From owner-svn-doc-head@FreeBSD.ORG Wed Apr 9 15:54:46 2014 Return-Path: Delivered-To: svn-doc-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8BE73B1; Wed, 9 Apr 2014 15:54:46 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5937D19D6; Wed, 9 Apr 2014 15:54:46 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s39FskEU008961; Wed, 9 Apr 2014 15:54:46 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s39FskoO008960; Wed, 9 Apr 2014 15:54:46 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201404091554.s39FskoO008960@svn.freebsd.org> From: Dru Lavigne Date: Wed, 9 Apr 2014 15:54:46 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44507 - head/en_US.ISO8859-1/books/handbook/disks X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-head@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: SVN commit messages for the doc tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 15:54:46 -0000 Author: dru Date: Wed Apr 9 15:54:45 2014 New Revision: 44507 URL: http://svnweb.freebsd.org/changeset/doc/44507 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 9 15:41:54 2014 (r44506) +++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Wed Apr 9 15:54:45 2014 (r44507) @@ -2420,13 +2420,11 @@ Filesystem 1K-blocks Used Avail Capacity disk quotas - Disk quotas - can be used to limit the amount of disk space or the number of - files a user or members of a group may allocate on a per-file - system basis. This prevents one user or - group of users from consuming all of the available disk - space. - + Disk quotas can be used to limit the amount of disk space or + the number of files a user or members of a group may allocate on + a per-file system basis. This prevents one user or group of + users from consuming all of the available disk space. + This section describes how to configure disk quotas for the UFS file system. To configure quotas on the ZFS file system, refer to In this example, the 1 indicates quota - support. If the value is instead 0, - add the following line to a custom kernel configuration file - and rebuild the kernel using the instructions in 0, add + the following line to a custom kernel configuration file and + rebuild the kernel using the instructions in : options QUOTA - + Next, enable disk quotas in /etc/rc.conf: @@ -2458,41 +2456,40 @@ kern.features.ufs_quota: 1 disk quotas checking - Normally on bootup, the - quota integrity of each file system is checked by - &man.quotacheck.8;. This program insures that the data in the - quota database properly reflects the data on the file system. - This is a time consuming process that will significantly - affect the time the system takes to boot. To skip this step, - add this variable to /etc/rc.conf: + Normally on bootup, the quota integrity of each file + system is checked by &man.quotacheck.8;. This program insures + that the data in the quota database properly reflects the data + on the file system. This is a time consuming process that + will significantly affect the time the system takes to boot. + To skip this step, add this variable to + /etc/rc.conf: check_quotas="NO" Finally, edit /etc/fstab to enable - disk quotas on a per-file system basis. To enable per-user quotas on a file system, add - to the options field in the - /etc/fstab entry for the file system to - enable quotas on. For example: + disk quotas on a per-file system basis. To enable per-user + quotas on a file system, add to the + options field in the /etc/fstab entry for + the file system to enable quotas on. For example: /dev/da1s2g /home ufs rw,userquota 1 2 - To enable group quotas, use - instead. To enable both user and group - quotas, separate the options with a comma: + To enable group quotas, use + instead. To enable both user and group quotas, separate the + options with a comma: /dev/da1s2g /home ufs rw,userquota,groupquota 1 2 - By default, quota files are stored in the root - directory of the file system as - quota.user and + By default, quota files are stored in the root directory + of the file system as quota.user and quota.group. Refer to &man.fstab.5; for more information. Specifying an alternate location for the quota files is not recommended. Once the configuration is complete, reboot the system and - /etc/rc will - automatically run the appropriate commands to create the - initial quota files for all of the quotas enabled in + /etc/rc will automatically run the + appropriate commands to create the initial quota files for all + of the quotas enabled in /etc/fstab. In the normal course of operations, there should be no @@ -2545,11 +2542,11 @@ kern.features.ufs_quota: 1 are allowed. When the user drops back below the soft limit, the grace period is reset. - In the following example, the quota for the - test account is being edited. - When edquota is invoked, the editor specified by - EDITOR is opened in order to edit the quota - limits. The default editor is set to + In the following example, the quota for the test account is being edited. + When edquota is invoked, the editor + specified by EDITOR is opened in order to edit + the quota limits. The default editor is set to vi. &prompt.root; edquota -u test @@ -2559,13 +2556,14 @@ Quotas for user test: /usr/var: kbytes in use: 0, limits (soft = 50, hard = 75) inodes in use: 0, limits (soft = 50, hard = 60) - There are normally two lines for each file system that - has quotas enabled. One line represents the block limits and - the other represents the inode limits. Change the value to - modify the quota limit. For example, to raise the - block limit on /usr - to a soft limit of 500 and a hard limit of 600, - change the values in that line as follows: + There are normally two lines for each file system that has + quotas enabled. One line represents the block limits and the + other represents the inode limits. Change the value to modify + the quota limit. For example, to raise the block limit on + /usr to a soft limit of + 500 and a hard limit of + 600, change the values in that line as + follows: /usr: kbytes in use: 65, limits (soft = 500, hard = 600) @@ -2573,11 +2571,11 @@ Quotas for user test: editor. Sometimes it is desirable to set quota limits on a range - of users. This can be done by first assigning the desired quota limit to a - user. Then, use to duplicate that quota - to a specified range of user IDs (UIDs). - The following command will duplicate - those quota limits for UIDs + of users. This can be done by first assigning the desired + quota limit to a user. Then, use to + duplicate that quota to a specified range of user IDs + (UIDs). The following command will + duplicate those quota limits for UIDs 10,000 through 19,999: @@ -2594,21 +2592,20 @@ Quotas for user test: checking - To check individual user - or group quotas and disk usage, use &man.quota.1;. A user - may only examine their own quota and the quota of a group they - are a member of. Only the superuser may view all user and - group quotas. To get a summary of all quotas and disk usage - for file systems with quotas enabled, use - &man.repquota.8;. + To check individual user or group quotas and disk usage, + use &man.quota.1;. A user may only examine their own quota + and the quota of a group they are a member of. Only the + superuser may view all user and group quotas. To get a + summary of all quotas and disk usage for file systems with + quotas enabled, use &man.repquota.8;. Normally, file systems that the user is not using any disk - space on will not show in the output of quota, even if - the user has a quota limit assigned for that file system. Use - to display those file systems. The - following is sample output from - quota -v for a user that has quota limits - on two file systems. + space on will not show in the output of + quota, even if the user has a quota limit + assigned for that file system. Use to + display those file systems. The following is sample output + from quota -v for a user that has quota + limits on two file systems. Disk quotas for user test (uid 1002): Filesystem usage quota limit grace files quota limit grace @@ -2629,11 +2626,11 @@ Quotas for user test: NFS - Quotas are enforced by the quota subsystem on the NFS - server. The &man.rpc.rquotad.8; daemon makes quota - information available to quota on NFS clients, - allowing users on those machines to see their quota - statistics. + Quotas are enforced by the quota subsystem on the + NFS server. The &man.rpc.rquotad.8; daemon + makes quota information available to quota + on NFS clients, allowing users on those + machines to see their quota statistics. On the NFS server, enable rpc.rquotad by removing the @@ -3203,30 +3200,28 @@ geli_da2_flags="-p -k /root/da2.key"Like the encryption of disk partitions, encryption of swap space is used to protect sensitive information. Consider an application that deals with passwords. As long as these - passwords stay in physical memory, they are not - written to disk and will be cleared after a reboot. However, if &os; starts - swapping out memory pages to free space, - the passwords may be written to the disk unencrypted. - Encrypting swap space can be a solution for this - scenario. - - This section demonstrates how to configure an encrypted - swap partition using &man.gbde.8; or &man.geli.8; encryption. - It assumes a UFS file system where - /dev/ad0s1b is the swap - partition. + passwords stay in physical memory, they are not written to disk + and will be cleared after a reboot. However, if &os; starts + swapping out memory pages to free space, the passwords may be + written to the disk unencrypted. Encrypting swap space can be a + solution for this scenario. + + This section demonstrates how to configure an encrypted + swap partition using &man.gbde.8; or &man.geli.8; encryption. + It assumes a UFS file system where + /dev/ad0s1b is the swap partition. Configuring Encrypted Swap - Swap partitions are not encrypted by default and should - be cleared of any sensitive data before continuing. To - overwrite the current swap partition with random garbage, - execute the following command: + Swap partitions are not encrypted by default and should be + cleared of any sensitive data before continuing. To overwrite + the current swap partition with random garbage, execute the + following command: - &prompt.root; dd if=/dev/random of=/dev/ad0s1b bs=1m + &prompt.root; dd if=/dev/random of=/dev/ad0s1b bs=1m - To encrypt the swap partition using &man.gbde.8;, add the + To encrypt the swap partition using &man.gbde.8;, add the .bde suffix to the swap line in /etc/fstab: @@ -3240,19 +3235,18 @@ geli_da2_flags="-p -k /root/da2.key"# Device Mountpoint FStype Options Dump Pass# /dev/ad0s1b.eli none swap sw 0 0 - By default, &man.geli.8; uses the AES algorithm - with a key length of 128 bit. These defaults can - be altered by using geli_swap_flags in - /etc/rc.conf. The following flags configure - encryption using the Blowfish algorithm with - a key length of 128 bits and a sectorsize of 4 kilobytes, and - sets detach on last close: + By default, &man.geli.8; uses the AES + algorithm with a key length of 128 bit. These defaults can be + altered by using geli_swap_flags in + /etc/rc.conf. The following flags + configure encryption using the Blowfish algorithm with a key + length of 128 bits and a sectorsize of 4 kilobytes, and sets + detach on last close: geli_swap_flags="-e blowfish -l 128 -s 4096 -d" - Refer to the description of - onetime in &man.geli.8; for a list of - possible options. + Refer to the description of onetime in + &man.geli.8; for a list of possible options.