From owner-svn-doc-projects@FreeBSD.ORG  Mon Feb 18 15:29:08 2013
Return-Path: <owner-svn-doc-projects@FreeBSD.ORG>
Delivered-To: svn-doc-projects@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id C4E5CD49;
 Mon, 18 Feb 2013 15:29:08 +0000 (UTC)
 (envelope-from gabor@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 by mx1.freebsd.org (Postfix) with ESMTP id AF24035D;
 Mon, 18 Feb 2013 15:29:08 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.5/8.14.5) with ESMTP id r1IFT8lN013554;
 Mon, 18 Feb 2013 15:29:08 GMT (envelope-from gabor@svn.freebsd.org)
Received: (from gabor@localhost)
 by svn.freebsd.org (8.14.5/8.14.5/Submit) id r1IFT7la013541;
 Mon, 18 Feb 2013 15:29:07 GMT (envelope-from gabor@svn.freebsd.org)
Message-Id: <201302181529.r1IFT7la013541@svn.freebsd.org>
From: Gabor Kovesdan <gabor@FreeBSD.org>
Date: Mon, 18 Feb 2013 15:29:07 +0000 (UTC)
To: doc-committers@freebsd.org, svn-doc-projects@freebsd.org
Subject: svn commit: r41007 - in projects/xml-tools:
 bn_BD.ISO10646-1/articles/explaining-bsd bn_BD.ISO10646-1/articles/new-users
 de_DE.ISO8859-1/htdocs de_DE.ISO8859-1/share/xml
 en_US.ISO8859-1/articles/co...
X-SVN-Group: doc-projects
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-doc-projects@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: SVN commit messages for doc projects trees
 <svn-doc-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-doc-projects>, 
 <mailto:svn-doc-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-doc-projects>
List-Post: <mailto:svn-doc-projects@freebsd.org>
List-Help: <mailto:svn-doc-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-doc-projects>, 
 <mailto:svn-doc-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Feb 2013 15:29:08 -0000

Author: gabor
Date: Mon Feb 18 15:29:06 2013
New Revision: 41007
URL: http://svnweb.freebsd.org/changeset/doc/41007

Log:
  - MFH

Added:
  projects/xml-tools/share/pgpkeys/achim.key
     - copied unchanged from r41006, head/share/pgpkeys/achim.key
  projects/xml-tools/share/pgpkeys/pclin.key
     - copied unchanged from r41006, head/share/pgpkeys/pclin.key
Deleted:
  projects/xml-tools/en_US.ISO8859-1/htdocs/FAQ/
Modified:
  projects/xml-tools/bn_BD.ISO10646-1/articles/explaining-bsd/article.xml
  projects/xml-tools/bn_BD.ISO10646-1/articles/new-users/article.xml
  projects/xml-tools/de_DE.ISO8859-1/htdocs/about.xml
  projects/xml-tools/de_DE.ISO8859-1/share/xml/news.xml
  projects/xml-tools/de_DE.ISO8859-1/share/xml/press.xml
  projects/xml-tools/en_US.ISO8859-1/articles/committers-guide/article.xml
  projects/xml-tools/en_US.ISO8859-1/articles/contributors/contrib.additional.xml
  projects/xml-tools/en_US.ISO8859-1/articles/contributors/contrib.committers.xml
  projects/xml-tools/en_US.ISO8859-1/articles/portbuild/article.xml
  projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/book.xml
  projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/boot/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/driverbasics/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/isa/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/jail/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/kobj/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/mac/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/newbus/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/pccard/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/scsi/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/smp/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/sound/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/usb/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/vm/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/developers-handbook/testing/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/developers-handbook/tools/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/faq/book.xml
  projects/xml-tools/en_US.ISO8859-1/books/fdp-primer/book.xml
  projects/xml-tools/en_US.ISO8859-1/books/handbook/book.xml
  projects/xml-tools/en_US.ISO8859-1/books/handbook/boot/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/handbook/config/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/handbook/desktop/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/handbook/disks/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/handbook/filesystems/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/handbook/geom/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/handbook/introduction/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/handbook/jails/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/handbook/l10n/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/handbook/mac/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/handbook/mail/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/handbook/printing/chapter.xml
  projects/xml-tools/en_US.ISO8859-1/books/porters-handbook/book.xml   (contents, props changed)
  projects/xml-tools/en_US.ISO8859-1/htdocs/Makefile
  projects/xml-tools/en_US.ISO8859-1/htdocs/donations/wantlist.xml
  projects/xml-tools/en_US.ISO8859-1/htdocs/features.xml
  projects/xml-tools/en_US.ISO8859-1/htdocs/internal/internal.xml
  projects/xml-tools/en_US.ISO8859-1/htdocs/layout/css/layout.css
  projects/xml-tools/en_US.ISO8859-1/htdocs/mailto.xml
  projects/xml-tools/en_US.ISO8859-1/htdocs/projects/newbies.xml
  projects/xml-tools/en_US.ISO8859-1/htdocs/releng/index.xml
  projects/xml-tools/ja_JP.eucJP/books/handbook/advanced-networking/chapter.xml
  projects/xml-tools/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml
  projects/xml-tools/ja_JP.eucJP/books/handbook/mirrors/chapter.xml
  projects/xml-tools/ja_JP.eucJP/books/handbook/ports/chapter.xml
  projects/xml-tools/ja_JP.eucJP/htdocs/internal/internal.xml
  projects/xml-tools/ja_JP.eucJP/htdocs/mailto.xml
  projects/xml-tools/ja_JP.eucJP/share/xml/news.xml
  projects/xml-tools/nl_NL.ISO8859-1/articles/contributing/article.xml
  projects/xml-tools/nl_NL.ISO8859-1/books/handbook/audit/chapter.xml
  projects/xml-tools/nl_NL.ISO8859-1/books/handbook/disks/chapter.xml
  projects/xml-tools/nl_NL.ISO8859-1/books/handbook/filesystems/chapter.xml
  projects/xml-tools/nl_NL.ISO8859-1/books/handbook/firewalls/chapter.xml
  projects/xml-tools/nl_NL.ISO8859-1/books/handbook/jails/chapter.xml
  projects/xml-tools/nl_NL.ISO8859-1/books/handbook/linuxemu/chapter.xml
  projects/xml-tools/nl_NL.ISO8859-1/books/handbook/mail/chapter.xml
  projects/xml-tools/nl_NL.ISO8859-1/books/handbook/multimedia/chapter.xml
  projects/xml-tools/nl_NL.ISO8859-1/books/handbook/network-servers/chapter.xml
  projects/xml-tools/nl_NL.ISO8859-1/books/handbook/ppp-and-slip/chapter.xml
  projects/xml-tools/nl_NL.ISO8859-1/books/handbook/security/chapter.xml
  projects/xml-tools/nl_NL.ISO8859-1/books/handbook/virtualization/chapter.xml
  projects/xml-tools/share/pgpkeys/des.key
  projects/xml-tools/share/pgpkeys/pgpkeys-developers.xml
  projects/xml-tools/share/pgpkeys/pgpkeys.ent
  projects/xml-tools/share/xml/authors.ent
  projects/xml-tools/share/xml/developers.ent
  projects/xml-tools/share/xml/mirrors.xml
  projects/xml-tools/share/xml/news.xml
  projects/xml-tools/share/xml/press.xml
Directory Properties:
  projects/xml-tools/   (props changed)
  projects/xml-tools/de_DE.ISO8859-1/   (props changed)
  projects/xml-tools/en_US.ISO8859-1/   (props changed)
  projects/xml-tools/ja_JP.eucJP/   (props changed)
  projects/xml-tools/nl_NL.ISO8859-1/   (props changed)
  projects/xml-tools/share/   (props changed)

Modified: projects/xml-tools/bn_BD.ISO10646-1/articles/explaining-bsd/article.xml
==============================================================================
--- projects/xml-tools/bn_BD.ISO10646-1/articles/explaining-bsd/article.xml	Mon Feb 18 13:03:19 2013	(r41006)
+++ projects/xml-tools/bn_BD.ISO10646-1/articles/explaining-bsd/article.xml	Mon Feb 18 15:29:06 2013	(r41007)
@@ -1,3 +1,4 @@
+<?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V4.5-Based Extension//EN"
 	"../../../share/xml/freebsd45.dtd">
 <!--

Modified: projects/xml-tools/bn_BD.ISO10646-1/articles/new-users/article.xml
==============================================================================
--- projects/xml-tools/bn_BD.ISO10646-1/articles/new-users/article.xml	Mon Feb 18 13:03:19 2013	(r41006)
+++ projects/xml-tools/bn_BD.ISO10646-1/articles/new-users/article.xml	Mon Feb 18 15:29:06 2013	(r41007)
@@ -1,3 +1,4 @@
+<?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V4.5-Based Extension//EN"
 	"../../../share/xml/freebsd45.dtd">
 <!--

Modified: projects/xml-tools/de_DE.ISO8859-1/htdocs/about.xml
==============================================================================
--- projects/xml-tools/de_DE.ISO8859-1/htdocs/about.xml	Mon Feb 18 13:03:19 2013	(r41006)
+++ projects/xml-tools/de_DE.ISO8859-1/htdocs/about.xml	Mon Feb 18 15:29:06 2013	(r41007)
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="iso-8859-1"?>
 <!DOCTYPE html PUBLIC "-//FreeBSD//DTD XHTML 1.0 Transitional-Based Extension//EN"
 "http://www.FreeBSD.org/XML/doc/share/xml/xhtml10-freebsd.dtd" [
-<!ENTITY dedate "$FreeBSDde: de-www/about.xml,v 1.13 2008/03/24 15:33:41 jkois Exp $">
-<!ENTITY reference "basiert auf: 1.13">
+<!ENTITY dedate "$FreeBSDde$">
+<!ENTITY reference "basiert auf: r40760">
 <!ENTITY title "Über FreeBSD">
 ]>
 
@@ -64,7 +64,7 @@
 
 	      <h2>Viele Anwendungen</h2>
 
-	      <p>Mit über 17.000 portierten Bibliotheken und <a
+	      <p>Mit über 24.000 portierten Bibliotheken und <a
 		href="&base;/applications.html">Anwendungen</a> eignet sich
 		FreeBSD hervorragend als Betriebssystem für Desktop-
 		und Serversysteme sowie eingebettete Systeme.</p>

Modified: projects/xml-tools/de_DE.ISO8859-1/share/xml/news.xml
==============================================================================
--- projects/xml-tools/de_DE.ISO8859-1/share/xml/news.xml	Mon Feb 18 13:03:19 2013	(r41006)
+++ projects/xml-tools/de_DE.ISO8859-1/share/xml/news.xml	Mon Feb 18 15:29:06 2013	(r41007)
@@ -4,7 +4,7 @@
 <!--
      $FreeBSD$
      $FreeBSDde$
-     basiert auf: r40659
+     basiert auf: r40903
 -->
 
 <!-- Simple schema for FreeBSD Project news.
@@ -42,12 +42,30 @@
       <name>1</name>
 
       <day>
-	<name>16</name>
+	<name>23</name>
 
         <event>
-          <p>Neuer Committer: <a
+	  <p>Neuer Committer: <a
+	    href="mailto:achim@FreeBSD.org">Achim Leubner</a> (src)</p>
+	</event>
+      </day>
+
+      <day>
+	<name>22</name>
+
+	<event>
+	  <p>Neuer Committer: <a
+	    href="mailto:dru@FreeBSD.org">Dru Lavigne</a> (doc)</p>
+	</event>
+      </day>
+
+      <day>
+	<name>16</name>
+
+	<event>
+	  <p>Neuer Committer: <a
 	    href="mailto:carl@FreeBSD.org">Carl Delsey</a> (src)</p>
-        </event>
+	</event>
       </day>
       
       <day>
@@ -127,6 +145,15 @@
 	    href="http://freebsdfoundation.blogspot.com/2013/01/faces-of-freebsd-thomas-abthorpe.html">hier.</a></p>
 	</event>
       </day>
+
+      <day>
+	<name>7</name>
+	  
+	<event>
+	  <p>Neuer Committer: <a
+	    href="mailto:ian@FreeBSD.org">Ian Lepore</a> (src)</p>
+	</event>
+      </day>
     </month>
   </year>
 
@@ -160,6 +187,15 @@
       </day>
 
       <day>
+	<name>24</name>
+
+	<event>
+	  <p>Neuer Committer: <a
+	    href="mailto:koobs@FreeBSD.org">Kubilay Kocak</a> (ports)</p>
+	</event>
+      </day>
+
+      <day>
 	<name>20</name>
 
 	<event>

Modified: projects/xml-tools/de_DE.ISO8859-1/share/xml/press.xml
==============================================================================
--- projects/xml-tools/de_DE.ISO8859-1/share/xml/press.xml	Mon Feb 18 13:03:19 2013	(r41006)
+++ projects/xml-tools/de_DE.ISO8859-1/share/xml/press.xml	Mon Feb 18 15:29:06 2013	(r41007)
@@ -7,7 +7,7 @@
     "freefall:/c/www/bsddoc/press/".
     $FreeBSD$
     $FreeBSDde$
-    basiert auf: r40251
+    basiert auf: r40864
 -->
 
 <press>
@@ -16,6 +16,26 @@
     </cvs:keyword>
 
   <year>
+    <name>2013</name>
+
+    <month>
+      <name>1</name>
+
+      <story>
+	<name>A Decade of OS Access-control Extensibility</name>
+	<url>https://queue.acm.org/detail.cfm?id=2430732</url>
+	<site-name>ACM Queue</site-name>
+	<site-url>https://queue.acm.org/</site-url>
+	<date>18. Januar 2013</date>
+	<author>Robert N. M. Watson</author>
+	<p>Wer sich näher mit der Absicherung von Betriebssystemen
+	  beschäftigt, ist erstaunt über die zahlreichen in der
+	  Praxis eingesetzten Modelle zur Zugangskontrolle.</p>
+      </story>
+    </month>
+  </year>
+
+  <year>
     <name>2012</name>
 
     <month>

Modified: projects/xml-tools/en_US.ISO8859-1/articles/committers-guide/article.xml
==============================================================================
--- projects/xml-tools/en_US.ISO8859-1/articles/committers-guide/article.xml	Mon Feb 18 13:03:19 2013	(r41006)
+++ projects/xml-tools/en_US.ISO8859-1/articles/committers-guide/article.xml	Mon Feb 18 15:29:06 2013	(r41007)
@@ -4156,24 +4156,6 @@ bak/packages  packages from last complet
       there are at least some perks:</para>
 
     <variablelist>
-
-      <varlistentry>
-	<term>Direct access to <hostid>cvsup-master</hostid></term>
-
-	<listitem>
-	  <para>As a committer, you may apply to &a.kuriyama; for direct access
-	    to <hostid role="fqdn">cvsup-master.FreeBSD.org</hostid>,
-	    providing the public key output from <command>cvpasswd
-	    <replaceable>yourusername</replaceable>@FreeBSD.org
-	    freefall.FreeBSD.org</command>.  Please note: you must
-	    specify <hostid>freefall.FreeBSD.org</hostid> on the
-	    <command>cvpasswd</command> command line even though the
-	    actual server is <hostid>cvsup-master</hostid>.  Access to
-	    <hostid>cvsup-master</hostid> should not be overused as it is
-	    a busy machine.</para>
-	</listitem>
-      </varlistentry>
-
       <varlistentry>
 	<term>Free 4-CD and DVD Sets</term>
 

Modified: projects/xml-tools/en_US.ISO8859-1/articles/contributors/contrib.additional.xml
==============================================================================
--- projects/xml-tools/en_US.ISO8859-1/articles/contributors/contrib.additional.xml	Mon Feb 18 13:03:19 2013	(r41006)
+++ projects/xml-tools/en_US.ISO8859-1/articles/contributors/contrib.additional.xml	Mon Feb 18 15:29:06 2013	(r41007)
@@ -2603,6 +2603,11 @@
     </listitem>
 
     <listitem>
+      <para>Dmitry Kazarov
+	<email>d.y.kazarov@mail.ru</email></para>
+    </listitem>
+
+    <listitem>
       <para>Dmitry Khrustalev
 	<email>dima@xyzzy.machaon.ru</email></para>
     </listitem>
@@ -3366,7 +3371,7 @@
 
     <listitem>
       <para>Gary Hayers
-	<email>gary@hayers.net</email></para>
+	<email>gary@hayers.org</email></para>
     </listitem>
 
     <listitem>
@@ -6835,6 +6840,11 @@
     </listitem>
 
     <listitem>
+      <para>Michael Sanders
+	<email>mike@topcat.hypermart.net</email></para>
+    </listitem>
+
+    <listitem>
       <para>Michael Sardo
 	<email>jaeger16@yahoo.com</email></para>
     </listitem>
@@ -8380,11 +8390,6 @@
     </listitem>
 
     <listitem>
-      <para>Po-Chien Lin
-	<email>linpc@cs.nctu.edu.tw</email></para>
-    </listitem>
-
-    <listitem>
       <para>Pomegranate
 	<email>daver@flag.blackened.net</email></para>
     </listitem>
@@ -8792,6 +8797,11 @@
     </listitem>
 
     <listitem>
+      <para>Dr. Rolf Jansen
+	<email>cyclaero@gmail.com</email></para>
+    </listitem>
+
+    <listitem>
       <para>Roman Neuhauser
 	<email>neuhauser@chello.cz</email></para>
     </listitem>

Modified: projects/xml-tools/en_US.ISO8859-1/articles/contributors/contrib.committers.xml
==============================================================================
--- projects/xml-tools/en_US.ISO8859-1/articles/contributors/contrib.committers.xml	Mon Feb 18 13:03:19 2013	(r41006)
+++ projects/xml-tools/en_US.ISO8859-1/articles/contributors/contrib.committers.xml	Mon Feb 18 15:29:06 2013	(r41007)
@@ -524,6 +524,10 @@
     </listitem>
 
     <listitem>
+      <para>&a.smh;</para>
+    </listitem>
+
+    <listitem>
       <para>&a.ehaupt;</para>
     </listitem>
 
@@ -820,6 +824,10 @@
     </listitem>
 
     <listitem>
+      <para>&a.achim;</para>
+    </listitem>
+
+    <listitem>
       <para>&a.truckman;</para>
     </listitem>
 
@@ -840,6 +848,10 @@
     </listitem>
 
     <listitem>
+      <para>&a.pclin;</para>
+    </listitem>
+
+    <listitem>
       <para>&a.yzlin;</para>
     </listitem>
 

Modified: projects/xml-tools/en_US.ISO8859-1/articles/portbuild/article.xml
==============================================================================
--- projects/xml-tools/en_US.ISO8859-1/articles/portbuild/article.xml	Mon Feb 18 13:03:19 2013	(r41006)
+++ projects/xml-tools/en_US.ISO8859-1/articles/portbuild/article.xml	Mon Feb 18 15:29:06 2013	(r41007)
@@ -60,7 +60,7 @@
       <title>The codebase</title>
 
       <para>Most of the package building magic occurs under the
-	<filename>/var/portbuild</filename> directory.  Unless
+	<filename>/a/portbuild</filename> directory.  Unless
 	otherwise specified, all paths will be relative to
 	this location.  <replaceable>${arch}</replaceable> will
 	be used to specify one of the package architectures
@@ -74,15 +74,16 @@
       </para>
 
       <note>
-	<para>Packages are no longer built for branches 4, 5, or 6, nor
+	<para>FreeBSD no longer builds packages for branches 4, 5, or 6, nor
 	  for the alpha architecture.</para>
       </note>
 
-      <para>The scripts that control all of this live in
-	<filename role="directory">/var/portbuild/scripts/</filename>.
+      <para>The scripts that control all of this live in either
+	<filename role="directory">/a/portbuild/scripts/</filename> or.
+	<filename role="directory">/a/portbuild/admin/scripts/</filename>.
 	These are the checked-out copies from the Subversion repository at
-	<ulink url="http://svnweb.freebsd.org/base/projects/portbuild/scripts/">
-	  <filename role="directory">base/projects/portbuild/scripts/</filename>
+	<ulink url="http://svnweb.freebsd.org/base/projects/portbuild/">
+	  <filename role="directory">base/projects/portbuild/</filename>
 	</ulink>.</para>
 
       <para>Typically, incremental builds are done that use previous
@@ -109,7 +110,7 @@
     </sect2>
 
     <sect2 id="codebase-notes">
-      <title>Notes on the codebase</title>
+      <title>Historical notes on the codebase</title>
 
       <para>Until mid-2010, the scripts were completely specific to
 	<hostid>pointyhat.FreeBSD.org</hostid> as the head (dispatch) node.  During
@@ -145,18 +146,6 @@
 	</listitem>
       </itemizedlist>
 
-      <para>This document was originally written before these changes
-	were made.  Where things such as script invocations have changed,
-	they were denoted as <literal>new codebase:</literal> as opposed
-	to <literal>old codebase:</literal>.</para>
-
-      <note>
-	<para>Up until November 2012, <hostid>pointyhat</hostid> had still
-	  been running the old codebase.  That installation has now been
-	  permanently offlined.  Therefore, all the instructions having
-	  to do with the old codebase have been removed.</para>
-      </note>
-
       <note>
 	<para>Also during this process, the codebase was migrated to the
 	  <ulink url="http://svnweb.freebsd.org/base/projects/portbuild/scripts/">
@@ -166,16 +155,61 @@
 	  found in CVS</ulink>.</para>
       </note>
     </sect2>
+
+    <sect2 id="pointyhat-privsep">
+      <title>Notes on privilege separation</title>
+
+      <para>As of January 2013, a rewrite is in progress to further separate
+	privileges.  The following concepts are introduced:</para>
+
+      <itemizedlist>
+	<listitem>
+	  <para>Server-side user <username>portbuild</username> assumes all
+	    responsiblity for operations involving builds and communicating
+	    with the clients.  This user no longer has access to
+	    <application>sudo</application>.</para>
+	</listitem>
+
+	<listitem>
+	  <para>Server-side user <username>srcbuild</username> is created
+	    and given responsiblity for operations involving both VCS
+	    operations and anything involving src builds for the clients.
+	    This user does not have access to
+	    <application>sudo</application>.</para>
+	</listitem>
+
+	<listitem>
+	  <para>The server-side
+	    <literal>ports-</literal><replaceable>arch</replaceable>
+	    users go away.</para>
+	</listitem>
+
+	<listitem>
+	  <para>None of the above server-side users have
+	    <application>ssh</application> keys.  Individual
+	    <literal>portmgr</literal> will accomplish all those
+	    tasks using <application>ksu</application>.  (This is
+	    still work-in-progress.)</para>
+	</listitem>
+
+	<listitem>
+	  <para>The only client-side user is also named
+	    <username>portbuild</username> and still has access to
+	    <application>sudo</application> for the purpose of managing
+	    jails.</para>
+	</listitem>
+      </itemizedlist>
+    </sect2>
   </sect1>
 
   <sect1 id="management">
     <title>Build Client Management</title>
 
-    <para>The &i386; clients co-located with <hostid>pointyhat</hostid>
-      netboot from it (<replaceable>connected</replaceable> nodes); all
-      other clients (<replaceable>disconnected</replaceable> nodes)
-      are either self-hosted or netboot from some other
-      <literal>pxe</literal> host.
+    <para>You may set up clients to either netboot from the master
+      (<replaceable>connected</replaceable> nodes)
+      or have them either self-hosted or netboot from some other
+      <literal>pxe</literal> host
+      (<replaceable>disconnected</replaceable> nodes).
       In all cases they set themselves
       up at boot-time to prepare to build packages.</para>
 
@@ -200,29 +234,31 @@
   <sect1 id="setup">
     <title>Jail Build Environment Setup</title>
 
-    <para>Package builds are performed in a
+    <para>Package builds are performed by the clients in a
       <literal>jail</literal> populated by the
       <filename>portbuild</filename> script using the
       <filename><replaceable>${arch}</replaceable>/<replaceable>${branch}</replaceable>/builds/<replaceable>${buildid}</replaceable>/bindist.tar</filename>
       file.</para>
 
-    <para>The <command>makeworld</command> command builds a world from the
+    <para>On the server, use the
+      <command>makeworld</command> command to build a world from the
       <filename><replaceable>${arch}</replaceable>/<replaceable>${branch}</replaceable>/builds/<replaceable>${buildid}</replaceable>/src/</filename>
-      tree and installs it into
+      tree and install it into
       <filename><replaceable>${arch}</replaceable>/<replaceable>${branch}</replaceable>/builds/<replaceable>${buildid}</replaceable>/bindist.tar</filename>.
       The tree will
       be updated first unless <literal>-novcs</literal> is
-      specified.  It should be run as <username>root</username>:</para>
+      specified.</para>
 
-    <screen>&prompt.root; <userinput>/var/portbuild/scripts/makeworld <replaceable>${arch}</replaceable> <replaceable>${branch}</replaceable> <replaceable>${buildid}</replaceable> [-novcs]</userinput></screen>
+    <screen>&prompt.root; <userinput>/a/portbuild/admin/scripts/makeworld <replaceable>${arch}</replaceable> <replaceable>${branch}</replaceable> <replaceable>${buildid}</replaceable> [-novcs]</userinput></screen>
 
-    <para>The <filename>bindist.tar</filename> tarball is created from the
+    <para>Similiarly on the server, the
+      <filename>bindist.tar</filename> tarball is created from the
       previously installed world by the <command>mkbindist</command>
-      script.  It should be also be run as <username>root</username>:</para>
+      script.</para>
 
-    <screen>&prompt.root; <userinput>/var/portbuild/scripts/mkbindist <replaceable>${arch}</replaceable> <replaceable>${branch}</replaceable> <replaceable>${buildid}</replaceable></userinput></screen>
+    <screen>&prompt.root; <userinput>/a/portbuild/admin/scripts/mkbindist <replaceable>${arch}</replaceable> <replaceable>${branch}</replaceable> <replaceable>${buildid}</replaceable></userinput></screen>
 
-    <para>The per-machine tarballs are located in
+    <para>The per-machine tarballs are located on the server in
       <filename><replaceable>${arch}</replaceable>/clients</filename>.</para>
 
     <para>The <filename>bindist.tar</filename> file is extracted
@@ -233,6 +269,16 @@
     <para>For both commands above, if
       <replaceable>${buildid}</replaceable> is
       <literal>latest</literal>, it may be omitted.</para>
+
+    <note>
+      <para>Currently the above two scripts must be run as
+	<username>root</username>; otherwise, the install scripts
+	lack sufficient permissions.  This is undesirable for
+	security reasons.  Work is in progress in -HEAD to allow
+	users to do installations; once that is committed, the
+	intention is to use that and run these two commands as
+	<username>srcbuild</username>.</para>
+    </note>
   </sect1>
 
   <sect1 id="customizing">
@@ -782,7 +828,7 @@ PKG_BIN=/usr/local/sbin/pkg</programlist
       <para>To free up resources, you will need to clean up client machines by
 	running <command>build cleanup</command> command.  For example:</para>
 
-      <screen>&prompt.user; <userinput>/var/portbuild/scripts/build cleanup i386 8-exp 20080714120411 -full</userinput></screen>
+      <screen>&prompt.user; <userinput>/a/portbuild/scripts/build cleanup i386 8-exp 20080714120411 -full</userinput></screen>
 
       <para>If you forget to do this, then the old build
 	<literal>jail</literal>s will not be cleaned up for 24 hours, and no
@@ -797,6 +843,11 @@ PKG_BIN=/usr/local/sbin/pkg</programlist
 	and it is less than the number of jobs that <literal>loads</literal>
 	thinks are in use, you are in trouble.</para>
 
+      <note>
+	<para>The following notes about mounting only apply to
+	  <literal>connected</literal> nodes.</para>
+      </note>
+
       <para>You may have problem with the <command>umount</command>
 	commands hanging.  If so, you are going to have to use the
 	<command>allgohans</command> script to run an &man.ssh.1;
@@ -826,6 +877,11 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
 	<para>You may also see messages about <literal>procfs</literal>.</para>
       </note>
 
+      <note>
+	<para>The above is the end of the notes that apply only to
+	  <literal>connected</literal> nodes.</para>
+      </note>
+
       <para>After you have done all the above, remove the
 	<filename><replaceable>${arch}</replaceable>/lock</filename>
 	file before trying to restart the build.  If you do not,
@@ -872,7 +928,7 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
       <userinput>scripts/stats <replaceable>${branch}</replaceable></userinput>
       command shows the number of packages already built.</para>
 
-    <para>Running <userinput>cat /var/portbuild/*/loads/*</userinput>
+    <para>Running <userinput>cat /a/portbuild/*/loads/*</userinput>
       shows the client loads and number of concurrent builds in
       progress.  The files that have been recently updated are the clients
       that are online; the others are the offline clients.</para>
@@ -909,7 +965,7 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
       it if not.</para>
 
     <para>Keep an eye on &man.df.1; output.  If the
-      <filename>/var/portbuild</filename> file system becomes full
+      <filename>/a/portbuild</filename> file system becomes full
       then <trademark>Bad Things</trademark> happen.</para>
 
     <para>The status of all current builds is generated periodically
@@ -1014,12 +1070,7 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
     <screen>&prompt.user; <userinput>cd <replaceable>${arch}</replaceable>/<replaceable>${branch}</replaceable></userinput>
 &prompt.user; <userinput>find distfiles > distfiles-<replaceable>${release}</replaceable></userinput></screen>
 
-    <!-- XXX MCL apparently obsolete -->
-    <para>This inventory file typically lives in
-      <filename>i386/<replaceable>${branch}</replaceable></filename>
-      on the cluster master.</para>
-
-    <para>This is useful to aid in periodically cleaning out
+    <para>You should use that output to periodically clean out
       the distfiles from <hostid>ftp-master</hostid>.  When space
       gets tight, distfiles from recent releases can be kept while
       others can be thrown away.</para>
@@ -1043,6 +1094,16 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
   <sect1 id="uploading">
     <title>Uploading Packages</title>
 
+    <note>
+      <para>For FreeBSD.org as of 2013, the instructions
+	about uploading to <hostid>ftp-master</hostid> are obsolete.
+	In the future, <hostid>ftp-master</hostid> will pull
+	from <hostid>pointyhat</hostid>, using a mechanism yet
+	to be implemented.  However, the instructions about
+	<makevar>RESTRICTED</makevar> and <makevar>NO_CDROM</makevar>
+	must still be <emphasis>carefully</emphasis> followed.</para>
+    </note>
+
     <para>Once a build has completed, packages and/or distfiles
       can be transferred to <hostid>ftp-master</hostid> for
       propagation to the FTP mirror network.  If the build was
@@ -1120,7 +1181,7 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
       a new release), copy packages to the staging area on
       <hostid>ftp-master</hostid> with something like the following:</para>
 
-    <screen>&prompt.root; <userinput>cd /var/portbuild/<replaceable>${arch}</replaceable>/<replaceable>${branch}</replaceable></userinput>
+    <screen>&prompt.root; <userinput>cd /a/portbuild/<replaceable>${arch}</replaceable>/<replaceable>${branch}</replaceable></userinput>
 &prompt.root; <userinput>tar cfv - packages/ | ssh portmgr@ftp-master tar xfC - w/ports/<replaceable>${arch}</replaceable>/tmp/<replaceable>${subdir}</replaceable></userinput></screen>
 
     <para>Then log into <hostid>ftp-master</hostid>, verify that
@@ -1148,7 +1209,7 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
     <para>Distfiles should be transferred with the
       <command>cpdistfiles</command> script:</para>
 
-    <screen>&prompt.root; <userinput>/var/portbuild/scripts/cpdistfiles <replaceable>${arch}</replaceable> <replaceable>${branch}</replaceable> <replaceable>${buildid}</replaceable> [-yesreally] | tee log2</userinput></screen>
+    <screen>&prompt.root; <userinput>/a/portbuild/scripts/cpdistfiles <replaceable>${arch}</replaceable> <replaceable>${branch}</replaceable> <replaceable>${buildid}</replaceable> [-yesreally] | tee log2</userinput></screen>
 
     <para>Doing it by hand is deprecated.</para>
   </sect1>
@@ -1156,6 +1217,11 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
   <sect1 id="expbuilds">
     <title>Experimental Patches Builds</title>
 
+    <note>
+      <para>Most of the information in this section is obsolete
+	as of 2013 and needs to be rewritten.</para>
+    </note>
+
     <para>Experimental patches builds are run from time to time to
       new features or bugfixes to the ports infrastructure (i.e.
       <filename>bsd.port.mk</filename>), or to test large sweeping
@@ -1206,21 +1272,15 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
       build.  This will ensure an apples-to-apples comparison
       later.</para>
 
-    <!-- XXX MCL currently there is only one build cluster
-    <note><para>One build cluster can do the control build while the other
-      does the experimental patches build.  This can be a great
-      time-saver.</para></note>
-    -->
-
     <para>Once the build finishes, compare the control build failures
       to those of the experimental patches build.  Use the following
       commands to facilitate this (this assumes the <literal>8</literal>
       branch is the control branch, and the <literal>8-exp</literal>
       branch is the experimental patches branch):</para>
 
-    <screen>&prompt.user; <userinput>cd /var/portbuild/i386/8-exp/errors</userinput>
+    <screen>&prompt.user; <userinput>cd /a/portbuild/i386/8-exp/errors</userinput>
 &prompt.user; <userinput>find . -name \*.log\* | sort > /tmp/8-exp-errs</userinput>
-&prompt.user; <userinput>cd /var/portbuild/i386/8/errors</userinput>
+&prompt.user; <userinput>cd /a/portbuild/i386/8/errors</userinput>
 &prompt.user; <userinput>find . -name \*.log\* | sort > /tmp/8-errs</userinput></screen>
 
     <note>
@@ -1283,7 +1343,7 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
       rebuild of the affected packages under the control
       branch:</para>
 
-    <screen>&prompt.user; <userinput>cd /var/portbuild/i386/8/ports</userinput></screen>
+    <screen>&prompt.user; <userinput>cd /a/portbuild/i386/8/ports</userinput></screen>
 
     <note>
       <para>The following example is obsolete</para>
@@ -1296,9 +1356,9 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
 
     <!-- XXX MCL fix -->
     <para>The following command will set up the control branch for
-      the partial build (old codebase):</para>
+      the partial build:</para>
 
-    <screen>&prompt.user; <userinput>/var/portbuild/scripts/dopackages.8 -noportsvcs -nobuild -novcs -nofinish</userinput></screen>
+    <screen>&prompt.user; <userinput>/a/portbuild/scripts/dopackages.wrapper i386 8 -noportsvcs -nobuild -novcs -nofinish</userinput></screen>
 
     <!-- XXX MCL obsolete -->
     <para>The builds must be performed from the
@@ -1306,14 +1366,14 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
       initially be empty except for the Makefile symlink.  If this
       symlink does not exist, it must be created:</para>
 
-    <screen>&prompt.user; <userinput>cd /var/portbuild/i386/8/packages/All</userinput>
+    <screen>&prompt.user; <userinput>cd /a/portbuild/i386/8/packages/All</userinput>
 &prompt.user; <userinput>ln -sf ../../Makefile .</userinput>
 &prompt.user; <userinput>make -k -j&lt;#&gt; &lt;list of packages to build&gt;</userinput></screen>
 
     <note>
       <para>&lt;#&gt; is the concurrency of the build to
 	attempt.  It is usually the sum of the weights listed in
-	<filename>/var/portbuild/i386/mlist</filename> unless you have a
+	<filename>/a/portbuild/i386/mlist</filename> unless you have a
 	reason to run a heavier or lighter build.</para>
 
       <para>The list of packages to build should be a list of package
@@ -1346,17 +1406,15 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
     <para>Before following these steps, please coordinate with
       <literal>portmgr</literal>.</para>
 
-    <note>
-      <para>Due to some generous donations, <literal>portmgr</literal> is
-	no longer looking for the loan of &i386; or <literal>amd64</literal>
-	systems.  However, we are still interested in borrowing tier-2
-	systems.</para>
-    </note>
-
     <sect2 id="node-requirements">
       <title>Node requirements</title>
 
-      <para><literal>portmgr</literal> is still working on characterizing
+      <note>
+	<para>This section is only of interest when considering
+	  tier-2 architectures.</para>
+      </note>
+
+      <para>Here are the requirement for
 	what a node needs to be generally useful.</para>
 
       <itemizedlist>
@@ -1436,7 +1494,8 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
 	    <filename>/usr2/</filename>.)</para>
 	  <note>
 	    <para>The filename <filename>chroot</filename> is a
-	      historical remnant.</para>
+	      historical remnant.  The <command>chroot</command>
+	      command is no longer used.</para>
 	  </note>
 	</step>
       </procedure>
@@ -1477,8 +1536,9 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
 
 	<step>
 	  <para>Generate a kernel config file.  Include
-	    <filename>GENERIC</filename> (or, if you are using more than
-	    3.5G on &i386;, <filename>PAE</filename>).</para>
+	    <filename>GENERIC</filename> (or, if on &i386;, and
+	    you are using more than
+	    3.5G, <filename>PAE</filename>).</para>
 
 	  <para>Required options:</para>
 
@@ -1493,9 +1553,14 @@ options         SHMMAXPGS=65536
 options         SEMMNI=40
 options         SEMMNS=240
 options         SEMUME=40
-options         SEMMNU=120
+options         SEMMNU=120</programlisting>
+
+	  <para>If you are interested in debugging general
+	    problems, you may wish to use the following.
+	    However, for unattended operations, it is best
+	    to leave it out:</para>
 
-options         ALT_BREAK_TO_DEBUGGER</programlisting>
+	  <programlisting>options         ALT_BREAK_TO_DEBUGGER</programlisting>
 
 	  <para>For <filename>PAE</filename>, it is not currently possible
 	    to load modules.  Therefore, if you are running an architecture
@@ -1912,7 +1977,7 @@ portbuild     ALL=(ALL) NOPASSWD: ALL</p
 
 	<step>
 	  <para>Create
-	    <filename>/var/portbuild/<replaceable>${arch}</replaceable>/clients/bindist-<replaceable>${hostname}</replaceable>.tar</filename>.</para>
+	    <filename>/a/portbuild/<replaceable>${arch}</replaceable>/clients/bindist-<replaceable>${hostname}</replaceable>.tar</filename>.</para>
 
 	  <itemizedlist>
 	    <listitem>
@@ -1951,16 +2016,16 @@ MASTER_SITE_OVERRIDE= \
 	  <para>Hint: you will need one of these for each machine;
 	    however, if you have multiple machines at one site, you
 	    should create a site-specific one (e.g., in
-	    <filename>/var/portbuild/conf/clients/</filename>)
+	    <filename>/a/portbuild/conf/clients/</filename>)
 	    and symlink to it.</para>
 	</step>
 
 	<step>
 	  <para>Create
-<filename>/var/portbuild/<replaceable>${arch}</replaceable>/portbuild-<replaceable>${hostname}</replaceable></filename>
+<filename>/a/portbuild/<replaceable>${arch}</replaceable>/portbuild-<replaceable>${hostname}</replaceable></filename>
 	    using one of the existing ones as a guide.  This
 	    file contains overrides to
-<filename>/var/portbuild/<replaceable>${arch}</replaceable>/portbuild.conf</filename>.</para>
+<filename>/a/portbuild/<replaceable>${arch}</replaceable>/portbuild.conf</filename>.</para>
 
 	  <para>Suggested values:</para>
 
@@ -2026,7 +2091,7 @@ ssh_cmd="/usr/local/bin/ssh"</programlis
 	<step>
 	  <para>Populate the client's copy of
 	    <filename>/var/portbuild/scripts/</filename> by something like
-	    <userinput>/var/portbuild/scripts/dosetupnode <replaceable>arch</replaceable> <replaceable>major</replaceable> latest <replaceable>hostname</replaceable></userinput>.
+	    <userinput>/a/portbuild/scripts/dosetupnode <replaceable>arch</replaceable> <replaceable>major</replaceable> latest <replaceable>hostname</replaceable></userinput>.
 	    Verify that you now have files in that directory.</para>
 	</step>
 
@@ -2071,7 +2136,7 @@ ssh_cmd="/usr/local/bin/ssh"</programlis
 	  <para>Once you are sure that the client is working, tell
 	    <application>pollmachine</application> about it by adding
 	    it to
-	    <filename>/var/portbuild/<replaceable>${arch}</replaceable>/mlist</filename>.</para>
+	    <filename>/a/portbuild/<replaceable>${arch}</replaceable>/mlist</filename>.</para>
 	</step>
       </procedure>
     </sect2>
@@ -2087,10 +2152,15 @@ ssh_cmd="/usr/local/bin/ssh"</programlis
 	be done to specify that the previous branch is no longer
 	equivalent to <literal>HEAD</literal>.</para>
 
+      <note>
+	<para>As
+	  <literal>srcbuild</literal>:</para>
+      </note>
+
       <itemizedlist>
 	<listitem>
 	  <para>
-	    Edit <filename>/var/portbuild/conf/server.conf</filename>
+	    Edit <filename>/a/portbuild/conf/admin/admin.conf</filename>
 	    with the following changes:</para>
 
 	  <itemizedlist>
@@ -2115,7 +2185,7 @@ ssh_cmd="/usr/local/bin/ssh"</programlis
 	</listitem>
 
 	<listitem>
-	  <para>Run <command>/var/portbuild/updatesnap</command> manually.</para>
+	  <para>Run <command>/a/portbuild/admin/scripts/updatesnap</command> manually.</para>
 	</listitem>
       </itemizedlist>
     </sect2>
@@ -2123,24 +2193,21 @@ ssh_cmd="/usr/local/bin/ssh"</programlis
     <sect2 id="new-branch-post-qmanager">
       <title>Steps necessary after <application>qmanager</application> is started</title>
 
-      <note>
-	<para>Again, as
-	  <literal>portbuild</literal>:</para>
-      </note>
-
       <itemizedlist>
 	<listitem>
 	  <para>For each branch that will be supported, do the following:</para>
 
 	  <itemizedlist>
 	    <listitem>
-	      <para>Kick-start the build for the branch with:</para>
+	      <para>As <literal>portbuild</literal>,
+		kick-start the build for the branch with:</para>
 
 	      <screen>build create <replaceable>arch</replaceable> <replaceable>branch</replaceable></screen>
 	    </listitem>
 
 	    <listitem>
-	      <para><link linkend="setup">Create
+	      <para>As <literal>srcbuild</literal>,
+		<link linkend="setup">create
 		  <filename>bindist.tar</filename></link>.</para>
 	    </listitem>
 	  </itemizedlist>
@@ -2157,7 +2224,7 @@ ssh_cmd="/usr/local/bin/ssh"</programlis
 
     <itemizedlist>
       <listitem>
-	<para>Edit <filename>/var/portbuild/conf/server.conf</filename>
+	<para>Edit <filename>/a/portbuild/admin/conf/admin.conf</filename>
 	  with the following changes:</para>
 
 	<itemizedlist>
@@ -2184,7 +2251,7 @@ zfs destroy -r a/snap/src-<replaceable>o
     <itemizedlist>
       <listitem>
 	<para>You will probably find that the following files and
-	  symlinks in <filename>/var/portbuild/errorlogs/</filename>
+	  symlinks in <filename>/a/portbuild/errorlogs/</filename>
 	  can be removed:</para>
 
 	<itemizedlist>
@@ -2229,7 +2296,7 @@ zfs destroy -r a/snap/src-<replaceable>o
 
     <itemizedlist>
       <listitem>
-	<para>Edit <filename>/var/portbuild/conf/server.conf</filename>
+	<para>Edit <filename>/a/portbuild/admin/conf/admin.conf</filename>
 	  with the following changes:</para>
 
 	<itemizedlist>
@@ -2244,7 +2311,7 @@ zfs destroy -r a/snap/src-<replaceable>o
       </listitem>
 
       <listitem>
-	<para>Run <command>/var/portbuild/updatesnap</command> manually.</para>
+	<para>Run <command>/a/portbuild/admin/scripts/updatesnap</command> manually.</para>
       </listitem>
 
       <listitem>
@@ -2268,49 +2335,24 @@ zfs destroy -r a/snap/src-<replaceable>o
       <title>Steps necessary before <application>qmanager</application> is started</title>
 
       <note>
-	<para>The initial steps need to be done as
-	  <literal>root</literal>.</para>
+	<para>The next steps are most easily done as user
+	  <literal>portbuild</literal>.</para>
       </note>
 
-      <itemizedlist>
-	<listitem>
-	  <para>If it has not already been done, create the
-	    <literal>portbuild</literal>
-	    user and group.</para>
-	</listitem>
-
-	<listitem>
-	  <screen>mkdir /var/portbuild/<replaceable>arch</replaceable></screen>
-	</listitem>
-
-	<listitem>
-	  <para>Create a new <application>zfs</application> filesystem:</para>
-
-	  <screen>&prompt.root; zfs create -o mountpoint=/a/portbuild/<replaceable>arch</replaceable> a/portbuild/<replaceable>arch</replaceable></screen>
-      </listitem>
-
-	<listitem>
-	  <screen>&prompt.root; chown portbuild:portbuild /var/portbuild/<replaceable>arch</replaceable>;
-&prompt.root; chmod 775 /var/portbuild/<replaceable>arch</replaceable>;
-&prompt.root; cd /var/portbuild/<replaceable>arch</replaceable></screen>
-	</listitem>
-
-	<listitem>
-	  <para>Create the <filename>.ssh</filename> directory.</para>
-	</listitem>
-      </itemizedlist>
-
       <note>
-	<para>The next steps are most easily done as user
-	  <literal>portbuild</literal>.</para>
+	<para>The following assumes you have already run
+	  <literal>mkportbuild</literal>.</para>
       </note>
 
       <itemizedlist>
 	<listitem>
-	  <para>Create an archive directory for buildlogs and errorlogs
-	    under <filename>archive/</filename>.</para>
+	  <para>As the <literal>portbuild</literal> user, run</para>
+
+	  <screen>&prompt.user; /a/portbuild/admin/tools/addarch <replaceable>arch</replaceable></screen>
 	</listitem>
+      </itemizedlist>
 
+      <itemizedlist>
 	<listitem>
 	  <para>For each branch that will be supported, do the following:</para>
 
@@ -2354,8 +2396,10 @@ zfs destroy -r a/snap/src-<replaceable>o
 	</listitem>
 
 	<listitem>
-	  <para>Create a fresh <filename>portbuild.conf</filename> file
-	    from one of the ones for another architecture.</para>
+	  <para>Edit <filename>portbuild.conf</filename>
+	    from one of the ones for another architecture.
+	    <literal>addarch</literal> will have created a default
+	    one for you.</para>
 	</listitem>
 
 	<listitem>
@@ -2365,23 +2409,13 @@ zfs destroy -r a/snap/src-<replaceable>o
 	</listitem>
 
 	<listitem>
-	  <screen>&prompt.root; cd .ssh &amp;&amp; ssh-keygen</screen>
-	</listitem>
-
-	<listitem>
-	  <para>If desired,
-	    edit the <filename>.ssh/config</filename> file for
-	    convenience in using <application>ssh</application>.</para>
-	</listitem>
-
-	<listitem>
 	  <para>If you need to create any tunnels:</para>
 
 	  <procedure>
 	    <step>
 	      <para>Make a private configuration directory:</para>
 
-	      <screen>&prompt.root; mkdir /var/portbuild/conf/<replaceable>arch</replaceable></screen>
+	      <screen>&prompt.root; mkdir /a/portbuild/conf/<replaceable>arch</replaceable></screen>
 	    </step>
 
 	    <step>
@@ -2393,26 +2427,26 @@ zfs destroy -r a/snap/src-<replaceable>o
       </itemizedlist>
 
       <note>
-	<para>Once again as <literal>root</literal>:</para>
+	<para>As <literal>srcbuild</literal>:</para>
       </note>
 
       <itemizedlist>
 	<listitem>
 	  <para>Add <replaceable>arch</replaceable> to <makevar>SUPPORTED_ARCHS</makevar> in
-	    <filename>/var/portbuild/conf/server.conf</filename>.</para>
+	    <filename>/a/portbuild/admin/conf/admin.conf</filename>.</para>
 	</listitem>
 
 	<listitem>
 	  <para>Add the <replaceable>arch</replaceable> directory to
-	    <filename>/var/portbuild/scripts/zbackup</filename> and
-	    <filename>/var/portbuild/scripts/zexpire</filename>.</para>
+	    <filename>/a/portbuild/admin/scripts/zbackup</filename>.
+	    (This is a hack and should go away.)</para>
 	</listitem>
       </itemizedlist>
 
       <itemizedlist>
 	<listitem>
-	  <para>Add an appropriate <replaceable>arch</replaceable> entry for
-	    <filename>/var/portbuild/scripts/dologs</filename> to the portbuild
+	  <para>Enable the appropriate <replaceable>arch</replaceable> entry for
+	    <filename>/a/portbuild/scripts/dologs</filename> to the portbuild
 	    <filename>crontab</filename>.  (This is a hack and should go away.)</para>
 	</listitem>
       </itemizedlist>
@@ -2422,17 +2456,11 @@ zfs destroy -r a/snap/src-<replaceable>o
       <title>Steps necessary after <application>qmanager</application> is started</title>
 
       <note>
-	<para>Again as <literal>root</literal>:</para>
+	<para>Again as <literal>srcbuild</literal>:</para>
       </note>
 
       <itemizedlist>
 	<listitem>
-	  <para>Tell <application>qmanager</application> about the arch:</para>
-
-	  <screen>python <replaceable>path</replaceable>/qmanager/qclient add_acl name=ports-<replaceable>arch</replaceable> uidlist=ports-<replaceable>arch</replaceable> gidlist=portbuild sense=1</screen>
-	</listitem>
-
-	<listitem>
 	  <para>For each branch that will be supported, do the following:</para>
 
 	  <itemizedlist>
@@ -2452,54 +2480,6 @@ zfs destroy -r a/snap/src-<replaceable>o
     <para>Please talk to Mark Linimon before making any changes
       to this section.</para>
 
-    <sect2 id="pointyhat-privsep">
-      <title>Notes on privilege separation</title>
-
-      <para>As of January 2013, a rewrite is in progress to further separate
-	privileges.  The following concepts are introduced:</para>
-
-      <itemizedlist>
-	<listitem>
-	  <para>Server-side user <username>portbuild</username> assumes all
-	    responsiblity for operations involving builds and communicating
-	    with the clients.  This user no longer has access to
-	    <application>sudo</application>.</para>
-	</listitem>
-

*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***