From owner-svn-doc-head@FreeBSD.ORG  Sun Mar 30 02:18:49 2014
Return-Path: <owner-svn-doc-head@FreeBSD.ORG>
Delivered-To: svn-doc-head@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 12C872E0;
 Sun, 30 Mar 2014 02:18:49 +0000 (UTC)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id F1D9A61E;
 Sun, 30 Mar 2014 02:18:48 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2U2Imxw010205;
 Sun, 30 Mar 2014 02:18:48 GMT (envelope-from wblock@svn.freebsd.org)
Received: (from wblock@localhost)
 by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2U2ImCl010204;
 Sun, 30 Mar 2014 02:18:48 GMT (envelope-from wblock@svn.freebsd.org)
Message-Id: <201403300218.s2U2ImCl010204@svn.freebsd.org>
From: Warren Block <wblock@FreeBSD.org>
Date: Sun, 30 Mar 2014 02:18:48 +0000 (UTC)
To: doc-committers@freebsd.org, svn-doc-all@freebsd.org,
 svn-doc-head@freebsd.org
Subject: svn commit: r44385 - head/en_US.ISO8859-1/books/handbook/security
X-SVN-Group: doc-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-doc-head@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: SVN commit messages for the doc tree for head
 <svn-doc-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-doc-head>,
 <mailto:svn-doc-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-doc-head/>
List-Post: <mailto:svn-doc-head@freebsd.org>
List-Help: <mailto:svn-doc-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-doc-head>,
 <mailto:svn-doc-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 30 Mar 2014 02:18:49 -0000

Author: wblock
Date: Sun Mar 30 02:18:48 2014
New Revision: 44385
URL: http://svnweb.freebsd.org/changeset/doc/44385

Log:
  Recover lost <replaceable> tags.

Modified:
  head/en_US.ISO8859-1/books/handbook/security/chapter.xml

Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml
==============================================================================
--- head/en_US.ISO8859-1/books/handbook/security/chapter.xml	Sat Mar 29 22:04:03 2014	(r44384)
+++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml	Sun Mar 30 02:18:48 2014	(r44385)
@@ -195,7 +195,7 @@
 	one is to lock an account, for example, to lock the toor
 	account:</para>
 
-      <screen>&prompt.root; <userinput>pw lock toor</userinput></screen>
+      <screen>&prompt.root; <userinput>pw lock <replaceable>toor</replaceable></userinput></screen>
 
       <para>This command will change the account from this
 	<quote>toor:*:0:0::0:0:Bourne-again Superuser:/root:</quote>
@@ -1284,7 +1284,7 @@ Verifying password - Password: <userinpu
 	created from the command-line of the <acronym>KDC</acronym>
 	itself:</para>
 
-      <screen>&prompt.user; <userinput>kinit tillman</userinput>
+      <screen>&prompt.user; <userinput>kinit <replaceable>tillman</replaceable></userinput>
 tillman@EXAMPLE.ORG's Password:
 
 &prompt.user; <userinput>klist</userinput>
@@ -1912,18 +1912,18 @@ There are quite a few fields but you can
 For some fields there will be a default value,
 If you enter '.', the field will be left blank.
 -----
-Country Name (2 letter code) [AU]:<userinput>US</userinput>
-State or Province Name (full name) [Some-State]:<userinput>PA</userinput>
-Locality Name (eg, city) []:<userinput>Pittsburgh</userinput>
-Organization Name (eg, company) [Internet Widgits Pty Ltd]:<userinput>My Company</userinput>
-Organizational Unit Name (eg, section) []:<userinput>Systems Administrator</userinput>
-Common Name (eg, YOUR name) []:<userinput>localhost.example.org</userinput>
-Email Address []:<userinput>trhodes@FreeBSD.org</userinput>
+Country Name (2 letter code) [AU]:<userinput><replaceable>US</replaceable></userinput>
+State or Province Name (full name) [Some-State]:<userinput><replaceable>PA</replaceable></userinput>
+Locality Name (eg, city) []:<userinput><replaceable>Pittsburgh</replaceable></userinput>
+Organization Name (eg, company) [Internet Widgits Pty Ltd]:<userinput><replaceable>My Company</replaceable></userinput>
+Organizational Unit Name (eg, section) []:<userinput><replaceable>Systems Administrator</replaceable></userinput>
+Common Name (eg, YOUR name) []:<userinput><replaceable>localhost.example.org</replaceable></userinput>
+Email Address []:<userinput><replaceable>trhodes@FreeBSD.org</replaceable></userinput>
 
 Please enter the following 'extra' attributes
 to be sent with your certificate request
-A challenge password []:<userinput>SOME PASSWORD</userinput>
-An optional company name []:<userinput>Another Name</userinput></screen>
+A challenge password []:<userinput><replaceable>SOME PASSWORD</replaceable></userinput>
+An optional company name []:<userinput><replaceable>Another Name</replaceable></userinput></screen>
 
       <para>Notice the response directly after the <quote>Common
 	  Name</quote> prompt shows a domain name.  This prompt
@@ -2013,12 +2013,12 @@ define(`confTLS_SRV_OPTIONS', `V')dnl</p
       <para>For a simple test, connect to the mail server using
 	&man.telnet.1;:</para>
 
-      <screen>&prompt.root; <userinput>telnet example.com 25</userinput>
+      <screen>&prompt.root; <userinput>telnet <replaceable>example.com</replaceable> 25</userinput>
 Trying 192.0.34.166...
 Connected to <systemitem class="fqdomainname">example.com</systemitem>.
 Escape character is '^]'.
 220 <systemitem class="fqdomainname">example.com</systemitem> ESMTP Sendmail 8.12.10/8.12.10; Tue, 31 Aug 2004 03:41:22 -0400 (EDT)
-<userinput>ehlo example.com</userinput>
+<userinput>ehlo <replaceable>example.com</replaceable></userinput>
 250-example.com Hello example.com [192.0.34.166], pleased to meet you
 250-ENHANCEDSTATUSCODES
 250-PIPELINING
@@ -2223,9 +2223,9 @@ device    crypto</screen>
 
 	<screen>&prompt.root; <userinput>ifconfig gif0 create</userinput></screen>
 
-	<screen>&prompt.root; <userinput>ifconfig gif0 internal1 internal2</userinput></screen>
+	<screen>&prompt.root; <userinput>ifconfig gif0 <replaceable>internal1 internal2</replaceable></userinput></screen>
 
-	<screen>&prompt.root; <userinput>ifconfig gif0 tunnel external1 external2</userinput></screen>
+	<screen>&prompt.root; <userinput>ifconfig gif0 tunnel <replaceable>external1 external2</replaceable></userinput></screen>
 
 	<para>In this example, the corporate <acronym>LAN</acronym>'s
 	  external <acronym>IP</acronym> address is <systemitem
@@ -2286,13 +2286,13 @@ round-trip min/avg/max/stddev = 28.106/9
 	  either network.  The following command will achieve this
 	  goal:</para>
 
-	<screen>&prompt.root; <userinput>corp-net# route add 10.0.0.0 10.0.0.5 255.255.255.0</userinput></screen>
+	<screen>&prompt.root; <userinput>corp-net# route add <replaceable>10.0.0.0 10.0.0.5 255.255.255.0</replaceable></userinput></screen>
 
-	<screen>&prompt.root; <userinput>corp-net# route add net 10.0.0.0: gateway 10.0.0.5</userinput></screen>
+	<screen>&prompt.root; <userinput>corp-net# route add net <replaceable>10.0.0.0: gateway 10.0.0.5</replaceable></userinput></screen>
 
-	<screen>&prompt.root; <userinput>priv-net# route add 10.246.38.0 10.246.38.1 255.255.255.0</userinput></screen>
+	<screen>&prompt.root; <userinput>priv-net# route add <replaceable>10.246.38.0 10.246.38.1 255.255.255.0</replaceable></userinput></screen>
 
-	<screen>&prompt.root; <userinput>priv-net# route add host 10.246.38.0: gateway 10.246.38.1</userinput></screen>
+	<screen>&prompt.root; <userinput>priv-net# route add host <replaceable>10.246.38.0: gateway 10.246.38.1</replaceable></userinput></screen>
 
 	<para>At this point, internal machines should be reachable
 	  from each gateway as well as from machines behind the
@@ -2431,7 +2431,7 @@ Foreground mode.
 	  <literal>em0</literal> with the network interface card as
 	  required:</para>
 
-	<screen>&prompt.root; <userinput>tcpdump -i em0 host 172.16.5.4 and dst 192.168.1.12</userinput></screen>
+	<screen>&prompt.root; <userinput>tcpdump -i em0 host <replaceable>172.16.5.4 and dst 192.168.1.12</replaceable></userinput></screen>
 
 	<para>Data similar to the following should appear on the
 	  console.  If not, there is an issue and debugging the
@@ -2533,7 +2533,7 @@ racoon_enable="yes"</programlisting>
 	&man.sshd.8;, specify the username and host to log
 	into:</para>
 
-      <screen>&prompt.root; <userinput>ssh user@example.com</userinput>
+      <screen>&prompt.root; <userinput>ssh <replaceable>user@example.com</replaceable></userinput>
 Host key not found from the list of known hosts.
 Are you sure you want to continue connecting (yes/no)? <userinput>yes</userinput>
 Host 'example.com' added to the list of known hosts.
@@ -2569,7 +2569,7 @@ user@example.com's password: <userinput>
       <para>Use &man.scp.1; to copy a file to or from a remote machine
 	in a secure fashion.</para>
 
-      <screen>&prompt.root; <userinput> scp user@example.com:/COPYRIGHT COPYRIGHT</userinput>
+      <screen>&prompt.root; <userinput>scp <replaceable>user@example.com:/COPYRIGHT COPYRIGHT</replaceable></userinput>
 user@example.com's password: <userinput>*******</userinput>
 COPYRIGHT            100% |*****************************|  4735
 00:00
@@ -2594,7 +2594,7 @@ COPYRIGHT            100% |*************
 	to generate <acronym>DSA</acronym> or <acronym>RSA</acronym>
 	keys to authenticate a user:</para>
 
-      <screen>&prompt.user; <userinput>ssh-keygen -t dsa</userinput>
+      <screen>&prompt.user; <userinput>ssh-keygen -t <replaceable>dsa</replaceable></userinput>
 Generating public/private dsa key pair.
 Enter file in which to save the key (/home/user/.ssh/id_dsa):
 Created directory '/home/user/.ssh'.
@@ -2704,7 +2704,7 @@ Identity added: /home/user/.ssh/id_dsa (
       <para>The following command tells &man.ssh.1; to create a
 	tunnel for &man.telnet.1;:</para>
 
-      <screen>&prompt.user; <userinput>ssh -2 -N -f -L 5023:localhost:23 user@foo.example.com</userinput>
+      <screen>&prompt.user; <userinput>ssh -2 -N -f -L <replaceable>5023:localhost:23 user@foo.example.com</replaceable></userinput>
 &prompt.user;</screen>
 
       <para>This example uses the following options:</para>
@@ -2777,7 +2777,7 @@ Identity added: /home/user/.ssh/id_dsa (
 	<title>Using &man.ssh.1; to Create a Secure Tunnel for
 	  SMTP</title>
 
-	<screen>&prompt.user; <userinput>ssh -2 -N -f -L 5025:localhost:25 user@mailserver.example.com</userinput>
+	<screen>&prompt.user; <userinput>ssh -2 -N -f -L <replaceable>5025:localhost:25 user@mailserver.example.com</replaceable></userinput>
 user@mailserver.example.com's password: <userinput>*****</userinput>
 &prompt.user; <userinput>telnet localhost 5025</userinput>
 Trying 127.0.0.1...
@@ -2803,7 +2803,7 @@ Escape character is '^]'.
 	    <acronym>SSH</acronym> server, and tunnel through to the
 	    mail server.</para>
 
-	  <screen>&prompt.user; <userinput>ssh -2 -N -f -L 2110:mail.example.com:110 user@ssh-server.example.com</userinput>
+	  <screen>&prompt.user; <userinput>ssh -2 -N -f -L <replaceable>2110:mail.example.com:110 user@ssh-server.example.com</replaceable></userinput>
 user@ssh-server.example.com's password: <userinput>******</userinput></screen>
 
 	  <para>Once the tunnel is up and running, point the email
@@ -2827,7 +2827,7 @@ user@ssh-server.example.com's password: 
 	    connection to a machine outside of the network's firewall
 	    and use it to tunnel to the desired service.</para>
 
-	  <screen>&prompt.user; <userinput>ssh -2 -N -f -L 8888:music.example.com:8000 user@unfirewalled-system.example.org</userinput>
+	  <screen>&prompt.user; <userinput>ssh -2 -N -f -L <replaceable>8888:music.example.com:8000 user@unfirewalled-system.example.org</replaceable></userinput>
 user@unfirewalled-system.example.org's password: <userinput>*******</userinput></screen>
 
 	  <para>In this example, a streaming Ogg Vorbis client can now