From owner-p4-projects@FreeBSD.ORG  Thu Jul 24 14:50:47 2008
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 3DABA106567F; Thu, 24 Jul 2008 14:50:47 +0000 (UTC)
Delivered-To: perforce@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id F2F381065670
	for <perforce@freebsd.org>; Thu, 24 Jul 2008 14:50:46 +0000 (UTC)
	(envelope-from remko@freebsd.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id F0FC48FC08
	for <perforce@freebsd.org>; Thu, 24 Jul 2008 14:50:46 +0000 (UTC)
	(envelope-from remko@freebsd.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.2/8.14.2) with ESMTP id m6OEokaG063568
	for <perforce@freebsd.org>; Thu, 24 Jul 2008 14:50:46 GMT
	(envelope-from remko@freebsd.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.14.2/8.14.1/Submit) id m6OEoh0a063562
	for perforce@freebsd.org; Thu, 24 Jul 2008 14:50:43 GMT
	(envelope-from remko@freebsd.org)
Date: Thu, 24 Jul 2008 14:50:43 GMT
Message-Id: <200807241450.m6OEoh0a063562@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	remko@freebsd.org using -f
From: Remko Lodder <remko@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 145813 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jul 2008 14:50:47 -0000

http://perforce.freebsd.org/chv.cgi?CH=145813

Change 145813 by remko@remko_nakur on 2008/07/24 14:50:32

	IFC

Affected files ...

.. //depot/projects/docproj_nl/en_US.ISO8859-1/articles/committers-guide/article.sgml#3 integrate
.. //depot/projects/docproj_nl/en_US.ISO8859-1/articles/contributors/contrib.additional.sgml#3 integrate
.. //depot/projects/docproj_nl/en_US.ISO8859-1/articles/contributors/contrib.committers.sgml#4 integrate
.. //depot/projects/docproj_nl/en_US.ISO8859-1/articles/portbuild/article.sgml#4 integrate
.. //depot/projects/docproj_nl/en_US.ISO8859-1/books/developers-handbook/l10n/chapter.sgml#2 integrate
.. //depot/projects/docproj_nl/en_US.ISO8859-1/books/developers-handbook/secure/chapter.sgml#2 integrate
.. //depot/projects/docproj_nl/en_US.ISO8859-1/books/developers-handbook/tools/chapter.sgml#2 integrate
.. //depot/projects/docproj_nl/en_US.ISO8859-1/books/faq/book.sgml#5 integrate
.. //depot/projects/docproj_nl/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.sgml#2 integrate
.. //depot/projects/docproj_nl/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml#3 integrate
.. //depot/projects/docproj_nl/en_US.ISO8859-1/books/porters-handbook/book.sgml#3 integrate
.. //depot/projects/docproj_nl/en_US.ISO8859-1/share/sgml/authors.ent#4 integrate
.. //depot/projects/docproj_nl/en_US.ISO8859-1/share/sgml/mailing-lists.ent#4 integrate
.. //depot/projects/docproj_nl/share/pgpkeys/glarkin.key#1 branch
.. //depot/projects/docproj_nl/share/pgpkeys/pgollucci.key#1 branch
.. //depot/projects/docproj_nl/share/pgpkeys/pgpkeys-developers.sgml#5 integrate
.. //depot/projects/docproj_nl/share/pgpkeys/pgpkeys.ent#5 integrate
.. //depot/projects/docproj_nl/share/pgpkeys/rnoland.key#1 branch
.. //depot/projects/docproj_nl/share/sgml/mirrors.xml#2 integrate
.. //depot/projects/docproj_nl/www/en/cgi/cvsweb.conf#2 integrate
.. //depot/projects/docproj_nl/www/en/developers.sgml#3 integrate
.. //depot/projects/docproj_nl/www/en/developers/cvs.sgml#2 integrate
.. //depot/projects/docproj_nl/www/en/donations/donors.sgml#3 integrate
.. //depot/projects/docproj_nl/www/share/sgml/news.xml#4 integrate
.. //depot/projects/docproj_nl/www/share/sgml/press.xml#3 integrate

Differences ...

==== //depot/projects/docproj_nl/en_US.ISO8859-1/articles/committers-guide/article.sgml#3 (text+ko) ====

@@ -13,7 +13,7 @@
       </author>
     </authorgroup>
 
-    <pubdate>$FreeBSD: doc/en_US.ISO8859-1/articles/committers-guide/article.sgml,v 1.275 2008/06/20 00:28:50 erwin Exp $</pubdate>
+    <pubdate>$FreeBSD: doc/en_US.ISO8859-1/articles/committers-guide/article.sgml,v 1.276 2008/07/22 17:05:47 remko Exp $</pubdate>
 
     <copyright>
       <year>1999</year>
@@ -107,7 +107,7 @@
 
 	  <row>
 	    <entry><emphasis>Core Team monthly reports</emphasis></entry>
-	    <entry><filename>/home/core/public/monthly-report</filename>
+	    <entry><filename>/home/core/public/monthly-reports</filename>
 	      on the <hostid role="domainname">FreeBSD.org</hostid> cluster.
 	    </entry>
 	  </row>

==== //depot/projects/docproj_nl/en_US.ISO8859-1/articles/contributors/contrib.additional.sgml#3 (text+ko) ====

@@ -1,4 +1,4 @@
-<!-- $FreeBSD: doc/en_US.ISO8859-1/articles/contributors/contrib.additional.sgml,v 1.812 2008/06/19 15:20:07 amdmi3 Exp $ -->
+<!-- $FreeBSD: doc/en_US.ISO8859-1/articles/contributors/contrib.additional.sgml,v 1.814 2008/07/22 15:49:47 vanhu Exp $ -->
 <!--
 	NOTE TO COMMITTERS: Contributors lists are sorted in alphabetical
 	order by first name.
@@ -3294,11 +3294,6 @@
     </listitem>
 
     <listitem>
-      <para>Greg Larkin
-	<email>glarkin@sourcehosting.net</email></para>
-    </listitem>
-
-    <listitem>
       <para>Greg Robinson
 	<email>greg@rosevale.com.au</email></para>
     </listitem>
@@ -9638,11 +9633,6 @@
     </listitem>
 
     <listitem>
-      <para>VANHULLEBUS Yvan
-        <email>vanhu@netasq.com</email></para>
-    </listitem>
-
-    <listitem>
       <para>Vadim Belman
 	<email>voland@catpipe.net</email></para>
     </listitem>

==== //depot/projects/docproj_nl/en_US.ISO8859-1/articles/contributors/contrib.committers.sgml#4 (text+ko) ====

@@ -1,4 +1,4 @@
-<!-- $FreeBSD: doc/en_US.ISO8859-1/articles/contributors/contrib.committers.sgml,v 1.234 2008/07/08 05:40:34 sson Exp $ -->
+<!-- $FreeBSD: doc/en_US.ISO8859-1/articles/contributors/contrib.committers.sgml,v 1.238 2008/07/23 00:39:25 pgollucci Exp $ -->
 <!--
 	NOTE TO NEW COMMITTERS: Core and committers lists are sorted in
 	alphabetical order by last name. Please keep in mind that fact while
@@ -671,7 +671,12 @@
     </listitem>
 
     <listitem>
+      <para>&a.glarkin;</para>
+    </listitem>
+
+    <listitem>
       <para>&a.laszlof;</para>
+    </listitem>
 
     <listitem>
       <para>&a.njl;</para>
@@ -978,6 +983,10 @@
     </listitem>
 
     <listitem>
+      <para>&a.pgollucci;</para>
+    </listitem>
+
+    <listitem>
       <para>&a.hmp;</para>
     </listitem>
 
@@ -1390,6 +1399,10 @@
     </listitem>
 
     <listitem>
+      <para>&a.vanhu;</para>
+    </listitem>
+
+    <listitem>
       <para>&a.jayanth;</para>
     </listitem>
 
@@ -1492,6 +1505,10 @@
     <listitem>
       <para>&a.sephe;</para>
     </listitem>
+
+    <listitem>
+      <para>&a.rnoland;</para>
+    </listitem>
   </itemizedlist>
 
 <!--

==== //depot/projects/docproj_nl/en_US.ISO8859-1/articles/portbuild/article.sgml#4 (text+ko) ====

@@ -11,7 +11,7 @@
       <corpauthor>The &os; Ports Management Team</corpauthor>
     </authorgroup>
 
-    <pubdate>$FreeBSD: doc/en_US.ISO8859-1/articles/portbuild/article.sgml,v 1.29 2008/07/04 13:03:22 pav Exp $</pubdate>
+    <pubdate>$FreeBSD: doc/en_US.ISO8859-1/articles/portbuild/article.sgml,v 1.30 2008/07/23 16:03:16 pav Exp $</pubdate>
 
     <copyright>
       <year>2003</year>
@@ -121,45 +121,28 @@
     <para>Package builds are performed in a
       <literal>chroot</literal> populated by the
       <filename>portbuild</filename> script using the
-      <filename><replaceable>${arch}</replaceable>/<replaceable>${branch}</replaceable>/tarballs/bindist.tar</filename>
-      file.  This tarball is created by the
-      <command>mkbindist</command> script which reads the
-      <filename><replaceable>${arch}</replaceable>/<replaceable>${branch}</replaceable>/mkbindist.conf</filename>
-      file to decide how to create the tarball.</para>
+      <filename><replaceable>${arch}</replaceable>/<replaceable>${branch}</replaceable>/builds/<replaceable>${buildid}</replaceable>/bindist.tar</filename>
+      file.</para>
 
-    <para>The script should be run as <username>root</username>
-      with the following command:</para>
-
-    <screen>/var/portbuild&prompt.root; <userinput>scripts/mkbindist <replaceable>${arch}</replaceable> <replaceable>${branch}</replaceable></userinput></screen>
-
-    <para>If <literal>ftp=1</literal> in
-      <filename>mkbindist.conf</filename> then a pre-built release
-      will be downloaded via FTP from the location specified by
-      ftp://<replaceable>${ftpserver}</replaceable>/<replaceable>${ftpurl}</replaceable>/<replaceable>${rel}</replaceable>.
-      If <literal>ftp=0</literal> and
-      <literal>buildworld=1</literal> then
-      <command>mkbindist</command> will call
-      <command>makeworld</command> to build a new world
-      [<literal>XXX</literal> This is currently broken].</para>
-
-    <para>If both <literal>ftp=0</literal> and
-      <literal>buildworld=0</literal> then
-      <command>mkbindist</command> will use the pre-existing
-      contents of <replaceable>${worlddir}</replaceable> to
-      create <filename>bindist.tar</filename>.  In practice
-      this means that you must have already installed a world
-      in ${worlddir}, which is typically installed with the
-      <command>makeworld</command> script:</para>
-
-    <screen>/var/portbuild&prompt.root; <userinput>scripts/makeworld <replaceable>${arch}</replaceable> <replaceable>${branch}</replaceable> [-nocvs]</userinput></screen>
-
-    <para>This command builds a world from the
+    <para>The following command builds a world from the
       <filename><replaceable>${arch}</replaceable>/<replaceable>${branch}</replaceable>/src</filename>
       tree and installs it into
       <replaceable>${worlddir}</replaceable>.  The tree will
       be updated first unless <literal>-nocvs</literal> is
       specified.</para>
 
+    <screen>/var/portbuild&prompt.root; <userinput>scripts/makeworld <replaceable>${arch}</replaceable> <replaceable>${branch}</replaceable> [-nocvs]</userinput></screen>
+
+    <para>The <filename>bindist.tar</filename> tarball is created from the
+      previously installed world by the <command>mkbindist</command>
+      script.  It should be run as <username>root</username> with the following
+      command:</para>
+
+    <screen>/var/portbuild&prompt.root; <userinput>scripts/mkbindist <replaceable>${arch}</replaceable> <replaceable>${branch}</replaceable> <replaceable>${buildid}</replaceable></userinput></screen>
+
+    <para>The per-machine tarballs are located in
+      <filename><replaceable>${arch}</replaceable>/clients</filename>.</para>
+
     <para>The <filename>bindist.tar</filename> file is extracted
       onto each client at client boot time, and at the start of
       each pass of the <command>dopackages</command>
@@ -170,6 +153,20 @@
   <sect1 id="starting">
     <title>Starting the Build</title>
 
+    <para>Several separate builds for each architecture - branch combination
+      are supported.  All data private to a build (ports tree, src tree,
+      packages, distfiles, log files, bindist, Makefile, etc) are located under
+      <filename><replaceable>${arch}</replaceable>/<replaceable>${branch}</replaceable>/builds/<replaceable>${buildid}</replaceable></filename>.
+      The last created build can be alternatively referenced under buildid
+      <literal>latest</literal>, the one before is called
+      <literal>previous</literal>.</para>
+
+    <para>New builds are cloned from the <literal>latest</literal>, which is
+      fast since it uses ZFS.</para>
+
+    <sect2 id="build-dopackages">
+      <title><command>dopackages</command> scripts</title>
+
     <para>The <filename>scripts/dopackages*</filename> scripts
       are used to perform the builds.  Most useful are:</para>
 
@@ -228,11 +225,19 @@
 
     <itemizedlist>
       <listitem>
+	<para><literal>-keep</literal> - Do not delete this build in the
+	  future, when it would be normally deleted as part of the
+	  <literal>latest</literal> - <literal>previous</literal> cycle.
+	  Don't forget to clean it up manually when you no longer need it.
+	</para>
+      </listitem>
+
+      <listitem>
 	<para><literal>-nofinish</literal> - Do not perform
 	  post-processing once the build is complete.  Useful
 	  if you expect that the build will need to be restarted
-	  once it finishes.  This option should always be used
-	  for normal build operations.
+	  once it finishes.  If you use this option, don't forget to cleanup
+	  the clients when you don't need the build anymore.
 	</para>
       </listitem>
 
@@ -243,6 +248,13 @@
       </listitem>
 
       <listitem>
+	<para><literal>-nocleanup</literal> - By default, when the
+	  <literal>-finish</literal> stage of the build is complete, the build
+	  data will be deleted from the clients.  This option will prevent
+	  that.</para>
+      </listitem>
+
+      <listitem>
 	<para><literal>-restart</literal> - Restart an interrupted
 	  (or non-<literal>finish</literal>ed) build from the
 	  beginning.  Ports that failed on the previous build will
@@ -311,16 +323,30 @@
       </listitem>
 
       <listitem>
-	<para><literal>-nocvs</literal> - Do not
-	  <command>cvs update</command> the
-	  <literal>src</literal> tree during preprocessing.
+	<para><literal>-nosrc</literal> - Do not update the
+	  <literal>src</literal> tree from the ZFS snapshot, keep the tree from
+	  previous build instead.
+	</para>
+      </listitem>
+
+      <listitem>
+	<para><literal>-srccvs</literal> - Do not update the
+	  <literal>src</literal> tree from the ZFS snapshot, update it with
+	  <literal>cvs update</literal> instead.
+	</para>
+      </listitem>
+
+      <listitem>
+	<para><literal>-noports</literal> - Do not update the
+	  <literal>ports</literal> tree from the ZFS snapshot, keep the tree from
+	  previous build instead.
 	</para>
       </listitem>
 
       <listitem>
-	<para><literal>-noportscvs</literal> - Do not
-	  <command>cvs update</command> the
-	  <literal>ports</literal> tree during preprocessing.
+	<para><literal>-portscvs</literal> - Do not update the
+	  <literal>ports</literal> tree from the ZFS snapshot, update it with
+	  <literal>cvs update</literal> instead.
 	</para>
       </listitem>
 
@@ -352,9 +378,13 @@
     </itemizedlist>
 
     <para>If the last build finished cleanly you do not need to delete
-      anything; if it was interrupted you just need to run
-      <literal>dosetupnodes</literal> on all clients for the
-      the relevant branch.  <filename>errors/</filename>,
+      anything.  If it was interrupted, or you selected
+      <literal>-nocleanup</literal>, you need to clean up clients by running
+    </para>
+
+    <para><command>build cleanup <replaceable>${arch}</replaceable> <replaceable>${branch}</replaceable> <replaceable>${buildid}</replaceable> -full</command></para>
+
+    <para><filename>errors/</filename>,
       <filename>logs/</filename>, <filename>packages/</filename>, and so
       forth, are cleaned by the scripts.  If you are short of space,
       you can also clean out <filename>ports/distfiles/</filename>.
@@ -409,13 +439,13 @@
     <example>
       <title>Update the i386-6 tree and do a complete build</title>
 
-      <para><command>dopackages.6 i386 -nocvs -norestr -nofinish</command></para>
+      <para><command>dopackages.6 i386 -nosrc -norestr -nofinish</command></para>
     </example>
 
     <example>
       <title>Restart an interrupted amd64-8 build without updating</title>
 
-      <para><command>dopackages.8 amd64 -nocvs -noportscvs -norestr -continue -noindex -noduds -nofinish</command></para>
+      <para><command>dopackages.8 amd64 -nosrc -noports -norestr -continue -noindex -noduds -nofinish</command></para>
     </example>
 
     <example>
@@ -423,6 +453,53 @@
 
       <para><command>dopackages.7 sparc64 -finish</command></para>
     </example>
+    </sect2>
+
+    <sect2 id="build-command">
+      <title><command>build</command> command</title>
+
+      <para>You may need to manipulate the build data before starting it,
+	especially for experimental builds.  This is done with
+	<command>build</command> command.</para>
+
+      <itemizedlist>
+	<listitem>
+	  <para><literal>build list <replaceable>arch</replaceable>
+	    <replaceable>branch</replaceable></literal> - Shows the current set
+	    of build ids.
+	  </para>
+	</listitem>
+
+	<listitem>
+	  <para><literal>build clone <replaceable>arch</replaceable>
+	    <replaceable>branch</replaceable> <replaceable>oldid</replaceable>
+	    [<replaceable>newid</replaceable>]</literal> - Clones
+	    <replaceable>oldid</replaceable> to
+	    <replaceable>newid</replaceable> (or a datestamp if not specified).
+	  </para>
+	</listitem>
+
+	<listitem>
+	  <para><literal>build srcupdate <replaceable>arch</replaceable>
+	    <replaceable>branch</replaceable>
+	    <replaceable>buildid</replaceable</literal>> - Replaces the src
+	    tree with a new ZFS snapshot.  Don't forget to use
+	    <literal>-nosrc</literal> flag to <command>dopackages</command>
+	    later!
+	  </para>
+	</listitem>
+
+	<listitem>
+	  <para><literal>build portsupdate <replaceable>arch</replaceable>
+	    <replaceable>branch</replaceable></literal> - Replaces the ports
+	    tree with a new ZFS snapshot.  Don't forget to use
+	    <literal>-noports</literal> flag to <command>dopackages</command>
+	    later!
+	  </para>
+	</listitem>
+
+      </itemizedlist>
+    </sect2>
   </sect1>
 
   <sect1 id="anatomy">
@@ -434,14 +511,14 @@
 
     <orderedlist>
       <listitem>
-	<para>A CVS update of the current <literal>ports</literal>
-	  tree [*]
+	<para>An update of the current <literal>ports</literal>
+	  tree from the ZFS snapshot [*]
 	</para>
       </listitem>
 
       <listitem>
-	<para>A CVS update of the running branch's
-	  <literal>src</literal> tree [*]
+	<para>An update of the running branch's
+	  <literal>src</literal> tree from the ZFS snapshot [*]
 	</para>
       </listitem>
 
@@ -537,15 +614,9 @@
      processes, they'll keep going (or respawn) until they've built their
      package.</para>
 
-    <para>To free up resources, you will need to clean up by running
-      <command>dosetupnode</command> on each client machine.  For example,
-      in &man.csh.1;:
-      <screen>&prompt.user; <userinput>cd ~/loads; foreach i (*); /var/portbuild/scripts/dosetupnode i386 6-exp $i -norsync &; done</userinput></screen>
-
-      The <literal>-norsync</literal> says not to bother resyncing the
-      entire build data (ports tree, etc) on any remote machines, and it
-      will just clean up old <literal>chroot</literal>s and then reset the
-      build queue for that machine.</para>
+    <para>To free up resources, you will need to clean up client machines by
+      running <command>build cleanup</command> command.  For example:
+      <screen>&prompt.user; <userinput>/var/portbuild/scripts/build cleanup i386 6-exp 20080714120411 -full</userinput></screen>
 
     <para>If you forget to do this, then the old build
       <literal>chroot</literal>s will not be cleaned up for 24 hours, and no

==== //depot/projects/docproj_nl/en_US.ISO8859-1/books/developers-handbook/l10n/chapter.sgml#2 (text+ko) ====

@@ -1,7 +1,7 @@
 <!--
      The FreeBSD Documentation Project
 
-     $FreeBSD: doc/en_US.ISO8859-1/books/developers-handbook/l10n/chapter.sgml,v 1.10 2007/09/28 16:05:30 chinsan Exp $
+     $FreeBSD: doc/en_US.ISO8859-1/books/developers-handbook/l10n/chapter.sgml,v 1.11 2008/07/22 16:46:34 remko Exp $
 -->
 
   <chapter id="l10n">
@@ -56,20 +56,6 @@
 
 	<para>Perl and Python have I18N and wide character handling
 	  libraries.  Please use them for I18N compliance.</para>
-
-	<para>In older FreeBSD versions,
-	  Perl may give warnings about not having a wide character locale
-	  installed on your system.  You can set the
-	  environment variable <envar>LD_PRELOAD</envar> to
-	  <filename>/usr/lib/libxpg4.so</filename> in your shell.</para>
-
-	<para>In <literal>sh</literal>-based shells:</para>
-
-	<programlisting><envar>LD_PRELOAD=/usr/lib/libxpg4.so</envar></programlisting>
-
-	<para>In <literal>C</literal>-based shells:</para>
-
-	<programlisting><envar>setenv LD_PRELOAD /usr/lib/libxpg4.so</envar></programlisting>
       </sect2>
     </sect1>
 </chapter>

==== //depot/projects/docproj_nl/en_US.ISO8859-1/books/developers-handbook/secure/chapter.sgml#2 (text+ko) ====

@@ -1,7 +1,7 @@
 <!--
      The FreeBSD Documentation Project
 
-     $FreeBSD: doc/en_US.ISO8859-1/books/developers-handbook/secure/chapter.sgml,v 1.28 2007/08/04 08:11:40 remko Exp $
+     $FreeBSD: doc/en_US.ISO8859-1/books/developers-handbook/secure/chapter.sgml,v 1.29 2008/07/23 21:40:57 pgj Exp $
 -->
 
     <chapter id="secure">
@@ -57,13 +57,7 @@
 
       <indexterm><primary>Morris Internet worm</primary></indexterm>
 
-      effective today.  Of the 17 CERT security advisories of 1999, 10
-
-      <indexterm>
-        <primary>CERT</primary><secondary>security advisories</secondary>
-      </indexterm>
-
-      of them were directly caused by buffer-overflow software bugs.
+      effective today.
       By far the most common type of buffer overflow attack is based
       on corrupting the stack.</para>
 
@@ -258,40 +252,32 @@
         <para>Unfortunately there is still a very large assortment of
         code in public use which blindly copies memory around without
         using any of the bounded copy routines we just discussed.
-        Fortunately, there is another solution.  Several compiler
-        add-ons and libraries exist to do Run-time bounds checking in
-        C/C++.</para> 
+        Fortunately, there is a way to help prevent such attacks &mdash;
+        run-time bounds checking, which is implemented by several
+        C/C++ compilers.</para> 
 
+	<indexterm><primary>ProPolice</primary></indexterm> 
 	<indexterm><primary>StackGuard</primary></indexterm> 
 	<indexterm><primary>gcc</primary></indexterm>  
 
-        <para>StackGuard is one such add-on that is implemented as a
-        small patch to the gcc code generator.  From the <ulink
-          url="http://immunix.org/stackguard.html">StackGuard
-          website</ulink>:
+	<para>ProPolice is one such compiler feature, and is integrated
+	  into &man.gcc.1; versions 4.1 and later.  It replaces and
+	  extends the earlier StackGuard &man.gcc.1; extension.</para>
 
-        <blockquote><para>"StackGuard detects and defeats stack
-        smashing attacks by protecting the return address on the stack
-        from being altered.  StackGuard places a "canary" word next to
-        the return address when a function is called.  If the canary
-        word has been altered when the function returns, then a stack
-        smashing attack has been attempted, and the program responds
-        by emitting an intruder alert into syslog, and then
-        halts."</para></blockquote> 
-
-        <blockquote><para>"StackGuard is implemented as a small patch
-        to the gcc code generator, specifically the function_prolog()
-        and function_epilog() routines.  function_prolog() has been
-        enhanced to lay down canaries on the stack when functions
-        start, and function_epilog() checks canary integrity when the
-        function exits.  Any attempt at corrupting the return address
-        is thus detected before the function
-        returns."</para></blockquote>
-        </para>
+	<para>ProPolice helps to protect against stack-based buffer
+	  overflows and other attacks by laying pseudo-random numbers in
+	  key areas of the stack before calling any function.  When a
+	  function returns, these <quote>canaries</quote> are checked
+	  and if they are found to have been changed the executable is
+	  immediately aborted.  Thus any attempt to modify the return
+	  address or other variable stored on the stack in an attempt to
+	  get malicious code to run is unlikely to succeed, as the
+	  attacker would have to also manage to leave the pseudo-random
+	  canaries untouched.</para>
 
         <indexterm><primary>buffer overflow</primary></indexterm>
 
-        <para>Recompiling your application with StackGuard is an
+        <para>Recompiling your application with ProPolice is an
         effective means of stopping most buffer-overflow attacks, but
         it can still be compromised.</para>
 
@@ -378,7 +364,8 @@
       should also be noted that a process can easily break out of a
       chroot environment if it has root privilege.  This could be
       accomplished by creating device nodes to read kernel memory,
-      attaching a debugger to a process outside of the jail, or in
+      attaching a debugger to a process outside of the &man.chroot.8;
+      environment, or in
       many other creative ways.</para>
       
       <para>The behavior of the <function>chroot()</function> system

==== //depot/projects/docproj_nl/en_US.ISO8859-1/books/developers-handbook/tools/chapter.sgml#2 (text+ko) ====

@@ -1,7 +1,7 @@
 <!--
      The FreeBSD Documentation Project
 
-     $FreeBSD: doc/en_US.ISO8859-1/books/developers-handbook/tools/chapter.sgml,v 1.48 2008/02/03 18:26:28 brueffer Exp $
+     $FreeBSD: doc/en_US.ISO8859-1/books/developers-handbook/tools/chapter.sgml,v 1.49 2008/07/23 20:39:55 pgj Exp $
 -->
 
 <chapter id="tools">
@@ -138,10 +138,10 @@
 
 	    <para>The Bywater Basic Interpreter can be found in the
 	      Ports Collection as
-	      <filename role="package">lang/bwbasic</filename>
+	      <filename role="port">lang/bwbasic</filename>
 	      and the Phil Cockroft's Basic Interpreter
 	      (formerly Rabbit Basic) is available as
-	      <filename role="package">lang/pbasic</filename>.</para>
+	      <filename role="port">lang/pbasic</filename>.</para>
 	  </listitem>
 	</varlistentry>
 
@@ -163,14 +163,14 @@
 	    <para>Various implementations of Lisp that can run on &unix;
 	      systems are available in the Ports Collection for &os;.
 	      GNU Common Lisp can be found as
-	      <filename role="package">lang/gcl</filename>.  CLISP
+	      <filename role="port">lang/gcl</filename>.  CLISP
 	      by Bruno Haible and Michael Stoll is available as
-	      <filename role="package">lang/clisp</filename>.
+	      <filename role="port">lang/clisp</filename>.
 	      For CMUCL, which includes a highly-optimizing compiler too, or
 	      simpler Lisp implementations like SLisp, which implements most
 	      of the Common Lisp constructs in a few hundred lines of C code,
-	      <filename role="package">lang/cmucl</filename> and
-	      <filename role="package">lang/slisp</filename> are available
+	      <filename role="port">lang/cmucl</filename> and
+	      <filename role="port">lang/slisp</filename> are available
 	      respectively.</para>
 	  </listitem>
 	</varlistentry>
@@ -184,7 +184,7 @@
 	      writing <acronym>CGI</acronym> scripts.</para>
 
 	    <para>Perl is available in the Ports Collection as 
-	      <filename role="package">lang/perl5</filename> for all
+	      <filename role="port">lang/perl5</filename> for all
 	      &os; releases, and is installed as <command>/usr/bin/perl</command>
 	      in the base system 4.X releases.</para>
 	  </listitem>
@@ -201,12 +201,12 @@
 	      abstraction to be used in research work.</para>
 
 	    <para>Scheme is available from the Ports Collection as
-	      <filename role="package">lang/elk</filename> for the
+	      <filename role="port">lang/elk</filename> for the
 		Elk Scheme Interpreter.  The MIT Scheme Interpreter
 		can be found in
-		<filename role="package">lang/mit-scheme</filename>
+		<filename role="port">lang/mit-scheme</filename>
 		and the SCM Scheme Interpreter in
-		<filename role="package">lang/scm</filename>.</para>
+		<filename role="port">lang/scm</filename>.</para>
 	  </listitem>
 	</varlistentry>
 
@@ -218,7 +218,7 @@
 	      facilities for processing strings and structures.
 	      The version of Icon for &os; can be found in the
 	      Ports Collection as
-	      <filename role="package">lang/icon</filename>.</para>
+	      <filename role="port">lang/icon</filename>.</para>
 	  </listitem>
 	</varlistentry>
 
@@ -235,7 +235,7 @@
 
 	    <para>The latest version of Logo for &os; is available from
 	      the Ports Collection in
-	      <filename role="package">lang/logo</filename>.</para>
+	      <filename role="port">lang/logo</filename>.</para>
 	  </listitem>
 	</varlistentry>
 
@@ -253,7 +253,7 @@
 
 	    <para>The latest version of Python is available from the
 	      Ports Collection in
-	      <filename role="package">lang/python</filename>.</para>
+	      <filename role="port">lang/python</filename>.</para>
 	  </listitem>
 	</varlistentry>
 
@@ -268,7 +268,7 @@
 	      programs.</para>
 
 	    <para>Ruby is available from the Ports Collection as
-	      <filename role="package">lang/ruby18</filename>.</para> 
+	      <filename role="port">lang/ruby18</filename>.</para> 
 	  </listitem>
 	</varlistentry>
 
@@ -285,7 +285,7 @@
 
 	    <para>Various versions of Tcl are available as ports 
 	      for &os;.  The latest version, Tcl 8.4, can be found in
-	      <filename role="package">lang/tcl84</filename>.</para>
+	      <filename role="port">lang/tcl84</filename>.</para>
 	  </listitem>
 	</varlistentry>
       </variablelist>
@@ -327,16 +327,16 @@
 	language to start with.  FreeBSD does not include Pascal
 	support in the base system, but both GNU Pascal Compiler (GPC)
 	and the Free Pascal Compiler
-	are available in the ports collection as
-	<filename role="package">lang/gpc</filename> and
-	<filename role="package">lang/fpc</filename>.</para>
+	are available in the Ports Collection as
+	<filename role="port">lang/gpc</filename> and
+	<filename role="port">lang/fpc</filename>.</para>
 
       <para>As the edit-compile-run-debug cycle is rather tedious when
 	using separate programs, many commercial compiler makers have
 	produced Integrated Development Environments
 	(<acronym>IDE</acronym>s for short).  FreeBSD does not include
-	an IDE in the base system, but <filename role="package">devel/kdevelop</filename> is
-	available in the ports tree and many use
+	an IDE in the base system, but <filename role="port">devel/kdevelop</filename> is
+	available in the Ports Collection and many use
 	<application>Emacs</application> for this purpose.  Using
 	<application>Emacs</application> as an IDE is discussed in
 	<xref linkend="emacs">.</para>
@@ -1410,7 +1410,7 @@
 
       <screen>&prompt.user; <userinput>gdb <replaceable>progname</replaceable></userinput></screen>
 
-      <para>although most people prefer to run it inside
+      <para>although many people prefer to run it inside
 	<application>Emacs</application>.  You can do this by:</para>
 
       <screen><userinput>M-x gdb RET <replaceable>progname</replaceable> RET</userinput></screen>
@@ -1430,9 +1430,9 @@
 	on a few of the basic commands.</para>
 
       <para>Finally, if you find its text-based command-prompt style
-	off-putting, there is a graphical front-end for it (<ulink
-	  url="&url.base;/ports/devel.html">xxgdb</ulink>) in the ports
-	collection.</para>
+	off-putting, there is a graphical front-end for it
+	(<filename role="port">devel/xxgdb</filename>) in the Ports
+	Collection.</para>
 
       <para>This section is intended to be an introduction to using
 	<command>gdb</command> and does not cover specialized topics
@@ -1456,8 +1456,9 @@
 
       <para>At the <command>gdb</command> prompt, type
 	<userinput>break main</userinput>.  This will tell the
-	debugger to skip over the preliminary set-up code in the
-	program and start at the beginning of your code.  Now type
+	debugger that you are not interested in watching the
+	preliminary set-up code in the program being run, and that it
+	should stop execution at the beginning of your code.  Now type
 	<userinput>run</userinput> to start the program&mdash;it will
 	start at the beginning of the set-up code and then get stopped
 	by the debugger when it calls <function>main()</function>.
@@ -1681,7 +1682,7 @@
 
 	<footnote>
 	  <para>Some powerful, free IDEs now exist, such as KDevelop
-	    in the ports collection.</para>
+	    in the Ports Collection.</para>
 	</footnote>
 
 	However, it is possible to set up your own environment.  It
@@ -1757,9 +1758,9 @@
 
       <para>And doubtless many more that I have overlooked.</para>
 
-      <para>Emacs can be installed on FreeBSD using <ulink
-	  url="&url.base;/ports/editors.html">the Emacs
-	  port</ulink>.</para>
+      <para>Emacs can be installed on &os; using
+	the <filename role="port">editors/emacs</filename>
+	port.</para>
 
       <para>Once it is installed, start it up and do <userinput>C-h
 	  t</userinput> to read an Emacs tutorial&mdash;that means
@@ -2234,7 +2235,7 @@
       <screen>&prompt.user; <userinput>find /usr/ports/lang/whizbang -name "*.el" -print</userinput></screen>
 
       <para>and install them by copying them into the Emacs site Lisp
-	directory.  On FreeBSD 2.1.0-RELEASE, this is
+	directory.  On &os;, this is
 	<filename>/usr/local/share/emacs/site-lisp</filename>.</para>
 
       <para>So for example, if the output from the find command

==== //depot/projects/docproj_nl/en_US.ISO8859-1/books/faq/book.sgml#5 (text+ko) ====

@@ -6,11 +6,13 @@
 
 <book>
   <bookinfo>
-    <title>Frequently Asked Questions for &os; 6.<replaceable>X</replaceable> and 7.<replaceable>X</replaceable></title>
+    <title>Frequently Asked Questions for &os;
+      6.<replaceable>X</replaceable> and
+      7.<replaceable>X</replaceable></title>
 
     <corpauthor>The &os; Documentation Project</corpauthor>
 
-    <pubdate>$FreeBSD: doc/en_US.ISO8859-1/books/faq/book.sgml,v 1.1073 2008/07/14 00:11:44 pgj Exp $</pubdate>
+    <pubdate>$FreeBSD: doc/en_US.ISO8859-1/books/faq/book.sgml,v 1.1077 2008/07/23 21:32:46 pgj Exp $</pubdate>
 
     <copyright>
       <year>1995</year>
@@ -57,27 +59,30 @@
     </legalnotice>
 
     <abstract>
-      <para>This is the FAQ for &os; versions 6.<replaceable>X</replaceable> and 7.<replaceable>X</replaceable>.
-        All entries are assumed to be relevant to &os; 6.<replaceable>X</replaceable> and
-        later, unless otherwise noted.  If you are interested in
-        helping with this project, send email to the &a.doc;.  The
-        latest version of this document is always available from the
-        <ulink
-        url="http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/faq/index.html">&os;
-        World Wide Web server</ulink>. It may also be downloaded as
-        one large <ulink url="book.html">HTML</ulink> file with HTTP
-        or as plain text, &postscript;, PDF, etc. from the <ulink
-        url="ftp://ftp.FreeBSD.org/pub/FreeBSD/doc/">&os; FTP
-        server</ulink>. You may also want to <ulink
-        url="&url.base;/search/index.html">Search the
-        FAQ</ulink>.</para>
+      <para>This is the FAQ for &os; versions
+	6.<replaceable>X</replaceable> and
+	7.<replaceable>X</replaceable>.  All entries are assumed to be
+	relevant to &os; 6.<replaceable>X</replaceable> and later,
+	unless otherwise noted.  If you are interested in helping with
+	this project, send email to the &a.doc;.  The latest version of
+	this document is always available from the <ulink
+	  url="http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/faq/index.html">&os; World Wide Web server</ulink>.
+	It may also be downloaded as one large <ulink
+	  url="book.html">HTML</ulink> file with HTTP or as plain text,
+	&postscript;, PDF, etc. from the <ulink
+	  url="ftp://ftp.FreeBSD.org/pub/FreeBSD/doc/">&os; FTP
+	server</ulink>.  You may also want to <ulink
+	  url="&url.base;/search/index.html">Search the FAQ</ulink>.
+	</para>
     </abstract>
   </bookinfo>
 
   <chapter id="introduction">
     <title>Introduction</title>
 
-    <para>Welcome to the &os; 6.<replaceable>X</replaceable>-7.<replaceable>X</replaceable> FAQ!</para>
+    <para>Welcome to the &os;
+      6.<replaceable>X</replaceable>-7.<replaceable>X</replaceable>
+      FAQ!</para>
 
     <para>As is usual with Usenet FAQs, this document aims to cover the
       most frequently asked questions concerning the &os; operating
@@ -87,632 +92,644 @@
       information resources.</para>
 
     <para>Every effort has been made to make this FAQ as informative as
-      possible; if you have any suggestions as to how it may be improved,
-      please feel free to mail them to the &a.doc;.</para>
+      possible; if you have any suggestions as to how it may be
+      improved, please feel free to mail them to the &a.doc;.</para>
 
     <qandaset>
       <qandaentry>
-        <question id="what-is-FreeBSD">
-          <para>What is &os;?</para>
-        </question>
+	<question id="what-is-FreeBSD">
+	  <para>What is &os;?</para>
+	</question>
 
-        <answer>
-         <para>Briefly, &os; is a &unix;&nbsp;like operating system for
-           AMD64 and &intel; EM64T, &i386; PC-98, IA-64, &arm;, &powerpc;
-           and &ultrasparc; platforms
-           based on U.C. Berkeley's <quote>4.4BSD-Lite</quote>
-           release, with some <quote>4.4BSD-Lite2</quote>
-           enhancements.  It is also based indirectly on William
-           Jolitz's port of U.C.  Berkeley's <quote>Net/2</quote> to
-           the &i386;, known as <quote>386BSD</quote>, though very
-           little of the 386BSD code remains.  A fuller description of
-           what &os; is and how it can work for you may be found on
-           the <ulink url="&url.base;/index.html">&os; home
-           page</ulink>.</para>
+	<answer>
+	  <para>Briefly, &os; is a &unix;&nbsp;like operating system for
+	    AMD64 and &intel; EM64T, &i386; PC-98, IA-64, &arm;,
+	    &powerpc; and &ultrasparc; platforms based on U.C.
+	    Berkeley's <quote>4.4BSD-Lite</quote> release, with some
+	    <quote>4.4BSD-Lite2</quote> enhancements.  It is also based
+	    indirectly on William Jolitz's port of U.C. Berkeley's
+	    <quote>Net/2</quote> to the &i386;, known as
+	    <quote>386BSD</quote>, though very little of the 386BSD code
+	    remains.  A fuller description of what &os; is and how it
+	    can work for you may be found on the <ulink
+	      url="&url.base;/index.html">&os; home page</ulink>.
+	    </para>
 
-         <para>&os; is used by companies, Internet Service Providers,
-           researchers, computer professionals, students and home users
-           all over the world in their work, education and recreation.</para>
+	  <para>&os; is used by companies, Internet Service Providers,
+	    researchers, computer professionals, students and home users
+	    all over the world in their work, education and
+	    recreation.</para>
 
-         <para>For more detailed information on &os;, please see the
-           <ulink url="&url.books.handbook;/index.html">&os;
-           Handbook</ulink>.</para>
-       </answer>
+	  <para>For more detailed information on &os;, please see the
+	    <ulink
+	      url="&url.books.handbook;/index.html">&os; Handbook</ulink>.
+	    </para>
+	</answer>
       </qandaentry>
 
       <qandaentry>
-        <question id="FreeBSD-goals">
-          <para>What is the goal of the &os; Project?</para>
-        </question>
+	<question id="FreeBSD-goals">
+	  <para>What is the goal of the &os; Project?</para>
+	</question>
 
-        <answer>
-          <para>The goal of the &os; Project is to provide software
-            that may be used for any purpose and without strings attached.
-            Many of us have a significant investment in the code (and
-            project) and would certainly not mind a little financial
-            compensation now and then, but we definitely do not
-            insist on it.  We believe that our first and foremost
-            <quote>mission</quote> is to provide code to any and all
-            comers, and for whatever purpose, so that the code gets the
-            widest possible use and provides the widest possible benefit.
-            This is, we believe, one of the most fundamental goals of Free
-            Software and one that we enthusiastically support.</para>
+	<answer>
+	  <para>The goal of the &os; Project is to provide software that
+	    may be used for any purpose and without strings attached.
+	    Many of us have a significant investment in the code (and
+	    project) and would certainly not mind a little financial
+	    compensation now and then, but we definitely do not insist
+	    on it.  We believe that our first and foremost
+	    <quote>mission</quote> is to provide code to any and all
+	    comers, and for whatever purpose, so that the code gets the
+	    widest possible use and provides the widest possible
+	    benefit.  This is, we believe, one of the most fundamental
+	    goals of Free Software and one that we enthusiastically
+	    support.</para>
 
-          <para>That code in our source tree which falls under the
-            <ulink url="http://www.FreeBSD.org/copyright/COPYING">GNU
-            General Public License (GPL)</ulink> or <ulink
-            url="http://www.FreeBSD.org/copyright/COPYING.LIB">GNU
-            Library General Public License (LGPL)</ulink> comes with
-            slightly more strings attached, though at least on the
-            side of enforced access rather than the usual opposite.
-            Due to the additional complexities that can evolve in the
-            commercial use of GPL software, we do, however, endeavor
-            to replace such software with submissions under the more
-            relaxed <ulink
-            url="http://www.FreeBSD.org/copyright/freebsd-license.html">
-            &os; license</ulink> whenever possible.</para>
-        </answer>
+	  <para>That code in our source tree which falls under the
+	    <ulink
+	      url="http://www.FreeBSD.org/copyright/COPYING">GNU General Public License (GPL)</ulink>
+	    or <ulink
+	      url="http://www.FreeBSD.org/copyright/COPYING.LIB">GNU Library General Public License (LGPL)</ulink>
+	    comes with slightly more strings attached, though at least
+	    on the side of enforced access rather than the usual
+	    opposite.  Due to the additional complexities that can
+	    evolve in the commercial use of GPL software, we do,
+	    however, endeavor to replace such software with submissions
+	    under the more relaxed <ulink
+	      url="http://www.FreeBSD.org/copyright/freebsd-license.html">&os; license</ulink>
+	    whenever possible.</para>
+	</answer>
       </qandaentry>
 
       <qandaentry>
-        <question id="bsd-license-restrictions">
-          <para>Does the &os; license have any restrictions?</para>
-        </question>
+	<question id="bsd-license-restrictions">
+	  <para>Does the &os; license have any restrictions?</para>
+	</question>
 
-        <answer>
-          <para>Yes.  Those restrictions do not control how you use
-            the code, merely how you treat the &os; Project itself.
-            If you have serious license concerns, read the actual
-            <ulink
-            url="http://www.FreeBSD.org/copyright/freebsd-license.html">
-            license</ulink>.  For the simply curious, the license can
-            be summarized like this.</para>
+	<answer>
+	  <para>Yes.  Those restrictions do not control how you use the
+	    code, merely how you treat the &os; Project itself.  If you
+	    have serious license concerns, read the actual <ulink
+	      url="http://www.FreeBSD.org/copyright/freebsd-license.html">license</ulink>.
+	    For the simply curious, the license can be summarized like
+	    this.</para>
 
-          <itemizedlist>
-            <listitem>
-              <para>Do not claim that you wrote this.</para>
-            </listitem>
+	  <itemizedlist>
+	    <listitem>
+	      <para>Do not claim that you wrote this.</para>
+	    </listitem>
 
-            <listitem>
-              <para>Do not sue us if it breaks.</para>
-            </listitem>
-          </itemizedlist>
-        </answer>
+	    <listitem>
+	      <para>Do not sue us if it breaks.</para>
+	    </listitem>
+	  </itemizedlist>
+	</answer>

>>> TRUNCATED FOR MAIL (1000 lines) <<<