when building devel/p5-Sys-SigAction + + + Massive documentation update needed. These modifications actually allow you to chroot into a MIPS or ARMv6 environment and use native tool chains and libraries to prototype your software for a target platform. + + +     From owner-svn-doc-all@FreeBSD.ORG Sun Jul 13 17:51:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 38910E4D; Sun, 13 Jul 2014 17:51:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 257252A61; Sun, 13 Jul 2014 17:51:13 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6DHpDVv000466; Sun, 13 Jul 2014 17:51:13 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6DHpDhC000465; Sun, 13 Jul 2014 17:51:13 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407131751.s6DHpDhC000465@svn.freebsd.org> From: Glen Barber Date: Sun, 13 Jul 2014 17:51:13 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45268 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Jul 2014 17:51:13 -0000 Author: gjb Date: Sun Jul 13 17:51:12 2014 New Revision: 45268 URL: http://svnweb.freebsd.org/changeset/doc/45268 Log: Add Python report. Submitted by: mva Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Sun Jul 13 17:46:29 2014 (r45267) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Sun Jul 13 17:51:12 2014 (r45268) @@ -43,7 +43,7 @@ ?>

    Thanks to all the reporters for the excellent work! This - report contains 5 entries and we hope you enjoy reading it.

    + report contains 6 entries and we hope you enjoy reading it.

    The deadline for submissions covering between July and September 2014 is October 7th, 2014.

    @@ -439,4 +439,68 @@ + + + &os; Python Ports + + + + + &os; + Python Team + + python@FreeBSD.org + + + + + The &os; Python Team Page + IRC channel + + + +

    We are pleased to announce the availability of support for + conflict-free Python package support across different Python + versions, based on the USES=uniquefiles feature recently + introduced to the Ports framework. This means that you can, in + theory, mark a Python package as buildable and installable in + parallel for different Python versions at the same time on the + same host. The package building tools however do not support + this feature yet and the Python team will work closely with + portmgr and pkg developers to enable support on a global ports + and package scale.

    + +

    In May and June a huge clean-up operation took place to + remove the last bits and pieces targeting easy_install. In the + beginning of July we committed the final changes to remove + easy_install support completely from the ports framework. This + greatly simplifies the infrastructure and allows us to + modernize and maintain it with less effort.

    + +

    We added Python 3.4, removed Python 3.1 after its end of + life, updated the setuptools ports to version 5.1 and PyPy's + development version to 2.3.1. The latest Python 2.7.8 and an + updated setuptools will hit the tree shortly.

    + +

    Our upstreaming effort continues to produce good outcomes for + simplifying maintenance and reducing complexity.

    + +

    Looking forward, one of the top priorities will be to comply + to the Uses framework in the foreseeable future and to roll + out a consistent maintainer policy for integrating new + Python-related ports into the tree.

    + + + + Migrate bsd.python.mk to the Uses framework. + Develop a high-level and lightweight Python Ports Policy. + Add support for granular dependencies (for example >=1.0,<2.0). + Look at what adding pip (Python Package Index) support looks like. + Add default QA targets and functions for Python ports (TEST_DEPENDS, + regression-test, etc.) + More tasks can be found on the team's wiki page (see links). + To get involved, come and say hi on IRC and let us know what you're + interested in! + +     From owner-svn-doc-all@FreeBSD.ORG Sun Jul 13 17:55:49 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5014A213; Sun, 13 Jul 2014 17:55:49 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 310462B15; Sun, 13 Jul 2014 17:55:49 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6DHtnFH003600; Sun, 13 Jul 2014 17:55:49 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6DHtnqm003599; Sun, 13 Jul 2014 17:55:49 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407131755.s6DHtnqm003599@svn.freebsd.org> From: Glen Barber Date: Sun, 13 Jul 2014 17:55:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45269 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Jul 2014 17:55:49 -0000 Author: gjb Date: Sun Jul 13 17:55:48 2014 New Revision: 45269 URL: http://svnweb.freebsd.org/changeset/doc/45269 Log: Add UEFI report. Submitted by: emaste Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Sun Jul 13 17:51:12 2014 (r45268) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Sun Jul 13 17:55:48 2014 (r45269) @@ -43,7 +43,7 @@ ?>

    Thanks to all the reporters for the excellent work! This - report contains 6 entries and we hope you enjoy reading it.

    + report contains 7 entries and we hope you enjoy reading it.

    The deadline for submissions covering between July and September 2014 is October 7th, 2014.

    @@ -503,4 +503,67 @@ interested in! + + + UEFI Boot + + + + + Ed + Maste + + emaste@FreeBSD.org + + Nathan + Whitehorn + + nwhitehorn@freebsd.org + + + + + &os; UEFI wiki page + + + +

    The Unified Extensible Firmware Interface (UEFI) provides + boot- and run-time services for x86 and other computers. For + the x86 architecture it replaces the legacy BIOS. This + project will adapt the &os; loader and kernel boot process for + compatibility with UEFI firmware, found on contemporary + servers, desktops, and laptops.

    + +

    Ed and Nathan completed a number of integration tasks over + the past three months. Nathan added a first-stage loader, + boot1.efi, to support chain-loading the rest of the system + from a UFS filesystem. This allows the UEFI boot process to + proceed in a similar fashion as with BIOS boot. Nathan also + added UEFI support to the &os; installer and release image + creation script.

    + +

    The EFI framebuffer requires the vt(4) system console — + a framebuffer driver is not implemented for the legacy + syscons(4) console. Ed added automatic vt(4) selection to the + UEFI boot path.

    + +

    &os; snapshots + are now built as dual-mode images, and should boot via BIOS + and UEFI. Our plan is to merge the UEFI and vt(4) work to + stable/10 to appear in &os; 10.1-RELEASE.

    + + + The &os; Foundation + + + Document manual installation, including dual-boot + configurations. + Implement boot1.efi for ZFS file systems. + Add support for UEFI variables stored in non-volatile + memory (NVRAM). + Debug boot failures with certain UEFI firmware + implementations. + Support secure boot. + +     From owner-svn-doc-all@FreeBSD.ORG Sun Jul 13 17:59:01 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 63029459; Sun, 13 Jul 2014 17:59:01 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 503372B43; Sun, 13 Jul 2014 17:59:01 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6DHx1Hu004072; Sun, 13 Jul 2014 17:59:01 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6DHx1HB004071; Sun, 13 Jul 2014 17:59:01 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407131759.s6DHx1HB004071@svn.freebsd.org> From: Glen Barber Date: Sun, 13 Jul 2014 17:59:01 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45270 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Jul 2014 17:59:01 -0000 Author: gjb Date: Sun Jul 13 17:59:00 2014 New Revision: 45270 URL: http://svnweb.freebsd.org/changeset/doc/45270 Log: Fix rendering in vt(4) entry. Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Sun Jul 13 17:55:48 2014 (r45269) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Sun Jul 13 17:59:00 2014 (r45270) @@ -268,8 +268,8 @@ easy migration from syscons(4) to vt(4), multiple virtual terminal subsystems in the kernel are now supported, and it is controlled by a small module with just - one kernel environment variable 
    kern.vty=syscons
    or - 
    kern.vty=vt
    .

    + one kernel environment variable kern.vty=syscons or + kern.vty=vt.

    The GENERIC kernel configuration for the amd64 and i386 platforms include both syscons(4) and vt(4) From owner-svn-doc-all@FreeBSD.ORG Sun Jul 13 18:06:39 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6C6DC568; Sun, 13 Jul 2014 18:06:39 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 561182BE9; Sun, 13 Jul 2014 18:06:39 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6DI6dMg008549; Sun, 13 Jul 2014 18:06:39 GMT (envelope-from emaste@svn.freebsd.org) Received: (from emaste@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6DI6dfl008548; Sun, 13 Jul 2014 18:06:39 GMT (envelope-from emaste@svn.freebsd.org) Message-Id: <201407131806.s6DI6dfl008548@svn.freebsd.org> From: Ed Maste Date: Sun, 13 Jul 2014 18:06:39 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45271 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Jul 2014 18:06:39 -0000 Author: emaste (src committer) Date: Sun Jul 13 18:06:38 2014 New Revision: 45271 URL: http://svnweb.freebsd.org/changeset/doc/45271 Log: Fix UEFI entry markup Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Sun Jul 13 17:59:00 2014 (r45270) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Sun Jul 13 18:06:38 2014 (r45271) @@ -514,6 +514,8 @@ Maste emaste@FreeBSD.org + + Nathan Whitehorn From owner-svn-doc-all@FreeBSD.ORG Sun Jul 13 18:11:41 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A36A677F; Sun, 13 Jul 2014 18:11:41 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 90CF82CAA; Sun, 13 Jul 2014 18:11:41 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6DIBfe1012685; Sun, 13 Jul 2014 18:11:41 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6DIBfRu012683; Sun, 13 Jul 2014 18:11:41 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407131811.s6DIBfRu012683@svn.freebsd.org> From: Glen Barber Date: Sun, 13 Jul 2014 18:11:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45272 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Jul 2014 18:11:41 -0000 Author: gjb Date: Sun Jul 13 18:11:41 2014 New Revision: 45272 URL: http://svnweb.freebsd.org/changeset/doc/45272 Log: Switch betarel.vers from RC3 to RELEASE to avoid broken links. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/share/xml/release.ent Modified: head/share/xml/release.ent ============================================================================== --- head/share/xml/release.ent Sun Jul 13 18:06:38 2014 (r45271) +++ head/share/xml/release.ent Sun Jul 13 18:11:41 2014 (r45272) @@ -41,7 +41,7 @@ - + + April-June @@ -11,8 +15,7 @@

    Introduction -

    - This is a draft of the April-June 2014 status report. +

    This is a draft of the April-June 2014 status report. Please check back after it is finalized, and an announcement email is sent to the FreeBSD-Announce mailing list.

    @@ -26,17 +29,17 @@ productive time for &os;. The Ports team released their landmark first quarterly stable branch. &os; continues to grow on the ARM architecture, now running on an ARM-based - ChromeBook. SMP is now possible on multi-core ARM systems. + ChromeBook. SMP is now possible on multi-core ARM systems. bhyve, the native &os; hypervisor, continues to improve. An integral test suite is taking shape, and the Jenkins Continuous Integration system has been implemented. &os; patches to GCC are being forward-ported, and LLDB, the Clang/LLVM - debugger is being ported. Desktop use has also seen + debugger is being ported. Desktop use has also seen improvements, with work on Gnome, KDE, Xfce, KMS video drivers, X.org, and vt, the new console driver which supports KMS and Unicode. Linux and Wine binary compatibility layers have been improved. UEFI booting support has been merged to - head. The &os; Foundation continues to assist in moving &os; + head. The &os; Foundation continues to assist in moving &os; forward, sponsoring conferences and meetings and numerous development projects. And these are only some of the things that happened! Read on for even more.

    @@ -168,7 +171,7 @@

    With all above, and earlier improvements in CAM, GEOM, ZFS and number of other kernel areas coming soon FreeBSD 10.1 may - become the fastest storage release ever. ;)

    + become the fastest storage release ever. ;)

    These projects are sponsored by iXsystems, Inc.

    @@ -179,11 +182,11 @@ - + Andrew Turner - - andrew@FreeBSD.org + + andrew@FreeBSD.org @@ -193,19 +196,19 @@

    Arm64 is the name of the in-progress port of &os; to the - ARMv8 CPU when it is in AArch64 mode. Until recently, all ARM - CPU designs were 32-bit only. With the introduction of the - ARMv8 architecture, ARM has added a new 64-bit mode. This new + ARMv8 CPU when it is in AArch64 mode. Until recently, all ARM + CPU designs were 32-bit only. With the introduction of the + ARMv8 architecture, ARM has added a new 64-bit mode. This new mode has been named AArch64.

    Booting &os; on the ARM Foundation Model has made a lot of - progress since the last status report. An initial pmap + progress since the last status report. An initial pmap implementation has been written. With this &os; is able to - enter the Machine Independent boot code. The required autoconf - functions have been added allowing &os; to start scheduling - tasks. Finally the cpu_switch and copystr functions were - added. With these two &os; will boot to the mountroot - prompt.

    + enter the Machine Independent boot code. The required + autoconf functions have been added allowing &os; to start + scheduling tasks. Finally the cpu_switch and copystr + functions were added. With these two &os; will boot to the + mountroot prompt.

    Work has started on supporting exceptions, including interrupts. This will start to allow more developers to start @@ -214,7 +217,9 @@ Finish exception and interrupt handling + Read the Device Tree or ACPI tables from UEFI + Test on real hardware @@ -285,18 +290,23 @@ next 10-STABLE release and &os; 10.1-RELEASE.

    Project finally get his man page, so now vt(4) not - only project name, but also link to its documentation. Great + only project name, but also link to its documentation. Great thanks to &a.wblock; for that.

    Major highlights:

    • Unicode support.
      • +
    • Double-width character support for CJK characters.
      • +
    • xterm(1)-like terminal emulation.
      • +
    • Support for Kernel Mode Setting (KMS) drivers (i915kms, radeonkms).
      • +
    • Support for different fonts per terminal window.
      • +
    • Simplified drivers.
    @@ -305,17 +315,26 @@
    • amd64 (VGA/i915kms/radeonkms) — works.
      • +
    • ARM framebuffer — works.
      • +
    • i386 (VGA/i915kms/radeonkms) — works.
      • +
    • IA64 — untested.
      • +
    • MIPS — untested.
      • +
    • PPC and PPC64 — work, but without X.Org yet.
      • +
    • SPARC — works on certain hardware (e.g., Ultra 5).
      • +
    • vesa(4) — in progress.
      • +
    • i386/amd64 nVidia driver — not supported. VGA should be used (VESA planned).
      • +
    • Xbox framebuffer driver — will be deleted as unused.
    @@ -334,9 +353,13 @@ device (without kbdmux(4)). CJK fonts. (This is in progress). + Address performance issues on some architectures. + Switch to vt(4) by default. + Convert keyboard maps for use with vt(4). + Implement compatibility mode to be able to use single-byte charsets/key-codes in the vt(4). @@ -347,32 +370,39 @@ - - Stacey - Son - - sson@freebsd.org - - - - Juergen - Lock - - nox@freebsd.org - - - - Sean - Bruno - - sbruno@freebsd.org + + Stacey + Son + + sson@freebsd.org + + + + + Juergen + Lock + + nox@freebsd.org + + + + + Sean + Bruno + + sbruno@freebsd.org - Overview of technology - Status of ports building - Master respository for collaboration + Overview + of technology + + Status of ports + building + + Master + respository for collaboration @@ -382,15 +412,16 @@ run.

    ARMV6, MIPS32 and MIPS64 packages can be produced via full - emulation. There are several packages that block a full run of - builds. They can be viewed on the Status of ports building - link.

    + emulation. There are several packages that block a full run + of builds. They can be viewed on the Status of ports building + link.

    On current or latest stable/10:

    -

    Clone the github - repository of qemu, and switch to - the bsd-user branch. Then run:

    +

    Clone the github + repository of qemu, and switch to the bsd-user branch. Then + run:

    ./configure --static \
    --target-list="arm-bsd-user i386-bsd-user \
    @@ -409,7 +440,7 @@ \x00\x28\x00" --mask "\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff \
    \xff\xff\xff\xff\xfe\xff\xff\xff" --size 20 --set-enabled

    -

    Install poudriere-devel from ports. It knows how to setup +

    Install poudriere-devel from ports. It knows how to set up things.

    Build poudriere jail to do all the magic:

    @@ -426,6 +457,7 @@

    mkdir /usr/local/poudriere/jails/11armv632/usr/ports
    mount -t nullfs /usr/ports /usr/local/poudriere/jails/11armv632/usr/ports

    +

    To chroot into the jail:

    mount -t devfs devfs /usr/local/poudriere/jails/11armv632/dev
    @@ -436,18 +468,22 @@ PPC on AMD64 emulation. WIP as there appears to be some serious issues running the bsd-user binary on big endian hardware. Justin Hibbits working on this. + SPARC64 on AMD64 emulation is non-functional and instantly segfaults. Looking for someone to poke at the bits here. + External Tool Chain, XDEV support. Partial support for using an AMD64 tool chain that can output other architecture (use AMD64 toolchain to build MIPS64 packages). Currently tracking a linking issue with ports-mgmt/pkg. Thanks to Warner Losh, Baptiste Daroussin, Dimitry Andric for poking at bits in here to make the XDEV target useful. - Signal Handling, MIPS/ARMV6 target still displays - a failure that manifests itself when building + + Signal Handling, MIPS/ARMV6 target still displays a + failure that manifests itself when building devel/p5-Sys-SigAction. + Massive documentation update needed. These modifications actually allow you to chroot into a MIPS or ARMv6 environment and use native tool chains and libraries to prototype your @@ -460,62 +496,74 @@ - - &os; - Python Team - - python@FreeBSD.org + + &os; + Python Team + + python@FreeBSD.org - The &os; Python Team Page - IRC channel + The &os; Python Team + Page + + IRC + channel -

    We are pleased to announce the availability of conflict-free - Python package support across different Python versions based on the - USES=uniquefiles feature recently introduced to the Ports framework. - A Python package can be marked as buildable and installable in - parallel for different Python versions at the same time on the same - host. The package building tools, however, do not support this feature - yet and the Python team will work closely with portmgr and pkg - developers to enable support on a global ports and package scale. -

    - -

    In May and June a huge clean-up operation took place to remove - the last bits and pieces targeting easy_install. In the beginning of - July we committed the final changes to remove easy_install support - completely from the ports framework. This greatly simplifies the - infrastructure and allows us to modernize and maintain it with less - effort.

    - -

    We added Python 3.4, removed Python 3.1 after its end of life, - updated the setuptools ports to version 5.1 and PyPy's development - version to 2.3.1. The latest Python 2.7.8 and an updated setuptools - will hit the tree shortly.

    - -

    Our upstreaming effort continues to produce good outcomes for - simplifying maintenance and reducing complexity.

    - -

    Looking forward, one of the top priorities is to comply with - the USES framework in the foreseeable future and to roll out a - consistent maintainer policy for integrating new Python-related ports - into the tree.

    +

    We are pleased to announce the availability of conflict-free + Python package support across different Python versions based + on the USES=uniquefiles feature recently introduced to the + Ports framework. A Python package can be marked as buildable + and installable in parallel for different Python versions at + the same time on the same host. The package building tools, + however, do not support this feature yet and the Python team + will work closely with portmgr and pkg developers to enable + support on a global ports and package scale.

    + +

    In May and June a huge clean-up operation took place to + remove the last bits and pieces targeting easy_install. In + the beginning of July we committed the final changes to remove + easy_install support completely from the ports framework. + This greatly simplifies the infrastructure and allows us to + modernize and maintain it with less effort.

    + +

    We added Python 3.4, removed Python 3.1 after its end of + life, updated the setuptools ports to version 5.1 and PyPy's + development version to 2.3.1. The latest Python 2.7.8 and an + updated setuptools will hit the tree shortly.

    + +

    Our upstreaming effort continues to produce good outcomes for + simplifying maintenance and reducing complexity.

    + +

    Looking forward, one of the top priorities is to comply with + the USES framework in the foreseeable future and to roll out a + consistent maintainer policy for integrating new + Python-related ports into the tree.

    Migrate bsd.python.mk to the Uses framework. - Develop a high-level and lightweight Python Ports Policy. - Add support for granular dependencies (for example >=1.0,<2.0). + + Develop a high-level and lightweight Python Ports + Policy. + + Add support for granular dependencies (for example + >=1.0,<2.0). + See what adding pip (Python Package Index) support will - require. - Add default QA targets and functions for Python ports (TEST_DEPENDS, - regression-test, etc.) - More tasks can be found on the team's wiki page (see links). - To get involved, interested people can say hello on IRC and let us - know their areas of interest! + require. + + Add default QA targets and functions for Python ports + (TEST_DEPENDS, regression-test, etc.) + + More tasks can be found on the team's wiki page (see + links). + + To get involved, interested people can say hello on IRC + and let us know their areas of interest! @@ -524,23 +572,25 @@ - + Ed Maste - - emaste@FreeBSD.org + + emaste@FreeBSD.org + - + Nathan Whitehorn - - nwhitehorn@freebsd.org + + nwhitehorn@freebsd.org - &os; UEFI wiki page + &os; UEFI wiki + page @@ -564,7 +614,8 @@ syscons(4) console. Ed added automatic vt(4) selection to the UEFI boot path.

    -

    &os; snapshots +

    &os; snapshots are now built as dual-mode images, and should boot via BIOS and UEFI. Our plan is to merge the UEFI and vt(4) work to stable/10 to appear in &os; 10.1-RELEASE.

    @@ -575,11 +626,15 @@ Document manual installation, including dual-boot configurations. + Implement boot1.efi for ZFS file systems. + Add support for UEFI variables stored in non-volatile memory (NVRAM). + Debug boot failures with certain UEFI firmware implementations. + Support secure boot. From owner-svn-doc-all@FreeBSD.ORG Mon Jul 14 13:45:01 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9AE9AB3B; Mon, 14 Jul 2014 13:45:01 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 87C1229C8; Mon, 14 Jul 2014 13:45:01 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6EDj1k7079163; Mon, 14 Jul 2014 13:45:01 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6EDj1UV079162; Mon, 14 Jul 2014 13:45:01 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407141345.s6EDj1UV079162@svn.freebsd.org> From: Glen Barber Date: Mon, 14 Jul 2014 13:45:01 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45286 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2014 13:45:01 -0000 Author: gjb Date: Mon Jul 14 13:45:00 2014 New Revision: 45286 URL: http://svnweb.freebsd.org/changeset/doc/45286 Log: Add report for OpenStack and OpenContrail. Submitted by: Micha Dubiel Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Mon Jul 14 12:40:42 2014 (r45285) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Mon Jul 14 13:45:00 2014 (r45286) @@ -46,7 +46,7 @@ ?>

    Thanks to all the reporters for the excellent work! This - report contains 8 entries and we hope you enjoy reading it.

    + report contains 9 entries and we hope you enjoy reading it.

    The deadline for submissions covering between July and September 2014 is October 7th, 2014.

    @@ -701,4 +701,95 @@ and one was taken into safekeeping.

    + + + &os; host support for OpenStack and OpenContrail. + + + + + Grzegorz + Bernacki + + gjb@semihalf.com + + + + Michal + Dubiel + + md@semihalf.com + + + + Dominik + Ermel + + der@semihalf.com + + + + Rafal + Jaworowski + + raj@semihalf.com + + + + + + + + + + + + + +

    OpenStack is a cloud operating system that controls large + pools of compute, storage, and networking resources in + a datacenter.

    + +

    OpenContrail is a network virtualization (SDN) solution + comprising network controller, virtual router and analytics + engine, which can be integrated with cloud orchestration + systems like OpenStack or CloudStack.

    + +

    This work goal is to enable &os; as a fully supported + compute host for OpenStack using OpenContrail virtualized + networking. The main areas of development are the + following:

    + +
      +
    • Libvirt hypervisor driver for bhyve.
      • +
    • Support for bhyve (via libvirt compute driver) and &os; + platform in overall in nova-compute.
      • +
    • OpenContrail vRouter (forwarding plane kernel module) port + to &os;.
      • +
    • OpenContrail Agent (network controller node) port to + &os;.
      • +
    • Integration, performance optimizations.
      • +
    + +

    Since the last report the following items have been + completed, which allow for a working demo of OpenStack compute + node on a &os; host uisng OpenContrail solution for network + virtualization:

    + +
      +
    • Port of the OpenContrail vRouter kernel module for &os; + (MPLS over GRE mode only)
      • +
    • Port of the OpenContrail Agent for &os;
      • +
    • &os; version of a Devstack installation/configuration + script with support for the OpenContrail solution (Compute + node components only)
      • +
    + +

    A demo was presented at &os; DevSummit during the BSDCan2014 + in Ottawa. Also, a meetup regarding the subject was organized + in Krakow, Poland.

    + +

    Work on this project is sponsored by Juniper Networks.

    + +     From owner-svn-doc-all@FreeBSD.ORG Mon Jul 14 14:12:40 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 01C5CFE9; Mon, 14 Jul 2014 14:12:40 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D78DD2C3A; Mon, 14 Jul 2014 14:12:39 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6EECdVK092772; Mon, 14 Jul 2014 14:12:39 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6EECdWo092771; Mon, 14 Jul 2014 14:12:39 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407141412.s6EECdWo092771@svn.freebsd.org> From: Glen Barber Date: Mon, 14 Jul 2014 14:12:39 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45287 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2014 14:12:40 -0000 Author: gjb Date: Mon Jul 14 14:12:39 2014 New Revision: 45287 URL: http://svnweb.freebsd.org/changeset/doc/45287 Log: Add the FreeBSD Foundation status report. Submitted by: deb Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Mon Jul 14 13:45:00 2014 (r45286) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Mon Jul 14 14:12:39 2014 (r45287) @@ -46,7 +46,7 @@ ?>

    Thanks to all the reporters for the excellent work! This - report contains 9 entries and we hope you enjoy reading it.

    + report contains 10 entries and we hope you enjoy reading it.

    The deadline for submissions covering between July and September 2014 is October 7th, 2014.

    @@ -792,4 +792,119 @@

    Work on this project is sponsored by Juniper Networks.

    + + + The &os; Foundation + + + + + Deb + Goodkin + + deb@FreeBSDFoundation.org + + + + + + &os; Journal + + + +

    The &os; Foundation is a 501(c)(3) non-profit organization + dedicated to supporting and promoting the &os; Project + and community worldwide. Most of the funding is used to + support &os; development projects, conferences and developer + summits, purchase equipment to grow and improve the &os; + infrastructure, and provide legal support for the Project.

    + +

    We published our third issue of the &os; Journal. We have + over 2700 subscriptions so far. We continued working on the + digital edition, that will allow subscribers to read the + magazine in different web browsers, including those than run + on &os;. This will be available for the July/August issue of + the Journal.

    + +

    We hired Anne Dickison, on a freelance basis, as our new + marketing director, to help us promote the Foundation and + Project.

    + +

    We held our annual board meeting in Ottawa, Canada, in May. + We elected directors and officers, and did some long term + planning. We worked on our vision, core values, project road + mapping, and our near term goals. We also met with the core + team to discuss roles and responsibilities, project + roadmapping, and what we can do to help the Project more.

    + +

    We were a Gold+ sponsor for BSDCan, May 16-17 and provided + 7 travel grants for developers to attend the conference. We + also were the sponsor for both the developer and vendor + summits.

    + +

    Justin Gibbs gave a &os; presentation at a &os; user's + internal technology summit. Company visits like this help + users understand the Project structure better and gives us + a chance to communicate what &os; people are working on as + well as learn what different companies are doing with &os;, as + well as what they'd like to see supported. We can then help + facilitate collaboration between the companies and &os; + developers.

    + +

    We were represented at Great Wide Open, April 2-3 + (greatwideopen.org), Texas LinuxFest, June 13-14 + (texaslinuxfest.org), and SouthEast LinuxFest, June 20-22 + (southeastlinuxfest.org).

    + +

    We purchased hardware to support an upgrade at Sentex. A new, + high capacity, 1Gbps switch, was deployed to allow for more + systems to be added to the test lab. The main file server and + development box was upgraded to allow more users in the lab + simultaneously.

    + +

    We purchased hardware, including package builders, and + a larger server to allow NYI to be a full replica of all + Project systems, comparable to what is in place at Yahoo Inc. + and ISC.

    + +

    Worked with our lawyer to create an NDA between the + Foundation and individuals for third party NDAs. This allows + developers who need access to proprietary documents, to go + through the Foundation, via an NDA for access.

    + +

    &os; Foundation Systems Administrator and Release Engineer, + Glen Barber, continued work on producing regularly-updated + &os;/arm snapshots for embedded devices, such as the + RaspberryPi, ZedBoard, and BeagleBone.

    + +

    In addition to producing weekly development snapshots from + the head/ and stable/ branches, with feedback and help from Ed + Maste, Glen finished work to produce release images that will, + by default, provide debugging files for userland and kernel + available on the &os; Project FTP mirrors. Note, the + debugging files will not be included on the bootonly.iso, + disc1.iso, or dvd1.iso images due to the size of the resulting + images.

    + +

    Foundation staff member Konstantin Belousov completed an + investigation into poor performance of PostgreSQL on &os;. + This uncovered scalability problems in the &os; kernel, and + changes to address these issues are in progress.

    + +

    Some previously completed Foundation-sponsored projects + received some enhancements or additional work. The ARM + superpages project was completed last year, but is now enabled + by default in &os;-CURRENT. Many stability fixes and + enhancements have been committed to the in-kernel iSCSI stack. + The iSCSI project was released in &os; 10.0. Many + stability fixes and enhancements have been committed and will + be included in &os; 10.1.

    + +

    Work continues on the Foundation-sponsored autofs automount + daemon, UEFI boot support, the updated vt(4) system video + console, virtual machine images, and the Intel graphics driver + update. Foundation-sponsored work resulted in + 226 commits to &os; over the April to June period.

    + +     From owner-svn-doc-all@FreeBSD.ORG Mon Jul 14 14:47:45 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E849AD8C; Mon, 14 Jul 2014 14:47:45 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BBC3A2F57; Mon, 14 Jul 2014 14:47:45 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6EEljaY008215; Mon, 14 Jul 2014 14:47:45 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6EElj0j008214; Mon, 14 Jul 2014 14:47:45 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201407141447.s6EElj0j008214@svn.freebsd.org> From: Ryusuke SUZUKI Date: Mon, 14 Jul 2014 14:47:45 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45288 - head/ja_JP.eucJP/htdocs/community X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Mon, 14 Jul 2014 15:29:11 +0000 X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2014 14:47:46 -0000 Author: ryusuke Date: Mon Jul 14 14:47:45 2014 New Revision: 45288 URL: http://svnweb.freebsd.org/changeset/doc/45288 Log: - Merge the following from the English version: r41623 -> r45274 head/ja_JP.eucJP/htdocs/community/webresources.xml Modified: head/ja_JP.eucJP/htdocs/community/webresources.xml Modified: head/ja_JP.eucJP/htdocs/community/webresources.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/community/webresources.xml Mon Jul 14 14:12:39 2014 (r45287) +++ head/ja_JP.eucJP/htdocs/community/webresources.xml Mon Jul 14 14:47:45 2014 (r45288) @@ -1,10 +1,10 @@ ]> - + @@ -32,27 +32,14 @@

    いくつかの英語以外の情報があります。

    最近の FreeBSD の動向とリリースについての情報は、 From owner-svn-doc-all@FreeBSD.ORG Mon Jul 14 15:34:15 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DCCE3962; Mon, 14 Jul 2014 15:34:14 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BDDF923E5; Mon, 14 Jul 2014 15:34:14 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6EFYEfu031209; Mon, 14 Jul 2014 15:34:14 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6EFYEg9031208; Mon, 14 Jul 2014 15:34:14 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407141534.s6EFYEg9031208@svn.freebsd.org> From: Glen Barber Date: Mon, 14 Jul 2014 15:34:14 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45289 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2014 15:34:15 -0000 Author: gjb Date: Mon Jul 14 15:34:14 2014 New Revision: 45289 URL: http://svnweb.freebsd.org/changeset/doc/45289 Log: Add MMC/SDIO status report. Submitted by: Ilya Bakulin Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Mon Jul 14 14:47:45 2014 (r45288) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Mon Jul 14 15:34:14 2014 (r45289) @@ -46,7 +46,7 @@ ?>

    Thanks to all the reporters for the excellent work! This - report contains 10 entries and we hope you enjoy reading it.

    + report contains 11 entries and we hope you enjoy reading it.

    The deadline for submissions covering between July and September 2014 is October 7th, 2014.

    @@ -907,4 +907,60 @@ 226 commits to &os; over the April to June period.

    + + + SDIO driver + + + + + Ilya + Bakulin + + ilya@bakulin.de + + + + + SDIO project page on + &os; Wiki + Source + code + + + +

    SDIO is an interface designed as an extension of the existing + SD card standard, to allow connecting different peripherals to + the host with the standard SD controller. Peripherals + currently sold at the general market include WLAN/BT modules, + cameras, fingerprint readers, and barcode scanners. + Additionally SDIO is used to connect some peripherals in + products like Chromebooks and Wandboard. A prototype of the + driver for the Marvell SDIO WLAN/BT (Avastar 88W8787) module + is also being developed, using the existing Linux driver as + the reference.

    + +

    SDIO card detection and initialization already work, most + needed bus methods are implemented and tested.

    + +

    WiFi driver is able to load a firmware onto the card and + initialize it. A rewrite of the MMC stack as a transport + layer for CAM framework is in progress. This will allow to + utilize the well-tested CAM locking model and debug features.

    + + + + SDIO stack: finish CAM migration. The initialization of + MMC/SD card is implemented in the XPT layer, but cannot be + tested with the real hardware because of lack of any device + drivers that implement peripheral drivers and SIMs for CAM + MMC. The plan is to use a modified version of BeagleBone Black + SDHCI controller driver for SIM and a modified version of + mmcsd(4) as a peripheral driver. + + Marvell SDIO WiFi: connect to the &os; network stack, + write the code to implement required functions (such as + sending/receiving data, network scanning and so on). + +     From owner-svn-doc-all@FreeBSD.ORG Mon Jul 14 15:43:13 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 30361EF6; Mon, 14 Jul 2014 15:43:13 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F1E1A24DE; Mon, 14 Jul 2014 15:43:12 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6EFhCx8036966; Mon, 14 Jul 2014 15:43:12 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6EFhCcr036965; Mon, 14 Jul 2014 15:43:12 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201407141543.s6EFhCcr036965@svn.freebsd.org> From: Warren Block Date: Mon, 14 Jul 2014 15:43:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45290 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2014 15:43:13 -0000 Author: wblock Date: Mon Jul 14 15:43:12 2014 New Revision: 45290 URL: http://svnweb.freebsd.org/changeset/doc/45290 Log: Add the Release Engineering Team report from gjb. Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Mon Jul 14 15:34:14 2014 (r45289) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Mon Jul 14 15:43:12 2014 (r45290) @@ -963,4 +963,55 @@ sending/receiving data, network scanning and so on). + + &os; Release Engineering Team + + + + + &os; + Release Engineering Team + + re@FreeBSD.org + + + + + &os; 9.3-RELEASE schedule + + &os; development snapshots + + + +

    The &os; Release Engineering Team is responsible for setting + and publishing release schedules for official project releases + of &os;, announcing code freezes and maintaining the + respective branches, among other things.

    + +

    In early May, the &os; 9.3-RELEASE cycle entered the + code slush phase. The &os; 9.3-RELEASE cycle is nearing + the final phases, and 9.3-RC3 builds will be starting soon. + 9.3-RC3 is planned to be the final release candidate for this + release cycle, and at the time of this writing, 9.3-RELEASE + should be available on schedule.

    + +

    There is ongoing work to integrate support for embedded + architectures as part of the release build process. At this + time, support exists for a number of ARM kernels, in + particular the Raspberry Pi, BeagleBone, and WandBoard.

    + +

    Additionally, work is in progress to produce virtual machine + images as part of the release cycle, supporting various cloud + services such as Microsoft Azure, Amazon EC2, and Google + Compute Engine.

    + + + + The FreeBSD Foundation + + + +     From owner-svn-doc-all@FreeBSD.ORG Mon Jul 14 16:21:03 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A2475D36; Mon, 14 Jul 2014 16:21:03 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8FF25283E; Mon, 14 Jul 2014 16:21:03 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6EGL33q055421; Mon, 14 Jul 2014 16:21:03 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6EGL3TJ055419; Mon, 14 Jul 2014 16:21:03 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407141621.s6EGL3TJ055419@svn.freebsd.org> From: Glen Barber Date: Mon, 14 Jul 2014 16:21:03 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45291 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2014 16:21:03 -0000 Author: gjb Date: Mon Jul 14 16:21:03 2014 New Revision: 45291 URL: http://svnweb.freebsd.org/changeset/doc/45291 Log: Minor grammar fix to the Foundation status report. Submitted by: deb Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Mon Jul 14 15:43:12 2014 (r45290) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Mon Jul 14 16:21:03 2014 (r45291) @@ -867,7 +867,7 @@ Project systems, comparable to what is in place at Yahoo Inc. and ISC.

    -

    Worked with our lawyer to create an NDA between the +

    We worked with our lawyer to create an NDA between the Foundation and individuals for third party NDAs. This allows developers who need access to proprietary documents, to go through the Foundation, via an NDA for access.

    From owner-svn-doc-all@FreeBSD.ORG Mon Jul 14 16:39:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 41A0A2A5; Mon, 14 Jul 2014 16:39:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2EC672A4B; Mon, 14 Jul 2014 16:39:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6EGdaGh061896; Mon, 14 Jul 2014 16:39:36 GMT (envelope-from pluknet@svn.freebsd.org) Received: (from pluknet@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6EGdaVx061895; Mon, 14 Jul 2014 16:39:36 GMT (envelope-from pluknet@svn.freebsd.org) Message-Id: <201407141639.s6EGdaVx061895@svn.freebsd.org> From: Sergey Kandaurov Date: Mon, 14 Jul 2014 16:39:36 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45292 - head/en_US.ISO8859-1/htdocs/releng X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2014 16:39:36 -0000 Author: pluknet Date: Mon Jul 14 16:39:35 2014 New Revision: 45292 URL: http://svnweb.freebsd.org/changeset/doc/45292 Log: Link the 10.1-RELEASE schedule to the releng page. Modified: head/en_US.ISO8859-1/htdocs/releng/index.xml Modified: head/en_US.ISO8859-1/htdocs/releng/index.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/releng/index.xml Mon Jul 14 16:21:03 2014 (r45291) +++ head/en_US.ISO8859-1/htdocs/releng/index.xml Mon Jul 14 16:39:35 2014 (r45292) @@ -54,6 +54,12 @@ &os; 9.3 Target Schedule + + + October 2014 + &os; 10.1 + Target Schedule +

    Code-Freeze Status

    From owner-svn-doc-all@FreeBSD.ORG Mon Jul 14 18:14:53 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 05A882B0; Mon, 14 Jul 2014 18:14:53 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E6B5823AF; Mon, 14 Jul 2014 18:14:52 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6EIEq5R009132; Mon, 14 Jul 2014 18:14:52 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6EIEq6J009131; Mon, 14 Jul 2014 18:14:52 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407141814.s6EIEq6J009131@svn.freebsd.org> From: Glen Barber Date: Mon, 14 Jul 2014 18:14:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45293 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2014 18:14:53 -0000 Author: gjb Date: Mon Jul 14 18:14:52 2014 New Revision: 45293 URL: http://svnweb.freebsd.org/changeset/doc/45293 Log: Add the Fiasco.OC report. Submitted by: Ilya Bakulin Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Mon Jul 14 16:39:35 2014 (r45292) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Mon Jul 14 18:14:52 2014 (r45293) @@ -46,7 +46,7 @@ ?>

    Thanks to all the reporters for the excellent work! This - report contains 11 entries and we hope you enjoy reading it.

    + report contains 13 entries and we hope you enjoy reading it.

    The deadline for submissions covering between July and September 2014 is October 7th, 2014.

    @@ -1014,4 +1014,65 @@ + + + Running &os; as an application on top of Fiasco.OC + microkernel + + + + + Ilya + Bakulin + + ilya@bakulin.de + + + + + L4 + microkernel family + A + brief description of the project on the &os; wiki (short talk + during &os; DevSummit in Cambridge) + + + +

    Fiasco.OC belongs to the L4 microkernel family. A microkernel + provides a bare minimum of services to the applications + running on top of it, unlike traditional kernels that + incorporate a complex code like IP stacks and device drivers. + This allows to dramatically decrease the amount of code + running in the privileged mode of the CPU, achieving higher + security while still providing an acceptable level of + performance.

    + +

    Running an operating system kernel on top of the microkernel + allows to leverage any software that was developed for that + operating system. The OS kernel runs in user-mode side-by-side + with other microkernel applications such as real-time + components. Multiple OSes, each with their userland + applications, may be even run in parallel, thus allowing to + build the products where processing of corporate data is + strictly separated from the processing of private data.

    + +

    The project aims to create a port of &os; to Fiasco.OC + microkernel, which is a high performance L4 microkernel + developed by TU Dresden. The existing ports of OpenBSD and + Linux are used as a reference. This will allow to use the + unique &os; features like ZFS in L4-based projects.

    + + + + Finish opensourcing the port of L4OpenBSD/amd64 made by + genua mbh. This is a work in progress. + + Publish the sources of L4&os; port that is largely based + on the L4OpenBSD code. + + Improve the port, the first task being adopting the + pmap(9) module to work with L4 microkernel memory allocation + services. + +     From owner-svn-doc-all@FreeBSD.ORG Mon Jul 14 21:40:51 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6905822E; Mon, 14 Jul 2014 21:40:51 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 55AB42683; Mon, 14 Jul 2014 21:40:51 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6ELepPX011321; Mon, 14 Jul 2014 21:40:51 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6ELepDO011320; Mon, 14 Jul 2014 21:40:51 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201407142140.s6ELepDO011320@svn.freebsd.org> From: Warren Block Date: Mon, 14 Jul 2014 21:40:51 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45294 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2014 21:40:51 -0000 Author: wblock Date: Mon Jul 14 21:40:50 2014 New Revision: 45294 URL: http://svnweb.freebsd.org/changeset/doc/45294 Log: Reintroduce intentional informality in the last Python task. Other assorted fixes in the rest of the document, including spelling and titles. Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Mon Jul 14 18:14:52 2014 (r45293) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Mon Jul 14 21:40:50 2014 (r45294) @@ -132,7 +132,7 @@ - RPC/NFS and CTL/iSCSI performance optimizations. + RPC/NFS and CTL/iSCSI Performance Optimizations @@ -267,7 +267,7 @@ -

    The vt(4) (a.k.a. Newcons) project provides +

    The vt(4) (aka Newcons) project provides a replacement for the legacy syscons system console. It brings a number of improvements, including better integration with graphics modes and broader character set @@ -366,7 +366,7 @@ - QEMU bsd-user enabled ports building + QEMU <tt>bsd-user</tt>-Enabled Ports Building @@ -562,8 +562,8 @@ More tasks can be found on the team's wiki page (see links). - To get involved, interested people can say hello on IRC - and let us know their areas of interest! + To get involved, come and say "hi" on IRC and let us know + what you are interested in! @@ -661,26 +661,26 @@

    In May, a new release policy was published as well as being presented at the BSDCan developer conference by John Baldwin. - The idea is that each major release branch (eg. 10.x) is - guarranteed to be supported for at least five years, but - individual point releases on each branch (eg. 10.0-RELEASE) + The idea is that each major release branch (for example, 10.X) is + guaranteed to be supported for at least five years, but + individual point releases on each branch, like 10.0-RELEASE, will be issued at regular intervals and only the latest point release will be supported.

    Another significant change did not receive approval. When the change to the Bylaws reforming the core team election - process was put to the vote of all &os; developers it failed + process was put to the vote of all &os; developers, it failed to reach a quorum.

    June saw the culmination of a long running project to replace - the project's bug tracking system. As of 3rd June the &os; + the project's bug tracking system. As of June 3, the &os; project has switched to Bugzilla as its bug tracking system. - All of the history of Gnats PRs has been preserved, so there + All of the history of GNATS PRs has been preserved, so there is no need to re-open old tickets. Work is still going on to replicate some of the integration tweaks that had been applied - to Gnats, but all necessary functionality has been implemented + to GNATS, but all necessary functionality has been implemented and the project is already seeing the benefits of the new - capabilities bought by Bugzilla.

    + capabilities brought by Bugzilla.

    An election to select core members for the next two year term of office took place during this period. We would like to @@ -688,7 +688,7 @@ The new core team provides continuity with previous core teams: about half are incumbents from the previous team, and several former core team members have returned after a hiatus. - core now includes two members of the &os; Foundation board and + Core now includes two members of the &os; Foundation board and one other Foundation staff member, aiding greater coordination at the top level of the project. At the same time the core-secretary role was passed on to a new volunteer.

    @@ -703,7 +703,7 @@     - &os; host support for OpenStack and OpenContrail. + &os; Host Support for OpenStack and OpenContrail @@ -909,7 +909,7 @@ - SDIO driver + SDIO Driver @@ -945,8 +945,8 @@

    WiFi driver is able to load a firmware onto the card and initialize it. A rewrite of the MMC stack as a transport - layer for CAM framework is in progress. This will allow to - utilize the well-tested CAM locking model and debug features.

    + layer for CAM framework is in progress. This will allow + utilization of the well-tested CAM locking model and debug features.

    @@ -1016,8 +1016,8 @@     - Running &os; as an application on top of Fiasco.OC - microkernel + Running &os; as an Application on Top of the Fiasco.OC + Microkernel @@ -1042,13 +1042,13 @@ provides a bare minimum of services to the applications running on top of it, unlike traditional kernels that incorporate a complex code like IP stacks and device drivers. - This allows to dramatically decrease the amount of code + This allows a dramatic decrease in the amount of code running in the privileged mode of the CPU, achieving higher security while still providing an acceptable level of performance.

    Running an operating system kernel on top of the microkernel - allows to leverage any software that was developed for that + allows leveraging any software that was developed for that operating system. The OS kernel runs in user-mode side-by-side with other microkernel applications such as real-time components. Multiple OSes, each with their userland @@ -1059,7 +1059,7 @@

    The project aims to create a port of &os; to Fiasco.OC microkernel, which is a high performance L4 microkernel developed by TU Dresden. The existing ports of OpenBSD and - Linux are used as a reference. This will allow to use the + Linux are used as a reference. This will allow the use of unique &os; features like ZFS in L4-based projects.

    From owner-svn-doc-all@FreeBSD.ORG Mon Jul 14 22:09:25 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B2910738; Mon, 14 Jul 2014 22:09:25 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9FAA728CD; Mon, 14 Jul 2014 22:09:25 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6EM9PJF025112; Mon, 14 Jul 2014 22:09:25 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6EM9PrW025111; Mon, 14 Jul 2014 22:09:25 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407142209.s6EM9PrW025111@svn.freebsd.org> From: Glen Barber Date: Mon, 14 Jul 2014 22:09:25 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45295 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2014 22:09:25 -0000 Author: gjb Date: Mon Jul 14 22:09:25 2014 New Revision: 45295 URL: http://svnweb.freebsd.org/changeset/doc/45295 Log: Add the pkg(8) status report. Submitted by: matthew Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Mon Jul 14 21:40:50 2014 (r45294) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Mon Jul 14 22:09:25 2014 (r45295) @@ -46,7 +46,7 @@ ?>

    Thanks to all the reporters for the excellent work! This - report contains 13 entries and we hope you enjoy reading it.

    + report contains 14 entries and we hope you enjoy reading it.

    The deadline for submissions covering between July and September 2014 is October 7th, 2014.

    @@ -1075,4 +1075,116 @@ services.     + + + pkg(8) + + + + + Baptiste + Daroussin + + bapt@FreeBSD.org + + + + + Bryan + Drewery + + bryan@FreeBSD.org + + + + + Matthew + Seaman + + matthew@FreeBSD.org + + + + + Vsevolod + Stakhov + + vsevolod@FreeBSD.org + + + + The pkg mailing list + freebsd-pkg@FreeBSD.org + + + + + The main pkg(8) git + repository. + The preferred + place to raise bug reports concerning pkg(8). + + + +

    pkg(8) is the new package management tool for &os;. It + is now the only supported package management tool for &os; + releases from 10.0-RELEASE, including the upcoming + 9.3-RELEASE. pkg(8) is available on all currently supported + releases. Support for the legacy pkg_tools is due to be + discontinued at the beginning of September 2014.

    + +

    The release of pkg(8) 1.3 is imminent. This includes major + improvements in the dependency solver. Now we can:

    + +
      +
    • Switch versions of eg. perl or php and resolve all the + conflicts with packages that depend on them automatically. + No more need to manually switch package origins.
      • + +
    • Deal more gracefully with complex upgrade or install + scenarios.
      • + +
    • Sandbox operations dealing with freshly downloaded data + until it can be verified as trustworthy by checking the + package signature.
      • + +
    • Deal with provides-and-requires style of dependencies, so + for example we can say "this package needs to use a web + server" and allow that dependency to be fulfilled by apache + or nginx or any other alternative that provides web-server + functionality.
      • +
    + +

    Beyond the next release we have work in progress on allowing + ranges of versions in dependency rules and handling + a selection of "foreign" package repositories, such as CPAN or + CTAN or PyPi.

    + +

    There are plans to use pkg(8) to package up the base system + which amongst other benefits will allow writing a universal + installer -- so you can download one installer image and from + there you can install any available version of &os; including + snapshots.

    + +

    We are also intending to use pkg(8) within the ports tree at + package-build time to handle fulfilling build dependencies. + This opens the possibility of installing build-dependencies by + downloading binary packages, which means you can install + a package with customized options with the minimum amount of + time spent compiling anything else.

    + + + + We are sorely lacking a comprehensive testing setup. + Integrating automated regression testing into the development + cycle is becoming an imperative. + + We need testers who can run development versions of pkg in + as many distinct types of use-case as possible, and feedback + their experiences via the freebsd-pkg@freebsd.org mailing list + or our issues list on + github. + +     From owner-svn-doc-all@FreeBSD.ORG Mon Jul 14 22:16:47 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 37EA7816; Mon, 14 Jul 2014 22:16:47 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 18E1B2984; Mon, 14 Jul 2014 22:16:47 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6EMGkuB029649; Mon, 14 Jul 2014 22:16:46 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6EMGk4g029648; Mon, 14 Jul 2014 22:16:46 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407142216.s6EMGk4g029648@svn.freebsd.org> From: Glen Barber Date: Mon, 14 Jul 2014 22:16:46 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45296 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2014 22:16:47 -0000 Author: gjb Date: Mon Jul 14 22:16:46 2014 New Revision: 45296 URL: http://svnweb.freebsd.org/changeset/doc/45296 Log: Add the X11 status report Submitted by: x11@ Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Mon Jul 14 22:09:25 2014 (r45295) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Mon Jul 14 22:16:46 2014 (r45296) @@ -46,7 +46,7 @@ ?>

    Thanks to all the reporters for the excellent work! This - report contains 14 entries and we hope you enjoy reading it.

    + report contains 15 entries and we hope you enjoy reading it.

    The deadline for submissions covering between July and September 2014 is October 7th, 2014.

    @@ -1187,4 +1187,61 @@ github. + + + The Graphics stack on &os; + + + + + &os; Graphics team + + x11@FreeBSD.org + + + + + Graphics stack + roadmap and supported hardware matrix + WITH_NEW_XORG + repository announce + Ports-related + development repository + + + +

    We were generally short on time this quarter. We made less + progress than expected on all fronts.

    + +

    The alternate pkg(8) repository, built with WITH_NEW_XORG, is + now available. This alleviates the need for users to rebuild + their ports with WITH_NEW_XORG. See the announcement, linked + above for further information.

    + +

    Thanks to a contribution from Jan Kokem端ller, Radeon 32bit + ioctls are now working on 64bit hosts. This was tested + successfully with Wine and StarCraft II on &os; 9.x and 11. + This required modifications to emulators/i386-wine-devel so + that it works with WITH_NEW_XORG, and the creation of a new + port, libtxc_dxtn, to support texture compression required by + StarCraft II. We haven't yet had the time to polish + everything, so this still requires manual steps.

    + +

    The DRM generic code update is ready, but it breaks the + current i915 driver. Therefore, the i915 driver must be + updated before anything is committed.

    + +

    Compared to last status report, OpenCL test programs are + running fine now, thanks to upgrades and fixes to libc++ and + Clang. Relevant ports are still not ready to hit the ports + tree unfortunately.

    + + + + See the "Graphics" wiki page for up-to-date + information. + +     From owner-svn-doc-all@FreeBSD.ORG Tue Jul 15 10:58:14 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DFC8D120; Tue, 15 Jul 2014 10:58:14 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CD58C28D8; Tue, 15 Jul 2014 10:58:14 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6FAwEtR094357; Tue, 15 Jul 2014 10:58:14 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6FAwEWB094356; Tue, 15 Jul 2014 10:58:14 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201407151058.s6FAwEWB094356@svn.freebsd.org> From: Ryusuke SUZUKI Date: Tue, 15 Jul 2014 10:58:14 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45297 - head/ja_JP.eucJP/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2014 10:58:15 -0000 Author: ryusuke Date: Tue Jul 15 10:58:14 2014 New Revision: 45297 URL: http://svnweb.freebsd.org/changeset/doc/45297 Log: - Merge the following from the English version: r45075 -> r45263 head/ja_JP.eucJP/share/xml/navibar.l10n.ent Modified: head/ja_JP.eucJP/share/xml/navibar.l10n.ent Modified: head/ja_JP.eucJP/share/xml/navibar.l10n.ent ============================================================================== --- head/ja_JP.eucJP/share/xml/navibar.l10n.ent Mon Jul 14 22:16:46 2014 (r45296) +++ head/ja_JP.eucJP/share/xml/navibar.l10n.ent Tue Jul 15 10:58:14 2014 (r45297) @@ -1,7 +1,7 @@ - + @@ -78,14 +78,14 @@
    '> -次回リリース予定:
    &betarel.current; '> ]]> -次回リリース予定:
    &betarel2.current; '> @@ -101,10 +101,11 @@ From owner-svn-doc-all@FreeBSD.ORG Tue Jul 15 11:04:22 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 74C5521B; Tue, 15 Jul 2014 11:04:22 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 629A02983; Tue, 15 Jul 2014 11:04:22 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6FB4MPh099218; Tue, 15 Jul 2014 11:04:22 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6FB4MCu099217; Tue, 15 Jul 2014 11:04:22 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201407151104.s6FB4MCu099217@svn.freebsd.org> From: Ryusuke SUZUKI Date: Tue, 15 Jul 2014 11:04:22 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45298 - head/ja_JP.eucJP/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2014 11:04:22 -0000 Author: ryusuke Date: Tue Jul 15 11:04:21 2014 New Revision: 45298 URL: http://svnweb.freebsd.org/changeset/doc/45298 Log: Add u.betarel2.schedule entity. Modified: head/ja_JP.eucJP/share/xml/l10n.ent Modified: head/ja_JP.eucJP/share/xml/l10n.ent ============================================================================== --- head/ja_JP.eucJP/share/xml/l10n.ent Tue Jul 15 10:58:14 2014 (r45297) +++ head/ja_JP.eucJP/share/xml/l10n.ent Tue Jul 15 11:04:21 2014 (r45298) @@ -25,6 +25,7 @@ + From owner-svn-doc-all@FreeBSD.ORG Tue Jul 15 12:19:30 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EE145750; Tue, 15 Jul 2014 12:19:29 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CF3BA2FF4; Tue, 15 Jul 2014 12:19:29 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6FCJT9C034678; Tue, 15 Jul 2014 12:19:29 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6FCJThi034677; Tue, 15 Jul 2014 12:19:29 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201407151219.s6FCJThi034677@svn.freebsd.org> From: Warren Block Date: Tue, 15 Jul 2014 12:19:29 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45299 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2014 12:19:30 -0000 Author: wblock Date: Tue Jul 15 12:19:29 2014 New Revision: 45299 URL: http://svnweb.freebsd.org/changeset/doc/45299 Log: Grammar and consistency fixes. Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Tue Jul 15 11:04:21 2014 (r45298) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Tue Jul 15 12:19:29 2014 (r45299) @@ -123,7 +123,7 @@ system of &os;-11. CUSE is short for character device in userspace. The CUSE library is a wrapper for the devfs(8) kernel functionality which is exposed through /dev/cuse. In - order to function the CUSE kernel code must either be enabled + order to function, the CUSE kernel code must either be enabled in the kernel configuration file or loaded separately as a module. Follow the commit message link to get more information. @@ -145,32 +145,32 @@ -

    The &os; RPC stack, used as base for its NFS server, took - multiple optimizations to improve its performance and SMP - scalability. Algorithmic optimizations allowed to reduce +

    The &os; RPC stack, used as a base for its NFS server, received + multiple optimizations to improve performance and SMP + scalability. Algorithmic optimizations reduced processing overhead, while improved locking allowed it to scale up to at least 40 processor cores without significant lock congestion. Combined with some other kernel - optimizations that allowed to increase peak NFS request rate + optimizations, the peak NFS request rate increased by many times, reaching up to 600K requests per second on modern hardware.

    The CAM Target Layer (CTL), used as base for new kernel iSCSI - server, also took series of locking optimization, that allowed - to increase its peak request rate from ~200K to ~600K IOPS - with potential of reaching reate of 1M request per second. + server, also received a series of locking optimizations which allowed + its peak request rate to increase from ~200K to ~600K IOPS + with the potential of reaching a rate of 1M requests per second. That rate is sufficient to completely saturage 2x10Gbit Ethernet links with 4KB requests. For comparison, the port of net/istgt (user-level iSCSI server) on the same hardware with - equal configuration shown only 100K IOPS.

    + an equivalent configuration showed only 100K IOPS.

    There is also ongoing work on improving CTL functionality. - It was already made to support 3 of 4 VMWare VAAI storage + It was already made to support three of four VMWare VAAI storage acceleration primitives (net/istgt supports 2), while the goal is to reach full VAAI support during next months.

    -

    With all above, and earlier improvements in CAM, GEOM, ZFS - and number of other kernel areas coming soon FreeBSD 10.1 may +

    With all these improvements, and earlier improvements in CAM, GEOM, ZFS, + and a number of other kernel areas coming soon, FreeBSD 10.1 may become the fastest storage release ever. ;)

    These projects are sponsored by iXsystems, Inc.

    @@ -203,15 +203,15 @@

    Booting &os; on the ARM Foundation Model has made a lot of progress since the last status report. An initial pmap - implementation has been written. With this &os; is able to + implementation has been written. With this, &os; is able to enter the Machine Independent boot code. The required autoconf functions have been added allowing &os; to start scheduling tasks. Finally the cpu_switch and copystr - functions were added. With these two &os; will boot to the + functions were added. With these two, &os; will boot to the mountroot prompt.

    Work has started on supporting exceptions, including - interrupts. This will start to allow more developers to start + interrupts. This will allow more developers to start working on device drivers.

    @@ -273,24 +273,24 @@ integration with graphics modes and broader character set support.

    -

    Since last report - vt(4) got ability to make early driver selection. - vt(4) select best successfully probed driver before - most of kernel subsystems. Also, to make easy migration from +

    Since the last report, + vt(4) gained the ability to make early driver selection. + vt(4) selects the best successfully-probed driver before + most other kernel subsystems. Also, to make easy migration from syscons(4) to vt(4), multiple virtual - terminal subsystems in the kernel are now supported and it is + terminal subsystems in the kernel are now supported. It is controlled by a small module with just one kernel environment - variable kern.vty=sc or + variable. Users can select the virtual terminal system to use by setting kern.vty=sc or kern.vty=vt.

    The GENERIC kernel configuration for the amd64 and i386 - platforms include both syscons(4) and vt(4) + platforms now includes both syscons(4) and vt(4) by default. This configuration is also planned to be in the next 10-STABLE release and &os; 10.1-RELEASE.

    -

    Project finally get his man page, so now vt(4) not - only project name, but also link to its documentation. Great +

    The project finally received a man page, so now vt(4) is not + only the project name, but also a link to its documentation. Great thanks to &a.wblock; for that.

    Major highlights:

    @@ -361,7 +361,7 @@ Convert keyboard maps for use with vt(4). Implement compatibility mode to be able to use single-byte - charsets/key-codes in the vt(4). + charsets/key-codes in vt(4). @@ -406,14 +406,14 @@ -

    The ports-mgmt/poudriere-devel port is aware of how to build +

    The ports-mgmt/poudriere-devel port is aware of how to build ports via an emulator. Configuration of the miscellaneous binary image activator is required prior to a poudriere-devel run.

    ARMV6, MIPS32 and MIPS64 packages can be produced via full emulation. There are several packages that block a full run - of builds. They can be viewed on the Status of ports building + of builds. They can be viewed on the "Status of ports building" link.

    On current or latest stable/10:

    @@ -431,7 +431,7 @@

    gmake; gmake install

    -

    Then setup the binmiscctl tools to do some evil hackery to +

    Then set up the binmiscctl tools to do some evil hackery to redirect execution of armv6 binaries to qemu:

    binmiscctl add armv6 --interpreter \ @@ -448,12 +448,12 @@

    poudriere jail -c -j 11armv632 -m svn -a armv6 \
    -v head

    -

    You can now run poudriere against that jail to build all the +

    Now run poudriere against that jail to build all the ports:

    poudriere bulk -j 11armv632 -a

    -

    Nullfs mount your ports tree into the jail:

    +

    Nullfs mount the ports tree into the jail:

    mkdir /usr/local/poudriere/jails/11armv632/usr/ports
    mount -t nullfs /usr/ports /usr/local/poudriere/jails/11armv632/usr/ports

    @@ -465,8 +465,8 @@ - PPC on AMD64 emulation. WIP as there appears to be some - serious issues running the bsd-user binary on big endian + PPC on AMD64 emulation. This is a work in progress as there appear to be some + serious issues running the bsd-user binary on big-endian hardware. Justin Hibbits working on this. SPARC64 on AMD64 emulation is non-functional and instantly @@ -476,17 +476,17 @@ External Tool Chain, XDEV support. Partial support for using an AMD64 tool chain that can output other architecture (use AMD64 toolchain to build MIPS64 packages). Currently - tracking a linking issue with ports-mgmt/pkg. Thanks to + tracking a linking issue with ports-mgmt/pkg. Thanks to Warner Losh, Baptiste Daroussin, Dimitry Andric for poking at bits in here to make the XDEV target useful. - Signal Handling, MIPS/ARMV6 target still displays a + Signal handling, MIPS/ARMV6 target still displays a failure that manifests itself when building - devel/p5-Sys-SigAction. + devel/p5-Sys-SigAction. Massive documentation update needed. These modifications - actually allow you to chroot into a MIPS or ARMv6 environment - and use native tool chains and libraries to prototype your + actually allow chrooting into a MIPS or ARMv6 environment + and using native tool chains and libraries to prototype software for a target platform. @@ -640,7 +640,7 @@ - The &os; Core Team + &os; Core Team @@ -659,7 +659,7 @@ policy reviews and some significant changes to the project development methodology.

    -

    In May, a new release policy was published as well as being +

    In May, a new release policy was published and presented at the BSDCan developer conference by John Baldwin. The idea is that each major release branch (for example, 10.X) is guaranteed to be supported for at least five years, but @@ -751,14 +751,13 @@ a datacenter.

    OpenContrail is a network virtualization (SDN) solution - comprising network controller, virtual router and analytics + comprising network controller, virtual router, and analytics engine, which can be integrated with cloud orchestration systems like OpenStack or CloudStack.

    -

    This work goal is to enable &os; as a fully supported +

    This work's goal is to enable &os; as a fully supported compute host for OpenStack using OpenContrail virtualized - networking. The main areas of development are the - following:

    + networking. The main areas of development are:

    • Libvirt hypervisor driver for bhyve.
      • @@ -785,7 +784,7 @@ node components only)
    -

    A demo was presented at &os; DevSummit during the BSDCan2014 +

    A demo was presented at the DevSummit during BSDCan2014 in Ottawa. Also, a meetup regarding the subject was organized in Krakow, Poland.

    @@ -821,7 +820,7 @@

    We published our third issue of the &os; Journal. We have over 2700 subscriptions so far. We continued working on the - digital edition, that will allow subscribers to read the + digital edition, which will allow subscribers to read the magazine in different web browsers, including those than run on &os;. This will be available for the July/August issue of the Journal.

    @@ -830,8 +829,8 @@ marketing director, to help us promote the Foundation and Project.

    -

    We held our annual board meeting in Ottawa, Canada, in May. - We elected directors and officers, and did some long term +

    The annual board meeting was held in Ottawa, Canada, in May. + Directors and officers were elected, and did some long term planning. We worked on our vision, core values, project road mapping, and our near term goals. We also met with the core team to discuss roles and responsibilities, project @@ -856,8 +855,8 @@ (texaslinuxfest.org), and SouthEast LinuxFest, June 20-22 (southeastlinuxfest.org).

    -

    We purchased hardware to support an upgrade at Sentex. A new, - high capacity, 1Gbps switch, was deployed to allow for more +

    Hardware was purchased to support an upgrade at Sentex. A new + high capacity 1Gbps switch was deployed to allow for more systems to be added to the test lab. The main file server and development box was upgraded to allow more users in the lab simultaneously.

    @@ -881,7 +880,7 @@ the head/ and stable/ branches, with feedback and help from Ed Maste, Glen finished work to produce release images that will, by default, provide debugging files for userland and kernel - available on the &os; Project FTP mirrors. Note, the + available on the &os; Project FTP mirrors. Note that the debugging files will not be included on the bootonly.iso, disc1.iso, or dvd1.iso images due to the size of the resulting images.

    @@ -892,7 +891,7 @@ changes to address these issues are in progress.

    Some previously completed Foundation-sponsored projects - received some enhancements or additional work. The ARM + received enhancements or additional work. The ARM superpages project was completed last year, but is now enabled by default in &os;-CURRENT. Many stability fixes and enhancements have been committed to the in-kernel iSCSI stack. @@ -930,11 +929,11 @@

    SDIO is an interface designed as an extension of the existing - SD card standard, to allow connecting different peripherals to + SD card standard, which allows connecting different peripherals to the host with the standard SD controller. Peripherals currently sold at the general market include WLAN/BT modules, cameras, fingerprint readers, and barcode scanners. - Additionally SDIO is used to connect some peripherals in + Additionally, SDIO is used to connect some peripherals in products like Chromebooks and Wandboard. A prototype of the driver for the Marvell SDIO WLAN/BT (Avastar 88W8787) module is also being developed, using the existing Linux driver as @@ -943,16 +942,16 @@

    SDIO card detection and initialization already work, most needed bus methods are implemented and tested.

    -

    WiFi driver is able to load a firmware onto the card and +

    The WiFi driver is able to load firmware onto the card and initialize it. A rewrite of the MMC stack as a transport - layer for CAM framework is in progress. This will allow + layer for the CAM framework is in progress. This will allow utilization of the well-tested CAM locking model and debug features.

    SDIO stack: finish CAM migration. The initialization of MMC/SD card is implemented in the XPT layer, but cannot be - tested with the real hardware because of lack of any device + tested with real hardware because of the lack of any device drivers that implement peripheral drivers and SIMs for CAM MMC. The plan is to use a modified version of BeagleBone Black SDHCI controller driver for SIM and a modified version of @@ -987,7 +986,7 @@

    The &os; Release Engineering Team is responsible for setting and publishing release schedules for official project releases - of &os;, announcing code freezes and maintaining the + of &os;, and announcing code freezes and maintaining the respective branches, among other things.

    In early May, the &os; 9.3-RELEASE cycle entered the @@ -997,8 +996,8 @@ release cycle, and at the time of this writing, 9.3-RELEASE should be available on schedule.

    -

    There is ongoing work to integrate support for embedded - architectures as part of the release build process. At this +

    Work is ongoing to integrate support for embedded + architectures into the release build process. At this time, support exists for a number of ARM kernels, in particular the Raspberry Pi, BeagleBone, and WandBoard.

    @@ -1041,7 +1040,7 @@

    Fiasco.OC belongs to the L4 microkernel family. A microkernel provides a bare minimum of services to the applications running on top of it, unlike traditional kernels that - incorporate a complex code like IP stacks and device drivers. + incorporate complex code like IP stacks and device drivers. This allows a dramatic decrease in the amount of code running in the privileged mode of the CPU, achieving higher security while still providing an acceptable level of @@ -1052,13 +1051,13 @@ operating system. The OS kernel runs in user-mode side-by-side with other microkernel applications such as real-time components. Multiple OSes, each with their userland - applications, may be even run in parallel, thus allowing to - build the products where processing of corporate data is + applications, can even be run in parallel, thus allowing + construction of products where processing of corporate data is strictly separated from the processing of private data.

    -

    The project aims to create a port of &os; to Fiasco.OC - microkernel, which is a high performance L4 microkernel - developed by TU Dresden. The existing ports of OpenBSD and +

    The project aims to create a port of &os; to the Fiasco.OC + microkernel, a high performance L4 microkernel + developed by TU Dresden. Existing ports of OpenBSD and Linux are used as a reference. This will allow the use of unique &os; features like ZFS in L4-based projects.

    @@ -1067,7 +1066,7 @@ Finish opensourcing the port of L4OpenBSD/amd64 made by genua mbh. This is a work in progress. - Publish the sources of L4&os; port that is largely based + Publish the sources of the L4&os; port that is largely based on the L4OpenBSD code. Improve the port, the first task being adopting the @@ -1137,7 +1136,7 @@ improvements in the dependency solver. Now we can:

      -
    • Switch versions of eg. perl or php and resolve all the +
    • Switch versions of, for example, Perl or PHP and resolve all the conflicts with packages that depend on them automatically. No more need to manually switch package origins.
      • @@ -1155,15 +1154,15 @@ functionality.
    -

    Beyond the next release we have work in progress on allowing +

    Beyond the next release, we have work in progress on allowing ranges of versions in dependency rules and handling a selection of "foreign" package repositories, such as CPAN or CTAN or PyPi.

    -

    There are plans to use pkg(8) to package up the base system - which amongst other benefits will allow writing a universal - installer -- so you can download one installer image and from - there you can install any available version of &os; including +

    There are plans to use pkg(8) to package up the base system. + Along with other benefits, this will allow writing a universal + installer: download one installer image and from + there install any available version of &os;, including snapshots.

    We are also intending to use pkg(8) within the ports tree at @@ -1223,9 +1222,9 @@

    Thanks to a contribution from Jan Kokem端ller, Radeon 32bit ioctls are now working on 64bit hosts. This was tested successfully with Wine and StarCraft II on &os; 9.x and 11. - This required modifications to emulators/i386-wine-devel so + This required modifications to emulators/i386-wine-devel so that it works with WITH_NEW_XORG, and the creation of a new - port, libtxc_dxtn, to support texture compression required by + port, libtxc_dxtn, to support texture compression required by StarCraft II. We haven't yet had the time to polish everything, so this still requires manual steps.

    @@ -1233,10 +1232,10 @@ current i915 driver. Therefore, the i915 driver must be updated before anything is committed.

    -

    Compared to last status report, OpenCL test programs are +

    Compared to the previous status report, OpenCL test programs are running fine now, thanks to upgrades and fixes to libc++ and Clang. Relevant ports are still not ready to hit the ports - tree unfortunately.

    + tree, unfortunately.

    From owner-svn-doc-all@FreeBSD.ORG Tue Jul 15 16:28:11 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8F022791; Tue, 15 Jul 2014 16:28:11 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 798962809; Tue, 15 Jul 2014 16:28:11 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6FGSBoF060944; Tue, 15 Jul 2014 16:28:11 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6FGSB5v060941; Tue, 15 Jul 2014 16:28:11 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407151628.s6FGSB5v060941@svn.freebsd.org> From: Glen Barber Date: Tue, 15 Jul 2014 16:28:11 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45300 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2014 16:28:11 -0000 Author: gjb Date: Tue Jul 15 16:28:10 2014 New Revision: 45300 URL: http://svnweb.freebsd.org/changeset/doc/45300 Log: Add the FreeBSD 9.3-RELEASE announcement page and PGP-signed announcement mail text. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Added: head/en_US.ISO8859-1/htdocs/releases/9.3R/announce.asc (contents, props changed) head/en_US.ISO8859-1/htdocs/releases/9.3R/announce.xml (contents, props changed) Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/Makefile Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/Makefile ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/Makefile Tue Jul 15 12:19:29 2014 (r45299) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/Makefile Tue Jul 15 16:28:10 2014 (r45300) @@ -7,10 +7,12 @@ .include "../Makefile.inc" .endif -DOCS= schedule.xml \ +DOCS= announce.xml \ + schedule.xml \ todo.xml -DATA= docbook.css \ +DATA= announce.asc \ + docbook.css \ errata.html \ hardware.html \ installation.html \ Added: head/en_US.ISO8859-1/htdocs/releases/9.3R/announce.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/announce.asc Tue Jul 15 16:28:10 2014 (r45300) @@ -0,0 +1,371 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + + FreeBSD 9.3-RELEASE Announcement + + The FreeBSD Release Engineering Team is pleased to announce the + availability of FreeBSD 9.3-RELEASE. This is the fourth release of the + stable/9 branch, which improves on the stability of FreeBSD 9.2-RELEASE + and introduces some new features. + + Some of the highlights: + + * The zfs(8) filesystem has been updated to support the bookmarks + feature. + + * The uname(1) utility has been updated to include the -U and -K flags, + which print the __FreeBSD_version for the running userland and kernel, + respectively. + + * The fetch(3) library has been updated to support SNI (Server Name + Identification), allowing to use virtual hosts on HTTPS. + + * Several updates to gcc(1) have been imported from Google. + + * The hastctl(8) utility has been updated to output the current queue + sizes. + + * The protect(1) command has been added, which allows exempting + processes from being killed when swap is exhausted. + + * The etcupdate(8) utility, a tool for managing updates to files in + /etc, has been merged from head/. + + * A new shared library directory, /usr/lib/private, has been added for + internal-use shared libraries. + + * OpenPAM has been updated to Nummularia (20130907). + + * A new flag, "onifconsole" has been added to /etc/ttys. This allows the + system to provide a login prompt via serial console if the device is + an active kernel console, otherwise it is equivalent to off. + + * Sendmail has been updated to version 8.14.9. + + * BIND has been updated to version 9.9.5. + + * The xz(1) utility has been updated to a post-5.0.5 snapshot. + + * OpenSSH has been updated to version 6.6p1. + + * OpenSSL has been updated to version 0.9.8za. + + For a complete list of new features and known problems, please see the + online release notes and errata list, available at: + + * https://www.FreeBSD.org/releases/9.3R/relnotes.html + + * https://www.FreeBSD.org/releases/9.3R/errata.html + + For more information about FreeBSD release engineering activities, please + see: + + * https://www.FreeBSD.org/releng/ + +Availability + + FreeBSD 9.3-RELEASE is now available for the amd64, i386, ia64, powerpc, + powerpc64, and sparc64 architectures. + + FreeBSD 9.3-RELEASE can be installed from bootable ISO images or over the + network. Some architectures also support installing from a USB memory + stick. The required files can be downloaded via FTP as described in the + section below. While some of the smaller FTP mirrors may not carry all + architectures, they will all generally contain the more common ones such + as amd64 and i386. + + SHA256 and MD5 hashes for the release ISO and memory stick images are + included at the bottom of this message. + + A PGP-signed version of this announcement is available at: + + * https://www.FreeBSD.org/releases/9.3R/announce.asc + + The purpose of the images provided as part of the release are as follows: + + dvd1 + + This contains everything necessary to install the base FreeBSD + operating system, the documentation, and a small set of pre-built + packages aimed at getting a graphical workstation up and running. + It also supports booting into a "livefs" based rescue mode. This + should be all you need if you can burn and use DVD-sized media. + + disc1 + + This contains the base FreeBSD operating system. It also supports + booting into a "livefs" based rescue mode. There are no pre-built + packages. + + bootonly + + This supports booting a machine using the CDROM drive but does not + contain the installation distribution sets for installing FreeBSD + from the CD itself. You would need to perform a network based + install (e.g. from an FTP server) after booting from the CD. + + memstick + + This can be written to an USB memory stick (flash drive) and used + to do an install on machines capable of booting off USB drives. It + also supports booting into a "livefs" based rescue mode. There are + no pre-built packages. + + As one example of how to use the memstick image, assuming the USB + drive appears as /dev/da0 on your machine something like this + should work: + + # dd if=FreeBSD-9.3-RELEASE-amd64-memstick.img of=/dev/da0 bs=10240 conv=sync + + + Be careful to make sure you get the target (of=) correct. + + mini-memstick + + This can be written to an USB memory stick (flash drive) and used + to boot a machine, but does not contain the installation + distribution sets on the medium itself, similar to the bootonly + image. It also supports booting into a "livefs" based rescue mode. + There are no pre-built packages. + + As one example of how to use the mini-memstick image, assuming the + USB drive appears as /dev/da0 on your machine something like this + should work: + + # dd if=FreeBSD-9.3-RELEASE-amd64-mini-memstick.img of=/dev/da0 bs=10240 conv=sync + + + Be careful to make sure you get the target (of=) correct. + + FreeBSD 9.3-RELEASE can also be purchased on CD-ROM or DVD from several + vendors. One of the vendors that will be offering FreeBSD 9.3-based + products is: + + * FreeBSD Mall, Inc.https://www.freebsdmall.com + +FTP + + FreeBSD 9.3-RELEASE may be downloaded via ftp from the following site: + + * ftp://ftp.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.3/ + + However before trying this site, please check your regional mirror(s) + first by going to: + + * ftp://ftp..FreeBSD.org/pub/FreeBSD + + Any additional mirror sites will be labeled ftp2, ftp3 and so on. + + More information about FreeBSD mirror sites can be found at: + + * https://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/mirrors-ftp.html + + For instructions on installing FreeBSD or updating an existing machine to + 9.3-RELEASE please see: + + * https://www.FreeBSD.org/releases/9.3R/installation.html + +Support + + FreeBSD 9.3-RELEASE will be supported until January 1, 2017. The + End-of-Life dates can be found at: + + * https://www.FreeBSD.org/security/ + +Other Projects Based on FreeBSD + + There are many "third party" Projects based on FreeBSD. The Projects range + from re-packaging FreeBSD into a more "novice friendly" distribution to + making FreeBSD available on Amazon's EC2 infrastructure. For more + information about these Third Party Projects see: + + * https://wiki.FreeBSD.org/3rdPartyProjects + +Acknowledgments + + Many companies donated equipment, network access, or man-hours to support + the release engineering activities for FreeBSD 9.3 including The + FreeBSD Foundation, Yahoo!, NetApp, Internet Systems Consortium, ByteMark + Hosting, Sentex Communications, New York Internet, Juniper Networks, NLNet + Labs, iXsystems, and Yandex. + + The release engineering team for 9.3-RELEASE includes: + + Glen Barber Release Engineering Lead, + 9.3-RELEASE Release Engineer + Konstantin Belousov Release Engineering + Joel Dahl Release Engineering + Baptiste Daroussin Package Building + Bryan Drewery Package Building + Marc Fonvieille Release Engineering, Documentation + Steven Kreuzer Release Engineering + Xin Li Release Engineering, Security + Officer + Josh Paetzel Release Engineering + Colin Percival Security Officer Emeritus + Craig Rodrigues Release Engineering + Hiroki Sato Release Engineering, Documentation + Gleb Smirnoff Release Engineering + Ken Smith Release Engineering + Dag-Erling Sm淡rgrav Security Officer + Marius Strobl Release Engineering + Robert Watson Release Engineering, Security + +Trademark + + FreeBSD is a registered trademark of The FreeBSD Foundation. + +ISO Image Checksums + + amd64 (x86_64): + + SHA256 (FreeBSD-9.3-RELEASE-amd64-bootonly.iso) = e6962c2605c6a191a9c238545576eff3a5a2c2c96b5058c26c8c54b6cf701914 + SHA256 (FreeBSD-9.3-RELEASE-amd64-bootonly.iso.xz) = bcb5d5c8bbc1aa06baf769a6a57908e6cbf820a02c6f6f57a902db564bff4a1f + SHA256 (FreeBSD-9.3-RELEASE-amd64-disc1.iso) = 5a3c82653d77bba7d7ded8bd7efbedc09d52cf4045d98ce52a82c9e0f8fa9b0e + SHA256 (FreeBSD-9.3-RELEASE-amd64-disc1.iso.xz) = daf255ccb9694f0a82e34e71be1e6d0bbcf332bf74f1c6f92343f00dad579d99 + SHA256 (FreeBSD-9.3-RELEASE-amd64-dvd1.iso) = 30c0baa7d51a4b3130108c862bbc9439f60a3a6362b13183c1ae0be959ae9a95 + SHA256 (FreeBSD-9.3-RELEASE-amd64-dvd1.iso.xz) = 292cac57dea0ad7723798842a2ddf582661c41c428bc78a951535d69ae92aceb + SHA256 (FreeBSD-9.3-RELEASE-amd64-memstick.img) = 04c2c98c9bcf188bb2df988ebc2c1c02ea7350c77e1711904fc368db62709634 + SHA256 (FreeBSD-9.3-RELEASE-amd64-memstick.img.xz) = 56deb31212c19c18852baee6097bebd048658d464e14a14e125840a24c939e63 + SHA256 (FreeBSD-9.3-RELEASE-amd64-mini-memstick.img) = d5a0379caa5ebb9f8252a44417d10d2b3ab0ce424d275d546689fcf9c4dd6dbe + SHA256 (FreeBSD-9.3-RELEASE-amd64-mini-memstick.img.xz) = 0e6fe54a2fcd3173f27fafc62f0d67cff44cdf5a9f133adba7aedff804cbb087 + + + MD5 (FreeBSD-9.3-RELEASE-amd64-bootonly.iso) = b53878805ea89633aaa59351d706081f + MD5 (FreeBSD-9.3-RELEASE-amd64-bootonly.iso.xz) = f3b2bfdce28af6ce3fe2fecb0838ae86 + MD5 (FreeBSD-9.3-RELEASE-amd64-disc1.iso) = 1fc7f8bace8dc861258af9042c9918d6 + MD5 (FreeBSD-9.3-RELEASE-amd64-disc1.iso.xz) = 69701074a505b78c998807e0bb20dae6 + MD5 (FreeBSD-9.3-RELEASE-amd64-dvd1.iso) = 14c176c236c27a0fa276ffb554768d38 + MD5 (FreeBSD-9.3-RELEASE-amd64-dvd1.iso.xz) = da4f382733c63260877184ef33dbfec6 + MD5 (FreeBSD-9.3-RELEASE-amd64-memstick.img) = ebcf069c96aeb59279af0c480b5717ca + MD5 (FreeBSD-9.3-RELEASE-amd64-memstick.img.xz) = d52f0909d7e4ea3c9080f7ac5358edd5 + MD5 (FreeBSD-9.3-RELEASE-amd64-mini-memstick.img) = 6077f2f90b09b4926dbf0e59df6528bf + MD5 (FreeBSD-9.3-RELEASE-amd64-mini-memstick.img.xz) = 0c342b43053375a48bea2e7413a3c3e8 + + + i386 (x86): + + SHA256 (FreeBSD-9.3-RELEASE-i386-bootonly.iso) = 84a26479e690caaa428b361f2f96c0723a5f1b09a342bd58e5eee345fc5f7406 + SHA256 (FreeBSD-9.3-RELEASE-i386-bootonly.iso.xz) = 66bad7f519bb6f504932c3ba701c4d83709699a785258aba6b3ee11c651d868a + SHA256 (FreeBSD-9.3-RELEASE-i386-disc1.iso) = cab6aad9c3d5ea6a3fb4059f808225c67f1edaea730c555a86a9707ac41ba75d + SHA256 (FreeBSD-9.3-RELEASE-i386-disc1.iso.xz) = f248e0c16a2a03a5c8a39ee41b99e0ff656f75035ccf5e720c83587d9733ca39 + SHA256 (FreeBSD-9.3-RELEASE-i386-dvd1.iso) = 6c47c17ec1e0e0ccca2c24bec0f880334d5a52847bdc092a3ff4cdd7be7a85f3 + SHA256 (FreeBSD-9.3-RELEASE-i386-dvd1.iso.xz) = 76830e50357aec289daeb9eb01416dcb42414bf57126b4875e7352e976a7451b + SHA256 (FreeBSD-9.3-RELEASE-i386-memstick.img) = 3465923d625d07ef40448e2c03bfe5c61bf89ac56cbe34fb358500860e9524aa + SHA256 (FreeBSD-9.3-RELEASE-i386-memstick.img.xz) = 30480eb3ed73e2c8d45ff7928e5edcb7f69704f0c459bbaf943907ec69adcc10 + SHA256 (FreeBSD-9.3-RELEASE-i386-mini-memstick.img) = 17c6a518b000bb9ba81229658a71a7d47f71a4e46a3846e82887d43b1d73bf81 + SHA256 (FreeBSD-9.3-RELEASE-i386-mini-memstick.img.xz) = 44b4d7d1cf1c6c59d440df84731efb110dd062c2226a25adef168bc24d55dcbe + + + MD5 (FreeBSD-9.3-RELEASE-i386-bootonly.iso) = c9abbb89fa43eed6efefb2b7926d7fa7 + MD5 (FreeBSD-9.3-RELEASE-i386-bootonly.iso.xz) = 9a797ff03c3eade54654120fdbc23ccb + MD5 (FreeBSD-9.3-RELEASE-i386-disc1.iso) = 752fa8cd15f0f1e240042c342a161eb4 + MD5 (FreeBSD-9.3-RELEASE-i386-disc1.iso.xz) = f4ace2617eea05e2898d8d0b70249bf4 + MD5 (FreeBSD-9.3-RELEASE-i386-dvd1.iso) = fb598013bf363c44e248054106c33829 + MD5 (FreeBSD-9.3-RELEASE-i386-dvd1.iso.xz) = 2024f7f2aaa73353e225ef7a1ec5aeea + MD5 (FreeBSD-9.3-RELEASE-i386-memstick.img) = c8a833fffc40a8eee2bb6a9a36595ac4 + MD5 (FreeBSD-9.3-RELEASE-i386-memstick.img.xz) = 4189b56c90e7a40e1bb69ff6f26f37e2 + MD5 (FreeBSD-9.3-RELEASE-i386-mini-memstick.img) = a2b0c1085db9424ea25b594e32230a3a + MD5 (FreeBSD-9.3-RELEASE-i386-mini-memstick.img.xz) = a95d50f326868c739f06aa1a3a76d636 + + + ia64: + + SHA256 (FreeBSD-9.3-RELEASE-ia64-bootonly.iso) = 8d9236f55b1467f4e882a751d5e040ea6538da88f4d319746679874a8dc9caba + SHA256 (FreeBSD-9.3-RELEASE-ia64-bootonly.iso.xz) = eceb7125b8a8711969d7c3997044f9043ec938fc3518dd8a197fd94f4d7076c6 + SHA256 (FreeBSD-9.3-RELEASE-ia64-disc1.iso) = 953b7c847f21e6316c22c0741a5de76865b521b594b593d67fe60bf5e348452d + SHA256 (FreeBSD-9.3-RELEASE-ia64-disc1.iso.xz) = 3fef900ad1ef288202701e04ce3c9ef1ab6c870e5e7ec97b9ab6a6a5e5dccf59 + SHA256 (FreeBSD-9.3-RELEASE-ia64-memstick.img) = c4d5d921443c993e294fe9e9ca9ae60409c5c663ad895f6e582ba955c9155e86 + SHA256 (FreeBSD-9.3-RELEASE-ia64-memstick.img.xz) = ccd354b7571ebd5c3763158b49b1aa51c2bed63d0ce36eb49a6cf1e227bc133e + SHA256 (FreeBSD-9.3-RELEASE-ia64-mini-memstick.img) = 7475bfafd661600de2516d9ce0ed6c5621699d3ebda59f672d1e7cfc8efeb504 + SHA256 (FreeBSD-9.3-RELEASE-ia64-mini-memstick.img.xz) = 1ed6d2ea23e320b6708958989aaf90788cd56371a4c25e9145911dc4f890dbfa + + + MD5 (FreeBSD-9.3-RELEASE-ia64-bootonly.iso) = 6d2210defeb17219a600d02917fa3f79 + MD5 (FreeBSD-9.3-RELEASE-ia64-bootonly.iso.xz) = f17b43d7fbec6dab1d05bb0d2f0bfb15 + MD5 (FreeBSD-9.3-RELEASE-ia64-disc1.iso) = 1bdf7afa83a7494e9569888cb162752c + MD5 (FreeBSD-9.3-RELEASE-ia64-disc1.iso.xz) = 81c6d02da1645bda86a2c1fec716e622 + MD5 (FreeBSD-9.3-RELEASE-ia64-memstick.img) = b5003d7260190a5123ae478a1980b526 + MD5 (FreeBSD-9.3-RELEASE-ia64-memstick.img.xz) = d53ba4fc4748ca0953067f3c4c31b4f0 + MD5 (FreeBSD-9.3-RELEASE-ia64-mini-memstick.img) = 1946ba71adecc220d66f70d0aee6606e + MD5 (FreeBSD-9.3-RELEASE-ia64-mini-memstick.img.xz) = d891966f184e6264203bf964404a4530 + + + powerpc: + + SHA256 (FreeBSD-9.3-RELEASE-powerpc-bootonly.iso) = 6a2d0ac953ead098e7dbee736e4e19b28b8d914baa5947083d494c150d257381 + SHA256 (FreeBSD-9.3-RELEASE-powerpc-bootonly.iso.xz) = a68b22d933ef03894da5eee16c8f1fd8bdc05003d2ee40f34f0e0f165eb97715 + SHA256 (FreeBSD-9.3-RELEASE-powerpc-disc1.iso) = dd30aa9491b14410dd520f2cb8c231be701debbc36c5b023a427e3e28bcba3c4 + SHA256 (FreeBSD-9.3-RELEASE-powerpc-disc1.iso.xz) = a609d8d641d7839707d8caf9796434deee0e3f4218c79d7cadaa7787d3975c33 + SHA256 (FreeBSD-9.3-RELEASE-powerpc-memstick.img) = 0e0c449026084f8431bc7852dcdaeaa3101301c2c73151204e9ce4d4ccdbfb38 + SHA256 (FreeBSD-9.3-RELEASE-powerpc-memstick.img.xz) = f5d3b880fa1d737b708e96584c52804c33af9e7de4c7e2ee744584c08c8d8b84 + SHA256 (FreeBSD-9.3-RELEASE-powerpc-mini-memstick.img) = c8fb345384558215eb7d5126684c827e73104eabe36309a3de275c7ea9512822 + SHA256 (FreeBSD-9.3-RELEASE-powerpc-mini-memstick.img.xz) = 931706a17b708c1db6337cf0fbf8bad877a8dfce64c2e5079fe890e5e85339e3 + + + MD5 (FreeBSD-9.3-RELEASE-powerpc-bootonly.iso) = e80fd4c1278db39e3f8740612dff0da9 + MD5 (FreeBSD-9.3-RELEASE-powerpc-bootonly.iso.xz) = 7690229bf847dbf377a5086652dfc1aa + MD5 (FreeBSD-9.3-RELEASE-powerpc-disc1.iso) = a308f49d59c6553cfcb625ec3c2a278d + MD5 (FreeBSD-9.3-RELEASE-powerpc-disc1.iso.xz) = 8d5783474fdf5463ab5aa06d7d09509e + MD5 (FreeBSD-9.3-RELEASE-powerpc-memstick.img) = ec112f1085ab363b27931c25c451fb2c + MD5 (FreeBSD-9.3-RELEASE-powerpc-memstick.img.xz) = 1c9d741dd889b1461812fce34fb48e93 + MD5 (FreeBSD-9.3-RELEASE-powerpc-mini-memstick.img) = 0b3c655654d8def1eeb96b478a0572f0 + MD5 (FreeBSD-9.3-RELEASE-powerpc-mini-memstick.img.xz) = f7913ffa1eebb43e875ba81c5bd8e992 + + + powerpc64: + + SHA256 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-bootonly.iso) = c8bb1f3105f2a2d9dd4a76536d8d44d8ae0aa7742230d549ea280f04e41f81b2 + SHA256 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-bootonly.iso.xz) = f5327d0c665cf7f286e3daca382e04abb0aee9d125cc70a41a2d96ad13ffe531 + SHA256 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-disc1.iso) = f89d13f3c292381549b8c9b70e81cd152491f34e0e889d78e439d63884a346c6 + SHA256 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-disc1.iso.xz) = 5047b76a8c4299d3f2a56271a9798a7088717356792c91bea96ca61f871f087a + SHA256 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-memstick.img) = b94b05b0999aae0d197ad45b19d4d2b2678d322109da43bd10b2556b441b207c + SHA256 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-memstick.img.xz) = 9da446da2dfb73f24195b70c873317c4dd7578dc339dd051e082e2351b3bcac3 + SHA256 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-mini-memstick.img) = 21874e49e3c7685c098c90100717f28975db2dbc9043e810fef554f08a6bc940 + SHA256 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-mini-memstick.img.xz) = a6cc4f340802bd936acb4b7920aa4fced54a2e265b60ffecf0b7b1c2f71fa644 + + + MD5 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-bootonly.iso) = 674ed0a922e0f662c2f8118d8424473f + MD5 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-bootonly.iso.xz) = 5836f439da4dc8372da0e20d1a78ec97 + MD5 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-disc1.iso) = 0c5cf50f3bbf1263708ca3f9da0465bb + MD5 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-disc1.iso.xz) = d2788b12c02134da11ba72238081e4cc + MD5 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-memstick.img) = 5e5123677e21a53b463a3cceb2ad324d + MD5 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-memstick.img.xz) = d6fd35a61aed2d529432e9c9df425be5 + MD5 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-mini-memstick.img) = a850121bc10455c3b835fd161237e8b2 + MD5 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-mini-memstick.img.xz) = 3bcf3571a3815ea78fbed61094745437 + + + sparc64: + + SHA256 (FreeBSD-9.3-RELEASE-sparc64-bootonly.iso) = d9f9089c7f992744bb9675206042224bdabcfd924e72d322195acb207fe96294 + SHA256 (FreeBSD-9.3-RELEASE-sparc64-bootonly.iso.xz) = 67830e9f64ee617acf2fff79770ea47aa3e98c7e2901068b413d41d2282d4372 + SHA256 (FreeBSD-9.3-RELEASE-sparc64-disc1.iso) = 989a2d8181b889ec0c1ee08e3afabfdcaf23c75b4157c9463c9ab7496e82a949 + SHA256 (FreeBSD-9.3-RELEASE-sparc64-disc1.iso.xz) = 2f2b94f379ae3df05762e2618e573b19ae83756dfde11d6628236c3c6a0052bc + + + MD5 (FreeBSD-9.3-RELEASE-sparc64-bootonly.iso) = 8b97d45e204dcfa8515f227189a35b1c + MD5 (FreeBSD-9.3-RELEASE-sparc64-bootonly.iso.xz) = fae6c32e0f9dd2f909b729ba6f4bfeb6 + MD5 (FreeBSD-9.3-RELEASE-sparc64-disc1.iso) = 838b0211322dd19f1285b9b94e6ac17e + MD5 (FreeBSD-9.3-RELEASE-sparc64-disc1.iso.xz) = c8a8ab9f3b6eddca77623e5bc3f6718b + + + Love FreeBSD? Support this and future releases with a donation to The + FreeBSD Foundation! https://www.FreeBSDFoundation.org/donate/ + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2 + +iQIcBAEBCAAGBQJTxU6KAAoJELls3eqvi17QY9wP/2oA5mgByx4Ixv4rfFl2RZRX +hH0C3xTsevtTlYYdcDJWdqw9sRBYxWYz3OgguczPd5GhVhTC6442Pclx1jmK3rXD +NXeTlc6HU1eRmEPgLKxzK+hunz0ol80Aob4S9b/jKhSkvrIMez/pXrGU4npY1wIz +6C7YWTA3UHYtwUSbsB/C6zOi5SOs9yQ41CMue6hye3FRyBn2Ok6uyEx3nEqtvf9f +mbqYz5fkQ7t0+TV2Qlde5T9t7sTLXChpXwy0l0a2qUE9zAnkpaz6gTtliAEoIfz0 +uIlQ2adDpPq8TMFiEo8LDMTuRAWMz3zs45qmOjSUf8wZOdTcTBHi7JvrL9Ea/Yqp +xlqeJ3Myzi8B5Lm92IJpu3qFVGYK5POhcn86OapfpbfKGu9w0/W1ZordJTnEh23o +Z0hsF13Uay5bjSPEngovKdx4nQ9BALBK9RC00NeuyrYQyBuOcyaBqO99zJlBTWMu +QcsoICsGwyinseU79cPxIWd1E9n7BMPAJY7hpHQoJEplTZbRpEHgOUD23AxPlylz +nOtvuy0bb5yqxyAUPZ7Uc2fzQ6hmggYiNH1X2dScLF0vTAP6YFTpp7lQPYO6rpo7 +B0MWzxs3TrpD2B/BTldeKpvgxHmmHNvf3we983/hJCS1nqlWBX+BYpYxSix9hu4K +yhxIhAPGmK8M5V4VP9CL +=Tl2P +-----END PGP SIGNATURE----- Added: head/en_US.ISO8859-1/htdocs/releases/9.3R/announce.xml ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/announce.xml Tue Jul 15 16:28:10 2014 (r45300) @@ -0,0 +1,536 @@ + + + + + +]> + + + &title; + + $FreeBSD$ + + + + +

    The &os; Release Engineering Team is pleased to announce the + availability of &os; &thisrelease;-RELEASE. This is the fourth + release of the stable/&thisbranch; branch, which improves on the + stability of &os; 9.2-RELEASE and introduces some new + features.

    + +

    Some of the highlights:

    + +
      +
    • +

      The zfs(8) filesystem has been updated to support the + bookmarks feature.

      +
      • + +
    • +

      The uname(1) utility has been updated to include the -U and + -K flags, which print the __FreeBSD_version for the running + userland and kernel, respectively.

      +
      • + +
    • +

      The fetch(3) library has been updated to support SNI + (Server Name Identification), allowing to use virtual hosts + on HTTPS.

      +
      • + +
    • +

      Several updates to gcc(1) have been imported from + Google.

      +
      • + +
    • +

      The hastctl(8) utility has been updated to output the + current queue sizes.

      +
      • + +
    • +

      The protect(1) command has been added, which allows + exempting processes from being killed when swap is + exhausted.

      +
      • + +
    • +

      The etcupdate(8) utility, a tool for managing updates to + files in /etc, has been merged from head/.

      +
      • + +
    • +

      A new shared library directory, /usr/lib/private, has been + added for internal-use shared libraries.

      +
      • + +
    • +

      OpenPAM has been updated to Nummularia (20130907).

      +
      • + +
    • +

      A new flag, "onifconsole" has been added to /etc/ttys. This + allows the system to provide a login prompt via serial + console if the device is an active kernel console, otherwise + it is equivalent to off.

      +
      • + +
    • +

      Sendmail has been updated to version 8.14.9.

      +
      • + +
    • +

      BIND has been updated to version 9.9.5.

      +
      • + +
    • +

      The xz(1) utility has been updated to a post-5.0.5 + snapshot.

      +
      • + +
    • +

      OpenSSH has been updated to version 6.6p1.

      +
      • + +
    • +

      OpenSSL has been updated to version 0.9.8za.

      +
      • +
    + +

    For a complete list of new features and known problems, please + see the online release notes and errata list, available at:

    + + + +

    For more information about &os; release engineering + activities, please see:

    + + + +

    Availability

    + +

    &os; &thisrelease;-RELEASE is now available for the amd64, i386, + ia64, powerpc, powerpc64, and sparc64 architectures.

    + +

    &os; &thisrelease;-RELEASE can be installed from bootable + ISO images or over the network. Some architectures also support + installing from a USB memory stick. The required files can be + downloaded via FTP as described in the section below. While + some of the smaller FTP mirrors may not carry all architectures, + they will all generally contain the more common ones such as + amd64 and i386.

    + +

    SHA256 and MD5 hashes for the release ISO and memory stick + images are included at the bottom of this message.

    + +

    A PGP-signed version of this announcement is available at:

    + + + +

    The purpose of the images provided as part of the release are + as follows:

    + +
    +
    dvd1
    + +
    +

    This contains everything necessary to install the base &os; + operating system, the documentation, and a small set of + pre-built packages aimed at getting a graphical workstation + up and running. It also supports booting into a "livefs" + based rescue mode. This should be all you need if you can + burn and use DVD-sized media.

    +
    + +
    disc1
    + +
    +

    This contains the base &os; operating system. It also + supports booting into a "livefs" based rescue mode. There + are no pre-built packages.

    +
    + +
    bootonly
    + +
    +

    This supports booting a machine using the CDROM drive but + does not contain the installation distribution sets for + installing &os; from the CD itself. You would need to + perform a network based install (e.g. from an FTP server) + after booting from the CD.

    +
    + +
    memstick
    + +
    +

    This can be written to an USB memory stick (flash drive) + and used to do an install on machines capable of booting off + USB drives. It also supports booting into a "livefs" based + rescue mode. There are no pre-built packages.

    + +

    As one example of how to use the memstick image, assuming + the USB drive appears as /dev/da0 on your machine something + like this should work:

    + + 
    +	  # dd if=FreeBSD-&thisrelease;-RELEASE-amd64-memstick.img of=/dev/da0 bs=10240 conv=sync
+
    + +

    Be careful to make sure you get the target (of=) + correct.

    +
    + +
    mini-memstick
    + +
    +

    This can be written to an USB memory stick (flash drive) + and used to boot a machine, but does not contain the + installation distribution sets on the medium itself, similar + to the bootonly image. It also supports booting into + a "livefs" based rescue mode. There are no pre-built + packages.

    + +

    As one example of how to use the mini-memstick image, + assuming the USB drive appears as /dev/da0 on your machine + something like this should work:

    + + 
    +	  # dd if=FreeBSD-&thisrelease;-RELEASE-amd64-mini-memstick.img of=/dev/da0 bs=10240 conv=sync
+
    + +

    Be careful to make sure you get the target (of=) + correct.

    +
    +
    + +

    &os; &thisrelease;-RELEASE can also be purchased on CD-ROM + or DVD from several vendors. One of the vendors that will be + offering &os; &thisrelease;-based products is:

    + + + +

    FTP

    + +

    &os; &thisrelease;-RELEASE may be downloaded via ftp from + the following site:

    + + + +

    However before trying this site, please check your regional + mirror(s) first by going to:

    + + + +

    Any additional mirror sites will be labeled ftp2, ftp3 and so + on.

    + +

    More information about &os; mirror sites can be found + at:

    + + + +

    For instructions on installing &os; or updating an existing + machine to &thisrelease;-RELEASE please see:

    + + + +

    Support

    + +

    &os; &thisrelease;-RELEASE will be supported until + &thiseol;. The End-of-Life dates can be found at:

    + + + +

    Other Projects Based on &os;

    + +

    There are many "third party" Projects based on + &os;. The Projects range from re-packaging &os; into a more + "novice friendly" distribution to making &os; + available on Amazon's EC2 infrastructure. For more information + about these Third Party Projects see:

    + + + +

    Acknowledgments

    + +

    Many companies donated equipment, network access, or man-hours + to support the release engineering activities for &os; &thisrelease; + including The &os; Foundation, Yahoo!, NetApp, Internet Systems + Consortium, ByteMark Hosting, Sentex Communications, New York + Internet, Juniper Networks, NLNet Labs, iXsystems, and Yandex.

    + +

    The release engineering team for &thisrelease;-RELEASE includes:

    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Glen Barber <gjb@FreeBSD.org>Release Engineering Lead, &thisrelease;-RELEASE Release Engineer
    Konstantin Belousov <kib@FreeBSD.org>Release Engineering
    Joel Dahl <joel@FreeBSD.org>Release Engineering
    Baptiste Daroussin <bapt@FreeBSD.org>Package Building
    Bryan Drewery <bdrewery@FreeBSD.org>Package Building
    Marc Fonvieille <blackend@FreeBSD.org>Release Engineering, Documentation
    Steven Kreuzer <skreuzer@FreeBSD.org>Release Engineering
    Xin Li <delphij@FreeBSD.org>Release Engineering, Security Officer
    Josh Paetzel <jpaetzel@FreeBSD.org>Release Engineering
    Colin Percival <cperciva@FreeBSD.org>Security Officer Emeritus
    Craig Rodrigues <rodrigc@FreeBSD.org>Release Engineering
    Hiroki Sato <hrs@FreeBSD.org>Release Engineering, Documentation
    Gleb Smirnoff <glebius@FreeBSD.org>Release Engineering
    Ken Smith <kensmith@FreeBSD.org>Release Engineering
    Dag-Erling Smørgrav <des@FreeBSD.org>Security Officer
    Marius Strobl <marius@FreeBSD.org>Release Engineering
    Robert Watson <rwatson@FreeBSD.org>Release Engineering, Security
    + +

    Trademark

    + +

    &os; is a registered trademark of The &os; Foundation.

    + +

    ISO Image Checksums

    + +

    amd64 (x86_64):

    + + 
    +    SHA256 (FreeBSD-9.3-RELEASE-amd64-bootonly.iso) = e6962c2605c6a191a9c238545576eff3a5a2c2c96b5058c26c8c54b6cf701914
+    SHA256 (FreeBSD-9.3-RELEASE-amd64-bootonly.iso.xz) = bcb5d5c8bbc1aa06baf769a6a57908e6cbf820a02c6f6f57a902db564bff4a1f
+    SHA256 (FreeBSD-9.3-RELEASE-amd64-disc1.iso) = 5a3c82653d77bba7d7ded8bd7efbedc09d52cf4045d98ce52a82c9e0f8fa9b0e
+    SHA256 (FreeBSD-9.3-RELEASE-amd64-disc1.iso.xz) = daf255ccb9694f0a82e34e71be1e6d0bbcf332bf74f1c6f92343f00dad579d99
+    SHA256 (FreeBSD-9.3-RELEASE-amd64-dvd1.iso) = 30c0baa7d51a4b3130108c862bbc9439f60a3a6362b13183c1ae0be959ae9a95
+    SHA256 (FreeBSD-9.3-RELEASE-amd64-dvd1.iso.xz) = 292cac57dea0ad7723798842a2ddf582661c41c428bc78a951535d69ae92aceb
+    SHA256 (FreeBSD-9.3-RELEASE-amd64-memstick.img) = 04c2c98c9bcf188bb2df988ebc2c1c02ea7350c77e1711904fc368db62709634
+    SHA256 (FreeBSD-9.3-RELEASE-amd64-memstick.img.xz) = 56deb31212c19c18852baee6097bebd048658d464e14a14e125840a24c939e63
+    SHA256 (FreeBSD-9.3-RELEASE-amd64-mini-memstick.img) = d5a0379caa5ebb9f8252a44417d10d2b3ab0ce424d275d546689fcf9c4dd6dbe
+    SHA256 (FreeBSD-9.3-RELEASE-amd64-mini-memstick.img.xz) = 0e6fe54a2fcd3173f27fafc62f0d67cff44cdf5a9f133adba7aedff804cbb087
+
    + + 
    +    MD5 (FreeBSD-9.3-RELEASE-amd64-bootonly.iso) = b53878805ea89633aaa59351d706081f
+    MD5 (FreeBSD-9.3-RELEASE-amd64-bootonly.iso.xz) = f3b2bfdce28af6ce3fe2fecb0838ae86
+    MD5 (FreeBSD-9.3-RELEASE-amd64-disc1.iso) = 1fc7f8bace8dc861258af9042c9918d6
+    MD5 (FreeBSD-9.3-RELEASE-amd64-disc1.iso.xz) = 69701074a505b78c998807e0bb20dae6
+    MD5 (FreeBSD-9.3-RELEASE-amd64-dvd1.iso) = 14c176c236c27a0fa276ffb554768d38
+    MD5 (FreeBSD-9.3-RELEASE-amd64-dvd1.iso.xz) = da4f382733c63260877184ef33dbfec6
+    MD5 (FreeBSD-9.3-RELEASE-amd64-memstick.img) = ebcf069c96aeb59279af0c480b5717ca
+    MD5 (FreeBSD-9.3-RELEASE-amd64-memstick.img.xz) = d52f0909d7e4ea3c9080f7ac5358edd5
+    MD5 (FreeBSD-9.3-RELEASE-amd64-mini-memstick.img) = 6077f2f90b09b4926dbf0e59df6528bf
+    MD5 (FreeBSD-9.3-RELEASE-amd64-mini-memstick.img.xz) = 0c342b43053375a48bea2e7413a3c3e8
+
    + +

    i386 (x86):

    + + 
    +    SHA256 (FreeBSD-9.3-RELEASE-i386-bootonly.iso) = 84a26479e690caaa428b361f2f96c0723a5f1b09a342bd58e5eee345fc5f7406
+    SHA256 (FreeBSD-9.3-RELEASE-i386-bootonly.iso.xz) = 66bad7f519bb6f504932c3ba701c4d83709699a785258aba6b3ee11c651d868a
+    SHA256 (FreeBSD-9.3-RELEASE-i386-disc1.iso) = cab6aad9c3d5ea6a3fb4059f808225c67f1edaea730c555a86a9707ac41ba75d
+    SHA256 (FreeBSD-9.3-RELEASE-i386-disc1.iso.xz) = f248e0c16a2a03a5c8a39ee41b99e0ff656f75035ccf5e720c83587d9733ca39
+    SHA256 (FreeBSD-9.3-RELEASE-i386-dvd1.iso) = 6c47c17ec1e0e0ccca2c24bec0f880334d5a52847bdc092a3ff4cdd7be7a85f3
+    SHA256 (FreeBSD-9.3-RELEASE-i386-dvd1.iso.xz) = 76830e50357aec289daeb9eb01416dcb42414bf57126b4875e7352e976a7451b
+    SHA256 (FreeBSD-9.3-RELEASE-i386-memstick.img) = 3465923d625d07ef40448e2c03bfe5c61bf89ac56cbe34fb358500860e9524aa
+    SHA256 (FreeBSD-9.3-RELEASE-i386-memstick.img.xz) = 30480eb3ed73e2c8d45ff7928e5edcb7f69704f0c459bbaf943907ec69adcc10
+    SHA256 (FreeBSD-9.3-RELEASE-i386-mini-memstick.img) = 17c6a518b000bb9ba81229658a71a7d47f71a4e46a3846e82887d43b1d73bf81
+    SHA256 (FreeBSD-9.3-RELEASE-i386-mini-memstick.img.xz) = 44b4d7d1cf1c6c59d440df84731efb110dd062c2226a25adef168bc24d55dcbe
+
    + + 
    +    MD5 (FreeBSD-9.3-RELEASE-i386-bootonly.iso) = c9abbb89fa43eed6efefb2b7926d7fa7
+    MD5 (FreeBSD-9.3-RELEASE-i386-bootonly.iso.xz) = 9a797ff03c3eade54654120fdbc23ccb
+    MD5 (FreeBSD-9.3-RELEASE-i386-disc1.iso) = 752fa8cd15f0f1e240042c342a161eb4
+    MD5 (FreeBSD-9.3-RELEASE-i386-disc1.iso.xz) = f4ace2617eea05e2898d8d0b70249bf4
+    MD5 (FreeBSD-9.3-RELEASE-i386-dvd1.iso) = fb598013bf363c44e248054106c33829
+    MD5 (FreeBSD-9.3-RELEASE-i386-dvd1.iso.xz) = 2024f7f2aaa73353e225ef7a1ec5aeea
+    MD5 (FreeBSD-9.3-RELEASE-i386-memstick.img) = c8a833fffc40a8eee2bb6a9a36595ac4
+    MD5 (FreeBSD-9.3-RELEASE-i386-memstick.img.xz) = 4189b56c90e7a40e1bb69ff6f26f37e2
+    MD5 (FreeBSD-9.3-RELEASE-i386-mini-memstick.img) = a2b0c1085db9424ea25b594e32230a3a
+    MD5 (FreeBSD-9.3-RELEASE-i386-mini-memstick.img.xz) = a95d50f326868c739f06aa1a3a76d636
+
    + +

    ia64:

    + + 
    +    SHA256 (FreeBSD-9.3-RELEASE-ia64-bootonly.iso) = 8d9236f55b1467f4e882a751d5e040ea6538da88f4d319746679874a8dc9caba
+    SHA256 (FreeBSD-9.3-RELEASE-ia64-bootonly.iso.xz) = eceb7125b8a8711969d7c3997044f9043ec938fc3518dd8a197fd94f4d7076c6
+    SHA256 (FreeBSD-9.3-RELEASE-ia64-disc1.iso) = 953b7c847f21e6316c22c0741a5de76865b521b594b593d67fe60bf5e348452d
+    SHA256 (FreeBSD-9.3-RELEASE-ia64-disc1.iso.xz) = 3fef900ad1ef288202701e04ce3c9ef1ab6c870e5e7ec97b9ab6a6a5e5dccf59
+    SHA256 (FreeBSD-9.3-RELEASE-ia64-memstick.img) = c4d5d921443c993e294fe9e9ca9ae60409c5c663ad895f6e582ba955c9155e86
+    SHA256 (FreeBSD-9.3-RELEASE-ia64-memstick.img.xz) = ccd354b7571ebd5c3763158b49b1aa51c2bed63d0ce36eb49a6cf1e227bc133e
+    SHA256 (FreeBSD-9.3-RELEASE-ia64-mini-memstick.img) = 7475bfafd661600de2516d9ce0ed6c5621699d3ebda59f672d1e7cfc8efeb504
+    SHA256 (FreeBSD-9.3-RELEASE-ia64-mini-memstick.img.xz) = 1ed6d2ea23e320b6708958989aaf90788cd56371a4c25e9145911dc4f890dbfa
+
    + + 
    +    MD5 (FreeBSD-9.3-RELEASE-ia64-bootonly.iso) = 6d2210defeb17219a600d02917fa3f79
+    MD5 (FreeBSD-9.3-RELEASE-ia64-bootonly.iso.xz) = f17b43d7fbec6dab1d05bb0d2f0bfb15
+    MD5 (FreeBSD-9.3-RELEASE-ia64-disc1.iso) = 1bdf7afa83a7494e9569888cb162752c
+    MD5 (FreeBSD-9.3-RELEASE-ia64-disc1.iso.xz) = 81c6d02da1645bda86a2c1fec716e622
+    MD5 (FreeBSD-9.3-RELEASE-ia64-memstick.img) = b5003d7260190a5123ae478a1980b526
+    MD5 (FreeBSD-9.3-RELEASE-ia64-memstick.img.xz) = d53ba4fc4748ca0953067f3c4c31b4f0
+    MD5 (FreeBSD-9.3-RELEASE-ia64-mini-memstick.img) = 1946ba71adecc220d66f70d0aee6606e
+    MD5 (FreeBSD-9.3-RELEASE-ia64-mini-memstick.img.xz) = d891966f184e6264203bf964404a4530
+
    + +

    powerpc:

    + + 
    +    SHA256 (FreeBSD-9.3-RELEASE-powerpc-bootonly.iso) = 6a2d0ac953ead098e7dbee736e4e19b28b8d914baa5947083d494c150d257381
+    SHA256 (FreeBSD-9.3-RELEASE-powerpc-bootonly.iso.xz) = a68b22d933ef03894da5eee16c8f1fd8bdc05003d2ee40f34f0e0f165eb97715
+    SHA256 (FreeBSD-9.3-RELEASE-powerpc-disc1.iso) = dd30aa9491b14410dd520f2cb8c231be701debbc36c5b023a427e3e28bcba3c4
+    SHA256 (FreeBSD-9.3-RELEASE-powerpc-disc1.iso.xz) = a609d8d641d7839707d8caf9796434deee0e3f4218c79d7cadaa7787d3975c33
+    SHA256 (FreeBSD-9.3-RELEASE-powerpc-memstick.img) = 0e0c449026084f8431bc7852dcdaeaa3101301c2c73151204e9ce4d4ccdbfb38
+    SHA256 (FreeBSD-9.3-RELEASE-powerpc-memstick.img.xz) = f5d3b880fa1d737b708e96584c52804c33af9e7de4c7e2ee744584c08c8d8b84
+    SHA256 (FreeBSD-9.3-RELEASE-powerpc-mini-memstick.img) = c8fb345384558215eb7d5126684c827e73104eabe36309a3de275c7ea9512822
+    SHA256 (FreeBSD-9.3-RELEASE-powerpc-mini-memstick.img.xz) = 931706a17b708c1db6337cf0fbf8bad877a8dfce64c2e5079fe890e5e85339e3
+
    + + 
    +    MD5 (FreeBSD-9.3-RELEASE-powerpc-bootonly.iso) = e80fd4c1278db39e3f8740612dff0da9
+    MD5 (FreeBSD-9.3-RELEASE-powerpc-bootonly.iso.xz) = 7690229bf847dbf377a5086652dfc1aa
+    MD5 (FreeBSD-9.3-RELEASE-powerpc-disc1.iso) = a308f49d59c6553cfcb625ec3c2a278d
+    MD5 (FreeBSD-9.3-RELEASE-powerpc-disc1.iso.xz) = 8d5783474fdf5463ab5aa06d7d09509e
+    MD5 (FreeBSD-9.3-RELEASE-powerpc-memstick.img) = ec112f1085ab363b27931c25c451fb2c
+    MD5 (FreeBSD-9.3-RELEASE-powerpc-memstick.img.xz) = 1c9d741dd889b1461812fce34fb48e93
+    MD5 (FreeBSD-9.3-RELEASE-powerpc-mini-memstick.img) = 0b3c655654d8def1eeb96b478a0572f0
+    MD5 (FreeBSD-9.3-RELEASE-powerpc-mini-memstick.img.xz) = f7913ffa1eebb43e875ba81c5bd8e992
+
    + +

    powerpc64:

    + + 
    +    SHA256 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-bootonly.iso) = c8bb1f3105f2a2d9dd4a76536d8d44d8ae0aa7742230d549ea280f04e41f81b2
+    SHA256 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-bootonly.iso.xz) = f5327d0c665cf7f286e3daca382e04abb0aee9d125cc70a41a2d96ad13ffe531
+    SHA256 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-disc1.iso) = f89d13f3c292381549b8c9b70e81cd152491f34e0e889d78e439d63884a346c6
+    SHA256 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-disc1.iso.xz) = 5047b76a8c4299d3f2a56271a9798a7088717356792c91bea96ca61f871f087a
+    SHA256 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-memstick.img) = b94b05b0999aae0d197ad45b19d4d2b2678d322109da43bd10b2556b441b207c
+    SHA256 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-memstick.img.xz) = 9da446da2dfb73f24195b70c873317c4dd7578dc339dd051e082e2351b3bcac3
+    SHA256 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-mini-memstick.img) = 21874e49e3c7685c098c90100717f28975db2dbc9043e810fef554f08a6bc940
+    SHA256 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-mini-memstick.img.xz) = a6cc4f340802bd936acb4b7920aa4fced54a2e265b60ffecf0b7b1c2f71fa644
+
    + + 
    +    MD5 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-bootonly.iso) = 674ed0a922e0f662c2f8118d8424473f
+    MD5 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-bootonly.iso.xz) = 5836f439da4dc8372da0e20d1a78ec97
+    MD5 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-disc1.iso) = 0c5cf50f3bbf1263708ca3f9da0465bb
+    MD5 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-disc1.iso.xz) = d2788b12c02134da11ba72238081e4cc
+    MD5 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-memstick.img) = 5e5123677e21a53b463a3cceb2ad324d
+    MD5 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-memstick.img.xz) = d6fd35a61aed2d529432e9c9df425be5
+    MD5 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-mini-memstick.img) = a850121bc10455c3b835fd161237e8b2
+    MD5 (FreeBSD-9.3-RELEASE-powerpc-powerpc64-mini-memstick.img.xz) = 3bcf3571a3815ea78fbed61094745437
+
    + +

    sparc64:

    + + 
    +    SHA256 (FreeBSD-9.3-RELEASE-sparc64-bootonly.iso) = d9f9089c7f992744bb9675206042224bdabcfd924e72d322195acb207fe96294
+    SHA256 (FreeBSD-9.3-RELEASE-sparc64-bootonly.iso.xz) = 67830e9f64ee617acf2fff79770ea47aa3e98c7e2901068b413d41d2282d4372
+    SHA256 (FreeBSD-9.3-RELEASE-sparc64-disc1.iso) = 989a2d8181b889ec0c1ee08e3afabfdcaf23c75b4157c9463c9ab7496e82a949
+    SHA256 (FreeBSD-9.3-RELEASE-sparc64-disc1.iso.xz) = 2f2b94f379ae3df05762e2618e573b19ae83756dfde11d6628236c3c6a0052bc
+
    + + 
    +    MD5 (FreeBSD-9.3-RELEASE-sparc64-bootonly.iso) = 8b97d45e204dcfa8515f227189a35b1c
+    MD5 (FreeBSD-9.3-RELEASE-sparc64-bootonly.iso.xz) = fae6c32e0f9dd2f909b729ba6f4bfeb6
+    MD5 (FreeBSD-9.3-RELEASE-sparc64-disc1.iso) = 838b0211322dd19f1285b9b94e6ac17e
+    MD5 (FreeBSD-9.3-RELEASE-sparc64-disc1.iso.xz) = c8a8ab9f3b6eddca77623e5bc3f6718b
+
    + +

    Love FreeBSD? Support this and future releases with a donation + to The &os; Foundation!

    + + + From owner-svn-doc-all@FreeBSD.ORG Tue Jul 15 16:30:57 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7925DA50; Tue, 15 Jul 2014 16:30:57 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 670A32869; Tue, 15 Jul 2014 16:30:57 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6FGUvVQ061833; Tue, 15 Jul 2014 16:30:57 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6FGUvaR061832; Tue, 15 Jul 2014 16:30:57 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407151630.s6FGUvaR061832@svn.freebsd.org> From: Glen Barber Date: Tue, 15 Jul 2014 16:30:57 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45301 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2014 16:30:57 -0000 Author: gjb Date: Tue Jul 15 16:30:56 2014 New Revision: 45301 URL: http://svnweb.freebsd.org/changeset/doc/45301 Log: Announce FreeBSD 9.3-RELEASE. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/share/xml/news.xml Modified: head/share/xml/news.xml ============================================================================== --- head/share/xml/news.xml Tue Jul 15 16:28:10 2014 (r45300) +++ head/share/xml/news.xml Tue Jul 15 16:30:56 2014 (r45301) @@ -35,6 +35,26 @@ 7 + 16 + + + &os; 9.3-RELEASE Available + +

    FreeBSD + 9.3-RELEASE is now available. Please be sure to + check the Release + Notes and Release + Errata before installation for any late-breaking + news and/or issues with 9.3. More information about + FreeBSD releases can be found on the Release + Information page.

    +     +     + + 9 From owner-svn-doc-all@FreeBSD.ORG Tue Jul 15 16:34:16 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3CAB4BE3; Tue, 15 Jul 2014 16:34:16 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 282BA2951; Tue, 15 Jul 2014 16:34:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6FGYGCC065168; Tue, 15 Jul 2014 16:34:16 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6FGYFEN065165; Tue, 15 Jul 2014 16:34:15 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407151634.s6FGYFEN065165@svn.freebsd.org> From: Glen Barber Date: Tue, 15 Jul 2014 16:34:15 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45302 - in head: en_US.ISO8859-1/htdocs/releng en_US.ISO8859-1/htdocs/security share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2014 16:34:16 -0000 Author: gjb Date: Tue Jul 15 16:34:15 2014 New Revision: 45302 URL: http://svnweb.freebsd.org/changeset/doc/45302 Log: - Switch betarel and betarel2 FreeBSD versions. - Set the release month and year for 9.3-RELEASE. - Remove 9.3-RELEASE from the releng page. - Add the 9.3-RELEASE EoL to the security page. - Set beta.testing to IGNORE since images are not yet built. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releng/index.xml head/en_US.ISO8859-1/htdocs/security/security.xml head/share/xml/release.ent Modified: head/en_US.ISO8859-1/htdocs/releng/index.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/releng/index.xml Tue Jul 15 16:30:56 2014 (r45301) +++ head/en_US.ISO8859-1/htdocs/releng/index.xml Tue Jul 15 16:34:15 2014 (r45302) @@ -50,12 +50,6 @@ - July 2014 - &os; 9.3 - Target Schedule - - - October 2014 &os; 10.1 Target Schedule Modified: head/en_US.ISO8859-1/htdocs/security/security.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/security/security.xml Tue Jul 15 16:30:56 2014 (r45301) +++ head/en_US.ISO8859-1/htdocs/security/security.xml Tue Jul 15 16:34:15 2014 (r45302) @@ -108,6 +108,13 @@ September 30, 2014 + releng/9.3 + 9.3-RELEASE + Extended + July 16, 2014 + January 1, 2017 + + stable/10 n/a n/a Modified: head/share/xml/release.ent ============================================================================== --- head/share/xml/release.ent Tue Jul 15 16:30:56 2014 (r45301) +++ head/share/xml/release.ent Tue Jul 15 16:34:15 2014 (r45302) @@ -38,24 +38,24 @@ - - - - + + + + - - + + - + - - + + @@ -72,8 +72,8 @@ - - + + From owner-svn-doc-all@FreeBSD.ORG Tue Jul 15 16:36:50 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0FAC2F17; Tue, 15 Jul 2014 16:36:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F07CF2984; Tue, 15 Jul 2014 16:36:49 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6FGanwH066180; Tue, 15 Jul 2014 16:36:49 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6FGanmF066179; Tue, 15 Jul 2014 16:36:49 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407151636.s6FGanmF066179@svn.freebsd.org> From: Glen Barber Date: Tue, 15 Jul 2014 16:36:49 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45303 - head/en_US.ISO8859-1/htdocs/releases/9.3R X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2014 16:36:50 -0000 Author: gjb Date: Tue Jul 15 16:36:49 2014 New Revision: 45303 URL: http://svnweb.freebsd.org/changeset/doc/45303 Log: Update the 9.3-RELEASE schedule to reflect 9.3-RELEASE is now available. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Modified: head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Tue Jul 15 16:34:15 2014 (r45302) +++ head/en_US.ISO8859-1/htdocs/releases/9.3R/schedule.xml Tue Jul 15 16:36:49 2014 (r45303) @@ -138,7 +138,7 @@ RELEASE announcement 16 July 2014 - - + 16 July 2014 &local.rel;-RELEASE press release. From owner-svn-doc-all@FreeBSD.ORG Tue Jul 15 22:24:41 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0870BA77; Tue, 15 Jul 2014 22:24:41 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E99292C0A; Tue, 15 Jul 2014 22:24:40 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6FMOeIv041585; Tue, 15 Jul 2014 22:24:40 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6FMOetH041584; Tue, 15 Jul 2014 22:24:40 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201407152224.s6FMOetH041584@svn.freebsd.org> From: Warren Block Date: Tue, 15 Jul 2014 22:24:40 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45304 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2014 22:24:41 -0000 Author: wblock Date: Tue Jul 15 22:24:40 2014 New Revision: 45304 URL: http://svnweb.freebsd.org/changeset/doc/45304 Log: Add Chelsio iSCSI offload section from trasz. Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Tue Jul 15 16:36:49 2014 (r45303) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Tue Jul 15 22:24:40 2014 (r45304) @@ -1243,4 +1243,46 @@ information.         + + + Chelsio iSCSI offload support + + + + + Sreenivasa + Honnur + + shonnur@chelsio.com + + + + + + +

    Building on the new in-kernel iSCSI target and initiatior + stack released in FreeBSD 10.0, Chelsio Communications has + begun developing an offload interface to take advantage of the + hardware offload capabilities of Chelsio T4 and T5 10 and 40 + gigabit Ethernet adapters.

    + +

    The code currently implements a working prototype of offload + for the initiator side, and target side offload should begin + shortly. The code will be released under the BSD license and + is expected to be completed later in the year and be committed + to FreeBSD-HEAD, and will likely ship in a FreeBSD release in + early 2015.

    + + + + Complete testing and debugging of the initiator + offload. + + Start development of target offload. + + Create hardware-independent offload APIs, based on + experiences with target and initiator proof-of-concept + implementations. + +     From owner-svn-doc-all@FreeBSD.ORG Tue Jul 15 23:10:36 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 82643781; Tue, 15 Jul 2014 23:10:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6FCBB2F75; Tue, 15 Jul 2014 23:10:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6FNAaKR062156; Tue, 15 Jul 2014 23:10:36 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6FNAaoO062155; Tue, 15 Jul 2014 23:10:36 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201407152310.s6FNAaoO062155@svn.freebsd.org> From: Warren Block Date: Tue, 15 Jul 2014 23:10:36 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45305 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2014 23:10:36 -0000 Author: wblock Date: Tue Jul 15 23:10:35 2014 New Revision: 45305 URL: http://svnweb.freebsd.org/changeset/doc/45305 Log: Correct the number of reports reported, reported by reporting reporter bjk. Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Tue Jul 15 22:24:40 2014 (r45304) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Tue Jul 15 23:10:35 2014 (r45305) @@ -46,7 +46,7 @@ ?>

    Thanks to all the reporters for the excellent work! This - report contains 15 entries and we hope you enjoy reading it.

    + report contains 16 entries and we hope you enjoy reading it.

    The deadline for submissions covering between July and September 2014 is October 7th, 2014.

    From owner-svn-doc-all@FreeBSD.ORG Wed Jul 16 02:47:18 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 77A641D0; Wed, 16 Jul 2014 02:47:18 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6459A2130; Wed, 16 Jul 2014 02:47:18 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6G2lIrB071286; Wed, 16 Jul 2014 02:47:18 GMT (envelope-from bjk@svn.freebsd.org) Received: (from bjk@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6G2lIgo071285; Wed, 16 Jul 2014 02:47:18 GMT (envelope-from bjk@svn.freebsd.org) Message-Id: <201407160247.s6G2lIgo071285@svn.freebsd.org> From: Benjamin Kaduk Date: Wed, 16 Jul 2014 02:47:18 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45306 - head/en_US.ISO8859-1/books/porters-handbook X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2014 02:47:18 -0000 Author: bjk Date: Wed Jul 16 02:47:17 2014 New Revision: 45306 URL: http://svnweb.freebsd.org/changeset/doc/45306 Log: Attempt to dispel rumors that GSSAPI and Kerberos are interchangable. The Generic Security Services Application Programming Interface is an abstract interface for creating security contexts between two peers to allow for secure passing of messages and other operations, which allows for the use of many different underlying security mechanisms. Kerberos 5 is a common such security mechanism, but is far from the only mechanism in use. Many krb5 implementations provide a GSSAPI library that provides the krb5 mechanism(s); in some cases, those libraries can also support user-provided GSSAPI mechanisms as well. The only implementations of the GSSAPI which are currently supported by the USES=gssapi support in the Ports Collection are such libraries provided by krb5 implementations. Approved by: hrs (mentor) Modified: head/en_US.ISO8859-1/books/porters-handbook/uses.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/uses.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/uses.xml Tue Jul 15 23:10:35 2014 (r45305) +++ head/en_US.ISO8859-1/books/porters-handbook/uses.xml Wed Jul 16 02:47:17 2014 (r45306) @@ -275,10 +275,12 @@ flags, bootstrap - Handle dependency on Kerberos - ports. By default, or set to base, - Kerberos from the base system is - used. Set to heimdal to use Handle dependencies needed by consumers of the + GSS-API. Only libraries that provide the + Kerberos mechanism are available. + By default, or set to base, + the GSS-API library from the base system is used. + Can also be set to heimdal to use security/heimdal, or mit to use security/krb5. @@ -287,7 +289,8 @@ installation is not in LOCALBASE, set HEIMDAL_HOME (for heimdal) or KRB5_HOME (for krb5) to - the base Kerberos directory. + the location of the Kerberos + installation. These variables are exported for the ports to use: @@ -301,7 +304,7 @@ GSSAPI_CONFIGURE_ARGS - The flags option can be set with + The flags option can be given alongside base, heimdal, or mit to automatically add GSSAPICPPFLAGS, @@ -312,7 +315,7 @@ base,flags. The bootstrap option is a special prefix - only for use with security/krb5 + only for use by security/krb5 and security/heimdal. For example, use bootstrap,mit. From owner-svn-doc-all@FreeBSD.ORG Wed Jul 16 08:27:33 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1AB2573F; Wed, 16 Jul 2014 08:27:33 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 085532CB2; Wed, 16 Jul 2014 08:27:33 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6G8RWoj040602; Wed, 16 Jul 2014 08:27:32 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6G8RWfd040601; Wed, 16 Jul 2014 08:27:32 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201407160827.s6G8RWfd040601@svn.freebsd.org> From: Ryusuke SUZUKI Date: Wed, 16 Jul 2014 08:27:32 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45307 - head/ja_JP.eucJP/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2014 08:27:33 -0000 Author: ryusuke Date: Wed Jul 16 08:27:32 2014 New Revision: 45307 URL: http://svnweb.freebsd.org/changeset/doc/45307 Log: - Merge the following from the English version: r45241 -> r45301 head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml Modified: head/ja_JP.eucJP/share/xml/news.xml ============================================================================== --- head/ja_JP.eucJP/share/xml/news.xml Wed Jul 16 02:47:17 2014 (r45306) +++ head/ja_JP.eucJP/share/xml/news.xml Wed Jul 16 08:27:32 2014 (r45307) @@ -23,7 +23,7 @@ would like to work on. *** $FreeBSD$ - Original revision: r45241 + Original revision: r45301 --> @@ -37,6 +37,25 @@ 7 + 16 + + + &os; 9.3-RELEASE 公開 + +

    FreeBSD + 9.3-RELEASE が公開されました。 + インストール前に リリースノート + および リリース Errata + を読み、9.3 に関する最新情報や問題点などを確認してください。 + FreeBSD のリリースに関するより詳しい情報については リリース情報 + をご覧ください。

    +     +     + + 9 From owner-svn-doc-all@FreeBSD.ORG Wed Jul 16 08:34:17 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B2584BCB; Wed, 16 Jul 2014 08:34:17 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9FE412D8A; Wed, 16 Jul 2014 08:34:17 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6G8YHNv045013; Wed, 16 Jul 2014 08:34:17 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6G8YHmM045011; Wed, 16 Jul 2014 08:34:17 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201407160834.s6G8YHmM045011@svn.freebsd.org> From: Ryusuke SUZUKI Date: Wed, 16 Jul 2014 08:34:17 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45308 - head/ja_JP.eucJP/htdocs/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2014 08:34:17 -0000 Author: ryusuke Date: Wed Jul 16 08:34:17 2014 New Revision: 45308 URL: http://svnweb.freebsd.org/changeset/doc/45308 Log: - Merge the following from the English version: r44744 -> r45302 head/ja_JP.eucJP/htdocs/security/security.xml Modified: head/ja_JP.eucJP/htdocs/security/security.xml Modified: head/ja_JP.eucJP/htdocs/security/security.xml ============================================================================== --- head/ja_JP.eucJP/htdocs/security/security.xml Wed Jul 16 08:27:32 2014 (r45307) +++ head/ja_JP.eucJP/htdocs/security/security.xml Wed Jul 16 08:34:17 2014 (r45308) @@ -6,7 +6,7 @@ ]> - + @@ -108,6 +108,13 @@ 2014 年 9 月 30 日 + releng/9.3 + 9.3-RELEASE + Extended + 2014 年 7 月 16 日 + 2017 年 1 月 1 日 + + stable/10 なし なし From owner-svn-doc-all@FreeBSD.ORG Wed Jul 16 08:52:54 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2FB2D258; Wed, 16 Jul 2014 08:52:54 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1CE542F31; Wed, 16 Jul 2014 08:52:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6G8qrmv054720; Wed, 16 Jul 2014 08:52:53 GMT (envelope-from ryusuke@svn.freebsd.org) Received: (from ryusuke@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6G8qrqd054718; Wed, 16 Jul 2014 08:52:53 GMT (envelope-from ryusuke@svn.freebsd.org) Message-Id: <201407160852.s6G8qrqd054718@svn.freebsd.org> From: Ryusuke SUZUKI Date: Wed, 16 Jul 2014 08:52:53 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45309 - head/ja_JP.eucJP/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2014 08:52:54 -0000 Author: ryusuke Date: Wed Jul 16 08:52:53 2014 New Revision: 45309 URL: http://svnweb.freebsd.org/changeset/doc/45309 Log: - Merge the following from the English version: r42678 -> r45260 head/ja_JP.eucJP/share/xml/release.l10n.ent - Update &rel2.current.date and &u.rel2.announce entities. head/ja_JP.eucJP/share/xml/l10n.ent Modified: head/ja_JP.eucJP/share/xml/l10n.ent head/ja_JP.eucJP/share/xml/release.l10n.ent Modified: head/ja_JP.eucJP/share/xml/l10n.ent ============================================================================== --- head/ja_JP.eucJP/share/xml/l10n.ent Wed Jul 16 08:34:17 2014 (r45308) +++ head/ja_JP.eucJP/share/xml/l10n.ent Wed Jul 16 08:52:53 2014 (r45309) @@ -21,7 +21,7 @@ - + @@ -39,7 +39,7 @@ - + Modified: head/ja_JP.eucJP/share/xml/release.l10n.ent ============================================================================== --- head/ja_JP.eucJP/share/xml/release.l10n.ent Wed Jul 16 08:34:17 2014 (r45308) +++ head/ja_JP.eucJP/share/xml/release.l10n.ent Wed Jul 16 08:52:53 2014 (r45309) @@ -2,7 +2,7 @@ - -

    次回の FreeBSD リリースを手伝う

    - -

    私たちの開発者とリリースエンジニア達は、 - FreeBSD の次のリリースに向けて作業を行っています。 - テストに興味があるのなら、最新のビルドをダウンロードしてください。 - 当然のことですが、これらのイメージはテスト目的であり、 - 業務環境では使用すべきではないと言うことに注意してください。

    + &beta.helptest; @@ -148,3 +141,41 @@ ]]> + + + +

    次回の FreeBSD リリースを手伝う

    + +

    私たちの開発者とリリースエンジニア達は、 + FreeBSD の次のリリースに向けて作業を行っています。 + テストに興味があるのなら、最新のビルドをダウンロードしてください。 + 当然のことですが、これらのイメージはテスト目的であり、 + 業務環境では使用すべきではないと言うことに注意してください。

    + +'> + + + &beta.helptest; +

    利用可能なインストールイメージの一覧は、ダウンロードページ + にあります。

    + +'> +]]> + + + &beta.helptest; +

    利用可能なインストールイメージの一覧は、ダウンロードページ + にあります。

    + +'> +]]> + + + From owner-svn-doc-all@FreeBSD.ORG Wed Jul 16 12:35:58 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3D759A30; Wed, 16 Jul 2014 12:35:58 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2A02D22E4; Wed, 16 Jul 2014 12:35:58 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6GCZw2A060082; Wed, 16 Jul 2014 12:35:58 GMT (envelope-from des@svn.freebsd.org) Received: (from des@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6GCZwh3060081; Wed, 16 Jul 2014 12:35:58 GMT (envelope-from des@svn.freebsd.org) Message-Id: <201407161235.s6GCZwh3060081@svn.freebsd.org> From: Dag-Erling Sm淡rgrav Date: Wed, 16 Jul 2014 12:35:58 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45310 - head/en_US.ISO8859-1/htdocs/security X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2014 12:35:58 -0000 Author: des Date: Wed Jul 16 12:35:57 2014 New Revision: 45310 URL: http://svnweb.freebsd.org/changeset/doc/45310 Log: Push back the EoL for 9.2. Correct the EoL for 9.3. Modified: head/en_US.ISO8859-1/htdocs/security/security.xml Modified: head/en_US.ISO8859-1/htdocs/security/security.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/security/security.xml Wed Jul 16 08:52:53 2014 (r45309) +++ head/en_US.ISO8859-1/htdocs/security/security.xml Wed Jul 16 12:35:57 2014 (r45310) @@ -105,14 +105,14 @@ - + - + From owner-svn-doc-all@FreeBSD.ORG Wed Jul 16 13:45:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2FB31E97; Wed, 16 Jul 2014 13:45:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1C88F2A3D; Wed, 16 Jul 2014 13:45:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6GDjfS0094062; Wed, 16 Jul 2014 13:45:41 GMT (envelope-from des@svn.freebsd.org) Received: (from des@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6GDjfYm094061; Wed, 16 Jul 2014 13:45:41 GMT (envelope-from des@svn.freebsd.org) Message-Id: <201407161345.s6GDjfYm094061@svn.freebsd.org> From: Dag-Erling Sm淡rgrav Date: Wed, 16 Jul 2014 13:45:41 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45311 - head/share/xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2014 13:45:42 -0000 Author: des Date: Wed Jul 16 13:45:41 2014 New Revision: 45311 URL: http://svnweb.freebsd.org/changeset/doc/45311 Log: Note that the EoL date for 9.2 has been pushed back. Modified: head/share/xml/news.xml Modified: head/share/xml/news.xml ============================================================================== --- head/share/xml/news.xml Wed Jul 16 12:35:57 2014 (r45310) +++ head/share/xml/news.xml Wed Jul 16 13:45:41 2014 (r45311) @@ -38,6 +38,14 @@ 16 + FreeBSD 9.2 EoL pushed back + +

    To facilitate the upgrade process from &os; 9.1 and 9.2 + to &os; 9.3, the EoL date for &os; 9.2 has been pushed + back to December 31, 2014.

    +     + + &os; 9.3-RELEASE Available

    FreeBSD From owner-svn-doc-all@FreeBSD.ORG Wed Jul 16 17:42:42 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id ACA196D4; Wed, 16 Jul 2014 17:42:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9A3BB2088; Wed, 16 Jul 2014 17:42:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6GHggfq010524; Wed, 16 Jul 2014 17:42:42 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6GHggNV010523; Wed, 16 Jul 2014 17:42:42 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407161742.s6GHggNV010523@svn.freebsd.org> From: Glen Barber Date: Wed, 16 Jul 2014 17:42:42 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45312 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2014 17:42:42 -0000 Author: gjb Date: Wed Jul 16 17:42:42 2014 New Revision: 45312 URL: http://svnweb.freebsd.org/changeset/doc/45312 Log: Add tmpfs status report. Submitted by: kib, pho Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Wed Jul 16 13:45:41 2014 (r45311) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Wed Jul 16 17:42:42 2014 (r45312) @@ -46,7 +46,7 @@ ?>

    Thanks to all the reporters for the excellent work! This - report contains 16 entries and we hope you enjoy reading it.

    + report contains 17 entries and we hope you enjoy reading it.

    The deadline for submissions covering between July and September 2014 is October 7th, 2014.

    @@ -1285,4 +1285,38 @@ implementations. + + + TMPFS Stability + + + + + Konstantin + Belousov + + kib@FreeBSD.org + + + + Peter + Holm + + pho@FreeBSD.org + + + + +

    Extensive testing of tmpfs(5) using the stress2 kernel test + suite was done. The issues found were debugged and fixed.

    + +

    Most of the problems are related to the bugs in the + interaction of vnode and node lifetime, culminating in e.g. + unmount races and dotdot lookup bugs.

    + +

    This project is sponsored by the FreeBSD Foundation.

    + + + The &os; Foundation +     From owner-svn-doc-all@FreeBSD.ORG Wed Jul 16 17:46:44 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3816E792; Wed, 16 Jul 2014 17:46:44 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0A8BC20BF; Wed, 16 Jul 2014 17:46:44 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6GHkh4h011229; Wed, 16 Jul 2014 17:46:43 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6GHkhfC011228; Wed, 16 Jul 2014 17:46:43 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407161746.s6GHkhfC011228@svn.freebsd.org> From: Glen Barber Date: Wed, 16 Jul 2014 17:46:43 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45313 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2014 17:46:44 -0000 Author: gjb Date: Wed Jul 16 17:46:43 2014 New Revision: 45313 URL: http://svnweb.freebsd.org/changeset/doc/45313 Log: Add the pgsql performance status report. Submitted by: kib Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Wed Jul 16 17:42:42 2014 (r45312) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Wed Jul 16 17:46:43 2014 (r45313) @@ -46,7 +46,7 @@ ?>

    Thanks to all the reporters for the excellent work! This - report contains 17 entries and we hope you enjoy reading it.

    + report contains 18 entries and we hope you enjoy reading it.

    The deadline for submissions covering between July and September 2014 is October 7th, 2014.

    @@ -1319,4 +1319,36 @@ The &os; Foundation + + + PostgreSQL performance improvements + + + + + Konstantin + Belousov + + kib@FreeBSD.org + + + + + + + + +

    The analysis of the performance of the latest 9.3 version of + the PostgreSQL on &os;-CURRENT was performed. The issues + which prevented the good scalability on a 40-core machine were + determined, and changes prototyped which solve the + bootlenecks.

    + +

    The URL above provides a paper which contains a detailed + explanation of the issues and solutions, together with the + graph demonstrating the effects on scalability.

    + + + The &os; Foundation +     From owner-svn-doc-all@FreeBSD.ORG Wed Jul 16 18:44:07 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BED368AC; Wed, 16 Jul 2014 18:44:07 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9FB7C262B; Wed, 16 Jul 2014 18:44:07 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6GIi7UJ039447; Wed, 16 Jul 2014 18:44:07 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6GIi6jf039441; Wed, 16 Jul 2014 18:44:06 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201407161844.s6GIi6jf039441@svn.freebsd.org> From: Warren Block Date: Wed, 16 Jul 2014 18:44:06 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45314 - in head/en_US.ISO8859-1/books/porters-handbook: . makefiles uses versions X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2014 18:44:07 -0000 Author: wblock Date: Wed Jul 16 18:44:06 2014 New Revision: 45314 URL: http://svnweb.freebsd.org/changeset/doc/45314 Log: Move Uses and Versions files into self-contained chapters. Fix some IDs in the makefiles chapter to avoid overlap. Note to translators: the content of the two tables has not changed, this just reorganizes the files. Added: head/en_US.ISO8859-1/books/porters-handbook/uses/ head/en_US.ISO8859-1/books/porters-handbook/uses/chapter.xml - copied, changed from r45312, head/en_US.ISO8859-1/books/porters-handbook/uses.xml head/en_US.ISO8859-1/books/porters-handbook/versions/ head/en_US.ISO8859-1/books/porters-handbook/versions/chapter.xml - copied, changed from r45312, head/en_US.ISO8859-1/books/porters-handbook/versions.xml Deleted: head/en_US.ISO8859-1/books/porters-handbook/uses.xml head/en_US.ISO8859-1/books/porters-handbook/versions.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/Makefile head/en_US.ISO8859-1/books/porters-handbook/book.xml head/en_US.ISO8859-1/books/porters-handbook/chapters.ent head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/Makefile ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/Makefile Wed Jul 16 17:46:43 2014 (r45313) +++ head/en_US.ISO8859-1/books/porters-handbook/Makefile Wed Jul 16 18:44:06 2014 (r45314) @@ -34,9 +34,8 @@ SRCS+= security/chapter.xml SRCS+= porting-dads/chapter.xml SRCS+= porting-samplem/chapter.xml SRCS+= keeping-up/chapter.xml -SRCS+= appendices/chapter.xml -SRCS+= uses.xml -SRCS+= versions.xml +SRCS+= uses/chapter.xml +SRCS+= versions/chapter.xml # Images from the cross-document image library IMAGES_LIB+= callouts/1.png Modified: head/en_US.ISO8859-1/books/porters-handbook/book.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/book.xml Wed Jul 16 17:46:43 2014 (r45313) +++ head/en_US.ISO8859-1/books/porters-handbook/book.xml Wed Jul 16 18:44:06 2014 (r45314) @@ -74,5 +74,6 @@ &chap.porting-dads; &chap.porting-samplem; &chap.keeping-up; - &chap.appendices; + &chap.uses; + &chap.versions; Modified: head/en_US.ISO8859-1/books/porters-handbook/chapters.ent ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/chapters.ent Wed Jul 16 17:46:43 2014 (r45313) +++ head/en_US.ISO8859-1/books/porters-handbook/chapters.ent Wed Jul 16 18:44:06 2014 (r45314) @@ -24,4 +24,5 @@ - + + Modified: head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Wed Jul 16 17:46:43 2014 (r45313) +++ head/en_US.ISO8859-1/books/porters-handbook/makefiles/chapter.xml Wed Jul 16 18:44:06 2014 (r45314) @@ -3118,7 +3118,7 @@ ALWAYS_KEEP_DISTFILES= yes is the same as DEPENDS_TARGET. - + <varname>USES</varname> Parameters can be added to define different features and @@ -3136,7 +3136,7 @@ ALWAYS_KEEP_DISTFILES= yes - + <varname>USE_<replaceable>*</replaceable></varname> Several variables exist to define common dependencies @@ -3163,7 +3163,7 @@ ALWAYS_KEEP_DISTFILES= yes lang/gccXY itself! -
    9.2-RELEASE Normal September 30, 2013September 30, 2014December 31, 2014
    releng/9.3 9.3-RELEASE Extended July 16, 2014January 1, 2017December 31, 2016
    stable/10
    +
    The <varname>USE_<replaceable>*</replaceable></varname> Variables Copied and modified: head/en_US.ISO8859-1/books/porters-handbook/uses/chapter.xml (from r45312, head/en_US.ISO8859-1/books/porters-handbook/uses.xml) ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/uses.xml Wed Jul 16 17:42:42 2014 (r45312, copy source) +++ head/en_US.ISO8859-1/books/porters-handbook/uses/chapter.xml Wed Jul 16 18:44:06 2014 (r45314) @@ -1,8 +1,12 @@ + + + + + + Values of <varname>USES</varname> + +
    + Values of <varname>USES</varname> + + + + + Feature + Arguments + Description + + + + ada @@ -945,3 +967,8 @@ GSSAPI_NONE_CONFIGURE_ON= --without-gssa that a specific version of zope shall be used. + + + +
    + Copied and modified: head/en_US.ISO8859-1/books/porters-handbook/versions/chapter.xml (from r45312, head/en_US.ISO8859-1/books/porters-handbook/versions.xml) ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/versions.xml Wed Jul 16 17:42:42 2014 (r45312, copy source) +++ head/en_US.ISO8859-1/books/porters-handbook/versions/chapter.xml Wed Jul 16 18:44:06 2014 (r45314) @@ -1,5 +1,14 @@ + + + + + + + <literal>__FreeBSD_version</literal> Values + + Here is a convenient list of + __FreeBSD_version values as defined in + sys/param.h: + + + <literal>__FreeBSD_version</literal> Values + + + + + Value + Date + Release + + + + 119411 @@ -5242,3 +5271,20 @@ it was never committed: 11.0-CURRENT after FreeBSD-SA-14:17.kmem (rev 268431). + + +
    + + + Note that 2.2-STABLE sometimes identifies itself as + 2.2.5-STABLE after the 2.2.5-RELEASE. The + pattern used to be year followed by the month, but we decided + to change it to a more straightforward major/minor system + starting from 2.2. This is because the parallel development + on several branches made it infeasible to classify the + releases simply by their real release dates. If you are + making a port now, you do not have to worry about old + -CURRENTs; they are listed here just for your + reference. + +     From owner-svn-doc-all@FreeBSD.ORG Wed Jul 16 19:37:21 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id ADEE8F00; Wed, 16 Jul 2014 19:37:21 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9AFF32AFD; Wed, 16 Jul 2014 19:37:21 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6GJbLg5064485; Wed, 16 Jul 2014 19:37:21 GMT (envelope-from pluknet@svn.freebsd.org) Received: (from pluknet@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6GJbLZl064484; Wed, 16 Jul 2014 19:37:21 GMT (envelope-from pluknet@svn.freebsd.org) Message-Id: <201407161937.s6GJbLZl064484@svn.freebsd.org> From: Sergey Kandaurov Date: Wed, 16 Jul 2014 19:37:21 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45315 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2014 19:37:21 -0000 Author: pluknet Date: Wed Jul 16 19:37:21 2014 New Revision: 45315 URL: http://svnweb.freebsd.org/changeset/doc/45315 Log: A typo fixed. Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Wed Jul 16 18:44:06 2014 (r45314) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Wed Jul 16 19:37:21 2014 (r45315) @@ -1342,7 +1342,7 @@ the PostgreSQL on &os;-CURRENT was performed. The issues which prevented the good scalability on a 40-core machine were determined, and changes prototyped which solve the - bootlenecks.

    + bottlenecks.

    The URL above provides a paper which contains a detailed explanation of the issues and solutions, together with the From owner-svn-doc-all@FreeBSD.ORG Wed Jul 16 20:02:07 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8FAFB736; Wed, 16 Jul 2014 20:02:07 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7C7FB2D75; Wed, 16 Jul 2014 20:02:07 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6GK27TY077819; Wed, 16 Jul 2014 20:02:07 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6GK27mb077818; Wed, 16 Jul 2014 20:02:07 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407162002.s6GK27mb077818@svn.freebsd.org> From: Glen Barber Date: Wed, 16 Jul 2014 20:02:07 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45316 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2014 20:02:07 -0000 Author: gjb Date: Wed Jul 16 20:02:06 2014 New Revision: 45316 URL: http://svnweb.freebsd.org/changeset/doc/45316 Log: Add ZFSguru status report. Submitted by: Jason Edwards Sponsored by: The FreeBSD Foundation Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Wed Jul 16 19:37:21 2014 (r45315) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2014-04-2014-06.xml Wed Jul 16 20:02:06 2014 (r45316) @@ -46,7 +46,7 @@ ?>

    Thanks to all the reporters for the excellent work! This - report contains 18 entries and we hope you enjoy reading it.

    + report contains 19 entries and we hope you enjoy reading it.

    The deadline for submissions covering between July and September 2014 is October 7th, 2014.

    @@ -1351,4 +1351,83 @@ The &os; Foundation + + + ZFSguru + + + + + Jason + Edwards + + sub.mesa@gmail.com + + + + + + + + +

    ZFSguru is a multifunctional server appliance with a strong + emphasis on storage. ZFSguru began as simple web-interface + frontend to ZFS, but has since grown into a &os; derivative + with its own infrastructure. The scope of the project has + also grown with the inclusion of add-on packages that add + functionality beyond the traditional NAS functionality found + in similar product like FreeNAS and NAS4Free. ZFSguru aims to + be a true multifunctional server appliance that is extremely + easy to setup and can unite both novice and more experienced + users in a single user interface. The modular nature of the + project combats the danger of bloat, whilst still allowing + extended functionality to be easily deployed.

    + +

    Where development in the first quarter of this year brought + drag-and-drop permissions for Samba and NFS, development in + the second quarter focused on strengthening the infrastructure + of the project. A new library and toolkit solution dubbed + 'Mesa' is in the works, providing a cleaner foundation to the + project. A new master server providing secure remote services + is being setup, to be located in a high-speed datacenter. But + most importantly, a new system build infrastructure has shown + great progress and will soon be able to provide automated + system builds to our users. This not only improves the + frequency of system releases but also frees much developer + time to be spent on different areas of the project.

    + +

    Furthermore, a new website and forum is being worked at, + replacing the old-fashioned website that offers only limited + functionality. The new website will be linked to the server + database, providing real-time updates about the project.

    + +

    In addition, a new platform for collaborated development is + in the works. A service addon has been created for the GitLab + project, which is a drop-in replacement of the popular GitHub + website. The choice was made to host our own solution and not + rely on GitHub itself. In retrospect this appears to be a good + decision. The recent development where GitHub removed projects + after DCMA-takedowns being sent is incompatible with the + philosophy of free-flow-of-information, which the ZFSguru + project is a strong proponent of. By hosting our own solution, + we have avoided any dependency on third party projects.

    + +

    It is expected that after the infrastructure of the project + has been revamped, work on the web-interface itself can + continue. New functionality such as GuruDB and Service + Bulletins provide a tighter connection between the server + infrastructure and the web-interface. The Migration Manager + is one of the last remaining features still missing in the + web-interface. This functionality provides an easy way to + upgrade the current system by performing a new clean + installation, but migrate all relevant configuration to the + new installation. It also allows to 'backup' all system + configuration in a single file to be stored on a different + machine should things go awry.

    + +

    A longer version of this status report giving a wider + perspective on the project, can be found here.

    + +     From owner-svn-doc-all@FreeBSD.ORG Wed Jul 16 20:07:58 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F1513865; Wed, 16 Jul 2014 20:07:57 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DCE3A2DC0; Wed, 16 Jul 2014 20:07:57 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6GK7vrv078926; Wed, 16 Jul 2014 20:07:57 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6GK7vSf078924; Wed, 16 Jul 2014 20:07:57 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201407162007.s6GK7vSf078924@svn.freebsd.org> From: Warren Block Date: Wed, 16 Jul 2014 20:07:57 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45317 - in head/en_US.ISO8859-1/books/porters-handbook: uses versions X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2014 20:07:58 -0000 Author: wblock Date: Wed Jul 16 20:07:57 2014 New Revision: 45317 URL: http://svnweb.freebsd.org/changeset/doc/45317 Log: Whitespace-only fixes, indentation and wrapping long lines. Translators, please ignore. Modified: head/en_US.ISO8859-1/books/porters-handbook/uses/chapter.xml head/en_US.ISO8859-1/books/porters-handbook/versions/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/uses/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/uses/chapter.xml Wed Jul 16 20:02:06 2014 (r45316) +++ head/en_US.ISO8859-1/books/porters-handbook/uses/chapter.xml Wed Jul 16 20:07:57 2014 (r45317) @@ -14,7 +14,9 @@ FEATURE + ARGUMENTS + DESCRIPTION @@ -22,329 +24,369 @@ - Values of <varname>USES</varname> - - - Values of <varname>USES</varname> - - - - - Feature - Arguments - Description - - - - - - - ada - - (none) - - Depends on an Ada-capable - compiler, and sets CC accordingly. - - - - bison - - (none), build, run, - both - - Uses devel/bison - By default, with no arguments or with the - build argument, it implies - bison is a build-time dependency, - run implies a run-time dependency, and - both implies both run-time and build-time - dependencies. - - - - charsetfix - - (none) - - Prevents the port from installing - charset.alias. This should be installed only - by converters/libiconv. - CHARSETFIX_MAKEFILEIN can be set to a path - relative to WRKSRC if - charset.alias is not installed by - WRKSRC/Makefile.in. - - - - cmake - - (none), outsource, - run - - Uses CMake for configuring and - building. With the outsource argument, an - out-of-source build will be performed. With the - run argument, a run-time dependency is - registered. For more information see - . - - - - compiler - - (none), c++0x, - c++11-lang, c++11-lib, - c11, openmp, - nestedfct, features - - Determines which compiler to use based on any given wishes. - Use c++11-lang if the port needs a - C++11-capable compiler, and c++11-lib if the - port also needs a C++11-ready standard library. If the port needs - a compiler understanding C++0X, C11, OpenMP, or nested functions, - the corresponding parameters can be used. Use - features to request a list of features - supported by the default compiler. After including - bsd.port.pre.mk the port can inspect the - results using these variables: - - - - COMPILER_TYPE: the default compiler - on the system, either gcc or clang - - - - ALT_COMPILER_TYPE: the alternative - compiler on the system, either gcc or clang. Only set if - two compilers are present in the base - system. - - - - COMPILER_VERSION: the first two - digits of the version of the default compiler. - - - - ALT_COMPILER_VERSION: the first two - digits of the version of the alternative compiler, if - present. - - - - CHOSEN_COMPILER_TYPE: the chosen - compiler, either gcc or clang - - - - COMPILER_FEATURES: the features - supported by the default compiler. It currently lists the - C++ library. - - - - - - cran + Values of + <varname>USES</varname> - (none), auto-plist +
    + Values of <varname>USES</varname> - Uses the Comprehensive R Archive Network. Specify - auto-plist to automatically generate - pkg-plist. - - - - desktop-file-utils - - (none) - - Uses update-desktop-database from - devel/desktop-file-utils. An extra - post-install step will be run without interfering with any - post-install steps already in the port - Makefile. Lines will be inserted into the - plist to run update-desktop-database on - package install or removal. - - - - desthack - - (none) - - Changes the behavior of GNU configure to properly support - DESTDIR in case the original software does - not. - - - - display - - (none), ARGS - - Set up a virtual display environment. If the environment - variable DISPLAY is not set, then - Xvfb is added as a build dependency, - and CONFIGURE_ENV is extended with the port - number of the currently running instance of - Xvfb. The ARGS - parameter defaults to install and controls the - phase around which to start and stop the virtual display. - - - - dos2unix - - (none) - - The port has files with line endings in - DOS format which need to be converted. Three - variables can be set to control which files will be converted. - The default is to convert all files, - including binaries. See for examples. - - - - DOS2UNIX_REGEX: match file names - based on a regular expression. - - - - DOS2UNIX_FILES: match literal file - names. - - - - DOS2UNIX_GLOB: match file names based - on a glob pattern. - - - - - - fam - - (none), fam, gamin - - Uses a File Alteration Monitor as a library dependency, - either devel/fam or - devel/gamin. End users can set - WITH_FAM_SYSTEM to specify their preference. - - - - fmake - - (none) - - Uses devel/fmake as a - build-time dependency. - + + + + Feature + + Arguments + + Description + + + + + + ada + + (none) + + Depends on an Ada-capable + compiler, and sets CC + accordingly. + + + + bison + + (none), build, + run, both + + Uses devel/bison + By default, with no arguments or with the + build argument, it implies + bison is a build-time dependency, + run implies a run-time dependency, and + both implies both run-time and + build-time dependencies. + + + + charsetfix + + (none) + + Prevents the port from installing + charset.alias. This should be + installed only by + converters/libiconv. + CHARSETFIX_MAKEFILEIN can be set to a + path relative to WRKSRC if + charset.alias is not installed by + WRKSRC/Makefile.in. + + + + cmake + + (none), outsource, + run + + Uses CMake for configuring + and building. With the outsource + argument, an out-of-source build will be performed. With + the run argument, a run-time dependency + is registered. For more information see + . + + + + compiler + + (none), c++0x, + c++11-lang, + c++11-lib, c11, + openmp, nestedfct, + features + + Determines which compiler to use based on any given + wishes. Use c++11-lang if the port + needs a C++11-capable compiler, and + c++11-lib if the port also needs a + C++11-ready standard library. If the port needs a + compiler understanding C++0X, C11, OpenMP, or nested + functions, the corresponding parameters can be used. Use + features to request a list of features + supported by the default compiler. After including + bsd.port.pre.mk the port can inspect + the results using these variables: + + + + COMPILER_TYPE: the default + compiler on the system, either gcc or clang + + + + ALT_COMPILER_TYPE: the + alternative compiler on the system, either gcc or + clang. Only set if two compilers are present in the + base system. + + + + COMPILER_VERSION: the first + two digits of the version of the default + compiler. + + + + + ALT_COMPILER_VERSION: the + first two digits of the version of the alternative + compiler, if present. + + + + CHOSEN_COMPILER_TYPE: the + chosen compiler, either gcc or clang + + + + COMPILER_FEATURES: the + features supported by the default compiler. It + currently lists the C++ library. + + + + + + cran + + (none), auto-plist + + Uses the Comprehensive R Archive Network. Specify + auto-plist to automatically generate + pkg-plist. + + + + desktop-file-utils + + (none) + + Uses + update-desktop-database from + devel/desktop-file-utils. + An extra post-install step will be run without interfering + with any post-install steps already in the port + Makefile. Lines will be inserted + into the plist to run + update-desktop-database on + package install or removal. + + + + desthack + + (none) + + Changes the behavior of GNU configure to properly + support DESTDIR in case the original + software does not. + + + + display + + (none), ARGS + + Set up a virtual display environment. If the + environment variable DISPLAY is not + set, then Xvfb is added as a + build dependency, and CONFIGURE_ENV is + extended with the port number of the currently running + instance of Xvfb. The + ARGS parameter defaults to + install and controls the phase around + which to start and stop the virtual display. + + + + dos2unix + + (none) + + The port has files with line endings in + DOS format which need to be converted. + Three variables can be set to control which files will be + converted. The default is to convert + all files, including binaries. See + for + examples. + + + + DOS2UNIX_REGEX: match file + names based on a regular expression. + + + + DOS2UNIX_FILES: match literal + file names. + + + + DOS2UNIX_GLOB: match file + names based on a glob pattern. + + + + + + fam + + (none), fam, gamin + + Uses a File Alteration Monitor as a library + dependency, either + devel/fam or + devel/gamin. End users can + set WITH_FAM_SYSTEM to specify their preference. + + + + fmake + + (none) + + Uses devel/fmake as a + build-time dependency. + + + + fortran + + gcc (default), + ifort + + Uses the Fortran compiler from either GNU or + Intel. + + + + fuse + + (none) + + The port will depend on the FUSE library and handle + the dependency on the kernel module depending on the + version of &os;. + + + + gettext + + (none), lib (default), + build, run + + Uses devel/gettext. + By default, with no arguments or with the + lib argument, implies a library + dependency on libintl.so. + build and run + implies, respectively a build-time and a run-time + dependency on xgettext. + + + + gmake + + (none) + + Uses devel/gmake as a + build-time dependency and sets up the environment to use + gmake as the default + make for the build. + + + + gssapi + + (none), base (default), + heimdal, mit, + flags, + bootstrap + + + Handle dependencies needed by consumers of the + GSS-API. Only libraries that provide + the Kerberos mechanism are + available. By default, or set to + base, the GSS-API + library from the base system is used. Can also be set + to heimdal to use + security/heimdal, or + mit to use + security/krb5. + + When the local Kerberos + installation is not in LOCALBASE, set + HEIMDAL_HOME (for + heimdal) or + KRB5_HOME (for + krb5) to the location of the + Kerberos installation. + + These variables are exported for the ports to + use: + + + + GSSAPIBASEDIR + + + + GSSAPICPPFLAGS + + + + GSSAPIINCDIR + + + + GSSAPILDFLAGS + + + + GSSAPILIBDIR + + + + GSSAPILIBS + + + + GSSAPI_CONFIGURE_ARGS + + + + The flags option can be given + alongside base, + heimdal, or mit to + automatically add GSSAPICPPFLAGS, + GSSAPILDFLAGS, and + GSSAPILIBS to + CFLAGS, LDFLAGS, + and LDADD, respectively. For + example, use base,flags. + + The bootstrap option is a special + prefix only for use by + security/krb5 and + security/heimdal. For + example, use bootstrap,mit. - - fortran + + Typical Use - gcc (default), - ifort - - Uses the Fortran compiler from either GNU or Intel. - - - - fuse - - (none) - - The port will depend on the FUSE library and handle the - dependency on the kernel module depending on the version of - &os;. - - - - gettext - - (none), lib (default), - build, run - - Uses devel/gettext. By - default, with no arguments or with the lib - argument, implies a library dependency on - libintl.so. build and - run implies, respectively a build-time and a - run-time dependency on xgettext. - - - - gmake - - (none) - - Uses devel/gmake as a - build-time dependency and sets up the environment to use - gmake as the default make - for the build. - - - - gssapi - - (none), base (default), - heimdal, mit, - flags, bootstrap - - - Handle dependencies needed by consumers of the - GSS-API. Only libraries that provide the - Kerberos mechanism are available. - By default, or set to base, - the GSS-API library from the base system is used. - Can also be set to heimdal to use security/heimdal, or - mit to use security/krb5. - - When the local Kerberos - installation is not in LOCALBASE, set - HEIMDAL_HOME (for heimdal) - or KRB5_HOME (for krb5) to - the location of the Kerberos - installation. - - These variables are exported for the ports to use: - - - GSSAPIBASEDIR - GSSAPICPPFLAGS - GSSAPIINCDIR - GSSAPILDFLAGS - GSSAPILIBDIR - GSSAPILIBS - GSSAPI_CONFIGURE_ARGS - - - The flags option can be given alongside - base, heimdal, or - mit to automatically add - GSSAPICPPFLAGS, - GSSAPILDFLAGS, and - GSSAPILIBS to CFLAGS, - LDFLAGS, and LDADD, - respectively. For example, use - base,flags. - - The bootstrap option is a special prefix - only for use by security/krb5 - and security/heimdal. For - example, use bootstrap,mit. - - - Typical Use - - OPTIONS_SINGLE= GSSAPI + OPTIONS_SINGLE= GSSAPI OPTIONS_SINGLE_GSSAPI= GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT GSSAPI_NONE GSSAPI_BASE_USES= gssapi @@ -354,621 +396,668 @@ GSSAPI_HEIMDAL_CONFIGURE_ON= --with-gssa GSSAPI_MIT_USES= gssapi:mit GSSAPI_MIT_CONFIGURE_ON= --with-gssapi=${GSSAPIBASEDIR} ${GSSAPI_CONFIGURE_ARGS} GSSAPI_NONE_CONFIGURE_ON= --without-gssapi - - - - - iconv - - (none), lib, build, - patch - - Uses iconv functions, either from the port - converters/libiconv as a build-time - and run-time dependency, or from the base system on 10-CURRENT - after a native iconv was committed in - 254273. By default, with no arguments or - with the lib argument, implies - iconv with build-time and run-time - dependencies. build implies a build-time - dependency, and patch implies a patch-time - dependency. For more information see - . - - - - imake - - (none), env, - notall - - Uses devel/imake as - build-time dependency. If the env argument is - given, only setup the environment and do not define any target. - If the notall argument is given does not pass - -a to xmkmf. - - - - kmod - - (none) - - Fills in the boilerplate for kernel module ports, currently: - - - - Add kld to - CATEGORIES. - - - - Set SSP_UNSAFE. - - - - Set IGNORE if the kernel sources are - not found in SRC_BASE. - - - - Define KMODDIR to - /boot/modules by - default, add it to PLIST_SUB and - MAKE_ENV, and create it upon - installation. If KMODDIR is set to - /boot/kernel, it will - be rewritten to - /boot/modules. This - prevents breaking packages when upgrading the kernel due to - /boot/kernel being - renamed to - /boot/kernel.old in - the process. - - - - Handle cross-referencing kernel modules upon - installation and deinstallation. - - - - - - lha - (none) - Set EXTRACT_SUFX to - .lzh - - - - libtool - - (none) - - Patches libtool scripts. This should be - added to all ports that use libtool. - - - - lua - - (none), XY+, XY, - build, run - - Adds a dependency on Lua. By - default this is a library undependency, unless overridden by the - build or run option. The - default version is 5.2, unless set by the XY - parameter (e.g., 51 or - 52+). - - - - makeself - - (none) - - Indicates that the distribution files are makeself - archives and sets the appropriate dependencies. - - - - mono - - (none) - - Adds a dependency on the Mono - (currently only C#) framework by setting the appropriate - dependencies. - - - - motif - - (none) - - Uses x11-toolkits/open-motif - as a library dependency. End users can set - WANT_LESSTIF for the dependency to be on - x11-toolkits/lesstif instead of - x11-toolkits/open-motif. - - - - ncurses - - (none), base, - port - - Uses ncurses, and causes some - useful variables to be set. - - - - ninja - - (none) - - Uses ninja to build the port. End - users can set NINJA_VERBOSE for verbose - output. - - - - openal - - al, soft (default), - si, alut - - Uses OpenAL. The backend can be - specified, with the software implementation as the default. The - user can specify a preferred backend with the - WANT_OPENAL knob. Valid values for this knob - are soft (default) and - si. - - - - pathfix - - (none) - - Look for the Makefile.in and - configure files in the port's associated - sources and fix common paths to make sure they respect the &os; - hierarchy. - - - - perl5 - - (none) - - Depends on Perl. These variables - can be set: - - - - PERL_VERSION: Full version of - Perl to use, or the default if - not set - - - - PERL_ARCH: Directory name of - architecture dependent libraries, defaults to - mach - - - - PERL_PORT: Name of the - Perl port to be installed, the - default is derived from - PERL_VERSION - - - - SITE_PERL: Directory name for - site specific Perl - packages - - - - USE_PERL5: Phases in which to - use Perl, can be - extract, patch, - build, install, or - run. It can also be - configure, modbuild, - or modbuildtiny when - Makefile.PL, - Build.PL, or the Module::Build::Tiny - flavor of Build.PL is required. If - there is a .packlist referencing - ${STAGEDIR}, then - fixpacklist should be used to patch it. - It defaults to build run. - - - - - - pgsql - - (none), X.Y, X.Y+, - X.Y- - - - Provide support for PostgreSQL. Maintainer can set version - required. Minimum and maximum versions can be specified; e.g., - 9.0-, 8.4+. - - Add PostgreSQL component dependency, using - WANT_PGSQL=component[:target]. e.g., - WANT_PGSQL=server:configure pltcl plperl For - the full list use - make -V _USE_PGSQL_DEP. - - - - pkgconfig - - (none), build (default), - run, both - - Uses devel/pkgconf. With no - arguments or with the build argument, it - implies pkg-config as a build-time dependency. - run implies a run-time dependency and - both implies both run-time and build-time - dependencies. - - - - pure - - (none), ffi - - Uses lang/pure. Largely used - for building related pure ports. With - the ffi argument, it implies - devel/pure-ffi as a run-time - dependency. - - - - qmail - - (none), build, run, - both, vars - - Uses mail/qmail. With the - build argument, it implies - qmail as a build-time dependency. - run implies a run-time dependency. Using no - argument or the both argument implies both - run-time and build-time dependencies. vars *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-doc-all@FreeBSD.ORG Wed Jul 16 20:12:00 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1F41B9A5; Wed, 16 Jul 2014 20:12:00 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0C3F92E5D; Wed, 16 Jul 2014 20:12:00 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6GKBxqh082881; Wed, 16 Jul 2014 20:11:59 GMT (envelope-from wblock@svn.freebsd.org) Received: (from wblock@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6GKBxrt082880; Wed, 16 Jul 2014 20:11:59 GMT (envelope-from wblock@svn.freebsd.org) Message-Id: <201407162011.s6GKBxrt082880@svn.freebsd.org> From: Warren Block Date: Wed, 16 Jul 2014 20:11:59 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r45318 - head/en_US.ISO8859-1/books/porters-handbook/versions X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2014 20:12:00 -0000 Author: wblock Date: Wed Jul 16 20:11:59 2014 New Revision: 45318 URL: http://svnweb.freebsd.org/changeset/doc/45318 Log: Fix ID, reword "to allow to allocate". Modified: head/en_US.ISO8859-1/books/porters-handbook/versions/chapter.xml Modified: head/en_US.ISO8859-1/books/porters-handbook/versions/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/porters-handbook/versions/chapter.xml Wed Jul 16 20:07:57 2014 (r45317) +++ head/en_US.ISO8859-1/books/porters-handbook/versions/chapter.xml Wed Jul 16 20:11:59 2014 (r45318) @@ -6,21 +6,7 @@ --> - - + "http://www.w3.org/1999/xlink" version="5.0" xml:id="versions"> <literal>__FreeBSD_version</literal> @@ -2712,7 +2698,7 @@ <entry>701105</entry> <entry>March 12, 2009</entry> <entry>7.1-STABLE after the incompatible change - to the kern.ipc.shmsegs sysctl to allow to allocate + to the kern.ipc.shmsegs sysctl to allow allocating larger SysV shared memory segments on 64bit architectures.</entry> </row> From owner-svn-doc-all@FreeBSD.ORG Wed Jul 16 21:30:22 2014 Return-Path: <owner-svn-doc-all@FreeBSD.ORG> Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F32BA6AB; Wed, 16 Jul 2014 21:30:21 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E145325BA; Wed, 16 Jul 2014 21:30:21 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s6GLUL7r021458; Wed, 16 Jul 2014 21:30:21 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s6GLULd5021457; Wed, 16 Jul 2014 21:30:21 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201407162130.s6GLULd5021457@svn.freebsd.org> From: Glen Barber <gjb@FreeBSD.org> Date: Wed, 16 Jul 2014 21:30:21 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-svnadmin@freebsd.org Subject: svn commit: r45319 - svnadmin/conf X-SVN-Group: doc-svnadmin MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" <svn-doc-all.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/svn-doc-all/> List-Post: <mailto:svn-doc-all@freebsd.org> List-Help: <mailto:svn-doc-all-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-doc-all>, <mailto:svn-doc-all-request@freebsd.org?subject=subscribe> X-List-Received-Date: Wed, 16 Jul 2014 21:30:22 -0000 Author: gjb Date: Wed Jul 16 21:30:21 2014 New Revision: 45319 URL: http://svnweb.freebsd.org/changeset/doc/45319 Log: Release des@. Discussed with: gabor Approved by: doceng (implicit) Sponsored by: The FreeBSD Foundation Modified: svnadmin/conf/mentors Modified: svnadmin/conf/mentors ============================================================================== --- svnadmin/conf/mentors Wed Jul 16 20:11:59 2014 (r45318) +++ svnadmin/conf/mentors Wed Jul 16 21:30:21 2014 (r45319) @@ -12,7 +12,6 @@ # Mentee Mentor Optional comment allanjude bcr co-mentor: wblock, eadler bjk hrs -des gjb backup mentor: gabor ebrandi gabor gnn remko co-mentor: gjb jgh bcr co-mentor: remko, wblock