Date: Tue, 4 Feb 2014 17:15:33 +0000 (UTC) From: Dru Lavigne <dru@FreeBSD.org> To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r43765 - head/en_US.ISO8859-1/articles/linux-users Message-ID: <201402041715.s14HFXGD065714@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: dru Date: Tue Feb 4 17:15:33 2014 New Revision: 43765 URL: http://svnweb.freebsd.org/changeset/doc/43765 Log: First pass through next 1/3 of this article. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/articles/linux-users/article.xml Modified: head/en_US.ISO8859-1/articles/linux-users/article.xml ============================================================================== --- head/en_US.ISO8859-1/articles/linux-users/article.xml Tue Feb 4 16:45:39 2014 (r43764) +++ head/en_US.ISO8859-1/articles/linux-users/article.xml Tue Feb 4 17:15:33 2014 (r43765) @@ -48,7 +48,7 @@ </sect1> <sect1 xml:id="shells"> - <title>Shells: No Bash?</title> + <title>Default Shell</title> <para>&linux; users are often surprised to find that <application>Bash</application> is not the default shell in &os;. @@ -160,13 +160,13 @@ </sect1> <sect1 xml:id="startup"> - <title>System Startup: Where are the run-levels?</title> + <title>System Startup</title> - <para>&linux; uses the SysV init system, whereas &os; uses the - traditional BSD-style &man.init.8;. Under the BSD-style &man.init.8; - there are no run-levels and no <filename>/etc/inittab</filename>, - instead startup is controlled by the &man.rc.8; utility. The - <filename>/etc/rc</filename> script reads + <para>Many &linux; distributions use the SysV init system, whereas &os; uses the + traditional BSD-style &man.init.8;. Under the BSD-style &man.init.8;, + there are no run-levels and <filename>/etc/inittab</filename> does not exist. + Instead, startup is controlled by &man.rc.8; scripts. At system boot, + <filename>/etc/rc</filename> reads <filename>/etc/defaults/rc.conf</filename> and <filename>/etc/rc.conf</filename> to determine which services are to be started. The specified services are then started by running the @@ -176,73 +176,63 @@ the scripts located in <filename>/etc/init.d/</filename> on &linux; systems.</para> - <sidebar> - <para><emphasis>Why are there two locations for service initialization - scripts?</emphasis> The scripts found in + <para>The scripts found in <filename>/etc/rc.d/</filename> are for applications that are part of - the <quote>base</quote> system. (&man.cron.8;, &man.sshd.8;, - &man.syslog.3;, and others.) The scripts in + the <quote>base</quote> system, such as &man.cron.8;, &man.sshd.8;, and + &man.syslog.3;. The scripts in <filename>/usr/local/etc/rc.d/</filename> are for user-installed - applications such as <application>Apache</application>, - <application>Squid</application>, etc.</para> + applications such as <application>Apache</application> and + <application>Squid</application>.</para> - <para><emphasis>What is the difference between the <quote>base</quote> - system and user-installed applications?</emphasis> FreeBSD is - developed as a complete operating system. In other words, the - kernel, system libraries, and userland utilities (such as &man.ls.1;, - &man.cat.1;, &man.cp.1;, etc.) are developed and released together as - one. This is what is referred to as the <quote>base</quote> system. - The user-installed applications are applications that are not part of - the <quote>base</quote> system, such as - <application>Apache</application>, <application>X11</application>, - <application>Mozilla Firefox</application>, etc. These - user-installed applications are generally installed using &os;'s <link xlink:href="article.html#SOFTWARE">Packages and Ports Collection</link>. + <para>Since &os; is + developed as a complete operating system, + user-installed applications are not considered to be part of + the <quote>base</quote> system. + User-installed applications are generally installed using <link + xlink:href="&url.base;/doc/en_US.ISO8859-1/books/handbook/ports-using.html">Packages or Ports</link>. In order to keep them separate from the <quote>base</quote> system, - user-installed applications are normally installed under - <filename>/usr/local/</filename>. Therefore the user-installed + user-installed applications are installed under + <filename>/usr/local/</filename>. Therefore, user-installed binaries reside in <filename>/usr/local/bin/</filename>, configuration files are in <filename>/usr/local/etc/</filename>, and so on.</para> - </sidebar> - <para>Services are enabled by specifying - <literal>ServiceName_enable="YES"</literal> in - <filename>/etc/rc.conf</filename> (&man.rc.conf.5;). Take a look at - <filename>/etc/defaults/rc.conf</filename> for the system defaults, + <para>Services are enabled by adding an entry for the service in + <filename>/etc/rc.conf</filename> . The system defaults are found in + <filename>/etc/defaults/rc.conf</filename> and these default settings are overridden by settings in - <filename>/etc/rc.conf</filename>. Also, when installing additional - applications be sure to review the documentation to determine how to + <filename>/etc/rc.conf</filename>. Refer to &man.rc.conf.5; for + more information about the available entries. When installing additional + applications, review the application's install message to determine how to enable any associated services.</para> - <para>The following snippet from <filename>/etc/rc.conf</filename> enables - &man.sshd.8; and <application>Apache 2.2</application>. It also - specifies that <application>Apache</application> should be started - with SSL.</para> + <para>The following entries in <filename>/etc/rc.conf</filename> enable + &man.sshd.8;, enable <application>Apache 2.4</application>, and + specify that <application>Apache</application> should be started + with <acronym>SSL</acronym>.</para> <programlisting># enable SSHD sshd_enable="YES" # enable Apache with SSL -apache22_enable="YES" -apache22_flags="-DSSL"</programlisting> +apache24_enable="YES" +apache24_flags="-DSSL"</programlisting> <para>Once a service has been enabled in <filename>/etc/rc.conf</filename>, - the service can be started from the command line (without rebooting the - system):</para> + it can be started without rebooting the + system:</para> - <screen>&prompt.root; <userinput>/etc/rc.d/sshd start</userinput></screen> + <screen>&prompt.root; <userinput>service sshd start</userinput> + &prompt.root; <userinput>service apache24 start</userinput></screen> - <para>If a service has not been enabled it can be started from the - command line using <option>forcestart</option>:</para> + <para>If a service has not been enabled, it can be started from the + command line using <option>onestart</option>:</para> - <screen>&prompt.root; <userinput>/etc/rc.d/sshd forcestart</userinput></screen> + <screen>&prompt.root; <userinput>service sshd onestart</userinput></screen> </sect1> <sect1 xml:id="network"> <title>Network configuration</title> - <sect2 xml:id="interfaces"> - <title>Network Interfaces</title> - <para>Instead of a generic <emphasis>ethX</emphasis> identifier that &linux; uses to identify a network interface, &os; uses the driver name followed by a number as the identifier. The following output @@ -262,75 +252,67 @@ em1: flags=8843<UP,BROADCAST,RUNNING, ether 00:50:56:a7:03:2b media: Ethernet autoselect (1000baseTX <full-duplex>) status: active</screen> - </sect2> - <sect2 xml:id="ipaddress"> - <title>IP Configuration</title> - - <para>An IP address can be assigned to an interface using - &man.ifconfig.8;. However, to remain persistent across reboots the - IP configuration must be included in + <para>An <acronym>IP</acronym> address can be assigned to an interface using + &man.ifconfig.8;. To remain persistent across reboots, the + <acronym>IP</acronym> configuration must be included in <filename>/etc/rc.conf</filename>. The following example - specifies the hostname, IP address, and default gateway:</para> + specifies the hostname, <acronym>IP</acronym> address, and default gateway:</para> <programlisting>hostname="server1.example.com" -ifconfig_em0="inet 10.10.10.100 netmask 255.255.255.0" +ifconfig_em0="inet 10.10.10.100 netmask 255.255.255.0" defaultrouter="10.10.10.1"</programlisting> - <para>Use the following to configure an interface for DHCP:</para> + <para>Use the following to instead configure an interface for <acronym>DHCP</acronym>:</para> <programlisting>hostname="server1.example.com" ifconfig_em0="DHCP"</programlisting> - - </sect2> </sect1> <sect1 xml:id="firewall"> <title>Firewall</title> - <para>Like <application>IPTABLES</application> in &linux;, &os; also offers - a kernel level firewall; actually &os; offers three firewalls:</para> + <para>&os; does not use &linux; <application>IPTABLES</application> for its firewall. Instead, &os; offers + a choice of three kernel level firewalls:</para> <itemizedlist> - <listitem><simpara><link xlink:href="&url.base;/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html">IPFIREWALL</link></simpara></listitem> - <listitem><simpara><link xlink:href="&url.base;/doc/en_US.ISO8859-1/books/handbook/firewalls-ipf.html">IPFILTER</link></simpara></listitem> <listitem><simpara><link xlink:href="&url.base;/doc/en_US.ISO8859-1/books/handbook/firewalls-pf.html">PF</link></simpara></listitem> + <listitem><simpara><link xlink:href="&url.base;/doc/en_US.ISO8859-1/books/handbook/firewalls-ipf.html">IPFILTER</link></simpara></listitem> + <listitem><simpara><link xlink:href="&url.base;/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html">IPFW</link></simpara></listitem> </itemizedlist> - <para><application>IPFIREWALL</application> or - <application>IPFW</application> (the command to manage an - <application>IPFW</application> ruleset is &man.ipfw.8;) is the - firewall developed and maintained by the &os; developers. - <application>IPFW</application> can be paired with &man.dummynet.4; to - provide traffic shaping capabilities and simulate different types of - network connections.</para> + <para><application>PF</application> is + developed by the OpenBSD project and ported to &os;. <application>PF</application> was + created as a replacement for <application>IPFILTER</application> and + its syntax is similar to that of + <application>IPFILTER</application>. <application>PF</application> can + be paired with &man.altq.4; to provide <acronym>QoS</acronym> features.</para> - <para>Sample <application>IPFW</application> rule to allow - <application>SSH</application> in:</para> + <para>This sample <application>PF</application> entry allows inbound + <application>SSH</application>:</para> - <programlisting>ipfw add allow tcp from any to me 22 in via $ext_if</programlisting> + <programlisting>pass in on $ext_if inet proto tcp from any to ($ext_if) port 22</programlisting> - <para><application>IPFILTER</application> is the firewall application - developed by Darren Reed. It is not specific to &os;, and has been + <para><application>IPFILTER</application> is the firewall application + developed by Darren Reed. It is not specific to &os; and has been ported to several operating systems including NetBSD, OpenBSD, SunOS, HP/UX, and Solaris.</para> - <para>Sample <application>IPFILTER</application> command to allow - <application>SSH</application> in:</para> + <para>The <application>IPFILTER</application> syntax to allow inbound + <application>SSH</application> is:</para> <programlisting>pass in on $ext_if proto tcp from any to any port = 22</programlisting> + + <para><application>IPFW</application> is the + firewall developed and maintained by &os;. + It can be paired with &man.dummynet.4; to + provide traffic shaping capabilities and simulate different types of + network connections.</para> - <para>The last firewall application, <application>PF</application>, is - developed by the OpenBSD project. <application>PF</application> was - created as a replacement for <application>IPFILTER</application>. As - such, the <application>PF</application> syntax is very similar to that of - <application>IPFILTER</application>. <application>PF</application> can - be paired with &man.altq.4; to provide QoS features.</para> - - <para>Sample <application>PF</application> command to allow - <application>SSH</application> in:</para> + <para>The <application>IPFW</application> syntax to allow inbound + <application>SSH</application> would be:</para> - <programlisting>pass in on $ext_if inet proto tcp from any to ($ext_if) port 22</programlisting> + <programlisting>ipfw add allow tcp from any to me 22 in via $ext_if</programlisting> </sect1> <sect1 xml:id="updates">
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201402041715.s14HFXGD065714>