Date: Mon, 21 Oct 2013 22:51:19 +0000 (UTC) From: Dru Lavigne <dru@FreeBSD.org> To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r43018 - head/en_US.ISO8859-1/books/handbook/network-servers Message-ID: <201310212251.r9LMpJ5I013239@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: dru Date: Mon Oct 21 22:51:19 2013 New Revision: 43018 URL: http://svnweb.freebsd.org/changeset/doc/43018 Log: White space fix only. Translators can ignore. Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Mon Oct 21 22:20:54 2013 (r43017) +++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Mon Oct 21 22:51:19 2013 (r43018) @@ -3006,134 +3006,136 @@ dhcpd_ifaces="dc0"</programlisting> --> <title>Domain Name System (<acronym>DNS</acronym>)</title> - <indexterm><primary>BIND</primary></indexterm> + <indexterm><primary>BIND</primary></indexterm> - <para>Domain Name System (<acronym>DNS</acronym>) is the protocol through which domain names are - mapped to <acronym>IP</acronym> addresses, and vice versa. By default, &os; installs the Berkeley - Internet Name Domain (<acronym>BIND</acronym>), which is the most common implementation - of the <acronym>DNS</acronym> protocol. The &os; version provides enhanced security features, a new file - system layout, and automated &man.chroot.8; - configuration. BIND is maintained by the - <ulink url="https://www.isc.org/">isc.org</ulink>. - It is not necessary to run a name - server to perform <acronym>DNS</acronym> lookups on a - system.</para> - - <indexterm><primary>DNS</primary></indexterm> - <para><acronym>DNS</acronym> is coordinated across the Internet - through a somewhat complex system of authoritative root, Top - Level Domain (<acronym>TLD</acronym>), and other smaller-scale - name servers, which host and cache individual domain - information. Table 28.4 describes some of the terms associated with <acronym>DNS</acronym>:</para> - - <indexterm><primary>resolver</primary></indexterm> - <indexterm><primary>reverse - <acronym>DNS</acronym></primary></indexterm> - <indexterm><primary>root zone</primary></indexterm> + <para>Domain Name System (<acronym>DNS</acronym>) is the protocol + through which domain names are mapped to <acronym>IP</acronym> + addresses, and vice versa. By default, &os; installs the + Berkeley Internet Name Domain (<acronym>BIND</acronym>), which + is the most common implementation of the <acronym>DNS</acronym> + protocol. The &os; version provides enhanced security features, + a new file system layout, and automated &man.chroot.8; + configuration. BIND is maintained by the <ulink + url="https://www.isc.org/">isc.org</ulink>. It is not + necessary to run a name server to perform <acronym>DNS</acronym> + lookups on a system.</para> + + <indexterm><primary>DNS</primary></indexterm> + <para><acronym>DNS</acronym> is coordinated across the Internet + through a somewhat complex system of authoritative root, Top + Level Domain (<acronym>TLD</acronym>), and other smaller-scale + name servers, which host and cache individual domain + information. Table 28.4 describes some of the terms associated + with <acronym>DNS</acronym>:</para> + + <indexterm><primary>resolver</primary></indexterm> + <indexterm><primary>reverse + <acronym>DNS</acronym></primary></indexterm> + <indexterm><primary>root zone</primary></indexterm> + + <table frame="none" pgwide="1"> + <title><acronym>DNS</acronym> Terminology</title> + + <tgroup cols="2"> + <colspec colwidth="1*"/> + <colspec colwidth="3*"/> + + <thead> + <row> + <entry>Term</entry> + <entry>Definition</entry> + </row> + </thead> + + <tbody> + <row> + <entry>Forward <acronym>DNS</acronym></entry> + <entry>Mapping of hostnames to <acronym>IP</acronym> + addresses.</entry> + </row> + + <row> + <entry>Origin</entry> + <entry>Refers to the domain covered in a particular zone + file.</entry> + </row> + + <row> + <entry><application>named</application>, BIND</entry> + <entry>Common names for the BIND name server package + within &os;.</entry> + </row> + + <row> + <entry>Resolver</entry> + <entry>A system process through which a machine queries + a name server for zone information.</entry> + </row> + + <row> + <entry>Reverse <acronym>DNS</acronym></entry> + <entry>Mapping of <acronym>IP</acronym> addresses to + hostnames.</entry> + </row> + + <row> + <entry>Root zone</entry> + + <entry>The beginning of the Internet zone hierarchy. All + zones fall under the root zone, similar to how all files + in a file system fall under the root directory.</entry> + </row> + + <row> + <entry>Zone</entry> + <entry>An individual domain, subdomain, or portion of the + <acronym>DNS</acronym> administered by the same + authority.</entry> + </row> + </tbody> + </tgroup> + </table> - <table frame="none" pgwide="1"> - <title><acronym>DNS</acronym> Terminology</title> - <tgroup cols="2"> - <colspec colwidth="1*"/> - <colspec colwidth="3*"/> - - <thead> - <row> - <entry>Term</entry> - <entry>Definition</entry> - </row> - </thead> - - <tbody> - <row> - <entry>Forward <acronym>DNS</acronym></entry> - <entry>Mapping of hostnames to <acronym>IP</acronym> - addresses.</entry> - </row> - - <row> - <entry>Origin</entry> - <entry>Refers to the domain covered in a particular zone - file.</entry> - </row> - - <row> - <entry><application>named</application>, BIND</entry> - <entry>Common names for the BIND name server package - within &os;.</entry> - </row> - - <row> - <entry>Resolver</entry> - <entry>A system process through which a machine queries - a name server for zone information.</entry> - </row> - - <row> - <entry>Reverse <acronym>DNS</acronym></entry> - <entry>Mapping of <acronym>IP</acronym> addresses to - hostnames.</entry> - </row> - - <row> - <entry>Root zone</entry> - - <entry>The beginning of the Internet zone hierarchy. - All zones fall under the root zone, similar to how - all files in a file system fall under the root - directory.</entry> - </row> - - <row> - <entry>Zone</entry> - <entry>An individual domain, subdomain, or portion of - the <acronym>DNS</acronym> administered by the same - authority.</entry> - </row> - </tbody> - </tgroup> - </table> - - <indexterm> - <primary>zones</primary> - <secondary>examples</secondary> - </indexterm> - - <para>Examples of zones:</para> - - <itemizedlist> - <listitem> - <para><hostid>.</hostid> is how the root zone is usually - referred to in documentation.</para> - </listitem> - - <listitem> - <para><hostid>org.</hostid> is a Top Level Domain - (<acronym>TLD</acronym>) under the root zone.</para> - </listitem> + <indexterm> + <primary>zones</primary> + <secondary>examples</secondary> + </indexterm> - <listitem> - <para><hostid role="domainname">example.org.</hostid> is a - zone under the <hostid>org.</hostid> - <acronym>TLD</acronym>.</para> - </listitem> + <para>Examples of zones:</para> - <listitem> - <para><hostid>1.168.192.in-addr.arpa</hostid> is a zone - referencing all <acronym>IP</acronym> addresses which fall - under the <hostid role="ipaddr">192.168.1.*</hostid> - <acronym>IP</acronym> address space.</para> - </listitem> - </itemizedlist> - - <para>As one can see, the more specific part of a hostname - appears to its left. For example, - <hostid role="domainname">example.org.</hostid> is more - specific than <hostid>org.</hostid>, as <hostid>org.</hostid> - is more specific than the root zone. The layout of each part - of a hostname is much like a file system: the - <filename class="directory">/dev</filename> directory falls - within the root, and so on.</para> + <itemizedlist> + <listitem> + <para><hostid>.</hostid> is how the root zone is usually + referred to in documentation.</para> + </listitem> + + <listitem> + <para><hostid>org.</hostid> is a Top Level Domain + (<acronym>TLD</acronym>) under the root zone.</para> + </listitem> + + <listitem> + <para><hostid role="domainname">example.org.</hostid> is a + zone under the <hostid>org.</hostid> + <acronym>TLD</acronym>.</para> + </listitem> + + <listitem> + <para><hostid>1.168.192.in-addr.arpa</hostid> is a zone + referencing all <acronym>IP</acronym> addresses which fall + under the <hostid role="ipaddr">192.168.1.*</hostid> + <acronym>IP</acronym> address space.</para> + </listitem> + </itemizedlist> + + <para>As one can see, the more specific part of a hostname + appears to its left. For example, <hostid + role="domainname">example.org.</hostid> is more specific than + <hostid>org.</hostid>, as <hostid>org.</hostid> is more specific + than the root zone. The layout of each part of a hostname is + much like a file system: the <filename + class="directory">/dev</filename> directory falls within the + root, and so on.</para> <sect2> <title>Reasons to Run a Name Server</title> @@ -4405,18 +4407,19 @@ $include Kexample.com.+005+nnnnn.ZSK.key <secondary>setting up</secondary></indexterm> <indexterm><primary>Apache</primary></indexterm> - <para>The open source - <application>Apache HTTP Server</application> is the most widely - used web server. &os; does not install this web server by default, - but it can be installed from the - <filename role="package">www/apache24</filename> package or port.</para> - - <para>This section summarizes how to configure and start version 2.<replaceable>x</replaceable> of the - <application>Apache HTTP Server</application>, the - most widely used version, on &os;. For more detailed - information about - <application>Apache</application> 2.X and its configuration directives, refer to - <ulink url="http://httpd.apache.org/">httpd.apache.org</ulink>.</para>; + <para>The open source <application>Apache HTTP Server + </application> is the most widely used web server. &os; does + not install this web server by default, but it can be installed + from the <filename + role="package">www/apache24</filename> package or port.</para> + + <para>This section summarizes how to configure and start version + 2.<replaceable>x</replaceable> of the <application>Apache HTTP + Server</application>, the most widely used version, on &os;. + For more detailed information about + <application>Apache</application> 2.X and its configuration + directives, refer to <ulink + url="http://httpd.apache.org/">httpd.apache.org</ulink>.</para>; <sect2> <title>Configuring and Starting Apache</title> @@ -4424,20 +4427,20 @@ $include Kexample.com.+005+nnnnn.ZSK.key <indexterm><primary>Apache</primary> <secondary>configuration file</secondary></indexterm> - <para>In &os;, the main <application>Apache HTTP Server</application> - configuration file is installed as + <para>In &os;, the main <application>Apache HTTP + Server</application> configuration file is installed as <filename>/usr/local/etc/apache2<replaceable>x</replaceable>/httpd.conf</filename>. - This ASCII text file begins - comment lines with the <literal>#</literal>. The - most frequently modified directives are:</para> + This ASCII text file begins comment lines with the + <literal>#</literal>. The most frequently modified directives + are:</para> <variablelist> <varlistentry> <term><literal>ServerRoot "/usr/local"</literal></term> <listitem> - <para>Specifies the default directory hierarchy for - the <application>Apache</application> installation. + <para>Specifies the default directory hierarchy for the + <application>Apache</application> installation. Binaries are stored in the <filename class="directory">bin</filename> and <filename class="directory">sbin</filename> @@ -4451,7 +4454,8 @@ $include Kexample.com.+005+nnnnn.ZSK.key <term><literal>ServerAdmin you@your.address</literal></term> <listitem> - <para>The email address to receive problems with the server. This address also appears on some + <para>The email address to receive problems with the + server. This address also appears on some server-generated pages, such as error documents.</para> </listitem> </varlistentry> @@ -4463,8 +4467,8 @@ $include Kexample.com.+005+nnnnn.ZSK.key <para>Allows an administrator to set a host name which is sent back to clients for the server. For example, - <hostid>www</hostid> can be used instead of the actual host - name.</para> + <hostid>www</hostid> can be used instead of the actual + host name.</para> </listitem> </varlistentry> @@ -4487,8 +4491,8 @@ $include Kexample.com.+005+nnnnn.ZSK.key making changes. When the configuration of <application>Apache</application>, is complete, save the file and verify the configuration using apachectl(8). - Running <command>apachectl configtest</command> - should return <literal>Syntax OK</literal>.</para> + Running <command>apachectl configtest</command> should return + <literal>Syntax OK</literal>.</para> <indexterm><primary>Apache</primary> <secondary>starting or stopping</secondary></indexterm> @@ -4507,16 +4511,17 @@ $include Kexample.com.+005+nnnnn.ZSK.key <para>If <application>Apache</application> should be started with non-default options, the following line may be added to - <filename>/etc/rc.conf</filename> to specify the needed flags:</para> + <filename>/etc/rc.conf</filename> to specify the needed + flags:</para> <programlisting>apache24_flags=""</programlisting> <para>The <application>Apache</application> configuration can be - tested for errors after making subsequent - configuration changes while <command>httpd</command> is - running. This can be done by the &man.rc.8; script directly, - or by the &man.service.8; utility by issuing one of the - following commands:</para> + tested for errors after making subsequent configuration + changes while <command>httpd</command> is running. This can + be done by the &man.rc.8; script directly, or by the + &man.service.8; utility by issuing one of the following + commands:</para> <screen>&prompt.root; <userinput>service apache24 configtest</userinput></screen> @@ -4873,66 +4878,72 @@ DocumentRoot /www/someotherdomain.tld --> <title>File Transfer Protocol (<acronym>FTP</acronym>)</title> - <indexterm><primary><acronym>FTP</acronym> servers</primary></indexterm> + <indexterm><primary><acronym>FTP</acronym> + servers</primary></indexterm> - <para>The File Transfer Protocol (<acronym>FTP</acronym>) provides users with a - simple way to transfer files to and from an - <acronym>FTP</acronym> server. - &os; includes <acronym>FTP</acronym> server - software, <application>ftpd</application>, in the base system.</para> - - <para>&os; provides several configuration files for controlling access - to the <acronym>FTP</acronym> server. This section summarizes - these files. Refer to &man.ftpd.8; for more details about the - built-in <acronym>FTP</acronym> server.</para> + <para>The File Transfer Protocol (<acronym>FTP</acronym>) provides + users with a simple way to transfer files to and from an + <acronym>FTP</acronym> server. &os; includes + <acronym>FTP</acronym> server software, + <application>ftpd</application>, in the base system.</para> + + <para>&os; provides several configuration files for controlling + access to the <acronym>FTP</acronym> server. This section + summarizes these files. Refer to &man.ftpd.8; for more details + about the built-in <acronym>FTP</acronym> server.</para> - <sect2> - <title>Configuration</title> + <sect2> + <title>Configuration</title> <para>The most important configuration step is deciding which - accounts will be allowed access to the <acronym>FTP</acronym> server. A - &os; system has a number of system accounts which - should not be allowed <acronym>FTP</acronym> access. - The list of users disallowed any <acronym>FTP</acronym> access - can be found in <filename>/etc/ftpusers</filename>. - By - default, it includes system accounts. Additional - users that should not be + accounts will be allowed access to the <acronym>FTP</acronym> + server. A &os; system has a number of system accounts which + should not be allowed <acronym>FTP</acronym> access. The list + of users disallowed any <acronym>FTP</acronym> access can be + found in <filename>/etc/ftpusers</filename>. By default, it + includes system accounts. Additional users that should not be allowed access to <acronym>FTP</acronym> can be added.</para> <para>In some cases it may be desirable to restrict the access of some users without preventing them completely from using <acronym>FTP</acronym>. This can be accomplished be creating - <filename>/etc/ftpchroot</filename> as described in &man.ftpchroot.5;. This file lists - users and groups subject to <acronym>FTP</acronym> access restrictions.</para> + <filename>/etc/ftpchroot</filename> as described in + &man.ftpchroot.5;. This file lists users and groups subject + to <acronym>FTP</acronym> access restrictions.</para> <indexterm> <primary><acronym>FTP</acronym></primary> <secondary>anonymous</secondary> </indexterm> - <para>To enable anonymous <acronym>FTP</acronym> access to the server, create a - user named <username>ftp</username> on the &os; system. Users - will then be able to log on to the <acronym>FTP</acronym> server with a username - of <username>ftp</username> or <username>anonymous</username>. When prompted for the password, - any input will be accepted, but by convention, an email address - should be used as the password. The <acronym>FTP</acronym> server will - call &man.chroot.2; when an anonymous user logs in, to - restrict access to only the home directory of the + <para>To enable anonymous <acronym>FTP</acronym> access to the + server, create a user named <username>ftp</username> on the + &os; system. Users will then be able to log on to the + <acronym>FTP</acronym> server with a username of + <username>ftp</username> or <username>anonymous</username>. + When prompted for the password, any input will be accepted, + but by convention, an email address should be used as the + password. The <acronym>FTP</acronym> server will call + &man.chroot.2; when an anonymous user logs in, to restrict + access to only the home directory of the <username>ftp</username> user.</para> - <para>There are two text files that can be created to specify welcome messages to - be displayed to <acronym>FTP</acronym> clients. The contents of + <para>There are two text files that can be created to specify + welcome messages to be displayed to <acronym>FTP</acronym> + clients. The contents of <filename>/etc/ftpwelcome</filename> will be displayed to users before they reach the login prompt. After a successful login, the contents of <filename>/etc/ftpmotd</filename> will be displayed. Note that the path to this file is relative to the login - environment, so the contents of <filename>~ftp/etc/ftpmotd</filename> - would be displayed for anonymous users.</para> - - <para>Once the <acronym>FTP</acronym> server has been configured, set the appropriate variable in - <filename>/etc/rc.conf</filename> to start the service during boot:</para> + environment, so the contents of + <filename>~ftp/etc/ftpmotd</filename> would be displayed for + anonymous users.</para> + + <para>Once the <acronym>FTP</acronym> server has been + configured, set the appropriate variable in + <filename>/etc/rc.conf</filename> to start the service during + boot:</para> <programlisting>ftpd_enable="YES"</programlisting> @@ -4940,7 +4951,8 @@ DocumentRoot /www/someotherdomain.tld <screen>&prompt.root; <userinput>service ftpd start</userinput></screen> - <para>Test the connection to the <acronym>FTP</acronym> server by typing:</para> + <para>Test the connection to the <acronym>FTP</acronym> server + by typing:</para> <screen>&prompt.user; <userinput>ftp localhost</userinput></screen> @@ -4950,9 +4962,10 @@ DocumentRoot /www/someotherdomain.tld <para>The <application>ftpd</application> daemon uses &man.syslog.3; to log messages. By default, the system log - daemon will write messages related to <acronym>FTP</acronym> in - <filename>/var/log/xferlog</filename>. The location of - the <acronym>FTP</acronym> log can be modified by changing the following line in + daemon will write messages related to <acronym>FTP</acronym> + in <filename>/var/log/xferlog</filename>. The location of + the <acronym>FTP</acronym> log can be modified by changing the + following line in <filename>/etc/syslog.conf</filename>:</para> <programlisting>ftp.info /var/log/xferlog</programlisting> @@ -4963,14 +4976,15 @@ DocumentRoot /www/someotherdomain.tld </indexterm> <note> - <para>Be aware of the potential problems involved with running - an anonymous <acronym>FTP</acronym> server. In particular, think twice about - allowing anonymous users to upload files. It may turn out - that the <acronym>FTP</acronym> site becomes a forum for the trade of unlicensed - commercial software or worse. If anonymous <acronym>FTP</acronym> uploads are - required, then verify the permissions so that these files can - not be read by other anonymous users until they have been - reviewed by an administrator.</para> + <para>Be aware of the potential problems involved with running + an anonymous <acronym>FTP</acronym> server. In particular, + think twice about allowing anonymous users to upload files. + It may turn out that the <acronym>FTP</acronym> site becomes + a forum for the trade of unlicensed commercial software or + worse. If anonymous <acronym>FTP</acronym> uploads are + required, then verify the permissions so that these files + can not be read by other anonymous users until they have + been reviewed by an administrator.</para> </note> </sect2> </sect1>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201310212251.r9LMpJ5I013239>